From 1a11244fff61e52cfcad623abaacaa91d428ac16 Mon Sep 17 00:00:00 2001
From: p2913020 <charles.scoggins@charter.com>
Date: Fri, 22 May 2026 00:19:30 -0400
Subject: [PATCH] Created IAC reverse generator

---
 .kiro/specs/iac-reverse-engineering/tasks.md  | 102 +--
 pyproject.toml                                |  42 +
 src/iac_reverse.egg-info/PKG-INFO             |  23 +
 src/iac_reverse.egg-info/SOURCES.txt          |  17 +
 src/iac_reverse.egg-info/dependency_links.txt |   1 +
 src/iac_reverse.egg-info/entry_points.txt     |   2 +
 src/iac_reverse.egg-info/requires.txt         |  13 +
 src/iac_reverse.egg-info/top_level.txt        |   1 +
 src/iac_reverse/__init__.py                   |  58 ++
 .../__pycache__/__init__.cpython-313.pyc      | Bin 0 -> 1147 bytes
 .../__pycache__/models.cpython-313.pyc        | Bin 0 -> 15440 bytes
 .../__pycache__/plugin_base.cpython-313.pyc   | Bin 0 -> 4111 bytes
 src/iac_reverse/auth/__init__.py              |  21 +
 .../auth/__pycache__/__init__.cpython-313.pyc | Bin 0 -> 565 bytes
 .../authentik_auth.cpython-313.pyc            | Bin 0 -> 7647 bytes
 .../authentik_discovery.cpython-313.pyc       | Bin 0 -> 13286 bytes
 src/iac_reverse/auth/authentik_auth.py        | 204 +++++
 src/iac_reverse/auth/authentik_discovery.py   | 384 ++++++++
 src/iac_reverse/cli/__init__.py               |   6 +
 .../cli/__pycache__/__init__.cpython-313.pyc  | Bin 0 -> 409 bytes
 .../cli/__pycache__/cli.cpython-313.pyc       | Bin 0 -> 21345 bytes
 .../profile_loader.cpython-313.pyc            | Bin 0 -> 7222 bytes
 src/iac_reverse/cli/cli.py                    | 444 ++++++++++
 src/iac_reverse/cli/profile_loader.py         | 184 ++++
 src/iac_reverse/generator/__init__.py         |  15 +
 .../__pycache__/__init__.cpython-313.pyc      | Bin 0 -> 664 bytes
 .../code_generator.cpython-313.pyc            | Bin 0 -> 10424 bytes
 .../provider_block.cpython-313.pyc            | Bin 0 -> 8667 bytes
 .../resource_merger.cpython-313.pyc           | Bin 0 -> 2767 bytes
 .../__pycache__/sanitize.cpython-313.pyc      | Bin 0 -> 1381 bytes
 .../variable_extractor.cpython-313.pyc        | Bin 0 -> 7826 bytes
 src/iac_reverse/generator/code_generator.py   | 304 +++++++
 src/iac_reverse/generator/provider_block.py   | 197 +++++
 src/iac_reverse/generator/resource_merger.py  |  59 ++
 src/iac_reverse/generator/sanitize.py         |  41 +
 .../generator/variable_extractor.py           | 203 +++++
 src/iac_reverse/incremental/__init__.py       |   7 +
 .../__pycache__/__init__.cpython-313.pyc      | Bin 0 -> 501 bytes
 .../change_detector.cpython-313.pyc           | Bin 0 -> 5755 bytes
 .../incremental_updater.cpython-313.pyc       | Bin 0 -> 14663 bytes
 .../snapshot_store.cpython-313.pyc            | Bin 0 -> 8210 bytes
 .../incremental/change_detector.py            | 144 +++
 .../incremental/incremental_updater.py        | 339 +++++++
 src/iac_reverse/incremental/snapshot_store.py | 177 ++++
 src/iac_reverse/models.py                     | 425 +++++++++
 src/iac_reverse/plugin_base.py                | 103 +++
 src/iac_reverse/resolver/__init__.py          |   5 +
 .../__pycache__/__init__.cpython-313.pyc      | Bin 0 -> 333 bytes
 .../__pycache__/resolver.cpython-313.pyc      | Bin 0 -> 14864 bytes
 src/iac_reverse/resolver/resolver.py          | 443 ++++++++++
 src/iac_reverse/scanner/__init__.py           |  45 +
 .../__pycache__/__init__.cpython-313.pyc      | Bin 0 -> 1237 bytes
 .../bare_metal_plugin.cpython-313.pyc         | Bin 0 -> 20264 bytes
 .../docker_swarm_plugin.cpython-313.pyc       | Bin 0 -> 15671 bytes
 .../harvester_plugin.cpython-313.pyc          | Bin 0 -> 15971 bytes
 .../kubernetes_plugin.cpython-313.pyc         | Bin 0 -> 17200 bytes
 .../multi_provider_scanner.cpython-313.pyc    | Bin 0 -> 6387 bytes
 .../__pycache__/scanner.cpython-313.pyc       | Bin 0 -> 11608 bytes
 .../synology_plugin.cpython-313.pyc           | Bin 0 -> 16121 bytes
 .../windows_plugin.cpython-313.pyc            | Bin 0 -> 30136 bytes
 src/iac_reverse/scanner/bare_metal_plugin.py  | 497 +++++++++++
 .../scanner/docker_swarm_plugin.py            | 433 +++++++++
 src/iac_reverse/scanner/harvester_plugin.py   | 458 ++++++++++
 src/iac_reverse/scanner/kubernetes_plugin.py  | 454 ++++++++++
 .../scanner/multi_provider_scanner.py         | 140 +++
 src/iac_reverse/scanner/scanner.py            | 287 ++++++
 src/iac_reverse/scanner/synology_plugin.py    | 482 ++++++++++
 src/iac_reverse/scanner/windows_plugin.py     | 825 ++++++++++++++++++
 src/iac_reverse/state_builder/__init__.py     |   5 +
 .../__pycache__/__init__.cpython-313.pyc      | Bin 0 -> 338 bytes
 .../__pycache__/state_builder.cpython-313.pyc | Bin 0 -> 11807 bytes
 .../state_builder/state_builder.py            | 332 +++++++
 src/iac_reverse/validator/__init__.py         |   5 +
 .../__pycache__/__init__.cpython-313.pyc      | Bin 0 -> 314 bytes
 .../__pycache__/validator.cpython-313.pyc     | Bin 0 -> 21436 bytes
 src/iac_reverse/validator/validator.py        | 653 ++++++++++++++
 tests/__init__.py                             |   1 +
 tests/__pycache__/__init__.cpython-313.pyc    | Bin 0 -> 191 bytes
 tests/integration/__init__.py                 |   1 +
 tests/property/__init__.py                    |   1 +
 .../__pycache__/__init__.cpython-313.pyc      | Bin 0 -> 210 bytes
 ...enerator_prop.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 53842 bytes
 ...resolver_prop.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 48993 bytes
 ...t_report_prop.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 23116 bytes
 ...tal_scan_prop.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 57091 bytes
 ...provider_prop.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 49514 bytes
 ...leteness_prop.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 47299 bytes
 ...lidation_prop.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 25626 bytes
 ...behavior_prop.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 39933 bytes
 ..._builder_prop.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 44175 bytes
 tests/property/test_code_generator_prop.py    | 719 +++++++++++++++
 .../property/test_dependency_resolver_prop.py | 565 ++++++++++++
 tests/property/test_drift_report_prop.py      | 308 +++++++
 tests/property/test_incremental_scan_prop.py  | 790 +++++++++++++++++
 tests/property/test_multi_provider_prop.py    | 803 +++++++++++++++++
 ...st_resource_inventory_completeness_prop.py | 222 +++++
 .../test_scan_profile_validation_prop.py      | 257 ++++++
 tests/property/test_scanner_behavior_prop.py  | 608 +++++++++++++
 tests/property/test_state_builder_prop.py     | 567 ++++++++++++
 tests/unit/__init__.py                        |   1 +
 .../unit/__pycache__/__init__.cpython-313.pyc | Bin 0 -> 196 bytes
 ...est_authentik.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 59251 bytes
 ..._metal_plugin.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 71315 bytes
 ...ange_detector.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 53673 bytes
 .../test_cli.cpython-313-pytest-9.0.3.pyc     | Bin 0 -> 55364 bytes
 ...ode_generator.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 46502 bytes
 ..._swarm_plugin.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 55588 bytes
 ...vester_plugin.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 58757 bytes
 ...ental_updater.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 33370 bytes
 ...rnetes_plugin.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 60857 bytes
 .../test_models.cpython-313-pytest-9.0.3.pyc  | Bin 0 -> 74314 bytes
 ...vider_scanner.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 50912 bytes
 ...t_plugin_base.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 9713 bytes
 ...rofile_loader.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 34975 bytes
 ...rovider_block.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 52036 bytes
 ...test_resolver.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 43027 bytes
 ...solver_cycles.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 41685 bytes
 ...er_unresolved.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 43205 bytes
 ...source_merger.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 33045 bytes
 ...test_sanitize.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 19602 bytes
 ...le_validation.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 26274 bytes
 .../test_scanner.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 49108 bytes
 ...ner_filtering.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 25818 bytes
 ...napshot_store.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 37491 bytes
 ...state_builder.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 50350 bytes
 ...lder_unmapped.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 40245 bytes
 ...nology_plugin.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 68821 bytes
 ...est_validator.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 67801 bytes
 ...r_autocorrect.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 44424 bytes
 ...ble_extractor.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 34992 bytes
 ...indows_plugin.cpython-313-pytest-9.0.3.pyc | Bin 0 -> 58697 bytes
 tests/unit/test_authentik.py                  | 495 +++++++++++
 tests/unit/test_bare_metal_plugin.py          | 664 ++++++++++++++
 tests/unit/test_change_detector.py            | 335 +++++++
 tests/unit/test_cli.py                        | 437 ++++++++++
 tests/unit/test_code_generator.py             | 639 ++++++++++++++
 tests/unit/test_docker_swarm_plugin.py        | 444 ++++++++++
 tests/unit/test_harvester_plugin.py           | 569 ++++++++++++
 tests/unit/test_incremental_updater.py        | 513 +++++++++++
 tests/unit/test_kubernetes_plugin.py          | 508 +++++++++++
 tests/unit/test_models.py                     | 403 +++++++++
 tests/unit/test_multi_provider_scanner.py     | 505 +++++++++++
 tests/unit/test_plugin_base.py                |  74 ++
 tests/unit/test_profile_loader.py             | 324 +++++++
 tests/unit/test_provider_block.py             | 414 +++++++++
 tests/unit/test_resolver.py                   | 481 ++++++++++
 tests/unit/test_resolver_cycles.py            | 537 ++++++++++++
 tests/unit/test_resolver_unresolved.py        | 445 ++++++++++
 tests/unit/test_resource_merger.py            | 343 ++++++++
 tests/unit/test_sanitize.py                   | 115 +++
 tests/unit/test_scan_profile_validation.py    | 193 ++++
 tests/unit/test_scanner.py                    | 480 ++++++++++
 tests/unit/test_scanner_filtering.py          | 234 +++++
 tests/unit/test_snapshot_store.py             | 245 ++++++
 tests/unit/test_state_builder.py              | 681 +++++++++++++++
 tests/unit/test_state_builder_unmapped.py     | 468 ++++++++++
 tests/unit/test_synology_plugin.py            | 499 +++++++++++
 tests/unit/test_validator.py                  | 689 +++++++++++++++
 tests/unit/test_validator_autocorrect.py      | 766 ++++++++++++++++
 tests/unit/test_variable_extractor.py         | 405 +++++++++
 tests/unit/test_windows_plugin.py             | 529 +++++++++++
 161 files changed, 26806 insertions(+), 51 deletions(-)
 create mode 100644 pyproject.toml
 create mode 100644 src/iac_reverse.egg-info/PKG-INFO
 create mode 100644 src/iac_reverse.egg-info/SOURCES.txt
 create mode 100644 src/iac_reverse.egg-info/dependency_links.txt
 create mode 100644 src/iac_reverse.egg-info/entry_points.txt
 create mode 100644 src/iac_reverse.egg-info/requires.txt
 create mode 100644 src/iac_reverse.egg-info/top_level.txt
 create mode 100644 src/iac_reverse/__init__.py
 create mode 100644 src/iac_reverse/__pycache__/__init__.cpython-313.pyc
 create mode 100644 src/iac_reverse/__pycache__/models.cpython-313.pyc
 create mode 100644 src/iac_reverse/__pycache__/plugin_base.cpython-313.pyc
 create mode 100644 src/iac_reverse/auth/__init__.py
 create mode 100644 src/iac_reverse/auth/__pycache__/__init__.cpython-313.pyc
 create mode 100644 src/iac_reverse/auth/__pycache__/authentik_auth.cpython-313.pyc
 create mode 100644 src/iac_reverse/auth/__pycache__/authentik_discovery.cpython-313.pyc
 create mode 100644 src/iac_reverse/auth/authentik_auth.py
 create mode 100644 src/iac_reverse/auth/authentik_discovery.py
 create mode 100644 src/iac_reverse/cli/__init__.py
 create mode 100644 src/iac_reverse/cli/__pycache__/__init__.cpython-313.pyc
 create mode 100644 src/iac_reverse/cli/__pycache__/cli.cpython-313.pyc
 create mode 100644 src/iac_reverse/cli/__pycache__/profile_loader.cpython-313.pyc
 create mode 100644 src/iac_reverse/cli/cli.py
 create mode 100644 src/iac_reverse/cli/profile_loader.py
 create mode 100644 src/iac_reverse/generator/__init__.py
 create mode 100644 src/iac_reverse/generator/__pycache__/__init__.cpython-313.pyc
 create mode 100644 src/iac_reverse/generator/__pycache__/code_generator.cpython-313.pyc
 create mode 100644 src/iac_reverse/generator/__pycache__/provider_block.cpython-313.pyc
 create mode 100644 src/iac_reverse/generator/__pycache__/resource_merger.cpython-313.pyc
 create mode 100644 src/iac_reverse/generator/__pycache__/sanitize.cpython-313.pyc
 create mode 100644 src/iac_reverse/generator/__pycache__/variable_extractor.cpython-313.pyc
 create mode 100644 src/iac_reverse/generator/code_generator.py
 create mode 100644 src/iac_reverse/generator/provider_block.py
 create mode 100644 src/iac_reverse/generator/resource_merger.py
 create mode 100644 src/iac_reverse/generator/sanitize.py
 create mode 100644 src/iac_reverse/generator/variable_extractor.py
 create mode 100644 src/iac_reverse/incremental/__init__.py
 create mode 100644 src/iac_reverse/incremental/__pycache__/__init__.cpython-313.pyc
 create mode 100644 src/iac_reverse/incremental/__pycache__/change_detector.cpython-313.pyc
 create mode 100644 src/iac_reverse/incremental/__pycache__/incremental_updater.cpython-313.pyc
 create mode 100644 src/iac_reverse/incremental/__pycache__/snapshot_store.cpython-313.pyc
 create mode 100644 src/iac_reverse/incremental/change_detector.py
 create mode 100644 src/iac_reverse/incremental/incremental_updater.py
 create mode 100644 src/iac_reverse/incremental/snapshot_store.py
 create mode 100644 src/iac_reverse/models.py
 create mode 100644 src/iac_reverse/plugin_base.py
 create mode 100644 src/iac_reverse/resolver/__init__.py
 create mode 100644 src/iac_reverse/resolver/__pycache__/__init__.cpython-313.pyc
 create mode 100644 src/iac_reverse/resolver/__pycache__/resolver.cpython-313.pyc
 create mode 100644 src/iac_reverse/resolver/resolver.py
 create mode 100644 src/iac_reverse/scanner/__init__.py
 create mode 100644 src/iac_reverse/scanner/__pycache__/__init__.cpython-313.pyc
 create mode 100644 src/iac_reverse/scanner/__pycache__/bare_metal_plugin.cpython-313.pyc
 create mode 100644 src/iac_reverse/scanner/__pycache__/docker_swarm_plugin.cpython-313.pyc
 create mode 100644 src/iac_reverse/scanner/__pycache__/harvester_plugin.cpython-313.pyc
 create mode 100644 src/iac_reverse/scanner/__pycache__/kubernetes_plugin.cpython-313.pyc
 create mode 100644 src/iac_reverse/scanner/__pycache__/multi_provider_scanner.cpython-313.pyc
 create mode 100644 src/iac_reverse/scanner/__pycache__/scanner.cpython-313.pyc
 create mode 100644 src/iac_reverse/scanner/__pycache__/synology_plugin.cpython-313.pyc
 create mode 100644 src/iac_reverse/scanner/__pycache__/windows_plugin.cpython-313.pyc
 create mode 100644 src/iac_reverse/scanner/bare_metal_plugin.py
 create mode 100644 src/iac_reverse/scanner/docker_swarm_plugin.py
 create mode 100644 src/iac_reverse/scanner/harvester_plugin.py
 create mode 100644 src/iac_reverse/scanner/kubernetes_plugin.py
 create mode 100644 src/iac_reverse/scanner/multi_provider_scanner.py
 create mode 100644 src/iac_reverse/scanner/scanner.py
 create mode 100644 src/iac_reverse/scanner/synology_plugin.py
 create mode 100644 src/iac_reverse/scanner/windows_plugin.py
 create mode 100644 src/iac_reverse/state_builder/__init__.py
 create mode 100644 src/iac_reverse/state_builder/__pycache__/__init__.cpython-313.pyc
 create mode 100644 src/iac_reverse/state_builder/__pycache__/state_builder.cpython-313.pyc
 create mode 100644 src/iac_reverse/state_builder/state_builder.py
 create mode 100644 src/iac_reverse/validator/__init__.py
 create mode 100644 src/iac_reverse/validator/__pycache__/__init__.cpython-313.pyc
 create mode 100644 src/iac_reverse/validator/__pycache__/validator.cpython-313.pyc
 create mode 100644 src/iac_reverse/validator/validator.py
 create mode 100644 tests/__init__.py
 create mode 100644 tests/__pycache__/__init__.cpython-313.pyc
 create mode 100644 tests/integration/__init__.py
 create mode 100644 tests/property/__init__.py
 create mode 100644 tests/property/__pycache__/__init__.cpython-313.pyc
 create mode 100644 tests/property/__pycache__/test_code_generator_prop.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/property/__pycache__/test_dependency_resolver_prop.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/property/__pycache__/test_drift_report_prop.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/property/__pycache__/test_incremental_scan_prop.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/property/__pycache__/test_multi_provider_prop.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/property/__pycache__/test_resource_inventory_completeness_prop.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/property/__pycache__/test_scan_profile_validation_prop.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/property/__pycache__/test_scanner_behavior_prop.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/property/__pycache__/test_state_builder_prop.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/property/test_code_generator_prop.py
 create mode 100644 tests/property/test_dependency_resolver_prop.py
 create mode 100644 tests/property/test_drift_report_prop.py
 create mode 100644 tests/property/test_incremental_scan_prop.py
 create mode 100644 tests/property/test_multi_provider_prop.py
 create mode 100644 tests/property/test_resource_inventory_completeness_prop.py
 create mode 100644 tests/property/test_scan_profile_validation_prop.py
 create mode 100644 tests/property/test_scanner_behavior_prop.py
 create mode 100644 tests/property/test_state_builder_prop.py
 create mode 100644 tests/unit/__init__.py
 create mode 100644 tests/unit/__pycache__/__init__.cpython-313.pyc
 create mode 100644 tests/unit/__pycache__/test_authentik.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_bare_metal_plugin.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_change_detector.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_cli.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_code_generator.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_docker_swarm_plugin.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_harvester_plugin.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_incremental_updater.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_kubernetes_plugin.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_models.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_multi_provider_scanner.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_plugin_base.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_profile_loader.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_provider_block.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_resolver.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_resolver_cycles.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_resolver_unresolved.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_resource_merger.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_sanitize.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_scan_profile_validation.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_scanner.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_scanner_filtering.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_snapshot_store.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_state_builder.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_state_builder_unmapped.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_synology_plugin.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_validator.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_validator_autocorrect.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_variable_extractor.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/__pycache__/test_windows_plugin.cpython-313-pytest-9.0.3.pyc
 create mode 100644 tests/unit/test_authentik.py
 create mode 100644 tests/unit/test_bare_metal_plugin.py
 create mode 100644 tests/unit/test_change_detector.py
 create mode 100644 tests/unit/test_cli.py
 create mode 100644 tests/unit/test_code_generator.py
 create mode 100644 tests/unit/test_docker_swarm_plugin.py
 create mode 100644 tests/unit/test_harvester_plugin.py
 create mode 100644 tests/unit/test_incremental_updater.py
 create mode 100644 tests/unit/test_kubernetes_plugin.py
 create mode 100644 tests/unit/test_models.py
 create mode 100644 tests/unit/test_multi_provider_scanner.py
 create mode 100644 tests/unit/test_plugin_base.py
 create mode 100644 tests/unit/test_profile_loader.py
 create mode 100644 tests/unit/test_provider_block.py
 create mode 100644 tests/unit/test_resolver.py
 create mode 100644 tests/unit/test_resolver_cycles.py
 create mode 100644 tests/unit/test_resolver_unresolved.py
 create mode 100644 tests/unit/test_resource_merger.py
 create mode 100644 tests/unit/test_sanitize.py
 create mode 100644 tests/unit/test_scan_profile_validation.py
 create mode 100644 tests/unit/test_scanner.py
 create mode 100644 tests/unit/test_scanner_filtering.py
 create mode 100644 tests/unit/test_snapshot_store.py
 create mode 100644 tests/unit/test_state_builder.py
 create mode 100644 tests/unit/test_state_builder_unmapped.py
 create mode 100644 tests/unit/test_synology_plugin.py
 create mode 100644 tests/unit/test_validator.py
 create mode 100644 tests/unit/test_validator_autocorrect.py
 create mode 100644 tests/unit/test_variable_extractor.py
 create mode 100644 tests/unit/test_windows_plugin.py

diff --git a/.kiro/specs/iac-reverse-engineering/tasks.md b/.kiro/specs/iac-reverse-engineering/tasks.md
index 5382e49..94f9dcc 100644
--- a/.kiro/specs/iac-reverse-engineering/tasks.md
+++ b/.kiro/specs/iac-reverse-engineering/tasks.md
@@ -6,15 +6,15 @@ Build a Python CLI tool that reverse-engineers existing on-premises infrastructu
 
 ## Tasks
 
-- [ ] 1. Set up project structure and core data models
-  - [ ] 1.1 Create project directory structure, pyproject.toml, and install dependencies
+- [x] 1. Set up project structure and core data models
+  - [x] 1.1 Create project directory structure, pyproject.toml, and install dependencies
     - Create `src/iac_reverse/` package with `__init__.py`
     - Create subdirectories: `scanner/`, `resolver/`, `generator/`, `state_builder/`, `validator/`, `incremental/`, `auth/`, `cli/`
     - Set up `pyproject.toml` with dependencies: kubernetes, docker, pywinrm, hypothesis, pytest, click, jinja2, networkx, pyyaml, python-synology
     - Create `tests/` directory with `unit/`, `property/`, `integration/` subdirectories
     - _Requirements: 1.1, 5.1, 5.2_
 
-  - [ ] 1.2 Define core enums, data classes, and interfaces
+  - [x] 1.2 Define core enums, data classes, and interfaces
     - Implement `ProviderType` enum (docker_swarm, kubernetes, synology, harvester, bare_metal, windows)
     - Implement `PlatformCategory` enum (container_orchestration, storage_appliance, hci, bare_metal, windows) and `PROVIDER_PLATFORM_MAP`
     - Implement `CpuArchitecture` enum (amd64, arm, aarch64)
@@ -27,19 +27,19 @@ Build a Python CLI tool that reverse-engineers existing on-premises infrastructu
     - Define `ProviderPlugin` abstract base class with all abstract methods
     - _Requirements: 1.1, 1.2, 2.1, 3.1, 4.1, 5.1, 5.2, 8.1_
 
-  - [ ] 1.3 Implement ScanProfile validation logic
+  - [x] 1.3 Implement ScanProfile validation logic
     - Validate mandatory fields: provider type and non-empty credentials
     - Validate optional fields: resource_type_filters max 200 entries, endpoints list
     - Validate resource types against provider's supported types
     - Return all validation errors in a single response
     - _Requirements: 6.1, 6.6, 6.7_
 
-  - [ ]* 1.4 Write property test for scan profile validation (Property 20)
+  - [x] 1.4 Write property test for scan profile validation (Property 20)
     - **Property 20: Scan profile validation completeness**
     - **Validates: Requirements 6.1, 6.6, 6.7**
 
-- [ ] 2. Implement Scanner core and provider plugin system
-  - [ ] 2.1 Implement Scanner orchestrator with progress reporting and error handling
+- [x] 2. Implement Scanner core and provider plugin system
+  - [x] 2.1 Implement Scanner orchestrator with progress reporting and error handling
     - Create `Scanner` class that accepts a `ScanProfile` and orchestrates discovery
     - Implement connection timeout (30 seconds) and authentication error handling with descriptive messages
     - Implement progress callback invocation per resource type completion
@@ -48,44 +48,44 @@ Build a Python CLI tool that reverse-engineers existing on-premises infrastructu
     - Implement warning logging for unsupported resource types while continuing scan
     - _Requirements: 1.1, 1.3, 1.4, 1.5, 1.6, 1.7_
 
-  - [ ]* 2.2 Write property tests for Scanner behavior (Properties 2, 3, 4, 5)
+  - [x] 2.2 Write property tests for Scanner behavior (Properties 2, 3, 4, 5)
     - **Property 2: Authentication error descriptiveness**
     - **Property 3: Graceful degradation on unsupported resource types**
     - **Property 4: Progress reporting frequency**
     - **Property 5: Partial inventory preservation on failure**
     - **Validates: Requirements 1.3, 1.4, 1.5, 1.7**
 
-  - [ ] 2.3 Implement Docker Swarm provider plugin
+  - [x] 2.3 Implement Docker Swarm provider plugin
     - Implement `DockerSwarmPlugin` using docker-sdk-python
     - Discover services, networks, volumes, configs, secrets (metadata only)
     - Detect architecture from node info
     - _Requirements: 1.1, 1.2, 5.2_
 
-  - [ ] 2.4 Implement Kubernetes provider plugin
+  - [x] 2.4 Implement Kubernetes provider plugin
     - Implement `KubernetesPlugin` using kubernetes-client
     - Discover deployments, services, ingresses, config maps, persistent volumes, namespaces
     - Detect architecture from node labels
     - _Requirements: 1.1, 1.2, 5.2_
 
-  - [ ] 2.5 Implement Synology provider plugin
+  - [x] 2.5 Implement Synology provider plugin
     - Implement `SynologyPlugin` using Synology DSM API
     - Discover shared folders, volumes, storage pools, replication tasks, users
     - Detect architecture from system info (ARM vs AMD64)
     - _Requirements: 1.1, 1.2, 5.2_
 
-  - [ ] 2.6 Implement Harvester provider plugin
+  - [x] 2.6 Implement Harvester provider plugin
     - Implement `HarvesterPlugin` using Harvester/K8s-based API
     - Discover VMs, volumes, images, networks (HCI combined resources)
     - Detect architecture from node info
     - _Requirements: 1.1, 1.2, 5.2_
 
-  - [ ] 2.7 Implement Bare Metal provider plugin
+  - [x] 2.7 Implement Bare Metal provider plugin
     - Implement `BareMetalPlugin` using IPMI/Redfish API
     - Discover hardware inventory, BMC configs, network interfaces, RAID configurations
     - Detect architecture from system hardware info
     - _Requirements: 1.1, 1.2, 5.2_
 
-  - [ ] 2.8 Implement Windows provider plugin
+  - [x] 2.8 Implement Windows provider plugin
     - Implement `WindowsDiscoveryPlugin` using pywinrm library
     - Authenticate via WinRM using NTLM or Kerberos (configurable transport, port, SSL)
     - Discover Windows services, scheduled tasks, IIS sites, IIS app pools, network adapters, firewall rules, installed software, Windows features, Hyper-V VMs, Hyper-V switches, DNS records, local users, local groups
@@ -94,21 +94,21 @@ Build a Python CLI tool that reverse-engineers existing on-premises infrastructu
     - Handle WinRM-specific errors: WinRM not enabled, WMI query failure, insufficient privileges
     - _Requirements: 1.1, 1.2, 5.2_
 
-  - [ ] 2.9 Implement Authentik integration (SSO + discovery plugin)
+  - [x] 2.9 Implement Authentik integration (SSO + discovery plugin)
     - Implement `AuthentikAuthProvider` for OAuth2/OIDC SSO flow (authenticate, refresh, validate)
     - Implement `AuthentikDiscoveryPlugin` conforming to `ProviderPlugin`
     - Discover flows, stages, providers, applications, outposts, property mappings, certificates, groups, sources
     - _Requirements: 1.1, 1.2, 5.2_
 
-  - [ ]* 2.10 Write property test for resource inventory completeness (Property 1)
+  - [x] 2.10 Write property test for resource inventory completeness (Property 1)
     - **Property 1: Resource inventory completeness**
     - **Validates: Requirements 1.2**
 
-- [ ] 3. Checkpoint - Ensure all tests pass
+- [x] 3. Checkpoint - Ensure all tests pass
   - Ensure all tests pass, ask the user if questions arise.
 
-- [ ] 4. Implement Dependency Resolver
-  - [ ] 4.1 Implement dependency resolution and graph building
+- [x] 4. Implement Dependency Resolver
+  - [x] 4.1 Implement dependency resolution and graph building
     - Create `DependencyResolver` class
     - Analyze resource `raw_references` to identify parent-child, reference, and dependency relationships
     - Build dependency graph using networkx
@@ -116,27 +116,27 @@ Build a Python CLI tool that reverse-engineers existing on-premises infrastructu
     - Represent relationships as explicit Terraform references (not hardcoded IDs)
     - _Requirements: 2.1, 2.2, 2.4_
 
-  - [ ] 4.2 Implement cycle detection and resolution suggestions
+  - [x] 4.2 Implement cycle detection and resolution suggestions
     - Detect circular dependencies in the graph
     - Report cycles listing all involved resources
     - Suggest resolution strategies (which relationship to break, data source lookup alternatives)
     - _Requirements: 2.3_
 
-  - [ ] 4.3 Implement unresolved reference handling
+  - [x] 4.3 Implement unresolved reference handling
     - Identify references to IDs not in the current inventory
     - Log warnings for unresolved references
     - Represent unresolved references as data source lookups or variables in output
     - _Requirements: 2.5_
 
-  - [ ]* 4.4 Write property tests for Dependency Resolver (Properties 6, 7, 8, 9)
+  - [x] 4.4 Write property tests for Dependency Resolver (Properties 6, 7, 8, 9)
     - **Property 6: Dependency relationship identification**
     - **Property 7: Cycle detection correctness**
     - **Property 8: Topological order validity**
     - **Property 9: Unresolved references become data sources or variables**
     - **Validates: Requirements 2.1, 2.3, 2.4, 2.5**
 
-- [ ] 5. Implement Code Generator
-  - [ ] 5.1 Implement HCL code generation with Jinja2 templates
+- [x] 5. Implement Code Generator
+  - [x] 5.1 Implement HCL code generation with Jinja2 templates
     - Create `CodeGenerator` class
     - Create Jinja2 templates for Terraform resource blocks per provider/resource type
     - Generate syntactically valid HCL files from dependency graph
@@ -146,31 +146,31 @@ Build a Python CLI tool that reverse-engineers existing on-premises infrastructu
     - Generate architecture-specific tags/labels on resources
     - _Requirements: 3.1, 3.2, 3.5, 3.6_
 
-  - [ ] 5.2 Implement identifier sanitization
+  - [x] 5.2 Implement identifier sanitization
     - Create `sanitize_identifier()` function
     - Convert resource names to valid Terraform identifiers: `^[a-zA-Z_][a-zA-Z0-9_]*$`
     - Handle special characters, unicode, leading digits, spaces by replacing with underscores
     - Ensure non-empty output for any input
     - _Requirements: 3.4_
 
-  - [ ] 5.3 Implement variable extraction logic
+  - [x] 5.3 Implement variable extraction logic
     - Identify attribute values appearing in 2+ resources
     - Extract shared values into `variables.tf` with defaults set to most common value
     - Generate variable declarations with type expressions and descriptions
     - _Requirements: 3.3_
 
-  - [ ] 5.4 Implement provider configuration block generation
+  - [x] 5.4 Implement provider configuration block generation
     - Generate separate provider blocks for each distinct provider used
     - Include platform-specific configuration (endpoints, certificate settings)
     - _Requirements: 5.4_
 
-  - [ ] 5.5 Implement multi-provider resource merging with conflict resolution
+  - [x] 5.5 Implement multi-provider resource merging with conflict resolution
     - Merge resources from multiple scan profiles into unified inventory
     - Resolve naming conflicts by prefixing with provider identifier
     - Preserve provider-specific attributes
     - _Requirements: 5.3_
 
-  - [ ]* 5.6 Write property tests for Code Generator (Properties 10, 11, 12, 13, 14, 15)
+  - [x] 5.6 Write property tests for Code Generator (Properties 10, 11, 12, 13, 14, 15)
     - **Property 10: References in generated output use Terraform syntax**
     - **Property 11: Generated HCL syntactic validity**
     - **Property 12: File organization by resource type**
@@ -179,8 +179,8 @@ Build a Python CLI tool that reverse-engineers existing on-premises infrastructu
     - **Property 15: Traceability comments in generated code**
     - **Validates: Requirements 2.2, 3.1, 3.2, 3.3, 3.4, 3.5, 3.6**
 
-- [ ] 6. Implement State Builder
-  - [ ] 6.1 Implement Terraform state file generation (format v4)
+- [x] 6. Implement State Builder
+  - [x] 6.1 Implement Terraform state file generation (format v4)
     - Create `StateBuilder` class
     - Generate state JSON with version=4, unique UUID lineage, serial number
     - Create state entries binding each resource block to its live infrastructure ID
@@ -190,22 +190,22 @@ Build a Python CLI tool that reverse-engineers existing on-premises infrastructu
     - Include dependency references in state entries
     - _Requirements: 4.1, 4.2, 4.4, 4.5_
 
-  - [ ] 6.2 Implement unmapped resource handling in state builder
+  - [x] 6.2 Implement unmapped resource handling in state builder
     - Log warnings for resources that cannot be mapped to state entries
     - Handle missing provider-assigned resource identifiers
     - Exclude unmapped resources from state file
     - _Requirements: 4.3, 4.6_
 
-  - [ ]* 6.3 Write property tests for State Builder (Properties 16, 17)
+  - [x] 6.3 Write property tests for State Builder (Properties 16, 17)
     - **Property 16: State file structural validity**
     - **Property 17: State entry completeness and schema correctness**
     - **Validates: Requirements 4.1, 4.2, 4.4, 4.5**
 
-- [ ] 7. Checkpoint - Ensure all tests pass
+- [x] 7. Checkpoint - Ensure all tests pass
   - Ensure all tests pass, ask the user if questions arise.
 
-- [ ] 8. Implement Validator
-  - [ ] 8.1 Implement Terraform validation runner
+- [x] 8. Implement Validator
+  - [x] 8.1 Implement Terraform validation runner
     - Create `Validator` class
     - Run `terraform init` and `terraform validate` against generated output
     - Run `terraform plan` and check for zero planned changes
@@ -214,46 +214,46 @@ Build a Python CLI tool that reverse-engineers existing on-premises infrastructu
     - Handle missing Terraform binary with descriptive error
     - _Requirements: 7.1, 7.2, 7.3, 7.5_
 
-  - [ ] 8.2 Implement auto-correction loop for validation errors
+  - [x] 8.2 Implement auto-correction loop for validation errors
     - Attempt to correct validation errors (up to 3 attempts)
     - Re-validate after each correction
     - Report failure with remaining error details if corrections exhausted
     - _Requirements: 7.4_
 
-  - [ ]* 8.3 Write property test for drift report correctness (Property 22)
+  - [x] 8.3 Write property test for drift report correctness (Property 22)
     - **Property 22: Drift report correctness**
     - **Validates: Requirements 7.3**
 
-- [ ] 9. Implement Incremental Scan Engine
-  - [ ] 9.1 Implement scan snapshot storage and retrieval
+- [x] 9. Implement Incremental Scan Engine
+  - [x] 9.1 Implement scan snapshot storage and retrieval
     - Store scan results as timestamped JSON in `.iac-reverse/snapshots/`
     - Use profile_hash for matching scans to profiles
     - Retain at least 2 most recent snapshots per profile
     - Load previous snapshot for comparison
     - _Requirements: 8.4, 8.6_
 
-  - [ ] 9.2 Implement change detection and classification
+  - [x] 9.2 Implement change detection and classification
     - Compare current scan against previous snapshot
     - Classify resources as added, removed, or modified
     - Produce change summary with counts and resource details
     - Handle first scan (no previous) as full initial scan
     - _Requirements: 8.1, 8.4, 8.5_
 
-  - [ ] 9.3 Implement incremental code and state updates
+  - [x] 9.3 Implement incremental code and state updates
     - Update only IaC files containing changed resources (not full regeneration)
     - Remove resource blocks and state entries for removed resources
     - Add/update blocks for added/modified resources
     - _Requirements: 8.2, 8.3_
 
-  - [ ]* 9.4 Write property tests for Incremental Scan (Properties 23, 24, 25, 26)
+  - [x] 9.4 Write property tests for Incremental Scan (Properties 23, 24, 25, 26)
     - **Property 23: Change classification correctness**
     - **Property 24: Incremental update scope**
     - **Property 25: Removed resource exclusion**
     - **Property 26: Snapshot retention**
     - **Validates: Requirements 8.1, 8.2, 8.3, 8.5, 8.6**
 
-- [ ] 10. Implement CLI and wire pipeline together
-  - [ ] 10.1 Implement CLI entry point with Click
+- [x] 10. Implement CLI and wire pipeline together
+  - [x] 10.1 Implement CLI entry point with Click
     - Create `cli.py` with Click command group
     - Implement `scan` command accepting scan profile YAML path
     - Implement `generate` command to run full pipeline (scan → resolve → generate → state → validate)
@@ -264,32 +264,32 @@ Build a Python CLI tool that reverse-engineers existing on-premises infrastructu
     - Add progress bars and formatted output for scan progress
     - _Requirements: 1.1, 1.5, 6.1, 6.2, 6.3, 6.4, 6.5_
 
-  - [ ] 10.2 Implement scan profile YAML loading and environment variable expansion
+  - [x] 10.2 Implement scan profile YAML loading and environment variable expansion
     - Parse YAML scan profiles
     - Expand `${ENV_VAR}` references in credential fields
     - Support multi-profile YAML for multi-provider scans
     - _Requirements: 6.1, 5.3_
 
-  - [ ]* 10.3 Write property tests for multi-provider and filtering (Properties 18, 19, 20, 21)
+  - [x] 10.3 Write property tests for multi-provider and filtering (Properties 18, 19, 20, 21)
     - **Property 18: Multi-provider merge with naming conflict resolution**
     - **Property 19: Provider block generation**
     - **Property 20: Scan profile validation completeness** (additional coverage)
     - **Property 21: Filtering correctness**
     - **Validates: Requirements 5.3, 5.4, 6.1, 6.2, 6.4, 6.6, 6.7**
 
-- [ ] 11. Implement resource type filter and multi-provider failure handling
-  - [ ] 11.1 Implement resource type filtering in scanner
+- [x] 11. Implement resource type filter and multi-provider failure handling
+  - [x] 11.1 Implement resource type filtering in scanner
     - When filters specified, discover only listed resource types
     - When no filters specified, discover all supported types for provider
     - _Requirements: 6.2, 6.3_
 
-  - [ ] 11.2 Implement multi-provider partial failure handling
+  - [x] 11.2 Implement multi-provider partial failure handling
     - Complete scanning for all remaining providers when one fails
     - Include successfully discovered resources in inventory
     - Report which providers failed with error details
     - _Requirements: 5.5_
 
-- [ ] 12. Final checkpoint - Ensure all tests pass
+- [x] 12. Final checkpoint - Ensure all tests pass
   - Ensure all tests pass, ask the user if questions arise.
 
 ## Notes
diff --git a/pyproject.toml b/pyproject.toml
new file mode 100644
index 0000000..b6393be
--- /dev/null
+++ b/pyproject.toml
@@ -0,0 +1,42 @@
+[build-system]
+requires = ["setuptools>=68.0", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "iac-reverse"
+version = "0.1.0"
+description = "Reverse engineer existing on-premises infrastructure into Terraform HCL code and state files"
+readme = "README.md"
+requires-python = ">=3.11"
+license = {text = "MIT"}
+
+dependencies = [
+    "click>=8.1.7",
+    "jinja2>=3.1.3",
+    "networkx>=3.2.1",
+    "pyyaml>=6.0.1",
+    "kubernetes>=28.1.0",
+    "docker>=7.0.0",
+    "pywinrm>=0.4.3",
+    "python-synology>=1.0.0",
+]
+
+[project.optional-dependencies]
+dev = [
+    "hypothesis>=6.92.0",
+    "pytest>=7.4.4",
+    "pytest-cov>=4.1.0",
+]
+
+[project.scripts]
+iac-reverse = "iac_reverse.cli:main"
+
+[tool.setuptools.packages.find]
+where = ["src"]
+
+[tool.pytest.ini_options]
+testpaths = ["tests"]
+pythonpath = ["src"]
+
+[tool.hypothesis]
+max_examples = 100
diff --git a/src/iac_reverse.egg-info/PKG-INFO b/src/iac_reverse.egg-info/PKG-INFO
new file mode 100644
index 0000000..655bf50
--- /dev/null
+++ b/src/iac_reverse.egg-info/PKG-INFO
@@ -0,0 +1,23 @@
+Metadata-Version: 2.4
+Name: iac-reverse
+Version: 0.1.0
+Summary: Reverse engineer existing on-premises infrastructure into Terraform HCL code and state files
+License: MIT
+Requires-Python: >=3.11
+Description-Content-Type: text/markdown
+Requires-Dist: click>=8.1.7
+Requires-Dist: jinja2>=3.1.3
+Requires-Dist: networkx>=3.2.1
+Requires-Dist: pyyaml>=6.0.1
+Requires-Dist: kubernetes>=28.1.0
+Requires-Dist: docker>=7.0.0
+Requires-Dist: pywinrm>=0.4.3
+Requires-Dist: python-synology>=1.0.0
+Provides-Extra: dev
+Requires-Dist: hypothesis>=6.92.0; extra == "dev"
+Requires-Dist: pytest>=7.4.4; extra == "dev"
+Requires-Dist: pytest-cov>=4.1.0; extra == "dev"
+
+# SnarfCode
+# I added this line to test the syncing
+
diff --git a/src/iac_reverse.egg-info/SOURCES.txt b/src/iac_reverse.egg-info/SOURCES.txt
new file mode 100644
index 0000000..fe248d7
--- /dev/null
+++ b/src/iac_reverse.egg-info/SOURCES.txt
@@ -0,0 +1,17 @@
+README.md
+pyproject.toml
+src/iac_reverse/__init__.py
+src/iac_reverse.egg-info/PKG-INFO
+src/iac_reverse.egg-info/SOURCES.txt
+src/iac_reverse.egg-info/dependency_links.txt
+src/iac_reverse.egg-info/entry_points.txt
+src/iac_reverse.egg-info/requires.txt
+src/iac_reverse.egg-info/top_level.txt
+src/iac_reverse/auth/__init__.py
+src/iac_reverse/cli/__init__.py
+src/iac_reverse/generator/__init__.py
+src/iac_reverse/incremental/__init__.py
+src/iac_reverse/resolver/__init__.py
+src/iac_reverse/scanner/__init__.py
+src/iac_reverse/state_builder/__init__.py
+src/iac_reverse/validator/__init__.py
\ No newline at end of file
diff --git a/src/iac_reverse.egg-info/dependency_links.txt b/src/iac_reverse.egg-info/dependency_links.txt
new file mode 100644
index 0000000..8b13789
--- /dev/null
+++ b/src/iac_reverse.egg-info/dependency_links.txt
@@ -0,0 +1 @@
+
diff --git a/src/iac_reverse.egg-info/entry_points.txt b/src/iac_reverse.egg-info/entry_points.txt
new file mode 100644
index 0000000..0a76ac1
--- /dev/null
+++ b/src/iac_reverse.egg-info/entry_points.txt
@@ -0,0 +1,2 @@
+[console_scripts]
+iac-reverse = iac_reverse.cli:main
diff --git a/src/iac_reverse.egg-info/requires.txt b/src/iac_reverse.egg-info/requires.txt
new file mode 100644
index 0000000..cd3ac0d
--- /dev/null
+++ b/src/iac_reverse.egg-info/requires.txt
@@ -0,0 +1,13 @@
+click>=8.1.7
+jinja2>=3.1.3
+networkx>=3.2.1
+pyyaml>=6.0.1
+kubernetes>=28.1.0
+docker>=7.0.0
+pywinrm>=0.4.3
+python-synology>=1.0.0
+
+[dev]
+hypothesis>=6.92.0
+pytest>=7.4.4
+pytest-cov>=4.1.0
diff --git a/src/iac_reverse.egg-info/top_level.txt b/src/iac_reverse.egg-info/top_level.txt
new file mode 100644
index 0000000..7b96f56
--- /dev/null
+++ b/src/iac_reverse.egg-info/top_level.txt
@@ -0,0 +1 @@
+iac_reverse
diff --git a/src/iac_reverse/__init__.py b/src/iac_reverse/__init__.py
new file mode 100644
index 0000000..fe481f6
--- /dev/null
+++ b/src/iac_reverse/__init__.py
@@ -0,0 +1,58 @@
+"""IaC Reverse Engineering Tool.
+
+Reverse engineer existing on-premises infrastructure into Terraform HCL code and state files.
+"""
+
+__version__ = "0.1.0"
+
+from iac_reverse.models import (
+    ChangeType,
+    ChangeSummary,
+    CodeGenerationResult,
+    CpuArchitecture,
+    DependencyGraph,
+    DiscoveredResource,
+    ExtractedVariable,
+    GeneratedFile,
+    PlannedChange,
+    PlatformCategory,
+    PROVIDER_PLATFORM_MAP,
+    ProviderType,
+    ResourceChange,
+    ResourceRelationship,
+    ScanProfile,
+    ScanProgress,
+    ScanResult,
+    StateEntry,
+    StateFile,
+    UnresolvedReference,
+    ValidationError,
+    ValidationResult,
+)
+from iac_reverse.plugin_base import ProviderPlugin
+
+__all__ = [
+    "ChangeType",
+    "ChangeSummary",
+    "CodeGenerationResult",
+    "CpuArchitecture",
+    "DependencyGraph",
+    "DiscoveredResource",
+    "ExtractedVariable",
+    "GeneratedFile",
+    "PlannedChange",
+    "PlatformCategory",
+    "PROVIDER_PLATFORM_MAP",
+    "ProviderPlugin",
+    "ProviderType",
+    "ResourceChange",
+    "ResourceRelationship",
+    "ScanProfile",
+    "ScanProgress",
+    "ScanResult",
+    "StateEntry",
+    "StateFile",
+    "UnresolvedReference",
+    "ValidationError",
+    "ValidationResult",
+]
diff --git a/src/iac_reverse/__pycache__/__init__.cpython-313.pyc b/src/iac_reverse/__pycache__/__init__.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..4b5be259a2d2905590007c75f3a91ee782e31567
GIT binary patch
literal 1147
zcmbV~%Wl(95Qgnsn$)@9)55}HmqkMnJ3vTPnwFlnG{mK=NY<%6NsOH1XzWyNC8Y8Y
zJOobw&vLe`*cB?&Epu`a-LSz@KAnj@Gygwl?s7Rpqvz|l!iRWL)4r=<^~9EkyBj)u
z)+`M*OGn*`S@FXdi({N6Fu{_TWNWy_QkY_COtW=dX9gN9gBg~^EX!ez<uT6+SYSmg
zvJ#e98OyAK6;{P6t6`1RvCbOUU`=eA8r4r6Zm><<G_|Lim3*h;qtRL`b^Y;xcg#Lq
z0ES?8#mEx?=!ube8U%jZFjlW%`O1V#FO1X&f!LZNOuP_6(-TAFVT3a$njuga1?DLr
z@?n4z^G)Z-bOIMlE?hH=cm(Fq^C4^-*U9bnv-b86HI!Ce8l5p0BRIX9g3K+>)@(B2
zcqOYHDzFa%kVjr1`Vh|iNESNN*$z5mFM@ezS=fas2p5ENwU2x{mgQY9bON#mF69I>
zbU>E6ml1L&0{4ug$IpH0wk!?q9x0Q#p3j8<ccDQRDU6hr4rw0+B&XKvpPU`+cKdek
zXy<hAq<?H5@APE0hrxyC0?sYuR~?sSs;jsURF7PQV{a-mmcs?*sgcO+G8iF*p)^!P
zNy@5WsljzcMBUft=eg3#dqJND{)O^4B%6W^7S6cux$_oX!~kXS?;neDEnVhUT6_MC
zuD#X3INbs!6liNTTvJFXq!rc`)M8^sA*+y6*igtT6cmaIC55s=MWL!tQ>ZI66q<y$
zt;aHD+iu|4w#?YJT0@!(1!a#rHZJzEJ)yhz!~fOyf6`>*p@QjrM)o-mVeVI{=Du&+
zU$i^&p~<bzi$TBJI~iDl<4`T@AVg>IpvJ(qJ>f;R-JV{_^egf-^Wil<p=_Og;Y-48
oT-WuVvACYNHMBzgCUc)?=&^h4ANakk>Cb;9nwi+A6q=O(2V{Om9smFU

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/__pycache__/models.cpython-313.pyc b/src/iac_reverse/__pycache__/models.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..ea551fa52c20f25bfe20df7b00b492daad5dbd54
GIT binary patch
literal 15440
zcmcJ0du&@*dgmp1`6fk4)cbiYKWWRfW69&#9w#G9v?IroTvE<72xl0YypkAGB<Ebx
z9%++>3Zqk}4~&d9jRLf&r`yG3fL&nPqCghg-A?C^V*Y4RvKm;-Z3a+LV6iH&026sT
zeW1YpzH=X>Br45L(F^PFob#P~?m6H0o$q<P>-T#EJiq=w18@ED3xe>s)G!{uUfEq2
z1>rs6xDXSV5VORruUc+dne~>9*(7S)UKMZInVr|gR~@&U%qa;y!iW&F_X#ma+<wuf
z&BR>1*NI+NL$5pTigp+ut^dZ|(XM*Ss9|i6QLq0VI<~Jq#;9TJfKjjiV&0*8%cx<j
zWYp`w7&}sL88wV;*6WHMGe*>ZF}6wXc?S!|JL0amd)#Wr;CN@ueG<PMYaU?D+kmw$
z-s?lJzoECgIWEr$v6i2+G{+ra0S;?|E5KSgtO;%aYvZscy9TVC!<y_8u;9;Gu-6{G
z*WP#^?bY0I2kki4$@=3~zQZo;u=}DFop>&4KLQ)jp*?{19)J$&&^|!>4?u@>=m4OD
z2cW|`bO_Ml15inaN`M|Y06n5ZM*ux~06L;Wj{$o80Q9I1Jpt&+1JGkS^c0|>1JL6-
z^faJn4nR-n&{06o9)O<Ip<zJJ9e|$Fq2~d8;Q%zGLoWb2b^v->hmHe!@c{IU4*e3K
zmkvNjb?A$LUOoUlyLcsZb@iVo^Gue~$zoDk&Zp(9A}!>ZR9up!>Exsol^@7Vk)=p(
zF_V*JmdPzj#e6;+_IM`qxneStQzSW8T2@B+6sc@dQDiidxwKSVDPUrGA(P7#GkFXw
zDRNp$rdVE4q+~WLrSi*#d``|46;FPFf3lD%$XR^oiWEyFb2*ufN>g${&ZXsCY6Xi?
z@>#5BRGP#}rJFJaB#U{pW5r}qmadmF*)+hO*OJ)`c0>?b$aF5n<Yjy(ndS59y9s-C
z=pclws++dY*RI+ZGIBN@vZ!JN+rqDFu0X3#W>fm9;Xf9=v3nks_k_5>ERgHgn1$J5
zRwl-5%pMb&BW7pLn1i`uPUeoem?!3D-bGKytNQM+{DTY@I}ar7v}2Oh@mQ%)$g?7F
zl+T?lV8t1rQp)5OSW+pnQmR-2p$htY9J@+b^`-Nv`!Y)?50h+J_1rJrlUYtK%8Kez
zR&x1lesM*0FD2OnSt-g)_1sG`Ik7AQ6{_=LCYR1XRK6$7hJ30kk;o;N<wQdDBog3+
zQkLqzMB*EzWLAd+5{ZQjQ;I~QTpnO&B7yJIxT(3xS0m9x?5h*e8P)UZ-RqI)Y-BzX
zQ(dvwXXkFu-F#hjzcLYhEfSlLL{-oAiD)D-6Pcg5tvbItJv%k`)tK6uNGPCVCY4AQ
zi!5`mgk2;OtQE-FC3LH2Ca=V!kvntoST4yHhzH^dOT{zERDx-I8rN7jTv%Z)yuk}X
zu5uK`w}g+ym$rjP)^1nZ2G?#?1HEgnR9pMkrnP2E_oJI^(0HpkwMPN|;?!PrhdgTQ
zooup*BegsU7G2D<l^y!V>bTy_tb)b{Q5EUl3Y~)t+fR1BudwP)X@?G!bSmKQ<f5$F
zmQoqkLhBAtLFk$dd087ZXzwgY1(^n{6NTD6IX62$F+B@v%|$0)0YRb@^V4&)YFli6
zE;?~Dl9;%2=l1l(>|{i>y)rq?NTacSDoEq=4`_HIb;cy4plvDC((pVKDvSNqo+D+k
zv+4<~P3}iBjZ{1DMCV?cp2AY@+@6@fF&CXl%uL*Aj(bvq|2pm$ogtSRm@JegSZXO#
zl=-RIfl(%`h9>Xam68qJk}h?Y@=8&H&|{D<C6<!Isy(@!{?fQ=qci19(mP)o*D>op
z9JBU`nJIdUj(~Gw0?5T%&2V-a%VAW|x)dS};cRT%7hH>I$f`3V4f{7E#51{+%q_}X
z*j&bhs~0CpQfC%2DIB<bjxb^DUP|$?;6=IkP?mF&0#PinQV!C_o=m6ZwCaR#%0EEG
z1-`^2a{7xPXKE@kr8=XLnYq_cam~z4P2ZS~Of|*O7#7K>pw*ffdRfCzOZVDMoZd&T
zXlzKsLUy&qkc2XOkV(mA8`AJ$p50gdI{ZOCTUwUQCQj5sX3=aaGIT{T<WM{7qBN0~
z3)%b%X%Mx&p<B_v)Yu0F2}CM;Ue`X6SWXtyfri%$(5x9q<y<kLuc@N}N+MS&BvUfB
z)@6wDgaT16rxOc#Qgmv-?AIsgG&^+ZkSIV|tG#A7!%lRXCyGf0STRA+&MYLVJ*Kiq
zJjk#jg#U69Cn+bZtql+jhk<%eW|?GBTfIX^J7x^lbxs2CG&Gg0b~be0TTUf(G7L0y
z>oX)WIcTm0U_$L`fU;yJt-lrWs{vh?B@CK$nH{MmnUq;t+i$DUpUEf*1p-3tXzWQA
z3L46~jb39F$#k+n8nn{@KoiOjVa6mFW>@=+ZdgQ6uJk=6zfk0RH5a!aCrOE`ZN}gw
zXn*z~@nE?=t=^?P%oI~gYP&Hqol~IXQhAoH_hs{`WHv!`Q-j7ht#6U#O9l0aDP3cC
z@7$S-&PS#a(MW9WZget|n1B6FB)0P-oSi+=#fA=gcK-{Cz2X+GD@>cXJ?@Cv$i0X=
z;bggVm%|YgxyxZ^?zkuJjl0Ml;qI3s=FlO&0}!VU@dLu&z}zn0=QidTx5nVKy(O}i
zcp&DEx1#N(w&}#Q#eA%N(GDi?lF<mmY9W)AcYXoiUp+U;Pj?AsB1t*2Y?G3LGn$q6
zYgm$UVbx`*V$};d0JF20NoJK<)eRf8kOwE?WE+AqK?W`iqAb`#Q3J^mG&jcIPZaa_
z<(%q(94WC}$}knN9)XM!!tn0jq4z!EoRG8J6`};$_ngw(X{hnLmZ(9MhEXxgMSW&T
zz#L)&NUz@eV?lVsY4kTAW6bdet&BfcenSwF;X}V_t&eOGVzw_je~U0C8sCzHH@wEz
z-tZYUtdESCeGhSv@m|i_d=Ek4HJf5RCn(mS@CxS3kKMIi1#Z%CcV`foxof*)ox$8*
zK@xIe&URNcu$w${=sv~f>xq(iweJBQ?03bzJG^T-hV@AJ%h?u$kYn}#L^(GoQWheg
z)a?V!M<KS98Ot*`P4aS~xFThA7+fsfkCBxtp0iQ|KT69bOp?nNp`*380B_2c+Q_Bk
z16fKI;o#x5nTem@D+Llarf<V2kHL|H*)1!F&ZWb(Iq_x1bXYXA)wE+htAn4r+SOBE
zbg`=~#;Qi8MeKJq1Utn1tTBt`4DsV_oL}kWs_o<zDdc7gAeZWZV8;<=OVqGsaXfnu
z#e-^7<RW_$BbiLY?I2Z&)Uc??*#*_1kxO-(>rkz%sCpX~rV!go^f0oKRhLd|D4PZm
z6*hW*1!I)IL$M~*T7|*k$Bykla4Rs3e^p=mw`bm+DfeCevG2;ZH?ZYBUZH<4d=hA1
zAKwa|tpv|*2Espn;nrs0R<*V3eg6}Gwd<u%y3d!pUZ@F{3;mz;4{a2;hA&r!FK_l=
zDfeBi*{z+|p4-H>_UAsKci_hZ*FH-B$?|_&t_<AX?3sByy*+qjYw*%v4PM%{S^Hbm
z!AtAx2d`JI&c1K03|^|)1b<IW0O0Q(LTkVN#hTU9-Baxu_#OWT{;i%fm7X)@?$Hk?
zzwiC<otn+k`O<Tnt*yQ05n8(*`~UH?Al_E!-2d>Td-A;a!*K`7Jz|pLR9sBbL48kn
z1Eu!hQ0g%(qlbP8+sA~EW%aUl$h1&`?siGAaJk>5$2BtC-69onvhH|=LsmxL;sg&_
z*f&sDNWAI<Y%A!qC5+kB!A43R0F(Aqf+*I6=Rnl)r}N+a+IPNI35=CpW17`Uf+Q3?
z)S2L}s|tr3VURp|#R#Cl&lb~}R1pkXWNZ-=Fb4`%B$>iln`Nl;0d<llgK<$@VG{MN
zP|?g6NfCgGU%;R8A5i>~@HgV+?Uuexv9H?Jxt`h>TVHxIv?&f(kB8Q#AAfU0+=zYP
zt^`Il#ZdKyi)FEQ<He^_9|pfOUFi>RiWh0v-1^UNq@H{YBWmKXy=&vxhVnt^xqxcz
zx<zob)T~zfc=_nqu7KZN8+vxBM?(#*hW^aQP;R^5Lf5}yl#qGCO%ZOW*vXiHp`sfh
zFjyQhZgj-mhN;2F@dz=D5J$|z-|&tIabL`P*~0vBU))X{2AGdvF+XcrYzYO__Nk1L
zf*S-oA*y?hJAZ%ytJfwB8^aV(X>+Kw!1BuoOYOHm48avv{l;6|z);<#T;>}kIgv@L
zA~^+|M>#!JU!ymxx(pjd_0$6>-?OLz#Nd*pY%u{F8Zm<vwS^@g!kApZRJoL_=)POv
za9(@|yJEx|T2w`%8u_K{Z7PU5>_1XLf~+Z%5pOXn2tP^$1u@yp?O@lY*i{X*Kboz2
z{Ew!q8q;;3+!Rk%+mCFDN2)Dtk7lZ^9h+ju$I|idrz_Icwb}Kljo_2%XW~_jU1;7t
z>|#R)J-b;Hhp`JMsZ+OP?Yi~pG+9TpMx8N@fn0Hf@i=2pO|x2E+|qSw$%U8)fjuw6
zXdV&^U<crP=TGtZ)nk*0a%K^cBL$6K()~%zr>67CPc{NO2F($-gU^tIiK;M$_th2!
z6DEooc!R~{azXWhQAm2hl~R^&s2;d6g(M?0Ri~rxa5{1#aawR<a<cw9eMGzmH?b+@
zehpwo1#L#Tih?K?hJq@0oTvmirCQq8$KK6sirrOT>w56r=}m-uI=ZRd-bwZDfwf!f
z;xlnTqZiHAoL<)fIgDPW&tV*II@J4)H^Qv0MOVnJ`gGyUees>Yz_hEU?yx*>N~HqA
zy@*Vgcr^PUEjm*rhLcgm5z*p7+Bxhnno6R6n$;eomk(0lk!sXVs~ttiZFq-`ljvvd
zdxr;+n0eMz8{CbiH2F>JhfzTrQz-66G`X<d4<S8N?Hk+_2dhK;^z;or69+Y{)A*km
z>&=8J^=Y0RQk5L*9Z`L+Q5ouzG}cn4u=5E%yn22D>|gIRV@n9lNOf$|5#bRygqqws
z?jiQv#UxvlizETt8fVey(y9+MWuA5pzUMmp9GEz6ir(MBf*BRGa-|;yq4&x*7gN0G
z=DM+~_nFwMA(uw~J0mxEH%Hh({sY=Z7u`Gm3*TM6O1RZ~VEVw$PvuM5wBa8ZZy|33
z!E-;Ce~4(Fj_0u2u4B*W0g~D8VOG*Y`kZM(e1}q6T%;UAnsaovMD*1#&HgjS^Qwjn
z9v1#C^-)1fG<h_#-P6B`uy9xJrr2B6q<;gC()i|Ri~@3)WY{Cgq2S{VJtkpDa|dL$
zCMl?9@T{BjtaoxHm6fA1WnOk__{wTTYiM#h4Z)qFlni3*sZut{kkB&oQ3%m2aa3y9
zfIq}hM2wG6X^JLBh|a{@JtimbtKIwuNUWa*jgNzzP#mwwgFrFJiz~WF_Z-g3T%?=)
ztlEnuD4V8i{a>*;Mg{Fs385gio`X}dZhQAK6l}G#Z)5DKZR5o!iB0iXbx_(ArE2eh
zDYxm}J=8JHvR?({3sL8wo^|Wg)97P|F~)oJUQOrP;~u@OnQmm9*<&skXE4p;ejUb5
zIOyRPu7?Blyx~ojEG+H(6V|wT!BoZ#WLzXTk-MoNV&BG#bQ<dPQq;C$zCgJ(gi^B!
z#N-fxb8vbiJXA8zDTr*^Snu*#_!x8(w|xP-YoEU6f{D|bpDu29{ddgEsoIq0e?(9!
zX!pup6h!kc@6q1D?sCs4xsl@8YIpy}<dYSmJ2ZL6dg@8<yK{72`-jWYSfzh_Qyl;J
z<mgB9m6O-kX4c0yyp`awXX173+|zgV@P`c@^z6Qf;xPU&EwBT6of4-!o#WRty>j{n
z44;hG0!p5kFl_8aEe(t_IuFl0NvSsJmC4%@8A%A}(GQu;suLk*3bw=i)ukVlbqOk#
zJh55!TPXJnvHwARRM01tPE-he=eN00>Ti8?8)nWkv0K|djoY(*^LTt6kT1M_Qme*c
zFuWEg7#=xfFg$MgnBIsUC}kd=QErQT6GDSz)oV$XN!|mZItWqF4t2ad&_R-H4A$Hc
zSS`y4L>Y*o;8aOg!t58Za;RU5bIRW=Fl0$|SAq{vy=hrVu?$a;GtS{o%JC=e8G`HZ
zG-Tb*Y49KZ44-St$3G+h6|^M<(Me8-$ToKxxJuS^NgH<*dWSwNR(i+RZa$u0Kl<+L
z&qUp?qzRf+=$n8XMj>6iXd!P>Aewh+DivZ=@+S9)D32+kaN7tTq(AQ0l+poV<-l!#
z4$5WgOb+c4<&HvTn8<h3lvp5+?mndG_Jhv$7#?omXySH7Z87MqP<R@-F2lLx%~{o#
zFBJ==q6XCn*QVUhAVj8VcS?e4;wkhwULluG{D^RG;?IFY9*@unO13HcLn_{(Vt@)d
zX$>~QkElrn?NoUM6*^vLw>x?^1}h!hwdmkxY>=y>(erD!*H3L+tF(tU#q%GZ8~?$4
z<=idgm)DCMk*7zWDo;;+FjwgweJ0-0K0;GBr}tw(4x{%0fmA<{4RHj}*Ue9)2edch
z1ICH;g5pLb!DWv0H;nY2#0rqOXj$}!THrL&{gnu0(MskVQGMK$Zsw7s;46Z|IUd}q
zpJ=)<A#1XZJ;Iy~(E~2^ye8>k*wMB%a(5_l4%x5F1G(X{1+&rwa5$Ib<z#{`{(!r1
z!^E(75F6GFlF#7^PHoN*Z`0SflH#25SJd33;<u^zF%`|Y;x7q61z|#&MTNKm7dLpU
zpy8bBVSy88KANhWm?(=qT9j#1oT&EoBT6s{&Gqrn(eF=HhAxA1j;$+CLeIp@8gI}C
zn)3!NyBTlLogNsM`uUI9`Khm)lZYJwrg4Csc|mJEG!XZJ1N<=$q<0JCKtPuOItS1#
z#h9NbxLRW^tZgw6YE|8wA8z32X1+}9aH$!+A+2#q2z1n<gVHI|d@%lXx=G`q@D5>L
zbsCfuV7C}5(je~+=0|uOIYdMdR43i+K_Ztk3AcRMTZAYYWIR4pZ1~%41-rbbU1dcc
zOS{r~SdQkJ<&^$@x))K^#=Mj@>NcjX|6bIqX70y^Tp8tLkk8rwAnWtXf{;TFChFf0
z!y&WXwKvNwp_jzbz9%L&9~}+u8;EAiZmce5A)+D=<QSu`(S?qEPt1w_u6><op0}XC
z$yMA4_0z?heGhu+%<Ow&uCRE{5_5;m6-mMjjB?6&0cS(|hNFpIscG*>lV00-;jS3-
zgdI5ta*@ZIjBv!fG2dk?g7E&;P>k~uE;f<Jxu0`y#pY%y5)V!db9pnXI+v3<@LYQJ
zv>~hB7-8}v#k5z#Cc}m^`EwNV${+_`IHy_?tJaaPsn$$7Bx+KH3pXxgNVHJ8hAvI1
zB3UookkPU^Zl0j0xM#@0su;;sDn6m&Cn!{>t{gf0?~q8uEkFmZ%HgDif~xqI0--3D
zN|2{Co~t+2PVI5+#AK<LWHBqFQ0)q?Toko6R;YLHLiepfwWmwV1tsL<ISBT@>4hCC
z_}T(o+;b0{>uA-^)dIdjYCv&fAWu6Pi6>_<pWy3lGbKt`@4A6AtvFGv34iMf{<SN(
z-QM;7=#$Z{_OahP`ZWFBx4!e%f68u-j6HU4_YFJ_R6Bd$|N3uy{c)t~>)-N?RD2`b
z1IMcaN45seRR+%0D<ijmba!j!&C1N1TQdulnT7J=TbncY%h~11Os;%8U(SD{EU}tH
zI5)l(zFrAm-<FO&mA6h@s+>S>$#!OFd*tNS$c4(tg_<3$noGENWovx4GCo@!ePL_#
zrON0_p9WmLeKnhBr0Y{}Yg_x@+uHptpW1}3W3^GCXW;#}pS)c?a(wH^rOJ^@)vmtx
z??1U;?H;Oj_f~sPed>3%c^=zq?LuqEw^!d?-8lZC<?(7caJuX|t*Hg>3xwJa_qRF6
za0SM79Os>Ph(0C*HK;st9l0uFHLB6c-ERXuqdqD~&?_^jkhYuH4tBtNjgePAI7}vv
zLiv~W;M$GHlaJ=A!A=d@`SHlfkHpHzHRNTA>$fU_;Z5;cO*~;gvl0BMfFEsFH2)rD
zNAjDV|3A;nG=yOCIyKJ>mm6_SH?3VS%M`JP)iKj{K~{`_`h_ymSK9Sf$`%`XNTNYu
zwbih561ZW8x`O)`{2H1T8*w5Ilgwmw^P_3NX&2jJRL~+6619ZLYuj3=i8}^Wf9tny
zYZ#${%`tKvkY?(ir-?Ktfbd}4cA+~kS`4Ee4fWtQ3N9hOW@h*!l;F?2qhm);`@*);
zGXI(jR>z1Am+4BPh8>Yx@lK=w6bQ;$O8DXGGx6%@T=Z=4u>Kh%HPf7PZZkgo2O2^J
zt<sFwUDG@)?&|gptxY{Xg-HL|XX22CMH;^ci>Av<7T*`eBFC(q4C1)v=sI*qSBv@>
z3A;KBw~OLFZbq56g^;FeF--25mjxDmxDV7?r$AJ5slG)dIMu|ZI)HudSNZ7bdO|6s
zpe+=&)gX-7<0JAIEzPhF=uDr`Z&C6jj%HW~p}BB{ivp))bkl7Q!=7$ET;Sk3j-Gp~
zo6;6+gY&vJJExtM`VJ-UztAjH5C)W6sL<)S0GUq-xGo;g=Jk)yoc}>b<;)FaaOXG9
zRyt2@iZ?z!7W(K|<=D#*K2z(%6(4-Em#f24S?t~jJ`*L47ijW5ykN?h*8urhcmeb@
zVzuO88{A+zS&%>;wFQ*rDFa;uy-yTAV~QX{tQaz=$(>fOF@{3lkFZv*w%PwhZB}j9
z$e3>QlK8p%oGjZrGzZrXV^nhxVH{L@n~G+KPoyDK(CU>@3?u4X+}5Pl9><4=&qHU+
zV%LW2X~zdG&&0DD{^|8S_&3kuJm&jZ@DI1e6>EAH@n0Fd{BpZr!+NZ=yqtvZ`ny;I
z>_4qV5mo&V>`C`fK2yI=?B&;qwJ;nxuKZH5-fS_h7VA+uExe>psJo$`LxkTZTyrAS
zkBtw@<7jS51Q$W6pj{}q8ODh)wucBjt7#qwiZ6vL{v*%Cmo*yD+q0ptcF*2x{-+YS
z&2$*JVW5ii-(?s{FVz9ll<o_2=5Wyni3-wPjI3<dO+^nCC#ZnuBruYb4Oj9{QIj(k
z-|T5>a<+SuYTWVW{FtLA@dr=C^NcP}A@W2QPt<5pWD4T)kS7nf@#u_Z!H^B1$s8_j
z=(uaR<anbqq2Yj>4b}B!P!HE)Ut+C53H}Mn2vC5_Ko-kqR=Y*~X^UV9{Y2>eiO~PN
z)n(~fAAc_3=XsYC_2P2@KeaBw-nJzUR>Z;b@VTwwo0Z|4Rk3wT?5~LZ<-xOCgOSQ$
zg!lAT#NKlMnXUe7mHunIr>`RRl?O(*2F_Oo&hLHe#meA|yr-uk_LTchZ}nZM^j)a=
zoiAI<0>zSUmrq|Q4_v8qU){wztj{~_SX27BfS>2Bc1z!S2i5y(edhW;6C9GG*23Gg
zy3YjXkONn_X#KP{zy}OCt?V<wKIo|V8phi(UTf2;J`-B{9krX53sV-X>B!UZ4}ITH
ze>C>{newTZD@VVwD_pQxYfBbkP$~<(_>R^4Q|npFcuhco%QRMRjW^%4aERCP<(hy(
zhfs5X16-ED8n8a71E|@>0S?PhO+cXosHwf-z_tPCGXZ_DrRnQU-Y@|8hQs^@YWf>4
z%cO<AK4~#Oj}D2?229ro-8zJt+9sWri#5>Xq7I;D2Y<t9c@?u!X@bx(#9?mBm70J;
zhfuSJ1I}5_)DUGlqXVd!(@<u&w9x|EbO<%I1=uaa1Q<2}!#coaIYPTRq64U@?Zs&c
c)55|!fSTHp9hR?P$y9RCr@-M?Ec^`pKfk@Dwg3PC

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/__pycache__/plugin_base.cpython-313.pyc b/src/iac_reverse/__pycache__/plugin_base.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..0a50fc89a9c2ce514adb900e0d018af1f8751017
GIT binary patch
literal 4111
zcma)9&u`qu73Ti_q16w|R^!?+I#JwOTWr=vp&+qZ6i`+MYB^ODu||7XfEbapyNtOc
zGegRdPX!9}+#U?1hXU@+z8UQ$=l%uhl|X?2J*B4&wnYxT<a<L>+Fi?a_b{B{aNfN6
z-uJ#YJ6&FG8u%T4zWT}g%ZBk!8sxu9)|nom^TaR>X_y7Gc)ze;l*Rp$EHN6F?w9u~
zvZDLt`_=uLtnJrjeZL_a`%T$o##Lj}Fe}##v)V7dTS{%prD3gIfBdII8JxI|kSz4#
zq3bh#tRl(nh#hk!nC)?;y3OXE7`VPrEE);s`jL<WZVQZf#JK0-)j)Eri|r_uf`#)o
z6&uGYV(vKf#8~)IGYVM9W#rm!$RjeS?JAr5zUvQJ=!U|>cHQPz<ZHW_ly*PpB`djW
zV-bx4r(H<uJ#5a8J<%>FtGzJZmG;PugmxlXJM?%o2;{hjJ%)iiO<E>)z<GyKD3vs6
zbR<;lMRp2F+BUMm^k3*aG5Urq0QaI<kR`Jy%l(R3>R0=<er>x*;W5i*WxH%vuNj||
z-_4fFI=(9R8{0**Hut`%-!JuRv=X!Rx!KmjY-4VA8MDoP4R%+s-_qRND&|`K%&xh7
z)?4YX^)KBnz{AYf{`z*^T%B8c*<6!XhL!fEWF_aqp{BxD>u{1^Ef~hVmm~g~5Q8#z
zxjkZm|4t~y*j3<8n8kx_?FIHjFwT6$<+#J{$HzkYA`+^@%u_$`g5hb0{hZ4ap}@3G
z^8*e}{X#_C>#$$Bz7srB?VMwZab^d;EwTQbVLWmJp9KT(%2g?eSrjx!+;=?CGjrq}
z6$;xOxHjW4i0y-rdSQn-uCjv@A>jv>Fh0X8=3pnA?01{V683dyA@@{Lg%7dx5A0$_
z19|{GgEDSfM)SlN7TQIA2QPQecNFZA8;x`d<estJ!+U^mR}R%qli@eB&koDO^eX=;
zxj2$UNTnB(fh|}B1P_G|lw$?J@ddge^7~OB9dsWe4uEptA_I9e!W$9U-FCBi#3_EM
zBQt&jg1b@%a);d;EFj1R-1T5UAB+PsWlJ}V+!Jx;5O!C5NXc(|u|sK3+HyuKa!+GV
zmPk{i;EFImcus;)R>B)d$fcnOZN`!x^>+G4cMm`6n?9F=Uf_tnl6K$awj~8ZsYE|j
zIE#d>8$u3dqArr_IjSl7yR(zmXrCII-x!mtMx!-F*RUzH`R{@-KmOa1=EHno!7wdG
z49b+UGe0uooi50b{w3g8lrSdzc+5_?7ZV`JEJftg*n#J{rCVv(7esjsNIbTM2uB>^
zDp>$lBg16Ic@+f`0YT>V?&YCBkZU;M^MbsDhoVC=Nve=+3`Jz+Y_;-3B{vs9yzr|n
z7?@^gt^rNCffuhu^S2qARBpfpdqlbqJe)8<K~lFzfr`}YQT@<GC4w;I3)zFC4;7$b
zw4QOtq1vDe9ZDMt1UnW?7bf9=dm0Y;2K=1`W5t6}E4QeU8w)7RPyd)!XUAXpzmNad
zx#O!KmQ;UFL+vWXKCRy5aV}nqgvyVO6P_<;AOHxY*p}!HyB)SkDv+wN<%rM=PN`yV
zc68ouK1$Wsa$RL9RN74}P?=;~Y6P8jtU=)6I<eV)C0sW&9x4vQKt@=Q`(x?jB%O=U
zd)3!J0hp4~Q<EsE=RtU#20#AGo|bW)oV~*b^AfKM2jJxr1lG*B?IU~U6gl5%hf$*D
zBcjtHn;^UF(-_5MF(9;X;np&n;Hg67Zsc&bi#i$QTSTK&`_h!WoE9c)wpb;b3t(RG
z&D|M3Udj2GH1ZRvWMv^hm%{7{g}nE?V{SjRskr683#5?Wfunm_O-1&m{6n_NV5}ps
zAXV5v-$?;jFYtYoTiiSY{bg3Ng>wcuZU89JB#Z)5hI}};pT@B%1>nb3!buaR%Z>z5
zPYb5L3$hcJYwP)e*dX?^8b4En&mh@hc`oIzUMVAiR*$YupWLyO=;ucA_u9R)gv5c*
zGnq;_{mfAidk%>bXDU8cpeGLbKND&TnMg}tirNm#ug^F;)J_Upph7D)drf9>=n$%B
zb=!$aFEm=Yd#7aEhHfqr{QQPZcQh(Hw3HM)Uy7LIr>E-zm-GdCI;3>DfX!5O+vSw^
z-v`g+52(3?MiKMqbZHK(=XTFTMI~<?W^Bp|`^%qvOolQ=?&KMurM|t9)GdqdB9@gj
zEeka?_Nd>otWRU^WizXmHE^Yh=ue9uV7g{mPGDP>B=?fC<JwVDg3`*%7)#npUez-c
zIr%1yzei1#nzyN;KM1l;4gDXHZ8XV-WvK|&+O~KE)jp097wkbLTFaltKrYdc8Y<N4
zzi57Ed|j+m>XQ|tdSy~vs<fV!pP4V-e)j9<D-#35&$p-an3nSS$u-@pRa#%%dT(mr
zna!a$S=V#bO6zI)srl!|)Ic|zMsKo~FMSrh=siEZcy$9l^d<%#FFu;mBQt>B<U88H
zMy2)T<u^Vn{o&4}g8rmxeD}s@<{ulA8jb44n>U~KpB}u}`{L&Nf4_cb(xA6Zqj_bz
zgr2rGEuxp=LTDVcTk<xZNr@lZlCI=waH^;};G70LS)aKscJ+lxr7_VVI}eA(cpmqp
z{?n8lKa=mlIH{oeA(~04P$+y|EEme(w2Z>de;C)lDOU=`se$I-YYz&A*6+>#81&S>
Fehbdi!Vv%f

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/auth/__init__.py b/src/iac_reverse/auth/__init__.py
new file mode 100644
index 0000000..5c15d92
--- /dev/null
+++ b/src/iac_reverse/auth/__init__.py
@@ -0,0 +1,21 @@
+"""Authentication module for Authentik SSO integration."""
+
+from iac_reverse.auth.authentik_auth import (
+    AuthenticationError,
+    AuthentikAuthProvider,
+    AuthentikConfig,
+    AuthentikSession,
+)
+from iac_reverse.auth.authentik_discovery import (
+    AuthentikDiscoveryError,
+    AuthentikDiscoveryPlugin,
+)
+
+__all__ = [
+    "AuthenticationError",
+    "AuthentikAuthProvider",
+    "AuthentikConfig",
+    "AuthentikSession",
+    "AuthentikDiscoveryError",
+    "AuthentikDiscoveryPlugin",
+]
diff --git a/src/iac_reverse/auth/__pycache__/__init__.cpython-313.pyc b/src/iac_reverse/auth/__pycache__/__init__.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..9b6cb0656aa2b589c9518de29a58370bc3c8fe69
GIT binary patch
literal 565
zcmaJ;%SyvQ6rIVViS^Nfh`P}%++<ThTu2c?YBwp^YPNwPB-1!HX5=O<)SVyUNB9kX
ziL-U(PRycPXIfGP#S3$0?zwl)xx<v}>vbe!_oZ=bY6!ilqzakOqdbw@6Y>!tANyJl
zdm3n-4!UQ6;hA7Mir0HJ&jQP{!FJFg@{KDDD~ajW9*)n)#SP607KH`lnRCbEaY~&b
z2dAox9N+IdEGuXN^QP9jvUUxzS+y)KcL6wvt%@9}!vOe%#S}ziNq2ZQWQk}l37_V<
z^ma9|z2q)f9`Ol<=|XhpcVUo@6PCF((B&{-C@>Y&6j%yu372kNScJqpB1G)7Fd{&u
zY))IDoNf;4^&_Ivzof*$KbPWa%5OvE7N#j7&#09CNE~(A!F6}g5Bw~IVTZ>w$RP@T
zs0PYAAcSSCAf$Ca753@kAI_jDC9quio`eq_WBiKRGsDDMi6qR{bgX^WtyS&Of(_a7
E1sLF_IsgCw

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/auth/__pycache__/authentik_auth.cpython-313.pyc b/src/iac_reverse/auth/__pycache__/authentik_auth.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..b3df61785031ea03320b07fa96c2203f7c972ea3
GIT binary patch
literal 7647
zcmcIpU2GKB6~41G`|JJl5BAy^du(FNg0T|}BsK|P>`)*CM;>ofiH%mn?yMQI%xv!L
z0&$a2DQfFHl_X6Q`T|cC$&>q3)T$C~dFZ28mg>zYmFUk4Z<`t^5q)USxihnWURsj2
zSK2f8Z+`B%=X~F}XE#Hk0D<!JUqvqV_7U<|Y&gYjS2jO@%11;Zlt`T9dWk#jqOQ|C
z<wb1sFA1mJ)XnO`OCIV;x?*IQNbWu&c@Da)XB@O2MZNZ@7e;+sMt$r~Ka2&E{)4=A
z6AiH5Hs}pHchI&aAs$-($xN|uLD358>!Kvhi?ZEH%LP@}#5~n6s~Lrk2LdN$Et69W
zaUO5jKQVu5Znk-LHm6?^uc(C!qO6Iv=c<}fkhQcj7ErZxu9#7^C9$Btu4p1vvQ#l}
zdPck~=hO^)>v-S+es<ht`k_Nk=VZe$-C0%1W#XLaEz;aYUDeK}ZH2Ily->3G95g>7
zNkTbLwoBqDKSCrI6_W0xN8(3el+}c4&5bq5L%mDhxX+AKKYLc!vg*=<5R5J#vKmEd
zX(g*uF|BKwk}g<lX}#WY(|2ArloWih=}+fW&~i%6m?67rC~2w`J|$=2wZ2qJlP@W$
zlo?2+F6o(K4(q{G>W!kDvqvJSR92-%A*X7Jro*r|mCER8sPIOCnlLPDnqFX^Xh83_
zR0{N7P}3>7P@wAhVnKm!8iWOH!jG8G%}ys5UVLRfDQPmz&gvN@Y0z|1mD4GzTvn)|
zB+(q0U>1_X=6L>1>V?~xK<yaYK>UdOSvYn--2U#%<w(c7XUm=4e-yeYj<9(RdnG_G
zmd!;F-+Zr<-eHpTNuDW=`jft-8+{D+*30(MM*~a#c)*NS_fb*|15EirH%wc8W(KzG
zvLYH*r<kSsr8-O9>H*_sP)?^|c8Xc78L~~*ZhDJ`LSa+EE+ZKwD;INxR8~$Gbo!?0
zS)zI|Z!m?Qjki(M6%C_^popSqN6~?z69sC<6mlx;=K!|5P~e7Hn#3j0m?N-d#6h6$
z58v<Dwk~V~y{`-1<xuq9GoQzH+|HC@lixqFGIzc6y;FY_CatI70~+>&gAOd4IMTQu
z=s6Nk-2fGCv(wS31r9G#s?!G|+_SuQK~@bVBVGX{sZ%GK3mT3MCRtg{8RND-Jdf8$
zt5pxdYbXkQpWy@XL-M(B@GpYTS`-d7EXofZST^4R(P~jiw<IJz2LwdfivsmZJoI?L
zkgylbiS_zeuP^C`-T?FhuEN|l#8#<|^#+svWGLxJBRt?@(jx`gtgsZKk)?1vVs3L3
z_c~Tyu`%_*F1Tm;_YSUZwLKAW1~dp@sprJYs$8eqIur(MwjXJTmz2T<J!8Nf_1LV4
zXr{(k6>pWRd6mL`*=}Hr1?mu35tXZ8fmM_?M0rU@3}@d`U5e<y`gp+f02%^VnjQeO
zBGuA1Wx@Ig!M#Fs-aG-lACYq$c4A3z3-$A?PO{)orrpMi#2vKnlDK`?b~z-bxdzBN
zk27@v-_=xxNx~)Z@GeHujf2pO&ec>TFo|(N0uz|xH9o;Fpno<MscrfSA@T?z=g@^&
zk%Fz~hKb~d5wz;25+;*^voeK)IXz7ipy|-Q=1#a5dbf^CAt_wdhUYPJB6V}T39_(#
z>vLM~Mxq*i6k)IO@15J>+?ntsya`{zFGZ(>r^rzKE+ED=6)%xRLNuXHTfWwBWZDuM
zH6sNyVMfSuS@HruNU~hKUH$<W#3@ZJsB%GR2uW%&NX=5wxGl>RWyj{hYZ74o%%&|u
z7J-g42v>5>5W({xGSQ1Pt%&*+O`&2QqL3>(&4^1>*1#8ZQ9oY*zW~<}EsC&%nnq3;
zMQ6lVN6|8Q2wMv9;u*SROb0|LmfuX*Ikpp5K=5S^+Cc~0w!oarzH_DyXl;tKLoY^G
z6HaKwUJfn{DnJkbug&WCECg)lQ4KK7V0~IVm90k*j0G8dGfa}TH$gkHp=;p#+{B|U
zIiJtjC_kZ3uvbo)9d?{kr`F{zJ+EkL2II=CnggV{1e_2T%m7nrs_<rBq3Ecz4TR}7
z(lGx4QsJjAQ@~)*^cK`hie4-%*K{_`J`Lau_QX~nRv+==KJn~>Kfv9~`>Mt;-D+7#
zT^P1vyi_zq3Sm4k2}L*gRA4Pur~S~um^mJyh*K0<22c<9TFsk2s=QHDjDlebc^$fH
z3yCgRBQIV}D|rm88I_rB*85Uv2)#_9pj<7O!bQ-k$uB7dGn&dOh4h7#6=J})G3tld
zMlh6ImLhwYex_>{VZz&uysjCF$th;Q>PL;W`g{XF4eie=6hjHKU9Q;y1g&5!=4e%I
zSaFDJe9J@xW#bUI<oC(L0kW<ClM^@RZ_ID>?=SW5U!7d<fA-GKQvVBUM-%H^udetj
zLf9YvqG#~qw?BBh9PPb7e5gD$x-s-jY3P~q$li^SsnW<)dB^0Jes_0AB}jU=f7$Mj
zg;!2i21u}LqiwL%Hh61ty=~VQ9V6wAqj!B9#}-S+7UAg?!oA9ED{tHJ@oVqDc749W
zbL}IWJl`3v5Iz*H1W5M)j(nI}36y(=K7Qx@cW!B`=hu6tR)Xc&@Xhdz@U3fiT<fvJ
zE1`;qY#-d{n<({7ta^SK`9<Vz|9aoq_aZCazeNViy(8tm(Q?=Ja%V4mWi(JBZhzqG
zha)5!+lcHgMRsoz9+rsTw}17}FOUA>=-U3-yOVd{xSL*!p5EkL_(`r%_#YJ><~=eH
z_dlDM9V5RV>zWh!du03EcK+UWH`Gn9P10#3QKwW%b@Bf}s{9j>Di5UUdU8?)ux~*N
zk^n>tQ5O)ckPuo?q~xy>Ek?+!NP*UKfjZh?1dX|=G|~yoX+fk_qV*&^tq4*IN}(#z
zdLJ|AF*>Q<=L7PsQfTcXTT@}e>)gl4_h;t@ojWY*O$4Oy7V^boMN<Lt1>I@xb2SZm
z6K>Fns}_7nKFvMjuA|t98~}e_s2<QEC~SxsEmr&1WQM?F8}_ug2r+KDNGXu7(`j>=
zl@+MQtqj$+Frla^S88m~K!!F8GHw78HlC3AFz9v&)H<~UD4w+F9u!Cmae<CG^%~IA
zaqOD_v0Q`BdU|pmYA+oLicaG6u`1F|TbgZne=|Sr$JZc9(E}*ZbmP$)Bhf?H`z#7f
zhgjTIWg|L;eM2awQ5;6`Jc<`k96^C6K{&D=#X1rVJ%QpFiWwBgQOu%XUx6B_k)wg+
zZ7~az7QIC5wWsX0n<LdFH;_xywDa&R1MT$NQ4282*v80oX=HjU$2=Lq9JzCK<ET_R
zDy<z^1cFKY*97C;c<$xWb1$#Q&aQ;+_YHhglG)jUWTx&6-RWG5zVH}knVKWy9_gAJ
z<?nTc=Z5)v!)~aXZstx6yn;t5<eAMcK>W`SYfs24l8|sAIz7$RaRZufQ<1#WCkbgf
ze6%>w0sg_7L^4R0eAOd_fBB!US{X+Lvv-Y0UQsn57F2U^>c%;M8nYLa^y}7XfoZLJ
zCaxMW1o{{=VSN4H$NK0u>^&AZHk>aYw6$}kN;4EL(xM`&SvzTfrw&*Mn>;3-fMX4u
zWdPdf6^Q-EEkt|N(-^xuOPDZ2xH6rp%PgVz$a`FoDV!f3;6^|+?!BPMkQg@TGtg!j
zb|UU=2|)~17}6l{#NBnMavD0!pz}@)V;Q^{7+cptN7z}foppPvs`LirXq@#^c!u#k
z5C9x85*sWBJAOR>-uy;zxD*_Q_%S$oduJ)QZ*Afvcug#@60G=q{$31A-}>OKa<sqP
zyZiQcR$p9wc5Tn$wb=9JSl^dkfrX&~($&AwIa=x*y**j#9A68LfBi+I#|iv6fA8m=
zF^E0=y^jn`4ty4$=_0@F>YCZh|8@@tlARhDaJKfnlYn+jzE>an!6UK!o1_T(nPANV
z3P+!ADv%U`_^qX%wMe0WpM4jS9l$3LIU%+;m1^XKDGE#tHx<bz`JG5c!xTlUIe`gM
zo#XxP(gD{~WB?K;6OdJ79$s5dYY&H2qK7+oRQ<ed`PV1#7*#v{HYI)kqu)9?{Q6V6
zllu~JP)sbG8E41&`c(0>_$p#YLvCP;zZUaw2-dUWZu9}jBacCL0h7ie=78h2kJ2-s
zQ2H{8vnb|Kyn+Hl2gv>x&s%W-9+Vv?tc3tI|6?T2oX}@EAs$~X24BG142q{wR1dl=
z)yiBE1S4`5Aeg&ayI}K?brl|F{04;Wgr8i!dF{rv+s69f<Z8M!IJI_oalI!2z9$6z
z?ajV-X7$M0p5tq=*#_UkBi7DRWalkoJ+h~ar^xr;{_xs$q1-ocbN7wiw+`MOUhms?
z-COS6aWi%!c5C<T<LkW>*FEK)f$P`SqPr@765U&gl4!^E{VSJOLSH}h)-fvQZ!ZU<
z_ap7rV8sg^j||KJ-kKRY?j^tTb{!w$e<yMv?M!y`@tJJ)KMBTCbPffum6h!`h4YZo
zr4qD(h0zEo#`ae1)hhk{6po_U1wZ2*5I-bex&*hc5}b4gZbvEvE^E)9d5G7_MQ*=4
zQ0^Y7@OXXt7`xv0_daw(yK;exxqEM=Dg-WfBzC#G_z+u_1O4vqa%_8r$Lrp4cD?Tp
zuNc?oKIwe_)XF<0|G-yn7_^e^_(Aa?`xC=#tNvA|7!={k`ZFU4n4VM5kLP9hJISI4
z7ME5vWBMDDB5ajS|9P0c=dJ(5j?mZO$pDYUNPz&5<v36SCwvtoT>MW&{40sT$=%iV
ymCMcbz^R<;+2o;FVa+HT@Nfqz1cW^RwTB%5)}O>561aR7%(}SlzY~;fk^chs>Ia+v

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/auth/__pycache__/authentik_discovery.cpython-313.pyc b/src/iac_reverse/auth/__pycache__/authentik_discovery.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..2aa19ebdf0e6a220be228813c84e76a853da1d6d
GIT binary patch
literal 13286
zcmcgzZEzdMc|Lp+IFbNJf&@QA^7tW(kSKt*WJ{tf+cZf>mMl@`35^|bf}Vh*1PcU^
zJ3tm0*YS@`hMA^~mBbZ2{Sl_kOsL6B!c3<VwbPlptvl2HDluqH<jT&dNhUMuFDPQ_
zOxn)$dG~OK0|mxOfAogjyW87+clX_QpZ8-Ik6K%K4%aXL(*MTaJ;iZ9p%>#~U-0ti
zdr02n4ss%=aH37LpSPW}D|UgN9p@eAoQjh@JI}im7xG-^-RGK=rgI*}bIz-H&+!U>
zu32e5*P^tra_;l3=X{D!;JUeCPHgJsM9+f%X@}md5)i#2FE)!UVyoyA{bE3D6Wb$R
zrEQ^op<|)rxZQ<<3qi5t5blgZ5EMEWd?tm?YtC@j%0EpN^4H}|K6OJ#rqo3CrmQRr
zxpd)LDih)PnQE3Q)QTmtnZ?w#f+FQp*^DYks*uVoDw3L43W<C{kp)Fovjrs~tK;~R
zNEec+%r$;7oqZD-YF@fVA970eW-2Kwc$9LvbSj}!8yB*Ld@ifz^&&Z0$uA2_C;<}c
zIG@0KYLN;PjcZD_kRt+_q)=@!!apGXgl(E<T1uy-t7#d}O$8<WMmCkX7<Oy^>0Dt-
zNnB6mW!77*-58^soUe9V3tUP|`NgcVG>w+7WtC;E<x;i7mzQ(0)*>dP405hvsH(=(
z8|oI)c{JuTN?u}2Oi+J}%T|4O)QyMtxCKtJL0IgfO>u~J#VI-z7beA}g-mW6om-w&
zl&tcA>a84~mr|;n6yC(VS>~lSeR3v|EoAcGE_frzR5NmyqtScf@r<-2$Kx6wk1u7D
zg)}|4#N(eUNa^Yqe>}dJQq+7pm60=9d~S-zli36wI^%K7Up|$HOZmK#x>~?A#N&z|
zoq9wg)6Ps!F3itfnp+SvlCn6RP09<Zl2}MdiMS#|vQ&9Ng1E7S$z0s*bR@T|w1Ngp
zXqc)8$(OhvIiLHn)1!15pH@OrE)~6bEXo8bn#!O@8OU06rM>z=7qKX&Kf2Oc%`?S~
zW&f(Dnw`iha?~n+(UsonCqoXcEgYy(W0GkIrry@DK~!1J<+D+Xtlp59a}rn@UFk5&
zP{X?X)-tOy%&6V<YCd9>&LtYF=C8f8A!_Zl3}bv+XD!b%F0HMWT^*R#TgyUiHlBEO
zKvpW2VOV>>`mP0PH1y7EUGe!@aV|DLJsZFL`lZ?U)TNi>7p5-Ntpb`@x*knnJv3Ma
zy`rm^d&3EkbT7CUniiULFcTf3^SG0M5Z^qaW5IjeE_&D-kGJN9CW1WVd0AddT^`T!
zT1AvXz7KR-SdL$8HEN1J^U1#uSZIsd&>n+P)M!8M5d*A7hu8)hI-TZ)AZybtwzF@Y
z>|4izyZSwdT7X^jw@aklS}&bqC(93sU93k<=uwE}bfc7I)EG}U%kL3;lwP1ipVmEP
z2!@FcI@UZG2LlTK0j?S!{%^Pq;GfQBG5|<b$Y%*d%oc&@`hpW~rX(SS0+{d10;ZY4
zu$(C@$<Pe4`u_&_ya**DTYJb*56T5f4cfz48p2p6n-?S@uSm%hsV*tKM{)7FD(Z)!
zxbi|ll~rM{B8W`SUA#Q?^2OQt_}u*TS&V&t>hjBT7fB6DJSirqi_{9!W&$+jO*xYS
z9LvIw-}#26kNM>sv{*X5EGPwChe}jBF9CB=T~6|<tlUhY-kYiX^;AXx5(rtSEg5Q7
zC!Us;WhKIEZbgRH&0I_v%7vDe9sgu0Jc=NB4;Dy_OXEqu*qd2ewBs9<XV*0@?6|0L
zFNGbNH-1%8<v4UFlm&1rp3mNpGny}MEP5Jk@~%yDs&aZ!C4zzyLP}aDl}Y8HF@{XR
zF(h(X7uASS<P<8Xg!k`o<pE*U`4wMza0oYlc{IH0{1;CjgMO_!p~!4TrL>wbdy8sK
z_-7;iUF5#U#ccED$nd3lku~;owN}QyPZ_9Svy3BVAFI|)Hgnt+YJpv%^XV#m*%ou`
zQ^sW}W1lC4*mH?)qXc+w(td3s?KBDwa90ewlAAX&E%#wA#?6zy+;fRdHOlj(nD<;y
zSKmdC=$){U1$oMuamJkU?RyI1RrF83#&J^p_yY!gjK6WMwg$D@Ke1NFY4BC*spEC9
zaSJ}!vBw-WieeYIXmabCZ^+8Kz~kd;;v|?88JA^NTVi%lZH>8n+%d}xi@uC&%C%@)
z<jyz-xkXzzB%MPy4WXt5z!oT5o<{Bs6B2==v$t}9Q5b6$`JLniTt@|Cc}-e?!Gzb?
z{42tk9Jv-57lyCr^Eq`g8l{C7Ns(a(@QT2?9S&DXnak5ki$IyJSplZ3ASIWuD0TR_
zDGO2pMw80(Q_3|}?~t{J!b~c`FcQuHA&}WuhVo`>7$CDns}xKQn2ViRt&_sbivsnX
z5E(oJ_6mzqDy;&&JO&e#FeXa#nxt1IOlp(DA*0kGA*I5<_*@|cH~@TG*}C$iwT4OP
z*HzJMQH8Ka^XA}|#8n{g16tk>29Vr!Xie8;iJTP8os$%4N!6P2sU;Z})Jkp2CfQif
z8)!;EIB89KTybEAFQ#sT+{$rF#~Sbfb&p~!H>Gqc$uudOwA9zB>gnI8s#;itR|G|q
z7huROrBsz%v#|ZaKhR+Q5y?uwg-{_Q8)6A%o-e4v$^ju+P~c?kohN9V#Er}0X3cR;
z&NJH_3I{@z$|;9IRyl%1^U#byGr<*#UoE84Nv1SfnWBgrEDX%+g=TLh<Q&O>)~q)k
zPry%5$aD$271CGAlaw5z<Tw%{ujViwS+mKi8#%OmgsQG-u`pED4w|DhMX;)Gti_%K
z4RsFeeTS>`a>2nn&)<H2eR4x7bv(7|DdT<a_T2jU&Gu68_^S73{?JZ)xEy%#k;C5M
zt8n&K-+#KfKo85Du4Ps{T<`EV2j3su=qU9ZWs0nK<SYJ)oA>&5LW6hS`r2FNK=6+L
zwtq`FT?#x~?mn>HeYn_txYRvf?jBixbt`nJ+}-=o>+1Hco~?9oEy3;P!D92^`ms{;
z6RfqDEUmd4e8156`%0<#Nvhu--Sliv%oHbPwxY8Y&i0Zmg0wCA$l;)YIa+-co*Nut
zTKAW`hqyrZwtuYXAA7_(Fa#p-)aJ>}!}q2?u-#L)0+zA=SH*!MzhZj)Z=QH&#=(8)
z2+kaJd>Cq*8FPF%=E8HGeL{<jY3*S=yvJQZs$cU~-CoTbg+IUYXY<U=VMuG(X+qWB
zT4n%ePCZb`d?vhr{rb2yn7=Mzo&Kg~7y=hrvI#-0+9nxkLLmdm74|U+BYfDdka?no
z_9>wp#aFB0)QLqFH%1pXMyEy0;p~;_hUMQRs-*Yc;dWcNfUxa9QS_hK@|<9%RO5Mg
z5yfFWHMBKMD+hBE<wo}@6}7Q>N?GQ~>~_s-kTb~~A~AW=9Be|Xs^b-CCc^?I7$SQY
zXvzXjV04WVX#xSt5!|)u5VV(xzBFjXjfPb1kXd;z_v#CNf!Nm1*j54Cf?s|6t8bS(
zI#*w&W$U}`+wu=?c?KWnAxSKgWimnD1BXQ0tHcZYN}<XN82XkG0L@r<jHC}92F!c4
z8gPSbWy~mCLk?vZ_alVJ8sRr|ssba5V?mk6<g1^JSS{poSp`N3f--tn;;bv$Gryiw
z`_=n0+EZJQyu<yxg%9u*j`#Aq+3qo>q0VOityjM!pvsI)Av-1+)0bj`WC`L4;0sBN
z*?-|WVu+97fbgb#Rj4{vr|StM8F8{qFdO73CShSD^66#18b(1RF(S;!ixQ%I%qyO{
zF!RiDa{H*^B{T<lU0MQxq?}7<mzPKx=OqOzl=@*>Sq4KUh0ApvHu81Zu3sE`LY9%b
zrjvS~7}}7lp}E*+U=P!!muYfHL=A=6p$|1~<)1cga&GS$X;Au)iDVUDy1BsMwtuwf
zAKmhd>T~WjhN5b|Jp$GSXPm`Mfo<vZRVi^JVR}3uN(+dsq`yLkKM{@U{SuqSAFw0d
zZqGQQu<`Nl#(z`HW}uh^CdJ?n60hc(fp}z5?71?YD_$cjW;ZBjyjRese${e2xU&gF
zUC`s)cVmuW?uzM^#hNWtOrJ2u$GoERl<8#%9Lo6&y37lLcM@~Yw;6f0yXcBF!$UE9
zBybmA;J5)o<c?Y?<LR|~ra#*fbIo@e`L%nj#TXkX$sE_rp*MA75Urf3jluia7@YIg
znXEQ3Pf)byf=}1GCkwCh2OiHe`Zhn<;9E5-<GV6se2uwc?pRaICweV>H~nGJKKVuX
zwEQXeC<hOb0?O=yH#h=sur=1ykmGLRxY!hHwR(mEH^_;OOzTwZr)(DhP5QINPi&U{
zhY+i}dt$*QV?n4aen!w?#Ls{d)0UuHJ)AurUlT~F)TrqI$X5+<@<vFxM1*;npdJdQ
zy70_qjRhzy7BbA$Ylu?nq`)+Do!&9lH$jyujMa>&Y(@@8m`7@KOjj&5B1S&zo}seH
zT}oD2rB^q4Yr@2&U~K0AZeh3qo8{C^Xiw`#j8MoWDfEbu)Y%rb?HQ|uLHsjXt+OzU
zJ~BGA)AAd5w=A?+^Kj*4gkL#jV(O%@RDgbvECqzCGMsYR>;c(4X2S~M^~JDL>r50B
z1&X9zQENf7q`7}0C$(-PS7$ohs-;{SYAvY+^Vz(Vt|y|d9E@d5jov^)*%VC*EA7mO
zuj}ZFeNxao27TtaV{gf8w6AKOHzg%Q)`;e2yHC&rDr}oLdCzeAmU3DPrg$-h-KXo4
zdR^mFY8)PRJ|(5YZOj$aT}=<oCsksWp5{m+{s{F_jWH{P(FztXr@5h}A(mRmWJvvJ
z(T`hsD&VcTpN<SRRXjv}1%j(N3i*WQO{rPh_mlDpDWkAoSE8>|L!Y69JQd|SC08i{
z@^ea(64J9;v(9MUnsTI)x3pG+DQr?Sz9w<Xr>Gi0ms2TD2Zz>r>4DUCqqsR5RXbve
z)r_%UTXk_CFMOA%7l1@?bjM-RZu^Jv$9&22HDB?Ohx2ydk4&t3DFW*$9~fA5|7>LZ
z-BW9?e(l-K(H};B5Lxx?boH!7N?qaA=ARB9*|_-8@aba9!0PmmTKaba2g-*}?1aZR
zUjObu`RGJBd>l?}Tl=n~2_9uT7wG@z(aDm3vK;6p@3-7_`rd_m&u<0K?>g*l?GN2t
zTTjL5X>Bj}4{i6KD)yf$2ZzwPf%bR#3O@F32ZUlkSnvHPF#a&ijXeAC8P40g)6!jj
zVq)ju*hbHveikj34^E)bRv#Mm@@TYoc)RCtvFGr1Po&rr*|@bGeW4hAVLLigjLwvL
zX19Chiam3so>y0WKlS&Ny9Udh{pF6Ha$mUI)3+1qU3=#1pI?9V_7@(uHjzCGn!nr~
z;e!2eh0)PK*PYhet>vz<js6Y)rgCrSUdLAO%*QmGM;sDzhg;iqcld9+hG!!74<r0+
zpX<Yuq1i6i-*>t2tQ0Ue2?rA6G9%gdF=1ApIA$YTCF6h{;}mTf7h=N%5bSECb%)6w
zAZmNAm>Dz0chkP96*6MOF_#DnDq<I%q6^VsH*67F40|roJqbrs>O;iVw0NK=ZP1pU
z#x<-O6wzb%uZvH^Vryy`Irm06)2i{rJg~l=0B^h)Q3HGFwI0}MRUT(}SRM_mq!@45
z8L)w1Br+SQaohZa*>=Oe;WUQPH?d{%8{iIXOK{V66dcO9<{YrpoTJ=@e+RO(O1#xV
zcubp1f{Ms79d^)l<)V^ZvY<2!0;svOIQo!=7DV(imC*yM(4`6@bt!DO8zusIEOpww
z4wLpeBF0C(*~e6~q5St&Gx8hxFNO(W09Ng!g^<1a2HY(2T2DZ}9uSm<?V6LqvC1=e
zQBG2Fijp%(RzhS6RjnK&@Ji9`74IaSEumPZ)`TI@m^Hq}7tM*7XPzn6Fwb;`GDSq6
zr{qOSrYV`Fgv42MzM&#S8K5n3Y<!vctK7iHaI>x!XbJ1U@1byWPRd_b-lDwEQ}PlL
z%?S-AX)c^LLG;*3Hx|y+&&QBAVF7)H`3mjRX|>?D!83E;>@k#Qn&rPyOLah^5c4^}
z1rKi=Eq0s)mXAkPo67#cs`I|Dy*>)L?kNSrbwNmBbn{p-bixvZ^syM=NYOvCu9p0V
zce;+2yN+%wZNw2bJTp)pcw&3tsp7y>Tm8o>4qNBb2qcEu5lC!nM<6kH;Le%bXTJXY
z>P$J<edp}$vum$!*h|49tFu4p?tj-=?i<|hn<(~8Z1#U}z0^1NuBRLbQJ7`z)<=P{
zhc2#X07MXlx%K5+Yc1<nOaAb-|7g*FbYpQ-D)~>|d$Qzz7Ll1X+imY{=lwwEeSg=g
z@8Jo~-@)8a<%{4*op(voN?7pdEwBmrid4U1_IWD~S97sT+Bo07Pd<((7_0xWd$ld>
zv^A#b+9%(=PkvKu-?p%?Me2fG@N+#3k-ae|p>ND}#q@UPJw~b8-LmIM@ti$Z%}bqc
zu&Wlso@rx0wB{?r`|=_()+{-}kPA|-{%C=|wDnLwg01orIR+B8qV!{FHPrYdFsp|!
zJus#_7DTm*TntC5jU{WlU2LmNP+`2LYbV+C$_B*!HqbZKp!;St6#HNH+zriHD5R2_
zJ(bk=z?^gr3!CaVKBl>Fgdr`j@P_MfBdU;=4ttsTpm__K6n0+XsQUZJ);zGP*|9pU
z?eQpbi#6h-!xmpV$Awsp^d?|#QHH~Tt-&y_Ilws`AW3Kxk{7LIW^VdC4nK&Wo|?bF
zqT9-O`bZ+D{0^1qh!fCC336IYV%3cu2AH%kS@X&t(i3%j@2-yW4l=dyzLxG@R6YW6
zQon;b4E;L0*PP$<yzf~LuIImV>sz-r-S?b-?fDDO2f+`N(#dnBL+4A~uatrpVDI`n
z7{0jIo!{|%%d^q78T?`Q54!Ii`ruUQ$qOanV#z<Z>insHsN9Ranc?*_>(R}&%~P94
zwz{4xw{`Ax4sCZvik*?2fynm2OT~egc6!Eii<9ihP#*)iW5vE>n=_@pQx7}pf}?dI
zQQ|NIr%M<L1(7p$J&>Gn#2hek-iHC<Y<zG5P+-7|E9N4q7Z7%-ZEj=HJ3*aY1~9?S
zVV8tZOw47z!8`)sG%_8{&<~8HvwNtMV6ba1^(6HrPAy;r*viYeExmH@-z!#+dgeBI
z#&SmX?VWj?0=<LPKqlM;L@AjmXJ?`K;;b%|upJDcBy`Cl%%UK#dh||URu+Qr1Vw}u
zK$=&w*&8a`V5-J<O$x$dN=_%~_-nmkM)cTzWxdt)iP(e2>f#oL*;H%r<rx?`)i8h9
zt2yahpz>AlUTe0V_G>cE___3BdhY7syk_fRJ~zxI9K{7@WO4j9g%$5&i=CWt;}n7d
z8<t}xkLIMUgK(2>_|Ov85NtA7$)0g)l-Qy1?9R@aYA$SQ7qD-8QzfCQ+B&+O^G8Hu
z|G0Al6gf+){0~qK-fR~)G_uP7+|76Kt2~a=_8nY3XV@8^DFw$?XUqQJmw)d^f$klD
z&)UIncWnC)7X1gmcd#6QLpf9o46Pr8ow3u_w>JCj<J)axrM9tu?HPD?Y9}<bKJ;yI
zI}|R3!rzxRB&_@G?r^a?yfO4q_xK|h*E{&okM_`oK<}2PM-O_#V$EN#ThX-U*oubW
z*P9z$qfJgY2`Cq{8Ec41?dM;l-E`={#R8&LbR>icD8&YieK7q%21E{L*ANkdD}Xa1
z)(r>Bm_!_~`kf@ZTBc6eUNTxR)TORya4H$yV&NBKM}Y+u$N{bHC@}L`8`&SM%_9L>
znm`Kv0;Ulc2)&!X^Y-nxHyp*#k&VkG|5IC@rx-WuwkU~*jE|#uprdSbV6D-SC<=^E
z*uXc(N<tqRi@4Q}<5f>0=$pk%{p+U|_O83VXJ2S!d#ONmx7OvaG`%QG3cv*0l1I?f
zy?bxWztEo8pGy*2F%C<t5ToE(gHhOuY!lW`Y#jgo^LL-$I(&L-=-Dm*nJv#5#;LGF
zZ;Vb)7?X4e&lkge3fX81ImHT{?NZ3~Rf3d6k-#y5&7-ex;5nzO@>l5TPbitAgt)A0
z_D|Cj&4M0tqi}#i+sq2H49I0+DqEpNZE>eM>6M~ex=9|Qr-Md9eO5_zeTjQ$=UtxN
zZink|g+JjM*>G-%n<E>q-NmT{yxu#$OSg(*bGuG%9Xheg;a&-NT*A6@UHq1Jm&0Qv
z7;y0$`OWFO%ex#NE2Ay0gB#No4!6y@UAk2cylQjt_d7ysj@zdyE_y+Lsi%KUeBWDX
zVy_<V!07tI`o+zet<jUkzEc%1%jP*gxZBJg7wtz~p>n@aanOA{%I^2Qty?~!=pEX1
zA-D2bTc3+(W#~ROUUAU<<Y{)l@9o=l;k`0>(AB%)tZ=w(1~(Hw=-H*m%0-*kb!<(o
zaJa3jyL78`xn0k#<=3Y-I@Zs=|Mtfi|8qJ=iJ9RpHm#bQ0`Zw^Y?`zd9NSE%u0{}5
z#fB$a!&4}$wOh{ONALpxIj!n5%qEgRn%Q}^Y1Ts48aeix26ix1X{N#%O31U)ed_Pi
z6DbW1zao$_2#d3*1pP{Y&3nBpXr5>F-yl4v{5k4C6gX8u0%y`@`?=j^bN<4|*$(_0
zC;Wu-f9!0s*+1rx{35{Fj_tY~Ht$+$m&2_R;6fAS(2;WQljZ)C<({X@!!MNkr^+E5
rtT_s+>#%)`>soWJiR&Y4uf6Yk#PK%!ZtrE6?YXtLf5Fk6ar1ux*>#t}

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/auth/authentik_auth.py b/src/iac_reverse/auth/authentik_auth.py
new file mode 100644
index 0000000..6283db4
--- /dev/null
+++ b/src/iac_reverse/auth/authentik_auth.py
@@ -0,0 +1,204 @@
+"""Authentik SSO authentication provider.
+
+Handles OAuth2/OIDC authentication flow with an Authentik instance,
+including token refresh and validation.
+"""
+
+from dataclasses import dataclass, field
+from urllib.parse import urljoin
+
+import requests
+
+
+@dataclass
+class AuthentikConfig:
+    """Configuration for connecting to an Authentik instance."""
+
+    base_url: str  # Authentik instance URL (e.g., "https://auth.internal.lab")
+    client_id: str  # OAuth2 client ID for this tool
+    client_secret: str  # OAuth2 client secret
+
+
+@dataclass
+class AuthentikSession:
+    """Active session from Authentik SSO authentication."""
+
+    access_token: str
+    refresh_token: str
+    user_id: str
+    groups: list[str] = field(default_factory=list)
+
+
+class AuthenticationError(Exception):
+    """Raised when Authentik authentication fails."""
+
+    pass
+
+
+class AuthentikAuthProvider:
+    """Handles SSO authentication for the tool via Authentik OAuth2/OIDC.
+
+    Provides methods to authenticate users, refresh expired sessions,
+    and validate existing tokens against the Authentik instance.
+    """
+
+    def authenticate_user(self, config: AuthentikConfig) -> AuthentikSession:
+        """Initiate OAuth2/OIDC flow with Authentik and return a session.
+
+        Uses the client credentials or resource owner password grant to obtain
+        an access token from Authentik's token endpoint.
+
+        Args:
+            config: Authentik connection configuration.
+
+        Returns:
+            An AuthentikSession with access/refresh tokens and user info.
+
+        Raises:
+            AuthenticationError: If authentication fails for any reason.
+        """
+        token_url = urljoin(config.base_url.rstrip("/") + "/", "application/o/token/")
+
+        try:
+            response = requests.post(
+                token_url,
+                data={
+                    "grant_type": "client_credentials",
+                    "client_id": config.client_id,
+                    "client_secret": config.client_secret,
+                    "scope": "openid profile email",
+                },
+                timeout=30,
+            )
+        except requests.RequestException as e:
+            raise AuthenticationError(
+                f"Authentik: failed to connect to {config.base_url} - {e}"
+            )
+
+        if response.status_code != 200:
+            raise AuthenticationError(
+                f"Authentik: authentication failed with status {response.status_code} "
+                f"- {response.text}"
+            )
+
+        token_data = response.json()
+        access_token = token_data.get("access_token", "")
+        refresh_token = token_data.get("refresh_token", "")
+
+        # Fetch user info to get user_id and groups
+        user_id, groups = self._fetch_user_info(config.base_url, access_token)
+
+        return AuthentikSession(
+            access_token=access_token,
+            refresh_token=refresh_token,
+            user_id=user_id,
+            groups=groups,
+        )
+
+    def refresh_session(
+        self, config: AuthentikConfig, session: AuthentikSession
+    ) -> AuthentikSession:
+        """Refresh an expired session token.
+
+        Args:
+            config: Authentik connection configuration.
+            session: The current session with a valid refresh token.
+
+        Returns:
+            A new AuthentikSession with refreshed tokens.
+
+        Raises:
+            AuthenticationError: If the refresh fails.
+        """
+        token_url = urljoin(config.base_url.rstrip("/") + "/", "application/o/token/")
+
+        try:
+            response = requests.post(
+                token_url,
+                data={
+                    "grant_type": "refresh_token",
+                    "refresh_token": session.refresh_token,
+                    "client_id": config.client_id,
+                    "client_secret": config.client_secret,
+                },
+                timeout=30,
+            )
+        except requests.RequestException as e:
+            raise AuthenticationError(
+                f"Authentik: failed to refresh session - {e}"
+            )
+
+        if response.status_code != 200:
+            raise AuthenticationError(
+                f"Authentik: token refresh failed with status {response.status_code} "
+                f"- {response.text}"
+            )
+
+        token_data = response.json()
+        access_token = token_data.get("access_token", "")
+        refresh_token = token_data.get("refresh_token", session.refresh_token)
+
+        user_id, groups = self._fetch_user_info(config.base_url, access_token)
+
+        return AuthentikSession(
+            access_token=access_token,
+            refresh_token=refresh_token,
+            user_id=user_id,
+            groups=groups,
+        )
+
+    def validate_token(self, config: AuthentikConfig, token: str) -> bool:
+        """Validate an existing token is still valid.
+
+        Checks the token against Authentik's userinfo endpoint.
+
+        Args:
+            config: Authentik connection configuration.
+            token: The access token to validate.
+
+        Returns:
+            True if the token is valid, False otherwise.
+        """
+        userinfo_url = urljoin(
+            config.base_url.rstrip("/") + "/", "application/o/userinfo/"
+        )
+
+        try:
+            response = requests.get(
+                userinfo_url,
+                headers={"Authorization": f"Bearer {token}"},
+                timeout=10,
+            )
+            return response.status_code == 200
+        except requests.RequestException:
+            return False
+
+    def _fetch_user_info(
+        self, base_url: str, access_token: str
+    ) -> tuple[str, list[str]]:
+        """Fetch user info from Authentik's userinfo endpoint.
+
+        Args:
+            base_url: Authentik instance base URL.
+            access_token: Valid access token.
+
+        Returns:
+            Tuple of (user_id, groups list).
+        """
+        userinfo_url = urljoin(base_url.rstrip("/") + "/", "application/o/userinfo/")
+
+        try:
+            response = requests.get(
+                userinfo_url,
+                headers={"Authorization": f"Bearer {access_token}"},
+                timeout=10,
+            )
+            if response.status_code == 200:
+                data = response.json()
+                user_id = data.get("sub", "")
+                groups = data.get("groups", [])
+                return user_id, groups
+        except requests.RequestException:
+            pass
+
+        return "", []
diff --git a/src/iac_reverse/auth/authentik_discovery.py b/src/iac_reverse/auth/authentik_discovery.py
new file mode 100644
index 0000000..cbab560
--- /dev/null
+++ b/src/iac_reverse/auth/authentik_discovery.py
@@ -0,0 +1,384 @@
+"""Authentik discovery plugin.
+
+Discovers Authentik configurations as infrastructure resources, including
+flows, stages, providers, applications, outposts, property mappings,
+certificates, groups, and sources.
+"""
+
+from typing import Callable
+from urllib.parse import urljoin
+
+import requests
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ScanProgress,
+    ScanResult,
+)
+from iac_reverse.plugin_base import ProviderPlugin
+
+
+class AuthentikDiscoveryError(Exception):
+    """Raised when Authentik discovery encounters an error."""
+
+    pass
+
+
+# Mapping of resource types to their Authentik API endpoints
+_RESOURCE_TYPE_API_MAP: dict[str, str] = {
+    "authentik_flow": "api/v3/flows/instances/",
+    "authentik_stage": "api/v3/stages/all/",
+    "authentik_provider": "api/v3/providers/all/",
+    "authentik_application": "api/v3/core/applications/",
+    "authentik_outpost": "api/v3/outposts/instances/",
+    "authentik_property_mapping": "api/v3/propertymappings/all/",
+    "authentik_certificate": "api/v3/crypto/certificatekeypairs/",
+    "authentik_group": "api/v3/core/groups/",
+    "authentik_source": "api/v3/sources/all/",
+}
+
+
+class AuthentikDiscoveryPlugin(ProviderPlugin):
+    """Discovers Authentik configurations as infrastructure resources.
+
+    Connects to an Authentik instance via its REST API and enumerates
+    flows, stages, providers, applications, outposts, property mappings,
+    certificates, groups, and sources.
+
+    Since Authentik is an identity provider (not a traditional infrastructure
+    platform), it uses PlatformCategory.CONTAINER_ORCHESTRATION as a
+    categorization convenience — Authentik typically runs as a containerized
+    service within the orchestration layer.
+    """
+
+    def __init__(self) -> None:
+        self._base_url: str = ""
+        self._api_token: str = ""
+        self._authenticated: bool = False
+
+    def authenticate(self, credentials: dict[str, str]) -> None:
+        """Authenticate with the Authentik REST API.
+
+        Expected credentials:
+            - base_url: Authentik instance URL (e.g., "https://auth.internal.lab")
+            - api_token: Authentik API token for administrative access
+
+        Args:
+            credentials: Dictionary with base_url and api_token.
+
+        Raises:
+            AuthentikDiscoveryError: If authentication fails.
+        """
+        base_url = credentials.get("base_url", "")
+        api_token = credentials.get("api_token", "")
+
+        if not base_url:
+            raise AuthentikDiscoveryError(
+                "Authentik: 'base_url' is required in credentials"
+            )
+        if not api_token:
+            raise AuthentikDiscoveryError(
+                "Authentik: 'api_token' is required in credentials"
+            )
+
+        self._base_url = base_url.rstrip("/")
+        self._api_token = api_token
+
+        # Verify connectivity by hitting the core API
+        try:
+            response = requests.get(
+                self._build_url("api/v3/core/applications/"),
+                headers=self._auth_headers(),
+                params={"page_size": 1},
+                timeout=30,
+            )
+        except requests.RequestException as e:
+            raise AuthentikDiscoveryError(
+                f"Authentik: failed to connect to {base_url} - {e}"
+            )
+
+        if response.status_code == 401:
+            raise AuthentikDiscoveryError(
+                "Authentik: authentication failed - invalid API token"
+            )
+        if response.status_code == 403:
+            raise AuthentikDiscoveryError(
+                "Authentik: authentication failed - insufficient permissions"
+            )
+        if response.status_code not in (200, 201):
+            raise AuthentikDiscoveryError(
+                f"Authentik: unexpected status {response.status_code} "
+                f"during authentication check"
+            )
+
+        self._authenticated = True
+
+    def get_platform_category(self) -> PlatformCategory:
+        """Return the platform category for Authentik.
+
+        Authentik is an identity provider that typically runs as a containerized
+        service, so it is categorized under CONTAINER_ORCHESTRATION.
+        """
+        return PlatformCategory.CONTAINER_ORCHESTRATION
+
+    def list_endpoints(self) -> list[str]:
+        """Return the Authentik instance endpoint.
+
+        Returns:
+            List containing the configured Authentik base URL.
+        """
+        if not self._base_url:
+            return []
+        return [self._base_url]
+
+    def list_supported_resource_types(self) -> list[str]:
+        """Return all Authentik resource types this plugin can discover.
+
+        Returns:
+            List of Authentik resource type strings.
+        """
+        return [
+            "authentik_flow",
+            "authentik_stage",
+            "authentik_provider",
+            "authentik_application",
+            "authentik_outpost",
+            "authentik_property_mapping",
+            "authentik_certificate",
+            "authentik_group",
+            "authentik_source",
+        ]
+
+    def detect_architecture(self, endpoint: str) -> CpuArchitecture:
+        """Detect the CPU architecture of the Authentik host.
+
+        Authentik is a web service; architecture detection is not directly
+        applicable. Defaults to AMD64 as the most common deployment target.
+
+        Args:
+            endpoint: The Authentik endpoint URL.
+
+        Returns:
+            CpuArchitecture.AMD64 as the default.
+        """
+        return CpuArchitecture.AMD64
+
+    def discover_resources(
+        self,
+        endpoints: list[str],
+        resource_types: list[str],
+        progress_callback: Callable[[ScanProgress], None],
+    ) -> ScanResult:
+        """Discover Authentik resources via the REST API.
+
+        Connects to the Authentik API and enumerates all resources of the
+        requested types. Reports progress via the callback function.
+
+        Args:
+            endpoints: List of Authentik endpoint URLs (typically one).
+            resource_types: List of resource type strings to discover.
+            progress_callback: Callable that receives ScanProgress updates.
+
+        Returns:
+            ScanResult containing all discovered Authentik resources.
+
+        Raises:
+            AuthentikDiscoveryError: If not authenticated.
+        """
+        if not self._authenticated:
+            raise AuthentikDiscoveryError(
+                "Authentik: must authenticate before discovering resources"
+            )
+
+        import datetime
+
+        resources: list[DiscoveredResource] = []
+        warnings: list[str] = []
+        errors: list[str] = []
+
+        endpoint = endpoints[0] if endpoints else self._base_url
+        total_types = len(resource_types)
+
+        for idx, resource_type in enumerate(resource_types):
+            progress_callback(
+                ScanProgress(
+                    current_resource_type=resource_type,
+                    resources_discovered=len(resources),
+                    resource_types_completed=idx,
+                    total_resource_types=total_types,
+                )
+            )
+
+            if resource_type not in _RESOURCE_TYPE_API_MAP:
+                warnings.append(
+                    f"Unsupported Authentik resource type: {resource_type}"
+                )
+                continue
+
+            try:
+                discovered = self._discover_resource_type(
+                    resource_type, endpoint
+                )
+                resources.extend(discovered)
+            except Exception as e:
+                errors.append(
+                    f"Error discovering {resource_type}: {e}"
+                )
+
+        # Final progress update
+        progress_callback(
+            ScanProgress(
+                current_resource_type="complete",
+                resources_discovered=len(resources),
+                resource_types_completed=total_types,
+                total_resource_types=total_types,
+            )
+        )
+
+        scan_timestamp = datetime.datetime.now(datetime.timezone.utc).isoformat()
+
+        return ScanResult(
+            resources=resources,
+            warnings=warnings,
+            errors=errors,
+            scan_timestamp=scan_timestamp,
+            profile_hash="",
+            is_partial=len(errors) > 0,
+        )
+
+    def _discover_resource_type(
+        self, resource_type: str, endpoint: str
+    ) -> list[DiscoveredResource]:
+        """Discover all resources of a specific type from Authentik API.
+
+        Handles pagination to retrieve all results.
+
+        Args:
+            resource_type: The Authentik resource type to discover.
+            endpoint: The Authentik endpoint URL.
+
+        Returns:
+            List of DiscoveredResource objects.
+        """
+        api_path = _RESOURCE_TYPE_API_MAP[resource_type]
+        results: list[DiscoveredResource] = []
+        page = 1
+
+        while True:
+            response = requests.get(
+                self._build_url(api_path),
+                headers=self._auth_headers(),
+                params={"page": page, "page_size": 100},
+                timeout=30,
+            )
+
+            if response.status_code != 200:
+                raise AuthentikDiscoveryError(
+                    f"API request failed for {resource_type}: "
+                    f"status {response.status_code}"
+                )
+
+            data = response.json()
+            items = data.get("results", [])
+
+            for item in items:
+                resource = self._map_to_resource(resource_type, item, endpoint)
+                results.append(resource)
+
+            # Check for next page
+            if data.get("pagination", {}).get("next", 0) > 0:
+                page += 1
+            else:
+                break
+
+        return results
+
+    def _map_to_resource(
+        self, resource_type: str, item: dict, endpoint: str
+    ) -> DiscoveredResource:
+        """Map an Authentik API response item to a DiscoveredResource.
+
+        Args:
+            resource_type: The resource type string.
+            item: The API response dictionary for a single resource.
+            endpoint: The Authentik endpoint URL.
+
+        Returns:
+            A DiscoveredResource instance.
+        """
+        # Extract common fields with sensible defaults
+        unique_id = str(item.get("pk", item.get("uuid", item.get("id", ""))))
+        name = item.get("name", item.get("slug", item.get("title", unique_id)))
+
+        return DiscoveredResource(
+            resource_type=resource_type,
+            unique_id=f"authentik/{resource_type}/{unique_id}",
+            name=name,
+            provider=ProviderType.DOCKER_SWARM,  # Closest match for containerized identity provider
+            platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+            architecture=CpuArchitecture.AMD64,
+            endpoint=endpoint,
+            attributes=item,
+            raw_references=self._extract_references(item),
+        )
+
+    def _extract_references(self, item: dict) -> list[str]:
+        """Extract references to other resources from an API item.
+
+        Looks for common reference fields in Authentik API responses.
+
+        Args:
+            item: The API response dictionary.
+
+        Returns:
+            List of reference ID strings.
+        """
+        references: list[str] = []
+
+        # Common reference fields in Authentik API
+        ref_fields = [
+            "flow",
+            "provider",
+            "application",
+            "outpost",
+            "group",
+            "source",
+            "certificate",
+            "stages",
+            "policies",
+        ]
+
+        for field_name in ref_fields:
+            value = item.get(field_name)
+            if value is None:
+                continue
+            if isinstance(value, str) and value:
+                references.append(value)
+            elif isinstance(value, list):
+                for v in value:
+                    if isinstance(v, str) and v:
+                        references.append(v)
+
+        return references
+
+    def _build_url(self, path: str) -> str:
+        """Build a full URL from the base URL and a relative path.
+
+        Args:
+            path: Relative API path.
+
+        Returns:
+            Full URL string.
+        """
+        return urljoin(self._base_url + "/", path)
+
+    def _auth_headers(self) -> dict[str, str]:
+        """Return authorization headers for API requests.
+
+        Returns:
+            Dictionary with Authorization header.
+        """
+        return {"Authorization": f"Bearer {self._api_token}"}
diff --git a/src/iac_reverse/cli/__init__.py b/src/iac_reverse/cli/__init__.py
new file mode 100644
index 0000000..126fb2a
--- /dev/null
+++ b/src/iac_reverse/cli/__init__.py
@@ -0,0 +1,6 @@
+"""CLI module for command-line interface."""
+
+from iac_reverse.cli.cli import cli, main
+from iac_reverse.cli.profile_loader import ProfileLoader, ProfileLoaderError
+
+__all__ = ["cli", "main", "ProfileLoader", "ProfileLoaderError"]
diff --git a/src/iac_reverse/cli/__pycache__/__init__.cpython-313.pyc b/src/iac_reverse/cli/__pycache__/__init__.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..589de81532503b25944e03fcce0440c73ce2387d
GIT binary patch
literal 409
zcmZ9I&q@O^5XO`J*HWy4z00121zq(jB0}lGZPDsp7ed(0N+i1}(<<oAhwveMncmGs
z(1Umogna=gR;fBLU*=1g-v?>B-44N;&(|*B@qDr7r=0Jh*~Q_Wqy$JxQ)fsM2b{zO
zH?-azdWjEy5<n1=9g=!y6j~R46x?q1N5^5Miz_9<QbU;Qs^WFAtz<1iS<eKNJQwks
zjfouN=1Ll`;<8559fK~V5+ltE0cQP=9RO&EJaBOlJS)DH0OcfVn-*h*&KWa3$#Vwc
zTEJAqNVmOQG8_M&CyPv`zCxE!OXNy1_COlUAZD+>pPdiJr&(HaDEqn)*%b2Z7cax8
tj4@fu8DsI}#<UL>KXC}FNTAr$9?FMHDSaecuOxaRqvy`iT?<z5{u88+ay|e6

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/cli/__pycache__/cli.cpython-313.pyc b/src/iac_reverse/cli/__pycache__/cli.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..b6b24be7091ffe2c05484fde9c2c14f7c1ac46a7
GIT binary patch
literal 21345
zcmcJ1X>c3YnP3BG+!sOcKAV?FNF+##x=33GMN$WKPyqzl36;S@V3UMJHt259jxaem
z*`2ZMq{{NxDKRN;nW^$t==l>))$T;KTU(RKdMZxMZdJp81Gq=7^3LSPPSyUPB4v|x
zs<!s~UgI?y6lBP$OcU&W{oeP!_r3eOUO#lZ9SmH#fAGFgGtMyoj4$*eDe&^}*CvMf
z9usCnCTs{BFBn7vJWUsjvnJ8RVH|sboi&SQ5;k72h!z586|L|zU$D*EMf<Enbj&(M
zC%{;)yTaD%jzetN*228Nitex--i%=fdGmyw*PUT&*a+z^663vY32~ID(zBa6TzrA_
z?ovDrbu(di*c0}S8^bj%8Z6Bt)?Tj-^;6i=lcodCfl@3D0Zw1I7Sb#<ru2lg+OU7z
z5UvZ?kF!uG7u2Z%Yd~?*r&#~5TlN!aZ+tTCl(ujar9RvYHDJRnm1;nt#fE>~niN~H
zwGs_t;~!XdTe$hj?NIE)c4!4NX#r!nqhjeze_-jIPy!e38aF+$m%0I>=W`)?0irhC
z7v2ZstRH660Q?7_w=CiPm1w2CMW14G_&^IIwp?!w4^BMKFfkj$TyH7OCyrS%E*S$u
z>5rx^p67TWCEnuJk_jQjEha@SwajzpV^ds+e~A|*o|_St5(3YQ31Nv#C6g;bhvSNv
zd?~TOOI$p;x*8J}B$82z#{>bP62hVwlTzY(Jhd+JgWM7?@M0{5NmqGMj6o@@kad9{
zbcpLTOI+kvft1(^w~$y|lm@w%Vk?OSHCJ*ywYHub<e(@nwhjaesYF~&dMOd(CW}!w
zxo~(c==c|$vzG$~g}o9>EyL3`x0XsIh1g2Kq_~Q-i&t;0@rpAHG(*f{Vue>+#g`?K
zmn6ltrbb8C0EuD|d8msJH<Z=`2G>tmIhlt|Wc{4i(jv^^VpuRl3?YQsbJ3onOVC0y
z!_2c3=n1QjA;Nf=F(bvz8#<VIJIxb;l{;(-v*RWsBN*rD+RlVr6r%L(W+ECE!4x**
z-(jPg&N1^o3i+IAzLth*x<+xsQ&4Oz(Hb#@>M5?$Gi(dnDQ3Y8^=YJO5i`vzSmxWc
zSj!XexJDR?=LryQith>Oo+{~HnjWqhH}^7K%pjw+1@!i!kz+a;4*o9x@VKdySu}Jp
zx?b?m8kC+^Cf30)0$a7;EfKc7-@|5son#jci;PxM6U7TyCmEokDpp6t>|w&rdFV&=
z@-x@0l5v=kjDF@E(3^ZY)I!rr&nw1DH4Ni~66VYj)LAkL)<tp$8d=&#yhdBVm(E;F
z#$euZy1B+Jipf=o`tszZiyTfqSX3s(C27LJ!KI&h6C6%rSa`^~MBs6qp)fRah)mC7
z{>ieU5`vV932`hU6iY~a5h%Wrh~ErO;eF<7ah|LY6WsYlQVx>DK`}xy#ogdJk%tPv
z(zq6b1#uzhNc)Rx28RHP$#r32f>R9QXXf?P;?S}8V9DVHSm0pAyPR%5FOa27t!zRg
zeS%AOP&BLS5-F(IBCD~rHOQ;jpe1mj6%{638xd{_$(KoX636wYJ^ev0yuP-U6jMA>
z;DkkV0T;*Eilo?iVS%jbl2Q*VT5?^C^U)NndQqrd3YK=oOV`qy(Nyv#F9gh@7kXO6
z1wh1^FZ%IT2e*J%G{Hl$@Lx+vDM>Mt=2JZ7?WeHGHC|BITd~y@#V*Ab`REGty<*3H
zn-RsNs5lZ5?GS}sNW@c$X^BsXW<>6|7F${8RX8)W**Y&G9~Q8Quz@iOOIBjTBIJvu
zVu}G)Y}!6i*lh^yieXJcU>rtxDT7lJ*F!T`=B|f@n7B9vo6dDfj9*X0;!#oE;I2be
z@ISbAOQ|LFMsb8i0XGf<5ob9rT~f@zFdNLHCdO5B$CY)qZ%h}Q-q)Xb^_ka?zk2+>
z$Dj9ff9UC!`;OgfyXTR6&SpL5WZSu2mNics?z??=dN)m5OCP#}J6-qvjdxG{<%zAX
ztiSj6^lwd!XZVqWaW&joczZhU?8-R1O6Yo~vYu(#HvK8&Irhe}&Dm{Z)_-8*;;zwR
zcHH-OZn?7lq1(1c9>&#J@HH3en(m%^<J{&~w@+v5h6}X~cL&}W*nB2i+h6GDerNgn
z%X0sTY{$t$Q`<YX@7v_AgW0CB2TqI2vddV^mf!XODId9mzyB4~?8K`l9x?_bzErmp
z_g=ggmwQfUJyWu6>i4@QO#l6(S|I)*!vaARwBX^k+O|BqjA6Ltlfh%zmhr#3xb@;Y
zN8djBR~P?pu4P<qo`B5mXCInOUdJwDvO9K7kpDC35;XOHaZcNrzq2$>9W(u1yA8rW
z>v2w>VE)@N$F#-zzR?6R?_0>-UN`-W>HYTR=_981kC-uhV&56N>F;~%XC`X?e!K?4
zinZ92Wt%r{i#Vbm{zvFl5Po3$yui#F1OpLri0~sANtg&ff+`4^FIZ-+0!!j8DEJ7f
zP-MLT!jE8qWmj8>D=nT8gD$-dO5bxujJkB#9QIxjlP;axo60Z|R+nBuWQv$|>Ae;5
zTShE`HDawKI7OIB0ux>E1zW@x4+2ZDpJELS(opFMB9yH%o)F~Sd%^Z(A2ZPsctgZi
zVqtrkfFovyuA73jImMGj8x~D5xh5v?oh}UA+R8exuY^C1ar&L3(vCC1T?OVh472}=
zI{7(ijgKc5Zz1c7d@)6fdrA3@0~yGwd_^sfu5lVi4LNZ&>6glIJneo&%ca#RZB4M^
zLw#XS5|M!eX4f~JjNjzN@XIlARV4-@Yc8zc;6;H?@sbwj3EvWuE6Jr>T8#HxOnix#
zU~eczosNn8B_7yvEz12|LRd(?Ttt-azMP~~#a@afR$@0`>qI$1qq$!(^aq-he%+cI
z#GU}5Ah<w?jY>#ubd9u~cmOJ*^i_hssnvqQ;viFcD#1#{+EK_MgzT*ZxlC(KL2)cr
zCg29NMsyXMgTf9YY<DHJFRRT&0Y?B(-R4}=b5j>)LecPZlc7tB<3i;0Oz85=)tRtj
z3xE0Y+{L-GUsmkrCPUX|!dGWPisSTTXeN4T=IZ1{#roX&%hPkug+*K()Xf_CHxb!p
zk%L>nE(S1+Z75>nh*)nCYa}A6B9fsv)Rv9{p8<O)Y4vD)B_>G{$`iP6l1oJWiQ<W>
zV~keh6hz{`^fz$ZV1CoYm}d>2uxCDDPk+Krf5Ogu!k&6$VeIvJTUW-`CHEY<Z>!7O
zIy1ITxoeb!+cUQI&2N%mN5<B%<<%gzI!UlCV{6-7-E~`QEgQ4DwM<>d-4kz|*y_)B
zAIx+g%=*VRE*7l*jI~v_-;C@u=0_(pqm%j3vzgJe^2oUl46<wXp~;9FjM46RU}IcO
z-#H<(%@2WchHzIz)+^f>oRCB|h95xSd(1q7k}HH0Y|jM?8c1a!c26|C!s2CwlnQzz
zNHIYQaw&T*NMRvGlif<mkYXOQ)1?sPcT2#U?w(FaYb&u^+OkF}Ls{i@38q)t#BuYA
zVL0vlDp}Tuc%C)~gF$W}?E}76WeZV$2Oc(XIbacSJSi+6Urs7bG@Y=GQWT{9wG~)H
z7L>YF66Zj9x>6rs7e!z{%j1<g3MNGt5>h+~Y6X5FU=UA3NfIpK45tpXT4cFM9is8r
z%F2yc{H8by$vnbch1&-6E7tzX?6+qN4)^Wlyk|J$8J686JBFQs{K2`*!8v*K3NRdB
zGSn67+VXV=Gj#`L{}{v^aur;4c~>Cg3dqj=^8ROb%|`q2-vGm55hnq0+B^~*4UVLp
zFpr0dY+=BtSWy82iUY-tghhqeDjx@E?LykgP{IEH9<yW!7}KdIsZOq{s*|EtWr#0o
zRk)-uv<9jV6ioIgPT&>9o|4Ao+|)&)H6dyckZE9>!!1P$IxfG*h?ju|QW>=|O~BEL
za}X!Mzhs5m2D9s7%yzZH_8};h>_}IkCy>2Ow@^XrF(E4mdJ~(-zqp=&j#F5aAry9*
zUs)@gI5^ZvYy1-K<s4O2VH75WUc?1Hs-)N`DN~G9@vsqNrRh^i39_d=Z3<VKvM|jx
zbp+6cLK3<3YLu$9SxVD4V(4a`?+IJSjRM;NTw6#}xlqi&NolH=ux;ERn5*J<mhe}F
zb<KmqNxdTGN}MXi1q+Y6#Dj4RKv&>fQAENk2Fk{&WqZoXu7Isnc1hXwq>@2Z0T={p
z)l$6?Yk7}ff-Mx)7*L}MoVHe@FF!?%YRYO<0oxO6Q~|bFBTLm9`68CeHCl2kIY9Y@
zVmrBtiY7fqP3c2n7zW0;y&NNN2s;GJq@|>23e=`wNA7s<LWO!+SlY>ER9fOo+Y7ME
zr~{G+4~?uJGKaW!4Z?y3d|*5UNvehi5(poyDtjq1$pISzw;D^umys3MHk2aU3knx2
z(ghslXAM{q0_n>ET?<uOix93QQUe01%n$5`>6&mVCK4SrW`vmcjD(d^EGi6?;lphJ
z%7&e=xIca7#$vfe;CoR4b6Eu47?bvrNV;1>dG#fVv7L%rVA}CqOvD{on&8%P_2jsJ
z`oR{Lwh;{oME<52`Sx8dP@}X~Vlt6dsI?e@>}2Z}XE21rS7i@544s0T!Xhl$P!+qT
z@gkg~Vp;*Mja_S1#Rlv+Aq@0AsI`$m1w+_MEJkr5B27I4Q=U<*MLJMVF0HSm#9oXw
zyj-S>AsdtUCy+vJUxR@3BJ82SL$)yHL&d#a_VsUDw{FSa(Hwj5zQ1p4DeDhzTr8&E
zY1zD(ZyU|Djpo~qX4;O*t;b~Vc#fU8uW|;mw<pK;-gmcdUd*}!8)qm|Z&!}({@7E$
zxsvfrY@FR?P3B_-U(?;TH`;O|r|-1MzNy=mM>fXnK>p&k`0p+k5#H&1*S~cw-*-6E
zcR1U1MCOjlM=#3WOF8!Pr&jkX-+JX+_igUi9j`g=eC1u!)|ns8{ctYJ9g;f_%l;!d
z+tGrr@owi^owq0NyL_+DzBaqruw~ek?tJ~1uHFYGrnYO>!q_~oeB+gGP%O{C9pBpb
zqoE%TWjjXX_EFh?FlQS>EbVW#SHc3e+uF`uGh?g&-J?dvRgW5*V;Wby_0^rxogTU8
zNY-;ywjCw<nq!|ysHFH=ga0hU{G4%|9Wede(R{YY^z$Awgww8}A=Tb8w2%<f!*j&;
z0>f5>X_^E}5z2N&iw?h_V^36GL~*E@fz=b^dX5=4biy9I1|c1LVALsGOge>&s$@|W
zE@qv=1(htwuaGNZpi3)JTWHn;n$9p_X|}=!3Z>{&9~Jc4Wcl06gp}+KB__l+-$}7Y
zY+C8|s@NSA7PcHCZ2zx@ov{5oVEcE3x+uodbH1B~!!FqVomKIB=W&LTE8+}kY8V>F
zXf=Q>y+*&KSH<kpQEmd;k;Z5U?ua{t^5vfEaPeL6RK;DZquNtR2}H{Vs{LiKD9G-)
zbg*?}dWH?hJGm;cI?(g=G$-^8TT(I!-iS9eM)Q`Q&;PGs1GP2@HC5}_prgAcbf|=f
zhG^+f$3}h6L@Gi9g8+iP;EPxzzR(ehqx2jC30A0$)P}&{WA6nyCicd`9BB$S;|#e3
zY68L%)r6jX9I8@IjZJ!nVSt{>`JO;yMfxgZ_#B#{%oBegt(Ee9F<L8O_#9fRj+7QU
z5|Ay`jYEILADVo;mXVr>C)^rt8#f7ck-E^-;}F_RtdCg3?Km<jwt77s0aYpN(2eD~
zDyvLq*;w|6rXQzI8$Ym$R4tp+m0b}VZM`qN!gbM{(C!vpyEjA{La<5hz2?u;n22WK
zrWl0ANMi`K7JDwOrm#m<t!X#K23FR^s?a?pXej&Qo`T^OR*X}yCNx#W)Ej9Ep&nt+
z1?|}fDOdJH!z-lhgOpIElrf#adkJ(sxUy8Gpubd?s;~oJ05%XYlnYB$vG3Q7wu<X8
zE&U7PJ)px|WuMlIze^qv>5!`?S5c&M>1wf$rj?$sv$-QKJ$)e3c?8#_ODEC|uKx^j
zgw{cdSqB+wEwRS0fWOa#DnI?xU;HJJT~=P=ISf<AkG!ZlD2y)p>Y$B148p-)P1YdA
zA#n>lSct(!9Z&G!<3rI&IzAHATn^$K#NAj=tbov1Qgx|9AuUW5CslT{C<uzECIov&
z?KCasRtR*QK)ndDZZ!X%Rh^NN7~uk$FU6n6Vt5e*JUbYm(dQ^BUVRVLe_-whZKedq
zd^CDTlQ+d{fIi(DPVsBp=<wl*l1{bU<q4!m@i_n$L3_Z6s6xJ+wsG7URI-93T9O9S
zJp|W5#HA97LaDxuP&9RN#YEt@(>0KL1$>{9g0!4igEoYi_^mkT0U=)scyxXty^mlW
zL#)N>BHEHB5t|ngyEvMTn7tZZs$NlaA@y#!rTYlNLx_;HRyjJ-L5R-`O4Q&8G;9qO
z<D*3tYT5@@CDrpQm|7$m(jJZ@?N3SrDcMF`(O_I4T@eADAW*1IcaXvlW8uaA!QzYk
z9t^G{*AJre+iz;gNl-9=HG^N!((dZhRB=7cqLD)}OnheIhB#GnucOTc7&Q4kUB_{I
zr65!ysJ()26>57yoS);aqGnucNs!_L`^B$fLlW7!T`$C=z>PyQNCV;v09bCMD$bCk
z7{pGCYOmr=1TD9z;b4xENdq`Z8`C#&1))3jg%@WLAl5=6>WWoA5A*6x5a9M|6i#6}
z5#Vu$6Qg*;)))T`-ePc5ti`%0?y_O3Sky79*orma6%RrZrxYSNDmHwej$LuQEGD2P
zDgJ9I#R>|d6wE@!^HK~<yI@?D(0_$j+}aQ$uVzwj#hOY+Uywj$U%Or$K$<ZE=5ev6
zykY`>5v7K{My2(59Mn2u9BaT5d@L@4iggvDV@rIXS=E0mV?D7WNl%eJAWchJPH`4R
zU-VNE7Z3`SBO=-_6em%dK$SJ^2x!#R?pMr9Vr*?$v1^?Rjy%}eDl};_wa#`VO?60g
zm-VmWP+tk@#V~0GyVkjiqZmYkh6yI4geqX10u?V+S@R8~A8+r%zx0WTC~NkCvIcB?
z)ZRD#tJ;P;>1=KH#)Sgw&9n6xwtjPA`>KqggJ20%bt+HL>r_zH9L}*v_Nr<c+V8Hs
zv64G{_RfmjaPGEKQ`OvQdb?-yX1-%A(=nE9IV3k9-ua5`J(Xi8OC@^`<=Dd?d%Ly{
zWWB+SbHo<ZmT|RZT^$=UMLkc!QU6wavoGH=lxZ2tHU#DRVR`uEeW&O4`s-hR_3K$@
zo9t+p+lRnu#XkJVWHMVGxoFM2M|144k89fB^lqFl)VAhpdo#7YTaoR{+1h6|E>J~M
z8)$Y8<h!5EbU&NzI4-xJxR;c@mvihK=z!|Ed|fbC7rbpN)OBtR<h#c*@T(iUZ7<k-
zc^ff@KA&$N%CryNv&y!%tnJhTGgCjjYh!HwytON1?aEsN@GIEs?)+)KaWvC7ns1!Q
zz|TIBx1Gt@&J<jYdDp&-YhT_K%(#O08h1^M{jA{uT1HU|1!%a8mCIWP;8#R5l4%^t
zH;!lEXCKeoW-_)Jf~GIy>dU)^GA^J7(VS7yfDco#uf0cd?9q?wxHm6vTq^iF^1j}T
zuXk&Hr|*M)+1D%kLL0LMUu)jilkxRreSPp|u95xwGUk1G_8^R!orw>uGKQ|u*6RT6
z+HAh}Sf=+_mK&ElC+-c%-l-fr{i(GsZ|#R4)u3H}w`XfLzwb<D-<fRpS-I=n2M*aE
z&e^W&2E=fV9r?JX`AsKun6E{p<K3xkXSVlH)^~Vg_EW1bZ|#O(5vlAS{Kz)+D^=46
zFFD&#!QY<u_vXNXYl`aj>Nex(VYT^{trxfbKW=)jY1^^WvlIWx&A-06^HsTV>X)u*
zQ2N#NX@gg%XOz8tId)&Mwz98p>xHfBviD$)9n<1^kiz`H>CC|CZ10rZGc9{(a_ku`
zz4zVlc56OxA`>`~?K>&=o|3(jAF-!@_vjmjFQgc>_(4tbVT&VdG=13H96E0L@VFVm
zWyU^DoA+zBOq*vQn!1YaQ}f79kSpY&q0$q0Rr6y;K+P<s^QdO$(J7H!5zXHe%wyHC
z>!cCXziE=Og&5;zh%pXbpXw?0(o=)AMJyrQ@Ah1JJz&HhZvY9e8Z|mwepOhV<`A@n
z))21Sd#-s+qX}9?gW#x&Q}c!fi5GNwS`A$hS0!!a^Y3Z;E;qD6&z|Dp_4#cI0a9MI
z+H1bnPXVj>T|WhE4VB5B0@eq*OHH0C)kiNaJq4Cpz*0f-`hr;efQ2duN~G-3Mgz=#
zU1Bjvv&CLzs<*qYEh}RKO~DP&6nOBAQ@A1A7&H+bXayZ_q@uPqR6#2nZlWUtbfwis
zMsuVFbP6qi{ovzug_KrEsh~lH_SVhsOTc@fwqeP(WCN*LGcgyXW~Yvdj>k)ZmB<xw
z>U$8RW}D!gbn2w$w)A&VWKIa+8&y2Ef(#yU&7hXh_;O5GLiY@v@e^D<UP>g_L8ujC
zYtnKO4z<7$7>SE<0{=1*xzQxLijt><LIiM&(x5|UUsZ)(6*VWV!|@yO)*j*44X(}v
zcNhd&9;7kP6rp6Ah=)m0m15hdo%Au1sPuX{9pE_h?%PYV>Mg_#EG9&7TgQ3_(k&?W
zS2+EH$TTT9-8n_-hVt9X32^H#p@!TjLDqmwSfrklVlVLvMT@Fh18{aH6`nu|adKe+
z#Y4F8EyS;aV-ddN+a>V5UrgYuVmP1}h7`j$!H2~h!z?JG5Lm^wS_D%JCqFZyEXaw|
zFdzc0I*DzcUTD(wcaZiV_?|;Ei*G~5a(PS-taeybmC&IJ{yjiflCG3`;$^iC;t$9-
zgxz0`Ny~~G{pcY|9X*v~FqD+YxKTWWpeUtJagu5S-gOY8KrADbFTQ$c6BOUADxnf_
zFa$A#3>@PAMcfN9yY3``?iB^MfUjgFChehC6K10-2?1rrzAd&Hk&Lv1R-~eE<Uy??
z)JOFuQ*FsM+H_!RRtEuyl!Q9PBHdcOkz7#>l7tMyW8#eJ5Cw+~78k|;3II+6$TI&A
zZbid0@mka@#g)y^B{4<EMGocI;K%jdZ$>vRm*ka#za{S<$@oXI{)6D9=xxt?4`jRt
zwl8MA;~VEbwR$twMvbdHk+YrDAv};{2X~EVnyziWJNU+6ZglF-pj<nB+p1%&M{?}w
z$KLj=w-ZDePeb0*k@0kFzMS=pf?XS=Eq|Wv%CKEq{UDT3-jJBTwSvmnPA<oG6~XSb
zZ7$_IMl&6wa{EEqJC<V)m8GDJCAS}vy(poTr5wt19Fp4)%Y^U$)audO#SebhQvmTT
z`Bw7wnL=mxw)9g|rhXd2H4S$iZ#XuO<XeX_twZ_Nu}tgOPB>dLuGzT@wRLyCbZ6?$
zi<=Gk=AlgUklYm9j_p|TBh#6YX?b`?t~v96Oh&io*H)%+A6mg1fA^^W3o*M#{O3K)
zFFcO(M@+wHYCb<|`o*Xj!fEpmF@H}`r?`^+8x<0<1X=1z8Z}k&M<*7lR0x*w%jkdy
z(lhh$f1CI6%T*nH9&?UEj#cB>jNtNy-1weL$1$6#mZ0&`!11sY(Nj3WRfEOTdJc-O
z^wfA3BiiTZV0YE;wogHW9q?+L#2*o_1MpUmO{&ogxoS#O&`{Vg@fNtm0k2%OO`Vl7
zl(!1NXfA=Y3`RSH7<=<6%K0Mw>?-lnl}iR*5p>)F3+{_`C3<K`YqM6c3|E8zZq5xU
zAT8~^px!1J6`rSXdi0W0j5UBqv+<X(0UlkAF991utlOqaUH}@sfAL3dN1yKWYQ>Ui
zJ41WamRU?ILPM*AM*^IQtv2`kAg5K}ZlRPqNa0GYL_>R83l^ASYkl5K0}D8ej?bGj
zXxXhstFD)-!s>iAmKve#&!g^SHR=}r*wi)9-UR8R5&r^B>2F_Ctx7yc>`3LdlcE^|
z&J&>+pczR(vPghzKsOWB@CE*rAYm-Q<^yau9!FA7Cjp=9C~Z$DD~LQE3DpD$Dj%#u
zSEpS?YJiN1qSeDsqrmDBQe}>bbOX1C8p3LG>$r=7t)=+9TMkF*1ye{_exzK@kMVF`
zKRFZ!E*Pv;Xve~ov~`Af8cv83QfVJhmEkJ^@jASVDU9@80W<=bs-{%Q3eGSX0~6wZ
zz%(QHPzE7@W}r#1V-_hv^hH|`7<q&ww;(1KQ<|l09j84yUFupuwH$%*5x~lTF9U!3
zHGo&mB)D#=&X%u0NO56@X@&$4#vux8O`{Zlslw4%D#fp^rBs81_!?sR4&J_t*}Rwy
zY8h48TS+yp{52-kXxulj^bnQ;R&g0K3V7SZ+alh605`?9lEiN$Bn9z5!z(!gP-Kl&
z-9C~n;_U+R!xq?!fgf&T%oEhrvTgH)P0&H^&#?!nuGHO-cXwvoom-Bq`+(+MS;kNH
z=GZ>UcKZ5v8uFvl@O#hvL7&`zMfQFv$A-$2&*ewYK{7A*UzNR)9DA)i`LW#KcByK-
zw<fdJKFUhhAJ{&VA3T#8JR=`CEBnvoZ0FHGQ|DO;d?-~BkLPUd1%LD1<8K|mJyjSx
z@{?mfIkwsJ&cOEvHe0qvx57Vq{)f+R&1M>hf7*Kc9M$eNY}q!`+y3qFkLTZ;-@YU_
zPW;mK3~1r&x=;)6$y?juM@uLbCfDzKSK2<3KQNg&Fq!Q?E$^H9DI7~Vle3*IG_>U#
z26GLAx6c#{L5BBQzP>+G-!In<Y#TA(>CA!C^8P8gW}2|Nph0dN+I5f;JMz|!tt0s!
z{8cE~KlPDqx?uO_?Hv5J8}fl?;a3Up_(!%Az&`IkF55ZvfC%uv>*7j!y!34i?MP!J
zbdek2gG<3dZaI}&lO~3T@gR8+j;p{K!`Mm?&Hx620i%cxBO>~Sq@6=Ua2^HBcteSW
zbmtr*J;<ps-1%wZQkq&$pc6QJUnK3-pd}vkE2;EIc@8y}8vqFzW)Z9hiA8b{zi1I$
zfWl4SwoOtM$1)tCk0u28fC!;QF+sf)yIOcOv7oq%K^1Ep*Ef1uAV9cwJo}~dSvAeV
z!HroH9{!!TQQ%6PF6fd7_a0`;c6RVFj4%;H#27Y%?-p>$I)2_tbi8hgwe*Z=8ZN<B
z`bI~%<b&z}Pf~vgo`%A9_;a9tU&Il167N7Kc!<{1^wKk8tHh0kU12xzpRHC?59F`R
zg&9k`V%7HY0v1i1U7`&aYP@2=Pljtk?dqHUUO68v8Td(GIX_*MlG<`DAnfSYF7V4M
zY7y<a{1x~g=y^-Tt}hX^h*rTqY1e5H{pmlY^9z=0Ue$@wnBv!L99MV|KbRwN>LeJR
zJ3l>D_7xo1wQ<uYS|3$CNWSLaKu2vj1<2ii6N2kEBsjkX6A-nF<dZ!`rT}J2y;dRy
zuFy|Tc(v%Mq_CJ+Qv5VR-B!qco$k^{Qnen9yUE2;T-pSRJv>2nBPQ`tn0(>~&~4%`
z;FfNrkSfa3L5j312zobq7VoN<1Zc%f>Q!<}S%<NpZurFy0AVA-mqsM4HlFivfPaga
zT!$r!OB)9{g%y$lkB%Ex@pBhyi^1w4Z~<?*b3_c+GrU2IC2mGBB>n?Z{onESKk%mQ
z|B8<SV)0QdT6K!Rl|#IRw+*-{t{8DLP(QVySP>4FAIlP<P+?zyFE9mM;?FUI)<Szq
z1)Ue^3-wzURyZ?==Mz;8nVqx_`rRuIHHhj%3Hf8aN=(&;nc?7fLJ<EE62FDpe=|{s
z{Wb_EA|Jqa9CXHQ-@%=+oxUAO_CAwipZ%Ziwt}w?jNFBWo(EReW7#<Kz{S+`Wxe}0
z;8PbS^Jzn&wk2OXn5iAyzLu>$L{wM4`a6G;t?310E9-t`?$72nr?(Gn%w^aSFura+
z2c}^#0JEMv+niyWH~aG~!AuJnsNtY)hMlA*IDCWK&;2<1UQ`}DE_+Yp*ppNN)pD=#
zZ#(|BV{`hQ^WQ(ewe%z5heEFH@CVoA*1h~h&(`eLv$A*OBX;z6yKq>d6Aw$A)_>mO
z*?V8Q2bR@SS<j?wn<U32P8&Xx(B}7_eA7neeWPW1pXq&D^K_T#{Vp?v<B+6XuuG`>
z1ulbdb{HB}y{NVZ)(|`-+I|Um_=+Fif)8>9;nP**<mTQZo$M;)5<dZqe}i3Sg#ez2
zwf^}G*|HT|6b^JJglII-rdXp<I9eZ#f~U(Z2|d|T%PWZ+#c#O40Z!olMU=|aVT=|<
zrB<)#2DLE1B9Zgz<Qps^mL}fD8?MCSDZHT*5IV2G3<LKZ^{i|(Nxq~*DnL}yxY#I`
zVl43;`Ud7jMJ(Yy$rvQH!U~`oIU3ztbKA2(&-w~~Li`uVhOH`n6WSVlF${(WM%KVS
zbTJ0!Crr~POzS^0u76~lzhzm25k|7Xxa%1(Shm8u3_P~yAK_#7nxWg!vU%YV1CQNV
zg9QNE;QJ>A%TDhje87owqxF^6Z@2#2_JYBZH`IS<sNY=LY0nr=J}{aM_J=0Mc*=lx
z?=B1PyETl_{7UPesqn9~eY*`jVG3?v!R~pz<+Ya0Lm4|)u=hQ%n~la@SGS?>PR~Oq
zyYHbJB2+XUcm-0v2p*)76jfU)>N{-(`$Vyv=M07^!=3mpLjqgULp7ilS}M7PB=4q-
zU!?3K1`pN&9{M`K>#kU#4$cBwQ=+lh95e9Q8E6hqz;JTY{}8-3Pd@ZQgxVZ6@Vfha
zMO4_V)3EkHUWe8MK7xM#-spPxLQlc#FW8?cwn>lS;B9G_fybu$*cp3>Z)z=^fb=1`
kk*@8AgkN7Y7!3|6iFMshXHCr?v$j7!13oWo3z>BPAK@ma9{>OV

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/cli/__pycache__/profile_loader.cpython-313.pyc b/src/iac_reverse/cli/__pycache__/profile_loader.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..22e7273808d0bbac8709161578892518a23ac0ff
GIT binary patch
literal 7222
zcma)BU2GItcD~hB{on2OFE+-QGBnsdwi_6X01rQ7uy+j%hPY^!jeDk3?yfdHw5xk>
zb%X5@XkN1Gc?#@gf>B1nktT{q+6QYMR!FNztir=ek)rPO?%Jt%B9ujnkn+&PM3d~k
z<eXbS-S)t0%F?adb?-g*-gD3S&UcSDgFzpG=U4w6`f#m-kl*1C>v5Wu&A)=mXG9{D
zNSx%j$We~H9n=AD{vv-tpn`~P!bRr=7j?0^<D#3o;hXcK=Yp4dFZifWByq>&4oiIP
zy_ZO?qnz=Z2094*c6SoV6AvEc&94pYs~5idjylY5p&3WSzfieCbLmW05wkftrBE@Q
zqv8)oF1;seNm&*1Mx!R)&J=Elih3(UbLy<37Q|aJ&B)U*PMOQgs+P&AQJ-&IR#RC;
zW3n>pjHp2YUEr%YTg(<RgQh%V2AozKFa)Hqd-$WViED{#Ba?T0IK=)rJeX3_G6=XM
z=H)^`p{gckR53}F6f7kpXT@|z$);dU*`lIFeJ^l_6A?}quE>QO@a9L<`G`Xgz+P`<
zV3$|t^NQ}5V29@J7rNr%_(y$HAKV#!zdzD<W_WlIf4u)zByuKxCuwNRC{0C^O*n5j
z);NLVBzTmRmmE}(c<P)HB2K;86#X94>lmdu`l1bnEF7DZGn$eTZ{JXC1=|_}?Sqz4
zyEVm%X*rYCqF=(6T)HQbP~}-Ak<fjK#B45A%wj!|Nc^ZMXU&#SB9YEet&q*AikgFF
zcOsF>C85%mNN5GQkVz&$k2Et~EGSwcLD7geaeMl)bHnk;u`8G3k}A{mxm-$#Ycv_p
z$jJm%ZYfk#;>m0#Zk}VpFq&w7o_b(3D{zk*{`xWbS7GEo1P^VpnzrcC4PWuu{7Wca
zr^mQc65_778~tcVker?5LxFlE7yIsnFJR>G#oJA!kmQZ~;?B5#$br2jUpydr24Mz}
z;2v^Ge(d=nM}tyeOFx1AavGyRVvtE}kQ!)c#uI7OgImt<#V(L79|QxyGu5_vNSfwm
z>+JeFdW=-e=X1264f_T~$?z6aw}z}fSxjY;1w$INF!LR#GktWRLNXeG@t3~sVlX_L
z(F$TNZMiZNr(t*7z3$YR+E%wR9IC!=ohxedYC)c3fML2Pzy#W~WxyFtEUKDP@aY1$
z?G4>Ul|qrKNfUrTnS`LBAV_U4!q?Bpl;vF{##xZ2I%1AV6UcCg^&B-TedasWK**E@
zx&Ws!u7MnJSW*<On@m|YM`8}iA@P!Mf_D&=pTbqJXOh9W^~-qgB{ANTqJkabp9P{K
z`GJu1Z<*I^^;Nj3kR>T5Of_0{Ypk_y`A-QsNL1HUi`640STb73`1c7Zf^PD2b<#Xj
ztybUd(o!&IofbSXcLR~UN9-LaT+B7uZjG+JV`Oq??Uz-%{u9Y}!q%ZkE}bXDPec-P
zg-P9dgg388ZYJdQvTM6M$bq!l$@#6_D_jp5AeNp|U>j+NNcO<|BANJyQ~Vy1h8}gN
z7qHe{d%KAYdR3iu@?A0KR?Co_s&mAd=F-HF841WdOom=A=2S%lP@c_EMXU=Ln#lZJ
zu6aC!zY#hEjx551_C73P^brd=v2a5%`qjr&h*?<$22C=jFvpG9?pik&#5w?NHHo3k
z$AX91dkZ?T2s136PqXP*NQd~Q<_hApB2q<84Zx}Zzu^u0N#?+LK`vV@t~jHDvu9E@
zn2-x{)VI)L&LN_pbgrnThDDvD3(jI8J$M{Kt4C3jIgH*D3p>x7G8lgVBr%a}SX^kc
z#ISV%FetP6!u&#$^;s^!0#eGHxX=zv0RRiuZ0dGa&gVfqOyy)<7KW@rukVPvtD&Ab
zT8jiJLWu5C<^T^h7O8Y0mseC>n3rd>x>u9a3X5mD7uV0!srxcOVGQN#0wSsIRn+3F
zLgj*@3y93R3)ZKoDZL@V)SECj9r5adrexC;37hW4eM1L8K`spgLAg4o=pM7PrgIrx
z$P|=W%?sV}JlI3Qc?e7lhPaJSMDg2xXw{B^rG89ab&|H7ORb+?SoE%kI@Usa%Aq}L
zp`LQ6XQMe>>K%SO^!Pw&|460zY$<TIDhS^1aT`r-_cF^ZE4Tlp>Dc4L8|}Lu-2Lg@
zWx3MccTf0+C(XyJJ`!mB<Rl8%f3nhisuVc&+~0OD_4(+Uzo+c)dDgyjaeQM}c=_tz
zoVoA5$8EItEQfz4thEo8+Xpu~2i80LS4LKjl%iv$j_+;qj$J#d#L>2+>LN`$AB66Q
zmW4I(NLf6xI$9Esl*F^YZ9MnVPrCZ60n*yFczGk(z9f8}S_|$g2lqW|?O1E=Ew}cr
z2$j~sQcJWHh(2!)uQ#ILmIe?UZ1`pn7X6#1V}E!aYWa)1pWNLf9Bvc$|L&8fCwyuD
zXr+0q6d3zMmB*IfYeS&GRsU!w`9=Gvm;Yt62dYoKzR`B~(-t1<?X2u<9pm_?(T35J
z{L_<8sOwG^8Mj0-0c4?xZB9c0bf24oxA9EYM?CYJ<e0({>;dM%BlA!lQ!eY<BpSlD
z=X#HY_F)nc<OrPn7_#p=s(go$Z9BBrg=;WAn>ov(2JBCr*@9VYOT(hXTEu*=U~uc~
zyag68z>e)yNh=gw-@v4L2)hbkXGk|li=55AW)vV&J}W1I22al;U}Y$9UW2`V7l?za
zNgc~TYyzIawyx$xlZ}V~GvHsym{L)n?wpki$r}_yUlJ5&KNxo~@^1bdiq9}s)wi16
zq#7IH-q6F2l5mRlc~9DBYzl(cq|HKV-|E;7ALFNCe2fnROJOw!L`T~iBp!K<B-BUr
zh;!lvF8T$|yRc*Ib=S1sg>Wxw<PEyA6a^O-=M2pi^SUFa>26Rm-uQHWMkz4Nj0p4y
zOrm>k$&_70^q{Hk1Uo;($6H2K!@VPn87Ss~3j{lI{oobjR*CUdp;2~$OeKtQREwU>
z=8|$&I~}zKd;oH^KZD|9vfkeH;G_E=Eg$~$?&A1*SI?u14==88e?75y>3K)zBi}>c
zqlSkK%X5{ELyPAD2g{-Gdb?O^6rY8<%AvmX_Hd~&jIhz%x6-lVE4_WK)cAuMfUuhi
zXuv@g-FXSkMd!hk^~QvGFHKw-xq5YMasoaVrz1S=g+<ZBSe%AJL-)7$8``!nefJ;T
z_Mf1D0VqBu)y|-|;q$YP#vhJX2~>a9@(N$Cx=EwB7TQ-1?OPtNgoa9<A-3QN`W6hM
zcsWVp3akgo5CfzSz%0P99n)ayK#Ltnel9~MLIqQLt+Cr=Q59l>O}~&{+wvtL#&0E2
zK(B2ISEF{S^9^%&4iO8?RQD86Xyb{wr)&~uwZCBn-t8*@$FvEzB@Z0QCgiH;4QugP
zgj4mtp@&ULRo@$W1Z)}py50Ey2<?Y!F|61o{dFs@&E}uN>oj{}&X_0Wjrn4JDR{ye
zCO~}cU;!le1ejj^`8Z<&z=R8RB)My$riEN{X^w+LbHLRCPBfRE^jI_0-d7x#;JSiD
z|FTnah|pVgrCAAQZs(em8ewjb#{ht?Aior4EA0cA!ss5mz-Ck+!g4)@-V%I}5e<u@
zK&T*-B-45O!fO!OoSM$e6oGZIJQMhsK^KR`%Xu~+Ytl!|UMZMr5oZ-mlV>0o1w3?X
z?g=F_CS4!3M(S4vV+_t`U*aJ+Q6Q}>*h0+Oa!dY>teh%8DrO*KW#p<fQHBe}Y(~Qr
z8B$i0e*@+Ai8dS70ccHRrVAaH%-+4$r(Q$WLUT;Lspf7o!p#x{Vz18iE(D{ZnO;zk
zwfk%NGHqc`Z{4rnI?inpX2kJSJ_o0!>1|Zeaz&a{5(UVcL24-rL_*U;auEVI<lk;4
z3b~t#8gWv%9TIvGi}$d&gvA6D5kDQqI+_|ql+b<GFxoScZ2)KwHifaNC1E0G-3sYh
zY#ze`jXn}Epw|XI-HjI-Wv-wHEagC=i?RjjT%N5-Z?(=ZQ7?JxN;O0uv@h#n!HXV%
zuX@*&Epclr-_Jo0Z5*5c@VlGzA1c4~&b<pu#if~Y^MNPLi|%K@ujlU1E&D3%{fmKr
z5A9;S^vo0Y<N4D5^OfccrND)%;PN(XwC`JfuhM>aalG0<V9<^GH<s?KOjmXsUi5E-
zb}sdQQCJHNltTj`V7>Y9YVYdKQsX<dAO@^m46p4uR^D^$vA?oswB+dm^88@@{`k^V
zr8NTg12O#fp1<{!BJWnjk&<WkdS~~ezK4CKeM6Pbql=+eE)v*rFZYGE=I<~2``5eo
zu64g%?tXjqOr`tW;^pU|&h@t4>m38@JNB&aJ+|J}|I+Vj^i_$=>-*nV2T5b+CJ|s4
zxVZ3ge0gHEXZ8E5C#r-y)&2FMla=mMUj<eUKf3+-?XLp=_v`LcrQN52jW@l^ZSp+w
zcs|%r<w3yjHDqdE`OihjKSsJo2l%J%w$a_KPrDkS&dzfS`$nU};I#Q)P<%!X5y%?7
zHn>??BY?m6&CJSBEv!MFMgRfq*&cpmfMNjb*ReM{UvqsQQi4kd>q8~Tv?2BlGVSnZ
zP7SYG2sLH?kdW(VV?2|eFtaeg3?tmaKTRshBGodt6yWNHjUzk$R;qq`(%dH8wY){0
zV{AcV$RF04#GA_eAR7!B1;{gRPhxCGal8STHv(fy@rHb>?lMsW)~F9M+)j26rVJ2j
zZjaDFuRsAX!)O=63}hcnNY;5+6hjgXO@Vo@;kr0R@7d<M-$t0fgKk<D3h>`%5<al#
zS?}Dx*4ba~?Eh`&;3pRr&!O|}|Dt6rw7(qM4^Ffu4wc2B)mTM*=bq=&;6~G~rLixD
z)|&dtO?}U>`FL48{<y6op223g_4XWCYWXzyvWe`9!W4}iiy<R5jycB&HxX&1Xa^J#
zhz7BM_)I8L8Uz0JVh!Psf_<52$kc)+tMh=>45yfuD8z5V^7_Ucm`I?QG-L&GMeWa_
z_%V6ua63KK=C_;;OD$CbujSU|o8_LjUtzs^o$GQQU6!f@UMtcod{s}A6Q^GCLr&j%
zYsXT{QgW%|{zR4i?vJjvemTtQ&%CYw<AgrdEZ5@fSShTYd)%@*{^i{&fuB#pPqbg1
zdouUS=r{P&SRpPBRKT`-92fd76uKL8CfUrinZ1Dk1cpO#!?YXQo9q5F5ruz;C|QjK
z7^WwT3bT0#_w*e0^^VOY6~-5gK*ZF6%CD(N_nb8Tr*fLg&;W1_pbiB<6vw@E2%NAP
zAe`^ti1%yK@ip1;JL3OOa=hvxtvenJ|8%(2eX7!Ox<ndZxgf)^wDT2#*EfOp9bCtM
J6D-+G{|}-Y<>>$b

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/cli/cli.py b/src/iac_reverse/cli/cli.py
new file mode 100644
index 0000000..2cbf564
--- /dev/null
+++ b/src/iac_reverse/cli/cli.py
@@ -0,0 +1,444 @@
+"""CLI entry point for the IaC Reverse Engineering tool.
+
+Provides commands for scanning infrastructure, generating Terraform code,
+running incremental diffs, validating output, and authenticating via Authentik SSO.
+"""
+
+import sys
+from pathlib import Path
+from typing import Optional
+
+import click
+import yaml
+
+from iac_reverse.models import (
+    ProviderType,
+    ScanProfile,
+    ScanProgress,
+)
+
+
+def _load_scan_profile(profile_path: str) -> ScanProfile:
+    """Load a ScanProfile from a YAML file.
+
+    Args:
+        profile_path: Path to the YAML scan profile file.
+
+    Returns:
+        A ScanProfile instance.
+
+    Raises:
+        click.ClickException: If the file cannot be read or parsed.
+    """
+    path = Path(profile_path)
+    if not path.exists():
+        raise click.ClickException(f"Profile not found: {profile_path}")
+
+    try:
+        with open(path, "r", encoding="utf-8") as f:
+            data = yaml.safe_load(f)
+    except yaml.YAMLError as e:
+        raise click.ClickException(f"Invalid YAML in profile: {e}")
+
+    if not isinstance(data, dict):
+        raise click.ClickException("Profile must be a YAML mapping")
+
+    provider_str = data.get("provider", "")
+    try:
+        provider = ProviderType(provider_str)
+    except ValueError:
+        raise click.ClickException(
+            f"Unknown provider '{provider_str}'. "
+            f"Supported: {[p.value for p in ProviderType]}"
+        )
+
+    return ScanProfile(
+        provider=provider,
+        credentials=data.get("credentials", {}),
+        endpoints=data.get("endpoints"),
+        resource_type_filters=data.get("resource_type_filters"),
+        authentik_token=data.get("authentik_token"),
+    )
+
+
+def _create_plugin(profile: ScanProfile):
+    """Create the appropriate provider plugin for a scan profile.
+
+    Args:
+        profile: The ScanProfile specifying the provider.
+
+    Returns:
+        A ProviderPlugin instance for the profile's provider.
+
+    Raises:
+        click.ClickException: If the provider plugin cannot be created.
+    """
+    from iac_reverse.scanner.docker_swarm_plugin import DockerSwarmPlugin
+    from iac_reverse.scanner.kubernetes_plugin import KubernetesPlugin
+    from iac_reverse.scanner.synology_plugin import SynologyPlugin
+    from iac_reverse.scanner.harvester_plugin import HarvesterPlugin
+    from iac_reverse.scanner.bare_metal_plugin import BareMetalPlugin
+    from iac_reverse.scanner.windows_plugin import WindowsPlugin
+
+    plugin_map = {
+        ProviderType.DOCKER_SWARM: DockerSwarmPlugin,
+        ProviderType.KUBERNETES: KubernetesPlugin,
+        ProviderType.SYNOLOGY: SynologyPlugin,
+        ProviderType.HARVESTER: HarvesterPlugin,
+        ProviderType.BARE_METAL: BareMetalPlugin,
+        ProviderType.WINDOWS: WindowsPlugin,
+    }
+
+    plugin_class = plugin_map.get(profile.provider)
+    if plugin_class is None:
+        raise click.ClickException(
+            f"No plugin available for provider '{profile.provider.value}'"
+        )
+
+    return plugin_class()
+
+
+def _progress_callback(progress: ScanProgress) -> None:
+    """Display scan progress to the user."""
+    click.echo(
+        f"  [{progress.resource_types_completed}/{progress.total_resource_types}] "
+        f"Scanning {progress.current_resource_type}... "
+        f"({progress.resources_discovered} resources found)"
+    )
+
+
+@click.group()
+@click.version_option(version="0.1.0", prog_name="iac-reverse")
+def cli():
+    """IaC Reverse Engineering Tool.
+
+    Reverse-engineer on-premises infrastructure into Terraform HCL code and state files.
+    """
+    pass
+
+
+@cli.command()
+@click.option(
+    "--profile",
+    required=True,
+    type=click.Path(exists=True),
+    help="Path to YAML scan profile.",
+)
+def scan(profile: str):
+    """Scan infrastructure and display discovered resources.
+
+    Loads the scan profile, connects to the provider, and discovers
+    all matching resources.
+    """
+    from iac_reverse.scanner.scanner import Scanner
+
+    click.echo(f"Loading scan profile: {profile}")
+    scan_profile = _load_scan_profile(profile)
+
+    click.echo(f"Provider: {scan_profile.provider.value}")
+    click.echo("Creating plugin...")
+    plugin = _create_plugin(scan_profile)
+
+    click.echo("Starting scan...")
+    scanner = Scanner(profile=scan_profile, plugin=plugin)
+
+    try:
+        result = scanner.scan(progress_callback=_progress_callback)
+    except Exception as e:
+        raise click.ClickException(f"Scan failed: {e}")
+
+    click.echo("")
+    click.echo(f"Scan complete: {len(result.resources)} resources discovered")
+
+    if result.warnings:
+        click.echo(f"Warnings: {len(result.warnings)}")
+        for w in result.warnings:
+            click.echo(f"  ⚠ {w}")
+
+    if result.errors:
+        click.echo(f"Errors: {len(result.errors)}")
+        for e in result.errors:
+            click.echo(f"  ✗ {e}")
+
+
+@cli.command()
+@click.option(
+    "--profile",
+    required=True,
+    type=click.Path(exists=True),
+    help="Path to YAML scan profile.",
+)
+@click.option(
+    "--output-dir",
+    required=True,
+    type=click.Path(),
+    help="Output directory for generated Terraform files.",
+)
+def generate(profile: str, output_dir: str):
+    """Run full pipeline: scan → resolve → generate → state → validate.
+
+    Scans infrastructure, resolves dependencies, generates Terraform HCL
+    code, builds state file, and validates the output.
+    """
+    from iac_reverse.scanner.scanner import Scanner
+    from iac_reverse.resolver.resolver import DependencyResolver
+    from iac_reverse.generator.code_generator import CodeGenerator
+    from iac_reverse.state_builder.state_builder import StateBuilder
+    from iac_reverse.validator.validator import Validator
+
+    output_path = Path(output_dir)
+    output_path.mkdir(parents=True, exist_ok=True)
+
+    # Step 1: Scan
+    click.echo(f"Loading scan profile: {profile}")
+    scan_profile = _load_scan_profile(profile)
+    plugin = _create_plugin(scan_profile)
+
+    click.echo("Step 1/5: Scanning infrastructure...")
+    scanner = Scanner(profile=scan_profile, plugin=plugin)
+
+    try:
+        scan_result = scanner.scan(progress_callback=_progress_callback)
+    except Exception as e:
+        raise click.ClickException(f"Scan failed: {e}")
+
+    click.echo(f"  Found {len(scan_result.resources)} resources")
+
+    # Step 2: Resolve dependencies
+    click.echo("Step 2/5: Resolving dependencies...")
+    resolver = DependencyResolver(scan_result)
+    graph = resolver.resolve()
+    click.echo(
+        f"  Resolved {len(graph.relationships)} relationships, "
+        f"{len(graph.cycles)} cycles detected"
+    )
+
+    # Step 3: Generate code
+    click.echo("Step 3/5: Generating Terraform code...")
+    generator = CodeGenerator()
+    code_result = generator.generate(graph, [scan_profile])
+    click.echo(f"  Generated {len(code_result.resource_files)} resource files")
+
+    # Write generated files to output directory
+    for gen_file in code_result.resource_files:
+        file_path = output_path / gen_file.filename
+        file_path.write_text(gen_file.content, encoding="utf-8")
+
+    if code_result.variables_file.content:
+        (output_path / code_result.variables_file.filename).write_text(
+            code_result.variables_file.content, encoding="utf-8"
+        )
+    if code_result.provider_file.content:
+        (output_path / code_result.provider_file.filename).write_text(
+            code_result.provider_file.content, encoding="utf-8"
+        )
+
+    # Step 4: Build state
+    click.echo("Step 4/5: Building Terraform state...")
+    state_builder = StateBuilder()
+    state_file = state_builder.build(code_result, graph, provider_version="1.0.0")
+    state_json = state_file.to_json()
+    (output_path / "terraform.tfstate").write_text(state_json, encoding="utf-8")
+    click.echo(f"  State file: {len(state_file.resources)} entries")
+
+    if state_builder.unmapped_resources:
+        click.echo(f"  Unmapped: {len(state_builder.unmapped_resources)} resources")
+
+    # Step 5: Validate
+    click.echo("Step 5/5: Validating output...")
+    validator = Validator()
+    validation = validator.validate(str(output_path))
+
+    if validation.validate_success:
+        click.echo("  ✓ Validation passed")
+    else:
+        click.echo("  ✗ Validation failed")
+        for err in validation.errors:
+            click.echo(f"    {err.file}:{err.line} - {err.message}")
+
+    # Summary
+    click.echo("")
+    click.echo("Generation complete:")
+    click.echo(f"  Output directory: {output_dir}")
+    click.echo(f"  Resource files: {len(code_result.resource_files)}")
+    click.echo(f"  Total resources: {len(scan_result.resources)}")
+
+
+@cli.command()
+@click.option(
+    "--profile",
+    required=True,
+    type=click.Path(exists=True),
+    help="Path to YAML scan profile.",
+)
+def diff(profile: str):
+    """Run incremental scan and display changes.
+
+    Loads the previous snapshot, runs a new scan, compares results,
+    and displays the change summary.
+    """
+    from iac_reverse.scanner.scanner import Scanner
+    from iac_reverse.incremental.snapshot_store import SnapshotStore
+    from iac_reverse.incremental.change_detector import ChangeDetector
+
+    click.echo(f"Loading scan profile: {profile}")
+    scan_profile = _load_scan_profile(profile)
+    plugin = _create_plugin(scan_profile)
+
+    # Load previous snapshot
+    click.echo("Loading previous snapshot...")
+    snapshot_store = SnapshotStore()
+    scanner = Scanner(profile=scan_profile, plugin=plugin)
+    profile_hash = scanner._compute_profile_hash()
+    previous = snapshot_store.load_previous(profile_hash)
+
+    if previous is None:
+        click.echo("  No previous snapshot found (first scan)")
+
+    # Run current scan
+    click.echo("Scanning infrastructure...")
+    try:
+        current = scanner.scan(progress_callback=_progress_callback)
+    except Exception as e:
+        raise click.ClickException(f"Scan failed: {e}")
+
+    # Compare
+    click.echo("Comparing with previous scan...")
+    detector = ChangeDetector()
+    summary = detector.compare(current, previous)
+
+    # Store new snapshot
+    snapshot_store.store_snapshot(current, profile_hash)
+    click.echo("  Snapshot saved")
+
+    # Display results
+    click.echo("")
+    click.echo("Change Summary:")
+    click.echo(f"  Added:    {summary.added_count}")
+    click.echo(f"  Removed:  {summary.removed_count}")
+    click.echo(f"  Modified: {summary.modified_count}")
+
+    if summary.changes:
+        click.echo("")
+        for change in summary.changes:
+            symbol = {"added": "+", "removed": "-", "modified": "~"}
+            s = symbol.get(change.change_type.value, "?")
+            click.echo(
+                f"  {s} {change.resource_type}/{change.resource_name}"
+            )
+
+
+@cli.command()
+@click.option(
+    "--dir",
+    "output_dir",
+    required=True,
+    type=click.Path(exists=True),
+    help="Path to directory containing Terraform output to validate.",
+)
+def validate(output_dir: str):
+    """Validate existing Terraform output.
+
+    Runs terraform init, validate, and plan against the specified
+    directory and reports results.
+    """
+    from iac_reverse.validator.validator import Validator
+
+    click.echo(f"Validating: {output_dir}")
+    validator = Validator()
+    result = validator.validate(output_dir)
+
+    click.echo("")
+    click.echo("Validation Results:")
+    click.echo(f"  terraform init:     {'✓' if result.init_success else '✗'}")
+    click.echo(f"  terraform validate: {'✓' if result.validate_success else '✗'}")
+    click.echo(f"  terraform plan:     {'✓' if result.plan_success else '✗'}")
+
+    if result.correction_attempts > 0:
+        click.echo(f"  Auto-corrections:   {result.correction_attempts}")
+
+    if result.errors:
+        click.echo("")
+        click.echo("Errors:")
+        for err in result.errors:
+            location = f"{err.file}:{err.line}" if err.file else "(general)"
+            click.echo(f"  ✗ {location} - {err.message}")
+
+    if result.planned_changes:
+        click.echo("")
+        click.echo(f"Planned Changes ({len(result.planned_changes)}):")
+        for change in result.planned_changes:
+            click.echo(
+                f"  {change.change_type}: {change.resource_address}"
+            )
+
+    if result.validate_success and result.plan_success:
+        click.echo("")
+        click.echo("✓ All validations passed - no drift detected")
+    elif result.validate_success and not result.plan_success:
+        click.echo("")
+        click.echo("⚠ Validation passed but drift detected")
+
+
+@cli.command()
+@click.option(
+    "--url",
+    required=True,
+    help="Authentik instance URL (e.g., https://auth.internal.lab).",
+)
+@click.option(
+    "--client-id",
+    required=True,
+    help="OAuth2 client ID for this tool.",
+)
+@click.option(
+    "--client-secret",
+    prompt=True,
+    hide_input=True,
+    help="OAuth2 client secret (prompted if not provided).",
+)
+def login(url: str, client_id: str, client_secret: str):
+    """Authenticate with Authentik SSO.
+
+    Performs OAuth2/OIDC authentication and stores the token
+    for use by subsequent commands.
+    """
+    from iac_reverse.auth.authentik_auth import (
+        AuthentikAuthProvider,
+        AuthentikConfig,
+        AuthenticationError,
+    )
+
+    click.echo(f"Authenticating with Authentik at {url}...")
+
+    config = AuthentikConfig(
+        base_url=url,
+        client_id=client_id,
+        client_secret=client_secret,
+    )
+
+    provider = AuthentikAuthProvider()
+
+    try:
+        session = provider.authenticate_user(config)
+    except AuthenticationError as e:
+        raise click.ClickException(f"Authentication failed: {e}")
+
+    # Store token in local config directory
+    token_dir = Path(".iac-reverse")
+    token_dir.mkdir(parents=True, exist_ok=True)
+    token_file = token_dir / "token"
+    token_file.write_text(session.access_token, encoding="utf-8")
+
+    click.echo(f"✓ Authenticated as user: {session.user_id}")
+    click.echo(f"  Groups: {', '.join(session.groups) if session.groups else 'none'}")
+    click.echo(f"  Token stored in {token_file}")
+
+
+def main():
+    """Main entry point for the CLI."""
+    cli()
+
+
+if __name__ == "__main__":
+    main()
diff --git a/src/iac_reverse/cli/profile_loader.py b/src/iac_reverse/cli/profile_loader.py
new file mode 100644
index 0000000..cf4341b
--- /dev/null
+++ b/src/iac_reverse/cli/profile_loader.py
@@ -0,0 +1,184 @@
+"""Profile loader for YAML scan profiles with environment variable expansion.
+
+Handles loading single and multi-profile YAML files, expanding ${ENV_VAR}
+and ${ENV_VAR:-default} patterns in credential field values.
+"""
+
+import os
+import re
+from pathlib import Path
+from typing import Any
+
+import yaml
+
+from iac_reverse.models import ProviderType, ScanProfile
+
+
+# Pattern matches ${VAR_NAME} or ${VAR_NAME:-default_value}
+_ENV_VAR_PATTERN = re.compile(r"\$\{([^}:]+)(?::-([^}]*))?\}")
+
+
+class ProfileLoaderError(Exception):
+    """Raised when profile loading or env var expansion fails."""
+
+    pass
+
+
+class ProfileLoader:
+    """Loads scan profiles from YAML files with environment variable expansion.
+
+    Supports:
+    - Single profile YAML (a dict with provider, credentials, etc.)
+    - Multi-profile YAML (a list of profile dicts)
+    - ${ENV_VAR} expansion in credential values
+    - ${ENV_VAR:-default} syntax for defaults when env var is unset
+    """
+
+    def load(self, path: str) -> list[ScanProfile]:
+        """Load one or more ScanProfiles from a YAML file.
+
+        Args:
+            path: Path to the YAML scan profile file.
+
+        Returns:
+            A list of ScanProfile instances.
+
+        Raises:
+            ProfileLoaderError: If the file cannot be read, parsed, or contains
+                invalid profile data.
+        """
+        file_path = Path(path)
+        if not file_path.exists():
+            raise ProfileLoaderError(f"Profile not found: {path}")
+
+        try:
+            with open(file_path, "r", encoding="utf-8") as f:
+                data = yaml.safe_load(f)
+        except yaml.YAMLError as e:
+            raise ProfileLoaderError(f"Invalid YAML in profile: {e}")
+
+        if data is None:
+            raise ProfileLoaderError("Profile file is empty")
+
+        if isinstance(data, list):
+            # Multi-profile YAML
+            profiles = []
+            for i, item in enumerate(data):
+                if not isinstance(item, dict):
+                    raise ProfileLoaderError(
+                        f"Profile at index {i} must be a YAML mapping"
+                    )
+                profiles.append(self._parse_profile(item, index=i))
+            return profiles
+        elif isinstance(data, dict):
+            # Single profile YAML
+            return [self._parse_profile(data)]
+        else:
+            raise ProfileLoaderError(
+                "Profile must be a YAML mapping or a list of mappings"
+            )
+
+    def expand_env_vars(self, value: str) -> str:
+        """Expand ${ENV_VAR} and ${ENV_VAR:-default} patterns in a string.
+
+        Args:
+            value: String potentially containing env var references.
+
+        Returns:
+            The string with all env var references replaced by their values.
+
+        Raises:
+            ProfileLoaderError: If an env var is not set and no default is provided.
+        """
+
+        def _replace(match: re.Match) -> str:
+            var_name = match.group(1)
+            default_value = match.group(2)
+
+            env_value = os.environ.get(var_name)
+            if env_value is not None:
+                return env_value
+
+            if default_value is not None:
+                return default_value
+
+            raise ProfileLoaderError(
+                f"Environment variable '{var_name}' is not set and no default provided"
+            )
+
+        return _ENV_VAR_PATTERN.sub(_replace, value)
+
+    def _parse_profile(
+        self, data: dict[str, Any], index: int | None = None
+    ) -> ScanProfile:
+        """Parse a single profile dict into a ScanProfile.
+
+        Args:
+            data: Dictionary with profile configuration.
+            index: Optional index for error messages in multi-profile files.
+
+        Returns:
+            A ScanProfile instance with env vars expanded in credentials.
+
+        Raises:
+            ProfileLoaderError: If required fields are missing or invalid.
+        """
+        context = f" at index {index}" if index is not None else ""
+
+        provider_str = data.get("provider")
+        if not provider_str:
+            raise ProfileLoaderError(f"Missing 'provider' field{context}")
+
+        try:
+            provider = ProviderType(provider_str)
+        except ValueError:
+            raise ProfileLoaderError(
+                f"Unknown provider '{provider_str}'{context}. "
+                f"Supported: {[p.value for p in ProviderType]}"
+            )
+
+        credentials = data.get("credentials", {})
+        if not isinstance(credentials, dict):
+            raise ProfileLoaderError(
+                f"'credentials' must be a mapping{context}"
+            )
+
+        # Expand env vars in credential values recursively
+        expanded_credentials = self._expand_credentials(credentials)
+
+        endpoints = data.get("endpoints")
+        resource_type_filters = data.get("resource_type_filters")
+        authentik_token = data.get("authentik_token")
+
+        # Expand env vars in authentik_token if it's a string
+        if isinstance(authentik_token, str):
+            authentik_token = self.expand_env_vars(authentik_token)
+
+        return ScanProfile(
+            provider=provider,
+            credentials=expanded_credentials,
+            endpoints=endpoints,
+            resource_type_filters=resource_type_filters,
+            authentik_token=authentik_token,
+        )
+
+    def _expand_credentials(self, credentials: dict[str, Any]) -> dict[str, str]:
+        """Recursively expand environment variables in credential values.
+
+        Args:
+            credentials: Dictionary of credential key-value pairs.
+
+        Returns:
+            Dictionary with all string values having env vars expanded.
+        """
+        expanded: dict[str, str] = {}
+        for key, value in credentials.items():
+            if isinstance(value, str):
+                expanded[key] = self.expand_env_vars(value)
+            elif isinstance(value, dict):
+                # Recursively expand nested dicts
+                expanded[key] = self._expand_credentials(value)
+            else:
+                # Keep non-string values as-is (numbers, booleans, etc.)
+                expanded[key] = value
+        return expanded
diff --git a/src/iac_reverse/generator/__init__.py b/src/iac_reverse/generator/__init__.py
new file mode 100644
index 0000000..af00c16
--- /dev/null
+++ b/src/iac_reverse/generator/__init__.py
@@ -0,0 +1,15 @@
+"""Code generator module for Terraform HCL output."""
+
+from iac_reverse.generator.code_generator import CodeGenerator
+from iac_reverse.generator.provider_block import ProviderBlockGenerator
+from iac_reverse.generator.resource_merger import ResourceMerger
+from iac_reverse.generator.sanitize import sanitize_identifier
+from iac_reverse.generator.variable_extractor import VariableExtractor
+
+__all__ = [
+    "CodeGenerator",
+    "ProviderBlockGenerator",
+    "ResourceMerger",
+    "VariableExtractor",
+    "sanitize_identifier",
+]
diff --git a/src/iac_reverse/generator/__pycache__/__init__.cpython-313.pyc b/src/iac_reverse/generator/__pycache__/__init__.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..401294b5eb296360da3cefe1c3bedf9549a1fa03
GIT binary patch
literal 664
zcmZ`$%}T>S5Z<I|l2+?4cq}<6*h@W$AX3DlmBgQF#8Y5d(`|{SO_?M`z4;J6gpc84
z80bkncoX{q&aQ3oPzUzQH=CK+@7o=fN=1V4{knK-sf4_XWD=Om7@gqfnYaXqtGKG8
z*ea-&;5jE}YoJN4IeA+LUGltR*d~~g>rTNgLeU~y#5FDynCqC8!sAvwYH_Q>dmLC2
zfz^##X~?ZM(kl+YkaVr%`iT{#Nk2`hpF&AR$x5QHF=@k%wI)P^pvB=JjQqR5e-<uz
z9Hrp%Qw|*tSi2gtUXTQjoMJ;S3EF|&UcP1!u$zz{-Y39(lvBw=4$lKkKwf|$Ku0*M
z%x4Crt;nY|TMw8|fe$#uygD^g^-&|8rgGGOrTwvbdL!h^1GA0UQ(<g}cBLPwD=W{g
zofwspv(4E>gRyPOC%&akVUL9&r7vWJhDo+l-}NpJo9CX}W6%~4;Kks3e};NfvmT`Z
y-Z7=s{zGQ&{XT0AR&b7jD=s5^<rGDEBikROHYAN9*&hmW^sVW0>XQLWSn>mK(9ID5

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/generator/__pycache__/code_generator.cpython-313.pyc b/src/iac_reverse/generator/__pycache__/code_generator.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..e530002cde3c4536ba657721efadfa79ad69a869
GIT binary patch
literal 10424
zcmds7U2GdycD}=Z4u3^ak|kO4SpSS|O4g4ZIkscjmg7j4?Q%?4fw*AD<Vd1Tk;)y)
ziIlhq0_;NG%_1@iH);`JmG&WC^u_H{9{RA|=Wao+T$4L>7Y4d*kvBRvYV2Fjx${Fx
zk&QeS9guhK+~0HWx#yhkoSEl7A5Y*q`cHwI#Rwt)fe*%I(=*S14Vn8yB$SApXqo0H
z2Y2hVWy(se0+!jPZBuq?pK?$Kd$vzIr(D#<@{Vcu6i@jn5A{rWsdvgpeN%qwp9;{x
zRFDP*lHg)p#+0>t7fFQ1IPIA>icT69U9?GbCz?e*(K2ciJ#FNsjqck=x`^m)BcgB2
zqPK2kWqv3Nm}PAXmPk-K0|Q<>cS%U))3UH2=VU4s@>Ez+GPwm|DwDe@4GRT%X*nwu
zWF^Y;S7|=Il9CnSnoOxQpQlR#cAw8=p=_S!mjp>TFE7ivw46(=zC)$uMM27?g=|JC
z2>E$IOi4KygSC(HSLlM2%dA1y{7PYYr6Al`6{xJ_S7=HW3aiVqFp$s5LbNc?W)PNT
z%8Db0g-kA$T}eaF0+mv-bR(0^6ju3EerZY06_mq*L{p2If}AR>Q2B_mET=N_nUqkF
z7L>uPbVJT!6QFBF*|8R5a-PcbGKD4Js$f4dxq?iO7_~y$SYZY?<y+k4%MniXq~&>O
zC0j^mQiX^`^-Sh&XJ|f$6si1KNs%w*rL;_;WupS?F2Kr@8Q7=-&<4d$HGB@(@Q%iX
zOg<Nr6&OtooLgR*s9TO2*tNrI=zK;=<!=MUY3ReYPxa~J$mt8f95rlI#AM(l46ZC@
zmQ_z3KO{FCmydecdd-z)awbC*q4y5oEr@LR6T(LynKjXsT;}~1T#In$4s4yyz^?ix
zMro3<_0F9xVMldgKADr2Wa!@|e8lTi+>%!h3%8~0iVO^>%_bEJG;?DG4<vASNg0SB
zWdc$JJzxmo6y~*#KoE=u=MmWm&EO$3UmFV#1QtVgmW7_i?C_jq6kz82RABR+^9yWA
zdN;O`Q)Y=lOxI3o1i>H=i26Qt_2-OHsc#IF@7R&u?F9XVD#?5fHe(KU1H0V0^P`>9
zYdfP&Z4jdGle7VvL7&dxUHzQ@XHEl1Dae$ZPS%bEZq@&b;{fMUW0B4j)y~e5>Yy^{
zwOmTK229JlA+^H)`G0{J-zRfsU7XD6c7PB=`wy@#gh(Dj;>3J{b|Tk9L`%=k{)XM#
zv;Uk^9}Gq^?9;CPE~CX>^Z$VUj#u^v(&HostJr;sR?%k6wr9OvbQtwHPPE54KN0OC
z)?Ji)jd6{(=3Wis%#Gx_MX?ML#nMPF`U%Nd<^o2KxW(9wtCpD{As!--oHb_=ouVt&
zV6>{;<5r{n5hxVhnC_w`WVHSsH90~CNzN9x#hQ#ZwY$h0BMZ1&EwvgWH>PJ`6}^P4
zz&TjH{)(|YaXajkw{D#dV{|_mu^D-R%=Bw(e#JPxT1(Nt=YE)D!HKlTiNPPmBEWv<
zEb}B1SR1?m5JV~f>bSaESOjgSDOyPZ>&}n~zyiQDSwR7tkz0tWwgO#|Rr|b@Rb-V*
ztXUEXmFt3Am&(npSq=*-_al}2Xw5Fb)wO2p0{yvW1wE~De8j8r89+u#K>}o;+HU0Y
zS=9>IK()f~FlaU}6;vmc0WM)Zf*!RY3Bn5`CKpp#&5WqFoB2#mwINJU9nvzQCDqPM
zS;R@<6cN=aD=BGNPOCO7raf3@&t`J6qH?!X?zVz5hZMr4o;r6T5u3bvB_ZY{I*$+{
zq0m$!Bc+m522h~L2@}~R5a=b%$LR7Z6<{cqh>%eb5Pm}b;B46F{W4s3c9xu-zi;ha
zzg=`4+Ik0)C+^0L$uCFB?gJ(FfhU2`#@Nr+imq0zc&zL`SaKiSU97i$8fy9C$h{+5
zwypW?(2;UztP~o1nEGaHJ2bKGtTco+j&DRZkFNiD(bb_1H(GWJCAaXqu@l?DxBemi
z;M${xuC39>4Fi84U$+;7Z&hIWYhS!~@4d~H?WW#Rp!b2b6gXrOsdujgL+kd6%lEnW
zu6ILx<Z7*iTfdmTH~p70ch9d+RJ;wJU%Go~b8M?&%epoCXkh%CgWCfqi~XmHt*0M*
z-+pE#O<hm*-tkAS_DZ1f^VPenn@!t+14Y+?r$G1EM*n8R`o~3A`yan+A`K@M)K|Yg
z-ZUAtr66ZshBA466^ibY1Oc~!P>aY>t7xG%(VDP}Hu&4&??^Zj&IIH}Ep}*)f6<w6
z)k;Qr(ZvA2TXa)?fsc69#$=2cL+M6Vj_D}uTM9kb&b^BOHV1M5hZD>>U`_@C5t2(L
z8iI_JUS$B#!2D2z=9P(#&%gl;!>LXkv#D+q{;7?7SYr@5fJ!M-hXXxmkF4;2eg=~J
zWHy+EyLQbAS<`aO4rNWtHG3wDJ=isSHEUX=1rp&d|I$vQP(ueX8N%c!CZM88#G%?0
zIXnN#28>ynB+)mZgX&5qGXTz$Np=4o`x!NASD>wO0FqBgHAp%SJ#w{GS~@@TR$9A0
z^H;i$J#q<^@V=kBpF<N8v1=4DDv_)jsh5FqFeRd2n37K>m%ziyV&0ofzP}=6^_oC3
zIiI0Q0kuFb57o|OGM!H)lXO3hhm@%H!pd@1rd?QY3=5i)Nl;dWOsWnYC6m7-^i6Dn
z%cY0S1TxAMNPa?oXPc?oy!O_oEp1gh+^Y@}YN|Rh=OW>jsvC1W>FnA9k$WIMaD6pc
z>KLwiu-HoijT<AI){Qss=3e@sM4Jnz*&z%DCV2iYP_u_Hghe|$-b@tW=)>V>LSRj}
zM;-dn=fV5+fcNW7_@Lg8^_sYd9#-bjpR9?%s0)2!@Q;I{FVP_SS-t-it$olsz*>jI
zAk1J*_`ttzU?q)gPAlv0)A~bQh}DI~M%uJsi!`aeI!`W7zr72Tt-Ulnve$agCYE0n
z7SMeLr+Xrml9vl$(tfaOeOOpF9QAq!nnwrPkYdfj{vcCW+~Gq*C}1xinz={JXXb0J
zzd6({ciCJ6^N%S)qRTtLDk=k}06vCHJy@MHh1`H75KMs(%eXa8YRUjWjHv)%0R4)Y
zK-4H9WX?EdCNza{@SLz~!5Xox9eWpDaVZPlxKLP>cZWjQ2I-Lyx#rMEuSKk?0}MWB
zN7V!1Vkvnen@`<RR9_ac#<Ko+IpUy5E5%7wTM~v)Js2nf!9=yHwkKng;+1&p++_0X
zr7P#Alh-C^u3nnBHkrIWth$qiB93qrcSJ$uC}@()B)oaYK{K_}J#34L25fowz>~&~
zzc^Xhx4+WX`OIl+;@54Txj}y0I)BmnSFPpNXsI>&XmDz~b$Z?Qb3c<;)y@u|>Vk8`
zf;B0VF)%1b$Qb+n5%lwY66a!2u=@gRY*j2n8a9R_kROSe+Pu~_ZcSQd01Y#AY|B~a
zOy<m)7Q;Y_IY8+#lcBXS0JRE$y&bdHV=Q)8tHB%&81wBc!>723TLG(r%0voYJG=8$
z>twULW<QJ}cH4Ema(0)os@m*;;N5eu7upqf#u|-$?QV#L(HquY&=LFJL4R-D10{X1
z8!ix%rdmHEH~ZtbZA|B7&KLLYxifXxd<GmI+!+|H*%+gCkG0nFMlS9Zxp6M%kMn@o
zEhCm(Anx94mbrGbM<DK>>oA`@#@a;dxakwYF5T97WcCwnB3K7(l?&EJ1OLh>ZJ0x|
z$ga3M9*j4Lu5s}2bPvJ`9)w$>AW?>5-W}D{;+dv4tJBDIK{>%AYG7h=LbwKs<Gc|S
z)Z?D1JfJLq5)er>6eYSPX?UuI;2?g8!x&<ALb$X?q!h!HX(7FW3PS+TAcup3VTiFX
zfKExBA~0iz0@Gf`>;NDjOp75knn8@HumVk~>qOj!cqC=TQQ^ALj1dhKvPwPHD^Xd1
zxNu=rV9w5BJ_{Wcww8em#EWH&dIHf9xGPA?EkziMj<9jYqN9;04>3@;L6)*+g$OUG
zQy0>Qa7T6G-eK6(Z!}7#@+-N*n%ATqx~Kr2fw^m5gEmDQr`CxrSoNEo*veF&(Vjg<
zf)w$%h8s~bG%N*Zw~kAyTMKGJjFWa_8$@!dL&;NEq~@PBByX%_vT5+S5HaKa(rMO6
zE1(#pP_3{)igqdzV)~rUK%QR4DvqjNbG1v-vf8qPg5-_Wq#oL}LWSC3v{kSMqpGUQ
zD57y36-i`EQ^PfyfIMv!MTJPMNhvCD`X`uN$K+2TQ9_X5vDkU(AX#@IWp$SUGRprN
zNB9(E3*fOpdf)i^%HLdhZnYfe)t-^f_dlP$JH6TP)5~97salD<sY;;Yg^NsaaqfvX
z2<@gg9-J${o#EDUW8b63zV&kzZ}-<TU(J-f!)5Py$vgf{_havAaL>a1(DN)e!~OHM
z?THxpqLqCezX*I8Sie~Dc9c6uOYrlKmAxlR-jm<VKK5RKKCJ@)WCxF~`=1O%i-Tv%
zgBMDJ7q$m4J|1|t<n39XsdV=iy~4lk@7-`!Iu4dQMoJwcmGJ(D9|LKfp$#4gYv?Tp
z50!$49!xzB9)IR09en_OTiU<K-OH7m50#n^6^~67A#I*sf2Y#czj@$+wb*hPiE1l*
z50<<Kp9DK99le$P-A}svwpRc4G+5?_(EnH+KL4{O5}D#&^pUpyN>g_w++1nj54COl
zy8i`FTKnn?Tlsb03oi-wRN5o>YwL%WLB2|CZvKzoB{|qw1#Qsh&6BM*nt~ktGfa|@
zr0PKw+EqOL&)0!z^^gp#-X3<_(9t>D5COYviJ5jA#?UY5Y1(k34C7Qr^a?B$SUa%W
za@?_(U55Y?nE@M!_6KYm+TT6w`(C!iu#zxCM7NH2<0OVabk{X|AL4GfZn$zh*j%7!
z_ci;|Q8ShYcIc345%;jqan9Ts&zxz0f$}}9XWX{;4#k~u57<z94~baTesdPJiXiEp
zIO-MCoM`G@i!Y(FtqXx`cE)&#1-1eLW%c!iMTnZ2uwBRl@~ycB3RBx)(wKES4DFbb
zS9rw7ixN#^6e%sddtM_zs<WGhdZ`;*{t!bB3K*p*Pe);MBVLN<LbWknZ(WcJO!=zr
zf<)l~bgatPmZE9beN1s>Z_71LR*R-FbqpxlP&~={H-AYCJ!md2YD1V9PsT1WV7|E8
zVonZbF;7iBNhR!Y6zO##QTR?sBTtX!F>3>arFD7`bt@R^sn?qtVxPlN4%8XyJdJ+O
zYWyDi{|1sz$ctvu*tfO#_0m^M+o92QC#aqC+yxFaW2Nzpa$~gA7=7?zd2pgMIPt6D
z$Bh?2Nshg_bq>|!ws#nH<2xKEx?^ubXsXh4xZHER)N{PtbE?#H>T%E8C9eSL2-Vw(
zQpbr(u<c<2)ti6)GR)%>%HF<`x9@?g*gx^udlocY?-{P@C&6$zFjxu<K6Gsd#@B6s
z2y|82y2@=srM96;xV_TcS#BOEH4jvTkxE0;Gmisxk;BbvQ2;+~0AJhb9U2I=5z{~~
zAhS~gz2*(ZdxXq}-hv(yNZagDR6`I4CwuCnx`;AptUcVtI=ul>uEoJ;$FwnL!+Ytd
z6SIV*K|jv4;roEs&x*LSNAoif46v)FFF@M4wWl#K&v2M9d~J$=7SuMxupUo>2r8Nk
z);r~OQvdEe^J%rHI7FdSi||HU0!W5}X6liCMKEJ{0_X{pOPmg0GC}j#di+A2cneoh
zjeL+%WDFw0bkJF;55oiSb5QgdSkOvsO)g2dWbkqIZwWx?blREF(+sv0Ac43z6I?t$
z6#N~{eyIWdBpFJF-oh#r*!lpuCVNXzs`l-YJ?yxLPO*XsR92w_6G3nDhWw>i_8csE
z4n7Tpx8cNhMN3^{8-Yqod%0z-)H3!kzuj`77`y<2(|x4eHC*Z%e%v*B&%fbjO~;{W
z<G%9#q0;`Le{CG9v>zz9kC)oVzZu+apZaZh>Y0;tkD(PmxCLS5{-Ud26PFKwgjBup
zHAO^=AlJR*d%cmifT6*@yDo6hxVVM6X*M{1*0sbr2mu%1^!;#+&QE?QA>KbB+*-K-
zF=iRw%d=>vvJ5XlqWUKh(M+0GxhNq0Ogds^>R;n7Q_EJ3ySQA{uk%!oE-R=JK$B`r
z1Q(E~{kxd>sx#DqTpWZRz(ojl9C?r|ADJi}nb>YUyY8=q4wgfMrO;rpVdx?EFj_o1
z@vFvSV6y0%WP873+mQzRKgY1?tKuDdp(G4lMd4jl9NwtH_I_$Qn)OC%&(Bj>6kakV
zwC3yqZ}7ztM()A5;TI1_H0fTJAUq6)8^4P|9f7v`+|~GwFJYqmng`ws!Iv!Ty%2n)
zVna$)eo4wn3t+--tU{T$o;vnI3RqS%oXo)OU`r0RMUCuY%c~7?FEXYF`moS>Q%5-*
zDTO2D@L(xChyd1Z6(B?fhAS9e_b_fmEc7C@XATwQSwJz;Ovkb81SV(z=t)dYVR8%;
zHzpVWpcwsOUKgFm9D+zKNX|m%Xsb1h!0fXlf8!>6H$+ikP&{xHmq*{m<P0XY*!fv}
z#N;mgm1mIrggmp@?XDMor~MLF4V~ree5I+UYGs+B(T8)Tp$YBjsk`Ha9gC|ME!}qh
zX{e`ahdXGHuD-3*gVEy9`O=}uV&7!x;DxFaYh2)7Y>pI#;bQx6sd=R8#zLO(9WOkX
zo8tD_2c8C+s&=@;FiowSjm6I4V(V}zJW_RH;rB+sLKwmK!h^X{haJGh_%s-7%v=>;
zuuL`Rv4<=B-l$sP{?zSTPi>5>FW&8ZX@_TRH*gOk?QHK=XEwjE00&U@r1IG;>?D3{
zMDe_+j+^X@vbun1XWd)MsD5Gq6d9jKX*e-d-w0lhz}H(EH_>O&*vwdpMwK#dBEwZT
zn7B(o3s@ICC>X892X)`8BCd1_2lx~db}$6Y;fo8#<6X>GT_?3SHK*y%pa~plqEJYx
zR*vJISsa}0d5~~{e<$7lP2TuVa{8sk#aUhwNS<L*4HLeh>~8z5yKVE$ZFkQnj;g<9
wzpY62Rfj_d;ND&xZQ=HBUau0kJ+QvO+so4duJsv#<Yjch!iB#hm@*dpFRT6}#{d8T

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/generator/__pycache__/provider_block.cpython-313.pyc b/src/iac_reverse/generator/__pycache__/provider_block.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..2f10501cdceb7ee5db6969f70d055b5cad8b212b
GIT binary patch
literal 8667
zcmcgRTTB~SmbdJ(T`s`pWiST91(FZ~m{&-5$YYx%3>`>9<cj;T5Lp$w0C$Y-zEw^X
zXOqqR%+S(Got7r*eDsGunLjjN(R|GGtXA4zm+XmAZGS}CmR9peCcQgSf9<(dF1sN1
zcF3r=z_;!_b<Vx#oclPB`?{%#NAUdlPu|ZS_8|11v|&DtMumCJG6+3I$B=*s5*Wd@
z#4Or~4b!@P$-c-EcF{o`i%#OiXq63l%nqt=fdzPTwQbe}2f$m+R`o470p4D1n>E1&
z@D8(8eG44G{nfTv6WkL{(j@S!9-(0ffJZEULW|HCK%cS1YeI!qp-G1{`_TXrJOLzl
zXKY4aq-DK%xJ{e`Rooz{yYZMr@a;q@dIzsdNr{L`ir_W)-INFsp|XiTymS?(GD<q5
z1bKeJK$2uE;&ho_4k~MSEuN5YG?i4ucru<`pXJB!99AlwJitWyJQF8UEK(uE4{$IT
z#1G-m;2;r~6`;jpB2n!eXJjb`y<JJh;=pc3tbU{8t;N?fz;!&8G&+&-y|}W0(+N?b
z+>gm=DH>mkN3kp^v~!uq_=J><rBm^wB9G#zL=^g6R3zF02BoAD7ZdWZt_DerZs3^C
zS5&Dmg_ZkhDaikYs&tsq8pLEWrRYq^!*;FFRP0T_(i()Qm;?w_kk(}CFZK&)0xo|i
zb6X-w2}aMhZ;0|nJenfuaSPP>=mMS!P5`bm2Gb;wZ0j8&WwQ4q0*&!9jABjeSe$%6
znM$PA?`ONs+E_HTxtU4EmHXo+C`$<@f>Y3~dqX65B^l-_+g7QLS88R<(}3v$?X1P+
zjcj8~N+ib37VT<MAKP^=o{XjL$=Q~wC??1la58%$7LO_`Ruzq6C6i7_E3!gHv02=@
zrL{(GgqA<La(O-!xi)`u?(*EtxoCM6>ucEor5z#W^<9qc>lGbHi!h>}1csJL+c-+v
z!}bth9()8_*ycfkecC<)+krk9XjfRHj!?*H)~fH>PY@EH!Wc{lMm_k18V*8$4_0uP
zyD!Neg3f87a~y)sWubG{k(>*&Ah~;=<h6CghaGQ;*${Rf#9Xj1U)`tC@>y)vlCII%
z|BFT&Et+xF(M;1@YsM3Hy&<n{xwuc>8aCt|R*=`iH+P7Y&}^Y|AA+vMLdVz9Q)`$z
zD19Bwwy^sxG26rZLCgi)^2k1o*08?1MyC(8f_xSU8|v`g5pH;c8)o_YecaTr`R_2l
zofd8y4>3<a=luG^jR&Q#qo==bewpR7`!rg^TcR3WV8r8xn&Ednb$?EscD?o4@^|U9
z&OA9RR<8D0AFyD&y?yHzdMfs<=@6^8S2$9k^VH$FFWlro(>4oVwK>OO&s*X3|71@C
zRSaP;)M>R;Mm=2d7LKCfquJk?E*(}jq^gHl!!^|%N)fNe?@GxkqTx#NVHtdCi~EVi
zWDHmQRJ=w~oB9A2ZxSmhoKB@P;Oa{Jn-1@O4n##E@!J{jGlM*#Ueu4g>4@WjtbG7K
z(AbTXtY}E<h$b@B9gIZ9h{ZkD97^hrl+5;EOcC*$&v`tcF#{B#b`Ka3=vTd;+T?CJ
zU?eRn8(FV)97+j*%2(QzX3vm>#zA~QlH#VMacNPO@1;mA>%ka486!|i+Ad@1JV4vT
z)jQI?a6@0&W{j!#ZM5{SoH-4&AG2=uQ&9yS$BiNSNJ7l?K;!jFB%LCP#?G91e@1IE
zAizjOmJ^y|4T21bb_vV?7JZ+`M!Spy?H}zJKhzlb=Z70f6U>|D6w_(of>1YA<Cnr0
z=R?=$Z_W!^gJt<>_H{|o8ZR$jS_1c3_;@aKP2+@5uP<L+UiegVe>fNVXkNHEAJX`X
zbD??NzrL!uKE87O^76-m#(oCT(Xdx*GM7k%u2RhfO+AcpDQgj3<&H!=DanM|WR0&*
zI%xv{@zH_?xrFW_Lc?0pMT-C}x@pl1h3tibN^g0z^Ot5<L-RM5SB0cV)-I)D(yC0N
zt8p<JA<|um$kJ*hUR|wlsfUrl^nI->QvNDc!p(>=qhtz3o1w%00V0CO=!a(H?a%e9
zp79+<^-Mip*zN3kJip7je|`0rSD(y2TYvUxE|zZ@DYBz4UG3jAmi*(Yf4txt-}QEs
zyaTFtpyWNSdXMMsZj*v{YKz_V^^|-kRNsk`Z&dY-=Evs0B?aH&7QfrvS!y0sn+HqH
zLu&KTwri)g(0ppkvCB1m+4x0czH@r#^3Lh!EqUMBB6rRLUEDeM{PVnTuE<@qK<9Vf
zd)}Y-oqNHZf9dY{X0#NTRs+)o_jFyx+Ph2bLu&g_seMFkAK6}d-dbosx8*MP`Q)E-
zN^Wg?F7FE#x$!FSe(uf=@HG8`J5?TMTn&sD+~d0*U&+(2diqPAW2)y^PTCF?JQG{?
z-L^of?YP=@ywrA5Z9BO=yF&_Xvs+wUxFP?ON4aP&ybU6a7P&EV{71Qs+&^xE^pizy
z>P_GaZmP`Ggc_JAxF-&1e|z=$RKa%vly53|Xq(Ud)6QhxH}ir!U8bE>1Cs^!WL*Z|
zS)l)u_n#0bs0M;Xcd+hkzB5y?+(+9W|5%X=zNyffOj&@TBIh@$R*GEzoBBRo@LdFb
z`}<1%5!F9p?3W$yx19z5m8~X|_EGM$+-lx8Rph3tpv_za=B3D;HbLPc*Zs1*72Are
zZ@0nw<(V(eJP8*Xy7O%JYuLspS`OW59npYYPYL`BK%XKA{TXmbtQa~PO%7Ded>ssn
z)3H)X9)uxX0O>ULjI9lQ7@_HfYPuk7qX~x$;HFO{X~14<Tu0arZnbk?;9VQjr8|q<
zTVT5N5dCd1`Kr{{M1&d;riqMNd^S`u>tHliF@&a&tE^bdD_qerI7*)ExqXh(;ZlRa
zY=ea$+ktDQ6Zb6zDioL@<~6l8Pa&@pvan`WkD}i)*MG}sj=N$aBSD2p%ajn4Nhme$
zTteKu9TP8Tr>X|!%|vFzusi1<jS4pXLeQjo1bxUfOY|5$7yr2a`*i|ADvYSv?@0Hv
zEVXw~p2rWeEr#urQyCJKs2?yuXdGn1sllTePU>SgDC$Gf2cHS1ML!h7EE#~8=9Iyc
zkYc){Kt|{Xr{<}cM{2}nGERv`X%Q@w&_Oj<c@UZIA%h)52?IYZI=KWici|`h9*W0k
zk3;@I)r$5O*}k$x&9@8}*^}RQ_2oS3srh2pFSeS#8=TqMR0l7s9Nuz0>ooVi@@(PR
zncRHdce2Qhl!5uq6Wblz+zzwv<e<>bZMSZvirgu)gO6Wuy{{TjV1e25AP2A8b6=6|
zG;Mp014W;oD2Pyb%K1j-HPzKqw2BA=w+A+XA$Gw=STo~J--44K4UmU-2rO}~JBD3a
z$BlA|{36Y;m)C!a{N+pNOdN%UW^M`Dl5aPst7di^Qt)%psFYS{0-ol}acT`)Vgdj|
z+#u3yH~nIcPczZ7o=L~?B#k3@(?5#AFfnOVCxek=ndr}w+pm+r*Edexl>NR4hL74S
zvw{#kZlKM){tamHDVm@;UIvcjK{%4xFk5S{hwWzpHwH6$4Ls9NF4e}Ow=36<8Al_S
z4@cNhD|5U;PkQ|cSIk89I9#b5hGAGKU@mOBxwr|u(R{4iq^-WgPLrB)e;aPF>Wo{-
zFMkp<V`q~Rqib-ytW+|rVJBr$u+uW>s@<Q!>N!k@)yQ1?$dF!ehNx$L;0af<2!d-2
zz9qSp786C_!kl0i+-K}?;Pax(vcUHR$NMjg;J$^fYO*fR!rcr6Lq?Dx&*H1K*0-@e
z=rxfg+!;5+GKg-=edt$PdfWm%3C4D)T;$Z<7y51hc0!VpA;~gFbJ*Oc`n8R5!$boi
z8Ux`0gCjVi;T~*2-$*nQK(EbU0V}$A?_!zAY0xWqj}~X3u-GMX7TVgRDa8K6C1~z!
zFhd9I(eG$ChCTYW|KErHbx1$&$ay*hJ?IFX?`$vR0zip__&TH)jJYtg6*2x{*2eR?
z$;mca<%ZiK&eVwJD$A{Th-8>F2);5&W!Mcddig}u?Uimf$Uo4bVap*sHmlk$LM;){
zu(Fg`(<$i)GWh_&T0@z&$flSkbRlY-EJf)(pj<U>WC=dVbidI>p+9BAZYoLZyHWFq
zu4wTY?cqBpz^WZV@6T>E{6}Zs)`ISq_o?2#+=D-Rr*<dad$v&O8C82m3(aG%9LSHs
z1oriBaeGeWZu!#tg}3OReSV?fUo3J<KRD5mqq*zq`&Wv+i(A)rJNmy)eU-{>7CKJp
z9YajH+wA|^`<3^*_Ob2FLi_yx*ljJXKk%q~Z2OiPIQx7~4P1EQDkJT7;9O_UogZGz
zw=e0KuiDU&C1x*x+Pc0T`D*0ZMxk|R`>5I)+;V;I?b-DW?zVUDcK5t;vCaG*V%@yq
zm!RvzPO=Q5W?QIbS+SUvTe{MJYyq>f@9OTB<|O(~G3LspaS=T+5Q%7fB(e$SBq2e)
zF%tP4E^g^|ftEKCS&I`{p}B)(3IMK11g<e75kik`%@>Kt^fEOXsphQU8=RiVSg+JI
zBlBiKZK-?$ieI5uHm8HzYaVm(FIxxq9PkG9cb(jG(He*N&cC^#W^_X7sl2))#L~{_
zA|mv#Bya#C%?>w_;8uM=0bvtLZb5ChmC(CJD&blNjtP*7P}`)nTGA6i5MD~idX~oM
zm9Az2_6d>Ww4jEDP`=49El$!x&+mYGEceOK_Z0nfi59xh`xOB`s-fl!L<AH#a*_OR
zQ0&<mhWV?_$*}+3jF`dyLJKNd*lR_OmJ-{ovfVK6N1S`S-tJY|UT9;p-KDZ!(C#tY
z0hJ9vyVq<Vr1z_=AHH`x_h$M&U~GBRnr}b%8uc-@z01r6rf0XUZ_iHOCuj8cO9%IZ
f1KN8RZ7l$8KelIww+@B(-=<D8{9h3i`b_;VuVZl>

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/generator/__pycache__/resource_merger.cpython-313.pyc b/src/iac_reverse/generator/__pycache__/resource_merger.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..497ecb9fe4883dafb56c157f2a786eba12dcdee2
GIT binary patch
literal 2767
zcmai0TWl0n7(O$5zqLz|rNu~3Z`PHvSV{|&TYzG)P)c@P1-oRN&Yay2%+9Rm%$Ak}
z<C7`zK}{q|LP8T?#3vr{MZ=p9K6FED>!68=4~DmvYKU+CXLhD7ZH*_HnREHi|9|Jd
zd}me?i70~h{iDXK??({&gAcsscRMRX(7BCrh@za36VD05A{8<3`_B1>{nYRD{pSM1
zK^hzm(GW(>s2$}3yHGCJFV?lta4D1y-}rH)s$1IL3N<G+l~7CxGpke~xJ+nCGfMcn
zW=&wlG>W>WSkAIuwKUVnM57}hLfGmShKtlJ<1$xR(FtaXY+z7a)O3*249mnat{PfV
zBPt9h3Cz&xo+vk|PjXv^T;?Co8pGq$pnw#$sZ}J_1mQaCU;(jVaeXuseaerO7VHou
z6<t;cbYm(h%78`%<Z01v8q%0zP7+Ggtb0m3ngft90x6~Lm-;*44ps)Ba~l;96~NtM
zPN2S=Nc}lqAy5c%p`0IjA>KRS=MKK=r{P?XM!0kB2G5S;Df%=4V)A<eLjU8rHBi_b
zze*HqllydySrCDDCy24p|Eg9j!Wj)~)lUqw37HbieaGZ7;eIAP&X7l$P&Wh+B`)H*
z|3&W;Sy{^i9u6Kho+;hT(dQ&eR0F76ga^MyGNnupZogI?C)6MoVUhvqHPsGts;OKf
zRASd<T6SmCaJGwXl=rd<Q6R_)mMx2F<5k#<`EejK7@?DpOjSdfkc|>iGf_Lv(@ugV
z2r09Jlvq`2C~ne&{}Bqq<AZ0V0JFEzK4ge_VLLjz8zIA&7qbwbjV<rXuGio$_q&o9
zjbMag2%|ACZ_rrK)8R=O{=5iQK+*_YI+NunHZ;CD8{04m!+gNg0hZcbOFWmH*6)6e
zVBVi?bO-A`-a6Pmg-{jFQJKnzx1)C=OzcIBV`@Oiypv6?+vIjNaRg@h$&9EG8Qbnj
z<f9&<oG|zWLMmt-=>??0><&+6?VAsI(tsbhi|Yfg#~gn^*%^U+U@L#*gGWG#e1dym
zD|Fe^nhmelfO6v2+8R)w&xq$^TX}e_#oK?Wkn<fD*Wt~A^)2_j5EW8CRX)}U9>wq&
zks?a_<!(q3r`T7^WlNTH({&?Bx>bIXme^nvLtCHQgZMm<05*$wGhOsx(|`g2KKF`o
zAK%JHoQ<KnvQAyNYEQ1xGPlT8Zl=omMX-sXISc4egATkG=-Q(Zm)N0bovY-(2^?I7
zY(WCz_H%+tC+r}ZvWTJD5pIQZ4Ws-HwEY|=<+*ML<w}K%_!zP5fM$_0v%}t@ZJ$mI
z+b6549hj8$DxtjYL9w3^y-4{@YbRt~=X6om&k2JwhrMleN*bS*I37FfP1)Ploy}Qe
z4j8(PD-@_5@c;k;ISi}XiTXW8)Ve&cULMfZW*<L2Sje8aI9kXVGA*7qRZ?J7DQL0+
z=-|>~q);LTp)y>W1rLc-=kH8q+738f`=zXV6esIw#+ls-)>s_;`w?17p}zi^#FJF}
z%$tkxmW4R3#qn%vp{=*p);k~HzwARhJN^ozQ^JVw)7y_vX6M2!Pnx@C&MwAZxmUhZ
zuEl#6;(fJv--EOB@nay}@+wGozy37=!Nt}$7Fq{ttpoF|hi;9|4E?fq;BoW8Z!do%
z+}m|`*Zs>gZ_PCy{I#*^v%{Z!I4k_z*tVE#TS#`*l3lavd~(ln2;sv^anzHU3D#{k
z?)>!Tt($YW_i<zIV#l6^jsvxh0}CC4wT{8L_9G8_A71+5%6C^Dj?UrppCuNPsV@_s
zC+?PJCu+M-&nJg|uTOk6F`w*Sjseo829!+AB>s8!GHN-*I72@=v12G5ypJxVqjp$w
zVk1d*RFcZ3TGa{k<C642Rn~b1z^GA@iW+5>t{KEIVIm|+aDPb>Z31nStE8O9X&1cg
z9g@T>+0qng?dk&2ZdhA^2hmRc;x~cw;z_~y#*fjm7z%`!nmPli+0NM;wf6l>2>K7K
zxuX|q2S=at0nK>(E~F#02L|xNBU`ef%Zx##@Km>BimB`H0|7s5ZtXO!%cu;TlIX0C
z*um~#;rQy>IX*jlwC;@KbUzGvm9kcNE%^jNSQh<)|L-^w@NcN&Pju{gFe9X%A$U0o
F{smaj;+Oyc

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/generator/__pycache__/sanitize.cpython-313.pyc b/src/iac_reverse/generator/__pycache__/sanitize.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..53b32ae83529ec452fe6fc4357af05c034da2129
GIT binary patch
literal 1381
zcmah}&1)M+6rWkGSIIWAlhlS_3LR9_)~#g%jVTeKU`zs`^aE{WLcPf{*&WFfq}k=o
z$VECiw~$MnLuigZCjUkMga#L4_EhMpHy5Qn_sx1`D?Ydnc4pq}@4a~+znO8Z<`b0P
zf1P{e%n<UYRVLz=i*X$n&q+Xl1T=8Ira*&A=mc))+;D@LMe@jnO4nKTMz8KBLK)eS
z0+{AX8ad)driyh^U_S@|j*C76q0<4xf+^k?de!$gQne$%XvX28G{9ka2E(K>Dcj*a
znN0bSC#Pw@&rQ57RhOA<!7^@)0M%p<ws>Q--uN-PUoNgUZbtV%Tk`+1xqX|vHiFy(
zVFsXLS|)5KEC#9IH_mZ*PPTA7mX<SFozC^5Fm1ACEl?EwUwkES+Vm9Prk@_0623r4
zo3`xvXC!de$_N9ud5;i|T6d;R1J8n6)iZEZ*UGIE-w3qlHgI3jHeDjiRep$W$_6n0
zZrvFcou5;7Y~5*Br@F!V18rE*l5=|Cw+20dJ<qb96iL%>u$IVr9C^Xjkj2{^c#Lgi
zDmB=DHr+w?lQi3Gpb`N(PC=mUM%wG~Oba}_XJpnBEKZdc@xaI(F$LAfTuPNSy4$e{
zqXE-~TLKn-IZI?$niZCT$b?ETo+$_Km`Tk<KQlvy1W#3OIEB+I=-cv&)uRdH>%PAZ
zUETB<isfFDtz)j*fTivPRs6x)whHqSy?#y~7}f!^OjrlfesKe&$_8fDAJw)V9N&O~
z_&JS6PV{+B@{1=Sf#vhEn>!%#iXJ@7XKXZCUX{A2!m<OF)%KFuLTL+UEdO$&8MbbJ
z|6Ld;4xNoO5ut`Slsrbyc$u{byFv-zCWWwk3&d(R%-^3V(J5hI4xQSENOy49C2yC=
z?B$;~pKks(zqB8}ym3&wzI*4bS8ndze(}Y=cToFe_s+i_xpZ}J^Ox{hxc||?!pAS`
z2Ma5QbBjkFxiI^LKOVlRUVB}=_NKb{y1ICHWqxnx*#}R&Ki<2t`^^|nvUyjdC`sce
zf{UnQ1q>9?ydrQJH(=K8Ubxjy6C~?bFpsLegxbD|M-@ux-;PV&@g+k2Bkx0c^+kL{
MaN3Xmu~XsWKj|NSUH||9

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/generator/__pycache__/variable_extractor.cpython-313.pyc b/src/iac_reverse/generator/__pycache__/variable_extractor.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..686b1b2ddbce75dc300bc7123529c873d2e3a754
GIT binary patch
literal 7826
zcmb_hTWlLwdOkC}UnG(eDO*>MD9I9SS(YNnO5{r;%XhDAN0U(vOIdnEjwCwNP&q?+
zBf0^M0^2Ic!^+qVmPv!I7FZx!U?1Ef59u~Qi^dP>Ljf{MBYNsCgf>8sr_w7Ui@f#!
z=faDm7%9*L%$b=p|M|~<{_|hHb7rTe#!aC7{lEC`2rY#CH@=v~YCP<`4-fAWo>0Ow
zJbRU)4BRbO*((-m;jqnm)q2H7ZCC8n&XE~rvesl#zK6+-bC}WJsf)MGxOw}GXUNJs
zn#dh1^;WbvwU!#A#SJtrt)=!L2@~GkM0n3IYjE<-vk`CR-=;*G5NDGTC%u`bVl16V
z$y_oupNMgDDaySnQ7Xd2A{R@=C2n4lB`P9KpWA&oF3IV{TtZSfF`cG~+2ypv-4&C|
z(2!mb)10`pB#D$u$lMD@IVvfsWg0_bIc^SygwmorA*WLnL)|q*Qn;Ta(hJCjrj|fT
zV4q%DLP?i^n*vhk%;M6VxSUKYeeQ2?Zr37=>M`2liC8+qs&(fQN-T9(qEdX)kV6fe
z*C#B+O%<p%O?uT%rSvkDV}{N(ec_5);M#FR>$_yS^i3eshDHf7b=#wLAw&eKd8Ufi
zw2VEp@erxzYB!kdq13ptRa~9VrL|PiYF3N%`$}uAqV+zPuWjBEv1cA#mggkOi4_aD
zYn8Y;npy;c8!PDrur5u>U_WDYUKw?BP_&j&?$rgUiiQKLNEpmDmSBj`Z&F(wqwCmn
zhE>2Q<$110>YMND<-+=F7@p+i#aW5s(`+i03`hFhsuiD9yZ%MB>$DkfGNGh<^p{A+
zvnVc^FA<08PACakNsDq!qApOBY5_Y|ZF9+#m{u*&Nws2k)rv;=TZZC-Drh&HIyOE!
zGkN~T^%-6k>D)ND){H`9GYK&kr4pE_BFz}CmZCGJJ46i+1tl!4sQ##?nkXs;zARB1
z1lB$rBL>xd@~n<H>(;tH2yQvr@{YEGFZ9G!zjpqE!7bOJyz9_!MmMC7gsqN~`HqtX
z-+`)crT3vN7ngT&1z)TFz4YF)?K`jo!;mT`u|b38B<lagNj!uIq~tQ-Ogz&`c($|J
z9sWNY2S%F4mC}kp%%Hk!r0;hoSV7(*kXon*ExUSszgx9IFY9EDId1vR+nQkJ^<>y+
zGUbsO-YzgOiet|xrS!1JdHcS16i5mJnGBT2HJ{9J_mP0*T>^Uy2zfWwupSljj(9Tv
zcmZ+(hWKiS6(Jy3IHVDTb^qp)i8LgS<PY_H%sOIvufOZw2>Aq)0AwI79dXKXBCVw{
z=vF0z={=kw4ElPSE=%C3Vp5S*CY)h=xjkk)2(#Xiq3R$U#Cu$(OGgQjE2BB{oXC%+
zLbOFBgO=;=X><#%2#mSRcgedpj!b}lJut>RGh&%zA}nnLvTJb1*h|r$A%C%b{i+qz
zx2RyQ;W%0kH`R3tg9Nz#8MP;>t1D{EGO7pJQ^`~eW_hNsM0o-_D*aG>10f>Uc>D8P
z(cI+J@0uQ-`=nzlawZ=+lO4;(vs3E>?;U+K{+adD%U?820MT~}I^bUp4l^n<tun7w
zDGVc<rmz>`p+aGPLY6_`r8+|ujKG3blR=v?^*UqftTuIvHua1x%$?@K*M3VP7TOH_
zROWS+xvQW8AysHIr>*cp!LP_ma4GFjY13)G`1{ts3qA~F#dRjDtaoiN>&iy^zqj=M
zzSWTbU=zrHPi5YUxO4?$IH2g86kSWxHwCeYYQ2+6$P~RswP~6Mad4g#BbDj^!=r$F
zs>D)5`>p~#0zD4HrR1R66PW+d*tU8%=RCT85vr;%Tp6OD`0Cb%-^t{hja4Lt05q?4
zX9KH$k#jaz2Wfxsm#zn{eB<r>t>|Xs?M?sfRonCE>l%I;c@W7rU;H@qPtE_({7LI(
z^To}&i>r<TjQ!_tzm-+;zHrVN-mV&x0&c0!0;nZit(}jc`oT~s46zyWhgPN?<`YD&
zQp7gf0J<2DrYo8E9~_f06O=})%mf0&x(Ji`a6BbL9>xHtc@jbqky{Xz1ue+z3O*Qf
zVyR_7!}9!o;cZM_sg9ExATkkg89f7n-HmQaLn10bY@V7!%xr?Fh+Q{h-A>cXOGyd9
zONyqYxMrxDEmQC_19|9yqc*xIzAi;g-V|~N`7@*$hiZ?3KJf*AF_k_4tE=x_{hNu+
z(2-5w(UPSafB;C=gm=&cw|&7?uWl2-t5i%~?_7hXcgYNajS!(M&rl1`QY&wnvCY_#
zh_}L%1D{~?0{Ia(I8NB^7;W&?RoeKtc_;PEyCQBiFlFo*3`n1%-`oHWnXip^g@bhi
z>|fTju0I9f<^DSlSO`8Q;{F2CmXb!T@7+Rhso6VHEUol%iSOSExp!}cI53vQ6qU+5
zqF!xF6r&RCa1?IOwgiOKQKsTXLzBeVf;k@pN~<o@mK2Jf6T>WF7R)0SxORRFb(K4o
zG7-;=f{BRG>o}NyIal#)Qwb!=tiV7HT!I{E5iFCK4R)2ulGBzyn2riPuN%qWd<6uv
zO_yNPbZM_K#O?t%AlU>42uz1s5p1T*%l4a{XfA?gKKsEOkQN<aR}pM54!~3_kcD5-
zQ_%#~@5hPkn8wJa6@h);+)OSo$Nw?rcu8<RuSY$Za!t7v%W<Nx&<irYmL}h?*n7E6
zuCO+r5E4fXG!Sz0{UP=SI{|qSF@x-pU9wy7nBZBXItO|>P?FqZ@_}(a(8rOz+Gu|e
zYI%$9a#+hgp%&!wE36?Ez+l-g_;nf>6IMzaGa&n?5u<2D@Sv0O_Lo?>PN?Ip8ox@e
z_0yQcby}Y(iyW+&X-PufI(ieV5Yh+l5UjOikd;H%o%%EH6ui)4l|$2*`*-te0JsW0
zcy|TgT5~jL_YB(P1A=2e>zF=N;ujJcgrIOh2=LyQO7;b|@wbL;Jk{@lqZ8JRBZ@_K
z%dR>7nU(!>BvK>(HJFrfFtTEL>7LV(iW3m+0E7eFY~obR0T)a+FZX<1S^<=rN+vPj
zaAGoPMldl(Q;ObF3IcuZ%X1L9^vtE7!eFSYK8C?qf|*1S7p028hy%G3X>L}Er55qD
zrX-nu8iQRHQxFp2^P;(%#|hwv62`9B+?S*p<$h#@(s=1KrW^#d3@eMtm5j7I3!2@Y
z6B)I`DkI2i)5gOf@EH;_R~PRVxDYw-a8Ol-!U`a7gakwZh{Capo<t%35G}FkIn;S7
zDK5^&#WU*gp6t^n=|@X|!u7*7rLT;{jc$v;PC;mMpZwzLZ>(PgyL9F#^fxF(6~e}F
zt4WTaw^DKecFX8=rm=(E>@|uw98SS3NlAtq^QM06pkrs;0nibs9>Aqw)V)t0DW45|
z_R7BwJzCL(z^-5isukpqs!TNF;Pw2OX)uh+m>{H74a#KP<%NvcRI3a&rMgN-6KYM>
zwggY-lo(Ac;X$J6SXQKXbao};r=utuYFu@fEML)ajJ6v>l%p>OA{Nz-rY*-+*Rq^=
zV_AwO;uJTls!M`n96YC#RLi3HriQ<@(-DfAiX2p}ij<tAFCeW42hw*-it03NRds63
zr~^$Boj`S(h)H#oR#x?D_7<I|spTa_Wf$(!2r{nGt<hv{NyOh&Yt8-!KfgI%)Ywj_
zwJDmIPk<X36gK>@LdTI~J-S^~ce_%DKxLyQ2^~XXCoUZ>1AQ4@=~<|hgHXX1YTu$8
zbzqO-svT3ivDIGdhOkW(J6JAY$2Q{it**QS+sI8%YoR{0dij}?Tww&}vA1i-!d_wA
ztDYSvX$-GkD)jVk^_<N2oZRXe%lC|Z*)yK^cdj{~*-5Z1d*^pU9|bphx9Ugo^&^ji
zEl-*w8%H*qhu541e{<g7wZ4$|AK&ty$oo$eLake&?tG|wqbV00`qsh*>UL^K<Q((V
z0^<}9lD_^`*H?#oH>S6aoyi|Nvw7_0FAtC9y&yu-Njm$tI)?Kd!(ViaJhNF_YyYcb
z<iXXovrp<9)_(HyQ|kly`pz923AC-%{k-OJ$4JpeYMP!BApF)#g6)s}2Vs7v&NKh~
z+LtH!ynkfPk`Iln$%XcThwb_Hp@*;J+eg-F9}kReHl6)^U~I#d9bON7@M3;oY|W8t
zIt!h<k8B*vpT3bl{7TN>QRp1`n8|mJems!xJpHkl?|eDuZwI3G6A$H0?)+NKS0LA0
zoAq5AfzA3Og?7-x`mNld{s)(eb`m~}ZyRqstbb_B9Xhdg>8qCBjUR8eoLX~jH?(FK
zvbS>Gr=J{X$~7O|JkXnKIJR-CXkkJx6)hytQgo9*)0Ush`?)8<u0m^9A$+uOc(BlU
zyufuo_1HrV-&&lY*+FvZRpx0k=|0O8Z!^T-m~$TdZs#=yH1gdan@ICGqafV+)DgPS
z>HL&)K>euBcj1VW0s^dtrU?Gf-FLR3f<qRj1Y{rp&NBeQbkKPfK_|}wkOR8i1=2eL
zQjD9s3VgBd4^`od4Zh$`bytBe_Cc3y1<1G0zEiN8aTZ{~gboLI$0Y0~cNc**DS0Ob
zC5X$e%-0w7|0hz#8CfZi^rh#xxdi-(iKXN;xIJXS8#EPP#$P5T5jP75I<Fi5MKHYf
zLdq?LQhgs`gjzjNBbul@XE)MOITe=!xj6=8@)SgKIWFxvZ0Gd@bwfZc=a%7tVom@~
z*ht20vg5*;V3@lH=lt3cz7c#*bD275st_IzeKK`ntx@}(qfr7K>wXI^x5~I-vx~db
zazxWY9X*e2-B3kr^fEr9ovC(RRjLI9QEmDQhJTH%9_>QL8M_3*)=*3|J*Re0?TL8%
z5<UcO%1@!XPrhveKY(Dj-O{#d|Bw2X)$#4RmMs6PoA2GsUMUi$yQ9!?_`}n`KD~Y%
z-d^Y|basDu{nyuX9YgRsj32i;hVmUlx$rPFoCp;i)<6SzWldeNmekb$Y~t;SY}c1w
z?rDGoTZ=*BZ}{20x9??7Z2H3MujYM`oHL@MhcJk9E#g(3Q7!mKqpCX^T?8viO7QHB
zM&DQ#lb9CZ%@>W%C8&~4CS*xYL4zY2ji+MKsGedGa%c&YPU919y=V+7IOU4Mel(qk
zMaxMVI^ob|d_?>46{{O?DHoyoEAo`J*__4NDaO`VXl%{3_2(N0iWYp`cGcu+;kN|$
z%!aSUCAQgiM58&LZ|pBx;BDLG{gVyu`WVO=5JLiPsssL4LeiX9JqAF=KZ81ssH^y;
z(g%8wk_s(NOm)pm=^sH~_{k|DBRevZsA|_Y_WGRhw~7uS5OnDCs-COrJf*An41EJg
z5WFdOpn}-SFi%-4W8Lu*#`mA3<7;wm+vVSKHGS@C%D%Yi>b!3++Jnr&?1dtM+q&`$
tZ^ga_re(dMNZ__H{tR!$7iyVM_HdEFZGGw)-u@K6$1q3!NU+v)^1u6gNe=)3

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/generator/code_generator.py b/src/iac_reverse/generator/code_generator.py
new file mode 100644
index 0000000..e21d7c3
--- /dev/null
+++ b/src/iac_reverse/generator/code_generator.py
@@ -0,0 +1,304 @@
+"""HCL code generator using Jinja2 templates.
+
+Produces Terraform HCL files from a DependencyGraph and list of ScanProfiles.
+Organizes output by resource type (one .tf file per type), includes traceability
+comments, architecture-specific tags/labels, and uses Terraform resource
+references for inter-resource dependencies.
+"""
+
+import logging
+from collections import defaultdict
+
+from jinja2 import Environment, BaseLoader
+
+from iac_reverse.generator.sanitize import sanitize_identifier
+from iac_reverse.models import (
+    CodeGenerationResult,
+    CpuArchitecture,
+    DependencyGraph,
+    DiscoveredResource,
+    GeneratedFile,
+    ResourceRelationship,
+    ScanProfile,
+)
+
+logger = logging.getLogger(__name__)
+
+
+# ---------------------------------------------------------------------------
+# Jinja2 HCL Templates
+# ---------------------------------------------------------------------------
+
+_RESOURCE_BLOCK_TEMPLATE = """\
+{% for resource in resources %}
+# Source: {{ resource.unique_id }}
+resource "{{ resource.resource_type }}" "{{ resource.tf_name }}" {
+{% for key, value in resource.attributes.items() %}
+  {{ key }} = {{ value }}
+{% endfor %}
+{% if resource.tags %}
+
+  tags = {
+{% for tag_key, tag_value in resource.tags.items() %}
+    "{{ tag_key }}" = "{{ tag_value }}"
+{% endfor %}
+  }
+{% endif %}
+{% if resource.dependencies %}
+
+{% for dep in resource.dependencies %}
+  depends_on = [{{ dep }}]
+{% endfor %}
+{% endif %}
+}
+{% endfor %}
+"""
+
+_RESOURCE_BLOCK_TEMPLATE_V2 = """\
+{% for resource in resources %}
+# Source: {{ resource.unique_id }}
+resource "{{ resource.resource_type }}" "{{ resource.tf_name }}" {
+{% for key, value in resource.rendered_attributes %}
+  {{ key }} = {{ value }}
+{% endfor %}
+{% if resource.tags %}
+
+  tags = {
+{% for tag_key, tag_value in resource.tags.items() %}
+    "{{ tag_key }}" = "{{ tag_value }}"
+{% endfor %}
+  }
+{% endif %}
+}
+
+{% endfor %}
+"""
+
+
+# ---------------------------------------------------------------------------
+# Helper: format HCL attribute values
+# ---------------------------------------------------------------------------
+
+
+def _format_hcl_value(value: object) -> str:
+    """Format a Python value as an HCL literal string."""
+    if isinstance(value, bool):
+        return "true" if value else "false"
+    elif isinstance(value, int):
+        return str(value)
+    elif isinstance(value, float):
+        return str(value)
+    elif isinstance(value, str):
+        # Escape quotes in strings
+        escaped = value.replace("\\", "\\\\").replace('"', '\\"')
+        return f'"{escaped}"'
+    elif isinstance(value, list):
+        items = [_format_hcl_value(item) for item in value]
+        return "[" + ", ".join(items) + "]"
+    elif isinstance(value, dict):
+        lines = []
+        lines.append("{")
+        for k, v in value.items():
+            lines.append(f'    "{k}" = {_format_hcl_value(v)}')
+        lines.append("  }")
+        return "\n".join(lines)
+    else:
+        return f'"{value}"'
+
+
+# ---------------------------------------------------------------------------
+# Internal data structure for template rendering
+# ---------------------------------------------------------------------------
+
+
+class _RenderableResource:
+    """Internal representation of a resource ready for template rendering."""
+
+    def __init__(
+        self,
+        resource_type: str,
+        tf_name: str,
+        unique_id: str,
+        rendered_attributes: list[tuple[str, str]],
+        tags: dict[str, str],
+    ):
+        self.resource_type = resource_type
+        self.tf_name = tf_name
+        self.unique_id = unique_id
+        self.rendered_attributes = rendered_attributes
+        self.tags = tags
+
+
+# ---------------------------------------------------------------------------
+# CodeGenerator
+# ---------------------------------------------------------------------------
+
+
+class CodeGenerator:
+    """Generates Terraform HCL files from a dependency graph.
+
+    Accepts a DependencyGraph and list of ScanProfiles, produces one .tf file
+    per resource type with traceability comments, architecture tags, and
+    Terraform resource references for dependencies.
+    """
+
+    def __init__(self) -> None:
+        """Initialize the code generator with Jinja2 environment."""
+        self._env = Environment(
+            loader=BaseLoader(),
+            trim_blocks=True,
+            lstrip_blocks=True,
+        )
+        self._template = self._env.from_string(_RESOURCE_BLOCK_TEMPLATE_V2)
+
+    def generate(
+        self, graph: DependencyGraph, profiles: list[ScanProfile]
+    ) -> CodeGenerationResult:
+        """Generate Terraform HCL from a dependency graph.
+
+        Args:
+            graph: The DependencyGraph containing resources and relationships.
+            profiles: List of ScanProfiles used during scanning.
+
+        Returns:
+            CodeGenerationResult with resource_files, variables_file, and
+            provider_file. Variables and provider files are empty placeholders
+            (implemented in tasks 5.3 and 5.4).
+        """
+        # Build lookup maps
+        resource_map: dict[str, DiscoveredResource] = {
+            r.unique_id: r for r in graph.resources
+        }
+        # Map from source_id -> list of (target_id, relationship)
+        relationships_by_source: dict[str, list[ResourceRelationship]] = defaultdict(
+            list
+        )
+        for rel in graph.relationships:
+            relationships_by_source[rel.source_id].append(rel)
+
+        # Group resources by type
+        resources_by_type: dict[str, list[DiscoveredResource]] = defaultdict(list)
+        for resource in graph.resources:
+            resources_by_type[resource.resource_type].append(resource)
+
+        # Generate one file per resource type
+        resource_files: list[GeneratedFile] = []
+        for resource_type, resources in sorted(resources_by_type.items()):
+            renderable_resources = []
+            for resource in resources:
+                renderable = self._build_renderable(
+                    resource, relationships_by_source, resource_map
+                )
+                renderable_resources.append(renderable)
+
+            content = self._template.render(resources=renderable_resources)
+            filename = f"{resource_type}.tf"
+            resource_files.append(
+                GeneratedFile(
+                    filename=filename,
+                    content=content,
+                    resource_count=len(resources),
+                )
+            )
+
+        # Placeholder files for tasks 5.3 and 5.4
+        variables_file = GeneratedFile(
+            filename="variables.tf",
+            content="",
+            resource_count=0,
+        )
+        provider_file = GeneratedFile(
+            filename="providers.tf",
+            content="",
+            resource_count=0,
+        )
+
+        return CodeGenerationResult(
+            resource_files=resource_files,
+            variables_file=variables_file,
+            provider_file=provider_file,
+        )
+
+    def _build_renderable(
+        self,
+        resource: DiscoveredResource,
+        relationships_by_source: dict[str, list[ResourceRelationship]],
+        resource_map: dict[str, DiscoveredResource],
+    ) -> _RenderableResource:
+        """Build a renderable resource with formatted attributes and references.
+
+        For attributes that reference other resources in the graph, replaces
+        the hardcoded ID with a Terraform resource reference expression.
+        """
+        tf_name = sanitize_identifier(resource.name)
+
+        # Build a set of target IDs this resource references
+        target_ids_for_resource: dict[str, ResourceRelationship] = {}
+        for rel in relationships_by_source.get(resource.unique_id, []):
+            target_ids_for_resource[rel.target_id] = rel
+
+        # Render attributes, replacing references with Terraform expressions
+        rendered_attributes: list[tuple[str, str]] = []
+        for attr_key, attr_value in resource.attributes.items():
+            resolved_value = self._resolve_attribute_value(
+                attr_value, target_ids_for_resource, resource_map
+            )
+            rendered_attributes.append((attr_key, resolved_value))
+
+        # Generate architecture-specific tags
+        tags = self._generate_architecture_tags(resource)
+
+        return _RenderableResource(
+            resource_type=resource.resource_type,
+            tf_name=tf_name,
+            unique_id=resource.unique_id,
+            rendered_attributes=rendered_attributes,
+            tags=tags,
+        )
+
+    def _resolve_attribute_value(
+        self,
+        value: object,
+        target_ids: dict[str, ResourceRelationship],
+        resource_map: dict[str, DiscoveredResource],
+    ) -> str:
+        """Resolve an attribute value, replacing resource IDs with Terraform references.
+
+        If the value matches a target resource's unique_id or name, returns a
+        Terraform resource reference expression. Otherwise formats as HCL literal.
+        """
+        if isinstance(value, str):
+            # Check if this string matches a target resource's unique_id
+            if value in target_ids:
+                target_resource = resource_map[value]
+                return self._make_terraform_reference(target_resource)
+
+            # Check if this string matches a target resource's name
+            for target_id, rel in target_ids.items():
+                target_resource = resource_map[target_id]
+                if value == target_resource.name:
+                    return self._make_terraform_reference(target_resource)
+
+        # Default: format as HCL literal
+        return _format_hcl_value(value)
+
+    def _make_terraform_reference(self, target_resource: DiscoveredResource) -> str:
+        """Create a Terraform resource reference expression.
+
+        Example: kubernetes_namespace.default.id
+        """
+        target_tf_name = sanitize_identifier(target_resource.name)
+        return f"{target_resource.resource_type}.{target_tf_name}.id"
+
+    def _generate_architecture_tags(
+        self, resource: DiscoveredResource
+    ) -> dict[str, str]:
+        """Generate architecture-specific tags/labels for a resource.
+
+        Returns a dict of tag key-value pairs including the CPU architecture.
+        """
+        tags: dict[str, str] = {
+            "arch": resource.architecture.value,
+            "managed_by": "iac-reverse",
+        }
+        return tags
diff --git a/src/iac_reverse/generator/provider_block.py b/src/iac_reverse/generator/provider_block.py
new file mode 100644
index 0000000..49fe4d6
--- /dev/null
+++ b/src/iac_reverse/generator/provider_block.py
@@ -0,0 +1,197 @@
+"""Provider block generator for Terraform HCL output.
+
+Generates a providers.tf file containing:
+- A terraform { required_providers { ... } } block listing all providers used
+- Individual provider configuration blocks with platform-specific settings
+  (endpoints, certificates, credentials) for each distinct provider type.
+"""
+
+from __future__ import annotations
+
+from iac_reverse.models import ProviderType, ScanProfile, GeneratedFile
+
+
+# ---------------------------------------------------------------------------
+# Provider metadata: maps ProviderType to Terraform provider details
+# ---------------------------------------------------------------------------
+
+# Each entry: (terraform_provider_name, source, version_constraint)
+_PROVIDER_METADATA: dict[ProviderType, tuple[str, str, str]] = {
+    ProviderType.KUBERNETES: (
+        "kubernetes",
+        "hashicorp/kubernetes",
+        "~> 2.0",
+    ),
+    ProviderType.DOCKER_SWARM: (
+        "docker",
+        "kreuzwerker/docker",
+        "~> 3.0",
+    ),
+    ProviderType.SYNOLOGY: (
+        "synology",
+        "synology-community/synology",
+        "~> 0.2",
+    ),
+    ProviderType.HARVESTER: (
+        "harvester",
+        "harvester/harvester",
+        "~> 0.6",
+    ),
+    ProviderType.BARE_METAL: (
+        "redfish",
+        "dell/redfish",
+        "~> 1.0",
+    ),
+    ProviderType.WINDOWS: (
+        "windows",
+        "hashicorp/windows",
+        "~> 0.1",
+    ),
+}
+
+
+def _generate_provider_config(
+    provider_type: ProviderType, profile: ScanProfile
+) -> str:
+    """Generate the provider configuration block for a given provider type.
+
+    Uses credentials and endpoints from the ScanProfile to populate
+    platform-specific configuration attributes.
+    """
+    tf_name = _PROVIDER_METADATA[provider_type][0]
+    lines: list[str] = []
+    lines.append(f'provider "{tf_name}" {{')
+
+    if provider_type == ProviderType.KUBERNETES:
+        host = profile.credentials.get("host", "")
+        cluster_ca = profile.credentials.get("cluster_ca_certificate", "")
+        token = profile.credentials.get("token", "")
+        lines.append(f'  host                   = "{host}"')
+        lines.append(f'  cluster_ca_certificate = "{cluster_ca}"')
+        lines.append(f'  token                  = "{token}"')
+
+    elif provider_type == ProviderType.DOCKER_SWARM:
+        host = profile.credentials.get("host", "")
+        cert_path = profile.credentials.get("cert_path", "")
+        lines.append(f'  host      = "{host}"')
+        lines.append(f'  cert_path = "{cert_path}"')
+
+    elif provider_type == ProviderType.SYNOLOGY:
+        url = profile.credentials.get("url", "")
+        username = profile.credentials.get("username", "")
+        password = profile.credentials.get("password", "")
+        lines.append(f'  url      = "{url}"')
+        lines.append(f'  username = "{username}"')
+        lines.append(f'  password = "{password}"')
+
+    elif provider_type == ProviderType.HARVESTER:
+        kubeconfig = profile.credentials.get("kubeconfig", "")
+        lines.append(f'  kubeconfig = "{kubeconfig}"')
+
+    elif provider_type == ProviderType.BARE_METAL:
+        endpoint = profile.credentials.get("endpoint", "")
+        username = profile.credentials.get("username", "")
+        password = profile.credentials.get("password", "")
+        lines.append(f'  endpoint = "{endpoint}"')
+        lines.append(f'  username = "{username}"')
+        lines.append(f'  password = "{password}"')
+
+    elif provider_type == ProviderType.WINDOWS:
+        host = profile.credentials.get("host", "")
+        username = profile.credentials.get("username", "")
+        password = profile.credentials.get("password", "")
+        lines.append(f'  host     = "{host}"')
+        lines.append(f'  username = "{username}"')
+        lines.append(f'  password = "{password}"')
+        lines.append("")
+        lines.append("  winrm {")
+        winrm_port = profile.credentials.get("winrm_port", "5985")
+        winrm_use_ssl = profile.credentials.get("winrm_use_ssl", "false")
+        lines.append(f"    port    = {winrm_port}")
+        lines.append(f"    use_ssl = {winrm_use_ssl}")
+        lines.append("  }")
+
+    lines.append("}")
+    return "\n".join(lines)
+
+
+def _generate_required_providers_block(
+    provider_types: set[ProviderType],
+) -> str:
+    """Generate the terraform { required_providers { ... } } block."""
+    lines: list[str] = []
+    lines.append("terraform {")
+    lines.append("  required_providers {")
+
+    for provider_type in sorted(provider_types, key=lambda p: p.value):
+        tf_name, source, version = _PROVIDER_METADATA[provider_type]
+        lines.append(f"    {tf_name} = {{")
+        lines.append(f'      source  = "{source}"')
+        lines.append(f'      version = "{version}"')
+        lines.append("    }")
+
+    lines.append("  }")
+    lines.append("}")
+    return "\n".join(lines)
+
+
+# ---------------------------------------------------------------------------
+# ProviderBlockGenerator
+# ---------------------------------------------------------------------------
+
+
+class ProviderBlockGenerator:
+    """Generates Terraform provider configuration blocks.
+
+    Accepts a list of ScanProfiles and a set of ProviderTypes used in the
+    generated code, and produces a providers.tf file containing:
+    - A terraform { required_providers { ... } } block
+    - Individual provider blocks with platform-specific configuration
+    """
+
+    def generate(
+        self,
+        profiles: list[ScanProfile],
+        provider_types: set[ProviderType],
+    ) -> GeneratedFile:
+        """Generate the providers.tf file content.
+
+        Args:
+            profiles: List of ScanProfiles providing credentials/endpoints.
+            provider_types: Set of distinct ProviderTypes used in the code.
+
+        Returns:
+            A GeneratedFile with filename "providers.tf" and the HCL content.
+        """
+        # Build a map from ProviderType -> first matching profile
+        profile_map: dict[ProviderType, ScanProfile] = {}
+        for profile in profiles:
+            if profile.provider not in profile_map:
+                profile_map[profile.provider] = profile
+
+        sections: list[str] = []
+
+        # 1. required_providers block
+        sections.append(_generate_required_providers_block(provider_types))
+
+        # 2. Individual provider configuration blocks
+        for provider_type in sorted(provider_types, key=lambda p: p.value):
+            profile = profile_map.get(provider_type)
+            if profile is not None:
+                sections.append(
+                    _generate_provider_config(provider_type, profile)
+                )
+            else:
+                # Generate a placeholder block if no profile matches
+                tf_name = _PROVIDER_METADATA[provider_type][0]
+                sections.append(
+                    f'provider "{tf_name}" {{\n  # No profile provided\n}}'
+                )
+
+        content = "\n\n".join(sections) + "\n"
+
+        return GeneratedFile(
+            filename="providers.tf",
+            content=content,
+            resource_count=0,
+        )
diff --git a/src/iac_reverse/generator/resource_merger.py b/src/iac_reverse/generator/resource_merger.py
new file mode 100644
index 0000000..888cbda
--- /dev/null
+++ b/src/iac_reverse/generator/resource_merger.py
@@ -0,0 +1,59 @@
+"""Multi-provider resource merging with conflict resolution.
+
+Merges resources from multiple scan profiles into a unified inventory,
+resolving naming conflicts by prefixing with the provider identifier.
+"""
+
+from dataclasses import replace
+from collections import defaultdict
+
+from iac_reverse.models import DiscoveredResource, ScanResult
+
+
+class ResourceMerger:
+    """Merges resources from multiple ScanResult objects into a unified list.
+
+    When resources from different providers share the same name, the merger
+    resolves the conflict by prefixing each conflicting resource's name with
+    its provider identifier (e.g., "kubernetes_nginx", "docker_swarm_nginx").
+
+    Provider-specific attributes are preserved unchanged.
+    """
+
+    def merge(self, scan_results: list[ScanResult]) -> list[DiscoveredResource]:
+        """Merge resources from multiple scan results into a unified list.
+
+        Args:
+            scan_results: List of ScanResult objects, one per provider/scan profile.
+
+        Returns:
+            A unified list of DiscoveredResource with naming conflicts resolved
+            by prefixing conflicting names with the provider identifier.
+        """
+        # Collect all resources from all scan results
+        all_resources: list[DiscoveredResource] = []
+        for result in scan_results:
+            all_resources.extend(result.resources)
+
+        # Group resources by name to detect conflicts
+        resources_by_name: dict[str, list[DiscoveredResource]] = defaultdict(list)
+        for resource in all_resources:
+            resources_by_name[resource.name].append(resource)
+
+        # Identify conflicting names: same name from different providers
+        conflicting_names: set[str] = set()
+        for name, resources in resources_by_name.items():
+            providers = {r.provider for r in resources}
+            if len(providers) > 1:
+                conflicting_names.add(name)
+
+        # Build the merged list, resolving conflicts
+        merged: list[DiscoveredResource] = []
+        for resource in all_resources:
+            if resource.name in conflicting_names:
+                prefixed_name = f"{resource.provider.value}_{resource.name}"
+                merged.append(replace(resource, name=prefixed_name))
+            else:
+                merged.append(resource)
+
+        return merged
diff --git a/src/iac_reverse/generator/sanitize.py b/src/iac_reverse/generator/sanitize.py
new file mode 100644
index 0000000..e268175
--- /dev/null
+++ b/src/iac_reverse/generator/sanitize.py
@@ -0,0 +1,41 @@
+"""Identifier sanitization for Terraform resource names.
+
+Converts arbitrary resource names into valid Terraform identifiers
+matching the pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+"""
+
+import re
+
+
+def sanitize_identifier(name: str) -> str:
+    """Convert a resource name to a valid Terraform identifier.
+
+    Terraform identifiers must match: ^[a-zA-Z_][a-zA-Z0-9_]*$
+
+    Rules applied:
+    - Replace any character not in [a-zA-Z0-9_] with underscore
+    - Collapse multiple consecutive underscores into one
+    - If result starts with a digit, prepend an underscore
+    - If result is empty or only underscores, return "_resource"
+
+    Args:
+        name: Any string resource name.
+
+    Returns:
+        A valid Terraform identifier derived from the input.
+    """
+    # Replace any non-alphanumeric/underscore character with underscore
+    result = re.sub(r"[^a-zA-Z0-9_]", "_", name)
+
+    # Collapse multiple consecutive underscores into one
+    result = re.sub(r"_+", "_", result)
+
+    # If result is only underscores or empty, return fallback
+    if not result or result.strip("_") == "":
+        return "_resource"
+
+    # If starts with a digit, prepend underscore
+    if result[0].isdigit():
+        result = "_" + result
+
+    return result
diff --git a/src/iac_reverse/generator/variable_extractor.py b/src/iac_reverse/generator/variable_extractor.py
new file mode 100644
index 0000000..3d54c8d
--- /dev/null
+++ b/src/iac_reverse/generator/variable_extractor.py
@@ -0,0 +1,203 @@
+"""Variable extraction logic for Terraform code generation.
+
+Identifies attribute values that appear in 2+ resources and extracts them
+into Terraform variables with appropriate type expressions and defaults.
+"""
+
+import logging
+from collections import defaultdict
+
+from iac_reverse.models import DiscoveredResource, ExtractedVariable
+
+logger = logging.getLogger(__name__)
+
+
+def _infer_type_expr(value: object) -> str:
+    """Infer a Terraform type expression from a Python value.
+
+    Args:
+        value: The Python value to infer a type for.
+
+    Returns:
+        A Terraform type expression string (e.g., "string", "number", "bool").
+    """
+    if isinstance(value, bool):
+        return "bool"
+    elif isinstance(value, int) or isinstance(value, float):
+        return "number"
+    elif isinstance(value, str):
+        return "string"
+    elif isinstance(value, list):
+        return "list(string)"
+    elif isinstance(value, dict):
+        return "map(string)"
+    else:
+        return "string"
+
+
+def _format_default_value(value: object) -> str:
+    """Format a Python value as a Terraform default value literal.
+
+    Args:
+        value: The Python value to format.
+
+    Returns:
+        A string representation suitable for a Terraform variable default.
+    """
+    if isinstance(value, bool):
+        return "true" if value else "false"
+    elif isinstance(value, int) or isinstance(value, float):
+        return str(value)
+    elif isinstance(value, str):
+        return f'"{value}"'
+    elif isinstance(value, list):
+        items = ", ".join(f'"{item}"' if isinstance(item, str) else str(item) for item in value)
+        return f"[{items}]"
+    elif isinstance(value, dict):
+        entries = ", ".join(f'"{k}" = "{v}"' for k, v in value.items())
+        return "{" + entries + "}"
+    else:
+        return f'"{value}"'
+
+
+def _make_hashable(value: object) -> object:
+    """Convert a value to a hashable representation for counting.
+
+    Args:
+        value: Any Python value from resource attributes.
+
+    Returns:
+        A hashable version of the value.
+    """
+    if isinstance(value, dict):
+        return tuple(sorted(value.items()))
+    elif isinstance(value, list):
+        return tuple(value)
+    else:
+        return value
+
+
+class VariableExtractor:
+    """Extracts shared attribute values into Terraform variables.
+
+    Scans a list of DiscoveredResource objects, identifies attribute values
+    that appear in 2 or more resources, and creates ExtractedVariable instances
+    for each shared value.
+    """
+
+    def extract_variables(
+        self, resources: list[DiscoveredResource]
+    ) -> list[ExtractedVariable]:
+        """Identify shared attribute values and extract them as variables.
+
+        For each attribute key, collects all values across all resources.
+        If a value appears in 2+ resources for the same attribute key,
+        it becomes a variable with the most common value as the default.
+
+        Args:
+            resources: List of discovered resources to analyze.
+
+        Returns:
+            List of ExtractedVariable instances for shared values.
+        """
+        if len(resources) < 2:
+            return []
+
+        # Collect attribute values grouped by attribute key
+        # key -> {hashable_value -> [list of (resource_unique_id, original_value)]}
+        attr_values: dict[str, dict[object, list[tuple[str, object]]]] = defaultdict(
+            lambda: defaultdict(list)
+        )
+
+        for resource in resources:
+            for attr_key, attr_value in resource.attributes.items():
+                # Skip complex nested structures (dicts/lists) for variable extraction
+                # as they are less likely to be meaningfully shared
+                if isinstance(attr_value, (dict, list)):
+                    continue
+                hashable = _make_hashable(attr_value)
+                attr_values[attr_key][hashable].append(
+                    (resource.unique_id, attr_value)
+                )
+
+        # Build extracted variables for values appearing in 2+ resources
+        variables: list[ExtractedVariable] = []
+
+        for attr_key, value_groups in sorted(attr_values.items()):
+            # Find all values that appear in 2+ resources for this key
+            shared_values = [
+                (hv, entries)
+                for hv, entries in value_groups.items()
+                if len(entries) >= 2
+            ]
+
+            if not shared_values:
+                continue
+
+            # If only one shared value exists for this key, use the key as the var name
+            # If multiple shared values exist, disambiguate with a suffix
+            for idx, (hashable_value, resource_entries) in enumerate(shared_values):
+                original_value = resource_entries[0][1]
+                used_by = [entry[0] for entry in resource_entries]
+
+                # Determine the most common value among the shared values for this key
+                # The default is set to the most common value overall
+                most_common_entries = max(shared_values, key=lambda x: len(x[1]))
+                most_common_value = most_common_entries[1][0][1]
+
+                # Use the most common value as default for the primary variable,
+                # but each variable's default is its own value
+                default_value = _format_default_value(original_value)
+
+                if len(shared_values) == 1:
+                    var_name = f"var_{attr_key}"
+                else:
+                    # Disambiguate when multiple shared values exist for same key
+                    var_name = f"var_{attr_key}_{idx}"
+
+                type_expr = _infer_type_expr(original_value)
+                description = (
+                    f"Shared {attr_key} value extracted from "
+                    f"{len(resource_entries)} resources"
+                )
+
+                variables.append(
+                    ExtractedVariable(
+                        name=var_name,
+                        type_expr=type_expr,
+                        default_value=default_value,
+                        description=description,
+                        used_by=used_by,
+                    )
+                )
+
+        return variables
+
+    def generate_variables_tf(
+        self, variables: list[ExtractedVariable]
+    ) -> str:
+        """Generate Terraform variables.tf file content.
+
+        Produces variable blocks with type, description, and default values.
+
+        Args:
+            variables: List of extracted variables to render.
+
+        Returns:
+            String content for a variables.tf file.
+        """
+        if not variables:
+            return ""
+
+        blocks: list[str] = []
+        for var in variables:
+            block = (
+                f'variable "{var.name}" {{\n'
+                f'  type        = {var.type_expr}\n'
+                f'  description = "{var.description}"\n'
+                f'  default     = {var.default_value}\n'
+                f'}}'
+            )
+            blocks.append(block)
+
+        return "\n\n".join(blocks) + "\n"
diff --git a/src/iac_reverse/incremental/__init__.py b/src/iac_reverse/incremental/__init__.py
new file mode 100644
index 0000000..99b3dd0
--- /dev/null
+++ b/src/iac_reverse/incremental/__init__.py
@@ -0,0 +1,7 @@
+"""Incremental scan engine for change detection."""
+
+from iac_reverse.incremental.change_detector import ChangeDetector
+from iac_reverse.incremental.incremental_updater import IncrementalUpdater
+from iac_reverse.incremental.snapshot_store import SnapshotStore
+
+__all__ = ["ChangeDetector", "IncrementalUpdater", "SnapshotStore"]
diff --git a/src/iac_reverse/incremental/__pycache__/__init__.cpython-313.pyc b/src/iac_reverse/incremental/__pycache__/__init__.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..a386056a635330e5fd3966bba0466ecdd04a1fe6
GIT binary patch
literal 501
zcmZ{h!AiqG5Qb-yv?;|_@ZdQoC5Z8$7ez#j9!x>2!CPQil5HD_yJeCJdee9CA$%3z
zz(6mG2X8`Oz}>WBE}g^h@666W-?Fn#rwuBe-&Sw?1mII2{=!&@*`5+F5CTF-LZe3l
z0}V%Ovu6etT9vkXji8B52X-KAToJT~P1k<hJ{K|aJ1z>AIeE;4!^JQa+!;u8;t>-=
z?j*e6agj>led~=bDZ75vIjtHJRb{Q_b2Cm@!F9D03O3G1vIq-_+%?fu^JwYRQ0c;L
zl{Te`j43TQQx;R?_Z)NXrT<jkoPy3NBvu~f*0S5RNjjN>R13?EWfS>=k>(n*0@GA1
z%P4(?nc{?U-#>`1&-#~<dJqnLneZsbII3AjwZ##osYnY-z41fYI=qv~B;!ZeRZi*;
dAzxSN$0UTj!|oTHOd*)U@kiT#vT;SVegSH>nF0U+

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/incremental/__pycache__/change_detector.cpython-313.pyc b/src/iac_reverse/incremental/__pycache__/change_detector.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..acb64208579e749462ce95cde13cbe244da8906d
GIT binary patch
literal 5755
zcmd5=T}&HS7QW+|@xOrpvH7uKoVb7~7$<>-QksQ8nuIL*v1@`BOQVTBfKz)+@7SS9
zS5>tSEBdr_S5Y^+524wILSJ?(t<=7*)R%qB)N02X@erx|k~b){QQr348ILh8S@mJH
z-7C0rf6o0m=ic+3?|RSUaUw{`e>UEJ*ox4%q+%wfQrMe@!hIA+7{#f$<q9=p!4{5`
z=_~XMgP9o?vols~ov~rtj2+uK)P_!=IMadR?1;sf1v{3kVcWf}sbxW061lWk5L1Or
zUg88P&84z}EN2!oDM4>q%wsMirLdS2rGk*<<dh)E5vOx1pIZ^ID08VI#?YmAaL`c9
z7GzFX5;Brp;8w7BCzCJAoGb||@^T)!3VAM*h5?zyyG|jU7SjVTDwn@Q3S|9UJ`Jmj
zX);&7h*Ki0_LS^9OlkIOD`ZnbHq2@sWB2i5E+^o-n$xJhd3QzBnx`{z3TDJ&I#!uP
zYcNZOoaT&!BG3lgO&L}(a$BXccMA&lQ4(PajBSZin2uX86Q`4GoJm@fEDQZ{HfbBS
z#;qObHiPYYA8BFYHoe6GEl!Yjf}Az!A|pWBuJ^g)4(wTShFw~Nv7>4I6!Q3KGl<>W
zG^$|9nj<0B){ji)Zi$6eQIrl@z4lb9#^Y|?<%&|~?V`wM(!}`Wv~eyYiQMXPCbfKE
zX6LeSM}&!C*7|dSJ5W8A+LhsGG+X5YXm<0kH7gbiMJ%Og(8NqGD3JQzKIHdN!jd|M
zPy)p$Q{dp6phhaKA(WtEl}mfjk5CJmqh(7J$(9y$sS%<4nV9JyHDU>xx6HySF2o^;
zk?4fwzcd#s(L+eGCYYFcTWVGvsgz-7Zz5EL-LJeeUwjQTN<(?p4O&}cj+z0L;sUXd
zo)Y#WwXw%wY<&XRhWa*y7Mjeq7`aV#i2%o|tZ8Eo&CVG%O0Yj!pTf_k4*+9*dZ9iH
zoIw#G$p-d^LAw0`V&T^L>gPac{vz?u`I{s+fl_iL9DNm0eRSBAlkES~Q*8V3eiM$m
zQ(QGpaiP<cjnf@)*IJNyBh3?+oHa5K7><;2)yS|fkZ~^r%(W8Ege&1r02aQ=gupL3
z_?PI#no`&%jDizX;>O{yVTKE#CSU+OSHcP4+9Y0*$DACb3fhcuZ!U{wr4|Jvx|9h;
zhL~Bal^fsy)UM_M21$fl%wULCB(}j~F&(`s>rHY7JXhijx0)#|bE$k$B2f;oIh%oj
z`9<z<c;WK5ZbM83d?b6mym+8jM%Gt_SeMOK_kV!a5K^lV7-FCxbCc847p5c5t6Qw*
zGUWiuHBYrtATjTtDhWAJa~Xkx*ZZ1{N}3l61)RB6EQoTdg0TAe5nMh4|9ff3P6Ap2
zJ_E*H>H%au7SlxzXA4zKJ_@PE<}1E-0wN^3gYL6{G2li7hnJ|c^dhxoc}mv58m2Mv
zXH0xfV|7ipESe<})u@zA*5Ej8VrncIyKwzlGA;>taVnn{lQK>vGeU|7av@?_OxEy|
zWJPa-)8uhv<*w!!UlJwpofUje3mb=N#@a~AU@?*LY(6Dq<#Um$=&xXPISAQP^gepr
z9(#0igZkX_ndi$6b@GM+f6*HcgAam_Za&|$gVb+=QR)*%l=^w?iV3bAGO8_hVfNbG
zg=ySD^f63|iPz#Tl66D2Kzgd0cFsLo-3Wd@_}So>W9n2wfxpv<hm#K`AFV#e9EkqE
zX=tClHhuYx%l}cu<RKOP^Pk!_PJRCRXRm)bqfXyc;P1@Mhc_PF_|#^oxW#BLodWT?
zqZ8lK32LR<U~-{K-Dcc5Iozl<^T5y2S&`QPg(rZbIZQ{DHAj_+X>6t-=48z(tgMJq
z8WSRcNvzfw;=j5_;C9joPK2~39!T+GjsM~hX{P034l_^+do)HCvx}He1nePw6b2A5
zxH+E_Ry4PXf~1BakiqaG;E3Jap602A2^oX;Biu_e5&~s1DFL%;(ytNFKf{GI@6oPB
zbdWXh_V>|F2XeP6uFi6cPi^T}TKYH7mRim{cAt4N^olw(@zu~o$vX-8X7HnTKYVv%
z^7rp4LlbMR$KJ_ubX1L=|0;UE<eP$g^VCDv1J}llKQ$=P^K0(MzNsgD{cE-zE9wfX
zfrt`_d=rR%FuOKYZfyR#v8UYR`>5f=hV9l9<<Ni{dPNDnQtpYUJ>yExI21m~eVp44
zMbyx+5*jYQJhbbw9{2u0+mAKxvZ(76?7FL84GbxPp>G1Gs<XcIQ)ktetDp7sUI%LJ
zu59o`nG31hh{BDOTf3Fk&_-72IlD(&g3armXI9i2Tz|dX-LG^HtzRm)c7AmA!>ikE
zJ>|Zr+Bc^3jg|XPtNjy7{{$5NI=D5s-FI5;drj$ktvoais<d~2D#yLMjj-PS3FPZg
z+G8KzEVai<-q@OJyRB2{ocnmS)Hzpbn_Kg2xBC_U{FbfcpD(q~uQmLu(O+&mS?=g9
zcZOl@T?gCb+(E3v`TV=LDC9d&J=c6wGGVTN@m`EF|8RIOjxZ?#GiIvt{%vT1xI!Hj
zPk_%`WXli$6hxhIU~HBJ5|i`<texEOx&*D(x+bVXD*@xWw4gt$N#jur+F*~@Ewkq;
zF9jM_hc|_h7U2D0qy%m9r#Ky_6Lg%ZVLFyY6lU*bF6qu+!zK*6AmtC@zxfa*qy`v(
z>3lLgvbjP%rFk(Mz=YvrVrcvlWMKz>nUr-H86YKsC3uKrB)A$-LhPu~Sy2iz_%vzN
z(c&yA5j>DdKXGp(K=eaR3)Xq{kMT_;BYzE<?%;ut>L2{dKe%_y(c=8B2?ZkS_WefW
z=`8!9C!+Wx<*pvJYgp+ThQh<#gWR^iNA(XV{(<tz-hG$V)3DnBqjruVN7D|1N%p;{
zDFFBMj~D;!E_Za6JN<PR(FZ~@xeULXq$k77p;sr-o!q3ocL0H2bo=1efJl8JEJlD)
zOH>p|bj^J{@&?DqN_DB8ch}5u<cdFKjzKtKiAj)`%^Of+kKX%H@3=(u#Ro6fqjey+
zr!Liuvdu4z!5c$=2Ti~`Xen-qSmsAagqXclc|p=7RFEXV)lASK_+cspgyh~MllC7l
z(CSYZh1EPqcpUt&BNHY~yg-H+SoMtqO3n#fI+N1*b|qGEH52O8yf>ds_v*~NR}xoy
zxjRC(D9Qs)lkH~~IdI3CQ6#X67zlRQqR}u|qhVZ_(VPb|5NE}L#=Irol{I=vEQIYf
z?xP3W3I%{@3bdX#1R>XKFd+|H&}=X%DaZt$h>wwE_*oQMwC;L8tBd!<!Q@XM121br
z?iSS*P+WnHHZ?e`1cytmVF;>E+B(*3+b!PpRn-?(d|}lWQGAh-FIs9j_4lbS?CR(h
zW%P<VdR-a4UK)*+hT}?0e9iuCOD6;(Z<p!~E8ei`9aOx7o2iob^xDO;H=ug^6mOsE
z9Z<XjoAHwO6tp&azitecdm~EsFV<~;aPK-$tN#Z#>O8Tw`q=*RMgg)t*ecorhTovs
zd7e-jp4Xf_57em$^oZBoJpXo4$X0q9d4n-!;dd!158XDNPv=uSkBPl7abcb3;8#hB
zAQL7YuQB90VBLbpd0sBSZ<eVVmIUK}No22(OlQ3$6kw7Oe3WlN_FJ@TVOaZ)dxm12
zWnXZI)(e9pf4i*=P8zi*4(~oons??c$64oQ{|<uB7lD29*@?8W17%-$hbG^Vi~9G8
z<JfxWgRW;Rv>D5jMX!dP_y&A6E4<4x(vq&2)?D+JiGYE`tZXQ&BRA30z;)dex&nul
z((L1gS<hkkB?kd!A^9c9c4&&CKsk!}-i;{#Gsa3;zDJNfYkrTS2EIci*EjcX1I-H8

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/incremental/__pycache__/incremental_updater.cpython-313.pyc b/src/iac_reverse/incremental/__pycache__/incremental_updater.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..45e04e49ed47e7cdde70839e39957dae6c43613c
GIT binary patch
literal 14663
zcmcgzS#TT2nI0Si3@!o$N$@6zH$jPzOiH3eSyFUR2PH}hMz9qV4gvun1sepI9?&x3
zXyeLOwx~R;4wqL<HdSU4SB0sq+Tv46kJ+u=hutS4kPT*{IIKNt%WsgWtz=Vq*#GZ2
zaBw6$-mOfLJu}^ZAJhFG-~V@G$K|p!aJ}=d?l=DBC5HKTd{Hm6^04zmczB-?7{Uk!
z!FbU?4D@a!MtV096WmP~&C@Jld89F4v`kxxl|Hi<xoI1*(Pzs=`?P~N=(F{rbJ|5*
z({-e7+D+U%6E+5Uwd?Y|mkHM&G|2D7+rsoR0@ua}wu43`uVLQkw?|I`$%S-`Bo-3s
zY&69$EyknS1mWj0guj*`Bnl4;{DtUgelD3xh<r31=fy0L1nl;ci;Jlw=JBU*M$_{N
zVQFC@N|yO-2FUot+etB-OwaR~rR?HTmX9Y%B9_gN<-PnuCZ3#Ire*2WvORk<!3VN)
zwLQ>xK6^8o<zpEbTr$naXg_hDB*e@Ti6z7UFDxxCW=K}FN8@p9F`c-j74tVznb@1+
zUdUL;yoIIOpwtrl9{SBtYNz8$Cd%#e(QK9^Z!BfuD{m#UH{nzGxusMJ8k|q06C|2V
zX3_!sr#PjT{RYW=HJZH%ckap}mPAwVTpz(HjAkP@W2wkn(bQ4`G8@EbI+;!85|Lya
zCO$crOc1|Ga#c;FWS3vBEiWddx}fsSa$ZbcMLDIc2#-70VKv`p!VEAPgG>etW+dh=
zM(7aCVOC(n7Qqs>hPkjM%pEYYPzC=5t6)07A$z=Ge#1a)VY^@rJHi$$J75%Sn12wS
z@gh#4Q?O$WaS4ua9j$8?oHWN>k>jE{o{F40no}>hVHDP|_kdaO(3}RLKJ3-#EP|Kj
zHfp&IVNMxgBQ0stN^sm3p^4`Dv=+>QkLEPfo|<WIEx|E){FN!xZK0HH8f7a`)BeJi
z19qW}mbMG+q+{OX?~=R~k`j^y<x?ND7`*^OrAkAxLYicL6;UESSD0e4#A0^0Fd>72
zG}Q_bzX+Tb;Ac>hPzE!*1xXPaWP5oWWxf{q;Y_+Lbo?Snyed=nEU=rO3c9QeVE7=Q
zpcG_f0Fp`-fGnQTSS&+O@KVd55zd0v2u{shd1dO1)}A;iiysUU+flobWs{#HnFX4!
zDgZlvFcLz$K)aYpQ?Uji0nMUOmq(!Vdh*Pf>OP~3i-~j`=X1A4!1cf`fQDoiNfOkV
zUG1MA24x6x4YP(MsP*{d9G?UQmPv@|p{%S!{7SzwSI%5Gd!f4P%4yRSPR)0tHo=kE
zH4Vd4-5>_+m!&#+y&|HlP$j#(`Vml}QiIx1M5`%E7Lv#=k#tP8JjmrH<$os)5AQSA
zJt@qk*DRLND`Zq{M2JZ#mVseHrelU-g(42QJhPvHa;?^^O(|qlwE(54E$B6G@EfDc
z)UJSvi>5%!(W%@mJZMA6yf|s+;i~@TN&Xtl{^=^a5>JRR(8jnlx2RQ+twDfRFHg}V
zk6Kt=<6VMNAr`piz;3iY4x!9dund@?GuM;6s@wSm;2#`JX0A+_1m?|98=<wTtrM8Q
z7}yVx5z4LmcJoev4<^331cow>WLgWVt%1JO5h<pPwg#53!e$`{`7M$=QazyrS5I<8
z%JU>OM%30SdC4RuvQS&Kg%N7^{btE5CQ@_61+9=eOx%!&$Z$AO(wWnf;o#KOD`6oW
zC3B}U@kCf8v2ZdPgHGN`5HS(1P>hw&5m{VFU~yUEB9SE6#YjYI*Wnhma0q)2K=LkA
z;u${hnCp1b-o0iowC`ClKjvDt`X`G0#~zL0OV1Pk-oI;FF@MB$>_81B27IYqnuzR$
ztoNB&tt`X@HDS=G8C6vJ8NVTSEJ#I;ayHBuG6B^UsFzXG0cyFGAPE`kAf|{f5o8wN
z8BmpeBWZ$$30e=ofi%NS#NK(*0;yD2J^NCR&TLeZyo@bilkYOmER3h&-hpDnP`+WP
z;2z%OhDke=RDC)w9De>z9J+lUq&o;NwU^!`G%)A?hGEi%kRga|)LgR`H6zHWPv!gM
zb+DBUpkJ7vqnxWgg$(Kh^UTZvp!&QXoNCSTy`l%?&zh^Mhr}1?!Bf)!ykZZi6KB3l
zzXQIe_NwY-m0=tV&!A4s{ryQ?dp-*IQI<`yY|yGTonoJAbr<N%t0V)kR|I29F>NBg
zm#5+nH?W&3PiSfaurC!as-{$k5S^O?Bn~X8+B_N7qq!?<K-403;)RcstjcI5hoVvt
zArM?&$*Nd;P#B<$<EaElJ3#G3Tw<w?lU!;(9i_ynI#2Sb1?reVBv1?_i_#kkAZTDJ
z4=j}$sYOQ&Xvs;S72kyfG=h_9ZZG;q^1hLxZ|t#eY~}2hyQ%2z$-8?#e62Vzksp{S
zxF@zejYUs?-qXMK%Ez9)TlLMw`o4U9--o&4&_sS{qEIhW^yWRiYllAej8suf=7%Of
zs-L874CFlnYjYoaMn7{g&Er(i2-?nAr2;|QNTsa=4^-Mv*lRA}_sTj-sVWm`W5^iP
zY;3uzYJpXI9fb^#FKd}XeY)PG`hGl8=*Xv@RL-Ktr&k#(sAHn-e2$z^&i_u3as?mN
z7_$=oB?0!TtVr2d=0XbjbRdEZ4T4qf5MO}}kdGBE)Vf1%=D-!3Ph=z6Icn1)sHr8F
zW&)9^B@4xCqU2NfxNIS*!$|eDWCC86Okx(mm`X-R9HArrnThf-Wdg~nbSC2JgPo-8
zO#0wO>eXRpRVI|-UjaIC781(V4b4UGaNaw-?koC_<^9JB-s3CQEr<8+@jJ(hj`qBx
zeaq=7I*0Pkp>^wH=VAKB=be1f*`Igze<-Xs|0Mj_IkwF?iyWWl_%+{0s%fZXJdIgD
zgPy-Mvod<-L60qg?R8jjKcg~h+N5tTuJ?pY2XR{AqKv3x4uU$&Ia@E+0Ws0QZ<(Pf
zyS{TW4o=q>a~w3z{gRwY^<ovD+6clCGKxtfB$5fZR&r>Jnv4VAK{Y+zB>S-z1f&?h
zxy*(HtSKXvT@6vgZ8AR&U@`v!ex!p81C{s<NM68=O|8YIK)xwZY#Pfqjcpt%j!)&s
zr+z^SP17s(EsgP-H%1<F$LM=Up6ig=@xz9-SAWv+5f_lriY`lTLib;qCBK;dJOqsK
zXVaha2Fh^X4bf-<D8F)qN?mV7Q>qSQIV7byjJuquFQOq;vs=Y_)(X}`fDL+3M&~c)
zH8Kvg)hZ4#y43dqmQwql$EpZEU%*v=qK^B>IaXpBXNPQzQI4vNG3pHb-x-92G85cu
zuaKb*0<z=AQ2?rd_l>##ItL&hO^ar!(0<7N7eAkTE0NY_l1Ebl>R>7wyIGxyE+dTw
zMP+9p9bEtz_OiOv5v+I|I;hemRi*OMmV-%ZA?*|38~PYfTXs$q&$`kb)<%zRX!d3j
zaikneRYsjN0SUMy2y7KdMpcoB@~9dxR8UgC-s;vGSOSz{2PCk(J_bOSyF2ghUVDA*
z%EtI+??m1`vB^!y3x!H5rYLlHlw*^0p<V{G1Pf&d>Yyf!q#rS)O_ebXJ=3GA__SGH
zx&dA3n4yqaGehjG8fImJI;N(V39*8yY?9KJ&!ZR20vocZCM<0US@g`6itn&o!+2n#
zLlDXx1#AZShM;EB=)BPc%5i3l;Cop8T$F>Udm#vmYK#r+b3qMC%P~8OefS&8z`oho
zP4p#Xj8(xnGHz3X+Ht$aRLJ2xMDD99#1pYpR1Ti=sbre&C1`OV1u<1eaa6XI!!ojm
zpsVGSa5~*wsOl43Dj8J;?0;aFvU8({e+F^-L^=i$)bzZ><SgOzJL7wA=Zto{WB|Bm
zlWY(Oj7PGGx3dJ@+6t_QUj^Zl8%xPlJVIv&(IkXO(^OU@BS`>2T)H8#D3Obj{T4}P
z6SOJ6Rkq8>?FvT3h!j9a3KnV0R;4k?0TIH8QY<2*2MCFmY_|8|p!|ALD1T{<(*8D(
zi|<1MqS(STv=zO5d2iqPtDD}wP4B@K>k}_HGR48k{NQB4dvwKG;uwUSd-C2r>t~C5
zzmnhkm0t`MywgDGYk4^LU~cu*wHxb01#qz(5OZj5rFmalw`@2HzL!@VTfUy6Zz%5r
z3jd1Z6Nhih*}Qrn@9bW=xXrnXTw9)NTRpnbyveowk~<>nfJqo$RTL8^p6Y<(R0mXq
zXpArPmQc!dyd{uwEkXe;E7$c?y0ULNXqE}mEXbHn#6p!#O)g>hK&g35YWuLoB5SEi
z8HSLIzQhYARadF)#$|aoDe`UsJ;S0|li#lxL+lsO0%kuOb;BgS2-{XEfzucVSEBaM
z3xfxEh-uI`I|`euC!(^Qgxo4K_J5P>8vm{qHKR~yaaK{*40NMT%Pa?9E7d~4PENr@
zlGB)+g#_fD3OhLuFVqc8#}lMRl4NXt80#QPBIl46bV*!9ltyOYb(feEWNm^Toy5w%
z<Yjo?E!0PlVo*=0cSHWa#TGDupdU!|V3qjN=)|79XU~??TXdoyxHeSWb1c8-*rVKz
z$yje+VL`&34HfRAuTvISkV)Urrtiqgxli1_)mz2xefjQv8|Gs7!F>0@Ee}ZXefK@<
zmb2krb~SPTTX|>Sopam1_LXyGxt;*Mf^vP3%5{}l$ISyO(tm^$%(@ZLU+tx_K5*<j
z1{<+P%_SHG6E*#spzDjbDo)h&Yg-rP#-NsF+ADG^O}}RFgLP#J^{JP+E@&{JLd4^J
z3^VIdse(G8Lc#pJz9ERHC?5<Sf}&_r+bQ1#R{Jt*$eQN#XEKOUwVF#+Tn)@Q!+9uQ
z0&utZgOEMgT0;o0f<^1a5pu-73g1+ojkewNaL~Y7L4nw><^rf>Q`-cT&5fHX=(}o&
z;Z>VkXUG}s*<CK!LYzj!&AbUCgqfGGkVEY$?W*WSf86#8iq9Xn<4+p5P9y?G4cv`a
zx-L|wa(on2N~lhEy`37pJLIl|S%lehg<N&axH;|7pPP`UYHt3gYV~;9c~t_dS0}j3
zEeoD;HpB@|q5g<D&7CvMz|3JlJ7fwDR8^!e*WcFG!2~jkPGHRyf)fcKwMH5e_vU{4
z1sz`*@j*~VJC8w~oW)cWqTzJ&n<C6zWE5V?XEziON_Fr5qhX?cxzcaNHX1cI5Opk@
zm)z*-%u*`Or!%kzn1o=xhLL5ni4NI-7#I){E)R$V{VmA^05E6$`Ya#LzCMz3g~gF$
z@E;iI52sI%DWJ&NzCJ9M`g8Vj@u$dGe=zaK_#8VNPT%(DOt71nGlpM+!zXMkvy{&I
z8zt}VaZ_7Xwt(aUv?H6lX&jG5OhifSresNF=I0Ycvfhf4G~#D=o@AC5B^F@rf=DKi
z)*8z!EW-9V1XaaY6oRX^nb4(c7cO16JVh>Iv#7QuD@o8*l&xlc4LBxfB&pRTSCN{f
z9te2_pIvfjLIL2C4S6F%@w0<I${#1$5JS_wb;(KdRd8+74&=z8u?THjvcTFP8i#-z
z9T*;r64Ajzj8S#TDEt_XMHhwZhE9GC<YEDqM|OyPMfWiLfsNkwwtg-mw>%e-d%O>A
z4{WPL1<#%p_7ivG6Q}p?<vW+RJSVn1K6$4D3^)8ev$3u^*d%c^Y<rp>I_^7GPrg^T
z!fv&6uDG@b_ZA0F<Ofd_2dDCbQ^mn^d1vp+g{_vp58U5(ud{`g0KB<d@^1b=x_dsz
z{UEp1-1S59!SWB5*INtS<C|RvHfA;(Pd#b$J-l@P(hh6lz4x4eGI~af{Qf+@f5W@+
zdVxRvzy<z7XJ9>9=s0}O_C#%p|Iqu>)*rX7A1U-4+~f~!ys_DMa#vGbBgM}B`Of_t
zorTU5_w1iEbZ&PJ6+1`souli~Lg)T_XSW9Stes!~+WN%}@zIe-dp3K|-n+QfzrWaj
zAm4vrWA+!Lh5oA#W?%#ZLq9$H<Fi{W{8n4n>hkKF>kV?P&6cBEEdyI!-A`@ofbYGT
zr!O%>=MAOf;4?kkcYoj7K*2i!k$269slhrZxax&I8zPsTb;x~QtVu9nl!<QeAZ^X1
z+G^E4;D+t|b2ftnlVC<f)Wy7bBNi;M=47PJ6%lbm&|A|zylPg54ViWAl4W1nMg#t7
zU|z9`#(j)vgw5ik@MVBbbn98wmcdr|cK1s+a{-+^r?zH2LoB6)8J+?39I{?D&VW#&
zl@g86w^^{DA$rc(ZGv63S%L$dDxkMfdZQj1s+d<@3<0&Bg6jy_I9Lg=a^QyQAc<i2
z?ysHgQS)^7C5%0lYpR1+txOcq8()debT9{moQ&%C@=P~y(j0Tl)XmHpL>Mj3*Bs-o
z%l+l<SP|XaDsNcpp9iZltg-_B(qWoh{jNSL&1qNJoGwP;d`ZRL^(5F&jNT}RL?tub
z+cQ(!02T}me5I&)C9lDhe~R)70nZHH>S^4w!mBgCA!gDNo61DvqU4?yu3SEofRIsQ
ziV!%T7J)kC8<=2Jf%=Tp_Q@6#{XmJ0FD)#JbmOpMbA~H#&PaB7^AKHZYVI&-1dg|C
z^+asLKtvAis_~KS&KQ>HI*Lm4r(#d?_dqLR1ce6KeQm|2fqc`z=J3&c(^1%$akm!T
zJSg>|yEpIdrM9S}=pD>^2RE#n-oZ`pVTcA9&9;UojV%wSA55>_Dl`tQOg*#j@;Mt@
zA6~eB0aWQ&p)s&xdum~P-8-zc%l>aoUH1&zp8ALEefHkmd#*KKvFBjE=U~BeaI3ND
z;ne-9)xq~>)?Upw?){yOan=2*sp~1$TVYq;gg8;Dk!j~Y@PFSAnmt-*+rRNrzU=^%
z-Mr)8=DbC&GtYHCaeD4fe{cHU(%M&H3v^?sWMXVxPZ^`lUa~MYSCOmQYI^M_-5+r;
z{r=e=8kFwKyZd&4v_Y|(o9#y*z4q97{#Q<KiG}Pxe&&S1h@CKxKlh#KX8vK~@RZy9
zkK-0d|EYUq%4zy%hXGQ$XjR@Wf*fiA(D1_<BS_^-FMI`hSvv#+A#IgZ_cRjFYWtUI
zvtS6Bz#A}z%#fPK*)&^GTk#~d=HLNpS5oK%#Z)Z;yC3H0*MN6UVYHKv0&bm8yp88i
zG2V%%-6(E?0_9}15*1c~_6)|10i@$0R^?PQob6mdSVhq}KitO)^fdP*9|#2eu%(hp
zWp2T~2n3uVR#T28SB8!8v<sdaxRHr3^AN>NWkjd}$oU3Am!L`ysfvJZue@*rMGh}R
zqzYAqOsO8!j#r%ERU71yj5;EC`cm0#If-9~xEB$A<xJ6OQiJDou9PXtbq$}G)FvS?
z5>ES1s9l7`J-s=$m)-{9HWGek_UrH5etiV0sE^^>a+ZH2d>i}%*!e}QPU4uvAdxI*
zu3S5L>5|_fYaO(5awN(rBXbCH<KYMG4L^(GZ4voGRy(rNL3cnJ(u+>%#KJp(X+(tT
z5T5E~TG}2iKUiMtEHv+1aXx`)F}^hyn*A%zlG)(t*y<QwJ-*(w{;l<Ni7_7Yl}sjA
zGs>{%nUnE&@8-UjTOImv?59V5bfn-O-Q-4TWJ$8g>;~uPV<>9sr2(%t7zF$VgNnzv
zai0NVxvcI!l96utnL<VoAoI8uS^*Po)(bwVunZs$poJwcB8&60+6Y1#w1KdUet)p{
z13g(n9J=o+5Q39$e#ODoucfsM<I<<lU=jRU#HM@TLi;ulZF}?-Oi&PFmv96;s>kE9
zcN!J>^QSMtDe$+me^%K-=F?VKkw~g6%I<Ud7Zh|iHj4@%dLx-iX5mOW)<>^T{t<`V
zfc7rOgz3%@e*bPsmiJTDpP#6*ixZ*BryTPR*mHJGfcacmW%cGvy*y3c$r)ka29>g8
zxJ_Mm8gGV!wH7$S2J=sDK$+|lo8QPJ(-4Tp$ej!&Fm6n~i^(J;fJb20Oq5J-CYB|Z
z`nF^N@<j}8;uq6Pme^}Zuj`%?y682b?Fp3GyHE#^LO;{kwVGU=-K_U-dPcxU<Xm^1
zcbxZfYolx38>WqO8%G|U*=#!bm^-!I)?aKJ$+wMs+_v}5^vdZcE&la^Ld$+|7oGKY
zFWtGcI<^{H4XyR9CD&#*TVMLvIrfxg+DE}RwAIl@g~wd0+CdNw@ou{t?k?Y1UTrG4
zyEnORD(s-y&^?jC6oymj`53?9GHg_1ob|H56ORz1`hp|G_6QzgUV<};5y=^ed~+$9
zQcBzrH~~h)EY4y&1I5-zB%X;yA_Ub2Jw8LwW=du}u}v^2DslKzfdt7e6O6<XL;?gv
zl_5Ci^h6gKz$bJa=viy|D8)W}1+Ro57$+bI+NgGxtXE|NDo0r8Dm6tSh}n{{ia1gv
z@-v2hyS$p<Co%*RbeF{Mz+(Ls^VC?!a;0Hr^7vC*1G{g#WuU~u9Y9Z0OUa5)9Md(p
z7GEFVFs~o^Q6}GcsDy+iJ7cf=ZwEe&FqXQK(a8GOOlzlq!~qgw{W~T#^BL!41EmfJ
z6oYDp+oQ&3cq_Hp*nMl4OAOpLvd{2V^4Zw&wZFiu@kjlbHD2;L*u(20Ry>SUa4WU7
zv6EZP?Ijc52gd1r+va-4!h7j(D|?6*;vEa|esYT5DG|Jv4t>R-P|*h@!v|W952Z84
zUUqCfP-5Wr=-M;9mChSl*}zsOk4*)(_5|pC+vd32cBkzb3wfnO9W1}y+*V@Y4io5Y
zDp~P~V;Y-FHhi)(O|2ydJ~<h?>vt}Al9vY;#otIC-~zo3iDbnP8K?|pxdAWTOeJqn
z){rb<Z?T9nS%1YL`G9iNKSKiOWx#nw`YSVVHPEz3UHYUdMxkDa<gFwE2}q<wnXl1@
zpzJEy;F!iG8o?ufjhWPsp}h4FU)wRE2XDETWf3|~K7c%6H%2@SNy%g|7@is}2J?=G
zF*twC)cu;V{f24z4b%Rg%&Ffn$A8P5&ok$@ZJwg7?U%N;)x!l_|GSpoS#FyR{AUcN
Hw3Gh@%0Q=L

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/incremental/__pycache__/snapshot_store.cpython-313.pyc b/src/iac_reverse/incremental/__pycache__/snapshot_store.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..6be5fcd4fe684ba41f126545605007c7f9aeb45b
GIT binary patch
literal 8210
zcmcIpU2GdycD}<IQY6J6{g5;*OZHfnVllEP+w!jxCsi!}NVa8HBPF{lHj^<qlIT!F
z<<7{ql--3N7KPjbwY`hLDmFzGG{7qR<i2@}0$VTou-KPsEGJ}Vy=~CuC4G`3Z;j1M
zd(IsWe-t^%7U&gp?&ZCA?%bbqzWbds8^NHTKsxs8@Rgs(3HeX_;Uu9{*mw$s_lQI&
zkvPe9j-wpQUDO3Re~usKDL*VwLBw|9oO{?qJ*@0LS2ygXURL&;^9}o{f4H934+m&q
zI7oxTAsP}%$~C&vd1WOZ-CZd=C8<vG9(LKkXrtt#O_DzqlIl~<hXg6mLaqojA_Y_R
zrJ4|{iAv#AGt`8jPXnuom1^ptrjgZbi<5RDHMJ0_xjcS+%9V&L{EMV1v-))25OpI@
zl_^zJw2VkqgJ#vMN=}^2Q!%ThsXC)-2K?63iYBJ>GqVcK>Uk~c_e=1cs@n}vn9CWu
zsOX}Rol$i|nVD5H;;?jaM4Zg#pj%cG-%4hcbPrXps#I5d_0s$G-nabt>RFn<n$1AZ
z${g~OP^(_e=I7uwPIor5^t7VElryTKrj0C4=X2b>k%Y_gW)wrkNmyQ#3wcdVaF%dM
zF{UB+UYy1LN-p8H!Y60v255RZi-XKj)oL2d>gha8PtA;~dVY?kRjc7rPBCCJW=_Je
zQ+YaX1uoe$rDOB6s^ynpW1u%Ie<4u4K+9L2^5=N8mdD;C%;9ZXnzPTF$$F4H{BQgQ
z#Cv3%jI!!l0ktI^sji1wN1v;zq1IFNvs8py@0PX9R%%<C$?Kf%>Lt3XnVby~qHz;J
zr^h&VxHS7qt_ux>)Dsc<X<$7`PY0CjUy~%^S~x1HG^^yY3!q?PWv@gd55G}AdYDof
z*~>XN&n!Dlh0Z4v9xH@8Cztif3V@2BGRf15K5hB4x(v!_z~GkmnnJa#Hl<r0mC`)b
zEgx()J3u{AM;l?@v<XEsiU^7*iWms1S=OB?%Fa^>7lkDgi=#SjxhPt%p6pMJp1O1~
z1$ILxPv$dfN~h@*Xf!;;G&)sfE-B~iWwb6eIXiE~s$RnuW~&2jf$>}6U;i@@H^{n&
z?ATps=`~w=i}9U>c()nvF2-65vAt$&Z!ywx_u`$4#isb(o;y9oBQF<@oPK!Z^jh=`
z$a{^CVu_XApTzc=M^2m3Gf#qb0na+Ab9?^qMS#T4ayn|n15b273|U@hr8R1ZYQWUc
z56Aoer-t8N37^w50Q20Gp3@UgaZ>^#0F~XGpcXY`Qv!wdb)Xu*TCK)kg^6!e=Z}0=
z(Ajd?K;ZDrY1wz?R5_cm1WiG>Dj^`X8fQzGBd5!tqf`TxSJg7J`K)GGe#HR9zC35B
zx)q|zHBiP$z%MPW>Ipx^>xb?_A)?p~!g2$;&#AN>EB2u1K+%cf1rQ02?tn~3`xfbT
ztls8`E^NqyU~1aZUfAAiZtpEd+X~UWW^`|{A$~V_Cs>TM79yQyq_Ys|HY44|w$4J^
zQM2u6q3wj(cA^*;3-KN^-cyM8neo1I=VEMUA(k*>i6V^Ka=>gk@TA#~`s;UlHsF=S
z5&+nh8g(tB=KIi&>MC(=C~bjUxEhwWLM{!EYXa5Y?%{%QTsRKod?^=7x!cZ1G24_R
zk5uQ}v6A<AEe`q?x(C%V%mDILkPdD}hJ_VuOfp=mf~i{kI-T%*eTM{ZMP;~2zk+HM
zH_YOvR3pLD1e7T-BO3*ET)!yVCvL@S9<N5L9_V%y{`DykH^`@bNAK4^>>FHbI0bS=
zdDQsA@;je2Cd|IU8$+uNrykcwi%mO<jnUgz%*NftaP#f6H-A{%wqvz*pSi847~Q^<
zG^2@P^R~Ok?i^b>ztXwZyuTW^c+z;9({Z;KqXRyn=Je6Dan>6@2k{=6sGM<04>q4;
z)fp3sov3q*O_a|Qo?&NPZmEO8S%MZ1c5_<bcOCwQ+-v8fKD%eNlzhFUtQG#_2qyIl
zecz-DUj>-tR<`_HBc^RIhlHErWls^*DNc>zTIfCyVB~oG)kfZpZ72q@VFttv@>zXb
zG1jv5su}ApHpOngYc}mE1{-g`a5MF|v27`{+;8qot~K^PZh3L#(CYq^X7}J)%c;lF
zj^(kHq}h3VE!tl``Q~j)0kgRij{ffTJJ(mm{rB3}wjHjRI7Mtp!+$wB^kw5isCtj2
z2#|Av#GLYyiwaU$5>oCII}*t)@j!V!NO`Ytv@Ye9+$rB7msE!}hf70JzvKl9?Mr!B
ze~;v66ggnmz*zNoj4)0;s}GjyLn&XW-X`MV@(6+yWIY?C5N({|6Ae}n$N?kOj2nM0
z!FWn5=;Z}P1BMMGc1x-aG#5<_h%d6p3e)|+aBKxQx;B}enxhI3Dt{(Rf!hLW6}vL(
zq{28lpv`lccp@oEbF;H~YUutN9&Svl;!IvQV3KKY2+EUWY+MnivR73NDLnEs5&0S8
z^vax(pHYl#8k*p`)22jNYd)7LKdvYJBbN8FqN_4Ym4;!%($yRn?VH(n3JQSm9I6Q>
z1u(J7;>&z=oaD;SPjQtV6Xn{9{Z{vcEB>#Bv@Ehoq^h`Fhr+Q_Q{gZM=#<{?2apt<
z3HOVy!PEiFon1z+spdI2_9S}*AG6cow>b#d7r<y#JS!lL3|x}VUL2DLheoZS?2L~)
z2L6tqtGP*f5PFuVD!a5TuPkR_J+f@YYLqhR)Z>ooNDyw2{|=G;$KD@X?)vGQi^9j=
zmVX@k=Y4A@F0!(1m}P8*{#a&bg3R@KBoT0qTi7$oJe}IztZddSxMazXIEn@eh;#(9
zDnzmZ)eE&+YFAO+rs9K0=@>0(h!n!R&G7D3?`}4CM&ud$PvfkegjmQ{aUIt4yj6@=
zKT&!TA_1J_I_?t5gy0Oem9N!KCJ=sE8r{Oba`bSt>{U6v3Gfc5RpZB9A-Ju^d64ct
zK@)(eRyvkT<3bNy?wWf7O^Brm)6qN=$RO-mH}VwVC%lVjbrWUEJBm)xrqoWpGbQ;X
z|8XAT91weu>YbZRL=P2d;ife1a^@|PsrubyA93t81G_v4d$x;+@HZl!;CGQpE)h`P
zhX#h0qEdr`5J^zJ8cT4Fy~Y}C-0T;}&}gfG6oAh5zL)`4JCFV1S%4@J!VQ{{ot#Ht
zViu1Nm-@jQ*mzEqBn#-RT!om%wX8ACVj4)=5&i(+Y*cu+`V~Kr-z|HtKS*AIkct1=
zG%)kZnnW0KNV-@W!X7uB&*e1?fq(~)hL>HQ7c($Z6>!o&FlnfOE`a7R-+i?(Dk?BC
zVk|rZ%LeFHAmE}HVop_b!+&9DL>@ggHZU}DYEX9IM5+OFJ4!PPZ>U~H(mw_eQwM%F
z?38YK)$3W^kn?XZG<ANrr*o#KGc(qCwx{z#Pp9-fi<7@}vz1!hwJ+Us#$?a2k09a#
z&PYB3Q>Lis5Q6b!HQe`+M1Wbo<(_#Pv7d)li`VkkD4LbU&lzdUs~dC@w~=|tmXM!S
zHA}$F1aDw&X4Yzu*`mvss3*J(M=C~d`O3#&d2x}puZ1PVAI5_$Zc;~Ebr9M{&=6Ce
z^3Yc6CImvqzTA2R9@jqr0T|Rue8GaZ#q_omyrSt9S0eX?RV<zOEYf=S{EyFn82?%8
z2d!(7WFd0Yj2vA(c782#VbNENwcmbo`M~mbm(Q)ttu`NC^a3$1G<O1TTJf6A`xm{R
zg*%rg*TOxE!eiiJT}vld_C5?Ayr(=4G~62ci=o?@W#wU@>lsf%eGo^$S+tqnwx!(1
z-tK30Q2BB2;Fmf&&ktUTz1GeDs@wnC@w%D|7g-mc#KwPtV6X`Gxj9uqi)-9fZQ@hh
zxN9rWbT}9Qhs$=ZG`@;-^Aax!lAD2&FyS!2ErV6<WL$7SMsqVT<|?o>fgTP^Z@8Ua
z9pr0(XnP5WJPYReyaLAa$MT#SB&s%@Z-+7V4OyZU2sqUwtKt$enuT*Ky#dUhiX#x(
z6tj~I-88^D2dbEnBD4DZe<0aD-bvULItT*dYGFBtR_yfGfkFV`qvx>8c@UP6gRP+G
z>Vd0?*RmZvL&dS`ae@$KKo&^xCbB&VJTu#TY~u;y5MZ2k^w!!@YdbZKKY~Yfyu-nC
zA|$%K5a}`_T`OQ8M;3km7LJ1vpfWez3f&An^2Up?UCXXJGmG_~feCak=__wM3?9DU
z_!xZ1<3B#W^rt_0d2tXe;K)-CY3N!Jz+6_nJ*fUiJ`NuKQb!H>hiwBL{DThvz`^He
zKVDaV3@LE*yKD<UH+xA35LURhxjvT$L4~cZ?X3a{&R7t};L8Enx8QQ;$NAB+I|{2P
zC8vM&yDtDYgWd>go6>06LMjcFYrAHQm!CVvR+OcD_1BE?CXN9?;>+bAF<%Z4^AI5B
z7Y>{UWfYYhd}44E*uIO9OK;^_B<Y{P)ad{Si0$I)A?l0wl5W*OD4)V*0tH>hQCQr|
z^27HC@M!Sn#_K4<N(rH&+Li}2buxS1;%0RL21HG^V_$FJ@NKo)yUBch3SIP{fPipF
zxY;J3g>aV{?ka>|G{Y|zo1=?EpGL&nuPisNHtt#UfHuck?2uU@+G|F8A4LyrxP=D)
ze?$-5=8EBlTk|*PZ@s(WCc)6ByTre}`qx(ryY`#A_TP&Yb{(^;PrUNW*MIT)FXdmz
zzkZ`|V*DBQ{nzM$CpgSH5q$nXd_kb7V}R!Yzx}ly;eogl<gZ*zc6gv%1N`V}FyQ|U
z6uu4cS4C6GM_*yY{r%vhff2C_;cJwZT?jSNHwU&WWAy-g7MS|OmxyLC1Yum*D%Ro{
zf=DhzZFQUCz^@w~RcGL%PAy^DC%&z!vq=0Lk|cgJNlK1DOoeF#4?Mz(ZT$rO4(y=i
znbUGv?QM8q6M*`RJisT;$O<|d4<9m&X%^-}%`2(i2oAGzlj?1vJ3oUy`UD8jy-2(U
zIUm=D7U%!+l}BxTYxRA_KvNBdM%q?)p81ep9{Rh`qXTD5@yu%E?4s|tZ7(cdC<e9{
z0-_lZKMAyd!IPbPZ7&MW6Uf_0q6s}q<WS&Q`ek`0pP7R%GO`tr<#*<kT&X22gZWY2
zfGtq9JT%wIaweaaWr`Pt#RIRS7)E44Zy=q<Jo9zwOHjw6loVqp6juhf5!g1{cFMLS
zD#J$=3@XT#*taZyMC^I8i1mJa7zK`^FM;@T^2FtFd!IDaxi4|c@s&LvwBe_bOWggA
z-?MzZiFiWmE|<G~DYHQ!+u)swb#L6gZ~1%c1hV@&%l^rDioezmMcv7jJ?jLrdtLYY
z&4Z_(VtGC3cl%dPV({93Z}5KP?}wjaaXs#L?^%(sde6PFXPDWO#;GQ@({~`VZ(vtm
zXN1`1!oa_c>0I`*9S`up=L4kEY$uzlK0qbmFw~rGhxrit?WiAEkG-dsfa3svhA#*7
z5Y|qE045Dz-59~PBmH>qvq&J@L3$N`BBqz(3NPD7{tEpe)FC<4{|3Z5&vD!nm%s@d
z0m21-OML%M_Wq8<e@Ava6Fi*j_XGs&aYNIsYd5dm`u@%DFO966TMHk%5dg((*|ADu
z>mDEHS?*saklpKeirIQRz<E~N53Li(??;|uw!YI3-JlAx72H>-YJvJ?f%RHVyu`Xa
P+xaHP?fHVBWYhm&W(|R*

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/incremental/change_detector.py b/src/iac_reverse/incremental/change_detector.py
new file mode 100644
index 0000000..8f4fa9c
--- /dev/null
+++ b/src/iac_reverse/incremental/change_detector.py
@@ -0,0 +1,144 @@
+"""Change detection and classification for incremental scans.
+
+Compares current scan results against previous snapshots to identify
+added, removed, and modified resources.
+"""
+
+from typing import Optional
+
+from iac_reverse.models import (
+    ChangeSummary,
+    ChangeType,
+    DiscoveredResource,
+    ResourceChange,
+    ScanResult,
+)
+
+
+class ChangeDetector:
+    """Detects and classifies changes between scan results.
+
+    Compares resources by unique_id to determine which resources
+    have been added, removed, or modified between scans.
+    """
+
+    def compare(
+        self, current: ScanResult, previous: Optional[ScanResult]
+    ) -> ChangeSummary:
+        """Compare current scan against a previous scan result.
+
+        Args:
+            current: The current scan result.
+            previous: The previous scan result, or None for first scan.
+
+        Returns:
+            A ChangeSummary with counts and list of ResourceChange objects.
+            If previous is None, all current resources are classified as ADDED.
+        """
+        if previous is None:
+            return self._handle_first_scan(current)
+
+        current_map = {r.unique_id: r for r in current.resources}
+        previous_map = {r.unique_id: r for r in previous.resources}
+
+        changes: list[ResourceChange] = []
+
+        # Detect ADDED resources: in current but not in previous
+        for uid, resource in current_map.items():
+            if uid not in previous_map:
+                changes.append(
+                    ResourceChange(
+                        resource_id=resource.unique_id,
+                        resource_type=resource.resource_type,
+                        resource_name=resource.name,
+                        change_type=ChangeType.ADDED,
+                        changed_attributes=None,
+                    )
+                )
+
+        # Detect REMOVED resources: in previous but not in current
+        for uid, resource in previous_map.items():
+            if uid not in current_map:
+                changes.append(
+                    ResourceChange(
+                        resource_id=resource.unique_id,
+                        resource_type=resource.resource_type,
+                        resource_name=resource.name,
+                        change_type=ChangeType.REMOVED,
+                        changed_attributes=None,
+                    )
+                )
+
+        # Detect MODIFIED resources: same unique_id but attributes differ
+        for uid in current_map:
+            if uid in previous_map:
+                changed_attrs = self._diff_attributes(
+                    current_map[uid], previous_map[uid]
+                )
+                if changed_attrs:
+                    resource = current_map[uid]
+                    changes.append(
+                        ResourceChange(
+                            resource_id=resource.unique_id,
+                            resource_type=resource.resource_type,
+                            resource_name=resource.name,
+                            change_type=ChangeType.MODIFIED,
+                            changed_attributes=changed_attrs,
+                        )
+                    )
+
+        added_count = sum(1 for c in changes if c.change_type == ChangeType.ADDED)
+        removed_count = sum(1 for c in changes if c.change_type == ChangeType.REMOVED)
+        modified_count = sum(1 for c in changes if c.change_type == ChangeType.MODIFIED)
+
+        return ChangeSummary(
+            added_count=added_count,
+            removed_count=removed_count,
+            modified_count=modified_count,
+            changes=changes,
+        )
+
+    def _handle_first_scan(self, current: ScanResult) -> ChangeSummary:
+        """Handle first scan with no previous snapshot.
+
+        All resources in the current scan are classified as ADDED.
+        """
+        changes = [
+            ResourceChange(
+                resource_id=resource.unique_id,
+                resource_type=resource.resource_type,
+                resource_name=resource.name,
+                change_type=ChangeType.ADDED,
+                changed_attributes=None,
+            )
+            for resource in current.resources
+        ]
+
+        return ChangeSummary(
+            added_count=len(changes),
+            removed_count=0,
+            modified_count=0,
+            changes=changes,
+        )
+
+    def _diff_attributes(
+        self, current: DiscoveredResource, previous: DiscoveredResource
+    ) -> Optional[dict]:
+        """Compare attributes between two versions of the same resource.
+
+        Returns a dict of changed attributes with 'old' and 'new' values,
+        or None if no attributes differ.
+        """
+        if current.attributes == previous.attributes:
+            return None
+
+        changed: dict = {}
+        all_keys = set(current.attributes.keys()) | set(previous.attributes.keys())
+
+        for key in all_keys:
+            old_val = previous.attributes.get(key)
+            new_val = current.attributes.get(key)
+            if old_val != new_val:
+                changed[key] = {"old": old_val, "new": new_val}
+
+        return changed if changed else None
diff --git a/src/iac_reverse/incremental/incremental_updater.py b/src/iac_reverse/incremental/incremental_updater.py
new file mode 100644
index 0000000..7385bfe
--- /dev/null
+++ b/src/iac_reverse/incremental/incremental_updater.py
@@ -0,0 +1,339 @@
+"""Incremental updater for Terraform IaC files and state.
+
+Applies a ChangeSummary to an existing output directory, modifying only
+the .tf files and state file that contain changed resources. Supports
+adding new resource blocks, removing existing blocks, and updating
+modified resource attributes without full regeneration.
+"""
+
+import json
+import logging
+import re
+from pathlib import Path
+from typing import Optional
+
+from iac_reverse.generator.code_generator import _format_hcl_value
+from iac_reverse.generator.sanitize import sanitize_identifier
+from iac_reverse.models import ChangeSummary, ChangeType, ResourceChange
+
+logger = logging.getLogger(__name__)
+
+
+class IncrementalUpdater:
+    """Applies incremental changes to Terraform IaC files and state.
+
+    Accepts a ChangeSummary and an output directory path. Modifies only
+    the .tf files containing changed resources (one .tf file per resource
+    type) and updates the terraform.tfstate file accordingly.
+
+    For REMOVED resources: removes the resource block from the .tf file
+    and the corresponding entry from the state file.
+
+    For ADDED resources: appends a new resource block to the appropriate
+    .tf file (creating the file if it doesn't exist).
+
+    For MODIFIED resources: updates the existing resource block with new
+    attribute values.
+    """
+
+    def __init__(
+        self,
+        change_summary: ChangeSummary,
+        output_dir: str,
+        resource_attributes: Optional[dict[str, dict]] = None,
+    ) -> None:
+        """Initialize the IncrementalUpdater.
+
+        Args:
+            change_summary: The ChangeSummary describing what changed.
+            output_dir: Path to the output directory containing .tf and
+                state files.
+            resource_attributes: Optional mapping of resource_id to full
+                attribute dict for ADDED/MODIFIED resources. Required for
+                generating resource blocks for added resources.
+        """
+        self._change_summary = change_summary
+        self._output_dir = Path(output_dir)
+        self._resource_attributes = resource_attributes or {}
+        self._modified_files: set[str] = set()
+
+    @property
+    def modified_files(self) -> set[str]:
+        """Return the set of file paths that were modified during apply."""
+        return set(self._modified_files)
+
+    def apply(self) -> None:
+        """Apply all changes from the ChangeSummary to the output directory.
+
+        Processes removed, added, and modified resources, updating only
+        the affected .tf files and the state file.
+        """
+        for change in self._change_summary.changes:
+            if change.change_type == ChangeType.REMOVED:
+                self._handle_removed(change)
+            elif change.change_type == ChangeType.ADDED:
+                self._handle_added(change)
+            elif change.change_type == ChangeType.MODIFIED:
+                self._handle_modified(change)
+
+    def _handle_removed(self, change: ResourceChange) -> None:
+        """Remove a resource block from its .tf file and state entry.
+
+        Args:
+            change: The ResourceChange describing the removed resource.
+        """
+        tf_file = self._get_tf_file_path(change.resource_type)
+        if tf_file.exists():
+            self._remove_resource_block(tf_file, change)
+            self._modified_files.add(str(tf_file))
+
+        self._remove_state_entry(change)
+
+    def _handle_added(self, change: ResourceChange) -> None:
+        """Add a new resource block to the appropriate .tf file.
+
+        Args:
+            change: The ResourceChange describing the added resource.
+        """
+        tf_file = self._get_tf_file_path(change.resource_type)
+        attributes = self._resource_attributes.get(change.resource_id, {})
+        self._add_resource_block(tf_file, change, attributes)
+        self._modified_files.add(str(tf_file))
+
+    def _handle_modified(self, change: ResourceChange) -> None:
+        """Update an existing resource block with new attribute values.
+
+        Args:
+            change: The ResourceChange describing the modified resource.
+        """
+        tf_file = self._get_tf_file_path(change.resource_type)
+        if tf_file.exists():
+            self._update_resource_block(tf_file, change)
+            self._modified_files.add(str(tf_file))
+
+    def _get_tf_file_path(self, resource_type: str) -> Path:
+        """Get the .tf file path for a given resource type.
+
+        Each resource type maps to a file named <resource_type>.tf.
+
+        Args:
+            resource_type: The Terraform resource type string.
+
+        Returns:
+            Path to the .tf file for this resource type.
+        """
+        return self._output_dir / f"{resource_type}.tf"
+
+    def _remove_resource_block(
+        self, tf_file: Path, change: ResourceChange
+    ) -> None:
+        """Remove a resource block from a .tf file.
+
+        Identifies the block by matching the resource type and sanitized
+        resource name in the resource declaration line.
+
+        Args:
+            tf_file: Path to the .tf file.
+            change: The ResourceChange identifying the resource to remove.
+        """
+        content = tf_file.read_text(encoding="utf-8")
+        tf_name = sanitize_identifier(change.resource_name)
+
+        # Pattern to match the full resource block including optional comment
+        # Matches: optional comment line + resource "type" "name" { ... }
+        pattern = self._build_block_pattern(change.resource_type, tf_name)
+        new_content = re.sub(pattern, "", content)
+
+        # Clean up excessive blank lines
+        new_content = re.sub(r"\n{3,}", "\n\n", new_content)
+        new_content = new_content.strip()
+        if new_content:
+            new_content += "\n"
+
+        tf_file.write_text(new_content, encoding="utf-8")
+
+    def _add_resource_block(
+        self, tf_file: Path, change: ResourceChange, attributes: dict
+    ) -> None:
+        """Add a new resource block to a .tf file.
+
+        Creates the file if it doesn't exist. Appends the block at the end.
+
+        Args:
+            tf_file: Path to the .tf file.
+            change: The ResourceChange describing the added resource.
+            attributes: The full attribute dict for the resource.
+        """
+        tf_name = sanitize_identifier(change.resource_name)
+        block = self._render_resource_block(
+            change.resource_type, tf_name, change.resource_id, attributes
+        )
+
+        if tf_file.exists():
+            content = tf_file.read_text(encoding="utf-8")
+            if content and not content.endswith("\n"):
+                content += "\n"
+            content += "\n" + block
+        else:
+            content = block
+
+        tf_file.write_text(content, encoding="utf-8")
+
+    def _update_resource_block(
+        self, tf_file: Path, change: ResourceChange
+    ) -> None:
+        """Update an existing resource block with changed attributes.
+
+        Replaces only the changed attribute lines within the block.
+
+        Args:
+            tf_file: Path to the .tf file.
+            change: The ResourceChange with changed_attributes dict.
+        """
+        if not change.changed_attributes:
+            return
+
+        content = tf_file.read_text(encoding="utf-8")
+        tf_name = sanitize_identifier(change.resource_name)
+
+        # Find the resource block
+        pattern = self._build_block_pattern(change.resource_type, tf_name)
+        match = re.search(pattern, content)
+        if not match:
+            logger.warning(
+                "Could not find resource block for %s.%s in %s",
+                change.resource_type,
+                tf_name,
+                tf_file,
+            )
+            return
+
+        block = match.group(0)
+        updated_block = block
+
+        for attr_name, attr_change in change.changed_attributes.items():
+            new_value = attr_change.get("new")
+            if new_value is None:
+                # Attribute was removed - remove the line
+                attr_pattern = re.compile(
+                    rf"^[ \t]*{re.escape(attr_name)}\s*=\s*.*$\n?",
+                    re.MULTILINE,
+                )
+                updated_block = attr_pattern.sub("", updated_block)
+            else:
+                # Attribute was added or changed - update/add the line
+                hcl_value = _format_hcl_value(new_value)
+                attr_pattern = re.compile(
+                    rf"^([ \t]*){re.escape(attr_name)}\s*=\s*.*$",
+                    re.MULTILINE,
+                )
+                attr_match = attr_pattern.search(updated_block)
+                if attr_match:
+                    # Replace existing attribute line
+                    indent = attr_match.group(1)
+                    replacement = f"{indent}{attr_name} = {hcl_value}"
+                    updated_block = attr_pattern.sub(replacement, updated_block)
+                else:
+                    # Add new attribute before the closing brace
+                    updated_block = re.sub(
+                        r"(\n})",
+                        f"\n  {attr_name} = {hcl_value}\\1",
+                        updated_block,
+                        count=1,
+                    )
+
+        content = content.replace(block, updated_block)
+        tf_file.write_text(content, encoding="utf-8")
+
+    def _remove_state_entry(self, change: ResourceChange) -> None:
+        """Remove a resource entry from the terraform.tfstate file.
+
+        Args:
+            change: The ResourceChange identifying the resource to remove.
+        """
+        state_file = self._output_dir / "terraform.tfstate"
+        if not state_file.exists():
+            return
+
+        content = state_file.read_text(encoding="utf-8")
+        try:
+            state = json.loads(content)
+        except json.JSONDecodeError:
+            logger.warning("Could not parse state file: %s", state_file)
+            return
+
+        tf_name = sanitize_identifier(change.resource_name)
+        resources = state.get("resources", [])
+        state["resources"] = [
+            r
+            for r in resources
+            if not (
+                r.get("type") == change.resource_type
+                and r.get("name") == tf_name
+            )
+        ]
+
+        # Increment serial to indicate state change
+        state["serial"] = state.get("serial", 0) + 1
+
+        state_file.write_text(
+            json.dumps(state, indent=2), encoding="utf-8"
+        )
+        self._modified_files.add(str(state_file))
+
+    def _build_block_pattern(
+        self, resource_type: str, tf_name: str
+    ) -> re.Pattern:
+        """Build a regex pattern to match a full resource block.
+
+        Matches an optional comment line (# Source: ...) followed by the
+        resource declaration and its body enclosed in braces.
+
+        Args:
+            resource_type: The Terraform resource type.
+            tf_name: The sanitized Terraform resource name.
+
+        Returns:
+            A compiled regex pattern matching the full block.
+        """
+        # Match optional comment + resource block with balanced braces
+        # The block body can contain nested braces (e.g., tags = { ... })
+        escaped_type = re.escape(resource_type)
+        escaped_name = re.escape(tf_name)
+        pattern = (
+            rf"(?:# Source:.*\n)?"
+            rf'resource\s+"{escaped_type}"\s+"{escaped_name}"\s*\{{'
+            rf"[^{{}}]*(?:\{{[^{{}}]*\}}[^{{}}]*)*"
+            rf"\}}\n?"
+        )
+        return re.compile(pattern, re.DOTALL)
+
+    def _render_resource_block(
+        self,
+        resource_type: str,
+        tf_name: str,
+        source_id: str,
+        attributes: dict,
+    ) -> str:
+        """Render a Terraform resource block as HCL text.
+
+        Args:
+            resource_type: The Terraform resource type.
+            tf_name: The sanitized Terraform resource name.
+            source_id: The source resource identifier for traceability.
+            attributes: The attribute dict to render.
+
+        Returns:
+            A string containing the HCL resource block.
+        """
+        lines = [f"# Source: {source_id}"]
+        lines.append(f'resource "{resource_type}" "{tf_name}" {{')
+
+        for key, value in attributes.items():
+            hcl_value = _format_hcl_value(value)
+            lines.append(f"  {key} = {hcl_value}")
+
+        lines.append("}")
+        lines.append("")  # trailing newline
+
+        return "\n".join(lines)
diff --git a/src/iac_reverse/incremental/snapshot_store.py b/src/iac_reverse/incremental/snapshot_store.py
new file mode 100644
index 0000000..b500f33
--- /dev/null
+++ b/src/iac_reverse/incremental/snapshot_store.py
@@ -0,0 +1,177 @@
+"""Snapshot storage and retrieval for incremental scan comparison.
+
+Stores scan results as timestamped JSON files in `.iac-reverse/snapshots/`
+and provides retrieval of previous snapshots for change detection.
+"""
+
+import json
+import os
+from datetime import datetime, timezone
+from pathlib import Path
+from typing import Optional
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ScanResult,
+)
+
+# Default directory for snapshot storage
+SNAPSHOT_DIR = os.path.join(".iac-reverse", "snapshots")
+
+# Minimum number of snapshots to retain per profile
+MIN_RETAINED_SNAPSHOTS = 2
+
+
+def _serialize_scan_result(result: ScanResult) -> dict:
+    """Serialize a ScanResult to a JSON-compatible dictionary."""
+    return {
+        "scan_timestamp": result.scan_timestamp,
+        "profile_hash": result.profile_hash,
+        "is_partial": result.is_partial,
+        "warnings": result.warnings,
+        "errors": result.errors,
+        "resources": [_serialize_resource(r) for r in result.resources],
+    }
+
+
+def _serialize_resource(resource: DiscoveredResource) -> dict:
+    """Serialize a DiscoveredResource to a JSON-compatible dictionary."""
+    return {
+        "resource_type": resource.resource_type,
+        "unique_id": resource.unique_id,
+        "name": resource.name,
+        "provider": resource.provider.value,
+        "platform_category": resource.platform_category.value,
+        "architecture": resource.architecture.value,
+        "endpoint": resource.endpoint,
+        "attributes": resource.attributes,
+        "raw_references": resource.raw_references,
+    }
+
+
+def _deserialize_scan_result(data: dict) -> ScanResult:
+    """Deserialize a dictionary into a ScanResult."""
+    resources = [_deserialize_resource(r) for r in data["resources"]]
+    return ScanResult(
+        resources=resources,
+        warnings=data["warnings"],
+        errors=data["errors"],
+        scan_timestamp=data["scan_timestamp"],
+        profile_hash=data["profile_hash"],
+        is_partial=data.get("is_partial", False),
+    )
+
+
+def _deserialize_resource(data: dict) -> DiscoveredResource:
+    """Deserialize a dictionary into a DiscoveredResource."""
+    return DiscoveredResource(
+        resource_type=data["resource_type"],
+        unique_id=data["unique_id"],
+        name=data["name"],
+        provider=ProviderType(data["provider"]),
+        platform_category=PlatformCategory(data["platform_category"]),
+        architecture=CpuArchitecture(data["architecture"]),
+        endpoint=data["endpoint"],
+        attributes=data["attributes"],
+        raw_references=data.get("raw_references", []),
+    )
+
+
+class SnapshotStore:
+    """Manages storage and retrieval of scan result snapshots.
+
+    Stores scan results as timestamped JSON files in a configurable
+    directory (defaults to `.iac-reverse/snapshots/`). Supports
+    retrieval of the most recent snapshot for a given profile hash
+    and automatic pruning of old snapshots.
+    """
+
+    def __init__(self, base_dir: Optional[str] = None) -> None:
+        """Initialize the snapshot store.
+
+        Args:
+            base_dir: Base directory for snapshot storage.
+                      Defaults to `.iac-reverse/snapshots/`.
+        """
+        self._snapshot_dir = Path(base_dir) if base_dir else Path(SNAPSHOT_DIR)
+
+    @property
+    def snapshot_dir(self) -> Path:
+        """Return the snapshot directory path."""
+        return self._snapshot_dir
+
+    def store_snapshot(self, result: ScanResult, profile_hash: str) -> None:
+        """Store a scan result as a timestamped JSON snapshot.
+
+        Args:
+            result: The scan result to store.
+            profile_hash: Hash identifying the scan profile.
+
+        The snapshot is saved with filename format:
+            {profile_hash}_{timestamp}.json
+        where timestamp is ISO format with colons replaced by dashes.
+
+        After storing, old snapshots are pruned to retain at least
+        MIN_RETAINED_SNAPSHOTS most recent files per profile_hash.
+        """
+        self._snapshot_dir.mkdir(parents=True, exist_ok=True)
+
+        timestamp = datetime.now(timezone.utc).strftime("%Y-%m-%dT%H-%M-%SZ")
+        filename = f"{profile_hash}_{timestamp}.json"
+        filepath = self._snapshot_dir / filename
+
+        data = _serialize_scan_result(result)
+        with open(filepath, "w", encoding="utf-8") as f:
+            json.dump(data, f, indent=2)
+
+        self._prune_snapshots(profile_hash)
+
+    def load_previous(self, profile_hash: str) -> Optional[ScanResult]:
+        """Load the most recent snapshot for a given profile hash.
+
+        Args:
+            profile_hash: Hash identifying the scan profile.
+
+        Returns:
+            The most recent ScanResult for the profile, or None if
+            no snapshot exists.
+        """
+        snapshots = self._list_snapshots(profile_hash)
+        if not snapshots:
+            return None
+
+        # Sort by filename (which includes timestamp) to get most recent
+        snapshots.sort()
+        most_recent = snapshots[-1]
+
+        with open(most_recent, "r", encoding="utf-8") as f:
+            data = json.load(f)
+
+        return _deserialize_scan_result(data)
+
+    def _list_snapshots(self, profile_hash: str) -> list[Path]:
+        """List all snapshot files for a given profile hash."""
+        if not self._snapshot_dir.exists():
+            return []
+
+        prefix = f"{profile_hash}_"
+        return [
+            p
+            for p in self._snapshot_dir.iterdir()
+            if p.is_file() and p.name.startswith(prefix) and p.name.endswith(".json")
+        ]
+
+    def _prune_snapshots(self, profile_hash: str) -> None:
+        """Remove old snapshots, keeping at least MIN_RETAINED_SNAPSHOTS most recent."""
+        snapshots = self._list_snapshots(profile_hash)
+        if len(snapshots) <= MIN_RETAINED_SNAPSHOTS:
+            return
+
+        # Sort by filename (timestamp is embedded) and remove oldest
+        snapshots.sort()
+        to_remove = snapshots[: len(snapshots) - MIN_RETAINED_SNAPSHOTS]
+        for snapshot_path in to_remove:
+            snapshot_path.unlink()
diff --git a/src/iac_reverse/models.py b/src/iac_reverse/models.py
new file mode 100644
index 0000000..a301005
--- /dev/null
+++ b/src/iac_reverse/models.py
@@ -0,0 +1,425 @@
+"""Core data models for the IaC Reverse Engineering tool.
+
+Contains enums, dataclasses, and type definitions used across all components
+of the pipeline: Scanner, Dependency Resolver, Code Generator, State Builder,
+Validator, and Incremental Scan Engine.
+"""
+
+from dataclasses import dataclass, field
+from enum import Enum
+from typing import Optional
+
+
+# ---------------------------------------------------------------------------
+# Enums
+# ---------------------------------------------------------------------------
+
+
+class ProviderType(Enum):
+    """Supported on-premises infrastructure provider types."""
+
+    DOCKER_SWARM = "docker_swarm"
+    KUBERNETES = "kubernetes"
+    SYNOLOGY = "synology"
+    HARVESTER = "harvester"
+    BARE_METAL = "bare_metal"
+    WINDOWS = "windows"
+
+
+class PlatformCategory(Enum):
+    """Categorizes providers by their infrastructure model."""
+
+    CONTAINER_ORCHESTRATION = "container"  # Docker Swarm, Kubernetes
+    STORAGE_APPLIANCE = "storage"  # Synology Disk Station
+    HCI = "hci"  # SUSE Harvester (Hyper-Converged Infrastructure)
+    BARE_METAL = "bare_metal"  # Physical servers (Linux)
+    WINDOWS = "windows"  # Standalone Windows machines
+
+
+PROVIDER_PLATFORM_MAP: dict[ProviderType, PlatformCategory] = {
+    ProviderType.DOCKER_SWARM: PlatformCategory.CONTAINER_ORCHESTRATION,
+    ProviderType.KUBERNETES: PlatformCategory.CONTAINER_ORCHESTRATION,
+    ProviderType.SYNOLOGY: PlatformCategory.STORAGE_APPLIANCE,
+    ProviderType.HARVESTER: PlatformCategory.HCI,
+    ProviderType.BARE_METAL: PlatformCategory.BARE_METAL,
+    ProviderType.WINDOWS: PlatformCategory.WINDOWS,
+}
+
+
+class CpuArchitecture(Enum):
+    """CPU architecture of the host or resource."""
+
+    AMD64 = "amd64"
+    ARM = "arm"
+    AARCH64 = "aarch64"
+
+
+class ChangeType(Enum):
+    """Classification of resource changes between scan runs."""
+
+    ADDED = "added"
+    REMOVED = "removed"
+    MODIFIED = "modified"
+
+
+# ---------------------------------------------------------------------------
+# Provider supported resource types
+# ---------------------------------------------------------------------------
+
+PROVIDER_SUPPORTED_RESOURCE_TYPES: dict[ProviderType, list[str]] = {
+    ProviderType.DOCKER_SWARM: [
+        "docker_service",
+        "docker_network",
+        "docker_volume",
+        "docker_config",
+        "docker_secret",
+    ],
+    ProviderType.KUBERNETES: [
+        "kubernetes_deployment",
+        "kubernetes_service",
+        "kubernetes_ingress",
+        "kubernetes_config_map",
+        "kubernetes_persistent_volume",
+        "kubernetes_namespace",
+    ],
+    ProviderType.SYNOLOGY: [
+        "synology_shared_folder",
+        "synology_volume",
+        "synology_storage_pool",
+        "synology_replication_task",
+        "synology_user",
+    ],
+    ProviderType.HARVESTER: [
+        "harvester_virtualmachine",
+        "harvester_volume",
+        "harvester_image",
+        "harvester_network",
+    ],
+    ProviderType.BARE_METAL: [
+        "bare_metal_hardware",
+        "bare_metal_bmc_config",
+        "bare_metal_network_interface",
+        "bare_metal_raid_config",
+    ],
+    ProviderType.WINDOWS: [
+        "windows_service",
+        "windows_scheduled_task",
+        "windows_iis_site",
+        "windows_iis_app_pool",
+        "windows_network_adapter",
+        "windows_firewall_rule",
+        "windows_installed_software",
+        "windows_feature",
+        "windows_hyperv_vm",
+        "windows_hyperv_switch",
+        "windows_dns_record",
+        "windows_local_user",
+        "windows_local_group",
+    ],
+}
+
+MAX_RESOURCE_TYPE_FILTERS = 200
+
+
+# ---------------------------------------------------------------------------
+# Scanner dataclasses
+# ---------------------------------------------------------------------------
+
+
+@dataclass
+class ScanProfile:
+    """Configuration for a single infrastructure scan."""
+
+    provider: ProviderType
+    credentials: dict[str, str]
+    endpoints: Optional[list[str]] = None
+    resource_type_filters: Optional[list[str]] = None
+    authentik_token: Optional[str] = None
+
+    def validate(self) -> list[str]:
+        """Returns list of validation errors, empty if valid.
+
+        Validates:
+        - credentials must not be empty
+        - resource_type_filters must have at most MAX_RESOURCE_TYPE_FILTERS entries
+        - resource_type_filters entries must be supported by the provider
+        """
+        errors: list[str] = []
+
+        if not self.credentials:
+            errors.append("credentials must not be empty")
+
+        if self.resource_type_filters is not None:
+            if len(self.resource_type_filters) > MAX_RESOURCE_TYPE_FILTERS:
+                errors.append(
+                    f"resource_type_filters must have at most "
+                    f"{MAX_RESOURCE_TYPE_FILTERS} entries, "
+                    f"got {len(self.resource_type_filters)}"
+                )
+
+            supported = set(PROVIDER_SUPPORTED_RESOURCE_TYPES[self.provider])
+            unsupported = [
+                rt for rt in self.resource_type_filters if rt not in supported
+            ]
+            if unsupported:
+                errors.append(
+                    f"unsupported resource types for provider "
+                    f"'{self.provider.value}': {unsupported}"
+                )
+
+        return errors
+
+    @property
+    def platform_category(self) -> PlatformCategory:
+        """Return the platform category for this profile's provider."""
+        return PROVIDER_PLATFORM_MAP[self.provider]
+
+
+@dataclass
+class DiscoveredResource:
+    """A single resource discovered from an infrastructure provider."""
+
+    resource_type: str
+    unique_id: str
+    name: str
+    provider: ProviderType
+    platform_category: PlatformCategory
+    architecture: CpuArchitecture
+    endpoint: str
+    attributes: dict
+    raw_references: list[str] = field(default_factory=list)
+
+
+@dataclass
+class ScanResult:
+    """Complete result of a scan operation."""
+
+    resources: list[DiscoveredResource]
+    warnings: list[str]
+    errors: list[str]
+    scan_timestamp: str
+    profile_hash: str
+    is_partial: bool = False
+
+
+@dataclass
+class ScanProgress:
+    """Progress update during a scan operation."""
+
+    current_resource_type: str
+    resources_discovered: int
+    resource_types_completed: int
+    total_resource_types: int
+
+
+# ---------------------------------------------------------------------------
+# Dependency Resolver dataclasses
+# ---------------------------------------------------------------------------
+
+
+@dataclass
+class ResourceRelationship:
+    """A relationship between two discovered resources."""
+
+    source_id: str
+    target_id: str
+    relationship_type: str  # "parent-child", "reference", "dependency"
+    source_attribute: str
+
+
+@dataclass
+class UnresolvedReference:
+    """A reference that could not be resolved to a known resource."""
+
+    source_resource_id: str
+    source_attribute: str
+    referenced_id: str
+    suggested_resolution: str  # "data_source" or "variable"
+
+
+@dataclass
+class CycleReport:
+    """Report of a detected circular dependency with resolution suggestions."""
+
+    cycle: list[str]  # Resource IDs forming the cycle
+    suggested_break: tuple[str, str]  # (source_id, target_id) edge to break
+    break_relationship_type: str  # Type of the relationship to break
+    resolution_strategy: str  # Human-readable suggestion for resolution
+
+
+@dataclass
+class DependencyGraph:
+    """Complete dependency graph of discovered resources."""
+
+    resources: list[DiscoveredResource]
+    relationships: list[ResourceRelationship]
+    topological_order: list[str]
+    cycles: list[list[str]]
+    unresolved_references: list[UnresolvedReference]
+    cycle_reports: list[CycleReport] = field(default_factory=list)
+
+
+# ---------------------------------------------------------------------------
+# Code Generator dataclasses
+# ---------------------------------------------------------------------------
+
+
+@dataclass
+class GeneratedFile:
+    """A single generated Terraform HCL file."""
+
+    filename: str
+    content: str
+    resource_count: int
+
+
+@dataclass
+class ExtractedVariable:
+    """A Terraform variable extracted from common resource values."""
+
+    name: str
+    type_expr: str
+    default_value: str
+    description: str
+    used_by: list[str] = field(default_factory=list)
+
+
+@dataclass
+class CodeGenerationResult:
+    """Complete result of code generation."""
+
+    resource_files: list[GeneratedFile]
+    variables_file: GeneratedFile
+    provider_file: GeneratedFile
+    outputs_file: Optional[GeneratedFile] = None
+    skipped_resources: list[tuple[str, str]] = field(default_factory=list)
+
+
+# ---------------------------------------------------------------------------
+# State Builder dataclasses
+# ---------------------------------------------------------------------------
+
+
+@dataclass
+class StateEntry:
+    """A single resource entry in the Terraform state file."""
+
+    resource_type: str
+    resource_name: str
+    provider_id: str
+    attributes: dict
+    sensitive_attributes: list[str] = field(default_factory=list)
+    schema_version: int = 0
+    dependencies: list[str] = field(default_factory=list)
+
+
+@dataclass
+class StateFile:
+    """Terraform state file representation (format version 4)."""
+
+    version: int = 4
+    terraform_version: str = ""
+    serial: int = 1
+    lineage: str = ""
+    resources: list[StateEntry] = field(default_factory=list)
+
+    def to_json(self) -> str:
+        """Serialize to Terraform state JSON format."""
+        import json
+        import uuid
+
+        lineage = self.lineage or str(uuid.uuid4())
+
+        state_resources = []
+        for entry in self.resources:
+            state_resources.append(
+                {
+                    "mode": "managed",
+                    "type": entry.resource_type,
+                    "name": entry.resource_name,
+                    "provider": f'provider["registry.terraform.io/hashicorp/{entry.resource_type.split("_")[0]}"]',
+                    "instances": [
+                        {
+                            "schema_version": entry.schema_version,
+                            "attributes": {
+                                "id": entry.provider_id,
+                                **entry.attributes,
+                            },
+                            "sensitive_attributes": entry.sensitive_attributes,
+                            "dependencies": entry.dependencies,
+                        }
+                    ],
+                }
+            )
+
+        state = {
+            "version": self.version,
+            "terraform_version": self.terraform_version,
+            "serial": self.serial,
+            "lineage": lineage,
+            "outputs": {},
+            "resources": state_resources,
+        }
+
+        return json.dumps(state, indent=2)
+
+
+# ---------------------------------------------------------------------------
+# Validator dataclasses
+# ---------------------------------------------------------------------------
+
+
+@dataclass
+class PlannedChange:
+    """A single planned change reported by terraform plan."""
+
+    resource_address: str
+    change_type: str  # "add", "modify", "destroy"
+    details: str
+
+
+@dataclass
+class ValidationError:
+    """A validation error from terraform validate or plan."""
+
+    file: str
+    message: str
+    line: Optional[int] = None
+
+
+@dataclass
+class ValidationResult:
+    """Complete result of terraform validation."""
+
+    init_success: bool
+    validate_success: bool
+    plan_success: bool
+    planned_changes: list[PlannedChange] = field(default_factory=list)
+    errors: list[ValidationError] = field(default_factory=list)
+    correction_attempts: int = 0
+
+
+# ---------------------------------------------------------------------------
+# Incremental Scan dataclasses
+# ---------------------------------------------------------------------------
+
+
+@dataclass
+class ResourceChange:
+    """A single resource change between scan runs."""
+
+    resource_id: str
+    resource_type: str
+    resource_name: str
+    change_type: ChangeType
+    changed_attributes: Optional[dict] = None
+
+
+@dataclass
+class ChangeSummary:
+    """Summary of changes between two scan runs."""
+
+    added_count: int
+    removed_count: int
+    modified_count: int
+    changes: list[ResourceChange] = field(default_factory=list)
diff --git a/src/iac_reverse/plugin_base.py b/src/iac_reverse/plugin_base.py
new file mode 100644
index 0000000..e4098e9
--- /dev/null
+++ b/src/iac_reverse/plugin_base.py
@@ -0,0 +1,103 @@
+"""Provider plugin abstract base class.
+
+Defines the interface that all infrastructure provider plugins must implement
+to participate in the scanning pipeline.
+"""
+
+from abc import ABC, abstractmethod
+from typing import Callable
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    PlatformCategory,
+    ScanProgress,
+    ScanResult,
+)
+
+
+class ProviderPlugin(ABC):
+    """Interface that all provider plugins must implement.
+
+    Each on-premises platform (Docker Swarm, Kubernetes, Synology, Harvester,
+    Bare Metal, Windows) provides a concrete implementation of this class to
+    handle platform-specific authentication, discovery, and architecture detection.
+    """
+
+    @abstractmethod
+    def authenticate(self, credentials: dict[str, str]) -> None:
+        """Authenticate with the platform API.
+
+        Args:
+            credentials: Provider-specific authentication parameters
+                (API tokens, usernames, passwords, kubeconfig paths, etc.)
+
+        Raises:
+            AuthenticationError: If authentication fails, with a descriptive
+                message including the provider name and failure reason.
+        """
+        ...
+
+    @abstractmethod
+    def get_platform_category(self) -> PlatformCategory:
+        """Return the platform category for this provider.
+
+        Returns:
+            The PlatformCategory enum value representing this provider's
+            infrastructure model (container orchestration, storage, HCI, etc.)
+        """
+        ...
+
+    @abstractmethod
+    def list_endpoints(self) -> list[str]:
+        """Return all reachable endpoints/hosts for this provider.
+
+        Returns:
+            List of endpoint URLs or host addresses that can be scanned.
+        """
+        ...
+
+    @abstractmethod
+    def list_supported_resource_types(self) -> list[str]:
+        """Return all resource types this plugin can discover.
+
+        Returns:
+            List of resource type strings (e.g., "kubernetes_deployment",
+            "windows_iis_site", "synology_shared_folder").
+        """
+        ...
+
+    @abstractmethod
+    def detect_architecture(self, endpoint: str) -> CpuArchitecture:
+        """Detect the CPU architecture of the target host/node.
+
+        Args:
+            endpoint: The endpoint URL or host address to query.
+
+        Returns:
+            The CpuArchitecture enum value for the target.
+        """
+        ...
+
+    @abstractmethod
+    def discover_resources(
+        self,
+        endpoints: list[str],
+        resource_types: list[str],
+        progress_callback: Callable[[ScanProgress], None],
+    ) -> ScanResult:
+        """Discover resources from the infrastructure provider.
+
+        Connects to the specified endpoints and enumerates resources of the
+        requested types. Reports progress via the callback function.
+
+        Args:
+            endpoints: List of endpoint URLs or host addresses to scan.
+            resource_types: List of resource type strings to discover.
+                Should be a subset of list_supported_resource_types().
+            progress_callback: Callable that receives ScanProgress updates
+                during the discovery process.
+
+        Returns:
+            ScanResult containing all discovered resources, warnings, and errors.
+        """
+        ...
diff --git a/src/iac_reverse/resolver/__init__.py b/src/iac_reverse/resolver/__init__.py
new file mode 100644
index 0000000..7aafef5
--- /dev/null
+++ b/src/iac_reverse/resolver/__init__.py
@@ -0,0 +1,5 @@
+"""Dependency resolver module for resource relationship mapping."""
+
+from iac_reverse.resolver.resolver import DependencyResolver
+
+__all__ = ["DependencyResolver"]
diff --git a/src/iac_reverse/resolver/__pycache__/__init__.cpython-313.pyc b/src/iac_reverse/resolver/__pycache__/__init__.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..6c6da3b82bc13553995d7c810dcddb71222af7eb
GIT binary patch
literal 333
zcmey&%ge<81UL5aXRQR%k3k$5V1hC}O92^E8G;##7=jstnY<ajn2MMb7=oGg8H<?H
zSu|OzY+X_dQu9($^O7qSic*X7bIMYS6ms)ZN^?>b((;SIVx>jNsX#_fVo7FxUU5cd
zfkJL#K|y9-y538WJ(`TSgb=0#K@BNl21@y9vfN^ik59=@j*q`3o0*s#Uz7^8pg2_z
zW*3|RRu58~n3EG9zmnlI$mm;U&Q>u&t^xir!Fh>AY0mj6sWHVx$uUSK#lTF8iI30B
z%PfhH*DI*J#bE>SgIy6QkQjluSQtorU}j`wyvgAFl)>f!xBLYzg+}%w4xl&yHsNFr

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/resolver/__pycache__/resolver.cpython-313.pyc b/src/iac_reverse/resolver/__pycache__/resolver.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..7202e370fbb7d1a8ec87c9551ad49083eacc0fe5
GIT binary patch
literal 14864
zcmeHOS#Vp|c|O<|0t5(dAh=zEph$?TOiJP+*%lXTGbtGm9NJ=vT!A173k2wMLCI8R
zYPZv5=p<9iX<XBdJE1$7T5dBPW~QAw(}(QoD<Rkhbgju~n!Na_pvlSN_M!iO?t(>-
zV<ppR9(qSQ=isdWS^n=|&f&h@ZYA&qzVCSMXVZlI0)Hr<MNaJZX$X0ZbdeyTB&Z2$
z&ugfL#agO^Sa)83&Oi<4jMR9}L`~<+)O^lDE$6J%%8><4ph4-d5PQjj?I`q$AGI%3
zd&wXP>Yvi6c@E4A8V1!I_S;zY+Y~epYLzyuhUvZ<ma-bwU{xU}Xd5t6=R(bbYoU6<
zWdLeMv=}bb2JPJt!|bYqj-YcuN9$OvdbPX;%iRR1ba_ay_NW$q!bcmHwf;K(1Wax^
zx)x0=MiY?@jz)!K{92T9OG(OptkXyo5^+8iOD2Ss*c!LWudT%r%L7*HsRSS2xDge&
z#h4IDLaXSa+D72`#3GkkiN>HG{(6{3m!Lcmf!e7gcV#^mU*vdhQ61U3O!>7H?s_b>
z0u|Ph@#JzW!pFHJU5rv3jynq!reaGm=wXeAu2TJx73if8hLpSR!!fOeK1=8pxGT}r
z^=LFvAaQ`3j;5lKl)yz|G_oG&X@MXZ#)>l#)|Z!~0#souvyQ942`S2_qRUWa!1@uc
z<(%IrR!wb0;?Y2KElE?Nqp+l>abBWpT3w<5EHSRCSf``{MawH%gAqOfCF}8&SQ|>P
zVXs9O1Ii@*I<fBR`jse60PR9J!LLSzH6FUFUQ9-=Mrj!GuP5nMv1Wy**MRh*th(#5
z#A5Qg5RS!!Fl=LZEt!mq^-Au_##)qK3k$Fbkrj$uCDs=W6-g$RV#{IJf6-NxEkK)C
zBucBWzN0W`Y?WV*!ooO}?r~5dmWqlsN{&3>wbhbwU<2dHjaArT>cBpW2ZNIUD<X*Q
z!Z_DrG_}shS9v%NiKyraPtRPOnVX)On|dZ3m<e781*T@gm!7#e6Z{An`6E34u!t7*
z*oZ|(<`Y}-*%DizhbK>6I(uO*c;@WI@MK`-)cNqmz}X9dvzMNUKu7AQVo-u%&;kME
zAygaG0P<+5KB!wT1oc6~h(2iakmvN&7}PJAMzlc_`(+NA7c7A~wKp{pv@BFD*pSnq
ze$|4ValSEVWv!}%RgmXkrM3k`2gia#=6jnIL#vvSe7StY7__rKTn`+%S{aXx%tnD$
z4%VtR=v=4^*1&%~jA%q;fjQNe<<_#?29{g5;E?Oqv)sm@lA{kcupD<;y+*0tLQ_#q
zH|8CcSBJWTP1Lh&@Oyy0R3Jg7LInG07^>a)Z}}%+lu`o$M1g`L;EE-dC=Z;y9!afJ
zggl8$fyE0rR|aGN1yMM4-2J?b7#EZ93Nf{So)V}q_ydIGWL|v%x?niLV7D^-sZfP5
z!_d|GyRb>D5&%m8dKs7)X%uFbn2X2)fUP2)9Uc7Nrx3hG=AChtjX_8gD6T2z*OI5T
zf_8`q+FEi3*fZ%3=+!1_BBTv#XKM(lA{^9AXhS59qp)vTBWR`ECF0lKNS#f@QZYUr
zyAefkA>k}aASMcU4yS;bfQPshbXgd;a_|*RZJfIV4GXx*0aB&-SOUPJqG%eh&iVDC
zEnL(E!hyWuqGdf1dwx9{jxCCITs(%>2z!7UdLbHLq8v;_)KCHE1f+<^rp6ZnGZ!x`
z1QR@6no2H47X%tvi186<4|5Ts3)l}HOEodDwjr9sVW2V<4vWqAAK(F{Z~{gVMj?2K
z<ZYz2=RI@NJ>Ou~H+I`Mwy)Ekw2Hp5t><4k|MK~*ny<{IePer=xv78O?D_4-1d;;o
z&}$7N`UnD`@*!Tct-l4~Yvi($PbzJ@mndA9&<v7<7XIr(q|(+0jA}<}0**=>AqhPk
zDFr9hGB{}Z0MqS?vLLBwOB|Wyq=WP@<DJ%=fmy+b`hcypU;G91{3nze<}U`S?=PKz
zRpNmUU_3a&<=^~_qCq8$P@}fI9NHNa+7qUbE>M4ejmwQnUgf!mj3GnF6x59Am7X|q
z*{!q*G%Kk>9MpbVPe+l>;e)mOQ#P*(vkn=sQo;;#YGsv6g84J*tSzvM?Infm$NZ&=
zyC_2lhpX99p;e(@V@O+ZtvZ!f5164LWC<CAy5hB(-IGqtY0WI0Mg$=ky-Vq*5YM~R
zSy@9?fVL_DPBw!!SfS*<1r8PJDyfUwS*O%z!j`Cle*H>GA)fcB{n{`0D)~^i0#sJw
zmykAO57|PxkTs|uGx~rc2AEX<m<Ik798X#EE)^|I<6fi5#dT2Gi*;*`>DGXrlc;us
z0uE@&vid+O$_g-(Dt(pIU4g09oZK-8u!{OQ*K>tN`Kt)I5$ubLE`r|7#g;(EfzmJV
zbi)r61egqxA-sTjlJH}QuK+F#TOv67Dh}JnWC0ry8n7537j<x%>~&RxhJ3{Y8L$HW
zyJTQj21LAf%6WV$MPpaiL07e_troFDoh);si%c@anL%)4p`fP&(efzV5>2k6<YMxJ
z>+TY|xgNFSahBmnMS+#{D@!liP*Tt1T$cc(T4b_-085Ie%h43lQd7J>;S?(G18~;-
zM(TqIDKFAH#F`?tBFwBR(I~B(SYL6GM0?3{`Wr-T;swzpYbq4kQX0t2FD`}?AoM7*
zm{?t^B~j!d(F+7K^KBzszQkcLHF0mm+OWL1MN2Ch!At?;l$x;@BUpvYQ7W3Q^Ax4K
z*bt7yc|nLRZ9tpCY(+*Ao<J}M9yl;XNhR7P76{90VPLU%D16^?h4FYw)xyeIr^wL$
zYKkVdXka`=M<7j)V}@DTd=Yf7B_M?D4;{iXhrEwU6^iOAMJbP!@c`3fn1f<hK)41y
zqv)fEI-&_%gH|DW3ak{66^#M8><R4P4q(Ph<e-k!)V^;0y7jMYn}*!Tu}yn!;^eNm
zHE$$Mty#A}?e=Hg!|%C=H_zm3HLuLQJhwHPZSGGu_kUm;*wc}wk-WLM=KHLs$D8#W
zdCzm?rZHFBl<gQ!cMNB0hwpXwX1nLo-E%oN2TDp$!)~1q#_1c%_D-dHr+)B6ruY1A
zUC+Hbf3|KYT{m>s-J2Uco*g`u9z2!nKbbo`lshuBXE8K+4s@pah65L=Z+?C5)w#S@
z({%Elo6EWnr`?Bh?w*{xE$8k#utTLiC#i3}=RK75j-<UKJ5Q&*CvG}&zMib_v9#~8
zTwMzg(&gH9c7PgH)9`xrtJPcAvfX3p?y>ir<M%qdvz?Ra&Pl1B59)C+-I}(n)0cMo
z?$-6>yoaTpbKaiZ;fb7o4Ct$G_?6C7<2rasLz*9v)@Vt?776LQbu{CCeA9lXe>_t&
z@eiNhKK6RwH~QZB{HAfYW&&2DwIkbdI^A*_RvSobweFgm4$Q>ao@?-A8@kgC-PwjC
z>4qaYPj{|u5LP$mJr3zTyUA(I6O+aI+m9W@bwa>%{4+!SX@{Pkfh0SD5gnwI57jID
zy*~-(;59OY${XtMAm|hN`6&>rO3k7eax3WnBU(J`v!DQ=SiLMO7KB_zBG?x|RxSIy
zU`;5hj1ngdphSYA19ZUf3Dad%NZA)MDRqLHaTh3KK*uZ?#~?uMN}WPHFDSxx9qO&U
z95S=`A3-IuRFj}CR0W|vWQEW$Y)aTd#sIn%%D&60suwba%%D=(g2ob+;*zXLfH?M>
z_<x3llq|B!z9S}!WjJFpK*IA9*OB!J@Wy~87mss7Y;_G}ri4LUEKv~AtRr;BF-wzG
zP$Y%GU0;bsR;-9~C`TA54R9Bk1OgjZk;h(DBzZaX(s5qZ7T%C@tlna;hqqMlmRMa3
z;v{?PKHIfKe3#hU158R6BeWp(5swKeF1f@ZXrWImPz2&!^2&4QoGaHFo|M~675r^V
zRmo<Q776V6WbrPb`*OfaQH#D&HHmA(7P<Sz@$QoOa#zq|UyJh*)MZdrT8vSk12Rhl
zd-n}vH<R8s{-j&6RTudb&&l#Wo=jd{U*meB1Iq)TyF@AFVH;PuqB>0aFGeHDb=-U$
z>V7}u#(-Z>5yM4CLG@r;D>kyIMDQ^!K&)lZ&s3AJ?5o`HTj(Ru3q68e>2clZ7$)t~
z(Nn~qE*?#Yb*dm{ODRb^`WQAx6!F`cyenXhSdT}rlo0e1>R`u3E2;ymA3+jtRZ^#@
zFbMP_(qNS)!ZaA9PofktNkD!t5_=rS1RtHjX5hV5{MM?_D-q^@i#=o^0K@qZnbTa<
zfUx_pmfM`VH+_10`0bN#o!sgC*Z%MJ?|L84*iP*kNL|N)l{9$X1d(?5wg=(cb0ky$
z$fosPZ~vzK!{)Bd^LHJtn-dvF`*ugh(Rs(|1{m)h%pRUfAD+rNn*qjqtJAjb%?o)e
z@eQYK+~!%3BDHN>&uuN_iRN%;uCs5u_tw)pXLly@MEh88UZ<<+%j<}p%U2V-Cu`%N
z(OqYA&eN6i4d?of<$5MS&eXU-&e*H>{G{bjew;X4cg-#PFf~G-#o%)glt4bhF@yZC
zF~~=I{W7Ga@3JZ!?uTW7<31)9>JZz(My?BL`XN=RO+SpnY8k=KRYie32t@NwkEpjE
zV0(gg%4{+4h_Y6upe|u95*!tL13{>(z<a_H(gAhP099776)V&ZSrx$nmRVJgOb8E$
zC{$I+I!)LvXn_XXr_%tUpg@Ct{tk+yMNr8gH4iBiPEW$Gw^=^^3c`4Hpw<fZzb#>&
z1=kABd;WzHEeH=ie;PI-DBUYa5YCJx6~Yn!c}W%k_Wd4k&XvM>34j+d-#Dj0De@wB
zc3MF9<EjFCtfqwA71?{7o8{LeBZo-^brO}pyd1<YF~|et@9B~40i*$NQnGIFhhOcG
z!9%Gz$bb$EO4<mUOkvRpZGr%<8w`|BfQ=BsECyLEkP>xZGcgrgR@Mt#Bg%M$a}-2P
zOthfg#_So<luAko%N4jt31byeN+MQ?c9y$FV@VoIZHRg-r*I^g<{y`^*sK&kNQtLU
zV}tGrSXK#zb5L2h0|7vqmkbPTR^6>>_=d1Gk!kGypr&W@RL<S`M)l^|Ttmn9^KTvf
z&eTp-rtbtO!s&*So1kYlW^HY0Tido}w|)2n+sK}Yxcs0E*K^yNSLZe@xw`gE%U$<K
z);*ebkG|Xd13u$EvuXbYWKZW@-C0*}+SPk&I^#OBIrVdgE7#nXZ5~QD54~yz7;Ndj
zY5ry7aJKPyy7BnC<{xxq8mGaMa5QEd-8rZGeW(A{;`;-S-s5_1+H)=3O-ruD_jSu&
zD~z7!h_h+e(Yb5xq@Rb`F-cK^XQ)&%Jkvt>8VP9??q1{wX(L70hKGTDmAoyL6j2|#
zx>e;<X$>AoIVmg4VAnm!pO`QJ{-Kdp_Q7a|V??DCv7rmFK^FiIQu!y<1(XD{57FYG
z=A=__Pl<h`gIq4GgsPkuMl}&0bRkgT0gR*%RsmPJ>{EIawC%)4mdHt6J6Y0vhTh-7
z-rN4bc}SyvhS9)Z%hs$gXF%!l57t;+DKI@Av=7Fh2IW%_WP_d@gMQn|g;OOofH6}3
z!FnD-8Vc)KwEpNODEo?ODPCioap_tsYd-rnQP&@&$cq|6F3R4%B4>qkV~$#ED!K}O
z1fIs?sL`$_uc^+teuk*{lc64f^Vy{$lVgR48*$ko$Qptp54BTO0hO9b*k7<qtdie?
zDc#`bg3;mHyqGcpyc!%_nqgm{qQZ?1k}!Shbcuv2GBE&Gmt*kAK)oL8S>-pB+Z~xi
z5CW(mN^(u20E~+%=7W@fO6qwz^{T~G=9N^0A}Z1B^#ck<G|9?eC4lt7(>BL!3V#&^
zu}>tW+F4W={9W)Mz%?h`%Fl-qOHp2kU5Q6U15<%TeI&WIAt}OUSb0gxR7vYD{je^9
zp(yFlqC@FuF3INTHx()4qd<XZ$J>8c*s$b|0@Z}j6%3w$Krlgo>jj^rN}q-dajcT~
zDV_v#7*_It8Q~NPK?q(VziI=uG_Tj&{dXIi-<-_04Bl=T+%aTYj%6B;?>dizoM~$N
zmh}zmH*KIxH*{`3fexcuf4bHW(#6q|b#&c!bZw`yj=o(-U(VT@b^33E&=|=$hd@v@
z`tml1<&5TTZR4BTth@KNyZ6>?#yy^?o!GTa{N|vU)HP&ld(yQ%`$TK^|FW@pYvx<$
z-#DLX?78ji$r~W=zYbc6)0K7j(hlD~u|sDdwrU&mT1yS|+uZ(bZI&Cp%?<C&X1K{r
z^VIFSso&gfY|1wFr5pS9i3w`u^@e(=%X#0n|DFBTYKA+pWw__=%DRu-b|2X}`fkm4
zN8g=%_o<x|;Q0B?-R4%wf3{CF*s8tr+ml(}@!P)R@7goICo=7)KX9MU>#*#TydAs$
z1SSdunUJ<mgfQ&Q%Wab`^26b_DGm9N%Rl+3?nfsz5dK(GKLcT7+tjG`$451o9<7@h
zHT=ZhJ3X%d$*2}`elk8hGh+H_zZUX;I*2(x9oAsZh#qrBjgTW6rBf~%CDp4$=%T=7
zLibHbpwLB|to$p$99~rNa1@p`msP+E;DIaqK+u%s;7<hvLEP#Tk;&J9xU4v8NT-gb
zUDo;aH~wQv_5{oDQt$?IsH~}1{xVau*GWv-ECC;>RB}$J0FYYYQ`|~YxjIoD0TS{^
z>sHp}N)(|@t+`mP|6WK$(eF{JsP~n4X8HihIj`D<7vKgj{-_57rtIp`$1hPVDVt5<
zxl^+<!HcKh#Y^ea7m9D&=ocUWcS1L&uVe561foN62c=jq0=q6Q0K_EL@mB(fioW+_
z2nYx@prLw*&6TZcPgk|S*LfmSbs|^WabP6PN3)*Mv}g3)hV0mEdTci1ncH;yyvhU4
z*!JOc`|!?-nRbANcHm8CGgAjk4khX`>`+n|2@Yk&!xX?8WuKzYferZvA<RiQQgC2~
z^aU$Wu{hOZ=mYz1vXXYhEI@E4LTQCNY%Jx06+$|^!Sj*XN5PIp)q;I6qD@JckI1Y_
zuwg=apcYys3`Ok>52lp0gA+0zcp$aFQc(H;YFYbng<^?n)JA8&DQTt48o!qRA}qZ8
z8gD~3VAXpq#d#^SSp}{^J6GZvV2WUrr;!y!zhLsV8(gBw^&7KDxodoU9jdJI@GK44
z3iSu62dJw)*02J*;A^-6?g?<Ig8!3`fQv5)EL8IR(97;5lbo;?jlgTdNMSH8hQqBV
zkXeh~nJ}Wt*c+#%P@;0^9{>lJU`Fbs*(_j^4+0%}0#1$JBwE!Lf@pwub*qACjR~=Y
zkmBK;rKkfJpL8Rq$7Nya3ET~qF~0>nVXp|K{=#grMLp{eSq*_e(G{lQx7c3^3LbdL
zHivNVb!Z20z>!0J*{);hu4CD*6X~uKA9OvMwsmZtz3XV&I{fWO)^RxPIGn3(&2}6~
zcO1#o9@%;J-zR=JkvTe-Yxdo)^TGAXu?w1C)--RO`;I<a)1Rs7|FGrI&FQ<19oxR|
z=s-+o8vAnYmMk}v=7uuvp`GdPpa0(Z_eW0OYwvl_-Lr2Yt=)T7<j`aJ2IAx-OY<Di
zRvBNae}8;gen@-)>vMkcKC}Q^v54#SmsRVmB3i(yU}yoY9v&@JPgX|--j5aWK7#H;
z@jkrXDqJrYB;p^!`^&Lw>=`d!sSa5GPq`hKABd39q0%(LtA=+zfEDE$z{9irI|lk9
z99H@g27iXZpJRY#$2-M*jVGG^1qNTj;L8xOE5c$<J_(uP(TCz><(~d3oPho3p*?VP
z+h^qHOl`Ny!gW2rgM)YK{-rG^F|0vlSeL@ECC?Yp{$jcS8vC!oEBKJ6OfCGL;%Md3
z<V==c!)>tlmJdFm1u5_u_PKn6XW+R2yKI9?A^Fh*+_r&AcMVK(9t=P)2X;2fvVvt=
zAaTGdY6itBye*O&i)N+aJMeB&!g1Vc0T)3*Xiyc1c&O68%7YZWt@sjbqyX9gZe#<o
zIc^^M>d9O!mvc0IiqiG}py*@nx!Gb+jQ<gUqN;{00_ObjqhdL?JUkrIm*MEruRu@{
z-RM`L<QuRt^lMlTy~-ueUsdR6gAxWE1fgRQbRKv)z|uUlUe+z^;nAHLl6c>b*CWzZ
zZ6&7t--Huy5fm^T7Lh~UbPlhZ1uh=DickL(s}QA6kNg-~U~V$+poBr=UO(8E2vFB!
zLbMo@@U4OT9D%8VgQz?f2Ese^zl3!XHRJRZi0MrXUWLG~p$v{-rHJfXLNubN{QVPT
z3V2mh1T|Yz+sD2+TLd@&YKO2vCj|axd>oBK!{cacIJ^q48snI@g~QLoUwg<Uj&OJ>
zMuk)yb|sO7VpBK_e+Cl{Q*=Af!x-o>n8jcW12AqRnaQ4iu?uZ>oy>%(s9%glQlcS+
z*Hi3fhMvayXtU8t45l$a=}8&X+CbS(#UiWG)Jk$utPjI|JN^zARCAyOS4UDd{g}c7
z$AV!<2ph08UnYB6gTb7ywivA2=kf%iosk2K@(m%4!MfFc0Cq0?N@&Lnt-1Qf*Png$
z*}M+ZLnFIK&!&gYv0wKr_RXtli|4=qMfq!*K7;RGebZLwtIy;OkOqUA^KH-E>bxb~
z>Urw|G~D%_O}C%Ro3PMKtd7m~o58KloAWQfxUGZhn6$-rV8OBl&4A&IMje>_7#i8R
zoE|!r*WoW5Ir4JTfdPNyzo2O_H0K(6@;ZzknP%}li|xPwzw<-Q296bCjD--hLWuL@
zZn+TSM~>!o5VJyv^CNbH=T>K)K(y0&fKk5fQ|l9>E3dT~Jlj)w0@1CheT?>XkiU=l
z(yri!_#5fpKqQ**i6N+KqFH(0BDr*3MUVLh;50_#f^>G+@nYu#ttIK)p`tEY;L7ny
z_Fj?xHI_WiGU0OZMl>P7ZR8g*leuNUww81`5zaH8NF?zL!E+TjI@0B34E_{~otn~<
zB$`i1eDNs#d*}igPxv_m;8E0QKGqsF`h6$SI6frxzt)>H+Fuh0@-AYn$yz+OEuO8>
zjK%koaSz_19r{?SHyHPI##ZevY1(TbP2Szkv0d+Y#yxQd(!PmZaNsnZywiGUx98E_
z$3M5*J)dcP=8mUxw`*e8cOv6CDW^|9wd)IHJi$Ahf43KEKDB!|kl}*xW^D|*_H0dW
z*KWslbZ;egJ4VtiN5QEIG&K-cZ4Um`)$f_~Lr||}YjJz{mTr6Wjl@3D1L@Ugj2h3!
J1VgrG{{zk^y2Jng

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/resolver/resolver.py b/src/iac_reverse/resolver/resolver.py
new file mode 100644
index 0000000..65fb9ea
--- /dev/null
+++ b/src/iac_reverse/resolver/resolver.py
@@ -0,0 +1,443 @@
+"""Dependency resolver for resource relationship mapping.
+
+Analyzes discovered resources and their raw_references to build a dependency
+graph with topological ordering. Identifies parent-child, reference, and
+dependency relationships between resources. Detects circular dependencies
+and suggests resolution strategies.
+"""
+
+import logging
+import networkx as nx
+
+from iac_reverse.models import (
+    CycleReport,
+    DependencyGraph,
+    DiscoveredResource,
+    ResourceRelationship,
+    ScanResult,
+    UnresolvedReference,
+)
+
+logger = logging.getLogger(__name__)
+
+# Resource types that represent namespace/container resources (parent-child targets)
+_NAMESPACE_RESOURCE_TYPES = frozenset(
+    [
+        "kubernetes_namespace",
+        "docker_network",
+        "harvester_network",
+    ]
+)
+
+# Resource types that represent infrastructure dependencies (must exist before dependents)
+# Maps: dependent resource type -> set of resource types it depends on
+_DEPENDENCY_RESOURCE_TYPES: dict[str, frozenset[str]] = {
+    "windows_iis_site": frozenset(["windows_iis_app_pool"]),
+    "windows_hyperv_vm": frozenset(["windows_hyperv_switch"]),
+    "kubernetes_deployment": frozenset(["kubernetes_namespace", "kubernetes_config_map"]),
+    "kubernetes_service": frozenset(["kubernetes_namespace"]),
+    "kubernetes_ingress": frozenset(["kubernetes_namespace", "kubernetes_service"]),
+    "harvester_virtualmachine": frozenset(["harvester_network", "harvester_image"]),
+}
+
+# Priority for breaking relationships (lower = prefer to break first)
+_RELATIONSHIP_BREAK_PRIORITY: dict[str, int] = {
+    "reference": 0,
+    "dependency": 1,
+    "parent-child": 2,
+}
+
+
+class DependencyResolver:
+    """Resolves dependencies between discovered infrastructure resources.
+
+    Analyzes raw_references on each DiscoveredResource to identify relationships
+    and builds a networkx DiGraph for topological ordering. Detects cycles and
+    suggests resolution strategies.
+    """
+
+    def __init__(self, scan_result: ScanResult) -> None:
+        """Initialize the resolver with a scan result.
+
+        Args:
+            scan_result: The ScanResult containing discovered resources.
+        """
+        self._scan_result = scan_result
+        self._resource_map: dict[str, DiscoveredResource] = {
+            r.unique_id: r for r in scan_result.resources
+        }
+
+    def resolve(self) -> DependencyGraph:
+        """Analyze relationships and produce a dependency graph.
+
+        Builds the graph, detects cycles, suggests resolutions, and produces
+        a topological ordering (breaking cycle edges if necessary).
+
+        Returns:
+            DependencyGraph with resources, relationships, topological ordering,
+            cycles, cycle_reports, and unresolved_references.
+        """
+        graph = nx.DiGraph()
+        relationships: list[ResourceRelationship] = []
+        unresolved_references: list[UnresolvedReference] = []
+
+        # Add all resources as nodes
+        for resource in self._scan_result.resources:
+            graph.add_node(resource.unique_id)
+
+        # Analyze raw_references to build edges and relationships
+        for resource in self._scan_result.resources:
+            for ref_id in resource.raw_references:
+                if ref_id not in self._resource_map:
+                    # Unresolved reference - track it
+                    source_attribute = self._identify_source_attribute_for_ref(
+                        resource, ref_id
+                    )
+                    suggested_resolution = self._suggest_resolution(ref_id)
+
+                    unresolved_references.append(
+                        UnresolvedReference(
+                            source_resource_id=resource.unique_id,
+                            source_attribute=source_attribute,
+                            referenced_id=ref_id,
+                            suggested_resolution=suggested_resolution,
+                        )
+                    )
+
+                    logger.warning(
+                        "Unresolved reference from resource '%s' (attribute: '%s') "
+                        "to '%s' - suggested resolution: %s",
+                        resource.unique_id,
+                        source_attribute,
+                        ref_id,
+                        suggested_resolution,
+                    )
+                    continue
+
+                target_resource = self._resource_map[ref_id]
+                relationship_type = self._classify_relationship(
+                    resource, target_resource
+                )
+
+                # Edge direction: source depends on target
+                # So target must come before source in topological order
+                graph.add_edge(ref_id, resource.unique_id)
+
+                source_attribute = self._identify_source_attribute(
+                    resource, target_resource
+                )
+
+                relationships.append(
+                    ResourceRelationship(
+                        source_id=resource.unique_id,
+                        target_id=ref_id,
+                        relationship_type=relationship_type,
+                        source_attribute=source_attribute,
+                    )
+                )
+
+        # Detect cycles
+        cycle_reports = self.detect_cycles(graph, relationships)
+        cycles = [report.cycle for report in cycle_reports]
+
+        # Produce topological ordering by breaking cycle edges if needed
+        topological_order = self._topological_order_with_cycle_breaking(
+            graph, cycle_reports
+        )
+
+        return DependencyGraph(
+            resources=self._scan_result.resources,
+            relationships=relationships,
+            topological_order=topological_order,
+            cycles=cycles,
+            unresolved_references=unresolved_references,
+            cycle_reports=cycle_reports,
+        )
+
+    def detect_cycles(
+        self, graph: nx.DiGraph, relationships: list[ResourceRelationship]
+    ) -> list[CycleReport]:
+        """Detect circular dependencies and suggest resolution strategies.
+
+        Finds all simple cycles in the graph and for each cycle suggests which
+        edge to break. Prefers breaking "reference" over "dependency" over
+        "parent-child" relationships.
+
+        Args:
+            graph: The networkx DiGraph with resource dependencies.
+            relationships: The list of ResourceRelationship objects.
+
+        Returns:
+            List of CycleReport objects with cycle info and suggestions.
+        """
+        # Build a lookup for relationship types by edge (target_id, source_id)
+        # Note: graph edges are (target_id, source_id) because edge direction
+        # means "target must come before source"
+        edge_relationship_map: dict[tuple[str, str], ResourceRelationship] = {}
+        for rel in relationships:
+            # In the graph, edge is (rel.target_id -> rel.source_id)
+            edge_relationship_map[(rel.target_id, rel.source_id)] = rel
+
+        # Find all simple cycles
+        raw_cycles = list(nx.simple_cycles(graph))
+
+        cycle_reports: list[CycleReport] = []
+        for cycle_nodes in raw_cycles:
+            if len(cycle_nodes) < 2:
+                continue
+
+            # Find the best edge to break in this cycle
+            suggested_break, break_type = self._suggest_cycle_break(
+                cycle_nodes, edge_relationship_map
+            )
+
+            # Build resolution strategy message
+            source_id, target_id = suggested_break
+            # The relationship source_id is the resource that holds the reference
+            # In graph edge (A, B), A is target_id in relationship, B is source_id
+            resolution_strategy = (
+                f"Break the '{break_type}' relationship by replacing the direct "
+                f"reference from '{target_id}' to '{source_id}' with a "
+                f"data source lookup (e.g., terraform data source) to decouple "
+                f"the circular dependency."
+            )
+
+            cycle_reports.append(
+                CycleReport(
+                    cycle=cycle_nodes,
+                    suggested_break=suggested_break,
+                    break_relationship_type=break_type,
+                    resolution_strategy=resolution_strategy,
+                )
+            )
+
+        return cycle_reports
+
+    def _suggest_cycle_break(
+        self,
+        cycle_nodes: list[str],
+        edge_relationship_map: dict[tuple[str, str], ResourceRelationship],
+    ) -> tuple[tuple[str, str], str]:
+        """Suggest which edge to break in a cycle.
+
+        Prefers breaking "reference" over "dependency" over "parent-child".
+
+        Args:
+            cycle_nodes: List of node IDs forming the cycle.
+            edge_relationship_map: Map from graph edge to ResourceRelationship.
+
+        Returns:
+            Tuple of ((source_node, target_node) edge to break, relationship_type).
+        """
+        # Build edges in the cycle: each consecutive pair + wrap-around
+        cycle_edges: list[tuple[str, str]] = []
+        for i in range(len(cycle_nodes)):
+            from_node = cycle_nodes[i]
+            to_node = cycle_nodes[(i + 1) % len(cycle_nodes)]
+            cycle_edges.append((from_node, to_node))
+
+        # Find the edge with lowest break priority (prefer to break "reference" first)
+        best_edge = cycle_edges[0]
+        best_type = "reference"
+        best_priority = _RELATIONSHIP_BREAK_PRIORITY.get("reference", 0)
+
+        for edge in cycle_edges:
+            rel = edge_relationship_map.get(edge)
+            if rel:
+                rel_type = rel.relationship_type
+            else:
+                # If no relationship found, treat as reference (easiest to break)
+                rel_type = "reference"
+
+            priority = _RELATIONSHIP_BREAK_PRIORITY.get(rel_type, 0)
+            if priority < best_priority or (
+                priority == best_priority and edge < best_edge
+            ):
+                best_priority = priority
+                best_edge = edge
+                best_type = rel_type
+
+        return best_edge, best_type
+
+    def _topological_order_with_cycle_breaking(
+        self, graph: nx.DiGraph, cycle_reports: list[CycleReport]
+    ) -> list[str]:
+        """Produce topological order by temporarily removing cycle-breaking edges.
+
+        If the graph has cycles, removes the suggested edges from each cycle
+        report and attempts topological sort on the resulting DAG.
+
+        Args:
+            graph: The original DiGraph (may contain cycles).
+            cycle_reports: Cycle reports with suggested edges to break.
+
+        Returns:
+            List of resource IDs in topological order.
+        """
+        if not cycle_reports:
+            # No cycles - straightforward topological sort
+            try:
+                return list(nx.topological_sort(graph))
+            except nx.NetworkXUnfeasible:
+                # Shouldn't happen if cycle detection is correct, but be safe
+                return list(graph.nodes)
+
+        # Create a copy and remove suggested break edges
+        working_graph = graph.copy()
+        for report in cycle_reports:
+            edge = report.suggested_break
+            if working_graph.has_edge(*edge):
+                working_graph.remove_edge(*edge)
+
+        # Try topological sort on the modified graph
+        try:
+            return list(nx.topological_sort(working_graph))
+        except nx.NetworkXUnfeasible:
+            # Still has cycles (overlapping cycles may need more breaks)
+            # Fall back to removing all cycle edges iteratively
+            while True:
+                try:
+                    return list(nx.topological_sort(working_graph))
+                except nx.NetworkXUnfeasible:
+                    # Find remaining cycle and break an edge
+                    try:
+                        cycle = nx.find_cycle(working_graph)
+                        # Remove the first edge in the found cycle
+                        working_graph.remove_edge(*cycle[0][:2])
+                    except nx.NetworkXNoCycle:
+                        return list(nx.topological_sort(working_graph))
+
+    def _classify_relationship(
+        self, source: DiscoveredResource, target: DiscoveredResource
+    ) -> str:
+        """Classify the relationship type between source and target.
+
+        Args:
+            source: The resource that holds the reference.
+            target: The resource being referenced.
+
+        Returns:
+            One of "parent-child", "dependency", or "reference".
+        """
+        # Parent-child: target is a namespace/container resource
+        if target.resource_type in _NAMESPACE_RESOURCE_TYPES:
+            return "parent-child"
+
+        # Dependency: source resource type has a known dependency on target's type
+        dependent_types = _DEPENDENCY_RESOURCE_TYPES.get(source.resource_type)
+        if dependent_types and target.resource_type in dependent_types:
+            return "dependency"
+
+        # Default: reference relationship
+        return "reference"
+
+    def _identify_source_attribute(
+        self, source: DiscoveredResource, target: DiscoveredResource
+    ) -> str:
+        """Identify which attribute in the source holds the reference to target.
+
+        Searches the source's attributes for values matching the target's unique_id
+        or name. Falls back to "raw_references" if no specific attribute is found.
+
+        Args:
+            source: The resource holding the reference.
+            target: The resource being referenced.
+
+        Returns:
+            The attribute name that holds the reference.
+        """
+        # Search attributes for the target's unique_id or name
+        for attr_name, attr_value in source.attributes.items():
+            if isinstance(attr_value, str):
+                if attr_value == target.unique_id or attr_value == target.name:
+                    return attr_name
+            elif isinstance(attr_value, list):
+                for item in attr_value:
+                    if isinstance(item, str) and (
+                        item == target.unique_id or item == target.name
+                    ):
+                        return attr_name
+
+        return "raw_references"
+
+    def _identify_source_attribute_for_ref(
+        self, source: DiscoveredResource, ref_id: str
+    ) -> str:
+        """Identify which attribute in the source holds an unresolved reference.
+
+        Searches the source's attributes for values matching the given ref_id.
+        Falls back to "raw_references" if no specific attribute is found.
+
+        Args:
+            source: The resource holding the reference.
+            ref_id: The unresolved reference ID string.
+
+        Returns:
+            The attribute name that holds the reference.
+        """
+        for attr_name, attr_value in source.attributes.items():
+            if isinstance(attr_value, str):
+                if attr_value == ref_id:
+                    return attr_name
+            elif isinstance(attr_value, list):
+                for item in attr_value:
+                    if isinstance(item, str) and item == ref_id:
+                        return attr_name
+
+        return "raw_references"
+
+    def _suggest_resolution(self, ref_id: str) -> str:
+        """Suggest a resolution strategy for an unresolved reference.
+
+        Args:
+            ref_id: The unresolved reference ID.
+
+        Returns:
+            Either "data_source" or "variable" as the suggested resolution.
+        """
+        # If the reference looks like a structured resource ID (contains /),
+        # suggest a data source lookup. Otherwise suggest a variable.
+        if "/" in ref_id:
+            return "data_source"
+        return "variable"
+
+    def _identify_source_attribute_for_ref(
+        self, source: DiscoveredResource, ref_id: str
+    ) -> str:
+        """Identify which attribute in the source holds an unresolved reference.
+
+        Searches the source's attributes for values matching the referenced ID.
+        Falls back to "raw_references" if no specific attribute is found.
+
+        Args:
+            source: The resource holding the reference.
+            ref_id: The unresolved reference ID.
+
+        Returns:
+            The attribute name that holds the reference.
+        """
+        for attr_name, attr_value in source.attributes.items():
+            if isinstance(attr_value, str):
+                if attr_value == ref_id:
+                    return attr_name
+            elif isinstance(attr_value, list):
+                for item in attr_value:
+                    if isinstance(item, str) and item == ref_id:
+                        return attr_name
+
+        return "raw_references"
+
+    @staticmethod
+    def _suggest_resolution(ref_id: str) -> str:
+        """Determine the suggested resolution for an unresolved reference.
+
+        Args:
+            ref_id: The unresolved reference ID.
+
+        Returns:
+            "data_source" if the reference looks like a resource ID (contains
+            "/" or ":"), otherwise "variable" for simple value/name references.
+        """
+        if "/" in ref_id or ":" in ref_id:
+            return "data_source"
+        return "variable"
diff --git a/src/iac_reverse/scanner/__init__.py b/src/iac_reverse/scanner/__init__.py
new file mode 100644
index 0000000..0f516c6
--- /dev/null
+++ b/src/iac_reverse/scanner/__init__.py
@@ -0,0 +1,45 @@
+"""Scanner module for infrastructure discovery."""
+
+from iac_reverse.scanner.bare_metal_plugin import BareMetalPlugin
+from iac_reverse.scanner.docker_swarm_plugin import DockerSwarmPlugin
+from iac_reverse.scanner.harvester_plugin import HarvesterPlugin
+from iac_reverse.scanner.kubernetes_plugin import KubernetesPlugin
+from iac_reverse.scanner.multi_provider_scanner import (
+    MultiProviderScanner,
+    MultiProviderScanResult,
+    ProviderFailure,
+    ProviderScanEntry,
+)
+from iac_reverse.scanner.scanner import (
+    AuthenticationError,
+    ConnectionLostError,
+    Scanner,
+    ScanTimeoutError,
+)
+from iac_reverse.scanner.synology_plugin import SynologyPlugin
+from iac_reverse.scanner.windows_plugin import (
+    InsufficientPrivilegesError,
+    WindowsDiscoveryPlugin,
+    WinRMNotEnabledError,
+    WMIQueryError,
+)
+
+__all__ = [
+    "AuthenticationError",
+    "BareMetalPlugin",
+    "ConnectionLostError",
+    "DockerSwarmPlugin",
+    "HarvesterPlugin",
+    "InsufficientPrivilegesError",
+    "KubernetesPlugin",
+    "MultiProviderScanner",
+    "MultiProviderScanResult",
+    "ProviderFailure",
+    "ProviderScanEntry",
+    "Scanner",
+    "ScanTimeoutError",
+    "SynologyPlugin",
+    "WindowsDiscoveryPlugin",
+    "WinRMNotEnabledError",
+    "WMIQueryError",
+]
diff --git a/src/iac_reverse/scanner/__pycache__/__init__.cpython-313.pyc b/src/iac_reverse/scanner/__pycache__/__init__.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..721aaeae8659090c0d0563790b52b2e31fc7000e
GIT binary patch
literal 1237
zcmZuw%Wl&^6dmW?Jentc&;{YGAQU7dHV75^2%=+B(i*9oNF&#oq(dD~b#12#JN^Ma
zf^T8VhLO5LEZ89;)Gaf196;ETkFJl;T;F@o^{iCNBYA!PRDN?OjnG&15M7CRFnce9
z56D1(49!UB8csl>sp6!b#3@JxaY|3)3}k{ht!Hr#azUKYmvA2PxBvxQgd#3MDd4mE
zGA=_ISD=EcP{lQ<1$<7g;|4T>cuBv4S6~IN!YW>aHM|b%P4oa6`2!8EjtZ^f+xv!P
zIu3>Am=AoLHisOV%o&2|df;20541U8uEi%5rtR;lp_V4f+a}O1^-Q~G`y=K^s=CXq
zQwqkp3F8G>eqq9dx*mlERnh%p3J&$CJLgiO(e-VQ^?*;<K&A)_6085Qht!oqQI3?)
zO=imiMKvPS(T?N6w3QO|E#Et#j>jz1W8CQga1iw!E}OL!@shh<NM@riR#fnsjVbrT
zSF*2VW9o35kEV-iH})LY9}bztWcD7g3A5>lx?!%BBjybFxw{+9EIcL}l0WS3bFbr=
z$2J{=>e5kn@4%On4IW!nD9HIjQbAEcN`c%e1Qi7t1z80-1xpIl_CZO(vVyXLs)Cw=
zx`h4KhR6~!;1(g`HZv^(RJ!TXwi`~meJtH1V`V2f3;Ya95O?FWGL5vExXR~9t;!U)
z;?yUR|B+NR6JNyXVlN`CYFFHgOFLHkLeAz3L*{+NjYe$5osSL#;|?ahn4q{Bdtkl<
zQE6(-;zpeEJoG;j2EP64hcd&oZ9+bxnM{Mkqn*e7!%pv2-*8MA?(hNayI}SI%HE$B
z+$V%N%p;_IHWj%i;V-)h*JTz>-tMM^A4yHqzMzNS(AEX&T%czcX!|me))F%$;j$P-
VzlunE`sc;Z<ys-}E(_OWir+2=d<Xyl

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/scanner/__pycache__/bare_metal_plugin.cpython-313.pyc b/src/iac_reverse/scanner/__pycache__/bare_metal_plugin.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..5d0613741c16d4329e2e5a73d83a33e5174491c1
GIT binary patch
literal 20264
zcmeHvdvIIlmEXntLA(fn1VQj|2|fgf6iHDOLs1W#A}R4LnOCs27Gne=K?*hqGWP<q
zMB9nGo$k<0JRzH=lDcgLwKEkook`I4kLC0)HSyZoWd8sHkAd7#yqZa7XFStCpomF4
zR;SZ*zKaW7kf4}0vpcifUWwoR9_N1Vd(Q8i?_4}H8ub)h|M9<>-~8<~Mg0mB;-xA?
zp8b1>{D5L8mSSX#d`ia3;I5dGPbydijd{u`<)n&Lk+^(H&8i_!HKm!<vf4=<tDDrb
z`pGJ`YSO?OCXK9-(5a_PlV;XT;+iSTWHnn&Q}eR9HnI8A-A&Egj?08JYp<i+6r-)D
z7~Q=2xT26-vn==O*Z=lxfDO_!!Dt{%ud%DwLyJL{UJJ*TLlHX0g(A!JTySwI#9ix|
zxHvOG4_}<<*6T+@+`{VhAj{F$0_@`3SVJgsJs63uvNyZvvoj;~!fIqGv>amt(a>sy
z>!KsU=-aF8TR;{KvP*%5AlIc2L>B3};fc{*#Pkxox<apAyUB$Xpi^9sB`sYK1?cFt
zpx7OHZj8Bv-O+ovDAWY~APuhsB7x=L3iPGambY8~1rB=FE912zfp9o*H5`PvCdP)}
zTn$CMYTi7u78_<4u7#q(g=mZo@>X$-!Ns{Cw;E#?g1qHoI1pW0WmiT5(cm(Sl{Z{0
zOxdNIYeC+?ECeEuv&;rLj@M%fo{fd0(3VN0yh!F2a%{sf7*8Y$qr^!XW7$=9L0B6h
z)D;rX!myA(pynyqL=-D$WUPXbv&tTdQM@8!RZIh;uBYBq!WPoZYv#4{+I~6iLq^G{
z`jxosP^M#)^ZI@{qa&#*NEzm}NCkO%l4mT-t0H+O2B;w44D}dEj)gIaPcr6W%raj+
zZ|#8%EVevv>(?^X<Ow^e!wU7-=FOyy8q%(ov6J#zQeIxBW@<>8qheVtDXXhk<{)Lx
zie+`AtbX3bIOjEmQPpGK@xny24UCIzTvmA-c{9Ei<gF0a>x%}U2|R~|5Z6(BNnk(F
zSMd#4A@7j5UH5%=Mph#c*kc?WU8Mts-F=87d)IR|zy+_a;#Qt1ZDV*K%C3gPLDowb
zUIKmLoh-ftSlMFXrToL*$u50`SCZc6m4sJ*?8X}OI=DzLu)#&#wSh1PO)f;~w}Lmh
zAw3P(wN)-UL`H(KNMI#M!{kg{qyvkK_)5?oHu%k02rBRr`WQ?WQVGw9sohj-0geOS
zu_#c9sXbJyY@zKnh|!+aHGHW8;VybHxD<eQknZn4R&3VKap58QwQE6m16iCrXq+Cu
zbm<~f=}C8#jRoCa{R1U$!=?6<rS^-wkFSwrUR_!63(SvikYpDo+h62=e66IE4TKiO
zr_^i^7*J$(p}@V#-jqX#eEV591SnU0RG1WCz{ns~q$Vk(C)YCNmCy2&SHWxj94rCM
z39s{Cg?;7+=Etl2xKa;fypjusmpH71=Ff}_&CiWpyfDv10_@Vr>SA!7V;AN_fdxMs
zL|zPOU~Q2gJ1-f7ATzqxZbC~i%uv+t=j+avzeU|*Ngp)CIUsnS${jtvq5Q5f*F?k3
zl&f#pP=2U?hMniDBztY4I3y_1!XKHAUL{V4Pc~N^K0YX1D0q(-o{Gr#p#e@>q*3fc
zqm<An_n}cS>S8^reP}d{R-~E3-tW3ZF2rbu#wjYI_Q^d3ihzlte2QX911Y7LS_Ck1
zMT8w7;2AwrbwVDL`P3ps0Oo)(T#zxwh{mTeQH;qahtTX(nW$qb*gD0&T&BY?pTc#8
zfE<j^846jFo0}4Q8__ZrpEeAA5-y*1&LYN3_c>cBF2<N@_-E~wi!g<TO+BX;OG|g?
ztL>OPqPyJB*t_KseG>(3)RfA_*yVrC)G)Ot6p<=l)m*KZTe>rjlaL6&)`Rj&eXO*H
z>LhD#@EMA83M+E?QKed#x<k;)g`@lQ!8vpp`mlS=>V-8cTSr&r8eq-j0`=wh!^Kf7
zH?>fb6{{<aT8z!ri?PyOLj`EqX~wd48}?m=MxPN{S7PfvV^GdCMU2D7CD{S(qTt+h
zLA$UYcD36~YA0hWtG&1*;VIb3G!>+-G>H{ftck8%(-L)B(M&DLye$DaEVTrE1?jg#
z(Q5=<B6dX~D+<^G&qS$5P#Q?WVRpG7?<DMLh#o~*Na`U1kqE;slq*EUb<v{W>LQ{K
z#U%<`QA~wz(t_NQN-IJEHK4SjJz_~g8bMFy0wL(1AbTal5y9jTJ+Xw?8sP@yp)3xs
zBCcNwgu-06o>wCCXORu_TCt<NR_rLR#2)bqkeh&%g<kMV6otIL#P`?F&xAm%fSw@A
zb}2#_+A|F}Xt4zvVUzfnSI!&P3TWDosDKAa7~nu&sjfw%YaH|zZtIGno*rH{bZ*@e
zSX&DhuyfCwK<AaO8xSi2I5|S#xO#YDA-EP@Z|woZK~$LQM|&7S2r{5mgcgEgl7rT@
zK3J<+Y*>4-06D(EjRr+Zte@9JLo316Skx>3;t}M3@mCP68!jKgsXuaQ^{rqev;`Y$
zy=fwHJrE9+LnRNQ3%bAesCV7viv&e91+Zuh6r>;xN=!7y(d*6;kgTgwaorG`;GPUb
z>96EN^z3>g3{hOrLK$`oc2W%R&$>racMvrSdNIc0>IBM^jUn1w%`29JQC<~ZeH#do
z$FoihkWcVhT$Laf<#<hD!gw`E{?O7*UUMxN03DIz)v>ij(1UQBa8bTW7yzJ{Mc5y~
z8#wc@={V4=iXA2@4zIZ+Oe3!w6RB8aSY8v0yn=1PpcR8Q4B9d1zyO&qujUr6fqKVl
z3U4MfEUYNOGn%!)&G2eq5eFblEU${<%J2&45(iwH!Z)vUv5i=%K{7i*zF{|Nk(Pc9
z=(*Fth~B62cFN-V-nT#a_U-F&He)`#q0HHuZoRbiQhX@EW^8>M+C6D=eStofF&_bX
zYvZk+t)93y@oL7}pS2F9twR~>sfX&c_1uQ$Z_T!UH~7QB$JX{-)8U-s8&6dVn<-Bz
zjHch|sm8V~N1}E^oojI49*iH0N8?M0;lyI%)s(ZJ0I3@1clE!v)@QBmpIhA-Yukn<
z=WN>00L0Rozi0lyoYgj^wN1H(?p&=0YNqu&ltNdPH&FFWcbo1srRqE>&s3^*dZQ}W
zd?;-_v!Tf=TXc?`qv_VWTkpoF9<rP7rW}(S<2kb<Yi>=OTjT2)^U)`DbhgfuuJdH;
zy3%!Bi8r?AGIcL+sy?^X<pxgPy0CR2KAW~5`!ZMU%vQIjtJ@Q{Om)}eT5rzXopYUp
zo;a*9#%k-1o^l+<%*Mg(y6lOW^og0&;B3lup+u7JqMY=H#xHl;DN9|}>`t5AS#w|7
z-1m%9>Kui6bM__s|KiMlK9lM@`_TQ6c{m207G_dS*&TU}!svLuqm@)}IBh;$R>44$
zO9oSpQ<a`-eMZT2)|{dGvAM47q2Y(E4{K76^Sd9)E1+v%ak!0sa$>mpoPzqxs-qBo
ztY{jqQGDFuI(JI(@u?Pwf6{0=->LYd(*f~Ea?`j)@yMcrc$s1V{6;{+ZixJVx&ona
z&A}GkeYH_u*?Q|7(J$!Twv6tx!*gT)nXya5)7@S<i-3;Tm-1K_WC#j^@Xpi#_wcV3
z3?hE8VF(tH_T4W}MY4Z_mEqg?KJ{yJbJmP=p3)v>X~?QPzOzsQNS~U6`|hiV%8Y>R
zDpK^w+Nd6ijK8xmezYYaXGIxE2S6Q%G|I7XkPb!`*T5_k?e@wDJKQsNQ#iy${URC1
zH|-vDdHFws4s*y{->055x87a9yS}NsrQgzTyqnS<O|TH`9XNt={Cm~~0W2&oG`V1a
z6_!>6(PcyAVrwYEK{%kiE*L0)F%oMQ9R-sW2TRQ>vA293<GXnA!rY~?Q9qd0F8Jm~
z#{8H5<l-2!XY`F^bj8X+DHLk-lN$LW6(?gq@(*B89BK!+6KtEKS^Lqn{b<JAm(uo;
zS>d(fJeR3}sPd5c*?`&DZ(}R~K)zC(tvMx`z_OqXH%w)vLk>!Z9F&cU8){B8&Pi(X
z$r%NsJRy%Le2TfE`cxudR0RCTVUsH6V5{!FiYk@Tr>s;zqwb+Z1u~-YsfyeFZKzSj
zXmCm@KBr}L#pl!##Spl~exvuPQPBW}@ed!prZ9RfsAv0+9;7>zzi9M2Xw$rVZr~|h
zX^$VYrl1TJRU=RldO+FGU$KgHR#F}ry-zRB5luCNO(miq)*sZ4K(!<*suor2&qsr3
zLZ(M9`T*XR49bF4yQo&&<f6e9sikgd6#)G!F~C?sjxGbNgp}(!+5?tHu$yzMV0K4y
zAGE`+gd#!YTzWvxLRnd(W!j4P8V%8x%2=OZn?rSi2!?__vCAF~JTbOH1FVe&fthfK
zHzRmnP-rw1!T!&#AJ}vD7_7nr8H;<J9e{w>%mi1i0-j{?J^f1e@+yGJKzC@7=q2kd
z=RjA1)(QiLiIq<35Z%sss|b2zarg78;hE8aegVjyz$S(<=*J?Pe=Pu}E5G!4b_`3@
zpcO3#SzZGN84-{GP$L1NC`@@%agZD$Om-48mDopKvm*2yR3?}RC=C^3VWP{Ry{v#j
zb%X>TW2d18t_p$@3Z(^+YQr^Mh?aGcZ{5vKD-eB%RUQHn0id*wGFZNM`h(NyD*Ca_
zowa$=Hc!gndD1}NoxKD2sWa6%m2ysRnDTP7ZcLVQxNg0-^<LKDNjp4=ria#)!;^B1
zN?{!b*f!^AMzZgJdsCSMfatm7iJwSZ&D0;=)O>EMf709$|K^?byWhI=t;Ac~eVOJn
zo8zB5nsXh8??>)MQtii+*OITNT3^1c&3U?hWPD)EdQPN0C$>G0&ZaykQl1O9jX9Sm
z>*`Ot`nMGs*U6mcc-AwN_6%h_r*2Q=S`TGgPo`T>Zck)d&!rm9AzlO2(3Up0rL=8d
z?r12B6M@*6?6JZ6z1a_7m}ed;vWC%=Vf5GLrXuC@yatKB;!xlC;fQWjOMRr(kI57t
zS!+j6DLy)-f;g`e-xQ8F?UHTPu#Dt%2LMkvd^ND})`C>1;Hna#6o<9=0U(YDoYF*8
z@TZmt@S?>lq5%e?^~r41cmP-wGCq8I*HvPC5xq|iwC91giU=m$^SiFge-4bSP)o!B
zf~07fD-rq(A}ghV88hl5z>c9G3O9A7TBPz-NqVdl>3v$ChS8iTrfF(sf}*M@xGxCz
zD=5p!<x~1pJ~g9-f4UQ@HVT-sRxAUid=lC;GIC!P*!L7Z9fV3^w^2t-KJ^^V<gUwS
z5_>^YSBf^tilRb739MX&cB<K!aF;M^eLx1wB%bqC!bn`1El4=~ESZ0b+hmBI1_VW~
zE=d5Tz*T{l1Ls0(c{efply9dYFf&QP7~yh-QyhVQ&vqN4FBWzn7)}t}p>8kk#oau-
zbO0$Bro<B>;HP3ozzjqf@4A&J=fy)Ltae?AOr9Ntb(sAEW{UDE`I?0o%Yuca9Q5(_
zVtxKnBYd5hD<DI#4Xmt%fyFKI_UI}cIG0z#5svRw@jCG_j@K4gGFTgkH3QyAoJ>EO
zJiy?vvc?-=ik3h`z-bJ3&8z1X;b4S)3p&d?id`vh2dcUOMxw<6^9M5$Ca&TmD$)px
z*p5XA<24JCU<ETG7_4G&9RmPe6ng^#zDgL3fPT&7RvIcxq=-Q(b$FvVKr%19zBFY-
zH~<4e%Z-19Tjmf5N#q1Z1zBMgA1V%x<K25iMPW0QXp&GLr-a1>NkLORM>lkM@S@E%
zG;OFK*E(-^XKKBm@z=XH%)hE@0V&{W&bp4JUB{B+8Q1BJ>0h<<Y#Q@&eRWr^r9Inn
zI^A+QS4Srso+;$++Re$lnyP8a+S}6hw)pFx+I#aBs+x`;O<USF&A+g;Jhs!h?vsy?
z^d_DE>5bgcmvcu3pXyXKwZBtns;$o&DR=Kv4drz2^i!7lTy1l%rZH!8=3I?Ar|W5z
z+M>@>YMuVeomQ%@<r$@_?s`(+mH2w%!gl{d?e_X3>!XoJ$5VB$<Q32f?1}5v%+^fY
z`>DO_vAzD*^wxCTnYDMO?VZo_Rq*sz<OC|&dRD9au~t7~)cn|bbVRH9iB<)1_MhVV
z{wV}y93D9?a@S}727>+64&dWOr31(c7vxH1MJcy}`oYM$m63ha0AERdfD(X85o)$R
zm7BV36Co_9f%5h4(Ga&5h%Q_!zSTF8!=R!Io1R@=V?&^|0|<>Q!r^i^i;x*!KWpi|
zDV}iJOL@`*&Qk84^G%MgDV0jjH(7*bUUdm!l_r|k7P<mfM=^$TBkX^&?b&xB%^%vm
z&m}EMb<zI;#M~taV6$7OHcz&7DBU`gYxic`&!pSW<hpvZT{G#f8Neyoj+fINFT-ZE
z>o>Gu1hctrb!~OselKG^0*13H>jy98Y&9DbzcANs-pH7{Q`&B#oGuh3Ewn*Vc;-a*
z#yW)i?TzAkRoo*W1ySu(?5lQGkoZ1DLGi-<QfV)#hJaV$*$LSv6;;ck>Ipk)u0k7(
z<m@t{DWL>L=aWI7^?0s$OtH_iRg8g@7f)Ixs+gV3Tv>3Xcy>2eq0|Q_x%;$ZWK81z
z--p6{AO-lh98gE~ffUvQDQvw(MZV%}+nJgJdQp2o4URv$hJ)v-?!a+6OTA?3yY-Cg
zgcdDv(z8lHf^I;9>K7wA2Fw=XjDXmpI5|<#)x+vGRMp`w!F3Jm1Hk!+gPK&sF8HSr
zNLNw8?w(z*saQaiR`%<#ONq+5-Yii{cQ=G8DKDQ`T-P#0aqm9LBBo}+1_62_9xttH
zgc6!JfR|4UoZ-;nj1|t|R5NgX5(ZB)Fa!j`voTbSc?C1&<EzewR=HO}QAQUIBPh+_
zf5yaCRs!ILX1|1RN~l&SIUhPpa2@!piAuUitQuL3MWVd^A|CuOaO?ypZFq}u0G|xt
zKUeG$uUa9!F~Y$Z^u`Y+0MZ@qtr%~(3f=KvFZ9PEKp;?vp;!Lp&{f_H0!A<n02adb
zBpE`jRcqJ*Kb{*w5AYV_9%zX;;B~P`2o9k9p+#Ov&H_=zCccS$^&Xouk<tRr(g&hZ
zHgq)>4RQ|*f?a?dYL(jp2=XI{k2u`1$TV5hP1uVVpvL6YN+i^uLI$r8wSP8<M5x8{
zI*zO{bd$r!1wmCnXe?Sb_d>Fgs1k+i{{lMhzX*^_TT<SMym?YxbE|2qDP^Hk^zoEw
zU_+6YYjm~cO1mw2l_>2e_A2epO<fK|+3Bs*-+yUiG_R*>oVUie#&2JW4`uA#8@gW`
znsQCYa*ge`C*y&HF8)rc{#XuZE^l4Fy_C=-b%}RU9Vat2rye`ov(DbMv-h#PFY7*?
zcAw5QdUMW}CvBel<M+nNF;CmexyF{em+xGTFT?p)V;>0G`<L%sPDHk^X4;1VN!}g2
zGZ-IB^krP#xx#Z_-#(jZdkL)q+6UTX^Fw#WGnVyCq&*Y4y6&V5V5PSfpq!`c{*8M#
zQoUy%p3NLOpFK2{J~Wl9YmQd~f#*d8R*?YO8@xA|nBI10T2JSi+;^|txfZ{Xv}T(6
zpSDytSf5tc8%=pd1A@#31esODrXbhV7EKDLwiiA%oP~AyaN>Dh1tni`t+00S&T}T}
zzZ)zNer(d88&Z5+=Qwv<@o|p~<HuDHmcayM2LvXpfk^)UFac(RT+BZ*m{1aZ`+yM%
zOkix?D#rfzA{=WZ!f}tI_8!?NxS_IOeFouJD;18VlHJl#YO)ojW2q&SkL(t#___)*
zK{}#Yo=8XbUtq2hN%^Wm^_Sp`N)U|Zb0KyGJ<SUuko}kV+`ol@SNePtqoBB;>;m6!
zR?w;~ON9qSA;sRsC+?FcVlgl<Coug(2=*|0_D5KRrd|oN*NfFx<o5p@i21ht6_b+M
z)D5hjLsJ%LB`@Ol11Zzj{%C$*TTgiTV*GrjrfWk_`2BH_-|OS=rt14k{9c)OJu#i?
zIFYFtI*8ww@$J-6<jbD(yV!pjlg)wsdHl|J{ME!<rlA+Kd1Sd}WVzMIa;qz|T(IJP
zY8b7+az}N@av}Ukryo78_{ioM?NxkqScdUl6@+Ch*8z(|SneC3f&W8gxnM=s?88bl
zrGr5mbzV09I<e<!E9w@~!$6%+=YgrgYY~LeOfy9h%@g9gFB2TVkt0Dp*fDk&Lb_60
zK7BzmMUTuEYNj*uaKKkp>F~0snS%Far8YoplnytIKFu78*Iif1CJmY>>Z?X#X;$o0
zqX~Rt(bKV{uNL*tN`9qR@GyZ~l}d@eTDj+zQqTA43HZl~TF*Wd5>0X+3VUg9>_bs=
zAcaKR+@}u5fn%v-oZ?tO7u2FIShDAzm(75Bh35!9&EK_t_<x~&>M#E*@l2&~I1Cym
z^!YE)`F@Y~IZ@O;_kLorN5Tq98y@eDfnkn?Cnk!YNP*1tNM-JeXm?9tZv`E7Z+D0^
zegify>&F23<a%rAN$}mFXD3GRtQlQK(F?JiD@t${k9wq{8%cTn%<#ytaQeaPn6+SV
zapvlpaJnmqYvaVl>-`0aAje~Jpp;a;Iz2qg>!(AJw*;k>*MNWJ>TGcNoL9?Nt-wbJ
zg|A6?J%_dXSFm~_)=i<c>-}OeRE_BYNm_Y59Ek8$VW^v^oiR9I0N=h<e<Zj}(16$Y
z2kVUA!m(FU91C8IX!aKr(+XIEoFMRO;ry7_L_)&paUlZgKjy$80dWoGwU{C&&T5PS
z{Mg5jk^K%d%6IJ#LJAw8^c4!nAQ-U#zdrzsjHgT!e>4~&#|?l;u5DereKX<C)*jh7
zm#b~K_2$-_aTlB>*B;$C52wk$u+-(1TB8%;#2a_sNHugNUQ0}*>IXJ8IdGqP@6LPK
z=H7I3Z_@G5ooen)HIHo?a<=BItut-wOmN_N`3rkP&UGm3>Pox1K-t{Xg63P>bZdTV
zKHip)XKFg3T|-UQ(2zDXJhr%V?w4~d-nc%|k~o(bOf~g`VtcpYPD6YtsZ73_98auf
zoM#?4db5rF>Bj!Y9Rt~p;dIAvuH^_IsV9ee?!SBQ-Q+aru7}2Q9o_fC_rl4O4`rE-
zvpM(S`(5|C5;wN38TYB&;l3YrJ?Kh)`;k0zcxqRQ_S`qzGbCP3&SmJqTzQ>sUH7N&
zO(&h(W0|(IPpfrw?bB*&we|N3yV3Ntg>rP~r)8k6rnGfm?!1PvXOvWLJ@*Je)U*Ud
zJ>Q`zdm|7TosTWGw@h26RP*S=<xefl=axEDZH>;axMA2!@y_$rh_fL4u?4<Lk^jVC
zf$)=R{rS_1Ph5`kgNjf3WEdY*LHLN$k9Vma>1)RisU96tLA(rwp%f)3>{WPg{?Vf_
z`8XH{;8gwpK@<i^)wB;zFqE(ccrt)dG-CFdE8;pSPPO<fWjGbw@_nXCNY7^}VTzff
z0-}K4RPWOpV@XLrun$(BRqR7x^MyFsN^r96{{Sc33OL#Bv+skGFT)9r4@PZ&Ax5t8
z)l?iunSMZKz1CM-ky1MA4xd9DG0_fi)~hSdx?}IGABe=w1c_T-h{OT^{=Fb^n{-#c
zTF1%pgaP(v4eZZ4UtPtSsxBeki}D#jPKaJPd8F=&3-}zlN**gdlW)I0XfN$SrUuMF
zwPm<iKGX3J4j0R3-rtLhccJbUnAwBQe83M#)EK0wd$xNw=H}$W%r8-1$NHHf`riB7
z0xv+{4E%Nh7>@vQH&%w+1%ll;+g(D-i=wql(r_h!eW>&Z0&Grbc^{C?t4G<;bpW%P
zS69O^@OoKymOp-7$R-V;gp~ktZK2OJZ!N^|`zYaCa*lv;u$tKl?ZYumv5c=;#6}Az
zH)@iA9u%4)U|Yb;rau}lv+qEkz0O^yEtL##g4@kcfgC?JBCADwE+vUDZxKt1=-D9V
z5Cp9kQ(*tgVpS?KI9?|V7<@R{9A+B|WA&r5Kt@i!FT!jIFvpZoEyhGRk8yMcRW3x?
zF!B2r4~F*K1*eAZVvBn|oG6_XN!%wsM7-VrDCz*bemZ43^LK;S>*>3P?;MU_NxC!j
z$2X=vw>1&Gt_Qr{(tf|`UQ>$hO}diCRMVNwD)8LAfBN3(Y-@kIwLf{~kvrAepK6_f
z^Q@e$HEZih+j^46GPVH(?9Dyd=KgeZf2Mh0(~vh&^&MHKH|_K$+LH2&^Vr5@uEqhl
z9S@>NwkLV^Gw0VfRk?<iyAyXN;%_DUG7STpy1%hCY@W!0!w+%(`OMx0K1KC|paD3X
z8|R5y(3y61CMJ?>#x<06ok_dSY`^p9Y{qqAWBPNm3!R(5Ew(h4hNLOg^wQ?}^0B=3
z@G2S0#O8F)(VBJiq#ZaE$3U*NM;LCVbpZTb3z+}rL-%Kg$8JyNI(pG1HhBfKg^sb?
z=l`a;<M!J*`p|vTJyYWC&*-l~XFJcyVED#biGDI9>L-(lQ>muG(j;^w$G2bKo=){m
zWSo=xsVHD(_JTj{VA?a7qx+Lrci>d5>6uE^TmKs+#NtZum;zm^V4nR9%(HUHeu@M;
z2FlZ!82AtG<lLTID}Ilab@!#+eaS)iuFL)M)0!$&M(n7J)Pgc{L5AAMw~E@xgnW-S
z^3p@wr-rc#+K95KjpXd7x8H$IR$G6krmCIK^ExPdzSBqCzGSdE=*~5}HJfThFJJrU
z&+Vhn^9n5ZpTDVxPIF7}Ld82L>rr=s5OkL*9qKL+{$<PXz|^4p6ITs{e`Ri%?r8XF
zy?#oq_-UJCN~ZYfNg2d{CR1Uk(@z~&{mfQ7)vNkhuL|RX`sr5HU(0K!n^b?@q=Gp6
zCNx#{#S&PU1ubV1UR9#yz<u{6{cVCuKEFk)C;YTS#osoN{BFSupO=GIt?VQ;zX&=P
z1HVjw@c?*wUBP~ms}kY_uL_k<PH6k!IruFCQU`e5LVZFU>(dly{($-<?P<l9OZPTu
zfApn%F$Vr@+Vz_k(SiSfFDr^}2Q)Hf@Q59|5x}n`IC>%iA3Mj$r_c<DUHlN4I9t$5
zp<sA%*EbbXe@*yO+Eo59F_e)LC|(ml(t&<n5nxw%IYi{w2f@FMcpMBt|5<dW0wdP&
z+{ieR4bRQ6-+(Nyg6tjM94hq-exf5vj;T1*lR;Vt@*#jV?D-C$!uJeMP&#}cs6jdy
zC|BFvBX^FZJcDrNU4J@TKa#E=$<&W+m~$5AE#sE)_A-37YB`*>^rkJn8B5=W>PeOT
zwmDOEC~-V_A=5cRz8^T8wjE9x4(F;Yn`7TOlY?)xV&8c$u1okbbYF6DJNRE$9y>a+
zj_$OhJ7wu6k94GM9VtV{j#}!aPyFRz(8M1DKQboJ0lqW@kWI~coA75t(A5KeHbn3D
zgNsNEoO=Dd!SDZOED$b~nEie@*5jfem4lI0DAxG>i}3A*p9KYpVnIW}k2By)d|m;I
z&CXyZx^u9vVDK6SmoWGf3~*tHt1yeRUGn;6{|u9`zbWEwNE|s>Jl`YsHI_(gKo#(N
z01NO#FxOTWS+YPieqvMv3th<x#qWPWk%0>fiFP{{1N^>(`*T>WKck+?4Jz$#8dS78
zrEJ(SDO8Pl{kTj;CzJ^$*_ycg06zJ}^mhLax#us*<*Lrqp|9;waL;Sys=l}~&fL>s
zx)0OG64B(ygPWK>me;nZ+7lyr3U0{@J9x{VlMSf!Pi&6cimelQ6~w{8!r6G6xueT#
zFr}p$+T!!^+2m-dZ7}URk=J3ap3>WQsxWp#W>NJ#vDV~OaEE8>TzL(~w3MSGufrJ7
zno=e@t!vq-!gO1=N}mHV1>QS{$o+}VSRheBZvGpx)&dRQkp}J(8c5|QWrHdwsR!>!
z19u4xr1DYOE3yI+i69k5BxIP(FUcvjH7~cQ+T+nY1-GR68Qz{LApaTW3+slf<*j9Z
z2RB}W9}0nIJg){PZ@80v!yCXcC>*-lO+GJTk*%`GEP1Qs2XnfK%M&MTIkL0Ju0&2)
z+IPG|`otRfoiOrKJuH3=!MmiTg&*MQF5JoY`@9a+iD~jJ6Z;#i`6>ov&ppQ&jRE=I
zU3*G+zs|4<*n{w&;>IBW87h-Km8)dRXC_K!{w3x5B}M;=GXGwwk;#8gLGW7(B|G*@
l>f{rhC9A9dxvu{9U`E&WzIsRP)5zL4Bfo|78<{Y3{~KcJGfe;h

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/scanner/__pycache__/docker_swarm_plugin.cpython-313.pyc b/src/iac_reverse/scanner/__pycache__/docker_swarm_plugin.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..4f3987faee80f3f0a4b7acfc725d9ab298b536e1
GIT binary patch
literal 15671
zcmeHOdu$uYd0)QC<x`?4iIOO-9+pL0qHN1&OFG{}mUJh}w(M}t++8FbOOuq$Ges)1
zl+RWl=b%ME2MNwfa+M4OwG6a9xh+}+EfAw<flDs^t0*dlhZD0^?hIU7Apg;^a|x1v
z`hByz<Wiz+=h>p@0-Twh`F3W$+4+9oW0nu?c9wzbFaOc`#`O~n^9kN4msu`6jA<C=
z9cCZHGlbzay!Nz)Xdu^})=uh(Zc<P5oK$Zh2B_DcHcpy|iPjlTn<p*AGRYEl(n_q8
zHe#E!6Z@otIB2`^v~$u$T(oRDT{BrrYB^>`6YN$dQO-M<nYw3SCU_A~Kf{|pqapP(
zmS8}tQ>S~@9#T_DWuUEId!#DuQ`hpAfQdBCG|#lmSdMB9(AkWSXZJ(i$aFBgwTa<v
zGp=WJ(kP^LPV2WXePb*gy&NYT|7L{Da|<MWB@u($h2-K~A{AiSv4jv!Ux^ce6XN7b
zA{rNZxl}y!W|~}v(v@^_aUQFp>C|ju4hoS}3@D={o)NfNlAh-xoO%Q{np_kzFu<aa
zNX>DXOK~nnC(tLvF83{5%UnvQxMboYiI8gn_D49?DZf@Uk4BQo$i-w_G@o0@B+{u!
z(ytLM7tZjbbYQ<xbdD}8j*#f3L?#~1ERwibt4uu}3&w@?B8kRD*ZE{5Gn*#!qmfK}
zE={h9w(~N}7p^VDMH?TDq@ZSw#05cQ@eZC{OlDv-heCOtt_{?<M;3vBR3;IP;GD(@
zNt3$<(IIgZmKUsaFE5*Dm)oVqE8R*<Sh|%K(QgusR|k)Uj~x{ak@*;8rbq<1r1xYV
zG9$dVE60=2Oy)1miaN+dOL!zWIuSlQay}}(Y$+|t*DRH<83v?^AzEHTbi9`6`6k}b
z#Jr&gnKI58XG}9DX&3Q2UVl{2n`oPv*WvEs&Ge3iJL`-I_Zrk$Xq~O1j-_>W9;l$+
z0sYu$jgz-4Px6jZ$vNYisp$uaRz{wwJ!<A%^a(fZqh`iI`>&&88u?n<=Be7|rfv0A
z+v;drL)A79ZELLBR!`f!GfjNMj8Vm@o^QmKXXN!J&AgYi%<28jVvV%_senma=STfO
z75O^61Z7Lf^2Wi|tPmG2k(wnDAww4Fp5|h*G=glfu=7)})den-E(=*K5}yYN>Pe(z
ziJni#;(jWX@f3(EfqkzMW%emW8HO9bx&WiaV;snK3^#owDZqT98SZlYnlQ|AaP@JQ
z(n4lfVL_fuD0qhJi3jEay<A5ox-i_|e|YFf;PA1*z~R8*L&HY~jvwpr%g<+$LKx5{
zF?(&8>q#r34$qOrcn1fo(=iL<LJ^pbrw|c100E9ZB8#EiQ#4L8;e|-%Qbk8tfzRSY
zNRgPur(j892?Fc^BCw(nz-y7DrlK<T(^sm66p`~G2gy62nL<nwO47w^;I2eH$N05V
zB6C+On!?d!0@g}2gmGc+YDB#dPtFQR%84(I4$lO~&!3y&QxP&d3NLC#AkmpbBpN1h
zgj~1>07}KljDjc#(qS2!7p{rsa5#}lWWr&wY1bwTC~eQeV1f&h>rCO;a900iTcN2X
ztN#l75GOBMRqr#3Tq>6d3Y6ndVY=@yAx*Hvp+dq?E&Po9R7xAt_Q*{!(DKvxG`$c(
zc*Br3uGym(Bd=9@38G-{xD=`4O~VrmlhW<ci&@duDLrpV8A7_!Y=D=LUb%}vVH&xk
zS4gL7fmw(24u)q3v^2L4Xpd^oX?Tl@2IfcGYy-4~w-4!3hE`_Utn?V97LIZ!<sD2&
z8#0t;04o+UK)(*&Ii!WXV^pX^Owgv3%X!dQE-NKvO*rONE?F9J&eG0I<IAR(iHUe&
zy^QKNG3{1bLq=u2@ZE%raX|2tal|;QnPr~SwK20AzbnGPOP7%b<pveDwADCSy32}u
zLDHlZ2m!z`Lgr+6Q0+9p2!xI|6CjR=AKZQvko{Z_iGO|(L^0;?<@T4s02)eQ&`Sjz
z;RbDu{Ute9)4;I7NJ5Cq16R@0!`!J^v|12CL3dZ@Z8nlf3ISHs<K##?ESzXli{etd
zJne+QDH8|CRzoBhFLrrhNH`Ulk0ZQ9gmg+|%j}7I#5d7W;$>>d(vLTRh4}oExgS=D
zmQ4N82p0T0(I}xLh%ZH$Fj9-AXoMDCLX+uYM2LqMNmA6oKz^&Jn~P_N9eFS$({IKJ
zK|vFZ5<j9%daI+fH`0ks`UNo2M9cWqXq*DEsDniyUC`t=5ww@dK}`BEIgH5wBobS)
zEu)KHjS47f__p98`;o#HDVt4ku~iyar5*$7_7~s@!2p}^I#aA;T+MI4b>pqoD{Cb0
zJdo9Y<aBS>?klwR78-^h7<6t&k<r;5MV6^=UkNXV*Jd`3<UPl>JSTFV6M4_`?{()q
z6Ir%U*S2zQ`P|y+eBGg}<^F*{mi@@;`7`gfx1-R|{;82^Y%l5<Z^zBwU-NHzdN;fq
z)_a4Sfw5fO_<gVMzYY(t4y_(sdnMP{_n!WN)7<39P8RE|mWJ)-_O0f?_nHF*ukWLd
z-sQ=SeK4sOM|SMXXJAhDnzzr~IJ0H*<!rtWY;8pcQ{VIz_GgdmjLZ9w(ZlnUmF<S6
z)q$^FmDn*dbqz(6&ff5gq7Ep2E;Pb&e5dBQQ4jOJhaDZ%z28<hI-q-hzyRe6eT7&}
z(Ypf*?=aJlN>@;g@p4@k<JT-54pOzpjh>sjFmh^YJQzL)M&vkuAvkj3)VV1zQ6$ru
zLxqX9bHJ}92zp|}9*>ZH&?+fA>CJm!3xfKR`Uxxji2HYMfvSWl?9Ktnb>@f8wk_xJ
zob&jm`8YWMRn?h42`!+ym>}dkuM!x8OjM`n*K{%c3|*XO<i**Ie+Ug+1gtPXM)YaG
zB8jJB3+Y5E6Yy)Oxa?X7M=~K~!U~xn%8;s-fl3MjlNXvGxz60TI^Q0Cd$>^7xH7ps
zdGo}kt*zj!$y#==0=|B_1vn_c7Qih*uj$ejP!s^=u}|hvSX@|06EyXt_aa-8;1W?M
zipzkfB*4oT^*Bkfkq@0ee=c}od@LLs=g)<LqvPQVubm&~cd_lGOqIF^D@W=vOnVgj
zcW;BoK5!M7DQyS$2X(!9XWyo|k1m90R#vydra{P~OCotd)n9uQ^k;dAf_iDu)M*#f
zy2q9Ymh6f$y`rhnJ_=gO^-2jN93|_=s??VA((}6Ml5J3}pOEhHvsT9FV!%c~F`^gP
z2z~%)mDLa|SqKUZ*m+=cDbE9KX#-VT9YNa$LQ}FK^bsfQys<d?<=p7`5QqM&;-yP5
z0(qaMzywB*Ck^WRGmGE_fL*>z;P!+2at%TV^OO?xb_}{E^NCcP603V>)3dZr3T|Nc
z750d-MTWTxyUZG;jq6zyKoZa~1ErRUU(NW@xS&ueTNgV54<P=F^W2q4auH%1lxut*
zLm?{uM4LKRLF!<omrlL}<_6HpEWv82d7)D%&1xTnT4M3p2!tkR93{<-oE<xM)X!4Y
zP0*ec4YW$s<BF0Ys3F6cG-L8S5*U-|xw$wIP2g6fpc}tlQtRiD;sR2baRy;f`vOWq
zS%teL#=`0eiu-oUZxymXfR2QlkbpvOWNfatPuw_>v$k!!JGR_CId{*dt*5BBSo{Td
z!^(-}6I<@CoVzRU?#_-C8k$$GE?-@9Y?$*6Lt70m<QiVcH;iN_w%si&&n-W<*7!Fs
zY#n?tckso$dt}o#^0RGc<3q+^@o(E|-=4ZLRd8J>xEdcBz(jatX6ibn@xBM+S%K*1
zLM=?{_K0ufIp*8X9XfeP_nm$Xq@qPxbU}3NK&%?D>}aS6bXhWaF%rETRig!3<rHl;
zKwjPfRg%)f&j3H;9>@byS+>>t;R#*~(GVT_PeX<-@WDz-3%w8xZ$LmhXNBI><3b%?
zDHGIJ!K08#f&G+ux`am|ZK>7*&y_q1sV_{SwuC<wwIwX6s4aOR6}7m?J1*WBFr?UN
zk5XNpiJO_2W0*x)y@h`YvB3s~qMV0prCHlU_Gmr&RYCB1c3!+GWOFbBB_28EECgWy
z#qAx;t5+3dOF2UNAj-#%E96i{;h2!FgPHDB2tqd13hEWAkd<fAEDl+C>rkl{#!N7b
z6|oj~1-(N0kRb$dB;^eQGPfvgfXsvN7M;8q=MFxo6FAVPTp?pM4nr<wbm+fT=_A;#
zl*+l9vJE`=lyk&6m6URo?`Mm=g19Y5oT}Rb;2g2zRpLrd8zN@WNr`dje*prc3l#@w
zk3mUo8B_&rVVFAu<_8B5FRKsPAuWk(fI5nmT@7==3Nwa+t<0iCze}WtISf9da8n3Y
z+PTGr7)FkEYJ+mjSn_U_ke!MvcxGy;Zz>G{ukwUq0Xk4cU5}reO%Ndypw6e?AX*f5
z1ko&`wjdh8nM)IZCkz*bGYN>uXCm_pq7CLc3o0diDI#1VsIv)*>QX}}bvc!OGgVq<
zYSImJOSLqFU5YZIW?9k>b3cN8!1(o|C%Q-ogtICQH?giXr*N5Bu~Dg&th;bDJ-?6y
zbr=)tGU-etS=ou;uaz_x+CP%f{3?`0T{4~$YfJqqF?B&*r^GPDnlhbyFrluJd{RMO
zB_C8E#LKZ!swW|)zOVq>2p0Bg26Cz`NeJg-pi4~<9sM<uw)`B<82u|UgURcdgfaO&
zOi-7C$Ez}VM61NVWc1c3OLi?hABWSAm>}vBv8$rJV);a))F`qFc|1l&uxksQP<URL
z6KdcdRdmHAIbOBOW2IFW#I7ppT9$+|)t^G2!gYB6psl-^{=->Ip_R*;3oWf#BYGl=
z^7cVYvEXekG`_sqFi~i0FZkLXSdDeykQ?oePhCt`-_4=b&wTa7M%T9veDeTw(9pcq
z(4TAQr@B0A+phPn2J-d(thH!l+B&ydpUJg8Q)umw3%>R(-$2ecP}o&~QGD#C+55=F
zboQ=Kec17A&eob8EqJ=OJO^@~1MAP_Jww@-3Qo_BKLYK);#_uab`0I?yVthKo%+Bv
z`F&SoQE#;OeBal(Hj(!|dy_4=yjw0V=i=6yK5+Fuurc=5ZC6X-!0~N=@A_+h-CF27
zv~l?ED+T}22Npw3?Wa1E-SNQ3be?z=U|daw`nH0{S8#g^%|2KVn4XJ;MX-RQ?_=tG
z4<SI&Q)oT3;oETDBky&-=h<v|`KG1ds$a1$+gB4GxO%psY+JUizP9DspL6a11^WLz
zlIQ=v)jQ_ae%H;8dko+81;$;5e{mV0Owd1!mXr$Ipqizo#~X_2p#${|l{>F$;ef}5
zU{m^#-p#zMnE=ZJLac^hDRf!x8O$4FH3x;)9AZkU))X>TrO~Qr%pr4C8l8&964C{$
zI8D<S>7o~}-(xm#%%#j`kGYu26lI4gSjDiJE}1n!H05_(5c<`GELAx%mq*xR4wf>n
zReNBc&~D{zPvFvC?tym%aGz8&v`R)Jgsd%PQ{!dLS%?9lQ4`WZ6v4IBHdfVQP)?5n
zqMnC?B++&uB3!-@2b};)RJ4zRZxsO-j$k9faJQ&EH712z^-~x&HJqA{%*93hS@7aS
zaKILl^yDTcn&mQ_o#11}Gm(pN2zcs5LxMhGCK4^^NjO4=rn?q$1t~3ysRS4t;Y3W-
z)5xqD^d&w17Hf6|si=raXwF758IriT2+AKkg2<bIma}oti*PpXw@IN>v%)SpgCiO6
z2|@C~(ojLrDko@qL)`V;=xK<x@vn>o&(d%j8OQqOFz6l<iDnd)ryhk>`DrNnlG0hm
z=XAoADETUu^a8H4Jp=0;26tInXa_p6bfLr8ETAGQ>kFzZ2pFkMHSJK=t_pYm36w&e
zq#ewXc2K-Fbmg|(eK~hu-rb)y|IpnGpj_9ma%%ZhcD&$jTp3y(TK()=Fz@aG&#r~L
zJ#lMd?e&ddzGX0bw%|Lk<qPC|f%UiE)8>7n*{S<B&z7wvXKUGZbrd>|6k0oPCvGLy
z_3Ib&t%o7rdb{yf<68H6N8a1F?elN>j^%vEw!4pQbx-BGrwZ+T1>e5=?fqNr1G)Br
zjhF8Q^X)Gdx_aK7xHGZ-Ss1iy@MCYwE%)lo`jNahAeBG2UX%A8EOd0g+jFO9eGsTR
z1_92wdWhV1^=x&H<~m2;8_Rc|deG*osr{+07Sw>9scR`7g@Ep+xlszpsX-Z`fr9dV
zSTgDl{zgH0;@gjfWL-7*m@YvloM9S+CD4SK$``NYbtM3)PN6ST{Ms;CeFQ^!ggs^n
zKGYLtY2wXKps+lVLIt+GH2|JGZ&QQe+4ogYXkYT~ghItq4G`2JfN(L2aO4YkXB;C5
zIMfjhd^8Q8qOc>GOeA^<kGNkFO{Y>c&Op8hl;8#!V=^s#oP)H0FEXuY0;?TtM}gb`
zQt~CFx5}WT3{OFcf&?j}5e*O_B$2OSf`NUCM9NtY8nO}yQVaLb;a1c^kF*~F0Zqmc
z2}It&_9`Z38AO!Xm_ZnX?*loQn2!gMPbxv=@sQAZ+k4Bqc8m)2o{-S7|6Ttb|N6wn
z#eBz5p}qTE?;Y>@@r{%D_Tz=_gYPEpBsOgK;`#2eLTAsrLwAPOU%O|>cRpXJc&-Er
z-4qEvrAS~vB<S4>3D8`iNbrr{4ien{A3_2ZR{WNbK!r7XAi+~$h05SD1$6jjUxgIk
zQAx37sd1+i%f4lRpu<IFSCZmy;Ff34rWaEgdi)~^tB$PE`uTGGF3B{>UH&En^RI9;
z9dx*dU|z=d&fUIWSuo|v>_@r$XP_?2Wo`XR?{e=}ZFjD=d#m<fuJ&NQwl8b?#NDJ;
z?iF%*SW(r+4Q;-4py2%#<gz4*7xUdCJ7mwK2ZhWsUEL3w9q5d?KnsKHH5YrHD0}by
zc4Y6HkCnZrag3hi(7?AE)pR+=5K9`ax^rbHQ~cWUS$za!S+@3=rKvoJJt)j&3izfK
z<&&+D&%am6r*&y)r+mtR9<B#sCJ~6yMIgSIyau1G!ch_4p$QC8EPsIfA?$8~SWK>C
z(vHa&FhMmdT1MeZ4G36`WJF7d2K%6RS4S1A$il}g*cgsvL{<s~V!1-$n&g?N#F}c^
zveK=lZ_QPWd*B(wIyyTi>1`U9K^?6a?~>L{BGqGsTb|Mw3irPO^)D;jJ1zI>!v0Iy
z<rNmTqIRudqj$epdH0~2u$xfW5B$Hd!@I1!`2UN-KDblZm2b_f2)oooWnPhWJlU=$
z>*Q~-;qNfnz(j2}o8%#W6H@#w=v*{P9X?i&=aKNSf-KMK;?oOqy$|A`bxkX0md{ji
z!T%Qsazkr{AQJ?+itl>xw3C|6!;n%38a}+O{#j~S4OMN|_Ln1(@L2{NG#&x9t%F!1
ztmn>4tynSssT{(_AhvoIj@saJRGih0i#OnBq7_GuM`gwJtIb)ZTC2{|q~Zx8vocQ@
zi>=0!O3A`OvFRy!vV=^(Q=V8APY?~3d9pw>wHi;>vf+?oL+n%XWDBvsQ=aT9o~$9O
z%#$r-tICr@#S<KHKP6AjkbMuHG&D;4rEw{`SUv(Q2QiiZ?Z{C+4g-a7%6TT8z6}5A
zfe&G1&z+N^4)b73!Ph8~*T7LX2W}-h1G-m2qrGhTuR*Hn089P|1V=Pa$$u&mjTa&W
zKUHmq>Ls&0)-ZVssf^USf=Dh;KSf)T9j9T@G%Ec83H~WW3#Z1GWa|ssc<KL0qFE|n
zn}nXj@C9SZBJ(>a;D~ydvp_JuLH>e{nW6K6BRKTn1kpfqKyf++f`%FS2PCveJVQL0
zAkLF}v{D)gD(R<cin%7`lF{~cr0c8Vk?kD;z7D%z_!CILd~-0(zN{XO&ESi`!R5i#
zsr8c(a@}$d<lF-rlMp|3k7mvPK|?2=#+6r=Us-(>KA-g*$iDQk)04eYaMi6?m#wRp
z)~>8w+HC3n&~@km*i<dhFMP2&abx1<>ky^2^?Yo1-QaJwt##z>`=oN?>XE#?wP<22
z&WG^HZ3`$BPt(e4%df3oU9Zi1dUp&kw>G=>>SjyeLsvfxQ2!JIcvny6?QJ-K3kIme
z2y$cdZPP8&8Vfu&_GeFh>}<?lQ#hDgORP<AwjBP@bp$zReliD@12nXPer#;L&E8_y
zhSy2H@yKHb0ByxGuDYz126{;cyhYefZIDg*efZZ5JX3(bX0YKf{0V0fj^V?iEgb&*
zVk9ZIIKyFjx}SuDk5n3(P2q4X9Sw&GO1Y@Vf7g%~ph!+)V#eepOz=>FoWf)Z6Fh<=
zcwA0U4bj7CLeJ5c@Rpu6B(Q`rIfDK_K|g^|8^Z>l3cw%Oq~m2mx1uKuUwmOD_%q5u
zM>u?!k@(z?kNT9P9}2=B!$$lf^FV7cm><<^4Zfne&(H+1d48jF{nfj01`N0Njy}Sy
z__{`G7~I@{{1F3r(X2PruIbnKJC;Wb6pJ>kA+Vm=7`=N9+XF>&qrtyET4W&GIQIy%
z;?YwY1AE`yu&P@gDjM(xw!YW5%HOgSP4w2xv~;b_tW9l<ZFUXjnum%OTFo+S-6Jb4
zzOHRIcwsLUb(kL<rult~ebd3^EbWgBP+NRS<CAGHM;gdgG;mjZzF8*097!Nok-%MX
zxJ4$x97!Nok-%N?#8Z$k#@eFxkfCn9tH?mMarB<<n?nz=_)rIJ53x;pKlp0=ZRFn}
z6HWMmAH;)2BYbRtabdbY^!W0g#da2U8~ph*0DlmW{tZy8`twl$|2hT@ba&BBL^mLH
zSy}7?x0u+VenR?ZQW!t#AvSDnR=3K3W(vqT!NUg80#JX3euhZ?6+6YREXY|*cx*O}
z;6EARZ;m=V9;2TwZek-!g$VKke~*HXN$?*W0*DRWmU(PHfC+9@(R@OZzURqDa0@$?
z5$-}#)M+%DA8Yj*{X-k0aemC~`-HLofZ=|sH)*s#Wgz*9i_r}HfO+=5#kFN=`ktj}
zbue$~x^Dcj(b%HhWE$b`2+r0mM`zB_S+KWk**kLfjsny;yK~NNTGN%YcNHAIEk}FK
z(N1f)oSiFJo3^a2IcqEYcfhZ`Zpj|Ksk<58bamyd`yMi8jrLLfNu#E2)$tPsbIQtp
E1LITIWB>pF

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/scanner/__pycache__/harvester_plugin.cpython-313.pyc b/src/iac_reverse/scanner/__pycache__/harvester_plugin.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..989b03f80252b667a903281dc98e02c5e4ac8112
GIT binary patch
literal 15971
zcmeHOTW}lKd0yP_1W14c3GlMK6BY?d6eUwMEt?`KOO!~-SV46{P7nwLDcB%Dp9OWH
zGpXAqDeNX=DUBn#lg9L9T2oDD!kKnDddP!o=hipEaDvT-b~V#XGoJPVs+ii7y!8Li
zViyYvw4I4NdC5vV_dVx7|DN;xmveC6;jl9BeCzwpr+@Z1!~6$k<i}7-+<y-eFEboN
z7*4}!&uEASV%-_-w2tUlEYqLSPaB9~+DMEvZ#ZL`HWM>V8_!s#t;9NQBerQfu}?dQ
zW4eaaOgo8_)|<|_rfW$pO`FfuO}mMkW#%=ZKADVi+`-J(AJIs8(!g1Wm$Q;a&PJLz
zJMnQ2;^%5eGv_2NkZ$E%q>Za3EVOCo>PQFYCY_B;2g7-M3|Bv2dqh|2scT6aXjpsq
zRFqta^O-ndS4jFwVgVD$)ulv=T}%`9)Wm5vky<2CK0{VxnN<>J7ZQ9deI-t=2d&mH
zALrT3<v4q0^-`Rq;u*-Ezn;0APO-6MBA&{ynKZl)y+>mi_G%(?nN`N?<=HbM{J^Cs
zA75a{&!6tM$~`AiOYD^d$*e|`>~b`AIgyI<{p^)=a&;LKiRI`L#?jOQ3qxK_lV^Bn
zA7x{!d?vljk~p7UC9yakw7!pXoegM2^F%b6j9yB{16t82kp^)(wU}6fTKo7)V(MBf
zzLH6#QvsvsoLE^MCopg(PUkGvO_nAdUkH_Y7hUI*(G2itc_NyLFQv(K(SE+f!3)<{
z;-a04MN?3+1oZHt6?5?JYBB=@*2pc-Q&vNXdwdo6n93w#Q6yrDkThAdJp*h-P6QKa
zQG4Z(=q#~C=E|BgwvY&_TbZsLx)jeu4~e#gXeL_X*_!jR{FN`q64;rivLlJ5YtCmz
z_+TuRfWO!xG+S#e@pmAa$-swL1_B2b;){t?0*T~B6J(+=rI@s)q|j2z+<zJt?aRzO
z0~?1ST24cBoR;Xh7S7;fp4JlsXPh_Ao90c!THJG-j?)k8ITNijbGmuUu$D8^oE37m
zc@wsRG7BxUSCm<4nS+B?P+kN5*lCHAbI5OUHA>1k@0zb2gbgf@JYP3#=3Mj*H|?W#
zzJ~Vip<^1kI$Bp>wa!iJ8miX8rh}P!tJc-ix<;-6X!gQiBc<IoZ=_?Ixh7iQH1Fel
z^G4Nd^_(ATj+EF8+rODKFX;oVqEp#i(z<$o5ZXk)4xd3@Z|c3xg}JHncBET<rL?4B
zYb#x`WHrUJu%k2S6*j%7-s-pm<JVTwhysZWU*36alxHVGlduCXTu$)vpsO-k;DX%`
zEu!Up5U0Bu8%sOYisQ*3!CsvCI8cCDOkG=nEerq?Bk={?UeP2!YGvUmcN<xWW-gDi
z=OIM6LO3f|vWtmioI)X%mzfev0@%b!koE=SW#ZQ|qikQALP#_jP_wC2&8DKuaU22o
z5VVR$5(hj@&BjX5PCus>LImjh(-5HW2{TDrfdS1at!WP1(}(6t&|Ye(m+O|8fMzye
z5N(m@N+ME1KU+kCODq#Dkyx6<Y0?!bPo8o{G(#nw-))Vk=i|vm9%*33M<+(-LsRF^
z&2y<JS)52O#OHYun@>bz5fTRh!9yNEFBK>A3j9PQ*%Dm24&6o&M<NliQDLjJY=d&m
zBQOq+67hLP7#_*$-!V4|k31&DLr1gvuht0t2Qk|sboFKRUvu2YDT_AM$Bro+f*K?I
zQSN>lX7Dl-)`S#p;)~M5X=GuW(uTFNJYE2WVXn+yEuz&iZCtZY9|pOPM>R?hKnaL@
zV@mfFn^dTJ>R?jowUwDO%T$D@f+FXnxPu96!#d7%Obe?5=R%*k8aWkm$*FP-?=T^I
zIWMPV`k*HnuNhTO9=TmP{scYQ<km~Zc4n?o&Y75~n_*J=3jUeH`Woi27P%PK$F;y0
z{kVQnv&cNEYhxBQ0n1uJB@*M3@=$dT?m-FI_2Xozw98d1VU(SLEz9Csj)Hd6yJwmA
z2HBbD^>TG-&G$lgp=bh-OM(p*O|qCCWlt}v5d+tJI>TOyv&nRH0k8-3C;-7k>Pj@3
zSb&}H+%vRjQTE4L{{wX4yCnYXY61`pI#DATC^L?glFku9bU{#w^68XlDv>`6O>B?`
zJtu-lMh?J7S@WNaLV5wQ2uV~CKgtFiqHZakA-JkY3kIzipiB}QQt_)L{D>@)^fCei
z^h|u%0^vq<O;8=|+@+@hc6m^%h#!kB696w44`IHU=F8fafv`|Qx-sa*04Wr8@oO<2
z$3&=RNjsL=)uKUc-U}M)+7r;8|2GJpXNq-<zvtD#R|dBqdL-`~%R1k4w(it*3#|dc
zJ9W>XbJr9Zouj5`W!$Z|25$~-1oCzLg}UJ_ebywfgNQASZC`a1^)`!lr>(otHuiSg
zn9zIxO5ts`COi3#y?NKnuswygqi?qz-O3amej@kq6Zy7Nv}&iNv(Pf|cFVx#LLqoO
z7d)PCc`Q5mwb>7MoQ?MxJ#;D&(=@!rZB1=^M<tq!jK^Cv=^WnQ7Io0*H+&P!=3lMj
zT_*;aHwUc~cHNuDY9>s&w@d~|SI7{=G>UQ^ka(GygHU=x3hKxu4ATX&VeLSOilPb?
zfCWXAs<o0GAnT98fR-R&h&nJ0NE@UiX&`-~dRRFC@seH~k$Vuk_kOFY&0^RYF1zQM
zUpm_g&d!{(bKBfWx}d0Hf;bI2!51L`FwTS^-uoc%55n}S*H&Xi2v_i)=K=WEqyX||
zNRI*)Va=eXi;fh~u6@45$m%!+Mh+WKEv%%$BBHuU2F)VLfa2p|h7mR#I?LkDqFP7^
zKFVkT*ueyJbi0WTY45EPYA=ZT%V|CX--d+=kTD2&<dVE~YLW>)6OqT}#n!zaq_Tbq
z-+vqe*gjUq?kd>)IsD%#xa+g01*f~<Y|G&%8pt^Z3eKUNbEx1P*}9a~zt_}qL!Z5}
zZSLL}g5V>*9m=<tfp47VN#GywZluIJ*?eO&U`6pPzq+!LCaA()x=y*GkX}+NgSYi!
z<7Ih$Mk);((WR=P2BcWFg(B4K5o^m$O6JaO=7E*nLOG-m0~(HGWJV~J;($U`Nrm~y
z=FcL3Q7Avp{Eyz?vKASG#Y%Z4n&ppFU2z$Kue$Gw2k}3LU!6YHR&y8Ay5D{<$?uh8
z*}y<GD5NMR<$7fod<k|z)fOBz>{7b0u9`YiO)Uv2%1n8jls>Fi#)3J9^`Y8wt(=mn
zJqJFTlp$>3^r$^XD|u2Uw=Tzk5C+aL`qTq$tEfO-pMbv~_XR*PYLG_<#poa?M#i$L
z6hd*i=i!WDP1q>=ZCIua_Dsq+Zv42Bq*f}G$`m~gvSAXuG~kSxI3H%CDj$agJIXQ!
z{|z;8*c9mX=mJUuVm-MUCy56=KC}rgc<Pc#q<FNsBv`8$0UR*#WKd;U!rlRYM>2U`
zu`$PICXWuYeUtHIl0Bck8Yfc=OL0~LM?O%Y+Q}Pbl)V6!nM|%4W7$5iv=*rRN~V{<
zrL{!WJFwKSCkbv!YTX`(54%8_gfAl)t9UR=aEFmm2tc(mM9K2eVbK)Dc|t-5`L&13
z+LhEz6+SCHQtG<-QMQ{8fEN$@#;qtCC?`Y<#Sv^R8o(R1%!@`o6V0shq6G`Vf?7<2
zVx;<xq9KWV6HVjep@~yS(|BlxptT?xkqcOLHA+&zjetoK7pLfe*dH(I=~#N~QM6(h
zq1}-oXu~6AsE@%T$$Pgn!AJ!GoysCAVPTa<YuMd?K>!k_5hTn@$6q*}v$gNII|}Z;
zoV#z^-dEJuT51GO<E`17vjtCo&eNaw1hZ3u)AQ1EFFhxCn{PdL^SO;fH@|p8FL?c!
zDR}#H-u{C3Sk8OwhW@>QL+ck_{p>5B{nq>zxnULDE!*u!^6n!${)Y<wp`3qc+cPB8
zw{0BB*Z0w~V9p=h_5^>4^#^nQgWH~iMK|N}?{+XQkab--XV<p5>%(0q<7&PSh+VT|
zuX}0sg;~LMT5vTAF82o}Jt&e41iN<iE59u|q4jV0E|~ADC(ILV%$t4n7#?>*_*R>B
zvPt(=z&q*D{lH^@v}lpnHZRuf5j3@+?^BN=XjjSPrD*J#m>#;7AC#(8H980(ir17L
z{tWO3AfkXMDAr+cW}|)$aH&n1KuJQaanBPr$yQ>@T(;f9TBXzi5MzaR)fANafKtUm
zEq4p0=5kI>L1`6hm(vCHDO*_UW=??%BxMilI+!_!@{V0akzS@KYz<q$qEzxM6Sjq%
z@;l`?Y?t3iIl_(@fNt1OO{f6$+R;jtTSI?V&NKj2q^vVD42n}n2lLdmBPFq$ssZ5y
zw(j01TvN4&6vNmU=(A#GoVM!BEPH1**Dj9|)`tyYBd3Lb_G5-F21JY^yg<a918SX|
z8E3*-!p@K)e&qKV25PKOqgd?fn#0DFD{QRBov^Dst2wj*=@UYuanGY}3F6C;a*jJ^
zzbwUznmM#E=>yb`sHnAtoxpwl|I_$Cl*d<m4vy$q6p$rfzslPuZ$jyu;Y`_mDLFZ<
zQz<x_08JcZ<Hx%t%L={%l(P7$D&RmkoJHXZzSn9}4xFqMkSi3@Q8rY{m(*x5^<~eg
z)cye+8D;T|1QCVGB)OhlU4fGXJWQ#SnC0^f$u%SQ4l+~WR?u3OmgI5x!U4TlA6q2^
zJh7D;wCGV@ij;d28|6|-%?5wN@=6j!^MdHfq%+ZEWheaXnm3$!CY8RLQfQ#lA7$T1
zcw2L;B(waH*G!}AsS6j*vuiqbfL+sq2gD#+<Z*e?ToRTbdE<B}1CWef%}6Ezhf$g6
z@``8&R-tbtayiOh4%Cu)7)sP7<0;Xh%q4OKM0c$!D;;Kuu5yud1|!y$OXR~Xf_^nJ
zfZZCSD=Q!zfR<|+h^bsB=dt=B3@&0D1ErH3!U8lhfFu^vpTi)6!RIkRBad9hAb|lY
z0R#<c(I&B0GHfhmmOJDRb3L*gT@f8JkLb67^QIC<Ba10fIm(MKP|X1(8uBi(%rEh%
zyW@hbcqDbAPU%DLn-@EjO(JU(@;FMHZ$pp#kKqf0G6AOep{zw{WwU0XxixG2&(8iE
z$JU?x`q)+nlz9CG?_kb5xMj|Jk7ez@Y-m~!<{JW8o8YO>T8c&{Fi_|l&Gn56Y*&Fj
znq!X&ZJmX-;auCW(B55WAIY_k+_M;(tXaqX8m6^BJM(jU%Z{sAc<AAsK>y}vzS}Ac
z92Ek?(5AL-S7!os0NhV~1>b?3@4)6v-Zz>(BRG9IX9s8ux12Yf+a1U54BTnkW>3H4
znigD5>rdXSxncRatFfqeIQo9x(zn@|Z+RTF7gtlk#pYb>hVLC$f6>P{8rExHn0@i|
zy~luzdy^W*;@hz|3O#*0-F=%)-}xL6A#@)EIzSoGnJm`bI>zM_8rp>V7Qx*l_*;Y~
z|2>-#ZBL`c`r+;&#>3ucjE=s$4S~&p&9)+=Io2#Rx4k<3%Jll!2ETdud!x5UH~Wh^
zP5nqw$JF|YW~SDA%W>1Oo_NRAx8rKKWxr`(|4hNvn{)O4cE=4mlFrd5v>w_T*lK%2
z`^Mony0@E8-LMGIa=*9G<JI>Y9-V=24mC}TY2O;No~$?gz&LK0av6T;azN&XEy0s6
z!;f4BNYe!yLxo3vQ1DR&s8zO<ap&)O%9hidqPol}>I$bhrc3Eibqec1`S=wGB(Nt#
z==Iw3aN2{6BKnQ{w9%>Bm_U$L>qpNSlzz<nv@y;pN|MsnvQJx6*a9Nm95#da)G4j4
zpqwZQRCy|Mih=~{fi-NN1DjcTLRIYLvT9LHk$?jVP1q7PRh^}kv&poC_v3`U%&mRq
z<|wz|YJvt(9?><r=P9eMob#BatftJoUsAdB;B#`VjZDg7KtUNeO{lzipd2q?1ssaw
z!DjHbPBbi$^y-Rex&kL%a1<aKSCZh2ON!=YIDf~(cQ`BqLl`V7bj+JpCBX!C8)W&F
zXe=)3Ruc=NW{`{n@uCTiS<xsv31%AF$-HQz=Lpoj#|I4LE6|F(fWcp2@FE6(1;K3#
zxeAeJSxqILT?LbHfqV(`W)MsCK8INQfJc_@8w&Yg<Yh7>acLDqJQy3%s~}Pr;~=2n
z{sbHaG)JfbTGBh@Bg3@h-WT1c#zPmUxC>LE2-w|`Cqn1K=S5Gs@ZwD5;#7z`eQs9W
z6iUyZ4Tr|hN+PXxa_Z!G`0Rzq?D)(ScYb_giad*RLqmb!k{2yXkJR-{j$&a$1VkYE
zPeHV*XufSL+qBXwLH(74ov23(n*2HDDGQNJ5?lWgQanmol~AH0i7Z2**rKeCk_;-#
zXprk4;>&JH`~W7_7hH#Ou0!C~-|_VAxO<8wrgjLd!dh$AP_#4k-mK*po~G<18m-rE
zUfZy4p2&L#v!?{N_twbGk@b@sC-UxIsCWBsjolpEFm77%?jguGvai}-v2V=1Gc=KJ
zoCH5?o$prv&HnY(&8AJ;)}gHnTPL@B9?92@Whd_1>kIbgoV|I+)gg3@39aoyQ_D_E
zpwMzS*K&BL=V+m4G}kjKv=0a^-FLf#LTB&mBd?8Yp59u`cRmWjPw05)_5RoTH?Q5P
z%ftJ<gRg(#wJ&VVyfKvTJqcoiZ79|-U44bl<GIe`cQX0T$$M?C+PeSM)j4YJIhlH2
z@hIbJ+BP>z4q!DvBcxD({yuPwx-x%Xfc}?10yOYcc|I9H?*pz@6}Z}hAOyjpRKw>T
z6?{6X!Y3l1d{>J?=bjr%6h6rpf!w`2@yl37Q4Y5w$zpH<1B5y__MlZ|?E5N~+R4`;
zQlrbnqzpv$3T#BMP(~tex%lF_v*DR3H5!p`;((R-LvCRiifxKK<P}I&2Me(08L|B%
zz(UgcSy=J>e?wc)SN8x$V8{K?A09A<KOQjlLc~3j9zem$boJcx*B}zOWF#2c4+#`i
zjrp`xHQ|p)0IN!QJ{b~JSJlGivZ_|Kg^jb9TkL}-dsH<*lS*YwRH2D$?MM}6?BY!6
zx+jH_%kn9obc^wKgOUm03$;=~8@fJ=I+<>jB&jD~LKsQK6767wViS6yf_w+wQYl<&
z&{5&b>6!5-rb_yc3SXpR8F(7Xz#~<tw4mP)chWeuvb*X5B}H;AoJ80$L$C*SdUrer
zcHDtKJnS6)c-ZOd|DO4_d8_3OeZFrBZ1Y#Iy>e~Suu1Z5Ll0;zik{N*yDKL<z@|?{
zIr-5aAxXg_Nc=vKq_Q5XThS`pk#kVxrKUo8`H2c{oNL2X;70biNj6{QW$51xZ6*;n
z@PI`HFeMd+mQwRgjV3DCn4P-tC+9+EN_f&#h7GwwMwG?}t3EYMSpnJ~biS1hADLAt
zM3oPq@g7tO?05!t+z0;fsB+}vQKh5j^}g5oHb=HX`HqoF)8~`vHRMn6OFxgnpFvP@
zBxi&IYVhEh=e~D0Kn41U+e-NUo(KFaco`IZRd7Edgo|p=!)XT<?-Y1DbZfix7y+F8
z@-HPyc03!6ku=Y<Sfh9+(BWUcM@fAhqxdromL}Q0cyKA$FWsUnIYxTnR2}W-l0!sl
zUCJo!uN;z_N$wKWL4{Nx-IA8Oue{B}<GYo|5c0{0><or`=x|Do_s<s+a0vlUAgHN<
zP5>|=@OFjh+ux-@Jrdw+VWHigZ;Dqd@z)!BZY4_gNB;vl|Ndj}-@qMn7Dj*_<9pzC
z)m?BP)VAkp+Y7a0x!N(I&MSEQ;If5{RQD*j5$dd2Bk0+#hL_e}SX=Mi7|J_)w#_}%
z(58w?#Z@_67Ig8|Q5_qcni_DJ0Rej-PE)r0=!KtZZPe~gywp>z4cLsbUWf}59H=~s
zKn~6*>4ltwc-G44k+7=o!>>Y=_l;p=Uy0BtSPO91y2?i2z?E2eMhlKlI@SWrd1joB
zXWn-_i)uVm*d&if--W}HeaAFajybbh5-!!bVpVYk+_J!xM}aFA&K9;HSLkTqe}Xe!
z+rE_ARg_x8)(T1k`%>x%TlY}<Scy^%fI`h$YD#jWl~2sd4nXOoG74v!EV?pb@10Gj
z;m20^%P{GuMd}}6K@YO$5br7D9Y}Z)wj;V9;Svw+K{U$+bg_c_v~&_?MaRKKnxXzn
zDmT|k)uUql3c6Y0Cl{%V)Mz3ZO)QI+7)Df^H_H-9G%mwFg)1_)QVCYC$<?E9NfM9J
zsF5GANmN+Nq?3PwO3@)x89}niKVz9uA{Bo0bVa&sZC<$&ldJ@Ai+~5WG@OV-(emnE
zf^}@%^8jL0b!UDTwixe)0I<T&w0CB$cS~-<=}m3keE`n1N^Zf6o1uK;!K?!gvD|E-
zt}|EHxp5j4<GP`&=@$(x*^`3PzkVg}>=u0NMsv;=Eck|UzM-w7cZTx5<2Ow2xqX7C
zwczQ_dAc`ETc*wH+daqL@r(-2p3R=0Iu8o|b~voc`9}-><2nEFJJ0>(MBabyhWX#!
z{u?9eH_e-C+dZQ{^E`5|mhrY08yHV}!QGW}cWr!jt1j;z&YFMWZOc9(IKAr+{}c|w
z{2d!3Ie))&=LR%;ZQeieK)2?t#w{y&H-F|CyJuk<Szw0Cw{32sum^yRw-2O?>huZ~
z;yk^)4j;P_(zAgU{JjYZH~77YH4<4)FRa3eZA7$3BG1C_3`;f62;7n<d?pD$IZUOY
z+7yW_q+^i?>A;VsN0}n(;J1+EFpfZdLJ!j##CrmJnjt4KFkyfP!2}UYI>5DK>NyO|
z7@%jFpvQ=y`9@IRl7xvJZ+InQaEx#{y+G({sgFdY!bsU$4@6DjJ6#yGW6&T6gOK3A
z2CL>P%ss8eVBT#o7y`wbHiLIlzsYTNZa#Gz?kPd`&hRcq#S<E>p=-PM;avveqS<Wd
z+0buruUU2(NESUNgLN~rHF5j;E(6J8U5BB2bE3#Vv~_M5qv9#e1&smM=DP0Yv7!Mp
zun?PC*11<KMH9`MndYvI`Hk7F$?Y!q;Kzy<T5M&ko?RPFX0$zqCZW+^)M0#Jl*V^0
zj_n#YXKCLxKxy&3rmNHjV{8Mlstx3dXEmQzKlO%Qp}w)G!??3YiVq&9F^rjAc)_=8
zfVyIkG1e8etp?x5g(3sd=EBzD+ll*_ysv}0`&cJ^Df~!*Zt`P@L{sTnqG-gMkf|lQ
zSVSvc_?CViNA&nfQ6h*9<<g+^6RsdABpK;uU!CelS3y|YaC{^!LAuiDGR2dW@;Vf~
z>Ni01g4>Z1{3$NM147ZSt}XqDD_Dx@FGEBNT;V@UuM?8Du;+^y{51yOz~E&J{uTo~
zoF}hh@OK#eJqE91@DCV#7lVJq;F}oG6<oQhMe~@nS&x&SLK9fj4F5L}z(KS|b5E<+
z=<nMZjq_c`|0|~ZU1snDy-B0}fPvuGE=F_sUFMOy7FWUId)wk$AIV#~o;Sk6^mc7C
zZa9G1W;{YeFQo6%P-tx5X6gkWlz8tp257ny(n8bVHq&s|cL3AP>^1`j=#OkOjnGql
W>o!xnYn(G`d^b|RW-zAT`TqbsN6R??

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/scanner/__pycache__/kubernetes_plugin.cpython-313.pyc b/src/iac_reverse/scanner/__pycache__/kubernetes_plugin.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..13e9a873050e18367b5cd8c5c54d2e3dcf14aa6b
GIT binary patch
literal 17200
zcmeHOdvH_PdB1wUC0mkh*^<q*{1g}&gALeVz!(EIV2FegHg>8JvJBdlCGWX1yEvPa
z_K(!trjsSj4v<L)=uC=f(k|(AW|?-TyV>1LcRHPph1p2GB^ffwq|J2Nip9xpcmL`4
zovZthEgQDY{?SY?_`Kiee82B;jvm`=W(K}L{cFdw-#*ANKgEdn=}Lje4Jw9tm1$$b
z3}M2mu=<#asKD18Q;%tghQ&1PG3}U+=*IL!Pvg2{hA|^Cj+uyQ%uLK<7GfE*66=_a
z*l51~n0?Ga95ie=Ry9^ls##`I6>1ebmwi7o>FR?K;78n(#?WRVtaKr@OBol!kQ#j2
z)UYwAC7#Lp$%aW|uNtR5=?$AY!0%?l=Fg~z&%^kcu%&?sTPGcT8lhd%cupO##mq3g
zV{>N{B%R16IChp~E+nTCgq=;zolB<K=?r0$>1h(<vScovog)c$D#^t&7ZT)R&}@!y
zP$zpn!DgnXlksFM#XcvswKbkfCem3pl{`yg<RY8RNLAUX#B3^aaR#!vE|yD>3(0tb
z>oO<P=SYHsHoMq(COw@z$IirNAu^jFT$0OTYZo%9xfv`FOHZ-s7zAfyP?w!1nHe_5
z%2P4NQ*%&-1ldC{vv`(chfhV=7>S=xViadW>!dSN2{siwn@Dj%^Dl61#sezeI2=ns
zVk!|(^Lk+-;L|Y$^t@wuc5X<~67M`zT9m|8D8XgsNIbz;ol3>BuzoYcv25a8hFs*W
zr%J1P`r>SYw}#`fG^Efe^Ja`e-MLg2y0?oZPtk3F6xYxktaCb>jK{LcOnQWn3<+p?
zU2JA*XD_dbkr@b+83-F<I7tXNqC=tKqtW9-2S<)aPYj*9t><gx?TN~Jz&jPmrQIk?
zEA2~Jbzw20utB^}QC;4usIXPMTahbmSX?-Sf@>;89$%u=I>`WyGDIC#5lvW4v|(>p
z*T6ihCAzSFQa@>!Gzh0WtO;v-wP6FzGln&jre1Z}NMmM*Stbog3y@}_Y1XndGflIF
zp%kRsp&cttafEGR&9GexIVP(ntGfX!#GWUey~c1At>Fq+LmSRXd#NqUq?`6@47+H4
zO@%yt*iG|lE9TYEyt;~cwKUIDF|Us1)mO~((7c9<dG$2U8*U)JbJ~E9uR10Xv2gx=
zfe1DK6FGSePRwy|MxKBKfES8G3^aQo8KZbnqV?%yDnZFwL>P`O(J%|BK#7V2h=8;y
z>`XqtN(=$CdJ=}1*TImWnb(s9AVYdQUIJ};FxB89Xg=Nx&a1#mB20>AphII)X&S@w
z^rNv7+%n8LCZHMzlC?x*v&m=)Q;gAgh9sgFdUzuw&vF>DM*)jp$dKn?DiFV|;<a2N
zHO*l!EWdAfU@|mv>f~fN9V64jfL@aviBBeD@hC|EEOQVCC`l*Cq=N7SI1kQVgnpvQ
zbTS)_^7Zn53fmkMvwEQ?js@ouQ|R5jpuKPO6ngp=v|qJ}-r&%J_C2HbF_d9=OPnO8
z5SwBtE-uX;a*XgtSB`<ySDA<^B&`%y6uz)ZWRYogMBQ0RodV`QA+23ljl|xsPN>#t
zLnpQ|sFGTMK7mQ=)0!q`LM!$b(u*P4_cIZ7L=!gjt664(3Kf_avdSgIke}%*1>p=B
z#8gF{Dltv=p>-x?m*Zkc95J*c0-&;Yw^&a0pQ0s;SXwbAkC-O=PtlT1EPYPj%uL`;
z($B!eY8fW2E!!JoL~Uonrij+g?9k#qMYIVuth{zeJFS{#1~r?QX;r`+tB37Bo{3E<
zsUG<_9!NMm$@zqWfwM!WMgag&h5*iN9wO(s0W%Aq;<OF0hm!Fu`$95%o_#KHu~YyH
zZB_IUosDJB53r}eMJWX36(kKM>~xaE^K(f!#sS)e&;k_5CSJ@AC<j$aqoN1fnVCgq
z97_ev=1?pNf{QRh1<Z-OdVn3BR`!Y{n#r<fLH2+JNlXFwIOIXm5%Xr5faf=_%4Cxq
zprSBlSU=^WfXHGK<+vzvT!gh4mr3)6(&)#bh((xw6j7IS!`{xbhhq?)!X?5nDMw2s
zrH*+`#{e6!^O|#sEWz_ZkkRo~SUQU11299WjW><F7*EipAxL<<X=pY%Om~uOqVZt>
zz0dYQDq&0cvz!ob#<*i#0ze_v52*niK@pn-(Ak0xj+)mbUW{`%4%{=Av|*YxCJRdm
zzVX;9b{14-4?qR(-@v)V6l)o8`}OW?-AkMIEH~_3aQxWO^uXCxXxdz;8-AqIxa>tn
zW3v~{jH~HN_vP*zfn{e`-r0LcyI?44O{TgBR%hPYa?jdQ@NFr0HodQd(kpJp=g)h$
z-1BZ(_HLzE`oPna_jKO#bS}E{f&N^ef7vsD;JR*lQ)|Ad_g+))ozwZgkzC)%a?@c7
zzaOr+n5z26j25~U##!Hgw|l97?A?}k<L^e6>cYaP^^Ci&XwcZ|J}zpY>_=Q3%=d3=
zh8vl;8_mOmnzuWuhj(k<-mQah8S6v1rT~r`@G3I_uJDBbTvvasz~JV4LX?BD!zag2
z4~>qGgrX-w2ptKZ4h@|iJvk0~g&-8OAjeXvI2ce9L>InpohqaSas}om>~0Mlzo^(w
zRBVTDU$e~>%l#I%hH!j|`I%!=-mxp^*tKNbMUZWj%^lAao%>#xD=;r61PQA@WOv<6
zE7P=2eh6Dw^@%Jbt?Fig<*7nQBdb0abMy|ttR|wV#ITes?gYSb<x(LDwB^RjYVP<X
zHDN?O2>cOkNMez4yJ7Xf8HSmH)i_ZDt*S#3`;f~(%?;Qf3(We&OAKQHf1Uaj*P_xa
z!y4SYje9%smttS73@|u}aRY<%!#s5pPI2TRn9=Gltc~dUV7B<NZ~{2>Ca@)>bwj$=
zlCNNVy7_pCDyXs<o0<}|TsFqBiS*QLCMmEup-_p390!FL)M}PifdZhRgL*xBij}K_
zZhk()WvNmXG>`M<(NeL|Qv}C0->g7%Y>u`i^*F$`aREySfm4tl#e7}|`tc0M>$z+!
zJIC=RsXtzuMZHxIaw@a|dZsWB0>_Bq^{LFca|yy5UWk!22(AG=MQdJ%Z9*$jue_G_
zqQ%-|H&o?NB17yJ(c4bPB3Ib7hOo;EoW(}|85}@xD`Tzt+ThEBISX5G)hvt_wGLBl
z!R@(n;_`{SdrQu}W!b%TVWiN~wlG@oG+wuS%kql0;HtZ_=gOYTdv5gJ+H-SHzGXN3
z&$a9>u&uW&H!XR#?>^giRa@|Gy54`Sf6@A$x3}PH%lo==zOKd7uT9>byzd*}ea(*y
zO!H0{LcJg0J%{lAn)kLhAJ~@*?7RDXE-;i2jOGHPKlF?}s%Gk2i%!PfxMcNx_`u<L
z%&1MZz&^e<{_^;eci)?u`_@A+fj=DmxTu4ikGO3xzsm!|-OTqL_2_nWfcsY6P#t)0
zcbgA+HE;LV9jev5Q>B9NJGDA+%is)wh{72Q0f2IZcKS_}jxocC5-A1peWfD{b`Yif
zBWhwSo&~i1fE*$y7l7z#$-)Du&TDa-`1)u#a_ZE{(CLvw(a=cvWF#~^5<UIQsgdv+
zU~i=R%FWHrW=J+M1^SGj^+jo4e6aF4Sg$-_i463v`|hpFj^L6pNP(U=ipQ(6zH$%N
zWL?MysF2sJ5_oUG4kVqSwD{mj>;SZ%N?-=S`;R47Pyu+$09{}O6-rgoWy)#_tl%kY
zx|q*uIW>YFj13??bEp#3o>HHHl|ndA>(bgYHG5#LltCmZ+mQfQUWt$dxpLZSeQq0*
z)<^UeAz8gnI%tj}REvJvFac{Ne3jaY7&hKvu^mp$0`tc?Zd|?<){2F{w04>SW+Q22
zz-)l9)5eJgX*7*uNcO|Jh$><f4Yw>qS&ebX_@q98AwekxBhtrwK=y(?^l8kY=FiL}
zND|1LG7iB=N=?EY&q*S6Fq!E_gJTCZ@Pet8%p}tZRI<#g4X#1ZFj6UwJsXQZhoy&3
z9NO8-Ca0-JMq5X%2GyeJ%v>5&B8Ac?((3>_js{zq53&j_h>boELq^kd88cmFuLZ6<
zH^W|trRKm04E0eX#3=$3ombdG#i`BLolRt8!L@THD9_CAkh$y>H8roYGD8RA=-G}o
z4s<BsyAH~C3GzN(M;C$&L6{swXBeGB=o|ruH_kx!Q?YCexGXhP6OhChg49BpFFA^#
zQE&n#K}U*U!WcTo(K!JQZ^s!%C2mfh!9+7|U6i&eFk>`DAS<SyAaA>bSw*p^XglXy
z*MM<_QkS4HE&xXkII~CQ%nw}tysI<k>RhsR7PYk|dj$q9^5%!@@aBg-eXo1J=gs#V
zzSnd3u}0lq%l8~!bYHiA%bM#sT+}c%Eky=Wi+aYxzE{^%Xl}dJc(XCz+?Q+a%Qx@2
z>%6Kjv~9Wd`J10F__h^%{_A7c#+Et`yxFnr8+)wNv^QKeuNWD&JHKgrZqxRHul>7@
zeCJ@Ua}YXX8{TKs^$m~efs3znF;$>OwB{VGOUBm!dcOlY{cy!Y^)j8wUgGJ6s*ysK
zr%>hkz@P;Uk^yJMs;u~N(E+7D;&A`3?>^MUeBWD-?rsmbZ&lSC>d?Q{ro(V>s2#j_
zYSid<VA4BX=8<;IJ3H$}nl(RY)<KvYgJyX9Dh65&Rsm`p1*IvKLMn_aRS!geDk1zF
zcI;IUYSUWy)4`v9W5q9Rh)7nq7}%{qRYLiD)fa(_H%u0#jIvsgA?BY{h1GzF5~qx)
zr5dIQJf8HEQ-KEomCOOhp8XD0!z3G+Se9YVye{Ks+6szDCH2HA_5%ut#?MTkl1#sd
zMKKz!SSn%;>$gIF!~~W@DHW6$AVkU$>Pyv`2q+5?eb@;9O#PrB00)p1A>aTY1gC9b
zO~e8=G;PF&Hng-Icv-brU-lz*v3KA&61S|#!4xHdU+B`dA=`LL@D&`v9NUf@p>%sy
zNzmiiSe#@y@IVlh?r+L1aw5EO1MG37+9H7s+d0R9WeKrXi6UUb$GbSNkp+TgM4a*i
zE4L=5Q>l}MyGYP5K=_nz6ou+*&i4Q--s91}#e8;d7T`32lPF^o@*SLDQp72Xmk}_0
zaTHLG>Q`V-6Yd!2o%B9VDhs1y=heWfegTWifX%-qK1T=`GRs9;-YvBlmAm0RVyYnb
zf>CW|HU$ec#k;eaY%EpY2*-nEj5mpOINn&&z(9pd;4LA?+wnpmnoYuGX*M=9%UfX`
z(CimIALGskY?KL+&%sE^Bsjb#l}Mw)2KTH4R*A2Z23OuQwErU9$xaD8=rGntM#SrA
zw*=vYAT0u~YsD~P5<&9|iK25Jog_NXf&(@?C3~@oM=A=N&0B<d3u=HSIrSoM6X#3U
zh&Rj2N7)z*AEzFj;m&amXdTa%;uH9qQ>-LSi{o3?vb7Rz$c1i0gPc>~YM}e~ESL&S
z?1Hi2Yg*8+0K4hP*LCIUx)!WIwzxrO%zJm_ygTlU-i>|l__B9s;rP!xw!L!kM)lWU
zx|3Y6KB%p~8eFaoELeW#-?BLVL;s$fwP|6vs5aX=3ysbB#{OJmf5F{+#|M0;$@z*I
z7+Q5hzKYFNu{Rp-S9LwAVr)$hs(gjbyB-9(7N7Y}Q(^12J3Y5QR|xbzGU=+FztR|N
z_D5c(WiPU-hC=P8LQP}ARbTKn7V5o^Ecz;Qk<pvXAFecmKKhu^**YKAb}lw9I_{9W
zEq7~{-1~u@RySbBbysYcZC8``t2!T4)n2h)wqAWEU)7PT>iD>5fqEZtDA|7B*K#nZ
zek*7m-lltNcW`)%?(Ho)2$KttNeDP)YzKj!vYmG!u%6NdECm35^#`d+23E?3)C!k8
zkZN3ApRy`Er>nlODhQVs>#zy=x=I((iT1yU&d;1_5!C`vpw;ugIwYd1cvd;I=fqfU
zHW5$4a|sG&WkRl4kRIv*_B4p4Vv-X1)&ifBcHmBgqACE^8UdVwtVmh|>`2M@R6<lq
z78W~QjgKO@i!+m7JFuCv&*CEsKt>lVX28JL$f%*XspXw=viR<UcgbmhoX|O3q$ul`
zZYuCC2=9~2u6b&}@oqU+W>r*LF4?2xGe}TI=8b>>a61$~&l}FeO%z;(tTsoH43_I$
zg9~y`;%d=d`ze&>rojP`*Uz+X&bRH)we2tX+w=bZoWGw226Fy^LR+Ae)wM0(bt2bw
zqR`rzZyn6F4nDFO+~x%%n1@{6D_xhnu6}9Rxpl!%usC1dPmNkXan!!@lERu1NAeLr
zlnN+0{i`U&Y2fIKxe9+n(=;Cb3Zw<H)(=2hfrDR(#3~UOXzP{BRv<f&2sM=?vk8Q7
z`h`^y14v1r>4TJ{iRfjsZ6({mgmi}*lC*uXC6qVe*4F@|leBR;ud@`yyUxlbLXyTV
z*8<5^Ga>2k>&&}JE-!}G+BifhFRTq}K>LR|?@)KE!uo!bm;-X=-<1s58h{(a{1%ZY
zsi3AHIZ=L-2_i^vVR%*dctFFOq;%d$;8_+tFyg3g_>uClkW^^kwu#aZZ<<RdLD!BZ
zr@*3%myAY`D(KrWzIx5&3`Ko`;>@uuh;L`-K>Pv)CH4aF)#(JtM(~I$P(_+?V18-`
zl&25{xiJc|7`@CC-g^mp@);;izKYK8p+iLwWG4jG1m1isa&ROxK5`mNjR^e&-*3QM
z3V>g-K!a0oc}(XTFbX0HGACh}2B2zqi^cI4c^n+Cfr#88hpmcY1(hiX8XYU#M9E;G
zXiW_S%Do2_04j{k)@~s2+J-ALmuK>|hjX=umurtMSRT5X@~+nVuGWR&f~)q*-phL-
znuF+}g2#K^dd-^m1aqDs7_+S|v>iXF@)rPQnm6CDEcPs(UOc?iw4+ep_@FV6Z|u!A
z_C9FenQtG@wT~B?w-y@P9<~Jw{d?c=yy3YqeCz1Vqxsgpd#!zMW*_+5Z*aF>y7^MR
zV<6WtkncEf_w2HN=#fFo)`EfCyX}r?@rz5IJw=VWwf2#>3Z)DuNErsk-Bt`TRdow?
z;X+M`Ovo50GVKOdPW8)QFEai6|05HuFtZ*qRmQQWKsq0`TK-X_!>fGyt%G!IDO=%f
zh;-U@k?udskgl@~=|m}_63o>=*W@eUz`H8}B1Ry>i%&zN$yrMM<Yg@P```qssacNS
zB-}&@4^#hV@I$_ijY_yf{s^PkJ^3a&-#`aVaBHB4yb7tjQJfdA;V#5C#GEf-`L&9R
zj5%UcegvGKLunasz`8bgc`)xfkaHbab{$+WJ_MO#-#7Ms61ds<iQuNE_jS+fo*SB5
z#+$}lwm-4m%@zg^ym97@GdJS5&fh$rZ|}d?-v4gzdI)6F0Rq`qBT!>CB9Kc!Ab)Y&
zItYXo6^cMtKONcVkAJfeXhODNRhHo@$UqxVxF)Cu`<5un=*nc7>k10j&j-pVT+#_D
zkvIx=l*Hi~2^9j6rW6EiCw@pM5p=1gUk^b)iGoeixOoi*B{`*n*zjc><64utOu|xI
z!$`w#LUEaf-JZO=Bj@hOyN~4DN0!~A3#NxI-<AE}*#D_f@p{y$(*SjvS5s%b1F5rG
zpw5;eSRpFP2a@LUAD<3&zWW<YolixHAxSrZ^HcizL?6~1zlmQjSJ#04vL4O<eHqP{
z>o0=JPk;VViR#fbFHpUPQax|N>#-<40bPfq3p#~tN%-|(z-M3_yp~?gX=&$A0tNBa
zCADR!<1-tg!f#{iYoE2rs31>=JBzsRPf$U|g|*6rvoY^%x$kUQI0$wGeDIQYwd7na
zs7y3mw_LO2JzI00t^W&U;z3(rar<k#Ztr?+@Xp!%=6$)%`<6E!SZ*6az#zB2c=L<-
zj{aOnf4*b?-O#fCz*8s`uGS|j6c0WXh2n_n=)O-38JbXq>!%6nx(N&z@O(kO{s~oh
z2BEmvK|OudN6i+xN(K!{lpml*iwY)>4NV<D_!C~SGZ5*Yvc71LIH}r(rjiP^o?=`T
zR1B#Wj!Owj6?zC&s4tJJ`$^-17AucD#ER=7`*=NBwoZCEPYi`n=2-P@C>X&-D?FQ5
z7<Z1SP7EpFQ8(XHCKAb}Pw@wFY-i~%YAgIYZx-IM2MOA>@CPTxcnp3cm(0Qs&|+~g
zvvAQF`X<lDWiupp4qk1iVq6I~sS@NAl%QIw1j${Me$chr^ipnhsi^k+IgCWmc>V%I
z6g8b?y;IYUpbr^VnPLQeNHcqZ<JGelC}47E<S7|m1iQ;6NZ_|_V5D6$4eoalF}2{x
zh-r6zZRX{fynTDlzJ1x=yP$dKtho|+HLw;h71ovmg(m+7CKfR5u>R{WTz^3T#{8B&
z@P9?aG&bLG-m1G<mv8RLHTT^2ZGYI@vZn0*{FeP?W%2dGecw(jt7rBMzR~eU$JK+^
zk6b&F_wBsr+xcepXX^lMqXQ%}c&ya^sHeW#`GLj@(wL5M`HK72k;WulX%Uv_Q?S;2
z`~M`gt`8LztjJFV6&0XsL#TjvcjZuV;#L_@c*=l6vfFY&g4!JX@<VuCMAalp?ZQhW
zUU+pYmH%W^K8)n2n}z%2gu=2>nUc*?A3)G)ZXJUD9c-~}1A>-Y`7<Qs??QQ*kZbC%
zeBtsJ@-;oVnx5sF9Si1%PG8>Xzwh*KNXomPK+1Y%+xFKkzIG8vZuHvd^^@N`d3S0(
zf}@5CD-v9zr2YWGwG=nY1P4|r<ZRUHO)-}$tFT2VsE-F4@yB{NPx!H(If|$~2bcCy
z-WrWQKNm}tavV|k4G-b6DR_35&Oo*y8lB3-qfye1ZKFgAHl!>e{TMZ(Gl&kNFd0WD
zj1ICfdjC(*LL%SZlZzOoR&~4yqZV%RB@Cg`N`4!iOX$!YtBJyeJ^VsB9+l1f(dcc4
zT7w0sMj3;k(*=LrU%}>mg?Xgb>5MCOt?r<zX!Yxks1~)0;X5shXKuq=DU9FkU7>#Q
zs7kHdz0|R5g#o{4^yq4DXm5mXnpPMH7UAc)-HX{f!?!PDes|H>p=(<lE;8WVIk|#f
zF{Ik9GsCO0tD4LGMID3zNb4J~hOe2528<aQU+ay@8{>BlEw%2>dHahdOf@rR_lgBW
zSyiL1`(a%}Q3pQMt!pnDFl1z0wM7$#psan#&gM+bD;A9JYtq%h4}yvs^mh$V|DnlN
zDx!nb;sMpBQW^BI4ETyN5Gx*pj)iv6$1>n6%0TStx@s>qgFZF`zM>h36;G*rr84Ma
z8StetALt+^Y$$GHpozQz9&f;30Dzr>*TXvvv{%q`gquvX=;*MJQ}H|1Ac`R=PB?k=
zfYHN=cQ^9!<Li_)gqP;gvxqZRY|pFAE&c8_Sn}yl)OZv83g|ffZ36ilZ22fU_}GQl
z424ech9Ufs{LWtCH6>Nw-o#9xD*6jO`fGa*h$)2i=-GV>LnxjK&q$1W1;X4%{sGe9
zI5XTIfK$|{RI2yYI+gaZol!Y{#CZROY5PEHP^mv)!1-krquTK!X3s-YRo>Ka&(v^r
z_p+(=k{-^Hy)kd|=WPChr6F%=%2}EUHecS>nzOYQ98Gygd(P1g4?DWmmmIISUx{Dc
mzf`+9SG@%uZm87n+YOECC8mDG{dv8r?v*e9l0lyi_P+tvBiJwi

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/scanner/__pycache__/multi_provider_scanner.cpython-313.pyc b/src/iac_reverse/scanner/__pycache__/multi_provider_scanner.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..0b00e3f3c03bcf2f372d92d9e1b8b9ae2057b154
GIT binary patch
literal 6387
zcma)AO>7&-6`m!R|D?3~u_Q~fw2~#uj3qj;t@tNS0!3D0Nw#c|QPDy~iS=?xZL->B
zW|y|*UJMjyoI_C?g%PJM5EVVtDGD?Nf;PwW5cJTCSs9_ca1j^H#W$)-;iA3tz1dxg
z`b#qahcokL-^{#u?|bjfMj{a<P*(oZ{MIkp2>Azgyb^F58$OPZyCg#>$#5CpEJr!`
z_s{xf{M0|gQ(nYzel{=@pn;hn4YGb<HZ&8a;h6}HuzqkhIuoO@nK+HlBxqu$i8itE
z&}{RJKn2zg&$i68(pHgVx%44#8=L=wB-=g?d%;5YW&K@bkYpm=BoiI?IiuswAE6yC
zH3ro94r-@MO#roN2epgwZ3dd)(dho7FWDmf1eUp2)+}|bM2)LzUZJ8XOS%sK1%ryJ
zUZ9d`(XwonsUqf8Q#P(DbU77`P8tTytGZ+<rt^ua7ez^?hG~jR$g!j;qQ}$(PI;xI
zK&4yS@~F5d>3I#lh?XR3sgfoZBvpeYOtDBMSt*n?Z8;@Q7eqtf<iaMIqnpdghHj~P
zSuvxySxM7Gsw_#Wj$5fOof0!;SyoJwF|D6L$-`vRC{rMb5>=wIp=pY2!MLhhhA4?;
zT`j1rdlhzVP}nx?nr#9`>-_O!U{x|Gd>g%{T8pAWDeNb&Sa2v4WHr46!dL<(rkGaV
zDXXwc=!oN~@iXG|>+Fm$f5`wwmm9CaWQ&RUGG)SzGP!QOsZsIG^HXzJi5d6eGUq2Q
zTo7dg7qyg4X}L0rZpz483}mY6vR2N+>^)?auFFc*MQc%ss`?hGI06u_EvoWj{SeOn
zL0FPzz?CrBz_+kB3bHR5Iw(*vx=mV7QRC;5K0A_^EJ@ZR)3gI{5n3L`!Z4;->XKrI
zvAzN7fuoaf_tF&&MlY2t)zBp^$=j{xTy<6Q-tO%f3JH!~P+@Z1?G#}%rX9r|Oa$Fc
za(0s^o6B0csOm5ha^)+#7RmnnZfD~ZH13it0VE;Rm*J>?m}GpE&jzx=jDG~Eti{(`
z0c>T0G*k>F!*;W`-0O}VJRJb)jdSN56%wT@M%e<DEP2{tElQTBiLQF=q8w-lDLdhP
zmD42<oFng?wOmr{1e1Mk3C=GSm5)H|VLO~-^Kv;mn#(O2`Ld=!JD$tEQ<gO30KMj1
zuAoxW0uxqr0|r95T;7nO;Rm!pGGK^dNq83~jPA?jOzg=y$+D<=r3|Q%%h7#s$PM@r
zdvfwjHa&IuQZ}PYv@mJpm8?nStSZSlssQ4c(09~3%g&jrpUE9gm6oXhoLGgzGdrMq
zm;9Zdd(zgi%6F^@Z9lxU*4FU_-$DDliCgZHhfypWpFp+yT>@UiZJy?6C>zX%(Vb)?
z8TU@>v?$PGE{)xCHc+R<8)!jC7wWVG(3;%uLfdG~4c~>C=0vEFjlt?s){D`WVmz6!
zJ1-*iddjq^(NCX)z25l5QE$;GY@))Rkj*e&2ME&v9|2nTLIyA%7ex!ySgNb22`C|1
zfT|7*<?AbsiY2XVdg$n>w!XaWOIN#7Q82ycyi$<hV7Y=MBM{q>`l5FDnnY30O*_bx
z*|Y`pB}%@oBBtHGx%Y-qVmG1k<Pb<eJC{mKALo*-6jg_IV%3G!eyqB&LKU%jO$8+%
z!hQs+UaW?(>cI-#JjF|K^zksZQ2O)$R;coh{`F%EHI-F3!@LI7yJVf`1L5^JIr98x
zeC4^Ro71<f2knO{%_FP))T8eHkNHaX_|5aT^0$w_r>^qjkGc-r&sVyR-+cYnx!Y~;
zO|SCDAEl0ecCM0|e!#ci&fj~r(s5*!pMG@c$fxHjhbA8IUH69WnI9xq`H8je-kWo`
zC%@o(oju`pw%9}+-%>!?-6rbz1~%c?LMA}N#b7dIw=^o^ly1@Gr)PlAjfn}dB&p1)
zfhtPObHP*uWyeXV;3>B_iMmU1;5cQ6000<>2SJ+vpxwKR?0t6_7CLv8z}9ZJF@^-J
zaF=EaR0trmPZC|LeAimM`wPC?krU3@BBvk>VA=Q%R9oeQULfN~^heu1;mh#d<Sm|t
z`XI{70E%QI+2~O&6FA{RI{q@DZ0rP|3FExCI2zAHXrdTM#_aYT)(wH$)7Rh==`=^k
zB`Pn1CQ}xZ?G?K19ixH4BVd@KB7qMF`8x67mdI_7m`pq@mA$xU6l@*>NExx;iG)T)
z#gbFWQMgh!UUP1FGZ66>GgIQE6NZ`5Z-+U1#cCL;L8OCGndwF)^+i0#iP7A(MF?i?
z5QJk?RZQ89x<R6ZU>o&+1O3Wf@?AlLf2S0=r0>RWrgar#SM`RgwUUU)favNi#XwJV
znS*>MXwf_q6`{CeXT%HcCzoA$;}tMd0jaTja1CXPl`s~_hJ{rB*IJ@;A93^qY#m}H
z-c+;#>zH^zQKSe&==C9Pw!l{(*iFe&9(fifn+SV1Nv(-=_5V1|EMm@Xfitr}DksCu
zU6JIs?I2YkZP2#}6+dM{{R7l@$pWaYQx@u?PkWBoBf<Y5S@2AZq{9sax9KHO>DVqb
zcPPW1=5*gYNym52X(MlN=Yg;8pZBMmcGA<R1KUcvb=v@Rb-s@*AjY$@J1-bT2eYks
ziJ2al52VrKY%BASsKWk(^S(5?qHQIOaJH??2X~w4NlGNZ2?L>RWe-lf%-q6B+{OmF
zdvMxi<`zzayKqA9x~<Ifn_n%|Q|okc+cfBA{PX<65pVpPr817X2}J~bxCpuwgVwxn
zhzyX0QHMfEh)BzD)1if<-U#r2q23O8`$`}4#y0;KynLR_*XL#U(|$b+xAEfUJg=4B
z?c`x^1(7tI{IvJY=6@#e?RN(IaqUhd{g9aGp@|U4;Kv|8)-G@b^0L356u4waS_iY8
zx~|9&$1{k72+_&>5wrp23u+OP`GzDJuy1OsS8-nrVA4(p(~#(3EC*?%L8B6ch*XhG
z@G8vP0D`JA%P^Q@aXrqch~XS$OQYgdfM!S+!3}v1D2mCalWwXeFoO^ykJ%~s0gMFM
zyTP~cQH?mh1NF{`UJ5EA5MoveC%kIB4GS@}Mt}#fXINRs@p1_hTR13&&|Cd4?hM42
zW?1Taj~x*02KKml_x<A=+$USL9znC?yKfZ@(YO;t*F70LV<b5i$HE^A;>JCXC5{Z6
zBaWx5NBd{Q;l}qB@8L+vC;b#*lfu&+q3uxJ7~F-AyZGT@GYOo`x#R&SQpV`W_Upzq
zir&EXmo3?jsHOq>u_Rf{t5LK{I}G>2!WTOLYEV`vVmf^uNjwUah3}9tT({s&$_d^P
zLnub;c2FweQ<WXmjAButHV?6sVf!^jw<A;6WraO4u;||AF^zU&P8R%Q+;4~6lq4CU
zCy^<N3!Nc8E!Y9{{L4%Tc8F;mtPsNnWV&pIU%4*ZArt{Vh@ry-NADEotLbaVZ~qP*
zfLJhveBK1Ise^^yBwr7a*5u=!gCCy#+1cNQe;5BKzS=Wh?RmA*^Xh8P#Jb<t8od>)
zg-J*E``NqMTT^Sj10P=e;9|A+Sf%$^wf9t|_tdS6HD6z%^>O#W%J8qpemVB>zCZT<
zzIV0zmD{1UzTpqG53~m_&)w4=^j*3gs|86*XH^g@f>;$sD#FP9SoQGBmBTMT6kb^q
zI^J)-(_9q}RfIz;Kd6qpR2g~cp>P(*6L%6-VW=Vutt?cBPgaIcJ`_&DcvU!35sp-a
zV-?}p$G~IaE0`O*6I*MaU27kB+}?RFR_z+Abd9aHr=ErQme%$Cq+_sljw3?Ht;D~-
z9w6-pHb_&V^{ejW+ThX0{RdYjf4*Gpf1%R<!sEf=75P_(*F$_y>+Mi2$~KN$t_rD&
zkh*{Ep>PtHYr504)_#gD*LAP$r_)u)#M%$7wRb*?1X@}*2vq;AwZR(yG0`pm>B!{4
zseQiB_eJ063Vhx_G4@7V;LmLV=ukxWBsZ6A+B-!-C&ls)iqA<D;~W~o3Zojw0`Ts4
z&0WyhP^@r<c@e4~k#%1%5UvTKK>rH=VEDy~c=BrkomvNYw^?pIa4OL8r03wu`TN@a
z?|=H{gRzOq&})^R$r=*iE~5j_Lf9fuIe8EAPj<6h*bbp}K;mu3>hE-lNzs3@G?}8U
zI%XOKBY}y|QSeZ9Ys14%3f`C$&2(~UmZY)MVvuHcHqLVrz1$VaRA>UJJ&jb?l$Zs8
zB`|}xBSpo!z>L@t`V{VoJrfOJ3)46zvu$a)9X{(ke7!=y2UEb5h<OL9nxEsibzg$x
zH~I+I{3SX3B^mjW3_s%ooDXz?^ZhGMxZ{5#N1sH5YNY$Gk?wn^RwF|<gCI>`?3pjX
wb=F{7=Y}7;HP#gvA<iAB5vW`OcKaBC=Xz=cDwhDQXH7F4*YQt+HM^Dn0f&TaCjbBd

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/scanner/__pycache__/scanner.cpython-313.pyc b/src/iac_reverse/scanner/__pycache__/scanner.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..a94d3f485bdfdd25d68568d6836d1166bc0c0082
GIT binary patch
literal 11608
zcmd5?YiwJ|b)L)jn-nFH5~;`4%Q9`5vMhObE%_zOTHBH>Z%A=tRN7@|@=D?^MJjWt
z^;!+mMS!Mqlf~LwEG)MHR>_a94Frt>1c?I_h`VUopCwBtWN(DVK!XDQM^|!pk^Jd7
zb9pZ*T5kKR=s+6IoqOhW=FB<YIdgaHb_;=Y`{&Mgz7rti-|#_6`buHv-=Xjc2@^`f
zTv#*BQI7p;sD}M&sTO{<)4C}g)lKQCo<};}v|-9fjZ-FSV$b?%^OS{JrmWODWurD$
zXPCB6IjDmt^O{hHGHms?o6Nh8bMiB7Xd&GsZ1j<^Y2JNYTd8eiwPvWb)YLYyS}WAr
zYHFLqcIpW`s5k7SEsVki6b;8UmA+aRH39e9--Y9`bXuT%hQ^l!F-v3F4CNQ#Kbc;j
zF{oILXIH7fCz4`3^PWI&1}&C}Ook?s=~z|}`4yUZFPVT2R#K~r$+XC4Gb(L;A5;)C
zt28c%1D2&&I+04I7x~y~c1cKQlkr$KnMn`uRLIgKP+-T4&_INml?=@S?Envrc!5%w
z9Tk+>JjM0Q1T>N<0Taq5mj%g$`C29|VC_UKm5N<YLG9HQ93qwqXeBEy`wf~|NWu$S
z<$(<+S@0<&h^wh=fRh|R#Mbu)TV7mdo}B9{4?C|x;cbwac>=ORP)<NbG*lPX&g;Xv
zdHskkLPof--bdasy`!Usuz?yQ<P=9uy(D0i8prqWU=kPj)DL~G4TWM!QAqGNfJJqj
z;%_9gOMI-#|AkmGB?cwCvLVrQ3|L{HLQKr0;}r>FGd4hu&pQ_(JI#GUuDMd|1!mXy
zR7C~}nNwCsX0;LWmYsm4M>q!wYa$v48P+M%%9BMB(9W#&?p+9vQ-ax}G%2&<``5Jn
zqkKR|9WWSmLMG|O)fItCrf4*oPG+OgfKJkhLTaIg#2k&rQ!!DDMn#+x&+{KhBNL<Z
zp~*L{&WF=6x-gMR2=gM1&nIK?C>20bMR=BlTlo#H+@x+Cv2E`}8OMXl@OU)E!;pRX
z0V%Z~dTjEQJZ;~#Zkz14jCoT_$#HD!)Yjmm#z${Hx|p+Fd9Kx%EjvI?9%!mFeqhG+
z;1)!qk|i2l&Lmb-Shhu@Utf)-DsP<8=t7c;SvU$pIs>nb(P$zQhk_Q4o;=xRSacRn
zM?4zK!r8dK3darz>=l;8g;XjUeZbKsoHy>>S=tOawJ8~jl8CGN^4sKJbYo?mUT@iq
zmkIoA4S#_@&oQH3rNJI4S0ra=1YW;P%11Oz!gZ>I>uV(3AT>^8K*_}M_+8G3Sy{pl
zK!0nawGs}RpeiVFwF#dT`4lwc6RVV|3?BD2C^=SQpci5(*ls+n@rq`HZe{sqGJX^u
z>ScURrJRL%zhy?b-XqJJnYCA{Q{FQ;4n4+KMg}#6Ba3|OJrH%&G65~cb<qaQP}ZQL
z5zDNWZ4pij<X7G#Ssbflsq9h35$qHZacfW<I|d$`{E8&zTEFruQ;2OFY(EYVFjF7=
zP~36ahFLpixc3xRDbI-VSn9&88?suF>BUOSurm?6Vj^?CtkdYj+~(RB1b?5iToxB3
z-Xkt}JTbjoDH>2M?iHAKI8chUB4d<XsD@`jk7rgZ@)Cqz*G|;RON<Eup8@T`tOqZ=
z9~XoK*dP!jQ2Uu1pncF5Kp#QLxD3`LwkYf`C%6!llR2C`OH4KZ6-4&P#sdy)&5PT6
z1e(Yv@Wt(ItzU||w?oiMbU_AttL*BA_gAJac~eP%TWi6_HA}?hBzRa5ZN(w$cM$a!
z#SFP6iwz$7iDx=a-@U2*g22yzVkU1NQa(lTc#6|rgnvloGkbOv1qaiP1C+~)My`W|
zo6*RH_49^#BciAgUDyDMKnJ^OVsDM`#yoEs1lTm9K??i_U}FVJ05goz7WRZKSf=){
zb>1=WtkAfWvhpkU04;5dx*=>=-h>@$>E$Du!cNxC4dYiv8PS9R8o|hoQ0IiF2KLl6
z-yC+&Tf!!owJzL<b;n`em;hKcQSYKQ;FXNHKLDVfo`L$c=T}u21=#3i5Q<+FWj&@^
zMHxH+v>K1cg%wmNJoXFV0}%?tJxmH@0K-Fl4Jd(ez(AzqLeO#%VHJ#AkE&px7r+!E
zt(&0R7L#!XCM?4HD}b2*i^Wp>^;rDf%)){UxfW?GE-b93_=EsOfLWl&dH7>cObl9P
zBqI#Ku#`bw$sW9c+7`uY2Q|{m(Z(X7gFpbM>s9!n2&xq2saA;C4_N;i<;fHUY=C;G
zE&z#$=;8xXwvd+2@7lnAe`sX_FEuEfh{i!d;3^R!0m4o1Q40oW&ZfKolmCQ7NJs@m
z@TQU!X-EScI#{WTfx?}`mMo#e5JEw&OA(D?ZU9E9Wr2fnaOAoax9;gvtF&eG%IU0W
zqs)uPdGFI-2>Po}N}DtQy$}Gs`V>(|T?LM;Oac|MxGsfIm(`_HoWh#~7?hXJ35{f3
zQs-oV(VFXC!ehh`(M7=ZI-yM)uYEP-d65FOa>STY*E`pu(1g&q)unDShZ4%teh!+#
z_Ym67x}?k%Mnluj63n_!DOZ1MDAhGbjNl09V}AoeHu=5~2ZYDRcsOvWdKDsqQa~+1
z7sXKvoCDQMQpI_cSKJ&PB^)scbn;&2U9cKpClRqQAB@l5ToG6o*iAgMypjUv2@Z9|
zuc)XWS!=AWpl<~OhuBf6jEy9+qXg~K*%+XAaOf0A5yn%-0&ng{jN)4;sXiPi4hys9
zmG1Vz<fHthg*sg(&u<S>lszA|7MxNoXkZ;6aSfUT6fG>TWL2;*e3Tc#n@lHQLdc6Z
zW2sevK~%LhvK?8?lrf-DU}!9rOav`!o=b93Mj{oGQGQJ`#;+Zk$yDL2tQT<}3&}-r
zsAabZJ4U`d&`M?@omj~v(^*k+D2$8ZCW&+mq$kiMHALB{uoF>5-CC-Xm2~ewYo<2A
zH>fcHg4CW$irFZ5S?EX$3B=1x2ITG~FRMtsC)B-=^)T8s$-#Q4&d?K8wmFLO0u7nh
zE}4{lrl<oYZ8~#<A|jNutJ%0@PKp_D2A5-5$$=}6BA5ZwwY(xVM^OYp@Rg-Smtx|Q
zWUDNcJq1iMlty+)4HaI1$VO#5Bsr@ql=*fR2<auv*dnZKOjtZZb`w<NZewEB1bj}I
zk{k>`bAnG-fk<@2sRUDUfV6iN+m7YijuqNQa;DaQwYF`$+e+?(_nUsy`k*y8e7+Ev
z%pH6^=en??)igTFL}Pc9O~mH<XzbQl-r51wx%Nv1_f*a{RW=Z_y=d~~O}@vbHhA)P
zetP)c;i7LM@0%$2CfA*%p8jIbnS9TgN6tde8+jAI?f|mp*1MPQTrM^p$~PS<Hcj16
z{OH{W?-qj>^TCUS;MBSqNWA`{XDII(DtS6f{y?c?uxupWV`ZZATGp*)2jLGE51r1#
zU+3v{D-6DCAP0h<&HrHjCkKBv@Z*6(-<e|HrF`F|Lf<sL?`9J@mG3!K=sANG{1c}y
zXYw&~8VA;>2|3Da<^jcKs;{br5Q2fa6haB9OKEOSwOk?Wxh{1RMUSR69cbrRU~ezc
zzIKd+_7btD{cM?{?RoOQok>J<1ZI)eMRarM*0D7Dw}iyNGR>*>O9`P=X&|7Y9o8%3
z3EZN-i_EE()JS50%hTHb>sid9&&g6mTeX`?_)xLwF^~X(%%LwL({gj@e9C1NGk}fO
zM6`k?tWRslwF}$=Ii>9+3tYgkcBV${3;QT{S#J*TLK-wjT!ziVN5RFbxOHnCH65t-
z3)F@jmF!=0_cL1NGx4#7EZD#`lcMn{0)m-<gQ+^nq%@QCpj}o4Nr$6I=H*N}lg*@)
zaap_C_9$0t9F)0?nnlSx2_7g5GfKXRt1~l`6SJ4D&O~P~U75TZnT>`gq4Io~IcSn4
z30{B<+~rtJC(I?FmvtP1E6D<HX_je8NejNMWE4`d6$l85h$&HXRe<n$q;3v_#$rIY
zc7A^fuS6G9VNY7xKDFJm6<dzvTaFZ4hVw1M>-KF>DQ|!LcA>d%-BQ*$&E66ytm#|R
zMO$y)*1I|T+5GqCi+!i^eWxDVPVe%h(R(-eaj@X--u$DydvM)YvbrC8juxy(x82<(
z_tCBPEoYf<XSts3o>RH*(+`)*TCU+Dx1-gfO4Nc%)Dqj!m%ClW)w)CMX79GgcQ^fU
zy5Ko*-<S6cuU{xRJ&%1O1?R}N=RnCbvh~*1Rp{|N*T3CAo;z^v(Lw03`7-wCbwiI0
z?p+IU`8IkUcOEM`hx5+ilB;>!-B;>3yzTXE4FARZ&-6I9fi!u`My=iZhjKFv`+E_$
z{%3>dI?3mqmh&#{=YjF=^H%NOTlMfjzXC7!_XsWmFFzrJ1W^C}x?~>>hwjid_lTw!
z+abb+-s{tTnz4~wTtba<Z5(Z04Dez^yRSb{6N<e8=MQv@j)iIWA4%1$)j8~^V`aUR
z)<^dDVN{I;8dBB1`|8{p$}8^>VkJDeb_}@@(5-!VUVtOH4DnBhawp?UDrjT?m0c&G
zC1$V@d{q@lvZ(TES~dCLj|vP?)*{r|RY0|TW`RGr7xF~2nJD&J#idaMI04I=KT^}B
z(uhq3BG<0|`dGHLe~cI3O|GnfVhR{#Ez+zsWAF;%yD3<pC>dfaD*&MAo4|DXRmda*
ztY;Ad-^L1P3K-<GkFv*Li)3XWrvlS7G%Hyvq|s$@QN(RzN}!?zUdK*5!-^KbX}k#P
zegH(`XOID;agolhb<-28^P`iuP8O|4^7wcBNn>}eaUf?KfFsl0yKXJHJ$DE03>4iX
zkKH5d=St3og0r{e@)up*c~|%5v0u9mAnZ7{)xFgO2lbVf(u;Z~=N;La#&bK)!TE1!
z16<V5de?c!xoLgu8rXJu?mF%`Hvah6uEWn7N#pUdhq(MXXK&8bE61r2ztOXh#cQzw
z`gII({59loWyhs;b8tH4R1NZmHRuN__7%<)M6%O*h8k*ntF#LlD}|b$2p0kSRpZG*
zY@K<s`yi9B7W`2|#2{*T(#vFhPWAH!;rxef^)rKWX2<h7tQ+L!R4+E9`l{85fQPF3
zts&J{t-e>*7(!E0mlV7N+NZ1T6+9|$!-lZ&grS!J0#VO2AP~@LJlc7@Q(y_|z5`q|
z&Z$v=km~m;G@yrc5xva)`ZY(4$1A)C?NP&@us&kMm<Vt}MNB|j+139q{7IYU)R;oV
z6gHjUB1S+rT-rEpT;S%q6%GKGzJ*+h7y%XPt2`J5d>Fe7sIXU|44WhRBOpyjz_O>!
z{{vSoFXgHkc!k&i67cnaTp}c-z%``;e!EG;tnig5op^d+_7}J-cVJ%CT|HdWq*4r9
zt1FRr7e>W%2x(7GKSfI<^F&2_j<uiSjVue%%h;}8RAUCJ11ic$uqH$)2Oscim|tDN
zOXe%%*P@}x+0doQFavm%Ci?_2QE6M?W;-n=0jDWZOa5xQHYxxYOc0!qLxFIsE#EAm
zqYq6oc<Vj$6ortUhHPzcqIx-1do#r>)j=h|(3cqOO9V#wK5?y~uE8ij8!$*_#Zri}
zx;My<EWLsQq3?+pF<O}m4M4?HIEZBJ-0a@PC>LY<4KLrQ-$dY?O!Ixgp#_o6s0;0c
zaziV_;=Tl5nYv8kevxF&T0;`>NP3vaq99poHbch9ZZ$rju2FJC)0xbQ8mVFzO_H<9
z85VP)3%Gdjcq%tmsL5C`flgrwl?I*042}<>GnmaoCV4N-T$;T!emQz>d}8|Q>#wU=
z`x?I0izz`^k@Sqg0gG&BRinZJED+;>&mE$8g(L%bV}%(QAjXgZ{TlXUtZav5tc1u#
z)RVFq#$1j}UqsRl<R1g%Dl=+>CBFa~@fRReV2M3saCqJEJ8#?f=I#&Oi~ibsWc@-}
zbHwf`wYGoizvnNuzM5}+wbapH>KQ5>c(r(7=HW<jY$iW81Kz#wHSq3z?%M_ocXxbj
zf951D!QJZ|pyHCJrPS;#c@F;2zxDM8ow<W29{L}>ojX69Yl`F=-`w{1e0uUPPyW#K
zBijR8!GFByKa=;LDfq`>*kbE&zIC|Jdc5TIKeHQMmNGG#Enn`2Inva>1Hlc?6TsPx
z-8;l(pXPoioA6T8WU0x&5xX<J-PF0+b?0iS$-8UT14g$IKR|N6#1C!tY&GXPUd^??
zw%yjbsr{>q8>8Djhd(>{gOfio{mk}bTcPJvvFAd*=R%?9QmL!2*fo~#8Y^_2Ds}e2
zJpAt4#$6Zj9(w4_d&VD$IoH%5wj0}ah#Q#I)qC4fYV>_?uF!aJyW{x7hKCn^?#p+a
zzkOl5$#-|=&P-XuwH|%a0#mzZ-EQgGjNNmVS~^QD{$0DV*#rH8H#GI})W(fsQ-7hU
z|98*|;w`0?F_qZ=g;Ce+*&&eqq1+CG{+@j+aBuKjzvlD)rVB3p=VRv#lbrsSoE;v1
z=@@UgVAcP_fey(3(W-~4JwX#xoA|$T9Wv%t;3WW*>(hSjfuhwDV0t6mevU!yy>^5H
zz^z&PCkPoPF`UcCX%fG?N$rVU@(W2Jg`rT()pY764<7}^-xVvBptNII2x-FC6`)5^
z+pvf)I=@r^;)6nPF*v|4Cq=y9veY=nfgt}<U=6ob@O=^cAPAzOG0@|cSh1yY-;eQI
z9E`=UL&DcrVYFqO!BB7nLa^;M<M7L?@SOm7>-=?r$0+YjxI$vLM{~eXDnJJJONcjU
z1~L)Vsd8q=p)9exT6ShD@kKQtX@HX|BFEvlI!Jrxx}oH3{OB9EzEO1c!(Ykf{^-iB
zD>>hZ$F|Xuvw7YAVuTElCEM&J=!@MdK}CJqZ=?5%kO6As=2Wcu5}`5G_YPP<MK0BM
z3i?y<0QUWo9#sTbZT;U+t2m;Tde{ijJvF`+Qe$OR8o(ypem6e#^9-pms%l$>Caei-
zb%4OZ$2>bB$CmjR4-pl-5y9Xx`h``|ss#7(TO~0KL6#+uAqZ5*mq3z(5;r>Y6lWZ;
z$<kEg#EC4XPEo!jeG;w~L>6tP39K;UK&j+)$sjJpjvaqRG6?B7e5oXvmxT8d$wi2M
zSL9JL!qq?)q<W7`qJ5LvRXeg@j2y$$;%%S<xik=0lPr?Gd1r6Yc_{BZlye-uKeX*^
zzMZ(6x|1q;f_YD{=o!g-Mhc!+3eHz^j@KS?swns6oqajSfz6m&Gn97@<s8Q_bTR_I
zo7n}b+~xh~n}7bzjm1yX_tJ%qV8J<9be_mNPZXSE4<{ama?Z0k(^)3}ET+aTk@l!P
zn6rEmbWr$&EOMZjhG#NIGAnpvB40Ww7qoC&4tjxo0+$9SAHN2w#OV^j89D?V1UUL3
z{ID-sDh7BJo+XdUxIMt54LOD<hjGj-A5_?e*Pu$?-pW1nNvN0!w7mSA8tjCk8%_}f
zu<v~+!f%S_PX6L1jHUCCNjeNMP{cEmK8t|~iVi!yh}k%1Y_n}3p`ewQh3rx$L2((B
z#|+mg`@+pwLMdk%f*5v1@on-<qt~0tO=RHcGowM@{si1?J^X@HG_-DX<Xs1!V>J+5
z;HJ4}`VqbViN9y_;{DY9w;#^tj*RDf&*l9SWqbi`EKSdiP})s#e!ZhS>eu&y0p6Ur
zceAX8@)NUTJ$rlN*3FIH4e?$e=j_Rwdw2ElraTJ9&+??vyP>^vqO8XU=&iMVBYe+X
zHnK+(Y3qG)Tr+!Tfq{3etT>~w=slYw_qE?Yu}h#>ZZYY{xlM7G;4iGh;4W)4di!P@
z+_mWKTfKlv^!6Ps)bC)u%r4|qz$bqL^=D9)j2L!-Q%w;W%Fq&}P%^-!5mvJe#7&jl
zHQy2j;R`+?B~rHK>h?<BS`yixiC&M10uu<yyeMQZvmlQwLk!y@T$Ka9y;wpAi@t@K
zh}jLy*zWG#amjR2{)X^0-2f6iK;oZ320;~$d#2HGx*Z$goWCKC-w^9>N&jz2-xoR^
zr+G#odu}1z@DsDEX!iZH*|+gp!QA_SVb@{eEE@sfCTH38=(#Y55BR(5(sA9lZ|*|V
i?s5z1;B&-RayUP*mVE6w;{C$#H7#fV4}v-4@qYn!u3|(0

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/scanner/__pycache__/synology_plugin.cpython-313.pyc b/src/iac_reverse/scanner/__pycache__/synology_plugin.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..e589d680cd4a5eae504dac3c171b772e48eab764
GIT binary patch
literal 16121
zcmeHudvF^`df(vveh?r5zBPOk6h(>@^&lm!mP=9(N+Nj};j9%I;~)SOu>t{J4=9PW
zV{iP2O(kcqm}E;#D&-~1NeIP`7niy!GgX&F=eu(@`NIVmdm(O$&TW;qTy>R-3yNg#
z)!sk(z8=hA$OTrLI@kS`DYARI`|F;bp6=iG`@U|xwAsuIT)+EW$2-3>$uNI~3F*?6
zZeIQk+`P|l3}HAGr@pQtDu^}L)zfOCp4Jczi}~8?+G!opP3wuCrghg1(?(*PHWAab
znV6?7#4>Fq)@d8D(Q^HD`?P~N=)K{(bGnAquuLnqWW4U0b`v+tEU5f_QfJC>JG0<9
ztrFA3%b7?$XC@7tg*0+j(!|+F^FsYX!$RXi(?av0j<nP>?F?scWH`ry<Fuw!ul1g~
zjajHQFd=wL=!2TLk1;c&i_AsMF=kQabFP1fTT3M4$$M+;BzKctA;|}^NR+TE@zr~=
z#DLj68RNsr2T{Va{8ETSBkW=_4g!2X`yd%#U5>&HpGuO@y(qhqOvWKeqAT%OIFyPd
z6KpEP--oPFBEqinP|LhXlFMv}Ek88I-{(@I@Xb&Hnjvg2^u))8R-l<sA{=EO#6oN=
z#j{s$-I`;^=dKNye~Pa+<5LU9NGKIe#g?Oj5ySOlB8s^ap?ExWHx9Y8E7*@v+@}{D
z6DzCZB)k+$MZ>985*1w1yG0}ZD4$#<;i%x8i-%H+NwPcv4c|+WHNiSp8k1XVD^bD9
zg+mF*xksWrFPJd}bywplpGvSxl5=$MAjdtvnp%n`Ql;UTA|y#5+akR_yr|&eOCKO8
z4scK$V8J2hivumx$r+^q58{9e4RW?(;Db2uf=w>M!4HdbLJW<i#LG#TV(&8x3`};0
zs5uqUz$DRf^_;Gec}GihoPI&SU|2AWsBxWe8csW+<qWjU$Y~Z#BWlh_Q)Wn677Qo_
zc_x}?J(Oprc{UEDAm0w{SZR)fvq?2MyL{(Za4ysg!h(~Yyx<x!a!y*qP1~qhu+#Qy
z=`;15i<Z?@EOXN`PsOrYTIQ`-R!7U~E0%d^Sp(-KjrX*^2EopizNGm5e|iFjBJ?4Q
zuQV@8s|uD7`3frl7T-iNk$}m{v#BHt6G>4C)+($7%#V~7sJskgiA56PQ)HFSa&s&Z
zj;}^yiF?1m0yg6Ujwi#RxVVg=Yg3O_pl5&wVE_f3;-NS{W@h0!!7e5F)ELDRyi0_Z
zqb$7fwK+BviQu{^iLE3_Neu7U-bi#Y1S^ScKYjA#P`j@rg;N)s5E~3dmSYLp3Cxok
z3i15IB#9_RR!Vv0R)RbqA7k5LV505VpY}!QGTfG*ON)GFK~JIp5Q&*^34ZBXQA3EZ
z`f?fqR1*OvP75&LRFIOTIW?qEo?e^=QYAnJNiC$bQrSJmr<)NNL5r_^>#|QLXoI1Z
zn4k;d$U%f7BN&4)2-tnW9t@QcB^r6A6103YzR2UFS>eLO*n)p*Zgzo7gvjDVG7??j
zNq8X^3I|CPF&xqWScxcEkddJT^eb!dlwd3oO9g|1_wYm>kP0rqQ}}KO-en5ieH+?u
znF@`~5Sa^&ER9;*A+i-ZeH+>z8Jk|>TM8D%1PRN70wt)C>45$Ka^GhHD!)8{SW&!C
z6Q3^CN~o*I04T{ankq6nMLXImGJ1uKu8NF-GfL0$%O6$hEyJ9a`fVJ$$}kCiK;2u)
ziC7tC9+8S(oQX3_?L<`pZB;3YLP}Rv%37AX&6X$I?UUuHcKaJ~`RT39JoHAq!bkgM
zFSj*slcWObd53(jk$6c!8_)&xoP%?Y>Jx^5!CxcElw)Z`<i6J(8HbvH*3NLQfEq$~
zKx1c4>B~L1y%IM`ZE>}*ba2+tYu+Q>`5UCWa?I7;?vPjz%iOcIG4t}G12zORie;kA
ze4|tY@|xg#84rCSPq|N=H(*ruEMSbPIa|UwZd_E!Y^r`et5En+_F*iwR1voUKgY?v
z5?(6S2LM<soD%EZkFN1!6iWMnS&>w~jCznRfm=UCHw0Y-=wylO#Me+1@dBRX55@Rs
z=}C&t0V$$vWQ@JG$c9BVgM<xm5y&7w>|!Vu=LgJ!7J-Q1I0;(p27zH>1fzt?f>G*=
zV30sci#RG6C5TyfViRnP2WI%q)flLY^;)U=;asUHW$w&+@5)+gDVaDSwa3O|cS(q>
zp;RIX4JY^%@V#i{GEhGgc48@&S^;tfh!<O2!*N*m-jH94QdmL<lkHj8^|0{Pf@<v6
zdaq)5K!|=k2?(h&3#HgDeyodMZ@vtJ10tY(OGAgZ$e%&vbM+YOvkRJgQNZtb@?n$^
zI}90V!Jrj`V;JCS5;U;{6@mdL&6vw#t{%Ps@L)j;nmj3(rXGc(^vn88q#cENFz{i}
zhrw|S`Y}MlA!ty4Xrhn8JT4rZ8}uR_SZGzM51~nVJ&~{sC<`Y*oc}dI<ae23E#qu@
z?>8U+=GKF4l6L^`7aWbH^n<)(0MhQ(r<XP_ZI7i%-aWiw{6gB*@^o->aNC#udfqj%
z?;6Xw#`3NU&-FRi<qgAMJKP7ZuI+cS!;^W}RMtB6KONpu#?`#*TGo2)3mKo(HGtNk
zLH)6B*^1g$llQ>Um~*rrczlK0)<W$YFLfHPtH@|-T(8WGyS3n~J#f08O#U-d!C8-g
zjctV{_Jz&hwr@-nT}-X_>FDO@)AO6>OD%X#q?ginGOK&H_AWnfdp`O6OtyBq+-T9r
zG&FzfTA{srWAbC`u>-5?z3Y#!XY1d3KKUc-?9UDy?JpUX$yKn{960J<GFs@LtE=E_
zEVu^Jsq|uIJQK-$eQ$U#ycftiC!k%oy{Ly?6b%}i_vb|oRQQ}nVEfZ^<7X#NGCw$3
zJ9SL+L#=13QS-w_9o!#cC#X89GQ}D4J~I!Yc==1pQ%Ymp$@o<3$NiM#u-vU#|M-=u
z;P~9!jcemG6H~xaMH7exBaYfY13opu$t2W#L722bzDPgB8CD1LJ}9*ilv)rvk4&|S
zQon(1;bM80`P6Z2-!YVP3}uZ&1S!X%w?#!p-}W820qVf`AwGIZ3J1ZSQ_TXANT>oT
zP%^;BDvb)105|i?YNFg80KaZf1*4{0XG^1oY#bMSG!a=z!YY=i?SP;Y(MOBXx@K%}
zkPJghK8?8SWfXuR#ZLwJNs_5#7%XS}P%JBsqCFntQ$eY5UT8Toe20sF3u^L15WLHL
z(%SyP@(0VCXEPpLhD}fUwkEc<yXGD9)~~0B(ziam^XyLgM%Fo+b&O?=V_zIv99BBC
zEZo3E!ihz%dF&s(B<)Y9(S_2000NiI6CnB2oMuyCGlTWA1W+v!O_);&*<^uvC1~+g
zgnBM8H#h6QH8mOZPjRyW|HM@A*4uMa+!y9o3w?Edbp@4CGy=p{d{mG=O6adNP}QV=
z2VO^>Z|;w4`}2+yS>p*hD1uQM{X?Wxo_W169MxuC*a;Lz9<E9=suNs5m1nJAUm9ga
z1jJYURoa}FsZv1AsX2{AfG(<}wGe?`v9JOXnnSYMFO}6IDdTiV(@tsp7DdNOw-Uum
zfVUu^I}f=Lcni)T-iHp4hD<!m?Q}Anu~ZLAIg_FdbHz3gBaU31uN`rqfY1~10=jn+
z>G`}%%JBm&J$iALfJ{Z%*R;>8j{(Xg^y7MX8yYK!p*6G&>u55Ho+ox<F2IHqekhju
z#H4x4@@sr5x(uvlF$whTYpXzF=n@j~2D8bs=r5BT0MIM}t2oNW7Af1D83#|{YJx{*
zGw#2MoNoN)<e3o`9C(q3;KVybKc#6t#@;%LX}v(E(BVgr=A@#JfP*68D$_+D5=^Q_
zN(}Rei){cOkM$uwaW{mmErV4GUP4M-zaTyCpSTMB#2RNtPTY;9X#c;o3VkuG@aWu`
z6Hr$a9x%@cI(jQo*P8IkYEXLpAi53&6)PA*_#MuS2)YnihDZaEpdqP<pby1YU_{s3
z%1kdJem&)v8v{P*vxv;i0Fy`1(Qy_mimxOXK-Gm(DME0S2!?U-9R&>x2^oVda*pQ1
zcS(Sg#%B;Y-VBzEVlaorM(jWBwqfZZnCbAs)ELL7iu|smINV}4gUW6S?b75b@w^H$
z{{$N1KZ5}1UNd8LzBl@KG-qi(aJTQfdvosIthKkOtu^@yZpxFy%#F!{!~OWz54_#`
z-u|4oKkMv&rDy7zw<foH(!=@Mf&JQ%O#8;vfwy%lmF+sW*Pi!Y-1kmAcWqn+veS5M
z%dqv$?fPwV)^mK{GnDfT<vpi1u6*LC-@1}_bZkG&^yGU+Y4Za)??Bc$P^j^2_2g^X
zwgc&V`L5G@_0NALKYD{o^yR#LS!ds;ip~HF1L~zV`H-E>Jf6umz42W0v2{{@s~=f=
ze_qsqz~?-`0rNrcgqQiAal9F#KkaIR@cRY_hF<ezjpqApU6WSL5A-Uy|AAEpp<t30
z4=>n{D54tB>(ogM94H>Y8w%eKE13nFu~f}YL-;;3$RxDzuY-SmKt^kH+6Q100+r6J
z3-pDoj3J|RN!Tk&ff3GBa!UjZlG0Y1xB<1CYXZzN&&#?8S}{sbD97{IYkEO>1stE3
zaT&^Gtd;73PL$CW%4^H{(p}l4hw^$Uw;Z3;B`g88o4FbX?6w9p?aVw{qx1?`%cgrk
zE4^31958X}Q8~>r0gE3w*pVw>m1-nx0b3Ya4e0!6ryaR~AzDET%Hsy@nK|7FaFZm=
zH*Yei)oty}?MIRWBVi9{{cT4Yfn>lgJ?~Hp35KzNem?wWoWd#bWp6f*CLz5<x6FK>
zl=k;acjXwyZa_-;aq=Izr2hF&9VvjMJm-v@X;jzAfM#u%q(HL*pd}o@1Yo3q12|y3
zv<YWGUuir8PU$(IUpu8X{Al4Gxs;NiX*CJQxMSw`#aN+f&7psYnpX0OOTY)N2azW7
zqPCUjJKaq(PbFX@i-587i)?aHA36FpcvjSOxcvnh6`dYYQ0Wo54<c2qsD#1ea|8G=
zn_N6(UGQu#&|BC=ii2+l_qYbA{*+!yY;X*0lf$&Tyg4Ase*u!lSllT?aH2X_DrZ+$
za9<7FKZmt@dACdSj!0V%ig$xL1evc-E7XNo34xt~!xUYpm3qww%k_nNDOY@#U^uzF
z5(kYN5o%LOaPJ&$gr8Y&3M6D&FOMv>H^$hXB2KQmsDn#3HgE@o;AEzZ06gs`>5;r(
zENNd}(1W`sNdV5#Q69uSMQ|=HuLxEcn?-Q?0Eyt2e2wG^HuMb$1Wi1e5Io%5GqX2l
zue=@Pu8#Y`in%;{V{*zb)XVR9cz2H%9CD4X&)x{!oDyovqNSZxp-z^O?C!bQ*&Bkl
zEUDZH<b?)V9(Dn4T$>obb!~Pgcx#-yE;N<v9Ni}51)E$iz(J=SWm!6(2~vJCf-kFw
zU0Kk1Fiek95Gx3bjt(3_tw2z*37SOmAwiWVXjW5U!4%_@z*>O1`f5aqa~DO!7(_6*
zj{yKXLzXc>0tD_V1y2?%;!F??JyUsx)JXGaEw~&7S7C$~)Ua!!7ZZY6Dvm}dX#%Z{
z-#EC;-{a9=UE)vWNHoD+QZ;$%@j{z~ClZk=;Y?ZNKR|>0AH)0u9@WhZ4sDnUtt?pL
z&8-{yzwYRNGP?D(e|jO)xj#IW8=lG!U-?Lt8=i)8Z_~baFy|f281vrI4eO_#hOL3T
z$G2fA)Yfg7UKtr%$M)oY=XkDj{J`3@b!)%nRIcUJfwgUWWWVE5uH({ywQD=I-*Y9`
zbLGI=ur;#ZG?;4|EL!v}=B%;drIT^DZM^kkYs-PNxzN{t;OkGn{fDiE6K4v(kryT%
zILR~yn;raMo}T@>zFb`&@VB~wjmrf`-Q(W?ciB_NrX$;aaqsTltt|W2$Igj@vtjFN
zoAxKBA3N)dTD`6J$1NS(SMx3BpO~R&-^u2j>~`bF&i<m6v3a&?9?$&aYcGbN7cb5*
zrp5zneWAPepsP3C@CUzI@C_HbPC_qicIbu4{L00EpUiWtP}fp$Hyku|d~o4kUic&9
zht_A-eADUurc1e|OZlepLPOIFi{5E2GJ2EwXRkV#+Lo7$#@1VCJ(+Q3w3)Xud?uQ0
zzVHM*ex9ecP1{!NV`uLH+*>!TTW{|>dvea6pQFF6_j4ZE#`n7$rdah4S@Y#~-4FW)
zF1P6ZtVIX+<R3v{7$>!Kp{<DNmwyglnzA?aDM_V@xRReKp$%x!rx4J9&5G2HUI8sw
z>?+A(Pv`<VNhY8J#`7UstDr-X@E^HwPhRF5hJeN|djZOV^Rm@m-uMBF-hf;tU?}sp
zFK2C)I9mWV<pPE(J=1drsb^IrjIWhYY?M`L!&2T#t0G}7KZUam=m+7T%&4i%JZ^ql
z;$7g<a;&#aO7!9Ikr$CVfY)zeM$pqDUeJn0*=piGz+K{VFJC$WFnH)N#~|#Tgi=eT
zZInoq4-3{95B|L{Sz7@mcUf>n6L??+fF!&YhWKtQAs9gq1hJk^PktA^C3%9uCIo`H
zR28;t1dE~$`R7pj%p}+(-A2_Z?205}z(Rtt2yKWu9qBnAq2>#&S~}ZB_%);58oRp+
zQ~>Oo&_n3mViZ(*I4YUFf}x~=$Q|q(>Im{{7@+k)zKH?a41!V8Fw~Ds-h@1#QDN!g
z3KKQJ@8jLKAP{tP2x*6TY)%4b3eSX~NY4>GE-S7>!_OOGnezV!Y5*!5DJp;B@;voz
z`u1HNIakMqp<r=6zEp5GXRXa(!MYl@yxYC$$$ZVwhQ45_dHjZ0^jCFF8&d^$J?<22
zeSQ1wyn7H#U~ApJwK->PK5(`lw4W=mXZN(32iev)3Jom>Ex!Gh;atn`LHC*c?yI@(
ztA(}`g_f>Q*v<mmwQJfjrMoljdG_>?RQK`S*iI~Cf3C}SUoQ0Y@2>5vWrwDoujYGh
z!tVO+wVi9}cfgwNya*c@tf%N?I=f%A)zrBDPUE)OU+5T5b8&!iHe`+UqK8)rUbt^c
z!RrZt&@ThLuBfiUZr4|YugVYyP$dCL!ubCHarzR(8UG$2&R7Lp6ej|zNSMlJ2C7Jy
zPcqW`RfKrUFWiFlwJq4n5}bXY8l>AK*pyt#A(&5`qsn_J+C)_|2-`3KzD_0hUQyk2
zDd4wey-|kW5)W45u0i6)YQVDJLkzG2PXiEJqwcYFrwqWN;2<D1xZhTJ5qk}byoiWe
zKDHhebd*sFTJ&=YCOl3j;;n)FYiOGM8w~y}2D|tqGu8=;RZR3A>ybZ%vd`sHe1l3#
zK1iNIq2wZ@&{hd2d3*%oB>4aX)ZZdRmNtBm3yZK!NiuEc4<Jv_i!VuI3EV4e`;rt2
z%iA+0@>&MV(wLq^l$?g(E1=}3fRR1hqv=TAb?Oj&e(Grf)>zl{^v>p;ZS8g}Uw0DH
z?uMshn`2vv^kUw9`Y2`&71)y*PsW&S9sM%QZ0#)c_7~cFcl&nw(zi1t-#%98@a>N6
zjHP3Hu6)OZLU;e}J3H@WJdo<Xu;2Y=uKUgB-jCYz-8Tze$9M1S+{x(o)cLOS`(2lE
zU6-EgKZ3+{smQYD&v(7~!eInFt!L_6pRRANZy(?HqUW)wW15CCo<C{)cH`dlk6iho
z8`+aLv-LACH0n+dXq3k07sov{uFo{}fW8LC+gco}hQ3HNDf(XiC86)t|MmZ|7sec}
zDj4-k#ol?Z*q5rku?@<aKtftXV?a%Z5;brBZv|#L*WuidcuZS91xgQNE0NQt1SVbt
zI0R4;<^CA&DAYB=9r#8<u?R&<lE#u}82mdd(E;4v=V6=T2ts}bCH@G5e~)5lbl(Rr
z&T1khVxU#rCaH>nt5~%H29gyhkWRi-075}W-xLog!C`0v#qbi%t%QURuyftjX`^_Q
zot~`b{{iA*+gHRxr+3S+eJs<Ncb?tQ6)euj7fYP6wgK?Y)A)30b7?CDoY6D5aRql#
z&TXFCnn_>DyGM@V;n@OvCi5^8%eKDxrFhsy@vwWhcc(XfF5}Mw`RwxT-rl*LzP~q|
z?|K8yXzniUETta+R(6l=cfXPAeq-+;fL=F%o+!AOxts4A-S4`X>$<qN_#6_~4!V8m
z&JTN^^=8iQy_N5~l<zKqq6<l8hYLw&Erq$d#^P`_n3GB7!fRmekTopR)ausod|5^Z
zmT%c&2J2Y1nDt;W{|&$%9!ZofZ20n}i_>yCiEaU%tSqAs$Ok<WCZL=ZEbsCjdU<CA
zJl=RvP#rLpEp5MDdU81~??wB8{v5riRc#EIs`L%~?o$7&NSI$MVR@~DwM<H@JjGUS
zgHp!IBUz0yR*^2ZS&cH@EGodSX1!AeKZR>k{OO4j0Kra{f0zQy4}Y1WKtVLH*BfQ_
zsF0<<r5IFzqZU1of(6X@R4hTa;^DAkcqtlLg<qW54q2WOPEzxo!s~yA=aBz`!E+40
zhrxRoP^M@WQL++Ae27970Mci!Xh)w%@$X{rpCAyl^amjZ3}vE-jY&pz>EIE0gu;DQ
z@$u-e@V|{1c~yy#u(9iKzZZKP+t3s&_Q&UCs~R?e!`l}DAw6fot!eS(EUjYMr+}T7
z?Oy>d={)t-vGejaU}yhP>^xs!$M(+d`LeB(ufa|*!P^gEC)>Ge+%cv-8CRYiDfArQ
zeYEo^W7{M7p0^5}y}MU;uBPt*v+TT3@SXUu{#kuy@cD4wcUfkP%}*a~KH7Hddr#)P
zCy_A@XFC6+_uIXDmp*zcKRlZqn#<OI?FeK1yAoprD6PsEYvGen#`s+r<}b6?e<3JU
zIv<ZhDJbo#P^xr3qGkS7VNzFuN#oxGOjZUGrSq|}gwpv~SwiW2tSn(E^EJ*o02}z6
z?GR7fRzQ_~y;X)P#jk0UAf*#`Tqs`r9(?$9y9`NKGDu-3Ok(svuxQijqRVg`SujK&
zt>EG6%YyzMNv^K&KAq?_{IAdq`3QsmhQWWw;B{cLhC-FVrm{tfU_*~y6CQuQLjDZX
zXjKz>I=K=NTSt-Bsz5`B;Xfj{d<KGLgVgS-1TApnWMbQ!?#$N?!iI~b7EZ2|p~bX)
z7F>DGp$gFAZK7*dpEl*a!y8u*yYdDL>_GZa`W<SPwpDlK^&Y{Bwyxd!o%(c7W;ow=
zrqI!|dv51k`dVf+-*NFU;=t|&*qU~vRmYr2t6bD~2UyUrpjGf0<)h(84w1tdQZy%L
zd`<Y{9rQ%Qk9W+$ARK%GRRs6eVDOu(p?Imp5ezQI2%n0>$)-dSiVeYFBpD6{NhkeY
z5%}$apn=o=<RYX+H^eyJO=EBcgBuv&5+~ol0J)X8J7~qb#~7fimU?HY*MT76rdoy2
zFJ2c6qCX}U4wik(!QeB7x+z7^E>cH=!3p^1Lof$^n|YzO>Wr_Nb-KQyeN^X7Ytvk&
zBYpdsy~sdvZ{!t5#Rn?2ZaCX>_7wwh(Wud#2M+|dV|vBFZPBdO!O`o?#IrRlA1E5T
zbiVXNk%1^P`wFAtjA~A$Gk@atZfQ10i#kkzI%{az;{JuHXrM_W)7-heusxHR%yyp3
zHH{WcG~3LWYhPLDZCu^0Ybew=6*U+iAEWUnCR^6d=1gs`bdXz|QynkKV2m;lD`X&5
zyrb$V$zY5!5G!OLRrITdN-`Lu48#f<NEP8{z9kuqQ3hgJ<})3n#L>qw_Z=gD0g+(9
z-yp!2Io-<@w{i7&1OamBN7ti}OYzIH0rB9SI63GXpl&RRA-MTOcZLP8vW9pfIEbeu
zhz;9oQkIr}sWwoG>5nJ`tAvKZ2)``;hQe}f8IJ-_;hwHwg2Q(3QxEv{1o?A(=s67N
zHU#ytQ6rNQDGG4cv6N1?|ABYi7<51&7%zxR=ne7{NWu(c_<sdKQKM3+UZ}My?Mo}8
za{Pqp`3ckYnbx3Ef5t%Yw@yZN>Mxn|MXg5V{Yz~xIEKtM`=-XfFg0$S%bPmi)#IVJ
z;Vk1RxH{f-6zT`FOkJV*Y?f&#IFG$+gHl~nLF+DP8w%Q%g0=>BZ=2Owrv8;{Rj+Dz
x@~eN#VEnV<amMI|Ul*vn1()Zyu4Av@w*ocL!SCqDea!cK#_<u&_fDxG{J(Votl$6u

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/scanner/__pycache__/windows_plugin.cpython-313.pyc b/src/iac_reverse/scanner/__pycache__/windows_plugin.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..df2d9bfad66a36384187a879a9cfb6082f3ea13a
GIT binary patch
literal 30136
zcmdsgX>c6ZnOM(#0)umK1C5&l0t1l%DG)p)5C;iT04X$w)C!QsLreo05txCx2Rz2o
zT6@HSHrg`jjf&JdDMDq(29r$$my;OwreesFZRXgjnH_I1?uE5X>~hwXKj0F!6}wW&
z_q{%6Fav<JT-kM#c-{T(_xgSJ_uf3p%d=B(efgWNSB`v!qJD%g@@0}99{nvmyiG9_
zM=?4^e^$ro$X(Cr;chr<IAi3Dw3ue%Ob};0Yd&M)EN85o^^A?Pow0NFGY-yi#>qKJ
zKGWH}Gx=OTc{ZPQohjf7Xlg<~)*v^n-W#ZiqC-0IohvS<8Ysq6Nio)ml0yb5wv@!$
zAl9ylb(2^J#5y&xWt|k0_q>iPC#m_6>YB(`YO0vldkO+4pt(z-a4>R>r{}rI)liV-
z==s@&=}?%Sig0u&JjDh0D7P>fUEo+c7~&@*S6S``eKi!Iq2Snv*KYUmER?=+EfnVF
z=xBtVjD*ANWE3Cey5|CuGodhK3xtD8Ei}(^S3{F5-)`q8XV~DvEE}Yw0sac#P7e<=
zG#`pW8XcIQr{^P)S$GVy(Q6Uz3LOXr=A$eJF;gLqy%w0Ar8y`K6@|il6keesJ~9=(
z7U0-+r4v(Z07n6(PT!bkxsHqU#SzU5e=QV+Za^giqYTZllMyZm$+MBkz%0E0eT5h7
zz8EphMHc3Hul=X^Wkx+Z!P*b)1}@LC9<$);pI_+XV8~IJ2WV0#8jxm=4UVyVWPzJx
zg@W_5fhbJ!Tz??SPDi*Kg7due2`)hY1Sc~Y2t&*?beR|I_y%PcW~0zpzMS(s`Bo59
z+_w;&VZ+hTWFQ)fga<h;!cB^+MhulDehl7UhDAO>!Q!THVRHsX&lwpDW0){8#tBom
z(MNUb7*i$niuD!aD>}~1m^q7&I<DiaO_awfl#ow98i@{ual}E=+D~yw$GXP?As(jx
z8gxcnA#{kR!;vV>ih1csn1-Ihhvuf)C_NM5qh7&?H^I!Y0X`C*lvX?GH+CD}A6<sv
zgzjzXg@Rd<fWZs&tOPF<HExunFBp8(OL-JPsZW<rG5RipPrpw}3_yJhyysJ0`f~ui
z9S|?W98FDA9@A*7gN$xlw>f$t3>}=D!6D-)u+Ma>plki5zLyp#kCAghZCn8af{9;%
zB_>$?{!lm+_4_?W!N{|-Q<^L`zkhNz!1I1Tk6ou}`VHY|fA7TD;Q4bCOgO+z^+$s2
z1kX)QgaVU(js?Ku;T_gNnB^t_+z@R2BD8wvZ*XpGxF*}D@ygw3hAey!1RuXarAo@*
zvZdVBZ#g!sd2d=0*78*T(ba*~!)t|cXa7fZ%gv&jLpOWge0}-kLxV2wsh=4PHv1ze
zOL_F_Fz)HN5{SBI!?A_~bFAMl*!}*w2!b;_JN^Dw7Xq_Vip%c@h~=ZRfDFPBNVfR>
z!N?>$7y!$NBPfLliNYeD^ar9*E_8VTumEJplcsBuot^djq1ke1mdDTkELQ;`2VYza
za2@is5PbYu>IcRX4~=G%{SLE9!EL$m7kK+Q23(a~;5P;*d6!0ppI-ocDFTQW8jKy#
z0tg_{kzx8(%tB8ELbH5U=rEBCWMTdPhK=I%{<6Vdx|J)!i7dtdmjb{+8$Kf(aHSaF
z!i3l|d{&dl_mfw?_zB4hcBf66vUCqXX=Uk_R=#D=Si1E~%}Zs=y126~$I>O=8<wux
zgKF$h4F)Y(xn?aPy5KOtPo}P=qvBec6xUK$=32r6zp=GcH5}#_rlvxZA;9wIxzN?n
zEIZBe;>zlUmSe}YD+^I<KqU!)k&%Savw_JgJP@~67l3dEf#%Egcm-PoFcu*me=k;A
zt9HDajuO5^>1wvs_Y_P<j@73o<yw7B+GaDRSy_w6aaG7@w4&jy{EW4DXeG2Vz6NXY
z<SuJb?N9Eth)a;e06((27Eh72xYQ`FMLu&aVu5>kf=eb760aq=l?a*T@*~S76v*+R
z5bsCMODNIC02Ag%CQK-kV<le9FY#hRshl9QWPW7Hgi1MD;mrIpXQp;e;>?6XIr9uM
zXjlDL=hSMYD3MDOisYQZFb|{=c{MeTaA<y9??SPhPmCj6TN;SkV4m=LbW@L<|2C$m
zg|I<J;PuTD<_XJ$rCX0I31eW4-M}&di)7@iz&P2u^^BFg+2PGGVZmGw2fRAuaHhrC
zNn9QSxgb6t>T!}77n3KKWb&0K*F?cYVJGk^a?2A%-BzZ6lqhBjNgX9)h}AMKsJDpZ
za!a`!6K2vYBU4P`%b@jg=wk_at04U;h5FnR`J}&<B)63*Bk5HnJw46Ll#{gTtZ5Y_
zttM+)B}uEznpQ>9>awO)lQcSOS`A67&ze?C(i*a+)seKutZ6h!Ys#8dPtuyRrZteX
zmaJ)wB&{`TS`$gz$24=EX``oAa9<MnJXwIaA#(gb9fyw{I1X!8mISn7n=Ge=!qbZM
zlOf7!1-O1uVB@n&YzsWrB8zug`3>oaD9iBn=nTk1(=+t>$TgN@W`IWnF>r1UvWqgG
z%r=BT24t_ZlfcvkX%r<z83Clo!RzxNEJ5rf5GE940>BLgLm)?9VQ=ugcHoZ*$K6X`
zP$dUsD`}8ZhtGpd7(_vd<U`QMq+Vt8atysM7?}%%!V`oVLP@+oE5><9*?C~eLC6Hg
z=DhSoD2|4ff_O!8M!7(kpO0|SUOHX)qLmc7gKh{%XXhHAU3Myf!W(wC;R?%LX1NI8
zAT~+rfDb)30+KEl#Zrfk^c;dxr!QPMFBXA_!%_s(PRq5)!}at0ER1%B1-j4ScZ6}#
z4D%dT1>!rK*?}pTUADoFA{Pj#;n7J&j)HXst4fr)kcgl*#7C(z7f4l<Ds?@DX_%i}
zAV29xMJCVy@&M=sc$h4~<R{{t)35ooz`!FvNSH2K!~NA|U+)U(eFY04@dg3LdvMYC
zR$i*I8gBMfyLZv}SJn!`<_Qi>Q<F;npqK^zh&&ks*7I%3ryJ9b91`(DozEeuR9K%Q
z4+zal9z%{iMok`LjyynFlzL1#@>m$FlE<7QkBza*dB$*r8P_4{ow4_xrl_z*m5GB+
zke(6MlZ$aMPPrad=QAKvi`TYXd750toVoJVTp+D0{Q@Z-S$}f*EOO}p%sJx%xx653
z^;to7FGNY5De{>iEbcOgZMD?6T`o5U{m#4^D4*?x?ry!$lu>I5)LP28kAP}p7S{l|
zeAHOJ{H)%`3e{)%i7At{1Yx_+K86xc#>JHPUIUc;Dn&s$%0U^|7%umWi>Y8LnW`iD
zF%)1kF8O<f9Za>)vC|hl3MGTkB2%+_z5sq}6nx3W)cPFi_tCBapX0br{whKEDm2B^
zsX3?VdX2utLg9C#DV7?qlxv1KXeI2_);W%%7P)**c{b%beNI--&|znvb4oXkvOBpn
zHPccQ0B~S})SRWZon|SV$JG1s$Xvl3Fb&eP8J-)(=KzSG<8^X7KK*X}eUh<FQO6B+
z)RfNC6gUouM?*JQ8uX7dL^UR%KvBV@CDeV~v_uIt=&hF?Kq^T}6H-aawG+yQM6jKf
zNm@Ih7Dz}{0wvQWiB5SSH&P%qn$R7OS`-Ki5*tkpLSH;U!ioGTbx<=hSsmF+4^L@j
zQivCo9$wNfLjN*!ilm507$q&DqJi_;MI{u1nqWmTj)N7f@?Zs<GDyLQG*~d=$OIz}
zNU%u55RBM+!E#OHvSI~9sRwPzB66%mt{N4BYOLIhHdZjrM5FUOXfxp!GxT<L3cB8y
zx$_zijF4asO@||(3$|Vj%!Y!X^Ys`6BeE6TIUIr;MgaVff0E^*eklvgP^_?t4PWi;
zKR0sTcVTdBv~OgPL(23^(?WErqerlC>^und>^+@eW>M+O3+BKiDAnN(Y*dI13QlZ9
zQVp}Q%JeTogLW-SJ_8#Z73`Ak9;r6eJOyJ93J#6l(^DuIKy53SW|7h39MBW)6b7ep
z3?`UHZceZ;BH`zTFw)E|g#9op4%F%`@cv2AY6=!U8uUX2*hvy$0{vfTp2)deBUXs&
zJi#`2eUhC=g|;VO)E}M2G@@r6!KYCSaQ?XGF<>AN%xF!(rND-R^N~=PD3(!i4k=ME
zaBzZwy*??}$aMMV_-P)A0D^^ji5$r!R@VsY4>heB9Jp6Is}ab^SHpLCgW4>o3aUQ$
znKwUk=jsxdbhRxSQ^mEnpSktSQtvXCEIzns-S%Emcl+F}b4zDe+{u!jMO(^MDV4vP
zbOBS7Dyq5Nd8>2DvwSgG)V*HRn<(l{79CqNCyIs^EkAJ;Zxl5zh2jVLlSKn@=fFp<
zGAZIzvgmZ&d3syKgVGA%m#SO8Z>{)Ab>pqFW%r^PG#EEuxWg=!ESZ-A%f_Xv%NOIt
z-HX;uW2J3Cw^3bxcjQk;QU&EHcWu1Xld5d|sH^wg>udIhHd9Uh;=o%YoB5Qx^7c!&
zURp2pBuYK;w&Tgt6N^JBSLwQ|KH;igdOqoDNmbO{t$n9<y~3NQ@Gf6ly%DeQ#w&)`
zE6yb<&Lu0JziCbtSKYaK_qBIk`@-)gi#t}zS1*2R;u{lx{&Mob*^SCWsq&U(^CN@4
z%DqYHOWj*$s;q6<vvP6$(0Kfr@uYhqUNEtlM-{Ywyp>NCG(MtqwxX1?aKqJxk1!6L
zsefC%!hEefS=75`07dt&He8x~<&P*M<}0td)BgqQ-TZg*ljZvshf}VqJ2#T9eapkE
z70LFKYjg2SpGppWYQx>O+$~k-#_9_Cv$e2k!#aP-qn7c5%6|P&4fWlclGDA0?;dcU
zvKYQ+DTC+l)%KO0K4iFm$OJEG>^L&0$T&S}fZ%Ov976FLLqw2qfqh07qsItWPiI<~
zyqAVY2hLq$yr2dJ!bb@fDS{h@Hw`Z?lmd{0X+bnl`N5_nTBzD{z(UsC{|f6w(0YUV
zv8!&~)tYd%#;vV{LC-$GlaLvBa%v3jnU~Cs1OPE)&(W!CqB<!u0iDtWpcWM6S1{N}
zJr{{;0AyWAk`aX0qZ6@M<}~EbhWMyo&c+MPImVx!?LFu_k1X9A)PuUlyRo~mo5tJr
zTlU4*;?@Jp90c3v06#GK$TU2_N5+p%u5slf%RCbqVY4(sw0$1vQbs3B<a87?Xgqvp
z!H9hWHG=r%{bPg7Ip0|Sp#Q?}oF8PiefJtN5-?sNtz?6sS`#IFKdDdX-f8@~N_`E+
zp{#@A@0YYCUHjwK{bUX}4ieJ@G!#V0MEpmX0uVlRAb?TXgfyRCo{+G?XUGN%jGnOM
z-LPN`V~V&zW|ahEiXfoIp<<6Q0ZT3`2Gt}=Vabi-NchObn0-c>iA8ZKn^5w^?U=?D
z@nj6mDH)e0HH$!^N!__@7GZ_4c#UDR&zwzY@$J$pc{b2e9Q)1yi#Bk&|GbY5Xe{EQ
z0|D5+U_o^q^n(%$Sr$-@5K|ZMk}9h!Lmw!90A$m^81x)+ei0lb<}<_m4sgCOM*~l_
zz-Dl%X{IK^Y$95al~s~W&TEe`r`Tx6rMb|#%dg;QGCTbm&9JkO&>^LF455*eK0tSX
zRtt1sFg(y_M{m$trvSpnaWBC)<zB|X4?(OtqiV0V1Q?NZPYJq1g6@c*KXB0F6kMQW
z2j&WSF&>p}+$`2Khd~$v<V%PhOJukr3sDZ?Krr=<3>@wj41HrGf~Bu-tpD`kZf+V<
zJQk77La-DqWjsDbv5*Zvpvb;i$>UsLo<|Up*e1d=3B^J3#r>E=@qcKOK3gUal_l@j
zp+bHQ0>VlaPU#j+slw9r!sbL_^AejZY+p1#a1^dPY7&l`rNX46Ayry+`{i3Nua~wZ
zO52v7UOf^oZHt!<u9u!ol%7qNjw}vs6xGG)6Km#V(W$ue)Ps`B+oQKe*GoK!63=q$
zswZ9o{|DAf&Lm3CBuk!Kv~Ag`qWbm1mPBF8Mj^dk*pw)2A`c`6l8QWuA`fsrC3awt
zfYB)b+-q;Xc4zoYpIL7`mS{bebRCadkBf>Zo4kB^AwL6|7S2n~9Y9}aXD@?gZc>Y+
z5XBHg7=-X`plo3y{F&g-tWpOJ614bq#nkC<foyE8MGA>!GcKQ1L76tl;mSycR|Um6
z#uY7y+6L7BPbg{uDAN32KpT0C3FYa)2|%z8nLY=fhBs3-^a-dk5A-+|)a-N_<(|-h
zoExa|V!1EAJk98oTs|jb?SL#k3u8N?#M0Er8Hl6CO6Ah({e?gF*<^30aK6u&6_w?G
zLcRE7igHlUoA<@Ls$uaNK@(+W^5LKBh^dLv>P^Ox1tV9t9<&+<;mg@`%$$yB!}LBo
z%%7plr1pAeZCKb=M={2*z0W@Sv3Q@-$r=dg393=a1+6!c*3DVJo1J_&huViOv)Tit
zg?Hr^R8O2;>UHj^-oH@lRpx7#dh_;F@BfzTm1hL};hKTxka3hkYGknGRj;>B)y|QX
zR`I>`bHH}dktwAXR4fn+3p((K8V|W*k-1Wf$nk`UqfsypPm`juT}Ldw4Sn>|vJV<D
zS;*=1!aS-Qz*)_nMkQ5`GEsRX*A6xqxd-6#20nCQY+rPKBQi786l>^@EX)RpW0#1;
z)5$wJ4-%J<nA=Mah^7y;BLT%Gq{ll7BFHgVd>q=+V>aeWXnr0u#OPkdJ&%h3-;S<h
zitQNPV}1(X2;518(#Zvm1GPpvk1CWXefO&a63XRRajt=i&CSmOp$ZBm(Fk}9rdPtp
zs<mzancfF6BlaU!n$9P{wBe{@MT4k@QM?>+P@+l1B-rF$@PbvISMF0V93dZ9g+Cga
z18q!TZeDQ0$D0BV5C2SnpYh}ihFLbu-GrQknsf75#tcSzpe}@>bAXpAp~Mfyd&y9)
z%o!*;fc-(&4wkcGt}<m}(nk#nr0Y?v(2MOL|Lbvy+`#8C;!iO6rw|BvK(3UcJonEq
z;ZvC45a*J}3WT!<-IIn5;1)1b!L|+>Lc!}oo;)|?3ki1h<MBwRBpyS)iM&RUoJsAC
z;K{{mNFJDK)^(_sF9c!+oCZyG9a_vw)zYAzsjgi#|JYq|$D4F}79Bq-uU|a9X|&`W
zO4T*4*FBx6dwSKHtn0h!+$^H#ruDj>L|sp^t~c(i{&7p^O8$Rqc_vZNaMQ4<uP<~z
zC~J!EyO=Dy_)%SFs=Dd!xp&T`8ul-bEI$+PeK9^h8GkVtr`auozNYq}nX2(_(Cw+-
zQyWK)t-h2zayE7R*|h`TxRg3F0K7(h!<NAU*$Swd<_Go7>-EPI^~Y1?^h!18LmJ#S
z&up5h(uVbteTkBN%az|R>3&#C6*g>?&?)cHjgF^QYLXq#qz-hiy!zF$R7Vd~SnB?{
z!BSZCXjn(JKC63JLsc|vUDZ(ql__^)s<b9mT#>4(NmW!mbeIe5;ALX7f4mjZK^tE>
z5-;v}M44bl3d(Q0Zn;wKp4IYI`&z>qvo^R%>CWi(Ls;6rWiS*LZCNS0bG@!RQP=&p
z^H-Y=DE6zZlRB!r>k(xrbf<tD8@V--syw{%`buQ&!u@^sE8~nWe(`tWz8B-=<G(O~
zp64M2!LLBuQ{J3jsB<N6`7^7*wVt)M`zP=7_t|*)g^UvQ=_T5iUs^u5+P!97jomN0
z-+%v5y!?4hiB0IT`<MJEER8#b{Z0D!?S1+IkMZ02jSzm&R4~wD`k;H?K)vb1dJ{Z<
z=&=uVT0ZQm94xYYrzj7ezf)H^c*63X6ZrgHN99nP<-2Vrct))xC^(~OvM#cFgvI+^
zc*v#rm_)OL!ps4)qh%7I9A1o0mbyR&&8j}hCWHEPG8qS1O&|MUP&CZb0j(Kd?6yk!
z(&(L-2&Qt?>@Vd9L@(L-Gs(_1)De5fSTLQ3!AKn;A{Ayr$6-l;0~j6~$z}^63LR0q
ztT^Zb#=Hz_3-BNZx>PnAp#ziA&{ZNTf<av}LWBR|5KI(ND~r0GEAR?L2+eZbzkz^9
zMGGz2qThsPp(O_@$q>4_fgth7I1`D*S@5~zZyrxL=#8S5rRY~;@5bU?&n1gS;?9wj
ztN3%Tzxn#Qt1;nfTpH4-LDE)*q5-)KJtC_DDPG2<eml^Q=(B1+bVU0R0|r^2ZOvp`
z5sV)7AG>Hj42%i%94MY-T(a;$jBFqe0K>m~KF~gZNU&?Z0JJv_sz331p;%q-<BAxg
zjfF91(Rw`bn2kQw#0_5s)r??@R<thJ48CBBRs@x>X&l!Xxj=uSFy8VgWZ@|QaPBjq
zA~P+&VpiRjANt}0u>$)8487VPbSKQXfN6%6MMGX*UkCXWw$~cyg9Ww|@T1qyd;q-9
z=`+l^Q5w_;^9xY`SyaeK@XpT=eo#!J!J`OlS<wrTjx*rUk9^S_ICBGs1dM24uNY(|
z01Px~iYM)6A`+RyMkgWIfP(!47L1F`W%M!)v1lE#6@`!Fs-(3>YWcqmH&D@zNo;J0
zgG4JEm?IH?Wax9a0LER0K(Hykw!l>(ddaG*nZX3Yf8mng{s>DNUx7J9i(4QF`#?gV
z&jySao@50hj+}b~^SJQC3=mTqVLv@)6|r%u3I`2fFr`ouz5|c)6iqIXohr#dY<|-4
z{=H#Al6e3Y5^se7P+=`q<d)PnQ^~@P$5-2=TxE9--#zxuu`irRx;)D-th&Ed{f+8B
zuT6HGx_>nO;-}VMoJzbnm3(m~d3I*QePE>}>F$dc^ntc#2~<6uacAd)!m``7w`xUI
z&eFA&8}Y)Hcwygq;i*L7sbt~sqWL3NX{xw%ad^{cwz)To%Wn66zW2^lvbcG1V8c~$
zr|C<^bysu3)toA?zIpX#-bPjPQt;0P)~gOAst(-jjysR6a1eaF;VKrfI+~f>P~#sB
zZyMm~m&9N9gZz$xQtE?aZU{dt)?rxc9`G7I?9f4&W(rYo|Nnq*L$u#IqRfFQ&Aj$N
z0Yv>bl%0kxFMFl|p#NsfyU~E1F*ajCCnJKB6ek_PKY-n6st$Ui;+`1aKf_L5p+i%|
zB6C{WnMFiD04_y}N#7Wei3%=&5g)6Ni)%}^(?jU&Mn`~m;I09W0bIg3(dUYG-63&X
z7~L_7&V+Ie+f=$4nq0sS(nhn_GO!)N14EgJ-~xO;P_C+gkD#ql(h|T&u}<D7fh>s#
zxvTIbZxNE%lXoFX$O)KPgurQ71pGB91%R2a&#T!qP&U`5-D0aql~#xr+vS#I>49wq
z+p_B2^{XH%+&*^e*q@wOx|k^5A9wBtcmPAH&Q|e*;&Oz8ieK`$wc`)#`|7DL_d@V~
zy}i$Cc)vpjA@?sKiTer!Y3k2>h(NCQ(Pij*F5Vb;UBtQ>S9Ts5Vig6FS^#3L>YMxo
zv3B`cy+f?Bn$u#juNfEQ&BA{`tU{yJ0uT#aQ04`(IB6Ld#46l_n#Ab5d12sD#;Vjf
z`AJpZhD|;ba+=63_)HCy$}bWA|8E8)5m{CLpaLsE^Wd2qf}JNsAC*SEW##sE+e{V>
zmzYTw^F`$rhzYU`FP6~i3&699*b;!OXWEZ45rE7K$U{)~SxN#1=&ZOdm=e&X6sh_T
z^tr(us6vG%E^T83FBGdu^4<tut3$y^d3yveRI0f%c1Z9-xtf-?NrD%u)f5Hesrw`}
zb%O9jcKykFSwZC^&!4RLxjL6N97)?E?`{=J)dK3?30@nmZlB-<x0+kCgMt@rMG}v}
z!L+JCEab@@y5R={k>HSD{Zrvgj)VIm6cxO=7!0MPyk>}M=+lVGmZ2b^vIe4oIh?3F
zoN8%XZy89m45UCOL-!=;o>bGm^`>VNP0yxU_pi4OC0d74&7Sq<lZob&sW$I=+u20h
zS)$T8k*GV7LXApqqP~~p=}$EGry5$;8;&I!j;Rlgt?P{^5{)MwR^?aN7xO@ARMxca
zZcVsbm-CYD!;6lT!<}%{5{BZxyDIPWBwYvN)`P?ll(umXp`GA1j^H-1al@9?tTt|g
zETN0WAD<CSFkb*wJ=$imhKvj4H(5pi7hlsD@)H@?xMKBYz$F<B3g9XW1{s6TGOl34
zY}jvH!F}0Mec&dYqfchFPpYhzBQI=-k^3)?eAhCt{U);vWAhpq`w_+51*VyQE}CXg
zTJktzl>;)alNO({8QmLu5t#!<#0+#MAAn3kJ9u33;2d*9d|`-RTRRPR5P5)sfkGJq
zP{#mxvCYs21tS(A>R_%LzDvy3DWRZF!J(;CFpHH6Hl<SV7IXqYV6$YOEjqKIKb>HQ
zJGcy@()FH|z@cDU2#3Hh?hggQ^-=VSly;U2h1;BZ2<a8IwRUyKEmZYQ=pX@fZV8`o
zDRH=VxEmNCEhV0Mkdx?82pT{#PP8e435>sUJO_&vBp7_=egKa=E-_K&kX0>Uv7~Zp
zZB_Imqw04N{MVoifWKXr*CKK<Rtjvy1)fBK2iTZ`17I^QaWC5bx};)pAO&1~&#j(2
zLrW)<#jWt}EM0e2C!EzA1r4c&u2j8e$qqhb11pE)wY{l|nvELIdd-1E&4G=U!|N?4
z5-ornI#Qr?-Pit}^`3R5W=)^m*T2yKlE7DH-kn*#zFL%QIhJfVzR}`YZhCLuy?rZ3
zAxm3-vSr|*#Ynp!7UmTe{oLTn%YSI1N-H;;sDg^PwR}5TKpQAQ3qwzW7XHzm(L#3A
z0c^hvM&NzF8|r{v2(m4gpbz6GfIh5G2<rL_Q2)nipkBWn)MW}Uo;Kl)y+t5ij=cc;
zApwM8GY!Ye9vz=<@_RA<d;q|>18h>Wp(`xiIx#U4nuL8kaMr}cL|g0Y+t3A;5wV0^
zn&64(PB_9U7b18<Ag|c2pqt=O#TF~*RL;vFn>RZJ6QT<iyuEBuXwW~8xxu3rO+M>T
zg8Lx^9$Pjz<^BfK5lXoS7$A^x{}Tcp4L~xaN@B+vL<vvrO0Ls;$A1eU_Ulj-AyzL#
ztbKQgJ+rJ&7Vig$Ew8?7eaE^~xqKm6eh|Dd(;&E)KybXRclF5X{<YxR#dz&=JArYt
zccZ>(>B3iDc=v_n=@l;7+?%XF`p{%RKy@OZ<^!Nw_6DfGUG#fb@Y7K8JyYi_6g>y+
z*U<4@>9<<}YCI|C8he=>7UPXYhv(39v15dsKS5t&FZTuK;0O*dqLZ!dM`<GYi}|-f
zs|cyX0}_n3)8}Vy@NlBaECKtRRGo{%;ueYeVR(w!J7qzkQ_v3&a6dt?acb)VVs616
z1BK@P7E|-)rIrZnszA$q1gTkw=KEMEmsgcaH06HqA8D!P<G^5cs@W}4&9;>bD?{<x
zqdS1xj~mena{b-wE5?<}$<`yu#@;O8m-2MHSAMU2#k<y!^b9^8)kJ}sP)$6{h^WjS
zhnfDpJyXryDB>r~Og{-Q<^U`W2r^bL>`6~!jQ>DGE$y+oG{6G6c2+u3NIZkd8+&t4
z5Y|5vnhg#E*M}!L^-lE7&!5L5oN_=Mp<eCuNFW@T2FZN^cK^<?7s00yw+QV8?4E`-
z5X&cECyU~pBG{E?trYBj1nkOSV-7Znif?Sw4^|6obaw#!HUi-8l53iB;Qt^Hz6S-7
z5E^7c=-izUW(UF^5eU7jC9CFm?K3+8;dX+T>U#R?JzwpKA7kRaOUbSmG6^8zR2z2X
zRDb_TVD5{5Utul>{AkGDu289gHJL=_s8vJma^$e7f-PhB8W~3#-2Mv<+&VP^ZRR0q
z-WZ28Z<LMpiN~hp0K(xgaEnv0m27|&ZF&F)A|YG==dY2#WS_Xhz8zfK!dIAi7SwWk
zfz2L-&BD$MZCIyJlC44RFA=WnYHNZ`X$^h8U^kc8Nq<o7CHGfY$N`7U!D%Gq6ac{v
zCrn-OgW{46?heZzVDSUHvb7l_Ap5=e{|aRvm#@tZ&POFamYl&AuRXZ~JU=*a=<DTQ
zEsyt}kB?nQ9`I!mMnUOCsIGGrsBRx<$B3-@>D80TmS@2E2btY`WOfT=sk9{*te3(F
z34Q(Ylfe4F`whW*b{W>}v&b^+udU3oJPEAtT1Er)GJe>#j0O+LWwPJ{kg(7PnJBoN
zF;r2Jvl<l#R9WRL9+l{geO|%}uvdW`p*RM|^#DL`6MLmI{^$<&Rk{@oZCS)zk#UA5
zRjt?nR11DMh(r3M`+3o)aZgy|2&}r8t5fbY5a?O9lS?3^+LWpVvskrYk*Wq1VZ)rF
zhRha}`+$35u`hx}@~hk(DSU`cb?%B3(mKc=1M3Q(gp!{ON;o1?_|Da)Rd>AhS-=Q)
z%ik$q>R2gBRvgZ$r)u_WH1At3Aq@5YRW9i{nQYFguTofZ+v>q&>xpFJV`2t{^B#Q?
z%mAj)f2eBg9Q0a4`*Y;bKz|ky7kqdX2zJCg3Ir=AA>~k0;*Q6$(<s;8@W#H6pp4u$
zfPuKt==9m=MtUb0=?qkjmP%UC6aAv|w8Ugj_`t^-^hL9?6K&aWfCjQb`^C~t;f2}R
z?b<F)HbqA+wE(j8g6O5k!RfAITLYk<+5s6Lu!~Z4FFeIcI+b})Ok<rwzSO4Fj9^om
z5geLkP~et$d+@}Odm=ccD*fmnPjJFL%U<-}Ii&LMAkOI86=!T8#{}XHwDUi%WH7RP
zFj?%)RBD698kE}cwiBz-)v0*x;7+VWW9wIX-tCFE9|K0Au@B5&L@{;+FhcW*RGP~B
z@x<~%7!6??+MfhDT>ouG4q1fom<IIiv8F7bFRdzCw)}cye?U}O=}s(J=(hv~z^x+%
zZ^H8~wnJ_f0xtQ*>}=4|sJ@OOklH$>{z<gjp{WIg?(ZXjIHfGaWF-<}C#;cNs;=*1
znccbbYZ;dD*AS$Zq3kC^il5X@lmS8+YUZ7#Y;^x1Ahh`;ASCP+gw%6va!@U!Du>Ga
zC$SKrF)-sAN2>w3z^sfGA~V_ThsI^ap(dLXjb^j5VrG_WLI-9rE?al)r-uH@{oJ*T
zh9d8|Ocs88*LL7kNLezG+hH7D6XQ&i={GcJATQRSpaIz{?P`dN!fDF1e4e^D7Dgm+
zaRkU{`W9pnpf8RL2Nh-Z2s;O-jQ7ErY|~*DqJdcuH(kS4u5h#+G~;ltG|`gpK$I0#
zw_wD|$sVqlqf_!SxjHAQ-SX2LBL|ji8WZelV;+-Wx;m$5!d-Kun|?TakMvV;0n08H
zg<V_FQNcc~bW|kST2pl+tQu|!gDm#y$1s7F0mx-Dfqf6E&h2>@ls6eE^TGcq;-SBT
zQcsG9HcHCw7>WJMy<C(mZ%>wVEDoldzz&IW!u}O@<x;%%_)g@$z9ozLePh3OIr`r9
zd)MPVr|&l;J4cfHN3+H$7VcwfMai~-WXmAz4nkdm3v~&Fvf->Pmo7oEaKlEU$Jf<^
z3&-9hhFziYA23GCful8eEQ@4uSA$m^JKz=BOUxU)BH|T>{3t>W>_Tu0$$(5kJFTi1
zv#Iv>gjDo^Qpk=_myA-xE_K2WASf*fwL7;2%)U)5h8{2u=@A`d1P3Vb<Rgnk)}snm
z;$z^2`W$%SKH`PlP2(Bfc>e*B1EQ2CMh<XL(ZJo)@0?z`0FpqpH(B19X&+aV2%god
zU1R|;jkm&yM(_39>sfgYOmX`Mli)QcY7*m55oKemFH;O4rt+NHLq$h`TLT{3I`@Zr
zh4>s$p@H)~__W9z3%J8crxXy^I7U2+($;1C^>vCqYmT03_ygbz3>kdEXEpGf7u&D!
z1)5(f5qG{2Cruio(O-(?ys?iFkO#s%I<&FeixH6CU!#X2+#vjth2q^ptl~;0*qcXw
zqGXJmt4()cA>=1$aDq{uJIFp0QU69WuvHn(*t-F4Z_!W~eDSwS7^h+XyU3J?)ru(N
z*-wuiZxtgz8xUwcI(QsiZPXa=@cFCVlH~!OrKbxKhU|)e9oxz7Yu6=M<t9Zx8rb}f
z$An|M9GqA|#hjh011y}>*BR5(`vjdwkTPO_0Fzj8<9-;O=o}oWK-`}!zkuQ(pvo|N
zLnQkF6gU)%voRR|2@y%IbGB5=zS?zu1ChuF5)v`VX2pUX%!*}Ix3Ay24sLHJlVzQY
zr&E=+clW)sZ|T@dQL?go@oYMCaad$7+E=cxyt1ZS+rL&5uRRBwneX&2jV(KtUSH{p
z@1TrqYEQKuOgBb69s>C-^_AUK>8~+5$^t_U)S(f3cCA&zCdjpBVHeVUWos04BVrdk
z5EJ&;5@wwD#$G}M^Bn$4k`EKI3nG#c0kndu*$xbe@Y_<)MW**?<bOs4TG0<3JJBgv
zq<X=5R;?FIhH|~A_G8809Rf#mO%^-+@=nx0i*1Y0iym^hG!XxJZy>35jQ_s~l50@x
zN$GkH5R9&XI&UZbUUj!obow&z<$)=n_2eh#r25<CZj%GHG*GxJY-!+7fvw%#ZB#!t
z5w@hC6^oryfa(<f&{z(r(kyzA@`nd<62pTUJ>9dgEMs|{;%X)Bb#e!Q7zqZb0d#b@
zogIFT2|Ux*At!Mi%>@|$1u_Wub6MHWM^$N+rYXJ_6k7bhhH?lQzrOqS(;{)|ST(L(
zjn|&oN%EBp;u09tH7s?b;(K{;<zTY$aI)^{T|Hnt26D=+czVDP3;`x<0B)n6Hm(-#
zTpb292K5*;V1PP2?%!iTG!v8fWX1qAz7+Qc2CrlA`xqE8xQPMG5=BmHA?L7ge}=Ci
z2n4HqaDup%@S7NCybQio+`E{EC_TQ2Pv62|4TJYF_%;R~VDKRZXsO^(v&y0L!J+iR
zA?Lv%uH*2#a!nB2qllL}*&fWD#8?c*;gA1cdW!li^-%9LS+}YUrp`@!uW3NHY+Pnm
z8kb+Vm%mBj`)c<Vxo=+A=}r6Mtxs=JaNo4*O$V2ZOU%1Ad_Rcq?aR@X{(Cp@y?xVK
zYdW#qze&Mu<=htDHlNj9(wXcJip%a8ZXMY);R~F2Qc-h<dB?VCA+J`dx@l=*X>?^E
z-qe$*I<jda(RRvSvgII;F@3(NeF=WQ32w{md*OTGEqvUh>rL+Eu1yMVE8VNcul8=?
z<K~dA$W*Zu+@j#Nxv$C8^`NM9(*$>Dxx8xAf=^betYy=NPtZ<&JfBY3>bD&D{+zDb
zRFQ&w2E6a@CHDumJSmR}VmFV~NLlcXS>Ue80&klqKA9}FQbTyhhTyJg2;N|ZKdC%>
z7&k3-2k+P&xNEutZ<_;q>Q22>58kmJxNGWxH~5Hqn7}Hj8oXmQa967Ng$dq7IKb8K
zsT3jmYw#>sfQ5h`%bXU>pk9Ex2)G1Ni!{I5=Y`+HV`q60zzK{J9DoXR70QJ&Z3*#r
z{rr~$!04drT&U8f;&D-+t@TQGauBy*n`V)nnubHV5FZI<>>RwzV>5VmhIn`sIbPuR
z@RdL`o<pxfxnMme{&wF9ZV(dSKgCBOfNi`w-9x=uXM9vZ>70K}<^PbX`Vr;)h0&tZ
z|AK<xXAs}@L+a=QTfw@m@-J<;|IOC)hIy;NrnBEUvPHpds~m!x!|L;rhdlosonNVs
VQ|_&XmmRu_J1_r?!aM2J{{tF*2p<3d

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/scanner/bare_metal_plugin.py b/src/iac_reverse/scanner/bare_metal_plugin.py
new file mode 100644
index 0000000..87ca588
--- /dev/null
+++ b/src/iac_reverse/scanner/bare_metal_plugin.py
@@ -0,0 +1,497 @@
+"""Bare Metal provider plugin using Redfish/IPMI API.
+
+Discovers hardware inventory, BMC configurations, network interfaces,
+and RAID configurations from physical servers via the Redfish REST API
+(standard BMC management interface).
+"""
+
+import logging
+from typing import Callable
+from urllib.parse import urljoin
+
+import requests
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ScanProgress,
+    ScanResult,
+)
+from iac_reverse.plugin_base import ProviderPlugin
+from iac_reverse.scanner.scanner import AuthenticationError
+
+logger = logging.getLogger(__name__)
+
+
+class BareMetalPlugin(ProviderPlugin):
+    """Provider plugin for bare metal servers using Redfish/IPMI API.
+
+    Connects to a server's BMC (Baseboard Management Controller) via the
+    Redfish REST API to discover hardware inventory, BMC configuration,
+    network interfaces, and RAID configurations.
+
+    Expected credentials dict keys:
+        host: BMC hostname or IP address (required)
+        username: BMC username (required)
+        password: BMC password (required)
+        port: BMC port (optional, default 443)
+        use_ssl: Whether to use HTTPS (optional, default "true")
+    """
+
+    SUPPORTED_RESOURCE_TYPES = [
+        "bare_metal_hardware",
+        "bare_metal_bmc_config",
+        "bare_metal_network_interface",
+        "bare_metal_raid_config",
+    ]
+
+    def __init__(self) -> None:
+        self._session: requests.Session | None = None
+        self._base_url: str = ""
+        self._host: str = ""
+
+    def authenticate(self, credentials: dict[str, str]) -> None:
+        """Authenticate with the BMC via Redfish session creation.
+
+        Args:
+            credentials: Dict with keys: host, username, password,
+                and optionally port (default 443) and use_ssl (default "true").
+
+        Raises:
+            AuthenticationError: If connection or login fails.
+        """
+        host = credentials.get("host", "")
+        username = credentials.get("username", "")
+        password = credentials.get("password", "")
+        port = credentials.get("port", "443")
+        use_ssl = credentials.get("use_ssl", "true").lower() == "true"
+
+        if not host or not username or not password:
+            raise AuthenticationError(
+                provider_name="bare_metal",
+                reason="Missing required credentials: host, username, and password are required",
+            )
+
+        scheme = "https" if use_ssl else "http"
+        self._base_url = f"{scheme}://{host}:{port}"
+        self._host = host
+
+        session = requests.Session()
+        session.verify = False  # BMC certs are typically self-signed
+        session.headers.update({
+            "Content-Type": "application/json",
+            "Accept": "application/json",
+        })
+
+        # Attempt Redfish session-based authentication
+        session_url = f"{self._base_url}/redfish/v1/SessionService/Sessions"
+        payload = {"UserName": username, "Password": password}
+
+        try:
+            response = session.post(session_url, json=payload, timeout=30)
+            if response.status_code in (200, 201):
+                # Extract session token from response headers
+                token = response.headers.get("X-Auth-Token", "")
+                if token:
+                    session.headers["X-Auth-Token"] = token
+            elif response.status_code == 401:
+                raise AuthenticationError(
+                    provider_name="bare_metal",
+                    reason="Invalid credentials (HTTP 401)",
+                )
+            else:
+                raise AuthenticationError(
+                    provider_name="bare_metal",
+                    reason=f"Unexpected response status {response.status_code}",
+                )
+        except requests.exceptions.ConnectionError as exc:
+            raise AuthenticationError(
+                provider_name="bare_metal",
+                reason=f"Cannot connect to BMC at {self._base_url}: {exc}",
+            ) from exc
+        except requests.exceptions.Timeout as exc:
+            raise AuthenticationError(
+                provider_name="bare_metal",
+                reason=f"Connection to BMC timed out: {exc}",
+            ) from exc
+        except AuthenticationError:
+            raise
+        except Exception as exc:
+            raise AuthenticationError(
+                provider_name="bare_metal",
+                reason=f"Unexpected error during authentication: {exc}",
+            ) from exc
+
+        self._session = session
+
+    def get_platform_category(self) -> PlatformCategory:
+        """Return PlatformCategory.BARE_METAL."""
+        return PlatformCategory.BARE_METAL
+
+    def list_endpoints(self) -> list[str]:
+        """Return the BMC host as the single endpoint."""
+        return [self._host] if self._host else []
+
+    def list_supported_resource_types(self) -> list[str]:
+        """Return supported bare metal resource types."""
+        return list(self.SUPPORTED_RESOURCE_TYPES)
+
+    def detect_architecture(self, endpoint: str) -> CpuArchitecture:
+        """Detect CPU architecture from Redfish system hardware info.
+
+        Queries /redfish/v1/Systems/1/Processors to determine the
+        processor architecture.
+
+        Args:
+            endpoint: The BMC host address.
+
+        Returns:
+            CpuArchitecture enum value based on processor info.
+        """
+        if self._session is None:
+            return CpuArchitecture.AMD64
+
+        processors_url = f"{self._base_url}/redfish/v1/Systems/1/Processors"
+        try:
+            response = self._session.get(processors_url, timeout=30)
+            if response.status_code == 200:
+                data = response.json()
+                members = data.get("Members", [])
+                if members:
+                    # Query first processor for architecture details
+                    proc_uri = members[0].get("@odata.id", "")
+                    if proc_uri:
+                        proc_url = f"{self._base_url}{proc_uri}"
+                        proc_response = self._session.get(proc_url, timeout=30)
+                        if proc_response.status_code == 200:
+                            proc_data = proc_response.json()
+                            return self._parse_architecture(proc_data)
+        except Exception as exc:
+            logger.warning("Failed to detect architecture: %s", exc)
+
+        return CpuArchitecture.AMD64
+
+    def discover_resources(
+        self,
+        endpoints: list[str],
+        resource_types: list[str],
+        progress_callback: Callable[[ScanProgress], None],
+    ) -> ScanResult:
+        """Discover bare metal resources via Redfish API.
+
+        Args:
+            endpoints: List of BMC host addresses to scan.
+            resource_types: Resource types to discover.
+            progress_callback: Progress reporting callback.
+
+        Returns:
+            ScanResult with discovered resources.
+        """
+        resources: list[DiscoveredResource] = []
+        warnings: list[str] = []
+        errors: list[str] = []
+        total_types = len(resource_types)
+        types_completed = 0
+
+        for endpoint in endpoints:
+            architecture = self.detect_architecture(endpoint)
+
+            for resource_type in resource_types:
+                try:
+                    discovered = self._discover_resource_type(
+                        endpoint, resource_type, architecture
+                    )
+                    resources.extend(discovered)
+                except Exception as exc:
+                    error_msg = (
+                        f"Error discovering {resource_type} on {endpoint}: {exc}"
+                    )
+                    errors.append(error_msg)
+                    logger.error(error_msg)
+
+                types_completed += 1
+                progress_callback(
+                    ScanProgress(
+                        current_resource_type=resource_type,
+                        resources_discovered=len(resources),
+                        resource_types_completed=types_completed,
+                        total_resource_types=total_types,
+                    )
+                )
+
+        return ScanResult(
+            resources=resources,
+            warnings=warnings,
+            errors=errors,
+            scan_timestamp="",
+            profile_hash="",
+        )
+
+    # -----------------------------------------------------------------------
+    # Private helpers
+    # -----------------------------------------------------------------------
+
+    def _discover_resource_type(
+        self,
+        endpoint: str,
+        resource_type: str,
+        architecture: CpuArchitecture,
+    ) -> list[DiscoveredResource]:
+        """Dispatch discovery to the appropriate handler."""
+        handlers = {
+            "bare_metal_hardware": self._discover_hardware,
+            "bare_metal_bmc_config": self._discover_bmc_config,
+            "bare_metal_network_interface": self._discover_network_interfaces,
+            "bare_metal_raid_config": self._discover_raid_config,
+        }
+        handler = handlers.get(resource_type)
+        if handler is None:
+            return []
+        return handler(endpoint, architecture)
+
+    def _discover_hardware(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover hardware inventory via /redfish/v1/Systems/1."""
+        if self._session is None:
+            return []
+
+        url = f"{self._base_url}/redfish/v1/Systems/1"
+        try:
+            response = self._session.get(url, timeout=30)
+            if response.status_code != 200:
+                return []
+            data = response.json()
+        except Exception as exc:
+            logger.warning("Failed to discover hardware: %s", exc)
+            return []
+
+        system_id = data.get("Id", "System.1")
+        return [
+            DiscoveredResource(
+                resource_type="bare_metal_hardware",
+                unique_id=f"{endpoint}:{system_id}",
+                name=data.get("Name", f"System {system_id}"),
+                provider=ProviderType.BARE_METAL,
+                platform_category=PlatformCategory.BARE_METAL,
+                architecture=architecture,
+                endpoint=endpoint,
+                attributes={
+                    "manufacturer": data.get("Manufacturer", ""),
+                    "model": data.get("Model", ""),
+                    "serial_number": data.get("SerialNumber", ""),
+                    "sku": data.get("SKU", ""),
+                    "bios_version": data.get("BiosVersion", ""),
+                    "total_memory_gib": data.get("MemorySummary", {}).get(
+                        "TotalSystemMemoryGiB", 0
+                    ),
+                    "processor_count": data.get("ProcessorSummary", {}).get(
+                        "Count", 0
+                    ),
+                    "processor_model": data.get("ProcessorSummary", {}).get(
+                        "Model", ""
+                    ),
+                    "power_state": data.get("PowerState", ""),
+                    "status": data.get("Status", {}),
+                },
+            )
+        ]
+
+    def _discover_bmc_config(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover BMC configuration via /redfish/v1/Managers/1."""
+        if self._session is None:
+            return []
+
+        url = f"{self._base_url}/redfish/v1/Managers/1"
+        try:
+            response = self._session.get(url, timeout=30)
+            if response.status_code != 200:
+                return []
+            data = response.json()
+        except Exception as exc:
+            logger.warning("Failed to discover BMC config: %s", exc)
+            return []
+
+        manager_id = data.get("Id", "BMC.1")
+        return [
+            DiscoveredResource(
+                resource_type="bare_metal_bmc_config",
+                unique_id=f"{endpoint}:{manager_id}",
+                name=data.get("Name", f"BMC {manager_id}"),
+                provider=ProviderType.BARE_METAL,
+                platform_category=PlatformCategory.BARE_METAL,
+                architecture=architecture,
+                endpoint=endpoint,
+                attributes={
+                    "manager_type": data.get("ManagerType", ""),
+                    "firmware_version": data.get("FirmwareVersion", ""),
+                    "model": data.get("Model", ""),
+                    "status": data.get("Status", {}),
+                    "uuid": data.get("UUID", ""),
+                },
+            )
+        ]
+
+    def _discover_network_interfaces(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover network interfaces via /redfish/v1/Systems/1/EthernetInterfaces."""
+        if self._session is None:
+            return []
+
+        url = f"{self._base_url}/redfish/v1/Systems/1/EthernetInterfaces"
+        try:
+            response = self._session.get(url, timeout=30)
+            if response.status_code != 200:
+                return []
+            data = response.json()
+        except Exception as exc:
+            logger.warning("Failed to discover network interfaces: %s", exc)
+            return []
+
+        resources: list[DiscoveredResource] = []
+        for member in data.get("Members", []):
+            nic_uri = member.get("@odata.id", "")
+            if not nic_uri:
+                continue
+
+            try:
+                nic_url = f"{self._base_url}{nic_uri}"
+                nic_response = self._session.get(nic_url, timeout=30)
+                if nic_response.status_code != 200:
+                    continue
+                nic_data = nic_response.json()
+            except Exception as exc:
+                logger.warning("Failed to get NIC details at %s: %s", nic_uri, exc)
+                continue
+
+            nic_id = nic_data.get("Id", "")
+            resources.append(
+                DiscoveredResource(
+                    resource_type="bare_metal_network_interface",
+                    unique_id=f"{endpoint}:{nic_id}",
+                    name=nic_data.get("Name", f"NIC {nic_id}"),
+                    provider=ProviderType.BARE_METAL,
+                    platform_category=PlatformCategory.BARE_METAL,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "mac_address": nic_data.get("MACAddress", ""),
+                        "speed_mbps": nic_data.get("SpeedMbps", 0),
+                        "status": nic_data.get("Status", {}),
+                        "ipv4_addresses": nic_data.get("IPv4Addresses", []),
+                        "ipv6_addresses": nic_data.get("IPv6Addresses", []),
+                        "vlan": nic_data.get("VLAN", {}),
+                        "link_status": nic_data.get("LinkStatus", ""),
+                        "auto_neg": nic_data.get("AutoNeg", False),
+                    },
+                )
+            )
+
+        return resources
+
+    def _discover_raid_config(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover RAID configuration via /redfish/v1/Systems/1/Storage."""
+        if self._session is None:
+            return []
+
+        url = f"{self._base_url}/redfish/v1/Systems/1/Storage"
+        try:
+            response = self._session.get(url, timeout=30)
+            if response.status_code != 200:
+                return []
+            data = response.json()
+        except Exception as exc:
+            logger.warning("Failed to discover RAID config: %s", exc)
+            return []
+
+        resources: list[DiscoveredResource] = []
+        for member in data.get("Members", []):
+            storage_uri = member.get("@odata.id", "")
+            if not storage_uri:
+                continue
+
+            try:
+                storage_url = f"{self._base_url}{storage_uri}"
+                storage_response = self._session.get(storage_url, timeout=30)
+                if storage_response.status_code != 200:
+                    continue
+                storage_data = storage_response.json()
+            except Exception as exc:
+                logger.warning(
+                    "Failed to get storage details at %s: %s", storage_uri, exc
+                )
+                continue
+
+            storage_id = storage_data.get("Id", "")
+            drives = []
+            for drive in storage_data.get("Drives", []):
+                drive_uri = drive.get("@odata.id", "")
+                if drive_uri:
+                    drives.append(drive_uri)
+
+            volumes = []
+            volumes_link = storage_data.get("Volumes", {}).get("@odata.id", "")
+            if volumes_link:
+                try:
+                    vol_url = f"{self._base_url}{volumes_link}"
+                    vol_response = self._session.get(vol_url, timeout=30)
+                    if vol_response.status_code == 200:
+                        vol_data = vol_response.json()
+                        for vol_member in vol_data.get("Members", []):
+                            vol_uri = vol_member.get("@odata.id", "")
+                            if vol_uri:
+                                volumes.append(vol_uri)
+                except Exception as exc:
+                    logger.warning("Failed to get volumes: %s", exc)
+
+            resources.append(
+                DiscoveredResource(
+                    resource_type="bare_metal_raid_config",
+                    unique_id=f"{endpoint}:{storage_id}",
+                    name=storage_data.get("Name", f"Storage {storage_id}"),
+                    provider=ProviderType.BARE_METAL,
+                    platform_category=PlatformCategory.BARE_METAL,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "storage_controllers": [
+                            ctrl.get("Name", "")
+                            for ctrl in storage_data.get(
+                                "StorageControllers", []
+                            )
+                        ],
+                        "drive_count": len(drives),
+                        "drives": drives,
+                        "volumes": volumes,
+                        "status": storage_data.get("Status", {}),
+                    },
+                )
+            )
+
+        return resources
+
+    @staticmethod
+    def _parse_architecture(proc_data: dict) -> CpuArchitecture:
+        """Parse CPU architecture from Redfish processor data.
+
+        Examines InstructionSet and Model fields to determine architecture.
+        """
+        instruction_set = proc_data.get("InstructionSet", "").lower()
+        model = proc_data.get("Model", "").lower()
+
+        if "aarch64" in instruction_set or "arm" in instruction_set:
+            return CpuArchitecture.AARCH64
+        if "arm" in model:
+            if "64" in model or "aarch64" in model or "v8" in model:
+                return CpuArchitecture.AARCH64
+            return CpuArchitecture.ARM
+
+        # Default to AMD64 for x86/x86_64/IA-32e
+        return CpuArchitecture.AMD64
diff --git a/src/iac_reverse/scanner/docker_swarm_plugin.py b/src/iac_reverse/scanner/docker_swarm_plugin.py
new file mode 100644
index 0000000..f733831
--- /dev/null
+++ b/src/iac_reverse/scanner/docker_swarm_plugin.py
@@ -0,0 +1,433 @@
+"""Docker Swarm provider plugin.
+
+Discovers services, networks, volumes, configs, and secrets from a Docker Swarm
+cluster using the docker-sdk-python library.
+"""
+
+import logging
+from typing import Callable, Optional
+
+import docker
+from docker.tls import TLSConfig
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ScanProgress,
+    ScanResult,
+)
+from iac_reverse.plugin_base import ProviderPlugin
+from iac_reverse.scanner.scanner import AuthenticationError
+
+logger = logging.getLogger(__name__)
+
+# Resource types supported by this plugin
+SUPPORTED_RESOURCE_TYPES = [
+    "docker_service",
+    "docker_network",
+    "docker_volume",
+    "docker_config",
+    "docker_secret",
+]
+
+# Mapping from Docker platform architecture strings to CpuArchitecture enum
+_ARCH_MAP: dict[str, CpuArchitecture] = {
+    "x86_64": CpuArchitecture.AMD64,
+    "amd64": CpuArchitecture.AMD64,
+    "aarch64": CpuArchitecture.AARCH64,
+    "arm64": CpuArchitecture.AARCH64,
+    "armv7l": CpuArchitecture.ARM,
+    "armhf": CpuArchitecture.ARM,
+    "arm": CpuArchitecture.ARM,
+}
+
+
+class DockerSwarmPlugin(ProviderPlugin):
+    """Provider plugin for Docker Swarm infrastructure discovery.
+
+    Connects to a Docker daemon (in Swarm mode) and enumerates services,
+    networks, volumes, configs, and secrets.
+
+    Expected credentials dict keys:
+        - host: Docker daemon URL (e.g., "tcp://192.168.1.10:2376")
+        - tls_verify: (optional) "true" or "false" to enable TLS verification
+        - cert_path: (optional) path to TLS certificates directory
+    """
+
+    def __init__(self) -> None:
+        self._client: Optional[docker.DockerClient] = None
+        self._host: str = ""
+
+    def authenticate(self, credentials: dict[str, str]) -> None:
+        """Connect to the Docker daemon using the provided credentials.
+
+        Args:
+            credentials: Dict with keys 'host' (required), 'tls_verify' (optional),
+                and 'cert_path' (optional).
+
+        Raises:
+            AuthenticationError: If connection to the Docker daemon fails.
+        """
+        host = credentials.get("host", "")
+        if not host:
+            raise AuthenticationError(
+                provider_name="docker_swarm",
+                reason="'host' is required in credentials",
+            )
+
+        tls_verify = credentials.get("tls_verify", "").lower() == "true"
+        cert_path = credentials.get("cert_path")
+
+        tls_config: Optional[TLSConfig] = None
+        if tls_verify or cert_path:
+            tls_config = TLSConfig(
+                verify=tls_verify,
+                client_cert=(
+                    (f"{cert_path}/cert.pem", f"{cert_path}/key.pem")
+                    if cert_path
+                    else None
+                ),
+                ca_cert=f"{cert_path}/ca.pem" if cert_path else None,
+            )
+
+        try:
+            self._client = docker.DockerClient(
+                base_url=host,
+                tls=tls_config if tls_config else False,
+            )
+            # Verify connection by pinging the daemon
+            self._client.ping()
+        except Exception as exc:
+            raise AuthenticationError(
+                provider_name="docker_swarm",
+                reason=str(exc),
+            ) from exc
+
+        self._host = host
+
+    def get_platform_category(self) -> PlatformCategory:
+        """Return CONTAINER_ORCHESTRATION platform category."""
+        return PlatformCategory.CONTAINER_ORCHESTRATION
+
+    def list_endpoints(self) -> list[str]:
+        """Return the Docker daemon host as the single endpoint."""
+        if self._host:
+            return [self._host]
+        return []
+
+    def list_supported_resource_types(self) -> list[str]:
+        """Return supported Docker Swarm resource types."""
+        return list(SUPPORTED_RESOURCE_TYPES)
+
+    def detect_architecture(self, endpoint: str) -> CpuArchitecture:
+        """Detect CPU architecture from Docker node info.
+
+        Queries the Docker daemon's system info to determine the architecture
+        of the Swarm node.
+
+        Args:
+            endpoint: The Docker daemon endpoint (used for context).
+
+        Returns:
+            CpuArchitecture enum value detected from node info.
+        """
+        if self._client is None:
+            return CpuArchitecture.AMD64
+
+        try:
+            info = self._client.info()
+            arch_str = info.get("Architecture", "x86_64").lower()
+            return _ARCH_MAP.get(arch_str, CpuArchitecture.AMD64)
+        except Exception:
+            logger.warning(
+                "Failed to detect architecture for endpoint %s, defaulting to AMD64",
+                endpoint,
+            )
+            return CpuArchitecture.AMD64
+
+    def discover_resources(
+        self,
+        endpoints: list[str],
+        resource_types: list[str],
+        progress_callback: Callable[[ScanProgress], None],
+    ) -> ScanResult:
+        """Discover Docker Swarm resources.
+
+        Enumerates services, networks, volumes, configs, and secrets
+        based on the requested resource_types.
+
+        Args:
+            endpoints: List of Docker daemon endpoints.
+            resource_types: Resource types to discover.
+            progress_callback: Callback for progress updates.
+
+        Returns:
+            ScanResult with discovered resources.
+        """
+        resources: list[DiscoveredResource] = []
+        warnings: list[str] = []
+        errors: list[str] = []
+
+        if self._client is None:
+            return ScanResult(
+                resources=[],
+                warnings=[],
+                errors=["Not authenticated. Call authenticate() first."],
+                scan_timestamp="",
+                profile_hash="",
+            )
+
+        endpoint = endpoints[0] if endpoints else self._host
+        architecture = self.detect_architecture(endpoint)
+        total_types = len(resource_types)
+
+        discovery_methods = {
+            "docker_service": self._discover_services,
+            "docker_network": self._discover_networks,
+            "docker_volume": self._discover_volumes,
+            "docker_config": self._discover_configs,
+            "docker_secret": self._discover_secrets,
+        }
+
+        for idx, resource_type in enumerate(resource_types):
+            method = discovery_methods.get(resource_type)
+            if method is None:
+                warnings.append(f"Unknown resource type: {resource_type}")
+                continue
+
+            try:
+                discovered = method(endpoint, architecture)
+                resources.extend(discovered)
+            except Exception as exc:
+                error_msg = f"Error discovering {resource_type}: {exc}"
+                errors.append(error_msg)
+                logger.error(error_msg)
+
+            progress_callback(
+                ScanProgress(
+                    current_resource_type=resource_type,
+                    resources_discovered=len(resources),
+                    resource_types_completed=idx + 1,
+                    total_resource_types=total_types,
+                )
+            )
+
+        return ScanResult(
+            resources=resources,
+            warnings=warnings,
+            errors=errors,
+            scan_timestamp="",
+            profile_hash="",
+        )
+
+    # ------------------------------------------------------------------
+    # Private discovery methods
+    # ------------------------------------------------------------------
+
+    def _discover_services(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover Docker Swarm services."""
+        resources: list[DiscoveredResource] = []
+        services = self._client.services.list()
+
+        for svc in services:
+            attrs = svc.attrs
+            spec = attrs.get("Spec", {})
+            task_template = spec.get("TaskTemplate", {})
+            container_spec = task_template.get("ContainerSpec", {})
+
+            resources.append(
+                DiscoveredResource(
+                    resource_type="docker_service",
+                    unique_id=attrs.get("ID", ""),
+                    name=spec.get("Name", ""),
+                    provider=ProviderType.DOCKER_SWARM,
+                    platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "image": container_spec.get("Image", ""),
+                        "replicas": spec.get("Mode", {})
+                        .get("Replicated", {})
+                        .get("Replicas", 1),
+                        "labels": spec.get("Labels", {}),
+                    },
+                    raw_references=self._extract_service_references(spec),
+                )
+            )
+
+        return resources
+
+    def _discover_networks(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover Docker networks."""
+        resources: list[DiscoveredResource] = []
+        networks = self._client.networks.list()
+
+        for net in networks:
+            attrs = net.attrs
+            resources.append(
+                DiscoveredResource(
+                    resource_type="docker_network",
+                    unique_id=attrs.get("Id", ""),
+                    name=attrs.get("Name", ""),
+                    provider=ProviderType.DOCKER_SWARM,
+                    platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "driver": attrs.get("Driver", ""),
+                        "scope": attrs.get("Scope", ""),
+                        "attachable": attrs.get("Attachable", False),
+                        "ingress": attrs.get("Ingress", False),
+                        "labels": attrs.get("Labels", {}),
+                    },
+                    raw_references=[],
+                )
+            )
+
+        return resources
+
+    def _discover_volumes(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover Docker volumes."""
+        resources: list[DiscoveredResource] = []
+        volumes = self._client.volumes.list()
+
+        for vol in volumes:
+            attrs = vol.attrs
+            resources.append(
+                DiscoveredResource(
+                    resource_type="docker_volume",
+                    unique_id=attrs.get("Name", ""),
+                    name=attrs.get("Name", ""),
+                    provider=ProviderType.DOCKER_SWARM,
+                    platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "driver": attrs.get("Driver", ""),
+                        "mountpoint": attrs.get("Mountpoint", ""),
+                        "labels": attrs.get("Labels", {}),
+                    },
+                    raw_references=[],
+                )
+            )
+
+        return resources
+
+    def _discover_configs(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover Docker configs (metadata only, no data content)."""
+        resources: list[DiscoveredResource] = []
+        configs = self._client.configs.list()
+
+        for cfg in configs:
+            attrs = cfg.attrs
+            spec = attrs.get("Spec", {})
+            resources.append(
+                DiscoveredResource(
+                    resource_type="docker_config",
+                    unique_id=attrs.get("ID", ""),
+                    name=spec.get("Name", ""),
+                    provider=ProviderType.DOCKER_SWARM,
+                    platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "labels": spec.get("Labels", {}),
+                        "created_at": attrs.get("CreatedAt", ""),
+                        "updated_at": attrs.get("UpdatedAt", ""),
+                    },
+                    raw_references=[],
+                )
+            )
+
+        return resources
+
+    def _discover_secrets(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover Docker secrets (metadata only, no secret data)."""
+        resources: list[DiscoveredResource] = []
+        secrets = self._client.secrets.list()
+
+        for secret in secrets:
+            attrs = secret.attrs
+            spec = attrs.get("Spec", {})
+            resources.append(
+                DiscoveredResource(
+                    resource_type="docker_secret",
+                    unique_id=attrs.get("ID", ""),
+                    name=spec.get("Name", ""),
+                    provider=ProviderType.DOCKER_SWARM,
+                    platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "labels": spec.get("Labels", {}),
+                        "created_at": attrs.get("CreatedAt", ""),
+                        "updated_at": attrs.get("UpdatedAt", ""),
+                    },
+                    raw_references=[],
+                )
+            )
+
+        return resources
+
+    @staticmethod
+    def _extract_service_references(spec: dict) -> list[str]:
+        """Extract resource references from a service spec.
+
+        Looks for network attachments, volume mounts, config references,
+        and secret references.
+        """
+        refs: list[str] = []
+
+        # Network references
+        networks = spec.get("TaskTemplate", {}).get("Networks", [])
+        for net in networks:
+            target = net.get("Target", "")
+            if target:
+                refs.append(f"network:{target}")
+
+        # Volume mount references
+        mounts = (
+            spec.get("TaskTemplate", {})
+            .get("ContainerSpec", {})
+            .get("Mounts", [])
+        )
+        for mount in mounts:
+            source = mount.get("Source", "")
+            if source:
+                refs.append(f"volume:{source}")
+
+        # Config references
+        configs = (
+            spec.get("TaskTemplate", {})
+            .get("ContainerSpec", {})
+            .get("Configs", [])
+        )
+        for cfg in configs:
+            config_id = cfg.get("ConfigID", "")
+            if config_id:
+                refs.append(f"config:{config_id}")
+
+        # Secret references
+        secrets = (
+            spec.get("TaskTemplate", {})
+            .get("ContainerSpec", {})
+            .get("Secrets", [])
+        )
+        for secret in secrets:
+            secret_id = secret.get("SecretID", "")
+            if secret_id:
+                refs.append(f"secret:{secret_id}")
+
+        return refs
diff --git a/src/iac_reverse/scanner/harvester_plugin.py b/src/iac_reverse/scanner/harvester_plugin.py
new file mode 100644
index 0000000..97771df
--- /dev/null
+++ b/src/iac_reverse/scanner/harvester_plugin.py
@@ -0,0 +1,458 @@
+"""Harvester provider plugin for HCI infrastructure discovery.
+
+Uses the Kubernetes Python client to interact with Harvester's K8s-based API,
+discovering virtual machines, volumes, images, and networks via custom resources.
+"""
+
+import logging
+from typing import Callable
+
+from kubernetes import client, config
+from kubernetes.client.rest import ApiException
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ScanProgress,
+    ScanResult,
+)
+from iac_reverse.plugin_base import ProviderPlugin
+from iac_reverse.scanner.scanner import AuthenticationError
+
+logger = logging.getLogger(__name__)
+
+# Harvester CRD API groups and versions
+HARVESTER_API_GROUP = "kubevirt.io"
+HARVESTER_VM_VERSION = "v1"
+HARVESTER_VM_PLURAL = "virtualmachines"
+
+HARVESTER_CDI_GROUP = "cdi.kubevirt.io"
+HARVESTER_CDI_VERSION = "v1beta1"
+HARVESTER_VOLUME_PLURAL = "datavolumes"
+
+HARVESTER_IMAGE_GROUP = "harvesterhci.io"
+HARVESTER_IMAGE_VERSION = "v1beta1"
+HARVESTER_IMAGE_PLURAL = "virtualmachineimages"
+
+HARVESTER_NETWORK_GROUP = "k8s.cni.cncf.io"
+HARVESTER_NETWORK_VERSION = "v1"
+HARVESTER_NETWORK_PLURAL = "network-attachment-definitions"
+
+# Default namespace for Harvester resources
+DEFAULT_NAMESPACE = "default"
+
+
+class HarvesterPlugin(ProviderPlugin):
+    """Provider plugin for SUSE Harvester HCI platform.
+
+    Harvester runs on top of Kubernetes and exposes its resources as CRDs.
+    This plugin uses the kubernetes Python client to authenticate via kubeconfig
+    and discover VMs, volumes, images, and networks.
+
+    Expected credentials:
+        kubeconfig_path: Path to the kubeconfig file for the Harvester cluster.
+        context: (optional) Kubernetes context name to use.
+    """
+
+    def __init__(self) -> None:
+        self._api_client: client.ApiClient | None = None
+        self._custom_api: client.CustomObjectsApi | None = None
+        self._core_api: client.CoreV1Api | None = None
+        self._kubeconfig_path: str | None = None
+        self._context: str | None = None
+
+    def authenticate(self, credentials: dict[str, str]) -> None:
+        """Authenticate with the Harvester cluster via kubeconfig.
+
+        Args:
+            credentials: Must contain 'kubeconfig_path'. May contain 'context'.
+
+        Raises:
+            AuthenticationError: If kubeconfig cannot be loaded or is invalid.
+        """
+        kubeconfig_path = credentials.get("kubeconfig_path")
+        if not kubeconfig_path:
+            raise AuthenticationError(
+                provider_name="harvester",
+                reason="'kubeconfig_path' is required in credentials",
+            )
+
+        context = credentials.get("context") or None
+        self._kubeconfig_path = kubeconfig_path
+        self._context = context
+
+        try:
+            self._api_client = config.new_client_from_config(
+                config_file=kubeconfig_path,
+                context=context,
+            )
+            self._custom_api = client.CustomObjectsApi(self._api_client)
+            self._core_api = client.CoreV1Api(self._api_client)
+        except Exception as exc:
+            raise AuthenticationError(
+                provider_name="harvester",
+                reason=f"Failed to load kubeconfig: {exc}",
+            ) from exc
+
+    def get_platform_category(self) -> PlatformCategory:
+        """Return HCI platform category for Harvester."""
+        return PlatformCategory.HCI
+
+    def list_endpoints(self) -> list[str]:
+        """Return the Harvester cluster API endpoint.
+
+        Extracts the server URL from the loaded kubeconfig.
+        """
+        if self._api_client is None:
+            return []
+        host = self._api_client.configuration.host or ""
+        return [host] if host else []
+
+    def list_supported_resource_types(self) -> list[str]:
+        """Return resource types supported by the Harvester plugin."""
+        return [
+            "harvester_virtualmachine",
+            "harvester_volume",
+            "harvester_image",
+            "harvester_network",
+        ]
+
+    def detect_architecture(self, endpoint: str) -> CpuArchitecture:
+        """Detect CPU architecture from Harvester cluster node info.
+
+        Queries the Kubernetes node list and inspects the architecture label.
+        Harvester typically runs on AMD64 (Dell PowerEdge servers).
+
+        Args:
+            endpoint: The cluster API endpoint (used for logging context).
+
+        Returns:
+            CpuArchitecture detected from node info.
+        """
+        if self._core_api is None:
+            return CpuArchitecture.AMD64
+
+        try:
+            nodes = self._core_api.list_node()
+            if nodes.items:
+                node = nodes.items[0]
+                arch = node.status.node_info.architecture
+                arch_lower = arch.lower() if arch else ""
+                if arch_lower in ("arm64", "aarch64"):
+                    return CpuArchitecture.AARCH64
+                elif arch_lower == "arm":
+                    return CpuArchitecture.ARM
+                else:
+                    return CpuArchitecture.AMD64
+        except ApiException as exc:
+            logger.warning(
+                "Failed to detect architecture from node info for %s: %s",
+                endpoint,
+                exc,
+            )
+
+        return CpuArchitecture.AMD64
+
+    def discover_resources(
+        self,
+        endpoints: list[str],
+        resource_types: list[str],
+        progress_callback: Callable[[ScanProgress], None],
+    ) -> ScanResult:
+        """Discover Harvester resources via Kubernetes CRDs.
+
+        Enumerates VMs, volumes, images, and networks from the Harvester cluster.
+
+        Args:
+            endpoints: List of cluster API endpoints.
+            resource_types: Resource types to discover.
+            progress_callback: Callback for progress updates.
+
+        Returns:
+            ScanResult with discovered resources.
+        """
+        resources: list[DiscoveredResource] = []
+        warnings: list[str] = []
+        errors: list[str] = []
+
+        endpoint = endpoints[0] if endpoints else ""
+        architecture = self.detect_architecture(endpoint)
+
+        total_types = len(resource_types)
+        completed = 0
+
+        discovery_map = {
+            "harvester_virtualmachine": self._discover_vms,
+            "harvester_volume": self._discover_volumes,
+            "harvester_image": self._discover_images,
+            "harvester_network": self._discover_networks,
+        }
+
+        for resource_type in resource_types:
+            progress_callback(
+                ScanProgress(
+                    current_resource_type=resource_type,
+                    resources_discovered=len(resources),
+                    resource_types_completed=completed,
+                    total_resource_types=total_types,
+                )
+            )
+
+            discover_fn = discovery_map.get(resource_type)
+            if discover_fn is None:
+                warnings.append(f"Unknown resource type: {resource_type}")
+                completed += 1
+                continue
+
+            try:
+                discovered = discover_fn(endpoint, architecture)
+                resources.extend(discovered)
+            except ApiException as exc:
+                error_msg = (
+                    f"Failed to discover {resource_type}: "
+                    f"HTTP {exc.status} - {exc.reason}"
+                )
+                errors.append(error_msg)
+                logger.error(error_msg)
+            except Exception as exc:
+                error_msg = f"Failed to discover {resource_type}: {exc}"
+                errors.append(error_msg)
+                logger.error(error_msg)
+
+            completed += 1
+
+        # Final progress update
+        progress_callback(
+            ScanProgress(
+                current_resource_type="",
+                resources_discovered=len(resources),
+                resource_types_completed=total_types,
+                total_resource_types=total_types,
+            )
+        )
+
+        return ScanResult(
+            resources=resources,
+            warnings=warnings,
+            errors=errors,
+            scan_timestamp="",
+            profile_hash="",
+        )
+
+    # ------------------------------------------------------------------
+    # Private discovery methods
+    # ------------------------------------------------------------------
+
+    def _discover_vms(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover Harvester virtual machines via kubevirt.io CRD."""
+        items = self._list_cluster_custom_objects(
+            group=HARVESTER_API_GROUP,
+            version=HARVESTER_VM_VERSION,
+            plural=HARVESTER_VM_PLURAL,
+        )
+
+        resources = []
+        for item in items:
+            metadata = item.get("metadata", {})
+            spec = item.get("spec", {})
+            name = metadata.get("name", "unknown")
+            namespace = metadata.get("namespace", DEFAULT_NAMESPACE)
+            uid = metadata.get("uid", f"{namespace}/{name}")
+
+            resources.append(
+                DiscoveredResource(
+                    resource_type="harvester_virtualmachine",
+                    unique_id=uid,
+                    name=name,
+                    provider=ProviderType.HARVESTER,
+                    platform_category=PlatformCategory.HCI,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "namespace": namespace,
+                        "running": spec.get("running", False),
+                        "spec": spec,
+                        "labels": metadata.get("labels", {}),
+                        "annotations": metadata.get("annotations", {}),
+                    },
+                    raw_references=self._extract_vm_references(spec),
+                )
+            )
+
+        return resources
+
+    def _discover_volumes(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover Harvester data volumes via cdi.kubevirt.io CRD."""
+        items = self._list_cluster_custom_objects(
+            group=HARVESTER_CDI_GROUP,
+            version=HARVESTER_CDI_VERSION,
+            plural=HARVESTER_VOLUME_PLURAL,
+        )
+
+        resources = []
+        for item in items:
+            metadata = item.get("metadata", {})
+            spec = item.get("spec", {})
+            name = metadata.get("name", "unknown")
+            namespace = metadata.get("namespace", DEFAULT_NAMESPACE)
+            uid = metadata.get("uid", f"{namespace}/{name}")
+
+            resources.append(
+                DiscoveredResource(
+                    resource_type="harvester_volume",
+                    unique_id=uid,
+                    name=name,
+                    provider=ProviderType.HARVESTER,
+                    platform_category=PlatformCategory.HCI,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "namespace": namespace,
+                        "spec": spec,
+                        "labels": metadata.get("labels", {}),
+                    },
+                    raw_references=[],
+                )
+            )
+
+        return resources
+
+    def _discover_images(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover Harvester VM images via harvesterhci.io CRD."""
+        items = self._list_cluster_custom_objects(
+            group=HARVESTER_IMAGE_GROUP,
+            version=HARVESTER_IMAGE_VERSION,
+            plural=HARVESTER_IMAGE_PLURAL,
+        )
+
+        resources = []
+        for item in items:
+            metadata = item.get("metadata", {})
+            spec = item.get("spec", {})
+            name = metadata.get("name", "unknown")
+            namespace = metadata.get("namespace", DEFAULT_NAMESPACE)
+            uid = metadata.get("uid", f"{namespace}/{name}")
+
+            resources.append(
+                DiscoveredResource(
+                    resource_type="harvester_image",
+                    unique_id=uid,
+                    name=name,
+                    provider=ProviderType.HARVESTER,
+                    platform_category=PlatformCategory.HCI,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "namespace": namespace,
+                        "display_name": spec.get("displayName", name),
+                        "url": spec.get("url", ""),
+                        "spec": spec,
+                        "labels": metadata.get("labels", {}),
+                    },
+                    raw_references=[],
+                )
+            )
+
+        return resources
+
+    def _discover_networks(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover Harvester networks via k8s.cni.cncf.io CRD."""
+        items = self._list_cluster_custom_objects(
+            group=HARVESTER_NETWORK_GROUP,
+            version=HARVESTER_NETWORK_VERSION,
+            plural=HARVESTER_NETWORK_PLURAL,
+        )
+
+        resources = []
+        for item in items:
+            metadata = item.get("metadata", {})
+            spec = item.get("spec", {})
+            name = metadata.get("name", "unknown")
+            namespace = metadata.get("namespace", DEFAULT_NAMESPACE)
+            uid = metadata.get("uid", f"{namespace}/{name}")
+
+            resources.append(
+                DiscoveredResource(
+                    resource_type="harvester_network",
+                    unique_id=uid,
+                    name=name,
+                    provider=ProviderType.HARVESTER,
+                    platform_category=PlatformCategory.HCI,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "namespace": namespace,
+                        "config": spec.get("config", ""),
+                        "labels": metadata.get("labels", {}),
+                    },
+                    raw_references=[],
+                )
+            )
+
+        return resources
+
+    def _list_cluster_custom_objects(
+        self, group: str, version: str, plural: str
+    ) -> list[dict]:
+        """List all custom objects across all namespaces.
+
+        Args:
+            group: API group (e.g., 'kubevirt.io').
+            version: API version (e.g., 'v1').
+            plural: Resource plural name (e.g., 'virtualmachines').
+
+        Returns:
+            List of resource items as dicts.
+        """
+        if self._custom_api is None:
+            return []
+
+        result = self._custom_api.list_cluster_custom_object(
+            group=group,
+            version=version,
+            plural=plural,
+        )
+        return result.get("items", [])
+
+    @staticmethod
+    def _extract_vm_references(spec: dict) -> list[str]:
+        """Extract resource references from a VM spec.
+
+        Looks for volume and network references in the VM template spec.
+        """
+        references: list[str] = []
+
+        template = spec.get("template", {})
+        template_spec = template.get("spec", {})
+
+        # Extract volume references
+        volumes = template_spec.get("volumes", [])
+        for volume in volumes:
+            if "dataVolume" in volume:
+                dv_name = volume["dataVolume"].get("name", "")
+                if dv_name:
+                    references.append(f"volume:{dv_name}")
+            if "persistentVolumeClaim" in volume:
+                pvc_name = volume["persistentVolumeClaim"].get("claimName", "")
+                if pvc_name:
+                    references.append(f"volume:{pvc_name}")
+
+        # Extract network references
+        networks = template_spec.get("networks", [])
+        for network in networks:
+            if "multus" in network:
+                net_name = network["multus"].get("networkName", "")
+                if net_name:
+                    references.append(f"network:{net_name}")
+
+        return references
diff --git a/src/iac_reverse/scanner/kubernetes_plugin.py b/src/iac_reverse/scanner/kubernetes_plugin.py
new file mode 100644
index 0000000..5c246ee
--- /dev/null
+++ b/src/iac_reverse/scanner/kubernetes_plugin.py
@@ -0,0 +1,454 @@
+"""Kubernetes provider plugin for infrastructure discovery.
+
+Uses the official kubernetes-client library to discover deployments, services,
+ingresses, config maps, persistent volumes, and namespaces from a Kubernetes
+cluster. Detects CPU architecture from node labels.
+"""
+
+import logging
+from typing import Callable
+
+from kubernetes import client, config
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ScanProgress,
+    ScanResult,
+)
+from iac_reverse.plugin_base import ProviderPlugin
+from iac_reverse.scanner.scanner import AuthenticationError
+
+logger = logging.getLogger(__name__)
+
+# Mapping from kubernetes.io/arch label values to CpuArchitecture enum
+_ARCH_LABEL_MAP: dict[str, CpuArchitecture] = {
+    "amd64": CpuArchitecture.AMD64,
+    "arm": CpuArchitecture.ARM,
+    "arm64": CpuArchitecture.AARCH64,
+    "aarch64": CpuArchitecture.AARCH64,
+}
+
+_SUPPORTED_RESOURCE_TYPES = [
+    "kubernetes_deployment",
+    "kubernetes_service",
+    "kubernetes_ingress",
+    "kubernetes_config_map",
+    "kubernetes_persistent_volume",
+    "kubernetes_namespace",
+]
+
+
+class KubernetesPlugin(ProviderPlugin):
+    """Kubernetes provider plugin using the official kubernetes-client.
+
+    Authenticates via kubeconfig file and discovers cluster resources
+    including deployments, services, ingresses, config maps, persistent
+    volumes, and namespaces.
+    """
+
+    def __init__(self) -> None:
+        self._api_client: client.ApiClient | None = None
+        self._core_v1: client.CoreV1Api | None = None
+        self._apps_v1: client.AppsV1Api | None = None
+        self._networking_v1: client.NetworkingV1Api | None = None
+
+    def authenticate(self, credentials: dict[str, str]) -> None:
+        """Load kubeconfig and initialize Kubernetes API clients.
+
+        Args:
+            credentials: Dict with keys:
+                - kubeconfig_path: Path to the kubeconfig file (required)
+                - context: Kubernetes context name (optional)
+
+        Raises:
+            AuthenticationError: If kubeconfig cannot be loaded.
+        """
+        kubeconfig_path = credentials.get("kubeconfig_path")
+        if not kubeconfig_path:
+            raise AuthenticationError(
+                provider_name="kubernetes",
+                reason="kubeconfig_path is required in credentials",
+            )
+
+        context = credentials.get("context") or None
+
+        try:
+            config.load_kube_config(
+                config_file=kubeconfig_path,
+                context=context,
+            )
+        except Exception as exc:
+            raise AuthenticationError(
+                provider_name="kubernetes",
+                reason=f"Failed to load kubeconfig from '{kubeconfig_path}': {exc}",
+            ) from exc
+
+        self._api_client = client.ApiClient()
+        self._core_v1 = client.CoreV1Api(self._api_client)
+        self._apps_v1 = client.AppsV1Api(self._api_client)
+        self._networking_v1 = client.NetworkingV1Api(self._api_client)
+
+    def get_platform_category(self) -> PlatformCategory:
+        """Return CONTAINER_ORCHESTRATION platform category."""
+        return PlatformCategory.CONTAINER_ORCHESTRATION
+
+    def list_endpoints(self) -> list[str]:
+        """Return node addresses as endpoints.
+
+        Returns:
+            List of node internal IP addresses or hostnames.
+        """
+        if self._core_v1 is None:
+            return []
+
+        try:
+            nodes = self._core_v1.list_node()
+            endpoints: list[str] = []
+            for node in nodes.items:
+                if node.status and node.status.addresses:
+                    for addr in node.status.addresses:
+                        if addr.type == "InternalIP":
+                            endpoints.append(addr.address)
+                            break
+                    else:
+                        # Fallback to first address
+                        endpoints.append(node.status.addresses[0].address)
+            return endpoints
+        except Exception as exc:
+            logger.warning("Failed to list node endpoints: %s", exc)
+            return []
+
+    def list_supported_resource_types(self) -> list[str]:
+        """Return all Kubernetes resource types this plugin can discover."""
+        return list(_SUPPORTED_RESOURCE_TYPES)
+
+    def detect_architecture(self, endpoint: str) -> CpuArchitecture:
+        """Detect CPU architecture from node labels.
+
+        Queries node labels for 'kubernetes.io/arch' to determine the
+        CPU architecture. Falls back to AMD64 if the label is not found.
+
+        Args:
+            endpoint: Node IP address or hostname to query.
+
+        Returns:
+            CpuArchitecture enum value for the node.
+        """
+        if self._core_v1 is None:
+            return CpuArchitecture.AMD64
+
+        try:
+            nodes = self._core_v1.list_node()
+            for node in nodes.items:
+                # Match node by address
+                if node.status and node.status.addresses:
+                    node_addresses = [
+                        addr.address for addr in node.status.addresses
+                    ]
+                    if endpoint in node_addresses:
+                        labels = node.metadata.labels or {}
+                        arch_label = labels.get(
+                            "kubernetes.io/arch",
+                            labels.get("beta.kubernetes.io/arch", "amd64"),
+                        )
+                        return _ARCH_LABEL_MAP.get(
+                            arch_label, CpuArchitecture.AMD64
+                        )
+        except Exception as exc:
+            logger.warning(
+                "Failed to detect architecture for endpoint '%s': %s",
+                endpoint,
+                exc,
+            )
+
+        return CpuArchitecture.AMD64
+
+    def discover_resources(
+        self,
+        endpoints: list[str],
+        resource_types: list[str],
+        progress_callback: Callable[[ScanProgress], None],
+    ) -> ScanResult:
+        """Discover Kubernetes resources across all namespaces.
+
+        Args:
+            endpoints: List of node addresses (used for architecture detection).
+            resource_types: List of resource type strings to discover.
+            progress_callback: Callable for progress updates.
+
+        Returns:
+            ScanResult with all discovered resources.
+        """
+        resources: list[DiscoveredResource] = []
+        warnings: list[str] = []
+        errors: list[str] = []
+
+        # Determine architecture from first endpoint
+        architecture = CpuArchitecture.AMD64
+        if endpoints:
+            architecture = self.detect_architecture(endpoints[0])
+
+        endpoint_str = endpoints[0] if endpoints else "cluster"
+        total_types = len(resource_types)
+
+        for idx, resource_type in enumerate(resource_types):
+            try:
+                discovered = self._discover_resource_type(
+                    resource_type, architecture, endpoint_str
+                )
+                resources.extend(discovered)
+            except Exception as exc:
+                error_msg = (
+                    f"Error discovering {resource_type}: {exc}"
+                )
+                errors.append(error_msg)
+                logger.error(error_msg)
+
+            progress_callback(
+                ScanProgress(
+                    current_resource_type=resource_type,
+                    resources_discovered=len(resources),
+                    resource_types_completed=idx + 1,
+                    total_resource_types=total_types,
+                )
+            )
+
+        return ScanResult(
+            resources=resources,
+            warnings=warnings,
+            errors=errors,
+            scan_timestamp="",
+            profile_hash="",
+        )
+
+    def _discover_resource_type(
+        self,
+        resource_type: str,
+        architecture: CpuArchitecture,
+        endpoint: str,
+    ) -> list[DiscoveredResource]:
+        """Discover resources of a specific type.
+
+        Args:
+            resource_type: The resource type string to discover.
+            architecture: Detected CPU architecture.
+            endpoint: Endpoint string for the resource.
+
+        Returns:
+            List of DiscoveredResource objects.
+        """
+        dispatch = {
+            "kubernetes_deployment": self._discover_deployments,
+            "kubernetes_service": self._discover_services,
+            "kubernetes_ingress": self._discover_ingresses,
+            "kubernetes_config_map": self._discover_config_maps,
+            "kubernetes_persistent_volume": self._discover_persistent_volumes,
+            "kubernetes_namespace": self._discover_namespaces,
+        }
+
+        handler = dispatch.get(resource_type)
+        if handler is None:
+            return []
+
+        return handler(architecture, endpoint)
+
+    def _discover_deployments(
+        self, architecture: CpuArchitecture, endpoint: str
+    ) -> list[DiscoveredResource]:
+        """Discover all deployments across namespaces."""
+        results: list[DiscoveredResource] = []
+        deployments = self._apps_v1.list_deployment_for_all_namespaces()
+
+        for dep in deployments.items:
+            name = dep.metadata.name
+            namespace = dep.metadata.namespace
+            results.append(
+                DiscoveredResource(
+                    resource_type="kubernetes_deployment",
+                    unique_id=f"{namespace}/{name}",
+                    name=name,
+                    provider=ProviderType.KUBERNETES,
+                    platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "namespace": namespace,
+                        "replicas": dep.spec.replicas if dep.spec else None,
+                        "labels": dict(dep.metadata.labels or {}),
+                    },
+                    raw_references=[
+                        f"kubernetes_namespace:{namespace}",
+                    ],
+                )
+            )
+
+        return results
+
+    def _discover_services(
+        self, architecture: CpuArchitecture, endpoint: str
+    ) -> list[DiscoveredResource]:
+        """Discover all services across namespaces."""
+        results: list[DiscoveredResource] = []
+        services = self._core_v1.list_service_for_all_namespaces()
+
+        for svc in services.items:
+            name = svc.metadata.name
+            namespace = svc.metadata.namespace
+            results.append(
+                DiscoveredResource(
+                    resource_type="kubernetes_service",
+                    unique_id=f"{namespace}/{name}",
+                    name=name,
+                    provider=ProviderType.KUBERNETES,
+                    platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "namespace": namespace,
+                        "type": svc.spec.type if svc.spec else None,
+                        "cluster_ip": svc.spec.cluster_ip if svc.spec else None,
+                        "labels": dict(svc.metadata.labels or {}),
+                    },
+                    raw_references=[
+                        f"kubernetes_namespace:{namespace}",
+                    ],
+                )
+            )
+
+        return results
+
+    def _discover_ingresses(
+        self, architecture: CpuArchitecture, endpoint: str
+    ) -> list[DiscoveredResource]:
+        """Discover all ingresses across namespaces."""
+        results: list[DiscoveredResource] = []
+        ingresses = self._networking_v1.list_ingress_for_all_namespaces()
+
+        for ing in ingresses.items:
+            name = ing.metadata.name
+            namespace = ing.metadata.namespace
+            results.append(
+                DiscoveredResource(
+                    resource_type="kubernetes_ingress",
+                    unique_id=f"{namespace}/{name}",
+                    name=name,
+                    provider=ProviderType.KUBERNETES,
+                    platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "namespace": namespace,
+                        "labels": dict(ing.metadata.labels or {}),
+                    },
+                    raw_references=[
+                        f"kubernetes_namespace:{namespace}",
+                    ],
+                )
+            )
+
+        return results
+
+    def _discover_config_maps(
+        self, architecture: CpuArchitecture, endpoint: str
+    ) -> list[DiscoveredResource]:
+        """Discover all config maps across namespaces."""
+        results: list[DiscoveredResource] = []
+        config_maps = self._core_v1.list_config_map_for_all_namespaces()
+
+        for cm in config_maps.items:
+            name = cm.metadata.name
+            namespace = cm.metadata.namespace
+            results.append(
+                DiscoveredResource(
+                    resource_type="kubernetes_config_map",
+                    unique_id=f"{namespace}/{name}",
+                    name=name,
+                    provider=ProviderType.KUBERNETES,
+                    platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "namespace": namespace,
+                        "data_keys": list((cm.data or {}).keys()),
+                        "labels": dict(cm.metadata.labels or {}),
+                    },
+                    raw_references=[
+                        f"kubernetes_namespace:{namespace}",
+                    ],
+                )
+            )
+
+        return results
+
+    def _discover_persistent_volumes(
+        self, architecture: CpuArchitecture, endpoint: str
+    ) -> list[DiscoveredResource]:
+        """Discover all persistent volumes (cluster-scoped)."""
+        results: list[DiscoveredResource] = []
+        pvs = self._core_v1.list_persistent_volume()
+
+        for pv in pvs.items:
+            name = pv.metadata.name
+            results.append(
+                DiscoveredResource(
+                    resource_type="kubernetes_persistent_volume",
+                    unique_id=name,
+                    name=name,
+                    provider=ProviderType.KUBERNETES,
+                    platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "capacity": (
+                            dict(pv.spec.capacity)
+                            if pv.spec and pv.spec.capacity
+                            else {}
+                        ),
+                        "access_modes": (
+                            list(pv.spec.access_modes)
+                            if pv.spec and pv.spec.access_modes
+                            else []
+                        ),
+                        "storage_class": (
+                            pv.spec.storage_class_name if pv.spec else None
+                        ),
+                        "labels": dict(pv.metadata.labels or {}),
+                    },
+                    raw_references=[],
+                )
+            )
+
+        return results
+
+    def _discover_namespaces(
+        self, architecture: CpuArchitecture, endpoint: str
+    ) -> list[DiscoveredResource]:
+        """Discover all namespaces."""
+        results: list[DiscoveredResource] = []
+        namespaces = self._core_v1.list_namespace()
+
+        for ns in namespaces.items:
+            name = ns.metadata.name
+            results.append(
+                DiscoveredResource(
+                    resource_type="kubernetes_namespace",
+                    unique_id=name,
+                    name=name,
+                    provider=ProviderType.KUBERNETES,
+                    platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "status": (
+                            ns.status.phase if ns.status else None
+                        ),
+                        "labels": dict(ns.metadata.labels or {}),
+                    },
+                    raw_references=[],
+                )
+            )
+
+        return results
diff --git a/src/iac_reverse/scanner/multi_provider_scanner.py b/src/iac_reverse/scanner/multi_provider_scanner.py
new file mode 100644
index 0000000..98f71e5
--- /dev/null
+++ b/src/iac_reverse/scanner/multi_provider_scanner.py
@@ -0,0 +1,140 @@
+"""Multi-provider scanner for infrastructure discovery.
+
+Coordinates scanning across multiple providers independently, handling
+partial failures gracefully. If one provider fails, scanning continues
+for all remaining providers. Successfully discovered resources are
+collected into a unified inventory, and failed providers are reported
+with error details.
+
+Implements Requirement 5.5: IF one or more Provider scans fail during a
+multi-provider scan, THEN THE Scanner SHALL complete scanning for all
+remaining Providers, include successfully discovered Resources in the
+inventory, and report which Providers failed along with the corresponding
+error details.
+"""
+
+import logging
+from dataclasses import dataclass, field
+from datetime import datetime, timezone
+from typing import Callable, Optional
+
+from iac_reverse.models import (
+    DiscoveredResource,
+    ScanProfile,
+    ScanProgress,
+    ScanResult,
+)
+from iac_reverse.plugin_base import ProviderPlugin
+from iac_reverse.scanner.scanner import Scanner
+
+logger = logging.getLogger(__name__)
+
+
+@dataclass
+class ProviderFailure:
+    """Details about a provider that failed during multi-provider scanning."""
+
+    provider_name: str
+    error_type: str
+    error_message: str
+
+
+@dataclass
+class MultiProviderScanResult:
+    """Result of scanning across multiple providers.
+
+    Contains all successfully discovered resources from providers that
+    completed scanning, plus details about any providers that failed.
+    """
+
+    resources: list[DiscoveredResource] = field(default_factory=list)
+    warnings: list[str] = field(default_factory=list)
+    errors: list[str] = field(default_factory=list)
+    failed_providers: list[ProviderFailure] = field(default_factory=list)
+    successful_providers: list[str] = field(default_factory=list)
+    scan_timestamp: str = ""
+
+
+@dataclass
+class ProviderScanEntry:
+    """A pairing of a ScanProfile with its corresponding ProviderPlugin."""
+
+    profile: ScanProfile
+    plugin: ProviderPlugin
+
+
+class MultiProviderScanner:
+    """Orchestrates infrastructure discovery across multiple providers.
+
+    Scans each provider independently. If one provider fails (auth error,
+    connection error, etc.), continues with remaining providers. Collects
+    all successfully discovered resources into a unified inventory and
+    reports which providers failed and why.
+    """
+
+    def __init__(self, entries: list[ProviderScanEntry]):
+        """Initialize with a list of provider scan entries.
+
+        Args:
+            entries: List of ProviderScanEntry, each pairing a ScanProfile
+                with its corresponding ProviderPlugin.
+        """
+        self.entries = entries
+
+    def scan(
+        self,
+        progress_callback: Optional[Callable[[ScanProgress], None]] = None,
+    ) -> MultiProviderScanResult:
+        """Execute scans across all configured providers.
+
+        Each provider is scanned independently. If a provider fails for
+        any reason (authentication, connection, timeout, validation, etc.),
+        the error is recorded and scanning continues with remaining providers.
+
+        Args:
+            progress_callback: Optional callable invoked with ScanProgress
+                updates from each provider scan.
+
+        Returns:
+            MultiProviderScanResult containing all successfully discovered
+            resources and details about any failed providers.
+        """
+        result = MultiProviderScanResult(
+            scan_timestamp=datetime.now(timezone.utc).isoformat(),
+        )
+
+        for entry in self.entries:
+            provider_name = entry.profile.provider.value
+            try:
+                scanner = Scanner(entry.profile, entry.plugin)
+                scan_result = scanner.scan(progress_callback=progress_callback)
+
+                # Collect successful resources
+                result.resources.extend(scan_result.resources)
+                result.warnings.extend(scan_result.warnings)
+                result.errors.extend(scan_result.errors)
+                result.successful_providers.append(provider_name)
+
+                logger.info(
+                    "Provider '%s' scan completed: %d resources discovered",
+                    provider_name,
+                    len(scan_result.resources),
+                )
+
+            except Exception as exc:
+                # Record the failure and continue with remaining providers
+                failure = ProviderFailure(
+                    provider_name=provider_name,
+                    error_type=type(exc).__name__,
+                    error_message=str(exc),
+                )
+                result.failed_providers.append(failure)
+
+                logger.warning(
+                    "Provider '%s' scan failed (%s): %s",
+                    provider_name,
+                    type(exc).__name__,
+                    exc,
+                )
+
+        return result
diff --git a/src/iac_reverse/scanner/scanner.py b/src/iac_reverse/scanner/scanner.py
new file mode 100644
index 0000000..0780135
--- /dev/null
+++ b/src/iac_reverse/scanner/scanner.py
@@ -0,0 +1,287 @@
+"""Scanner orchestrator for infrastructure discovery.
+
+Coordinates provider plugins to discover infrastructure resources,
+handling authentication, retries, progress reporting, and error recovery.
+"""
+
+import hashlib
+import logging
+import time
+from datetime import datetime, timezone
+from typing import Callable, Optional
+
+from iac_reverse.models import (
+    ScanProfile,
+    ScanProgress,
+    ScanResult,
+)
+from iac_reverse.plugin_base import ProviderPlugin
+
+logger = logging.getLogger(__name__)
+
+# ---------------------------------------------------------------------------
+# Custom Exceptions
+# ---------------------------------------------------------------------------
+
+
+class AuthenticationError(Exception):
+    """Raised when authentication with a provider fails."""
+
+    def __init__(self, provider_name: str, reason: str):
+        self.provider_name = provider_name
+        self.reason = reason
+        super().__init__(
+            f"Authentication failed for provider '{provider_name}': {reason}"
+        )
+
+
+class ConnectionLostError(Exception):
+    """Raised when the provider connection is lost during a scan."""
+
+    def __init__(self, partial_result: ScanResult):
+        self.partial_result = partial_result
+        super().__init__("Connection lost during scan; partial results available")
+
+
+class ScanTimeoutError(Exception):
+    """Raised when a scan operation exceeds the allowed timeout."""
+
+    def __init__(self, message: str = "Scan operation timed out"):
+        super().__init__(message)
+
+
+# ---------------------------------------------------------------------------
+# Scanner Orchestrator
+# ---------------------------------------------------------------------------
+
+# Default constants
+CONNECTION_TIMEOUT_SECONDS = 30
+MAX_RETRIES = 3
+INITIAL_BACKOFF_SECONDS = 1.0
+
+
+class Scanner:
+    """Orchestrates infrastructure discovery using a provider plugin.
+
+    Accepts a ScanProfile and an optional ProviderPlugin instance.
+    Handles authentication, progress reporting, retry logic with
+    exponential backoff, and graceful degradation on errors.
+    """
+
+    def __init__(
+        self,
+        profile: ScanProfile,
+        plugin: Optional[ProviderPlugin] = None,
+    ):
+        self.profile = profile
+        self.plugin = plugin
+
+    def scan(
+        self,
+        progress_callback: Optional[Callable[[ScanProgress], None]] = None,
+    ) -> ScanResult:
+        """Execute a full infrastructure scan.
+
+        Args:
+            progress_callback: Optional callable invoked per resource type
+                completion with a ScanProgress update.
+
+        Returns:
+            ScanResult containing discovered resources, warnings, and errors.
+
+        Raises:
+            AuthenticationError: If authentication with the provider fails.
+            ScanTimeoutError: If the connection attempt exceeds 30 seconds.
+            ValueError: If the scan profile is invalid.
+        """
+        # 1. Validate the scan profile (critical fields only)
+        validation_errors = self._validate_profile()
+        if validation_errors:
+            raise ValueError(
+                f"Invalid scan profile: {'; '.join(validation_errors)}"
+            )
+
+        if self.plugin is None:
+            raise ValueError("No provider plugin configured for scanning")
+
+        # 2. Authenticate with the provider (30 second timeout)
+        self._authenticate()
+
+        # 3. Determine resource types to scan
+        supported_types = self.plugin.list_supported_resource_types()
+        resource_types, warnings = self._resolve_resource_types(supported_types)
+
+        # 4. Determine endpoints
+        endpoints = self.profile.endpoints or self.plugin.list_endpoints()
+
+        # 5. Discover resources with retry logic
+        scan_result = self._discover_with_retries(
+            endpoints=endpoints,
+            resource_types=resource_types,
+            progress_callback=progress_callback,
+        )
+
+        # Merge any warnings from unsupported resource type filtering
+        scan_result.warnings = warnings + scan_result.warnings
+
+        # Set metadata
+        scan_result.scan_timestamp = datetime.now(timezone.utc).isoformat()
+        scan_result.profile_hash = self._compute_profile_hash()
+
+        return scan_result
+
+    def _authenticate(self) -> None:
+        """Authenticate with the provider plugin, enforcing a 30s timeout."""
+        provider_name = self.profile.provider.value
+        start_time = time.monotonic()
+
+        try:
+            self.plugin.authenticate(self.profile.credentials)
+        except Exception as exc:
+            elapsed = time.monotonic() - start_time
+            if elapsed >= CONNECTION_TIMEOUT_SECONDS:
+                raise ScanTimeoutError(
+                    f"Authentication with provider '{provider_name}' "
+                    f"timed out after {CONNECTION_TIMEOUT_SECONDS} seconds"
+                )
+            # Wrap any auth exception in our AuthenticationError
+            if isinstance(exc, AuthenticationError):
+                raise
+            raise AuthenticationError(
+                provider_name=provider_name,
+                reason=str(exc),
+            ) from exc
+
+        elapsed = time.monotonic() - start_time
+        if elapsed >= CONNECTION_TIMEOUT_SECONDS:
+            raise ScanTimeoutError(
+                f"Authentication with provider '{provider_name}' "
+                f"timed out after {CONNECTION_TIMEOUT_SECONDS} seconds"
+            )
+
+    def _resolve_resource_types(
+        self, supported_types: list[str]
+    ) -> tuple[list[str], list[str]]:
+        """Determine which resource types to scan and log warnings for unsupported ones.
+
+        Returns:
+            Tuple of (resource_types_to_scan, warnings_list)
+        """
+        warnings: list[str] = []
+
+        if self.profile.resource_type_filters is None:
+            # No filters: scan all supported types
+            return supported_types, warnings
+
+        # Filter requested types against supported types
+        valid_types: list[str] = []
+        for rt in self.profile.resource_type_filters:
+            if rt in supported_types:
+                valid_types.append(rt)
+            else:
+                warning_msg = (
+                    f"Unsupported resource type '{rt}' for provider "
+                    f"'{self.profile.provider.value}'; skipping"
+                )
+                warnings.append(warning_msg)
+                logger.warning(warning_msg)
+
+        return valid_types, warnings
+
+    def _discover_with_retries(
+        self,
+        endpoints: list[str],
+        resource_types: list[str],
+        progress_callback: Optional[Callable[[ScanProgress], None]],
+    ) -> ScanResult:
+        """Call the plugin's discover_resources with retry logic.
+
+        Retries up to MAX_RETRIES times with exponential backoff for
+        transient errors. On connection loss, returns partial inventory.
+        """
+        last_exception: Optional[Exception] = None
+
+        for attempt in range(MAX_RETRIES + 1):
+            try:
+                result = self.plugin.discover_resources(
+                    endpoints=endpoints,
+                    resource_types=resource_types,
+                    progress_callback=progress_callback or self._noop_callback,
+                )
+                return result
+            except ConnectionLostError:
+                # Connection lost: return partial results immediately
+                raise
+            except ConnectionError as exc:
+                # Connection lost during scan: build partial result
+                logger.warning(
+                    "Connection lost during scan (attempt %d/%d): %s",
+                    attempt + 1,
+                    MAX_RETRIES + 1,
+                    exc,
+                )
+                partial = ScanResult(
+                    resources=[],
+                    warnings=[f"Connection lost: {exc}"],
+                    errors=[str(exc)],
+                    scan_timestamp=datetime.now(timezone.utc).isoformat(),
+                    profile_hash=self._compute_profile_hash(),
+                    is_partial=True,
+                )
+                raise ConnectionLostError(partial_result=partial) from exc
+            except Exception as exc:
+                last_exception = exc
+                if attempt < MAX_RETRIES:
+                    backoff = INITIAL_BACKOFF_SECONDS * (2**attempt)
+                    logger.warning(
+                        "Transient error during scan (attempt %d/%d), "
+                        "retrying in %.1fs: %s",
+                        attempt + 1,
+                        MAX_RETRIES + 1,
+                        backoff,
+                        exc,
+                    )
+                    time.sleep(backoff)
+                else:
+                    logger.error(
+                        "Scan failed after %d attempts: %s",
+                        MAX_RETRIES + 1,
+                        exc,
+                    )
+
+        # All retries exhausted — return error result
+        return ScanResult(
+            resources=[],
+            warnings=[],
+            errors=[f"Scan failed after {MAX_RETRIES + 1} attempts: {last_exception}"],
+            scan_timestamp=datetime.now(timezone.utc).isoformat(),
+            profile_hash=self._compute_profile_hash(),
+            is_partial=True,
+        )
+
+    def _validate_profile(self) -> list[str]:
+        """Validate critical scan profile fields.
+
+        Only checks fields that prevent scanning entirely (e.g., missing
+        credentials). Unsupported resource types are handled as warnings
+        during the scan per Requirement 1.4.
+        """
+        errors: list[str] = []
+        if not self.profile.credentials:
+            errors.append("credentials must not be empty")
+        return errors
+
+    def _compute_profile_hash(self) -> str:
+        """Compute a stable hash of the scan profile for snapshot matching."""
+        content = (
+            f"{self.profile.provider.value}:"
+            f"{sorted(self.profile.credentials.items())}:"
+            f"{self.profile.endpoints}:"
+            f"{self.profile.resource_type_filters}"
+        )
+        return hashlib.sha256(content.encode()).hexdigest()[:16]
+
+    @staticmethod
+    def _noop_callback(progress: ScanProgress) -> None:
+        """No-op progress callback used when none is provided."""
+        pass
diff --git a/src/iac_reverse/scanner/synology_plugin.py b/src/iac_reverse/scanner/synology_plugin.py
new file mode 100644
index 0000000..240ce9d
--- /dev/null
+++ b/src/iac_reverse/scanner/synology_plugin.py
@@ -0,0 +1,482 @@
+"""Synology DSM provider plugin.
+
+Discovers shared folders, volumes, storage pools, replication tasks, and users
+from a Synology DiskStation Manager (DSM) appliance via its HTTP API.
+"""
+
+import logging
+from datetime import datetime, timezone
+from typing import Callable, Optional
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ScanProgress,
+    ScanResult,
+)
+from iac_reverse.plugin_base import ProviderPlugin
+from iac_reverse.scanner.scanner import AuthenticationError
+
+try:
+    from synology_dsm import SynologyDSM
+except ImportError:  # pragma: no cover
+    SynologyDSM = None  # type: ignore[assignment,misc]
+
+logger = logging.getLogger(__name__)
+
+# Resource type constants
+SYNOLOGY_SHARED_FOLDER = "synology_shared_folder"
+SYNOLOGY_VOLUME = "synology_volume"
+SYNOLOGY_STORAGE_POOL = "synology_storage_pool"
+SYNOLOGY_REPLICATION_TASK = "synology_replication_task"
+SYNOLOGY_USER = "synology_user"
+
+SUPPORTED_RESOURCE_TYPES = [
+    SYNOLOGY_SHARED_FOLDER,
+    SYNOLOGY_VOLUME,
+    SYNOLOGY_STORAGE_POOL,
+    SYNOLOGY_REPLICATION_TASK,
+    SYNOLOGY_USER,
+]
+
+
+class SynologyPlugin(ProviderPlugin):
+    """Provider plugin for Synology DiskStation Manager (DSM).
+
+    Connects to the Synology DSM API to discover storage infrastructure
+    including shared folders, volumes, storage pools, replication tasks,
+    and local users.
+
+    Expected credentials:
+        - host: DSM hostname or IP address
+        - port: DSM port (default "5001")
+        - username: DSM admin username
+        - password: DSM admin password
+        - use_ssl: "true" or "false" (default "true")
+    """
+
+    def __init__(self) -> None:
+        self._api: Optional[object] = None
+        self._host: str = ""
+        self._port: str = "5001"
+        self._use_ssl: bool = True
+        self._authenticated: bool = False
+
+    def authenticate(self, credentials: dict[str, str]) -> None:
+        """Authenticate with the Synology DSM API.
+
+        Args:
+            credentials: Dict with keys: host, port, username, password,
+                and optionally use_ssl.
+
+        Raises:
+            AuthenticationError: If connection or login fails.
+        """
+        host = credentials.get("host", "")
+        port = credentials.get("port", "5001")
+        username = credentials.get("username", "")
+        password = credentials.get("password", "")
+        use_ssl = credentials.get("use_ssl", "true").lower() == "true"
+
+        if not host:
+            raise AuthenticationError("synology", "host is required")
+        if not username:
+            raise AuthenticationError("synology", "username is required")
+        if not password:
+            raise AuthenticationError("synology", "password is required")
+
+        self._host = host
+        self._port = port
+        self._use_ssl = use_ssl
+
+        try:
+            if SynologyDSM is None:
+                raise AuthenticationError(
+                    "synology",
+                    "python-synology library is not installed",
+                )
+
+            api = SynologyDSM(
+                host,
+                int(port),
+                username,
+                password,
+                use_https=use_ssl,
+                verify_ssl=False,
+            )
+            # Attempt login
+            if not api.login():
+                raise AuthenticationError(
+                    "synology",
+                    f"Login failed for user '{username}' on {host}:{port}",
+                )
+            self._api = api
+            self._authenticated = True
+            logger.info("Authenticated with Synology DSM at %s:%s", host, port)
+        except AuthenticationError:
+            raise
+        except Exception as exc:
+            raise AuthenticationError(
+                "synology",
+                f"Failed to connect to DSM at {host}:{port}: {exc}",
+            ) from exc
+
+    def get_platform_category(self) -> PlatformCategory:
+        """Return STORAGE_APPLIANCE platform category."""
+        return PlatformCategory.STORAGE_APPLIANCE
+
+    def list_endpoints(self) -> list[str]:
+        """Return the DSM endpoint address."""
+        protocol = "https" if self._use_ssl else "http"
+        return [f"{protocol}://{self._host}:{self._port}"]
+
+    def list_supported_resource_types(self) -> list[str]:
+        """Return all Synology resource types this plugin can discover."""
+        return list(SUPPORTED_RESOURCE_TYPES)
+
+    def detect_architecture(self, endpoint: str) -> CpuArchitecture:
+        """Detect CPU architecture from Synology system info.
+
+        Queries the DSM information API to determine if the NAS
+        runs on ARM or AMD64 hardware.
+
+        Args:
+            endpoint: The DSM endpoint (used for context, not connection).
+
+        Returns:
+            CpuArchitecture.ARM for ARM-based models,
+            CpuArchitecture.AARCH64 for 64-bit ARM models,
+            CpuArchitecture.AMD64 for x86-64 models.
+        """
+        if self._api is None:
+            return CpuArchitecture.AMD64
+
+        try:
+            info = self._api.information
+            if info is None:
+                return CpuArchitecture.AMD64
+
+            # The model name or CPU info can indicate architecture
+            model = getattr(info, "model", "") or ""
+            cpu_name = getattr(info, "cpu_hardware_name", "") or ""
+
+            # Combine for matching
+            hw_info = f"{model} {cpu_name}".lower()
+
+            if "aarch64" in hw_info or "arm64" in hw_info:
+                return CpuArchitecture.AARCH64
+            elif "arm" in hw_info or "rtd" in hw_info or "alpine" in hw_info:
+                return CpuArchitecture.ARM
+            else:
+                return CpuArchitecture.AMD64
+        except Exception as exc:
+            logger.warning("Failed to detect architecture: %s", exc)
+            return CpuArchitecture.AMD64
+
+    def discover_resources(
+        self,
+        endpoints: list[str],
+        resource_types: list[str],
+        progress_callback: Callable[[ScanProgress], None],
+    ) -> ScanResult:
+        """Discover Synology resources from the DSM API.
+
+        Enumerates shared folders, volumes, storage pools, replication tasks,
+        and users based on the requested resource_types.
+
+        Args:
+            endpoints: List of DSM endpoints (typically one).
+            resource_types: Resource types to discover.
+            progress_callback: Callback for progress updates.
+
+        Returns:
+            ScanResult with discovered resources.
+        """
+        resources: list[DiscoveredResource] = []
+        warnings: list[str] = []
+        errors: list[str] = []
+
+        endpoint = endpoints[0] if endpoints else self.list_endpoints()[0]
+        architecture = self.detect_architecture(endpoint)
+
+        total_types = len(resource_types)
+        completed = 0
+
+        # Discovery dispatch table
+        discovery_methods = {
+            SYNOLOGY_SHARED_FOLDER: self._discover_shared_folders,
+            SYNOLOGY_VOLUME: self._discover_volumes,
+            SYNOLOGY_STORAGE_POOL: self._discover_storage_pools,
+            SYNOLOGY_REPLICATION_TASK: self._discover_replication_tasks,
+            SYNOLOGY_USER: self._discover_users,
+        }
+
+        for rt in resource_types:
+            progress_callback(
+                ScanProgress(
+                    current_resource_type=rt,
+                    resources_discovered=len(resources),
+                    resource_types_completed=completed,
+                    total_resource_types=total_types,
+                )
+            )
+
+            method = discovery_methods.get(rt)
+            if method is None:
+                warnings.append(f"Unsupported resource type: {rt}")
+                completed += 1
+                continue
+
+            try:
+                discovered = method(endpoint, architecture)
+                resources.extend(discovered)
+            except Exception as exc:
+                error_msg = f"Error discovering {rt}: {exc}"
+                errors.append(error_msg)
+                logger.error(error_msg)
+
+            completed += 1
+
+        # Final progress update
+        progress_callback(
+            ScanProgress(
+                current_resource_type="",
+                resources_discovered=len(resources),
+                resource_types_completed=completed,
+                total_resource_types=total_types,
+            )
+        )
+
+        return ScanResult(
+            resources=resources,
+            warnings=warnings,
+            errors=errors,
+            scan_timestamp=datetime.now(timezone.utc).isoformat(),
+            profile_hash="",
+        )
+
+    # ------------------------------------------------------------------
+    # Private discovery methods
+    # ------------------------------------------------------------------
+
+    def _discover_shared_folders(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover shared folders from DSM."""
+        resources: list[DiscoveredResource] = []
+
+        storage = self._api.storage
+        if storage is None:
+            return resources
+
+        # Access shared folders via the storage API
+        shares = getattr(storage, "shares", None)
+        if shares is None:
+            return resources
+
+        for share in shares:
+            name = share.get("name", "unknown")
+            resources.append(
+                DiscoveredResource(
+                    resource_type=SYNOLOGY_SHARED_FOLDER,
+                    unique_id=f"synology/shared_folder/{name}",
+                    name=name,
+                    provider=ProviderType.SYNOLOGY,
+                    platform_category=PlatformCategory.STORAGE_APPLIANCE,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "name": name,
+                        "path": share.get("path", ""),
+                        "desc": share.get("desc", ""),
+                        "encryption": share.get("is_encrypted", False),
+                        "recycle_bin": share.get("enable_recycle_bin", False),
+                        "vol_path": share.get("vol_path", ""),
+                    },
+                    raw_references=[],
+                )
+            )
+
+        return resources
+
+    def _discover_volumes(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover volumes from DSM."""
+        resources: list[DiscoveredResource] = []
+
+        storage = self._api.storage
+        if storage is None:
+            return resources
+
+        volumes = getattr(storage, "volumes", None)
+        if volumes is None:
+            return resources
+
+        for volume in volumes:
+            vol_id = volume.get("id", "unknown")
+            name = volume.get("display_name", vol_id)
+            resources.append(
+                DiscoveredResource(
+                    resource_type=SYNOLOGY_VOLUME,
+                    unique_id=f"synology/volume/{vol_id}",
+                    name=name,
+                    provider=ProviderType.SYNOLOGY,
+                    platform_category=PlatformCategory.STORAGE_APPLIANCE,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "id": vol_id,
+                        "display_name": name,
+                        "status": volume.get("status", ""),
+                        "fs_type": volume.get("fs_type", ""),
+                        "size_total": volume.get("size", {}).get("total", ""),
+                        "size_used": volume.get("size", {}).get("used", ""),
+                        "pool_path": volume.get("pool_path", ""),
+                    },
+                    raw_references=[
+                        f"synology/storage_pool/{volume.get('pool_path', '')}"
+                    ]
+                    if volume.get("pool_path")
+                    else [],
+                )
+            )
+
+        return resources
+
+    def _discover_storage_pools(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover storage pools from DSM."""
+        resources: list[DiscoveredResource] = []
+
+        storage = self._api.storage
+        if storage is None:
+            return resources
+
+        pools = getattr(storage, "storage_pools", None)
+        if pools is None:
+            return resources
+
+        for pool in pools:
+            pool_id = pool.get("id", "unknown")
+            name = pool.get("display_name", pool_id)
+            resources.append(
+                DiscoveredResource(
+                    resource_type=SYNOLOGY_STORAGE_POOL,
+                    unique_id=f"synology/storage_pool/{pool_id}",
+                    name=name,
+                    provider=ProviderType.SYNOLOGY,
+                    platform_category=PlatformCategory.STORAGE_APPLIANCE,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "id": pool_id,
+                        "display_name": name,
+                        "status": pool.get("status", ""),
+                        "raid_type": pool.get("raid_type", ""),
+                        "size_total": pool.get("size", {}).get("total", ""),
+                        "size_used": pool.get("size", {}).get("used", ""),
+                        "disk_count": len(pool.get("disks", [])),
+                    },
+                    raw_references=[],
+                )
+            )
+
+        return resources
+
+    def _discover_replication_tasks(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover replication tasks from DSM."""
+        resources: list[DiscoveredResource] = []
+
+        # Replication tasks are accessed via a separate API module
+        api = self._api
+        if api is None:
+            return resources
+
+        # Try to access replication info if available
+        replication = getattr(api, "replication", None)
+        if replication is None:
+            return resources
+
+        tasks = getattr(replication, "tasks", None)
+        if tasks is None:
+            return resources
+
+        for task in tasks:
+            task_id = task.get("id", "unknown")
+            name = task.get("name", task_id)
+            resources.append(
+                DiscoveredResource(
+                    resource_type=SYNOLOGY_REPLICATION_TASK,
+                    unique_id=f"synology/replication_task/{task_id}",
+                    name=name,
+                    provider=ProviderType.SYNOLOGY,
+                    platform_category=PlatformCategory.STORAGE_APPLIANCE,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "id": task_id,
+                        "name": name,
+                        "status": task.get("status", ""),
+                        "type": task.get("type", ""),
+                        "destination": task.get("destination", ""),
+                        "schedule": task.get("schedule", {}),
+                        "shared_folder": task.get("shared_folder", ""),
+                    },
+                    raw_references=[
+                        f"synology/shared_folder/{task.get('shared_folder', '')}"
+                    ]
+                    if task.get("shared_folder")
+                    else [],
+                )
+            )
+
+        return resources
+
+    def _discover_users(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover local users from DSM."""
+        resources: list[DiscoveredResource] = []
+
+        api = self._api
+        if api is None:
+            return resources
+
+        # Users are typically accessed via SYNO.Core.User API
+        users_api = getattr(api, "users", None)
+        if users_api is None:
+            return resources
+
+        users = getattr(users_api, "users", None)
+        if users is None:
+            return resources
+
+        for user in users:
+            username = user.get("name", "unknown")
+            resources.append(
+                DiscoveredResource(
+                    resource_type=SYNOLOGY_USER,
+                    unique_id=f"synology/user/{username}",
+                    name=username,
+                    provider=ProviderType.SYNOLOGY,
+                    platform_category=PlatformCategory.STORAGE_APPLIANCE,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "name": username,
+                        "description": user.get("description", ""),
+                        "email": user.get("email", ""),
+                        "expired": user.get("expired", False),
+                        "groups": user.get("groups", []),
+                    },
+                    raw_references=[],
+                )
+            )
+
+        return resources
diff --git a/src/iac_reverse/scanner/windows_plugin.py b/src/iac_reverse/scanner/windows_plugin.py
new file mode 100644
index 0000000..61217c8
--- /dev/null
+++ b/src/iac_reverse/scanner/windows_plugin.py
@@ -0,0 +1,825 @@
+"""Windows provider plugin for infrastructure discovery via WinRM.
+
+Uses pywinrm to connect to Windows machines and discover services,
+scheduled tasks, IIS sites, app pools, network adapters, firewall rules,
+installed software, Windows features, Hyper-V VMs, Hyper-V switches,
+DNS records, local users, and local groups.
+"""
+
+import json
+import logging
+from typing import Callable
+
+import winrm
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ScanProgress,
+    ScanResult,
+)
+from iac_reverse.plugin_base import ProviderPlugin
+from iac_reverse.scanner.scanner import AuthenticationError
+
+logger = logging.getLogger(__name__)
+
+
+# ---------------------------------------------------------------------------
+# Custom Exceptions
+# ---------------------------------------------------------------------------
+
+
+class WinRMNotEnabledError(Exception):
+    """Raised when WinRM is not enabled on the target host."""
+
+    def __init__(self, host: str, reason: str = ""):
+        self.host = host
+        self.reason = reason
+        super().__init__(
+            f"WinRM is not enabled or unreachable on host '{host}'"
+            + (f": {reason}" if reason else "")
+        )
+
+
+class WMIQueryError(Exception):
+    """Raised when a WMI query fails on the target host."""
+
+    def __init__(self, query: str, reason: str = ""):
+        self.query = query
+        self.reason = reason
+        super().__init__(
+            f"WMI query failed: '{query}'"
+            + (f": {reason}" if reason else "")
+        )
+
+
+class InsufficientPrivilegesError(Exception):
+    """Raised when the authenticated user lacks required privileges."""
+
+    def __init__(self, operation: str, reason: str = ""):
+        self.operation = operation
+        self.reason = reason
+        super().__init__(
+            f"Insufficient privileges for operation '{operation}'"
+            + (f": {reason}" if reason else "")
+        )
+
+
+# ---------------------------------------------------------------------------
+# Windows Discovery Plugin
+# ---------------------------------------------------------------------------
+
+WINDOWS_RESOURCE_TYPES = [
+    "windows_service",
+    "windows_scheduled_task",
+    "windows_iis_site",
+    "windows_iis_app_pool",
+    "windows_network_adapter",
+    "windows_firewall_rule",
+    "windows_installed_software",
+    "windows_feature",
+    "windows_hyperv_vm",
+    "windows_hyperv_switch",
+    "windows_dns_record",
+    "windows_local_user",
+    "windows_local_group",
+]
+
+
+class WindowsDiscoveryPlugin(ProviderPlugin):
+    """Provider plugin for discovering Windows infrastructure via WinRM.
+
+    Connects to Windows machines using pywinrm and discovers resources
+    through PowerShell commands and WMI queries executed over WinRM.
+
+    Expected credentials dict keys:
+        host: Target hostname or IP address
+        username: Windows username (domain\\user or user@domain)
+        password: Password for authentication
+        transport: Authentication transport - "ntlm" (default) or "kerberos"
+        port: WinRM port - "5985" (HTTP) or "5986" (HTTPS, default)
+        use_ssl: Whether to use SSL - "true" (default) or "false"
+    """
+
+    def __init__(self) -> None:
+        self._session: winrm.Session | None = None
+        self._host: str = ""
+        self._credentials: dict[str, str] = {}
+
+    def authenticate(self, credentials: dict[str, str]) -> None:
+        """Authenticate with the Windows host via WinRM.
+
+        Args:
+            credentials: Dict with keys: host, username, password,
+                transport (default "ntlm"), port (default "5986"),
+                use_ssl (default "true").
+
+        Raises:
+            AuthenticationError: If authentication fails.
+            WinRMNotEnabledError: If WinRM is not reachable.
+        """
+        host = credentials.get("host", "")
+        username = credentials.get("username", "")
+        password = credentials.get("password", "")
+        transport = credentials.get("transport", "ntlm")
+        port = credentials.get("port", "5986")
+        use_ssl = credentials.get("use_ssl", "true").lower() == "true"
+
+        if not host:
+            raise AuthenticationError("windows", "host is required")
+        if not username:
+            raise AuthenticationError("windows", "username is required")
+        if not password:
+            raise AuthenticationError("windows", "password is required")
+
+        self._host = host
+        self._credentials = credentials
+
+        scheme = "https" if use_ssl else "http"
+        endpoint = f"{scheme}://{host}:{port}/wsman"
+
+        try:
+            self._session = winrm.Session(
+                endpoint,
+                auth=(username, password),
+                transport=transport,
+                server_cert_validation="ignore" if use_ssl else "validate",
+            )
+            # Test connectivity with a simple command
+            result = self._session.run_ps("$env:COMPUTERNAME")
+            if result.status_code != 0:
+                stderr = result.std_err.decode("utf-8", errors="replace").strip()
+                if "access" in stderr.lower() or "denied" in stderr.lower():
+                    raise InsufficientPrivilegesError(
+                        "authenticate", stderr
+                    )
+                raise AuthenticationError("windows", stderr or "Authentication test failed")
+        except AuthenticationError:
+            raise
+        except InsufficientPrivilegesError as exc:
+            raise AuthenticationError("windows", str(exc)) from exc
+        except WinRMNotEnabledError:
+            raise
+        except Exception as exc:
+            error_msg = str(exc).lower()
+            if "connection" in error_msg or "refused" in error_msg or "unreachable" in error_msg:
+                raise WinRMNotEnabledError(host, str(exc)) from exc
+            raise AuthenticationError("windows", str(exc)) from exc
+
+    def get_platform_category(self) -> PlatformCategory:
+        """Return PlatformCategory.WINDOWS."""
+        return PlatformCategory.WINDOWS
+
+    def list_endpoints(self) -> list[str]:
+        """Return the single Windows host as the endpoint."""
+        return [self._host] if self._host else []
+
+    def list_supported_resource_types(self) -> list[str]:
+        """Return all 13 Windows resource types."""
+        return list(WINDOWS_RESOURCE_TYPES)
+
+    def detect_architecture(self, endpoint: str) -> CpuArchitecture:
+        """Detect CPU architecture via WMI Win32_Processor query.
+
+        Args:
+            endpoint: The Windows host to query.
+
+        Returns:
+            CpuArchitecture enum value.
+
+        Raises:
+            WMIQueryError: If the WMI query fails.
+        """
+        query = "Get-WmiObject Win32_Processor | Select-Object -First 1 -ExpandProperty Architecture"
+        result = self._run_powershell(query)
+
+        if result.status_code != 0:
+            stderr = result.std_err.decode("utf-8", errors="replace").strip()
+            raise WMIQueryError("Win32_Processor.Architecture", stderr)
+
+        arch_code = result.std_out.decode("utf-8", errors="replace").strip()
+
+        # WMI Architecture codes:
+        # 0 = x86, 5 = ARM, 9 = x64, 12 = ARM64
+        arch_map = {
+            "0": CpuArchitecture.AMD64,  # x86 mapped to amd64 for simplicity
+            "5": CpuArchitecture.ARM,
+            "9": CpuArchitecture.AMD64,
+            "12": CpuArchitecture.AARCH64,
+        }
+
+        return arch_map.get(arch_code, CpuArchitecture.AMD64)
+
+    def discover_resources(
+        self,
+        endpoints: list[str],
+        resource_types: list[str],
+        progress_callback: Callable[[ScanProgress], None],
+    ) -> ScanResult:
+        """Discover Windows resources via WinRM/PowerShell.
+
+        Args:
+            endpoints: List of Windows hosts to scan.
+            resource_types: List of resource type strings to discover.
+            progress_callback: Callable for progress updates.
+
+        Returns:
+            ScanResult with discovered resources, warnings, and errors.
+        """
+        all_resources: list[DiscoveredResource] = []
+        warnings: list[str] = []
+        errors: list[str] = []
+
+        total_types = len(resource_types)
+
+        for endpoint in endpoints:
+            # Detect architecture for this endpoint
+            try:
+                architecture = self.detect_architecture(endpoint)
+            except (WMIQueryError, Exception) as exc:
+                warnings.append(
+                    f"Could not detect architecture for {endpoint}: {exc}. "
+                    f"Defaulting to AMD64."
+                )
+                architecture = CpuArchitecture.AMD64
+
+            # Check if Hyper-V is installed (needed for hyperv resource types)
+            hyperv_installed = self._is_hyperv_installed()
+
+            for idx, resource_type in enumerate(resource_types):
+                try:
+                    # Skip Hyper-V resources if role not installed
+                    if resource_type in ("windows_hyperv_vm", "windows_hyperv_switch"):
+                        if not hyperv_installed:
+                            warnings.append(
+                                f"Skipping {resource_type}: Hyper-V role not installed on {endpoint}"
+                            )
+                            progress_callback(
+                                ScanProgress(
+                                    current_resource_type=resource_type,
+                                    resources_discovered=len(all_resources),
+                                    resource_types_completed=idx + 1,
+                                    total_resource_types=total_types,
+                                )
+                            )
+                            continue
+
+                    discovered = self._discover_resource_type(
+                        endpoint, resource_type, architecture
+                    )
+                    all_resources.extend(discovered)
+
+                except InsufficientPrivilegesError as exc:
+                    errors.append(
+                        f"Insufficient privileges for {resource_type} on {endpoint}: {exc}"
+                    )
+                except WMIQueryError as exc:
+                    errors.append(
+                        f"WMI query failed for {resource_type} on {endpoint}: {exc}"
+                    )
+                except Exception as exc:
+                    errors.append(
+                        f"Error discovering {resource_type} on {endpoint}: {exc}"
+                    )
+
+                progress_callback(
+                    ScanProgress(
+                        current_resource_type=resource_type,
+                        resources_discovered=len(all_resources),
+                        resource_types_completed=idx + 1,
+                        total_resource_types=total_types,
+                    )
+                )
+
+        return ScanResult(
+            resources=all_resources,
+            warnings=warnings,
+            errors=errors,
+            scan_timestamp="",
+            profile_hash="",
+        )
+
+    # -----------------------------------------------------------------------
+    # Private helpers
+    # -----------------------------------------------------------------------
+
+    def _run_powershell(self, script: str) -> winrm.Response:
+        """Execute a PowerShell script via WinRM.
+
+        Args:
+            script: PowerShell script to execute.
+
+        Returns:
+            winrm.Response object.
+
+        Raises:
+            WinRMNotEnabledError: If the session is not established.
+        """
+        if self._session is None:
+            raise WinRMNotEnabledError(self._host, "No active WinRM session")
+        return self._session.run_ps(script)
+
+    def _run_powershell_json(self, script: str) -> list[dict]:
+        """Execute a PowerShell script and parse JSON output.
+
+        The script should output ConvertTo-Json formatted data.
+
+        Args:
+            script: PowerShell script that outputs JSON.
+
+        Returns:
+            List of dicts parsed from JSON output.
+
+        Raises:
+            WMIQueryError: If the command fails.
+            InsufficientPrivilegesError: If access is denied.
+        """
+        result = self._run_powershell(script)
+
+        if result.status_code != 0:
+            stderr = result.std_err.decode("utf-8", errors="replace").strip()
+            if "access" in stderr.lower() or "denied" in stderr.lower() or "privilege" in stderr.lower():
+                raise InsufficientPrivilegesError(script, stderr)
+            raise WMIQueryError(script, stderr)
+
+        stdout = result.std_out.decode("utf-8", errors="replace").strip()
+        if not stdout:
+            return []
+
+        try:
+            data = json.loads(stdout)
+            if isinstance(data, dict):
+                return [data]
+            return data if isinstance(data, list) else []
+        except json.JSONDecodeError:
+            return []
+
+    def _is_hyperv_installed(self) -> bool:
+        """Check if the Hyper-V role is installed on the target.
+
+        Returns:
+            True if Hyper-V is installed, False otherwise.
+        """
+        script = (
+            "Get-WindowsFeature -Name Hyper-V | "
+            "Select-Object -ExpandProperty Installed | "
+            "ConvertTo-Json"
+        )
+        try:
+            result = self._run_powershell(script)
+            if result.status_code != 0:
+                return False
+            stdout = result.std_out.decode("utf-8", errors="replace").strip()
+            return stdout.lower() == "true"
+        except Exception:
+            return False
+
+    def _discover_resource_type(
+        self,
+        endpoint: str,
+        resource_type: str,
+        architecture: CpuArchitecture,
+    ) -> list[DiscoveredResource]:
+        """Discover resources of a specific type.
+
+        Args:
+            endpoint: The Windows host.
+            resource_type: The resource type to discover.
+            architecture: Detected CPU architecture.
+
+        Returns:
+            List of DiscoveredResource objects.
+        """
+        discovery_map = {
+            "windows_service": self._discover_services,
+            "windows_scheduled_task": self._discover_scheduled_tasks,
+            "windows_iis_site": self._discover_iis_sites,
+            "windows_iis_app_pool": self._discover_iis_app_pools,
+            "windows_network_adapter": self._discover_network_adapters,
+            "windows_firewall_rule": self._discover_firewall_rules,
+            "windows_installed_software": self._discover_installed_software,
+            "windows_feature": self._discover_windows_features,
+            "windows_hyperv_vm": self._discover_hyperv_vms,
+            "windows_hyperv_switch": self._discover_hyperv_switches,
+            "windows_dns_record": self._discover_dns_records,
+            "windows_local_user": self._discover_local_users,
+            "windows_local_group": self._discover_local_groups,
+        }
+
+        discover_fn = discovery_map.get(resource_type)
+        if discover_fn is None:
+            return []
+
+        return discover_fn(endpoint, architecture)
+
+    def _discover_services(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover Windows services."""
+        script = (
+            "Get-Service | Select-Object Name, DisplayName, Status, StartType | "
+            "ConvertTo-Json -Depth 2"
+        )
+        items = self._run_powershell_json(script)
+        resources = []
+        for item in items:
+            name = item.get("Name", "")
+            resources.append(
+                DiscoveredResource(
+                    resource_type="windows_service",
+                    unique_id=f"{endpoint}/service/{name}",
+                    name=name,
+                    provider=ProviderType.WINDOWS,
+                    platform_category=PlatformCategory.WINDOWS,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "display_name": item.get("DisplayName", ""),
+                        "status": str(item.get("Status", "")),
+                        "start_type": str(item.get("StartType", "")),
+                    },
+                )
+            )
+        return resources
+
+    def _discover_scheduled_tasks(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover Windows scheduled tasks."""
+        script = (
+            "Get-ScheduledTask | Where-Object {$_.TaskPath -notlike '\\\\Microsoft\\\\*'} | "
+            "Select-Object TaskName, TaskPath, State | "
+            "ConvertTo-Json -Depth 2"
+        )
+        items = self._run_powershell_json(script)
+        resources = []
+        for item in items:
+            name = item.get("TaskName", "")
+            task_path = item.get("TaskPath", "\\")
+            resources.append(
+                DiscoveredResource(
+                    resource_type="windows_scheduled_task",
+                    unique_id=f"{endpoint}/scheduled_task/{task_path}{name}",
+                    name=name,
+                    provider=ProviderType.WINDOWS,
+                    platform_category=PlatformCategory.WINDOWS,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "task_path": task_path,
+                        "state": str(item.get("State", "")),
+                    },
+                )
+            )
+        return resources
+
+    def _discover_iis_sites(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover IIS websites."""
+        script = (
+            "Import-Module WebAdministration; "
+            "Get-Website | Select-Object Name, ID, State, PhysicalPath | "
+            "ConvertTo-Json -Depth 2"
+        )
+        items = self._run_powershell_json(script)
+        resources = []
+        for item in items:
+            name = item.get("Name", "")
+            resources.append(
+                DiscoveredResource(
+                    resource_type="windows_iis_site",
+                    unique_id=f"{endpoint}/iis_site/{name}",
+                    name=name,
+                    provider=ProviderType.WINDOWS,
+                    platform_category=PlatformCategory.WINDOWS,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "site_id": str(item.get("ID", "")),
+                        "state": str(item.get("State", "")),
+                        "physical_path": item.get("PhysicalPath", ""),
+                    },
+                )
+            )
+        return resources
+
+    def _discover_iis_app_pools(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover IIS application pools."""
+        script = (
+            "Import-Module WebAdministration; "
+            "Get-ChildItem IIS:\\AppPools | "
+            "Select-Object Name, State, ManagedRuntimeVersion | "
+            "ConvertTo-Json -Depth 2"
+        )
+        items = self._run_powershell_json(script)
+        resources = []
+        for item in items:
+            name = item.get("Name", "")
+            resources.append(
+                DiscoveredResource(
+                    resource_type="windows_iis_app_pool",
+                    unique_id=f"{endpoint}/iis_app_pool/{name}",
+                    name=name,
+                    provider=ProviderType.WINDOWS,
+                    platform_category=PlatformCategory.WINDOWS,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "state": str(item.get("State", "")),
+                        "managed_runtime_version": item.get("ManagedRuntimeVersion", ""),
+                    },
+                )
+            )
+        return resources
+
+    def _discover_network_adapters(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover network adapters."""
+        script = (
+            "Get-NetAdapter | Select-Object Name, InterfaceDescription, "
+            "Status, MacAddress, LinkSpeed | "
+            "ConvertTo-Json -Depth 2"
+        )
+        items = self._run_powershell_json(script)
+        resources = []
+        for item in items:
+            name = item.get("Name", "")
+            resources.append(
+                DiscoveredResource(
+                    resource_type="windows_network_adapter",
+                    unique_id=f"{endpoint}/network_adapter/{name}",
+                    name=name,
+                    provider=ProviderType.WINDOWS,
+                    platform_category=PlatformCategory.WINDOWS,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "interface_description": item.get("InterfaceDescription", ""),
+                        "status": str(item.get("Status", "")),
+                        "mac_address": item.get("MacAddress", ""),
+                        "link_speed": item.get("LinkSpeed", ""),
+                    },
+                )
+            )
+        return resources
+
+    def _discover_firewall_rules(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover Windows firewall rules."""
+        script = (
+            "Get-NetFirewallRule | Where-Object {$_.Enabled -eq 'True'} | "
+            "Select-Object Name, DisplayName, Direction, Action, Profile | "
+            "ConvertTo-Json -Depth 2"
+        )
+        items = self._run_powershell_json(script)
+        resources = []
+        for item in items:
+            name = item.get("Name", "")
+            resources.append(
+                DiscoveredResource(
+                    resource_type="windows_firewall_rule",
+                    unique_id=f"{endpoint}/firewall_rule/{name}",
+                    name=item.get("DisplayName", name),
+                    provider=ProviderType.WINDOWS,
+                    platform_category=PlatformCategory.WINDOWS,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "rule_name": name,
+                        "direction": str(item.get("Direction", "")),
+                        "action": str(item.get("Action", "")),
+                        "profile": str(item.get("Profile", "")),
+                    },
+                )
+            )
+        return resources
+
+    def _discover_installed_software(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover installed software via registry."""
+        script = (
+            "Get-ItemProperty HKLM:\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\* | "
+            "Where-Object {$_.DisplayName -ne $null} | "
+            "Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | "
+            "ConvertTo-Json -Depth 2"
+        )
+        items = self._run_powershell_json(script)
+        resources = []
+        for item in items:
+            name = item.get("DisplayName", "")
+            resources.append(
+                DiscoveredResource(
+                    resource_type="windows_installed_software",
+                    unique_id=f"{endpoint}/installed_software/{name}",
+                    name=name,
+                    provider=ProviderType.WINDOWS,
+                    platform_category=PlatformCategory.WINDOWS,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "version": item.get("DisplayVersion", ""),
+                        "publisher": item.get("Publisher", ""),
+                        "install_date": item.get("InstallDate", ""),
+                    },
+                )
+            )
+        return resources
+
+    def _discover_windows_features(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover installed Windows features."""
+        script = (
+            "Get-WindowsFeature | Where-Object {$_.Installed -eq $true} | "
+            "Select-Object Name, DisplayName, FeatureType | "
+            "ConvertTo-Json -Depth 2"
+        )
+        items = self._run_powershell_json(script)
+        resources = []
+        for item in items:
+            name = item.get("Name", "")
+            resources.append(
+                DiscoveredResource(
+                    resource_type="windows_feature",
+                    unique_id=f"{endpoint}/feature/{name}",
+                    name=name,
+                    provider=ProviderType.WINDOWS,
+                    platform_category=PlatformCategory.WINDOWS,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "display_name": item.get("DisplayName", ""),
+                        "feature_type": item.get("FeatureType", ""),
+                    },
+                )
+            )
+        return resources
+
+    def _discover_hyperv_vms(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover Hyper-V virtual machines."""
+        script = (
+            "Get-VM | Select-Object Name, VMId, State, "
+            "MemoryAssigned, ProcessorCount, Generation | "
+            "ConvertTo-Json -Depth 2"
+        )
+        items = self._run_powershell_json(script)
+        resources = []
+        for item in items:
+            name = item.get("Name", "")
+            vm_id = str(item.get("VMId", ""))
+            resources.append(
+                DiscoveredResource(
+                    resource_type="windows_hyperv_vm",
+                    unique_id=f"{endpoint}/hyperv_vm/{vm_id}",
+                    name=name,
+                    provider=ProviderType.WINDOWS,
+                    platform_category=PlatformCategory.WINDOWS,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "vm_id": vm_id,
+                        "state": str(item.get("State", "")),
+                        "memory_assigned": str(item.get("MemoryAssigned", "")),
+                        "processor_count": str(item.get("ProcessorCount", "")),
+                        "generation": str(item.get("Generation", "")),
+                    },
+                )
+            )
+        return resources
+
+    def _discover_hyperv_switches(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover Hyper-V virtual switches."""
+        script = (
+            "Get-VMSwitch | Select-Object Name, Id, SwitchType, "
+            "NetAdapterInterfaceDescription | "
+            "ConvertTo-Json -Depth 2"
+        )
+        items = self._run_powershell_json(script)
+        resources = []
+        for item in items:
+            name = item.get("Name", "")
+            switch_id = str(item.get("Id", ""))
+            resources.append(
+                DiscoveredResource(
+                    resource_type="windows_hyperv_switch",
+                    unique_id=f"{endpoint}/hyperv_switch/{switch_id}",
+                    name=name,
+                    provider=ProviderType.WINDOWS,
+                    platform_category=PlatformCategory.WINDOWS,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "switch_id": switch_id,
+                        "switch_type": str(item.get("SwitchType", "")),
+                        "net_adapter": item.get("NetAdapterInterfaceDescription", ""),
+                    },
+                )
+            )
+        return resources
+
+    def _discover_dns_records(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover DNS records from local DNS server."""
+        script = (
+            "Get-DnsServerZone | ForEach-Object { "
+            "Get-DnsServerResourceRecord -ZoneName $_.ZoneName "
+            "-ErrorAction SilentlyContinue } | "
+            "Select-Object HostName, RecordType, "
+            "@{N='RecordData';E={$_.RecordData.IPv4Address.IPAddressToString}} | "
+            "ConvertTo-Json -Depth 3"
+        )
+        items = self._run_powershell_json(script)
+        resources = []
+        for item in items:
+            hostname = item.get("HostName", "")
+            record_type = item.get("RecordType", "")
+            resources.append(
+                DiscoveredResource(
+                    resource_type="windows_dns_record",
+                    unique_id=f"{endpoint}/dns_record/{hostname}/{record_type}",
+                    name=f"{hostname} ({record_type})",
+                    provider=ProviderType.WINDOWS,
+                    platform_category=PlatformCategory.WINDOWS,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "hostname": hostname,
+                        "record_type": record_type,
+                        "record_data": item.get("RecordData", ""),
+                    },
+                )
+            )
+        return resources
+
+    def _discover_local_users(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover local user accounts."""
+        script = (
+            "Get-LocalUser | Select-Object Name, Enabled, "
+            "Description, LastLogon | "
+            "ConvertTo-Json -Depth 2"
+        )
+        items = self._run_powershell_json(script)
+        resources = []
+        for item in items:
+            name = item.get("Name", "")
+            resources.append(
+                DiscoveredResource(
+                    resource_type="windows_local_user",
+                    unique_id=f"{endpoint}/local_user/{name}",
+                    name=name,
+                    provider=ProviderType.WINDOWS,
+                    platform_category=PlatformCategory.WINDOWS,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "enabled": str(item.get("Enabled", "")),
+                        "description": item.get("Description", ""),
+                        "last_logon": str(item.get("LastLogon", "")),
+                    },
+                )
+            )
+        return resources
+
+    def _discover_local_groups(
+        self, endpoint: str, architecture: CpuArchitecture
+    ) -> list[DiscoveredResource]:
+        """Discover local groups."""
+        script = (
+            "Get-LocalGroup | Select-Object Name, Description, SID | "
+            "ConvertTo-Json -Depth 2"
+        )
+        items = self._run_powershell_json(script)
+        resources = []
+        for item in items:
+            name = item.get("Name", "")
+            resources.append(
+                DiscoveredResource(
+                    resource_type="windows_local_group",
+                    unique_id=f"{endpoint}/local_group/{name}",
+                    name=name,
+                    provider=ProviderType.WINDOWS,
+                    platform_category=PlatformCategory.WINDOWS,
+                    architecture=architecture,
+                    endpoint=endpoint,
+                    attributes={
+                        "description": item.get("Description", ""),
+                        "sid": str(item.get("SID", "")),
+                    },
+                )
+            )
+        return resources
diff --git a/src/iac_reverse/state_builder/__init__.py b/src/iac_reverse/state_builder/__init__.py
new file mode 100644
index 0000000..98a99c0
--- /dev/null
+++ b/src/iac_reverse/state_builder/__init__.py
@@ -0,0 +1,5 @@
+"""State builder module for Terraform state file generation."""
+
+from iac_reverse.state_builder.state_builder import StateBuilder
+
+__all__ = ["StateBuilder"]
diff --git a/src/iac_reverse/state_builder/__pycache__/__init__.cpython-313.pyc b/src/iac_reverse/state_builder/__pycache__/__init__.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..d230ce7aab4eaac092f95175343901b97da89a5b
GIT binary patch
literal 338
zcmey&%ge<81dfOKvlavC#~=<2FhLogrGSj748aUV48e@SOx}!MOhrrz48hF$j77}p
zESjuUmcb>7C8-KYrI|S?sYMF8`6;D2sS0WNMG7IQMMa4~My^6JSV>wYP$E4wFSRJK
zBr`ux?<L3%O~zY1U=y4m1{5&^1^qNxZn4M5r{pKc$KO)VOiYe1N-aw*Do)h{n-mYV
z43!7g3DTCBlM^4mlHoJR_*>S_Rxv@Y0sb+;d5J}7&iN^+F~vp6F-T^{pqLpGAD@|*
ySrQ+wS5SG2!v^9VyCP6XF#>V1Fp&7b%*e=ilfnKegTn)E$qQUkjqF7nKyd)Xm1LCw

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/state_builder/__pycache__/state_builder.cpython-313.pyc b/src/iac_reverse/state_builder/__pycache__/state_builder.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..2763a24e6dbeb930606a93971ab4149e7bf8f028
GIT binary patch
literal 11807
zcmbVSTWlNIc|N>fMBPd2Vp$s9Y|)lz*^=Y6)|d6#^7^vAgcLWMiYa$Yj%3;t$($i=
z%R$<03ZzQ=5N{GU4jMF05g=N$Xq*CV{7@8IpbvQzqm9W<jbM=r&;|NHuiS2ur+)t#
z&XAPpO`Cyq=5Xem|D5xm|Ns8WnXT4VFT=I(-`cN#FwNL6=!bFHtCg+aqH>Rovk2oX
zVu@HUShz*pt=x*c?Sk#Ro!cdPXTRV$@8r(&F77(-=I-+z?m6$}-t#TI<-CvkBo?!T
z`;7r=_YoFrJ7m#+^Y&QB2s>1L$va~mu`UOG#kwPoJ#_bkC#o;&ZnYlW?5v+L9*A{@
zr|KG1tFeGFj>InRV625nY(I-QKW*VXy=;U<T>UKKK4jIK^WJ4^&?CQ$sVyj+%S&0l
zBB^;fuSiR&v?5(Cq|!-+OB3`$&Pz8HuBNgXX*L-0dS6pA3P)2_lBJt+I+c`~(#T&!
z$E&GKQk9mgJ(3bv)NFw#FhV+;xS@LUSt)-_NpUHW<#?CNW|FDQvXoBURHRg9iOXu9
z7ZUjbSIn-eR8Xl+j%RPCFv%%dRa46uCFw0>QlBrNUsB2BQ%fn#IV3GyOR18Qk*}sP
z-`YGeE>{xS<xJ|1A}P01YMw|Mvs1mdQu%AyLSB;dd1WOhUg}-ALQKM(S3=$oiJ6yz
z7Oh*AGpRgC#cN{+U7G(?HmOv(1@46vwUEwh?WdKTlEEAktFLi6cTMX$ol+B7uvkf=
ziC~X5d?kGOjdQ2x!|_P;%9YFEh56I*@O<QQG<<44zVO*A^AXK&G!83iIS=~kwNy^?
zMrar3GkLzMc|`pTHdGs|k%=svT$tZREa=eOIq>mTmM1l*swB9Q*Btrm4JD)5ZYZl-
zOG4qq(*%eosv;+DLd{UyIty94$6^dB#7KR(En?;N$j*o@=7`uMj#+!e+0U-quUoh?
z=8D*3?wBX$h&g7hqy+RoYb7DQZZ}oL8*#^4(9#q08SOyDLv46##2agiw8YvYc!xF}
zv+hW%c+)9*wZ*zXy+x-UX&1lTv2J}FDkB{+Kl%k`y^&7QZ%3pn)+OfU5UuQyZt=V)
z;*a%40vKfn<}BWc^|&KF;(g!$aXebFPT3vl6+Qc_bN6Faed5W^NIxG~b_54BpV+%s
zbv^u$SR!wN!{R}`AlH;ut!e9QP+H>I6)06wF_e$g7xE1WRH4Hs6A2}kCk<{Uqm$A$
z8J(2mOw!c2xB&-HPN+@Ddxd9{g@gbEQ{*I4Ap<y$%}z>H?TkjxorZpA6nR;hlvIVM
z<n*xvVgRqc7-%m~ff%qyQsl%nQ!RlAq<K=(R3K@YGzjZ4bU{S}z)nKWWU@dXMOu+_
zIVCAgtfYVv%}}EbE~G36hM2fehgSL3oD!5|ppbGqkuD@bQ81WhQ`-T-q&$}sHvmS}
zxxV#QA*0VB4(<!(R^NJyaD}I?7V=8St99lL2sRk2IiY_Ap1G8$;x)FPF{<0}zcq;B
z9(%JRjk|vBXHk}hc<9%%C1}0#&N+f4z%u}jrYSb2Do-Q;d|93IO1PdIeGZ_h)L~`g
zZcD&HW#uY3ps!HSAUZWZgdjdkGD#XW9yt&?9GV^pc`v<d)w<%(4X1U-pJ!3fs@YW~
zy~JVim`W>`B<+<`bFuLJmCLb6M&?T-xG|L{VktQR-qI}bo6s*_HD8UtLb+AV9gnBL
zmUvtXH1NZCe3C}%Lh&}Mw6W3I_uWI~xua|LpSq<jJY@-!$M`{eA@*Yum3wT_d>3Wm
z`hCM&x(xd~#)6hRzY2>D7CV!M^^vkmP>`yynu1ajvNQ~#Zk4fj^Q07{C94vQn=IuE
zIoNDam@s<Q*`Z0OkE~`hLFv{tm>6%9COQ>enSmKAFxsRlB=kb0Gx7>l6$pUNL<&lf
zOUtQ@3X-d02?kN=mJDlKRgsXFc9B-c`>_6?g_DP*5}PEx6Q$N=EV-r|+EByBJm25~
z(FmY;n?37b9sawgOa95Ce{!>ZYQsInNjEgNF`owgA-_-T*FT_gk3}tE+_ztb3nmY-
z7qkcyjcu1<vW(tIEOOa`5e#3muKl9Z_(ATM3~7s4Bev#k+gQXtW1F>(F&G7>yowH|
zt|^Hdw3kq7j?FigN|;v%cu+jKs**xdNabs7AvQW^$uE*pOLN{S=^WHm$7o0oi3B-5
ztCP~DYzDgzEWULu1*b13CzPpdCcSE6DiGi~U#t#QgH_tbMB_rPK%Wr02DbavLN1r(
zd4g69rlScd1VphOt_(6dN<Hs75#%I@N5U!)idJ#%WSyR*)Hso*)tmYelFls&b5Z})
z<O2!wnL8(5Y(|WE)va8b5G<^5HF)MuyV*{#Vb7iMJv2rmFP`T>(7K?ppk4ErJES>C
zVRKrmK~V6Ow?MdpR-tKp6!j{0>iXu3*DYM@YtXd%S5fLHqW}yJvX0(T`!N32drQHW
zi@}#m!IQ<{$x`rCF?gzCwfWmBKIZe6T84`)!|w-Q+iZF5gN{JCYxu!LY2>Bi$V(f;
zM=H!RH-@5fyyCE<1GBeMua16QUt7pgAq*h@*dc7X)?vt$VH6Yfy5z>>NDsH30BP?b
z(t-WMPyLEoo8fOad&90;r@;|KQX`CIPdC#}Q-eYGB48$JZ`LYmk6SN}=}}h3k+Dy+
zj1!}pnr+O4F^m;rEaQqg!=BnxqZW0A4F}qIg!_JG#A)Hyy2sUO)MZ!_M0$vADbj<*
zX>ZcfX0*(>_p^-WMSMAX7c=yNMrRWmUV}yf9LfE2w8iAm6>!HJCTqFv0%}?ChD`Ui
ztBuXrGOde<PxUKIhGE+ku|`{?zC*OTxWwA@YD3wKGjBebwHmVpZ&olr7A8Zp?TUJ%
zj;J&0j@XXaGi^~%Gg?tIZU?2W>0DmiWe{2<Gb66BRISwAYB9Spn@sy6DWkX|cFYR0
zv;B%VqU}*n#CgOq1{sy`pRq5opi7Q|@xpPF<T|fR2S^dE3s<xjW0NuoyZw9k$-m3R
z4S7E!bMg-0cfcD?XP1|&fGs?A!(5w|Mh_gw|EzjBaIl~Aa)5vGO*xeo#^`1W4h`DB
zz;OmD<PeIkHn^~L@S&Rp9ZJY063nRbhC-l;f?Az$BAdx8xAVwokoPJ;r)pEo@Iu7r
zAd$(#+aZ_8z*<Zg@er>Iyb)9pneCvZQ#76$;Sj7F1x`q0U@ov%s*)GIiGm8_wIUm!
zCt=F^PFJI%=dGGRaSHO`kfUh^$rZS1$yMEmi1;dXM<fU&!P{*7I()bZtXs2$?(CZv
z-dg?Qq&?&69^Lh<3E7-9t_JPGq-Z{a4P->Mo(49=udc?cIgGZ(rF=;E{UJOUhHQhY
z8dM1Xo-z&;25PQqT&Q`B5!7I}a31+f=*M@XAcI%Scc_{d%uDLwhUU>nhX0~DDelW8
zwLm;4BQS_J&V>hw93h!zC+}8s3Q6Xg>y|Fw2vkH65f>bY3l~bWVcRr&p#bs@DrY%?
zH}6Fe?9ff_K6*g$0H++CX5kzN&G-TOVZ+4vL8`f`o2j$YZMY&7_K|<BbsNjC^W!y#
zm;^rz0%`{e5|;W)H}MWJZLLd4g+L93hs3iyb>!ebjQS)S+r4Ig-z`<#Y<%zcFaOQu
zEt~bQR~wtT|M?$%;UB;77njyfe)YmvF5K_@^Gn~oT(L1vpu*6g;$`P8uUj?{7IpWQ
zx_7_dy?gCc**9A9g^Iq=y844JzWc>TS2ukpOTM#3-`O8`KlWXGYGeLA7^i=*)HhS?
zo7tE>z1cUv)>d({@jYv<a__G1w12yO?QD5yv@|qb9GZUEyE!yh^bM??{aN?U4|;}5
zJyXS=sf`_>b@`$DN3B0>UH{_^{|QX0bL^Rub@qI-?VYx=|76*}r|j>4=CXHoVVa$R
zQpZHGW1`ftzu2+A9GKYfA9!Z7c6L2Qm%b1Dy(Ry?qJLkxZ@9cGSe`gh9-69nSYWck
z9D%mAc{nGn{;yv8%BA~<9{Yx$PO-j;X9rpLj&CHtdHrkGzn<Rg8eMb!vc0$L50nQ-
zN`r@rgNMr9{<42(dB?7&EzS;ag*iRm-+UCYfNd(t$zS^CgZ97gL{XCoAr1*jHyIbT
zB-6L`a}*6hrKOouV;UI8qDcjzL=#8EZ0UsgY37PJ%@!`SAU|^3^=4PpW|-xSd(m`F
zFkaiXruYdHYYCH_Zo6Q3T~RxXujPmfp|DlH3y~Cp3iC!O8UUFNJ3`(Cipf&aOp%%x
z++YC=h55v&0NRDzEk+TEZj-!@+y({0v^nXboYO;c$|zGjG<95R5^GSTlFnvt6mnJk
zZ@{J+7McW2fFgnojrCbH!j!%m{h4VybbCRDfy|^>#S4tWyhssH3ZCGdS{sWbqmx3s
z*DTL|?lfW@mky4#;6k8ei($wJVZCM!OV#|Ul2MUvx~ar#Pj#&GnO+ETdO;5-;pWFt
zX!c|(k>{VL>YxF1Fdj`PAw?u0EM8BGlMst(3cCQ(lwJ^!x=q3OWqLsa@h}w;6e{&L
z;ZtBIKZ!@%@(<5jfq$XSe~be8huy4ia{cTNF1~wlvv+Q-6=<}h|Nca&f2!C&wHXMl
zd4X}#SZV0h;?S$_&20`{+HeoxQSU&hXMeG0f7$2X7<(DW+v{EPJ#!-*D)*0+`lpNi
z)8+m><zA`OySLc8x7;&a9zImw87%jWKW%ptw75N95jlxPH6%F*1q6PO-J!rJV}&-8
z)!lYQanu#H8u|=38%YLeV+Wd^(+^NqYgx)_T2;lFNII!!890)h60$w!enALDZUVlM
zk=&GUbbz1Blq<?hH!|5<@Mettm2zmOi16GvdZ2tT9X(7!K5_IgN&P3Kx}%2%oi~S3
zbv;=sq|<d{lXSu3lR5c{db+Ke33$Dla5D+eI5eGW)pe3<YtA#|<>TNTj(Pm?CFoL}
zgwpbYHeK$79DB@ODs2MfOP4GPsI`3!Hu;k!{y)({9Yz6TJ;0=qHBZ^?E4hb@?%@Y}
z*RMVdzVAL-ZtvZ2_v#U}EqnF4=FD+rDRrCw0s1vW%OvYUDBK7o{?OBCRu=J0zl^BU
zi16h90*qV2reQJKA(vULBDyUxCL+W6sMYM}LO-jB0__y>UA9E+h>z`IJl}p9lvX^8
zrcsJ|W-Spb4n*9GWDdpEZH{S}DRZ<=jAm;Z!<i;cs?W|kK4Ha(S)ndXV(B;Es2M**
zgkNNh6iq|7org(q_u@Cuy4zSu)M2au+?%a(?{;1G*!|-932Fl`oa2|lb6eCUvWE7C
z`F=`|U@!i=eqVM_KJm_nVI@(($?i=B={%C{n$*`Rl2BqK`!kA4**Q4D`iZPKM>3BQ
zAb`3Wf+B}ilJG!D<b|cls5z=mkV;O9NKhmc)r6duc{KpjWw()pp_T}%NU*CW(g2V-
z38z?vl>(vxGQ*_QB6DcGuW2<@ct6<xT=sqj54Vt>VaF|_Oafd+DPIGb%OH2VV0{^H
zZnAq0?6<GVH+I;zWC>a>y~~0&%^I54TvZg)JeX`eoxO!)2wnBx)*W)sQHnlq=lF4L
zwh;iDfJx{mj>YA)dOT$Ias!Z6N<94fLjnV4>*@OW=!yF-_`iXH`>T)r6WZvB->7!9
z_|vX{MYAkwmd{-ZdNpqf-V|IN1cZD6Z#4(fw=1gV5R=qwa%NQ<h|FJ#oLe~e#(ezb
z!b14mt5F;cUqN*~d?~_@q8I-x6%zILD4D{FIQb8Hb<B&=yU$TUki$uBGzUHjC@7k*
zDh3F@^4By=O0(1GJb@;{8#YbvD>_2bFxv3%WYBM^zlP%1Fu#80+i^GX?b%X`RBVyT
zgTvoReJl0XH{S8ywf$^%?!oQ{z3ZLpGwb7sDc-Z)^_2&PzH{zd=l<%#UC)#59nXl9
zzZyNU<-q-8X7hJFr2>IUV6fyLEBePC#NPKG{AKs9`^xtgO5J;l-FwRvHcS=$Q|rom
zM;`kxJ_!sxaC|Rc3QTSWCZCK>u16n_&V0*t-|}SV_=Du%oi6P>u(|U<c|a-+94ZbR
zDobPQZ4c!~mWS%2;f>u#AEo}sX5BTo<zQp8AN8@Jz1UOVumJQ1_@=!T@J+^9*mNj&
zbDQ2QMyRC|GmfYO0xm<qDP0L_+b^UkX|!#Z0a!?5y2#tOI0`^B!5m3U_qGoBY4&k9
zPjU+L;1&r%&zs+%qYwdZR{(DIreN+dC_)_}MlDQ2OX0J;gU)&cv0$8});wJ~nS|G?
z;=vM*zn~2I!E(JPNuEnKgNy_`;(DK4%FBFN!NXJr{_=}yE2<ZnCi1U=KPz+Q*dikz
zGJNhhxzH~@$<QMMv+wU8lo&nhk|h7nK%}|1^hxU%z}v`Dfw=ex#s&`Ri5rj3PB=cb
zAVBxu31|#VfoQQh|DAkw&5m7B`5CG@bs}0@l~{gB@KtkF_qh>Vs_xet)U)vfyh%XO
z12Izn3{3&EyV>aYny=ixyVSn7*uHoDrP97*#eK&f@y+&E*X+OO?m^lkFkA|Z7X#xD
z65n6>?#gChcI`~LJ+Rq6{A76c;Tu0%{Ndu}@X5Pv<z1ttT?dN04r~k@d^r5@(#FiG
zjsDYjUFGinpLU1JeyQZ&Q}pjycRlt`KW%0H-U^O22R7V0bs#XkGfd2M?*9ot?y*7g
z&M@iim*G=2JE@FV3^mGF>rw{Ri1-Z0csIs|S?!#1(NynQtBc9V*~6bQJ+o%YO6Qq|
zCnT{UwrpKu$819kw$m=3!j!L2QcjYq*-kUIg`z3TIMy^jt}p^lvxS~Hg~ra`rY|j^
zoTPUv@^!cX)tsUPGj-J<f+3U@yqHR-Zct)D|6t_|S}V8Z6`Y$-N+UC&gP{W>P(5*4
zD9zwe-OmFJL5DFRBS8x%#2i<rj#IzTa>yi0#6r{f0D?Z9YY0OYUNmt;RXEG7@<Mn@
z(>S9=fC5(yf&3Cu<?y|Pf^ia$J4a55xQq@FMYeN0TLn8Qt2>ErXT+BoA|a5KrV;4x
z0R<c;=F+LWX2YPG_YJb(^PFe7<~@fm)ozPAKY@n)6%<CuBT}3WjF?v&!<}P9a-`9i
zi-~PZ!yYD$Bg+qs>-Bg7ANa>g{=G&2-cA2x$$zluKlpHF(|>qv9`^cf;r^%Jx&8HH
z8$RjRPdfU)eSV{T&lYod0#AHhl&C9rTqt))&m6Yawx@394^&$4?zbxWBww1`&wjA`
zWUuXCdn_n<53Rv+$00sU3GSk=LI|7jRfsnpU%{tLX{!6;@y{3JboEVp9Kjz~^OT{^
zWbxV+k0-N<c$~iqYJ30%KB21~PU!xULwuLPhv_{f<TU%$Y&NZ@p2^5^QfEDd{5sXh
zN#mqy9MJ{S(;FwLCZb2D?oaFf7y%j=Tn@xViaM33OT1uGZ&3p}q|&`BI;7)N5HzTN
z0=9pdJ+*oq?x#E4j$`Yi$S63DJv#m0bgTH8v#nxvIYJLkuLsuEho{zWzdKYMJF>;_
zY|Cc6t#s{j^lywGt}xsm&A&JHW7~Vd;?dWi(eKLfvlfT<gFvw2pbC;69YYnDsJhwC
z!HP#zz0BMFtVL88tP^P8HCA!pj^;f(@6T*V2RC*eEbf@8xagsqjqHAqSfAaPK3&{5
zzp;D1IDDq!p*LREH&AJznvZ$?&swRrVCiu5mHP)PHrzk(w5}z-()Y}PdSz^<W3b%a
zSFzE3bhmz=IsC}>!y}@O#?KshSD71h42UV={`{2aVe=``8!W9&4B0}zUa<rmfrp6-
z!|hSxW4h_PLwgeJ<6p)Nryn>?gJSYi^lPy0v!+n>04vKw#+RnTglb*&jUc&XCTpTa
zLdVHX)1^w}%LukL4{Y-5baco0m*_QVHcmHSs449$BwB;Oi;w8^PfH>2PT|<Anp3zn
zxEFFs<WqT?x(ES#i)yCOY3`%CE*<Ch@B%W&)IUN|u~{sZkE~9MeXE06+W&*K{E8j_
z*y^@eKV~SNQUMwCc9uN-Kk@Y6e`(V*_O|nB8=Kt!w}&>^-~-!(Q{Q!OvgvZ${!-hg
ze$w`-$89gYeWq+5DcOTXdvJaCWBUOdI<z18sKY5)H`u_(1D~;50v|Cd#r*ykmFyoR

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/state_builder/state_builder.py b/src/iac_reverse/state_builder/state_builder.py
new file mode 100644
index 0000000..d8a4fa6
--- /dev/null
+++ b/src/iac_reverse/state_builder/state_builder.py
@@ -0,0 +1,332 @@
+"""Terraform state file builder (format version 4).
+
+Generates a valid Terraform state file that binds generated resource blocks
+to their corresponding live infrastructure resources using provider-assigned
+unique identifiers. This enables Terraform to recognize existing resources
+without attempting to recreate them.
+"""
+
+import logging
+import uuid
+
+from iac_reverse.generator.sanitize import sanitize_identifier
+from iac_reverse.models import (
+    CodeGenerationResult,
+    DependencyGraph,
+    DiscoveredResource,
+    PROVIDER_SUPPORTED_RESOURCE_TYPES,
+    ResourceRelationship,
+    StateEntry,
+    StateFile,
+)
+
+logger = logging.getLogger(__name__)
+
+
+# ---------------------------------------------------------------------------
+# All supported resource types across all providers (for state mapping)
+# ---------------------------------------------------------------------------
+
+SUPPORTED_STATE_RESOURCE_TYPES: set[str] = set()
+for _types in PROVIDER_SUPPORTED_RESOURCE_TYPES.values():
+    SUPPORTED_STATE_RESOURCE_TYPES.update(_types)
+
+
+# ---------------------------------------------------------------------------
+# Sensitive attribute patterns
+# ---------------------------------------------------------------------------
+
+SENSITIVE_ATTRIBUTE_PATTERNS = [
+    "password",
+    "secret",
+    "token",
+    "key",
+    "certificate",
+]
+
+
+# ---------------------------------------------------------------------------
+# StateBuilder
+# ---------------------------------------------------------------------------
+
+
+class StateBuilder:
+    """Builds Terraform state files (format v4) from code generation results.
+
+    Accepts a CodeGenerationResult, DependencyGraph, and provider_version string.
+    Produces a StateFile with version=4, unique UUID lineage, serial=1, and
+    state entries for each resource in the dependency graph.
+
+    Resources that cannot be mapped (missing provider-assigned identifier or
+    unrecognized resource type) are excluded from the state file and tracked
+    in the ``unmapped_resources`` attribute.
+    """
+
+    def __init__(self, terraform_version: str = "1.7.0") -> None:
+        """Initialize the StateBuilder.
+
+        Args:
+            terraform_version: The Terraform version string to embed in the
+                state file. Defaults to "1.7.0".
+        """
+        self._terraform_version = terraform_version
+        self._unmapped_resources: list[tuple[str, str]] = []
+
+    @property
+    def unmapped_resources(self) -> list[tuple[str, str]]:
+        """Return the list of unmapped resources from the last build.
+
+        Each entry is a tuple of (resource_identifier, reason) where
+        resource_identifier is a string combining type and name, and
+        reason explains why the resource was excluded.
+        """
+        return list(self._unmapped_resources)
+
+    def _is_mappable(self, resource: DiscoveredResource) -> tuple[bool, str]:
+        """Check whether a resource can be mapped to a state entry.
+
+        A resource is unmappable if:
+        - Its unique_id is empty, None, or whitespace-only (missing
+          provider-assigned identifier)
+        - Its resource_type is not recognized/supported for state mapping
+
+        Args:
+            resource: The DiscoveredResource to check.
+
+        Returns:
+            A tuple of (is_mappable, reason). If mappable, reason is empty.
+        """
+        # Check for missing provider-assigned identifier
+        if not resource.unique_id or not resource.unique_id.strip():
+            return (
+                False,
+                "missing provider-assigned resource identifier (empty unique_id)",
+            )
+
+        # Check for unrecognized resource type
+        if resource.resource_type not in SUPPORTED_STATE_RESOURCE_TYPES:
+            return (
+                False,
+                f"resource type '{resource.resource_type}' is not recognized "
+                f"for state mapping",
+            )
+
+        return (True, "")
+
+    def build(
+        self,
+        code_result: CodeGenerationResult,
+        graph: DependencyGraph,
+        provider_version: str,
+    ) -> StateFile:
+        """Build a Terraform state file from generated code and dependency graph.
+
+        Resources that cannot be mapped are excluded from the state file.
+        Warnings are logged for each unmapped resource, and the list of
+        unmapped resources is available via the ``unmapped_resources`` property.
+
+        Args:
+            code_result: The result of code generation (used for context).
+            graph: The DependencyGraph containing resources and relationships.
+            provider_version: The provider version string used to set
+                schema_version on state entries.
+
+        Returns:
+            A StateFile instance ready for serialization via to_json().
+        """
+        # Reset unmapped resources tracking for this build
+        self._unmapped_resources = []
+
+        # Build lookup maps for dependency resolution
+        resource_map: dict[str, DiscoveredResource] = {
+            r.unique_id: r for r in graph.resources if r.unique_id
+        }
+
+        # Build relationships by source for dependency lookup
+        relationships_by_source: dict[str, list[ResourceRelationship]] = {}
+        for rel in graph.relationships:
+            relationships_by_source.setdefault(rel.source_id, []).append(rel)
+
+        # Parse schema version from provider_version string
+        schema_version = self._parse_schema_version(provider_version)
+
+        # Build state entries for each resource, skipping unmappable ones
+        entries: list[StateEntry] = []
+        for resource in graph.resources:
+            mappable, reason = self._is_mappable(resource)
+            if not mappable:
+                resource_identifier = (
+                    f"{resource.resource_type}.{resource.name}"
+                )
+                logger.warning(
+                    "Excluding resource '%s' from state file: %s",
+                    resource_identifier,
+                    reason,
+                )
+                self._unmapped_resources.append(
+                    (resource_identifier, reason)
+                )
+                continue
+
+            entry = self._build_state_entry(
+                resource=resource,
+                resource_map=resource_map,
+                relationships_by_source=relationships_by_source,
+                schema_version=schema_version,
+            )
+            entries.append(entry)
+
+        # Generate unique lineage UUID
+        lineage = str(uuid.uuid4())
+
+        return StateFile(
+            version=4,
+            terraform_version=self._terraform_version,
+            serial=1,
+            lineage=lineage,
+            resources=entries,
+        )
+
+    def _build_state_entry(
+        self,
+        resource: DiscoveredResource,
+        resource_map: dict[str, DiscoveredResource],
+        relationships_by_source: dict[str, list[ResourceRelationship]],
+        schema_version: int,
+    ) -> StateEntry:
+        """Build a single state entry for a discovered resource.
+
+        Args:
+            resource: The DiscoveredResource to create a state entry for.
+            resource_map: Map of unique_id -> DiscoveredResource for lookups.
+            relationships_by_source: Map of source_id -> relationships.
+            schema_version: The schema version to set on the entry.
+
+        Returns:
+            A StateEntry binding the resource to its live infrastructure ID.
+        """
+        # Sanitize the resource name for Terraform identifier
+        resource_name = sanitize_identifier(resource.name)
+
+        # Get full attribute set from discovery data
+        attributes = dict(resource.attributes)
+
+        # Identify sensitive attributes
+        sensitive_attributes = self._identify_sensitive_attributes(attributes)
+
+        # Build dependency references as Terraform resource addresses
+        dependencies = self._build_dependencies(
+            resource, resource_map, relationships_by_source
+        )
+
+        return StateEntry(
+            resource_type=resource.resource_type,
+            resource_name=resource_name,
+            provider_id=resource.unique_id,
+            attributes=attributes,
+            sensitive_attributes=sensitive_attributes,
+            schema_version=schema_version,
+            dependencies=dependencies,
+        )
+
+    def _identify_sensitive_attributes(
+        self, attributes: dict
+    ) -> list[str]:
+        """Identify attributes that should be marked as sensitive.
+
+        Checks attribute keys against known sensitive patterns:
+        password, secret, token, key, certificate.
+
+        Args:
+            attributes: The full attribute dictionary.
+
+        Returns:
+            List of attribute key paths that are sensitive.
+        """
+        sensitive: list[str] = []
+        self._find_sensitive_keys(attributes, "", sensitive)
+        return sensitive
+
+    def _find_sensitive_keys(
+        self, obj: object, prefix: str, sensitive: list[str]
+    ) -> None:
+        """Recursively find sensitive attribute keys in nested structures.
+
+        Args:
+            obj: The current object to inspect (dict, list, or scalar).
+            prefix: The current key path prefix.
+            sensitive: Accumulator list for sensitive key paths.
+        """
+        if isinstance(obj, dict):
+            for key, value in obj.items():
+                current_path = f"{prefix}.{key}" if prefix else key
+                key_lower = key.lower()
+                if any(
+                    pattern in key_lower
+                    for pattern in SENSITIVE_ATTRIBUTE_PATTERNS
+                ):
+                    sensitive.append(current_path)
+                # Recurse into nested dicts
+                if isinstance(value, dict):
+                    self._find_sensitive_keys(value, current_path, sensitive)
+                elif isinstance(value, list):
+                    for i, item in enumerate(value):
+                        if isinstance(item, dict):
+                            self._find_sensitive_keys(
+                                item, f"{current_path}[{i}]", sensitive
+                            )
+
+    def _build_dependencies(
+        self,
+        resource: DiscoveredResource,
+        resource_map: dict[str, DiscoveredResource],
+        relationships_by_source: dict[str, list[ResourceRelationship]],
+    ) -> list[str]:
+        """Build Terraform resource address references for dependencies.
+
+        Converts relationship targets into Terraform resource addresses
+        of the form: resource_type.resource_name
+
+        Args:
+            resource: The source resource.
+            resource_map: Map of unique_id -> DiscoveredResource.
+            relationships_by_source: Map of source_id -> relationships.
+
+        Returns:
+            List of Terraform resource addresses for dependencies.
+        """
+        dependencies: list[str] = []
+        rels = relationships_by_source.get(resource.unique_id, [])
+
+        for rel in rels:
+            target = resource_map.get(rel.target_id)
+            if target is not None:
+                target_tf_name = sanitize_identifier(target.name)
+                address = f"{target.resource_type}.{target_tf_name}"
+                if address not in dependencies:
+                    dependencies.append(address)
+
+        return dependencies
+
+    def _parse_schema_version(self, provider_version: str) -> int:
+        """Parse a schema version integer from the provider version string.
+
+        Extracts the major version number from a semver-like string.
+        For example, "3.2.1" returns 3, "1" returns 1.
+
+        Args:
+            provider_version: A version string (e.g., "3.2.1", "1.0.0").
+
+        Returns:
+            The major version number as an integer, or 0 if parsing fails.
+        """
+        try:
+            # Take the first numeric segment as the schema version
+            parts = provider_version.strip().split(".")
+            return int(parts[0])
+        except (ValueError, IndexError):
+            logger.warning(
+                "Could not parse schema version from '%s', defaulting to 0",
+                provider_version,
+            )
+            return 0
diff --git a/src/iac_reverse/validator/__init__.py b/src/iac_reverse/validator/__init__.py
new file mode 100644
index 0000000..6bbb89f
--- /dev/null
+++ b/src/iac_reverse/validator/__init__.py
@@ -0,0 +1,5 @@
+"""Validator module for Terraform output validation."""
+
+from iac_reverse.validator.validator import Validator
+
+__all__ = ["Validator"]
diff --git a/src/iac_reverse/validator/__pycache__/__init__.cpython-313.pyc b/src/iac_reverse/validator/__pycache__/__init__.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..fd150733004ffb20646ed22306f431aa50de4af0
GIT binary patch
literal 314
zcmey&%ge<81RO{CvwDH_V-N=hn4pZ$Qb5L3hG2#whG52ECT~VBrXnT<hG1rW#v<l)
z7ERVF!?47h%#_5E{33<i{FKt1RE0DkGbFXBC=tlWRmd+bDJU&bD1)fV%+J$%2{K!g
z@fIgsXAv_{#7~pu7JGbrN`7*D{4M#+#N_y*)Uwo~;#57T-uxm23#<dAJTWIHK7J*`
zXONk<%$==bf?NaqV}kP%i_)C)Q&MA!i;`oI%!+}V6%!wynU`4-AFo$Xd5gma;&!_t
jP>?VJaj_7P_`uA_$as^%{3(O!18%Vn-A48z4xlgqy?I+h

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/validator/__pycache__/validator.cpython-313.pyc b/src/iac_reverse/validator/__pycache__/validator.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..35e911e3ae28e42db0b1caf85904df5211bab44f
GIT binary patch
literal 21436
zcmdsfdvIIVncv0xNdhE565tD05JeIaNj)fA67{etk&-N%mQ4_fQZdGY1W3Xr0p?!N
zlHj%DNxNBkw^K{bdL`}djF_xDrgz$g>2@1!x82x|)9ycQfk6@?H?FI8GwFDy(}5y2
z>vj4^f8V(eJP6uKC*A4vYIN@7ybr#|@B7Yoc)y{+&f&WC?_AG^FLK;p(~Ei;m52M&
zczBZwa{?FEh4oMB1RcBU1wFeP1OvMp1tac;Cr#(ff|;kX#wRW3tb+BNO|YG_3wECK
zaX~I@YUje{NAz;*f@5AEvSk0)R6-D9b7^6Te=)Y0jK?y`bcz>NQmKS6WVcVQq(nZW
z6-lO&nE|z6Vt|jO;{5VrEXBv>W66}5;pY>m7t18#e0n9byppkJ()^1FAvt%I7q6x=
zvDr*=mY+=vLSi<PN{AwBA)d(Kl~1PTgqWBSR%SCRLV}N@R%XclL~3?%C7wXZl}vh2
zsY+v9OwXgO%t9=~$1<73(sBkPP4jcfE9hWp2_?!CvSS8mLF5+_D?(Dl7-EZySBLB$
z(^5Pg(n-c=Vwr`IL27sglSw7wrxs$V`Gn-Upe@NbH6XdmA0`vx%3@|#UQ9W)DKGci
zvBqz5(;R*;j(#irPI|%E&4qiyhG|pSIBgD_rY#4}VRJk8yzzORU=3TQZDH%QecE9{
zBgl0k*G9QQL)|<(%WDif&|YmlC(Coy)N4TNZmo4|xRI4=s%fFNl#7*Wp7w;@=*cu~
zI%o_x(YHsG$qL?@e&n$?vwAHo&ok{%X5?jGThUqzYt4z)TB}-XtIBJu%JWs_`Kt2#
zH9h%RPwiR_8h3kDjSl2>VAVS@k}j-`sbX!qt4em(v>jk=cU85`SJmjQsj-9A2!w+I
zKfg1yOR_0+lomd2#yZAC9mg?ND{~{!FxZRHv_i;<3if&;c1mF}aH-N7n54{qLzy|o
zT)2xFa3mOG5d~(hGUiUE=4;v7US@N(KbgVH--*?S_{qd_S^%>trHB_5_QH7WR0bTx
z&oUMg`F_U7A$}${`vUQ2W+A~7`!VtIg@r^VoAPt9<f4dPResj^b#NvoqR|=|Ao45A
zXw$wFyAmx+hNxCOlU$-HCm`MuyugM{6Q^DvVTSCIU6xYOcv6tswrNE&3ke9M)T}|F
zc)F4BruX~*9lzY0+$H+Pu1Q6_s_%4%=+!-fa&)B(5yNaN$6X?7V^>&D|1MdycSG11
zHXYIL)rHMr%Mnu#cS#j2T%_ENaW9uL;lDY;O*+)N<@?2PRnVs_5lg?45pUSqbHt?f
z6E>%;Xboj*uZq@e5u4W97{^`w>If(}_87;ZrmMCd^2_6}N9<Zntj77?h&5~-L~ki8
z&E;3>8LOrAjP;(N-piw^o}-OcH)29xY%S4CQ@v3}%#SF)Z^}{e+t|Xkh$CWV_3cN@
zJzU5UdmUYZS!?-6<%fD|k%(R<H6Ek}WtSG9e(a-j;H`>wRKDB72Q_rhr{@$Mrz*Do
zmDCHV^kpdGOh!n~tYi{kqot%M61@wFFR!52I6t$Po_zrsOch_@k-d@-Lw3eQ{5Isz
zGbSRgA5@12UCaiah|Mmj${bRFCM3*@BX%BFnXyKAQm(}M+SE}ASO8!GgZn&*HN=|R
zW^g0?MC?j(X=RB|tt`!8EwM1QYo$s9)(#DATY12bCFWvK>P+Si6Z&C{ugvIzh6QBR
z&tFbrT7-!9stdE1VIgs4c9x*c++u8A9AMqXQdb#Hsv{URI8~OTir59s$g`3clzwuC
zo2Z~VDg0`25@a?_NS~It?A0j^vCSk?G2tqoN@w`F^hzo|#Fz7uVwp4`B2@yWpOSxO
zF#(B-=|OocE>=_`$d^cogwT?}Y$A`*TurYC{4=9dXNTU=OGZ*Ok_D1ijLjzml7}Ia
z<fMg)DoZ1|)fLmeIBDs$H?yozBu{zDnpFRoB<WPhEO>Aiyp*&ckz9)Ai7J{$fRyEg
zHY6dNWEK}zGRZ~Bba^2;yC9e;izKi>OfT7@0K8Eeq13=0)!|7Vwc85)q7<j@LQcsj
zCKl%e(gy;GVW~m;C8Ah+$)Pa9GI&59k)MjPvD4Vt1SFd>&qSQfMRX#ENL9V0!>2~3
zC&!;TKOM%;Id>`@PfUx#>~u0V8x;}&*kWQ@8FN}FKMgHkm8{xanlH!{oEC=EZ(Zm|
zJdFi?m3z?7`2)9|f8boZRPgOzZ74c?c?bWYXJ@f1SlrQz^rv1t2TDeL*9F}@i>0Nt
zWU%>~OI~hQ@4YUUx3R>z8X6x2xwej*BZb!9RY$RZ_o}(LcmJxZWafOGH(t5^%GwKs
zwvkomN3M>_mWyp&#hzXF9A;|7+|XER<^p`q+EMHXY<3LhI|kQZD0H06S$#ii4(9qs
z3Vl;|eVv=WeR<!$jgEqEeD#T+c{=a9TkbjoYy0!go}4p)9$S5@r;CA|n}PlL!2XRr
zg}~{Yv-1~z&a)G3{IGB87oD72p5P97f@~Ovs)nJC`p#p8wkKDeKXnC){;p!zj-r28
zv2#z+<1g~V_Zlp2dx^8y?Dw&poDighh_4DUSn+`&hMQRKH@WW5#SD9a8lKgabx~RO
zGsFOtaKuDtVv>lt<_eoeE<-B=qet|U8hR)fx}+fn(*0<I2(IR;r_EK+-^dN?!`35u
z71i+Eylq~;qjFB}n&$9o;bNVj>xUVWy}I=P+P_3dnO$h77pTGb5OZ@xj9bSV;KI(7
zanv|(lkao7IqtY2z|HAG4cRYkRqc?147S$M;EIOer-T*A!#So7cqZi%aVXl;u|){c
zG}OOvIVnO=hYUg^<{%kK*nDamOp!^um=>l!zJky17$w8(<+#*18(StDI4buj88eA1
z8OcJL7+;u36$oo(+caS#_e{t(5g*|NTK&`6-8I?N0JF>$1-}2lK3+^f8OOzJ@HDGS
zdOC3>F$)Ay0ZeGLBmC1LAZBr8W?4v+f|Cr8nvww)yJS}&GUSqEjx8@IQgJ3;A$K!z
z$a2YqQpshhaY~-T_?2Y>B$DNPc$^IDcT5705tmtqKsVXfk}e^VoMwVh=%F$oAx`p?
zWtk?sv&aw&NM7Yijl9kOVN2k~b8kE+xet8kZM*3xczYlXiY@-4uLC^Z+PHeU)X2G8
zH(h+*#jlMPT)T?y)*B7i8$M)$t{6OWr}w*qe?GW5GLavdD2$xX9eF0lKYPz)XlZ?5
zFf}!ooSd(#=xO`pLzjQk)t`6u--i_N7oE+oPrNqqp&PQIqu6;C6`Gn+p`r1flk@sN
zbhXwg*8TXqP460Vonz(F52*AnOD;6|so0HqeRZ^NbPxC5p21T#!~5+vN_TdiG8(>T
zG~v0vv>E&LN*iucvr{l2<%0Ym=~i<^^r{8Y!&ONJ=J={ETp=0iSRa=(yCN*xDiv}E
zlEHdOlQk8R;q%(DDU!ibDa9Ze>`XFP<$Hx>aAecfl0ns>G7dZ!KL4}|@tIdF2A!<f
z#bqR^$qA)0LAm9aC=y!VPF4uJuvVX%2A>zxsi}{T;YAprgb9GbGKXv9spaxVH6~ZY
zLhom>y4nn}yG__nJsqHA7>U#xU8Z?O)k3O(A~q+<beKw#l90jG5qcUyQp>}HJEXP?
z8Xl<vU4Kj!{xK5bW8Y`-aeJAMy}nJ)P~J1N{^GY@e&^*oa|O?M&N=?socUy#*FK9g
z$KHMR-BY<rKCa?Sn#)&DjOw`ebb}`YhWGZ_C_U17vK>rn!n1G^C91fSG%~{iuL2!E
z3>GNsex~v3&^9>3sPda?Wyiq#^JZ{oz4Dg5oLU~5)ac>P{v~v(DPpQy+Nx^$u#F)L
zjC-OTj!Iq13{J6ZQ_G>&f?vU^jp`^+iM4JoPWVaCGF|X%)GyPZwOQebh{2|h*y^^~
zsFmMtl&*?i?c2=6T~Wpnv8S97hc+Kb#E89-3pYg^z#0bReGcZjxEQg7n~xaOk@4Kb
zyBy~LGMYD5NlGJIimK$2hV~BXE2QRUV?1mggbmelZr-S29#8Bw5Xv)5VAT;P6_O2t
z44ND63!n(vGKghH>@P9vG{_`EaD<2ZKCyR>V2^D12AL%X>uDvGLH5(i*LX5EpGuP_
zUc}c+tPRrfa%=QNS5PF|CYia4GIB#fxxSoD1y<lC6<Gez&`@nIHWmPCsB)c5fn5B^
ztL~C@OBQS@wnVwXCHN`eL#=6A9$h9T(4<}pE+$h{c>e$&1e{x0O3};9)nlb97=|`g
zdVg7alb^n1f7vbz_WflU%|vbm7*mC>rfx)@ej{19OD2{*B{?dVShA`MDVf;s@w8-O
z)0eF3R0*MBHj<I1B3YDmmCW)IX7wXHpeuRK1cKqhQ%FJ<$w*2`GA*WKaZz&7D8>LM
z;|T`pB-_;0W%;qJ6C}fYA`@zm;T{P_W+_QVY&^w;(|E@tXhS%s_5y54KNPHUP~4OB
zb%K(oDWRc=B;05%wM&MHqxdZG6)L8#=K6qIH~{j8t{JjH*Ld1)jJz>&6Z&J<>KJTW
zr~CE8uN}U2=4NEmu`}=33AlH+wf)Az^@W=+ug?@(_pdsB;ti~h6<wa!ue^5UroG_W
zxpukW8v3!@cel;IdKMLs>+iblyX9N!EBJS>p8Lq<FLvy@ed5-M_1zmYg^nZFtVLh&
zcH^x^)b#DWX8OqED|Ya=kK8)4cA?NQaBWQO^6Gl9&^ow!1}OH%#p@SuF0AVdEqh?*
zwsx(a`N-8$?CQDs#M<P#dF@KBecv_9T@8w^U3_;c?>_engB~!nk89yeL!7(ilLt@e
zxTcm(cTe8k^HwtF+E)jfcAl@%lL{myYWQmFn1%bmGCX$N@WC-1Qi0qXvz3C2pdnLs
z{{hSVFv{+s3}2|M`iAdO^zzV#ukqJm_||tRV|<#yiWN|<i#t^}a}6jaKUU54(Bd5`
zxQ@9@9td_RpxE?zY6-3YN5r&^xojFWF>@LB3Q*jTeW@B0GY2Shj8>=(d7GH&7sW@X
z?he&K#@U3BR<rpSyo^efdH~s|7}Hclz$O4E>_#$`8~_b4kQ~BRIlg>M$rg*5jdgpA
znPt~v>EV4EnEq^wnQ9Y+cGf^>;UEpA43QtD*F#98W(8YQO$Apo<S2t`g3|DL@>D!X
z3G;3;Un1}nCy-qr5;l;<pezFec;8|wQ~L%ikoZ543$f?zsesr=AHq~#H$%ML{Xa03
z?|RxcJ-hRs-HM%k^TqoHJ-PfKlRkN1=G^W7x2@<NOc_@6Ni+A}?hd5yn+H$z7~X%x
zM(K&pQvt*G0wz3H2`~+<|5uO^!ZCEf%eqOdVC|)P$0kYK)m&<xhdZM?3+Tv@_Gh#~
z`6|MUqu&Xb8Soiug0-IT3vv;YiYbAg&Gq&L2?=T#8#{wxBau(+H-Ta6mpAPz+X+DN
zb=x#olmRNQTgDQ$YW>=`X$K(?S{X<E{lG}srf`Ps3~}pI4X|-EA3=HHFOh~~SHvE1
zMjFD7O3Y2Zzlp!Xye;8|5rp8dRnBd@4viIaY>YJ4oue!4*2eGJri`hgjCGqbO%-L_
z7e5)q93pN?!|sva!$?72XLJ+rfzllCv`4lcB1V;B_HazSl&QrkuR~=DwE)i=&jqM0
z;5p46XpU`yFl+4rCJrlwdOuuxiP#eD;jzyI9I@%e%z_XE`xKC-99YDvGXI4FS!vTK
zA=gUJJWsJd%h<c428Q@ABoNt?et{aY%S|$Mk^z+DgK!FBt7$e7WkCf&9-CG{Y90G(
z%C=9C9GJ;?B9%eRkzLsek~h?X@*6gpWSfDyko~$aGH8=ab~%!fLmQiFUy3qf!(&4e
z@%TbQvwUb|fcv%MPz)WpPvn=)3~d%wUrBBUWAV5^ZN)B&0K7otsoBI(;!133c`*?z
z+X`jFB1jQcX)-s0v-mYKi6H-*d~jtMa9VzhCl(Q1CD(l!*2QT!lQCeX3`2UUv3m8S
zMs?Qm3QJ~r{E}7uE*WWzl115XhPRguAZs0EcQO+sw^}$#Wyw?QP?ny$mMpSOAx^>1
z&4NVKUqrIV@9->BMN-=22VP3Qn1CyaDM`DyyqL@|x)9DIUwDR+XDJC&@%HFaY&j~A
zDVj+uL=k0EW=fY>BGgo4elXA~ITm7~ws}Yf4veK#Mz|{3*-dUFMqSNNW<%91g#=~H
zQ?fw0PGu^x-SPr`Uqm93NRm}_MJj7+3L=p@w^%In3n_SD7<?&y83|b{TwCX=<F2>;
z##7gy`ufwG-od<gaMQaN#s=9i*GIm7Y<27-PaEuzlF`uM|IpWY+x`dkwSxs;|20#|
z%C!e>`)~Qz9$i0B@DHt?yX*4jy5IyKE&97z#^LqJf`8vNbFpK`?U7p}YtL^43muQZ
zRN?#Ic7DUTeqrN_1^%&X4Ml7lw%=-BJG-7N_zzz*W9JQ<Zr#W8-N)gE>mI-6z?ZIF
zYZune=Gq5glehz$?%uq+_e1ZFV(8Ig&)y>6ch6!Zr@9$V^+r^G!*RE%BNy2F!=}B(
zK+o-~x2~@HH%=A;hpst`t-;OK-h6BC+RA#Y(7NxM0ef+q{!rc@TJPT&E%+bBkhgyE
zv|c~9)|>bAukZhnXP_AD{rZ#l&g;0AeWfWK=MDVBujH)VpFB8&XE+l3@}9o?oUXzD
z6D*zq_fOgH_TAR;7X9~IyyHWr?+@ybvLAgGzlU}a0%OJw!92nWq;K&bA(=y_l&(H*
zxTtAZ#Fv<|hbLl)YO0o=GDVYYqpfzCws@jy{>AicY-VK<PLLsi$V@UXrQ?u&#AcAt
z>8sd$H_Ng?GRuO2ta_3Pk_9nQi?P{+WQ6R9hjfgGfSHMwCA-2!U?`DTk>_PHO;Kh~
z1(|NkaaV|3p__<YtsvK8Yj?3VP;3hny?*lC+E?wg1JnNcE3dr*i`zArvknS<C|~6)
zg_4q&bP5j)ei<TqxGMo}0mQg^K<uJdQ^R#&R9K%fOzcoprU6TCh)Edfs2p@gYg`#Z
zQV|uQhPkb<s2VLcO@zi6U4~qO`YXpPFjY8WALJu)WX@hh(ylC1<Q&DZX;C_SzbxPo
zb3!pfb92}_Bb7=bE`-_>wJ|){e0vf4O;Cb)_<o2=k*DxigqT$2QT0=DBy3f{507A>
z*~K)))6EF@^~C{r?cgV)ZdueJLV~tN@=yRnIh2P6TQ{7C!VX!aq3q}a6(jC;gntTA
zw-lVioKtd)v7E)0yS(zs`jzcMIhsh_UPY`g#igJr;D_>B^Os|YNn$@iypElCdI}-F
zEouZulzzR%M3nWv#iWuN5UZmWML5P;5S_3S$rj^^cI2e43O-O`a@5LD%d5lyq;|jn
zLC)X3+VIyc9joI-3SKyn_Z`?cTJW7-ed0g6e5+TBe9s#V_bgm%XUWdFyK>e}#tLiz
zRs292jER^aT7Q!^)A6D9`YaO!TL|1FaaGL~(Hzn$jAU;0x?6r1n^g|$p}@a7?&ob=
zbJTQ;*P7PIqgQin+gcsiU)kEcE~L+Xv4XV~qTyq_Oa@yhvP^o~W?gI>QX8_L4q2HK
zl3bvd6N1zcO^Q(k8d2ns9EvBC8aB^lR<Fn)E(c~oB_&obs<N<Br-LBW)=U=2C%LJj
z%-TxvrYOSSt3HK{6+Qz-%*<&@L_`2Y7U{3zO$t<yva(85tny7F=HEg|5OX8v@!c4_
zKDgPuE8o1U(A>9bfs%K+HywNOjy>yVHXR4^j)MRq%BI{)1<%Qx^Q2N{ciypk{m`ak
zIPVx{Wrp*f;f*H?o-;Y;8Kn%5;G?y+O-Cs22(dDuyeG82r{FoBa~{9z^2*FXbE(q5
z8gr0e<vFm2>`YAQE@AZY72ys-D<dG=8qs+;)h<`<W>N>)$4@OJ5Uq@O4w7?BP*9{>
zYzBLraAxspuqEt=x>9{8WX^i4a)kMnC7{S`OVwAEK(bA0iyF;jo9I-9QjMq0h<MhE
zF;F01LfwNwSV<z=luA>?$wFDFRILb!iedb}KY-+fZYRf+(BPmz!L;e7DLvW$FLH01
zunPs&bRd78J7k#Cy`y{j9qt{2q#xQR>6T?*J2l4huQIBUY{w{e^UAVtLONVQJKJ->
z&@sfHVr%HckXG{p{4Do9X!VniL07rv1ApRM8@*}y{bPUP``i2UWB&anFGd1`Aa(T}
zz07M?s3O3ll*nMoZzwcOlqv0csB!!`bxPZ|pS;Tb+-&jMSFI1+oZIt*<^%8e3e5)!
zt^+yi0U3#)sCNB&i0klY64%zCT~#6sg^XGMmXKaGHyc!+Agoez$@vu=!=dm3BA8{E
zDnxw_kcwI?+oXjBtDk;7bR+yDEST^*CD)LMl{6!K9bcqF)xT1G(N~99{v&=2;Z17z
z_bItS$t@&Rbnx5wPz6u76|Vml&50Trm>3y2|IWzZ=r&}a24~AshaGQPO3p825VlNb
zn_@GI2@)^96=FSkE0(|<fj5TcvYi^bt0n}dGqSDQ)M`qmUZijgvMm4#!C%?NYE<~?
zE=?Rk?y=VRcw&x1!-&pQYWlk(qQPn+s#Jq@Naw?cA)VKVblSIXH&2cH5mDXtM#@c?
zN|3L0L757x;%H}Hcd@x1a2tdSW-%VbHZ_;3tE$`S=HUIT1LxSDzph@qmf8-BpsW*(
zH3J?CQ*>pWJW+pKKZ1~+7=YI$4X8zos{UkoD>&Vu=ehGj{WikJLA0DQT^y%j*Yn(J
zBg8?uh?z809Qz&cP-`CD^3vc)Bi55HbzRu@pK+4ZO3hXFkMr=RW8GS63g9(tnQYto
zwLHVHg?VCGL<MvuotU9*n3@YSM|@1}rH-`nOim0S25pcas<|#6Laz!P^nhXz8)8+9
zz<Y}v^4`vC(W{@AAF^eCFv;9$4A&6&BxRwV#3%!s`nD>N@e`GZ2<|dw>ap!T))?*4
z4?q%-$BqnIm}??rRB{dnHL1Xm{k$3qTXDz>1~;S#jAHzk>$2f#P>9Z~5dh-ng!GcV
zjL4J|20-DTnpQG%gNK0=tceuj4<HN$A681z9hY=3Njm#f$i;#eBy-{lEKyOik;5ZO
zVYR{%3JSEn#)29o142J!UnAOzi{yNk49n?d$$lA;C<#^vaSv(4_P0f;K7?fjqNjn%
zFvY(W?$2C}Qa+3Zp85+?au$hXBa<2Xf9T6Z3nfZcx<!-mE0R-QlX#TANH$s)){029
zKp37b8OMK(+Nz9skgHY<kJ|VM>>@sj1VFwSK>)93U(XgjzPsMQ+q=K9JMSG>wG~~y
zO;;fA3T(P|<Xt<E3m+mPTfJSI-oCuIZ=)^e?aO(OY<kD?-m!xB^y)Y~JkF-qM_wDr
zJ9eza)*t!S$U7rH>^=3bJ$E91(f*^}Q+L}sZ)C4$*G8|uf}n^F{?=og9sBYf`wATg
zR-XdscYCfa7F@x##m(NM`QD><PHpx+p6`9U=x(`TyKcML{{#2VlHT03gN>m-@9l>b
zecN`+wzdln&GmzM-`+cYB?H$Iy2t5pG{MYu@-U=Z{F~l=dGEfBmhW_ZyQ|=RY}NLW
z!^;ec{dv#+jnH423ZAEP&Zl8geDYvF=Wc`F&*uLzCTzg{mk)4sI)G12JAT~3<5Sa)
zPsN>B<vU$t1Kjt#!Lei92Ltx8BZdzS>nJ^DAGaC4Z`C2KQiK|Gd>54;=Dc7;^9hpI
zP?KzsfAAsJmG-J^!FfUSAzzc^xU0Ev8W9cv)qMZeTc0<=NBM{2GUeBBs>Y^dCCLaz
z<5K%m*w$fQF@(Iz0AATh8RUbbwZ;zLH<wQLk=3=u;t9g96^vAR(-bpl1UowEp#4+V
zrM~Ilm-?qK?+LLdCJVC7G`RS*xQAuno)p<G2$?tn!q&w^Oqd1#%?s(3W!2U&A;xWX
zq00aHFR-4{jtZ1eUkKQ-^x_1{;%H4X*W|fjd&8D%A6TC+xF20LedKV1scsy-e)Q&-
zzkVX;+=1<Hwang)wu1XeoicY_O|sehFVU><uPFHrk}B_z=75G<`=JP}f>?-1Yc6al
zYe!BI;;0|id_({#@WNg&iu%0(;4mjUVNRZ^2RF*9QzK)n4TX<JjL+yN;722)Gi6E{
zD-OD98`%}#^eTzdc5Mvvn>Rp-*FF9kHr5LUEvtV(5X_Xq$&Uc2%v(gHqCSP7NGQ=p
zbrC9*tU=ozwPp`Z%1V?;>Pihtx@kW7BF;3Il^3GBlk+Ju{)e*0=cdKoStF9;r-grl
zUWB(PSw}JjrSM(cu?Lo3TBZ|p=7fl2APM1nRODNf{BuhFloC=`a9vi@fn-tmN>*gH
zRN^wz8R8b#<)5Ltw6lVQx9AB)Q*{#&-$ZE;v7Pg@+}Qob?lt3ElW%|Vn_pbNTG(|Y
z*E4dbC)f2@q51Ju%a42a6uf7?nYbDM&hc*_f7iP?eEP=JHxjG1ocGL69gVA3fA_>6
zh1XjC@b48IeN3eo>99o0rjyS*`8Ds`{%`o#j}&%1a>tn8aqQj8Ir@Gcvifg-?&4a`
z>OLVOy;?qh%Ivp4^`C4pzUMYmdLVeRoqNCCezMQ-ey<K`6?c%}G~oaJUdA1u9o%a#
zK({(#Q>8ru=PDh`Kt7@i>lth}La-XZB}N1Rn?RYydV*SowrU$O5F$!iYDb|^Ck0sJ
zfEHS{4jW`B%qU-nI(59R7ZX)<jYAIgO5w=2O8GX>y9V<s=v@PqA$#_lqj8`!%`>68
z3ltj=@Qvuc%Gd-{R1}1~uc1{bD~K&Pj^RIfqe`@s`lz#|K_{_dnhQfzHyZ!}vre@S
z`kHmv)mJ{4H3j*X5Lc`5TDBrn(gksr6uwziimUY)#$rfL_^0@7gnvc}<3PrImRbnc
zP*o8d>&jk?2$w9lS$mJlzFR8;q5!HQ{qnqg$tZ3WAF4cA+q;1G5`X>$$^*)|Ie*ut
zZ#eH8-WdPR#J493zLTpBAGtaS+WC9dUdj6(S#2zK^sP6nePv@I=YMRqv1Duj2fDg8
zT|IeM&!($4@9Hgfgf=^d^Bu!?zL4t}&UK7mv)*k9tTo*H%6cs4*|%}F;5i2PR&;l7
zx<h$)sOas)#`7HuuvgP=U@z?8+OdgBuh{3M66-_n9?H?vli+2X$iVTZ3Wz1M@W#+d
z1NUB_nbHGpr0*N-C*6kkT{@)yUn8k+sYpsCn6j-?kLP|BP__NuVIKla`Upq$X}tzt
zSiu4M6t;!MU^O#Wx)A&9*><%GAXGh|CHx!W6xx>&aH510-bYdep#D8RR9Pu?S#N?!
z`$-gq>Tzq>=+GTtqtQCp=%?=H&p}u!daADweh=OKzvQ=}GdU?!+1{_`ivg0yUkWMv
z2$(;|i6yJKX5NA_F+;6sz@}WFo<~JhQRH`t!KQ=~spCsgOECqduNO#N<tu7Y`@~<`
zP?Rq76<tt#MPZDu&e-8?AzzW@;ym*e)$z<|<ET7i1Q<+zU4+eG7oN>^eKZzzBs>?k
zO?IdwEZ@sx4ckburi>TI+4(2<Y?%M3j@Kq)WS%!YV5Ob;YzUIGtDbs=`u)uOkR$t-
zqvieaiob59?CCRsKp_Zc;XlD&_@R)4sp{=~^)Fsj`H4l8Qw7A9jHlox5aol7eGldJ
z?Nj3zWVO9_CKhKNAA}N|u28&=fqsDBOD|7<=}V!ketN&~O)LyE&k&2I8<2EI87x-a
zH5HndIcOL_HsAy@L%6bX{s+{;5+w{HAEKvkQ^J5UDQv`!@$?}`$yrJWHxtlKWdO@1
zcUnl!<IiL)V&|THVOEuJhe|$$L?oQ0XlT{b@;lT*M+Jhe-FJ<W_!<GBLo<7SH784J
zV6!!pZw+l6%C&}atw&eSz_-%56My~yMj|kH?;E{0yVqMbEQRL7*mte)yX1N&a?f7a
zeD=Bgv(Ifl8_z!*FFZR}=$$KiJ2t(&d2esQ+mG-Am;2iIjdRz}{m?b=*3PxWAMgH=
zYk<z1Aj)f9ck2W~yxKaie`T|6Am27nXdAj_{2BhFLuM^o2<%7X&W$IoKXG&62j0G7
zckp)dR&w1`=pNee=DQ!ccIK|5x!~w6>5UCtMYmr*R<ibmjmtSYVDeb8tplT_QzwUN
zf&4EY?Bl#06m!+}<F-zUx$06JEv~WM+y_4Q*a-K*Zu{6F!v~M*C>^nnTMXYf>yWa&
zCj1q*j}7=yLOUdDlwr4MRI*2-2!>jLYb`1{qtP#~#1;vF;>{HWEE7Z)NtjCGgC!b`
zr)Q&4`JAgEiNHVNOLq8HpoZyW6ym8!3Q5M9bb65;L>EW^2&0r3DWQma;Sv(bNq==K
zIlGj|ETrQ?ioR3Ci0~>UzeUM!Q$l+V!q+Gvzk={*ln?+ENJ|Qg%vz#RxvjDvPsBi9
zrviPH^iX0|6Nn~Gd<*3FHSV6?YO<DExyK&Y-7{R$ne4^(u9Ez4_^AAF*XIA9Cdw*h
z^?fFsOA3?>bPo-#r}Lo`?B%Yl;eiPsOOv{QQiSeW5xlS>xR*}qj+<JFt^SgM?mPR|
zUHP4d*$XRzkEK_1L#WW=FPU(MqpqptS~Tz8RkF}4;u5=WF6I3LB^$lkIeX&+2R;3U
z?v&0Hxa;<mO!QD$kG)q^WbblK_IOUunVU;`n`vl$xWwVMF?^qH_YLazQn%04#pX_T
zZDM#~qsF~-um$s>)uDU;A$Dh(ct<cMbznCQuZK$<ZW~kg>85mmr;?AAu%g7N5{KKy
z*nPSwCGZ3(p|r8KleMwlv!#vQ$`I&IL%^L40r%2H9jo7DYF_u0INUZo_vxnefTvO~
zE76Fb&eK*h(7gvPQ@ZavxDo!gjXk5m`zCx->fx!xccKVQo$k~x?yO(jOUGEFE_7?a
zAAmu(hWm6=s^h5?98!i&cdCv%s{ajs{uY^liFR>P=D!dLpQnTby+HdX?DPzCY%DA$
zXJkffuK24rL*Vbkq9`*T@utkRj2WsKM6w=}Wx)yIW0WHZB9cmntkLQ2>CHOheK)6b
k{)DsrglqT-*Yuw_-+$xI=ehHLV}8k|Yxy}xDI4zp274>?WB>pF

literal 0
HcmV?d00001

diff --git a/src/iac_reverse/validator/validator.py b/src/iac_reverse/validator/validator.py
new file mode 100644
index 0000000..b8a9131
--- /dev/null
+++ b/src/iac_reverse/validator/validator.py
@@ -0,0 +1,653 @@
+"""Terraform validation runner.
+
+Runs terraform init, validate, and plan against generated output
+to verify syntactic correctness and detect infrastructure drift.
+Includes auto-correction logic that attempts to fix common validation
+errors heuristically.
+"""
+
+import json
+import re
+import shutil
+import subprocess
+from pathlib import Path
+
+from iac_reverse.models import PlannedChange, ValidationError, ValidationResult
+
+
+class Validator:
+    """Runs Terraform commands to validate generated IaC output.
+
+    Validates generated .tf and .tfstate files by running terraform init,
+    terraform validate, and terraform plan. Reports validation errors and
+    planned changes (drift) back to the caller.
+
+    When validation fails, attempts heuristic-based auto-corrections up to
+    max_correction_attempts times before reporting failure.
+    """
+
+    def validate(
+        self, output_dir: str, max_correction_attempts: int = 3
+    ) -> ValidationResult:
+        """Run terraform init, validate, and plan against the output directory.
+
+        After terraform validate fails, attempts auto-correction of common
+        errors (unknown attributes, missing required blocks, syntax issues)
+        up to max_correction_attempts times. Re-validates after each correction.
+
+        Args:
+            output_dir: Path to directory containing generated .tf and .tfstate files.
+            max_correction_attempts: Maximum number of auto-correction attempts
+                before reporting failure. Defaults to 3.
+
+        Returns:
+            ValidationResult with init/validate/plan success flags,
+            any planned changes (drift), validation errors, and the number
+            of correction attempts made.
+        """
+        # Check terraform binary availability
+        terraform_bin = shutil.which("terraform")
+        if terraform_bin is None:
+            return ValidationResult(
+                init_success=False,
+                validate_success=False,
+                plan_success=False,
+                errors=[
+                    ValidationError(
+                        file="",
+                        message=(
+                            "Terraform binary not found. "
+                            "Terraform is required for validation. "
+                            "Please install Terraform and ensure it is on your PATH."
+                        ),
+                    )
+                ],
+                correction_attempts=0,
+            )
+
+        output_path = Path(output_dir)
+        errors: list[ValidationError] = []
+        planned_changes: list[PlannedChange] = []
+
+        # Run terraform init
+        init_success = self._run_init(output_path, errors)
+        if not init_success:
+            return ValidationResult(
+                init_success=False,
+                validate_success=False,
+                plan_success=False,
+                errors=errors,
+                correction_attempts=0,
+            )
+
+        # Run terraform validate with auto-correction loop
+        correction_attempts = 0
+        validate_success = self._run_validate(output_path, errors)
+
+        while not validate_success and correction_attempts < max_correction_attempts:
+            # Attempt to correct the errors
+            corrected = self._attempt_correction(output_path, errors)
+
+            if not corrected:
+                # No corrections could be applied, stop trying
+                break
+
+            correction_attempts += 1
+
+            # Re-validate after correction
+            errors = []
+            validate_success = self._run_validate(output_path, errors)
+
+        if not validate_success:
+            return ValidationResult(
+                init_success=True,
+                validate_success=False,
+                plan_success=False,
+                errors=errors,
+                correction_attempts=correction_attempts,
+            )
+
+        # Run terraform plan
+        plan_success = self._run_plan(output_path, errors, planned_changes)
+
+        return ValidationResult(
+            init_success=True,
+            validate_success=True,
+            plan_success=plan_success,
+            planned_changes=planned_changes,
+            errors=errors,
+            correction_attempts=correction_attempts,
+        )
+
+    def _run_init(
+        self, output_path: Path, errors: list[ValidationError]
+    ) -> bool:
+        """Run terraform init in the output directory.
+
+        Returns True if init succeeds, False otherwise.
+        """
+        try:
+            result = subprocess.run(
+                ["terraform", "init", "-no-color"],
+                cwd=str(output_path),
+                capture_output=True,
+                text=True,
+                timeout=120,
+            )
+            if result.returncode != 0:
+                errors.append(
+                    ValidationError(
+                        file="",
+                        message=f"terraform init failed: {result.stderr.strip()}",
+                    )
+                )
+                return False
+            return True
+        except subprocess.TimeoutExpired:
+            errors.append(
+                ValidationError(
+                    file="",
+                    message="terraform init timed out after 120 seconds",
+                )
+            )
+            return False
+        except OSError as e:
+            errors.append(
+                ValidationError(
+                    file="",
+                    message=f"Failed to execute terraform init: {e}",
+                )
+            )
+            return False
+
+    def _run_validate(
+        self, output_path: Path, errors: list[ValidationError]
+    ) -> bool:
+        """Run terraform validate with JSON output and parse errors.
+
+        Returns True if validation passes, False otherwise.
+        """
+        try:
+            result = subprocess.run(
+                ["terraform", "validate", "-json"],
+                cwd=str(output_path),
+                capture_output=True,
+                text=True,
+                timeout=60,
+            )
+            return self._parse_validate_output(result.stdout, errors)
+        except subprocess.TimeoutExpired:
+            errors.append(
+                ValidationError(
+                    file="",
+                    message="terraform validate timed out after 60 seconds",
+                )
+            )
+            return False
+        except OSError as e:
+            errors.append(
+                ValidationError(
+                    file="",
+                    message=f"Failed to execute terraform validate: {e}",
+                )
+            )
+            return False
+
+    def _parse_validate_output(
+        self, stdout: str, errors: list[ValidationError]
+    ) -> bool:
+        """Parse terraform validate JSON output.
+
+        Expected format:
+        {
+            "valid": true/false,
+            "error_count": N,
+            "diagnostics": [
+                {
+                    "severity": "error",
+                    "summary": "...",
+                    "detail": "...",
+                    "range": {
+                        "filename": "main.tf",
+                        "start": {"line": 1, "column": 1},
+                        ...
+                    }
+                }
+            ]
+        }
+        """
+        try:
+            data = json.loads(stdout)
+        except (json.JSONDecodeError, TypeError):
+            errors.append(
+                ValidationError(
+                    file="",
+                    message="Failed to parse terraform validate output as JSON",
+                )
+            )
+            return False
+
+        if data.get("valid", False):
+            return True
+
+        diagnostics = data.get("diagnostics", [])
+        for diag in diagnostics:
+            if diag.get("severity") != "error":
+                continue
+
+            filename = ""
+            line = None
+            range_info = diag.get("range")
+            if range_info:
+                filename = range_info.get("filename", "")
+                start = range_info.get("start")
+                if start:
+                    line = start.get("line")
+
+            summary = diag.get("summary", "")
+            detail = diag.get("detail", "")
+            message = summary
+            if detail:
+                message = f"{summary}: {detail}"
+
+            errors.append(
+                ValidationError(file=filename, message=message, line=line)
+            )
+
+        return False
+
+    def _run_plan(
+        self,
+        output_path: Path,
+        errors: list[ValidationError],
+        planned_changes: list[PlannedChange],
+    ) -> bool:
+        """Run terraform plan with JSON output and parse planned changes.
+
+        Returns True if zero changes are planned, False otherwise.
+        """
+        try:
+            result = subprocess.run(
+                ["terraform", "plan", "-json", "-no-color"],
+                cwd=str(output_path),
+                capture_output=True,
+                text=True,
+                timeout=300,
+            )
+            if result.returncode not in (0, 2):
+                # returncode 2 means changes are planned, which is valid output
+                errors.append(
+                    ValidationError(
+                        file="",
+                        message=f"terraform plan failed: {result.stderr.strip()}",
+                    )
+                )
+                return False
+
+            return self._parse_plan_output(
+                result.stdout, errors, planned_changes
+            )
+        except subprocess.TimeoutExpired:
+            errors.append(
+                ValidationError(
+                    file="",
+                    message="terraform plan timed out after 300 seconds",
+                )
+            )
+            return False
+        except OSError as e:
+            errors.append(
+                ValidationError(
+                    file="",
+                    message=f"Failed to execute terraform plan: {e}",
+                )
+            )
+            return False
+
+    def _parse_plan_output(
+        self,
+        stdout: str,
+        errors: list[ValidationError],
+        planned_changes: list[PlannedChange],
+    ) -> bool:
+        """Parse terraform plan JSON output (streaming JSON lines format).
+
+        Terraform plan -json outputs one JSON object per line. We look for
+        lines with type "resource_drift" or "planned_change" to identify
+        changes, and "change_summary" for the overall result.
+
+        Each resource change line looks like:
+        {
+            "type": "planned_change",
+            "change": {
+                "resource": {
+                    "addr": "aws_instance.example"
+                },
+                "action": "create" | "update" | "delete"
+            }
+        }
+        """
+        has_changes = False
+
+        for line in stdout.strip().splitlines():
+            line = line.strip()
+            if not line:
+                continue
+
+            try:
+                entry = json.loads(line)
+            except json.JSONDecodeError:
+                continue
+
+            entry_type = entry.get("type", "")
+
+            if entry_type in ("planned_change", "resource_drift"):
+                change = entry.get("change", {})
+                resource = change.get("resource", {})
+                resource_addr = resource.get("addr", "unknown")
+                action = change.get("action", "unknown")
+
+                # Map terraform action names to our change types
+                change_type = self._map_action_to_change_type(action)
+
+                # Build details from before/after if available
+                details = f"Action: {action}"
+
+                planned_changes.append(
+                    PlannedChange(
+                        resource_address=resource_addr,
+                        change_type=change_type,
+                        details=details,
+                    )
+                )
+                has_changes = True
+
+            elif entry_type == "change_summary":
+                changes_info = entry.get("changes", {})
+                add = changes_info.get("add", 0)
+                change = changes_info.get("change", 0)
+                remove = changes_info.get("remove", 0)
+                if add + change + remove > 0:
+                    has_changes = True
+
+        # plan_success is True only when there are zero planned changes
+        return not has_changes
+
+    @staticmethod
+    def _map_action_to_change_type(action: str) -> str:
+        """Map terraform plan action to our change type vocabulary."""
+        action_map = {
+            "create": "add",
+            "update": "modify",
+            "delete": "destroy",
+            "replace": "modify",
+            "read": "add",
+        }
+        return action_map.get(action, action)
+
+    # ------------------------------------------------------------------
+    # Auto-correction logic
+    # ------------------------------------------------------------------
+
+    def _attempt_correction(
+        self, output_path: Path, errors: list[ValidationError]
+    ) -> bool:
+        """Attempt to auto-correct validation errors using heuristics.
+
+        Applies corrections for:
+        - Unknown/unsupported attributes (removes the offending line)
+        - Missing required provider blocks (adds empty provider block)
+        - Common syntax issues (unclosed braces, trailing commas)
+
+        Args:
+            output_path: Path to the directory containing .tf files.
+            errors: List of validation errors to attempt to correct.
+
+        Returns:
+            True if at least one correction was applied, False otherwise.
+        """
+        any_corrected = False
+
+        for error in errors:
+            corrected = self._correct_single_error(output_path, error)
+            if corrected:
+                any_corrected = True
+
+        return any_corrected
+
+    def _correct_single_error(
+        self, output_path: Path, error: ValidationError
+    ) -> bool:
+        """Attempt to correct a single validation error.
+
+        Returns True if a correction was applied.
+        """
+        message = error.message.lower()
+
+        # Handle unknown/unsupported attribute errors
+        if self._is_unknown_attribute_error(message):
+            return self._remove_attribute_line(output_path, error)
+
+        # Handle missing required provider block
+        if self._is_missing_provider_error(message):
+            return self._add_missing_provider_block(output_path, error)
+
+        # Handle syntax errors (unclosed braces, trailing commas)
+        if self._is_syntax_error(message):
+            return self._fix_syntax_error(output_path, error)
+
+        return False
+
+    @staticmethod
+    def _is_unknown_attribute_error(message: str) -> bool:
+        """Check if the error is about an unknown or unsupported attribute."""
+        patterns = [
+            "unsupported argument",
+            "unsupported attribute",
+            "unknown attribute",
+            "an argument named",
+            "is not expected here",
+            "no such attribute",
+        ]
+        return any(p in message for p in patterns)
+
+    @staticmethod
+    def _is_missing_provider_error(message: str) -> bool:
+        """Check if the error is about a missing required provider."""
+        patterns = [
+            "missing required provider",
+            "provider configuration not present",
+            "no provider",
+            "required provider",
+        ]
+        return any(p in message for p in patterns)
+
+    @staticmethod
+    def _is_syntax_error(message: str) -> bool:
+        """Check if the error is a syntax error that might be fixable."""
+        patterns = [
+            "unexpected closing brace",
+            "unclosed configuration block",
+            "expected closing brace",
+            "invalid character",
+            "trailing comma",
+            "argument or block definition required",
+        ]
+        return any(p in message for p in patterns)
+
+    def _remove_attribute_line(
+        self, output_path: Path, error: ValidationError
+    ) -> bool:
+        """Remove the line containing an unknown/unsupported attribute.
+
+        If the error has file and line info, removes that specific line.
+        Otherwise, attempts to find and remove the attribute by name from
+        the error message.
+        """
+        if not error.file:
+            return False
+
+        file_path = output_path / error.file
+        if not file_path.exists():
+            return False
+
+        try:
+            lines = file_path.read_text(encoding="utf-8").splitlines()
+        except OSError:
+            return False
+
+        if error.line is not None and 1 <= error.line <= len(lines):
+            # Remove the specific line
+            line_idx = error.line - 1
+            removed_line = lines[line_idx].strip()
+
+            # Only remove if it looks like an attribute assignment
+            if "=" in removed_line or removed_line.endswith("{"):
+                lines.pop(line_idx)
+                try:
+                    file_path.write_text(
+                        "\n".join(lines) + "\n", encoding="utf-8"
+                    )
+                    return True
+                except OSError:
+                    return False
+
+        # Try to find the attribute name from the error message
+        attr_name = self._extract_attribute_name(error.message)
+        if attr_name:
+            return self._remove_attribute_by_name(file_path, attr_name, lines)
+
+        return False
+
+    @staticmethod
+    def _extract_attribute_name(message: str) -> str:
+        """Extract the attribute name from an error message.
+
+        Looks for patterns like:
+        - "An argument named 'foo' is not expected here"
+        - "Unsupported argument: foo"
+        """
+        # Pattern: quoted attribute name
+        match = re.search(r"['\"](\w+)['\"]", message)
+        if match:
+            return match.group(1)
+
+        # Pattern: "named X is not"
+        match = re.search(r"named\s+(\w+)\s+is", message)
+        if match:
+            return match.group(1)
+
+        return ""
+
+    @staticmethod
+    def _remove_attribute_by_name(
+        file_path: Path, attr_name: str, lines: list[str]
+    ) -> bool:
+        """Remove lines containing the given attribute assignment."""
+        pattern = re.compile(rf"^\s*{re.escape(attr_name)}\s*=")
+        new_lines = [line for line in lines if not pattern.match(line)]
+
+        if len(new_lines) == len(lines):
+            return False  # Nothing was removed
+
+        try:
+            file_path.write_text("\n".join(new_lines) + "\n", encoding="utf-8")
+            return True
+        except OSError:
+            return False
+
+    def _add_missing_provider_block(
+        self, output_path: Path, error: ValidationError
+    ) -> bool:
+        """Add a missing provider block to the configuration.
+
+        Extracts the provider name from the error message and creates
+        an empty provider block in a providers.tf file.
+        """
+        provider_name = self._extract_provider_name(error.message)
+        if not provider_name:
+            return False
+
+        providers_file = output_path / "providers.tf"
+        provider_block = f'\nprovider "{provider_name}" {{}}\n'
+
+        try:
+            if providers_file.exists():
+                existing = providers_file.read_text(encoding="utf-8")
+                # Don't add if already present
+                if f'provider "{provider_name}"' in existing:
+                    return False
+                providers_file.write_text(
+                    existing + provider_block, encoding="utf-8"
+                )
+            else:
+                providers_file.write_text(provider_block, encoding="utf-8")
+            return True
+        except OSError:
+            return False
+
+    @staticmethod
+    def _extract_provider_name(message: str) -> str:
+        """Extract provider name from a missing provider error message.
+
+        Looks for patterns like:
+        - "Missing required provider 'aws'"
+        - 'provider "kubernetes" configuration not present'
+        """
+        match = re.search(r"provider\s+['\"](\w+)['\"]", message)
+        if match:
+            return match.group(1)
+
+        match = re.search(r"['\"](\w+)['\"]", message)
+        if match:
+            return match.group(1)
+
+        return ""
+
+    def _fix_syntax_error(
+        self, output_path: Path, error: ValidationError
+    ) -> bool:
+        """Attempt to fix common syntax errors.
+
+        Handles:
+        - Trailing commas before closing braces
+        - Missing closing braces
+        - Lines with 'argument or block definition required' (remove empty/bad lines)
+        """
+        if not error.file:
+            return False
+
+        file_path = output_path / error.file
+        if not file_path.exists():
+            return False
+
+        try:
+            content = file_path.read_text(encoding="utf-8")
+        except OSError:
+            return False
+
+        original_content = content
+
+        # Fix trailing commas before closing braces/brackets
+        content = re.sub(r",(\s*[}\]])", r"\1", content)
+
+        # Fix 'argument or block definition required' - remove empty lines
+        # at the error location
+        if error.line is not None and "argument or block definition required" in error.message.lower():
+            lines = content.splitlines()
+            if 1 <= error.line <= len(lines):
+                line_idx = error.line - 1
+                line = lines[line_idx].strip()
+                # Remove the problematic line if it's empty or just whitespace/punctuation
+                if not line or line in (",", ";"):
+                    lines.pop(line_idx)
+                    content = "\n".join(lines) + "\n"
+
+        if content != original_content:
+            try:
+                file_path.write_text(content, encoding="utf-8")
+                return True
+            except OSError:
+                return False
+
+        return False
diff --git a/tests/__init__.py b/tests/__init__.py
new file mode 100644
index 0000000..9135517
--- /dev/null
+++ b/tests/__init__.py
@@ -0,0 +1 @@
+"""Test suite for IaC Reverse Engineering Tool."""
diff --git a/tests/__pycache__/__init__.cpython-313.pyc b/tests/__pycache__/__init__.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..f5c61d8d8f9a4784ba7c6a69d150ad9dfc91e877
GIT binary patch
literal 191
zcmey&%ge<81iLo#XPE%$#~=<2FhUuhIe?6*48aUV4C#!TOjSA|sl_D<#if}gsS0WN
zMGBsY&I&=PWvNBQsS2)n>6v+{sYRK2=?WqF`8j%invA#D<Kt8EljGx8GJFOZc}v;Z
zDkjJ^z&|E9FR>`iIX@*erUYnYaZG%CW?p7Ve7s&k<t+}I-29Z%oK(9aHlQAmTZ%#M
R_`uA_$assvsE7r~0RXSpGI;<1

literal 0
HcmV?d00001

diff --git a/tests/integration/__init__.py b/tests/integration/__init__.py
new file mode 100644
index 0000000..bb496ee
--- /dev/null
+++ b/tests/integration/__init__.py
@@ -0,0 +1 @@
+"""Integration tests for IaC Reverse Engineering Tool."""
diff --git a/tests/property/__init__.py b/tests/property/__init__.py
new file mode 100644
index 0000000..2cd0eaa
--- /dev/null
+++ b/tests/property/__init__.py
@@ -0,0 +1 @@
+"""Property-based tests for IaC Reverse Engineering Tool."""
diff --git a/tests/property/__pycache__/__init__.cpython-313.pyc b/tests/property/__pycache__/__init__.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..12b29ab024d1c3d6bafba900c769f5bce3a40b36
GIT binary patch
literal 210
zcmey&%ge<81ba5~XW0Si#~=<2FhUuhIe?6*48aUV4C#!TOjTw9MfnA(MJ1KGNr}a&
zDGDX2#U;fGY57G8o{7#1L8)b_Ma8KKu6gO1d8w&InR)37A^G_^dVZRWx7g$3Q}UDJ
z<5x0#1{r=!$Jr_-$Th$}CO9v#D9t%PB{c?YT1)}dikSHL%)HE!_;|g7%3B;Zx%nxj
dIjMF<Y(UK*=M{sT_JNs^k?|ITO%V%_0|1qTI(+~D

literal 0
HcmV?d00001

diff --git a/tests/property/__pycache__/test_code_generator_prop.cpython-313-pytest-9.0.3.pyc b/tests/property/__pycache__/test_code_generator_prop.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..dcca31bd31c4d3d1706c45bbdb4382f4ab0d0200
GIT binary patch
literal 53842
zcmeIb33MFCeJ9*=-!m8tZUW>GJb>W=0t9$~m&E%LDGS4qDUr_X5EwusfiqAyK#C)K
zO*x4d%I0k-*<QhlzX<kAV$gA(X?@v*PMo!r>}LHX+3bv98KbtcD<8Z5^s@T}6yz|{
z=IwsJe|2|t&!BNhjFZiCKcJ?%x~{IO{@?Ylxj?`x;QG(6g&zNZ9~Xol(v5aS)X3bF
zT@XGe#061^TjJK!7SYOnZKv##H7cBPh|Z|;#3j1$#CF<!$|HJCc}4FjpXfW~7yazH
z9q9ov$l{LEp;J|2)v2%;K2<GNvoz=F$f+8!=2Wd%d#X;XJ5?{%pK1^rPBn^+r<%m3
zsBkgZw^Qq!{@W^CY{q}X4vUhe{faG%=C9ZCX}{v?Mf2Ba`Lthg4f5Zw_d|=d3UOE5
zjc13n6#W;^JaKQ_*K3XYdu@G3^(R^^9%vGH3+oo@(KaC-e8|G{tw+97S`GRyMrGk1
zh8F2z)uKHN>pesr59sY_F}$TEULBA0TJij>ma6}@3Om%B9X2H*wj*bso<oZ*`UW)%
zzCmrgZqYZWH@rbRW~(9I*lQOz#hc=*E;jT%thKKHUaapsuit60i#2_ZYH|HHZjD=e
zT=C|M9q|_Yug3qHiw*JU#rpW#i#74qi`(MXtu8@`ue*pm4ir@H*I%sbsg7@G5+1id
zZV@|I3-LYijmT5S^0Xn=SeCoC#~E)|b9Z4Z2J}8?v3Lw`s@{m*3*^~k$kVexp3R0l
zJCNsotp)v;&H9%3)?TZ)vq8XJN0SiWw!^CA5O=Y(PNa45wB0OiJJPy&S}#lMLD~+U
zwuhzdMA|N%wwI;tMp`dV+c#v5?M=N3K=2VUH<A`duWh}QlF|dw(X=!wMF(?Ybo8-w
z^l)w<9X+1Trp44~PVDe{H*I=2HJlkpA={p4U;4?hjF`Th&Z5Znj_q5b-5p&Nuvj<6
zdMMaI!Ol&ayk51jOj=?Mr3dzSw??%dM7uhv&cU>p&h{fmCL0}6nnu5JW1}NuqtP)b
z9X*#8#T0sYIVxStj;5X}tD<X<)?XAlarglxPycA9KYE3Fo*BJXmVf)6=&{UjI+_!Q
zQrS#CHJZs~qnEBl#k7<g6Z_NA(Q6~=vJ%~Uq7SFUOzIL!rJouVQ>YweXvn0;QX-l~
zLt|;FtWeLM=*a<$Q)V!eMm{t(sx@ZXtsQ%!=TLJxbtyB9E=T)wmz7~I8<c)bkN0g_
zHfLjY*)f#4lFrI*DLp!x$qq@fGbKr5m(#NEL^?G*`q<&e()~}wEV5TZr$^I6n1z^4
z4$vI)DVD?9yB$?tEhowmwY%wLhQC70C5H}=j2#sFAIprU`$xybv>ZB;9!Y1BrT^M-
zF*Wj-Tzw=X_2;f&J_q{L;gqXBGMpNv$vaG4$cfivKj!}mY8KC7q~#hdXI~l_F|g8O
znGx9+?@wisZxB=UHes)~YY^PD%9aOY%h~s>$*qXjT&2DYXQa_&zfw8guq+kRgV{=p
z(oLJ}zMRP>rA$7JSn4S?mKq*;EOjY8+OJ|r8d`zAOM<?0?Fc?6B!oWWQ>4+Q!H&3P
z&yXOjN8irM!cB|pz+h)a5V1%S6^qLI4)3|xcl09<UW{i`;vkLwMfTBM98teScAKQR
zO{(iZCno7($H+C=y>B>m`O-k@fY^rGw%}h1BDgNx=z3w-bGts%J86CXzB!}_v4C9r
z#Mq^@m`$Vp<Uo34ICqT}kz8#^meS&tOh3lmkd{qdPD>+LeR6Oh*Z)LXOlrBbdsKNf
zCq5wu)aO@n!?e)q@ImH=b3@mX%9oHF%nf5=<q%I-Gd5r*t^m@Y>MI#>bSyP|Ifa#!
zP0Lk=CrYJ}OZcdgm(!!E;UpdoT*a*%x|+!j<gQA*XH{B4CWAz*gSS^>4D!z8){bp^
zq91-f#VD#1TPawNK$%N%Bi++Pu;4H~P-bJo@{;TGu3z;`_PrPqY29S1kPVB}L(7f<
z2t={&SoG}>a>OiREq-K6(!949@o;&oZ@-0Fq$>r=G>R1)w-P?=Q)vkHNDZ`gyIzRd
z&WdZ1D$;t7S;ckukzE;yeG?16G*K;56akjtlP_F-?&@c*O&)sglQZ?bQ(aRJ-R$|=
zzMK1g>p-Etmkq<))DOTa`xEJF08k2~6q}JKwonj5Ap0&~OKR{}_KamSPmU4nkpo&{
zl7O;or*$g3@ntaZA%{m)(4u|*fGsH_fbynB@iAT+!{;Ce#ne?aq9GgEDW(C$vi)v!
zK)d{iun(Uox6cU|_-CK6B!q-DVN2K(j<_Y^)CYXPP6H0Y#@1;`xD4qS)TjVr)ZXjC
zP&@MbPo#%|ccY`ZXup^SxQeEt^TB2GYG(AYsFco18A3M$>A}?4@Tk<0Z+UEVbVS;-
zZCh$2(~-&IL&~OxJBCx2_U!EG>6UF6UfID$H|7zKp!?!s3XW26jDq77oIoJE0kcPP
zs6#wSX+#}kDF*1rt(0QrO^WITBpSA;da<uU4qQ$>k>=AVegqj3_?Pw~xGua~C-_&F
z>eiL2SCs<cQn<0yw7FEfwiNCxMOtPeU6UK8>I-YTO7$CN>NihS--&qr&RN0haI#e-
zd$g4x(W1~1h15@rSG%ZFZ2pE3DVskbVVOTS2_YgpY?Z9r1j!l^PT)h%we}h7Q|tYR
z^-Pr@_%NT6HH+MsRZFj9J?@m0L3};=?Pl{^jvu3gV(v00G^CE0LwpELh(z7X;nCa(
zfznJrz+O%yDC+FL)<2A;TRWDe*B`!;9x$w6e6h4%*^I?(hMFv*M1z3IQ6{FAO$^Y1
zimQ`DgserP+Arf@n;@^?Uq!Q1w{E5`HYvW***o2|=Vi}S*Gqf9u=nepV$+^dC|p_{
zz2kGz)Hof^_ug>|tM*Fx0))@icKOSom<Ne$Dw^;S5fp0`E+9#{H0~^m&&o92%F_8%
z@cgy~((NprI>IiVpFUPg5T9ql78JVeStstT?B34qT^C$hne#)0$F-7C;R3w@yAm#Z
z`t;%3;`UBU+|ldEx(!dA01mc<BjJiW<E{>C!nMs3clSE8o(n!+gA-2`?$)05o}bue
zO?bCidaM8p{`_+)Ek*!gB$W}Pxj}u6M6W&uYATw`5-gwzln`f>dJg0|5$Jskj7iaU
z{)KEoal;o9Q|ln|elR0Sqr7%RG;qkOl+yjV>_CS%Z_7&CWXm?$K9UnhGdI=%GB_$B
z1A!6-58kF}jsek)ro^H2D8X&F2-*V+S&BIqEXLpteb;Ii#E(%mcG;tl;i!hC$YJBl
zD0rYs&BCF3%qiDtug|h1Rf_kTA)Szip5E9$GL|$V3;swXjK#p0h_7CV`DFV5aEBZ!
zZy{Bga7lKuCQ|C}CD~5(%Z{<kKr*HLT#~)K7Gpdm`;D(D(aKSQEBz?n@mgM#kOa|p
z+6S$@t@tF$J&k|qdkC%zcl<*As_(4ony%Y^{lPctns_u2{!VrKbRc&9*c*nZFZ7+N
z*tBoc^&_)RAyj>1TOr&!xpwl{<nDrh%k`tBV7M~rO}lq|$Fm2%V{dxbDO9g1Ro9p5
zHk1O9Qf*_YrfK5HjRSxd)z0gu-mR{DymsTQgT=_sQbWs)t9Jq}HB(JH)q%gJ4W-8Q
zcRY?7=k*6>gF>Lb;9EC2Jo$44Uw6UY&5(jQyvduu8#AEJcygfaUaR)aS3;vc4o@(c
z>IG=!)Z+N=Epa>Gft}X?<dC%)U<0ok=moHL3=nPPXgSPVuy4+?zB!H1L~9SV9uS1A
zE8zf4b0q-N;_ieCkPQ$j?lIikvmVweAq;kDHDtXPh!ka4!VM_qNqFPlUVGM;u=Rzt
zC;D%~r<IHfXYN;!;+dTCo3H_%`SK4M;2H5|74VGcn*k(evi+ls*H(lN#ORgt<isO^
ztL+f0(Y$yc1-lWP1FqxbqwG|OMUiObymwnBD~+ZgOGt|QkRaRf#UyXqD`60kJu#1L
zl}2SZky1lo5M>ATRTBHDoF|<HcSAh0>=0Agp|l*~um;SA!cAXeFakXH2z`e!zc|Q>
zq9g-BsF8?Pi6Lg$l0i+3h^?gz+LtUPbAt*@vpg=_04Ny2COfD#iNL4==_Hyr13XXx
z!m7)l4KpLdI@M+9+^13GCjO;25C9Z7g>da>`(C*4{DrBm+m>SOp6RN+*H6CTuX@w%
z{T25wx!?4+mTFhiU!)%2oyR+8a|N8&kIq&L;mGxqZ`QO-q`zCU{#p09<@?d~zux!d
z3tzf$yX)JQ;)YYx(bENY%bVf4Lj9KShPRF%EY&vMI6kpwGBp{WvP`X=iWI81jvoe4
zm{>aznK(F+nuy;xFn;8XnuhN*ZkevxI)3!c`t_xzmeT5V1UXhk(Se5G_=#D+5U88+
zHy8cQ6X(C{-#Aw*RCnBQ3AGz$R}22yg1u%wARy4m2#@Q_1_VUU=^|rofiDjn5aq8E
zHhmm8pcm=|Km#BVcS5l3f?%7I720zMIo-O@mA9^tKs-|)Q%3Mx7D3Ib$efq50RY)A
z5G~KHgiU(_P_Z4L!V&iqu;{je6bh&@*ZJyrFdkCwI;|jXbdcbTSAqO-$HM>#04Sy)
z!K1YSkkF%mg7XIx)*b=})%mj=9Prhw5+te7=x{nk00Ptv|GuJ(iHXuzl@gguaQkLX
zv4Cc_6X!MrIg#v3XCX_-WtoV>o<}XRtABWmgbWJI*o!d`Np2+8Q_w)cDg<SSgNRHp
z%_|f3EFm0_cky>kGF+`nM-=Xt1CWk=!#Pm<(g8#i8BY-%(ZoBPw|@SUY?Z%FJ=Ni$
z&JrcXQF=oBn(WabV2l#S5P%`PLeKnC>N0@EK$6%H***$crtIzKA~M+t7))b#l?vu5
zARbQqID(j0fo@*)MTpz<8(&Helz}yc8~G#^|9J`+FZl};`$Ys2tz{jYDb&q|Weu4)
zfujEp)$uw42G*+UK6~kf-1E8DHug=|#izsPuAh1%QvU_(ORg7PrEqmA9C<Swd7<U`
zmRqL^iARdzNAI}ojn2Dn!4-IBuo&1l?QEO#*lS|f9{{;j+xUg*msY*FYU;_`2aAmd
zrfcrIe&(&JYQVoh^^N`C4Xhovl&TmQ8_$i~O5xfYsT=X}{J8zC@T#euw;s9u<n8`j
z_Z6xRk2~IsL`!vGbGwkMRNqXrjCb4(kmjkLaW@p*4HFIDb+_KB7lN&`O@L;TTME98
zg1tkTY<#RFli`?-@Djf?re*G%Ncx;`Q4lRqK|=K?+TvExe$fHtkW*JBfsn9VbSZGC
z*AjPLbYJvb^b(niUmyMUFmX{2AQUN0G!c>ZEBZe~jeu<?H3s4yF*xJ}aUDGeJg+MO
z5>on{Chm_jY5&`QjSl921Ys~!TYONZ!E$sNJ4j`5408Qc)}RnzA{kC?L&Us=aZ9SG
zR@FK{Pa)w|R7C}+@{KH3JK_Hh;t@JB1F>i}HyS1JCdqvVq9>0?9bQO{?NGI(-X6d!
z<Hk<{!}L?^vz5eOL!!C3;{@gqJhp|=m+N$~)%kUr{wHe(VsKm_#K<mfYO~ISvyWCl
z#dZEDFA459ZlNqd4BEmI67D_{wp3giA^@szn;|U5d3zArz>9lPubtKFi#xLZgsYEJ
zr+T$OTkFwsAQ9*zIcvq0@Ga1av)j4{@{Iw2%rmW!Lj|(_sPLebL^yFr?!PC34_I>l
zyIrkq;7<kN0<n7R>LYTq;=-rnN`!jA*Ps839_tRf@;L6fK*)t%eRWz)|J6T0LPP_=
zJcd>X8C6`ZLc*_&pw_n(>NS*Vswje6W2px%=#%~?=DCAf8*y)kbt?##Y?Yx50i22p
zZ|_@hr2XBT#E1vBqGUXnsOq$^dczkWIZ!S`3sEgi|HV6mwO(nzX-Hc3TSop@!rzA(
zth}<-32&mB##Nuk<CcmsHlN85o5?CFZ<x#QJ)cXj_9iQuOI`|d8U8<Xg;i^B9<T1O
zv6T=p%)j{xizK{&3pM7m4f46xE|A2I*IdWeT74p-uC<yKthIUeD#}{RhO*T|j#xwf
zh(@w13S|b`jj-DY)QR3or=YGLtN`YW1eGlvc^ja;NVMD8_iY`cgEuYjJ2MhN|C^S4
z-G=s&Yn?HWxhy40x7{&G_Nfvs;)<a|vLO=%-TC0rr$(TC1;Stqb3T9?873Lbjb#V&
zRo(+o0YkgbYTALCP-+J-i8YgrS@PR>b6J+5CnkBHrZhyN`&rWVnA8C&;3(9F-cQK>
zwAviWop0L2ui!PP%Iy^N<X7|FaLlKVO|&f^ZPWWk+I>Z*-vKKF*1(=<=3Ovp@0a&_
zr_$@4v1%rw775SDZVlUtL^~?<<Pmxh)X2sp4G4H<`eAw^@BJg!NQM9@pB#pUXm}Ve
zF(N{-K0*pbKOQG9je+FF6v|G85|<mG$jprmlbn4-Ob!j_E<qa4s`DhJ6p1QFs5a7P
zr%*E+>&w!R96ZRPU`vjQBB{`|EEvGyRF)~W!JR1Y9jle?QhIohVRVDw-oXU(Ou?nR
zj7NQIR0yU=0=F+a6)CG6RHdz>gRFbv*Jv=D%CZrs=*BWA`{*5&PHs2ebSXE=Tl5%j
zb{eyF8=vej-t3ZU(S%OI8)6DIzm<(V7w$?)d_+lNE|?t$mwzOoCx$_Xe0C`!uwzB_
z{Vh5tUBx$dT>!nkzP;#<j(gs$+Ax`!uDWmBQQFu(?*38D+Rr>V?kR<vX2R==;dPTo
zr^7wtPDnnhS50(1*F5fgvvJGR!(Y2_^TKpv?|87(6rE}6C^mHz8n;b7d24l{^Zr+C
zh594oenXK`UDLR)6t15MZ~RVpBLpF#s$a=Jo1b*fM0<+Sp2C_Px8jAC-q%CDrPXV0
z_}-|hg*2nOZPqKSYnv6U9`EG(LTKY%ip^2**Y>xCcO8g~Kg|-~p~N5CJkRXBOQ}E6
z^2{3Y{0++^c%JbXQ<aiDb#gtcue^d%uzBL)nU=0%OIM+J`>m}7|NVDuXoh8F)lz@-
zmeK9#=9x9yi)*&e3O01|;|1J=w%?_jcPaR5C;IQw9<lUyDE+QeuzT?m^ynvA##tpJ
z%k?*EE{hkhVMw1_yz~Ty302N3t)^>j^IFkgR-n8OrQnvSi&JN31<T%sQp38LhRwx>
z%~MCF;)RB;LjCqxn<db5*G8|w8>1IxZ^M!lsT9F{?IOaNNu^!}@%Ymq)j?b{o-XT&
z+dyi&%p_APaZSV>0ojTx;aPyVwpS3>zO0uM*S6fBCj20-|577*27UtsEGO*Eh<K2f
zjzj>&we$Q}4Fs9XKr)yTavBT6iEF(TPL}Jh1QL^zR$AW}ajlm!CE@i_Ajn*XH!;u6
z3HZ2MC9Z=cqe}!;G9`4OQR|bTE^|UXq!ByXFUS-dNa8m^j=TFz$S4p{zHVC<q-`JB
z!c<(@aH1*^-V21Q&kjgtyuYC*CQKIQ$Is>`K;;cH6ujp%RHeP?ie`wH!VCp5M>+%a
zf6lt$>`y$TlFZeHS&3FmC2lb*Rf#Ihc-X*zRWqVElBiZ!TVw^REuxLR_N%P6Y#<vR
zvc+ohL+7ABR)`KRj%|~o+*k*;kVH5!f=?0NMpIHWWuS`5FfKbpbRems6;j1m)g{ni
zPpIl1MlXxMju#aHKm_s26iiV-I*s>(<y5ZtRV2!m));7O600y`w_782m6YWXykRbp
zNsd4y4J#Y*7V6FiPZ%UMplr{ynY?eAsU}QOJEC!AOhEkTvLOS7tTGQB;{Q!=_B#k-
zVV&p|{|%-7E(O0w0nxkSZ3@0Y!S7S>2NaMLQ2av*zD2<+6db1DRSNzsf>@3CM-(R!
zl1^}ne@wUkj)H$r!Jkm@A1ELRt1{e>jR@kOQSj#!{6`A@f`SqS|A~SE1x#{HaMwTz
z@~A=+?qoEaKERm)DT%p(rDGZfPoqRJGs3XK&PD#{@`%F~SKJIxDE%FRl~ajtg_{%_
z5#*y10TEcg>I2h$1@}fq`OUaDDu1uJH;zBe@07^vWobqI4i6^RS7gR5a-dghqC|am
z7NeboHC?yDh34*pyRp>XJ=4Co*uIz1ZG}*@fV<FMM!b|0Zpt(EK%<@(pxlsCr-wk`
z=|q<LU<ul7%4c3&P1jo2t8G{MTS>b$7g{<B&D%h|b?!tE*tImNb`$2*A=#Z|tW+{7
zdy~n_xq&e#R+F+nnS2uFs?4+_DTk8aGhstB4Aa$Y4v$^QBurwHNs*{KW`7~t5rgt~
z47wKCPFiJVTgQw^#MdYnX=LTvB=kVw3;UB?^(CR2?@<Oqf9#tPf0beskPuv&K=5hd
zj@9XK->DLuzG79^bX9lJ(es8QFoEASv(~7?TdHZCSdYmrHf_Ikq|ke&*mJhfbhcRY
z;G7Ll=WK#AO2Lj<J8thBv6xrXyl6#us#i2;$F0(7>S{m!`K2jD=l%vsD^XQkbel<H
zw~_so6)Fs`rnvY3DhoGLg6K7P%vBVNC_O4`@S4^TjQhmUkRNv0YYBvLsnUu5VW!%k
zO$raIdlWK<0EqIkuH{(9zJ^6r8rYd()Mj9hK$#(inGS=*6Di;%Qo&{hIBJeE#4LH4
z9)!%&X+y)PIL0;s=yqpOC<S37K7g8`=hzaZFJ?>h5^ZXbVx-$p5YJ0k2T*K%5kGRR
zG&VxeUrIj4HY_CjX~zP~SElITI{ioSZI#(|@{L|(mkHAw`U=^laR*sDwAQ3$sJINO
z5l6yd&K(`MoOlP~aZ-`ED~jVb>$*U)D0Z2tE<mB_y>o+N4{5pe--Jt}wqP#E&217~
zqn`UsvyUM6`w8Ek6QJY&oB#z~pyNLWI-c`A=IRKTLHfaG+0Or#fr__ZXi(~axwt7G
zqK)KUWE+4$-_VK)4*~-zPJe6fru8y~`VFN`coehJpz2{iv7%nCDr?8Im--m<-hrcA
zs&{%R^vbbhZq9MWo%g)|&UvG|oc{At=)ZHx{&QomxU0j#1o;6&nW(mI^k1xbH@+4V
zz6+d+2Txk{yjl!Tyk=`3;(p%SxQ}r*;6qi;CU{|kR^HH~jar)i3%;K#ytEMmXA{_O
z$$G&{|JiZNnV%>&D?@=;Fn{nUwxt+$p)n~thl>jE8@{H4zj;uyBhSq=FG`zRFZ^8V
z$2PYbW1B8M4HbZO|9;5h&#Cf$MF<bUzbb@>MxdP@b;YEZ_Y=|mifDe9Cap(A%?Js9
z2N!_%Lj^!Wdm9AcvR?t(AgZAkVB&KoAcq~VCd2O%e+$E;uuhQX?|R?ErTO`qO5jgi
zTi(3|o8C}ev_j9&t4Qp7&w|Z3Pj$K}_%{?V?&Vd)WGiIu5P)AEfqY(e4PrMBB=X{4
z(IZ`k&t72(9*6iDg(2eHPAsIbHxJPxGp6Q$&;!;D-A<Sd5a;s#JLMog$0z_VlZKbc
z$#*OI14V+~)hQ8d=j@IWQJ9`BjOo#|7X!)1`e{>>MB9L17R={PnJq;Qz9^lb2*Q_H
z-)Ybk(qALM{tLel-bnKA&c)^5Z#Ar*Y1sOD!`AT=rMlHKbsLLy8^@2o>lQY)fBDfb
zJzA>jnX_3p1`GaH@D|P6XIAwVSM}a*n_hKj{DC(kbvHgf9a#^iA`qNuzpvPSABz?c
zjob(7J`e<R5eTYM;XtquffyPIpzQ-eung|tGglx*4Fo~cE7>6X4Fo^i&2mAi%W^q_
z&zv--gRfYu^o@_3msZoYwt1~ur|v9X?UdWRS~Y!swe89Xl)oA_TuhvpY3?q9EnC%7
z=s8h}teT0eFGkiEsy9rY|7!oOEz=$M6}H|Fp>z0<1*{BSl{&@-LzOzKNvz3tB0{5L
zLL^RNO_q^SM6M8lgaP|0lTk+(BcmXkCIYYGDkGlEb8zeGtmpi*j3D}ohRi__f%7nk
z(98v!wuBc1k^TI$27<_;6EJ3o%*3h#B2?w-;{=$N!t68L8sgD<w=BUkFGZvVkToZ(
z?oqEek-4H?@lr%UfGkifNPLEo=H#St3>aBpLS8bmz)d7Tg6x8P-JBqf`x(j)Bz!8$
z_g|n5gX}W2W=cfrb~M_^1LX&^ULgAuDzXp8LiwE>(z1=?0LxLRd&zzr`g|C5le97g
zbk{$elPIq6G99wzY1#4#@ojVkD*S3q%&1~%D9~jel};+zWj_^9t9Li84F8H>N8x;J
zBFo!TG83A8-?}H7_wx>1k$`x$E>x(>p|%%aMonj9RSP3t#|K5Kf#o7q(E=1BS}7nQ
zp;1xX&7^};0Lf+OQ9+Iy7eJ2MsAxlYVoCOSA+%UgQ<@MWVZ{%N5KB#KU)uWlty8w?
zrY+;AORHL6+W-0eQ<3RaTgM+LMOGIh9SlmBqq`d<uv!w^sk!E1J2ia?Y&W?@M-RZL
z9IL76>>;5IhCoZzZBy=<_TFN9Z=r3^?N;>s#@30CPdzYo;C2IHoWo0C9FK-<%J2+9
zbB1Sne%g2@xiFqF$1!oMZs%x#Dhpu?XCH^cct`c(HGs*FfE7OhYja?v7fdk{XN}Bp
zMcmFXlH>df28`sq0M<^q`b?o~8H-NLuilCY%mqutp?DeW*GnzIGApqEp7)Bw{uT9#
zmqM@LU5H~O{cTKf1lUo+I9_w%4&fr&Nfq}SFp_59sAHtH+PoM>+=Ru&h;zlT0V9PN
zM#2n{T`F+XB^5V?VpaK*j1krN14RS}bsLG+qA)#zpbR%`M<@18Wk&G`sH0soegb>Q
z4Aw>mV;zbXje44|(dr|Hw4L#$u~vr2L;*liypBwAfZKdg6`~Cf@}WMXca&(``@S}n
z6(qi}CW<ZgaE+o`rscBWklSQSo9LiQUq+>8jmBIC&XDw4vWs?$LP{vUgFEqE3SOn)
zHU$f+x)>X%bAZc2RzCE{up^Y-PfEf)0}UH{c}2<PqHdE`YazVVWrDY~p;h*us#C;j
zX69q@4}`)NuaverN|zCQFl^Smex`YAv3cuE^NwQkj$7&5ebdeNkDvL`hBk%MYny7A
ziS-s^y&A`dJ)TXSHyqf^P^{kyOcJgJehXKVuBW;vgkk6tuD&tG9)K5N5B$~7l9f-m
z8f;IvT17lO7jPWQ<*9y_tbBMnaNJ_0Cj+dFd8O5K_E75-s}`G5C)1N3ojQHnJ+u2{
zareo>u2WDAowjT$ZQ3=p=C%d6u68e&E3`^Yvzk@rN=<s#hIfA_py4~Fry;WIO<JUX
zNx^@n;J;At76pU=#ZOZJnYAF29z=GJ=5k4CICoY20i_XDB>qnd+_d7VDEJ}WevbkI
zf{GI8zfz0>(h*31fJm7VsJ3&uc6-s$&6Gg5o}Srty146fVdn!y$C+7cog-LkY$>en
zEH-w{*>Fc{o3j=QduHvpztc(jpRzibA}L%}5O-YPgL1gNv(da<jicJoAnx>Xb9US+
z??rFZkAHqS)Yx1U@3;~@5%fXeL}*J3Rk7d}7Vje3oXQ%^x2*V9P=mQfX<6H7)VDC#
zC<UNV3NnpSE5VavfLjk5{8$~jroriR0BxBG3}yZWU8S@v*H=p@m9{UgR7#WhRD)Uy
zwt`OpASe9iu4bcTu1wIj!z=zbOqci)1(Otz?5>Q8<kAW!hUD)->0^QO52s}9(w%<{
znyG;@-1$e=1yzv4R2Ael?9S$Vdzl9aPNn2-CcKO?`~!{3Ic^=m8!kzGS`t3UDy-*U
zG*E`N6-fowl(k|itI$<i8l9r`k|}R=Ne8D$F>UGv<qcPeX{AAv!E45fdP(%F-i~Q6
z6ArC@-aGWiP|CD-dMWhEzGQAbk4xs{)HJpNbN*l%Qks9L`MCEIF21@~G#|Va=EJe%
zC>xY%9WJJf@*B#S@<lKP<dQ{Q)e5TK_`UL8Al>M*#q>+p)?Jx$%F85GzJy<uR0S?z
z4J((Shvqz0K&w&vg`~<4<&+!$9w?}Of5<OcqvUwV2{%K5{3$ZS!(Lmsc{A$s8Bmp?
z@Xv_-#Edb}^KfqqWpEjaBa&c23pGj-ENGGxEfgXZS}5qHDiu^vOzC<jg6ER=69!FH
z7Zg}Z5sInRL2Jd7TDzH2i)ntC#Tk6gsqP>YzX>syA|m_$&^uj4C6WOQ?K;^FuQb=X
zI>lMs=Y8sXLk|<p*H-wI*b*IrEnq%ewkM{G<a1QRc9{HB3eApClfO&BUs13k1|+zI
zwCtl)V;zxre@3ytMPO7l^@?{Xh3!gFwMt!Ocin7Xc$p9_sz}k+Fm43f-x;@&1ka}H
zm59ZW4=qhADDty~>zE|UbEkDBtj71d_f0qMf4O%m_0qO4Z2LO4P!t;Xmm-Zbk@jMw
zof)3}vQ&t)Plsac=Bx2rtEZvpAe(w9Jc^<FL5o-JBPfJoEEW94V!H@_Sz@_B$Fp4A
zW=u^7f3aBU8#~QQtLa+XyjHvfE5N!=jEA;qLF+A4NsG1j)wp?kYWfnry|voBw3<G@
zw_BBgt+bn~|AKAe>~zCsIPsV|{Y~5Lv(vjz7j``WKIx2Q-J9z+PF|U5+gEJcH@$9u
zq4fZ5g1DcggLpA|J2uoR%cLf;mfw2^jMD*$sM_DIJ$b-hM&j{Z5v|~s{?U+lE)a%p
zP8gz(xpANdOScuIphpqWWIb6p%P}JbQP#`LLX4REirFp-15t_H6X(BCZp||Q;9x);
z=E6wLmggG=a`4_0THFF;MTni3B0>wOeI-QEa>zeUaIL6UycCfeai=OM3>Zdw0V0A4
z3f&1`*#=Y(L;7BWMauG#zL`aeFY6!j>8M_fxd$~bgI=J2f4<YqJ|%<AqcFA`i0;!c
zJj0|1z-+0~Kf?4(#3xt5A1-JFE|`+!YE5vbrzt|e$WcwAM;M-3fGWzVU{#}NZxJ;5
zd(`fV(CAW@92||ppk!2BOZfCpsSy$zR7&p_G|Fga7?XHa1!c0)OQr^4?_YsBPcIjB
zE~B!S35Sw%hUJUvOmXNN-3O;z4!wL}s&CRhdH7c!|N4P~yQ$D}sMNW0rt|1)okyov
z9YYAmji<hFs@Qq7;BF|aI`&p*O)<2?WNTp|v}WnOg<7VH&4pSr+pPHG1@<Kt)+x<a
zmQ|Bk<Fv7mZC5M>*A`lP3Tt=VdbqIffx_N11^?MaHzB_Fjt2<lJ-Ox3d-AGd5*bnc
zcI`2%{Z)7Hn9Kg^#@b{4a-_rM3cvIBhIF6<`gNv>TEMXMVHbBgx*7Rg<~j)2MR0x^
zZ>3&)@yq;LfO|Ceneh?p8NepeDP-L+Qsri+3C_`CQ=r8}4q+KM2*k4lu!a#S$sufI
zatOP@2+x%FF4IsE->bJ`3Un`Uq^I#k9MqE$sb1Ptzcs(Kiio&0!Q4Q$te1p{^ma^p
zsgEe{9myf|Ql`DrOEJE8soWfGEm^OTL$<3NvR=C>{|Ub)rpC>TM>bhG#3Lt|y@o+A
zrWt4I{4Zu$xeR@dYH9i}^kQcGFBxYt-WNJCZ2Y2?JQPq7q6=t{%rxO-UU$(`whztV
zISj6I`bVLRA_rsKWKNMkiliRYIN;6|*<r##fnv8<#W-I$Zf9omun>W(!LLxYI_vs7
zxXr^ytGe5*P4ol)!=8hcgq=riN0eh(t+!nr6=ojbn8kXOJG;Q{u*1~ms}wMNd+&MI
zU!=Mjn%#(Q%rleR!MItr1<Yvs(YqkWx=q2qG>1CARp*WLaq37UHGWj?TQ(YAcAbBM
zH<7-DVENeiM-6M?lMqU<=uBhBYmFUq4tq5CgT{^<2btC0hGJyHRQPL+HyewQ?Q;$x
zyy}MK1@C9QZ!~tyI)p&WtbpwAdWD+$LVepbV}S#~se|Ae>8BVWmD+p@Nn$ORv>Ewu
z7Lw==YXm%8xq+qj0GwRK1IF<Nf~@aGGn1)<tfopMN4RgCY1vk6*;Z)oyyg4m;llkN
zncnwMVQ(L}%ebYf)U>J4xVf--`Bsil#I?TnjuivSeC7V(>f^P}SJzY_EMqV^uK!;U
zUEF&H6KDBYPvfkotP?)>;czW(Yl0W92tOM_!(HT|)eM(2YmsfB0BCy%mwDr3Q!leE
zBg9Z~ixcv*#UZ>_3QXsh6HFU6f1}92Ebx<V8Nu<PUKVfRWZOhsW!psD_uSfpQzK=#
zQ}3H8zAD3=Zo`|H=jIr3$()>JjeFD$*a1Tsa|;r$`K$p)(guB#dBGF^`D-K#DU%;-
zb|w1ehPB#!82ZqvrRl#5Y;Fh{HaBcH*pxiTm`6fAK$x6WWafcoHYEy+Xd-2X4sQ^`
zWjO96xnc+NY811`uEVtRAT7@GtJ#gN&h199PKe_3BY*oRFf6%npZ*R!c18G{10F=N
z02sm-cG(6kH!WvzG{F(%frD{tN2f^apM-B2)`W`i)3c8d`%@$00r}D8B8l=>X980i
zl%#63VQ|Z-)%{n5ENE%I4RldxIr#FmTWep+{aWtjYwyk3k^HHKCW~%oqmdOmiL8LU
zSrLUJq6^k_={XyIeUk^o@8bVJjjFRHW+=+`XyhHo(8p-rgP9|@?BK;4_$0z`)o6iJ
zK|et9&cx^Qt#D*te{Ogf4yEYa9kBy%Y1nTbq}!jMFZY&%r&eSiEg(=%SU1Z1iau(M
z%tsYs;y+RBFDQ5q!NU71)-zIKi5ZoT-=n4Rm*}LFL$G|J;U`YP)BZ+XOR?qP*RM^t
z9GtE@IPNp<vRJ?jhmjPUijhqW$KKvr>^Q+<g^m-&$O(pJnJFmATw!@bn<+Lehg7(+
z+Z@-c=_aUNsdgT!M@LL?ef@-crXf~rh!yHLO~r1VnCUrP>^WWNRwT*MQgm}Mx~H&a
zFWHywU&e+8M}^HzXxTP5KcM9kprC~o*E$L|Q_xGn59z`8C?Eu+SlZOk0}9A=Li#b%
z$<oGw?bbnaYnLE)N$ch{xSP|qSHnsMw|AoE<*Lfc;m%kNw|CZ?my48H<>1a(4!3tU
zt+?Er9p#iUpf~TwOY;lDZ+6Xn1W!JgRgUUt)_2j@V<XJBpoPw|tYb`SGq=_WEXP{M
zq&9QQo!|$o&D@G71S_5@X2r9C;8Mi_Yyic_a$+3rEYbtm9gc(LGVf#b^Iy{qd6s)3
z-4eDu-HX}sXimBp_s6}(n?eTla6HJN)${SvI7LMKzcAYd1D{{RZ5eS+iwhz+VeS$_
z<`WCQBkSP59IvZfnm{H?d$cKU#g)*v0AZIlbT7JK4FaUxRkI@;ARYq^LNo@6$0|xe
ze3O$PRwJZdadE*Lh~|U~wLm1qYVknGrhO;|)9S1jLN?l|{Z-Uy+^M|@B)D6v+>9*%
z39e~(%6DpW7Qx()mNr_frzB+4TQMO<jYnB%j0z{kNyw&`Cd#McGApeL*;dj^60+&-
znD%l3V|BfhY47w>OvtuWZk<tBDyPmUI6D*}Tfp!J<_wjKjvvAnC<x9BE==cZkm|KT
zHq>Y?cr?`@X=FdwBSBbZ5S#h)hYyy0&8jyhqkny(DCxj4vL;Vu_0O4q<cfbL+QEEa
zKXyMYQ*w4d*}=>uXE-YiChTY*`(Q;$Y$N!#jSIrc4hG=Rg={<&m-FOl0zR0k+Z0`t
zmP6VT728phDk}?!P}bsHEfpkDOY96!N%0=Kaw(arnj$!+xU%>h#r`!l;!zucqfQTR
zN48vHcg(AdBp#%$G24$A#r~EG7b)0;+l2{S#gnGd*FGH$IWPvV8jzE*(@5dcUu#rm
zcIFSOuX>c9R$75k6myT|R%!#oCH+hEk~vD+)?IXO9`{Uq{6{q#rfb^ZLbIl2re<5Q
zX4@^#bj_Y|4~`nyxNW*-+m{}hw7l@}XCMCJBjcVz&9?8a-#XoJ>`Nynp1l3!x2}BS
zO0nzcOW`k`91j#4j=hP~hW1Z~)`G}{56p+upCY-!L_(!UqO~klGi+GE9npt00ol*m
zm}fw8LrK@#HduNnonk#Vnt)6`#44&Zw%C9B@!J<6{5oY>U0U5Xae>S!HZ5vR!D@c*
z9UOkr`Q8s26h+r>)E;ZIzbZtIZLz;v??h;hUmpeCb<gqZ2f>u2j?ytD7XWc}6k$r;
zEY>mr+T8#NNtjo0F-&Quj#>#0`lo{_`G~fw<HR-^FNM)~sbyhGT^+Sly&R{))<RWB
z(FQGpnPjatorYP)x~jYuP!mB#q^OB-J`Fp~A{$Hu%{Iv8-c5vvCW2?oDs5!2K^&OX
z(60IF@+GRE?DU_1&|qa_v>4%PO1;k}8^raIGN*93TXU^<%bGV{3iB3-2Mu;C_oi2z
z##m9Wcq#NMXc%8}DvkR%<$f>2hBBt=Q~154gU-U{bB!m}-P}Ap9)TvD+{%Yl(_H_B
z<*zxjEqk=)s<NRWkAbeL&EHQ(xf~gDS_x8C^#E6u>@sfLQ%M>40U3iNl}1NAKy<<V
z6fok15e!5cmASj*%0MQ46@MEAVZ*ya+l3CgjiL*9c2~PY-bcpL-cKmRiw(qs;^nf1
zlVDoE>9kr!y$OQLtrA>qVt_iSJFN^dQcI-mNy{d#zC~~R3Id!dt(<bJ^h)tpSzYO`
zlG9q^VQK|l>(CShi;`91Y0AQ6iGNP*6%a5vZgk$Ih?6%naU!2ePFFFXE&VxBgsc=N
zFS1j4<%gEVy(_fV@~W&SO6$ky^YSRI<&ae5TJj+lfSlq^BB$LO3!%0AR*Arm<S$D+
z4elcicS`bi-5YQ0H|EgpP?Xn)x+fpvnRo=r(4B^wCk_^at8sSHn%0>$oy9es%<p*t
z(NHHd1>!!*702iB-U1ioi#tA7@>JLtjVq~(nkG%aP8hXUlvGnIT&AOo<^5Cbl{PEe
z<zHDhb0}Us6fYb+S2&j__#a-#YKc|y-a9^_@wkPZg!LPdQ|<O|IuVqSZ-g|Mc*Ksq
zgFhqRFdFJrfna||z5!m)^-q<2!#+BlY2f5%)))8X{%0aY;<XCG?&2~CJF80Aeak@D
z8TW)OO+x)ct-E_qesYrS0~2~i5tuol$LGyJ-kIm*0=6Y{>cnG^yC)>5$u4temhq5b
zEtxV4nkW>6WYt0>ra_1oW&~z6Hv<o^fWYKV-?cWe_e*7JvOW_+Gm<~PAfX8t;{(Y{
z*P`siUGA`uOVYM;RWUnhZgF~3JVjI!vp7?T%zuRu1(A7%D9e>^6jQsV>=08Wfked;
zZKnDoG+4~xb5`2UZ|BsgCf$mH9KDo|QiV~xt5I;Nnx)%OXXTDBY(WznsI3o2rn=Pk
zxc3CAaUa+&whv5Ph5jx|s49AI6RMIVf=|$SJ1HDneCoqdsK&ZB6KQ$?!9PvX^sV43
zjWCVWy|DK=#WVUZOE>mTht??a$S(D#7$UEQhJ$O^2{+6X9;upW@b5<~NuCf*&bPUt
zq-$++u_W^u<?+swN@|^*_h7QC{MFz-1I4YDP=uU2N-sS9+|$#Mb%pBnlZPgyFF*ao
zrzbCy=yJ!RqD!`cjqLPwiud$>P`n7tDc)01zug;(7nb;c2l~KeuF}IP>6Y9?!n0=x
zf=BK<aNxgyejtAx>@wTr#l()}InY+-Inb`}e>bz{tDsv+^`*CBN^j_Umdh}+UdmjY
z#CJ4<BD5RYFwf1!e@o`%I6Ur9ZRC80GN#xZwuCM-PglUMF2lhkZiYoY248==DolS{
zb5)p`m<FzWX$SSlO|)(zMEcP4?)%xi^Y3G&^X~s?%sX}t{BPBe(2HI3Cz$0U$Cg||
zhtp~3jGAmNyET1zWb~Tiv4qSC;glYR7|i|SKw9b-Gb3ap*CDROd*hfH>ss>P+_i{-
zA2V>Hnqb?vR#AVFZ66az5xtl9YFau-)@s{WPxL-OwKpP)JCRSd+_U7_c{U4J6B@c$
z)?B{cSg|3Okrt9Yysyi#^gD_X&<~oCea2c<FI*-nQiIrz4FMC!F&$`yrC$KmmkH+-
z!CdEJf;rZIc<O{?j!%{R@Q0&)$VszVz4s9vbPN--JUZw{k>>HkC6E;RpW9#XpPM|y
zf?{OjjQ^bS_nQA4q-ffm5_uhI-8`+R-_Zj#^EB1Q^Pt+PO}FB|cmC_=anAXHc%fab
zp65UWnW!uGJ$GNhe}3{33$Pb|#(!S<d(D6T#(n%wiM)<9bVbck)bHqlnt7UP<9Sf+
z)Tvw2?>+VPr*1u7xc{StO=@AD0}&K?$05|TD28X>!=%&hmN#i_E$B^af}Vmj5XA3O
z@B<2HxyUvgM<E`kkL3&neH5Ih;D?ljDmU2p?V|@2kX4n`grLluR@IK_s$E6LZv99V
zveh#jsdD&sq|mglShIi5X0+Suowakjy??xQ_#BT|7I+zY#H|T?=j?Q^3>ytrKL(Ls
zJ~cM?DLgSV3p6Kx;{2#+(RI;{GwMBYJ5Hwef}FyBY`F1q!AQ^=H#g|>FH*wXXfMD@
z1kKLELyO+HFYb>Adf}c(?L*Mehmh%kE>%m_crj>p!U0;V!eP$UIJgGw^=;te$RqJc
zlb{I!O#4$~+Mh_gR;(GSi`C1_9oWeM9HW&P%%sJ5Dw`S2<k_*aup!J0WJa%L&H-}e
zzoc6c_Uwu3C8Cm{2&t=BnI#MedyEEznd}H`(D5b0tY?c>T{@ZJor-F9E5Nv{0mGSS
zdae#{zTxLCq_*Y{ZhbWQF*VY;wKw^(P3y52fUwWo-$o!#Qb4!nJj9pqwhQg}NeF#-
zT6yKV&CLFCN1%STYLk;oXp}e<$Ydm^Q>R?=q}Pjyw<Ik4te|$S2`l@x8I+TDM)f-G
zIoH6KlGazIPS$&B&Ij;POpd%%ZvH77M!>vYuBL_$bFO4J2M{~dp(ABIJIh_~g*ku3
z=Ve82%1hx*olEv#S0-zRpg1o?v^h4EHZ}cA@FPsL6$BX{`F5g%JdX~!W1f6B$@G+y
zv7@QstEp=e-;A@+chK>EjrzG7zpwW9?J?{y$#01c<lw4-jy+@wXVcFtsvd9n{<Sjq
zNG4~Dn5&Y__OzTk+ShmR*n@p%k|&QGJ$vrtv6Dypl6^;yA3g8=L<j4N_Y=$o6bNB>
zi&9j)e}bXBshmopY<77W32euULiyhGiL`3uriE*l9jtPNc>T9j{P!vN0}8%L!5>oa
zEec*iaMPu<%m`U(UfFiS=+L`#%XXZQ%0Z<=6$-SQQJ~tm4;TQOwsFXCz_mKM3K6P9
zSu?n-+TtnT7eZVe6fRuv&jEZ%r2fV}6t{qrBF;^RH;p?>p~y_AqZsO7a-Eq_PchWP
zqJ>b;t%s*W``FEQL;JWz9h2{rf~}K1Uu>URKXv8i<1k9=-Hafxg~@bSP8hT;AkG>e
zH5W*!>GK3qg%CMLH<d{Bum?-HO1ky1d3$QQNqhTP0T!^Q<vxnofG{ej42#g@+wed4
zn~Pu({jf0|KV)r?C>>7N_xu7RN=94}1Fj&_m0f0jCV?xg2?vuY^_1zPI9@R~6)%IC
zq?6KH@oVkrzcAb8m`{U99Ci{u(@UE|-1((R#sn8XE9vE`vUW^+sgEe{9Sp;k>YZMS
z;jks%C86W6rE(f@m}<)AH1x$3@4>Tzg8AJBd5325?NrT?Tn0>{_rV;KaH*a)Z@?s^
zB_d36Zpa7cK<x%hg1s0jGBJub6zYs`+_W5k5Mvt&F-&~?L2Y6@gz5mZE7B~um9t{W
zI7v(*$k)d->TV#aNHLVAj0V{XApZca_1u;4dO<5{T7{bMK!MuI5fi3RJ446M!r1@`
ze&mxRE%?BI+E~?N1e=@Z!DcdX-uW+|X4WnfuyBUi$;3m?ev(;(yi0fF0!J}<!6Eib
znY@s7^L)b<HFZ&w7jj}ZzoeR4Ve&Gr^n`Wx$Aae>4>Nh0fJrlI;C4Ey9Sp-Eg-r(w
z{zHqJzOdR9#*##b;!Xszx3g<|ch8QUyLR`A01wK(p)!z6Q_Dc|-y!@NVUN+k^)td=
z83ziDY}!9GVV|(Z6$cDg%^VHo#&uOt?(-Ug+iV~h27Up^PG^2-?N?kTtfkk$S~8bB
zh8j#!l&)S{GUo?T68Tjnk=KCa^mj5xa@=OzfaHi>a;XZP&w*tM<PV)>vIdwrNX&KY
z5Ip>lo1Z~=fE^-N<I-qmcv!<oB;i-&4LWJv!O)iY&j@$5M#+I5xFsbM?K5K4Y-N=)
zv4)r;O!r5a0|oJ2!tGgR8-c?waEvo;$7jdmrj(-j6P&A}iWjh(FhRQHST`fF=D{n0
zNs8GjY$IZR#t(@D)FV32Xt`{U>{2U^`6}@#6ULYGKSrB`PTgg#a?U%+|1>m<Uj@@D
zPJLL{;kak`8XWmRAf#_rVxw!|ZWO0J%R#xzuk%U5y+6XBEXWrDacO)JqB>uM8^#ym
z*WioJz!w#EKU(l#V3>`e>xI1C5$A(SDoje%)C&B{xFKY&K(Oc)tK$w;v`{<5@yu^W
zO`X>cxFBR^0eeR8c-NsN&ANq}rir!B^|FpA=MS<d&O)4yY-G{zgp}XcLmN4{V#NFk
z_gL8dK*4{8jgmrzaH`=(FKfN>Rp|ssbYosJc7AESGwCo(QfLT*BjP>^NIg8y1qmY=
zj^PRH2_TJgAV%te%1h&-_FFV?JOH2zuRdy-xRqSAt`}l9<+EokLL7Mj6^ZK+NK~ov
zC5UZ^%A1!#Q0^N}UA{DsI`Ao4wyRO<x^UykiSToyFMRyDkALQ$&(!x!g{Qi1*4&ER
zTve#=na`&ZVqkChGij$FXfyXSq6n)(z5X!~MNHaxP(j_yi4fya#dK=mnhA!UkG++x
z$wtf_D8t<5NSYvmIEX-+C(+x(Bzmb~)&<&qf)jal5<yDB0|U@kT1tyoAeYODNhx!A
zWSA5z1M<g~@p*sn>i;<bgze}w@K}|pd=J3!gW<8;fr9_oKT$MBC_}*t-^2Pp8>?Md
zq5KXqh;tM$LW+Q>+?WzCWnl9NuY`*9f__q?>7i?i*7;FdN<$PpLBSO&{X7Lv((Pv`
z_E`$9(CrT?M%_?4w2@*L=>Y}jXnwtjsP1KEgF@^2FE@Rusj%hv^x6{z`|9sIyoIV*
z(XmO_LpvSbZ`<Ys{BSkx=2<&#?^MC*OJ#0{!+X1XPQZ^bH*T3Ln;X^_T+h2E!&7~?
zw-l?67ab?`c03O6D~IO<{P2<|Ewgsq->E}GO3_ldx)hG!?}e7<TVQdJIA07ua>r#4
zJMX#$SKyh!VxVW*x#Nz<?%Z|9D>#D_-RxK?bl}^Pp<6yYpYtPC873N>ehd}A2w~GT
z_XPxIs%EH>;dxKP-*Fq1xh^nAkV*cu&V`D5ME{UC=9Ak9CY*!)Z8~)+GYpmM;oRlR
zP{~Rsv;3sl!?}TU<~dA%{;RqscE_Hmu^6`8DdorugYLJqA4Qi?$nG>MWC6KyV`6`L
z3p)=)ujj<!2T*bU@EELR0C?5L6#iwDbWtLhsBCIDI+o2mIYt_$Wt`T;DUtt%cUwq2
zvrWj_bg8*EXIXo~-lxqon`|XGzmEGkbi^%v1imY-xE1~u7jVO`)vhs;IJ*g+8DS3^
zC411g4VHmi8>v?d2OZX|`~0W(B1vb>q3gx{QX6b>cBcpOd&l`t8|3%*{@iBHikHzl
zT#9ZcZ~zs+OOa><=i+dIz%tG$f<Vsj?&gd;*K@9@SG*K@rJvpDHMC}G^9dis3(Q{J
zYml~Ueu=%RwB5IYb9wkK6m9)L+8)SyU{|<KwJQw35AliR`61RnGJMeViRmAsqWHy`
z(%yNjOE=cshw`2%b^@A$NqH3&#jIi%?wA)}qXR{es0?{<nUG7}%Sw*(HR!^2#sW=p
zpa-vh40@TkQ6z1eMC*sSQCxHKweAyBsV{qe(}T!+Vh?)qzIR<T&Y%{Yx%@Wu+i=3R
zy0@85@Cm7nBsE2=FEu>OJTU{_iZ;}gUuOnVacZfkZ-r^guW4hFpFubx94Lpj%ET;o
z&Vg)yJeSET4igWftIIK-<Vt9WasG(P(6M*oA5-w}DERjj{0Rlm&}{u8#jaC~iD+CD
zD<Dmx&)pz_QAIH7?&W1okK!rDI7WxfvDHfE{PQ%yhtbRB`$xo{;QCcBWS+|u*POhy
zbEf+Q*246flhbu4$9>G<@>|hOQ@dw2?=NoNU)Xe@u=>972TPIGVuW@oRJu#PaUV;B
zqL=wAb_buig40I>!E%4ZYOZ<ij@5MLRuL-i1ximo!P=NtT1{sUNy!Y=dLUS;-f`=(
znVlz!J5LmLoMaAPu;JMf?poaOp$qPf=X3jnuWb0AYX`Qx_c)f}N9&1x;74a1B3EEm
zF0MtZ>IE0BYmvik?l&HOZ%wc&VN-r)0i3`@g$J!ZAqv?_?uCTs0gGYp#c!118dDuK
z^yJFki)#ivYrp3hjq6)igwc2@U^L@?QggQ^#vK(_=CR*L*x9fTqEQ=n15PyA(Eto@
zwhzLh?tw6wlWZUn=xfnx*MH%lWq}g`y1Cs{Hh2M+2FiupQ7x|jYFINH0<LzN8AZY-
z&YK7!^mRM1f7i4x3GBe+G$0&)B*J?DVD!}jx(rmIVPwqLi=VBR0F^hanBYBMG3NVd
zm!iygDXf?v_NU%!%8c(aUC}z`rO>NTyh=SRsoF5s>-E{zV&J>N3$31bbs~t_jwHee
zYYeAH)G{l`x<s`~rA00*f6Yg<b*BA-O0(cpb?ccyl}fY3>hmYbF2YEnaGpmyE8<cb
zbOD{CF5wZJd`Kg?>;SpP)2JNf0QQcvBH)uCei;E=7^g&>ZOcv&5^qxS>lA#If=>bk
z=DoadYu?rxZ56+ZM{t*I*$1K~OgbSt9C07h4iQZQU(AefN{-|t*>h<)*Z%}X6>27+
zVrNFcwB=oG(RMtG<~PLP6fZY6JOFuFx<5UTuIRFoO}4~zN+uSmJooT-sn3jrd6i<f
zDfk8ji`vo2_Q6bcK+#4WrQAm-Ap5&m%@V}TFH+7=V~~_nC73-2qj3HsJ@^X>SWm{0
zMRtu2G8cMsKpm6RD4dOF#b>F!P7)DaX(WlXxT2j>j%+tB0*y{35g!elq?5F)9r=+J
z5ydO1`WBH%)d-ePCMl#))9UflrP@_9wVS?EyXl6d;@FATBil=@>u#KWqo(nWOQ_pC
z>lNBI7yO$h2jCle#;^Xp=HGN<FTYbFua~72^*cP69H_{QTjY4FZtYB6tXLNtKVE8D
z`_h)rZ<%T$XV1rqJ;w^&#|v#IrkhTVpMJA0Hr4*Mtv9z$*X>5m)$Mes{C&mPeTDY>
zU$MP%{FUBsA1pMV9Y0fQSo4zq^Zv<?-8wzpaR2zpw<4=2agc`Md>U4WfgtyEePi!r
z<Fe?yz2=k}+Z7uKE=A`lZOo_hl=MnEZ_T88Cc3>C-CkJJeQVe4y|=f5&O2e*S=xEu
ztqZTv3G?B@bY3C|Q+gRzt!j&?CcU#(qxzWK@N6uwu=tY5K*Q<sKcL$H1wT(8#lNE9
zhjd#ZfXvea3P=JaT}6&1{9Auef72~xeyVZDMTtFgcHAn`KGq$^r0y5rLT6<6rLoNL
zXa>IM3G&E|$&qU$MDIvR5W*`P@X}Ys%xGHn@FdwKDrpMbBEhcgeeBvu4vaR;14K4d
zcBG093W%f?NtVRqw{mSJ)sGJ!$HqwM4wWqj25?gb@*m2;n_O+obs2KFVM!z<xJbxd
z8F(T+#1I99z(qQTOni<4nj5(edmpYqw;(Ee$~3vM+%z(r8U^mToa`q-b50RGD>COa
zm1go~U9>zvY5i2AlMctp4T?007`I$*IGxH$aud^0q?3S=qT*1C3$bPYK!$nxhj-Al
zBtA_Ay{8k0j`p2BdhTdku0Q<X*>eX^o`uo&gMEij9F3prJ9zHogJ)&O!81p8_J}0@
zmhDuB_z~*Hd8)tzqy<ETDG{Hf#7|Q&LBUhB)_#>@|CIvrEzY)GDN=AY_2sKmcJIT`
zjt!>|h+jfx{0Y(@W1ZsDu~_a{eHQ!OCc$F)1>xsCKNj{*3w!@kX#277(W3CtyH>Zw
zdRIVjhl1JFLR0fgYhGM)vu0{|I<|MZabH2GE48e7DfwdZ=DEW5L(^LiPq!Q?2u-Et
z)h|8x;)6Gj+*&ie<=}Mlp@PszC;T+ORR3aq3H)0iguh?;*e`wTmbdUwq8NA>GVUfT
zWZXFHZe!8YI&EDy>k%yVkl-tAz9R%TS?7dclMQXowhF7GFFo?&BPF}@UmX9`@f#0K
zR!?2}+U2iYF157Xe(a9Ty3GkKzr*!oh|I4PgKg8UcFKDCQ>Q1^PL37rTh+UtKQrfZ
zuC}7bv(-X<;|saxb0v@OSL%PMzFZK0tnkpeVmN_LdUZj3@3eDI$+v;MPVi3HQ;&Kg
zv&}+NSE;I{)DoL%=_$7Kls4^|+0<9u)K^;HJ+r>IxW2cvy0z4{`A)dj0?YF1SsQ-e
ziqy?I@QX3>1!r9pa|@wWvmT0hg@*Q7AI1Daq;)nxv7ivHy)pWnZ#G1CRYGm!MC7@X
zllEfG`dO+Nuj6d^NrYlO!tQ-{96o9+QmENj47JVLaQ9ZEzR<7*$0Oac7b88hlmV?f
zYk%URShHZY|BL2ln(tUQS$Y6utif4|&0?`?51K8t>I1}P5AgIx%QiI~vDrNW*2nP|
zk54^xySmtn1=D!9>a@k;y(3U~chGv)VyV6(P<VIP`l!VcydzL}_lT{}VtK@J2X+Pc
YxjPCj355{c&07vwg6{|j7`XfY0li$o4FCWD

literal 0
HcmV?d00001

diff --git a/tests/property/__pycache__/test_dependency_resolver_prop.cpython-313-pytest-9.0.3.pyc b/tests/property/__pycache__/test_dependency_resolver_prop.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..05b0009d918b687b5b2e3e6d6eb672cbc477dad9
GIT binary patch
literal 48993
zcmeHwd2}4dd1ucB%+Z5uaFF0N1kVA98ze~Z5=c=zB!VP{Bf}!>(GVDdBY`teHz0{{
zlqbD-ZBTJyNR}){)<$$TyGz=737zLn^b&2NB+h1Y&u|C=>d;>0*yPbK2O!AdllG6@
z-&fsT-2?RCpr}}0s|nUrRoB(k)!$uT&G`LZ0awr4#g9D{5rn^^gns$8$jq-e1mR^N
zEJ#Aw7PdcVlkDu*anvc>gThglR1l;)jt2{mx+V8fkK{S(mAov^i9DYqvbgI(|Is3;
z=xDK2e6&O=Ia(@}9xao~js~Q_(Q>K$XoXb4$`w3Vd9+HZ3JN`9SED`{<F`iWS&si@
z+iYr{{wr0_TfS5;r~gVT<}F{Om(zcxl_=kCj6;vr2;su88~1kWImR#UdBWbXZ>K#h
z?sRnRGw$fIu)kX1Jp}XiP!uknr-zbxdnh&aur_ZGh2gS!dI-$hL%FGkn!G(!%sWe!
z^Y&0>>S5h#LH!rr8eZ13KD-?NtMPwD4`MD%Y}j5`h;U`k1}(O#r=(R3udWszb3SI1
zHip-rWC<&|s;9iw84l7NX%j|%LVqvDZ+I>G){;^vPnjB1nc6&M)|tv|Stej@tgjZr
z8@Aci#-*(+ZzJ+H@w_^gw;6dMo>$NEYLT~v=QZ@(Lv^tO_#{q9slm83bfNA{Opf;j
zhvM>(96Xznf<x!x!TaNb@nl~-*?S?_6_-;3PsXKsueY}L;n+Z;FNU)1$bVuuA;r(f
zlc?8R-?SA$3k9tdY^$yHdbKVRahWwA?`!wg1@(S|+uP0ENb!N#P$HF-&m{(f33NS_
zIGgBYS>{S@?ZE>VdI#dczW7kQmnsB%Q<8*eGA_&Jk~`Xir&5EdfmA=583?ANzPJ>8
zlE$AHx?nE2vppC|O6pVg1*Q1exP%ACn9sy}Q|HlBY$z6#Q^OMFVSb*BNr~8*fw=6w
zO)sP~<WOAwi6`Sp#VyB&h7!qsSt*Fg^6>e1$fkJZAqf-Kk4Xr*mEr?~!yQuZxdaV<
zSc)sf#!MfQVuR<DvilQqZwm7r@1vQgUX_v)m>ayB^9QJ<lypH6F^f-PmZVb`2IES(
zUb4$HiHbMe8%yHO@W7A~FrKhWe?Sbb%;=q(px1mGFkHCZj38uJY!4~6&Jjnnt^tYi
zr)by%33(`r_d?^qGv(x-i%GHGp|~VtO5EoY$*7zdi6a(!T8qU72G7OL#D{t{kWBL@
zP>1w?rVGK#LPY2?-$fo>`iB*^wf76c9@}O$TZk12LQptO_1P8SKr(D^e?t(~3s)VT
ziXfHX?p3?u!rMp;Dvp78@~Ta-$ue~nR5}i{_jDaRal9v-j7et?r267L?0e`L)IJiH
zjP~)bA}VRq6{QmOgBKL{?t$3(GkvkWQVp66;s4BP1kVa%O|P`Q(Dt>Rm+dd?n+P=j
zs(hvCKRtP^^qXHu2byP4Lby$1xJ`ve?9sZMsi7~PO$|Nn;-&@<Z10p-p!`*vv<g4c
z8U*TdN^2=i<6{Bg%o)sI&LCghC#^@;ZR%06MRSJpF~2FP8huJDDabqKHoCix0yav5
z%_GkGy7q>gf!@`;N%Y7Py}A6|@1?u76j1kyXE>R7VmKa6^eKK?5%jf2hv<`ZCS&L0
zN|6+M3QI+YD2g{Wg!Ol37>i3Okm7&<$zFN{{Spyj@B1<$FAJw>Ww0w^iwF_>X?iYp
zbvgBz@q4;Jk9WECnDKj>(QlOQqF!cQVOzv$d{ljC9Tb*5>}a$_9HxBq9~2sduydzp
zy%2JZ>^U4C01^ofrGmXu96%u$3(kdK!KV^K=Yn!PDJK9n0lCk{0F&hUkyYo0h6d&K
zhKAT+qCSxX<VeN_>IY(H+PAm1wkVFr;};YcK=yDv<dK>%WQmrnM8HXL<HKVRP$?bM
zpra0!03Ksz80!Wq8%&{nsg<g?AP5yo9*X;@Der@k{Rg``51u+0mS~ogssqP6PjwvW
zJlGXI-gV&c!SJcBj#EdDcS@iZ1jW^H?EdYoA(uKBHY^$uYnSyP(<=?q#XdO2e?Inj
zoIwm)AJToe+kyY`F$B*F@0SST>dDG=lVvL={iU}`S51^|&XjJxRb4w#y+2dE|5nBN
ziHh1xMeSs1<78mfM4;*NhAUO+wM~;%8z!o@Tq&Clc*TM#!Rso}7Nx!t<(zMVo|mmH
zf;2g63vU$f6cl^dfj3*g-fWx2n>FxB@T`<Nk9SSTAecG}q^aS@`jPVH#^%<##-_Ta
zZKs+V+glpj8yg={JOoao=VJ1?2SNoBJ-y<7DkddWWEq#Flq4%fG7wgDC~+QTW9J7I
z5wG}cVj#}yDc*z}9gImsiP%8MCK1m80LSLhhPXD>C2Xo$I~WsInRFC4AI5)qErMr-
zzxP$pM3)98i%Tb~>Lx3KlYwQ^{z96;LTv_fri~T^o3^i`8v?;K!f9lwR~P>v^&El7
zH8zzy?K-)hv^5AxJN`RP^N&4Z)9(g^!><ZL(iwI}oJB&5J?V-#x@e)zx*{&UMo@@2
z!>;z11R?f_u(%PqPSfjW7wQ)1<Y3rg8fC$(XX5}vuSw5ldUgviQX@nh;lha1$+2*x
zAW{%^hdn!;`skB|$7wDKPZ#U$MqFX9`s|TH5ciIxJ7Tw-0k_^pP&oFQAov8#gdNLO
z9QngT@noFnEG$Y8VL5A(h*}UM{lQo=80!V`nCJxz;`D7lkzF8eyYw|2j7f0~ob?40
zNtJTkirRg_c&zsvU+h7w)?g|*aKWG%z5GJ}6&)K2J_Rz4H+3eCfy9G}q2OkK!eNPq
zlmy@;a#jx2dvDWXx=o-Pgo=mACkFZu1^uK&_4cC@6=qaT=c%g>sghDv2$TX9B`Ho6
zjp7c6m@3?JD|UHEaTBoZ2cf38q*$^)4tjNvCPZ<dTg646wXBFTKEi=`Uz9#}2DL&S
z#n}gxrudV?=Q%)=)$iGn=#v#&LU9ZO8@km3XJr}(LbpC}nbskLjRt&NqrDa0VwAm;
zs75(okm9J*i~sUCf@g*4BB5gWYh|ymcy+~<C*JJHEZ>_g-}mgXcT38iJu>MPpFMEP
zUpBVqrho0IZL(zfrL~s=qp4BHq}%sZ??vxe%U6o03Ix$V`ozy~d#7r}Yx`e+@YM&e
zt$j;=yXo!N?_9{NJd&+CI(qn>K-I01vRB+Mx^I<NzH<D<<ChOyv0o{@d?;JKb#m1P
z`dhJP+T$uMn{gDD7hSx6s!S-a9KHYV1HsA4<&%M`OSUn2teOfHI?KJI?kTU}DVuOF
z%ea?aT6WW2Gu<E*)l4-DVny0n&LDRV+#$@w;7$+T^v48ub}SX{n4pL&>{7p3ppF83
zvjus+*#gry3!w=6W^>_49vB*dpvVNB3hxDUGGLAsB-Tf&|3(S{k07!!!7jH^?{q2N
z5W6BAF6lJ^(~o0rJ>3@x;3vJ^7sH-9#H{Mnfox-?eBHa)uh{(u5iiBM%2@L`!7gB-
zKFruLkR08$`AS(rPf;Hopyx>w^z@F5&IdgiAnQ#fhhl(*fN2Bq7$N;602@IrK+Xe<
z^pgR4Nt7@b{u1PbPyx03`eXxGLMV`8uo)G#rlg1Pu(yehl{zWFFa_xp1&}!kr=%{5
zZa@(7N`%y<&rr}!!DlJBj{-tbQV#;fNq|fudPfC*e(7@*|2zd96htX_l!6!qeFzjU
z8;i=Y`qg+M*_QzGuh<?_3T3Gm<o?r2;ZXk&i+F}&Qh%J{G7%*lwi)nkHMNrH%?sXA
zsP;Vm%bW3X0p7%q2;OeZ20^RxfuK@=py^7Xtn#HZuRQ+Z<5xP~T$QOjlr25{?9q41
zm)&xEzv_P8eM>C*>hb4~zjptxR$P82yLMZ4<@T)DHd(QT{sL8ifgUelU`4^R$KEd&
ziUKdSj6IVLY`E#)2>4sJCR0{3T8Q7vC%;+o#=0x#v$eZ3!QGj%J;*Judf}l_&!n&X
za(`xJ{lv;WnU#CSeS0Rwij25=LafV(brWK1Mr^(I*_-0NX`fKEX{sn6#N?FP&whLm
zbNNys<}q;Mi-&n(R}Rc8V003F<m`%YSPJ+85pmKv3np5yeKlNiqJRCw<<b?yXBIBd
zXioQW7tw8u{&YtQE#U`;a)2NBdg!SPXqZFKj#!M%8p^v*6P{xi=tPetUFw<jl$La-
zi7q9H#;gl;X`%l75l=)FwHp+v*MQ62tu)<XQKLt_VLx!2FAr|>>1|?0eny><?oF*k
zkrs^{=P;F%KEbEX5j`lAP%&395M=Br!NVi>%ODDei0&jgY$6G{;t(W$^$hGu^%$H1
z8gDz194U)Gt#Zx{dQT0CU(W;KC~3qZ!B!1~a*ztX+5(O$?lY+r;Cxb+z+jjls!9cl
z^Mg^Ph={*oE>cyBj5t9_#h;T_L@JK)0zML@sK*#Img!}iL8{78Z_=Msj*@J_)ER5U
zpd2rt`giePCcFvITJVuT>n|2hy9i=>h05yJYF^*+>XvJ^H&14&_hl>Yd$x13qUzaB
zB0cxs^w*5q{>E4QlKmCmi@vY<Cw!|jzSWbf8?TjKbEH?cUOe{h>Md6~uC%0AHjEyd
zbXQKeS7qF*E}g&W-a73Uiq^ef1~{sbuz!<7qwY<IPi6N-GAkd>R()nvBq|l)`SA0H
ziC8UuvG{UPwxnTl`3Cx{S^?PXFCzLB^e5UZUklRog|jB&bX`8ou#Sk+jRb0a>(kEl
zDt(HH<d+VWW`da6mxUfdvO)0&g`eaI+a+g@3#zvQ1Ns22*?J1W8-sJ*X$u$hxO+U*
zM5{eqNJ<r5zN`OA-X*l)wrs(-gcdxOEr?5K!E4!qKkSo=`o)l6*?bC84YRo2P<I^3
z(RSSa2TaSzofDemdGTtJg%mWTk$C|6i&&C4R#jl5isr0<5pk!0M=3xdi5HhOxa8$<
zX)6O$)Ep@fg5kp*4?Sea0=u+s%z6o?V<JYHG0UiB(z(=or6YLy+eC;#J}(mI8-JRy
zp(>ZzYepl4?ih>ow+M42T3oo2w3}1|hCs#v5sSWn(TINOiw}s^77!kG$@V5ewgcG$
zrKBQVM3>IG682*yD&S8RBwb-!vXE*Xt^opcN8DC&Slor+1FXT<ccCpt%7btLqhYTD
z`Isy`2DXAw>#_CfZ^YSUA&5zOPZP1pu83DhL#f}16t*A6SpQr{@`r4FppH*-l-PyQ
z&c5(bIwE4LE$r<6tycRs!YR1IuG5_T=qgw9%%SmVv*&=o-qZ_;BW7I?9dX31k5?aM
ztU9OmvRPG;w5omF26CxjNuvZYw$LaeoGjp@!_$~*S&q)Ag;5nOSen1F1xs=gBV2gT
zpOlkCOL|gX3r`B>xZXt!Y|>Bm3lV>#jiriCW2V*1^n|3@nRS6Mn`1u_w}pLsY)S7P
z+u&RMKC&E<Arw7JV!q=9zf>WdS+Sy$Pa4FE1s_kQo=S3<1<4)a2DA+(WL+dzuS(H2
zU{F_WAKLfq3E4)%8#WJK*cOt#U(h1KJwb{!hUCrk+oIn>M7z}#lIzVq$lhl{-e-b)
z)QW8(nX#Zy5;FyFW&G(uD1RYW%c*nKr8v+F1x*w{{ef{%(Dq>ww8>D_vvKSU$&|UX
zGgQoE+Y*UUl|mf?HzLKDT~bIH53LQsd*9#%CW((pN-5MO0|OYupaeBHB<pcS#O>&r
z;lu!x*icXnq)<XumPO@rso?<{@1PXzA4r{v4MdrG%M+Djq}v*ll%ftcMCjuWk}zKh
zL`muz8v^)-dM3&A_@QFODaQxSs`5ggNlLHE2ML2nKSz&alN3=$QA9FIU!=z(te`kR
zB`Q7|s5&Xl=0vMGv0Y85<Jh4-oSJBAlxfz?bS2^{X}OKfk9qE*s%i^z(3BLV#fOPt
z=#FMYQ|&3AUo3jBzpM7AFkHEf(Xj7}Le-|r7qXR2qrO{#4VNF!2AW6RlO@Y0N`je^
zV78=Y)CD@XzAanT_N~uevAynl&3E;)qhh+MZE|f*+P(U(m#rN=JXy77qN@HzRsEP_
zGEg}l*f?2UdnJ}BZ@6AwJL3|THB38%<u#C5mM@<OY|I2UrrjN1k<)>V+2T!zrnhut
ziaRFU+Fuqq#hZ9ijf_(bo|nl<so6K(9b?<fCG-@kqAT@|W!pE{5X@CEBA(<CbnwA@
z#lo^3OeOd2ibGqS))d4Kfb~8J6a=un8?SoS6%Y>D4+9H<x+t`w22!Ju0>Z+nU(z9Y
z9~O*(Z@W1DHyS22Rm20VZ}0w+3F|vfa|*#q{5T8i6F%iw-I_`;7;k-SF~X-tElXO#
zs0A$JSg<q~O@y8IeEeMKvZV3zS{OfAo_Ytvi{5Yn#4KJ7OZrYjoTOf+Cj>1t`vR8a
zbbwAf0ZY1pAunP@Sm4!<v?4s8t_bxF<XO@D-F`Ax#3B1JtSjOn`rRh#$ve_>P*q<V
zWI+%bdCjy9Xf}uh37vGTMg*0Pg_-)3OS)&5jQ7=pU9%^WAfTFvN@~`rBt#4Xs$R2@
zN%Vm{f`p4owh}!9bSr%Wa}Iswm+(UbPBR6qIi$~amGs%(xj-*`m^r<e=_TnG(2J@X
z{YC1}!v`jPmF|pD@B#%dQt&kjUZUV-3cgN35<y6mUZHpg1(zuJB?^dykzS>Mo=N(z
z2+VXzlR431CQ`PU6K#29Uk!5!2yOJxvqZIL2Q?Sf>>`!!k3gEt+p-h%h#X!tQSvu+
z+vk!b?*^8Ez5x9(df?qa<tuw$*pn6;FF%wCG){=x-*vHZY!6SVk#Xd;@VtzXq8qad
z-=G%Fg-t1*ofR8@yaTu?HooT($~S%R9>_19U^!BohhTY$={U>=Vme~DTaiZ-2!h9L
zus(5G2|7T6*bb9`0`?qMBueV3h>MXRqdHJzBnTH>SQ(vx1hGflAVD16!zL2MX<`{U
zF@kSMyDUf$qZcl+&`Xo(z|foMV`C(UQOi=iVbmfNZZe;<F3s6u2u?V;Wi4*e#Y{9`
zeJel=86&YCKezl@()f8Tj30s$jRf%!(;o3?B#8Gk8I7>ZGzx1G2NzoCD-9%w2PDYT
zhitkKtltyzjx<`MnV4#Pox_VWTgm#p4h%r?=x8Udcn$NM4@KfklS6f|nI7nq{xeDf
z`tO_v$K<eXWQ&=D1vF?3bD9KzCGN`76|^aRn}RnGbcXx}U#;Q^h9XMmw7XbT5%T57
z5^qwsgdn6}qu|#mxJJQu5Xht(Gcl<ugSuue{HN!L!aR;Wm2&ta!26t*Dha;7jWNJT
zaS=@C-&S^v`e03`!*lSJ6M@Z{z~;2rcIClLplw3b{;rE{>A+^5R3qbJ8-aAKNXAIv
z#@y03s7-TeQ;KKb6x-f&0Hmtg3$y5$8$-SeG4MTR{PMw1`{CaL{B%WJR`4@fVAg~h
z?0~KjO+BT5`w;2g2k|Tzw<W<D63}w!Volf@5J3OJ^*)(^)~IdCvdygxxC4{YC5@7x
zq0x^uq~&mpkB%5hqn7394C_gZ%CTT+PT~XdF9n(}W|leYdsnkOr#8b*3q8FFJ81%2
zw~6^QYFjg(oW0gZ49H&q$lsrLEz`yWb{SYS3Cxqa8u7M6mY4b+{oP?TLs?>aA7rgF
z>jItNj`%<)c)DLT(Fxvr{$@BMtv{ze%0;dJIkoX-yg%vd-}GjzzblVER|}Tp^h4OE
ztwAv?hW!yyqec8nSdo6cSN&IAkx8t|B+(?l4JP=vH72+K))+1MXp&?qSr<P)ICMd0
zgZU1P`VUW=#O~ldRgC~5217faMnGqs^c^4GXSV7LFSG+>&JH2_Pz*cGRGP#AQ?;uu
z#{WuR#up%sQt&Mb7+u126|`w-?^WAKgb1LeYboZAi4+xk*|>ISdWyMYxQH<jH@@S;
zV$+N?K_j9#p{-~Pl~__tC9`{zewQBR_b4!UYsPO|G1$y(j~MY#QGWV~kxu`S#%EFq
zY-7}u^vkod+oacdj;aUPnWGeFk_pnA=q*H5l4~B8TYtMmeqk*|*;=|MEVpIL>xm?L
zVbLtNiMyU$y>?=Cb7pmOTHNtcdwO;AcMoI(JCL{;*fAmI{AH*F&&y4z**C=<mwL@5
z^whYx15NWgYUGBv<GTlV9@^7WRC-SD*To%^Rn^$plBwDPS-?vz>8dT+z*a=BJi!99
zYyez)I<S>9@oEGzfR}QF1E!Q(0=)K^%xjVOKue)2x>N6%+eZA#6TE^sf+2xn*J#YE
zU>}MVca*8eqEW>gjh;{S4Py&SR1u@mCx&AKq&P#WI2t{hkmR9(L^7UCA)_!F?MwAW
zqY^Pg%;H^wPC}5*Q9$IX^eYtn1_gj@g7g;%l!_>9ouFLnjdHjpqm93!0_!PQOTicP
z;2#i?e~92q!nD26<(@7R3VfN0)@;T0jH~S(m;X{r#<gb3UgFwsn_Rvsy}B{8ylKWk
z$r*=G5Tszol#|la>#eI6xtdHhkuq0Aayn>T&+FP@s)v-h9+K0`^3^l<=QZ~?<3v)O
z2AY9h{O6Z${qgadFZm2%#XJU3*5*s9@zLU1ur^=vGxMdzwP0<&R0Q*-VrIUyikQj+
zWbl2zzVZ5ivF|#u10ZSSJ#Mo!|1RwX43%2UhDuCljxFBI{G0^Rnyt8{-I2N{oQbNT
zlukioo*06u5)*1OOKzF%SgQ{{pqWAC+YV&aI?R<=lOu6S-?XEdD@o5_SxG-jK?eeB
z4dV~*xxmg^P?t1s_2R5jvLI|rJ*im-aS@$Hd>i5?&Rp>C1mZI;r0X{k-%DqUj9xgq
zVeaL$TTkgET@LYW)V5>_=hh~+=wlGYSz8A!FuEM;AeX@?TeIN?tGZxG&ZaI{(qI4!
zG~)Z73j&ia5Z}ZWepwX*b{O03)UQ}IBZ1E8$+)rc4e~(xte`<sjd7mCGJu5dp}Qk+
z)vr9q{zj*3Rkh6b(7g0NDEMOpomXcI`;-E;33b=VB9%c`=aKLcamq+h=}##}B&hUf
z6#O{?YYE>*CgIaJ#i@JY)LD|F1bw3F5S9Dqg~_U+$%3uy2jrglON?c4LOxKGuk3zd
zciO$-EArUxY;h2=%N;Dp6mOVtYkyhyhIDa|C)LO}RpNP>oRpe<)4hRAK(t0sLQkRU
z*lzWPxoN~N!|cQ8mp3z4<VWy@Xsek|2qXqmm--YE<Au;=&`G<HT9i`cQ%EcrmcKgA
zR8=ywAn~4#pbCJQ9|nzp3Ywwu+--d(u&kR$?j`fcdjOaBs&<j{!e!|lECcDU5m<xB
ztqepG90co=3n5{1$hIg(u|-jZl*-XX0Ln$S)d_GZ{eT8X>{Sk_M@$+6Fe~TLDKNuw
zM~-26OP5(Qfkx;u8J0V9{010C?4(I3R7;yfUAvf1Q_GCWPzXEljlEZ#JV?4hC|-(q
z$ahZaTRI5_LJ^N^XeII(l-VO*rp>*WLnv|`?jj7z*5veJP3m!COJDT*D4CR&ldxTu
z@=AkH(rask;!;MrV&PF525fwEq@`G3bVe<V%C%r=E|*`hB$v`c5A0;7Xg*UNOMP#c
zuZgg`4ht;oiTE^0t!OguHlB#fzm3%h-8<iPtj{+<6imC5WW07YQi$ykKg3$}ci$ku
zpZXVlw)*hxn?}fWFy^+yzDN<)o7jEBwBG#p+yIcvn)R_Q%7BsA!khGmi|+ZTtkIwG
zHY`_v4kH3rf%SH_7K+0q;nGO4_I68_@ODe|x2pfr+f5c7`zKZQ4k`Q&O$zUo?Lji+
zcfgRpY~-*ek5@^5b^Eu@<-^GuIn`jwY@i`kip(}fGOshUwnaXK6(PNg0LZD4m<9_2
zecg5+hWbq2ts)>u@-@SJMo)*Fvt{pZpw*F3hc>$N!`SwYeNVK}$=C<q%tt7Xlz8`=
z<l}_j{s=8}>P8D?G&&4Lw|s+XoZ{1;59W8wS}bH&M{$+<HrxHfPL3%9bThU_6kxXh
zs*Qp|NhUI%muG?1zbg9Htmn_m{f13jsC2fV{Z(r98x$CZZU38+jH~$*ijkCEmA5ml
zh9r#4mceYw*1~KWWbAC3C0^$ec9rE}?*VpeOxUBDGcaR&=2wfhjxL7fS+JEyfWzfD
zf?Ss89V`2^d=~caR#d;z^K#GV!CQgKvEi?^r^Vx!OIZLfZ{l(FFDo7&gCJc?sgZH<
zIEkaRyi86?&Ay3R!{!ot3RU&y(DLO{UIzW9*XQ)2-a`IguUS9lo2;tIR5eeOXn)sB
zn#aDtQ)*;9CohweQcK({X}&zbYoUZG#j|geG{5f<f*T+budMk1_H3FZ+gQa>Pp%~!
zr<QJk3i)@kz;GS@Z}VATs3Nk5YzAA_2T8j@F)U!icK6~jq9-_2V@)L)LZKWiWYn^x
zm5f?M<(T@gE`2xRB;B;#!%W-nm0g)l7bWGfFz^{T$}o*j!m=&(#}Scjf&9KcPm2_C
zdLn+%65j5gG0_sfC0iI6@55TiSq%`#E*)R$qhz$JQQPwUoSst~Z`HR%3zbjGTH_lU
z7F?B_4qdP$r!~W(Cgdz4+AC6|Q8vX(uy!og-;n+b%7#`YZA~l$?RpC<(}Lnn7Ql|S
z_;Ds|--S25L|9V7>|sm0KZPZQ_smAs3`>YYnsp_8r`PIP5#MQ8BdM2ed6z7Sl;~e6
zV99;pgv!E!dkz_bTDRPDp5Eu8Aj6#6fDD13bjT1czvr`Tyj_rgbS-I?=hVh5moEsF
zIFA&r(4bQ365!Arcl0_O!n$;IS+8fnc=gJ`jg<^Hei1NfskpI<;l^d3;zr0bxJs3;
z9FprSfVquYi=xAR;&J04*D+YOvn^=0(DIR^jN4~?nI=~T58OL2+y{s1v7kKM-w)#g
z_yIWsM{<t`<9+>Lu;DX~c;kU#=Hp#=1zC^1Umq4En2#hd{JV&y&bQZ0Z#K%BrCk83
zYb8yyNDi1u{GjbQlZfM%E+WWbyJ`3S^K^&F8J<H7-QKPB-Ru#WyaaG*`1hzYuApRF
zBP4Jwg7ljdz=B-R<q7-dd3g57V4aPver&UYu@wTggCn0eNh_9a-)OuY?rtg9#L;B#
z_cjfiq}<Z)Bft!HYcFBRUKaEfVd^u-gfUb$%N9}5eE4Y!RHc|NH+5Ysb{B^#Dyqse
zu}Z*VI*bXxsPb+U{AZe$U!#DDQhpsVv+QKMbeZlkfy<v#ELVdpF(C}wEkYaz1S+#G
z)q+t~2CI@0U6o9Fc-55w`^KW$#LyWG%0r9Pm{0@s5y|k;oVT^dfNSNAP>tluTk?ul
zDpyQYhQ=#HqYq35;C&#J353$(wrk~T5ZE>$YJb<oZRtRWC)LQfxNU4Z&&wDo+~B3N
z)E+OyBgmetS~XEsm#L~ti!Ee(SeFgdBYJHu3o-%7ZnVFw*pd#^^Q0OXr&>HOlao@j
zZ;CBrPnt{UDO5#w>K$|2h+kXFEAR-4v*~Hd1e(&~qt~}RiZH$H(M;gc2~qpIj+{Uf
zPpXk|@ll!}tw_d5;RY|AWo_|NJc9hm)$1o#@5ro%@#tQ%B;E1Wx@=%C5)*;F69`Rz
z87jdua#L#dO>ys~v*r?dYFyllruiK;azotv);gYt_Vg5$p3{3)+{@l(Q>F?tw4L5&
z6P#rrdhH|&G6Bqk_Lmj6<3I+UR3qb5i|1u>Qfl^1aXY;~tr3*aQ>cpW)H~+35x;hl
zS1?B~r1yM6Rjq2VNG6<}u&hqgH=m*4It5t@Zcsp~MoT-<TXZ8u!QWDFn}YW#7^i^R
zReM-Vu?amO3qJWDky^ks)a}}6veQJ$Y^RCjbUCxrY{^z^%eb~1CZ+l7wM{wasVBNx
zO#LCn`$Ih>r&n6{=XbT4>LF#+n{gtk&H+7sFaGljs#|u=`~W}yzq+*xdnJFrFC;1}
z3Cx>L$vIAk<UCA!BXLGf;yEmdk>BS=o%0^3vw%%!tJ$VAzttt&q3a3}&6OPaC67rs
ziU(>7q6#l?7whCmUEL>23L{dgkY;FT_K`nJvC;fRd{g&W6n$5I<gC5GSS#$w(+3lH
za^EiyQgkmudHT`4zx;TV^*E#A6R1penv~Vns#imdDQYlAur^UJ+=;^k;9i?0a1nnF
z`?}DGcrCE6w3S@-`Q~L?$?ugn8*JNRg4K)t9!*tDKHt0}t*5L$>mXCda<}9I0|wxL
z3*CC@Im|KmjL+O1pJ9R`QFd@xjzuYWLdAhoCRB^kZ=fgXKTz=V6nq6iC$=mdr9?3W
zzd!-0Yn9SD?Mffe&9720MuD*}%3@2@;@piG2B(ZuxJ=D{6G0w#B6ZA?YR<q6Ev)J!
zPSwK8swvee1IXrJ43*1RY+KJ0#qobJvc<6lmhMB?cJtaypf>H^MefOJv&CBwz49}e
z;$0JN?Jw)zl`h`GlWJs~D)78aPD;(b>E1==r&=Q@p{Gz4J*jsr+rB{~FxNDtcs82<
z0K3z<tB*tWJPOiZ1>>9#EB$+#lbH^GD6sNErYlO|IkoU%x9n(yxd+U9V4^mRCm4LX
z`^!=LF^?)1N_vuo@Q_NrQbCm_y%DdKaus*~0C#=e-z8Ow?klzX8$_g~{seW<?(B=*
zyA|=b<DSW!2<-Pl!esbEBXc5q_g@$)KvNw{g`Q#Fv|veY5EORkW;dofmI^-{3FIq+
zCsykx#hro{E{+TrG9xXw$&9B;pBqy@mZn}2E~3`oA%x5Xk3}fD{`nY0Qp_VQh-D_y
z)8R8rc^IU|fj!AW2CHw;#+vw(ap{8jgdHZ(+uUKM*7k?C2KNV5;*JhlWYk>;BjOC$
zqMp11%JPUx+c6Of8s8dB7)MS8JD3xz{Zu#Ck1^ZClf-=!mAHSa_dNWX(?+8GDhkOZ
zFx4SgA)I<|2zzgL1E-V{PJt;=a5vx2Ygc#dehU*m!VeM(ZW`IJDY)72WfIbDZgczG
zG*V+KHWad)g;~Z$WV`eRdgI<o2)`KUM)AbqRGl4&Bz;JCS|~8k%uAFcW^akcKMD@{
zc^dAz=!Boal$;>htm>8%!ql^{VKQ&SZIphUdSLkI8pW8DsuZzVA}W2GZ7oAZe7<nH
zWK^B0sJcM-`HMK5=+Jzei;9O9)zB-1gvgB&kWjhdSaV6XK<|^c&1=IGZJn96&Kq^d
zZv;+UuRH$DWtRhE2VOj!sXIRE&IC@(6u_Y-9B)?FOjI}BsBRi7fcR!S5Sm=EF0*3G
zl;EhSy!P}&+mQ_Z>W{K?y8dWp#nC%-Yleb51%j(G<E(hU5Q+4PE$q&;cE?|N@yL|<
z25SOUj2rc8TR$?l#i~qJufP28<-=2gt#0My%JmZ~>v0@MdPPIJ;pCLVwmfXR<Dl-T
z-oI&;9hDh-#U1L;7zG@Mu4o2MTMpBoQed_ZX5c^cq>Y(yk5wEjbpC#I(Lu2w$7<S-
z^+2MGnX`c0`Ow^5I`Ovj#A3ZcF4bq{^~##%O1e#`klWy<z7DJD!$3NQ)wI2D&!QMH
zvYNJcCk(U$uMs7f6LwkK18vjpGQ_wTM$D~Mu+}dxzyMfoulq@5#5l@akY(d+&ritv
zSQ@*ym{sHbNULT}ZN@(S)UfXht}nAyzE`!%XDqd0XTMyZe^XoB3QWJpeB5!{r&%PN
zwkea`sq5@DnChMLFx7PYjLum14G&_64V|k9A8d5qGv}<|{x~@6ChpRNVw#^7u-nYf
zN)xy2rkHjUdQ<f#2r^Zf*hHk6YT*rE>GgBCQO3$cXQ*0B{~RWfG2u8->`N5?G6ka)
zkS<u&{r(Zfh_Pq>PMTQQ!oqDMIWAF1GC(d-+AJghj1D7vjivGY{`{Il&grXeOjK=d
zQ)5o5IVaVsx<Fxm-c>vBrtLXCP<G@y!)$XNF##ON!tY6xuM=50xG-fl=bg|Auer_q
z2GM0Hl`dO^?>Xk^M3n=aFysIyRFW+1KJnd_bX#Y(<v5~m$my2j*@hE{rW;OVicd_q
zwZANKNKRnnAU^I!gFG*jlTx#9x=)Z~K&yokdJ0vUoPh3Fwta&}W3FjR@wUI)VlH7y
z@e&|CO}*<W>b<Q~y+ggX95><(IgiL|Uw5A{E1!z)LizN6Xo0)%-lS3rtW-{Ss0an5
zUyy$T5mGr7z#B=4wTlmrYqv?2gA`Zgz!wRUIKj@+i%FHM(o_#Ab3G)do2~1)T_?@n
zPbg{BoPo0Hq)nYBdWanD5o8_gnsGw<aCh3H9(MF&kEh2+l8jcn8s<49X;B9h<!RB{
z>xk+zWPyX5^0a8}g`{XPhbZM~(b_9X@keOUXL(Fh$wz2Wv~007?3c>=i{K4t8NtH{
zKMk!*KQcm2d=KkCMou=lifw0m&?pIswtjFtBqTVa14pOFhGLqdGAO+y?2(cZF`TI`
zFQ9(gW>&xDNJ(;!PDx^$mF4ksxeighxyL*uO@ro-rycsvO`Z(<7&@Fej#Jy>lDCE)
zD5}bqYv_S$^e3ue@)jrEH@R1-z+~lckHpn5?(v5RaZ0X@i5l0L{309sWt|a-Bj+6I
zgb#K0W!ig-L!C@#9P&MP>>vjHV>eaTxiZ>CoAgkB>?kM_Z*u<2D2}^O5J0^7o4fE_
zx_A?(6RJl+dFC7i<+c*LCPmXxP@D=(eP827`Ho6WEy#CLTKgu(QBWiVb#}jF;zoa3
zkAmX7{buc@v7MjB3|b3Qc`a}|3m*l=-`IjeT0?+*?~j7woXC=%l-I(O8b?7Dv!kG_
zc9R-2XR&hvwzXDbXxeW<V(1^tItohPL8^gBI;#%Hu^ZrvpHQbA_5@2)OE_gZ14>sK
zp1wQQ#&oKs0l8-@4h^nD3E*fX^&lvt<{U+$cF0q%cvn5(sluoRD?A-ls2v!h-uX3(
z+Kx|xtLiBR!&vF+Q3kJ4j43yby`NQ7u8(fKMgeC)RHMYpl=n>p3-9!_9D0;aEf|tw
zy^qKHlzsWorYhWBuz|nCQ009Ho)xA<VM8e6UOVc!Rk=|+IcZ4(UYr-d299o4Se~3z
zJ6XQzN>iqM>-F+Yb52gG&%k=n{Q$8f_1WSEMAIz~WQre{aBF{A<P<mXq#7Bg8aywP
zlTx#9x*s4eLu&*j^c1R+Q6jrz+4c=K1ano4h$ndj9enU!m9Cw9sp3#$u6B|mUhS~u
zc@eKkd~2Xka$iBj?W~KVP&#O!VAf3}*+B$A+6)C-AXP%WVSAIEoLG=>)DXw^{jVHD
zeJ=7e`hc%92XkTJ>^8fwxc3hIxh+TzxaH!qJbuA=EfS+GxaEMOp#@8FFwPGN@R{mZ
zTC?C3qe3f^20BT1i$fPdsfXU<TtF*<mhrTU7ibYOV2&ej<N($V(?-IMZR8}|U=W#0
zWUB|<<RL;gnW)cAM15}3sn1RIiqCXYaqBm9+xy*wA{N|uV9>ldhWCosfL_wSVEK(~
zIjEt6;5=j68tjK;Zj)l$^kJ^20ez2xh0tjk0H9KCn7kV!GHC;?P(-eB5N^_5!8j!Y
zPi&>+B?=7euo|7svSgQLsK{jm`2<VtOt553hzXVH7U@ybtAIHU9cj(D9wmG?I6|9@
ze2xAc;SF-L%kajsl@~=b+Q@6OUcF|bdfRyQw$Y=LfmIWM=1ib@O0fHju08YiW9jWD
zSscHaz{xw5Jww62I&TZ_yAXllG0T0Aa{sZ=|J;*zDEmixp(#p@wX-t+#>zPT&mA%6
zsx^78-XQDtAC2toYVWxXPnPX@^RbD&pUdq1Tzb#v)1Qx~OCG)BK#xX$G*UJsW0+9$
zt=P`QAl3}o4JHBk<S=CUPUF>%wZWnAR?JoETiVHb++qD9Pu3%M_4e-nVq&6}rqWxH
zqd2s*4vBEMor6U<Udv-$$ZG+MEPS$_;k5nUt8KV?ZAs(jwJ?6;WId6&AFy&IZ_I}^
zp5bhjj<sO>LOABzrekf)=csu`j?as2V!9`Jg0-6C5|}2##ajI7ggm4lp$#jKC!teG
zNf+vMq|!bgQc;^SwP~Ofat*^^FQeA45XAj91#ckWIAInC!4N~4Hb7IW3!sIUsok$5
z(4DedVFWAA!N3j7D8#S_A)YYT9z@--q@KfSjThKnBlQTMSx=yJ-VI8~-`)&igYRRA
zme^oPOvJmhP(&mAn5V`2uHme+`zA!~@49$jnvOm*au6RE?<2o2T3*IT;l|w3H>gc>
zX;X@4-xTj-0NmuF<)w;)8**uU*y^dmwNB=uWqw$Gk7<0@;m78q@lCGl+=gmY-?DF<
zgQ{)V2P`&;SGZ{fo=>}G`JW`!IJft+rp65lS%(`OiUH1;YFpCJb87>deH@47aGrsW
z4&zy9bUAM57CtP8a~ex@IIx&m=Ft1DW_eC+!Wj!bJ;#tZw^g%rU&7HO9AoMu20kIL
z$aGSxTVHR+FN}#+=_$kVKk36^Ie!LMHeUn>JA1pnu`(^T|Fgq#$d!$!`z;go@zZ)(
z&cEyWUvOm^8~crSXbB$-yJCJ=P7ymS$8cq1n1&c_SyMPxu59R_98fvr&IYb*3cG^(
z8Z>^fG6DD1E3z0UTl6WE{S?a5digO!*`T^+&EdxeWs5(BvQXT73T1`Jf>0JtQO;{J
z%Ysme<`gBL%rgJEWSVOfP2bZ8qx*X4zhkYd-X<8I^?Q_j8$qYxbVK?>%4GIu-=i3J
zF*4Hq5#4~8Mw06Q1bZdA?oO4))mij-stS!CQU))jN9h5eI@k8r5icwKPfGqS1?=e!
znI=<(S?s1$=VA;s6n{>C*mS>GVJB07{RwsY9SVM#f<L9;bqfBBf<H$f6UULu<m!7K
z8s`yzGPaZ-Du(l-;sbDjdgQJ-+}TapA)=F~5Lhy|ixG9M-aN5-XJ+-zw78EvLF|01
zB^%g>#LWPlpyvE#s07c;O{v*8#eJ6^Gndd)<KjLv&F`p@8{)pV;F&?|1MTT4Dm|z7
z>*Bu2s<jhU&2WQ?(`d;PL~}OKg6Opv3(Tj}X6d|Hv~8SMi#QIUB~K8>>9nSlnvKI|
z$41O0^c0<63-7C}uDNZ*uf=!;9zpR*n%C`_)!WnJZkpHaZ#lAo-ALRF?4A&F{xVd8
z=jEo<?3?0lnn|q|O6aL^aW|UgchtxYaraveo`=$Uib~Jv{kpiD&1*xZsv#}5(!4fg
zNvzR&4IVcTWCE=dqV|^+TbZ=N$ib~~s>O?Ba#CvcO|g|`Qmcg$dJ0w1oqEUIHsaUd
zcq6A9HHjg?CGEUo>&Zokt?#j@!*;lVL><_EXvrXw60;8^K8|6^e;=bhwow2gwi04P
zCF)>4{SW7;L;op9#LR6o(4BUHm2@(7s4GVuTCk+ODT@(gTayo*dCw!r=Cwd>78pXH
zJf*piV!@II`(LP?nZB^Ee7E(xfjZP<{Z4SlYudc&W1BZclcE&!re3D;T3gL<3nG)i
z!EaKOHfuzOALpPR>EebWx{W{Wh1}Gj>Ob2z>01;vE!ix6q@g~nS8NT6tzBA4xc51X
z^r~&-E|j8sR6~6j`>PUc(uRKM<AcN&$~~L(fy(A#l7Beu1QW}lYRXb+4UI2I!SiUk
z^QvY~GmChrr2=ayVAKK;1(sX!bG4#U4Qk}mYpRGHKFgzY>Pl1|h{@+jdD)v9z%ii~
zO2~x}`x2T85MuAa;O-i+7nhAaHc?rhsf5)^{k3&(R!{6anb~=Ay!j-9_uDg7+p)c{
zwCv3~?I%-p2>Sp_%dk(ev<#aLZDkpu6#EoQ%hFZb*`4>aJ7U?z?btV1T83?irDgwG
za9h9@#L}{{5mpM@3t4?n*+q{zU$4#c^=4WB=#bxdvyL^yTGt1{TAHj}d%1R^rae>B
zo?g2PdmVT0o!ooatoX!U$BG#3b;J;89BeQ&LN;FGDd63FUL<ns$ALte=0ze{49vh3
z(x$wKL@xs&hBeUo6p?_}{pm#{ttLcrfWv5+S$e02VVaU3i|8gBo0yvx)v0H_RF4%W
zHBhjMg69bAHd2gnv4jhxCL~98Y+`mi@D63_!U_ZMZt{SCshL_|JlMul<%8UMSBnMP
zi)d=YJpkL6YA33jGu6%G#m(2`w`(W%Ka$!1$avc$v%q$(3bt!ARrfQn_6Y#nwTlMZ
zyC!!XoY?h9X4fO>_S5OpJp{Htza+5Dyx?_)0t;+#x<D(?i9m4;VIySRbQm)eGAyUn
zw2p#J6l|fOg@WxAj8pBuqF_A*YbhwF8x+vq5BWO?a@_5ev}H?nW?b!t+q_cOA=_m6
z@=NQ}Ynt#{uigJ<;5$ds)q67KduJSUlkZI0HRYuA^hVm$G`AtqRg||K+%q?Wr0P{~
zZYw@lNB-f^O>;Yxp02hYj^DK{?{IL>+zgV_tF2opa+T$61^3LYAUVyBo}T+qi*9Ac
ziK6P;q<0u{Dkc5#WL&}-bh-%zvySfU3^g(*jf(rsaAII6k(3!ZsVt8UULb)_y()5p
z_l$Ze{*;s$iYp$Tr4(v;j2KnC=PnGUuv<n>$P#UJQI7>D%UOxcW2J`?C}oKljRDS4
z<aj-f9FGsk675fs+!T-^U-D8w3LS|UD~bFrNW}Ch<>tDK!bdZzc&&#DoufjPgHr0r
z1iS+>Kf>Jmu2MY+7sIrbG)lXK`(e&v+*{r|I1HQa-g9`q-l1U_ck6DP73Wa==^@42
zdoBiZ?;(s@DL9LXic3nlK9i9A8RaW^E;~P+w`1fFT^KaAUm8#L4W<%FfNvO-V_+AU
zSWt2HC3=UX`{=Pqh^Tn5t%^A^iL0(OQ*?)Y_Ftgb1O;~}U>|Po$E>(_tB1Sqm5yOG
z;7^bn0m1=}Y_@5;$L73KDcEdZ6efiFj8Ol5VbdL_$7a7HAef=xN9BU8b*f0HUitc(
zSJzxEzcP>w?aD6Sofax5SFL$H`fBv*sdV%HY~6wEs{7MI_2kOcuOEN)_|^Nbt;uff
z$gbR<7M8;_eOdJ@Prdlmq`zp=UyQ%6e(w3tUGt_-KAiD?X1dV1%zno$I6Tj7%y^o!
z_LeD+V5?C3ta`O-PNhi3|1c_58<lFZ_H|ULDu1O@8Gj_VlHL<ls;GM9(2IxW^z@mG
zzZ;b*=Jr%JRVGw#oh+%I+_YtKb<MP|%vLa2TsGyv@4JD@DHne6*uJ8vLW;SCishFA
zFC4k-%#^R6@=%snD6JS9dcikERbl;Ku<S>Eiq(2-1(%)a4Q-j=jw!r>f;S&|pMIvQ
z1-tXhE1z3AZC_`r0MxJ-O;K#>AsfH3k>5aUs>`?$vTe|6Aa>`B?WoPxG%Zkgr_bJD
hv$ahN6yE8w@3Nh=O$!v>dBFaJ%~tlFKp_Jt{|}|s9j^cY

literal 0
HcmV?d00001

diff --git a/tests/property/__pycache__/test_drift_report_prop.cpython-313-pytest-9.0.3.pyc b/tests/property/__pycache__/test_drift_report_prop.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..a7c9004736d356c7361600d910d708ba6ae1c156
GIT binary patch
literal 23116
zcmdUXdvsLSx!;-hdq&de$@72#F(3wn1Q-EIc!-ApVKj_QjGVcHW+cXzX5@25VC0)r
zzRk*&9j_WE_O+b2we0xziraLRw7m^&?pnQeZ`<Uyf6Q3Kl21v>&COa_^p8feh*?g%
zR{Q(*dCuqvBroTW9MGP9_T$^%-e>Rcea?I!;N@_A^pnuj?`-9`f1n%n@+g`4Emn?u
zor`e-7qi5yCoO`N{n|S1qLt@59fFgWYg~eh)wl&Wer+c`onFD)=@Wdc-hR^G84v=U
zK_S=~5<;xZfwBsrlI5Kzt2)C%xU*WQX7{d>HJ!CWEzfP|V(zmRp)Tf$d1JnqJ8Bc^
zdn&tks)*{p>#42(tYw!)E)!Ou-EO^J&8_ERfmjfAkE$j5FX}?Eidf}dYpiOot$Uwd
zqvm4a6`VH08bE1RYxLh(HQFe*0>2oxJ#`wKb&J5MF~C{BNSj(in@4(F-N$u2)Es72
z7qeh>>Z3Mo%#E>iv4$1g(-vV<Y(-CF&*q*;Po&lAKqvZ(t;C%@whArm!j{<To(M{+
zQL=`WY^~=2b?pi+#_z%op-X7$w?@_vAI9=OCgg_FLjLNui%Bt^;`3=SFY<jkflmpU
zzC16ahjK!m@68E9x;LLqi(=I4-LmEJ<Ul5sMB_HTJN@i%Mo15)v*@@d+OlPf*Q)@{
zq(ufWooe%L<JFP)ojcq3Ba1-ie>wUZe-y(fvsckq5R$-UkRKXIX8GK3erP!F<$+B$
zpUh-4*?v}$1>U`vlG*;W*u>{ArFjKAK#3hcc<PioiFC5}lG2dBlF45JBx<e94Xwo7
zu+W?4lc^N)B2ZA_^7*SnX?`;*n)tz7D${qhiBDmrgxu9g)O(kfv@2qjJg1ZWncma6
z-e)AoP%__pDPofx{h7<@tmGEc`8*I7C1+9;hX>OUi{u3WtYJTv37rFvVUC!}VKx(~
zLYYJ+m+elA!vlGA@MseQU}vw8MsLYEJVZ}Ia;DM)Y5dxNrR0>clw2y7Udf-lA|^6f
zF`vx#rlp!^hA*atEINpZRC;J2ca<KX6ifm6w2%<f!sQH_)n7^qmoZTkUCs#k;pD&|
z7BQ1eOSR(FY;GXee>EYZO*)n6%MGN`f)u)v$)<7`N(B+Vi0Z^(I-eX!pk?X`ZlyqW
zcwiu*uDIkK$n~PSFEfyqJOb7|H<-wz?h<vlTaDzpMY5h6kSvMoR;l{RrA$6OkP-8V
zURu4Jfb}aW#VE;Mpe$auN$$Z+HX&w4(#R#BQ*z0Hp-ah&>3pw3e(3pebTn-En?H)=
zbuJE4Nr$W3*ar7>sRZMIWwTtsrQ96HYkgwYHXQ8@T*THT5Lkgnf;qS{A{!c6izpIc
zUTQns*3;eb*qNSKHYxNS&ZW{l><sn{DF>6?CfI4jg3)PAP*rs3s^s23kQ}_2O12A8
zz}ka9aSf7D?ppJ;v#++kvH#Wm-)Wx?@0d6{@$5V2CS&hhD1>*+qXkzoa~}%W%<F*?
z&3rv~ff}((B|=#XD^~~z)<9X8td*79)%M*^HK+fs*H%pHWsBR?wM%w#@|ZddtY-NI
z5(cJrL2tttVreV1vBm5$2Uvm=EFn-@OLsAs&Jr|S>@j!T9^_)4xP_(GAlKsDz!~mr
zc$VIg&SU9pnocaA<S!EeG!Q6tD{I7KAoEO`Z#15{=pfDt&Q)4yj0&rO%w3v-Ku?Tq
z5MdqVHXtc^I<(?p{LRyPEp1-{TdT73BIqPQV&LTMCTyd7+AY#n73G9N?-B|*x*FZj
zj-%L)jJ&_-NQglsquhA&_}MpG-`@Y`{<qqN?I;>?fz}KUq@$808gWUhHLyf8u~pN3
z8Js(r(p@!FXOn~JggD$+Qf(FUlKWyVH;_(dMaiB|KbM!hpzX?mmYg6FIN1@0WKRjn
zE0R-&FF9pEl6P1Htzq~`KKVC61BrB$dAisNNDUg6<&zf<qGcQY#A`@Kxj82nth!aT
zeJZeH^ytTdN;UiUl{K$jeB+sKKl7czsmcwboxgBZeq6iat(|Z0`R<;Xn%bF~y4y8%
zZ#?zwr*66mkAJ0D^W>b%zRG*w&G{-{+*GWLOnJA=d+c>hW4>80SJg1Say)=zdU@i~
zWb%e{^0`9j(SrNYnPBzU`D<sdUA}gy;9Fa;uVpJ<vOVZPu*3UhWR%0J98H~2X<L2K
zLwvrf)rxIn8HpJ-xd?_ekS^n~Jotogl~0O%CeJ5_hSEs^*{tC#FlOBuJJY3b>}bTw
zR#j@y7<vK(8k|kr7ZIDVANWgldK_SptX8CXX^(6*fdzj|$gDoW(9i$~v_-q{CvHT-
z9-F`7Rz+m0V(XNzY4iwta$BbYO`}I={1s#E1$)E7wRE8?Tg&xW!E!>_t&u*oQZAV&
z#cX@6`U-F7vepZ<-PonFimdGdL1$N7lY7J5acsA&osm#gj$cSD9dXAnMjz@w-%Da{
z68Y008*y7Vk?yi9?o@FBL$aC?!SnsC8ooSt`Y^}&IG(!@QUP74RC95yUCh$<1D)s-
zWb79E$RWdSA(qVN`pUM8$V4rEIGcHPIK4o|N{ccn6q+$4Nl?VDL0g9*2N1tz*@#CV
z-X^&-S@3)Cb;$;4N^(F@z#Tn!fpEvR!EVf^1X^gxHjvIn-14sSWrqiqZ6iu9MO1|N
zl}=|F@e>*Sl^kqK2}cNE2NIFk5cVItWV%td3B?4HLsaS}#L(e!>iG>MY!im-UK8GU
z{@c$_p1rxgSa)Ems(tk2Ot50~*zL;d@6?QT{wh#)ZQn<MwPTi#E2?kR?3}7;ovPS1
z=9sBl^`d{we#aM@@~!^ZUp?cldL{T`@LK+sd)16PMEP<1wXc8V-ZU5Dg8aQI&f$Bx
zW$eng_K!CgeXDNSSI_vWM!VP^KSyFHV_1?85_L{U^yY>k?D<leWPdg%<}<xwFYSBv
zqMgpp0Vzzca~BrSldSE$Z9pqMA0E)o#`#AEG)Qq`o0gHShnb+tCm}lbKEof*4Gxi@
znu0#i3o&~e<CM9JPeZ?mM(hH0m%KtcKP+T>Ar67I=Ti{<*)PyXlk;dIe1(!Hsj;2l
zigsk_Ny!hYE-{#VCXI<IgOSWcqX|7|Ceq((B%|D~eAVCDH+p2ImjA|?nX3A4oRkw^
zX!ImoJK-@jlbi}V+LTd9$CWM8%P7Sn;a0vLL@1)#f!b~%i3$V&>M=XqkHjtA8re``
zaSw+Jc_(h&VTs#f&Zsr!(nrwA!0A@yh-)M$=3W7rE4+}@*mW`$^DNTFVQAxBq>b})
z&c+wF#~pEJ%pbMI0%miG1-msusjrewQnBSiBaa;#&I}mEGo2;jtfrHoGW`m3;`@Z$
zAoiw8y-3Luns}K5Mfm(MHmewwToBttaI6tWb97I12S}Bj<QvJOu{0@I%Agn>K|8l9
zYA~7tR`^Fi8`>LF^GaAb?WPv|&6D`?2*)!PgdGBM%yvjs+#2KBu=!KO03hAQESI_0
z9U$Rh`T6!+_t^R@;H7>5U?OJMbq-39HM&FKQ6yQCr99QMzaJv)b3;PAwBaHxS%T(}
zkQHr%7^t@TCjcU@KynvHrx4!vZsVI9#@9`ry|MZFQ*Ru6_29dWpUo4|{1g95%eOr%
zEx)Jfkzg-RPw1m;Ka!G(2~Sh;Ge};+-@Jx#ZTq`Vym@Z?><!C}^FIu{@$9S5zWc;y
z!T{R*o-ieud5M^kxG7{QA$+8uBIdwWFqjms;-M0c6H-(Max|E`oL2UdOrk7a5{jP|
zb6Lre8Xg=Hh11m3hW;qdWwH^M+|V%q^<C7t9JX+dbaU)`$uDQ+q18KiFp+2n(N|nD
ziLG3)V}$3?=8y3w{w)#^*FfbfPrmfzM8nOxV*SCXz@dWw@My<B)UPGhHscPw;(yV9
z+h6fY=S!V;RyEz(xOMW}MAyvv&2tXh+S)mXv$AU5<_-iuwRt_>IUCo&-&@61Ru{wj
z-f5f)@0+UFH+tfBxVBi^{>~Fqwe3^k_R&-2_cM0SpPqW*)NQx_74J*lJN29ItlTiO
zW()q4JYF^Da0P<%Hjl@9&*pPDXIF4QXYY%9uf?Z)D+~6Oj0Z?Q!>K6QD74oZ5BM{g
z2Wb3(bk)6}@H*>^SuSWyk_1KwiF#`YfUL}B&~Kf9U3Teuv=u_*1&t2I95H9iwbyC|
z%`lX@&sW85+ifwAQlklrnotVC(o8^%+g08nT4Bn?Kh<!^b4w}Nz^&t&IMP??N@1RT
zR-Ri6?0D{s?SO49*Jmk*d!};vefqtN_v!b_<3xNT9o@rFPfF~9Wd38~2uz3K@I^&9
z;9-OsfDKXR_QWHo7w9+4Z&7B+iCCEMfs?1nAb07pj`+n(!}-iW6vnCEOCwd=hecug
z#Y}d)#vURT$uGl|h1!vzK5kSP&Z6EYW>V=yx~~tCP#2CXi7Haf;|EWjICAh@M<NzK
ze7GYPOOR$Ix%274A!aYDI)_|N0F5{TGi+}@CtMZm=qb?SmfTG4gUur16zF71KG;q3
zWO>7!q>x&x7RWnYsdeQChZ3obAbFH#IYFddNhCle0(C&0CPda?2$r<2jE4v>q2W9D
z6aNwkNI_NP#@S-kp3#%HYq!mWt8cB|IcKxhIY-ajb8_J=H_qOCzF2i~^yIHRmD8RL
zA9^<2@@$%HybbBNy|ClRRG{N;hiCk&W*Ro!c)n17c-~<<Zt>o8a}Ddi=NmgQ6J9kP
z-dGH8oamnlNALTna+afXI?z!FblkUb-o~P5(|s$I{g&1I4psR7QJ~{@ta{qB=_Ajk
z--!o-?vH$j+HCJz1BZCW`=OPGoUZq`cqrfELHP$x@1bhn2Nf=qd{D<qc<-U8=YuUS
zs%`TgcDs53M7va>YrY9P<#n!y6D;u2z&9h<VphT4<5<u2IQ63qLSX4}L9--7mL=xw
zarbz7yggps-rou_k1YG@F;;&C-{*n_QP2dI|8v2D$Y=s9@VQ_?v^0Sg{9Lenrm#Yv
z3zpv$R>kLn6)=TW84C(k{h>&OwBj6$@61=y%}l?CbwAAAA7O_jofh4N^FYVSQrtEV
z^t%|nE?wnHzU+5lMrx>T%w;6IUYJ;&eh%XFz*WAB*^XeYZ{nFRhEZWN7mQc2%00vd
zLtZM)3j@+jy4u|o5+b%_KES}F|B0-oSL45EL8e#6xvzm%8dY3flK_XN7VOduAz4_i
zyNSM*UEs&+LFaV-nKkH2I^<kB?j#RE?uyDIk6BXx7rGwF6YT0H{K_seHpN}7kSxwW
z4g-#YL(F!8q<waElek%S>4b$$N2#?Xqg0eN#w~3Bn&hEM0V<YB2+{@|tCrUL3|!1H
z`?9cHSu&0(mT}EJs$o}K(#sS(y%(^uKWr}gb9`t^hq_jOAkV|`g+C9?sJX1?q4mP^
za6ELCHPa?+9j<NIr&+h54|xj9E}R*c;aqB?!O!D1l$)Mt^@*yUp%#5~FS$`-zPNjb
zg<;{jP^S)Tz^7g<(|^}<agPdD{Y_h9{sWe*9e<7kmZ8i2{zzct)Hz6=Fk8Y&OEy)R
zrb1X%Yz(Tun}_o~IRG!a-kMDDxTA)u{r$S-ch&<3V2T^wxOwR6u88P;UdiwWc*^aF
zh@0uRMXf?cscMdhQDsoogzEiT#QQb=fZVkiePwWzQ#$QY;5`}<(NyTd0+7;5GAAR&
z@DtfEDkaU7v{15(l0B3>D%nx7W5m<(+z=#MOnaoZeCADje=g6DR7Uv|Swsb>3(|%n
zZ#!J<h-qL`Yu*`wBMIPkc0~eAL1m(;6e^pPjHLI=Ls!ZDnn(&#CH%|GNj)Tx8Ij!9
zepDw&?S(5Jo_yI&Ce_0Qo*Rbo1W!pw^bh1NLY*eBljKQ=$-Xod0~!S~BmtS>HYoN>
z!GkOdt5OG9Wu>s%1Qr=Qy(D=^B3{WZrU&}ivM~u>_ztb6k1&xz?KIxB8gKR*Z+6Sr
z%UCowm)y08#BZ2b&k|X|hw_4zDDgZq!!b;&h;2aNK-m&Xor_B=(PhGVANYvmlON^o
z`MJ8yldh@S9b>-Rm76D5PF3z2bKVIzOot=IaAcOVd%Q1;g>Ymlw1wULp!Y`OzZhWI
z$$?_1?LM`*N6By8ce#5WWD21ztn?Eqg;UP%ePQ=~s`#ziY?kg`7FnxLl~xw-3m#+n
z{DXU6+il)kDObnVpkfNF1H&9h=@kmLa}OTx2fgOwDdi8r_C}+5Z>4+zwvz*_ed&VD
z1nb_ijUW4-|Jv7QIm@On%rVz4PuFcL)@_4kR;b#J(j9AN)@&UA%B;g0*nHnc>rc~S
zYfR6FJqA|9hLpW@M$wIgBqqB3FQ!lFW)xk(T2yqigt^D<k2^$LGYlCptwLmDrqzzP
zJ!3r$g9>@Vvd*kM>o6Dd(BCCmmEI7ya#zd(9smnM3xnm(y3T)-343p<j1j^fj+=o|
zEGF!En6UTF&n@gNMT~N*Y)Hi}xfC%<>-BpQ?le}rEUdI%B;3UuQ7dE4Uc*Y8iwI7g
zee2#+uzi=IT$?e1Lp1YP%*_M=Pu!~r0=^3k*q!V$j7s+BvI~NMPhENS7lME{>*@DW
zw5DjwI<odY>{2qhWnFz73|U7yD1uFs1!OZVe+jO5GbKt3MPVKeRVIiEuL2dw0#yp*
zR~b3+Nk8;7$P=<tR0@I*G4?CpU$+Xcp(`=yog*8&%cJE6Ga};)QLoCi!HYfKgA8ID
z|GSD3w%m%*0I0Pq64aTp@D{<ZfS|wv@z}8Bv-_tg7XBF}Z&NZs$vc$1OUd_<z&VJ(
zsB}trk4pX=NyIPwbIOxWsPj$P?9Efz50OZgUf~A)8rW&Gd?WM87URt>ku)uxOR6@o
zEem;D`4qq`+2TkY%VLp>fhhnF@eox1#kk|&M|a(7*!`FN@9ddq{oaP_{bRvm!|s{Z
zw&~W+4_iB@>P{k^e0I8i%dPq?#n#R-f1&Q=ozTi+Xd9!vrOa~dk9BgqIImP%E#Q?(
z`9rwR_}6tVU}SwtIjbb@z}WAs)e>sB-LQ5dIMuMdP`?9ArMd2Q-Rkjysk*I&+9qNx
z(ZyH`V_2WfySNp5K9lNBGRfzyV8<5ck83)1*v*XuJK&gIrjbD7G&^KY1MiK>X>=oh
z+(91Sg!MFBd?lPmQ^8TKTw(5*_4rAsJg&H_n|NT^m9?KgN-BPCOr@ErPr+q0-qNj^
z3G|N4q~K;;=4c6*(F_UQ;A7=inMr}Tj6RCF+O1Jc6*tCZ^j@ZPSy#UmF7riWrSXep
zVWssd;W8e>8i0eAUs!1;3o>-IXod@odw3M?;Wcm%eQnIShganq>M!FS?(-?yQCT1M
z$f|N2Xm7-QOcwd?>Wm?als-T6UE+)Tu}l2tzh&4ZfeT;s^KhwiQL$UnF4217c?1kk
z!F*3?d^{HX!tvKQ`m*rXdIA4nEEKgVQj5L=%=c3T+fS8oA0(A3^XHA4aErD+v1%r*
z)M(O5U>W-@pgtS*m-ZXX6)zvNp6*h@4@xALNbShpCCMv_7{fyB2NA*rzgzS=0>0t0
zHb^NjYmmSKDTVQH$*&0~=p+1V?Ddh=af)S-4F)Rb)P$hMk?KYYQ&e<T)m|X{Tl5tE
z3Q3nL7_}(l$W{#us2fS5ic_9&)lDFfWrT}>AO+On6V%|kjmb;GzfngR36g<b!>n<n
zp|OouyC?{;o(CF7+>Nq<qfxRnmWfWgWzlJOB&17DQq94`=T4mIN}M~BIDGtI*RhVo
zxvxCd!2~Md-w^^2m!WjoN%9%y2?1?UL8^lwld8_<FZ_GT{Rc{ZOvwjGjFMG}Ftvxp
z6B~soRh-(iP@FQLBO<1Yy^A6pT$U(h2I7}MP<+C=xEM9(<~l5=Eca~Idarck<PT5X
zI5KwRR#oGqvsktLL;v>okImXRPt6>M`dK%(cH{J#)}O6u9qXD2ubU3<EQWWE9hnK&
z6~oZ2tq3%r<TrNMARwRwueGwmPpI(MuD}bI?^Ee-)ixx=sBJ!FZR~*;P8drWxW#&o
z?`P1<dMc%?iV$JoW~#Q|uuont>^f1X=)7;kuzFW&#PGUDD9k#!)sf<==-6pC!EMFx
zHuzZs!5gcK;r9EKyGO}yoS32unL-%yBz`}k<i3-02Qf>kfDcw~HcNNc<i4LOtsFtj
z(@?JV*2-0|a}Nf4V>KIm0a&G+RT8RfteGl)qI$wv*z~2p3EccgkSNbs>SyXVP1o-%
z*6%FTwcKc)wOJ~6-?!0BXj}%Cy0ZzfBDNNv1h}=kKAZPoOR%W(w`x19oF!r<`H7eT
zV*|F{GQ~<$OLf*Bv*gaj9jCZlpUQetzkpb#iIHXkBSaEw+zGaBJKteo>vjVRH5CR_
zcQXl_OnA^o(F6iiDHjx7P2f>+V{BdTWh!Foy-3V5%*4F4CSX3arS7S5D6H0H=wm9r
z#+(;w)cNQ}CNdD12y-q)m~-pK0|R_>pMWNmlrmTH2@IwCy-@uRJaH+_4EqA!KEYoZ
z8*5?(c%7n`f?W9wUS1oxlDsPNN8uevM~}iGYR!n?r>zfQZUj>W0qzDM)EMppW^zUZ
z8ma#>J9`7UktSmYUbcbr7t`{X{FPFKN7gLF`6BH0WW_%x45vp*?E~;22;&%})M)QF
zj<^(-2FZle`5FSr%~%;@Ta(oCr$~$%|8C>Wqap=dX&g(okvA@6Rz@5X88OjEk3c%K
zEN*2A<NsiI(fR<b|4yi8I<&qRS`R|x@lK?bpF(IW$dkuAPl-aC$ppThm4dp$1nZPd
z;4b7ro8@MpiyrUTW!4JRj<sSoX+yc%TPs(=vatbHtC&bLK&8-Uf^C1@a`VcM_uq_y
z<esoJAq{K;ktM4z5;m+tWR)TYc%fC8o(&_aPa<6&QPtnpfX!DUOMs_b>Y;=NZaMzE
zs>kbrc5#PJGSxsioe)FA>H#U%NU6D#9<F_Q1<h)B_d+97-6li{ZEY=Di<q5B_Kpjh
z&eLtGGn9~S3I))yG9^s94O3kMjf7JufZp3wM_t$(q#U7&%ffPH$vCE1#<g|Ou*2*h
zhMnFESRs6JSy(M)?KJ)EbFJNi-oVoJ&^c+g3A}x8XL_XT0=?+KE<<m;Jyd>yQEQr_
ziZOINPu6+Na{B9vhUdX+ko%ZcC%*-zIGdS|P%%t1=EFY*UZTCs482Q!?KnE(>|k$?
zjo7K#NIe39RE@2q$H<;?Yq6}2LDkZ=G3K&{f4WK44B=~*ycxW;CXdE~r3E4kcxQz1
zuGf**^|7u<g+YVzq~UI7uXoB?)6b|ab(Z-IS($}DLL#{n%(<ILm|CNC1GL+W*+`a*
zjMh&H-j9)(yk+$0LZ(9TQtF#;;3>o(4DZ6JGnQh@;xbDE>H)_Q&pd$b{HkI7#O~=w
z_7)%6JKfOs;)$_?x5KN)``#Oz3b)RZ+VD}hm8lN~jiY|Na@;oF`ksB_@$dVm`CUbR
zS7Gh$!tSm@#Tll8unvnUH?P5`3%F&<jZ*qxwW!am=eS(@z@G07n)OslWhG8i&<bH$
zw_`n6ou)_0MK*55z6bEIUo2ZOXhv|@GYBGC%xekGbqIDr3ivkRaJjy?eINE>NkG~L
z&`>uD*|kVOnw15l+0Lg*6bPL!m?{J%T!`qqK8m?;Z%*I!UMBnz)J*He6o`kl)+y%~
z9~z}8C!3YkT#}Df>m_qdMOj%wz?1nihQ#1Tjfq@<8V^Yy4-9Zxx?gjV0H>jT@DUh{
z$j`w-oDO&3ovN$l?o4I?Bj%9HrYZ8N5uu>4g*D0_v_K9fv_>WBvoYFEBA@(b3~e0&
zeiTmlk4T{EEZvT$*cQo-mqK63#{$|JCZh14P%=_;BFoB*Ryw|Mq@t01D#c*Zt7?q$
zr-$((Ec75{2Eu<Pr2Y$%h0adlCselt+Z?mu>Ab~j##@Bj1dL`NTjDepBm5o8OhbH3
zT$ctz89o;x$M)m91^H#VE*Aq+N8IGp1GvdAYj=+MW@=YW*EapEwrT9>3<dg7a6bh9
zKyY$pk!UM&<(8(6tW>oXEoNy#NRDc|fpVf*lqe(z<!W!OybzYbKE%>AxzZf0QqC$3
zmL}K_r#H71H@6iU_d(&=Up-U3V!C>3v3hGE+*D|4zxn*lL9#ZTwk*NiWaH|#Eo3G1
z@&}!b`M2N?TAn(z7z=qEpOM-wJ2OGnb4Sb=$zyup3&IzSDv~NvW}O$b_mFfFopl-7
zYGP>an{jtp=!`XWu0*sqWiU{t<j|Q*2DW6opfMLSg{sV{St{UbY86&gxezC<u@rS~
z8hI~Oj!a0dS#OYeij!UrmZi#(DVF*gYuJ@4N2b{6y%_V<8M=9Eoq7IYtg>TStGtxG
zus~hYR(mOXVL@-k^8YaRf_8ch>ZbXw(X5_`=5{MiPkpDEs`@ck+<_20pGJvr0&;)V
zjkNsI!>eNMHYk7WooNU$aUW<DRALfC5LgB0X^Zwwe$2znC|=D$>R*QP>{qFP`U~aR
zhnQ|B{yebbKGzSd*_e7*mk(iG{*f<r<#ey0_U4Q7WtG94kVbeH1#{!OUF<_Ei0(Ej
z+*(9emdv##A>3+oH&kU~;5KfRz-{Cdts2H&rd97%>yS~Z;C5tHu*?FA7S`=i5XMV3
z2u|Vf$qg(vCooO>&nQQxVkZ4CdoBfi?Pc-U%_FTx@N#{IKH{}t`uK2MAHGqMqWK!<
z+QzfDsmo)$F=+;~r9`DSct4pPnDASItR*>El(WHX959u(ZW6dVl>7w}qoeatIk;L5
z&u-o!Oj13I9ao~ScM6&EqE<10BF(x?8QH?Td7&{Nn@gnBrBj3C@C~%X%ToT$fi#kM
zcJTo&(L2q1rkjs_*nDiN`Z&_bgVQyQw`v-T&Bw+(h3ezCLsi%Iehb0BFy6iwn{4?0
zSLJMY;;U2ZU=2WVVO?u6L^2!&Wh2on(qo7L!@X)!W--|d4bl{ojaCZ`(n>iqaznIR
zr1!PG=Dn42b!^RQt>6Ut??FcL_rm5-mGXz+^j>U{-g5avdQUc(_g2am%xL1PtUY@a
zSSM|!cr2`<+(3Wm<CPnxLSOps-fPK!6}ld}X_?yGcJpj;bNd^XH}@7pUn&H@3|TdB
zh-B5pt@aF!&pxqnH76{eed6RQzHAXmS^M*vlXm-0x745Xc>m7nM9RMC&=m;_({w_-
z3FT{EiG<`&B<N)q_T8|A6iVQ8fr6N)uNhz~CnQ%QfsYr$DhGj=V_)JC$kHL%=@mrD
z!9L`H&mrUm;a^gNzoz8BQSu=rA5-#kO70?&Y7+Re6kfpSO(gSqAp=JhA~+NB*Cw`8
zD`FJF%WCo?WW>M0(fKAfXLUK;b5)$vR}Al%LJWYT<zq)+yrt+^J8Shhyfbwx$2%q-
znGh#7zj>xu*EEms4tVEnoRg=db=HpCxfSN!gJ#`PXzY&LIo`Z`jU%{lbQBu9<904;
z-rZ|9Itq>5aXVMPSa*}ry``h$cCqe$GvrZd938iFtIS7#_{z`I$}>fZJy*CpK?OO9
z6Xx*~*(UsNx^t^9|1jIH)R2&07mCWH9`EZ!h4d8x-=~y3T9M>Z%4FUn0*>$}1T27$
zV&#dtN9hAb?88Uw&3(yx>FQ7p0o!6mly@_2WcFDr!A-e6)VnH^?8O^L^j(@X0O0GN
zqHL}vVN$9w)@twP%ijd3JlE0Peemd+?$Zf5YA7cBSL)*z+1s-ClqWukBaoF&*h@(p
zCHpAZjYRU$+fX?XlVo3Y6An|&QA%Qz<SBW961crM;Ww1bQZh%$^OU?q2|GM}l+z9r
zK4>X_v#(wFf2hED;>6=fL0>GEIjh@ZzhBK+EZ^Y%vG0Fyq5sKk`85|Ua?zi2jlbsF
zf6i_Fq=KtyDR7kt#R*l<1Z(j&3cm8uU@dSpvlZOBNB$!8Zs-%v*KD2VeCuolZZ*F5
zfl}AIu9-k^CJ@5^SDt$5sT;1J^cDl%=(^5|SY(^$g-u1zjwx&NtcSC#nGJGQ`=73Q
zVbz>9V4*{64bD<-mgiQlef!LJ&lH*tOs#4!a1Dr-QCr$AE0mVV86Z?x!b&-Evr(>L
z_1oU>dS`-F6U{fei}pw7ZB~Z<J+ISJF<Z6XvT8g((J}eRq&T_xoioL?;HW6O8NNq9
gvz?ZpW&31!mcvh>`QSbJz2EdTiv>KDQnu3nAFKmE`2YX_

literal 0
HcmV?d00001

diff --git a/tests/property/__pycache__/test_incremental_scan_prop.cpython-313-pytest-9.0.3.pyc b/tests/property/__pycache__/test_incremental_scan_prop.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..07544a8c52484a877a52c20586bf91f5af552a6c
GIT binary patch
literal 57091
zcmeIb34B}Ec_)gE*a(1FxPlu<iXuUYJGGD!X;Zr>Q41m1is=}ENJyeZ0`vtbTTC4*
zX<y1L)6kAn$!=cFIB89#nM9rGv`X4(>|~~KwiXB#6TVeCYR7%4->-{gxz$)RoxJ~d
z?h5L1i{*5Zmn-qZz2~0&p5^=g=R4oI<#gJ0xB`Ek_vok3>vaE}9;C}E-rQPe)agE>
z3+XsrNFOpB&~pa%YwR;64FO$W4rdMsZ!DaJy|Hpu{2C9~`s|#Yy)zxi?Q?LBJ}2kw
zb8#-_mIJpu&du)42RwaV&fDkXe0}*`K6A4iDCjHX3j2z<qP}9TxUYmO>GN~`zEZBV
zuZ%0}E9c4sx`*8Z+ocREzty^jEAdylNiVobzg%Eh|9;7z^vhK(>%Um?C;f8O@V`gN
zhjfR$xCi!0Ps(q#E@TbaLiSK@rx8B-lsD2HeCR`tkh9Z(_Xj0c<+ob5NqpFZuS6GD
z2cJiTdo^7)53W!i%R?RV;|_T`O<Zu99D4=d17UUi!hOi+*U7c90dZ)4on~Dq|EON}
zw-Npx(ugY%D)8$b)k`JhnwIca6)Mc~*Sv(kBIHd>hHEL-p>B))x=_g`gW$-uGB-cm
zN@ce;=2ix`a@nn&xmCceQg-V&We8SB188tZxWssjn>g2aBASd12PR_4iDckpf(z`A
z4{@=vSbQQn8VC(V<AL4rQzP+Mlil9X@IZ8QWH<`HU4envW0NC-$7En@Q|m^MHX`jr
zHWAs}&|tTV>5RmZEREQ3m%T9{B_3#N?+WZZ9gUxg1%^hW$>hk%k)i0sNFp8>N^o3k
zXd)g<CbI%`bY<mma-8xLNDiSiS^hRr7RM52Q8q4?OiXe^u|VvJq0z}CV$brqxhoKg
zN5_+=6BF<{fs&JtH>tJ{1@*k?NOa<K(8%YU8aW$_^VVc+VqzqID#@FX-^sBUyx5Zy
z9CC3Ag@i|!P@r9iYG@+C@m^JphFNww-YKORf{$3x$~%QXp~<naD0hyx3y;UnjmP-B
zo#T_e+|cO}if@vO@!nk{DDT-A7aJZBi^jW;j7BH$`NnoqMiPj^fl59*G92SrBreIP
z5HWA3PYbun(TO){_<1uQgkKjuF*F=IdFu4Yqi06P;)(Icxa7p-*~gzaH`UVG*50vc
z^OmihmyEo1Y$P5@j!eaH7kxs!i;j+;j-H53jQkz?_$32xBTr|eqmwb*!WX-JlSXpB
zbm?>=Z|1;9(8Qb0#Ll6TS*Rpe1V^qI<jp*gA#udStxiY%f<~2F^&p?og)tUU6a#8M
zc&1D0SL=|!LmUOXq~|RoNtSio>XS(d72tbzc0D|>`^e#k@twGnI}^jPhglDKcwFo@
z>@hN;^p!{w6&j(}P2=Zy>-N#;*oon257&VBw&5@70y(dnX`MOxbjOA5Pj7#==N4Ra
zK{M|fP7Ixiagk(<J3BHI;|tDAo``XAw4Y>TI5s|-I7i))FHD|`Cq@&e&P9@^qxklb
zlZjD$UcMMlXVHBT!`TsTVlp~97Da1`$9Uff_=}9i(3K<bH2gRo`Mk$R;=_r@lTva+
z;<!SY(K+zP>hb~91Jz}<ZjikoB8`M`Ls;Lfr`o1#cq1xI@F~YMU=rS`DVrk<A!EqY
zX&kVq-w5}i9A!+FQ!=s~NOQcB0~2#+Tmgla{pT=uDh0b_cQbRRPmt|yVeTvC+Z?iB
z#zDU2_^d3P`>yzGgFeYEYzP~}rf^Q!9JYk5VH;)>Tc>TEE@+=>*&B<;Xv7Fa19$i3
zz~dtmrvqsBBg27{BeBupWD{43Sl_GwnW|g5>nL3`(%8%u!uMVMgmSm0e!{Io2(Fe$
z9f;69xF9`K%jTPg<*_Itjk6JPI6T+1eKau?9ZmM&M(7TQDGsqGJa*CZ^u&c<dHPqL
z{SdbS?r&1V<7gbZv&{I=bjij$<&-99fV54<M;@DuMMj2sQ#?9`K?&WE4Sl?4TpSi7
zm{!DbF{&O*t+Dv<cwz+I%O0JW;6_eNqSx^*F8Vl%a}q;rd<cWOoiEHvQZ6BHNKWvk
ziP#epy!qtFDEgqvC*?))>5(#}c9L=@)fiu(&Yj}Zr({lc<ftBzHPbM1%Nr+0hPh6v
z!7d^+<Z#5*pfbcncoW6V-A8Zk2T4-*3CI`wsC?OS-;<-yM+{=}t03ofH_f_&lB*@n
z^Z703`!jCeZJp6m|MbLXcf7Fo`MnvB_u@dt({(e)SZ=;;)>)h%KACpb&YRcYvKWi&
z&+or!)j8Z(-RtLb>(1|bJ<oSFzji)v{rP?B+uXdX?%Mg>^~}SwJ1*>fX7B9L%idJa
zU^@Td`MmeTx2NE0VQ}8laK7)2-11CeO~zZAae6YIl8nDPQ&2)TzVb{_$xWZ#VZNcW
z=a^Y*8=}@GUGlKkr!nje$isu=U58=uxHqKlG{^&ju~`>44br^BE@`5P=M2h2U05DI
ze7b#6oi1(;8Nz0lE+h<cQc&H1Jlx4n!~~i`IUx*0${^&@wVUFW<CFBMqh_5>jLq6^
zj9bDv1G!3Q=`L)M@+%J5PUQ^-Cz;iaTf?RSnr9bXVXG3pe@Lgx#lS!4kvxS>%{mNn
z5EGavV8&4Anrc=JbqdQN3~@rYRoJuryD-xE5gl)ndmFEhaGT-uCRGaWUwZIk;~j5{
zoQ#f+o`?>exuoX~BFLTmwwAVz#+KH`)=kG+Te{j?x>{Nu;ypB*(`=1S8^hd~JiX_V
zSxGj@TQOJ01vW3naS0A%0-N9`M#c~_IyTNb)S-F%NHQ`W<t9d=qd^<DlQL_?s1iFB
zLr^1lMm~olHkaE)uZ+>*Vb+<zM2?SR2;#hOM!*B~)=7+$R0Byof_YLs#wW*=M~);C
zVoGCijDJa9Kf;R5Tjc;Ycv#fQ^I1{g1Kgi7oScEjVf-ck5Jc?UpY^^_`h4l!lj)KN
z=JOw<PVPOw|5~2+6O-rnz2WrEbid}Tn$~CBB^RqM`Y!f9H~fXRm$tmP<#O-K`qaVG
z>6(%GibqrBXHu@wX=5hW^@;m3`Q;a*7elkQl(%7eXU6LOl;dNLnb1{h$zS`5t`>J(
z@uiEq=Y2iX){ND&U@cBti!T<xX05)Nr*l=m?bSI7segNXnLJOXs4-JepYavnbXurq
zTcn<iJ}h6<!l|d<x(>RSq0#Qy1P+9Zs=lpflf4|}lA%mlp$tD&D5Ell9QQUN&9ISZ
zD5vX73Y!x^KZ~QcWsNR!@5Siy|FY4=OruM?0iyx2aq_4l^<ngKa=)92vN89&nJ7DR
zznh85W$t$~Lk{My)El+&MHd^_h`F*U<67Lw!Vx3DE;+xhL6QR41%}EJwuSBC+^{3;
z47+ID>9oc3Fm9Ddew5#Eo)m{T?#ZtPXt-H)slW=cCB@xgcfIH<iWap*{yc|s2g{|%
z!Y(PzxM#_Hd&GQuF<xus+bhKp(DnblINmDri9Gw@iz9oOPja)qI5Cav3R^-B)#&b9
zqLzHB)WF=a(OpSRJ$nhMIaisQcG<L2tCDjp%q0Z)5YS_e=MO6Ha@agW@Q(1VAe<jA
z=rCZu@lE|iHQ$U!N4P-ZB)|cn7{X|m6lR`eVk{OQ33@a-&Onc`Sd>Qllar%?;gORk
zlR!Imaxt)s$v`wP&c)7-Bqnhi9}Wyn0+)zS2$4R18XO`48X<~M9&!ORj3g%lBk{nA
z1X%g{@dQH^Ff*MCj3to3NNhNGcc?@h?-58&uO9dcAsEZ}m9kTh8HGGDq4rG^>XFT)
zZ0_WU>*p<^)W}g2<+czZ5rNxEFEL%Plp@>%^k`<WMW&R=v*TDxCuUAIc{<dS=N|5T
z6w8AkK@XewxDSv67!n<Kg2)ac1UGVfiR>e?p9oEbTptk{Q#hJ?c<YHoViX@E3AT1*
zXo5|W!sJ*eOpbP%{)D3Nxx!S)a?ac6f#sX`N;Rm=le|Z)DaDB!p;U=U5cp=9W#;<H
z?GO=SmU%lx7a<NDlQFxOzBF%UpA&cu#V&ba_mUUxQHlZ*iO`04i<pljRlYngXWa;#
zc!_$FrlzdS)aMcOL-<QJf;GiVov-s2K6~QAnP<+-^<MF$3%AXCwx93&YdCTjKKRTB
z=Z;>fN*8UP_jaE@@YnAAX9q3}J~KGidPScu=$dzLJHP)8lYP1?om(?IlFn_u+?vkq
zxN6#Ty`(f{D$Er7Q>KEq%{rHFrt39l1x@xv7xgpA>9J|!>&0bP%iHIRJEonCX>XX%
z+c0f<ohI_&ysu%}s=g%#KRBP)z&w1`@Pg%e%be%(Kx#)MUHpN0UlhI}O!yn;3!0|w
zZxlCV{B@Z^u<r$#g7Qqo`b<eV-4s=2O3T5@m)NJBHwtyO(gkZ(+FCW+c-7hhaYU+z
zPmj%e)=iuLD%bORN%_@^*7=gQkM+G#QhxE#`I6vt->RecFIWR<YhbqgHEZ+DkY4Ai
zeET@4Z)V$T&Pu9_;)|Y(#_2ff;x6_DVOiGdU$btwY0<d?Z#yVt=WEV#3RyVw*v!y0
z_@cW*mWZi>@oAut6>r;hZhywRPR01t2#k;0e16~CZe3nU##?ju+dT96y*I!#<<C5r
z$}LNo$^_8|O-H^Yk>%DAOm?5qJ*?yOSVO_u31<u$IMc&9K;+HJln53_|FA_6M>_Q(
zvw~GiA`fR>A&f;MjBSN5R*f+B6~fpw!sM<H#;y^@u|k+!jWEuTgL9p723>s3F~|!7
z=(=-Mjd1T&0PZ*6z~_iI;sYEJ;l<Sf<Ez2sHxUTG2e^JTelDOnBi2h}lX`v&ZVbdQ
zKc15(HG61Z@4<tC6ADldWIgsobZ7#TRstwVAc|E1HvVozAT}m%3?N-;!fUc0I}M;-
z0Js6~PsXv}AVi9#1S~d8;5DM7TMXquKxyulhS4NVj4|Mvb_vL7vIDR+0sW7@Nizo?
z93&_qOJn1sv1AskNwP4L0{+p;qyYUS2F~%CLDaZ#NsTvd0&he<7hT8Oq$QMiPS~IY
zZ~Al(n3IN9UD5z<4D(sy<N!^9i>?tvKlo(gtm2lqIc&TqF<Im0<4-h#Q;XZcN1}v_
zFXYXhG&C!D`{IDi^(%glD0$0`+Xunt3RgH+;tS)BK^YZLxjI#Tos!?g--lgYnClZi
zsTbqfYZwmebc3>-FrY0D=)-v(kid@rd52+>NeCJ;4$9KN0L`0=E@gP4IeZv=uPPN<
zG+1;&>bXn0k#ZS@M4$?-DIeS&`Y;xfL#8$5vNS6l&0H#VEawiTUnzG=DCEktqHl-v
z#ePm|IcH6^yqdOfmqaVq_G;R~U7=CyIX|auLGHaPwi;Qw4Vjy)jTq_TZdI7FMI8>0
zU>PjoT#Q5>c_f0bxF?)DAj_#rsIW(FmDa9j(Wfz9_v34XJs7314niYn(h&C$z9IXx
zF{H#EcDLwRj=YM@sLETll8SU!tqaSNwiH`TAIk04#~t{~>(-C|)lwttUj4q!D2FfX
z(;8Fb`H)R*G%Cdl!Ua;h+N&Qf$m+-1BcTIQtv=+W7*u1SYfbHcHKU9yiA(v5u4a^x
zL!rI9RQ0PlVutgjdJW~>^ZeVSxYv|_ITZ2_B%#U3+DxIUB-*Xmqy43`S|UU4LcVaJ
z*b<A@&=QNJ(n!BzOU#cK?A7;o3T^*XE-5vk2bfQSF1oYJZl066VE)v>-C3MmU?eFk
zTY!g)CRJ=4P?3|%b8(mScMRR#LH$&`wtoCvdoXGLpm-DL4$xgoFj-H(twF4tJsId0
zTwC!d_@q10>n71_r}Pdt;;YT#t1T=RM8q3Mp?zT=V#*=}b#qblDrim^ktC5;BJD&r
z5!p;+3z1IVgtx6zHM=IqM@hXzL23e6av;W1h!y-RgG#16_8xHR(2ijRYDFPg6zzw=
zWEw`|m-JKZRKhkX+qh8*-z2fD$Rx^-*vW4P;xG%z@D>0;RDw%J?l({d%3~Xmj;VEm
zpa8B{T6zpj#?QnPk2Cy=DY0|~?zpqEhnnJ^p{nq5R*KCslo-QGM2xKru*E<)v06*=
zxvIQzpM-B#iM;*(@pBB*iE_LLE2YRD7aQlqh<FEHM@~#)d2<A~j9FOI<%@yBBqm3P
znb*jv(ZmU88L;J7TO=8!{Et&?q>~bzhzRvLmORDhFxH=U^|Bg<s?Ba%U*Ua{&)5@K
zu#7V$pkOg?O2$S{a{m`)l@Jf^DJr6MSkkSri1Gxl=LC#}ErM7X0z+-&x5&GGi2HZ+
zn@i;oGSa4g*eaAzc+=XVe$^qo5(?3Zuf$=Inbn8r)WJQ!DC$;q_;%qz@VrU=uq8<>
zUl#78dJrI>4eX;ZIZTGFB9fjI6hK7rD?;KIe|QywX44uX{3m2D`5nkY=XE!%x^h4n
zCDYbxzN&d&4Hjp-{snJ!+FL!lW!}4K+HyVEx)9v<gW$G#-*(X1-U|nwJ&+D=o3^HW
z+cUwIg<#hYf?e}Ic<GW}cG1gih$-!@ownRC>zX!wCGy3{d_ngYBXjx-W6zFVicH&6
z1>HcO+(4f`@zf2S(Psa`&|Jgk6T)rHY+}B8GrLb!Z%*fJ#tO8}{x*?+GQX*N+k%_v
zr<mhg<cMWxll{Y+Z<G5!OTKQ<(<hV6*T0Cq^!5+i)b6*I4?WYR9a?mk(w1Wt^K^6h
zSiexC9joZRLY}@bv_xpZeTC3-4ceha_q$3on_&Lgr$8;sCB<i9FS2Vp<7$1q5@6uo
z=cg_j=N?*U>`pg!Um2Qj-0||!bmN{2#^<Ked3#f?eK(AHXP^GIk-i;O7W+Q*Y1t=a
zPOK7dICMo77ZRUIOz+9~N)~*zX<zLPox$l!`D*8i(!Q44^zhF_{>g-fkt4lg?r)L%
zkD;J&_BOqcz1^Uv8596N|HAy3oFCq=b`?U(u1Jk}zPVh4b46MaimvPxWs#+l@ov6+
zc45o@^p^dp&3!5Nf!ju8MF~zGS(cSl-!kfo*1z*sxh}u^9p1O?owuyI!k%~D0)V(r
zpCsu2%LPYkOt1I~j@FxA*<Nt8(ezz?$<a3ZcPq@GS*Qt3CxnIE+7A96Yp1_(sL4`1
z{R1{xMp*|0<2fzPUcmqcWC;*;C0<>}MVSTCM%V_KWxa^{*n!d5eY(AdeJ3Cj<U;z9
z@enC2Qv6=nN-{&@M-oRXN({1`Fd*Y0N+?KJ`mmE>C$FmH1>>NMm<(v53=;N5DGrmo
zproSB%gcC>lshIbD4{g@<}6ggs7gcIw}MKT?s@)YEtWOqUk*j6N+?H^7hI~6kbd5x
z3*W@7{f(jbV`-PyR6|xKyV}AoQDVqbNeoKOYRj(j>b6Q^utR43zIMuJU6yS?KG)p3
za#`zg9RJoYQ0sEu^VTKnSgomb$)V7?ocE-4x!&v6wb#%e6Qxn0%Zp@CMJ}~L2F;u5
z9S}9u7t5Z#yLRo~6@a|L<S=n@9a@-yIMne~i{VY&1@tZMIU>YzbN_+JXF;a&gg7MG
zCU7TT3M{U*vc-Dt1q$#C2*kKMW+8fra$8m{%85A=#X0WxDeYomt)EGe@;VBw+=}8D
zH%qBLM5K$z=Ro*eK^}{c_9{n6G@rwYz`aObK2PKeM1F_J?-F^5$Q+SNM1GIRmq3DU
z?%&gWwt&QancTiY<T4S;sZd}45qG>(Slt(eLZLSQn7sT6k^fBOPeGD2GpS?}b}I-b
z8wF{RR1RdpBnfT!h*;qfR28)A#3k<|tCmcJj7cAI$r$Yzy^^0cyw{@1^>rIwI{f0{
z`QrDzc=+ODfAr+<KlwfT!oK5a{NHl?1<&UWPdih^@4Hr5vzY0eD^B}b8B6vyF@kE2
zlezwk`ORX5Vf?Yos?G_n?3Ie&teRcFP~DNP?nqT_N^RPoa`!F8axyL%Qd_=X#ct0X
zPy06gpHuSVnk5%pmoIsL%6(|5lCzLZx_HZ`D_ZvssK{*pP4W9~6`|LBx!_<P@z@9R
zO|NXNI#^=*M!6aEm)x~ZhZTT-d+yruuDI)8B>v~#bJsE_^HcLbKkwYN^<8n-zeuv%
zz2~lFDQr!xOAhr5%3beVin|`z-GBH2g};_qvVe-g7Fo8t_-n>AGXB~l#Ue3gfjb2f
zhb_lQJg<ty=Dta6<bNeXjQUiOiceN^<;$?i+@Dcs#vWV59Q=$J<UC0m_Fb^Z0@N-=
zB-I>aX{9=2T(Vdh{J^T2<W<L6@iStR*EhbDcrh{WfB%b#S<lzYzgqsihK0U|)A--{
z@C&V<OHAjb{O`Y3So;gaCfCgFSy;C@y>4@=W=m?z!IZmyDQ58(jZMxj`Jt5i@KPnu
zW|M(QD{Qj={oHraxwZLW(qMZp(dHJcm_tVonrzxSdSP?K(C-oP+7-0)))W`?^!^PI
zXX8F>@LC3O{v}V0;gT-sZry9d{FglOFV{1q)|GqDTbIn;{?t5i?ma=A9q%>beEfr2
zt7SRpv$R8R0Bd!Nuej&<CzcH34SO}i_`=Zf>N<s3p}i;7>G0RHR>ri~-=M39^*0xV
zSJp^WD@59BU2bXJW<{T}R^*C4WqrmKead=#p}Zy&(}62cg<0#GmRr>ZJZw$N8!iyn
zv<la-rd24_iS!FCIIL;K-T3q1FCTy2xNonqKfcN}2;bD<rKF_(!@KtH*$*)(d*2?3
zG~$Lq+7uY$utPAQ7-Co~F^LLDW6^P8S;8wvD{=n;?)zw<Dk+H<G?ggGH}ED1-MT8$
zts9^<1`XXhsLnMh8Gv?Km7ra>RnkPmjiNx8<uz#HK1GSo5TR8N(m2~XRT9AF_W;ZU
z!Riqdzf{G$vq%dLdVNd_t|jPWie_3X8!C~_DwTfiG8=b4vKK5`&C13+mF6lDwzA=t
zHk(9NlHAlvS}oikAO^LIsHr7rgl*yeNPaCSa&=~@fVCzG@?E@8B0dZ2C7o=&M9!Sl
z9+)&pTSOyd@+BfSGPaRWG)40MRm+7xP4sOfBK|g%JXWRTwXtJiW6uvZ_RRb41D$>B
z!hxp`%zB<Vl-`K_`YGRinT_oW8@qq7kv8yysy%d*ho0+oO)ow5;#2dbkr$tut@?W7
zR~x_AwQ%5(H2!xz@<Q+Do=RDZQ>Bq>h3kKTWW{x}4=mJfN!M;kt=pQ~y4=EowygN`
zyO@++@|C4zt1iE6p{yy5|Gs8XeXDuF*Om5lv8OAi7xum{jsHCl32%EITIh+Tdt##B
zt`wepF(!B}UU{Q;?1iA4C9i{}e9elWsw|JCd{F7b+8v8o<=pd-wzCj-w&oZ%Y-WA>
zqbc{mvcfWp`Yn&HsE!HC_v@j-)$`8Zlt$PH^X0-Le$y-Yg-0q)uXI%%S!eo2r5Q9!
zh{h%`L1oK*4}@sN6h%ny*FkiJ8rb5?C)-q$ChE9Z70$4Ra28cK;~K(QwT0@$b73>v
zfc8a+g@Y0mMry_2#Q<T8i!R#P8n%Op%Q^m=3JVu956VhjTI}Sa4QQl9C2z3P-sTq0
zk?Kpz9aExGLTNIXN+<x?W>p&6zU3_rA<I3_zxk)izZ?qrhuIHNi7HoB5?S<CJ`BFe
z5*r(#L}h12C`?jrLb;6TbcAz7rqeMf8`e;zqOI5_E1gNPf$4NYk?MK0Fb&onEzI&R
zTA1tjg<qf+mUquvm^Ns#QV)?sp@rqGp@q4%zcFiJ7BaOZwTbtvg=vUdXkpfO(ZW2(
zFa83xFz-EYVcNjSN-azdg%;*rLkshvg=u_a*21jseG7v%g8Zr7qJddy|NUBa-UsBJ
z_gQ8oAw1~X@po$&q(&DY>>gSk`=Ifh@C+!UxO_JV#Vz5|+WoH9oDS*E>OPYb(Dh@E
zq#d89^jnN4^_L86m)4=6Q4u$}Zy`q5oHaDHFi9{;X#@g-^kv(A3idXi80UKU$f~6&
zabr<LFjNr19;Ttw5y3oxBwVV@TS^I#(b;4b(tZ;XRmwl8UJ-jJ-S<$s^Pv}7pKE<F
z@y;zUXu6M7wdh~6wdntCE0lW!S;?x+KZgVNw;<|z<bF)9e+L3XD5_GHMZTCf+xqqH
zuXca0Z{gr0Y5d>z$O}iGJNm`Ecepp<{r|Mmy-wv=x^%~~N>?8JV&!b_*ZaTP|GkG6
z`ah7y|Lq@mA^IGgh0<{!M|8k!mfI32DqNDy3uQ|rwgfUAP2M3kE9OhUjvT5G-BY=Q
z^9Y{0Rp=2C-L$Oos$kNIwcxB|d6$@?xRgBQlGc=&UqYZZFB7p0G-$+}C&n!KnaY#y
zgr3w5ja6#-3_XHj#K|#HC0147HEF<-F<4bOc~^FNLFWoE(%(~N{(;Cp64BCwb>c-9
zydw-N^$gTm#W=wqyqBX6nJ7&@xJt<8jUs>AKRA0zSfC%AFB+V7Tq`L{mqq3*U&;Go
z-h5ePz9cg3y5=uWmq+J{zEb(c%K7r>ygxdfcRjCgA+I`}R}C51W}h8R=e0pVrR{Yf
zqE4&Lp319cuFz?<*?(-bVRu~)?jQ*Zp0JMzd+;7-ez1oMesnhMty8%QA!S!7LdfY$
zM>spG6`|<LUWq!bHhae9zqn<gv?*QMl=3&veelZmD@`fKehA{UrwoMUio7cshgz$<
zXd!Q1I&U2-{G5yJErjRAg<r>_xQB%oB3!ocbF>3Y%(qgTqU++qmtA~tp}Z|!-j*tB
zzr5|rhf+O<QVv?PU$OMH={(v)XS2^$rt`M4co&zRcDvc^_ptOrgv*z{QnU1e>*CUv
zUp%!?(UGp`NR@B8Jos{D>i(lC2Z1n}rDrWcFp(wmDCqk%UJ;jbYdz?@)l3*PAtrWd
z!6~Y@l<J~O^;Tw56)&wureB}|YGA*aeqS5bvn*kY)^4@LblA)^VxOxQqXSd|NI_)_
z!K<Vr-Ld^<Hn!jFqbf0DZMJ#{DxrM_?9$$!rdTbOa<?k`6ly`xs7gay^p~0X_rP+C
z40^07|8gjZ8Hz@%T~!hdNP_J*)BMI+_9-k3B(a9=B1n=uDBECB#UBtqi|PlKQsmu#
zl0XcQ#0HS$W3Wzvt%QtEx53DLgJ5++ScqY(Oi|IO{Z3|$fR3dghsl_*khTH~CB(zF
z%w$<r5cl6RbNTFTQsAHp_QwSi`l^7i@1Se~g0)KOVvG@CT82!9;27)6IK<D<Tc(5f
zdAj=ok>4TmyF^|hGDl?5jvU7d49CAvnCFRT@fy^7)x3tlYLqfoLsgPwgidx~1?2Br
zHFu#M!3T(;Ag*FHYd~)lRV@_NrHksm<j018?C}4ShZeezq`Qx#3Xe|bW(v!-Het_|
zrhOe4nw_r2s637LP8TMSpXL7RQkLkV4c&8sD|@Bd4^ua1Ua0R%*LS7rwx!(Lmxb@y
zS^?XC&E}9xI6fwiw?>#zj7WsHM<U=&Ct+_q!aE`nvU$f&2#D}`k;usroU}5ELp$OL
zytYIlI1?li;b^kp&J!Um2M#(2I_}#<Qbev3xkcnQ2wxC^iBK5M7*eetB93>+!v-Qj
zA|H{+8@Ndt@!dbFyJ@iISYbxgoSSwB=iM99IU8Tkab9ds=TzP_6y>;X8Fl6Wk;WS)
zJl<^6_UX>{iN~Ak-mTC4>^SjwbE9^g-W<C+pLo1kukF*Wj`NlYk3#)W)ePZJzN7_@
zTZiDZHshEfbEhGsW$MxzvU0XlIYArmr;dBq;Xole%4lQ)-zDk*Q7l3(bMny&h9KM2
zHXwyTAOMr}0oa}&g(>2|L_*MfApM5@(VaMT1O^mgypik?vwOfrI1g%sOeEWxpteyq
z>&R?8iXxcGTBB?&QWD3S0(&S{bxbV&$+(aq<(MYPDkLIBl8SCZlb!oDd<O2LAcp_~
zP2-nL!9<6t-()R=+3<>SY##@o^sYHJ>U!)_o#miuXHl9FL;5b{RC)@i7lSmoGiC9}
z02|)0F6oleQ+}~)%93SW@^P(YD3x_dYupktz}A3uz^B9_-G$|aA=pE=iq^yJgRn^^
zTw$5_2-^Wq8ruzxxuWhU7SI-7v|t8bIqgPvK7|2zU4y^}XvSz$#pnn-wCtX<c=T~+
zi!SccUfe^TNt-n<oTp{MeNg6%v;bEbVXT2|2BUUu@7pSJ%YntEMVP#S>bqU#Siwnw
z%U*Z4kK_NO6|N2*QDY-QjrEU-HAl|uVh0GhLe@?r({ZCAe9<M@Z@{;7XmQYSPskki
zhCO8E4(EsH$yQz1Ny`dq{Wfs?kPrs(<%DZsqjabIvV}O(aI;ekDxN=guu1YY&?4O_
zze)=yDTCRVP|`uFi!bC<UW%(1UoxIw3DvPU3|SadLV;(_Rh32Cx1vqAQoM>b-AX<c
zZ92z2uM^oi<C^M34uv|w5sghbqK=<ZlFeFm8B#1f<}qo(t<vM`ltQTLn6|esy6{D`
z^!P}BkN&*)^PvrDj-?p!isTUwy87{=aM2QDo}{Z^3_qGjIWl`Iko)2#su8I~8lMMx
z7G)ccaevq!@=~9U0tx7^LZ9{z+^^x!6EaGDONx*Bm-K~(zn#^mv}@WI_Gd|F`K-PR
z?s@x>4-S=bx2irRheG=)P<`)zi#}B-YN(bDuD%7{b-XI%Rk;P?TlqttP?1R&x8pRC
zVj7=dlhh;C(D0qC@25Q`7Kc3;6H6$(YE1Os^Y3SuT9}l(Ree7>6uzH7RC>>IB_A)l
zrd-LPkgL*AS(AZ{N@c3{rQKJ`sjq}87{^iBE-TT50<6zeh08=lqkIi5q+F_3>6cna
z+ynb2u$M)623iRINfyAd4hb8!0kXbnku7Z&ozzw7HtM807zXEl5`HQXn*4VgD|ILJ
z!Ro2)hl#0fnm8#k)=(&wx#j@b0}&OD1*RBBj=(UA%tEunJ@_J-WtMGkFyP~k5z$V0
zYXUe5bSQS39S+G3H{td6J2{gRCmXlIekBgP8^RGJ@l!a)(<K4|;u;2TPfSjXPfkD)
z74{e<B~_I$DJ^v!r^O-IofHgu;zratUeX|DbT~q1<k_FBms0PhD6j&iG7$>hW!|Nf
zZ5+q0^8N%jg41VVSyFjHvIx|bgE`E4Cij1%%W}U><QXEbflM`$tij4I2g|PIz~j(*
zmg<#Tpnw^WLw9g67{^6P%@>tP(sXRfAEw1)oV^N3NeaTgURPl1;9^sptE>_n`IRJ{
zU(|?F5xk9rEe01rTl+UCQ`v=k^Iw1Rlb<j<H~`DM6c9?;l7&%JK5yV~OsFVNWjBr_
z1SUDgsT@{6Q&m~jz%~U-U!AqZK;4wPjzM?vgk&Rik@Znp#H7j(R;kc55}O6{qMySZ
zZ=HyZjZ@Kh?=jpZIGk|13ugz@>A2?v+c-3wb3;Uo6vF;EhtqCZo1sJ5#OAYTxnD4-
z^CAVhp9l$kd=AO9=hn7@s4N*$CX?*!MCvEPCkj?959slhiLr6&GR)Qv@0V&&03*pL
zj<nxb-MX3SpL~oG2!0YL$4#8(^6<pDiMWUmM95o&^Nl$bR(Ord`XeHLMdZH`A?0_j
zfMRn>Efk2-XpHkxOn-{EYSW|b%*Ic$0?ulv@$P#8d~9UkBMIxG;)7!Ihb1Clky5(+
zzNJwOVNdjGWBL&Cp8Q+W>Tt=o%{p7&CzCT<F5LI@ee-!Wv(a>3-BoM-8_t3SXZ;VH
z^;ew@bEmHFJg~4c{DYn0`QQVfSE65O{!(*#XE^0pp9(&3y?pcZp^Rhwf}<hrXqfA{
z>gf9Kg)K9NYyOIhkN;NV+`!zf%f`8ew7+A<f>Ur7+|_A!b*gsD6~pC;D{ZNoo>z-f
z?&^8>(VIECqE?*QQc*oy_gnA3>`FD?cO{u>+?g)li3EaM7J|L$VDGD2Qo-I-FoeXh
z-dIzca#UvgRWCGuwt2=Z8?hvqwKE;;{GqS&dilDA@}{fhO&9f<(y|w}J-2Oc{X)a`
zbi?)^mTu4N+54^0S4LB1%?m9%()eGtlP{~fWzkhM;{=(~1{|GN6wFkv&y-eY)@`|I
zF%`L{_ujDUocW*X|5*Pg50fFE>IL71v~L50F)u&Je(-qt!L+ZNJ*0fysoue~Z;*kc
zvaYjeOq1TN0?qBw0$*nYR{;lBsb+6ro>}6G4))~-wOo-o<}9dpFJa45%HksIS8`?%
zDB!RAzGdNFmRnTe{rbK7uRry*r{-%9f9<I&RkP8T5?@Gs^{JEtZR2pJs(ztr%MYuz
z%s8)=;T)lPe4w(9bXmuYjjFsn6=<LLwZEQUmMID>6a~{oL6p|xouidkj~9<~wev+S
z?BTVd7Qp8o?~iq!w9bPSbdNVv*mAk#a&9W0fN76cc%AF{7_Gs3y!b*MuUH(9cjg?5
z=kcQGh{Edm7_Gs}t|*JzHB}U3o>{tz=Q)DwJ>EsGsUotj>hUtdBBC@|4ixVwY+>ca
z<g8)lkr@L{V@;K}r;FNQz?E_hLN;T)C>BiiB2ye*vv;sF%icM>C=<Pc9a)qK24G>G
zmpn3GunNn3*}N!~${jXtmkTW=a#wKa1&dtD8H+emSbA~)#celq`nqBqjWsioD%}7Z
zwFQkZQH!J~Jr<j2qE>XeS)i-ldiy92j@poNHoWsU!3W-X3kxpmkLYh7CdVH-8}1}&
z3Vfw7?^uWNmD+-14dz$6cDV8IUtD!WJNMM$=ere!$C}OG?bz3dhpP>Cq8;|I!NNd(
zoc;!JMaTV5BL9oXzY_W1L@<o17ZTRfyzmopdxwa!I-sW)L<oRRl3pLJ4p^`{;Jph=
zpUY3@G~G1x<ah~pZ)WQQw@i2x;-gq-N|!GgO$Ru7&(QSc4rgK*yw=fCwvdgp1B18o
zWi(q22pU8KqKU%YPYjJtCSjR;<j+uqD9y$S3csl<AbM9g%9s>j1suLzjl)ZP!XjJz
zB9y+79fu^${=*EE7kG2w#3VbJA`~(CKvc=d3D{;o!}#8b)6ogpePf{a(5|cq8E0!J
z7C}6MDLX>;Ishgc2SAa8k`-GP4$m3rD+42uFCfJN_U^a7d+Z(95VhPz7qB6mwbU%w
zaagyM9S7yaQ!V?wGF}TTH*7wlSm=et2jx5?)p<v<KEYk+zFW$k_ErxGp9Q*arL$!Z
z*!yzhwtx=kHoC4BVheN|cq(i)*au3bxRqa6b(QgL#kE-{$)}p<smQDLz?y;3l2nV>
ztCaB4os?VT;s4R;*g09>AFPqyDkngP9V#3j=dS{bcOuLsmTw!7zg#U0T#~SXW#?(-
z6Ke^%1M8*KlwUPIhMa4M&0%>mhuz4TMZpH(KX*V9%#|p0E0iAWF_k{<0luf5o;8f~
zXRtNJ3u;%V*B=mTSUa5RTPzW?jDF*5{hk<?Yk)@SMOVl<K)}bMOF8d0gcDRd4T$CM
zgjmq#NDW=HPwg8;X|dy7Q!fd9S-1vdq+fE;>EynIc7hcZ4J*@V8JORg^%0G)i!{+D
z7hiI$w4$Q<1+faD8B$zRc~mH~v_pK5W;1qSO~o4ah1^(E!Kpk0Qj?cn<5zM*+p#e1
zsgF|KX!e7At=_2a8)4VL7FE>Zt(1b)Fxd%5z`Wp_IDthM`;Pi}VVHVW{y^8F*LYNV
zRwxHPG)4&IN$4ABtAwV93&~Dhyf|De<pFCzPT-x}rP#HQajXG(fOBH&1I3`iJAH%q
z%i(rNcgnBE8jzCCF2$d8hjPj%;Yj&oc&8F-kK|YRRfhty=nLiF^IXX*8f(gx916M0
z4;6@bXNjt=_bH{2?oii-+ASR4vIs2&bKl}CYa>Z9Lq$u%B_b;7A3PxWSEYPVa#Ma$
zk23BrwJe~b{&+F8ygnxME1=2vC(SxQIsGCk3fs@iV4;2y3oV`MTFgi#1H%bsSPmdg
zEXonGr68rzlYr&|0!P%ukWiqRz9i0Vo*0>m;oKK8VStmBInIn`eaBvdLzySJp%@O#
zvCF(x^&Mk%fRPX0F$4m4Oh7KHc|HC=$?G@^0&-R&HX^x1zKKc!+Eyr`Z7L(sgt$2v
z%N02dj4H;_**grI<O&h=j%RWC0#lWN<iyD6sHhGnXG`GQP+YEv()?|tc_>(?LexG7
z7Zv>V=k#bM@<}4a6sQD*uNa9A0r<mtPsvylZA#&y0NI+PTH-d6&xa6(w?hGBICe5R
zIXWR6e>_aCIe^{9k_?1nFqnX`-A{@5DSp$ViIKRVDEA^c66VI0(Hk?fosr~9=>a<V
zNmls`%v=*17c5;KZWFMszo2w0sW4O`-Xo=#jGQ>ffH%SLH34h_z*tS*a!64m$q+Yo
zP?7!&uRp7xZCnj`-$G<Fkw2zHYU%Dj<1R_8SYYW(0L#`huuNp)We7IOO#J~01lGqe
zMt<jVa>r7(1IenkDv}hkmVCyzI)Lo@>a6rxT>#OR2GIW2(RaPIJ>{UYm=_A_t`^kI
z;3(s&1^33Zd*j^EuS70IuAG>6_b#~irQQ2p^}OajaMP$OtcUnt-M&z@HC?s!wW_YC
zolAgfkf?M1vZQ*Z_w|a_%T<50{`c3<S9H$o&E%I{IQaCz*{-?hSI%5IGxz>f)wZko
z+ZE>%bH^_GE<bpA|CM8@svTGJcV+@rFF8KvSO~PG18uJbI-WCK)L(4P6qmo?c+N4)
z%~j3$0Oolv8!xw}YB#-BycxNy+H_q^2Pak6N|AeC%U^dhPv@_>;nsPI1<Y@@<E75e
zb<Tz7Yuc}zVvygSn?<_nZ8yqR0pn#>2jg8f-wovD5Rm6y9>@a_TG}vUmN3f)78-lg
zjlHRjJ6^6yHS9_I_W--}`7iW5-Lv4U!C6k3irR&W=5$5#m7-KdbE=|uW-nF#`h~VV
z>9#%d6?<p)UaxJY-0VuX>`FE7emV4N(W|!9(ScM=Xy#z1v~KS4bSWM3Q&0$Srl1gb
zNlsxJXNFtwaB=$_wtnCSKn{E5F8tV806C&x5y&Bb%onf|=F3_5vHieXWOo2L%Y_!x
zxGS{i&Z3sG#iGslH_YvUEfW|nNo}|fXwLom#!O?!S029f@Z2HbIVHf;C`C$Eiq%+{
zHWaX|GiS7k(gp#(Ax!5jfUJ+`k%)-qY{X#k<*LJ5U<KR^`VGtOro-Ef-|DObeRW-L
zD}KIHvbz93f3e+u#BRwFp}~X+BJ?NizZ9WKu}5N-7mLtz=q?UhHMi)RA@Vhuml3ER
zXX1w-nEFw_i!O=Di95pfkd-w42Fe$C!6SsdTrHKdumdVlns2m(%#bVqhV+yYm^qkE
z12o`79DpMhUoCpLYp{B|_03dnSCgq3d)=Gl#c+sw=L8mQP*EdOHaNJMGM_W-90)E>
zX=P;x)Q%_Qg=#BUYZ5G(ir(@dhHIet?sT+kO9f(R)V{LyKm}sB23qfqU1~27JAbSb
z#P~cMP^(cJ;XKrSfvDi<0gT}dyBEP2%eNM<W;-d={*sGe4DGN*EKkJ@%qUUA3fiq;
zh4M=<1}R!;r{@p*PzR;qe9$s=di?>R6)h1?R-1s3tQ~WO)T>l5hDWQ_g(?SR;avHe
z%AvecYwLeg$Prpy!Ll$$VYqMw7(+vSNd_EN17m3PQ>3Y(v?9kUz!)0+I9#9|atRni
zh6fmoQ4k6M#vtXmZA#5acTztHs1-Y90b26KR41JS_bJcP9jkY}^c4vz80eMWDZe4B
z(r@D>B47f!NrWp32Q=USIZj8o1aK}yM-k5LMmQ+nX{J*pg+hIyT`#`mnnoQj5ks{c
zgG2U>dJFpj0Hgc_i^faieiiI1tB=LYLi%`lxGY@GRA(!~6%qgd*kmV0&RtS|1~h?*
zP))c3u*o`#K?R%C4$6Z6K%W$Y@~g~!^m*CQ_DVXMg1cfRLn^D3Pj<Au68eymigZ`4
zyE`-hi`vloHRTeLlBzZ|a~YQFRnA>uRw&KfDWQ<7^{O<qeV0i!u%b_SEDP0%Du$J+
zFh`{NQGNl<)NA)zjG{s9_K7zQY*gRSt}G^OWDrebxKe~@0)rtb6;%$7Np8w7Aew+w
zKIs<_O%s%A%kWnbF9%ffXF{6}HPJs6RMVtDHR7FrS<t3Q1Z|q9?pq9MXn-~or(?i5
z=%8h`!gM!s!)+j`dJKh`%4u!d0;3&1x_6N9+(<%t^i(Wp<}HL{U>%NEw6Y?SlNskT
zk3>g#i|C!V2n%FMLEdK=hh+>037?7$Pc@8liL*e6xWQ^Jc4{PvbuGx)lA_m0q8Uao
zPmc^GxbbFgfO2A}em_on9uAs#S90hyHlj%Ba`)pkpP!7ylfa$M##GvIykj^v4y_@m
zxQ)b;!5rQMotPMJVyZsWdpR0;c^eK<o`~Ya-X!NiExc)fV^GhVM=0ck3VtFOi)$p(
zM5LKW3z1eLWVw-RC(=QLT7ZCGG1Q9ekO%<I$654KErefbSQOPht((r2{v>7A%Iuzy
zwxFnxmTg0n+lq7+fm-Ud!+I)v_mpL0fbf=XULRbfJ_emXrm=S@xMA&R7uQLplp!sl
zyu-*g1GM;@Bz8AVs1Ph8y%J%pBwAI@@Z{KdlIvo1MPxgXZ;`JTi74P!&S)Zv)1(=;
zWjqy|;CjgC=gHF-i2M$b-zD-AkvSrlh+y$XJgBYer+~F`SX~NGRxeTnXh*$DP#3$8
zvXBjMarcwk4k9~=$a-W9+2Wnzax&W`7~`EnWYp-;UU_|tdw>G{0cH6bkv}5xr$qh=
zgqgKj8vYXB2q>6f8e>TmOh}l<27dRuz`>MgT<Ao}e=z+lk+2^*`fx0ES$U>*W5!>a
zDGg>y%QNMbH=ULO*Ys|HMTHd-K=!)75x~{SODE_3n@Dr4VCD=I#}?c{Y_`ml)n>}d
zUpV~S;Y?XgruyKkNB<)7?Z`s^iFE&o)X>TK{!^*bBkBG}QwPta&Wxo3@#_s6GIbjO
zwGCbxOs(I4rT6Oxzj_cinU=OpeZx&#PEFwrT~2k;&D`7#&_&7h_@IqeSpRl~4q9xd
zeycnc+@3DkKHZmb6fQWb(vGSxtb3{9#fG`?mDY51_p6o^IUWIC*Vb__V7{6C5)zfA
zJ@-qXPuACa7eHTm)eC*k_hsDv1^2qNd)*wc$aN|A=37QXxof%~->|%4p{y}o);M?O
zO51!{&vgGA{@{$6+T+QErXA^~9rOO3GnT)u+<41qD)aJ{8!uL6ii$5xK0SHyfloh4
zTc5Y5@xN$0bbAU4uNRlRkn>#5#go6~#F^T~Ew^*v_}r5>j5<%r4ILtY%42cq#jT%y
z632i;hfU9ZW}ckWLyrxhnW()5kW8iOg}3b03YuQeCYdj$T!jc^O)t@X1x>GuFkd36
zW~oDq?o!%vtTRtC|1AG%|6*R55}H&DQ7=rrQ5=Bc_FyL1yb$b82fI`CJy%Y>eCp-*
zy&5G|v7>aH`O>;#tRy11Xb=^~1aR@4w~iZ7$+tt~%v8pRm;Z9ru?++=f_}rYujSY#
z<9D{zfqr-W4i|pD-%)d{#ro%^KB8@AqFZ-2;KkLJ9HN`-VWX%$mb+^0v0XGz&=v<x
z6|x|`AVS(x$rH%qiYjDXIfZCpq6*m!6CQ6qp<hbh>>+)&!Wlh_8f-{#2<gd}MZCLp
z12;?U-`3gz3ih5sivYUJo%)BZc!s&sPFT9|%V4A=Tyr)-2W?I9*frv@FB?xTcJJlf
zl^>@@Jh>qk=Qx!Ybn^u?yN2S?@#N_QwA^Uh1gW*r>gm+qDmrbOy8@CY=!}WJR?ubJ
ztkz{q!j2%=-dG@UGH{5Uwwnyp9}4tz2ik(70vRL%uz-OOZ0bjlGEM#)VQt<%8jB_;
zm~Ps{;|c7qzyo#$AfqfAQendirL-mdM2zx>UE$b@fz{F^);7W4+XVq579Bb*1R6?=
zjgO)nNvNtFqt-|w6-PK87;Rg8ax9WWHj->7Irr;u&O+a@olrpEdjQTp;`t2B-9c$f
z*QbvguoXxjG9EDW8OA()#<&r<iWR=urKM!1Nbf+dO^RAs*c38hBW_M82g+vH+$daO
z8EF9m`8D7mmO;u3y9P->Vi#?W4wFSvL&z%p4(3bm1|UN(z6ND=oV9P24%tF><<JJj
z5Kjw`=TL5^tyw^zv8^;Ln3Qql=|Xw!#;`f$4tYAwaqBT`JBF1^pX?(aHK>P@Q1#+`
z0$nfYv|!7+0U=~{3DleY`14xm_o!SWZ2Mi2U-u{s+KkF|0enzHVe0rt6)8AWO#hVU
z{y!0<<v|k3*@ZZoq<iI83vneY#G#UQgCvPdzwum^+L4U=#~mSm;u<z#e+kNq|0p3K
zz>zwDf#6TLw9rJ<O=;K#9I5R1_f;rT`QTPLRF`z8{3`8GMv;_MH1WVed0Vzr5-FDq
zMN&fdD5*$yK#}eW4ZNm2RI#R95{jgxqnS%(ML^CSp-4(7&D<%WkgJLneap&tEBchT
zT8An{6e&*?=6<PulwW+!Kv<8KQ>E2P;9jlZ@u3=q6s-&AiAa%qaHkZLDiz`h7F|G!
z<RfOJuL-267$}hghMWFjaX&a!ytMibHboxR=>#-rX<w&`MZBnXs=Jrz?TE7i4fz3K
z$ZyLY?8Qk+*zqV0^0J;!4t7WlorZx|>o5f1iIK4wc9nrnCE_vK)OaGAjInKth4TD`
z-D62Qgq%$^+(y(1Z%UpWittt-M`uTdViDd3b?NBnY0Np?UYaJT58bi0wX}6KwzM{K
zG(_>nmbT$L_G7IrT`lzgp*`ID;QZ#_fwf?u6-NtI$bxxdY9xL#ai>|Wfin^xf)I?!
zEIQhh6iW!{JHf@8q;h2OE3_JjWdhx;e2^afXLQFf7>2RP7S`|5Z`Q9vLWh{fJ~nUa
zqrBnF<J=fASw?sd1kN+zn`^*>U~*EL)Cc4_oz+QnBEmjF1T$_#%2pD}D#FaFGHW{;
z9Xl}`?fE?Tg<CXD{g3myuWo($Xlh&ktJOc)*3Y=ELw78ZhNedWsIa;A63(#c>As|2
zE#d?ofuJcFadJr+5)@^)2T{H$v(Sj9oC0qlnx>hm2}quk3SUq!Z`Ne&2lqbuvaccY
z!5SbS&=#XQXc~i}Ja>j(Q3Y~wBC;A4hh=vicY=tQh>M6Dgm>&Zyz{{Bfk^1V-hqCO
zs)R4vdHB$=-u;K*dU#;xzTKf?1HH%gA3nr6>1|GL|E|p)FmyV>@y5xCA>J5IJkC2%
z*OOeF40uh(_}nC*$w&+*3=K^HZ=~iSe-_>}3b>MYNCjn$+;nO*aY9i2`aETAwHTCF
zz@Sc3VOiN(u}O^zU>POLJwnlqP{z#y=f&HorXsAzS=jCH1o!I{!5@&<YecefBB4c6
zz1;;C-7la+>sHeW`L1JHysMxZwL%O26|~pnBnaB;KU;OS`u}Ea&fW-kEx&4ROFF-O
zdUvL@efl7jX0WlR^R<H78U3}Anm39YG7VjsdT2Dw?VNoyQ?p^NcdmW5;#zI%LTyjF
zw&z+?&qC7!>81y+1-C8)d(y$4Ol?c1zV#2<FF*DlH>c{lG8-Ci`s^kC8%9TE;SIm8
zB0%s^ZR6aD%dMAAUJlJYe8r!t*_Ekk%v7$sS?lwAXUsPnbmg_P$L3l^PbaQaT{-&l
z6W{ukSAHd3c5KG>dVxQazx!>Yq0oE1pe)n8m5$%Jn!oW{L;uX)tNC@%SX#)hPv_Uq
z6<*Enxt$At*bE2KtSemqb`R}FtX-(?NLP0(RClJUJFh%^<<P5jsjh+f>d<`ovFStC
ze1$U~n)j`T*z0u7Rf#{?0tjK4Ot*oM!VVOBoUW8_J#&TV>~ujCwz@t{dOc1TWMjb_
z<YK4mS=z?sbU|!qzH(e2CcPfn9m4K%p=Um%9a?mk(w1YDGR1O^Ovx|is#rwXdCPc<
zFP2=)o$dYu-{nW<TX&^ec0+LAqu&JT*$g2aS(7s_Zs-!7ZXXc$a^2pF3dSzCLhqg1
zosw8yi?;teJIeZ8#&7By_iwX&vuTeB58vK~jUTz+$+6-7J1%=)S+>#-jW0Bg-^xIw
zc%*m<v7`82i5;*BWLZM=_(O;uRtOnnlpZz?G=&g|9#Dp1KHfv|!yd{FTSE?Fe3;1L
zltm8gYY1BzL*$0Y;b9^N#0-cWwqwO$tMVZ&OFjxjkt2X;7G0r2h#c63gAlT|IYf@!
z<G-gRpp4R}#xAA-U(7^~T$Lb_qov$%{5KU51Hv2rDbM{^1d&5qSW)b7L0~YGz;IBn
zhzrAi0#=v!8g^+3DkxP66Bhhg!b0g_iyTU3)Fl_Sx)l=^hz(a#ky&fCf5q-n78|aF
z+N}7N?!ec`j5XNsQdJt-z7^(LvKEr33L}d@Qv6hokg}{>!P-itig~8Ou}c-pcF9fo
zU4nTw6XOhfTN(mJ+&S1Qg%8WQh7~RcSqch!nfidrMi9ilnyfn35IIqn0M3-uhpH$B
zmEc#srf&(}QdL^bZ>j8;kVFOfn*u;lh1UE^cZbHet;W~=xo&YQl{&0g5?iUw%a+7K
zHKHZ1{Ls2kZ8%>P>Iw!|-!2QJFC_g!s6)Gq<H#arU(1K~rrAOTwL_@qXsYHUek2@g
zlw}9$pR&IFQZ1D1Agw>XptR2wYfc7wR`e<Nq)^>GZ%wi~hTPT*v&yU4))hDmZM-g2
zFCJ#)R+U71R0<MoN2(xNqlfTqv{a@LW`hb2kQ7JUV#_I7L(7rpx<xIgkXjGf3(TIS
zPMMb$_4k_kF)pkK2$)4cplPc67_>vOa9&X`#`!Yw01#eUYX`n7fVyKqe@6i3GOQPX
zF5CFSJxT(|D3JsRUqC^kCty2=Nfx5ae~9DA2MzqZ1*#dNiF1)D=b5d^#_0G+6BGS;
zD+hNRe3}$wdHP=5B!#M`yR&rnIEWzhb6AtmF?pXmM|U3t8IneN`dv|c=bof+?@-*#
zx(V@n*>ZdTGExs!8l-dr$7T62GLno)rN3KnzX}<M`v|2;P$-U<HIF1|gOz$ili<RH
zaOj8dW}*6nqPd_Mgqy0_nV1|MW;?U!t>)L8a%Y)B+62Xpr>UHx{>fny^5H1hN5YM0
zGD^}v(NImH!*1n$J@zNFEk!ZuS26+hDN2ZPDkS+D<vC9{yp@%!6{#@$PAGTl5{fXC
z8qfi(V_++pa#{*<%DYFgL?Q3x!E2nAlbz&L<!;47l(K>$<sNpFtaTd$r?6?ij@QGe
zQdU)MLFPV<EC;K(Y5G)aM<whB!aH^k9NK+scZgvU+{Y;%C*tHSy}bY>Hg|CUj+}mj
z$ft<R5P2GechV=7Z4|9ZsYOt=`Xp66fzH8_CGiFBGn5`f7d}sS1Tk>GNp}~BTqN=$
z5r!)KG37k>{_%4W;k?}r^}}WXZ}^eyNBGd2RpyZXQhq0d-zs1dC2+nAlMo$5Xrh)4
zAS-n=e%rg~rT?D5iBa_YRe=+2(+96t)}$O|*9!b1K#{2p(*C8{u9Q0<ffc=(^_w#_
z4Zsd+X3H5&u{~Y8JsYODKOMY3Q`?cLZ@b)kMgRM|e_EKL{yl^#Zu9_%StzJa7u3&{
z%@=IOF~C(YjC61|Kjo`ka2yo=|G;r@X0!Yx-25=hEv-D^#caOp8F8iR#Asy4*Bl2k
zMdgBB`;?>c+4fXX-Mp_Jw{yK9DPR3uZ`#+m;1K^`72RY9;pT@FRCY^eJqgaQIT~lq
zs(naL2#Pd?H}foZ`F^ff4j|tk9%dn`Che=4Mb-q!2Jpv%uO;n+xgcN{sg7M~-!6t=
zEQW4iuLmA(ir|Zkk}L_Iq<q;SmH>N@q5_zx;TP!zdn@kwa=J3!)>PY$RO?RQExYtE
zr&F;|T%RtkpYx=PH!KuyN*8ZR6>YvuN)w*WW#JeB?_s8Nuor6?OvZn-)cB428jo5n
z-`v>m!$aC?KU$od_S)#a)P6K*;fU8`ll%}ms(i_d!n+8aDOduXDY%#D4Ajl7OCU5~
z2SQ^zeyYQOh2sB&d%Gq^V_{Y@tzlT)#`Yo``!&4BXbldt!_u%r#%Y`(SJ=j6?>yi%
zZs0V+1|oAj_gDd>T5KbNZG!@!JhUhrkn3B%VF--_@ADfmp~bCtVKvU<-(LZ%DS%WW
zU^UJav6`<b*i5K|{wdG>z`1jE*vj&XxJ)cBF9W@i<vuy%I?ZiQv`p;RSSEH2{xq?X
z9HA9k-e9YgkFadVIqnXXLZ)+vJ+$l$+0ZLVJ3t_S11XEP1DeP{s0_#hmT@TtMZ&`Z
zsw^E1Xv#a1o(u`LYy*RgIceFkz~Zrt6-d&Flux$wtc2D?YwivW>8v7Dxu#r}X4Qt~
zg1S<#a_$PVLTTns358r$s%l)@x4dk-qE8ut2nEEYXP+vJ21<p#SEbcT(4wl_jZ)3a
zi_Sh#%FI`=EmizGq}HbV0yoQ-Vv&A<Pn1BybmPw(_o!0OlYIRDx{cP}^EN8i>zdlA
z913l;R`r$tE!yaMtyc20Yom+jfKw&QAR)&7S66|Al!!=3-PHDwtn@%e)`my00?d)-
zn+RZJ>q0=`P1;{FF?voL2yu!bBhk_E(^1|bJ)XeQzMuk;6CoW40U4Qqz{ML!hM!=H
z4=dpwq;B;dgCED15v%0dkyJV)g#}o|P}j?L2J9qz0EP(43wDTFNm{A@A5dO+;#E)T
zzN4?6_`!Wg1?2_qS4rw*N`k*ecONA}5-nEcrLTjtwwM-z>xiIC66j_2Tc-Rf^@Am~
z4%G3Sn3AK|!J_!7MSkvMlus&^BI|RXAh)IDeC`=~`)MN25@AyN=P82KY7Z1HFWvJt
zskKFw+Y`{XA&pOJWK8B~5WphA|36WF{*VZh{;yG{v~&tEziP|xqVT?v3Gb_HDEy9h
z-`K8`DF0tpDaseuP4CYXub<w3y{LG4pIV%6nqSv7bMRVu-5X_1nWmmhW9QtVE444{
zVKca4CvEm1<%5T=1vf1Occg<muC?u0XnQE#_RzJ)?F)@N(v3SZ!H&$v*2}GPU76-q
z=pB?-K<}W&550rxb(zYlOtAHG_2tKYfBhBT<+3XerRw%&YFjfk_0T)0D4f{?y@RUY
zT>ji+@O0uz{mZ?tp8ku`Z;z$}gERXx`DL^Er~7C2y<Sq0Dc%p|1ApQ5l0c??`wO|x
z<z6jrxz=>_qUCDw2AEb^DBhSZ-Z=Nb)#4pcKJXVp`M_Uzt5sLKjZDC-e;fOfN-Hl;
zE>yOrD_a*TH>WE%UkP3*eR*$c%fb1|{(1kQ=>xP`WO*NNKuO_)uv-Env`*LTW9%md
zDfqFpuO18Wq<{cI7HCDg#CXNr1>?d?7zQRi1q54U7g%(?MX!FmM97&BYK0VCg)~(L
zjcb@^mTASHv6w+Q<1oxi(sAGmzS+U~s@7DXE!B1~<?dhB8ZnC#dMx=xzpNhi8AT(+
zq_KhOWYu$fP*U6ILDPi0zwplO`?A$Gs*ZS!-!wNK?y-Hd{h$F4f6-$<;&P^}Hr%H?
z_9K<Tc8NncS^5r*RR5F6|043QME*As6Oo-nK0t)l1-R#Efcp}WuMznPxv`Z168r?s
zy;Jmp5gJ%N3wQO-iJ5^5gU<}kwO-Mu3%b%d+msXf8dc}nZNFi{<IP8C`^3^AnzKXT
z@#cxF5QcQYwsg*RC5;YMi0)e^JhBN?$Sy5wV8sBr7If`{n^-+SFLQDP>o-uf{~f&I
zOCsavXpC+WAX{uj0Km^o{qr{2iMNPu0u+r;CTQmI7P68*I&wlhBH;A7@dP#+Cr6S(
zb+bxlHqmI;2djO)XbELZVXvu;{E@03?^XMwUAv=6E|=aqh!Bu2=m4?_*G-Rv2QlS9
zsOCj!x504aB$pTyX4$>;avzcXAiNn$s*%J=j#P7n2EmbYadZMZFHcNjLnqS%gkmVH
zwZ%@I!$#tfA=;=BrHz?f9|hY@gzO4%J1DG;wm2lP1v$nYCdV^G&J+0v5j|BJ+lRwi
zQ+6}st=myVoI}~eeH;GpUza2l9yps`f74*on{F5C^!i`Z{c7%C>hgZ1EB>*rDXnYz
zk*@B?x^P+-z6~#i+d7b2L~aCh1w|JQKXdqVy8zj)+dQAYC8hIZ@(TsGRIn4%+kE~u
zaxC`0koSDvCDUAFzP@|DxF@A6z%I42iWfSc@64FYzrOb)duNW$dQ(lu(xxyu9QeqA
zi&e7|Y12mW=~w%2SxjYyl&<)OLswLCA@NKiW6S+i(Z`G6??kHoNZNKZlUtL)01AZD
zmQw_;KJ3Qym%UK*d=Ycb%Qzcg0N-!8ZPnqt^7Uz3)x4qlhE1n0y5S;^mCskcrL#1k
zcox4gr7OIVuQQl_z3jtfw+zL4Gd3z2TsP?M#%9^QP<F@NjW*H!rs4g1eYqHbZg2M)
n_Zjp+UWwlRfT>TfhmIc6+rx%o13eJEeLM$0I2M&C>t_ESlt$r0

literal 0
HcmV?d00001

diff --git a/tests/property/__pycache__/test_multi_provider_prop.cpython-313-pytest-9.0.3.pyc b/tests/property/__pycache__/test_multi_provider_prop.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..646e8fc0854dbe657b3971065785e82ee68d8497
GIT binary patch
literal 49514
zcmeIb3wT_|eII&uvAft^>;t=t_j3V0z~uu32@-rrq)ds_gA^aaa%H+?j4pvC2pimm
z&Mrt1u4FmQ1G1IRlq^NC<3^CLU4ydIGH#PFshcQilB!MHZ`Y8-%?aF3Uu)M@dixm^
zX*1UCZSL<sb7s!j#lcIa-PkvW;Ov<>^Z3u4IrD$ce{T8xUIkYyAN<&)swn@JBI06C
z5V`g5?TYe}5?53uZj0NG*i<|FtvKw++M~*0r|OE*lZqpihux~1-8+tW4trJa;VQN2
zuut`|G$+#hYJlCljsy=^tJQ}?YUprS4IhrEk;64=&EZ<L_HdnAceq}yKir@;9Bxz_
zS^ml+O^2J+=EE&&3yZstv>t9#+t|J5Nc-Wa8jUJv0{!<3;Emr-<xD63*X^|NH1Vsh
zSu%gM$R~c)wa9<is8`&f?m+*eB4+${DsgYT3eS!iY2psgd~yFCTRgC*Vu{khc=aAT
zY6-=|dmQS9C2~d<ZKp=G(;pYD8^7_|CPnsdW1A9RAFn%87q36FDQ@3VsVMOV)O*Uv
zFYeBSoVeZLiZ?bXA9H-nrf!jCo6dCdr_0pPsMpY}*U;UdU{qR~lz8izww)EcC3P!H
zZ9{7NPRv5O)E<@=MOueU+s4v5k+w#rZD(m~k+x2z^$y!(UCEseMLD5n#!_nT@|Ls7
zY-%W)OJ#G}=(&s<y)ZtS8`(0ZW-g8lr4UW2!z1b8Xfiz%JvTC%OR0!;d%YVsKAs#M
z8A_ty-e`a7iSZFNbs?2TB|E!&HzU}wIoj8~je_kIuxKCM?b^7}>lMvMx9#2=J-V>T
zRP@qF?tC<zyg-c)X42<IM+S3IHI>bbj^{=)Y43x8HJQE~&0Wew3G9rTVvonw!Bli4
zeG#x^)R7cArDiTfhepnwOQ}eUX42?f>cU7Ck3=uC-b?54)F_X3@pv#ZiY}%$M|0;>
zY#=aDqUOud_`?SteUw1UB}dZH<mjj@p7pXeDM_}lnRiI^gnGpr0WjxAo<z-O(HFEM
zN<`6eIyZ7|B&BZl(&(o%Mg!5&Og4wNU<~7)y-`H?J3Bj?8T@#3IF(MR$&#_6;bY^I
zP35B5v1B?;a2&(vWOE~FjIZV3@c!%7rG~r`Lh8)O@HlUzY&=p=CI@q)mr=RQ&cMoU
zMkDAYrj}?`R%q_f_MW}b_+T<k#WC+v(TjY#;niczFN}?*a_C<+8{Lo`8XBQqCP&NX
zZgw!0PO2lBY|MLLR81v^E~Ds0yl8rjY|0O0(Zqn>#DLKRC5?5DUA_meWF#9!6WOxL
zy|VHWsJHEnJ}ABtG^VPl!5o1prz<rm`^4tBd?~rhV=4U`!zj^Qzz7L|MXoF#XYbim
zG#Sl~pQSg+CvOTpyDX<jS2oJ(1N78aRK~yF=qTQGcl4MsnWCBTTo#kfYsxgJj?kBm
z7S7WwPL7SGl4`g2U0Q&S#cZ1U0VF5Sj;3N2nsayrADiY%X0ziLQkokOVKNP8k<FXU
zVREE~@fpUvTJV9f@dN7Mc~m`^8&^|W_@L}xzdkcH|3iG*riL(%DXsd%XflUo>B0k4
zPe#40)t=}-{`eyY5A_e6c=W)@2aoq39XNX6gw`RG<B1a|j`yEDba0^mQ2cnJ|A9jT
zCqHuHP+aq!&_9rq7-+4EW*1Uua%nz2GK^u)YF>%~A}mWWyH+QP-A|vD4qisp0s`iv
zSRzv@x*HHVPmGRZ(L_om)r8ORT|&O^)*wKIwnsG^4PwnD8VY(J1B1MGG)@(o8*AP`
zc4Pu$c_I0vewQ2_JD)t8%DuZCm0Y!}&G=DUs8&KGF^A^(c<ORib72mTr?RHUZS=T8
zZJ_*(2sHbNp+TJ%KvYo(uMobu)rsIGC86}2pCXN}o%}~xt6XKUJMm^m#?T2{HcQ!~
z+Px3#J=1^a#PKt6d~@d>$PA^<Fr;#3Ovf}VI>68ieO_#-65pBTzIQZv;p|Xyzq%2%
zJ%s;RqQ9O|u55dG*Ymqx+;a;tMRSXSnuAtP&84O=lhT7aZlpX)0RLHk-UDDSDW_Q?
z1qp?QDs4Y4bL%M;r-2ap)$bB_#&4%`+AU(HoCIIl)u|-xf}Swt^p#~pv{Q~~e{kW`
z)72tP)RwSq(36sNiejoeEOHvZfWjuq9e19lS;wwrOG#R2*_;)k{?mYFWwpm8Ov}|C
zx5q1bR-AjQggWln<6W!7oD+|VH3UoK!X<`LImswnwG8CMmg3Bqjz~C0rYY9_e(m{O
zZfx(?t@!$rqvwHl_wMf5-J@0Dd()ikbBlR2KNb##S_f#=)jZ?rktfDe10zG~77UNN
z8G#lW)7LWbxnI_NN%MN>PNj#&G9&4n=1u1CeVrZ07o-K$<fQ=+2}HgOVuA3feyWlt
zm1fW8G}qbjk<p>7>Y)T*Hc7Z~Xn-gX%{e|kGL+RSE+oga3VgAe<749}Q73_=9uDY>
zG?rE~G%`8nVBoWkXu<6G*jPr*p#|z_R;7g@OP@~^ml`7&S`4%Wxb<NXji?8a<uDbR
zM(~Vs+pE;?zV0s69eC#WT*H=`^M!_8c}MMcs{Ehb^XWZv?xwlAhL<xhWTrE-b$xT;
znwK}cu;FtXU+#Xs`^%Bp@Vfup*7;ojXFvSu4_`U?+%LSjVgFnx@^bwP^-~SAq0YIc
zmRGvI(3S7(oo(7NSG!SvmT&Bt4Q-o?)V{pyg<VsJrg!C=H_b*i&($}+eCdTtQ|jkF
zakI9{=bBfloGx_}fYdyq7uk}9h86&}(0r6FGzr_;4t$zO<X693W<&~o_NQqLVpqbp
zRoTi|%6P>dr}&`OnrpCLjO1cvYD+FqqIT9+m53!wA4%L9ckQV#m9>P^_^j?;PSX+~
z08^|-DK3{$jExH)b>+k+(?@OKXUmVd`~8~jJ==F|>Dh+AlRZ6q+220^iE?&u+xFh8
zPW2Gl*W8zqDiOfInkiMysQA>fK-UAg5fJ}5d`FrO=!WQnf%D1id6kwrHA+D{f|yI)
zOZOk5AVk4E2s9_*^DLX?F+2ZosIe>!viLx1STmSZATZ=-rXEL*e@IzhK=6z*?^WEP
zLS@TbF!b3=pT6|sM6s^DSX*C=)E1k!6&pKlR=FCyw-i@()x6^JRNW3Jz5xGZ!un@2
z=i4yTFzef1tgXY}%}Phai?0oz5Pcxw&o%2cUr|5v34QYC+jq{^_s!MTzx?4BK0I}5
zwsw8lr!WZ6<R#|Zt#2afCFP8w+8`u>a73+$+f_%r;*4{LJ?<a|S9QgmXDZLQ&$xHk
z=>v$n;*~obaW{MBiM!5tk<-IsRfze{xG5LXye!RMl2*mi0&(O*dJy&aSxR+0AWFuA
z@~-+!=uCL44ejYIpNZ^n$3v_{O+2jD4p+t^S`gGG=WRLd_U<!if8yYQ=olmAKtLyR
zk{r)UDmx2i222j|%_?|cOdIePVzpodc($8Of|7-U<^o$d2ray%oT?thFTYH*iH(LJ
zp^VDUb68Q=BMB6uM-osB7iiuAxh#XebYxSb=UA&Hv(7y*Fp?h04Gd@vWu5I7PyR8g
z&qfeDqhN+T7np0h=la8irbCmCUkmc3uxb$86Y-_V(X85yoX1LfMx-F?8Ld$-DLTYg
zLG`MSBSrlPf)b#7$#Jk9sE;UMt)(0=^V46YvNR?D&h2C1SktjYDV5TFR*MYPv{oNc
zJHw{xNhDphF-SR4%kf$5a4I*j5O=RD2i7v%r%`8?mWOAQx!~IAlVAPls~;@{cjVnW
z7WP1n9(`GmING+_u=LrFsXd6Rv<|BS2+Xhr82cdThOE|B4piy$U!&rL6)=X?UHRaK
zynDkEa5Nz&;|TCueu=TOsR=w<09Y$)SWZiW5MX43w#5?8#j;;P3t1v~0Cq6)*-t+E
z$-KLb!L9B>s`V7?#1r#0u$ly-6Lyt`Tyq{cda!SYn5<NF$z+WTLFh1;8!(ee+M4p7
zSY-Mf)kJ&=O@g)?!L^0p+Pr%$>w)Gm-d;c~9h|rV#i(W&OA3l{bo6X;@Z*CH)FLj)
z>GUxIWUG>PoTfR%E`t+^C=dT5MH$CBGWK}F(NEuJ*<~V1Tya~%6;R^#gfpP@Vi7mT
zz#CeSBnEe6{hYqE(~?{2r}tQP#T`VH^k9+R;}(QaR7q5TT$0>T!j*8w-9$}`-_!J2
zvCHUd+_T4F)Nu4^MX6Gv%4u5Dcuof+x*(a3`}R2Tb@?au3Kk(MWL6}g5^sV@suo$>
zyWg)E8QP-RwoFJ0aSQ)ex1lkWaq4chm+p5^K)|zgnNiJZA4O@Bsk<p4@&bH(?cg}1
zM(JGX7o*h(fU*Myd95{wR6bz_gk)?;tI1_@$<fkEvMMpw>cbQ~Lalje@<C`rLK;v<
zkn*I57$3owLcS={hoO#8KuoDtF`7y<awk^Fmvq8i>IDkY6da;Vwh_&)=CY8WGqyl-
z24MlZge$9cF8F?Qp^%a1*HKUQj}d?>3MjSplb*TSwyCGzuI+yI(By%lul9zorQmCs
ztL`jzt}RB_Oy57fWBQ4i&`iZty4bvSx_|oMjBTc4CX#R5Qf%#b<)fef=-m2yt{?oP
zW50i_u>QzgN6(FpzCuS|v2{l=x^DVXzJ2S>kS7$rT~Xx^+-y+%ZC@NMuHR5xw|*w{
zYN8n1IP=)m+PQTbX4+=g?Y`-8wg-NwIQ_w!%}U+Y+v}C;riG+hwU?+gFZ<%Lz7VEi
z>t?J@172oq*Z|P@z=h1vIOxp*%{MUc#CUR4e-a!RI5(nZbE6~aR62vll>-AqnZbbp
zmDT|D!w59T5G3U4eH1@K0WI_DKSZE8Xf0L;DSnOu_DVlSceEC;_sS_)EE9@WI{=y#
za^t}Pg9$}L4E+#0#E_!;7~N6u4E|?-3&F1_f9W_j@31=`v`x3%R_J%$ZFBl(95eB2
zYi3Se4a_TuUf*$>e&$^^=gxfBE{g1=NNn0M9e>qB@fgM1XL8pbxO$o5?G#@(^8l4!
zckMVOt($jsIKA&g>ZdB6-!t#T{k%(QY@LdK-ZNiGF}KpPcKXcpv1<qOYj+o#_sn}J
z)vI`G?o{E9BM*X~hDBa9W9ho}CW3_|?HMPuT`v5q1Y1&Z#tn@PRxaqVT+k!2f`+6_
z^%%L4zjBYmlploeg8W{YpX$dtX37sTctQRunZFzw5XcL1`{Ixr4EtjNZNo{BsZ8Z^
zLYKlZ0p<g`j-?+QJ6Ey1`$y=~L>{@ArsxB!Y9Jv0Flaovq%Kg&0Lw9HV3x$qP{WWQ
z8gh&j(~y|7FDf(zOj(lU$`nz~q$)vMOKPT|djkC|H4Xzw)BRbkinTw)zQ=cm(EF=4
z%||j=U<MMaWJ}O5ePHwf-Fgro6etaedQXM-4r3zdaiAZ{#V$kim0;w3oQL*AMZ$Jk
zqE`OQK&$-{d5U_#K~>Py1Il#maRcpJwZQou-a;i>u$x+7&z5PyjTSt53(nJi(RRYI
zl}j$Xq~P7-OuJ0aoMq1{4FoQxWZIo@_lHDn#_y@&t&;0cdrT<XBStdqjr%fxkf_=V
z43_y18}y<N*@gg{A?EBSL|S&?L-i+oJD_kr^|c*#(tpww51uBmIJ^3Z)-AgXAuX}?
zL*V*Nt+bS7Mik_V6vqmf1(ZqDZz@ev`LfHZ^l@7pO7K-d*<8|&C6oy{q7pic*>cbs
zr2tj+vbnut1eVQNC340?-Ht8z3ex^~I37v(du%KgINc$J%2XGT_hlCZ-vLpV_)Xd3
zHT!I7?>^huUnD#c<?&$Fz71qOh+?45%-{B}Evp345&KclIz%|8tJA@Rt$+Q(JRp&4
z6BQtlE7GBaeVH8LL?}^Bb0{52M8ud6{itNjt!HgrB7#|4PvuSXw&AYNh>#dB0Uc8_
z)QEofTh7;nEQJ}-5O2KeP)Q?{RY4_70jkD$Q@5SXq8iiO5!H$A;TJ1Jb0UPd+LEXy
z#z%}tymbqn#@iA#`fRLS#cZq<wTNGujhF-BA9FUKylFPH-}P}13wXsqt!OsLQW*F4
zpM%*D{^`ty;Tkd{%i7byb4n~a@c<EEWTc@JIVHqUxiO2NfU>am$U&LKO-Z^{k{Q15
z0CSprKdh^-NOQF%$#qvQ-hyUJs;bC&wlwEip3`<#<GkX#ROMCM`}TeNuG%Jg)@>NO
z+#Ab!KcU}5_eJThCzjnnzuRI^_&*ih$5Z=aS@klCYc8@TN)26gXcfpy!8QtdDd>AY
z01E<`B(aKi$Dp<vyS)3DW*YzzW*<qT)v(?KSv1h?c4P{so*aWr2Kp$*DkVX$u{KyV
zd)2P~CN+$zwoiBu=~<&)6AfKd3D3$6aW+SXGr7Id_p818O>pesaO@~==WMK2CAkLY
zmWehh=az}WQAzHgIaxD&1iT*_yG&|v$dI%Ulj?xY9aD*K2j#2z@OXgqd9a{>T7sz@
zvs%MI_Izf1bckgg7#_`>1!qs)g&;VaB*owu%n=T-(Ssq(AyQ^&kpVKBNajGhLUx&E
zhCo~bL2?N+u0Q6Ty^tM_)p3UYSpuBImg;9HqgRR;Kr74pvzp(m#7LG#&+2blRli78
zR8g;ZJKN2Xo#x069^p{!GDr4kHdVb!0L@VF&&sOYX3pDdj_k}5Qib%v;^Ly+HSArO
zjI#K&!P`ke#LmAa?a`GoOx-J}?F~SbJqvOjs?Tc06P%nV1iRjJZ}?7a7fIU>7n&Y=
z!&YcIT&!y;hFXfX?Q?Ct*A5rj?wf1eaHFxi(AZt9jTIZB(`&AL5<-eP@1*y3jZ(Ma
z0~fAS8rKx-JFbjExioDrHn+~)4^>g4chV1K(V~xhN;o<j>X>vDL-jAWJl`_)RKD%r
z+0ed8*KL<l9l6r?nNQ^1?Ndn>6oTzH-1^_FyM6K#GRAM-a<@O1m1%{N7*BrN-F~Id
zoI}J=R8)tWr;;*{yg~9!mlE4LTfg-+*YvhmTwioubxr#6^;?UrT{l{{6k50BTe@eG
z*Q#co$~Wzs3@(-&Y@6O(2zK95>>e+~8y@fX9q%f)ow%9&<n(5i{2nELufp@GzB`ou
z1CeW<=VEz&$nq$jPkGF#x0WiY*IrgqPi2)7D6G0-pkb;#-w?~k4!pkk^|rk4#GML2
zVzf*-8E~u%5SmoC|6Fy8jrot>^D7NKSz@UFZC&k&HV14N<g%u@bWFj2&koW$E-uN_
z*SVMB=?!jw$4`UX?}4ZZoW65ePT!euteVqz>9t#N@(^9c-Qe;oO<cZ9=kmofw*{B)
zNq8)|{3lIZzSqR%OMWq3758NRBH?3P{<j4Mx<W4BoA85Qsyg*e6MgJk6@C1FhRcUJ
z{HmZ_370QNRE*(@sCZclRJ`BBGg)(hl6PM=r%&({@qo_d2S~P&2<UuOa20%2P}C)U
z!B>UA<yV2rpG$bb<yT8C9}1*&b)tF^J|9#X<MTtvQ;`TU9zC20ixFE9kB<D9a}g?U
znsqgI{e4QKI|1E_-lr^u_gNFKz3Wg(8NjNblBEDuZM;tB(Ici=WFd0_k6uqQmv{ql
z>Lwn&k@4tFiHJUzYF06qYQ!88zciQ9VXUG*-fTd5(`;zI>*FpZ6ssC{SqkIc{BtlH
z96z1eFdWi(^lI?vEff38cyw;<sc+~=4yqaKOE6e-QfZ_!<?OjiMh)uo6c7)tzDU7K
z6ueBqBNR+g@OcV;g975A8Aql56T15n1^*X<W9nDv_Nx^9I|>-H^cwCa8YIt)%`mV@
z$0iA)e!u~TyGULDhWlb_NauakuT$aQqTt^nh}Eo=#Z~_~m0{prqr2ax;2RYD3kv=v
z1;0bV?^5u46wnu|UPk~%`f<9K^cn900igaq1%E)nzoOuq6#Q!nh^<urkOI<CsjpM;
z#}xbt1^<QuHU@u6cYj8~pCicDBCy~Eg<alS#=oUAY3R}Uh9g)9>Kx&CdhmQQ4dI1$
zbam|DGSyXpj?C`j{9xF`56-y*lNZ4_z3GlxvWE4Gv4-`HOS6S5DER*~mT<~uW(tF~
zQ!RzyI>s@Tv3VD#T3GVZY~DqK+4`Qr=JC`e**v}WGB!_7WtE!Py!F!;r_blRKlFOb
z>w&!Q__ADH-Op36bSBRunY{M86RuJw&rtCWGC5WWmq#W@_~evZUk2~@(TG`hYw%a6
z!ikD)l6s2Uh#wI&LKK$UX(#2_Q2|X7Y+#@Tm3*X0&+4MYIM>9&l&as2XxRly#tv%3
zWtd1MSgF$lCA<2`$fN9vql9&Bac6G@_&L%GSDH+uD$9AcgtK3oMH!VROa@p-)4KT-
zt()xHssE;lyQ|kDrk{kgV^4dHkxWRQ0=%7VQQmGDU2NRLcsp+iZ&!6%YB;TRR03k6
z?3o7FXeDX_T)%}5mgL;*67O2lSERu;N_UEU#;;Xr&{;4wTNRYeCGA9w`o$geoN`1Z
zbP#ne2c1z0P?@=6%f2KG-fo#*Ck)=sFL^s~cP8F$oq*j0qa}r(u;T5i1#c(6xLfqa
zE&2t75}*rvD=t9W3eGGHTW>dUg<>wGt53%SJPD~SgdR5}Mso;Mh6&P*BDe7iUL<ld
z0_wA-*H|NJ86Q%&s<%z@24j4qMhoH&vr2#^*B_C<tO|_MmhW+4X}tY9Q=68hjB!~u
zr{v}0_1zUr*BU;(^7k#ZhT?kz|3&Y+IvqOt1HS$YSH~JAdYBDSuZgba#zIL(&~9cM
zuuGI+@6rm-G-2u(?j|aAMc9OsskS)PZP3~)A+x`XdP;20sfk|vzx5#m`)zArGC=my
zKnYk{GogN@mR~3Bgh(zbFFB*i(OSKO%C3rYHkCez7@P^vPlaah?qQUy<`ychEHxL6
zKErhvo_mL}Rrbj-b-$Kc9Z8xyuck=9q3^*I#O?rWjHTA2`(Cbm+TSgk875MdCfnb<
z3++X|ZtpkxW|A*oeE#Be!`t<-Z}k0$?F0MA&22Ul+aa_lg6)Wy6>s1_umvXjes{Uf
zjq4Smd@Iu{LgNR$qE>;8|5q!RYES(d0Af4~^jCyzIUC}kJ3j@a?XuL(JxLD;19I+V
zrHsoBDsdeF*rPJW<v-CQrZlS+in8ngw(gT9EA^Av{%UUVjCQY5`bt<DVq~~#i|f&P
z8AGGaA~{P|8Wvp5hxjy!F{WlEuUzZD`_pJY&6xvs%o*sr>cHPTm%Va$=5Ri;Yc{z1
z`hh}l-<$6J??gNE?$%=Cnrlt74fjqyJXar^YrF4tccJZ(H#!P!j}}|nr`=x-yc&RE
zZoa9fSR2Lel)27b*f!XCV6JuZjn?gj*6qdS&gtD>-T&(TeCPIS>++4eq00g*)DW0_
zm^5V3V)L4*jm5_1>HCZA9oOtoa@7SUAB0J$zw?G~Ljjwm>fZMC-0V;q_uXDwrryf8
z_0EQN{GC*8L50(_Rv)-xQ|Bw)pYP5$#$fz>&&-y5{cenA-QM5so2}bBuh{*87klyD
z&PI6T?Z{qmIR1dnR`>(O@Wz?lGaK_e9?Dlg43@$lV9&o->HpM4D2@C95Z<QjFZO~f
z@x%BT!S@{gPdx$^6g9z8!6cbe(JV`5P#Br>5uR)m(G^twfRX(@C*BFO*tNF5e9^s(
zu7=i4cKr<7UoO`N*kXPl8&aQc;c3$SoO*Dpoo$ow$Ng~8Q>yzB7M|kS-PZjC7v&FV
zonzM`7M|6NKM0lZ2VoQS@^{t36Sj`4f|B?HV=N^9BSwd8*$hfwQi{YM7^SSWIg+aY
zg=m(=Tjw_TgXQWq_=6hBA3*AF;tx6m^d=as=~65HpkD9?A5`}fw?pC&D^21OGyh7A
z+0Z{N88eJv`2{YZAyEY$qmfD*@_th<tjA7Lz44~I{_Z6`F8Z+|J&`Phci$9m78;p&
zOT6{2=~d`Gg&_l|{QJ=s+|Ey7w7q{n+CRO~9<DcOirOaj9o7A(rO7=Lx$S~or(gi+
zZaAq9VPgq4lAj|MiTrU1ehgd3K{zWWMbQfs{Tu}<1us(Y5(U4GV1n#D2elgA^@wPM
z8w%P6O=_h)6<G<t`xRsqc9$^e6n2*|{M5YC!wDH#zCtxlBPcQA+{uk6cg7+=K}FII
zw7O7-L|mAmJ~A0D4t@Yt(tkx|X6CEMY-Ctsx7fFwifJR`#+X4UvD!@i1|AWNw|HOK
z0c`NYJjrVD)v;qMs`TT;k9`-@3hY>oN!?_rWBO^BA2wLpE_N-Z-6}PF)D>0vIv7R%
z92+lg-acEq{k6X7<dx*hAAj-VSNkTt`P%KpU~S&LX7b`xQz5wKhFkyp7Ej{wHz^_?
z$+W2^nO1PGF~wvu3jPdN|CW2rkKU_P>Ux<4;2V{7k2xJ||LU<=Kz*84hEG!P3<aN}
z;1?-yAkgZhRE+!-7|vM^P!1Ob|CWOPK*6^u_#YJfG6kn8*hB#dm(^bt0cohSZzA{=
z<)+=`bl<F2Tvf$LjQ(miLJZ+@-SjH1z*KL+*?!aB>-65LP+ZYlRd_J(L-gjyY(|OT
zx?*r0_8g;-&nUEA6!PQ2d;rm#=S_upOXY>uIs?2VUI@{fkD3Zuz;>^5tpVFDAELa&
z)Yn1$mlqgvcHOGOdb8L*S}U~{_Sd@k*2X;*R_ZCX(-w8og*~;lGhUG3ZtRw|k*gRX
z;1|EDzDIV^ma5qPUF(*7sL#43xSJ6zh+oymcH_FiE}LNrTIBS{tJT18C>GY5X@NhX
zi($>)1!2TL@;hjI;(0vPH{UMh;1j!EAJpBUl0Qh05@H%>qvLSz3hB5^iE{6t@C!-e
zW7_!-$F3-xN)Dc1X7}t4?4D(A3f^U30yGz;(r^;Ll9=Ka=}WAYstGx!Vr+F693Uco
z38mnsER~}TA7i>-LH;pOh1%LBh700q?mzHPFl@I-bNY<(#hNb;PIvys@E2RzEQPZ|
zj~o{DIb>0P4MB<X5E2`+9@JDW+5_pC4l3cVn^nRI8w?NaS%^;9_Chi|v>Qs{gq{1f
zgBh>=g#D;6Jgh(-w8byOZy&bw5-jWzb1dzI%C<_R8o#G@U=O;zWE-yQv{V@j-@lnl
zf*ph@EtV;A!DRRu><=6DiMu7YzgjZGhRRyJUD0OQ_E)L05^b@~v-H~7B}#)ig7NXH
zpez-RSVEa_iTWjU$Y)~NEuk|?0V=FGtAYxjim84}s7!B6Uv(sOrCWzBp<7rQP<l*l
zT9!&wijjzWb-|4LG)9nLrqb3zCTS`lYJuvmDqRV+tcB1c?ZM{ls|hbN>y~qI2-aPu
zcA}zf;}`3@KT!!0OW@QO3<1mE%~@gUiS>BPjn~WOl%lwJP*<u}#jE3?M3rvh>RZKo
zlHxb>dx9v&19RyKye$hsTiTy+K#TdeSi=Ie8T$x))Te_{<<$SCMLr&;FkKz5q0O@K
zTDA$=-%oT;*=1}IPKV<*w)Hi_X29pg>>m2_70mz-W<VW;Y!TBOs9)7LxRRAYisb}!
zWui0dw<=5Fo2y^;%|^sqh&NblO|~{QXk_Eul%OrC%?Uq@8{`@mZ(&9Ut#X5M)hcF&
z6yXY(=nJNqk&ZlMJBoFPjN^x^bdiP~#;<J?M}#BBA@UqOHl8Da1^GbFmN-xns8**p
z%nrXLEz-@X3C)?yd_0wY-%Gsl7IqJ6U^8YC^A~s3&fNZ<gC9nCXcX0Qhes1TxjK|>
z2Zg$LF}*Q_7n{YFQBoj#N3wu7mxM!A^{=QQF9K{5`c1ljg@Uh9@LLFuO^_Ez?w_PP
zcaF(TV)_nPsH1s{xG^-<-2^IG*%~`wAqgqbSN}IuJYnANx{HfSb}@+$=%4U_^k;qa
z(8&V_51c&kzBFlzc51dxA(z3HTd~iU<TB2|%y>Gd?|Wq;nTalG11ua|ZIf?6e>+3~
zc1?J?HiHx#hp+hwCuBW)y=9wW(F>IzFVVD<gD&+J1w=w<Zb4P53Z@SmSCb_$Q?ma{
z%KSSN{4NE*$BKzDW46OuB~2+f!P3@_BnKfHf$S`s>ej2ysNLd?3@~C=bx>1o3a+Cv
zAr1N)s@OKB{%>jpD;XTQ${P4vpQ9&Oe-!mkDR`ZNzeZq|@9b9ns95vMCW$d*Eozmy
zb6mPsD<3j=1}-GkkHe)XgXj;b(svOoCmPy9(|-WI#|+C1UK^StpI^*FzkH@WvJ^GE
zs;d4q`j`ETArpd%e$Qu~o(>g)osa{7U9D@sRpqMjzURf=729o(;%_K6HWgdfPLJkW
zdT%=`;3dnAXY*BxCj>uNHC}9OZEBtR$Zxbw2EJ3Xakggjq^B5ax)EAa2*DFnKC~tu
zN^os@)71JeZ<!7D<lQ}Q2YYU~Oa2P(p64cHT4{_YzwPdsT5rx_ipd;b-eS%nVsE*7
z@>VTE@WDL{_DpvJs_E{6Dc85$J(Hi5wecHNL{b(VazH6!^gz!%OBKmH@&?K8gd514
z@nq#Kx6-zG^5}Pc$BT6v3U#}#+X{7iCm$-V@3~fg&2v4JUwcp9*HNr#e);J0NAsP#
zW@~m&9xAr9&MO%ID?6tSJP%bmZf{ZWeHZqoR_YH}@_Uqg$ECOf(B;#UABcSOJRi&T
zLp_%>0Byc0U6hvTQwLc7(n^ZqJ=eRgH^NWX1GdIuW7|~a)WzxH>5t4;*g`#bDhL3o
zpEW`dGB{Y$O-jeE&9==ydT$dZ5OehT#kyk<+)UxyDKWbGao9}tJ^CDP)8~j;uS5;@
zQvD&~-={U?4rL)hP6=!1Mgn6EpLG4~v4$Y>By)v+=vTTj?#fIiD(^u&V-RFt0YN6&
z$Np-O+xP`ZUYQ_*%zf%t4RXv>#*&#dEQ?DR6H8`Du)GA>5D{($Jk}(bWMoPRH=~p_
zM6whyOJISxrx@lOGU3$;Z8JG#)Mw2QS&>tI5ZTYhVGT=1KBawdYYD>oA^XD+0Hpn=
z{v%E1am=f+@29IzeUJKEVuy-JY3lo8?;?bEfzrmih=)vM=-nA%=~-!2BP>f{ghPKv
z-+Nep?_twOTd+i!^^rut+Tu46)@Mt^M0_tdTO=c3BEJ3U(5X8=)-1SVngwQN<nGJ@
zX??M(Ss+UhgY+{$3mOu^pZqL%$bPg&XTSU=_N#H?Lnq-K5w6PBB)Lj~2ALhbH6#hc
ztWMIC&rh6OWIlt6$%4E2uEO`R(y0Fr1^<hJ{}+K4URW95S@>Tl3z5O<cj)fB6c8hD
zj4P;V4;$Zo7@@n@@T9~7m~&6U0=Sh~055Ec!)@Aw_yW}vlFSSDSrqMxg-v$8rQC;F
zMeQ>{8K=SaAu>+m8wB#dpn!27ze{(-c&Gs?!T1NpI_NgN#5$-!dL)?#wVI-TMGsg5
z|DEn6anINWUQd|vv4Nlts9&alu@`?vcf@ThX0gku5v_|+?+XWrGdlz9#gfWcdtg}>
zVEIb^8qj86T9o(?{KSZVN%xWu5_rSzp1uU{DmUEv-?!Y|c~Waq^i9*f%z(t{OEOj{
ziOJ+yclQrmisw<=T<fOEqs5NiLdX3DU)$tEQ;!uRO@#<;^V5x7$?g>1TtG_iGK^6d
zvwYR_lv%#&so3NP%hyG0W~YW(?PVqPRQ9OE8h6)BEZ=(~U;P-f#x;scD_Lfsiy^E*
zZ`QKs(xjL7rjI3ZYurU(y2A66!K9}y-J1^^AQ?uzQ#_SDGWBN7^n=s8^P3*dS3j~?
zZ#b+~j17nxY`~+t9PrCe5+Q4n{Qm|OW!5((Y;-~=3|lMq*tgoCVIjhuU4pPoS0pO>
ziS{bH683~`n~iidX$O3zgVZm-(oXVKe#CJYj!z*EO;ROsCxsxVD-)GK4Q|Lo-O$xo
zkldNi!#GpQ&Ee40W9iV8B>o2ZU`_UUnM2d65{ITf!vSeO&`0@IrqO9GX~mL2FgElp
zg7B@$ak&i;2;XPwiFIx%6^FwSNvPi?_~lry3VvA%@cWmAU&`v2%_$iKI6-l;tx|sG
z1jTT5ig&^<Q(e}~h9s>`<RdvjfmENnJB^1kf17aLgX+iuis=8)S4!Tx_1ucU!6e*;
zoce)5Oq$@aev6XG!yCWbZ&A)C(F-P*H@*;Sh-4|6h4EUQ%n!wJ!fPU=6YSwt5bRRU
zUpC@FXhItPeysVt{mG9tY$qBgb{&X9gg=afL51v9+A}Prhv-%<2wxKw>m=gMMFA~`
zLfC(VyiG#-&4vBA(S`ks$p4uL-uo2ugbA6v$rC2rT5{^K22I4ArX6h4)Ev>&%%jId
z(4^Pc1`)sJfUnG+V-r;d<^Ks2ZC*;2tBq89P-Vn1eTpW!*r0crblM=3zd`v73Yk&O
zl1zpL=i~I8DP<T*Tt*Eu3YrnU)H6ezZZ@0LojUTK^)Xi++~FlLGRfSwZR&rgHcDw~
zb{vt#?lva4(>5?tnNI}C0SyQhM3za@nGjt&xGb%_f?6V=le2H5gY4Wol7e>#Dfms2
zg3nhtYrK<goW)hUsZ{7)tZgl}tex6B?^META+Zg6CtcWj7HQ<N-|xDQ6vJx^;qI9y
z3gK;&l_2QWY?=A+%p=zx%SU(7=D1+pXP<iZsl0pl<Wu?9?X$sN++KTv1%=@58*cq?
z*1bC)?3Gb|^A<{hRMxW;j2Jz5N<QE>Z=#0Q?J^O$Wfa+E<!I>I6Ec^)K^CItTl4O&
z=}LIEyy4dWX5C%X6vf^&ZslX7O;^fTp(G}gk*OG5vw&3qk$)Fhg}2<@+?ee&CgCxB
zJx|kQ{3Hd>Q1B@VevtwP1$!wtM#2B2U_S*!EvmIN|C=c2q~Mn+jjH68lZssZz6gE?
zIkLnXl4+n5rhx%6^y7yd7JZ$jgWK-7m8!tAYYKt&v)(Qo{RZ<t<P|o9YlJ0V5D(_7
z5xsesS@NyEs`k>V5WRUnRh6&VSa5FoOQ&BqQ*3f><)(nJRor~bfhg}F^=%OU<t0ey
zTfd2<#Y_R&ff{zxffvghr~%VI^YI%?9j8HuW0-5kDRY7e5Wi|w+^hPAt71NFJuMUQ
zL3uLp<MPz$k`psVc3~x$c<Y3)&Rh9u)$IIR<9Ky>igXONcL$a~$vS#AbvXkC?IoN?
zha;X>c#QRuc76IO?ec7PE)aSSZ;RW<N!|%5WT{5+TeJw4a$K-)1JAXmf^k;nGRRJs
z80<7oV9K0KIGGj5IYG}2{Sl~A`moq##dksc3I{5nN*$*T8B}T9x%43x795Y!iUofL
z?o7H!6R<H_(<mjWP5~|3a3@QF{&AXmVx3!3rg4`}l~$U{SkvT{%&CPuB7>iW1*a&L
zIwk8ioN1csvg85{4%9@++MuXN4clVgi6e(#3mRpop%ZmQs(G4e$+9ERqhxD3M(8}t
zGczC4$T^gvgQTFoAHCdt40aEUYWN6-OOyNJnfV6JG@?TnvwSZ~B`udnkW2O8Zeo)Z
z{Ndnxem*C&Q!N2YI4<*2S)!g|RgCJ<+$<Z6Th*m0oa@w{LFRZ&WDWzkQtv+pjFBd^
zUNeP0llf)IOjFV)oGR&KR0)H?;=F4bPQK-X#?Ex;y!Hz#TYR{i=~Y*M9}zDv0$LC+
zVI|T=BuT@XV&{5xGAL*coDJG|Bh*m{b<Bp=z_W8>bKV`F3P1agZn)$8?_2IT>9+M4
zzj>=9tzg9PU@9y#qpE!S;Wzr;*pP26DbI5-<bh+#pQXY5GzB#LCELB_+VjsKY$;oN
zD)hC-VI0Dfu)_%wUy<Mv*Xq<exgz0Yxh0=hV#WHEguBdcjreF|RS;+nP>YMLSfnO(
zoI3v#U9qGs*s4}6S!zWqmXwId70XMuxh6F!6q@`pjf#{5h-YlAlv0qg)o1E-t;lCs
zrlw(Qn|TB7fWHnUb-6p><;GvQ1Afjl{=QXVjP{bZY>6=pRjcTad=DhYGhnpD1q(|v
z4%)veC?Pd6wPOjTF`^Q>x{^|s&>5uwmEY8cb#6IJmdz<`QWtdxyz==ZB~N1fVZ{h+
zmUfdnU^?nIQE77i<T+h0XPJ~dmPp9HL>8{t0Phz0`pG=7>?)%yRx(d8-ux19$~Uo+
zd9t81-biHGah5$?Hm7ui6|d1Pjzfm~I8$lsZ(4327k$&;fhS!Jnxb~%;3Mf0%nj8f
z+@kWcQn3T2glJfd*yui{b`hdyTUUu((0m*Va`J%D4Tf@(NpNB~v1I=~VXp~c3>V?x
z#<15kpIEZL?8K752nTyWZ{nZe1saZ5OU#mp=IzD*TSV@dJV9aZq;W8I!bXx<-R~2=
zP-a<cBfn2EJ41HI7@G*o&2J%}W=olmo>kwZG<7xf!G)10aVQEOAJGY&n86XE>>yh_
zFBx|WpHFo9G&5XeE}z2tUwe9{<I2A218+yxz4kPB`1Fh68r#HXle}sPJ6s6NAPrM*
zpf_p}LCnX6R55z3OH*o+NaGHks0wI;AE%m1i3ZKjJFRzC3zqd>?WV?hD6pXCEFH>9
zJJBpneo5`g8&3A^W@O(77<X;pC;Vbh&|CaX^q4teYFvxmwUYE>Cw=&o=JhPGiPMA4
z-pSy+Pia_pqkc=FehbddnDiCt0FrHm#%;5Wy_11=+B@>@jw!Ve?6~39|Gwq!m;|wC
zB;fw7lC**m!-FZcEHk3WF&7M9**_bEPpGbG93X<AOpufhc1oELzj@2uMJI^pvL=X+
zOfjDPw!7=fesc~HLs3~DgjCZwLPW1d-XQre!~3s3JsaMickh2Ln-2p#x_vu{Dog$f
z^jxNyVsE+kqZofOi~9v7;RlNm!GmVrS<<{e#2W<7i`mC7>@=&8JI%0~WO@^}y_aAt
zhkQq|;v_0g*pC87(<+m8q$>;!sA)%<<XN$k?Uzb+vN`y{lsIle(zOY$<8&GO(h@dk
zOI@_9%|VA#RAA>%rPcm4NoTu_BP2}qvI8mw)_`MCy+-uVThhbV5}tc7g=G)DrXE(M
zy@@J`O*PWU0_(d?Sl?$HQDL~NH0a5pZ-N$*e7E&(xVS6fCTFbz)_5h`dEquFxPFPF
z#d{)pSM;COf98VJXvb1-WoX(&OR{G~Cm5v>E5G0@Qc`B3H0T8L9y-fX#+WQuf5I>7
zjeB%DA#l1?z+o!gCen;wNLQ@1mUhr-|8dwpjJ=al1qY#3oI}X&yx4K#ojBO9ABh%a
zhsX0n(2~)ik#ltRRhm4j>n27-Q=A)34#Q7(G>N^hX?dbN_oZ=+8$S^hQG&aPMrXMD
zVceK-H{K7&-Tf$0ewp8^j@L1^X1uOdnIJfZ4XDo1%q36~+fmy>^qyM{7GO^14V8!R
z9-*HDF7bOZJ75CA0>MubY5@D7aG#F%|3Tli<dvspZ2!FSYUS5FZ`W`81KqFVFGf3U
z6MLml##Aep&M@H&gUXO@vezYKG;gC36XwSzXi5Mtue)sY(;ZV;F>2tJ%+BZnCaC!a
zr7fzX3YH0Pm;sj-%-{q)RgM(45S1oqRXomMRX5_zFj<f0kyA&r<y2aExK_)c1qfD2
z0`MD72<&Bqzz2FmTJk483DWe&KZgE1qx_&o>FS+rI{2m0>CpAvzkT7AZLf|_2J=k^
z;e8&vK<=9ju3^X*=aT{Z&x8t%n<fKu*qRV1)IBs=^__655F%}vIXm;j^wvd0Nw-}}
zZNr-ld#-ONG(0d{a}c{hI$4QVx6al*{H3i^k6j-r?0o3uCtlq;S(UGQ_&-<G{bk+#
zzYnj4_e-yZ_s>Rn<gLj4(!_~594v+(edF;rU{;j4+b#?5XZA=7To&?VZmUGLUeXwg
zSy0VaD8Bk1z1OZZAF}=Ey%weZ5gR*)?pe>FZH`}eA^79Ho<n_(KdE#f)csQUmr*y7
zl1Xc$vjkEX#&VYj2GtY^SVxkhS;I*M;c9gg&D32KJV1e!{%IXOpn$X(*<VMg68%%C
zt5~xg`b_AU+=h<H>pW@W8Xpgy%zG(*v%zpofg<IuEb5&1@e<sX1)?{5sDO0?^+NMR
z_22R$$~8&^=pbN}7cCid-MWq7u4t6XbwrgGIwEmAdwE_f-IF+)y*#g#?uk2&;77`v
z^;A~wEd22*xQ_6}{8|Go6Av=+IjkTa$fzm~!A!%C)W{2XrxUN9keaD&d!sTRc52Fu
z&<T~C%Fb|WRF}vz<~)moHAl{kko$;Cdh{}mWrz1F9R(-H#!^X@7<H_!UOEbryjsDT
z?J}yS?VF>0-OP`~|H8{Nd0{Y9y>2|B_^llX%~UTx7=00H)^NjJ?w6qgG^))3I@s)K
z0ct@T=vxxsvx`x)4o1hiPFIQ4Qz_<Kfhb$TPi2>&0N9b{lI}7xVWWrbVPs<N@+IA7
zJkPwAa1d2!xEzFU21uutv!4PbN=^qWPkq@W*L0tj)MvjXT`8btbSO~1sTFIQP|A)Z
z{fQP#rCN-hh&xbtvJ|5`rL?HuI=8f)!?u9C4Zq}XRt3K-1^8)G5O-;AwrR7ZY~g;@
zW3^cd_Mkqdxs&zA{fuu2B;b0L+W?x5t1`x`Q;ezci_w+Tx1hoyXCwOgYY*9u?$)VK
zdn`C{gnisgea`$D2xUP#F8H+h7Y#RbQvl(Z+Cpf9NN32Xh)&X6W256ZQ;69iLBzIG
zKa<yLOSEW%(WlrKjfI19LsX<{s9f`LXgK-GL_-t7elyjN?a8%W>=-2!<(Z>o2_Ky(
zJ+QYAHNJ`(uZFq%Z-c&k45^&Htfdwmv}mb^D3K`tWu#Ax{QO<Y_j?H7M(T08CrKZZ
z-Khs?Y>rTHm;yFDmDB=U?C?zk)Xg#qk{wx;rFEl}jO0`#SM!OtG(eSMCv<LHO_N>I
z=w)4d3LzdNUA2c6LkX*_=r@Qccm}<Iun2}seb>$xYVMo#aFWopF&K6}4IR_r>5eN;
zP5QnQiq32(gnB1ka|Th^t&@YdeM+Qhx~mZ0Gg(;-HPCsnpKF8tlS^rAztOPat%ePg
z4;LfNHzKh@B*wP0&YUSk_OOkiw`pUj+|8Pg#8|4>j=I=p*4@TFQ*3#an^v#zbWvKS
zi)z^})W!G6&YZEXR!?US2~@Umwixc1-f*LHccF84zGF{*&#_{p{Yp3Ogza2%CoJp#
zdlgD!Y@s+vBF6uMceFHOBolZbIEP8x191%rYapm`8i?@JNoMR$XK6@OhzY4*0%b7K
zj)f8gLK?R`X%Q1SGihb?K4L!#<i|u&9-vB`m;<zkzNEdUu9l*|p}zrwk%-i4IfYWy
z$&jDx)KwGmt2Ch{OOprD6N&tcRwUXHy=F>EiI_@|hf%7*$Sv-$Jj+r*9^|^nSkCVb
zR1&$a3MyHOP%^|ee4ne?FyE2@h<g)Wpf4ach`kK-<zwi}Z$e*&_{SI@OC)KHzS31d
zULd)c=tKyC+z|Z)Chliw3>F}K9pqXg6JbjG+a#kd5Ev<zMzVt$c#TL6bu+xBYmOeF
z#rZ3EUwpgTCvc}#8+mo~^BR&Tf>P8$%PY{&hOTHX1N$pe-7v#SrGb=m=!B%>>(sz+
zA&6CTBvgue)T0E&UBx^S>8Qu3?!O`c{tX2rw^FH_<y+9`MOk4T?w}MdNOgoPFb=sW
zl>@C~9Jc@LK?^2?W1JOL^818s;()Rg+gRcgVX3k>KIyyn#?C|E+IeWU`9Xx&Y_A;u
z;_<@HLwR>YzWKqqaP#E-#YioX3|p$p93^aLi2^q)hFN&7g>DjfI;(PV1cHMZtTBjq
zun>iGPS?yUw)G9gh7I}p7@?0%OQH{8j!4Uo5VkyIW9~2i*jamMv!g_-AkoO&vS`GF
zK9=OKh|I!HtN$|`7NHV4kj#q1`Z7O!ZQ(Afq3@RPGM39T_$(jev%Y3RH9zBgmI)<U
zb7aywN6PojyRs~obs!1{A7_p(tlk9iLA{3Equ_yzolhN@LhLd@*eTMC-$ir?L9y$}
zgi3<3>WMuE^nD^**fP#nHLyI4j^=U=!J9B2+&LK5GCab4Q}L}KlJij+0wMc@Rq{Lg
zxLpBxP-2XL4J)1r#W49w*Mu7mn1*puY?o&1D&uS5AWF5P&@mN0T4{5K1p}h_^*s!{
zmj)|h!U_f(@;Z8<&Qb8!6ogQ1c2SWwU(xmIX(Y?>1LH_&@EC4bju}~TMQ;*%NCLD{
z^ss;#d8e^+dfVq)rUH|GOVlAG(~F}HOI8HJ-Rs*5TlO&#aDL0aLS!Ek`?5{3B=%){
zY#IB2tV?gQ1@D18<(q7IYWZO~grShRT=Kkyw_bV*4>1~BuGtEm+w&d0*LGij_{P2c
zg?sz+_r&w@lR_wNv@M0zEQvL|9JkTW#c+5F{L*;~lTw+4XIpX3C3p)H$8qWbvb|?+
zOG%Mkb_t4nv2*-zdZiS@8D?lO2Xthn5*}uZ`I?}DAvQaX<s6D|epx&G1?S+!a_&0y
ztZ6x4y%SWU6-%UHoZ~4(Gy+QI1l1^Q$#*O)t#c9*xmhcx#c1Ax0bm|;jCL%cG~Ag=
z=m3vt1TCR6N)acqY;NgaXW5*F;h+JxH3X8E0ea$FXsb-MTXJP_uW2S(o|-D&REc`O
zit#x<OP8All-5X8nm3A?A*O>Tpme2fmUwm85AJ67fpnDVb4nyyy4a0mWMC}}>}2pM
zoTuT&a10}1m6V$mk1w)W5xWS*j>K{!IJigbmhE_-D%-GlnJOoiLTp%kg%YMIAd`E(
zVR5r$mwHSfUmD4sFX<u2Zxf-C1OI4)quPe$g|=NS$}2H2u2F-(O@WmzxJ*jtFGrGA
zY|<Z6Wv^4v4hYmJ1%E=(4%}t^xQm)EE}L7=G`w6DSH>uT>ybmL-M6$%ZrKXv3H?m~
z5QhH39Sdb_YnPR=)im9RtSLm+0GW8aFkXtRnGIqKA|f+3{ihHleB<##uj=vYXwBoz
z2g#v?#|s?c@qVwu^Qk_Z0q60u!<Q)&l&@4F%LBBAJo30}J$1?Bu9<%ckGHI(p32*l
z^#N$s41?EbMnG7WJY!>-O93qg_I|VX`o$af9WUH>eD<Cb`Mr<jef`iFd%Q*ubmXWf
zF(8(Z!bR_%dI}~~a5zx`*Y|eZndEc8wGPPf%FV7EP)ot!%2?M<UBrpccBY7;Ia_uK
z?7-M0DWfqmabv4(FiL^bUp&veW<|oA<alIo<z#X^D4o;3Q-47Q5+-x1AFhD8s$}Q2
zxljFt2^-&iC6HW+OYoc_ms@822A+cw=&q}#B$Kr&sAMTX1uu2F94}yEn5@||U&06W
z%WpcVIKXh5`Gn>UF&j*^b&53O7wngnxxGE@2jc|^a)}I&%(tp1`c8sh$O_#J^u;CE
zZYaZ^7z$+_{dKE(w5l6yl`>#3>UO2UCXJ-Qh1C(d0|F8C>q;m(HFt1yd?+=<Wne<4
z$I}>x2bo@1S2TM*Gd?<01_NKyxo(V|-1>FE!bEzU{i-g<EC(?Cnf^x$h<0^hq7}|D
zL~{dF?oX-mKcnE!5oC$dGou{3U#Jp-H0~@m;0@@_(Xm1452O-WK}9Ysbh^pV%2h%|
zV#%hrPqo4a><7~hEiKJ!SkJUZg$O@yw3H<yP0x?TkuB-=D8GicS;owXWY)BfA?Z+6
zD1xS&@|*he)$yerA3^KWRU*4vU;AK{FcDgANBaMy33Q0&6SD(4PIn|&RZmes8{^a@
z1;0%BPE)Xnf*1u4(E|#|dL&CVl^j;H0)w4-GT6DfeR1=i8nb!Nycf}%n-|YrTbdiu
zo861&4vOP%xM>oiH#-;4-C(Z!mKRYz5^NCGqwldDY@@&CK06NKHXMaBVpD4z7`se#
zUpL?DfJ0h9G+$Cjaw*Ltle9`bjVY8h7i1+c&{6RLDVq2E<uNig%#LKa69JN%^0!6&
zG4m;)h0PwXFJy*NqgmBWPf0z;{b>_htP%&pwF`vLxni4E4mE^8t2NhRc)cdH$IiUg
z>dhIr9)I9$66cW-x2QFnpXzGtZlTVurAqFl;Fl<1^X`5s<r^9q%wbrP>Ihu5J94Qf
zbDDSXd{RvgvTeRJIW?CqoH{^d@1tUYI82EK&&P9g7|rly^&mX~JFjqF;8*GH`xKBR
z7@w-8(^qrfi-8&+P3>1zWWk@3{S}0emfLJM?e#Xto$ZRv_DjlJO7r)W?t;?&ZKdmu
zqsnH#qsX8^u{~n@wzB=(%GUXS($w-w`xn};*368~#_pMIyf?4Zz0=V2O7IK8tB#q0
z*$w+<8}{dw+IKqEe6{^c?L|-3XX`&*Ukrt(`ir5+%dIc8UOQX}-3KE&uWR0|_yV8Z
z_32$x2WISrs!c^K32>Mlba&eGO51!LwN?LxdX^k4`h%bSg-`!NzUM;){{fKpO?G&G
z0O`HH;Axq)x6XSMTm5`kX=u6WjM!YoK+}8$e&6x>uQ;CFI8SNNs=M4boOK0f9TWxy
z=f)pYQfiN~z3-;8K`(>fcY=|8&3f#tm{|+Id-L?jRP@S3!P)tPN+jO?kZqUEdnJ8a
z!OxwiZRrZz+M5c6cSb8GY__d86$<Yh#GV0L;3oFm+5&ej+8?vqAP=LEeO&(^p384j

literal 0
HcmV?d00001

diff --git a/tests/property/__pycache__/test_resource_inventory_completeness_prop.cpython-313-pytest-9.0.3.pyc b/tests/property/__pycache__/test_resource_inventory_completeness_prop.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..7d33ff4c2286d0b44e84484484d9def809bebc00
GIT binary patch
literal 47299
zcmeHwZEzFUmS9Vk?Y7)@V+(9BV8n+3fxjdhV@x2JK+HfOV4;wJ-_r_P7$vskbju0$
zEHjzexAWd+vJ)OJneh1W$jtm0Gs9MStC*TsGntvx?4S9mwk*lj`%&-J?*8D<77V-f
zs#06Ed(ORmZ+A=bCm%_s)Foe^bMLw5p1$|={pxd1Kdq^83vl)Qo&4@EwhO|4M}%E9
z2Jp1UB?zAjK|v9Mj-d05LvfP-Wv5-L(<_`VS1P=iQg){Dw5W)utCT8&y8w49)dVg-
zBb}~MYEIWGwWno8KD|y^ce+lg^9n=NgS%LP=KmeSkO%(O9dOV%_Fq}QB)!b&*nefi
zlJqr<j{R2}fWF<7gF!olU`4PJ(mGj;`5)56VAUZ<(0!<Eu*-~RP_Vj5;QX7G;4dx8
zzb054ln*%<En%Idgw0EoP`79aOW#4gh5wc%_^-8wJQn_2m*Brv`PW<cHv|8ptZmHy
zplyq{JZe$#mbbJF&>S=QF=$D?Qn2BW6Y?Er)aHNCDo3y}xRIovFyk4tLpWf72g)b_
z8oDXibjYRb1dgW|o%w$WNgTmSlmtrL4FAiN7U1xPnUg`lp>}BV(3YXCL+gh&3^fcj
z5A7Uk32r&$R`zTZK;o@ULa_OOlhP}DN1eWHk-vmT_`H&sh$_jcwyO~}I^s=6)uigZ
zmQcJ(R834O!%=T6{y{XJOej;{;l%jFSTq@pM^&}m?cTTVt;kqxBm#N*yo1sACu2%<
z97t8Kzdf*TpWDrNd;OTcBs=%(P-G-N<sFHs!-)@~3dq7GxTYk=Nn#@2HUVYC)Trv6
zP!b=+Mxu&$?}^0ld+<N_VMG~k^`4o$8dc&TrP}HaPQ?>riP5Q6@2QCL0o+<tY4skD
zC{gd(XfiU^>b(?;k0d@+eXZW)^(YoNIhKsYM=kdZ_XBqxJk|fk8*u;eWF!`M$3c$h
z_(XEb`$1%E5@fN~S2#H}5pDHO#$)eKM#Hg@R&P8q4iQXVfW{(8$T1!shN>HdifwgA
zl;P{KWOO(=sQ_stKH`lelS=IBB;1DgS}Zy?0u}xU8}FRYsh5w&ph<L5jV4iA)#uRN
zYEnUNv8d`R*X7qHCi^Wc_4*UMT3JKr>&_c;yk>}@OVD7XPA|eO=<eWfBo5S2C6BPL
ze>4Jt&!s!w&>iP=$9dfmgo4+9h=PyB)Fitd6roHP$7AuZ8k>#+6uDtQk+F&Ek*m?<
zurYSv4GE}|_?$f53&H0?NEo!HLL6S~i3&RUMg?J)aNl`O7w$Xsa=7o<1ON_I#cW>v
z>}!2PgD20wITVaXlxwdgMxsMRsfVBeh^7-X%#<t4)jMoe?=VugPfY3JD`S!It0R%4
z%2r^H<Kfd<2tE>S`M)^$(}O=d^riFmt4|?DcocxZ=TvZPR**(_gaNHX$XZL+BT8f#
zG*PwH0@eVjg+Ty57q0L+2=NgL?)^uCaKwT2gjd7^_lxyq^fEM-hP=L<w7z_0=M=1H
zr4a&9p|Y`PT-k&XO%TwkQ??+Ew@HG1n9vNtN5W@ax8DC*&z=6C_T@bOFSq~so<G_1
zXTBNbPdZW_zp@QT9{m#pw)<IAt11n^M%jqLqGDlZub^0@;FnWo&$m$KE4DHp;T_+1
zD)kr(?JmUD?I8_Wh0hu3hV&|Y&<OYlXO8fwy55UUsd@$NrOdpK$}zc0ui*~?_E~xr
z@3V9l_F1~f`YgS!pwH4JYoDcy(fG(jA{I~TZnNjoYn8}{@T6UX?mRvmRfnNiepMUL
z)Bgsl{<$zDC=Qs$!a%2#1)Yj(s2qm0ieMQ`-dsbK-OgZnlkl#KskI^&q*vI|s|wO9
zZRzfUbkUYxU65X7OP31L-L~|af^?W_TI8=SNSAEsGD%-IxP#Xh2S~lp$xYeNVifC&
zPu+v-f^}rNS|9Yl^yQgy2iG4e!=(Ul+yJfA024VwM)qG>A8b@MjBfO8(zjoP(U%Q9
zzr|)0uURG(kDy-{B5j}yFba{5dIi&lmCQocJhRA~6u9|F;Vm*L@UCuB;9h=G;I%$r
zi%tq)2o~96tQ>(V9LAoPT_ONvRQcmdGPXK!bjiQs&MSNb2|2I0SUQ_6Cc4;&GvF9G
zCXkipl?p~Rh-Ktm<_!2Sq>R7_afPg9k!(=PBL;MbaD_|F)?=*92#f@l+&Hl2UBz<0
z39I2?*{Y=6Y%8azlp#lfbTDEqC!LuKq$*pM+R4fYx>hCsN^03`TVsB)s#-3{4fo?(
z_I}Fv{gk(tw}IZoT~}~YL@rBi9NO}(9YV;(a<l(YN3i0EV`67$F<sukn1pyu#><11
ziD;+-=TC_b**$|cL-%Tt0B0Y07w#a0D!U!Qs<+?jb{;TlAn1PXEwi2#%<hv(xgz~9
z$PF#y{=VzKrDcjf^`UZBSIbgXFv?)Hp@U*j3f6?gP6yG*s#R!Y730PJQ;m!}k2vDx
zpqU>O*UZFU4C2H#?@Iiw*;mHPg0+eN6q0bpp18)^f8>9xKu6_J1?cFyw_ma7==Zbt
zbF*4qwoR*7Ov!toWqC@BXRyxDlbRq*l|nU!p46^FPih%2_TSJGH|R+<{FQ;OjEz?K
z)=zh^0i5g|(DlA|d{Rw%uSUHQ%gh27yYbQXZ{CimDs0+#TlP*&_4rixZySL32#M<S
zse3V|izNYIB>8=6yR9_$%~q19+o$^6H+6SRjm6bu1g7g`Hlde6nfJ@}vWclq4Ez{$
zVbG014_#H_`upg8$MhhUdVrM*z?uXCIlM=SP`y4?*#%F`{c`0s_@|t};3NcC_5lof
zzmY9<;fFidT_9yAS?At&eB<1H1mqfBq@v)aY25)}h#Fu~0GQI}*I7H+c5vU^i?VK~
zwSLH_8gimw0p)cRcEAw!kX=q_1|p~5SEKlm?idFBNGu(jm<nH=jNwKUtlh>E!;vvn
zcS9_0V}v7$zA>y`PfU)Dz{+Yu36G8?u13bfWWiPyRwKCBno#uGexf3=MEs<pBoy5f
z#x18vG90}DYq@wN2`Qv*^*Y$N85<+aa0di-$H>OOeOY&@(Xne(4XRNpTGIjDf*ha-
z<$cha(rra-DLvLahv*Gc27bRalMU&zru5n}b=t6iDnm7T?HAeF(6^Bqw5fkMriNkW
z9wys)djGPkl=fv<ybooo{}(1#9|?~ugv~p1O`Td(XG-k(WIEN<`EX}i?g1n#_vA#|
zPeTeGXUAxCR_wX6*Gj>#jMxLLc?t#Q#h!;dc^vR#7*ZFMJ}34pcsA!eKF#AxiS3`L
zDUUBL?*nk=0tqy^JtrE!wAh}K_i>a08O+7wG#f^vvts+LUMmH|AS)C{Q>?rJp1Hs?
zZ~({`<i?!bqRA~Ou`4I<*W~>Gq~!f+xeb8XdJ<@IR}PZNZw`~&I7)$x*!7beJWew)
zNJz;oG$l<KTVR6=#Lw3A%vJyjr#n-8MFT1!!e40}29>aa)naKKX0DZs&U-B@bYm4)
zT8FJjvsSV~E?7yid3b3Z26bFiA4}^n=-A+by@Jv@jMT&;dh%UghwbMtKvu8@yJ%T=
ztbPr~OR}%O=sEzmamivpIS!EV;_eiHu#`Eswk4LOyu#&`as~@Lhryc|;5$O)JOohQ
z@G~!+EJZJ}Y*K<);9D46f&kV;0fdiXfNLV<Z4BPQ;4%hRFc`w%2N?Vi16(F5VGPJy
z&3^^Z;tPSzWERf_vo8XUtZ)%fJo^nS*tP&@)tXvUVgMHatq+FNasZI59LR~bpN14X
z&W_ROtQf#4zmW?l7?u$Oz?!E}U|tM780K+6%`l`cD1A;0kOe@C=7CA|K3o8_q~+ZJ
z&eV}W!x_KvON;wb@@|e&AcMJhoMyvlbXMGlQ+|U9P%sR#LUA<3${XOBI-Y?8Ku#6_
z+ckN6O6<tVdo+0u04aG-T88CI$IKuJG`S-O$>cYO$*{&SV*t*G9k>86;xrS3gp|CU
zrlbjD3v6(K_?bbT*$P16r3C;tT7ao(=|v3m3Dyf<Sh*O^HV0QV%`C`WS^$(50Jhfz
z#V6|g^(E-bDqch`yKP>25kns5(gJ|>YTwfZz;4_{U%}k}&1ahXV<D@Z_W#z}rv0?2
z)y?>S_{=kYTIz}?`(2<lFL1KoKqmVrlYO4wyTW;XLC)U=dDSQ89{;_zpToX$+b7d^
z+8%hw9&}q4cbjcL4GDOh9i!1%u?=VRMlPUWSO!2FFCdy1p)4yg!+@A<b=xw`iES{w
z|Ki9`kEFzwPt;pS(l~W)`Ldq`u#uh<jbB=9AyZ#729h$EiIZqHj7De07M#r+xqyOU
zkoDFPnqXxO@R$9Zo&!J)Q~OVE{=1v7=*Y=CG<gRADS1a)-i6B$Ckd=;kvUA>#n%QD
zfE5Bx?9G)1!!Y3{O&|-69TwPNf{P9(&uays>?P*){~G3GV7$DTQA)|cN*F0^?Eg#H
z*e?%OpefZG4%3io<Zo<qPrilDW&>nvw33)ni8eE;@282%T4uXd?PbK!NCdO2>gQ^9
zL`;srj6|9~$jr41W-wp?9vkt3T`fP|0Vb@I<MjAS`!~U7n$ECN7oE~n;rLE=GQl9D
zBBp{tOVa0<?#6k>BIXt*PcNk><{)5Da=(mPf?PzNcn<2DT8r=p!K?yoFAn;um2M<B
zh5;#l1v`kid3fKgL@*E8fxU{*Fa{$Syo*5;gZCh?+A!D*8hTZH%1!eFYI;C-9NBH*
zM1-_S7@I*~>5gOZ?0*2osXNW-NUmwW)&y_F`*6o`|AV2l+y_Wj?#qd`pN14X&W_RO
ztk{Qh5F-~*Ff1eX0c)N@fqAj-!4QuFYK9?oLFsd1AKAt8YO*&aw$8X{Aj3YU@tYG{
zQ?i$%6v&9JIG7tGnu$RIr%oe3PQ-zEv9&aSmp10$alva5JM@CBwSRFNbEN_NyE=fM
zC^%)c*hrpta?>`N4_OAp)xVf55Mj|_U4)0octMFPVi?hnEH$F%A9@ADN&C>Q{2ns=
zeGL8$@~c+x91$JENm(l#!<8RFwxWaZF0vC)aEE!L@#`zx7g&bRCn&{k>#*FdHFc-N
z0UVaQ=X+jH%L9OA<$;`N`)NqR<LnrX&WZy#5*xXIf?*kP0C@8h3e1ZGP#TW}a*iT>
zLHTpy02!Hm8oo_CFuR@x@`0Ra{N}_1<ZYT614$Y20FKN?oMvK>z^T*7j}viVUOZ45
znM)%xJTZ8cM&{Dedf8V_=82w{v9vyFJ&U=>pq%G(!8RsedZsbiTKJ;FF&@aY568Vr
z499ks%Z|k40Q@m5ffV!1BQdqaw+fLr2(Q!<e{mMKL0bE=xI=5|NQwP8{&qavmX=}n
zyFV+#Hni=hAq9`KV>CJ|_TzwS<N^wYWyF49%~L2aFZMs&#^ZpRVMtw2`kdHL2H#y8
z?s#|3oS=aW_Wj0hPV6K*-ewFWWyDS#e2qBG#2|rFr;#5g;=sJvxy0c6F8B&4?Q4TB
zSuXR)-eHI>?Q1XBSr=Nnl<ZYX_A0h_1|@qHI5-Tu__foWrvH?JiH7N8Vk9<<C-@@D
zRQorfXPaDbM^lSUEp!)_R>T(hO`Kq?{<x=kgYKKlnkM)pr58F`x()C%gjO*5*oAbs
zpYK~@Kc8&nUqedtJfd93AO=Cvt%L1k>%f%UW=aso`q5uo;l9CAOzvR$L)J}$HmwPa
z3%YUA()J*kmSG2>J1fH)-}cjxg2&l08l4rpahhV}0t$v@#BN~CQz$Smc0Wk+IG|=2
zQWumyCw3F-;oX`COosQP_3-XA+T`w^0W$*#;DlaIG=6DuKUnH=lmZ#d#p5&^Mx(Rh
zezYktm;eRCAS)C{Q>?rJp4rYbZ~*u$G28jYHk|Er2#M`Q9i^069Ho?5Ml~li8(fJK
ziHm%@7#ub&VhvDn1)Q<aE5w&E@yehh@#Bz4TvYr#ULGoEoCcgD{~nyKpcO4{gOO{H
zze#2>_>PtN-669QxRWc~iAiyLtYw_8n7P-Pr7&m_rz>UP5M(t{qD_EV&N8C_tC0vg
zT`_YNmCojL#kDLoKbjIOUzPkTspX|#DJ*jz7A=Er0WX+4l`nfg+-*v*f;uut{OKUN
z4a>Vi+}#2=l5?^89dJb89loWEMc(LNssg7I;-$(<qQ&h*)pM^uTym1DsIByJ^;eJ^
z>aXhisil{AZ((Vh;@V%y>S|d^kx>TShRciUV0BOmRa2K2iGM7rH{4N%*QzH)9q5F>
zryFx6)hQ4wh?*eyFS9t+z#}{4vPg>#0P`+z2UN_dhD;r=5C<&aR3q+!KX4HguLK7h
zcSv83jt%p!`0D%eVq8|=mwy6%`MOeH&ia~CUvAO);?MH4_T|v;Tgq6ZFArf~UibEm
zQcrHq9A2P~mU{BF_2lRVHSbzOPhO16+IsT(QcwN@pOVt7+&(K`c~9;s_2e*H<mcU9
zppKS$@>TcburK1x>%;+#%a+|0`N|GP!PXA(b)j{v9Sujc>r1^atC1HlkLI6j32u1q
zYkISFja?0XAL#CPxix)3ZdlWAST0wHf3hanV61fOuB?3JS;yAN>_513#FeKEdg&<U
zZ97k&cdtO78%z4k_2BvM@tOL(@ww}>*}7}d=Yrgz&l|s0eP+$Tl(w*c-p7)b=$|*0
z^qE!U3+<nqp1VGqt-BU|F31h~-1P0~GuZ=dW%_FV&s#aRvlOP$Mc(HW<FdAu<L1({
z@dBR>bLF_@xj!4Go~-5BD98=Z#+GHDjhD9vxV5x$EUg@|Cmj3^zRekxea+La_K%Hu
z$KfMs5%N_!`gt_&FP+=SbRcvt5s!M+*f@N|EE10<Ce^X2cJd*t=?iGQ0uIKh18@LL
z2jIkcdJ(%8aHF2@2%I`khhsKi$f6vBTBAot`vLNmD;F^W{gsoWs>B(%au(53nC_T<
z2W9Z{k`OYaKu_jG3_o|`ju1;N;>O*yr13Mi=^z2|=Z8-9h`aGF5*{F7@3ctlgAJGI
zfzD~GC-ndnhGc=RbJJ(nR#V(R9<wW=wFI{vdY0R^u(jXv^r^MUNxhX=8xll3|12U>
zj&|vk-@$h0N1>IE5fw4`BMk5@HTCVddX+Q{itIJ5{0x}Fy}b1-_hMykza!tqJlFNq
z2jgPqS$aieVgkMrM(ncmTIP=aY68B{IAL+*NL)X5VV!hiKx&K}1S6HzgK=0{)GCbJ
zVZG(d_PdzGExW8f;|(wI)K<<Ppg!XbtlNeiv|&BOGR)>;-sZDD;J2m)493)-eV|*p
ziURRN<Z3;j=Gkxt(KF&Zsf`)<;^&=Pn09XAiNwSt9H5Ji=qFcdWws=nUw|0uLoh@7
zNO&R&RaYF$PyJ;yG^2j%HSuyr?)l}7+^Zq&)lf>j{8d-#)lmBITL7lsxlBXt@a3GC
z|4WO&hDQS*3r3@};$^fyGcp1N!!p1do!Q%1&Wo4PeZ5J|Fr-Fj_C^Yblw&B!kOEQP
zu`vQl$nsSe&jBS{Fd7ZA!A&!sK*2C9?bQ%Xq3lh#pd8L14*>4J76)@p)GO#9RyXwu
zs)>UcIq=Kg+~Kp@;j<}m@S&PId^UaX9Du0{;L;L9?I8G^%>SiDV8f$<j|HRAS#c06
z*vJSJ49fslbRBAAIWG>Pvrv<oVMvXxLyZ&=DaTNdA$9N^Poe<OKLo2jlaU3Z(I6Py
zv4w(RSk&ROG{wpr;R^;so^LS#xc^!_Mcp%<;_jI=@l-}`o4x+m<Nt9yC7yb?b9Ou(
zfO8h7zJ8wsTHsVp%>SiDV8Ek+g$1M0S@9Iss*w>W7?uGL>?>^?=fzX#u*oE57!VWp
zO-2d`ltWiih=K^I0G!{jF#>vg7)(YMj7Ec8v)8Q@41=t*<21p_8sM+r=k!Yh!24HC
zJBmA;$Q8JJu)CPBW7KcNi*z`V7W;^-MNi@83Qob=&)wQFdY1OZp2AIw14P_nhn8{$
z$A;|3l<XKid-Ng?Ev3c&UyGq!6SY+inYPNB7|O`qzkEA)<h*v|d`b*`<w+empFRX1
z6$zy-!kB`gb_n{^{9jrGHar^mSTGu$6+`%h85x0sVHx0x2F*5>^I`~1m`!SiAvGE_
z8z~@Cj-en!>JWT^#Ks8dzk(;%WMsi;GzbQFY@uKn7Iox2O|kMu_@b>4p1UYO?3We%
zeyY-j0q(ZZkNbK7dW5dVd=B!FSojWe75m(cs*CV}>^OceTCa%WH-YfG(Gq?$HhLq1
zANE#<xuq(wz=;>Kdir0$n%?$7Vn@gsDuWM_gGF-Cb*Lil3b_WIK$&-Wgn{}~u-ZXe
z=0PiGgD!5{H#2u>`0ktaLw(1<Y7QJ%SWX)8cSL5fMJ%9eS?XX>+bZ)je(bFd-;=`k
zP-bqNx8+@60gV$;a<Sa7ms1g}T$Pk)0d1C3R7&#$3tT#UJ7VT4DxH}Nq^ew&n!m>m
zimQ?zEuc+Fipp<k+hRLrX6~Z*QJ5R<N3@h#G*^gQzy_;~w|(Lj{%J@{?&7-~+$xr}
zEWGW554TN>E~?A?O`^r7zbaUrxF2#8oBqFLZD)LT(!A@Umab@l3l@1bZ{M|8<kdd+
zmf4uE!Awf>xf4^yqIG<wAUCv3?e|^(ExJ+ku0#9-kjqkX>-wN<=%9pOU=B&f=LBn3
zp^-IA6WM>Nk;Kxu3N-U?ifd-#e+?F~TTc8xv#*4cC-v|SyE3$ne0cINm<EjePur7S
zTuVJ6H)!d4%x%%r?`IFl?O2v=SN<k>SxVjuElX)yCv0HW3BiV7W2ny1mHJiaN<GsN
z_TSKzTC`W7mho{nw0Zg9vX+pR-q#r8P3IJb70$-exXhjz@|Jg*Ub8eV(=q3{kITh%
z`NfROn@Zy{yd~p~)Lw@EFWZBDcgN)-n)y=3<)+fOJXm}V_gx>Cy=-1?{$KTad2?x8
zei{8zX}t_1!BXqx;=24|#^o)gak(@uqc4QeO4iFoH1nm5%Uet1^7nLH<|hvp9hYIZ
zoL-CWV>g$^<(D!pZ+q^$rDof%WgojBH|&;fTXt2$XR6PAz06M?FpY(GHTHKhteJ#G
zb=h0eWmZWqbnj>TbJt}iHg`MBB388X&xm<$(B<vlqAue*(7Y>8m$~KsqPo1Jq|2;X
zU#KqceD1nzw(VN_<$~Ox%R9eCU2e})WI*$Dxsy>Ws>{1dy8Kdfx#hX*ve~w4(dB~N
zpvx`aIbD7+YyaJ)wSQ^tzp}OeK>gYCf>14Zg;BR}&-4#3U601S5$||n_&x8$*yLy|
z?uCzSjZ6+lRWCQ7@<MFH8yt?r2cs$+C~5UZKZq(*oWOfMqIx56HbsfPKN(Y^Bh-JZ
z+CIHL&>84%>-4wz4_x$j_H}jkb#`9X*AaVf$aFm%xjO6*biMAYQ2r9ScI5#E{{aHM
zR)yli$=G;QO@fh@E`eCrVq?)TX4Bp99kGdsl8i;hlvgp&F$~DZ%lZ*I4#7EU8g>ft
z(-`0~L^*@OISj}Nkw%1|Mg(OLgCGWPVSq<R6a@nngCqtwFqpz%8iU`#fSBojjF5=I
zA7Mbu^lu}CX8Ou!5coDJZiLBQ`Vl&Y0TFhwg9Dbc0YvmL=D;3A31HBL!Ag$`c<51q
zyh^Snl??3+jau~6Z~Q<(o~u~;O}O_^f-wxnF^EH;dLUrd{g(gK(7&5Byrs}E*Re3@
z547zE(SkDo`dcfs{9h&CSrqpZXupqy|Gi#l+`iDTZDGUK1<$61&HjZ=`xhFwJgKQ{
zbpNFKalNo<S8iilW@Fn=PW`HRcdofxYwk`-eV_HEn!6tkr#*duWIcU3$@bHbg2&l0
z8l9E;?p(K0Ff1b>Yo0=Zd8zN=FpmR%3`6RI(&wbUg~n~U#x||7EhPm$>q<4Yr9JHc
z&eoAY^8|8|@k>jAl&77e6v$vM9;ewb8l9B_w{BP|7zSCPIGSSR4e)Fo&%gm7Cw_E&
zn#Y%t4(2=^nx_MRl&2%@@dGeBNHG8GpyoN40}Aq+LkfuF5fsQs2f;@!BhpL^5>g%?
zO-U2(7TC|>0){jNBzRmQY}=D-?$nw)Q&JB$Kb{!z^Z=6e^yDPlPeTeGXUAxCR_eh9
zH*x_5!!lA2u;wWgn3sCM#@#~AFr+RheNO5j&F|A1p-S7a`F&~6J^*JfkU+!sHhyWT
zJ>}WQQ3_-*7mw3y7>&+K?bzT36QE!iWQF2rij_COGZ%OU4gfi6{ua&Cl9IY|p8c9<
zKL9Du{<H^_w`;bZU~RMYng>KOesf3xaXf+o8L11K-yqUV3=&eF7MhYK+$}IDE9QXs
z0){jNBp}UyZ~W)uDarp?-<|OXL86`htOu0G_S2An$JsF&ot6C9+D0y*U|0sgah^bd
zdCC7E$m4*RVL%K|08gR7oaBe5|KjFPZ>A*QXI-~$rm<RmGY%5KBbJklUt02!8Zl!a
zDTA3fiDtuSbXM|VOB=a>f?<&L)=ipVWexC*gVS>WsM*K4L5DoVi8d<Y?zCqws_1bD
zQl7mt$E~V5XT)*kp#Z25Ho8R>4Ga^G&;+81yDjiu4$mCtd945lU_A02S~GM=NAZ#G
zc(^6)ISNSDb2KN}ei~BnI6Fq8v(iy)Xd@R;Ff1b-1=c);0`t<*hg*0YP%{jv3re4p
zjvCVTYR$bV=?qHSJKuLY?KuNj)^jE&*?t<5@Hjh0qqEW(6wt^86b#EqXMi_Pp}@R!
z21?_RK+aL5FDQRbI%5djr8Re@q?0Ic*TZnya}toO=VVT@{WPTDadwPGXQh)Up^*zH
z7?zPv0&AW^fqCiV!!VBnYK9?oLFseSNkdw{)(nGEFG}lw*q!!3UH4`^P#d<Nh7>%`
zj?w6>)Qj>NxqyOU8L1ao^ArlqOT7<aN?=km45<rBpObn?|G!UbgigN$`~Q7u>{UBv
zA|!wjHYXXswA2B8Ek`Mk!CX8}vtcwkD|O(LZ!iH0hCx;+j;2_713VMq8LR+^^v?%{
zP3`1}$9>_PuR#~XVLVS94(sl4cpTOwF!>MbQaJqnWMs@pk;8CMR8f;-v3N9|faJ<>
zcqB0#4l8(qL*FtIQ->3<R*8=AnPyl`DsZ55bV@;I^hyGQNeq4)gCAq?hZuZ{!RHvv
zK%hI-q+UK2Q<HEyJQ=-_R9u+!SD3UR3_K&r*l^f9GYk^^H4?xf0fEeY74%I{f>8j}
ze+zpYe;_<@R+fuT>V=Bx)cQ`X-2d3=D(_D9o_;F8|EFa_MS#RSk!%#5sqWX2qLWi}
z=27fVb@U^}eonF9Mp0JYMtHz~g94x@Zc8a;<vpn*Z$1^^Kd0!)qwo_+%gX(n!k<Uc
zn(BK4d9-qhRvU#}{+1*4%DJZk0tO9&Pj-MP3-#;2*n4|#YV*ObxBt^st^UG7o#%^<
zw>RF|ac|GvJv07UMQiH&`hr#mUu~@W^v1_G?l|vN-mRRegGu7X-mm?deDX=9tD*u+
zti2P^%A21!_tHw+_Ou!jo=Sky7Q)8y`IN8VpDtdVjEyB@ag}^<L*Ephn8IaCJ3TTD
z-yQ*12p=l3WK^%>QF^5jr(8xB?(0(%iRAUD8dHfPQe`QJB<1fhy*?Hh289I0RHN;n
z+R-tUE*gnSl7%E$SK^XUmsD~{X(W72NsQ|*)Iq(0e-S%5H4)`1tv3~Zo0F-#zG--3
zGHm;77)w&V#&X=l*CR?~I0-`O6|mF>KyL(B65;6hL~<&ON^cg_z!q*{y8!jvOMyvS
zLmpOEm|h2G;U^NYxP_a<zv>c;LgC=LBAmFUi$D_{MR7ztEFX=;Reh@|kmX@xyp?~z
z8);M`A42V3gU3D&`xvGm71**Ps`7V0MW09eGpdWP(0=Bq@}GeO9#KJU1>^6>We$hq
ziL=V#`b~r2aQsNf3A_KRu;(|f3WxLm2oOAO5}LN$+je)`{q-|rY2V@WrdLuz!@|~W
z_riC>_b;Xb$J1@ErMI3)2~7)In(w`N_s#n!X1AqV`_o&Fr-V(vg3O@O3pKS1HR~2?
z<WGO_@efj+C$t(=;LXn8h(cM_@9oyAcBGv<A6E&EjgKWPukmgp$s!wBX5Fa^7qyxY
zWNI=q`P0q-W@>~?4I96>bo)~AavIDmtQ-$yfoHDrc4hG_b%j}KA<KrwF9vQ86wk7u
zFiSmT*}n77<v*1ds;WP2{J3$Ut{xtBeA>6(-a30a6?$8%dk1dHUGdm0NVT6H`uNa-
z=>D|w<H|dAUk+;GUc{<DuD%nQIiQJt1N+08r<E=Vv(#b*J=s*V-I)@$K5iB^Z@sto
z?%oAg#g7Mmf8f@IFFl&8g-BaVsyih#KCTtKJMK;0omy};EY$B^sP!&XH7wNZTxjTA
ksN1(t)4U+JE_n7m*--5To?Cvi`$LDL^PdF_Nq_SH0pcx2^Z)<=

literal 0
HcmV?d00001

diff --git a/tests/property/__pycache__/test_scan_profile_validation_prop.cpython-313-pytest-9.0.3.pyc b/tests/property/__pycache__/test_scan_profile_validation_prop.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..e6f752ce582ef39c72d261b9d4844816de9e58e0
GIT binary patch
literal 25626
zcmeG^Yiu0HdAs-Ad+<%YC`(*Yw(Qe`dQ+4v(xzqFA|+GGtxk`S_Vq+A$+O8jdiF@0
zbeh;n(8{i38?IfePJlQL5R0)<C~1o*k0J`19|97fca|+Ni!?~u0I7hWCBr02^rPta
z&Ft*sxYUt~geI*Q<lOAed^6w9%zn?AZ?3E?EWq`ZZ&f@lZxDok#~Xgp61bVWC<?;s
zf+7$>5f#rtk$C8@x67w_WTDGX0y36(4+gs=B6WpGs4Gmu^qCKyMM#w9{Rhjs%1L=w
z1*zz&B$ZuNq)HZgqwza=ht_YS&|3rlmAjy4y!bDvh5CSJ@db6G@lC}~1))(;0!k3d
znq12yCA3FW!h5_ofQ~59JsxPKOex>vBP*ficDJ^+S~%7z6}^>8CDd%5UvsBVsj3qm
z_mMjm?6XX%hB9}IYdFU7d*`>U)Ye&8tX+w3zpPGBmhbYgx}<*46I+pb2?q5D$&RWd
zH?jFtN>lsgoT}wCc_2$<r7x9%!h!U#Dvzgz)BUMjI-8OEvLmCzYEI3ln${E!Z`g2*
zm8sfZIj%lAmL}?mnt?W&o3?F&q#2Xl8#aW)yeE14*1fcKdGyB3haUnoQke-^160h)
zPo;B1@<BPBp-9OCX?3_?lkXWxYg#%ph}Fi^{VLfct0SYi3AvA`{eVw8HLPt4k7bCO
z>KjU(f_G9g{iE45V7dv~7|y9glhvpDRJ9*l*}iovRLGIE3dMlMSVkKg9nF#)3=vVa
z>=@}&<=n)ms>L>ib3=|1QVGG~JJ5dUkUX5$a&l^Tcs|1EjGU4YV?YI39L;7lwJCfR
z=cha7)%}C%aW$g{Qkph4qUw^S=5kP3i-~$z%aK%09R%EBK7G|A?I)7)4&`tnzP}@R
z^yHC_<U^f@j&{Tqz2Qjw@UhMZJK{+tapcJ1_|c9Boi!Cb3X?*I>nOa79<j~&Rs7(t
z)<Oc<h=+8sTNjT&@3l`2rE@C2SF#VW$l@456=@`$Nowgyz;z_`w2?~<kHTQ9xvTi4
zOnFEZ{E%vF*pChSbl(%|gr)~zD#ujKD%K@Fje3BnxiOOIGroTS6NC`_d*OfXB}iTu
zdLU(2Lcn%2Vvn)T1tIR^W!7(_U@H$;&v~v<NQj)yC}I!xMz5X-&)Ld7{F_p|d%SnT
zJ5ApAFnk<1LomT~{<8z@11efM^ee-)L#NtYxJ?9+zlt=MEQ2H#AQJrO9xbQ)u{}+X
zYAO5(`;!ACJED7G<aO_`nu&SHDy$hY*Q$n1$+F(De{XNR<H+G&C6gip`?LLOFa6Ma
zVVLRHPj8d>oh9KBe)CD|o5x3^O`{X~8u~2BKY%3t0FuUXoFGWP*TcWI6Ow0zpI2@>
zcTb`6-e)_194ULb<%O2l9(d#MtB2p}yj0tCzUuqR4{I)-{K4A%$(~Ccy@kl5dEcXR
z04H2s3rS2QW$@#eb(~r{>qjB;7|y%7CKAF<Q4xWfO17DGo%vk=i&u@nb9|;@?mXR&
z4zaTx@IQwXxJ_Iq$k1s5Ko7v=WW=MMgm^EYFfP3AmxV{7f)IfkgTij_fEW|Ir|`q^
zG;P)WbeME8r(uJ#{47}qzj|ojAgq(8M@gH$df#wr<WzsEt!dwIwht&3WO(6LsH?4j
z<abwLO!HMI-)}ncR^pY0GrRt#39`S}@HIbEy-bAOyg+H_Vj(NxA&en1LJddh&sd)l
z?}%WtwCOs?{O(!d#l8=!PJYmI_)62U_nVG=&~)Mw+?JmtcR_I<{F|343tWeGUl)1>
zB7!^sascrv9^&iu0|yTD2H|V)C_dmq1|X3fC4O5;h?OV-;J`uK^Du|#jl}VNiZ0-3
zz_o#Adz8o?uM)LEmf0ZhC<239z_0>fk&k<o3iz+I!B!fuk@&)pRTQ!sdakiSR+*3s
zVOvYFT?TN=ZE)2k;Z`6Vj6x}lR>Hfivb9{p$AQj9ovoynmn=NCy~`-JtD((1Y>>;9
zHDtx$+E~4Q*HMraY#ig5DJ1N-$p}~Xz=%&icElhwi)Q{yk}Wvpi`ck*AAW883PJ|&
z=PuJ#Yoi=ug37Raycuu88@Iz4uzUq)d|QO<(S(2R0YS(P++&pXe^(HCOiB}X<tB<Z
z5diw+JJGSzv&*Qf_<NA5(<{!uDgFR{8_h2V#k>C1j$VM&6kouze4LVT+)~ROQ02ui
z*oy^qSOlD`H*v4+=Y1%FCeLPg+f2{~Q|Z=&5={8Yg&iIfQrZmFlu#nLRirIQJvAK8
z))q=0MHgTz@mBb+3Ut3!990L!Sa|ZmcBhn>$!0dslLA4a?3XiHQ|L=;AfP>!n$Q@N
zZt9-$QZ`DEi|NZ8%r0q2ic{isPiyOxI9YwyJ);v_W18IBDr0s>45S$<0BTbn-3w)y
z?3mox@${(LhtebT%*rYIrwo-Ny-6O-=Jv|hE5mId_JL4No7@FWLL0lLA_UioE*Xqj
z)x-CXP9Pgkrifkz(%A4Yu;x*M5_*cLdK8M2r^Z0GO=kcr##!{0No^=QHr!9ECI^SJ
zr&7boObTSoP*O_`sMrFu1{%Of3R<RkjA(;;c{|O53ebV_tzN^c01F#VWvFs671Dj0
zIy_(-zn~#b5M0K31W{sbZnxiTV>hhRo%Wk%4aF~+UyP02N#B|YBV1fzVxpGJWRq-s
z^{z$Hr>4cUbsylMy#~p%!mp!3&D!Z@Yo=GOn{He`8}!wLPX}khLiMUERSkuzhD%lJ
zP6wt}t<Foznd;|1aYa(t-}{nsdfdEYnGYS$3f3JIoT)Y|LsR+su8YkV@5!$*S~JTa
z!+5lva+%cbKNz(G#MzY)seJ71F>5D){w2JM2=vdF@WrvX=rZY_ALyT&2vGX>6sIwi
z{+U!SZqhWX5#ZCFL=fno_rx(9{qyyhR4?vI&v?Hk{j+*0L7O;kl>S*zuGA@EQZ%4{
zzMfLG1Dx(CeuMr=HW<`wiY~M}B>WEg7o_x0N=OF%3-v7HK(@Akb{Ahj|3bWf{tNUk
z1oUrwFa-3ktBC$F>SE)Gl=iWwoUTzV)=ms*aT7s{1!=)#FD5t(WFI7xZHpmgGS$*q
zPX^62s2jm=iQErKcPz?;Ra^+<0ZjH|@*pN1m^_5Z!<Zbvq!W`aOb$X43zJ7Mk17wP
z)ua(~-I!2p4`c2KCLhBj4vB_caatnFjGF9rp#X?J(||b12YQKmsGYz(dea1EG0o%4
zX>UP7Y0k3db3=vN`%Z^`T)l=<pN%)7J_C&U3|x`$?|o?isgH5TG9Nmg6|6fbK<Z;u
z&PxON`bYDR_2(Z|^J^R}usW3ffU<!T(T55rzf3Z8KZq3$bxqt#4TwN=JPFSYg)VQ8
zNs<y?zUVVP#Y;u8_w1tB!(x9K2t3v&>`sh)R2cI+gt5Sqh*7<x7gu6r2{IgKlPH10
zWy8^xD9wik;soZ)C1JVR(T^*Z)`*(ep~z^BpeuG36kruBS=$s#OV%_=u_873m~e>-
zo~xi};kYD0G2=sFQHj(E39n@W$b@=O!={%-VzXc6qtgE!$EdigchQ8`LFUUSnJ-_`
zoGoT$nT+A4R@OXdn8WgtGh?!yk~PB|E2W~zOXo0R6YopST7*OMUqifq6U6(<$pan5
z7F~H{jM`VJ_zsd_|5zVb-7-wVmeCFk@+#VM@3t|)yPLWhcSCa?O7d+e$!|5p_wX}D
zMrIN{2>18klWj3A7XEX&jXiCSX`}(bDW{q8kygl~l)jC$8M)@ka+?s}!i4x1cl#2W
zX^O2&3K$`gjTKp!M6@n}B^8yEZW4nOZZ^P=E~<vLk8(AFt51J&2^@+lN=e%|C7D`;
z);}Cq%~3{WY!`FY0CYQt@(i_BRX2Zi{A|N3t#7qouDR>0<G-H+Mj(8;x>lTQGNlOG
z(t>lvb)qJRPP8+ov3Y__(L8OZ^8}`_%mgTMd|tNW<m`-<Q5A~G8g%+@EO3~z1{ngp
zsr&&l3o>RVbvR`WyF#<ee&bMRcH6a^Jybri*WF<+-ld^rY{@HJVriig%S}v}{@CqZ
z5WRq|MnLHRnI*vWq`HOmq#svQzta3y&*Y{0Gbx%BD(bID#@{8W{`52E9m{+u)xW5j
z&kBw^_V}_?|4OsH2EPMP-W;@iCS}$!Gw}FF)y-4mm#Uj*1WzdZqL#02zEr_(KCEc|
zH9q_=-&JA851HxmedmvzKah`hT=T*$E&PQy^jz~bEd7n6?u*(ry#FmGzYs#tg=h=L
z(_cBCLZ7rUMZv0^uV9a983jR1XkWBhDuodwX#_c9%%g|UBLgD%7^wE>lA+m{-MA4^
zp9WV_vM)Q9$@Sr<$uFeSs3Oko19{HjU||ZR&oZ+oyhv#>AWzvOHIwIW26#op8k<3m
z14Yp96EcAwlnm)b)z1LBPBOtnFmAe9csV$Hjci6jb8<p*aBa&WV{)h>u5GH8aaRdQ
z@h2n)*A5`AAk~<XPux|h<5(eu?nka|_2Vj!SW*DzY+SZTp*(0ooBY`t0dQBL+Cnc5
zO(m}qP?jW9s{Mq;wI!2lqc~458#Fo#iY`z}-MF>~<g7Qr$sC$I@z6Z)>Vhsy#?R+5
z^3<v9SWZS)8C|O2RU1j?n&@I@tlYs?aUoN;&0~<UvDJ0xwBc;ERpb-U4-+igd`Z^Q
z=7a5E#CI8P9)l5I52kYRNLI^rqrDGYVFcGUIR(jlcHF-N>YE)0k2JVb!O6$Q&&G%G
zdu3KG7Y_Uh=$d-0kOR*M-kR{gEnEGHIO7${mY=D5zWYkF{R@2`G~Rn@?Y;|QVQu>d
z(RO{=YJ)Xz+$>IRT9`H4hM%kRgZR3XJ*FWSD`zS_9R$i@ap^LKODj=^OBH!H4c}zA
z4mOLj4jIR!5fZ(^8XAg^9yCVCru$R1e-uHUgk%9Wx{<O`tF;>qwEnSMK6j5JX2%$_
ztQ0H-zi!95Ckl1#rz@sw?)Zlt=O+HXtsu8wXfMbeg_?)*2Tok9&sU#39sIdv2#76U
z2$=Q2?Eh@p>N!9B!cqwB7hlxql9&^`mBy3bVD{Iv@LE9FzF#bCdtfGrb!P%X`QG#E
z&#%l!9=JxInAKYMi{E^RJp*{C3!obTbb|qktPLOkmKW{?fK{wnUiK@OGKw4nW%xq7
zHc)t08D_;SHQU$<oo_L)WSugGi1d`X(d~?{%-B7`JlO86@0Tz$PNRjxQi|-c=;BNv
z<5xVus{A%q6|gZ!(}tL}tf)=}Qz~j0Zo!V|EwUr}D68^Y%wZ9B)Ws;6rXaxSAE%U*
zRaq*W$s#RmfmO|e23F-SsWzHpQnF@{V+9^4reNCrM;3OjY}nO*6a-c^I2epclkJHG
zxA`o<nQSU1u%{7bHg)Gl2Vj_N+z5;aj2p#aofThvCD{}}V7+vEfx&n5h;2(!_ml`*
zL$XhSD&@|29$y0SvbAe$@GuoXd(lD);7jl>b6|Ti6u`ExkDsFo;5!e0>ESPTUar~v
zb*=`=jpF3?g?WvwGq%&po#S-Jm|yHBcudHq%26KkSwMSXCW6ALsf#hw@ixjqY?ziD
zG5z>$nu_NDJMCwXfa+DwRWEQ+ZCQXf{HVI^YoO`0nVL@9r3!ZQVMSZ9rgQ&=<rk!U
zwDVSLI&JQn4tsn<P3J1oU&HNBaNgYA{cS)HoJ4%9fDZq~xchA++tg=}v{NV8dtiAs
z$v0S@LEyBJu7wCVy1{%7H`t#9`Bs)@ABV5sHWsdWm$mJ{WG=v|ZBVYv#exE+5-3^Q
zv?rIWX|f+BXjq<0yY(cu^-+!+8*saWxnh(sWz&&c=I)EOiWxt!tZ}6bgbbfe$O!kC
zI-8}@WxvfwxX6m_s@E#zMVmD$DE5`NT*xqO=$xH%EEgqY%!7vYP+4-8O)a-%O;e*)
zsth3`x&$X}l)n@I1uHhp+UUDV^=+83nvZ78ZiBeBGd38F)lMEeKBQ*kQ(4$|ZZnU|
zu*b&OW8U8Vpks$P-S7#!$zikZCI&~PCD>>LAh5xP?jvWi;#Dw^3FIUuJ(x6Lf?^**
zTk3V$l#js7Fs!D)+p*o)KSaeL`MPJ`h9U4ZkR$*vu$gre6xrlZ(9bQah?}#4q!61J
zCV#ka3A=M(`w@Y?<7v`2mWE$zdwvo&W+iR1l#6ZSi-?7a$p9qR8_dzMHN%F-U0A&R
zk~#TH#O`@aTt|z%0Yz_P@r#&z4wCD4o3CMednWTbUS_H83u<ODO)At#15G@F{UW2F
zVv|kWrTZm@v0wy~3?^Ajii{~`@XVBhF=Lm7momXil7*Mj@T-8K_A&Uf?Ax`#4Y80c
zY`P(O&<z0zbwl)Ak?`-5)PsHl<BnxMlzPw&VLU51?%3nYQV%*FtQ!0dKzVb}GP)s*
zI?!=`-Tv?IzZm%EgBM!!N8)+qWIq1!e1oHBRvqdt$y2fAT;S}}`Dn|nmfx4^si0nw
zS?~<qw|L!S*SUdnC-Tv@TaEk8>mDQu>x=6iXqR-?JziqE2b8nR+<XTM(|F?944I7Y
z#7>(mY3_2F=R5I%@5FESoq#Umr@oUwB5*_BNzm55X+S}bO7=`5wD&#GWz4+}hAsna
zfnDxKCGeYsL6-@fc;2?9FW6(s`f*qJ-EP*PUK6VqS7~&<G07n%TF|b>p83$|HBqD`
zVTrno)sHKd33EhE>`<4npj@%Dpa3hWWNmZfbIF>fCrk+$x=h3dgZ9v(3rve)xAg(K
zOe7I>=rU1UuS!`WVr*TES{jF~4|gw-n^X*5qKpKR@sv^yl5x<c%arx3;b<nxxE!7R
zPd>s_m$63J{jDk}_SVMpN{W5elI9-`rdB_$^WSp^$CTsAv81|;1?{>H=0n4JsIv9x
z3T2H+$(rRHE2Y}dWh$01YZV-t|AH=qzP+E|(U)63W3?a680a#$X~w`CyKGWfj4oq1
z!i@8<%-wn;MF!pQ#-1t^y%tnw$X{dWYnZ%_32G@0ksOVB)OEWFGPhJo8CrtbwWO$N
zx(r=ZlyBgRnJNl7gSSo}spE}({EctFvzkmGF3(`%u9~2B^(`#^BqpDN#I9kX)0r&=
zhf*?Cv9QONI(r|)#@w8}Zt6*;O+7)$itXus7ISFez6osw1rdj~Vk#_KsPTUBldUIi
z%NqI$AgFzXD=Rnc1_t$JAvf?x>W#T+>-KKMGSr(Qr+Z7W&%MQTxwn9O`|g&)`rYUm
zZ$W?imb2q$hw_o#=v!|=cRN<u-tx8O^a1+X@qye@sAn+DncjjfZ!Fl-GL@!n8PCx_
z?s#rG*jv!QUR=bS>n-S8Z{eVKwG{4T=+I7>TOCCnzLkuAr_=?5#Ef6K0|d$W+)=6I
z7BZ#=Eolqci9V`21&h=nJa_EPz}cD`szV{0xNC~bnJ}nB-%3QNI`l&>!Yx`Iic)px
z-H+5EYugzgLwXLYgcxi=ElM4-O!=kSwM_Y39V)Yl%<hVVT^%yl2UUkcuIf;kp$?TV
zL9jN3Jf~ot34?I`1F8;%Z0b;jO&u~t@=Rr-l8^Bs6(Yp{|E5A@j*4w|-Bl+umXN6s
zRV`uOs`z~IU#1XcDl(N+CA#&qR-5=})`Z0En>C1xl(_Y?w)~@616B66%^E1PD<*rX
zGVAdD;0Ylspp&VnZIW;3qr(VIhKtT}&)KxvS3r<iP^+DEankKDnqyA7{~eV#`G=@0
z7)&5HL{v2iakU^elZ&Q%2?ym*Q`3D1P``}mo0=~965P6L<_Dm}W{dcPHtv;l4<cqd
zV)h~?pTp!$Ox}hhR$Z(eqttDw$a)z)aGe}Y^<xmTo7I@n$XTp0b0^<=cb&O-wdjX#
z<=Xo$Af!DG$^_lo=At40bXDVbYR;eh_S(Ywhc7l1)*mdaI+X8z?Bb{LE0d?ormO1<
z)my9$)BkTY<;(MrEd8-K0_l;Z*+5B68B|WTIUP0CKQT>tR$AE4d3pXG%Rd%BC*5{Q
zwS0HCrdtH1EpW(dF<UBcI)aji9@_Uh4(<E?2qP%@ET^OUfio-Kh#5hobOfb9(H1Wr
zLF86NP{IfzDvcm=UppM0rl+iVd=R>$nV&&o@eJ?DWOH(NHlxO57E4GzWdy)vdzxIs
zhHNo6xi}*rvEG=+fi}-~?%apG?S4qQNjqi_LE;t+h=wdpvcs@6EG0k2lh#-S5B;Gf
zFryo^^Akh>ofr09C9uQ#&INW@(;z^{Ss0GvS0wy<UpkIqIE*`%`OxvKVBJ9hhT$+O
z=cVKM`tFP47l-m|9Pq3L{b0F8ZYLnA`)_cp^L{WlyB+I1vELRM$lSs@ZzF=2Zba}y
zFZ7~^IIWEcX!$F;xZ^()q=z`|j$X-%uW6mm$o?(2YizV_O`x%cEPGG1s1vvaSGFI+
zFhI;5r{miAVs5$XSK>HuYXHZ4QLf*4(2KHt-P~3H9*n^ZbYZiTnA>Uj+tA2xrsa&k
zn_=ldhdmzc3{M_uhv2-Kv5`|Mk<B2d+<6Ea79kAoDHYD8(4(95&?YAs{D>#e0(Pd5
z9VaPyq!Vq;Hd%a&ee<I2NatFRU>9+u(}GCBVwQo4IgWa6GmhMNXhcshnS{>upb-|h
z`v#u0CB<Ff<O-s#Wl55bSCWoZ(iSC%MOx()%|#jeZ@^7!fy6lVxnka_&tqTEK3KQ!
zQhn=%szUt(SLzcNCh|uU-}~eT(PMc2lg1JK^zJ?4WJ3bOlCo%ZwgaC`qoq;nCc`{n
z)LwaVyBV1Q*#d^jC>fo>c3!lMc@G-^b6aeNA-tvDL+T`S^B#6#m4lGXKPq|-iyAR`
z4wG(7=$6_em>b1p7?U_83mgq)5f*M@YL*mX;U?PuCE`3F7VAPkt-0g9nzJY0U0aZM
zpKmD0_ZDjQogX+qmap!x6d&MK3%LkqeclzuNzoPbTxh5G+79p#tq8+O(OTmPxTDyi
z(N59yV0Gfj&z4THu=@b|ojU2E(Jg1k&JLdY_=Ujvr}L2m=(*|?(U(Ol?-x78@2zJK
z(Vs;hZi5!K8ZErG1N~2(^z0}tydNOGIl-Feh3K7{S4a_N!06p_E3c);N1=q4o2@iM
z|GNxK?F}$*R}2QdJGN4nk~C6cGO34?$q|T(0%4MqdNi4Qax68BF%;phA_>A0(Q?D-
zj0(Qxq#jHr`?Gz?BtdVOz8okY4Y<wZDjqvoUkkA+4I##6&$41GD*#N6VL~v$%~84p
z(aY6AI3`X$jn9DS3Hn-ovehZS@qWllSo8Ckd>NB>G5I@8kZY5FghXGKgl-|8V_!0r
zg9zxS#z5x>^l=c_aIC}JcAo5kjCK}Q<X;GI-q<hAhJ`?6y6W!f+U>J`Zy+!$N&cha
zTnMr=G&@^cTp{Ei<P|VGyBsRyYc~}98)rQce|XL-1UAiJZnn+@ovvN}#=%z)o^3cs
z3blJd1cRQ!mHz$WTm-T+G&_5zRekx&H-=sv%GbAE6oKp&mLD@f!q7g0fZXg#17Ln_
z_A2F2o4pC-W@X;I0~J=Y#@}Mpgxu@~x0=)QdttA!(!>dJvpYGgHJ&H<a7q3XqHR2<
z%PU`g;)N&PYR_-$DwH2IN2QaE${dVJr^qG|=PxFcZ^Mr+@hG8mpN76F$>NGOu>eL8
zLaB+UPZ0?Fu7}J=deC@A>9igmniz!x5~`Ng=t3vx3nnNc64(Z7EZFLFst@AmVPpff
z3BDh7SYzuB1tAi`1jRd24~gzWVV=OjXhDzmr~5FHQwn3v>%JU>Ez!de#-F4hq$(``
zf1>pthgeX09TVW)z9GF_QB$OENMYggS-f&Rz=$wGBNJQH&V{Z^``DM>M*an=z&aPS
zpF=X^6-9B@BZ<CiwSp*qR=6TG6@;dL74E*~^NXH20g{=OLfsu-tben9s`l*grP#ff
zR_)6R%YWLi?w$I#>!(AJmsh;7;!ML^r_OEvM(fvG^T*V}j)6jGa2mp;?|xzTnf9}u
zLS*A~Svma8hWw45ys&nrTv#iA@%Wp^-->^}Coj~^1ia#7;@Lw$@8I`*{7P$gp|u-`
zE!@pSg~mJIS@HG?fIm|`T~_h(qc1#qE>I}j4IgHs2M9NWt6Bde-^n?z$LpC13S#}W
Qx&vOIw!aeS4_zt$1EA(an*aa+

literal 0
HcmV?d00001

diff --git a/tests/property/__pycache__/test_scanner_behavior_prop.cpython-313-pytest-9.0.3.pyc b/tests/property/__pycache__/test_scanner_behavior_prop.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..f5f4bfaddc9345aa130c09d24694e727349b9047
GIT binary patch
literal 39933
zcmeHw3ve9AdFJdByNi7QSbziwf>?kLa4B*Dg5X<(%$F#U6i8vY5@o<zFM%Zp8{CC^
z0E$FxS-wkBR7!WE66-|kQZZ!fO2FB5VY%wgN}OCdS9Mo)&c(M7L~%V~>U6P_oboau
z(4wQ<rSAKCrssj3#Y3iiNiIX8cc!NwfA{qC|NW2dnGb~m5{?VM8~IG=2}$}PU5JC<
z!NvTyoRajil$4m1bR?Z89L&joUB}(BGbSDPFmH_RxK30Y_c0$ocb@PwKjPdc0>>*^
z<?$d3@^}xfLoCeCy(c2at60_XYF2%`hSeO8vgq+zR(rgT)g52ORvll>R`YZfC+d$k
zum*naJF(_?BWpaqmaRSB#F}DKf4KKSL9p@LD)l$xuXd+HjT65thV+MwbmFX4O8S!l
z+&dy-j9=WVOa}KllA*n>-eX3*I7^1tNP77jP{wg_$M^*;<?D@<t+z_lyGZWpWX)bD
zsE;OV_qy4pvMHm<y0Z1G67|@&Z?&m?ZS@lRqkfH)Z0K*;=~7$BHuKmuh;1~*#(C^o
z#5S2?xA53?h;25-KEPvRh;7-4(MAW`%HvuQw_cCi#^W|1ZlfNT;BlJ}*QUp{4>{wT
zGlL-TG|P`>+1QnB=Q473FgBKz$K=@gJc}g<GPzuq#m;3fWG)ToSt1bFvgL`)$nanW
ziT1^Mv!5FuX4#9`95QTA?AVH+i-MgL?B22^5D;a@I`_p6j*neH(&2&3*l<1<%QA*K
z2D9=28y+1SzLd>nWjXLL;xf4_u~C-4G(3pP$F7WK5i`hRGu9%`XNE_{SvJP989ATZ
z8bkS7u`D|_&T`qoz_}|tRx~B~$ib5*V*~lzSY|jEJC`53z;Eld<uVtuF?oy)=Z1Kt
zRHC&O?JoL4Z`+Q2v12SVkUc*>g7yrt4El#!i2vg`d3<y<&&JTPEGy^7*+7;z$!MvJ
zUdFx8jicWMWxV>>#o^1b{P~zs0(C?A61N73T5C(uu)%Ru`Aml8P^kJ`vzdVlmU4I>
zAM7~-GN{{P8PIWYbR;{L4Gib-V8-(73Lg=fkr5L)lub5wMAyC;I%NnAl~EKmn;LSS
zH!e4DC2*#MJ~b6RZ8cYBEH;9NIflLi)fkr6UK4bocg^+gM7<eQmKli|^p1jzEW4yX
z3hgll9zD+=IS5q;*um3}Qn%-_1N@;4%dwF>2pAmK20<)?8<#LD@SM~kX6fR9-e;p4
z3Ho!^X-Nd$qxZEZ?ofP((TACHBiXo9@eI+ZSA24Ij5<oj?EuCeUaq0xtQ_|#k;9|o
z2id@d;V}@0fv(gX8I}j~m$EE7*sF~urRwxZW(=?E#lw^lPfBSy-FxbZM~@usO(#>Q
zPoL^NbM#2M_h|A|s`v2G^qHqlA5AJj(fl)bhDs&12r=h}N3u##yWkH*3D6bl8Xp-0
zd0~<5^vL+oa4zmrqSm+iD81B5^swHaC()N`WQEpk?-9p&ZxBJ;tvF69jvmEvT5%*%
zeC;#T)RAF%ER9Km8bkfyQhXPOb7^^aB8#)kW$i38GI}9%E;}}$aWLv(iDpKcbLU$T
zyey@pUh`eV(Xmtgkv2%v4tgdYdf`WL;*e!Z9#gsx@9Xb9diqp<GM8cJ59bH7{d`*N
zAJyhcewmihH<%#PVuDQ5?ZoI6#rNPy=Hj`*OgAGs_TWz@tni$4ZTl;`U)ufUz4N$|
z-m66rcd|PCuvHY%iD25v)=)$vMR*XPo7|txUXc~=rOXIs3DfO$blbrTuyg}u<K1uu
zCr_gz`t)u{NnMVlV~z9~U!TTCB&pYpWDAZ~y_=%?nPB1@Ky{C$LaJ;B{^k=1x*hAK
z81Mb4^a$FWbDVLe9Q#4SCFx~POnNLRNtH-3B<*&ccQ9(iw1mg(Omrw7KB*{<F`0^t
z#hzm=_*MK54uL;h9%bE1qv+ejgCqHY%!u5b&~HABwDM{MKYb6KU8sKQt;E^M)U}rD
zJO5Pzr++g~4gKdebq>_#!i&i0sjxT#^kN5o`1AiXuaiGI9`I7>nf&xQ>4kx}tDky1
zaq3p$iMJ9@yq!2Zi_7p+Y&~ud;7>n%+S&Z?;N)egUt$j6L*PQ@N;;W4>FW1%Ig@TY
z2siU4J^dB^9*UtSm-Hqpy4*=0zvoMO`~67i=T`w-RrY%*72*OsE@+9X<Z+>7u-}9D
zFv<z>m`E}#awa4CSyg{ke|5V9^=UQt*L3-k)jUTuS;K0FD&kS4`e86y%uw{Mt8e~$
zr$E6(_rcgGp9nCcV&=|_Jd?Qs7K6lcYyqo&W*DqC6XP=;=5*rM2_>w}$!RrWKp&7O
zoX%+o%vT|JSvp%af?xF*lGHKdVDx5TB6Z8zk@NgQrfjj8I%s_9^l)x?ES*-?lr$hA
z?)4&rOb_chskm<IO<yB_luG3Q=2${27+{K5o#T5f1QKzaz^yp3zG1!QhTtw8;@!!r
z10GZdd&g1!#Vns5IrVt;_aiCmMqp`4(A1k*WnF1&%=c52JBr{r>2`R{^{!iuiJ8X4
zY`DGPYgfl9-bDSNbKZ<roS+%{4ZB8c(0bm<{79#)K76X@%)v){z-dnP9)9F#@=Wi+
zGmoC?nRf7Y@Rvz@7Ij0}vGl0Msl@DlMQJN-ifzKPsBS)t0Bwpi--_&>iR>=;b}!N#
zdZZA^9PJKF^Uj_R>n@CqjqYo2=X1sdaHV~FI`(w1ZAiu*L0~2}%vn%2H#nLf2DVjV
zrBqr|P_NBbBETT3YAZxG7krzSNgHNTC3G=A@L9YBDn7KQsfpL9V?jN2TAeW4%aB+u
z!_(AcL2+{-5-a#(>d5zrc3VdKM;s;<s7CP|eC)`sE-|<vL|X@UbPzyuU@V<6Bb|+<
z?XgLgL0S5+Sa&P3VJ5Pn;M<@!#4j2mD`C;MT5nZ@QFDBQkvKAPE;I1i0XK>g2aO&6
zPOQa=`PFWh=pUqZNcnp`V1uq6MVj^~eo?-x_yp8eyj;RT<pdMb^rp*WnTw-J5S0_s
zN?*vx7r=LDSWmmvH=iC0OH=S^1Tqm7!=cV+HG>-Z(;vR9Y_RF4l2n6KRuh8fq`N_>
zYE5xf{bc9Vxng6})S)?#t156ua`^+i*VsNJi`OZbJ4qJ8+!;uxFG7d_y=f(wPJeDZ
zGosyzq|@hznLGy8kj>?ByCR()%n#ti1w_RjL`jN!aCl&h9mXl2GT5U$lEyM47QzUi
zFd8L{-XTW4&O#JWudvS`Q0mfYbR6WybY=`d?c6w^SURn~CF?0w3kADGK*h@6K=8}b
z58RL3aXUQQCgr;le(rc3o{lN^RPx69sk77JJBaIevx{zZ(5*d%w%v5Ghc4oi?#bk9
ze!7m+b<5P)jl<Jd=(>fjH%=X<{2OnaqNt5`ynavM-RSD;u9x=S@!<T9S88awp8Sgc
zP6b{0q_rC+`zL#D94TzrGt;>Dj-O%!QlR!;CC=2YrzQ;GPd{iJ(lP&^5ZGggey@fF
zR3uRWB;o7#_Im|CHz5f>@IXLE5|y~}=(!CfVZ<3o!drqQv{XP6;%s?HqCp7CM+`Yx
zLlmQE<HTtzqR?h9IVO*02ZqlN4_L)PpbSXF;;kT=Q=LIoF&EPC#e@<uW<WkuT4puk
z(=_B30~tzHdO;ClCcBKBW;U&k_|~#b)G>!lRno%+yNI>l^fjr^pV&To2!R!7=u<Dv
z1}_6ObM&K*|3iqfkZ>3g%BJ!pn1RA2q@AbX12TL;PJ;#1>lLp68ZZLO3mK~V*0-0Z
z%9iI}p^{EeKySG{Wz>m+%d^KQtsO(>Q;o8@eEn8#{&_0raSF;;OyU5SFY&wZ&`=Va
zz>Siwpb1aey#y)7fD=PnWn5oGW{uw!BT*~AW5if3qx&O0KSEmUlL#!siY8}eTY0K&
zc=JD_f<8q7^&+!!HVeC@sosUZ`8}ZcWiZ&B+a#|#1#*Tk`2|TD$2&XvM9SSuITjp!
zG?@93@+KWAZ&*q?Q=YK21LBtXs?RIZ^@=H0MBulNghGDwLQq|J^bxiE=q1Ty!I5+)
zA$D~@pxWybbjPHWt5xbFM9z<tH|0tCXq<}QKGFd2Bc-=C>EG)%N_Y%Uo<!z85^mL$
zZVp8P$w0D_Ly=(5hpyqlZHi;thdLbD#(I!gaY22cc)0dp+NXppV@mOl=Z2wtOb-t#
zZer|;5BP+u#+2$(z#cTCG(O~%fWej-HFDam)D4U?2I)x$Dt!1VwW4M@Ehg>kpi(bl
z)iItHy2nAKb}T=Z8L<{3vva6}4IqdI6=1yai&;{cDc;QJC=ef`C&~!fDuENJLq~gi
zj-EN1RKW+?CRDKT6rB;yP+TL~90wcm3OfkK1}TwaSaGs3nQ#ihF&rxB;P_<gBCkaW
z6#FF<A%7RabJCr#RJZ!7|90KF>(9PZmw5i@)q}-g-L2r-nc&*nRjtL=4aL~{$wQM}
zlb@Tao^oB!6&p89_D&v|a!j>MMGFnvZa2kmHFeE2b=}^y>(-{8nN2;nTRLvF?3!uW
zRcz`i#x_nqQ)q6VtM*sd+;vrk!gKXfXx*=m6gO=yZrn6g{aUIR-!k?1blvTZo2S;z
zZrn5H_cVt;kUXKtT%)wA{q80X6`PB7tBcV(fW=}%<6Nbe(4tqMMVjKK>ln%A>>>p@
z3i1>XKWD`0*yku9G{_hQhbbWWk+X&6!az1gIr!|pp3Yh*AP&X@s!aY(1O)m%NuZAd
zy=e~MIJyg2fnP`kexW6S-$n!Y0p-~MzZMhl!?_9g(N!t%qgWOA;Y^(ysTnk&^+U``
z|9F7ks?(apbq1D_&q9}^p}uLfd1AX2^{GYy*{}+f*Z~rZu$P6|fh{Zn<y3x5%-zD;
zxR}yxPo9q0zKLAySqk{zyKhKseVKaAFpY*a`;w^J9tXAJ_A-?>iy*YEWvH=*XWt@<
z?jt<gSf+9-Hv9Kf>&J@Cx)!6O958#6$ht}aA0Hn(6x&jUNE;mX9inPkIE>Ja3x6xX
zVSSXIA4?!El3n=Gt79(_1H>ifJE>R4UZ%S`3hULemvJ}g?vRq6y}n!pFk!V3FV0dG
z28y!5VO|Y~@n2gUR<SG`=1cm3*hnQ5=wUCQa`rDM_?HwA24gQ#K=6otg#r_ZVZT8U
zI&5K+bjkVS0=)87x)Gw_H43OR;=Zz=g?)_@eI0?~69|hdx>W#UfiUrM!>I(n{6~~0
z|1JXHmtYBgxxG4GTo)^@ZJu;qADi4h`S|4F>xts(*kldVDF-JrlgUC|{C2~}TMZpE
z4IQ^zJ8!ifpJ_dQyJ_pKrp}qB&SFCca0U=defa7lcWR~3Disc0Kl^rY(+`48%L6YB
z1YR~Q54^B{L%p;BR=h!R6cBgPVa5KRE39ZX!3vz4U<F;3!U~F2VFk|AS%_LNfIs~Z
zui5;6LDXXUq@=r_EKnY92jUhelTN83>BBu?kE-aeG+Cm^iX}8sLVskA3-S`f$xuIR
zT>TN01K%K6z^W{oB%xEP?yv5zfpyBKX|pQ&qp(iZ@Eo<tD61Rt#cP#Xi?vzSfW^CL
z;>0JczygN-tZX*+XU>no#X!g+<g6g);Q*q)E-KDY0_S1UO7p}6`h<t_o%o~c`LzhF
zHmb9+5eFjqp=oU5PWB79Rw~m*adDUW{t}#FG*in|o-SW-Y|>=cJ{_6-kTTI!z;#J)
z`<jZ48*lpR?=wzmv8BO`QvM7i{CrT#7F$|uG0LA4QTGv}thcS&ictQF>ik#{N@sa0
z%HfkcMAXj_pKP`z(FUE&6Jg6jC#2iqFIyK*%tje#dL%nzC24<lxCHml!sg#I(Q448
zy7`pO022Y@{fCt{V&qT_wZ#0`FaoP}MzvM68L8p<qRmAKF~R7X4EY1fzX1U(GGQsQ
zt{CpPQG09q!I|v`3mu2PyQL6(Y~JOJK-6|>qBdp^UNcQ0@m0%^xD^*{mmiPV{ac`c
zQSdJQ<o|$x#O~vF+)mFX60@iMpxd+QO_*KqbI0fKd~DJ;j3+;<*@YT1fIs~Z2z8!R
z4yA0e-veh=FB~>}N!MOizaQ?NV3lxx^}-EQD@6RVK-tt4HmNI<J{BDE#{<fyGq4sO
zw75I+;djL9FF9NRE;I3WfN$J|bGdGoaGtwAj+UDD8@wBTHb+bDx=3u%aOX4}Ef;k<
zg_kLq=*#GL?l!^wC|E5nryWX=yv4GYVRRiqx4E@vLqCLs_+)aV!aA9xTuH}X2NckB
zmmeud$_Z<)Gv_hX%V*Ev(K~bA#TCg=`s(70n1-AZ1Ql;Dq4))d7&7qUcGExMsT-4?
ztgsV&a=w(qHs0T-i$N(}37wx#1@@!H{C75M^&WE!J`d5WMv&1<owne>(DtM%;V|Ys
z`)ZeSr`ChXioR7MVQ;-SGky)%F{*K}(NYT;P8J-kQpzFvM^KkR4JO(MU@bVzxlTdh
zzGP~@s3YlH5&g{;N^I%x(@g=Q4!s>nzZ7MqxzQeolPjWfIlZip2A#U)^s=4{RQZ=`
zODZ6GAQ?z_wqYvG1x<O@EqI8yq}2oVBN+@lXg8J-AKKy3>j{(emW-r=9S&Y!sINuT
zVyd}S#2LRBK_O9!_|0NP#sNppf50*N+je#5f0zpM_vkC45Ahzs3}C9M+<WB5dsKC{
z+w>k)-}fi1!yQ50vfd*-7oKqSKfN6*>bsS_9bqxfk~Il8AFUD7$gzJrqAAxh--KHJ
zCe)=O+M5tu!J7~il!;&UO&I-+A$N<kRT6zN2)uFL8Izi&82%k|^_)83YL?DB;;SZ(
z*}#?9#c^X*gSy^gR5;%AwHD;SVdeV??t%m#3!SG=JCzFL;@;_A)!`H_hKdso=#GgK
z8#j+$>5R*PU(ils2V!*A5tkF(;u-h?76tIA-69oEv{YSjc{8Qn8JFXMFQ`?14l{(}
z;m%uekK#g66m(M1MZr!Ac2CqFy$q)mTG(N2QQO3tHmZ>q5QEc~oEge)jSc0;_Ql#1
zN83bIpgSXDX~GyMYHwVo^7f)B9U9$&UJ#|W3MU%9Xeg(5hf41rkQ#ThAK-^6L^ev=
z!EWPhqCqFm+P$&153K~CGuR(dIW?*e6=_=;p#sG_dWF2+;r^N#hT?<~lY_4<yxG__
zO2j)V@Ch{)-1n4f?oJ0OXOxi<H-i-mLEKKC8y_CQ3I{mSsvg@)eOkVdA0HXyNz+3k
z`ExMya^tf<EoaVSeZwe~Mynb!a17+Vbx|Ht!Uy>&mVa<CtVBf;xQ35pa(t~vyh>H6
z=)*^agg1%ex2Xjc)B?EeE57XI0eA?bmLkPh5~*rk+szld%ojV<3zf1xYV*{K?H%TH
zUFLMVWa>JhcNM>?Q{Q&#;xuVe(tO0g{LL39$+Vb&o8eVQJiI9AE%KXI&Mr?jNUXTz
zYP{TX7|0h=X{}VV{zhV^`ruXX?V6@yT~o1sJ$wbDfvXjFeNuGIWZO*5-m4Wq3PoT1
z)USN%?Z(90q4pblioxiMC!at0LeD*y6o%bZs&05C{8IR;=iSKa7oUCpS?*}~dUP`N
z^)>u-a?MQSfqUeAc$b17d*74pR^a67vpn*BioEBQ+<`Ccx<~Op5vlI*RF`?G542Q{
zz?a}|N4eE_k=uw@OPyQ1)Yqf-rE2l>i|3w9+2_{cOK6&0!_!+ERt#^Ny!^(quRUAX
zv<q&AyX$V()nBjswNG9<IqA6La)j33b5X|-CA{&}Z@hna)ZKv8y77K>vD#&&U9840
z(HVa)y0UF549`w<<DO-AquSg$4B>Y|?H_VK>2Fu}RJp!i73gWMut<`SA5}^65h$q4
zYN>xvlBCbhnJNF0oqS1><i1B1NRnu~3CEN}z&{U3QpaNgu`CM#>$yHwNpd+d+RrWt
z`%F*5UT!vIG{1&IgXBhLlAs{-s)wnpn20lemy)1TzFr%-EB}?0%Q}Jv?<{-#1ke7O
zNrJlnnh1R){9MLQ=<lHf7)pi{E-ssdlaXXqDy&Nr%O4fxq=|pMs5Ig1d0dkwswWQH
zNfU;rp(<F&SecAv!e*evUBa~mW?YhBZ(+Q$Sp-<?`JwZ`0U+(unyg?aG+0W5@Nhtt
zCw2)ijuS(85F!RgkX(E)!*TY9sFg7Ju8FV-^6yb0{~i#MScDL@5e5a2Rn%2tE(7rM
z8Z3o_JodM!wgk?zKc;^8Aq9j+*^ek79Iu2dO=f>WH~y3YZqxf;boL$v+?w{6bVfEV
zS`|ldG#*(TZ?nIq96zRjU^c_6Zo%3++538oilld&vGZQ@#ZEbbv;shDzbcOA`xcmS
zv@urF5F!RHD91h`Y+hK<c0$QA0-)ro`-_r`k=k34)|p6a!PoUh?zJ3#CUY~9u3J9s
z|E#a85NXvf)svgPuB+pE+>CLB8>Ok=Mwu7Psl^piPv-O+`U$E8SucM6`Og=8+pa%5
z6WMmlr~QA+x9#fZ^(*z{CgMPhmSV=Zq8kenzfC2Y6PvE|Xe7E<X@z3PYh2%}2^?>!
z;GP>j@lbht80oB)Rr(00H6U0{#249LQP$=1xpem8=-8FCX}za$zrnaqYs7Oy`YlH0
zNOq3`H->_(ck1`)E(K(yk;!EE%hH^)!sDB(k-U|~>b7ESXK{7MT!q`~oeN0b@bw)t
zp5{4cy(cj5lDx6`O5C^;#N}Mqq8Y-TgppxBh)dP{PjwIAPd|h?V%`ag7PD;i>Sh5w
zFBG-?fuxJux?D*wEMJvS-NG3JmM=Ji2=j&bWmteL>|`q}4U3UPDdLxfK5}VrLlLEj
zUlvXVS!5^_4=Zt+6l@&0Pvug^)*WYPql@83&}W$k5S$j)wvV*&hspLviU=5+f0nI3
z0(?=E&At@G6<4tJhp~-?aKATgrGaS~i@WW%{#eX3*9Fs@>hacwLBuv8Fk9-BYSUIG
zs_Q?u+p+(Sg!UrV3vjr3I%M{9O*!a2w3zGM+<<2?)}`D@XVT@?S74`Hq$Y*&jzl+p
zkckiei|)OyTt%N>#GW08Ro4kKo3EFa6D&BySjzcRF04%XK$0$oQXw*x!9B^B^4qN)
zF?LeO1^S4S@xw5g7{<B5{|Z1%Y?>eT?@zMgObCkMGIi0a7oo~c`nh5_(5DM#y}AKU
z)Io+A(Izr*43gQ)pupD5XRL)0HR+(4%w9%rd!t!c)GcyD_zEnQ%jm5oQ&x&{la(5v
z4fZvOI!(E4)$S=f2<wDd=o^pyRNKD784phEI=XN(9pOBt?p(z6-{Muwh<$hxSRsEI
zl=QrZ5iL!d?AJ=2$j@I1EU+Dci<->wtHt#jTDm27+(44DJ8p2!iT5#qM2h1XrPA~^
z%2c@6dxLGK6obp2CsnnhsWfd_kJbrku|C>n`;N~NpQMqgZr`!$;J2Em4qp3($;>;e
z+rHKOH*5!PO|<EXZLK7}Gm)u2wd30+s@u5MUGzCNteQwzRPO-PssMl!!)n0w>(H~q
z9)LYUa#z^@L9I|K6Yo?PoXB*htI1U$ou#-s(67Shzo5%S;d4B^5H?pLx8m15xY$jU
zfvo|CFJ}k!VL%FO4yXxz)22KePICm!TvU6Mx{zKh3rPNiijmv6M%dI<Wgd<4_<euc
zv=5K`5Q3j_-E!To8y9A3AHwRV>Md{XovA*0)q9t(n0{)KO*yWAYPSA?LgJyB`iHKD
zbnSDowH;82E1(000=igT|H|5z*8bYMtKNC9w07Io6Sr3#ys_%r&EIOCU3Cyj=1};{
zI|{1~&PLUXo6&<%HHX5aGKI1@6fV~6ee;1go1h;&=4dIlw7t>%T5}<`9ctF<9Z<7|
z!aO;Y(7y1OE<wo}3PV?G%KzmZP`ZY&ZVCZXdBR_Ml$Wc;L*Z+U2Q54UC(WFp5LIvR
zyF8nw)<u3Q<b4;K$AO)NJNodj>3yBQi@9WZyist(ocHVi=Y<u9YYXRv6`U9P3=Vnr
zmpCu<gRklQ5p`;Z;2XI>Dq!cqAC;b{l%3nL?gpF^gERjfJMK8_d<-0eRypQ^xyqC`
zDjjn?g4X3iXKxcn%Kx?CE`ykX4c=p?x&$)yro!OH6=!do)J101n9d7DD@r(Eqoo#G
zj%hd$2->*1QRi&-?lDF#a6EGK(9yQN6OQO#&X<=%mCn0XM3tTkRAIBngi|w68?CYB
z<4_zD4hg1$7R(Xim?NwkqpM83*C^4R_f`qcEq-B)cILvz9FGBs(FhrG%FY<ZQ?By7
z6pu_in$&mM<9JwThlT-K&tV6@@sW`$x|=sFw%B!W6g!QTY=S2zSO{}e4+|q?5ei6g
z#NI(L?U<-pV4ww;fHiT9&!S3|@bbiT&53{sTQ|&_%(40eFZk4kw%Ayn$TSMr8pAFZ
z*aHt#pU;oy2KU7l7;Q-x^oJnI!j~4Xq(P$mS1DLrqr-WXuGWcH+wmo~iu!_cq$<4u
z*cag(_O4^A>7LG+SUoNk2V?6fx`~22Ai}K1*}-|0Om1oxHboaIr`pIll~EJ#Pzc|6
zpys8+r&h?PmMU-*)XKvM$}uTeG}ms#BHYaN0|j4wv3~PR{evrEQOLjR!CO0zzP0n{
zY~#ZSZ#ces>eo-r>^zF%3XKonUfp)}STVY0CYs=LKJ05MtASNC6u!3G;0@&&l9sB3
zA!+fv$nv=h>(rV{vWpv>1QYjsVCvY^UU1Ky>x=7m6k5B8aqi-blc(h6lrXaT&3{Ae
z?3hC)XWQQk*B#yIws18<Tb!$X2nEjaxY`09hHcg$&zYpWvsv!6S&^z(l!y8HbZIZ8
zJ4Qju^V#t%dpRywX_D@Ax5NDJr-J*w2|o5mVpcxp97OX?l8DX+(0c6vCv$VT(sTBA
zOq|U74?vc~5}y@ONu14)8Eqv_!=Y95A?LS7E?W*|<l^SNrBdtWF%vcR<r)&^KaA($
zyYJ6KAKfc@9(pdqKTGzqj!TmMM1^XYGUc%~aYBz^=vVaGfKtqFrtKRo5C=yzwkd#e
zydqUnpd4W&i}V>rGGm;@#M^BA!gLxDrHEgkoCusx1Nf_irs4KbBwjUfq-Xr%IjmB{
zPQXHRR^bg0gT7rZ?fi?KFtl_g36Fye4b~WdW*UaDZZd@B2+`R1nZbKb_?f99G91n{
z5qUct>jWWzFF;C;b*mP#?Z~7irZX)yyvuk&uz8V#-D~Io6(H1T+m4uM#SR<<n8;wZ
zoxMvb$&-ycr?LM{H{7_<@nMaw0MMI15z+fbmH8)}koK!B(*AZrYg9sK4=|1)&0A3u
zwk`vr;nF;(bw$vr#Pf_qdILHwz(_2PyDBVFjf0)+C)7%lAKG3vM={)qPV+L`Zn@gA
zh-cYWj-j+i1-CNnHmO>|uzi}T*VQ}96Dx#L%PjXA+9-EJGA)OwAofSssqSUP)*Xur
z_(;31rO?tj+q9$LTT_fSyz<aX4{<-T7vyUX%|_Pq^Vj9V0|#c?y7@(+t$QZY4J5MA
z!>kZl&tru{Rv8zw7i69aD26+t>8@m2{1X08*LK<G*5XCoda2hQ;^{f%fM|NWAa*Iw
zwKBxMuEsAxEPBnJT5+R<Ty!qavCw%f_Ik9iarbP?o<fX};lAkY=&Ea%UisonU!0A$
z6>2t5Ij460=0npD6}IdrZ?*%Adb9CbReKgmlsyo6M(}I9-3+jz#Ju#<k;zSQ!g<w0
zt21S#)jZ;@Dpp|)R84vflzRgOJ17{V5~*I5f)+Xp&<zU6A|!tgQ8sqHHEX}R`PI#Z
z^+yY*A20NOYG%#TC3e15p76ZM&WFpn4#Up3i~{Pd1>n+bC|pJXb!JQBd=QsvGpTU{
zXqSF?w6pn9oRl{l62R{F5o9g9AkHrgc?;6oEr$zWIb0=Q4!4eGC)nNirk%ZFYx#%8
z&ho?m4g^np9|_cDa7%1Nzt9Ai8DLnf8SBv(eyUtkwW>jH&1;Q`twLk!M+DCC&GGY}
zg*rj!Lp?FR&F9u-ZC}5b?QAF6&fY>_n@nOP4vB-5a9lk4GKRdZNz7$h!6w$UiKmG5
zR<x!KPr#M)w8L<fbQ>$#uz{JgOBFe|DeE(C2vNGy4=dj)U=$-EN*9v^QP|MTOXlF1
z)E5$QXY>^|IiC@02v+&)DL)sA{;dFzSWlx^6mL3=5@qr=L;h3%>b=0(=S@OU<%$$(
zWZ*IsQMT&6J^}~)5D-mJnSnrH%55vGl;#H9#g|f6MCCHneMTSa)S)#?QD@`=Rl%iF
z8zK}Sv@WJDLtXj*s+U76qH-C%Y>e5J^s<o)y&PJymvvDEK6qX(>QtKY*b1S^h~0Yy
z@ukX$H=eacMO)2Pv^A+p-NVl?j~Z`=y^2;B%EX&NDq09GJ_s(;L(X_~;*glHjhT~M
zLm{`|%NW*))BbZGLK{npSiUVGpNRPusU^11C|=WfdNSRPm!&ffyYD`vbQb{n_JG(!
z{;S9XRV{s<K&cXwJuOVZ=SyUDr?BT#rDPaxL)fQVq){#|&XiO`s7S4q2<0$VwD517
zq^Z$qFf80s_pRl6W5X_Lt?u_h;5?~JVL>Yf*WL=Qp9!v?eB@?OwFz-WHO$JNMhe!3
zw2<z4NV<dMworr<(j7!Oll%q|O-+asO?rc5$fY+p73$I(8S%JG6Zfk6?JX4XE>+9L
zwZEk^64%&P+?ZHxY~!Z&sV1Q<kj_98dw|H+EUj-)30yWKUcwh7sg~B)=yFA3S&5}p
zS7xgc*(az0e@(@<<IF67?dB30BX222Zhwp#U)H?3iwj&Ue&9;#V;M)^CQ=(9d11WV
zt&vO?*S0tPGu4N#dVeI=^%Pq-X@VE_bn57YDjHiI`4g}A1HAhaHwN#~4+&~w)lbnE
zc`^8WaPrx!!5QB!+^LEdqU&cP8@S~1P1n?;-@x|T5SgaJGZ9q=vaatbL^g2AL5LI|
zi}VGO$_O;t4N<#E&Qi%*LeBc8%f4JKehE2i>QVdLT6_snQ)K>Kxb&$QhLAP+)YsP)
zVjXx&+eySKtZti)ZZ6csNvL{YQK5=I9FFxZ8yflW5^z}gKE}<{VH>^sN?>K!23C?y
z_9Mf}GhtYgeHKgdRXeS`$&&1c{}%kSG)r>e?DT##(d1{f980pFZ-Ick9~o*c2VUq}
z=M}*VJ=ezrEmJxmSrJuwE`pZHkY-6XgG_rU6HWyHTp}sI1*TMSm{M(8p0a$HqKhA9
zn3Aisu_XIoNv@gbJ}tyOja!Ko%=qY5EQ{cZRY-*0mTwz2Kubyo&47g?iu;LG*a6}|
z-88M^?UZ6FDq+OEl<Y@fAu=?7XiyrSomK=QmxCaGK?EG4U_Eh5ZW=#Kmt-GjYw7Ik
zIHS*PsNcL(4dJXAcTDT01>6w^@HW0)TJTNuFNa>GHgFcB8vYP9EC~``C4yE25=vGv
zlmiKhW0V~iO;z2m*3%_-zvB3ybd7@Me`SjZ%RdI?vHSW|Z-GjgcBT8+0l}PCdhn!U
zw&CPk`%m1++*-5!?KRtH_Mf;KE;O9HUDJ5=5cZRviMD~Qg~Hq%P4;2c!rjRu!2`L|
zR2i46Yig<z6SWr4i!5*9zP^svQIcDW=QmCE?JZNCQ@}NjcG$PK7g{^XzTLHyeLK3A
z?AvP|)9l-!x}#lgZLLCZx#~+*A9<9<)=3KNRFQk>1_h)5lLs*BNfqhE5`!vTlZaK@
zSYO~X))zDgt)Cw^?gVf-x2t^WMxkV+)bjycs&7BlN)_sd&=JiO_%E*`?Dv&%XI7UM
zIQi0oz@keF@CCHRmlkNt6c(0cx3FNzWeR1=vRhVwudcDMv8+J*Cgr2z6Pl+n@rf@|
zp2|I}?shf&A^Opzy4<;fZ&^Z*dEdTf8Bn#F%lew-qMw1K@4hl(Q16kA4Lj)h>FbSr
zD-N7uLoR-5UJ1ZAzBDO1NsBKI^3iwUZ~j#%FKzIsd7~~jUvh2PsLQ12w0eTLNr}1m
zzQfqQt3>^W?Yn$Xed@MlL8kFhNo?Oms#T|H`!3tX)j5CC1Md-1TkzxTt0IR9o&J^j
zF~AjB?MdOLt0Q}Dah9PP6R1c>cSvu_y;e|X{GwNM^`FQMl!tXdE25GR@e)*)!JbAg
zTk4Elpvq^e!#=f+pO;K&_<HDzrcJhfgQ}R(SK<t|{xa&a(Qm+`wpFAvesiI|jp8a5
z>Z7$Y{LsgU?h6Zb`2!dwSiZfY{$I{0*`U{oDT<C2jgpewnuMbJ-7aGd%5p}Dj_`Hr
zNcn9%5Buk?=Taq<``&lP6Z<HASCSi4hL&uTvAI-O-&_jMSv^d-V<OJ@E#r*>pW7kl
zBHKSXd-B?X?a0JoW9w7eT2)pBC%$!1%($h04>-oZ2x|IfG8Qu=pohH-qBuk7G2B&@
zu$GSG6r`KjX<ALai1!Ngn_KxNOX_w>N(H{SN2_`HLS(T}+p4~_6urm-5xr<_rAS~{
z#s)`Y8K`uzS(W-FXmy8nZF?qOjY5s%0!*#yf%01v!L^(;shXB(lcLvHqRpPbC^D@l
z;gZdJl;qDT_)7}FD<qbpbWc)1`g@2;`ziKi3c4xy4h0J&8?O2MG2JLqKsr!W?fC&+
zo~6t8>5K%NMchr=x%Lyg7inM8PSYSrt6N8<>0zg>4^erFOE+p)Esl{?xoP=Dy8u6A
z@;q7Sbh5Fyc4KjM3lMQl04q+gj6`=m5gJg66l%_8Z*H_Mfp4q6@XWRG*$91Q^=72~
zme2BkhHmR|)+;so9bfx3tee(yA%(cQ>1&7Ut$Jq`=Otyo<!dk2tiDyVX{Kh=)r#AZ
zhU;yw@0*Q)q{KTBWVHOB@g-iE(BrIEYV<q4#Pv3F3e%OI;`M#z6yoZpFHtC|@hxBC
zUPLV4rlJ0O&g$d)UEkXuI1wnbmChgI`Tb+UdUgU2Jc|8x=F?mt>B;|gs`8|i|8Ih$
z4bFh0fvc&9{hAW2cM0<KF5fU|DSdr9{_C~ngFCe{X`0|0wHme9oBedno}i8U-x|4M
zT7jk?@D@E6$7D;THZa*zDb1Kn-Lk~Ip^6Qzf>^1So~-10#b7F=nLon@<}&rR&WnvE
zp+!2c6&P4Ef5LZj^!FF#nU0>Q#xq0EHmcJf=@h}&V&_@@qWSv-1|PkUxdgK*Hic6&
z95}<qvk7(vbDW7!p20Wlox?ILf1Qi$D`J#FTO-PxL4t|$nI2-9zGg+;NASSUL?Zj2
z=rwhF!4+~m;$#ZAs%Y`gsLflP@o^@1he#z4OqJbzKxgv^%I`U{nX^1ATT6rFix~#D
zAnYY5h*x@7$m^C-=6Ygsq#gR0nOwB-mBdSlTQ%)7HSJd`ijh^fA}uqK7QQq6<QeU!
z5Q*QTt?K6~_^}(>JP%F^krp2NKE?i-%a2X`DEcQN(H*+F`V3F=0Z$|Ov4x*0R?Vr$
ziUN79f2K!Ip5aAU%Pj^^+;gFPqjaK+6TqW*8Tb4PIMdN)*MDvf98Fj`lMlmyYatZx
z{|}t0UCK|}@}^4D_b2taHx~rQx}6H``$bx#ng2V%83to;2=m)<t6Y_-9DS`{t{NJV
znpAbFhDypsQ_)-`6%nOjt;|($!6o>azUuQ2EL>3MWxb$j;bF7yfl-Ss4>7odnEeHn
z+%3$=y<uTp<hoXxo46uYfv$wgMoVAVQfY8qojUMSQxDowXXFA^{v}iEqhQIDx&~y)
zl)7xLZy{bwZgZ(xjZfEMm2q2X&!+0c(};mTi#9_)QfFzkEe=Y0pNs-Mg`TW_vgV&g
zjxh#AFLIQ(#JDzcEobCBslWG2j)!XTT$fB)BT~YBPThQd72m>cl{Ru#ml-*$MZTE%
z{Sb{e4K*OYK(bnB;W{MlqE~OCYl|tdb_&dC&=uvFvo=+)QPj{!5&STfk`QsmFKTWO
zREl2>bDGu+<$`d*3*#?@zbgDy<1d=4Srn1FdLkMkt(*A70=Q?{zgykXn(vs5E!D6K
zb1ZW%kA=##`sloB&M3j8+!O#@>gWb6JxQ?CW*crOQMjL(jV=eOn*^^{))pIayh<yK
z)Wt*u-Qpg;`!#zP-DO%cMDAo0KB|(|{;+M7(lK#{M_}7+ZLJc{#L6b<dpH@}brR`J
z+y!w97d~-XI!OiO;Y*9Uc({{?yLq^m!p=^Wj80U*ue<oZNE44N+1c&dG8=eIp3j?l
z+t7t@UE6}CPMx5d*RwlbzcM{j3Vp=RQ#ZawL6!opZ2D6=v)j;w+$WW=*oXUEK0lHl
zWeb*+uUVNIY5^LbqpCYVnAtOLkNKiQT@$74-M!0lrR~wJt+3KoPia>js#9Mlm2FyM
z)w#oRwbOE?m9DPF>f9sKq*$_uU5_yDyRrb&;}MQ!pfl9A{iX-3?z^H5ish)pmM-!T
zNeO>~;O8nO%((%)U+I1cYp`&F#aZ36kyceycwGCLiEQF9d}`=cqI)Kxru^pmLZW+i
z3)XZY+jmtNqp;<n@3zcrIm}b@z$9O^@`y#{3tFj#(iX@US}d1W%1I`)V7@e`7P~+)
zxrUWcNXrQ~1QYDOXcs;CIFB{mBH4(`JwI~!xrl-<XPE^l>I0s9(WZVA{*I*tYq5(q
zb!x~irxv@Qsdz*t%5@<O&&e)YquX@L+*U3oTIDjj;$2Y;KC!3($BR@0eS1hvzxY_A
z>kk?Ok8KhALq?YEb3v?C@!`v9*&*6?%R_U|Q;1_vQ!vH@iX*PA`a!hN*(tg~0a^29
zQZ|(OVZiC-mHofEf2#V%xtZwRlGR}Kp7wduYA{@y7jrG1ceU{7P<M>P<y@!k(XnK`
zrrjpzX}3wWUDTR*2mg$_;uBwR;4DCCNUPs`NT~BDfIxy}pJCWhMe*xVN`)538HnP=
z79Q}FV<bj%JBJduaAh<P=pYZv%uTVpvmszhj6a2%;miOGK5$W!vx$rO!R(04$Q?la
zR4#d&sJxBVA(=eI$?&19Hs@788InGif%gSj?v+OKU75S?v4r-kZjQ^%FJzKYf-?Vn
z7`EVoZchE4JuNU)++*3xV@hD)LI#ThXp1(*tM1jtd~`cFI6OcIDZ_^G<qTSl$aYh(
zi-^5M!5b8C`_K33EI@a;I}aaA*72qI9z+L>k7T>qFCiWNOY$cX!WYTmm~%!Q?t5D#
zhvOHen^NNsrO^M7HvN&*cF*m1IPXaa<|+6|t>oBo&*^qJ=OhGoR!LYO*!*hqbnVp0
zY<&N0!-EBB)w^rgef8L@$BNh%D^yhsMd;fOg^nXLp`#eDP0o8hcp`sk(~N)Zth4Ek
zUvjL0!+7h4H=4iJT=ZAIxcXOCUvHT_ccb&$2flTn@WiKQc4TJ!=Zck~7kB^4?&}Aq
zoHLaV@S?+Weow2jAg#L-mNspE<H@f*$)h7$jW@hAq1~u(lc?|q?x*lMM3<AQTz_}%
zI!E9-w&lXl-9wIDj=&@?@N<_rx^U;|yApox<{Ztq=)NoA=U$Ja+mV>V+K|M(L(Tz*
hBQPgXc<-d^QHLWuCsBCstn)nL-pAK$9O^spe*w-D!iWF>

literal 0
HcmV?d00001

diff --git a/tests/property/__pycache__/test_state_builder_prop.cpython-313-pytest-9.0.3.pyc b/tests/property/__pycache__/test_state_builder_prop.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..7e7143255ab26f197236e7bea47c69bff016cbe4
GIT binary patch
literal 44175
zcmeHw33wdWec$YfJ+W9UZi2)T#K9#A5Fo(=JRtFact|{i;mVW<d%Xmf<VwIUGz*Br
z>Qh76ZcI5!P05x;D{h1wUjxQ%%^Xdbq)pxSbCP~Z+g-0BtR}Lf#!gkGZViZ%X)9^d
z-~Y|LnOR_nL!#9>=6=ANH*em3{O|YPO~2nG;Mehuz@txzg76)B;lGgTxw*w52rmkv
zAPJ&HwBB!#tn6t!YR_21!cm9h3@cyCq%!u!CArwsExGZu-S0W-mAprNlJBTr^0T;h
zgq2GH=6Bp*aWp6encsPT<<XE7I$9-F9j%tCkJd;vM{A|pqjgf<(R!)=XoJ*nbd|J<
z#VxzP@#t!4byye-4D8{R)}PJ7U=#iuwpo-g{*=Ot#;@b?_)}WDX#6T3k3Xg6&4RRU
zuzujMUKj3b7PhJ0kZ`z45Tw?@bpyxvSN%EI%5w_~$7%$@D=gB=bv&-rj+&m-bK$;b
zL3D|3d>h~)`V-$gqF40wT19`aZ6K<D;XbjvLC{LrxJU_sMM|hxw1l9cgiXlh5ni_b
z#7N%0ZIz3Z99p#GD!pXnF{qcvedr&HSS{A{TJil8JXC+`Bf8C|gi2kAc~+0XeT%lB
z_O>mk6YCdkL4%<MT^Q$8Vq>pe+JgMf@sjl?TC-YQBR2I~r5-UXt{rR`cvSz&eS>ua
zBiye)2df5B`WyF&R?*s1CN>Z56xZRu1^=ys4Px71o!CBDC9WUr6|Eg*f*?i)n+A6R
zkO=DghQXSiN^xU@@TmP!i?nNvAnp)1Ax;g8(*fVAlGxQfPO(#sy<6Nc80xW#o9SKJ
zgSKXQee|c;g`QDgrM}z5={Cf<=QeS+7~<SpC!i0vHV9(RHmj1kw2y^tL)dmLZ2x&{
zWM}qUC#CdQLK>g!I2+F-hQs5D%y=ezE-i(}FC@a^cziq&-anBX8BR!@9?ymi55-54
z!wAgm3J)Y6pGZoH(L@R<dOEu|!P!Di4>{X5Z18y0%#(=>%Q!K-%hM6&C5F4V?@~)R
zmmEoiGvm_4(D;ND9|=D}r6k8EOJeWfu~DEj86HZHj*TS76RAWd6ON~b!<nHAiP1R1
zB`Gm9PQjkHsr|<zHra7L`9vZmyE2LK@nq_JMs~(CnTgRv#3Fl8E*f+mmBd>p6Hg__
zli5TpIgE0W=aLC2;+Crpq=yrSP!^&l)2V?(W@2Pq4jdSp*e4BLNRFex2`M254kpGD
zDI^@4JS4@(F36P!lbNCP6A39Xj5O&9X(%E4)qE1e_o3Nx#mSNQI68dv0M#NbP0DLe
z4xD)C$ie=Bm>4~I^2ETY{)4fBe(^+f;6Q)u)WawHMcIc=d;&F;PEC#_<SL%`KmvK8
zewho&F*L@<#!nr-w+YF-4Tvs8tg__+*>XH<jdj3Zb&(n{lFW?9hLkFxD@sBy#HIMq
zctXltv&pW}WGa?H2f-JAQuW10#xBIqCdP+UL`K~%(Bvb4b8|hM7lo)WVEl?O`tj*6
zT6UcmgcjkN^|&ltv&asNN^%SyOD03f!t(9|y9NjPPo5YQQ*r4WjmIFHtb=3f3}&yf
z3{BbCS!K$`=v(L5r0m)=5+6M~9Pg7_kXaA@Z<fQkBwXo!X~*+BzR){mec_&)2oc_<
z+GZWGj?KF|KYVkf)yPe1B4;fer76-ndZ&soXE%9T$!UZ0_8K@@XRM=h^RDnmQ-OYz
zm{Ggq@s}<>fAI^GQ~O`|8CIQSMZ17Ok=-=xSe6qBcrotG`*r{+BNmA!m28Qb*OoBW
z@<xBJh5DX;aS(Q4%ox#10Cqq{TkMnS@OjfBL~O?;>NAPvTf{1b@sP`s88#<x-|Iw#
zWGF7?fY#{ee`cn(ce;D}!D~HV+jDKtSNn3cy~?OiJtB75{#arXz=O3uBh@2NYJih%
zKhxdO`|&efaGvVg)cy2er{eG4w57y<3aiq6ZenC)G(J9bL9Tvm;%q`n0g7c}!-=tx
z^dv!3**iKJlQ_6=Po$EMPY^tk{X8%>PRrh&ijQI$VvaLVAP2`(NW$0gr0k0u!ILLG
zj#YJb0>#PYQv4zcIS0^`8p69%N&tkVhFoY4|M}oyEBFC;UKGw~>o;nN3Q=p+7PUtm
zq9y9oM{d|oBL|dg>#{`44B;4^u&`MW?Y(Y{nIpURaAE|ACp?}G4@n8E*>F6(5LkvU
zCdV&?Gl^6tc@`*QIB_lxz?<pJuD&onK9<?Fd2@U$*_liMIHlqvog?wHySDfAY?W;o
zC)vS<DdLuTQGIDAIlIVV3y#QfX)hev1&BSCMjlchh1~-ObJ|M}my(L5H%Y1|$WXV1
z)gN2mvVS!GSV9{{i56K5{~0R%lJIVg;9FCySy!xFRrCjo!TMsu#$xr_Vz8?iT0Il$
zo@$-0&8_V&*0#>nZk(>13weCbS;6CQvgs(h`Ao>rq|kwWW=KW(C`1sbQf&N)Rw@}k
zA!=DTHc=rYJY>ySHwzgnh<`wYbn}2QKgtuolh$Ju3c;VTrVtyWYUy>fAXOOuDeE~b
z!|WEb@h!!U;d4@YG_19xGvbi$L-x`kIC5}2J(eCxpHB|OM`CFSs7`hcO%9D<s#Z^=
zDAC9hiDAPG#?mK7k&RfyX2{7RWvCM{ILg3Ovw^{KQ!#byJfUidc$|y)=L6&se5+`5
zYSzuvM5d(IyLt-^yMEI>-Tlh$uk8K}cfMg)F%T@S3D0?*G&D|!^GEMEg;l#VSOLO|
z)!n`!JhdNHjSU6C9pg}(p-}cCepIw!f!H=%451DlY6x@kFtM!HhUMhScA0cHKz4Ez
z)RY<R(wQwAjVDu`<L3;(6WE<7F$Px3hSFG707m6}fMP@GiPU)3_e5Mu#<3bRNSyU@
z=z|x~S$bs32vA0g9HRi)&!e+f3>i&PiQvpN1^p>Qw2BSU5O93#yhe1<TEgO&9zyJY
zjQ`AjIG2R)dYiuMtDow<e)dm-dEfoBHfx>dU8hjjTC83-J@9qQoElKuQmk&C-hbn9
z1k`%w0woKo1a)a+^(QERP*<~X20rD-`OFkRAi}lfp@mynI86ff)52{m+_@m!&cdl5
z*iVb^VBu7k(r_mWr!FfEFFQlnnEe2lEdb8|&QWI+@{Zmz%n@t$^PKPu$HN&=!2qZx
z5O@4Sd_0`Ygh%6JV>HYJp&3yH`hTAu%4bFRLLB6GIF(LyBu2-^C&L=LVnlfy>w74D
zJ_UktSX=60LSLPpNZB&LYs4kj@Uj@%1BJ)v^+`iG%~(CWQmcX<R-;WkDq9b4Sb#J2
zZ}mfC6EPzK)jx%FOsWMk5RdBGhk;rZoWpPiLp-H8hanCVoYBBLUBerC?w`caei{Fn
zaX6QRIiFBn|7!i_LRHtLW3PJyuU51byzQ3`zFtxFYIS>|V*RBfuLnY}R&6K*HeNdX
zdR^nIt9KOYcINEWuZL=1t?Mp?wp@DP^<ed@HIYJa!=<C&_0}oSt^^&0R?h`o1m0XK
z<|$byV44-6wjY$i{DoqMIhd#dK(5!SO>@g;A!R*7<Q4mIx-MlqL%FkG)WTx}D?KO(
zDP_sH`FEa%$4WV(jsb1q@K}Nnwb3ZVv1E_6(%XPv|HgghDS6JINv#9gGUI8GmqU+n
zOjK~=nIQju2Gp$bi)!r#zw^(*{iqZb<%=b1&u%v?QR2wL>2nL0Tt=aalvy4=axl{=
zRU&_B3ppF%L_D%JGcLP`E;<jkO}2sWl^s$%g||;qESi(DEj~O9MtF=6p+qAf+W`C{
zPKoFg*`Jyi)uv&F;Zx$D6Dd%l8EG>`aq)$jA+V-UKMDYE83m+Hf<KQfn9&)1N)uV~
zoA}Q>2M1Hyi7EY+%2!ssylVRK8~gJ0eTAxfE*&dYR9-srMxgTNCN3TRuD|li-q-wV
zFI(6w-cqRRDTKCNcD?Bh&3ISmy{o6{3f{=;zN(_D;`6>|eOFG;RJZ4=+h299FS>#=
zuDZOd?rPm@uI4$vP~QA*h2Zc$xApSm&-Gn>Fz;RSs=cY`t;*S}7?D*n)d@Z`{QU!X
z=1+A#j2{*!3}{#Yg{Z$~MqWLrEdi}8Wf5rj#B9Q2xiN}DboAP^bP8Tsh(DaCABx(+
z><J6-h*Na-+A%%LvWE@RlaIYJ8FhFF!4V;l)X>PpFoZfpx{pKn(lL@wKL(@|CJqXu
z9{3iBU@n5PlRco}W0?flfN}UI#xKOi(~m(~1KJ|_1ab33%m>CtGO-~@svwdfF@-Ya
zX=TY3@v}qV49;IjKKj_mXevD>)gd@ypO0OLya!2t8V~7VavmY)EF9UFiIX&GI7TF?
zY#&cNIWB#IzV^cbo}v{o52VX}t!+vL^;d;Y_N5@y0r5&*lgSV?Q&xydhPLqzj1iB6
z_NyJG#Mc+eBoclD|CwjusEcHAxX;&7)5}fo2-XeGn}W5W3{JJ{(lLCiUG<eMuk3hv
z$Mn7%)?EL`@~ci4Y979H0$-}?Uai|$2yMFbK(V>|%IdtmsRS#8n&#XNLIw_w3{WHO
zM*xI=H~$+$27`iRfj$O$7|AADCHtTQ(q*SEiv|*~43=Sr+A%vVqI1wS=%y?nGc6;T
zsRq<prs#do3UY9n=HOjH4sO#Nd@IPoW15411vz+4b0}Xy4nETy0xQVDZ<<4eSS|(6
z2O<@6(<umynV6A;nW84beMptyzWp7HU-mzqRAqF_kohhpW+u7veUMMbQ<H!$3`6pj
zl-b0j)+);Yf|Jp$Vd6X(nF={<2GY^JJ)1mOqRHWKG<xJ<cqExh#Lp)-AvZ8KBYPpp
zCULS7<EVJzxF(qf&3etkFyY(7XcnZCK9Yqco@Bs7!I32lxJDoig6J@EeSCI<^dYRm
zema>0;)ky$O+X5w$2y>qL_CckoIW60xL$`5J|;LM1%5I8M6_(zVX*X<*Q<$#zYSQg
zkx2s@M$q%d>a;~&Jr>b^`h1Udn_c-LI?j-=ko^WA2$=uV*Eo?|!>dY4Awp%|uh~F8
z@w&yKQ8d(z1dQ{3##ARPsFU6j^Vm*~0hf$f#$$@kPFn{sY|3p&gPP6%p`Xe?IGXf)
zxv*6y`CJ`HD7vHWE(^=mbEcl>WXQjPhv`qW)x+z=p9zcT*=tEb^fva{^PY$|+j$BK
z8`G&DAGsKx%#^Nx&i5VNon4(>Z_}V&v%GKJyZ4$UySa7!*yNT-#`Bcw3GWS)uPc)2
zR2Pru>F{19a9bop$`eA+w8EepupuTnTgcg#4fj7e2E_>0p}z3K=hNfb>-!a+J`e#w
z>a3I<$Pfv49FG9Hpju2M!`OY<!36qpnVOO8xp!=mr2k;g<RHYIBO@SH$0X7T#i57s
z;WN_#K-mM)=13YbGICukb0Ix3LPDc4DRzD&eHPf62|L`eOq?X4W0V`|V&ce|RcthK
zUM}Cqynr12l9ZO@5Ra0065L~oX<V*(WqT$ua!#R>%T)aX^iE6-<Yl4^fGLt+d=^cU
zy;MV`h;HLckMU)z@}g8|yYXdbhUAkfJwXqJ>~3UzqK`>T?XOre6YG)pECH)K7fby;
zl$Y@UwL^C46GBa2=)7F^Mn&sXvQW`=+3`kAccEtMW$&BSjW2!t`HxTSzJ9S#ea~gj
zn}Pb7z}kFZ?W|yRd!`;#ANfGrEeZfp;`V&s{<iS01D;%9Eei$F;`Y2{b3e2F76re@
zBhAv=<t&Ty0~SYcKjSurDk-&4o*^ssEiHKJL6${nzQyv+>FmtrefiD%a-I8gz5};x
zC`~VmYRRg@f>@3Um!L_2&_No!|K3Lg@7D-tG^k_F0RS$UKz0sAQqHJzzyv0z%0zqm
zvr!kr7+>a4nPChKx(=8_LPyjMjNv@}qyb};ogs>x{RT|o8^?zl#?VV?<SF$h;GqW1
zdEFSs&{M6^V{@M|6);BGnWbWDcwotxF5aJ_OT`!-Lz*zJf&K)>aGUph3C8d+jNy%X
zRE*&@2o?0&H|zOwAKL2Wb>dH83?DEClrm#i&->O2Iu<Vz;uw{%pyw`H&F4)yD1xmT
zFPX5M6ZYDggmadNKfC3&_(zctE~L0RrB9*0S@#190Tyo0R=1PnF$EM6SLrXJ(4<cz
zn)DfReijb+!ng!mh1kSIa#*@dS+r`HhEa4X)C<E9!GLbU(sPu>&%-$$sho#lq<=y=
z+bK)gPMOGMDqSdhK+8@f80eQ?q8vU?&J}W=C+7unzCg|w$$62SFOhQ<PQ)j@O#b`G
z`2}*mLe4)WhY*4E&&c^ja$X^4ikx2}=a=DRXz3cDJZBx}18VdzX=Ia1pTv00?^`Lr
zH_zwqs3sp<Dd?YdI^5-NG^}|g@^WPA=uFG@e9QJi!;Z`M&-#RlRWpI+e4trD2XXb0
z541DjIv*=Ev(Uw{!c#h=)&c!xC3FE+P%@m472+(5`B-7=_4{Xf4&{3e<+dKq`Hn1&
z6@K`xSEy*XDcI2Z$}nWASC7s#cIF#9bE`JzHXqDY^xw2uL**#lUp{L?toIo%|E+L;
zK=?+WrGKmKE(>v&g}{<ie<cXv$IC)=+!llzSP0G~E6`gJ!x3zbShAgqun$VI67E3(
zfDC}I(EvElUIE?en-Ox)=M5Cd?Nnke2P`ufPOw>G>J(E#dewXgt7K1fbho^FrC`;N
zxC&tO1Cr6<d?2hq%6;l1A80iNnBipr%oUN*N`~_R<~~z^xoP^5nU21EM_+E!JvraK
zO9RYB$ml<WaO5Krn`qi3zV39}w3HKMwk}>UA*YR`Wva}e?=cXW-0(83k<*7P!}}rT
z(8%ZkjY!t(Kmt-uz=;k<4m!_hB=mqOaa=-7H<grNN*15d7yw?9MpUCDL;b>fy|@o5
z@CB(sTsuKtucVeFB+~oAw3bng9M@`x6oyo$wbN4($uGKARIBCmokoU#puSs>8ntvS
z*(NtHOLTYIRZ$WNOxVwm+MF>k6D8SF?(;UV1o|x3M0`A7;%><<FXbv>6I@381Qx@V
za_w`S(-{L#b~|AegCtgghA;?#QE=KQW_=<VM@a0^OggnbqA~}YL}r4_M7Y|wFqHYj
z6GIRzB~!YXc31d#c8wC9No}Px_=wR7C{fRnaoKQkXgs^4MBvoJC0+37lCJfH#kwO9
zCadTy;(1#3Bw;auM!;51b}IY_6#d8&Y9><5kl?CY`kd<Pxeb3&rZz#gQzK=^NIE{8
zkpooSgD{gAHgXxiiM*uWCWo;ajH57PH5ixSU7X91T~r?Fl%(IHDq0eZ(J)GswwX(m
z*3CzRYS(jqgSF$pN)e(-CM|>*8&}F?Fk`vae5kb$YQOAKSdQxYmmYcHkttW9I&%3w
z$f_zDuD1PZOCivna~*jt&_3fjg1=mZ+<AY`Wwn63>xkh^34YCW<Z7EShT%<%@vAMy
z82s(eQ6eu|`~FSW5ymW3%>>rv1M75_q3_1yH->T*`*lX)Z&gl#FvP#J)!esD_@ixA
zhZ=2v>@Gi4Yy0C`2mB>$1L+TdJcXNK>qmn^mm!DpqdxO~9940EmU4DOXZ;wY6j7r+
zlXE}=Z+Zsv({=!OrCd=LM-LkX9n}tFW$K7(Km)saZi=qM2+Tw~L$?mmX#lCFD4N$q
zlU`{k(OlXU)#OFIu1tERr!qzBdMZM&nhpU-O8FVu7v^F56C{cm;4cH<FN6JHlmTg`
z0Ar?F3cO};l*BixL<Rb_ge1jDAk9U~Ty3^V*Q06bI0c6H(Oi`NB{|o~Vd4{#hrq^j
zes0-L0{|aQX2?tpW@Bul2{xys$2vw5Pb5a5(o2jCV-L#vRT@AisgbIyP#|)dn*MkM
zTlc8oW8^$U4hegt8|3^RIloKJFgaVvSsdPK>_cP;psRq|0IxliBvfbVKTr`Q@G(N)
zE#}a-!vK951SbKFmLa+$#=1kzT0XV{IJ|Ury9pw{j*6~G;{Qgl`lW^!8o1D-(AZT7
zc3*b>Rm0%rK(TV|uO66oe$9K$`&EAd5~0fNm&=NwhUcDQti{hi^=^r%zgWKK#>Z|P
z$@%VMOazn6+)gcUWd~zM=BWkL&{8HzS1K&zJczbuVDs`%DA+U@?>I#ptvn7|VLLY?
z2oq@6*s}nx8bFP@2SC-$|8bDUQ#0V|iF!D|0&x8U?jQa&09Os9-bO88kAhMZ9Z?Tl
zr>^*1Ug-eKn!sNyV_+HEMOQ@26NjPK(VWB303>hOJf%W-elH0y0oK7Pz%p0u`p&H5
zaSf%m@G$*}^giCl{7I_al=m2x9&M^+%H8Ar@u3U4{j9PBE}3HH4jPai1px^N4g1zj
zVNz>uB08CE4N)u_H~|ZL!B3$E3@*!dO2zg?!0ZW0+3pD0t;J=M>-Pf#>UNZ{QgpT<
zyZ}0Ln4B%|4EM7wdSvRgD=htc6vjX@gMG)Zg_Z%1Wp@JhhqT=;VFsCHJ6T7Xir#hj
z>|dNHR^W4;22MHJ;?UHRlpU<KI>?s3fu>}Ljxh@5RjK^8`M_GskaEGEy4Z#I6SN~l
z!DhUe=t_b1va&r+z?+0kcLaE^JC$>VzgxF<s%?5zzIoegb=#jke0g87rt`N$*Q3At
z$ZtIITZ4t}{rQ^xmk$+d*L-pJtYGt(zqtEddVJscwlG@;51{|l+Nn^krSHbY8_8M0
za@f-JM$@{f{$D%#OGkg@fkIPvZq1fin<dzD%ZBLhQQ})p!Bzgu6SpWm3(#`Aa`6^L
z_<<VBQU1&kR*D+VK7yiF%4g|W)OQ?0{f>ojpKN*=-2d1A5aIqDhx-QX;1=!ku!F3|
z`f3Sw@GcuW_@X`zH-R0##r?y-UIKYFDGz#F{ekp$Fzn!D*r6=y1CDSRaKy6e034x_
z)uNl>2pk)5$8m%Pt$F*Fg(I|7z!6@RbT3~4jwt82fj>!^oAMufL%|WpZmPJ#2Sw}<
z!xbEWLqx)`#5{st*(|LS@w)vk5%fk=RAs;5ChWaaH%tMNsR+c50c2YlWS{Y?Twa>H
zTxFJ{q7wa6WRZ1i*d^=TgbFKimT)$xAsG#~1Uth=_;+*kBK;?1840Wm_VY41k)EfP
zeG`ssd6ewvl^V@Q1Ozoo5CONt>6woTcn&HKQ2PgFhRoVm-I94~rI=tjxegN|*m;K#
z!8>+qiwCISU6)YbT#5|dXj(sAJ^fTZvir5BJ<ofuSc(l>ep|dz_itDK-s(SSDr`HF
zZ#Z(LthlQAiy-!G!O9mw?Bf9dZ>h`+LBQ@{WwEAd%5pU`wQ)K=E#|uReZBqb^}rMN
zTiV`e+c3TJYkRNl{pvl1w%xhbJ-`#yeZUjJN}vUnjj!_A?SS)YfQl!Al~=(SAP~Tx
z#d23Z>t<!C;p`*uM6i-lu=FhIO@|QP`;Ltx3n_}BhSh-ViZP3^SWNcBVj!I+u*D%J
z`(m-jC*mV)8&XUT#4wGd%s8pxQ)zrIi^Yc1L$R1dC`K9~hb^7|LO#+zNxwqQSIPMr
zIe$pbACXfa2di9=t7DMg!PacZFlCS>RgB>?W&tKWMX%(12mhHDFz!Dq%vqfd*Ib3*
z^yaI33)Q>xjy<nC{8zW;9Zj=VpTkqEU!7aim9Ou<X~Wx1o8SzSvv<~x*SSXXbX6tk
z@McVh*SSsR={{(AA;(dRp`!F^ERo*lHkcO~D5)ymj0y2N*KD4y(ot?G5pTwHc%55s
zp03(aX-J1RJ>5+^UX|gZK^nrp_H(Mfn}32)dr?@q0sU=F=iN&id?T&7(fl&Z?vd8q
zTz(k__eg7QD8Inee$X#^al}o@mI2W>Sl(k7&5hI*GxrMJmSEwQ1C)-VgG@FX1X+(&
z8qx+zwkuQ&h6Y_kKOqMk4P=r-l~^fNpASW<<W3E&Gp^`>;oOpasbP_wT5>=?v?Tdy
z41e}}CpC-tm7jaEgbBTVJ`1;_=PZR{Kd+DqjP+qg!}{J%9*=Fr+~m<-OSw&K5K|aV
zov6SjHk@}r!n|=PgND^ZQ6|GUN+yntpcd&d^riHV$oUy^=(R+i?Lq)S&zpY;8_T6t
z!ke}IQg_~#{tQ8E_S3BpVJ~T2XfFu`Z!?HrO<_D>qEusYXR?^Imsm_X&S;kPX7-u-
z#N3UV43nZ#FGUk`sMW*+YFbFgl^-V|H3F8Dyn1R=0)1g>5V9m0Ur8-jm6T&zOMN4y
zRy)*ZsoLqONHV@;Y)zE3WK2!vyktzB^(gCfC@NVx(ad1ES<n05ke8++=iit>$;@(7
zwe?r5H_i7Nh+YCnDX?K?W&tU`=u1D1Js{_?2jqY8-W>*^Yp9R;{Pai5F+a;s&loIv
z19yDnH5Q52jWJeB%u8K(hLH~#T4Fkjqkca3myD^6yjY=H^cr(F6(5R0p1WAd*w0Wj
zpt5=uIx}l1*?jaXcrN@&;y~E#`eC>GmigGG^QI#njQXQNX2GqEHz3l^WsJCujd&HM
z|A#Z?V)Y%Lvl^CJ(VW#%Va`??=7ag1)n`?WYV1*INMk+|Yoivk83D0Mo%syHm-?;R
zCU&ub&EHkgN=?hSeCVYK(HG9&RCy{0adu;NGZRtFr!(S)QzSIff*lpX<kh;VA$BUA
zAXOiBASpYQ;F)K?v6X*<NBsnoj!vF!#`83+I`~eeoso=m0kD%9BwlkUvg&_@0J7@X
zD*c@5+xdRLuv@7co1$bptUkJqv!kcjIV!Z1YVBT_LT*!SN6dCo@k%f%3bk0P?WbZQ
z2gRg)qsR<j6e_GFg<{h}>Q30TuroJw^GK9@dIcq`JGr*=&VonnELg;7ou$^35oOmD
za~EdmBK?lqG263sn*C;JRomZpwJVmK?XsnP-hMCY_P;?EkqT3V0I7(TVPOi{=jqkV
z07et|D;u=Ggm_RfyiCy<Rrw3#`wBUl)xDy6RR(hlGrTv3>@dERY`f}Jc9tm{vbwvK
z;rd0&dWxK1BIlRk7&F+WyeMgQWJuRGPi91~(mG1E$sjjkBM+59CI<RD#>N@C1LX`s
zHX`zwl`$5^?OjV|{v4Q)%-=#7K2Lw}<kX{uita@=e9`Gu?fDRlZ91OI<U;L*z<PM6
z_c13Q=$LV-e+5@ZF0fvERXl%AskE?s$(s`Vnycf=E@KS-hNLJ?`C`l){^@;M0?mWy
z#fpZRik5su%hZGUiuTKnVgQyn`nH6#ik0ozd|-X40$JUxww!GV6J}cJ%Sz}nw<Vlq
zS<Ks(;Okx7uGT43RP(mj+@6`XJ^8jhkh{?)yXG9;0(&6&a(f_y!v;J^zTPd<zOfJQ
z&<6<T>>ljGqi+ziDKQ~E!!A5D0S}1ESS*VN`|u3mJhc{%Qdxqz#j~BdV4kfSzA)Q1
zr5UA_E0(uSJvr09H{ZTD*VYFC;yqQxs`{C#_Iy=)F0_8y0^y;5BZP;vzmK;<75}M0
ztey+iL@q2+#)Uq2mkUK#+~q>i3F;4ue2sp(%Z1+MLTOr<o5K9$bD?L}@>vf)0}`(J
zKTi3lg67;t`dcP^DL4!RUt=zbxXYI+=V|Ct5pyY;#xt&nFV#{JUn<t9a*yS3o52sv
zS%y|1842-u#h;2~WbE6Fr`)}Ko|44X;r0Ba?_qVXfzDq_Z(&C39HI2z>Ggk*^F25Q
zc2D}Bcwa8JN2RWe+hg@)I~Z=u?JbMXR7+O5J+OANKcODY!L*szYzoT@BWZy#b!Pk=
zt4zBDTM|Kf2hKcZ4y>azOTA&bvszL1Gah@H%$(t{V=7tMQ4Oj~Im0(nwK#((y+<)$
zA?F9=+#=_P<ot*n((EgnuBXVS@om!I)9b$>=WpR;Xmyz|Yb)i}r~yAVZjCbkW#ZOe
zz00k6rhXE+HL|AIG=2DM$F3bK)a|<LH}Ik0PNqilfvt>BS-`AKjk0jg7JbCLno{@z
z7ErAetC?zr;r0+q_ViR5yx8`Y@M0|UMcA;r%0K|9yKESBg8IA5hAAC!R~cwvCd?Hp
z|8SLoVZIvlCs?t&%0NM9y?@G-fhIHJ1G8+#V+(ag)Lfap9A)5%B^fuqjRl59rG`XY
zAJU%DkDXU+lRpGAw{;N(nxQ7QW91@7#hoGk5^B4FWtY0R(oQ@3-t)Ag{`x+EK(<EH
z&lziE;N~P)kPC`7&V0AzinVcce6zCq2*akZZ!kR&q<7&gt_9n$gci(@ul(?x)qxqZ
z{{5d;4VZq;%zi}!w*Pj=H7@6znH6ck%+HzGZ>j;?u^bJU(iU)0%K2le1}vPz-qXN#
zQ>Kc({dl-4G!7M6N&|M7#ahT!DdC*e(-muKZRcyiTBc6VwC>2a?#Q+51lQH8a9yqW
zs@7bnZ7NP0u*e6|fRPm;(}2BsR|AHwxT^s}C#b)>te4Ue8tY|hgEatK-TA+5YCuRh
zWIeo3-G=w=+vraIcQimYzp0971()u_s;_ey+7n;20(PAK(|>8O=_|kEHgOtT#cQ`L
zJ5DVXbPwgQ<h;{%#UF)rX@Kh`G@H?&fe8)IA9aErBG@tz;+6VVK=V-_XkD0^&l+AT
zHbCk}g@u>}UsW`yTJTk_K+jUibL3Ce0<|I)Ft1(I&n%Ba(NMIU*_)o@V?T`jONKtU
zomS6@d09=V^_gi%WzN29+90v!j?WftyCrYOvgWXs3UjzdtnIWiJMbz)OU&m$9h(F7
z(Q?d$hQ)fg<QRliY=j%5Rq6;=uV93$`N;C8I>Mop^N{t}LG9py)!F-v+>BvA2i*>b
z`{Tkmc|B|hW;gm7w|L-;F3zNV5XKBwELf8%XxO$8djyM1+RjQ|lcT$EZhfa-6|g`1
zv1Sxij{sUeTg@*!o78KJGlzTH^<AcPAED7IRnM+dy{VW&=u86(a#ZwPmTV<e2-c<C
zoD?Rf(gBo>>+Q&hRC*gu*1M12y@@hwSea~3%r1R5%-*aEn{UbNb8oivWPI4SGAq=G
z`Oyh0=FOB%yAE9YJDO2gGqx3RD^<GY!)w-9$5Rg|W|7Q5Qd6oKZ6mvkwvjzd50|0U
zZl-hNHj-TnxI=xEaN88N8O5~yMKRi6B*#81kGMnuIpP%kpo)KrY$a!L)#bXGhK_tg
z$4tZ4e8bk6hHcLty?mh9&@|JqA>Xip9RZPpH?#p9jp6hLSQ`4vuaHK|Uk-L=(K8;D
zSYU=&Ed7iJC7d1aaQhP?uHtZ1BwUbM4d-QRxuUYAHHAeZom$a8ZJU|^57iNVBiu3-
zooU^cZ{0T2x+~whtI)cq5Z;?>>Z4;T?zOOUEA&EDlR~u$vn~Nfh@o})(7LGu`Otc$
zgJ6!>pAU7jMA~r`tc%D}v7d#5Wh`w!K9zj9%@G-D@&z5BhO;bG4IQ;}_0^%P(OmP+
z8`U?;(A;}1^~L%%Gxd>tePnuFzP>Y8x0#yReY;lbReHxOtlG}hb^w87gDqERf)({7
zF)4^eGen#u|GD6y_nUtNV#0KXpUrqzj$wzN-Q>0$2d?)cYk_&c)2DC+pIR!r`+!QF
z_rn3MULK?$ADVKBmh{!Ao6$GF&gp_>?(nllJ)m%Gr=Qj78_~WZs^$O94nN$@wW3-s
zXNRA*`;PbFvS=$U6=*Amfub^}4Yl1{OUBgp?JXHoKXlcp?(p-{fwED4oQH1(^q0ns
z80aszayLWDg?(Pva5sd>%oIJ0&i0>Kt<6uX89ym%I|!8&yp&XV)ISjBY4vCN?-jaz
z9#098zM)slX?H8*DSfB^k6~u}@A#b2xWg6A87&p&jNi}_^Esn)Z+D(2);NO|)n7}c
z@WiS;o{^_CvAqOOS;07oVAM*SrTK`La1wW#SEQL7NL8G7N2*KthtgwV6jctL0*o!;
zqwz;^ryIYxgRv3wQHFZU>1Qx+mt&wOTROovY+ppJQd%8-I~aHi#x}^cnw4B>REhBu
z`ktrKuY0rg;q|61*xR11ZI7rY+p~TD`~aT428QBJ8PM5q{j2QAjEyA6r5Wn9FTnu^
zq3?_$9Bg_i$ug|x=xi~A37tmXFRt3zxqx^t?K_2l$5CnX2VXw_VTt%<7W6kn%(p3~
zbd`pCu5P>WDYxTLq53ecy7~#;`Got@*R|!^wk!LDZit1peP3UjZ#!6M?$5cJm^~Vu
zP&_Nxv4N<)FCXZ;Mc((w`MwLghuribu#SbkL!q}^%GM$JphcUdH`+Rc#}Cw4Op{><
z=c%=Dp6%S?*`iwJ`SK6!D^-@&0tRXLkZZe#QM&EL_8qx4rYLDHHn-0-Z_hVx&#m2o
zyT$z2X+`bP>P%VOq6)L1MU2y?aiGg5%1tTRl3O1Ql<Xb9_t8MfY82GnvnrNxqQ-J4
zS#7`1im<wt3RwN8{;Z14g6MnDGFon+Xz8p8I?%_3y(K2Q+XvR_bSw99Nq9)REmfm<
z{ZT(3okNy54BR1KHKCeP&fBaMFFVx*G>3kcIC#EKEQ2yGXZPR*egaQ*skr0xyT<SE
zu~-(*r=`M5saTSJ*WlZdF+TuzC~Bv=7;<mn^G|=0M(0dBe_#0w=JS>)cm19{QK8U(
zOsC15_hA1_RrX$^q(3=~9pboY9n?A9g*+OU9?R(GLhADKOn68+xoTwcgNXMd4k?As
zl5u+zyZzn4E`Dc%d)aHa?0pDCnf4<dm?YIVPr~W5e8RF$2t!~L6>!2eSk_U?87+3y
z0$?H#Fgayi2ppaeUUY<oV>oP|owID&VZ%j+){?U9ysX2lEJI1P013fU)&Z?7L{NVm
z9Fdw<Ed!g|SQ!G9am{i(Vxh}FE+(XiO}2J+$z@}ZF(;&y>>^n+-6x+RDOEUpNjVt6
zy@zi0eR53dlP`W)LYNKay!+;r6DT|PC^zNyb!x@wzFN@484^7F@NMCekP96D=I&$H
z%dYNxrSHpqg;g70tJsKuA7!Y=KHb#JnrOov-4UC#7JVeGgCke!2Z5>$&M57?S81n2
zw}8l_A889~s9m&Ve?;wqRJPIcSB=}RxZbr1{)$%v$Md_76#~a+e8+RX<8tG6rG=kq
zZnIzvEq!1yA0`%a<wud|U7@QNlv7Fin1+i^$Dn;m*$o5y>}|S<K}*&#l1@KHC#vbm
z!`bHW*@<yIj^U_Cx>%DPB9RShS0*sM6_je&O%+5*^DjtPxmu}>M!Ju(q6I1y$sw*&
zBJ~nKll69oax7!dmh7kVFtjd^+EHF6fV{&czk8KMvvC2ldHbm^Kl0<7bat9ypMmqk
zpCSd(J1$|3Xvw)6-l$uJjZ2N5Hyc}K8aL+~H_tTo<QsclZQOp-fnX>->OGhJw>*Nc
zzF6BhQ`?=d?FOUiFaP4!Ty1wDw1vG~e^7noLom<7*LTTLc~5_NF0_S(f_sFj#HAb>
z?uH+{rxFcZA7#m6f%jywnCiz6esl5ESBP^ZZO**ZYB(=j%N5mU30TchDgA?5+XWx4
z<7R4PURvp5<(@Y}wO3s;bsO__8)xde@^xK>x-Es!)?8%|*w<~VW^LABBiK|lN~@sC
zrm8`#ZnHM@F=JSzr)g2r`Yt(Sk?z1_Dws=fmu6f!vGT!>SiDo01{uyZcZyab5P02S
zQe`>(kZMx(WYneHiNQkA{1i?>PhS%qlp_86Q7>Wa^q+Aem0cRNgdvjXjQT)hl%4*n
zE&w->&*s~+HLLg~W9ou@mugO86t0^JvT^8O8OTSEfqe8bQxRX(ubPUK8&nl~`^+u)
zH6b+bQJ9M0D7qAmq#OIws9Whf<t+J>M=YmaWJe6HtQTQegkG%p|E?E<A4M-7vK%|2
z(1-9ntWt{pNM-i;5%uhL{az-z>|;|nLAQbM)4#F#K_>w^`4$OPuCB>Zlfx>3&anEQ
zVxq&cW>`Vi9-vVWGMXKWZeznuSbhibr9Xp{ZPCir%x2n?!??E_wm{s%C8JBTkF#UZ
z_&#~91og->NZKJRC$ff-CSjJ7mQBR;s@M7VHvMO++7)ux31KgikI@`2k?$%TPI$1E
z{{n@Uo(9G)0+I6cfo%-`3-bAil$jzQ6Nc;Z?S<q<SRprzhj+2tm2e$5JGXwJP#c$w
ze~81omdw1F2#$Y&2F#;3l7)({+aKL^o12^TYd>bxYd;#-PHp`2#?C9QV(lvI5C~RI
z`|?fOm@n6~EnmA0_WHp}+~OUqd`k%8aCaP-6|B56&VuJyuq%jT*bSj9@mpFbvSE>N
z>J`s}#V*#gPQ|Ch-1-M{RmWiek0aeF25x=A`R#VdWhqM*1Z#`B@RToK+c7<yuieV>
zzYc>fe7`Q`YkOIw`Blu-f<8cud3EH$^D22ArwSnQZR@x%SG9l9I^qDZU?pw~U%h$3
zLGv}zw`uDAB{^@B^IysND{=@yOP?f%SS{uF_`f5cjb>~aIRQ9wy|(mKtr}hb2-~vr
zld_F2f~=*Olaz2H`9{dctiU$Y>v!liN=_R&>&W?Q?tB_CGFdn!XUkW07OJ}Pj&A*I
z`AQtTUbo?<4bPkWRQWBlcDyP_r!P!Fr^-_b<9YH(p`9ncFvZHtsKK%BR0f{LTH$rB
z3kSNt9^6<6b`<Nk%sFgM=bTG$ma9kQhgjuiZS?Hhcaxq<25v;0_25-Gfxc>2p=wXw
zu~+Yi2DL~$wIcgw?RcHrX?})$sN@WJylLt7-n8RY85TAoO&EyC0X8{g*V&2W$T%<q
zJ1J4FkBv<d6V$03b(l=2aH!)&33h+7TMLrQ)G!5#-oPl!Rw*I<8hJbyCdblH&}Nbu
zW#+L-NA!~9B<CzeT9b?q;cP;hXNgV{RA8Q^rA~gpibRGua-}g6T{<<AkzAAoQJoU)
zD^cb$Z7G!e<dDUIMBr8;B1Nt@X28rOW7JyQUZrra;}nz4;4|bKB<JIluyNl555&ai
z$&)7rPW2y*4fKmAq5}u|W2YWI*)K{x6vfF-RLscE#FOKR)Ub4#5>L<<&(MXq6d!_c
z248UvEnQg%94$zXuypBEB9=ZU4bhA1Y&t!Xh^I1gLnb*ohMOS>mBnyF?L<Ofd_KB0
z79$a-E1@Jvl2Ha}i_wAS6HiLr7){x8e{_HU!14Z5{i0lZ;KcD$`;Hv%ABde8IB>XM
zJT<WI)R7a%Wyii_2e<b~TaZAxC$^ueb&MPkyn^f=!b$V#3<g^P7i@*I1^*PqVRNT+
zh0Crz%9R#<(oy7!KOy4;yn)%5#WH6tv)FG{3Kq*}gim|_LU8|u;C)Nz%nP00659V-
z=(}b0Sgf}MIPWp1MzCz1Ef*RZUuk-|=~~tFNFlPjP`@W9)D%}Yy%KvlcI{Md%l<;g
zfx_y8IiaE0xaO4;FQ2$}@Oo2W)4oFE{+v(`Bg1fWPG~HaZ=NaN{>}33ua)n-bYIaP
zp0T&*?d{Xf*X*0;Y(k(H5tVXsk^VyceJDc-seQS&2-7xy0DqtV_~$-;-IIGTn)g36
zS7vXpf+MrJpJ~gxn+w);vu?psi|W?Yz4WmcKDHpy>Ae48B&u1MD1=07!mm91^20^D
z^RtIOb*PAYOoAc&y|ns;)y1_NzrKFXX07zhl{p>GTRx%8|IE3(zpdbGr}+1O>i(;1
zrzZ0D4)yKR$8Lr^Ypm#y*#@Du{-yK_>7v{F`P$FbmgIZ=zTAVS^1&$T<Z+@QO0K;H
z=dPl+mDRp{F6gdBKB3t<0sVdK<zu-Gr*fYh&Nn8gXRCyU?qbF2;_ArE>Yn`Sp5lgG
zGaCl-8wQFkTW4B&^DVu_HO<BLjdQ_ji?bN0oVDTkW~gS?fhRiGTRvMxK9>+!HR~py
zN2psr>m{F02sO|8$yY7}tFMed@0|_MTZK?ve>L>{ktut=s%4fko~;y|b?=49*CXuQ
zGw1M9VWC`ATRzY}Ys1@{q1s&CrhKU5x;-E2nWYFQ-C6x!8TlH07H6)t_gw+c+4X|e
z{@KQ78t1IY58%>TK1;sYE-gG@saC_`n{Cm;OXA<!b=qnH2|(_xdmZC=yd#jyK<@tq
DS@Z{M

literal 0
HcmV?d00001

diff --git a/tests/property/test_code_generator_prop.py b/tests/property/test_code_generator_prop.py
new file mode 100644
index 0000000..36639af
--- /dev/null
+++ b/tests/property/test_code_generator_prop.py
@@ -0,0 +1,719 @@
+"""Property-based tests for the Code Generator.
+
+**Validates: Requirements 2.2, 3.1, 3.2, 3.3, 3.4, 3.5, 3.6**
+
+Properties tested:
+- Property 10: References in generated output use Terraform syntax
+- Property 11: Generated HCL syntactic validity
+- Property 12: File organization by resource type
+- Property 13: Variable extraction for shared values
+- Property 14: Identifier sanitization validity
+- Property 15: Traceability comments in generated code
+"""
+
+import re
+
+from hypothesis import given, settings, assume, HealthCheck
+from hypothesis import strategies as st
+
+from iac_reverse.generator import CodeGenerator, VariableExtractor, sanitize_identifier
+from iac_reverse.models import (
+    CpuArchitecture,
+    DependencyGraph,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ResourceRelationship,
+    ScanProfile,
+)
+
+
+# ---------------------------------------------------------------------------
+# Hypothesis Strategies
+# ---------------------------------------------------------------------------
+
+provider_type_strategy = st.sampled_from(list(ProviderType))
+platform_category_strategy = st.sampled_from(list(PlatformCategory))
+cpu_architecture_strategy = st.sampled_from(list(CpuArchitecture))
+
+# Strategy for resource names (valid identifiers with some variety)
+resource_name_strategy = st.text(
+    min_size=1,
+    max_size=20,
+    alphabet=st.characters(whitelist_categories=("L", "N"), whitelist_characters="_-"),
+).filter(lambda s: s.strip() != "")
+
+# Strategy for resource types (terraform-style: provider_type)
+resource_type_strategy = st.sampled_from([
+    "kubernetes_deployment",
+    "kubernetes_service",
+    "kubernetes_namespace",
+    "docker_service",
+    "docker_network",
+    "docker_volume",
+    "synology_shared_folder",
+    "synology_volume",
+    "harvester_virtualmachine",
+    "harvester_volume",
+    "bare_metal_hardware",
+    "windows_service",
+    "windows_iis_site",
+])
+
+# Strategy for simple attribute values (strings, ints, bools)
+simple_attr_value_strategy = st.one_of(
+    st.text(min_size=1, max_size=30, alphabet=st.characters(
+        whitelist_categories=("L", "N"), whitelist_characters="_-./: "
+    )).filter(lambda s: s.strip() != ""),
+    st.integers(min_value=0, max_value=10000),
+    st.booleans(),
+)
+
+# Strategy for attribute dictionaries
+attributes_strategy = st.dictionaries(
+    keys=st.text(
+        min_size=1,
+        max_size=15,
+        alphabet=st.characters(whitelist_categories=("L",), whitelist_characters="_"),
+    ).filter(lambda s: s.strip() != "" and s[0].isalpha()),
+    values=simple_attr_value_strategy,
+    min_size=1,
+    max_size=5,
+)
+
+
+def make_resource(
+    unique_id: str,
+    resource_type: str = "kubernetes_deployment",
+    name: str = "my_resource",
+    provider: ProviderType = ProviderType.KUBERNETES,
+    platform_category: PlatformCategory = PlatformCategory.CONTAINER_ORCHESTRATION,
+    architecture: CpuArchitecture = CpuArchitecture.AMD64,
+    attributes: dict | None = None,
+    raw_references: list[str] | None = None,
+) -> DiscoveredResource:
+    """Helper to create a DiscoveredResource with sensible defaults."""
+    return DiscoveredResource(
+        resource_type=resource_type,
+        unique_id=unique_id,
+        name=name,
+        provider=provider,
+        platform_category=platform_category,
+        architecture=architecture,
+        endpoint="https://api.internal.lab:6443",
+        attributes=attributes or {"key": "value"},
+        raw_references=raw_references or [],
+    )
+
+
+def make_dependency_graph(
+    resources: list[DiscoveredResource],
+    relationships: list[ResourceRelationship] | None = None,
+) -> DependencyGraph:
+    """Helper to create a DependencyGraph from resources."""
+    return DependencyGraph(
+        resources=resources,
+        relationships=relationships or [],
+        topological_order=[r.unique_id for r in resources],
+        cycles=[],
+        unresolved_references=[],
+    )
+
+
+@st.composite
+def resource_with_dependency_strategy(draw):
+    """Generate a pair of resources where one depends on the other.
+
+    Returns (resources, relationships) where the first resource references the second.
+    """
+    resource_type_a = draw(resource_type_strategy)
+    resource_type_b = draw(resource_type_strategy)
+    name_a = draw(resource_name_strategy)
+    name_b = draw(resource_name_strategy)
+    arch = draw(cpu_architecture_strategy)
+
+    # Ensure unique IDs are different
+    uid_a = f"ns/{resource_type_a}/{name_a}"
+    uid_b = f"ns/{resource_type_b}/{name_b}"
+    assume(uid_a != uid_b)
+
+    # Resource B is the dependency target
+    resource_b = make_resource(
+        unique_id=uid_b,
+        resource_type=resource_type_b,
+        name=name_b,
+        architecture=arch,
+        attributes={"port": 8080},
+    )
+
+    # Resource A references resource B's unique_id in its attributes
+    resource_a = make_resource(
+        unique_id=uid_a,
+        resource_type=resource_type_a,
+        name=name_a,
+        architecture=arch,
+        attributes={"target_id": uid_b, "replicas": 3},
+        raw_references=[uid_b],
+    )
+
+    relationship = ResourceRelationship(
+        source_id=uid_a,
+        target_id=uid_b,
+        relationship_type="reference",
+        source_attribute="target_id",
+    )
+
+    return [resource_a, resource_b], [relationship]
+
+
+@st.composite
+def multiple_resources_strategy(draw):
+    """Generate a list of resources with distinct types for file organization testing."""
+    num_types = draw(st.integers(min_value=1, max_value=5))
+    types = draw(
+        st.lists(
+            resource_type_strategy,
+            min_size=num_types,
+            max_size=num_types,
+            unique=True,
+        )
+    )
+
+    resources = []
+    for i, rtype in enumerate(types):
+        # Each type gets 1-3 resources
+        num_resources_of_type = draw(st.integers(min_value=1, max_value=3))
+        for j in range(num_resources_of_type):
+            uid = f"{rtype}/instance_{i}_{j}"
+            name = f"res_{i}_{j}"
+            attrs = draw(attributes_strategy)
+            resource = make_resource(
+                unique_id=uid,
+                resource_type=rtype,
+                name=name,
+                attributes=attrs,
+            )
+            resources.append(resource)
+
+    return resources
+
+
+@st.composite
+def resources_with_shared_values_strategy(draw):
+    """Generate resources where at least one attribute value appears in 2+ resources."""
+    shared_key = draw(st.sampled_from(["region", "environment", "zone", "cluster"]))
+    shared_value = draw(st.text(
+        min_size=1,
+        max_size=15,
+        alphabet=st.characters(whitelist_categories=("L", "N"), whitelist_characters="_-"),
+    ).filter(lambda s: s.strip() != ""))
+
+    num_resources = draw(st.integers(min_value=2, max_value=5))
+
+    resources = []
+    for i in range(num_resources):
+        uid = f"resource_{i}"
+        name = f"res_{i}"
+        # All resources share the same key-value pair
+        attrs = {shared_key: shared_value, "name": f"instance_{i}"}
+        resource = make_resource(
+            unique_id=uid,
+            resource_type="kubernetes_deployment",
+            name=name,
+            attributes=attrs,
+        )
+        resources.append(resource)
+
+    return resources, shared_key, shared_value
+
+
+# Strategy for arbitrary strings to test sanitize_identifier
+arbitrary_string_strategy = st.text(min_size=0, max_size=50)
+
+
+# ---------------------------------------------------------------------------
+# Property 10: References in generated output use Terraform syntax
+# ---------------------------------------------------------------------------
+
+
+class TestReferencesUseTerraformSyntax:
+    """Property 10: References in generated output use Terraform syntax.
+
+    **Validates: Requirements 2.2, 3.5**
+
+    For any resource with dependencies, the generated HCL uses Terraform
+    resource references (type.name.id) not hardcoded IDs.
+    """
+
+    @given(data=resource_with_dependency_strategy())
+    @settings(max_examples=100)
+    def test_references_use_terraform_resource_syntax(
+        self, data: tuple[list[DiscoveredResource], list[ResourceRelationship]]
+    ):
+        """Generated HCL uses type.name.id references instead of hardcoded IDs."""
+        resources, relationships = data
+        graph = make_dependency_graph(resources, relationships)
+        profiles: list[ScanProfile] = []
+
+        generator = CodeGenerator()
+        result = generator.generate(graph, profiles)
+
+        # The source resource (resources[0]) references resources[1]
+        target = resources[1]
+        target_tf_name = sanitize_identifier(target.name)
+        expected_ref = f"{target.resource_type}.{target_tf_name}.id"
+
+        # Find the file containing the source resource
+        source = resources[0]
+        source_file = None
+        for f in result.resource_files:
+            if f.filename == f"{source.resource_type}.tf":
+                source_file = f
+                break
+
+        assert source_file is not None, (
+            f"Expected file {source.resource_type}.tf not found"
+        )
+
+        # The generated content should contain the Terraform reference
+        assert expected_ref in source_file.content, (
+            f"Expected Terraform reference '{expected_ref}' not found in output. "
+            f"Content: {source_file.content[:500]}"
+        )
+
+    @given(data=resource_with_dependency_strategy())
+    @settings(max_examples=100)
+    def test_hardcoded_ids_not_present_for_resolved_references(
+        self, data: tuple[list[DiscoveredResource], list[ResourceRelationship]]
+    ):
+        """The target resource's unique_id should not appear as a hardcoded string in the source resource's block."""
+        resources, relationships = data
+        graph = make_dependency_graph(resources, relationships)
+        profiles: list[ScanProfile] = []
+
+        generator = CodeGenerator()
+        result = generator.generate(graph, profiles)
+
+        target = resources[1]
+        source = resources[0]
+
+        # Find the file containing the source resource
+        source_file = None
+        for f in result.resource_files:
+            if f.filename == f"{source.resource_type}.tf":
+                source_file = f
+                break
+
+        assert source_file is not None
+
+        # The hardcoded unique_id of the target should NOT appear as a quoted string
+        hardcoded_pattern = f'"{target.unique_id}"'
+        assert hardcoded_pattern not in source_file.content, (
+            f"Hardcoded ID '{hardcoded_pattern}' should not appear in generated HCL. "
+            f"Should use Terraform reference instead."
+        )
+
+
+# ---------------------------------------------------------------------------
+# Property 11: Generated HCL syntactic validity
+# ---------------------------------------------------------------------------
+
+
+class TestGeneratedHclSyntacticValidity:
+    """Property 11: Generated HCL syntactic validity.
+
+    **Validates: Requirements 3.1**
+
+    For any set of resources, the generated HCL contains valid resource blocks
+    with proper structure (resource keyword, type, name, braces).
+    """
+
+    @given(resources=multiple_resources_strategy())
+    @settings(max_examples=100, suppress_health_check=[HealthCheck.too_slow])
+    def test_generated_hcl_has_valid_resource_blocks(
+        self, resources: list[DiscoveredResource]
+    ):
+        """Each generated file contains properly structured resource blocks."""
+        graph = make_dependency_graph(resources)
+        profiles: list[ScanProfile] = []
+
+        generator = CodeGenerator()
+        result = generator.generate(graph, profiles)
+
+        for gen_file in result.resource_files:
+            content = gen_file.content
+
+            # Each resource block should have the pattern:
+            # resource "type" "name" {
+            resource_block_pattern = re.compile(
+                r'resource\s+"[^"]+"\s+"[^"]+"\s*\{'
+            )
+            blocks_found = resource_block_pattern.findall(content)
+            assert len(blocks_found) == gen_file.resource_count, (
+                f"Expected {gen_file.resource_count} resource blocks in "
+                f"{gen_file.filename}, found {len(blocks_found)}"
+            )
+
+    @given(resources=multiple_resources_strategy())
+    @settings(max_examples=100)
+    def test_generated_hcl_has_balanced_braces(
+        self, resources: list[DiscoveredResource]
+    ):
+        """Generated HCL has balanced opening and closing braces."""
+        graph = make_dependency_graph(resources)
+        profiles: list[ScanProfile] = []
+
+        generator = CodeGenerator()
+        result = generator.generate(graph, profiles)
+
+        for gen_file in result.resource_files:
+            content = gen_file.content
+            open_braces = content.count("{")
+            close_braces = content.count("}")
+            assert open_braces == close_braces, (
+                f"Unbalanced braces in {gen_file.filename}: "
+                f"{open_braces} opening vs {close_braces} closing"
+            )
+
+    @given(resources=multiple_resources_strategy())
+    @settings(max_examples=100)
+    def test_generated_hcl_resource_type_matches_filename(
+        self, resources: list[DiscoveredResource]
+    ):
+        """Each resource block's type matches the file it's in (filename = type.tf)."""
+        graph = make_dependency_graph(resources)
+        profiles: list[ScanProfile] = []
+
+        generator = CodeGenerator()
+        result = generator.generate(graph, profiles)
+
+        for gen_file in result.resource_files:
+            expected_type = gen_file.filename.replace(".tf", "")
+            # All resource blocks in this file should be of the expected type
+            resource_types_in_file = re.findall(
+                r'resource\s+"([^"]+)"', gen_file.content
+            )
+            for rtype in resource_types_in_file:
+                assert rtype == expected_type, (
+                    f"Resource type '{rtype}' found in {gen_file.filename} "
+                    f"but expected only '{expected_type}'"
+                )
+
+
+# ---------------------------------------------------------------------------
+# Property 12: File organization by resource type
+# ---------------------------------------------------------------------------
+
+
+class TestFileOrganizationByResourceType:
+    """Property 12: File organization by resource type.
+
+    **Validates: Requirements 3.2**
+
+    For any set of resources, each resource type gets its own .tf file.
+    """
+
+    @given(resources=multiple_resources_strategy())
+    @settings(max_examples=100)
+    def test_one_file_per_resource_type(
+        self, resources: list[DiscoveredResource]
+    ):
+        """The number of resource files equals the number of distinct resource types."""
+        graph = make_dependency_graph(resources)
+        profiles: list[ScanProfile] = []
+
+        generator = CodeGenerator()
+        result = generator.generate(graph, profiles)
+
+        distinct_types = {r.resource_type for r in resources}
+        assert len(result.resource_files) == len(distinct_types), (
+            f"Expected {len(distinct_types)} files for {len(distinct_types)} "
+            f"distinct types, got {len(result.resource_files)}"
+        )
+
+    @given(resources=multiple_resources_strategy())
+    @settings(max_examples=100)
+    def test_each_file_named_after_resource_type(
+        self, resources: list[DiscoveredResource]
+    ):
+        """Each generated file is named <resource_type>.tf."""
+        graph = make_dependency_graph(resources)
+        profiles: list[ScanProfile] = []
+
+        generator = CodeGenerator()
+        result = generator.generate(graph, profiles)
+
+        distinct_types = {r.resource_type for r in resources}
+        expected_filenames = {f"{rt}.tf" for rt in distinct_types}
+        actual_filenames = {f.filename for f in result.resource_files}
+
+        assert actual_filenames == expected_filenames, (
+            f"Expected filenames {expected_filenames}, got {actual_filenames}"
+        )
+
+    @given(resources=multiple_resources_strategy())
+    @settings(max_examples=100)
+    def test_every_resource_appears_in_exactly_one_file(
+        self, resources: list[DiscoveredResource]
+    ):
+        """Every resource's unique_id appears in exactly one generated file."""
+        graph = make_dependency_graph(resources)
+        profiles: list[ScanProfile] = []
+
+        generator = CodeGenerator()
+        result = generator.generate(graph, profiles)
+
+        for resource in resources:
+            files_containing = [
+                f.filename
+                for f in result.resource_files
+                if resource.unique_id in f.content
+            ]
+            assert len(files_containing) == 1, (
+                f"Resource '{resource.unique_id}' found in {len(files_containing)} "
+                f"files: {files_containing}. Expected exactly 1."
+            )
+
+    @given(resources=multiple_resources_strategy())
+    @settings(max_examples=100)
+    def test_resource_count_per_file_matches(
+        self, resources: list[DiscoveredResource]
+    ):
+        """Each file's resource_count matches the actual number of resources of that type."""
+        graph = make_dependency_graph(resources)
+        profiles: list[ScanProfile] = []
+
+        generator = CodeGenerator()
+        result = generator.generate(graph, profiles)
+
+        # Count resources per type
+        from collections import Counter
+        type_counts = Counter(r.resource_type for r in resources)
+
+        for gen_file in result.resource_files:
+            expected_type = gen_file.filename.replace(".tf", "")
+            assert gen_file.resource_count == type_counts[expected_type], (
+                f"File {gen_file.filename} reports {gen_file.resource_count} resources "
+                f"but expected {type_counts[expected_type]}"
+            )
+
+
+# ---------------------------------------------------------------------------
+# Property 13: Variable extraction for shared values
+# ---------------------------------------------------------------------------
+
+
+class TestVariableExtractionForSharedValues:
+    """Property 13: Variable extraction for shared values.
+
+    **Validates: Requirements 3.3**
+
+    For any set of resources where a value appears in 2+ resources,
+    a variable is extracted.
+    """
+
+    @given(data=resources_with_shared_values_strategy())
+    @settings(max_examples=100)
+    def test_shared_value_produces_extracted_variable(
+        self, data: tuple[list[DiscoveredResource], str, str]
+    ):
+        """A value appearing in 2+ resources results in an extracted variable."""
+        resources, shared_key, shared_value = data
+
+        extractor = VariableExtractor()
+        variables = extractor.extract_variables(resources)
+
+        # There should be at least one variable extracted for the shared key
+        var_names = [v.name for v in variables]
+        # The variable name should contain the shared key
+        matching_vars = [v for v in variables if shared_key in v.name]
+        assert len(matching_vars) >= 1, (
+            f"Expected at least one variable for shared key '{shared_key}', "
+            f"got variables: {var_names}"
+        )
+
+    @given(data=resources_with_shared_values_strategy())
+    @settings(max_examples=100)
+    def test_extracted_variable_has_correct_default(
+        self, data: tuple[list[DiscoveredResource], str, str]
+    ):
+        """The extracted variable's default value matches the shared value."""
+        resources, shared_key, shared_value = data
+
+        extractor = VariableExtractor()
+        variables = extractor.extract_variables(resources)
+
+        matching_vars = [v for v in variables if shared_key in v.name]
+        assert len(matching_vars) >= 1
+
+        # The default should be the shared value (formatted as a string literal)
+        var = matching_vars[0]
+        assert shared_value in var.default_value, (
+            f"Expected default to contain '{shared_value}', got '{var.default_value}'"
+        )
+
+    @given(data=resources_with_shared_values_strategy())
+    @settings(max_examples=100)
+    def test_extracted_variable_tracks_usage(
+        self, data: tuple[list[DiscoveredResource], str, str]
+    ):
+        """The extracted variable's used_by list contains at least 2 resource IDs."""
+        resources, shared_key, shared_value = data
+
+        extractor = VariableExtractor()
+        variables = extractor.extract_variables(resources)
+
+        matching_vars = [v for v in variables if shared_key in v.name]
+        assert len(matching_vars) >= 1
+
+        var = matching_vars[0]
+        assert len(var.used_by) >= 2, (
+            f"Expected variable to be used by 2+ resources, "
+            f"got {len(var.used_by)}: {var.used_by}"
+        )
+
+    @given(data=resources_with_shared_values_strategy())
+    @settings(max_examples=100)
+    def test_extracted_variable_has_type_and_description(
+        self, data: tuple[list[DiscoveredResource], str, str]
+    ):
+        """Each extracted variable has a non-empty type expression and description."""
+        resources, shared_key, shared_value = data
+
+        extractor = VariableExtractor()
+        variables = extractor.extract_variables(resources)
+
+        for var in variables:
+            assert var.type_expr != "", f"Variable '{var.name}' has empty type_expr"
+            assert var.description != "", f"Variable '{var.name}' has empty description"
+
+
+# ---------------------------------------------------------------------------
+# Property 14: Identifier sanitization validity
+# ---------------------------------------------------------------------------
+
+
+class TestIdentifierSanitizationValidity:
+    """Property 14: Identifier sanitization validity.
+
+    **Validates: Requirements 3.4**
+
+    For any input string, sanitize_identifier produces a valid Terraform identifier.
+    """
+
+    TERRAFORM_IDENTIFIER_REGEX = re.compile(r"^[a-zA-Z_][a-zA-Z0-9_]*$")
+
+    @given(name=arbitrary_string_strategy)
+    @settings(max_examples=200)
+    def test_sanitized_identifier_matches_terraform_pattern(self, name: str):
+        """The output always matches ^[a-zA-Z_][a-zA-Z0-9_]*$."""
+        result = sanitize_identifier(name)
+        assert self.TERRAFORM_IDENTIFIER_REGEX.match(result), (
+            f"sanitize_identifier({name!r}) = {result!r} does not match "
+            f"Terraform identifier pattern"
+        )
+
+    @given(name=arbitrary_string_strategy)
+    @settings(max_examples=200)
+    def test_sanitized_identifier_is_non_empty(self, name: str):
+        """The output is always a non-empty string."""
+        result = sanitize_identifier(name)
+        assert len(result) > 0, (
+            f"sanitize_identifier({name!r}) produced empty string"
+        )
+
+    @given(name=st.text(min_size=1, max_size=30, alphabet="0123456789"))
+    @settings(max_examples=100)
+    def test_digit_only_input_produces_valid_identifier(self, name: str):
+        """Input consisting only of digits still produces a valid identifier."""
+        result = sanitize_identifier(name)
+        assert self.TERRAFORM_IDENTIFIER_REGEX.match(result), (
+            f"sanitize_identifier({name!r}) = {result!r} is not valid for digit-only input"
+        )
+        # Must not start with a digit
+        assert not result[0].isdigit(), (
+            f"sanitize_identifier({name!r}) = {result!r} starts with a digit"
+        )
+
+    @given(name=st.text(
+        min_size=1,
+        max_size=30,
+        alphabet=st.characters(whitelist_categories=("L", "N"), whitelist_characters="_"),
+    ).filter(lambda s: s[0].isalpha() or s[0] == "_"))
+    @settings(max_examples=100)
+    def test_already_valid_identifiers_are_preserved_or_simplified(self, name: str):
+        """Input that is already a valid identifier produces a valid result."""
+        result = sanitize_identifier(name)
+        assert self.TERRAFORM_IDENTIFIER_REGEX.match(result), (
+            f"sanitize_identifier({name!r}) = {result!r} is not valid"
+        )
+
+
+# ---------------------------------------------------------------------------
+# Property 15: Traceability comments in generated code
+# ---------------------------------------------------------------------------
+
+
+class TestTraceabilityCommentsInGeneratedCode:
+    """Property 15: Traceability comments in generated code.
+
+    **Validates: Requirements 3.6**
+
+    For any resource, the generated HCL includes a comment with the original unique_id.
+    """
+
+    @given(resources=multiple_resources_strategy())
+    @settings(max_examples=100)
+    def test_each_resource_has_traceability_comment(
+        self, resources: list[DiscoveredResource]
+    ):
+        """Every resource's unique_id appears in a comment in the generated output."""
+        graph = make_dependency_graph(resources)
+        profiles: list[ScanProfile] = []
+
+        generator = CodeGenerator()
+        result = generator.generate(graph, profiles)
+
+        # Collect all generated content
+        all_content = "\n".join(f.content for f in result.resource_files)
+
+        for resource in resources:
+            # The unique_id should appear in a comment line
+            comment_pattern = f"# Source: {resource.unique_id}"
+            assert comment_pattern in all_content, (
+                f"Traceability comment for resource '{resource.unique_id}' "
+                f"not found in generated output"
+            )
+
+    @given(resources=multiple_resources_strategy())
+    @settings(max_examples=100)
+    def test_traceability_comment_precedes_resource_block(
+        self, resources: list[DiscoveredResource]
+    ):
+        """The traceability comment appears before its corresponding resource block."""
+        graph = make_dependency_graph(resources)
+        profiles: list[ScanProfile] = []
+
+        generator = CodeGenerator()
+        result = generator.generate(graph, profiles)
+
+        for resource in resources:
+            # Find the file containing this resource
+            target_file = None
+            for f in result.resource_files:
+                if resource.unique_id in f.content:
+                    target_file = f
+                    break
+
+            assert target_file is not None
+
+            content = target_file.content
+            comment_pos = content.find(f"# Source: {resource.unique_id}")
+            tf_name = sanitize_identifier(resource.name)
+            block_pattern = f'resource "{resource.resource_type}" "{tf_name}"'
+            block_pos = content.find(block_pattern, comment_pos)
+
+            assert comment_pos < block_pos, (
+                f"Comment for '{resource.unique_id}' (pos {comment_pos}) "
+                f"should precede resource block (pos {block_pos})"
+            )
diff --git a/tests/property/test_dependency_resolver_prop.py b/tests/property/test_dependency_resolver_prop.py
new file mode 100644
index 0000000..885d39c
--- /dev/null
+++ b/tests/property/test_dependency_resolver_prop.py
@@ -0,0 +1,565 @@
+"""Property-based tests for the Dependency Resolver.
+
+**Validates: Requirements 2.1, 2.3, 2.4, 2.5**
+
+Properties tested:
+- Property 6: Dependency relationship identification
+- Property 7: Cycle detection correctness
+- Property 8: Topological order validity
+- Property 9: Unresolved references become data sources or variables
+"""
+
+from hypothesis import given, settings, assume
+from hypothesis import strategies as st
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    DependencyGraph,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ResourceRelationship,
+    ScanResult,
+    UnresolvedReference,
+)
+from iac_reverse.resolver import DependencyResolver
+
+
+# ---------------------------------------------------------------------------
+# Hypothesis Strategies
+# ---------------------------------------------------------------------------
+
+provider_type_strategy = st.sampled_from(list(ProviderType))
+platform_category_strategy = st.sampled_from(list(PlatformCategory))
+cpu_architecture_strategy = st.sampled_from(list(CpuArchitecture))
+
+# Strategy for generating valid resource IDs
+resource_id_strategy = st.text(
+    min_size=3,
+    max_size=50,
+    alphabet=st.characters(whitelist_categories=("L", "N"), whitelist_characters="_-/"),
+).filter(lambda s: s.strip() != "" and len(s) >= 3)
+
+# Strategy for resource names
+resource_name_strategy = st.text(
+    min_size=1,
+    max_size=30,
+    alphabet=st.characters(whitelist_categories=("L", "N"), whitelist_characters="_-"),
+).filter(lambda s: s.strip() != "")
+
+# Strategy for resource types (simple identifiers)
+resource_type_strategy = st.text(
+    min_size=3,
+    max_size=40,
+    alphabet=st.characters(whitelist_categories=("L", "N"), whitelist_characters="_"),
+).filter(lambda s: s.strip() != "" and len(s) >= 3)
+
+# Strategy for endpoint strings
+endpoint_strategy = st.text(
+    min_size=5,
+    max_size=50,
+    alphabet=st.characters(whitelist_categories=("L", "N"), whitelist_characters=".-:/"),
+).filter(lambda s: s.strip() != "")
+
+
+def make_resource(
+    unique_id: str,
+    resource_type: str = "generic_resource",
+    name: str = "resource",
+    raw_references: list[str] | None = None,
+    attributes: dict | None = None,
+) -> DiscoveredResource:
+    """Helper to create a DiscoveredResource with sensible defaults."""
+    return DiscoveredResource(
+        resource_type=resource_type,
+        unique_id=unique_id,
+        name=name,
+        provider=ProviderType.KUBERNETES,
+        platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+        architecture=CpuArchitecture.AMD64,
+        endpoint="https://api.internal.lab:6443",
+        attributes=attributes or {"key": "value"},
+        raw_references=raw_references or [],
+    )
+
+
+def make_scan_result(resources: list[DiscoveredResource]) -> ScanResult:
+    """Helper to create a ScanResult from a list of resources."""
+    return ScanResult(
+        resources=resources,
+        warnings=[],
+        errors=[],
+        scan_timestamp="2024-01-15T10:30:00Z",
+        profile_hash="test_hash",
+        is_partial=False,
+    )
+
+
+# Strategy to generate a list of resources with unique IDs and controlled references
+@st.composite
+def acyclic_resource_graph_strategy(draw):
+    """Generate a set of resources forming an acyclic dependency graph.
+
+    Resources are created in order, and each resource can only reference
+    resources that were created before it (ensuring no cycles).
+    """
+    num_resources = draw(st.integers(min_value=2, max_value=8))
+
+    resources = []
+    ids = []
+    for i in range(num_resources):
+        uid = f"resource_{i}"
+        ids.append(uid)
+
+        # Each resource can only reference earlier resources (ensures acyclic)
+        if i > 0:
+            num_refs = draw(st.integers(min_value=0, max_value=min(i, 3)))
+            refs = draw(
+                st.lists(
+                    st.sampled_from(ids[:i]),
+                    min_size=num_refs,
+                    max_size=num_refs,
+                    unique=True,
+                )
+            )
+        else:
+            refs = []
+
+        resource = make_resource(
+            unique_id=uid,
+            name=f"res_{i}",
+            raw_references=refs,
+        )
+        resources.append(resource)
+
+    return resources
+
+
+@st.composite
+def cyclic_resource_graph_strategy(draw):
+    """Generate a set of resources that contain at least one cycle.
+
+    Creates a base set of resources and then adds references to form a cycle.
+    """
+    num_resources = draw(st.integers(min_value=2, max_value=6))
+
+    resources = []
+    ids = []
+    for i in range(num_resources):
+        uid = f"resource_{i}"
+        ids.append(uid)
+        resource = make_resource(
+            unique_id=uid,
+            name=f"res_{i}",
+            raw_references=[],
+        )
+        resources.append(resource)
+
+    # Create a cycle: pick a subset of at least 2 resources and form a ring
+    cycle_size = draw(st.integers(min_value=2, max_value=num_resources))
+    cycle_indices = draw(
+        st.lists(
+            st.sampled_from(list(range(num_resources))),
+            min_size=cycle_size,
+            max_size=cycle_size,
+            unique=True,
+        )
+    )
+
+    # Form a ring: each resource in the cycle references the next one
+    for j in range(len(cycle_indices)):
+        src_idx = cycle_indices[j]
+        tgt_idx = cycle_indices[(j + 1) % len(cycle_indices)]
+        target_id = ids[tgt_idx]
+        if target_id not in resources[src_idx].raw_references:
+            resources[src_idx].raw_references.append(target_id)
+
+    return resources
+
+
+@st.composite
+def resources_with_unresolved_refs_strategy(draw):
+    """Generate resources where some raw_references point to IDs not in the inventory."""
+    num_resources = draw(st.integers(min_value=1, max_value=5))
+
+    resources = []
+    ids = []
+    for i in range(num_resources):
+        uid = f"resource_{i}"
+        ids.append(uid)
+
+    # Generate unresolved reference IDs (not in the inventory)
+    num_unresolved = draw(st.integers(min_value=1, max_value=4))
+    unresolved_ids = []
+    for i in range(num_unresolved):
+        # Mix of IDs with "/" (should suggest data_source) and without (should suggest variable)
+        if draw(st.booleans()):
+            unresolved_id = f"external/resource/{i}"
+        else:
+            unresolved_id = f"external_var_{i}"
+        unresolved_ids.append(unresolved_id)
+
+    # Create resources, some referencing unresolved IDs
+    for i in range(num_resources):
+        # Pick some unresolved refs for this resource
+        num_ext_refs = draw(st.integers(min_value=0, max_value=min(num_unresolved, 2)))
+        ext_refs = draw(
+            st.lists(
+                st.sampled_from(unresolved_ids),
+                min_size=num_ext_refs,
+                max_size=num_ext_refs,
+                unique=True,
+            )
+        )
+
+        resource = make_resource(
+            unique_id=ids[i],
+            name=f"res_{i}",
+            raw_references=ext_refs,
+        )
+        resources.append(resource)
+
+    return resources, unresolved_ids
+
+
+# ---------------------------------------------------------------------------
+# Property 6: Dependency relationship identification
+# ---------------------------------------------------------------------------
+
+
+class TestDependencyRelationshipIdentification:
+    """Property 6: Dependency relationship identification.
+
+    **Validates: Requirements 2.1**
+
+    For any resource with raw_references pointing to other resources in the
+    inventory, the resolver SHALL create a ResourceRelationship for each
+    resolved reference.
+    """
+
+    @given(resources=acyclic_resource_graph_strategy())
+    @settings(max_examples=100)
+    def test_relationship_created_for_each_resolved_reference(
+        self, resources: list[DiscoveredResource]
+    ):
+        """For each raw_reference pointing to a known resource, a relationship is created."""
+        scan_result = make_scan_result(resources)
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        # Count expected relationships: each raw_reference that points to a resource in inventory
+        resource_ids = {r.unique_id for r in resources}
+        expected_relationships = 0
+        for resource in resources:
+            for ref in resource.raw_references:
+                if ref in resource_ids:
+                    expected_relationships += 1
+
+        assert len(graph.relationships) == expected_relationships
+
+    @given(resources=acyclic_resource_graph_strategy())
+    @settings(max_examples=100)
+    def test_relationship_source_and_target_are_correct(
+        self, resources: list[DiscoveredResource]
+    ):
+        """Each relationship has source_id as the referencing resource and target_id as the referenced."""
+        scan_result = make_scan_result(resources)
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        resource_ids = {r.unique_id for r in resources}
+
+        for rel in graph.relationships:
+            # source_id is the resource that holds the reference
+            assert rel.source_id in resource_ids
+            # target_id is the resource being referenced
+            assert rel.target_id in resource_ids
+
+    @given(resources=acyclic_resource_graph_strategy())
+    @settings(max_examples=100)
+    def test_relationship_type_is_valid(
+        self, resources: list[DiscoveredResource]
+    ):
+        """Each relationship has a valid relationship_type."""
+        scan_result = make_scan_result(resources)
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        valid_types = {"parent-child", "reference", "dependency"}
+        for rel in graph.relationships:
+            assert rel.relationship_type in valid_types
+
+    @given(resources=acyclic_resource_graph_strategy())
+    @settings(max_examples=100)
+    def test_relationship_source_attribute_is_non_empty(
+        self, resources: list[DiscoveredResource]
+    ):
+        """Each relationship has a non-empty source_attribute."""
+        scan_result = make_scan_result(resources)
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        for rel in graph.relationships:
+            assert isinstance(rel.source_attribute, str)
+            assert len(rel.source_attribute) > 0
+
+
+# ---------------------------------------------------------------------------
+# Property 7: Cycle detection correctness
+# ---------------------------------------------------------------------------
+
+
+class TestCycleDetectionCorrectness:
+    """Property 7: Cycle detection correctness.
+
+    **Validates: Requirements 2.3**
+
+    For any graph containing a cycle, the resolver SHALL detect and report it
+    in the cycles list. For any acyclic dependency graph, the resolver SHALL
+    report zero cycles.
+    """
+
+    @given(resources=acyclic_resource_graph_strategy())
+    @settings(max_examples=100)
+    def test_acyclic_graph_reports_zero_cycles(
+        self, resources: list[DiscoveredResource]
+    ):
+        """An acyclic graph should have no cycles reported."""
+        scan_result = make_scan_result(resources)
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.cycles) == 0
+
+    @given(resources=cyclic_resource_graph_strategy())
+    @settings(max_examples=100)
+    def test_cyclic_graph_reports_at_least_one_cycle(
+        self, resources: list[DiscoveredResource]
+    ):
+        """A graph with a cycle should have at least one cycle reported."""
+        scan_result = make_scan_result(resources)
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.cycles) >= 1
+
+    @given(resources=cyclic_resource_graph_strategy())
+    @settings(max_examples=100)
+    def test_cycle_contains_valid_resource_ids(
+        self, resources: list[DiscoveredResource]
+    ):
+        """Each reported cycle contains only valid resource IDs from the inventory."""
+        scan_result = make_scan_result(resources)
+        resource_ids = {r.unique_id for r in resources}
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        for cycle in graph.cycles:
+            assert len(cycle) >= 2, "A cycle must involve at least 2 resources"
+            for resource_id in cycle:
+                assert resource_id in resource_ids
+
+    @given(resources=cyclic_resource_graph_strategy())
+    @settings(max_examples=100)
+    def test_cycle_reports_have_resolution_suggestions(
+        self, resources: list[DiscoveredResource]
+    ):
+        """Each cycle report includes a suggested break edge and resolution strategy."""
+        scan_result = make_scan_result(resources)
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        for report in graph.cycle_reports:
+            assert report.suggested_break is not None
+            assert len(report.suggested_break) == 2
+            assert report.break_relationship_type in {"parent-child", "reference", "dependency"}
+            assert isinstance(report.resolution_strategy, str)
+            assert len(report.resolution_strategy) > 0
+
+
+# ---------------------------------------------------------------------------
+# Property 8: Topological order validity
+# ---------------------------------------------------------------------------
+
+
+class TestTopologicalOrderValidity:
+    """Property 8: Topological order validity.
+
+    **Validates: Requirements 2.4**
+
+    For any acyclic dependency graph, no resource SHALL appear before any
+    resource it depends on in the topological order.
+    """
+
+    @given(resources=acyclic_resource_graph_strategy())
+    @settings(max_examples=100)
+    def test_topological_order_contains_all_resources(
+        self, resources: list[DiscoveredResource]
+    ):
+        """The topological order must contain all resource IDs."""
+        scan_result = make_scan_result(resources)
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        resource_ids = {r.unique_id for r in resources}
+        assert set(graph.topological_order) == resource_ids
+
+    @given(resources=acyclic_resource_graph_strategy())
+    @settings(max_examples=100)
+    def test_dependencies_appear_before_dependents(
+        self, resources: list[DiscoveredResource]
+    ):
+        """For every dependency edge (A depends on B), B appears before A in topological order.
+
+        In the resolver, if resource A has B in raw_references, then A depends on B,
+        meaning B must appear before A in the topological order.
+        """
+        scan_result = make_scan_result(resources)
+        resource_ids = {r.unique_id for r in resources}
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        # Build position map
+        position = {rid: idx for idx, rid in enumerate(graph.topological_order)}
+
+        # For each resource, its referenced resources (that are in inventory) must come before it
+        for resource in resources:
+            for ref_id in resource.raw_references:
+                if ref_id in resource_ids:
+                    assert position[ref_id] < position[resource.unique_id], (
+                        f"Resource '{ref_id}' (dependency) should appear before "
+                        f"'{resource.unique_id}' (dependent) in topological order"
+                    )
+
+    @given(resources=acyclic_resource_graph_strategy())
+    @settings(max_examples=100)
+    def test_topological_order_has_no_duplicates(
+        self, resources: list[DiscoveredResource]
+    ):
+        """The topological order must not contain duplicate entries."""
+        scan_result = make_scan_result(resources)
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.topological_order) == len(set(graph.topological_order))
+
+
+# ---------------------------------------------------------------------------
+# Property 9: Unresolved references become data sources or variables
+# ---------------------------------------------------------------------------
+
+
+class TestUnresolvedReferences:
+    """Property 9: Unresolved references become data sources or variables.
+
+    **Validates: Requirements 2.5**
+
+    For any raw_reference pointing to an ID not in the inventory, the resolver
+    SHALL create an UnresolvedReference with suggested_resolution of either
+    "data_source" or "variable".
+    """
+
+    @given(data=resources_with_unresolved_refs_strategy())
+    @settings(max_examples=100)
+    def test_unresolved_references_are_tracked(
+        self, data: tuple[list[DiscoveredResource], list[str]]
+    ):
+        """Each reference to an ID not in inventory creates an UnresolvedReference."""
+        resources, unresolved_ids = data
+        scan_result = make_scan_result(resources)
+        resource_ids = {r.unique_id for r in resources}
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        # Count expected unresolved references
+        expected_unresolved = 0
+        for resource in resources:
+            for ref in resource.raw_references:
+                if ref not in resource_ids:
+                    expected_unresolved += 1
+
+        assert len(graph.unresolved_references) == expected_unresolved
+
+    @given(data=resources_with_unresolved_refs_strategy())
+    @settings(max_examples=100)
+    def test_unresolved_references_suggest_data_source_or_variable(
+        self, data: tuple[list[DiscoveredResource], list[str]]
+    ):
+        """Each UnresolvedReference has suggested_resolution of 'data_source' or 'variable'."""
+        resources, _ = data
+        scan_result = make_scan_result(resources)
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        for unresolved in graph.unresolved_references:
+            assert unresolved.suggested_resolution in {"data_source", "variable"}, (
+                f"Expected 'data_source' or 'variable', got '{unresolved.suggested_resolution}'"
+            )
+
+    @given(data=resources_with_unresolved_refs_strategy())
+    @settings(max_examples=100)
+    def test_unresolved_references_have_valid_source_resource(
+        self, data: tuple[list[DiscoveredResource], list[str]]
+    ):
+        """Each UnresolvedReference has a source_resource_id that exists in the inventory."""
+        resources, _ = data
+        scan_result = make_scan_result(resources)
+        resource_ids = {r.unique_id for r in resources}
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        for unresolved in graph.unresolved_references:
+            assert unresolved.source_resource_id in resource_ids
+
+    @given(data=resources_with_unresolved_refs_strategy())
+    @settings(max_examples=100)
+    def test_unresolved_references_have_non_empty_fields(
+        self, data: tuple[list[DiscoveredResource], list[str]]
+    ):
+        """Each UnresolvedReference has non-empty source_attribute and referenced_id."""
+        resources, _ = data
+        scan_result = make_scan_result(resources)
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        for unresolved in graph.unresolved_references:
+            assert isinstance(unresolved.source_attribute, str)
+            assert len(unresolved.source_attribute) > 0
+            assert isinstance(unresolved.referenced_id, str)
+            assert len(unresolved.referenced_id) > 0
+
+    @given(data=resources_with_unresolved_refs_strategy())
+    @settings(max_examples=100)
+    def test_ids_with_slash_or_colon_suggest_data_source(
+        self, data: tuple[list[DiscoveredResource], list[str]]
+    ):
+        """References containing '/' or ':' should suggest 'data_source' resolution."""
+        resources, _ = data
+        scan_result = make_scan_result(resources)
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        for unresolved in graph.unresolved_references:
+            if "/" in unresolved.referenced_id or ":" in unresolved.referenced_id:
+                assert unresolved.suggested_resolution == "data_source", (
+                    f"Reference '{unresolved.referenced_id}' contains '/' or ':' "
+                    f"and should suggest 'data_source', got '{unresolved.suggested_resolution}'"
+                )
+
+    @given(data=resources_with_unresolved_refs_strategy())
+    @settings(max_examples=100)
+    def test_ids_without_slash_or_colon_suggest_variable(
+        self, data: tuple[list[DiscoveredResource], list[str]]
+    ):
+        """References without '/' or ':' should suggest 'variable' resolution."""
+        resources, _ = data
+        scan_result = make_scan_result(resources)
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        for unresolved in graph.unresolved_references:
+            if "/" not in unresolved.referenced_id and ":" not in unresolved.referenced_id:
+                assert unresolved.suggested_resolution == "variable", (
+                    f"Reference '{unresolved.referenced_id}' has no '/' or ':' "
+                    f"and should suggest 'variable', got '{unresolved.suggested_resolution}'"
+                )
diff --git a/tests/property/test_drift_report_prop.py b/tests/property/test_drift_report_prop.py
new file mode 100644
index 0000000..7c73b94
--- /dev/null
+++ b/tests/property/test_drift_report_prop.py
@@ -0,0 +1,308 @@
+"""Property-based tests for drift report correctness.
+
+**Validates: Requirements 7.3**
+
+Properties tested:
+- Property 22: Drift report correctness — For any terraform plan output
+  containing planned changes, the Validator SHALL report each change with
+  the correct resource address and change type (add, modify, destroy).
+"""
+
+import json
+import tempfile
+from unittest.mock import MagicMock, patch
+
+from hypothesis import given, settings, assume
+from hypothesis import strategies as st
+
+from iac_reverse.models import PlannedChange, ValidationResult
+from iac_reverse.validator import Validator
+
+
+# ---------------------------------------------------------------------------
+# Hypothesis Strategies
+# ---------------------------------------------------------------------------
+
+# Terraform action types that map to our change types
+TERRAFORM_ACTIONS = ["create", "update", "delete"]
+
+# Expected mapping from terraform actions to our change types
+ACTION_TO_CHANGE_TYPE = {
+    "create": "add",
+    "update": "modify",
+    "delete": "destroy",
+}
+
+# Strategy for valid terraform resource addresses
+# Format: <resource_type>.<resource_name> or <module>.<resource_type>.<name>
+resource_type_prefix_strategy = st.sampled_from([
+    "aws_instance",
+    "kubernetes_deployment",
+    "docker_service",
+    "harvester_virtualmachine",
+    "synology_shared_folder",
+    "windows_service",
+    "bare_metal_hardware",
+    "null_resource",
+    "local_file",
+    "random_id",
+])
+
+resource_name_suffix_strategy = st.text(
+    min_size=1,
+    max_size=20,
+    alphabet=st.characters(whitelist_categories=("Ll",), whitelist_characters="_"),
+).filter(lambda s: s[0].isalpha() or s[0] == "_")
+
+
+@st.composite
+def resource_address_strategy(draw):
+    """Generate a valid terraform resource address like 'aws_instance.my_server'."""
+    prefix = draw(resource_type_prefix_strategy)
+    suffix = draw(resource_name_suffix_strategy)
+    # Optionally add a module prefix
+    use_module = draw(st.booleans())
+    if use_module:
+        module_name = draw(st.text(
+            min_size=1,
+            max_size=10,
+            alphabet=st.characters(whitelist_categories=("Ll",), whitelist_characters="_"),
+        ).filter(lambda s: s[0].isalpha()))
+        return f"module.{module_name}.{prefix}.{suffix}"
+    return f"{prefix}.{suffix}"
+
+
+terraform_action_strategy = st.sampled_from(TERRAFORM_ACTIONS)
+
+
+@st.composite
+def planned_change_entry_strategy(draw):
+    """Generate a single planned change entry as it appears in terraform plan JSON output."""
+    addr = draw(resource_address_strategy())
+    action = draw(terraform_action_strategy)
+    return (addr, action)
+
+
+@st.composite
+def planned_changes_list_strategy(draw):
+    """Generate a list of planned changes with unique resource addresses."""
+    num_changes = draw(st.integers(min_value=1, max_value=10))
+    changes = []
+    seen_addrs = set()
+
+    for _ in range(num_changes):
+        entry = draw(planned_change_entry_strategy())
+        addr, action = entry
+        # Ensure unique addresses
+        if addr in seen_addrs:
+            continue
+        seen_addrs.add(addr)
+        changes.append((addr, action))
+
+    assume(len(changes) >= 1)
+    return changes
+
+
+# ---------------------------------------------------------------------------
+# Helpers
+# ---------------------------------------------------------------------------
+
+VALIDATE_SUCCESS_JSON = json.dumps(
+    {"valid": True, "error_count": 0, "diagnostics": []}
+)
+
+
+def _make_completed_process(returncode=0, stdout="", stderr=""):
+    """Create a mock CompletedProcess-like object."""
+    mock = MagicMock()
+    mock.returncode = returncode
+    mock.stdout = stdout
+    mock.stderr = stderr
+    return mock
+
+
+def build_plan_output(changes: list[tuple[str, str]]) -> str:
+    """Build terraform plan JSON streaming output from a list of (addr, action) tuples."""
+    lines = [json.dumps({"type": "version", "terraform": "1.7.0"})]
+
+    for addr, action in changes:
+        lines.append(
+            json.dumps(
+                {
+                    "type": "planned_change",
+                    "change": {
+                        "resource": {"addr": addr},
+                        "action": action,
+                    },
+                }
+            )
+        )
+
+    # Add change_summary
+    total_add = sum(1 for _, a in changes if a == "create")
+    total_change = sum(1 for _, a in changes if a == "update")
+    total_remove = sum(1 for _, a in changes if a == "delete")
+    lines.append(
+        json.dumps(
+            {
+                "type": "change_summary",
+                "changes": {
+                    "add": total_add,
+                    "change": total_change,
+                    "remove": total_remove,
+                },
+            }
+        )
+    )
+
+    return "\n".join(lines)
+
+
+def run_validator_with_plan(plan_output: str) -> ValidationResult:
+    """Run the Validator with mocked subprocess calls, returning the result."""
+    init_result = _make_completed_process(returncode=0)
+    validate_result = _make_completed_process(
+        returncode=0, stdout=VALIDATE_SUCCESS_JSON
+    )
+    plan_result = _make_completed_process(returncode=2, stdout=plan_output)
+
+    with tempfile.TemporaryDirectory() as tmp_dir:
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[init_result, validate_result, plan_result],
+        ):
+            validator = Validator()
+            return validator.validate(tmp_dir)
+
+
+# ---------------------------------------------------------------------------
+# Property 22: Drift report correctness
+# ---------------------------------------------------------------------------
+
+
+class TestDriftReportCorrectness:
+    """Property 22: Drift report correctness.
+
+    **Validates: Requirements 7.3**
+
+    For any terraform plan output containing N planned changes, the drift
+    report SHALL list exactly N entries, each with the correct resource
+    address and change type (add, modify, or destroy).
+    """
+
+    @given(changes=planned_changes_list_strategy())
+    @settings(max_examples=100)
+    def test_drift_report_count_matches_planned_changes(
+        self, changes: list[tuple[str, str]]
+    ):
+        """The number of reported planned changes equals the number in the plan output."""
+        plan_output = build_plan_output(changes)
+        result = run_validator_with_plan(plan_output)
+
+        assert len(result.planned_changes) == len(changes), (
+            f"Expected {len(changes)} planned changes, "
+            f"got {len(result.planned_changes)}. "
+            f"Input changes: {changes}"
+        )
+
+    @given(changes=planned_changes_list_strategy())
+    @settings(max_examples=100)
+    def test_drift_report_resource_addresses_match(
+        self, changes: list[tuple[str, str]]
+    ):
+        """Each reported change has the correct resource address from the plan."""
+        plan_output = build_plan_output(changes)
+        result = run_validator_with_plan(plan_output)
+
+        expected_addrs = {addr for addr, _ in changes}
+        actual_addrs = {c.resource_address for c in result.planned_changes}
+
+        assert actual_addrs == expected_addrs, (
+            f"Resource address mismatch.\n"
+            f"Expected: {sorted(expected_addrs)}\n"
+            f"Actual: {sorted(actual_addrs)}"
+        )
+
+    @given(changes=planned_changes_list_strategy())
+    @settings(max_examples=100)
+    def test_drift_report_change_types_correct(
+        self, changes: list[tuple[str, str]]
+    ):
+        """Each reported change has the correct change type mapping."""
+        plan_output = build_plan_output(changes)
+        result = run_validator_with_plan(plan_output)
+
+        # Build expected mapping: addr -> change_type
+        expected_map = {
+            addr: ACTION_TO_CHANGE_TYPE[action] for addr, action in changes
+        }
+
+        for planned_change in result.planned_changes:
+            addr = planned_change.resource_address
+            assert addr in expected_map, (
+                f"Unexpected resource address '{addr}' in planned changes"
+            )
+            expected_type = expected_map[addr]
+            assert planned_change.change_type == expected_type, (
+                f"For resource '{addr}': expected change_type='{expected_type}', "
+                f"got '{planned_change.change_type}'"
+            )
+
+    @given(changes=planned_changes_list_strategy())
+    @settings(max_examples=100)
+    def test_drift_report_plan_success_is_false(
+        self, changes: list[tuple[str, str]]
+    ):
+        """When there are planned changes, plan_success is always False."""
+        plan_output = build_plan_output(changes)
+        result = run_validator_with_plan(plan_output)
+
+        assert result.plan_success is False, (
+            f"plan_success should be False when there are {len(changes)} "
+            f"planned changes, but got True"
+        )
+
+    @given(changes=planned_changes_list_strategy())
+    @settings(max_examples=100)
+    def test_drift_report_each_change_is_planned_change_instance(
+        self, changes: list[tuple[str, str]]
+    ):
+        """Each entry in the drift report is a PlannedChange instance."""
+        plan_output = build_plan_output(changes)
+        result = run_validator_with_plan(plan_output)
+
+        for i, change in enumerate(result.planned_changes):
+            assert isinstance(change, PlannedChange), (
+                f"Entry {i} is {type(change).__name__}, expected PlannedChange"
+            )
+
+    @given(changes=planned_changes_list_strategy())
+    @settings(max_examples=100)
+    def test_drift_report_change_type_in_valid_set(
+        self, changes: list[tuple[str, str]]
+    ):
+        """Every reported change_type is one of 'add', 'modify', or 'destroy'."""
+        plan_output = build_plan_output(changes)
+        result = run_validator_with_plan(plan_output)
+
+        valid_types = {"add", "modify", "destroy"}
+        for change in result.planned_changes:
+            assert change.change_type in valid_types, (
+                f"Invalid change_type '{change.change_type}' for resource "
+                f"'{change.resource_address}'. Must be one of {valid_types}"
+            )
+
+    @given(changes=planned_changes_list_strategy())
+    @settings(max_examples=100)
+    def test_drift_report_no_duplicate_addresses(
+        self, changes: list[tuple[str, str]]
+    ):
+        """No resource address appears more than once in the drift report."""
+        plan_output = build_plan_output(changes)
+        result = run_validator_with_plan(plan_output)
+
+        addresses = [c.resource_address for c in result.planned_changes]
+        assert len(addresses) == len(set(addresses)), (
+            f"Duplicate resource addresses found in drift report: "
+            f"{[a for a in addresses if addresses.count(a) > 1]}"
+        )
diff --git a/tests/property/test_incremental_scan_prop.py b/tests/property/test_incremental_scan_prop.py
new file mode 100644
index 0000000..e63fdb0
--- /dev/null
+++ b/tests/property/test_incremental_scan_prop.py
@@ -0,0 +1,790 @@
+"""Property-based tests for Incremental Scan Engine.
+
+**Validates: Requirements 8.1, 8.2, 8.3, 8.5, 8.6**
+
+Properties tested:
+- Property 23: Change classification correctness
+- Property 24: Incremental update scope
+- Property 25: Removed resource exclusion
+- Property 26: Snapshot retention
+"""
+
+import json
+import tempfile
+from pathlib import Path
+
+from hypothesis import given, settings, assume
+from hypothesis import strategies as st
+
+from iac_reverse.incremental import ChangeDetector, IncrementalUpdater, SnapshotStore
+from iac_reverse.models import (
+    ChangeSummary,
+    ChangeType,
+    CpuArchitecture,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ResourceChange,
+    ScanResult,
+)
+
+
+# ---------------------------------------------------------------------------
+# Hypothesis Strategies
+# ---------------------------------------------------------------------------
+
+provider_strategy = st.sampled_from(list(ProviderType))
+platform_strategy = st.sampled_from(list(PlatformCategory))
+architecture_strategy = st.sampled_from(list(CpuArchitecture))
+
+# Simple attribute values for resources
+attribute_value_strategy = st.one_of(
+    st.text(min_size=1, max_size=20, alphabet="abcdefghijklmnopqrstuvwxyz0123456789"),
+    st.integers(min_value=0, max_value=1000),
+    st.booleans(),
+)
+
+attributes_strategy = st.dictionaries(
+    keys=st.text(min_size=1, max_size=10, alphabet="abcdefghijklmnopqrstuvwxyz_"),
+    values=attribute_value_strategy,
+    min_size=1,
+    max_size=5,
+)
+
+# Resource name strategy (valid identifiers)
+resource_name_strategy = st.text(
+    min_size=1,
+    max_size=15,
+    alphabet="abcdefghijklmnopqrstuvwxyz_",
+).filter(lambda s: s[0].isalpha())
+
+# Resource type strategy
+resource_type_strategy = st.sampled_from([
+    "docker_service",
+    "kubernetes_deployment",
+    "synology_shared_folder",
+    "harvester_virtualmachine",
+    "bare_metal_hardware",
+    "windows_service",
+])
+
+
+@st.composite
+def discovered_resource_strategy(draw, uid=None):
+    """Generate a DiscoveredResource with valid fields."""
+    resource_type = draw(resource_type_strategy)
+    unique_id = uid or draw(st.text(
+        min_size=5, max_size=30,
+        alphabet="abcdefghijklmnopqrstuvwxyz0123456789_-/",
+    ).filter(lambda s: s[0].isalpha()))
+    name = draw(resource_name_strategy)
+    provider = draw(provider_strategy)
+    platform = draw(platform_strategy)
+    arch = draw(architecture_strategy)
+    endpoint = draw(st.text(min_size=3, max_size=20, alphabet="abcdefghijklmnopqrstuvwxyz."))
+    attributes = draw(attributes_strategy)
+
+    return DiscoveredResource(
+        resource_type=resource_type,
+        unique_id=unique_id,
+        name=name,
+        provider=provider,
+        platform_category=platform,
+        architecture=arch,
+        endpoint=endpoint,
+        attributes=attributes,
+        raw_references=[],
+    )
+
+
+@st.composite
+def scan_result_strategy(draw, min_resources=0, max_resources=8):
+    """Generate a ScanResult with unique resource IDs."""
+    num_resources = draw(st.integers(min_value=min_resources, max_value=max_resources))
+    resources = []
+    seen_ids = set()
+
+    for i in range(num_resources):
+        uid = f"resource_{i}_{draw(st.text(min_size=3, max_size=8, alphabet='abcdefghijklmnopqrstuvwxyz'))}"
+        if uid in seen_ids:
+            uid = f"resource_{i}_fallback"
+        seen_ids.add(uid)
+
+        resource = draw(discovered_resource_strategy(uid=uid))
+        resources.append(resource)
+
+    return ScanResult(
+        resources=resources,
+        warnings=[],
+        errors=[],
+        scan_timestamp="2024-01-15T10:30:00Z",
+        profile_hash="test_profile_hash",
+        is_partial=False,
+    )
+
+
+@st.composite
+def scan_result_pair_strategy(draw):
+    """Generate a pair of scan results with some overlap for meaningful diffs.
+
+    Creates a previous and current scan where:
+    - Some resources exist in both (potentially modified)
+    - Some resources only in previous (removed)
+    - Some resources only in current (added)
+    """
+    # Shared resources (exist in both, may be modified)
+    num_shared = draw(st.integers(min_value=0, max_value=4))
+    # Resources only in previous (will be removed)
+    num_removed = draw(st.integers(min_value=0, max_value=3))
+    # Resources only in current (will be added)
+    num_added = draw(st.integers(min_value=0, max_value=3))
+
+    assume(num_shared + num_removed + num_added >= 1)
+
+    previous_resources = []
+    current_resources = []
+
+    # Generate shared resources
+    for i in range(num_shared):
+        uid = f"shared_{i}"
+        resource_type = draw(resource_type_strategy)
+        name = draw(resource_name_strategy)
+        provider = draw(provider_strategy)
+        platform = draw(platform_strategy)
+        arch = draw(architecture_strategy)
+        endpoint = draw(st.text(min_size=3, max_size=10, alphabet="abcdefghijklmnopqrstuvwxyz."))
+        prev_attrs = draw(attributes_strategy)
+
+        prev_resource = DiscoveredResource(
+            resource_type=resource_type,
+            unique_id=uid,
+            name=name,
+            provider=provider,
+            platform_category=platform,
+            architecture=arch,
+            endpoint=endpoint,
+            attributes=prev_attrs,
+            raw_references=[],
+        )
+        previous_resources.append(prev_resource)
+
+        # Possibly modify attributes for current version
+        modify = draw(st.booleans())
+        if modify:
+            curr_attrs = draw(attributes_strategy)
+        else:
+            curr_attrs = dict(prev_attrs)
+
+        curr_resource = DiscoveredResource(
+            resource_type=resource_type,
+            unique_id=uid,
+            name=name,
+            provider=provider,
+            platform_category=platform,
+            architecture=arch,
+            endpoint=endpoint,
+            attributes=curr_attrs,
+            raw_references=[],
+        )
+        current_resources.append(curr_resource)
+
+    # Generate removed resources (only in previous)
+    for i in range(num_removed):
+        uid = f"removed_{i}"
+        resource = draw(discovered_resource_strategy(uid=uid))
+        previous_resources.append(resource)
+
+    # Generate added resources (only in current)
+    for i in range(num_added):
+        uid = f"added_{i}"
+        resource = draw(discovered_resource_strategy(uid=uid))
+        current_resources.append(resource)
+
+    previous = ScanResult(
+        resources=previous_resources,
+        warnings=[],
+        errors=[],
+        scan_timestamp="2024-01-14T09:00:00Z",
+        profile_hash="test_profile",
+        is_partial=False,
+    )
+    current = ScanResult(
+        resources=current_resources,
+        warnings=[],
+        errors=[],
+        scan_timestamp="2024-01-15T10:30:00Z",
+        profile_hash="test_profile",
+        is_partial=False,
+    )
+
+    return previous, current
+
+
+# ---------------------------------------------------------------------------
+# Property 23: Change classification correctness
+# ---------------------------------------------------------------------------
+
+
+class TestChangeClassificationCorrectness:
+    """Property 23: Change classification correctness.
+
+    **Validates: Requirements 8.1, 8.5**
+
+    For any pair of scan results (previous and current), every resource
+    SHALL be classified exactly once as: added, removed, or modified.
+    The summary counts SHALL equal the actual number of resources in each
+    category.
+    """
+
+    @given(data=scan_result_pair_strategy())
+    @settings(max_examples=100)
+    def test_every_resource_classified_exactly_once(self, data):
+        """Every resource is classified as exactly one of: added, removed, or modified."""
+        previous, current = data
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous)
+
+        prev_ids = {r.unique_id for r in previous.resources}
+        curr_ids = {r.unique_id for r in current.resources}
+        all_ids = prev_ids | curr_ids
+
+        # Each change should reference a resource from either scan
+        change_ids = [c.resource_id for c in summary.changes]
+
+        # No duplicates in changes
+        assert len(change_ids) == len(set(change_ids)), (
+            f"Duplicate resource IDs in changes: "
+            f"{[rid for rid in change_ids if change_ids.count(rid) > 1]}"
+        )
+
+        # Every changed resource must be from the union of both scans
+        for change in summary.changes:
+            assert change.resource_id in all_ids, (
+                f"Change references unknown resource: {change.resource_id}"
+            )
+
+    @given(data=scan_result_pair_strategy())
+    @settings(max_examples=100)
+    def test_added_resources_in_current_not_previous(self, data):
+        """Resources classified as ADDED are in current but not in previous."""
+        previous, current = data
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous)
+
+        prev_ids = {r.unique_id for r in previous.resources}
+        curr_ids = {r.unique_id for r in current.resources}
+
+        added_changes = [c for c in summary.changes if c.change_type == ChangeType.ADDED]
+        for change in added_changes:
+            assert change.resource_id in curr_ids, (
+                f"ADDED resource {change.resource_id} not in current scan"
+            )
+            assert change.resource_id not in prev_ids, (
+                f"ADDED resource {change.resource_id} exists in previous scan"
+            )
+
+    @given(data=scan_result_pair_strategy())
+    @settings(max_examples=100)
+    def test_removed_resources_in_previous_not_current(self, data):
+        """Resources classified as REMOVED are in previous but not in current."""
+        previous, current = data
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous)
+
+        prev_ids = {r.unique_id for r in previous.resources}
+        curr_ids = {r.unique_id for r in current.resources}
+
+        removed_changes = [c for c in summary.changes if c.change_type == ChangeType.REMOVED]
+        for change in removed_changes:
+            assert change.resource_id in prev_ids, (
+                f"REMOVED resource {change.resource_id} not in previous scan"
+            )
+            assert change.resource_id not in curr_ids, (
+                f"REMOVED resource {change.resource_id} exists in current scan"
+            )
+
+    @given(data=scan_result_pair_strategy())
+    @settings(max_examples=100)
+    def test_modified_resources_in_both_with_differing_attributes(self, data):
+        """Resources classified as MODIFIED exist in both scans with differing attributes."""
+        previous, current = data
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous)
+
+        prev_map = {r.unique_id: r for r in previous.resources}
+        curr_map = {r.unique_id: r for r in current.resources}
+
+        modified_changes = [c for c in summary.changes if c.change_type == ChangeType.MODIFIED]
+        for change in modified_changes:
+            assert change.resource_id in prev_map, (
+                f"MODIFIED resource {change.resource_id} not in previous scan"
+            )
+            assert change.resource_id in curr_map, (
+                f"MODIFIED resource {change.resource_id} not in current scan"
+            )
+            # Attributes must actually differ
+            assert prev_map[change.resource_id].attributes != curr_map[change.resource_id].attributes, (
+                f"MODIFIED resource {change.resource_id} has identical attributes"
+            )
+
+    @given(data=scan_result_pair_strategy())
+    @settings(max_examples=100)
+    def test_summary_counts_match_actual_changes(self, data):
+        """Summary counts equal the actual number of resources in each category."""
+        previous, current = data
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous)
+
+        actual_added = sum(1 for c in summary.changes if c.change_type == ChangeType.ADDED)
+        actual_removed = sum(1 for c in summary.changes if c.change_type == ChangeType.REMOVED)
+        actual_modified = sum(1 for c in summary.changes if c.change_type == ChangeType.MODIFIED)
+
+        assert summary.added_count == actual_added, (
+            f"added_count={summary.added_count} != actual={actual_added}"
+        )
+        assert summary.removed_count == actual_removed, (
+            f"removed_count={summary.removed_count} != actual={actual_removed}"
+        )
+        assert summary.modified_count == actual_modified, (
+            f"modified_count={summary.modified_count} != actual={actual_modified}"
+        )
+
+    @given(data=scan_result_pair_strategy())
+    @settings(max_examples=100)
+    def test_change_types_are_valid(self, data):
+        """Every change has a valid ChangeType value."""
+        previous, current = data
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous)
+
+        valid_types = {ChangeType.ADDED, ChangeType.REMOVED, ChangeType.MODIFIED}
+        for change in summary.changes:
+            assert change.change_type in valid_types, (
+                f"Invalid change_type: {change.change_type}"
+            )
+
+
+# ---------------------------------------------------------------------------
+# Property 24: Incremental update scope
+# ---------------------------------------------------------------------------
+
+
+class TestIncrementalUpdateScope:
+    """Property 24: Incremental update scope.
+
+    **Validates: Requirements 8.2**
+
+    For any change set applied to existing IaC files, only files containing
+    added, modified, or removed resources SHALL be modified. Files containing
+    only unchanged resources SHALL remain identical.
+    """
+
+    @given(data=scan_result_pair_strategy())
+    @settings(max_examples=100, deadline=None)
+    def test_only_changed_resource_files_are_modified(self, data):
+        """Only .tf files for resource types with changes are modified."""
+        previous, current = data
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous)
+
+        # Skip if no changes (nothing to test)
+        assume(len(summary.changes) > 0)
+
+        with tempfile.TemporaryDirectory() as tmp_dir:
+            # Create initial .tf files for all resource types in previous scan
+            resource_types_in_previous = {r.resource_type for r in previous.resources}
+            # Also create a file for an "unchanged" resource type
+            unchanged_type = "unchanged_resource_type"
+            resource_types_in_previous.add(unchanged_type)
+
+            for rt in resource_types_in_previous:
+                tf_path = Path(tmp_dir) / f"{rt}.tf"
+                tf_path.write_text(f'# Placeholder for {rt}\n', encoding="utf-8")
+
+            # Record original content of the unchanged file
+            unchanged_path = Path(tmp_dir) / f"{unchanged_type}.tf"
+            original_unchanged_content = unchanged_path.read_text(encoding="utf-8")
+
+            # Build resource_attributes for added resources
+            resource_attributes = {}
+            for change in summary.changes:
+                if change.change_type == ChangeType.ADDED:
+                    # Find the resource in current scan
+                    for r in current.resources:
+                        if r.unique_id == change.resource_id:
+                            resource_attributes[change.resource_id] = r.attributes
+                            break
+
+            # Apply incremental update
+            updater = IncrementalUpdater(
+                change_summary=summary,
+                output_dir=tmp_dir,
+                resource_attributes=resource_attributes,
+            )
+            updater.apply()
+
+            # The unchanged file should not be modified
+            assert unchanged_path.read_text(encoding="utf-8") == original_unchanged_content, (
+                "File for unchanged resource type was modified"
+            )
+
+            # Modified files should only be for resource types with changes
+            changed_resource_types = {c.resource_type for c in summary.changes}
+            for modified_file in updater.modified_files:
+                file_name = Path(modified_file).name
+                # Modified files should be .tf files for changed resource types
+                # or the state file
+                if file_name == "terraform.tfstate":
+                    continue
+                assert file_name.endswith(".tf"), (
+                    f"Unexpected modified file: {file_name}"
+                )
+                rt = file_name[:-3]  # strip .tf
+                assert rt in changed_resource_types, (
+                    f"File {file_name} was modified but resource type "
+                    f"'{rt}' has no changes"
+                )
+
+
+# ---------------------------------------------------------------------------
+# Property 25: Removed resource exclusion
+# ---------------------------------------------------------------------------
+
+
+class TestRemovedResourceExclusion:
+    """Property 25: Removed resource exclusion.
+
+    **Validates: Requirements 8.3**
+
+    For any resource classified as removed, the updated IaC output SHALL
+    not contain a resource block for that resource, AND the updated state
+    file SHALL not contain a state entry for that resource.
+    """
+
+    @given(data=scan_result_pair_strategy())
+    @settings(max_examples=100, deadline=None)
+    def test_removed_resources_not_in_tf_files(self, data):
+        """Removed resources do not appear in .tf files after update."""
+        previous, current = data
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous)
+
+        removed_changes = [c for c in summary.changes if c.change_type == ChangeType.REMOVED]
+        assume(len(removed_changes) > 0)
+
+        with tempfile.TemporaryDirectory() as tmp_dir:
+            # Create .tf files with resource blocks for previous resources
+            from iac_reverse.generator.sanitize import sanitize_identifier
+
+            resources_by_type: dict[str, list] = {}
+            for r in previous.resources:
+                resources_by_type.setdefault(r.resource_type, []).append(r)
+
+            for rt, resources in resources_by_type.items():
+                tf_path = Path(tmp_dir) / f"{rt}.tf"
+                lines = []
+                for r in resources:
+                    tf_name = sanitize_identifier(r.name)
+                    lines.append(f'# Source: {r.unique_id}')
+                    lines.append(f'resource "{rt}" "{tf_name}" {{')
+                    for k, v in r.attributes.items():
+                        lines.append(f'  {k} = "{v}"')
+                    lines.append("}")
+                    lines.append("")
+                tf_path.write_text("\n".join(lines), encoding="utf-8")
+
+            # Build resource_attributes for added resources
+            resource_attributes = {}
+            for change in summary.changes:
+                if change.change_type == ChangeType.ADDED:
+                    for r in current.resources:
+                        if r.unique_id == change.resource_id:
+                            resource_attributes[change.resource_id] = r.attributes
+                            break
+
+            # Apply incremental update
+            updater = IncrementalUpdater(
+                change_summary=summary,
+                output_dir=tmp_dir,
+                resource_attributes=resource_attributes,
+            )
+            updater.apply()
+
+            # Verify removed resources are not in any .tf file
+            for change in removed_changes:
+                tf_path = Path(tmp_dir) / f"{change.resource_type}.tf"
+                if tf_path.exists():
+                    content = tf_path.read_text(encoding="utf-8")
+                    tf_name = sanitize_identifier(change.resource_name)
+                    # The resource block should not exist
+                    block_header = f'resource "{change.resource_type}" "{tf_name}"'
+                    assert block_header not in content, (
+                        f"Removed resource {change.resource_id} still has a "
+                        f"resource block in {tf_path.name}"
+                    )
+
+    @given(data=scan_result_pair_strategy())
+    @settings(max_examples=100, deadline=None)
+    def test_removed_resources_not_in_state_file(self, data):
+        """Removed resources do not appear in the state file after update."""
+        previous, current = data
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous)
+
+        removed_changes = [c for c in summary.changes if c.change_type == ChangeType.REMOVED]
+        assume(len(removed_changes) > 0)
+
+        with tempfile.TemporaryDirectory() as tmp_dir:
+            from iac_reverse.generator.sanitize import sanitize_identifier
+
+            # Create initial state file with entries for previous resources
+            state = {
+                "version": 4,
+                "terraform_version": "1.7.0",
+                "serial": 1,
+                "lineage": "test-lineage",
+                "outputs": {},
+                "resources": [],
+            }
+            for r in previous.resources:
+                tf_name = sanitize_identifier(r.name)
+                state["resources"].append({
+                    "mode": "managed",
+                    "type": r.resource_type,
+                    "name": tf_name,
+                    "provider": f'provider["registry.terraform.io/hashicorp/{r.resource_type.split("_")[0]}"]',
+                    "instances": [{
+                        "schema_version": 0,
+                        "attributes": {"id": r.unique_id, **r.attributes},
+                        "sensitive_attributes": [],
+                        "dependencies": [],
+                    }],
+                })
+
+            state_path = Path(tmp_dir) / "terraform.tfstate"
+            state_path.write_text(json.dumps(state, indent=2), encoding="utf-8")
+
+            # Create .tf files so updater can process removals
+            resources_by_type: dict[str, list] = {}
+            for r in previous.resources:
+                resources_by_type.setdefault(r.resource_type, []).append(r)
+
+            for rt, resources in resources_by_type.items():
+                tf_path = Path(tmp_dir) / f"{rt}.tf"
+                lines = []
+                for r in resources:
+                    tf_name = sanitize_identifier(r.name)
+                    lines.append(f'# Source: {r.unique_id}')
+                    lines.append(f'resource "{rt}" "{tf_name}" {{')
+                    for k, v in r.attributes.items():
+                        lines.append(f'  {k} = "{v}"')
+                    lines.append("}")
+                    lines.append("")
+                tf_path.write_text("\n".join(lines), encoding="utf-8")
+
+            # Build resource_attributes for added resources
+            resource_attributes = {}
+            for change in summary.changes:
+                if change.change_type == ChangeType.ADDED:
+                    for r in current.resources:
+                        if r.unique_id == change.resource_id:
+                            resource_attributes[change.resource_id] = r.attributes
+                            break
+
+            # Apply incremental update
+            updater = IncrementalUpdater(
+                change_summary=summary,
+                output_dir=tmp_dir,
+                resource_attributes=resource_attributes,
+            )
+            updater.apply()
+
+            # Verify removed resources are not in state file
+            updated_state = json.loads(
+                state_path.read_text(encoding="utf-8")
+            )
+            state_entries = updated_state.get("resources", [])
+
+            for change in removed_changes:
+                tf_name = sanitize_identifier(change.resource_name)
+                matching = [
+                    e for e in state_entries
+                    if e.get("type") == change.resource_type
+                    and e.get("name") == tf_name
+                ]
+                assert len(matching) == 0, (
+                    f"Removed resource {change.resource_id} still has a "
+                    f"state entry (type={change.resource_type}, name={tf_name})"
+                )
+
+
+# ---------------------------------------------------------------------------
+# Property 26: Snapshot retention
+# ---------------------------------------------------------------------------
+
+
+class TestSnapshotRetention:
+    """Property 26: Snapshot retention.
+
+    **Validates: Requirements 8.6**
+
+    For any sequence of N scans (N >= 2) for the same Scan_Profile, at
+    least the two most recent scan results SHALL be retained in storage
+    after each scan completes.
+    """
+
+    @given(num_scans=st.integers(min_value=2, max_value=8))
+    @settings(max_examples=100)
+    def test_at_least_two_snapshots_retained(self, num_scans):
+        """After N scans, at least 2 most recent snapshots are retained."""
+        from unittest.mock import patch
+        from datetime import datetime, timezone
+
+        with tempfile.TemporaryDirectory() as tmp_dir:
+            store = SnapshotStore(base_dir=tmp_dir)
+            profile_hash = "retention_test_profile"
+
+            # Store N scan results with mocked timestamps to ensure unique filenames
+            for i in range(num_scans):
+                result = ScanResult(
+                    resources=[
+                        DiscoveredResource(
+                            resource_type="docker_service",
+                            unique_id=f"svc_{i}",
+                            name=f"service_{i}",
+                            provider=ProviderType.DOCKER_SWARM,
+                            platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+                            architecture=CpuArchitecture.AMD64,
+                            endpoint="localhost",
+                            attributes={"version": str(i)},
+                            raw_references=[],
+                        )
+                    ],
+                    warnings=[],
+                    errors=[],
+                    scan_timestamp=f"2024-01-{15 + i:02d}T10:00:00Z",
+                    profile_hash=profile_hash,
+                    is_partial=False,
+                )
+                # Mock datetime.now to return unique timestamps
+                mock_time = datetime(2024, 1, 15 + i, 10, 0, 0, tzinfo=timezone.utc)
+                with patch(
+                    "iac_reverse.incremental.snapshot_store.datetime"
+                ) as mock_dt:
+                    mock_dt.now.return_value = mock_time
+                    mock_dt.side_effect = lambda *a, **kw: datetime(*a, **kw)
+                    store.store_snapshot(result, profile_hash)
+
+            # Count remaining snapshots
+            snapshot_files = list(store.snapshot_dir.glob(f"{profile_hash}_*.json"))
+            assert len(snapshot_files) >= 2, (
+                f"After {num_scans} scans, only {len(snapshot_files)} "
+                f"snapshots retained (expected >= 2)"
+            )
+
+    @given(num_scans=st.integers(min_value=2, max_value=8))
+    @settings(max_examples=100)
+    def test_most_recent_snapshot_is_loadable(self, num_scans):
+        """The most recent snapshot can be loaded after multiple stores."""
+        from unittest.mock import patch
+        from datetime import datetime, timezone
+
+        with tempfile.TemporaryDirectory() as tmp_dir:
+            store = SnapshotStore(base_dir=tmp_dir)
+            profile_hash = "loadable_test_profile"
+
+            last_resource_id = None
+            for i in range(num_scans):
+                last_resource_id = f"svc_{i}"
+                result = ScanResult(
+                    resources=[
+                        DiscoveredResource(
+                            resource_type="kubernetes_deployment",
+                            unique_id=last_resource_id,
+                            name=f"deploy_{i}",
+                            provider=ProviderType.KUBERNETES,
+                            platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+                            architecture=CpuArchitecture.AARCH64,
+                            endpoint="k8s-api.local",
+                            attributes={"replicas": i + 1},
+                            raw_references=[],
+                        )
+                    ],
+                    warnings=[],
+                    errors=[],
+                    scan_timestamp=f"2024-01-{15 + i:02d}T10:00:00Z",
+                    profile_hash=profile_hash,
+                    is_partial=False,
+                )
+                mock_time = datetime(2024, 1, 15 + i, 10, 0, 0, tzinfo=timezone.utc)
+                with patch(
+                    "iac_reverse.incremental.snapshot_store.datetime"
+                ) as mock_dt:
+                    mock_dt.now.return_value = mock_time
+                    mock_dt.side_effect = lambda *a, **kw: datetime(*a, **kw)
+                    store.store_snapshot(result, profile_hash)
+
+            # Load the most recent snapshot
+            loaded = store.load_previous(profile_hash)
+            assert loaded is not None, "Could not load most recent snapshot"
+            assert len(loaded.resources) == 1
+            assert loaded.resources[0].unique_id == last_resource_id, (
+                f"Expected most recent resource '{last_resource_id}', "
+                f"got '{loaded.resources[0].unique_id}'"
+            )
+
+    @given(num_scans=st.integers(min_value=3, max_value=10))
+    @settings(max_examples=100)
+    def test_different_profiles_retain_independently(self, num_scans):
+        """Snapshots for different profiles are retained independently."""
+        from unittest.mock import patch
+        from datetime import datetime, timezone
+
+        with tempfile.TemporaryDirectory() as tmp_dir:
+            store = SnapshotStore(base_dir=tmp_dir)
+            profile_a = "profile_alpha"
+            profile_b = "profile_beta"
+
+            scan_idx = 0
+            for i in range(num_scans):
+                for profile_hash in [profile_a, profile_b]:
+                    result = ScanResult(
+                        resources=[
+                            DiscoveredResource(
+                                resource_type="docker_service",
+                                unique_id=f"{profile_hash}_svc_{i}",
+                                name=f"svc_{i}",
+                                provider=ProviderType.DOCKER_SWARM,
+                                platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+                                architecture=CpuArchitecture.AMD64,
+                                endpoint="localhost",
+                                attributes={"idx": i},
+                                raw_references=[],
+                            )
+                        ],
+                        warnings=[],
+                        errors=[],
+                        scan_timestamp=f"2024-01-{15 + i:02d}T10:00:00Z",
+                        profile_hash=profile_hash,
+                        is_partial=False,
+                    )
+                    # Use unique timestamps per store call
+                    mock_time = datetime(2024, 1, 15, 10, scan_idx, 0, tzinfo=timezone.utc)
+                    scan_idx += 1
+                    with patch(
+                        "iac_reverse.incremental.snapshot_store.datetime"
+                    ) as mock_dt:
+                        mock_dt.now.return_value = mock_time
+                        mock_dt.side_effect = lambda *a, **kw: datetime(*a, **kw)
+                        store.store_snapshot(result, profile_hash)
+
+            # Both profiles should have at least 2 snapshots
+            snapshots_a = list(store.snapshot_dir.glob(f"{profile_a}_*.json"))
+            snapshots_b = list(store.snapshot_dir.glob(f"{profile_b}_*.json"))
+
+            assert len(snapshots_a) >= 2, (
+                f"Profile A has {len(snapshots_a)} snapshots (expected >= 2)"
+            )
+            assert len(snapshots_b) >= 2, (
+                f"Profile B has {len(snapshots_b)} snapshots (expected >= 2)"
+            )
diff --git a/tests/property/test_multi_provider_prop.py b/tests/property/test_multi_provider_prop.py
new file mode 100644
index 0000000..cf0ed9a
--- /dev/null
+++ b/tests/property/test_multi_provider_prop.py
@@ -0,0 +1,803 @@
+"""Property-based tests for multi-provider merging and filtering.
+
+**Validates: Requirements 5.3, 5.4, 6.1, 6.2, 6.4, 6.6, 6.7**
+
+Property 18: Multi-provider merge with naming conflict resolution
+For any two or more resource inventories from different on-premises providers
+where resource names collide, the merged inventory SHALL contain all resources
+from all providers, with conflicting names prefixed by the provider identifier,
+and no resources lost.
+
+Property 19: Provider block generation
+For any resource set spanning N distinct on-premises providers, the generated
+provider configuration SHALL contain exactly N provider blocks, one per distinct
+provider.
+
+Property 20: Scan profile validation completeness (additional multi-provider scenarios)
+Already covered in test_scan_profile_validation_prop.py; this adds multi-provider
+scenarios.
+
+Property 21: Filtering correctness
+For any scan profile with resource type filters, the discovered resources SHALL
+be a subset where every resource's type is in the filter list. No resource outside
+the filter criteria shall appear.
+"""
+
+from typing import Callable
+
+from hypothesis import given, assume, settings
+from hypothesis import strategies as st
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    DiscoveredResource,
+    GeneratedFile,
+    PlatformCategory,
+    PROVIDER_PLATFORM_MAP,
+    PROVIDER_SUPPORTED_RESOURCE_TYPES,
+    ProviderType,
+    ScanProfile,
+    ScanProgress,
+    ScanResult,
+)
+from iac_reverse.generator import ProviderBlockGenerator, ResourceMerger
+from iac_reverse.plugin_base import ProviderPlugin
+from iac_reverse.scanner.scanner import Scanner
+
+
+# ---------------------------------------------------------------------------
+# Hypothesis Strategies
+# ---------------------------------------------------------------------------
+
+provider_type_strategy = st.sampled_from(list(ProviderType))
+
+architecture_strategy = st.sampled_from(list(CpuArchitecture))
+
+non_empty_credentials_strategy = st.dictionaries(
+    keys=st.text(
+        min_size=1, max_size=20,
+        alphabet=st.characters(whitelist_categories=("L", "N")),
+    ),
+    values=st.text(min_size=1, max_size=50),
+    min_size=1,
+    max_size=5,
+)
+
+# Strategy for resource names that could collide across providers
+resource_name_strategy = st.text(
+    min_size=1,
+    max_size=30,
+    alphabet=st.characters(whitelist_categories=("L", "N", "Pd")),
+).filter(lambda s: s.strip())
+
+
+def discovered_resource_strategy(
+    provider: ProviderType,
+    name: str | None = None,
+) -> st.SearchStrategy[DiscoveredResource]:
+    """Generate a DiscoveredResource for a given provider with optional fixed name."""
+    supported_types = PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]
+    platform_category = PROVIDER_PLATFORM_MAP[provider]
+
+    return st.builds(
+        DiscoveredResource,
+        resource_type=st.sampled_from(supported_types),
+        unique_id=st.uuids().map(str),
+        name=st.just(name) if name else resource_name_strategy,
+        provider=st.just(provider),
+        platform_category=st.just(platform_category),
+        architecture=architecture_strategy,
+        endpoint=st.just("http://localhost:8080"),
+        attributes=st.just({"key": "value"}),
+        raw_references=st.just([]),
+    )
+
+
+def scan_result_strategy(
+    provider: ProviderType,
+    resources: list[DiscoveredResource] | None = None,
+) -> st.SearchStrategy[ScanResult]:
+    """Generate a ScanResult for a given provider."""
+    if resources is not None:
+        return st.just(ScanResult(
+            resources=resources,
+            warnings=[],
+            errors=[],
+            scan_timestamp="2024-01-01T00:00:00Z",
+            profile_hash="abc123",
+        ))
+    return st.builds(
+        ScanResult,
+        resources=st.lists(
+            discovered_resource_strategy(provider),
+            min_size=1,
+            max_size=5,
+        ),
+        warnings=st.just([]),
+        errors=st.just([]),
+        scan_timestamp=st.just("2024-01-01T00:00:00Z"),
+        profile_hash=st.just("abc123"),
+    )
+
+
+# ---------------------------------------------------------------------------
+# Mock Plugin for Filtering Tests
+# ---------------------------------------------------------------------------
+
+
+class FilteringPlugin(ProviderPlugin):
+    """A plugin that discovers resources only for requested resource types."""
+
+    def __init__(self, provider: ProviderType):
+        self._provider = provider
+        self._supported = PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]
+
+    def authenticate(self, credentials: dict[str, str]) -> None:
+        pass
+
+    def get_platform_category(self) -> PlatformCategory:
+        return PROVIDER_PLATFORM_MAP[self._provider]
+
+    def list_endpoints(self) -> list[str]:
+        return ["http://localhost:8080"]
+
+    def list_supported_resource_types(self) -> list[str]:
+        return self._supported
+
+    def detect_architecture(self, endpoint: str) -> CpuArchitecture:
+        return CpuArchitecture.AMD64
+
+    def discover_resources(
+        self,
+        endpoints: list[str],
+        resource_types: list[str],
+        progress_callback: Callable[[ScanProgress], None],
+    ) -> ScanResult:
+        """Discover exactly one resource per requested resource type."""
+        resources = []
+        for i, rt in enumerate(resource_types):
+            resources.append(
+                DiscoveredResource(
+                    resource_type=rt,
+                    unique_id=f"id-{rt}-{i}",
+                    name=f"resource-{rt}-{i}",
+                    provider=self._provider,
+                    platform_category=PROVIDER_PLATFORM_MAP[self._provider],
+                    architecture=CpuArchitecture.AMD64,
+                    endpoint="http://localhost:8080",
+                    attributes={"key": "value"},
+                )
+            )
+            progress_callback(ScanProgress(
+                current_resource_type=rt,
+                resources_discovered=i + 1,
+                resource_types_completed=i + 1,
+                total_resource_types=len(resource_types),
+            ))
+        return ScanResult(
+            resources=resources,
+            warnings=[],
+            errors=[],
+            scan_timestamp="2024-01-01T00:00:00Z",
+            profile_hash="abc123",
+        )
+
+
+# ---------------------------------------------------------------------------
+# Property 18: Multi-provider merge with naming conflict resolution
+# ---------------------------------------------------------------------------
+
+
+class TestMultiProviderMergeConflictResolution:
+    """Property 18: Multi-provider merge with naming conflict resolution.
+
+    When resources from different providers share the same name, the merger
+    prefixes with provider identifier.
+
+    **Validates: Requirements 5.3**
+    """
+
+    @given(
+        provider_a=provider_type_strategy,
+        provider_b=provider_type_strategy,
+        shared_name=resource_name_strategy,
+    )
+    @settings(max_examples=100)
+    def test_conflicting_names_are_prefixed(self, provider_a, provider_b, shared_name):
+        """Resources with the same name from different providers get prefixed."""
+        assume(provider_a != provider_b)
+
+        resource_a = DiscoveredResource(
+            resource_type=PROVIDER_SUPPORTED_RESOURCE_TYPES[provider_a][0],
+            unique_id="id-a",
+            name=shared_name,
+            provider=provider_a,
+            platform_category=PROVIDER_PLATFORM_MAP[provider_a],
+            architecture=CpuArchitecture.AMD64,
+            endpoint="http://host-a:8080",
+            attributes={"source": "a"},
+        )
+        resource_b = DiscoveredResource(
+            resource_type=PROVIDER_SUPPORTED_RESOURCE_TYPES[provider_b][0],
+            unique_id="id-b",
+            name=shared_name,
+            provider=provider_b,
+            platform_category=PROVIDER_PLATFORM_MAP[provider_b],
+            architecture=CpuArchitecture.AMD64,
+            endpoint="http://host-b:8080",
+            attributes={"source": "b"},
+        )
+
+        scan_result_a = ScanResult(
+            resources=[resource_a],
+            warnings=[], errors=[],
+            scan_timestamp="", profile_hash="",
+        )
+        scan_result_b = ScanResult(
+            resources=[resource_b],
+            warnings=[], errors=[],
+            scan_timestamp="", profile_hash="",
+        )
+
+        merger = ResourceMerger()
+        merged = merger.merge([scan_result_a, scan_result_b])
+
+        # Both resources must be present (no loss)
+        assert len(merged) == 2
+
+        # Conflicting names must be prefixed with provider identifier
+        merged_names = {r.name for r in merged}
+        expected_name_a = f"{provider_a.value}_{shared_name}"
+        expected_name_b = f"{provider_b.value}_{shared_name}"
+        assert expected_name_a in merged_names, (
+            f"Expected '{expected_name_a}' in merged names, got: {merged_names}"
+        )
+        assert expected_name_b in merged_names, (
+            f"Expected '{expected_name_b}' in merged names, got: {merged_names}"
+        )
+
+    @given(
+        provider_a=provider_type_strategy,
+        provider_b=provider_type_strategy,
+        name_a=resource_name_strategy,
+        name_b=resource_name_strategy,
+    )
+    @settings(max_examples=100)
+    def test_non_conflicting_names_unchanged(self, provider_a, provider_b, name_a, name_b):
+        """Resources with unique names across providers are not prefixed."""
+        assume(provider_a != provider_b)
+        assume(name_a != name_b)
+
+        resource_a = DiscoveredResource(
+            resource_type=PROVIDER_SUPPORTED_RESOURCE_TYPES[provider_a][0],
+            unique_id="id-a",
+            name=name_a,
+            provider=provider_a,
+            platform_category=PROVIDER_PLATFORM_MAP[provider_a],
+            architecture=CpuArchitecture.AMD64,
+            endpoint="http://host-a:8080",
+            attributes={},
+        )
+        resource_b = DiscoveredResource(
+            resource_type=PROVIDER_SUPPORTED_RESOURCE_TYPES[provider_b][0],
+            unique_id="id-b",
+            name=name_b,
+            provider=provider_b,
+            platform_category=PROVIDER_PLATFORM_MAP[provider_b],
+            architecture=CpuArchitecture.AMD64,
+            endpoint="http://host-b:8080",
+            attributes={},
+        )
+
+        scan_result_a = ScanResult(
+            resources=[resource_a],
+            warnings=[], errors=[],
+            scan_timestamp="", profile_hash="",
+        )
+        scan_result_b = ScanResult(
+            resources=[resource_b],
+            warnings=[], errors=[],
+            scan_timestamp="", profile_hash="",
+        )
+
+        merger = ResourceMerger()
+        merged = merger.merge([scan_result_a, scan_result_b])
+
+        # No resources lost
+        assert len(merged) == 2
+
+        # Names should remain unchanged (no prefix)
+        merged_names = {r.name for r in merged}
+        assert name_a in merged_names, (
+            f"Expected original name '{name_a}' preserved, got: {merged_names}"
+        )
+        assert name_b in merged_names, (
+            f"Expected original name '{name_b}' preserved, got: {merged_names}"
+        )
+
+    @given(
+        provider_a=provider_type_strategy,
+        provider_b=provider_type_strategy,
+        provider_c=provider_type_strategy,
+        shared_name=resource_name_strategy,
+    )
+    @settings(max_examples=100)
+    def test_three_provider_conflict_all_prefixed(
+        self, provider_a, provider_b, provider_c, shared_name
+    ):
+        """When 3 providers share a name, all get prefixed."""
+        assume(len({provider_a, provider_b, provider_c}) == 3)
+
+        resources_and_results = []
+        for provider in [provider_a, provider_b, provider_c]:
+            resource = DiscoveredResource(
+                resource_type=PROVIDER_SUPPORTED_RESOURCE_TYPES[provider][0],
+                unique_id=f"id-{provider.value}",
+                name=shared_name,
+                provider=provider,
+                platform_category=PROVIDER_PLATFORM_MAP[provider],
+                architecture=CpuArchitecture.AMD64,
+                endpoint=f"http://{provider.value}:8080",
+                attributes={},
+            )
+            result = ScanResult(
+                resources=[resource],
+                warnings=[], errors=[],
+                scan_timestamp="", profile_hash="",
+            )
+            resources_and_results.append(result)
+
+        merger = ResourceMerger()
+        merged = merger.merge(resources_and_results)
+
+        # All 3 resources preserved
+        assert len(merged) == 3
+
+        # All must be prefixed
+        for provider in [provider_a, provider_b, provider_c]:
+            expected = f"{provider.value}_{shared_name}"
+            assert any(r.name == expected for r in merged), (
+                f"Expected prefixed name '{expected}' in merged results"
+            )
+
+    @given(
+        provider_a=provider_type_strategy,
+        provider_b=provider_type_strategy,
+        shared_name=resource_name_strategy,
+    )
+    @settings(max_examples=100)
+    def test_merge_preserves_all_resources_no_loss(
+        self, provider_a, provider_b, shared_name
+    ):
+        """Merging never loses resources regardless of naming conflicts."""
+        assume(provider_a != provider_b)
+
+        resource_a = DiscoveredResource(
+            resource_type=PROVIDER_SUPPORTED_RESOURCE_TYPES[provider_a][0],
+            unique_id="id-a",
+            name=shared_name,
+            provider=provider_a,
+            platform_category=PROVIDER_PLATFORM_MAP[provider_a],
+            architecture=CpuArchitecture.AMD64,
+            endpoint="http://host-a:8080",
+            attributes={"source": "a"},
+        )
+        resource_b = DiscoveredResource(
+            resource_type=PROVIDER_SUPPORTED_RESOURCE_TYPES[provider_b][0],
+            unique_id="id-b",
+            name=shared_name,
+            provider=provider_b,
+            platform_category=PROVIDER_PLATFORM_MAP[provider_b],
+            architecture=CpuArchitecture.AMD64,
+            endpoint="http://host-b:8080",
+            attributes={"source": "b"},
+        )
+
+        # Also add a non-conflicting resource
+        resource_c = DiscoveredResource(
+            resource_type=PROVIDER_SUPPORTED_RESOURCE_TYPES[provider_a][0],
+            unique_id="id-c",
+            name="unique_resource_name",
+            provider=provider_a,
+            platform_category=PROVIDER_PLATFORM_MAP[provider_a],
+            architecture=CpuArchitecture.AMD64,
+            endpoint="http://host-a:8080",
+            attributes={"source": "c"},
+        )
+
+        scan_result_a = ScanResult(
+            resources=[resource_a, resource_c],
+            warnings=[], errors=[],
+            scan_timestamp="", profile_hash="",
+        )
+        scan_result_b = ScanResult(
+            resources=[resource_b],
+            warnings=[], errors=[],
+            scan_timestamp="", profile_hash="",
+        )
+
+        merger = ResourceMerger()
+        merged = merger.merge([scan_result_a, scan_result_b])
+
+        # Total resources = 3 (no loss)
+        assert len(merged) == 3
+
+        # Provider-specific attributes preserved
+        unique_ids = {r.unique_id for r in merged}
+        assert "id-a" in unique_ids
+        assert "id-b" in unique_ids
+        assert "id-c" in unique_ids
+
+
+# ---------------------------------------------------------------------------
+# Property 19: Provider block generation
+# ---------------------------------------------------------------------------
+
+
+class TestProviderBlockGeneration:
+    """Property 19: Provider block generation.
+
+    For any set of providers used, a provider block is generated for each.
+
+    **Validates: Requirements 5.4**
+    """
+
+    @given(
+        providers=st.lists(
+            provider_type_strategy,
+            min_size=1,
+            max_size=6,
+        ).map(lambda ps: list(set(ps))),  # Deduplicate
+    )
+    @settings(max_examples=100)
+    def test_one_provider_block_per_distinct_provider(self, providers):
+        """Generated output contains exactly one provider block per distinct provider."""
+        assume(len(providers) >= 1)
+
+        # Create profiles for each provider
+        profiles = [
+            ScanProfile(
+                provider=p,
+                credentials={"token": "test-token"},
+            )
+            for p in providers
+        ]
+
+        provider_types = set(providers)
+
+        generator = ProviderBlockGenerator()
+        result = generator.generate(profiles=profiles, provider_types=provider_types)
+
+        # Result should be a GeneratedFile
+        assert isinstance(result, GeneratedFile)
+        assert result.filename == "providers.tf"
+
+        content = result.content
+
+        # Count provider blocks: each provider type should have exactly one
+        # provider "name" { block
+        for provider_type in provider_types:
+            # Get the terraform provider name for this type
+            from iac_reverse.generator.provider_block import _PROVIDER_METADATA
+            tf_name = _PROVIDER_METADATA[provider_type][0]
+            provider_block_marker = f'provider "{tf_name}"'
+            count = content.count(provider_block_marker)
+            assert count == 1, (
+                f"Expected exactly 1 provider block for '{tf_name}', "
+                f"found {count} in:\n{content}"
+            )
+
+    @given(
+        providers=st.lists(
+            provider_type_strategy,
+            min_size=2,
+            max_size=6,
+        ).map(lambda ps: list(set(ps))),
+    )
+    @settings(max_examples=100)
+    def test_required_providers_block_lists_all(self, providers):
+        """The terraform required_providers block lists all providers used."""
+        assume(len(providers) >= 2)
+
+        profiles = [
+            ScanProfile(
+                provider=p,
+                credentials={"token": "test-token"},
+            )
+            for p in providers
+        ]
+
+        provider_types = set(providers)
+
+        generator = ProviderBlockGenerator()
+        result = generator.generate(profiles=profiles, provider_types=provider_types)
+
+        content = result.content
+
+        # The required_providers block must exist
+        assert "required_providers" in content
+
+        # Each provider must appear in the required_providers block
+        from iac_reverse.generator.provider_block import _PROVIDER_METADATA
+        for provider_type in provider_types:
+            tf_name, source, _ = _PROVIDER_METADATA[provider_type]
+            assert tf_name in content, (
+                f"Expected provider name '{tf_name}' in required_providers block"
+            )
+            assert source in content, (
+                f"Expected source '{source}' in required_providers block"
+            )
+
+    @given(provider=provider_type_strategy)
+    @settings(max_examples=100)
+    def test_single_provider_generates_one_block(self, provider):
+        """A single provider generates exactly one provider block."""
+        profiles = [
+            ScanProfile(
+                provider=provider,
+                credentials={"token": "test-token"},
+            )
+        ]
+
+        generator = ProviderBlockGenerator()
+        result = generator.generate(
+            profiles=profiles,
+            provider_types={provider},
+        )
+
+        content = result.content
+
+        from iac_reverse.generator.provider_block import _PROVIDER_METADATA
+        tf_name = _PROVIDER_METADATA[provider][0]
+
+        # Exactly one provider block
+        provider_block_marker = f'provider "{tf_name}"'
+        assert content.count(provider_block_marker) == 1
+
+        # terraform block with required_providers
+        assert "terraform {" in content
+        assert "required_providers" in content
+
+
+# ---------------------------------------------------------------------------
+# Property 20: Scan profile validation completeness (multi-provider scenarios)
+# ---------------------------------------------------------------------------
+
+
+class TestScanProfileValidationMultiProvider:
+    """Property 20: Scan profile validation completeness (multi-provider scenarios).
+
+    Additional multi-provider scenarios beyond what's in test_scan_profile_validation_prop.py.
+
+    **Validates: Requirements 6.1, 6.6, 6.7**
+    """
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+    )
+    @settings(max_examples=100)
+    def test_valid_multi_provider_profiles_all_pass_validation(
+        self, provider, credentials
+    ):
+        """Each valid profile in a multi-provider set passes validation independently."""
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+            resource_type_filters=None,
+        )
+        errors = profile.validate()
+        assert errors == [], f"Expected no errors for valid profile, got: {errors}"
+
+    @given(
+        provider_a=provider_type_strategy,
+        provider_b=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+    )
+    @settings(max_examples=100)
+    def test_mixed_valid_invalid_profiles_detected_independently(
+        self, provider_a, provider_b, credentials
+    ):
+        """Invalid profiles are detected independently in a multi-provider set."""
+        # Valid profile
+        valid_profile = ScanProfile(
+            provider=provider_a,
+            credentials=credentials,
+            resource_type_filters=None,
+        )
+        # Invalid profile (empty credentials)
+        invalid_profile = ScanProfile(
+            provider=provider_b,
+            credentials={},
+            resource_type_filters=None,
+        )
+
+        valid_errors = valid_profile.validate()
+        invalid_errors = invalid_profile.validate()
+
+        assert valid_errors == []
+        assert len(invalid_errors) >= 1
+        assert any("credentials" in e for e in invalid_errors)
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+    )
+    @settings(max_examples=100)
+    def test_cross_provider_resource_types_detected_as_unsupported(
+        self, provider, credentials
+    ):
+        """Resource types from a different provider are flagged as unsupported."""
+        # Pick a resource type from a different provider
+        other_providers = [p for p in ProviderType if p != provider]
+        assume(len(other_providers) > 0)
+        other_provider = other_providers[0]
+        other_types = PROVIDER_SUPPORTED_RESOURCE_TYPES[other_provider]
+
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+            resource_type_filters=other_types[:2],
+        )
+        errors = profile.validate()
+
+        # Should detect unsupported types (unless they happen to overlap)
+        supported = set(PROVIDER_SUPPORTED_RESOURCE_TYPES[provider])
+        unsupported = [t for t in other_types[:2] if t not in supported]
+        if unsupported:
+            assert any("unsupported" in e.lower() for e in errors), (
+                f"Expected unsupported error for cross-provider types, got: {errors}"
+            )
+
+
+# ---------------------------------------------------------------------------
+# Property 21: Filtering correctness
+# ---------------------------------------------------------------------------
+
+
+class TestFilteringCorrectness:
+    """Property 21: Filtering correctness.
+
+    When resource type filters are specified, only those types appear in the
+    scan result.
+
+    **Validates: Requirements 6.2, 6.4**
+    """
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+    )
+    @settings(max_examples=100)
+    def test_filtered_scan_returns_only_filtered_types(self, provider, credentials):
+        """When filters are specified, only filtered resource types appear in results."""
+        supported = PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]
+        assume(len(supported) >= 2)
+
+        # Pick a subset of supported types as filter
+        filter_types = supported[:2]
+
+        plugin = FilteringPlugin(provider=provider)
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+            resource_type_filters=filter_types,
+        )
+
+        scanner = Scanner(profile=profile, plugin=plugin)
+        result = scanner.scan()
+
+        # All discovered resources must have types in the filter list
+        for resource in result.resources:
+            assert resource.resource_type in filter_types, (
+                f"Resource type '{resource.resource_type}' not in filter list "
+                f"{filter_types}"
+            )
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+    )
+    @settings(max_examples=100)
+    def test_no_filter_returns_all_supported_types(self, provider, credentials):
+        """When no filters are specified, all supported types are discovered."""
+        supported = PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]
+
+        plugin = FilteringPlugin(provider=provider)
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+            resource_type_filters=None,
+        )
+
+        scanner = Scanner(profile=profile, plugin=plugin)
+        result = scanner.scan()
+
+        # All supported types should be discovered
+        discovered_types = {r.resource_type for r in result.resources}
+        for rt in supported:
+            assert rt in discovered_types, (
+                f"Expected type '{rt}' to be discovered when no filter, "
+                f"got: {discovered_types}"
+            )
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+    )
+    @settings(max_examples=100)
+    def test_single_type_filter_returns_only_that_type(self, provider, credentials):
+        """A single-type filter returns only resources of that type."""
+        supported = PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]
+        assume(len(supported) >= 1)
+
+        single_filter = [supported[0]]
+
+        plugin = FilteringPlugin(provider=provider)
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+            resource_type_filters=single_filter,
+        )
+
+        scanner = Scanner(profile=profile, plugin=plugin)
+        result = scanner.scan()
+
+        # Only the single filtered type should appear
+        for resource in result.resources:
+            assert resource.resource_type == single_filter[0], (
+                f"Expected only '{single_filter[0]}', got '{resource.resource_type}'"
+            )
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+    )
+    @settings(max_examples=100)
+    def test_empty_filter_returns_no_resources(self, provider, credentials):
+        """An empty filter list results in no resources discovered."""
+        plugin = FilteringPlugin(provider=provider)
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+            resource_type_filters=[],
+        )
+
+        scanner = Scanner(profile=profile, plugin=plugin)
+        result = scanner.scan()
+
+        # Empty filter means nothing to discover
+        assert len(result.resources) == 0, (
+            f"Expected 0 resources with empty filter, got {len(result.resources)}"
+        )
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+    )
+    @settings(max_examples=100)
+    def test_filter_subset_excludes_non_filtered_types(self, provider, credentials):
+        """Types not in the filter list do not appear in results."""
+        supported = PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]
+        assume(len(supported) >= 3)
+
+        # Filter to first 2 types only
+        filter_types = supported[:2]
+        excluded_types = supported[2:]
+
+        plugin = FilteringPlugin(provider=provider)
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+            resource_type_filters=filter_types,
+        )
+
+        scanner = Scanner(profile=profile, plugin=plugin)
+        result = scanner.scan()
+
+        # None of the excluded types should appear
+        discovered_types = {r.resource_type for r in result.resources}
+        for excluded in excluded_types:
+            assert excluded not in discovered_types, (
+                f"Excluded type '{excluded}' should not appear in filtered results"
+            )
diff --git a/tests/property/test_resource_inventory_completeness_prop.py b/tests/property/test_resource_inventory_completeness_prop.py
new file mode 100644
index 0000000..e35a823
--- /dev/null
+++ b/tests/property/test_resource_inventory_completeness_prop.py
@@ -0,0 +1,222 @@
+"""Property-based tests for resource inventory completeness.
+
+**Validates: Requirements 1.2**
+
+Property 1: Resource inventory completeness
+For any discovered resource from any on-premises provider (Docker Swarm, Kubernetes,
+Synology, Harvester, Bare Metal, Windows), the resulting inventory entry SHALL contain
+non-empty values for resource_type, unique_id, name, provider, platform_category,
+architecture, and attributes fields.
+"""
+
+from hypothesis import given, settings
+from hypothesis import strategies as st
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ScanResult,
+)
+
+
+# ---------------------------------------------------------------------------
+# Hypothesis Strategies
+# ---------------------------------------------------------------------------
+
+provider_type_strategy = st.sampled_from(list(ProviderType))
+platform_category_strategy = st.sampled_from(list(PlatformCategory))
+cpu_architecture_strategy = st.sampled_from(list(CpuArchitecture))
+
+non_empty_text_strategy = st.text(
+    min_size=1,
+    max_size=100,
+    alphabet=st.characters(whitelist_categories=("L", "N", "P", "S")),
+).filter(lambda s: s.strip() != "")
+
+resource_type_strategy = st.text(
+    min_size=1,
+    max_size=50,
+    alphabet=st.characters(whitelist_categories=("L", "N"), whitelist_characters="_"),
+).filter(lambda s: len(s) > 0 and s.strip() != "")
+
+unique_id_strategy = st.text(
+    min_size=1,
+    max_size=200,
+    alphabet=st.characters(whitelist_categories=("L", "N", "P", "S")),
+).filter(lambda s: s.strip() != "")
+
+name_strategy = st.text(
+    min_size=1,
+    max_size=100,
+    alphabet=st.characters(whitelist_categories=("L", "N", "P", "S")),
+).filter(lambda s: s.strip() != "")
+
+endpoint_strategy = st.text(
+    min_size=1,
+    max_size=200,
+    alphabet=st.characters(whitelist_categories=("L", "N", "P", "S")),
+).filter(lambda s: s.strip() != "")
+
+non_empty_attributes_strategy = st.dictionaries(
+    keys=st.text(
+        min_size=1,
+        max_size=30,
+        alphabet=st.characters(whitelist_categories=("L", "N"), whitelist_characters="_"),
+    ),
+    values=st.one_of(
+        st.text(min_size=1, max_size=50),
+        st.integers(min_value=0, max_value=10000),
+        st.booleans(),
+    ),
+    min_size=1,
+    max_size=10,
+)
+
+raw_references_strategy = st.lists(
+    st.text(min_size=0, max_size=100),
+    min_size=0,
+    max_size=5,
+)
+
+
+discovered_resource_strategy = st.builds(
+    DiscoveredResource,
+    resource_type=resource_type_strategy,
+    unique_id=unique_id_strategy,
+    name=name_strategy,
+    provider=provider_type_strategy,
+    platform_category=platform_category_strategy,
+    architecture=cpu_architecture_strategy,
+    endpoint=endpoint_strategy,
+    attributes=non_empty_attributes_strategy,
+    raw_references=raw_references_strategy,
+)
+
+
+# ---------------------------------------------------------------------------
+# Property Tests
+# ---------------------------------------------------------------------------
+
+
+class TestResourceInventoryCompleteness:
+    """Property 1: Resource inventory completeness.
+
+    **Validates: Requirements 1.2**
+
+    For any discovered resource from any on-premises provider, the resulting
+    inventory entry SHALL contain non-empty values for resource_type, unique_id,
+    name, provider, platform_category, architecture, and attributes fields.
+    """
+
+    @given(resource=discovered_resource_strategy)
+    def test_resource_type_is_non_empty(self, resource: DiscoveredResource):
+        """resource_type field must be a non-empty string."""
+        assert isinstance(resource.resource_type, str)
+        assert len(resource.resource_type) > 0
+        assert resource.resource_type.strip() != ""
+
+    @given(resource=discovered_resource_strategy)
+    def test_unique_id_is_non_empty(self, resource: DiscoveredResource):
+        """unique_id field must be a non-empty string."""
+        assert isinstance(resource.unique_id, str)
+        assert len(resource.unique_id) > 0
+        assert resource.unique_id.strip() != ""
+
+    @given(resource=discovered_resource_strategy)
+    def test_name_is_non_empty(self, resource: DiscoveredResource):
+        """name field must be a non-empty string."""
+        assert isinstance(resource.name, str)
+        assert len(resource.name) > 0
+        assert resource.name.strip() != ""
+
+    @given(resource=discovered_resource_strategy)
+    def test_provider_is_valid_enum(self, resource: DiscoveredResource):
+        """provider field must be a valid ProviderType enum value."""
+        assert isinstance(resource.provider, ProviderType)
+        assert resource.provider is not None
+
+    @given(resource=discovered_resource_strategy)
+    def test_platform_category_is_valid_enum(self, resource: DiscoveredResource):
+        """platform_category field must be a valid PlatformCategory enum value."""
+        assert isinstance(resource.platform_category, PlatformCategory)
+        assert resource.platform_category is not None
+
+    @given(resource=discovered_resource_strategy)
+    def test_architecture_is_valid_enum(self, resource: DiscoveredResource):
+        """architecture field must be a valid CpuArchitecture enum value."""
+        assert isinstance(resource.architecture, CpuArchitecture)
+        assert resource.architecture is not None
+
+    @given(resource=discovered_resource_strategy)
+    def test_attributes_is_non_empty_dict(self, resource: DiscoveredResource):
+        """attributes field must be a non-empty dictionary."""
+        assert isinstance(resource.attributes, dict)
+        assert len(resource.attributes) > 0
+
+    @given(resource=discovered_resource_strategy)
+    def test_all_mandatory_fields_populated(self, resource: DiscoveredResource):
+        """All mandatory fields must be non-empty/non-None simultaneously."""
+        # resource_type
+        assert isinstance(resource.resource_type, str) and len(resource.resource_type) > 0
+        # unique_id
+        assert isinstance(resource.unique_id, str) and len(resource.unique_id) > 0
+        # name
+        assert isinstance(resource.name, str) and len(resource.name) > 0
+        # provider
+        assert isinstance(resource.provider, ProviderType)
+        # platform_category
+        assert isinstance(resource.platform_category, PlatformCategory)
+        # architecture
+        assert isinstance(resource.architecture, CpuArchitecture)
+        # attributes
+        assert isinstance(resource.attributes, dict) and len(resource.attributes) > 0
+
+    @given(
+        resources=st.lists(discovered_resource_strategy, min_size=1, max_size=10),
+        warnings=st.lists(st.text(min_size=0, max_size=50), max_size=3),
+        errors=st.lists(st.text(min_size=0, max_size=50), max_size=3),
+    )
+    @settings(max_examples=50)
+    def test_scan_result_resources_all_have_mandatory_fields(
+        self, resources, warnings, errors
+    ):
+        """When a mock plugin produces resources in a ScanResult, every resource has all required fields."""
+        scan_result = ScanResult(
+            resources=resources,
+            warnings=warnings,
+            errors=errors,
+            scan_timestamp="2024-01-15T10:30:00Z",
+            profile_hash="test_hash_abc123",
+            is_partial=False,
+        )
+
+        for resource in scan_result.resources:
+            # resource_type is non-empty string
+            assert isinstance(resource.resource_type, str)
+            assert len(resource.resource_type) > 0
+            assert resource.resource_type.strip() != ""
+
+            # unique_id is non-empty string
+            assert isinstance(resource.unique_id, str)
+            assert len(resource.unique_id) > 0
+            assert resource.unique_id.strip() != ""
+
+            # name is non-empty string
+            assert isinstance(resource.name, str)
+            assert len(resource.name) > 0
+            assert resource.name.strip() != ""
+
+            # provider is valid enum
+            assert isinstance(resource.provider, ProviderType)
+
+            # platform_category is valid enum
+            assert isinstance(resource.platform_category, PlatformCategory)
+
+            # architecture is valid enum
+            assert isinstance(resource.architecture, CpuArchitecture)
+
+            # attributes is non-empty dict
+            assert isinstance(resource.attributes, dict)
+            assert len(resource.attributes) > 0
diff --git a/tests/property/test_scan_profile_validation_prop.py b/tests/property/test_scan_profile_validation_prop.py
new file mode 100644
index 0000000..8481f70
--- /dev/null
+++ b/tests/property/test_scan_profile_validation_prop.py
@@ -0,0 +1,257 @@
+"""Property-based tests for ScanProfile validation completeness.
+
+**Validates: Requirements 6.1, 6.6, 6.7**
+
+Property 20: Scan profile validation completeness
+For any scan profile with K invalid fields (missing provider, empty credentials,
+unreachable endpoints, filters exceeding 200 entries, or unsupported resource types),
+the validation error SHALL list all K invalid fields in a single response.
+"""
+
+from hypothesis import given, assume, settings
+from hypothesis import strategies as st
+
+from iac_reverse.models import (
+    MAX_RESOURCE_TYPE_FILTERS,
+    PROVIDER_SUPPORTED_RESOURCE_TYPES,
+    ProviderType,
+    ScanProfile,
+)
+
+
+# ---------------------------------------------------------------------------
+# Hypothesis Strategies
+# ---------------------------------------------------------------------------
+
+provider_type_strategy = st.sampled_from(list(ProviderType))
+
+non_empty_credentials_strategy = st.dictionaries(
+    keys=st.text(min_size=1, max_size=20, alphabet=st.characters(whitelist_categories=("L", "N", "P"))),
+    values=st.text(min_size=1, max_size=50),
+    min_size=1,
+    max_size=5,
+)
+
+empty_credentials_strategy = st.just({})
+
+
+def valid_resource_types_strategy(provider: ProviderType) -> st.SearchStrategy:
+    """Generate a list of valid resource types for the given provider."""
+    supported = PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]
+    return st.lists(st.sampled_from(supported), min_size=0, max_size=min(len(supported), 10))
+
+
+invalid_resource_type_strategy = st.text(
+    min_size=5, max_size=30,
+    alphabet=st.characters(whitelist_categories=("L",))
+).filter(
+    lambda t: all(t not in types for types in PROVIDER_SUPPORTED_RESOURCE_TYPES.values())
+)
+
+
+# ---------------------------------------------------------------------------
+# Property Tests
+# ---------------------------------------------------------------------------
+
+
+class TestScanProfileValidationCompleteness:
+    """Property 20: Scan profile validation completeness.
+
+    **Validates: Requirements 6.1, 6.6, 6.7**
+    """
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+    )
+    def test_valid_profile_returns_no_errors(self, provider, credentials):
+        """A profile with non-empty credentials and no filters is always valid."""
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+            resource_type_filters=None,
+        )
+        errors = profile.validate()
+        assert errors == [], f"Expected no errors for valid profile, got: {errors}"
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+    )
+    def test_valid_profile_with_valid_filters_returns_no_errors(self, provider, credentials):
+        """A profile with valid credentials and valid resource type filters is valid."""
+        supported = PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+            resource_type_filters=supported,
+        )
+        errors = profile.validate()
+        assert errors == [], f"Expected no errors for valid profile with valid filters, got: {errors}"
+
+    @given(provider=provider_type_strategy)
+    def test_empty_credentials_always_produces_credentials_error(self, provider):
+        """Empty credentials must always produce an error mentioning 'credentials'."""
+        profile = ScanProfile(
+            provider=provider,
+            credentials={},
+            resource_type_filters=None,
+        )
+        errors = profile.validate()
+        assert len(errors) >= 1
+        assert any("credentials" in e for e in errors), (
+            f"Expected error mentioning 'credentials', got: {errors}"
+        )
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+        extra_count=st.integers(min_value=1, max_value=50),
+    )
+    def test_oversized_filters_produces_count_error(self, provider, credentials, extra_count):
+        """Filters exceeding MAX_RESOURCE_TYPE_FILTERS must produce an error about the count limit."""
+        # Build a list that exceeds the limit using valid types repeated
+        supported = PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]
+        oversized_count = MAX_RESOURCE_TYPE_FILTERS + extra_count
+        filters = (supported * (oversized_count // len(supported) + 1))[:oversized_count]
+
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+            resource_type_filters=filters,
+        )
+        errors = profile.validate()
+        assert any(
+            "at most" in e or str(MAX_RESOURCE_TYPE_FILTERS) in e
+            for e in errors
+        ), f"Expected error mentioning count limit, got: {errors}"
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+        invalid_types=st.lists(invalid_resource_type_strategy, min_size=1, max_size=5),
+    )
+    def test_unsupported_types_produces_unsupported_error(self, provider, credentials, invalid_types):
+        """Unsupported resource types must produce an error mentioning them."""
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+            resource_type_filters=invalid_types,
+        )
+        errors = profile.validate()
+        assert any("unsupported" in e.lower() for e in errors), (
+            f"Expected error mentioning unsupported types, got: {errors}"
+        )
+
+    @given(
+        provider=provider_type_strategy,
+        invalid_types=st.lists(invalid_resource_type_strategy, min_size=1, max_size=3),
+    )
+    def test_no_short_circuit_credentials_and_unsupported(self, provider, invalid_types):
+        """When both credentials are empty AND unsupported types exist, both errors are reported."""
+        profile = ScanProfile(
+            provider=provider,
+            credentials={},
+            resource_type_filters=invalid_types,
+        )
+        errors = profile.validate()
+        assert len(errors) >= 2, f"Expected at least 2 errors, got {len(errors)}: {errors}"
+        assert any("credentials" in e for e in errors), (
+            f"Expected credentials error, got: {errors}"
+        )
+        assert any("unsupported" in e.lower() for e in errors), (
+            f"Expected unsupported types error, got: {errors}"
+        )
+
+    @given(
+        provider=provider_type_strategy,
+        extra_count=st.integers(min_value=1, max_value=20),
+    )
+    def test_no_short_circuit_credentials_and_oversized(self, provider, extra_count):
+        """When both credentials are empty AND filters exceed limit, both errors are reported."""
+        supported = PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]
+        oversized_count = MAX_RESOURCE_TYPE_FILTERS + extra_count
+        filters = (supported * (oversized_count // len(supported) + 1))[:oversized_count]
+
+        profile = ScanProfile(
+            provider=provider,
+            credentials={},
+            resource_type_filters=filters,
+        )
+        errors = profile.validate()
+        assert len(errors) >= 2, f"Expected at least 2 errors, got {len(errors)}: {errors}"
+        assert any("credentials" in e for e in errors), (
+            f"Expected credentials error, got: {errors}"
+        )
+        assert any(
+            "at most" in e or str(MAX_RESOURCE_TYPE_FILTERS) in e
+            for e in errors
+        ), f"Expected count limit error, got: {errors}"
+
+    @given(
+        provider=provider_type_strategy,
+        extra_count=st.integers(min_value=1, max_value=10),
+        invalid_types=st.lists(invalid_resource_type_strategy, min_size=1, max_size=3),
+    )
+    def test_no_short_circuit_all_three_issues(self, provider, extra_count, invalid_types):
+        """When credentials empty, filters oversized, AND unsupported types exist, all errors reported."""
+        supported = PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]
+        oversized_count = MAX_RESOURCE_TYPE_FILTERS + extra_count
+        # Mix valid types (to reach oversized count) with invalid types
+        valid_padding = (supported * (oversized_count // len(supported) + 1))[:oversized_count]
+        filters = valid_padding + invalid_types
+
+        profile = ScanProfile(
+            provider=provider,
+            credentials={},
+            resource_type_filters=filters,
+        )
+        errors = profile.validate()
+        assert len(errors) >= 3, f"Expected at least 3 errors, got {len(errors)}: {errors}"
+        assert any("credentials" in e for e in errors), (
+            f"Expected credentials error, got: {errors}"
+        )
+        assert any(
+            "at most" in e or str(MAX_RESOURCE_TYPE_FILTERS) in e
+            for e in errors
+        ), f"Expected count limit error, got: {errors}"
+        assert any("unsupported" in e.lower() for e in errors), (
+            f"Expected unsupported types error, got: {errors}"
+        )
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+    )
+    def test_empty_list_filters_is_valid(self, provider, credentials):
+        """An empty resource_type_filters list (not None) should be valid."""
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+            resource_type_filters=[],
+        )
+        errors = profile.validate()
+        assert errors == [], f"Expected no errors for empty filter list, got: {errors}"
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+        count=st.integers(min_value=1, max_value=MAX_RESOURCE_TYPE_FILTERS),
+    )
+    def test_filters_at_or_below_limit_with_valid_types_is_valid(self, provider, credentials, count):
+        """Any number of valid filters at or below the limit should produce no count error."""
+        supported = PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]
+        # Repeat valid types to reach the desired count
+        filters = (supported * (count // len(supported) + 1))[:count]
+
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+            resource_type_filters=filters,
+        )
+        errors = profile.validate()
+        # Should not have a count limit error
+        assert not any(
+            "at most" in e or (str(MAX_RESOURCE_TYPE_FILTERS) in e and "entries" in e)
+            for e in errors
+        ), f"Unexpected count limit error for {count} filters: {errors}"
diff --git a/tests/property/test_scanner_behavior_prop.py b/tests/property/test_scanner_behavior_prop.py
new file mode 100644
index 0000000..a5216ec
--- /dev/null
+++ b/tests/property/test_scanner_behavior_prop.py
@@ -0,0 +1,608 @@
+"""Property-based tests for Scanner behavior.
+
+**Validates: Requirements 1.3, 1.4, 1.5, 1.7**
+
+Property 2: Authentication error descriptiveness
+For any provider type and any authentication failure reason, the error returned
+by the Scanner SHALL contain both the provider name string and the failure reason string.
+
+Property 3: Graceful degradation on unsupported resource types
+For any scan request containing a mix of supported and unsupported resource types,
+the Scanner SHALL produce warnings for each unsupported type AND return a complete
+inventory for all supported types.
+
+Property 4: Progress reporting frequency
+The Scanner SHALL report progress at least once per resource type completion.
+
+Property 5: Partial inventory preservation on failure
+If the Provider API connection is lost during an active scan, the Scanner SHALL
+return a partial resource inventory.
+"""
+
+from typing import Callable
+
+import pytest
+from hypothesis import given, settings
+from hypothesis import strategies as st
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    DiscoveredResource,
+    PlatformCategory,
+    PROVIDER_SUPPORTED_RESOURCE_TYPES,
+    ProviderType,
+    ScanProfile,
+    ScanProgress,
+    ScanResult,
+)
+from iac_reverse.plugin_base import ProviderPlugin
+from iac_reverse.scanner.scanner import (
+    AuthenticationError,
+    ConnectionLostError,
+    Scanner,
+)
+
+
+# ---------------------------------------------------------------------------
+# Hypothesis Strategies
+# ---------------------------------------------------------------------------
+
+provider_type_strategy = st.sampled_from(list(ProviderType))
+
+non_empty_string_strategy = st.text(
+    min_size=1,
+    max_size=100,
+    alphabet=st.characters(whitelist_categories=("L", "N", "P", "S")),
+).filter(lambda s: s.strip())
+
+non_empty_credentials_strategy = st.dictionaries(
+    keys=st.text(min_size=1, max_size=20, alphabet=st.characters(whitelist_categories=("L", "N"))),
+    values=st.text(min_size=1, max_size=50),
+    min_size=1,
+    max_size=5,
+)
+
+unsupported_resource_type_strategy = st.text(
+    min_size=5,
+    max_size=30,
+    alphabet=st.characters(whitelist_categories=("L",)),
+).filter(
+    lambda t: all(t not in types for types in PROVIDER_SUPPORTED_RESOURCE_TYPES.values())
+)
+
+
+# ---------------------------------------------------------------------------
+# Mock Plugin Implementations
+# ---------------------------------------------------------------------------
+
+
+class FailingAuthPlugin(ProviderPlugin):
+    """A plugin that always fails authentication with a given reason."""
+
+    def __init__(self, failure_reason: str):
+        self.failure_reason = failure_reason
+
+    def authenticate(self, credentials: dict[str, str]) -> None:
+        raise RuntimeError(self.failure_reason)
+
+    def get_platform_category(self) -> PlatformCategory:
+        return PlatformCategory.CONTAINER_ORCHESTRATION
+
+    def list_endpoints(self) -> list[str]:
+        return ["http://localhost:8080"]
+
+    def list_supported_resource_types(self) -> list[str]:
+        return ["mock_resource"]
+
+    def detect_architecture(self, endpoint: str) -> CpuArchitecture:
+        return CpuArchitecture.AMD64
+
+    def discover_resources(
+        self,
+        endpoints: list[str],
+        resource_types: list[str],
+        progress_callback: Callable[[ScanProgress], None],
+    ) -> ScanResult:
+        return ScanResult(
+            resources=[], warnings=[], errors=[],
+            scan_timestamp="", profile_hash="",
+        )
+
+
+class GracefulDegradationPlugin(ProviderPlugin):
+    """A plugin that supports specific resource types and discovers resources for them."""
+
+    def __init__(self, supported_types: list[str]):
+        self._supported_types = supported_types
+
+    def authenticate(self, credentials: dict[str, str]) -> None:
+        pass  # Always succeeds
+
+    def get_platform_category(self) -> PlatformCategory:
+        return PlatformCategory.CONTAINER_ORCHESTRATION
+
+    def list_endpoints(self) -> list[str]:
+        return ["http://localhost:8080"]
+
+    def list_supported_resource_types(self) -> list[str]:
+        return self._supported_types
+
+    def detect_architecture(self, endpoint: str) -> CpuArchitecture:
+        return CpuArchitecture.AMD64
+
+    def discover_resources(
+        self,
+        endpoints: list[str],
+        resource_types: list[str],
+        progress_callback: Callable[[ScanProgress], None],
+    ) -> ScanResult:
+        # Create one resource per supported resource type requested
+        resources = []
+        for i, rt in enumerate(resource_types):
+            resources.append(
+                DiscoveredResource(
+                    resource_type=rt,
+                    unique_id=f"id-{rt}-{i}",
+                    name=f"resource-{rt}-{i}",
+                    provider=ProviderType.KUBERNETES,
+                    platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+                    architecture=CpuArchitecture.AMD64,
+                    endpoint="http://localhost:8080",
+                    attributes={"key": "value"},
+                )
+            )
+            progress_callback(ScanProgress(
+                current_resource_type=rt,
+                resources_discovered=i + 1,
+                resource_types_completed=i + 1,
+                total_resource_types=len(resource_types),
+            ))
+        return ScanResult(
+            resources=resources,
+            warnings=[],
+            errors=[],
+            scan_timestamp="",
+            profile_hash="",
+        )
+
+
+class ProgressTrackingPlugin(ProviderPlugin):
+    """A plugin that reports progress per resource type."""
+
+    def __init__(self, supported_types: list[str]):
+        self._supported_types = supported_types
+
+    def authenticate(self, credentials: dict[str, str]) -> None:
+        pass
+
+    def get_platform_category(self) -> PlatformCategory:
+        return PlatformCategory.CONTAINER_ORCHESTRATION
+
+    def list_endpoints(self) -> list[str]:
+        return ["http://localhost:8080"]
+
+    def list_supported_resource_types(self) -> list[str]:
+        return self._supported_types
+
+    def detect_architecture(self, endpoint: str) -> CpuArchitecture:
+        return CpuArchitecture.AMD64
+
+    def discover_resources(
+        self,
+        endpoints: list[str],
+        resource_types: list[str],
+        progress_callback: Callable[[ScanProgress], None],
+    ) -> ScanResult:
+        resources = []
+        for i, rt in enumerate(resource_types):
+            resource = DiscoveredResource(
+                resource_type=rt,
+                unique_id=f"id-{rt}-{i}",
+                name=f"resource-{rt}-{i}",
+                provider=ProviderType.KUBERNETES,
+                platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+                architecture=CpuArchitecture.AMD64,
+                endpoint="http://localhost:8080",
+                attributes={},
+            )
+            resources.append(resource)
+            progress_callback(ScanProgress(
+                current_resource_type=rt,
+                resources_discovered=i + 1,
+                resource_types_completed=i + 1,
+                total_resource_types=len(resource_types),
+            ))
+        return ScanResult(
+            resources=resources,
+            warnings=[],
+            errors=[],
+            scan_timestamp="",
+            profile_hash="",
+        )
+
+
+class ConnectionLossPlugin(ProviderPlugin):
+    """A plugin that loses connection after discovering some resources."""
+
+    def __init__(self, supported_types: list[str], fail_after: int):
+        self._supported_types = supported_types
+        self._fail_after = fail_after
+
+    def authenticate(self, credentials: dict[str, str]) -> None:
+        pass
+
+    def get_platform_category(self) -> PlatformCategory:
+        return PlatformCategory.CONTAINER_ORCHESTRATION
+
+    def list_endpoints(self) -> list[str]:
+        return ["http://localhost:8080"]
+
+    def list_supported_resource_types(self) -> list[str]:
+        return self._supported_types
+
+    def detect_architecture(self, endpoint: str) -> CpuArchitecture:
+        return CpuArchitecture.AMD64
+
+    def discover_resources(
+        self,
+        endpoints: list[str],
+        resource_types: list[str],
+        progress_callback: Callable[[ScanProgress], None],
+    ) -> ScanResult:
+        # Simulate connection loss by raising ConnectionError
+        raise ConnectionError(
+            f"Connection lost after discovering {self._fail_after} resources"
+        )
+
+
+# ---------------------------------------------------------------------------
+# Property Tests
+# ---------------------------------------------------------------------------
+
+
+class TestAuthenticationErrorDescriptiveness:
+    """Property 2: Authentication error descriptiveness.
+
+    For any provider type and any authentication failure reason, the error
+    returned by the Scanner SHALL contain both the provider name string and
+    the failure reason string.
+
+    **Validates: Requirements 1.3**
+    """
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+        failure_reason=non_empty_string_strategy,
+    )
+    @settings(max_examples=100)
+    def test_auth_error_contains_provider_name_and_reason(
+        self, provider, credentials, failure_reason
+    ):
+        """AuthenticationError must contain both provider name and failure reason."""
+        plugin = FailingAuthPlugin(failure_reason=failure_reason)
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+        )
+        scanner = Scanner(profile=profile, plugin=plugin)
+
+        with pytest.raises(AuthenticationError) as exc_info:
+            scanner.scan()
+
+        error = exc_info.value
+        # The error must contain the provider name
+        assert provider.value in str(error), (
+            f"Expected provider name '{provider.value}' in error message, "
+            f"got: '{str(error)}'"
+        )
+        # The error must contain the failure reason
+        assert failure_reason in str(error), (
+            f"Expected failure reason '{failure_reason}' in error message, "
+            f"got: '{str(error)}'"
+        )
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+        failure_reason=non_empty_string_strategy,
+    )
+    @settings(max_examples=100)
+    def test_auth_error_attributes_match(self, provider, credentials, failure_reason):
+        """AuthenticationError attributes must store provider_name and reason."""
+        plugin = FailingAuthPlugin(failure_reason=failure_reason)
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+        )
+        scanner = Scanner(profile=profile, plugin=plugin)
+
+        with pytest.raises(AuthenticationError) as exc_info:
+            scanner.scan()
+
+        error = exc_info.value
+        assert error.provider_name == provider.value
+        assert error.reason == failure_reason
+
+
+class TestGracefulDegradationOnUnsupportedTypes:
+    """Property 3: Graceful degradation on unsupported resource types.
+
+    For any scan request containing a mix of supported and unsupported resource
+    types, the Scanner SHALL produce warnings for each unsupported type AND
+    return a complete inventory for all supported types.
+
+    **Validates: Requirements 1.4**
+    """
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+        unsupported_types=st.lists(unsupported_resource_type_strategy, min_size=1, max_size=5),
+    )
+    @settings(max_examples=100)
+    def test_unsupported_types_produce_warnings(
+        self, provider, credentials, unsupported_types
+    ):
+        """Each unsupported resource type must produce a warning."""
+        supported = PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]
+        plugin = GracefulDegradationPlugin(supported_types=supported)
+
+        # Mix supported and unsupported types
+        mixed_filters = list(supported[:2]) + unsupported_types
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+            resource_type_filters=mixed_filters,
+        )
+        scanner = Scanner(profile=profile, plugin=plugin)
+        result = scanner.scan()
+
+        # There must be a warning for each unsupported type
+        for unsupported in unsupported_types:
+            assert any(unsupported in w for w in result.warnings), (
+                f"Expected warning for unsupported type '{unsupported}', "
+                f"got warnings: {result.warnings}"
+            )
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+        unsupported_types=st.lists(unsupported_resource_type_strategy, min_size=1, max_size=5),
+    )
+    @settings(max_examples=100)
+    def test_supported_types_still_discovered(
+        self, provider, credentials, unsupported_types
+    ):
+        """Supported types must still be fully discovered despite unsupported types."""
+        supported = PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]
+        plugin = GracefulDegradationPlugin(supported_types=supported)
+
+        # Use at least one supported type plus unsupported types
+        supported_subset = supported[:2]
+        mixed_filters = supported_subset + unsupported_types
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+            resource_type_filters=mixed_filters,
+        )
+        scanner = Scanner(profile=profile, plugin=plugin)
+        result = scanner.scan()
+
+        # All supported types in the filter should have resources discovered
+        discovered_types = {r.resource_type for r in result.resources}
+        for st_type in supported_subset:
+            assert st_type in discovered_types, (
+                f"Expected supported type '{st_type}' to be discovered, "
+                f"but only found: {discovered_types}"
+            )
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+        unsupported_types=st.lists(unsupported_resource_type_strategy, min_size=1, max_size=5),
+    )
+    @settings(max_examples=100)
+    def test_warning_count_matches_unsupported_count(
+        self, provider, credentials, unsupported_types
+    ):
+        """Number of warnings must be at least the number of unsupported types."""
+        supported = PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]
+        plugin = GracefulDegradationPlugin(supported_types=supported)
+
+        # Only unsupported types in filter
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+            resource_type_filters=unsupported_types,
+        )
+        scanner = Scanner(profile=profile, plugin=plugin)
+        result = scanner.scan()
+
+        # Deduplicate unsupported types for comparison
+        unique_unsupported = set(unsupported_types)
+        assert len(result.warnings) >= len(unique_unsupported), (
+            f"Expected at least {len(unique_unsupported)} warnings, "
+            f"got {len(result.warnings)}: {result.warnings}"
+        )
+
+
+class TestProgressReportingFrequency:
+    """Property 4: Progress reporting frequency.
+
+    For any scan across N resource types, the progress callback SHALL be
+    invoked at least N times, once per resource type completion.
+
+    **Validates: Requirements 1.5**
+    """
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+    )
+    @settings(max_examples=100)
+    def test_progress_reported_at_least_once_per_resource_type(
+        self, provider, credentials
+    ):
+        """Progress callback must be invoked at least once per resource type."""
+        supported = PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]
+        plugin = ProgressTrackingPlugin(supported_types=supported)
+
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+            resource_type_filters=None,  # Scan all supported types
+        )
+
+        progress_reports: list[ScanProgress] = []
+
+        def track_progress(progress: ScanProgress) -> None:
+            progress_reports.append(progress)
+
+        scanner = Scanner(profile=profile, plugin=plugin)
+        scanner.scan(progress_callback=track_progress)
+
+        # Must have at least N progress reports for N resource types
+        assert len(progress_reports) >= len(supported), (
+            f"Expected at least {len(supported)} progress reports, "
+            f"got {len(progress_reports)}"
+        )
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+    )
+    @settings(max_examples=100)
+    def test_progress_reports_cover_all_resource_types(
+        self, provider, credentials
+    ):
+        """Progress reports must cover every resource type being scanned."""
+        supported = PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]
+        plugin = ProgressTrackingPlugin(supported_types=supported)
+
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+            resource_type_filters=None,
+        )
+
+        progress_reports: list[ScanProgress] = []
+
+        def track_progress(progress: ScanProgress) -> None:
+            progress_reports.append(progress)
+
+        scanner = Scanner(profile=profile, plugin=plugin)
+        scanner.scan(progress_callback=track_progress)
+
+        # Every resource type should appear in at least one progress report
+        reported_types = {p.current_resource_type for p in progress_reports}
+        for rt in supported:
+            assert rt in reported_types, (
+                f"Expected resource type '{rt}' in progress reports, "
+                f"but only found: {reported_types}"
+            )
+
+
+class TestPartialInventoryPreservationOnFailure:
+    """Property 5: Partial inventory preservation on failure.
+
+    If the Provider API connection is lost during an active scan, the Scanner
+    SHALL return a partial resource inventory.
+
+    **Validates: Requirements 1.7**
+    """
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+        fail_after=st.integers(min_value=0, max_value=10),
+    )
+    @settings(max_examples=100)
+    def test_connection_loss_raises_with_partial_result(
+        self, provider, credentials, fail_after
+    ):
+        """Connection loss must raise ConnectionLostError with partial result."""
+        supported = PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]
+        plugin = ConnectionLossPlugin(
+            supported_types=supported,
+            fail_after=fail_after,
+        )
+
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+            resource_type_filters=None,
+        )
+        scanner = Scanner(profile=profile, plugin=plugin)
+
+        with pytest.raises(ConnectionLostError) as exc_info:
+            scanner.scan()
+
+        error = exc_info.value
+        # Must have a partial_result attribute
+        assert hasattr(error, "partial_result")
+        partial = error.partial_result
+        assert isinstance(partial, ScanResult)
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+        fail_after=st.integers(min_value=0, max_value=10),
+    )
+    @settings(max_examples=100)
+    def test_partial_result_is_marked_as_partial(
+        self, provider, credentials, fail_after
+    ):
+        """Partial result from connection loss must have is_partial=True."""
+        supported = PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]
+        plugin = ConnectionLossPlugin(
+            supported_types=supported,
+            fail_after=fail_after,
+        )
+
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+            resource_type_filters=None,
+        )
+        scanner = Scanner(profile=profile, plugin=plugin)
+
+        with pytest.raises(ConnectionLostError) as exc_info:
+            scanner.scan()
+
+        partial = exc_info.value.partial_result
+        assert partial.is_partial is True, (
+            "Partial result from connection loss must have is_partial=True"
+        )
+
+    @given(
+        provider=provider_type_strategy,
+        credentials=non_empty_credentials_strategy,
+        fail_after=st.integers(min_value=0, max_value=10),
+    )
+    @settings(max_examples=100)
+    def test_partial_result_contains_error_info(
+        self, provider, credentials, fail_after
+    ):
+        """Partial result must contain error information about the failure."""
+        supported = PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]
+        plugin = ConnectionLossPlugin(
+            supported_types=supported,
+            fail_after=fail_after,
+        )
+
+        profile = ScanProfile(
+            provider=provider,
+            credentials=credentials,
+            resource_type_filters=None,
+        )
+        scanner = Scanner(profile=profile, plugin=plugin)
+
+        with pytest.raises(ConnectionLostError) as exc_info:
+            scanner.scan()
+
+        partial = exc_info.value.partial_result
+        # Must have at least one error or warning indicating the failure
+        assert len(partial.errors) > 0 or len(partial.warnings) > 0, (
+            "Partial result must contain error/warning info about the connection loss"
+        )
diff --git a/tests/property/test_state_builder_prop.py b/tests/property/test_state_builder_prop.py
new file mode 100644
index 0000000..db193a4
--- /dev/null
+++ b/tests/property/test_state_builder_prop.py
@@ -0,0 +1,567 @@
+"""Property-based tests for the State Builder.
+
+**Validates: Requirements 4.1, 4.2, 4.4, 4.5**
+
+Properties tested:
+- Property 16: State file structural validity
+- Property 17: State entry completeness and schema correctness
+"""
+
+import json
+import re
+import uuid
+
+from hypothesis import given, settings, assume
+from hypothesis import strategies as st
+
+from iac_reverse.generator.sanitize import sanitize_identifier
+from iac_reverse.models import (
+    CodeGenerationResult,
+    CpuArchitecture,
+    DependencyGraph,
+    DiscoveredResource,
+    GeneratedFile,
+    PlatformCategory,
+    PROVIDER_SUPPORTED_RESOURCE_TYPES,
+    ProviderType,
+    ResourceRelationship,
+)
+from iac_reverse.state_builder import StateBuilder
+
+
+# ---------------------------------------------------------------------------
+# Hypothesis Strategies
+# ---------------------------------------------------------------------------
+
+provider_type_strategy = st.sampled_from(list(ProviderType))
+platform_category_strategy = st.sampled_from(list(PlatformCategory))
+cpu_architecture_strategy = st.sampled_from(list(CpuArchitecture))
+
+# All supported resource types across all providers (flat list)
+ALL_SUPPORTED_RESOURCE_TYPES = []
+for _types in PROVIDER_SUPPORTED_RESOURCE_TYPES.values():
+    ALL_SUPPORTED_RESOURCE_TYPES.extend(_types)
+
+resource_type_strategy = st.sampled_from(ALL_SUPPORTED_RESOURCE_TYPES)
+
+# Strategy for resource names (valid identifiers with some variety)
+resource_name_strategy = st.text(
+    min_size=1,
+    max_size=20,
+    alphabet=st.characters(whitelist_categories=("L", "N"), whitelist_characters="_-"),
+).filter(lambda s: s.strip() != "")
+
+# Strategy for unique IDs (non-empty strings)
+unique_id_strategy = st.text(
+    min_size=1,
+    max_size=40,
+    alphabet=st.characters(whitelist_categories=("L", "N"), whitelist_characters="_-/:."),
+).filter(lambda s: s.strip() != "")
+
+# Strategy for simple attribute values
+simple_attr_value_strategy = st.one_of(
+    st.text(
+        min_size=1,
+        max_size=30,
+        alphabet=st.characters(
+            whitelist_categories=("L", "N"), whitelist_characters="_-./: "
+        ),
+    ).filter(lambda s: s.strip() != ""),
+    st.integers(min_value=0, max_value=10000),
+    st.booleans(),
+)
+
+# Strategy for attribute dictionaries (non-empty)
+attributes_strategy = st.dictionaries(
+    keys=st.text(
+        min_size=1,
+        max_size=15,
+        alphabet=st.characters(whitelist_categories=("L",), whitelist_characters="_"),
+    ).filter(lambda s: s.strip() != "" and s[0].isalpha()),
+    values=simple_attr_value_strategy,
+    min_size=1,
+    max_size=5,
+)
+
+# Strategy for provider version strings (semver-like)
+provider_version_strategy = st.from_regex(r"[1-9][0-9]{0,1}\.[0-9]{1,2}\.[0-9]{1,2}", fullmatch=True)
+
+
+# ---------------------------------------------------------------------------
+# Helpers
+# ---------------------------------------------------------------------------
+
+
+def make_resource(
+    unique_id: str,
+    resource_type: str = "kubernetes_deployment",
+    name: str = "my_resource",
+    provider: ProviderType = ProviderType.KUBERNETES,
+    platform_category: PlatformCategory = PlatformCategory.CONTAINER_ORCHESTRATION,
+    architecture: CpuArchitecture = CpuArchitecture.AMD64,
+    attributes: dict | None = None,
+    raw_references: list[str] | None = None,
+) -> DiscoveredResource:
+    """Helper to create a DiscoveredResource with sensible defaults."""
+    return DiscoveredResource(
+        resource_type=resource_type,
+        unique_id=unique_id,
+        name=name,
+        provider=provider,
+        platform_category=platform_category,
+        architecture=architecture,
+        endpoint="https://api.internal.lab:6443",
+        attributes=attributes or {"key": "value"},
+        raw_references=raw_references or [],
+    )
+
+
+def make_dependency_graph(
+    resources: list[DiscoveredResource],
+    relationships: list[ResourceRelationship] | None = None,
+) -> DependencyGraph:
+    """Helper to create a DependencyGraph from resources."""
+    return DependencyGraph(
+        resources=resources,
+        relationships=relationships or [],
+        topological_order=[r.unique_id for r in resources],
+        cycles=[],
+        unresolved_references=[],
+    )
+
+
+def make_code_generation_result() -> CodeGenerationResult:
+    """Helper to create a minimal CodeGenerationResult."""
+    return CodeGenerationResult(
+        resource_files=[
+            GeneratedFile(filename="main.tf", content="", resource_count=0)
+        ],
+        variables_file=GeneratedFile(
+            filename="variables.tf", content="", resource_count=0
+        ),
+        provider_file=GeneratedFile(
+            filename="provider.tf", content="", resource_count=0
+        ),
+    )
+
+
+# ---------------------------------------------------------------------------
+# Composite strategies
+# ---------------------------------------------------------------------------
+
+
+@st.composite
+def mappable_resource_strategy(draw):
+    """Generate a single DiscoveredResource that is mappable to state.
+
+    A mappable resource has a non-empty unique_id and a recognized resource type.
+    """
+    resource_type = draw(resource_type_strategy)
+    name = draw(resource_name_strategy)
+    unique_id = draw(unique_id_strategy)
+    provider = draw(provider_type_strategy)
+    platform_category = draw(platform_category_strategy)
+    architecture = draw(cpu_architecture_strategy)
+    attributes = draw(attributes_strategy)
+
+    return make_resource(
+        unique_id=unique_id,
+        resource_type=resource_type,
+        name=name,
+        provider=provider,
+        platform_category=platform_category,
+        architecture=architecture,
+        attributes=attributes,
+    )
+
+
+@st.composite
+def multiple_mappable_resources_strategy(draw):
+    """Generate a list of mappable resources with unique IDs."""
+    num_resources = draw(st.integers(min_value=1, max_value=5))
+    resources = []
+    seen_ids = set()
+
+    for _ in range(num_resources):
+        resource = draw(mappable_resource_strategy())
+        # Ensure unique IDs are distinct
+        if resource.unique_id in seen_ids:
+            continue
+        seen_ids.add(resource.unique_id)
+        resources.append(resource)
+
+    assume(len(resources) >= 1)
+    return resources
+
+
+@st.composite
+def resource_with_sensitive_attrs_strategy(draw):
+    """Generate a resource with attributes that include sensitive-looking keys."""
+    resource_type = draw(resource_type_strategy)
+    name = draw(resource_name_strategy)
+    unique_id = draw(unique_id_strategy)
+
+    # Include at least one sensitive key
+    sensitive_key = draw(st.sampled_from([
+        "password", "api_secret", "auth_token", "private_key", "tls_certificate",
+    ]))
+    sensitive_value = draw(st.text(min_size=1, max_size=20, alphabet="abcdefghijklmnop"))
+
+    # Also include non-sensitive attributes
+    normal_attrs = draw(attributes_strategy)
+    normal_attrs[sensitive_key] = sensitive_value
+
+    return make_resource(
+        unique_id=unique_id,
+        resource_type=resource_type,
+        name=name,
+        attributes=normal_attrs,
+    )
+
+
+# ---------------------------------------------------------------------------
+# Property 16: State file structural validity
+# ---------------------------------------------------------------------------
+
+
+class TestStateFileStructuralValidity:
+    """Property 16: State file structural validity.
+
+    **Validates: Requirements 4.1**
+
+    For any set of resources, the generated state file has version=4,
+    valid UUID lineage, serial=1, and valid JSON structure.
+    """
+
+    @given(resources=multiple_mappable_resources_strategy())
+    @settings(max_examples=100)
+    def test_state_file_version_is_4(
+        self, resources: list[DiscoveredResource]
+    ):
+        """The generated state file always has version=4."""
+        builder = StateBuilder()
+        graph = make_dependency_graph(resources)
+        code_result = make_code_generation_result()
+
+        state_file = builder.build(code_result, graph, "1.0.0")
+
+        assert state_file.version == 4, (
+            f"Expected version=4, got version={state_file.version}"
+        )
+
+    @given(resources=multiple_mappable_resources_strategy())
+    @settings(max_examples=100)
+    def test_state_file_has_valid_uuid_lineage(
+        self, resources: list[DiscoveredResource]
+    ):
+        """The generated state file has a valid UUID lineage."""
+        builder = StateBuilder()
+        graph = make_dependency_graph(resources)
+        code_result = make_code_generation_result()
+
+        state_file = builder.build(code_result, graph, "1.0.0")
+
+        # Lineage should be a valid UUID
+        try:
+            parsed_uuid = uuid.UUID(state_file.lineage)
+        except ValueError:
+            raise AssertionError(
+                f"Lineage '{state_file.lineage}' is not a valid UUID"
+            )
+
+        assert parsed_uuid.version == 4, (
+            f"Expected UUID version 4, got version {parsed_uuid.version}"
+        )
+
+    @given(resources=multiple_mappable_resources_strategy())
+    @settings(max_examples=100)
+    def test_state_file_serial_is_1(
+        self, resources: list[DiscoveredResource]
+    ):
+        """The generated state file always has serial=1."""
+        builder = StateBuilder()
+        graph = make_dependency_graph(resources)
+        code_result = make_code_generation_result()
+
+        state_file = builder.build(code_result, graph, "1.0.0")
+
+        assert state_file.serial == 1, (
+            f"Expected serial=1, got serial={state_file.serial}"
+        )
+
+    @given(resources=multiple_mappable_resources_strategy())
+    @settings(max_examples=100)
+    def test_state_file_produces_valid_json(
+        self, resources: list[DiscoveredResource]
+    ):
+        """The state file serializes to valid JSON via to_json()."""
+        builder = StateBuilder()
+        graph = make_dependency_graph(resources)
+        code_result = make_code_generation_result()
+
+        state_file = builder.build(code_result, graph, "1.0.0")
+        json_str = state_file.to_json()
+
+        # Must parse as valid JSON
+        try:
+            parsed = json.loads(json_str)
+        except json.JSONDecodeError as e:
+            raise AssertionError(
+                f"State file to_json() produced invalid JSON: {e}"
+            )
+
+        assert isinstance(parsed, dict), "State JSON root must be a dict"
+
+    @given(resources=multiple_mappable_resources_strategy())
+    @settings(max_examples=100)
+    def test_state_json_has_required_top_level_fields(
+        self, resources: list[DiscoveredResource]
+    ):
+        """The serialized state JSON has version, terraform_version, serial, lineage, resources."""
+        builder = StateBuilder()
+        graph = make_dependency_graph(resources)
+        code_result = make_code_generation_result()
+
+        state_file = builder.build(code_result, graph, "1.0.0")
+        parsed = json.loads(state_file.to_json())
+
+        required_fields = {"version", "terraform_version", "serial", "lineage", "resources"}
+        missing = required_fields - set(parsed.keys())
+        assert not missing, (
+            f"State JSON missing required top-level fields: {missing}"
+        )
+
+    @given(resources=multiple_mappable_resources_strategy())
+    @settings(max_examples=100)
+    def test_state_json_resource_entries_have_required_fields(
+        self, resources: list[DiscoveredResource]
+    ):
+        """Each resource entry in the JSON has mode, type, name, provider, and instances."""
+        builder = StateBuilder()
+        graph = make_dependency_graph(resources)
+        code_result = make_code_generation_result()
+
+        state_file = builder.build(code_result, graph, "1.0.0")
+        parsed = json.loads(state_file.to_json())
+
+        required_resource_fields = {"mode", "type", "name", "provider", "instances"}
+
+        for i, entry in enumerate(parsed["resources"]):
+            missing = required_resource_fields - set(entry.keys())
+            assert not missing, (
+                f"Resource entry {i} missing required fields: {missing}. "
+                f"Entry keys: {list(entry.keys())}"
+            )
+
+    @given(resources=multiple_mappable_resources_strategy())
+    @settings(max_examples=100)
+    def test_state_json_instances_have_schema_and_attributes(
+        self, resources: list[DiscoveredResource]
+    ):
+        """Each instance in the state JSON has schema_version, attributes, sensitive_attributes, dependencies."""
+        builder = StateBuilder()
+        graph = make_dependency_graph(resources)
+        code_result = make_code_generation_result()
+
+        state_file = builder.build(code_result, graph, "1.0.0")
+        parsed = json.loads(state_file.to_json())
+
+        required_instance_fields = {
+            "schema_version", "attributes", "sensitive_attributes", "dependencies"
+        }
+
+        for i, entry in enumerate(parsed["resources"]):
+            for j, instance in enumerate(entry["instances"]):
+                missing = required_instance_fields - set(instance.keys())
+                assert not missing, (
+                    f"Resource {i}, instance {j} missing fields: {missing}. "
+                    f"Instance keys: {list(instance.keys())}"
+                )
+
+
+# ---------------------------------------------------------------------------
+# Property 17: State entry completeness and schema correctness
+# ---------------------------------------------------------------------------
+
+
+class TestStateEntryCompletenessAndSchemaCorrectness:
+    """Property 17: State entry completeness and schema correctness.
+
+    **Validates: Requirements 4.4, 4.5**
+
+    For any resource, the state entry has non-empty resource_type,
+    resource_name, provider_id, and attributes matching the discovery data.
+    """
+
+    @given(resource=mappable_resource_strategy())
+    @settings(max_examples=100)
+    def test_state_entry_has_non_empty_resource_type(
+        self, resource: DiscoveredResource
+    ):
+        """Each state entry has a non-empty resource_type."""
+        builder = StateBuilder()
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        state_file = builder.build(code_result, graph, "1.0.0")
+
+        assert len(state_file.resources) == 1
+        entry = state_file.resources[0]
+        assert entry.resource_type != "", (
+            "State entry resource_type must not be empty"
+        )
+        assert entry.resource_type == resource.resource_type, (
+            f"Expected resource_type '{resource.resource_type}', "
+            f"got '{entry.resource_type}'"
+        )
+
+    @given(resource=mappable_resource_strategy())
+    @settings(max_examples=100)
+    def test_state_entry_has_non_empty_resource_name(
+        self, resource: DiscoveredResource
+    ):
+        """Each state entry has a non-empty resource_name (sanitized)."""
+        builder = StateBuilder()
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        state_file = builder.build(code_result, graph, "1.0.0")
+
+        assert len(state_file.resources) == 1
+        entry = state_file.resources[0]
+        assert entry.resource_name != "", (
+            "State entry resource_name must not be empty"
+        )
+        # The name should be a sanitized version of the original
+        expected_name = sanitize_identifier(resource.name)
+        assert entry.resource_name == expected_name, (
+            f"Expected resource_name '{expected_name}', "
+            f"got '{entry.resource_name}'"
+        )
+
+    @given(resource=mappable_resource_strategy())
+    @settings(max_examples=100)
+    def test_state_entry_has_non_empty_provider_id(
+        self, resource: DiscoveredResource
+    ):
+        """Each state entry has a non-empty provider_id matching the resource's unique_id."""
+        builder = StateBuilder()
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        state_file = builder.build(code_result, graph, "1.0.0")
+
+        assert len(state_file.resources) == 1
+        entry = state_file.resources[0]
+        assert entry.provider_id != "", (
+            "State entry provider_id must not be empty"
+        )
+        assert entry.provider_id == resource.unique_id, (
+            f"Expected provider_id '{resource.unique_id}', "
+            f"got '{entry.provider_id}'"
+        )
+
+    @given(resource=mappable_resource_strategy())
+    @settings(max_examples=100)
+    def test_state_entry_attributes_match_discovery_data(
+        self, resource: DiscoveredResource
+    ):
+        """State entry attributes contain all attributes from the discovered resource."""
+        builder = StateBuilder()
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        state_file = builder.build(code_result, graph, "1.0.0")
+
+        assert len(state_file.resources) == 1
+        entry = state_file.resources[0]
+
+        # All discovery attributes should be present in the state entry
+        for key, value in resource.attributes.items():
+            assert key in entry.attributes, (
+                f"Discovery attribute '{key}' missing from state entry attributes. "
+                f"State attrs: {list(entry.attributes.keys())}"
+            )
+            assert entry.attributes[key] == value, (
+                f"Attribute '{key}' mismatch: discovery={value}, "
+                f"state={entry.attributes[key]}"
+            )
+
+    @given(
+        resource=mappable_resource_strategy(),
+        provider_version=provider_version_strategy,
+    )
+    @settings(max_examples=100)
+    def test_state_entry_schema_version_matches_provider_version(
+        self, resource: DiscoveredResource, provider_version: str
+    ):
+        """State entry schema_version matches the major version from provider_version."""
+        builder = StateBuilder()
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        state_file = builder.build(code_result, graph, provider_version)
+
+        assert len(state_file.resources) == 1
+        entry = state_file.resources[0]
+
+        # Schema version should be the major version number
+        expected_schema_version = int(provider_version.split(".")[0])
+        assert entry.schema_version == expected_schema_version, (
+            f"Expected schema_version={expected_schema_version} "
+            f"(from provider_version='{provider_version}'), "
+            f"got schema_version={entry.schema_version}"
+        )
+
+    @given(resource=resource_with_sensitive_attrs_strategy())
+    @settings(max_examples=100)
+    def test_state_entry_marks_sensitive_attributes(
+        self, resource: DiscoveredResource
+    ):
+        """State entry identifies and marks sensitive attributes correctly."""
+        builder = StateBuilder()
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        state_file = builder.build(code_result, graph, "1.0.0")
+
+        assert len(state_file.resources) == 1
+        entry = state_file.resources[0]
+
+        # Sensitive attributes list should not be empty when resource has
+        # attributes with sensitive patterns (password, secret, token, key, certificate)
+        sensitive_patterns = ["password", "secret", "token", "key", "certificate"]
+        has_sensitive = any(
+            any(pattern in attr_key.lower() for pattern in sensitive_patterns)
+            for attr_key in resource.attributes.keys()
+        )
+
+        if has_sensitive:
+            assert len(entry.sensitive_attributes) > 0, (
+                f"Resource has sensitive-looking attributes "
+                f"{list(resource.attributes.keys())} but sensitive_attributes "
+                f"is empty"
+            )
+
+    @given(resources=multiple_mappable_resources_strategy())
+    @settings(max_examples=100)
+    def test_state_json_id_field_matches_provider_id(
+        self, resources: list[DiscoveredResource]
+    ):
+        """In the serialized JSON, each instance's attributes.id matches the provider_id."""
+        builder = StateBuilder()
+        graph = make_dependency_graph(resources)
+        code_result = make_code_generation_result()
+
+        state_file = builder.build(code_result, graph, "1.0.0")
+        parsed = json.loads(state_file.to_json())
+
+        for i, entry in enumerate(parsed["resources"]):
+            for instance in entry["instances"]:
+                assert "id" in instance["attributes"], (
+                    f"Resource entry {i} instance missing 'id' in attributes"
+                )
+                # The id should be non-empty
+                assert instance["attributes"]["id"] != "", (
+                    f"Resource entry {i} has empty 'id' attribute"
+                )
diff --git a/tests/unit/__init__.py b/tests/unit/__init__.py
new file mode 100644
index 0000000..b3fcc59
--- /dev/null
+++ b/tests/unit/__init__.py
@@ -0,0 +1 @@
+"""Unit tests for IaC Reverse Engineering Tool."""
diff --git a/tests/unit/__pycache__/__init__.cpython-313.pyc b/tests/unit/__pycache__/__init__.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..124426282ce08bd7867c07dcca9c259a7f7ce51e
GIT binary patch
literal 196
zcmey&%ge<81iLr$XPE%$#~=<2FhUuhIe?6*48aUV4C#!TOjSCed6^{&C8@<F#R_Tp
zMGBsY&I&=PWvNBQsS2)n>6v+{sYRK2=?WqF`8j%invA#D<Kt8EljGx8GJFOZc}v6D
zDkjJ^z&|E9FR>`iIX@*e25eePDbV1U`1nj96(6rxP<e~PCO1E&G$+-rhz+O_<e*}Z
RV?Ho5GBVy`Fe+jJascG~G^79k

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_authentik.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_authentik.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..0d462d939b9d5d1553445fbb35896a1e1a84656b
GIT binary patch
literal 59251
zcmeHw3v?XUdEV?3gT(@aH$m{VBteKv5^n;0h@?c3q9{H<3Coq)kk)z$EFp-%E;I{B
zA{@y~n<h}|#8Mj9N~6Yf<5XmOdaRr{j_st4b57$ZC+_Jk020ttJx4upA4+mkKGY~-
zpWlD)%)PUV0d|)UE3!FU{<!aZ=gysf{{O%K|KD4cl>r6Uzy3Y#`Nk&|<<BT$U0ySA
z>(>$ZvJz2rCE|*>kGga>`|CO4O}j(N5uff4QI6+m*%4J&kCf}>EbcxU&;v;K9<4YM
z)PqMV^~xhvdesq4*I2&qX!VgAz2-=*Ud!VCqjg8>_4*?Xdc%=My)mRTDI1hXS+f#R
zd)<62`U;j-j<kSCYZ`WkE2j2FlOq$Mi9~uL9XglNL;EKuo=YSrM$U)gW@s=zF_KD#
z;>n@V&`5eP^<qN55E>ty93Dxwe@N~3huuc`@%Zq_;PKSpdBZmzpBQ{D>^17Fws;GV
z>v~Ez8mz?g6nIKcy*M(I&<#x_A4nz7jSL&rA|aAUr!fF@vO=UCv<AW(ZCaf16dPdJ
zV`vA)C->`v&y7qZ1}7%<gi-y}XnX><I(8sFkr+<t7mQ$JFrLIvhIMo`$ft}$@hrEv
z=vkgobQhi{o}=!GxOH#D)2!&eGk(msw-+VoVlkf;i};(BUY;TT>Seh#=vi51bTuze
zwdIxP=H>N-r)#xh{nZ1xH6j67Mz6@LUt!A&=H&%#d6jv2mA1U9NR_S)YvF2R<w-0l
z@mMHeJ?jrwVm_vNC_it>*-M2YkrR1Kuzk>+Vm6<CKo9=kdJN#p%4v~j-F#FT6=|n^
ztPTLZf)P)|yUT-os?V-rCG6|Jz4Ez<iShLAj*d8n+dh(<Na)G<X!~gV>{Rtge6USV
zVC|<9Z4;@~=u`#0Gi~X_pq`k(GE>jS(}~!mK5CQ?j*j3Bij52zm1fW^<<)7>hB|Jp
zdcBOI{z10luec0vIx%`KO@j^@?FV+B8F>7u6K5jHxPI<HYAA7ry`*O*@xHQPj7G^`
z)%J0$;dEkRay&Mcn0PKVWV9|h`|b8}tI<_@J-|if{ie3rrjBXv7c1Xy+_ccpxzM<I
zq4}X3W!@EmY40yq+(IE`stvOcGiRZlO_CS`8%?{Ocwv&BYx{UAJu$Vd=;FhPi9zu&
z&=XAzd$>msvOipUe86I!UGAvc_ISmECcJ6pyJUV;8L-}Dx)1XjpkDGWlvMMQ5VhXs
zq$lbbV3<F*Owt?irA|hDyALZ$>fB~CbLhK@ayn?09H_EF@-Og)KkDD^ij<vte7n2X
z9AiX1U2T;asI@}!?*{RnKa9koRXM%X%W_s|gA(;vcVLYz-k4JhvHZ(k>x2tql6T@<
zT42C}B_(z&Z}+s}ok*5N0+EVnS*MG|)YF6_*kx<0*-DdtF-Fz8GwW}{6$$QjCB1uH
z;|V-1TH<*Zo>t{uJ*}z-PwPHCt+jcN3Q;^Q?XI3y^@FE%pPp98@oCjWYCGI_^~CBP
zJhA)n#D;_6`l;^7<lrF4+;fwodE`|Hgv_L#Oo!s37vrNNL!mS$yxTu~7teXn{;cWK
zT!;U+=$il*htX8+?iMBN?Y|v}vkuz2x_fR{=!tV6s-J7y-rIM@Z3KB%Y$A0&ku)mJ
zOdh?W=&fi?UqgU!y`k<IjgOrjitjUyEKSZ3Q6wlKFdCr2(g{75=6Bh?XEZe!A5HH=
zfVZ^;EvG91E-DM5Z42w$Z~8pVRjgMGup&JXpO{R?20?Eb-sjV)r1O2#_u0Dd4tK=M
z?j01QN}acLc6J&5_|Vu$GJQKRl02u!+a?n6F|_YVPo6dW!+L6RJk4)6_n!5K(6CM)
z=`Q?F)5jm<T(N#()y7L_GR@s`usV@#S6sK<d-q;(O>N(_dHh0mI34)B83^qSQK&PV
zZnw{Q;FZu`p3@sn8)fDbzTz=FC`+K5K=19Ucp5h{!P?k?l1SXquWw*oPW3L+S<WNP
z=}m9rwL6xn%^uyzP;R|;)YCfv!mg?IWh(Po&8Zu%(P^m~LB6zOSl5#YoyZrX#-d!s
zn$cHKM=g{Ycy#;%Us$?P6T<=;1=TyQ52nV(<KQ5J$c~+z92uR!6E^&Oi5X3?^mD1n
z(IHkeHawa-8y}4&<6{Y<JeH21OHd0&)qXay;Ac7KS{EZuG(HhaygWV{Pcl|p-$Y|5
zGbcmuMl4*e6G>#KW8ko3pq7nt79uiR@1vXw8WVqNUG~U!d!&a)c$a<l$j)>*S_xSf
ze*xDn|8f~S@AS2#NlrIFIB`+=NL4m$U1(Z$!|kc9y5aM02uzpHscS!~Qr2&=C9e-m
zt8?m_>(xr#im$Z2(KcV(m96c1r{#CI{?^vn+I`byA83v9+QzK5F{Ace`e_ETTF<;{
z{$|vkjJ8okdElzrGyRfC%gPusMCn;-PZSaXBri~xEm^H4qxN2|WFV{c&a38cM(xdL
zEh5STSJhtX(kzmdF=U9+v(%m_BmziAmtXqAYhTEy+b(TkAggVgSIysyx^4OkBE|z(
zk%s=v5?L9e472bowI<4l0FtS@S6_QIqwc!2`SP*M`dtVCX0=`Os`;BycTK-4Vmxpa
zY3S4}k(DvZFbmJJmP8>Dm{WH#WISk!uCP)RMa6%5k#DJB7V_Ca#thn+z0+Q*Le~IF
z=U*F?)6^QfESABoB;8>A92mO+`cmXwDCxk;S#3ci=cRv^m<@4X((@VjfMDrlb4l-M
z`iinED%ht~B<dr^PBM~DxQ2jwPYc#=z>xtHtYoibC2e(@%#Lh->?|G_Ji%Z&F->_)
z=enHnIFRj_XTiE!b3@-Xy5i`m(8w0oCMGmeUeYLuHI}pHILfGd(daO{wpz~fCTd|+
z<poQNXIrqOWQ_yuK9e=Bhy-n{F@5*hWowH*%z4)mtTEW)qzC`~V2>XM8{GY1T`J0h
zb!l5m&g=b0x-N&k>y>TdsSH85cg`JB)+r(Ud&1p+Wv^$Qa?Ta5n(E$fia_}eL+D(5
zWE3L)kRBfaX&cJTWdv9Ihi{;{spcn>oX6n;+7N`eLnKNCt8m4w6OUkcClW7D^c&??
zBj+KYb&n)LY#${ev@4trjU*X?ywjq)5isfQo^X0ImFlyy5HPd0gCu8kXyBD_;1zHL
z6S|=$ULK5rQAl0!5vkoppohSA0(}H_-qvh1c^3$K!;6w2+P8Ohg=-m|t3N^m_jB6S
z@bg*FN%YNVUj0!D5tVEBI3;|V67~~#jKCoR2M8P_@Hl}d2pk45Nl^VLC7c1U6PBI!
zNUuGz!yf785l(;Z;&e2RbagoqpqrK;K+WeI<J_9@NXc|)ZUg&pH|e*qE<ld@IXSve
z({{t>v53)tQdR$@&;G(^=T^1PRd&3yb0Jv$rQ@$1pAT-$2De^5_>H4ij?M*le(X`I
zI<Nbc>Qx!F>(b`8+rQS1z*~ct+Gp2xA(UC$mDRfDRr5Eic1?et$L3^EWFzgZK@rR5
z#CY;G>cw8did{uUJI_ET=vEXG0Tfx#>ND!rulE0HKmNSsd9#1EX)8jRrmb0R>%40I
zX4S3JlRP#jgCZMgZ+S#4n-k;7*VL_V9=4aTVpoyT&oj^ox)p^)0Chhu$E04X?6{q-
zz*G8{tw*~(f7%^5<|=b05Z5vSkpvP)iKufA5ZRb_MT9gw>KYYf=4nAJI_&^}oDt-q
zMKFMD#3s^!kc-Q11~eJALMZ7#0$Oc>Omx#f8`<bhdOzcFlK&@tryE480x_qCqJBm;
zzGQvQOtMiBivy0RJ>rX&VF$v0>X40WlywAAX!WRIcUcmvk+Rc5!am?gU|HL7G`1lk
z8)e%e*`^i3JPU%&nj7nW7}+RmJC1B|Z4hW>AZ|+;C6SG?AIDKHv7;huIgU=&Vmm5@
zN{eS}8;x_jerv8G<tEvvvK<xG+)*h%z0sOsTU#wwn*57rTW+;w{l$)ooA0P3%Rn|h
z6A7jcJXn``WMhG6`Cwh%|8+U+E{bfdoZ1E*lO(i3NUbG7S}DsBj5>WG`lo7bbs*$~
zaBfKd407~S1b&JDqo#;5(mzXJkiZbY?HVFC5<{VhR0w<h)N{DbP_4akXsC$caG_vD
z8agqt#JO`Qsh^`}h6y+ja{6<W!8$IMj0-SHA}8b0RGW=>ghI~~I8R`dz!-rfK$<>%
zmS`{(;=;j)mY~hdJH*_^*xVZXOQz29n>a>exWwqQTYjay>4VVb`Owa6XlG{E@!3#6
z2@Kc#u(IyQkV4x4f!jCQuYiu+_4UEa?X#^+0@s=&fg?$pwt)-KAUzXdyGZTppd_U@
z&KBdz*VJ8?K}pIIRty5W%b+AFgSu%oONgQfpl&XW_B*Xd_j>+xZ{S$4%vq=7n^?$;
zg?JHfhb!XS<xP4{3z{wB=Xz{R+e1=n_I%Q5Q;~0@<UnZ&S`I76yaq_Xop+(6pz356
zzS3r2NpIBaMBgQSkw7XD^)r1BL2ogA4<Q<KqV}Ng0WAkmTftM$NNOumDTQ4Fg8Gr;
z$rHU1bs~Ea-yM5-NuLSY3FU0H94SFr3)D$v!P1gCk)v^LS5hZcroM+7(IVARNuA)H
z_+{%=P;6Enqdc9clNwMbK2Rnv;%Pb1pm<ufclEUD9z3o4^t3|q*;*kyEzey&t@;N~
z>wY|~;hJ#6RF_SAfNkPKX@G6;3*~{y@gZ!&OXY#vfz;?w8{dPTs-Uo0gY5_F?Re~0
zylmH%ZF}lZB7tpr>fjYi&^o9}CSEeTY1^@L*KLjBW>;;UUEMk{Kud198;1)JDP~JC
zbH{vX{Q@G_gnmKi!g~9beR#<`T0);d&e2pk-4EO1);pKG6a7`>66KbwJa9VG++|Z9
z_-SgQhXAqXMg<zTZcX1o$qy6Q1JJL(LczTRNKS?=b(O;O4QBF2zMZb+O_1D7x5*a|
zP#q~+JVa3;UzCqOY?7!)D4&TN`zUmg0Fi?FaRU7WP7rtsz>!2<%}CU|ky($<=)1E=
z{`aW2KjOkdRjJ#!uyPX=Wf$t#F4V7nefN!WUtM6j4BOYG?P{-B^_8(V#^xJ)vW-3O
z9Q@s*zjgF`D`p#?oUZslYo6C0%4!c~)Q2-$ALcNtJv^_PzZs-!4~ZxbTvZ<?*`iq_
zD`UtIrDs`-qLc_AeSv!2oYgjG)V-N)dpXQ%d*@a2H-mHyB%@40_^P^>dNtFsGKLIM
zdX}{)N{Il{S+5(i8mQjROV2Zq)jH=@^Eab*GU8UIAnU5yNqw4WSs6oyC_PK<i9#YU
zr*<y0*Zd1u;)}`D4(#uONOjwYR3DM4xg_W(BTU3zrb)O$oT$=2TfF>7Bu)%40=ME0
z#fia^1a+T`I57y~SP-X91g8VRF39wO5b#Id1)-Y|N#_vkvX-;hPt;-rd!f>jU@uhC
zPO$S`=zM~mzNYNDBXOc?7bgy@%ZP1U{hu{=`)a1P9O7aW6QM6Fw7G!6O=(c78o|z<
zMF;TD=@ha?UIzl7YOr<ztri(cqeoGof2zt#<ieXG<UHZJ{7<8k?B-|CI{!M}o$RKM
z+Brj@blHvbhtb>=EBV7{)}tv;*YXde-}*3ar4M6WL*8d`p=NV2yKCWWFnqb?8(Xhz
zedndQ;3HyxEtFCFF1`Hrt6zg=Qs38mF1<Rtu@9ll#=fl9H?Nw%S)^#|cy!Jd76p*_
zb*P7##j`mvo_vk^v6rx7SCIilCaOx^Y?Qr<(y04!nSJl-TMr%T@qE80@Ps>e@2U**
zM%2`;8O&Y&2WOWHk`1Ku3-SuD6_$UCw`0N1mnGSN(rT(Z>N%#Q4q7N@=r<uF5b_Ww
zxd-GIzNnY&7Hzc2FUo9OyTcxr13Hww2qhtTKR|~<y~Y|FvsaO|9Hk_(7SLgt?M|Fa
z3*;G5+ucmn#uq7%1fo83&%}S4w#wOMYpZ~S!?tHq0g1$c;fio@YUMLbpW0%WxR&)v
zeKOI`n4Bvvrg1P;@gfz2bs3bSPcm(TG_(zBNsj>A{h^UG(>8!=0k-xN>B-Rvs4DEl
z`1BY+j>;~Sd-dH&?7vc(PpDV1PDoFhBRjgsVoCHXWn6a52=gyeMJ6XEn%uszznzig
zX<FB&(3ne%S2A)uw|`Q}g`pg?1{9hW6tJuX+n22Li)cUn4*}S&{rWBM3}!>SnU?4W
zH4R@`^TwL_nzn3B+vTBeoWFAZ+k0ngo}Bi7uyRdCUGru=X(6uRzZrGS^ot_K16Om>
zvNDE@H|z5XBZ@W_6Os?!YdjnK^<(#5ueRui+&B9Ww21I(pTxcE(*RSIBV5~vzuJfN
z*C^*75nwM7EoA+d2(Win{}Kh?09gDAt#W!B%+`(G0t{{5n`c)0C)82VuhAp3HAm?+
zTANYVzS%$;#B2F)MqNv<ks0HGt2t>|8AHaK4S9tTMH|b!Mt{yek9VTlakm=+QkysF
zfuZMts288jsP$=LpUog<kzG!@!OYCl$ILvp+diA0ax+h;8t~7ipQ#%7&Ch083C5dc
z*5}gt%T*1=Pr@}paH>o0i<;ZCLzDVQayVozWZJ&9Y?jP-j;Nb{qikYiERmX=m<ps*
zV`Q$44{Cw8E?lLv&Cm%npidGY9!Y<lKq;Tduxk56vKHAZK1%HzBk;=vNNkl>0jy0`
z{()?9db{&CLydi<z2^D#ze;@*wz;VA&D3=d&9B>$UAN=g<+JM^qwnWxr|;*U*_y-m
z{lyQv`DD}F_rr;R8e;}Dv6vBv#l})YlcNcQgR$5Plkrh9twBtS#m<fB>50*iWFnbD
zLRl;}lp2i1blOzXiC)&9CXgcVB7wh8fKZ<Pj|mV4)c+}f(GX)Qg(HKp_{4-ha&{6A
z1P!%P0b!S>YZN6wCOPT92KYJUJ@4L|UcWDJqgwG-WGZ&g`W}AI7syoXn)U6z;coQp
zzU5K;4-?pP-HYgrPEqcLyTZ4P=TPWIvn?mUEAF}OM(9S9$g#D(+Sg@o8_^qkM7bO8
z8s84HZG>*LvK&4rzi%z8c-@VVIc_Uwoyb|2lcV~0&Mh}Wd`f5{2Jv59#LLii>vIfY
zJNwKaD}CJ`@d1{Rj|^R<onF2COaRDI*mOs1J}uy{A~(<O%OV(o_X@o-0zVacRbDx}
ze+n&9g%Z_yB{Z7{i<-Q=YFl1yUS5qYuP!gI)|OYFmse-YYsky1x8*hF<u%yyRzw>0
zrr{OgCS!FDJ`kQ!xC4|A-@%iZVxsOmXB&A1fl1S;NqsOOoxJ4w+n~qF*wj7*>};x~
z;Ai)@VOfMC&15(g1wJ;s{W|e`Q&oiM+T!CQ95>^&uS2p?jug(8ggrVjd(dTOZd{BC
zn}W7ZEExBa!O$jq&yDbMvykKT;<u?f$?xFwqOpCpu@g=&Dn4lHSy&l{P+~RQU0hY0
zI2|GwZ<H>_e|G;L;f}tnfTln~{*|g35cezdQX3=-4D|*=N$he`Qy}VssTBzN0&1Mt
zl95(RPAUs{X<SjFFx;o?6o$v<KB3C$RsNNuqU|2$NP<2}>~dCLhzeI27WKmzb6Lxo
zofoyhn0st@;#}HgQ3C}_3Nb;!l9Ji?mNX|MVU~C2DBO_G(;By!o93L_j(5AbHs;7{
z>(jB8RMm+1+Wky;;ip}QsHDOgtS4z}tI<l6f5DVFQDG#Zb>TlLe!^Y|6qy<>pX%gD
zMNnM_PV}GL|78E;1F;hW2M#|TIXSTZ<dY}*Lu6A+o|W3!9wY2_zq+(B1UFfRRfK6D
zv4j;fM+AXa+F|?}gQ+a@-~`iL-cjI{%`m30Y@5kCf;UScvt1Zxv@bE<z$=_+BO*TR
z=Q5RD2<x9C5GQb!z!1Pxju{39%givk`@=!~ZDbn_j^op*X=B9_{TC~Lv4~4XNV5IU
z=c!qn>F+MCzL%tAW~FReSM)ego6UrT$(DHWbQ(LB#imPF{4P39{{Y~k@_|<OrO&_i
z`HcGPyw-_rJOnaY=d9L^z+B&<`Mzhfea})N0@}0lD8_!XRIFP>dEl!0?DT|4%gPvK
zVE2#evWnOS6yf|v=6JtWM`(qH!J=pe!{FgOh!HOS76{Q!)iU1#C({G#TbXoWAJO$R
z-mg=&4BPiuIAiEP0%t7yg#fO1M?Jvxo>R3pZqkl3grF2p!n_=Cz3hcnXWj+8An>p?
zHiqkEEypj4tVMV%;<I6&dowD5^Gh0)sD)8szt-ejy<{2?^_rZk?{tkd3AQKTjDN*m
znuYVhxt1qA!{y<?RF8=zM@PuR8Jq`%unz@QUTDP#5vL@#CN7L8((U1Lqbd%uC-dhO
zJ2#qo$<SmRc22_yqgEzZ9>k0WnHC=(A06R_aMHWM`55?M@)BS)%aW))4(|>ZVq>TS
zhT7iBATmbIQ9B9y2$<%HQ7zlx#G-}Yg^=3xE<t$F$L@@5+xX3c%45=M!mLwv2NS^k
z4Ab^Q@q^*eH8gY3(-<F5>6kS*RN%eESc^qtOFzfzzmNX(e?x%qrd?2-;|`%W?MF6e
z$T>T{f#JDj$C77ymPb=_+4Zsw{9E*y{sjOa%<B5DRJ>6!U%e|^y=%7m;c4GZZ=fE2
z53V;V)eTuKG_RV!88t*USuz3Pt2t@eoER^9O%1)NidraPi;3h}HM9)68!8dqMFa{-
zx@@l$O?2LsS|4@iA;Q1OA)XwO#}bH8pfhJ-oP~soCVItP<e(hYx&<d&7(4nj5n(B#
z`eevXJF<30djgFDg>uhr`6#q_veOZTg4FD0NHlEs*%=y2koQg!_zfk_#j*93CS!{I
z#}D>xZ)Yr}g^1d$-7*sq0k=31nC+}4tZ%(>cm~zUvJf1nz)lPs<!q?Ie3#LIg3PPq
zBZ^Ud%d;qJ$MCVXOGQ%u4nyE7ZG@!s?*Z5`)s98TX$wP64x@-!GXzdL79Shx+ipBj
zn3^l9q5ptUrQZS&)ZM(+p4Hkj9Y<!hqto8^SG3Nr*p^+f4X#Nt2;})D0R<<Wl^{$m
zNMsuMCXq2-^qRWuSENT1l(1r`iVpJHLliDh7NakEQ5omnxeWR$hI8*w7IWuAKP-Y?
zbLPz@0&zrci_nx8_rWgbt@$N*b6LxoUd!dp3zZhA(1y;P+ZCvyU`fH77c43KXu#tZ
z*Gqy3k^G*By@%o{I47<b=8bt=Z&_HKYJWUAG@gPx*mQ`#<+Kr>7#p9s5IUOxdzHv@
zqsDn&Y}}9BJD!)35D9A(xy<e^pe7PTU-9K3Fov+mbpVv1?XCmhxq$JkU4q`K%5A@B
z+-2@{FpSlYAut0nJ3G3Qv7<ShXlG8W+kr1#C&?~x%P~IH%+Z^%r!YFpy&-$;IgB$+
zdmsXb!7_hd3um=3ndocbSq)b3U6*wR?DqOIlno>G9BX>m(G%7((_p1<#V7-uDP@oi
zz81EH%|?)ZSr>Kf0rbt#*i_dt9(0E+AK23CE|_^|v-r0d=94~>Nj`i3+~kHxIw~*;
z=Gwec8=Pd9sUFFj!r3Rxz#N=M{t#HU009NnByy$e&v71EcF$eu3VfME49c-N%h*IM
z5QAm5J8>>8ac7}+CGIR#QsB;ly$iw&icyviB2tXHSMGVC7-h*7xtm_5B-L&+EwR{4
z&dtIRB~Y*Bjypt7KTOT3L2G5vUo3I%l#;%t<eafX>2$RySKQbT=K4}gyIjn(|8V5v
zY=cTzMg)ufOG133FjpoQm3LQWPCoM|8hev<vi*>hs{R9t657`PJprPu^b9~hHlm4E
z;ieUg8xGn#)-O|LmcV`jj}bUP;2?p=2^=Eu1cAc<mfw~mlyHoIK-KyTMVZ0xEQJ_u
zq<s!+TiP`B<%(POVOaN{rz=|Yye*)UG~Kk+-Foyh+0ZGjzNH4gRPkB`cv3K_m+I%&
zcV*Xi&8gi&qIk^0*T*b;eJs;?G}Cb`qaFjyYRBeP^EZPOLfSF~;j8K~LepkiR>mj;
zNSiWdsUncJ2%C*idPh!cq9OFoiBDRI)<r}fBR-RW_H8pl!MWO<HuA@TL;evsuJgb#
zzR(aQM|M9V$8{FszB9*lWhJ?UBhI?sdN|I?`_dZM67C69Pa8V2c9YeP{OjcQj!=Gy
z?)6sX^y6UD3i*QgNQlwlV^U~zvKB_A7A!448U^k;DnA;Q2a<fB?(3~tvh}*bN|S$a
zXJY@~ntupa$!VQ%TsQ0~%47g4M3#o${->UV!~l9g`Bnqx1<vCB!KB(=|5S~sA{P?1
zi?IT*`QoxUZy>bFq?`Kt6uL~{IRd8%NL<d4cOF7_#^q<I;s}A~2{1H1N}(|VNdPC8
zTAaGh!R6*%@}2i$sOzO`|7Ys;CV<52rcSQ#&(J+r+4IiJ<U#A`Ye(mUE!kkprIYiU
zdb68)=YoBt<G-DJXu*#wd=h*Ld>=r^fBUt{9`2v&O6#Fbp6_o89NJ!%b6AOrDPdoM
z$M{zOQGPk83jl|Bt$gbZfUhZ6@oJ3pZRr%OIxzWS%<le-%ZV6=dP1euw=_yhJr?zn
zv{WiRn!cq3>+h^C0Fs=P68xuH<VKavR-llKvCM`k90}zd5eZ>-IUZ-+EQn-lUIp$X
z%r0v?j!Y8HR&5irOWas^l!V!3KaQi6TWDf*gxO^+$I;1J46_$1Eg6SGCB-*D_?F67
z_{2T&%QnW<R+{_^%<d#~A*@bn2IRqEd(oJ^^Y{pkg@Q7ub?#0<#QrZZ5^PG*N1&hS
z8x?`fuV_o7@RG6j6;obP1mY%qVG-f>&8QsAJH}@qX3an`n^DU)@E7Pc{Q<y5Wm$B6
z{+%6}O%Kln_Xup=OvbuRZ?F9t^ujyeid<Sdy9OKnotZVX^DpdeVTL<B#bYqNwSpoW
zX>UbD45qxc7*D=Nz1T}wF&O(^TFW!g3Az=9L;!Wk9*g1XTO{%SwY7&d&-b;!p|uZi
zHJupu09Ruca=s`Ja5Y{NdHR(}g_n-2yDVHS^g9b8Ytje3U7d3t8;)V?*9nOifw%P^
zQn~*E;2>b$$OO!em{1JRc(kyPdHEKI3QiL}TmYFqpXolB+4T5a@Q}c!p924}@I5QA
zss7(_m(FtMpJU`Mk)sdXu|9Ceie;jhB(oq7okcK<(6At^2SU_J?ghe9kh3`?v#bU3
zKL4`UVkC2+(n7>x^LgOhuJoT^2}ACqJJx00UP}K7!Kpn<*;5fBD~ORvsL3Sh-1nu9
zXc34QJ`vJXa)Q7lfpY|g3EUfzh}~Hb>#7Lynsx{*^4jue$+f+5aC*M!RLKN(egl7t
ze$)R8U}@W{WeM*e8#&4Ev>xj6e7`I3gt7$fefUQtC+Wba3IB19Z!gJbaFN`5(E%<$
z8fl52NlVJ^P+DS_<_c8C?}=a@ZTrbcOXvWXzkAY>a+}=3S+*iRF9l0VX^C}!i$6jK
zxJVV1yOWmC0WOjPU+$m`iTW$2IxQ(TNlacE!5P7m6M1?o)(3z&?QPfp97{(3ZGap(
zrV9ym_<zd_@MV~EU2*j@^GLX>aE;rIvK~SKBT|@%9x}BUgpzMMW{!`aD7@$ZzY2^Y
zP2FEq-fUs}Z4lItO+qinj=PKbG&#z4jM~K`DqT>&6zjn)d>8kSbI*AmldVU0fvc5s
zrQ!lj_-K;;l1<W5ACxWG;Fg7&jhX6}g_`x5>J9Hzul=aZTUo`qkg89S1YWaC;D2rX
zp<2)PYXgVY=X%*8i5g+}TU#LSd{)cfiRH>LaO*}ZoLyjA%#);(o>Ln;+|hgJhsTm1
zhm;OwOmkM286X)|-WBoTTjlR?MKws(VK4i<YJIhq_EdbD40PEg_vn)Th?;saTE;Z4
zr!A7%WKe{Wo3mbXq&%vk_rR%PDbtTsl!Vpk+ar5%lz~e;Yt5B4N_Gl_tnEmEFRl#&
zA6U4gQIhmW_TxB8X@)08hcB<KmgDGTEsQEyu(V`5<Y=7R6>LYrHiaBMQfaFAlt-!}
zTD06$qzs%Ub9Z*x+H&594p>jf`U^QxHJ9hJW5#~o*@t$d#)tM(zc&!#{n#OV0Q*ya
z6b-WVDbG{?*_^p`{8D3ek`h?$sWWnQ+U~%4-YTq-7c5!)vj|#kM(RvW`N~Lrq#;^q
z&Tx4NGwkH^nr4_3sc6?^w7?8I?6PBq8}Dj{S3H<uMG<Sb#lCuZ7&F{-S2MiwCu@cy
z&8crXDYlz){8t05i|07?r_tcUNS6E3L&e~TRgBMCed_n`3y!F=-u!~tMB<1w_Z>(4
zC2)lGk+MxB&XRJb4{Gj`K3MyJK7fExaD&#=GZWfE-*HjvCx$-QVq21C@V>3gbq`kN
zgO$n75-CWz4p)amQx91TxI9qwe26Tx;ZR3UjfG&eO$vhCm*=2;A(P0QNlQrHEH%>g
z_Yh@L6Aq+jDJC>Ic1J=JHlW4o==I=dZ>i|-qVm0!?>_d2Hf{8rq57?%cA7(F#}Rs9
zjp2re5ij``AthF@pNJt1_5hKJc6TJ$?ru@SmHkr{G=R3rNjNa=y1mM@L2R>$WMI76
zMrCf7F>Cg=t|>Fn9rhaT@$-h49C{hvG(7$oepV)JZ?$`Bh1F^zsi#Iq$6zbZTC^JK
zVMld+NV9&$jplHEtKl0=O(w}vs)1A^FdiQsNyf>LbjkVG|2ImmB>Bk!1THF2MqIaT
zA+(o%8@F8^$!ypOZ^jLc*Q;3iu7%Jpq+i;~6Sd0KwbxfGo5SyPW!LuJTvy#(#r6M*
zTUjhmBZ&lCAw=BlbA4Gk=^79c2qc-8H0^6q^jk=TxXlmSeb`6g*8V3FjA|J555vqM
z9pfi(q|-DHp^Mx_5-lutW7}yxkdfTqTvRfRt@Dj-*~YfZ@wrCs3126{5woR*0ow^O
zV1p}JZa|BG=}84XRoLOS@I=eA5HPb~TLx<+ZmpkY2i#gdS>S%f@QmWgeG#2owrbDP
zuwn#u6F5tNmL>DF($5|zoX7OiI0|&eTmwiCFtFFX;?ZUEaWtA^(2L>l?*1QgaIf2z
z>4Vl~PSaB@*1A65AwtY)Lx=4xz{tCnX>~F=^1@^yHZqjcw64$tIE6u>dLLD{9W=be
zX~KH^B}h-tCG<pcFhR3!-udUy3Nr%4{q<8*r9aD;;(8Jy<3*1WEgrkG7MXZ?QG4M=
zZuP=;2;Zi0zfa&YfsX-<a<Qs(axrdGn5MUMN#hrz(yGT6i0(#Rqg+hAQI$J)hHBlg
z;pYPlS92?!BQ%Igde|hW9#19H38Ru8wuo|Hu1o>@I1P#PvF)~yeNr#mrnUVp740XW
zVQ6Wh4CTfo3q8v9|JE?26$h~|4I*vqzVnYpHFdnn%TU5cs<Lv!<-zRE6WOMxrYmt8
z^2!YhO{;FWt81%n`07>$rYo;+QP#I-*6rn<B9}7N>A-=<O$+eDyy}fr^EDmWnvR9a
z&6!|$p>j<oxc2>E=dChtZD87eJ*d<-&)03t)<NMr{Ka&pZsV-hg5YHr12D^+SIyt7
z8qR1fBFY0-sg_8~=EQjNH8uP?{Ii>lpoA4eRdmO5>}?}_*(EB70E#bY4fEQ%thVlw
zi=9$(&~j~bFthz&MkScl4$iCQZw4u({z%a|3geVM3eVcoDZE`);ROJ%st5CXJ8T^U
zb2zj0a7HDV)o`@3`I|us9Rx$sISQjU3eVcoDZEuy;ROJ%s)zG?duCoE3;vAyOs4Z0
z4zt=b^Q!rqK|0y@Q*@5P=#9d&wsZ=2$|}47;8pdR1+6Kg?wen|ExUT#<)^c&J6LRA
zcJ)34GOPDxwSDu*XTKSB-}D6@oRh&>D%Zi2Sy)yOHLt4s7V1`h<&ifY$*7yZn120{
zSq;l<^Q9LU!0|Tos`;B$H)k}g1(|~IRjMS?vN<uHd`;a<tI4c|5>^aVUw?#W*qcW9
z(hH)z2%t2LbMG5CX{QzA+&inSN9fYi3}m&|dDZ;Qs;wDqy@>L_RjMS?vN<uHd`)eo
zk(rI4gcU>8*KuACW!RfW_|ns&ya=F~Wh~tO3Up>^`zkrRE${^z@$7OZy{9%ty&azW
zv)@v}UJLeF7|9D_S84|&p(X1irAqp3augwlPr?Q&_484c$+3TRGmtx7MeegyM9U$`
z4xV~hN~v)0OewqPpUgf>Wu&U4Q5Lh$BINGY92O-<5w##ksVXRq6Hl#RNwIrUu%xhL
zi)iLPOCVAmsfh;6U4V)bb^*jLg(Y9aK1(fj0Q~q*=W@U4yfW*QXM$;Whmv;JDTlE;
zmHL6xj!UF$H;7L1?{pk1EE;^ueH=Sp6-r1+RwjdY)v~%|%T>vs?X9V_?hCt<b*aCO
zYV55Mr>o+vfn}0y#+~<n`1z{!r&6D~x2EBqzcpe;OL}WWExa`iw)uA6J1hRJ(X8hi
zX>9j0m!;K_6_KWB^*!2iG~b2sFWA<Uki}z7t^5gGQ_c5$O^F#TX-$b*SX0fP#x*ru
zn|6nQLzBUCfL18HYN}mI2gl%-Y-D^ik>}eHo-0DBWCBicM@R3OkT7~j{GK&J?nrU5
zwD2*og8KgfiNa-8VT4E=BQDypXW}Z-1R#N?B_)JRkonb&ltCtl<CGv1EbqVVgNUlF
z%P1Sx<LBbZ_*B4hTiMnX_UbO`j2Lp=Lx5Bkxd0C__=cynasnh8a}t#5t;juu|7jX0
z7u2;bgu?V|>Ez-#PZ`8<)j}Ls7cj+fId=utm*3R}1kAhg;6C8JG=jg7c9QfHcSR>&
z;LZa5Q@EwnB<_u$U+b3lV&!xjzR7e#PqRDXQne!QC`xxk_Y4O`t6DBUm#yEifWO1p
z`o8OMPhNXn6}MC2&yg;E3zhWm0xYkx#{`IcLO(*`e5E}$tqBZ*>G)k#ULRtM;X@C#
z-b0`UnOq7(vOK+xqBNnV)NTvnkPme(A^WnVhmdR8TsA|r1@X%GxKsngslYp_(Oe;(
z-ax%EK_Q7M4UIhrSqsP0vVkroNYY8NTapM#Z$=F?%bc~47)W179S6<9a#2u~7zT?w
z$%6Ft)U&Y7H(a{jO(`Ui<re(!qVY7zW|`c_4!8)Ybtw^0?rUuvxCgl55sWJR4UmJ(
zkl!v7`r(QYlL!S!B2?KFm=1olR%zbI()^TG-W-^&g3r?R?caVjv+mgPav~=QQA?(E
zM<%%Qy<qdFQ%KaZWxi$mOw0D!ra{0rU-$#<J6h)G+3e1<U#-cuY@e>oGz~7aZkuoI
zn`!NvZH@t6s`-PC?{s92KbzhC>{q+8t$ov4raAV$R(pR$0Vc-}zMez@W(=YLAzE01
z|3@;7>Ar|jOlb*ZA|ysJV-So8vCI;(lR0(s-`*@!Rt~xT)@Y8U!L=xV9ISh~&HKk2
z{RDT_J>Bhnx7rWrY@_BaTUu-pg>k?qE{I^?R(xM^Oo~wV^h7<5VhFE|_!VjdP(><B
zC8GXC3>7|jHe$?~p;Fm-zU8N$u`yJElE}(WMht=d$&yA{j2J?g0hC1iidrCkD{S-a
z%utD^R<NWHZxk#km^AFyTIcyfOcPb_kustN5d;|~kTT+nSeYTbgn3tTsg+rMmn*a8
z!OFB-GCo+DIR@)FD>G7?`VFVG87X6`$lr}tFl9n{Aa1G%{8+~h#H~N|uOxmf_&y57
zlY%9M&@a+po>>r#G)7iLgXWuCS%Lsj2zD$%3<QWYKLNb8M~Ag=(^OkDDZK9Ia<L(>
zZbOsUUJk`W<{s%i<7H!aM6XWDp)z(hW({kR#n1~xVdrwS%oC&i*n=cE^q1k>7dj<(
z$35*qXBVi$4gyTI2UK+NoRhu+^^6MJgJ9YKV5ry`3pQ;4xHgCK2V;*uM?L%zfjGc@
z;DOd)Q1DEd%L5g`<?x+uw!i&78XjYD$l;KkyRj^AJD1{bmU`62@q4;*lDNtA{{>jY
z^DKng-u%LyFfzeSpIR>F)3R@>t<I?3Z);!E-f?9^I9#YZ6Y9>=2}0&?M(v({g~#AS
z)C$hBa-xt3pvW>ioQ=z{3bwsW2#$8aTjBk)8Y^`d6U>8ZV;;QD_99Da+?L<5E_i_1
zidE!j+?HmA^~o>~!4h{`i(wuFVP6u7CTf9ss4Pe>+yP5auuZYs8L1MsVp^p7p4p1k
zaK=H{iiPlb$h($YnYDMhGV30!%zL5>{u8h=Awv14BlA$sn1{udNX0M@^~@5f;XYX+
zN&BKklX<9QJFb=uVpR#ugV@2dF%R_S!Ul2t%y3P3<y0S(;B(LEwzL&5(2*H~@$rdC
z9cQ3nJB;gAvePu~85i-?9npg1@QZsqSj0B`15ko_Y{SS$lr|0Q#9g`nHbQsDF3|qf
zFH)m-$}TifWvFf_`lA%uPvCxX0&CGhSj*!Cj4C#V%j&}B?SD9O24sqs%Ndv+=+`gB
z8i?nYcPzTKD_h8Ef~bEH_m!@2+VFTEyC3Q7%AV<}4?=C3b^A)^14!ld)656_o!3jm
z*2RLhE~ECmz4vQ-->J!N>_IrQu_vqb%&X>a1}WM)9-Xs=XIV*6OaxG78BX9)7|i^*
z={n|d38iW}mfx|aV}NNoR^(_p{-kmVf`TuJOAxh+;u6GmK=HJH!IDzb(c%&U5#kc=
zm8K)n8U-{RBejeYbJTBSI)&GwmAPABLqA)DfENefKo7V6)L01uUO{;koVVhig%ICD
z6wJ?FtYV_zs(YkAM>8DcvpoKav&LtnY1tWGnR+n8pkS7?EzOx>(9F$KTMoyQL!*$Y
zn}&&WL@=mm%ftv&b4u57^5rOwQimiYR~w7u%60gEt0eQ%r|*bPmWGpywZ^_eG-s}S
zoz#KE<wb~%lQul1eic49<Y><ay(*l?485wd{wY5lKMVs>mHmZGUf)KIGpocR^rw!a
z@UP+jE$Zo_vaoUMJ3p0O{b**@{)LA&bBj!$XIT|6has}#qDiq0LsYFHcAG<-cqzq)
z$b|f*jPsw<jXgzxZ4xm1(C=W_cgIiA419wcmHY%7R1aD%q`1Xy;RID~BtWLaHgzjf
z>(a?M^*(GbkQSf=Q-MX7=n_nYQAP1?5iffC;d#1uw)3zgf5Dx9TKuY1CyU8-UySq5
zWgGYv++^D4#9{o<G_v!M`jns4r#`B(RH|ee^cbO1^=f8af9V`ZOXgF&6Om_h*K3)<
z^<LhcQ30}A@4RaMX4GD01V_<13d1ao!n3w?gfH(FHALX5+M90!cfY#2ruHu8EwH!1
zJ=8TJ^lYFs?gBPbp8I7p1s`>R5_TMzkGe=1Jmv*JH(}pFdZ`O3@^qP#ViO#PK9(;&
z^3k;Spv^*dEpft3fcg8X$T{>eC{OSj5cX15I|V$Uk{WW}h4XlVR+1(C64W_97}DF^
z0BN7)T~4(@rPB_BP`D~$l(fSj=fZK6az@4IP|jA%adfg4;~iulj-{nXn?mhMZ-dx3
z;PxJ6j3bc8NaCLOWov7-l_vi}LM^xpYyP3SK-3hJj>Z!w119DFt4_|uvAX<=R~MuF
z<-H1zJoa93<R$r%tFx~y+en?~NBC+hSW@il6f7yYyGXrB`QQ7QEVs>O1Ecbnn$5BY
zv&mP<GV9Vln~lrP=86ZiS^R8*XKI?-`IPDDgjv*_jSrru?FAfShm)O#B*PRMn$*eL
zu|<>JI}Ym9opDf>e-^R>qERnqq`pHWb}@_;eK@`h-?1>jfe8*6D43~$JMnUtDaF{%
z{1m$SeIiH+2VPVz4Sdh_?*8nK{+X30Z2SoAZ|L6y$YDyzz=H8}B|5FqgLHpY)GM(X
zIlgIVJbz5t<c)%lpp!z3Z|R~CbNivOGy)9-&Y~INCT8yv1}Ef`W^fX0baFxv_KV%c
zaCV0=In1y`9ZZeEmTMvb4<O51l$7L;q``3{;flo@Ds;lU<aL-|5yr?c=OV<-a9a{~
z03=OIn*0UJ%@fmYNO-A@6X^4CcR|*2G!EUHW&JH0%YHmyco<^-L!>(q?4-a<<h_~`
zH^7CHkw~C8j)prEv0ROi&4P3$vaT}|?1DcL_^vJwfNiR-yFV^Ogr^Yr1Az|_5hW)g
zmQ#`?9ETtoyA!6%5S(4SGpp^SlZyAS^NRN@KCgHuKT>#(jvxmAB90(7)9DD}Jq||@
z<Md+L&vC1t<C#6jGb+KXc6?qne=|tY&>ltSD2#q6JZnp*@E%!(7XZAf9+&+bvidpn
z?IRf#AgdjkSIysydWiKx(K!mE7YfhX(h>gl5m7?~uBnHXVUd1-SF%(F>3+HJE|oQc
z+zYO|g(b%l%2*MV$c6zyq9S5mu;wUFos0UIuCg$XANoy@`htvI!gV(nWmlX^IEu0z
zS*55DP{UQVU^|={onCW<G_oOLSmby}u9kO!d=i9h4#OgAIgd!x;%t<u+MqHA*7wSy
z0q&K@ha)u)=9wPa{hnvIS*)Gv9uO|fLUBD2g7-c>J~#oAj(J(Mi^W6dMiQe#@HBUi
zMB*n4fBDSO;Dc=WS&PxI1VOQwn42X6Wf@|QUT;Q4*=(udZ;|;|gsoSe#j(B_%}x2o
zF0{e!^tOht_lqM#3EgtI807ZI-2GyXZ8g2JhL2@)TVzJ!6d_9=LWkGrTb^TGy?LRf
zcVT_U^48T{Ip$mFIfrgUWBiV3Lx2tsDP)OEL-=$2w+XX}aMaIH+9`y>i?!n6C(!WX
zDW$`vZhVYt{1SoP0R8$fDi@^bn3eEq>SjOHe2l;$0tW~jB=9(aCkPw{2-}aLA_HNa
zBo$ml{XB&joyMrRU#2=I0MfK?BPlj+<hzLxY=xGa@z~uj*$jr2ei&deowmrt_xf7q
z^li^QkUUp6+FYp3Yh78bYudY@g~%lryr)SATr*_*8R9;&VB{&n!fO^1FTrz~biQSa
ziDX!fE@*2q>ZVKeS#8t2YW`-_P1CRP*qjWCY@}VP7qM(kOeCWaBT=x@F4Hr88=ybD
zQh$pg|BS$|6Zk5DO9V*XrN2Yq4+;DUfvW`Qh0y;Kfe#4$R|0=Q;C~SK8v+|>5$z=K
z7=b4VJVW4f1kMxq8kHlSjPp<Q$<=?u0@Q8#0E+#b@}Bq6n_izUaI?zoi@9#9ns5Eh
z4IW?H&4An2eM43J6`6{Cv%W`exc$E4u3H|(|ETLa3*V@=WtRDNTX_iHto8Z2ZdUow
zLY1vhxh#a>%|?J5jkf%4zK5(v5WI25m6I2idEwkV&DUe)A$Vhhty+z5yOo9DjaFOM
zI$xiah2Ra$q`cP^z9+=JQus!<Epx4}l~=swMv%`hO)Z}GCHyhevy&rm{*g>G1YxX<
zjbEVmxILbR69{rQ3$Lgz=_3;fqg*5zWo8<~F-9f4Qckc+W2wROoabcg;v99bZX`a4
zkIjp4DUoO=H<S#3r5!oX&PmegbE5kR&_05$Ql*w<DhaU&KZcJ`kx^?eKb9IwjHY$s
zDs>Wn>+rq=FO>w?qRL%phPnq8CPx$d^hqo-{FF4I$?G1M%k`de;J+!#&nolEmOoP}
tKlb`u?pq4L$3YK(s<=+LvP%EQ)hFDpbvG1(A1A$E@VZ)WDg@bd|9{$xm7f3r

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_bare_metal_plugin.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_bare_metal_plugin.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..b43dfbe102927fc6eea8e5765c62c1a10afd397a
GIT binary patch
literal 71315
zcmeIb3vgRUnjQ)e4<3R5!KWV7>+mHBk_bLTQ7=n2Ey<Q;iI#Z;ud?zC0uc~}F$r)E
zK-t2KJx*n7MzfjhcsAw4li8|xlbx)T+SDprc{s^d?M$*YJ9%C}q(scgB-c0Vx{j-I
z_v+z^r(AU__xt;t?sEVf5`;v}*t0yM8vX7*-F^Q4|G)qL?+1Z^&w;1mkAq+O!%2tZ
z&ndtkx8Zs4pW%7ip*U2B;#BIMcdB*l*LBLBsgoV2JgQfw6xZ|hrzBN6)u1-8aNYAh
z)rWZZ^Npwcs{d3#4V-FHn@$DQAWQc=-+Zb?ZDD@z^R1`a)Hd0%!O`td>N_2Zw69KY
zUu|b`4T$rJxDFQAh&aE9TgT!8h-(sY>see7am^xb!&F_UCAT+{N@nG3B9qO?m(r@7
zy_}Grj;V<=iEM28?DX7JG9}Nd=_|>2LX~G(IQ$XyXgpM>HJph}B`43MCtuM#v$5>t
z<&awo9-EyTQztJcvx&*<oSM*@&rZj(sCwpDESs20t5-GuS);;pS7#HNUzv=h5HqDF
zGMSK5Ya5$GCsNtuWGtIZr%tG9T19lQtXG&O^Kly92ZQju?ReRtIx$a}AJwJQscyy9
z=}<k28?IOJz^zxja3!T)ZJ3fm4cg{&7=W?{o=asD>ZRCZ;-eN+n%hHJ^f9^^%Ood_
z!H|<Yn>?AGnVn9?Qj>}BB<~RQs~-Pd`2XMy#J=sgAky|xDxQ>6ai+T>b*G)_y*u?N
zNBsK^#|2~R9gYdU2#r+w!2+p^xJIzx&bN-#?K5&H?h9U?X+q*Y^S9f<TRn`(_@<Ip
z*hgUIC11BA;@oHSnD;HVuB4Q|v_yHS7qIj#Z(^Ujj<=zB!gc+4gOpqGD)kZfpp%6>
z7lOPMOI^)8&iqAxJ-jado51)Uan24;IYUzJnX+k?vHIkT3Cv?A8^fx@B8|&ClbFiH
z3|3)Aj!jR?v5T3k8k@|@Gl}fwbUYIZkKb^9>P=?kR5}}S=GOJ?oV_|2%E)?*Ou@aO
zjONw97<?)&q?5BZ*A&ZS5^9#^*@rxc+!tz4Y3w!MQ?pm;Ta3n3ttC2%rlV?NR;87N
zZ&LFkIeKv}Ih{psHScs9IWpRYXy$TyZaU7gMyICJ7h}`WRBR@pHAFM9O9`q$YZ_y%
z@()UDi_#|<%SIEg%}&Qs>{APQHFqX4eMzMSuQgI*dS8dFfgwGh7ay?(Ml-bZWcFyI
z#}2(bapLR?FDt2-dg)j?o_Lu-nV07PaF{oG5$_bmh@!g&WSPCHZDa3mj(?OxA0v<U
z1bv8QlPJE`aFx>S=wK!R=S{~4E%JOz_cd>EOIKd%dgoj|*tIAbf48KrYga@__uMXt
zE0`f9ymPKBGlHn&0UC0YzykUr87%lyeB1W0AmW@5-#wMrpLDnR<)&O01U#4!Upvp~
zaHNk#+=ou$H^RTzXPxnGe6!R#dnRnZbj2C*0G`yHAF;p_*9Gy#PBiiI=C9c+0Z+_U
z?7vTYcw&}nHEZWSD-;4eaarEPKDU4;Rdc#HlmL{f<xRJhjHm6JnzO{);PVmdEGcdK
z4wa=DB&{}1Zr&CksfWQ%FN36B1CrKX=-{Jj85=<K@&{vH&+Fp9fTYq9XQ~eWU4W?P
zX!FeVP9(6=r!sQ+Mjw89Y~n=p%!zYjr^5i3bw`c>RAvb_j)XG4uNWTr2m^(~JPIBo
z3IH`cmB`}5*AWN+L>+_hy}mQ#dtE-Fmps5r!ef*iMM<-9-|Gybsr0FYJSvSgLET|;
zM#vc@=fI~y3uGQb<C=T+>d@eL$gczE4%@!4S~Z{9no8rV(txV#$=N{8MshIe4i!7D
zL){D~B&l1-Prz2iYAS)ad#w<6zcsMW3ULqWTY?UYhlVn=ICS_c%PPKjht|meqHWK$
z{na6<Z9#gO%%8xq0MTH_VsLjMxH~VM&IfnT2m9e!7#dp~I$an#O_A^fPcKTw-#lgO
z7eU=~TRKfp*T_;ZLr6fSdWvny1-&s#QEHn7sqB#1u&DlybXx7hJCuNDfvTmJ1kVG&
z@n6IzumqUiYXZdd@km_-81~@9Ulw>Xw2r{A>-^IeFzmK`thT_r0<AM!5nv6kYdltf
zDu5E9b!I7BU~eLW3>a0*Er4s)dM#jU)!$TX1~t8@D1|rmDBiH!0H*bd6fuD*eZB0l
zyrC^Pw*{sR1|U5#)e!RK1~?!kA`EyL2q@s9ge4K)8Jm_tA*JWk$%LE*;gku3+G?}l
zP?uwB{8d5|J1mhGXC|YQ>C~m<l(yLtol0b1O{=d&1@)q>v!trAWZWpF?!emtY`<I^
z*q%-TiOtN-&Zbqo129v)<5AY}Qt%B}ts|Tgf8`r)2BXywnpSs_vm4H*R>T>gUfqMp
z@eqh>{Ayd4ZSkRC@)2s80JAzo&R%MUA;mhl-LH-y#s=heGmyJ%f3zp7gWhE;*h)?R
zV>l)VzF+5Q_g$0j`W?;d7K3{W!M%BDEFauEAKVAedm9QtKt$tjo>KOSpzgUXjS=`Y
zvJ}h^5>StxVq0>7>bI7(ghccmX>1vQ>sS)tE&*su@ZkX)oHzb|lz=lEJQ<+Y9^*A}
ztj`LlwPO7CfLVYm3m~%3`7l7)Ex;c@;i`eZ`Vw5S9@Ke=gTTbhZ1$>5-vEend~gXl
zR>BqvGr)AinLG0kfGLrR&!z$TGNq7czX6FV;18jP`%B=@L7i|vDBw>M`&>oE4+U@p
ztg+&IqZNSXKnc<}Xaj+C8oIPcQGFPrG>j{up_eXAU^(;KC9tPR=wELk*qfL3<b%EQ
z!R_!|?`BRRxMxu^{%%q7b`jJ)x1~J<cZ@6rGlT?Grl-tXO2U7=TNDtUJJKEoU~bT^
zph;221Bpg8Uo<+Cj?Yae;P*$PU!IFi6L$omU^IFusb;d%$y6ehMnruy8c$C~qiPRc
zPaP%aX>!KlXdTfgSVZ7UMq}Bmn!Gp%IFGDnDFb1W4B=J@*<uc11{uQkzwY>nd-T5B
z<>|ifb9v4<@B11&Pdk6M&gJRX%TbXMb|!HM=y~uLa4OlEFM9yF#8*sgO^*Dj-m)|>
zJ4IT3SsGZNA`PriFhm;^39e58lUZ#n%k8t|_LrrB0WE3@l%@GCX-#EmU{Z^6L8VD;
zo(hJVwM`{^V<|WIqXCRaE<`zWUhLCnj+H?M`ARY-PbA`(l9|ilPe+rnNuVEB5^5$9
z&VbjKN~mEAs$(#o)WnzPsLrqgCN!92lh}^LBdCJ=z}{_{Hg)H_rUhHqhQaH?M&p_m
zbt-j=Ymj32L_5w8+c9e`bvE+e@BvG?BkqX+k2QZ4H({$veON3I*@2ukTR{pO@pK~M
zWi-mG95;^tD{PyBoiSmH%K`(g2Zhpb{v`{A;=4f1HTF!{vJ-gE1*6Dpg=plm2Na5+
z33%Ta<Jl}l^mN%{Ed{*YXL%F*+=5wLHK&&|L6pX@i_rp-;#UF@$zZHBTp)6uJ(ju%
zQ7e1U#|B;({{>^E37eq@OqDB`ExD`+f|#w~Bh6Ox+H5_h+3L2PttOf+9O=~dWwo#`
zt95Oz9?M+S*+JO}+Pupi4y$CxR8y!ecUYO5oW#y>X%1&WC3vWu$pSge$Qga#kYlMh
z{MejuNSKf#6Q{!;{X5kCssDUG?PUGu(yt^^xh9|v+5Rl~`-g`2<^n?phr>go2f{<)
zp}|4T6N}FzQ<^uEm{b$l8!pX#Ii1OB(i{$s*ujo83sxlv_&6ue`w0tPf`uBT!X~>E
zXHJaXzTvV^*#x>v5M08ApGD+&ZsX-_b~bZpV4$Rrhek&B0{b3Xu3Z{}=$txT+BO~J
zfuS(6TuEazQP6UrhK`5YRN68%KZXS?=jfH#^jtz~B(!WU1CB*Jq19hb#Bf$k%v-#+
z&K&St<}9Ik*nq4QL&qT+e-Gf4M#r>PomI?^=)m6q!jQP(WBgpLc?Rd<JY#ec2XuaG
zj22)ateM$#3iD~p{vFX-4qbRx^)#Fe(V?8N%UQb{X%R7e-Z(8!faAiJskUz!6iPoL
zvyKQaHcT!32zbn!j*q>L4PAfhE7$zRog)iU-v=AIzSnpyQ0(1tEwCVU6}txVLt}aQ
zX$oyAhDH~qjRk4rg0x*6s!2_Y(x!s6so36A+_0^<LB3b--s1b%;cjST9Exv$^_ySK
zOW}9E#+*VhyeJuex1{j3uZocFxs5oG2u6;A8KMLu^E}li@(2&28FjL)5ZsoRj^=xg
z>TV%;bWt+?ZXrInO$2q%ZRserX=EvwAtZ?0^Q=aZOL!2ER=@qVZ{q!Sy&Kn^;I2i<
z_`4<Tx`xi05%Awe92zv@3TB8BjLh>?o5&+Ph%QR)`YeDR0u6<MVZ?<!B6|s_=;sBI
zRiv;$1eZZ&8y*rl^05uKv1G&be+E%mzXhpWJybRzP}wFWxN4|uGe>2onjvB|KpUSa
z&?93P%gB>+*f?io;t$KOB2~_S-JQIYOvJ+<{g}Ys7vN|fwncs_4Go6r-;nx6ignZO
zr@0Sc3ktc_80Ef54$;sA_SI~zLu^_`$wQQz?Uw2#%FDoRoO}s#*j9I=ne8s>6vbR7
zCrQqi$RPl%zCz9nIUVFwKjTwpk<S)*Z>a>{`jAAa|JuRY0Jx>-bJSuH&I*9|&GmWt
z;7VZlRtCej7TY`THFyY&djQ6p7^7K-tB3MEhw>7+h2Wt@$@sg47=o*24E(pHLj>lG
zxPlo%g2+A3>JqtxXF)o&2G&+Wp|628F#J=J@(TuQC(oTbtHU!uxo9RcO$h8INNFX)
z>T3iu2&}1B$;pvJ@J#&*9L>XWRl>7+qoQ0JfiyzHIYg@t(9}1m`Xyn|hDsO&E+{&!
zjnoEy^iuRLj}7vy-?{|kIgsx;keA3U1P?4q#@{W(5acmq;J+;$Ajo6H70eJ4MDBT3
zm&heN3(^4{@(4a3URT0@B1j$_hii*aIW6LfZsaU`x*evtCg%m!Ihb@oLs?b?N#0m-
zg~d@1WQN`JkIVET>`A$Pt!{#LtFkBMz96`TCTA_JL_EZgOJCwVHbYcQ@Czpdzs;-=
z>}MPTfdg27exJz!ykM5G<r+o=M^ce$La=ZyVyWAfS7?fE@loXO!$hsB^sKTpc!!eG
zP*X3#>aW(zh?qIiJCeDm(mS&hdeu-hw?LMw<`le7#b=0$)hmsPKT>aSG^Go8C;hS1
zMY2m}4>+0<A9wx>j;33eZb*5-)jTof?sDvL@b`}6E4oxCJGMDw{Cn0p{)Hp1ZH`OM
zP#`xr5la$=Sc)|=F>oES5<7#y>P!->`qWg|1froj6A>KGZ9b!CfY`*B=aMQ!DZovM
z6Cw(De8Z{LB~##FJWqUxAxMrv(4D+C(qxe2-APH1RM4f?;4uWvAjlSGObFlWkVw;9
z;5cZIW0-_s#ijHO4;>s1scjf8Q;vbjEvWqz7lsoG>O2asF8Ql@A$)<?SLyR-2&d*@
z4XD3K5hmVAG(fq48BLciTh?HaE&CgYwVo&rvJ*v>sC{)SIV8uR62~h;jS4n{E<m=m
za+5Fyp0QE1L$z%c*0LFD@&h=g5W`OcZQuUFZ+>B6Q+OdTaPvUX-@54ER`74T{%b$j
zUXY(#@Spm`<!BmwpXAGq-#q^>zW7hR2+u!lyZOcWq2uu7hmIG5#}_5zZyqruW=6pU
zi(h0w<Uef_p+ZSWkG@0gSaa~uZ6thAPoQRo%vMEil>Nkm?%oLue43#XobPu$)9m_D
zv+tR0^(As=B%HwZk?ZiR-aZ0y**Wo0`^a)%>y+F0Rz10qYTqj7SeAUR4D<O4-W1<!
z3_px;8^7VviLBqEm~WFKK7ku`=5o%^DH>;i>7q6zyez)Jc+1++hg+b$JaslhC&6}$
z^mbstT%w&nSXYowF8H5gOLQ?XK-2y}pY}1A>xVAiSj%6MY3J<e%4sJgkxx4j?c?g(
zaMiyJXQeaCD}UIT<>lX`Hdi>a>n*^?m|69^C||-}lMtbQ#Y<s>HJ%gWRM<vr$#N<z
zzHNfu^Z?5fxZecH6_h=|HwCuAcWU699-KK6N2Kf_Y?IEDt!K$NTgE>N##x{8{+h?`
zoH%6>H8-Un(_fEBhtW>@yBrrVFiv1X`ZHmR;o;1=ft@*DwqTrQ8QKoZ9$+QrnXT`F
zz*{D0(<^&Ssa@(@oG?zaZn-Qof*40}+Rew2zYoJW&C<3#t1L~Y)k<Scy~K83t(T@U
zl;|CLW+`RcJF^se)mSyRP!p({Q(%dT-@rJ1N<e9f_zaA*@j?$DYfD|dJkI>Z+&1!Y
z=fA)>foT%9nSxyH>}ylr6=9sg+>T{-v2;piH2uinP&oM=V67(Iu6bTn)2S)-ucBMy
zxwhw0z|)c?NT&J?B&pvdhhcAoiK*Wr$3*}16D<qR@k^9WAF*n)6RK}f0;_DLsGwip
zJHJc?RdNXJ()pjPKi{F?UUKX(LV_UzBZNms3T^gX3{Z3~MO$%NP398uTA_1!`LCnl
z%tj1&RX(Q8@zYXhWN|}xadQv;a2nOsgwv=%kZsm<B-NLf4qrd{hvPTK;rRpC_3`<g
zhvCcbJX{DKUX+Z#dBl)R8U+_Devtu@f8Y|KLP<!EzC-O;bMVk@B#i3`)XYw^RgoKI
zKM8P*lIG@z>()J6=lZic-?P9i2sPr5*o^)S+l-j1G8hXNXoF&p*fLz_hfL9=NS)o5
zV~a!zaz5g+V>nEUt;^Ki6m7aKrx~`)f=U2sY*VCDQ})=2JYnm?Kg%{Hv2Ds`Yr!@J
zK&n40*ruv%BT56?rhMnE+mu;G<}I1OCEHZvg>IfQVGH*72#RgWtb02zY5roH5&)iq
zNwE<i#j@SVW-0EoD@_}M;;*Tfv`tm%rMcmV-qAK?ma^@gSqi=KSIup1Q`PD<x2b^G
zrihVjZc`yXMwV80@i_B$iEWDX=ge)YZbjQvb8cw)Z3<c*DQJv9co7We<TO<8!zuxU
z@m%XMGf7Qc0%a4=HP5BgL~QbM?BaAHOdJ)Hi^4XvT+=bgN~W{WYG>81WGh>zNnDQ7
zJV?`gV231Tsb3iw2M|4B3>|j12KfzG7l<Y<T|)O)ap${X-TD4LMnd2ITFAGWJD)l5
z(F7SQsCDNnFHdwurjPA>54?_s4IiwRO-YR6&cQ|ONZ1>8K3~}Re9<pIaMgu;*Zf=r
zqwizM(b~l{o0r}Ncd=ct+h!M(^U~<Mul@cTzxxI}zqj|@H|Bdr;mh}o7J{RTlJPf>
z7-FweaKYji84&q<&=@hY7fM2U^c`x)nuCXKBjF7_ftu+tTNSxcR_uZg*e=+!?%AO0
z&w{>Zx32AiVqeB_z}hZ|kI8Ny6Z_2CF6fw$F-T<(cCOFnF1UU9T`-%RNu=kpeCumC
zhj3g*Os*j_oqpAJt81V_EYpg1IhE}tgh%UC+dqI$tEYz0j4mzmeM($C8czL(s4rtr
zirGj38e>qa6rfS;A5&Xft8YKY3OkSe;Q9HTXDxdV7yny&=ON;&xY=&!*_4-t-rf28
z;ol9z^E;F8hUd2q!I$4UR0s|&O2*&3G<5ANdT7D)ie$w7&ZGzxN<w<{9csmzgNJS-
z0Ro294jMtTB9ri-tk`$d8yKe&imM(Gv??CF3$)9YiC-i8kJxX&d^M4D#AJ@8yo!6k
znZ6RKXG$a2I22{Nmg1n;jv0s}V<{pr2Hup(z=MK@V59wND~(v_T|tpytr!oWt)Nbz
zUZSg-H!$^*27@)`t3kcQ$7wzOYpR#9!`N>?s6CiF$aO8*fod!xbL~Yrb_u4hWJ8#^
zQszCZzKnjGqAWSTDH^_Su#Aw<W$sQ;0fu=$L%x&bJO^hyv?7_iQ<UFicr9;Nqj715
zm(Z|OpQjob*XuO-&cI<ObQWHh_58C;8<Gu>u1Z<`{By~&e?pD^PdHUsTwMbz7S-$4
zMfJ+Wt+{q4B<ytU%tP0Y=65lXy<L?ed(hCVL1YiyFv?9Ld!*aR{kux4(BtnI;(JVK
zay-<czDR>VL5@PsIdUT8xXGC#=WFEr206b?&fg*Dd*u8*a(<tjKOpB1$$5#Kv*eIc
z2b)3lJo(5W-NDQ)IHZxe_y6+v@{PylJ;(3WwR;90xE$US&b#Ejx5wda<Vmfb!#oMz
zdpk>#4w^{^@9*?@PB`y3xjm<x_x*0q^UiyIOXg<J6Ff7#_j)Z!EuQ^63Eq3#ElEMo
zFi(Q_UbiKwg?H>h9lZMM(o0U_zj$anqUQmzk}DNSb-Q>kdjXt<)Ck$f<4h*CzAUXo
zWwa~}3Z$Z3Ls=TsN<|vfOV!3HU#L;*E<KsG7!5q0AnSo(8GN*Wj^~Cbqpt6H>}*7i
zS#rv8p0z~pv*dKW0d=sA`R7Y*%uahF11VS#Ob-J%3z7=wYqT=iW5*~>pNn|d)@YTd
z+7DKiBuWulSoUE2>zF*1>--7J=2)9SDq^#lt%%LoYzpu3=%%-<c4%xFx2Cj`r8o9D
z#i&-zX<417td^ZltBI-z25FTsG3S$SmOG6hduStFo~rL-N?v)xUZzW0uaI3CQ}U{V
z&zq$#ai+-An0ZD)rt$t`vnRVUhLNrmq_Aca%)ZQCzTuCZIX*gqFXvKhZrTvPPo;$l
z8$_#OSHMAJtU>*_YX@3{&eoMBq@b2iJkvi-*fKP&fx_Sd)d8_7ivcgPwWSMIk<XB<
zf*e+u^^;rg@}LhlycV4`;<qx(FuFul7{O8#Ug#Dx;WaEwc(vJdNu`Q44{K}1IEGce
z%0wy%pRh_=9n_E12=tZMY}jijXw{P?buOC@MoGL@S1;6_sSYxA{jTNfSwxRA1vsWq
z3saH`6@sC>G=6;-oP02JeHSwxGycch77vaW4&q>JJP%J0hg8PjJmrHS88Zg{+tN76
z*&1;LGlT@xs;8jjb*MT~CfiCDBx=@D2@g>v2TR%$xzIm-Bm8x|nmuhcj*Y;cHnTk$
z8#YhIpu%5gD(u_jb_0mJr^WW5i%twW2b`ec+*MA<_(m<ZNvM0*MLd?;pwbUbD8wya
z)A<tvunKDj8m9#y#2H^32B_>&gi?CSyF689L;w98o6iPb;e;)Pqxcy8*LdDa|5;CM
zs*7dN7H761^Y+YNY;i*5Lx6EQNis`yo4L8qT8d7Rlz`<_r+TmO{afmnd9CJeRbi1T
zy)$QngLw2ZU}@9-olJ_d$<Xp@P=ZQx#H1(*M`n+uF56SYh#f`Qf{o=HQ!Sy^+`w^$
zgh6JPZ7f!RFJDqg%}Y&_`ZVlI$79)8_|x_Z^(<0mcny8g>dz!*E<%6z(}t(gEORpc
z>GlB#?vg!^fh$7;%GFFZF_Re>8i3Jgz1GYC(8BQ0r{32NjP{R?<T}V6?6iD7fwQm^
z`}&7R4-CpzMsCz;P0zu~uR6z2OC^!jJZGRXJZ<iAkOyX()NC8ltxMXQs^nV}#B~!H
zY@%!vDbc8=-Kj*Qn(UnIM&x*?U1tr_H?OA1nIY#g9L@cuOghEbikb_y7uD}m%6sI{
zE~WlUatJk8f$rH2D;>;8Zxsc#4Kx=}m7bo~F>JEU#x#+&088OP^~coA5IMBLSuLOK
zQ^ydq9Jy?_`^0AAqa)hbqikTTil0*3-CQt)A9WdLWS!f;6)bKVy5?PwHb95DxBnkN
zhC?n648vWJ_Pp=!cxO|7`*?oC3;FeD@4D(neMnf8`U+Ctf;9ZG&#|%Fs_6Xw*6qcP
zJ@-7W-M(vqMX9qObuLId?)n^|F=u`U<9u!?NE;TU-uGM9FShJ1wCuiqYQAOvHSbS1
z?p)j$E^GudGn|K~Ou-r3W7zt)q=K`^bVmyR4)#N%6jY#j2u0C=ND&_BQR@mTAbP|j
zc$91Vpu@4Y4~licJZt;lBkqGkVjmovICc^wR@I$Q{S%D5t{M0P^8JvUe*;IW9~%SR
zgw3pNY-ScV+~qOsGBNqZ1B3m02h~5Nd^vIq(rkdpsugToddEOhG4Redm48Ro{Cje$
zZBOcdpj=br{6}(1cPHvHd+n9(Q0jj|CHC70yOF|{7>d!DVk0^BNE?Y>$<L{Mc?Da^
z2R(ag+eoB}jbul$W7k7(B!h*GgL!E%zj3e-99)!)zgyBE(OG5${I^Tu3MC;u>m6y3
zwhp5da_|s}q5+X2JZNTZBWc1?DSOrkDjJXpd*VZoVQU0c*|I?p8}0H0)o!toOq{XV
zL}1Pm<P9hprvA9(7UIY?jiLN8vcddX|Jc60mD|Sd6>b|7XCBX%;X(&jVY}F|B=0Py
z&P0g>B@>{DY3<Y_?HVO@wPN4+MQt8(v7_&yH;+AqjeE#0>&880rdVn7Fm1EKzoaEr
zkq<UjX}d6Owek?zYTZ~;nVt(4UzgcDegxWNRk(3<#KRuQd}ChdsV0>U?4L}Ll|80i
zRUGw*LlirShRUO!IPeLRS7R^Fpt#vVkEi6I$7{hmZFy(>@QfX55Esmpnh>(g=8FKl
zhy#-nE|^)$maAo!0?-D(v8G-T7tE~RwpZqO@;MT{!&_TQ+xD)qG<sQIt&}Mv4(_RL
zwzFPo058%!YU$!5XQ|76Q?om2X=KMMjUj)o?-|_JM27z+Uy-wEgBJ!4lpzx>GvVMc
z!}xQ7aoqsF9%*9o>Yt%A%i!j%cB~_<;RF}4w!_P7;u_&5Dl%iLewiG>H7a8Usd-8r
zgJXA)v1>_S3==2QG(51EXNXFlc@%hDQQaN_$wb&Nfr@2VLm%uIyt!?D#~6vOedZZB
zhOmTxX<>;!rs<%A2em-X9diB)IsYd)b}|uvL<!{3`FiG6I3yEsn5<O4;JoLv$Qf)j
zWh3CdH)=^*?-}CK3Gm(<E=lS)lln`Ne7wR3b@1xvHPn+y{1=Y_!yOM!B5EnY1-lFV
z%B@%{uv@MAl}0r%<qrk4ttIR2crr7YzLHQUjO!^f$wO$^YF--LQ2oY@xRLeh(qabK
z%XBe=bF9xcW}uywr$!NH$qAFwJYmB5kJCK=i8y;5Ay;nuF=%aMVGN&NKlo}gdl@0J
zDG3o)<CstfG7PHVz9SMi(DgA)X7e<~{cSiI>NQvE>x|CCUP+Xgl#KIh*GestRg7GC
z>7qyIt0XpsdD!^V&Yth>zUDP~wZ-*a2>Njdc`cyh3w#BjoFjn$#4UgDCeCuc*zvX_
z;+U|eQyx5gmrU7=Gl_EG{Ept1JtSMH;C4ZFI%li%W{!R3tfk5gdg~^)>EzAJTQGl@
zt;vmkxh?&I*%?v<rc)>~UZpe-I+YfsRcQ;?DeX#!vQAkK--d7_&J>qz>wHhdJ>Y_1
z3(bGoW2YKEUC%QOIA%Ifj-Y?pqih^-DxCw)NCzZ2H+4F`Bq^H@x}ZL8uK?~f?;11D
z<x=&^mh?9w5)+fDRSA46)2`cg{xyr3jBM(-P1xccd|fc?iSQJxBK@&f1vl{kTRg=q
zE%SQJU%RtD;3=}wRZ}ks$1~fp#fMDHMqp7WVJT(XJF^se)m1gOAmgj%6sL_<a|$d<
z=@!~`JxZ@dyRL_ir=_l59%udn&$Uwm?=!UPaJ$ItJN7G6*-o6#lt1F1usQEc1(eS8
z>xPW;U+~dohVjig*<kjA`yj@(HPVDHW5@YL%lh28>ND@JSeGlAc~J^8ztb|ZGVj0n
zi;)fRHmc?nGp~dU3_GaoQg%mzhU9W{4NCpZyjA`SVJ4c-0Os;T%od*vv#Sow)}BY2
zt^T#ydQ7uLXW(TIW~<?mW-GilTaRhB_LNN(f~mj-602j+#31*Xzp0i;AkxBiasek{
z&IQbJ3)EN+QVvl0UmaMf4AuneSAvU(@#hecgTOK~GqO1=+y`8wqBLOtpk;1sOGR3E
zTgs53i_)qLD|;iYLKkJ_JG336+koh)CafR-#4zu#`HOWo!b6W`-HrT;t-F1zzV5{M
z^R-aZx~nLSb+_*`w(dsx3NwGP?hf$K#3Al8e;*m%jsA+QyZx)a?!@>%)VixEjdi#G
zGq&!YFxM0JDF+xm(x&)QO_8=pQ>h9`e0D|qDH-HFNTtpFwCbC;@lmdtvx(<a4u$KO
z%0jzxSa~ASZtMxIHDLLzye|H0VEJvp@>AFm>_+H_F+$C2BecW_9W_R%Wo?8^zSFr5
zzQ&-tyan*vYv8NmTCNr2t90evlT_aPzLd`g@9C+Up!5oOPv)o!tY8Hk2(uKR@>5kI
z&dPaDCcZlM*zi@d*HoWsnd%EYojbtU-x---x()NuS72H?tzOk7-fbn;jXMB-0I+XL
z`l<gG!B2gr$U2kK$hGKl?%@-VhL6W_Ey_@??Ra8(T0Wb8HKCq}PbK7u{Ud|91{V2T
zYBHQ_DoxV7V^1H$?P8jnW%S~PvElHr)_yLHyTtX{A#0BwKbw5|BM12D9}#yv*KYPi
zel|TFmq&+34utA7&$0AeDy#kod9=D0Qd<3q6lsXX5qKV=^&SP6a3wVF$wX{Adl}lD
zb<f2$_c$(E)%<5-skuwBNnF{5Gf-B6UrDGi!#zGnvi_P&c|M{wKAlWwUV`L5)IPO<
z-ZN!xW+tXy)tZH<KacUTcQx9ipSg^Fih2<JE7AU>g9B1`c|e@Lqt3S-=bUzj2N4Gc
z6upic&T-fW_r_*tp%RaGbIxi_5RRY1X%KE1qf=h}*yK&M8+B^Z6VtJoi}Bb|?b+pz
zmkiY`<0vW0*G~9}=`?E19EC@(D2>^8K+*?4f75ZjX>sR~!p<Y_#TIrx#m+`>AzTC3
z)z4^6{ESM!TwQA^=_wtzene*_Oi&d14KI+y53W+v74G0M^z9%!%2e}U>|9TR$4G*8
z^e}G(S0-CD_n@Swxuz2-c0LRP&aKqY-z0}dTx}<Z*b1h-%W-Ct4E@+g{a8YAkT=HO
zsO0uIvM{Ef$f<FvH$l#`aB`jEUW|$l2dyo4Pu*N9iOXN3$#_XiA!lySGF_x=_{#I2
zT_!&!<qE8vsb-latjRw;HgO_)=ES+N(~!8LBN_E5IZu*9Ly3O<mF3!*j%De7dMwjy
zVhSI3Z4G+$7T6+LVsfl9%~dPs8k~fh;2t~+9KfWs(tD8U{Ubuv2A00r@*&QlDU+-<
zX9;FSXBfDOP9-mDK@6y_`~zJUz$H{SNY&XaU%s-@l4a?VI*uD32EXjvT(u+x9onXT
zKwTi<p<e}Miaw_(?mv?AeK=YxKN==Y8g^Km(HewTZ9*F>m2lGnyc}EkT7y`cn%lVd
z(O5?M${>y$zW4GeS7{bCzjdNa^&!n?-d-JAXWCWQN7SMiq&3nIlMFU=fwf?Usa*+e
zAzdPb4yM#BImE=#jcO3-&u$Y?Tj<rn<1*BUy2y8$9MY3z;v?#J$d@OF<|0GKD;5hJ
zruQiw(yr4*OUeOgnWZDXJ5TWWSOV^zpeFwag9Rx2eoMz<%V42paK2^unir}=n|g6V
z9V~7ST?;NqJr#;W{l06#MQL+E+PolzkRAF*uUu;^cK2OtT#&Xgy`e5h?7=c$BNs90
z``BMzYinPzJyhHb+3>#N=H6o4#^R=);?|Lylld)&io15_M^6{zGsVuWMLBfyTw&dz
zd+Yrr4d31B2yDJS07WJ!D0#mf{3iNDw=R;BlH};ze66WSdP%zqExT~S{?>GH^H6@%
z@K3isb+_Kpy8Euf-HKv&{f_p|#kQV8TTfmJeJhi1>zSvU+(Xx$%z;kuqGbHdOCe_d
z){H^YZ7L<Q6iPyR^c^Ym)~GcH51}ZU(^IT<!++f=3J4FfW03T|zB^WE+kQ<d2G=hJ
z`wBsr?>(9ivCADpM=LIO>=QRL>K?k>5!MGSmpd9EcDbXGn=W?@8CgVLc-ZBRXtk>l
z?8-}H`MxpTEd<9FCFAcF;)7ixsC#ZpW7MjVrC^4TAac*M8bvPQK|J2|+pmA~^}Mt%
zFYnXc0%>0xf48K4*IpMP-E$jpXwt}0Fhi7JWS(dBiA=(Scs9CnAqcaOhkx(%V(;NX
zFEfga2>8qGB2%O=Rjhkp)0o;fqG1l1hmepDLiMhs0E{Q26&{D&JVd!G>PAKsU|rM|
z*H13=A6e`_S?E8Rmrg>{JP&^mrk0Jrc^)ZZbkA++B=yS3RWL(HVEXE2709)KKQv>>
zE`pT5za+Ds4MkWldkgek9r=Txj?ux3k0}rAE{OV!zj+=hVsy`K=?Hbw$W<^yNMN6&
zSp{+}uvRR&(IyK~?wuuB^>`FuUF<FdyWhq41BJ=4o3GHi4i4XZrDA0xPG6V{EQjvL
z3gyva)xx7M+{GYOo$uKPJEC~;_W*0q@6q>qtS^7dh!cH64&9Goc@J=+yyu7(-Ol%n
z;A_AwgzvS`RfNHP@3mB1Mu<4w5)m#EWQGe2YehU-PZUOsej03j>*zeXE$w(W1}Bff
zi4}r77A50v-iQ+sy63jEgCL@jsZbKqqwh#N-U4VbbMO#~q7^*_wZ9t^nS=*fDrKZ3
zY@LLyJa_}L(5oXMHQ<2df=8E)Vpm9zJh8%Ln;^Xe>85afHCd_iJ+Nf(5YkIaNG=5i
zoJte^2Rj`~Gh~+Bke?!QrR+(0Ox}?xD+At9OQqF=6<%D?%IqGrmDoLKuZbhGl5;|$
zwb;YSSizYg*=j<p*fSv;9?Q=XGE0y)tErbO;2W6|=Aw5i;2W8xz&Gls_AchERn56_
z4wEV4vd)lMYEafI8!WaIdia1^TD6y1vO5vo2=0<cms^_shW*M^IvIbrG16!&v*cHr
z($f(yJ308Td~{bNv(y?1kTl=<A6fXCn^%42g`^hmTWlpWFG^wNH(N&5b`?j2gj3a=
zV&;`ChRjlvvQ^m@X);bTf;F6G1o;=oe{q^Y^XbQF#vRNSe__5r@SE~0@*~Yw*V=47
zrrENQSyH;$m)ER#Q-MfxB*4D02%pv!ozAsJJov_XsI>W&Rb8b*8m?+iA+4wM8mDtD
zN}sYl(y~gYbF`jutM}{|u%7KkXooREp0yF0+8EktJt27d%rUw|;ZkyHPL1i;GmuFf
z>j44y<FP4lz6XXZCj`0X<nf8IW7Y$J0E>~0?3xQz=Y0FZ;C$}GrND!lm!%(6|6hO@
z^)5O0;N%)(7bp8+?X4e&0ik;JV@miL9Ier)>D<-Xgcf`zsm{C_QxgUco-yjx|Bv#y
zBa!Eh>+E$BiYQ^PgNLHC*WK{E?U-_?{~I2rvvR|!x`@R>S!Bk*Q9bZ$&(*{wzc@qY
zYH0i_`Q(2W)jgnw!6tX>sw5JkR6jYSa-ast$9Ql*reKhQ{p2IbD4iLtHd7>HR>dhL
zK@Q_7ZxlS`@~Kcs`%`PaWDHsKihgdPwo_Fd<otW8g;<G<?Mc(iczR&DeLyMI8H;Ks
zRkMklT6l=+W-76T95Rv<YBO1UY7Zi`W^iFycff08hJPN3m1i>W#_(DhV*8t1JK@v0
zclv$Pf?aA(thWClSH#!wLK#2CvMK|w*gyJS-SrnrnRc7|z6Wl`hT;y`yJJRtT6>G_
zJ;hCOaog@<#}>|YE4Fvt3rb;_3fizJZ7E1w7NlKw+Z}rj=Xaec<GL|3Ko)k}-u$MK
zpKRUpE6HwqDj#|(FOgdaKD8(rf42}51Ov^Cf&aGj6frN1xPlo%g2+A3>Jqtx2l0%?
z*V%1P<@;ExeU+_(-Bv@ZMs8}gucVk>3vboRwRq+|C{jN|TnngDKeH$qf47V{Jz{}{
zbpO1BA|jvgAX;!O3}(yWn+dvX49u2<m92Kmh|_su?832O-H#i>ZYBh)On8u`k~iSP
zSIKw-+ojJKZ@|#Pf-aT^x>$8&?S6T!CL3L>at$iMX<&SYI?|&eJ+A==X;UdJ;ReuG
zbV5@0EUTsEftHrXqNN3WET)acG_}HY1F$U(%`Clk&+@gO?}3d*_bPHW)`P3D0sl9G
zv(X982Cine<!snq$C;9pP3d<c4GgFKM;xbJA!lQA#0RW)%lU7bIIXg^Cd%=b!`T3(
zS5q%n!r2fMB_G2T(YK-$=-X{ov3$XWsG3vgSXIp_tbQu8!P#h3x|Hrnqd__NYoLS$
z{cWLydq6or6DuWwdbnY~GL>GU9_+XpN*|*u0*aLWe+;QeA-5Gzm+-ahwG1{#NNQ{Q
z`Tu6F(5fRMXsN0>O_|6Y2Gtc*b}FG&(|n?_Bh9BbY96;;#<(@CjawO*M^M>ab-lI!
z<sP@Gp3t7$5q^%IkyD1XiX`l+s*vPLz!*Ofu@kykR{2EsazaHW5*^diErcu+b<2gV
z1g|clLpEG1OAd@bcMQUAwdEhqwNf!^e+pDKiOcm5<=T1evgnvRlxrCqJM{F^hmIXP
zbo}_C6DJN04kepGE0$5sux1yJgG9<$Z#NkNjeR<qdL=S@4u&#JLfUs`?3j^VYfxqr
ziTIg|vl*Ru4m@}E%7~Ge$Y>NCHG@8?PM2Rpi*woZcw)-tU50JnWw`QPhLisTn4Tt4
zwa3%1rgW<PFjoCasdjaMh${Rqq1j)oi9$2hOVnI1m9+bRK@;i_IelnLWpw-hB;QKu
zcCB$HHW`iSvt&zo`!X~Y(HWWxVhO<V?qept8OhyJPI5P;l2((uS^(i8Axgu7!y>p6
za-31!Lo`@Sc4iE|ObZ-AaC47NcpKIfx!6qQ>}XFu;`II=MmH0DXhIz3AT~i(rEll8
zrUj`R!ZyX0&H1h4`Q{gd=dQ=Kq3N#6v&VO>i3_>x{J6Q?&SLBKV*9RQXMb^{5Sl4&
z+j%{l-+GW_YPM`Ec6JxnZ@Sm!D>3Q&@rI=<GWh@~O%?RoRB*SGByqm5gd|Suh7uv1
zL-|dIKi^z|V8>!`TOqjZT_+Cp7lZwUVE^@*Lhy;aq~xDcbhi*x7A52F7UF|X=)nbx
zf1c$R*@Or2>_UR_Hl{%w=cVKC%`vACJiaIyf48LLd6Gw=;DW_JPq{@d;X$-*1FQKG
zc+pB)92B@ti@yb`{4;e<Z?%Z>=u|kfh@yCj@&<J;!HS7Xf#vxDY6bTw>lRKR3(yqy
zt^z$ywZh&2v*z-ProWr<hAsHt3i`Y4A?WY+ho-+f82!Djg#KP%6J`6$p}%o*UQ;iB
zG4%I_s`TFDrN1`{`nyxvv}*MC<`vN2TXbqM60oDeQ%#V4`7Og<&;RD!jTK22bVP!n
zzPFzLA13wv7&tG2Ugv#V5$8peS`p_(Q2JHZh~T_{pQ76vY-aov*l}W7lPxvyQ-ofV
zg`Yz6*#w@z&oNv4g|VgZN9kd6*{bxWf|1rpkn#0Qp2_SAcqSc;XVOQd&3UW(-a@Cd
zYEB_9p=>v}CT+?NWoM+#7@_tWMyQ>S4F84f1&vTEM(Arxj8KS;P?JT@OU!O6sI;g5
zFyf<8OLas#_yEUoVUp#&?0HSdkJY~G{HNxqDW3~yY<V-8uOsspwt&R=RLv>owrWlx
z1*PmZboN@5JxafjSXfuXDp<#7pZ^-G0N+U}i2ofa-x6yfY<w-=0p$G4{=H0X4h`gn
zO|H+x*mKA2L>D;MM}fK{PLeBFJwx`a9wYkzRa?%fX|szAo;@*fOg;%M$FuU8WGcyo
z7IM3nul=~1ypqTa;4NMW57v@-D0guAnr*r`@KSnuZYGf_;~j;(7T!>+@!rSM(4M4g
zchrpL)qAPc^YSESksDdQeIu{_YA+?#>|AU*Jg75xNMrud7(AtxvH2ocN`*#^CF4s<
zWvqi9X*p+SbtE#h#yCx{uJWZaZjqhDMg0|hTA(Y(l)`N8aN<f~P;#><h3$t@*fSVP
z^MYcnEu*h;dRsn!p^nGRM`A)8jG45)oSD>Wc8K5Mq&4w4LtCra7=W6XN=vG1mCAVN
z+FNHZN}2U=IH#%XS7$uwm(#~N<H@pWv;#G9oGc~(oLEhN^3bfNtvkMVAun|nLpaLE
zWlq~Uv+2cr^8~mz#A9*~Le!&kQQB6Jw&BvKkDDB2{HfL*#rD2p@2>owBl(`A`R*s*
zCwA5I`R3D%T}2+StJXK+q9`P6Ij`62b#(3GT3n@EtgVg;Nfd(xb}ru>;k_yoKxqQQ
z>E_mzF`P#7oA!Oa8BR-UeU0TqO#do0R-vT=F%(1BO7|?Ue`Vw*{i{$(F}<)=jpbda
z><s0l(VH*A$p?pSz6h<BMalTPWyI+b3oNAj=c$OuCp?HQwryH$+YXJkcdr)OQ1yP&
z!yB3>J)HeFp?U(R5Zu2g8GrNAe#nZ5pzgU%r9@o83?TuP=_%Hd@ZXGy0>X1g+AqXY
z@;wI%!Gn3}Z2ssA`6Fk^gW!>~h2Ysm$@sg)BlVaC7S#Ro@E<XAiXzCf3~Q_oDlA_N
zex{gXLWw2pUIh^qQiNe<eo<Q$VU$NQ;~QK;8O9HG6~tnoU_%5tRAOMrmy}{^HRRj!
z(1v_lnIYe{5<|X!S(ReMZP1+DToD69lmY{zx>Ae~G^t9MJp_|W;Yu++rW6DAE@O2x
z)<D7uMGp%JM?&Y!><WnacT95qoFFopTGo#u{!%6fgqH#<AlF+No1^pmw1r&%e5}At
ztIa$$N3@m|XqLhX+*Ea4t$YOvF(PHN!5RoCTVPr_V5}=&4eLs<87kM+>{rhPm2JcT
zNdJW`<I@Wzor={J|BV%|tuE`@syaR^XR<uZNOl{{$kiW7VzS^XWuqxCJDM$Pqlv|a
z2Q0Ov)}<ItsFC#K_HsHrBhTQL;pFUe0@ukHS5jo5wUL3{DLE!*a1j`i$TX3K8<Ud^
zQ#eDK7xtE*qoBFTT9o<``VexPJPP%HA%f|9<UG(R2@k0u5Lr3bP<XH;+it|FbjgZo
zYDuk72mxhQtGy*%WyC=h*TKn<9V+=vMndWuBQMoNEb^fu>X#X0(JdoYilCezMnyd}
z+eZUXn+VDVDo0jJ)Q#jkNj2;thkCDzn>ce%En$-ewrGS&CB1jxFU(+iA-YszR43%J
z*i&MbX&$!>i?*S3*vyWFn#*_*Y9GD%2suBdmtNi+OqtaeX7HsM#mYDbPwA|KzHB0s
zjSAMm5_75@UyYR^W6CoBH=OE*U~KhB%5257ZZ5WOE^h8Fc5J%W;3+ZK0)dqZQonU$
zu^onApmfrU>}6DbGpPK0_~;U3zP*K)y{Gb<p8s4Mc`3KMU}tnem_yJ#kJsb^EHM;=
zTiyW;4ofIU7lQ{GQGE10(Eo5M%*`Cs&BZLhfDG9<AsaGeOeSc=!~Y)G0Oh7-V0-5A
zH*!Zhx(wxgzP>i06vfH$Do~nke9UFf@~RLQNHK*yb{EoMmvkz1roxBWmf||-s&mLl
zx4pv84eHi||6T}W)Pt(6gW(DM+ed&IkL>uhx(Nb2Wlzd=fz;R76LInPO1W`i!MTWs
z(HNIFerza62%`&2T=wT<m;E)CT=wT*^=tKn84KQL-b-d8-t438H8K|}N&}n6<wG^~
zk_0r&b~f`-G=DLd;$lY8J2C)Zma^@gSqi-hRLw1Bt!hqjL1NXMg3gAhl84c?^`uC&
zY8MDXF(T!{e>ZUG1kA1Unxn>jORmh8M_ie$Yb$eYWion1h^=rKf+O^jm8m$>ziqcR
zl?F!h-H7-|$UME5f89(y$NakSt(QNzE~zcz0{^l7{NFWsFjc=tp|Dgnr=YQv4nxqS
zk*-g(h*ov+K3VGO=5gjP)`;Lql#NdVzS=`mQkP?oL%ccg;Y)S0V;goF+3~Dv{J;^{
zHpeArXhUx3gsP_1j2xe%tD9wx-Co5V&qTe=l7-y(9yyiH$~f`LK#d{Ss#9+ATnab;
zO<pFGyV`maFD}8=Lr!Lr(xlEF?MV21O}O>tSSmi9$mkb)W};BTm`q%no1VT}Nq2pL
z@NL2tptgV9q`eGv{Oa=mjJkrw&(lO*)o#m{UBsFxH)N}R10BMNv9L-C%9`rO;c=Np
zKXmFpKwkB~kyC07l-<IqdD9oal$gvuqz1p{)jJppSjep(Q(Mc^S9VGPV1$;^S2}TJ
z+?UPIWtW^f?U~hC0%vH#``}dQ>H8eJNAe>l=XX6<rb!Q*noVure)%_FF8W*Z?frjz
zFn{8&%pd;s2d=s%-(9a`-R8xPaG@hy+|>8Zo+7LvZX5kc_aOA_*A2j|<+`S8&wNr(
zIa@zxwk`k8k?$PIOWVJddF#kLS(n`YE=UYGh2Zu@$@rU>wliyyW(<;UQz4P1P!iIk
z??~Ip?50r)Id}*~--2O1O0ZT9|GS`4N?Jh>xr;$q@7w?TumA4rIQZPLAO8G~{nq2j
zTXZ}LbA5DLxnS|r;o}bT6jPiyBF`u5F<t-50q4_<AFK9<?H%KtuK(QW8xPf&fH4V)
z#AABkfD-pF?u;-}hifla&m5f#^a-O=K%;m;qquOYC@^uno$=rj@(%7d&7h?`N_{$E
z82b{!ohww@me{#R!}*uYJy-G7bfWOf5gLc8eNDYwiO{&97x>=2qLVjK3N%S$RldGS
zX$Tz1-U#2r7_NgMMV%&*=sY(9H48?eG}LfHBJe2-W<x@gphw6g-Ru>t%<X&)n!k^2
zWj3#^OyHYhjjgRrT<i>tnjX+3B`b3(7;4EKjifSjv$JUxtn>225j6pfIwdD&X0ul*
z4QD7BnXb%E&t+wXWm%3(7}~7)=Tfhvpg7C8@+BJ&b%Gc~%-~e1r7L@#+1l{uIrBA2
z4=yV4XF6gi7qCRs%2a3Lc#p@g2z!ZI@mUbq9z?9*lpsSaLGwhw7F}I(q-sQ0m#imF
z=;{yA;R<xM+%A0Oalre#59N0qE<<L^%|h+UZ`%ENm&g0;W2!)Sb>i|Y*3@{YNqv#N
zkqL4Xa?X(xA%~H3+i8Uos8LUn^Ab5<Bxj1885T#GsW!ddZu0$i?i@mn%m_kXcl^Y?
z_rBZfS$DtrfM@6Zth2}S#QjswBc5~4`)@c8dtP+j&pCH{p1l9-&JNFkpM_gJx<O}F
z*Cc8X52|F(0}}9l+wrnPbt*VvRA5<8sZ-sGtJ9%+6gOP2;(=RFOm9_E>ftsh5?r6s
zpf*nVa3N0z(Q;>FY9=wJPF_xCL7{@(ki3e;o*Sez7<EXiGE6zh(OJqCwca2hXK=|*
za#Eg20D8v5C6E!~dOAw(24eoU<AUC2xD%+m{7E?#u=N#JxGvpgWxj#Q>E?Oujt$bs
zB5uZnkMJ!K2=7y1ArnEs9=n_F!DMnX+nb(<E8@1Gyxt2$W$5LaxX=9Uc2wLNZ?<D|
zcmNy9qA=gCct05%-Yji{=G&D9a_P0an{BCxIDV;`Q?TEw<`k%hQorhBBxd-b#;Bq+
z#;CsP`v?SFk-}bv9(zgnG6LOXot<xzSeCj3vM#2T#5RO*9Pd9+5(f}vC;r#rKN$J5
z=cXK?#&LG7m--<}v-`aG^-EWXr8LU#Sc1p6V+nc)`n5~&m^U(oZ9YWb>+GH;u%#@D
z3q#On(94t0r~tP!h4}?Mw5{rw!2C1v{d02u1)Ljxm6EhJo0iN=V^(^B%?(N4@j)R1
zK_O=^Isb~BVRGoBQvWra41EuLpVxQ!O<6kef9=3%baVukLo!))Zj$V!Ml*@5He?ID
z^ow2Wi+mNZCldnzebe#N;MT?9FfKK?>!@q!DQ??wb5FtlB+k?udLTtz^gju%QnQaG
zeh}Ea80anpy6<|B`hKAMo~N$4=MyUTF*zT$bQfB>Kc+<FZ}uU_Clt8P5;u2$_Zb%a
z84LQl3qHM~Z+(qb0saQ6*x3EujjVbjRxc}J(Iu9d^~cPNZhk^NE{kTpVEOMY-vzuG
z>snbKcyw7O_<OOME!DGI99TUpl8s5_dGgwZ0AR7UA(U*+_M2t}NUv$rtSJ3i-Vhc5
z@o*>O%xnVJApR)<LOSWdF~)1Z=sjU<;@HX25!^3VWmizMg!Iz+o_d>{4svK?R7vwo
zB{gVuBRRNY0;Y<|p|gK=jxga$0Kb_5_!wc8HV}Sz83?~bnZLFKi0^~RpPL5?{wD~;
z_c0LvgaGk<48->q0=)!-``!=q5{U03aMnlQtnb6N-a=b1f%rZH#P<@w>mvx+_u<yw
z?_Od-0`Ywx`g;q0y&@f$_YrvQ`*2h5cMr1ajaa>`h&4bw)o;yQ^glr$zC2oh_&x&h
z%XGnj<>h_g(Pf>$o3j^TZ_XUO`j*~8izS7P$r^~a2VYq2`or<Tn!pz?EErsCIKLPY
z=D{ZVxdQPTdaZen5ijyJ6U3`I0;5a8TJ<ZGx&+A7O{T|ipJzEj99|AwR_6cu(x9^U
z`fCOM0TWan_<VrM18bnt`mwCBN35ekevs>H?2*qbd*mmWp<G~W;*6|=%l@(bCd7mo
zPWBg#6i=L41|bgVY!VAXOrZWz5#n|oAqKRbNyih@(Y?bLlUZ$7707PM`!|+=>RrWc
zUDsbQ5a6yd1h|VKz;YoV6NcLLen2J!xQj5rE<*OYJ`B>0pM(H+83?dUh+-Gvk6j;j
z%HQ42f`kBfeJIHVNv}vpb-M@w?)q@O{GF?;dLvdZD`E`<nCiD?HW1+QXn_EC5r(=<
z7Yt0dybnCOtP^;1_9E=fnWI-9ps_Ji*qE##z-tIFZ7SGRh=)nfVf>GiEDTY)?6K1-
zutQ;MA`(7V2rz@{%>>o29FWiQE80!K{s^dWIj|fZSvjy|dEX*nc@fBV8ABM{g0B3Y
zqXtJ<XBU_p;m<U?fN_L>McD;7B>aUP5xUqBAuM~891(g}{rHOm3PJGK1PLligI(aU
zK%Za65#j0|qgKGXn#QQ2^om$2<`H4NI3k3NmdAQT=o?oFT3TSEx-6T3O!6<qCfLdl
zNhanLjmNUFC~o_Uk+4%VHWMEm(MFa*DVHqu_7cb?4$!);KV9$-m<MPBf@RRdkju~L
z0ouT4`2dZ{m5hVXSW-&m3ax;zlJh1xf1RAKlk-h-UZTZxmK>(c-c7z)N+5@XJTg6q
zBH5Hf_uVc}&wZcE(<huR=KC4qdi3&CDzuS_$7s^Uxg@L)q%w@}uWgLZUZn*Wj%6|l
zm5ykk%l@hgi4v_rL}~R#93zsnz+5VsWrb$aldtI4AJVs~{uUgqHHn)X)C4RPWD;RU
z-(>V-2Z(q>sD&Itva~j9zRYASm4Xl-9X4uxHYwqYP^*bTU?nykot>VWN~Uxs90`7?
z=gIjaa{fCxY@|v@Pm`WNSLUV@N7cWD!N8v*^H<^Abvd2RpEwTUZ2vbLi;i7??g)J1
z_BiVvIN<!u?{JR%SI5{V-c8Q_dk#3CJaMtkdH9}#+)qw<CY{cKd$85$9Qfq4>#J_(
Uj(ZMrKY62Jn-izVaM<|&|E4(8jsO4v

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_change_detector.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_change_detector.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..a72517b15c3d118eb8354686c7c301b90cb33940
GIT binary patch
literal 53673
zcmeHw3ve6Pwb<gn00}Mukd#F015%_!$P)MwDN3^blw?V^D2FS=j420&NQi<>0@N-j
zSxo%weCCBo^BTK-9=ordvEr9Dlqauo()2}f-%Q*#ou+Nx6f24*v-Rt^lXNnk&TFK|
ziN>Bzr{~<edv^gY2~Z^c$zTbdz4z|9pWS=+?)lz(*YEdnaQyH;3r~GxC&&E?Bl=OH
z1@7*(aokIs$Vr@N6YY=KBs)1fPB~?Jm^<Z?++ljfBYEJ8;}QOpSMriH=OeyT6;j2i
zN~!XcU-F--lB!M#l5nb8sy-Ev0%2~W_9s3dy3PefH~f3xpFbB8?K?aiCwk9Sb^1hK
zJ@=IJDVtQYkrUU873XTtRk@&f3@6a(6e~5Hy0u&*C;IC-v8u~X??GBa(gaAWW@&3l
zS^(05ENvZ03qe{9ORFbowUAcF(jFjbYanecOIuIU)<If5OWQDPk8GG|iKSE7a5gDt
z<?w}!6wY2uhI=k1(!<H4$!u~k3rT|`30aQ5ht2Jc*wm{0%Mp+2rzzt2=x9Q^s`_a3
z?A5WPD)fwvAC?9$rm(DWDX9jJrsToQ<)oAx>PyO*acMBARzEh9$U^0#J&9~`I0Hpg
zJ|<-@r-qUeDa0oZCenaCK9W_v<LT6;@nk$Tq&m}y(WL5^v|{2}tk9RpW~J2makwMZ
zEhVAO^q`YIX##QNIN<;8B!HK=0T@5@h}mOY%r>C)3di-Cb7?pOZXLUi*F(m6fQ(m+
z_f;CHdPuaz9Ot3Tm_u~#;hSK5h>kWJ4M$uPtvyl_?mnCd%Zbskkz{!ObE5qNJ(Wri
zM<*ICX0v1R-qzNqcgs5xW2tB=olQ#V#7J}`aenWv&d!}GFD1uDQiBQkJ-p)xFZtml
z;S-Rsfhs?yJ!Lg8ru9I4kaa=A+--a^Jv5eqDx@kb3f?9x#fzo*9*G?}*4KON>@iWo
zr=qUuIn#Ug@X6j|eepAWJtvNdXZsGHJ$a^A!l$RY4xc`{t25#>+CiIz<;wWX!*Hmb
zJ$ujf9eeD|IWe7(F7#xElIO@6JqO*NCBgV08Kv<dZJ0*KuBuh>(ZtiqxIQAJ2cWnB
zmU|Y!^W6JYT;;~Oy3KRJ2j={NcLEz`11(CR<(>L%v-L-m`XleuHqF*<Q);)(1v=*%
z9#k5-U)Xym;H`Au=DaTV?P~7eN!!mGZp4kWyHGBtdi4tBK{lKq9Ulf6YFi+XH`KWE
zFwA1y8Cxrde>i1{jy<j>F5;ZnS~w7l!Jj_>YC76FI(M|S?`ZEj+upW!XWQPkwkK3~
z;{0HH$IggL+JH^tuOy^2j2Czrl9H5>WVK3$mnoi2jlw{Jk)~F{Ah?hkNyaZG<ckrT
zgoF6HjpUZ`Zo*PM78Ib5mSl$8g;!B(hV&-*m$w3dr^|Ddb#t3qluey4Ms76D1wwN|
zU~bKhx!MhPD%|)G-7dGZ9&iWYpB?%OcXvA^y~Lg4BpXcUFpWzN(JnbfkLbk7Q*uGb
zMM7@TEqR6=5nlD5g`4Qj(D_DwuN_L5XvH)-m%#**&cgT~31hS6Fx=_T_#ixua5@vF
z!$*$x=Jgp4Ytm;O5Hj}}?IZHS+S9fH#34t_)@l=7du(aDMVey(zXasy(#~mT%-M&v
z6de7V^@%y{in*+&mo(gW=5oxl_XNjfCR?=pLvM22;u8;ia6B=-(<bu$!=3gne8u1p
zy#x5hk)y9#4;kl1PH*u;kT?WylBt%Ufv1NWxtOa<8~u9Q5_NgGYII!VY|eGY25mB?
zP-|?rUPn<(kB%w&qK+Lf^`yOGg;*K$w%JI`H?T%;hpDW!dYW;DHv06k^mEcC`uE$?
z?)|p0uR(9&8&YsAySJ*!y|qfcg;P+$vFzRw%DuHpy|uBRt00<ow{pvx39HM!wHm!O
z?2iN{x_dICV+jervW4GYN{-9n<mg!Ts`dd6%am(~e&_<SVn@4#^qPbpnCo^*BI0LC
zLOMf2QsKJoL;L>y*KHF!n_I@Nc0^>~7qmcle;7k;5jmO|8cGhu2Q%a8tnb<IetMxR
zBC8&)w(Abn0jLN%5OjT51w2kt%90|w0TU9td!d@HMXHgKqrk~nRRkG#Es}9GGnBfJ
zS}14hA~`jxCGV~x)r8O`^q7Q%iRu|7eUMZuOix1f9U8leM07kM0XYX`(Fjn=W0H<r
z376yN$5SJ~UjVr{k^u}^T^pA#X2wT`2x@$IBy&D75+{t8H!deG03SCdsa1!`!%Jn-
z$B@WWLviHh64`k28DK2Zi7Z?}M$PoN)T;c40Bt7pyd0@eopN&I0&*`Jf9M$;mn0zN
zkYPz)PG!brmDkCBsTFUy0^3e|u-zQ#G)H#Q2yNOfb7Z%SOc633+CgdFt>kI3Q5+{!
zWSmlw$#^=Wu^_VAl}Cq0OU%{@b;>>%)X#Ij4mC_Y{8s(XKl7HLgdUsZ-wAG>dS>b=
zCAeqO^G>Mg4Ss4u3GJQa0dG3Ad6J(C*3SkTm0;tw?&)CHq~~3sZdPbigvK1d^;&`e
zMc6vaYrmWP)|}ADqBJnWZ=Jlt(i9^G7Z~<5mdB7-0Fvjh$|gl<%JGpY8v%+CndP<L
zO+Jznnpl(uX7~tJsi7!F3@$M2X)KQ+u>d5KDw`FdImd6C3J{<O+h%#~caz_i6Pj6+
z24?teSfz%d7%{lOu&1#+hQtDp3{`&XxvxK$<D0I*vjqS*Jj-jpn|#ycb1X&!Gmr-L
zX&8zT!wVYnG#12gSl|}lMA;)V6Ui8ox&np-*+yVHY=#6wOEEDbItib4#2kH$6@g)=
z9sNwYMA#B0-O#VYr`9FfGs&2nFdbKP!k#c4ypGk!h;}`NLn)Ud<^iU|+5cG+)8QIm
zl94{fewcIVEoMxIQHv#$5_9S#x!yLybQrm;SrwKGm=4!KF>J=z6vbrhiRjjt4j$N6
zKE`WIhj*Y>zgtsTz$O(Qz;t-^JJZj=ba;X3Z~@bC8JI{5R%O|}<tz8rD)p8Xi@4l(
ztD@XntJGUoETRjTj^)gRmF3=AjoupeM*L=`BYP#IF&I?nw<yzL@D&n@AEhV)q$s5}
z1W2Jt_(|%Oc44p^!EON81%uj__F(E>1o+jG_957h-~fVy2o51QjNk}@9t1}b90L&X
zNyjmK0>McHrx1{4Jc6M|5u8TQi{K0Z8NazYwHnrBw3`XxNw}+pY1MWMT6OU(*kt(+
zK$HNT3UujtCD=}=(kV#^b(CpRAcOz-Y0~S+jtejldO_^Y#|Z}*kE_0T9N4&V&>qCq
z%6R<Jcwz*3Lx>6S_=S`tXGc=$BydV`)f0~oWd`GM=`kopItxIpjmJR;0TTMSp|k^p
z&mscOz=R8vwqghYiuYw~!=G}$bnbcIS?OxNx4y#FOmPuo5dPVL(gHm0N3jsZm*g-?
z5&ASHRDKWJJ<)_0sCI#JpeW}cOm<jjR|{1NNL?aVe)q4T?ekR%d*-VXocZbmpzASZ
zrIiV;`xK$Mi88^HCqm;tfyxBlB-UR!WrCL}6MSODiYXH+iz*ZR%j&IsWkR{PmZ$nL
z_m&l<=oXjPTlva_a&N6%Z&@i5Dh3*0b|y!xLg%&9plr_kr&uMCd;DFCcKu=7P-C7-
zlSwl)1UP}@!yWU3<fFR(izdlOU`aFNro37#Wf%ity-vN&dMgvaYZjaP=H~`UNI?8_
zjy2Y6#qK)Bl)^<ZEA^);2BR*bFs>3qVoj_{ljI0XP#+6=S^60yIXH(@z`qBiIq!f9
z*<xgheiYfIt7FxDFzN~qP+8iR^-ZYF`-0akX?&Jq4p6P%EgP4mm;<m}FdplQ_7an~
z6~$ydFRu0%yt)sSRRst1mVH^hwWi!#t3q#8_n~!G!I5?k=!2H)+g5N9qUk`)9Sh_e
z;=s27B-*BNxX`x&O>x#@e$&_CQ~vge>y|Wol=5|B&wt)5Qp(qDUT&C8)|vXonjZ-0
zb&2&+Cz<nuVEem17S!haswK?%ReD+aS)230WGKzU_^Iwgfm6W&vqUA%5|1v`z-t5H
z$u^efh}D=QhAShRCJrBF41PG34r?0eFc=zxF<};yblr3~B~z1WqT&xH<nZC6M~@wi
ze&|Ujuj~LR!9)cHz}nz)YA~r=IpAzTq>=BT_OF;U5@j2PND{0KPNU5LSU6B?2nZO~
z5G{CVr+x_n+NE|dlwjrr5yPTjH(Ec8B-7Vj5=vaq5~3Z!P6@2=Np$yzg2`H<9V{+X
zCm^*IvC7Z|Bw)L3)P`0WZrY5Z))v$pfXJTm3W(SydW+gj5c6;&+b;cqKtOvSo$x?N
zSNWcmkn+0jBo9F9&~CdEpTe#@OA&Zh(o=|PQ|&1kZeVZGb_|(>UC<mDELzt^))bg=
zEL*TFUBH%Cn4Y`ITAtW&RM00+o(;KYFwe%pss`x=b7QZEsF?a;D0E4(YO@VShdI)1
zj^r6+>`{p|3N_VeZ<o^KMhqj5F0=JUw;Y1YhA^Cks1*m5io+|%?7}shaj?Hh$Z;aP
zQ+Lf5_)#;C#q)_!vHY-8H{m#W<FpbwHP3vbEGYk&j5k8{FCTpIV2*G3ru@ReX<;*j
zu3aKP5n5(>?KjQ0<b=&EN&_>PiKQudF`E1~-||AY8AFdj))x-a3+AFBeC-m$X92)|
zH?a2QO)qY`7El74C*5;G?X1wC2n{(tdhK%rC_;3W*M2woXijKgQ5u-xqm!3enqtJ@
z0>hrh@)!~eKr*Rvvw{z(^V+inC_?8ful;WFo#X)-DR60q@5Cy#G{uO)1%^G1<uN1{
zfMnBMc75lG+2$^#xhuzaL1S|e7P@A6?KiC_vJ@Ja;k&SY4NEa%aDm*iQ3PP!;;|MJ
zwjM+5<~&r21sO;aTVSN*__nE|6bNmzy!N}vx8-mY87UB+;oGoPTAE_S-~z**#_|{v
z3*6${7P0^N1LzPI&>kSgKn~F<y1<ddZgxiK54PGxH_;!U7J?k0QNR?Zg?j=zA9!>;
z<J{lL+!Nd}x21c6NAzUA7UKz5^iOpHyd?JoKIR3U$lL#ni6inYiK8e*9>HV<dfQ5J
zPhh!#gYXsQAefY)C?>D-1!9G!QSgbCqCe)-c#VoB@ET11rI!i3MwKR8dIfq5IHtlQ
z#C^6>wzqS#J;a>=zBTiUJ_|{9%6__<<0`l?m-eSC!3D<IZqNLEtcvupVGZ^#O5l5W
zVhtwr{|{3iSFd;<`}HTVq&{Z3ppUDI_8jBv#6Z+exI{q=ilLaG_1tnDOQ7e*{$#ic
z{a0msy7B@SshQY$8XT@t=oSd{2xCO#a6$r)!I2S5enUdR#fM&v&j8EnL5veC>kcEi
zgEAe2p+JswVG{_TZi7gw0=ci7R0A`idZ~$VYDflF1{nq^h4q;2se#5PyhB7-K81@0
z6Vep`VD*ev6RH!)+jaswmPVD@2BmLeVb5YI#DJKRo1HR@`FZ3dr6o6H(SCYV>kLXe
zGO|)u+ZLiC7s@dVHOc#6{sz+uVZ)T?ji(ji$fWZfa~Mo6vQr~U@S#tt(Z%+i-#_#E
zndzE+ub;Vg>E$Q?{K@NQCcU|ueRCU{t_|nbM}dR^SU|%}US$Lb4Il|)q#+5T#gK$q
zZ_qz18xTSt{LaDE?!W7Xr}(p$+J|>JsqMhy5C?D9emF^=L+}KG0R-m|d=<ezLGUDk
z0(*lvrXfIuKeIQ8zV8gW+V8bgx>~8d0b<}A#SVOh@VFm)gBlz-ebhd_k69dChSDas
z;H5%~1I?7)m<bBp7<tHvU;C154mA4$lie_JYAo9va3xU)%sLpp9%Y*Ys{ce8ciHA(
zwJby|C^e8AFVCK*Y;&+$y=9@<O)q3~;4j-8z*j5p_*fj#i_hbX=PJrCl+F`=5^N4!
zWt#(i`1M(937JHo^qw!<9O%!~ID>~1v-MaKx6X0_z4d9e5GmUnXam7K3YONNWt#)z
zUBVDNNhX=nrC?>7gQbnBPtJ@^Yz}%3GX_7;z`$g5pxYsU8ksE9#%vDyj-5X9Sz>jN
z85yEh2N=+#fkYNqy7SWzj4#97KuTg1b;}aUucW6Dj35|AfVx^K0|3<Wj}=vim!_82
z?nYD0OJi7ti~yDIQWgOUOIAsRPUMZ!Gg!-21V|#O9<5E%7cl9I02Wt6N2us9CClJ4
z!eoYds%TBBqaLu522pkNXbJhTjSDEHneSG4MFBoiR!Z|NWu^22O6hJ?N_Q*G-8sIS
zD5bj<0kr+vZ(2`eDKs#{ccc1O!%~bGTp&tmqX@vd#bYfdY(0k9&3UL43o`t1D5W(8
zw8L04kEyB4N@=qZaS;|2$eXfKx~!Bok^Uc{QhE<lN^4XJqgEGEOzT7`QB6x<L&6DF
zXwoEtuOnze@C^h+8NCZbtq9r>bRwYs`2P@sXxd1ZlmhLu^k;bSA0gNYU;$lo4_<!=
z!9E0wyXhC|nx$`Ho)-|DKv1HuzVsp@zls2L&C)*xu!xR%6D1UN9kYImx)rCab}m95
zE|?3SP6?W3gFtjneNhSRE8^b&5wHIg?fQP^^~`kLf!8xrftR2C^JlMTCM$Av2j(_y
zneyZ|wt<ZnKqcQuYw`=s!iomaM$1S;8!at{Hd-6=%(-X=u=GMr^O}RwOW1!zUtCPb
z{Lc~d8UiaF^UHVv0dg%&$K1wr%<WXij2PBBW_&R$7R%+?V!1q9ESDGEWZ7J>&ysjp
zHrK1x;s83WtwCp~o3Y6gTk%?<x>;YU&3M5V(l_q{TcY_^YN9i0hedMH)7`LDvx#mI
z*231Vn6=OLR-5R_w^$<@X-r#b@_@fjn>8=7S@Y%DtW~VIJrk2PFG)hmashczQMyc{
zD5hbvR>^GE{9@IL*{lhR+pK|4?(%x8y4+i<)LZLe>L@s%w*t$0w}R!~TBY8y(nwdD
zyx^H0GR;FD&c*!1-t+(Hb5Mz1@ZMMzSb>E4|IB3ZS+k@Wa#NmN=||-SUjuU{e8uRo
zLQA8w8CidZC0Q1+TqVuptk+7P$BSYz%UH2i^MV(|I&lrNb*)~4l`_-YnY0r)<D(}$
z4>qrV50=UnBU9vwMmi7+SbD+3t}e@(W!C1+GE4JgEye1b`IIiH=UFc3`Qm=7rCS($
zbYJj5AF^@<N7^&MG@pI?12N&GgE3DmnD0SQqF*(o$LcY^X}<ZC_ow*4l4hb(=1cbc
z^|w&(hLTndnU@>J=L1D&k)U3exL)(C4v8DYjj_-Qt)-#SjcG58pMa&mzDL{yTdcUn
zaMa$my!oP`JYTE^RWd9@8YlK2W(;QdN-BF%TOxiaY%C8q-?{qqnWHC<p9D=O6)GW>
zFyTuNr_#^tZI5<zf>S~Ol2lh}G%=i%9)$3F_(3UM`AK9@L<8E5`H~10Replr^D`@?
z_tbB00mUcY*>$_>0L`xI0MC&7aX>a!$B)!4-#vrK*N);NBEmEBoUUNhP@MAmO%cs$
zq=ve2_|biysYO*kDz;g4Y2r2_Wcw4W^f?62Blr>mqM80OhQ0zoM%g;^6*dK^tH*XC
zhMVsOou{$Y1taPaOOXoI*_K$wtJo&HllX$H-7;6V;f+gg?NhcrcE@2~=bQAu@8;HR
zwMq>&O+7o6QGy5PQt|$&=akUFB67R(Qt`&(?`*mE<t`QfY4<kXe(mub4?q#N&+^*u
zCcmBNEsYeoG{bL4EvJ^I7%{lOu&1#ohQtDpY;yhGjat^-O7rd<znf@TcPql~Szh~1
z>xnFd24?u(Sigp)7%{j&>Nko2tXn+RV#3yAh~1orO0gh=Nz2+h^~76&pSLS}PUp7w
z=J;NKiqJdDYrmV2f?mKz3WR6)UTmP2rWi4}z_6!DSqzH>Zt=Z~xB;()31Ys0mF-Jr
z7Oy(M8Q2ZtRcF3KaI7p|g_)KZ%rOR=5y5qNB8TGI*FPfhs#r}J?aElCl`Alc^F#qg
zRB+iObSRI6UYba#6qcI_LYCC4EEljeHAPvPPaw+;By{b>fx`tPbb@#cGXgsNbn<FZ
z8XCz;vIP?%mp?S9=`QJC;-w}8LkNhHmXO7kN?PJo{9Q!6j^KL;kO+h2)1f1|!Zp;7
zV%n0FvtPi%{B&KKe}%cfkKhD?QkApV9@!7TL;>mxs#BXi>fp>Cp)~<`a1jEqlmdQ?
z&G-RK-{1*MsK2SbZ(N#cT@B*zBVMh1{^BOMrp9f~?)A-8hF&>4wOy(0zU{E@@R2kC
zJA8LId$sQ#qTEIBTjzV+`z{E;$CIS~4pV>Q@P296Jxu<+j&vJila~q39|#WT{gT(5
zN^`PQy+Bg+Z&)&E1S!P;&?edvQYA?zxt9E~W;)M8Z79elh?cah3x$^<{{ZXu^2gfr
zNJ{uvJK%F&{#c`5#3%J*edO@GkG1aD&%QP#eXvpJCH-pz<ok?5F1nB6vcJ^QkFczN
z17M+V<by;`qFX7kc3XcX4=?hSEUk$DicK+pC#|I<g<sG65t4kezLV$PX!;}gPMVCT
zybCYT@dggMzeeyA1XdPQe~A|mpw*IG3jlWoX@B2Y=Q?A1zb)wU-D?3r?WhoM5dPW0
z*6L`4Bnvw#H?yO1Np7&2@~G8h<ffiU4)xG|D&Kn-vQ8YsWNI!&w;LjI>qK}o^-MT(
zf$j{l9o}+crno(vNDqZ|nIU`k7u+z!Em-mTqLYvbjsjyU*g;-&Ygg<hGb=Ef5xpP*
zaG27-)t#g{P4?FzSSG9z46IzHv?eXhZLv_8C+4wSC@jeq3WII$EEfv%!uAN)V?Lth
z`?oreR?<RYRj~>%DG>Vq!ldF``9-9dl2mV7Ny>Vb3;4(4i%7A}{fcs$Z0~Wf?4|pd
zSCZwXDmCSqe+ephrq0(Da^N6X1L}9!R&eZ1=q-zd!eH0*<@Hu=xwl|(u+``-E2FFB
z_EufFw^pgQEKFO{RVJe==DeHsiEA<+#sr)naq|a#7An!~sw!3ubL86o@0;exrI|sL
zVnz^#j~_YonM7}8NoE9LEi<R*Ml%<fHLLXW6*9YGb24jPDe_&GtE8En^;_vPc~MNZ
zVF)ZlPd6V4kcH?2+MFL;!ko{HFZ5@v&H1=Mq!0e9(*n%=7NZlEhz!a0Ho8P)HH^hj
zEM#SZ6${1fr-1_@%S6@yR*mQ*lH}T0t)&rARS_eg>KKe+LLI!W_uJ51o?O0CA1B5c
zw%q|kWElAyFt;)Gi$3dG{kasyWIZizT+&D_<$c<s--+HD{mx5zpXTL;k-M?z{V;<(
zag%12;}^qXL(H#@vbrUVvO2xp`dJ%gwJ^fSNQ0TIM)Z_CE^zJ2f&)re&bVkSj|-0b
zgpLba$>RbQ4h6?D$HnIIxcFp_i{Tn=3EU7Yf!j3k$l)+@*wiqLXjF>w)dh;K!Hgs&
z2eTtrqpDlJ2utS<P59_}hkSXE3e3>;@VY~)fRlt@83{>}_na8|3jh-yvWNy?qc}l2
zPm;j!iWE>FY>Og>rCMwkULjgDBDhOp^a6tX<ut&KjBIPM=-wR#>t}T9+gd<C+tvbB
z-_6_BBI1-TVr3}==qgD(Dksbf_U^$gK*p}_(O2+Tffle8Jap^06)00TB=bGHstbQG
z(=}-VpVmJ^@K*q!(&KPaD~RbD9Z6~hF<jFk9!>D0y2yZ~I>{55{}ci;I3B^!qX<qT
z=tXb_!GdON=uWEos8v~fG%;r0MWZcm<BT?W4dCV}HjM~1b89BzTM$>lZWy#k*$~~b
zH-_$yaoQyQ(w8GyJm0UNdN~cR&+{DEudQjGtJ`?(+>ME!x8KNsW^;{ivSOiR9~Wwv
z+H+%%5<E8P0i?jDsdYEjDb+obu3v|m-l)j69#cZc=~f$G$VHDR!JbLauR{&fq0N*0
zT(EvN*r)^>uXRrcyCyyF3b09Y+2-wIvw6GqvF@+|8+E+f*8OAQhr)F2p&trU?Jp!=
z9({52+GlRoZTW#P>C4p~niJN&5>bSv9Dg(?G|dX=Lk!^`oto`Ds&vBM50KoJgRlVm
zHfX<_dLm7^MYEEt)8rDvWC&26o?9WMlh_PkcN*m~l(+e#M!Sxi+I1Y;bzJE@p5q}I
z+I3tJj?ePi@1~weQ*L3jiH4`iC5Fimuw7big~!rKYzDA9jdB^v+x&5C7ijTezYr*V
z^Q_RS2(1wQ(came$CaJ5U9C9?7q$x%S+!)F5R8&`wXzBr0+eTNmlnfz>7}siH1NUi
zJY3yjo9u>pN8#2ydBD6PxMyL7!+!yMOEtsa-~|Nl!oQ4U0je3!+;eVpJ#3@O1-xpl
zTtH&gLb>2!$_3bDmbhlSMYrSuH3P5uQJ-)eH%=FU*hx9TAY@{@p<^Ihs#7|sC7m(0
z9Fx<DG5KO98(GLN`*p9CDxtt5d-2^vkVYp5F2I0C+8J|NsQ_XQ5tI&4Htr?DQ(QBI
zwTiv>xfiC7>~mL<x6fVWl9+L@J2ElGNPiU^pf6@CdbeoTN>Tu@T)<>in(8QGL|7D)
zX|F{;+k3o96jp5SaoB-24Z9MKeGPicN&(;&tC!VVfpTxHQg2x)0G8WZ!E$e{Qg2y^
zSQlIe+<V{afcwba<DtC0$CqYeTZ*_ctWTP{xR1@0FoP7E(FW$_h8eR4=FF8A|FapH
zwXPKLKg(6pJifZ?fa_k@RmAIhrS=}j8K3PvF0QSIFP^mmfPLxR1Do|8H|+2-llpTV
zdX3{ifm6Sv9xP>?p?L;5?rWUQ%MCqRUu<+5_g55?DT>4gv@i2={o!#p_>04y$oh$6
zk6%pY?<w1xNhiUA1b2G^-?(HtYZ#D_eW3E!f2DiQF22xK?{ym$Nubng@hxX1JE9nZ
ztA%7%gUkU1@E!1v0;ao90NBihff$Z)u-{k%>^BzZgS5h90Ba#fABx-x4pa$U=3a7z
zxzjKjQQb7mbvrKDuG@Me4#UBaNNFN=)gEmlD{skIsBY2i-8Y;}C!ZOU4yZ@-NNp<5
zAoO({<&5#HluTq{d(e>)wo7Pq-$-UKF(My`vQlc`e&r2N!FwR$$OU`f%-jgPy#K}h
z-#Ing)TuOez8&g(GxLFrck|`QgSLt7rj2u9zgfCnF9Zs<>+Oihup_VPfZE~K+95aD
zg;u%*p-9lucz!P;m1;cSgUCk_978~ak24U81gI_jw=mUM=xiC%D)Y`-T{3zW7!oKg
zL<LcFo7TlUKy6=gpLwu@{tAXbX*+CLNRZw*n+rDPf_o>+Vx(>0D|wUu*u+TY-Biu{
zr+#D`wf-{Ldt>;gnKv`jL39QDrVMZVw1B}GlS?4=<O8oiY?t8!sK?L;FsLP?58%9<
zkhq9Xf!&kO$-`2rHZa?>8D@Lzt8I_j`xw^_Z=QC<Y_Jvr?h@*VIr>miQgEc5qBC<g
z<{~Qi3+x;JCQx>~j@swbL&h0Y@UEB}RPgTpV}=4=^bDXPg&cj1!qZdG4Nq?`PF_RE
zpBuG+*+Jm}{JCQuHGp)Tk;|H^XSsk1@D#;%>U9*wWb~rQYgB+o^oqWiM^mHo1GV}+
zn970{7ankDjH1wM2Q|7Ks5K|h1xe_wwS{?53bV}Kswnr?D)m<VD)d%mxwlrSx2&Wo
z&Q@+&GoioSTdUDq!}dtk#6v_(ZZZl0fjC<v7ewQkq4B|_98QjoWv^;0$%N(c(b0r-
zHA-Aqd!_#dFDT_~P*lI**0(0UXE)-B03u#WDWAZE;`Ff$@^^#sr4%n+VZ=o7lBUM>
zmd9ySYqGj`ang6Oymd$e-vIzLFzhBv*Z3_{x{*0l3xC93K0@8Mp8NW9Ilk#yBLSdv
zoaMFOO}=UJIToXV8A!Xr(i9_x7c}H)EREr?z%9OsYN$SoWAt$xw2N$tJBvsv0xNf$
zzr_m(P$NYauSPxCuJ@gOaJRX)(dTNWRUyhC{If&n=<jD&+%-7lsk@CxU)-L|cseVm
zHbWyOcH&hzoV}RHhVziZg9J<49Q#V*D(sCzO@9isWB5*@jN<NNK%vfGRAWUQZJ@>U
zz+K*n^Nrcj2AyxJfQok;RD6F^%+=~3sU8dW8+5J#PN4AUzs%fkU`0GD?Hic&`eb`6
zHS28xNzCh3wEW^U``&(_)S+ijH*#Fe_n7_k7R~&(BJEqDS}iF51#7Kbv05!ShXrf(
zlUgmbdtla&W;f)BG5K)j|LG?EqL2>6gjj$W_y-LG{{(O_v0#gq6U_ZHz|}B{-%2+J
z92YnU;EIQ0p#QhAK&PY2NwbT=0Y=YQ$#yNcE~BQf)&$cDcoXKbq_>c0MU7lA777n@
zF5tR?rn|AmHcYHTOKLyLl8u&x3)_KQ<^bckbl!^H2hi!J+?FkypBwHc1Pg_%^iyWz
zg|!ZOTjSm=TW5?iXjM&7Z02526qBt(3hTeRcYv%Q9U__tedWfQfoA<#o63UOpzwf^
zP@_M0{S3VATFpGX8qPuZ$2Y@kxiYBvonlM1nBJ*%tME?Mm)|M9AN#_3$T+XkJN3Yd
zzf)|yEa{zMx!|38z%;t8-@s4$JGIT|H$9a1ono$`tNc!_FTYdz^Zy9nsSPXsPO<T_
zq<4ztf_G}er~926UaPq$_$~k~9ftpOUMRA0;_%svNu3!<r3;vp#0cR`Mibe=i@?Mr
z!->J{cmkBWba{dBNJ`E|CtR>vz>f9_51znDL3NI0q^$H0U<gTX0Z6?7l+T0<%*+u9
zPw2^j4A=ykoI|1)Pml;flG0(MbkK#oz5&<~yR-vN1VrqME?-M5+2e%8@;w{YR*&7S
zt1=;AxE-|MD!99dD)Ym33>QVy%WH3o$kaUk0yImlq|YW!>W;Wg3Q<%qOA>;o5R3qr
z5KKDOcF?54L%Z7E(Mwh=gPRi<S({h0*I)AON$*0%YL(VZtrV#1>>_pP>p<LRWr9|j
zUd#fk_Y(c?LLLm#UVLcyh?lN8j?_}`2cCF8Kr2+9xIREg`j7ZD+@!bKwR4B1^TUf+
z_5VchD+IqrKpY~-^1Y`aYIbheL;WPagvphM#;(RMWF&Zh+IN!mKj!I`F@Z|jHe^9m
zK%cV=9ux4!X}%6|e9P3X1>_9c^1VcwFhAQCVCm&IKz=}c8)_P1ZQg4qZ|r)j<HmOI
zZK&~0^5C{$BzNA38p+_>&<)-U=(F$+cs6XkQK1BmPP)xu^m5>Htw)ql5A||*=B>J1
z^n?;Txv-zZZ8z8S;CBzcc5r%4|7!<dN&I;92ctimn0@$h1%A68f7SNwgOioHHT`qV
z+rJxsEk3>O+-vb`wx9Zc;{Qec?8yNIe!B-=ZTNP4vMRUk+}xHO-_5+1nXdo*Ynf|-
zpKkcchF@%(J@uplzdcXB+Wzg#q>!usyves>-**P5woh+?Ei?D!w!nUw`yg<moyKmo
zLwuGuezyQgXuQ#GPJ{3azYpbI8lGar-~!;YD>MLwd}olQ0k$bdli%j|O~FF7MtOP+
z%i98bY~qz^Y$ro92cYppN=P?4JM=xrRPS`lLplCXuH_*`I0S(kmuT$9C5X@R#_tv&
z2~9UHnbROV!ym#M)bJD|1{a8-zEJ{TK_TCBn6XVUn*26@XbQB+MtOP+%WHXvUYW*r
zG9+^V8gCMV9{FBqDn1?ApW~0@BKsBL2n5~=(AZl6h|luI?-n2l&2I(FX%L>_kKhez
zc#08&3xLnA&;S(jy%0+SY*UOTzs(<+ikmU?7?u~=Pp?d4I~kHW07ZWAJ3qJfbG8rE
zb>}`%>pw4p)QkIf-3|Tgod15k8(~L7|3>G3SmQ>xqoIGZ^JhUfz&v9n6t=<3&fT4Z
z_ufiaxCd9{K@4(`4a;00(lagQ2da8Zaaf4+7BHpn-^|2$3mDUjZq)E+E?5ciV9i#$
z#pWnq1%W~lmAvR7+ne#`m0C@CEQE8w;Ijq#iefU8_M(_fAuf6~<+@LV)r(A9j)k-b
zZoVfAp&Yc2iB?Pk2;6)IjNj8}c=rlyy6&Gis&9x#Wy;~q`KQ2XR7PJ5+&n!=Xf<8W
zM7%G<7o^N+UNYT_K&=|e3_hKd;@YO`6TZ=_`UdP^)kS<v{m^>qXo`c<&_#ilWEav7
z3wTN9)o+ktNNYJv-kpRnlCfZ<j(Q^%mX>3LL?8_@%*PI4ro#x10EkplW!J-)a00<e
z1g8+RBKSE1;;{H-3_XhAD+rzkAmd;&f1T+^c`NxS=iLeDzUV_9il@@LJEBUKR?U;}
zQ#AnnJQpwE2!5!40Br#ESEvC#({uIP<^mh;c%0-T4W5QgQ_oC2r3Cko74)YhCDgI#
z`uV8Ac?G8Xh8*9c`#$yLcJ@FNpd$3lLOS`~gcJcBn=pC{!wob%ZA!=RP9qCN0QffF
zvjp|c|AzaMev80Lee-vC0Rd`Gh!q~HZ}z|MtatU;?(O!wj%v<KhyxD7+u$_e#}3+|
zKVP->>GAVPDV>B=@DLpv$y^-;Bh+3=!7Ll4b8u4m^W&+JY$`32omJI!@v*B|NR(3K
zsZ2U5C9g=SY*O{IBo+7;l16Ay)lIXgTT_Wa*Z|^kQj(L=RC*AIYN#$T5~U21=A;UG
z9h`F2pcxxT(Bz0LIpKnYv!eupOHRTGT;dU+-beBQP#tnsQk_Go!7O<*R43AdbXnr9
zh!jWgGJ?NE@HYtl76EynM6ZSdU^<}reNgfENb-R6e<2MXG$;Re0Jj}Bo9&le^fw&$
zRqiYP|HU1-XXkD9dmMl}2yU<CU`$qTnp@X4x3Te#x7y~O6N0xLaDLb4zwLrE5Oy_d
zZhJ7qbAj3yvM*NLM!efT&b{{c6&PyaI(FT0_%LrMSF=SCwoU=j61|N{@4AHFyWo7U
ze!Z>v4hP`gfz7toJ1`tt?>%bUY-`70I|L8gY_Rw)!h0v|4Yr4EcQ}OiPS}i`+igc}
LzvB>+@%jG&nM$?F

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_cli.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_cli.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..57b911454c43eef17688137107a74a903c2c1527
GIT binary patch
literal 55364
zcmeHwe{>wjec#^iy~7<2zxfm75&Q{~IQ$?9l8~r~k|;`~NXb~9NE?(dN8kWn2;RZF
z2T6piSZ-Y#N!`SGv1-b8V(8h4$hI${+Qd>5zgN3IY}fH0cLZoaSGl#4_BDEWuN6hP
zeBtYB`uWc6%<df*za)_&9V`yBGqW?ZvopK%{W;(7wMZnS;P^K`jsC{OK1KO!N{GX2
zMy_?a6y-%lQ*=dhY3{==-ObLPLteujQx5rbe~hkp4hIgYx_T(62U*&CICQ8=uVQic
z;jkV?8Q<Z^p=!OF<@pas57p>3hidiOm~t}QyFuL8I%|QI$}Tgh*DqIE6ir>JXu(}>
zo~bvmyb$uLWL_i73nMQg^O{&*HS(e|ZyC$0L0+xQTh8+8kXJABR<OJV<Tc8?l`O9b
zdCO$pDm>rv!>bQ9>&-D`$lbbP?72iXlaJ-oM&5`G=JZ(pbUOCnV~@tt*}Q%(Hj>L^
z^YKvV7`xt|J9{>j9f;}ap^TB&Q~69TyFGR~Jv@R2p3QHM(Zy3KBhw$tWS`FUvjVYa
zGWpZ7v$_5=>4DfldL*44NN4*qX(JwbheqgVtGnbIN#*-bmx4!9Lz(^~DB9{Od7nt-
zPhWJEf)5U7dPlR_w2p$F{^3liE;*b_4J3{JR5m%H=LR#w>3(wp*og+-ga2zy2wqhB
z@M`cwOw$IX)it*9K|P(yr(>xYZqR>*LVg=Q40zy7b||j<QT3v7jT$Izd9deX?|~;C
zKdEI?`rw1Pf%Hi>a3@DGhAf&y|KcO(N`9U7Sg%I4DE^Hwf)|wc{Ytp;pWajOHtCd6
z)@#wrYxm;Hi^@qwcj0x$Ypi=Tx9-(ED;3?Rc@g?GAHsm<N2t>4rw8ek(?eQNuNn%q
zR+W~~d_Bl#tJgMJ?=+(AvE6hP6P?P(Qp3YBb5@O5N>7_po7OQ`xvYE{hV<O%NW9;C
zqtS+<1n|!W`F9Y$s3csy;sMxY9`wl?^fk7-#e0}_C)~Z_+qIR?dNfb&!GyQx5k<)*
zwwPB2{#;S|Xdc+ntBRO)#y96p_;%vkJ+X7Adzaa==I>)G2bJrk@vb;p<ac`yt_-Xy
zy9>=+#nGZ9+`G)D6n#tK9kcbVrlJax_F9j-&?oCjoJ)JeJ?1Ux6(zMm+|!13vwlt0
zf(d_zi=_g6^`bwvwi-m9bw(cpqAhVw<MrF;%6j&>MviHr+&}82uc_k5J(BR!*yUal
z<FTN*s!9YgSK$+1u;$9vKj%?VMZfOSS+(XWa?9pQ#aw-LNNKG;TJqBBc*Eb;Mys<<
zpW#K<4fno%7hPkW8@G&{>uNPZ&zX_fz8J+iT8()6*-Sp!kA*Gtd~6@j-qmVgIZGR(
z!}*Jzk_Y7|=%QfPjp~$Pr1d<jzZ(USxqGZ$!@U6k2K5x6#AtthR8M0ecW1J=dz^07
z*=pcAtA*xyM-VYPvI8B-jpj#2^P%VYEjy{<9r|i|jBv?Mz~xL@r-h&tlwB@`?jJcv
z>v1xrmui#!Slg0%dPK+iHiD(C6vpM`snN_Z7Ir++FyPa$QCglfPUl942UyYM&~WZl
zYB-rqolTd5Nh39gm2gBaRqtny32=8n*K>NQJ_%5HHkD7NpB))aWf`0+`FWo&hA{Z)
z;X$_c>&vN+Rdi=QQl0k1PJ3bpPw<Aj?TJ11VjcEGmq80$OdfiKZnv5Z0t1ic+Kz`K
zh)v6SY3D4kAwE|vdJN<55WJww)Gqs4^Y1l()0lYj!imC$?#bHS<Nldw<8*XwF}k*(
zZkXs~K{2{vS~Y){)eVK{TAAdLE9!>vr)6HzO5uVmJxT4!LNbEvndpXsy6e@*#RyIp
zBE{&gY1RB)R(BQX?v$Le#bp6xUhvCQ(MnyRrsM?~L3s|aB|O7WEI~jFf}$)zz$FN{
zAiU-_LqK&X4VnQMzD@`a1A#iBzxpx?XhG9gP|!@l8U$mt!2e@|qd<vAG9&5X463iC
zi|Z(8p<p8god_J)T}DME#ccsb8MS0zd-u$__Rdk0I(gIj`>9LI3mbYSYw!7(*58(b
zy5p6zFQ3I};%qUxV_G$Tm(?AGXbVqH+2XPQGA9OQs%WLIP*d`PjG+9|`iob<PD==k
zdujb$T7U1v_18O)85~^j+FO&!_Uq}h;5wy-V}!acZt3MHFWu2;*_|8Zouw8n_%|)N
zA2-UouAp|k^3=;u;WY77G1@h)n!n3xS0TENC#P(2Spb<6Ps&u$N?oC*<OLZ)`K2Xy
zX~|t;`rsW9haLRhiA%2fbZR&=uo#rL<w>(f3~Us}@s1r!>w1c~5HZfrSlmL)abVF8
zr^R?~9C(hJn=uVHEyy1?4!onFKJ@zYuRV{`rRR&$ho)8YcUgU?KqxUKr)+Uq0GXG-
z{xFLdt<)82N?wo=lwVqq@e0^K!X+G-mZl{xJdMJgxFGw6b3>Wzf|200`$r*u&E_+Z
zoTj<lROFnAY1-q9TZ)?*LznfyX&v4*Cof{QYTGf=H!Z@)FPtuH*gaXh=VM|-bQIM6
zuOE5s2u_!d6r=m6Rr7aQ-Cu}y@Z^*&E(;*@(!(-Uv{F~7DS1IgP@XTsc44Pv1b+%K
zyS&*Fe>w>}d#PT<Atcm7*p+o@u3SsP#Yo&8V!0dmBM2Qy`oWG~DdZG6v`A|1ga<-4
z&xv(5A)8glQ5<TCH#Kjc6oB?R3gkpjsb@@dYPDTw^+Uw4XuHHSiKk$U3#*oMk7O-;
z-d@cYcQe7JSMzIugx3^v`ud2k#}3=5IAE^mg-`TCoVl2DWWA;?jWZ45Eg$FL(m3Ci
zaSknw^KBXDs-<zh9penOhVW6H^jR1d1O=|T3QYp24U{56=t2^Fqt&girwSVojM-Hc
zpliUC33TWaD*Ap34p8tYg4S@!J51_r1e!{!*`QJKo=KlGbOK&_D+O&7Y^7iu1%w#s
zaSGZIwEFcfiXWk14+VP>*oFE#^={-CqzuHx_gr?rk|AxRx*%?x%w&^H|EknAC&uPj
zhsmmb0c7O`<*ntbzo~ue<Vz=~o8!gi_+)d(<nqq(2qgCfb<_FgVsz8AYW^;(n@BQG
zsVOTeFC*`KvrHAsQZjo|-82(jQBb#@2cL55v}*n?t6Rs%cxuXu%FD<*4`!rUxLB5w
z*^}zlyS3L%1$FcJwqkViv}*n?tDDE4;i)MrDla4Ne49)a%Th8Mg&0<<SK)0siWgW-
zG8L9&vJ^@t&*lb3htr6MlgZDFriSU$Kq{I{4rX*CPjb#|4jF-Dav;~AOzJ&oMZb@N
z2Pk-$f<qMaA}BQ`lSUpIFa60>KCfp^jpB_(CAu~51nHpYgfp^$P&0$%re9Rv^zMJp
z>+yBJ7xMUaQm})911<_5aQ!mm_if=VP-SP`Nb1lB)s2LPWR(`u!$VaVp)h?*k3cu-
z7!+6Ep(h^eq%5u$DOFly8K^}*oyrWSP7Om<6zZ)|YhtQDnWxjUC`A4ZhGHQKk?pPp
zs6)CxpgN?7sY80p)FFL$pgN>)Ud6u;q7LboDs}-)y#?x!!H-lOGQ`v&t3IGQ<lQ-|
zmNH2AmdzDYhtwiVbA{E-cGwxHp!Vkf0&m}3RWHqzZK4ppgXb!`G*@@cT-7Yi)m<}J
zwM%n#x6BoI5_LxxEZtfCXzIaOZ~E!9Zlq%evJecV(>nH;#g652!<C{P#^`Y1PRyf%
zS`A_>pFEoa&wyx{(keTd!!`WnMQYtxhTU6so&FOOhbC*=KPEX&TS2|=_2$=_ak>PC
z#C_AM`Ma#%SBQcPrsR|@E(;*@Qj<&-t<)82N?wqWN%cO?LikqmOSs+Q`5(BM$t)rM
zhnc!E4=dzbPrU@qt;KUho|LQ);)s~3EAuc%el?$r7%1OrdkJsK;`u0;Fq7#*d=xWv
zWp0*=^Pa~qFL2M}5{bVc0%M89FNb(Y0r9tXJT8&=v+Yh5J02rP$AWEb1X{62Zy|d<
zd>!%5ct<7FoqK;rJp-=hO_I40+WuaGzMREK<Pf&J#6beH?<25-*}jP*leJwR6PUd-
z)=-j4EQC#3zHc1+!@Hc6DTqzVlq5d%u5lYf(owM@Ay+HxM3zbmy;5Dm`jqF~U+$<>
zVJTpgDM?s6#+`d4cco*sweK%?E^V=MZt<>hpvNIoWJg=DZr}?w%{AD*JGK#vZLXp{
zPHZFA#VUOh#Yq6CcTliEsoO=BOWkNL_zo{7dfQ1!lD{#Lo4y+{gW49`X1U~TJ^Q-Z
zu318zX<P6!hOjRozV?orzxKInJcj#R`vL;{*I%}aU}Ztw_N}uoVHef5^VmhTZCW*d
zm(^|K&+*ih6_uBfcYaW&idO0hH6$;{2+DKSB{zB_4yn4dP>g2jYn*p|xI@22*l<`{
zImLU=&K1nnJ8R{vI?9z3*yhy%^mpzx^G3L>jqB^T4P<mZO%(<aI4pD(+f;3f9Y<-5
zQrpd|oZOpwbMYtWHdhhYm$)*${M)s}O{&{wq9EtvuQb0*rwK3-;?t`6yR62?f0L)C
ztf;(<ya~|pX5pfhx<U=f3o?T8bF8OJ*bQEYvcvwh{pw&hOm}F3-{_oQB}YHlUPRj`
zX5ve8pdWMBNMH)|3<ZR#Ix{ntUe&Vq6p3HWSCwhFF+|+g#(;!n+`s_|U%<;M_iEW*
zSOA|nUe>v5d=f)%RN~5IfaK1gT=)2vDA)2&=2z{5S;Cde=eK-GytB9rTGbL=Q$Abv
zukp^BE3U*%TGmWzdINxHRJY4M9RSgds<t**)x@^Aw#>kds7x4X7>vlz38w5j;A}8T
zkU3j#CUf|<x0}m8g)SSv&h)4)`)6g_-fkCYnp8K>L{}HowpSuAM{t^m6iG5_{w}L+
z<InTdlogeikvHL&siKv-LJi3aGBT;Q%|v4bweyuDFCW2a0=w&Ajm`XBRyzyP7*9^w
z;<5lTCmxomqLsQrP00%~g7RDenCme|^kej<FdX(tiXErm1O=a_AVt9t1;Z5NC@?5E
zM*(3Im0HPtlt%$6{2D}skXG_N?|D_<miHPw2tsb(_V-keuicEfeOrF1dVSm$2CG`8
zm<%}}JFeZ2)7*;5Cj;1&C%2!G@z!0uE;Hh)2Zz+wU@1zkqz3aR4|3yC?-1ob)=s(1
z7%MRwg~8U@4eOTS`NZj@ZeH5}Hu6Fk?u!swV(=Gfrgcd#8M6R0t+zxkxm|$)-Pv@L
z&nJRRK=M%TJA(WkSg$BRb^f)ZY1g0j(qde3<bG}mHFAHOsAetxeKwQ`i8c?q27Xdz
z5|`e;iUS`)Rl>_m!2XtPcPd7PAI>{Y?|Ok~Q0zI?gbCPyR;@)70dpT~O~TW=N{oSZ
zPSl8cF(u&@<2*3EkWoG!#VFStuR316h;gnG_k(V*6e0CWQJ2*->s_Gt;5Hdho>yP_
zcv$q`#;SJ|w;hixv}B@Ml+<eDKDGzBR;$zM6Sd~t)y*<@b)sI(ZYG)x*;X7t+B{l=
z*b&m9uzS>NjapNp-n>V{BFs5Ai2I7OY0f#sO*&^GIL~_VAH;tZ{-gL0!+h|61&X%J
z6xxxXh^z*$Ta4A<b<%3Eqm9MtBN@XWr8iT2uIlN}jAme$ma(_7tB=_S##TOI9~f4J
zxqV<nO#8sty(jGhw|dy_KE9ieS#b=|w!ppI7V%y*c$#e!guP?YViyb@o3@V;Gu!Ok
zBQhx_GP`9aVj^>=?e_8E+%suC^!%3A(DSXnk{70pyI8oBh21RNLt$6Pm`XkALQhz_
z>m8tz%2?E9LAeW0#;)yZjoL(@n^Ddt0^Lf<Z4_*$fbBz+8xNVhv;?~o=vK*}8X<H0
zrD|cW_!Kk^b0e*dm15Ez)X+`}2q&?`q_$m)yqn!@Gb1;pY#KD~EKBVwOYJU8?JY~~
z;3>YFs<XqM>N4Bp*Sg9|cI_-H*=;nU$3l`@cIIMTF704K+Oz!CbCl`Ya4xRIF-HwT
zIgLN6AO@bCcx1A+?PJmCcvC$Nd&vd$_$&Kf-iOn~z9JdDIDY965<hDD0hHyAPd|_-
zK9E49@IYenf#WQ4ytwl?it*nS)(DSJ+2XPQGAFuas%WK9b7G&oV2@0)K0ILF0S#O_
zWWS6!^1cs6JhKEE6)80Oeb6*?0j;3ZwzyeZR+}S&_UGVy{}twNevG&sjzd1N@V$CV
zI59qt`5<q?QbM`Kd-VX%f=2-*m_jw9rfRaeEVFh7mO}ho>g+Jr7yBHoe4nR)F(Fn^
z%vmL6G3)WoDk-zAwGNV6&c9$Qk*&{S{o-O;=Y`9mIMK+)7ZKRRw3jzP4ejXdU$myw
z4eYbL(UM8^!$30AiI0=-6#7qsu>%80$&ukvD9QJG(PwcGF~Nx0JaXahhkX4ghk(ie
zHHPnyHZTsdzJ#wA9Qw*bldl|5v4FTLXmF5ZzIIo_-|IlG49nIuKP%&a3R`6o-WH{u
z{SlF;1^4>Us)KfzRpUg;io-8Tt>~L|?vo~Uw2)S1nY*#f*|d8E>X;2A0!{>7R)r}c
z5P{6M%D<3g1o>8xgkJAT>z*P8VlA8qfsBZpun}uob)Q6HdkOEVI2=d=>n^d1!bk%B
zl{%iHZ_GfDRg09wDh_)sa5}4PPvTr!>eS9#(jwNP<_6U&twyU&RGG+lxNoEAjIFIr
zBF{RbkCGs<A>(yGxJi5UqE?@q?iG)0Ra0_*U=r;AOI&2WRjl!Fo~wpLHRh`E#G5vP
z&#L1*Dv}JkOJ~)ZtEO8vR}swBJ41D?%f|LHZXB)3<(#-wjEOg6rp%sM3ozYY@s%vj
z01aGQg=o?4WiC~2gw5g%5{(Ta^>k(+t@p&vjGjvC*>pZ_gs>jMXI4G~e<eMk7`xJ+
z%MNCSdSdPHoOQZApKIqCA)x!rXBR8j7CW8Kj~G4e?PvBFAXVV-q^Eo5&K;prqt$v6
zKDmZ-=g9Q(Sd(-48x36@T|3)4I`KQ!(b2<xp8|Pts=u>q$3<T$2>&p-QN2HHl+<TZ
zdKLs8JgmTwXihgu)eL~;Gcd@KPn{hpi6>5;P8p{yxIDLU{-a|}9dJ%%-X%7WG5T|W
z8YbOnndonAEY;az3XET*hYkJP_^?W$XY>rf3b`uN38<8s$<9mC7#$hO>G?FdfZ^>Y
z^XEqJC}GGKM)hnG(>j_iRkOl!d`oqr53-tJ(QG9T49Mt<K@=F_2C|RL#+2&ly(tHS
z%$-b0&7U1f(v<Tjl0!*8&`MRT7Jt_`5;GgFVVR^c$U9jX*%XW2<VA)&xX~zN1|;sW
zy@F9~Bbsh5J%W1}pJN2mFa1ie>s`OHJT?(8F6$T%&!`R4>e`~Z_FcC(vh973KNxzy
zPFWWF{WIfLzX-2?*W-S`6&kOCi~#ZjZ1Y0hosYQ+U5`;-OHpl^Qrq9`zJI1^`Ap-o
znfk_=Rh=^{)?Kag?`E|&VS5(52fSOYZ0m-Zlwa7K*YtgF{TsuRJ%<Y$9-FK^a{G}W
z=EG)lLEZD}zKbB+_FMqjwr5&3f0xxg1u_#u$thc07C`0&&|_xtqLsQrP00%~g7S9Z
zN@#ZB%GWVn`nM<`R7?N26gWv!K1&xU7{I?lYzdO4>?Ip7Ct%dY?b~=&Rs2<js`g1=
z$5r=Q-`;B;#ou|2V!SI<xgY=XP|eu23y91nPdVuaP9m{6mXdN6mhuZY%Tf}rU@3_K
zu#^Qk;Ga?8f(t#v1z(k}4uxAIrF!}t4w?=}gzV<`@eE@-7_=a-ib9359BP;lqRcU3
znf!)ORfh5|R8MP3egjl+UM{h<jpGiZRk_+P@m}>gNmBg}sK_58n3ZxAZ(LGvzJ%nP
znL4U?UHJ+=Ta|x~`&|1H0vq)>@u>-{oSnCS<&@-OmmSob%4In{ZpEJD=FP3V^jMF*
z4q38FGpBICx#Hz1jjlZae{pn){KgH8-D9t74i(xahk3&950c~<)Er!-#E6dVu~#Nk
zV;BfbTt*%eu2IkRR$RNW#a@%JDR?G|i!<SpBCWrS8R`!r5C_R`*y^zrM68Wq4jyu6
zLx()sszcsv_>eCfIpoh)gNRm5B08Fg_7ZAPaahYPE9+wfcTJxpS;f+stxeP>T*I;_
ziJ&Bknd}opvD<bvB(4(S%t&UB?P?W~P+0Oo`f6b<veyG5oYIh;fdPOtOVx;!R*M|3
zRo|g^b?r)`Zdl5;w7Nu{6Ul6~k*G`fY^iG8y`KFw;9h>)l|U~sjw+5mNve@Nr;oTw
z>_|ifpwgDva;3bl-6x6q`b51GnVoIWT-nA%L!yz$`fO98NfL{H0m43J-bm?nB>c4H
zi6#(>E2zFjE@~_LHpqI81g)55DfP4NBW^Dmz!|ewFP>9eW~9AUi*SdE!(I#P`AXZf
zIG2_ZuX#&0ir#3eOmcCVwpwdWEHg>_<$WYmVTY|P60uYq=;LzHmN-Mswg#kq1OA(`
zjoRAm3d|gBVyieXYbz3sG=kZciIrkp1{N}FvBXNu+B&Ll&6=&J&f~K}^zbg7Uu)J{
zZrQA@z^tvzHV&<6T|dS)!Q70r!LhT!RB_52#hIkNpOa-#Yb`&hr$$bf8f+i|n})H#
z!<%X;VgiZuz{5no1sT9$(HawO$+G%)@S@zf|HE<z_-@KSMqBzT6kI^i>eDacREp^7
zVdluxIGq_WO11gi2!w_3#|?j|IUO*t<nKS%KMcCKaWrc}Eh3r8MQRq5|5yO5ihMjj
zIObo^gl_t8Q|q3RO2jGis2Tv1A`d=8sha8&zW`QFN5OXpKb_JuWMa`k{gN_9bS-0p
zP#R5G<*6;O6l8hWu*A?sM0u7Rb3ga|F*uG5XW*6_<b6MSXOwD8tRO9O!sNSEq&V6|
zl#G6cf<_8va}{`WtlpeE%n;%8Bg0_S*mh{qa@)E>{}XED+Z6mK3Vukzk0|&t1^=0X
zS1IsP@EQedDgyaj@;3}@WT(}aZ-f0)ifyKVmI`ixmcH}31;MSWxTN>bP_h(c>;Xa>
zN?{f?C$SV^DS@YyLM+J;9`lkIIquT-yL8*RAL@0wUx@EVOVWO{Hz*^@JHSvbnzjY=
zC|03%1&_j><ot?N^!f=bES;p!Gb#Kymf9WYvkHW_tisoEM`IO`@E4Tp8v?=5bp^q@
z4UTLJcO?G4$BWBhrD@HCT5Q}h9)hEH&cc}4x~rhB1n1$ZUuoHXGnb+zG#;E%*Icbr
zHtwXWD_75~i4hy4WdnE^8$;vaDRmvLZt8ivrg`Gr8(Rw6v0_aEY?0N~XmWMyrTC9q
z3Qv8yxGMSP%FUP7{J5@g@~Ps=Powgt(0F7@Z2>oB)rN0u8;{Ox*fbtRYcuUT#-p6)
zGNo>xY3UpfO{r_q*rx8870olv>kwWIc+Ki~s=DRm@b|57^ebD>pZQliE_`-!+r4jO
zf7)N@J^7cpLhYxodE9lOaX&aSHBIGSfFYKi=(IZm2G4`#Nk_gs@?l&7gBakhfG_w>
zXTb3NTka2dlKB7@j(tB8kHBygZ0Du~XXmE;JG@Gqk@8m*b7G`?k1kL^90P;6WyDC?
z_ny~cq5RsU@BTM^p+eQcN#7$Z^2ns`Q5HEc>3f((c1`-aS%mXj9(Vb=Il~29m)#UQ
z=%Vlt3m;|Se%G}ymE+GsUFgTZJXAAwx3OcQ^tnF-Z-9ao^Bx|=rbbJf=9btnHpYj8
zd=kj5+{sQbhmJ-28oi6zF#GYm3(yRhlMS<i!6ddtQ?OuwsW6nKwc-`!(8#IiFVPXB
zlJ)X&sT&E_%h-K(o`lVLXT1M(Dm#>hR4JeC&l5L<r5_SWLY7i`dhEg3>KobA2yAZv
zaYOBNTr-mzOR>D9C^GiI2Wn(Emm)z%`sqw=)X@I}hIeeQy&=I_5of_+A(Q+gFn2D5
zAY6cT6U&7bO%MLBodQ}{$#Su=SgI0LPA-7#ES5gWKoKN&Hhkg-mbQRKY!sVz0@xlh
zWn;MnG@qt|<>Ikj1<M7@6Z|oTix*4`t7f2=Y`9k(mO~(>gCJQx38^k@(?N(NBE3>)
z!D=X54IPC4mxwZEMNOhctSd~iO<Pmh;lzqTZ^MZiriJjoEuyzf;=fYVx6Te)2-aOz
zTjfLyYo3&ai@vcn&#L99>tNMlS_t!%mdeC^^Odw1L_!OpmT4hKwd1~ZqVKl09GN`{
zsfsKZ0bo`5LGV`Nza|^i>az8iwGE;@>zs`y>Jw4Ms%S_wh;d=83akH3R(TO4CRw5Z
zbJjrhty#16)Oj=|yXY>RUu)JHO;*K6KWp`vwT5hT$luyDwwquHWa2iY24pGo?!bI0
z$F^j1P)pzoUQDc>ttQjL&6ySvzEEqU@LI2*V+;rVCzwjcDLAS#rojcITfL>K)W875
z<&1VGzQI|D;zhC=68FqtMy3NC9vIxq$^bPuCuu!a&HE7(9a&3N=q=Y7QC)8%s{fX9
zD+uThO){Ix(TrrSWfZGe_L;uIf5AOX`Ft51Db<_QEr6B;P$r>m!n{iInRTB?Wkwz^
zm>Q<xvy;Cv&gtL=3+G^OK$21X8)ip0tWtl6mW|K5IMu5J_q%?vZ0*frdO`2LAGT;*
z60Ns(7St8+4KuSf&Pm?4*KM1f;H^<McFinbaiR8&&hMYP>T#Q-?z^f<Zhq64c=Ey`
zMf9Ay{HSS5XjXSjbaUP64x(PUdNnkx={KqJJf50jDIS+0GD&mVtWdO4R}h7y-n<|q
z$X+0A`8V|P5U!!WPk|F{`9J6a1w;ZFSp=q#-l8oJPx>BXbmJ3~zE7~o<CDH8%1O$H
zCw&KPv}LQWQ<9dCFiMgUn4e(LUKSn!X^CR|NvH#5lqGeVj%&2Bb76vh&1Z?|^#Bv!
zOC^9=wo@{(yva*VKghRKX13u4w~6Hib8CqnT%rdR#fBRxfUq8D{T*W}<lI3RID#KW
zEYImd@y1E9JUFCWnY-du<usvF@i^XL{Rh+;(nZ$)JpyMv=^x`mv(X@4&>zrG)}Skm
zKQDxru3>s6c0l(yAmY~9a;XU_!ruoCYkpV?6gIq{bgvz>qoG~x$~~P3Fx}&Ei9!B3
zM3j>A;JoQm3nWxvkm`vc3xCvtmOgZ^#6U&ANZ=@_CBj+RwnXbLj(Do2M=kosuzstS
z)S$KB#i|9YKWKXr=h9LuY2K1jV@V5{_+yYn--)0ppbYg9N1PqDww&pika(lT8CXAb
zS+l_WN4}(0=l;w|tekr;5umZl{ZxzxqtLAJaNJIbt*l|pRn3Xlt+}%G&v{fN^>~-g
zsx?=&w`{JkL389sLy^`x(?^+D5z0Z9Dd>V6gDWC4VV=-AX2Pap`p+<_d?nK<HYX+y
zmD~Np_O^`J2<`dfTQzMcc@0O&nK+9Hu|6~o9^qoE|3-bJmrnmK1?&d&7U>JnYb6eb
z#EdDzvExRD9g6`J!oL#Z#y!cEg#@BdvHF_B+l7_aSdHKXg>+f>yuESPTv8LDv7frM
z44S5=|Dvt10b2wgz5VJ^ACsbK89*YiK{(&Fw<-V<^pJcKD0ww+!UymKKtr2nNYe+}
zKwbbTfiHq7-7A@5XwN*Xed>%kCD~VwK+5mDAtxIEkor<WWkBksvV~7BcTP+##+nK;
z*3`4s!Uxuc1WnEit($<9br<KQQUVasHwL7vT8<2`gsjC_Q}dOU%UR!iC8Z**CRkG;
z#+nM5K&r~pXtK5C%<z#wzy_pfgG>Mm-+9fS`(bZP%(QjReL0~rAoX)G9t=oX{dQnL
zGL}??SW+i`Y|WLef6iklH}Kr0vue$iU`T!Rb4AtzX0Sn~$<&+?Yiv1?GIL37f^QFz
zOek92OHp$T#`OcVd*s-|V*zqlLuw^q<6JhMdY0FF$A{w34Dm8yN&tIHjMPw?JojeP
ztzI3*F%*4<f;TDnmlPbJU;$vSQjMe52HyUj+W2T-T=ncQj@@OUfR5l}8K859bc1kW
zI;y7^0_n`6`w7x*XOQkXAl;)b0qR<2R;+ouX6?i$->ClaCyF(XLm8o=`f4yBGzRJ{
z7S5dk`);>MVABup99t}i)5aM$|CeH3jIty5<~m)afS4A>{fIbf23&QA`R0oKu6HSV
zbv4^}K}rKx-BDjV@oFIIrzj^FsmXr)%R|7|Tg#8BAui-&P%0Dltun{(Tw~0tK2xe=
z_Sec+3}UOM2VzSbB;;KELzm1yijnxRl6mfDotyg;qIt19Vq4`~$|(WI!pG^mtQ5{4
zpLle#Hh%jNeJPwjXcuRvM)RlR6wnsZGf9@*FOn2_!c?}Dh5Bhz#Hf+h%TRa~!%oY@
zwKo8J9eGM#j<~nGfw~jYJ`ZOJJNAQnU2X;F|2#-NWYi&>3677R%T&d<OyM#vQ{)ch
zGDYU)r$}^v-jWj4*QzDwBC6GVWL&0N$z`hhNV!b)jLX#U0l7?f=d4<DB@p-^w!3_^
zbH%t!nr~^YB%oyxKwG)H6eRTgU*PSVt6B|zVvA5r8LC~UY*!>P49GO-jwx%gzS6aQ
zp0&!L3*=cBfw!0gre$Lw3UC2P08&ga5lb}^ZfGF5aAmBT_-SqV+?jN?4YmNrs<0sd
zdgZ6vcJAsPt05S2fBISM`X5eXm)u#H3>Y|@$-*|kK>F$2hyh)KaEhttCs`AuOu(v}
z$pAHw%nX$LLwas>#JK3f4)`>-z(Zov8qgUc@HA%W#tLD$fI1$}WTA|oO%2C~Q>XN2
z=z0|ZVw-7aMt>GLr69K-j6ToD1#J`$O<-{#mNH`0t4b=drnGh*psR;5BaC<~)n~B#
zk6L5<6^wHR9?GWdzj!@=&M+-;eFfX(rETm}cKd}=m9wx<>u9=@91{{7E7s42E}4b;
z@aV>?2sqdDfa~qny)!FXXI5^WY1lN=u=@PzLjC5eLEqL8*CD`u{pyD4$mU{X^QGm5
z$mYwDo|(o~Uwi8Jo_edM{yn#^w(gowZK@uB_}x0CVdZrF`eOb1LU_x>XIN0I-!dIG
zf0x5s3iaz{l1HwDw|u2r<`u0JF38f8)SfIPBgmeq-&zRY^Xl1)XK}i4wpf49blCh|
z4&PI#-^!Cywzw>S%nO4uRkTu9s400tMkd4e%+zlzgu7pDzSxY@h2~;Cx^Dh1hr0{)
z8+mfd7MBH(d7(+BidO0hH6<^|$Yi+t`U<7`p6N)>&muiH3=-!3@uAg+t2}>M6*{~k
z;EWOaz0Me+VCO9e7xXR|7xXOx7aW2VYjF}sKf?tBWw@Yv2jYV2ycpgG!3Bd77sPhk
zj|>+CbI_DHMm|#fqMG4?(GQ3V-kq~*;TJWxY_2#i7{+$%unoTm&w*crP5h$P+-Bi`
zU)bOh@qbM=qeL$1ZE#lbf5++{%`%p8%w_{guLmHpgMYn|AS(fSy@_H3;KxFzQUh(K
zlYr0BrO#8q;NJ?0N!xx$$LtVZ^vp@jxttnbgP>Gpz(`XvJvay*cYOtATQbiN3cdA}
z)Q%<Yq#G?*DR2SsT5y2pgx6-FQQX@gQ74DjkGS66a?eb79d>%PatOT<ih4^Bnn8U)
z=<CZWK<2j(`VV$_e$*9uL<!8#4Gz*w6Kh3ZMX?wKPP%*nx<CPOO(i$D$G%VO*rYFU
z)xFHe)bXAKHyF{YU5p#dFV*|*C2sJO;07bgxxv(AKW;A%q}g$;1E<-v^EB^DMTgl$
zgaOjO(^V~Cx-npScaLG41#O)Gdx?ZJnJ=T&F=jW4v3h|;VjBi2r;7a)G4i{S)?<UC
z*?vZLINQPbEJHRD*t)>1Pq@K668$y1O(#umUV^zt8e4Ysk=TeG*5)RGq+~s?;q4dK
zt#j6EsX+CHtb7s69ZUF_%y>|cUa*0W?{Ploz#1$^KoaRaaln#9!fwqx^2?i~#!}tN
zSry8XfQ#NSsj*edSs_X~IR?q=vptD(X`3GAqWZtKY?P$DT#PKKa#>?9=1D#WWVQ44
z?B?2d9=qFS=jV|GzZQslnI(2+%2QhESNjNru*22^XW6loy^8*ume^r^eI$)H&OvP}
z>m@CQ4p;80rnye}W-$r3HFr`WOZ0|D%zUrHCm#LPd9Q4v>^x(ZAur)uA;f$uSlS2+
zpD`zG1X2d28OuN!wC1R7cLb?W!OHv-%(lBQ7f;saxgC61n2!tN1fl0+`*^OjD{q;V
zC#&*@6Av8dJ$m5S0WI`=DIj(Vh6R8A7_1UPwoR{@P6~h}&&au*6m*YO+pNgLem!OG
zDTT<$Bex4V7OgN8i7xM$qsumI%jz|()9dA^6YLeT?H8nxqyH&&Nfi&PZ^EKn3R#b|
zP{ReKD%;Il!(2-KUAn>R6l_GZO#iD?b^pk@B!BK*%x*o;;YQ<k+Y@`aZToJjzZ(Ig
zYV9&}t{b+@WNrW~F`QGtrIINSDg$RiCRADYchNuN5d<)lHP7ye`i<YwF07v1*gaXd
zdps}`m7C{#zH{&N`kvzYo`Tv_KqT5Tt(w0{<V4rXB#&HCd&ZxUc||LQ3pbaZQmK8>
zAWDlAm0oY%N*2LAS?5}c(UyXGaN@ItT@M#F9YhpiF?w)XHGh|p6K#=69=W0(q|TW|
zidG62Wa&xPmMkSBQ|dv6qV!`x<v}o*Ao{gG1hjrp>5~_FrNBvM5d;Cgzz?wkyOpfV
zG6Ai*M1D-s*q=r6z@v^^b7wurT~3Cfff-op&=Lmb5>6`6xj{=UIcJ#awd1+-0-6ng
z9??9xmmTj@WxJ1DopL`(gt`7xHkb&Cb`H7+z7Du3A;T<c)n3Nr@SWIg!3bL&N6je<
zlK=#juzCTyZ3N}5{tyLLabS)lUM1#2JWq<Cyj9z=XE)a-D6a(;)l00Xw);5tG9lj-
z**icZTP?@lS+&rsz`Uj9do*uJiKWb2(uon|+*gaapvD6X^QqQ?S}0M?wfb`JIeI9P
z8y;zUvlts-!2pi7zDdm1ntos_-s7Z?S9LseJiLf^QL42sy^CVJE4C~+&#!!g7xFG1
zmurn}7M<I*G$g~Of20~MqE#nqOl{CwP-%p-R2+#~@x90FZ;As>OiC|WRIJRVf22C5
zaaw2IqrML-4L@xCjfp(#jJD(!V{v~ID<^+QZv128kMxn`L!35BLmM?q{*%ZQ`1gjC
z*_mMnJx7~Oc32&>=-X}H7#JGHZG8u`xqNI8_OAxUYJuVrjU1C%!X45-CM3<~4yhA(
zB6nUyG2xO3_@<d@VV<4R%@M`Sl0f0MP>a&rk>%_NsAwE$&uAK+j6%=b9UGaLUHaMn
zWF|Y91Lti6#*({S+Cu19D+1=}s6+n(UHK;nxVNKDw5op*N#L8kbmLBVW|EGWBpTdh
z;lW*<W*58UlTys=KY35G_0n{?w3j(e>ePP=H)2udeW|P4^teO_F?nFx!z_}Od0g6o
zyU{hAYfJu-bA$nw{CX;5z{*(gz_b175#mJXgy5EZY<Spc=wC*L4Wn(N<W>r{QLvqY
ze@4OYP!Ok}9YJdYM`w4^sIg59dy#9$WKF!4qqTeWuTageQm~VPJybeu;k})E>?z?W
ziC69_bH&tE=3uGQyk<IIGTk(p?v~0^rqd>VZAV!vJGu-)1MG;jh;xKm_+JH%Z2JTx
zTFtD`R&a@IXthI?Z(!Vv|A^oP<*i8l?>_b0PknRmRAl3Y<!^=86xQyZ3h%k@QK~n+
ztqzSpS5Sv0w!9L58Jm%ZzS%z!pIn3e$wSj?b{E&|Mx?N2_vD(rEV8#4-8+q(eNRw<
z6NAMQgNRHWJ6<?3IC*S{${ZUi?i)fG{<}i$^XQZnm6wtC&3>6GmZf<1&!}(q5+a3`
zC*u6VB=r%VR_UHBzS|b3{@(nfVt9yS<|Xt4$%<mg#FNQP^v<5-`RHEZ#IM`S$Rs+5
zQQ?>9cH&;L@Z1rM<#ius=x33QHw?m^zY%_HpXaChLPx@ZGHxI7;TVqpeMDYV7RBw8
zR6wu9{LzSc0N0c}KC$+b3YukV#fEE39-=6DGlei092ineDBw9dra~OS*ZroR82x2T
z!3KFCiuLvNwfZ?NeJ`yI`zW}N0!doKhfx=vfp3K(QrMvJ!3W2`wI+*rHCs+n%O&RI
zc=nIXUUmZaV_aoUx^68l+itVZUx>jD{oemBKD#TCjri!Wz3JY`wH;I8PWItVM>fit
zeXVhS)boRAXn%A0%&O=$o7s~HZ~e?>Js)&tHBZ)i+~Y*cWqr1HL}KB&frOvYW6ubT
z3>a|BLNMS&02r|E#KVige<hXh4;KHG9BMJz3&MY8t%cyfmg1KUpLE85C55G_CjJZ8
zPoSGr6E_VmV#}`NWr|hD;uy0XQBTgb<{We#eac*QsyLr=Y?t84^~6TAXR^6xn8bzI
zSG~!#O!{08?H&adI98M3g~_1}D=cu*!wiwL@Hhu#5*RDPGbM&+A$UOMY#1EJrU)N`
z9oqG@zA@Z#GcA1*w=6^12%FVuWCZhZwgprFHP#5V*-C*Ej%HzIp^DX2XE+)mTsqrq
ze?K)w*qYvfnB50uXQx5j3xWEG1zBjA1No^O^-`RxOwGnntStWu?r6M^d(6sHY-Scn
zVUeY}p&To!SfGCqT}PfqmcP2@;u=K2e_S)UaSvjJjeG3gM<&VR$U5#jgn1t^<92T%
z-_c|W-bZXHp8YerkG+IQk$;jk`~ux(qv^p!7DWVg%h80_8XsQm`Qhr&!`l`hPVJ<r
zdW?d{DbOhRB+VQl99-fF@tmTsrwbI2WYQq&ls4CNzvm749&x?5+~Ye9FD5=;*DtF>
z!eI%OZgnx<cIz7EioT?hrQAG}8X5jyT9M>bM4V&cARb`ipE({X1!Yz#VCFFrq7)g0
zp<;sHaoX&{CBcNcKn4I;Kf{?*I*BcHdeKV}c*yHN!_Z`SS<(YktlqA9XnN7(W`h~s
z5*W-p3r9w#E+BDXm?L}Ux`mk?W%gm%HX|lo<^%I5RF0VV6~k6i?}dq{(c$!c`loRf
zKgIYOf_FVGm+PwA<MLh)DK6I+lxbz_&z0qWtwesVtpA_NZkUI4t6y64`88MFZr3u%
zpxrg^QtW!D#kJ+Cg5dfg*JfAORRzKIW3KJ4y;l_k*FWt#>2h^nRVcjvo9=E`=T!y4
nb=|ee)qYh$aJ?67jeD=cc*nihM_e1JB7*+|v9N19oA3V*0aPwt

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_code_generator.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_code_generator.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..5fcb57d291e0312215e9c14dcf6d840cc895dc8a
GIT binary patch
literal 46502
zcmeHw4R9ORo!{bn0e%4d7O4+I)F&hnq$r9KC0iesWXZBk+gu@5B3%)Pgeb%mz`O+|
z3)kGG7f+(JcR6Pg-zm9HtKKz@lw5mCd!190YwPQ@)9K7j3y`vjY~87^mrlpmPDda1
zxY4xJ{{C-w-!8xfNZOL^G}-|k-h2Dr+lPI-|L_0*-D_$JNjPTT2!G+fo|2@$q=I?0
z8JT-;xFqRyNs*YOxD@v@F6QRHp5tEC9hHvzm_MqY39tapc%G4u2U+lVh=q<fu!iG}
ztnqjgYdYS{nvaKB_;`dxj<>KD-pBh)>+v?$hP+SlD}mGDvCZb?t>4qlV_U3}nL8aC
z+h*piU&XDshh#-Q-K7Na4dL5xI;=FFZdRI3hm_{iD-?HMK$4X3>F(2AK6Et7k<*Ps
ztx8Le^abx1T&!n}q^wt3(Wa5NX+thj(Yj&Cue2MjS1J*lZ=v%;Zl!~2*{T&%ucUPL
zNJ`gEw?03%n%AvBUAL%P!|Qrbw^GzS#_Lw0Zndb3^13ysdrZ`=<#kcitrc~>ysj5@
z>qOnUNq1~RVQnIt$w%{PHLpg`=2$d;E*(9Tn@Ar`XVWZ|&$0NsG|$mkP;0l<XL8xG
zv^q1D*TRRUXAZLQbD4a4JU_$ITKI5!I-Q+JXU8ucWvS_NTI=DAI-a|bX6Xs^$<46w
zwAN&dpPqOsGnLjNFHEKKxcvD;seF1e$1Z7&FR<K&%tV@<xHO&C+Rct*X*9&e)pMC?
ztw9-2Wzp^|hKRYeCfodSOzU`g=1iJp)A(=6iS+bT?$Y^mHh;f+B7HW6iT7J|YJYYz
zlYK?==|4@(m}N3g*AC8PGhduZCo>b8H=8=2*5qkpYFf**G415In0Ly4FG8t&o@LI=
zU=CU{OI=K|^jX}8>^RDPmd5?cj?4OUz|%&g9(?Z|L-M+G3h$VHB&38Z;ZArG-h@wa
zCHzmg%vWLp&rwtwkP?CFx_&&xBf<4j%v0z;#L}2yG!<1-=clLA(S=K*uRflGOm;F}
z=sB0qPpf<S`(NIz_NAsX@u}Q+YHH8$(9n)pkVP;l)<Q`uB?J>#J0%@RG#RTuoy%nN
ztdr`xki=ZfPd{?~u2u(??n=}+v>k``oE|&!!t<w<Y>J(wWj@WH*wa{=JkKV_QJI_+
z5AF0Nt?7K~<uq=%{=~6W7;pu?>M)WoOYe0`jcdxC>&mSw%S|oimhN)T)^f+%a!X&i
zZS{QHx~r|_t_|~DTd%d=X$v*_Z%ZMc{~mfuTF@L))$pWPkE1$nywTK3qWSZcoI<90
zB^Rz#LTZyf<5u1MlIm`gjx|eCu6N8n9*v3P1^08f`3+cc)tyCatg&mvw;m<E=ByNR
z7Y>Qlu6h-tXIbuiRLnn`%1%Uc)AT;2rciDBFY%a<t-<x!V@R}?d~P~7m7C1q8A#?B
z-b&3serbFPPjSagmd2a9ke;wT+%Y#JxW}K7n8!Afi>Y*1u&`_;jU3{OG)ZuRZ9v5U
zzUp2iSfP;AxRREqbKQJr>?-@|z{p(Bo_`#?w*Bw!{o8wg6fE`ZDTiCiYod1={Io!R
zpa17~{nE<4su%rV@7Ufrj$d)meE5RwM#jD%r^Ia@qmESvA+-UZuMu~@3$K#5utVHj
z1CT_gGHO1WI~!F2jiP`J1da?~YP?Qbm|)R(E_*gJnVe4L&lS4*&*jdi`)AZN>yOjP
ze*G+N9KB6i!#JQNz*QzSrQ!xQppFIUMCh5slSjrzkDNH7T$k8ts^>RSf7;Efv#mI>
z4_}qQ1n#9@3bw!9v39;=Td8APxqC}-+mYgmr|$SX!O(4wk8YpO=jX#!+%yyZ+@qJ~
zb?LOkT)_Ci^vt8UnOE`jNX(~rk@^)M(tzSeDk}k`K}BYv$zUv`tvZ4Gpa8B+rN@ld
z(E$H=^4@(8Ll*|9iGI_Jml(~X#|}NKKeDN)%DanaH$HAo4ZW?GtrIJ3Ut3x|#S?cc
z-Vs;Ub&A%X9|>2#Yo{?n)_sbe4Swu2ezTs0XAA^E^^tI&qE+CB+15m;S#QES#tA30
zh5noMooX^`5<YQN+_2n*L}1S`yy}-}mFPI?n&_3JQ+WOLV~ike)d2#+pOA-KO5o(=
zkb9@`%qsFJg2nt8BUoH@^h)M@>Ft`pYi+v<!Re}_S2{(=h#%&h%~_^;DtZ%CtvZ}~
zKkrgxCAh3v;>liYmI?2I+2P;VdO6O{>V;Va7i}$8ZPAu~b2f{%445sIP~6uC?3fKI
z4N7AoIN;)?&?$Pa`C%K2uvpd6D<wkaSmtlqr8GU^%KGpHsWAPu$);FyVduf>w}_zC
z#0-d$X!@1Zcz)_qG?z__cPvVPEdDONH1|WCG}^O0KDhI`Tay{+DIfz?^JUJbCeznl
z9CN=*Z`5_yefJYjTz3^tY}h<~X=h9g{i>0PJ`ttdKuq0CzdOuR$QY-#$JDrqost}k
zhQ1UFeJT2c-g9?M)jU(_ERjw`dtUcx9*jrHc1m_ovXheC_roa_ur<%GxE+_&yl6Bq
zdOgeu0gh`JJ>Z&bz?(FOnV`~4;*VdS?V&cI1Jjp?;7F#J)&g2@Y6`e+nvLhqPp3ff
zHsW;h%uHqqv=it$PAaL|illljH#0?OahfG3r*db2JUIawOsXj&1E-nRe2`BQaPSCY
zAX?j!L<Ohv$@D9rEwh}~jWuXqH9d8fZo5G~`#8qbf`Z^-^j2#PG!gxe584Yu_QEcE
zVOTHd7ah_6iC);gT_vnzkYMzqBbtr;M(E&JP*+LwK}zBQ;wz^est5GrOB>_`Oh6_6
z<IB>|+M?z48*Vg~x}Lb>akqyq%fM+ZE3X{8vS%)`@v`sj_O;)7{&Mi0mY(^Rb)}Yd
zSC9PR6F=NP*RuDr|DCq(`L@law#`L3{+nvCZS!0>hU~Q$c~T0;=VjwFC&!E7m?-L*
zH>sDXD^-;A>bK<hYs2;yW(i$!IsJ@%Y~-)KC_0D?#?eu*9k&q{qF3-<8MW28?UTc5
ziieP9E-@ys1d7Iy^()?mxNYLq3b^cy*?b(c`R$m^2K@wvGp{6powji5qAi`Ev-6l1
zbPmKl26P7YvO#BJb@*Yssv{nCgwCM~=p2eQ6oyWK^EP481c$xRj2b0?F%eCj&8KzV
z+yntp;!Wd>C<`!GbTb*zvG-Rva=r2VS+<KeEezCwy#(^;f)>afj;Yr@j3`OA9|^(M
z;rq=t*b11;4&uyctg#BRvLn=s2vPPFb(PK0*-@$k-6OGQDIo%ojUu_;z@Dc(z4q)y
zO2#Ou25kdOLA4!<?PMoJjSjtbv6oQe48fd%56v!lE~SE#WDKGV4#haQerEZQtma^+
zX;#0FghRAq|5K&5qnG8kBRxw3WZ{na@cL4C{nZys;Y~$(bUr*#3J)Mt92(WrQh0P8
z_53r7`tX3BzeV{?dVbDUPx&FMi|G57JX!}7t-zyJ4T=<x;svAR8}WQngtp=*kmLxE
zd`cj9HsPZuDR<E%V<*111b`$b0wA@6C({<GZF}LJfrkJyO6Zgz#m5|hLj_R|g3mU#
zGvO*oQS)D<D#=~v8HrvXcSA};+|5CntTZZ33E3bxgUcW|gC?PA{(|6a2BA4Q*&GWO
z4mp4_u($aX$fIb=qA$;YQhGUhF_S;X#g4{{XM=1kj0IymC>cNkMwkOS`j4F8<RGuG
zS-`|zN8r~R?d8;K?{$~v&SXKFwh{~ku^G)|Ie`cYR144y!Es-ATi~t&(t(s^2XN(u
zG-MT|V=vSEs({?nRCk<`XDG2?UZ^I_)5keO%`JeZgExbq(+k5Yah(>SrqgNL9Z4(>
zn9Q}X$Tz+c+USP_bT!61i&?4v6p2o~^=vP<tSGPOy?XGqU%wOZauP1IL=vvtx?;X{
zQ>k^+HCL&1%Y5r#sdeyj;GOVDQ9gY0rBe9tyli}C<-^7Bh+e#9%Zmo6y!nzSl`2Z2
z8jb3Jzh47Awh;V%vQh@cR|oj{KP2!AaNs9@NZ=Rz6av2>xNQ^o5x4!IfFHQ+=}D#e
z(S642E|E;-Vcus*Gs1<Pl}JY503E4hvg1=T6A)~GSC3jsm^jBHY&#~&1}P!@s}s(R
zrc48}h#l-4)qjB!4$P-0cb<|1NJj6sbFl|n>X?PgMS5A58sv~T0_4q(0NI>q(wd}p
zWchH|VVD_A<X!`q#*f52*MhvOi}L2HU8OL%TjMh;Z@&C%dg+#x6{k^mwM&#r6(vzU
zCvPr?Hx%W8YZw}&tMQqY2a4ehdhwPmFB+io8U{C-mnur48jb1zb*+lMHYu}DjGA>3
zK(EPQyFVm@?cofz_fy1R`vijxUH=1Pu;mH{TaE<_I|yKyU;<p;Og7JTo~Z>=Q6iFv
z_ud}opn(n3drj;!NXOwi>~rPd6-+ey6&fQ+$<nxGOAg6rT1`$0`jMqDrZb<r#S!3C
zPBNKMNo1!TT|UTh9Ox@Fo8LpifzG$~e`wxz?|gW;6do?hdvC7gNh!Q{UN%0n^4?+?
z5;rQ|qC7ZT%Fo&Ak-xcCuePUe$$L2vU|TTBQHWOMBp1pilUgX5JP&a=!~jXHF`4}0
zOlpewf0V*WNCTLfpUPy@*&HeY$>c<CJeg#l#V9OI38Um9C0|0KbtIE&9^%_^8(>F!
zx~hJCFnbc~GZR`*HHze`(oem6?s`MM{<|w=-}A1!?M=QTuDfd*ecRt(CHo%NJ5#@L
ze8mCa#gBV*fu$+xm^>MX$yz&KdHhc@v^dIgGt<ztz56W;Q{Z^WP|6u6qURxZ&yWRy
zx%?`rKJ$3BU|Epnyc@Wxe2!}p=tZibsT*{pp=}}r^B+Omr34^c0Hwx-3vNq`ce1tL
zZ8D%)kAoJEG;&T_JWm}ho-g5Z)Z+PVT0FtvX9J3y`&vTgTD<R=Ecp_(c#tMSv=BP^
ziX~c58kVIW`((6upqrO9%Sy3^qZq`J;hOibO02PnFa#85<D#Myv1*I96w=>CTgvA1
zr!*N_JeZRy;Y7#~sx&M^sM27LW&T2_645nySs3?BUzv==S_->QT+G#b`3y}=g+`CR
zht8Hysp;vy)O{cS;gXhjNsJ7cuVvmtD^|Pn8NKrv3rn&Qbl{3JF1lrpQ}Ibk4j~z3
zhmk^BOrl;bWP*`o%9cM<CH>{{4=&?n2^!}!l#qazokXIN3c?b9n2M@Cj{fo&b3)9a
zLhlB6PLgv|VP)y7o^*nPx~O=mWBd+HMh4&l^6Tg=cUB5KIzyL3uxWwGk@E>CvyK;6
z?wE@V{W55?zWWOX|CL}(`HEi&<t`@td$IbKCC8G4%MF|uZ#;Ry!T>giLt@UV1KKVD
zo0O&pE?*H4vIZ1(o{{JUDBPqp8}gN)5>_HMa-QfNe%Suu(ybX<0RLW5S|8nKx`hw>
zK2Ns9+6tSV%t0=1f@cU)rl->>MiO&D>~XZhzK$8Ozex!f)c-BY{U#;9MaefP8K#8r
z%2H(YxKJ|HyNCp4sRNzSr81^w@waIruTfH|UaS(evuSGbMI_FgRje**IfEOQ%w%;l
zh<(dPEB5}^X%5>SGD@i><9S%p^*Q-)`QsJc%eaj|IMTf+p2AAey-94r{?;YzZ`)vw
zWiuC4+zD5+v;(Gu#;<q84NKe(-4ZwJMq9!T{7BeY62W{3X%ev{L9?y(oA8`!FiU1z
zVOU5k3DG!Jhc5EZogEYAf>r}CCa#5y$;7MBFh<N)V~*e)#)ZU|1ng{yt&h-Wnxk+N
z41od`Z7I;#qAe}bS~es^ArdRwNb4?h4z{tJ83iZOx}k!!ZZIsUU9g~TEF5r<6~T0W
z3U&c1hkx0b^KdR8*4KiN258iw;sEAWSmESrK%{oTODR;17L`rlkqepFuTrjBUeu)d
zSSmZ2u5V<){yO!oQazGvf!kM@M7JxWTVz+kz%$g2G>vSW5;Cb^6O<68U4zK(=aA66
z2f9=(3H!D2bMU&*Z&EUM)}p|*!?oez(nt9hG@<{91eVRsQs>Gm+rNGCUW30QbQkpX
zn%7+K1*N8*@~WX5FWxv*?AcxJT6yK*l^w5r?meHUsrinKHn$t3U@L6KJ3<%$l=sM7
zWJ7(jyUO<BA<CzIezzO*QVF7bqvvpg*AP_&*{`F9eVLNKLCJ4W@)b(HNy+P!{2nEE
z%cW{b(^sjE5|ZqwfLvVC^!#0K3nWb&+aP0le@n9|UZQsN42Z)N#@wUFdTHV%-42`u
zCn0;)9-~!1oH@&#U-BerQk67pC*hOw6l6r|ySFed>;{ApxT>EeBk&2cn|Rf@l!=u0
z5Hne4>Ah2HNSn3*_*a5`vI~b*I2o&$f6j0><F${ZOnmM4BK?GH#UDwT_zH0JYN5i9
zOUkrkft1O5(MW!xnx^AX2uHZFA}qI?Fk?o<2)EmT42eh$3&m-zHuD@9XJ5#Sr|<We
zDAK4feDV6!3*+~L+-!%kjB^#cXt?DFmn;`QEntjaP55(s$5CB^MqiR-Nms0pR7l(u
zE>u#5REf@Uc%&U)1oBxDrbWk^#{^YL@B*->;esUC(ioy8m`L};%bkPemQ|>13tbLC
z-lU6_2IeB$>*KfoKa8aR_!k7wgWK?{?(Oi~GraxII#Ku;;q8|Vz^GczT}}iDB<F;x
zVM$^pQ_=9XWr&$9kkjzM#Y}<+SeBSc^n&;U$iWaZg-GON;|W&c_V8m-F_RNd5QdoP
z>q_L&eWqLZu<!F^*x<SR;JI1~TaTp1&pFz?XTWrs%z@oHRG=F6_b^@d`;`0vC4Zk1
zGPSm(NLrBKG3j$vR&C8=_Y^nK1Ptb5)viL-W}cs?3smu1wah#X){A|Q`uqb*Dw!|M
zb(Z~rsx2mLnu=dUQiJu{nkSE>YOHZCbs@dLgk9CR4f|n}l3qxF>u6|cgZ&lFY49Q8
zp>nK$KDKW*wr{R|KhmoQfA@3W{#+@x?{cu%zW*I^+!?<1Sr`V)%f@F`9_BtfRJ>)&
ziw3B?_E}LXRg^^aoIG3(Z!F3?uEk2>9rLpBnU!}G!yEPDEn8kRK;<<!3>nQ!6(v!P
zMnAtBkU9>yR6p+BpLKK`?eID~u-=5k=of)eX_Jn6j(r7EGJnGFgt-)X4^(qUU8z4p
zEDcxgf|HDj<Wp7H?8i%xPnp=vrZ%_9f1Kr00(U^c-iamP$C#t6$dtZu)(6<cHa6T|
zs}Cq-gzT#Vn-S^D4`*jws~168+cli$Z(-v`Aq%U-d*lhu58GJez+ZJ>zBTZku3`r6
ztG!lu<!zM5Qr4=4%Mx3cB};s?R>qnwwpK@7&;4r&&!6M_*GBK(1gK%O0^>l==8xV%
z`^#W|b3bM8V0)dldh`x{s^H~O&vOu#QaqN)aIB-S-=bknrx+N*!LMGBuiQMH+sqMF
z3k&tkB)q)g;z?4KY7t6(x;Ex2^jA4DIk?-yw<&J8Hif>#{t&MK+^B>@Cp&<O3OA=+
z<YYg6Y1e3BwV1TsugV~hdt<Kq{%kG}DJ<r(!<>g+!=0)Yoy!k#>4J4<>=&^FH@&gQ
zA}Wv1W0+;RTrEb6^P8j-;#@GqMMOl1+kNGC*PzNbaH>2FR)!0JK#J>rZ!k2Px|GD4
z>p`WsY2~8y_+rESUrb8f<2DVB9<W5HrE9)r<C`rTFCQ$2BfnkvdZD;_*RAlba#y?<
z+50E4AI0!<BUb9#J0CGVvyr{UuDD*jWy^~OsJyXOluB0VO&Us^5Sh8i-g4J)F>>@@
zX8u_QKQ}X_uA}o2<1-sMTI?Fui??if(Eyb<Q=(L|N^jCo;)KY&6**dNY5m=vZ}t=)
z8-A;0xZJh17}@<tm#$yJ&$UaXuHEwy<1-uCUF_Pb7jN0}q5&$eeNmK3R_RR|N}Ldx
zxd`-BBgM$^f7|_M-S~N<yVP}jK4N@kBgczfBYN?cEiW3N@{JZzDp{pBX((|*WZsG#
zzuP3WZd&LOL3(J=4br{eLF&wlIH^o*b#Ro2=PMpd{csAabcz@uemI^beZ77*Wag}2
zrD4S1Pl_9oH}fN559Sj#YfVa?2lHt$Ypq`d^Jz0nW?P|iCq2CbEskJ5U1lH4Xce-#
z#)bYEh8eKnGR7SF2lBv$zP;J*k)ec73Dc-CM=IW&FXvLo4A{C#)SRF7i*P)G>oM&e
z1h;}&*?RX{z090bZ%|Ay?^@O@iI-YrmR49EF+0rL*2{5rRxivdvS@4J3%zJd!Pza^
z(&AZKL@=LLrOjskw!yrcwy`#vb=EJaQm0@(?G@fE?VvOUPn=`vG}NCIux~tXq0uVs
z3~!~YM!9~b&}AxIEF7!$!x};JAh8Gz%XUF1X2@g#x|l-1$Y|k<ne0UFBFt)aWlkZ2
zihj{PlK~}x<hs8~5mXg0Q1{7Of^sL;u9E^}KcfX+dV2Km^DilkU<LD1mG9tlhlhu(
z*gn+)yFJv>64+JA>Yk;umaT*li-O+1Dp}nk*2n}uZPv)TH}-l?7UXF)s#Qh2PFEIj
z<A_D6f<;DI0Tw|WK*Gbm!46{0&T`L=az_tzLQT!k2vOBwxo4={vBqB2U+&q4R&RH2
znD6c@b@#p9J2>CFr_{UW?bX}nR}Yp}58i1CG&SGuYU>DH4!*Z}X=W3@Xlf<H*dkQh
z*y8*2MEpZa{+N<~PRXm3Y@vkYFnr0`-=Q2OxA0X7_LFbVbHd_c=<b#--!rcF2Uq&~
z^={O79A9x@5&5xvubvg8c09pS<LT6y%v2_S=}_)Gg+Em@dogHXJDoOS6xtd^5z&gb
zA~R1b77fDiRoYcRNU4(utw8b%NrVwHh$9k$A0KC|J;h5_Gh+_Ma#<flARjISh@X4G
z2R@`1y!^n`X99s$AW2~a=xo+!5i3BFAkc&tJi>uIFfaH<@`9gij5QSwa7I`#kcLw>
zSq-Ge5!iAfdgf9zWj=0J2oMo!H(po^ETi^c*j^E**Th}iFhGwEas>;n+ZJzK7gcz4
z;XP!myhz`3)a?tDyi7@zN@x*RZaoH?`R|ha-|^T%dU!T4ef%}j_Sbp~b#=?41MDME
z{*N#}-G#ez1Q9e4vy+F;kUwJRjK_=e(KiC6@X>kM_{_>ji{Z!h;w@WVG(hDW0Z}Sd
zlteWeE#xT#!1#tEPr(6(3G5`ri@4tixQf7>0*HK^u6}jm2*DNcL%JZyoXQV=NLP;s
zA4f>gw#xz{q8EUO6-Ow@;|M*dz?Bq7=oKaW=sx4UCmsAlz0Zi(6e&De39NzpQ@WpT
zp9!IKwLGGuMM-LzyO@pYkj{kQahn$i2gtugK=m7xkQkt_&H~LQ2(My4`cjsz-Vr1(
zWsEaA-2OH$>Fl^Mz{zmahuJbqPI5^b*PT~^@Tcp8@MR43ECKU1NNnDL0Os6w3ns~i
zTcB05M1R0q&KpBTdH+qo_x<y-@tKwP7sEq(@s=$w8ldtf;JeYhR8bPubMpRj_+br>
z87xE|#O@IyxR-ULHXov($vfh&6f;#sjee+tCL^Ac5ZmDY8wV)aTJfAL@rtvk$tj+b
z)klb&%qvy8b|6kNF~j^Aiy9f*PgR8JN^y^~;KrGfU2I087l32!I73SpxHtu~<MEt$
z)a1dJbRmb3uux1PH5Vmd5zRX>PjPk=x23QO!jL`^hNM~Fz;;V4^3o3FGlw)E|6xBy
zOC3aRv_NFNj*CD^yNHDSga#Ml5%#B4q}#%XKdKgva5C5uj&Ny6m4rkHM-~fmgg?OL
zLMHlfqKyyM2dqmNB1r)C&+%7u>KOYsbPj<)=3(w*rH<I!YvS{3hD&RP-|pT#-yJV?
z$05Mrv~%Pm($2ez@{>1rmBLTX%f@F`ezF+er5A76@}dDMZyM)OSE?x48|jh&5+z{E
zmD)mxe?=?!Zz%b9lsL&B-k=kd5XY~Q)SBcEd+&N1eaBpPSGD*KxZd9w@f~vMm!y{C
z_=*F)`0-(VK6qde`_3>YQj==tB8DxD(Aw+b2m5v@ed=_2JaaZP9?hd^|5WNsdJ5D=
z)_V17h#>~65JP>GU~TCD;7*(gKdQtOgmm~}O4_*=fn<AC2eb%HW|i5tLW>|6bF&q!
zF?2D7uo1G()Dcq%Z#^fy1m6^ZB9&H(DXcyYh{SFIf$ak<u<M9C%>TwU4g}n-v7Hfz
z0Miv5hSke?Mxqyhdu=fVG#>h4n?=;Dvwrapoq)R~rWiVyjUJ?Dba+TSWRQKCvEy(8
zG2T-2jG_Vg_u;vW>weC|xD0md=)jLH7HMlQHSVRza7MSqJegxHx=`DTfwaKEgJXw|
z)staA7%<(->0o1qf(+(hn&zLx|I~KTOG@{~+}VlVUtMrfw_}084PihImO1PlD0L5*
zkv|`h_+lM`w_m+z58ggY!Q0pA!PIZr@*=!CDz9D?B?NM}l|(ffJv<7OaB<afN+>wT
z9L~ZQ?GXhkgbu%?6zBi}Dbj4!0a52C>;Q_>pOwluDDE^5lGp-e9EV_}2xsk-0F_FG
zhz*R<(2D{wLo-J}Os6vmf7%GphfH?z4eXLBnraPbwzCd2tKID~!Lmvcb91?+QxKF3
zY0U>kVj}3>wyQ6d!rSI$<1;I7D~1u#j*7QzdC>rsS6>pPQbkErqtQb6Cd9MbmPttQ
z{U<&d63Xqv6E@~dLV0RvdMx6D9`&jNB$StHdVCd{9;=Tt!D2xt|EG|Ig1}m6dT9R&
zE8g)(BcZT=1vEXhZ^br(PGis2flchZAf2#P1qU}A$TZu43_HIlh_Ta29$fKZv$AV+
z8i}2+0a13;fhe^)eV5?LkMQ7Gw9&Rw_qOHkXj4n(_gGQhaus~(mU-Fu%*tDe;m7pi
zEn8kRK;>2NrAG5oMM+enQ5~SsS_L#rPT><%0`thZHI%^a8lXXNX-*&opuxjIgSP@S
zSbYSLuwY6BcjfyODuE$J6rcfNEN!3x+?{?b>O<+oT?IL4z`lRja16n>O&JiyYv6np
zDHpJ_)g(5IgcA6PXeKodJp-g<D&%RYNj>InVO6iyh_h3+W{ZJ}MYOm2i){^0+z!RT
zg>G7fiG)_?#je@u`}AV}0qz=qv6m6|w$`iMSCn_(=qiPG&&$SVR^D9<_vyu3w!CP7
z${SsxRH`V6YBbX2J-Udgj-AVYz`tR0l)!&PVj3l{QbIlTG3Y^IL>}>kL_2CXN+f4G
zL~^G7yQ?C;zPsxid|Th|3HnC#Uew`%N}9R|5}!yjmZA+Y#>5u8nVXoAUDzbrh^G=6
zb3<N2Qgv)zh&%J(TSE&`BbJD)co4T1dxt8)5uaV5ji|P6sP<$SvwHho_UN^w>P~np
z5t1dM5`dKgLJ0vC=42cRZ=E1gw)nM5V-L9v3Gik1m#_(~c@5J{Gz*=96G+U;N>lDT
zh6CRZOc4)vM;E}bhM)@W+7MKQPhPRPqg#EPsVo6#DhxayjG#(5*O~u<$DUnmMxqx4
zRS~7d0HqBInSC}G(O(-+EuG40H1D|ii|DT~`<(vnB$<02Ik@nVrQkRzI9!}VAS!Gm
zOIz#MA8_NjMj%)MY$~=GjBD+-2prrOdKwmDg-}+7l?~q&TMHN&-4c`}n^r^*Ehze2
z_c0>9t>7NI42-1A_Zw+b#B9C~lB21K>s~Ers8q3mb}*k}lj%I|rQKrRZ&-JVh!_pU
zRtOb7vh?!p!1vy9B<rLo49{rS<YRz1Sy#d}hT7^wk+>He=o5<7mT+B=UiU?%=K!|2
z$Bt{4=d24sxK5+rDE6@YJbtmer8_>rT|iW#Qq5?x!N&<U;8yO_lp5g1@SzsFpC@Ti
zlGwOShf5$MjU|acu5S^!FD?e12c)`3_Q3A~gWQ%pD??h>w%68Lju)lyt`9s?Q}fpk
z&US74`8|S0ztO(V_1)k)SK%?IRgD`98P7~CqBFW~P}U@gaw4j+?Rol@Jm17^d44uc
z`qoB&LF0ap5_%h|jA^w7-4K9#%jm<Op;ihd)0B|sjY<!q&8XH~6@5<)j9_dyU-Oo0
z2R`be{RAtd8rx~KuPyfslskLNEo4;7&0%?9U(*4nykgze&lbD-%d0kD*@x|^xsE>~
zHK7}9aW|HG2g+-=-3j_&P3sAChb}k0$2C$<7grA6cy2E8WZg(D*!Qw)<sEuN%3Z7H
zySCwZxaUFXp5*BYU2eE7OKofBTQ`(iH(U<f_DhlN2%mrB=z{S1*egSX&o}ZSPCjDl
z-+)n=5pBOzQ4-Z?w2&#FXNY6THAoj)hSpcid?cq3T~dlg(hr!BQQUZ$cJF?OR}GE?
zfYpTpXaQCiHUbN<x^PG_F>aQyI?3Ux4q$ZvFa0pv3hKabxuY0ZU8r%)J~gqr1NN+g
z)rFGB*&&63uq?ppR-dRf8#8BD&H$_Tn)PGr&7Ae?U|V2~?d(P&@N)%Lw|Ygb(ajuY
zBzo1w>M^s2%>jm};;IAV)yL|`Av+Ps4z^U>Rgj}~a6*JAH>pu!5=%Rh&>ls=*b}<N
zY|5fuf!a-tIXo_suzyWX=W<g8G|cv+hCDoYjoN=$$MgrMr(Zw|t+}$yEfO@69divn
z4W>c?RG{JcKvYuupSz^sSMwXcvN?P#;7AwHW37vq=~31~7Q|*hL&e8|=VR_dTlK#}
zl$TNV-)V0D1Bo5qv;Rr+tdHphJ_jG06w5@Bf5n<QV0sBug=)j}-Bp-=uoND&VS084
z6De%8&)mG%@yeB39MQ)*E&mytY~D*Z;7=*3MFFsTboMDqmZN`+83e%pMn`O6jR(e&
z0tnKXkAnY~un>#j|0Rs@4&nb1B!;yK@c-^|%i4t+0HGYPQ~{CI<Xh9Zt=!TLHE41D
zQ^l^M^*V;-Na(Wny>?D943v8wFZagFYqu_>7>*TJZoT#^@RF@dG5oB31?YwD3VNZN
z=mnx&h+bGV-@2~Uy6!S|RD9T`Efuf2&^tWZQ4z0*RKs(_(l9*QQ4x1(Ng?l?EFFcs
z<I#P#$rwyaM{L`BFrR0cGc&;Nh;g0DM<;UGP2^c>N)mKYgC)>q>GRmqHwvq8c$lRb
z%pz;=ugGSwbc-;e>;kpPQj$ZW5<0S&KHZUW8)lbJW^-AKowm@eib|SN(wL7PZCVIL
z#>{_Wn6WHz6d4$sU7}f$b6*7jBOx4TcNnyh3)!6-LO}{U?5_5gM>ygDk89|GV9?+1
zR+=C%^jID+Fm-j))<Q~T#9LA8S6U!+LT$f0>$T$0pKMKd`aSTC#_Z{U=ekhTnrsA*
z-sL1n^wkk025jt38w81gB?=OuVQ>^A29@^Q4-&z>m}BlICb7OGL1IUu0W3%7$?MAy
zBnt0prR#yKYlV=~{1;0SB#K^OIl7b;h9I#~=~j9YjfNnxX&HjVCiCSse<4U*2|?ly
zl~s@KGrb89{XVaLbe}(t`#iZawx+P}pd}dRJIR|KIf$)fNCh*%XIwrmFqvU`JT(<(
z{~0qa1RwyXebY2ArCju_*@J?DGe4V|#J&d8g&u0ruUDYV8S6g1SO|eLGxB<@g?8Rp
z7jSaFYGT9LpWu=_pfv(9{RQ$`$Qoa_E&VUl;x8$o^PELy|A%rR@E;Wjh>*_?d>^n-
zoc$GDtqx~=vaUGQT!W;24U*W3ndGw;;#M8l;{$|jZ`0K|<GadHv`x2ladx+`&eqww
z#c|@F^&-Y7*!O)NWOs4pShG!TO?SMe@S43x6Xh)N8OkY?SVC(eI4$~xaykv8?@YJU
zo1||CU6Y7e>M)(SvFiWAzXAVh$gdwOw{$I#Un6?>YE)Xg)saveoNMPhtJjs+Y$>mz
zvn!f!hosdTi<=G=S02987UHc}nC$90n}GYhMzeO9GqHU-6B};gV((Sti1GA|J;jy#
z-e{VOjMiskJA0NW_I@Y)u+-;s^6rP{{l;DE9?r(v*nL}9zLS`8G*(CL|2{p#ZhGo{
zlr&NDD%DX>eGIPl|4&q;gp}+m$yE)t|2p5}caOU^!m;G;3ogEG?VvBFcckXy_=*Ev
z`EhRmKObUWkv0NDV`&we(kgj2GoGJe>C6jw(hGfb#)xo%&1nziCelZtz{8FsP=x9|
zqN>@YhFeJ|Bx81>UXab7P;?78hq!X-g#TGr?xIOzPW%|I7>&kll$=O$7%#cG@sj7{
zXDmWl@!A5#3SGB34tf5W|CR{z2`stoDvs8ZRv0F8Zk+tJ=H{%~_nKrX$TF|(8qTeS
zd&r_KEvbpQ!MIEsA)A>KnX2%^HkN}<#IC0>=L(YArH5pizJNes#Hdys*tnhEiK>I|
z7ySK1i0>C{F*`7|vCToqDXh*|!yspNLMIEqL~AI*YT53N^K)Ubbq#TEpC9aQWl(~~
zQ%hfMC!LM4+B`_|k0)KR=E6Z^i!gv5)3S{$FfOE6CUpio5pjWbbaVRrbpBG5Yi-Wu
zrY2yj0UM=gHg_==hsnWxKa@H!;Xnw@JrqK7Fs6on)yTj!j&cKt-&r{*HkQ|WnPE2h
zHoMqv<q1466uWbf9YBuVpyWqL3XNg_Xgv5PW4Pc68hyyTATq`UmpF&G8BgEZ=N_R$
zuY36{SO*|GO=XBrpd!HNh#p{cq)vQ&tyxT1*9#n_zjBO{rzts3$upEZOUZMTj8gJ>
zB-ahC!wXdLA|+%R!taqDz%!-7D>uKLZ*XR>*}+W>*gv7xpP__MmDYG*`cjhY%2N65
z1GVfBbdy3z#_%+7FRIG<Yl9AWO2mM1?xPUBwiUN=xfX@*m^+mf<$-I5^&|`pzww!s
z2a4hKqNr!ylm{+f5OpQ1gcG9m9E~R$i43aC)+P7Phx<xIe(k@ph9?Um5Ws}dib;U{
zoAQ3TwiR{2Ea3#dHk|=!#El<~{EaoDgUGz)6gxm@7#`trJj~J~T<+))`UscP!+`^|
z&cmX|KFzq?-0rgqmqW~OAp?}X1XRvi0jYshN9thlis77*IBUl+cEoM=fyP20Ze@9h
z+Z=-bi_n*x@iyzE3sdMw)=mGU_TD#IQ^kNwji<>`Gh2zVYvIt<dD86IaA?JKG#;|B
ziq%_yLMyubwU2~B*OkKXG48*HP&br>`{!ljGb{IVM`No7r{0wN32zy7C98xJqV*gN
zB^rqgsyPPLFS&0%ybXSTMS0(iW}cM7`{rfiGb`^al24#jgZ!KFKDxG1SF%bt!LLnc
z=4?HYztJo@h|F8^zJ)3-fk7j<opx@xUoyENyQ7cEHD=uj_ZYe8RUHXi$OW^lP*Hgj
z9w#s8thZmvok;jN*L2q8E;;8bI4>u6A8<{sgdZv*_sJtRuE}F_Yl&1%4@C#g*Sd-$
zrwnU-JlAxXbK{(^)ytV*7QMjvdTf5+&aDMpUbLm)krl78SxkVeArk>ZnIu~_gSN38
z>;~=jaOOV*=Nka$>xDuoJsF6}g)OjQ)0vz}mYP0i?h8q5jU|~k0ub-QEdr1nt^*|T
z{__})99pRsZ-LzeI0;_`AxB|jv;m_!hO}8C*MK-H&(jc<yaHQA!0-f}SWUSvQjT~7
zl@z8ztgB0O^}V?GZAkLlVD1EoO^|a0(`^4qj|%As$(A-ihTz(FFbQx5k)A7q-)gQa
zHns5sTduj`A$ZNbz(WxHfZ+kCXWo>z5Ja)O0?iUmaGIRX%+XMyk;p91S&)LU@L-Rh
zkWB4S#Mqj4M*@xjKGhDzLc(Bv*r2L|<g11h%?ibG2yX;`OQPJ#M7MC|0fACe(eZQG
zD|#F@CJ?c(bW}}cGx<ybcCaK&5vq}RA$a~$AJjYX3xkE#hW`URTc)RSmvr@;IE~0H
z1j=>)6}(SUVVn7uMr&+D674;Ii5u2l82pG1h`RoV{$|qnCtNBGIKkyau(+i-NU5nL
z{cTm_k+K}&#Zrf$pbjdDgLK=)mR04>oew6CEIAnLE6T^-fUDxMdD-~P%EyY~C-mYi
zTV6Ck<r{ESG@6$xN}?K#mZ-CMi~#gHN;XmwqvTau-Yt}@ri30-7NHZAkcvR1D$-f(
zy6X)h7}nj+pl|=(&H#KBTbq1O8)31ib<8yyThDh|*W@!ZnJGlvSGgcc>rPHzBC<8E
z%aq8+ilr|yGK~(3DlK5taavjP>s_=~c(h{4x#Mg6JoFP&DkF6+k7ZBxL=uA>Q({Db
z=~3JW@#r?X4ajL7_5lpf#T?TyVT>Ad9eRHB#KEUWkBlXsM_8dF%89XqC!T(Ol>K`;
z>w)@1^G;;O^O|=G+X(2k!5o=xr3>{@@>NQBB=a{Y_ve(57DvC8mA6-uAIIOAnM&_t
z!?<hsNa~A7Z+l!W*H5KQ|4ou!mA=ySfj8uGe;^@wpC_G?Yv6XP1T|yFKsnM?ULBiX
zJycpfRNk^@e#=;C%UF5+j`{U_OY8TR*YuV*ZN1ad;qsT;I&XXM`%bv^whzB}4jY<p
z2Ph{?;gz?8lnY5KHs5ZbT%*+1d%KBp%~DIpYx!?B+zwMIB6W0MY5V5WSG}e7^|xtY
z%*4Oq{Wi)CNxL7v<7>dh!fnO&jivCW+a8qOY3nMk*j8%myWuUh4c(>&xVpdN{Q%`w
z1zi5u@>iZIb!~o6LjHp_`&^ITk&t}wtb2sANIrPdopibS??{w>FzOj{9dg}~DE;6S
i*NAI`8jYaQ3vO5J4jxul?1O1|i9YSRD^bdy=>G@9MFVgE

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_docker_swarm_plugin.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_docker_swarm_plugin.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..0738fe03bbe93a3d752d0e079cda563694cb6032
GIT binary patch
literal 55588
zcmeHwdvsjKdEdVGVzG<GivS5eumnL8OA?C*!KX-B6iG>ZffO#+rb5}<C9nWtEq9@N
z7knU+EIF=Cxk{}#QNzS;1D`ZCnOAk%o>QH)=QMG8YX6b8y9CHZ?r~zBI*+PNQ$D27
zN2hK2`)2N)dv|dGEI>kWY+fwBJ2Us2$DNt`&G&sX^UeKGDB!^Lqu&dEe(zz2<A>xi
zE|2cGzs2cryyK7^ibHnFu47Kc#qRE-9@Q0b9Q7)`2t9Eh^B<KI>1dTw#r&>g0VRNN
z&#~&GK_z%Jq=b&vC^bjJO8984Qp<3>$LfyOEA`CnJJxWtQE7}gUJMLuF$!VcWq*rf
zhwfFH=D?9GIL&k5R9SFVu5`3H<Uor<uHNC|i7TsESP)?$5!S-OY7iC{VXIkKEyC(V
z*qRYnw0>e^JTsb$<Wg!*jSOd%NbY<pawt3aQc968C6x=O(&Hnenb-%EUw_o4Rh>wV
zj1Havg617d<_6D4y;}I-*!Tfu@cd{lHJBS$Qd<3?QFSnTF{Px222yHvTp3JhwWrd_
z95T3YFqun@WR)vg@RX9hI69P4PG1>IX+e1~nL)^il2X;EQ)@Udj-q68ql3xZXf|_L
zQL@Snr&c$sY=e3|vm4cm8~^v40N!z&MQ`Aj(HiZJsB>b=K_!J!M3RwV<aU1c`$k4H
zYA%@>OvRLH#J}OVPpN3T5AJ<&;P9!FFUpyuGJG&QlzNd>+>7I=L*`5jv8qd`RCkFn
zUU_3zG#_^=bx5We|7r-}b;pN3M{w;_^}4)gof1Zf{kx2@K0W(gGU&;1$AI1!5M5kp
z5hlB2cQ;}A#6#gQvAP_<ki-Mw7+_zV@G?hPtYGO=@>LM4W=XMXmlUghv9aO~^b*g+
zcF{{Npi%Ws5*bX7qE|*Pjpoir2D29~WHXUuE~kv18%I}&oz{XSUxM%Q?wyI9ebInI
zy;Adxjb=u)ppwF8l1W@lrpHs7XEZaM)g(2gTpS%tshTG}s^&B)lgeGnDle&;|6(>h
zegO~sgW1gR=m;EYY7j}#SK{NvQK_Ft6sjMso=R)<L;hH4#e=o@SHA+lx?N54KRWyR
zGc&ClUVr8*$KE(L?O8JuiM=c3Tlbg&9b4c&`NqkjXJx^&a@w<TW_HNtC~*4U=r4Mj
z3!dg_Py0+IA=P!SpWq!{bW{|Kx+wd2zXXT%<CUE|^bgtP$hgkbr^RQDZtDed*~L4(
z5eEd@Lw^S0i=eZ&JJvh4IXd)sLr8Df6>+pWBKV`H``xXMVQ17k@u>mUR*__cf5D)S
z$z0@oQjMHTrO@;ykxC8mPLYhT?!s$6_VE*=$-#t@0x?umF%>i}lTu=KRDy@aIDI?F
zdYR@qpH*`oH|7S%_I7opvxCVr1?=tJzH4WH)UD8{rx2yng4TlI3DFtW>YBv5!(duf
zscIt;y_YmvBMj-3O4$UIt@u};17Q6m5YC5>PgkADKmWo^q<30cJ0sN;rPT##^|epu
zH$IVHvu|43|G?`A^gHi>nAN|2;(?z$h@$&HR*A5@)za;LH}EO{Al%|In(=-wg5Ghw
z=un&(xiMlZZrRo1P&~35&?|cYeX<wOFZ%!`*{@WMNYN^-_A~}A%Se&>U=NZSwCz;^
zWH)!OI!o2VE@P<3pb&BQ09A6?l@_>XdQErSIZ#!G2(RpxJ>8=JqIbClXh<o$&_BJh
zZ;uPlZF3x;@uKW9%8CB%r$4iQkND^A-6MXzZ%Y$>^7tSqjygP^wsvHUwxDe2r-NV#
za#@4$4JA_`b}?l=ig8+L1Dt5)9kXXoZ>(qM?pRN(r<?W7XKuJO>0DAxCB~Js=FX+n
z{-~e#R;oE=1p(@}N;`nooK!*matU<rbZRJ(#kiXw`l{8>eh~F&9yOI7<~@8PMX%O-
zIMHR5S__?A@8zp#curWmdP3#ztZgapIk7o$_aaU862R+@KMU388%|A!p3lcW`~8*;
z-`INf*vz)>tH+ALHHF}s>0orGy=ywS{{3KmG1yuNwoW$Xqfh4}2d9IF-VZhwgWC$h
zZ8NKSXBt=C@j61CcOC9f%^k@RTFDbA2D=JDB+&Dq*-<m#EQX%H9eVy_mB!e&4zwQV
zbN@kK;Axk?q<_;8O|^ReIw1Ntocyw54B8xLMSnKvBhgg!UB3~}ymvbc9LDrIL5KA(
z3w~F|{TY`X(~$9;6+JxeF;d9J2W(h{>~Nc4l(TBw{{%A6UNz|Qv(BO84#!!+EDYE%
z0APvTaj6fi`<Y#Rt{wW@S>o6X|84lnjB?4|vyH|Z4^W>hyUg-Y*@iHZTGC!wh72!i
zSTIdS9>)75TS{WvmTY$HlTM-yiz?;nl6-7S8F$Sp9p2vZZnmW}W1&>O1+hizFNo<i
zO0yuQuVPHUfhqfA{!VZgnJQV5tKwDNPUZ`oMLqG$lIt2H%)Fz&1dOzddkSB}erLvw
ze+mB{{CoF1$3{k+bJN~uo&Dd`sc&GS%Q9>c$sJCPrq#$L$UG4m<RhbMB$LfW#<-9)
z6zgX+7b1{rGy@stjg1{+S9+o<M3o40_D0pf&l;}CejeB@0^!mFcN<}F=t0|~Y6nH#
zX*_~Mf7BOMV~kM^yc!L>8cSy{rIf&{9dK)IHK%A&>hfTMSlFmvbE8BAwiD<hu#>=U
z@V!@hx*6=92y>#&%ZJoia9=bG8R-g<V9lo_N7a<7&}YO42rnyuvI_y4mz6*ZJjJmS
zNkyw;BL|qQF$Em?SP~LwRYFY;L;f67v>-4O=f+3VIS6%{k8x3|wlblf&yJ^uSggcI
zI(sgePGpi7Qd-RcHX0c+r`C`lsWq8Pq%M!8lNlzBMyr)>Djj39c2lvcDHr}`-B!;I
zt7n(hvxk?A$LZ;@KI-L<c)mT`OME+2BCa&V=@;kv*UcWiE{v)w#Ek^?CatT2;m#W2
z2r^MU;FxI4Yxvq{zxvtf)v@VN*SouC#MtJV4sLkhcGPr()2nUDOMTbQ{MzS!<#TX+
zv*Ft3rdDl(tGKGSu&Ni1{HormRej9SR|xkN@reDVq`s>cxpUfdipL21W`pn*N_;%{
zHsx!@FnqW0;B))|GRd#nW^wmg+-6xsDsbGC`oPK7bl(njeax!-8}-k++~0Kto~<h#
ze}&ZYbyV5X#$RxKw&O3UuB^NxcuD-3WAKQ3Zdx<q)+vpr5=xW0FqXR#!S{>~6Jvx%
zgSy9~9Kbs%PZJPdW7K8#eU;b&gV|a$y9=^pc?ayQpaYudr;x7N31IDhw?bWJ=WDuN
zKN*}3cCrpw40W+~BL4dujl13N1rGR1TZx`9F6oarmxP|puTt64P6{|HBurV1nc&i?
z-OH}D;H@ARh*)O@-!mXM88agI1;N!AV+%Mk4|+s{iDkITr3r8b_%nM1xH9i&JOhHG
zG2&tD^PMHd6T9MK49$+)@Lb^S&kCMl06a_i1)j^tcrO2$&scaaGmiZjD#mzOI=jwD
zb0A{4%)1TGWu}eNm0zes!MPcASi*Cev29B>J2to*a0-hmCGlKlKDMPaxnWT{;<?ON
zwxu&;p;T21VvDw25Yyz30x_@7A63gi3x7oN6}v2Hk&dA3nu9+AKSVqc@ke7L<vn%8
zJ2&kDpOoU%Yi^touTI}W6T9Z-q_{RE!ev)tsm3!<{SKZ_o=ZcwOQP&V{Xs745)Y=N
zhR4;^5SMP7xO8iY!4)qG3Etqqj+Jp>55re6-bUF?340Y%VJIYYDkO3!`v~j@__&01
z0z;=fiO^`HDOp1mFJ6Xe%$caIRjW|5CsM=15b3$xZ9~_UgOm^PSju4n&k%T)z;gtM
zAyAGII7R?+nWKaYqOPL!5TLhEP7vrPaFW0P0OxQxQ=>CKI)~F^&(pNe9#C|>1llS=
z{4z~8?5JR1nH?>T0;#PS1#D&d?{D3kf8ylS)>Ecr-@zsOKdWp0<+Wd5JKfqlUAO(+
z%QLl2#o7&p+6|MR&UYTpw?8vo`z%JJ`aZBkjUD;mlh-f*%hzta2FGu2zy8|P)+gc0
zZ+)`R@MJNl|E3Vqu$g<OEpCB;z~A03e1#Gp557(LSTPLWEj)OQKcH;3nz;&WpggD}
zWkWvn{DS~We!Fh_#}BG0<QC~3s9oPW;C*(5`w!|GpLKixVB_Hx@O;-Dc(%UkyCI3(
zD+14MC>?Gk#A3tkFsgVSr5m2|%N$xU__=L{Vdw(mo&}U~Pn*g(n-sifWb^qP$~vZo
zgSaTv156<&)EP!;nOYA6gdEu8o?E3C_sZ3z(vySqXBni+{3F4+$y|T)f`l+A2;reJ
zLWpjU2?Km2YUK2Bnah??#wDPP9v!|CNoIy3gQR%FMBe!b#HNUv%IQ?Gr&6^w5(dpd
zHm4_af{ED)WZ5Y+)tV=#jHf1iU6hv!<ur|rTEHxbRwYUibxnjh9)q#5)P;!}J>aF(
z73L2a2ubor-I|ZTk5<if?g>f_vn5I9P_`ns{;1C+l4a^gB?bgMHw8NC^19v}g=9oc
zt7A$=Dzh;)s1gInWiT#+wag}0q{U1ilD4%1B4r>ak*@l00m?{IT~ogK=yct&?_K`>
zy3OBs>Fw&7?!LFHi?xwLZDhK(bEaeabnV9Pw|D;fv3%|NnT|d1y>F1GnKgYgZ5=b~
zqj&wDjrAWoJar9sf{waX#oF#dZTHOT)|trRnKfJQ_#JgUck#6TPQZM+cE`-hDD;)|
z$X!?eV56h{xRdy9Ml^m<ckEW(v5&c*k&F!}`&+@M+uYX<bUa<>{f<L|`#W`kr(3JO
zv)WJYw!qWfeucQ<{%Amx5=`<=B(y*xaUnZ2o=(9XOe9_&Po_yGhcBE+438>mE<Kt_
zWwMEc(u>FnQE}x30#s>A8bDi-NMP<3^Tr8tUJm$_8JluqjinF+#sCerD(Qi~?6~I&
zd3*1z^LlsOt8sf{_W}X$r#@P_(p%5tQItXai_0Kh_qQRa(&-CD8u3RZK5=18i64Rb
z<byYmNQq)s(9m~XlsqVw$k}vc+e~H|bQ75TvZIvQgK^K^=b&JX)2q-01uH(rvqF@y
zQ|E%&cgDR?u)5ClnasZIHWih2ie0l*#KQ~`b8O~9ZBcfCg%pz{M(L8o9GkI(m}Ew^
z#sYKfUJzRda0_CJ5kU4V>P<;OY?j&fP0d!a6;{mHwr@N;Hs0K0$<sELDMZL#o!R%v
zKG`4l>B><5Ss`v((y|dGQRhN%Fv<^QC@Dc*_=iGt>@>~IO+@+BsTw(Wvj6mfBmIX5
z5+?@^K6h9?J#gUkk(2!qtn6SbL1H(YAG`MNH<X&t335dy9J&%x=r-ZdgTVgAMp78N
z^kpT`0rJ$iax$`?Yd~$7a_BZ=a}+7?Dp%>zTnHAnKzG?qptp<>S6;+(#(eijtF;xj
z#ZV{>t$B`&EG#xYNGo^EIBt{0mdtU<sv#^<7jEY~c0VPQAn*?W*sQCrBGhNY_yA>F
zT0THo=@Fj}vqk<QCC>+__roiS;jM-6*1YsWKD>1*+zH2Y&w*mk3x%E+C=ibD3q?u)
zO%YnB@N&m3=><{&>L>-%hX+WMKe3HD%`>w^rM#J!;`W#si{x)hFU($fKyAg?)we;@
z8L2gBJ02JpiG6fsTwNfE&pWfdaW^BUhYW%>^c(p2=Ow`)rmnaL#MFIegN2w{KVOOG
zVud!u)XYW9HkmQ-i3&nzl#LNnGnUXv*~eleWg%>nM0#T`ra!<u6-bI#Cn>(Ow5Ew&
zmRhkVPeN-^N>auSGE&lMkP^%gM}|i)8cWn7Y>gVkcD~3glEX?eHFm?R)$r9634K+K
z@awB;w2=OsudNYY&M*rvUuUCS!YhC{)swu>rcpR)!K8`iWjR76dIdO4X8*XxGQY6{
zD4-uZ`mt1DEv@Up^z+zQR>@(S+bDE`B~dX!@S6ldxk{N5SD?HKV3n`?te%}J^>3XP
za9*{I@v8HdNZU?4>ui!RZ=^3HBlX_^yzXGUXJ4VVZ>o0ZRqs8QZ&l!q!&gOMRp73}
zR~vXh-undpcklzphaotwj<djf6!;+M@C4r2`GCSdGO+Ggu>MBJat7Y0vW6S6ML5fn
zC2RtefalB7XGzUN7yini3wX8itCR)na?ED4hW={>bitm<GMRx#Ll^9stcAXG5sNWd
z3t<b|WBKas>5ZTu3u20yWZ4t*Fj|8JLC`{*>`Ude#*TgQm#{D3&`tJ*&y7&G$C@u_
ztgvp>T=fM_RE!ab8_tOnL?9~XUf73}$_$NVN3n3Flx^7s<sMBg-tchBG66SZLWrE~
zDxooZIE~rUf1^sPDNVCtqGI7P7%5R+Lw;6%V<*$)S&7Q-l3B@a8+N1Bq%q<x6TAl5
zk{qpj9s*+<;}=jW^{W7&F2s1W7sBm%X<I(rJ{8^s$MrS_3Smt3>A#!wc$4sQ$1Q0a
zF&sKd!Svw)65~&%EHUA}-X<al$8BlbJT&94E2bH;v&*?es^MaynY%<Zd-U9d`2H8g
zO^8?(aTCi+HN1jqlnOl$M>S>(JzES;h1SutbsX`5<B{ZWE~U&O8>A;;v_qke%@$uO
zUnkcu5qJlnU->71QT_AWM8P!Dv(HnxMlQzm{|dQ&6~N{z<O>5z=|X~)hkt}@VZa=t
zy!jED5vW)ym6E=}4aIP8A&lw$Q~7Z3R2b9yr}BGF=69bW$L>>w@TsDt|85cvrrOOA
zxNlM51`$}Wc-bRN(-Z!bB`&#lmn6b*ZcC@QnubJf@LNg-cO^?;jKIqTzChp~6Zi&!
ze?~wdK#_QKVo#Nv0p5T^rTID14!OKP<Gd$Tc?0*FT;9%)B$xMjCyzw<_Nt*?JgHPQ
zRI;+QiHPH&6m6-nt|<TD*C;EJRg6o>E*CK_W9tiBGk{g5#&gTvvToXGyKY*H$518B
z%X!#Ps~>^K5weKAN=WuFYUM4VR@PNywz7dCcL_z3nM=Lp<#Z=xAMq9?)XI$2IDafq
zE6@nbim-)CMM@ttecMu*^=U{rqI8&Hx5TzB-R#&XrGKGV7Nw6AbL(6aCM_&nQ?pSQ
zmb9q9mtAuxeX5zVr#c#(*v7l68aZ&{(9S+gCYalSu*oKSA;LF8V71zCHl~oONud{2
z1PuiL)LABA*|SnHmIIcbc_<Ubi&Sp7%ebTx1_}BeHiz1OBc#yl@)h$9L+sna`Z2Sl
zEHTZ?GN_byx?v^G=m!o3N&uZgmrG^(VlY1Ixyy!F*D;pKDA|Rfoqbw|Jssfc87t-_
zvQ>W@0ED^w$={dqT}Sd#OHpbqNUhV-wizPUy9(i5`Q80f;geTA-*4VjY~EIA#wx9C
zc{oa$rmH!@<!}e_OlBDIOs0=xfE)UyFNj#cFnq*SHJdD%Kml*Y*{8?k49$jpQ?`WT
zF*#$EgN4<fAUW$2<m>=c*0uyKNt6RmOp2!Y^)QpFL2cAkAywlUK?BX`2az@9Ul8~<
z0a^pnAGOdg<pu>4mgYaeqgG0>l;1)u8{*SYLVWn!@of^kG7eZMWhwdLxKvsT0jkP(
z9bK3J#R|=_ycEkf#|q(CQPO`mr5KSHGXU;eC1HgUA4k0{#faqSv4COt5EU7SC&Gbj
z9upud@9~%bp%2q#w}SE$B|uvQ0U9`A!%bm#@x@(fEA8>|pc2xvwL;P}aAFB$$9-Vn
z#KV%Da0$s#E@+!7;dYb@#O7E?O=Y~!mO}HEytF0XyrmG{Qk3-HO=$~}8Z!XyTP0zI
z5+6ssEo~v<qQ?S;;X_npAf5;ZvUyBu9+MhITz<?%w^%&$QYL!|o0%;GyuKG8GL#xl
zj;HxXP$m~~;Z5_Z*k?0nQXA!;<JIP7U6kwecn-#6qm>Gb^TH&Ij1#$RBFQA7eHGA#
zIb;8;Qi|cvcRjZ-bMoUM9f|1{yn;~noMOrztO>H2s5ZAWWL%bs6%XQ<T{ctLq{f+7
z^)u%bwy6NIo$Q&V#xZjt?OWM}!B!}Qg`%XA^*|yPDV?#ob1|hNHO>O1GV9Y;jbp~P
zRT|BXjZ%6odD_M@B|zDyt8u*8@GV&;+ACkXV>i)W1vSpWk*a85La48~8i(yh%w!Ft
z7g#^9ucS^5#VY>xu}oYDE6Q)8oh#)UuxGrR&}ky9Osk?02cY~8!0fqgzRX2ejnJaX
z>^Sz8bAt*!70{5<DDP1o*8uc6r)VJ@&2M>XDtzF_NrhsprL@(0|1Q<lza~I0qx^dU
z|ABx)piK4sEea#>YxoxnBR$^EdqI!4i@;U_ogW3=-cGLlChQXJw?S#{pTm=K?e~jV
z$t`>O@NKp@KJS5b2eRk@g)6h}0Gmj#?f|Pt3e=Q<0l69wn^FLSatJUa!?KZ5BZmRQ
zGHf%Ac%pUM3f8W=)u91>If(kfA0mHE!WLR)RR}vvnK6(4l4X`eKuH00pGy6XW5jX8
z+0QD)*y#2j5ni&<ttOGlX2;m3({o7}LTb0oJXVUuQXzT$b;pbpoXrbLc*Kg4Mt8Ta
zm^bJq%uztKPjx3_flW74QUjv408vlfm_(F=F_#>QdE}ZHOjlUc{q8O&rUd8>%dYvi
zv0;3vE{g!K97ayHNYP=Z=9laCxUqfBGhjp2Gv2fGF|#W!wu5DSa((t<+|L$MSvUW;
zfgTHy)LtZ$8`ws)#xo<9<y0%o4P65(jr`1e*>WnP`erUr#+P4qTlB=3M9O<J_L}mz
z%picE>c*G>s=q>RT2v`%1+AHnZ7EItm?#~Mm}V^7(wVVPs-^|8MXN1{DMp$FF~x!m
zxmj#PTPd%yY(zsF@yn7{#0WF*;2P{U>bGEV2W>?2VVwJleb1Cv)3=$aj#m$$*OgzH
zpj?|x$9=4a{)th$L%&y2yS5WI=$|1h_gi!3KUw<c+DG2<)ke=U%Ep%aE!6TN7FvF-
zrDpB>Nzlk+K}^x|@;aSgsgYadNW4a07#KcVd3%P9T#Y-{8dG})(U!N-TJ7a+g;os8
z&WCEP^^aR?nObX;ZELw6s<ql4x7ISXmO)G`jg|?X-C}qLwizz-o~exo<F%!961z;m
z3s|Vee3Wtn#sA5nm2&%{XniHTh^T*qA{x!a%nL0*^Uc;XVuSX#TiV8+_SYKN@<x3j
zRh_&^-W;#fDSFi+D0-EVmT@;JdM1SaQ#}wf`;*~9zav?YT?4&_%e+5yzw7u3>vz#d
z-tR>H8|}8Jem5&N`d#$Ltl#yS{mF32TNqzhFIQzk@%ng(Q8uxEZfL9`x<<R_wo+`9
zt}XcH^+qi(h#4|4<!$;lj0U+=j>Q}FZ?kR@-)5bWmT}j=&3bTKpT(DHS3_NT4S65e
zkldZAM=k9%dXIU}_|X17TEb@Tz8v~@74)7Swq&lCVlSolfUk!P$gc`y;Yy@TAvK8a
zzY-}^#HvWvFeQlX%O*ikpZ@enOSEsI*RWTu8pbXSYrKY?Uq!(>Osk<^&8J=*?CIS;
z;lGqR*O?p}(*gsju{2q$P7P_2?p8k_m5%04WiG<ZnUWpSyhko1M^Y2P46JHj-iy79
z%;MSUq=KDxnh)EP`gZJu^~@0V)aR1e>#WFQsX<NZ*R28HfceXQvQp+b0qfJ6?|AZD
z3fs$rr<3YSr?F9i5=3;@kwcn?Vsa(z&!G@E+**}b&#Tpx?mp7$3>}%!YJEU@F=J=L
zNt#H;W+uKb6Ap6|CbJudtx)_C9Qq@eri&SwU~>cP#aXswYVLF@L+Uscb4xe8eDxmf
z#O7vCzDh2#cw*UTsbInbs=0|BRFpaPgBtm<EmdZQY!?=qt7MrV<x#RskhWa>BG02|
zo;+ac`{nUeVsxk^eH3ilJdtP<dkH?)1r5xDkJez8(akt>Smrx)^58M-tCc^4$#~4+
zODI3AcCpQ96L6dRR!d$Ln_^k@q7=jPm16eRTB8l;D9#+aT~RWcxYE3%)cH|YY%3iZ
zFVuJGVx{K|7q@#uB+^{-q)D*hM_-jXQKRqO+si)^!wSz%dI5_aM4MiUP8m~@m$2iG
zOaj8XEcHjX#mo-%h3Fb?qT5SW15}07hRP}eL_W3pAzimDw(Y6P_vk^D(dSg<&k6f5
zfoBLjN5Hh2^DKGAzFsY4#AAI`s}kKx^Drxfq_k#TfVHU>v^F%p*7BBN^{c#sJhXsm
z_5h!G$!o(@5V2u=rva&8v>-EUp;J5MFX-U_g<H%S_VL}tGzDVrE>=DuuelfD=gG^q
zA@q}rCT6$^AhuG2<UM06vh~jQA~q2XOo$3LNUyfdUafAA{as|CHh~j?(TwKEFaGS+
z;QRG0@2^}xvufk@z`F+~zmQ+KYi4z1a?`agnC4j(nOt|r?b_4?_lB+4pUbb`k&o=W
zTjgC}f43^IqUNqQv@UQpI4!l@S>xFIjPt!3Hd(x(AYrpYM?vbCmUg^fx3O5ayHK}#
zrnxiU6q{MIEx)>RW?frxT~A?M4=ica@44gf)CaEmU}>YVrP#2c(6AvdMc-2M4I8Ft
z<5KjxlL5>q6(#*QB}Lf|Br^n$Zc!|OQYi89;M-F4?VVN(!-uHIjz6)c4fl1Yh#(w5
zpQ&jq)~qYkth@Gdp=SM6_e{9H7>*Re5whLb&MY{#msoIwrNn$VVzr$JH;gY{MUngX
z4|W?3A07y7GRxSmqX=9$5RP2G_UfCj=B18FiGf16169v|H>HlNuL>V`+(H;K)G^RR
zhL0ZT$WxS>z!44vQ+Ai%yquTXukB#~JIjia{<|r)U%f1R+;IzG$WF&7m_B--BTrFk
z0!KIyOxeBi<|}z=_cvcDw(c&p?uPT~D|tA>yNi<ko6^HX0C(I%FtXN>3Z{=9ydoZO
z$27~rf{YBA56H-_3>#iVU@gw~)}5N}*j?;6Rp?+ldeCX%wruKQ8*?a7Y~kS!Y~G<F
z>cQC7WBAyv9#mRMglUOoV*~=7a%En^?<hg$;fO+Y_}ZJVT^lLT-oM?~v5a&#w)$Pi
zLQ?a!Zt7v8GT3H7dXCDyjwPWcDt9B;Nci(K(<{ZUKTqpZ!_n){m#t7`VSFv=G{fNT
zDT*SNm<k7iXTq&{X~*RD;)WfC4Ljh>BLMF3j-sUhZW@6+1Y`y{;;9Hk8b*u)OOg3*
z0egd)mOw!&^UOE?7tHW2G~X!ux?yBK=3mA+MX3wM4d<Lwgq^KL&nZ?fc}_9N<`hFE
zbBZ;KlA|io<JDrwVwWLn3wdg(bBdT1UsNe8k@m#KYf-vNq&*P}(q4E$4aV}$Db|WP
z#X7nEk<BSKR4}L5$TTB!&nZ?dao!`y<`h?y%zHfg*<>NHFRJB5EVTT>v&l=DQ*0I*
z0h%LzRC9{dp35_*$Xl!BaceD8YdzXIMc!JgAGg*rwU$9ljKL3gc@3kJwXz!;<k}_a
z*n><<x|U)uLQ5)UwH6$qOdb0=UB_O>Rx}v%U-gU7u?x+<G44ahPSmGX*Rk8x(0aXw
zJdbM#`gOY+YSU|oW+BiEj$8HYmCVv?U_Ge)?|%;(X^3vL(P-=1Gn_Dj6|q>xYopNy
z%C6meCcrnRlyve+C;XaU_h7+49cg&_865NBIx?ip;Jej)hZNZ2QZ%nTn8gu}fdjdm
zZd+UPAIY#amx=~Nu7&;*xqd+4hXlx~mhxu={+s~QJ^dxQUL-)4t^1kISNZR7YHk!p
z`5*M;e-a=?t@2j{{uhAe8)5}f?oh~G0^cUEkDhsP6eSf7YB9ZVI5*EViqrE<H6#``
zlNu3f$mj~D22}1-eDL8GC7|*ldA~>CBLb}0hsm|DzEAlZ!h1mAM+E*4K(xVL8>hFF
zsf|<qmZF>_P^N{ehLYY^3wMH$%{9^u@LCmby4zO&rf08KrhhZAsa4cBG23C)zs)qR
zpJ{5HS+QoOW!+5knwh4Rcf*pQSgU`mSo>*GtaV)54?W(s{pEVR%R&vu9rNn(bYv*(
zuI(?22d}QjBc;&!LU=RumDi!ngSv6^^*z=jXPCkgVO-^i6J~(H-B3Il!8ZCxQ`^*Y
z9jW(_wrO)A+*6eF-%UM?2TU^`cTY)(BJhL*!G^Xe&5USnzn;rW+hOz)_b`+^`tPP5
z#sj9AkGrQNL=kwx0hD=EK3}a`Smi?t%wwKqRQULz@PX22jz#2EOHlX(maOopW(uER
ziNYteC{@bejlu_;Ar@82Pe$QWvmiUYyb7PNQ25l!b&pKpgXIDXE+TJWOz7MSA8CmS
zpK7M?X)F;+7q`iwl9m^$8-u@I^dj;V3%2}H6h2Kt;nOUyd}InAYR~0S`0&<R^|-Z`
zskQ7CK1*Hl&s(chJ@@$A!g$6n%NHFn!pu81+}Lf<uzp(xF)<@K^vyQ4IIV1{3ZH5w
zuCMt7#Pzj8;j>O|6$_ppR^dZ6#1uXw_0h;g&#VP#`l0W0O6wm>L&;pS6KHfICQeSC
z*wl3~sdS}B&vkLz)?IoMT?S%Tf?S%9_AHK%Y2G0mpmYVRg-DcF{E#HIz=`a5Cdcg2
zTIBYBNY9rnx1$tu%I!*!<X0P^y+jJf(DjK*;ru*lUVD`Y;j12n5Wb>xS&QCw+$_J*
zIR=b<t-AFkV@Z;ZETJ4~9?Rq)f;YAP;!9Vn-)~$u)3kP`<>{H`*2(64Qxq#))&{Ot
zPfM$?CS}hd=et;70TXd;1qs$|Hy5PM5Qb*0YuTD#z3nG^UCZ{#laRV5PZr8WF05)X
zg)q2pN!w{9gC15eeR#lDwa^oYWRoWal5ilHWIeX1Wy@p$mS`pe<%VdmPNl?l3>l(9
zex{ij!$%Kv<S9x>;0OnTDLb~PW#hHIc?qBp-dL3M-%V*Fty3`r;J$@0WT%G}Odmba
zk*6pjfg>CUHY8atd-q=7m6v)+_J+|x*m2c=H}x<cFwK12JtZNEz!MIj%p=LZy`Uru
zIToiAkVQ{fT2^@$ix=d;obqh-66D$7lI7VDlV@v6<k`h74fwl}XR)FG$55WFweUb|
zENqPK1P`>l@@$=uXX~+@*gU<wavsfYQ*>hm^6ZKQ<k`Ry<=GIEXPZhSq~=H7@((Z1
zHZR!nOOa<+3VC*w-15leS!&Pak!N{pl}?F2Zmr6{K067?+FJJV>{2&H^VTXgIPkc&
z9$jnM$+K%2ovf98OO|ItOrBl$3COdpLY|Gt>mQjsOZ}P4vyIWViKrp6hz(WzWF<Ay
zaUqpUk{lYzW*~jWG~eLxNOyP7L;!oJI`#9H{Fqc$ak7f$?8UYaCZEzY^2d$6-MxLC
z-97l7?(W{pem^r|hW47FI5_1`NN)U70IljE4t>VHtOGf%Dn5qX$;l_Bzf4F!Ah484
zX_S3V;Z_R_@?3Ea<$^LUu@&ZaljWaj<}xm??n-3bP0JwT>RqBT8Q17PB;)>RiHu9z
zJlbbgw@(h{TejTwx>wZPksK}EGpo8V*=$I=^^c`pG1>fyOS_-&7LLu=_T?o2OaViw
z!GAZU%_P8@0dU_!7^Gc249X9~M-O!5DN0D-2nT`<X_wF29?o|i&P#_eaSKNwe7Gp-
zznexN51D3O?w*3X%fu8>fHRN8`*~@;xmzsLcSG9skdd%um3DoQb}@rH$Ly`N1ZlTw
z$<l6sNxRi0(r$23(ge5z3#U)Ze#)+8F#!gHc8e-yC3ARU;l078R5XVtVqwvC$Wjx3
z7t(HxkanRBcx2LUT?Nu^{Q}aie~Hp=fJwUzCDLx=BX9YKmv$Q$Z26@~yDNmW+axzX
zGHI9Eb9tm)-dZakx7ISX)}xhnd25x<wLkv09!}a7-_}T7v}Iz?ELn~pi(4+sZHvHA
zFn<&w0gq%mcuBUa9y-@KhGTIrWtAaiJ&6)+1U4{$kyiN%fh9{}l<8bcgR$iui&7nY
zJ?~m_iB0{FP|AwdmM`Vy0v4~1N(8J<stcR_^eXKVEML0I*X@=~8S=c;%ET!h`3dBz
zzA{Uk+Bnm)=CLG2Tkz-K5C4-cNqquqcBiF|*}{$=eV)GB`@icUVW$hW;K?dQ`87Z$
zVal$w2xGB)Wsl*lAQnWd@~eVaf$}&N<rQ3fEINEX<A!Z!ad@ejhU|h+=7v~CbffH&
z-MUyNYy_GJ87~g5PU#kIFB!rEvv5n+JJ>ZqrclZ*oCe^D`(fYAd*;*T&MVn>cBO$h
zU@J};R;`}^+7JmgW-j(ZhY(SWvN6HNjJ3|l&%9$|PQ-#><Fn*pk8MulEtIZlpUSVZ
zw-Q<6j!VKG;(DVTmR#G6F!PQw+Sx-4aB*eqBCHj+o7jfyp<Ao^aceC{YmEeO6lTn1
zn3Cyq#4z*|$z2&ssW`GJl8mUMnUQoVf@NFjnDRxmDpy7`4v6+eVQ*4w9>Yv2Mae2K
zVq}<4g3Tk&W0Z11{Ya*Jo@B70D}#cRCWKu{^yymIB(@8REy7}2YQ{u;NGRU}(0sfw
z6&pU1j9jCEa-OLQ)xpdm>2Jf>p}(b^ULzoE45>tEO`eEzL(QcNs6<j)XC-EY1bUn}
zqMrr8aSyw(Y6h#LO053O*aq&xK9llwR5KL^-t+iY1g=)ysddzEDlsXvx_z#7SG7%i
zAyM0;D=z^Q!dSqi|87ccv^K~LfcqB0aN@ZhhUH#{j~?jAQ<RXv5e@{;gjam+3vYe_
zhH)lw!a6{?bsQXpWtz)@n~dNfJBxK3-A4~}WSGI3M0rZ$!8<Lr&%+ROV7<@h0>lzr
z2*}Q}=m-4jbHxJ~gj_gMLi)Ui4UWV>lwC58K_Ja&7Y;{|eS6#y$5~SOu<Nu~Ba!jQ
z{_N?vmznw;HijD*F%Dsv5)8$FWW+S@7z`ztX@nt@GlwmMVc?M;LIbvlU&a<<qm;}9
zuvtbMCIFhuS+OxV;sA+7m6C>RGas9y9@-pcjf&Ed=@2uPZRyNdC{^`B*yaGgAf_1H
zaY%-TorUa|v41A+*N1HBEbWqHmnAL12pG@kK!><w)Vp!V7Va>HY!9|@r%ngtTIyEW
zU$JAD(7Qadd)LsHN@`}lzEx-KTb7dA)~3l^EQl#sr3Ep~nylBEpGRMlIFe{qZ3>ps
zYzx$8!$Z|(<4<jE+OXyJly4DzbHz_xZL%F-bAIXGhw7U@eP6m!oAzJ2&8WPHzWG!3
zrH_Q8O%r{m^rNqss6iV)A~1C@nz@*LDK!+qIrNbfY$BA3C^5}BHV6h-T*OGx(0HGQ
z@h6?{I8NK1Iv95tgJA@RXer+XG7K&Fu&f7WhjEtHZltNz!mKH?3y~OS>u^+lu-5CG
zhp)*gC}P6E(T-Qby2C(hR>`R%R%{>J52HRAD@{!y&Yn)6`Vmgx3a%*zHxz;!CJ)>S
zZeskVX(?I3Sj@H2ACNMM8LBWODH}t_-BFd<K!y!ki;-g($mIqiNX2TH<lRHb?Io~}
zz+V&C55NswAdmedt=Z&3#*_!gVX`BW69#C@j2t7w5}URxhaVzwB>U7n$r|D*7rYXK
zSs0N{VS$t>T~f-<iGA~=k;~?i>C%E(gi4BEqkwUDaE<$)lj|^nX9zq;;0S@E1fC^e
z+R0sE``X&dxr(hd+7$*z5O!0#n+VY4h_VmO!c5&N%wR2(GJl62BnU9`8B942<A@ef
z^C{j>*Okhe<vmdATS~vpQ2(4pk3;`_zpE!Nt-RxLR&D-f`hf#C7^<yWTa>yAQkQ9O
zHuhwG^`~amZG*Ads_wfEPgUT<prf{7dF;yyGqO;N!vwAHl7(3^mP+dKIjqVe7`87b
zosd%V((z)LtenD;-*=qDLil(Q;p}%4;bg#*ywl`{j7aV&OE|grnNc_b;4SI6na@+j
z@Dqjb6M5;W_g-e85PqsC>A#!OQ~B@{+&fKf<U)_8Ea7m!_p*o~9Ji#W%uMzb!`R+}
zoi6*{LyG|v!dNb(|87eA@?mUgA@4M~kqNn{Ea7m!2kQ}LB<{W??K3m^`(9(WrKe_#
z^d#cY$Z~%l#8IpLQS<a#X#I%*mtA(J7^a1=53M*+nzD<u;w1b-FK(lymp#ynyW?)V
z(+o47vqH;m3Y!_P?47MGhl-#LVw@1f25j`~P!af;zT97;ft4&;Vp}bHiM|{Z%#w=@
zvjibuh~&noOrtklOhsUp(MAlgiw$8M`t3!Pl2im{KDMPaPqr1MBNc%e%eHi8ER?Eh
zL2Og7T_{~4*e;l+ss9h?%atS<r<7Xs|D+~mmnALxSqD4)e~62}WN>2aB2KgWb-TVP
z*Dy81@5QU1Ku+01MjZ}iOX|?R7lz{=D5`4D{FbSxvXs=m-i3;6K}@k2Nv_kEn+Iju
zycE=xEupiO*N?EhXY^z!Td008M>2M7Bou9&=sj@iNQCR5afmtT)yHz<3OHOS+jHkr
z#NXna2?HZNs^(%7)f6W;dLf0=fi1k>4^WflQt%tjiQ~lg*c>WguzhoIYle#6!V=P{
z3yk;q3(Dg!3A{+)NdVo{8GYr*Qyh<g@>BM(OIBvpELy8o9lku68p~msyhUOEIZ99{
z=apXKau&mHfl=$GBuqw$6_#dS=e9z|xFx2dH!Y44`7u@W<l?MTYbon=KA9Oxr_@Ap
zY&5~DOxsZj?=&mg7m0a#8UTBrcRls{Yo~T$M{k+#e)i7h`7QSU^8R0d$*N6nsc-L}
z3a^K25|+RLU~jxA>AxvyQ$D<2c)8;iMG|3!5+4t~Eo~wL{dyw6Fnoym_J01rnl#*#
z&kKCv0QO9HO<wB$cIaE7>&Zf-8}59hyAbX!O8W1n)J+P0@=cr0DTXJIgaasisJ0Hg
zVyOOa7-rvbV2DLUmtQg+Kg@>N7EB3aKy}#<-x;^5b2kY&G*33V5`94R8F|g2bN4Zw
zyWgsNlBGpyvuQvza}h(QkuN*M7i<c@3^HVp+a>GVX+Rb1h#i41JE*t<oqOCht8^9U
z+|5{QKs9SZ44B5dGwrwA$iq@+_L%0-yHJ{9=#`BD)z1dhN2Q&o0mE(Rl;xW2*X>wK
zIm`ys8}R@eP`4W`%m!5R4d{C)yTI1f#@!fD>(2bDWk5CK*w>F3`WLK8G4#sy`hZ$3
zH^_}~9Q)1YGJ=bky%4K-jds)rROsBt_F_O?G0`)?4oX+~kQupjK9yk_Bn+u!J`_V{
zBsq?eHIt(QuP_9~%ptTycSMAO>5k~@p~KagUWgyB?qn(<l~DA-LE4v2UN|?De6ljl
zk6x5SSy6=k$4Kp$kcCPGc-?W`!<9Xy!@P1B7;}%!6LtOBk{3=5DMTOH5k$%}6t~po
zDAWyX3|{>38{)$+si`ViHE1{ThNwQR7aw@rO9x*2y3_VnGWy!b{TkJBI{?%db<M@P
zErq%*rmA9f=N~gYMg3Omp*Vj}hFEAVc7FT9w=TSUps;Bt-1$vA3t^1k`tK$}NVX^M
zw8cHeFa?@$0B5#5Oj0Y8hkp}9!zvFOl3&IxV}O<2G=bgi#2+L{GHTIH18<caV0XwM
z>>i4FWSj=U+_l&cR0lr@$1<98Y(Oa*=iCsqV(tw=GM(CFyIu`ac5`+(?q$T-T$A=2
z7_5a%GhjPG3&UfyCT-Q3l!X|Zacm{*xGB@MEPC~tnf4mIOxa~M5Mc}{W!rM>OC$zG
z49hL@YMt;)@)~)qMbZTG!Y@m$M2s-=KF3P4bs+j9a_i%IrkYyzdX7A<=TD@b*FUc3
zPokbj)?u^%AvvX7933Pzi*ddp6fcA6@u5^iHxIro!fljogW>ti@aV|42;_cavk0Q8
zu?as8=<I}ZA~-yrPInqd68;fhL;24Heh4r@(}{a8_GmsiJFX0-lt%CynsksQdgRcA
z9~<&Jljm??s*F7$sT>7it3&7ID-)Q5D<B2U$86lGnx994gQKd-P0GNJ5_jTUS7n;=
zEE4!Wfei$HjsRmFiT#@h>u*OVQnENSRAZ{FTzvx-k>;Vd#4M;e1^6Z<_EmuXi7>C7
zy|itHO!`gK@M_wtzs^Jr-><RPc$YfMrWR7HT2^bC%Ab$u!T%+2n7}gx*zDSK<T7X6
z#AMs76`9KaBh0@b@EPKA8M`?^-nR(+Jb>+5%w3Gv)SJ+9>}Epm775*A9cCM;H>e5z
zda8C}9`<wb$^9yEr2EiRuRA`J94puJQz2Kszj9N_sgNyeFuB&YWu|@G_0Q)w?8&$7
zo!Qv+?y7wI6ZsAMEKV5D!-0`OIxzA`e*MmTWETt!(1DR5Ixw=<uxsD;NbK6zHWkCI
z1%1-27{<I(&sEP19m3c#d8o{WI<q`S2OnZHg>Vb==m?xVBz!m+(c%-q%yjy)CXS=;
zHc#T*NOKE5_T;m}?I>j0;ugE?5jcs{A<Yf?7M}=aTk)4Gag>0|i=+~Y)+rh4_Ry|7
zlraJ?6ClQ&p9<liZ={aEY64LLT?9zZR!BRkJV&6Pz!?Gx#ig`)E~F$-zGHwtghQn{
z@h>~>xSZb5<STa^xV`83kZ$*UZQh;to^!7D_TAgt<lTO+dzJSY=e?aPz0rGp&EAdo
zdh5LhocB7ay*>9@s=T{CYHIWHtu`!&=vvL6NWfBPBB4p=#z)h+(TvLG;<Z(Yu`Bce
z$FO5BrEuv!bx9e`rL-y$r1=#d#)yj+!uhp17Ksj&<<yBJZsh=gRzI2?1Q{T!E~(fB
z99*4N6=M1o(vR??Ye}cVs#0sPBCCVR3=Y9oNKK|~ws{ic#!eILbdtnadK~9!E3~IZ
z^AC?+rda@m3Dd+RbFDUU;7X3bw+OK6E^Pu$+J{1pr&CWVLue)Z9O^#>xZ`#@oqz1u
z3f29W97V^LA38!0JU*xEBL{&RhqLcb9EY)r+a-Nv-5cxfx?IlI`)-G;_71u31Vnhi
zS+9q~b*Dvydqp^04_cmbI_vK`2tGLFYQmnMyAFa6_N{St-gN*xc+Ppn?d-VcAjo>q
F{|D&R{z?D<

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_harvester_plugin.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_harvester_plugin.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..572dd4386ba4001505e8c1c6366aa0c8ec6766bd
GIT binary patch
literal 58757
zcmeHw33MFCd1lXvp20CV3Gfgx1i)iJVgQgJDc%Ah$~;6+LUSm}kTo6xLl71)1N97e
zj4Vsei(@FyFIG13nqGU?+&pJ3=4BJ*WwX&{osC}Xc>OlV&JZ90_j3|@<0PxyY{Ek}
z6TN+J_xr25t9u3w3@-W#o8UiH)pd0pfBpYofBkj8yxcG0Ir_E0$A0^?B>fe6jK{4z
z?oYw-IZ2UJNpUF76AsnMeqG1iDQ8eR?oqu#dgD4#a$HvB<382L{LT}8)sJxZiPGa`
zYT5B}wfuO6T5&v}2H1PgiOS<uY8BjGwOT1rYZO_nZIGHI#kWRM{5zeze6@~+l_IQ6
zgsoy><p`?~Vf9L2jiffPH<fr(CEl!NVbut$5n*eFoT1vxj!0rS9Zbhl=~VE1QVpgr
z#Dhm;>O};^)n`V=hlUfuF*SK{crdO8$Cy9-9@VQi<kWm8V?)COCzAs&X`ZoIdf-CH
ztp$3<#=F&l3&ZL7Kzdw_Yn9K8#L~!mv?rF14<*$rTG=ythNrKL#kDeJAeKPLkQz^=
zLJloZP<-a_aBLu|#xKUzR6LwQ<V0KzUoh$z)hjiSOq?Gc3Mb;1q5~tt@kBa$UQLch
zd2nX`!t!7V!#(4vbaM36xsTxsQr%<2nVpMDomAszI+1LEcOQoy-E;rH!SOli1xa;a
zJYgKEF2$+3U+^?ZFL-x4cr4~C$@9sEPjRi0cIufG{;Ix3<l~+vAHU+kNGfHynI(J8
z6lxj9Yx$5I@@X4RW2_YPS@$@`Q6fD&5K9jy6Ys4;eKR47#|K$K>~PGC9^VoQ4;T}V
zKC=Y>UHE_h7cd<@C-v)1B#A~yxX*Tvh|qqcq0RT6h^LQoDR^iKcQ}k@4N4J5pRXVa
zyoytCDegU(=E#Miiu^dq^AY#cQu5LkJ$UerB=wgWar!C@m-&n7?TM6hITY{N!7k@c
z{acli{z@ZGU$x;ff1AYj>_gz-+PqR~&3J~Z3H3F;&8S-p{a~pZ^-95GO?AqFI+<T$
zA6pDrMPBjxyO&gdkqY&f6<^rZ=9Q#`toW7Eh}_{|K41T8<HIdqxW))Gf6*R3qZY<*
z9EkpaV{B;16)MZ@w2bt4a3mQUOa)&WKNsg{CrBuWp;R4(4hDfHFNC##87E31AJnwd
zPkTDqZocWg?$k<oM$z-bBXO++o^<?j`np4N4g*zYc5K`-c4d1g<$pzY1P=ts)e%aC
zqp`7J9TWOr4GyQ+i>^>g^Kyi#1xA6lEwQe<G#8Q**iNA9gNj%x6<5<N<u0T|;I2@G
zO0!WbQ{%wyiRi`H$aq|(iKCTSr?FPg6GsPPBO~#_XfiPnk6s#1U(iY|WorH>#;(xf
z6OE}_6^jc@Kc)^ON5^7VJIe4ndTxApBt4u!%}0{REu}R?Qx}rsBZDkzbZ8`bE;bTP
z#75(qFPe&-k5dj>MK`NF(9aQ7O{!W=l-8hFIvT$`HWEuP#1!&t?o@o_yxtb(+Mx#w
zu!R7vn9|BwYYhOmlUJqLpw`h>mr@n^w{}`RJGh4zy3^{}ogzFE6pyyEXYUJrN1i$L
zf|7`-=X;Wa@fX;F{K7caX6B5}TJFZKXq$M$S#T$7;HWu**x1sJ65=gDxt3vz778yc
zCz>>=KLdDOdcQ(i+w#S&6M>n{yQbup?^OjStC}XfGjheWyf!DV%{~^+b{xsBdumGl
z&~3SXT5iwD?K2H+GqnwOJd&^DuH^Fh@5oZ+s_DRnTwp_1?z$Gu2D+wY{qKg{l?`kV
zUhcRlcTHRrVL8)>7qeqeQJ&V=7M}=4r2F_HDR0f8HH57>ufws@YmVXyI}Kbi=c<FX
ziLW|Co{%@wY3Z(ba6A=HF{F|lqt!Jw64dbmkc*000KzS-22k@%l^8Z{10xvAaW&*r
zX-QIPg;8n2=?!_<gjOG;5Sqv8dIF6AA+H)DcPoLd1hx?nV?PDVs*hu}6HaaY9OFo@
zpZ3I(N1~nsm7h8ZP<#Z=G<MC@x8C)*9`nDC!B%?5FZmiQ<8U(@hxce4s$Ix&K#&md
z$oS6&fQF#}%Acry>9`}|2ud~thO?g<f<1kdvf#lYBFGG<lyF6yeWe9a;O&siK>?Bj
z{|rhU{DC{+e$Le=7GpDY!qZPZ%^q{XPYy=BL?)PI$%h<+O<4SkkQjn6dCDYAENSe?
z46)#XTo6P;UxQvL%TECbgAr!Q+jjBo7vz)CHiDEvd`oKEn$1p4Bn=3a#nh4rEwj~Z
zYZ-CPsvSzOq_VA@nTiONqOk=rS2U(clKH|OTjGbNI(sa6(WEbU<|cj;?gNfQ35cLG
zN?Ee!(YTbPN8{2mmh8v-4|QA)xi(1KM6V12x1R?K*C++???cYs>jzwo(s@UyJaaT}
zX;ovxw76Qr4Eiy62@I`;v}dFhk=3Kasnl>{D6EpS29$Y?P2yg*=rXcBaov$QK{R@2
zC>4Zkg`AHY6g(U{1-~Pd+Cr~Dc5~t$4*eBq_%Nfo{jY}nuWGJTTGizE<$>sM;(YSD
zhp6;U0y|W~R_Zzc@;?4Sz(US<f<@5Wh}og}1d$M`)M{)b9qL}nhmrVRPOWQR-cXEG
z&^(+6I7qQJ5Wq?!shbEi6KEl@k-%mGG*v==PFb*=iHuec0a(fB4y#8epLzXvTi<NA
z64rY-zracE&dvfdo0BM^*(8eIgR|)76HB31=E$rYpO^Z12N5oRE$=hP<?oc&eD)(h
z|B>w4@KkyG+mFwbRZo{S=E@qcIj72+AGoB7jyqnd62$TDx8&cfxLyIrS9;#6m~7b%
zSGHw$F0gxA*8e6E5(skdl*KI~An+?a!k5eQ@!(rjjx~niyNMSd?5QLwro}8(#72~v
zz?!Vw`PJ~h4ddra1J}Zn>pS7fuJ6nRI;Um*Z&L1@c!m3>Os9B_urCb=UoOwbgKx>5
z*S1(=7`~f$5#}#Y2#OVvgac_G_|UAk%G*Ck5fS#)>Jw{Sf4tUzqP1jzCb01k8OI2~
z^MDot5J<!%070UmN9l<;MkqFW`e~-H#}LmYT>V0FWVcvip%okf2t;?p)hCELBQHpz
z+=|C4uTs49&q5@YBs|Z#`vkFKrc8MIYYbmRpyA|rq=XTP6UO4D6Nv(S_X$GDNG*|Y
zT8_w&Uir>GXCV^JG`57FNt!DDenCX_5pF7YY=}fNZ(AazUr5W0-Y~u=hLZZt)V4L7
zof_mAWJQarB@u~cIkvTo2r^mJj)+7vm2K_JRH#*H(b%GIi^defWu;6f5`9X!QW5d#
z5;A{3VRH6Z@*>1u@L=rvjdnMFAtCdEK=k0h%p_&rc@|?w???2-IFRYFtex@T!WUy&
zhldkbhK2|EI;`$NH8ZP^@i5D>O?w;=0<rZt<7+<`8)SmF-puN!Vi2(n2GdC<#j_+)
zX_BZ12(TrNRx0%g0#6b+0uZWJKSXX?&NSbV%L8%7nQNsfY@0;m=g(s!f%Dc!DcUgt
zG)mOt1X!-r+zVMaOD!yU{_3fope&vyKpe8#OW+iNX8;(s6C$TzkgtX<vsXjC9WAS&
z_S8}q!rA#y)lwe-ye@s;EBW?+Z&Q1=<HY2qrzZkaa&xgYF}q>=+b6QYC#K4}#mcxf
zD|f%W<#)rsg%zj!*9YDXPlmhU%7(jhf$nKp|C>Zepp|>4EN&42fxnJ5M~|M%^YP$Y
zRE{-<;k$_!SaT>T6%#f~6|s@_L5X$E`Q6&5Hn_gI!T(f8$#uwIDl|FDq?ggC=8r~4
zlY`?Uak$H((U-?#BP7>^FA#+cSWTrzh7<8b5&<RA=wNan8dcqBQLW;c?$bR-qdlkk
zjzqhkIfhL)?vE&^Po1=e^d5OG+Vk|WBfY29?MSHZBJeDMGn7wVG@437HaZZErPJ#0
zxp52-lyR0KbP*sqk4h^i1GGS-egWX;q;I=-eAnZjI5_E9^KFkmTe^1AvrahfIx9Ro
z@4F=LV*;$b<3-rrpyVx`Gf}0-FXFS5NQAI^Ek4ioyQ`3r7jxI?_Z)Wcn9RwmO0^uo
zfANr5kDmJ~!0bIZ+F4UQ3iicRFWdhrc|pdmoY(+hK7s6*uhc+!ie+!iSoV!y%U;=9
zo0)Vno{kO1(y{kGj9O*3QViQ&vLGaTEFw8BBnMMrdy&;QK*!k1EFIY4veG!z6nK(N
z=9&vig@zM*`h-x+2tnMQh<h(^STbU)Vmi$r8*%LR$UrkVA|B8T&a+)6&7im}doM!J
zW8_1WhS7k8fZ2|hS&9vngOx~#*^Jt;9WOJLpcJg7n5nSFy84U77L;1in1VV~+>82B
z5{#L(u>DfAmy7`@zIaVuYTGZKof=>6wv=g`%A`dUk4`fX1zHmE>NG=1f1S~;mb?f>
z6g=oDL4O$a2h9LlA>qV-+Fd(MTg#cIp?Dhm`&@khyF*-mAjr3#Qo*A=$HLbgA2<&j
zz+TuWvCH6%IlByp&MwcfJ!YG;|J5yEse=djE}9Kn4lX>5QvI*8y&sik2;}EPx~a4|
zVshMS4|xTF&>Je_40N4sxhx~ig`6!6bTj49LV)qkjGs0cXqnRi)Z%IzfiMBK@G}y?
zT=;1y84EvO_16HYr=zwt(RR&)q4+kDZMu)3kklUlye=6F`And0I<Petz#@Gl8`wG-
zXoF*_vwOPpNUrk;1;P<HGA-+WlN7B@c)8=Ie1vv<^e8#ghZo3{zp+g@#S60}rLviq
z(sr5!i|lX7M`mvYkmdmKcK5#mUT;pkN-+u^1A8T$?ZAJ}I+EKXE`~dwH0J8yuVSvw
zi*JEBoe?)Mr|WF91#?>Gs^Bcm;%zXeS&Gdjf|dU?>c%jqnaUPFn_MfyAH`yu_|Ow}
zGQqTm;SX@N%;)W|GQPpmD)zWYa60+;W2}eajh>NV4Di(W*jQ3cWAhoBMagj$8_;Pe
z9Hj*Qz|OR(>x57qDaay)p~}=CBxBKw!)hAD*k}xjO$q2US>7Z^#<BApFhhn%V?%Mx
z+<S{A;^|9C^(FN@J`du*YQj{IzZrN2vOdkj3cc>+xa2S*=Iy@k<h$=Xdm%Vug1E=#
z{lW!fkrE3QQBf#o8VH|Q<!W74&#n~B2pyqteA2}5$-Fhv4i?2L^QJ$CGE-jzu;3T$
z9anbcD!V2tcTITixjn1>cO(yXl_j|DN}fvp1M=P{@DKj?r1wkVm>6e)_bBjzUvm3D
zx$6Oif8U68#}exYdMt<klRj&>ky?baB3Z^JKn-}gEPs~OJjg{_7SYyjLzoTz_XQvq
zd$NpH4EER)a|U7)WSKef?U9Q;S!SlPM=l~2Bg=}#Hp#MLF$Eg3AQ}4_2$7BA4!b#u
zQh>571kb_|mL0)^9W)EUQxcLhd)Oq1CkDro!wIkf2Bi}p9ZO#c(o4P%kw~V4F^l2{
z#2$oPKn9&$92t~fUOxS^JCtH%PRLzA;m~%%?u=DCXb;Cvdjx)}$j^Ae2+5YLu?qZm
zF$sqiAw8Za_3uc{rgxf6{3Mz-I-baDK<&`N5Y(I*B+&k;e*s{@P(%T><N_^Od0RHn
zG8xze$6HMd<O18KW&Q64z1}3e+;LOhMwE{pC1?8Z0-5nQla`clzttoX2*)jX8^=3h
zUZ9SGsPWH*cidpv+;;5Z2vYC|YL|lSu@QQc+9k2z1rI4yTE*CiRbCJUUIWJ@yo#gU
zk-QiwVWg7~RWs5_%vw94H%KQp6I6T74p~SiuPN~D6T(-sd>hiqEXAIc5u`{S>13v|
z7wn2uz;0esQ^8(u!ep0}5}kDNk#eI&TniC2e=K>~iq~z$wSKT%pC0muN;BK@C$7Li
zq!+I15CtJ%3PLdu3faL(-_zj_)?G-a$5MOS+XW32W}13?cXf5`;QB_ipTSU+`Z8Ra
zPfQ~<MQ_ps#sPXm0j^(I4vin^bC0V`QBQMUNMfI}Ku75ll*$yG&d)Ge1*cmn;Wh%)
zrJR@hIdb(9VC>W-a$N?n7o2XeLn-+P<-lSQN?vkmmej8SST&v6PD})*<&8Oc<CNUG
z5Y4;VHPf}BTy1EwcI$+1=COU*b^EjOe!yH{|Fo?C-H`WBToFF*xS1E0Gkti0<OQ+e
zMJ8P8MxsIpHPz?wtCC1d?I-X80pb$Xj}f>+;AaRBT2fym5GC+Y0&ftA5un_7zMbS6
zFaTwoBI!8^9(UezyF5=h?)m+Y4K}zuZFl|iNfpaH2MVN$_q_<?#ZU?KUpzu+c#!db
zg^K%JX!wE`f<m#xGoMhKXFefBB=Mqw+zNkH|042%f_`Co!w<#%h1X|Z!Q~?IDVe7}
z<v7?<G30}~?M9nP@gy`B2h!FvBkz3*&7bL@xVECu@E}V9rD5}&37s224~a)Caf5R$
zaU>6QiTJ{y2*NYrw2+8i5kWX?IQoCglfK#V=5uiLf^_Z^ONS_EDY8&O5a%sRCTVZa
zSBq4{(JP*x0J){dB5Sn&CPDBkUi~zHhtvQgrre><XlYAcMHYLD+`)&%vxi1^W{=Id
z6f0==$tQPp%}Kt~h&KcTZ3O}Xd#PraWe5!*H%$YT@RV9lfJgzR_9LW@H8%BP2{aGO
zWWkH5RbKEW6%!`F7R+{XbpXtk4{TwJrA-}X5#hZHLJwRHxq$p8s5;jG3TX0BE)dGL
z9-Ryvn{a=pe$#aQwp{%-BGTc=r^_eOf{^A8BFoJ%BFjx5j{$=FmtPa95X0~h;a+c2
z{UQp;|9L3%r+}ht#g6&Mo&@SM7J-E4tTOMhDDbfhITmGe;HpG%MM~^6o$cfWBLZ=n
zIYmm^fnN4N`e29b%vz&{g2P5H>W?CHVH5KF)O_-4#K-uCUo(*4AR%Zmwe6{GaQJ?R
zTuaWrVc{F(MJt4urO;M?!2^-2AP|hYF_Ej8Dp-&NUTZ2KXm9|FsugW4nfcq+%4|;q
z!HL?@#*&%Zwsx~qqn5s6smvo*ieE?2rAnz%7Ae&Q!)5)=Mq60&YB9phU$jq|QE%fH
z8%yOt(AS5`Llv3rHb|oYK|?_#7#ke~s!re_PAY8jFPeviLygme!>yw!Rp4y(v#5j0
z5TY#_uCY5}p?PVieLSW4s34}ji6c}NibnG>UX0$VzeokJyh+5cP<(y8+@dX#&-7^3
z=7A=htxCsmK8qh{^061J)HzW+aqPyP68q(XV1E9?rj4Vl<+LZ4iQZW*zksq+9^gAG
zXT(n-J+|qK{aJa<%*NeQa+BDHvOAOXzE`SS|4S#p6m8!#;hUBlaxxBwH09)`DY^YS
zT?gKM{@oL~u4j<hwA_-DTcDPBo1{69Rt_Ade6(^%k5&%MLd(-6&BpydRVzoA4OTN(
zj_$smqgXN6+M$lxuN@SwejaURt{afow=a;^=OsY#V3Dhg`UNWSUlI5sfiDpdtBF?9
z%`;x;ilY8&q)#m#{nN)UAN^A<|Bfo)S|<AcUhQKmf&9a{dT1Vov-ROz09t_h-wioT
zOo15y_szVpT%M0dy(Nc<QP5K%hT%g}6d>LR2a0*bHefIq&m*>hTB0v#w1@foh;3LV
z+h8YeG?9PbNdxiEW*J;Db#yk;-?~7g-*<Aw5x%Rt@8pUg`*m{)b@0jB;pI~L>gexd
z0IwXP-@Pm<zcp9inw49#^{qM5B-j6L$gPCv%>cM>=7r_*d_3wcxs_16o(eGxACjT~
z@kTgM%shyml+!E+l-xnf0VRtp=vm8NE%A};5%0Zc2Q2SrA7CnhyvJ@Y7p8IY_Hy0W
zb%llmBs*TagH9tPlxGj}vy<$IEtH2O*^!xK$CoGBS=@mn2v;r0#8!r~0+OA@9zgoh
zNOnpsEfLf^*7Ad8$K3WR6OtV|X0%e0odA>U1VWV=Tl#!3em*unf;}Xh>fz$|WP<Hp
z$H^oNWILqG0C`RstaXV~JEp+ry<Y;E8FFwE`csI?cd&~Id$d(#fklPZAH+x87Fig|
zg=zISC=1$gD%{9sM0tc>2+CYtjGQNAFXv(9k;qQ{Hw5YkELNn`IX9YzeIeG4QKOl4
zDbI7u#r<<+JcatF-UGn-p$f_O`1jT{TP)BlT=w(b9f#gc<#wE~2zNSujD<UF51jNO
z=G;;LCF)o=ffosw`{>um`>O;<lR*6~0x<#w+v=a8Fak8lQ-1+K+v<Dox!u@HFPm>K
zy~fj4u$O+vi?F+`^ChbGw9iU}u)AC4Pqfu0(bi&#3afYDTkUD%TmAIG1Nbi<87`Wh
z_xBcT8TS*OV2>eH#xY%sDLQkT*z(?C?su5>VJz>RHab%-XkEGH-$gmwVXmS!Inb_<
zSY>VAd(QS*-itNZqy(^X*BD=G{uXL&+2mXTeX9~XohrLy#3N$6+sujW3VGPB5cV1h
zAG6l84n7wigf8$u=Y7uooTtmxBF%jawYQlcLY*hZwxTh1>IYd%G9T+v<2bDnj3x5b
zG<6G_K{A9EBsn`yoI;x_754l4m_4;ra0@rjwvD}x>K4dg%gqQN3uN$yg6Z+Gk$Bk8
zrAZZNE@tyd{g>n-F%v1_Fr@HN3Smfrp$E1AeVW212o&g4*@%lmvYiDet(I>fa1&`_
z3&C7zzKq;$lrh&tM`JJH6Rg^+x(!eDcaY@oDB0ftK)mml{DG-J<CHIW?bLUC6&B}b
zJ~8E6f33|}0_+r{8n=A$m8`sOX7fHWP`2>pVF_CU4>n5vMx09ZZ(!igHmR&STeCSE
z+LtZemv!%Z5W@SLzV#ol*EfAZ(~;VXPkpoU$uifq%AS3mw+}zo(^~TNavAQg*U1R}
zdaJ+Z@zSq%l~Bk&|C2u7H#{W>|3;br$u%W;_zTnud+r~_&qB^O(y2vNR-n40LZ1-O
zPnKuZQpFEgrj)|MXIZFRYq49<hf@PdXaM%<rzTRveiWZ+r>Jx2?C2@PX^d2%%8tOl
z=b)MSVy)e-_c%uHSakw;k{jkEZllA|Awe(FL;In0bYCe$2((7&K)Vvq-IZY&`&6pJ
zPNh2RY{z?8;SyL~Z#Vpy+O6%<Xe|_k1THn>C^g8tw%rk_#V&E(8tG%QvTBbDW*gjg
zd*ZOrB{(P33<C68>t}1V>W3)>ZnWDS2Zz<b^jcTv>9wx0*x#{LgE27tK77a^@e5`t
zwtBFp$qHl5+M+iBGpk^x7JI^G3t=}vs6H8~u@k&TS-YrO60c>JV_Qq}P@<?E>SIY|
zTRSrqYPGg#Y@u&ZG^Wt%EgDmBy2?6XfZ;J^y+xyUwb7oIylmD*a9QF^veDMq^KQi1
z0y4k=Lkwe|wjY^FkOTpV(nzVDA&x|uQkxu!c$xmhpBt?^_<MP+OUq8d!^UShX2yoI
z-?ZpYG_82gi?i28-4<ltR-{7DH(6TNew+wxf}$}+&nwM3r(2=4C>tXcx(-8N5hiB?
zMn4+AdViLoFK?l@))zE6yyz|GvU+RNquzQ*y%n_WE%&l|YxAStdPu$1WY=5$Ek<bH
zCc|a^CMqLkk;;5LiIp6<(SkMR!<1Vn{Z9|BR6>iw^$VdzMEe^UQQ&;6h?Z8i#o}h~
z8L5H$L&Z`>Dvj7mtA6^gO4+Jxi&W_teYr-&X@v$xPn2W)l=c}PWDYCf^!`@E+qcbd
znZL^(cWpmq<1W17<4&}{F&2z&S`ZC9D>cSl_{VJAh0XC~xG?TI40qpl!)5+1d)&4E
zl#RQN6(4t^{g*WEW~Iis>-aGncU|UqGF(b0<439$IZ+;|j+EnC4Pj<za4Zkc+pnhE
znUSF#l-68Li+*>t(Z)q%mK!mZF8vf{jj~hO6{*ozgsMf*_*F(;#;;D}SA)j?h_X9T
zjWuDH(K6;QbT6xQ+uml|{O1L<&Eu?X_E74jv<-NrN~0DlbUlgS!~{;o>Rq%CM5+bx
zZzfl^_n~oR)MICqeUEy~PR<YM#E)r@4K;@LXTpQCgpxrcC>7L=z65ovFW4`>iaC%e
zp)Jw2i=$eJzVVsyUmR^4A0BM$+`dC|#m2@o*QNM5m|}MGOGyZ(#$p3;&4pOF#w2zw
zjw?k<ag$Y&jO`^8snfWKWGp_Q`N<O88D>&OB?Xude5^3k=_SoOioI-{7bw;3$@C&y
zt>hvuGwJN;z+EvV7g@TLChHMW6sV3T60lFL$vCn=rnKS+lnqmI>K~#EzJo9dSKa|i
z+9#l$p!>w~9CUn6I_>B)B+Ljgo`|@&paom$z1U6nq6Kii8|660v`XB3!*2G9j*sEn
zaK#r%U4yUl0|WB@k=W?D!Pr6DOG=(BlrifEzl=V+IGPIY=Xb&!goEeQfjZu&eXW0d
zUCM5Ge0s~F+?GS{I;OT9X1jjZUFy%_rB-2>`{6c$v?@_gy0GS4Y~ZE$=wpo|d8bHY
z3s!izbul>1n|7F;ZrJeQui(&M!N50d`!mBsDQ2tNF!%$*Vw!6to`4zccnW=bT{j`t
zO$8n%FixO{z>@@y0QBn03Ync$l{u`M8RfB$GA)^r`5@=TQG9y?Wk-@lRz#kSAu{*z
zalC<rqHXgOL4!FjXT<NECqC}5d3hYiTL$wILGzh4=^WpoUzensY34A5ezd#q%n{}E
zkv=HOk*I!_trB(+GVeRl`mAYDg}!;}J<IG|@wza>a9*m#{9k81<Wn?P{gfv^{PQQ&
zb2KSY0y87UtjLSIonSwTjUf^fo5w&il^ikb6{v)nv_%%X==&{(=xqi##&cMWUBadf
z-K&H{LNt_JycjW5GXWjr?A5VRXdT<j)7G#POuF3&V>2_!F4kikk6N{XZOvUF&1a0_
zl=_$SAsYxZ5ojhrvH&}icv`uUj*WhXJ~f{hewu6yDmG9wpBOrr`-LV3nL$2vm`eI0
z0U}J9Mvmq;?V<vQ<TXsF&a|eLe}NSCYc)qyy-m6F0$2^&baA77uhF|x1fC)AR|MF(
zT4K<cAqw?%ay?Ce2z+ktmz}!31#hYjAn!<)?s<Y^+A8Y&sAz4VPFqud3qZN$z>BFL
zphbXSzqj$w<i>8Cnws!ltAefi@>+lmtuq_LGmTqknzy{Q@mhFhbLeiVcf+bXl~T)=
z+v}QcZ|r>gsdr9fcO1>O9J}LkZfn9lP@BSUm%no*+kPzDavWi8O?Q1I8`s})`8KY(
z>nVF|)!nMPs_Hwg`c)NoT&sH=ezJqHJtuFUk`LY4C9PYZl^bTN>Zhw(b5*S~^*ghx
zcFnBYm0i30JL?bMDUqtT-jUqZ{t54$G6^OzYMOI3%~?70nN+r>d6LZYgx+#6fOEmq
zvi>(IhnSrmGX$@0QYsN8m*?Zbx8%^9yR0z`ACjUt{>GX&+;2HV0^vaPnev+H^2c)J
zk6n%B%7YWmnLyQapfML{%*qF{%?CKl1rAKh`ri$N2O5Q!J8sGcCR7oYGktg=Vo$Oh
zMJ(Y!I7<EOr8h2R<>sp)266#>h5mO#Zl1U#eB5ypVJJ|Kku!btLXSL2xrsQ!fnX}`
z<8ORCD{sBZ0W3&P%lh99dF#Z-g^xRKA`HdpF><DlUg(i0DK`;EI1o(5z48VW1-ia8
zGQGYlx4sL`iC404T5cno)WgKJVcdah$EfHo{zvzb={|aaOAhoG+<}|MP=pbN$c7J*
zQJi=q97w==ycrFimG@0;-aWl}UvBe0xU&d>JFstB*8e7rKoP<nH|2d)DLq!s^x*|^
z5pTF-iWg&vPNgz0#oug}ClVqFwc%@TyhgWEv`;tf&Nb2X6cevy;mp6Ff`y4IBe(+>
zM^FXzD<yC(h2f(Y(393*a0lIC(JsR14h!9f$S6*{5e_7v+P(V5t5=`T1vY2p_P5Z%
z?b*O){05L%|GS}w@c^6wMGWqqq$DDqa3FYwuC3d3t#5kcuH435aN-KOEZhN1fBo-<
z5y(TPm{+_Nfyl#1kz+YB-%Z5cXyzrNOv<}v0>P}j^V;F*mYunlop5Fm0C!;Lw5<Q#
zFamkV6!VI=A`p2PDRL}F=DUg5EoNRK3UcA9=vV{9Bf~|^!u=QFT8PpH)HOU|H`)GF
za3d$wGJNgq&IPWxp_D^OqXPc}3scmXLrJ3&c~;>+yYzSo>KV05R?nzo>KUu@)HCWA
zB|cfmmdGpx3n4~X$d<^g)DWlCD-DaP<qt<aqoJrs=;5kotQP7SP+wUw^^A23P|tXb
zi9_dB&!}4B7IGcLqYh<#-WGD>iub$_`-pM5Sn*zC(Vkz5dPYzP0yij4E2f@7{rPaz
zGk9+`KkBWA)LTKZjtK{pX_l&<!F#LaQExqr-WpmL+L&n-JgmX)rz|2{5}yWjIVcy`
zs^37rs{aWfQ;HW%PTRF}*L61&5UBr!-u?lBcL88$5~eI6rd3BW&4yJ=X3sknj$e*J
zfEo|uZt8Z_;id5K=#W<47mp1-r@|i0Dab}NS&c*31r1oOB$ZC8WCz^c+3}&_5N`60
z4M2F3I!Q)l)W1Vn2=j93AnfU098mv^D)A`-34lCNEKyrb6zhiLbJCEc<|rPW;<)Zm
zZ{jCKQG$%sSEu3Bo<5Cg9F4(9Ctdsd%*goAaH1%4&*jInWvb61_xn`#>(X0pet1HI
zPyKTO=L!4;0Vb`vO|I_}c#^;o04};z{|B6!3w@w|kKX(>0TMW>e?#DJ0YX(wY^44#
z3Sf%q|C?OYT8k0|ssD#kko;Wzdw@`-DVR~;r_k>cxJ{s!zz+zVBv2rRk@4YnVwe<d
zh80R%xS*x3K+vMg<o7PUKMtW1sjoVz_3h;?+nBs%+e}l-U7rVnmI|q*^{pe>9cQy!
zpU*aZc&6h}w*86hGat@=<b3u*BKtxzdulA#_%hv%yy|YClmsi~Bv=U)2v(Y;>V|xg
zN;tc={oCue{RE3tDr%=I*5@kLUwt`Ov0=hB6R4gJ1arhr?aH<=Caz^R2Zw7F^Y}1u
zW)qMC>0w~m3?H#<bO|H90h@*#MJ(Z9>|6C`FTZg)D{s0AZXO^<=AZSy8}g=!%fiPU
zHxY&c^%yzRM=$iqla!H&BOD0EM-m5|mD{eBGmxWuHuS$6a@)kK!p9vq5r*RQ7&+5N
zFZ9Thl$(en98)qsU6qHw1c!KgfgB=N>xWXmn=AE$8!TNGH&_NvupIv@)<{ZV3EW`i
zlDWYu#tl~Iaf3CBqPBlD++dATyQo_JaJa$RqCCOF<p%2nH@HfvUomd5VFBFW>LT1=
z`4YLoD#i`2$)i|T{+Pz{xxwPcG?u~*t`poK9lls8Wqs<;hr<o>-fDc*TMwzXf}raP
z9{re1B~weQjFdA)Z&UedEKg~vq98H6I1p3Cl&>~Kka`iyS3&`~D9$q#)0%X}v?`@p
zX%VW*)r(L}6Y6jl#WWhvl}s^hBU4rm&i+be6T?sC^o{%QdXcJon^_BO`N?mgp@vW>
zvw2<~^~}kj&QfxHqO$RG<B9Zm+xG3@jxL>31#ihX)!mQp(VR)#4~2U_$1kfNpk*_a
z5f(ql;s>8Ttz=Fbtm?o>a(u8&&z)z>_|=caMn|u-4~(nW!cVs|UmL%{p^YV>;+Szw
zVrq$5#Rp(h{0gZUss9&+TDa3Bym{0e*ps=qQ<dy=&f-n&E><tbo9f>*OWo%(acCt3
zNTXC;GFyu8wqr}RGQB0(4XswK3;mKn*ydKrCWS@a!f!S_Z#$X~*R2X0i6ALnAnEm$
zXL#?Suu#oX8Qv;tNjtrR6ZDNt+kli0QY4Ki<bUDkEO2c;3(UJt+p`1?m?!-x4Wb+K
zFu?6P1Khm%t@>;21{1tx?@VK22~2KVc5V2lmC2=TJ=!j`+ba~ieB6OOKw<**T|jIO
z8a~<_Bqo>MOwO@Uh;ZUM8Iv2jdJxJLR}Wg1D{jak;#&)KE2s!P47wGD52_GGWGG8q
zJt*P`2ZE`%PrUJos|hf-S-B_M*+UTS&YoPLXIj?(ZWw_)WQuvYdy=IRF@*!+Gl8{G
z3%Hv4@+ZFViMQgpMy4e2@oZzBlE4jY`cs(L?kDX7@<Dq*1dH8$IIzJ#&u;2F&}UoR
zZYp+C<z;cnY#$a}aw)jvvL$fI<xA$0D;Sp?$m5bL7sY@6Xt?A`rD{>N{NZrPRYfVr
zhsz~b3oaQ_gcakG>lVNzuPVYN`<KWiS1>NQK9BEO`Q7s6bIHYb%a_6>uNGV~?SZcp
zmrVWnaJXdNTk9V6*2Cy6#W^Pr=v@{M_!#2>*Z&ZBz(&C(2bB#g#wF8uW?b@6U8pIu
ze_kF?*Ov}Ln;2ILkAf=;;xNf@Vwjx<(RVKYE79D1=MwQ5KNveVz?eYI%kRg_?0%(b
zATfL<uBLE|q-k$cM|elLvuRrssp-S3>tiE;E*M6@Idyn&DBkp{g`tB4W0?%y$t95X
z#u=5_yNzF1A(jp$*s*j>`CYA{Lh>0mwH9GZXPwqkj>~18R^_u!Mk8tameImLgNmhI
zo`-$n`r6k0!_^zIP5scrru{)b?GKjG{$NGH{$Oy{{$P7{ZO2b5>$E%DLVB%$R;|_>
z2q9)DPxq8mSHa0xbXs*Esi_*VCs|%1mT(|kuud&k_he-N+#!p5Nci6kxrMkPGXU<J
z2tyHi815@EeDp$(JV_aeIKqM8nLq<^H$7kO{X*|skLT7g?&eB%-7M~g!Z-s1)`jkj
zG`Jfhc;Vd5x7@|Jn>A9xefIGDM!M$E{e*!p1*VDHoeFMAggIhYf-a+_UC4qb;k6j&
z5{E?-B}z&1(-E0TdcR=kuPx9xmmKjyyUus^vMK3R{EOldel(m6nH(mq2KKDb5nsV&
z7;U&96HOx3DR81iIT_JwMPmw+TSa4vtGSdios;pCF}a9eKj>Y$2zk1o=`Hefm@Ov5
zTnStNK6cf9WY$P$%2LiwDdnt@j$&6K`6qTpx`v%6(PyPnP=XneG8*%p&g7_WwCnGU
zR%e$bmx;c$-=mNt6&SabXKz`??aK4EVyD8W+k!@fNQDtmoVOJtf=vCfYuf_~@u4sU
z$b6NH=smFqlizz|e=`(FIfLk(MA>;MRF^qqL+xFNB?d?0sURKO9fsx@ZVcf1UO}S8
zQo-RwFqy!u$~bQt9v}sJ<Dr9$Ox=rAt3D@1oQh*FbiHB-GprtVNKm5p!sa2V&`YF3
z4;2YN7yh(Ric*#$z*0b+Q7K3K3aC>AluE=FF%@S!Qnx_!s#go>=beq?&TMxA3R|O{
zoCx)>BhKpAP^r`W;P4;A$q32JdYw{fGYQ%@3qgyM(D8I<hUKuG5wL0lsFIBHl~<V-
zTgat(hScQv7!EOWQdaZA4yqa(Nm0WH$#OljIm!<ea>JwiFroI+66hnNU&PTveiYaw
zNarZ*t3*$|jcUCv%>?SQt6L`ntuqac?|8m-Ec;?S`*P}zBpq>n$az<iI*vNwdC_@}
zeqMH7qMs|ySLkQV`EiQT=X{lZnm<8dO|KDbc)|r(^@Iy2+Oli+O;+ur+`Zp=J{vus
zRnxilalGz!9;3J?oTupL3Fk8`muFcneJmG+V3p#Wsa<=u@67|*vLN3g`4n~9D1kA6
z<?ZCW@GzR)ILZCnXy<~ho%cY+E==R_Ws0a0ND)XA7zcnI?cX6cQ!$K?YZ)qr&{qsm
z7Ig$n#llTg@!J$OuXds4P<ag*({PF6Uj|530bs=EKYV9pV?KK@#|YMruUxnM3Jvzx
z01A{3?|D7G4R<P}!;a^1c#$8)Ja~Kd5zNO=WY<3Zlg$#ec1*YKz0taNvT`5bwP!!y
z_{)vC*1Z#+Y~{Y0)jP5~k7gT=W#walxxle$S^v8sADb8#KJK`g7nU=9c!A^vvEfA~
z|8&nKRqapFx$<vT)g5be=S^7|!R+wWpCN+f9uP;+<{l7cJ+~Q_Y8_BY0I{HW_Bdg0
zoU$%>MnInP2X=Bx4Y&ELctK**Ev~Q{toU>STaXxLJP_DegZL8>3o{68$D9Oqr4iqr
z2vz)yz%I=ru*>>uMJgOKDSVp5Rq3=9%dFp;rI1O4f(Q0%1(9Sd{DNSi<5gyA_zEAp
z)F52Sl=4N@lC}!Wa%^j9+7lMFqeC`kD%;wbsZgu(qOnD<6^&^U*u`pK64(`jzy@Vv
zA+SmNn?06NZS0;}?aLTF1xrd*1q60b&&={O=g6#H=E$shG&0dEf{A-HG9_Ulr*LG#
z!tx*W*^EuaL4x$;cXU;%^F|vELiffpA8hS>D|N8&<xp0g{Zo^Xv!t=d2<E0xv6(Aa
zF{NH-t}2uUWwm8fXyG&0&dxE-T-p>G9jXeg$?URWtJL^FQXNbM`5ivNOBdq&P9Nf<
zV0k_^Ji_nwQU5*KQ2k8+&G%GNJvTf!7*B+p>^2{=yc0_$6LXk80=cs|ji$3pAh--}
zFh$on@SAi@*2AEIze%KIfqD~hg~bls{5j%4Tj^=iGqSPj(h*9{XSRqp?QEMxT^&2-
zl%9hYew!-x8w6H_#MZpL9>(z<mU98AeVa;~m&)dLQo<Ckoj?b`JjZu7<Wtx-ouoar
zGM)W<L|Ok6qpbg0-ko={=iA*UXKGemedVspdDv>}<RC1i6duVTD<?nM^mWbZ&mZ_j
zSTou5nbeyHCdsJ6rfbhKU_BOtb1bm0Ada<g2admxITrI=jK#-;Z^@g;0E-#J@FD4&
zFq=XztXac-?O73DI1qa#P@9#ve7XD!<=0}lhAnVs8@A*ETc&0G?}ogE2!8TSna)WT
zPec+9M47GpLy{jx&A$Vh{KeAw)qhBGvw&MHN{b1}Bc)g`ASlN@79=Wnn>X^D7Q)K}
zBu&Y<E?B%|tVa-umt#c|#suu{`~#;UM@pDT{EWFGK_p&*Z)H!PSaXaJQkveWdj!R9
zmSVf^^~*+TgAO!m$!ztSsRgHC#HZ3`rv`0IBJsu4k|=hw9NSu&Eh=h96uX(qwsvMJ
z)T*>tY?JmX8dK2r5Olkla8zc3ZkXj@K3{*m(Mp!Q?0FG!*Pqe;pms>mjaw+jE}kw`
zDj7}lYkf8p2u7D{_UIb?*}Rsq;V#A4syb^KTb7#Iwx)SsM$wppiY*$`Y{_a}S!U&1
z(r?q6>x}*}f6<yX%WBQqe|D`|r;kk=4s+S9x$2)+YYqiM^_kr^bo+4PV)7+yd(1Ml
z83a8KqCP!xMb~>VCDaLw>O655Eskt!WD^_<GfK+O%HKeIbqc_0f0Q4U|LC&lxmlkx
zn~0w#BL3S{fi40Xz<cx|?C3nG^bVrZZ7hfyR5~m)hVtx0^26}AkcDCIvYWCyOn?xA
z`acQu0Pv&tDC58!WssFp{ai@?K1g1Hc@`g839a}hWV?T!Y|}7qJCdI%j7J(qP+`#X
zz5j;?nLII1CI$h{_hzCnzJQ&yblhT16d8d-FgXt5Ke<r<FUhrmKofyx0xbkK5}*;J
zZYDrWu~ui>3R<n*S7;4$RV!3xyCZO$is>crG=U!wAV!2+d}L=Us5euz##!Y4PjIP!
zXfB>)*4Wc}S9UD_DSA1z2AeMbSRnqN={f$b!|%3P%rM?=?}QOXyB&bz*|jGM>@dDx
zAyw8q9OH|^#v%>};0%HAlKDl_qM_pjbC_IYrwAIaIdXxftbArV@OUopI2_siXE@9S
z&P*em{oO!#;BoGrB6kyaPg=ssz28hC(%zKM%mj>b_D=^$p(rcwe+LZ+kPGaemi50I
z^8PHD&?D~@xlszaCoSP{zthQst?;J2p9*m@<AL4Nf&IugD|f#OLze)#K=-t)|J{(g
zvs5N|r^pSffaIREgv0%=g9lsTExCI(6C+~~6MDP<e*x!XVZfMByn;uetNWM+54INE
z`Y8ml9brbs#d^dpvBxBNaj~9f&Ql0fGxpeBu?k|+%T6Jb<efs0E!rZ288Gs(WmL>k
zY#E!`m%$SLp@%UlW@=joVs>h<1i1KcQMDvS#Vp6RmgW_CqISfnn5k@QXQo1}d_`lM
z<aM!p1$kXGPq7IBB?k{@V(3ap%P9mBA+g7j7rw3Vnd4%;a!!Qvi}jR><bUY18JkLg
z5tM%%DI@mPau${ZxaPMCw$CgZqp*_cL06sqn#nF((%84VVAPAo6rx_C9aGM<W6E`w
zucCk9?Nec}dd4qUK5Cy*uzW8Jl|wJaPJnwUrY2Is*tz6*IyjzqDUrOCC{T?FGr6o*
zb-}P-6xHM9(Slf;7AK`0Sk~gGSAh{CQThg0)t^o4{Vi%$D6l1AtU>Gb60Ng%iL728
z8Q(TZD6(YEXq?+rz;_8eN#F=TZ>BC{*S5@x{M<s^GEPX5PJ|{Kg)YkW5)>@#bRuq3
z#TW&|h@X?>eT~2=0?!a&WKft~rl2+euZ18YC#Q+F%|#R0b(8k&iue3&qKrBL3J9ZF
z1khY6(Vsu`i-#aXgv|5MB-!`fa_waXtP(|%9nxxS${69kNr^;QF3-n<Z^>Io%BiP9
z48w<{Zyw?=tXac-?PU>PI1qa#un9EDZ?<1=e`iCk74*aYY%38Gg3w?D3S_8)K+)Yq
zptPFNM0^l2oC!LMj-?x_pQrx*FoAvoFA(?$fd>S9G@I%OtRt|E0O1;yY+|WT5r|Pd
z%8lpSNv_{D0NqKP+5sQkXTRs3yTh~V-k_t=6TWxY5%lc5_oQPz;1iBjp5u;t9aWyt
zy-ih~!;bH7D)k)T`B7E__%9yh$e#PV@U!?!mR0|dFXY!6Z3g6-lYPR-{_x+UoJ<qN
z;<qWoXn-)mAB<m4tFZw(DiY4ah(dh)ACa0XgK#wuehG3rsSM&8<PJx|L9NXnI}K~B
zeGUVsC!D0{k=!0}F@5MK4SIlSm5Q~`PKktx=iE&6+ib375d9We0rNz^M5~yk*a`t7
zPNS|y-I!LXnaY-KGgE<9@mtEUkL@zbAWKw?uJDjbN5rGAo8ErX+hUI;FZ<P6P%}oJ
zST`%MX7&tKgaVmuM|k(buA#UL#_W6y2Q@hw#CV_!W5Vj6qDZcd`E_#rK0u~q^hz5f
zFfXa!B434m{euz6_76!vPIF^Or3w_}dawIcAH7@^)rVR1;wZRy<NAk%GSt^g_&V^1
z$V)we@yM}%8+k7gxD1e@5v${Oj@LIaylz`^l$s;TKgM<w&N_kkRWU{Lxr>UWzJf};
zF46S`^)r>LZm-_>miKL6cJtnB!#<pW39h0$4Vqz9U^NcHl&r=<7+<A-!u@`&RM|Kk
z*m)zc^X<XOz`hCh40eU;VIw~TSa{eyEzYWQ2c2m*!|1TP?jt_6o|x2vKb)AK&1yZG
z@aQ^vexfJ*ZZYA<NckBCI}_<M%x+}QNNjj?0drrgvrVb_1}Fov;*#-V`jeSah7!t6
zlt5tuBk+luuQA)JKFww?&6HWwb^Sck6*+4Mi>!0=O;e<oAbOfLJv-js_pY4X4uwg&
zDr7O!b91(y?c3JR+PB5zD<raLLYgF$;R8{GOvD@Ez~=9QrYF{5rg+I$<VWi<pS~nV
z`LSJ(JH+(l7qA8OvknWGm+Bwk`_yj&@Qd2EcXaRxn0H|kg)V&xa_O-BO2;c4)hnzW
zTgGh6&niF@^H=a)=DIo4xZ(Ed4cAV-y@&3mX*h_vxnb2^&jMCWEO@P1xfL)MXq}ez
zzZ-HZO*%6G?wfgGIn#$1NL~;dUSu-Qw7d$O1_7lp25}feIEAALCv6NeE#YXFk{cpU
zMhNdPh|L8N!j6awgs}5$wS^FNtvDeph<2lH3tAUNDiFdh3-M}C2n%9caqEOI^vEGP
zb?bz%XAy+35C9r23__R=#cdxd3CWqJzIb|^WJS2SFnuLR$9{t6ldA6J<nIFJO~}hB
z(K(4wFFKnOq1ICt_A`oACCct<JhF`0WM;FTX3_|106{`vy-rV_n+)s$Jz2jxE3bZ2
zeIqk1ujYR@<kd7ObRT!z%nQqzKD>AnSL@_Oh8KCvGbe7bIiX;znhTYARSS;P`baN^
zU)us#8C%GlbZN`t8A~jN70)h}wG2dvwX8gAWi6{#d`5}UzNi@`Qej3_6`fHgYiS%<
zga!u=EUpx53Bwd%E$c$7EUe|ZWcq?`C_jjEiZ*MSJ!|PDzOt=TrK><y1t8-AorVCh
z(q-h)q0w|3)|`w?92>dVq8D;!47!tNk}1>4P?kfcQeUR_iu58x<g<Y3uJ)o<vnkc!
zJe2C_@a6cR_QW#gGs~fwrZQR3GZ#h9Ov>5Kd$J9CXI2yGT9VyP2Zru=Tp(Tj(wZhL
znR~O%2eS=_X4v|vdk_KZXQ_|4&Qjt!%Nf_Xu8`}z=kzrA??@gWfd>Cw$y4cnK;HWV
z{=xsA^nNKE6KNKBj{+a~CAa^RyB<*Z_l;P0EU|u|$8z{T>9d9#sYN&|l4WcH)PR@E
z@@H8we8Z%4y`j>%Wqzk<P@N`lmOwv&7YW3G9}9(i$LIwC5|yP$bBBa{+wQr`J+1fF
zmqV5Zu=U=0muJoQ{i{5FUI$7LTFXR?ntX127)NsxDW)2rt&Waep+ORkrC=MAN!Qf)
zCA!-|^NAo_sLR8c97HR}{gP>xhz^UYw4JHC2^<B`s)u6(5S`GG)_8anH$RM|_*Ig$
z;;?HdRhi<oSmUJza4&FN4V#-EI0=i}8<<o^{V1i35_pjS9nDfnKB<0&0MmkC(ofbp
z`C?H`-j6zrkHinELudv3NvV$m+;KS^j&DnQ{#KHHR+^St|4J%<;PyD27(Wi@_sb+l
zw*z{|wPzh!sdA>~S%OtZU$1!J?RGd0JMK#C=fP3u7RQ0R62OBqjzNc`?XE=dUaxDd
aWB-HwF&Dih_~2;C35UafPa?=V<^KbSsvW`r

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_incremental_updater.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_incremental_updater.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..111f51387df7706d2e71f7696fef6e9b6e995583
GIT binary patch
literal 33370
zcmeHw3ve7qdfw~{J6Hg_z%Je-fFTGzmJ}BNUmz)x5=BycNtA@q9+?Aus}*(ut_1Aj
zW)`G~vvl<Na)#oI&9hGtMPD5Fs;*4<k>g#Qgt=23#;!`PVy9}CAcfULsW9bpC3GrP
zV8}!zRw~K&_ssOn0*e;~p6@E0+Wn`yr@N=8r)T>AzyI%l?pIa$1Z@A|-v!=q9u<VY
zqKLUw8G-v>bO^$Gf-ES4?2w%&9Ey|eUB}(3QxcAQlrl*_;#Isj;yNK7FIUQqG@s%_
zn)^h>@k*tVrFl+N9rr8#;{hdbyjrP7TAA#X#WR84cJtKMUUqKx$mM5(vJd|X{437{
z<f=0v*}26l2(tf7_4Z0R&@8;+e#4>E%GGD;&QyC)97p`y-Es{bQR?O3nQ~S`2sQZ6
zly4X1T6Uy?9jQa9kWs39dzoC%jx{z4?SkCUEXa*JoO+9tCYIKOv}T^x%+gjNZ8c9@
z#nM`k*2>dXv$Qs(Nj$A(&>3Dc_Ea>T%1YU!npLHNj3Q;vCZ%KPekD1aOlRXm(UC+v
zn^dI!p}49>?ov}uh8>#w<#_fi_QAPX!!E7r;MsV3Fe#4?566`Ynop0udSN7~`FoRU
zW>o1<>S+%>N>bg@t<}9b`g&4HC(({rA~`aYxj?7aJn6wy`Yo*jnOLD%Dxp>JNR}$J
zqUrc>Qmg1^r;f2>K|PX)#j{x@_4+7k*UFS+c2r6CQ<s~Yh=2?K`>R3T6Z$ab^erkx
z9Z_f06?Myw-JT91>>TSjs3g%NQd}y&620@#jj8ltWYVKlpa!Lq2#saMPb2^mb|@G;
zf)WH#sSy%w+OC6p&h#FB`K2>*I<5>H%p{U$*gZKjird42v6OXJVx#(PiHuy(Dr3X(
zH<K~_Qk7cNNM}_gkc+~DYN4{ZP}^3hUrRp(R&BXgQC3+tBb0f{?jw(&dG(@dKfi3G
zQX5&9d;<Y{m&lH0Au5D~9Z08bhfyl+u)0ll&XdP!%j23SkE@T)%QmC)1=+pZjn4Os
zMR?~Qw2v@pK*<c_jtr&Ltdtp$j0=hsT@lr~4gdQIkhOw@tD@^Tx?T`6HNEV7#iY-8
z@C2dPU3`RMdrk{N0y$p9i$fO93GaC%;l+)DP=T5U9X+lA$E5Qv_07q!OTYVNh-jVz
zhYlS+H0jiwkuJ^AuhKarNeR)h^1Xw}bn>kcWxporH&xZ2pvc~#On-bx-5=pO+E74U
z19BI4ITtv3rRP%o_lJLP_)o^BdyeGsTYuzz$G03;dOo{Pqx)-Xx*We>-sSk)?GdF3
zO)2UQZ|~t3U;4t~Lkc~4_Rdh~0u>2_{??V&yl~~zWyklcCaXSdp5A>TkKe`<@2~mR
znk%P1Q>Z_F-mXx5@ufq@o<FwWB~rVsOAMa8GI+V>`z@0#A8wl7^I{&q@Qd$vf2;e-
zpni#Aw^k8PB$A0(e`XYKNxTAwGv|2JKb%RV22y5RsYmT$r{=<7Qs{*f#-xOu=3#Yc
zUZb=on&ng)?(|mDhh<gKSX8#)U<>~036P7zPb&lYz|jwSrUFN&Dvw?~{E5FNU-QBT
zr>1INnDW1H@yI8EU_N;AgTblb$*I7}i$_1HXe`t=73y0G4Q++$hI{26dKq~<WlA0D
z(|noH?8s;~mPjdhF=f(OOauM=g@7D%1r)!(9ppXXw8M}2f17g)-nVI2)Ya=i@~kcD
zl%29`w^I_LF1$wEW8qUuioL=k*#T)FHI$UH88-3hCzo*YWPdiJT!@UhkmaFgG&`_m
z*Q7%elj(kRZh8<?pYJ?X63Zsv%A!XjIH&%)??g!RW(Q(a@vN@&$BaVyQDrCcZo*#;
zgIpBu_!}?Bt{%*->dO1OE*>ekE2iD`d3XJ#^H&>k6zVQi1TUV{d#c==2i1Q5qCzeF
z#eEhLa8BTwWS8vj!b~Q6B4uf36g<yDy|wUbuU$ZIf@9k4l)=^TKCKw*G5ZwUf)WQO
zF^ry5vouvM*u!^eu#I`TBR!EWrJ2GtH1Ta2N~M$W!Q__F(NrQ_rg_gL6*ZMfYdC7u
zA2XB6)TEM%4{2VbjONwvqpI|vzK2!`vqg8Q!*C1BQt1T7m(q=>vX#<Y3JojG{f3HD
zc@m?;BdU3GsV>dKu1NE-U8y@<W87gYgYrBI(izl~AQy$1GNHDv(9%%|h6<teg-~6g
zuJvA(x2o*o;hAb7xH{L`ov-P>c)Z~DPrIA)?xyc_{G&}*HcdpYb?2LR-0<co@o1r<
zF6XXeBcUJF@{M|vw)=Fl_k=To;sEmurde^xPQ@*|&Uj?E>;ZdP#u&{qTZ)&Zcx@>n
zOA%$T)PtU|Ppf$qx8?x7dQ9f$?z1@0*g8tr`A57|@O((=<ax;)pwjD@zTQ+LnwT9P
ziH(4BRH{+xWa)AH2}W=+!$Bi>;ZaEpLfY9!W1nqNXQzWRCN4Y!9^&&O&MrsV-B-?Y
zx%!ApV_THxkGgjl@0+wI>ghEl5i=w9ChLRui9;6Ivs4x>>m?R%)|NTn&U0tR!5y$I
zaRn>`o}NDH1-A7PH#lpvN<NJviB*EoN6a1Ddg%o|Yr~USW?r*-ra1E1N;S?Zf~dXJ
zOAfTjI!Ec;Uh^D_<`m7Gaz(_o1>8@%ybo8QZ?@7j_0QVSs&ccmxlcOe%6*QJx6sqX
z8_e3|D%ro=k@m@f%#Wi!>aomUn!S+tUQsVdvx*`LS*to)x!obxoc_^v=MLi`vbC{v
zUsRZFlY=XMFMVd+=2a}|Uh-17mq9rcak74|l56F<XjPYk#r(^-3x2Z|=H9pqAIkMl
z`kBVjWAEpNC;j|0>F35L{rt1&=fTQw)7YT{X^F|f7K;GD39O<j#Tn<o7zQboW=uI}
zBM8%xOqM+|wkAF@qIRC^?z8|S72$#S=uozk0Y?f=^$MYklkQT0jOI16-=!HJGEzBV
zNa{$uKdFfdV5n4oTz%MB5}P8q-~ceOq>`1^Z5+9<J*@h^Vg#gpENQEmgn*IM6;>n3
zw*XV9zPC4qeQztoOH8^n*T{t~B3p@UKWTBKV;lM9x0h^3yVTCEwH@M#GnJlnj0LF`
z-8d!skAmC6szO2uKnGObO=R0czpd#z!YU>1P+meV<z<ku&1)r@A#Qu5MSFR&hM`Uh
z;TsA~@JvKhXcC3cnN=WYj*JXl(8}}+*D9YKxe$AOG&KaM40xOlZD>BE65}6>D_Ubr
zJ)0RFO2lvvl-S@<=JohcjKO>5F*QDrq-4#1fOS4(g2RfEQM6EugpPPN1_Wg&o{ncp
zT7ZxgPcRuxtBC<Z8DdrTXNE`ON^&xwxz*&*fO4FgTBf5$n%4kbG@lJM^csL0yI)!b
zU4h<#-S)^fJ)*Z`2kUhE;Vye*t3B^_dt|3dI3da3woMnsyY(JovcEYlV#cErV-F2b
zLZAW)$*)X2(GC)8Uc|CTmR-p~v`0M&p$UMZC<I#zjZYVvy9>>0K51;9Zrqq}+z2r~
z=o>G4P$`6@iTVj~Di|L3-l^;?w5%_zZn@`iZS~K%JoUbD-vhr8S~qd(kNU4|{KMhv
zUz`da9rqT*z;9N)TlLMronUjWr6(WkL0X{xH{W^pot)S<{?1gO4g1@HwrR2Gm&d{L
zJk1unO{Me$Q({|gPQjaETOrsq9bB6auDyCH7hIbQ?x0id&WVSvpUMXgO^e3wrg$h9
z*sVuz*}^;n60e`)v3yaCCr^oo3W4UFxbE^`KCo_DG=4Y5b>m;rW4EjzKa8}?gFKcm
zit*$raa|$MloLBHqum|TqVc;ac8rhdv0GM<A4b|`wA#p=FN*QxDY2sv*qalN-0<cD
zN2W#NcT+r)3+&aSw`^ga0f{%fJeDtt@nmGurPq?+#h>DZOyC8CIu7VS*m6dlrf?<+
z7ETO+!zsJ_OxaiHrB~6cP4+-UblHVJn}`Uxm;}Tw2LwcqO(=Btaq-V4AbQL;q)F_f
zhjrFgLO}FJy}dQFvLVVq6h~T=D>5HMMJBfVfywYQv4snUy<9M}YJu2N8TCPIsXBex
zCbn2*N{fkHw37XOT(IdS>}A$gLIkzyE-kikq0hVuCbn3mO1FrY0z2)O1BTdAAy>;a
z(F#LssqEuoU!PT<G^@#oLU^n+#T9c8u_XxM@roRJ($CamkGr1-gW=k-=jXC{-~^KC
zgi3g8JS{PXfY2h7sgus9vY7dy!~wQPP$?<X#-bK8VwTvFO8CqPP@0!9GIO^}U-1FW
zHW)gvV%@&CeT+GLSO%a9m5o)<9?aaiRDV)=0X@X{Amv#Ky+VXzgkzhRabo2ZmHj(J
zhy_!=NaUA@d<o>_SY+|K(6E@%u=a2bgN*0px0KhY>Nt@%h$M-;No0^nKam8H0U~FK
zq(H(|$}oi)A5?Aj8u$nXzbk1vmLW1i<jX|p6{la)D22`uIZxy*5S8AVHs;0DBs^7$
z^Du@)ESmx62F@6_T<2W&FO74Vul#G&kRzBq0J-{HRlymTP~HRvrM%(NTe&s6a(j;7
z5>NcJrlrs*F=l4N!puyezICGc>MIk0TwT|=@2A0zrSLFwd5k-cZ9<(Aj}!vW<iz7Q
zdh&te)1vXaDIU)Sp3$SXY+;@Oi8p$9EMFAk$;h<8Z2es}TU#@=u5|ePkS&{!-S#=#
zHa9;iVC#KEz!oU@ii3QgAFwT76r_9<z}B}yfNjMBfNiB*#Q<CXBLXi02G~|VB4Asy
z;`fq6uSJ{>=h}KXr-k>Dv4K<Jr7$Dc$UzR+hUD5618nIod^lJUt{Z!L?u={#FJ$+_
zr{UCq1f!rtCaI=3Wc6t}^3bE6>xZe1KLKS<QZeVGhh@VTw%{GiCQZ$g8ivwttdc<z
zdxi+o$v&(pE`hTsz32gb4v`VE;~nkRj96R@K*uno?vau9g(p=dMs*K?%r8eTC<2qZ
zGL{;Mr89&j5LTl-yR@mul*H%O@D4R+8=H&_3A(M&ys6OKzSyMGGU2`2nrqvYtJ}T!
ztkabbcKt0$&f9Y0{%hy+f&J5>@w+MR&jq&W(Ob4K&w#{hklu~#`Jxz4MkY4#ObSpx
ziZO-)#bTN-7K63IC~i~?22imtkH&`xA3`h;1NWe)S<(fkGf42pVi-uVn1V@4P%aRm
zyP<poM5~L%NK>2Yx0#3`>o{eoBSMBb%2AU%i-1a8(l>;U-JLV;Ri2}cLgVTg7X|K=
zS3U4hU}n#1&j~%90xX>ZGkZgxXIOUZk@~3zd;K(Y2I9{6X3Dbn_af;L^|+!ULTg*D
zg=qBl>NX<1h9%wIZ=>F^wRA+++cGN<;>G#%XJ~C1SGbVE_8Oc0e|ECEjRz<xpPL4b
zOntkUbgr91kQ`sb`<@4wp@SpsmED=~sP}0+zL^iqxBHT$^YUmpq;uctUt5NB&Shb_
zV#TF%&I_1Vu_Wo7m%<!XAy*o6l#f)dQJ*25S1dz1=W0`%bRNJQ^{!ma`WgMd%zmz6
z{TzJK&wS_-3Nmj$4+g@av7Q5xVSHyj^13M)GzWMo=sFl?S!w4DB4Zy|;yB(FTe_DZ
zi0c}P*;4p6Na4QX%C;_{G9{Tvsq>5Uiil2NN*`U0e}$smM7DxVIw10Ave1n{Q&Mkg
zO7s*{TS7L%DwIfbr1d4}V)VvY9LijYeJwR*3lVz9E3Xk*w!}VJX-Vw57;XvaU#1$F
zeEtt8R7yT43t_u_u4@;z5Vr;eiEd12&I3k*YUmeeK<M)MffCb-&R8wAiuchBb-N*=
zi@Jzj{h;0y(XVf~B|gU_bTCU?-LNU&xT&PN!6uVW1^3RQRj6s4u4&KLv|l}vt7*^G
zY#%R!qJhx!f!XLeSQCQB2|YK092h6`e1OLYJ-1>!nW5)UC>*^0g?!-Pv}pWpiU*lO
zfugr;VV(hr*T2AH`Jxz4My9#)xDVY)OwRpxU?gdo{^`a~vKVo83Y|clBkoSjNf8f|
z(ksXsOs>R#&hbvC9eqC?H0M=GkgI^C)0x=DaCw)Bi367>6HT@OQzz3cj>h-Wqd9AX
z*^V1VS(YIdT4&A+z~U|Z-P6bCatn($+r*IgnpssNN{<0;%v3ADB!90BJ?7Gxo{K2n
zo8I0AD{h7ei{5RuOpJ<hkS-KPO=Q)~Hp^%UhDe^wkD?WOjusgrO~Vk0<Ltd95p+4k
z<l5TPe`xUxa$R4md5&Jm3|aeGI6ZK3+gaMJd}gR!us92|uQ^A6_Ss5zm}RVesnXyK
z>J}?y_0FO>xm3JpPCm!U^%1vW?9?DP+GOVqX3K4LnHOsw!XEd%l(AFOK1aG7e;@dh
zzcBB)+)Q^~Ud8Tz0J@v+M}2gs)78;xv+4u@Q`;HmyVup=4_BXlXx(dDnUZ}U4VZUq
z(VV;&<rafytC3sfwrGvPvjzK>-Zw$>tmYmX73v%CZRzT?4?QCpy|Ly=Zwxkt+sAe<
z!e5c$@dbV53h`IWV3?UoM>Ov+>=y=;3Cn)v;m#2yb1s!gDt!P*1_4UIIGtNUM^c&2
zvvKuo3Y!0sPRmTB{g;?UwayWdK`=~QoT&s;ZA`i~zuJE`IUG0bs2RGi)vC#~3dPI0
zq)jB&Dq&*-#SP5gQ%QBwqq!k{Cp9-)W#wj;8KT)htsG_@*?77ii><J_3%uGGTjaI%
z;S0sQ-sfW+b>{9FT$IJ!F?(-tc+P$Mz}<Bj);P1xa$tkAkq*Hs2NpQeKHXTShm2r`
zl4)29y-JlviF^TsOk;YA>}7WA_A<LqDx|wsz6WAAyD=(+LC~aA=`*V-s$r*I!%l^y
zd!}TXtYdcKv(-EEGK<flpynCM#1pEn>iJ`;DM^Isd-^GqAi`8VO#O3~qNMMc3|ZWx
z7SK)AO?FS!d|10MSM|fV%EMH{AtDM96~u1SveO>fVYg}7rCa^zmNDI3Hl{So>(CGO
zs06v#nNuUI^Qaq3^QgLcj>^ECq|To1T{?R@xAb+iL0ymA3*}Lz(9~XN>?}046;{6r
z>;2776}D`@u_nL%P@!vUVIwi4b@ekYZ)@;gMOBr5rgfS5+geun#sd%b3gyk0H{KGr
z&xnS$Dr9M^u5Y>}9$pDnxUMB9ZOhkf8~1%uUHiW8w|tlPOt0$9uj;(skXzN6TXkTn
z`nhq>olxWDRr%1moVfX$YA&>HDzF~Gt7{m^2R2WO#_y)MITu*Zqk7;rmEvi6D~1E8
zOg}PZD~a&cHM{^1AbTNDd#NuUSTnH(?D+&3>8EmH&owV2`2f^b#&1gO$pxO$qql5f
zq+f$6ij|RPxr3Tdzx&mkxOM`U1(FY}ofeJXl(=^Mt9tB~6-4R;nrUUz!?(q?I*2!p
zK@%=l-o;M&dqjSn$Tx}neImp$E0>AfAo3eTsEiG1yhKqV-^O3v20}>VmKk@O=a7yl
zQh*_f6qtF=vES3dAVusMq=>y<AJsx{0lvA7(BoMeQcI89i^j^cUK3^f4Cl0?jO<BU
z4$8=7nhvlRD{T>^FaD-wA#(X{&-~UwcIm_>k#K2%OChvigi9&B<BO#bAJ;#YkXHy_
zgI3HdS3M#U=4VJ);1Q9qYD+FyA$uT>9h!XcvJpqfT^w=5l7<yS9BUckSoes?ZawSg
zh9~`Ojq-UAN4=jLpNwbfDagr>bvzH&!o2>#0m)o+Y(cvQkHakLxnZ+(E<Q90t9!%J
z-qim_9`>&st1d}QCk(4A-B5i`cVz4KcGCdMhSt7}{!vIuxr<jlvsTXxB{Uc8pO~|R
z*=AUkHhZoe7T~Hd&~uiZ)kAycZOU)cncf2#t1Z<w7_{%C9JNFUyi(Q?`Mj8|!r;!*
z(5r44WiG%5<ZAf4Fga6h+fAxvjUlhI=UN?lU1Amg8yBShu7SL|P2|<TF!H)N-?;fs
zb@Rl5tMUBmt{In8^53fvnca8LZukAjKx|7++%Qp}4{Vqgjo(di0~vBt?3NYehmkf>
z&tv(b7*C!OHxvS>dNc8lMXW1TO$oQe&1R4@pGcbk3~S^E6Kjj{WH7FG0^pK6ucFnR
z)1vXaDR$<_%$uUOY+;@OiC58XBYVCm#*>k00gU%UaFb8?p~bLVXedbo`-C6D^KNeQ
z%+qCzAF6#aPg6fV#(A3c^I#dQvG$jmr^y0Z(pSM*(=-;<lTy}nQ^96~h%$+W>JXtw
zArh68uY;T%^Xc|im}z$?KcQqYn4dF&TJ!M^yG>Pz2~_zDD*u;67MR4s44aud15xW^
zWX8-dNMp9WOP#^ymT$$(r5-S*F9R*9wxJ~@6^Hut)i6<ebtvET^e^1>^%!PGOrK9?
z7*pc*Jfb96#by})BT9mSpF@c|AXjsV8#bvcCUJY&3=?|98K#!?bKR4E##`9f=9$S^
zKM#7t^$X50hLMKEU&@db$?^k>bD)kQ^T~+vZ*ZbgGmLG5!D8k4W*AG(DkYTZbIK_?
z16v=n*zBSs|8r*-qt&*_WnU>Maz62BPVs&Axn+5xQNzUQYl+7*w>(B0mB%A>nR5$6
zxWm3hQ1O3H!yrdwibyGF{LkqC5yF&J(nJ~1xa8?#2sri(7{`9*kfX)3k)>kKQn8=e
z-)bac&%ko*b+DZ3?Z=;Q94sdd-RHEwZK3h_QhMmZfq?<6%T6YqC(mFe_mlb(2He;l
z%0rJ{9E;zOm1%-iwjR!KXPDqv4!k5NNy&T?BJ&yOa_GF#Yl@1p6CgKEr*AOaaTP77
zwI6Xuxk*pj9d-A*%u?3gG_EP-9ucNHIIF(FxCqN@`-n+pTQ9Y2)<&kbv>29w@f85$
z%WOb<naw1~Ycm7#_HhWkgh>!gbb3jbIBPRoEeW>LZquwGbGg()+sq_<3ZZv0Ki+86
zcEpi54FivQv+~l*JFq;rf-TRzVi|Z~(d{B8KxPYRIdFoEd91T=Ga&Q4WVm82WihY9
zY-OB`d92csRmu#NDh=TWi*T3K%2h?@DcMT+)iTBxZyj2;SnI4(XjNd*+}6_O>J@K4
zH_TpE`*|r6DHm<OWwKKf@i23yO7i0rtu#z_s`}QNcg|K<hnZ&W!5UPV{cY}HvI8)l
z%$Y`hglE5wDWd$gr+^zkE$|fJ6w7`J>e*A!aQYYTDQH~rQN;UrS)+)T!YFFA-FeBn
z<7NnV{>f8dbjD&&0aKUkX45hA-)!RU5*aq>voEbiH~a~+X_rjJvzbv?P9<~%X6%He
zD`6|-Y$oh;R<P0XHD(6S^$tie*2!5qk*}for4%E|zoi2|A;JJ1(qn`jW2X%-Kf0k4
z-2GV2hM1ufd;yW6lg-E-#!h->1dPmZ0u(V>3T8k94@JsrIDuASTm`8f*y8W7M>mmT
zwoPZKHD4m~eInP0`~c*n4mS~hk0!plv?dxJi<a0tO?-2g%Gw$ZF^vt}`Cu`ZCc=t+
zIGY+yE<uB%S>AH#`qZVGP=y0F6RHYohhZ|s*GHNrR0Z^a7Bc#fH7oXd61GlocTRl;
zGf`tn{W%K#m~z|v3vE~aB_;nUk&i*<U(>jbp>LyUB}vOJ6Z$=bH>D(7$Y|bL-5=1r
z%&0CUEmlb!6S>-^TSuA3O0_e71Bh#|0dY{RJpW03$HeJe=QB52r|MrGuYd(r+otK(
zNWL{P)!H@Px;x(rEBRFq%9vvzyQMz?b_HqEwFB4V`KO-EwH<)xa;9y93n9zP(7f6v
z)L0$5^fYrGv~PODzWj!LIdNYOfxy0L(fCavh1>&KDG1*d_mKgUk(Mut>B%37`z}3g
z&tb+;bZ&jO#C;Q3Ltxcs#whoOqEqX+(5gG3Rk_w(`OvO$5iXQ3?fUh%bK=fvX=h&A
zi9im4z|Lu;u-}xpbNp={(*w7~opcdKj(kx}PyR^Ud1;qDhZ#fBIn~_~cTT{P%Bs$c
zAv0RTkMIBr%mo)oCLl@T{@;KuOMQi93X3@SDO<$B4<wAo;NYjMw;I<oYl8t#Io#WO
zEjRgTv5(6lQO*<EmbrZw2IW31`6Hz>+e-U*og*7G^88$?FjJUpKobSqOfHb~9V8oA
zrB|EztUY9dIi<mW*q0@iEM;BaV)ffNl}f|qfX}v&&}yAzwaN@(Zs**xd2Qfus~E`W
zUtaHTw(+zHx)U(!|Ns6@*c~n{b|*?XT*945i?|!VGguX_9((Rppo-=!q)$!~OvXpx
zKk<T&c+i9yhwZoleK08GJbe9`_=jEL^~)Fq3b9EKz07gXxqjUqoYY?ry~I;>N4iRX
z3g9VZv3>plSVS5wvZD@?wvEp?z(&LRj6>L|{9PP6$$%_abd&FU%`q_NV+Gpj1!109
z_#<OBVp$~)$Jj9fe2foxBuaei;rD2|B`KbL>mj)Rho`SOa-sEC*L)P({KM0q-6yQ-
zYr$H_*i$yAjxax8*zjF*#nTrQnJ#U`I_edwO}A<NF9^=*Bjqkqzgu)U^~e59yxyH_
z=)U&KM-4mwO#Dpw8{`@5GA@Of)+O2T&s}H<Oro^W&L?!>zY*ytk|2^KQo>Z;?iy+K
zLdy{<^JOA5rYw_qB}>r{iM$0epEslpjA1K&Bub44?eK~Wtaqu~UjQK&^b6@s;SLF&
zDb_CLnWA-~;c7T1ZO_&1SkN;C`MX~=9SY||;c@Zf;Qk++o(k@Vw+I-P2lr0}D0tiE
zHbVFO0B;b)yjZ>=%-C&sk_Z~fQ{+{`2=lyfJMnS-v41U2)gQ}=$G*KSSAT3OM8R7D
zqPGLbrp2OPo^tUtTkN)Y42AV0QwWEOiXj~tbo6)}cX?66@Bd8W;lC3pg>HXD2Z#_F
ztac(m==Px*_j*sy^~8*T-Hq%6+ReP|X!0C)+;GnbwEs!%r);mcgleEc%{O{C(6$nO
zBsS1El<AWWBr!+XCx{ZyXO!Mz*Ai;#d$@)%Hfjw-n=LWXzXOp{jn_UfZr!>qA)P;)
zOwU5Mb+rsc?Bi&B3GWl-NM?-WAzb0&Yh62wJV_R<Wvy7oTGq-%*0NUp%+|8{Ki67T
zXn1F>Wv%g`Lsxt)YmlvF4Hd0rt^Ea9%UWxL{W{Pwvo<@#wrEbyq%NA%TFY9;*Rs~j
z4J)>mwNVFu`C8T{cFzNH^CPd=3`S}F>Z-@SeswipzuF?VuGsoj>JMZ6>R@BIZLFKU
z$Y^y+oWG4Ee0D2?n64QozZm+vjIG{`D8GY|!T3-OZm`HX)!0^Z9pvH*HFZn~i!_0x
z2+FSz`D+j`od1x*UnlarL?Dp}%YqpVM_F@`MsURpX8cvE_5~s(R!}N`KnMPa$R88=
z$3$$v-d>77OXP<{{t1ykA@Wa&{4*lgK^9)fr#qWqof%`D$sJDs8{=UUkkz6~oO^UO
zd#Tl4rOEa?Abgo0l*UqF^~>fmzv~zB>yMRQ=I08qWqT4|wr4U`*0R0sYkT0o%3QX`
z-F-cR2aBaG+bjG$E!$h!#dSsB3gVN00@nGnC;u)7b8{gwHy7m*&-_!r<-&rH7rAl~
ze2FIa`5j36NN2k8_>xTv4*elb`X<(q_QGjZ3G6BJYj7luA#KB!W`Oi?B&U>qyIp{z
zWipfwo_@=wsSepRO&kHhlWlCX+)hB=vYn+Q8Wmk^IoN8mZflRpmX`wh1jmRg-m21W
zIISKl-6~!Rt*W(MdFk97^ONgLq)VpBeWe^|VKN)J46QC3Bk9V%cC!b2OEWN)y&KFN
z)?RLsn{A9?RkX@*a#7wFHgj2+9o&|CGXFK|XHHK3uZb%rri;b_$1~0Hgi6Y*qXCSz
zmeaps8*Q!2y02sxVcnsUqpi<u5`SjQ1ZEdul`eV5=9b2NZnd4WWGSn67R|{=#G*O5
z_E&B*7{h8=lGjA54Xc0}8)j-<m1Om}8N#zvW4=GkJup*~F(kC^|KOgtGsZ9|d(vVw
z7!{dolTb8d_FiJ7sPE^y!y(+^wN&1^$BSMmcQdkRPTqTR2RBw-;pZt0m+|RPS_E^r
zZfu`yeajFsEa6fnbfe3!u$lx`NtRjZ4EL;Neu-9R6lvbl&Gf%RAsVzgt0z*3vwF%e
zQ<Tt6<)=g#pT@XBVh?qW%~1XBA#4l|E$qtO638E1UCdGLnjbM_-{WH_7GZ%FBWH8U
z%KU09%oXaMEPhBe5I-0;+*#1rDD`0&<uy7GC-MoAB#}3X5PG3QawX6><vBX~&xyQ2
zgxJ$?t)+=o{spC4dQ}Wm1EKq06jF&OM6yKw6_LY44iWh=kq?PjD%Vkpo&!<oN~98-
z-F2GIb`rE(q;riCzJU~-tA#-ENZjn=)qX_W>{h3Zn=Nu$v0?MoQxln`F|&p?c7>rp
z)LP$kxiQz#lW*#os@pa0E3DZ#y{0F>rUxD!atPR5I@}a{=nE!At{ZL_rR9rade)D`
zo{0ut3OUReisA(P2oE3&nEm?JrMSiTdF8Lizgoh5h3Tqdr5#w@r$^#bBBgLlu$qEG
zgfKw03jxA0Uz%}0W%#MUp4sDKKXb;h*+|8n8RTNG1DRAsxRv?M&_wfNQS9ZQHO2HV
zMMZQK0Y3ADuPCtZ>T2aYi9T!0()3pgy*D&3z3PTiuQNv+TA5ypwmB8=$CF7PlTAi!
z-&nVY&F`)2AGHeFOJEX64yo+J%KD3rRNVS!uwJ8+x)Z7XEHgyW-1L2NeHrmi%Je*u
zqeLzd`Ew#45uuBp<rzd1_u@=&c)VY6p=a@fDG2C{%i(Z*ENq3k<?F()R{Tey@vnrc
zzZQ=FC*f#bI65N=@LJQ<RcMk5ts8Zti^BR%_bU93vO-Pmj0^iaq52sQ_Jq?n%y=n;
zZ#=D@DW{N6Xll8f{h(roO289NS?&L<qENffQFeLzgddJ$W(0(<z4(B3GtF*C=yG;O
z!0y^Xw!5*G?S9hnfD&i?m5%y}ju`>FYum58f3SxIZ{R3WK5c!);dthrK=jkI&et7|
mj(Y;pPmjB>+sGmt5jo^=9CzFk*zVJl&NImJKLny|@ccj60+!|g

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_kubernetes_plugin.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_kubernetes_plugin.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..831fced69e4896b562f5a03a7108249399f6e3dc
GIT binary patch
literal 60857
zcmeHw3wRvIecvALwRbq+@ZcMK97&MkQN#ftL5fdFG#}za1ZgZ!rVQGbBXERZ9S`sx
zK#53I)2VAyi5kgq+$gb=Flo|=ZIUWqoiA$AHtzSishhOT9RU*XhH(|gb*eONNy>^+
zeQmz}{xdr>dv|*{fDc8V#KqyiGqdyBnc12DYyR_gLqk}@^&7tz{mi$HXxg8XM_fVM
z@%B?5P5Y{5Xr^X(jJl&9vyR=pM|}CZn0CZ(24eKYdo*}NH}xYSGsOILN5f_q;l88w
zM<QnANQ2pMq|t0V5;dbon#`sn&1N%;=RewVq}6O??!eInM;4k3W7-mJjb;RwX@<VF
zj@QFn#KJ-d3(K&@EUX@35gE3Gg*70oQHCvLVNrxN$*^TCtQlb~GOTT-wo)_NjMmf3
zPp>$=^7P7{IzNi1f1|DgEn+M<y-J1KVGB>|Jpp6UGVL?I&v?w3vG8<jPo1%t{N`$7
zxv}JQtFiR-N@Jl>hj`2Ecx#60;wvV4lDXlr*jOe%mXDnsF=J!TWMW6h&t%M827xEC
z<3q!_*r+*jet0lr#zvVx@fI~nZ@kV59ZL@l4;&jAc-HcdrpE@Ji3hCczR~f$=D;(<
zW0`@maWiAJ>>th#jGWJynZdqHeq`Jn$XHD$vgt9DcWz&LEHgA>Ua%r3>_Sdn7|mD_
zV<4SF$dH-I=dCdLkaj#f7WY_9<@G~Y>)vtHJU2ExkRBTz$sI7w5p#fQDK4Mwc>5RN
z_^NhVGd&nl7)hqrs55=1{pfG+R*W>dn9nDChJTs1l|PVoGcaq4fJ=%XjVDttO=svT
zrWrCqW_TzZueV|+(IMrp>3GG=Tdk<j#72t7`>i~3BCQ%Evmu_C*fg9TNSPUQLq3zp
zqdjvOGx4nK>6G2I10%V!!$Wh9ogGG_4|wg?p&Na+<bV4&F>1f6_1jIV$)?MB>GSRK
z<a|kQpED(;#+8%}AJdX`eWK&|Lk9cA)Zhp+>I|>p+fj!!o<802z;^c4SB8mBMH+8k
zr1E*rZ+J&C$-tAIk>@tpj|YEO)A}1l+`cB^Qg;j_e=^wPF#@Na>Z#jm*WU>Cw}?1>
z3xrGE*U0wSg}}kKl2R6_c*3;?bru6u)Gdv8j=C)oan;?K>bM7WQg7lO+b_zf88aYa
z8hXOp5zw@pZiI|*Qt$FGU#K7N#4kr)%SD*FqmChwm$+vzz3=hl{Chm3=h0UyRczt9
z%f70A&{y}VuVSKy)cr2|D)OMO?nhq@dE*Ten~m{-0W7&^$FtcBG3OeRk3Ba$_Dn1t
zqcwxC5-}|K&m^p<3Q1AOdy6}t89A5f9M5OWPPW8!^7y@1>a2S1Or0IhW~?AQW0~j2
zu6W)H4CiCH5iIW$J?l1%Uf3MZhkw*|#P-C<)fLYtQUfDqCUw3${6dV!XHT}q^HzYb
zUst@A7f}gpCb0Fr#&jO_7-JD1K|};TQmd5o=xE-p6r|fZTkU`|JvU-LJDeMGP2FtL
zB4kCJ&1yAeN792SYC^mmt-aP_UgOk2I-AW5rbcoDnH06X71}#GypOH8R!e0ZOBbzU
zg&!ZiKqy@*ZCcGNAFTYN=D^6g(KHaU2p*@-j1OnWhI44S><CKATT4>;XGX@egDh%l
zC_8c{olWJ^=Q36(l~11q`Zj7>jeA*Z3KYv~O%W289!q7OAI+w74EaJu>;|+NQzcCj
z4_m%`CVSSZKL?aCHNfA+_OO>XX&J&G0j@~c9M!9yYRg}@+v(|XdbV&6ugo^5XM3JV
zjF`NvZTohf?mKYe_-P}THqY)G8O)rfw#uI#2PVv%tT#9UEYPCS3)Xtxq7Jl*^$Lq@
z4{93y))R!39hHa`N1>g#TVie*(W0Nf0`%#k_CsB3Su@$Z_EKPG@rJ_2eT7B)FV(-P
zH%{wqMZN9Sqf`2ZH}%$Oy}hWnPwTsj`tF$}-7^c8-1KXqJ-0M(D11}bLJOw#6-9l;
zwBA+JyQcKbGtq@Ff9}Q474(gl2RVptoYw8%Rej^7&q*J5TtnD-8CFz2dSFMMq}*g2
z=|J%NU)*%Gy%=pT=v}Yv=OEgJm*>B$dRHNe#!?}0U(>tj1?@1jlJMbyj6F&D$w<;M
zrFXrJ9@9#YVItfZGW<Lo)sbPto2a|T=rB-hjt&p`<AI6w&haN_^89FKVEF9tK+K+o
z6DFakRv6^o;P?R1QSmyn8A0Yk0z`83#(iuOGgnbajKFGuxZms~cNc+f0`wi5n*s9F
z2JGuIx5H(vtTOuTI#`e0>E~l-K*(_Z5P<Wud2`kFnZ;{w`Mrz7m+EhZwNSLirxRnJ
z&Taa1OhU*9BpCybj(^sxj{>^(s;A%P8fcmu0kcNy2ZGEmf#TL_xjK+8ArY?bU7Co)
zcoZJPBlrdI*X6vQsOw`~6qSNpIbVN+2vH=}h>`Tu`;43wM8gxF!8IjhgF8v%O$I>H
z_)cwAB#i@&m!yp-Q3L-(5h#YgUy?k1uEdNW#i(wB7+a3KX(W|hXg^7=iMA2%lU`Pm
z+O=ktsX+|+jljHW338@ZEt7Q>wJRmjTx+LNp;iG$8Sb$qxm+`*B<74@!q14ZpaCK+
z8MH|>eI6v5F5XPsL85s;q7j)E0GW1R$g^78q={Y`#P@TyE~c&0V)%Q))BCAC-c{OJ
zPdq%at1msA&*Wo{DN3LhvFE_kaUh%wy(G-<+;Bb*EGyAF(N>0h(o-|@+3{gu5LY}_
z-Ei)TXW}R!ZQb#F47@CIZWq`k95!~jC7$0vkG6?NaM+J}fOwuyXU8+)7vkX;EN_0y
zwDipL1F7NM*^w)L!YI25Y$4D?U>kw$??pM*!iww$`fB+Qvnw9uXkdWjXjZ^v?{CtG
zX49(WXQi3@DPSFe^#nE&c!&Tssu?HnFo8_~@erSY*|d8A0Z!zo%jwzb^gQD9Y~~)0
zL+#*LBKLH6=V@M&I251B<CQbH-7gh5(UCit)T`vR0~N{t8NfyD`^~EvQuO_X)|Wr^
z<DZ&pOH4I%zP^1X(lQ-cRgA2<TsIY2`>t1O?7A7ynmP*lzSj@^PVaB^!to97>%Eg*
z``{{c?JGw2P3!h=5+Tt|+&krP%LoYkhFAKEB|aW}oyu{>5WZ`8(90iCF<q)u85?Qe
z4Wh!=8#>?16SeTGEe9LCf6x#<xI8!@*A#^7_-AX-`LZ<#s{_6@y0Dr!Q}947E5rIF
z8%@l<xw?MJmtAgairc)4b;}DjT~wq~cVfwP$=YD8^3k7T?egb*pYXb|&~pBMLN?fy
zl(W{zU^2kgF3F6u*RC3CixFV#xZtUSj<rjraa~{3ifQQmSW)=Z=gO`UttZzmmA4C{
z3T-IoanVy^mSk&}O6^*+%G6jTFpJNtmb7-Ma$IYvR&QB5TDw##*V?I6s8y(DY}vOp
zV=DGy*j~GIquz)(*o&)0FFEo8W>bDuVK4fyZqa`bYu8glzB#R34HMhuzIM^VG@QfC
zK0KJ1Xe9Or@jD=M8P5$eBzvNv(|+DbbY$<u(t~Nl8jOvN#E3`WSO?9$cq?-s0k%lc
zgl`@s@Fam_0Pz+pbl~}c%qXGp3{ki0^N``BGH1_1F2j-dUW$F3fLwgc6Xc!O(i7%O
zk3#!dbv{n{^bs%!oFtGW@DxB9P0rVo_R96dZV<<MVjZ}HrKB>Ok5MK59{{L?fY!68
zu;<w1mflPCoQ4K1ccaGIQdqtD_2Y%u{;9|TxxzeL(D%N+;dc_hm4M^d2VPH1CicQr
zNbD^}_fG5fZxSIyXp?u!;g%5)`0E4GS1j@I;OkV5GluY8!-E8WK*c0fsWLXwmaZ_r
zzu;ip`v>vx!R^5-pzrFzzF};iRLTmcQs+PlW;1X{QmN05r?bQmf-jl^2hYrpWruT_
z+z0}Ksnp=eKq_VWsE=upHXkMM2?D19tc9smehdtvfmC{I%p5*5j_yYMPg4Y%I@usF
zNg%-hEdcp(fG=v_@%8+fKU}EaG3np=9pSiD*XZwl+p7h3F>uod@2!{?sIQ3E;14_F
z!FzjU(7)evt3}4XRj2zu=HaoJlh=qUGk|}2*(<B|Hcgq8QbfZG37_BanE|4@t#-Ge
zS}yo}i$21MEflqiByT7)1~wEImx7tc<)skmxznWI!usw`le*&rBWslCDd+8{?qgS<
zq)<f&sK$Ls-_Aq0C&ijzufV#9<Bl~Lo}?etW8JA9wE`PnMTPZILzi8uR%~6R6-$-k
zN~0zvt|4m21Y#<cTz6GbSPf(<tXN)08Sb$qMOQPX6wevHdA%u7zpBozZ>oC96@yTz
zUEiTHHQwCkDAP5S10(X=D{#OF7{O$~rXGX+3q`v+@^Yp2lR;5$aR>FNWA&}WKPbr2
zlS6tuG!gI1K!G5akL^3&dvfpL-UEH9<9+)M9WYMz?LB$;cyCO63<(Gj>h|mbd;ar8
z!+~Jq!UH&L8m@{w!S&M$zpw#xUThB+JGjt_APo~$suX^KbG`_*22+eMM-xL=GY=Dh
zii>6*B_P-7-gtzQg9}~jVp2xd;wq&%sKYYCkP(ZDI@BH1;T9^Na8|xB_mN92%rtfc
zo#$MZP2LqGqZmtL(l=93uy_WOmdSbkhvzcaan5&*tO#+)|2}{s@W48rjy_zBVu5|S
z5Pf(u3R>>zsqVeg-A@<0pQb=KqEAoj_HUA+bx1FFT+^Q>cCH<zsC;;UO!*VnlvBJg
zM^Y-Ac`0qTDp+QJU4NP{A+)^p#)D=Gck@RGqzRlMKue2xj=&&+vX$^Gg%O|yg3*Gs
z67G4&=k<Tm!!xI+?(0)Ko>X6-uu26CzZo0~#Df-7A}N<w7~`X(Bj%XW*deW){9Ck|
zPwbjyt;!BV>Xa9WAxh%<KB+NEUcP40*!JT8?Z(;GEQ(Qf(deZsSJw&6ua9HSIJK6o
zOZzwQ2ioADU>2QqErXgyUDAhD327axl5-w(;i|f<N~#n>qRTF<FLK2Ybz`fNO69ut
zsZ=yKgMX^#^m|h)xjN0ORx%Z81%7Fwj&TwF2Kb0czr79w`kO@~IC{W+O_5ZcV;u<P
zd_y7d1$)Ho4>4#gKm2@54l9R(8hCwtgvHnhO91OyNE|_1dN-IE&5m3+2T`Kc;s}O7
z`1~-m(41jlCo)|#XL3w-5Xh#^rAMvhj^v}zp~5&vuBr1Q*>Oln7dW00hMXTw4`j??
zv;(-0Ewm<q{U=rwtVNceRhQU^kip<HyHcmtiV~4EmN2$<^j-<`bz;S=pV*vNgrH+Z
zm_R+vA0<F*gOdwbB39j+rw`U%9QfL>aSST}zH+uqr_fPO(W&Sf{_$H$w-v&Do+(`?
zX3h4Ks8aqX0UWDE)1v97o?=taWYe}w{@cFbg778%W|P*muo#U^>-O)e9=kLyecW-a
zB&=BC<1w!5u~&7O3Nai$89b@S*!*0Apv%ebHYT*H2>Ps(9T520p5NId=wXv!UCAWq
zM1$|mbaVHUAhi2FfRiAmW;qEGGJLNlK|SX?wHA7Z^IOnDtS`e4`V#YjHm7CQxuD(0
zz63c_Kk=ws&|<mFb1|C7!4U*c1PVT}OnTrM&@))-HV|9z-1u1f3|NF_h7@lQA)a8%
ziFpBUW(C;l(QV&1n|}|1<_iRf%;+_V=mIgcNGv>HJyNFR#o}ZBeR}L%0RAB*{UQNI
z99$&V=K(4w{8c3rK3*fmmLsY?(=)PMB|USQ<ty`|<uk8=<>Hvyn-@<vZ!I=&oos#t
z$}pwADCYN7)4Kh;s;?q+Uj@K@tt6~i;^R@T>#JT}BvT=V!zY80H7JrobnUcm|E}t5
zsW24)_qCF+Vu_DOy{@l)^(mPOF&sV_JgKjBQWAP~O5(?;+rC6#kU$wZF-l<s2#3#;
zxQ57y1Gjw*{?+fS4EWo5DHLM>|MHS7ua6<97D)lZB4|MQ-PD<~dx+HAu?Yj4Cd_&x
zY(|Fa;}L7U8zQhD+YJWBocjjeGEv|}H$|?(7#n11pyZ}D8&oARzE_pR=$C7%AS;p{
zHzAqf=_I8Zh_pzt2BI>VE?I{s{v95y&l0Vd?WehEqi6l%Inqcq4H1TI9uhGIOHL99
zZlbbEmfYaqfb@~*w!5x5tyCa=^b&?#s9!Q``do!OqJ4IuqD(_wl_EuC>K#D($l0}o
z$WW<V#c3)Phzw|u&#P9%JX86*)=IUfAUb625Z{s7wRV-MQOj_xR1W4@y{#P|Fd{~S
zgL#IU^UIM}OoXXBTGfqt*2tJ<jq&Kj4*n%UpW@j5Z9OsP#}PYgj+|p+Bu*YBhDSQ-
zc`TbglgTEqpC^16`nYB;ojrWwy-4?t&57=9+Y{Z1?ymP7q>@Nx`P1hHxAj1&H<TV6
zB;qMU+N6{h^cF2YHUOQ=n}nMSN~l9DNH%ZHol%!yHHW4}0C{4|k4YcP6|W+Y*eX{-
zC4nQym}|XPxQ?w!-=^6P02#))^s|{%4tkzeh%Hvk8R0}rim6&ytu9juE7tO}%FLCl
zy5eB8Sw1Sr{28hVeK~w>rDfGgVLg&3%D$B2wuUXTyh`~LYvdGl9earsYhcTj-^RP%
zIf-&gYSygAQGOom62~%oW7*oTJ$xzfQuO=Lr8A4S78Y%rS+L=?hYGEmp+eUbzT|^K
z>gHYFZ2#t>V)vm-ftRB%LZ5DRQC~f!C*Gt*`Qc*o!>{#DHt)I=xUqD@^wLCeDP&@a
z0vu7ur|jQVJwdCc3V{1sNm#MO$D>}?6JN)wZl^*F;X_gsAfHGFikXERd$2H|>+Os7
zJU&<$uvN`QdOlPOLxRr^SQz#~h~m05q|I{(7psB!k1#Bp%fRL?^JN5K-lurxm*F;l
zn!rCLU~{`V=QzjnN<d!1CP<p%%~uKhEP*2cm2<iIHG1}S0zXgS7YI;FD`>ydT<2-?
zGE&u^dFeIp(ah_X)jyz0+~=9MtGKia%I}4xUBy!Ecba+Uru;7BUDvy4u2t&s!bj@y
zOG`52v7luCVCF?9KS0UR2<+<nD5B&W<jmW5%mpFGY+8NJ-D1zVUc_?DxW9?kWHT<<
zJP*%t#_c;c+iV*z$DFIrw%)yc$L@BfWhMtw5-~N;Rm`)l`>1$J&Vu1qW<<->oMzc|
zh1RY+#BVnhmu@QPn+i)e6-jy6{$15K(JZS1;J#K8RxI)HsMqyPG_TsJ5JUKo6a~m9
z(t%<g%(Cd@2eT}jVgWvqv+SmW;GXAWXVL@DlFICv%vjoC-$F1gs?W4NT@#C|Br<;u
zjp~?vzd>HYcg@!bRK;M;EA;p>fD5j<f>HTrsnRK`bZTrQMdjNB{{FdfNjZUEEtg-U
zqHANA9j`rCXno`k=e`dxhWXul!u0Kericr}*LzPHzH%4WePa0f8C@SJVfY5;#aeAE
zVUD`uaf)>-DQB>h9SluZma0kxRw^_}=2fe|8-}l5^POaW8X?K>4IB0MjNuz$4BrS$
zHgxUJoK1sGnx|QhGkw{%x!efDHTi@`yAMXePKC}2_`DUA{njqW?DhstT5NXv$K<L$
zyZszJz6{_pyK!ayLAz=+w{bouRSkShdy+dkpGmGpX1_rdxelPjg)V%|)`fRC&3%Ab
zn1fZPId_c_wM7h4EGe;aRrubV^p+{sk#vbz*6gaH?(MEvC)MNbk-E3LPKm0Ulmm&{
zvQ5b{6($=}tea1*XtGiHzhA1^PUS!Mcam~8sN`|mOXVtg3q>0^>Mx~z;u&inDR~r3
zP^e~yFxl*5N_m|^hruz?aLX$+!;q4J)40iC;=Ou@6lpG#imeW<czY({Fmt6guQ;_D
z*u+&Tc`<((nN?~vbl3tHK95#RR<NToF0IRD2Cb9#WY#Ln_4lY|^sZ|9V)_kClyYpc
zdFKaTl=6pF=OHC4r~aU;nv7kHx_c-~mtQ<)yV+&w?z5fz=Bmijy-e#0`dSV(V*k95
zn7N=<@-60tTFF$H?a07^{O0E%;s3iqtpYVsD>d5%<!nc043zF2YR)f5UNI4-?vSOs
z&30in+rbRu#2S~`Ztsc1Tu<vPc4y`j6Cn!7kiALsUnA=|&2bg1wog(@CfMjFmlSNw
zYw|Py4boOlZfmPdZX-FEX&O$ks=KRgRcE%9Pn6EQ{vFlg_W{&ICh@QvT|3@*c(UtY
zsm!=T$&5c}6CKl{>Ww#4*Sh*A)M5Xez;6-wZ36#_z`rFxjp3?}_2cw_0XXvXO_Ms-
zuG_wdzw`F;h`*aahjby#=kI(c67+X+JuON)fPZ<}B1`S<b_CVZ)3UdItae+-o`hcF
zf!yHe$Z&2f|JENNw~0*@uZj{D*Z&jotLk4R?!ns73H_@b9%Z(`@bZw(GHopAXL;`3
z`XN><*e%5j+F9qKarLXf3uj$fstVR?tSzGKUFe1P$tGyX@g}ZXU=CfTu&w(XU|aFk
zMnJ4*{Bq>wPWrp)GBq&Lwjtg)u|dqgN-ZfSRgJhd6Y1FG6WBh%gw=X?SAzb!;~w*;
zPz6Eiitx=`Uj1!6GXEn1B6A@^Dc_<2YcP!NMS5a%n1=u+oR$P(a?qqV>b0%8D21ak
zv5D1K`hm<9lZ`tyiTvy>IVH|E(wFbk=rOmUGA?8|x3<M~o$_3N2%j}m@k$Mk=B>wT
z&H$XjST%?LLgmuJ<1*W0XMMxs!kXQM)q9GOM{h(HN%u{^w>f;t&((+)7Q3G)T@bhu
z(fVTZ`pM=E(DPl^e)%(nrQHR+8?YGdp4RQ(RlS=eEGhu*Yb9Yt<--FcFN+N?GMPnw
zqE(%^FvZ|m`Bl1~y3=LP^xz+3y6}l~Ze%y63-=w<x=a-oE_J_yy=ijqGc7=L%}Hrq
zrUFvw+%YbvK%N&t=l(axJG;k}h+WN?io51Z_}Csa>}Q0X7c~XVeGi)36a*_Ej=jji
zxIVE_OhuV<qhlAi^1jVxE2nwIq;ibpvhFI5ZnjNJ=ZVry$S_>W_7%hW9-EJ7g5_I^
zSHe{?Gwt9uPIvUi`Gzs`4=L_C0_zDpM1Z=RTaemFt{NMKokpUzaho2GAX$lps4kbu
zhZ~3zQwM9fl+FJuBYrJcMqmjhQaTUKme~!|El;z*nv&QCVr~p_6AU>{M%P1H``Q`?
z$|Sah=z1wx<&LT%TN22U4M~#8PLkVB3HNJj$})i$f?bZgeHwM^#RQ+i-TV;(X#!^m
z5Kd?QX9AN11_@Ano^m_6z9j(RW>S-X8=;Py-&yYUcks9r%^gGR#gkeX;_RCIcp5Qq
z?19-}M9jt^tku>!x0OU#{_nGQY3ASh9?G8RngyR6v=0lAdxtBw4bvp(#sAv}!GUw%
zNmt2l$idXVyEXYN<;5;+2zIqMpY_QYuwCC(Eg#ZEW0&DWK9a8}LNzT*djQ#`>gU)y
z;KEPrllY-XiCpB=-@jOdCSfSh2$J>tPBO>k>02tEsJo#9TMl)4U_YJakh04N@9@F|
zsn5;C70hu-idvcD$^q*eIiCzN{_rKSfY=5>Vj}y#HNvItSl(c`3HuKkP7OJDCXM~=
zB2FJoRb^M%@`f7q$3&DqQM?Gi9fr1Oa%7j_Dv4;!&{oWTsP)k#Sa!Lk#&XwaMCVmY
zOw_e%sqkr8J8)?nsa$KPQlVDSnz5Ckt(bUG_qSFYk(znRh0|!V4T6M>W}_t;vNwW<
z`#VHgj=T~gOx=MbghdaDJGjoRScGBmpP7^VlKaRs7SKnRt54SVb*cP>D;F_BBiUqt
zjnF?8t;<euh>18=$7ch^=fYEe;258a?s?DGi?<bZW9XNvn|sg8ROtCdj+S+g9T8>J
zj463x#$ubV)@Up-mL?nR{*2C}Kck{laku-E#Fp35Tbo7ut2=sY*<JNk+k@V^PrVgT
zy(C=dEze!`*766vb)R~xNA!`p=OX>YAYfM?A(3TQt|=KwHkHnkSjj=AIcAM&D>==S
zD=7VkXRb6>&TFop3oattU(ASd&R<s2%C57x>OGMfbN@<5-?*kqHi_8ADw|AhHe$x=
zWV1b^hvqS(yPe5HD>P>GTm!~Wec#TqK?N_y-EI-u_o#5G`(2N_H6OBZxAvZoJK6qX
zEX-@%RiwtaTl)bUcaN*_BwR*2!wXwr9={>kl5Aizn>1QDI9l?>Rh!pnhx9s1t>(3w
zZ{8wWxn|4;5z|<2bJ1Ikhl~x$R{Ps*p2xS@Eb<a}8{29Dw)H7|nQko<w_C{fpoNB7
z;~OXT2wp`#rmRNgW9i%=jBs!>gd&EriWVC=^BI^e$R{j+4hJPZZv|~7HOq@5aNZ)$
z0+Tpc^^QETH#!LO@!4_g4*oX9$OGWuqEJRi(X2+O>al|oZQDuBIFf^zr(#AnNL%<V
zlJ_xABP>iECr%?o5}d6FhdMHe8MTKvgFk}9egtdy2~kL%8MYVZsbKKX@@6wRCT_T5
z+c12BN;^bgIf0`Do+NM#px3MeL_M}rJ*t>m6os)jQsx!u>?U12Gl^|st{_09`$U7?
znw_k1Q9$=B1>pFe&yHtO!-FN6L%6ePmPBN%t33XRS>mG~*h!cwO_c)!jwU~Lps)A9
z$pZ#9-RO9kO4jWWgqG}LN6WL8MV-&iR)=z1ur(`F#e5`cMjR<CBu$o~iJ2&j&Pq^w
z^dVhi{eKvd)&5NCw$UsO+|0*UTg&(^`w~4V`|Knp8ng6sP;DPfkEO9K9&K*^73K96
zD&0rN(3t<5{KPM?)-Xo6`d;XSDP~$s)-unwe_BnjCp>;8#aY2nWyo7CmCQpcfDaKL
zmK73%EN}jR%34RDHb>lQ5b4;!wL)^3S-KbutbeVr>T;{O!d@?HX){YN7*_U=;|r7-
zHp`25wwmOZK0b=(%5XU(H=j+2JvZ7}Bv+EaQv}{3Kr%sYXn;^nlQ{I8SO3f8`Z$5l
z1LPL~2zvw0JGbbz3`LHmL_6lOLrYlDt0F8ElVYD>@p4AJYYzX7%Kw+(rV?lV;mPKX
zOM&k<F8+yUFL`H{uf61bIr3s;N?$s&dZTc!oLSX=d8n{5Ap+WFmal+Ye^E!o8%K<p
z)<v(ZyXD2Hz+oXm+*#CjPU%lT_!wIH>Y~?HT-6_Wvu#B|U&7SsHWr&V&MaR2N_J-X
zmO@+4%*w>{%B{tfTW<!nmWOX@z82(jGome6Hr=|m*t)i$$6v}9TGvj}Ia2Z0JPZ`0
z@oC-uP3mzb15hD&bd6HUD8&*V55BI)U)ko2A$&-R;`kG1-f+L>kqM*&(Pvth^15E$
zTWno_NuP->o{p|7M%NYe#|!btIV?sWpVsZ)RfI>^NiTO?(;vU|ybLQUA0EiqlPpIW
zOF9tFN?l!yt}f_3ms1QBqdn8Q{ky976r!u8mpiWMJyfP0rKo&(AY)Hbeln7DAQ(ly
z{KAVb6!eEK2N@_vADY(f-&OsgOD{+tcU(gl%Cln>m5(0SktZoP8Am!0%-%2t6M_YO
z*RMP|-M*{Xz6;I*0^pABn%3>#qzIHD+;L6cMaA2(ipqxv$VEQkjwx1(BR0xpK8oG0
zN|VWufK@S$;aSj=QyqJzJCenYB-{mrz#UCa>-KL_1j-QZxTYtmj&`h~^5Fq;kx#f|
ziWlREPNgz0#qUt%$%IJ4YPqHuU2_@D)>+VZzrF*Y5bb<@M=`n^=hyMyRXdFPrkIbr
zCn<@HCmje@S?`3Qk%GSEb&SU?g=pe+49zXmy8XLqhw*?Z=Hu>3N+RP)2clG}2+*p|
z<WN5e*ZVGq^36dG<*y}&g2>!mQbq5^t};ngkZD%ANTu9#W3%-#7b%Z|qzby4_BqW`
zPe{ar<*RU~$Ee4D1P7xxKqlpdyozwnvJ1zXDVda12f)d)jdWr&qxZ^>iHV6Us_^`y
z?3kFQlGA0I?>Rkw?`2Yuxy-AUbCF3&Rg4XGqs>V&Aya`%&{C5Emc3Rp<{e0{j8=I}
z%mQPf<CvJa%cR^mUW>r(qGMvjNz^VQ(^$+X>u@scDwC>*)U-e8XCw4KiPoKyOe&g;
zfFrTw)Nd<(gt7FV_q>$EiMq|H=VdDN{L-5JDJ57nW6GX4mf13?2BXbbo@}tWB#ran
zk~9kLh`57GLj73}F3G<~Z@I~&>Wvk5)mtkc^wxdqEf*<=v5I|pQNus-$H@r$!j%2o
zkvZ`EqHHHe?9~5NUs%l%DkYsYV@gS^vD)VNH5qG+waKP?#POrC9K~3Ea%fS!ePX8|
z%<?hY-1(fDSrg%N7dq@j<{m5n=AQsq-sduBtkAyfI82|Lhfhp|plrKi8)@5e9+xi4
zF~3V`zD-~Zpu`L|v8`J1|2FB=d{r9)+o+c*IDsqX8O_t<7^g(_-P!cHGlS_zt>bf2
zEh?uwMQswh`2p9D!of3Kgi=`f7q!=XTv_T(lxu#U0BHo9M5uB$0oz3O7vwEtcbWg4
z0vY99#<f}q65c*Px6{#(e~I{(k1Y3^|C5sbF9JVHfEYpXHuEOA8O!h%xo#7XY!dTr
z@;0L8Rv4^9>H;Y6aubKE7{|nZ-)ig<^Bv0IuL)oar~P*8$W@yOV*VeB_a1@21&Fse
zxfc2J0}jpP`SU0wXM%6eBiz!-mf&taBo>!3Cqx%pd+ut4_|U5PuY-r_!j{+|I1gY;
zbO<+NOJrWn34hzn5@KI~EAdjp%*r@-PU&qoo;V>G6o(Xp;*p~M$dtZcFesLRHf9@O
z9IT11LR<HDR&M%GG9~sD;(H1@!D1A|qW!yy5MoNG5V)`Ddx#pf!-~p>2Qu~~%S*<R
z4umsukTWHA7uM}2Ds$cL3K|pio}xP8zNYV{QtdDtrY?MVz}OP>1jHutlCh+tgb3YM
zjBYIGJ6?O1fnpRytNpvG?_h_(k$1}Bo}}0^mUJM>EcEAj=x2No>CZCSky}WP;QKDS
z-1dWKbrH#N6sXj4gofin@m$@7hNBS%?O1Qqj*HZD;R5Zb=ut_9fOd>jr5%@vv~IL0
z^cfo%?bujCJ4TiMVP8z7S9ceEMpcTdOtN3@#}OE;#L<z`aR6w$Dn+=U&sdQfxO&uR
znpZ7}cC1lLWzIv^4t?NA<yt$H3bksg8C&*R&6tvcs2Nk~zcowRvBhY0(2fs@)^y}0
zUQ#^59r}!JwBv#@+R<fX8Vd=79r<T&x|um2v>CsVtS^&gf1#vpUFcCZI!Ttj=+sdM
zUaNZ1y+0&H=Xh85m~-z7N%u(&!wAzbjMx~k-aq#ib~}KaS{S=`i9#Rk2j6J67T)CO
zFx!b1UUpY4-1gCG;h_cb<rBLUonarLgtOe|C^es`2T9RkCo?T{1EVxdLdZBx5t4a2
zh>CGUoSmpJb;{w>lwpXFJN(;Zg;@``b>fcjMOl|hlA@E!Yap<T3VoBn_X*6EoPf-i
zNzZGD>dU0(5I(~&Iup(wqSA<xF#iVulF(1UtU24M-RWp%6vU+HRSJ^g%@Uz<d~prx
zgtWRXPKVg7bbsj(?8xq<*Q7Pg@=}qEP&-LsRY?#=Y4lMP5{c#;07@tgPGl@8BQj*K
zTaVt|s9A;Kk#BY<Gl*tzmwr0Qj2p+E67)nb(G%19ilV*(7%x!cDgB6`DB7;-TR(gh
z1)Tx83Maf=_CR!0&<{;V$)qtHg`Ptk7Nduz5zc;B5l#k=$vZ`EY{(+_q$8Z%Jt_&0
z0C-J5#5RmMN;@zeCDWb-{Xn7X0Eflsfoa|TT}3z<{v_`dxltOqCmrGB?ovs31i<V1
zfmv|-*WY*Cz6(bdx}9U9&MYx-78jj+m8{F6cKj;C^#e>!1pVRi%k2!4Y)HgXN611>
z1XFOfoJj6-67e7>!cHbGD*~<`v2lHg;i`DR^?|eUOYNBfuHR4<*Oxd{pOn>z90<2F
z8X2x1Ey4Ah`eP!FyL4%*{g{@ALDCmirMO~M3hQ#k^;K%(-jrRy^(A&EQWI8fG|#J+
zgzKwvTx+SYc7X;nX@N@RT04~rwQ6>h;T~Jzm$mX$xPGme3fFIuxPGg#z=7+>MWZ_E
zw^4+tdlg)NVHvLPGBS-tj9X1|A~#$V=OtB<Jg9f8Ha<yCw75j_u;iZiyrd82)$=kH
zdVYzcW!-yT(hD_X%APltN;%Ooqs<{FntOk`$%&{xg`9|RowCbV&iXQHtT0x>LWsNc
zp?1H~akQ&Sqz@{MdkZP)L#>!f`Vf=Sht<X!hxB3YE##(eOfAHv4-4aKo!Yeg5Y-qC
zQJp(o5QfrT2T#bz0xQ7I>A{J2?7kUC75SdcT<B(y8}+d2)oHDH2eEJ-U3GWFLf;*s
zeU92xk_%7VExAxt`e21f$ufn;$(u1MWi<gefy0v7QF_Zq8F2vvSIJawbpLSs3h_eS
zz`41g_HUt=T{R%*Azdg}eN^vzr>c*R9JUeizp@nhZ&>sb{g>)y+8(-8_j3J<^;1w$
zjKzg}#mtIT!o6&!ZS8BPiY?nN)x8vCT8|4~X|JvINGCBlgbJkZ_+b?)yx*FR4)wKt
zuOEElU}4L?g1!&17~MCm+rO&_iFR`Dl*2vAV#;XJfjF~J0^bPTTP}Z9Jl`i4H-6e7
zsDZEuQFn#;8$Q?+aE}ud@eR^MbIU~+F<j{fk_DDs^UyO>^n;`TRA#R9gIq&ZysCO;
z)#-<rNbODuRG}Xve*J;9eL(cXd}>MbgK7(bCW^+v9k{d97!!}@q-`WqG5SH3;f|jx
z`k_`#iA6f<?Ve|C`r+>M%*yEpmyzk9AKYvoRHq+QE4WITFh1SrhkM=gk`kC#&&yPd
zeo$}X-b;#ps1;N8d{z2k?)_Pde%P#4T)BGeroS_-K;B!+%c#8vy=Awt<4bm-+b{#w
z>Mi0XmtDpRo7!Wi0au~+Vj@x1Re-3yl_k`kO5;AB6}49@rlR&%NotRFe%~uyGfC}%
zd*RkXYwQ*RZt&4=pCO`#_bVA0w7>E&u!?gSV&_M)<LBlfEDMgF?_fLVg88u#Gd+~C
zeBE773|kF-ne^Z%OdPj+90$c)I-Mv#m^KHw1g%Atn6gWBP{+?<l-?b6{PZ1B$CZ_;
zB$CtjjYu~C60dFP1L@K9!0^}wH}cquqz49Yq;cvT85pgio%a=F!xi(kP+fZftQNa-
zQUlpElC#Z@G#gusn3i6}i}Rx_-=UoTn!w)>_yK`+1c>c3yUo7Yl=JFF&%a;P^Xf9O
zS;dRyE%y`MY<q82_YYQPbew2u+Ir*A*AujKyP%nul+e%1*IhneXiMN>@Wmh_v^xu{
zx`cQ6%(_nDUUTEoCuUkXef^l+RG7dy!`NVDOW2^hc2$40T*S7s(6;NtN?$)wh(A%#
z2^OPIOzZaVDndwUPldpJO@D$E=IpSd^5KDuJ<0Ntv7`gx4yC=s<)?9K^yR0^4vl6?
zcqIot)2Y!YQ=JJdd~_x>?K`9=la!T=BpnDY-!^vO^&M}VEo^3jzRd?J1bxU%3i@m}
z3HLU;2=@@KGJmuf-Hb+j{d0wFtTDG$Hs)sD64<|5h}v#ys%<4LEaS|=EjR+o`rhgU
z8s4fq&U~1p*u^X#hJ{bv6}O;_&gVLTcPA&bEgwQB&`nNgTRkk%33QRhRFxA}*9nv~
zSrs{<yG~$Cw2C`k_yLd;l1|`!YWe=i37cxlfE1mtdd6L9BB{Nac`7=;noi){r6zOH
z33M5mTqiJBT}~LPLOH5daF-J{Fgkxx3FWx>p7*?@*h}bqRX6t@lBq!FFRs~3iq5Z<
zuk3kaiIfvAHJ05oIU#8v&LStAh0a$spRKpr9`x3I>Ma)@nw0ALs?e~t`;2J(6(uyj
zO5;BA6^&mjrlRpzN*aHa5p&S^bDx{sB)T+~xkPtCeD%a`MZ+pXEOS-#WV^^LZzgx%
z^3m=nE3kK9Z1{YJlc-^pp@TGi9t-8&k)|KNBhpk=rjjJRaGy!i0BHBI@w^*B8ei%v
zuVp0YULrjGqtB$VA&SwO{Ll&cCij=d%-x-hnt4cQmzL3(@&)tOV|Urt&k{}fqc!ET
zE7x9r>eZB>F_+COTLX9K#n4O98`~cHruogm;<ls05Y76cz8;1nZs<#3hGzLyeOo!f
zxVg}_<-<xaK30f7R?rC+qmNDN_U|e}h+tG9a9`6OBXZ3SD=Hrz$k>xCFBwZZ5bhut
zyDy){At9Gfmz@#9NWhYlKj@GUlxc_2AtAPp4hbQGk)BLaRx*-wAXw3K+nHAA_Sf}-
z4p5A4pVsZ)Red|t2_^58!#zn6Wi07HluB}r1gOl!$e}q1f0OcD4rT_v4g?W#VaqPV
z(}`o0aC8zGyAPB-gcpY=d1G2X%Hvm39wA2uAXOfI1T(Qvr0$nQpPS)(C`|^~`NP4I
z^M`fE@jy+YJau>3Af-xi5e-A_5kxP)gxaG-I+vByae;`Z?ry1pe8O1CylP3rP>ouu
z7L~QbMioaY*V?I6s8y(DY$+nG8B>x?Mp&MuQV#?D>MRvWRy*=?AygntktX3q`@_Tn
zj&sU+u_5PVvd(Cv0XcHX?EnIdF1Mq#zEILKE}IAC*or#GmZPTbttqz;)r@&3E!kuf
z7v%?I-F-{yF0CmMMKzkyn$4Bp>fqd4v*jb(nl9v*`^-0w)@=RAwPy3IU%L0M#^y)w
zOBb!_{-wLD%JUeTAF(eThZQZD*wL369WimFrLeZij&vovx-nQAjb+jU&%o+0H^Cbt
zlO3`AKsuMp3?`JtUS`{b?eu#KWP?0Pu!}6Wx@@lNiszXvUYJ&mm+Y<M!afc3hcFRa
zZ9gBkvx^OUd#aQ{MtujyO%u{(d3;jkjzMz?QL*1gosre!vt%V&fMt<S4UC){&1S|j
z4g<T`e~3JG&yvU3$XGgCS{axd7RF^MeG{i^l?3!%YRw-In4<*LTIl-H){<&3U@dT~
zRy?Hk6q?i@-0CXZFi1KMY}X*Sx=J)_o>1hNxcJ_|O^iT=U0fPmDKWU1x-^Zc(sr=s
zqgX!2Jb#SHSgVALW%TEi9(%JB2PiI?(Hp1r)kS@^G=jSIaG~vp(++BA%`MFr3jZ*o
zHMQO!)2GtHDeRcSI;!-N@l!fbjf|;QF?fpL8Mz10n2v(}+FsC&!fu1ZV$_({?cY^|
z6G2AaDRN_19=RtS;pE<}lJE$C*K|Xb^Z0a>EPTS0>KmVBpu(Ig>~WHH)hRNTic-i;
z#!|^DsO^5^v)t)~u&t^J**zV7q!@h!MoQj5M*&nADtUxk8DXX{QHU@@61Br&dgKj|
zt>s2ZV6{XQazeD&iNfv^1)X3qdSY6)e^(JgEk@oca-$e>PddWMy;~*W5dg30CsaB2
ztHrMCk5^L3MD;N$`L96F))IOel1c`B>_f`3%Z(;h2f+19la|<^2rAm%pa=@M{35kz
z!;k*}HYf(ML6PWf7eQyv+utnGDs@<xBG5-p+GYaJ3Odm~TusuxZpzT0heF8!*v{co
z2b8%7qyC;B{VpkXLF<WHvcuI>9bIr1(ApKLLDholoL4Q0)>h?!!Y{u-kxK4`tR2zX
zDwS*PR4UXeQZu%q5NqWtY3-VMDnV6)y+JWZhtDO0(o}{tf9l99R^9?k$y(C7qNhNW
zH*q?WnaapO`ShpU#-_pX&MV3AE@V8iMYQ1{8Pikm>PlhbAUH2ZVe6@%Q=`z4#=YI8
zh_q%*DIhc!*usx`W1+DqS#P&bM45+m<mKKzQjk*CJ|S=|cH*mDQ`xFjzuM-z{Aw3J
z_-Y?~wR8JwhnnI`CVKiZ10&{OK9(`f5i=iSXA<u{ahMS_`PkX?a5nbb@YpjW<72S_
zGo611<}4BuQHn91OP|N%^qFkN{8J2ZhwLp6@7>AXJ~<D0%rnqe&1Ui`oZ*n-uaO!u
z(*v2a<Js(mN+H~3Ld~n$S^+uoB#|TYKMjSKTz(WvEh~_F(NZW=o|-Y7i&617_PNZ!
zBeN+9%ZWFsr9Vl4b`+RDB+ySl5<pgfS7lx_5YroVT1A<Q-X{~ik;V}_8DdteC~FvH
zGiy&-hwfFMf0d}1zXebVo;MEn%|uqb?X5ea3@P%H9u5k#C+wt$IqrG<nLS^I5yJH^
z<zLw|NoN+Uzx;6qigbpv{hQR+Gf|KV!J})GNJfE#&*9_2*Y)*un1h`PF@z6EUx6t@
zdf?0&?#myS@udT?XXvbfo?komOUGcozP$(TLVHiesR}qafKE`DqB9e0Hx5TYOnFv<
zbkLy*;<Shl`pFhJA)^x0m-4Xhg2b(b={x0Nv&q7MqkDm)L++KU>z7*=lXVVh5;1si
zDGUgh_`{Hu;mmo5{J>Q@L7x|0gh4UGACd-eGlc@oSjyxCHX^VthF7c968~b^GvJmQ
z7%UVd=T%F>t5rD?Q+Jl5Fl1Rf!mCv(*V?I6s1>$n&Z|~rG)3j_S}RA7Ve+6$){f+V
zDz$6vDpRADP8p?ZDn+vyAzOatQ)X-&Wukq`FJL;7A`ra|+&rA~4u#|O6D#}dgU8Y_
z1MEj=$d6~oV#7Jw;4zS~S&?_ICX<}Uv~3@SmLhg2akEe%#vQC&rT+zbplp?%*oqwy
z8FNgmko-(CER|))m4S`9iN)E>c%@c&I4@qBuWBS<En${o#A@bYfZlkdoSpaystBcU
zY@=X|#W;m+B!Ev@Gsy@`-0xrk{tSi6)iF;34aV)`tiBa&L9Esu*1mhtsK17q=l=-B
zI+j6FCLv~C**fQ<N<#d*Wv{OPm5r0pj)LBCJ=!s?m;8!)$4e73tklPYuj?JJV!5(Y
zA%?>zWBkfSXAI%Hrgs!7O1!FfusNMs=If0|%@j59j}S-`I7487fQLG*g+LpDIDzd1
z4iI>fKp%lq1O_R^rwPy`%eu$BPA&r9!+(Aoz!$ae_;%j*t?>8UesrmS=k09^{Rcg_
z6N~-(J-0V6^B?lu-oDVk<94Fizt?kneUpFVJMH!U1kaM?_EVH4>04O=-t7bSvVb5>
zBUTb)LWNN!*QE&x8GAfpLK;Ncn8x<tJ9A-KX<Al>CDjymP}4d!oQDGY>4z{_#}Q}r
zKtD?3msn_Wfl~*wR1<ccdP*^`U=dTYuf%grQzyR1v||ZPt4F;~ZFW=R$T}9scGLx=
zvCEQI8Vk7bx_xE_Cz-|4v2!C3upAvflQDCUBjjT_?5(noP)x*ihwXEw)y9mS2h)Rt
zm}l}PlM3v`+nUr5@gTdg?l6A|0obpFh$;I#Mk~a8B)P$HYxIEGjj?>>&eLnKFFD3d
z&6{6C00X~^{PW}RUDSRU)*=gkV%Np}Gi|GXarfoEi~GNH?DNN_d`o^1Y?@iT^it$c
z)+LIO)t3(6XkGr5U6=OHELr{1;hDB|FFiRESu!12RgA2<?7JRWcPpf=@4Ok-R(Eh4
zA1iL^TBPaX(VKp4_1a55JMhi==*6QP-$Ci}qB(~Rs@rh54k}G;s1O4n=@>q)Pvzin
zeM$qFU9L~5M*OMdc?yl9E)Q_1x|~O)OOmb;ZSm0DxT<a(CuR0IskLkIz{F-bc+|K#
zksZfjn~bbwLn<>EV-#<87=kYxYxy5gLGxt-uMqe$fu9C|fQQCEKajAVk(&c74O5!r
z^cX$>J`~Kalk4XxSsgPo$%a{;K1?xe7%4}fK*Q!UaA2ZtSTWhK>f*s0OV@m@?c%{H
z-=Z6fR(<8!iwD1OTsfAn``S@@wiKjGWYJ7(N1-J#(?loTMH9FD-bmo${vYaE;*mE7
z-*~FnvH#-1FCG8<@oC?RqHo2NZ{wTw%@>dHd5N@e%>N4DJ{A1{_4=v?PPJ#}bDEZ3
z0~`n;{OZ(<I@U9Csu52#&5bXvrWEAooh3hA<s)3Kra$B;M1H<m@^hJDTt|*GKmRQG
zxz*1Fn=E<Xz&!JF!4ymK3$pyyy7q@#{aiS#D!(CpNRNjmzG>hz%vd^`jSbpcDlhQQ
z0zvuM*ob|MZH%3l8Kcdp`9wIp*Br|44AX2l%D$?dv6IhaY_~);OFlLJ$sjEyvd^*I
z83S_44y@(Ua+GF2iJdh^&c*1U&NJXV#WrL!>GK&TWGDQIs+G@-#l}bDi7;nE(T8dV
zFig#b1lADfBJe0cZ@iwb5{h?1Unu{6n<y6hewUK#Ap&G}$=nAZK4SV<N<QLuC_RDi
zAy)poa9q@GHfnnGm5#~aDl)dzvcT2U(#-%x+Bg|pPRBg3NR@{?@JJ6&23L^nRu;+4
zax0HEmjVkd>nDTju}AgWXNr%0T&Nn`+f!$PjjwE)46Y<y<TJ%>hs9&kM82kPx#`vP
zRczvj*Y)<sJ(d<<%g`-LKQlg@9RrfhaAa#~YV-niPlDs?!y`GI75p6SFvr5mP<RAc
zK|73z>8%D>4jyBPXqD%^L`#X;3t+Vjrw2eUK;u83Nzj(+Y~G}$#3X8$pN&f6-Xxhi
zL)NWz&J<kx!c06XaR+g@EKTTEn_FBvjY;!|*+}3lfl&fKPT*Sv2(z<%^fg%iv2o}(
znEP4C;PAj0#|zjj&qhfpifQS)@gn2d%%kQgh7NvOo<`SAugBy0j<)kJH0=x8w6^ij
zwT5?nK~LSg8o)bEnrENqPqkg|2DW=X=DDR2eD}O3;Q1sx1mA60;%UF70ld5IDUYY~
zmPYVhvu=T><CX^SZsLU3lenc3yovVf+%nU?;g-ME(=-!pedWNbYhTU3y5Y;mi_!MW
zW5wvhH@$fBW~Awr)>j5zS@L4<t0#fA+@$Cjbb;tQL2_-1dRo9S`k{vVt@dS}Bc8&F
Vj++`e-thAKH&6aG^Rw~u{{bJLt$P3f

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_models.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_models.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..dc974e28325589d433854c6979830b8837f93db4
GIT binary patch
literal 74314
zcmeHw32+=&dfp6x!88U(<0Ju|07#G+9yloQ07*%Ncu1lsP>TU5?UL)!5EzoP0%xFZ
zKoYU5-L<`0Q_0#Z?_qOeJ4UK(2ecE1RdHff99QJjR@qr^oM{}KNtax4vYU9BQ<S1&
zMR7U#{@1VH>z?VE0Z3}CjnFmt@$P<o{qMiu`?a+pACB+5rGD<+0iW*&l(CNro_PO2
zna}raU&N>RBK}C(Gk&d%{VzXVp_jG$P6xEgcB>|+1zC-vDfnOhOx5X-7CK$6RiCcW
zYEIW`wWsT}y3?wrp03yGPd8`{ryI4#(@k2_>1M6@bc@z<dY!iJ^m=Xm=~k`vbeq<8
zdV{v%^hRyt=}p?E)0?%;r?+TZPH)w=w)<LroxVuL245twAG4!FYiDJZC<}_R4pye1
ztV)!1va%4$szup0R#t<uT2Z#0mDQn46=hwltR7_zqHG5%YeZR-DBH=(no-sw%DP$E
zI+U#!Wnos<in2CQwu_Z*K-or7wwsl0LfK|fwuhB%LD^POwwIN)qpU-e^{}!|lx-7b
zy{v3I%DO~ZA1m8|vYn!=pOtl^EG)|Qv9et#+bzl-VP$(zwpWx5TrLau%(jmu6VvU}
zaeZ2Ezm(G2$5UFoeIhm;YrmSBh)?Q0cj(~_hu4{*<5yzI%kj}`Q*pD_N=Ig{UX5wj
z%;w{0`(!*B*J9I&RB|M)&rD96>hY<WA#MChVmdxPJ)^}<^+bFso}7p$$FDu9#ip*9
zjVBWNc<Pn77N0<$)QmPBHycjAHm$|Rr{fdnVp<}0aS~_aL&qmhB`EvcWGtDCPgrv>
z>ye$t)UO_oO~)^%FrAj?M$Vpl`ozhR=yPX=Mo*m`c{cj&&~s+Zb6V<^#6(<Umr!S)
zkq^^s=SSig4_BdINlcm5k?~j({VvgoYk20e7T0w%L^*V#OASS)aq^SNX`H=^rP)lI
z#*%27ntX+>?-DLEi3?QE#U>ND!#KrBO-pHJy)3YX8>d@tAAX*Aza5Eh`!4u2KR$JQ
z;#zs6Y=cj$h?D~cA{AQY<v_U7tRKa*bYAJ54s;y1hoRAe_$$ZX`^Rc%$n#XjjuHN?
z+Ijk)Y8bIGjiWe;38eOol^=czElzavnu(0hcfQhYHlo-m`5#!JY^-7c*yn|917-X9
z$dQWk49`)!5zHy~==AO9MMv;|Vyo*cb-As5z&-Ms_VX*Z=NQ}I>RrFG-e>)oqr5WD
zUSodyTqRqUt+-{m-7*sBso0AdBm<GkNN_CB=V!Uf^G)^@IL_K^m&yN~zOhPsEc<^P
zuhOIbq#u7}kNT&M%eywRPWH4@1>Xeaf!>6wwKsw8u;b}@zg>S*Z$hj6{N?|GZ$jvS
z-h}G4H{oObCIEBh9tGcong@ClYS-R`kM*0dDfc}nLMPNc(3_yHy$K)dH(|>v-h}!G
zdJ`Jf-h_|en{e3|ZX7miCQ{=s#kHvZYD~L&)Bj=FqmPFDvuC@yr>+fz_0Z>eqW#f!
zO6{|Ykl;mqVZG<X+2hZEWs5vNH1cfd^`2K^lQZ$q>+O$PoeqX|jVS$_6=wO=wLSv-
z2n-N7_+ed4*W=nW8-FmYQ{kW)dTHijTua8m-C{b=u5LQdj6HF3WccLh$%yA<Ohvzz
zOiiXPU&GMPtZwMYr-#p;Is4?Ny$7zk64PD*4;R-k@|o3*{M69Mxs#F6lOx_khc3pn
zc=T#~IyQN8)i>mcp^=l(XHSj}o$($#_-Z0Kk$P3f$fs8~>*t>yK5_PW@B19CXOG>i
zalRgAfV~}N=-AXX5?w@Nn%NK?k4;WSwfK}ap1L}P3pHy{9lbb{n4C@|b+d9Zg%-Nm
z8r83)W+o?C)9B^N)Wz6jG#R@ZH>;w0jJWhE&8!<@?~~xso1!FPh)qZ1uT4Svz_@oa
zB;OHJu^*~gB_4tqlK0FE@~gZVG%NJ@<R!D3W@o*&{m#rI&ddR4X1|rOW^%~7JS)@R
zrxR1(ZXM?C<A*PdoP6%=g-9}{T_WMk1t#ISFau!^OGdeLXX=`%T6Yllj@?w<Y#+^$
zAoS$4=)|e?eUKo0+4qjRF{5@HYIj;WmQi~QwFik?7BJLf8I-c$f^saa_K2*NSXPdG
z?F*vJkU3PO)o!b1(a{s>Te*Xv6`Heo>@d_FY2|1}-D9YGkhoRDfT14Epp^X<l%r{N
zkH}hyW#uT%gEui`4i#y2hgGxa=!x{L8qq-{(45U<yP<ARD~B@bE<@dg#Qf(NFw{dC
zl(OG~awx6t5?L#;tQ?|w@Fs@Lp(3qrw`vw0J&~UOoai7DXwK%*WvE?g<#0ybZK%7E
znEyNjhI%-IQubR=4yV=KB5Ng<mBTa--o%hORHW4|t7g&B6Y2TSiw+`z<{zu)vdvJp
zrIiC2HEgJ1B<4TOfT149pp^X<lmlrsEV5Q&Svf%WgEui`4i#y2n^m*u=!x|Fr$q;m
zxUC#`pO$cMVcZlG<DVCTy7NL9XNzl+ehA$<#>$w`?Gam`^`w8I1>yrCq#F@pDms^S
zFtJ-X6T3CK#BM@FHzEXZb{`U><%!+oSv<vbQh;R7*`6g6yUE@w6xxy4EfP5YuxFWf
zXIC}Lyxy2)z;XXQugxJGEO8gcgm5rY$wht@kzhm_tKcHP!1)II89C0{XqU<V5cvh{
z=V1SrBEPA9Al|Bm@6hX_5gCt#yN?#`M{N2G2}z%IQ&oRh4@;Wt01;Y~@gyhAG!iru
z<<(E%5dsHXgxMjBFgp|uX=mu9bfdIB0{sN`5qN|ER9!xe-aYLAfr9`yE49b)&$%4#
z)1JsF8E`I;2c4Ngoi5W_9<`Iyt${6SSL0VfB1XqkGs$VQ(|h4_w%LWQ`Y!>{(%1N{
zql;>LTIre_VgTqiqwwFN(v?=*Mb=6zD_vjHMVaBsS;e=Nu5V!-;)9@tokLeK9>$&<
z5{*P+N$Jv_!qjg1hCyT~QAX56qh=^dtNqMm9O;^9^yQh@B#}GFsnO`Agr-kVCX(@F
zDjL;Jp}Y11fY}m_>d<K<#-p+6X)SSa2Db|hK0^)YB<v<?BoShO9=%Q|;j6y)$|?f~
zKdAQyc32Im%>!vPn%QH?QS#jBp<xBGL`G;e4gi&{X*F<1T!)uVWKFA4L~gaF)yR2&
z97~uWF-E*~6=Dfn(`rQ4v>NO^`q;h+Yg!FFpS9HimIrHEjZgHO0CuQ;*sK~)C8uK`
zh&9F(h5fUiS)DZV_}Ssnp{Iu-%04@C{3%FdM}|h9K0E9wG}VY?*4hbl5!eA>2KDKb
z7P}nBsYh3L>d5HXk)bC~Mu(nz?#$Ce!^cm0p42SAGM>QTr&c%kQ^%k798M#iNZU<d
z4}rY^VU=B(xxT>7(0Zxm3Ryq1A@91(a?C~}V<7D)fky$H5>SgfA#TRp?!`UiN;GLY
z`tO0UC$?^DMm=b#2h+-#jQXgdK8nQK8yPUvGZ~b!--2=`tv)KUR$^H>vxNS38^e)B
zRa!l0RV_ODBK`J8(L*HAoXw=)Q2W!$342N>-Wo*itwBRQkwGc@Ehs10$g%|G%gPBh
z6JBUIvZzX{{Z`*aM_;7h8Wf|71e&v%Skkk7w)AY@{8(B6Fw}h+h5r_meN1{LOHj3}
z>|-<Gg@z-GDkeXpszpa%r02)Ps3L*pY$ldi74qgjL+vAZ^BD&6<js9TwrnLJCuTF@
zGHD2$MV3jNA&;dhCUNF{N#cwL&U=UilQ`o&*=eXdnS^z(q3%WERvQC(64t#!CTb-h
z8D*!IB36-QGS;0|GbUr@eUZM^mNN{px0S<;&Gu%6*JO(M63I20A~PKPNM(uvLdqml
z)Se;0q<w6udzP}FA}|7A3j$fy3ReRyf{wY;JWFP^qcEy>%J4|0sDB55$?%q%wk?vn
zCOq$F0IGqE!hefOnCV?)396QrFbVN^nc>P=#kZ9(Ms+q3S#%a7V)S{xXeAO$O4t&d
zk*sZ4qZc?=>~@jL2#^p=h}{B#BOlcH1G}u=RP8NxBO;@iAu-H}D<c6dc)2nhG}p6x
z$_=M&OY3K2Q+E#2_)hs73F(<taXr>ir~IwS_tam(Zq+~Lmnscfx>KFD*nQ$hD^Otg
z$I76<D07bDP-T>_N=dNMbv}Ciat?^jg*C4|%NT589Rl|fVt$~Ra@Y*hU17&VQn29O
zT8Ayr7qbH&TWWUl{@cARWY|;2P(nGgEH3A2hKg0F87l1Y?Ej=@NR~bO*FImhuiXdA
zS{c6SH_H-9(4CD$cf#VMJ(0BSK}=<ezhYV~E-zfhbO~A~(z8y}4p@_D+o(avQXWv_
zm6DO+0Mj67Gt}pC0H=O{E8Q(^`hK187gH8kx`MW8W@G>rxjjuidNnpR6`wHs3w$4v
z!p!YLufG1%0AKd~`_}E(pUO6ET-rKdG!0~G_-~<R;LSrQ69racnTkc3;mTRXw`&HR
z-O$9D6<wEV2Hq?8wOQH%*EcL==s(1l?EHr1o8#pTK({ODcSv}|TaOBU<SQ;G{uSO>
zp?37P`;Yj?NNrj6f<tZT=u_ewjFg`j^2rfT1zDbgQ_jcJhF)Hy{ieIVKiS)JX8FAd
zOO(7GAx(``^px|(8(shoh2VPoE<48Zu-h)B5Tv!nIvmg2Lq4|lynQ~V(EbU3-oVSj
zVOz}cIH6@Icx{Wj{k9qy39bf)Lb#^@M<05far`&SwPCzL+F1Zn0PlAxfXRq&J8Hsp
z49#0OyocH|3h)Z0BpJvQz&T1`p%2y$p|OWjxKA6SQAPor`2B!(93{DAqq&12b|LYJ
zrr@pyRBySlNn~$6Rus#Z>`$wWu7Fq~igWvKT*!1iX5gnjo>pF3Iv&X!f5|xh64GfT
z)R!^}|1F?IecZ|}Ints53aPu@-f(1>*=V9lBo>vI_!N#BT}PR8Be68}smxHq7)qp-
zL>dV-kx}?>0VO2mpzM+(EgGPZy4&pyM|PQwCaOdNU5c=*-^CiVw({VGaUGD)3!U5A
z$|LWEr_4UjL~0e3MsSVNpcn6Ngwh~^LC%p!X?V1GAj(o%d){=*|3;p7d(Oi~Ht%_R
zw0WTCUA6YS>8^j&&l{9wNKlr8E2Av)v^<=q)IN_1Yp)Yv#G`+9_sRxj8Y>7K_N}b>
z6AlLl^y*z%FX6lpZg3E_gEU)4)FvpkQlgfGYTD-rkd(mEZG91`Ji@h^5w5A}D==OZ
z0tRzWQ8G2BH6w`YAWsrR>0zVmu%RAFE3u`=&t@Kv8IQ-1P9velG7A4KphP`lWtSXj
z(Ex?i-EMC<vde5VQ6&<KN{kbwM~to`u-8v3qf5u0%N!duj*TLnMnWCUDEzm860+&1
z?2;ob8laH6+wBcUcA1SPszhQ@8O^1OFEG0Jf-!U<tz1YCT`<%O8HN8AP(pMuWtSXj
z(Ex>vF6QkGM|PQwCR&QbqH=*xVbJJ;hVO7%Ik)uKaOSad#$)G@P9ve7%P9P}fD*Fg
zr|gm=EgGPZy4&pyM|PQwCaOdNT^zFKu%ca{*YL9heu_Ypz-t6ZfTewfz>5SvL*OX_
zCkag1fL>_534rWE%L4n~Q_2FL^M9aJ1fKU>?WyTF{=@+`i5>5^<6kj3H4k{vL@#|#
zsF6FT(brqD)d@P<$zQC+yr8?iX8!~GAISG}kAnW~Yu2HzTjkW3IJmQVS0k1|OCirJ
z*>WxBh3f`-IOGVaz=*fRS@idm8pz(BPfE&z?cSs>D*4oe=B#APkLjBL>a}Lr48*QZ
z92l_0qfZezxN>jip=VDV81S~2qMM#;^HmPV>D8NL74noegRvMSnFj_i<SKn}hlXIZ
zR$%7gT8-vz2H3@|&W5WTb2Wo}^kVi}+dP(YsZ6t6RLQ77|GQkCx+SAp4ww6Fhs*u*
zm(vP>q3+Kp{I{U&XAYOL1Xat*{;z#WG%;ij6--S}trs0Vk)FRSI*0_CzoTLvorc<(
zR{Cv^*#7yG$jzUG30DTC?6;uwGuKvGg7RghpXR~K44FekTJ5xI79Bm2o<Au%hy<Fm
zd039HgSI2=;H|2(0$`{x@8Z7&Wso_-$`Vv9D}yu-US`M~DwrcI)hs%CB7Lh$bP$Q#
z%3u)*@0wAPH(p(HbWDDvMoCa<=NTn2T<mR>#H#wJPigPOB1TDF1@W2FCh0lCXukx&
zY?8k9_#$~Kch9}d0Nm>{3jZxC-OOZCmY`}`=_ZpTUS_y*R`G46`&-Z?$rg4FUB!49
zd+ue?NF<h&ZU<B7X^`}Dbejke-z5x^$^(Z#2>AotoQbNv89mZ4doy}k;BrMcVAipF
zD8f(PA?@B8cjvM^ptqGB-X2-r7^ftC_7hLZ$?IO@?&$Sc<MYAidsxO4<nz}e8d_+D
z!~Y-ne4D$Qn21l@FL!t1#K{xh+#RDb+Ht#_9z9z8D#9F3tezbkIr;3_a|KRiDsbyh
zTuQKUR~drp*|R5}KJ|2gfx+j|Re;Z<%Um6w7vwWG75fy$n7u9Tg*}(gBU2v1=e1?j
zt%kZat@LG7E3!@B{Cec(*TV}WgHrZeQ2JPi8d-w!Wu@<Hv!aP1bErs@zYeutbo4}e
ze!b`*5@`O8ig|PxYDZcbu>C&<=HZkBV5kEbl(OG~GLTl`#vx0PURDNZ9=yzuIaH+8
z4y$I-(G%%;@LaAztZ~>pEPfLKZLA1P2j)*xK%3Kf0c}9`@!&O9f&$uL9=wbK+VC6;
zXajzeYFI!U-jf2_oE9BK0s(Ctlwr8iQ(bV1zJ(VF<R}TgO=Sd#oMYZwU-f-ZRvtKL
zjY&1$^x_`Wc+-nkBy7uo9WWTF)RfD?uwtt8qB&xD-yy=ln}lqKN(>4DTMglJm_k;d
zQ_evF_4{DNIao#p?q0EXQk_z4mn`q~rH+qPun0b5HUT&BZ(#_l*aLeTibpEO0x*OP
zyfEM}dapb$OxL}|fBX5MNAQ1Qqw6f50>1)A?{aRQMzpdQ#DkTNEAehEg?^>R72@BL
zV+sTGNRY?Osf;L*s<BFL%pN@7V&7lKSRMj@EO0?v*lGXgF>??iJ6Vn}*`rLkZK@Pq
z5T<{Z5|^V>vFR(b>wB-HuEu+35Qwn1hbnum+M8v}=G?3vN1Xe3ayo%1boRRQ<m#k~
z5PwnVc*I5QcEsU<S*00-7MOz6=Li<VHCh8M+_JPJlSxyt$8ad6bBrwMt&x#;pap!4
z3Vw?KSu$$J2n-Q;g1~VCCjfMMo>q*V_IAs1zHyo?=h-PqPtC&UvoJf3Z_&c~t~R80
z)aL=f4mWOor==s)vd3uIlWp6T-g7eDdg^YVyeV`&_^#rsUvDo9JAug;2`}%Q8({#x
zc^QTO78Fzi!O9Y(mzAB@UlnDB%%OrU3)Fhi(G%&p5z#>;ZYw((%JRl1x3HG39G~=I
zs}7D!U<jFe*xz%q?0l77C)FuQ><GZH%U9rBBd`nNgTYP0VHhrOhCKqY1(9-wUn*Sq
zC2(FS6};I>dp-=mY;~Q*^V^r-p8aig^GW2GQ+pfV3w&Ys2EKtI{HkV2SWud6d(Kkc
zQ87DU3P&%`*~wlE3(9kNx0blARLj!1ZRO_wg>W0gYmrduXCh@}f|a^4Rz=S=C8Eqt
zq+EBv`yHxg&Kfl@ydl@9l6Ot9pJmCGRd&lrEq7Q7Md~8zSV(Mzu=4v*Xe$H-_<a!g
zy?$8x4P3tlS^#m;O#frHK~U-7Xpb?cCd5W#ZjWXq0tuuvU2_W=wcn)CbpQ;^9HPkb
zo;yTA%Y-$9+0k!93zrE!jZ4Bp(CBW&uKfcV@eF}J0;PqP;c5qB|3}n^2r&z%k5TFz
zf#(T)iNG-euL9`R05+b-e+$)bVW>WSb!z%r)Unb<6G?{J&7K?*%tHGG+Y{-hms>g>
z=MvDmK_dUgwoF5Z(a^Eju<d#!;<3GX;O`*B<(3<tV&Dy^GPYR1MP<u%1gPXWE3vF>
zA)zTRGh8{V__ng;O;EzJg`GoJdpL}I<5QxINT4{YZh}MU+{=F-%9rpQlrLf7;<=!N
zufJ~P;O%KA;SV|oWr}PjS`=Abe)}O)t5{hCmi3}U^Fw&^^+jL=Z%P#OD{cD{a0T(M
zT$OtkVQzUAZ>%Z=mM+XKdwElQq8G#5rCJO6H4<Fa{AqoZV|&hD-g_I@iR*xn+|k?f
zI`VttdV-~Tjfs^gqKGYKsv;rB7Bg-57TMt#i-h($2WaO)c$IB01H4*2Y*t)J>C<Kv
zi^fbz3(=BYH&EdvqK69v2uI*$w$Bp+JzE<+xgt?oQO1EDxvvtCXc1o}M$FQ~xLF}x
zO_^&c!>$e&^*RThC08Z0A#Wa@-b=-4>YxMlGMbuE(#J5q#JYI_P0Xzf#pa!#DC;Ri
zKfh-7dg9o^9VT%?{a*q|I=jbc>B+Wjo!gjh-77IIk=d4zVRUKF(afGvV-GXTM8aX1
z2_s6T+#VHXl}NzilBjH623t%!N2Zvh*>bfe(@mVfE+o@UJ4@~NxEfo{(4`21JPLYd
z<>Ys1b{;!l`3MP~aqfHd&+%~<MVqu6o+kp72tknAcpUtYf&)fi69SZHskd9n|4!+w
zKpaH6%3j_CuNwiDYAq08$#ErW33AWX0AtJL?o}=J>>XoyBDdnG1)>)Zsr~~#t5D8j
zwf3y|!+PLn<*|4?;Inc^S^UHZ#vtypJi<Ss?~3V4w10x<ZU&Muy|16G)-03*?WxgU
zWVyypk5j2ca$3hSozNLm1W#fnMuL}c2Zm(v9kee{%IV$lXpuo_J4M<iGCGZIC=tAP
z65C|BPk>n+EHXfB20jyz!MzlnPQ4UQy5<JAWXV&J2ZvcDE@GujmD%DsMN`c=aX60x
zU@X@$x*1<4KvK1Q3ZR2g0I4b3JrdhiK>0H{p+_g;mtxq4GMY>!<5on9Jn>qwF2siF
zuen&QT}I0;q5{^ZTf=TDpxvO5*WGg`EZ{IrSs+sqguLcPCRPIWCA8l2GMJ{=Ic9jm
zTa)1l0+qQsB8%dzy3V#@8@N>gEek-dmSs<lf&|JGI>~_bgO<h4F)a&k4b94}3eiX;
zP|QwgS<v;&BQOvF+PZ@O7L*=l3MWfYwXF2eNqCtdbEpul7ilQbNF<h&9!9<}^~i9z
z%2SClPp`x+0>4k-j|jX-;4=iCBETFk<|swrJpT0c0OWWP2z0+!7YyuruQ3o9^M8P3
zuhoZI5~D2+yaeocza9UI=~%e)#X2H5^LKH*L*KJY97=0vIsV>%4wfoTdW<M8#K0gy
z3p>2xi#Y651Z`rs$E8XEnpmM_Eo~q`acz3aB1*46QZ-n`6g3{y7FHmyJxz(W6SS6h
z6cI2>#N4{qpqlf7#q+W~@u2PGSv+W&g0!9N<*}+ddx06Oaa@UaYf0Oc8duVGwPFn-
zah#;>Hrr3ZaaQ8<a*k4LBWSz!oG!@XX_e&*BPLe<wCY{d-P+T7cu%X->uDAL!c*E<
z(7l&17c0rP(35lFUtYrtJEh1OZ~0I3mltVV)%;1UB=3?Z=8*T^Q>-L=d*X!r-oPY{
zj&pkUl4{gQ6BjEfk>*Itn8L;NRp(d!#tG5CJ%6c^oq7^9>bhaGMQ-*6dT44gb?qwX
zybn7Nrc3XArN38}=}0qrsW*8!k$eq=E&ZEqzA`;Mr62C?ed&<CH#U_xd|+VU5$zjz
zmuEw)#o_**efz^@rh*;9CKKZ^-3%nIB2Mq@275eceqTw9$8~Gqz4|NT;VQG%MG%@*
z*n{iknRqlYVOG#K99BHCe}>bTHRQA*c1u@m+S3flEjY|NE%qvQF5{bt3qA7wA|$Wt
z{8DBHVw^6;qNlY#!~|SacrnsmT!L#fP~OiKnTGAAEc-xM=Owk1yQ;wfoYraWpAz^K
zff0akqefJK)M-29Zy+vw+SdtupFkgh(wY$M-%z_500fp}%I-xfV1hXhvfNUUoTDbs
z1L#D5NOg#%4XI^>I`kmcR&gu}aXy`7=|JpOU!=jlZ_(jRUD*x&*>!{2hE}2eerHQh
zX3HsK%c*zTx-)HkMq6LDWp{Ra*R2|3{iE4UhteAd?>2>+L)Vpe*ZJyOZ8NE3>F_ZG
z$OX)ckc)k0T%m0d*Y^5rq6`6Y?Hr4b%Ue@?+_0;g)dS^O6>>t$I_jx(*HdYQprJmM
zQTT5GC8UR!B}gwTPtkdJnIUti5Um&4SfZ6kpq!o6;!BSF#+l6aBgS?(u^&kzL7wXT
zw}=vAPh<(w%gPZtH7_${4i)*WmlPV`(b~>Y>+P<AtybueFPbFn86$;v<>+o!NeWkB
zoSefUm=Q#=Y+{kZuvQ8VDvSvBAeWP6uuy_{)4doovPzK5-nIa=LluZ%_jc}~^J3W^
z5sR{%kp~eh&*Cix6r##*J`4-XDSLS?fG!KAki%ZUyR{^OON}du;A%kx*F<U^L@<Q5
z*5NqoCc8}jFGU1nk*gavRldh&l&>_i%_!*W?{zOc+P}uQvyH5(2ND?Uff}3anT%aD
z1GJ}8+ze_n$z&pV8Kyl9O)~WNXXqpsBMmlbJ}phaAi(uA2Z|tg_sS&EJV|{RKFwKU
zR0kSAO6Q>0k$D(uKToLz0xQJewm79I-Yz6gaZg-GQ<!SnJmk&cT9~_7&tJgw^;-bY
ztq?Zfon5!b#^zz8CCsq-0b|PnhRu77ww`QDINQ2)t}VTO_uYmnhR2&39=D_sd*<O>
z2!PEkGYbDLD0`TEL6)FuS=mEKjh7iRhYHbpk%khDL}E$V<CI1OJ*5##^khr|FB13+
z0V#v{E@cV4jz8fHR2Mk<L3?#zuho#MA4u@PT!Ki-H4@h$`nvP0G@vcLK-xzn0>iSG
zD%=8xURYT5`T-$!h*S&)7$y|r2kL4aU@!xoiXMz-9bVR+Q1l=$C-7j<#a=4KF|!9A
zlxOk4(oVMCg$HFXfw}D2l9iVW4=Sa?1xt&jk}V}3tP*%I6sdOL!3KLCj<LkrVAruZ
z7S$m`7~rvvB!lNk*2NCVc)%X6CiSyp3R}y*W8Wt*mS9jFvmlx==fG2}9jn4qtb5^*
zgRxXs^%RLQlh4ERDV`T=oXyzSvt;&gvbX2c%<m1xOpW|xzH7oV&2i5>uUgtGlx!(%
z%OdqX0Twtn6lsVw3X8GoRfM>%wx5vwpR=GrZWVk3D|FNFY|BhipP8CUY18qEc2ZIt
zZoiaDeb~IOZ{NV)zW%-a`$zlx4nNX&xUcUsW@YT+c>lgf;Ne(hGh*P$u!%Y?&bmf6
zS!SIMBp01dT!o-Dc6G|E;byeaD>41bDeVu?<|YquRlsf{p~F5|BeP?y$x;(zR^psM
zojI)E9YUh^az9MVJ=SlFO+zAQKTr>AIM}iE*jEsG-C?DS-9MRm+RcEa{28Y6oF%|C
zK*ZU7s5-WB??;GmvjQP$`(VV}gjzEsuVkfkf%XGB!5M&?H5O<0msC)Yvm2%JICkbf
zXxTXvo9EhZyPvIVlIi0{a2l<Q<|ZN;<l5wB@_r31^dlCN*RV0Wt~I-EZyF{SO)c4t
z{n@sTyVaGAq3f0J*7@q8`mnf~@EigO5OCX&F$TqDE{5#|uD>Eo$gnqoon!kBfcc@;
zWM_up0j`c#aki=LmmmK{M5Tp0@tYro4>B3hbz48Eg6terL2q*BWT$&`0e57$GUxMD
zWDU($`#-~-b*dM7eb#z!t@e??U}cf@zG7{?$9=?660`o;)_bOao>k#Vk&KU%*0X(*
zY{vcqlhpnLz$m<q{v&1BhfWw%`yqk<MBu*>APlMfX9Dcg&tXDB47FG-SIKJ>#U%N>
zhPB}^$HY;>>SntaqHwmD$F%LR02Z=nS)Xn0N;mDWkVSU=#=EsahA-+J_+nMsS>Ox#
zNfN%G+zPa_?yvx0z%I}|{w#r?A`m6OIED8p^&){BPT|j~i~v#Zf>Wppgg;mZU~vjm
zJ&r$d(E3Ej`y_VuR#Eb>0rmFneNIbV#$u=6`8{-TaS1^bFud^^pc8LcvKW$>3|17u
z7==_&l5+E=F4uSj+?Qk^^5f(Y!0#21Y_05R)vR%J9|cDT3|~8}{V_hoJ1PNU#kH#d
z;R>^5d`8ot#(~DeVfSM;+gX^tB=m8(R>QN-Y_&_7agdHp-LFnf#zBXh&C{uASj)KU
zZ5sDzF_9KOt@AuC!4})NhT)bRG8)Q|V=EXqcdD+z;h;ervi5%ntZ;GC{)+A#H!k{X
z>R5=@&0C=?;+45%6Y**zO*i>Usu<m8k*`f#vz>$4j&0el9ode~yHx=uvZ`Sst38lX
zVSm6|WentP5(wE;?k0gGvXXlQ+BvpGAa9Lr0dJLwMk0Y?rU9^a1KfXW2*JN@4dn&@
zf{%A@@Gm+EFGKJzJI8{5@zx0Vb!$j85{V^czqLBif;Nn8C<?B9FVZ8(S@u4lG6J+5
zvByA;&q{zhQ&Y`-u6V7q;*Ic^b|emic~DIHmBiGYw`ov&=|tKmR=)3{^gdR;2g9Xn
z(y@<Z<zv+Hhanr$?TtCo7tIiK;7}^ZljGOSP%=LKYD#+vdT8L;Dvn*Dl&+eNX_w>E
zq@Qlk9B&ZARAxPIC^XVG7G*KM3kV?chH+szvmEug*fXTn;~mwi@ougZ^VvwRminv`
z>9L&yy}lba^7|vqNhjR|MEZ4|*>&u<Wmk4{7|2fzT`zwZ$gjzcM>sHFLt!Cm^1?#E
z2#^~mS_v{(geRKAV3FsT!6I)>p&)8RBav8A1{|13Bg~wOZpx^Pz}qx^`tAwc1Ops}
zQO$j#8@4&%Sdw11NrX2UvCR_h{3%ZIP_Yf;%sq6HE2G@ju+2w@ZL|R1AG7k6sd1o;
z*=qdXJCl4VnR+#8RwGnFENWp4AelyvJ8bNP_F4^fhJ_5bXPF?h)2z>2zKnG&KEWuq
z$r)P2Y&=tpTJ!3chiWe6qZ$&zYwIzS)uNhK>a$8z!{PyYd^2uL^L_eMZA{aV-MTxw
z87jn`*^VAJrm;34J~WR_ssRl3P)6au1?3P6KqE^~wX7T>OvB3znL~wWy+}ieMk2AK
z94dur>gj$Epzq&-X{>0VtmZy34GZ#qLM&fTYO$#+cW&om83hI4<9+Y{44{*yAt@lq
z0Y3%3A8G!IY5lBr_sJ=iGu>Z>i&G4&N^1mr0f+R>Q)?u(ctTr*SJ=_ZTW=yPC!i$?
zlx!_+AS90U9#_f&D~0Ya2x|~&2>j9N{t8>H$eDXfVXUX+wpdwvS`X=Ifffx7hs#ZW
z%=BM0{o~kwl?1hf?ImBLn+?;csnlfZG7KswvH#vgTr(@juZ>T}brZTYo3!vSc`Qb8
z=8frI1_GA}f8;I%{@I=)9J@6q*ErzMiJH<nSFv<x+tAo1RlBI;D%Xz=V)1e?p?mGf
zU{3n~1pt*=zm+sh8#b9+_L7FFb34>a4Wa7+QZKb+R30e$w|fyEdcHR=KJ*R|(b-BM
z4D|IGQHJ=?b}lDA^n9;qBoYV}omHE^{)IQbkXAZwXbd2XT1Mf&1*PNq7evlVETatP
z<1GxCqYB=5kwz13L}E$lD79K`q`Oam))BE<RRub&j#P7>t5pL%qbK9ZI5v`uPn<$n
zraM2tIlL+2S8~=WTk<?uUPSI($Wf&f#tX3ZsnWGR1wV%CQ}82MpA@k^x#Jr=B#c+U
zHs${1&eqd%yA`cHt%vlqEX`u8r`tf!^rhL|HlNbo>Di{Uy_2~Gbhdx~b?ry^ys_3P
z6yS`k`pqD13Jb|K4EAl&^>}I~Ic@VXeMOcUdl1)RW0qacV_p2SMeQ+NCw2{nm5c0y
zwcUgQS1MWFi^lfK)k7UuxpHmI!;0>8>xYDfNqmiUt9C=Sr8nC=l-;=LZm^;*biM4|
zkgvY+>z{uE0e%jpw;Zxy4#Pu1dGh!jEDjEShv$e9;*G)XU_8-CBv77J8*CGdt~rR6
z0SpyZ@cg%+bTJbQS%Ru%rRzFQ!pjVqLxpI)NJEK6BC(`cd$KbL&akI2r<-m(0a{SR
zq7@A6uof+<@m{pr(cW8IY6Z>Y4xKIZkWRjaEs)2tbe)T7iP%LfU;hKWUCWnXwf+V4
zHBMH`UcSidvbPMT=0yxF&m%U6bx2b~80{(fAu_qqo*?5#==?bcjP|Nn5WA2oh+TDY
z|Ii%M%dKFf<XJo!9=SBxreJ~%gG$=bn?#s72jXvwCED%{cB~pcYr<fE#FOdU&qq3f
z|16YeiCGq45@j#X*~wm*RZXdDkx#8;OTi?TY$?Ot)pDb~N*3l#hVmq1Fm^b`YPQSd
zf0(-pqeA;$OTRG@%Cmmhtd1vNNoc7gd5oErFfW1mof(3m-NX#DIhkDtf}4AkwL97}
z*_T#{Zw}1OpW)1qo>N?c_-j*|S!;XcBmCJ+9Kx`;KCUI0=e`+4kkE<f#cSICMkjko
zc$Sug)f?OKp*(Hv%<@-ans$dy@?Qx2R{-FCvX;^g6DB!BsTD2&b|6qPUb8~QjZtqx
z4bn<Z`=7|>2LiQpi)?S7JmlhD1z7*@VGxqBZ_PGr$*$Xy-LNCu3TLN|xufakKCm!M
z)?VjpUjNHSei5!d+hMMDWRYS+Z=dUDz)&GJ=f6b-4*Ur6EK87HrcR>FaOJGx+sgJg
zA91#@bLjdee0^v*=g>&cVFw@AS&+pr3^lv3=L0I=3cBbB+_GkxjyDJgaDc!(k&oCk
zoe`8|RePD_)r4_ot7i1Q@t8inx8JNBVddcphA6ay^bs8*Fi3#A*RVZj3uw{Aci#T!
zqavCL`xgHY7wYic3^~5<m44dXV1Ny`VzSQMFb!fM$|siNH`C`yNLb&xXAeS!`WpcJ
z!*63Bepj}&-6`_6D8Tj`7t;y=Vv%GN{##JmiKLSSNH3!dUpX%`WR5C$<3$=sv=NCV
zrQIPw0Nq<q#ea+*;EVJOa`gQDR6&4Hq%dz&0$m?82LoI@LDk*_8)%6F1RFPRW6J*H
zsfjq3G~lfpVHVwqavBtW;vj?%F@x{@6Tm!9YVACgvcsa=_VawN-%-ONXxKH5atL`N
zm3Daq)K{-R65{lpz(n@=6tUqv;XQUp$^rCVbwPShP<dXVC_(SlFnX`nMeo%)f)skv
zZ!SuT=skHBPnt+l88#K+qW5HPPj{C5-k_`yCu3E!B&C2nkLN5U<tAoFN&(r+b9S;9
zX61Bm@op`Z0;R?kShwU1B)w-lX;d;N4N32{*l&$vEL>aeu@ZW(K%6)QG5rp)n0~@d
zh`GGVs}$6^JS*P6Cgvp6{KC(=oP-4Z?i~u%_5OWao~&?{aol6?cR)PZNDCLIg(B-B
z>m5!tD}P>voN6cx^EdIV2nXgI9~l;DUBe<y2f;Ng;`7<~-h*pw8~!kOHI_(1QmF00
zQp+q>XKTQ2F@cGWa<c+CorMsetp+psN&?C)YCnTlI$SmzfMjrQ|7?A(#~5vRCxnJ1
z3)IazF)qcti<`Cfa8|Y^H8VXmGp$>>2K}YP)D*X#pkR4A6HnSS=IH&gneG{Ra+{We
zg`3-C?iVnI9VjC2bj}`PO6j7Ouc3SX{wAMyM{?(n(0?S0vZSI<((_ymXRMv39?t;4
zRqZhv=PwD25*Q=k!6RGJ(_>WoWdg?miaC`r6E!bt&&@tpU=n&2WOAUQ8@k@v6rK;?
z`t;lW#Z6D7Hy(dyWB2@)x7NMgu!!`Ao%6M~X5a2#+;B46wmG}?XnM<|()p};L#C<Q
zXzE7%yRYf#rtU>GOrh`)SslP|#KS{WJLZ;_8xN1TYZ(vEk+X_#D?Q}?C0p1zikQ~~
z7Zj>-j!n_?5NO?X8f4Ktt3s1$ZH2UJZX&G^P<Le%{##IXu|0HU396QrUF7P*%M6)A
zg=oD<Ly1NrfnqqyWtw&yO}nwbFWsKqi)8KGf6LE+bH87<YcK4VAsLWA+V2;)hZoR(
zzcObP-&XqRhR7Cnj&=lY+HKW1$42^=Uvv-&jN{;9JSED<>D?tjT!WA(hXVVoj#M*_
zcT*h5v*Z1C{9A!U+49t<xDzL#{<xNCpaJbcXe1)7i0yb^1JmGSPNXOqF-t1JT!7&K
ztQrg!(ToP~({jf<gkK2)FprcIY>&4PSCZSV<yH3bWLRV`5a~5ifb30PO4h1mOG(NV
z3gP#VbZrGRqlLWogZJ&VA7TV~y~}IA!9mh`lJTymNDQHT9)gso7u7l-!WYbkO(2M;
zNeTej+w*DW_r_Cgz;pdceAk44z0_4pF<i-(f)$B03a|a9NV9{%SovF7h{14r?YCIo
zM=WZN_9uAAW)-P$^{Lo6^tfD#4@V#Pro&=>f)P_6ZgS{^dGwtgrVfr$)VCmutK$g$
z#&p7h2qeo_gHF_}$CG+uI`K+8DlF<j?djuJ;#Xr)xHahz>X<dcZa)E9jzonwi)((}
z{au=0GXNcjb}gT>8o58p$~m=MqROJ7-1Hy_BvRFA&tnBxsp3I<ff^G*W|LQ+p@Kqk
zN{jCDAi0W>SC-GdSf$)VRU=NPp8)_-Rlk7(vu)_ewjRm0ZkzjbdVO!UbI;r+XsWXt
z4yD@$@2U#3uxex$R@;n1J9)Ek$=ihUt?;`gizkOeF3&NCT;95XV?2dRZfeambs0@v
zX=OLjC0&c^4kYJ07%)^24*a*M>}H{WWC^O4sh4PCxN=tUZDseH`<*T99J=CkR*iFP
zq~~G3<vI<r7^jF<WCv*Rd_n+Qqg51h#=UQ?$eK|Uw8C)4{qY(_Ro^F}W<4#pGwzyE
z)XJB{QsI>ZaRYqIk0L<<C9xwc3+!HOTS4n-)vg&Fx;9jLNKXqIM+60I%qK<6a!?_&
zm5GVH6ke#pit;x~i{=;sqCISJP*H~(59-84O=xT(cIzLRz)Sly&Qn6{<0c&(T1}fq
zI7f3`p$5|;D2Pz7P1K6g2#n9=;d`6`TRF9-^B6uk^nhKv6{pd408S6|WH)Suo-(_>
z4XR4E_`?qnLWwXoeM>97^Vp9Rz))cp&3_9@FO!<c5>zcKy|noAGDGH2AzCleP@<7Y
zpcv-W8TH3ZZ_p{Nc(1G4bro01cVeYoS9y-@x(Zr>@4D)>)9R99?X+qc$Q4t{M(N#o
zk>2whrR*?O5Fj~(P|8*Z_I$9RDquwxV%6R<j~y7Xn9Rf4dRhx!t_%mwT2g^W=p8x*
zp>2YUEnR{SVFmI<uzpT@$7V>2h&k@p0KAMDfS0@QamB}w^{gn#CQ4nTT!TCrZpnH^
z0>S_sJ3{>U9F$<u=p9m5&fI(Tw4RpRL22!2J*3qWLMcyLClY#~r{y-+Uwc{)?`e4i
zYetaP2m7|%e8k$*dU#LEQ+I#gJi3Jm-F(E_(|Slxi}4Y6Xfd+6f?|e<TrBBk1hUlG
z%?Oyp02KAo#MaocODXNDE$MU*`6CR85sEowLh@>bHI*ij=uvF)lZj*;dv>_agf7K)
zyRbFiw9lO5Jat+NCTIrv?N}+J0*BY!%ZAB0yACtRXU806Z9azG*+R0;JU&Jv!q?pB
zqC72Orp>&NwSs=g(h%3TeY5&{fc!FFf8%wyWX?f>36SfTiM^^pm&;#Kzf9g3ewlNA
zXD2I-V#cT3M@Vz92~ecck3yRB+zLXPBhtC>JZ-=6G8vA(oNG7=XVN^wQJleHILdQm
zILaH7;poevjYyza+|bTB#J>VCRD@dRzXhd}cKntFNH3!dC*Wm<%uxkzyhsCyHX?yy
zI^CDv_!1eucQW9#eqT_wU&lu1F0*u4u+!;y8I0fU998hfWX_KHxcVWx<YmrIS~8}=
zy?~UHk%>6XNLjpfxfvTb7bU%J^<Y`j?;!X+iD8gyWX76v*sPMRiA$D^l|^dEmIH>R
zwfTmn6Derugci_SOB<<UW~HjrAk5LH1d~y+rPJWCj76o+HF%V0UCz|o7*FWm?Ca;I
zO64%18^xVy;&;OTiN6!g{7!f{mwl4niAYQ8k+CvzB1?^R^KWV5H&^gYtYhEA`WN;|
zQ`eGjy0kB7UDcLmWE3mkd=Ii8hKhpyx37Zj10#ERf2E=qbndN@wjS&IQz9E88yy>y
zt^E5durb-xetdhI*c%r*kE^kcv5@_hCM&?U{N7kKi)i(I`wAuyxxsPWp0)?TO*Pn;
zVDk&l$mbB*vZ}jF77p@0dEVXgf_S%QY|oMHOCWoD-sSw>xZ7JC=k)9)?@q~<0)v)p
zDfIu5t$Y)@+DLn(W2}~MLRaV50YF}rH?FO-?}h!J<Ju5*0H^@I{ZspyM>^S)SI5-I
zHjZ_+f5P#v8tLM9qU;lYCrG<Z)Jgd#{!Z+qJ7Ik-k#2rhKH=*#aE9})gxMY1#qUkU
zC;N?om}2+vY@omAU{4<l7%fe<v`>MnWt(+|%e3bx{XM)|mfd><S?m(<eJaS&fif#3
zrZg<mE>kaxP^Dd>)C2+Umf1+QQP|kTX8#AUmC5f?%YRJZIRdQr73z~9prZ_81<^5)
zWG<W7FU71xfPZ*@W1hp*@hre>onzk<+Ai%2R6}#Y7%Wl<&S>qyf<(?9EN~Zf?6Pu@
z@3Nw`(-2(*NN2^AvS!6qcng~FTS!6#g8fIyS)Kc>Cz9A+CP}^m?4B6tW0oN{tR>}O
zHd|)J=X6-31twFm3Ed1%r=pa1$UTS`(+&_gNMIj<M+giMI0F!_x6I?2Ok<L6)R(C0
z7y)K2|0<=<0a%-`kZ>qAJ)nJ=ikS>#h*D1wI8NXM00ofMb#jVx?#DuDOS8L<d8zX0
zM&aELr~Vl&Zn8Z&g?i2slH|1-z$Enym|Ifywq>_;{SXFVh<e=_&bA-V?mh7Kkg@et
zcH8!B=dpCh5H@3IXneQ4YJJ_^Kn*E^|JMdz<GNqo@Qn>OPX79{-+A^|&Mr3Wxn2p2
z^*0j`L9mD-MZ=09B1oyAA&4b{@zU#{Y~F>)*YlSd$P0fBQ}_M&A#yb{j;Az&ThCt>
zF|9=c#WcYyMj?lKh!liFJ>&r*UBCk##aXo#a*!LRa^)b`EHTCsq#Qgc<QgcuaZ2PM
z5^>~2F$q7K+HSxSA7*ZQ$l`6sqPmlI$wL?bfV{2ppj+lLBr5^&5m~%RxsshDxl$A2
zpHU42NGv!ePtU_D-!%xbX#N*<&2OGJ>N@5+jJoaD%d=|Zn+GUb&CVMM1`L&}yrJP<
zfYuxC$5a57ww+w0wpOVVqF4;JKfPr?o-bg|1Ew+f^R<(Bj%X(yt4Oft%O}@$1Fs7}
zPFNcnf+E=9^|O<B&2HdjamBhpmc4zAZ(^s_tt2<>OmBMx@s1Hr?k$KC0rFzXA<FR}
zeoM+=TIFekhI<R5LMnFtSj0HT&~rx(weME5p&m#ppG_bBtOX7Avl)f|7ErFjZGy5(
zj`SjHFPe!2+7z)u9EFV3Da^7(O%PR~#yUoX2G=gJw%HpIp3bt|?r*aXOjPB!miF^P
zv?aCGU=qtxqho=?Ujegz$!5S-#3YuFRf0*Zc;TdjNennPASGm(b9ltTDZvm)s{#9p
z>^bHziDdAbbHIpRv5V~9U=jlkhR(B>ygMaZdNGOKV+QOQL@GIx7$jGdu^?v>6}h>f
z<E);H^O!JRx5tzMImRT$LBv!ITSNlAMcVHG*gA{StNde(j3}_khijQiLem%pLSUKz
zExe9ZI%ipSFWTX%+y$Dgy2ogUAp-8DSEtujth&~6yT!HKUgl8{^(fbEn0q{Q6ZW#3
z*P2K<{kL!uw)~Q^;+=+;{Ph%TK-g&7j!n{N4cNY@!T>rv4-5nV8!WNe*@6;IQvfen
zf;9F<BdpKMuxXl|qfOJAAONQtY?>x|B0Ud$<r)Op+X~;Zh%AnV5iQ3nVg$2GdX*l_
zEP)r%G}l7uB2^F|gCU({5nuJaS5_J5dar&%;HUf_94Zg&vV60sk++=^$#1;vlz8xn
zW_k+eVv`BP=$3&a$l}grqEwA>m}Gwzh|Y-&;hW`;lsSSyU@ujY?GKi-y;bq~@SWB?
z5G0iLY~Q3azSIdDWiWSpA@?sB-ivlt4Y`b$Ru|rjB#ZJa-f}1rC)u7GlPt<!p2*YX
zqgCxVhj(ishb-Ar%1~>B@lq{mC^&MeJiqdASodT48$92JcYqx-oED@Pg?+T-of0VC
z9)XzztDZhua<TE0d)kX9Nv<bIf+^49`4rC!^lT$y@ig&mIC^_NpZwlfoEjoOneUp=
z5tX`X$KopQuIK%c%UnSpt(Cu(LPl#pDZXU7eY8eT&2DrUI>UIF2V}F{uFOjCwuwvE
zX6rT7Aegk?K7J*Z1e=SnoG7#REt!}gX3?y+Dy>aT;NvwNOH5jB^5IIeCXq}`NA;O;
zu*14pkN9nbCF7!`W@-{!vfA}3<&to>w}#}~wl<BYuyYlQ9!IWSw3oQP5?^@d(6Bdf
z_`)-na<_$rEuR>>Ki{pKiLc0gt5%~AOQUr``&(EoR!UfCU!}&36#4JyTg(-!(`#vR
zJ7kfJLMK@c$byCra$nyJxaEiSo3mX{WZS#5n|cs7lvwe~&2{f0P~5s~d&k|jTDDW-
zCbm<e<uJZ`E)Lfy0EcVT0=Y&(_3iRmf`1b^jPo+MM%g)Xe6m}^*=a5=8i@ponZr0p
z6fy@V5+%Gy%zE#9i~*-*I1ITNgPv;{PDF{c40q(L;@e6uxroaac8+Yvn?R~ijdN_I
z=VPLSNMIa`wqQhzr^EQ`^dt!owICeE>jQmON2>8AO4{+@y@?W62vWA!gCtE(YFbK5
ze2zxNpE!i^^q-(KhcdBtb}tq``+j$?T5}b{%J5OSih(t%9@b9cdCt}*k__#(Uz|*h
zzjS989y{=O1q*%>gm1160j60&EQO5&_Ye*&5IT?Axs12Wa@b(yn5*3kY3p$s?dv%I
zO0n8a9yjkz>ccptF&g3+fiDv{4v=S~Wv*u|(zq69w0HE?#Pk)$9+|t{sE@t+Zp<ee
zzl3w@U&Q#pfpweb25+VQ<O!qhER#Ha{k1n<ODmgi>|@}KFJ_d@)^9=COxxV?oRwHc
z8ITJvGh~h`c;iJHOtcY+C1rCF0m^qV!~8FkY<*zMBSa{;0)Bum@R8|t9$z4Mhyr0P
zE0|M5z{M9-N&$m+@HiJmNqm7kizfvtDSSamu5<PBq(fydP>_|5b9lFwe1V*ecT33^
z1O;E9Pyl4X7f34xIhMC(yC`3PuQJ5H%KEDbT}N!(c02qKlo&rxul_F(_yasfNHSLN
zAv&lU_T}VIHNQxseFGr>%dsL(y1pDl53)X<o|Sz(cKZ~a!14X04?JbmJ?;2>w%&jo
zlK=&e<-Y}GD}55O0O@6v;rrobhRjg~Z@fqYi8dm!q-=Gpwgvo|zDc*^mk7LwJDe*m
z_}f%LfL2K1&r}xJ@_|wo;2|uj`hk|@M!K~loQOWo=;{Q?mb_QwAEGAzyDu&@6|UWa
z^WaDU{|e#-!C!iR;SulET72E!@l*2ff;@{iFXSyRkiERWInfJv!Rfy2-CE*>QsYXz
zP-wS{7W>XRFeETp?g1OCQh1?yc(x`Pe|4|TUTL4jlb;Pz5k<kMFstnvig@vToWWAS
z{xq7|=;CmZb(?c=j@TG3mIxaKu~#u?A&2{@N~a>ZmG&zDW@G+9t6kxLm8QJ%6+XmP
z_}Ih*)U2EHKOSpMXVo(pSpOzwNvsUKNOxp6z@2p4JFT6W)^4M<8y=;MYk^1Ux{TUw
zs0hi`H-EwcDz>TRzXhc)ts-uOEJ1o%=_5Xcml-mL3ekFz#uJT1Vo9+Gde=8jQX0Ci
z@4t&_ul^git$z{EN#TKFi+%6@9QmMp_l2|wbKwUI|L-Lq{P=zE)s8Rk;eGFg<bx0I
zdsl~N8{)4e^l8ul@}vJ_JOIlQ<9n3)1_8EzcbQq9nw&7pfe#QL|5xY>%E1A@hO)5#
z!%7eY$<#E6hsW*%8=$9%hs{1yH#y-#2fs#>qqDB```7*+8t2m?we0(5BBumC@%BQW
zxZUE5G|C)K&cE{ARuCEXmG3rMcW2vo-5Po;X6!kZ-Z~_s@X1ep;8q1TlLa89DgP}f
zpiS_}%Mzq%Gg*A{yv&d}wwWw%jm>0lRft9+;oeNP06FsOboYLfz>9P<NlswVFefSX
z9jYKe<bfbZf`R@I8WnrTS*rFXM@p(K*v?uO0TP+HdNqc4a&ORR_!Eba40wl;!Tyd#
z!^lML*R|T4+9-ju@~90-s|&m(u8hLj3%a437c=dI?B&fZh+d4^DAih08>L#7rZyfD
z7g8XC9M>e>$Iigk({elOI_WUa6=v;eSub5F+OVK&^@GXX+|IgdPwOFlTj20(hpnw>
zeuU?1nNfmxXY^^5ZCgg6?5?J;$2ZT`*$W%b2Q3QQicW`h{E;H-xMNtiP%fxjC_R^+
z_s{MxGMsB-t^qNRV*8`HFTvfjhGLQWwBN?MvSLc%cc}3{1h73ff0qhY%rjV9<giWB
zTnn6A{zt659eSn_>_S_1!$t}{*SrplLR08^@Lezp>+N{BJLjNa0LZaDV+sptjRs>g
z#9q1nsxUgEpe#Jcg0esvLakwlHV2h~tD{w%Rl%EVhudKhvkPuWA?zk#T|p<2W*2sj
z%r0pA9&UEwWoiKn40g&c*sUSp?|cITFn|<6dRf$8SbE43q$%nzPU(pH%X2L1FK><T
zzVi*Dkw`2l+~}gPVq~74Hvu9^gkq#BV1>G4HR1hcFdCgmjYp%Va&aax2~t{Tma=AB
zbm|&Wl|7a%FpM&KwD_x9VmfYCi6S$|%dEGOEPY^5%=(#)iP$*y$t8c}cn@CgI5e7!
z2WGD_*_mm?Y*~BO5?NyH6GID~rOzXRL#rh~M1;jelgL9OJfjh#qLEhD3gAdwg+^in
zOKQ%vf<(S)7YR%e_&EaKCNM|fy9EB6zy}1%=x)^$*hrw8KtF-w1X!3JW(h<3Bqrdp
zXiIjJ-9)FU9L43%OvWG6ejknT^XarH*SqC@zyII)cKoH!_Z8pIR{y|Pd#_@>zwDl`
z5Euygcii;>+}lv)-*wjqaIdx2|GfXMkKn!bpg(-q2XL>s!hi6t58z(iR)6nZAHcm6
z{!RY9cYOf&9&4e70QdT;{0C^D1NT}L|Ngr^fP3o{{~)CX@2v~@JL!a-_ckbWYJhv|
z8vPx2eE|1%Rr~kd^#R=5wBFx+7t`*(H_%NJ1Gsn2-{9}Ni!erg_qv1rcA8iFz2-(b
R3BbKwA^-08FtqjZ{XaU#P0#=U

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_multi_provider_scanner.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_multi_provider_scanner.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..4fd4f9698e4dbc5934c8c52c5acf9af69ad8a016
GIT binary patch
literal 50912
zcmeHw3vgRkdL94*-~|X0e2NtHFeFiyK*@Yalx4j|$@D|EDV0}nv`fYaM1T}l6hNN~
zN)Z#c?slh9X3~i_smDsQ(`B>HmfCC@r^)U*yGi40cGJAt0-|Ixx5~tw>`dykP4%$H
ziQCTf`_H}S+zar6AT4=!o$wC%<J|MQ=bqR9Jpa8{TN`xYdihVopNT#0a{VRUh$~<Q
z?&aJr*Q+ko#ayae^*rNd9{yW(!mD{At`k1yj~FS{tQsj*&nPDXEN~*of+uQN&4~~T
zov3BCC+b+;i7*TEyxwQ(Pc*Ow9`-%cc%q3looHswCt6s`i8X8ukM}>*dZLZBMO-7H
zp<SX;)^DF%tsV)f%1CXWR}HkgKI8q2o3%UVRfB3xUlq?E8d;~-;$ImF_9<$eS#Eus
zYqLuYx4YE(k%m20##7h^9@~J}MqBJg9@~W2W?Sq-Jhla~Yxa1|@(~`_inulzw~5EC
zMO?d#+sxzEA#S~l+cNHnZb;Oj>tmU8E|N=WIW01lWs%&uROGp-iCp>=%U(<;Q%oIA
zWHKq%6%3x{nMSi0Q*3|mkx2i<L}b#;q(!u;(a}^Yxj&LXG)rmODK?tYBBR-fiPUH=
zl|+G)nUpLL8B3%mwEdARp2tu+mqxMC?1jmRR4%oXr>2sTEK0D{WR@8f@OB}GtOZR*
zHT#k0LL!|>XU0n^!b1lb!&@a&IeK0sof(~&N?H{}GKmYRNFtL&6$vey3BF5xI~c9j
z!^bD5`q}8YbPmm*Vky1x@wCR@J(V0XUr(<;HIc}n*Df4S<Wl2Vc3BUJZaaN>GNsp0
z=OJb+J(1Ew=FK>IN7I9Jhl<eEQMX<vik+I68c%1UUcK3A5cJkXu|^eoSXA%?-jkZ!
zAR_2F1DPDVjK?(fPocjvx%6lvm(FH*-{{JuIf%NSrSPhmQOpW?RU<?b_Fe?wRoAdg
zi}6L-g9X{`R=uikpSQym^-u3Qj-Je+Pa_u-6X|5c)&r4C>D;-9mda@9vlzr=YAk`b
z*Sd6HE_*(enGVt{e1wNTTyrj$o7DDqcPA#(T@%^S#Kitb`}%edM!l>a4bf{xSt?0y
zl9<r+Kq`}*%%(FrO>aTx@~IckVF2Rj_#Ea})XnHU@I!?)dWVR9;Q0QLp@CB;N7PJ$
zjUCS>QzLvCj7(ug@L>D`Erht}pSXsuq@^&4alVi^pQ02RTDBGyc2Lb*0A6-|uV&3c
z!`g+G^;akI%{vyFcH|p(E^OR<C*TYDZ@YXx|2<@L=`H7{&Zbxf6JCoaQ<D?f%NOuQ
zx-Wwn@Z)-I(VOUAnyI7a)<MNxA^h`^`5Xd8Bjb*_hRjWZGK#AXBNlUW=&5t<_QgCg
z*RWTl4*5mM`W;q8c!+Q0;?DS0J!+Ne?QwUzF!}*L`dj4aYYAG*k;RLqOLup(X4If7
zSlSbqirTyM8qomTK(PUI|BF+pcsj{8;@%kUhDmdw#W8cum6outPDM-sJ($SlSo-V~
zdR4DuiA!;o8cVTM2D?$z&**h^AExG1iuowqdi><z>Hen&2ZrJ&hmJorpq?J;KmGK{
zK}K!TtNZ&A`DkCXinoKekT*-C<VYmK+9+EspABNb*iOWC;a?j9c-i${$Q9bSux86b
z%ZArp`1}j`=8l>EnF}-VH~Qa5zVUp%@!&#j1Ln)E_RjhCV}<r(w^};pTXq&&b}lqT
z7n(QDxL-N4(7N_cQ;=p)(C26EsCE?p@}kL2*S&88yy_ZpF*ooj@F=TNJ<O{%s@@Ub
zh@W0qt$GBx`#h@8#7)(ze?%Dxj0E~TJiS`20>)D)l?8#*YLJ)XKNiBBZzMpu5EtY*
zYK!7(cwC(t8VMjijCyK$O#MdSIJHicR>Lw>J<`zUSL-Pk@N1*mz?#OZqD^|OO87+6
zjQ#N4emrw}e}80>Z;wDyi5w8krNm{4cr;^o8O>(K(&JMsK|72X5Up!a56GKQ`_iB=
z4duNKfLC2H_aXOogy>2lE#m5S#at6c1mL*qntSk?TMuGZnJ6ym(Y;z~VvO}5U8DNM
ztWe@{Af;S9uCFP2n=TRmIF+acc-ghkzU7PEGwh1@UxfMavKB<M27sdG($2-3>qX#I
zG=~xCa?N$k!}cJ+OBJ;tl(2UEl-^$44tv^@D1MKI7Hv^N#uTHciAz3tGh(pYh<L}H
zro(KPhp#c#iOkpByoJWzYpj}<@l-CpcwuiTZlq(T6R7cC9l*=3Tj7W1!+Q(iy?JHt
z63wQa3{<AO+l`INGst%!whxi)D1g0LbrWeV7Z>}9rmrt<PjTvVD15I50Nqx<Js*zd
zmFVJD$XQ0aD78ZMbbHW_szJ66F?yp76KE-RF+G}cZrcX_bZu(Vpo!!x<k(KrcQ`b)
zT;@}Fux51OLjAUU^iV#0IIkQwX5Yg|be?!C82+e-Z=!4mDiafwDlVF!O(4xcVa1Df
z^G(I?;gChOT7N6NaX$QTA^dP&dDv+E8YE)xw^IVzD6JTA(PZGuh}LWo>U5mW-Pi>%
zW*D`7z7E&5szKcq_3`ztE0+?C2v1G-r-;%7&LJuxo=aZ<F#{Z^hfE?NelDS%LzfWW
z!}<WOd5twotz|SCdIPd@>JV6NV&ZIK^t?u`2AVPPOk>idLFK?}dZeVU7Ug&zRcIXm
z923>IFRW>QE&KWGLQCsHQ_I4-4GU}6-Kp`{2XDLlfuPZWyOEpkEYW5iyBLuk*u{eJ
z_=Rk8YJ$R{c>Kkw#Dtj=j)T%-T5ckpNoBG~u8zl(*--?%G+{Z`Wsjm#-J490=JYDW
zu><rF+HqJvfdK-vu8m1ENFm-=pGHV;iO12MAY9`XdXLAAMMCJ1?<kCrE(cVj_7#AC
z?)o$D<9EDnU*}9me%rpn=KXJ;E^O|9--Vdlez&i7);p`dv1RtmwYuAgt9`TYJ^G=f
z$MW0u(#>OZ(>ddvQU6VV?s>T*v$;2pU%O2AM<{*U>~Si;?TwQZwe5DDYu!V40wG`U
zou<~SRiEE?+lTONziaJ=tLiTVZdcP?&=qX{poT&&0Hf#W4V+Q?*OB6g+N(x<K*wGa
zh5A+B2%%}jQQxY5wOXQc1*jfq-bCj?+|`WuD3?U%p`thgo!0`L`w(9z(Rmo?yb0*s
zEDdxnLjI9@8#-?QI&U1W#w2PWwgk(B_zx4Mr|{hA&SI3#nZihNiV-Vk!%pB;y7XGU
zz~Wd}T4Fp^v^&ZDwVrp<nR+|MHc%vZtawocVn;fMBK950n5XTF8Z5Ck6}U$`2)6u<
zJ8mlLjFFQFd$6c!w9W9XhKRz-Tg@I5=ce4o`t#_ap((IA7gC&AW9Lx|+YeCGWLir4
z#>GvxbzzE1YE1w@nRV?~`{vhm71njl)ph5UZvF;EY~M#g_v{F2XGiHdRNUCJ_~O>L
zEpD45Ue8bs#|dy6*X#`3yIitG#HYN99oZx@91$hoP4vj(rxs)H7g5zcBAzjn;f5=L
z`+X{HUwU_$r<Oy+ITT_S3Gj{VfuLSYZklwuum8EnAMImAr4&sV+FkXniyP{IX)htG
zB(;EPI||{BywYJbb`26a?s7)2>yd1q^Mpw4sFV?d1g@O#^Jfq)#&_(~h|)V8nz;zc
zO;h0rfJAa_OCh+=AZOG)-Sl+EkW$#B3C4EO#72;X{V0JK2*e5e7=cj&gv{7k0wriH
zL2*msGM1z)ob==aP8=i~6M(iw?TY|}x%vom?VK4UbhVSvOiwYo>M_t&&mwfyXrZe{
zN^G>y6~EtVpsTG0y4w1Y(G@kD`a@ol6a7S^s}^(03F(E2vVIz`Io-7c$`T}JM9^uM
zyBML1B8*TOSuvWPjBr@dqNO<}clqL`N#yi1RFdzad~TINN^&ptBD-WGjXAl$^syYd
zY<BFCE<1wxS$gy#0`%zn#wH+@i8Rq0)YB)2`kx$#_n$iT?9=^&#|NBI%ns)kI-;4M
zL&YZV!`a8)Lbx}t^e)kG!uK}zaazhJGYQR<PwwgI>0JUDiEXT8;EEB_t9T3}R($zQ
z(bs5~Guesk_~p2EE&-`%d@MTwxxI5!IELEo+*M2RmRE~f#vTZkV$)QqGjfVLx6uJX
z{UTNJlISz$jFJc&(*M1WN`{4xXCeC?m11*)5-W$ZwwG!BBE0pl(I$;nDaTvkjaQTN
z8+!{Id*|wQ<&|9qk~NUkhmBSXAlVw5(o#u|tJupZUW!jXOK}8f&yx7$u~K}p1pBkg
zWPf%M{wQUCIxT#{*&%0q;`i;A><_{=_J{5a_J=|)0OM7u#YOl;P=NP(kmA7pRJDVL
zB<6>K@d1Q16HrmBSzug=2K3g`V8fxQIwcfUoLf#M-~B4;n?6pdmfq`JVsi3wWHJFQ
z#U-evpu{LraS8R5q3hDLv8joP%Uwkq9c>eQn!N%<Xs3L*@W5?pParw>>~nW}GVWo@
z&#z(H?~IUNgodcbl1uOi!z6d&R}31MeQrqMJsHn12^5W3Pq$m-%~ZvzhQcDn`rTs&
zGv1hYh`6VcE8`m`o`GL6pRCQV`m+~f)%%}vxw2Qbo9R!wlbc<xVUq3hYlxO&$ptlN
zbxeVBRXH=>=h;K}2bUTcCMt+uLxep_uFWpdPC`b>hl-v;L}tmg*)`lKqC}fTD-)>S
z)<)7Xlw3}wPrB8B8eCB;*A+d-v6V6JqSm3$Dz(lkg;oVC=9Z&YF{fX&ree-&kyEYd
z@;!ptnhB^OwKf*$ar3+2@Fvlzwz@DoO0UhXSWwg@ep66h9CBxT`1c=jPyQ5UW=Cl`
zJh9x&th>*d8D5>47?stTxr~{q)@Ofnh)AK5D|<fXr=2Pr6T43Gn?>u|d1q{h`LHuK
zp82}9Gul><<4zT;5v%4Cx;x1|M{Vk=;(JF(ZB|=iA#*3GUBOOLEBZqGnmb7ic9G}D
zUC}jz(~6;Jf20@sDC$rdu?rDIV_fs-)uzN=_Z#ZQcRdvE{?K#i&^7n;$*tQbFYk$J
z!JjY#kwXy*^+dJp^t)RmAz&u;Mzt=%8fw9pqQRFUhm1mxMK!%@B9$T23o-?{=F_WC
z6@gv?y9w+e@Ysjpga+MEjz6pyPt(1~)WeL%O+Ww9nl%QwELaA-F*o*E+`6Epnu6Zb
zlg^+E4$`ymQZT3Ct#RlLynL5tsBl3h+3UYn#r`e&lg$#i2Jm5>?Zx&|hfH4H8*S!V
zbXG^X$h?9PNu&p#i5(jl8XP!1pc=w{B7vZPh02AG9{Uo{b#(GF)c>SZ(i^xg1^SXn
zM)VsPBt3-W_}M9#hNLsl+i>d=O>YDHl%1ML@~rXkiR{_L1lN4%fw-0+6M{*m*Y)!;
zkhU{TV7AzW1k{B;4n<~$Th-|GrJbrbJ9S00&d~qRtkZq4{DApTHN6Q;OxWubSwjsq
zI%k*trq6z}*M9S;abq-UpYf)~O>eI~UynUsQK82;UrZ_|>oU}}J9(FC5Y0maBqmH8
zB(kN9ic51Z{qZt{ch^d4`8D){wgEF7HZ`HOSEmc1&Rgd1ZC_PO@Jir4#nrI+R&(U_
z_4At^D{Ojfu6f_BrpWBRLeri*zN&`c6(4dmZJYJYT$*d_zEb^8L)&ZXKfnIxH(v3-
z)3kQJX-lDL3skm0qve~n%#mO-I_u`35RT3(=HHwW&4)YWtr56MrDR;8=+20KTZz8%
zs6B_cLs2}=NU_(A@T^-FkO5?0ptg1vnmY4J54E*(F1!Q5*%vt|gnQ-{^KVY+$%l8y
zTO)9jO3AoF(VY?fw$ekbGb=$3afhOKoRMO$8{yd(WdRvL_J#1eyt04(q5Xx2_9Ku-
zAiRGbG5qhkvj56Y8o?V@P$nbp>P2~1u<ma1nq-O$pul2TiGq2<*|0W9mhEiVFzuH7
z8ZucAaZkU*qzUWHZZ}vn!F{@H<s@rnl_WDLTRG1#o@!hci)O3A;mHDF*_bzC=iI7)
zU!~d{+T&0g?0t;dz;ad%OGYqOCGv6xknBxLF2Q(Zd@<jUWU8!88UHYeFZdOc$UIZ6
zR%d@Irf>%F7q*+}CW9!6pCQTgnHlf{22qIxKn4ZQ{J2F1fw+-u;gBOMCE6(&MC&Pz
zgp);Bi5?KG<P4%!I%2g=guoz5CRdauR!pr~Q7ef-w4USGN{i)|twRZ0DaY1XrO>LH
zin-;eRm>^bzKS^&(JyMqWDtXDty&ignq*zg@D|aVwz@h*ob?M<M3T6oPLr$ybC{_H
zX?GPf(}4&tJ2S)gIWy~5XC_8PiWOF8rpvX&%oN>YO=(xznR&l^X2a^tT%DPOLo4r@
zV22wG>qAEPRIh`**7+2Ro92gl)uq%~_KQeiUm!plX*NUPmk1D>#d#F=%M|(*0whuA
z+$j51guo_#`lGR=PP|en(;RIv*h3<I*w+B`(BmhMKLaCf^+)=Lp0lxyU6g~kMD}$8
z#B3R@{|1HLB=B1VAfIuuZxQ%y0>4AxKM?p`0&f9CL!4jJYtKKXSuBrUZ+4ty@bzlq
z<<cpQeVdBDPT=<me22hy3H$+p|485u0kjZ+#cc^=KZD=mM-X61FF7u)gyp)BV&kb~
z1%7LpwY){G`GVlLzOZw?y|>Wbo8Nun51*V1oxWY=SsT1k3x=w;oziv}+IQ#o47@cp
z7kUn9>w|fv?Y*F@cH^zKj@L)#w;n8PJvi5P=vHgT>`R5#L*U11>!`3uKU~;)c&_aT
z((~O%3av+ZhTAoPrr?$8_nN`At@3P=ull%oHsUY43Qb*krH}Z_uDLMm!usBTRve%Z
z?weQ4zd5BZAMTd7M&Krul5vHiJ0tpSrH?pDvl8SGcPNU-87cO<5q_gr7LWndvjn@R
zD8=kvw?xbtoO~G~maya!Y(vHq^Ek1DV3wfCGcG%`q`I@GV?NH_j0p^HvNvdhaXFot
z0ej<#`N7^)of)vPH{M~|1Nb#WBCnFmLH}hv#X)Na21T-kf;17W<m`=A+JU8WDh);g
zXS`O_N@8!U=Qy@9=2_G_VsETcj;*swp;f+$xh0ERF{jjdRLm)fU)682H(+?dxK^9&
zjbbsywz?#<XALh<wPck<UzqGo71$du*qan)rURq=vCYiD>deHbtj^5k%}gnlvF7y0
zHZy~(Gjnxja`vX;o(cA*X3*e9W-v1=a4p2JumS*dG7pAV2pGDZ<#GTdFqRyEp>Em6
z6(y+)lex<{jK&!Xa2<3$TZ<d9hRRSsvZSVE85Q8!+B#13-)ek#hRrp0URl+Xfbw3Y
zxec=0k>)0<nCR(y>oIeRR4kIp7PPfx*G9JgP(yfNr{=cN)i{(XXdh08OZ5rrH!o2a
zw_^*6SnD_ARjW8fJ`Sr3Ns)7_iwcyr>gDvfuL!sJhb6u0r1U7E$BELlo+4EPR_m~9
zODc4`8J!?X*DB>q8_H6kbo~``Tl8zCdM*03+O)a=^{NJJ^egGy`DJ^m1Fm0!e&w_)
z_Tk{5O^!t8Hlr}5*mMZTFCHZU(Jo;xfq-R7(M5`I>l7s{CN>!s6R<VlA{Cesd>M6-
zvA`~FM!<dpx9m5mez=06FgF`0k^ekT3Ck4yz#{=oJNA17<W6o^qxW)|jy+~K`(w)e
zCjgqmrrvI7zl+{2p4K3B%jvt8+{cUi!z}Zc^ca%B;Y?TkCaA%Gevq`^yTHg-)P9Fs
z#95xsSx;U8D1@QsHUF+Fom}N@#USaX(s>2SSu?I+-628do};Q{CK<S)bQ&hU`_SCM
zXt4bGnm<Jb_BMe(Bk<n{BnePSqYh$+*lPlO6#<O~n~uypch?*C9k{!>&9~=nU$t+~
z`;7tL4x<zm7{$N5gnIX*8W%Uyh{3CkFfJyeZ|&XpQ2#VX%7$ezY);5c33pWk&n)nH
zv&aw5PT>bfm>8F_DpoM1iuPLUy~gDvyWlp*umQI3wKmoCl4ZqyY$>o|V_b#3+Y5!X
zl!!RiCifoEHcLHXDV|kp2SSZdN_&Q-^4a3O_--%lk8SmtL9VoR*l%GQ+A4BeimJ>~
zR?CvZ9&+5}%2+K+RrHXf`c`1A185AlTDG1N5$&^nA$O5jK=i-F7HE~t`gpTdN`#zB
z18b1g@=97sxU51e%h-lmr5syll|rlRmekI<<@~U<#yO{@zOK{)slG02wY*jIrtPT@
zi#Y2SSZ_I2%MLSBt@ELp?6-!*z*?2Uq8U=f@5VyKQpM!wibkZ|>?E0D_{@kUQ?$K-
zbH7Qodc~Z}AB&Kfw`#pfSJbKvYGbU{l#2z1m*2wyQJ46&tU1Xxd~yPI;hnbbGlL)7
z+HWec3t!2qq7w_&?2IgKwbSYqQ-n)wt<sL8xp?PTUHeuqW4(UA*S^Edlxu&d)iM#n
z+HbzEwcqj&YwdGuZmzjz{|bF*aTp(l#hLE@Q%^_Er!K!sR34il@Jj@~MBsG-L^zkI
zuA#NwNlZx@BW`kcVi|8g8rAH^%*2X3T4c-&>u&ZHdI-svbVZ!g#6$Kh@epZRyXa}r
z))K9E37?}Y>Zb-zK6~=XPZ{UQ??;qH^bFU1>$OD<x@KA}&r$kK0^cUUJM{M{^c@1<
zB~Yy8W`Be@JFB$EZiBqHtl4oVXPHV&s^MJ*PV+L^T>LD|x6jA3+>N9m3M(bZ4U6Mt
zRqz3tsD0VP`Kh%Jzy6c++YT4D9e(Ra3TvOsw+%w|?YFeom9*RY3tRWkwH>(Cx;-D=
zKi7I-8QN_ekZf-M<k%z=2l-GT{LqZM5Z;W_s`KG(h43~6X5otqpb*|Qk68Y9UD=fn
zZ!^L-D7@JS&)MP;p4}@;$iPiy7dO@Z#F#&$TgV;N%!{xg&npAMJK4aSFoy;xga_sk
z%m1z`1NkuCnQm`T7#8Ogp0mXx{3eX2twKilZDoM7wMFMorBu!f{cjPcScR$0ucbXc
z3R=tJ>@1m`%^cdPwxD=|^($+WXHr!u(IP1zKmTeOBNs~nB|m7Z&kS<D&_Oq>dWpI&
z&lRe^Y%1pG^z|h{U2z$q<hz_St<c%~W7VLqtIs@d(buZ-z>R&S{7$ru%LuKuMXa6>
zAy7856evE$q63GVb6d20rFtb_r3Oq|ULh0bm?CNUEus~+r*?=q>lbY-N6Ql(e^Cu(
zUw1O#&3?u_MfWYyAIlo6+E@+7s_x8}t+BGT&$(A5H}?r0RcoxmAKO?3F;-s(&m{)K
z8ermF>+fr2HLR|zk7H#SMxMWjk>XaI)9X%?qvZ$=tEJ&6BmyU@yLxu@J<`+rNbep)
zS^B>y?+kz-Qp<?vi)ccNB!+ZeuO?Cpf=>45RF{;>PuCVboYC1X@sP@A35#5}1z%$S
zp6Vvdfhu+_p++#ukuT_?M#6s7QV{@E8b+kXk;4B?w_^k>`k5Pn-ln*35O|ZoZxQ$=
zfo~BgF&jOHI6Y`R{+eMuT1qniEfxI>0-SDsheCf$fHVl4WahS`WlThS9BE_WF+EQH
zwoRvZ@S8%yX??&+WbI5LFHubxJeBrG0CX;I!(ww!R%qR|$lTLT5I-^3`s6YQ;&&R`
z<{P7h#^~&(LgUUW)eGS@LTRyU7Ure^i-=5|)3eA<gh4)Dxg_HX)*TYK(t>gm=^2!n
zWB}0%;f-)CJHL5vVKaG{%_BeroB4NL*?Z-m7<V_UpiD;G42WJcbHTd1$!n4+GBBs?
z<?pzu5Z***=eF__bX!YL(B;FM<N-J%fa7uWmgXTloSPGObZ$=Mp5ryjTr%KzhE9@_
zk9z-plai`8d)!IMOX_42+?S}6rBJtwdlMg5C;RQ{Wb3q;GkIx|aBB66iAt+Ijw*;U
zif5~o6fELZ%?kvZB-24uR#$AlBq~)!s*|C3u&I+biMnldISMk%nnQARvRbpmSYba}
z;aG+ESk<nM)yFYbAU^8ss{dCp1=znMK&YSnI)T>-a9l3w1U)29qQJHC1=tGsA?AUn
zfv9`>C?R^H6^xjb`yPlkmPh;7sVOCB|1FBMFg{1|C1_tB6cN?}B{DIRdKtK#OUEQ`
zcd`yJL|snjU*hDO4SpI%vy8zB*~I0gL|x0OU<;w}{uQEdd13=HtwVFIhnIuGzptmk
zf#DXy8}iE0`K?C_TaO};M<9H39x?pyx^nc&KQ@9lte{Lr+|2Xxu3+8W<Tc3@89;%>
zQWyneP7;!PUj-5^lEOf=Xk6v=^|oW=HVY|B8e=;~zEXKhWz9Vhed#47I7Dmn3w8i>
zlzdfdZ}!Kk=FaR0I(8@t0h_kd8O=+HMa7&Sx8|;{#MhW4jl_GwF+`Z;ie<I-p8L|=
z)&CG_?i!@lzEN#@U|M_XVfbMBfoScUSGD$b8L<%FamlhI{fC^_s9m!B_tRphXzh>J
zMO&s14qSwUEIk&X58?5TT114b%lKy9PPqR(tEKRXs!Wbd`NYTT*i@#A{TFN#EDtbU
zL!UY@zhh?{q2^+^|4tcZ2>cR(FA?BGaIrGlJi72MCI2;n|4HC01W1=0U1L)ObHde<
zW?AB^64TcnD$O5gQM4t*Y>5m@>VRQUOQvk>27wX+my@;Mp@ecuUv`&L?*Wum@*0O7
zvJ8HUE!8gkYT@H;aZ_{4$3j0?UVc@%G!Zk}VbEX@Tdj|Nb?1EN@j~bE{6H-KBO`O`
ze>A`D1v<fO)A3p&tJw{6t$P=Vv?M+J_w)pFiH5gFXn1>O_mJbMJ$A=a*U9k|gk9u9
z>IQ|O;iWKl8fC_l)2Ka0v>lSus85Q6D>%wBtcmwwJ}+s<{2tBv|3|=sdB=PNl5|TY
zjXG!pX5SNl3TW#9$d38xyWTavC){^?8ez@6z24XFe!rvHXSgWmMMjZPUZ|U2_d4;j
zJU7Wq!IxPSeJw30{#8jh88{`}06qa>arz&j)@g2)ZWuCaqbYnTF`dPy*0^_M;Z#6w
zkjCdY%h)de9Qc)$@j}oKSGHY7t)-XbS)8=a51b3CU=1zLkyx#CXrH8pIbT%;Yv?AC
zzr-54MZ{abv^CSk_1;peYsB$*-|$*-XHn>|hORE_DOXyVIy>9KNoVrm94Ml#g2Pe(
zITR7kvwlm?%#cN-^%O_?!{Q7?k4fqUC2gfUtfz<&xH3uIh|*+t40l*7X(d*p?KzIE
zw1l^^br=I%DaY1XrO+z7+c4+c7GGucnR8A#lPb2r;;V#<t^jw@W%+R4CVJCWmv~8$
zgkR8?QhzS`+O*ZR`*3!cnUb%fZL8#3!W!D@18IY673L1)$Qrtsud>QG_nT!6T`A}C
z$HKCPF2`3bzlY0NP}un@N4wH8YrpwE*M7_D+AqsjRhmI|zUm*w+9y_|<bs|4$AgvD
ztj^5UnYlcy1Qk{5pk9T~esC-D>1NgZln(#+;3DpQy5*?^y9jzY#UfJ~eCK@h9DQe)
zEt9D?ENq;3`Y&Q_aK_$nLeOU8?!QJ!<+yu2@KpcM^Y~`<z>v*Y<vtjF_7*+v4nSE}
zy_?&d2-=@>=P>pmk7ySX_}p=393SdT!zr{l%BVkGmcuaYPL^NQX)q+3zpB(cJ62fx
zOup^eV)JZ^b<anS%$d%`?B2&J*>4{xY&|g7c97d|ADwIMH*{T1wcI<|`cJ-hvQ^$*
zc)OOO2qA~~<U2xpLn&dlv1p8IrRLwNG|DD}?fWnR4~P~xn1D-0Jtm*V9YIK?qbQ4`
z#AcA2fIBeP8Ly3XmV_3V3GZS9)n$IL$j6Pp{Y56K)fRg>B*{Iil@82qvq*JjsXvAf
z7Qv;%idsp`ZiQA_c0qy<<cb8Vlw_{O+j2x~w<c0-&v4EyN3CK`ixsQX0?8J`nBDkb
zQK>QeCedQsQ=J+9a;z9El(>rPB0ja{z+{%4nW6ifnYF7k69liEW2-aMa=2iMVeB*W
zVKL9G-?B6Fe)r6})tR|EGdTvRxMzYD3lC0*xYm?g%}08TGYj^pUCZ|9R>Dy=+gK=W
z?r&*HYrs_87xVPHSV-(G064WF>SRR<QjPQ%(({|~$#mUdvFOV>LiMb1K5Mc6x9k)f
zO=%TbtmRjgAr|Ybp(2%*{T44ZyK%1du|;Z7i&e7HSN%Af-_ik7@qPUE&L`TBvpjO}
zpG)l~|G}^?O|Iv?nx`8d{%&$T1+h=|ai^mRr##Pr^{H`1aPkhG@4VSD^QeM#sulJm
zHbT}x_X0hMU~E#hladx8E%j&Eq09@&%p#;8{80r-&X*zKoLeMI(NP5)K=AOd2*R5k
zjM}ZUs`pLaPmbg8!D>HaCVbreZ21UML+v2!oxV%lBn1IN<CqEB%GIu*Tn)S~ea7+p
z@gKxO2k^dGYgK)7*{iDV%*01pRbiX1)ls`C1R&J1WHHO`%uY+)?21;EEQQey+jbJ?
zHE3x%h2N(D_xmJt$q(Wyp7br?pM;ms^FK6W)%3u}N@}53G*+?{#;WOuXROA7#Ul96
zc*k7P=0WyXn6U;;-*g-wGEI-AM-#b}IE~Es(c@o39-Q=P6eoSmFO0$;k6tH;Vg6N4
zE$XqpBRXyWgeZ9ky@qP^z&W9<De{p)w8U=w-+KyR3vlSGu9yqh7Bf5BFod|$OLgr(
zgS7^t_&H$5nERsZRbRyQ9K?Qvfydo@tH#`D4Yhv|Uy;3yUwlQ@)77K9$261zeQ&sQ
z4jdd$WpMbK9o9cpK`BDIC81l1pG#=*Bn|+jGo$#@C}UX|NgC&QyAB#(FFo8PtNxd6
zQ1Gy>alPw$*>&6Hi3Ii5u2(jFqx;vp-}-c6*U6vl|LOkgtzCb2PeGo~Hf?tQLSVD|
z`_e&8XxSiZ0c2~ak+!a3YbmxJ;5ACIHGh+>`NM@>r$qDFIx6vZcn7^+I93uJR(hhW
zK~4mb1D}_*bZSd8gq*#jF<tIKFx`tW&arbSBJ5^wQt@vSc%48SHNBC*AJOga1K52b
z^%*C?H&BL+1inMLxJy}Tw8bq_$e3Biw}O^AY4j%^%;fv0Xq!gM!hQ<e;uURfkL-Fk
zi&@M^56`t8S<V@<-TUTupSZsJ#N66v0A~|l?EXS`VfTqEb@{c=EQHtQl^s`KD9~3=
z&A;o)jw{o~-3==!lM#3I1$kE}x|7j!%8rF_dtTXjHB$)hoL9`h>&nh6KVjV6u!1rf
zaaS|)u26I*qvw>J-&^<49a@_UtsCZByRaVbRpIWQ%lwLx-?d>A(l-^QZ=&=KIQG64
zj-u*uKK$5x$FV}kF$D4mgpbW5hW}khOgLhMZ`i^z14VY=V?1X5g6;Mug{`V&o;l^%
z0(~I&$@%S17Pdc$Kpuhclk<q-f7cO1U&*E08@8~_K#|+`$=ibM_9lg`s$?D%`MbNV
zuJ&i$8m-dbJKS<|vzHst4&uD!2(61BCGY})IDsD{5TaE>P72s20!fN1vAR_#fdE;#
zYAwh?R<{T5db#7^1~?9WxZU@Z+pyE6e51%BFWmF%-lO<gp1o~59;a3V22_Ow#{<!z
zUQg?AfcEppjqN=BB~(0pjG{FhK!AS^LlkE2_L0$S25uZO(%?2iF5)7IOj0-(j=(5E
z%VvsAa3x!P7qu6e;1Vk2*ZpY)xtT6G%ivdu4o~X#M0$x1kG8auOReI^tsZwG{GBy<
z$<Ki>Zxq!GNhVgrkPK3?yEZ3Iwla<^vSp@OF{flhE9SJZ(9&5CIbXM!RcRPytIJW#
zSk|$Ul=wrg8XTMs97`l4IdcADoJAqj%UqZa##xlVq1(SEAkUc;IZ@{rlAkjfqfATt
zMJYZ+Qbs5$5ub55gkv~5A;Q0k=O`3?IEPgcPvBIINdkcynwUz$@}!6^)c2MyD#Oa8
zV!<z?H#DLf?bu8n@Yp`PZmyL+DPCK5yUNFHKtj$oAY@lzbN}|VaR2u7n}_oXKq36}
zykh=cSDxnX-{|%Rh2j2<!gIEGgx@?YOUS_6%F}#rDx%!vO27R>x6;96A0H~e)?-d<
zJ)1NgfLRRqa@M(*>+5}Ip0F|C*52@gSm%DZ&gmmz4|<)`H;|vlIu8s^uQ7ZqvD8JZ
z^<?Di<wzoVA#GpuCWFNtklNfX!Ix?9Cy41n!2AkBUsUTdn2if5O-qc!gHp7L^IYWV
zw2%FdkGfwFWn4;3TW%Dbl_-3_c!vt!B|s!IKT%eGzj&zZeqrE9y=VCwg;C-+XovU;
zp6t9s<fHv_t;d$NMZig>I=|ysVaKtzdJ8)S_?=qVp(2pqp%%jGJkt5!b;QuAD!RR4
z3(rwbxP+v59=3`Yk$`V2>JnST*MVa{Im7@z+u~&I<7n8!{RCP|e%a&zT;0g+!P!;M
zBI%p;6lVl2jajy1;?TtnW~@?<GCqs!AX%%82yo8rM0z;qv`7!(sHap;POLY-Y)_4t
zQMMmw0?Mg$xlc#<3EXVUZU#ZT)hsr4S;1(9N(>5CN6YNl`x`B_79Kb|7LQjM51iKQ
zbzWI@+yiI0$OETU#(8E+dGjZ94O%NpNWdTb%Hke4f#@3sr<;#wGZ}aSN@p{XT>1iV
zeRe8mqwTpcbp|8KJ|OV71pb`BZxHxR0KLho;@Paphq4cmG99*3A`?h595#`xjZ4;|
zO^(8|&r<r*tif+lmTwaH7J=U;ATdAtKXl89ga3<A8JCAqj@H2ln{Qvr3>Xv(IegUj
zJ0tkzlzod({jUPpQN0vx?aV)Ne6IEJWuW@oiVGU~AGixccuoBNdKBb-m?C*)-+afu
zLdQM?@(6?>{4xKoBZeeYbbG@VmKhK^1A&m4y<pwl<aNmu89;%>)Q*CQL_&^xkAj6Q
zqIQS_=9iNvrXGB!uG<ZR=PLWRlVWbm4->p%n_okM@WW&KN|O9;EH_YIO8DUgj&x#(
zd?ftH_+maMmdN=VM$5vW)%?t^Qgk{h@WAOENsFwA-jSt1?*weP%o$h6y|!Xb>x^sA
zWWfSzjT(vxy<~8B`Sgy&P(tGj<H}l?{E}Ysr!ZPh^p0PxTYS!P1)~*S9j%XJwBW7!
zYmW5JB}d)zpIYYp+5Z}=CCz*GZ^Zmges39~$A(xPP9!&;`5i}*g!3$yT3xJ&2TkY7
z^(Nk8SzL)MwX9Vt*Iva{Dy;`9=ByQKPi->I_`_<m+7b(!KI!XMu%7EhUE<eV&vc@i
z`~s0!<v)$rM%PR~)^ADN$)_^BQC>_;q>~gomYzsO_=z{j-Y2sRf_v$tv1_{FTrM}M
z?eFeBdttPTt7;)aAvTtg#(~kWTA!}r#;tnrY=WiY7oZTBFod(^2)IE#_<UkwD#aBD
zoNzNLH6=XbB`WlNLc)W9DdE{Gq7X2npgcF^KnR#o(7l(+f$%DqQY`q=_9$dRK1&a8
ze29}%mk<%{n+_*54Vr%LsIwQ+Cfy7FoxM=LlAw~2R9O!m>mM43KR0l?|5<~o?4qOx
zLPqL7-pptNH_O#)&L)y1E2a@EwbAAD@n6uBzeC_10)I^4PY7_~(;pyY|9s73hTb-G
zbn<e1EX&}msJBPA-|f=q3l>n(7GH+K){tiNS(G3mzLbm={<_OZvnv+7P6X^<aRL?&
zjaoO~YS}d3va`^#bD^z$p|vx=X2+dsZ)@;M&3hqy(q^G;%dOUqS?RXBf{44kSMI*q
zP+kEjgrQtC|E?>2TrX(FAnB&kM;@xpxPo<u1etq|s*;&x0MRxl*}XF(c?F;l?wwc6
zzw1gbcY1BbAnB&kOOG_;3f3JGWbQetN@kJ)L@$Kb=aobAkv)Y7oF5@@pb$BLKt6I{
zE^>$m4i&<O=8?qzt}BPGykrD#SV5VLxS48sSFrAGQk8I$MAgjk>TO}GdRY_!JbVe#
z_Y??VJL$_m3kvcUq^+g@Bbt+6!?Y^-HAKX7$tAW*8^J3-3(5&$N$}d;)^w9=nyR62
zNoBYN3G5)$BL|}qGW?T51FIz52GG{YuOeqQ{>6lrdA_d#@+|XdPbtoGKCf3K2m}#n
zL(z_Ac$Qg~=tGHm@g!U6i1~81A2_p-f)-JlP%u8Dxsq0rv7pr#j;$<nipnbG*gC5e
zS{1ZC!#TGkBP!;!2>nVeki<sWPkU|=9cp{3gUAblO(#OX)KOq~`oJlc9mm0U;Cmde
zIGY$fA4zMGNy2zgwVq?ysqu4Axq?<mrZ1+GQ}_ZfeZx7EVp^B(B`HS9m+PW#_9?W{
z@+JT~xaSCoJK*G=sJ5MwfSV0;jev=+fo8klnvkVa8j!Q~)eHI<-Iu8TZxi@s0>47w
zs{n%#>5%i7Qn}98D6SYG>wb7kNM(`+2IUoggL1t|U`hE-w8l6d(?dCL5}=mo^+3tI
zALCP#N!SBwhH{7F;qOu|LcCnf!~PH<jYtC<Mm5msUM>}qHHi_4gHR(y7$NAmlUr>4
zDQ6kc%4?#}3~J=#4HBc4&9nYOOLxAx=Sslw`xuuCt^3MKkJiC|b=!gx{@Kt^hw|I@
z8sDJ15-KQ1AWdps_u7%qAIU4*e@1)d$Xs{}LNhONPzZ0ISIoaTWqUrnMcx{Ln^Z`~
z6^ibR=(m;aui#r1W+liW?ojlVBSwO~YJ_KAl=)=<)o^rV+UeAkx6^qT{lz*7bP+f}
zpr1gJ#(W<E+Ti#YvkpoiKt?iJ1o33C^Xy%3jqil}ZhMXIG+@1N|J{xj-{JSW>U~k8
zFcpb*aKj*7IXjh}fE}gAr>ed-K6#mDPM1Naf)49qsY@)KOX&d_rB|DATxY5KjUswu
zIx&g^Sr@UMQ(YIb$<&0#2%j=90m7%8z%@u+LZvJKptstKO-@XWr!(=h2~f#&5KQm1
zr<&VE7k7|hSvi=|28|q|iV5lRrK_)VDlZBU{$+egucgo^0lw<_3Lm4}&k}fz!1oAn
zBPrhR#bco>2l2*J6RE@OS@bUcTpF2=+^%xF-FH0IZtn+;F1P!0u76hhfmd;RK5zlt
zA@DxpcYomVxjpw>0Plxf?t{1MT|4&9clH-L`|r4_-TtcwZ`03P=ijHF+iP4KJLfm_
z6*lxOtnFE-Z@p7p@Afa$wcoD7?>kLvZu{^Hi@2J)+mwPu;%|FDfY5snZ*m7;8GO%$
zpZA_}1758YH|yNHuObCMA3Whc>UQtA<0AOMDNoGp?!5ymUw7{Z)1DJ<_fzgWF8=dD
Q((}CA9lh%!$fwr-2c>--xBvhE

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_plugin_base.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_plugin_base.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..b3c0d9e6f0858feb40ad32b0102851c11ee00e07
GIT binary patch
literal 9713
zcmeGiOKcm*b(UO`ONt*!wj#%|<MlV8Ka{ASEyc1e$Vy`yksPj=+Le;+id;!ds3kMI
zbRrcFT(k&+qCk6yfdb97fZa=-n}PPwQ?Df>yHXapwLp=ZW7$ZNQ{S8Ya7octoH)HS
zBl2<H{N9^+pP6~1jaV!~ApPNX;;nZf_fJHe#M_yTImlcm5}`!mB;N&&`q;1kJg@si
zay~$VqE!>3A*k_R5YC5b_<V#$&bQIF^HCaQ_56j{`8bV>WCz(tq`*!h1qXc=4VqZ+
zB||GiS*>7*hN>I7IA5Zov8aj{Y3WKKuhNUf%0fXCl{wv@O3o1H6kQc_MMc+BU*I5<
zN#0D1mn&m5w^%ULoKc~w*?zI87%<Y(xMHXaCAw@zrJSO{m<v?Zbu)rkM%61tBgvWZ
zMp`+GHw$t$vT+nL*U2oQ94rVd1ocb4orLm|A7DV@0S0k$uoOWmEQFGR`P?+jsB!Fb
znxWEpC8vH7hw*aG=tv|8Uq5^|t^v4CW&m0#V=tD2<L^E)<A{k2+N1c0NM=G#t3f-%
zM8HX$v*aRK;P#TE<VCwa554C>oO_@*){Xl2ka;fYTN!HPTrB8yAt+j2gca0EAP-e6
zXu6?jMgi73pF(*A%gZQCGf0(!uIgrZdbzAlP+FoC`Mb%Pysj4Kbs$Ydvv+)CHZyT?
zYF5$|IzL{@tFufMW-Fi-EGw6p638g~RC(ECsv=tq$R6r)zCb|(ip%E7$1HscM}J)J
z1hA!x0IrdL#kT$CjbFX-@$lW)!Ox>R??iWf<tOn&Yq5j>h#mY|7ogGa+j{(eij0O@
z3-fo-;<}~z9B96;F4jR5HYAOkaRr=lg=*Cy1W}`Eu;dkWmfJ@>LiS7W=Ml31F+%p+
zLgrU`#zeg`$IMAws_2GTSSlCQB~>#-rC6*Bd`UGHOL;xj+BS9qbFFQI1{U~az`V4j
zIH>wg1%#)|Kvs5)U3SQxES7RgQ9qSBr{zk>p`luS;frn{opaX@5Y(w{@ZG?ryiOKC
z+a_<4n?BkOxY?GYY93}+fYEg9CW^EJE22sTybe_4K#NWF`{Fm{C9?wvZv+5bBkS$k
zHy}eOF6Cr0XbQ5dDNCv>n-N)FD&;Fh%tvMUor+SlYZ9_NU!b~CENH4$l4ZIZI-6ax
z4CV+Ekrl(Bg}Dl-JJjL8R7Ak$+uppA^ckqb)zr~MKOhf%T&&CLa0m*(teNf7C?GV3
z06kdJT33oq8rE|kGqT4@)jajxR(U(pOaZt?9t3^iu8-e;K;Y+rK;qk7qx~$p>rV9f
z2BQr_mp=+G`Tral3pZLV)-V_RTgYu?wO;$vd|6*BH(lzl+o;CZU3SK`XrO4P(sVX3
z@(LlPdB-*Xh|BLIWCooKOBuFjJDBwgJE}h$9N;AW(!_vo(DolvU<T#HQU>MJl<Hi)
z1U32R8mOS5G^Kqc>vMdM!<_;O<KeBdsSBXqUQ-<KRG&%f)_#Y^mMwXwr4)RkneJ)e
zx#djjQgUdxGX@*linGnVVdlZDdSwF+Eh&@=90TppLXsebv!Py&VZuz8v%a3O&}5qu
zthwNf<@~Cg6dC0-KYaO7uB?KtqU&i&jk+qe^>C$+vf)OJ%>TV%1s<o5(M#w4ANA2A
zoz^-YcBCT3QaqDwM2bs^Y{Zsy+Y?B-%^A!2ZIW~WB#nN*DK$yD{X0s!;|EDMEij;9
zhyQCy@7m0T=9fB4<G_pSFSX#z^G>^r=;Z3ZrN3pP%;vL>*MnW?_&2ip0PI5BE){>U
z`ub{GIavRoW1-Uar@mjg@^ol8l2g9PezmDL>{r{j^kPwmmeiFBT04~VjMSYKY%dmj
z0xuSG#&Uiey_gn+J!^I$lH9S98WWx4fBm8YN8OT!x6w^k(T2;4eKH~&?}Jd9FDtYB
zY+yDp;KRc>+@tsb9<TCm@o=U0&xQtkQjlQ+VBy&Swt}({D~mLg39PJ5f>ux-g>fRR
zBqp^%Xdo^{A>zR&W9G#zkG{E*26q)hmE9W|n`p|t3XR(h?2FJ|V2Yv(fLpf;K@e^7
z@z)~yEOubG0yzFP9Nw*a#2ZhW#fG~N9Bc`N)0lN9X}CMPH#lswRUqU5VH1IS2nyKj
z9-o?=9y>QVk&&k|<F8Ce)0wg9b5oO)-RW7p!Mgu+EvN>B6|5)`1Ox0a(fm`NbW1u1
zfma>R<=4pP-7l<lpRRSEuC||M*R9rTfk$VE#c@5{0l0Kce*Mg%VU+ceo*s5HUM%Ux
z$k4z*za`M-$;OKXh<K=4zFaD3hHlDFeU^;`&;jXfY<lZEdaK>(YJ2*d&&}+5yE3Oz
z4U}J(^J=+RTE>7x>#6N#l=VuvT%r(uk|Bgps?eM&8xV5RP3`-c>7(c!@lL#_+TB}i
z?`0D=1!whJTji6fI^I#uz}Ty2hX$Mr_(`Pf1K<QSw&h{{a)zvU<D&Vez8o#6;Fa7}
z?n7(cM{C_jtL;ZE1#sLjv>~X|+u*x_ZVL<@&6A}bf`1rnmi)s3P<VcFWqV(5-@vin
zG<>Fedq>#kCngU%VnBc??8sd=g?AOI6|@E245}D%)XlgKyMt^LmY}V&R5qh!TAD9F
zKxI+U7n2;t%Q%ELSb!+($O*bRW7@jZ0o_>m7~Dm%IH%;^)^Ro>B+I9C<_mhRbVa4E
z7V2j1>96=EB5B}4$9){V$=>zn#r55L)}PzGzJGXq?+ahH1$T7bBf*YNCIDtd$#%-N
z3+9CPLq~c5fXU|zIm7frpq=di%%jpiR)bbXhp^=c0#rbH8o>nw=*}$j6fwsFO!3D3
ziK1yBQ9Tdf19A_;OSkx2((V1XE`1WeM*#inzytib7vy4RxN6U7#LjSt_TAubNH@b+
z(1&>XmT`OhlV!xyh#$K(jw2kqJ%vTb9tJ}(d%72a+D-0j-{@$PTlx9H7t6~7Nj>s2
zJ0p&YnCo+jAY&KxCiPTH*B!a~Vlr}79JP9$aC$<<?l}ZKAF&HXu0m*>g|gY&g5LVe
z%e@Ht5DXv~LU3Xw0S_E1H5hwoV8-Oj%jw=piV<I!$*WH`lScR4IECX$9h83>#-&*V
zuLD3Hj<3W$JPZR1P&iD7Ee2-41p|-rnw$7B!|tvIbG?G3U{x)tLFVyNYvGZAfX%K)
zbhxV4keIW_1Tm(VUyWR4N}dchtqlD!uF)j~mjN`&3Dk$lsV~`K1xwL*EHgqIH6v%N
zhY@hfW(V^k;3>)!&$J4>T1BB+o~sm!2E1vQK`Z8M?vVAxQl*GnTbarW#nPNoWU*m0
zEbGd=ip6GpjHwHpgxNETxlP8`F9kOJ_u!DDv7@8MewpbqBR&OuCF9KZQM45*A){@`
zi6#BC7wPvR$Gym)g;-RFt*KZ@x?zMNZ@Uu>?RvfAH4f3w_7n89^<=r3UAO_rk2oxw
zC%&!sMQ^I#g8dX@%iZD5kKcSi;OEOe(kZTX?ENsfp6FUj9H}LaRE5jc#F5p+G05CW
zkFBLI*V31<5Hg9&Yl8h*#b(D`)XLlyE`NB%EvwZrsDMGOnwCB9Sj3#sp)1m6DE3X)
z3A@8XIb-@jEpebKoUJAftR@a&=E!*U@L9|pK3hwiT@&ojr`YC@i&~kx!dc|lZc?jb
zPyr)aHLISUm_J+})a?rG88`j4M1NJtR1^KHi9yVayjC5~U}iW|OJvpr`|~Nb8FW!A
zb63b9H+GX+9fJxO(W+VX^u+vdeNeY6v}fETYl&o4n7RQ{ovJ31H$bjKko`-~+Q?LG
zWC}|mlbBi)?9VE;8*))Ab61!`w(KUgItCRms#OC$Z-9icQOiN@FtVOOfC+}-AS3qJ
zR*4INKkJm`o}@sH@i_-gePamJ`8r9%x$12W9vz{`N-ZBQ_GLL12I_Z$3Hkp(5QumC
zw0OXPrwCux4?!URrM;dY5bp^lv<w(KkC^N!0t57QD()kOLzg{=x`-1naCl?^k9zNx
z4<Ge;JG~*`;eDEE*{lBi(eRA1^?cxNz14iOoWqGb4}4nLVjlHg__QJgQ+^hP;U#!D
z$ntg=CNP6%F_t{zwGK?XPY@0_5QYgu=w<&xI2l<<zpm24{4#qLhCKyt7HWRe^RNiJ
zn3z}R;XN{+I)y4?9VFSok)0IT#=~|+c8+`vn!pbK67J5AIE2aWYq0$oEX(!d7o6qT
zMr*b^JULIsNq^JE-Ef+LLj>E%CzBDY|F#xn=$kkJ8Np8xC<x{d<PhW$r~u%MfL8}<
zAecw60KmJ?HEfQ@bzB&0AG7wbooo+le)N{{&}I&8xr4RrcLqr49|5>V?(?Btk*cuc
zK|5)Gel3x%CDK)4qB=NHOH8Z@_UBV5Nu*uW%G?zue*L~%R;y!BvAOjfHmJ8b&~Q;V
z1I_9ek;!DZ)lGz=hSC=hyo2C91T8KZ6d!CEK%><$qV)l}@AC(C-;W4^J@>bZfs5S3
zvs@(bGG`IR4#{>iB+L0y4j$A6=eWg0Y(6Vn2eg!R_JQM6imLBY_`f1E>=v0JyUbD$
z^igJKLCL`Z4eoyMA1d%%uNHOdl7v=F0|-#+X1BMU=f7I4<06|53(1MtqXT;gC#~22
zQ}pM6qGQ(&1GwksIPNoY^52B~lKdj}6(8Vy8w9|^DB=3Q3ZCR%=I#@OY~ud~Q{pwX

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_profile_loader.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_profile_loader.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..ebbf8ce5e47aaa0026de7d95c75c5a8d84fa734c
GIT binary patch
literal 34975
zcmeHwYj7J$df4DS1OX07X;-g3Y4q5opcSDPMNuHB6(w;c>OsjIVOLw+TP#F^6jmgF
z>jCwEPN`k{9y;6QyGvzlIdw^?oJ&P=xz37Hb}lX_@%cv{Rf!8ANI^HbOD=UTyVg}H
zYo*=DwW&(w`?_a(X21am>T%h-;|TiL@9ydD@9X}){`#9o;c!rZ=l}kt^xl7u2*OX%
zV?18n@u<Zm2p<ZHKm^65xKFr<oBs72_o{ALIPN2UnZ*Q1fX0YKguk8>O~->IsK+&v
zW(f112ptcT@bMPXLc@J0q~oomRTkcE9@%76Z2ndJYlXeKm$cVN6R@ONv0B(9DB@Z{
zY1->%8Ocf-7KE^79`*ta3qe?zhrLL{S|Ci~VXJ6ZD}=T2u+@|9NPFQ-Jd@7L`IMSh
z<%ukj&yegydMb4?n;cIOxl?{?;M7T39ZP299E*{sAS#`ilrN|A7vxmtl6)yi<kXd1
zGNY!mndnE@+~J5z^PWlOFGSp0*jA+0Zu1Tjk|mHh1fiGGQ03XHxzw26RrC+Oz6bt4
zdJ({f!YB+PdyEd<B1BvT`7lW(^C>x5^#bXPnonlNQqhQu;6%71Ji^@Cp2M-XM+VQF
zep|^T$;9F8c<OE12XD_ncTi_Sf8PYYZ;C{7S2aI#l4d9&4FA;-fcJ$@{6c8WZ@gCY
zt|d(nFveR59;}nLekVBI!RhB31s8i1x9RTk#)U4JY-@%0#P_@zSKI~f<t-dKmYT}J
zK;*OXWs;^ZNJm6(9EK-h^rmw%j+&gzjLRgIpCK7J4Fj5k5r}Gmv1}%v%H%aai?TJ)
z2TfT4{~t{OIN<tFI15<O32%r^7_q(zYqKz_&qqNRF)&My!9SaXxUg5xrMMN(ezz=)
z28;x8ml20AH(UtmuMxePoSyp3H<O>}?78F8#8hT1i*qdE)q?c36ZzDYye1;NOp-ax
zKb{)LH}a@?67dim49zGkfjt3fr*jE>e-*o5mft5xAvAx2mZz<w(QHOX`=+vE$tm?f
zltr$BglZRnzkgr2ziPv+Xld2X8=?E+%8Iz5ByRYw_%Ed2lkNt}a?hXdD`L=zA4%=s
z>MKifQIzQvfXRllHR2|#;SX7Z1!A|oE3;NKTWTlkAOc4~{Q>}}@`32_ZTybsfdGHL
z>v@cS9t4F@`}?QZ^nz6UF~;Z776|%Kcv~PYpl>jO#G|;07pD{PDPDkn#YX~@{zyPu
zeHM^if!>`;0n!=B4*rieKp}-rjApdJ!1Sc7(&U^3Opxp}r3}$A>|Nu*aYp~6m!Pjd
z6yk26VSL0h9_RTK_ZV{`;~nLt#l1Y#r?|7JxIcDG5VDuI>UAA;jl-ai@)<bdHyUC7
zh1xyw03en3+#6l)y?R>3H!2!wM(C<x_}Je~oKp8fz&P}Yr4~f^s%Mi0BaAj1txT@9
z<!-6U3SOt&r(KFq@h_>BFozavrP-srbudRQxg1+(=7LuF7ftOmdSKC%ej}w4h<ZC=
z^fIC%Dot^5r;GZUM%#?uvXs?sgqeSV;xrj$8GloN1^up!uiurs6!$7YByyQxJUFt_
z%xAbV&7+8`^cg{Pt$MN-^||+7jDBl)?uB6PHJ|$v%iIe+^HB{N?`*U#*~qB!TrjF3
zOaD60fo7u)CA_5eH-bC7?~OY6do+SO3v$Ezgcp4ubMCb~x4G90bMHUEjDxqRelpF9
zq_iq+QFr!QJV5ChpIhU9YQxD|R1IfV`?-Jpi!-wp9kYNjKa>?w52X-cWu@{$Jgn1;
zmL<@O7NacVuTC#;%>E;c*-O<U2GpZjd2xs9sm5#7@_0R`@mlXVUaOTgJDv{1)-I3O
z^BA#7A+l~b`75w@4a$}Wcmc`*#^j4L=Tjt;0*1_%V2sdBe;T&xF<XR8a{!k!k)EV`
z{+PVuLUuZ}V@6Gp9Z@W92aB!BMj4|k`IwwbcaBZXsQDD|`IaY@8P8?Ynf!wKI^_%b
zd`^w+*m1E(?M&v<QAh=CPEJLqlILUHU0r)@1(B4RogrhXL>|~%WKbZnL!su2C&p8`
zsqEEhU~+5)$-t6ZQo;LON{^*@l8=xfxa0cF-QR!5RoMCR*4))S5jA*CcgX!Rx^_m?
zt@w9WM2!Tm%l$00JECfysZ>T2b*@ak<JCNn8o@3Edk}Pg){<1A-aIX;2Q%fa_7G%m
zfDb=|<?c4B1czB=)EHn}m8@-0x1O*oqDD`|4-JkC51t)Vg4eZx-Wq~y;T<pOfInE}
zZUkLq8+Z$=Y7BQFXbvn$A|&iN%QVqB<12Y+_?|iqw@f^<?Rz8Y9S>~{*`YUSudQqL
zv98%y*tqCif%<pVsh>|nTkYBlmWg0a7p>hAtj`Z9zrRlTj<eHNSEN<*A~#5o&(wkk
zb5~JXl1LJ*Edi|aRDz^(WGp+KOOlipg6PEg8JOfCeL<lKGS}MbgnA)6Gc`_=CMKt{
z=aW;3OmaG<H6_&KL<&pLS_bIU0yz>D3~4J8Ad{L-<`W=ano4Gpd5EF&lTr#gCA6S9
zU9@J)P-#uP-?SGTU-6EldDYa^1QqB|K3wyn$bh_zZ`q8m!KV6dt7os()5ScjmHVuo
z{iL(1lwH=0d#q`@t)3oLf{Yd_gia<mSVMaq2SQCSmfVn1X}ghacjD@!HS=tOYSb?S
z%l*FaLuu^;A^1}0kq~SR-|#+IEv#JoJH6lTy_qks*m6VsE0AyW{Koa7xbc>Yf|9hc
zBI>`gxbeny?qiO5apP~QJgj8%vEX~+#&7jlQy4zTY7_@0-*WLZ+yTM&+t=RQ_3c-0
z1nx^OR-_FjX+u$reYdZ&Iab;n17{H&Qmi8CzcPeK8@QJ_=Ec~J%RH=P`XFLq>N#4z
zQ6Qv-+NcjxZ#Jvq1wx&)ahpogCXnSc1@CX@xxZ@j$39O-kop011V0u$twE6SGzA|a
z_&fhc!Y2W66s1ix^dW{m_6y$N2i=b`;!`8p1N7avOjG@DJ(Vl?L6bGy$j!rzVrc`Q
zSRO$eL(4J&w2ifhR!qYmh(hbCiX@j%)-_ao`B-tw5IVLDm87AHsQ+dmM3T9eIp)P7
z>~1|t$@D=4PhF;E@l@Oa;j}Zim!$2q?e{~Q?}y|EKF==RnY-$A=62e8qdT5iXR>0Q
zI&&8r)cT!?{mW!}T<!%Z$)#w)WhokThafCV(LmPjESWJS8Ou^MI#&=>NpKsHjdFPy
zmp&~^(M;L;Vsr2RmlRDvdCW;6yEN&U6i4Y<>n|y9-^Qh9?aGRuq4ex&#%ksASUsn)
za+aJu%~-v#JXX(RtUzY=;&8z(oigMpF?l>Yb}>Z~>g6Pv=CUAU8!hZ`waDy3Rt3RV
zek=z<ESj-%8W`-!6p8KLv#*<%LS$G`$wma55ugBo^2g*AbiImTI|5w*G*U;-U^Lhi
zEr8s|NdR=@^x+eOBMIfrfss?e>y(kEygrFSO`t8}POD20nWR-Jsse!x*@G=b#Szj?
zOL`))h*=&qVqcy2P0r*mfB-LjF_F(+Ol9D;Em>R1eryNr&ltM!xS8}J=tpn>!D|Q(
zA{an$2m#8$w2-xn$RLKlj^R>Oo#ZHl))pvivj_)tIa>ntda^V5L^g-g77)@*q*GJl
zs&=>$3Bw|V;7h6h5~hkSa`2+a!AnIBp`SyMLm!G9`bwMoieg_891_R`^j{f5P~>2S
zfO}r-LmpTUE15osSeSZF#PThv4Iif7Y{u{;P$%V*8GF9<){&x!K-yXn_1~<xmGatV
z2t>_`Td`GoSjqH31W#SYqIe?ifMCv;7sal-UIwJDim3l)#jc{XoqL&MUhKju^&}<J
z2N67V8O!5|xC4S|m9LbfSBhfv_7(=DXhqb2vtqO;y~4fBF)v23N<B%*^g#qqUB>cw
zBJP+Iqm)l4BFx|6h^UDPD!NQ0v|u7JogJT<N`X6+NPKA~IfX(^@JR{49HQo@(wS5y
z3ju*d0tj^?K@=#3yahmeA&~(6w0wFjk<8~w`uq&wBP76TScRydLQpY?0#wkU$ow_o
zhu(b;y=#5JPkUN?J6KvwHU|IsgNFh5EJZtL6=M0R8Iawcu`36ihJp%vG1jgeG>vI<
zpnImHKE$GSP?Bj5PNmg+4JDz!1VP8LlF+hv183;xMZA&yeMc1`-y$kPe;jYNtEY`u
z8dBpx<+SE=qox|iqG}LaP_bxAu8IW;K1fgK^NbYU7O35DvB{Gv?JP+NNmtqlDJ=>x
z^SS~^cnJz1VMFo5_^T^`1a+mcYoIjNib`V*%m)VrpX}4jhqmSUuvDeApWS?LQVmkt
znR=nJBKx=T7D@-=20n~u8=?a~paUz<eeb!@0j}(%ybyI$#VJX7QCSt2bi5IlfH$In
zFUDUJZ*uPdi@JI^`S-Bt;LIbkpq;oesIS;jmrs3S<qjwn_1^2KcgS#kp@xD7wtLZI
z`(Vu%Rj+2UQ`yO@wgij3CS%AmNp<Hgn>I;R8M2(q65!l7?cKR^*QN!LsPcjv(3qSY
zpH62M#OL5d`*N0y$7D4H(t&F2lDZwTux&AH1h3;GlmRp<E4ZU8i#X_~fL@A&vIyu?
zFj)aObY&4>>21m)hK>lLAAx&70zox?%In)yGxjspjQv!&0ZjZbGVxE_5aq4m(<e_K
zeG7C}yf~JhwJ+>1c<FYm3*OLBy8(rlJ8nW-jCVwA?F8`%Rd9(&Pa`ZKhoM|eG}=dw
zfH%@gj$zl}RTirGK!(tTiVx&Cf)fZ%A~=O$7=TrMVW-v8O-3-9>U}Uxh+R9$8J>d$
z?NwVL1Sx{`VR{W;0JbMjFWRUH%1;<-4GFv$qEW8HfhV!5HZ07BZBiqqtf3WU4Xsqx
zu;ueEYmipmbbaGmQ9MwQHkYK$;P~#BD;)<)9S6W!1c!8>0+IAL3n9{G=AIJ|+_=V^
zWlJzm3-M5pk+Wp_=4r7!hC3kqzR{RIqcMHhn7&d66?=fgBKDX?K?XDir4t~(z{a4H
zN<;Ku7Q*7OF&Ga&kcJpOly7wC!8{%u5Uw|-A|dyG>rzRI7RA?#yI*IpB)wh{_1`Rn
zqf7w3a~5}*rsv7H1Jcwvi~mz`nOOyVT0V=1K3HZ}aVFR{w$3NS%gid=%l+9gC(F!g
zL$~#Q8H5*<C2e3nINWr3D&fV7W#Pr=Pj~^0`O4wsm!3Ui&iQNo?nLLV+8lAsBkG2@
zV#_f#JD%n|Co&UO5yRzlW;}b@esQFsDj;Jgs>`QHr-h|8c$LQ4YGkl^>pt?pI@u^k
zOeQcf9`BM#1Q!sb5y$|5O{Hh+Ps^rS502q%J;jPX^(;8xH;0CgoPHB7Z9D^hmAnZJ
z(*k;tk(Q;it0V^{kS`%XR*(<?DsEJaF=c-jYSzOAfK<xhKviv5jT12|_i4|9rWDk-
zOwO|fInNf#dCJS2C$g<e<U9`=oaaI0JP(#S4i?3OMQ}(5E293Jg%IRC(K{y|M9veP
zWlJy%Ve!ao>N!gy7E68ev{)X)9T3jh;9jFKz1W!EQb%u5>@9*r>aB?SZx%wZG3cEW
zd$BR-EL(zE2#d$+^_(RUi>1DKS}c#@j(cLS?KGN<;`DwS!50y{gCKz*kKihTcM$*&
zYduyzk6r|Lv`eKkc&z-|L+@(eQP-zkFZ%jeHJHTtTp2}3i&>oj+Y<q_e?vqCEZmSL
zv}!|wN)y0l1+3YSkkU-Tlc7jhTY;E1n7Q;uk_;O5WIp;T)KS=Ho;z>3HaPr7;*Eik
z>(tr__r^NMQxi!zjJ|F$M&oRr;*Ve{#FJ+y^CoEc$1ss23t+MWDR|YRm?kU0%trQb
z+*>8}|K~R52q}8i1Ewjwag_S|&UKkm|L0)zfwy$4-hzhA1Mpn1nOWTE12@$HrX1J_
zgP)pm@arcGfhC+U@N3@o6NcPb*u(^fwWd>VC6vL#BZFrP?dl8|#(^aprP!U9l2bFO
zLTJl1p5QuNb`60mTzNDEuCRcjB^(u|3J6|1pkJt{*d};IT`?3L-wA4d6)vJ?E@=`q
zaWtL)cLFRPsiZ-rtvjN*bZO1g+04b%Rk&m}c7c3=Ra0RrBB1pOSQq&f2vHGVjm3&B
zQ!A;Ul(j@PnxbuWz#FzYRi(UvrM?dU4BLn+D&pFbxb|jmaVv=G`hU{4s?yd`YU{Y&
zQf}LK!~c^tokg*;xTdotbyh_EH!F7DxWs+TF>ebinLdbs>{Y433x(8?v^`Vg^gbbS
z`Y3YxZO9o|(lL4?w+=X(Juz|y7F7c<kyGTz*`x&H&l)+Khc)l9)5_UG%k)*YjgHcb
zpM{miG1``E7=Jz11DB%<>x@u)Y8uJ*%Q#ILiu@|NehmRV&G`ztz7D_vKbSsa)vTu)
zjR|!IOpVQC(5w`*CUu}utZ~l&O>6<8uoaiOi<|e%iCr9*idzqq+g?Lt>Mn}i#Wmd}
zsk<WTzge*xk;x1I_q;8vWcnZivR9=BFBDP-neH{d(mAh&9>u%pYRENBG9JbMga{X)
z2q)SQuIY1#a7{}<xFAQkW+n8@5iSe}7gq*HG#@?a1#^1?ilQ~K^>EkjJq2mYHH^O=
z+j0$~t`{VlFve3n1)i<9twV+ips^sS>^5@MPR_m}Ey(lRh)>_D#;05R=EPUcwW|9T
zY^Qfv&})CWEr#f|ttf6QuGv<SwpB#^H!E&K^fCj$J#PyunLdbs>{Y433x(7{ukS5_
zUd;YojZGw{%z!q&Cqx@RMVo*PZN$$Z+K5X)n<kDnL8bYbqfKa7Yd$rkC_}?Xk%@R6
z%nb%eGL5(C3+rL~Xhy|4C&047`Q+F|*zdva^19Yy52%knxOE&)fjx~&<ZCdi8{IC}
zTG=+*FiziuvXx2ad)P5~U8Hl$_D>P-aCNn=WBqquF5>R6$AW6d%56i4YLTKCDXxi>
zq)0{7f3so)QOyhh_q;8vWcnZivR9=BFBDP-)t>3LaG7W0#OL|*Y<^(L0MoQkax4$p
z@eG*?t0}7n;hb;Rv8+B;k$StoO$<jEgO&ikEs+IrE&;Q$D%jJZ!U3(j_O7p9KH%sD
z^&eDWNzbi!?3=wq<+j6!A{|As<L3I3)KL-j->ley7-9y1d)^jSGJOznbA44}@Io1N
z5M+5Rg3+mUHqSXN5NLd^)}p5Purhd-u0-T_q5XxIawIj8zLJ2=n-LT1ybj#U1cYiW
zdaUkW1XsQT1=d<m)-ha}&gHKfxRFS!h=b{IZAWb+am?@sP|<=lr1!3mt|8r)HRSbj
z+tHu-8iMjSl;S<YX4aGY>E?>vkc>Xg298I$JP!?l?{~WeDkntK&sC4YIU_I<PXC#_
z)TFRc*e)21|2S+UC)~2I0m_nvNul4fL6~qw{KJ|we0q5B+>mm1aM&_UVAtXUvq)nX
z3hi62Ri(Hd@sWQ5Ez$hUN)rgXV1JWRi4OwlUIZ*AA44}){-ZJ>>>iLbF(K0~IyI)#
zDsGC5Jw3k`s1wozD>MQ0HA}R?niFOz#r!L1g?b2pWh+u#xBYI4&ZEA+3a|L)7k~YW
zbL%>bdtWbykKPZpS3;Xgp-sij`{qJDk3B-mF;^vg^j`SrXDYti@3#;5JU{RS2UY~e
z_@F{KTs&eE;<upNVL~|Cxwcp?27Aic-Ej{U@*d$shC*Ims`FG)+;J}mc|GSgTZFt`
za{`Ts(2}ah!Fq*R3tk7Sdcgjz+Ypu-ZKFb7Ggqi83wW)$fF^n^Z{nPqQ&7dH@6W+T
zu>x$nF68x(N=7Y~vQXu->VcZM)e@uKOpQEu7=*myaA6gg`buZOs`-^XH8KyEQPIY{
zTA$iQnwGTBjsz??@By^Zl*E#6pqENuai#!X;KOi(Z86|FpT3n=!JHYITUQe^nXwDW
z%w%f3&K9F?zJCLCsd#1yv)_=#7Pk(R+YTYc++7rR7uW1ANxLhe{+ktd<DS9{0QbBt
ztYrEi0<u@71}_vsHx>HT#+KTLNxzQ0@>>W#M1Xt)`DX}jBe;tI5!msl>B|^_;H&Uo
zMZ;)#)HLwW>+?k)w)lMe9=7;>uRd(``L>~VD*|wNefvKRd3<|V3o-u~{O1o~FMS^E
zgg;9;haydrVx&o<cO4INtCEBK%<11lc?C+-*j+~$Y@C7S!IGTJ<)+f9akRg0-mwQ8
z{CHDZhRJJOhK!DRSsN+jgy(O8-~!?CG;jjtoW?GfLqqF)t;u+u1rDYu?+l2y6+bQq
zPGn07U`)mjCtH_v^Tam{!b0z}@b%A`d?{jF1fth;Zqg)r7Lw;o!Z=A-G$lVFQVjW8
zlY;WKCY=xkN5L>Wdn{!wqM&FeL>WIA0{(j4J__r7<X!Hgn)9ed?<47#yN_T|YaQ0Y
z#`TK?3T4SZgc+)}@h}w7zIl4&2pkYz1q-(9icaA#xE>KMK;|_n$J<3F8Cqaiw!xc4
zrjFC5E!TL{s0_LKo{`Z+xQ1j&YP`jDGdVR2qKQV)Yzd!&mnYK*G6=R|Ux-GL<UI_#
z2mnq_zl!et2#z2yk6i7BG43>57IQdx6UYq&=9Ly)R_Totw#uvM#d|Gun~0sOKWvfT
z%y=VQ4#3c+rDGH6jG-5#_2QP-Veznwxt%lr1y-%V@@3iR-hA!$QIIBZS$A<=^lljL
zYy3|%&FM!CB0tq2YPD++{e<1l&@V(3V1G~)`|nOtP?Gv9qW+r|`-`}DKrfv3a(5Y1
z^Hkgc!S<^btmMOYr;8$hl61Ht>c3g>Ff9$ea~5|Q6Y^Bt0m1e*KbK1!j;rqXU`yQK
zs*5Ws-|{xNqIzpmLLbJk756FD)c{>r#pk}R8UlDYCI$ig^H^6G>#2~wa)h67<@g2Z
zDOfpLhPBYp@Gu%fqG~T%C<A0CHLgoh|E$Ie;iLs?Aw|x%pz3MBqFJHpTr%u_!K@Ko
z1FUVdkbi@&qS^D9d_D!{p-mfBY;Evj(VCAIReO2xVhNg`l|cR-(r?_PJJau%ZS-63
zF!S|U->F)ELlnGL_Ia%S?*Le7_<`F8z)&zH*#RWk0ZOvl>yd0Ef447}B>0rn(D&hb
zAAkk6boVhsxN~SJS9gO&-0y=X<xtg+8p@@Y2Q63RZbKcQe{ksgTPY|>hbp4}n-vcg
zQ6&Mra~5|QQ}a~Z0ZEt$+L6BAX5tiQj>WE5_r&xyJK@B$WCFmgd_68w5zX&%ZsjW=
zqFIbv@x_~fTk)T}@_e}!OFNu7Abz(VPGr~zPJ&d6E~xW0%}d~G_y>Cy@->+N@HRJ@
zHeGNae)d@6?CBGO@F}+GtDUNv?WA~E_;wAtVw#q>B`|So!QRv1j(|ZF@Nbp5GD=I#
zR#_+sB^H!EfFe9Kx>iFGzN$o<tvL{U;@n_Y!*Sb5UPZ7SK*YM)JcpsRHk*-9Bb&|R
zSi}hgClTOglU|~x-wd?&0NZlDWFuKs@1S)xM5(HB{WVmn{v!ZZ0@ZhW{hZiC36u{B
zl#ddq7DoaFM$IY`s#JjEc7}olSA9Wcq7Q!6SAF$hxb}NHW4*!4-1kJLS?nwuDJ()o
zbfpTUAp8`w!5tdihdI#?zBdaz;f~`MMCJi>0rZN(r_Y=nIz2paGI8eg$l2G~!PE^K
z#y=Bg)K((5Yq8~;t@>Ce+L)-O1n{8-u!5m^F|OvW0dN`*LK<Ko>ue^N#Mh*7Hk}K$
zmC#~!@w0B;PY_E{s%pj3*X|C|BM-KdSQJq$OMOx7xeHeD0F)&7yn_Cl6?^Dic=Q7L
zb9WgN@>JXbNvtyAU~QT3pJVs_X9WKhK^eij2t)*UBu2>_`4e;@pqn=2&{6(-`k}WC
zt{OaiMe-eXJ=_%X^?&+O$hV*6!_>~w-a`<x6lw3mTL&aG*&GRJZ8&W7LnFt4(+4|!
zlW7kSpF#w~b;&OtZ^>gxI6t$9b&YS}M#uOe3$zJ$8X(sd9{nb5Al}Mg&xkdZ9tIzN
z<a;Q*bHL9LQAS+#n4IVno+HAiR@=_#pYP3N^YEcxP=qCa0M!)M@5p2`sViWn4=k1L
zz^|X|&}G;3qpa}3o$o<1@`nhJE2GE+A2vOPZaie8A2v0PN9c!y=?7R7P!D{(1?sV%
z6w>dM*!r9aOz=CTHS+jjOjKN>-xq#lIRZRZ4iCW*;5Scv<3w?F&s=Cf9snMP1Hhqs
z;i1n|oP7VdeXr+_g9Dy`?H&jpCp;g=^I%v>ET1V|!nn~7-0J7Q4&xT*5`-row^19B
zG|6rQJ281QouTLXF&WLM#F#xK%Lk<jp&^!l+G?cpf!v2afkEfPYZ`}9alYcth3#0F
z3aDNKwbNoB=$#9Yiw$(m96=oBUZ_L24eP=Ei3j&5p9F=LmHN@|-FM32Bl@u4^v;F8
zfTKPLqkiOG_{e9EaMXXVz2Eb1g9FVqM*TlQ5*&5?Gsm79r!X+Kc)BkyddO?;?D4a$
z9FMUjRnI8m3w_L)VeHVKaE1hi3qkn$bN(vDR!tzSP(En`p!sMx9o2}RtiW&wRAwJ4
zwhlP`WHJ2)vVFkyEh<$2q1bBE0EpHYZrTV&5v=J~;9%qS7?wTw#Pasis;K1?%eUOO
z-=tqw-fN!u-+i+j?$-zYJD!^-%c~=Ep=~(&2P)zId*Oa|=KqK523B}}up&6HvBvQK
zJRtq~8c08rxtPgbrZQ-1QO%aj+-59b!r;nL3=S|siIwLlw8mLs{9M7rfAS+3m@0H<
z+o0+O*ioLcDGs!~ZmzXB6Z+^(pkJXfO+tSXGSR-c_h>nMtQzl!0Pm083m^N8{0}JL
z=a<O$@?k;xy2OEOKgBe4<PKwX=xAgp4aFQIQ)5F}H`kV`p>(F;#l1u2@bT)QJOM*_
z{9gFDK9op$jEAq+e+D5yxogUooH;{_I*PSay>!@zVfpldeVDHv{Wed~pO9LEK3B-l
zFo#QwM|9TeJ=^db1M(!_!88T3)@rQG6K?u+1u>`P0HUgv{u_{io}{U`{lodGZvb}Y
zVV9gRCWN6{4ku)m`D>q4hia@5ODLlgr`Q>2$os+rztFT&zr%Ro?q13;?Wd9rXA)9>
z=RhUNf7Ct@_WU3m99Z{rym)-gHk+)rF>34?>rxzuG^}WvRzBz~&_SpC9(*`ePRc46
zFwac#$_uSvi6eDI-WA<84camgRi7%oN~aSrBZ=|!SRPMW?I!)Ky9Xw^cUWl}%idc>
zr%VR>la{3|Il9(VxHgCULqwk+BlszTzeey8g8zl!0fKiChzM}c$Qb5(=t6)Dsk#*$
z$T07D=ym&I55<6Q{lj)2C``48;95z&A>aB>UuyELXN6$a$Qo(|KogB`ani3#XloKo
zFEq-&Z3*9ah?3N0lFq}IIC&6UieX_?463=aDp?6d!q-@VL!3&VC&=hh0-~)?C&xew
z4m9o6RCH`Ajix*4{t&-YnIZ&<E@d6Hc56zonxC3d+1D%rpxX>ubSaBD$}eE9^9a6-
z0Hp!6KdL%P6Z@F?{R8CxKoaOIK}Cx7z~geceki>0H-hjL;n$k}n;`vISp8EW{5QhM
z9}BMn>2Ql*U;n}SkKJz9x<?+t-TDAs4}v^gbhYc@;ClRGr)$T@0)WTwy7svGJ{ABx
io^tJT?fF;$@Hp=paJlw>EFgS*%ng6mKSU23jsFLT5zN*A

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_provider_block.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_provider_block.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..5c60a3c6e039000298ef9bda284ff3d99ad5f5ef
GIT binary patch
literal 52036
zcmeG_e@q<LnfntS%fe!e9gGQVF#fSN>@GhI{(%jSo79eR!kGN1ec4;X0NX6PWM;8r
z(m3h$)Do$8$yL2OtVT7_ofK$K7e`k$zV@V6J*m>^s%nRYvK{55s#mGX{biFx(ec-P
z-<z2?!?LhY91fBhhHt+2W4?Lw-t70j_r33Z@1vq3mj#aFzwmr@?u5ni-x$!2d=>fV
z7l8b&g|i42&dS-&TLl}v+Rr&eo7ZyADdc&Tlzbr{Qtao+xdNf!oJ(-gc*ps|b8f-y
zwNzQS9h~z@0hf2B=t}XG;%1u@D08-YcoLU?#nqh0kqXOK9bdHyo^nf#g)6AAaIO}c
zQVyYn#uY-Go5k&*aYYbU%;HLEoCo4cSlrG*o3C{2aBnP<@FsXMA$kYmf;Tb5d!H2I
z*CPGA&=rmMz3><x<Arb{F8Dvhhj#mHvRlh=>Ba~z7jk{!7{m-jqP)*4@75BR-Yt_6
zm8x9WC-D7zED;GuMLAF46Qe?`Pkkf$UONEV;s2v@E7tO58i}CCm`jbtdgtt%!*4g_
zbFf<&!a2D-F5ho6<jP}-4B-e@z`3}>CDaH@W(eozih@=HE&9!{WQuUboQEsnb}XUg
zUYZ9(Tq(DcE8})?ySaz_&R|~5)@!{AZ`y0UXn)p=-$TrP*`wX}teq=wx7AvFd&b(%
z2z)rfd&6Es6L_yj5<^~*kBO11QQq6n4}?dfTH``9M`DBi#fqUsVnjR^2)xiH)`v$T
zerV}%^jK?ibJL<HFcMA-1rqT<U)bL#Bo^JnH|i7d7x-9xLt~TAE<1+eVnW{C7abK7
zyb$UOhx&LS5gCZ|L1APk&AM2g=o<n0;`OjFTt6I+g$H@zSYy-C*2VI`P<)sVjEcMv
z@b|+P23I5?`fNfGyro=#p%4~gako~^SXflc*b)pj$j)&8a3m%dh&+5t38h%}Q6VZ5
zBpVA4^YFceMe%xE=$BnDj9%sY;<16q;9|A$;TRtn3JceuT6n>KBRm{ktkj-(b+}J?
zVgSC@frvO1xYi&$gm^q5=RsXvi^QNR2p{VoiAQ1y;UOrwP!3>m=k-Xe9!hbI7wUrz
z3Jtla6AK&>6ZEIFNS-_mg$qLA94+l_t+FE_jPgDweSe*l>;h84aA+hhB;+CmhxZGK
zVif8Mzg__ul8*@ZYmr^&d%Mo|bf3L+mXqC&UOaRDY)^=LrnBdQOt|N|FFtYcvFGH1
z$2)tTKFeJ?+atTWI(yEBE}Xs8`GlPR%$K_#z4#0#;19>=&}qv>>IW3UAFU`m=|#kB
zUO42YGsmv<oPF}*6)qMQ2F}F$`74x{Tp0znLeY@+yANGOcH$qoA-jjeFYp+TEJFwY
ztz!5We+u9=%g1g@!LE5yEs^SUSulOzXnNPa`}vL<*T*iJ@Q6enNtgN4dz$V$?X|9t
z35|VNA`ho`9!Zy1r^_+BSIb@{k*c)2JXvx4p569{>*G9~dU<QQyeeJpHBzsXNM*Xr
zmo7h;F0V;fc+(H>yI+`B?YbAJYR`M^!o3bl<w0q0<Ll?|7D;UvUpxCj;qFNy6`n{s
zPJ9H#xAY;<4&Yw&_z1cY;A2-Tf)#oU=qUs{XA>Npy}}|mIS0Tz&IvG|%L7Qbe1HYW
z_XQVMAQTR|e1&r9CHP1=`0+-0jlq6+9LSE<V}ioF2NhNgnSdpTG_O~yeXmmceOj5Y
zU<L4xU(QDp(4N3&S=wdBXM3=vGmaKDU(9-0>kln0Y98QSwjQLLar9aP*43#tSUGFE
zEoSev_hjLvF$ZUhU+Q%pd)#7)4;)gd_y5FVxy(3f4}L`%2lSZs-n?cj=XmyPv#mva
z8_s#TM9bJys$u%IhP@9~asS>WPbt&$X;_V=*RIuyR<`i&C3it6^Dy3Z(F$eK-z0l(
zhxUw|Ih|TgF3)eT2Tl>o=khtyn;*2&5V^cZD~*9xg%+n@p^QYMrCoU|S8&oAbDXq}
z@X%V7dTtGiKiX5J;rca}$GPHv2NVl5N-^kZ<3H&wq^<fZt>*gwcS+5y)T(Z1Rrj+$
z`~tOVo>p&$Hp~8{uo}*p)3s)rg<4Lo$e%~Qq9T-VdO;4Nq2hIXQ^guB?W%uMu{`*;
z@cVMX_w}EH1-_E8W1Si|I}bg!5aXeX(HWb{^&l!9<Mn8T-%Z=7;E5fLC>LwYFq8nn
zRUC6`VbPx$n6@t3PM-8x$AbG0jofJTiLRGb#Cy_<SkNc>kq$~1u2;M#mDm;^m0?AY
zu|OWMLpB7B2wE14K?DI=hTeV@GD76h?!{f&W4$#ffhg}&^C5E8Y3o=7pVg*49uW2M
z%~}*7YSapa1W_je;<f7)e_wnQuZNIit55Xl#cpWuiPL!kvNr*HCoEbsf>s1=vSZ{%
zL&KuSQ2vG{cma%V@|Dm&n+hGm0i=L3s!X(okcn1Jvg`E74U`8$VL{#jl43L(68I6J
zFFrgH7I@hW$)T&Gktj%|P>oaw73K1fI20d^_S3AP!D#$yI2xidT|r0;5AaAqF7BjN
z8;Qrx3PN0vcZOi}G8|5X_?JeaAZ{igMb1~N0>l=q37<!Hh<tQF&W9GjGRg&Nnd5?R
z4Bw#;3#7bsgE7!-3^XYL<$0~fK$|gJi!pFic~_Nm(3sS&Bq`(?8kdBcMU?wd(lQ)^
zAB$Q?>s9}NLR$5UA^06+NL}(NloFPT5B~KK=zvFxC_KDo`9o>dTVI>6Zk4KAQ>918
z^FJs%oGPmuFZkV#iuoP;q#gUxyB~h@xeqE2%~v)_l}*XL&G(#^(%O3#d#P(Y@1Dz2
zvipr!Uw<`8f|Gs<Bu{XjsOJm`j=#!63Ni<A*I1mShcH3SoI+|W4?`e2?b-Fl&DU=x
zN$0$0pXAvGNV4`gLcnW}r#vSB|GAX{$<sLx`RF-=IZm*kg3OUlEQ*>%(nFYVQ%Ois
z(mGyyT*oznkmu)CM#qT2V}&48c6LGSe?TzX+JYK%{Y;F3*HDj`6T~+jx_;J$fk0x9
zf2)_!uK(7OuAg=IJxoZ`=vYt%;^-}auHX6WONOpL?=lnPda?>=nt;j#I{hixyU^?c
zoqiXN^)ikOfiCZIuH3pnmn$a|=yK9zHJmeNzSjBX%*jMRP@pJXzY7&5y)L!uFT4yQ
zvT_(`Wf2UahL{+kJsrA!=;~3Nj5*;SyZ?OX`X_MMGj@V?{f|;jftN#tg5JwBrkAbr
z7qHP6cj(=%qHU-VIw4+YL(qi)S-)@w!Q%+N44~WRF?4bVF&aBL;T(cX2zn7bf#3py
zZUh$*Jc-~b1U(2i0Ml;aX~dsF@GJuQ$mbBdjNo|$Aq0PpAdKKD0vu0@_=7U=f3MO3
z9HRVNd8O5v|M8WW{~B&Sj|KP`0Au`ZQgvIZw0%{^-y&7EB=@#1XZ(~CpVT<<$z<)(
zBsobr@zIp04e-026iA+v^F%#oFh?5;D##o;iJVx?BIzMa08WevDN0($Yme%<MiBDc
z1$M4Kjp6WElM_S3<6&}Qr5=EPeNj1a8{@>>jaWPyAH1<HF1%Cc!lHWr`uQ-52^-<V
z!VnNxft?<v>{Kh;>J0VdN(^;Pw_`7`l%+OH)y=8WmQ`75gH+j&+}pSUOFgBr)KkgY
z_9Qt)S!#RAa}4miVG1PAsd=KFGnnHT3o6JQIfX1$%_8X`OaPXO2`Nfi$7|blTq6j1
z?uM1<3<!@kS*pTGOqQzF!xxyPwlkLcxHbv3E}mMZ^HesAwSK1RgNFF5nCcPAR9WFx
z=c*kman-fmPetV=l4^@o-I6M8U6rjiN|lYty-h2y)zcbVJ)NutR(hJU)nh3S=nqcc
zeUSpmb9$br=M3h6;l3UN_#8QnY*meu^bjThTg8MFC9UJNz?)gTN)YngeNl<dfbdw8
zt(t6AtpVlo1!k-IbU_y=nY|bIL^!%GzFMmDRdw!v{ap3%XUJ6*)$dh!xzI4a-0Ey~
zMb+;b3B=(|mWrzzQvFg5K!?UxJCe09>hGX@wJqfV(Y535Qxr&^j(MV<GnfM;O+5zi
zInsfARgIJM5GLGI5>k}3j@N=30dJu3DnY>SKBYuwKzOXlS5>ZJY5>0QeDx?3SD%T*
z`s3HvItQz$VGT?bESd23^)uBYpCMEAQBhSb+Ugwj#7ctdTJC;%89Qx~s+&@!&8v#3
zL8&sB+}p5%n7X~#=`?89-7*Q$Io(i5c7;O2@&3^$54bxNdT}%y#o1m6c|xIqh#)4S
zkr*F~LqvWk1Ul<bNa)8eA%b8S!HWn+5!?VE?+S&)1WW<<g~Ex15V<-EZ3{PH)l-H}
z73e}E1`!;Ge-S6LziIic<LH8;(Ai~OsBk$u7Rp`D(^iC?6rTD7P(_77Z^R)7J8=FU
zkB_kHUz@d;KnC-DMBatp(*>{~h>YmgUE+s-1$4&zn6}KkYgo;!i#62TLG&+~Hbm<z
zJC-O2c2Db{Hq2@dhE|6ehc=NDuz^Jwv;D%k7d)s%SfPR&VQ&t5FoU&NmS;AA6&+fO
z!L;I;Y!i-XD~8RQVJoIjvt^%J%wj8Mn9yQVjQV?kn9U~fz=DfSJ@#asRMhGOOGd5A
z^z!7GPShqysa2VNSN0OIsY_~AmMb??Xs>81wpV*!LtSK_++!1k+Bc!w^^EXf{bjb5
zR+aP$U(Xh8E3msN9BaOGJ?`xXqvc4fFTq%i=+!1&y$MKXV<nXX(cWG-4evK?m2Ht2
zm^1~@{s;_?ypb3+g#w!?#kdL()szX0i@;h*wOgXIqtn!yssYWBnuL=;PCy$J;S_*w
zVG!Vw8Cq(Flx><;pP{8wvfW5SpQi1>Af2HtP-bXbF@nv|8qIWq!dD>87}F?R!Q6ia
zKt#63rf8M<*#pq&BtlR{%oayvVg-#>Dom!*#4_%$Sm)%t`%QfKNotn^rp-lr-m0A6
z6O{G@Q|^Wj+~pW*l=d{H+@RpHm$}9Xm`m?El3}j1>tSZB^P?;CE!|Q}cXIE=Oi|-t
zlC-_+p9Yhiwkf}a)2He=L)wy_14?k#fU^t`Ii;pUoTP{5kQB?tkQ8Z4duo!T`JLF?
zF}O^|Bv11^QO_CDob=Qv!C3>&GC<_y01HWaXbwrS1cpHV<)b{-bsmP!=d<rRvv#!v
z+BW0R*lNHIT`lWWwQhxWwYY>L<JeeNYv_oxl&HaO=!jWYqZeR>j+k}7+0C!B8EqR(
zwpll;KPRIjX5DX3){a%HG1d|5<*CqVYM7BtFX@Q&yRw&PDRa-2J9kI?uvQ{NT~ujt
z`W4EXyCXK+O0O`mD$D4Iw@zCXg3x5P)wXCW5SrX$ZI^}w9@gEhCN|L=D+^A-H{o@K
zaRk&(>~+Kp(oYn_F9BF?iH+<@$fhP)qZ}lB8wg~RW)$;?1eQFjJVO&yiRN_H@vJJ*
ztcAiP7UGwyNi}|Hk3Z!Os4`Byw5LAh_TS5QP#MRSO~&~{N#%UWL8;{62Z-#KO7>Hv
zRw}85`zni7c_*J5DVJJGHd)@OO_J7ki>Hg>GF2>jTIY#+&XCrmr&bBh8gP~YBB%0L
zNYX=dNQxyeBt=@&Xa?Q#&ds;MEV^a#rsQdvC+ayvT0j}E1ZNF6%K(v+pmtZYOL}My
zNwEZmK>k(4tM9{Fuk7NLChEkjz1E$Ur){DwU=eLQEsp~;jM*-uH6}fJZCcJJZ5M!T
z7h1fqUKVno2uBaCvyVA?9a-0=*?X0>XVgeJ+v>CUwcdQHO&Hg@|23{WBXs52pl+ya
zSdYWH7_FRW+^ic&gEoPU?$>D2?A9n{*FNZ`Yua06tWnEeA|{q(tWnFJn;8`|Z9)NE
zc~+pB3cJ>^N{FpZ(pp&6CV+|X$hSb7z?*HQwK!hk>)EPpRcN-Av8A?jTe;1)+BR)f
zWVY3|X{%zht+q>B4HlpmAJG=G4S<??thqB9g%!vz>AG&ZepuIoFG*Xb2hTN}LuIx=
z$8;lzB@ocjU9oHz`Gm60Hh{4iOOVz$rt=k2-L_nS%WrAPW!p$XSgPt4aJG@ExP`w)
zOjm8Anvtotz3Sql-Bh`a1mWHF0ij&C%Fu6F?jHkX@k3bB2y2VV9(v22D%(F^@Y_IJ
zYG?ZoZcLSa_le2U-;~u(-xw#!o$bq)neKWxy|?xYqoz)g=Co&%M~VBB<mkIq(^YVp
zs**ggd`dlM$kC){zY?4^;4A|~PVHtPNe|5-DVD&H6gj$?gVGdf+04hm82En|_FBr0
ziTDft?yg>!gBl}r`wE1w;jir#1UC`9ir_T_Zy@*%f(Zm)NANO&AOb&vZ)gC2ydvtL
z(So6E!BOmNS@4!QTR*8QakeTqVBS9XX9uWP=<y)D(^TNk{z=ur7dOK9p*N^A)aBBL
zzlNubwO|Itj6u_T)r)FAFHHP_Z>CXjjRcGKy}HT93f2tYSy5-O`QB=%{Q;CG^H^cp
zLm#1o79;b>?yDxJ#=vNQ@SrsYYyx9l8UuFMnluJ%%*r$dpOLQ`YJXt1mEp5nHtnH*
zpV_rLo7Yx2?P0dn_Gl}&*;a;z0(1-iu8PdI+BR)fY_`>QX)Boe^^851%{>`a2Y}@p
zxJ&H^A7$t}wa%N}cWRxN`cCyLCUn^Q<x(Bs*j&I)Tk#x<LZ#pVFkNi$UP5i-{xsFW
zv}zWY;kaZ)UBQZGa0WkBT2+LwD$si@eQCLK<srl}PgU7TNbus~ZxnUHhJ94kfg6%{
zZ%)Gm>B%XWAl3bYP;Vqh6fYsO=wL*}nconIoPr5b-7|?60?#B<FhQ!5QgHA<lJ<C$
zr172Zx4Ypo*)4e*=ZSjGkjA9Ps|05aILiQ$lV4&XNe|5-DVD&H6lqL*9!`?LJ5_JP
zz&<bu1N*={QO_9?z_n8tn$=O33~`e%tXDHjdT0&_u>^*sNC5nACCS0tRkz?_2PfcR
z2j_`;&X9w+f(t{lI?9qEZUP>rW|s8O91>y)3`voLX%9@>x4+vl-2s=W4ha{Hspkx7
zPvWyNIBURJ28f($Wg$rq%^@k4z>pMaPkVMJ$)Vf+TVNG=XacMv56u(xoFRwCuPdQh
z9c9T7Hvu-0YGz3f%^@L{z!1p4$}IXZnCs3yi*AmHfho}A0nMSav8_2G)@oL{n%axc
z*3&L{$~8yCOFp?RJjyah#7kOgE02glaxWTdd{pr+sOhE^Z|O^=c5gV=?`2yPs6slb
z$#MzlJ1`HL<qN2uT_Tzv#MnPgG#75ez1b`^_a$)MiR#)fLsHf@R*<Q$mFx<8McQ8d
z{@>%X7pZ}!>JD}TUI7m$$?<oepMD-LQ_oB2KSe!f$nm7drvzsWILiQ$Q%|#yq=)8^
z6iZ-8iX2aSe4G2YO_hEtlBDi->=vw=shfaRGj;PsJ!eSW_{&OYR!3Pf#7)4O88x${
zhvtwFOJE4(Uqu`>Curd3p&rmlnG-a6UF2SuVk-T$PY14BSi~{KQA0Z+x`o@y6i2sD
zTbUCy+o!F}37T!wR&;`<eYxx6jOiKJL$1!N?IBm^)%K86M|(Trb#smO&<ab~g#gze
z>zldxj8ihGJbcjOKE*2>^FYi-e(*{m?TuhpJ#|yO$8t@#tdY=tcoT8PIO(zhXU2y<
zpUV3bIh6Kn*3c|P>e8OFBsp-q_!g`tJTL*P31Ox|J!i;)@lho-tD`I#;wJJ~NYX=d
zNQfmcBt;ISJ$sVm$nEEE!T9~i1dQKdK1@Al$dU0eB{Zv}EE(b^VDzqLmh{jZ5@HDq
zNs%L)_b@2jDkI$A+sz3V_~FyT9N}s;LB{~*2p6j3^DsFE5<}rweHPE$86pFkHYgU%
zs+52pL~=<9xc%Z1O|TDddcd0C8mbA_y=OC#KrgaPw=!5w5xnZ{Hc$bJRYpDV27GQe
zBuUr%-S2@7MAsd#f#{ki>N!KYlDJ1024@X8%K(vgzQjV39-2c^EP){@(v|k?O_KWC
zH*ej9%fwB|Q$J7CbB5H9e@zL^>L^QwxQS~lB<Z0!B*YRJ0{K_zNlaZSeE8~N_9R+O
zm_3QM<p1-~lbBQY`gg5hrmht0A-hj)bG}IXTHq^LU79v^rCL>~*Dd_JGIgcfrmd*1
z^qgVyj6>=+7(RUke8wP%kM)nlBQY>-*Hn$ml&9!LIM=WUy$TEH<xoJkhASvf4`b2;
z9x64_p^{-o3^rEM-Ykm_wL6y%b$#?aIG9?ZO5MOl8(@)q>iw$ss^D^`YT4FrFw()@
z+-7k%Hx*}FwL#>a-7Ey#z-b}a2JTK3OJE3W_qNG4-VY^-?{>$n4!BHoNN6FXo-@QZ
z{*n@!)lrrVaTBd9B<Z0!B*YRJk|Ms%Q#fv_c5_o7wz?|S8~_75Qx9_htkr}$05%7}
zFhDZBB+wrO@P*A=d2bpE=}btgeYWani+Qv#2f*8>t;_-NwrMLm0RHl_UCuJbyvkDU
z<>TEtFYE&*412+M8|<7iD5}$f)$sbc#=l<7^9TUhNofc*i08vILZTR5VnVbLC*LbA
z9ciSaU~LyOHUy>%wYB$TCPX1xLis|jLGZfBd6$iWH?TVzxG&pGpV~0i4!+}m8%Ey2
zNmvUE6PD^ZLxSV4Dxp~&WyugX3FbL!W=RjtAt9E)kQ51S^00KXRyk8csZCulQ=TM;
zZ+G8<Ip@O@Fz0-Do~Y*xIXr$t3C-##ONO`!m~mD!OL}My39$r*Kz=$2th#-3uk7}1
z5?R1MB6tVE4-xz`f`38qbp#n+;J$}(2!0L!;ywWA1@6>>!{hWV)D$`E7pgqYx`moT
zr+=XWuup0{PQ|#1-j&@cTo;g8+a`7u7J+d201G$*(8U!1EaY5*d$17p`J=AkdiWPd
zBcMdo3=PDtC@i>(9ED%|7_~r9T*D=XcyEFigz!Kd_~*-BLA_0PFbR=<zu)@`{84Va
zf{QrQJ`0*pJxry7RuiUD;q#<ap!Qj3F9FMlk0wS&6X-@V5st(}Z+N{-ggV?AD>Sg4
z9D>?dSvJ-rd>_8F71!nNr^40p`$CkF0gK~BK9-Q_<|*0vrLr<N7lmUeLM^e$+Q2jd
zIEwMVQ~Y)@TqePg7^D&PoFV@4SCr7Kj<RHkn*>8*HM69L=8zCeU`UGi)1J+9Hw*4*
zSFy=z1#@=Oor=OW&E8|}y$5h4*VrlKNXvhtnH~ki_^8mwdqL3g^5MQAHnFM<78kv0
zI&6<wGZYqwB7JdTB%piIs>#8iR%b;AS7JqM$frDB?!v*{I+;-hjmMB3y$6*DPQEwn
zm8&sH&b<Hpd(Xq=4lFe|Gf&iWhMY-y8kFFy0cRN?@(wIEP_s*VXbwrS1cpF<lS9C^
z(Ri3Hh}W@c(W(|pltZ+yjYC}H1rhyWgIFUb1Q2Wz3U3%I)lz^r-0bi+`hy$e28VKT
z1NDLOnT@aml?eAB`2qOD-xAxHnY+ZAyTpQ|#HNXsSS>SG+Sy&u>37k|rChmlPXwB~
z#Db}rVTar=!j8V?F0qQJ!l3cjxV3&)AOpZIvD$|3Oz;P_g}{4Zj~s6lwvOfd!TDI0
zVT3xD^iz1x93z0mD#H-s1%V$OyUq(Q@IpZG>{T;XZb<LvqtSqB<XN+PS6S+&Y$Ilu
z--hyL^HtVBMUUapXd*HaHEt}6dj&;eq2=Q!`H5UI$a<)SP#9TtquEAjPh-m6q;51D
zl=cKu?uK=2H0zT}d~~B(+<G?aMzfnYrb&@AX-^<YI^XYj4~!=}?||`S=R8r*8Pb_V
zPrw+QHQ+1*MBV}ONj1BqhvtwJOJGQfbZ(}%HE;&E%81RJ5n!wlJr$Wg$<*qAx>$9@
zW^Njze>V!YtY_Uao5s)?fi~5ZCwDyzbBM#?5fQxVdzW{Btm9QxZR+6KrF4&=cY8TU
z2P^yn>O=Sk1S{E7C@xu4SDGRgD1-$9kM|)%fmC0eGIhzanzC(;ghrQ50BpcHXXPfX
zl1`EO&Fq_?FEcv}Q@v-c&x76M$%9hwnVrQp>nvJz_a0hL!TenW7`8%JQKV<c-CK-R
z8-`o#M*SHz!VgyKNt78Ib|33T^q95I*ywj?U6CH6(D;jG{l^BJdQ@+wQCx7-JcxkD
zkyZMSe}dJC|KAhH28C=Em%0r$&f0E^+3Eh3On}pWy({cr$<||JU%JlOd-IyDoa5QE
z&9)Y;chT=*yHo1V$ry^D^E`U=p!2+pqsG#r#vF%hKPvfj+T|IUA!rm-mndZQyRw&v
zsd1^|C|B;>3Rx(rau~{sD_t{=H4R0~wldV3v4yu-TcJYMY^!b2R#YL|)v5RLxJNqJ
z@F#}6u{ew%6MaKq#*fJZkth$lzQabwVed#Z+{X{aqy4;~nxZOJWNyuI<{E~OV+RdF
zfp%YgUwn9YG!{wR2xw6?W4rcwyW^|~P?T$te!k!5S$Uf`<aoj*1WzEifZ!<v-3Trs
zcoIPm0uI4Squ3KvNvl3npgYKe?SEnj%<e!AQECS*bg_0qSUVv@-N?`6(%1fpgx^3Z
z<?jK!X8AbJva|ZFugzDl)zIxnSLR#JNiFA+d(SV~Ki+LA0VDp++ZnAbNzVPO`(MHO
z{M=ozK0h~4)N_WMOM2Rr;H&{>86fg5*q^J}B|S8Uq*ww&Qsmt4JO`4b?Op#gEKq2h
zf&~gdUp;3?TN0gwVsO@gvkVY9rKUriq=)8^6wAgC$WO&1)!e;kWpnqt_~rc@f}bJy
zcLcvg@E-_%h2ZN5UPcf^;79Od4WJ3Rh-+cc=KZk+N1?NAp~B^S)Vfgaa<(p%mpM-?
z)D=3rtP2%|&NJ3ezyQ8op@SrR)^1;!@ETw;xjGtwX^5Cee<1Rn(8vw^?)~5}7j{hn
zLkz#bUl$??UM^r!a=scze`9i<a*JFV3HQO&1sXi?{^2-Gu84vio*|$}B=0h&4)QS`
z_C1da)S-p!=#TUzWINb<C_n5*yz3hXzK4Lm_0pP<$q9JEXq4{|<{=BzhDCe{z&*Rw
zYW=Mx_(zN7FD>6F`lF@ozbtL{$}ETd_nrH#C)33h_v~=}-Hu&v_DwXsIrKMGleN;0
z1NSiTUY;dy$0zxKefkyaIji;5eG9@*`)%#k*83I!pLW^8R_l@b7KESn*axlF_5}+<
HTDSiP5D}Eo

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_resolver.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_resolver.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..febbbbeb9bf1e6f939add9a0c270ffd16164df68
GIT binary patch
literal 43027
zcmeHw3ve6BnH~V*F#z!(2|grJ4@fJm1W9~Jq~6jlt+%wRU2_DRHs!z&2~qG;0ConH
zme}3f+lueZbuRYql^=4YlB26qXDO-Fsp_gOy0h;tmCHG)x<>)xN`&X^l&hS?QL1vM
z*IH#Ib(in&ndupTLjsVrySI*}fFC_Q-93%&p6Ty@^xyXa0iO-W7ydN#rT9^s?PqkN
zAI)0e-ch^F_D!2;lWd}0beynD4))t{+$lREw&O0z9Z|1%BoD4MoDhzCCGT;c<U8Id
zH6Hg%{^J2Da6BjlSvu#5(D5dz31OG$7CoXvbes+huhnmB{GRp?uQSf{(11r2PKQM=
zzCL^#Pq&^9yKqr-bbCPkr`xnp;B-I?p7x8O(~Sd7VpFH>OU^IZrFO9yIT~4x(COfS
zQ*5CtQpYmeTALW|w27^Q4)tErG8Wf{xON`5oW*q@ZW)j3WO2(8*U96$SX>w4R`9qL
z6OQQ0{IjuiDi_Hm<(wQjn~@^9bIHiTWHy-|Po~GFhm&$<@<LMTxkZ&Y8Fee61KFt|
zY3y7ommJGYNl7JSq&^}gvgeeRgDH6|gG|YB%04BHC6%U^ClfgofBrxsmz>B*(~AFP
zDRUt;o|H~aXOoIg9808;dTKHkwWEXu6;Rq<nL3k{(n-`bKAy}@W~R?4)47Ms$CGCh
z$kl7a$-U``RQff=rTzpYtrGDZ-N`$ZPQ5ynjHkvGXF72{sRX6O#kiC_i~6R=lCt7U
z<Z@E#%oJ{<2wAO?N^@5G1MxBaAGoC?8X!G}e&&ZCp$2^Kje~sCHj1&T9x+?Y9&^N8
zG54s}pEldDQ@?8biuRaupM9eiF^;qmTc0h~P#M>Y5w^>_&K7OR_a2avs8b{nkrU^$
zljyz$?XUJM`Z$%I=*f4U%jL52?%v*4cFNs}Y^rB6GnSa#y?tO{ThuEBaBnF{Bt)cz
zNEk%%C(PY0V1#5dsdP@FCsS$yi8e?ykR@sW#WOTCeBkKzfh(TM5-F*giI*)?8%ESa
z={~Ug^zfmVUpg(O6VllOnepUlHat(G=W;BF?$U;3c3KIXPrQ<3F*MSoE|k=Uue=xJ
z*KPM(ZT?lI_Gd~hU8O*Csd;&+bMuee*3GwVDYk7XHFuZ7E9b+{%(j#|*3WlrzT9#r
z?DM;C+k7tfJ><73UVZe)W4tdBFW}4ic?AOH{oHFq-{8$8Htcetf1LSl-ap15kDQe<
z=h0)6DLEI(oQ?3i^yFK&_H7;L?(6UFA3W9Hw|iUP?!Lay=e^Vf-RBbWxu{E8Ni`EL
zCZsg_Q&!wbNy<pF5|r@}#dE3iNQ#l5_%V9VrY4hdmd!3vrK5J1Tc$q~kvgfMCf0x~
zFRFoONqPp+Tkw@vf&9Adzcsc|^EHP{q2^LYcd0FMr_oKV<aW6wYJf3(`Jp${y>*EC
zrtP#%vg2iqm$cL%IwYsq&}oxgq7&3Dx+KqpJL*xEpF)*iNTrhr$$0b+oJ*wAx2PNQ
zeRN%YKVg)o*eD;0bnlORipYTo9)9hG6&a&kJ!PHMh$2{LZNe}!cb3{sqH|Y6+HO3m
z`b5xc7X`7Q&n|j*xzY~Pb)VQM`b9Uc2Skr{y<wE@z>blYSVM2apw<p)=O{fC?1(ve
ztSjakHorKu6ocAt+8uKbQ-4()X-~{E%qGe53u!@gWG=0>#k~3*GT*aI*C@I(e}Qy<
zo=%AccH=dZ`CI*^bHqOWIh$>iUS;eUrk6p*fypTt3l7-D(8#|Va13fMGO=lt9&UCF
z)5BeHthMR?Zx61F<54x;rL`h4PEk*fUQfMtiT1KwIIBF&xn8oPPR2j6PA%y7sG5?u
zZq<}Nz06N&n>6b6uli5<NUEALpqD8&_Xyo?n=Ks@Tf}fI)MsaBO{2^8zBH9Z@2H9c
zJ=~<1rT-@FV(UJ8TEN$fuMgiKzK#3r*}q!!nQ_<n%rriIX3SlH_J8`!m>UFPw8^j3
zGc(Z|ZOiW%*08f2Nu?tMS7?e>=h#Rho23(6FipQ136Q==X*HpBLfLXQF_wJjOUuCN
z46iF5EpVlw0v{?Zro3`ex{yN7P95fJ5gNwtmM@Gw^fH`JLB-4Ob;VUtEJLUac9z`$
z01BW-&ac*QphYD0JLm}l>Rq%`#iLc^ie0hqjoR}w>o;bnw?}2)>slbPFG8WMdK3a$
zR9{r?NrAn3&G+U;N-_|YqrNvIds+H^oT+6{NXyZWELtQ&TI9}(V)}6hl%u#<7eoc6
zAv@hiWGj&YBHM}VRGiuA{ys*xGCGhCC1m`coLU3?3l_co<dq<U(+m$vUJP=@LqHV_
zq0*eoWHXbQi4-`8IJ=|bVt-2UJ)fN>uo_QDN;9~n$w`3otTdK6pG|;W^y6~;%v5R;
zya=ExV?AVLSzJDsnVKADN#hffnKLMsv1i`6oFLvTD=EPtR?Ac-eTV?B5{?r`naIVH
zuYo&DCvvzFZC0Fea`LR=qnZ*&5KoxGXH4NSrO^a>6+!!JlH!^mK2{>EqBK%<)z;}Z
zpKLRq44O}Nsee(+(_eO0mTQN4N&OG~gJowsWa6qcj>z~?0s8=JUiDdwGrSuI(jT7!
z_ZlC|ND>(H_`>cvxhTf&d6e>=L;YkYKreVKw+#$dXJ4s(ZK=8Qj>p;VoAKTEvB;iM
z`_@wPiqeXWm-d&IJu~~cLPsyS2bLnJr`S<yj+9pHEOhNEEn73Y$CRYW*0JHT??3no
z8&1r%zcADI<M8^~SLVW7XM|GIviYV+u_-dww06dI+ih!ZpKsbwY}zp6Dur6V{`xzw
z7lc!n_JYj3erfMqXd^<ux97?p{1kSGpqKaHcW(13ir9Rr7&<jCXrDR6gf{Y1HE;t3
zP4T#*aYh$jS1%yrrM*13u#ER{*Fkd``Wec&yvNA6Lo~vhje7B%2;f%Q-@I*eczuPg
z9qf1Jb%f?ZJK4#f?)k$#EKu@y-)=yvYkLs7*WlReW6>aceRph*Cf@@p<35qUbKbJu
zcTtI<oh<e)#s0j(`}Xz+6#apo=r*0rOtCb-U}<dLx4q_AHK!5#I!nv${Bs_Q>RLu?
zcSr3Ozx%a8tGjEl6?eb3$Lcm{jtA5*6_sKQ!_pgs)r4AyHG>h)vZ`FL&iUfWFa!kO
z0?w_E=iKE4w`t-gdmTE)O*fc$NfU<|b1unC60d2+OS(siGiFE3&F|q6y_v7XgxyEM
z6MjeMy1)~zE#teac|u>z3!boX<TVpd=&y?>TwQh-OP+9)^S^qX^;#ytE0{P3OKxvr
zZt#eHF;G`6YvEj73u;#j=gM=TR)K2&#pt!FDLEfqH6=&(Vz9@>_%fdu5}RT^jZ15+
zgG=LxSZ@n(Y0cou-1vIHnO(9TnPLlxOw#_Cf0)Ee6-PP%8OED24;!IeYBBytWqrTc
z_#~M{cx2u*K3ku7&vTBLkIPzmp65c(w^r>X&P!KK$$MUG>uJ!q?sl=`iE-W3p8@pc
z&(T{XFRVDwTaL%-tz}Pp>%-`+iRS3?eD9&e*g4|rULiJ)R6h((Mszp{mQPAT@d02h
zpG#$XBpT6Dl*lF`n~9L5Sn4Ly19HV_#dzJKx$%nqp<~~^EB3rdY|o(1(;#4QMvNoc
zre8upXMw=&n5!cD-Xx}JpUP!{7g8D~lWFPGbQ_nn9Y4hD^b^@eWKi0TxQAto4tObv
z1d%5tQptdc>tBLn)0m0WxN%ohTxme1z{1iEr5!{jKpqB7{L~Igm7U&ErTkn%nn>oL
zmMSYh+El@TNzbEv1v)LGS7d37ZhU~qK_Z8U942yv$WbE4h#Ut|y!@XiUVhVPvvh(|
zyg=kdA}<knnFzJ1nZem=J{gckDlTtVFRN^g#tdmZPQR3*0*8r+Jezv4EZfed*q^={
z*p;&OQI0<r>r+-%0@ar9VKhT6(zdn+rss~=r7=6i$rLs`H`o6B;(W|c!^`Hw&lbba
z7KAOoB^Sca&V@E0c)6dEVra{}pnc|qErrkqeyRp;P%a)<EIU)9Zwg!91q-4Tf)x50
zvf_5?6?54LU+(7_cmT;u!SH-=O)<D;7G&K_Ln+kq^*7&nvmop(M8J0uEr!4jX`k!D
z-kCS~nHso(IMi25Q8dozf|huWmBbVA0OI)_x6Jy{K(l^x16>!kP!UFpA&gqn{fvLF
zpV0*^G5+wZpQqu0_k}GC<zImoTu_8KlTO6riZ32N58fMEwz%St$6uXFOp@FJXQ6of
zY)X=I#Hgn;i15VY<C(E|TpFbZ;37Q$ZSgpCb-C17+|W8B!89cx=))L(X+4FAkTOgr
z70Ykhe&pPJ*BNp7J~(J^b9JkUDG9v`_@Q$o_2}Z->0uGiK~^))b#bYreCyXxYJM+W
zR26aOp(#v}x>*;r$eJ7wBC<$EolT&SHm;W|<w*I}fbYF)P#!%3gQWj8o9GouA?N6Y
zx(=+<N2!S8>=SQrXytXNn--vUuu5UDTHZxcaOF|jH}Vcs&V65plH-3<1I+cu8Ub?y
zBk!1CZt#i2T+S%yb*o7=$8!PZ2F1`5uN7C()m1B=3$+5X)8k-3*)KMWEiu2w_yp=;
zd^kMUM*|q2aJq5itB=u}U;Rhln@^sV;!i?dy~%SCEA`>^=0q4Ok^@5#nY}E{S`bw=
zB1g_70d8QKGdXE`OXkica#~_~Po{DztbQ1Pc0>i<gtrx+5ms?Fi9H^68nI<2Pq?Gf
z03!Vpq+*c#VV5Z>SDPRSQ<`|RfV2(i0m+*Q`jT=%RYO3Rpt#dA;OJ|L59%G5TT%Fm
z!$7)uGsuOmLfVOvPC_wqVT_VWBp{9kRan`JuwD+CZAn`ZQ2{ZTyj}Wdbm6y%e2oY}
zMKhk%1n4Sc9F&R6H>BefGE2zSej#fy%{U~EKMj?Y99R1#PPz&GYED*8SkHW_c)ZTS
z-bT&j-@qgVoY=aC;l%Z&=9LhRxA|tgnsB_I3CG(@D>fIpw&+07Zwp6CosgSvgD{<6
z3j1a}_k$!2_g=eL*l=X7{pb=XvZ;;B!kgQ_-SuAArTAQP_l&#L*7@zx_eKkA_RY2J
zpYfGiI=;R6z0HMHd*)j9&Uk(rYAc4;&I{V-y0CWU0zXp&H_GCQWoK%No5I>lKAsCH
zOlLeAMVIJitLFvnb6r?XH!~s-zEKueEIU(^-V|0}^6*?pVLIc{bHZu{kIHO<1oRJs
zA6H$UO!#4v-Es*JtbqKPOEE8#jQtz^m06?gHW2dxGz7~)Lw(cp$0NJNbp6CZ1czvP
z8`cDEcrHvk)vb<ruT_=camZ9PC5JJvuu)~Vjm*NPQG+o4Iv@;}N17lES=c~sOI9}7
zE7lfjVcTZ{vZL1~JHoc3ct2-;GHfBkecACM*qBCJ#Fh@G1F@i`<S-;U(oM0D+1e-F
zEc(+evF2Dyxqf2&zt;eZ157*7M!8K;s{M(No}k`hb&VdL3!|sKYEOssdsI!yEv2fa
zY_7S?7Coidp^dY!xJ+Cg3v1)7wT^Mts+XnzYL;9fjI$<uNxtk&w@kE>dB5yP2hQ4}
zo%uahuxpGNLd!r^#B~}HvPd>5ad@V|E$Pdc0i@p`vY7~>E9p0he1!;yQPK>Zz5{ZL
zq=eEJiJT!qoHi4VN#hhcM}&zJA?Z6oaH@85kg?2EI#+HEqDeM)0f_mym`;ZAuOVtA
zz$NVhA^GC2awCp@<Rd$eerpM$be{6Ee{g_82Z<aavY6aZ%HXQvVl|Dn8L&?JI_0v$
zb6L9ZDiIP9N)i#7NDf4?OVYRKgb*GR21=(W+GKCBv&<r*uk38AOg7%-&`&#45#aV5
znV>8LZ7L>)p@c5JfW?V1P-NxB`Y>RX;=YSY%KzizLV=$oS>oot`OW*UZ{9!G_8jPJ
z;@hu$<CWrOVAMj}bEVMo`Os>h#ey(68v;RaHZ&LNL-6VlNFmgBb*LDETvPj8*W!4D
z8n_`0&g6Mq(Ky3}0)bJ=K1Vm<K@`oySBKPK1w}c(yxU-Ff8H)b*Khk_wCzOL$wYXN
z6iRtSNv{)mgUFjiNR%f1Hj#ft<Sil<BEPpOjtHgYBEQ3TovU1t51zMoy0)t#KT1N6
zF+VWa*l~{(G}X-SVTA7y-I6fjflRZ54gFjqJ)W4v8+2GV{k!#NC@KFOT~#H2hQN=p
zvgZ;Pl96-<Z(My1O(d6zWS~uw46e6a_$Q#m27K>j(PA|V|Hw}N<F$+s9@#R&%dm&9
z%rc^}F68m?plhsjsH>J;WjM^zej~<h9O}YHJQwhhzbcmDSiEY=N5J7?fLlgDg!#lQ
zBM9wq%Lr)A|J=%IC-X+kLntG2R&TwUEFYR<Zg6)kBmdbzzExX>a{!;vF~ECP3~QDT
z0f+<JVgU`M2J1kn9G#m`D)pBioX`a9QJ(e{#-wq8XRGgd{mA-iqAA**Kfouq$i-Cd
zT*d5#Ws(rss<J}eF2ZC_8&PfC8OM+ZTd{EcDO7seB-)+G`^{&D#YBFko|DUFO$pDG
zWjiB%6HUul4~S|%`)Jk^rhlLsY*$)PEXB|$j#L_K%`Un%SPN>EMQQ<)jUKC8!BB$!
z!&xF^BO$#)WD*2IV$2#g!^&KGo=%5|5VWb)vLPB;+J-?|njtZ99(~dj-S+~B90IA}
zGgJ;^P~|XqSMw#PvL<GZr?41vft9?<VDMagAZk)(exbJFen?gP88Dw_jsS`B&QkO0
z1vc1&rbs`tsjkTqVN)@@sUY-`CBmk;&}IZLzsg9FV6pa@6Z#6F&HPji+@M@Mu2^=a
zM&A_r$o4=h1S#}0WX0{&E9SBhzWgfBzynBL3c)_&h55l3ii0m8P(UE`!aQQw=Q?6S
zFkzt6_f27*0FhT?{H$o4-C$+$D?BhKyif}D6og~*TaOjD9z&pjK<L;!V%X<8VnRJ?
z_<d8DCqU%Y_57@8oZVn$@hd!l3`+>H9RSmd!e|28?1<TW?fUcuAnoGuhR(Vn*07{0
zu@k1o1l}u-w96!p<}dy<7Wif^Xoi|II$Wty9PN$?04$!72?MZ*LS0bw;{nWq=&h@k
zwE$+mY*=r@n#9pO7XY)jD%j(_RyE}#Kx@&b0cI~PosM}m0OqR$fN`C!K7t`8gxP7@
zrGn<{S0)0{V17G)pIS}qnzTlp?oCpk9(68XrO(K!!jlx0a<4HdD?THv&f_%;1g&Sd
zx@B<DM$-)U5}rZBKyT^EO(r`O(=4XWU|ScT!L*i&!)~cuKE_PxL_SOL=3Zj@TCA+U
zL7n8EgBWwyc2z~n4Cd5nYW9t}_JJidou3pL7wqm9zQ4H*)F0rTYJPwB+VoKl#{{PL
zH;;A19K-zmjV9C%TCzq*n%?6ijH)=&&R$#QRLsScC*=$zf2$9ZB)sCla(_ExARQxz
zOz-0c)4PIH@fC-~a)0A4Q2$gOU>f+Mma;dUk*lRL4_kQ4bKy<bFj_4&e=k-|$=`{h
zQ)3`K<QyUfrw`0NNEjt4G&@XXwd--lFa8-<;^}>e_ZO+s;O!-wL~kuKQtP3|?k(YI
zZ+%F;g@s0y$7A=F_i1l^NWEpDfPU=W@;&XX52?3SRX$mm&mMQ)YJA#TA4YFMZ{*MK
z97;!$=d-!#2rZ{4l@Bb#O-qRMtGcD#*mQ&~u<v04El8D?T6Tld*eZUk_t6*oVA+kT
zcK;FviXlciiIN6MD7A>og)$slR+=u@S|sBF8BS&9o+a)&Ha#|(EU!Fnw{M9YQ)&9o
z@UcM75Oj@N`7N6&Wo6_LtX46Zs`@ACn&MV#r?gq#6TaY1P`MS122<EGwLUH3F-gk2
zIORNs%3*9~90nU4ag(nF!(D-Ti46zk0BIN(Wi4te<QD26lZQR<6z$K>N^|X-mS7&>
zC*ZAj-YN*|X4f)O46U0Nw9j>6-OOA3Oby&X+!T*18fSDtOFT!V@iaVuXsp+t53PlT
zWkJ|DdxnuBxf#$t*M*G*vc5E85WXR7q&sSHMdJ(?c<MPSk0;^*M6+8yTMW^1qRY51
zNW~JFLP%Tl!xy^HQW)HFi~7L|A^i*&cxqY|gt}^pcmUDlmEetc-Y5ubE=i0OLu=**
z?Q>mNGxG*NQv){;hx=(MipCjT&=Sv4X*>-NAe#NdO~nw2DKDc@LCmtr>m-}hWQk^p
zA>GlCJnCm8dDK&rv=NPJh&k2p`$C_pcqe`RNjxHp>i54#PshI{a+QdclK;DOfykfX
z%Pd-GUC*(*&amsa{q82etNVi$K3BhbLrOP>FF)*B=w2TJwQ2gH?-xXm<ed<rUS$P6
zZ!cq=PdaztTxt@|I!z*xTmJ`z=C@H2Rq0R8Thh61IR2a*FE_3lo5X6z)LD3fA-nZO
z6#ZXzmUFmux!&U(@JP!??hL{A$SVIvrt<ffsr>76Gw|_9FyW{6iAyj!Ctb$Z`}MIr
zY|S(CT;S`2CRu}Z>PL`ERxOir?P7?l{F}t)C#LdmQKgqlIzwRogfo9RY{kX6#n#MC
zIB+})gMf>A+m3&^%m~9$G9xy|Jdm%qjhr{+IaOPO8w6BMS$kjbl~Q86CSwVT9pbWB
z@CnI?sfD4WC&P;Dn-eWq^nP&2FjXQ;r9{N!aEv<;i=^a;{$@*#M-p<x{06jM2~U!<
zhaFZ@WGItWyV71Hk?4gj#ff~8$kNuNY;pQSzxnQ0G)-&`>*Sf!V*@?HBo(XG4NWXr
zkCv@g$4Yv(QvOQFQYl-v$XaPO<8D?PT~EuJ;_K7^6$mp+aSUNv7>-K6OIHnBQFSTM
zj>Yw~+ZYDr{c3>fxY51v@D*1Z82+>{!6`2<H8-lV?)pmnd(>K<!jx^S2hyBnm9Gct
zEj433kcG1><_XJN*sy=D{kbI|?I%SZ4lv2_@N9oEw4Su7p&iB04g{|4XJmm!b%&}B
zWg1mYdpbwjRV^OjYx}vzlm~8FsZNPmAy{$m7nZ<eX(!#IT(oYb423^om$g6P$0}9W
z<%ZIh6gljufI<O1-VmXuNm(1x<BeagBp|;~O-8&PO1nqHdf4zVlwQg&6u0xUp2$UO
zzffG{J!~OPtxz5i6f*8&F%_=0jdJCHE@IawMCKRD$Za8DvdT?%hVa2uPc2EAYuv}O
zmWEvvuN~lwDVJsKj9jQyplWJk`Za1}T`sq~s#>N2g%<M*wMHK`rn1)RamFu{A+`90
zvKX1FUnoGKbw+7=2*w8CMWB$;2A04Pqm!UeYZ(+W@>sW<0fnliti3M`D5QI83X0^Z
z$$&z&x3HDEoL15pP^dY&EWdxK5(>dV#VbiEj(rv`W+Zq8S`q{)!Sdw!RxO|0OZz`e
zCZ@X)k#97eEcDAtPp!JafL@wr5C;=D)%&a5dog)NX#k13t(*%Pdlb|Ms-%BUx4uT?
z4~hH{k=-ECunK-iKdbl;zI5Qkq2ajr*`eVVC3^EK9S2@Id1~m`NyNT{O%4u;r-p}4
z9ee3yrC6?Rv?Tq2?ylOgDITpc>t9@BU?k~}QQ+d(XeYx)<(*g?K#EldNRLo#D*%%G
z+bT+GSzYSfRBFd24Xb|Kwr0Mqr`Xo><5fNLs}2`e9fk{0ZACOKmPWF53^#2pbZxUp
z9PqHjEoAuSDQws^*S`BHgers{6G9QU!ywfEeLM(-+?B`T5K3fQGSm#DtjhN8@&HH?
z0Axo6km3NV0!VRyrRTHp%?#26q%62>0I6m@bs3OaT&Bb!%rKu;^b*L@0bDyd*sPQ(
z@oCM<iogO$8F#S+UWW9?5=a@jEdkEL+yq%5zp1B|1f-1nSk}^jL}ftA$YohOBNvk?
zRZDG5-qlhXK&o0w14u0<Qv%pk4^taN^f=>p5g=75Q?eMDqApXifM)<wi^-IXf411@
zTqsjA@>utW0i>#>ti3M`AhnoGsrDAO0#XZQO3y<FdhD2py=kx!ldiTSM_5pZLiQ8M
zW-^lt!IYs9g~$AhaG##J2$w4<W<VaNEcp$H?IswMlzMTY7iF;va_>QP-N8^c`!W(L
z!SZwIKVq0DP3AJGYWejQ<xwOrEArXonTSZqnzYh*j3VfFmX@RB`fwKW{Gz#Fv4mSK
zCb;GK?6H#vU;3=bkk%6gRMKBln+Vjt^tT^T>Qn_$sjC8vjx95vB!Bg+f9d{M8$b&M
zSa&MJHNYvujZK+IZLu=D2}}J86-yCFf_wJoO3iB+Jc<_Eq6|xIFRt1SEY<3p5#U{h
z9Mx<oweKr6KT}$9sL*w|v}|o*-9VvZ&>~kzV7XceR0)L*d*<5r{%V4%Bf4Db$The%
z1Sy7&%nRD*x^RTapXl^`3IkM8c+M1$@HMzNG%~5-o5GQWCZPhxC<9f$W(lg6+N<iR
z-*B`YJFLOeLeJkEH~?T&Q)w*Bt;vVDoZ<=Xc*T`oymllXsz+7!|GD4rMO9^s$%l-#
zwSY<h-B$7;BM*nQ`siaO$p);cmePPV)lwR;W-<8?&CTpEjTdY1Yz1o;%7=~&aWIoq
zRb}Z+x|?f0wqPYiy4#rSkXW_WBB--Lhe62=JrzEpO&(W>-IC~!s~%VCQi{>$jGBRz
z6|9iHk79LY(^k60V<?-dO#7-zXd;<TO7P{%t5u<5;_<4hxtABQy{NOWBQ(*c4WWs)
z<qFmSGO35U4+|Cs_LrKMsk^M`uI89OIS54d&b9CR)ttKz>vQ+vYuNb(q!>CpFKD0Z
z!eKUd)9L#Z#@tQeIa55s*RV5-kx32T6b_rsfP9Oa0sRRLy#GSvI+2@1-Xbzhgm@xm
zDkuFug@};hjZ6l8WDB(KuCtYFfwpuI-MY+m)c(Oh*mcCN=A`sv`0@jzfF1X?<EI{*
zAXo-@MM3gSc%wemGU$}CboC|L)ax^e$<%l%H=R0zo8(_0z$!<W0}zveq`Eem9{&rJ
zJhGAb1<_s#nm5c8^6_^DJPSw5O@`=Yz!1=X0yQs+sctgF5Rl#k+%YhA>U3zXfsJd>
z?7;o3?ljnG+T9cW<ly!-(5t!=b{WfWMp{M&Vy<33KSR93m*AMiJ8<etg5!#VYu$vH
zV5K!odl7H3^d@XOVn6zMm_S2^Hf$k;iutTWPrBeH4S~@jxj1eyD#~;DM}EK@)&4}s
zAXu~souEk^VJ!e?i3K2@3XlB2Fe<@b7JP=RK|EE9;D>9E^xCoIkk!NoJQr{qyg)qh
zTJagbu3GV2s8t(GU{uG$K~qax>Ytz$vh4RDHUf_|f-c8(iymgz{h*!O3}1m=-53Jm
z3a)1gjjqwhgsC1Dq9O>OxF0%w>|j~b%5>m}{lzb+{{1FaMpxyJ98>*)FL+ZBf-q16
z*kN+d%H8Isr{Nt}dsmQGH`VGU@6jCP!oeA~J!4>^Y<uvrO!{nUB7Q!R%`<noy=nx`
znE<6*J<a=YJ1wk&4|@9YtyE^EYhBfLXA50#W7oN6ipqe;Tjn56>Zb(iEwz0DAzYyp
z+F8EQbizFEN?%15lY=*S+vVFcye9o~D$jF@?F<pgyCWOnS9f22RTLhFX|p`tMTPcW
z)!wp-J(_Rw?KkZ}!JYF)H9^ZWD3|T$Cp}N0AtL9Ae2PehNSeq2A_s{aB666>5h6!H
zu(_XVd!ucScV3<_cA0?Jxf7JImlFDn4l%sNDITp+D&;WrqEz>Z_z8vnE0JL$?-F?r
zgt^1wmgZVOH8@xIhG45!wRS{{n_d25^5HIj$1wRQ%pb#IbDd`CLyKT*D=vu{ro!Rd
z>QZxumD}Hyr4{Qh?a`r_pY4SQlm>kl41m@bHXJB)9W<_LK7qTLPhd44LwDR;Fm~Bn
zRa&vF&^3Tenr^IPLn+Wcd;D5Q!9Rp;-#UCVjo7QN^;yd;^nPkM4Ze*;%dro|jqtNG
z2TIFV{Z7|+x@N`iec`)bm|MPW=D0;ncqKeVJg_wcg7=C1og2Hzc@TJaH;cSWkq_K9
zA^7%%2NeH-p6a$K)i1PEuHf6p%<=b@&OM9m>rmu^+*&-lNEKp5mRgoydggb!zteqb
z^=0?v{N>5pHv68=Qs+u@+_g2g8|=;d9yCy`dD&D3tGxP`Jhs*i3*|RlDfXAp6qlnH
z{S65Zsdnxm74xWhi7#y%AF~H-+Z>`(`*rPVc-iqH=1}G>)q&Io>M%KO80DCwLUF|v
zU3hY|gJTg=Tv=caARCS}%*aNxFKP_UIcKX`2RyW!DXu(a#?XRkcCo}0dOi1`-s2G2
zj~aL3m_q+g#C027uin;tE+z?&k(=A}ES(#3GP!dwkVW-c5`Ho6V_8c>1;uNJbf#RE
zwKH;|R^F<q4XJ`r8|!in#Z|SGhT=+h=Rg~8_)W&p`1k5zs-LymhodpQr!;pC-2d4k
zBhx?1RX4^S_UV9WymBcCykXlj|1%b3#?k+vw>6L~=3G<#EKm{~uOT4W;K<iZNcNL4
zUPE<_*IJ$`jzIOk(%X{R)m0faqYH9l{DwZEPZdY&rtxF_RPj+*H6?$ls;1;V=&+@Q
zhdCf1PPHZ0q?yV$kJkSDabM4RpK8w^*@ux^74q=?_Y?5s9U-5~cKBQl=l7h#25}1@
zd<5t&m%wJuktDQ~(*~MPzLprvO-=*1k0pC<(WIriSy{G-fqZw~N$^+|4t|l6|7#*+
zL_SSqoX9yMG$GJ>&kMAU5+>{F=GX{SY$Rvlff?S*^j){rT*fxrSpRA1x~$Am8aygv
zKQ}p<i+WU7%t@*c+xl%Mg?16yP2>_txl?A?>ocd!+oDa1OG>0Cl9opH43D$Fy(9oP
z(6;n*+zQ~HAh%*qNhCe0gw<J!dzHut5s8RQBu7LfatcKCvaD@h-6zE;{$KKV74Y{D
z$TTHZB5-~4jc%xvEjFOW*3{}aVcTx#fLc~JXImP8o5q~#x^9uOzD4NU=^!Kf`%Sj?
zu1o#j7`YelwE6A=UaxxBe!tNc=q#-oEUg&0`su3&3Y|Mk9bK1(E^T}F^Y=Z@K=2M^
zrK@fSY~GgJHsrcb24l0+bM5_AgrlDnH)$O!<~w?d9q?Q>_>FCaj-I)2FM{OVt=HsD
zx!jd9+#z!x$lUQU{3Vljw?Xv-2gs%~HSQ+e!kof%##6kDRhUK@`WZQ6?tt?&x<Ypk
z_Zs2q-k9-+etCB#dQYY|&eytLT;sIf_~TD7PHF(?5POvabPbksn7+#ac;5C=!t>18
zn4@CF*KI%=Lw&@jWVC>G0MfXanX`N3j0w_s3~Q}_H0n!_>7Q5wXbx`c^aw}b+-N0B
zFdySA6$d#4&W&8wHR8EcmO)#|CeY4wF+rQ2y>)my<H9-9^vqn%PWVkzav(oMQ}RJ>
z8FEBQWY1xrR8?4kg}bRF#6<dwm+eE9N@u5Xe3F)XZZ%+p<e^DZ^I#H2usiCIXb?%X
zd_?*p2qxP)-87KYiA~!y8%51qq|!WDwtEz&X*O@3gey>5!EZS$vPrGR2{GzZ#ZUi>
z3bUFGnLvq6dhbz^KL(MB5jN&DRi30S9%KFqAOp%xN!SyMc8$`T3+7sB(+O*Db@ABJ
zGg^HmUZ#2Nf1`Ss*Mj=I*67B(MiUn1H80I;E7s2@X2nar#+>GY{Nj#4b6O*t(~tx6
zV)Z#q_lvN3Hd-Xlp4#WSu$jCZ7!e5HKpfuUT3pdMqYIUZ-xpA#IkD-CM<dZM?=DAG
z)faf@q0aIbICT?^*?Z#)Uf?7>c`Vc5MOSW#4I~NZaXeP(zK_cASZt)ZFLTyP7K3$M
z{)JK;wq&@9oI_Oi&k34kI3`}x`o+j!)m2j(atNay)@5>z35&AT9nF2Dvopyd3_A#;
zENeRmD>+1&0WFpchx141HLFX2b2%w>W(szm&~m26;S>SB53oY`tduzqeW<bD=>|Ds
zZ0Z^rPmN*cnZH24<d?w+v%;G5#c5{6=~jQ4^``V!l$OjwSz6Un^Tlbh&s30({d(Xo
zMam_|@w)zNq*h$;PzlRM`ul9zFpJgS-#dv}T4c#^<$o(%F<h}ahThV|Xi6k;lnO*>
zRg9IbrqWbdut}$IlrkM7avUV;S6|uee>myiR&p@EOGz0ULyU^b%g~FPu`x2u(8k+a
z=S5U~KxHMcKcU`jaq2eH=DW4%1L`R58ojyy7FENtU(E=!uhhKU!km&DVK%K~Mwrk8
zEHACtUg+9UTDRrubg^T|B2!3c^36E!>o%A>=Gu2I!K&!~XSDUU2j@fEi=piW;ovoR
zPXQ^04$ceO=elsP5ZbPuzE5G;M$n}>Q#``g;9JGWq=s(_2N%l41+)QsYdbJ%%3(LX
zwMA#IU35WzU*_)eBX?Kqeq?vW9_FrCD05d_pCe$B#2GNt5}YoyLF6En<l9DW%lGEO
z+$2dBeNUVP;0`u<?NFa;wTtmwsFkm3YHo#5HKj2FRcW6XpMk_i?yeYiB2Ua+aS(Df
z?yeYXvn?d!i#pN{J?6-4dO9*;t-#0F(~*hgYnYqpfaJG^ktw<vru@F;PK_?nnfddW
zzrwBXm&=}d;wLK(2qiqst#I?mX+tPc^@-+~t!m2J-x6H1FSclyG9ZS<R=!uv<1+8m
z!j0<lpPiftV&mu+hjrssn9*e-#}3M{g~{prjik~S08uiKr^84zBEOP?8G~+4XSnH#
zs5>5xM^z8z(jTCKnXO8`1D3hT*HUs0rS$6DYHw;>wR8dJRGaUaI1+;OA0_Arzl*BG
z9Dxcs`y!~)(yd^bG#w&)6wll?E>Z@!nH>jeTMCvwv5gLY5C2&Sl-(DIm&w)zy(KHL
z>C)15hFlqFWr7BJ63kFl2dmFA!MSCl#W4!v+9*&RB`z&rs9H#ofT@Rx${8?)<%#Ng
zX0Xt;9Tp_oiXd9sGn=1l-?{{>`~<n2`6<=4rx=C=e1OE>J#!&Qzz42k`w);~XkcE@
zK6AoAAq2s*5rgmz%EjY~WoK&iO<{nxG0}1%g?@&txSe{%TsFd2u{TNCZE%X@+_T|j
zRIIxojLe5%y$mbnk-~E$DlLXa<`K_6*AX9rr81qqPvLGgJZFlh@N-5MH38^NVMMhj
zCY$7w*kvG(U&~Dke?}Kb5+&Us@{q_s5P6FTWmgL#W?TA^PRL?dUV}3-Y5vSzXRj-G
z_l&*Cwf*k8pli$BNQdi?{e!JduFq*^&6F{^l5LZy2xq2JlR2mtnGKq<Jf5AV$D~J9
zQIW$zDS1&Mrr67)6pt3ixJ|{aW>H#F39`+HmQqgkoX?CWCuNCv63Iz~rZ<(5Wqd6$
zEJ~|62R-|6%PKL;ImLG(_Nha|Cl8%EBuYP|v<-4jQk;``<tk2M_Dw>}^;GoRM7~Sp
z_ldB^DQ_@E*o#_CO(yqCezX`qHu)DIFh;W5e`MPNE#H@I|1|Kx>9IQ=*g!sLve^f2
zx7a%SOKp9nrjF8v&81aqODm)ED+h`z2TGfE&u<zoZW_K5YPGvd;r81N`2A_9<+cmI
zF!E{)-u6&Pu(d6}6n^j6th3m<?zWere75GccXRJG-fpBbzb({tJ3yhJZP~`#RNU<*
zn|s*@%@pbp?Cx1-Vf~I`Wan)gPOg3aKK(q1?6!B`v4K1|=-6l9e#Zv#;JBmD-hami
f@*r!E+wDi}cWmtE!O4cV?Do&u@7mZ88%X~T8U%3I

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_resolver_cycles.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_resolver_cycles.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..7c6b91a48303601540b7ac24ad6bb287c7e9f164
GIT binary patch
literal 41685
zcmeHw3v3)mnqJSlXNKeq-+Ftj7d4XjlBlO8OB5|zmc6pg)~uD4lF5i1QL`pz=<d;L
zw7#>k!7hE-Y-C_J%e@3S1vmuK<&Zc*f;fAJy+aPjV}l?Z(-LPJzJ-(9+(J3rMK7Nc
zB|!51Ro&G+!zO1&qV4sb8sy(q)m7EiT{T@_{ja*$*cg&<JpBieuTOkMlKzAu=Fw~f
z?j3PS()T4rQYFQuxL<OqZg%z@^=j^zbkwK%WBf`$4d9CBCHZJj4IT}tp`&3ne6&Gr
zINGQ-9&J*aSU&Gdk)u&Him*@dD*?r=xKA|>uQhLLoli9kueV}mXds}-r&^UD{zLc=
zpK3eR>cd6F-5mgJIMr^18c#JUO{W@^$f@u^REe&TzV7|HOYKmaQ6kJrL{2pgc$F5q
zqINEm)=En23Q1|(;pX>Jm$9^Vq;-h2<t(ieY0E^~3YNAUX)8q9N|v?~X{$uqsxfzb
zb>T=No5{!WX)UkC&g9hC$fc3-bZj)8Pmkm?xoj+z9gV4JEjNCSMKjr0{%kt-TzWE{
z9ZhFPE)CPQ^J%r`7B%x&+^<K5CeID3BWE*I#W^*thli-n;q+uq&Fd}CWwenT3ZzG=
z=s9&Htw&!SPvvp*iJ??JJ(g21=?$-{x$~LPw0iu~WLgg?BdIKMpBvA|U8rH+&Gq&-
z&Ye!HS+rV9j;1HabC)L4*?eL7X!=YFrFyM2tv5TC$zIfb{M1O#MvX}3=}y6O+02{g
z(#g!I?#-qq(t4Acx{y@UXVBj4NLtfFseE3|oIZye>GGt}NWFQ|c!1=H`2>D7jfc;U
zU=)a>0U;0m?~Q_dUpk4A%#VbWa3$OcU&4RV=xs?F_L^6%v*Jp4_q#S338Tmxllr8D
zr!uV<<8M!Jy%hHpdWY0B+7wI0wA92Tx_18iXZ=niAd?;IDXch~&rfQ5dwbv5t#zj+
zGd<(Ek<|F!odW~g<3W`kL2V?`M1+2oY72<okg|8VjL|Wf%VhIvlyXEs;vSWTxk@iU
z4-5_t4;|S#5D!$=NLhIyQMX3#FvbskU}*2D;lr=Ka!Sdj)H6f5(ex=ccu%3{@+^q%
z;zKgY#<JEkc}Z`aNWGC}7pSk*<*2Y7|Jpu~x25}SQp1{3$GTF>%2H!<sd;&6#g>oT
z*Uz<YEw*nhHFuX<SI@PsyV_Ff+%VU<<yy;~)=-20wiNRD@1eY;2hBmGjfgHqx{QC;
z-K!8N@9tg+U4+k<;@RUvH+c))qMNL-9y_DvCeU%?87&{nonb#iYQEM}XxrAeZJ@ia
zzq^0O@&3NO+xzzR^?j`nq&LxhHl>}7`_z@xGWkME&7xa1-Je#~oT}+f8h%U3d}ab!
zF(C8?4B|7H@pO_EbE(wmxQmt6=wV{&GO8%bULY%rhs94yeHzJI@vp4`d0YB<xSd{K
zb89KmT<YvDwa4y+{q&anKEJvGSw`?L4)ZnL+l-{|OQ$5&g)ch3<f=z;t6s&kLQ;K-
z7u2u#Km&?jmB#{cS?@TGhASBw%EvF{j-mhA*X0)VWTBTX^6wbNJIfTyU&wW5k&S=Z
z_QnQd-Ot7j5gF`p?ykRwacb`_-cgFT*QNOOc(X3+cZ(}t%o=Xviu)vWH#<(W^tyK#
zPnq?cq>;~#gh!-$6W(F_*TKlK!#HPs3EwdFM#Yi!pA4Hx3BRZ<pagQ?PRM(YNK)>H
zn~V%ExJK7X(n<Q!vSXNjv=s;D895Oga4EqP7YE!sjIWLoI!V7=b_~-Gyy93ZneBWA
zS4N*IyGvU|W<=LYC)wOiSIjn>txREf*xJ}pTj^I^N=OOU)k^#%Z1-_&Wx_YFb!d;R
zlw<3xQfO7UYHrbMRdWW+)>O?Yn>m$+9$&X#lCmKMh$9i|bFo<XBz^SQVXKRNm=(ub
zDG@g7GS6w364~#{`tcvw@0y%;9+^s%hIzK(<Z83ZM1xsF7QYh3+wacZOf<4Fdco{{
zj8V)dwl*y^Mgth5%_k;oW3;8N-mhhh(wCYYX1mQ+)-*=vmBwgjQCjP2Wi4Y=yj9V<
zTE?g-g;urN-na9Ju6>L)n(s<!>+!O&)}*v69f>Am<b~=Oc_Fhd^K6a0$+yNL@y<fm
zp!s39eaH>en$Zm4njY=ZTWpX}ORMKIBk6}e?fgi0>S54`Bgj%tU-vq}5G&v5Tl6Wv
z?t19nzyG?c@bZRDlb3eHwa{fF5ZfQ4P+wfzMCa}1B?OF1{c){_!;#Qi@z7hb{k+8P
zxTbr?(^=g&rluy(Uiax9R70en$aW$-i0pnCNoi<yp53S)chbGc)OSoJz=$^WEpTJA
zO=y7azB}o@S~{=$SflX#+fj`=K!iT*bjzI&n{2m4OVwR;s|Z6+Z2DJ&lr>=BE#1!_
zQ0=4C(80+|1V@r7Rc{6?9v=t%np8(}6O$>d2^w%YdHP&t9H0~6gkelgUzXI)=FW|e
zvaHFm@!aXuc#`4pU{XsF2%l8-ra|^1usAtPkVbD!($XQ7Po^&dhG$c>PEl!Aibr&>
zmL5N&hfI8yOxePx^{@@k=(6z`s@hNO4^spA^KY|92JDet_Q*~i;f>kDpO8oT`&EJ`
z_RKr%nRjV~dJTkYo;dDW#oi$>Op-7RN3>Ys(9$YBs&97&Lp_TXI)Gbgzk~4%%+|iP
zw4$ffvAWc}s<dj|^qxCGUq@&vbiY9Y7<RnUBz1OO3(a&LnC&<?75=z&!__xtTenTg
zrRcJ`Xsj5G%|_Qw`EL8Aw&g$A_ujr4dBb<KEBj_6F@&xTGE$6en3IjaS$V@uBqpLf
zaDxhov|?F|C*PDeT-jmIVa8DO%07O<UNyp32St7nK<-bX?LTOEuVMPN_aalik0UKt
zcKq$ajNCgtcJ;!{>RyCEi;><r+4!54d#4H_#sfFxUTUwAqgWQ>$v5R*YN3_GjG?Gm
z9csqCL?#jVNbcqM*~HA~KWl06mq3tDuxed1Y%Mt8309?12Gnk?FsdSkFFjU0Nh?`)
zm^`xFADajZD0K_?dCkfb%xS!%RNa_UX<PE&snuh~*U{{+n(+F((m=*-RmZu7ciT<8
zTL;2zGLfx$CWM=9R6271cQ|IeTH7gi!HE~0`=Pb|&PEfFM3nGO?u_~LqyN2z6;)@#
zj}_H2Ds8Q)sy=<hZ1<ORT~qs4Dri1w)prs#b1KV?wRf|!LRpz;Hda6_b&QV|vo7;&
ztblCm?`$v|#ad`pVQ8>|yA=a7Z}c2Egy0%7wisu+$1Y^@XYE{k?cCTHusMKokGc^f
zN9`g)qeqPsA+DT?@13L)hfnPW!4g9;Ry&Wf>>)%C_P<uS`eBO&hPc&jbgSJ&_JHt(
zO<{*^2{K?Vs}QJIabb0{m931nv1N`P%4k?u<Wu0;>)^!GtySV|#cc~6TH|aZGVm}w
zn#zM=$OHk`UAjAy#p6!U<D%jiWF8dUW8NMC<MzAEBm|5khh-sFfjw+-!9*xYEw7T0
z;8N%<u+}f6)zDj;urj;uvsPc~PBfKTwu{J~@}(bI#Fl>j@s^5}m^w(s8rdq$eBb>2
z4&j3O9FfCBo+t7Gkt0N2ByyC<DI)Zq^j3!k>ps@rc&qvn<$IY3#B`E+jL0iQXz8TB
zO5`;n!$cG!$B86}{B;ofN@%-%C1fm%c&GQ-v+XWhQ1z9?wrQ=X)Lb~(&U_8E-f1}m
zcDJ#b;=@CKrjE5#W#JRJy><*M@y~Eg^-1fpxz>%v){Qgr*6(ODts7?}T?k(5XQUX}
zIwu={v+~xNNSBE6zzr%T(u!p<o_tf@O3M<X667#rD2m(hEB3k(zSb`ahyb#enmgv2
z*B6`DUwy6E+%@I@II?_t<8N=7jr7dOJvSpgb8^{VQSSK;7F9-Cd5kCDlzXPp0xO3t
zCUX4t7JCjec0=x&ak^tEvT8;?G#A@jjO}HCgT>fE1ZH9fXJdyDn0jj_cBmLRG>2U5
z??WSv$3CK%xF*uB`bAn%K4ivjP`!Kkm05NVTiCjTD2f0|FS73YF<7ln)_qHkC!ehQ
z@Fn|IUiU$IW=SUmk2_0xA0(YvN(owY$w%ir`GSe}Yg+BhD~;7o^oazG4S3>oe6A8S
z;P>XjuIJL)B-CVp)){Eqia<U$nH$fIWxz3y<y2_E#4=h8P<?#d1oxv=F#9c%2$-1t
z^+&_(wpJurE9$`Qv=p5uCE(b!d0xHs;Zw%dZ+IN|sgW$)h7b+)h5;vt$liL=Tv8?H
zwOxOy4#-%ovPrZ{`+aaRK0^q}*z$9&n~SZRXXHKtk(*~DTM)eVCL_g2-<)jx&B}c<
z5dbPH1>qZ1N~9IbVm$e#+()p{D1{tm3`KD}e#Krl!q?su1w;VZO9Xg%TL-PS4!$4w
zpmU}dqJ%-vVgzh`<8Kxz)M6_I;Ttl_inL-`j3?ie2dRxlDdaF?D9Tz)SL}6DxVP*k
zq9O*^u0snhsLM$vxJoAVP%=4zRXJ2_l6pfj`R2LQIEl0nizJh0GOCsz&t%it91;S_
z<Y;arnN(>(p{hhKf#~f?tQsNM8cAB}XUKJ#GLQ(Lt#j0M6e2>xCXK|p-;#dn-E-I5
z>Fc|@t;09u`n0dzcgV$yP{tAbi^JfcN%iaGw9xP1D^Lo`So%1B2lbZg<4jP71ypf{
z7SqT17xiFWro-9GHFew-nmV%LH?DZ>nmP$juT3k*rmN#Mc`!^DXE9wJf5Pvms}r#4
z>IlwLR#t+!=|qs}LHv$6hu5g96H0`@wF{qk*W%eJ4NHzRmL3N;D2;Wsa%C9@(^*$X
z;5YLf*2I$*rGS4LtMc|luT{+{@I%#{g0rYJ8T`Vq5>cXwu)!~EsDoc9v^vbO3VvZT
z*VD<$(ABx_JTjFQ{HUaCqYVuUzIHay58dN8T)AH)n%EefGT(2Fx;mkRj4|4F;@50r
zw7st0uSG^T56_ydd}K5Xt(Cf3S<4s|Z&kFe7P*Nig)!Pubv)HRMuqf2=`>^)5oMXO
zJP}zUEiq%{O@4Q*IliLM2mbU~HJ!G7^kbIR4*%v8yfyV1DuFH6&KcqCXvUZ(p0uTw
zGh(r))m~hw!c6|Lhw?C1H>>Ph6x~aNa3xdGQ1?@aR3w<Pi+T{Dc(ej=+H^=p>f?RV
z#H@am$m<|l6vU22Da=`xYd9XIm*=SX(LaC2HIzOUDsqKx_-`K-Ush8H`9r9LyfoYK
z@~?tQNXbzpWcP=wchAVXXIAenMt0B1#^0>GoAfuV1cYzMy9sg{X~nV_PrfPdCXi|6
zFk>icR)?B#FOf+EK9YAY!WPt@KqZWGI-u741S;`YQKrUG*EIA5D&Y-g12&K(rrN9w
zkkkT@w3I-;K2_l_1|+pU0rLE31(xCG3giK)+6wy|AXOQ6kVOCIQ{$P@`JBW`c%?D`
z#AN*fT&ds2!`)&)iKPDOc_Mv8m}s|BMn6SY7<#&ZP`t4MDXH($^?Jm^S|du7VImHQ
z`kVpLBFwp=njzA{mHbmQM*HxK15Hfk`{iTT9ktkXM?dU6IwK#Q={;JE9G#PmzgeUZ
ztIkS6_=b#fBCS{!<H<MWqlA=<QpjP(P?WLi=!(5=3ip=XL{zj0i27eoKorJ39Zx_M
ze-Hd!Sh}!JK$K<0S0BGA(KsylHrBfZ!~&S%N1_~J5g+RDAXZx$uXO48Q1i4%#ptNT
zu5n&zaD0CC`B1;4yi!1{&cfhvI5=SPSg1^r<{-0=PsO&|*;r(g4X6dFY$ki293XHn
z3EVupQm1kuoMmHQoy6c@1ZOdkE`hDMtMJmJiFDZ$%@gA?>_#ei;Bt|HsAbp1B(`cs
zv}=e$HRupB9v4*`Z+dJr$dm;&G6*e$ga(srvoj{-oksTTNwPX4yD3fIUo#qXD*h9+
zK>OJjj03-<x__ls!xHR(umn5s;ratJ@`0K42a1scbF%R_ixjd2vr-VgA)}Z`E0)E0
z@=f``m7Vq+W(-Bi7L2O1S54vdW%m&EaKY$hbT%Zo>Njv!-y-sBM1Gyf+eChY$ajgn
zN8}wMREQTRcM0k@O+sQ&yC`;*Z_nL*D||1xKHa_2chC^UQtlD_ivuH#9rcT1*RXM(
zxtJaug431E$Y6GKkbe1@kr&9o^wyuF-U9nEa5o9e>{N@5<g)oxhCD^YPUoO2&WkYT
zFDWBTUqUF1!;IBz9W_zLzX$*KPA>qO_jt-2CKyh3AcmFUO2ICm4U##((qLTi*hIHM
z1;RrmWL)vuMYksgdTl~lo9I@U@n=aiyO`)UkO(-6Ze^S3R!mpfpwg7Po(M6q*zcJW
zeT|~qNFofeSoFki+QeebbqSnm;rJ}Q=(b*?r<FB`ZUx9Q-(gLnTTu!isimq|O!QjS
zoPv*2HK#C8S6U6xZG+OLv?m%20a{}nqFW*4vx#myAi9OvHXDTK_D9YmQ|V-)+a?=V
zQi%1k5&Vi8pvd?Ki7<^(7zahoH#|C5)-N=xRvcLFkueaAf=>J&+ZbKG<YQDU0n8^i
z+xW<$+vQbzPQ0V4IfaQ+)ttgnhO)vCr#34ql~qe-_(P+i3IAmL6U~OlI^eKth(7FO
z;iH;vx_~{?=hNBPg|i^$=bG#{7#fYGFOvTt!*Lh;-uLKjHs=VWjHFGbM$(1Gtk%n!
zVf3ZfLss~@r_w<JeP#-6l%v<~Tq`v>se3@U%yuI(aUt%-f^fQUk*8d;QZCtma1C-?
zU|{C$U=e#DZU$s}S%7s8cL-ou|NIR!OHC3<(^J^p9Kg0mJwsOxf*6)AHhJ%;Eu4Nt
z3mCgqOTRi!HzSd--3(^8I*F9Uty+2+`lZP^EgS*>@aEv`369f}#yEf-kTDMQV~axr
zE<dilzT4Eo|H3fweLwRT&{yi%P-<R%C*WmH1VSvaztlnIAf;7XW>#)B{R>1F^e?cu
zpt;o8dG%{E4g2nS+?}DRFz(y7@k{Q209uaZDB-H>JwW0;fXD}CBkK^l7I?pNrfUyE
zpvB0ZIobG|MM`9yi1NS<Dk{>7Rty)e0PIp(dqE0!S#^q%2+U`UhSAdu<9T5k=45nI
z7sdn1bHsRIpuf)@<0a%_ftT=<#sQS)&RvImN6hxQ4;=F~DE{2X$R}p<+@C>Z3XApJ
z|1)PaV8g#w!@S#&h+y7rJn>`OyxUaQyju(E5{SrbT}`M<lmhB%syZh=0+y;;r!~)h
zIp2v;(yRKUVkA|~De#OE>5-Y+CAbw;niEk2i8j}PM4L?<W}d;+ZQ&?18^SqkV2}o&
z(w~jB#9Iryj8$dKTo%SAuzsX9B-WCu3imYg<&WfEQvCsbV}*bLG+@XI0HOX6X(|I0
z5gVZBB^dFWbZIjY!V>D=C-M(K;0M&T4?tjwm|^f{#BGuhFwAfP0C*AtMiM+B^<?0*
z^dbyysTAM?c|_XBJt_$>(QjE7lba=83x$ko;0UR#ntsFN*vIT7;xhN7WI>E)smZ&D
z>;Yk>yW1EYD3rN$B9~0$(rM>0FwUG<aTlq$k3E4pMD<l?#=%6GOm+33z<7GdLTfrX
zze>UtDxEG>ifR8b-Qu^1R6rDNoNG8Z;*tJ-ZjWokwll-uG85e$WwBja3o0(>=~0Z!
zdUr8oV*(iVS}}BBh><40UFlK49cDIT*zcytwKSkFoJxJQ7KBrOy`2C#+S?}5A)iS=
zI!~3FJAriCLsP-~0_k)yq_biA84Kt%uQ44dEi+v#HHW5raIv(|73N|o_`$iEu9s&!
zzOt}J9b6a9MZ1d8t|{Lqk+#2k`Q6Ji^7GR`49`zpp58MX*?`bL3ttc8G&67*^ja9_
z*-g(=!lvhok>}@R<8Kxz<dw-vLHGtLIw#VKR*WuO<`+<K8Zd&&Io9zJ?&`DGVa8C$
zwXjui;II|mRMrYn7*)-OCNhQ*gC@6^g8lSM1x*%UKQ%lu`>Bz!pPI_pPm#JH#uvkW
zf@XYOt*iwI2}V*~KuDAV5Q<ivpapEIn)4ALlhQ2MPw+6gWbCIlO!QUQPg&W<coNT;
z4MH8R9kSX-WsW+H&ib_RYZ;wO&v@#1GCJ`M#$jJBeIBE8tPQf-p+QJs1&brL$&gi$
z(|Ti`kH-Kb(<zwIa?kZPD^6}-%OUB*5Fn}HEnW{80SlNuY$^97-+Li_TK9lh*z{q5
z@lN1V)Ciouh2=6g#I2%6_bki!dzAb4iTrCK|AxpjL@t1s!qk643BL=%QCo_iPFI4r
zS1H><E?5>6sB)GPchzZdjX3Jc=93vX4Yy2_xlwR!ET!7(+ebia0?TLEz_vZjVAk4F
z^NM*eYcqpco2H*NVU_?>KxHdRt2h8FhgtKk)C{vMGt@7S$?R>(7YvzNcr0>P^7VyS
z2&6A`NAg8O4=C4tBL6dVOS&IM0BU(G71@KK2O-HDdS~YYy6~x)?KZ`}qp@6nY2<Q+
z-U-^%?=4>X$`0q!M!I=#Q7d%&SOM02G|IYQw07PF_Kd8IMexY{LD}=Lbatm2rM~}&
zep3IE$R84Uhsb3jmI3bfC`yE+tXd}s8Q{Kf*So>D_wF&*I^PSfPmj9R`$D`7<s8Ak
zI57O#ajy@j+Pvb!H@>U{)Zmy5o8#rQ{u!p-516MZMR@trGG|eDVU(_GvHaOo-q{<N
z1|I{o*G23!HjQ|Lq`_Tc?~AS&?b;FQ!urwJ`h%y$y2zn#Hs6gMKgLJ9%EiM$JP5<*
zqfYo7+aL707T@vWq@TZ%1@^=6?(tWMmpux05Lkj*-6yH-?5ObNPwY^3RQU2I&E<;2
z^pVf(haCiN@J7;X7O}Jo;f=(<peGVqIJ0B8%?w#*2=D^Tm%m)*%RhLs!^|^G>IoHx
z<x7yJ8|KU3x(ki&iUYp<qh^xHFcLVLbl$Ae0&ki52`9`i4Ll9;e_gFyS#}@CR$5;9
zMeFb$s<qB4g;s^C<`yP0Rdb5fL)DxDRV!fw<wK~eG}?Um1MBj`R#(hSv(CU|f^};4
z6j*yCQndT>cNm#UgbA4&5)DrNC$o)8H1}2_z|<iA!hE}<KPr2>3ysevFuI#h%-I;-
zElb|>g5hemjWN2bj7w{`0`z=~?aexlVvFftHK*u#C=GZRt2V-v2288lsHOdCtIN4R
zg|Eqq{%izm_7`JK@s7gq>r4)8s4zkej;r*D4>{B7vA*K5^eB8mZjBi}A(7ks_KOmb
z7heG1F?T^rW-`#Ko19Ee=5pf&Khf?~!LPxIO?T?Lzfwp{Zq03b1V!z&P#K%t_atSd
zdC%F<gcKlYpB-Z(Cb(xjKs?+9*u3l!Ao|3vOr)}OHZ#e#ce4EM!%HL6EreW~IlgD?
z+MT#Zna_KY8<T|C^t4E7M0()$7mq#n%Ik_sGt*<MOX{5qv^Cz$S+}zJwso1_J$q}%
z=+5={TeSGNb}92t^(rdTXa<_cishVGz98V3Kuekf125L-h9p4(+HlK21p12$A`mWK
zuDz;p02b|i5NyvROU7zo4eiaeYW?)ykK3P~YmXP(;~%f-nOn27xMt^_#z0$WO1>Xu
zdAF82YRKC{&g|uxu4iUD_ASC^{SrG~{3Oyo7wIlWx@Y8l@2_N}7=cox@%N#;Zzj?$
zqC9Xz-Zyn#q!q0gE{NQ-RG-Ks0w2ly<}+!R5(LT^tQCjy_#kkhTHO{CwgLnSuvY;B
z>5Er!lz~72oUBX$f#klF9W{bLF|`g0U}x6AjCPzspn!hEj&R9rrvQQ0T^uJsYpOD*
zA~D$#2((JCvD#*a00PBiY?d}aU_GrQ5NO@Uv6U8_6Rjf<Xq9qoomGl~z-qZI5Lhjz
zfC5!pP#pw5ZN5!gU2DxW>s%uUbQqa75V+o|&kQXB0<E{O(D-x$flJ-<&LGfgn{&^L
zQVaxE%WcW)tK}3uzaR*#y+5miz}M!1Kx>v}0MNc@Ul;;fg?jYnvnfblHK4X6Hrl+9
zQ{O1~5CH!3o}cJWss9cGLtkcPI-gPV@O3tk0%IUsC)88_11eMhBM~xAQGY_@KM`Sg
ztd$GM86FEB865uVVdePYVTQ<b&yk@Q9~+jb{~7l(Ay~k8T-|+sqAo@&Z@VQ!pP>i1
z3bGjH+Lp&VCblaumJM@RJ;6a2@4qBty67+03%eGp?KcQ{{d11I+N9Q4X+<~NA_(&9
zwbQ#9^4d~t-@=gBw&I#?Kwhn(sQ{2y)5_9{fl|jRh{l<$+c9rbXv%$`A+NyIw`Mzb
z{AvQP+p-kx_~M}#0UO4DJL|-M^E}zp67NSG4ty~37RnB1ZrhVRE&1C4#IPWc_0Ak8
zf6KnNs$ATHKwtQtmP&K(V<*dH?9bu=BkcRL<o-O-M3CCHJIl`jK&`jrz<mQBw}tJ_
z(t6@&7N5*k#`(<(FjD7EI|QSx_6Q)u`<5vBSHPk&7;TkuZjmSjFjakL9RZPSt#Pim
zc8v*3O|sqKrACwvrBiski`Jng=>)sTGy}Xh!B72%@a(*-aKMtnz<D#@@5AD-*>)R=
zjpuT2oSTe+OP3l4w4&_`&!^{kYKfy0xTtvxg|-suCUTO<;%qbZZ&IEV5t24>P%=uP
zF(PL{mdyC~>r~?#R3m3!J)(&OZ)27!%MqC*@+Qb)z^R)7CsGFB;xDn$N|N@1Cq7`3
zUVM^Ew)GdPV5V9tA|93YuNYkV%=T0KGVlFSb)OBVT{iee7@zeP8`$JyKDUY%6$~={
z-0N)Z(ECfV4Y(3u0vfVzCC%xI;~e<qlNWJKe4woixgR8gY(f&QhevN?0ua;CaMa3c
zhA<(?%<*vW#3gG&Die=6P8(%BC7NceyEuQ?#S~CB%~+)bkHBmho18=`;?`hG1HoHz
zhHZ7XN`RZXS|v)MRbktcJ3oV%(y)Oy7ZQcp2HuuaV7xzm*y?iTd5LM)<gG#Ihlz?g
z19ln_aIo?iBf{>AI=bZVUVy;5-n}S=cTbyKJQ)#~q3Ea_5o{xhz2x%55CD=jDI|h0
z-{6u!a?qO^Ax_Ttr5Lyl`B?4@R7eaLDb<h)$?X{SfUQP1N$kjw!q`wvm|R#E7m(-i
zZL&je>3%*@Gb|9d%juG+v&?7{rW5M3NIa(d^C@*KosU;;Qf)ai(IetHxj>8i{T-rq
zK1bv*k>`oLK;#IK7l|ANneXB57+tbtag1B_38np4BI86D189OmuY)Y);cf$iFBOeT
zQdcA)_k;Q!Q!msHRDmtkD){#VR|=moT&dXp>yzbA%`NXOF7JJ}Y06(({?u=+`XTn-
z+AzJ!z7_O`@&*z+ZLt4ggJxSAc7nFWcs}d|J>4OSAcq-4(dkv<f(RhT7ux_lCfEMD
zjInSm9$MJVNRdX2PUMe?{0WhFh)_vh2hAkvADM)7ytLJbeM`FIcKPCW{i}TY@9tX<
z^0KR)wtwj9^ljuNsn7`i#euTyxVIUn+H}uUc`Oi@^#&S|$8tl=EIsq5sHm`ok_<&N
zLk~A*cp5QWDrIwAKcT{%hyY&?J<i~(E>qJm+wXxKjeKtVJ@iWRHMf{vi~wm)kPPsu
zf$42Emg#LZ*(Q2NP&N<9Sa%T<p3$#3*|{`jlc`n85yV-%9ZaT87SGEWT-o?L)#??K
zG)x#d<Owko#*pwvPdb$Bu-(-eJ~`<*kqKh}uxA=T*g@o(4LoLVwLa-B7@RJ7Z^6K{
zt+0MDre!83$I~&|9S8dRBWKCDl+>B5ZwIp`<?8YuV3=@y{f!6}BBs7RY#YlBN%a<+
z?+d87Vx6xQTFvZ60u?EQLAs3ub3d(~MYN9C1dSbTO}7)IWYka1`Uw#sy*dWvr5)9(
zG52pRt8D?p&_h)H5RvKthB<VL&)Y)lT`FAxWf*LEjV>@0Gee=PAR4V8><U9%SLi8*
zUwCIhEQQWuF4(ZI5q~fGR{K1`)qxhyeT(L@1c<R67A!6eQvjQ9iJnpix40}b1?X7E
zEH1Z{U|_kbduC;iX(hlk{zKKbDj;jhZ@l}B8TsjHm62lP={ec>`%r#*>Kh`)12>Qc
zOGzU~(TdRpBl9fPCh~{?l1q`cxyagLWbKT+>FQ}lijhrovhnw!ylEz~Rz!K=hP;XH
zXk;l`F<cP2XQ@7sNd!KUH!%!Q=EqA+yuVv9@%D-p0~D=sjUNe@xsJ%X6YgPRMN}N-
z)RgrkJj4Eqi-=~u`1l@A_?QZ*wQ>26z$1{&+)kVgOqDLi8h4*KY~w_DY%F8JEimh$
zsn2W=t#e0Lmfgj1YPIxw%BD)IZO#*{*hmUfrN{Op&bfu}vZ^_SKQqN^OqBrzzSI%{
zW2%%-wwq6DtIL_kBBoul55XP4G@12cs!XG|946Su?k)LAZ+#ZM1ppo_tRBq9(i4;U
zOB`cY&XG(`a0{cuaWYc>2d-dQ`!r<;5*Z{?|C|!!-ac!cMCevx65%rl-}Ht(Ns_G=
zDkc!NsxTKCd;(c8vlom9&ClnLj*VB<*^bSNC>s0~{NU4vj6Uc0<aumv^Rv(@ebuG8
zdnL`?Djk7}qJ08T+zD5cwB0Svo;~hY-Cw~+C@jUKtQ&d7q>yl%HDVn`6Ae484{X+(
z@D9^>s5s0|HnW})YY8h;){iOVykUhP_9$bkEy3g*cAN|pFWaHacVf&oh4?MIlwrru
zwb>pqg;;lSUN?!4cG(nSm2&<(i&B_E{I+S$Ik#XkSIsGy<VwJpLV^l*B1{C0DI`>f
zBvd#?GJ6(N2sw&@RmtSH6Fw(N`D6E1_(^Yl7QHnV(%dop#<Q+7QoNzCl_b~Pao~jv
zJi%hICDi>jOfBcrw)NL7`i&R7SVDEj-D)EuD*fKLXu8Uj6VZKYDm#{T^mSAJ^b_Xh
z60VF2a98_UCXCEt8ZsTwY+_3p?6{g8C5L)x%ZVOlr1P{Ro4KahF@H@{L$OAhoStWs
z6KoqgR!;YS@5DWyr#<xF+E-t3-S<e1E3S@S>%X?{>e2V}9}Ir5{r#_f)Nt^p?W^JC
zB-nCWLQeRc>Fm0CX||*Puky6^zwfr=U1&54zq{gv175}&UDS8;pV8p>3nKT4yhG$N
z5#kRq7^40ug@_O<Q=>0CS@G_;>s=0(>dt^K{%K2tFU|{4w)krGZJc!Z^tlXnxXo%z
zgrF}^PF|vM)We-3LI0pfO<z!9^`r+yk{&S9*!o@f^CEgnCN+XV2jdzo-Gj}8;o?Z8
z$y&u+EvfXl-1>+nQ<Y|Nz0F>NsV<-}!*hD*rNp7b!^aLEKdk7TL$4e=KKSCX!^6o}
zhKG(oZFYF@_=~R`(>>5q(Y@r=UiXe>M)I~_<vO~_H;H_Y$R815@2LE}>GD3l&GECU
z8!rxjlJ*efw#Vgi{Zu;k3rYH0(l;9)cmpo?0}15QsN@>B-6E~%FSYlTqMfC#Eu}SU
zORM8^s|Sj!2TGgw&TSqpZXUi9X><8YtsS>LIDZmpx$VOlTUm#jZU-nNOYO_2Ti<)}
zs<+s-{&tX(LQ-@4mHd0*+hK||NRgGd8!6NzE!%XPs=FPP{L4OVrcjUU@?Z7NY}i$d
z?Y=D`^1;{c)9FF%MVIT4>yE@u4^F#JxLgMjWv2%RJ(|k}D|(_2&U?<gTpRC5L?3*^
Ov)vWHD}k^f^8W!ulLlV^

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_resolver_unresolved.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_resolver_unresolved.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..d2a7958c930be4d848f6367eae4932e23a89ad08
GIT binary patch
literal 43205
zcmeHw4R9RSec#^q-r)`l;P62L6nUa3K}Ql_B)|`dqy&CRq)3p&@?=_Mb3Ot`@GS5S
z-aU}wDbhHJ8`D#FB2OY)Zk#bEX*-~k*6vJZl5vub+-c*cbvt(eNt}1&)E%c2vu$F2
zNMX%%n*RQ8ci-+E7C3;SD9h&J@Za~|zW4U+`}}{s|GN{3gallF_iv?7pWG`5KO&EL
zH5!gPd6yu(CCGvz$S&FaqDyhJyXT-+b;pE*KE)r?p9GWudm<_#?w%Ke2SZBeV4YHT
zFsy_RMwH0GdZnJl^}Z+_Y)~5D_Q`%ZAiHJvsmRD$^VQb<RCr{a<uhIV0a-j1m4o;X
z;lJ)w^Qov04`p{(05E*2#c)MVMdbQZVOcs=*WVyFv<sj1e%ht9%8f`-$5KeA>ifNN
z6FpJdRtReaIodAB%>!=zUCIg;)`GBB9=4K&wIOT;4{K*(D-qVt!#Y@42f|kIuvIMV
zF@&w=VUMw}H3*CGu+`)4_~V7=6WL5YmQSmBHFhSa#HO-JTFp(IPmjfv^qI7h&W@&I
zXH(g+iA;7pmdVEQXVbC0>B)3<43933=#iD~8}v29ai1pbnVcF@M$cyQ>Cya@lGd8`
zX4KK#d1N(4v8R;LwAOHRB9+JM&h1I%)8jeiq82`?<j!Zt(#r9RlW8p^kEXJSJvEV!
zyO6`Y_h~J!Or1_E*)&R?97|75<Sw2|XY+-XW9c&~r0TK4)Sm2kCi|-9({B;_J}N{q
zPj3oNWiy|dN+&a8nm3y|m)7c))P*GfbX5zb@_8k5dI~Sn#7U!&TH~bg0m)JG3;aqN
z-<usp|KL{`E)V|ii~+nQoJ2p@uY{0rCEN*L!hh1}2ZAu-HJ@5{*_H6_bUkeZj3I7J
z=oJ#4>aZU4%<aK-Lflj6*`uUUrdTSbrp`@Hpta`JKWk}fbF^u9q5W(=KdBD(^t`f7
z?Mh8%x+ij@sfocY{r#KcL8T7wR_HsF2!RFyG;p<W%HGN%I>clylg%p<#i$2}dldR2
zg(^S`3=NI!d0|Wcl|Xfl6je{e^H!-2WBR3S+cS7-WZ%&vr{ru(IkP7>mOjP0>nXHc
zo;lH6tjj7%tM_(KUeqGzQm>@hLuzkjB{FTrzq$k9v%-7LLU?t#^@(y*M>*11Zd_Sz
z-|%kBy1AB(rIwB5#;$VovAO6Imz&CMPtLV%m~Ofi4Tb$Tg^<sG2k8YZXm%uZls7BF
zMf|fSUj;{HllKT{CQNX$XS)wg<t=parn35b?2M8-hsK-8sQFm#3`U{eUDfVF^QPWS
z{aw9%U3~+``+5gA_YU^<zFY`WZFHSYsb}LprGrW)UPvifG_9)n(~6Q)RIOgccuM9o
z=MWX0LJOlKpUF(5lPsA_q56)ySZb9%CZ?>Qj2c)4va~1$hL!R-g1hjqt_Jw5@K<#$
zRDF%nveZ~^>ngXzZq@mzmi#`y(vB#j_~(~dO?TEK=q=%tptvySW3E>`vRm=Wo_0a;
z$zDLe>;nwQenlJ)#6|6~<0!a{Pnt+4_yjd#&QCXXBEP~g#nC4*bbS`rc{UrR@qy>D
zR5s?2TMYAva<SXFQ9tXiY*f8DWp9s5_HFlOT_>sO*_CkhxCV?b&bm+1QlN*sd8jAh
z8L`h6MvMXDp7kcYBh;O$uB`7Q4N7(;d^|V5?9ZJ~1O{Iagxn=_#(3T}hBfabjbC<+
z&}gf=up$K#V!ulkPmK4w2aH)r4xXg($gYtl(`DV)3T8Q<LEzY$inlad@l4lR;UvQZ
z$ZwX}EM*E^#a2cdq*a$w>LV^WD2J9+N(>L%dmKxd@Xjk8%419ASUM{eN)@UZo3~oc
zn0~V~HDd<Mm~vgWuM7P&8<fLxBoXX&F<<B;O@QpO<wb+E>RKx#LS|m(J?)a~ce=7Z
z{QGyhCO_}oGi8aodA2T5H$t;t)s+p)?%YJe&wA(&%(fr<c17(j)ITHWpA9Ge+}1xE
zA9%~xnO|#`Ewz-E=c&;0jkcO~?k8dM9W`U}mY18lJ*)-m<*3}8s5jbET1I<H=3C9X
z(Vk(n<#n_c&E{1XTFd)^TC3$zYke54HC`WYExa@ot3Xp@4E3TlEuW)h?ZDnxHkUWi
z^-T6W)-+(*F}C!j)dg0*ZY79LaIeh?hfYmSY94?>TQ-+XzY638S@xL7Nl#|%iq{FT
zyFn}971urY&Yf3Wg_BP{J$Z2;u7+MS9I>4-a`nd5r|G`gd<2K_s4uQ|TUeb9F%P{S
z54|4Ssb{b)u4<l%bXN0?E2+t|SA3cWxf19ju$jOBfo=Dsl&YqcJbP~+UaWZ$sdrc*
zG#o`7q;hOB%K?W~#BPIbFh3eJgH-~2l@_uJdc~vkB13xRCS^0#YQ62fTdBB{7q`Y;
zg@Hxh$ElF9>Q}`Z7&gn$F-4>o1*lXY+q4#|5VqP<2x-$o&rMz=Y%!Tqv_?=a6BCFs
zsf^~%O{PGph4DCfdMYyk><G9cBLh@zMN&PRo0=G7QIq2nxznkMBqNoANi{_z;-sS0
z53yR!<g)t+<J6)_qV7`pWcpQ5N?G7rxvbVSzXCOoV+NH;9~p1ZylQ&lj3%0utkv1j
zPdyl4sVLp_J#|!Iy<RujJ^gmiR=a15?$HakUH@X;)7PhLtID&_o^rE2WkojIR6>*t
za)sY?47!_Dw~me4s1vJYlE#osGOSZOv?!vx%-o(su~Zs?K-8nLa(iF7wWr+JT3$6!
z?AUTE=xYvL65p#A+B&Dj%Z1t2O_%E4jXrt#mD%W~OJccU#au(I)DW9(SbNF$!{~~+
zXm=^vT@?Gjs1~E$vr-S7-|AzaB=ygU#&1^aFG@Y!t2?eyDjrs<@ae(V#r`)3>@iFq
zlHzsx6MNopf2)rt;0{DDx3tf-^p;wBztvc3*?cKfmR8P58%xs0qIjU#dq9UJ>A;+5
z{ALg?ZRB3vaZNmMsldZZmJbhj>{*s0kHsAbXK(E+Nu5P;Z*jw39hRiMbE5H^LAcb(
zy}IL?xR>5)L@8N5Jm9fsS&lpwcU%?s>NJ;0XQBB8!nqka`Uk-4?c}J9a`6(6tlPaf
zC*mY9O8s)=Qv|jLK>g7A!LBOm$D&s%sUKn~R9z-j!KfbxY!K9s$u|@#s2_1b>W5P=
zBaRrq9Awl_sDk>bJIV345u$~wE(hwzdW$1YZDFe>4#u%eqJFH@4wy5jA5M#zsex_Q
z$>C*{lBgf+J&vWc=onr)!hx++j-|6wp;Y0Tu`TMSR=ykuu9>Gr{X{tRQ!h(4>IW36
ze%bPhnPJv_0qUoriu!TrnQ|jhKe<0~;xcD_a#QX<B*KjLIb+uC*yk$hcA?(s2kjF*
zamu27Y+vBq9-Jnr8FT4v!6_HH*`P-va*N!Wh#2%p@Z{2KIB51_^A381YPe3X<;jWh
zhIm`y`QzX<8#n{!!p1Uc41D5jK654mCN<-h5l`Ag7&?L7a*l0mEHj$#)*3EkvSYam
zYBG~ilPWmVg=U2Gz}G`Qwde3f8F$UE-wV>Yj7n>E*JLg?(FN9UK+dO>e0nVI)<ht|
zNeb6|;HBl$N*fwoi4!2Uma>rmVOtDEQF_QlbDFXRKu0r`e*`CR&25X|yw#s=VVYaw
zDzM8w%5oC`A(C4vuuCArN<W^&n{*_RCT=b8i37uXk9<N_sE=BBqe84RWfuWf=4Z+E
z9DyMMy9w+eu$RC-0{a29hU)Ug>y-oa^dNy32^=CoXqs}Ez%YR$1db9oMqmWMj$`%O
zJp*=xYpY5Fjw4shp<`Hs48w9ldXv><Oj2h_TD?O%u>@@EzH+7yQxyyI+E{J{OL=8^
zRadd2yS#4TonWc$;JYo4&$Yx$E%A3(ch9ZfQd+&`mLxKqtoi2-CzG1zr1d3f{d8YR
z>MDwd=A>OEX%`&ttY@Gk9hyTZ`^|`liqbCKeU;o@x_j0Z4);6jc?#~hE*_eX0ug=0
zP@t=5kOfd6AV9q?Ik4ULa9Fsq$d-!42xp0+jK-Dq%fb1m3|lH{v2jBTk*TvIGB!37
zM<L8N2@pnFC{)du)?#dx!#PiDF%BC`MNo#A)V3H$%`({D>bU$lvLYq>VmvOz8wz{&
zgP2ugr&FV^5DTQUf;*yi#x9&q>!M4Lo5UT-sM$`&AF*Zwo%^9Yg_0?q0EJdHcP`zN
zeid_kHZ{R{9YlmqPGm+?s^;2!#plHJ(8XEAQDA~FePKwF_frH;6QCJ-I9^vp$J^%P
zF^Xl)$CVTCmAZwe+cYI)bM6^(v59w_Tr}sZgo@kdQGF8aUw9HdgNmhUP3CjS%39S%
z?sxiJI8Q3O`bPlOBx`@MW1zfZ?d3hiwx=OuV$)>9lBUV3sb|ETdPa)7M~WiBk~A_W
z8owEY(BwnjtK`PyL+)8yIJtLQN%RPS*ToSw`&>c81~oCsxFpG>7D^`1<;JEUZcA$6
zWb!jpsR`nrz$Yb>XEKVKhj2Ze%^@I=OpfJ7lS$<hr~~CJfgFI=l1vh|kr}luUx@V?
zia>}wYewY>auJ|aT_wci*M;wUPu%u4`1ZMOuWR%jcD?^py$=F6mWE=E;-6n8;do~q
zf@%rql)$(@9?+hmPH-5q!3<>02`-%5kEK?|M~)cc%NwsD%ffRMS(nkBGm<#U=n#dZ
zpoG^!h;1Qv3rOXD3sSWC6FY>h-eZsCa(3C3;}rWyE~gKG1r|fj2jIhmmQAO{&^e~H
z7=C1Oxv20`o$BrpRCiQ(0f;ncR0q28sQWOM^Ex3WWW(7yS<3w&5hmGgF2U*5e*t>c
zTKowmueu;hZb<k*uQr}|*G8{eX`JgQV$y+flf~&+g4B5_@?1{0nqRRbsUA-Sjz*Il
z?RFayxMsQKK}z5zugR^C>X|yxhhEQZkLvkh)bn^f>1?X*Y~2|lzM^ozL=6^O=OIz#
z{2N0?8RPf?2}Uw$wHiH-d+s$GY?>azrqs#QXc}@zD|9rMJ(C$fmzt!|Ml-IOhQuY0
zAcf|G8y<iqF>Zbt5wEy3cP0zYO%ri$AetlztHH#9;-FoUrCxDcJemsj3?zk2BB;Dh
zuYLm{E-g$2EQc$jyg->XEKC_J&WLeMDZfTVA{^Y#d+Apa2w6nPwSiF&W`o(qT#VsD
z7#sv%IyXiq8q7|yFutgZx|WtF)uGx6a;uVPxb60?s=pNsGFqW^NwmVpNzAo*+uY{i
zna#tqD~|w9r@r3vwVu-E;Y;<!l}F0blSOgs^y-qdbxt&XGvd~w^rY^+YIE}l2%KKc
zeWeN?51tjbe#n`xg-r2s)-F?=A(`S@UB-9S=H^mA1YXW^ALNTR9}h;PpWY4#?MGcI
zaYX;TvE_)*>#XIs8+~a$Jt0F**5j7_4@=JvxS9rSDqq640Gr6|z$W_k5-_w6uI;xJ
zyo*Z~mW6lmRKN#<HeAygZ@eEYJj7X2ke}IDQXfn^E&`Sm(~LX(u8u>GN8<H`7l$S$
z><gc<mMuWt#?-S=!_cW-T}9oTHK7_&z5d;cm@69Aovu`+_cUAF^mT13Iy+NsP_~nc
zFnVPNz%W?$^v#aKfamFf#e5nf?`{Hn2vqW-z{FaR^-n4licEm9p^lS_RuknV0B2s5
zKJ$}qicwq8KS8xX*96Om!P2+Yi<Vd#17exkzD4Ex3xLWsrMzmxbh6m7b9vem?Q7=R
z2d=gcTsp{<%6m)E-eUN0vH!3ROVPt~VdFQ0@Mtgh>W*vS!*34qu#)A&10H*p<;Y`k
z2jblJ2pwB=o)2-1hU225;I60y@&u*`oF{OJz&|B$fj||9=^}*@cn$vyB_Iyd!Q0*z
z-@yCb^}b<)wM0=y@z1aOVJ)p@Et`2&-#9{hQiif)7Rqqr_mO*Hi^Wn(#m;43HFf6M
z78dMVu@66vp{WZnk}iqP6aRJ(<O1d=SX+ujEC)f^1Ia-Mk^{G;{C%RS$EN6DQ~vgt
zgf3HW0Nbki8ZZLbw2#tMUs=CR`I}FF*??S^`+P!V;^nWJ6Ydg~zcC4dV2_-5)gsvC
z`el*fYbq9<hs9)qcz;=?d^n4i^kFPoHS-kBekC^;>JK5gQEp0v4B>p;GL(h6@_?Bq
zg!55-dCLZ%F#I+U5{I5CH~Y|8bKi4fEkUN`&RtJLSpU3W_Rl5Bw8Du1dS}atb5`%H
zSsR>rQ!^$XK{aDqEUH$nj@>4&;LM;8s$Neu40UXVM7)j~c2ddyu*Uw%M`Pd4{5AXM
zk{E?{g!LC=>^t;Kee7q$iSS6Qdc^_><Cn#3B;lVo{{L~sy5Y=D*2jN4rT#^l0mh^8
zj>2A&o-stm!dy)Ln3Bd0RA^PJXET%PGj=RT*C=M&*obeYHQTnza!%R3P*%kzS+-eL
z3m6XQ6_I$@w%s#GUP~mt%A`3g-Wt@Qx^$lw<hd*7C|#TYDMf)}CKH=%`KtdFUs<j4
zUqj6bZ|z$|!wMQ*<LP{bW<6A^luuEixrCmnbHxoc{ROrs@V2Q`(?@3UMkfl3blz=k
zw>-tGATPGAwe<pu3;rP^z`g>v7P59eFG~-LvHcXLF+j=!DsAJn=?Rci*A;k%ar=k@
zqn^q2*X`eAX8~5~x4*nNO0N@X_m}s-rc(b{=K?lAUT*I#x2`QWw%-bPTSAwD?}Y?x
z^|e&spDwO{q1bVtyyA(=pDecZK&7BHbSd;6Qz-}*J9o{tKD)3w{7t{mymBu3R4MvY
zQQSxh@lVZ?ruW8aD8vIm*?dkkezW36rnzl};L$Zo#iNuee0uP8aU-d~8>tY(^dTu;
zr$4dh4fiw@;wxSQFQS)817dAST6-A<17GmjIjN^a`uop*YX<`*>Df7ivfqsOEYsg7
z?^SYxV@U2<TR7a`+Mx&A;WhDDqhdZLI|Y6iZk!8umcpIWu2OjYO^+uSDu>t4g}0T$
z+nDc%QrAr%3*A<hx^8(~k?y+`>y7~M6aNk2y#RlDmm=Px2Y3B~EA%VDoBFf$EXB?F
z54Jf!z&lx1cUcMoEK_>hUCNP#-==Uz&^t3Q?*Tt|Vqh*t$AYctw$ZpDQZL6|^$5|p
zc;>NFw+T;=jgqy|w|w&~qhA-JZ~Y0s6BUsS*yvj>I?sx7eeUf<kkJp{F!8e`(zj9~
z1PY?z#1}050UI^B=Gqd(%pVPX3;JzYrCbVq%jq4n4wr=E@>C?Gtw|~IR;wA4Q>`^)
za)oh-;`PnVbux+K>kRrfybSu5Q-?PCwiT2YXxpp^`t}NXrh|IKht@OO9`#JSLd~O|
zX&FcW=Vb{!6Y4#Y3iX~JIB^eb>OJ+@h%Dy*AyH4lfSkpTS&Dkk3dWCFdE)<BvuVxI
z%eSA)?GJoLt2amSvic2Ag&D0~?l9DQ8st^-V~GZ1PH9}moYH8P!o2G(H+ff%JgR4O
zGE(pPQ0sZT)lfT$K<#98VXvuS!1YSh*o92~Y-~9)0_8VR@InBDGR)<`J`_Ra%Lrrp
z<O|K@uP`)qA$?l&02JD}*7#T|pE{jV(>;?pH9ro@hDqkMCL2wT?daz-qv=8m%g^ws
zJ;<j^JwI9qn2rXM_%=-~-2ky;D6hOtE~YEeO|I%)M;j^dvjlz>K&!WHYRQbL%ID|_
zm@xuVOqsX2Tvtl}XY`!CVu^A=8-dzn5va=7s00DyGnYrA{yG)mpA$$E_&foUCaO&U
zRm3W%SD$9|DkMW7RynDzCb?<}QJZ8RO4XiU3URuGjJ`)j`ojuJbWORjZ5}0xEkW3f
z{baFoPqAY!B#Mjz4GXkYySv=l1>%)G-Cpb%#M5Z#Qb6CW9sJ`9#m?tvTVMEjp-?|w
zWMg@8&6^EHap&|KC28lJX#8fxokeMb?!9Vr^9Tr>euMi;6+Rw3EAA{yj~B(wmw%}w
zZJra2-;B7qC_S!wuiD%^0s=4p68DuVd^{MDetO%-m1F+%ww7btyiEAJsId5VXaxRC
z0#3r>H|YTZ64Ww=5($f+yX{@&3%$Q%jjvx9NmC4GSuybrYi&cQuoLz;jbM3dd>l7J
zYCJ_u(!H34Wj4xh+(Dj&7bu<zO^Z}Mrkc^2j@kr^Pn%3TY3eo<4mz2|yaRi?CNi&(
zs-j`CqDqWR<gN$*cm5+p#g*iD56r%8cRi%dWgZ_2ky~hUnb$#U2n&D>iF0Pe``G3(
z|Ig6ovH;iQ5wVBgvU3&1=d;W9O^!lo$IWFSkb&IJ)p#ggSJ*yeHF*rY?tCgk=JjHo
zJ)P81cn6B5s(MX#p_L;7=O;&d@ZZ(9X><R;6_>s-j23XM&eqXPcKMD)7}xxLwhmjd
zJ-CX8J&es_3n}_&%}%-5G=KJ@gx0=aB@6FjYCC*rBnjI}suM6vm^5AiL!H)$(vH>~
zswOko7;Lq2{5vYz?*Zr<JF95N*e#EnX@81K(*CU4DJIWJyGzpUqA0&}j)9US&xyuw
zMwE-vZryv8+}I~Zk7jM*aKCeor{Iq3qCB5<_h{}w%UPFQ9BUiJoM~4Ple4F4#^kIi
z`6Hh@25Zh8-LT?0n7W`2rbjmoPN`k#6zqKV4YCPj%OFfN<x?=u+mq=^ogPJ?@&~9C
zX2weSSLC9_Qz4;9^>m<olLD7Hl1FnBx$FZS$qVP`#`0+&$%l#^haZh(G@AY5ied{`
z36&pV0Y-J%W`z%e1?(Sk#sW^~z*ZnsfRqh8YY*!VkonBg^&lCb=G)4<NO=Ch#_-NO
z5L}Dg)z?lcsj(!ZtjUE3pq9M9#d*musIMB~jKuv}UaJjKD7diR?7u;8Q~r>^9}#e(
zhpx~A0z`xG?b#!@y&>Om*X<Pq-)B&#izwy;qKnon(4H@)luYXML^=~ggA@)>tXfpj
zc_WEV5~&$xVx0P}H98)VMQAy8jW{DLTxZNSH95!pSw?Mk48hE{)%=9;=ce*(D#Sqo
zjx!<eJl%!*a~HeP+4C7CmnF;n*374gW~}>1Vb-$gPcNNrg@Mx`X6D-N8e>8yKNij7
ziK=OAW3dBT0v~|nIBJp{N8kB$Q3NPSN9RQ2HzOWpBnNq~k{cukxo2(RaKH0uo`O5B
zi$@=k9Cj9m^Jx3|7?-_6*;r~~5{Gt70i(!_#@OsUk5OR`gwAd)LXwB6QR0+U5)yxk
zS?vBtq0V`?7iFQb$oO%x$%q>v-7?09d&yXA%*{L2M=g+3Pt}OrQ0&<FXha&Tk$HPW
zI_Nd=(3k*2L;4tG638*I#Fz<g+M0v|Z*VvcL{PD(al{OacE@^RSUd;gj00^A(L%#H
zSUQHPEwe~iMJjx-QM#3_m6WAUCFtc#5`|zZpGEqch0;E;qy=>O89!4shP#U$JwMZ9
zxHfU{XEcv~hrqul;6xl?<F23(AXJ<a2Qm={#~5*Nj1dRNj16`a^8pbD>~IxpTisqT
zxc9Ilg!YX=j*>Zy@)TaAwl+uuOL%NU`D0@_vZ!Y0o--@#u{5Qp?rhf$t|AUZe1`}B
zcl>~rG7~x|=h4Y3k4{!GRcfF@@(XaX3eI<s3eN(Ca~ftCWf)O(w1Y9wQZYi7NPS_%
zwx?j;Uh!t9LmTux;!D*bSzx#Lvb91M+bw<=6TyOpVx7fKeQfoz>dMCRGIt)pu%3Ma
z(vHwvw%~lHqngXf@F-2#e}ke|Zx!EE?AW}#jpAf~<m0fb0J{?wp(j_NPkr=Lx$N$7
z<<iD+Lza#s7Ea6H-3T{KhUPOam@xA*9ml|lmn<DeSv<+b;?7(h6RRej$}!T#=C)m(
zHOwue=@pubRw`#^HP^7mbST>1;T+qdXlv!mIZblV5UYza_5dVALmM)9vdyd^+glw?
z<0rVbwmEe}8<O_6LaaV{emoqH6!ux;Z$1){8XJp2Zmy&-(~V)igF#oa1ewoGLI^bu
z%c~PWDu6jxPjkv&poEs?3vAokPGa;0PIIwkmt@&lGITQ0)J=J9CqNBqSj>nx3DUL3
zd0E*6=tGoxH-S9__7d1fU_U@Sw6N(6nIa7nI8K1{+;poM)RLC6n|)K3<E%wXMiNU#
zGIiz*j^u<LS6+?!cWa-#-wCm1)=8Qgi9GqhQzKNw8d~P0r%DpGT<xP1HP-JV$NGIG
zY2Tb^{ALg$VRMuf0{1m>-=!%YR<e9}z+=y{ym&0`xGL_OKhx1BNrtq}z~wa4)!b)8
zsoC`rSc(YUx21?WW+@_Ev0FT{ERF7uW+x47PcN&KG<)-v!THb-%WihX>}{oLHCx!a
z+m#wHd)M3E;T)UK$u(ng#fF+O`JNkD;+7&B<i-bPDWVDUJPaW%YAJ#prM#e}2>*Rr
zil}3&cJt4WrHB@8DWX+wdtjC#sD|y9B8Y^px@5D49ro&f09zb-4X^lxtKnEx^}?H#
z5|ZOVFAcIg+n8v;Sm%2}a{tXSW|QpCMiWhl88z{wY;z)#XdVRqTycc!%N6qx$3v}B
z0cTyw)HB;Dy$x&ac;NFM-^;VCd5@>Uyw_24j%qOLqh?HA$2DVG_FF!lb<(utI^n&k
zW}P&fdCIH0MP}f*MSe_PooF#|{?=vefNC}KGVj3oX{MrMeH!sk2J*1GGD~4m^mE_H
zI;;Pht_7`IeNdcb%_E$}j(sd^>~b3N7XxP*Z;Hnjr%xx9G##i4!gaoN7ItpIg`DyV
z6vVsP1~TQh(7Tnl2z;49kib&}IspnTcGes>tD;k}af-E`K#l!f#KZ%+yO_BX!*Zhi
z%+f9M&7FLeWu&=wAh%0IJR^>NS}PpJQK$>h(>P)){c7lSc93g7Y@dLf-l3ne3ZI@w
zA6(|St~h$t2!zWB#K~3N_H6p_D&(X27<~?_g}qc4g8+2uRlkxVZ$E)86h<exZep;%
zP;tyF%Fcqf=;mCaPE@?IY)+;Y<aMh2HWlK(P$7Km1K8fTcw5!Bx8?12V|(1rP{!i~
zW(Y8*0PzFtCuJGunCb_i_Vwwfni{^%6=$3dRQR?sF_XngsBr0gg@J1JDku3*<9OIt
z^c@If2FA`|RW*5e9EBxinj>Dq7eF|Jm#`%JE<?qR-R7=3cFO6`xm_0=s-@d?IaJ(y
z2&ZZR&O25MC$k>Hj~%P^r0!<NY8m0=-b@jye%Hi957&xJW9wW)XQ`p{k`M3wjn}^L
zT2VaqHmubg`@(B)@0gXIhU=TpTzLk!;?|>paBe+1yWtoG;OT~ACF$6lX#8f)Kpvty
zu8GHpF=WIlSw4F3n*IQ3--fLlilb-4<Li#A;<0Ji>9O)KeaK__8T|nz+zL%CGm{NQ
zY@SSaAghnjMo664tE;Jg2D1^)J6c#X_CL|Y^<N46B>^Yl_jl<50TMQ=EpX6I!NhHE
z#MgCub-i!D>;2d&-+=x?iZ_aXejyFJmUC<ovn^{ep-0RueTQ=6<5;>gzllr>+i4mz
zq}~^>8v_q;x+F|AgAF}ShfhMbZSh=fjO^}FT9M6*2z16SoQBJZUD%_aQe-nAn}G1b
zM5JMQhc@)FD`7LclW>g$%y8>|lHSHHC#&JIABWtz-9k)Act;{;OzUn6F>qd~NPh#y
zcObrN#DVYx!ro}6w$8+XIojZYOh($P%`RugnjB(G#<~iGeR=2H5|hz-OS}0#>+W=(
zE=P$G-<EonmCAHEr3PvomLm`RG+y2Zc<I0>tW~-MPlZxNYR0yhj8>gFes#iPGS-S|
zF&XPQlTpISK$baLw2^+<$`>=ktUHJnCv&t!NLoxr$DXO5#>-4nuC?+rT`+*slzTl9
zU<RfB)~wyJZ&%cAvl-jEgV7R7)We)q^u(Nv&C>k9Tb>&!GRwvcHPxzjo(e7BY^z!4
z_T(&)nlX9H%O*=xl8L1$8H|F4Wt{!XnLFnE21Wt3Cl~~ie=U2#JPSLr1_Fu3M1W**
zIqUr7KUqS1tw_-M$tx+f)nYZjm@}48kDNI_;wbJk=S(Ua6Z~4O<T&>vcq@H~ZELky
zyTOEh@GS<m&g3{_cRp${Yl<*jn7Md6FKIMBv=$o|9~U+XX5SkFqI1R_6V?DHhzZYo
zhTq@mStFcr#XIh88j2ZM4{4*?aGrE(^sFP|Q!SA%L`|DD#48~+CG+5=dyi#Oqo5kk
zLjgA3ZE#W`(brij3Qk(`vllAEmKj;_Bn}f#;(pA?LdkYabu=KW`A1WecvqFt9JZ4d
z$7T<W3?CSN-ej&U!26iMcd#=(D|84nzmlf+R;dvvpG6lzhCTExwnL;GJ_{CSyK%IY
zni@}|?6y<CbwfSXj0_x3o=>u}XaTA{;H%1y@iJz>M+@ksQI}=JM+@?A(*j0OaIp9R
z%Jr`a93=1}fkOnk2`s9|rQDz>oRMKEHZY?;i<<J;$hZ+kpG@i<G6^KyZf}-bAkdi3
z>cS|#uIRPI%)X3KqP`AfxLT2+uh_AvhK|<{BhlYTej)j_PkcT3)nswt_@(4bBvEc&
zHP^hZ)VyxC`Ke3$?s|m!ms~{swSQ&TmvAn2=NHvCcg;#T3#s#Rih+{UIVT#wS+SEH
zh-8J}(KSlMqm(Lqdhm6z^UW>x7^V+N-^7`>l$||mxG$%8eC|MOSTp*{>MyOn>?$>`
zz2q-T(9Bp<lGecZ?d9zZ*e&4BkOkZ|Ri<fSm-f<m9tQiirjP8~nz3Qi_VRWfi8~Nn
zmev);Ez|yQ)?cZIqbRMLt}jXWIO8{Cgy{iSnU6o@fzy5-R-)W=-!(Yv`2+5l6}Oa$
z@h~{O|C_^ChT#CGVS2bE4bF+iZ^j7I1FkY3f5-!;_w%q4<)-_t!8yzya0fEED^cgT
z9!cC&Nxk4Zp2lNtPstrR))=TDGl>|~$xOd9naPi@dKiReKo*xsXa;eHO0X882^)ug
zZsRaUNT8Dzo*WuH0VE9L^e~Wj*zx4380yBjj=B$nAYjLw20*?Nvw>X}c>`;+b&l3%
zK`_@s263bmS(}Yi*z~MF$q_*(%c5(A3KWvaR}1BIkl=#=<)n#;M4QWbipW<hb<FrU
z+s!F85EMF1WjUqnsCbWKDXkjir9;VTmCj0qQb{#qb5gTrOs<uPGg7=v+F8fWNU?0l
zK4DgqEiVTtr5&|1>mNi+5JU{KA1g=Og+w6ATQwUw*=gpS;6zu>B0GOq5XhSCvg&^+
zy@aGp>@rKq+hHlaWL|2tM~kgyVn*h+8)}AsU(J}@2B&PEs3M(QdJAxk0`uGS7MT1?
zx$RNyFJY8@NVPv6T!grA5C23bE(}|pemWvn`4Ku$l~h#uClvNY0@P)dzasEI0ETsZ
z_V>t7f>EH+y@W<P9L)f+B9lb|!zNke&YescNixqaB-9#A%+Ek-)wov|FZNO1n+T)`
zoF>o@P+@7^gMiKWzq1kG2@p<i2?+rQHin=X<dVTGC1${R;VoZGIE+P`R-19xRu9N3
zH~Y3>wrA{$TXT2!YMyiIxQaCkTD`i|Ex2PmolU<wsqE6mD<x^wd}<wu<+d!1Z&K~J
zF@I=rs=IeUc$b<`cXjg@{V5RKJEY-#11N5>Y5&Z?zUk37pS?VKJsOAmr+2(~_Nz_J
zuEIuLvdC(aOLi^6u37Dd=+=|UUIgL71-Hs9@_ArYNj*fbO65H`?Ukt9MS${u0R9Z0
zru>wA_W<I})zaVpNss;)fgcmtN#K7I_!|O$OMrUJQgynOzei;A6yAkMB+aELw<*)Z
z1elO_m|WuojuGGllKm*&0e0kGg`5^1yQr48_7b~-cKpNWV84$lSN|TMnp|4a>50oB
zn0mK-^Nnx3G28L-H{O_j{JS0B=_nrkWNGM=zkT5Cp|2nK+JP%?6vY+Aj+ft+nu^gU
zW{GNuPrDc>N%1++_|1xOkPzIfJFbawBB+cgr3#-Od>zT6PuQbyFB0<{k^8iZ$KnnI
zf4^yeX<*-M)Bd8kAIFF^?Vpv%c})UQQ1L6#a~@{%T@&{snf_!J?s+L^#QhK9EqL|a
zh(V_O-`jp+)k&91%+l|88xQUDd}l-Su;l%B?gqf`?F=0b2Wp!Z{Rs_%e<0u_F#PZI
zfB?zq*q|VR;hx*xsPCEg*Eji|H@3-Al=vEUvZW@Tp2|$*VK+?~La4SfIeC%z3Eld9
z2HOYVK3z~U`Lq_~LBup+VfyH&Swi#c>9i(02kRVms!XT~tqTfGl?sXM6cA#9LUftd
zY>#YmxfGEeg<eeT-ZwJ5@Ay7hYuj^V`1sI);e8{?BO`lW*e4$!89IL8$gt*7^NQx3
z$f$YEJC+&E+a|Fm=p`2kyh-2+fo~J|E&-|mR@=Jplo~}7cc8da6X{(_1l5P1phf|2
zdR#8o_l3ilv_2>NTK$iN$X&1B<$hlvP%pUpZ#D@yL8qm++|X9;+)!S<w)|Lp?y>&T
zWBujzgLCUgO6x~%NzE>QIof*DgZmGqrkg(8!Puy)zZoExD7376JNl&qm%ZS9+ze7s
zNN8+%GykQ!n|0(13sT3;2)XKo6;I!!>~1y){uS>xlB-*E`7e8mPi`&6w%ruq`Qw-0
zqubrs7MJY0B@n#(%dV$g!|)Ki`zhCRE?568f#BVv?k8Qx@r2;rmt9Y~jxo<M^6YXA
V+!6rp9&)dDJ@2|L5M-71{{h&h3k(1N

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_resource_merger.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_resource_merger.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..2f7acfeb19dde7927417a907a42e63060ee6d8df
GIT binary patch
literal 33045
zcmeHwYj7OLdEo35vkzeLAOPY)aS1+`1o0vOJ|xNkX(}X0fz%F{WCX<P6)*tT0(Lh&
z3sPJ~vdZx#aFV*%NmQazNf}mNf|5$?Jj$;4eq8y^cUN_;x?KV^)>FDFC2>{4Uk8#>
zspMbxecjVNvx~ut0Od#6HQUqO^Yvr8d%C}8@59PUzXZ<vz0eo_yi=0?6(ii$7=ecu
z9Fp{=q)0?k9E$V2gE;BkHR#ryVQJ7qykYjFf>gj0*Liu+M|^{R;vWo<z+jLB2P;V>
zg>j#+8Vr#TgguH^sTc`H!@N54J`#wwnK2$3@kRIWuz6RUy%mZ)Qm6Rf=Z9ZlB&Y;O
z0!rnGPpKN&rZ^8*NRkp7@%L6M)y>iu++T2zdZlKhVZ`r&V&F+-uUo0bC!}$^)Fvr)
z&62XM&&lc_+i6-oq&0}NCYsg=Y1>6wGfiuPv}TdkLep9xtyQG8PB<ewa&56xG8@jS
zT2>2>r%5<_T@6Q7Ej>*})#p_*p^}b!*npvkM-QFOOb?LJ>&dJ-nw=)9Ui;akHk!Vn
z5_OE{(W@^_CbCe{)agW4ok){gdhilS-$;(B<npbIs{57EL<*p%C$kZUUd8jVx^z!!
zBAI$cuYY;^C6%O9Xjgnp%}l0mO{uADu4zmiPe8^_GfnGcIozqll&V(}qv`Q1*5#W{
zC4X&NjVH%+Ib$?JugMq<jE{;ICaiDePh_(s`O-90u6v0JZ<-o~p%X3$As74}_JjAP
zGz^oHxtJs7j7c$9%pLP6j+pnP<ACvG3<fbQbxEC);ymu#BSl=f&eKGN`ooE^mYB*+
zs^R5*$p!?5CYhS($TeKgW;5D}&dx+8*)f?OO-!EX@9jMj@eyngsYEY;UKM&F^s2$r
zWi>UHNhecTg5Qx|MG`mTL>-4gOO2{p#6jGU9I0S=&7w+6p?Njzg)nn^@97gG(KDAW
zjwq=F89$vKQ%C458i78~(je5r=23i#O{B~%y>cq?vML^sMksI_{IqWH-jF`rCIz1=
zHta6ewiGLCiZxBe=0nB$UB#M6v2Mp=-R{}iVq??&I)Bi+B>6qwhmc9qeY_fNREz|q
z%kZP4)Cz%;QG!u`aexIxaUJ)-Sh#cDVl2$b8NNvpnGEzi{Uj!mH`G*E)YOsN*3;F~
zd$_CnaChJ3?yeI@x=wU;y{LN=FO7Eh9Eo^H6E;o0nII`B0_KrQNSbJRl?Jmvo=r}{
zsKT)8L70}~$w@VSJ)vEPvA`aN8|K#VZNj7h3#z8wM)N`&;0qvONInEV?J4lykbWGf
z$4;xMD~4){jfac%JMIU(*iBxKmuv@+QTPeR`{^OBV{b|$5^=zy3X3UmDNf>6T+I^k
zC~ok*iicE8cq0}1Q<tI1(UO%xfmfSUAq^UI?`bG1*Upl{*i!5*co5DcG)>i@7fE`0
z;(B;GHF`afno!3&N`?zxoDSC)U@^1~moZRI^D|T2ux7iCJ3E~z$1vuhF6QVnUMuAs
z#s!tSKI5Kp#avPAM{K0WoSkMq_pr}MmSS#E8te~gHRe5WR+7>;`3L>WjxqS)hUuP#
zd7}8?lsQ<zD`FMB4n@9prPtYqpBXsCH;kVaby564%Uqkp+l)OrwzH&`+A?5>wn@V{
z)v4oc=B-RLm*mDTt<2fwzUWYViho0`Y$>V7wv}d&iq^r@w)CKF>&#rxD*u|$9^M0M
zLV7u*66kOr_DWJpR)R`pOzv{fm~R-@Ch9C@;g?kA+N79|m&Na@L#aCHNO?{=GB;vw
zC4|#4{azGCquixnqgXz>#=czAGpo(5YU|vxwA8*g{k(;1LOx1Q)^xZYQ&0LWy;-|z
zZ@QoKCYxic%uCUm6IGGA+)=)$0|H3WQ(-_z=(=9Ah$n~&>p7xA>R33T9ZqT;1Q*Mn
z_+CC{pkQ-OhC(1BqI&=(Olmp$lm_o18awCsiSy*iIY+K*?}5y%BN5I2su2jE3}dJ(
zq8-3{cSMW$UkjgPsr?a6cTK7(-AfUPu{pQy0$B9A(K~`(|4*uLqaj&Z&@s%Cxpi!a
zV7(DXu6>0Xp{5Q*9ZPD9xJVadBZ!rd9`Nqr))J|r_zK;639h-ihaooY820~C<`yDA
z@dVLp0JWT)1T-f@M$=On=sZ0LkK->*Cno`!19X7mZ<@Y6u3b-0PmWR0_{3!TrNm^M
zVzR!tmOvaWL-eWv`d-O&>I@<gdR-jR>qIuLz5=LhDv^aJwCf`Q-L0vU;|%!-SkMKd
z=Lk8BO$}gMSZDQEBYoCLFN?6Mj#?wftzcam;+zIjh&P6?bkVM06De+KNSt8<aRVEO
z3v58YxH^8(vC#sbg=T5L590=CrB|wKzJ2qXhYG=G-w!q!p(T&2-aq5}P?j3^&)%AE
z=$;AuxMt^k&8``5v8M5@)~~hRe)aa$d`<g|_s5~yulE1Wt9g0n?F97-p`DAeam~v+
zXI>RC7Pu?#{9R3?6-r_(`G@k(ul8FZcnq@g;-KW)2>~MlkX#Jae>L%yTY34w@4fz&
z*WotXNWDVnz@lticjN;zud~<!1aGn6yqOBY*+u~_0(a#DkF)q6$_E%i%8^hQCrMy`
z{{*R4?5|VeJC+sK;}}xP8FNMju7?FN7jsy!I#;KZJ{@yY{4K_DkFh_89Ts+d=A!sD
zmpQ=R95D}IZ_aDI7VOPs**R_ZW!^T5y&+y?)*|pevnp7nUHlDs+Y*QunYnCnL^BuQ
zMXoiW1vaa=JDhZn2E<<R#=Hi$Q!!k}+hi%r9*3yl?d5mCb}9hVxja!3k#k1|Qekx}
zlf6~4eE^j+HVxEf7{~(ll&$39$)uL;AQ7k>c7<AF3*hTMY!Gz8f}I6eLTouMS>^lK
zD&IF037D%gL9(12Mei7T$I&~19u5h42ECK$;R+Fv$!9S9OXv-thbtsG1)g=4>$a|c
zB`agUhI5Cne{AuK(6x%bXUW>fHc&0jp5UwNXV<gpt*4~tp%vQe-~lbzuy2;kHym7f
zJ^P@kB`>$!uKmidFUl?Kx+AyD+z>GqxLcA|Fk|rGc5N9jM4=4&Y0m+-NY>>z-O1u{
z-5-xn!T1A}8`p#J_^(YTCUK90SSTJJPZBLVnM|pvG$d5S<74U3c$}PtS0PdG^!j)l
zXyt5jG;Z=`0N^qLAU;m}oU~yGJse~WxgWnN{m9+_z+LHyeDqX>r<K7X#HLB%9m@x8
zD1ADe8lOy#X0>})p^jYl<(p~iC!mFICbQSWsdRXh1BU505FVXW6RF8tE0Dwg4rHTs
zK}2$R*a<aI7lo(g4oG8HrvsKtvA`n1Y{?^*7Bi<wLPiBiYd%%H$K6n(a~M%O>i8l@
z$!hHEGB?awwvtJfThg3->F5-pl-pc_Orj6Sql)DSy+M47<td6hk}?O&w@is|pOruY
z5>k+GcI221@om<EjHEIL<g*}l`8$ba9Eoo;H}Yx9oLz1tbCtk`T8W#CS&wZi%^nr4
z!%fD_W!pM47qlv{CbUU1u2rr{d<O;bU8z)Ai0@szt1PwRw_D~`AaX(`xmYJ%@oUa*
zNpsdoXJG>dGJH>2ArMVEpNDNWAcdt=AmxW|%-!uw563(dY4`!}Gm12r@3zvc3j)$m
zeeEADNJGt*k7r=nY+KKGid-<BHI|;WAAK>NO09u3R4R4KwpgWsG*k_*f0U|td-)xZ
z1{kHx_a{Oqy3w2||F{&X&s{Q!QMz7^CC4eJIvd6v!=O;jM9$RLjI|W=q^E)B2n_Dz
zD?r9FDwXVoF`jdo^eN+!?}yY}5cZpwRnkeR)H!!K4CSNa1fWO?L6$2)dXM1=9T+--
zUN3k<<UIHw!@#DJ3z&@CG8qDIu8t9pxcKV+^RZKBqC;mcpHcMSXD^;Ue<m7Nt`0<>
zCy31Iji)aTT^=|$1gRIJr_Y{IE=LD0pSw6jiB5*zgaMAVW1WZ&BM?Ir+tDk5XctU)
zO|NEMV5XE|LgX~o_F44Kp!Xbjx`U7eMlPav3B4D<qdPChhKxHyiWmWxy_v>pfG-S!
z9X_@cPtcf@AZ~1j`h`_D*$tNVA~x-}9fBAv*0&a$_rBk>cd@Cf(A0Im!d+Rl<nlK8
zXDUCe24ayuKR}=N6q<V8Z|hlX8!WU9-uHPBu%gwUm$!ddE7gXr^y2%$*4w{2A3Oy2
z{Eox(!44oXclsYnuG+wi_d~x_UH7v^MgC~l{`u+y?=;*Vc&p(L8@|yn<H=VaC^m&>
z_vg1C%*zMCFN6**%Eom^J~%TiVk~gCB&}e^-~nVWgN7&+^2r02R1?wgOZXqV>d$q$
z?F9iBY%m{W`&;lDSf@W#L4apPTtr|^D+mI-6c?!|!A0Z^vDkk)f&h7g;tIq?%)St~
z5e&8AV8<53DBo8p!E5FcJ1ozGLJl(*>|H)f9rn;-?^+Ym#6|o97YQgq3of!bK|m$P
zMU<*$c#AqA-bwj~p|_Ze3C4W-yS!J%-a(}RrFzR}i4a5Zy_nayE^*Pa+%O*1Yxc5u
zzcnERj-qgJLU043m>_>Aeg`}QMj-Q76P1zL+;e5v1u8p$^j)RM1>=5;B#v5yk@cNQ
zXHB||;S@RCL_1SjH&Z|$`(Pw_T91*oUc8}X0dzq@h*CU!7QEenlD;X$BtTw)LzAvS
zin!b<5~8U$q&Gcb>G^tw#!fhny2c$5CuPzP%{l1yKj+k)9bM!)6rdpq$(gmjXC~AX
zFq6r%`md~G*To)Vq&*Gsj*0^T&uQC^XBdO~*$z?kZ(yzXDczIakn**C?~T7(^H%@Y
z`fp$TVcnkh#y`<uxtG4wvIAK47CwG2mk~gqOh(W{WdynlIPHMibwY0B`1hdKyNp%O
zuqKMQtruY;P-3K#v4>C|Z^t9D!;C0KWMv*5u`-YPG$f)+FeHW_9mt~aU>$v{Keshw
zbOYL<9XD|zV2gJaf~OdR978|P4Dx@j?VB5)ukFjreZQ;0Y?}{Z@NTGYQ7*X(_*|q}
zVt3^}$i|+`LwH$ENMtOf%g~R&?;<grBUjM7irzK!eg(ZGdas~|XlOa(Y6R2J!(4)K
z_4EUGv**x9$0|MjtQLeAg`aRRaMW!?hhxw3nZwyuxH3*oqbTX#Z$i1bffe{yxLWeB
zTnkUANNX|euEUJz0{I}Ne^%gUT>!Li)BG&J`!>bT^86I}St~1(2ux-LewMv5$<IDN
z3zbPW(#lVVpXFaa|6@%^6Ng+$nPivowOV;@>*r@#lt~_mpA|~~AQpHUnvgCPfUPy-
zs;L01=Gy-@d0A`rg}}g++ASY-fg1{pb)#IbTBT0#vbHJpTgJ<R5z2gDX?W7lIM0D1
zc&z<AQDxy7Hs(&RjnxZQli02J-i3TZ&_$$pGG!BzIK076I9HG=7n9FJ5?L=YuUA`?
zmudbvhwe<KxPTKhPQu9))lxwLX9CIw0cRIhLG?`p%TTX1_;MPkkxs=~Q(i)F#>OM#
zm}dgL0rU=|cM3flejUa78OQFI5o8@4yMq)X<(oY)Qw=^HZ2ED&=|cc}&`x_}IcC9_
zcIzteE6_&mUjWB3v^SnG>~@0MhdskCv<rB3v#~N(T|Tsnao-kz6UW1X9|wuEF%bj4
zoh2rc=jDUN(C)n4K093qwJ*xXbw_T`hjz2*f+Z{fAaQnD#0n)bkqkheJn&c;ffshI
zzzF;?XoqYZWwfvfOU0i^XO=lCGDU4-m~hO22*|rB6tm)|h+@hsvMJZv@O_j`=`UeZ
zZcG@7Y)Z2hTVdp55SaqQZp)Dkdp4!{ZuUYmkqb7#prt45p-ndBTIHH3W~E?LRw*G1
zn{pSQyOvtlk78DHHYKtsA3<bV^N6TVEk!Zw9udXdw&kO~c@z`SN`YcFD2-c&V!{Xk
zin;wsKjS=yuj}#lv-?Rue;WNfQEfrxn{q=#>C|Bhf@oS?g<n?H44PskNjOcCU?rHC
zG;{(~G|jqs9Xy^>3#+eC#X?k3H?ev!0!(Y!36MYMg2=q*G4eWseIC4f$b4Uyr2mTu
z_y&4kLN9?Hvbar&Klw675nm_&3A~jh<HsnTol2(!``pB}g?@BAF_{KKGBBeQP@4X$
z>*41ytosp){|jvOpi|)Bs5kwC;NsbM0j}WZkx`uc=I4Gexj3X2;0lfd!<b6Y{r|xw
z=s%wb`Mlg-3^nEDw%b5Tv@OcUbw_TS$+6gi85EBp?KTh+25_MyCXxZ@lLr+7*FRo=
z@vxin!B^#*BOjXl4tjQc^H=c!dI%=?=I0-{TRew9I??3W&G_aBv1z{f-sRufC0IpN
zazoVygt73w??GL;Lzg%|T+67V$?@c9*wkC4!bBjMY1T3eNEveD^7AkQN<d)c4vL<N
z3-q;JDF?GrS7ZoV)gO?t3ZEx)cB-H;P}`$)h|5CR_y8|8b9s4w^S-(=Xw0cp9`}Gc
zsM|&z)D!bWS62rW+U^#0P=PaB)Iq(bIw%#KdriSP7wx7jTI)&(gzI)NpadEfxV8C?
z>9=DJs@(S;XC;m;0p$YhMCPJ`Va-!e2|=lj`9Zm_=GxaxhA6N(g-ASVOYd-HS!BSD
zwUpFiPZbCad)_vxAYryGY_^GqKtV#}LiU^GP3)nC&7xAb<?R<1wHs=`$OY{OHABOe
zFrd^c4Y7csau^)m&EMGahI@FLd58WGjA%YzKoy`7aOgjZ$t%nV=O$*v?^|ZX_AT#G
znZLt^dQ{|s9^G!~ueD}G)0VeisCjRw{UR5%zv*$#h>6BXbMBc{7jB|XC4g%y@Ud`W
zJgX9_c8Y4IdWCT`1^I25ggHND)}H9@=;@2NbRQLnW)h>SE`voMSP3LF-IJV3Ou%s%
zMnYB{qa0?v0?*T!Ox%KeZm^nA$sa(0dIg+?aWhR`Hu==cRaI*MkfO449$PI|d~UC4
zau%LgG)-XbTT#>G8mwWkdpr+oYRqBioWS~rs?$Q}1aadbGKI}afoIh<AsI-}Kew*^
zlp(I>=83#!wsFR3=QD*-8&#8k!Afx{rm7}Q7v8xt>-gInb2swG&lft+e|^{6yWY9-
z$wL_czEs!dc-z<J_*A+D>4DX{h5Ru9{44y-wzt0Uo_DtU+xxz?FaOM?LeHhIzwkDs
zd_w*NpeUIFmaRQ#H3iBr%$61crk+fP*?FdYD`?W_epCQvCRjS!=u*=fjc8D8&T2*r
zmbcXYbx5x?WD!OtLq5XtMJ&3_1d%N=h92rN6BRw|YEy4ncZ0GKJB?)BW?F_G&MX%6
z4tnG0mB~K7j%nXOk18eKz|c+f&VaX)-pyW0eVH9)Kg;y<TR3IEkInh-4kWBTXgl<s
zn*Tad*cP4f6~pb{+4aACg~sSikeaNP2|bD}d$|5FC9`T*A+w4t`{4i()K!+5uJX1G
z>MA!h7n&}7<H~%~h57mmGyeCtw-#DonDfrJzA(T2g_+6^LQRXIJ%!Moyxje+uMp~9
zl#T0-+?@~Y5m6SnD|aIiVSp6O7(7@Gy?|v}p)E0yJTG?_L#>OU{e{r}ynOWCX9}UC
zi?VUuk&os>`$d!m?#f4JUK42rGX@WqLoZ;NR%lC1Bm)p7GfLJEob42m@2}pd;KE{j
ziKUb|i|(Y2=_v>?5G^kiVp#QL!1|@!S?YtfmOD#*Hk!Ofea>M}Ib@C_y3{JHk*AvX
zVN|1|&SDj2rity|LI$`^9a+Uwsz1w7qLjx1<6Qy93xtUcat<VfNea1n>&$!lw_-9y
z3g13pBpSA70&$OqO=upX2fz5}!7r~^&_dsE8;7v7K`OI7Lqfr<WgpLJ-T}oG;sf3~
zN+_7Qc(R!ZHK|1|K&yO~I_#kZSpmf6M%s^pAhRX5?Kk_Lk0oyc)kHRP^W>8ESe_f+
z$8V|AHdjm_#p2)>KRx)xZ;%*)VYKm~&Qca?j+Qy-Ng*uY?FSMAb#>4j`ZmlsG!H6s
zFyjQtZD)4A$r%^A_KP&*s<(W`iN5C}#wW?TX56yeFypE%vxFCB8FQE=pXQ9~vQ%vZ
zVaA!Z6*l|ECTCpDFVu{y-SQbH`u>q-+_Ky-<7$6~W}J7;UDXEb*yN0>E17ZIHZ)@E
z*;R$8oqx{j+Eqm^7@=)zj?j}`6;`L{qwK2QHFs4TOm>qquKpKl#y#0pOE$?h@i=dE
ztzFfII@;unYxsqlaZh&D4b3<>maj24z}eAZJj%E|%ug*2^HYo4;V>mQi_da$ahY@x
zOye?{Tm@=6Kwt%?FfNw4%IgUfWdcJRAxoGU$jCSXzlUeR+d3YxUS&~|hB{Z{i`uC<
z*oa>lyEtP=U*pg@z~Rg$#uC|t$<wpp7Q28EXL4Md22F19xkBeTgIi2FuAfTBm}3!N
zqhH8h!H~GI^?=ndUiZ$6@Ac0nzJ29eSHAPbLf_C|I=<m}ufLRCd}$SSG4DK+Squzd
z##e@b!B+<Uaff++h5t1|*{(<$McmX3lVl-GrqSy`52p`19|O46<EvF)elYi%?O5TU
z3}_TGpP{-JR;kYV>8x4PzyO@Y(ccRt;}-!XUtFc+b@$`hf#?-D-s4Qv|C(McK0<>t
z50yk$t7OByb@uc*|7&YBePf;S{AaOCB2DJmCXD}&z0X+x*jsvq(R;d2ys++q*65xA
zETK$3K>ieSBi*oG@ql^Sc_hdTcE_>WI<rSXazu}`*DR(Ibl(0ARzt-Fr!hoj1}H9|
zhn#3gE?aGNnW^p`Dl*`MyuwPO4{ktWutr(`4$aUA@F#^eM02ruw>Z8;98dE8j`qbJ
zy@egUocB-V1ly>b0CGfVj?O|;C(Y4cXzQmrdI~#wc#fTLvPlb^!@kPNCSCKv?y{3j
zP+BmE(t^SH`azHuwCpVGyg1iCzw_dJ%SAXUg^CN>K&>b*pZv4Q#eF9W`%XeI4}s9h
zMcKIKAq6#$%oGUUl~1DRz(^~YF?g^XdV!X2fri>>459ax6wK10PSAQ<3>_+j4&~*m
z3!R@??7Uj&yb9qw1VUFAW#gKMl+Ym&Wr4f$RcxIBQZQriU^(;xtH1(|_0cH8cbb)n
zBB55=zI}zzzPvo}*PV+82MPxVAee_hXkbw`u6ala?GsTJxGN7}^9+!J8G{GQp%-ZR
z7HFuA#t{0TS(PXd>ihssLJb{&b4T;?slUFk*nX<eehPwl2!u{8%EmPhDR?xgnF8Uv
zm<Wfc8i@r<ls+nlU!XNuz@a`GL+JLBqFFlBTEymcgM2D4pIhiVv)Fg8(02~Pc?g8g
zEy~6<4=E_aGE*RY7Zag<Mq<GdrH{(t7g!Y*c&w2|5x%daaF!1B(iXOZeNA3I^ADlL
zt}}(MGZ4%}AOyLMYaUY21jkH)@Lf!V1{#S4OO!q;hhLyISiqq^8bj!=lA>8UWMEo!
zmtg@~RafuNaLN1!^z3x?{xd#6?|bmmP!9nQXY706-sL&=(Q}SHp648_9)uZ%pKyTP
zP`61d_fzTY^?^)AO^|b`i__T*7`lg`=-k;T-xt{FA9i+v^c*ttl#rL8s4!q=P!^i;
z!D(YqTB)(S3{A#;@8LDTiZ*Jwq`134-;ZkTm5TB<X^*79$@YqmiU@x?2RZs5*(xbO
zt&)NzR!Nl`viv|{6lkn4XUDR%JBm@T|3JURl3R$SczN_c7z7J|vw49H2uB)jsFlc^
zT%(odF-W3ypciP#W!pM47qqHsO=uw?ToY0-J(ZBKN~%_Bw#+K2c9T{~&PTN3sH0X%
z+aA#>sea2xT?iUCH0mN3j5=sh3ag|>W&4&{CBX=RRg(8fKjUifxchmcw!~WI0&Z&-
z6B)Wwi36-q>2T#;ZP^Z{`);Z)QS~~)j<FI^s)0!L8p+%6k~!nJ$W9aBElAeA?C%T6
zA3<c@#`5G1g#Hrd_lrO4(#kApHmF~=v2!u;IHt%W8`OUno4;Oz`u&t{L<B<E@SvrS
zpiLQ@DwVZ6`*Jx3!}wimmsX1$qW=e;ARfb<6vVSHi>>?Kb=>}pjb<5uwJ$#cv)I};
zdp6&4m=lbTre5|lcNFHK?)my2WS+hC@*loD*FWRW*Y^}dPoeQU9D)g$v~hv)`^*<v
z3@q4rP&`J{_k$vartfA<BvVTpFxu~&eX$S%63e*m$eq+sAEOJFumFI>*%w8uP!bc#
z0EBk+4M*4koBQi8>@T&e7ue}B2yGNQU3RqiRvpE}5q-3Kv0}P53JVtdlq&fA%G|IJ
z|3w8(W`Zac6a#kID6P3;?&v0z)-1|x!p5ajgse(xrUF*VtH|jau?nhUHpBOJL&Z#}
zt3_>bI>i^0LB-5}ZNj2r78nlmcZ~{VEuMmSDp%2a8WQP$i<!0TG2wU!uwuY{nd5jZ
zZzWZjF>~+ZaOT}EH|&sTs~_f2>u4on#b!OWtu%X7v<|UiGnZ}a%v{i_;F{0^*Ig6R
z6z+3defS4Zu+{e&DrWv+{KE_CEM*<!Y33b7lj7h^-v6LthPL|f=aQM<ih00RKTvYK
z`FHJv>XzfpgQ<X0lm5T4AkKjFIPWidw7J<|_A{<F=7kwockO+1##!2L-^Z1_-Jlc^
z=5Mw|qb@9b_*+m#4f8GRTO@M9sGBzARSMebR~aJ|+Q0~f_#5&&8==e(!B+oCKf{ne
z_I_@9($Dy1J??%Mw)z1$s=qmR=JIu-s$nj=F#g~~kRKeYWoPTcA+4NgMyV7q<-vou
zG%%c+O2Z$<rb#Y<f@&i|58=vH8AtQ;#LvS^=4ymcM*zPI>5M+Xb#;w1`t@3i<e8WJ
z2IfO5#Lkdk-&S%Cmyt&|8v_4sLti1%SS|+}!y-*#*f%lyE%cB*Nd68z8NGh=!sww&
z)Vjr90RWCvn-VW(5cBs~!~lAacp?~LP*$lIhMDAx{j(ALd7G*NvBJ*%)GUYA;=kT8
z%2FR%F8*4HhFMQ}-AKi}>a<WXPZgW@3lW&j3I6c>;BxYX(>eSEe?03SAP;YiXbcbi
zr>Fl@8CiuJPyct*)Bl4%C#U~Ew)4Iy(X%%%cf4C)2z4yV#&t*T$cOf_=z=9I03h+*
zdJ!v>#6<GE+)+f~;-Og;<amp+aov#*Q4t|V7c5}`0Ex4zh!sj=A{l@zrx*Os-Sw9m
z*KvBmf58v%zoGXcdMH6*G7i8@CGu_Vp%_A(UJ!lY-r?!`=-GXqb_R=Jksb6HVO{3`
z9!dYvOmB*_|C{V!r)9&zy&XioN#MWPb)QJmD~vR{r08CjMXyaJMuF`BhNha@fkvj2
z8e5Uv*etqUc`*bBufhLsS%LAOaFT%Knyp(Xt6_5fzeP}&mL<A-4E_a+E`+)p|Kp6U
zYe<dIV~**W4OAG!I-#^<bom+fS7FbR{{uOYD%6(1TXH!Zjvq+}{!Nm;Ed561$8N8~
z`H_TPmE`DNs+DTC7lD^i-&NcZVIuJ2!4r!IqlJUf;+`Xmd!8=rdAj&i+x^fshqvgj
zTynwvgSv(#58Ri$@NF(tU`UoiElWNO`K9d#mI4?GN_A~Zl^Cj$YU;n5{aRoNOIfOx
zyxTvj!BB_n@XosPdyf{v$Cf0BeCNdv@%C}J$<caW0`KEv?T-HY5_lhf&T-ta`@RI;
d$FDdB9ggQ5_a%D!_(kVghok+0ggzbq{|{>CM0EfF

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_sanitize.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_sanitize.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..11aebdd9326103bd543cca6e331d253925844a99
GIT binary patch
literal 19602
zcmeG^?{6H(b-VX-d6cvw^~16xTSt+Ubh3_-$RjCIq9K`<ZP_su^F+lBC2v-DOY+>~
z-DUPp5-$xZ$AN9MMbQs6!UjRZpbbC<LBX&679jrsk7tt3A|C>%P0J5OB{3=ieJJ|g
z%<k;oY00A~#Z5~t?%vM4nKwJT``)}aZ{E(z&Yd9vjxT>HfB4@!1>qiMtixv}Ry?90
zd@jTVBE-eG=N*xF=-K<WPxpj{xBVm#W+g!qq$LuO;Ou>;?(Gl>g@x<E!TnaF_W7s~
z_jN+cc#s_j1jzdj3h_Xv$HeWVxFFypj@w0Xb$|<ToJ?``fZM@wyD4rb;C69b1I5XJ
z+s$!}6xRT_MvmJ<aeDx_m*e)1dLsLZ$A>bhd^oS^c|AOmCE-+3%j8odDUF166^c?t
zHJ{36+LrMS1|p)d$3$z2UA1`NgJCsVycqqKa>GoVj`k=wPPQc2jWcLI8DZrZ<Ubd#
z3q*uB08gHH<DP>8@x{FW{c#__K-^D)qk%}!Xu1lWi?hCHmwERFvSeIM52)jsz6`Hf
zNLa1owSw^X!hhu<d(UD<9OmUiqV<k4aP4gSkhk|OLCC&-0x980E(yZ0`Njlc(Bc_Z
zNFlse&yX(${P2Er%+qPsi2H^ER;5A7O4;Y5LZ_KI2j}FGimOnbwd-Q)s4&bCR*$Vd
zss}5mckqfl;YNK$gg)AL=1OHhotia0R<CN-^jbCJ{x)9}o>Imi55$8*{?j7O1%_p-
z<Bqm=TR8iCR2T|aZCPgxxTp`_F#J7zVy=Hwh)4s5KQo%j+?f#{d;0oj#Nz4J6S;|4
zL=Sz}OoaQwm^vNNPvE&dqDMmC3->W>cSI-1KQlhV3w02*BZwjBe!NT7b&cd{13eKP
zkv%hYl)?yI$W5R)DJn4<l!Tg2D@4nYM0Px<63y5F#mdb>DxFVdbR&??LJi$Gpy*@S
zLOMySDx>M_O*O4#fVYi0MOQ~OY{A%dkzN&~@e(0fV(d{sV8_+GqTR`*)eM!>nV{j*
zwe*NlkJn+{JmbuCI5S<&Oef2*HqWw-vdo#&Ito;n9Y(aj_xj+aZ(O+^&!}XiKbzF9
z)A8ea0mciOgg(=uLu<=T7)R*S&{N~Nv_|hq$zi{AB|k>8h0!tNVod>WtI@<R=$-y4
zfV;w%%_rxit}o=HQ{83x6-Z9srl2HuElK8YUh0~YU*TDnSfErKS#o5dXsVl)lpUmy
zp1#cqcw$lNT7j-?4@meB9LH84kOJc%khvVGgJ(kO5#R_za1bU92pSRWL2wv=Q{+es
zAdCo=0vr{T+o}ARQphAVq9?KhWT{G|-r1l?ZKN^m+lnPzAW>&gxXza4Q;?jMC@9Hi
zmn8EyFP)u}Pw^~EEKn+rEIG1JG-Z;O9i)(+l{f)UEJ|m|ap=&twugt{IJUfSfn=R&
z@7TO>wNl|y)44G<QyAAsD&eZD-rS&I)oN%jygPCV0dn&USk{suDeRJp5mJ=#Y_b6Q
zQZaTY%6AHCno6o-$ci$OB6>cZ%4nIaqL5Z><0OKw0WkI{ik=5cAfc%FJW1Uwz->XT
zGgtwyL`M?h#}ooIoOKlNPlSga(ck?rAo_bAAz-z!j=KpThLZJ6coG=(M*_x6?$7J3
ziQJf$(U%Wk``j>xOc4GXGu%C!G~B(^aQ9Uh?*9J+hP&Tk82@h=?g4JN2jkKo%y6$8
zcno?nih42vtnjSzJjVD8&FZw8(2~`P)97E9KbhTGtC1J6qg<A^*%=;(<5)v8Z54Jd
z)&n~yve`89v;i3fGtXuS?t?)+uZ$O94vBLrlRu4)4e)X`5w$cwh1Z2Mr_*!NYiQi{
zmE|*#oV`IoNq%ifGJo^ZYjg4$o@I#zO2v^SM;3~v`dCTXK?>>F8=QbA7Nysi+Cg<S
z5DAiYIFk+pF$Cy7A?FcXK+uJtO0%6s90JrVI;uCO*{D+M7g_UI{!Ch}+5Jg>T~m{(
z%;@W>(Ntbv4&zm}bsIbd``F@xfe`>3RlS)of(lD)Uca%)V4889l0=qMMzy@|m=!8H
zqK%~P81HU?TbZWYNOMi_Ho30_rh`59bg*Z(4)U{gCAnuwGJo?@51kI$7${nxRJ=~f
zk%c0h4r2APgA~%Ub)0}F7A0n=y35&*!IJ!3upPf~+wlud|7_EchdO>cET?MnXBAFW
z)2(ZBFS=yo-XSkIetqvZIvl@GXFndQxQeUe*LK2MeN$n%VdEAcIC^U<Snj@!2iiQ;
z4eN`eZRazcvi_%V%K9y5taWBi*<AZDdNt@Vh;yE*BijKEUH(?GBi7v}|3eVsb@9-1
zx665NtbSTo+>k^432J!Gp_*^S;rxE8`}t$x6Yg-2*IRRd=fD|V;HKXJZh9C9W1U6-
z2gFz>9S^}<-)Oq#Eq{CmIN1Z>=K_;w#zRo8qtCsg!V%xe9PypSHyz%2Kr)X%ButM#
zc={O%680iM8#vMvW1;WS#Q?Y*ECv`aT)i|nc=3%ZgYPPrU%xbP_3|5+FAXY#mu7sl
z3k2QH<QoVE0YvJVLyu1F_aPQn2+0cw&>A6ho&f7M0)aOxkT?LtPcI9m&P#|IK$OFC
z-%eiU80LzPIi2(s?)#XIb7#{>&m4v_wG(j#g6ao-Eeo;2Zeg0hCPLSv{s6#T;WrH}
zQ{OB%L_Z6B`C`+Y)HHdZBsVQd=5JnV`s^0ZvBW|Ju4Lz+VDdm!WynH}-^j<7<WnVd
zFUCM~OkXR@F-R`Ru_dYESCV31KwS&z%q~z;Uc?e#NU`Z_90%2{9Iai^G}J0fvD&ui
zTku%Ow-C75qWxHaAPj#U=j_ZD?R^yR`a4<cSe$@AKP-cBB@CzyI9Lw5EBAN~rn~ww
zI)>bJW6g!pZT|{?Czx>RshT4`*Q_;b+PdMZ^sj`U-M`X8#}=Kk+1l=vHJ0`mcbcnu
z>o@TVJo|0u3Uc6}tJm+z5P=QZe%$7&$)SJDyj+yVCqUypJ2$^XxtTjhOtwyB(`hxQ
zYew&SgDhj?wP@Sm&GG3{bWZBU=~8c5ZiD3P2?|Pb?~-Kx=B3^_xs7L8Vu4a|WXX|*
zqA8QK>>!2o><Lc56N^%BZKbB7#3d29DYY9|fB;pCL#a^*%Q@CM7P~98rwaU8W9<L}
zmJ$$iu-uMUvD77`x7QBbLx#4{c<_j>SE(bvnlXF{bwt^`dxg1JA)p0WjqA6y3}}-j
z*+@`Lg#Jr&1o$lmr*z^7z=Bgcr*A=i`c_HqT$0S+ywpj9Q)~<rEl?_6r{u^&5eBDV
z^|FH$($ip#SF{4zMTr@n?t=4u5T|X2$y%y*h^xXsq{9TJ#dQM(3=;X>4}bQ%AOGUt
zfByFn1O{{8Y=I;+#?kLWDV;2mE0}r@0Zu__^vF!Wo=lQ!h{Z`H`6hz*0q7W{$mWS`
znz)-PKb-NItZTHn>$?gzchv93R!0G_DdKRs;S5d@Tjr#e$wMW%Wl1uB^HK{=5p4vd
z7b<WiI|l`mhpH+=7TTa%W}Aa6CnXyi=D$J?#t0`c%<li>M|Wu;qXZcm->?A|COPD&
zYChdV`BWRveweaH<TD#!)k>0cmE3xx+|YsC+B_#UPaZ7E%}bK`o0poATWtiS7b<Wi
zI|l`m2dgSW7TR!HT$1aORvLOlzJs8Ez|HJJ=^_Zw>fsR^9)H(E$>VQ*1b|5et@9jg
zuU7ZRdTBhDpSYMw#&cRCrKXoJKyTayaofKDk4CV(%o`HU{~vQQLm*kW^Ua%HM@=yY
zPJ>t`0t>1j?fC-9=v)gLZ*7P@nLVZ<&#u+dMd&J@p0%3BS$kPNhISdOZUK10I0K(!
zg;`a@IBRFssc~kKqHzZC#}%#AG|sjqYKuzL<KTtnmevoBoqR^YI!*-(?KYha-%4Uk
zB`8%@(zV8dan<0@q^ovwuRBEyy!z*H{?k*I!5MOX_7DXn`TUY({^q6gb8?htSz>`w
zab(Gng`z1~Ek^3HgA~%UU_ILHvh<>KejV#^Tg0}gh#6wjGYZ!MDqK2fD~QN)%9ru#
zQ|Kxe`Zt~818RwW+tN{%kK<=8=O}pM+m_?}V-%LC@oh^7t3|(UF-h^;mUC6DKo-7j
zscp{w8T6RkMeqXzZszPAEI@Dp{@k1u!JLKI<30>P?q=7)I?utJjk>>s{%l6q5`}!~
zmS$SC{Wu~nzk^rZb}hnFu#YVsy7kzvMx)W2hF4W?Zr-*%O-Bj7R*<myuVT#5AxP9*
zdida}IJasoqIUaVhZnr^DFE}!IapG+oRhKX0<61F7fOzm_jz1c2g|i$wH(&Zfr=yP
zLcE!UB6Ln-by!g6q>!F2Z~~rKG}qj>Mb8#HOl@(|D}v~?MQ@V7gh#P?(Q9I&m%0OA
z0XX%uL)NZrM%LD8kUD4o8hd>lfIC-jyWHW?z~R2S{S~_0ivbwlF*ety0Nk{bvYE1(
z6-c`VqrJBYMq9s0^!}SJ_<w;Yt@q0fZRpfIGAA9G++UK9EJ@~XUOIwKO&bB}g$i8B
z&OyQC{;JB5g*Iwifqw-(B7cM6ZxOgzfv9%~0<^arR$wPuft?s76=v7LIu%wRuJhrs
z@@)XsQBuTr-S5UugEEp-9&zv2V9$>CL~B<J+^@shr2%&Q2#~tbAbgs)#vT+G)3?<L
z{hFFiC6{q&rFh{Qd^tEW5zdckVHU0!R%x9ujq}rVT5?q*M8$YM=WZKB8`bW#89sED
zM;eF(%@K4}lQ$528^MPNzKh_`5&Q)J!>hnIg7TP_PG^<dSpr)KKp<tI5sLWo(Y=p9
zx%d5lzW4EG#oghs$wpxo;!q6biJF3s2}i@>V&l6wmi4Q;79GHkjG-YzR1Hxv#M24B
zYXr0$gufU5E4KjaTradkc{3hIV2KavRvk3(m#;?HdvClcCLy}BR+wyD91_oacHu4@
z9(wk6@BrkvFACR!@aK?qNjF|_*^2|08|X2Jah+8Ms9^pCET?Wo=&((_yNVRDZq(Ez
zT!U)J5gztb_j9P?8M@w&J+$)s*k3{AdLK3w^grNuPwut(ZaDEE4;{uY-09(<b_orK
zfII$9ttV~<mB;7~AH}`aE)$NOXigM;5eVuno(d<kAZ?j!o=INVRpxT=k*r2C#mk{r
zpHs{*jp}7fvsd9Jt(ahp^(8|H@J?Z05EjjAZqPBVkFFmp95I)4{|;LiKtPvt{{&Mw
z?mV$n#<UO{ffRG-QQ%hDumc`H7;B76?pnw(sIlq9`ppdE^<Rd`@?GKgCxph<sjKCN
zlb;2681H?-TNkndd1+=*j{P2y{~1^o?gt_9<*uVsv7erpZkfI{^Wl9#?0E&i&Qq&i
zD5Eu31A;H~QP(O~epEpU5x}d6_%8%dO$>chN87Xt9#$7XS182;vtW&er?0uUYvNs+
zjZp#$Xer(v?J@0}Q(=bORsrFgASIbiz-S&|8^{>Gah3e3Q4ib3z-SB$Aw`Y+6yLa;
zD*YiAAfW7kBj6{(uYGU-)?feW@JGW-{=+5z;mK<cg~nrn6`?T@d~nR~53L-B)C#6p
z?~p#SkNg9i49VJ~hH|FyqQW}W#^eNdgd*B)lFGvlH5_FGO&sHL57Ed!Vp}h#)CBO{
zE!eF>Ya7)v8d39E(q@S-+czhOJLII&8j~PY@bo)A8bD10&gjx6bsABdf!=M^=YNKD
zo_#m}D)}d906jSR1c3WqQ51hIME^|?ejt2YcTd>)ufnVM1Hz$~esc0hC+Au(ln-8<
z6JA&iNMg?e0l?~hzt}H65D>2J4vL)*1OTgh{o*-9o?G2rFSa}o0IVLC#BQYNUfmxO
T!w&=is|OE>p@#wh`dt49gS^=9

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_scan_profile_validation.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_scan_profile_validation.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..5cd81e07f11fd4c858c3021493a371488da0146e
GIT binary patch
literal 26274
zcmeHQYiu0HecyZU9Z8*ZG!?yU9VuJZ=|NJIM4A#sho;V!WRa9_b+R3*U7W}zbrE?-
z&mLuqNm?Zh61h!KrGN`JNKrLK08vc~#puH}0#wn5AV5F#PA7`g!rvO8)i+seV8lQl
z|NqSH?A&q5J1S(OqFNmPJ3BiwJ3Bk`oBwNu^L2G0368BFg};34X-WE5ys!?h8JPbQ
z2)rjL5|I>_;(pad-1O`@?$zB<>9~*hqwG$A1mKS6Rrz?31doSE=y(mOIbKU@qtXVc
zNm9I<B*k~Y&B`TpG|mrk0Uo!8#>o&D<Z)pd7lODN9=CSX9jl$%oy??j(VV8|^yo;I
zM3tdb<|N6Eq{p=Ah16JjIF(ChGtsf^XnLsmK0dZT<~26<^}L}b;>tiW(HmD!y?HXO
zzI^P&sdz#$8c!w$P9HlGPpC@r<jH}=srZr7l!{Rc54eyX*2t-g6Pi&YJaUM=7o#ro
zV*XhOyeFNJhzlAJ8jg4rH}NW-O%m~8gAl*sBY{zWEMPo)3f@F0@HBsgUZM?anOr(G
zrr)oF0;d`=DSPQ5`=0R9%|liVup)l=^T6NyZHRqO8szr|&5t2T3F~uXdh=+7&)VtE
zxRS0!z>2fa2h3o`t++QyNq4=(V?2XFD_zoaz<gTv$PP1d_=l3Dcogp-?R*%SsI}7D
z=O$j>A&4B_DoKNDth<S|R>(d#NrSR=Wj)h+Vro-K?ueDnK0D<ea6ujIXFBGx->+gy
zuT?9>*X-E?-z4K3Y_Mt|<X&&Z+2<xH>9cZMXAOGPVb{d|Q7Pu{pLQGagxNEV8lg{=
z^aJbz``~YWH;`>o6#7C^s+W$!cgR3#Nf);C1?fFsRO*8-QUfVQT^*hgSIj;2v`}bt
zd{WOvGud49tQOVACvq42rzNO@ySdeHX*zbQXw>NHJ$NP&KRIwl$)w0gZ+2KaL&xfw
zNf@>?sOm6cRj4-(S=Ao0%@Y@mVArUY(cYOL-Nu<}21YZMt<uV<LRD3w<t9l+S2aSi
zq`7M>I|QSsyP21ct*s-uFI|%Ik)yZPf7p|+Z@ZDYTi<bO{jcY7Tzn()l<V`|DP7k{
zF8bV#iHrMVdgv==AbOZawZ`-v7}FNhW1+7Zo>b=Iw8!vFTx><shGhSAEy1Bkd_auQ
ztI3z*iT?PhxMIlWyK7_v-m3lL#6|V&WO^)@&gh1p)!7I^EPcroF*d0Bx$NZFFudLb
zQAfwJXH#QpCN-`ZK~+zUXc%p*>7g|S42<K;8}%xn<ai2N>79wOREDDCwBPXR+SrH@
zFh7Igr!A!$HCPGu&U?j+ee8l2bwI}#iqeDBW8I&v<~tb2R_v1^66oIra!L9m^7JPS
zjk68A3k|#HHf;LT=cx}}4m^;h$i~@qjfHiM#dX^*`|m}L{%n0Qax^a={f-VFycovd
zO!(-mT=Fa6eI6%V&B#X~8@p44@PeEWIS&<*O2!@{D8=BLfQQv%Fiy3tFsW99!!1&_
zE$KOURFVX&{ShD^$HfFkT&y2EaAHn+_q!C|8{77~4`6?XL-7xCOipkNWcQGkq4VaF
zr#PZ>(rqCZM`ajxLfxG4mFEI9_E${JXB#EZ>}D9N$VxEjYjx2pzks-Qt2iUB->R>5
zHW9ZM5I59sgwIc&)rPW}k@ToKk;<K$`a;XO?6}r42`JIhj5k}@T~Y(>HSPM`efaRS
zYbt^u0bmh5%y460OeZ@rft$c2B_U4i`+SXnH3wokMjjBsgFFLC2~3F+X~InFR6w;c
z3I;>j@re}CNEB~2BH4!IStQRP*$!knK=31w7!rKCIKbP;E*`^1`F?T8x9ixI*^rO2
zG2ckXd?uT5z~2dc72SBb`T@UGIS7yXWgumvedEsj?s$H~%ZrTpxs99i^5*v=?|yYw
z-pqct<;|Bb@GBOWDTyoCS8(I~NLgaIgfd7gREC6s^v7gFRw)Rpsu5Dv@$B#<Olzu9
ztEz8Jrp6GS;VP`EBWa@N#?l!rlZA+Yst#v|RFyPiQC|dNG^nbc1AHD*Q@I>TpPhsT
zh6MN+_CSPMf*qI=<Oy{gbl;Nhd3QbZ`hCY-zgp|}ZDENq-4Oio0}zNF^X+h|#GL|<
z8c={uC$bU%8dPKw8V$xm#_mNwX+qPplVnIk9{FXM#WbSd$F4X<voOAum}%4;B!U*9
zsiH&K$xJRfmL5;%N?BMApSK<bK7rlr^i*bKp8%-M&aN(iP6L2?&t>(T5v1G=2B$p)
zryPR4*=TU=A7mdUKske=7Qy~YUO>_bL_|oV_Q*i*t0>96-jnFFp^_kryEHhGE=aNv
z<Th9!$9pTlKE<~9as~q9Qvu`3i$R3e{}6}`ZOw&-=DCequWrt7*fZC({nLP#GBlx5
zhGvz)&6$gNlwsKNWEjHdeVq6hasnzuUPI#C={M3&&!j37qpe=Q_>ArV|DtqOTFxGL
z_>$fJ*~h8dH-l^o%sbSX9ZM@vP|m|yXAp%XdI*XUm&I1@fie{rw!<FCph$LVuat2Q
zBKJs-rJtp^6;G=x=~lcj(|MAf1j1<9!4))KnCVU>eN<E!K~4~lVH6cOtM9C0QG7{1
zhzkBU;)19U804&b;we^^NF784`zg+>H&>NdbxT1yp>D_qmK~rX;kjUl1uCZI3Kc~*
zMTLM8R6@ysDJsZ=Ak?r!C~J!qXP@E8vh^*kvneWQAS%@K-$#Cn^Z_w^Z>KY@d&vMs
zEIF6O!o-V-unQT1*N^od8F*bGC_oyXF)hRN2wVWDVpfX<Da&uvP*nrvx^yF8jzwD#
zAcyg(C;*UdBrgKdQJZHn{85wTr)pP=Z38Y<9Z$WZQohZ?hrZ>{iWV|B6o)gtehbJY
z>6hy}ep);G!ifU>*7semnX7;1PSc^E>NgJ+UmPej4dfF_p-Cy!pPH-Pey48x1CJYL
z&HwOA_0LfCK&;RZ!&&tU`3<qTrr2WuF9;7*H*oxa6<!$VtRBcHKF|w$1--Cu5G5FT
z*!s+@4M0Ccy#owgu0Kd{V6pNo&^(}Cn1fEj5l-ykYYk5hE2tN?b34My!rT;ID&(@?
zuTuF*u4e!sVtV0#06q3|oS`RRy_0n|q31L}Pq3f72@OY~hkOY`2s|YW9d<heqWL30
z1eGu}q^%M@?BWducoc=%szg-`%|=zlZmKHwd>%;UqT|Thd)iuC`<c{=pVU+gQ=I|9
z_cAh%juF~BLz*_6&WsAkQ%To*5-Sk}!gReoA8)_$+Lg|$uJ3iv*0)~OuD$h_U%pe{
z`tf#C>-$X9MZN&3sZy3~gpi2J1i1i;$m9%$a1b*&1G|wRVl?69HYCp?c@7CGVPY~<
z!u$?K{4Nr%j$r`28{;T{BtysoV5V|m43!0#6&u4CT*a2guA|=uvMg-gb!W}<*BT3J
zc0D3M-;4Bow7nSV$;&;c$L%SGF*p<MnUza^1-#GWgsU032ePp{MF=m*36WHRQZit;
zBH{{FL@2I|%Vr0YF3M6hS;J-c1Hc!+bapt|*g*U0PP&1m@`$Af%$3(>2NT#0%8oMT
z3enJho};$cevXA0R&A-3%+AgAzxE@+O2#j&+<=B&;hB!PlAPHE+ZWTzdJyT8z_L=k
ztk<3ygtGWNz#j^FXPeElYG5K>BOspKfBzSdSm3P?;L7v_zzWe=Ixr96{V0+~Bu?Yh
z$Hu7>XN2q-9hhuXHc)ZNW`)wa3J_?#wEV$WUPb~Qq-#JfNprhf@^Z_a@Q!P}g>cKP
zZ2oSWaXf+rW@t2zEC`oy>sl|r!vjzd(;MPs-5;wVFTt7gBEgYP;z(Xbq98eqL`5=+
z<UEpBkYILJP(6l@Sp?fzhmK0MmF*9`0pFH~5lU(yw58VflIvGnT)tM87qbn)A3qRh
z@tD60WVy=AGa)AyA%WOlb|~_hx+dw&8mp68z6VNh6E{qg@CuX%o(+~<M%F4dWZh_O
ztgcGssxmn-ktMnN_zkA0Kwhd`jiPcjY8zIgsnHae6mwC_R{Xpk)ma(ZFios4qIUf`
zMZ0P}2P~_V;%#v&zExGd`l;<IP-451A4A)fybRk_klU_8O3jMfu4?;98}ygYeJyCV
zG8)iSMKT&dmpZIXjAbv5gRhAZ5u(AObs;^ZRUx*LgHZA!x}+Tx9GUo8qTSWeF0I<n
zGm=%|rP=uzCsakT$O`LMfY=IFYAN2h^V%!<4g2S|9n5!~%s0LE7zl)%$#^pC;CsQr
zSrm{<Dh?#kWc*kSJ5&LYejvsgu=t(Vh-!{3ehtI$?JPN8%}859YrAvlk!C&n?Gza|
zUSGknCKh}aUbAepm6$WO?aLpC=bK)B3`QGr6vz<He+lUFT{Ehm<j{<|Y)83(BL5$7
zl#^{WiL=tiwk%dm$@REOa3vk(6yUU;wEl0a^{FPDG9KhD7;A(8F>2EpTOGZGatbve
zf^rJvT3b2g<gYmGp4v2-u{m3d-C!*4k}9dO<>R67ByhoDt`E$up^`!h8(|)%G*clJ
z|9IrXb@}?18+-58@Bet@*932ssh~=f5r|s*u#Dw4P|Quf3i+053G(}pK*v9HQe_&m
zjt~6T_Fn0}`r6(4?H~Bf`hnxPM4rcl2&7C+#l+#=bRMd*d5kw#t>sZB)&CpFqMYA{
z{rRR>7nzFgMdBZg6eIDx97jb{ycovdOgKI(m;4HNpT`MTGjbfVu{%WwFUWaYj^B%P
z{KQ|3bmZj@d`L$zjKP_3$E;lPE8u+|CtS_Q9gvOPDMENbPKaEn&Eiwv8;>;gwSexY
z8tIN&0+#C`j+Owf!Fp^x#6?461iDz+0s1QLlei4%wJZU@sfTzFJ;Wbr;(OBizqx-t
zZGG^StC{NViCQy*pp&7iR=^X8t7D>RJ!(#g^j->l?9XYWS(rE9h7PuZGbQ;wERU+{
zoJ};@<)iWt$?7_~_0xqi%bXIwhV{9G#9{L5U$NN_n{mn6?^}=n+eTO$(D}jkYp><&
zw_SbfZvBoAwpX0~TIlpweQPYS&><msRF>#HsxN&KU*<o7fR#pcl;`S?efg&SzuhUY
z^Cw`?>CDTWI0beV!x)?ich1TszXIOpal+M%+zHv(og#!6<b=p2roc~DS;hH8`h(6V
zdhs|<m#ZZGf&3BbH=S@YDZLfew2Y+AYm84%i5F*=fLAnt2!aSelr4xX&q_|d14WVV
z0$B=%j7Naq@kv-WGy$IHBIAvQ03953^qe-VromBvk>ya|h6?Fu7-I~7->s3G>#iKW
z+Eb{1ZnnPb+MW;h7It>ssqeZ4(#Z(EL79PET;U`uZ}tzI7<lE)WtqjDMG1zb)xX-K
zU}^QGU&2=UJ`h`=*jZ@U$-RoUwcgm1Z~Ee*XxjHP5GeZcavuU+UoniqnQ-5%T=Fa6
zeI6%V&B%R_jom3ictK8xWY#mZ#tylGSO?cEKcoyl_$FF+B(#KPZPWF?mza{hJQ)vw
z=^FeE!F25wOA$=ho@JS?H<vt*GyeQ>X!_-5<Pv=_e?Mm-!OjJyYFu`TLJvJ2UxWH8
znaO4FC$(N4S`)3;5QFAfde}>}GCn1k)sp^$--JH#w$<9hvnAiixle!xCG?4!H%<#Z
zp?1aFoX;JWeb%aDRZa{GazoFk6&w$6*pwa6`?y`9VoL5?S}~>V{8iWNrLGXNvPKCf
zWz#VtxD3aLpw$-E85|?z!>)`Q{(K+^UKo{QYp1&77c_Fw7CGoz-gBu7S`^&2#<Ubz
zhfyS1M0wU6a~bY*CMGOoOK0c;SXlVV)^A|90R0lU)=2~gwKOHJW`mWp1RdG>365GQ
z%+(ELwN$mJHrh=e)B#1H$5qU0KZBNu%j7yrp4Q3M&UMB@%$pV`wkmvOS@9v}_JMt2
z!HT$j)Gv$dhI``Dxpwj5fVgVz1-7V{t*6`Dsw2KJRT)yIE_<HJ3%HQalAUxFKa9%1
zh3U3?YWXr*<x<~;8tHD}fiFo9{L<PDcQ$tw!d<hn`MWK5U494RcmxZ~U^I^_lw7gs
zyK<M94U&kLJS&v{N&WsCZxrgg^KviDi}l^b@QV<<*+@wt46Z8X@3!2V55LGSSzrcp
z@wkG01vj8DcBd%hgz(Kqo`DDM%DqfT;L{2;44*bXWI_T&v4evss$%JpbTRJ-aK*<(
zXXuKLI9qmDE+3i2UGXbSQ?P0mUGaS-uK50CY0PlSwV%SB^6jdM-c}r7f$0@;Rq)XQ
zVD(o_&Eb+SIs>B@tlG6*@%a=bl*K(`OX}<7iXQ^-(?&y}hw14V8-wMA$OQ`sN10=$
zaItZbEwGQ`8ZW_vrrGeE*De}9Fk4Jk;}C)VQwWHHduWv)WIF6qOf`ZW0t6>fCx^5k
zJd5KBgB9j?fdIe@VK_oP^@VL09>wpXiemp5s$^P%!3n>i{l>Y%Q!ic)!fO4whNtH?
zK65pY->_q@Y1bm$@+vQHqq?vDSY&Z8w;X=Hi%7nK<T8@)0Wth+KL*1)o+9Us8d!D>
zD|}(O?v!SDv5(Qk8|2S1{a+z@1xcA#Tn6KioQ6Lgbu_q!_oV0*C;MJ__*Bq$@ZtJ^
zuiy0`BKd2-J^1y(S>Kj|Z_E2%nttlqSTS~}=<E8_?eQIP&3h#O;RiJMAhbl<pl=IJ
zI`4)MlNPWZL-5BB06Tij?}SrzzIH?&4Zuq1=NFx#`b_bZ?n$BF{{fUd)r+b1Xzm=a
zAkd?P@fKyfQAA-$J7`dGD-RgCz;UFaI{1FWMn9ldoycZ%Z4tk<Za{9>yvWre2s(-z
zovLxM75MIQ+#clYY=UDVeR)b+fnBC}4&J&69Asq&$8(RpV9VD0XS|A+F1Y$Ju+x0K
z!z-@gI>1uSY&!3=u*i}tj=Rq0cB?*zpq_N^9Q!GbxM|ND7W2sQ9vC^Hj;NI_JHRWL
zi)&VHz<qRFSWYc*HmXodyG42Ja5l1YIo8h31+@}=1D#WI1ysdy?RhI`GVcKeJ@)K*
zi#wJIWg%l+cECLAG;hKFJ{d30T}myuE_j5MG{M2Ats;_~?ayAfT7~YgRHv+2R{MiX
zu24(oUV^MUJ*@9+J&}rC6~4pZg52;u)(FpZ{vQ1ODy9rswNk>S<4Db5^<SXI%59xZ
zzw+-ZYoD}!N#Ah(POH`W>z=g!Z?E-1Z64{Tz9MWX*#M0G`#5LfhBn=}p-n5w?y!pu
z+Yk!^WgBAcr5j>JyV-U(?WXX~_Pk*dJj(5RNe2{)q4tv9Z(d*${0l2%_=8P$V8&fq
z<33U)=feDs7j8I~$_%TyY!;TKWiDC^WF7V$n}&MKHvnOZ_V()+t~H{f{cinp*DtKD
z=MS=YOBo%=hmhbp{OLFeu==%KZ@-$twQ_&jeZ8GkZ>2toQ6m^CD%R_-p-SW<B#1(=
zAP+kulde$AHiAcc5~t$|?B~d=4yY-jn<Q1E_raBWv0A40DO-_8g)LP1iz=RyjgdM;
zeNSik5<Z+8xnKqXCY$ZbIqzEM)QJpb6?*1hK(+M$qFSH1`o?^u>CW~SZ#EXT_ZA{Y
zE(fd~)pivccEOHni?5dcWjJ!B{g1wqm$$y3qNEVsIxCyMqP+F;SNIhR%*b0&TVtju
zlw7gsyYkj6?P3b+3bI<oLCNo@cp4sn=zEd&=?le3dtPow8%ujJjKP^OlvwgB;C&t^
zT+PVskd56bLU=*W+j9H8NZWLKG18Wo+wdW6#V`hE!fms1$*+L-d7N-HBey{|cBcs8
z1vziaZL9w#@Olf);#}i(4Te?qPSLn$XbYHxs__aFHpAem^^8aHWP6j|gFgmIDQR(+
zrliEB3}-_RXvBO}Beq{KJ@^H$D=v*dr#BCW^^^8fxS7C8jjPY?<p&m@Xw{PPz;<qD
z4qCR#vT_3tjJ{S}`{umyMu|L!l9K%#$6DIP3SK+FOCgtI?d)7oE7AMTIkoNCX4l3!
zC6}pSjXN`Q_~~XFe$&hm7(_cVJ%l<U9G4v+DJ`<%J>vmM>6B7a=HxAG<6+BK**~*d
zg-S}bO5L*BA0;LGjUC&6kV|>iceb8bRWDhP8@@-K@J#1c<}zf(lw77#)|iq~Xc=FC
zbNbf1nUd1GO880Zm-G$i@3cy-54`%?eq$}}E%pwoxHCDb=cVo}_tBa`{uap%B$O@M
ziJ_k$`8y<k4`gMSI`WTL-V$DgqbtD52wWr6XFG7&_)0dnSmvy<Lht(1rQenO0`C7q
zNj+j~1co*AQcohT_Qg;2oOo1@wT5x5F?<O9rkq(N|AcWjk^Bq^-PmV0hEN5n*8mZi
zQqgPQS+H5q=EmZ-$Wle`QsUBrQvU`k_b%m1Ef&<=)OT*%fqYZ@BBp{*{-1K8tIg^z
z%^?05pydgJ2tAe_PZ&hIC2YleMTTUx8N?b;rBeoRv<CijMB8cpzZLAg?DbrB0)1e>
z<337v=w-GiunSLShMSFsTs8-`DbVSl+o<KuPbXLMb9m<}CfEL0oelhK{~%x`&B?f0
zv#_~qP-U>!WhmQ1cLwcjb9UHu7>wH_rw*mb&}2HN!p6<?g_&2Vabj7MbA{4Sm!#t?
zWV@Zy4cI`N01NJ$4lM%ZkC#H>j=YswNRg%K2h03RaCY1h<rd!fXC(iE#L47)9d97{
z0sK)F8=8Fk9(rqi9S^qzeI37AAM{1p^DtR#9o=okkgfj+K%x+9Y*d-~xtZ-14!is}
z6YXu1&cXix;88}vjAJUWA7REwIyD6S7rem0Y6_cFYhyZ7qESBuRHCs?irt6p+Jbgr
zTH`Y7wIO%0O|HAiT}Xn~Vm%Jzfyd=?-ILn>O_IJT{XyMlUZ2Z7F9G>%?K;<%PbDCq
g?PzngekuX^?8~lR7sev}?1cL{SM;F-gf_tc0FwWKGynhq

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_scanner.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_scanner.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..b964df6bd49ac352835de283333a3871c83cf2d7
GIT binary patch
literal 49108
zcmeHw33MFCd1lXvp1};}0ziW25IlgPM1c1x9v}%xJOol`j?G<Ant;Fngapn&-2+Nw
zbR}_O%CRFViXu8zVkq`*z&PtDdvfDkelJ$+M9Iz&Bmwu*iC*ltyLxYv@Q^}B``+$;
ze|2|t_n?6RNXm|4HNk(Xs;jE2tE&I{ulnm&I2;sk_5Ih#6W`w{2;ZlOaaHMoTf1C>
z@R}eAvLLx6_W_seX1|{OUd5dh_WNXiQoB<nSK*H5fVe*(2lfZ$pq^eWS0mkfAhbU$
zhxgaWHTxrSWPenS?vKf_{c$<IKOrYrUf+S*{dIC33;Pe$@1G;j**{mFyT3th*gsF6
zhxDprvGs0AoF_ctmFG+Iq`<KSQV{>Ej@7L9OVyPAgiBsHS7;QZ&^$p3AFJEo(cVN}
z#8PXJ8rk61(-yO|DAHm)Ey>d2NK5dvB`mELX>~lUk)_omZ4OUc%F^Z{t%0X4>vyN-
zpJ`6#1`5eSRw*dSzPy|)oX94np6*;OD<|`E&k5X+y9;@_<vnUzN6M`R9_j8M=y@dH
z^Q7t<>Mr!0NL8tkJwwB7$URWV_7sNYtQy}tp!DQVW#w#dXI9A%%RN~&dU&wAfM=ZC
z(_P5+=jGFC=&+nWHPD-tkDMOLs@3#dr1T98X4Q}$>6f#Lq6R63iiQUZDVJJf6gxaP
z+&_>@dDTSQFdCjK4D@st2J*RfS<cI9Vox5g(L)Ib^GZQWtkPdjjZ)yqz{zZWSij|$
zvuJy+M;ikT`tVbY|F@n1cunZiQUN>lq2dV$&;(qKsn&{VCHY#sIak`%Ni~#RX<-8<
zFI`EY%b3uD<X<hMU3*;{UCV@2)tR+><ShCr*_}MqJvh+I21W0j<kJI%6G<hTQwEL?
zW|O_yzHW4k(xOJ596p}y$>;h8`ZE}s6KCeMp2(lfwhk*<xwVCEwrY1joOhy77*e*j
zwm!L8S=Bu>&@!0s=^os=asB#r9q3PSNFNxrx(7o@J=;B~sDW&*cPKxQD=2Cm#)S=Q
zrhu`_V9W|xS-Bvjyt0TFQ-cT6yW2ZE+K;qLs(*N>7q21*aDyfg%?laBuBf8Xc7?h#
znN;uJv-MbK`{6^!q+GY$w<q75J;vtdv0+S87R)FZH_XnKA<UnX-A`sSXe&(_c`>S>
z|H^KF7lrrzLfw+_+WShi_f5=A74O?yoYOv0zqVMnZeq#u8v$R`|Kh{fLxL~-*+V~b
z=-j@`-bL4{>r2&*=jQ?xy^Xg}i=c*W@2Pro-6yj>*0B#E7k$dN&H`YD=p!o#Y0QVT
zP$Nk0w5vu~=S{o1c)3n5GM8Olej}lida&&3VknUkJL!pKm*k-tx7yW;S+pg<=Fd_-
zf0XW%LzpI$zsQy|V)xLH(t2u5tLkc%Yf-5x%Gseod`8N9^irvSyo6E%=>DgMvzdWj
zxe;->juK--`uCi{SEql_-Bu(Z8q-A$b{7ir!0};>rCK9*Kb?`YeZUR5o~)9plIg|S
ztdZwYh`tDQ&YnXZN80vvw0C9>b?$k%T{_a)c4Xh74w=3uwW_TRi5u5naI^NYM(I;X
zUPKwfY-Si^C$C1@efY0D0`Q{ngX)D7^-Cve7o30W{Grh`qen&`EXLPOgk#rY3&&&4
zrC9T|c`L`~?JmvReXVZUc-{S_y89<$t0rm}jkwP3oS4&aBM}VwuM0t+UrwS%8_F;~
z=vx<Y=QZJ&AiJ<iVRe!{l3VsJ5{!RRO!8u7aLGQ&cg%mR>R8o!H@%(YmptpeQWaZG
zM9F_Fz}J=_V%5j0C>PQKEJw(e7G!B*3AvD7gL<&uU{#7N5~MiR9lf+v!$baKQLIrB
z%7wPXq^KP4_oNbPkWjpaVc*+|2cB8lmOP21q=6ffLk#_D%Ldkofn0w}M-QLHC_?j{
zeH%FhUITX9?rKJeu3mfrNdfcK^(elQK`jw5?Y87WSuC#ZR?6WrvK(DK$iJhby9TL#
zb{#!D$iJ$7A?4{vdDJ?>d2%j`d6((M#Lk~S30$VeEy+NQrv|V(S<~<)m^upkB2qpz
zno)*_hVpVD+sm*W)}xFuwH38G(~ZR^1C)j}Cz|Qi7d}jJTCUVOGerT;%VhiduqLJa
zs#nPl_NkGws^vL&8GJ8hm67rqYk7jDLWTN0$u8{+5Hpzp;LJ=$O_&4OVkB-yZiPnm
zMd5l>ShD)I;9U~DDR|ch&w4M53$F)-`OC)VwHKTB7Mt47dOshTn7{n8ICmo1in|lb
zw_Fh$+02*gQHLA@upvbnEH>~v5Wv6-o%k)kjH%EKgyx(h>*^OSxH?iUnVOn%%hYW4
zNZZFAqTbS1|ExO4^19X=hfr2o0PvzPQ5_kto{ztYc>Q?1u@rACh8nMXgwO)*bLMjm
zx%sOQ;;TdfEED8*WJ5~{3&^VgF1T2$6{;tx4NYBtwvd^OJd>7&JLZs3g;E3XqHry;
zcs#PH6xmc1H%-%K!lzSpztL8gyal=BeN?%nku`$@O2IPC8!WA}-})4lq(uoG8%ezU
z!b>j{#YK1BsLf7|TF9PkeliAv*FVeV@-|MD^IuVuwVp(i$0N&1k!3}38Edq>5;vV^
z^X#SoVQIMqz?isHv2EfedV!gG3K`p~xybSo4)>2yCB`IJG#*(|imWJ#E3~FF<WXbq
zl^!oj7#Gp9?8EHDP){{8X7XX;gXLJ*s9X@rN;>3N2ArSsc2VE3EA2LD;e_z;VL=#1
znW0amy`9D~YGlN37ZH%`I@$-i%C*idxwr80Ng?eqp5KdF9!UYMcp8N+dS`Z}{as-m
z_8QMk`y>y2sFr)YPRYB4=SvEY0E<-%pxGm4Ev>YMVF3r-<s-VQLk$4$Dur&)HgYTS
zy+_{^Nb0(tVHp%pfz}0+a8_%LC>AKrGO2ToRBd8sdh$fVVf|5S3;9C#puG}B6)yPH
zfKdiy_0!#Q4vUzg`q{DsqKl~JOabf;ns#zX4e3O4=0vx0A|=WXppo)60HX1SPiDdM
zWmP|@L#%U*dXkC$R6T>)oJ{=*s*T}dns9QOZpBa|TQxxq4h|mg?s-zqP`YbCb;|{X
zhErRfbR-xzUYEa%qAs*feakw^`b(kelz#_+H7g{9qT|)e@yAg3{iXQ*#nAol5?)W@
zZz3^gJkeZAG#5k7*TDzOIUBfEx9I%ySL<3{YCqdH5vm&xEhvQ+yz$t@_@C_kcA&Vs
zv$RmU96Ithkz_HF{BCr~wc6xF%j#>ZR=?HowZ|vctbOaz->ak8qOn!Gz&zB||D&fW
z7Qay?)VIDrSBTD=s9!u$H)kSIH!*+VM8o_W)&6Mky5J84*@v0(u@#K<u-4ZM=Ms)f
z`8w#*){TUUWt&(GEZf0M=48Hic#y)OOy;TK?m_)dBm;g+Rtkdyxoj?v+f|uNZ@wp!
zk$0m))!RGJQ&2r%+~o%m*OsFF><*z%`4LLQrzS93T9zn8V=6xZ0D2{ZDFRM9W76!X
zxq&hy2@riPuQdQI%wYQj;TMGOdRJW+g@%O~5%mAW+yxU0m%Ja2`nFzQ=JqWe^^Qt!
zEge02q2{`P=*9K#)6aF$<=b3r+VsAF-|K#tZ}EtCM0zto@x>HhK3aHd&xO+zUrzC+
z(LL7@ZhGqwB{f~I5#}$x5lH%i?<VG)_q?*@x({ItdBei<(ia2Qt0)!}g0;7+DI@@B
zZ$U56ga7=Z&y=oP#4AiD+a=FD^cNBAvS0E6g1iP4r7AhlFQx)&{0KfRX}AY0jnX$f
zNYaJ(K8vc(ETtQ!aODI(s?$m0&Xe>_Ci@2SPq*|KPp1}$_|I^(7a=Q0xq<HD%DKAe
zKD&6D+r+6y<A#tY=Sh2<FexwP1*WCvm0dZX1#9{YOqugbuKcNV)z*gvA%C`6FY}PA
zw-MNrbETcMIF(%xd%4r%ddNnO_OEwu&{rhM+Z8o3cE*j6`P(QM?Ig_93*O%H6yjFP
zF5r5?QtUF?Y_zf)q>!aFk*#HyQ|UuYk~6DT&bK|sv6X4QrtsFGJ(XH#mO`t16?5}Z
ztC-Vo^i{>2RYp$9-{M;Zjw2V4sw6QTSnXo5U>BhYc3J8oBDCyk6w*PXF5@=~HhH@%
z=fi*hcGu8nF*Au;FS~NpQXv0i+J8{Uzhm@X@9*1s&w2g@(;>{i>ZAYJGXH!Z%aN@%
zdd$+tj`KOqM^*~8c-RPqrLa_!4(sDpGmG)6F`jDt>f=?7v3eV0Max3jg|UjzSZ(bG
zzL?!;McHV@J{hf#Xta`LLxt#Fk5>GX(fTMx3$m<4hr9wKbiwtZd;9hat}}<0HxHfO
zkWzv_tp}3ZlN4H=Qkv;^opB2R{nnb4(!v>p;B%?qbII*mq0K2p?nCV=^dBU#0xRJ`
zRRq=$SVv$3fz2OAx)sRF3hZHP@HEwnOsgNf;8NWK3L3VSp1#(2Is#_HS_Ty8BxF(~
z;MoHTs{`+F!6QFUPe=W0<)1<5!y3y&HsKk#vq^pocT#x&CEHW3GaILQjGfWJqn2o|
ziASO2`e{m9St5J67}G6iL@)7vkllfFWBiTQb-`Ujry*k`PF{^M1_)fukW6e_H?(0P
z+|C>yhK>ZRq3UP47Db(#QBLHC2YXr8O#fj1I2b!3@xekW-6S6$lGU0v*5js9D?=Kz
zZb)XHfdnbX)Lm-O>|6Ob+9wlbn~E?NO|8=3OZ98=TD6KA4-Ja^EWJuKwN2~swbsab
zYh;r(vQdj@?bxEdoEBNL#+uI-S!XR|t6{T3U8?hj#*Zc_Tgm#Aji{!ZQ!?N!EsU~-
zcicXi{%)Ch@z0?N%1THLAX<wrdbQ<j)wS6CR~MZ1UyC=KZyJlQJX`f{Z0_p|URm(!
zqO<;Y6Aj~urKQBuqL});QcNrzBk@sc)Wtw4k{TEFzcDdYj4b0(EpUZO@wAdHrX^n$
zQ|C5Xa~Lrc#pAR)*18cMb@2i`fb0{Iy75S|1in^GjkIgP(!fj9z$7oA1yJnlDV~M~
z8ZmmjksFU3Y3G@E0Lko;nn-QssJkcvlp-s~Mg8xRxRUjWnSxta#Fg|AJ*{NMaD(R_
zqpEl&9zZgCWMe7PSQMK_jx$h-G>?n=-zBlR7-{5DEpSC_rbp^oN@ff<c<wQ(k7we6
z%VIO*Bb^zyMv%r<#*Gxit!~M)#r0!k-Mn|qy7?IE=C`qKRkI?Ue>|)kSd&?`@<+qE
zi51EAkCt@{aMmp-Rexlxn+Swjb|r*QRV(gRh`=H01(TNlh7*H#*!>8E0wiY5g+P+J
z^508`i2cu}IlK37X29-+(mt?z;iK0~cCTW;hYi+7s=4R$CS=rYyhZm+Sbkm#EPss@
zX>l_qu11PVv2=~j#6@Po#6^r&7{3}5H*`gEf6~u1T|er6?#Jv;;(xBXPe{c(WD;=6
z8v&puoQt3LK!OPJX#zh@fCzI&r^(Mz=;sK027poAIS{mQB4|O}CkJwjq6Wp!<nhos
zy+D~?1h7%mpo1BieIZgt)XHC={3K-8p887^dYQmE0<RGGWdg4f_!R=L5m*9{ifZbB
z*D2vVfiDsu0#p7q0$(EV27zBE@EZia44}GXO?_Y?Lswf##r5)UBAY^TLW4Fmel;3#
znMvf4Srn%TZFWiOrfI3esSExpJ^T+Lon>_4#L}(B2M!k-AHCsmCxU0IU}6+s@GpZ(
zT(@O>-JVP9_KY>`1sv`Ea_bwdrFDDG))X7|PLPIi^Jq&cvUyz8|1OD}i;)#t^s*()
zGazxag~v*^7*8G(H%~-BMQ<2+z7*LoF6w`m#0|v=s9cI(wuE^GB#u1KV<lURCnM88
z-Si3b+Fi^z;_Xn~!I0OPVEYiCosD3FcF|6(krfI{`_ahRJ$Fp3c^R?hvk`0lSuJNj
z9%9We&5oq}(GY7@6^VwAmRJ)xu@;bm9}Tev`BHTUmLF2(o|$jhh4$%6T#I2SlR?d3
zZA#VLo0a84^&KuM3TZQqRRX`-Lb1VIC}0l@VHC4oGc8;)Ps4`DFeW9vcqW(6Wz~nL
zT{&h^(^qLJ`R@R1DH*LT#Wg8Iv1xB{MSCgs;KyCq0HMWXo|yFhq^!L4Z7iZT6zc*)
zb=#4wq3+AwA(EAZ{E@Wppex^JP}#l2D{x+<ldA{OBK?AD(v$XsSMVNfH+cn{g3VE(
zWVCe~>ggq9WIlx}HH~Kou=_XFcShS72Vj<RRDhbLK$-e1&v4Gokr5Ph8m~~r6m(TO
zuON2S8EvxE1x}>=LVHDnM=*YMULgyF5$HJ6U|@=#VWp5iX~h%&0kuI^?T3&zmoGpp
zTu($Q#Kk1`MG7ZWi9WpGX7XP~sLEeMf<~Q&9C64DY0?XU3YcSrp7Xl|7<EZ@MI2vf
z*uo+^)V^`e$lL*4&<2KHwQUAyV)`n`vPF3bfZ>PY%JyRF!BYGo2T3H%8{!RyED}Z*
zMRCdbBgM#)aZ&%fBrYMzmYIO?6<b=#jN!)lBW0NpMIG#GW|kivsh~_Yy7EZ^IRbeC
zLj(x1$!`((PXzvmK!HG+&B!TABS2;m3f*KjBR9Q4U+U)EkZ<G71y#P4AH=JCx@{@t
zB}q2FfI`@HYa@PUW1|5}jesP|!Tvxhs5a10wV5WPkgY%1JurxEEARaQ>OIp;_cenJ
zi~T5aC7Cf*@<ey87p6D;cB>7J=>EuSM|1|Fu!{anTMfx&d|nJ0y3PF{Rx1w6$Lff}
zOe)2w%?&F%*nW^`z3ejD1Iudm&#)Ci+>`Tt+S}=XzVdxe_8Ix%bQPgL(-x%nzX1_)
zn}^Q&vPUBdbZbzkpEl90r3`VwWfzc<1+jH;djco%QJKvMA!f5Z4m#>75wls!xkcQD
z1Blsgd4_Xtu8FUh)3mXuYVqne7NQie(0;^lv&&LfqmgF*;?1VBu@IrR?}vEp$Q0wf
z%&f@>-PL#pkA5=VMo02rjM0yDy!(YE!u{Mzw-@-d58|lBLK6QTa(B44dln0QF7N|q
z!uxXCzOzF9$!ren!A>+<4VoJ#WHS1L0P1j=016sgO)ZUpuKjh;R6|VFg8GNE!RK0_
zpJbZ=neH?AoGNCY>46PxU;cvElwmQdK>kHM(<aT@qUndXfXLW)*A2mjJ0+ikay(%Y
zA8M#`7`xw2X4`3hhfMesid3fTg~Ggh0GxyzMk14*sXq2jYS{KlvPrct(b+l5Zi>@>
zg`%&qdbI{j!S}pP`MyrzO9Yr4jmg%&LS>nXS=Yj@c4mN96_|#ac9!&M>s>~B0k(lf
z-#>w6PT$J%(3H!hMjO%EIFpM07|m12+}x^K{pz!C9U5!eTZ*+?xt<?{6E8pZxyLTg
zZ@C<9eQWbXDDm>amkxfu<F-erSq-Wux}Yd-JO9j=pa0_X2#hb@R$9Cbfg%EtZR1E`
zf0x8<XP?!Am(3u*jkNR6@L0)=T|p2+C8}kNRmwB*0J2O(7GclDZ?(MHf}iomO{GTK
zgHc2vvS}PC?C+Ae>Ff(y@Uj`?w~;miwWFT7WX7%_2%#C>7-N<4OgwN^+;lsD?zkFm
z{gCat_@+CyFYNhFIJj>?l})<EDU$zHCf%BTAEGY#qSEX#t?nh$E}m4GZqr88Myph?
z1T|$*Wwc7dc%u0`HLU_Vg|E<N{(Rbr=78O*gYuKnDtxu><Wz-O8)y}0)#m~uPp2bA
zVYHfPBgPt<Pe~dj&EF|05VMr?>Tab#s=6xW<`h)LoF=VOsZMk45;?76ms2e_-qZ5b
z6-Ju*TY*+#_Mp?QU9OG*U%OH+wm<bu+}!`2#C}t-alP`N;+bj)#_~^Q<&1)D5+|8J
z%UH+O8;chL`r<W(HPaM}mtj<e#ZM-LjqT9S<3}dGjtrUBvn5RaHl=-s?$>Hd4T%BN
z(B4CP4q(Hp^y#+FM>K1rzo3k?=*aI7_)7wOxsm^hq9C~i%Mw$zy08_8FEJ@+ks4cC
zMyQ@Q3DDAFHRRbK(-I?J0&regR+uXbW0A05C0FQ%trLmU%(Y$JHIpS}x*GnRn($o!
zwwC-(XuP?tgunQ1#wCCC+2Z<#$C~z)V*6*cs?2@)`IoSuY#)!@SBl(+z$nE=p_14>
zj#Tz{N!(tH+{dF@;EK5YES3^IOUaDU4J;*eW6V+z;ZZ%AmqOsGxczpO4W&n7?Twyq
zH3r+)Oo7t>stlzYDCc9qWWvPzN5Euym>R@;hfIg>pCOa!v#@&{G2>IvFQ8Bpar33I
z(>bS!xcwY)+YR}b81-77>bwk9WHM)nxFJ(a?16FVKp%PW$R=UnH~`-h3}rKBL#D5v
zVO9ChC}bkhxJj?eGr*WdDm_D@TrMHAGuB%?CDzmEcy-GipgXPTWqK&#TRY8MT)%Iu
zX@4npU{>gDIUzIgcWW-x5RPl!UTWTsKoNm*{02isLRpsyW$9s#r;s=*@)&TP5d*Fp
zt<i1}u4~q@A<v4yWCZ7qwbyyRRTpeuW=C*-yt4=YZ_$!uRTr$Dq><$)Zwh6>^!_xg
zyL}`w&2ziK14Cj)t83Y1JZZATY`Ur4FX$ABmo~7IDC|tF!Bmq;EBR3%za=o`@WG&$
z{ODMwv3<=~gP$U1S>r*!fT}=OY{!pmH@Hx|NFzbECc|!G6Ldgh<hf=`=lK``qqBNU
zc<m?=)mXjCRs1y`tovPo{p{#kL%C%)j?nqLH?|g6?HLR2weffDuJQ2RtKq#LvXAXz
ztS#>OW<1!IoML|bdpyuOKa4T5E`Vw5C;~U*2B$(D!>&%6VPzNQ0?}XWvdjf{XSI=P
z{u<A@o4Ifv)t!lV<jXy2$nWAt%CF4=`vj2x7Ppv;A?2}*JXzT&^u6#gU&6*5yFzvK
zro(7&tALiKEBrs`fm;Dg#6$+tqsvP1*0WWX@ogIm@3xKa9*pnqtKr?+_<lXsCVIXp
z2HWbZbOl58)Cz_%JWo~$e2>8Q2~a~EwG7{+8w5y}uMmGmT86bZy#e3moAsh^$IV&>
z{J!}gM18*bauQisfgS|-<<diUx*fEZI{C1^C3=spOn>hdYCW@%ZfW`jpa8aK8vF_Q
z7nxeA@XieAJ!5K4r9GvM_s-ivoi~A!ARuYoKF=A>oDcSbS#0cj7{dRjoAs{3Mo=J6
zQx!4AMo>?>ifLOvWs3iy+2l$GCq+Y<Q2)ncpn@&_vuY)&9!yaPr^xiq!q1e9zgfyr
zfnw7M`z_CK&TTUOmFng6qhzQaM2S=nqOLs-%)-(%U<h}NUvqos&?#t;gJg2jk6tjX
zN+82sO)^}E-Al&CCKx(eb}nr+b}mJY?<k{r8dD%SW^DHh^ne!ui1*%TlN{5wr=P{0
zDXdkpRI-nNNhnUwS_dt7nJ~O&0{Qn8Vq#iiTbbzAYTmesnL;Y0)B_6FFKzW+%`iEC
zGsCL_B;%(blJCt7L4slI=wil>YP%E8(N^$TRP&E$i$anG6U9&33NwFU5zc_b$jhOZ
zLfE}O-n66CwBu~3B<_SsWHj;7?1<qTU$EB%ds29mZA#Ji*i5kx=JK?rDSwR>v=S}x
z(ID5fS7I)|a=x_B$v6d)O9xB98SQsAw5-<s_V*rvapYnw0y8pe=cSnLbjE0@BC0dl
z+A4j&GqnCT-Dv~nHM=ZzIZA$~)SYU3(|u05=er)Q;9Xd4&Sbga{r;0RTFk;x{@)n)
z_x>L)bH#z!cNeWVQ^<I2*i|u|@R)mNq1jZugWYhdau&7ApCdpzN>u#7G!;Af@Uc~j
zy_+C%bT=!E6CkEfW{Xl6g=V-Y$;YTM&O%?dGTo-iMhJX~z?%eqlfYL1oW&kfEht>(
z+XFo*d9~`vLvyOAduFpLO;L#p<harVa7SwrX%3Sk*n_zAte3g_y1x{;zbLMG3;Q(z
zN|80=qW*VDTvLqP&!bx4in!)%fv1(s7;f;~V^kH-!~;lXk8H+v#G<%rw2gsMWYxH+
z|6LMS6=|!YnS$^YaTPsMPb--*+~B##s6L*F2QG`N7*k_Y28tL@EOWxGfBa{~NhE}a
zTo1Q$w_koI=cc(Ta2r3L7FVJ9`Pb6{#&!I*fx^Ib_&{mb;3m7A%vqR?XOM9nr)^vZ
zx1w}XCYEs>gka65IMdpkf;L*mmP50Yvow~MVm6+Ya+`~szw2JN-+6(k)FNJrE$5YT
zbGuT`WmL08x?1NlLS5)-?XvVYSGgMZ82`lg$CYszRd6B`gn`pb54j#$tL-LaJO^6@
z<fEv=Q2QO622D?o|Cy%+(i7gt>{-E#q-1Kjd;-9#_mjsd^*VuX6JUD3X%KubW$GgE
zO9WmfFg@!Lo|^Tb#%RqNp%7z2-k=ae^@Qa$y&gDs!QemGuf~L|n}P{}=Yppdup;md
zO&(R@xIlMN2m2AtWd3lO>|?5BW4fAZ2<?-k=Z?_+4;mVaOV^Dztbb`AT)xqk{k5gU
z+G1$i#U%{<UKT%ZWlM=|<01WTEVQkdSj(eY;7Vv4w%;3BN@ff<Cg;A4I=ij8jTmxY
zT*7Zy18Bxgk1%h;WUS3iINnB2+%1dZEc;<1QdiD<hqm)>W;^e(+0J_{#5KnT7)AYZ
zz^kHh&l!805|3s*<E(Axy{3rQS;Ay7G4*lVd2C8b-)q}>u|vZ`7x60c?-O{Iz&8kd
zjlj<k_yYoe2%rQ2_?M}Dl_~aBGQSv4=jA7r3~gY9AA6GV+kG&qJEo?-W>UU^zQE6-
z1yg^4+#3BY@3{rV*oL$IAHPXD$ywze68Jv^{x5+70pkDIXT~~GevhIAr~o%fZz5sw
z%A57ozLuNw0=@@6sOKi>l(z@}`Gx*r*R7TKnVCttEcREWM74%SrZZcRPan+VK!t&3
zRCQ(*C2F!^cs!9$Cy!@Obe|f)!3;1z$4Lxu`44of8KNt819bX^7=`!SUO{*~`gqJ4
zUucIEoQ#?-1WjXfL&(tzNAhrM>LIuCTYM*Dbb3TOnx-=@;QH_h_#`)#YsNViId|G^
ze%U#XX*PD0pH~6LuUw@faXN-6-n`Q(-XL!-Ggbez&q=zR^LLReYId30aL|up{<CS3
z(T!g;Fo^E9umS}|!UNEa!K2Su=*H?UPW?IS*NuMMhL$k5h2~Qng$<@$*`Q;LRx-DR
zW@$$%XmV-LVbxM-R;`>5>ehUYV=GMz$y<khu#|FaommR43RTR_Y2k`F`TVJv)1)}V
z`gY17c~eLSb&9jPi<oV8S?WsaNtPdc1>E_bF;co*8)BgxsLrADN1~Do3<<nfNYVVY
zbePRLb3a<%)?<!Z0n9ntj}|-nm*$+aw9C1dIVD^%r|IP)&izRwq*{wViJAAt6#gV~
zA@sz_>6GISxjOz<SC7|qsIHt0u2f)7zU0RdvY}W)YINPAX}7~&hGczdoGSpt1plm0
zh&aH&D|uxfj<)fukJ=HeMt~Al9l-8Sm^pKFs%gP9<U<~w{^7wj+pDxZpn2)q(ZW#l
zVYXRxU?XsJhs~ijaIKJ_#_iV|cf>2Xw!61$CpoxRfv#3Oin|GS=?={d$+Hz-S~oDE
zd02?Vb!%DI5ppE$>ySNon8vHDK&dlxj&Ssk0}W{1*Ome3QT_t=p*Ln00do*$E)|$|
zMGcbPKoiBN5t!6KFazCz=IM=Xizm|J#TT{Z@ClSvd+&L-wM=&Pyb157fbSQ62&eJU
zdFR)?8W~wriY|LKGLcw#zUP&lBae<HR$QC6qS&-+Y+hTjwryh0ieglEbIw-rc9g#0
zchnlwd$9E$UNA)J#Q;5yrkMVwYPDrlWgqU+$STAH{qPrr+iq{T>6QSXkqRN)`*6iT
zcMtmQ6i&Ixwh-w=XV4hGv_YUn8O*|C8)q)3ci_Q<kkEK>{~fwFJ}{Kn5y|vc#5USg
zR;2GDHZrCAqocJ{bI!e%LJ<NqAMenUM=EY%Bk7%I<;g?an(!tbZ`E&YkZ)3h%t4?v
zhEub8VAn2<tkpIs%=8OYAGn)|dLNCq4De5!vYn`JIKSrH(X+v8^Ojwkv+UIuiuFxp
zKE3A$&qi)XeSxOy0>B$9->07&H9~yhs|)QmS@B|G+m-MG6Lkw-KlaM8S06w7AZ=pU
z4q~}>-p9yyT*LXLbezM|5o|IAfCzP5)c-DtOKFb-#V(t{G0MjC@Bnhqu7&Ma!w=}Y
z7UsnEc|70o1oy@57Cs^-2qR-#{8O>K>@YJI4l{F`I~k@VLkZ)u%SMJ0W6dtfV=Ux4
z8A|L{*=3M(j$~-CEHk3UegpU@=3cUAq_cD0Z4fn{;LNxhtz*O{k#VLz&5^t?2{IcQ
zXO`l`t?^tYYO@OYDtpB+$+$}OaxzX5xz5hMhv1{t*;$A`leh!RP@Vs?bZF~mAaeem
z(N8n<bRJ5FLB55LK5LS1vvep10<6*~c9CThyNvm3w34w56?%PgX%Oc%AAtuJK5KaE
zh-IkII&+4iRh8!&C&??;%ja6foSdA7(>2Z0`8{{KmV@VP#xh)!;<+gF{|<z`RLxik
z5zMzp-*^5SMnCor+4|8@%qAt$)tHI3RN9=272iE-%&3YvO~$HDXC-1%y)-8s(;2Jy
zEDVO?##4=7ow167mAE)9E8*_=Q=OHV+hJoIh~T5^7JVz_Yy)E$tn9+$Q;-ul5>nAQ
z1dVLYbob#f!_3L<XFv~X+(h=76Wwrwk?l3vhPJ_{yH6|RSU~3;_JP>2^A5DkG2US=
zYoCQ1;7$Ruu9Umu!}wuPojAIKL_hl0O}Pry!OY2l=C@k`Yo~fV_0hhZ1BJhz2rQbG
zps(s7h~G3;zquIQtWngQfS0S0txPJXM$7w7u17BFKX!}^5$LY)7OkfFR6Y!FME-d^
zOeR^SCQv;~q0bTcMFKP#U~28!0iyc=DSaGvB^zdD4i;$SKb!4LQZ(n;JDAeP@SR=e
zoll-it-8RTXj1sPhdxmFa)j<j2{3v-TCVLksrX-|w$D%xBzIG0GFrn9W;QWirv%nT
z=PC3>0?!f{A@C&vZxZ-T0$(BUYXsgP@aqJAgTR*we4RjynoJbELi4tqjz?T0<TY1I
z_&8?u?WlY2#Uy<YO;r9AfYbHwd)<L8Z=At-Gl4BPL?PZd7F#+~Vm(@KI8SaK*-LJP
z_cHCf?lYLV6^8R<J*ow!cPp&tCbz<S%L*cjWGJd$-~I}AXe|G{a&G%r1cdkU5m*fX
zlp@Q=Mg4C~T+Tecm?^k*g$nU3C0k5OzA7#!SJHYZ<S=3=dJa1`=!UgwghyavV0#Lp
z$j$urZ5lcCThG1u+*^;9n%FLA`0{Hi-v|v)eq<uZHZ^18Gjr@`Y;ZQx`R--}kmq)_
z!731o`(I)QeV%uG!GpDSPJw86#wqLtr|@{#S=`+!oDAPvet}VUba1CA`Se{Q-p&Bp
zQg#`1`Q)7frV#uH7si3N@ZYgXHI!6X=f$H|lj?ve7M=m$FcXTCb2`QfZO|e!qBtj&
z25kpAe^#xW0e55eC~w^iC{D8!S{1BF_i(DVVouHnN!9vBJ5dTr;d^gVeFW#aFj_H)
zGgp2;UCqSKrpsg!JDXIuGqqU7TqZ}4er*=CBH#RHsoj}><W#y8(`m&J4x~+_LprS}
z&Vp9tbf+;Bby|^3KDy8owR%s~{lxb~z1|aZezJR_0{`%xd%-{KcA{P&afcI0c6@q<
z&P2@j_0cJew9$tv7%V&ju>g0*Bb<qt>H$WlG6q3r`g@`#iB_`+`O|mbSO=Q_7|~u9
znt%OR{f1&xvun|a{B|_Ok>(GYy&x|`HPjOpYJa0f?UM;8qxNmKjhv4nJ;@H&Yr+v1
z`I{-f(t?35%%g9!$b=*5T{y;>iSOCjEsAzXtELoD#RmqvPaf~>-l4fKV2T5#vDXwz
zGZ|r{hU4^7BmsxkqbNN-E@ewnw%FHySvtYqFXcir%tNA0LuL8zP)OU3vXZ*sA1Hc*
zz|RsO-liY_ab4djlhsrihrzTGdJbWiJc^8ZEV^s*1{jn3AYNjo+z0A0c@8#ECeOjR
zitkcojOSoF0mfP|uHsF)!B`7=IW~c4y7Eg`4`}<Xr|xgHWp<PL)AX<+07gSU^kt%c
z?%8VM7dE~zkNAa+#4nV2`2IndWc!!*ofr!b*mgKR;d)=h=9hEZ#v+SxnDEFN25_?Q
zxTyb)iOY&OxY>wmfh*!NBHHyVC0k5OzA7#|2d_kC4kL!5ygt-D0wZSgVOki;6Ono6
z*N}sYWg`g&tWCNkE+bDBRP3@Dq{<Q>r^?Xw+YzDW3D?!|fVRW*4`T<To_C_bgNuzF
zrU6G?A>?R+9LFq>lLT4_IGGB$=mr6@(@{vWPWwtX-Sjs2mfhSK@ooN~G45Ngp()DN
zgB<)qoL#q;;ipUz<%Y`IcDSfq)$dPLX$Oj$E^H3w6=mQlRCHz|O>=$!sCJ+hod2J~
zB9n)`kj8YAwGd3{bI|sZ-^xLhox)h?Qy>tWIj4KTHGwbFE~hg_tvm1y#0;;MK5RxM
zJ#5)EH8<sK3gl!+nDeLoPP`DL{T?z9g1&~E2QhsO*Pl3fm13SO$vDVoGY;}wJRLcj
z(HL(+@?7Q}%6!U#vX@5G>ej=?(U_&UCcrFhEd`Fo>Yvg%w<#H~R4=E!VZN=MDH&wu
z+omzi5~CdzU59X<z!-m>j%S867%Tc(%C20ftI0@8b18jJl!EyQ7~6aXGV;GS`bpQ<
zm~Z6Bncxtd8jND-=od`BM+(ns6p4E_pW--*T|}F(%Xn9#m5h5fOFNFw<kA?`FvgW6
z$Lw<UU-r*(uJKW`^qJ#Zn=Ys;=Hzk|sYch=M5KrmO-FR@GTJrsS;_Su#z^V25=Koq
z@|ya06}X9gIyVu!8*Rj6gyikmU!ylow9b_hnwV8TTv4~}G1&`yCAu==X)Gjn$Y{(p
zE5vG}WDCjTIL|tpl|j8m%zK)zlBxKQp^x<S99WZQ@WPxmSzcVRYplMl7;V$m>*>`I
zwdPCFBCPeGydD)&FDfFwKTRdE+oe^v8OauP1WsVomg%xhf|||S0%VpK5n#mjbEwTc
z=Erakx0X_wea|}-`bz@DXK9u`e}#}*V;_I{4iyJ63lUH6VX*;vn;y7@(ncsW8|{HY
zX1U4oOH&ryU%*U<g_=RFOgpXBop(8L3TVIb8~~^JiQM1q`s!Aq_jkL9;9oHoYqBc{
zrgux4nE!gqD=p*kR^|j{A_AQOEM*|LPmLVWK>2}-u#hp&h(wqUTzs0R(SeJ4jO}gL
zbJKx~aMW%qh$tPnn3(taj#qXR#TC#Q>=>g{5Lb*m%0P(@>Cykj#1-sZLo)@pu23PK
zrDTg~$ydb{=OD1xOCg65L(y|Pv>Vo{5gvJz=jQ=bLvnqK<5GWYe}m`G8-n|r?Sg$0
z6*Iy9vmhWJuXQF*r?+31*y$3jIB=e9*deI*pR8q8?6p|x{Y-dYb;maBT$Js!TM=X}
zeVObs77(4R<+ka@eSsfvKUqltvX&$TWfvT=b5g;)m4DiaKm}3c&7V&PK-TizlD$6w
zsZxPxz=7_xS2A$)B@00m?BZlir{iKhiPSKkk~CXtgg~HjAv!07NKkK<YBchizt&Pr
zP+uuG7r$4m*Cc=|)yWCqigj`yC=mW@MkKJxhw$Ir>A2i@H%ncdP&DpMyVFs(J7<K+
z1sIVy&6)2x&Y8dOG&<gVkdTXX-DgD8+`2m#kZNF}5=ci$t&oeQV@6Ss*pJvo&5`AS
zt$hqLiq&A5Q?XgiDI&7Xu}K=OG=K5stu$iBmuIw-5!q&G$GJ7RH0D?g>Y$I~%;yBL
zrOzDSI$dM*RmGfqK2*%fXMV+;oY<D)EmiEe11N=HvJ}?|_e9sszmbITCdRK$xQ9Ww
z*WiBy{{#3R%S9`Y@PEwrCNP5MOau~?f<>ajb}Af!$$bVBPW~wZ-2{#kAjuCSzic8P
zTF~gaMc+3GsgFUNBtdp7xnvLgObhrxChuWjMoD)1a}pasZPSS+I<?A92bz39Cv#SB
ztE(_@4wR6c5AdRS32G-X%hXPi#A_FAVA$efCQ0yUxE1O6p~WucbFxEXU8g|4#3(;a
znr^X1vb99Hmv7}j{=b68GV=e2WR8@&IHxov`Hy!ZB3Gf;)>QztPJJiuL=Ngdc78eA
zHsA{HcHI;RYK*{c++}7-@CWh~*&M-wUppKD0o}he%z?Bd+Dfh+RX>G067F(Z<0f=Q
z4+kiir@zCA$biBulW;JC=78E~I-s^}ME?$6?o32G_MPQl0|O`3i=#x>m^&EI>X)h2
zs7q@i0(uh-OQ{*3_MlY&!z#T3vZtEzg^Z2&x~-MIHDV3=MYC?ID)a88ZJA|eUi4z@
zJ=WS^553Eh*Qe?=V=J;ODc?LX6?4Vr`s_F=h8X(rj8vV4qhb@{JUyA2V!chF5dv=#
zAO(rl@AhWR5bF{pThDh`YdKSuthBV7+F-6(V~ee}6<lYFZP4a<9cn1&%qXsFU9?RZ
z7WQmfbff9W?&j0}dHSOM0f4^L_@Y<oki7T;z8|B0@wu*v+U3Q>ii!CPCmQBY%$a{9
zTt$bm-j3fb9~adff$toTXdYq^AZw<gxbxzA4McX1i~8Rsac7Z^d@xfGz9Q}<kKlS5
z{Gk~!x&b{4-58^S@G--~dL>A|xSp4_1}4B^GX8GYcw%)avAQTCu(g!fiooZUVq)u9
z1m|Gvy7&}8F|zIAQ>DnRapYltm-RHBparf_QJz+^#kAzB;;wTz?NzS^IgA*J65mHR
z#!z`;wI#gO4AYSudY+3<X~8mx(q(5^ER7w!-}BD>!Gqfjt&KRf)@B=_*MkHKn8RgO
zr1BcNLEtI;X9ozA!e-Y^Z^YO1L1VqIO-Is{#kNu-&aOLk{kecd6zQBYJVZV{v%Q^J
zB|j|pWRIL4$|?h2LG@=gQx;8ygEI(nFb9B+roW$lp{^M=%aVkR6;2kYv|Wi)g=P|2
zacf?g5(j&?U60=L(-ob)gyK|ppJJTq4#f=&**s|<Q*O8g;Sr$OwC}L{5eTo?neP6a
z&oqCt?a}r+?$Jh#7SkfmS!*LikR8%NY8byw4KusLWQn&h&7&MRY$s)vjkhpMJ1QBv
zxXi$yO~G4WU;4c^e=~cOw~n~#3av9sp;cnV+$OJFsb0=2O99>dEhq({a50rdBzk3+
z<*AN5q`5iA=s~NpNDAfOmcm49(w=LYeWqX9-kBJ`)i4vvh;7exrMEK`8I^K!ZcK{u
zJ=ZZQ&i7mgXJP!tP43G2f%aTKCneAi%>3;qyC3?o-8YH<IbR<runsuQCi#>ar6YZx
z(RNa3K2u}eIFR%NwsZ7#Kbd7o@^2yMnFb32w<BR@J)<3i{CCL7C{nf7g0nL^N>|Fw
zbRGrj*M$BTsNiCX+IIrTWVgf!@X1y=U!XESWjt}lRyh$1`Ds#~&!QgH^|UO}^JZwB
z!}y#sN>LNxH!~5wwF}s4mFdr7lQhn9;60+bsI_#hZEe(ez!_BYZ_#SybpS>p-gJAH
z*4*&;i3ofjdvVL`b>5B5HO@-CE(&uOz5c>4zi`XrP6pLEE6y#!Iji4}l~(S5x$Tt~
zu6u;Q!s`NV>0WG`#-?)G2iJSt4Ig*B2j6@|QkhQsEHN$lDvBkVtXX(;29Evk&<Rp2
zJaBPIY54>AEiQkc6nS7=)c-Cag-(H`=w(ZIjOFCncmU}Wq$}8daZPCjI}>8X<TD`}
zwSyeknGkxIj(J$&aLfbp{L{^9bRTmZ`NzTiqW7C&KcLN8PsG$?RLf66)L<1akY}1!
zI*P$%b>eTxm8bG*?(Efym-0GOEjB8IOQMa9yUci+Z{3~Yw$HoYy!$VQ3gO-?W<`bY
zQZu4L_^4SZ2S?h=q;4wa<dhBQ6-{D~EefDl0=hKvUaZqTNFX&Q!d@q{C@I9Km~S|3
z2L)~I%6|*nk{<?rWBQc&jE%yZibf`%GU21gO!<4o-r(jr6?4vfEI7>sLk-P*D9j8s
z!g>$i3m@~eu@=2NGzg!Mu@1KK%WUnXmE9C?RdCP&?uGpLZXgNR6dM8!=8Vw|rUPGc
z1?jOIT}pfWEY`ZeLls+%W$nwdMY!_@6?EE%N0K6KA0CaieNEPuWX*Bo<h8Unp8>&>
zIS%hOPr})a&Z4pxP}IZIajsLX&ePTS4O*zF>)As6ZnSA4+IZdPq2=1gmg~^8%k{_1
zSw`J>WN|67cmy7Wv8o;zkE||5Agei0Tz^1=rO1JCq_e+ENRL2rLea|<#^OrhF-tmy
z*PBJO41ia~15Ci|ysn-vlLmaUuG;Y9$C<n5E958ZDr_f!SLo8^0M>PNfp*6Vr=<8o
z`BUktyP){OHmChRsdA@JW~MOZkr8}mf*z^qP^-D9A+yFBS<563nt<RmrfvoLWE5FI
zpLE=rF9SnHp?NdVHEeKaFvZCOT%9#jxq~LD_>X9#^C<#rnaF^A(@myPxZ{A6Lxt0%
z=429ZMLkrRJegI6e?ipAFBsIx#M0GottvL|y5Vs%(!@U<Y4R?)lU`a%EQNg^X<(L)
zMV28r>SCZ|vG;>{9y?6YX0`{jK9UXSX|VUR#I)qAVv4rrn>maaSp+8Fbc^m->qdCg
z#S8ENvXe)Fov-YK_X1c4?i|B*d^jI~st5pw5^yI3@IAox=9?+F1!o4-G(D|ki)qPM
z#b#=nnZt;o=sBpk=!Ugw@_YboknJgmqMFGh4OehHk3q7F3R>^EdINhvjyN)8UdE8&
zxHAW_G8gMRn*zeFgLdZotvmBgRe+NVTdRp%#hl!{4SO-%%y_2!z^<6F1X}8HFcHI3
zxyjDtWmP}0OO4q+)f3QGX&CEUgsg~N(vE3$kZY!b<sME<Y346c!IufVO5j%ryas?W
z=6=F57U}Dh=}iJmb{WI;(AXgw50f3zSfQm1)#wP1eAW*R_re1xd}Ws(O`SFsZw`XV
z>1!BA8<d~L;~A?nv2<gxansCDNn}2bA^GwPUwmQosnTL>8eCIcyr%3-lC#fh2Z~(A
z*&})o2a6ydKWBsokVP{-A<aq$I&qM?=_G+10VqQRnQeMYQ?DH*@ECz^0tLEDCAB)p
z(o;S}HwcjGQX%CGDN=Xe^d@ka;>sG|LD$V>(3kpPZos!zD@K{&dXtIVeL1K#pGhre
z&s4?Z!vljj=TKoM8mJAKq0=-vEt>HH_NukW*{9`!LRJm%B(+LUV{4D<C1;yzcsMsu
zU`0=Yla)!JsQJEp2O%|Xb=G+@-<us&WcrF_KLJ83vPgj3cE~hmWHJX)=U9skF_*8{
zwXI}j((kDAt#=L2pZc$MC_6FZnwfr-LXhVPvP@t#fwcrq5%?y7_XxPqQ<|ol^|HO^
zvGo{jA0Eu^kWV5X{se_){&kPb<@&DB@;?RPGs4eR|BbNn`$G7(S9G~=3jj9=d=M90
z>u$S!F83_~;QG9PYw5`R_XYgim>Y8WM-tZs{QOA|`zaoM;sc7lzo^~i3Z7f^zCgdX
z|FwIStMP^aaQg`uRL{R50Nl>GEU9fS*YX<z!P}kgm993|4T0e8Ue|Wl+M5CZn-c#Y
DVx+^a

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_scanner_filtering.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_scanner_filtering.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..b24373bc9f9762002a28617b22cefdc2c9b0a005
GIT binary patch
literal 25818
zcmeHQdvF`adB4N+00KCGAjF4WFeS@^CBDRmWI2*8QB-6qA!VG9s1Z9bM4U)i-~rwP
z^<d&yPSTiZ(ne0K+UX-<nq(r*v>i1wok^4F>mO%2O<F*dOy)+JaoSEh?o2b(!=s7+
z>i6wEZ~#F8lqkn>bppTJ-P_&U+vo3l?CO@+>t^7(`Y-(R|I^Aa|A8L;a%zrS3*flO
z2n=BaR<ImqiG|*+gErX`W(MuV5mui#i4&e!4|9Vq;-X=;!|uU4Qa9)!o<T414*H01
zkSF}0pZEs@BtYZX57!R{Nszi7hZ_b%Bm{2f2;XB7xEAJl8(AaN3$Bqy!3}@T5l@dp
zsKfB*S<=+Rv@(LHg%P|X!CtFcV$w`QeGtm`TC}hh8s>+vfDyKK%n}Jsy%&>Gxo}RD
zb8`4(hJ=ODgd~Y1Ohh>|Nk+wR?p#(3pG>85B1uVO;S=I`;&duQ+THF?B+{v50+NQK
z;tP{0B2I`B<kHu^Bb<<uaPQvjZbR?x@F&MbsbZFLI6=g)oE1k?CsSf_dpMbrM>D6P
z02wKLE}R?B$Z8Q}npL-!m6TawZi#d{EKg>$8Ilu|^qXY&J6JhG5mvEh6S>jxh*RPF
zvy=PC=y)n8j^-wbsMH_OiX$eYT7@Y7Bk4pAs%oMizI`l1&MBTFBy&2I6v<JjE2R#r
z5JI5NM8%_d#-KiB#f?75XfmCH*ZTBiN79pHDG5THTJ0+iBEtKnQMLJ0YKL1L{M~vU
z$VKM38VWS3wXzWa4(y|y&>K5g!6w+-Z4w(}qnJb46=Ql?H7Lv+*ZVvpI69dadw}g@
zH!~6E)Q)~4!ncMK;nUdUw2x>X7(SEAjfZ7Xl2a$rVmK+DOu)y<?FxTt@`N~=kxr(@
z;!wTgQ;i+tnF+CDQWi-^J3j1CpT5^Jp37zB-5njLcFAptY^pt-8BL^j_x1F24@GPW
zm(?m)sT(C?61rF_k(L#gC?&I*6m&Qxr1#Z0_SLxBSLInIVk7uPiu-VE|3GwT;OKy$
zI3}~$WeEolA{NDkU5!A~$qJ{JUB>DRhn2qm-6PR~Bf}$tlprVjGf8oT4wI2d7%|it
zm({_dy%L5;dlq`bMB<bfhf-q)AZsDB_3$U}2Xdad?O;NW%r|T+G;CXFisZK)$Ttow
ztl5zdbuT>f=na?M?>K*G(ZkriuMEFDeBqg^whh<o))eYm-)I7ox3%7aTo}b$^2Lfx
zN=%5O=3d}|SU4Zt`Wz7GD_R>fObq_{pm)SrAJc7(vB!;6Q5!@pyN)~bfGAd2*>#-G
zo){R#_my4H|CkO&us-2}K4hEPWb`39F_DF?vUFs%D{KexLpBi?!75W+P}46=it$vE
zYydwAU|=At4ZrxPG5!+fG0W*aLvbf^Ig&at3C*VXNa9SKh$lrNN~5A2aS|L2w1bc}
z=)zA`8vBQbj_!MAXdoINj`klK5ROLo9erkah+yR?&VBnJu&*a#q2;56(s~PN!3bX3
z^m^lv2!!FE{81q1ng6U?zp!T0La6n^@J!dt(V2t!`fUr|!1ciT`M}mfVC(gk$LCx2
z7h3jT4{e?gZ7+njF9g~af}w@R<{Lq`$Faz`?GCaI@+z4Z^ig~3hw$VgGr|xSRx4Pg
zh*hu<n_wNWk2vsSVMVdg6~!soN4OEkh@;1X;etbO_Sm%5#w9pL+z``6W7dJMnA%Ol
zJSAatEh1jQGva`7ALQeuvG@%PtXn=kwZI!L$A}-+Fj$M|8Ws=&q<+j92`cV`FmBYT
z@SR;ytf{^G!Y3gpoTbwvtOW^Js7PY;lpH=Yo*Er5T>>Bw+7`l~$H*|r!xUsp_;g~B
zOGXIxdpbg}XI*5D`O|P$uMQX^X=B8UF|+K@tVQw1%d%7a`dTF>)fd2oVw1)6Nzw)x
zm2?a)9#6rn5sxdu;#aooflp#|?D*%Ig>c7JZvDcxwrSfnZar;mQV&mv7syb_7hnnL
z7hvDK$c!<h10#ljKnLwcH>NBphbJ+agQYl^!m*<?n#y8+@DwJ)o&n|IJZg_K>H~s}
zH@AYP+Df!pEf*9CM;Lhw$Sg~XCu2Tgb>xJ`#9Vyo$PSxISTV+a$U^o3InP|@H_r1r
z3;fPJxAQJ##)%B@9NWRdykr@o6ArC3vK#X<mC2V*$+@^bo5)JDsW7FF1~4VA%}`<f
z?RmZ}&$Zp92sl?<giaQPd-<hT7fZU}(ULN)r!Ow{M18JNJD{?)yok%iJOr6*^|rtV
z=lRVAesiANtaiA~@UU`MTUmqK@C&vA(fcE2T+$zdNfDt|ykr93VETv(&ktiJdXsOM
z=eHF2EqQK>TJ#`1gt=bBYTCHRa_AQ}KOHsW;DB)-E{^+{CCGdNP<;oKF~}T(S4g(w
z7?)l#n~s!@SUwJewT=lhk{x2;Kv84ZJ8;Eg5qmvh-we5g;ZL%iWFpofg^Ab|mtHV{
z8)p(k0>mII4nQCo0xJ}viFhtG0n-;Ok%~uy5b^PZJRY%<9q<ymq!3(pBMx<l;|G(2
zKwx1c845FDVN9n_z&xo~NRB)M&tx2WVS1^<tzMtHU`bSQzO1Y_SGxv#i;sse8|>%j
z8Nerx;4Jm?uBYZ2p8mmxOFLfs-I*P4g|__lhG|#6;pyvq^TL{q3!z3_yVkB>XkL4x
z&f#}2G7gvf*Eg+9Xdf$MlYBYUVI!U3pc5CY05D4;l7U&$9gk0Bl9Oq4d*bmICKGAx
z2_FZvMdVyMC5ci79y{alWM&i`HXIs?Rn8I81DPteWNI`=c4Gc?=D}H(>_xH<36_8y
zK!VjtjsQ_Y@i^2y%#QIQa)`&(*#XyGT6ts}x{%;1C4UFV7nz^i4lUX&_V!D*OTw({
zHUrK@j<tKye|giTW3#?R2E0G)xsA6)2W#Jze{3gucA=+z#x^5-8`6Oj{f}PCUGASf
zhyF*=|JbE|O#j&BVGMd~(Z{Uac*EthyWb8rzF~d!iA6iO7adIV`Zt7cxE7u0b2ILS
zJ9X${fT+U*OFasI#)Z=zUbp&yR00nz46!3@AP&I})G0WCa)J}6OW=rm%oTAf%}1fn
z9;7^Ckx@csNPZ^?`A!`&F^DFHP($i>X92NQb(XDtR4*@<*%-=A(7qSx(0i7ZSQFUA
zfyhdh;viNTA_%h<hwZT)I!i3sVz#Ibr|=Eh)vMhld(2)52uqIRb$Z;GL!TxjfLWPW
zV%+XS43qiBRxQFu*(6M&#|^+7#hI+^0;b*(bM>%-^Vr!QOE30RxCHJvVg!0cab+*N
zS{c2Z*wd36OWx8@78$&)OcB8AW!6iXfF;UQMg+)ZSEba$tiTDb6_pa$Bhz~-mNI5v
zQaUJ)DOJVN6;nZ}TvcNmtyVRrQ!h=`n4BI{aJSprppQy!p-%9`+?_1-)g5ovE7g=2
zf`hWFm5J5qdFgkN6})>`$pL@PJ#6-k$~{x?;p&w6X%uI#vP*IZ*34TmFYTXa^p;P4
zp`>n?>zz*Mo&2$hV(&D4LFM-F=q0Zjv-Y;|>Uj$Ob}Ow@pAZo0V?M2h-7BbJx1N`N
z*J{|K)^hg6m?et5LfIwpIHzP@iaD_!C4bCs)Z~w9s!2c8WboLXVoeGSt3HA(`Zwui
zOVl!gj8rg!8mhJ$ufL;eOk)HIA+6N{!WyA57SLL)eg&;oufJ8lYpupZtNA78m^aci
z)jh0=5<$)gfD1$q>bj#XDq(p%Gnr0;VAGI20`oX)RYEAFA`$>pIi3`=>C8ElZz}bs
zV31{<PK|<?&=dx*08AwVkAqwwc@7A;ab|l57q40NJ<Fawv+UIHqg%7*dLy#?)0!i^
zCycJnh`bf=-TEVNXpg!ga=U@o+%HDlFNXK1iFQR~#hMl+6da;-an`O_AuA+ZNV<{q
zBH8sGpOB&4Ir_3Lc$;E_NS#B(LQ6N*Tf@sKt}ed4FCx!c$poY)5)gb%-+MmOYoK@}
zt7g9ov)`eA8#s!e-L8XDou4kg0qRL{sB!>!6GC=;$qteMSIL`pVnt-n?VR<iFb&oh
zhTvigoH@X2iiSxF{qCo;=TM#pyoVB?kQu;kmW*a5vLKRHJn%SvViGV-N`iM&nWU^V
z#ns+IqsGV5nG=aL#jJ`eE+<g9lqHI9AFbe2MjAk5uLR>LElvO{c@{Wa3Gih`QUyo|
z=_5f3<Q12}s*$r;KBor%6(<%PMDhgXzDgaIORd@+W>1gVv(xP9Q$1=Ko=`tb^>lTa
z<8_)nz2-zE*_EW}Hb*OY(JmP|6P4#Ep(+EijaI!n9yRf4TyK6kj<Wwa%6n)>QwElW
zm+dRaW(>+B{{+V1dFJ06erMWsJ+SuDGlf9kwBvgHhJ4@0^Swib`r&Ek_4?*F9-FIw
zeA@YTpy~B>ude(0hH1y!!RGnkrb2L2o{M}%&IdQmA-^2C#8Oh=BlDd0o8uyRezW0K
z9oI0G5mqSisljh?kqdq17`hLV!t2y0=Dfjui8T@!4v4<MhvxZ>1%BfUTi{#s+~Ik?
zv%q(PBj0mar3L=*JcQHV6$s}$RrghNx2o<rQ#iVNib;&L*SN#<Z7L7mpWn7W|9F3%
z>jzrk`{z0BHwPj77Q?GLu5ta-r;V^e(FYHV*qHM1Vn#-Eh(kG=$_&Bj6)*&Xt-~VN
z-#3=PanCG)ld=R{2}`gtu>G5130#7E)d9`@vjpy{Fr{`FY5<z5c@|lMI)f$f2;Nm=
z34GOA0+4ZeWJ?!Frc@bMW#%ANlyP|_k6;ySU6#y5%t4ujU+FM1`Mnw-t~2JN%)(nH
zi0fbV9$~Nodf94%xJD{~xc;iGXY>dm&~BmZ1`j%pV2sy*tA7Q+)vp6q{SLqtS}*%w
zLW2}ohShM!0x{>4u!3by>R*}saSbgHiaDSK)?n&l8&v(;fL=18an)PPU@i3TsHwG#
zRM1+DRm*RTN})+(GyFoc&=T{n5}SczEdVVxHs;eLy&jPCuAO??U^hzm47nnsu{|th
za^Vu|gmw}Kq(V?kN4W=*Ko`o<-a&{?P9hmcf;g6<LUIaSFCZa6z@}lUUgITn4gt6b
zDnSNOJi=!R)Ju>vKx_)9$q9HIVc&CL!O$vU>LZvH@E)|NDTy);6&M$ILj?p+!7NCx
z4emgF$)~XlpF#2>zD~u!<P{7+^h>6Zd<hAnUh?}$zKrB6Nd5rHA0qiG5QQbGaQy4&
zp#WLMw>{({#<_sxkAU1Al6F!oIRV^L3iQ*u8NpIi3Kl7vwq>viE?q%hIV|4)E(1;%
zHto)T<Ve2t*&9|%&^_%0BZ6SdZ#hQoeR95c;7aen+}eXcFSFko{?p+???9ew%C9}R
zu=&aSo@eu$qIoU~w7^H_Iqi1^LO{`{dsWA^(!heri;p%HlN$*k&H@i;e*dMu`EC0P
z09?8Kc?bYEzki<7epmEBHRLMw8c&Tt$U{$2pgB_CHHf{fn3oX+a{2X5JG1ViEY-`r
z$%j7HXR8ck9iW>)Wu;*0u#`!*t)-G}P(0b5Wgh}r7)Nkbl1>{-&ArOD9|Bpma-nu(
z9{?aL@OPDMv-c?5b^=HOF!%wIZ3hh5HiFI7l5Hb=Day9(6=mDY>9rc}lZg#IWMW|q
zJ!E1l>$OUlSYb`{5pCKr-9Xz_K^LPlETEHV%=|RQKM5&JtWqt^Y7=FZnveb43K%6r
zvn8~wI-_K0RgBfE7R`;33K*ppVXelj`h|7EdV~E5tbkcHSV6spHD>iqVZ+0E#%}qb
z>v_x<**JADCK);c)r1}RGcb$P6<T35l?a2{AUQcIhIRWQYKu>e>`$e#Sx{}6m`da^
zfj4^&Zi-*ZNa9&EwvaTjyC(rG;J8TQC&3DnGN43+n6)sVRGCC%jE$TPIgJE0K;(~s
zfc9$$dCCe*WEJg~{!vSmUu>BCIphpB^cKpqQuY^lR*hc;=2Y=$spC2EY!3L~B1`%w
zSTfWl5wzxs1j=+r<g@q)4XIR?`z3UpNAfa~&ms9d640G9<oA$#5eXVGlR+Sg?RhX&
zkJPIsTldE0s%-45nB~`yd>_d-ksy;Rqd`cCo`rf;Wy@~L*-jRFkIKJ-Nvf`Tf&LMf
z)&3Dji~hJ?(aO;(JnlW^iuEM_45S(7nYTmR^X>cd4gF;bnVS~dCf^OKgYvt+iu^9v
zJ2kXC)XEsj7{dWt8Co~5KlSQUd2Z`h<O@&DA+Ni2<^@U${MLC+`^|A%f$cTCs^c0a
zGQtWaJ~j9)ZYwINv`ip|?t`Qko>Cu}vj+Ff3r2jy0kIbvTV6l=>e(5`_xW%0bB&$T
zo(2AqJl8cdQsBGhIqi3a>&o+wsNSn4w-EsXXGRQPp~Pnd&v9J~{CY6Xomp4l+vYj#
zcZF-4{;cY|T67wZA#7%y;VYE*j9`d#7lqVc*=n^=qgy84FZ(pxJ>z&gRYo~VaJ+Lx
z=;t@1jB>8fif(O*c>O`yr*Tz<*@o(&YD`1yT{UKrhj$suD6mjlHD#2>U267emWnoL
zo(?AS8P#?w^9vp0CTp>rvd6r@r+bh6q=?i7-->!*Ep2P49Q3lSSW)4t+71T)P&KB}
zwgPX+1pGq4kO}ZB!1M->V8Zm+V(^!pAM-@&r#`k%3X2oj+&Rr)O2wBGVnRYyfQCR3
zSsHt8wuj{mY6-@{2r8VC%?4E_rA87#3oQP%A;~isk?I7_q3hE~P;oHJuM$e5MmYZa
zf@Y|AAg>{z3J0odKwI5%K&HYm)o6v*td76vt`607OGa1*mhFb2mvX2I1gklxKZ7F4
z!^<ccE=LRXyFM(|FRDGt_Df*>0;IripXapS6%O|2fGJ8b1l-rS?P!Xkg%yfEcwoey
z!>o)*hT|%?{VogtH$g^On*bm8>4GJS<9)M4ao+Rd&(X!-RkHZ6%*Nw4v-rc}w(1MS
z{R{Exs!sb4cJcQZi@#U!t=i&`2DoP9^oj=P%WRwQ-)GMZJnWgPB3}M~&@;z)06GKo
zcnUPaD6`l=aAOj1ps|Lr=~z9vLbq96DpynLP;5peE%Aieb3zrR)eL}8Vn)6TB(hqF
z2Srj5&;1}C8BMCq=tf00Jyg&H6=_&cm}(CZ4W13L1m6r*!8a?+Zx)IszeZ8ca>AvB
zO`Vt9@~uyQi0mnX%^!Se4+xDYRH7Ryhaz<(3Qa`>BuA0NkbDBk>qx$Z1Y48*C6XT?
z`4o~65?oMduOlPqLV}Ei90r2>F{3wab@l`7%@&`%pS>Aww71{f;kLKE+vKrF)Wnzs
zCE&&deTH7Q9*0|Pn;{7YXBTiv19st|%t5*Za$h>F?tT0_$Y$!9(!GzS6KvGU2JFHr
zoPL9oQJJuRnaz)_T&<!dwBmf<(B;Fek7{2s(XtJiwTK_?A6<Spw?10S&?St4^6Osg
zoR0%vqFymp7mH+G)WlPU)iZ42?Jp4vF1JY%?Vi2I<{zkl%CKNwk$}ob1&T|bz^{la
zs)ctml=FHm8l`I~skt?JeHZUwy0s)Vl#&PgY!s=`tA_2*wTv#Kjg8Vld8%?_Mk**(
zb(`^`$S%-sdjK}$FcPx=4ff(;t!hlS%&%fB-IN-L1@tdWE|z@Zay>TyJ-6Z5FHJo+
zwCc5g|Dx4U)wc5K{qKX>dxSNb7`I+%6q;i7nq_)$1!CNw{)PG-OfztH^htp+tI00C
zdFsF?Q*cz9E>=_-6Agmw83Nt^_EIx+lYH0A<iw$aQQPz(%Er87MSpdZbTA|DEVD?j
zp#6vKp!(id*xX8uy5T?%F-Hx<;W#&Hxjuz&#C@h^mgHbnaBrJSd%*G?1<cycQi3nQ
zO{6^~_VKXEl}y5u)wK@zTl@|xfo`}TevF`Kw`c@k6hl*~wAm)Ums$_VsL3+(Z@OFM
z<Ju@62SRAAf0&Hmkr^|9sb&YizY_XYrQEgV@sCg*c{{ZTSh_j$^3g*5?hk`#`mRRr
z*EemMIrp8tsQTV(R(*rgnp(UUmEoYzzE&Ct`tGH1-r~Bx+imE+A&SYT21AUQbLJSj
z53--xYdkO<kcVlzXZNK@frl4pzd5d(%F2r&@aP)XjgoaOtWfm9gQc;ra*(Gvw#jD%
zL&_5Kd2i^5XBqSPdMbU#GnuL%4D*mTf*}ak12LU{cr1)sxuvG_59U~yQr@Vd+8vBG
zDKa#v+-t*ys>=PJOt|p3T;;w(-sk<{DuCB9)cfY+Z0=XRkG#Uq#;kDa^8t`imCKjt
zF<e<ZS^^G8&KSD;q9Phj-Goz|K?JU%f_6B9?m6hz>i)zN;3_#XMLYX<B9T?rnT|)v
zibU3oOiyRhlM|xSV0wy&yvf<bsAz_mu$jLWh)I5g@u;N$wXpm#dQk*NVH^1ia79*2
z&Hwk9?bm?NV>@;5q~BE#6)6W%)Ua|QA)Q+Sp!U`Tpq5SluUHU~O1y8{oFVtL>$ab%
zUspWc;zI+V@MH^Bw_gT6u2g~(4*+}sLRqTqcS8LmA9Sk$0Br5r{?(Vof-%);O<FZ=
zaQrYViU++_I;oi+H^%|T?>shUn%TMIhIAlmNM7J8wX1?O6E-WVS7rIkG8<lssj8UQ
zfxLw?eM#lmMO}Hde2bD9mp0qN20t)=b7@?-`*@@NJ*Kxd>0!k?=vpfs9%fTzl-XCt
zY!Q#9V>BkuCFkCwp*<W>Wt>H2#6(jn-5R^xc3<VeDf_K6*vlNPq~}m_q>{R~y40*H
z;;m>_H3*+eUP5vn$;(JShvf4}zJSEAdk4i%HwG+g=T6O~=x*-UFkaDS3QtkgCsDYo
z^XTUCc~slsAfuI({$0uwHBF(FlKv82Dt`~i^2X?Qoj>`|S6}+lOK^DZ3|Jchfs=IS
zIqi3a+dTb};Zq&gAPiU{Ek>c}!v|XAIn2n2V>qtrC-kBQYzU4?kHWp80_`90!JA0_
z8Of)Rl&Q`B2E&lx8c78Ls5TRB+C282o9hDho_Dvn?2oFdGK>a$D>yg{E0=)t(<AGs
zo=)NP6S8QJP@3cFnOg1Y0ab9$6`WUghQNQPpty`6#i@nS{shN*(POw2FCMFpP2E0`
z89haCK2_>diBZ5Ga7Mo@LU2+{%j&tUz}IP~y5ihRPxB`(bm5>^8qLYnQ^VpX5^(4l
z_Ah0v`KflcR=a-27V5R>nf>G#x*|xnA)!h}T4f>hu0zrSMBzT7o>aS+Tmvtv5M{(5
zi&mCpZ&>WC?T(LO*)K4k_x^&}c*n-EmOBiP8%W-*XV~svFdd727rSX@?QI5bH<~=G
zV<x!B!0i&8`U<!FKH*)w-`=p9bzj(Un}OS%W5Cn0ksA!sJH*n)K6;Y@LQD34pUpTb

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_snapshot_store.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_snapshot_store.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..aeed0115fe5b6b3eaa0168c5a17decffafe4ea3f
GIT binary patch
literal 37491
zcmeHwdvF}bdFL#E-5o3*i^T#2Nb#{G!N*brK)m>nD3KIJi>4?(FkFdeFkUZ#CAbo}
z3(YJk5th!byEukyC*ob~7<Q!;Tq?PMcey%Na;ak3S9gk2S7DW%)Gn6L!gKVMs_d(j
z{>T+%(Z!1XxZLmSp6;1l46%erUZj|VMbFngUq7b1XZqJ)fBnrz4GjSW#~U|-FE?#g
zl%JDF9Da-V=oX0YD4L=xnn$a8-lJEsbM=uLqbi~t@#?+^zv9>Z?24+ZI9ESkdnBL-
ztZQ|89l~m!uRqeDH?T18^NmM>dhke--gG3ShmJJs%}2s|IHIh@pVqAT&a`NL{Htfe
z{XVUBmGW}U%O1V8UD=>$fmMoDH&De(sIOpQ^$2T_VQnm|5n(|Y*3QD35EhbQD@UuM
z;fXD=bSfLkCXK8SIhWBR+4ISWmQIWt=QCL?o6(bz;jx5abbUZM9*cU+niGlad7K+c
zxT0P&cyRpU0e$#<Dw`b6UeuFj^Rp>qICCkfCr1X8M&_bEoHUzGj3u(j=fc56HaVKn
zFPrrz^vtEyNK!v_c|2(bwBbY=+!x2PX8pLHIhPts#?L2=^Jar?r4dgjE+kE#o<t_;
zVXG!sebmFP#{WmtaK57qd2nI}wN1=3BzXsG#1;EI<P-FuDk%Fr#Ci+)2Pv1bL#x(m
zG_U6Cs?z-39!=d-o30uP3Z_^U!fLxc-DtfST2HIr<LgkO4HH`q>Pb{XBoQ$Z7skg>
z@$%+*TcA}^>CrB;^_7cflX^OdW{Qs_$Hy|4FC^31kJl&0$BphwJ>7Pg0s345wbz{<
zO{HJ|c>VcocHDTPyZe>hMrUF?)s;$Tky2u;Yb<g0iJkrZeIHPbeH>uyPxN&44qUA=
zRUMh6h7*SAO<hQgCO=*!QZ<tLrPOfJ;K_FymxiOYj;6^{8`fS-r(V67jHgD-8rD`S
z8j>}!85*~mKRztmKjG{%YBD`Co<SkaKq8yfQ)e&Yp3O!*@mgF@o<mnkBlC~zjm(8)
z<h6vJM)iE$(z~O#zjH@VXV1W?o*hs0?Ra9xjxT&J>N9IamoZG$Vm3@)Qr9y&(lk)n
z@oee>DjBt}Qv;iUlo20K=-E_aEUN0%BXsHvX5jhQGlvF`9XfSL)9LMCwjDfv?9_qJ
zA3HP{KR$Ty@FDHg;DJ-0KYmR2(pCR~0|?yNuh+sCt!8QKb#w(a%bx^;syz~kn0*JI
zI5T+Y#PKtDp7e7EGb70}>}foMTFf#sZdlJ_+@J@tYy7eqieE^)l8m!kK#FK@eLK<%
z<KIZZ`Kod|pfqimU(q?=JTTv|>Q-n?F|;)w+Inl%w&JR1@~fV?)!I>P-JWmVJ|F6z
zkF1|Lnh)=pZ|~2w4SX05H2J=I`1T5=e#LzFu`Ao=n<Kf<`uSjJzO8e<b^Uy}{lf--
zy>CJBdwm}vGi8_@afnCjqhkp9j&erPJ$QlQ#i>_oReFt9ea1@<OMi{#qZga*bA<R=
zh~E*SvJh3P)oVw+(SR8`h2~=KCGq<CpcDB_tfp}O2BS(sw}^;ZGrCMQdtn^ynmw=6
z!+Wgcr9tgWZSm1B(RANYVjj)YiKfB>EMFf(be$csssSrhtJ>p9R}WEhvx8m%2&sux
z4~pSKT*5hq`xY<Wh%!Xof*rA{LFyJ|$AIM*d8NHW4T2@+m7zY(o4FM8KXF)5GLu^^
zhUYvZ;2mld{DVz`vd<Vsd@;4(qxnyd_E!y9EvBhM&4OpJMNsy6gCffHBmzg)mE^L*
z<`dKgWk|j%MVUn@6RS#Mw~ILT*)8^Qyjr!|WtH-=l6+iCY1gPM9rzqI=vq2E7D`oH
zk=rL~pdzPVaB6|Bnohie(zP^X#A<hVm@hDdd*X*9t<@sTK5tNB0g;wCCp}ujQ=YW%
zDbM)VV_vP1x^L!(gKO<rg36p5j0oC3r&TSOxq+1HMT(i9iCP=^9YxWa9A$E^w>lBC
zBImu=nR?G@%5qoCy+Nd@g}S_~<{Ot$^Nk|5I9oMe$7?^Wq6Pk@Vhe1rYhF-jf#xM!
zAYAdz9<>1aKW~B2hG@&g0UA$e!~hPnM%u_QLuLkoj%de^MF@sQQfY>cCC^Ao2hs(G
z?J{dcpmEh>s%H~MGLEaJmk?~vRSyFIAJE8g)$?)HQ%_y>OzhaSb^LN))ChdpA|g*k
zh}sb~w$iyLYD5EXMxNrKJEMkKJ(f(HUMh)kwZ^OlD>*&n^pUgk<3<4Wq@HEz?4}sw
zmv<l23H6#jR+9L{IS0!gkvj-0_W=<E!U}RJBg)oAz%KA+7qF9_HC{_)&j;RQ<=(~0
z9rfz_k*$7!@<uTR$k|2Co(XT)%SI+WG4g;*0^sOUj%J-kH?!Kv>I@+P_7R4XkjktX
zOBq?yk4cM;7Ss0<cVPecWx`<bgbt)NoERGe_#D@VGZ%mjlV&|G$Io6&jRBkkPmX24
zVVLc4Oqni@jWE{u=vd}#VvJ8!YU4(NpzFA9HXdLtl**(J5ehZKaheMyvhn2WK*s4r
z7FYC@tPFO|ngoj3y+wm&jgcHXr}q#`z36njudy4Wc@cwyPZ38Qm6X?WuhTQ&^z?HN
zFUT&ZXOEL@htspu>DkR|geTCm!=Q-|kgfC3AE)AMXO+quz<R*qY=W0c$A>dIJxz2g
z{Gl?RUIg{JmJ@#may0%H&)ip)_uJM@Kb~*voUFgqwC0bDnZ1QAyYo$ZCcU>p8?O2D
zq1}_d_tl1?x;n3}o_cZmrJHK!FPd7eoGG?O^R3ZB>*Ix{?O+ZzUm5u3L{42hb&@%6
zeWj?b<-dZuc5*`cI5DTL{gxra@+CeV{GPh@%7BwY_z+bjhm@yIN*+ldcs|&2<>Xth
z=hU9J-+b#$oQlCM`QR21Gb)^1aLbHZ2=;)S3-%Oo8DVPA<m;R)fP7PuV3zcZD#@IP
z$V0e`L}b=oJnODva8o|GDW`T#kHX0XH%*Tgf?Xizf?Y+GexNC9A`2jqwMBwi($k}o
z%!!CRgu8jQODDKr0^kWiGXVci34qtC2*zvG_XOq%x;wzU0J=-Sd9MxU0peAZq3p=S
zY`~m3CqdHpQ6`_}Us|4E$7E2u6vVm$dV69ba!QnfSPAXzVgkm==?p-u-vJ!lx#iTO
zBBz9In%Y&(z>|NdRpji5?GDH#1a^R@S^%aOQPVD<GIP$Zue54|w3vj2>Dr++BKKIW
zNHrbM0+}Dg>evM8C!*dkf%=0I`0oOaF@dU!)nfuxfBHW<CQuE_YSq#SlxwRFNmwt+
zEJ|56fpTrH#j(-K4O-&^FC`{({P;wrTofCnZ2XKqA+p~)`nYS`*nP7ir|hp4IpuV(
zBBz`JXu&R(J)aF)lNO3KSd+}gWjw8JQyo05G|428ohCYfr}xLBwbAB@&n*GAN%kx-
zO+*5LNa|b!BI=P$(nxQ~Mv|`suyvWfGyqx>62_4vfK?y*pWYA0^d-&?_w@En9B{zP
zet~L1Sg5vF1c9)TcNa_C0F(vx)=win2=De$vOuoA<n$lYcT-+_=$dEZYYeIbvvU~V
z1IkW~;bGu#ehq|m3GkU+0;uPgKv<XDOWI|jQ(i6<%`r3R0X}D_Rezp}q_X02@cl9s
z^c8ZRA?H~*W({TxJDA%y5p+~h4*)+49*8zE$gF>!;*d~LKSB|GylV906mo)`7sxqD
z&LBA&Ij6`uN)DBVmy6_p(V+ek1rTm!^{W31qP_sfi6ncRo<8p3uyQ~@Q^so{Rele9
zI0WUMp578)PYFEjFY)cXJ6PT30ybrzjHk}U(;0&8=!}NB_nx5YU1AebH{Ovzb!)zD
z+supkw!Ukx<l7FoLDoX3qZF{7zNvP-AAGDB+>j4$$f+H<;D$o51H@dgqo|hr@@mKA
z8#2t{n`6=Vl>*Tv(GWhXcFebT6x+Aw+qdV`fn59cLOW31z_<Hz?Ola%H^^@pxo~$O
zxC7+11I)<>fp4u}0g-|`q?Z$O6ibHXOME=|J<7t#;qXb0sd^`e@F8&&lV73S+W|SL
zFhqyDZCaEH;nxoE;4*hs9as!JNzTiF=ZN~*kQ{4XlJ{vo0bQ$<w9heAxI&Pa9MaN$
zjs1z(5#=Snrc#QKNmXa2VzmrN{RaV2Mlyg=a`1DPC~LK`0AN($^jkKJa>Q|mhZ5FR
z<dj3FR@YU<hB-)5wT4)oHO$oy(OjDyj<h5o5!VzfyxI~^0dgSG^YbBY{A$e4WvNU)
z`s-d3O{`BeI3Tx_r9ze+%6t%OWIg2{Wlt&IQ%?z^r!=2_$L=Xwcu0bCH)*v!Enw3q
z0^D|gbdjxM&0%T4ZO3-)nTuls%7z_zy2gsh+NsDX`*TH33Cgq<YZakMYt>f7nyj85
zT1L+gi5@S`R?nxE1e%upU-W*~=GObA&3Y%a|JuJ3oVBvjs+CobYK3aT>MM^~wX*ux
zyH-a1>y_<_d>;Y~o~w!|>y!xoo~u6g7f)5MQ_gv!YbKsKMROz)VUO5TCAK;-oJnUB
z5J*QZCB{-CeA$BJ@|ZA<L!t`)bE)Lmh|y(Fmh_!y2z?hhY>~jDALFVD*6gO)T8I#<
z5SX1rtN7f4rWF&;^#;sg_%ve^CAXd&dc(5W5++J)xx;04BbGZb4RcItu!z9s4$&Gu
zov~*!&z0wkwF~_)Wz<FvEqm)UewzVXWk#o$y6I1lqRGzwC|?pNo8R#H3e8;1n#?#B
zT54#K0;>a=#0a11&@`rern8sA>=_YFhLHT-W;!~P$$QRW&YHlo$(JbdtK<xkqm%PR
za>mI?kYmqz_$+9*K8#?4h9RePozq;#-eFH$M!0ZYbc{Ib7;$!AJC~ZU+&vyuwDITY
zD-TSj-VnO7Y0C3&woV<q*$|mNa4X#Q-97(y&(z7^-8=d0ooc0V{en+{DE?SJxRIpG
zuQ4a@kPXk0xOpQN4`Ui6X$YC8UvtWiIgQ}?U^v&(!Nk@3a?yP`mE3%AUs1Jwvj`!f
zG<k12=mO)EY?46ue7J3@E+596Ya301ItnBV-!>CsPCmG;s9L{SbsJ0D4#A~4iX~a{
zwhtGO7{5|*!~{JPk`W{UcHG>R=kvkHbO<#zeLNrR&#A|AyN`1>A3R=Et=}xdgP2&6
z_ojm`Fn-A<351s>ek32nq;KD~z06ruftX*(3bbfc)U~~`+9W~sS5j=Wc3)22f9*1J
z^1=N@)%wk<`*XoQ?!D=t3&btCBmtH?A#|em8X_MXq>S>HkF}kMROcdr6W#u+3iOH8
zI9sEO$IU=Iejzh*5$c9<vpybw^<rX-);Qq{#_=HOMs_TfPNp*m@W<mLnc;X`r`exA
zLe6D!z6Qr^jYCZf3wgtFTY(L%Und4yyI_y0-c1xa6l5HL^IOVKYc?;`)Oow#J++|V
zbYtW;ofcNrdUw9tzo6iB<JsGET38YC9`IZT8=c=Bxx>ypbxM<767s0AsE@t`;(_U7
z*;-soJyoyOpzsO}tva)bUM)xQ+B~5rFQqaUjSuK8HnE9<xq=qGQ)#(<++vUe8OA0i
zAflGKi;~v20r>AvNlWwYsaj%P$DyVLRW7Nhg%Vi@6uCT{Ohe-{lZ^R}dNQxcq5F?9
z$skoicDU(^V(q{m^J6Nbo_^6Wm2s*NxlY8znv`4-vU8Es5|J;Pu*%gMQ8u<BWXEz<
z@hVems>CgY15j4t6Ks_!E2-8rqjrdfWp+4f#bpf#6KpxT5%r5{1}Q3Cig^cJrsNPu
zRA>Gq7GP7!ABuY%`N2KZKLh}%|Hji3pZWTiD`k$_b#GU>HUNn~Uy-Y25`UpqR=<pv
zl1fyiEtQ5iWc&wcEy7!62U@H7zFI5%sI{;@^DtUVicst(Lu<8AYaNAh;If{qR`z7A
zc+^%8sjVV*8wm<+)z<B~uV<_MQF}e4_Hq$2rv2T@eYMugN3HdcTB}1mQ}!7PBwK{f
zu@n-}R%Ogs1H&HwN4z1SIfC|fjKqXv%MPHwhFBxe$784elLLLMuCxqOg8oR5Z6h;R
z^f!b(ZTt{pv?wLh9I<1&qJ_n=A;?}`qUQb?#HfxsbG>U@UA`ix6xnNQEamW^wpLpg
z3tG6hX&Gp$NwknSbKJ}HCrEGN?}4aXdZrd(qSH_;G$@)@G&#-~71rO^TV_MaTV~_3
z`X}kD**(m)f5zmZf++kw%}!)2^v8{kJlxy!(}<2kgWDX<WRYmCj{9n@O^;gZp^OQk
z!R@ZCRdZjhwfRwNJ*3v^a%-)j9U^qFS5Wpj-5m4BnoFe!7|F4c;CR2>Z6qf-!WN3}
z7|TE7?@Dd!vflOgf<<KgixEz~^C8!9)UxYa+-^M)8}I(Dm14!31-BNp7Qn;WHtq3P
z*czdO%NU`9A}w*YMrcz1s6+n=4ffmpNl<D35G}8<V~}(P%Z~f*ciaD&^}Ego-tT1n
zi*{R9zgrX={jT#<*6*Gu>s0Wf-_f!pI|iQ?lzqPMe%JNStlxD%@O~%j{}c7QMX}NE
zx<6(8Zol211O*Jc<GxT)&m&aykWkSxqK)h`TB}#<)B3xr?yJoP9<|v+YO`nUwh|QD
zZ0CJSdUri)uZPiIqrT|wi6?2%n{Ojuw6Y!H)`|?af!x~a>ag}xu9IbYnK_=TRkr1r
zW7s+FOBoUDI>7Gn71mbq2oGU9zOfO6HX|oSk|T&nyH?ot>ylmJ*yW*rj;>f5Uj3BL
zUG~Dzj&Wgq$=->M6s$cl`pc9MrB<Q{M!H+1rNwl>p!v0Pi7ZM@@RVfoIc%h_N*PF?
zcZmdSb3KTRx*%4%#|R1_w9f8wd%_@4Nv?>~wM2H@bWlkQq2PAh%9`)!K^e;S0o`RA
zy)*|@vZ)7qg}DBk*Rh?4ltg&r(Yv8^_YTzP^f9^)-7KyJhdUWq;!Z@qakAJ{dP5|i
z(t~i2M9&gQNGnez(Gh9;5|Oys0HIJwoyjwCVhMh9LS{M2&cl7zRF`d_2|Kq`D*Yne
zK^g}2gXB;JBI9#QWn6Bks$vQ5Vi5|(@$>9XE|Hzn2v)_MEbCH8nMA-kiQ;iLOvUmp
zon2VfvXiE#Bt)@EJgbL!5=%X5wl-5~A}e^*r5^KA>s=+$qZ?g!n>EmTEG}N74h78P
zRN52doFr$E9DC;(37z##<k0emzL6XfopV)G0@hqjloU{ynFXdR%DRhA%RD+H*9vPc
zou-ORag^6_l)SWuSf}N39a0Y^+Ty0^X{xX#0@G`WG5x#5$#gr%K{<D`m6%-Ess9Es
zGELCmB+4L%>3_y49y2##8CU4h+0%K3IKBwSAd$&pRnSO;D}!!g%Al++tpP~dS#X#R
zGnqChjb1`!iyK;~6pu=0ynttIDQ(bj$F(gt+VbI(ld5fF;q>%tH`VU>(28QHBOmIR
zeyI@Z#Fn-->vQV*sZ+V&`l4$6X4UnRm!yvqb0uMU+lLENr^=Y&1;>1_RqT%IBohU2
z^1;rcYW-%_PVAYJUQW!Zos_l3lDB=hAh`>alw^_wf?1YOGlfp*)48orb2lG+x~N*e
zS%lLrJ39pQocc6nYK7%(A1+Al0!vYHNdn<4*9a6qb82+@5O;#nqH6tS)o3mlkzP*B
zsZq+)V#(V+T#(!aN>4IL0>Q}g?XSG`m7Ll;{d8_aFV1lD!QP^3{btqP$*)KsC*}}_
zJS~pA?V}48bAhEKnIwU5%99zr*f3p{Q{iCaV^Ot!v+4%2FJT9Oo<kV&v%>PWk1klu
z1xiTrNCLt0;g!Yk#(Wq$$WhYo-N?3AMrS<m&v^2V3PydfX0odsRfT#a{a(9*9X=lX
zo*KQf)5#%x)C6IuH&a|^+Ms7VGJ+(){=O*d^nrYM^Q1Z-Y!lWw_UEGep;8NXkxnht
zooy{!&~xg3GS^{+<!v7>Fa>710<Bx5CAlPlaF*-(d=O9c;oPRf+|36M7gg&wi*S0*
z?GVs&>S4;&3d`F*T#(!amZId61j3Ok?-pC8{W%p5?4cA@>o==zp_aA-K+hoz8Cqd^
z+ea5H<^m-oc_e{gc9Z;Jd-9Kt7CWBIcRZO>pTskh108&_s9L{*2$Uh5m{Xsm>@BXm
z?ZXB3<k?Ap>!wP%IJkw6xI0Q%ITs?ZB1X|eb875n=TpVbSiUm`I)@O@!B|nXegzRI
zLpU*~#;A-ISKjvF0#cDzIB}C_<6x&;nV0xG?fhg!L}8`m@5+6D8Z2(zm*2|t^6~Nn
z?NH4p6?_&bmB%?Tr|zRdlEOKDdE18z?0K}V@as_OM=lO-;Un&?C9E=nqphFIbv&0-
z$;}6!E2`FS79sR%wL?J9sn1cltgyW8!v)D*U};G%Ng$l%%6D}iz1DO6jr``LIrV66
z^U-_|J;D0TB7|Olb_nP>^(f_Rh2?D@E=cYIOG|P|0^uy@&H3PFdUPLuF1L+6!`luo
zdWJX42app>Kf@L`J;U2d9(^A9rh0gZebzsK;`MTszoEoUAi3;tC~?<lHJMW}FH{|E
zBRzkNWhtMC;%3|jYCPVU4~u`k(}x^Of6F)PW9LF!m&y((Mb|76Ap>ta%0}3~>~O|{
z=-6M8TPljfSPxg?_G{4RkNK^oGIfZi2kda9<+@mBn>7*T#!^`glvt9ZHPO0>P6C-E
zB6;n6G7V9N)cogGJq#%(IhIK$9YPVaE{y=PwE(ln$Mo-`ELS}fY<n76+^{D8WC`O7
zxTH^!^F4A%I&rnmF~#_O3T2in*nX}hrxRCe-2gt%Lc)6e9ZK;J;25-7Kw@zYz+Hee
z-ASD89|k0(89HG|Vqf{@iDf46Wh%$l;4A^j-<PoaHwvLX!0wf6a_X9?mdSrvRM+s|
zth$EKlI7#XTuE5o_Tj=*OBpk~NaN9?jF#Ys^P!Zhke}s8d0)w+d>6|-B{q9XA8xae
zF4{&^nDrjEA(cPhI^MzDKup==tp9tu@F#HG9=QI+GhX|FvkkD6=4~EY)?;_KWN7kk
zOv3r9vY;yM5t;_I^)9mDVn2V@wD+Il`MZv-Ys(!<OO0LM`#!26hzR&GNCKL&14F6Y
zMHEp=^6;}fymv9F?RA>e22Vp-!tgqVd7q||v25(slBTjpXqcD7?p+LJ*D^!dff7U6
zbq@0juESu7wk~8!j$BAwR(9asAZwuH-C&o^eaDoHg<-zVk%v3C)P~gRtzo{Ftij1W
zCHHGsnoJshJ?3*WCand%xMvuej+EUxyja!pXZ|`?&or=XW72q-9CzdjbF`*d10Y!F
z^cyw=bHs741!?)LBB!jcikxykl-6wRt!mW5T1%`^>KdUB@WYYTY7u6i(G%QsjmU}`
z8IGp?RkudfXzRrOmk2;zfZhKTeK$fFO*1%-+8!a%oqXTY%lSga$Rc1E_$g9~t=K!4
z><VLttNyzv%in$fdvtub&-58dY#tvurhgm3`tOm$WSXV;imy4)f)X$pll|Xit)o=-
z4>|tTYJEQ?%2qbYr1K#MXd@j=ZiTFdzSm%SjWII%wj3<SCBQ3@5bT?|Y|uCT+-`1<
zAbQKhw>HkxzeL4hB3LH4B{{6lWTDhcB>=PtjsrI@9+s#@U@MqfM8ZIG*F6kGZV}%`
z&c<#`kCwoFw|xqPv28c}`Q{Uo{&{Ke_ND1jY@ENP*1sM2M&L@{w}OIE%{QN1%ve5r
z%|B$R?Yew$-85uuFl^Q*EZp|Z?1pb<H};7a5z2nEY9F&=OWvDAV@6DL!4VF6W;YLZ
zy6>rdeDn0zQH{|$oyKteEpom=&Ns>V7C9I+75(3lGegdwl5?G$-zJA*^K>33irR!Z
z)Kv`XbF{^~d!c5P_w%0XBMS<h-_71;=Y`#V@7i~>^i7Smxf7>u(|Mt}*1LATef2^$
z&hOVY-1g$Uu%gM^e;tfC-Ke=kC!Qx|H;jLI)L7I<dqI4{jo<j55jJ(>3oq0!2l4%x
zbQTt>KlnqW=-kmQ-aqup;Vj+bI@SmA?V7vo==LKCs?LvkF$KOKBqAo7Vdd~{j3zZh
zlrlT$Gb6E@My0Px^I^|7;Ru)g+%UplW1BQ{=vmc^bnG+j-4^*ploz0VSEm581O*4|
z)6$w+*&)z?h>1N#azbs7{1^w-%-3To8wbB9aDeqW4~a4cUGW3VsMTU544i)59tnX6
z<Ot}tf7-=3mYvJ$vRi-`#<Ap14sj=<lx$Ct9h;WO$_}^Kgj%%vWtEb!l%0=jDeW4S
zrK5S49m}<Jb}W>tz9P5m1r<4^u{y26(nAiwx@|BPu&_bh(0Wl-j<hz2F#8N_AhC<6
ze+XBaEL<>!-o44@78Lq6Mg=<3^;%Qr4TgYiltl>Gt{L~f1*@>=Tg|8c+R?Yd54_bR
zhFVsu$yjK$u;WhL+gP?5jG}QtS0giuX5+MbZwoh^hPD_l#_9(*^BQ-$8aIm86l=Q6
zZmssk&;AHu;7YB-pZt~1C*Kjry&mL_vx=Ou#wv2!{d|>$fggN7mwkP-Df-yN&g1E^
z%Mk*%y(REg3`Y2P2fkkSN^(3K8Bgl4Hp0}I98$#(XoO_&cS3$Ctdl`t{Ti-(P(_ys
z*XmD_L&GRD;iNxJ)IoBdg>x_Pcp@MaZaVw)Kckp`4ky}bgIv?AC(@%y+v2YNUx@85
z$YHj0j}pboaF60kj*sb0!c-liAy?e%NpXQD*{0&k3TKEaMYbFZkJE*B$RTkjgTV$3
zcjb`RQa<Qrm=}nEtdhYPPJAqx0OZZSmVu$2#n{&{pDF<vT=IGE(eWx%jGy6Uw=@K9
zZoBg8@3l`JxYfFOeoe=<)VrSR#<k-gR#&ZPoc!E^Pibf_)<^R7k?9pPZ8z(CZq+xv
zedHTQt{A^_{KGn>dDZPECDi(9|1tz_qq(g_wc`IHNZ&=s+xim4t{E7If|C#KDyr6R
zRt3iv?!8Gga5`NoIKn~Cz)+MOiPP_?yOt0s9|oLUE|A2aNs@`O!vP`LSKXX~ri#KW
zxtbDDK0)eIhy^GqVWnNXMNqP4NCHlKtw<OqVo*|=CbFQU1aWt<$m?#LNJ0a*4=}hu
zNjsNScIgELFi2Bnb_jSPhkfwdK-0~Xj9Y9B|5&jaT23hmN>(VPU8Aye1SRcQ?f_Im
zE|e-zkz4kcikwp12W!Us%Wx{QW^5Z<S|@7Nkyb>6*=ImWH)BhUfRbK7m`kIL(cnbS
zq1O|`S&Xo~4)GF=sQi@-dy-^bGIJ55tC;HbAq!iM&kak`NUHyLa_(Uy#TdoL<j)iT
z5puSZbH5{DG~hP$@v(e}GH@C43=&n_BO4dvtY<?SjbIXF;2Tj%wu(WufbS7>y9{DW
zMff4IF@6PSiD64B&fQ$ob^W>gnrGjI#O9boVk3n)B@CbTZy4QF*E+;5wH3rJKca^E
zALO_RTc{d!a{dti2K5?C*wW(NeWPYU!6|n#cAL%%+XLQp*E<#zoZjufLnmGgivG|f
zC@s`4Ua$nVCpZ>0KDdD_oq`l8(Y4SjmbNocM25_zvLNNseF{=YTtcSt97{0xP|=c0
zFeP6##b_r*FSsr1fOtjPn`a}UiwMTKOoLS1IOMyJiAjDdreYyS3Q5>Pj$B&0i_twH
zB02Av#yS^G<cK6nP9hI6-ad)Ik;m}vw{wxBfRo=ABb1C7b}TuabB~1)qt20sJGVX6
z5(_y2wvc0s6xu}Uj<lpONL*t^0^LLkw2(7}g&dcW+gix^iQBjg+xIn@`EsK;Y!YkV
zzq?SaiJ8O+o&IgRZ5$<cuLU{vugEFut0Jdu)<rDj1ldB)gEH$v3pw@pryBlyF7Erp
z{n#n$YjrFuJ(zwhC;rRo$1)cBacjlemhB=JBp*gU_J4wY?0?jc`C9@=Q3{I$Qiss7
zq#t8Ja>c|mn)T&Wn0VDQ7x49_bL?yFgbtb9#lQ!g=<`kN`}1^(!N*84F?>Fffe=S`
z2xiP$D^ff$;f3I&Gr^=XcJNsqeAXd)F;!agOpXALO`+_z`j@>tX$xL#;f;)T7N01x
zu_uF_M<|`&C+A)zE|r8W^!0Z@fOvv^2cD?2`rl9ne@o5~IpgG%3Rzs?=@NpMEexd!
zD1luxya8adm;qJU0{pW@<(P!aT`I@^F$!w@<I?h$Utq!U@f$DY!?8*AmV=gncIx!>
zm$6tU@vG&3KipmnZ-)B%^p^|aKIpKQ`QKj$P5g~hS!V4U+VS+8RX38ttL5XwTuE5o
z_Tj=*wu~8Ga4@}BQe2;ggS{L5#UNLo?w@%HzL}R`QoD#y_M27vnF=&{ZxW5|97Go!
z;h<+;;=xXLPVJxn?BB(EDqnpp`5>oU+WWKnM5N-4^G~?6ClRfNFVC}OM4vlCjX}Z4
zv5Y8XH}|+C2&qe0c~Ld0x)q}e_lqTj%;ca8#vE+Lb60j~(zve}tw*X9<%JGKiK!>5
zUO*r%Q>JUv>V4%RvEq`s1n>z?i9c;QLmEqcnID&{`B*Y3iA~+cYGyK#mY^C>|5qCy
zYC-#JJ8mjRW!N2(5yz5Mq^ttrg;YsOk3_!{_sNzw?K09^zU**|4Ga|2nwC{cnqk=a
zM9MOO*D1M?r6ZY?9m}<Jb~~U{O%=IiOIPHSC|nC!GO0$bSqnQ<pEilRaHQq3K!!VW
zTT*KQT88S=_$^1DlD!>$s`b~fPpx?1eM;8ovig*ag+8^y(Yo$E@Ke~QMq7-k2;R48
z^&DJ5McXF!o!}zP2)5mlx|{&9>?5RPf&oI%3z<t!#XE+26S!0gW%d7t?ynP8ny5-R
z78muOP*C;R&K+hzf?a%sLeOX9ZbDOh#D;y-#aOfixf{uu{<Hilb|%|U_FY`5u&PLE
zae9oLz2w{@+I3f?)Blo^_yRdOIA(2PY|JY2zoNkR$SIP;;I5nGm1eNE<dsug{>s0}
zX~~=88La=t6PRZVXN~xUM0WT*6pjSkHQ81QcW`@83H&dV!thirDVT+(T*-Rk*6SOt
zpS*tXy6U=~_}I<*0hjf}mQBFOv3ytq&Xr1e92X<~)|FGMiz_?xD?1A-y9+HlCToAX
zc1xl8`R}KuLjQT^)t$x1_vRnpd;LuD@gv{u`Ce+$pKE@;GRH6QE&E;Hd?Tkure0+Z
zb_^F)>sL@C^o>wE0Q8(1p-rn+SiZ!^gWpplSFm7ba|j=zisX>;)T@$55(vKasVdM-
zHS!O?tX0BCJ^x@fKX1_B`lI%ZF9d6Tw9g0kuj)3w&{FePy*{{1>n~bKc%7#X|5I|@
zgx5Fd0y*?=kn*4<ybgH>-i7cQryDJ|>9nx9&AXmH27}X$XYbI7%dROVzRi`wX`+GV
zf1N_%Ai9d_E}H7uiz%oJrw#VODsyFg{4()%@o(lb33Ku_9bX#8BWoB*orKP$49mj!
zJK?KHoh`<g{_#Zi{8;KN(}*;EJSlT?DlrU|)=Np<NOq;t!+1$T8!$1}C00xDWgL9D
zjJ=%9W+yYgyptR=xTyt98Y~+ODp4d2c6_X>o4jw6^FwmzzRMIZO?5B-kk8Zl&v6wq
zRK@r*oP}zS$MaLA^Y0YpH<f=~_dk`opDFD>R~r7evj0w%&r|g)1<pc?vU2_W%B>%I
z+dRJc=GKL3oZk<xSRg;v)qPFB@`Jk5zuj}d^PxiSoiBP0dOZCfD&*cdTD8%$?n4F6
Qoui&k&-z~~a9A7tKSgL2EC2ui

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_state_builder.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_state_builder.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..293ac02d772270229dab5318ac27fb85bb4ce850
GIT binary patch
literal 50350
zcmeHwdvqMvdEf40AF~f&@qUp6mmv69l2{NRK#DI(5Jgc0B~Zd}6*^?RSpiFMMPL`2
zSx_QmS+e59kn2-Zc2vP}8_{hNlg`6Tnl_5v)1xGR)J=NQU4kUm6SYUD(P^r*N%^p<
zT1`*-`|ix#nO)580w5{7k>&v3-nnz{ojWu4e((F;+tt-R8;-d@2|lwiVYB@uo#;oM
zmbm=`yUq5xO|(fi(JnfU*d+)1tr~L5j*xB0CAmZD6_4a$R|H95zh23U->M_NA;07w
z3P^#WYN>jtMyeSKO2MI8sdlJNsvD}8>W3PnhM`8Ok+tJI(lpd8H6!g3-J(Zyh>nwW
zBN4q@#_!46k?qErp6d6A!pSz#i+>;f{U_T`wz+UobaZ<F11DE$sp^w;V$I1~F?h13
zzgDbmw>{&0#xAYKxxe2b*3r4Nro$#~5bM!K4QrzTsd`gu!IRbfZn06T+tF(4w24ja
zHnDlYq4q~w%ko-~*UIxkEUyiD?L2QC%UgxK)jY40<*h+p2hUs2^420R#PhmX-a6!U
z^1KZ!Z$0w5c;3cwM|k5*D4I%ULYah|kwd4_QYdpe5fU@;OyZ&G<iuD)io8!<9}fGJ
z#slfG#GyngA;mMvbZR6aPfui&;DM>>L22}KGLsn1OiKwR_;6w>ks3>+M$a9R;!~%U
z`iGP9X!>kIN{pdSdRiJyDAig!iLpnL6A7jEiHUdycb`0f8;_@@b4uU|DSbAH`yV?u
zl~5Y>iX#aW#LeZ?$tlIh`gt&wL3uArQ)6Mf5->l2(sX9}>4cO@;2C3MiK&V7xyeK-
z^U=Ea)Rf$FwztQ~laW3Z$5ZvB#*?Y%6_@%`Eot43WvDaW=~VLB=|n6!rZ`ja$%IlP
z#h;5wiBovO)M!FheDO?1N<KY}8!Ez-_8dyxl=h6VQT-v^QUb3mHHwkQj{s6t_`m%O
z!0WaXm~HA2wMFewN7NN{pU_5=%{JoHuNuFiJ?h+V->hYfVR&NhIK(Q^8F56bOjpoK
z$ku~-wcFce3%h4}4oC^~EEEsP@yV%)L}>AMQ%4BKN-{MbnQ1?r$xO+6dV0>>CwIrE
zl97q@XnbPN&i?)#@6#iE<YVt|Pj94e;F3cTB)t6OXk1oY$;tS5BJ7n2sYvw%8VEEK
zXaP_Har2N8FrKE;Nqp!gD$xiKu9Do8rWc@i1_wtDJi4<#>?v-MimH`(+cLfFka{S6
z2lkvCIrzlUlVU0^ouUDLl1+t^_{JHQjL9?^Voz(cVd|VxJsCff!1q>%va}w}t;WAR
z2=KD)M~${XN4|M|zJ67{x-MVWmT%wsPE*%H)3#jGwtQW8zG2Nm!=a1ux3=Zh9m=<C
zSZLXLvHoU*FW|mm^SRu&(THu7fPN54rnh<f2>|neI6=AWAoNNfcz0Eg-IS{$OyrvK
z1cpSBCwg~R;j{Z@`uJy`Os4Q*CPG&8yztAnT284*=G4qq{k?=bEz5L<I@zG;488E;
z`!u%0Rf=#5)0WL7&uBW8!Q{l0(x=>LdODSv37m~f$@tR~2^lw0Y!c0YnSegGC==}%
zm8d~kso|Akl%Z7X<=JW2A<+wzXgFN5NnMog1W;D7?>maI5F6*%j=nb#gVci(JMb?b
z0(jZ>o`3Cofwp|xj(qFE{Myh>kF&bwMwPqO_oEtH>xO*O`imoP+izAmkm0tqbQu{f
zzMCyI^v!ErZgy|Qt3R@=0O1&DP9Ejc9k&$l&ql)p66VoB=wb2Xj@lY*PdQ{qk4<(o
z*dDF1+0vaO=JwDE9ZxtOueI6yKnSuUh0;I^_T8>7oT)jdY+=XD0X|ZSP<-f=l%5Rn
z{)ghJu~2%7@H9qK!LvldE{UkL)C-{0WztjWiS#&-!bB`B0oyC?(Q~8p?V6@j)ZWC|
z#Fz=S;+qk<Whes}z-Y-X$@Eq*tJQDV#J(XgyGDs(<3x(2T`2Pi{^h*@n5#ZpU=>Z&
z=JgBB;S16ax9^^B-}8Iki@k5|{il0>*PCnKlMmMAJ3=@8Zu(Ykm;1-J+_qJFWhd&t
z-qafy#V<c-IMZ=^C&25rlQzi?HVN#JR3$njr&!f)lU$+`&@H+EJ)#>>5IuliQILG&
zUXa=PW5BN>5bQ)^M4JTfe+CWC^w9;CNHd%iGDc_Uxn$;aC?1koHU1?cqk5O9TYTu$
z<5ii5&H!D-kuo8VsJ+KNpw&(}PS9It2QOQ7f>SM?=Zrc>yn0FF_jn&6sNGd5SJXAa
zI85UjrBdz_)p}0U&F|_FtI}VJ3VR;Kp#6qU&kotgFiB5fAgjj+hHdcyuFDzq_S;3*
z@#p&;1N5zMi0%_aY1lDBbfM_zwCT@5gJW!M!Ci=Y6dj$m6GW@oq4!zuWxTzhcB@{_
z__eBi)K18GS-o6Ua39NFMqP_~hjOMjXxTfX7JB8WSek#eiX}aIZz`4)^pc_wadm^*
zr+lJU^hJH!?d;5d0#C0VrnZO_7ag6ps9$eO|4rCM|9*SQjepO6`_$aHKOC5OaIkm=
zg_0@85i|4=0{s}928S0)JRcv;Oq>g)Q;Co|7eTb7bCHi+J0g9N-b;3+meU$AzA`YO
zv=P0!WdF#qfBz->%+U>-r_K$8W#0>0BD6n5sqJBTGyU$+FCn2_>J7^gj$(Z;hJ7!F
z_N$fd3(HCsD5&CMeYxaPs?ZXFUIIG^3=p{QqhMT?6H<oVs~0y@oG7$?_)?IuF$_O4
z5+~7wR9uYfQPJ!}l;L}D>KyS$vACqvfsdV-0CJv^M$?m1aj^aYTxOgS_(NH7Gj>o`
zT4VC*^z;Pb@hK@bK9PPJ*q)JlZ%mF8*E}UDHG`~Ucu@x>DJ>}tF%k#jnONd^@Xaa4
z^oIkAQ%+2rB2H41BV6pmD1Jt*kxLSZN8{C`1Jq?d^+|o|KJ!Vx`DB;*WT$$f-ha3H
zQ0hr<uS`>3<sDV1lACV!QdI0qoB|VaV)}52VVG!aBpW8mgNspoWLYhoL@(t33;+(K
zA@ubJW`%cZH(YrB!ZY)=y|b=&ntSJ)cg*_VtMB-FWY&|fZF!^mwd%PuZ|^!^ovl4G
z>w34L^^FH!dmt-p{)&A5f%)Kiq%J(mKrXm>LD2r@h0WREdVZ=Vu2ChPmn%3^v#$%A
z&kvYO=x3;U{sHxZxoM;?Jj=`T1e#%tQ2`Ajngi-(yPXGZGSe_dVeI#if-&~G6a^Dq
zL?F|rMmR;lsdl8G1zAkT#=cm9gRQBUn^7^3nTnY(9j9jcoovuI81%DZNh?fj-KH56
zS6O1>CcO`)yINDDrD5U+M3TBfY`SoEhKb)HAcfJ>z`>-b7~`4+UMNH|dPE`y;gX$+
zgCDtiBikd}rTxfaf`jw`Qepedz!ESmyQhI_cZTIlRT8m~5(xl=RCj(<V?wIH#nNG1
z84d@mP^$DeRb_lDlYNKj^e6$5z%c?*fJ*`CDN6qgf#U>-1(bf4Krvd|E}cNO8G{W-
zgdoglY?l;6P6_O_Ma4Z#&Sh^rb~-M{M$?i6m5zbVnDS$PNz}EJ>f_Xj-vD5EE8Fu(
zuHn#faaXYMt1rF!(%iGT;JU0Zv=Hpc1$&Ul?if;GE;zJ+eD-$*`N1AFeU;Md)bzY5
zpVB*wD!lG>Vdx(U{&BAm|9BYw5q^sBk2j*@AD`$qae{Y-e*y)ZU?5yQv&Rzu5YrM$
z%At7ZY<wa)7CM%Yq&Tq#A!sU7ndGS?^rbU_$#dOI#{r$#RM@Vnwh|ch1_n}4CdSId
zP-a>9i26`~kEB!7^l1W1LOi5h&=?eIODcteq$HXwfibpOVhlMBrCD-@N$jROC=V<Z
zXOw6_qK^C;0K*y=Qn`kKWg?9mZd+}W32hAOXk+m5{aFDZ7aUv=w7)CDAVV5-dX>^Z
z8kC+l<s*IheqMtot_y?zP;kblJPQUK9ZQxT_nUDB7yp1JfH8<!nMj@m_DG$Q;&Mis
zX2y~bHzh=*AnpZhK^&M=h%I#du%isWV!Gd*VF$mdr4`|Z@FLt`YB83SWBi$weM><M
zrD}g3FUrJAY#q)u99<?_c(;I;IJOY%&IP-(!m(`cF%{;5#})+b?+WsR-RkL8N&_v>
zrFm06rF)GkyzX`3SQ)(VC={}=s6t1^tTa`SVz}Ne3N6-dJ2Y@4^{^xAFlpwhEHraY
z3(Xv9-mElp2T0=t&73>xw$jXr0+VZ=vyyAlvr&7YZf@**OOR>2jHmD&|AL{JGsz6r
z^2bUf75@pY;~TM*L<+Qhg?cn=jTqO5axGt>9?iP%ycYCmelfuLmuj)b#J}8`CM&3E
zv0fbyhHGaYG~*$|6d5AhN?g-totmDQ;L_8%5HA&y6Pbtv?WIkkE-4<(APS*p4P|yv
zrkD5zc`81dfP_VyR|$O8R|a44JIV&Sf<8=f(S-sTOL`P{D3Gysk-lr{+^*rUrP|6Q
zW3kQ^F*r|9ho2-cLV$~05ZIW=^&;h#lDj0b$})Ltk%(2GHoC6_<Fr`RGG0WCtSB*E
zq&=rBNz^J?{Z({SejDIr+q-KzF0Ow2aISV3x}k>9#e=zqzB|H{0}H`zx!|^}FmTzG
z3qseU{aq0TvcYZY=~YStMbf2tQ$8<@0+(I<ELU*Gv#$#S3~@>kJjrm_uLv=wI*i2>
zUo18Wb?ig}=|C*@>~wsB#wE^zF&OwHIWv(=B~oc*cw(`!^k^(5#nFm1NkAfSmcTCn
zC`~b@pi7R%OfNLX?yBA&MhBa;TL&bJ%j*Ds$@W9%zFSVOD}1Zj>pEh;)$DUUWWUww
zbw%wTAiYzqO%+G+&kr5H-|j+IB~y{)8Fz<0N)u7b$D!d&!Z<&o@$mBd-$V;DJLp<D
z+t8#|kLyX~62_r@AT-5_HPyCk5GBnOhb+tbgV;oYl=I96O$5v!R~!M}1v3&5=nBk8
z)r-a7C7O|H7_kbP1z@puSq7S)j2Wp`tXozu3(21)xikzyCCHyO(d5P_kiR+;p|>u5
zZ_P;c+>F#9Hr_Sj+f<-DXbLyaJa{lZdYVtP5+<ZL=rI&*@>DuC2CHp>8Hs5xKMJUh
zNvbcBL>gjHVWu@CPJ^ixlzNks1q?f9lcR}`s^znzYNc+ZKJu!%2qcw8Q)y1a;ibd<
zo}_bV`6E}Kp)X~u0O?DmK>}n2VhTv<VM+}VI07&%JqD<gP^RCs&{`UVQ~Eio`B?&_
zn3R4VpajX>&g2Ole{prBteaP2{1WLdlkgpQ#1c`e78YJuSAvvo=U1suEkJN^6mZ+B
z+w&a*`S#8Erq#^L1HJ>4)t7G%=bKc=4=t-d-@Y;5)S>!<wA42FX1zb^wAF3AkesjG
z{>iY;{NA#NNRQ*55eyKe(gXvpF>cw>3nv%NHOA6@ljN>3DNo7`Th46Mvlm0d@JSf^
z^(DwXK1NFX$G@};xyP`(1n#;t!)2-x=-gVG;kAIy17dZ=p;?1!#Nb^+sI{=izbd*u
zea{$VwtM}a$7?kgFE?Dg>ShKQ>5@&xH-kz+i<J(=AvK<2o~{{A;Z$pz^i_11ktyjs
zrCtM=@e(b9<8Km@9s4mvML0<~k}3E?)RUM9?*<~2n#8EM$k-%bau}wz0tpb3A`=TM
zOMr}CE>i+5MZOe!LL#DI2!Uo3Tfg)LTq{AuR0jbI;&VEFHbF8UJSJdk(<#`2<xw!p
zM*fg`L+&mW$QQg6Rf=|_+RtcJ>vCw-mY(nSe5Yr=cF%WuE<E|h+FxFKsb|)et%cv*
z#;nkDaRZEV3xf7{Md--}H>#&sO=(^LnHM+kvs}R$&z={0^5n6w?ZPx<&;>#JyCQ63
z&I)vT)s*H1ka=O6pXCb9cs2_C_?F97w^w%K_5D#})1gMECVL9fFVeUFB?4a}FiU{M
zZ0QXG|AN4m36QL6k{Z84rvyk+lS$1>Qse$x&Nf&0gPqN;ZnZ3x7{xz7@afpG92wD1
z1LrZwz3{Joe*x8Jx+%vj8Imh3bkVFxC>lNdu*r|GgiQGRMdVypofVR8lUnkwISiiQ
z?t)e-NT}vrBQ@G<GX3aIUT`d=`Ogl+F(N%}RmW0B1P@zDjuNXFVRshDh^`Y{h8nSy
zbo4h!j0AHv<m7gQIPRhY&Vt1LvqOJ2PPS3r)JIGAx5c$VR^T1JtX`6gSfQ83JLbK^
zdob0q?43~yy)rv#T9@W52;35v^Ol#=e=e;qtN*+f`fqmMwC=yb)Rl5;gw8-cOm8lv
z=NZ3c3{!?nW8@etPbxhxnD{0uHp2lhNkIyQgCW{i?bIan!Aa)v5=va%QxSyQ<cbK@
ztm@K;gyy#hS{>2QjqgRJ3O7>R@D`L4V@!~QL-;|u=OYBjr-l)B>1Ct}Nd9hB>AQP4
zTvyVuMsZG0)2bYLBE_TKRJufs8Z5vQbowNL5dwvNH@XB{QvdrMs&j$>6JAeJ>J@+j
zH^J>CxPbNyaB)oQ7n#DC8$pb9dZP(*tD>rPIowPBdw`XB{y~tfZ+@fgYi)A_Z|?ub
z{`tD_toxl{{rR2$=!LAX_07p|OyXy5G8f#sAZUN{!q(Xr_?eoxCTt}qK&?cs;7rZF
zE^Ix&(_BJ7L)AsiUBx{U=EC|J3eQdQ3p|1HjAmN92Hs%iG($6~<Jx;qttz;`yRF^d
z(`T(rZ;T$nU&;_Op|f-Wn+EXl*<nS+;QDS&k2w7p;W%7xhfLi1J7V;RFr{%9Zbmbg
zFQE-IYH`eLU5n_C=^oal4NUJgDA--<Ki4!CVERh^=d~E6s#My*^qz=Q6O^HlFbT?S
z`r9$R3rqTM>A>#e&g;Igf2Ny>Zp`=Da8x&oYZ^XbJf8{ChvAdHZa*;nV}$AZbOers
z;gfD4@X$Kd=NyiZDxyb1E7xCu=-rIy^eXCaU)ageJlXB~2=q(j3uty*sws)qrSDSF
zyMV#}6}9uP0nE;lz0#SYoE_2x6(q%E2}I7;%bF3n=F>2hkkple%C>UoytwpV(VhMR
zU`a^5uJw&IudSJT;q61`*JSG+n|0?G<-8kg`s(Lj{X8VFZ+CpF13wo!%z_w1sM*hR
zfl5tWL*7}Q2iZ$MqYK4_A*fwwHW${<Q20UzzrYhHuL?ON8V!fbh*H0c0@C*hScy`<
zK^F*+Xv0ORUALTm*R~JZeXi~5U8sb$D76JwDw*5Vm06N7?g<M@EqzD6+zs00_kWBg
zW_l@Gm8y(IW>AReYk*0YVQ5iMtx&S^pbf}Ww%g~6XqD~+0;Q$N2}ED|-eVVq-A=PJ
z2;4Uu%<kq#zR4Nnczq8R`=Wecw<Bfg5ORXMgXp-QIf3}mtD@uhF%ixR=#j@*rX>d3
zZBdUE1!~~5M3+=jf>@iLvs$Q?z7+Kl#Yul($HL5ogi|Q%Wm;lg)Q`no^~Zn3q)IjF
zSkn@(-W##u1eeIHWi9=EP|wCzEkS<acwT>sIQn4X-K~4XYk`(DR4nb|{cqG<NCIM$
z*c=ULi=nDdEM01-*4xs5u^6faw8RU=>-WZ6!mTrV%p*R8r9HI#7moLt#8@aUbHyKX
zj^~S#m|;F5{W4yg^g01DCaJnWlF<$QAZP(o%h5Mey<>^TP<+Nrl3qZ@C8y%m+(^OH
zdoyuqJdvSQ_jTqarRtjeTCE_r-orDcmzwADOaZS*bB|W>-hLEdy)6WsKr3Y*#mGq4
zjUcc15N&&)3mC&}eH?v_+RxfvcZF<^gI3d;*>U@>s#A7oE9p6hr7=LPcXwdT!MBi<
zQ44E^)RjWseY9%x`6=ms<*{PaqO$$`EdXm^;ZiK4I~m8~V`H#d$v`Ii)TLGTM|f+k
z&=%dMA@Dwk$PJrgwNGi;cz)e?doJ~4_aDn`Iri1TR|miL(vNQoDDz4~r~Mn=PWwlz
ztqg(@&F4q@CW=Bo+h3%gwOF=>RcffEEw)9!A?Rt=OQzC1Cw(4GNiPw28Gy@hq}?f6
zbjG}Q5LhAce1@%)U=69Oc+s$l3t)m<kuZ0R+KU2&YgA_*8b@qkX;B}PfO+g#t*nr)
zP#ez>V8Y!AN_~OAD*!TmVe|Sg{kv|?kZ5Oq2PM9pvU|m!{qLv)_4v?W6B^g$+qdVN
zJM(qzFf=l~t<Q$21MR)}<}NS<`PG}}?!W1EHT!0LKML4dw^25VcWlY8*^K;F-)sQ+
zbsO{5&Dp^E%a2{YAIsG1e6ucEsNPq8{TPb0uD(fwEZ?&FjhDXm((NjwZ`-iUeKtV8
z))88n(L0puWot5!C|;8RKT2A1!PaDGX}<6RnU`1dvz&2u4J$QzEmmrvLK$&T!3#4x
zwCL#lV-N=|S38SUkm5?N73;ArRz!|{5#)ph9y_cEsr8CyQyoqo^;SNHwPJ4W>xdXU
zCZVTE?}Mp-)+Ewutr&=uY1J+k%+sn}-I%YggHNTAVG5uS!g40WBnTxYr!wb4<~a&I
zxD0<sP9zGJhcUcYVj-@%5yOEIve0r@V@Ox=Hj1$tM`PvIVDvJKqd$3!A^@bPi%<})
z<6=(@Sw+q$4_Tw0<+QN|vq^pveO{8NvUufbfyZ_KLNJmG0$KE5?qnbr>|YSHzbit2
zHW*P)uTmP$gmh`%l#le~PF{m2t_%H(5dslD#&ZY2eVY+NS)Lm{Zs51^(CT4$xq;iJ
z*4P0K+(FL0V)brkL9SbbVVrW|;@~t~wU5_>H?N91#aeLZE(>>Uw*`0Z0l#g<ohQUP
zu^zn?Ox$?`xN~8N+&LVwtx!tJccMXmz9{EDQ+}~A{b$htbNv2KI=`!V(}6Qm4{L{O
zu_;;&zP<VQzcKiBv1M7@I2at0BZQ@X-Qc8k?pE(53(8>hu|w~z@e4Z(N0fSPaOW*z
z>#};es&X%*Tpr=QBblK>?~GdLRcpo4{Hs+g$q{YEk^%j_h;5oTU5(f-u8P)Za!ByR
zI{kf`+UnHvj9*wUf_hu}FXWKbK<}j2LU4wucf>WR+7hGFAFYl0_oBJ<cl0+n_Wgo4
zXh~AUj;Ie~a4pp~Mxm*vmZKtCtM~B#(~-cxuNcyZa-FzN?2OiFU#)%_U#(t$7y7UE
z)yQq<H^udzez6hjF~n#5lIHHm_Ql3mhr4F>57KfFU4T1R#6FSy5BHRb=`o1^+5!?o
zxpmH3<bMrwQ~DZ#uM;TL07!pCc`p$7V*rYMrD@I-kLJcI{X4qKIkS5&zDxg}Za7BZ
zPXWwQyYwHBp&YU1p14yFe}7DHM`#rNomq(MkAtI-{+#ah9|7KXQ0f5ysNqLQ+_sRh
zb%X1YI8u{ImLd{7MC~)d_F+m55m4QBvy}WMfgFKCIeo^gAJD!_L|wKFzpik-s<AI6
z#7pzk;&uX839wEKQ|c&zBGH|R^T+4{liwSd{H{0<N2Ut*lCIGerqO{OrZ^gc`e-NU
z0+ZP-oQqY7{tHy(6#$udn?gCBovBKiO^mg!{9%>*Ryrg$<NM1Ae0H$Wa3eN}@-@C$
z2ONomtMl!VeDj8U9XV$OeX~`_G|BhK)I|GgXaY8q%W-EUzit~u`|279_F8T@-`SmC
zw}s{22v)cGW~+a+n*6(@%f9T!y+7EWtNqLpT$0~wSye{dZwxIoY|AxZJy73Q<ZQ#X
zd0Ir-ce##%T(ECJ(EjFyKDLC?$iby+RErnM6`ZNr*M+|G`^+WuGgQUx)GOw;k-l8V
zEARx0=c#L?Uf{|JWLW7ZxT4|is3;I*;wN=$T|1(=v3X0ov5`?lQV6_9;L8Le1iA=x
z68N_|AS;O60zkfOdv7_{(&DFw>|WQv2hCfMR_jplQT+1*!=4?t2^lQS5MvIJhcse<
z0s2Ls6rh-0N()UvF_DrHdf;qgkVjrk{w(e_vze}H-fwyt(`v^t1ce=?IE5w5Gw+~{
z#iC-wfn`qjGS(1Wvmns9L{B<l<r+|SRqiiEg}r#UhTFiBv`6}?+|wqem`FA|tWEBQ
z+m=a>!^J1PF4Hq{Lw?1Q+$bXYx%LQR^<C2*)o9uyGIcyZUK0+^>@<dqzCxCk<7}Ej
zP@m@zlX4R?e@w=uGhlvXeGEllnn;Wyd~a{x4#hcnZtUr>L-CJ29n-6+c8$;BH5fdM
z^xx?eNMEJ6P_6GPQmvP;s`J~LRww#i)B_Q{MGcM<I8ER%z%b$mt*4V+1bPTiKsRG$
ztkP)JW=TC1ntO`s{|o^u0{jeJ_#S~X1Q;o<WJFh0=K2dW9xbN6>=^H%7B5YI_r?cP
z4JJ!y;pd3leg{2cTC4n~zPBF9wH$!LyU{l*K${JMxb)y@!PQye(6@u%3SPG7LVZXt
zgbw9Ghmgo35j?bj9QJobI5hjBn!IWx=cybhAQfV1qk@_VcwIQOSb@cj#-Cy(d`a6s
zXsoou7~}<5DU&{vNR>iK?)cNAz(+H6dR%TElN-p%i<20uE`{*+q$1Sx0p)SjB>fLM
z{Tl)XPLckW&Tjye@QT^M*k*Q*a<f@o*IsHiSE~LDP37N2C)BCDp*y>GIM;G?rE|GG
zD;#_?{f+d+c&=kR(hD62a~%hf$RZIuxPTn?cSSfzZi{qw)kw}$x$SB;OB)r`Ou*~H
z!B6M14Q_7~k=J+plgDB7mzc{c15s)+S3Q4jMsXrKST81T_2@(rYlA=%iRVzf+G%pE
zcpCp7nxc0&jW@Dstlp~JJifmK=dDuZiuIo>q{-pPTTkU$9$x7@hLhXjZ})tw=kmH-
zXFt*loriOshmpu45j?zr9QJobI6V83n!IWx=cycwOH_!ZjS6Ze;C12fr}OxeJdb-z
z%;PhOb0sG6OiMQ%4;?&ocsMj74u*~#{0z%cT%(A>OfwtdwvuOQg9)@^DKpqHP409?
zuV*tFcPKZV_m-W`<tu-&a4v6p@CTc6Eh8(P%b)VspGy5?OuvUx|LziVnWiPec+w6%
zrRKDk%5;y#5lid)81|UM!OR50<r*~+R6Q+aib=EUE==UDY$BU(Rc=DFMZ{t$K6`16
zyhaoIw>Y=Gb?4hvcR-{=S>edHkACau<-uInPNWyQj^w(IAdy8Pcw_-N?C%P4f+011
z)s&v6l2}zl#aP;?qGkeK7mk!6)9>PW7Ay3yHBuD|vsVze=&r73Rm1F+*Z@OQ=vjuJ
zNO@N55~j1<rcE#^D&Y7Emx?8S`jmR=sz*}l4Vb34<``w@?m|;>I5JBq_=Lf*nM!96
zQk=AVrnq;i>+%dS(?xPJ<E=GI9n;>GFvoG_l`%t2k?t%U#Z>7!iCdPCu2pqeDxESE
zW2Uxacn(c*RzY31gcg34X8rH*S>Ltca^MHMb1l)85_EIK?tKfvow*=p|Gu~2^97I#
z!nULRT@m(WgP7oSdX>`f`J(i^DIe*#;PYivQq$LkeJh#wj_qoI&3iucMWKW;-^<)V
ztwU_COqs8Tn)&GwwM&J)yfar&3VTT#xTwl}3Vqqf$(>>3VR1!LFatq<Kb9PYHHfCY
zYWcyW$Bt9!)T!h+7OH8&HS?`Mot85o?R7-wpN`83uGm+cbg2j}%(SYFL>3jlQ`TLL
zrmJ?}dgAL(q70U0;Fr?GZ_>Q~m-@Vax3=}N@b=bR`|u5HU{-Up%E`3lzGZ65!w9AO
z-PonrTTkY?vE|6Ih3;dyZWdn`iQ@RWVN-lvEln|XyRmJ^F)h|^HzkVx^!U1(jkCJ6
zjq@hq^#4WR{}OQEi6svK9|3Z%x3qiy6%{5xRz;bNqGb2%qlIUW+HbY{U5_w0#Gsn<
z7)$T}puO4^)y$#PfVDYv3$8599ICBLt79J<8(~bwpHep%O1_P*&FrFl&EUzd#<cy1
zD6%VU+o<l<#)B$rS4-GG6*OsPmj=*HI(|BR=SAlVedk?FH|aKq@TkcC+*?M;!>yl%
z3x@9uVUlB|vEvmj8XgqcAPMP%1Ysd4RQY858EgfsXQrknv4Ludfg|n1crbQ0P-6!Z
zg9P*DPBL$nVvq_(XIUTmipI<uxuCI<X3TQ#^qSVQpdmFPFMApKG*VrD)VKDOI`K4p
zXQi5dLYU)CyqLS;Igbdu+jBt}ECwzQGO#ENFRT(2dUsJ6UM(LXc`pz0FuOdV$J;G%
zx8sJ#Ptn0o$n5xWp@aL1&;cAE&d5cZOO7SSv0=218??AFioMr_12z&$ARHi3_{`!Z
zF%qp+EH@R^)%AsQI;L%|#_q1LtuQN3LUWxzU)l8AL0hIB!j@?T3s*j!e)zZuHBxRR
zo7L`}OY%js*t_#5OpQObm25@RPg{t~0xxb4B~MXY54I_~PK{`5k?9nRrbL?~M-)#o
z#bOGXCgaNIVGq+b7R^JwPw*v(%_O8WHaCQ$GrOrKfiOZ?jy9HQ;)g4nrMqdCKK^mf
z(#jr{?S$z%2y_y#@~CX03j~OLmuUeINfv_?Q+_AKl;8OQ0jAnu#jNFrVboii{7}lB
z68Qnq4_GY*q?+;SaE;<4S>jlFNKU7ce~sQ1cvG?vp)91>ka%<$(gpVCo=DEHjXFz6
z6HinXN)zhByN}D862X`JgtZC}F44G6A$V#E%g`B?D{+n=fiUXy5>ZpYw*gWP;z-Zx
zOOmiKZY%I4*1wvT7+Ee%()&Tan=Bw;D{BhCI!J{P5J_K#qu-M)b2DnM*4r_Dt-=Xn
zQ3@oDW%Y6umRlM3K`4ac1MiG0iFxnv^rl*ty)$Z|SJ+fwS-o0Y(7t7_7BBMSy+ip*
zy<1!xz4TS86*YUds==VVrjQ-Rdkhu7MK<>M;vxNOW6@P0C5+Qvb!&l%pTQj691dXt
z@YHmMsDipd9ZgNMTAN;XvFd8Tw0k8&IH^&ckT9Y@u^ovK=WiPe&x^oNSY4v{lHjhe
z3Md6b5_wiCPExLEVV=}zet$rBdkcWad$4dvRXkev6(>D};+jau$7E>}p+#CHVOl3b
zNX{~7pRc@ksv=O!*x*BAJ!O8X=E%JRvJWjAt3lL7ASxHCbxsd9uZQeoUEONnM^y$a
zQ}}NPyOZyn>b6EI^<2yT6)M!ReeeF)_Ooq&>zdwZ|62Rpqw{qeD3V{>+{Rz)nh$Qu
z3Y)G6H!TPSe>q{(S7vx#;hCC!UDz~-0KHl*lrWv~62I1EE}@@Y6E<ZR-SLXBsf<$o
zPw`HEGTNmjgq02ATNNETj@IWO1x!+TVC?a0rF%*Po7C!!So^DrR=Ovn4qp(gw^HO!
zU#X;lbv!&)d!a_DMQ_>EQ;v=FYwWIkNuvJzz(Iu}=r%D{Ktn<lbU~LAu`%WZdCzAk
zgm}Lx;DX}OioEZ{y_n1hy%CQHu5EA*Y@~+*Cv;K}7nDqC<H#JoR9)KTeG4IytpvgZ
z7$RYd&<a<bRdjPFM5nGK`yQp3n|n94NWShR>~?C<PaQQ-L<a4VWBtm8QW&J5*x%s}
z@~_|yE7Kgkr{Rc$Z$AEw$G>@WzHS>r#s!<sCv!m<<TqS^0tp}&+^`^Me^-PJ%>GWN
zS54`8D#%Om1d4n*%kg>W_yo-Ijm5KE<^4kilf2hF$zfU}=|D2{LOW>E^b;UtqE29G
zCna|Ql$c3vOdd7QB(>dGuhLa+BI%_B@aOkn9-Ynw*Jg#T3%v~Ff*_CD-xZ-N8(gcN
zUNxoXsWdOe6DU$<9{m6>=5A6;lD@Et%^7uC?hM(dZu*7rB*YxCqhtv7rP4|l>5D)s
zt@f5(3axZAJB_EnPE&~jatXvl->j*sK`RALD<OTDywL89RwATD$_UK8)jW%|mEx-L
z#R&MO5sJtRcCg<S*^V7E>K0uzEiZeJ<_}Z%tY~_5E}CA8Zl<u^1XPtkA<IhyYf<q=
znsC30Z(fOTU2e(M@1FJK7sU%ILA$ce;aqSF3?CQA8CYcf*kZDNXlYnHE{=0U2T#C2
zvUt+D(Pt<tY`1R#+|5a+vyf$`9ZgFt{=8e$&NS?;7iVfLtj^RSnxQl7n&~nRPd#!l
z<Vt<(a|*F;Lh&p_?{L_+WESkV@nWUl0SJ4_3vWzhlgR|7323Txrn)qnX@MF`T@RYh
zVyZ{VQH90jLo{58r>itvzaClYSba|jeAWA9@A-{$ZMpjO*UBRJhrNYkO^-{(Jd}#|
zRJ<3yiFa$nK`3I|1{bQy^znsgu-^1s)XO4B8L@j7AS&_kSt9N$P%)Me`H#P9EK(K&
z%i05iltac{td&EYpy)j=P!1WjEmc>>Y}0E)ITSG6)3TPK@Typn6RC<NxylIJbg2p_
zKSd*p`n8xp0h9X4c&ZSFf6)Oo9*_E@KNUnj#QPy~mJ+a(`jY<5#X3gftE1IoJxkSy
z4e5Uz71-DQd;Lw05wSP!X-SSjc!T)bjmQ6+@wH8Ltlwje-oJ_^`Fj+bG-6*XHj6FM
zTJ7!BE#vLf>37wCwYP)C=2QP0Z=zLu6ZTL1n`qPCgyWO_CdBsi-$tuR)t@%z#IG-5
zPOM^cV)gOAS;?Fb*DMQHl6v2mqn5Zb$|FhZGrK7Awe>9JwSXJfh#lJes~6Xbp=iA}
z{~DGt{~Gjpr~j(+Z|Z+y?yX}ZuE1cUm->_v6(M>uav9>1@$Id@BFCVnQDR;4W2Hpn
zwc*a0`x*DD$2FA^0QM}L+R|f*Z6VrNa9fCWzum^o>Dv$;mLi*}<_uZe&yW}ab=P|u
z{9$eHT?!nfZhHSuD7Bx!b^=_vff!!f$?>g>F-5hZgf#Ug_DW*Gv2^3fA5e3o=#*Y2
zK#ScaT7xspoQV-`1P`KkCgUk=@-`+}$a;#Co>E;-NY+L*z}G)RN~yw2k=~@d3j`je
zJTHIpGJ7jYMLN`nsJfv@eS%J(BrrmtP_G(pTmp|T{UKHS9)ZsiI78qS0+$I4k#PGA
zr3$sK(m$uXF90y(xnadIQmVwDZo#Na418?F*yf3BmrHEG2piG#Xl7bUsD6G{l5VA%
z-6Tc)F@S36K|pRq<8JM|FnInY1npXZ3$>*T+|V|+HP?VW7PnEzt&Pm&v+W{OPymaz
zMT9*^+a*y=T%%e%4_hJXXSjgI)GPC}iK12$>5EWU6*PiV6o0p-@%)Kg&AJQgay4DE
zRe9P=>Q(F|wP`NNK+a?nf;EU@D3EpOs*#+hvfQG?6UgR`4P-k8Am;-X3HsEW=H;j-
zA?BkT7w>rj`MkXib5I)q6zROF2~Fj#C!z74gVMlIjjL&7=YwroAv7mKiM}9ce^-Ri
zEDUUPcGXDo%gCD(`B|>ujAzdap?pL0`4@5x*yA!xA9wwHunWnHb_Q}m_{D2~SA=ku
z)Qv_C($}aK&&wHSxPZpgEAytBNME$`3OsRL2rpKQa92=LkC+uBs;~-C)rpYC_iizb
z78&a<imD!B5LAIxWJ_^$;Wg?Jee9Z_u@C~ZmW##KrD!b!Ol++-i>-#3Xf5g*-U1a%
z8pO3mW2F2DIgRkPT+Ca#*3wGMtK%Y`{yrSq`>6V4zmM^{aQ)0~#%SpDvvAQ73z!-r
zcY5x&mt@<gY)X!8ib$k1H?bEEi5M=Gvq(_N;4DB(5U!KxUlUT;HF>OpmKUbbr>M@)
z5I9cYGX#E?zyShe$5aHp+odg<6g14Bqe!WwbX$R@SZ@ZD6dRWC0DLSWJ#E**mZVrw
z(h3zHCPKOvkF65Y=G{6KbyYDcDlBUuQaLJm;n`e6_#)`(&dW&co)z-Jmbn0^!-X;I
zgqRgZvOOaz%mqgl1nut%@@bz$I=yO2&$IHp7*8OdxBE;k2wJ`K@{<f;J>-I*{aq1u
zW`m%$bb8g4o~P2h6i=W?87%!@@%GGEnya7h9frQk>TBJ@LUb}*%q&Q1I)#AvqFcj7
zo)zLE>`MV9llPwEW*^7R*e2kv;pS=`H<P>OjB1zFCzT$tSq>FC@WPn1BeES^6ItPx
zHbOEa?NmT8(i12sm%t9{LS>!N*89V-Lt$5x9i{a1WhzApEBrpXc=wd_d5xL2LIc^>
z&EUAQLgXT*Dgd^tSP-<oD?%ho+!&o+HKpgNATPxeC{kvs_TjnAQ&rdg!xpr7CpdLi
z3bIhKgY5zby}IZtu?w94uIvIw`&-a1Z~^_kRy$0P4q=45$Lb|*7Q4b3`%8#5v|oi7
zq{(cte;nc%h_!6`tJ-CsSfBo$*g!e77X{O!@x3URZkcP8OYB6^$abP=GVerTax$&p
z{#3CfXQRYsZQ9q+9ulTK5};dC4^vy#x)ZBC6525B+5QOQZQ=Hra3KrAP08kP<k~(r
zzl@uf-<qu`F#D2%u<t>urajc~?bCIljeRdW-!%=mg72CJ6$;xm%|W}SL9cR{uuctH
z8D<{!VTbf*)X|*)GVwkd+o48be|Ska!~F0T;n!avBoac?+HPs>*ez|#`E{4wmy+4N
zBe}>3?Ur_>Wy_Cc0fk-(tg?U2yUMQWc^D%`-IB5dt`hhr0MtI*Zw*26H4RX)lS?>Q
zA!vG$nq{7vH`FXedX-w0&-*V_=o*3R1WIyzw8I`YLW_|O=t+9%OrOG3E`>@Jxfbmd
zFn*l(Q`bpaVt4aPSJ)1j6}dihm8a>W&{}L@cFUOP7U9o*Wp*~ZAZ0i1eEV~6r*gH?
zrNlV5aFctdsSR<@+p*2rnz=I=57_6do%T7S(CgUetg&P6Os-)IG%gL@#55wd_~ExA
zxn34`uD3Yu91DGZ7?I=<c#fwj+FUPX7X6_NBNo~klVIr;?GgHr_Yv4fV35GW1Rf(W
zLLf?jHZihXfwF-v5cq5S%RBJpwYBZluFbbPe6EeRT79k!1a{tP^&{2Z<l1s85_Ijl
z)#-Qje9*qeHKZ+Yr&dPM06%cfj@w)Cv$O>&+5-0`n&%>|GI=C9k$60jiL;PPU&0_M
zu?{7Zp6Z@RoJ~xGCbiNf)}d@f8)j1b@o~l08-S<af{{KO^)MqTUpvCKLajh*MQ2n1
z|LQtEZWx5byT4hsOE;Mmn0bu8k&e0O02{z-!OUY`U1MFEudXq%7uF@Yi9*zu#d>M&
zO4O@qJbWkG^v;;tBCfXRKp*)QN%|AQbfm44pZd}`t&m^K#vq&<ClcJ9nfzcTo{OK8
z3w)WSK8$w8ID-`Q5dMdnUtLatgt43=qPcY$Yu>Tj2b0SY(fc6!C@}*7spidFW|r9>
zyO(Zk5Q(z7_)Go@x&fw!KS?)dgy9R6dIdoC1DI%nstSNZ8uq=^J(`m;oSHXT&Ro@9
z%v|uxgztYHjjoK7rxm#`zWQQTSa$)MQGgsp3)23s2<s^HwvmDKHRMh6yqs}H7qr6j
z)DSPj6IX?GWmxx5@d-X64r0XFhRFtI;EXscz<?Pud;;-F#Dq^Y$7!IGUfN(8B0Dy*
zh);xQi(pAzNojKLG#eNrWzdV->SF97{XC(Gm+%p!mjQ;cNA7w$*+rm-015Q!9szro
zfl;J53R`1`T814o|7#$JUS(q$<X|fI`kmv3&%OFNGSEEBK(UqPbKKsdCa%F;1Kgn5
zabTL!&**|y7?zp2XL%W(fK{gqZs@wpyv9<!wo7sv_7!p(F2-rN3pfpr$vVN^1u%xR
zqmv8$A0uWkt0%1ahm~*|f)<a*OG=iz#%Yj8IO6eu)4)zPGus(vcxXB~F@|V6@zK%5
z6a^~_jZVv%^dy!eN>ZG*Vb`fGa|^!@n!E>SvL^7-Rh=GrfP(|sT?R!gYU|Fh#e;VT
zTdZN&LVeuD&g81LaFIly@)e~jT_8O2TX-Rrc#M)B=wLGzf*W%|nA&?UVqGNwboUE_
z_IE|-%?4pHH*%1^CiD{i(DHJ|87}bB^VAeC#1mJAUbEm=X1k`R*=Hwkn!uN707M9M
z5$GiFS-L=g#3mkG0Ab6#u1*Rru#SQY^r;o7SlB)s-Xy(>s*3P51|kB6$!r0x(iWRK
zN1rF6t`?>(lcdCRQZkdk&Jx&@9$|B_c-N!lsmv%-W&AcZ=2j~!^~v}sv=77uCL-j<
zG9gQ(#gv=`NM$6E>%Bx~W{FfU5`3Z&n~eampAvBvN}IVAnMA}Gbr!RRQ82}KB>K?7
zk>P{K4vI?4fuqC61`iJ(9ElwrIq>K~@z}`VvBO7)rAyS3leR@xml-os$fzKrhr8)+
zUm@@t1lYb;e?_S#dZkQcW-qt!g)727Jk|6>;(jTEa`>~!M*(kC+3ofp+BTwvFWP>=
z{}(p@U)riabo%X%4{bX5pw(vIaiiV_hmofHuo5D_X=}ctGruOhu%<t^ra!-B&%&0G
z+?J7>!A83qE&?~I@cVAC{)P*`P)7J`Zg?mq*qYkr8eThm!I^99y5XfPgzRfNpLxxH
z!%t@cTX5BlYD(4ES~uUI=5Ey5+^rwfQ7TevcV{>3{*ev8H@4XB+jrCD$Nhp0*+$HQ
zO*g7=_HIK<wiP?RbzgSo8v1Wg0d&CK^nnMd4>#_y@4RUP`0!yzzrFjW4dBD)?d|sM
zH*EkPK5YMt-G0P=)5d;2e5mTPc6$`3?B~PBsyeAUz=y}|QHOm9SJ=;oGtN$X-z{8G
H2kid?FYb)n

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_state_builder_unmapped.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_state_builder_unmapped.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..7da4dc98ea63745b43493c7435cb4677fd4bbf13
GIT binary patch
literal 40245
zcmeHw3ve4pn%)2)fWey&k)kMxf@E0|WD?Z-X-Sr4S+ZnNGDnb=rOpUMLKG|rfM-C-
z#AUsAw_8~{<+}A|*IDo75-Xd!I%zAFRj%qPj`vdQb6s+m)FvTB*~HCx6X(`-8z*-g
zJ=UvOm8#_XduDnD;E({dl5f4{i2Bjp)7{h4)6@O+*MI+WI~4K@I8Ogb<auSkApDp-
z#u3pSw_kDy!fS#g$b#gMoQEB<ll{65H7U-haL6rtqS_g+>}6*}S;VjFu<wvx_8$t!
zfkQz#cqk-?4u$3Lp@<wg)GRk2YLQ!5x~9XehuY*exZRRR@=DHA%>!$ULYTj&A_Hqp
zpW)i%k;GFSk`Mp=_#Zg6P;&Nq1wjg)YL-H$B2xHNXj52<bP3NlJ@1e^;rDNHO3mb#
z7j+9#RBAcZbt>dWhEgkBEzG6m5k3_}{%v~N#ht<mL0ZryNbQ@Q+V$lnEUW`z3whX5
z7S@TdMLevVg>@lpF%MhD!j>RxDG!UXux^Ac<6+B3oU!F8KORCNmnlYzX{D${&*bIk
zXzqNfP)H9)<+PF?m50*Nv#H#0Hj^8PW^z%fm@1|pAI)Tk({kMJKhBaB&!&nzx)QyZ
zDV~j<&nOC|DaiQ?8AR?)!9S8izVPLWnKPNRtVHv&e>5kjhw>x2Ov!r9;#eWAL{oA)
zntpL8J35SWXXO0(Xz^@1s!$oCXENDzPxN9+&fzkOpQ2{-BO~eIo+!%8B2K#%C7R7B
z#b`!}4&`NBwwN7@7V?GBEHWI9`#+-k?~jS<f_?en^nr9PEvJf^d~P7EjAn~!WM5%)
zuRL@%Q$)&9Iju&XNEgyM+|JP00XbDTtF}IoQHJst(sFtjX;|&4Aw8e;@RKO9+I$Qb
zLp`70hii`H<uNsQOs}HjxMy{Nk#Hc5h`6|NHdBZ>)S$KI)%J6vr_*vSjmMT8P8YKI
zvGb_Z(sDdGrSHP}J~K>#`%DVO@5_y3axbcG?I&bB-6Ykt>Kn~vUKmX$Gs9|AE_FVw
z`cuWCoH;#;3#g*;4Aqu`UijpYQF@P@MqT8FJX+gjG6?Cy|Jx@aUK0k<$h0FNBpeB6
zqAB4X)Z4ls3^W;M&0oopaP4v!uj?>g9=yj+$t5+#oqc$txBFHKF;A&)pPZ(qkcuj)
z^M!0WI=%W?lcvUvMiMV|oh=p%%8tIibK8{OR3Q`3=7&<*9a}bS+V~L_xa4QGvtxaH
z!{#eaRg_V+nW2=Tx-;ifBk7n=4kMOKeVE)#qLoA&gc?j)TZV{cQOIX<MY)AehUL`7
zq?|s3hLIaeD>0W$)g{xNtKPkP2lgG@vgwMaHgig9UO}NGQFf?1_w6_}u>aW6Q&KJ^
zpP|NjitbT4g~wQA&Ln$DlBcydHEFyF@xquII-fe1MrpM6DMyiQH~uS+Li~pCvsNM4
zUFmqJ(z>`3YN@m=s&qZ_e*4O)_MUQkPo<@|(zbM}?ZD;Kn?2>_2Pz8}-E8v*JvRiu
z+jAS~g&`8gL8Aa`2gl&Bwu3<mWe4@_^jx>Q`W%)}t<OfNB}`=fIKm{~b{C$%zqElr
z|MQs~o=`Sw_uf`Fflk{uCtf^Ldc>%b=nC67E21k{>sS%}^)G%zO*-aMMe2pv3*#Ni
z=Zbg-@vQZlO%CNp@lFOWq~uKMbT+NvBB~%$!!HGmSBe6WkC})vRMap}l%xPPWW;CQ
zm{X<-lrbU+R|I)ExtBqxi`k<cLVHM#@ZO6aHQs-@2QfC`zj6TLH-rxZ%RUS)sw~=A
z>D*sg7QN|h3WaaDJe~fZg@w+CEA0<m9(dbv)8#~fM_9Ph3|Q#DxiC!6JnZ(cYpXuv
zmK7EKirH-`L;NkrB}M#atsx7CwKY($V0qh-CMxs^3876m;Z*RxE6z6IAYQ!uiUDhW
z$c2t$&Lemg14yGdbBK-p!Li-F5<V^Dj1Y5{_VJcd(`9R;3NJq!I`ReTchQ=v?j;^`
z%e}as9EVU_iupnw;|+R;Y%(unfKxp~V?*@p+G#{n^4SaNVe32ZlnDc{z60;SnUh0S
zs8;Y|YtOKqJwtTh`pA+Tp`k^lCr1xX*$IKy)Gq`V(>vPn&{Rk4lKkiEwoi8L_ygbN
z^>6I_-JSo+SMJ(TiL_L@qc;N{dR88{=aX9=Vew9dI-S?r*9V92%MWVKblfH|^qO!=
zkR3o~KxDE@a>`ATt4omGQWK;{azlD0k1UROF;p%(j*e&l`9g6FI08e+Q^Wi90sEsb
zAg|Ka0sVE*aY34*0%YjJjm;3xdan48Q6wrBZ#vDWDr?iB?qj<nXX!c;jy}g`J#Ef8
zNOjJR&H8W7HAt@wJ9t=AqG`Zqgqpu6H)vf`&Yf@%Fi2~jBUjEd7&1Z<9)4A?<j#LJ
zA?`ScCi`t;5If))ULgpBG=8vSfX0uS13=J|@NIHP-jgqGa&D$4g+metX_#ThzyiZ%
z{;m*=`=F*VjE=x^l@2qW;aVXK(g4j4qs&GrQ(aZ5JB@heuU+b+4oQ@Jb1LQHs_WR6
zGU1+9I>fWwn{DaLR4A3NZfyS4>c;dMrKuZJG-68rxVsm_cFr#aq+r6o&cS?vLEOD|
zSn^t8gqgo9ghar|%lJ(@q|h!$&V&EnU5>)*BcWKhv}Z4e-x~VX-ZBLc4iMaY*)WO>
zj{<;1b9o&_W5klj;__--^ooOZPIukw<Llz<t~k_YKIj0^D(Di~*mcEm*STxg6-Vjl
z!)pp-n`4Uq*L6p9SCm}qV#*r&-DsSGLqD}Xro?$)>;GcR|HbGoEz!1^qPj4Ys&4lB
zUvaB0<V0dUiH#&Slh}4Qf|*2GF0yN_$HmkpL|WH>CBmQ#>nPb+CkJp-s+&O|t-pPY
z0{o8^#t1AWQ?l9u9GlIemoCUd`SS(LA=DsFGuQ;gsHh$W5EZpEshrJ^W~oCj$jOmx
z{xrIMHtze9N{Vn@K~}?iS;0_I`(-&Vt8Gcb`Ke+u{UUI4j-mN0LA6OqXU`C})F%jT
z*1@X*Hf$r5rW#%yxXF8|$N?&ocGnxMo=sNIR;y===FzUdUArmGvwpooZ$HD4y3od*
zm8?=&!vT1th6B{7_tLlnZ4##Lp0T@+H<JF>aOvCs9Rm2HEqZxFxh*~}zTf=tr57(f
zKiRx~-2HyX`pJ%s<AD!byT1`1_g0!0ek=6#(Cg>k-uh~2qWSQ+`-8U5Z|(W|o(XZy
zE6S^TCL<5Qb?F5r%8@lwqW(82u9=8D#J!s1T}s5m%2hrs_&ssWtDCJc3?Gudx<@-<
z%^L1YFYx%>fovEunjggG2Qj1L=0oiKAST!jVvpAjVi$>NQ3|P{bZ<TfriOP%L@L>i
zV<i{C=<VoV<Q*gk5V1i^-bJoGBpxF{-KzXJ34k;~ehQ*rK19yr5Hs|Ut62|cmMTf5
zvg;)G*6AecXK|KFVfK@o%WdoD`^kB*FMuna2m5$8*a3LVrwE@Tu)lq84cITHPAh%6
z^hI#=X{ENS1lMhVw|L3v^FOfOF~)jFDoYald(tS6UH`bRPXE|QCJLH>rH9;7Zrkvy
z+(XKb;C}mKK2=Pzc}Fs-`jg4?7zVRxxP!^$3!|wl%}C&jBta9(N|72wE{_0jGC7<d
zN+#vMi(KSk5+e|5dy?_QnW3af_ahcv%VZVhE#xIZgpNWC#NQYGylL;PCZ9WYs{`U=
z5?TU^X3s3G#F=``lI$Jv#Jp-ZwU7RMF8y@o90(<2xrh@>UqM!-T{XlK#qZ4`LDd4&
z^cAGp=%r{4y=3&YIR{oG99ajh%MO!Ps-c^vQ%kNvPAu`<h;E|EY0Uw;30(Mg7o(dv
zMPo(+-DIqu3RQGd(~NWzCz%E~g=FRjy2;JxCQlXJ<Q?QB(*Uq)?O`(lnOCu;WK5D{
z8WtwH$xIDj?E$)pQ)WhL^z~klVsj}a(M{%cY)fg5B~?h>Ol4a-GZm3wmTTC@HtD8%
z`I>Z7y_hE5<l}S`2qz2OwA83oOZjNYr{<V}ZUQ%Np_?4BU}@{#nh}WJy$0ZU|J+e|
ztXX4q*pk~O6xgJ8<iq4;MEYaodYZ%$68$8Ok~l`<84?2|BofCVW<dB$*cg_>-PjFV
zJ7@2fGy-IX#9yV0{uKlxKEAPMT>N0^@^SIH*fr07%v1O_eJbzu?EBz(3Lozh4)j@O
zpK8{beGhN;sr6!-ed?!0;rFsNG_dlFvIlBElgcV%Y&}w=o};HtT^Nn9e_&AlA=V96
zQNbA{$qHmL!H+l68_u4`H}L@F(<GLY&>*fTXUOwBiE|{fB+io{%r9Rckt0FzEikn}
zUJ?Wk6&f%IrXIM}6aYf);s}*u{K5!zCEa`i>%4~Mk^x3Zhlk_T-@~O!+l*8C0%)W9
zPBW~4E~tU1rUJzSTm^+Xh7L>TvI^>*5tf>-Uo)zx<^U`e87%cx!BYR6)))VFRzU%~
z=2S|8rDk2&f^8FER>4v;m3>!dB}M|4YuLwruw7`7!_trxw!l){y>?j2*Z3-EqzaZs
zV$G#pduw26DhE(%zN1l6b(@hpRu>fWMXUxAqkArwznEj1aix%wKcDWqkjiF;`=A}?
zJwK)t)AHCASFN_z4&2LqCY-f?*eDK`2AM`7E0@_1A8e#6(y;05IbFsLD1QyXAZn#+
zU8UpUN=p|MgBJM5MJSxKtomFn)6Ms^P|oC&Z0$`Y`AY#-=X+ZHfdBxTVD;1LX;<%M
z`rU<eHe0K-P0H1ra8?&+nv}qk7B%I&K}|hb(@2&{g-U*j!~^I;SK-pdBq^h7g@po#
zZ7+Jb@m{oUX8#)ZQqz&Hth97~4m#5M5dKT_oC%=YLijN{L4uGohwzWzY6=0ucSC4!
zpJLcU__a7wk7TY=Uu>c0{;al%;Aysf;G-WRkJ2N0n6?K&+gM<~Jwl0BX}J;u42Uk=
zZf%;bs;H|II!&$Sgwvv~=rVa_lPk7SS9B*FcIt|Q9GnjXQG%MoU{9Sw6zgUKoJlsL
zo!m!zWwyJZYwx9h#$FNl#V+XR+NmtI@%2cs(``mx=A1l#(SWVP-+?NlPx8-+w<Q?Q
zA?tuGr)mOj;|`50GG#_HwJo%qo*F!^-*QdcRObEFjmbF&DG+xt^*?bCccmSc)KMeM
z{Iz!N#=Svvg4F&-q~QD$sj4Y+3RCBaCmzrf8SyR`dIY2G4P&k7j58`M!`l`W4mkS1
zv&*$iIOB+gO564tyOwCI)Vr38XVbZ8%ACKPO<@?VR+ZLBpSzK~T)>X3USlAW>0O6L
zIb+CaI;~Ai_*mLsrG!RZ(?<Ni{TReUDB5dG(f%NC9u~RiB}aJeu@eCogxB0r;Rxoa
zq-sCn*y_T~IOTtUQ~l5t^`1{F3bx2#*Nij1PQ|Vu?64YEoH%VLw)-BXJqa%s<lXAi
z(|TQPf}-!{N@|rt>XS*0LE@@E@kcd{%-wOG+mCP!g}R21Fmst`J^s#fZ*G}rTY1^@
zz3`Rrdu?0ZdG3?j=!=ElTGH*f+hb84-DD`J!cn8Ux*?`OIaPI~ax~N1ht#Bdx`D)|
z2U(wYduQG^XFPDr`ewiU3W_HGHiWgR<*!rdKZN+NbS4Txb#p^-wfX<DYt5^k8!jRA
z=$jXQ@Y26|>Am0)wQJ2M@;4CaN{dW!YgK4PsIX?!7t&ePOAiK`p{n=Uy#xJE^&ens
zFsfI7+VX3Zx}OAFeR-N($4FE!!Cdjl34~(DL<(EiM&uI|<yjIZN&Fo;XVH0GZ}n`n
zYPN1xXmM3nV>Q~DuBN4p>9aH?b^ATH!vBJ+DqnFJQ{|4%O3R8$*ZPJKUa0MB$(NJA
z`|KOZZztak^;UvyUpw;hk=Gx2^WylCa`3<%mk^HM^ayPU$J;0V^tpGQn`}KkAs&B4
zLCc<ukn`Qh@hP$DuT1B8n8o+5cpS;JGm~&nOL<K^e$$Co@j+Mgjri}xZ@b|}Gx7Of
zQCMraEx4MsfRD-bb2@d$BQ*JcbITns+z9pg|F`EO;Rg9$QSOl6h~@DArq3FFOHa+i
z*(F#Kc1>h#J=N@Ir<h<#={oGH+68>5sP{s>cW+Y%_{V{k16y5xy48Qs<DJK2s1Vwm
zGLOfoA}j|G)dL#+=kb`OnyXjke%bNZjz;m=G%h)=hQSM`bDUHtc^O*_p4iP!)X*9a
z7K(irPhd7cp!PRD-dS&z@y#~4>n5(JEP~K**P*v|U+s8x>+5IU$bCEaUR%#wyERZD
zvsFHZ4E_-!KTz}(&gF~1(8i+NY_%c(3l!!S-2!RHXz<9{=2v$ezPe>1xa5-O_rw1z
z{9Z8r)^qx8{9{CuFHr&;%%Lei+Q8Ro6{#{Uk}AewM(jH+@sH{9e~;siuC<kpWsNdR
zjpB~OjyJdbVE0?QCtD9qh=&Mw9GZ-f^WDgyDY5FWOy_x+#rLjw2+6cFlW<Q<c}+ZY
z(~0V??ArH(=iYkmwhQhX0@PCpcffsHa1!o7z{lkJIk|q~@&R?YwJ@NLCZG=T5$eE?
z7Dw;_b67%ev6MWNWzM3r%zt7%L3jiCFu{`171;Gy)^`lNA^$#}f<4A~3G<!W?Wyye
z&phXoyDyy2Yz#wxMdufSrR{p>64j^V=6q3MR#Eso^7NRtB1+~`NOL%@28|U$S}84g
zu;jUZ!^TqJ{Fuo$R1@_NbVMt4T8k66lw!7yU45p`Fqg@(y^IPUwY3FRrnFAAFr8s=
zqsN_L7QOoNs_(_G#NP{U<Fn|R0Z*QF;OHsR`h+oX)G3;_`*N1CqfYvt)9}%04j*eO
z9o?0d?)x`w6+gpMNzBFXGPO`lC7+19{v_^y;!&@@py8WYCy7=n<nNLALlQX>HHt~3
z`ze$7A^vmy`OUYQTHXFzYg*j?k5|E^Ep1S=A^hhDo)$aiZkb^*y$45_EvLQNJZvPv
z@KQoI?v!apzNP)zS<X5thH^xd={rPeb9e^3#lijLqKu(5?8ro+B1`Lhu%<MFp3+a<
zGY*9g(;$#;oC`)>V5@<+Np_rU?Q<H0H|#YaC+*m*|K^%(7e(B5iy~OmfNcWg?@4%U
zZ8&%>HXQimFegg>{ObuHv*GYvgVb%%h67ZuVZ$MK@@0z+hmg6@@JqX<4(*&dl@j_p
z7R?<n!?lN1In$`a6yjM@@yVf?)|v{7G2yzg`BSSKldqK5jp;MmpA^xxmjY6=)RGA3
zHXMR;u;CCi@-lw0h|{XsZ^(&Q%(-IUGNm?Z`1v0V*r@8~U=lC?lSG)c&vBz}hrd!)
zxAwYqfrN<Gx!~kWX6vk58zH0Qbz?UEEW$>fQoFt|7Lhung^9?0vXVhHOqMcex$L*=
z)Ns^neTEA)?EHmlxbyQ>!y~P+MWuav^^t>POc-9vW}_o%7#B=gO^#^8Ngn3>U<Hsi
zX&EC+oULccU&eDVHAB=^i$yLN|G1DDN;8`!CBMEJrd$}ZsE<5EsT<kyP3u!JM`?2d
z_DUE^G!2$)i78kadV(&rAA(kfw%iR{R+nJWL_VNpzj2oAxs8>~a8>3p+qIZ`-Sa}~
zqH4f$tt-vi5)2HDL9>xVVYS704m_x4VMg0J{{_15K@z7({2GbpNF*Vw%Qfq)p3T;^
zo2?4<Pkil0cWAaqHZxRQU9_aJ=|9PA)+AE~rh&euX0cL3{xcvRjbxc?mTiDZN(BNs
zk&9MgiKo(`tMYXD$HUNxT)MW>6|c|&&{DwYrTz(Vk)|p6(!{E#CYulas#r9E{gX;$
z!Pma@@|RwJp&VHbI%q1=SB~_-F|m=@A;_|Y<^jPo5$V$ypzGvbZefG;aAJlwRuM{C
z9I!{#*V;1`=`BZkC&WEhyO}6QV2efnyC&|Li1cdS>*U6j=+vYo9PX>#JOy{WC+=aW
zyNZ(((JBdv-u^T1ObFHvzgoh8HzhwaY3Qof$u~y4`(T$0_N4AXBR_P{8u?+Sksqnj
z$Zwt#S|n8->W0|yscmWkW}8zf8^N?(x8A^A4PjcI3YfOVQWJF$aNU@VBQB19rB<$y
z-zF`%ZyNdSR*igni+M2V7*w3=p{<~sbo`+my3KHtj=4}S2&DVdL}(}4P5z8g<HNsK
z)tc;)Zb!lcq`UCs-^>B&ny9q%zPB5WqK&&~sNL{XXg8hGqPUYOkwv5~X)(vj&2yNI
zG#kB;@r&6Ao?PLtV6||*p3%x4cs+}(o&hT6*q)cL_PlhyJ!@kKNpJ--w&#&{-2`k9
zCSbcu`;Ne{UWTkhYvh(OMKMV)o$lJn=OV;%Rq3<a%}wODP>zxh6OcZb{m#HvH2abN
zfP(#?(DfZd@)r?c&QU(1sYfGo6e!m@Gdb8>Y^7NQEGUv0c6~yjx{0V)t~kw!NYxw!
z)*0m|ah;gsu7{RJGdWClI*fd@5F;;Rr~M`>R}YB*iNhr3zR8|OdQ4$R%}YyNt=`qh
zEW(kN{}UyD2f{jW(5)V7<_xzeEjV2}i_lH!_OWTidHuO3tHHmLBs=x6;YEA>^$7&q
z1u*LbqVddPG<7(Prwn7g9wF3K>E2xFT2pCXf_XxSrVbReq0$9Y%T+-=m9ABlb|U3r
zk9lEpyMNsGvlX=WDl^%<?pJ9#v9|Afec$byY~JzRzDv)1YuPuKUFjQlPc*}B@u~^2
z@AAW#T}+Ak-!-vsBC<;JUbnb;1O#4wnET3AJ{~+N_EpGWWY4A1a-?TU)c>xDJ<L`l
zd9PdCJOTnQjdEYP%EyBz#hyxJ>4doUQlcDLJ0<FW*Tl8sFKNE(rjwsW*rf#bm8*O_
z7?D1?<rP|XG8^#!{*m^h%bKd@EToaZ<}9tC4DA-6iD!>HXE(Y(NCxKFF+g*mnnUt#
z_h2@IMy(y#cT6^asTX61of-c+Ir_J|F%zO*h8;DmKWz(QhlTYg9p~yWvdm09K+OTx
zUz;Hj>)%>)65gD5u-ynXRl>mfhh}8`Ilnz%i`Z#rE6`@7iuG?EB)w#I4A^cYFz$`e
zEwkKgUd4v>g)tnyAJ0H<982O#gJ$Zec2%piOAV|;Go-ncl4eNeb!<y%Zja!lLkdeO
z+tQh-*bK?MhJ9>v-cv6opZC-)fyw$CGo*k-GbEGsCuWfymb_LPVdgJzi5=@tGbHfQ
zob|V9nNo+&`mZu`GhE=Lo3uB124>o<iJ96casLaem}xUj)VPlMi~Hd756d0f$87wG
zSY}zA`(Gq=@%c<(u<?4fvye^o%(?%O_SoXm?i0jw@)b>dv?K)>b!HUgv}yXxZlP0K
z<5a`2pLQ-SCw1}}ihjU*7t^Oz7liyDP-7)OTs!db1FX8r3lSjGyTMp$)pJ_TpG)WP
z1p&fEmaQ7p0ND3KO70D0bz9p&PB-5OG-Retf#^2O!Y`Y5S4A(&-=}N*TM~?<UZ83I
z(?FsIpE$bj@cx0M1SS6?GK~f5!hJ{kkMDh|AE8I_wUYhP@qxX^pE}xKvsK_;(IWNW
z@(&<p;e^*(IAI;BC(ouXr16;z_9-8W2|M-4<1;UPTZ!O0`5Yt&_XdQ{{%Y!W9hH?2
zUk#QQ?s~s{`BZzn+#Y|wJ3iI@WV!pvn;|dbg_{{KjOgHn7uiG$cr>OsOt|h>ohd#s
z73l%onh;OC`OKd!DX%*L*TlLL<;aOCQUAM!5CUZ6y-sd$xa6L+gp+%nnM8{K`JQ+}
zQ=K5K3s^{;SykiTQ7gMn;(Zc15|l_wPMh-NHw{7h5ejvUWJBiYt)>O;#~inMmbxGL
zcz37!S%;Q{Vh`azKMZtqdkcaZ+lPwXsG{VB^hu)ZAMwTf+9x#<`kZ9I_<Y9G(6z{%
z#T821kK-d)#+-$()3AAL0fzC%@Nuggb#MGDS4Ov2t*QZfTLX=20OIUGBM9aP_hAiv
zrztEU@?ERE8iky@Pspbe9=5z~?jXfX+q8Q%z{zAY9Zbh~6J88);>i;x=?9p~2|_zC
zSYyzD01j;_VTZl4MxtpN{6br?q~e3Bkq@IPcq#xKU)|W8Fs>Vu?|sAvC-gn0?1K}c
zzLf48BsFbzSn}ea&p5}*$RUt%hoA>(D0PD(yudy-vF%y5R}mwpNukgRF3q9oJ4Zdd
zZSt?Ju}yroE4wBk!UjAHW;<vw!~Q$%vl4KaTl3=68@)NG5!XRG$FLQ0AAaO-ks$J;
zWL=frO5d3%jBV|Yh3)pbY5Un)r(dU0>w+=A#(A8etJiQI-=VNU691gUB!rdM*rw2%
zU{V>{Qs^2s?C}E8_v`dMk))7?RnTlwCoh;mu7q8;p$&Nr<Z+IAy+1@LbQ3V<a%X)L
zFk<9up_fCio_llac&IGy`ykRW6^WH2F`CN{FfnaHALBD~&GD|-H-3?aVG?inaAG2&
z$HpZ7@&J#-9UuT^S<CZaZu`sD#aZ;u_^Y17rz-Oo65eXPo(A>KM5fu}J2_(M`aZ8#
zvv^lqH3Q{ChW#Ag?AFmi*SDI*pIY5DI^IFojmhUwl3~lmCy~`GpWc=G=djY_H@a}+
z7hO47%|cgB23-qZwI6(?W}1PH0u&VfNNUOdC=p<-F=5nXLu+qh!i{0L_2gfeZL#jX
z^O>g9cHh_D_$<-5i-y+Tcq+69@BsSSTUctBIuc?1iA3h`L?XtMFn+ZsQg~Ndh<Xn0
zM7`(dR?nTRo)?{b|DNi(>%P}BXFcXr&pZ|Cx$8mJ^GF0-0RJSN^;=oo!a$TXrc=;L
z13zF4nGDG2_+>R7lIqda&T97e$$a9D<(iX(W9I&OEaQ?UuCM)0mi!n>z@W~wFPIP;
zTUuh#l{3Es8`nyVg7I}E{nK0cJeP`fD$Ir1M|tJ{Oxe>8cZQzi-yzq3Bth!yWZ5C5
z<a734+tTL$e@T%aBk?qeBP9As93^p##4{uYNJtR6GMb$o0Qn0PiGd~?O*8p_(%Jt-
z;vEv#ND!`?g-7VM0aV6>Nk>*zg}4JmB{YnxX3nTY(CYgTCbS}QprO4Nwa}`qYpSic
z+y;fHjo6>p);k%A!+8~2SrFyO#wk(%n-n)rMB?15Io_pIJgi*h(}Ld<H@>>n8pH4*
zDK4j-vE~i;RZQ8<3u|sfuPj|TwRCHF>DD(L<)u5yV%NC8LYiDVuXdFqJEuhb@0z%i
zDRGhay2Z^SAn<Az_m!)BJa|&vS&8hP5D&h+svJ2uCF+0I#Df!&-J18h#myri@NFzE
z>CwwoJ|2un^8l0R<9UEdY6tTGQ%KAMObj)2pgnM?I49u4Q_TZREPxX8W=_%UIW!Ix
z=Ty%;)u#e5w;QCb1~9GL`1KvPGeJyzMxGgzxR@Eno(U`|v0t_e*N6SDns-LjDgO_&
z#d`3t!+HhURI6wD5v65#ss;f5OFF>;poX^on!^4DViusaWj3H?trKnktwAQL$L<Yr
z&79*aHP8#&URP9FNa<$otk!28daa%iH(%aSj^HDw`rkEi^F(B|=Dlul^9TsMyo3A7
zRX!d(DQ>PrmQ9GUOIyJCO^N#7H8D03S*CffTiiSX0xxahzH*h12P4uf&}(2uZqK5v
zg5?I7w8TDBOW3ETrw@ahGc0q=zyXHtnF9<n4lq*10e)Wf^nY=PR$ov5!E%6x7K)E)
zq1-PHkhCM}aDdR$4=Bz)O-~;Sh57GmdMU@8N1!4=79exMTwtEH!U%|ifr`bP9b6(U
zy>ILwY39Exb<eYdpGG}%jqw09#+Q{ga*c6=l(VjQlI9SDaYPhiA8Rc~SaRp`y_sPK
z)>Pk_)VVanIVCSS=~EI-<gjRuGxcQE&3-J)qNH1-DFZcv?iSmVe_ByEh*JY5->1|N
zex)!kYn+vkupX4d6I6~~5;e=3vodt5n{;f(<o`nn8|LUVt0+dTC)uJWr`EU%wywRS
zY5UBbqN~m4pAt;G!x%bKVS7o9c6O}N^-!gK@k~104Jd4XmdU){O;f!GuJs<6>^KN{
zY5(ibeDlR}?}72aM90Ajsrc-?8kk1wL9d6?db*o4c0}t1xQ}Q()5n7utp{uwzqGSV
zY^MHqO^h>aN#5%gH;;h8OSrNgy<Fwv!HD$9Ew`}nDTl6H9e#RcwQ{wHrt8B0+y8e4
z<!YuUgLb1GP>d$9S!2?~Q1q>5&ZO#lqHe%O(#WehPHqO270FKf46xE;ft7se5z3>!
zd*1%(XWKsmRog#<b6Pz5+u8mZl;&o5r4a_=7l)N03(H}vsB5Z1*Nw>+jO)haYS2=c
zZ~u%)&G&8lXN$J1%nWY4ZW`#R`ockQh8F$kJ+|o9`4(N%Ie?2a`WjkJZirKxZ_yV1
z*0MBT)uKmQVr``jR@F<c-UjL_UBqU=XgW1?Hi|EwM^BGtvcu6KXlGegjpd)<foSC2
zm&rvtTr5D3FCI5S<HaJH`dSa=L0f1vP3*(un)CW=ETo~kKc>`glQ>C&*<tsL$f?5F
z^|P<Ts#>fK3f+>a!3LM6#HM|Pry9?(N>i}^jy@HiWEG}9HYe)OCWk*F3^&Oz+=okm
z)u6zpud*7ZIl5NcSn*i6VX|Z6c;Lg<?r+4$y+D7ht0&fMpIE(PvSsJEr@|rI0a9&y
zqVgFc0olD=4o|G!I@z-AGkhypl4ca3Zjdi9vzGUV)O3GJ;ueX!B>o?X9Eloz@Bc<&
zBuKGZ0Y+i^-uvi-L+fsJH@ly5+*;Y}UVCfh5_jLnk9N8@X@#H^F-L!F1^X_kDpKn$
zLgAXJIjD=0g)!p3<C-;~Og<Nv(--ATF|GP|5PdX(g=tC>{{%Uz9xa{Pnn?{o|KkE|
zBc<c#^TX+^A`=3Yn@Es$mJH5QkV%7^?az=2CCYvXb&)kK`_{eoZlz_`O{o6EiO2U3
z^zT2uUy}cV61cEkMQs|+3>D2DMQx%fm)50hp{xre#z=gX1S!6=YOASFReTi19nGe9
z%Ry8q{sg5P@`lUdaNKmd9Zh$_g2V9@;mhG43!ytrK8N#;0CAhd#|s3<#v82yUfT9;
zmF9(&?iH1#v8kn-%1bv@*6x^EJ5XLba5L2A@KoA5Zn*IKL8SGD8^1R^LLhv@OD<7p
zX@9l&^}r1u`TRm;@r?kvf<ot-8<h4&Snzay93fXvv%@p-@b;ex_`R`K*!Jj6cL143
z+9no2e_-_u7knSIEu84=fv&~XrgGb+8x#Ro^R$2Lh3n3$6^__V0piYa$0Bk<+<Dxw
ojGPd6`W=rt{5J)NI|rS|9FAulHwE@{r{K&w9Gh+lBw3sK|5W=h4FCWD

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_synology_plugin.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_synology_plugin.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..8ec8bc07ca952fb7dcf16110de1516fe22c1bc32
GIT binary patch
literal 68821
zcmeHw3v?XUdEPGefx+Uj0Ko^q7ZxB1VnK58APBxm@hOTDDH=mav><D>1QsA9a2J{Z
zNMUWovg_kOty0T&6w9`1(~jMcIZ2~7X-mg$9=6)pImziR79`-QlH(*!Ql0dqeAtz(
z)6@3*@66mgvpb6g_(&xg!{v`VckXNM%>4Ji-~ZqL-ma_+xNv;qJHcl@{D{l-H*{hi
zUL$b(y9m7Ml3j{RcFQFXyOk35*K^#fmV{i#eTqLsS3D1w9+wp9c$reh&PyH+C;`NK
zA1*&$p;R2NR4R{GDOK#6@8RI_YNh&kjZzbG)w!BnvVWyZF5On5*QqRFaT4Oncw8-u
z3m~qX$1P=X6^N_kam!d-72<+CZuwA2xH{F|n;0Gojm6b5H8hx1LSyIRA$cN^97zsM
zgbvFmLZeFZ!tg*`35|}74-F?GZ&PzlhD)@v6S1M;{u9amXEonwY^?uW*rNpxjgB8s
z`p*rI#rwy`mAF=YY9uy>a?c-%jm3wO%7j)S_s0^al;n^SS5*{Kdte-OCdP*QV`Ia~
z#1TbFDq5A<gj1~2e!UBH>M>4ke+hwCT~E3cH=YCfU-8H#idXimbSXaB3+k7Bprubr
z)R)`bdOo>yrE8l}gi@As4ZX{+1#+&HS+14mT*DLK`6}dcrE;huT&aalqg(BFV!zq9
zgJ?*qg_7yLZ%-VFiLQyagd_dNEwI+pOG;gFTk}&l^zmzELlW*j<JEDwddwG>Wz|WO
zs}DK#!|a?ASE8iX-BV`9i@)@G%O2Sq@tA4x()#G1`9k5`pYS|h(!)L<k&{9RZ(pSu
z)9W=$NcQ$rnX%$;a<GYaW>W1f-Hl7h$rdBQgYE%*lzr7^`kp0bNc_d)F71`N+_H3L
zdsoRe<K8WKmWs4ysL9pK?@TW1TW-ep)R`giSG14XHqc;e&q|Tb456nh%&>Xy=KaKw
zzF5ohb3f{q%jCd<TDi(rk7Fx)OY&NWekj&DkqfN~6iv;ae$kXZvo%Fi@{hY{%2KmT
zxja(31@C{NOs<eCd&}D0>@3i?#(Ywiveue$;xFEpfLWILH|~~wd))~S{!94p#ebZS
z4#`!?&c&}n^qn4B{3^^I!MpSe_*D$~8eN-RCLbKY_%#U8slgS(zXv@hH}3T`xCY(f
zV5-eNXod!3!y{_wB7}y}xuiN48dgJz<d`X_3`8{Vw)XZ8%@-RuKb+9KqcO-C9{f!z
zW12Ls#+5|ud|Z<#{$f%YIH^ghA@E#rYbC>pEAG@MHnfaRbcEH=a3aKlonbZbQ8N_U
zt4Fr;NQ8{Y9cCN?M%31@+Co{o%}WRvm%74g<U(v@JRW!<9C#rzlDrsK0xz^6ta;Qi
zMU&#s_eX~lgUKtUng=Z+vXw{|k!~V8aAy-8?TmK58^le;l`*}2D4j)jX<q86E7b}O
z?3#acg5*8Tuf&GcxT;7LSz(nmG#_h}LSvuiW3AEx59ryVF-5D1_Qys>qDp*J=}(>?
zjX}^Wi>k4~IK^lcNEtmlK0GouoKQ9YND_%vtuCsbOOB5Wuw2ohk>uIfNR&N^sspUe
zT==VvlE4@ni^iWH9f>8FSa_ve^Q!TYK{TF8gi1X%t(<Do@3`H1vdwz3-FmW9Z=If}
zqr-ZsQ@^Cw-LchnwoNTZeIapZU59o(*>mL7qfg3-m@;@MIS_x63DHlEL!M^AsQFe!
z4as?QLfb%TqSmgCo*!1#;lxmso={YOBHB@s2<@_<{TqnPs~i%I)W5}t^`h&?H4WLC
z#!3HMm9?Mw$Upzc^s2~oW!oD&W-FG=R5WBN8ZIxt`gpqMOeXZ<>53=b@wlqme-x}w
zOFJ&r{l?m_twrE<`O@0#ns$U{)^umqbR&>n)16(jg9UbEf;(n#iT$$Dj>(iBoEAZT
z8F8=6{48TT)1$9bz19@w*)?2Pt6xAR={4<^aJMBa+QLgg09DNfm!+kyuRis~r|{?X
z+Si`S)^A2=roJ;%--$rFzB60j#R6TKVAl*Tv0ql|n!KO~r$vxoM%?SQ{48TT)1$9T
zU9X+7rZCU0;lfk;1yqu*-)sqYTEe0&yc7hcq^@^L@vyE}w!O<<(Qht4vC8x3s{$ul
zOPyy6Z(`1{I9tGn!H>n+0(C{soMv&hfF9}n|1w*cQ!a9!eBF?Xs#06+V}eyKGNqh+
z*~piOsqGyK&ASzvM29`fdJ5MNsRcQy(6FH_BeH@B2?1=lRcO+vG!a=xWCM|{Ai0C1
zvJa73xbPTdHqRXIj^D+2ms1wCQLUNZn786;^Y;fcq2B3=$3CD#-juZC9iK5i+$Is`
zo68@p_WVh8;K7E)@d4ejh$f*ET#IND^@4tY>%Yg*q<b+wm~-E}@j*F=ZqP>u!lrGb
z1C0wO*%)zuM+dWU_hNL&DXS5;u#nMVC=+^Yy5jL)fYCuYg04xm4afR1LB9}J)ObXN
zq9zenBDwQeb7BhZP(Rl&AUA;vOe66mVjbrgP}204^jPyC3mqdo?o6Wy_m%2bU0ffK
z@br2dwG&J?0d0g|E{$;9I0Q`J8F!W4$<w{QM_kE4jz9fAkZz9BJLx4bPmp^3&?=Oj
zIU=+QHpJUe7h&pSn67~2YEerOJ%rh|7@_bY7uQXgy+hKw&|WYUzF2C3Hx^6DdlQJc
zhhgNU3^6Y?5Ob-Ipcr;o+UTrbkW8f9{0qdqN=M2^<Ip>C?A<KU<$~5JD0}f_-Ey^D
zvlD97p{nqbR74){?}q|$aC{_Wfm47Xh158dX~T&z!udu*>KGJ{k<;&%Gr1QC8^9>R
z-!#7(?^ohuns-bYk6-awWML)+lR&JMLd1-!>Ig#z)v!C&O=uoR1Q9UMJfMIP8@MwN
zc!4-9CEpfS6?zk{cnGv>C(=n|+q+d3$Zk6jJ49|jIs6i;K6(XOR;v8m*x0D51@Ku8
z4^B{1!a;?;G{WYflhrD43*$;6s-t%F9V+zhXjS&sD4XcYW+D+HZA99MY$4J?q!UD2
zp*M-4eDQ&3GSMH8UK}1f7cNt}=z7(8Xnmst>iKB@2$E_NJCBVHvs<)+YBq$e%X($2
zexk!|-PV&GD%}Cc+Vt5(eg14h)n5T^*B#6rjJ(uK>RTW$x_;t!EnV~Z-ILO6bL*t^
znW~qnrlobW%@I%&Je!rOW~5aaY1Qn~#@VGSXX_ef>q4_D*4!-juL=Cb<u5D0QSGW;
zJ`-G@39e5|n=gBH5(KDY{HCPM>EL>Pst2w~n+aVql4QggF7VV@Dvu}P0YuMA%V(rW
zMvBZ<)W6nsX~pH1s{`L3zu|F}wcT=+lm%|%{#-Ur&2`6X!C~(gr|y%eUOJq3u#@%&
z+Gj5~HVGa%hpu}j{vP3+3;O0#`e)HUO9|iO-X5+S7KJ4Iee@}_L&$f@i#-k;I5{b>
zkmReqWyH6WziIMfW5&RFu(N(xF6#|oqzIh(uox*U+FEDsXyLSdtBuCGdK`6+wlRhD
z&!RmcGpG2AzUCv7$$8EDVfts0+p%T&xiQ9+%M}Z1C5?Qd9>-P+Ef{Yda#(UXwoc?i
zt16177Sg?FjdQsi{V7@|AJ>YeEHnFGt~B(|<#LrA>@7D&(~3TVR@h-Fix8Te10#Ng
zS(f=1qiLzGb4~>C*N^`=AAL!#PM%);DsnmyGE@G0&EGq`5tjaUd_VGYFMbuGkMVxK
z$G?i9(s}8hYx4BZx{^*;Kr{I(q>Eo_=qMDO@yJo-IQqdNWcn^D$;8kVuak6nQlTMe
z9uw+Rg<cnFzvBbpS|$K0Pf+GQB24OQrqD(r5)pcxl`s(o;<i#q$bd}f%Mk>*3>dCt
zqMq^;<%trZF-OONyD7At$POYqiR>amL#48Z$X*bYOuo1nM*&@wYseSn*sVqB*2rk^
zfjbcBY$dST%Q2_4iFKO_h;=_Mpc9>~+b~<Vc6RkT{BD-{8moTd@>K>I7I34=RlO3L
z&kvk>bWK{?^BYfn4eHT7->ALxRJIYy&^<GayE2Wt5J)%f$~Nv{fjybvo*7(XzpS)p
z@|X1Bv<ULci2DZAqekM4?M#opF73Gl^{7Z;o?XKQs7L7nDoHm&4a&p2EMX(39>eLB
zwC9}~Q$0!(-9PrPII-9B=X(PuD@vUu;=jYZ$|@1dZgX_)b&o);pdWocGh|9)i4tK=
z*+U;+&VkW}+eMlsLf-WN58;-PBFntxUGL)_C#)jj>m!8@J9@cXnH+SomP}r>$h)8F
zm6*KyMRO!H<XtW&_i(AnET7N^$h&1s-aTfKcSRoJJ~;=*2QJCW<$ZjF?ctKI$ROHB
zZDaP9qHIU`SlI5FeQn+klXpdK$Cl;iHb(Y^v~m?B2vLt?D+Ol5TSxM)$mQ5Nk&DT@
z#ZvR9U$k5y85b*4NXErdav6Zjy8$Ne1`K((ypJGRc39fiWX6fVcwfrRXKDU5<Xy6}
zEHmU@$h@P^&pEOS4Qh3&HAjPLjO+lB`jdb@`^g|Z6eo-HNNUL;5v9Zj0m}^JjPuIF
zXs+@M$h-&j@DiBJ^Ky0D_i`2H_R;v@AnL#8qk4s9RA2ajPAt?qpzGs#Q~r1^x-ZJQ
zPdju6Lwar@r%=1Pg{gJ{)--QRZ+j@a;rJwQnkEyWna5DR{uf{<C$(?T9QR1=`|npg
z*y#C_#=wK^_F<2NMh4lxfq-?`6T{j+Ib`qdp%&*H7!V}}1DBEEJA;AC!xgFK+z&Xe
zj^eXXLk48KcaTZsr`eav>_XcWf|uB*s`=Pe<pd&zCkby=9!KzG*zYJ?6OUFt0uuIG
zJ|Zp}t6p59kE5WFYqSYsE@laLB;?vkcpCMo#BFRs?gFvPwKnXsY(*}R7*C(-6-c5o
zgzB!KhpIFw%8WOoQ7sUSo=*;pkHitKh(@0qkByL7C(eS==-{xTj*Sc_;)x_8N~6(%
zWPdcO>_<7uAtDbFp{`TnM4lxwN@N^FTNaHHfIr+Hjg5^d!)M3AYLNXRC7`yjzE<dc
zVT2y7`Z17CyME~Hyyf-#w%w}s`F7r_0=Ze`@|UN}_hfy0Z<Z|a1#Wv>{(UznbhE{B
zrP{aGxPs8l^_DA@zMaMugl?|2T&XciyIq2i-Y{xYKmPN>lpSxkBWga&mT38xBFUvn
z*^m@2(^lql&=c{o*g$M7_BQoZs+AHrEh7q@H_}nyTyj9QFC>zXnel)(F=2A#0dA;f
zxPp$~kSp0F1ha&vj~*gBdib&;GX?<ap<eH<WBA)^iaHQ1G0YbOiNSq*5G+g1bP2&y
z_E;264hx7xtC+Y*f*9Q+JDgxJh!$MPH(SS4ZXy?lPt9_e%8loOAm*{u;hdT;t|^*Q
zEJX4y=uQa;7HzH;Z8bxfgz%?i3Q_!yA>3MWJKjTnZrr)IST2j8?~C}D3eiuB+FrjQ
z1eW$KGh1jW%W<M1O!Cb3LkOhBHYNCvg*T(8>0?Q)>tPBpH6)*YwCBKsN1_K#oqFV<
z11Aq131OKbTZkCB;(oVe?_Q|$m|Z_?<#hvp1Ppav0S(_!d<+)d`l?1~$n?^5qy5lc
zePw{dA^_O@NAemIctJ;1=z|ISlpg$1WFn*pRcOwj;F-GYR{hX2Dj~$43|Hv({L36$
zq)?$+O<tWA04N9hVR(=LfFymCBS}Dcn#frq4DliC$EvY2tm+NZ`3{v{LK+I`(1*j7
zVBBL-$A)U#3UfBy&fPKF^Qc4pLl9xy4(slj;HFG)Q(BVK!A;rV76hg{4$O4OnGTsE
z5eUNe-1ucF*%p4P2d+snDdUVJ8F7XSC{(}Vm~&dM%#xMrW~Y?5LsZO*zb?saxUku3
zm*S=vL;eQFjDifAQsf-;sOU(Pv|;h_huq1|UJqlshs}?C;G6i!ISX)N)R@bc^m@T^
zJ!jTgSg!RW=QxI58&L<AD{A2u2G;aq)u7on#&Sh2N5(F4F~(CYwP2*aNC{&+%tEBs
zXD}YWKuIjU;>h}h*3iy)Mh`KD6E+zR*2RPdhc8$bQDdERa$M<;hsGvG<7y=A)0T6K
z8uc93&J19^%LrCjYe61=AvrRRHA>5PggTZ~VngxhXfipX)$?eqw;3@OPDjUL>a$uU
zzXVxPQ9g+-$8x46WP!leDCztOE0Q!HYtEGto$C<lVzWdbdxg`8JQ)t?TxQM4Fuq`Q
ze3aHvq0Q!PMOiuX<|?HYuJSpQuVcnfBV=VLT?)xgDt!rziI{9epK8w85^ZlWb~0!7
z7pUIvfLPcHRQlCjnd+`=b@!z2R*Anpa0AMIBK3irE`N349Xh>D<bPJY?fOY20+Zt`
z@)kwDQ{nOkKGFRS#sAbyb;FYCe;KLVflriK<IUVWo>j>T76dKO>t*G$qUPW!n<2<K
z^Aw0$7K9UAz%4AXWDm|b$ALIV96sl;i-WSa&7Cjw4g6Q|AI?8|965vRV<Mm5Ci0c`
zaem+|!kN5}i+rLM=kJ*dZ#MoTa&cr!+@@7f1pg_u+=+8)A@UU~mvgG3WeU_(ig*oS
z3R7Z>Ftx&Lv860$B$4BI7M@ma6Q*dA-DL8%W2aA_l0)&tz-SWoRiU#Jp@H~dY<y%a
zB9O4t@76JErCn`p7K^K0v?9~wMkk0HLCl(`yv06Ovr^SAXu)1ex2p2y3Qv!r6Ko7^
zr*2xc^W>FEouT>Ik~_@@o=OWtqsHV~tFl)(U(R;LQC`xSnr=?jt?SGN&@$WN!gdFF
zX%&-~>@A5Jy{&c6i^K6QGxNQKiq+o+v9Puk>nHs$SHOme{aLvde}YVm(oL9-!u%*3
zY)(r@)0>W@TaQwp^=Kw|bVf3MQ-}#R^HV)=O*%?4l#wJO&TxSlG|`o;B`1YjjpRHZ
z0@tOZi@eOrF&BB6%h}?}ablRy%QjhgnP6pXF}W;1Le`oC!)oj-RO|**Q}MwZO|2lN
zme14L8BbHbj5PX8?sW?ND<WS3IjMY=g5Lmf_{Q})QO-9GoDBAz#pgth**;4Z&HaTp
z<b2^r%rE>%deh-_>yfmC@BBz6cw|O0ep85{FI>bRd`&t+U$_yM5ofr-zHqvdwdAC5
ztE~t<_jT!r4ww<9N5Uq}>y!y1DIy;wLXe(9>`VCqk>4Qln?y)j%S8h}PH{xW@n0pu
zme9biTV9XvwEI>d;0xTU^ZOoj|FqigJL=Xer{pAY@`Iywdl0n{v<{eEnG82VaPw5A
zln({M<=WbOc5U^M^!ArfMXHSwIiYuvfjBu+!m@keRw>sP5Qp)9R#3WghVT-w$WL}c
zuHo_rJoR|ZUT~TplHEL;Q*z6B0C~UzEWizyb<A>@hPZ^;&U<XO^9zHw{%L?b>rB^~
z+X|_UOTkWhb!)F$ddIm;A=UZb2auny=>2f5Gc0!f#;So*te+6829}v`hovlM$dBug
zEmA7!dkx5s{OpXzhswf%)JBuLA2@NiyGyswN+d%EPCZ17-Owk3v%kB<CZh`J6lmZD
zl1{r#=@fyv(Ljf<6C$c1;lhuH2?=&!`fYd+VH0t-C;&KNgf-O!0?Did>Zcz3aRLGv
z?w7Lp_y9<$G$J`i18W^xq)@q<k5x5adDgJ?*N3&IsX+|?!>4Xod@&?&l1_<7I@#>&
zhF%WsiDHz)Y5{HE+?-KI{|e`)aaNrMu?VyT0fsZda9TQ(Zrw)|;nscG;C_VP+&^>Z
zOy<xTibfy^lOyAorG)$WsUEl{ouNU_NRkm}xPW5yE0nW!p9trbGR^9>l!8{UGb-hf
zXacVY0W@$9xp%4{m+#|qbaOsT9KN^2GLtXC8Bdj;9`k(8|Iai!&GSd-Wnu@$lu9!!
z{>ox3@ytDIcfbdJhLMDGNGI!j;FDg45BO~OfZt-R>p0gn`-9^Hq84t|BksY<yKVS@
z$VGxh&SA|3d;ltr1+}WdcJGd@68&lNLf$&0xAdH2>+*9m6r<QZiLpsCR)G0Q32#9h
z&~p8-v>;^0iNENd0*C|DHiR^U4>MUu4ISt?5wZ$Ap+O~iJ_I#$d<09o29puZe^~D9
zY=0(IOG$g;v5~R(v!R~ThdVlVb}MAfV4@A1a<ETl;30xy;B?6kR1<gx<Cj-FIegd#
zCtzS;3YwEwYIGwV`ld7=Yob=uKRO--v^#JS@UHIU$jcaBIW?Yq8^N$h`M1<c#+f~+
zeZG9ziZf_sY~d9v^eUCcSoG7>66P97ugma;q@Qeen24+%Bjt<}pN%Q!wcU5hq>=gS
zXo~s+5W%6}!YZqWC(CA6HcgfRYiQm*S%xK6Z!K^5{Ii&vl+QM8`b_yt<<nBbk7`!T
z)NIPsY)Wr_AX{?)zKiNxX6iR*$YalDILgV`msJs`HdavSfr6{5c)IJ-=GPne8P;8y
zXSD8$Jn`iIuzG8eExQ)kGG1uQ0j)X*r$3Nvc?)ODG;f7qJtu2Ufi>^!+`1{XBu43w
z{19o3p5Jm{+cv?OA!)bGlQSRaIdrVM3nDUOal|l{ZxQ)@BBUfg8Mg3X<vSGppNRYc
zkv}9NSZ(P6y}0?ZTjh_D-+^Z`m&wjNQ@?9%{~hy9y?}p170=B(cP)%}wrA?$z^y%9
z-<}D=b(-;;lG=%PiU@?S+2S&`Gd<~bshzl`kqarzGh{^t{0a}Cnnm8Z$UE^;TaOPs
z@7%<BCxayB=A5O6<&N&oj!mg*Ow~g@6DhbjeXIkzvx9<hLY=>5o{W=fyf<u9`FD6|
zcgr%@78Wzl4|I1qDeezgK+nQxK#a1}Xi$h<uG2-$9SdWZkxYFgEk)AxkxVcG!&v<{
zB}Ir`iU@?S+2XJgKQF~~DMAd=$b}T<8M2}ReuW26%_6&8WS3T6iSP%WU3PGGIWh{X
z@leZ&m~tTwn<~tZ!=YF{GN2;?9Xp;$RUXi@9C&0)XGf=Cn96@7-c?X`RK87@3rKm*
zg;^G>EIO=0F>_u!a>ufswV3~cmK0)P#%y`p!dTdQc(zO?j?RWij-VtUPyG;1p=399
z-7pk&fFe0;X{Ll*DIRCZRU&fr@s%dd`OVTrIYlAQ5-}HaGE{Of$^4lOxN|fl0^~_1
znLe9I=DmkJxnhfhinJWD7(B>xeSjcO4q?kC<mqFOr!X9yKjg`mRhn-TEY@L|0K-v&
zJU81_R<z#m`TqDQTX{GzuD~-mjI2lj48+jBZi6PmwfKMgFbMV{!q*^|)N)s8J;s+I
zz6Lx?4*Uy{-fY!+tZO=HvqPp&ZYx!=9%P*>gi3l*<1rYPCu=UaUiF1sCnT4v99M>1
z+dYHsEAEp_84tHrC6RW`9aX6a({{6L&rm!8m+s0wZR}3jCGQ)UpOVKba9@)BB71Zv
z^ZO8poj*GeqX2U|kAPY0b+kpL6+&;jUUXdze)r(j=e|?(-Ge{B?M2)ttE%0s?V6Xo
z5a14cW9O9QMXjP|9D5U;kF&LzSKQ2cRi&;q4BI8MMlE*VZ;IUkd0TtY^{wC^AN+Q3
zX2*%ljuU@2lJ1LTPoACL(Vs6ezW3e|g>FMP+L%Ge`i>|XUHWezvvh?&tmL0I{n3ZM
z^W2{{{aksAQd}hR7exM&$X|h2o{93;6!|wGtQ06lsKb&!X!>??W}lqdCr_V#IvpFz
zo<29dZ<zI%MOgSV%3DxaumMd3FJT)AB{_;67bY0c1V3^x@)mH@g62(Ot8FxE!dYs}
z(?q^U<V}!#o9Om}GD?B3MSJufzo}EyE+Q6`-^BCZYHH1F>d!U}O!^I6|Hm!unU3LX
z%QG)~Cm;Jv-%EX2seW48;0*V_C+1-6eIo_?^Yj#)Y?FSMF8pUA1lTEmP9#I*zY}q?
zQX(rYg~*riUtJGER!Td`O6kMQN@>fjx`3~PNE?wYKdmeCwdrpwW$VX(eh@#R<MtCE
zcWSK!o27CY8<{ECzznof#ujo)m0SrLl&h5Lp<uXLTb2Ln93EEtlW<Kq@iu*osR*TT
zHe@mq@}&c6t{oE%7c@lO{v(h(5e}IRJC(o=X2b5~XJo@p?2sKSB`uL+hZq=5Ju&p=
zUTDf`1p+%@m0mJ}(M~_08RzAiaS%7j4vQVVZVadXROpZr#{#iX%-B3HL{1c;#_WGK
zK0sC}5q)7Ya}}h+=IxtOwGSo6pyoUjABn?lQ0RD9N9Q(U5r)1lnZepmq8{ZEk*^W?
zIuU_<6X*@!y<HSbccgq5M5T_watdQbR`h)A*|^<7q_I<plYudR%8|nP7$1Hdl{oN$
z*$^y^r=>NsP8P>l&cAG}gI3U@3=A%ttjr(X=z*{ornSc9da9ZP6eqcdKUBB5jh*2t
z)-OvW*Wt{|T*vy`u<XHUt*hhX<}X^C>wGox@yCx=8HZfn2B&mw?%rz1@A#CSk>skK
z9&EDbyiK0RvP~YBK@(m%=xBD=1c{Doo}6YIFqWuhW_L9<v%4i0nci`}VfGg@mVl&d
zsRc8F+ykHlU&vuflPyLf=59r_u`V|+gEaDTV<xdgu3b<oR~2uiSUkpChr6-dn`7%l
zF0`t)Xlnk{il*dd6-84DW4fir`q@%>nY`R$OozMI4@+6A%{cKF1{hApbSw0=v$`Rj
z^P4Hx5$8;P(a9ZU!XsBCf4w)5v()fYw!U>-jf}UG=C$=_c8R5imOF5M9^8du(UkLl
z7JMr|d8J|EQZBEOS97<FrG4}7VJ8z8>R~cjq!r4?i}Y|vJTEhZ9(LbV53gD5VYreu
z-(m30+ygzl_O5!kVX=oTJ-j}*f5AJp_B7|mVr&cLk8J~AoEPsPXY7sEk*z34xF5XZ
zPWX6}v2^d=^KpaA%!`+s!=UA{z>i0(dD^qt42i$V{$76$pT{KL((iNe`E_Ty?=PR1
z*DpwBn2%(`d*hBIo4nkRA=X=Z%Xx(3h@rf}cuy+iW_e?8g|TeCasi`JrP*%tFVIKp
zXmqs5XcQ68-VEU#X*a_?on}b<y{mVm<-Wfo;d}m$@ZK={*!-~OCH>~*#yb*z|GXnT
zG|9|4<W`avv9+={`F3v=w%OQf_Q*hT9^7J6uLqoc^O>*Q7j98yJ|%gJ;S?e$N94BN
zAa_YPe_7ATC86<kjqWS(WwjfUbSS6OsK-3AbXQWyqMV0blvxkY`Cj^dk>AUq72%Fl
zs|o0+A>9c{NOwX4<c>`34SypHq{5!N=aOSdH5F{r{gQOF84;DI=t5{@_^c9BCXSwd
zS29yv@oQeTxi7X~9y_Ob2jXhKRsn5!JkhUAjKYD4wj`dQb+$kQ`zQMG_bfItkx)UD
z<tRNH>wk89R83WzMYfqSRR`H6vyBQNsLIPAHtiLGGfX{3Qs+MRtFF^-CupdbtB}{b
zm}UaIy!d0IqgXu;C6Iems|LV7gk=G0bbJ)f)(|K`fuR?5*K>c3u;#FRq1n3=hSib@
zecBwps1_}ip|`34lzSUkmg{FPy3#E>W?J@VTK4~ud%EQy1HZ6)Oc`I-uT|N7uxK^B
zskA*ab=TX}R&yo9qhvM)zb^VRGz7%9HEh8eyu#?05HK!b3+#wl30yB&*0W*hn&uga
zCz!4T8|U;;MZ`E2!X23F80Nc50Sw?$LLes<Y7ETRwoyBZRK~o@h}CmgZGq(&qWHBa
z$+jE=&0*D{_|0<^Pp_n{)YKZ&VNRRv(HL(yitCu8IPCTO+;}`XO#A#8uD@tq2w`er
zck1B+{axVJ@$fFd^DFlMHn#*f%f!vW=cKs%(<q<aEh>3>j^;UdDKm?N;|%>-BVash
zybz8a$_OOSul_M=11-Q~3*FHW_I4GxHLKO5=&Ay3Fc(D9FsTI$enIPH9;JpD&W!M4
znma3DK@YqbvEErj?fHEo^n$!iYLW0N<sT`6Ky$6sU~Aa+i5xGf+L8hD!{l$dR>p%$
z8A_P1)uUEv=40=!@)N4CjK3jFQOKSzbI6ZxHP?k4bJ(VQnzB_`JB%$6Vv0m9AiQ8g
z6G?)Xj_zNj&~73zB0GqDlgKX<nIzIpWIK^Ji3||=*F??|`5qA$?p7t<108|wctF<}
z7|Vpr9<zNfs<vYe&Cr}o@D^%Rd+@Zu@_tmaY^J6?Q`4TU>74Z6@Vn|8XY0bVbsJ|x
z8?Z0a?CR#5m8F$cH<q~Sn`Y};XX{#^SD0<y#4ps=GzWA|qrOuUd;{NTcCE$^=5@2Q
zo~Sib(>lANBfY$Hc6C>J)wZ|R9=uWNTC(Ye%ew>_Z&bLJuAHe|m#JNsmclQq>DqN!
z+R7<>+06(Rmd;4VFDr$arvnj#OV=nDPm-~n>CxAv@GITc6y_PSqB{MGwQPhhyLkp4
zKyv1&r6Ch+xa7_Ro6^!FGeNTKM<Ctxh)y%XM`jSuep84iyMH>Jrf`!U&RXIr+$FN;
z2|%w&kL1?2btbqm6Wo}VwqC|2@F1Ds))~q8O-WnR!HxRqG=)(YUCLVG5x%^G=iq^B
z($?In9-Rr&a<8=XXuADToo0fM&Pc{@3h}fUj83O1jLImSwZv1nU1ZS{fL@ax&8=;}
z=|m8Lj!dv4E$x5f2}UxsxYzhiN&C~m4*hhR!l;xkWho3dfjn%aLHrv}=+QYexBe$)
zg0%U3T6$u7$FZ3mPh@tW_9xN^1W|zTn?ek2P*11R6h`$F&RXL27(D?MW#-N3C9~6O
ztYm(P2N0jzu46O7woI@sEgk#4{WDvSWwsteFpWSEMH{~<#01;)(`gE$S#&9DiRX!t
z0414OGve$TE0<s40mR!IH51&D32wPOk_qlkONXzH>m+!1Mlya=(&2P)w|+Wp31=xa
zPsIa>wpWmry3E(S>+(*VUEYaDGlN+6o07WNYfh)r6vpjRIBSVV`0`FY+DflUUG}PM
z_j2g!SXv?yJTxO2zbWYuyB9j0wuG~kkf-7SB$-2DdK5~x1*=QR33pk<4|V1pC`k(_
zNCRy!hr@qZ8_1P+pc<{phmQ@{!b0un3`z!>YP8x4Aj>uP930A1ZkkZYyuhKn+yIAa
z<b^44AsSiWBu53VP;&CtEmSqS#8QVdtT}&m+?_z`wOlp2R9<$^RHMu1p&DI5l4=4w
zpg1Z=19ExtxZ(Wz+h*?$KuERpSE2W_957hjnQsUfOs-$h`#GN{&s8F3+n66#@$EQ2
zOP&kwW4+~0oKti4YSEPZ$#X?)1yjV{E9je^C-%l0{XIOb5FT63kqF3Z?&@i+U3^+l
zo8OP8)s*w7aEhl@a#v5QVex6*r>Eth0G30HPgX%G@CUu+Oo_NKwLp-m1sc!%gW!in
z`3VR6i>BmIzTCvs0_)`UTrE(&0Hs^CsbVnyLg_}F2YX$Q?gr;^>YWWn@A!V<dxrqq
zoC9BaGyDnP%{aPo@ms$i-}=z<a7${P33sa@T|?lcMIdY+PR*koDd{m53Uz4y1bM?5
z(R^peltBQ>U8fIfp3c(;+4_s*7_NBXmUjRe2>3mZc7**}$?$+y0n`rg*@W&{$4@)N
zjH_DdpvsUp&8rTl;#wKYLb?Q9LGUYhrECfULI;_Gz>C1ESi&L}CSaY%|3zf(ngXX?
ztjs&l1^SJC$Vd1$p<cG+<VDwIuWrxnL6owD$R|;&B2kDzk5}n5K&PLgPzc11qQm=}
z4&x#q(0mTr=b-37cr_0irhJG>>m@=kZmN!B;CibKjZ3uSiUEHYsD^`^0@Fnm$iyJ{
z0-5X(Jkl$haf8UjoYWJpYar>sb(I>rcMj-k0eZ60F?uoHUCkS9^^M=AzbGiKn}G2G
zZBSwtp>`UKD?pdy&}*1gqBY^A0xwo-QN31bJW6F5HD)=Hh2X-<3d&JOgdkyMHA2wb
z*jlhqFt>|JdzwmP=xslR28b|}mw~x&;?xn$HO#-4L6ZfaPbQda+@sbpe-ziqvJ!1k
zzXENW1A4onaW>QnPfxR}nr53ezOgJ*w|#ca1|7onlx@sGYS-OZ?pji3$7r{tS4Dof
zcJuofqpeyxQ?)izwf42=GF6R}p4s4%nP4ar45g)Q>Gj)mnh9>3k&NFI;)5Z6st2w~
z+a>`k8%Z+a3>SFnEGv<x;sL~?*3Z1~(hF&6S2~1^T#06ayJjTgHzn<we1V_ofoq6E
zl}3t;IHL<j;w&qPC*lFbQ;pBR^n6;{@ER%v$pkmdNXBnU+A#S%Khp!(5QqAV6d7?w
z7mUPNDu}1y0Yp=Ezx2{Cy*8W)wh$QoAR~E*bc>EMGep`56AJwx2cLNW(Po)I7qO#E
z*JYrKAbIc~uwD-T8DWC_fG$$B^@nJbITLKm1RKfEa`WNz2Ig>iL%zf1M($i$50JxU
zbdTXdnH(+~XUyTUk(!(=Z!nVZv<OTaPL^%sp9Btp&(?MOe;~AQC=grBNFQ=9!hz^P
z9He|>8`BEl#1Uw_4=W`W;Xw8TXeEi*>R4Wc1JNrE+cFh-KYKZ_w+II^fN2p9d~brc
z4sf8{a8CfH(0vD(8acq!B(J+K0FzVitT%dR!(9PP@B7{XV9^Xm!^Xr1){pwmY9X39
zI=~i63+6YeD%nVN3aLUJN+U)3<YPTsIyKLZ(+8DxG$Y#p68367%&MO4(EoJmf41s>
zy5QSAOetH55E1}uquB6(ZZSk#TkGjm9kTeBVBt2A4G9WC7D_uV<^dKD&3`&)okcqs
zCLTlaN+*#aG(uT8WT9+DX3b08oP$3oJE>TLN|hr-wiC&n`BR@p`;&0S@wOKY2rtQ<
zrdQf-;O-~uG*4gXy!;_*`P0-tcRVlGH-6&ta@$R5+wbskQje<tp~QKP-Y^?#r#bqX
z_2wL1tKVzR(YNHx(ZddN^sVVtUGMKXI&B)j?WiWbv%y+(lC~$kVNY5jnhEZik&NFI
zVuF}+i5P^hNqZ(?hGE2I#2GH|)LB**PsIa>N3Ar4g`rWp5t|hd&9OI{{G}Yrp=;89
zs?xAX%7`<%U?e7cq(&nJPl^EIsm71L^zqj|$|ktomoKIzkW3KfX~u6#>So4FbUJMb
zXDK01#RG^o%lsI#*Xno!c5@)GqMDJ6-;~tBthMNL+7ixELY|5TkYo-smKJ#MTIk%h
z9XkeN-deh7#<DnXWwS=B2eU;pmPIp`LR-weH)ld2$QwDwq8SUYp!ep}a+sMdnz6iR
zpVs=E4-2Q<jAhYK!`V<{!(AF`G%p%z+$Tegjj0ZSdsw!P57E}~2KHf%J^&A8v?bCg
zOfOPZj}8v1!*FJ%ufD`0N%$na5Z9KfiP)%$b)e9w^Udf})k^$)axA_Ddq78+Cr+(w
zP>Ex)T%vyh7zbQzPAKo<Yl6>128b}#H~}Kc-y>El$9mDR;RM?!Nt4w6bMb-kkvMj@
zr)66MQGKbZ4w8HZ>F*9CIWhlPwdEG0tkd%CI|k?`?g3Cj#peJesSvk$$ZbfQ{*-hS
zrJI`2OT+<6Nv-9D*m~1kUaRavMynNsR&J>bZc*u7xqEnp+d?RNsJ;cRW_yBe?rA*v
zI|o{f%?V8d2+KX{Pu6MQEA#8gHTKENOe>95xqwkb11(zv;8GWvZRnU?({g!ZdUfY)
zW9!YJgr#ksK$v4L4H>Bct}$=a<=I7SPp{hXLB(7iNN;!`EfLKGADEGh-xOj9a}hBJ
zUy~jn0K|yPh%;Q^sk5vso{9$$&oP%n>Bd7?a08mLuec!?MJ&NV_?mQxsx;y<;*2gB
ziLoLFCGkW&fOx8L;-v}N!fZ9$$ZU1qMrIQ^8;{XOW~dPh+~|jG%FHvmU?k46@^~U1
zK)i{_ynvNbbc-GAMmutEG#%Wcx05X`GQxBt9R+V>CfLN*9Ue<>d@$Y2R)aO?uLd(#
zfLRxD(G3_2#<1$kJfl@#*7ah|MiQPD0W2At0}c8=@W8kbGziO%{1KmwjcMTp(ks(a
zB%CkE2P8mM{lM}j?kv=dgS2S)e<a_J-18$@UgR9`sUv*R^Mx{VdVb_fgL=45R}@;%
z^CMqs;=E;Xp65qV%TiIg8G`3WzS*;B>df`VE3w2y<aV}($jgo8B;@&VA+4lEE}|aC
zRu)*^Byu^nPUJ$XYAtm*r{+(sXiC1wrD)3Ho*&5_I6Ew5q33gtd3t_ycr&@zJO_W0
zb9jCfeOu`5%=i2#@;LV}w@t9zt8>cvKMRf$@C8S?o*(Dm!}Ia{I9Cso(}J914$qIG
zx8~|$yGJ0A$GP7==sg_D>0X@9;rUVY)?7Vo_xvdG`~voHj{~}8;3Z|U54gY&dMg|j
z{)j#+)X(G(tntk2mW4ke&)xQOg*kHZg+G-tE&QqE{=nwX0r(;!vrOS_Z*&j*fjNEs
zY~fEq&$^`r{DF!4FVttmUw^^Aet5QOPBoabG&O{^BZ`4*=s`j>6xvoIwN#!^$KvNh
zv4Qi$iD7k2iNV4nRl`mnh(8}YKRObR^e4|B)v9bsRQNigxhsPx`jug}Q;X({p9iF&
zm1297VE`1Ge@IEfd6njUCV4KAs_2OijgQ0>)}B-~#aXM+e5`Rgobd|EzB@SM!2ID1
zR&PFp@oAb}=Rg>x6!%FqZa&LXlyXW<zO0l=B5<^ctppHC)pGEG>TY9Qs{|=coQMNn
z!4}5Y%sqxE<uW37xEO<B4{SvSGxDgqD^EIS>E39`g-Rcy&2Nse)S`CGw$y@ky4JS9
zr<BC~s{5T0h5FEJ!?xM_&9kdQv#U0xS8l#p?gx@k?W%8>ZP+qfzlmLFdM&KS*96yb
zgrPn|n{PDSXv#wvHl<f>{s18inE9ICaSpu!A2J|0GkxY8hvvF$0*qNJg=qpzK68xl
z8}J~LI~~Tn-|omGEp?hcLpm>S$JyoWnPBG(V%cv>>SR7c=yaOGsEWc_OFY7tx9ibX
zdQIxgt?G#B8s|v5ovkHk&tFRb*nk!VU=;wXjKZ{1fL!L7;dX~r16WyLug&mKaxN3Z
zU7bkpc_h921O;}V$OKQ!NXBmpF+nt*PNyy5EKA9g@c`oO)xcuJ?7xo7-8j44oo7D+
z*FxNW1pP;0*pIM&HNux+vqC}Z@A{m!B%LsjTnKt#>=<!J&QO3jc<|4QRTO1F914};
zATQYVqT`qWSdVcq6r&t_PL$X%2QDv|=}7YJqoI%;y?n+rC+1LOUS43g2|g$9ag^2a
zFb7eKqdN()l-rcDT8z73E>%Qs$9ZsmZUb{zNGl0*5cN2=QlJOCb+~&=F2~l1Tnuv%
zbvUQyPpxRV0&^%<W^v4c-0ZQ#Qmez<b)J}m!<$*_daO(>>A>D#*lrHPDx~9(QKjY2
zaLEbWOSvlqM-cEejCa1HB)O~C!)6%5)yg+*y}ra!fDvR^neJ-k*ToD2ZcXm>8^N)L
z1-%hG7v6|^OOF?MBY<a=Z1LkO&vl?O|EE{LclhY<4y{m2LU=lfvO!mPO)4TJ?(^d#
zW5W=gL#8vt5N(JCUyX@S65F|wU(yJ?!N$g7sY>qHl}<I+(bEdK0#t4jA;zS{NXGjT
zg<dA|3dr4w#`64yF7rnCW>w5a+rcpUE7Zt46_!6s_w_j<pC|IGL{5W1ANG$FCa;xj
z6|%CFs<~UqH@q-WS92?R<DRBw{2Gydkb;8l2D_kJpbNDHOi&6G@d`Ra{T4{>n&TfW
zTXiXV^=!K5@!547-+1Dt$6a~AeZ%9)cM2JBEnjoF=W5gUm!+S0GE?!98=jJUsaVRB
zio4!OrdJ((f6K+K?K7>rrdoGpt9OH5`p_2|ezhUfx@*#xuHHRc-|@!&bRAO>)#a*)
zCb6c~CjFAiOT>{b%s9gZ6q1t~r*L8S^IINQ%^nq;$@M4xWyhC#ZJ#s=JecITZoiHM
z#f32_T_|<VA-mh$atZ!>pmgyXKILfDK+XXHh^uUD0+6quPdREIJ9@b4!i*tPQrXXZ
z%9YxD%1IWu+7YbD6M#f5e6Y6G(np=g4o3k<<aQkF@^fQgfdXtntt0_R)Z^GnA<DEE
zt!19YL@vkHiCkz^nWYZr)ItC%R<00$ilr0+P=NcCgK%N-DYwkHA!{Evinfm1ZB^#@
zlyeXt3%;3!y&a0Xn(NIBF20!%OS!>!%i^2K{oezsw!N9~t@gPdhj&x<(L%!HmEHg?
zde7O~qu5(m&3t&(ocWRvw2OY@LMbImcjg9MRF;<*!f&};D=+2SxK;Gc|I6iS0h7lX
z{eumbMt2QWhL@!__a@Zw(b1%W-3)T&T{v?e81IjVF2<Au_V9)meUf8gEH{xzjwFZR
zx(MR%^T3_si80#%2%%<SOZ+}Of0=e%w3kV<(b&L%8a0}j4+H-eiJUo-Etxya3kF_-
z%wc!xWC0)e?O}DUJqOHg%iVH7q337y6@+;O)sXKiC|s#a(07ItYm(Ull+#7`Ok=dZ
zFEqXNMf|LDOjzHtxe_^Sz_9L5eUn{Wp7ZHw58k84{7pO;^)Es4MCV-h=$+|RTi@S;
zZf*S+_J0;j=~`Y^U)i4x!lir5rRNxdmzWvJ_+_P*bZ{L%)dSZk6OYT-&h+T(QVV%*
zHwr-t^9)&E!FoHoU@aQqOV9E2Jb=`*!3}9?_wO`ZX}DUG3B!@~?sRxJJX+64#%~HS
z<UNN@r!C<uOUaY*0Mg_eNs*+>B<oH{!cR%XW$QNAop^c1R=83DPtQy$mpw4AlAxOO
zvdwUPJ3S$nFnv1Bw<pE^%l>31z?|R07<1Shr{UQdA5$?&RW4=Qib`kJiBSf!B$ra(
zv!+kjig-b-Bq^N3XFVLQ!jm?RCYR_@vk#dRE^;}_ts)ns@PMTb$J9ceDw>kZ>vFlV
zwVh9{kSlwAhO*t?H-BY2-zLv8Lc_ymq68!Kq0^EaWOB;I9w)=461keaUB|3%*TAQ2
z{pmPYlWW+!wZ!^v6}@Y27*sSRmrRSM6g^pMY*~Bnd$QE*&7rFB(p1+eV<#jA<I(m)
zv<1s>;zE+PGapPUp?IwSoLv&q<sKcs%k#iU?5Gz1Z#RQ1V2dW@e<Qu}e?ap0Vmdwl
zaS}3`zOj?JTT+w)@qv6v=sP3{l@J-Cnmq`;O^pw`-!0j<7h+C(fn9h^F$Zo9Y44<c
zdzrLCdjv5Tg0$nx6>sj|Nd%<}y}9o2QQ`V`)V8NUZM0hxbB>q;S_%h;R5PjN!$C)U
zkqJwzWt*rCn~6k-v=M11vV}+okxme8sZ)L7GK<W_#3i=zOpJ29N#vJ_bQ7T-P-)+E
zQ$8~GnrXJnMui@gcJS^W_wP~@9s$YQe`a>W#+<!me$<BDK<Z|tsu`&<BQ=VhWV#<r
zuR5l0CR5gQ)8#D-{G`fNU3-7_kKx<IU^5tOF~d)32bth{zJrX@t})n5W|r?4vu7p<
z%`|kmd#>WPK=OPXK#fcO45rD00o1G%CJzRr-ZjEkp<p#!9`L|*X-~fVL31}If21IZ
z6qi2wC@ni=_ewrT?IV`X4#*fB1vBGZJe^RI3fY1rcsiVOj_}gt60Vx{8LC-+O)r6H
z4<A8AoG1fzaMh}~E@S5mGB$^5whYK*z(6LsTq05e{~^Z64jVFAUJ#k&qrbC~75Eix
zmt1MXf2#WU{JzIgon-bIeZ<VYov6iORE0S>pO>3sGM73~zD1$ts4mRU4e6sw4lbyb
zBoh^BrI1&6>mb)yayhn6<U*^0MN{+fxoAp(Op10pw?H71)f}0G`#%dZ*=W2p*1Ksk
z<HX+rs@YmAGAWk=|8aOX<)w4rKjID?B}MGaL8hF`ZTOGK<9ycw|0$MI;6E!k{!=H{
zTkxOx_m30)L;b_>ADD8k7rkkQpti15OWJg`HSRz87fxHA%hIkh_?m#EoWT9`R-P(3
zfv=FMv8xi5mhYbXu7`<odGdB|(7y4uF&7ej;@smEOkQ1iX1`@F^#1tnSKagPp7-d2
zzI&bv-~FnhU-SIG`=H4q<<)$f?=|vTzI#S#-~8WJKEp7}1X^i)&7+SF)f(#hN~r4_
zQpaEg8;UDRl5ArkwUc6=wDh5YWMbo3XjF+`04f<uj-87uhWeiE341mUBr`N%teAwH
zYy&QdDKKIFFaoc-Xw;TrzG03aJrJ;R56c+Od(CYBdU#ShX{!JqjB6|Y-=;5boh!tI
z2-t^Ua8A}-aJ}jaxlTaHpbu%twcRu57XI87>``yb6?B_SMMH%4?EHntbFsw0NL-D^
zMu(%U>!L$StUo?DJ~A?qKVPuK48?)-jw<_pfcsZTCV1QRqU*JWulHPXzux%uo}Vjk
zAx^mnk}BiRMfppL{40<=k8Wq~SDRS_NgR05^~Hv-^?bQuraqFXkNnohu0EV?J2qYa
zkUsZeh8YRm%+Y&po}s*iVzc<43px{)%s^+%eIB_pKv{p?^WbDQ*SSia?c`;jq0P$k
zRJ+|B-TY^KVpmwLiVT1G%uH22LFIDuXmiE&-%(@!p2!~%sij0D3Jcp0&9C3g!o1Kk
zQ|T2bEnIDxoUvPHGqf1hv4hAriLe>kB!#+(oF(!-B5x9Tj#~9Eh|t7NB_Y9_znOn^
zh`ZH3jhpK$(vIGnH~V{NmU;-xA{XHPiQlzh%MU9ay6q|15O~=;`PgUrUh2z|`Ew&K
zt!e)9!}?@zTB`riveoy@HlzwWihg15XZNP1X28&Uv*h}_`O=3N$po8cB;%Krn%RnF
z5ra$DC=*YTv7PDB*QI6xo{d~cVV)uDD|__|)}j%<^dX*}2atM}_VV2QJA1F}1q{83
z!O)xXVQ3iMav0hO6AZmcpw%3PM*QrCO*0#|O>Nkgt$z~qlKT%EzSZ#kM>9M7zS@}C
zux+v`UH{};!6mQk%hLX(8!yEe!LFh+lJUz*8`;!T#Ng63X(M%u5tp%@>CxAvjj!yp
zrZCTtm6wOIFU5Ew9+;Lkl99^FkGNHu<ozI0dvb^OPknw++kk|5tUjatJG^qmXS8>Q
zr#oZmFdJrQI>uNJ%_6a<60q_|+yW^dz-KHL=Q_<+VXfk0vZ3FKWy+<(K-Nk6cW^1q
z?G2o9bun+UNnIirmtfJK#$nabL+UEE+=+8)E<ebUA^H2Tq&r~2l~<T$Tgsy0F6Tha
zPPnp{Fy$d{xIESM__=r@#5Z9NjX;S@IB5L*=-9+&TH>R!IP7#kFq#}rjHxZ*NdETp
zcx4u*=Uu?S&zd6Yk5ZeW1M$Haj595wiLvGUkBN`l)x0MGZ2ECeiR2iDy5%(F0?DMi
zL=1y4vC+4#4gEas!(z8+XkEqF#q1WBQ5Exq6yXu3i^|MVxIRsBzec1VM5S-f7-}3x
znz_1QAtTLP<-CQvQZJz)xg(7OZpf9Z%j@)wr*k!{Rj#$*fQ_%6W`h9yT+nYyYMi{F
z2RXfFivtL0roe^QPV;0ufHHK+jbzM|Ff4r@f0YR$DIy;w@-ZUJ;&cr?s=Y)`5cvp^
zXNV|7Qbhh4kzXP5c_J@RUMgI#W*>$A!6YQess}+n?fRj2$1QKrxBOO9v+uC`)+zTY
z-%<CiUG=`sTivUC4<Xoq;6ZmSU2U!K?YXtO%D4AcXoaukr=1nPCcStnnce_?pb6}_
zy%v97bv@})+%mv=*{yiw62(h4fQnD{D*hoKwvTGc7cw4Fq1RwLv!5CnAHrh5e?XC`
zy^qC};lYWJY#40l*DyIsj>eUdiO?`D5Im20k{YsS4;?so$UZaT<HYA6mC(#cE_v8>
z+?{ZTTmsKD=ShhYVUu{KaT{{bA*^gL>t6@A5?DH7v76z%R8LJbhfiY#o<*bNsM*T5
z3*`Kouse=-I*$tZxxu%+vTs4HB<xPq<Jigqqlw7nfLP^>CO+AJ&s*g-=dHZYfW}zv
z#ko~H7y8OyG_@GxN)5cgE6^fKZs!q_ql{)tfe=Uu&yW-@ORdX!%faYlIj?m@p;s~N
z)~f8Udum%u#k@uz6<~&=Z%2lJ*p7@D`an0enT;HsOckaDhSlK&c5cH4Tso_N4PRZ@
zstc1*pF)cjPKL|16~nQ9%$+V^J#RcR%D&U+*%&IOYzirmlrK^!LLsKDV#7^4o!V7a
zVV^#}u#9YwIZKJY2ci;&!A2E*Oj*ZfFT-loY-uz(7zGDl%p$6{!f7zc<tUMPl=F{h
zz4}$u|Dx+}rCmR+X~@<zPWs;p*1y)Ar7h??u3KCv>ucIFQpd|FzP!zTrblDF+iRE^
z7;E5=!g9t_T#8szm}l2$HJy=>Ux({v>sV4+cr5ucJq)Lj;n(N_5#q8cF)kVz9{j1-
z=j+tVri<YfY)I0iv*W{9P?AvDgVpMzqZ8DZ5&fMTPA0I`-9-gn>9jH)rIi|SOybZg
zu}j?;%XB{3|ExZj_M%#)8AMxReXq_Z2jU~DLT`aWDj$V7w^nOSqV~rU3CzDGy3Ag?
zateK%$Zr#2BOkj-`;e$fdr&-_*zHrkfg8lnrN%&Rc-(IH4_)1V?{a<0HREdi8&~B!
zUaz|ZIz)HLI{}ybu=^c<zuO(SiM228z&nq4n%qa-H(f;EIqp8-cDLPh5q;-a$#Jh6
Tx<{h#JRwQ$&RZ@J)~Wvw%||$I

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_validator.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_validator.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..232a0199078e8b4e78bd8db2f5de5deb90698ec0
GIT binary patch
literal 67801
zcmeHw33MFCd1lWA^xT6R1g{}@f&>QuPmvTvks`z!q|h9RHl$33zyKTzn1Oo+qzJG4
z6k8ipwiC&I(TZ|*BgSzyq~pX)UYyWZVkXi$wqzSakOVSTHr&`rR&O_X5-FK6H@k1Y
zzq-4+XV7zihYknL;g727s_N>h>Z<>)>t3%*!1euC{2$qKR1khb5$$4k5V`(a7D0Gk
zkOWzfERuDvMYgiPwmtTgH7M+H$Q425PNiIlJGQ;z9;fWw<C0x!x?6T5-M-he$18jH
z_+;N6zwBrC9D4(Ms^lt!7f2ON!bdD}^`n(N%d{rwf13pfb+-wU7_zNLd+3sDC1=kn
zC2WKRYj8<!$rG|_<qPKXqP6tT7qUryJ%1Z7Dc3g&Xi=a^kgC>Om1oNhEUg-8H9W16
zrPU&>j;GCGY4u2J;Au@Ptr2N+c-mZ+)`YaVJZ&CJn}@XdJZ=7<wPj(n1)UO3#M8la
zER{|L2a<9yeKZz46qDsBBE!LlqeJojXgVo}T&_bbPhav_Oy2BT9h64<`eLcn!01r$
zn35}=OaxcNsk&8KQVhY7p=cr)9U2ObL{q62l-wUrrQ(S}JXCwkk$561pTI3WiPbX@
zjSr2=v78&~!(u`8X7G4CeKd%wl5#31BYSS@X!1Bct6z=}q=PFcEfMPv_8pBT24k!>
zT~rcnlUbVv<m9lS6?>!u-NEE&dSo>1dV_|nyTzJy?vD<}`}QaM9?v>PqUpY)Ew-%p
zpi=V#tm3R+?KpG^t3Mmi6MAB)(V_HNOV+8TCFMSwVJgzpp!oIs0G=0m)rl(z>(xvN
z+hN-fPd!{Sq)sM5IJ|g>*A%ub5n3!`s~(VJ(R3^r4GyEh!3UDVBSW!ttpA{#q~TjV
z6n{JxOdk12tS=pEvCC9E>yl&XQ903<?2lzDQt5tl0Q-whMiw`+$Q}Y-%50~4Q+5P{
zxU!)KHb2_ab@0HW5{7i(0aWoQn_Q2MVq&mhL>)m)s*w}fhRAUA@mQo!Ygc4MX_y>9
zjdSonH6P$9;ivA}&un>W$5egr=>t>MjZg1YfZPAn-s{L996D>uI#|tFH=7Koax{_7
zy8GkN!9+5Zj`yXq7FV_s(>H}-x#{Q#Z49-awPx+<6C<&#lTW>@PnjK&)adXqrX?!2
zMf>}+6-sipLXHjNBRFf7oABIhr8<}Ts1@3!jm~vim7W(K6=VyRLM(x@O|mu#vR$$P
zIwU(_h2)Sc2P;}CvrY7gsb2^G2Dh_s<BfYzQ6C>@L`3|j(Yk&WJ!PCGSc9yRZIjh1
z1chG8!7e^|tYK@9Lrc~F_Eu`)uti(zw7&^7n*M342kLcdxgW9hYHPlr-B0dVq2AtU
z>Bm|t*(FCW%@}s|__UDzx0z4wElBKNC<whY{_N_h)<XK<W}%nfpIurjwP!{#EQZpx
zT0Z@+S?L27$stwDsFibbo@3g|FyD80>*{k#nYK<Zg;rHal{0EpIen*(m^x8;>&of7
zX{FK1%2GWZwrk^r-PpdmLJ$&;-Ue+<45b^jH2rV05O!##wZAdU@`OEX>!FV@?@Cli
z&g8Lh<vu~5iT&Tm>GyegMG(c_><Zi0StR%2!FAU4w4&j9f6fU*f0@sq3ay_?=B(6m
z0?V<naS<i2<O_@K78Y~PV3eF%UD{t7rA|wtqSG?66JxbN=~E-T&9U;&j@4ZntDtd|
zl<;kiRbY0k?$TH_n~asKcd3>dc4^;ZqEf0#{#n?)d6yt0U(;57?9!;guu_<>j@4lg
zR>zvdA2Y0uwRe1PTB5aDYqQqMvi9|9rLi~Fen8i7K5B-MF<<TZ8eTG|TkBP+F63bA
zyH~208p2+6wfD_nwfAXtX@Aw#-h~yv5-a|zSn*9}rqoF2XTmSdNd&@vGrB!d84iRi
z2@_0ySsVTSZ<aAbo5C*4(79AvpQ9!FB%rllnm41_Tn_%{*Xq{ZBU%pr$4g=M&MVn|
zKKj!9yS9S|FrL5HCSV6xko>CIm?dB9(OyyefN7Mg!c{tMpQsMI!qseCk7MjBwF3Qh
zz_S)6Y6{GT+Hg&{mP#e+!gVMY(8^)mdbO-sQHfa*q-W1yR`9Ry13D`_+RQ6Cf2zvP
zS*_)i7OAU8z0@o%4%e%zM?<*6jJFnU(8>h`!>Ip3Ib-)o9ma0SBQ=lI&S30nwC8<5
z$F7#Qf2sOKH%iN-<>5xPpXU_l=Q&!rpm8^EHGGh25ENB~&V_6j*iO(St&m#6P3kk|
z&R{2)t36lytL_9?H3;`ls5?T!gK!o8SL1&T{?{dH2d#^QRzdrs`$3NmScAes@GgSF
zPO*D^r){AyU};%77JcMsEMZ{HDLlhqJQa){NyQTBR>osYDO}0mz)*A$cjQ>`!RSy5
z?5{+>D;n&NrTXOfNIHHjrf>|Ycs$WJG}<5Q58d>nj*h0|L!skG<9$cF!J+dgj4<L@
zjmE~-gMS&5)4`=HMoz42Nx43z27;X|sl6q&f>JtKQmrguO$!)|Pi9?la28YPXrd3?
zG?_8~WMa0o*t52g6YT^#2&^Hn?m;}(8c&_IjIE=}P>1py1oY>Gh&u}Y6yw0Uo}{;+
z%<EfHXKgYKw;TeX`qtm{8Ct!uB}IuFQTshbYF8O_G4m%BZy9k|P0PJOtcJ6eo7T=w
zJbs_rUghP`aQ)?2C$81r8v*qe`ZdHjdnwnG=+|JU((U)qI}ODWXC2C$uU6lDt-MYR
z-E-4#=z|W7Q`U|?Z<mRkmUVJY8|(Q*i)E~h8i&VWYH0nM-%d0uGz|V}bTEb?cCdD}
z*kpRRyp;fZxG2XyIvST_{aO3LZHIQD>OQKP-bt;x1CLSarjYuko3u0p)Fh0Yk_`bh
z37w`lAvBac9+O>9u0YSUIP@mS8`MtN#NN4MOl0qd7O?nQG-)kM*`T*+4SGm<7=^Un
zM?dS21IL@Xa07$)5M0x)RJ{fhmBrVL8GC&VTFa8xw=~GaT9Ju^m=(3DmbInQvb>UR
z(6^EG+&^+6a%40<l*YG{tr$x7;WN&<kV@R-NL0=?M!?%29qNzBu@N~kIFvjR9f~BP
z!(in`Qqh4JC1-ux*eA=`@HG(<YedtL*b_8SqiNj9dW>IFwkm>04Y68@DUBs08_-&*
zP3)}4IL)&a%CwX_spXaGw8%QxkYp>OBO|dyf7Yix`baW4lpJZ9m$j#2LjzecJv<VD
z7~yEvsXitt%Os%6x~UJ8nY&hrD2-olywhQftTSfYV2s>j%(liD*=UU9l-Z<=g7VOg
z4*9{nMztGD-lJqzn%mKy6I-7XQ>#^TZp?Yenw;1=V{A=FPHb&XEH~$d6cMl_jwp1=
zetMU6Y%VEld@7>KlQ8lmpNSmDb`#-3fk+~m#sH3DAP*Gg(uZ!P!cAyO>Ir-kPYG{V
z2)>%<?mK6n@UDNoanWzOPwt+oTQFI-JX5#)E4DMce&0J$x8dZ2Hyna*!`q?|Xgam*
zQuCS#|JreJ?G^vpNipY_5!ZfpjHl(sl;kVo+EdGnISetL15Yq!;nB<D+HtdIPWkI5
z{mmJF^SHR`bW8#MRg<FnyC|+2_c!yX61Xg`I(dwzW%L+s@Z1wrAJ4=CNM?^*mhmqe
z7u(J(Re-;3QdEBz#kO%j-cwIO__EkWk5tn#dJH#s?g^@oXW{`QzZY*=Gv|fQ&vlNA
z%RZZWu5-e_2%*ytF@RT}6xH8^xNO|Nh)0#cWh%teGC46N`HHygxedk~S`0;>>r`$S
zt48?rLp(nZAoo<D{sr&nyr-g>K=7nv%HM=Ja4PoF@QcF;oc!3S;Y{vypd@89FVTHI
zusrRQKI)hnS`1S|D`zZ%>F_t={*z<l;{KN&d+{;+nVjFAnct28;Kckj2;lDgH5otV
z^?t<84FG({@m=o)FN=N0o7u1*x0K%%HM<hKL@|Dkr=1G(w2Zi4i(N+WG3CYto;1JR
z5T<8O{~_DCf$w;g8+g{afxJ9O`;LRB;aOS?&(g~A+eHG%exm`a$QAGUn<<j$er9QO
zf$e`Ra79;F=7<?-H)dkS?ZB4u#EgPuy~AQgD2zy4j2ILivGs^}e%_U^w+YEZVFzPk
z4sg<e1Uy_c)x*V&dSM87Y~c!!llH@1Ixz{+Bo|2baG|5IlqNbQ7DPWWee|cyMChlN
zGH2p(Q6ZQ<4#P9db8~T8$(&qtCRM1!WF^#M#Bilb=!phGPj92S7*5m(Jnb(CJpqKA
z9qgglpir2U>;6ZTkaKp+%h8WA4V%0f0K~vX!axg9I)rFJV<VzU*>$`h2qi<4<h4{2
zjS<6jTf91YDL+K1JpfsMUOjS{ZuJt72pl5tFo8!1947D~fU{1ykHY-~Vgv{^laCUJ
z6Br=y5dx0`qzJ3!NQZ)Dv@@h2k&NUup)iKAw-kmkgUWVOtG*2Il<>N@x=h^SP2d*w
zlm4X{KQ_}<XQ~;<TeZji*ckO~9pU1exSAWw^O@?rf{0?}zv0AsbQ$Z>b!9!;5wN`+
zaP3&|0a%YD+bym~cD5cla@M1Y_u+a}QF4{JmG!8SuScTfe2>;6mvKEJhJdyxZ7H%S
z^?^i#!W4+dNHm>}4UeS3lh7CvGh3KyOzJ9kagsklAGgVpvw<x+CN)RKVsf(Z!t+q6
zg=fZ99=wg^rzPWW85cumfZ_sV{Gmxv{aqA8<Ng*NRRWjA5FzwxmW&?54W4^~s^Xb=
z;F1{P%a8mY(dM(z^b@mUgmDxik*q5c8BX?(4#g1mL?Ry@jSdm70Wp6hG7y(j>7jTc
zhIKh2KS`75lLVdt$ks(7VE#e<jHZelKQfB3L9WkGhAIL?ipongKzd#&LMwh%xMuY^
zx-Hj&4oB-dK8K@C$xb<GOX3&t)##d;u2~}uHD`V820!sZMcML=$559!3iz)O+~uKw
zOw%l3)%DCs*GsC%M+>FOu$8Bh_>Wy0VwJE#Qb>qq-lc1qndqe1C6WGVI%m)Z&Wk@{
z@8Rf-UU9+!-Jn>w0=hxRb5KW)Fq-S9K{tq`NbbWA8&F4&LAGLw3Tki2QAhnLCD1yp
zZA@OMmxA;#{{k<cFTOw>Jq8)3d2Wsnmdweuh$JtUEcztBK{tprG}&dS%S0m!Z8Xyj
z5`j88fI1!v+j~rO4sLU-0<&Xvm&VFWkL&intE$<tx*KCPC>AEkc3Qi?pb%w6^L$Aq
z+^WZ<JP90E(TBXt$U-M^6qmXMQ=<^ieRLEOIv4gqDBUxu9N4Krc{CA{iTinTQ5PxU
zZ$_#35VZ5tNz{kTWHTTqkH!0AGPJFUDqt$-jDWmZ-8Pz%+aLvO<4jscRNnOAiK-HL
z2#@G~P;RG^YY40&kV`Pi8!3&p-If4TIya*q<quP)GHFKnQOZo)Xp2jy9<y%NN2&m@
z3{sLdFHTAZ6<TsRL+n^ZI=h;5^;1xHXE<quNj|gp7uwzx7Io<wehE)c{S|Nv#+7ae
zO*J%*FWT{z&D!8P=?3qa_|)U=J0`qcFON=n=AGGc-Dcfoae;$9r@0{C+DTa^y<Km5
z7=1a*B-WYRoFpzzMXQYS0<3VNqN}Kne<l#TiLSol?Yfz2#$Z10-n-Ivdg<Oq#|4Lo
z;H!<Uy~~}iHnZ?b*WOLJbhd~hjPLgvRJGqnNM9a@kobi;9K!-gUoY9JuuE4Zhcc6e
z)WkP`1&U@THH1r5hAhDo1piC~I_S(%X?68-B(TR6y~{xdNl{;aiYcn5BUKu|O=~4n
zhSW=&a_gp-26_l{wi&gO_?`N5Ok1g=pS*R*XDDUbI=vKH<t~|9M_TpPnAgjZ){=GV
zigO-Soyo~m-<>LF)YXf(S1v<cCWtD~Tdppqjg-n61$xWW-#;b!lYe4HkVpZdhoC-Z
zf>b5{wkN1I!0;z|Tvw?}{;#l)h>K)c>-+vc%;|emj<!@4c3}2aAO3Tlm@&MedB1Yi
z(ULiJ)w5D#<<)wtWSxAhO6KHhsZxzPsxGJi*M(i`sQPCxs$3CMYo|J@ZiR4R3Qb-R
zFdvudZ(($Q9QNjo-P2`{UBlsTzhA~qYE+5CfHX&H3J27FcFv%m&4@#iE2#ZE@`GZs
zg`Ku;dr3sr*6mXf*}2^e>6D+xXCwb70!$$B0)^-!l1~AUqSAeLNKxrNuBgN`L=+_S
zK6=tN0^0$`>Npb1P-$k|8tZ2oO7ae5&{T&ET1lkHq^b_-YC6!;QPL1lHFu!dqa=}v
zkJ1!quj#rxd8$K9g{cjXBu%jm^8E-YO*E?WbU<3ebbr>2H5EbHr>jzxY7F$(cmw3q
zcy^Bd8eWPusHLhfrcQ{f($D3h>k%sP%K)fW7xuhJsXCfIMA0~bVFC#PNdhATK1zT@
zK}MCB96g;}Wttp)o{cHu1L~;08d5O+71J?(Rbep|VQNPaP2XtS3{ZaaD(HPuelWoy
zE2>|8r!oH8rVobp0%?)#`ReMktIu09D>oxNxpI4E<#ra>m07t9f$^2QCRXlYfjt@j
zo=N0kzl*p<niv$lWC%}Ck<Cgv3vV}scNxNZRZ5})Gvb~p|Eh6u=U1OR`{enDGHqKC
zo^0EhY1@gwI0F8ilSpB|i%22;3W{DbgeNHHRwbQ<^&(0l;1zLa5&B_&E$D~+R-zve
z{DIZAzsmUo4-412_Akz*AGqGYZ(%;&F8z?O^-gCR+rc!PA=7v|lXx1_*k*>Kfe~pT
zrZLkvm>Js`axGw5t{nE3`;N1Xx$c051(wA&=A{@0UW&=AW8kH7atyqnN$DM88y915
zb^l8#oS^%LiV^t7wrm@~2CQ$ra5~Yd`>=rWxZ=e^(Krnf^Xf<}NP41B8)w+Wn2T5{
zic)z&q@r7sEv_jhTO{pM=DQ$Aq?i@S&q4$Ytvvo!i?85bm~}B#R#sWL%qt_yN@jcD
zAJE>$Ho~J6VtZho)`J<V3aa{0)XiZurP9ffRAeMR5+h+*cGC<ttlXj>r;X|o0Q^GK
zuRdS(oqIF&2T!_xN(v4+OsQ*(DRtFbr)g7q>Lxu4GM)whId%G;-+c0tXY~!vlky3H
zMon>X`RVAm2$1nFpA^;KMR7S(MbuMp>$14~<P$tgMvvhJ&pkm^@k~5$NnC!zPkfqp
zIJf4q&aK&TA6DBPt7)}G@a5I69b23)Z>*&7eXcG~C6gdRNGX4oM&;KC{5pYW34DRT
zSpr`r@En0WiR0%fjQ}w!xx~@$Xua0#b?madv%u|Gp-3DllexsP6?aN|w}6j}N~uB?
z2P+{`WpYQ|cg(}wb<7)|qsL&g;1}OQ)|jxMHd!Eb)I^`~B-G1GlJ5&_7{+^ctxk5&
zuKT*kkyi4}M5;WzIBajTNunypbZX@_22R2ecJvTKI`1;DnWlTufL8+gXOLLt#UH6K
zlRd&_*OmNKScJs#MQwS{^Jc)=PI_~o?B)(TvGsTkKcN$flDC&Lrg}`7IocZ%Vak-<
z0$QCt=4=7J*lTUevv4$*2J%wadc211&^)(J{OheT&&d_k$PW{<YH~?_DZq(;ckg`d
zeGE@EVZDH*!x<h1;@=6Plx$m1!2&C&)ujKu&9SPQ9jm)ER?YetX`$O3tLoXYx*KCP
z=qxIYoQcG;X6!JNSP~ARV{@<*)X+H+Fft=L$Q+p$G189Ge1o;R`0W&2qj7t}L-J@W
z#27PYEleh<i6#jvHfJSe-6_a0Be8)2D2;U=Dq9{|%`m%c-NW1V?cTBNP*+3>Kkz`8
zBt^(AS+@4zzHQx+?gNnrc5Un4*`=i3LE+_DPaZcU>*sb*iWD>JW@b?3i!`Z=jC>A-
z#j${4iiGyEUXG;E!x5;~srHT8jf5wfp$v*FvtU8OTT=g^i!jeuW$L$_bidxz0oKN)
zMH?W@oa;L2hsctNH!m$(Ur@X`HD}4WkBv7zaNS`8z6SAU5h16WvXGDy2qlzg6(Q%!
z)BWQj0sqQLQT<&MS27e)Pr<Fr;!4tDQ`0hf3^#c0395=`;sGQZEMY=tmXPAylJR`S
zIWQ=6RXT)=E6%C8NpWsTUO_~WY_NoRSKjiHxbj8~_3_UHf;mFYbKZTGwr?-pyWVl3
zSw!&F^{#z(=c`*O{92`JUwr{4#gqw?;sc3c=7~e6iAM`ym@udShRN6)Gs7{R499fk
z?1k?4A&zNextL>)w}NA89<y9bY^VvCZWqTS!3V=JiwQku!rtgs<OpA*4eCz|>{9Zd
z(T&Xj5H*B~@Fx^o*Bsu2nOcpeO!IZB_8SC<2xC^ix><(InDyoI>A#5zQs!I89JYl(
z{Z?t6aranLeD^RbbA}%Da{$H%e=oL;XP<oL$#Jpyw3PwaQcjBM@1odz@<|?30+*47
zJwwfr(PMN&%{)Q1@jN_mNo>C1r)BgVzL*jZ;yU5W=e%8Wv6yzbXfZ|b6_=~4(fLYk
zC57j@x>{xzQ!d{|cd1vRa&|Ed&n~9wVk$p{X>sf8<F8QZJFq@BYwKga4VnSX-coX*
zEL@lt_|*Rec+XbMcimdeWYv`a3O!)X!u<D+U_yR2i(slOX#?ZY92M1>n7@z+ru->d
z)l5{e%flH@Qt3OeCMud01ufbPD<jjaD9nH;ql(wi=J$Gie3#AX3ayW-+{$SxxB7D$
z+Y1C<A@J7(%!F5eOg9LS&?rTM3^JFib*#G98gMMWwj=<PIRMpUjxy#5uryiG^*y+g
zE5KSHNFH+0j#DM_oU|)qEI?7J1awLwpi6QBx+RzF8FaUJv-4;ZJp?L*ou8mew_=)U
z-A}0@T$2G2qGoLPfBj(qXh{GnSC7_2EdhTa(qXRM!?v(JY=J?YRkDZR&K(AK_)FIP
zQf0{AW`TokF4@N!08UsyY(jD7zlZ$YGvRARUvg-4IPnIFgW%0c9DwBo^Pc2@;f0*e
z+TgS3tUW8HVsMxrPoKzEs_yW!75%X^>@>0tna)s<tEmFi`jHe|DLMK_heuLyKt<gx
zUnKA&0+R%$08;e!j0LFh{^ls||2bn(QE6gzZ79~2p@QZ9fu6D-fEg|XYM&kZ^w`xo
z3#JwZ->eXpwoWZxIn})4>WcQM(3<nn%+mX(THDWW&n({hR;9hU=`E+TuKrD%J6Qcz
zrQhqjZmSBo-V~~wE+z>z-`ZD{mQLEjLJtjd-nCwhOLiu)<P(D|D5XkO_Nb?dhZnb5
zC8wIsrIlJO@P=;h;gU-IQN3JFX<|j`$mbB{#~*Q+xzd2@yi4`4&K2jGOp+5sJzP?!
zw}i<gNp0Sfqc-oo;|l3qRV7CzskhBslF3UknPjQlT!L9rA(<0HTqfycGRZrsW=<Z~
zKLwezi6j$aRdpL<RXsaakaOLQu?p&6h8DWbv8tIJtGh8)#rUu@w4$sv@?zPpT$CYO
zLRR>o!FW+siGCeZ$&}UlVY*Q++N@hJy7Pp9^0%m-7y*XCAEl6)P8jVv23em`o0;$S
znhj$rmd-a|>?*qZr%AW0jB5T58j-rfM1as}&f(;quAN-8HM3~z#G-AQAkf6B5t_cY
zY}oj&NW*eve!r;R?}`~Ve#NuTYCFGlZ@c5dd=bG{+g*FNI$zyP;n%FLeO0+^Y7tX{
zq1+3AS>-Dx=gIsE;BBNewh1Tm<Y8@as>QK09cyzjtj+!Yz}kBKczbq*IsO7Y7~6E_
z%(OEh2+z;EfX{iD{Lh;s|MSgA{+D}Rktt@TV_2Fd7RT$rKq<venO++B9lTh~sFibb
zo@3fd-LRCm4uol`*6F3tDu2n`eAG(j<XC6PoI1NHzzycAB>3uA4Y}@wJd?bDD|&OL
z^n_%g4+ch%!MrJkC~zWs@=Dm7r+oi(PTv-qouqtUb9h+SfGpV?y73~XV9d^#f_`B6
zW5LZFrCL=h(I?eO^<f`3G%a5%v5=uD`Bo<?;K>r$N_{D{cwjU^RWZIHA6pq~e0=ms
zOithg!BnI_HZqhvF$~WRq4YqDMIrZ#qBBgsEZ>VkEocb`cYv)VeTIi>#cGY5Wh+)|
zuzd>=n?jd8!<tMp7-LSiPgBibB5*%|W+he-C1TR&PRd>;UX-=d^IQBSaH1iqlHo)J
zZN+|<vYY`((TZ%qlPIX*O3TcV96G5Iolgx>++9C#3z$-VC2pWdsZ*wS(o{{uWKBn=
zrel0dcpR|i;kO(%rZ?r9?gV1y=+XzqDy)uV@~7a2Y~i@LebT=q<A-|H_VE=k3?rEF
zZ=Xau`&~qeAIee`y+q-KN_fJMPT>`L5hVlQ6>+;_6ky`Q;rBheJ8gfqboVO9g?S=^
z-&^I{z1jJ_^(@@!+T+Q^bh!TfQ>C?=e!(yubw3#>pigg~j_>rBx1W$keGax`*iX1-
zJ-%r5DzHnK=QP`~&2#EIb|EeI2CW5#_L*ZXW?Jr~fy8(0V*5$=UzgfVx-;rtQkB1#
zys;8(#J0g0#HF_ls3jHK7>KEzvoXj&LG^~sz^j-^72gb4TlCG~5vt-afe%qz^A%$A
zX<=ps%ocyPyt5sE)_7(pTtIV4kwQ%)Wz_|m-YSw99mbxUy%mahdNp%trT^b()O1Nb
zU+K@uY@y$LM;H1)y<q`esV$%@&p^cqAd{~bi{+DaV4>{EmQM<U)Md-68a`v?imyCy
z1-hZ$0wz_z@7d9Y)pN%JT0Iebd4X$3tMla*l@xAs?dZ&1Jw@~pqZ9uT@Yd->q7sRh
zZ!}>gI#F^><L|o}rRaHgDMiVis4(a8t83_Svo$pNt6^~qI>=y=RL=V8Wz?eY@KIBI
z+<dJw!?MkD-pcyv=T<@iI7QJZo;$OC!dhtL38^|6Gn1jr_Ae%okv^XJ{>1vX*#5NB
z(tV=T4uw3QRQITw{5@){Hk?R}j*KK_9GMQsb%Ucs?u@P8h7;}8NRXta{lVn}$>ehK
zd`HH?I9&#o9!NckV`xGxR$cyCLjQILdPM#rf!`tUB?9*YWNoM(uFZ)gm5Xm-%$vpS
zZDGv1mu+EeGb^=)tt?8YC=y-GNyW}vCsuMQT1ng3W5o%UsYZCMd+<$%P`l<$!B*>g
z%TdATmcX5$TLSPBvF%L#SLdIdf9|81mQ9FFwrtC^Y(roi0spp1q_E#bq>!_8ie55=
zCn)D8C7p%!B1$6QWpUe-zjj<~f64oz7xu`FD-fP+Y|k{}K#TTq1pGKvLj7G7+fR-v
zu}gYzg7U3Ul37?Uz)M~c+Y3@1U-9f*1pewyKk-)){I1`%bAj`_b69whYiE1zzUjdf
zW&7s$6}dQ~%2iCIL9xT7V+kZDR2f|O?+!u#0=gIu(yfQQ)Q}D-ctBTifE_R~kJu%F
zZv`H%!CeF#wOOSa?7v2<U$}#k>ht$msp0TC)ZD11b4mJoweDNA`MpJpj9&5y!!BK!
zHX%yZ<f*Weal-h?s4AzHbHL19&q;IG*{Ds2pV9YTX>Kn#l*(mp-K)Jj?e+b{snwri
zs=B6A8>XCEz4Scox%%H`!(O1322XS@&TyPbD~VI9KgYC{I_GYM`gmrutd}xvon8v9
znrC>1d2SsWDOE40=1SJd-DKgUSLO6xx3oZ77<Q|CL{BfqNVyDk1+_H&FX&Rv=hXUI
zb!`SNZ32FoN6x~+nd?C4C8a9**x;D1Sx?hKkR((j|0(Qa^HbLgA<R(k15?}$vy=2f
zf`>n@&rU-b^B(40)si{O9}C@i+#(e-^s^IA{hSwGeh(L-tl=<@@xp(-Ko5&Wd)PbM
z!^(UsV4+XE3*N&;aYJkOcT3`iR?fdz(*58Yq?E_h=*FB~<gqxIgc}p#X60}+o&XR0
z4H`H_*Y1Z1!7%tDB}@>w44{=tA5V^Xjz#5o^vF;wMFnZoe1mpPrcO5_bFJd+bouY8
z(w`9E$Ye{koTY>x6JQvnokFzX<(p>BggGw%6cwBe=)Cc)m$NlUp-=H9^DTNxi~v&~
zU<hWpta55=9;;mCl`l0%L5FdWUwj0Na)vvmvfFO~`^>AOlMv5tOa$;x8t1*_`hqJ*
zxiB=<yyWVNj;T=F`HsxePH<32sZfMcVJ%ZWRPJw>3bmi#mRWkA;eK5WDIGSD(&3yr
zu9M!k*TF0~S7TxR9aU8LKyuzYG{#ZK8RxhNknwj+it6v8*ufY?6um@Y@ZBjqVMs^#
zjFXq(fy-hC?3fK4stwwMHk|Q|ivSrvPRCP!7sU<iK@`12VLXV!6NYqz&-i!=9=IZI
zFm<uE1atdBz_Y)`c46Mq{T9bxT113@U~%maIDg<~;TqTe<^s6(QLH@Wst<Eq+X_Wt
z=#w&h+b+3*YkQ%0>VsObAsrYocqAH*kb`T3W0Hq!lQMF39<E(O&R3`5+Vu?AZn(p^
zcB6!U2LC#F@k0J}W^rvyK4BKure07k;1+iq*KSm>z@oUe;u^XTuI-t{1o>#0;o8*0
zIwsgy)UV7;v?7*_bsk6zolu<pt=0@Ag8lL6U?Q2qNl&Su>L?IS0=3iS5l{-GLW(&?
zw(@vXPQ(*~W3@YQRCTN`%2<rr8Bt?(VH{hZh#hCgMxk^n9gD)*;5EFm{4)ZCV#;q5
zAly<xOI<y&=#c7#@GYdiK{DVO;gpJx!s19JL~-nh^a45>DzC4oH0~~;pp5x>1Mi$F
zj4QU};)-z$8a&uU)X|6-hB5o#4DiJw^$Zfus5qkeX+F*vnp(VRs(Di}oUyGSPC1J+
zKEw|m<^ei^I0u#6IO$&wM~>s-#xwUaknwMv6xH8FapO2Sd8Fti3Imm+@Pr{9;WPIt
z$wqiZ+-S-)RZ+P;&4kMB2@ooW@b?3*Jqw-RZ(`wQ*Pf1CRE{fa{1CLot%(~oX5Gxq
ziHyuqtro`a<V;X}QtDOAoCyAPUG&d@g5|{@v73p)pyKCdCvofoYe{DueFKam&Vnjn
zP~>5ZBX5r3gU`SaGG#Yu@5tDi#4yyK!dZ>l`;y(AepW>e!%#0}F1j)v%jPpY!#uYx
z=qyz)XJ-*=&YT=NB@$oWDI*mZHcn<xH0Ub4Y0kg_P4!qSbHt{x1DJPv92!Ob1hlPE
z^{LCwgko%#uVDZbUdo?RXgPrw2+$BPAN|Z_O}G3e#Wxf93IXP>b}fZyl$A4q{Urov
ze@HpQ1bPWb1P&2+m_VKuh`B`sdo1H?9HlahrNQKAAED^u04Y<82*pjV)-w@q5uv!s
zMF(X&XRrxPFa9~&d#H<4SGfikXk6c8qGoMzRgVv>8{MyXy6Pdj>T;0m3c*(#uC5yA
zEB;Cf*SorwXl``v46%BH92t*Q?M|@q2=W6v$Ev!MLAawkswY7h`&k;<UnB7A1fC`E
zI)T3<@DBvuAn?xw$eob<{|HzxBBn;ouhLxtKgIu4JHW3BR}UO{+g9svU2FBhGjGu6
zcmM~2dSU0hpvuv4ZP^OP#%qTxD;)Q{bI9V?{Pj{5efZBWJdj=2@57&5b7wMjF4xdm
zb`QE*+}Zk^`FIdhbcY-tNXO6MF*z2pw0ST|;Ae5CT<%23s_`1y;NdrHsS$Rq5rk1J
z2_x&m)*kRV@-O;im8*b+5!M=ETe~G}hlw<Far7r>PYMeA*9n4K2nq(zz_9M7r)yh<
zmN(%r<bmzCX`Tv09#?@pI1%-h-o_nvge$_8<XRo4a`N8N+J`OJXJ!Q)<~d;!?jP&h
zJ{li_Mgx`~)mB|ujmfiQFqM{L(P70UX8LF>I2b<`OK5&ELoSzk7W?MlP&}0mCI^Bm
zqW%3c9BZ;8kz0c4QSe+-E}4{QWZLZHIRIH-uK$><ol3!UTm<@^9F_ZG*$TA=t4wk`
znM5sp+T=x;%_dsfuhVkB7~}Q45Ed{)AS-1vq#FDuVe?_gDluR7dj%NG9}}K;V0>$o
z@g1~ov<+Bb?_SY|SH!!M30^mINpRMdwT9ZWmPpnTP0_Rkr&&?NcHTP}OF*SVzAwu>
zL2&baKKE5?bb7xCITF=Qs}J2fl!OcR)O{gd#W(RjDSEp%up*B)Z2jWki~Xmf=c>*f
z{iFFWSzfe!aq#EYMcn>`XRhV*&bgMm_5PzH{kiWid#Po{7niG$B3A=^3;(b4MmKH$
za>H-eo~}B#?R?`O?SHA`#f~pG{9LX<p1al9{@4&K4h(};tg+vwR@W1tCdni_l*zn8
zUPOTKJNPHaQuxONq5xSNoEyM}K{B3zL-jsNZl+`h>0hQ~k?L^)WS!|Gj-`xX;$}Tc
zQ27?Lm>e5U9*d=D05N^orOcrQ#b3d+8Ilc|ucn1&)LFD5_1{oEyc@WL>iQR&KHqfu
zL+2mK%<Gz{dT>0j^Q7a)^A<m|@8pgtPt~*gp4s<$p!NmV=UrEW?N?jc&efjrO)YE1
zX1}-z+AwwX*KJ}|_0McBukS6JFn`J0jY3^xreW)E4^A{}ov7V<()oHrQ>JPA*@lUx
z?Gp{#PkQp>Q=<1-&oiFaJ%MNUe0tB-d97C$u9#|ulp_Rx3c>of9F<ko*KJO(?`@mg
z>3XwKfJ258&zv|_H$i&z3yZi_xQ0)dKJOm9asDM)+PHi5oWrN-IBHV=plQr5$=Yk@
zVRExzH{5ezxu7)Tk`BiU-0eHjWbDE@f9t{yIE2@fHaT6SZ4ZeG2y+R+%e#s?gs;qZ
zwvZoxq|!_T4>b@sse!;DJXZoK%OSjnsepKMR6u5CtVgsGaaP!6t}>#ls}Q12S6L3>
zIZXpLw9oJiT6OX+&||vFgx(tSoH`p<qm|r@R?<}_$~V0#q%y(OC5nlfyZ^bApt<{J
zstRIt_gU-Bx#m_@iNSc{3E4xd5k3w<{u%*B9T9?GkVH}sz`cj^tRj#{9R=itR3-JK
z{B;8K#pH{FAEUG~Nu;x0gAiEp5uF@OkBp`bBH(XReT-gWO)5w<VG|eBmDISNDmsVy
za*7o>!mP+ylIl4c)YMQaR&di!lM#7YRlG*4t{>njVXD4qvVKjbe$AA3!?<T7jKkT1
zxa31RM_8NZUm9nWY{}Fgn0`jdZF`npbviaK5}-q$)Zaz%E*vat;?OCz7^Cy&-mVq4
z3+|;|4UP-#BEqjUxVn})Us+U1;T5i~4Y`~y+8k+pzCM8Ub#{d}U*QcRNxs%4oLKkI
zhFwg(>YLi?TBiD+C+udXOJC3xtgy}!HpDLTwOrfXwjj@Yr2a>S+B0b-?NGY1nfac;
z_ZqDa%ToX2rLaT!4bL!FPUE9iGAG}mO6KIIzfgZw)c-uB@EZ20%4yyisQ+>0IgM~s
z)&H=UB}lFQ8(~x2L$VSDp74czrV4<5sV4c7qM(`xgacatGVDYj6;qxpTnPj)Lu(KJ
z+%QAy?)cbq1wXBAWsN;Ag|V+IIZpi4*pfN<*h}>)C$~y!kQ&2P>WEg)U_`66k<|XG
zBkIS91`<w;*b?PiH^PKpnsb{Y)-*d}cW1<kVU#%Yc3CN$5_#HHtP*G5HqR7oRG9CZ
zF<W4hA10gp^_opS0;)|uPM%#+#9W`St3<3{<A=DOY|*8{beL-=YFBVlVomDj;mV8A
zT8NqNDdLD;;~Eh)j&Mq^8O>w7qdY`cUVvwy(zQh@Rmk~B`oxIAniTc5)RcoH{|dbX
zd#5rn<!m7TEwXMy6Yx~VjOeF&m(l>fNFk;}nTJ3ZSEM9PntYT%o=gIKv0U`J6p}5+
z$QTOVnvRn9N7hk{9a4xhW`blFsN(PNeyMFBY~D9Wc5TySO-rVxWn66gY-+rwWx~G_
z!814-5Fq1kn-taGgxJOocF|LC>oS$%Su!~>CHacj_8im()l$fz#ZVNFQ|=h+M)*vW
z7vKS8pQ>t@tXiI_T7Jfosakom!f+1E&heG(nAnv$$HdYRuyj=IPUG*gxRVYNP}4Gc
z3^#agD!DSJm{J0V&9bL1%J>)2SvO$@jE23;fOio$)>Q(<54=%xqvYvuUO_}r_C}q_
zQ7{Tw(!Getl5W^7wTlS<(C_MA;QZkn7GC7)&a+$M0{Antj3>dI@uVPs$&+THcyr>U
z|LGibyb$6yjWjVJP8|8iN~K;o3?Ln?G|$OVtde!==(Xlm!NdG?>gY9zG1z6O%bdh0
ziC!1m+-Kxf0qmmcejE)OlfeLykH!09q2sY5avkj!GvN|tD~6N(@qrUel#U&r?UDsF
zybO!KzU#snPoAN{Szp<k<|=BgzG>!)+)+=t+hB1Q45V10Y;YP>xby9KyObgviI{Cv
zN+)G=?N|?LLQv&IGM%SXvZ8lr)2jr?+4NSAdqVFeXK881zmyKYg|X@Vlm2xX|2hQD
ziwtD^_fH~~{Vt04kNejt;Y$>TnJL|xFr*`VUR08e@QQf9>A^F~(%ogFrF+L3#!<4_
zUS8ws5}YsJTZ!~nY_6_6mwvNLx1eiW%`V+cBkF^&bhlW?79Net5Ew$Z895f0)1%R$
z;b`AcNF77{v15^A!*b({*YV1J)F&sEg<M`k<$r>8Pq+V)*HYR#fK;Icu_JFmR0Oc5
z3!?h8?5;z2tchrR#x;r9wWcqLo5wv{-X}}qHf>4Vb{;lJ0Mm^9u_Tf$KQs2nl1O1P
z@Ta9x4WEY%5(SOFE8;e@B~jjpk;+l55iy)L{J;J*LWMZ!ZBTxA=-;)Jbe4yXIYMSV
zvpjU_2wWf>bR_>h<Du6G5BpNq4k2ZQ>JnDq<iD8l(&N_skjRo!TEd_3Nj1bz5Bo_H
zW6+TPuVs)|wM;|0j!NsCbpruoF24w9Tx6;Kj`QF-e|$zfcwP!Kx?XAsS=l~c1(Uxy
zca&cqfPO{OY;SAh|1R|Q+}YlK_j<b+;{g(bua+TI__~rOWes8tOZWzamU-PRHbuhF
z24tnhdb2QIn;h!DCA?NKdLwa!+=6Em7ahnukPoc>YGU=nZ!lTksbY$(Q<WFQQgF<*
zn(EsMaMKq}fq#-_*+_r@jbK4;XHTM6sxF(AF%$m3On$8H6qi41>67oH1``t`>%M>F
zL}VZ-4@cAMWHLfX73K9W%)`^U+XIEylgj2E$5fExkzZ~uVe_8{Ffcf-S?%QJpn_@6
z_}*pBnGX_EzhmQM$Igo#J11&)0iM}5S-1RB-SSMw&XdmZ+Feur)^TyuxWDxrC=mD&
zQ-2rLG$r8@i}9O0@f-*cwLnJPWQg%(l$`P}CNE?D#ivi?`59wr+|?Lj+?5zlJbi+v
zWyE$vj3>iM*_0oC%sR*Y?dNu9{GF4c`n#y6DG8TYjNjym=XUe7jM!<2@#M>5=Z%JG
z0)l_L77*%oTT(6fD*nQIaFy+XXX(K?jtd<k!rz@&cd*kwKF4)%g>!r{rHrp~9o(F&
z!^AmG-4%r?uwNK0RX3bNxOEN_#f))tjuWsb&n;=GdYP80FGoxD&L7smwRv)I&{Eo@
zycDpa(uXzZIzXlB<w6Q_Y{&3gH`DC7Q(CHS=zu6ry()WxnDu$rZH`sV>{vky>u!uy
zbKXE9im|G_jqj>%cC7BkSPi-hTguMxh_L!m!XTMVU9dkHQ#{H>2L|9#HpuNnRSoCh
z-#_&ma6$%W6inu%riNy&?9*N1q%n5T*n=|Zke7!Fe;7Fp0zHYMhX_1OAXmO8KT2tj
z5m*BJHB~_8JD(}7Vy24TcYe=A((-7mT&8sCnl=y`OTxORgsbm24e<BioUzau9DYH-
zADR@^-$gORbVT$N+`24=NTWne%jhxO;JGKLDxQf4kjxZHnlt`pMaBJH(Q~hvhA-Y!
z_1yQ>kyLV@jiizYzh-mot9HKTW#Ky4K5k6xF*OZlMi$G6K5HdF6u-Qgz;*&%1fHW$
z;4=hZ(I_z4wCtc81jxQNMc4`*b-c(Cy!N1_3O2#Z*r~@=j%}7}%c>mP0p~dGduKzf
zqgAPdiuR!tzYu5F^=0@|+8S7{9IR-m%=$^Zvj=Yc4&wY7c&&-|;EOPqN?c_)aj*6q
zc4~3{!D{RXHFAniatwCSk+<CPN>6n%r}&!P6*vFYG}GCkw}g%7UA^2w%k<FOJPdXk
zM(gMyOYpo4UMf7M2dR3rjApw0I3&%>IIzAP9~DOIk*lz1^$@38dqbvsPg?EzQ%u!p
z^n=85Fj~Eoxq6K8&|AOZ8Rofl9~GtQ<(M+ZXq^nB)qPax$~1ai=E^jjXRmR|pxI0q
zE%Q-<LvKwu*a^3;IUVNCq1aJ(-wk^<e}!DwYW<{IQ0T27sc7DXQLG7jnST0z(7EW)
z1=lhA(xV71OhXTwj$$wAsIp6YSFM#%^o^mk>G(`94LYSRhf*os%J<7$<D*vUt#ymT
zk~z5rAN1`N3ko08x7QA0^Y@lNE4e&E8!2^G(#)iz?p~MX!1UjAcIs{g5*59Rv=P@G
zOdBLTUxX2R6C8El>3J5^o~pHeM)Pc1Y0R^^C40a8)q_*c(ma(O4$NR=xa>-MH)Ui-
zjuyqzZQb@Vc;7x%qkjI_4(8Janj3PI*sL5k56ZFhsGK0YJ+YenDZnv8kR8OMIA)_m
zA{5QC82q_m7gY^8Hz73UBR@Eb_YvkZ_fP5easn?9pg}VDzELeZH&UvJWvBdK=*CL~
z7*je|$3Dkc-;PXc@&Edl02T{Drd9y)<bxnMEfTz3^dLR|Dt4wlZCjldZBq5mhvFR&
zfm^Fb_2IB9&xeD9bt*IE?*=PBf+xzq41ll?$Vb)^OHuEtZXB35gY51+G)7U_<HQ4V
z-Vj&ZzeH#NB8uUvi6e(2s5?b($s9RU4_rJP8<!3}xA9c;rTB~Smy$0gCl<72YT71i
zy3cJm|IlB2=<6T)i^$g_6P?|ewcVF$x{?3qDPT&%C${;v1#q~PLH@8#GqgY;&(LBG
zY!O^fW^K{L35Z-;QC<!aXamp=Jfy+Qx8G$Xmabq~oF4lns(?+IZgeE7B?MCLC-5SH
zZxJYMyekh;zF`6h0!acR1O@?8gyU*@nEbDzkePS(VWDABgc1g<w9Mg@XzczCuQuH&
z()gl|JL+XQP(SHkmht1Xkaz8D=9)P#bbhXLTwM0q)N`E^q>R7p^g|4w9o$Xcgt%<n
zzlcYb0DR|>&4QXMlM_>tuZYXYN<q(|#ZdG)aPR4cv1)`*n>*?Io9cn_!@o3nIEF7_
z0%36gMi$ir6MhO__76;oIlm0u=V^x6WpMz-lsgj$Pb-N;Q<uxln18?J*}uT{<)!;Q
zjthPf!5?^B`{z1;P|v~(T>Dq&^8G~=A=>161w!SzG*TQchiq*YI3F^1rA!A$=N?-^
zu9QLb7(MfWN`Z^!X|9xg%$2hL4!cqgz)M2F!1K?GziY0PaVQtC?&=(_WzCE<QV8qj
zSg-j}zB+cLVGP>F#jtL@v<anA;Mfwly`E7k3G3FMV@?Ng{E4>?RDhwBY3p>X5;$6I
z$=sZ7E18qyXeD#%(v3QPYzZ`Y3><Tek#ZU83TkQkU+8af3|<>4;C2B8<1Xq-x%i<P
zjkoAZxr$NtbKXbCmNcpOvY!sl3E!z>OQ?srE9DZ$mMqc7OACSS4p0xnV~y_J^XZ(q
zYf24E^I88c`1jSnblkZaCrM&+m~^Fjh;^5DCI30>BXl%*Tw5Lb%jw~TVLBo`c=*5T
zTn)oFXuhIw<ED~1IVDyyC%3Sd^n-Wq(hP<*yl*g2L|$X-exeLY@DnN}*gUqM9R`zP
z4)Z`S1Z6Ufh04(YoJJl^j>69#yn+u61>p{yku3d+YrWX;Ncu#O4)P906a63;;ZF~W
z|B8EX#h<qiekYaM*a;?MwNi38mWF-6VDLB&A`BjvlZipl0aq~ahC>EvBQa2x#feD8
zcj~=VgrWS5kjy0&<+teW-xK%=fiDrbpFleR^sLG_nHN+qX<(6+*bXZBMFPJ=#cK`T
z*oe(x>VHTlNy;T+eo9rb1AU1y%pqd_m2R0)GK^q}(_J&F<)d`tcL|&!FaS`Dh*`u`
zsyJ=QMv%D&#2ksRQO$M~Cr3?+kY~fxrvX5^<ognDom#whs`(yxUc-4awhB5=2A<un
z+dS+%nWlV2tJAaR$>5A(^(6N@d=N1#lXIPrw`vb+J!2mi3HVzlMfG=4Y-Q)kQ1lXo
z;e?#R6NYqz&)9hh9=I&FPLV6UEx*_K+nwjCGK<$DJid7C<l-%v#amc-OUA!tQdEBz
zahIy6=p{pVLMg@4Sy(T^%OY^2hE7+`JDYwnK7?<34s_TqIF}w+=(rFP5&qFa*MX4p
zM=dPe;W{YfQc}ciXOxr=GM(qa8Z!0sXYIvISFRqr7SjKMD{mv}N_T@QRg^42hfLBx
zCmg8aph*pnY~$X#;ZcxFl#tKOC^JJ!uc);^!ePxh6dD~iNofw<OS*D=rAnQ-dC7q4
zQLswALo#o6X>uRtQP8iY>VFMZE!?_Cdk5fI)%4Fmx8=p5tHr4dy-w(q)R^j&aICBc
zlt%uA-mhiUS*}h=eQ%?d)12DU-jJ}BexiHyr<mg#oF>sQ8|Je|FSS5>p8gk<0xt!+
zr{3@k^V~W$Q>tE_nrYy=T4aNu>;Ej$+F^KVvzDg+EkMmw1J~AcwU+3)wNOHA6KJe*
z4*_K!mh_gJk5&^Kt+_e0^z3Neq0t(wE`m{7x?d@YQChlxq+*ow#<uN`4v|m+M@Tb|
z%*+ohDY289Pf+1WYq%w_%GBfWkrCt_l%svIfzhF%6Cvj4c1$F30uv-OVE*X7n8&=)
zp;VHcRn6|wcc&nXVAQLga=%8Q;;5slG*rm5q=H#Kg?gak-UN1QKBD(^dIYWO`P}Nq
zD6L#X?^h^uF~uQ;o2*;q4{MzpVf`9WyRQH@xn#Ld5=!<bcs-^Y^g{e|@vDI*)$i`<
z-RE~^=I)pXbWH^o>b`iVR<)kDeCMIe;+^otOKx}_Rn>1g6=aQR#ZN=l?y5h@fIw_&
zMbGA4)g~fG15oWbQ_Vmo--RU(&DNb-B79j~McPDaT1JoI20LP#?o3d9JQELG5?9?Y
zQ|+N8_QG24?)A366qfE@?D)&2BEsKW?ApD?`MuRFyxz6Pt{oI0n(Fo(pvg@bj2tHL
z9L>l)J)T{3g8(Vcq-YZ+Js!Vf&~mMLzT@6^?pvT~>`<mY+~*hK?7AMrpJEz2a>byd
zr6OBHRK>&5p*UQ8C*`gu$YWFdEFPO9@*|9fVPFF85C$e$_X>L~2}=;-J{^k!&!$=1
zcl-Y*c5C`x+0{eRtGtUaval5#1-r2howp!4bnMAY$HqkOMSmXQjCmLKP>uy@tz_7N
zUdmLPLoWsFzyYjL)G98cRm4%&>o;wc-hUcy##={v9C~Tf)=e*sRzg2YwRyA=_DV+@
zFimm0ju9H_HNo=GR~*OHS_ST@kgyI4Ev{~5{ilA=sCs5S1rKi|u~vPiWi1c0wHh+k
zR>~Oy7&DqqL1L-MB3;?Kc(e~L1CGVyR4k;D!AV(J>dRc);i;Xz1o^}C@f=0SXx6k=
z5hIdL7!x0whz^r-BtA^jpHAA149Lmh$VjyB@#tVIyV>L;$q^qGF8gKrf=BV#r-Z*1
z@44y^{KoE+AD<NGE5D24{F5L34Vb2=aV2n>Qh8b?C#ED{5$799A%`Kx3r>jh6`$$a
znt)aa{7e2gQjKRvt*5)VNQ9qU6t?cOB-d*5upf*JeV!Gdt}J02zGds-YQq<7>*e2l
z56zam%j642cPW?ox21oJTHDwctd}zV!t_%3Hf)ABG0)BEJjt$pMW7p{im+Y%iX6S1
z)-u#Z?5Mm8UlG@tGk!(T_*sMRsIt4oa<c*-3@|S+#_H+2Q9mKV#WW*C%Q5W>+KT$+
ztu(*aA=KiW+4oVQd>>INKSVXrM<Q>dD6{#ap<*A0dX~ikBTtHEcq&3i3q})Zb{KVb
zO*vmhZkeyr*Faw>PDJ+9eP-`T%T(jMadF-$`^hIK#d*r_qBxJHzZz2lmvhoGdJH#C
zfz^?d8Bx@ssI=0~+TBuVx)VP}uYQDp*(Q9LZV;f|Fhw(kHes7%!8<OiL;14UZLm~n
z`YC)*Vt%$P$W}%o@Us<(WW^&mJ0*>7V+TcL=R`(MP_Kp*1&(+!5t3ua<#;*<Q&VPB
zill6%nx<g2SyY+zjwa%1R&p5ryJXsn88V!$P%6w;8y8SGo{9~nWLoWH8daITdYQCr
zl^Mf0r$44NhE+3k`x_KpLg4cR{+Ph41ej7W!$??<<f1BB@m@S^bSQS8JcR1;6H-+1
zn>LHZ@|M+UvEQf{ES9H*PrCn3Sossd`%l7wjBwy@g;j6+DlCCFtA#o9>0s<BU-jvZ
zb3GaRJ#gGI$2u<5y(tQf^Ikadxf54K&$F&iyH4#sw=+|7?}XSnr6gQ!TrstH$vMmU
zhca`w0yQS?r32?iI7COqb(^aZmDJu?GT+knmH=>LkEPYJ;w=H-#!<^&3ndf0F<|`<
lR=Pp(#;%GZR!i$!0>K-H90x2EA$TKU6)p3x2>@(f{eOr6F*g7J

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_validator_autocorrect.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_validator_autocorrect.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..0dab27c754b9e74ea714af19e7407c3bbb048a1f
GIT binary patch
literal 44424
zcmeHw3v?XUdEV@Mb^+`z7Vig%B?y3Aid+!jOQJ;D6h(>;5tJ}okuenSSz;I9O295O
zv)}_VZKZKy#&+UI<74{KMm=qO$R;^unlx2qrww%~SMs9<MA2ApWQVQQrs`=DQl!ii
z_B84D-<i2HyPU-WASlT;hv2{W-nnyU=H5H^{{MIX|G(F3YJ38YPyCm_(<jFT;inYQ
z4|WET>tDAC!j}X|kOj#m+4tLIJNtF)b1L?*u+JsC!|EB2?7<nwesP~y_U`k^J}tdU
zu0pzVfAzi^xn`eV_Oo=?{=mMV97K4z<Zcz7w#l_mc?P@m+Z(@~f`oE=1xbuLHsM+5
zkn1GxU_=d@Y1tBdQk7I4wd>cH%~yjbrGNgYLkbxAd-;`e!*W6Dkb>-q8>O&R%R)`f
z0-iI}DoAyk?CKNA%`B}RX$?HBg{3tjt%;|#vb1KTweYkymez{2HlEhb(%O->jHfLd
zwMSMY>QODROgb0NrIef!9?8n#+_6;n$;4PXnaClQn9OC@4QFLJHJnRlGvTppb|UKY
z9b(ysv&U2NR^Pg?G&ww+Qk0R&v9KvGvX7)?B^OTQa;fo&95U`SN=l66QgV2Fax9mg
z7)$AS6lB_+NRLg*NK$hoPV$rC)X8IsNhOy`BAaoixOM{tX_J{;IIV;e!^4wuB9}tG
zgK~N_ok@&^Q?i_uaSBCG$SEZyA5SI2Cyu2urlP_lxVhqcn_6NZVlQ|PBu3N22eQM@
z6kHRD-0(4^1+?lxee9wl3qd1cFs0y)BDR8;*Ws|k)X}JkDSmxB$d`m6ty>DhCM{FO
zal|pkQ;*b*X`Mn4j;tKxCB+<FLc}(8-%dG&mkcMu<9I^U?l`Ivwez@~rS@1imVPD`
z&K`XljTenLWxBlJlT*1#IWwG1rV4H)m&{J)*e_}aS-i+1(-$mPQD!HVt2hx1<0x$1
zx%H{RU5_7pO3EbUk)0^wDb{hGnnWLB!T52#>%^(+Xl)doI8|thk0+i<#fSB0j8CW!
zDf>}+3;rw1K%N)gs;d9YgU>&bZw!C(U_R9R$^9y+3Ov96Ix+}{&N~V&c9%jGYf%)5
zMlVz)(}~ecR>`G@m4eMz@StxhXrd`sUvx`!J=)EgJ2jCic+u_T1bX^-!9RQ~kr_?J
zmC5n(gnTOEC^!<yWWlW_7u<4c96dZ@mm6{4f=5kOhN(LAqZ$F$o=+lx_SDmbLEdgW
zi9U1;gpwm>k2zvOjKa>S9ltL6mE0IQJW*$_%{*YCoxKCQ-=-c>aIyD2k2e`hXV7}X
z*|Ev-%-i)ihe{Dg(qpMiVmwuFDY=B4D>zb_<auX7R8pvlbnaBaqrGUsolND>&kHV@
z-d_$<0VwrpC7UU@l9S^T%6X^UjZ}FBku^l_1K~YEu0gEOqBg14<f*vY98`+jhw~fg
ziUT0e3pd<Cb?|drKfU!zLu<aR{i<77u{z(;lV9F-rE6_|P4vYTGb<j-uU`A2eWv5V
zYaZwF#%o@0ZRo0_s@;Fh6Y%=3J8G-lSA|-aTMnSaVg7|6!rS1Zh|ISQB&Xzx34TFx
zZ$Pc1CG4nmqF(mvLt9j_wx~8H541(iz;1atZX<VqOtl<HD@r;u8kSSfPNroHC+O72
z)5(-P<<mpq&Z)Lej4+vz^e7EUG>T@jIduri<ZgM!6X{GeHzJ3r*p)=Oh^!_;EhDc3
z!H80$ml&r;R;UKTYCEh@+hJUN82Yf-Gnm_hhL?T#uf#x}7v8K2+}0Xf^Wpo>9XR))
z>8(#rFF$;xYh8ZLeHWgcS@A%Ab>za}OvnB6X&02v550}9)BAi$cuJ6MU<SYh$PURa
zJ0(Y}AfxAlx+RzF8FfcIg)W*|jOoOfFLu*RvO}Fn-cF*xsa@I#OBKpS?Qj~SP&zR-
zb}D>yG8a~8Qc5K;;Inxon@O3+d2Pyw4x7JI8u-}P{C^Po5`Cezbr=UT_LzN8e;fXK
zf*|q9JuD2-b?lHFlJfyu#$ifv4Y~MPo8(4+6D98hPRaLxJ>xXxa}2q8K04<rIwuyL
za}Uu7%?@Hwq?!lpb^*^}r23C+Jo03(QwnHj=$mB+pKClZ&metHCC5;$o)EL?jF0}C
z5v3sg(-{e{VI}dy;$TR>-uTUUrP}QInC~$m`%UWFbR=IAgdrNe*fB_>Y{@~aQLJjC
zO{zQc)s6N|PW7}@Kh&&e9BkD?#&0K|O&>&JvaRSY?M6O5)G5S7{r&W3OW<it&qm*T
z$zi_gpbgJtyoq&guYQk;IemIgsUhlEhdz<1mKvp|SoL}vi`5LR&>zNBR;Qk3{NfpF
z^s@BdluZh5vt_*7Y!ffVL@UPm4%@2vUR&Lzw(2ojRu7@AT=ZRS-6JgY%W7d?R_ndi
zx+|?^w-Ph?$m^Hdvi}(KKZsc+6O0A*Q78HPMWc@Oh}a$rVnkea<R6R?(KHHJk39kX
z>z9@<`Pk{#%humwUSlV}3S;MTsUvD<BU>#5;}x-5ZJeuKz&KZ}KZX9QjdOuaQ0ioL
zjZbF5b-j|+b=SSR*2fzGQcP^Fy6(PL*J@qe{eC?fTp_F#^sg?7v1G&^7COKMhJ{C+
z1K;1~=nzJ1bLN><^F(^4jvpo@B#{YEW}eApPav4f$!RdsDHS*gX9-eK)-r%7J2C>{
zk|ZCJL<w+FW#yzVkx3%FPLm0VH|Kmf!UQfAVM0-vq{OM?z+<wL@^C8LnK+@u(-}yx
znc-AtxHEM!L7+xw_&HxVoET4sw;{`TdR<@thEAj$O(Y5Zktta@mYp0+hL5K7hoKC5
zQE?LfDOavPI-VYuvz@-vKAD*R^EMUrpn>yk;^J@B$1=*~#6(sGlmfVDbaFfeL9KrW
z>O_l#Nd!xVSLwH3MO8pjUFzfnz!sc3mXcFZc|DbHH&B&Z)ylESTzV{e;#hk4*sW0S
zq$2koO=o&JC~@9as8$ggf>I_^xBSZFQAl)z=S1bn49-_6kTByZG{JCg;1Ck*X$4@=
z#_rV<r}`s`?>Q}ix24efh!Q2q2rvgj>3pZ@Vd>1Kh(aI-Ay&W-9LP$fpU9?L{)7UE
zEXOi#K}IBQId7Y~e~!CwAi(NQ=WVy_+qR*E2j?ik0@K6eZc|@`9#_<B9L2e*!qcdc
zsYWWYFQPU<I>VlM19E#HcIVJ`05|aXeMB}Cy%>s=A43}f_!&>Lnxx`FdU2+rYKl5i
zq@mzD0Zb(o&!tZ07=*<jk3z$fJ09En$c{t1;!<qq&Rvoe-zOa$DAYgx*p7ktz`^*=
zJv#;--KD0=B+kely1l4ZUBRK`<U+N%y$Ze$Pn;r{EuN4IweevHxN$i(Arq1YEVEFJ
z)A6H|X#lAiwC7kBIg~<kT>Tta*7)dH_Gn^^0S5(dTuF?ecTUI!{|?s1_)2#%AhRw`
zxL6_=M>ifzWEfac2<p$Kcc4O@MKcw=fFhHuI?jg*P9-%qQV?_F6LFxX#|oa@NSxrQ
zLKS;6wa*o5c*!Kc%UP<4D!MTqnmT2{t7QOc4E7c$=~dN!*=LSyG)Fe55%o<rn<Mwj
zhf7LXZ@#eKoOh!_LM)-4#fOTxL|A*MW1bS%Mocyku@N(lQ4lYV%2f&j^FcJC^Db``
zPo?a`F!j7}RTS#l&i=|wsOO9)F9v4C))}$&s@+)=y5VqpeK&$aQ}o5!nZ^gtRK3;Q
zn{R4<vu<s^r8D2qm~W2eoAzJxy6XMcTw;swOwEmYp?w3gys={QHHW?3H!U^;vui>&
zByB=clkZH`4N>sdeSZ7&`bRF+?E24>`Rew3OV{+KUDM6db(dq0&4&yvonNauvp3(c
ze70fLOv9=_be!As2Q`-(HlNvjvx>6J*6h0K7lMtmfzFvg=d`%yg``RXYi335?{#s_
zbfA+*)xc$O&6(poZN`Y<1kZhm%Hx@M0Ll44!)%~uCeSl2M$dJrBoLhywZGTJ=yafm
zN7cY(F-o`8vdkDUoZz`HQF%NQ4<MP{GBOj0(A}P3WTy0%5q^OhnERGmZo1_YB^M%!
zWB{vmt+Sz(Goh82Lfz;VftG1;^$Sfifz`93_IF8KeP&9Hy<r6TX{5c-#A7o>F`kS}
z`9S@&*m2e~6X=)~wZBVZ$C*hr_J$GUr;&En!(%f=F`kS}`M~mNG4jGHRNbto{aq3x
zXFj3E-Y|mvG}2yJ#bYx?F`j%`jNI&?PWUr{=q>ccAJ*);rF7w&y4YG1>vCLN)g24D
zUal4qz8vz!R(LPBvv8L$w!u?`6^gisxP|LK!3chrutK*k%SfI%kU~0F4k@H_W~30f
zBcYBZNMV(R6jm=WQdlG5p9v`}iI+tR{fj~h0}Rgy7U3DSOD^r+IZ{|#QCeRNQW)Y$
zVVzXJWJqC6MWk@C=u-o0t;Tz;byr%;CN;5@3xCW%Xn`7LzhYqICOrPDSkq{hT9*8q
z;aHC@t1cKJYFWZ>rizcMt=cyeSOCt%ku<#&;7s^RCccK6wookLh+j}@%hbkdV?kPz
z$b@1cy)Kg9m>1?3BFvAjUjXV?t3TsiK>dPx+4_6Tt4;Y;Md(N!L;dQO2=${et2PrF
zt(gP)a11<J5gl<1JfWc@ol{3ubR?{;vGR4^5^MzU32C~VGR_}`JoXIJNJ%E4wo)D*
z(U6b>1`_hj<k6Izfj);4Po^fuvZn}!03?!_m{8%6ajfD)O((&ykubv~7(9aWKt4|E
z0EfI4J&vtf7koyU@^(u75RnfP*+FC{kw-uV4#~SIe2~Z<B72F@YQ8)`<Z&W{AXC-)
zdb5I6?5Q0l*kGd$Mj)Vp5oPd+)X6mTk9?<BM|`IXeqJDx86ysvR<7m!ASA(WoNCZB
zggcG*>6Cw!a>a>|m?s}0LJAp7!jCk_2?~?8iA*1*e3ZyA5iW<zNs6Y3kT5Efuq7WO
zk|y#rk!OgE5g8|vAu<6{aH}sNKZ{7DURLNtj>sgD<3vsnVI`lW&?zFUa;GTt9FdO^
zIZfo_M1B**ES7Fk-|Z80?s+1=2BOf)W3ia3##CYTJ|<j3vqg#DrXs+)r&(NmeE#C<
z{7O7a5BO;SZ4g)?oy=2UeNz)yH(q$^Qr*MXTn;9rito9Q`pY0OwsyWSFw@e1#-9%?
zn+<f$1Rx&wOb5Cyk+9rznZ)9vzZtRT%*T0}DR!A%rk=S(;iAis{<_$c4~1t#Yi2@g
zE``>Te2QE2A>%m+dwsK__IF83Qxo1`F@BOKo`b-rT`(i|nPNQove<WXSvi5PrRLx=
z$HkuRgH^7Vt3-r<P~|(=>it0j3or8>T<bXx9YC=l#u;!Hj~9IL_;@xsIhI1WIv#&^
zGBHL#Fk*o?#wuv25FDP#BEb`nC$q!xxcpD(EB!P`p&=dztPTA%11M6E;j@$>K!g-D
z<Sja(u}BGm{HE|D=fQWJy{<Ly9<}wj`qj*ok47(k*tF0>)NNMM*KR1;>>y2<1DZ;v
zrfj3U{cRLHwev|;v5ydaP1{K^v^Nbv(9qR9ngRru(&2xs6_nAn@j*A{F3Hbx>Dm<Q
z<WxZ?r<&{J6id@?y^5K>j(ZNB9FIx+rbhB}%^O1}CkV|yXUr9I$2`3*skW@VEkZMc
z`b5bwr)G{<3ei84yj>DM?6uU)@kw>rmts}W%=w<q%gswO2T~?@(uN~{U~r^T<C4n`
zTo%@!ZC-pPzY2V2V@274>)TY!X~+&un(R<R5>u>3<6Zp=kR-TNq;t}cBtqa_eUK);
z8}nLf=J=#mYAdGgv9Q)^W3APGueI(*YmJ8HkTq-ruT+#ZYy&^gWQ}E08xEbwhLdTm
z@5x~Jb+vVE&<*Es(lp$vs|=d(@H>X^u()N^K9V2QWsUH7s>1rIvHIH2#Evl~tF64U
zYqjN7L;8?O@|7O~nc6VNT58{1i>XX%d7BvaIm_rTSH@!HowsSF*bsWo*O{aV(sf>H
zY2tjqN`NQ?idM|xeWeNg3z9Arnqf-h2D8YZuiVF(25lTY54!fcDF`>ZC>)#z6QM3}
z&9A`M@KnlMU}v5eu7p}|U*K}l0+$C1Tp?qD3yW24{kJV~J*F>lwfW8ju*5ZwEQ?tM
zyAo{62RqnbI3H}gTIFu>Uw3(FL9BkR1+gZ|LJMN8Y(eZ7Th@3(jNV*EFZ?rsXz}7p
zG`M$z<Kp)2y(?TVuM`n}ZG~^|dhcuZvG4}pK6~-v3)HjK#g~mA1m=+xx~nXi$6_Xv
z@)=BKF(X;bWP0XcGR1{3nK7}~JqMfV1)H%@Hq%#;&GcEanN?sjzZ<ItoB3m%m76D<
zS;N@OZ{1Zkle2*Ov(1am<X6p$&E(8uMK+Tw*hxB@>1S-FUt=@x6tE^XvkGkHn=zjy
zn^`5fsjV2Bxv<u1jZtg09l6(9EwLqUttDhL+o!ggBzk>f4r@AkxnpTL8D2e}I2kcB
zo4V1As<ij9JK#1Mqj^%(;A8CLDJ`;rc*&^>tmhoO<*leSZ&{hGEO%u&W^$^`oi;2r
z^J(y%@>ekNMS@nmq5L(RlD`g8$`o!`7*j})QwdY3*_kb8K(gLf;@M1`^%I>FEIhn$
zMzFLD2iQKv#n56)-p@_Ep9tQs-r)V-YVG5k-?>_*+w>@G)kwF=!x+Dynekh6jyvQG
z!5=c_u*O5op${z3jmEi{!xqXy%whX433J#%FZ?rsXc2Sxvb}bn=y<uVd+%n~%lC^2
zzqZ-8&*lA&K;iF*zI{y|2BHG1m4BN)g5M$XIU=7Y@&zLQjL5$v@<k#gpzH5a8WF-e
zIp})e9q0Y7-gk4hZLVGwbfqlTpz9i(sbu2_OGl67mc>yIP~|rISTs|26?aXX)FIdO
z9()ExkSolZ$Hp`>N7bGYYM>TFvufVX&E$(ASAroO_<#Kd1nBn#a^+m^por%vIbiHp
z1yg94G7@web@ake%`m=Y;H%5T`__UFt-DQ?sa^$GdmU0kS#Z@Ib1#_d^}qlR|4iU&
zN&K+KlIs<vs_faA7hLbZ);Y_0alK73ANZ)|Bfn+hdY4`?!=pow`m@c8>*ZI0>#eMq
z!4;+|a=je1m2}07DydCsk5w&^Vn8FfUJ+dHd6>O+m2^HtVcP1Vw%YoKFr`~qYb|4~
zwftUd-Hp~7ZCo;NwPR{4Q{-Tt3g9jzks%ubSd3`6Rw}u+XpjX1%onsYjP;2-;Ck7@
zUkSuI2P-RYL$72uBn<Z4tvVeDN!f9FU^0t2siMPE%{%#<m_4?nlII;VDJ2;$98{MA
zWns{{wLZv(WBazqVr)3Ja~qDxZP;m)p0Jk)0lUm1;!ZR%A~lx$F)3dZ>WcwXEY*&r
zPtHRTL!q_VBCc2kN;fl>n7JR&P*QXmogr4@C(^lNFb~jrSK=sEj#<|$49+q8t61rR
z%iK?_^Bd)1QwOomF0jsigLNi_{q>xAwzdpt6vA6rmZmRn{o>Yq%kq3j7@8d2Yx66&
z<U1b%r`^za)!`0@u6cYN{_BFTK5)%d6NU*v`;FzL1_KN#U6v1aUG+GL5B3lr9Gr^}
zuA?l(2REAd;NElH(;|^T@2sf(y)O1LjRPYEr!I@Vq{6SI%@{G9;JGhRQ9Kh5AQ|sT
zrV8(&5<i1U>6L#b5G~?_FLwL)u6A79(7m_O^>VX_@N12}z1`l|!YsVnw|7f1Oj?aj
z%NV}DSOSJma<vNZRsq0OJybsy8k1$DdWiu8D+k9}I<ut3t4rcsGh93G*Uw{RT=!W)
z)=})>dX%o1YtXBw8ovf(XyLQMUFxHvG=A7UNOe_mWIXU$@u`>y=ItvwgT$COQX*r=
zAPLJQ2lH9s1@l&S<fMsts~_TCF$PIrtK=~BacPx|`K&PRVrd5+<JJNCvoYq)xQhG8
zFm46gU49jqxB8(<xjCy>F(+s9xX%h7^I753n768-HvKtFWm$XU;6SO)o@%z-9x!ib
z!Mt18xTCF_sjV1fxv<u1iBW5{-fJ!RL0IzEn$t#kVJqWpQy)5v`81qNjU=F>6sDQh
zVm)%(hP7cOmz~fZ|7<Ab;Kt_3!NIJU!ITLCBgx2^;gm=97y~MY_1H#Y>ymnG6UDH8
zZf5R^tcOSxufzZA{UByPaFWfm^ka_+<V`4MgP$rF{8YK&GYA$vUBY>BKy^b!*3)cB
z{Z^d??0KuH92B{pt|JX#SSQmMz^qphUV(7INiVC=ig#E;{=Ce08?hvX*gQEG#`;hb
zZ7|p&t>vN*sYa^XqrBLE3clq!JrsOX)vbYxus565=a=>5TbAY9`}51zU#P#}p5A<5
zx@`bUy3HY2E!O+53Sy04#bvDcSyDVLxad{-)SrI!XM_5)QPp$aJvYaz>MT5tqL{Mt
z`Jidte@U3t^VOEj>YvdaE9(a<G;5jJQk5(1F>$4Hw1W!RmcgLRT<9ES{5o-+UoGJ}
zuNc;-R)Fn0POsO0quGKt{86yw?25C8F9o~j4&B)j`+LPbzSjnz<(Al2qLcj5+P!|q
z#g^_p54kRG7ZHB-A>ZCA?`v)fzvlPtT~^FG@)h=f{()j0f$Qmx&hCgcRFyL`_ZUNT
z4LW|I8AJaf8N+7A7`EJF3_swEVe3@?PIv{*j+bKz!$5r|H8(Yi>YznK^B!MXUhr=5
zd-4T*qw=2+`BM-xZzdC~P<WyuS2oOQ2%bVs@DyHNtBu<^vTtEdmtUkil7f(>p%`&k
z@_!)m5|KxUkZ2aM6`IO0=Ww68o3b4wvWLiCA_s^J5aFzr{O1(?k0523oKD8%%=ub{
z?RQo!|Av^G&y+AX6<lqo%uVAwnVWgQV6Q$q-LPu9;R$%qcwe!w_k){hu|UEYH`Bgn
zo8zLlYtMbIi|a&$U%k(_XRG(sO)R|4x3^kf684r~62>x*Apa*KuMn|X7ybsFAVLeW
z3c)aBjDvOI&92^eCTwf4I()>|rLPWC#$o*D2QFgA^~J3Y@8rt1`oi!|a&?{lOO!jc
z_Yiz(S%|;zua$xqEZqS*oZ-r;kukW6QkeIx%;Y$%O2gR^Ln<y3Oo^*vkYOJ3U$I~+
z+2PjKZn!Lms7f*-J0u4jO*o3qk$7aBa}IHSja)B7lvSNj7^$8kD`QUZccONNgM3BM
zA2+4ZONa3^Ve{;;g#Ns6dEwQeMYyXii39rMAedeb)&j9}KpCzfsOPd;?<L@qaSc^P
zTtl^K?b8y>)8CPUf5u%Zz<5RApK(>I{*=aV36EDjR4KOs{#D9pfPXcbS&WZ3Y!jTc
zOn(m3T`gcdJfju(2WPbz2L6qD%dZ6v{B0#Oi-DV(kwtLo!GR((3cv(pxUH!B0ceXv
zWb3BdSCC$u>bEW@pNcZKajIPdK`54UBTa?_rrFG5u7e&IgI<nO88mKKE`LqXiBTfQ
zh@^=;P2?FOV?@S@WI!TjFyS~7OsZg*>j9d{Cn@iufrU+M&YeohSp(Fe9Tar8|EMv|
z?^QfK4i9;0>`pLtO65+<jAkm%u+SoZLgVrO!@FR^fW~#2m#a6KBADvJiYb20&x6&4
z=cb!?F2aG;d%P+XAVb!7x#yzG<hiI5HE^M3SDWL{yLb6q7du4+U-9{NHG5yF_fWXa
zw<}UcuwRQ|{(Vpa`o;EfzF2QKwagn%sK^^m-ICi<@?pAY(%`F6R_iJlkoi?uF{(37
zWY)tsSK_IdlPk|l_1t$+gVeZWzKgh*^SRa_7BFcvO+9SIZ^4;npE_-*GlY=`oR^Xv
zJDyTGFYL}R374RR*iUUY#Lmnl^XI6#KZSP>8evuU9=cmWm7&9e0+V8k7Zuc1049hr
z!@4aNs{lpiR9p~P>}+;EWP--$VG_5XdChMLk}ueuhC=hL87|k?H`cOw4O>L$(^{O(
zYOF!cYfMlUflJ3dBvsBioz1hPYcz}P04ZbXW+#;mCsa174V4YuGltof<Kw!W8}pJ8
zde6ONd;n&`F0?Fs`0aL)55HX-$%h}puWa<~wtHXM?m_t5F5m9DGIQZa-k-VfcJnZ6
zGqTb-v)FV@#H+J|smPjr5HM9*O`PI_6WDUI4}zd}o(oaBD3V#64}w|=|4iamNxZBN
z0{0^A+C$8)y{^cved+fH;j`L;W=?(;)3vBH&+_@O;>^iKB(7^w!*nf{$_qiQ?uB5q
zc1gso=BY=FSy3Ni;XZ^mRMTch1D7yzvfbts_|#4f!wq>-n>z>QGk3yGbQu$)(QGzJ
ztMkvKQgD-H25d{_QuzgZREGAY{4XeKwa`2dQBVG_bn#a~%G+G4s)V{As_tqAxRzB>
zJTaVuvl-J=q{QI{Y%HBhs;Y!@&PEF^vmUsPGG2aOvT`x33SX*=;rGkN=1#1y-{U!~
zjf|k*<)+X~nqzZVG`PE+OrdwfEzwF5;cr*@cDH!H-Qb~cyKncJc|e=rrSA3vBCiv%
zf;L~J6GRA2R2mQ<Xj6K}Sqo^hX9bYW-L~~QvPt;}q2LFuVaFnoO?^*B=5}16MHsdl
zWBM_4ys1Z+ineJOV5+d{#slz8f$h?0;{i>Dn|5=AFLTXTzqae+*r_sxFV%n>?^Nbp
zs2-%Q!^X56`N+*;+{~B7_)bmGfAp8aqkL9goc?1#!avijToNy<{}^19{$nkJKtn|k
zXx#@;|FO=biD(V88W1Rn4(u4T&dH@@F3tKRl4h4mqb{IBpk?$QO?%}S`?J8Lr74?_
z)i9Hmztwq{M{P*}N2Yh@@UH%jq!1uA$NbQXY&r7VCN0+11+`*F(OoQo@1d}MPyIX5
zpE3am+w_c<wSN26;IvwSQiSwUKQOwsmHQeW4Jy60fyh+M$;T9_E$U)BECr-?_>m20
zTDidmXytO>t$IsAE0=m@HU5)X)!#@p@NjFXohvy=K|K4FK>{pG4*0^YjfH68!{mSL
zH;UTcx_>TboPP&hZS>HJHNt)3R?Nw{_lh|~dW}e74ausLR!E&O-J@+_0kv%9Uzlo{
zcyg*~FFe}@%5&w9+6Vrw(lQA0{JpjivU2L9%=lE_S(#>5on2ICTy35mk)d8e+xLtm
zu%okSfdqTf_|!?5wiU+CH`p|V@?lQLdV|KZf7IaF=X6Z9D3x0?4_~w~EQ!4HP_iWz
zTk~eHP_o4uB-?mb6$zM<Eyvj8KSr_gza_Gs2wMUo)r^Qu{&)B>?aZp`X8bC_MP)c1
zb@fB7<2cnZ?2)inwRt@Sm5cpQ)XKHcoc$>A>hvI`nzOBo)|@p|I=)FS_$?w#$f=~f
zL5Q$?9t0+0kI^PN*k4E8jtBt=U6h3Fh*r}t_UBPgA)uYY4n9$}DtxEm2so_SjNMPW
z4`FNL^Dfm9@UPHaK0@R%5ON88|E++@?QkD%QE+0vpY_ZoFgEn*E!og#vwm*`w0pxv
zaTL4iDv8mQ?=-CD*iAmAmA|=Y(;z&L{FgWrF(aN%dLCNLUZmw3+y~PZJc|4yx~E5b
zlrnyV|BUW)ipU-!Q$(I4@-ZT(iF};M^C0FOZnl^sMO))Mpl&0iZkp5ACx4>k%1ve`
z#9Jyj9A03jF6>*n59A<y4O>9UdK<R#9yYf^@~TV0PEtp<`u#akM6PT3^0qH*gE!yL
zDxcqWDX;>e7qBA@2zJEbu6&u#-W5Em2H@29vkFgxw_j6CP5z<S^ZCu@9C{3wetw&J
z!dx`MFJSu`<GyMbxvvBor^WuWJ-@f^E9=hLW?I)EHrv`i)7p=~nG@3p2Kr}_#{OQ{
z($v@+6jOtj#Qy14>?K6`SlGBmO;qX46&CKuR-)to(dq*m9TywA4|KXNZWR&!ey8t1
zpZEJ~S$Lywz)=h%lY$%oWa0XsV#c{s@zP}e;Tob*g&l)#J!JfXMaRb3@F_-{y3i)_
zF3E>2%w6!JK)=|yT&iJPnEOp$6ku2fBR;NM14B6YQ7F~8f$7@DUb|FZ3LO^-p&T$a
zo@j__f*qEcI1Lbp8cafHNgP6`1)~Q|9Ji$qT7kuf=tX8-O+`Xz^AHz8ti?F}4T&9P
zMtH_uAdZwCW{nyyw%`sX@x$7{&1{6%TrsyHgc?s{U9KU7ws1Y1R;kS-ghC`!57S-4
zdYbWDMh~X}45)5|XT{2UBu5#oDdWjG3~s&~{02~KExXrRcd50yjM~;ind+fcdbkKO
za52aLtVOmIGN{~&1Q{$Zf($wq^vw}uVBE#>n;YuUpIR5Y__v4rrmHQ#k=w5ZWY8h~
ze2xqTWMI^p<y)H|gGxCK$RNxi0}^Hp$YB0sh!tc&V+e-~02f&FOcgGm?Q#b7rq!Dq
zznN;u2GF277GlP}XY?#d0u79}D>u%F=%Fj=Y7=N+TxDH*253+z=lom501di0XwWV7
zm_UR1*RvI9K=rJH1|sUKQcaVNa>;?3cHLo3ulnVyX-Q--SlNCJ7;J4xMI%}k1~Yn`
zb&p=nV6aFD3}#$)r#;$$!77z$^yoEry+;!a)-VSQ<{DUE5e9P&Y}H_}`=&m;i;3TW
zt`a#bzd*pVa#(pHXe%v47kDg%y|R<q_Scz_tOj(orZWs13-b+~p`)LnJ&4uKrVVfC
znm3<iJDDRNQj_I7Z!;tyOdD2Dbsahe{W8N(QL%R)Ky_jGfs@1NKW~%8rc9kqrU6kV
zR$9fTK187p6WKvzCy_@$2IgyuvovUqwu>{NCxmgx1tM<}`7sFYv33qvh$`IJ2^z2s
zc7<XP%}1z!D@6Vq5r)gmT@-E6QdE?>anw)f^1lL!G?^6HqLkW8#7X2103NnUl>FbR
z6bA7)>6Mthz5G)omO*-$irYMq9{DXQ{C^PnpG5we$R~*WFCuS)Q~+-JnHrphzak|*
zp|8=ZK8@(%u}%9(R^8utPIPlY<$a6*oIimyZK)DB-FE*Q;sb`pH{8B!{)=vRPV{iT
zbI+C4efenbi+wZQ+wyDIy%?HVN&bpDTd#S&<g}=YoE8PhX;FZj7KNDl-0D)(E!yO`
zdE+7!#8rpxzo^#cw8Qbw39bawwa=aYt<z_Lc6G4*raJU}uKLb-Swh!2uXzKi*J;Zs
zr18C`rfHXB+H8t#O@;lQwXmK=O;G6%#lGSjM(Ap7W39+J8}>G)!fod5jbGQ&_zuVH
zhP3xFHa<pfH67t|Hol!P5ByM!<O9)Zao>fWf4}aJ*ZqZUrvG8YX8ZTe^zTDp8YdAB
z?3+a*`+HqaRHJXOs2aY6aR0-muyK`|sM4D)<@VKTuRbg~F0Sr=67E`SM1+61*>~9G
zofRlNEBX#M6{BagO2g2zuVaX<U~%R!EY1dLKrT6eh&i#E1M4zE#h3?CuL=9Y#>cQx
zqcNNvz{#K>S*mCu`H!pw_N6<Z;z*f}3}u`#=O8_E$uXxDnyb{|RB8OM%hC$XEjhEt
zV;(r5GNhcBAmwnJtc(p>ZH%Ox(2-F?#wk+W=O~!*5*7}qjJsGazQ<g*$=`&18CO9X
zFFk-O@vE3QL8aUrDXUm6N6EMXhL<T|c(tW&-_ZPR(6}n5{)U<ZDmRw7KLrP5;nMd4
z|L%sxAlj-#CY?`fHL=!ezSmlW*)DZ!&1L-Y=)xROwM=c)qy%z^lby_|asaVGG88q*
zT+rauHT^YGTLnualrsM6K1k~<%r!=`*>Xl2=cpk1VwQ@ruT?D&mzc|qRGG{*j??4L
zlZ{nqTs7HesNResj4Oq!PD3S7HP2vjQv6s#i8DW*W2wTfiYtlpDdro*gZ>6o9L>gs
zZ)rP{-p*(~knen=j2BGCP~PSQ^XG)2yb@@5&s|^ES#T9A(J8)Jz2_mvMNjvhHLi<m
zMTB2n<J<Fq_tlLoOs<UPp%weTsVn{+k#~rEk;rF>(6SZlYw~3Z5g|=fr3nGjiXC{z
zd7o>;J0G#FcI~&ld&t(V>%~&eVf^O@*NY`pi1Pm6W%sBn;x4pMca=_Ma*2~{U@^3~
z)8E1Ur&iH<C5+)Etgu|#cGG4Q0HaQ^vMap|<EQ==)(qdb)kwJi#0sPxZa{0;FV-O8
z)7{xy?9&|^U}80ro|YYwV@Tv-I#;|ACm|f{pdF1eZiC|@Pw;%TlCMi*Ys!sBp6qo>
zjT(<fHNy_h%X#1lyjD*&euwJxu*EtiR4VD8X&tj9eps|pI?Q<Cpz?go2VU-*1kljI
zoQZN?%z8x<+Z9%UmuoFD4Q(6Zyw#v3zNfz-U&l1=LOrwOFdKR5&&HgI8drr&E<x0M
z6?nNe(>jlJZUafIR4(Vgq;?HStd^EZQ25ihgPI{46xd<9YnPs8{Nfq;dWMOYYa&HD
z@NzF<n^nG=WL$-|Drd-RJh>%LEOoHf3g2t3yV6?r!HCgHdPwi<8Nak5`;RgIgBXM}
z!B|l5$;sb`R8pzkI%7dv7dr9}hQwsLCamAf_(jj+t1eR4l7EkUb6EW?=Jh@DtMEN`
zN!?L9Q~9lxdZbmcTJ77ZUck4*SF=jKoj@iy+B66HZXfteMfBZ1@Ffj>Up>`-NQQ4w
zQa*)W`|*SVm;7w==;5)fLa9gP#4rrSR6W!2>~U@kw$D&3EpJGjlhdQ4DVbFLo`Wmb
zaQK<jDTFn9>a|EZeY+u;hR@gT)d2nBV+lM2VEw7qT+zdZX$t|M@YxfoBy$(~Hm#GW
zm^{rR3&Z3O%@>rPa<K=O578~2ByyO@5h6oGNI5dnV2NcPrSrtMED@^xEEOe#DD>(k
z23`xQe0&Sz<Mqk|H;<Mk_xrG6+fbGfQgsQfF8V%kXa_(nk>aa%OCz<iO#J42=XMP(
z?w{%2K5w+R=RG&J{>9!V6sYo*P|Iv+<xFVhrBL@7Pd?BDMa8oxN)#2(oK&?2-w=EB
zAXh0w+F7UqY6^x>Sv19XGSm%kHd#m;#6(=Yzvh78c-htcSk(3M8WG{|MSYKL^M3Ds
z3V&bl9SG>+hNrxLvA?IU!b-?^mrf8NCSM`0mV}JHcb$E%RjMpPC$YkX(?UUz|1ZUy
z%yWeNHwZKAfNc%}m2)UP2$AJ%ldFPwbTU1bOJ@}3CaBO7pEyO|TvSz#CP_g~osiSH
zRKd%W3LY&@buvUyK%r(blZHbiTsfW{enuw#oQ)I(w_0E!luisoDg8JG)fDn1Q)7zk
zqFfL;ghGS)tY#_zS7vPSjLfLi1+}A;)%kQbol%D(<}-rka(N4p-zD-5BCis;OoXbX
zL}Dw558?ikW2x=33-dn7U&<Abs}7sZcFiu@oHy$Qo9&aruUGw*u;!;i&0h;2{;_c1
zjiB2Wyc!Z(mi?aZtG>KH^g`c-!5QcM*B$m2`?Sz-RTP@rzkKQor>=<ApYwg%cXscE
zM`!9Dx+HGPs|i<{SLauDU9i3Q#7x_VuDKjF{_75Gu5r~Ry4=?tzGf6skFDGG+D_YU
zIO=Wg8_|%>eRJbSY_|Su0@0g~IHqj2-fIHUn~ym6+bKfy=7=-R&JewM)N!0eh~E5|
OW20@=I|2ynC;uPD89%@P

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_variable_extractor.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_variable_extractor.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..0f9260de5563e6d90986f0630e221a9b58ed6c4a
GIT binary patch
literal 34992
zcmeHwYj7M#df4oHc7erU@do(N2m~cA2`t_eNr|!`iWEhjARdNG(?_J%OJD%3xZH(i
z7NoF}?#{N#hqEs>uX1O@WjldiIq=GH6j#|+a(3z}<;wj?Dzyth!rtUkzLZ_%s47nJ
zSt{#SzOQ?_XLd1*2SrM9!l}iF?w;<Ro}T`m{dM=<a5yBu^^5;Wdi`&n6@<UV2)iO?
z;O=RcAbeL)1Wiy}iu<ffbCds`GhW>-3uk<qU#52gS^(~N&WdM(TJTIr3!SOaYR=SZ
zwP(UwnB?)Etve%W5`=w<UkQwd$7J?6>;HJ|Sf>?Zq4D5Y7Ykee757j;5yu;qApC{k
zuVy@~)Q;CG;qjnSH{PVUdjf)>NaLZQdZoTYc-{NDOKWZuIt3-tAt(*QZd#YtLed%`
zt%;|#lC)+>YvE~aB&`+F+IU(!No$9+4xZLQ(sn`GZl1Pl+8y1K-yhGUa&k`9bGkg0
z)#TiaDql!yspRFfdh*SjmYm3Cwb)14uF<H^kWS3bjc5}yshm2Io6}UI;iZ&5k-esB
z>g1TJXXmsD)rgn{)k#*9QGYI-%t8HEPb72dbXJ=;YR_reYpF?9J3l|GMqNgP<>gN`
zny<`VR<(=@txHU*v+3;oRW*~#w@<25$+>i{*GkiSGt;Ten}(163u|Um5;>^c2+n0v
zZ_KHQ)TH6fB(JK5IBP!Jh|HSpN=)#ECGGDQO6GD}>hc`4!SHJ;ymMv(z9GMAA>@I-
zyN3aMSGWYDlU{Kl?uxtPp13#eQ(STXan}L!&Ln(gS?Cjb1;u?d*d;_g`Q8(n3eT65
zvYxy;n^xtGy-L3he5X`qI+pL4$>nDCW4*msj_5tf*;Fi@ok*sS9UdAQj0UwDc#?)K
z)4~Yq5J(8>0T`m1nVik0GC2*A%Ba(l*AtpL1)nf8q3ThW=7r>FVDnl?Ssi;qrkC-|
ziDTnqC(pe$u4Izh)QRk*I!=bwIP`vw1QXZHft67C$eNuu!dH`5RA>PmJz6W&*#v)j
zKY*_b_nL&-y``3YrG{OlaHJGzFLfL$H9uL3^pqO+tT*mkYACg~-);=m`fmv#pZ_it
z5+)F^i+z#1eUS29VO-E$Ks|tJXdcC_c@<BGp!pOpK)>Px7*PBGMJ1pGr^RT{XgCj@
zKAKf#k}$?EB-3-M{t;G{e*tgkfHBFOoXN`U<#ZV`$}qwv=O)xi`TC5SfqPht+{k2e
zvQFxXO|Yh6Q?V<_K>B@1wGX6WybD*x6?ctcj*6>S7&hz4xO;`{K-_cev>;?(;=}Ea
z1mO~XQgV&?S;+bi<i{2F4gop6xNpckZ01!wmqeClj1XoPqyIYv)-s^g!sM>9r{LhL
zxH^Tno3)g+E!k353I}S%WiRy_kaOFcIOq1TXDHs7y9eGj<3sWu_w~6*%zufo5__*S
zR6G`<@MJ%$i~Uz!O5nI__QZ4`D&~7eGO~JgHa9P`u`8!jdX9a1y=+j#Zn{2kA3uK6
zm2cR8V0OMQs>{cZ%NQJt63U_jMZ4)XJa7-e;3suSU01an$ukUjAaQs!8q)Bi7!ebL
zI7;b8=!MyNM7Ts!Ga^9F(rLh{S#2VFbruGsQ46;dm*-MxARzESLN9cqEuqh3=hBlT
zYhpT`y_`%Z2#pLT^d!=RS<R>$AuUN|Gbc4Is~L?6q~ysQpfQloOfm;|ZUzjmuBNAq
zAjfS@#+KILbLp!L*dzTkLTehbM-JP`iUuP@Fb<LzBc06&g`O~ROiyI8wthIi5np55
zFFpv5({lj6F8p27{?(?Z7lNfo$9kl@80lUfTaENB_)G1(3gWKChHt*TF7Beg6>-<X
zH6EjZ56aStRt#<|HdJJWDAb{~!GoQt!e3TU1r&M|Pt2`&kGe9hOPnq+oXoi6?lB)!
zS8>H%y)HJIGajH9C*od0FX9X*Cy`!oDlx`sfK?ID3t!v^^um8}$VM*$mpGLebHsnv
zHcl_Br)+`CtZjr|Sf!AiRa}6zoB{y72-x1lIk%Vfh9a8u!mk9CP~30Qi@>Eu_6S>D
z$e=1NcyfT%#r^}mr~!I$e!3=Fo9`Zxbzt7W-8sFONM?{9%p|X=CQ~q3Ma&48QqD*C
zX@M{V5i9lCB*<4HU}ZWrkwjjN#7x_R;0XjWf+rDlA=nRK^kxm=sf2K7Phs-Y2(VAJ
zD1w6s4k749(1RcbAS!Ce=<s<aZ$_3(pD}<TL>6rb0e)H?hl(i;$acJ?Z_N>Rr+B-q
z;zzLozYGBIwo!gRTKMu<v0EuNo?j4uvH_20mcOzZIr2GS@=qKwS@9}9z-IqZ4`8#&
z&p}lHbpl5tzvp(qbWhylgy|O>dO5$%cmdPT$9)9Trx-SE3)5@je!%qFizjWE9)9SU
z&asfSZCjYmO97^bZP@9I={|;)N}Y-60Yy^k;{g-X#T{U}$m(MM0n;OZ>FRVO+K?YT
ze?7~QT$it>ax*gW;WVf+>3MlFHASTDoXnLA6YZJoP%b(cZms_lUvhS~Cu#VS>Dig&
zM>s+>q@y=IHbEbW0c0ManJ*jO%W5w95h|5ikO=L0tSU&*T|0sKPb1hI-Gh*Yp}UFi
zM+u|NUC(l4C(Ie%{c1J?JQ}6oD(L^EYHa&KYI^~irhgv*P=jzssimV7X)EpTe*ej0
z>vOjQ-n!6&`(8+>+r{o2dOuQZeb&0u{8R<!zr1{LHFEfKq8Ozr6r<0j_$ufHm@yQO
zBARzTdukCR)FM<yEo#1i)S_kw)S{MCi?CAn(5Qt(sD%`*&%fe8Ezk@DrT|sGqRz`;
zeX!9CQ<pS_Upu9UQPh12#=TLaX0D~QYz8eRMnKOc!9Fsry$rV~YQKV+LbMW;-?u{`
zv@by+-2v^7IG{bYJ^`&yaB9c!-zKdaXSav-+p6pwwyqNC+x9Qb7h3x*)aFPJcit|v
z4q10TFQmT-mbH)}CWzjZNEo3+;wl&q(kg^&6NxwGl4+FvASNXeQz=c)rBfLddNE-H
z5{b#|L?WS~^+|gH!K(-q07i2n0pC5Bnn-XqqeIp>W<W)Qh-g{|h7h2rr?&(6W#Px(
zGk3gR-|joLJ^*!fzTNj_0JIe5oq#`nF=^#4%8}bMuxKJ`&_+9ceVbv$H2uMF{Add5
z%0G|yO$!UPnJ_+yCYFh;rhyd_7^<mqg0&^7Lk?=a)T`K68ocH96{<-o-m27;-FaYY
zdI@bi<cf2N1*{TcR*n0KM0TA?JukZ^!D6?S-9-t;10a)yE?%(7WHpz#&Nb$!O_gb1
zpe)#);wUd!6q3m}td&U^0=CkQwv&yeK}M@lYIoF1v?+<K@5UTkY4s>?9om$vQjV>&
zN<ph?x6I8Y$1QVmi;)tJd5OJARO%Ed4jh@pf|r`v``GG28%M<j+GLRRJNpkZX8mzj
z#s{3^THLEdP`%H7e++TC;)2oDuyJ%vzFXEap^8Ef1<jt0tw#IUvbEH?H$$w2TjqR_
zo@|PF9#Kz*SZ_|(N1OAfMksZWLDE)%h-9YaR7M`K3G!@$gmY$Qfs&J)?AVyF_8fGn
zHin>_@oJ|q4YhW#2lkmpz|dP}K&Ey<FcBWWl>Vq54ZXvxg@@4+m{v1H3%}{raBd1s
zgZ<h*GjzDja(IMV4v&m#s0J8eppJyk5K96)y}QcO;i)m?I%Q7=WdkWcd6YH@p=h|$
zw2;L6+q5r`*@<Y)=30l{W;kq*l-UfQu^SMN+OzfPI2*$C6xq~N28hT)<O(8CB~qD0
zxu(IsEjKM1L`89ASJc3`quNr?D*XlEopu$aZQs&(p>@ELNi1ol@=jH0<?p118;5`O
zt%CT(Vv>NO^u)So{#L~&7T)498u&nb;#)dTE0)D*@`vIRHxAo#uox6&)j`dRNuGxX
zAh{$p-$;IQz99Df`d7dCRrt5`1OY{<Z(THhD`MZmS7~ewg7Y-EYNbMO3EsgfLBk)4
zeH)FYD4}}b@9y*7N><MZRikjhrNeZI?rs!L1NpU^P!)IFRVNIBdDZ+6rWp_pz%+Bt
z{VEXK8bKB^ZYaUctBkc~&=kX&J+#2Qtcj0|_Y$^_Tow}oavj)6u1#TplWAw8sv;6$
zAZRDpO6U?70i4+;YcVm!qA*}R#gW8Ygq`&uXSXN}Sfw2eqZ>;D+YKo-J8C5g1J-jK
zTWR$uZygE)Rw>8US*1`!*)q4q!nUf{5(a9yFn}tgB@EzPC%J4-bztXJgaJ??xiC;~
z3IiyeS6nc<A{$2+5eBR`;KHL-7=!^jwi@hX%hpoo-n4`Pt9Iv{57Lv3To`!RJ!uI8
z5_*#8fZ<a@v?+hmQ7jm=i3KnxpH4H=oetUvI8A_7lFg_#so)rNtl`o=@uD3MT?wW^
z&B+Jn^d2>-=X(07h`<E{?dKuCM!2brq00zV1gIIA+&qNboYthx;5}q2(K^GYB{S3N
z!(z>bD`f=P6o6i76nq_@dj&xn!Bqqq0M2ZeS_&!{<&36U^Zz#cAatO`e8;NlijK^8
zJ9WN=&HM^s!T0KgmR*be-??}<9B2;RsTErG-f-Qk5x{u3d(UEWQCWPt)VgbNWO4Au
zS4z9PmaY_b4crTO!*#bqko8tr2sYdjpd{3@fieHwYUG&({}-1n_fWRnv$VS)0w_v7
z>!SHv5qpp=V{8qAz?Lz%YNbMOX*W%^!w<!tf4tKU{h=dS`n5f$JG{=*n(qRiwmUm8
zWt>lVR8EF?Y!f99tdPgO!2f-^yPxuZ;Fa09lVe26{VFJ(gx~vtiUzaS<9_6r*#*X5
z$P|hQN#t^NlYq%Y5!CgXi`Oi5-QtMOT-};V1od<$yd1ft)gEUq$@vm{3o_Yam2%_-
zmNNvZ%%I*<=L+y^1NAm&s<)vXsJEO?Fo}Yyx3g~ow|d;qFrFTDKTp@2e9i}at|9+3
zuYw0k3Z2hPQyaG$q7fR{T5@8BF*$S-OlflVI=VJdbDLf7#mQL1iwacKO_kttkW#4x
zPea;Gm*Gxjm{$xaov3n~Dyb3V%IZzGP4Vo)y7mJYH6+YovvfymE14dc)9m_aH%6lf
z4k93v-aQzK0oX(pHC)%UuVX%BZQ1~WAp|H#J9D}rqF`P%`xM-4(0vRI;+(-H_)XS_
zx-q&1m*YjYSKqH<^Y&FJnfqh!Un{nra!@ii+}Xg(*gV+(+<$1bsr&aYEV+L3!gntG
z-i3u=p{cth?JbChmZC-J(7I^;R>VUKU!$=#E68s{+ESFqie)jLyeb|lNis60S1OoO
zL6Rxk0q(@ZoDo6d(knbxEQ|4E$n=kQd_r>%VO4+CeCoKDn8-)LkMaV3;-5uu5y8(P
z_zHq7f_Vh*BDjPgjsS&sYFGbf7(#&ZnvMc6+SO0r@z(qL?{wAqV)x~UFGdSsHZ-j8
z3%(e+?&4VA%A~FZrv1@?QIA9CCF&Y`0cTo2`a>w3C+<+D4IO8dOt%u#)Rod@T?PN&
zEOGq3ng#bYI$2BaS23Z-yv|&E8zyx2W}sVuV}nNtnPof<jt$<p*V(Zl?&;-DJ{h0Q
zyv{X>j9;nAUW*5ad7X3XZJO6>3BL|soVNJ2Qnw?+_2*+=2Tr`BR+h^O&gOOAqg7-D
zX9<Is0v;x9Umn>qCwH(?>P?M0s6>>8hbDhCf<_IV+OyvPpY0~1QUAcvyzW<;H;%4t
znb+yqYO#;4E#JC^Nl07f<dWT%Ijx>-H8tvo-;?0_MtgI*G1``Y>1WXsI-B8|F_0)3
z=?~$I@_~UvmP#G%=5z{j5D#l&rL_wg)r{-l05eD(U?#LL0|m5<?c33*KdJ4chF_c%
z?*zeQcoPG;NlWR(cA2G|XyP|Nm37<*msJm<O&`9^2?VDR{0f2!7oDowILh=kBe-b=
zf076(>^UhNCZ558*zT@l3{<ies%~#q=6mogecUE>EVaIO<%iD|hR@yhxQXwLpZeZx
zntrq}{Hm3Iqa^a)<>m3!$gu_gJyED{{DPXikE}~i6{V*N;*sST0Y&M^x@i7Z#3Kdi
zDH>f9kDz*ucUEo55MGY)0zB}ccx0p58x7B(P78NK{zt%`EyfMAxHiV^bzt1!9qi1w
zFAnuuGvIz3<K~1b6Hvn0Z^T8yxPOZ=oozDix_A&2ZRz5hHpX4QBbNC2Fz$LKvZGdR
zhjH^BWqnwo<U2ENUJ4j@Wcy5H%beU_QfV+5cSvben&Ke-k-6QP9T*NcJ7jDT3<u4?
zYH(%7V%!g=o!T<f&VO}c;WpDwI8&>%WdBb*{45|(miuCC%e2!<CSTev{)08*w(N^K
z)^4T!p?~!-t9wUZotJ{I-mY|*rX5MyrR<JN<`=5p!56A$tziG@7n=QhWzXY&hCzm=
zok!Zw)6J%7rxr{*d-G?B=w&(%lEnrpdX<5yH<!uj-PE+hj1cm)3O-jU_@m|>6w|=1
z%4GN(B(Rh4I+d0kBAKA=K|2Eg1hSz#abKR)&SD}uK5QY2<pZ6>(YaH52Qz;Ss}ap6
z=-Mw}8mh*`43zhGqMvi8_G^$5jW~)){{k~_Lst4F%=aAx#L#2ecp{Kym!C+OE^;_f
zCPbmLcY<^;$Whq6iP_Y|6+Hoy8OG7gWvNYy{s(xx{<oDP)iZ_RvzCZNd<BR|RW1E+
zVfc(w{_=DuQLE5%d^Pg?7gE;xanImt<IwjnEW3X5weP%k^TL8yXdEg@Z3VGw@pMt@
zS{KdVir9rB7RJ`BAioW1i>G<4SQg{St72D4YAuNS7LOFAee0t6TM_pyyh&qgR*>I@
zv_+8Y%*@5I7*B>wXozYW)<Jv|{<F~hC4pI@#Oju)8#q?Ki@?bU^$om%08K$UE&)a(
z)XR6g5#Q1KPqp~EsQn3ZINP5N!=0_{Pxdvl5DqG$7Mc!%ODkD9i_5!DzBvo?hdTOo
zmY~A?5yS&#lY;v&Wy&(>GAt|vLo=GH&duj$vgYDh8CP;wF-QGJzze5Iq-~g^P+le%
zbBG`=9H{wMT;;22!23=l<^jiPBQQP%AJ9C&riyH)C!0LsJTb$KEnDW~(%qIhE%QJv
zHxJ;1yEV~+gNa<Wx|~f&P7^(*>w;+>Kri^d5m|?o_TY49%{vf|#pWDfyx>qdZf4uS
zh;Y)Ok`WP~H$SbH`P=nxqR`_La8;|eQJJ?*zQaNpblk8O)EPlu(B}I_<{J3q0<6NT
z(BCa~WKAkK=<m+c3siHbZ$|A8iJ7Dh4&T^?blZa=#Ip17Mi%;+Q{^-h>D|gw{~caT
z|F-~`TN+^~<+`}VXv)(!G7fXq%uksISZrPDEJ~dPF}5^AKv4qi*8HuAv4Ye|qibRe
zX*J$iwIxG%X@(czfe%G$NOzuNeoP+VbHZgqRA)l+MJ5jeu-G29tWd$NWlI8)nY#-6
zhS&+jad>?VJ#d@}1T8@2(%->c=tpBic<pyF{;vQyBV#9#0L|vvu#whFv2nN>Hf~z%
zf8jI#4FDTDzW&1}-%D&1<0_ILBO~-0ICjD$(qmptx&nZW1biA^-8&**&SukUGP5Nv
zVm=!t8UZzfTMJE|cf>?5W`A%zB>Na8%%<7!5K|}?4pzg$O$yzIj;myesUJ2KhEHuo
z!piimv9O!5#O|f3f(W1}b+3!&Z$<1TED@t?VmGox46fReA-puj3-G{)V)rH%;>RqJ
zVuTGJ{^_yAo)MWc7-pNn*)+PJN)9(3N`dwSD@Wg$%L03{;h?rTH*^hB1pMdFMU{+j
zgXF9II_7#B0a_d@HjvnaWp)sjX);JQnM50J^i)Gq$Lwy<{vH*J>|xV4J<I#R|73aJ
z2LBV7zS-y<NoI9SPswG_`Y~w#fqUd*<P@rSKK{R<&H{3pEX5f+!J?Ye=G5M)WLj74
z$oV}$qf?H|(MR%DM@|jp#7$7Hji4Oig%t>Qs2ajKWR?)!Dip-j51R|aFFSF=^7O5_
zVLwB-{^h3&B7maQzb=};6|tXS7Dm^^e&mK2T(u=bc=>5wfCoMl`>CZ1owP>5&#$Uy
z*An(2TFbPX2>t}YpCWKFuPx#Y1ZdUL_X0rk+KYF*HNM_E9VY0(Q0zW{0on#E;B0L>
z2zRz;Z8H~8hw#J2b#?N^`BW!-nEXqaU|QDZAU$z;-nLE}w<m*L=wPt|cjuSqaC;qM
zZetSwRjh2|VDS2Et!%dWVQbd-@w(|c7$p^#!(MzM%i_EM%v$ucqnSef9bg9QpX9n}
z#g+X-bLF(7YghJl)5YJ~5AEGDy(z@{)%p($r5eb7XpI;D^$zBNxn0yIg*wm5^BM0g
zb8-`o^5|Dh|GDCS+?R9|*uG1PH7;1F%JMy2%g+{_{W)2I{v0FOlu%#J!oE?AQp<c3
zTa&yKzd4g|!yIia-;~kIw!|eHMrkiWD=HSEJLbHsy@EMUA=rc9=Mf|k$OxPkppnU0
z@R939le*1$9~P<8)$9;3SF;bndUEsaLhqRC$Z_5J5Lrk5DLv%^X3ZOY<SZNe0KSBS
zd7Vu3+82xu>Zl6Z=X&Wh@6$wlGM@x<yO~@PcG3iE1I+ibj|5u`>(pZ|PM9*aw{Kl$
zKMGaf17Mo@x^cfM$Hm~zcd80jU%*vo`wQZ+_gpvI;oo}nSTTAG0tE<2$JQZ*{8k`E
z+E2r4w(zQWY`L8#Ll6q_5<KvMc&sEn+DCjS9^0tB1!2tKWa8a3-byivIl+8>YtF$0
z8Zf6TxmW;gHLr~SQVk1RtGvJw&$ZDJZ}NWwGvuZc=Z$7y)iAo@1<Ty<LYKI~am<m)
zu?bjo!kR=kJnJdAc%tI!w5{r9{mTWJj<V8@1ld}}%u0hm6S6(iu~gjBO|8~B=j4od
z%R2c~>y|k!C%T%LkGRc+a3!A2iLRY>ldUf3jmirc5*I1h`-6*C9WW%=Tm~m)sWY8z
zBTBw$EbN!?$GBet+a)3U*XG!oa@s03`*u8lUo`ta*w-Om@>cIT3bU}HFbpH8{^E~p
z;*?d!xyNhSo7mpnIp+g>8zo{+gV!kyN@Kjvbc&NMZNJAQ);{*%?D1OY?J&45PQMDu
zCayJ|t}9!Ae#&GYWOHe%z2$Iqv!i5S?KW<6tp^=&Fh-`o@{JBMf~La<(#|1x8^Oy6
zaORxI0Z~`}Rb=lDJe}=O1H7HGdkC29e!$M|ZQIuzjp{_Ei2C@>H3Qne$7f9fK!M<B
zUb1a`-49X)tR$T8?;oX}V1I#m-$$S#z{OS3I_(;U%je{^A7C1hUo7)v6w^@4rYrxt
zG1P+~1|V8bXXvkE!kY*z>0uC~e~AD^2)np&#2$HuZnI78nEicau>srK!8F!%6@ZRZ
z(JpIXn93X7&hiHC>rK9YxzO>9WeKPvbT}70f|AGAh~%-^8u;G#T+4c)W6-t;KDvB(
z$BW>9+StDM<hPF&#DnXNUB$*O2z*N~G<K~b%RaaqA)qK7T!#$gw;~=Sl7N*0=^tPz
zo~3BT;Kq%k^u{U_Yy?*?EQnzgC(Q72ga#|%Pa-Wh-uR8Sg^^P8f#t}ur_k74s2zFl
zjei$}f9riC#l8^;6d=$zvJNTaw*o1R-88&r3$H@SAWeoK6yhc9fjb_dp`(1Eyj*3W
z{9iu`pZ<;BPmh<}0X{klD2_YYJzjG6X_x%-C3hfh{+YSx&e3B(`<5w6So>GMyA8`s
zGue^0<>Fu1L<uegJAY|QII`*WjzVkP5<0f3lZ$!EqhE0MBe2Xo?n}Vrvhm?8400=+
zO)SGP$rdmE2=?jRx-Wr&W_LC&+sL?V|Nm=T!a~rF{8=W@PG;du96bLZm6=G-O<EGI
zY2hL(6_S-(AM<0XU@ryx#96iVpmd!iS&i^z7!VI&;nKL!8FhW)rws<Nc#v7WXbRc3
z!a+(dvwUgj$Pc?F_F+p-AUKWSR}fgz=BBnPB8KW=C{ZRiQlXLVI>8K1>YJorbuKFE
z39`nZVoPS@XQ~O0+pORf6e4$n%3$+Sdz1@4{a?TZpN$3az+&>-u+8Ct_0|K$)&meI
zKtMXM4k_ffA|6=C(cqdDTon)8fSF9p13@T4!*=+Ac%USG77yrNdh)kGI`3ZJ)m_}x
z4S@m#%Kee>4VXKU83Y%kMG(80XVNYVRQ#Ab($-sR{1u|Yj}ZJ91Wwbge}*>@;FPD{
z3;~>W9mQ1*&)#`T^1bM~-`U`!E*2!;Lz-=EMKpO?&8Qlj)pmhxGktz4g?`6*;#y`M
zqQ_=a^;m97o=U;CI%qP6-PmD$6{!JMLsXe*{WK?lffV&%CxE%h31FVG6TrMS`6mS3
zTyZ(fI)d?&UR9hs+>FaIa}ZgTYL#*{2U*)^f|1U<gA>5uL=|EtBgZ>Fv=hKYFxH&F
zqv7&TjoOcWV;jcG;1)^G1*6{hF~giu0js9-2|esouV!;-Sliy|iQJUUy=qhYh1Lu8
z>j3~JW1uX-es&fgl-3~}^iVC@Qsc!cBb=HPXx1(2m_nS)K_h?{*bm<6D@OX>Ygmm8
zeYS^apjb}q@}E?3U%<oRdfiIksL#F!EVD*$?-(r*5nqaXh@I1#HvS_JK5-=%xtwgH
zWV3BNMk{pjgiSfI$~dB&HE|Dnm0C7YN5o-ofh{8k^jURtYrNS&_y<;DzN=0ddRnEN
zTf|ENdcx)aCery8Trl*oj?u#7GEOS>kNX+F*CX%e$m4$gO!~RuaX)_+{X8v28}rYN
zu;cd_2eVcd;`aUN)TDe~)wCp9?;%dNHIy&INtst-+BCFN`)vf@0+8=l=&nWlP(Hd}
zn(ZW#DJ^@|et3YT?cMazV|o82)`tGmM$M$EPiU!GauClCAmx)b{`^h|Sv&UI*27b`
zj9<V?x)AIKFq&^7izH0}fUT9xkJugnGc=t$ZhdFI!}J*?RYMi_U6N`vV6NtR$RdWU
z85c6eQX#fjGcM)<gC2NCoBEr<Du@njt-nV;ZoZW{KN8J>G@dXI2V~u4$u;DICdk(_
zMm7~|wo^qKrJ6ql08&le6Qzh;YS~-rI8bUkTWW4!9J=wP+ckbEwBWf{SGNBz5qkE$
z*GzT*{;3o#h=a=)iqhb^X#Q5j!GZ)EAYydQ7Umfsarpv|70Y5gc~u-FP7l4yEk&t!
zT{M3yVlSEZ!04JS%rijZatn_Y%VIovRqQQEV+C=%aACYCjjxO5Zv|4MF&bU7g?R={
zykO-omPdKERdKu|9V&>!%h!t1@VaRJR>a`~?jwoOHCvcxfW&1ubJfgVEQ|4E$h3*C
z#-D)V;pEb4$%M8UaC#79jdiaV&j8psg;Mq4Ri^r6JWA~Y()}=TGpu_+d2#2v16q>b
zqmmcl07fn^;!b`KOI`#MF35{bkNX+uCd!MCwx63H_w#4b&tN`p$@lSnni<oh2g~a!
zobwHasYx09Jubt!+*iP3B!erzxa^V-cA8wgGhbgR16Trz_5r+%QHz2HJ84+^14z>T
z7(iY!3-Vj*c<UVmxJ{3<SklVcDie8zmF>*CLm>@UPq4FwgOE{Ap#STR1%h585bzz6
z*%M(?1lBXK8UiE&=oxqbY{&ERreeYND|!co1C0m=_xwV5Z>hPf)X`bm8!hdQmD=|#
z<`!!~JP6l;aDX@Wk(*DJcK6tC-ik=gp@rZ*d7}W)z8ZOU!T*TG2e4NUET1Y$1M8ys
zTM-8eXuZbhnk~#TK;rT#9xIl`c=D<^0NX#{K|~;%SO*cUz{x?ty)j|U3i4xvAZ-yO
z6Ei=YNo0%hWXNP+)w9Wd%_}%C4FrFK;1Ys3f;I#=F{u4F2GE$x_iH|Go`Wd)4&U!=
z^U1UT=8f(qTR|J*<+&8>o1W3hw&F&6Vs;+KVT?L4p^;ZpuWPBCY6N+b5irw;pltYQ
z5u+iMoB)iwrfRSx432<Q)4GQ8g$81ZKt*h1$QqjXjAnag({2a{BBGpZgwDoaJUKRc
z^887~Xg%@T==qUXMo*3<UK=}c`lNDxY~=hauZ<dkkr9X=9x^<DYle3+HIbt(ROm2B
zcCIEn2a)wn#EMS4sJz<@@i}@{<@4G<Kr!e#LB}q><#D-OKNb%Cy&$|R{8IR1uixdq
zFCeHBTtl}SgpU4Fb6=^xwX`R?zGtYoXQ*`W*!sb-;=!>}*Wh~Bv&F7wOM5$SOHD3+
zsj=mj2mb$5YPjWt|F`@?P2H^khD1Tybt{OWkkEGERt<(~g~rZXVGPv?k>(q@Z`a(y
zT5i<~{<ixO2z`7c=GuK*0Pu0zb=VcVEdcoVZCAIe>$U*k;~CeBF4w?q0pZ8z-A7$L
Tw*>$nzvv!t$#(<*WElKk&0qa!

literal 0
HcmV?d00001

diff --git a/tests/unit/__pycache__/test_windows_plugin.cpython-313-pytest-9.0.3.pyc b/tests/unit/__pycache__/test_windows_plugin.cpython-313-pytest-9.0.3.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..b7ffb139b39565c7bd27aaf93d180b6ee3e2fecb
GIT binary patch
literal 58697
zcmeHwdvqMvdEdS<*asGGK1D3S=aRqzAOVUGQ5H;5A}Il)Fj|>0scct^1-KTl3(qV_
z5wU8<&I7W2YB{ND#deRGSZTpDNp()smQk9<?nxUr?K$1$0t7NgO`H>-raDbhQgo`6
z%^&@Jcjn%iT@0`QNzqh-!Qk8P-np;2_s(~}``zz;_jV}cci=kr@4}z?`g0D)pOJ%K
zH3o9~ywl-$(;+()hwPMH&o~tq`*ol4sIG|PlvnXZ^d~h+4W784kxtbrwWs`w-|!D8
z0r-2K37!fmp;L8A-Knq=X3xCO)Sqfl8W`?-rtwsh(sZg>X+G7Ww47>HT2HN0)<qoW
z0z=)rQ0A{(v(eFKIF$`cgpn*^HZBpS))Houyk7R7+bjq0A3XO+uTKtbbbQA18K<&k
zy`$YB*KKsj;Xaq1t<uK)>fzTQ{36V+5q?d=Z!7a_hF^>DYiE9~@LMPRwvD=?8>U{5
zXEXUoKCR}}$Vg6!<j<!gpUPy1a~IXflNmLYyO35cMNW@Rj%KnkzyAdma8gZ2#&fAx
z%qSN#S!Fz;rd2hQ%SQ6KNb*81GaOOUpPkGone1pJnaWQl$NW6$^Er_rQbd55|9yJT
z!Kh2C9Y~I5QUgd|^G+o5sq;~{7CtsH*{`I|XYy$zq@=a_(__gz3Os%+nNN@AluKIh
zw354!8BQxNT$)Hnomx}>Bwi+)&!m!h6zaI5<dmpa+jKIkPL7OZQW-outz<4_#?qr{
zl|9y4jq-^%*I!&~hX2sOU@m_=n|ygJJ*<ZgeQMz3^OL9_9{J?plh1uhP7EEFpNkJ2
zJDzyqCr%%iQ%1L8Kh&6R{NHW`c++tfon60p=i2UwI;XmhDQUb`BpDe|(&~BMAQh#G
zWU^{LnN6i*QKv#*)>X%CN=(~-?C`mv<ENiHCuft&$g$jT`W$QEbCYOmh9=Nn)WnGi
zy<sOVX+9lQ8j-?g{Hq~=%Z?xU9KrTdU|YenO{s@Z+1t=Z%ig9L2tHbTu(DhB$X?ke
z*Tj5y7insvj4}=<m0{M&A}J+3OpTHpQ)72RJ%{$idJY_n^~8F*yESiecs!HUd}<n@
z@|q``9~;*^eTNPn&^&o%GJVyjd8p%P5;~xgO^&BEX(Fkr7jw$6R-0FnS#=_(AR>b`
z2$WFOF(r(`>4089X#mgymU1Xt;nR+PH3D$iaZ_?ML>8JiEi`XlXxX$--@4GW;Z~?7
z=)38t@%k3mf@sr?h;G-WSx4N#+I6#NSNeLWS%(JrM?;NBb%~x^V|+&{^^S;M;2_0F
z7!Q=~c+iD^mEMRoQh5EBU%CABLZI>TAS)qiF+ZG}%(LILqG$p1mHecdNTEBVC?kFm
z&KmI_0<kT=JMI{=#xP>a&OW32#@%BEm2x=Z&Z=QWT4%P6d3Z76Zd8$LYR`%E*hCt1
zC`VmI{|H!Roz7iMEAsjD*chmaIysh)O?fBtBb^7MURH0KFP)`#L+#~<6ZGZ`!K*8~
zkVn*`?7)w*lK^>WK0O(gN)W-N*K^%?@|ARALQUvTl}<c8fPb|Y;IiX~q1G>-z5EpV
z#n)f@+Dlg+Ew${u{M643E^=?!KI>^+2sB(CSlnOu>)-wcl6=!~&Y?Il++mng+_FpY
zob!V8yLr{h9?O8?t9a(MJgbp?8y$*71C>%MV<=Mm6``#|PoUzN-;z>L4k)3~U^JxF
z6S=pL(e(RIqR3O-`Y1rdg+0BDB~8+s-W`qI>CPlms8Nh1YC5K-lG$upiB-@bIF<33
ztPde6(JzppAT!URm)Z7E&skonAVR$A;+`REDoBW~F%j}izlq0PL$&&ID~yX~h)}-{
zSfA;*N$?JN5XLnWTpT9rm1}b8xbN@@ha-1!w-I3YU5Ddr9S=Q3A9BToZXm^LdYy9Z
znHPIqea5@U{<B1)*)>FTx8iCSe993#8QxTu3ynGzS3640YmApIiEx&(t*?jzr#04d
zPL#=f6Z_C!o=4S?J|0pI#N3@eha)S=K{*tcx}D5bdlv7cUzW6J$f~$d##){h|4lpP
zx}(ml_o#E?!f0JIJk=pjrc&s0Ba>qhORps^MyEe&Bq>PrRPa+L2Rr5CLoXg5>h76}
zoX_Vc)Wcm}Wy9EE8nC)9s^iIQ)TOkbPzqJMvJOD=Wk$0(C4JScc_=q!3wgF;G{dKn
zNTrp0;zDvPGt4*^g<AKj^N#E2QSbzvJ9bZ8+80&*KV=}1qY=WoqiQTcqoV({$Wh&^
zFRHR(9J#m=fWSTieRt|GS|Sq`@zJPCo{tVj!;FA3QU|IynFaaNf*64(l`Iu!GOYzI
zRg>1%>8T`A$uaOki5yrEFckUonwJ$s^FJ|hi5QMVQqdY%D17@9N-8%#kp$}&#N))v
zlbJE_eX8ag%OM?ATc1$R=O)L7S<uAjSnlQISb~l5wFxyjlBN{2x_(xE&dzB~31R`0
z`9%8FiLqpsRa?}rdDQgSh*obMG83sWy;9g{&jwH}Kn2m?rN`>%wL13e4n3a(R>wh=
zm@XPR^h+N=Ht26|A%F>0?_%1XN^%-oGVIexS^W<HY;a${^%s9?I{4n+L)T)Zy(g!G
z^U|iGv}sn_y|BA?R@(6csZRHK>lyg{Kw3X9br+@Xg<x!<Vf#Ys=7nv0Z`L|$du}<r
zwf>tyM}6y8Kll3Q3R3K?&ofXA$L1yDzAnY4KPOx|G6%m4!mnt$=z$TqM5&1|0-2R!
z`T!`XF5XGd^LOA_%r<7-i`n9=mBLH>YknXUzE<{wr47hIqVS`kXx&stzuCG(D5&p8
z3~ux22s(3`Tx#UR3oo3GX}<AGjA``{(+b`c9ZshO#M$;~UKT+i-cj=n{KSdp<QJya
z6JY^e(PI)p=@SIyQwXS>q0o{+D$)w^CWBF*`57yppioZ`=qK<=0PsoA5<WnHh7iq5
zOt8wn1=R}=){XUE{K(>-No7i8bHq|>u@&@WOL!`-ItIX)>y}3r)^DMEL)$|0#)WlT
zz+5-@r@cR_cbFZ0cWLjjWjgxtS*hL9(RVI1Y-Jt2lXdhDsH5xsPVlA39b<{k>HZTS
zyx+xKS=U*(^=rr)-tcR8oE3ZoO>PdkTn@$$P(QA?%&`<w1|R+L`8N8FZ>yuj!N=HP
z@XjNyh@%Z@(X*rOHphrFS~InKAcI*nrp(l9B1$qtU8%gsvH5095nTb}42^%vBLGwN
zEM7)6Cg17dt4_@e8kssjc-4bx9wW`5^DJRSqImrPSKWH|pq`<;1fbF<i!Pyeh%Jjd
z#JFBgo#uC~phs9EOi&Jw0$g_d;E`?bv=-|RPJ7=AHGTD^FTFIoDONaeq7*v05Nw<e
zwiSbISG=>qogca#b*G&3p_4a4C-2-QcJ14Zhu!b``=y$cwb?!%&D_D8naBc-bIUgM
zi+Ef1)uXA2{n4AcS;Vz8x01y3K_x|@MgYp&v3==w<cVqfSJ9R{(goyn+i1@XTW2m5
z>kpK-=d-2Iz~c5CM0*b02o2m(GDzU#+>BfhQN0=Iv*pc5pY2q$h<iVpktepQX5^7R
zhw>=n1Xz0rx(6TeS^Xv))>)Wk#^oGy;vu_CnmI%<D=yGfqCD*4qdB9hF1uNlbsmNp
z7yc|%)wK*&bs1FE4Ut+7lg<=L0znu@&}|`|)M+ad!&J!jVs{!-iy~l%)oPEwno3Vl
zGLWc1+L%a>j38NM7_XwF3D7K&QB;T=$_HG=dRE9AwlDr3&5Xedvyy6kEBGQ8NBaUw
zq8<idOyusKLeKHiuBQsp`dMlF4>_srnhSwb<a9PL8|)xD+cO{Pz7guaqte^_i^hJR
z`+Gire{)UQyj=8%A0UvmM{r?g8P~>ygNIzJ;n~bSGQ?I6kd5U+9}=_eiatalzly7@
z4|y<-dn|p(vrHfI7=6e)b-15R6(bN}X3%|xCw0j-m_c2(xy)F7r{0K*FI<oQK7A=y
zU8X>4Fe=$HaAwak$LdN}&YaX#GIDK;`&W{^MM5uz#)LT*_9AUFDJhHbC6rqo0w|xF
zEHv$Sr{|X2)#10WZ8v?6Xdh-MqPNB7LS2h{TlajZ>qe;Sj!NzMJx^nQoBMlh{{GGy
zCbk`n)@f3L%>@$)&7Vk&=Y}W8(!hg>#AmUpK%*yI;Y4C2qp10@Og0TZHKElc62rMv
zBB6MYtRfTmNdlt;ULlYpFiC(2pVpE{kd!o&N+k1nCG+wmDi6__0GR|dj1^Ky@XElG
zK-4LKpL6_?=kT9;{e{5MlK1gjt~zhmZMVbsiJOGoia2}${-nk0H=Y3dAm;Jz`XI=`
zt)L~K*V}0X1a_;=@}$;ya@z%rF}bWTG~SDgSU0+EKLxN@#3;KV9`urEQSr$TA}TfK
zBuJY~$%}Qh3&KRjKU#}vH4_K&b(fRbk=*;=Lh@4wh&bs>L70TIMVScJT-d5i1hRjU
z*XAabR63H!%1mS|qc8ZB4ffQvsnECI0Vnq+3ESYPymIZPa0`<}!SmUP`EtkN9wu;$
z?>3To+Bw_~v6dK&hQt75=7UOb#=Q`^xz6-jL~ic0g8bMC_{>rrK~hZQX67OUW7b^a
zLP*I=$3$*sEb46)7sOd27DR4t%bVDT7Gk}sA%&Pz_N?kn+sf+G_D#)J;v`zUF{ZrL
zO13yQ-rQ3yR@}q$lD#o66B^P~tS0U=M2IzKn|S3~(y|q%#%p+5{1+lb2_i%n{@oBG
zzA!39Yp1pjF>#rSmD2KM$rvPtv?v%;h&hHF@3SPd>*aDhAch=o3DMqYI*&y<Jxz$x
z^smbQ+U}?+?mNg617ak0075|{WB+Sxvae9zf(U@v0fo9L$^Lo?93XJ;PFNR&G0|WT
zgo=<<T<Yl_j0Ut8+cK~OwHhNAg=nF2oWN5ANPeZ9AaIhvDFV*`V2oot5u0TWlJ98%
ztGw+|tE0~<Z#$$*4s}UfPmfC9FB4gaN$N&6*x43W+e=i6w+<06eVnrm{B5MH{#yV{
zPQxwp;l0K1-hy<p5Z+q~cLJI1>7Va8S?oDUo<PDU=OyDVQLs+o)R8&qBni-rAVt%K
z2S`+ZVjFW-&&(2)@@7to+hb-dlD{FHTrBz!BDe3Nmoxe*7<Ig+aS67~WiF?f0*$O&
zcG^-^EEHE`_GK5Ns_rtX>Z!)w@$xXLO0<T?adz2L;l<RVjMkX3S4gRd*2vyfl@fFF
zYNa%5RFn?u1D05}r88rpRNktg1x2qK(xjEXn8%=%HCT8uX(cU~v&)heeZLhK#wR;k
zS<C69?9WZdUDTGj{rt^`f3@t*#rS6?jS)EzcVk2jp80|~B3nvgUt2;%{BX9P9E!R0
z#Vol_4##Vaamjyn<#p}n;}QSGxP-c%_@Z3DR?pOb=sWpH>$zdAo*zg(H?Gz51F7ex
zwR(Oa_1wHx&kv-YTh{9Nfz)&BT0K9IdS16y&kv-Y*RR#{1F7c?YxVp<>UrZ@JwK3o
z-n3TF52Bv26t#J3CzrQF1vS#MpX;HQFEy#L_aU2faLIc&N#6H!VL1>}gLXGP>WQir
zsX9dHntLpr)x5N7rD8FkMCT+c?;)^Xc^%F&g<6Q;6<Qn})WTe~ofLaBsWddOT$wC{
z|BXgI*t)|6?I;8^L4Jt}`3-<6t9~wN@jeDmtyQF!I-jPM&*4NqslKAsbN@_6O{mxz
zr8Qf9k`oh&iCk_>TgQE~={&Z|ypl)`CnxgIMQq^@uxy&Xh?-0&NL|~=z1jXErsAvS
zM)DU)cUQdG2=->sKCA{F_&jP!xsbRpZYFDZsnCy1o!1(9$l)yQu1L|Q9pT56fD@!l
zq&4wyy5Fdho1DPn<0G_g2vyn%+T4RG;ERe0);!ABsSa1V2obO>LcB#)Y|#YXr@TQ)
zJtw^N^@c~4uL&Q0rKH=sHqom*kH<_~f-gykRS8|?YT4rJx;l$jCzg%$9m?_3P~5~S
zMSbgheQ&Y8x5U)0!i{hAeR--NwY@dOKr!4lFBx}9YMY)CE*+VZ+P<O+zhaq7_r4*u
zz0qe4!Ci>TlS9gH4T&%Uf%if<Qjnroju*qxdC9o1OVL6&qC00TxCj8xE60VaSmqMm
zB`LZP-c^vgXZniaZs<Mh_jRee5Z<NZvld(gfaeU}#|RE(X^TsEm!Lx(-dd3MT!|OM
zd*&tMzAo)4gtzL>Sqm-#!1GF6xQb;i;a!sUEQEJJ|9YmSLjSrD-l6MHLwQ=@R*mYJ
z7U6<2w#6m9p^d!|-d&J-W>Dun^OA92mwF1}-MVwuf{Os~oI#x%!HZ=s;a!q?7Q#CV
zQrFCmVz_HwGVbeAS0TJpcg|XH5dfYucrzn-vCJjBOH$VYEw=T}Ocukv^OA92mwMSk
z898SyxCj8xnMvU)mbrv?N$UNGyJCAm+IuC9<-&Q%xUWll3*mO%Icvd10C-+W3s<qs
zCA>@0-jBG>w-uz0E2#61dC9o1OC5#qHr+XE!9@UgUO}B3!HZ=s;a!qC7Q!EC;@b;S
z=Zv>VtFFd<UFs}^x9iSX3oZh{bH*!N#WI)hMxbRDQvU)As4G)c>2fSyHXZ(NSom62
zfn`Zm6tPHVufS5aXiCeGW-daB1p|k1S(Qroq8w92F=GiGJ06Ga{wh~RsTSH)MX46j
zT)3<j(p<Roh=ogRJhm)clHL}(EOlV7Dr2{BSyQIuQG>0_QO<Ox$0zcam?Bf;<uv#M
z?9_%5pt;vvSN6E-oEli2vIiUP)7jyPTqc`W%e6ePT}$88r8A;TheMgh>nV=|lrf@*
z^qpOY2BWoFU3r=-W|6AuX&lh`B+}C=)63|#(aX@45X(!F&}%M1HK!{fF2VkY`mo0M
z*T_~SX4}xv*j@~S41iv3FVWD{F#|#ju!x*td@>0f@Hwf2G&4*R#$9;8NC-Uv31cIh
zfzN=Nmn8z{4XHy{#p^+t%9Lb<=EX2Nbaf?JzM8ulHQ5zxUUk_i(B|T%=33S#ySkjY
z3-KDJH8;(P0V7m`1Ps}(w#)9ggcW+vnNf3v9_#MnQya3?7Fa~6%v|g>u>=v}Wn+ZO
zj0G)<$_wO8#A13A)k2%wRI7y)%95rM@{oNA1aXnMhDEJR8W!fN{{~)eOIpy5tGw_w
zORW0ShSsbPtN%YwikegHoKUf?K*<qI_9`iq=F_*avQ4IJhOGQ6<frS3{T5;Li7EdE
z0Q$GKipl*HfV8AmOjL|{m)L=3sx2#nln&{FDc1<FIT+Cv<+lOs=T-WaqzbCSUREb6
zY)evAqGCp1IsG28D_3m3R%I(1?YUeaEis)29pN<S$jm1SdyW*OBY?&5k$K6uufvD<
zWYY)uoOFaJkKtD|U3kFg5IrebViLZmED1gK4e5wZh-mPG_MSpk9hA=#xJ=-u34DRT
zFA{i%z`F!I1pYmNFA|{WdP1a<qWmler17hE0g%q~6CZe7-c!yGq<U}cgY7OTDoYkc
z<r?o}OojQj3z(i3C6mIxxJc)huG=({Eml;nuu`yMTL=~LU>Si^8%3&kX0PhpO4@=?
zrpelj)$Gjs{~5)c>NFLekDZQ3k`}u(Q0}KVw9Di|CK-W&n3%HkknrBBh6Gb75BpyX
z^}Vi@?5CinWfukt+RssOS$9St1c}TlF4G)E)@#{wF9^ID+{Vtq-+%`d1Ax870@=gt
z9C*v@9Qe)(ayqo$%z<O((8bgPiPJT6u_vB_xR(teW~|LTZSxl-SH!{q0wv;Am5P)W
z&Gc<cW!5KeQ&BpEx5TzB-Qw6NWlgnMaWQzwlCZIWea;pe3n;mMS<;GdKl2y$V`pO_
z!0amoqQR+l>*o_811*t5k@4h&N)}%F2cA688&iH4>1obG=1>GlDKmEfHDqqnz+PiI
z#!~RV25SoV2o=b}Xdmlg{FwZ48EXuwE)(1iMjI-}v^>Rnf&dL{T9f`I!-j!rb&6%6
zd0D0_9rUjH?RJ5&P1nkQq})yupyAIdPwZ2E13tC}1{#=>GcVov@PS@!w>`DeHJq&>
z|0^YW1HdxG{V=%kt%IfD_V@6+zZ7h{>2>e5?BUr3b4Y9tPq~!=HsVDg(3|Nhg%3}A
z-dneGeqBd#T?cXDK+5F^)A<UPnfPwg526E$OAiW;`X9rffXSJ27jfq6D*0~&gt&qY
zGWOi}8mUFAlTo=fQj2={J4tFIi%D&tNot1%IHBz;BeZ)-M6m)wJ2ZfuB#dAYl~w)|
zfj=NX>tI#Msq%daN-;He|IolniKp_1h+#_w!(~)Z8P|5Mga#rUCHT=%z&*uvd$3?o
zShuHQ#enFWxr6|GPTFJf!y<vjr3bws?ID_H#6k$}LR4fRo(KdB6KfRE$}-u?5!NUm
zK7qfR6mZ943fQyHB!T@y$4&@-)77)Dj1G3KkPhmJ+$UOC)2}CY@AR;#j2;rx3cipT
zoO*K6EVi64)WiPIDs-{86pY*hXBaE4i(##^ur5}y*hy5+v_1u#Y)YAaWNgZG=|OKu
zF`|S<EQH`LL`4STi9le}YB61;WfYP=++L5V^vdP3)=4<oIz8mN-&1gl4A55EYRXkP
z7h@RC5PMqjR>mcZ$?IL4BiaQSM&z?(<u)>s%#1<jL)gu*TEEqqi>X=)4V#-eMY)7B
zC{qN83=c;A%TKs07Booosxu5f1+3Ddfo?H_&uT2Qv&6;mOu{Imc4S5DfH}3ZM*csP
zYX-o6mULzBwVq<|=*qqZ!=%x-j?RUm%<#d^VsPh`&(8)QB{Lg)=0njNp{QZ_Akx@>
z#QnV^{!i9&!w1WV@0h%f=5tDs0I@X69}%z<-+hlB5Fq)LN~RA;eD|ouWI;gK8vu4|
zqeYAt@a{D%5df=r!p$56VCJAa&Ot-;7w{g`MSqmLz32}DqK82AS0NU(+VZ|@L#h>N
z1}tL8kQ`L%$eNti!g{J<YJ12qm7r$)AWKub=$UR>f$KX(hJ{sbCSfES!ZtES36;vo
zTLkhvkT*E>%ihA7X}US)At@I~n}p5to-QG2ge@0h-`T~5sgMTJ@)o;fAqTSfiRB85
zUx1S>)6d+n-{pyW?bfx&MBZnf9}_F!kXDK{US1AZAQo%L5r<8geTYRe?TSkdb~)ux
zmox5@>khfIHSrp|Wvi@owuMKGi%q6k*vQCTjr-Zs+3#@qondgIm4~;NVq*Je0E=h!
zXTD)sJZm@$*`Iz5*~<NR3ozLyNg2&tw(ywdFD&H<R+!g5FJ%%rSz<@bSRAv94Jl)T
z+_<Vzl7zNODa{SUqI8I1iDg?lGZsqKST(e0wW=Y_9&MJ}z67G5%T0#CiJ;spx5R_S
z#@^7`ZM-%uxo+ov<}c)_A>Km#7aMz9vAjn{CuoE3yY@X(UPqru?yrV+nyGOtE6JhU
z-^9bLfBq7$+u@%nt6N(cJ8e!z?_7W8t7h-Cyg`KLVE*C_>UhbkhFp1Dgn63s218<9
zFK?7L#p{h44z8kxgFG$%Yt%4V21YGUe7i~w^9nRynrsw1@2Q42uhp;vr&Abxc#oxO
z4HT5OgZmD}IA;FluEhft{d<1J{rizKU;b$Ox4dOlv~ndBUDO8e#k^ath@vlw4cfV-
z>h~(fZn@3SxoVIj^455R@f9|%;wx<A<>tQ?U*R{ae1+X++j9(kWFN=xdmm~4$ot5)
z``$-HZSXo?RUcUt8+~Nk$EuI?^4?(nqK_QluAze*Gk@=ij%@$P`^b*_-bX}j+*Kc0
z6dQeH$3xafd_%-0S6rNfhVA9n=+3E4{BRvr>?JZb@2D|Nx;UAny(t%_>ON(hjTE1N
zk^c1iGz)*9=2=mX<{5+?LM?!VCdQJNn8Sy|Z*b^}R*PRHPX`leH8O3=Nh?z!96prI
zM-1otr0&XA!j<1A?9&8@X;(<&2A2G5g&w3<$LE6j-WRQ5LdlK74~M&86VJ=Z)GJJ(
z3;L(ekx&yGiS$DQfK+UGve^xVT~INeK2%UGJECZR6WeA(W5-p)l-Ms(5x+s;F#@EL
zseGBhR{#bTdMlKpkIGRcGxjp3RWq#AV=3QEo|c)EZxWz9kY>j+X_7_AvZSJhF76U#
zKn1d+qs%x^x78~Rh*4>%K8sN`n)qT<m{~yf{-ld*YR)0o7ndm|x(TzEXtC?Y)g7v4
zPjg@-&l-4%mm<L~KQF85iy4X(Y>6(qMe}?{g@s%1@Z|V}y1d*@Yvck6u_X)rUG$(;
zZOqa_JRa)|I01^jD2ca@LUpeEBLH;y%DU6-(FLt9&0a<!k(U<I_iV8bBt0B$veU`X
zLi~$Q(AzT=4NVfC6!m)L*9kmF;Hw0#5%?N`Um)<C1l}M(+8fFcf!_vDNi=KO7sgTD
zw0f&9x;Ml+IOB=!8C10nTfvYaysr!$g1AU^f*diK<%UPT?f-^<p{1?R{lxeC3+G-c
z27hv)Wy{RxzrVHc>9fV)IS4Pe`)@nk8v@gzA4!JY{Yp&`(g=C96x>F?M@zxz&024{
zW=POZGvvLd&A)hLT3TpWH{Y<Q*sy0|-OfVmu7%B=g-x-AEjw@4I2!lfba)#5)4rQQ
zNAt${rftP0Y!HclMJ+UKE0G>|bjHbmb-x&PdND;va|anVfz44Yu^9||#4Ik|`-T*K
z<A5~;cOfdW)1O$=20r5y5d?zZOy#8wd+Dw?i(%-OAD<6*W78RsLho@M7Q@&*W!%@{
zPg~N+IZHUy#tAQ3{0Z+hqv!zu=cMD6x%JJ5cNJ-?Ti?uK28!XndC9o1OMPs=8#!kQ
zM_z=NEdIb}4vQE9nUne|vpU8t9v=Jk&&_uoD|Q_#NXH65!pG(%<Gv0b+T}#fS;CPc
z;U$Z|?xP1lN<3;&qI8*Sj-@M}2n7C>g*rVS?!}I<f^>TJ;EDNzr;7(q11|sxpPrYD
z`#OAR*BCix2}h|2FIoI`A3Xpi#p4$Bl$mpmr7Ru^1pbxfIx!#a!Zx^qbmF%@F~9#r
zasLUR1t4K0ZQR%4Lp$ZjIZHT-MR>{Lulwi$kP?qtWa%>397|U`5eWPjr22VjOHtY~
zCq))7bxEK;Ocwn6AfPLk1;^Z7VwX=<>91I5GNrnvJz<NVP=+`C9t!EN)CKc-O#17;
z3+Zp*uBE?0CjAYSNq_6^JCA?=rN1y+xT;b<80l}g>da&1634rd{?-fWFQnu5P5Rrk
z0_kt_veMt$yOd1^ne?~iA(BnD3hD1UdHsEp{!$HBlm7A=<{}gjRes%r^jELp4Qn+F
z=`X9{AsgARypei$woZ0s8{&2G1}5h<x2R35K+YRvThumD?2km!+rXtK@@B)dYoq*#
zyd~afNJi^dAsMabY4Kl3Mnw<JHjFk!+om>}@(Puk1&NSZ5Qr;$pM(fta$-t4cWhG4
z=f=+|KS1^26lLiJ1Ym**hMi8*nSCUpNZU#tzKvMQpA)!5;86nqi-3><D1SlDiuu0s
zm*n|Z1jKw@`QLEjj9%oQz?shHF@G1fP>fRxq2Z6?FxY&0n&SQe0h;w+ZB=d(ev1I{
zG3=y5{fM(XIiDcVPv8Rrw+XN!K1tYd0#6Zmn!pJHCkdP)@C<<;5%_BW&2Jw3u*4+M
z&nnrRAu9imBCmdOc$%X97l7p_hx$QmVu~%=nwfx6b-N+FD-3bvfyy}|?;v`lPMRuC
zLo&mrime;J{^?)%^a9Ro`rLPu#o&pXZr4`K3|*~(X+I8s)=y+xZf1D66x?}lGsE7(
zroO*ZGs9>3%<$Pl@3RGoU@`pcyky+h;X^Y+a?TQt=>Xv+i$CGLW)wXD;GFbq<qTv$
zpBe6-IarVYisAk9l5t;`_OqEGIcEt+UWAt{{=jDriWmZ!llGTqH6QMTm4%sCiebz^
zPhA@WD1;AR8!LuS%}d68-SE>rW|>RJOB6+f6Udx&YMB{}AB6wzl=C?4v?%Ney^t>V
z3bt26mZD$Pcg@+HSLt11C!GiL3@_#xuvCC~2CNm>ZK=-In1;Yj?FMieHMzIqwQThJ
zHO__@S|*LWv_pc|=RR!PhZOf?9l!R>>*nZ(Q+rLl2HVwtE+apJq=sot(#%EZr&x1Y
zteVJ6$<`#z*tR+?i(_Lg!7m3^RZ5y?nEBY2(%k(fN{4!|#Ih}&84INfR1Iy;bIsD&
zr)$ngs)ZCY5;<thGXio*u8RkR4g}grzbxg8a6j`GIvRF55Mgk^Wc7k{Ag;>w8y)DK
z?Pe^FHHpo%+0fY?+}G4w$^8|t*Wq6QS4Vn6_q(5M=ehE)oaeZrezqt!TC~wpWA^PN
z^m3|(6#6gF2GUQk4xe3l%Lq*u{%+v@&@vN$JQ|KRPaQfzcGfyy6qfFAJ~dQw)mJhT
z6F8IXBCL=^6s#{rGHN87%frwdPP8H$Zn}bQ<>JymLq+N=9<9`@gvCpNdk`0KWBc)c
zoA{q?jtFRV+|lGX;Rm;lL+#^Eq8t|-Z+at+fuO??K!{Q2qi&pY>YCap-h_%<R@Onb
z{XFW@T(NG=c~PaZ@q<Wf9~(_)aon@=xOQeG0&;GIPOqQ@RS-_G%_q!?c}zcn`tg`Z
zIYAr}_1X6wmmP)1!FO}l8VXHa@ATYg>U}r&f7ua!UubN`8kFVG9Ge}g*jB|X3*u}a
ztfOh}WcCu<I0e@7qu^t)PMK7)I678U8t?|udb?E)edp;)nbtv6g1$qQv8wf~A^7rz
z{;Mxybd@h+RIPRG_<d=-lhjgQ1^_SXufnX}tnrjDU-(zEe9=|d)cvt$QvaxN@Y=}l
z<=)Me8V3u~AXZx%2TNf>=fZ>YQrTUk=fcn8nv(_*O@C4Xz9=R<7qfG<=r&9M{fDa(
zK;!%lH*BW(Rw0Hqhh5~PU$QyCntoy^eaOVnez1oDCWa2)g%~<?*J5Ze5nvC)Wn$?1
zRS9^BJv4{;2c?8uFRxBjn%KiCr8F6C!BilIC02y@Eb|u(mFRh3CK{@SHv6Pm8vAt3
zo?0!Wsf64p#L!K0^L-OTx2!-6-AaPGC6$l^cPWOhV`Aua50Q{`y%0lhkT>2pF*Mb1
zH8C`=Vct2-PIxa$$a)QLTB~79SXd3)ilH}C@4hE7bR82zKk@*?&|8EUx=oJUH!-y6
zp%6p2M7K`u<4pXE1NuaSODZepA||`7`H1s-abT(@`EshWXWxG1f1p;!h(Dmq<52zt
zKT)6Zr})u4FAkg>R$Solw7P-xcuu+0ud12RY<gI$JFVnW(0a=$$8wX|yykxz69Wau
z_d<7vOv>nUoehMMOhhr~I`>JO?Y%Ib$P6nU6i)FH_yfv@MAnKA&LsrM(uHyLfr*cI
z*|OzS0yYs6t)d-W1v|btdJ?azzKLlXW5b)*fBo<;9R9)j$in)q3mY~rw0A7DZ(G>X
zb}Lj9s=Mi~ZG(KdwmC2@{it~vmi<5}*iM>9WSi#R<jWs>*1cQ|TacdS^5v%sy-&jl
zSPVZs4}W%FhY!h@$vI0nWWI!#EdGS|no;xsfOFE*mAO4=`SNHnd;khZ*P^6#6h3eb
zR)#9{j^L-O3Ng(isCOBfN8DTJ5dncJ(c%e-gm08hNTz+O(THI?B3G^xBdlzhlMGp~
zi55ST859$ghe9U?`Y<vkB-jxdxQoe1@UAB#AvPJQE1Qh0PTS<iGZ_iXtD7=Cn8`@}
zk9jiEASNS?a?^dAj5M!cGSaf_WW;}$laUacjI=&PtnxZB8CfrHxNnmYs^Myr5njXh
zcQT^a@W#JiH9XoJ-88j@FXgKdCX|lQu9HYIl_CZgnjNA3;qgos2cdw?%_%QT)qQd@
zGnVhfX);NAFy-IZy|1^ky9YP+Cj2QzIj!b+Hu*B-|Jaz4R#Qr5g7{;t_SvMGe>OK-
z#wwe8POcIU`{xAi533w)d0;9WFzom&6?}jIt*9|0!<wIJ^4|Gwl`IF8%fI2$Mc^CC
zd2RDZ8&&IC33qLY@N>jZ@6`EepTkhmXxaWwbK$8M3+c}mgUXLVO{2T8spn%Y0k33i
zp}MUr@SiC3GOg|2#ai27qiwae4S&+$?lrW$g+ewE(#a;9(3b52hq;=@VHk#%0H8)O
zFB$iB=`d5%Am=RMVA%;TS^R;|Kr!5mq~kZF!^<$ZPk^Po{|Xcqr3w$E^gdWY^8DCT
zDr&%{LVX)56}5MvQsKXAm5KmUsR)*-RD>+d*2Ah&0hNJOm6F(0Q#IkEQmLr3<YB)6
zZ%&=e(%6SICsfr!3hBBW7Ah53Q@C#`6^&q`gi3|II>nO8KHhumnN4dw6YDZ!63%&4
zc4|bmej#FEHRta^&y<^UH|$h>WYWKL<o+^VcZ7Z~@;V&OmC*!ym9rLR)V=l0ADb#?
zRlo7OQL<TQNV>x^O@G2d;d<pNH+Blw^yP-2cJmKM8>1Vix=v=*$&ryvDuYvgA`?pH
zLS`&In$~6BDIBK=yLiKqq^jG#!wzaw0L{4SSBVj2yz~@dOdkC$!WfgiQr#P9O+R~g
zJGz-kzD3))r`9d;TFO5~*{nL+#(9;{ajB4WUv2zoR9Sp_iLcsn^Q+TgVY_mLy0vat
zeHk`>M>!i05xHpigxT<hfx$|%Z55i=OGN%<V(+6|TwYbhy3pSH-L1vollLYC|M>5}
zZQAhlqhC8(kam7WedB0}PG;PB<#`5*bfAiHm!zHSct+C)kLD<n2vRI_>E1V_owPOB
zh=mZ`g{W^F)gM@s27cvv5ndn&%}!o?>|YLC9k{l&*zs6FdaTg#STX$Ayky+h;X}tT
zl5^IAmsm&<Odtre#^JAV__n;Rt<v-whmYZlF7SVA9KK!^sEda{oqw%oiq?3rJ#&r2
z*DKzlRA0{F?^$H$dZo<$ROn>(LUJrK97&BqAH0&y|5aqXIyPU~4gPSdzPv!`VaAjz
zQ9P^Q!IeGa*Fj9>GJLIm2q)LiVfL<>S#M!7yKf~zYO=9i7VUQ^+ubYXWv_HygZR3C
zjg|eFu(DvX`~LY$zx>iWJ;fb;zzaM278#zwS?I#>jDeHknH`348ewV%2#nJ#!^-Z|
zwK346jE~j$h4m4x9_EmR{)NR)SgE%7iQRq{KXGR8k5OEW-G4Gv+99s4xeIZ%bk{<`
zS|+acmk9+|x3`Y8Donwdtsr<YJIX~yE83Yw`%Box$uz`o0Xg^(imQW`ny_WeO@;8P
zA@4?99TMVdSYo+v;_CW)5Le%8&um!hnfFCp{r8|}j@CyTr#g?bQ`k@EE~XXve0ppw
zlAFv=Oy;pO64KZ#ZGSX3NmdGEHA4pbYoIoF!JILUD;l!XG+32vQpMp6<>~~wD#6Bb
z86-Pzp3Eywj^*{U(z%|<QYIg)G3JOvyAHtYJyex8zO}Cu+;VUHSx;fpzK^%2z{f$<
z2#F=*rPyZK!Dx8tqn<s~%m0=@ExLiyMBotuI|z_H5T%<yFM%&oxG(`4jah$G-Xn|v
zol2r=K<NCK9?SVLk9fBlr^Eoe^|<Bym<`@%oW>(UZym5aYw<qEpAmX1W_i}`eUd*T
z^wtTd<>7ko5hG1tw|Xs4)_IQ_Pk`OpSN7z9cygfZNwaqsdve<aOn+^9*%bc8#Tn4s
zPr+;PN!7A@Bc^3CPN-IVvKO%CoP^Uh#X6#Ff6jCR&AE=#c}XXd+2Jwl-OYS}DxP8|
zy6OkNz~b=GK&Lv9PGzwEq%SZ<&Ksd)W!teyeVEF5n~b4awLa*0mp)o$!iA05&aBI1
zisOQz&h3l4**f2ooN0q`2~eoB)PLADgmfz}yd}(OVE3Ts%r?tPpBYE0jKSn`f@PPz
zXR%#ezlN|$yz;V<TbXIsRfeXt&l+#K#3^@XY}=A8jtwRhIxed!CFx9<`Pi1ytao19
zY-QSvWm`Hk7E0x_<Y6CLOoHSZ!(hJ`2m92<y~Zl3&one*NlP&KX6;&86V9B&Fo7Qo
zqYJB~$6%Uktxuu4><%xo>yc}HictYUAMN^7+-YabCR>A}R(?J%RUG#5ZrK-SPp1M*
zbvt<GRg+GAOuuVW7pfY)5R*$eWT=VzWtuYj4GIug1qBete^j&<G@K^h8udr(r*^Z^
zYA}~Kw2s-(hGXBe`6SlDBj<A}nIsv>#grHEu_y`wL)W02G#g-j9?v6$!T`K(fgOlp
zfgOg<nLQ1tAuxLy(1X_8P!zaowZlG5X|hdt-z4ly0E5i13CyK4oAI#5p(hN)w1*#~
zvYBSmVeDNwMDdRjAhYh#fD$15FfmC_5_X)xNdm+ZSj@|vA}6yfhjGAhHK@-Mj!;CV
zjPM3M|8)YtLEviy1_?YzfT=1xPuLKEN<$)ajK!tT5H_<J!o^Hh8E589(z=#+f~iet
zu|;f!u9&by_`fEu?pFXVJAPQ#e&t}Hv%ggL$!YgOcwIr-_O1PIso#WUv2Aa`ve>qH
z$+%0>w&_=O*Q|+($ME|W42>Cqi)Aj|`vy|Pn!Fi;yXGh>@jxKRa3Kss;azX5GyA{u
zDv&F$!t(OGWZWgGt3c%==d1-60pR&IGBko0%Urtm4XJAeg*HQQ*BoUg9tZ?kE`%Gu
z`s(W_4a&Tzj;`BO4Bl?K?6tXz9vBshSGB7F)Tu5#MN^4ujp;*G*bT9Qt%9V|!ra(0
zN^4A?-D!twOdtQs_<*<8r#|Y5#2VAL)Fi^PqVRAreeGDOex6Q<uHg3cQ==KXr-i{7
z?%$UXCL5+gnX*N5Vgi*z#33>Mit$R1k#jK<*Gb&r5=<P+vI-YR4ArW*IL*tFRgR)O
zOR!_jIy)v7$8|Pr=TdA~dAPr&bbl3q*so26&7Cu!FV%g5*sn-I>UjIujQcy-p44##
zyOTQRCF3qh9ffd2cg|XH5dfZV9}})(nM?P+A$82Sts%H;jxrMu1cEFV!dnW`p0~GM
zNquKGkSn{3;XU(`ahIe$(>R!&T(c%B9>ec#uxCc#Vwp?#zJU}|))3q^M_Gvn0zrnv
zeqDO~QbFoOz3C7(YUd^6zAkl6UlJ}InS&n~Fe60KbkPGNaEYZS0tsYR>RjW%9CkKq
z*ElfFD}ZZS6T3OqM7h=G91p7~cZ~!4*l}RJ)_puUSJK#>RKbtsU^$qX$I?Y`cLGnR
z^PRGO+}u<MRt8{9D>9tUX1K25%J{LKW%x0XWfh*RcGWyttw?$~zO0?`WlL<sF@$Bk
zOK@q+#&TngN&U9Lvqfh*ueFuxP7=$uxghO++kNHOcO)QJq#|wfFz%AHd-^rqHEW{c
zG5p>JJ7xqfmbrBA8%Xh(H3WCfQC8xCK#<`>$*{fl`fFg-u7nt<WY<tbCjSO}S$53`
z40i2Gs3IPmoLf_R(7jT81((KYS|4C5rQZVbCX@=}t}*gwmnjSy5)&={jES1W>H-%F
zxEv7&4E|FuuDG!7icUgT1nZ>q$Jb$D3fsNa(c$1Cg<*snaYY<$2uaV5y4xHul<k@N
z#L#4xtU5<5sxB8Z`SVbBiKzHwVb3F?Br`zi=-Q!y3h6tJuceQG#M{bK$YU_-RgR%N
z$}oX60g`KL;e;}oO-ztFjY{e?QFn!Ui%Jy+F|;m#-p#(OY!2sDvLYn(A|w`xn6<-8
zd|xYw>!+`5AF{pdxC!&l?bE)m1m6oaef6a;y)?V2YcABi5Nw<ewiko#SB}mGdp>kK
z>U!ow-8VwrcT{SOUuit*{#}26pvKUV2rR85@i?kRIYt1A1`dT9UKt?li-c9^Lp(|k
z2+(4^8bb)uhuHUl$LrnxL7mqdW8hYuMf<?#-Dl_+0Mm60C;`;+eoBl1TDOjFSH6HB
zO?sJ3yMP9<#RY9cV&W3jcucoAjyA_By%!an@2b@bFRjM#)7K|%QaYi@Y$nfQj^}VN
zFtwrna@71<V<wq`V$lV(c{(<p8%~d5gC_-{F3!$d)izm!sHtQYMiyhnuR_99t=%pJ
z`oVDSqMDc(n;gX|1tajZ&aW?`usJv>KWQ~1nOAA|tZA!7*PtRXfab;t$@*zOT@>|a
z34D(LQ%GU0P~I|{^cdb^axDG0@)Jk^w?q9tz)iQ)>AdCgI6WT*9Zu)ZIKCM86UUxE
zbA<lfF<5jA{&&Zb4_!W|>#rREH#a+6($8=C=`FWhF6VYMnydaMVd#O}zt-t9{DIwE
zFZ|ukCc_`tt)S1@_}2cLNV9Q9W<TFOMmaQoxcRix*?G%B@WTn$4(DUH8~`7F+Ih%%
g@RkGM!%w>Yf!n$3mV@Ajr)%1r`#x|0u#WTp0R$I0S^xk5

literal 0
HcmV?d00001

diff --git a/tests/unit/test_authentik.py b/tests/unit/test_authentik.py
new file mode 100644
index 0000000..8e844b6
--- /dev/null
+++ b/tests/unit/test_authentik.py
@@ -0,0 +1,495 @@
+"""Unit tests for Authentik authentication and discovery plugin."""
+
+from unittest.mock import MagicMock, patch
+
+import pytest
+
+from iac_reverse.auth.authentik_auth import (
+    AuthenticationError,
+    AuthentikAuthProvider,
+    AuthentikConfig,
+    AuthentikSession,
+)
+from iac_reverse.auth.authentik_discovery import (
+    AuthentikDiscoveryError,
+    AuthentikDiscoveryPlugin,
+)
+from iac_reverse.models import CpuArchitecture, PlatformCategory, ScanProgress
+
+
+# ---------------------------------------------------------------------------
+# AuthentikAuthProvider tests
+# ---------------------------------------------------------------------------
+
+
+class TestAuthentikAuthProvider:
+    """Tests for AuthentikAuthProvider SSO authentication."""
+
+    def setup_method(self):
+        self.provider = AuthentikAuthProvider()
+        self.config = AuthentikConfig(
+            base_url="https://auth.internal.lab",
+            client_id="iac-reverse-tool",
+            client_secret="test-secret",
+        )
+
+    @patch("iac_reverse.auth.authentik_auth.requests.post")
+    @patch("iac_reverse.auth.authentik_auth.requests.get")
+    def test_authenticate_user_success(self, mock_get, mock_post):
+        """Successful authentication returns a valid session."""
+        mock_post.return_value = MagicMock(
+            status_code=200,
+            json=lambda: {
+                "access_token": "access-123",
+                "refresh_token": "refresh-456",
+            },
+        )
+        mock_get.return_value = MagicMock(
+            status_code=200,
+            json=lambda: {
+                "sub": "user-001",
+                "groups": ["admins", "infra-team"],
+            },
+        )
+
+        session = self.provider.authenticate_user(self.config)
+
+        assert session.access_token == "access-123"
+        assert session.refresh_token == "refresh-456"
+        assert session.user_id == "user-001"
+        assert session.groups == ["admins", "infra-team"]
+
+    @patch("iac_reverse.auth.authentik_auth.requests.post")
+    def test_authenticate_user_failure_status(self, mock_post):
+        """Authentication failure raises AuthenticationError."""
+        mock_post.return_value = MagicMock(
+            status_code=401,
+            text="Invalid client credentials",
+        )
+
+        with pytest.raises(AuthenticationError) as exc_info:
+            self.provider.authenticate_user(self.config)
+
+        assert "Authentik" in str(exc_info.value)
+        assert "401" in str(exc_info.value)
+
+    @patch("iac_reverse.auth.authentik_auth.requests.post")
+    def test_authenticate_user_connection_error(self, mock_post):
+        """Connection error raises AuthenticationError."""
+        import requests
+
+        mock_post.side_effect = requests.ConnectionError("Connection refused")
+
+        with pytest.raises(AuthenticationError) as exc_info:
+            self.provider.authenticate_user(self.config)
+
+        assert "Authentik" in str(exc_info.value)
+        assert "failed to connect" in str(exc_info.value)
+
+    @patch("iac_reverse.auth.authentik_auth.requests.post")
+    @patch("iac_reverse.auth.authentik_auth.requests.get")
+    def test_refresh_session_success(self, mock_get, mock_post):
+        """Successful token refresh returns updated session."""
+        session = AuthentikSession(
+            access_token="old-access",
+            refresh_token="old-refresh",
+            user_id="user-001",
+            groups=["admins"],
+        )
+
+        mock_post.return_value = MagicMock(
+            status_code=200,
+            json=lambda: {
+                "access_token": "new-access-789",
+                "refresh_token": "new-refresh-012",
+            },
+        )
+        mock_get.return_value = MagicMock(
+            status_code=200,
+            json=lambda: {
+                "sub": "user-001",
+                "groups": ["admins", "new-group"],
+            },
+        )
+
+        new_session = self.provider.refresh_session(self.config, session)
+
+        assert new_session.access_token == "new-access-789"
+        assert new_session.refresh_token == "new-refresh-012"
+        assert new_session.user_id == "user-001"
+
+    @patch("iac_reverse.auth.authentik_auth.requests.post")
+    def test_refresh_session_failure(self, mock_post):
+        """Failed refresh raises AuthenticationError."""
+        session = AuthentikSession(
+            access_token="old-access",
+            refresh_token="expired-refresh",
+            user_id="user-001",
+            groups=[],
+        )
+
+        mock_post.return_value = MagicMock(
+            status_code=400,
+            text="Invalid refresh token",
+        )
+
+        with pytest.raises(AuthenticationError) as exc_info:
+            self.provider.refresh_session(self.config, session)
+
+        assert "refresh failed" in str(exc_info.value)
+
+    @patch("iac_reverse.auth.authentik_auth.requests.get")
+    def test_validate_token_valid(self, mock_get):
+        """Valid token returns True."""
+        mock_get.return_value = MagicMock(status_code=200)
+
+        result = self.provider.validate_token(self.config, "valid-token")
+
+        assert result is True
+
+    @patch("iac_reverse.auth.authentik_auth.requests.get")
+    def test_validate_token_invalid(self, mock_get):
+        """Invalid token returns False."""
+        mock_get.return_value = MagicMock(status_code=401)
+
+        result = self.provider.validate_token(self.config, "invalid-token")
+
+        assert result is False
+
+    @patch("iac_reverse.auth.authentik_auth.requests.get")
+    def test_validate_token_connection_error(self, mock_get):
+        """Connection error during validation returns False."""
+        import requests
+
+        mock_get.side_effect = requests.ConnectionError("timeout")
+
+        result = self.provider.validate_token(self.config, "some-token")
+
+        assert result is False
+
+
+# ---------------------------------------------------------------------------
+# AuthentikDiscoveryPlugin tests
+# ---------------------------------------------------------------------------
+
+
+class TestAuthentikDiscoveryPlugin:
+    """Tests for AuthentikDiscoveryPlugin resource discovery."""
+
+    def setup_method(self):
+        self.plugin = AuthentikDiscoveryPlugin()
+        self.credentials = {
+            "base_url": "https://auth.internal.lab",
+            "api_token": "test-api-token",
+        }
+
+    def test_get_platform_category(self):
+        """Plugin returns CONTAINER_ORCHESTRATION category."""
+        assert self.plugin.get_platform_category() == PlatformCategory.CONTAINER_ORCHESTRATION
+
+    def test_list_supported_resource_types(self):
+        """Plugin lists all expected Authentik resource types."""
+        types = self.plugin.list_supported_resource_types()
+
+        expected = [
+            "authentik_flow",
+            "authentik_stage",
+            "authentik_provider",
+            "authentik_application",
+            "authentik_outpost",
+            "authentik_property_mapping",
+            "authentik_certificate",
+            "authentik_group",
+            "authentik_source",
+        ]
+        assert types == expected
+
+    def test_detect_architecture_defaults_to_amd64(self):
+        """Architecture detection defaults to AMD64."""
+        arch = self.plugin.detect_architecture("https://auth.internal.lab")
+        assert arch == CpuArchitecture.AMD64
+
+    def test_list_endpoints_before_auth(self):
+        """Endpoints list is empty before authentication."""
+        assert self.plugin.list_endpoints() == []
+
+    @patch("iac_reverse.auth.authentik_discovery.requests.get")
+    def test_authenticate_success(self, mock_get):
+        """Successful authentication sets internal state."""
+        mock_get.return_value = MagicMock(status_code=200, json=lambda: {"results": []})
+
+        self.plugin.authenticate(self.credentials)
+
+        assert self.plugin.list_endpoints() == ["https://auth.internal.lab"]
+
+    @patch("iac_reverse.auth.authentik_discovery.requests.get")
+    def test_authenticate_invalid_token(self, mock_get):
+        """Invalid API token raises AuthentikDiscoveryError."""
+        mock_get.return_value = MagicMock(status_code=401)
+
+        with pytest.raises(AuthentikDiscoveryError) as exc_info:
+            self.plugin.authenticate(self.credentials)
+
+        assert "invalid API token" in str(exc_info.value)
+
+    def test_authenticate_missing_base_url(self):
+        """Missing base_url raises AuthentikDiscoveryError."""
+        with pytest.raises(AuthentikDiscoveryError) as exc_info:
+            self.plugin.authenticate({"api_token": "token"})
+
+        assert "base_url" in str(exc_info.value)
+
+    def test_authenticate_missing_api_token(self):
+        """Missing api_token raises AuthentikDiscoveryError."""
+        with pytest.raises(AuthentikDiscoveryError) as exc_info:
+            self.plugin.authenticate({"base_url": "https://auth.lab"})
+
+        assert "api_token" in str(exc_info.value)
+
+    @patch("iac_reverse.auth.authentik_discovery.requests.get")
+    def test_authenticate_connection_error(self, mock_get):
+        """Connection error during auth raises AuthentikDiscoveryError."""
+        import requests
+
+        mock_get.side_effect = requests.ConnectionError("refused")
+
+        with pytest.raises(AuthentikDiscoveryError) as exc_info:
+            self.plugin.authenticate(self.credentials)
+
+        assert "failed to connect" in str(exc_info.value)
+
+    def test_discover_resources_without_auth(self):
+        """Discovering without authentication raises error."""
+        with pytest.raises(AuthentikDiscoveryError) as exc_info:
+            self.plugin.discover_resources(
+                ["https://auth.lab"],
+                ["authentik_flow"],
+                lambda p: None,
+            )
+
+        assert "must authenticate" in str(exc_info.value)
+
+    @patch("iac_reverse.auth.authentik_discovery.requests.get")
+    def test_discover_resources_flows(self, mock_get):
+        """Discovers Authentik flows from the API."""
+        # First call is for authentication check
+        auth_response = MagicMock(status_code=200, json=lambda: {"results": []})
+
+        # Second call is for flow discovery
+        flow_response = MagicMock(
+            status_code=200,
+            json=lambda: {
+                "results": [
+                    {
+                        "pk": "flow-uuid-1",
+                        "name": "default-authentication-flow",
+                        "slug": "default-authentication-flow",
+                        "stages": ["stage-1", "stage-2"],
+                    },
+                    {
+                        "pk": "flow-uuid-2",
+                        "name": "default-enrollment-flow",
+                        "slug": "default-enrollment-flow",
+                        "stages": ["stage-3"],
+                    },
+                ],
+                "pagination": {"next": 0, "count": 2},
+            },
+        )
+
+        mock_get.side_effect = [auth_response, flow_response]
+
+        self.plugin.authenticate(self.credentials)
+
+        progress_updates: list[ScanProgress] = []
+        result = self.plugin.discover_resources(
+            ["https://auth.internal.lab"],
+            ["authentik_flow"],
+            lambda p: progress_updates.append(p),
+        )
+
+        assert len(result.resources) == 2
+        assert result.resources[0].resource_type == "authentik_flow"
+        assert result.resources[0].name == "default-authentication-flow"
+        assert result.resources[0].unique_id == "authentik/authentik_flow/flow-uuid-1"
+        assert "stage-1" in result.resources[0].raw_references
+        assert len(result.warnings) == 0
+        assert len(result.errors) == 0
+
+    @patch("iac_reverse.auth.authentik_discovery.requests.get")
+    def test_discover_resources_multiple_types(self, mock_get):
+        """Discovers multiple resource types in one call."""
+        auth_response = MagicMock(status_code=200, json=lambda: {"results": []})
+
+        app_response = MagicMock(
+            status_code=200,
+            json=lambda: {
+                "results": [
+                    {
+                        "pk": "app-1",
+                        "name": "grafana",
+                        "slug": "grafana",
+                        "provider": "provider-1",
+                    }
+                ],
+                "pagination": {"next": 0, "count": 1},
+            },
+        )
+
+        group_response = MagicMock(
+            status_code=200,
+            json=lambda: {
+                "results": [
+                    {"pk": "group-1", "name": "admins"},
+                    {"pk": "group-2", "name": "users"},
+                ],
+                "pagination": {"next": 0, "count": 2},
+            },
+        )
+
+        mock_get.side_effect = [auth_response, app_response, group_response]
+
+        self.plugin.authenticate(self.credentials)
+
+        result = self.plugin.discover_resources(
+            ["https://auth.internal.lab"],
+            ["authentik_application", "authentik_group"],
+            lambda p: None,
+        )
+
+        assert len(result.resources) == 3
+        app_resources = [r for r in result.resources if r.resource_type == "authentik_application"]
+        group_resources = [r for r in result.resources if r.resource_type == "authentik_group"]
+        assert len(app_resources) == 1
+        assert len(group_resources) == 2
+
+    @patch("iac_reverse.auth.authentik_discovery.requests.get")
+    def test_discover_resources_unsupported_type_warning(self, mock_get):
+        """Unsupported resource type produces a warning."""
+        auth_response = MagicMock(status_code=200, json=lambda: {"results": []})
+        mock_get.side_effect = [auth_response]
+
+        self.plugin.authenticate(self.credentials)
+
+        result = self.plugin.discover_resources(
+            ["https://auth.internal.lab"],
+            ["authentik_nonexistent"],
+            lambda p: None,
+        )
+
+        assert len(result.resources) == 0
+        assert len(result.warnings) == 1
+        assert "Unsupported" in result.warnings[0]
+
+    @patch("iac_reverse.auth.authentik_discovery.requests.get")
+    def test_discover_resources_api_error(self, mock_get):
+        """API error during discovery is captured in errors list."""
+        auth_response = MagicMock(status_code=200, json=lambda: {"results": []})
+        error_response = MagicMock(status_code=500)
+
+        mock_get.side_effect = [auth_response, error_response]
+
+        self.plugin.authenticate(self.credentials)
+
+        result = self.plugin.discover_resources(
+            ["https://auth.internal.lab"],
+            ["authentik_flow"],
+            lambda p: None,
+        )
+
+        assert len(result.resources) == 0
+        assert len(result.errors) == 1
+        assert "authentik_flow" in result.errors[0]
+
+    @patch("iac_reverse.auth.authentik_discovery.requests.get")
+    def test_discover_resources_pagination(self, mock_get):
+        """Handles paginated API responses correctly."""
+        auth_response = MagicMock(status_code=200, json=lambda: {"results": []})
+
+        page1_response = MagicMock(
+            status_code=200,
+            json=lambda: {
+                "results": [{"pk": "cert-1", "name": "cert-one"}],
+                "pagination": {"next": 2, "count": 2},
+            },
+        )
+        page2_response = MagicMock(
+            status_code=200,
+            json=lambda: {
+                "results": [{"pk": "cert-2", "name": "cert-two"}],
+                "pagination": {"next": 0, "count": 2},
+            },
+        )
+
+        mock_get.side_effect = [auth_response, page1_response, page2_response]
+
+        self.plugin.authenticate(self.credentials)
+
+        result = self.plugin.discover_resources(
+            ["https://auth.internal.lab"],
+            ["authentik_certificate"],
+            lambda p: None,
+        )
+
+        assert len(result.resources) == 2
+        assert result.resources[0].name == "cert-one"
+        assert result.resources[1].name == "cert-two"
+
+    @patch("iac_reverse.auth.authentik_discovery.requests.get")
+    def test_discover_resources_progress_callback(self, mock_get):
+        """Progress callback is invoked correctly during discovery."""
+        auth_response = MagicMock(status_code=200, json=lambda: {"results": []})
+        empty_response = MagicMock(
+            status_code=200,
+            json=lambda: {"results": [], "pagination": {"next": 0, "count": 0}},
+        )
+
+        mock_get.side_effect = [auth_response, empty_response, empty_response]
+
+        self.plugin.authenticate(self.credentials)
+
+        progress_updates: list[ScanProgress] = []
+        self.plugin.discover_resources(
+            ["https://auth.internal.lab"],
+            ["authentik_flow", "authentik_stage"],
+            lambda p: progress_updates.append(p),
+        )
+
+        # Should have progress for each type + final "complete"
+        assert len(progress_updates) == 3
+        assert progress_updates[0].current_resource_type == "authentik_flow"
+        assert progress_updates[1].current_resource_type == "authentik_stage"
+        assert progress_updates[2].current_resource_type == "complete"
+
+    @patch("iac_reverse.auth.authentik_discovery.requests.get")
+    def test_extract_references_from_resource(self, mock_get):
+        """References are extracted from API response fields."""
+        auth_response = MagicMock(status_code=200, json=lambda: {"results": []})
+        app_response = MagicMock(
+            status_code=200,
+            json=lambda: {
+                "results": [
+                    {
+                        "pk": "app-1",
+                        "name": "my-app",
+                        "provider": "provider-uuid-1",
+                        "group": "group-uuid-1",
+                    }
+                ],
+                "pagination": {"next": 0, "count": 1},
+            },
+        )
+
+        mock_get.side_effect = [auth_response, app_response]
+
+        self.plugin.authenticate(self.credentials)
+
+        result = self.plugin.discover_resources(
+            ["https://auth.internal.lab"],
+            ["authentik_application"],
+            lambda p: None,
+        )
+
+        refs = result.resources[0].raw_references
+        assert "provider-uuid-1" in refs
+        assert "group-uuid-1" in refs
diff --git a/tests/unit/test_bare_metal_plugin.py b/tests/unit/test_bare_metal_plugin.py
new file mode 100644
index 0000000..12d57fb
--- /dev/null
+++ b/tests/unit/test_bare_metal_plugin.py
@@ -0,0 +1,664 @@
+"""Unit tests for the BareMetalPlugin provider plugin."""
+
+from unittest.mock import MagicMock, patch
+
+import pytest
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    PlatformCategory,
+    ProviderType,
+    ScanProgress,
+)
+from iac_reverse.scanner import AuthenticationError
+from iac_reverse.scanner.bare_metal_plugin import BareMetalPlugin
+
+
+class TestBareMetalPluginInterface:
+    """Tests for basic plugin interface compliance."""
+
+    def test_implements_provider_plugin(self):
+        """BareMetalPlugin can be instantiated (implements all abstract methods)."""
+        plugin = BareMetalPlugin()
+        assert plugin is not None
+
+    def test_get_platform_category(self):
+        """Returns PlatformCategory.BARE_METAL."""
+        plugin = BareMetalPlugin()
+        assert plugin.get_platform_category() == PlatformCategory.BARE_METAL
+
+    def test_list_supported_resource_types(self):
+        """Returns the expected bare metal resource types."""
+        plugin = BareMetalPlugin()
+        expected = [
+            "bare_metal_hardware",
+            "bare_metal_bmc_config",
+            "bare_metal_network_interface",
+            "bare_metal_raid_config",
+        ]
+        assert plugin.list_supported_resource_types() == expected
+
+    def test_list_endpoints_before_auth(self):
+        """Returns empty list before authentication."""
+        plugin = BareMetalPlugin()
+        assert plugin.list_endpoints() == []
+
+
+class TestBareMetalAuthentication:
+    """Tests for BMC authentication via Redfish."""
+
+    @patch("iac_reverse.scanner.bare_metal_plugin.requests.Session")
+    def test_authenticate_success(self, mock_session_cls):
+        """Successful authentication stores session and sets base URL."""
+        mock_session = MagicMock()
+        mock_session_cls.return_value = mock_session
+
+        mock_response = MagicMock()
+        mock_response.status_code = 201
+        mock_response.headers = {"X-Auth-Token": "test-token-123"}
+        mock_session.post.return_value = mock_response
+
+        plugin = BareMetalPlugin()
+        plugin.authenticate({
+            "host": "192.168.1.100",
+            "username": "admin",
+            "password": "secret",
+        })
+
+        assert plugin._host == "192.168.1.100"
+        assert plugin._base_url == "https://192.168.1.100:443"
+        assert plugin._session is not None
+        mock_session.post.assert_called_once()
+
+    @patch("iac_reverse.scanner.bare_metal_plugin.requests.Session")
+    def test_authenticate_custom_port(self, mock_session_cls):
+        """Authentication uses custom port when specified."""
+        mock_session = MagicMock()
+        mock_session_cls.return_value = mock_session
+
+        mock_response = MagicMock()
+        mock_response.status_code = 200
+        mock_response.headers = {"X-Auth-Token": "token"}
+        mock_session.post.return_value = mock_response
+
+        plugin = BareMetalPlugin()
+        plugin.authenticate({
+            "host": "10.0.0.1",
+            "username": "admin",
+            "password": "pass",
+            "port": "8443",
+        })
+
+        assert plugin._base_url == "https://10.0.0.1:8443"
+
+    @patch("iac_reverse.scanner.bare_metal_plugin.requests.Session")
+    def test_authenticate_no_ssl(self, mock_session_cls):
+        """Authentication uses HTTP when use_ssl is false."""
+        mock_session = MagicMock()
+        mock_session_cls.return_value = mock_session
+
+        mock_response = MagicMock()
+        mock_response.status_code = 200
+        mock_response.headers = {"X-Auth-Token": "token"}
+        mock_session.post.return_value = mock_response
+
+        plugin = BareMetalPlugin()
+        plugin.authenticate({
+            "host": "10.0.0.1",
+            "username": "admin",
+            "password": "pass",
+            "use_ssl": "false",
+        })
+
+        assert plugin._base_url == "http://10.0.0.1:443"
+
+    def test_authenticate_missing_host(self):
+        """Raises AuthenticationError when host is missing."""
+        plugin = BareMetalPlugin()
+        with pytest.raises(AuthenticationError) as exc_info:
+            plugin.authenticate({"username": "admin", "password": "pass"})
+        assert "Missing required credentials" in str(exc_info.value)
+
+    def test_authenticate_missing_username(self):
+        """Raises AuthenticationError when username is missing."""
+        plugin = BareMetalPlugin()
+        with pytest.raises(AuthenticationError):
+            plugin.authenticate({"host": "10.0.0.1", "password": "pass"})
+
+    def test_authenticate_missing_password(self):
+        """Raises AuthenticationError when password is missing."""
+        plugin = BareMetalPlugin()
+        with pytest.raises(AuthenticationError):
+            plugin.authenticate({"host": "10.0.0.1", "username": "admin"})
+
+    @patch("iac_reverse.scanner.bare_metal_plugin.requests.Session")
+    def test_authenticate_401_unauthorized(self, mock_session_cls):
+        """Raises AuthenticationError on HTTP 401."""
+        mock_session = MagicMock()
+        mock_session_cls.return_value = mock_session
+
+        mock_response = MagicMock()
+        mock_response.status_code = 401
+        mock_session.post.return_value = mock_response
+
+        plugin = BareMetalPlugin()
+        with pytest.raises(AuthenticationError) as exc_info:
+            plugin.authenticate({
+                "host": "10.0.0.1",
+                "username": "admin",
+                "password": "wrong",
+            })
+        assert "Invalid credentials" in str(exc_info.value)
+
+    @patch("iac_reverse.scanner.bare_metal_plugin.requests.Session")
+    def test_authenticate_connection_error(self, mock_session_cls):
+        """Raises AuthenticationError on connection failure."""
+        import requests
+
+        mock_session = MagicMock()
+        mock_session_cls.return_value = mock_session
+        mock_session.post.side_effect = requests.exceptions.ConnectionError(
+            "Connection refused"
+        )
+
+        plugin = BareMetalPlugin()
+        with pytest.raises(AuthenticationError) as exc_info:
+            plugin.authenticate({
+                "host": "unreachable.host",
+                "username": "admin",
+                "password": "pass",
+            })
+        assert "Cannot connect" in str(exc_info.value)
+
+    @patch("iac_reverse.scanner.bare_metal_plugin.requests.Session")
+    def test_authenticate_timeout(self, mock_session_cls):
+        """Raises AuthenticationError on timeout."""
+        import requests
+
+        mock_session = MagicMock()
+        mock_session_cls.return_value = mock_session
+        mock_session.post.side_effect = requests.exceptions.Timeout("Timed out")
+
+        plugin = BareMetalPlugin()
+        with pytest.raises(AuthenticationError) as exc_info:
+            plugin.authenticate({
+                "host": "slow.host",
+                "username": "admin",
+                "password": "pass",
+            })
+        assert "timed out" in str(exc_info.value)
+
+    @patch("iac_reverse.scanner.bare_metal_plugin.requests.Session")
+    def test_list_endpoints_after_auth(self, mock_session_cls):
+        """Returns host as endpoint after successful authentication."""
+        mock_session = MagicMock()
+        mock_session_cls.return_value = mock_session
+
+        mock_response = MagicMock()
+        mock_response.status_code = 201
+        mock_response.headers = {"X-Auth-Token": "token"}
+        mock_session.post.return_value = mock_response
+
+        plugin = BareMetalPlugin()
+        plugin.authenticate({
+            "host": "192.168.1.50",
+            "username": "admin",
+            "password": "pass",
+        })
+
+        assert plugin.list_endpoints() == ["192.168.1.50"]
+
+
+class TestBareMetalArchitectureDetection:
+    """Tests for CPU architecture detection via Redfish."""
+
+    def test_detect_architecture_no_session(self):
+        """Returns AMD64 default when no session is available."""
+        plugin = BareMetalPlugin()
+        assert plugin.detect_architecture("10.0.0.1") == CpuArchitecture.AMD64
+
+    @patch("iac_reverse.scanner.bare_metal_plugin.requests.Session")
+    def test_detect_architecture_amd64(self, mock_session_cls):
+        """Detects AMD64 architecture from processor data."""
+        plugin = BareMetalPlugin()
+        mock_session = MagicMock()
+        plugin._session = mock_session
+        plugin._base_url = "https://10.0.0.1:443"
+
+        # Mock processors collection response
+        proc_collection_response = MagicMock()
+        proc_collection_response.status_code = 200
+        proc_collection_response.json.return_value = {
+            "Members": [{"@odata.id": "/redfish/v1/Systems/1/Processors/CPU.1"}]
+        }
+
+        # Mock individual processor response
+        proc_response = MagicMock()
+        proc_response.status_code = 200
+        proc_response.json.return_value = {
+            "InstructionSet": "x86-64",
+            "Model": "Intel Xeon E5-2680 v4",
+        }
+
+        mock_session.get.side_effect = [proc_collection_response, proc_response]
+
+        result = plugin.detect_architecture("10.0.0.1")
+        assert result == CpuArchitecture.AMD64
+
+    @patch("iac_reverse.scanner.bare_metal_plugin.requests.Session")
+    def test_detect_architecture_aarch64(self, mock_session_cls):
+        """Detects AARCH64 architecture from processor data."""
+        plugin = BareMetalPlugin()
+        mock_session = MagicMock()
+        plugin._session = mock_session
+        plugin._base_url = "https://10.0.0.1:443"
+
+        proc_collection_response = MagicMock()
+        proc_collection_response.status_code = 200
+        proc_collection_response.json.return_value = {
+            "Members": [{"@odata.id": "/redfish/v1/Systems/1/Processors/CPU.1"}]
+        }
+
+        proc_response = MagicMock()
+        proc_response.status_code = 200
+        proc_response.json.return_value = {
+            "InstructionSet": "AArch64",
+            "Model": "Ampere Altra Q80-30",
+        }
+
+        mock_session.get.side_effect = [proc_collection_response, proc_response]
+
+        result = plugin.detect_architecture("10.0.0.1")
+        assert result == CpuArchitecture.AARCH64
+
+    @patch("iac_reverse.scanner.bare_metal_plugin.requests.Session")
+    def test_detect_architecture_arm_from_model(self, mock_session_cls):
+        """Detects ARM architecture from model string."""
+        plugin = BareMetalPlugin()
+        mock_session = MagicMock()
+        plugin._session = mock_session
+        plugin._base_url = "https://10.0.0.1:443"
+
+        proc_collection_response = MagicMock()
+        proc_collection_response.status_code = 200
+        proc_collection_response.json.return_value = {
+            "Members": [{"@odata.id": "/redfish/v1/Systems/1/Processors/CPU.1"}]
+        }
+
+        proc_response = MagicMock()
+        proc_response.status_code = 200
+        proc_response.json.return_value = {
+            "InstructionSet": "",
+            "Model": "ARM Cortex-A53",
+        }
+
+        mock_session.get.side_effect = [proc_collection_response, proc_response]
+
+        result = plugin.detect_architecture("10.0.0.1")
+        assert result == CpuArchitecture.ARM
+
+    @patch("iac_reverse.scanner.bare_metal_plugin.requests.Session")
+    def test_detect_architecture_fallback_on_error(self, mock_session_cls):
+        """Falls back to AMD64 on request error."""
+        plugin = BareMetalPlugin()
+        mock_session = MagicMock()
+        plugin._session = mock_session
+        plugin._base_url = "https://10.0.0.1:443"
+
+        mock_session.get.side_effect = Exception("Network error")
+
+        result = plugin.detect_architecture("10.0.0.1")
+        assert result == CpuArchitecture.AMD64
+
+
+class TestBareMetalDiscoverResources:
+    """Tests for resource discovery via Redfish."""
+
+    def _make_authenticated_plugin(self):
+        """Create a plugin with a mocked session."""
+        plugin = BareMetalPlugin()
+        plugin._session = MagicMock()
+        plugin._base_url = "https://10.0.0.1:443"
+        plugin._host = "10.0.0.1"
+        return plugin
+
+    def test_discover_hardware(self):
+        """Discovers hardware inventory from /redfish/v1/Systems/1."""
+        plugin = self._make_authenticated_plugin()
+
+        # Mock processor detection (for architecture)
+        proc_collection = MagicMock()
+        proc_collection.status_code = 200
+        proc_collection.json.return_value = {
+            "Members": [{"@odata.id": "/redfish/v1/Systems/1/Processors/CPU.1"}]
+        }
+        proc_detail = MagicMock()
+        proc_detail.status_code = 200
+        proc_detail.json.return_value = {
+            "InstructionSet": "x86-64",
+            "Model": "Intel Xeon",
+        }
+
+        # Mock system response
+        system_response = MagicMock()
+        system_response.status_code = 200
+        system_response.json.return_value = {
+            "Id": "System.Embedded.1",
+            "Name": "Dell PowerEdge R740",
+            "Manufacturer": "Dell Inc.",
+            "Model": "PowerEdge R740",
+            "SerialNumber": "ABC123",
+            "SKU": "R740",
+            "BiosVersion": "2.12.2",
+            "MemorySummary": {"TotalSystemMemoryGiB": 256},
+            "ProcessorSummary": {"Count": 2, "Model": "Intel Xeon Gold 6248"},
+            "PowerState": "On",
+            "Status": {"State": "Enabled", "Health": "OK"},
+        }
+
+        plugin._session.get.side_effect = [
+            proc_collection, proc_detail, system_response
+        ]
+
+        progress_calls = []
+        result = plugin.discover_resources(
+            endpoints=["10.0.0.1"],
+            resource_types=["bare_metal_hardware"],
+            progress_callback=lambda p: progress_calls.append(p),
+        )
+
+        assert len(result.resources) == 1
+        resource = result.resources[0]
+        assert resource.resource_type == "bare_metal_hardware"
+        assert resource.unique_id == "10.0.0.1:System.Embedded.1"
+        assert resource.name == "Dell PowerEdge R740"
+        assert resource.provider == ProviderType.BARE_METAL
+        assert resource.platform_category == PlatformCategory.BARE_METAL
+        assert resource.architecture == CpuArchitecture.AMD64
+        assert resource.attributes["manufacturer"] == "Dell Inc."
+        assert resource.attributes["total_memory_gib"] == 256
+        assert resource.attributes["processor_count"] == 2
+        assert len(progress_calls) == 1
+
+    def test_discover_bmc_config(self):
+        """Discovers BMC configuration from /redfish/v1/Managers/1."""
+        plugin = self._make_authenticated_plugin()
+
+        # Mock processor detection
+        proc_collection = MagicMock()
+        proc_collection.status_code = 200
+        proc_collection.json.return_value = {"Members": []}
+
+        # Mock manager response
+        manager_response = MagicMock()
+        manager_response.status_code = 200
+        manager_response.json.return_value = {
+            "Id": "iDRAC.Embedded.1",
+            "Name": "iDRAC Manager",
+            "ManagerType": "BMC",
+            "FirmwareVersion": "5.10.50.00",
+            "Model": "iDRAC9",
+            "Status": {"State": "Enabled", "Health": "OK"},
+            "UUID": "abc-def-123",
+        }
+
+        plugin._session.get.side_effect = [proc_collection, manager_response]
+
+        result = plugin.discover_resources(
+            endpoints=["10.0.0.1"],
+            resource_types=["bare_metal_bmc_config"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.resources) == 1
+        resource = result.resources[0]
+        assert resource.resource_type == "bare_metal_bmc_config"
+        assert resource.unique_id == "10.0.0.1:iDRAC.Embedded.1"
+        assert resource.attributes["firmware_version"] == "5.10.50.00"
+        assert resource.attributes["manager_type"] == "BMC"
+
+    def test_discover_network_interfaces(self):
+        """Discovers network interfaces from Redfish EthernetInterfaces."""
+        plugin = self._make_authenticated_plugin()
+
+        # Mock processor detection
+        proc_collection = MagicMock()
+        proc_collection.status_code = 200
+        proc_collection.json.return_value = {"Members": []}
+
+        # Mock NIC collection
+        nic_collection = MagicMock()
+        nic_collection.status_code = 200
+        nic_collection.json.return_value = {
+            "Members": [
+                {"@odata.id": "/redfish/v1/Systems/1/EthernetInterfaces/NIC.1"},
+                {"@odata.id": "/redfish/v1/Systems/1/EthernetInterfaces/NIC.2"},
+            ]
+        }
+
+        # Mock individual NIC responses
+        nic1_response = MagicMock()
+        nic1_response.status_code = 200
+        nic1_response.json.return_value = {
+            "Id": "NIC.Integrated.1-1",
+            "Name": "Ethernet Interface 1",
+            "MACAddress": "AA:BB:CC:DD:EE:01",
+            "SpeedMbps": 10000,
+            "Status": {"State": "Enabled", "Health": "OK"},
+            "IPv4Addresses": [{"Address": "192.168.1.10"}],
+            "IPv6Addresses": [],
+            "LinkStatus": "LinkUp",
+            "AutoNeg": True,
+        }
+
+        nic2_response = MagicMock()
+        nic2_response.status_code = 200
+        nic2_response.json.return_value = {
+            "Id": "NIC.Integrated.1-2",
+            "Name": "Ethernet Interface 2",
+            "MACAddress": "AA:BB:CC:DD:EE:02",
+            "SpeedMbps": 1000,
+            "Status": {"State": "Enabled", "Health": "OK"},
+            "IPv4Addresses": [],
+            "IPv6Addresses": [],
+            "LinkStatus": "LinkDown",
+            "AutoNeg": True,
+        }
+
+        plugin._session.get.side_effect = [
+            proc_collection, nic_collection, nic1_response, nic2_response
+        ]
+
+        result = plugin.discover_resources(
+            endpoints=["10.0.0.1"],
+            resource_types=["bare_metal_network_interface"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.resources) == 2
+        assert result.resources[0].attributes["mac_address"] == "AA:BB:CC:DD:EE:01"
+        assert result.resources[0].attributes["speed_mbps"] == 10000
+        assert result.resources[1].attributes["mac_address"] == "AA:BB:CC:DD:EE:02"
+
+    def test_discover_raid_config(self):
+        """Discovers RAID configuration from Redfish Storage."""
+        plugin = self._make_authenticated_plugin()
+
+        # Mock processor detection
+        proc_collection = MagicMock()
+        proc_collection.status_code = 200
+        proc_collection.json.return_value = {"Members": []}
+
+        # Mock storage collection
+        storage_collection = MagicMock()
+        storage_collection.status_code = 200
+        storage_collection.json.return_value = {
+            "Members": [
+                {"@odata.id": "/redfish/v1/Systems/1/Storage/RAID.Integrated.1-1"}
+            ]
+        }
+
+        # Mock storage controller detail
+        storage_detail = MagicMock()
+        storage_detail.status_code = 200
+        storage_detail.json.return_value = {
+            "Id": "RAID.Integrated.1-1",
+            "Name": "PERC H740P Mini",
+            "StorageControllers": [{"Name": "PERC H740P Mini"}],
+            "Drives": [
+                {"@odata.id": "/redfish/v1/Systems/1/Storage/Drives/Disk.0"},
+                {"@odata.id": "/redfish/v1/Systems/1/Storage/Drives/Disk.1"},
+            ],
+            "Volumes": {
+                "@odata.id": "/redfish/v1/Systems/1/Storage/RAID.Integrated.1-1/Volumes"
+            },
+            "Status": {"State": "Enabled", "Health": "OK"},
+        }
+
+        # Mock volumes collection
+        volumes_response = MagicMock()
+        volumes_response.status_code = 200
+        volumes_response.json.return_value = {
+            "Members": [
+                {"@odata.id": "/redfish/v1/Systems/1/Storage/Volumes/Disk.Virtual.0"}
+            ]
+        }
+
+        plugin._session.get.side_effect = [
+            proc_collection, storage_collection, storage_detail, volumes_response
+        ]
+
+        result = plugin.discover_resources(
+            endpoints=["10.0.0.1"],
+            resource_types=["bare_metal_raid_config"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.resources) == 1
+        resource = result.resources[0]
+        assert resource.resource_type == "bare_metal_raid_config"
+        assert resource.attributes["drive_count"] == 2
+        assert len(resource.attributes["volumes"]) == 1
+        assert resource.attributes["storage_controllers"] == ["PERC H740P Mini"]
+
+    def test_discover_multiple_resource_types(self):
+        """Discovers multiple resource types in a single call."""
+        plugin = self._make_authenticated_plugin()
+
+        # Mock processor detection
+        proc_collection = MagicMock()
+        proc_collection.status_code = 200
+        proc_collection.json.return_value = {"Members": []}
+
+        # Mock system response
+        system_response = MagicMock()
+        system_response.status_code = 200
+        system_response.json.return_value = {
+            "Id": "System.1",
+            "Name": "Server",
+            "Manufacturer": "Dell",
+            "Model": "R740",
+        }
+
+        # Mock manager response
+        manager_response = MagicMock()
+        manager_response.status_code = 200
+        manager_response.json.return_value = {
+            "Id": "BMC.1",
+            "Name": "BMC",
+            "ManagerType": "BMC",
+            "FirmwareVersion": "1.0",
+        }
+
+        plugin._session.get.side_effect = [
+            proc_collection, system_response, manager_response
+        ]
+
+        progress_calls = []
+        result = plugin.discover_resources(
+            endpoints=["10.0.0.1"],
+            resource_types=["bare_metal_hardware", "bare_metal_bmc_config"],
+            progress_callback=lambda p: progress_calls.append(p),
+        )
+
+        assert len(result.resources) == 2
+        assert len(progress_calls) == 2
+        assert progress_calls[0].resource_types_completed == 1
+        assert progress_calls[1].resource_types_completed == 2
+
+    def test_discover_handles_errors_gracefully(self):
+        """Errors during discovery are captured, not raised."""
+        plugin = self._make_authenticated_plugin()
+
+        # Mock processor detection that raises - this causes detect_architecture
+        # to fail, which is caught internally. Then the resource handler also
+        # needs to raise to trigger the error capture in discover_resources.
+        plugin._session.get.side_effect = Exception("Server unreachable")
+
+        # Patch _discover_resource_type to raise so the outer handler catches it
+        with patch.object(
+            plugin, "_discover_resource_type", side_effect=Exception("Server unreachable")
+        ):
+            result = plugin.discover_resources(
+                endpoints=["10.0.0.1"],
+                resource_types=["bare_metal_hardware"],
+                progress_callback=lambda p: None,
+            )
+
+        assert len(result.resources) == 0
+        assert len(result.errors) == 1
+        assert "Server unreachable" in result.errors[0]
+
+    def test_discover_unsupported_resource_type(self):
+        """Unsupported resource types return empty results without error."""
+        plugin = self._make_authenticated_plugin()
+
+        # Mock processor detection
+        proc_collection = MagicMock()
+        proc_collection.status_code = 200
+        proc_collection.json.return_value = {"Members": []}
+
+        plugin._session.get.side_effect = [proc_collection]
+
+        result = plugin.discover_resources(
+            endpoints=["10.0.0.1"],
+            resource_types=["unknown_type"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.resources) == 0
+        assert len(result.errors) == 0
+
+
+class TestParseArchitecture:
+    """Tests for the _parse_architecture static method."""
+
+    def test_x86_64_instruction_set(self):
+        assert BareMetalPlugin._parse_architecture(
+            {"InstructionSet": "x86-64", "Model": "Intel Xeon"}
+        ) == CpuArchitecture.AMD64
+
+    def test_aarch64_instruction_set(self):
+        assert BareMetalPlugin._parse_architecture(
+            {"InstructionSet": "AArch64", "Model": "Ampere"}
+        ) == CpuArchitecture.AARCH64
+
+    def test_arm_instruction_set(self):
+        assert BareMetalPlugin._parse_architecture(
+            {"InstructionSet": "ARM", "Model": "Cortex"}
+        ) == CpuArchitecture.AARCH64
+
+    def test_arm_model_32bit(self):
+        assert BareMetalPlugin._parse_architecture(
+            {"InstructionSet": "", "Model": "ARM Cortex-A7"}
+        ) == CpuArchitecture.ARM
+
+    def test_arm_model_64bit(self):
+        assert BareMetalPlugin._parse_architecture(
+            {"InstructionSet": "", "Model": "ARM v8 Processor"}
+        ) == CpuArchitecture.AARCH64
+
+    def test_empty_data_defaults_amd64(self):
+        assert BareMetalPlugin._parse_architecture(
+            {"InstructionSet": "", "Model": ""}
+        ) == CpuArchitecture.AMD64
diff --git a/tests/unit/test_change_detector.py b/tests/unit/test_change_detector.py
new file mode 100644
index 0000000..aa8468d
--- /dev/null
+++ b/tests/unit/test_change_detector.py
@@ -0,0 +1,335 @@
+"""Unit tests for the ChangeDetector class."""
+
+import pytest
+
+from iac_reverse.incremental.change_detector import ChangeDetector
+from iac_reverse.models import (
+    ChangeSummary,
+    ChangeType,
+    CpuArchitecture,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ScanResult,
+)
+
+
+def _make_resource(
+    unique_id: str = "res-1",
+    name: str = "test-resource",
+    resource_type: str = "kubernetes_deployment",
+    attributes: dict | None = None,
+) -> DiscoveredResource:
+    """Create a sample DiscoveredResource for testing."""
+    return DiscoveredResource(
+        resource_type=resource_type,
+        unique_id=unique_id,
+        name=name,
+        provider=ProviderType.KUBERNETES,
+        platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+        architecture=CpuArchitecture.AMD64,
+        endpoint="https://k8s-api.internal.lab:6443",
+        attributes=attributes if attributes is not None else {"replicas": 3},
+    )
+
+
+def _make_scan_result(
+    resources: list[DiscoveredResource] | None = None,
+) -> ScanResult:
+    """Create a sample ScanResult for testing."""
+    return ScanResult(
+        resources=resources if resources is not None else [],
+        warnings=[],
+        errors=[],
+        scan_timestamp="2024-01-15T10:30:00Z",
+        profile_hash="abc123",
+    )
+
+
+class TestNoChanges:
+    """Tests for identical scans producing no changes."""
+
+    def test_identical_scans_produce_no_changes(self) -> None:
+        """Comparing identical scans returns empty change summary."""
+        resource = _make_resource(unique_id="res-1", attributes={"replicas": 3})
+        current = _make_scan_result(resources=[resource])
+        previous = _make_scan_result(resources=[resource])
+
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous)
+
+        assert summary.added_count == 0
+        assert summary.removed_count == 0
+        assert summary.modified_count == 0
+        assert summary.changes == []
+
+    def test_empty_scans_produce_no_changes(self) -> None:
+        """Comparing two empty scans returns empty change summary."""
+        current = _make_scan_result(resources=[])
+        previous = _make_scan_result(resources=[])
+
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous)
+
+        assert summary.added_count == 0
+        assert summary.removed_count == 0
+        assert summary.modified_count == 0
+        assert summary.changes == []
+
+
+class TestAddedResources:
+    """Tests for detecting added resources."""
+
+    def test_new_resource_detected_as_added(self) -> None:
+        """A resource in current but not in previous is classified as ADDED."""
+        resource = _make_resource(unique_id="new-res", name="new-service")
+        current = _make_scan_result(resources=[resource])
+        previous = _make_scan_result(resources=[])
+
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous)
+
+        assert summary.added_count == 1
+        assert summary.removed_count == 0
+        assert summary.modified_count == 0
+        assert len(summary.changes) == 1
+
+        change = summary.changes[0]
+        assert change.resource_id == "new-res"
+        assert change.resource_name == "new-service"
+        assert change.change_type == ChangeType.ADDED
+        assert change.changed_attributes is None
+
+    def test_multiple_added_resources(self) -> None:
+        """Multiple new resources are all classified as ADDED."""
+        res1 = _make_resource(unique_id="res-1", name="service-1")
+        res2 = _make_resource(unique_id="res-2", name="service-2")
+        current = _make_scan_result(resources=[res1, res2])
+        previous = _make_scan_result(resources=[])
+
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous)
+
+        assert summary.added_count == 2
+        added_ids = {c.resource_id for c in summary.changes}
+        assert added_ids == {"res-1", "res-2"}
+
+
+class TestRemovedResources:
+    """Tests for detecting removed resources."""
+
+    def test_missing_resource_detected_as_removed(self) -> None:
+        """A resource in previous but not in current is classified as REMOVED."""
+        resource = _make_resource(unique_id="old-res", name="old-service")
+        current = _make_scan_result(resources=[])
+        previous = _make_scan_result(resources=[resource])
+
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous)
+
+        assert summary.added_count == 0
+        assert summary.removed_count == 1
+        assert summary.modified_count == 0
+        assert len(summary.changes) == 1
+
+        change = summary.changes[0]
+        assert change.resource_id == "old-res"
+        assert change.resource_name == "old-service"
+        assert change.change_type == ChangeType.REMOVED
+        assert change.changed_attributes is None
+
+    def test_multiple_removed_resources(self) -> None:
+        """Multiple missing resources are all classified as REMOVED."""
+        res1 = _make_resource(unique_id="res-1", name="service-1")
+        res2 = _make_resource(unique_id="res-2", name="service-2")
+        current = _make_scan_result(resources=[])
+        previous = _make_scan_result(resources=[res1, res2])
+
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous)
+
+        assert summary.removed_count == 2
+        removed_ids = {c.resource_id for c in summary.changes}
+        assert removed_ids == {"res-1", "res-2"}
+
+
+class TestModifiedResources:
+    """Tests for detecting modified resources."""
+
+    def test_changed_attributes_detected_as_modified(self) -> None:
+        """A resource with changed attributes is classified as MODIFIED."""
+        prev_resource = _make_resource(
+            unique_id="res-1", attributes={"replicas": 3, "image": "nginx:1.24"}
+        )
+        curr_resource = _make_resource(
+            unique_id="res-1", attributes={"replicas": 5, "image": "nginx:1.24"}
+        )
+        current = _make_scan_result(resources=[curr_resource])
+        previous = _make_scan_result(resources=[prev_resource])
+
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous)
+
+        assert summary.added_count == 0
+        assert summary.removed_count == 0
+        assert summary.modified_count == 1
+        assert len(summary.changes) == 1
+
+        change = summary.changes[0]
+        assert change.resource_id == "res-1"
+        assert change.change_type == ChangeType.MODIFIED
+        assert change.changed_attributes == {"replicas": {"old": 3, "new": 5}}
+
+    def test_added_attribute_detected_as_modified(self) -> None:
+        """A resource with a new attribute key is classified as MODIFIED."""
+        prev_resource = _make_resource(
+            unique_id="res-1", attributes={"replicas": 3}
+        )
+        curr_resource = _make_resource(
+            unique_id="res-1", attributes={"replicas": 3, "image": "nginx:1.25"}
+        )
+        current = _make_scan_result(resources=[curr_resource])
+        previous = _make_scan_result(resources=[prev_resource])
+
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous)
+
+        assert summary.modified_count == 1
+        change = summary.changes[0]
+        assert change.changed_attributes == {
+            "image": {"old": None, "new": "nginx:1.25"}
+        }
+
+    def test_removed_attribute_detected_as_modified(self) -> None:
+        """A resource with a removed attribute key is classified as MODIFIED."""
+        prev_resource = _make_resource(
+            unique_id="res-1", attributes={"replicas": 3, "image": "nginx:1.25"}
+        )
+        curr_resource = _make_resource(
+            unique_id="res-1", attributes={"replicas": 3}
+        )
+        current = _make_scan_result(resources=[curr_resource])
+        previous = _make_scan_result(resources=[prev_resource])
+
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous)
+
+        assert summary.modified_count == 1
+        change = summary.changes[0]
+        assert change.changed_attributes == {
+            "image": {"old": "nginx:1.25", "new": None}
+        }
+
+
+class TestMixedChanges:
+    """Tests for scans with a mix of added, removed, and modified resources."""
+
+    def test_mixed_changes_detected_correctly(self) -> None:
+        """A scan with added, removed, and modified resources is classified correctly."""
+        # Shared resource (modified)
+        prev_shared = _make_resource(
+            unique_id="shared", name="shared-svc", attributes={"replicas": 2}
+        )
+        curr_shared = _make_resource(
+            unique_id="shared", name="shared-svc", attributes={"replicas": 4}
+        )
+
+        # Removed resource
+        removed = _make_resource(unique_id="old-res", name="old-svc")
+
+        # Added resource
+        added = _make_resource(unique_id="new-res", name="new-svc")
+
+        previous = _make_scan_result(resources=[prev_shared, removed])
+        current = _make_scan_result(resources=[curr_shared, added])
+
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous)
+
+        assert summary.added_count == 1
+        assert summary.removed_count == 1
+        assert summary.modified_count == 1
+        assert len(summary.changes) == 3
+
+        change_map = {c.resource_id: c for c in summary.changes}
+        assert change_map["new-res"].change_type == ChangeType.ADDED
+        assert change_map["old-res"].change_type == ChangeType.REMOVED
+        assert change_map["shared"].change_type == ChangeType.MODIFIED
+
+
+class TestFirstScan:
+    """Tests for first scan (no previous snapshot)."""
+
+    def test_first_scan_treats_all_as_added(self) -> None:
+        """When previous is None, all current resources are classified as ADDED."""
+        res1 = _make_resource(unique_id="res-1", name="service-1")
+        res2 = _make_resource(unique_id="res-2", name="service-2")
+        current = _make_scan_result(resources=[res1, res2])
+
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous=None)
+
+        assert summary.added_count == 2
+        assert summary.removed_count == 0
+        assert summary.modified_count == 0
+        assert len(summary.changes) == 2
+        assert all(c.change_type == ChangeType.ADDED for c in summary.changes)
+
+    def test_first_scan_empty_produces_empty_summary(self) -> None:
+        """First scan with no resources produces empty change summary."""
+        current = _make_scan_result(resources=[])
+
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous=None)
+
+        assert summary.added_count == 0
+        assert summary.removed_count == 0
+        assert summary.modified_count == 0
+        assert summary.changes == []
+
+
+class TestChangeSummaryCounts:
+    """Tests that ChangeSummary counts are always correct."""
+
+    def test_counts_match_change_list(self) -> None:
+        """The counts in ChangeSummary always match the actual changes list."""
+        # Set up a scenario with 2 added, 1 removed, 1 modified
+        prev_mod = _make_resource(
+            unique_id="mod-1", name="mod-svc", attributes={"port": 80}
+        )
+        curr_mod = _make_resource(
+            unique_id="mod-1", name="mod-svc", attributes={"port": 8080}
+        )
+        removed = _make_resource(unique_id="rem-1", name="rem-svc")
+        added1 = _make_resource(unique_id="add-1", name="add-svc-1")
+        added2 = _make_resource(unique_id="add-2", name="add-svc-2")
+
+        previous = _make_scan_result(resources=[prev_mod, removed])
+        current = _make_scan_result(resources=[curr_mod, added1, added2])
+
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous)
+
+        # Verify counts match actual changes
+        actual_added = [c for c in summary.changes if c.change_type == ChangeType.ADDED]
+        actual_removed = [c for c in summary.changes if c.change_type == ChangeType.REMOVED]
+        actual_modified = [c for c in summary.changes if c.change_type == ChangeType.MODIFIED]
+
+        assert summary.added_count == len(actual_added) == 2
+        assert summary.removed_count == len(actual_removed) == 1
+        assert summary.modified_count == len(actual_modified) == 1
+
+    def test_resource_type_preserved_in_changes(self) -> None:
+        """ResourceChange objects preserve the resource_type from the resource."""
+        resource = _make_resource(
+            unique_id="res-1",
+            resource_type="docker_service",
+            name="my-service",
+        )
+        current = _make_scan_result(resources=[resource])
+        previous = _make_scan_result(resources=[])
+
+        detector = ChangeDetector()
+        summary = detector.compare(current, previous)
+
+        assert summary.changes[0].resource_type == "docker_service"
diff --git a/tests/unit/test_cli.py b/tests/unit/test_cli.py
new file mode 100644
index 0000000..9057e1b
--- /dev/null
+++ b/tests/unit/test_cli.py
@@ -0,0 +1,437 @@
+"""Unit tests for the CLI entry point.
+
+Tests command registration, help text, and basic invocation with mocked dependencies.
+"""
+
+from unittest.mock import patch, MagicMock
+from pathlib import Path
+
+import pytest
+from click.testing import CliRunner
+
+from iac_reverse.cli.cli import cli, _load_scan_profile
+
+
+@pytest.fixture
+def runner():
+    """Create a Click CliRunner for testing."""
+    return CliRunner()
+
+
+class TestCommandRegistration:
+    """Test that all commands are registered on the CLI group."""
+
+    def test_scan_command_registered(self, runner):
+        result = runner.invoke(cli, ["scan", "--help"])
+        assert result.exit_code == 0
+        assert "Scan infrastructure" in result.output
+
+    def test_generate_command_registered(self, runner):
+        result = runner.invoke(cli, ["generate", "--help"])
+        assert result.exit_code == 0
+        assert "Run full pipeline" in result.output
+
+    def test_diff_command_registered(self, runner):
+        result = runner.invoke(cli, ["diff", "--help"])
+        assert result.exit_code == 0
+        assert "incremental scan" in result.output
+
+    def test_validate_command_registered(self, runner):
+        result = runner.invoke(cli, ["validate", "--help"])
+        assert result.exit_code == 0
+        assert "Validate existing Terraform output" in result.output
+
+    def test_login_command_registered(self, runner):
+        result = runner.invoke(cli, ["login", "--help"])
+        assert result.exit_code == 0
+        assert "Authenticate with Authentik SSO" in result.output
+
+    def test_all_commands_in_group(self):
+        command_names = list(cli.commands.keys())
+        assert "scan" in command_names
+        assert "generate" in command_names
+        assert "diff" in command_names
+        assert "validate" in command_names
+        assert "login" in command_names
+
+
+class TestHelpText:
+    """Test that help text is available and informative."""
+
+    def test_main_help(self, runner):
+        result = runner.invoke(cli, ["--help"])
+        assert result.exit_code == 0
+        assert "IaC Reverse Engineering Tool" in result.output
+        assert "scan" in result.output
+        assert "generate" in result.output
+        assert "diff" in result.output
+        assert "validate" in result.output
+        assert "login" in result.output
+
+    def test_version_option(self, runner):
+        result = runner.invoke(cli, ["--version"])
+        assert result.exit_code == 0
+        assert "0.1.0" in result.output
+
+    def test_scan_help_shows_profile_option(self, runner):
+        result = runner.invoke(cli, ["scan", "--help"])
+        assert "--profile" in result.output
+
+    def test_generate_help_shows_options(self, runner):
+        result = runner.invoke(cli, ["generate", "--help"])
+        assert "--profile" in result.output
+        assert "--output-dir" in result.output
+
+    def test_diff_help_shows_profile_option(self, runner):
+        result = runner.invoke(cli, ["diff", "--help"])
+        assert "--profile" in result.output
+
+    def test_validate_help_shows_dir_option(self, runner):
+        result = runner.invoke(cli, ["validate", "--help"])
+        assert "--dir" in result.output
+
+    def test_login_help_shows_options(self, runner):
+        result = runner.invoke(cli, ["login", "--help"])
+        assert "--url" in result.output
+        assert "--client-id" in result.output
+        assert "--client-secret" in result.output
+
+
+class TestScanCommand:
+    """Test the scan command with mocked dependencies."""
+
+    def test_scan_missing_profile_option(self, runner):
+        result = runner.invoke(cli, ["scan"])
+        assert result.exit_code != 0
+        assert "Missing option" in result.output or "required" in result.output.lower()
+
+    def test_scan_nonexistent_profile(self, runner):
+        result = runner.invoke(cli, ["scan", "--profile", "nonexistent.yaml"])
+        assert result.exit_code != 0
+
+    @patch("iac_reverse.cli.cli._create_plugin")
+    def test_scan_with_valid_profile(self, mock_create_plugin, runner, tmp_path):
+        """Test scan command with a valid profile and mocked plugin."""
+        from iac_reverse.models import ScanResult
+
+        # Create a valid profile YAML
+        profile_file = tmp_path / "profile.yaml"
+        profile_file.write_text(
+            "provider: kubernetes\n"
+            "credentials:\n"
+            "  kubeconfig: /path/to/config\n"
+            "endpoints:\n"
+            "  - https://k8s.local:6443\n"
+        )
+
+        # Mock the plugin and scanner
+        mock_plugin = MagicMock()
+        mock_plugin.list_supported_resource_types.return_value = [
+            "kubernetes_deployment"
+        ]
+        mock_plugin.list_endpoints.return_value = ["https://k8s.local:6443"]
+        mock_plugin.discover_resources.return_value = ScanResult(
+            resources=[],
+            warnings=[],
+            errors=[],
+            scan_timestamp="2024-01-01T00:00:00Z",
+            profile_hash="abc123",
+        )
+        mock_create_plugin.return_value = mock_plugin
+
+        result = runner.invoke(cli, ["scan", "--profile", str(profile_file)])
+        assert result.exit_code == 0
+        assert "0 resources discovered" in result.output
+
+
+class TestGenerateCommand:
+    """Test the generate command with mocked dependencies."""
+
+    def test_generate_missing_options(self, runner):
+        result = runner.invoke(cli, ["generate"])
+        assert result.exit_code != 0
+
+    @patch("iac_reverse.validator.validator.Validator.validate")
+    @patch("iac_reverse.state_builder.state_builder.StateBuilder.build")
+    @patch("iac_reverse.generator.code_generator.CodeGenerator.generate")
+    @patch("iac_reverse.resolver.resolver.DependencyResolver.resolve")
+    @patch("iac_reverse.scanner.scanner.Scanner.scan")
+    @patch("iac_reverse.cli.cli._create_plugin")
+    def test_generate_full_pipeline(
+        self,
+        mock_create_plugin,
+        mock_scan,
+        mock_resolve,
+        mock_generate,
+        mock_build,
+        mock_validate,
+        runner,
+        tmp_path,
+    ):
+        """Test generate command runs the full pipeline."""
+        from iac_reverse.models import (
+            ScanResult,
+            DependencyGraph,
+            CodeGenerationResult,
+            GeneratedFile,
+            StateFile,
+            ValidationResult,
+        )
+
+        # Create profile
+        profile_file = tmp_path / "profile.yaml"
+        profile_file.write_text(
+            "provider: kubernetes\n"
+            "credentials:\n"
+            "  kubeconfig: /path/to/config\n"
+        )
+
+        output_dir = tmp_path / "output"
+
+        # Mock plugin
+        mock_plugin = MagicMock()
+        mock_create_plugin.return_value = mock_plugin
+
+        # Mock scanner.scan
+        mock_scan.return_value = ScanResult(
+            resources=[],
+            warnings=[],
+            errors=[],
+            scan_timestamp="2024-01-01T00:00:00Z",
+            profile_hash="abc123",
+        )
+
+        # Mock resolver.resolve
+        mock_resolve.return_value = DependencyGraph(
+            resources=[],
+            relationships=[],
+            topological_order=[],
+            cycles=[],
+            unresolved_references=[],
+        )
+
+        # Mock generator.generate
+        mock_generate.return_value = CodeGenerationResult(
+            resource_files=[
+                GeneratedFile(filename="test.tf", content="# test", resource_count=1)
+            ],
+            variables_file=GeneratedFile(filename="variables.tf", content="", resource_count=0),
+            provider_file=GeneratedFile(filename="providers.tf", content="", resource_count=0),
+        )
+
+        # Mock state builder.build
+        mock_state_file = MagicMock()
+        mock_state_file.resources = []
+        mock_state_file.to_json.return_value = "{}"
+        mock_build.return_value = mock_state_file
+
+        # Mock validator.validate
+        mock_validate.return_value = ValidationResult(
+            init_success=True,
+            validate_success=True,
+            plan_success=True,
+        )
+
+        result = runner.invoke(
+            cli, ["generate", "--profile", str(profile_file), "--output-dir", str(output_dir)]
+        )
+        assert result.exit_code == 0
+        assert "Generation complete" in result.output
+
+
+class TestDiffCommand:
+    """Test the diff command with mocked dependencies."""
+
+    def test_diff_missing_profile(self, runner):
+        result = runner.invoke(cli, ["diff"])
+        assert result.exit_code != 0
+
+    @patch("iac_reverse.incremental.change_detector.ChangeDetector.compare")
+    @patch("iac_reverse.incremental.snapshot_store.SnapshotStore.store_snapshot")
+    @patch("iac_reverse.incremental.snapshot_store.SnapshotStore.load_previous")
+    @patch("iac_reverse.scanner.scanner.Scanner.scan")
+    @patch("iac_reverse.scanner.scanner.Scanner._compute_profile_hash")
+    @patch("iac_reverse.cli.cli._create_plugin")
+    def test_diff_first_scan(
+        self,
+        mock_create_plugin,
+        mock_compute_hash,
+        mock_scan,
+        mock_load_previous,
+        mock_store_snapshot,
+        mock_compare,
+        runner,
+        tmp_path,
+    ):
+        """Test diff command on first scan (no previous snapshot)."""
+        from iac_reverse.models import ScanResult, ChangeSummary
+
+        profile_file = tmp_path / "profile.yaml"
+        profile_file.write_text(
+            "provider: kubernetes\n"
+            "credentials:\n"
+            "  kubeconfig: /path/to/config\n"
+        )
+
+        mock_plugin = MagicMock()
+        mock_create_plugin.return_value = mock_plugin
+
+        mock_compute_hash.return_value = "abc123"
+        mock_load_previous.return_value = None
+
+        mock_scan.return_value = ScanResult(
+            resources=[],
+            warnings=[],
+            errors=[],
+            scan_timestamp="2024-01-01T00:00:00Z",
+            profile_hash="abc123",
+        )
+
+        mock_compare.return_value = ChangeSummary(
+            added_count=0, removed_count=0, modified_count=0, changes=[]
+        )
+
+        result = runner.invoke(cli, ["diff", "--profile", str(profile_file)])
+        assert result.exit_code == 0
+        assert "Change Summary" in result.output
+
+
+class TestValidateCommand:
+    """Test the validate command with mocked dependencies."""
+
+    def test_validate_missing_dir(self, runner):
+        result = runner.invoke(cli, ["validate"])
+        assert result.exit_code != 0
+
+    @patch("iac_reverse.validator.validator.Validator.validate")
+    def test_validate_success(self, mock_validate, runner, tmp_path):
+        """Test validate command with successful validation."""
+        from iac_reverse.models import ValidationResult
+
+        mock_validate.return_value = ValidationResult(
+            init_success=True,
+            validate_success=True,
+            plan_success=True,
+        )
+
+        result = runner.invoke(cli, ["validate", "--dir", str(tmp_path)])
+        assert result.exit_code == 0
+        assert "All validations passed" in result.output
+
+    @patch("iac_reverse.validator.validator.Validator.validate")
+    def test_validate_failure(self, mock_validate, runner, tmp_path):
+        """Test validate command with validation errors."""
+        from iac_reverse.models import ValidationResult, ValidationError
+
+        mock_validate.return_value = ValidationResult(
+            init_success=True,
+            validate_success=False,
+            plan_success=False,
+            errors=[
+                ValidationError(file="main.tf", message="syntax error", line=5)
+            ],
+        )
+
+        result = runner.invoke(cli, ["validate", "--dir", str(tmp_path)])
+        assert result.exit_code == 0
+        assert "syntax error" in result.output
+
+
+class TestLoginCommand:
+    """Test the login command with mocked dependencies."""
+
+    def test_login_missing_options(self, runner):
+        result = runner.invoke(cli, ["login"])
+        assert result.exit_code != 0
+
+    @patch("iac_reverse.auth.authentik_auth.AuthentikAuthProvider.authenticate_user")
+    def test_login_success(self, mock_authenticate, runner, tmp_path):
+        """Test login command with successful authentication."""
+        from iac_reverse.auth.authentik_auth import AuthentikSession
+
+        mock_authenticate.return_value = AuthentikSession(
+            access_token="test-token-123",
+            refresh_token="refresh-456",
+            user_id="user@example.com",
+            groups=["admins", "devops"],
+        )
+
+        with runner.isolated_filesystem(temp_dir=tmp_path):
+            result = runner.invoke(
+                cli,
+                [
+                    "login",
+                    "--url", "https://auth.internal.lab",
+                    "--client-id", "iac-reverse",
+                    "--client-secret", "secret123",
+                ],
+            )
+            assert result.exit_code == 0
+            assert "Authenticated as user" in result.output
+            assert "user@example.com" in result.output
+
+    @patch("iac_reverse.auth.authentik_auth.AuthentikAuthProvider.authenticate_user")
+    def test_login_failure(self, mock_authenticate, runner, tmp_path):
+        """Test login command with authentication failure."""
+        from iac_reverse.auth.authentik_auth import AuthenticationError
+
+        mock_authenticate.side_effect = AuthenticationError(
+            "Invalid credentials"
+        )
+
+        with runner.isolated_filesystem(temp_dir=tmp_path):
+            result = runner.invoke(
+                cli,
+                [
+                    "login",
+                    "--url", "https://auth.internal.lab",
+                    "--client-id", "iac-reverse",
+                    "--client-secret", "bad-secret",
+                ],
+            )
+            assert result.exit_code != 0
+            assert "Authentication failed" in result.output
+
+
+class TestLoadScanProfile:
+    """Test the _load_scan_profile helper function."""
+
+    def test_load_valid_profile(self, tmp_path):
+        profile_file = tmp_path / "profile.yaml"
+        profile_file.write_text(
+            "provider: kubernetes\n"
+            "credentials:\n"
+            "  kubeconfig: /path/to/config\n"
+        )
+
+        profile = _load_scan_profile(str(profile_file))
+        assert profile.provider == ProviderType.KUBERNETES
+        assert profile.credentials == {"kubeconfig": "/path/to/config"}
+
+    def test_load_nonexistent_profile(self):
+        with pytest.raises(Exception) as exc_info:
+            _load_scan_profile("/nonexistent/path.yaml")
+        assert "not found" in str(exc_info.value).lower() or "Profile not found" in str(exc_info.value)
+
+    def test_load_invalid_yaml(self, tmp_path):
+        profile_file = tmp_path / "bad.yaml"
+        profile_file.write_text(": : : invalid yaml [[[")
+
+        with pytest.raises(Exception):
+            _load_scan_profile(str(profile_file))
+
+    def test_load_unknown_provider(self, tmp_path):
+        profile_file = tmp_path / "profile.yaml"
+        profile_file.write_text(
+            "provider: unknown_provider\n"
+            "credentials:\n"
+            "  key: value\n"
+        )
+
+        with pytest.raises(Exception) as exc_info:
+            _load_scan_profile(str(profile_file))
+        assert "Unknown provider" in str(exc_info.value)
+
+
+# Import for type reference in tests
+from iac_reverse.models import ProviderType
diff --git a/tests/unit/test_code_generator.py b/tests/unit/test_code_generator.py
new file mode 100644
index 0000000..47eb342
--- /dev/null
+++ b/tests/unit/test_code_generator.py
@@ -0,0 +1,639 @@
+"""Unit tests for the CodeGenerator."""
+
+import pytest
+
+from iac_reverse.models import (
+    CodeGenerationResult,
+    CpuArchitecture,
+    DependencyGraph,
+    DiscoveredResource,
+    GeneratedFile,
+    PlatformCategory,
+    ProviderType,
+    ResourceRelationship,
+    ScanProfile,
+)
+from iac_reverse.generator import CodeGenerator
+
+
+# ---------------------------------------------------------------------------
+# Helpers / Fixtures
+# ---------------------------------------------------------------------------
+
+
+def make_resource(
+    resource_type: str = "kubernetes_deployment",
+    unique_id: str = "default/deployments/nginx",
+    name: str = "nginx",
+    provider: ProviderType = ProviderType.KUBERNETES,
+    platform_category: PlatformCategory = PlatformCategory.CONTAINER_ORCHESTRATION,
+    architecture: CpuArchitecture = CpuArchitecture.AARCH64,
+    attributes: dict | None = None,
+    raw_references: list[str] | None = None,
+) -> DiscoveredResource:
+    """Create a sample DiscoveredResource for testing."""
+    return DiscoveredResource(
+        resource_type=resource_type,
+        unique_id=unique_id,
+        name=name,
+        provider=provider,
+        platform_category=platform_category,
+        architecture=architecture,
+        endpoint="https://k8s-api.local:6443",
+        attributes=attributes or {},
+        raw_references=raw_references or [],
+    )
+
+
+def make_graph(
+    resources: list[DiscoveredResource],
+    relationships: list[ResourceRelationship] | None = None,
+) -> DependencyGraph:
+    """Create a DependencyGraph from resources and optional relationships."""
+    return DependencyGraph(
+        resources=resources,
+        relationships=relationships or [],
+        topological_order=[r.unique_id for r in resources],
+        cycles=[],
+        unresolved_references=[],
+    )
+
+
+def make_profiles() -> list[ScanProfile]:
+    """Create a default list of scan profiles for testing."""
+    return [
+        ScanProfile(
+            provider=ProviderType.KUBERNETES,
+            credentials={"kubeconfig_path": "/home/user/.kube/config"},
+        )
+    ]
+
+
+# ---------------------------------------------------------------------------
+# Tests: Single resource generates valid HCL
+# ---------------------------------------------------------------------------
+
+
+class TestSingleResourceGeneration:
+    """Tests for generating HCL from a single resource."""
+
+    def test_single_resource_produces_one_file(self):
+        """A single resource produces exactly one resource file."""
+        resource = make_resource(
+            attributes={"replicas": 3, "image": "nginx:1.25"},
+        )
+        graph = make_graph([resource])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+
+        assert len(result.resource_files) == 1
+
+    def test_single_resource_file_has_correct_filename(self):
+        """The generated file is named after the resource type."""
+        resource = make_resource(resource_type="kubernetes_deployment")
+        graph = make_graph([resource])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+
+        assert result.resource_files[0].filename == "kubernetes_deployment.tf"
+
+    def test_single_resource_file_contains_resource_block(self):
+        """The generated file contains a resource block with the correct type."""
+        resource = make_resource(
+            resource_type="kubernetes_deployment",
+            name="nginx",
+            attributes={"replicas": 3},
+        )
+        graph = make_graph([resource])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+        content = result.resource_files[0].content
+
+        assert 'resource "kubernetes_deployment" "nginx"' in content
+
+    def test_single_resource_includes_attributes(self):
+        """The generated resource block includes all attributes."""
+        resource = make_resource(
+            attributes={"replicas": 3, "image": "nginx:1.25"},
+        )
+        graph = make_graph([resource])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+        content = result.resource_files[0].content
+
+        assert "replicas = 3" in content
+        assert 'image = "nginx:1.25"' in content
+
+    def test_single_resource_resource_count_is_one(self):
+        """The resource_count for a single resource file is 1."""
+        resource = make_resource()
+        graph = make_graph([resource])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+
+        assert result.resource_files[0].resource_count == 1
+
+
+# ---------------------------------------------------------------------------
+# Tests: Multiple resources of same type go in one file
+# ---------------------------------------------------------------------------
+
+
+class TestSameTypeGrouping:
+    """Tests for grouping multiple resources of the same type into one file."""
+
+    def test_two_resources_same_type_produce_one_file(self):
+        """Two resources of the same type produce exactly one file."""
+        resource_a = make_resource(
+            unique_id="default/deployments/app-a",
+            name="app-a",
+            attributes={"replicas": 2},
+        )
+        resource_b = make_resource(
+            unique_id="default/deployments/app-b",
+            name="app-b",
+            attributes={"replicas": 1},
+        )
+        graph = make_graph([resource_a, resource_b])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+
+        assert len(result.resource_files) == 1
+
+    def test_two_resources_same_type_both_in_file(self):
+        """Both resources appear in the same file."""
+        resource_a = make_resource(
+            unique_id="default/deployments/app-a",
+            name="app-a",
+            attributes={"replicas": 2},
+        )
+        resource_b = make_resource(
+            unique_id="default/deployments/app-b",
+            name="app-b",
+            attributes={"replicas": 1},
+        )
+        graph = make_graph([resource_a, resource_b])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+        content = result.resource_files[0].content
+
+        assert 'resource "kubernetes_deployment" "app_a"' in content
+        assert 'resource "kubernetes_deployment" "app_b"' in content
+
+    def test_resource_count_matches_number_of_resources(self):
+        """The resource_count reflects the number of resources in the file."""
+        resources = [
+            make_resource(
+                unique_id=f"default/deployments/app-{i}",
+                name=f"app-{i}",
+            )
+            for i in range(3)
+        ]
+        graph = make_graph(resources)
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+
+        assert result.resource_files[0].resource_count == 3
+
+
+# ---------------------------------------------------------------------------
+# Tests: Different resource types go in separate files
+# ---------------------------------------------------------------------------
+
+
+class TestDifferentTypesSeparateFiles:
+    """Tests for separating different resource types into different files."""
+
+    def test_two_different_types_produce_two_files(self):
+        """Two resources of different types produce two files."""
+        deployment = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="default/deployments/nginx",
+            name="nginx",
+        )
+        service = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="default/services/nginx-svc",
+            name="nginx-svc",
+        )
+        graph = make_graph([deployment, service])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+
+        assert len(result.resource_files) == 2
+
+    def test_different_types_have_correct_filenames(self):
+        """Each file is named after its resource type."""
+        deployment = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="default/deployments/nginx",
+            name="nginx",
+        )
+        service = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="default/services/nginx-svc",
+            name="nginx-svc",
+        )
+        graph = make_graph([deployment, service])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+        filenames = {f.filename for f in result.resource_files}
+
+        assert "kubernetes_deployment.tf" in filenames
+        assert "kubernetes_service.tf" in filenames
+
+    def test_each_file_contains_only_its_type(self):
+        """Each file contains only resource blocks of its designated type."""
+        deployment = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="default/deployments/nginx",
+            name="nginx",
+        )
+        service = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="default/services/nginx-svc",
+            name="nginx-svc",
+        )
+        graph = make_graph([deployment, service])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+
+        for f in result.resource_files:
+            if f.filename == "kubernetes_deployment.tf":
+                assert "kubernetes_deployment" in f.content
+                assert 'resource "kubernetes_service"' not in f.content
+            elif f.filename == "kubernetes_service.tf":
+                assert "kubernetes_service" in f.content
+                assert 'resource "kubernetes_deployment"' not in f.content
+
+    def test_three_types_produce_three_files(self):
+        """Three distinct resource types produce three files."""
+        resources = [
+            make_resource(
+                resource_type="kubernetes_deployment",
+                unique_id="default/deployments/app",
+                name="app",
+            ),
+            make_resource(
+                resource_type="kubernetes_service",
+                unique_id="default/services/app-svc",
+                name="app-svc",
+            ),
+            make_resource(
+                resource_type="windows_service",
+                unique_id="win/services/iis",
+                name="iis",
+                provider=ProviderType.WINDOWS,
+                platform_category=PlatformCategory.WINDOWS,
+                architecture=CpuArchitecture.AMD64,
+            ),
+        ]
+        graph = make_graph(resources)
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+
+        assert len(result.resource_files) == 3
+
+
+# ---------------------------------------------------------------------------
+# Tests: Traceability comments are present
+# ---------------------------------------------------------------------------
+
+
+class TestTraceabilityComments:
+    """Tests for traceability comments in generated HCL."""
+
+    def test_resource_block_has_source_comment(self):
+        """Each resource block is preceded by a comment with the unique_id."""
+        resource = make_resource(
+            unique_id="apps/v1/deployments/default/nginx",
+            name="nginx",
+        )
+        graph = make_graph([resource])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+        content = result.resource_files[0].content
+
+        assert "# Source: apps/v1/deployments/default/nginx" in content
+
+    def test_multiple_resources_each_have_source_comment(self):
+        """Each resource in a multi-resource file has its own source comment."""
+        resource_a = make_resource(
+            unique_id="default/deployments/app-a",
+            name="app-a",
+        )
+        resource_b = make_resource(
+            unique_id="default/deployments/app-b",
+            name="app-b",
+        )
+        graph = make_graph([resource_a, resource_b])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+        content = result.resource_files[0].content
+
+        assert "# Source: default/deployments/app-a" in content
+        assert "# Source: default/deployments/app-b" in content
+
+    def test_windows_resource_has_source_comment(self):
+        """Windows resources also have traceability comments."""
+        resource = make_resource(
+            resource_type="windows_service",
+            unique_id="win-server-01/services/W3SVC",
+            name="W3SVC",
+            provider=ProviderType.WINDOWS,
+            platform_category=PlatformCategory.WINDOWS,
+            architecture=CpuArchitecture.AMD64,
+        )
+        graph = make_graph([resource])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+        content = result.resource_files[0].content
+
+        assert "# Source: win-server-01/services/W3SVC" in content
+
+
+# ---------------------------------------------------------------------------
+# Tests: Architecture tags are included
+# ---------------------------------------------------------------------------
+
+
+class TestArchitectureTags:
+    """Tests for architecture-specific tags/labels on resources."""
+
+    def test_aarch64_resource_has_arch_tag(self):
+        """An AArch64 resource includes arch = aarch64 in tags."""
+        resource = make_resource(
+            architecture=CpuArchitecture.AARCH64,
+            attributes={"replicas": 1},
+        )
+        graph = make_graph([resource])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+        content = result.resource_files[0].content
+
+        assert '"arch" = "aarch64"' in content
+
+    def test_amd64_resource_has_arch_tag(self):
+        """An AMD64 resource includes arch = amd64 in tags."""
+        resource = make_resource(
+            resource_type="windows_service",
+            unique_id="win/services/svc",
+            name="svc",
+            architecture=CpuArchitecture.AMD64,
+            provider=ProviderType.WINDOWS,
+            platform_category=PlatformCategory.WINDOWS,
+        )
+        graph = make_graph([resource])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+        content = result.resource_files[0].content
+
+        assert '"arch" = "amd64"' in content
+
+    def test_arm_resource_has_arch_tag(self):
+        """An ARM resource includes arch = arm in tags."""
+        resource = make_resource(
+            architecture=CpuArchitecture.ARM,
+        )
+        graph = make_graph([resource])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+        content = result.resource_files[0].content
+
+        assert '"arch" = "arm"' in content
+
+    def test_managed_by_tag_is_present(self):
+        """All resources include a managed_by = iac-reverse tag."""
+        resource = make_resource()
+        graph = make_graph([resource])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+        content = result.resource_files[0].content
+
+        assert '"managed_by" = "iac-reverse"' in content
+
+
+# ---------------------------------------------------------------------------
+# Tests: Dependencies use Terraform references
+# ---------------------------------------------------------------------------
+
+
+class TestTerraformReferences:
+    """Tests for Terraform resource references in generated HCL."""
+
+    def test_dependency_uses_terraform_reference(self):
+        """A resource referencing another uses a Terraform reference expression."""
+        namespace = make_resource(
+            resource_type="kubernetes_namespace",
+            unique_id="ns/default",
+            name="default",
+        )
+        deployment = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="default/deployments/nginx",
+            name="nginx",
+            attributes={"namespace": "default"},
+            raw_references=["ns/default"],
+        )
+        relationships = [
+            ResourceRelationship(
+                source_id="default/deployments/nginx",
+                target_id="ns/default",
+                relationship_type="parent-child",
+                source_attribute="namespace",
+            )
+        ]
+        graph = make_graph([namespace, deployment], relationships)
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+
+        # Find the deployment file
+        deploy_file = next(
+            f for f in result.resource_files
+            if f.filename == "kubernetes_deployment.tf"
+        )
+        content = deploy_file.content
+
+        # Should use Terraform reference, not hardcoded "default"
+        assert "kubernetes_namespace.default.id" in content
+
+    def test_reference_by_unique_id_in_attribute(self):
+        """An attribute containing a target's unique_id is replaced with a reference."""
+        app_pool = make_resource(
+            resource_type="windows_iis_app_pool",
+            unique_id="win/iis/app_pools/DefaultAppPool",
+            name="DefaultAppPool",
+            provider=ProviderType.WINDOWS,
+            platform_category=PlatformCategory.WINDOWS,
+            architecture=CpuArchitecture.AMD64,
+        )
+        site = make_resource(
+            resource_type="windows_iis_site",
+            unique_id="win/iis/sites/MySite",
+            name="MySite",
+            attributes={"app_pool": "win/iis/app_pools/DefaultAppPool"},
+            provider=ProviderType.WINDOWS,
+            platform_category=PlatformCategory.WINDOWS,
+            architecture=CpuArchitecture.AMD64,
+        )
+        relationships = [
+            ResourceRelationship(
+                source_id="win/iis/sites/MySite",
+                target_id="win/iis/app_pools/DefaultAppPool",
+                relationship_type="dependency",
+                source_attribute="app_pool",
+            )
+        ]
+        graph = make_graph([app_pool, site], relationships)
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+
+        site_file = next(
+            f for f in result.resource_files
+            if f.filename == "windows_iis_site.tf"
+        )
+        content = site_file.content
+
+        assert "windows_iis_app_pool.DefaultAppPool.id" in content
+
+    def test_non_reference_attributes_remain_literal(self):
+        """Attributes that don't reference other resources remain as literals."""
+        resource = make_resource(
+            attributes={"replicas": 3, "image": "nginx:1.25"},
+        )
+        graph = make_graph([resource])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+        content = result.resource_files[0].content
+
+        assert "replicas = 3" in content
+        assert 'image = "nginx:1.25"' in content
+
+    def test_multiple_dependencies_all_use_references(self):
+        """A resource with multiple dependencies uses references for all."""
+        namespace = make_resource(
+            resource_type="kubernetes_namespace",
+            unique_id="ns/prod",
+            name="prod",
+        )
+        config_map = make_resource(
+            resource_type="kubernetes_config_map",
+            unique_id="prod/configmaps/app-config",
+            name="app-config",
+        )
+        deployment = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="prod/deployments/app",
+            name="app",
+            attributes={
+                "namespace": "prod",
+                "config_map": "app-config",
+                "replicas": 2,
+            },
+            raw_references=["ns/prod", "prod/configmaps/app-config"],
+        )
+        relationships = [
+            ResourceRelationship(
+                source_id="prod/deployments/app",
+                target_id="ns/prod",
+                relationship_type="parent-child",
+                source_attribute="namespace",
+            ),
+            ResourceRelationship(
+                source_id="prod/deployments/app",
+                target_id="prod/configmaps/app-config",
+                relationship_type="dependency",
+                source_attribute="config_map",
+            ),
+        ]
+        graph = make_graph([namespace, config_map, deployment], relationships)
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+
+        deploy_file = next(
+            f for f in result.resource_files
+            if f.filename == "kubernetes_deployment.tf"
+        )
+        content = deploy_file.content
+
+        assert "kubernetes_namespace.prod.id" in content
+        assert "kubernetes_config_map.app_config.id" in content
+        assert "replicas = 2" in content
+
+
+# ---------------------------------------------------------------------------
+# Tests: Result structure
+# ---------------------------------------------------------------------------
+
+
+class TestResultStructure:
+    """Tests for the CodeGenerationResult structure."""
+
+    def test_result_has_variables_file(self):
+        """The result includes a variables_file (empty placeholder for now)."""
+        resource = make_resource()
+        graph = make_graph([resource])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+
+        assert result.variables_file is not None
+        assert result.variables_file.filename == "variables.tf"
+
+    def test_result_has_provider_file(self):
+        """The result includes a provider_file (empty placeholder for now)."""
+        resource = make_resource()
+        graph = make_graph([resource])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+
+        assert result.provider_file is not None
+        assert result.provider_file.filename == "providers.tf"
+
+    def test_empty_graph_produces_no_resource_files(self):
+        """An empty graph produces no resource files."""
+        graph = make_graph([])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+
+        assert result.resource_files == []
+
+    def test_name_sanitization_replaces_special_chars(self):
+        """Resource names with special characters are sanitized for Terraform."""
+        resource = make_resource(
+            name="my-app.v2",
+            unique_id="default/deployments/my-app.v2",
+        )
+        graph = make_graph([resource])
+        generator = CodeGenerator()
+
+        result = generator.generate(graph, make_profiles())
+        content = result.resource_files[0].content
+
+        # Should use sanitized name (hyphens and dots replaced with underscores)
+        assert 'resource "kubernetes_deployment" "my_app_v2"' in content
diff --git a/tests/unit/test_docker_swarm_plugin.py b/tests/unit/test_docker_swarm_plugin.py
new file mode 100644
index 0000000..d49c86c
--- /dev/null
+++ b/tests/unit/test_docker_swarm_plugin.py
@@ -0,0 +1,444 @@
+"""Unit tests for the DockerSwarmPlugin."""
+
+from unittest.mock import MagicMock, patch
+
+import pytest
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ScanProgress,
+)
+from iac_reverse.scanner import AuthenticationError
+from iac_reverse.scanner.docker_swarm_plugin import DockerSwarmPlugin
+
+
+# ---------------------------------------------------------------------------
+# Fixtures
+# ---------------------------------------------------------------------------
+
+
+@pytest.fixture
+def plugin():
+    """Create a fresh DockerSwarmPlugin instance."""
+    return DockerSwarmPlugin()
+
+
+@pytest.fixture
+def mock_docker_client():
+    """Create a mock Docker client with common attributes."""
+    client = MagicMock()
+    client.ping.return_value = True
+    client.info.return_value = {"Architecture": "x86_64"}
+    client.services.list.return_value = []
+    client.networks.list.return_value = []
+    client.volumes.list.return_value = []
+    client.configs.list.return_value = []
+    client.secrets.list.return_value = []
+    return client
+
+
+@pytest.fixture
+def authenticated_plugin(plugin, mock_docker_client):
+    """Return a plugin that has been authenticated with a mock client."""
+    with patch("iac_reverse.scanner.docker_swarm_plugin.docker.DockerClient") as mock_cls:
+        mock_cls.return_value = mock_docker_client
+        plugin.authenticate({"host": "tcp://localhost:2376"})
+    return plugin
+
+
+# ---------------------------------------------------------------------------
+# Authentication tests
+# ---------------------------------------------------------------------------
+
+
+class TestAuthenticate:
+    def test_authenticate_success(self, plugin):
+        """Successful authentication connects to Docker daemon."""
+        with patch("iac_reverse.scanner.docker_swarm_plugin.docker.DockerClient") as mock_cls:
+            mock_client = MagicMock()
+            mock_client.ping.return_value = True
+            mock_cls.return_value = mock_client
+
+            plugin.authenticate({"host": "tcp://192.168.1.10:2376"})
+
+            mock_cls.assert_called_once_with(
+                base_url="tcp://192.168.1.10:2376",
+                tls=False,
+            )
+            mock_client.ping.assert_called_once()
+
+    def test_authenticate_missing_host(self, plugin):
+        """Authentication fails when host is not provided."""
+        with pytest.raises(AuthenticationError) as exc_info:
+            plugin.authenticate({})
+
+        assert "host" in str(exc_info.value).lower()
+
+    def test_authenticate_empty_host(self, plugin):
+        """Authentication fails when host is empty string."""
+        with pytest.raises(AuthenticationError):
+            plugin.authenticate({"host": ""})
+
+    def test_authenticate_connection_failure(self, plugin):
+        """Authentication fails when Docker daemon is unreachable."""
+        with patch("iac_reverse.scanner.docker_swarm_plugin.docker.DockerClient") as mock_cls:
+            mock_client = MagicMock()
+            mock_client.ping.side_effect = ConnectionError("Connection refused")
+            mock_cls.return_value = mock_client
+
+            with pytest.raises(AuthenticationError) as exc_info:
+                plugin.authenticate({"host": "tcp://unreachable:2376"})
+
+            assert "Connection refused" in str(exc_info.value)
+
+    def test_authenticate_with_tls(self, plugin):
+        """Authentication configures TLS when tls_verify and cert_path are set."""
+        with patch("iac_reverse.scanner.docker_swarm_plugin.docker.DockerClient") as mock_cls:
+            with patch("iac_reverse.scanner.docker_swarm_plugin.TLSConfig") as mock_tls:
+                mock_client = MagicMock()
+                mock_client.ping.return_value = True
+                mock_cls.return_value = mock_client
+                mock_tls_instance = MagicMock()
+                mock_tls.return_value = mock_tls_instance
+
+                plugin.authenticate({
+                    "host": "tcp://secure-host:2376",
+                    "tls_verify": "true",
+                    "cert_path": "/certs",
+                })
+
+                mock_tls.assert_called_once_with(
+                    verify=True,
+                    client_cert=("/certs/cert.pem", "/certs/key.pem"),
+                    ca_cert="/certs/ca.pem",
+                )
+                mock_cls.assert_called_once_with(
+                    base_url="tcp://secure-host:2376",
+                    tls=mock_tls_instance,
+                )
+
+
+# ---------------------------------------------------------------------------
+# Platform category and resource types
+# ---------------------------------------------------------------------------
+
+
+class TestPlatformInfo:
+    def test_get_platform_category(self, plugin):
+        """Returns CONTAINER_ORCHESTRATION category."""
+        assert plugin.get_platform_category() == PlatformCategory.CONTAINER_ORCHESTRATION
+
+    def test_list_supported_resource_types(self, plugin):
+        """Returns all five Docker Swarm resource types."""
+        types = plugin.list_supported_resource_types()
+        assert types == [
+            "docker_service",
+            "docker_network",
+            "docker_volume",
+            "docker_config",
+            "docker_secret",
+        ]
+
+    def test_list_endpoints_before_auth(self, plugin):
+        """Returns empty list before authentication."""
+        assert plugin.list_endpoints() == []
+
+    def test_list_endpoints_after_auth(self, authenticated_plugin):
+        """Returns the host URL after authentication."""
+        assert authenticated_plugin.list_endpoints() == ["tcp://localhost:2376"]
+
+
+# ---------------------------------------------------------------------------
+# Architecture detection
+# ---------------------------------------------------------------------------
+
+
+class TestDetectArchitecture:
+    def test_detect_amd64(self, authenticated_plugin, mock_docker_client):
+        """Detects AMD64 architecture from x86_64 info."""
+        mock_docker_client.info.return_value = {"Architecture": "x86_64"}
+        arch = authenticated_plugin.detect_architecture("tcp://localhost:2376")
+        assert arch == CpuArchitecture.AMD64
+
+    def test_detect_aarch64(self, authenticated_plugin, mock_docker_client):
+        """Detects AARCH64 architecture from aarch64 info."""
+        mock_docker_client.info.return_value = {"Architecture": "aarch64"}
+        arch = authenticated_plugin.detect_architecture("tcp://localhost:2376")
+        assert arch == CpuArchitecture.AARCH64
+
+    def test_detect_arm(self, authenticated_plugin, mock_docker_client):
+        """Detects ARM architecture from armv7l info."""
+        mock_docker_client.info.return_value = {"Architecture": "armv7l"}
+        arch = authenticated_plugin.detect_architecture("tcp://localhost:2376")
+        assert arch == CpuArchitecture.ARM
+
+    def test_detect_unknown_defaults_to_amd64(self, authenticated_plugin, mock_docker_client):
+        """Unknown architecture string defaults to AMD64."""
+        mock_docker_client.info.return_value = {"Architecture": "sparc"}
+        arch = authenticated_plugin.detect_architecture("tcp://localhost:2376")
+        assert arch == CpuArchitecture.AMD64
+
+    def test_detect_without_client(self, plugin):
+        """Returns AMD64 when no client is connected."""
+        arch = plugin.detect_architecture("tcp://localhost:2376")
+        assert arch == CpuArchitecture.AMD64
+
+
+# ---------------------------------------------------------------------------
+# Resource discovery
+# ---------------------------------------------------------------------------
+
+
+class TestDiscoverResources:
+    def _noop_callback(self, progress: ScanProgress) -> None:
+        pass
+
+    def test_discover_services(self, authenticated_plugin, mock_docker_client):
+        """Discovers Docker services with correct attributes."""
+        mock_service = MagicMock()
+        mock_service.attrs = {
+            "ID": "svc123",
+            "Spec": {
+                "Name": "web-app",
+                "Mode": {"Replicated": {"Replicas": 3}},
+                "Labels": {"env": "prod"},
+                "TaskTemplate": {
+                    "ContainerSpec": {
+                        "Image": "nginx:latest",
+                    },
+                    "Networks": [{"Target": "net456"}],
+                },
+            },
+        }
+        mock_docker_client.services.list.return_value = [mock_service]
+
+        result = authenticated_plugin.discover_resources(
+            endpoints=["tcp://localhost:2376"],
+            resource_types=["docker_service"],
+            progress_callback=self._noop_callback,
+        )
+
+        assert len(result.resources) == 1
+        svc = result.resources[0]
+        assert svc.resource_type == "docker_service"
+        assert svc.unique_id == "svc123"
+        assert svc.name == "web-app"
+        assert svc.provider == ProviderType.DOCKER_SWARM
+        assert svc.platform_category == PlatformCategory.CONTAINER_ORCHESTRATION
+        assert svc.attributes["image"] == "nginx:latest"
+        assert svc.attributes["replicas"] == 3
+        assert "network:net456" in svc.raw_references
+
+    def test_discover_networks(self, authenticated_plugin, mock_docker_client):
+        """Discovers Docker networks with correct attributes."""
+        mock_network = MagicMock()
+        mock_network.attrs = {
+            "Id": "net789",
+            "Name": "overlay-net",
+            "Driver": "overlay",
+            "Scope": "swarm",
+            "Attachable": True,
+            "Ingress": False,
+            "Labels": {},
+        }
+        mock_docker_client.networks.list.return_value = [mock_network]
+
+        result = authenticated_plugin.discover_resources(
+            endpoints=["tcp://localhost:2376"],
+            resource_types=["docker_network"],
+            progress_callback=self._noop_callback,
+        )
+
+        assert len(result.resources) == 1
+        net = result.resources[0]
+        assert net.resource_type == "docker_network"
+        assert net.unique_id == "net789"
+        assert net.name == "overlay-net"
+        assert net.attributes["driver"] == "overlay"
+        assert net.attributes["scope"] == "swarm"
+        assert net.attributes["attachable"] is True
+
+    def test_discover_volumes(self, authenticated_plugin, mock_docker_client):
+        """Discovers Docker volumes with correct attributes."""
+        mock_volume = MagicMock()
+        mock_volume.attrs = {
+            "Name": "data-vol",
+            "Driver": "local",
+            "Mountpoint": "/var/lib/docker/volumes/data-vol/_data",
+            "Labels": {"backup": "daily"},
+        }
+        mock_docker_client.volumes.list.return_value = [mock_volume]
+
+        result = authenticated_plugin.discover_resources(
+            endpoints=["tcp://localhost:2376"],
+            resource_types=["docker_volume"],
+            progress_callback=self._noop_callback,
+        )
+
+        assert len(result.resources) == 1
+        vol = result.resources[0]
+        assert vol.resource_type == "docker_volume"
+        assert vol.unique_id == "data-vol"
+        assert vol.name == "data-vol"
+        assert vol.attributes["driver"] == "local"
+
+    def test_discover_configs(self, authenticated_plugin, mock_docker_client):
+        """Discovers Docker configs (metadata only)."""
+        mock_config = MagicMock()
+        mock_config.attrs = {
+            "ID": "cfg001",
+            "Spec": {
+                "Name": "app-config",
+                "Labels": {"version": "2"},
+            },
+            "CreatedAt": "2024-01-01T00:00:00Z",
+            "UpdatedAt": "2024-01-02T00:00:00Z",
+        }
+        mock_docker_client.configs.list.return_value = [mock_config]
+
+        result = authenticated_plugin.discover_resources(
+            endpoints=["tcp://localhost:2376"],
+            resource_types=["docker_config"],
+            progress_callback=self._noop_callback,
+        )
+
+        assert len(result.resources) == 1
+        cfg = result.resources[0]
+        assert cfg.resource_type == "docker_config"
+        assert cfg.unique_id == "cfg001"
+        assert cfg.name == "app-config"
+        assert cfg.attributes["created_at"] == "2024-01-01T00:00:00Z"
+
+    def test_discover_secrets(self, authenticated_plugin, mock_docker_client):
+        """Discovers Docker secrets (metadata only, no secret data)."""
+        mock_secret = MagicMock()
+        mock_secret.attrs = {
+            "ID": "sec001",
+            "Spec": {
+                "Name": "db-password",
+                "Labels": {},
+            },
+            "CreatedAt": "2024-01-01T00:00:00Z",
+            "UpdatedAt": "2024-01-01T00:00:00Z",
+        }
+        mock_docker_client.secrets.list.return_value = [mock_secret]
+
+        result = authenticated_plugin.discover_resources(
+            endpoints=["tcp://localhost:2376"],
+            resource_types=["docker_secret"],
+            progress_callback=self._noop_callback,
+        )
+
+        assert len(result.resources) == 1
+        sec = result.resources[0]
+        assert sec.resource_type == "docker_secret"
+        assert sec.unique_id == "sec001"
+        assert sec.name == "db-password"
+
+    def test_discover_all_types(self, authenticated_plugin, mock_docker_client):
+        """Discovers all resource types in a single call."""
+        mock_docker_client.services.list.return_value = []
+        mock_docker_client.networks.list.return_value = []
+        mock_docker_client.volumes.list.return_value = []
+        mock_docker_client.configs.list.return_value = []
+        mock_docker_client.secrets.list.return_value = []
+
+        all_types = [
+            "docker_service",
+            "docker_network",
+            "docker_volume",
+            "docker_config",
+            "docker_secret",
+        ]
+
+        result = authenticated_plugin.discover_resources(
+            endpoints=["tcp://localhost:2376"],
+            resource_types=all_types,
+            progress_callback=self._noop_callback,
+        )
+
+        assert result.errors == []
+        assert result.warnings == []
+
+    def test_discover_reports_progress(self, authenticated_plugin, mock_docker_client):
+        """Progress callback is invoked for each resource type."""
+        progress_updates: list[ScanProgress] = []
+
+        def track_progress(p: ScanProgress):
+            progress_updates.append(p)
+
+        authenticated_plugin.discover_resources(
+            endpoints=["tcp://localhost:2376"],
+            resource_types=["docker_service", "docker_network"],
+            progress_callback=track_progress,
+        )
+
+        assert len(progress_updates) == 2
+        assert progress_updates[0].current_resource_type == "docker_service"
+        assert progress_updates[0].resource_types_completed == 1
+        assert progress_updates[0].total_resource_types == 2
+        assert progress_updates[1].current_resource_type == "docker_network"
+        assert progress_updates[1].resource_types_completed == 2
+
+    def test_discover_handles_api_error(self, authenticated_plugin, mock_docker_client):
+        """API errors are captured in the result errors list."""
+        mock_docker_client.services.list.side_effect = Exception("API timeout")
+
+        result = authenticated_plugin.discover_resources(
+            endpoints=["tcp://localhost:2376"],
+            resource_types=["docker_service"],
+            progress_callback=self._noop_callback,
+        )
+
+        assert len(result.errors) == 1
+        assert "API timeout" in result.errors[0]
+
+    def test_discover_without_authentication(self, plugin):
+        """Returns error when called without authentication."""
+        result = plugin.discover_resources(
+            endpoints=["tcp://localhost:2376"],
+            resource_types=["docker_service"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.errors) == 1
+        assert "Not authenticated" in result.errors[0]
+
+    def test_service_references_include_volumes_configs_secrets(
+        self, authenticated_plugin, mock_docker_client
+    ):
+        """Service references include network, volume, config, and secret refs."""
+        mock_service = MagicMock()
+        mock_service.attrs = {
+            "ID": "svc-ref",
+            "Spec": {
+                "Name": "full-service",
+                "Mode": {"Replicated": {"Replicas": 1}},
+                "Labels": {},
+                "TaskTemplate": {
+                    "ContainerSpec": {
+                        "Image": "app:v1",
+                        "Mounts": [{"Source": "data-vol"}],
+                        "Configs": [{"ConfigID": "cfg-abc"}],
+                        "Secrets": [{"SecretID": "sec-xyz"}],
+                    },
+                    "Networks": [{"Target": "net-123"}],
+                },
+            },
+        }
+        mock_docker_client.services.list.return_value = [mock_service]
+
+        result = authenticated_plugin.discover_resources(
+            endpoints=["tcp://localhost:2376"],
+            resource_types=["docker_service"],
+            progress_callback=self._noop_callback,
+        )
+
+        refs = result.resources[0].raw_references
+        assert "network:net-123" in refs
+        assert "volume:data-vol" in refs
+        assert "config:cfg-abc" in refs
+        assert "secret:sec-xyz" in refs
diff --git a/tests/unit/test_harvester_plugin.py b/tests/unit/test_harvester_plugin.py
new file mode 100644
index 0000000..1ada318
--- /dev/null
+++ b/tests/unit/test_harvester_plugin.py
@@ -0,0 +1,569 @@
+"""Unit tests for the HarvesterPlugin provider plugin."""
+
+from unittest.mock import MagicMock, patch
+
+import pytest
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    PlatformCategory,
+    ProviderType,
+    ScanProgress,
+)
+from iac_reverse.scanner.harvester_plugin import HarvesterPlugin
+
+
+# Patch targets for kubernetes client classes
+PATCH_NEW_CLIENT = "iac_reverse.scanner.harvester_plugin.config.new_client_from_config"
+PATCH_CUSTOM_API = "iac_reverse.scanner.harvester_plugin.client.CustomObjectsApi"
+PATCH_CORE_API = "iac_reverse.scanner.harvester_plugin.client.CoreV1Api"
+
+
+class TestHarvesterPluginAuthentication:
+    """Tests for HarvesterPlugin.authenticate()."""
+
+    @patch(PATCH_CORE_API)
+    @patch(PATCH_CUSTOM_API)
+    @patch(PATCH_NEW_CLIENT)
+    def test_authenticate_with_kubeconfig_path(
+        self, mock_new_client, mock_custom_cls, mock_core_cls
+    ):
+        """Authenticate loads kubeconfig from the provided path."""
+        mock_api_client = MagicMock()
+        mock_new_client.return_value = mock_api_client
+
+        plugin = HarvesterPlugin()
+        plugin.authenticate({"kubeconfig_path": "/path/to/kubeconfig"})
+
+        mock_new_client.assert_called_once_with(
+            config_file="/path/to/kubeconfig",
+            context=None,
+        )
+        assert plugin._api_client is mock_api_client
+
+    @patch(PATCH_CORE_API)
+    @patch(PATCH_CUSTOM_API)
+    @patch(PATCH_NEW_CLIENT)
+    def test_authenticate_with_context(
+        self, mock_new_client, mock_custom_cls, mock_core_cls
+    ):
+        """Authenticate uses the optional context parameter."""
+        mock_api_client = MagicMock()
+        mock_new_client.return_value = mock_api_client
+
+        plugin = HarvesterPlugin()
+        plugin.authenticate({
+            "kubeconfig_path": "/path/to/kubeconfig",
+            "context": "harvester-cluster",
+        })
+
+        mock_new_client.assert_called_once_with(
+            config_file="/path/to/kubeconfig",
+            context="harvester-cluster",
+        )
+
+    def test_authenticate_missing_kubeconfig_path(self):
+        """Authenticate raises AuthenticationError when kubeconfig_path is missing."""
+        from iac_reverse.scanner import AuthenticationError
+
+        plugin = HarvesterPlugin()
+        with pytest.raises(AuthenticationError) as exc_info:
+            plugin.authenticate({})
+
+        assert "kubeconfig_path" in str(exc_info.value)
+        assert "harvester" in str(exc_info.value)
+
+    @patch(PATCH_NEW_CLIENT)
+    def test_authenticate_invalid_kubeconfig(self, mock_new_client):
+        """Authenticate raises AuthenticationError when kubeconfig is invalid."""
+        from iac_reverse.scanner import AuthenticationError
+
+        mock_new_client.side_effect = Exception("Invalid kubeconfig format")
+
+        plugin = HarvesterPlugin()
+        with pytest.raises(AuthenticationError) as exc_info:
+            plugin.authenticate({"kubeconfig_path": "/bad/path"})
+
+        assert "Failed to load kubeconfig" in str(exc_info.value)
+
+
+class TestHarvesterPluginMetadata:
+    """Tests for HarvesterPlugin metadata methods."""
+
+    def test_get_platform_category(self):
+        """get_platform_category returns HCI."""
+        plugin = HarvesterPlugin()
+        assert plugin.get_platform_category() == PlatformCategory.HCI
+
+    def test_list_supported_resource_types(self):
+        """list_supported_resource_types returns all Harvester resource types."""
+        plugin = HarvesterPlugin()
+        types = plugin.list_supported_resource_types()
+
+        assert types == [
+            "harvester_virtualmachine",
+            "harvester_volume",
+            "harvester_image",
+            "harvester_network",
+        ]
+
+    def test_list_endpoints_unauthenticated(self):
+        """list_endpoints returns empty list when not authenticated."""
+        plugin = HarvesterPlugin()
+        assert plugin.list_endpoints() == []
+
+    @patch(PATCH_CORE_API)
+    @patch(PATCH_CUSTOM_API)
+    @patch(PATCH_NEW_CLIENT)
+    def test_list_endpoints_authenticated(
+        self, mock_new_client, mock_custom_cls, mock_core_cls
+    ):
+        """list_endpoints returns the cluster API server URL."""
+        mock_api_client = MagicMock()
+        mock_api_client.configuration.host = "https://harvester.local:6443"
+        mock_new_client.return_value = mock_api_client
+
+        plugin = HarvesterPlugin()
+        plugin.authenticate({"kubeconfig_path": "/path/to/kubeconfig"})
+
+        endpoints = plugin.list_endpoints()
+        assert endpoints == ["https://harvester.local:6443"]
+
+
+class TestHarvesterPluginDetectArchitecture:
+    """Tests for HarvesterPlugin.detect_architecture()."""
+
+    def test_detect_architecture_unauthenticated(self):
+        """detect_architecture returns AMD64 when not authenticated."""
+        plugin = HarvesterPlugin()
+        arch = plugin.detect_architecture("https://harvester.local:6443")
+        assert arch == CpuArchitecture.AMD64
+
+    @patch(PATCH_CORE_API)
+    @patch(PATCH_CUSTOM_API)
+    @patch(PATCH_NEW_CLIENT)
+    def test_detect_architecture_amd64(
+        self, mock_new_client, mock_custom_cls, mock_core_cls
+    ):
+        """detect_architecture returns AMD64 for amd64 nodes."""
+        mock_api_client = MagicMock()
+        mock_new_client.return_value = mock_api_client
+
+        mock_core_instance = MagicMock()
+        mock_core_cls.return_value = mock_core_instance
+
+        plugin = HarvesterPlugin()
+        plugin.authenticate({"kubeconfig_path": "/path/to/kubeconfig"})
+
+        # Mock node list response
+        mock_node = MagicMock()
+        mock_node.status.node_info.architecture = "amd64"
+        mock_core_instance.list_node.return_value = MagicMock(items=[mock_node])
+
+        arch = plugin.detect_architecture("https://harvester.local:6443")
+        assert arch == CpuArchitecture.AMD64
+
+    @patch(PATCH_CORE_API)
+    @patch(PATCH_CUSTOM_API)
+    @patch(PATCH_NEW_CLIENT)
+    def test_detect_architecture_arm64(
+        self, mock_new_client, mock_custom_cls, mock_core_cls
+    ):
+        """detect_architecture returns AARCH64 for arm64 nodes."""
+        mock_api_client = MagicMock()
+        mock_new_client.return_value = mock_api_client
+
+        mock_core_instance = MagicMock()
+        mock_core_cls.return_value = mock_core_instance
+
+        plugin = HarvesterPlugin()
+        plugin.authenticate({"kubeconfig_path": "/path/to/kubeconfig"})
+
+        mock_node = MagicMock()
+        mock_node.status.node_info.architecture = "arm64"
+        mock_core_instance.list_node.return_value = MagicMock(items=[mock_node])
+
+        arch = plugin.detect_architecture("https://harvester.local:6443")
+        assert arch == CpuArchitecture.AARCH64
+
+    @patch(PATCH_CORE_API)
+    @patch(PATCH_CUSTOM_API)
+    @patch(PATCH_NEW_CLIENT)
+    def test_detect_architecture_arm(
+        self, mock_new_client, mock_custom_cls, mock_core_cls
+    ):
+        """detect_architecture returns ARM for arm nodes."""
+        mock_api_client = MagicMock()
+        mock_new_client.return_value = mock_api_client
+
+        mock_core_instance = MagicMock()
+        mock_core_cls.return_value = mock_core_instance
+
+        plugin = HarvesterPlugin()
+        plugin.authenticate({"kubeconfig_path": "/path/to/kubeconfig"})
+
+        mock_node = MagicMock()
+        mock_node.status.node_info.architecture = "arm"
+        mock_core_instance.list_node.return_value = MagicMock(items=[mock_node])
+
+        arch = plugin.detect_architecture("https://harvester.local:6443")
+        assert arch == CpuArchitecture.ARM
+
+    @patch(PATCH_CORE_API)
+    @patch(PATCH_CUSTOM_API)
+    @patch(PATCH_NEW_CLIENT)
+    def test_detect_architecture_api_error_defaults_amd64(
+        self, mock_new_client, mock_custom_cls, mock_core_cls
+    ):
+        """detect_architecture defaults to AMD64 on API errors."""
+        from kubernetes.client.rest import ApiException
+
+        mock_api_client = MagicMock()
+        mock_new_client.return_value = mock_api_client
+
+        mock_core_instance = MagicMock()
+        mock_core_cls.return_value = mock_core_instance
+
+        plugin = HarvesterPlugin()
+        plugin.authenticate({"kubeconfig_path": "/path/to/kubeconfig"})
+
+        mock_core_instance.list_node.side_effect = ApiException(status=403)
+
+        arch = plugin.detect_architecture("https://harvester.local:6443")
+        assert arch == CpuArchitecture.AMD64
+
+
+def _make_authenticated_plugin():
+    """Create an authenticated plugin with mocked APIs.
+
+    Returns (plugin, mock_custom_api, mock_core_api) tuple.
+    """
+    with patch(PATCH_NEW_CLIENT) as mock_new_client, \
+         patch(PATCH_CUSTOM_API) as mock_custom_cls, \
+         patch(PATCH_CORE_API) as mock_core_cls:
+
+        mock_api_client = MagicMock()
+        mock_api_client.configuration.host = "https://harvester.local:6443"
+        mock_new_client.return_value = mock_api_client
+
+        mock_custom_instance = MagicMock()
+        mock_custom_cls.return_value = mock_custom_instance
+
+        mock_core_instance = MagicMock()
+        mock_core_cls.return_value = mock_core_instance
+
+        plugin = HarvesterPlugin()
+        plugin.authenticate({"kubeconfig_path": "/path/to/kubeconfig"})
+
+        # Mock node for architecture detection
+        mock_node = MagicMock()
+        mock_node.status.node_info.architecture = "amd64"
+        mock_core_instance.list_node.return_value = MagicMock(items=[mock_node])
+
+    return plugin, mock_custom_instance, mock_core_instance
+
+
+class TestHarvesterPluginDiscoverResources:
+    """Tests for HarvesterPlugin.discover_resources()."""
+
+    def test_discover_vms(self):
+        """discover_resources discovers virtual machines."""
+        plugin, mock_custom_api, _ = _make_authenticated_plugin()
+
+        mock_custom_api.list_cluster_custom_object.return_value = {
+            "items": [
+                {
+                    "metadata": {
+                        "name": "test-vm",
+                        "namespace": "default",
+                        "uid": "vm-uid-123",
+                        "labels": {"app": "web"},
+                        "annotations": {},
+                    },
+                    "spec": {
+                        "running": True,
+                        "template": {
+                            "spec": {
+                                "volumes": [
+                                    {"dataVolume": {"name": "test-disk"}},
+                                ],
+                                "networks": [
+                                    {"multus": {"networkName": "vlan100"}},
+                                ],
+                            }
+                        },
+                    },
+                }
+            ]
+        }
+
+        progress_updates = []
+        result = plugin.discover_resources(
+            endpoints=["https://harvester.local:6443"],
+            resource_types=["harvester_virtualmachine"],
+            progress_callback=lambda p: progress_updates.append(p),
+        )
+
+        assert len(result.resources) == 1
+        vm = result.resources[0]
+        assert vm.resource_type == "harvester_virtualmachine"
+        assert vm.name == "test-vm"
+        assert vm.unique_id == "vm-uid-123"
+        assert vm.provider == ProviderType.HARVESTER
+        assert vm.platform_category == PlatformCategory.HCI
+        assert vm.architecture == CpuArchitecture.AMD64
+        assert vm.attributes["running"] is True
+        assert "volume:test-disk" in vm.raw_references
+        assert "network:vlan100" in vm.raw_references
+
+    def test_discover_volumes(self):
+        """discover_resources discovers data volumes."""
+        plugin, mock_custom_api, _ = _make_authenticated_plugin()
+
+        mock_custom_api.list_cluster_custom_object.return_value = {
+            "items": [
+                {
+                    "metadata": {
+                        "name": "test-disk",
+                        "namespace": "default",
+                        "uid": "vol-uid-456",
+                        "labels": {},
+                    },
+                    "spec": {
+                        "source": {"http": {"url": "https://images.example.com/disk.img"}},
+                        "pvc": {"accessModes": ["ReadWriteOnce"], "resources": {"requests": {"storage": "10Gi"}}},
+                    },
+                }
+            ]
+        }
+
+        result = plugin.discover_resources(
+            endpoints=["https://harvester.local:6443"],
+            resource_types=["harvester_volume"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.resources) == 1
+        vol = result.resources[0]
+        assert vol.resource_type == "harvester_volume"
+        assert vol.name == "test-disk"
+        assert vol.unique_id == "vol-uid-456"
+
+    def test_discover_images(self):
+        """discover_resources discovers VM images."""
+        plugin, mock_custom_api, _ = _make_authenticated_plugin()
+
+        mock_custom_api.list_cluster_custom_object.return_value = {
+            "items": [
+                {
+                    "metadata": {
+                        "name": "ubuntu-22.04",
+                        "namespace": "default",
+                        "uid": "img-uid-789",
+                        "labels": {"os": "linux"},
+                    },
+                    "spec": {
+                        "displayName": "Ubuntu 22.04 LTS",
+                        "url": "https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img",
+                    },
+                }
+            ]
+        }
+
+        result = plugin.discover_resources(
+            endpoints=["https://harvester.local:6443"],
+            resource_types=["harvester_image"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.resources) == 1
+        img = result.resources[0]
+        assert img.resource_type == "harvester_image"
+        assert img.name == "ubuntu-22.04"
+        assert img.attributes["display_name"] == "Ubuntu 22.04 LTS"
+        assert "ubuntu.com" in img.attributes["url"]
+
+    def test_discover_networks(self):
+        """discover_resources discovers network attachment definitions."""
+        plugin, mock_custom_api, _ = _make_authenticated_plugin()
+
+        mock_custom_api.list_cluster_custom_object.return_value = {
+            "items": [
+                {
+                    "metadata": {
+                        "name": "vlan100",
+                        "namespace": "default",
+                        "uid": "net-uid-abc",
+                        "labels": {},
+                    },
+                    "spec": {
+                        "config": '{"cniVersion":"0.3.1","name":"vlan100","type":"bridge"}',
+                    },
+                }
+            ]
+        }
+
+        result = plugin.discover_resources(
+            endpoints=["https://harvester.local:6443"],
+            resource_types=["harvester_network"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.resources) == 1
+        net = result.resources[0]
+        assert net.resource_type == "harvester_network"
+        assert net.name == "vlan100"
+        assert "vlan100" in net.attributes["config"]
+
+    def test_discover_multiple_resource_types(self):
+        """discover_resources handles multiple resource types in one call."""
+        plugin, mock_custom_api, _ = _make_authenticated_plugin()
+
+        # Return different items based on the CRD being queried
+        def mock_list_custom_object(group, version, plural):
+            if plural == "virtualmachines":
+                return {"items": [{"metadata": {"name": "vm1", "namespace": "default", "uid": "uid-1", "labels": {}, "annotations": {}}, "spec": {"running": True, "template": {"spec": {}}}}]}
+            elif plural == "network-attachment-definitions":
+                return {"items": [{"metadata": {"name": "net1", "namespace": "default", "uid": "uid-2", "labels": {}}, "spec": {"config": "{}"}}]}
+            return {"items": []}
+
+        mock_custom_api.list_cluster_custom_object.side_effect = mock_list_custom_object
+
+        result = plugin.discover_resources(
+            endpoints=["https://harvester.local:6443"],
+            resource_types=["harvester_virtualmachine", "harvester_network"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.resources) == 2
+        types = {r.resource_type for r in result.resources}
+        assert types == {"harvester_virtualmachine", "harvester_network"}
+
+    def test_discover_resources_api_error(self):
+        """discover_resources records errors when API calls fail."""
+        from kubernetes.client.rest import ApiException
+
+        plugin, mock_custom_api, _ = _make_authenticated_plugin()
+        mock_custom_api.list_cluster_custom_object.side_effect = ApiException(
+            status=403, reason="Forbidden"
+        )
+
+        result = plugin.discover_resources(
+            endpoints=["https://harvester.local:6443"],
+            resource_types=["harvester_virtualmachine"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.resources) == 0
+        assert len(result.errors) == 1
+        assert "403" in result.errors[0]
+
+    def test_discover_resources_progress_callback(self):
+        """discover_resources invokes progress_callback correctly."""
+        plugin, mock_custom_api, _ = _make_authenticated_plugin()
+        mock_custom_api.list_cluster_custom_object.return_value = {"items": []}
+
+        progress_updates: list[ScanProgress] = []
+
+        result = plugin.discover_resources(
+            endpoints=["https://harvester.local:6443"],
+            resource_types=["harvester_virtualmachine", "harvester_volume"],
+            progress_callback=lambda p: progress_updates.append(p),
+        )
+
+        # Should have progress updates: one per resource type + final
+        assert len(progress_updates) == 3
+        assert progress_updates[0].current_resource_type == "harvester_virtualmachine"
+        assert progress_updates[0].total_resource_types == 2
+        assert progress_updates[-1].resource_types_completed == 2
+
+    def test_discover_resources_unknown_type_warning(self):
+        """discover_resources warns about unknown resource types."""
+        plugin, mock_custom_api, _ = _make_authenticated_plugin()
+
+        result = plugin.discover_resources(
+            endpoints=["https://harvester.local:6443"],
+            resource_types=["harvester_unknown"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.warnings) == 1
+        assert "Unknown resource type" in result.warnings[0]
+
+
+class TestHarvesterPluginVMReferences:
+    """Tests for VM reference extraction."""
+
+    def test_extract_vm_references_data_volume(self):
+        """Extracts dataVolume references from VM spec."""
+        spec = {
+            "template": {
+                "spec": {
+                    "volumes": [
+                        {"dataVolume": {"name": "my-disk"}},
+                    ],
+                    "networks": [],
+                }
+            }
+        }
+        refs = HarvesterPlugin._extract_vm_references(spec)
+        assert refs == ["volume:my-disk"]
+
+    def test_extract_vm_references_pvc(self):
+        """Extracts persistentVolumeClaim references from VM spec."""
+        spec = {
+            "template": {
+                "spec": {
+                    "volumes": [
+                        {"persistentVolumeClaim": {"claimName": "my-pvc"}},
+                    ],
+                    "networks": [],
+                }
+            }
+        }
+        refs = HarvesterPlugin._extract_vm_references(spec)
+        assert refs == ["volume:my-pvc"]
+
+    def test_extract_vm_references_multus_network(self):
+        """Extracts multus network references from VM spec."""
+        spec = {
+            "template": {
+                "spec": {
+                    "volumes": [],
+                    "networks": [
+                        {"multus": {"networkName": "vlan200"}},
+                    ],
+                }
+            }
+        }
+        refs = HarvesterPlugin._extract_vm_references(spec)
+        assert refs == ["network:vlan200"]
+
+    def test_extract_vm_references_empty_spec(self):
+        """Returns empty list for empty spec."""
+        refs = HarvesterPlugin._extract_vm_references({})
+        assert refs == []
+
+    def test_extract_vm_references_mixed(self):
+        """Extracts both volume and network references."""
+        spec = {
+            "template": {
+                "spec": {
+                    "volumes": [
+                        {"dataVolume": {"name": "disk-1"}},
+                        {"persistentVolumeClaim": {"claimName": "pvc-1"}},
+                    ],
+                    "networks": [
+                        {"multus": {"networkName": "mgmt-net"}},
+                        {"multus": {"networkName": "data-net"}},
+                    ],
+                }
+            }
+        }
+        refs = HarvesterPlugin._extract_vm_references(spec)
+        assert refs == [
+            "volume:disk-1",
+            "volume:pvc-1",
+            "network:mgmt-net",
+            "network:data-net",
+        ]
diff --git a/tests/unit/test_incremental_updater.py b/tests/unit/test_incremental_updater.py
new file mode 100644
index 0000000..ea96f9d
--- /dev/null
+++ b/tests/unit/test_incremental_updater.py
@@ -0,0 +1,513 @@
+"""Unit tests for the IncrementalUpdater class."""
+
+import json
+from pathlib import Path
+
+import pytest
+
+from iac_reverse.incremental.incremental_updater import IncrementalUpdater
+from iac_reverse.models import ChangeSummary, ChangeType, ResourceChange
+
+
+def _make_change(
+    resource_id: str = "res-1",
+    resource_type: str = "kubernetes_deployment",
+    resource_name: str = "nginx",
+    change_type: ChangeType = ChangeType.ADDED,
+    changed_attributes: dict | None = None,
+) -> ResourceChange:
+    """Create a ResourceChange for testing."""
+    return ResourceChange(
+        resource_id=resource_id,
+        resource_type=resource_type,
+        resource_name=resource_name,
+        change_type=change_type,
+        changed_attributes=changed_attributes,
+    )
+
+
+def _make_summary(changes: list[ResourceChange]) -> ChangeSummary:
+    """Create a ChangeSummary from a list of changes."""
+    added = sum(1 for c in changes if c.change_type == ChangeType.ADDED)
+    removed = sum(1 for c in changes if c.change_type == ChangeType.REMOVED)
+    modified = sum(1 for c in changes if c.change_type == ChangeType.MODIFIED)
+    return ChangeSummary(
+        added_count=added,
+        removed_count=removed,
+        modified_count=modified,
+        changes=changes,
+    )
+
+
+def _write_tf_file(output_dir: Path, resource_type: str, content: str) -> Path:
+    """Write a .tf file to the output directory."""
+    tf_file = output_dir / f"{resource_type}.tf"
+    tf_file.write_text(content, encoding="utf-8")
+    return tf_file
+
+
+def _write_state_file(output_dir: Path, resources: list[dict]) -> Path:
+    """Write a terraform.tfstate file to the output directory."""
+    state = {
+        "version": 4,
+        "terraform_version": "1.7.0",
+        "serial": 1,
+        "lineage": "test-lineage-uuid",
+        "outputs": {},
+        "resources": resources,
+    }
+    state_file = output_dir / "terraform.tfstate"
+    state_file.write_text(json.dumps(state, indent=2), encoding="utf-8")
+    return state_file
+
+
+class TestAddedResource:
+    """Tests for adding new resource blocks."""
+
+    def test_added_resource_creates_block_in_correct_file(
+        self, tmp_path: Path
+    ) -> None:
+        """An ADDED resource creates a new block in the resource type .tf file."""
+        change = _make_change(
+            resource_id="apps/v1/deployments/default/nginx",
+            resource_type="kubernetes_deployment",
+            resource_name="nginx",
+            change_type=ChangeType.ADDED,
+        )
+        summary = _make_summary([change])
+        attributes = {
+            "apps/v1/deployments/default/nginx": {
+                "namespace": "default",
+                "replicas": 3,
+            }
+        }
+
+        updater = IncrementalUpdater(summary, str(tmp_path), attributes)
+        updater.apply()
+
+        tf_file = tmp_path / "kubernetes_deployment.tf"
+        assert tf_file.exists()
+        content = tf_file.read_text(encoding="utf-8")
+        assert 'resource "kubernetes_deployment" "nginx"' in content
+        assert "namespace" in content
+        assert "replicas" in content
+        assert "# Source: apps/v1/deployments/default/nginx" in content
+
+    def test_added_resource_appends_to_existing_file(
+        self, tmp_path: Path
+    ) -> None:
+        """An ADDED resource appends to an existing .tf file without overwriting."""
+        existing_content = (
+            '# Source: existing-id\n'
+            'resource "kubernetes_deployment" "existing" {\n'
+            '  replicas = 1\n'
+            '}\n'
+        )
+        _write_tf_file(tmp_path, "kubernetes_deployment", existing_content)
+
+        change = _make_change(
+            resource_id="new-id",
+            resource_type="kubernetes_deployment",
+            resource_name="new-service",
+            change_type=ChangeType.ADDED,
+        )
+        summary = _make_summary([change])
+        attributes = {"new-id": {"replicas": 2}}
+
+        updater = IncrementalUpdater(summary, str(tmp_path), attributes)
+        updater.apply()
+
+        tf_file = tmp_path / "kubernetes_deployment.tf"
+        content = tf_file.read_text(encoding="utf-8")
+        # Both resources should be present
+        assert 'resource "kubernetes_deployment" "existing"' in content
+        assert 'resource "kubernetes_deployment" "new_service"' in content
+
+    def test_added_resource_creates_file_if_not_exists(
+        self, tmp_path: Path
+    ) -> None:
+        """An ADDED resource creates the .tf file if it doesn't exist."""
+        change = _make_change(
+            resource_id="svc-1",
+            resource_type="docker_service",
+            resource_name="my-app",
+            change_type=ChangeType.ADDED,
+        )
+        summary = _make_summary([change])
+        attributes = {"svc-1": {"image": "nginx:latest"}}
+
+        updater = IncrementalUpdater(summary, str(tmp_path), attributes)
+        updater.apply()
+
+        tf_file = tmp_path / "docker_service.tf"
+        assert tf_file.exists()
+        content = tf_file.read_text(encoding="utf-8")
+        assert 'resource "docker_service" "my_app"' in content
+
+
+class TestRemovedResource:
+    """Tests for removing resource blocks."""
+
+    def test_removed_resource_removes_block_from_file(
+        self, tmp_path: Path
+    ) -> None:
+        """A REMOVED resource removes its block from the .tf file."""
+        content = (
+            '# Source: res-1\n'
+            'resource "kubernetes_deployment" "nginx" {\n'
+            '  replicas = 3\n'
+            '}\n'
+            '\n'
+            '# Source: res-2\n'
+            'resource "kubernetes_deployment" "redis" {\n'
+            '  replicas = 1\n'
+            '}\n'
+        )
+        _write_tf_file(tmp_path, "kubernetes_deployment", content)
+
+        change = _make_change(
+            resource_id="res-1",
+            resource_type="kubernetes_deployment",
+            resource_name="nginx",
+            change_type=ChangeType.REMOVED,
+        )
+        summary = _make_summary([change])
+
+        updater = IncrementalUpdater(summary, str(tmp_path))
+        updater.apply()
+
+        tf_file = tmp_path / "kubernetes_deployment.tf"
+        result = tf_file.read_text(encoding="utf-8")
+        assert "nginx" not in result
+        assert 'resource "kubernetes_deployment" "redis"' in result
+
+    def test_removed_resource_updates_state_file(
+        self, tmp_path: Path
+    ) -> None:
+        """A REMOVED resource removes its entry from the state file."""
+        state_resources = [
+            {
+                "mode": "managed",
+                "type": "kubernetes_deployment",
+                "name": "nginx",
+                "provider": 'provider["registry.terraform.io/hashicorp/kubernetes"]',
+                "instances": [
+                    {
+                        "schema_version": 1,
+                        "attributes": {"id": "res-1", "replicas": 3},
+                        "sensitive_attributes": [],
+                        "dependencies": [],
+                    }
+                ],
+            },
+            {
+                "mode": "managed",
+                "type": "kubernetes_deployment",
+                "name": "redis",
+                "provider": 'provider["registry.terraform.io/hashicorp/kubernetes"]',
+                "instances": [
+                    {
+                        "schema_version": 1,
+                        "attributes": {"id": "res-2", "replicas": 1},
+                        "sensitive_attributes": [],
+                        "dependencies": [],
+                    }
+                ],
+            },
+        ]
+        _write_state_file(tmp_path, state_resources)
+
+        # Also write the .tf file so the removal can proceed
+        tf_content = (
+            '# Source: res-1\n'
+            'resource "kubernetes_deployment" "nginx" {\n'
+            '  replicas = 3\n'
+            '}\n'
+        )
+        _write_tf_file(tmp_path, "kubernetes_deployment", tf_content)
+
+        change = _make_change(
+            resource_id="res-1",
+            resource_type="kubernetes_deployment",
+            resource_name="nginx",
+            change_type=ChangeType.REMOVED,
+        )
+        summary = _make_summary([change])
+
+        updater = IncrementalUpdater(summary, str(tmp_path))
+        updater.apply()
+
+        state_file = tmp_path / "terraform.tfstate"
+        state = json.loads(state_file.read_text(encoding="utf-8"))
+        # Only redis should remain
+        assert len(state["resources"]) == 1
+        assert state["resources"][0]["name"] == "redis"
+        # Serial should be incremented
+        assert state["serial"] == 2
+
+
+class TestModifiedResource:
+    """Tests for updating resource blocks."""
+
+    def test_modified_resource_updates_block_in_file(
+        self, tmp_path: Path
+    ) -> None:
+        """A MODIFIED resource updates the attribute values in the .tf file."""
+        content = (
+            '# Source: res-1\n'
+            'resource "kubernetes_deployment" "nginx" {\n'
+            '  replicas = 3\n'
+            '  image = "nginx:1.24"\n'
+            '}\n'
+        )
+        _write_tf_file(tmp_path, "kubernetes_deployment", content)
+
+        change = _make_change(
+            resource_id="res-1",
+            resource_type="kubernetes_deployment",
+            resource_name="nginx",
+            change_type=ChangeType.MODIFIED,
+            changed_attributes={
+                "replicas": {"old": 3, "new": 5},
+            },
+        )
+        summary = _make_summary([change])
+
+        updater = IncrementalUpdater(summary, str(tmp_path))
+        updater.apply()
+
+        tf_file = tmp_path / "kubernetes_deployment.tf"
+        result = tf_file.read_text(encoding="utf-8")
+        assert "replicas = 5" in result
+        assert "replicas = 3" not in result
+        # Unchanged attribute should remain
+        assert 'image = "nginx:1.24"' in result
+
+    def test_modified_resource_adds_new_attribute(
+        self, tmp_path: Path
+    ) -> None:
+        """A MODIFIED resource with a new attribute adds it to the block."""
+        content = (
+            '# Source: res-1\n'
+            'resource "kubernetes_deployment" "nginx" {\n'
+            '  replicas = 3\n'
+            '}\n'
+        )
+        _write_tf_file(tmp_path, "kubernetes_deployment", content)
+
+        change = _make_change(
+            resource_id="res-1",
+            resource_type="kubernetes_deployment",
+            resource_name="nginx",
+            change_type=ChangeType.MODIFIED,
+            changed_attributes={
+                "image": {"old": None, "new": "nginx:1.25"},
+            },
+        )
+        summary = _make_summary([change])
+
+        updater = IncrementalUpdater(summary, str(tmp_path))
+        updater.apply()
+
+        tf_file = tmp_path / "kubernetes_deployment.tf"
+        result = tf_file.read_text(encoding="utf-8")
+        assert '"nginx:1.25"' in result
+        assert "replicas = 3" in result
+
+    def test_modified_resource_removes_attribute(
+        self, tmp_path: Path
+    ) -> None:
+        """A MODIFIED resource with a removed attribute removes the line."""
+        content = (
+            '# Source: res-1\n'
+            'resource "kubernetes_deployment" "nginx" {\n'
+            '  replicas = 3\n'
+            '  image = "nginx:1.24"\n'
+            '}\n'
+        )
+        _write_tf_file(tmp_path, "kubernetes_deployment", content)
+
+        change = _make_change(
+            resource_id="res-1",
+            resource_type="kubernetes_deployment",
+            resource_name="nginx",
+            change_type=ChangeType.MODIFIED,
+            changed_attributes={
+                "image": {"old": "nginx:1.24", "new": None},
+            },
+        )
+        summary = _make_summary([change])
+
+        updater = IncrementalUpdater(summary, str(tmp_path))
+        updater.apply()
+
+        tf_file = tmp_path / "kubernetes_deployment.tf"
+        result = tf_file.read_text(encoding="utf-8")
+        assert "image" not in result
+        assert "replicas = 3" in result
+
+
+class TestOnlyAffectedFilesModified:
+    """Tests that only files with changed resources are modified."""
+
+    def test_unrelated_files_are_not_modified(self, tmp_path: Path) -> None:
+        """Files for resource types without changes are not touched."""
+        # Write two .tf files
+        k8s_content = (
+            '# Source: res-1\n'
+            'resource "kubernetes_deployment" "nginx" {\n'
+            '  replicas = 3\n'
+            '}\n'
+        )
+        docker_content = (
+            '# Source: svc-1\n'
+            'resource "docker_service" "app" {\n'
+            '  image = "app:latest"\n'
+            '}\n'
+        )
+        _write_tf_file(tmp_path, "kubernetes_deployment", k8s_content)
+        docker_file = _write_tf_file(tmp_path, "docker_service", docker_content)
+
+        # Record the modification time of the docker file
+        docker_mtime_before = docker_file.stat().st_mtime
+
+        # Only change the kubernetes resource
+        change = _make_change(
+            resource_id="res-1",
+            resource_type="kubernetes_deployment",
+            resource_name="nginx",
+            change_type=ChangeType.MODIFIED,
+            changed_attributes={"replicas": {"old": 3, "new": 5}},
+        )
+        summary = _make_summary([change])
+
+        updater = IncrementalUpdater(summary, str(tmp_path))
+        updater.apply()
+
+        # Docker file should not be in modified_files
+        assert str(docker_file) not in updater.modified_files
+        # Kubernetes file should be in modified_files
+        k8s_file = tmp_path / "kubernetes_deployment.tf"
+        assert str(k8s_file) in updater.modified_files
+
+    def test_modified_files_tracks_only_changed(self, tmp_path: Path) -> None:
+        """The modified_files property only contains files that were changed."""
+        content = (
+            '# Source: res-1\n'
+            'resource "kubernetes_deployment" "nginx" {\n'
+            '  replicas = 3\n'
+            '}\n'
+        )
+        _write_tf_file(tmp_path, "kubernetes_deployment", content)
+
+        change = _make_change(
+            resource_id="new-id",
+            resource_type="docker_service",
+            resource_name="new-svc",
+            change_type=ChangeType.ADDED,
+        )
+        summary = _make_summary([change])
+        attributes = {"new-id": {"image": "app:1.0"}}
+
+        updater = IncrementalUpdater(summary, str(tmp_path), attributes)
+        updater.apply()
+
+        # Only docker_service.tf should be modified
+        modified = updater.modified_files
+        assert any("docker_service.tf" in f for f in modified)
+        assert not any("kubernetes_deployment.tf" in f for f in modified)
+
+
+class TestStateFileUpdatedForRemovedResources:
+    """Tests that state file is properly updated when resources are removed."""
+
+    def test_state_entry_removed_for_removed_resource(
+        self, tmp_path: Path
+    ) -> None:
+        """Removing a resource also removes its state entry."""
+        state_resources = [
+            {
+                "mode": "managed",
+                "type": "docker_service",
+                "name": "my_app",
+                "provider": 'provider["registry.terraform.io/hashicorp/docker"]',
+                "instances": [
+                    {
+                        "schema_version": 0,
+                        "attributes": {"id": "svc-1", "image": "app:1.0"},
+                        "sensitive_attributes": [],
+                        "dependencies": [],
+                    }
+                ],
+            }
+        ]
+        _write_state_file(tmp_path, state_resources)
+
+        tf_content = (
+            '# Source: svc-1\n'
+            'resource "docker_service" "my_app" {\n'
+            '  image = "app:1.0"\n'
+            '}\n'
+        )
+        _write_tf_file(tmp_path, "docker_service", tf_content)
+
+        change = _make_change(
+            resource_id="svc-1",
+            resource_type="docker_service",
+            resource_name="my-app",
+            change_type=ChangeType.REMOVED,
+        )
+        summary = _make_summary([change])
+
+        updater = IncrementalUpdater(summary, str(tmp_path))
+        updater.apply()
+
+        state_file = tmp_path / "terraform.tfstate"
+        state = json.loads(state_file.read_text(encoding="utf-8"))
+        assert len(state["resources"]) == 0
+        assert state["serial"] == 2
+
+    def test_state_file_not_modified_when_no_removals(
+        self, tmp_path: Path
+    ) -> None:
+        """State file is not modified when there are no REMOVED changes."""
+        state_resources = [
+            {
+                "mode": "managed",
+                "type": "kubernetes_deployment",
+                "name": "nginx",
+                "provider": 'provider["registry.terraform.io/hashicorp/kubernetes"]',
+                "instances": [
+                    {
+                        "schema_version": 1,
+                        "attributes": {"id": "res-1"},
+                        "sensitive_attributes": [],
+                        "dependencies": [],
+                    }
+                ],
+            }
+        ]
+        _write_state_file(tmp_path, state_resources)
+
+        # Only an ADDED change (no removal)
+        change = _make_change(
+            resource_id="new-id",
+            resource_type="docker_service",
+            resource_name="new-svc",
+            change_type=ChangeType.ADDED,
+        )
+        summary = _make_summary([change])
+        attributes = {"new-id": {"image": "app:1.0"}}
+
+        updater = IncrementalUpdater(summary, str(tmp_path), attributes)
+        updater.apply()
+
+        # State file should not be in modified_files
+        state_path = str(tmp_path / "terraform.tfstate")
+        assert state_path not in updater.modified_files
+
+        # State should still have the original entry
+        state_file = tmp_path / "terraform.tfstate"
+        state = json.loads(state_file.read_text(encoding="utf-8"))
+        assert len(state["resources"]) == 1
+        assert state["serial"] == 1
diff --git a/tests/unit/test_kubernetes_plugin.py b/tests/unit/test_kubernetes_plugin.py
new file mode 100644
index 0000000..839f920
--- /dev/null
+++ b/tests/unit/test_kubernetes_plugin.py
@@ -0,0 +1,508 @@
+"""Unit tests for the KubernetesPlugin provider plugin."""
+
+from unittest.mock import MagicMock, patch
+
+import pytest
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ScanProgress,
+    ScanResult,
+)
+from iac_reverse.scanner.kubernetes_plugin import KubernetesPlugin
+from iac_reverse.scanner.scanner import AuthenticationError
+
+
+class TestKubernetesPluginAuthenticate:
+    """Tests for KubernetesPlugin.authenticate()."""
+
+    @patch("iac_reverse.scanner.kubernetes_plugin.config")
+    @patch("iac_reverse.scanner.kubernetes_plugin.client")
+    def test_authenticate_with_kubeconfig_path(self, mock_client, mock_config):
+        """Successfully authenticates with a kubeconfig path."""
+        plugin = KubernetesPlugin()
+        credentials = {"kubeconfig_path": "/home/user/.kube/config"}
+
+        plugin.authenticate(credentials)
+
+        mock_config.load_kube_config.assert_called_once_with(
+            config_file="/home/user/.kube/config",
+            context=None,
+        )
+        mock_client.ApiClient.assert_called_once()
+        assert plugin._core_v1 is not None
+        assert plugin._apps_v1 is not None
+        assert plugin._networking_v1 is not None
+
+    @patch("iac_reverse.scanner.kubernetes_plugin.config")
+    @patch("iac_reverse.scanner.kubernetes_plugin.client")
+    def test_authenticate_with_context(self, mock_client, mock_config):
+        """Authenticates with a specific context."""
+        plugin = KubernetesPlugin()
+        credentials = {
+            "kubeconfig_path": "/home/user/.kube/config",
+            "context": "production",
+        }
+
+        plugin.authenticate(credentials)
+
+        mock_config.load_kube_config.assert_called_once_with(
+            config_file="/home/user/.kube/config",
+            context="production",
+        )
+
+    def test_authenticate_missing_kubeconfig_path(self):
+        """Raises AuthenticationError when kubeconfig_path is missing."""
+        plugin = KubernetesPlugin()
+
+        with pytest.raises(AuthenticationError) as exc_info:
+            plugin.authenticate({})
+
+        assert "kubeconfig_path is required" in str(exc_info.value)
+
+    @patch("iac_reverse.scanner.kubernetes_plugin.config")
+    def test_authenticate_invalid_kubeconfig(self, mock_config):
+        """Raises AuthenticationError when kubeconfig is invalid."""
+        mock_config.load_kube_config.side_effect = Exception("file not found")
+        plugin = KubernetesPlugin()
+
+        with pytest.raises(AuthenticationError) as exc_info:
+            plugin.authenticate({"kubeconfig_path": "/invalid/path"})
+
+        assert "Failed to load kubeconfig" in str(exc_info.value)
+
+
+class TestKubernetesPluginPlatformCategory:
+    """Tests for KubernetesPlugin.get_platform_category()."""
+
+    def test_returns_container_orchestration(self):
+        """Returns CONTAINER_ORCHESTRATION category."""
+        plugin = KubernetesPlugin()
+        assert plugin.get_platform_category() == PlatformCategory.CONTAINER_ORCHESTRATION
+
+
+class TestKubernetesPluginSupportedResourceTypes:
+    """Tests for KubernetesPlugin.list_supported_resource_types()."""
+
+    def test_returns_all_kubernetes_resource_types(self):
+        """Returns all six supported Kubernetes resource types."""
+        plugin = KubernetesPlugin()
+        types = plugin.list_supported_resource_types()
+
+        expected = [
+            "kubernetes_deployment",
+            "kubernetes_service",
+            "kubernetes_ingress",
+            "kubernetes_config_map",
+            "kubernetes_persistent_volume",
+            "kubernetes_namespace",
+        ]
+        assert types == expected
+
+    def test_returns_new_list_each_call(self):
+        """Returns a new list instance each call (not mutable reference)."""
+        plugin = KubernetesPlugin()
+        types1 = plugin.list_supported_resource_types()
+        types2 = plugin.list_supported_resource_types()
+        assert types1 == types2
+        assert types1 is not types2
+
+
+class TestKubernetesPluginDetectArchitecture:
+    """Tests for KubernetesPlugin.detect_architecture()."""
+
+    def test_detects_amd64_from_node_label(self):
+        """Detects AMD64 architecture from kubernetes.io/arch label."""
+        plugin = KubernetesPlugin()
+        plugin._core_v1 = MagicMock()
+
+        node = _make_node(
+            addresses=[("InternalIP", "192.168.1.10")],
+            labels={"kubernetes.io/arch": "amd64"},
+        )
+        plugin._core_v1.list_node.return_value = MagicMock(items=[node])
+
+        result = plugin.detect_architecture("192.168.1.10")
+        assert result == CpuArchitecture.AMD64
+
+    def test_detects_arm64_from_node_label(self):
+        """Detects AARCH64 architecture from arm64 label."""
+        plugin = KubernetesPlugin()
+        plugin._core_v1 = MagicMock()
+
+        node = _make_node(
+            addresses=[("InternalIP", "192.168.1.20")],
+            labels={"kubernetes.io/arch": "arm64"},
+        )
+        plugin._core_v1.list_node.return_value = MagicMock(items=[node])
+
+        result = plugin.detect_architecture("192.168.1.20")
+        assert result == CpuArchitecture.AARCH64
+
+    def test_detects_arm_from_node_label(self):
+        """Detects ARM architecture from arm label."""
+        plugin = KubernetesPlugin()
+        plugin._core_v1 = MagicMock()
+
+        node = _make_node(
+            addresses=[("InternalIP", "192.168.1.30")],
+            labels={"kubernetes.io/arch": "arm"},
+        )
+        plugin._core_v1.list_node.return_value = MagicMock(items=[node])
+
+        result = plugin.detect_architecture("192.168.1.30")
+        assert result == CpuArchitecture.ARM
+
+    def test_falls_back_to_beta_label(self):
+        """Falls back to beta.kubernetes.io/arch label."""
+        plugin = KubernetesPlugin()
+        plugin._core_v1 = MagicMock()
+
+        node = _make_node(
+            addresses=[("InternalIP", "192.168.1.40")],
+            labels={"beta.kubernetes.io/arch": "arm64"},
+        )
+        plugin._core_v1.list_node.return_value = MagicMock(items=[node])
+
+        result = plugin.detect_architecture("192.168.1.40")
+        assert result == CpuArchitecture.AARCH64
+
+    def test_defaults_to_amd64_when_no_label(self):
+        """Defaults to AMD64 when no arch label is present."""
+        plugin = KubernetesPlugin()
+        plugin._core_v1 = MagicMock()
+
+        node = _make_node(
+            addresses=[("InternalIP", "192.168.1.50")],
+            labels={},
+        )
+        plugin._core_v1.list_node.return_value = MagicMock(items=[node])
+
+        result = plugin.detect_architecture("192.168.1.50")
+        assert result == CpuArchitecture.AMD64
+
+    def test_defaults_to_amd64_when_not_authenticated(self):
+        """Returns AMD64 when plugin is not authenticated."""
+        plugin = KubernetesPlugin()
+        result = plugin.detect_architecture("192.168.1.1")
+        assert result == CpuArchitecture.AMD64
+
+    def test_defaults_to_amd64_on_api_error(self):
+        """Returns AMD64 when API call fails."""
+        plugin = KubernetesPlugin()
+        plugin._core_v1 = MagicMock()
+        plugin._core_v1.list_node.side_effect = Exception("API error")
+
+        result = plugin.detect_architecture("192.168.1.1")
+        assert result == CpuArchitecture.AMD64
+
+
+class TestKubernetesPluginListEndpoints:
+    """Tests for KubernetesPlugin.list_endpoints()."""
+
+    def test_returns_node_internal_ips(self):
+        """Returns InternalIP addresses from nodes."""
+        plugin = KubernetesPlugin()
+        plugin._core_v1 = MagicMock()
+
+        nodes = [
+            _make_node(addresses=[("InternalIP", "10.0.0.1")]),
+            _make_node(addresses=[("InternalIP", "10.0.0.2")]),
+        ]
+        plugin._core_v1.list_node.return_value = MagicMock(items=nodes)
+
+        result = plugin.list_endpoints()
+        assert result == ["10.0.0.1", "10.0.0.2"]
+
+    def test_returns_empty_when_not_authenticated(self):
+        """Returns empty list when not authenticated."""
+        plugin = KubernetesPlugin()
+        assert plugin.list_endpoints() == []
+
+
+class TestKubernetesPluginDiscoverResources:
+    """Tests for KubernetesPlugin.discover_resources()."""
+
+    def test_discovers_deployments(self):
+        """Discovers deployments and returns DiscoveredResource objects."""
+        plugin = _make_authenticated_plugin()
+
+        dep = MagicMock()
+        dep.metadata.name = "nginx"
+        dep.metadata.namespace = "default"
+        dep.metadata.labels = {"app": "nginx"}
+        dep.spec.replicas = 3
+        plugin._apps_v1.list_deployment_for_all_namespaces.return_value = MagicMock(
+            items=[dep]
+        )
+        _stub_empty_apis(plugin, exclude="deployments")
+
+        progress_updates = []
+        result = plugin.discover_resources(
+            endpoints=["10.0.0.1"],
+            resource_types=["kubernetes_deployment"],
+            progress_callback=progress_updates.append,
+        )
+
+        assert len(result.resources) == 1
+        resource = result.resources[0]
+        assert resource.resource_type == "kubernetes_deployment"
+        assert resource.unique_id == "default/nginx"
+        assert resource.name == "nginx"
+        assert resource.provider == ProviderType.KUBERNETES
+        assert resource.platform_category == PlatformCategory.CONTAINER_ORCHESTRATION
+        assert resource.attributes["namespace"] == "default"
+        assert resource.attributes["replicas"] == 3
+
+    def test_discovers_services(self):
+        """Discovers services and returns DiscoveredResource objects."""
+        plugin = _make_authenticated_plugin()
+
+        svc = MagicMock()
+        svc.metadata.name = "my-service"
+        svc.metadata.namespace = "production"
+        svc.metadata.labels = {"app": "web"}
+        svc.spec.type = "ClusterIP"
+        svc.spec.cluster_ip = "10.96.0.1"
+        plugin._core_v1.list_service_for_all_namespaces.return_value = MagicMock(
+            items=[svc]
+        )
+        _stub_empty_apis(plugin, exclude="services")
+
+        result = plugin.discover_resources(
+            endpoints=["10.0.0.1"],
+            resource_types=["kubernetes_service"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.resources) == 1
+        resource = result.resources[0]
+        assert resource.resource_type == "kubernetes_service"
+        assert resource.unique_id == "production/my-service"
+        assert resource.attributes["type"] == "ClusterIP"
+
+    def test_discovers_ingresses(self):
+        """Discovers ingresses and returns DiscoveredResource objects."""
+        plugin = _make_authenticated_plugin()
+
+        ing = MagicMock()
+        ing.metadata.name = "web-ingress"
+        ing.metadata.namespace = "default"
+        ing.metadata.labels = {"app": "web"}
+        plugin._networking_v1.list_ingress_for_all_namespaces.return_value = MagicMock(
+            items=[ing]
+        )
+        _stub_empty_apis(plugin, exclude="ingresses")
+
+        result = plugin.discover_resources(
+            endpoints=["10.0.0.1"],
+            resource_types=["kubernetes_ingress"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.resources) == 1
+        assert result.resources[0].resource_type == "kubernetes_ingress"
+        assert result.resources[0].unique_id == "default/web-ingress"
+
+    def test_discovers_config_maps(self):
+        """Discovers config maps and returns DiscoveredResource objects."""
+        plugin = _make_authenticated_plugin()
+
+        cm = MagicMock()
+        cm.metadata.name = "app-config"
+        cm.metadata.namespace = "default"
+        cm.metadata.labels = {}
+        cm.data = {"key1": "value1", "key2": "value2"}
+        plugin._core_v1.list_config_map_for_all_namespaces.return_value = MagicMock(
+            items=[cm]
+        )
+        _stub_empty_apis(plugin, exclude="config_maps")
+
+        result = plugin.discover_resources(
+            endpoints=["10.0.0.1"],
+            resource_types=["kubernetes_config_map"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.resources) == 1
+        resource = result.resources[0]
+        assert resource.resource_type == "kubernetes_config_map"
+        assert resource.attributes["data_keys"] == ["key1", "key2"]
+
+    def test_discovers_persistent_volumes(self):
+        """Discovers persistent volumes and returns DiscoveredResource objects."""
+        plugin = _make_authenticated_plugin()
+
+        pv = MagicMock()
+        pv.metadata.name = "pv-data"
+        pv.metadata.labels = {}
+        pv.spec.capacity = {"storage": "10Gi"}
+        pv.spec.access_modes = ["ReadWriteOnce"]
+        pv.spec.storage_class_name = "standard"
+        plugin._core_v1.list_persistent_volume.return_value = MagicMock(
+            items=[pv]
+        )
+        _stub_empty_apis(plugin, exclude="persistent_volumes")
+
+        result = plugin.discover_resources(
+            endpoints=["10.0.0.1"],
+            resource_types=["kubernetes_persistent_volume"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.resources) == 1
+        resource = result.resources[0]
+        assert resource.resource_type == "kubernetes_persistent_volume"
+        assert resource.unique_id == "pv-data"
+        assert resource.attributes["capacity"] == {"storage": "10Gi"}
+        assert resource.attributes["access_modes"] == ["ReadWriteOnce"]
+
+    def test_discovers_namespaces(self):
+        """Discovers namespaces and returns DiscoveredResource objects."""
+        plugin = _make_authenticated_plugin()
+
+        ns = MagicMock()
+        ns.metadata.name = "production"
+        ns.metadata.labels = {"env": "prod"}
+        ns.status.phase = "Active"
+        plugin._core_v1.list_namespace.return_value = MagicMock(items=[ns])
+        _stub_empty_apis(plugin, exclude="namespaces")
+
+        result = plugin.discover_resources(
+            endpoints=["10.0.0.1"],
+            resource_types=["kubernetes_namespace"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.resources) == 1
+        resource = result.resources[0]
+        assert resource.resource_type == "kubernetes_namespace"
+        assert resource.unique_id == "production"
+        assert resource.attributes["status"] == "Active"
+
+    def test_reports_progress_for_each_resource_type(self):
+        """Reports progress callback for each resource type scanned."""
+        plugin = _make_authenticated_plugin()
+        _stub_empty_apis(plugin)
+
+        progress_updates: list[ScanProgress] = []
+        plugin.discover_resources(
+            endpoints=["10.0.0.1"],
+            resource_types=["kubernetes_deployment", "kubernetes_service"],
+            progress_callback=progress_updates.append,
+        )
+
+        assert len(progress_updates) == 2
+        assert progress_updates[0].current_resource_type == "kubernetes_deployment"
+        assert progress_updates[0].resource_types_completed == 1
+        assert progress_updates[0].total_resource_types == 2
+        assert progress_updates[1].current_resource_type == "kubernetes_service"
+        assert progress_updates[1].resource_types_completed == 2
+
+    def test_handles_api_errors_gracefully(self):
+        """Records errors when API calls fail without crashing."""
+        plugin = _make_authenticated_plugin()
+        plugin._apps_v1.list_deployment_for_all_namespaces.side_effect = Exception(
+            "API unavailable"
+        )
+        _stub_empty_apis(plugin, exclude="deployments")
+
+        result = plugin.discover_resources(
+            endpoints=["10.0.0.1"],
+            resource_types=["kubernetes_deployment"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.errors) == 1
+        assert "API unavailable" in result.errors[0]
+        assert len(result.resources) == 0
+
+    def test_returns_scan_result_type(self):
+        """Returns a ScanResult instance."""
+        plugin = _make_authenticated_plugin()
+        _stub_empty_apis(plugin)
+
+        result = plugin.discover_resources(
+            endpoints=["10.0.0.1"],
+            resource_types=["kubernetes_namespace"],
+            progress_callback=lambda p: None,
+        )
+
+        assert isinstance(result, ScanResult)
+
+
+# ---------------------------------------------------------------------------
+# Test Helpers
+# ---------------------------------------------------------------------------
+
+
+def _make_node(
+    addresses: list[tuple[str, str]] | None = None,
+    labels: dict[str, str] | None = None,
+) -> MagicMock:
+    """Create a mock Kubernetes node object."""
+    node = MagicMock()
+    node.metadata.labels = labels or {}
+
+    if addresses:
+        addr_objects = []
+        for addr_type, addr_value in addresses:
+            addr = MagicMock()
+            addr.type = addr_type
+            addr.address = addr_value
+            addr_objects.append(addr)
+        node.status.addresses = addr_objects
+    else:
+        node.status.addresses = []
+
+    return node
+
+
+def _make_authenticated_plugin() -> KubernetesPlugin:
+    """Create a KubernetesPlugin with mocked API clients."""
+    plugin = KubernetesPlugin()
+    plugin._api_client = MagicMock()
+    plugin._core_v1 = MagicMock()
+    plugin._apps_v1 = MagicMock()
+    plugin._networking_v1 = MagicMock()
+
+    # Default: detect_architecture returns AMD64
+    node = _make_node(
+        addresses=[("InternalIP", "10.0.0.1")],
+        labels={"kubernetes.io/arch": "amd64"},
+    )
+    plugin._core_v1.list_node.return_value = MagicMock(items=[node])
+
+    return plugin
+
+
+def _stub_empty_apis(plugin: KubernetesPlugin, exclude: str = "") -> None:
+    """Stub all discovery API calls to return empty lists.
+
+    Args:
+        plugin: The plugin instance with mocked clients.
+        exclude: Resource type to exclude from stubbing (leave for test to set up).
+    """
+    if exclude != "deployments":
+        plugin._apps_v1.list_deployment_for_all_namespaces.return_value = MagicMock(
+            items=[]
+        )
+    if exclude != "services":
+        plugin._core_v1.list_service_for_all_namespaces.return_value = MagicMock(
+            items=[]
+        )
+    if exclude != "ingresses":
+        plugin._networking_v1.list_ingress_for_all_namespaces.return_value = MagicMock(
+            items=[]
+        )
+    if exclude != "config_maps":
+        plugin._core_v1.list_config_map_for_all_namespaces.return_value = MagicMock(
+            items=[]
+        )
+    if exclude != "persistent_volumes":
+        plugin._core_v1.list_persistent_volume.return_value = MagicMock(items=[])
+    if exclude != "namespaces":
+        plugin._core_v1.list_namespace.return_value = MagicMock(items=[])
diff --git a/tests/unit/test_models.py b/tests/unit/test_models.py
new file mode 100644
index 0000000..5429f65
--- /dev/null
+++ b/tests/unit/test_models.py
@@ -0,0 +1,403 @@
+"""Unit tests for core data models."""
+
+import json
+
+import pytest
+
+from iac_reverse.models import (
+    ChangeType,
+    ChangeSummary,
+    CodeGenerationResult,
+    CpuArchitecture,
+    DependencyGraph,
+    DiscoveredResource,
+    ExtractedVariable,
+    GeneratedFile,
+    PlannedChange,
+    PlatformCategory,
+    PROVIDER_PLATFORM_MAP,
+    ProviderType,
+    ResourceChange,
+    ResourceRelationship,
+    ScanProfile,
+    ScanProgress,
+    ScanResult,
+    StateEntry,
+    StateFile,
+    UnresolvedReference,
+    ValidationError,
+    ValidationResult,
+)
+
+
+class TestProviderType:
+    def test_all_values(self):
+        assert ProviderType.DOCKER_SWARM.value == "docker_swarm"
+        assert ProviderType.KUBERNETES.value == "kubernetes"
+        assert ProviderType.SYNOLOGY.value == "synology"
+        assert ProviderType.HARVESTER.value == "harvester"
+        assert ProviderType.BARE_METAL.value == "bare_metal"
+        assert ProviderType.WINDOWS.value == "windows"
+
+    def test_member_count(self):
+        assert len(ProviderType) == 6
+
+
+class TestPlatformCategory:
+    def test_all_values(self):
+        assert PlatformCategory.CONTAINER_ORCHESTRATION.value == "container"
+        assert PlatformCategory.STORAGE_APPLIANCE.value == "storage"
+        assert PlatformCategory.HCI.value == "hci"
+        assert PlatformCategory.BARE_METAL.value == "bare_metal"
+        assert PlatformCategory.WINDOWS.value == "windows"
+
+    def test_member_count(self):
+        assert len(PlatformCategory) == 5
+
+
+class TestProviderPlatformMap:
+    def test_all_providers_mapped(self):
+        for provider in ProviderType:
+            assert provider in PROVIDER_PLATFORM_MAP
+
+    def test_container_orchestration_providers(self):
+        assert PROVIDER_PLATFORM_MAP[ProviderType.DOCKER_SWARM] == PlatformCategory.CONTAINER_ORCHESTRATION
+        assert PROVIDER_PLATFORM_MAP[ProviderType.KUBERNETES] == PlatformCategory.CONTAINER_ORCHESTRATION
+
+    def test_other_providers(self):
+        assert PROVIDER_PLATFORM_MAP[ProviderType.SYNOLOGY] == PlatformCategory.STORAGE_APPLIANCE
+        assert PROVIDER_PLATFORM_MAP[ProviderType.HARVESTER] == PlatformCategory.HCI
+        assert PROVIDER_PLATFORM_MAP[ProviderType.BARE_METAL] == PlatformCategory.BARE_METAL
+        assert PROVIDER_PLATFORM_MAP[ProviderType.WINDOWS] == PlatformCategory.WINDOWS
+
+
+class TestCpuArchitecture:
+    def test_all_values(self):
+        assert CpuArchitecture.AMD64.value == "amd64"
+        assert CpuArchitecture.ARM.value == "arm"
+        assert CpuArchitecture.AARCH64.value == "aarch64"
+
+    def test_member_count(self):
+        assert len(CpuArchitecture) == 3
+
+
+class TestChangeType:
+    def test_all_values(self):
+        assert ChangeType.ADDED.value == "added"
+        assert ChangeType.REMOVED.value == "removed"
+        assert ChangeType.MODIFIED.value == "modified"
+
+
+class TestScanProfile:
+    def test_valid_profile(self):
+        profile = ScanProfile(
+            provider=ProviderType.KUBERNETES,
+            credentials={"kubeconfig_path": "/home/user/.kube/config"},
+        )
+        assert profile.validate() == []
+
+    def test_empty_credentials_invalid(self):
+        profile = ScanProfile(
+            provider=ProviderType.KUBERNETES,
+            credentials={},
+        )
+        errors = profile.validate()
+        assert len(errors) > 0
+        assert "credentials" in errors[0]
+
+    def test_platform_category_property(self):
+        profile = ScanProfile(
+            provider=ProviderType.DOCKER_SWARM,
+            credentials={"host": "localhost"},
+        )
+        assert profile.platform_category == PlatformCategory.CONTAINER_ORCHESTRATION
+
+    def test_optional_fields_default_none(self):
+        profile = ScanProfile(
+            provider=ProviderType.SYNOLOGY,
+            credentials={"host": "nas01"},
+        )
+        assert profile.endpoints is None
+        assert profile.resource_type_filters is None
+        assert profile.authentik_token is None
+
+
+class TestDiscoveredResource:
+    def test_creation(self):
+        resource = DiscoveredResource(
+            resource_type="kubernetes_deployment",
+            unique_id="apps/v1/deployments/default/nginx",
+            name="nginx",
+            provider=ProviderType.KUBERNETES,
+            platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+            architecture=CpuArchitecture.AARCH64,
+            endpoint="https://k8s-api:6443",
+            attributes={"replicas": 3, "image": "nginx:1.25"},
+            raw_references=["default/services/nginx-svc"],
+        )
+        assert resource.resource_type == "kubernetes_deployment"
+        assert resource.unique_id == "apps/v1/deployments/default/nginx"
+        assert resource.provider == ProviderType.KUBERNETES
+
+    def test_raw_references_default_empty(self):
+        resource = DiscoveredResource(
+            resource_type="windows_service",
+            unique_id="win01/services/nginx",
+            name="nginx",
+            provider=ProviderType.WINDOWS,
+            platform_category=PlatformCategory.WINDOWS,
+            architecture=CpuArchitecture.AMD64,
+            endpoint="win01.internal.lab",
+            attributes={"state": "running"},
+        )
+        assert resource.raw_references == []
+
+
+class TestScanResult:
+    def test_creation(self):
+        result = ScanResult(
+            resources=[],
+            warnings=["unsupported type: foo"],
+            errors=[],
+            scan_timestamp="2024-01-15T10:30:00Z",
+            profile_hash="abc123",
+        )
+        assert result.is_partial is False
+        assert len(result.warnings) == 1
+
+    def test_partial_scan(self):
+        result = ScanResult(
+            resources=[],
+            warnings=[],
+            errors=["connection lost"],
+            scan_timestamp="2024-01-15T10:30:00Z",
+            profile_hash="abc123",
+            is_partial=True,
+        )
+        assert result.is_partial is True
+
+
+class TestScanProgress:
+    def test_creation(self):
+        progress = ScanProgress(
+            current_resource_type="kubernetes_deployment",
+            resources_discovered=15,
+            resource_types_completed=2,
+            total_resource_types=5,
+        )
+        assert progress.resources_discovered == 15
+        assert progress.resource_types_completed == 2
+
+
+class TestResourceRelationship:
+    def test_creation(self):
+        rel = ResourceRelationship(
+            source_id="resource-a",
+            target_id="resource-b",
+            relationship_type="dependency",
+            source_attribute="network_id",
+        )
+        assert rel.relationship_type == "dependency"
+
+
+class TestUnresolvedReference:
+    def test_creation(self):
+        ref = UnresolvedReference(
+            source_resource_id="resource-a",
+            source_attribute="vpc_id",
+            referenced_id="vpc-unknown",
+            suggested_resolution="data_source",
+        )
+        assert ref.suggested_resolution == "data_source"
+
+
+class TestDependencyGraph:
+    def test_creation(self):
+        graph = DependencyGraph(
+            resources=[],
+            relationships=[],
+            topological_order=["a", "b", "c"],
+            cycles=[],
+            unresolved_references=[],
+        )
+        assert graph.topological_order == ["a", "b", "c"]
+        assert graph.cycles == []
+
+
+class TestGeneratedFile:
+    def test_creation(self):
+        gf = GeneratedFile(
+            filename="kubernetes_deployment.tf",
+            content='resource "kubernetes_deployment" "nginx" {}',
+            resource_count=1,
+        )
+        assert gf.filename == "kubernetes_deployment.tf"
+        assert gf.resource_count == 1
+
+
+class TestExtractedVariable:
+    def test_creation(self):
+        var = ExtractedVariable(
+            name="environment",
+            type_expr="string",
+            default_value="production",
+            description="Deployment environment",
+            used_by=["resource-a", "resource-b"],
+        )
+        assert len(var.used_by) == 2
+
+    def test_used_by_default_empty(self):
+        var = ExtractedVariable(
+            name="region",
+            type_expr="string",
+            default_value="us-east-1",
+            description="Region",
+        )
+        assert var.used_by == []
+
+
+class TestCodeGenerationResult:
+    def test_creation(self):
+        result = CodeGenerationResult(
+            resource_files=[GeneratedFile("main.tf", "content", 5)],
+            variables_file=GeneratedFile("variables.tf", "vars", 0),
+            provider_file=GeneratedFile("provider.tf", "provider", 0),
+            outputs_file=None,
+            skipped_resources=[("res-1", "unsupported type")],
+        )
+        assert len(result.resource_files) == 1
+        assert result.outputs_file is None
+        assert len(result.skipped_resources) == 1
+
+
+class TestStateEntry:
+    def test_creation(self):
+        entry = StateEntry(
+            resource_type="kubernetes_deployment",
+            resource_name="nginx",
+            provider_id="apps/v1/deployments/default/nginx",
+            attributes={"namespace": "default"},
+            sensitive_attributes=["password"],
+            schema_version=1,
+            dependencies=["kubernetes_service.nginx_svc"],
+        )
+        assert entry.schema_version == 1
+        assert len(entry.dependencies) == 1
+
+    def test_defaults(self):
+        entry = StateEntry(
+            resource_type="kubernetes_service",
+            resource_name="svc",
+            provider_id="id-123",
+            attributes={},
+        )
+        assert entry.sensitive_attributes == []
+        assert entry.schema_version == 0
+        assert entry.dependencies == []
+
+
+class TestStateFile:
+    def test_defaults(self):
+        state = StateFile()
+        assert state.version == 4
+        assert state.terraform_version == ""
+        assert state.serial == 1
+        assert state.lineage == ""
+        assert state.resources == []
+
+    def test_to_json_structure(self):
+        state = StateFile(
+            terraform_version="1.7.0",
+            resources=[
+                StateEntry(
+                    resource_type="kubernetes_deployment",
+                    resource_name="nginx",
+                    provider_id="apps/v1/deployments/default/nginx",
+                    attributes={"namespace": "default", "replicas": 3},
+                    schema_version=1,
+                    dependencies=["kubernetes_service.nginx_svc"],
+                )
+            ],
+        )
+        parsed = json.loads(state.to_json())
+        assert parsed["version"] == 4
+        assert parsed["terraform_version"] == "1.7.0"
+        assert parsed["serial"] == 1
+        assert "lineage" in parsed
+        assert len(parsed["resources"]) == 1
+
+        res = parsed["resources"][0]
+        assert res["mode"] == "managed"
+        assert res["type"] == "kubernetes_deployment"
+        assert res["name"] == "nginx"
+        assert res["instances"][0]["schema_version"] == 1
+        assert res["instances"][0]["attributes"]["id"] == "apps/v1/deployments/default/nginx"
+
+    def test_to_json_generates_lineage(self):
+        state = StateFile()
+        parsed = json.loads(state.to_json())
+        assert len(parsed["lineage"]) > 0  # UUID generated
+
+
+class TestValidationResult:
+    def test_creation(self):
+        result = ValidationResult(
+            init_success=True,
+            validate_success=True,
+            plan_success=False,
+            planned_changes=[
+                PlannedChange(
+                    resource_address="kubernetes_deployment.nginx",
+                    change_type="modify",
+                    details="replicas changed",
+                )
+            ],
+            errors=[],
+            correction_attempts=1,
+        )
+        assert result.plan_success is False
+        assert len(result.planned_changes) == 1
+
+
+class TestValidationError:
+    def test_creation_with_line(self):
+        err = ValidationError(file="main.tf", message="invalid block", line=42)
+        assert err.line == 42
+
+    def test_creation_without_line(self):
+        err = ValidationError(file="main.tf", message="missing provider")
+        assert err.line is None
+
+
+class TestResourceChange:
+    def test_added(self):
+        change = ResourceChange(
+            resource_id="new-resource",
+            resource_type="kubernetes_service",
+            resource_name="new-svc",
+            change_type=ChangeType.ADDED,
+        )
+        assert change.changed_attributes is None
+
+    def test_modified(self):
+        change = ResourceChange(
+            resource_id="existing-resource",
+            resource_type="kubernetes_deployment",
+            resource_name="nginx",
+            change_type=ChangeType.MODIFIED,
+            changed_attributes={"replicas": {"old": 3, "new": 5}},
+        )
+        assert change.changed_attributes is not None
+
+
+class TestChangeSummary:
+    def test_creation(self):
+        summary = ChangeSummary(
+            added_count=2,
+            removed_count=1,
+            modified_count=3,
+            changes=[],
+        )
+        assert summary.added_count == 2
+        assert summary.removed_count == 1
+        assert summary.modified_count == 3
diff --git a/tests/unit/test_multi_provider_scanner.py b/tests/unit/test_multi_provider_scanner.py
new file mode 100644
index 0000000..35012c5
--- /dev/null
+++ b/tests/unit/test_multi_provider_scanner.py
@@ -0,0 +1,505 @@
+"""Unit tests for the MultiProviderScanner.
+
+Tests cover:
+- All providers succeed: all resources collected
+- One provider fails: others still complete, failed one reported
+- Multiple providers fail: remaining still complete
+- Error details include provider name and reason
+"""
+
+import pytest
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ScanProfile,
+    ScanProgress,
+    ScanResult,
+)
+from iac_reverse.plugin_base import ProviderPlugin
+from iac_reverse.scanner.multi_provider_scanner import (
+    MultiProviderScanner,
+    MultiProviderScanResult,
+    ProviderFailure,
+    ProviderScanEntry,
+)
+from iac_reverse.scanner.scanner import AuthenticationError
+
+
+# ---------------------------------------------------------------------------
+# Helpers / Fixtures
+# ---------------------------------------------------------------------------
+
+
+def make_profile(provider: ProviderType = ProviderType.KUBERNETES) -> ScanProfile:
+    """Create a valid ScanProfile with sensible defaults."""
+    return ScanProfile(
+        provider=provider,
+        credentials={"token": "test-token"},
+        endpoints=["https://api.local:6443"],
+        resource_type_filters=None,
+    )
+
+
+def make_resource(
+    provider: ProviderType = ProviderType.KUBERNETES,
+    resource_type: str = "kubernetes_deployment",
+    name: str = "nginx",
+) -> DiscoveredResource:
+    """Create a sample DiscoveredResource."""
+    return DiscoveredResource(
+        resource_type=resource_type,
+        unique_id=f"{provider.value}/{resource_type}/{name}",
+        name=name,
+        provider=provider,
+        platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+        architecture=CpuArchitecture.AARCH64,
+        endpoint="https://api.local:6443",
+        attributes={"replicas": 3},
+        raw_references=[],
+    )
+
+
+class SuccessPlugin(ProviderPlugin):
+    """A plugin that always succeeds with configurable resources."""
+
+    def __init__(self, resources: list[DiscoveredResource] | None = None):
+        self._resources = resources or []
+
+    def authenticate(self, credentials: dict[str, str]) -> None:
+        pass
+
+    def get_platform_category(self) -> PlatformCategory:
+        return PlatformCategory.CONTAINER_ORCHESTRATION
+
+    def list_endpoints(self) -> list[str]:
+        return ["https://api.local:6443"]
+
+    def list_supported_resource_types(self) -> list[str]:
+        return ["kubernetes_deployment", "kubernetes_service"]
+
+    def detect_architecture(self, endpoint: str) -> CpuArchitecture:
+        return CpuArchitecture.AARCH64
+
+    def discover_resources(
+        self,
+        endpoints: list[str],
+        resource_types: list[str],
+        progress_callback=None,
+    ) -> ScanResult:
+        return ScanResult(
+            resources=self._resources,
+            warnings=[],
+            errors=[],
+            scan_timestamp="",
+            profile_hash="",
+        )
+
+
+class FailingAuthPlugin(ProviderPlugin):
+    """A plugin that fails during authentication."""
+
+    def __init__(self, error_message: str = "Invalid credentials"):
+        self._error_message = error_message
+
+    def authenticate(self, credentials: dict[str, str]) -> None:
+        raise RuntimeError(self._error_message)
+
+    def get_platform_category(self) -> PlatformCategory:
+        return PlatformCategory.CONTAINER_ORCHESTRATION
+
+    def list_endpoints(self) -> list[str]:
+        return []
+
+    def list_supported_resource_types(self) -> list[str]:
+        return []
+
+    def detect_architecture(self, endpoint: str) -> CpuArchitecture:
+        return CpuArchitecture.AMD64
+
+    def discover_resources(
+        self,
+        endpoints: list[str],
+        resource_types: list[str],
+        progress_callback=None,
+    ) -> ScanResult:
+        return ScanResult(
+            resources=[],
+            warnings=[],
+            errors=[],
+            scan_timestamp="",
+            profile_hash="",
+        )
+
+
+class FailingDiscoverPlugin(ProviderPlugin):
+    """A plugin that fails during resource discovery."""
+
+    def __init__(self, error_message: str = "Connection refused"):
+        self._error_message = error_message
+
+    def authenticate(self, credentials: dict[str, str]) -> None:
+        pass
+
+    def get_platform_category(self) -> PlatformCategory:
+        return PlatformCategory.STORAGE_APPLIANCE
+
+    def list_endpoints(self) -> list[str]:
+        return ["https://nas.local:5001"]
+
+    def list_supported_resource_types(self) -> list[str]:
+        return ["synology_shared_folder"]
+
+    def detect_architecture(self, endpoint: str) -> CpuArchitecture:
+        return CpuArchitecture.AMD64
+
+    def discover_resources(
+        self,
+        endpoints: list[str],
+        resource_types: list[str],
+        progress_callback=None,
+    ) -> ScanResult:
+        raise ConnectionError(self._error_message)
+
+
+# ---------------------------------------------------------------------------
+# Tests: All providers succeed
+# ---------------------------------------------------------------------------
+
+
+class TestAllProvidersSucceed:
+    """Tests for the happy path where all providers complete successfully."""
+
+    def test_single_provider_all_resources_collected(self):
+        resources = [
+            make_resource(name="deploy-1"),
+            make_resource(name="deploy-2"),
+        ]
+        entry = ProviderScanEntry(
+            profile=make_profile(ProviderType.KUBERNETES),
+            plugin=SuccessPlugin(resources=resources),
+        )
+        scanner = MultiProviderScanner([entry])
+
+        result = scanner.scan()
+
+        assert len(result.resources) == 2
+        assert len(result.failed_providers) == 0
+        assert "kubernetes" in result.successful_providers
+
+    def test_multiple_providers_all_resources_merged(self):
+        k8s_resources = [
+            make_resource(ProviderType.KUBERNETES, "kubernetes_deployment", "nginx"),
+        ]
+        docker_resources = [
+            make_resource(ProviderType.DOCKER_SWARM, "docker_service", "web"),
+        ]
+
+        entries = [
+            ProviderScanEntry(
+                profile=make_profile(ProviderType.KUBERNETES),
+                plugin=SuccessPlugin(resources=k8s_resources),
+            ),
+            ProviderScanEntry(
+                profile=make_profile(ProviderType.DOCKER_SWARM),
+                plugin=SuccessPlugin(resources=docker_resources),
+            ),
+        ]
+        scanner = MultiProviderScanner(entries)
+
+        result = scanner.scan()
+
+        assert len(result.resources) == 2
+        assert len(result.failed_providers) == 0
+        assert len(result.successful_providers) == 2
+
+    def test_empty_entries_returns_empty_result(self):
+        scanner = MultiProviderScanner([])
+
+        result = scanner.scan()
+
+        assert len(result.resources) == 0
+        assert len(result.failed_providers) == 0
+        assert len(result.successful_providers) == 0
+
+    def test_scan_timestamp_is_set(self):
+        entry = ProviderScanEntry(
+            profile=make_profile(),
+            plugin=SuccessPlugin(resources=[]),
+        )
+        scanner = MultiProviderScanner([entry])
+
+        result = scanner.scan()
+
+        assert result.scan_timestamp != ""
+
+
+# ---------------------------------------------------------------------------
+# Tests: One provider fails, others succeed
+# ---------------------------------------------------------------------------
+
+
+class TestOneProviderFails:
+    """Tests for partial failure: one provider fails, others complete."""
+
+    def test_failed_provider_does_not_block_others(self):
+        k8s_resources = [make_resource(ProviderType.KUBERNETES, name="nginx")]
+
+        entries = [
+            ProviderScanEntry(
+                profile=make_profile(ProviderType.KUBERNETES),
+                plugin=SuccessPlugin(resources=k8s_resources),
+            ),
+            ProviderScanEntry(
+                profile=make_profile(ProviderType.SYNOLOGY),
+                plugin=FailingAuthPlugin("Invalid API key"),
+            ),
+        ]
+        scanner = MultiProviderScanner(entries)
+
+        result = scanner.scan()
+
+        # Kubernetes resources should still be collected
+        assert len(result.resources) == 1
+        assert result.resources[0].name == "nginx"
+        # Synology should be reported as failed
+        assert len(result.failed_providers) == 1
+        assert result.failed_providers[0].provider_name == "synology"
+
+    def test_failed_provider_reported_with_error_details(self):
+        entries = [
+            ProviderScanEntry(
+                profile=make_profile(ProviderType.KUBERNETES),
+                plugin=SuccessPlugin(resources=[]),
+            ),
+            ProviderScanEntry(
+                profile=make_profile(ProviderType.SYNOLOGY),
+                plugin=FailingAuthPlugin("Token expired at 2024-01-15"),
+            ),
+        ]
+        scanner = MultiProviderScanner(entries)
+
+        result = scanner.scan()
+
+        failure = result.failed_providers[0]
+        assert failure.provider_name == "synology"
+        assert "Token expired" in failure.error_message
+        assert failure.error_type == "AuthenticationError"
+
+    def test_successful_providers_listed_correctly(self):
+        entries = [
+            ProviderScanEntry(
+                profile=make_profile(ProviderType.KUBERNETES),
+                plugin=SuccessPlugin(resources=[]),
+            ),
+            ProviderScanEntry(
+                profile=make_profile(ProviderType.DOCKER_SWARM),
+                plugin=FailingAuthPlugin("Connection refused"),
+            ),
+        ]
+        scanner = MultiProviderScanner(entries)
+
+        result = scanner.scan()
+
+        assert "kubernetes" in result.successful_providers
+        assert "docker_swarm" not in result.successful_providers
+
+    def test_order_does_not_matter_failed_first(self):
+        """Even if the first provider fails, subsequent ones still run."""
+        docker_resources = [make_resource(ProviderType.DOCKER_SWARM, "docker_service", "web")]
+
+        entries = [
+            ProviderScanEntry(
+                profile=make_profile(ProviderType.SYNOLOGY),
+                plugin=FailingAuthPlugin("Auth failed"),
+            ),
+            ProviderScanEntry(
+                profile=make_profile(ProviderType.DOCKER_SWARM),
+                plugin=SuccessPlugin(resources=docker_resources),
+            ),
+        ]
+        scanner = MultiProviderScanner(entries)
+
+        result = scanner.scan()
+
+        assert len(result.resources) == 1
+        assert result.resources[0].name == "web"
+        assert len(result.failed_providers) == 1
+
+
+# ---------------------------------------------------------------------------
+# Tests: Multiple providers fail
+# ---------------------------------------------------------------------------
+
+
+class TestMultipleProvidersFail:
+    """Tests for scenarios where multiple providers fail."""
+
+    def test_multiple_failures_remaining_still_complete(self):
+        k8s_resources = [make_resource(ProviderType.KUBERNETES, name="app")]
+
+        entries = [
+            ProviderScanEntry(
+                profile=make_profile(ProviderType.SYNOLOGY),
+                plugin=FailingAuthPlugin("Synology auth failed"),
+            ),
+            ProviderScanEntry(
+                profile=make_profile(ProviderType.KUBERNETES),
+                plugin=SuccessPlugin(resources=k8s_resources),
+            ),
+            ProviderScanEntry(
+                profile=make_profile(ProviderType.HARVESTER),
+                plugin=FailingAuthPlugin("Harvester unreachable"),
+            ),
+        ]
+        scanner = MultiProviderScanner(entries)
+
+        result = scanner.scan()
+
+        assert len(result.resources) == 1
+        assert result.resources[0].name == "app"
+        assert len(result.failed_providers) == 2
+        assert len(result.successful_providers) == 1
+
+    def test_all_providers_fail_returns_empty_resources(self):
+        entries = [
+            ProviderScanEntry(
+                profile=make_profile(ProviderType.SYNOLOGY),
+                plugin=FailingAuthPlugin("Auth error 1"),
+            ),
+            ProviderScanEntry(
+                profile=make_profile(ProviderType.HARVESTER),
+                plugin=FailingAuthPlugin("Auth error 2"),
+            ),
+        ]
+        scanner = MultiProviderScanner(entries)
+
+        result = scanner.scan()
+
+        assert len(result.resources) == 0
+        assert len(result.failed_providers) == 2
+        assert len(result.successful_providers) == 0
+
+    def test_each_failure_has_distinct_error_details(self):
+        entries = [
+            ProviderScanEntry(
+                profile=make_profile(ProviderType.SYNOLOGY),
+                plugin=FailingAuthPlugin("Invalid API key"),
+            ),
+            ProviderScanEntry(
+                profile=make_profile(ProviderType.HARVESTER),
+                plugin=FailingAuthPlugin("Certificate expired"),
+            ),
+        ]
+        scanner = MultiProviderScanner(entries)
+
+        result = scanner.scan()
+
+        provider_names = [f.provider_name for f in result.failed_providers]
+        assert "synology" in provider_names
+        assert "harvester" in provider_names
+
+        synology_failure = next(
+            f for f in result.failed_providers if f.provider_name == "synology"
+        )
+        harvester_failure = next(
+            f for f in result.failed_providers if f.provider_name == "harvester"
+        )
+        assert "Invalid API key" in synology_failure.error_message
+        assert "Certificate expired" in harvester_failure.error_message
+
+
+# ---------------------------------------------------------------------------
+# Tests: Error details include provider name and reason
+# ---------------------------------------------------------------------------
+
+
+class TestErrorDetails:
+    """Tests that error details contain provider name and failure reason."""
+
+    def test_auth_error_includes_provider_name(self):
+        entries = [
+            ProviderScanEntry(
+                profile=make_profile(ProviderType.DOCKER_SWARM),
+                plugin=FailingAuthPlugin("Bad token"),
+            ),
+        ]
+        scanner = MultiProviderScanner(entries)
+
+        result = scanner.scan()
+
+        assert result.failed_providers[0].provider_name == "docker_swarm"
+
+    def test_auth_error_includes_reason(self):
+        entries = [
+            ProviderScanEntry(
+                profile=make_profile(ProviderType.DOCKER_SWARM),
+                plugin=FailingAuthPlugin("Token revoked by admin"),
+            ),
+        ]
+        scanner = MultiProviderScanner(entries)
+
+        result = scanner.scan()
+
+        assert "Token revoked by admin" in result.failed_providers[0].error_message
+
+    def test_connection_error_includes_error_type(self):
+        entries = [
+            ProviderScanEntry(
+                profile=make_profile(ProviderType.SYNOLOGY),
+                plugin=FailingDiscoverPlugin("Connection timed out"),
+            ),
+        ]
+        scanner = MultiProviderScanner(entries)
+
+        result = scanner.scan()
+
+        # ConnectionError is raised during discover; Scanner wraps it in
+        # ConnectionLostError. The error_type reflects the wrapped exception.
+        failure = result.failed_providers[0]
+        assert failure.provider_name == "synology"
+        assert failure.error_type == "ConnectionLostError"
+        assert "Connection lost" in failure.error_message
+
+    def test_validation_error_includes_details(self):
+        """A provider with invalid profile still reports correctly."""
+        # Create a profile with empty credentials to trigger ValueError
+        bad_profile = ScanProfile(
+            provider=ProviderType.BARE_METAL,
+            credentials={},
+            endpoints=["https://bmc.local"],
+        )
+        entries = [
+            ProviderScanEntry(
+                profile=bad_profile,
+                plugin=SuccessPlugin(resources=[]),
+            ),
+        ]
+        scanner = MultiProviderScanner(entries)
+
+        result = scanner.scan()
+
+        failure = result.failed_providers[0]
+        assert failure.provider_name == "bare_metal"
+        assert failure.error_type == "ValueError"
+        assert "credentials" in failure.error_message.lower()
+
+    def test_progress_callback_invoked_for_successful_providers(self):
+        """Progress callback is passed through to individual scanners."""
+        resources = [make_resource(name="test")]
+        entries = [
+            ProviderScanEntry(
+                profile=make_profile(ProviderType.KUBERNETES),
+                plugin=SuccessPlugin(resources=resources),
+            ),
+        ]
+        scanner = MultiProviderScanner(entries)
+
+        progress_updates = []
+        scanner.scan(progress_callback=progress_updates.append)
+
+        # SuccessPlugin doesn't call progress_callback, but the scan still works
+        # This verifies the callback is accepted without error
+        assert len(scanner.entries) == 1
diff --git a/tests/unit/test_plugin_base.py b/tests/unit/test_plugin_base.py
new file mode 100644
index 0000000..1641a11
--- /dev/null
+++ b/tests/unit/test_plugin_base.py
@@ -0,0 +1,74 @@
+"""Unit tests for the ProviderPlugin abstract base class."""
+
+import pytest
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    PlatformCategory,
+    ScanProgress,
+    ScanResult,
+)
+from iac_reverse.plugin_base import ProviderPlugin
+
+
+class TestProviderPluginInterface:
+    def test_cannot_instantiate_directly(self):
+        """ProviderPlugin is abstract and cannot be instantiated."""
+        with pytest.raises(TypeError):
+            ProviderPlugin()
+
+    def test_requires_all_abstract_methods(self):
+        """A subclass must implement all abstract methods."""
+
+        class IncompletePlugin(ProviderPlugin):
+            def authenticate(self, credentials):
+                pass
+
+        with pytest.raises(TypeError):
+            IncompletePlugin()
+
+    def test_concrete_implementation(self):
+        """A complete implementation can be instantiated."""
+
+        class ConcretePlugin(ProviderPlugin):
+            def authenticate(self, credentials: dict[str, str]) -> None:
+                pass
+
+            def get_platform_category(self) -> PlatformCategory:
+                return PlatformCategory.CONTAINER_ORCHESTRATION
+
+            def list_endpoints(self) -> list[str]:
+                return ["https://localhost:6443"]
+
+            def list_supported_resource_types(self) -> list[str]:
+                return ["kubernetes_deployment"]
+
+            def detect_architecture(self, endpoint: str) -> CpuArchitecture:
+                return CpuArchitecture.AMD64
+
+            def discover_resources(self, endpoints, resource_types, progress_callback):
+                return ScanResult(
+                    resources=[],
+                    warnings=[],
+                    errors=[],
+                    scan_timestamp="2024-01-01T00:00:00Z",
+                    profile_hash="test",
+                )
+
+        plugin = ConcretePlugin()
+        assert plugin.get_platform_category() == PlatformCategory.CONTAINER_ORCHESTRATION
+        assert plugin.list_endpoints() == ["https://localhost:6443"]
+        assert plugin.list_supported_resource_types() == ["kubernetes_deployment"]
+        assert plugin.detect_architecture("localhost") == CpuArchitecture.AMD64
+
+    def test_abstract_methods_list(self):
+        """Verify all expected abstract methods are defined."""
+        expected_methods = {
+            "authenticate",
+            "get_platform_category",
+            "list_endpoints",
+            "list_supported_resource_types",
+            "detect_architecture",
+            "discover_resources",
+        }
+        assert ProviderPlugin.__abstractmethods__ == expected_methods
diff --git a/tests/unit/test_profile_loader.py b/tests/unit/test_profile_loader.py
new file mode 100644
index 0000000..fba2fd7
--- /dev/null
+++ b/tests/unit/test_profile_loader.py
@@ -0,0 +1,324 @@
+"""Unit tests for ProfileLoader - YAML scan profile loading with env var expansion."""
+
+import os
+import textwrap
+from pathlib import Path
+
+import pytest
+
+from iac_reverse.cli.profile_loader import ProfileLoader, ProfileLoaderError
+from iac_reverse.models import ProviderType
+
+
+@pytest.fixture
+def loader():
+    """Create a ProfileLoader instance."""
+    return ProfileLoader()
+
+
+@pytest.fixture
+def tmp_profile(tmp_path):
+    """Helper to write a YAML profile to a temp file and return its path."""
+
+    def _write(content: str) -> str:
+        profile_file = tmp_path / "profile.yaml"
+        profile_file.write_text(textwrap.dedent(content), encoding="utf-8")
+        return str(profile_file)
+
+    return _write
+
+
+class TestSingleProfileLoading:
+    """Tests for loading a single profile from YAML."""
+
+    def test_loads_single_profile(self, loader, tmp_profile):
+        path = tmp_profile("""
+            provider: kubernetes
+            credentials:
+              kubeconfig_path: /home/user/.kube/config
+              context: pi-cluster
+            endpoints:
+              - https://k8s-api.internal.lab:6443
+            resource_type_filters:
+              - kubernetes_deployment
+              - kubernetes_service
+        """)
+
+        profiles = loader.load(path)
+
+        assert len(profiles) == 1
+        profile = profiles[0]
+        assert profile.provider == ProviderType.KUBERNETES
+        assert profile.credentials == {
+            "kubeconfig_path": "/home/user/.kube/config",
+            "context": "pi-cluster",
+        }
+        assert profile.endpoints == ["https://k8s-api.internal.lab:6443"]
+        assert profile.resource_type_filters == [
+            "kubernetes_deployment",
+            "kubernetes_service",
+        ]
+
+    def test_loads_profile_without_optional_fields(self, loader, tmp_profile):
+        path = tmp_profile("""
+            provider: docker_swarm
+            credentials:
+              host: tcp://swarm-manager:2376
+        """)
+
+        profiles = loader.load(path)
+
+        assert len(profiles) == 1
+        profile = profiles[0]
+        assert profile.provider == ProviderType.DOCKER_SWARM
+        assert profile.endpoints is None
+        assert profile.resource_type_filters is None
+        assert profile.authentik_token is None
+
+
+class TestMultiProfileLoading:
+    """Tests for loading multiple profiles from a YAML list."""
+
+    def test_loads_multi_profile_yaml(self, loader, tmp_profile):
+        path = tmp_profile("""
+            - provider: kubernetes
+              credentials:
+                kubeconfig_path: /home/user/.kube/config
+                context: pi-cluster
+              endpoints:
+                - https://k8s-api.internal.lab:6443
+
+            - provider: synology
+              credentials:
+                host: nas01.internal.lab
+                port: "5001"
+                username: admin
+                password: secret
+              endpoints:
+                - nas01.internal.lab:5001
+        """)
+
+        profiles = loader.load(path)
+
+        assert len(profiles) == 2
+        assert profiles[0].provider == ProviderType.KUBERNETES
+        assert profiles[1].provider == ProviderType.SYNOLOGY
+        assert profiles[1].credentials["host"] == "nas01.internal.lab"
+
+    def test_loads_three_profiles(self, loader, tmp_profile):
+        path = tmp_profile("""
+            - provider: kubernetes
+              credentials:
+                context: cluster-1
+
+            - provider: docker_swarm
+              credentials:
+                host: tcp://swarm:2376
+
+            - provider: windows
+              credentials:
+                host: win-server-01
+                username: admin
+                password: pass
+        """)
+
+        profiles = loader.load(path)
+
+        assert len(profiles) == 3
+        assert profiles[0].provider == ProviderType.KUBERNETES
+        assert profiles[1].provider == ProviderType.DOCKER_SWARM
+        assert profiles[2].provider == ProviderType.WINDOWS
+
+
+class TestEnvVarExpansion:
+    """Tests for ${ENV_VAR} and ${ENV_VAR:-default} expansion."""
+
+    def test_expands_env_var(self, loader, monkeypatch):
+        monkeypatch.setenv("MY_SECRET", "super-secret-value")
+
+        result = loader.expand_env_vars("${MY_SECRET}")
+
+        assert result == "super-secret-value"
+
+    def test_expands_env_var_with_surrounding_text(self, loader, monkeypatch):
+        monkeypatch.setenv("HOST", "myserver.local")
+
+        result = loader.expand_env_vars("https://${HOST}:8443")
+
+        assert result == "https://myserver.local:8443"
+
+    def test_expands_multiple_env_vars(self, loader, monkeypatch):
+        monkeypatch.setenv("USER", "admin")
+        monkeypatch.setenv("PASS", "secret123")
+
+        result = loader.expand_env_vars("${USER}:${PASS}")
+
+        assert result == "admin:secret123"
+
+    def test_expands_env_var_with_default(self, loader, monkeypatch):
+        monkeypatch.delenv("MISSING_VAR", raising=False)
+
+        result = loader.expand_env_vars("${MISSING_VAR:-fallback_value}")
+
+        assert result == "fallback_value"
+
+    def test_env_var_set_overrides_default(self, loader, monkeypatch):
+        monkeypatch.setenv("MY_VAR", "actual_value")
+
+        result = loader.expand_env_vars("${MY_VAR:-default_value}")
+
+        assert result == "actual_value"
+
+    def test_empty_default_is_valid(self, loader, monkeypatch):
+        monkeypatch.delenv("UNSET_VAR", raising=False)
+
+        result = loader.expand_env_vars("prefix_${UNSET_VAR:-}_suffix")
+
+        assert result == "prefix__suffix"
+
+    def test_missing_env_var_without_default_raises_error(self, loader, monkeypatch):
+        monkeypatch.delenv("NONEXISTENT_VAR", raising=False)
+
+        with pytest.raises(ProfileLoaderError, match="NONEXISTENT_VAR"):
+            loader.expand_env_vars("${NONEXISTENT_VAR}")
+
+    def test_no_env_vars_returns_unchanged(self, loader):
+        result = loader.expand_env_vars("plain text without vars")
+
+        assert result == "plain text without vars"
+
+
+class TestCredentialExpansion:
+    """Tests for env var expansion applied to credential fields in profiles."""
+
+    def test_expands_credentials_in_profile(self, loader, tmp_profile, monkeypatch):
+        monkeypatch.setenv("SYNOLOGY_USER", "admin")
+        monkeypatch.setenv("SYNOLOGY_PASSWORD", "my_password")
+
+        path = tmp_profile("""
+            provider: synology
+            credentials:
+              host: nas01.internal.lab
+              username: "${SYNOLOGY_USER}"
+              password: "${SYNOLOGY_PASSWORD}"
+        """)
+
+        profiles = loader.load(path)
+
+        assert profiles[0].credentials["username"] == "admin"
+        assert profiles[0].credentials["password"] == "my_password"
+        # Non-env-var values remain unchanged
+        assert profiles[0].credentials["host"] == "nas01.internal.lab"
+
+    def test_expands_nested_credential_values(self, loader, tmp_profile, monkeypatch):
+        monkeypatch.setenv("INNER_SECRET", "nested_value")
+
+        path = tmp_profile("""
+            provider: windows
+            credentials:
+              host: win-server-01
+              auth:
+                token: "${INNER_SECRET}"
+                type: bearer
+        """)
+
+        profiles = loader.load(path)
+
+        assert profiles[0].credentials["auth"]["token"] == "nested_value"
+        assert profiles[0].credentials["auth"]["type"] == "bearer"
+
+    def test_expands_authentik_token(self, loader, tmp_profile, monkeypatch):
+        monkeypatch.setenv("AUTH_TOKEN", "my-sso-token")
+
+        path = tmp_profile("""
+            provider: kubernetes
+            credentials:
+              context: cluster-1
+            authentik_token: "${AUTH_TOKEN}"
+        """)
+
+        profiles = loader.load(path)
+
+        assert profiles[0].authentik_token == "my-sso-token"
+
+    def test_credential_with_default_value(self, loader, tmp_profile, monkeypatch):
+        monkeypatch.delenv("OPTIONAL_PORT", raising=False)
+
+        path = tmp_profile("""
+            provider: synology
+            credentials:
+              host: nas01
+              port: "${OPTIONAL_PORT:-5001}"
+        """)
+
+        profiles = loader.load(path)
+
+        assert profiles[0].credentials["port"] == "5001"
+
+
+class TestErrorHandling:
+    """Tests for error cases in profile loading."""
+
+    def test_file_not_found_raises_error(self, loader):
+        with pytest.raises(ProfileLoaderError, match="Profile not found"):
+            loader.load("/nonexistent/path/profile.yaml")
+
+    def test_invalid_yaml_raises_error(self, loader, tmp_profile):
+        path = tmp_profile("""
+            provider: kubernetes
+            credentials: [invalid: yaml: content
+        """)
+
+        with pytest.raises(ProfileLoaderError, match="Invalid YAML"):
+            loader.load(path)
+
+    def test_empty_file_raises_error(self, loader, tmp_path):
+        profile_file = tmp_path / "empty.yaml"
+        profile_file.write_text("", encoding="utf-8")
+
+        with pytest.raises(ProfileLoaderError, match="empty"):
+            loader.load(str(profile_file))
+
+    def test_unknown_provider_raises_error(self, loader, tmp_profile):
+        path = tmp_profile("""
+            provider: unknown_provider
+            credentials:
+              key: value
+        """)
+
+        with pytest.raises(ProfileLoaderError, match="Unknown provider"):
+            loader.load(path)
+
+    def test_missing_provider_raises_error(self, loader, tmp_profile):
+        path = tmp_profile("""
+            credentials:
+              key: value
+        """)
+
+        with pytest.raises(ProfileLoaderError, match="Missing 'provider'"):
+            loader.load(path)
+
+    def test_missing_env_var_in_credentials_raises_error(
+        self, loader, tmp_profile, monkeypatch
+    ):
+        monkeypatch.delenv("MISSING_CRED", raising=False)
+
+        path = tmp_profile("""
+            provider: kubernetes
+            credentials:
+              token: "${MISSING_CRED}"
+        """)
+
+        with pytest.raises(ProfileLoaderError, match="MISSING_CRED"):
+            loader.load(path)
+
+    def test_non_dict_in_multi_profile_raises_error(self, loader, tmp_profile):
+        path = tmp_profile("""
+            - provider: kubernetes
+              credentials:
+                context: cluster-1
+            - just a string
+        """)
+
+        with pytest.raises(ProfileLoaderError, match="index 1.*mapping"):
+            loader.load(path)
diff --git a/tests/unit/test_provider_block.py b/tests/unit/test_provider_block.py
new file mode 100644
index 0000000..8318c72
--- /dev/null
+++ b/tests/unit/test_provider_block.py
@@ -0,0 +1,414 @@
+"""Unit tests for the ProviderBlockGenerator."""
+
+import pytest
+
+from iac_reverse.models import ProviderType, ScanProfile
+from iac_reverse.generator import ProviderBlockGenerator
+
+
+# ---------------------------------------------------------------------------
+# Helpers
+# ---------------------------------------------------------------------------
+
+
+def make_profile(
+    provider: ProviderType,
+    credentials: dict[str, str] | None = None,
+) -> ScanProfile:
+    """Create a ScanProfile with sensible defaults for testing."""
+    default_creds: dict[ProviderType, dict[str, str]] = {
+        ProviderType.KUBERNETES: {
+            "host": "https://k8s-api.local:6443",
+            "cluster_ca_certificate": "/path/to/ca.crt",
+            "token": "my-token-123",
+        },
+        ProviderType.DOCKER_SWARM: {
+            "host": "tcp://swarm-manager:2376",
+            "cert_path": "/home/user/.docker/certs",
+        },
+        ProviderType.SYNOLOGY: {
+            "url": "https://nas.local:5001",
+            "username": "admin",
+            "password": "secret123",
+        },
+        ProviderType.HARVESTER: {
+            "kubeconfig": "/home/user/.kube/harvester.yaml",
+        },
+        ProviderType.BARE_METAL: {
+            "endpoint": "https://bmc.local/redfish/v1",
+            "username": "root",
+            "password": "calvin",
+        },
+        ProviderType.WINDOWS: {
+            "host": "win-server-01.local",
+            "username": "Administrator",
+            "password": "P@ssw0rd",
+            "winrm_port": "5986",
+            "winrm_use_ssl": "true",
+        },
+    }
+    creds = credentials if credentials is not None else default_creds[provider]
+    return ScanProfile(provider=provider, credentials=creds)
+
+
+# ---------------------------------------------------------------------------
+# Tests: Single provider generates one provider block
+# ---------------------------------------------------------------------------
+
+
+class TestSingleProvider:
+    """Tests for generating a single provider block."""
+
+    def test_kubernetes_generates_one_provider_block(self):
+        """A single Kubernetes provider generates one provider block."""
+        profile = make_profile(ProviderType.KUBERNETES)
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=[profile],
+            provider_types={ProviderType.KUBERNETES},
+        )
+
+        assert result.filename == "providers.tf"
+        assert result.content.count('provider "kubernetes"') == 1
+
+    def test_docker_generates_one_provider_block(self):
+        """A single Docker Swarm provider generates one provider block."""
+        profile = make_profile(ProviderType.DOCKER_SWARM)
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=[profile],
+            provider_types={ProviderType.DOCKER_SWARM},
+        )
+
+        assert result.content.count('provider "docker"') == 1
+
+    def test_synology_generates_one_provider_block(self):
+        """A single Synology provider generates one provider block."""
+        profile = make_profile(ProviderType.SYNOLOGY)
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=[profile],
+            provider_types={ProviderType.SYNOLOGY},
+        )
+
+        assert result.content.count('provider "synology"') == 1
+
+    def test_harvester_generates_one_provider_block(self):
+        """A single Harvester provider generates one provider block."""
+        profile = make_profile(ProviderType.HARVESTER)
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=[profile],
+            provider_types={ProviderType.HARVESTER},
+        )
+
+        assert result.content.count('provider "harvester"') == 1
+
+    def test_bare_metal_generates_one_provider_block(self):
+        """A single Bare Metal provider generates one provider block."""
+        profile = make_profile(ProviderType.BARE_METAL)
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=[profile],
+            provider_types={ProviderType.BARE_METAL},
+        )
+
+        assert result.content.count('provider "redfish"') == 1
+
+    def test_windows_generates_one_provider_block(self):
+        """A single Windows provider generates one provider block."""
+        profile = make_profile(ProviderType.WINDOWS)
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=[profile],
+            provider_types={ProviderType.WINDOWS},
+        )
+
+        assert result.content.count('provider "windows"') == 1
+
+
+# ---------------------------------------------------------------------------
+# Tests: Multiple providers generate multiple blocks
+# ---------------------------------------------------------------------------
+
+
+class TestMultipleProviders:
+    """Tests for generating multiple provider blocks."""
+
+    def test_two_providers_generate_two_blocks(self):
+        """Two distinct providers generate two provider blocks."""
+        profiles = [
+            make_profile(ProviderType.KUBERNETES),
+            make_profile(ProviderType.DOCKER_SWARM),
+        ]
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=profiles,
+            provider_types={ProviderType.KUBERNETES, ProviderType.DOCKER_SWARM},
+        )
+
+        assert 'provider "kubernetes"' in result.content
+        assert 'provider "docker"' in result.content
+
+    def test_three_providers_generate_three_blocks(self):
+        """Three distinct providers generate three provider blocks."""
+        profiles = [
+            make_profile(ProviderType.KUBERNETES),
+            make_profile(ProviderType.SYNOLOGY),
+            make_profile(ProviderType.WINDOWS),
+        ]
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=profiles,
+            provider_types={
+                ProviderType.KUBERNETES,
+                ProviderType.SYNOLOGY,
+                ProviderType.WINDOWS,
+            },
+        )
+
+        assert 'provider "kubernetes"' in result.content
+        assert 'provider "synology"' in result.content
+        assert 'provider "windows"' in result.content
+
+    def test_all_six_providers(self):
+        """All six provider types generate six provider blocks."""
+        all_types = set(ProviderType)
+        profiles = [make_profile(pt) for pt in all_types]
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=profiles,
+            provider_types=all_types,
+        )
+
+        assert 'provider "kubernetes"' in result.content
+        assert 'provider "docker"' in result.content
+        assert 'provider "synology"' in result.content
+        assert 'provider "harvester"' in result.content
+        assert 'provider "redfish"' in result.content
+        assert 'provider "windows"' in result.content
+
+
+# ---------------------------------------------------------------------------
+# Tests: Provider-specific configuration is included
+# ---------------------------------------------------------------------------
+
+
+class TestProviderSpecificConfig:
+    """Tests for provider-specific configuration attributes."""
+
+    def test_kubernetes_includes_host_ca_token(self):
+        """Kubernetes provider block includes host, cluster_ca_certificate, token."""
+        profile = make_profile(ProviderType.KUBERNETES)
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=[profile],
+            provider_types={ProviderType.KUBERNETES},
+        )
+
+        assert "https://k8s-api.local:6443" in result.content
+        assert "/path/to/ca.crt" in result.content
+        assert "my-token-123" in result.content
+        assert "host" in result.content
+        assert "cluster_ca_certificate" in result.content
+        assert "token" in result.content
+
+    def test_docker_includes_host_cert_path(self):
+        """Docker provider block includes host and cert_path."""
+        profile = make_profile(ProviderType.DOCKER_SWARM)
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=[profile],
+            provider_types={ProviderType.DOCKER_SWARM},
+        )
+
+        assert "tcp://swarm-manager:2376" in result.content
+        assert "/home/user/.docker/certs" in result.content
+        assert "host" in result.content
+        assert "cert_path" in result.content
+
+    def test_synology_includes_url_username_password(self):
+        """Synology provider block includes url, username, password."""
+        profile = make_profile(ProviderType.SYNOLOGY)
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=[profile],
+            provider_types={ProviderType.SYNOLOGY},
+        )
+
+        assert "https://nas.local:5001" in result.content
+        assert "admin" in result.content
+        assert "secret123" in result.content
+        assert "url" in result.content
+        assert "username" in result.content
+        assert "password" in result.content
+
+    def test_harvester_includes_kubeconfig(self):
+        """Harvester provider block includes kubeconfig."""
+        profile = make_profile(ProviderType.HARVESTER)
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=[profile],
+            provider_types={ProviderType.HARVESTER},
+        )
+
+        assert "/home/user/.kube/harvester.yaml" in result.content
+        assert "kubeconfig" in result.content
+
+    def test_bare_metal_includes_endpoint_username_password(self):
+        """Bare Metal (redfish) provider block includes endpoint, username, password."""
+        profile = make_profile(ProviderType.BARE_METAL)
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=[profile],
+            provider_types={ProviderType.BARE_METAL},
+        )
+
+        assert "https://bmc.local/redfish/v1" in result.content
+        assert "root" in result.content
+        assert "calvin" in result.content
+        assert "endpoint" in result.content
+        assert "username" in result.content
+        assert "password" in result.content
+
+    def test_windows_includes_host_username_password_winrm(self):
+        """Windows provider block includes host, username, password, winrm settings."""
+        profile = make_profile(ProviderType.WINDOWS)
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=[profile],
+            provider_types={ProviderType.WINDOWS},
+        )
+
+        assert "win-server-01.local" in result.content
+        assert "Administrator" in result.content
+        assert "P@ssw0rd" in result.content
+        assert "winrm" in result.content
+        assert "5986" in result.content
+        assert "use_ssl" in result.content
+
+
+# ---------------------------------------------------------------------------
+# Tests: required_providers block is generated
+# ---------------------------------------------------------------------------
+
+
+class TestRequiredProvidersBlock:
+    """Tests for the terraform { required_providers { ... } } block."""
+
+    def test_required_providers_block_present(self):
+        """The output contains a terraform { required_providers { ... } } block."""
+        profile = make_profile(ProviderType.KUBERNETES)
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=[profile],
+            provider_types={ProviderType.KUBERNETES},
+        )
+
+        assert "terraform {" in result.content
+        assert "required_providers {" in result.content
+
+    def test_required_providers_includes_source(self):
+        """The required_providers block includes source for each provider."""
+        profile = make_profile(ProviderType.KUBERNETES)
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=[profile],
+            provider_types={ProviderType.KUBERNETES},
+        )
+
+        assert 'source  = "hashicorp/kubernetes"' in result.content
+
+    def test_required_providers_includes_version(self):
+        """The required_providers block includes version constraint."""
+        profile = make_profile(ProviderType.KUBERNETES)
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=[profile],
+            provider_types={ProviderType.KUBERNETES},
+        )
+
+        assert 'version = "~> 2.0"' in result.content
+
+    def test_multiple_providers_all_in_required_providers(self):
+        """Multiple providers are all listed in required_providers."""
+        profiles = [
+            make_profile(ProviderType.KUBERNETES),
+            make_profile(ProviderType.DOCKER_SWARM),
+            make_profile(ProviderType.BARE_METAL),
+        ]
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=profiles,
+            provider_types={
+                ProviderType.KUBERNETES,
+                ProviderType.DOCKER_SWARM,
+                ProviderType.BARE_METAL,
+            },
+        )
+
+        assert 'source  = "hashicorp/kubernetes"' in result.content
+        assert 'source  = "kreuzwerker/docker"' in result.content
+        assert 'source  = "dell/redfish"' in result.content
+
+    def test_docker_swarm_maps_to_kreuzwerker_docker(self):
+        """Docker Swarm maps to kreuzwerker/docker provider source."""
+        profile = make_profile(ProviderType.DOCKER_SWARM)
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=[profile],
+            provider_types={ProviderType.DOCKER_SWARM},
+        )
+
+        assert "docker = {" in result.content
+        assert 'source  = "kreuzwerker/docker"' in result.content
+
+    def test_harvester_maps_to_harvester_source(self):
+        """Harvester maps to harvester/harvester provider source."""
+        profile = make_profile(ProviderType.HARVESTER)
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=[profile],
+            provider_types={ProviderType.HARVESTER},
+        )
+
+        assert "harvester = {" in result.content
+        assert 'source  = "harvester/harvester"' in result.content
+
+    def test_provider_type_without_matching_profile_gets_placeholder(self):
+        """A provider type with no matching profile gets a placeholder block."""
+        # Profile is for Kubernetes, but we request Synology too
+        profile = make_profile(ProviderType.KUBERNETES)
+        generator = ProviderBlockGenerator()
+
+        result = generator.generate(
+            profiles=[profile],
+            provider_types={ProviderType.KUBERNETES, ProviderType.SYNOLOGY},
+        )
+
+        # Synology should still appear in required_providers
+        assert "synology = {" in result.content
+        assert 'source  = "synology-community/synology"' in result.content
+        # And should have a placeholder provider block
+        assert '# No profile provided' in result.content
diff --git a/tests/unit/test_resolver.py b/tests/unit/test_resolver.py
new file mode 100644
index 0000000..90e2084
--- /dev/null
+++ b/tests/unit/test_resolver.py
@@ -0,0 +1,481 @@
+"""Unit tests for the DependencyResolver."""
+
+import pytest
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    DependencyGraph,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ScanResult,
+)
+from iac_reverse.resolver import DependencyResolver
+
+
+# ---------------------------------------------------------------------------
+# Helpers / Fixtures
+# ---------------------------------------------------------------------------
+
+
+def make_resource(
+    resource_type: str = "kubernetes_deployment",
+    unique_id: str = "default/deployments/nginx",
+    name: str = "nginx",
+    raw_references: list[str] | None = None,
+    attributes: dict | None = None,
+    provider: ProviderType = ProviderType.KUBERNETES,
+    platform_category: PlatformCategory = PlatformCategory.CONTAINER_ORCHESTRATION,
+) -> DiscoveredResource:
+    """Create a sample DiscoveredResource for testing."""
+    return DiscoveredResource(
+        resource_type=resource_type,
+        unique_id=unique_id,
+        name=name,
+        provider=provider,
+        platform_category=platform_category,
+        architecture=CpuArchitecture.AARCH64,
+        endpoint="https://k8s-api.local:6443",
+        attributes=attributes or {},
+        raw_references=raw_references or [],
+    )
+
+
+def make_scan_result(resources: list[DiscoveredResource]) -> ScanResult:
+    """Create a ScanResult from a list of resources."""
+    return ScanResult(
+        resources=resources,
+        warnings=[],
+        errors=[],
+        scan_timestamp="2024-01-15T10:30:00Z",
+        profile_hash="test-hash",
+    )
+
+
+# ---------------------------------------------------------------------------
+# Tests: Simple linear dependency chain
+# ---------------------------------------------------------------------------
+
+
+class TestLinearDependencyChain:
+    """Tests for a simple A -> B -> C dependency chain."""
+
+    def test_linear_chain_produces_correct_topological_order(self):
+        """Resources in a linear chain appear in dependency order."""
+        # C depends on B, B depends on A
+        resource_a = make_resource(
+            resource_type="kubernetes_namespace",
+            unique_id="ns/default",
+            name="default",
+        )
+        resource_b = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="default/services/nginx-svc",
+            name="nginx-svc",
+            raw_references=["ns/default"],
+            attributes={"namespace": "default"},
+        )
+        resource_c = make_resource(
+            resource_type="kubernetes_ingress",
+            unique_id="default/ingresses/nginx-ingress",
+            name="nginx-ingress",
+            raw_references=["default/services/nginx-svc"],
+            attributes={"service": "nginx-svc"},
+        )
+
+        scan_result = make_scan_result([resource_a, resource_b, resource_c])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        # A must appear before B, B must appear before C
+        order = graph.topological_order
+        assert order.index("ns/default") < order.index("default/services/nginx-svc")
+        assert order.index("default/services/nginx-svc") < order.index(
+            "default/ingresses/nginx-ingress"
+        )
+
+    def test_linear_chain_produces_correct_relationships(self):
+        """Each link in the chain produces a relationship."""
+        resource_a = make_resource(
+            resource_type="kubernetes_namespace",
+            unique_id="ns/default",
+            name="default",
+        )
+        resource_b = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="default/services/nginx-svc",
+            name="nginx-svc",
+            raw_references=["ns/default"],
+        )
+
+        scan_result = make_scan_result([resource_a, resource_b])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.relationships) == 1
+        rel = graph.relationships[0]
+        assert rel.source_id == "default/services/nginx-svc"
+        assert rel.target_id == "ns/default"
+
+
+# ---------------------------------------------------------------------------
+# Tests: Multiple resources with shared dependencies
+# ---------------------------------------------------------------------------
+
+
+class TestSharedDependencies:
+    """Tests for multiple resources depending on the same resource."""
+
+    def test_shared_dependency_appears_before_all_dependents(self):
+        """A shared dependency appears before all resources that depend on it."""
+        namespace = make_resource(
+            resource_type="kubernetes_namespace",
+            unique_id="ns/production",
+            name="production",
+        )
+        deployment = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="production/deployments/app",
+            name="app",
+            raw_references=["ns/production"],
+        )
+        service = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="production/services/app-svc",
+            name="app-svc",
+            raw_references=["ns/production"],
+        )
+
+        scan_result = make_scan_result([namespace, deployment, service])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        order = graph.topological_order
+        ns_idx = order.index("ns/production")
+        deploy_idx = order.index("production/deployments/app")
+        svc_idx = order.index("production/services/app-svc")
+
+        assert ns_idx < deploy_idx
+        assert ns_idx < svc_idx
+
+    def test_shared_dependency_produces_multiple_relationships(self):
+        """A shared dependency creates one relationship per dependent."""
+        namespace = make_resource(
+            resource_type="kubernetes_namespace",
+            unique_id="ns/production",
+            name="production",
+        )
+        deployment = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="production/deployments/app",
+            name="app",
+            raw_references=["ns/production"],
+        )
+        service = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="production/services/app-svc",
+            name="app-svc",
+            raw_references=["ns/production"],
+        )
+
+        scan_result = make_scan_result([namespace, deployment, service])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.relationships) == 2
+        target_ids = [r.target_id for r in graph.relationships]
+        assert target_ids.count("ns/production") == 2
+
+
+# ---------------------------------------------------------------------------
+# Tests: Resources with no references (standalone)
+# ---------------------------------------------------------------------------
+
+
+class TestStandaloneResources:
+    """Tests for resources that have no references to other resources."""
+
+    def test_standalone_resources_appear_in_topological_order(self):
+        """Resources with no references still appear in the topological order."""
+        resource_a = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="default/deployments/standalone-a",
+            name="standalone-a",
+        )
+        resource_b = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="default/services/standalone-b",
+            name="standalone-b",
+        )
+
+        scan_result = make_scan_result([resource_a, resource_b])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.topological_order) == 2
+        assert "default/deployments/standalone-a" in graph.topological_order
+        assert "default/services/standalone-b" in graph.topological_order
+
+    def test_standalone_resources_produce_no_relationships(self):
+        """Resources with no references produce no relationships."""
+        resource_a = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="default/deployments/standalone",
+            name="standalone",
+        )
+
+        scan_result = make_scan_result([resource_a])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.relationships) == 0
+
+    def test_empty_scan_result_produces_empty_graph(self):
+        """An empty scan result produces an empty dependency graph."""
+        scan_result = make_scan_result([])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert graph.resources == []
+        assert graph.relationships == []
+        assert graph.topological_order == []
+        assert graph.cycles == []
+        assert graph.unresolved_references == []
+
+
+# ---------------------------------------------------------------------------
+# Tests: Parent-child relationship detection
+# ---------------------------------------------------------------------------
+
+
+class TestParentChildRelationships:
+    """Tests for parent-child relationship classification."""
+
+    def test_namespace_reference_classified_as_parent_child(self):
+        """A reference to a kubernetes_namespace is classified as parent-child."""
+        namespace = make_resource(
+            resource_type="kubernetes_namespace",
+            unique_id="ns/default",
+            name="default",
+        )
+        deployment = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="default/deployments/app",
+            name="app",
+            raw_references=["ns/default"],
+            attributes={"namespace": "default"},
+        )
+
+        scan_result = make_scan_result([namespace, deployment])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.relationships) == 1
+        assert graph.relationships[0].relationship_type == "parent-child"
+
+    def test_docker_network_reference_classified_as_parent_child(self):
+        """A reference to a docker_network is classified as parent-child."""
+        network = make_resource(
+            resource_type="docker_network",
+            unique_id="networks/overlay-net",
+            name="overlay-net",
+            provider=ProviderType.DOCKER_SWARM,
+            platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+        )
+        service = make_resource(
+            resource_type="docker_service",
+            unique_id="services/web",
+            name="web",
+            raw_references=["networks/overlay-net"],
+            provider=ProviderType.DOCKER_SWARM,
+            platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+        )
+
+        scan_result = make_scan_result([network, service])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.relationships) == 1
+        assert graph.relationships[0].relationship_type == "parent-child"
+
+    def test_dependency_relationship_for_iis_site_to_app_pool(self):
+        """An IIS site referencing an app pool is classified as dependency."""
+        app_pool = make_resource(
+            resource_type="windows_iis_app_pool",
+            unique_id="win-server/iis/app_pools/DefaultAppPool",
+            name="DefaultAppPool",
+            provider=ProviderType.WINDOWS,
+            platform_category=PlatformCategory.WINDOWS,
+        )
+        iis_site = make_resource(
+            resource_type="windows_iis_site",
+            unique_id="win-server/iis/sites/Default Web Site",
+            name="Default Web Site",
+            raw_references=["win-server/iis/app_pools/DefaultAppPool"],
+            attributes={"app_pool": "DefaultAppPool"},
+            provider=ProviderType.WINDOWS,
+            platform_category=PlatformCategory.WINDOWS,
+        )
+
+        scan_result = make_scan_result([app_pool, iis_site])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.relationships) == 1
+        assert graph.relationships[0].relationship_type == "dependency"
+
+    def test_generic_reference_classified_as_reference(self):
+        """A reference to a non-namespace, non-dependency resource is 'reference'."""
+        service = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="default/services/nginx-svc",
+            name="nginx-svc",
+        )
+        deployment = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="default/deployments/nginx",
+            name="nginx",
+            raw_references=["default/services/nginx-svc"],
+        )
+
+        scan_result = make_scan_result([service, deployment])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.relationships) == 1
+        assert graph.relationships[0].relationship_type == "reference"
+
+
+# ---------------------------------------------------------------------------
+# Tests: Topological order validity
+# ---------------------------------------------------------------------------
+
+
+class TestTopologicalOrderValidity:
+    """Tests that topological order is valid (no resource before its dependencies)."""
+
+    def test_no_resource_appears_before_its_dependencies(self):
+        """In the topological order, no resource appears before any it depends on."""
+        namespace = make_resource(
+            resource_type="kubernetes_namespace",
+            unique_id="ns/prod",
+            name="prod",
+        )
+        config_map = make_resource(
+            resource_type="kubernetes_config_map",
+            unique_id="prod/configmaps/app-config",
+            name="app-config",
+            raw_references=["ns/prod"],
+        )
+        deployment = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="prod/deployments/app",
+            name="app",
+            raw_references=["ns/prod", "prod/configmaps/app-config"],
+        )
+        service = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="prod/services/app-svc",
+            name="app-svc",
+            raw_references=["ns/prod"],
+        )
+        ingress = make_resource(
+            resource_type="kubernetes_ingress",
+            unique_id="prod/ingresses/app-ingress",
+            name="app-ingress",
+            raw_references=["prod/services/app-svc"],
+        )
+
+        scan_result = make_scan_result(
+            [namespace, config_map, deployment, service, ingress]
+        )
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        order = graph.topological_order
+
+        # Verify: for each relationship, target appears before source
+        for rel in graph.relationships:
+            target_idx = order.index(rel.target_id)
+            source_idx = order.index(rel.source_id)
+            assert target_idx < source_idx, (
+                f"Target {rel.target_id} (idx={target_idx}) should appear before "
+                f"source {rel.source_id} (idx={source_idx})"
+            )
+
+    def test_topological_order_contains_all_resources(self):
+        """The topological order contains every resource exactly once."""
+        resources = [
+            make_resource(
+                resource_type="kubernetes_deployment",
+                unique_id=f"default/deployments/app-{i}",
+                name=f"app-{i}",
+            )
+            for i in range(5)
+        ]
+
+        scan_result = make_scan_result(resources)
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.topological_order) == 5
+        assert len(set(graph.topological_order)) == 5  # All unique
+
+    def test_graph_returns_all_resources_in_resources_field(self):
+        """The DependencyGraph.resources field contains all input resources."""
+        resources = [
+            make_resource(
+                unique_id=f"resource-{i}",
+                name=f"res-{i}",
+            )
+            for i in range(3)
+        ]
+
+        scan_result = make_scan_result(resources)
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert graph.resources == resources
+
+    def test_source_attribute_identified_from_attributes(self):
+        """The source_attribute is identified from the resource's attributes dict."""
+        app_pool = make_resource(
+            resource_type="windows_iis_app_pool",
+            unique_id="win/iis/app_pools/MyPool",
+            name="MyPool",
+            provider=ProviderType.WINDOWS,
+            platform_category=PlatformCategory.WINDOWS,
+        )
+        site = make_resource(
+            resource_type="windows_iis_site",
+            unique_id="win/iis/sites/MySite",
+            name="MySite",
+            raw_references=["win/iis/app_pools/MyPool"],
+            attributes={"app_pool": "MyPool", "state": "Started"},
+            provider=ProviderType.WINDOWS,
+            platform_category=PlatformCategory.WINDOWS,
+        )
+
+        scan_result = make_scan_result([app_pool, site])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert graph.relationships[0].source_attribute == "app_pool"
+
+    def test_unresolved_references_are_skipped(self):
+        """References to IDs not in the inventory are skipped (no relationship created)."""
+        resource = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="default/deployments/app",
+            name="app",
+            raw_references=["nonexistent/resource/id"],
+        )
+
+        scan_result = make_scan_result([resource])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.relationships) == 0
+        # Unresolved references are now tracked (task 4.3)
+        assert len(graph.unresolved_references) == 1
+        assert graph.unresolved_references[0].referenced_id == "nonexistent/resource/id"
diff --git a/tests/unit/test_resolver_cycles.py b/tests/unit/test_resolver_cycles.py
new file mode 100644
index 0000000..f35f02f
--- /dev/null
+++ b/tests/unit/test_resolver_cycles.py
@@ -0,0 +1,537 @@
+"""Unit tests for cycle detection and resolution in the DependencyResolver."""
+
+import pytest
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    CycleReport,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ScanResult,
+)
+from iac_reverse.resolver import DependencyResolver
+
+
+# ---------------------------------------------------------------------------
+# Helpers
+# ---------------------------------------------------------------------------
+
+
+def make_resource(
+    resource_type: str = "kubernetes_deployment",
+    unique_id: str = "default/deployments/nginx",
+    name: str = "nginx",
+    raw_references: list[str] | None = None,
+    attributes: dict | None = None,
+    provider: ProviderType = ProviderType.KUBERNETES,
+    platform_category: PlatformCategory = PlatformCategory.CONTAINER_ORCHESTRATION,
+) -> DiscoveredResource:
+    """Create a sample DiscoveredResource for testing."""
+    return DiscoveredResource(
+        resource_type=resource_type,
+        unique_id=unique_id,
+        name=name,
+        provider=provider,
+        platform_category=platform_category,
+        architecture=CpuArchitecture.AARCH64,
+        endpoint="https://k8s-api.local:6443",
+        attributes=attributes or {},
+        raw_references=raw_references or [],
+    )
+
+
+def make_scan_result(resources: list[DiscoveredResource]) -> ScanResult:
+    """Create a ScanResult from a list of resources."""
+    return ScanResult(
+        resources=resources,
+        warnings=[],
+        errors=[],
+        scan_timestamp="2024-01-15T10:30:00Z",
+        profile_hash="test-hash",
+    )
+
+
+# ---------------------------------------------------------------------------
+# Tests: Simple A -> B -> A cycle detection
+# ---------------------------------------------------------------------------
+
+
+class TestSimpleTwoNodeCycle:
+    """Tests for a simple two-node cycle: A -> B -> A."""
+
+    def test_two_node_cycle_detected(self):
+        """A simple A -> B -> A cycle is detected."""
+        resource_a = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-a",
+            name="service-a",
+            raw_references=["svc-b"],
+        )
+        resource_b = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-b",
+            name="service-b",
+            raw_references=["svc-a"],
+        )
+
+        scan_result = make_scan_result([resource_a, resource_b])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        # Should detect exactly one cycle
+        assert len(graph.cycles) == 1
+        # The cycle should contain both resource IDs
+        cycle = graph.cycles[0]
+        assert set(cycle) == {"svc-a", "svc-b"}
+
+    def test_two_node_cycle_has_cycle_report(self):
+        """A two-node cycle produces a CycleReport with resolution suggestion."""
+        resource_a = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-a",
+            name="service-a",
+            raw_references=["svc-b"],
+        )
+        resource_b = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-b",
+            name="service-b",
+            raw_references=["svc-a"],
+        )
+
+        scan_result = make_scan_result([resource_a, resource_b])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.cycle_reports) == 1
+        report = graph.cycle_reports[0]
+        assert isinstance(report, CycleReport)
+        assert "data source" in report.resolution_strategy.lower()
+
+    def test_two_node_cycle_still_produces_topological_order(self):
+        """Despite a cycle, a topological order is still produced."""
+        resource_a = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-a",
+            name="service-a",
+            raw_references=["svc-b"],
+        )
+        resource_b = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-b",
+            name="service-b",
+            raw_references=["svc-a"],
+        )
+
+        scan_result = make_scan_result([resource_a, resource_b])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        # Topological order should contain both resources
+        assert len(graph.topological_order) == 2
+        assert set(graph.topological_order) == {"svc-a", "svc-b"}
+
+
+# ---------------------------------------------------------------------------
+# Tests: Multi-node cycle (A -> B -> C -> A)
+# ---------------------------------------------------------------------------
+
+
+class TestMultiNodeCycle:
+    """Tests for a multi-node cycle: A -> B -> C -> A."""
+
+    def test_three_node_cycle_detected(self):
+        """A three-node cycle A -> B -> C -> A is detected."""
+        resource_a = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-a",
+            name="service-a",
+            raw_references=["svc-c"],
+        )
+        resource_b = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-b",
+            name="service-b",
+            raw_references=["svc-a"],
+        )
+        resource_c = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-c",
+            name="service-c",
+            raw_references=["svc-b"],
+        )
+
+        scan_result = make_scan_result([resource_a, resource_b, resource_c])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        # Should detect exactly one cycle containing all three nodes
+        assert len(graph.cycles) == 1
+        cycle = graph.cycles[0]
+        assert set(cycle) == {"svc-a", "svc-b", "svc-c"}
+
+    def test_three_node_cycle_produces_topological_order(self):
+        """A three-node cycle still produces a valid topological order."""
+        resource_a = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-a",
+            name="service-a",
+            raw_references=["svc-c"],
+        )
+        resource_b = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-b",
+            name="service-b",
+            raw_references=["svc-a"],
+        )
+        resource_c = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-c",
+            name="service-c",
+            raw_references=["svc-b"],
+        )
+
+        scan_result = make_scan_result([resource_a, resource_b, resource_c])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.topological_order) == 3
+        assert set(graph.topological_order) == {"svc-a", "svc-b", "svc-c"}
+
+    def test_three_node_cycle_report_has_all_nodes(self):
+        """The cycle report for a 3-node cycle lists all involved resources."""
+        resource_a = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-a",
+            name="service-a",
+            raw_references=["svc-c"],
+        )
+        resource_b = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-b",
+            name="service-b",
+            raw_references=["svc-a"],
+        )
+        resource_c = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-c",
+            name="service-c",
+            raw_references=["svc-b"],
+        )
+
+        scan_result = make_scan_result([resource_a, resource_b, resource_c])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.cycle_reports) == 1
+        report = graph.cycle_reports[0]
+        assert set(report.cycle) == {"svc-a", "svc-b", "svc-c"}
+
+
+# ---------------------------------------------------------------------------
+# Tests: Graph with both cycles and acyclic portions
+# ---------------------------------------------------------------------------
+
+
+class TestMixedCyclicAndAcyclicGraph:
+    """Tests for graphs containing both cyclic and acyclic portions."""
+
+    def test_cycle_detected_alongside_acyclic_resources(self):
+        """Cycles are detected even when acyclic resources exist in the graph."""
+        # Acyclic chain: D -> E (E depends on D)
+        resource_d = make_resource(
+            resource_type="kubernetes_namespace",
+            unique_id="ns/production",
+            name="production",
+        )
+        resource_e = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="prod/deployments/app",
+            name="app",
+            raw_references=["ns/production"],
+        )
+
+        # Cycle: A -> B -> A
+        resource_a = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-x",
+            name="service-x",
+            raw_references=["svc-y"],
+        )
+        resource_b = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-y",
+            name="service-y",
+            raw_references=["svc-x"],
+        )
+
+        scan_result = make_scan_result(
+            [resource_d, resource_e, resource_a, resource_b]
+        )
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        # Should detect the cycle
+        assert len(graph.cycles) == 1
+        assert set(graph.cycles[0]) == {"svc-x", "svc-y"}
+
+    def test_acyclic_ordering_preserved_despite_cycle_elsewhere(self):
+        """Acyclic portions maintain correct topological ordering."""
+        # Acyclic chain: namespace -> deployment
+        namespace = make_resource(
+            resource_type="kubernetes_namespace",
+            unique_id="ns/prod",
+            name="prod",
+        )
+        deployment = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="prod/deploy/app",
+            name="app",
+            raw_references=["ns/prod"],
+        )
+
+        # Cycle: X -> Y -> X
+        svc_x = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-x",
+            name="svc-x",
+            raw_references=["svc-y"],
+        )
+        svc_y = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-y",
+            name="svc-y",
+            raw_references=["svc-x"],
+        )
+
+        scan_result = make_scan_result([namespace, deployment, svc_x, svc_y])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        order = graph.topological_order
+        # The acyclic relationship should still be respected
+        assert order.index("ns/prod") < order.index("prod/deploy/app")
+
+    def test_all_resources_present_in_topological_order(self):
+        """All resources (cyclic and acyclic) appear in the topological order."""
+        namespace = make_resource(
+            resource_type="kubernetes_namespace",
+            unique_id="ns/default",
+            name="default",
+        )
+        deployment = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="default/deploy/web",
+            name="web",
+            raw_references=["ns/default"],
+        )
+        svc_a = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="cycle-a",
+            name="cycle-a",
+            raw_references=["cycle-b"],
+        )
+        svc_b = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="cycle-b",
+            name="cycle-b",
+            raw_references=["cycle-a"],
+        )
+
+        scan_result = make_scan_result([namespace, deployment, svc_a, svc_b])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.topological_order) == 4
+        assert set(graph.topological_order) == {
+            "ns/default",
+            "default/deploy/web",
+            "cycle-a",
+            "cycle-b",
+        }
+
+
+# ---------------------------------------------------------------------------
+# Tests: Resolution suggestion identifies correct relationship to break
+# ---------------------------------------------------------------------------
+
+
+class TestResolutionSuggestions:
+    """Tests that resolution suggestions prefer breaking 'reference' over
+    'dependency' over 'parent-child'."""
+
+    def test_prefers_breaking_reference_over_dependency(self):
+        """When a cycle has both reference and dependency edges, suggests breaking reference."""
+        # Create a cycle where one edge is "dependency" and one is "reference"
+        # IIS site -> app pool (dependency), app pool -> IIS site (reference)
+        app_pool = make_resource(
+            resource_type="windows_iis_app_pool",
+            unique_id="pool-a",
+            name="pool-a",
+            raw_references=["site-a"],  # This creates a "reference" relationship
+            provider=ProviderType.WINDOWS,
+            platform_category=PlatformCategory.WINDOWS,
+        )
+        iis_site = make_resource(
+            resource_type="windows_iis_site",
+            unique_id="site-a",
+            name="site-a",
+            raw_references=["pool-a"],  # This creates a "dependency" relationship
+            provider=ProviderType.WINDOWS,
+            platform_category=PlatformCategory.WINDOWS,
+        )
+
+        scan_result = make_scan_result([app_pool, iis_site])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.cycle_reports) == 1
+        report = graph.cycle_reports[0]
+        # Should suggest breaking the "reference" relationship (pool -> site)
+        assert report.break_relationship_type == "reference"
+
+    def test_prefers_breaking_dependency_over_parent_child(self):
+        """When a cycle has dependency and parent-child edges, suggests breaking dependency."""
+        # Create a cycle: namespace -> deployment (parent-child back-ref),
+        # deployment -> namespace (dependency)
+        # We need to craft this carefully:
+        # - deployment references namespace -> classified as "parent-child" (namespace is in _NAMESPACE_RESOURCE_TYPES)
+        # - namespace references deployment -> classified as "reference" (deployment is not special)
+        # Actually let's use a different setup to get dependency vs parent-child
+
+        # Use harvester: VM -> network (dependency), network -> VM (reference)
+        network = make_resource(
+            resource_type="harvester_network",
+            unique_id="net-a",
+            name="net-a",
+            raw_references=["vm-a"],  # reference (VM is not a namespace type)
+            provider=ProviderType.HARVESTER,
+            platform_category=PlatformCategory.HCI,
+        )
+        vm = make_resource(
+            resource_type="harvester_virtualmachine",
+            unique_id="vm-a",
+            name="vm-a",
+            raw_references=["net-a"],  # dependency (VM depends on network)
+            provider=ProviderType.HARVESTER,
+            platform_category=PlatformCategory.HCI,
+        )
+
+        scan_result = make_scan_result([network, vm])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.cycle_reports) == 1
+        report = graph.cycle_reports[0]
+        # The network -> VM edge is "reference", VM -> network is "parent-child"
+        # (because harvester_network is in _NAMESPACE_RESOURCE_TYPES)
+        # So it should prefer breaking "reference"
+        assert report.break_relationship_type == "reference"
+
+    def test_resolution_strategy_mentions_data_source(self):
+        """Resolution strategy suggests data source lookup as alternative."""
+        resource_a = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-a",
+            name="service-a",
+            raw_references=["svc-b"],
+        )
+        resource_b = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-b",
+            name="service-b",
+            raw_references=["svc-a"],
+        )
+
+        scan_result = make_scan_result([resource_a, resource_b])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.cycle_reports) == 1
+        report = graph.cycle_reports[0]
+        assert "data source" in report.resolution_strategy.lower()
+
+    def test_suggested_break_edge_is_in_cycle(self):
+        """The suggested edge to break is actually part of the cycle."""
+        resource_a = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-a",
+            name="service-a",
+            raw_references=["svc-b"],
+        )
+        resource_b = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc-b",
+            name="service-b",
+            raw_references=["svc-a"],
+        )
+
+        scan_result = make_scan_result([resource_a, resource_b])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        report = graph.cycle_reports[0]
+        # The suggested break edge nodes should be in the cycle
+        source, target = report.suggested_break
+        assert source in report.cycle
+        assert target in report.cycle
+
+
+# ---------------------------------------------------------------------------
+# Tests: No cycles in acyclic graph
+# ---------------------------------------------------------------------------
+
+
+class TestNoCycles:
+    """Tests that acyclic graphs report no cycles."""
+
+    def test_linear_chain_has_no_cycles(self):
+        """A simple linear chain has no cycles."""
+        resource_a = make_resource(
+            resource_type="kubernetes_namespace",
+            unique_id="ns/default",
+            name="default",
+        )
+        resource_b = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="default/svc/app",
+            name="app",
+            raw_references=["ns/default"],
+        )
+        resource_c = make_resource(
+            resource_type="kubernetes_ingress",
+            unique_id="default/ingress/app",
+            name="app-ingress",
+            raw_references=["default/svc/app"],
+        )
+
+        scan_result = make_scan_result([resource_a, resource_b, resource_c])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert graph.cycles == []
+        assert graph.cycle_reports == []
+
+    def test_empty_graph_has_no_cycles(self):
+        """An empty graph has no cycles."""
+        scan_result = make_scan_result([])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert graph.cycles == []
+        assert graph.cycle_reports == []
+
+    def test_standalone_resources_have_no_cycles(self):
+        """Resources with no references have no cycles."""
+        resources = [
+            make_resource(unique_id=f"res-{i}", name=f"res-{i}")
+            for i in range(5)
+        ]
+
+        scan_result = make_scan_result(resources)
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert graph.cycles == []
+        assert graph.cycle_reports == []
diff --git a/tests/unit/test_resolver_unresolved.py b/tests/unit/test_resolver_unresolved.py
new file mode 100644
index 0000000..b6abc97
--- /dev/null
+++ b/tests/unit/test_resolver_unresolved.py
@@ -0,0 +1,445 @@
+"""Unit tests for unresolved reference handling in the DependencyResolver."""
+
+import logging
+
+import pytest
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ScanResult,
+)
+from iac_reverse.resolver import DependencyResolver
+
+
+# ---------------------------------------------------------------------------
+# Helpers
+# ---------------------------------------------------------------------------
+
+
+def make_resource(
+    resource_type: str = "kubernetes_deployment",
+    unique_id: str = "default/deployments/nginx",
+    name: str = "nginx",
+    raw_references: list[str] | None = None,
+    attributes: dict | None = None,
+    provider: ProviderType = ProviderType.KUBERNETES,
+    platform_category: PlatformCategory = PlatformCategory.CONTAINER_ORCHESTRATION,
+) -> DiscoveredResource:
+    """Create a sample DiscoveredResource for testing."""
+    return DiscoveredResource(
+        resource_type=resource_type,
+        unique_id=unique_id,
+        name=name,
+        provider=provider,
+        platform_category=platform_category,
+        architecture=CpuArchitecture.AARCH64,
+        endpoint="https://k8s-api.local:6443",
+        attributes=attributes or {},
+        raw_references=raw_references or [],
+    )
+
+
+def make_scan_result(resources: list[DiscoveredResource]) -> ScanResult:
+    """Create a ScanResult from a list of resources."""
+    return ScanResult(
+        resources=resources,
+        warnings=[],
+        errors=[],
+        scan_timestamp="2024-01-15T10:30:00Z",
+        profile_hash="test-hash",
+    )
+
+
+# ---------------------------------------------------------------------------
+# Tests: Single unresolved reference
+# ---------------------------------------------------------------------------
+
+
+class TestSingleUnresolvedReference:
+    """Tests for a single unresolved reference creating an UnresolvedReference entry."""
+
+    def test_single_unresolved_reference_creates_entry(self):
+        """A raw_reference pointing to an ID not in the inventory creates an UnresolvedReference."""
+        resource = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="default/deployments/app",
+            name="app",
+            raw_references=["nonexistent/resource/id"],
+        )
+
+        scan_result = make_scan_result([resource])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.unresolved_references) == 1
+        unresolved = graph.unresolved_references[0]
+        assert unresolved.source_resource_id == "default/deployments/app"
+        assert unresolved.referenced_id == "nonexistent/resource/id"
+
+    def test_unresolved_reference_source_attribute_from_attributes(self):
+        """The source_attribute is identified from the resource's attributes dict."""
+        resource = make_resource(
+            resource_type="windows_iis_site",
+            unique_id="win/iis/sites/MySite",
+            name="MySite",
+            raw_references=["missing-pool-id"],
+            attributes={"app_pool": "missing-pool-id", "state": "Started"},
+            provider=ProviderType.WINDOWS,
+            platform_category=PlatformCategory.WINDOWS,
+        )
+
+        scan_result = make_scan_result([resource])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.unresolved_references) == 1
+        assert graph.unresolved_references[0].source_attribute == "app_pool"
+
+    def test_unresolved_reference_fallback_to_raw_references(self):
+        """Falls back to 'raw_references' when the ref ID isn't in attributes."""
+        resource = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="default/deployments/app",
+            name="app",
+            raw_references=["some/external/resource"],
+            attributes={"replicas": "3"},
+        )
+
+        scan_result = make_scan_result([resource])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert graph.unresolved_references[0].source_attribute == "raw_references"
+
+
+# ---------------------------------------------------------------------------
+# Tests: Multiple unresolved references from same resource
+# ---------------------------------------------------------------------------
+
+
+class TestMultipleUnresolvedFromSameResource:
+    """Tests for multiple unresolved references from the same resource."""
+
+    def test_multiple_unresolved_from_same_resource(self):
+        """Multiple unresolved references from one resource create multiple entries."""
+        resource = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="default/deployments/app",
+            name="app",
+            raw_references=[
+                "missing/namespace/id",
+                "missing/configmap/id",
+                "missing/secret/id",
+            ],
+        )
+
+        scan_result = make_scan_result([resource])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.unresolved_references) == 3
+        referenced_ids = [u.referenced_id for u in graph.unresolved_references]
+        assert "missing/namespace/id" in referenced_ids
+        assert "missing/configmap/id" in referenced_ids
+        assert "missing/secret/id" in referenced_ids
+
+    def test_all_entries_share_same_source_resource_id(self):
+        """All unresolved entries from the same resource share the source_resource_id."""
+        resource = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="default/deployments/app",
+            name="app",
+            raw_references=["missing/ref-a", "missing/ref-b"],
+        )
+
+        scan_result = make_scan_result([resource])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        for unresolved in graph.unresolved_references:
+            assert unresolved.source_resource_id == "default/deployments/app"
+
+
+# ---------------------------------------------------------------------------
+# Tests: Mix of resolved and unresolved references
+# ---------------------------------------------------------------------------
+
+
+class TestMixedResolvedAndUnresolved:
+    """Tests for a mix of resolved and unresolved references."""
+
+    def test_resolved_creates_relationship_unresolved_creates_entry(self):
+        """Resolved references create relationships; unresolved create entries."""
+        namespace = make_resource(
+            resource_type="kubernetes_namespace",
+            unique_id="ns/default",
+            name="default",
+        )
+        deployment = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="default/deployments/app",
+            name="app",
+            raw_references=["ns/default", "missing/configmap/app-config"],
+            attributes={"namespace": "default"},
+        )
+
+        scan_result = make_scan_result([namespace, deployment])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        # One resolved relationship
+        assert len(graph.relationships) == 1
+        assert graph.relationships[0].target_id == "ns/default"
+
+        # One unresolved reference
+        assert len(graph.unresolved_references) == 1
+        assert (
+            graph.unresolved_references[0].referenced_id
+            == "missing/configmap/app-config"
+        )
+
+    def test_mixed_references_multiple_resources(self):
+        """Multiple resources with a mix of resolved and unresolved references."""
+        namespace = make_resource(
+            resource_type="kubernetes_namespace",
+            unique_id="ns/prod",
+            name="prod",
+        )
+        deployment = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="prod/deployments/web",
+            name="web",
+            raw_references=["ns/prod", "external/database/postgres"],
+        )
+        service = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="prod/services/web-svc",
+            name="web-svc",
+            raw_references=["ns/prod", "missing/endpoint"],
+        )
+
+        scan_result = make_scan_result([namespace, deployment, service])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        # Two resolved relationships (deployment->ns, service->ns)
+        assert len(graph.relationships) == 2
+
+        # Two unresolved references
+        assert len(graph.unresolved_references) == 2
+        unresolved_ids = [u.referenced_id for u in graph.unresolved_references]
+        assert "external/database/postgres" in unresolved_ids
+        assert "missing/endpoint" in unresolved_ids
+
+
+# ---------------------------------------------------------------------------
+# Tests: suggested_resolution is "data_source" for ID-like references
+# ---------------------------------------------------------------------------
+
+
+class TestSuggestedResolutionDataSource:
+    """Tests that suggested_resolution is 'data_source' for ID-like references."""
+
+    def test_reference_with_slash_suggests_data_source(self):
+        """A reference containing '/' is suggested as 'data_source'."""
+        resource = make_resource(
+            raw_references=["external/vpc/vpc-12345"],
+        )
+
+        scan_result = make_scan_result([resource])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert graph.unresolved_references[0].suggested_resolution == "data_source"
+
+    def test_reference_with_colon_suggests_data_source(self):
+        """A reference containing ':' is suggested as 'data_source'."""
+        resource = make_resource(
+            raw_references=["arn:aws:ec2:us-east-1:123456:instance/i-abc123"],
+        )
+
+        scan_result = make_scan_result([resource])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert graph.unresolved_references[0].suggested_resolution == "data_source"
+
+    def test_reference_with_both_slash_and_colon_suggests_data_source(self):
+        """A reference containing both '/' and ':' is suggested as 'data_source'."""
+        resource = make_resource(
+            raw_references=["provider:type/resource-name"],
+        )
+
+        scan_result = make_scan_result([resource])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert graph.unresolved_references[0].suggested_resolution == "data_source"
+
+
+# ---------------------------------------------------------------------------
+# Tests: suggested_resolution is "variable" for simple name references
+# ---------------------------------------------------------------------------
+
+
+class TestSuggestedResolutionVariable:
+    """Tests that suggested_resolution is 'variable' for simple name references."""
+
+    def test_simple_name_suggests_variable(self):
+        """A simple name without '/' or ':' is suggested as 'variable'."""
+        resource = make_resource(
+            raw_references=["my-environment"],
+        )
+
+        scan_result = make_scan_result([resource])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert graph.unresolved_references[0].suggested_resolution == "variable"
+
+    def test_alphanumeric_name_suggests_variable(self):
+        """An alphanumeric name is suggested as 'variable'."""
+        resource = make_resource(
+            raw_references=["production123"],
+        )
+
+        scan_result = make_scan_result([resource])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert graph.unresolved_references[0].suggested_resolution == "variable"
+
+    def test_name_with_dashes_and_underscores_suggests_variable(self):
+        """A name with dashes and underscores (but no / or :) is 'variable'."""
+        resource = make_resource(
+            raw_references=["my_app-pool-name"],
+        )
+
+        scan_result = make_scan_result([resource])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert graph.unresolved_references[0].suggested_resolution == "variable"
+
+
+# ---------------------------------------------------------------------------
+# Tests: Unresolved references don't create graph edges or relationships
+# ---------------------------------------------------------------------------
+
+
+class TestUnresolvedDontCreateEdges:
+    """Tests that unresolved references don't create graph edges or relationships."""
+
+    def test_unresolved_reference_creates_no_relationship(self):
+        """An unresolved reference does not create a ResourceRelationship."""
+        resource = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="default/deployments/app",
+            name="app",
+            raw_references=["nonexistent/resource"],
+        )
+
+        scan_result = make_scan_result([resource])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        assert len(graph.relationships) == 0
+
+    def test_unresolved_reference_does_not_affect_topological_order(self):
+        """Unresolved references don't add extra nodes to the topological order."""
+        resource = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="default/deployments/app",
+            name="app",
+            raw_references=["nonexistent/resource"],
+        )
+
+        scan_result = make_scan_result([resource])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        # Only the actual resource should be in the topological order
+        assert graph.topological_order == ["default/deployments/app"]
+
+    def test_unresolved_does_not_block_resolved_relationships(self):
+        """Unresolved references don't prevent resolved references from working."""
+        namespace = make_resource(
+            resource_type="kubernetes_namespace",
+            unique_id="ns/default",
+            name="default",
+        )
+        deployment = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="default/deployments/app",
+            name="app",
+            raw_references=["ns/default", "nonexistent/configmap"],
+        )
+
+        scan_result = make_scan_result([namespace, deployment])
+        resolver = DependencyResolver(scan_result)
+        graph = resolver.resolve()
+
+        # The resolved relationship still works
+        assert len(graph.relationships) == 1
+        assert graph.relationships[0].source_id == "default/deployments/app"
+        assert graph.relationships[0].target_id == "ns/default"
+
+        # Topological order is correct
+        order = graph.topological_order
+        assert order.index("ns/default") < order.index("default/deployments/app")
+
+        # Unresolved reference is tracked
+        assert len(graph.unresolved_references) == 1
+
+
+# ---------------------------------------------------------------------------
+# Tests: Warning logging for unresolved references
+# ---------------------------------------------------------------------------
+
+
+class TestUnresolvedReferenceLogging:
+    """Tests that warnings are logged for unresolved references."""
+
+    def test_warning_logged_for_unresolved_reference(self, caplog):
+        """A warning is logged for each unresolved reference."""
+        resource = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="default/deployments/app",
+            name="app",
+            raw_references=["missing/resource/id"],
+        )
+
+        scan_result = make_scan_result([resource])
+        resolver = DependencyResolver(scan_result)
+
+        with caplog.at_level(logging.WARNING, logger="iac_reverse.resolver.resolver"):
+            graph = resolver.resolve()
+
+        assert len(caplog.records) == 1
+        record = caplog.records[0]
+        assert record.levelname == "WARNING"
+        assert "missing/resource/id" in record.message
+        assert "default/deployments/app" in record.message
+
+    def test_multiple_warnings_logged_for_multiple_unresolved(self, caplog):
+        """A warning is logged for each unresolved reference."""
+        resource = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="default/deployments/app",
+            name="app",
+            raw_references=["missing/ref-a", "missing/ref-b"],
+        )
+
+        scan_result = make_scan_result([resource])
+        resolver = DependencyResolver(scan_result)
+
+        with caplog.at_level(logging.WARNING, logger="iac_reverse.resolver.resolver"):
+            graph = resolver.resolve()
+
+        warning_messages = [r.message for r in caplog.records if r.levelname == "WARNING"]
+        assert len(warning_messages) == 2
+        assert any("missing/ref-a" in msg for msg in warning_messages)
+        assert any("missing/ref-b" in msg for msg in warning_messages)
diff --git a/tests/unit/test_resource_merger.py b/tests/unit/test_resource_merger.py
new file mode 100644
index 0000000..68fdf76
--- /dev/null
+++ b/tests/unit/test_resource_merger.py
@@ -0,0 +1,343 @@
+"""Unit tests for the ResourceMerger."""
+
+import pytest
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ScanResult,
+)
+from iac_reverse.generator import ResourceMerger
+
+
+# ---------------------------------------------------------------------------
+# Helpers
+# ---------------------------------------------------------------------------
+
+
+def make_resource(
+    name: str = "nginx",
+    resource_type: str = "kubernetes_deployment",
+    unique_id: str = "default/deployments/nginx",
+    provider: ProviderType = ProviderType.KUBERNETES,
+    platform_category: PlatformCategory = PlatformCategory.CONTAINER_ORCHESTRATION,
+    architecture: CpuArchitecture = CpuArchitecture.AARCH64,
+    attributes: dict | None = None,
+) -> DiscoveredResource:
+    """Create a sample DiscoveredResource for testing."""
+    return DiscoveredResource(
+        resource_type=resource_type,
+        unique_id=unique_id,
+        name=name,
+        provider=provider,
+        platform_category=platform_category,
+        architecture=architecture,
+        endpoint="https://api.local:6443",
+        attributes=attributes or {},
+        raw_references=[],
+    )
+
+
+def make_scan_result(resources: list[DiscoveredResource]) -> ScanResult:
+    """Create a ScanResult wrapping the given resources."""
+    return ScanResult(
+        resources=resources,
+        warnings=[],
+        errors=[],
+        scan_timestamp="2024-01-15T10:30:00Z",
+        profile_hash="abc123",
+    )
+
+
+# ---------------------------------------------------------------------------
+# Tests
+# ---------------------------------------------------------------------------
+
+
+class TestResourceMergerSingleResult:
+    """Single scan result passes through unchanged."""
+
+    def test_single_scan_result_passes_through_unchanged(self):
+        """Resources from a single scan result are returned as-is."""
+        resources = [
+            make_resource(name="nginx", unique_id="k8s/nginx"),
+            make_resource(name="redis", unique_id="k8s/redis"),
+        ]
+        scan_result = make_scan_result(resources)
+
+        merger = ResourceMerger()
+        merged = merger.merge([scan_result])
+
+        assert len(merged) == 2
+        assert merged[0].name == "nginx"
+        assert merged[1].name == "redis"
+
+    def test_empty_scan_result_returns_empty_list(self):
+        """An empty scan result produces an empty merged list."""
+        scan_result = make_scan_result([])
+
+        merger = ResourceMerger()
+        merged = merger.merge([scan_result])
+
+        assert merged == []
+
+
+class TestResourceMergerNoConflicts:
+    """Two scan results with no conflicts merge cleanly."""
+
+    def test_two_results_different_names_merge_cleanly(self):
+        """Resources with different names from different providers merge without prefixing."""
+        k8s_resources = [
+            make_resource(
+                name="nginx",
+                unique_id="k8s/nginx",
+                provider=ProviderType.KUBERNETES,
+            ),
+        ]
+        docker_resources = [
+            make_resource(
+                name="redis",
+                unique_id="docker/redis",
+                provider=ProviderType.DOCKER_SWARM,
+                platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+            ),
+        ]
+
+        merger = ResourceMerger()
+        merged = merger.merge([
+            make_scan_result(k8s_resources),
+            make_scan_result(docker_resources),
+        ])
+
+        assert len(merged) == 2
+        names = {r.name for r in merged}
+        assert names == {"nginx", "redis"}
+
+    def test_same_name_same_provider_no_conflict(self):
+        """Resources with the same name from the same provider are not conflicts."""
+        resources = [
+            make_resource(name="nginx", unique_id="k8s/ns1/nginx"),
+            make_resource(name="nginx", unique_id="k8s/ns2/nginx"),
+        ]
+        scan_result = make_scan_result(resources)
+
+        merger = ResourceMerger()
+        merged = merger.merge([scan_result])
+
+        assert len(merged) == 2
+        # Both keep original name since they're from the same provider
+        assert all(r.name == "nginx" for r in merged)
+
+
+class TestResourceMergerConflictResolution:
+    """Two scan results with name conflicts get provider-prefixed names."""
+
+    def test_conflicting_names_get_provider_prefix(self):
+        """Resources with the same name from different providers get prefixed."""
+        k8s_resources = [
+            make_resource(
+                name="nginx",
+                unique_id="k8s/nginx",
+                provider=ProviderType.KUBERNETES,
+            ),
+        ]
+        docker_resources = [
+            make_resource(
+                name="nginx",
+                unique_id="docker/nginx",
+                provider=ProviderType.DOCKER_SWARM,
+                platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+            ),
+        ]
+
+        merger = ResourceMerger()
+        merged = merger.merge([
+            make_scan_result(k8s_resources),
+            make_scan_result(docker_resources),
+        ])
+
+        assert len(merged) == 2
+        names = {r.name for r in merged}
+        assert "kubernetes_nginx" in names
+        assert "docker_swarm_nginx" in names
+
+    def test_non_conflicting_names_unchanged_alongside_conflicts(self):
+        """Non-conflicting resources keep their original names even when conflicts exist."""
+        k8s_resources = [
+            make_resource(name="nginx", unique_id="k8s/nginx", provider=ProviderType.KUBERNETES),
+            make_resource(name="postgres", unique_id="k8s/postgres", provider=ProviderType.KUBERNETES),
+        ]
+        docker_resources = [
+            make_resource(
+                name="nginx",
+                unique_id="docker/nginx",
+                provider=ProviderType.DOCKER_SWARM,
+                platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+            ),
+        ]
+
+        merger = ResourceMerger()
+        merged = merger.merge([
+            make_scan_result(k8s_resources),
+            make_scan_result(docker_resources),
+        ])
+
+        assert len(merged) == 3
+        names = {r.name for r in merged}
+        assert "kubernetes_nginx" in names
+        assert "docker_swarm_nginx" in names
+        assert "postgres" in names
+
+
+class TestResourceMergerPreservesAttributes:
+    """Provider-specific attributes are preserved."""
+
+    def test_attributes_preserved_after_merge(self):
+        """Provider-specific attributes remain unchanged after merging."""
+        k8s_attrs = {"namespace": "default", "replicas": 3, "image": "nginx:1.25"}
+        docker_attrs = {"mode": "replicated", "replicas": 2, "network": "overlay"}
+
+        k8s_resources = [
+            make_resource(
+                name="nginx",
+                unique_id="k8s/nginx",
+                provider=ProviderType.KUBERNETES,
+                attributes=k8s_attrs,
+            ),
+        ]
+        docker_resources = [
+            make_resource(
+                name="nginx",
+                unique_id="docker/nginx",
+                provider=ProviderType.DOCKER_SWARM,
+                platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+                attributes=docker_attrs,
+            ),
+        ]
+
+        merger = ResourceMerger()
+        merged = merger.merge([
+            make_scan_result(k8s_resources),
+            make_scan_result(docker_resources),
+        ])
+
+        k8s_merged = next(r for r in merged if r.name == "kubernetes_nginx")
+        docker_merged = next(r for r in merged if r.name == "docker_swarm_nginx")
+
+        assert k8s_merged.attributes == k8s_attrs
+        assert docker_merged.attributes == docker_attrs
+
+    def test_provider_and_metadata_preserved(self):
+        """Provider type, platform category, and architecture are preserved."""
+        k8s_resources = [
+            make_resource(
+                name="app",
+                unique_id="k8s/app",
+                provider=ProviderType.KUBERNETES,
+                platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+                architecture=CpuArchitecture.AARCH64,
+            ),
+        ]
+        harvester_resources = [
+            make_resource(
+                name="app",
+                unique_id="harvester/app",
+                provider=ProviderType.HARVESTER,
+                platform_category=PlatformCategory.HCI,
+                architecture=CpuArchitecture.AMD64,
+            ),
+        ]
+
+        merger = ResourceMerger()
+        merged = merger.merge([
+            make_scan_result(k8s_resources),
+            make_scan_result(harvester_resources),
+        ])
+
+        k8s_merged = next(r for r in merged if r.name == "kubernetes_app")
+        harvester_merged = next(r for r in merged if r.name == "harvester_app")
+
+        assert k8s_merged.provider == ProviderType.KUBERNETES
+        assert k8s_merged.platform_category == PlatformCategory.CONTAINER_ORCHESTRATION
+        assert k8s_merged.architecture == CpuArchitecture.AARCH64
+
+        assert harvester_merged.provider == ProviderType.HARVESTER
+        assert harvester_merged.platform_category == PlatformCategory.HCI
+        assert harvester_merged.architecture == CpuArchitecture.AMD64
+
+
+class TestResourceMergerBothAppearInOutput:
+    """Resources from different providers with same name both appear in output."""
+
+    def test_both_conflicting_resources_present(self):
+        """Both resources with the same name from different providers appear in output."""
+        k8s_resources = [
+            make_resource(
+                name="webserver",
+                unique_id="k8s/webserver",
+                provider=ProviderType.KUBERNETES,
+                attributes={"replicas": 3},
+            ),
+        ]
+        docker_resources = [
+            make_resource(
+                name="webserver",
+                unique_id="docker/webserver",
+                provider=ProviderType.DOCKER_SWARM,
+                platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+                attributes={"mode": "global"},
+            ),
+        ]
+
+        merger = ResourceMerger()
+        merged = merger.merge([
+            make_scan_result(k8s_resources),
+            make_scan_result(docker_resources),
+        ])
+
+        assert len(merged) == 2
+        unique_ids = {r.unique_id for r in merged}
+        assert "k8s/webserver" in unique_ids
+        assert "docker/webserver" in unique_ids
+
+    def test_three_providers_same_name_all_appear(self):
+        """Three providers with the same resource name all appear with prefixes."""
+        k8s_resources = [
+            make_resource(
+                name="monitor",
+                unique_id="k8s/monitor",
+                provider=ProviderType.KUBERNETES,
+            ),
+        ]
+        docker_resources = [
+            make_resource(
+                name="monitor",
+                unique_id="docker/monitor",
+                provider=ProviderType.DOCKER_SWARM,
+                platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+            ),
+        ]
+        harvester_resources = [
+            make_resource(
+                name="monitor",
+                unique_id="harvester/monitor",
+                provider=ProviderType.HARVESTER,
+                platform_category=PlatformCategory.HCI,
+                architecture=CpuArchitecture.AMD64,
+            ),
+        ]
+
+        merger = ResourceMerger()
+        merged = merger.merge([
+            make_scan_result(k8s_resources),
+            make_scan_result(docker_resources),
+            make_scan_result(harvester_resources),
+        ])
+
+        assert len(merged) == 3
+        names = {r.name for r in merged}
+        assert "kubernetes_monitor" in names
+        assert "docker_swarm_monitor" in names
+        assert "harvester_monitor" in names
diff --git a/tests/unit/test_sanitize.py b/tests/unit/test_sanitize.py
new file mode 100644
index 0000000..bccd0eb
--- /dev/null
+++ b/tests/unit/test_sanitize.py
@@ -0,0 +1,115 @@
+"""Unit tests for identifier sanitization."""
+
+import re
+
+import pytest
+
+from iac_reverse.generator.sanitize import sanitize_identifier
+
+
+TERRAFORM_IDENTIFIER_RE = re.compile(r"^[a-zA-Z_][a-zA-Z0-9_]*$")
+
+
+class TestSanitizeIdentifierNormalNames:
+    def test_simple_name_passes_through(self):
+        assert sanitize_identifier("nginx") == "nginx"
+
+    def test_name_with_underscores_passes_through(self):
+        assert sanitize_identifier("my_app") == "my_app"
+
+    def test_alphanumeric_name_passes_through(self):
+        assert sanitize_identifier("app123") == "app123"
+
+
+class TestSanitizeIdentifierHyphens:
+    def test_hyphens_replaced_with_underscore(self):
+        assert sanitize_identifier("my-app") == "my_app"
+
+    def test_multiple_hyphens(self):
+        assert sanitize_identifier("my-cool-app") == "my_cool_app"
+
+
+class TestSanitizeIdentifierLeadingDigits:
+    def test_leading_digit_gets_underscore_prefix(self):
+        assert sanitize_identifier("123abc") == "_123abc"
+
+    def test_all_digits(self):
+        result = sanitize_identifier("12345")
+        assert result == "_12345"
+        assert TERRAFORM_IDENTIFIER_RE.match(result)
+
+
+class TestSanitizeIdentifierSpaces:
+    def test_spaces_replaced_with_underscore(self):
+        assert sanitize_identifier("my app") == "my_app"
+
+    def test_multiple_spaces_collapse(self):
+        assert sanitize_identifier("my   app") == "my_app"
+
+
+class TestSanitizeIdentifierUnicode:
+    def test_unicode_replaced(self):
+        # é is replaced with underscore, trailing underscore preserved
+        assert sanitize_identifier("café") == "caf_"
+
+    def test_all_unicode(self):
+        result = sanitize_identifier("日本語")
+        assert result == "_resource"
+
+    def test_emoji_replaced(self):
+        result = sanitize_identifier("app🚀name")
+        assert result == "app_name"
+
+
+class TestSanitizeIdentifierEmptyAndSpecial:
+    def test_empty_string_returns_resource(self):
+        assert sanitize_identifier("") == "_resource"
+
+    def test_all_special_chars_returns_resource(self):
+        assert sanitize_identifier("@#$%^&*") == "_resource"
+
+    def test_single_special_char(self):
+        assert sanitize_identifier("!") == "_resource"
+
+
+class TestSanitizeIdentifierConsecutiveSpecialChars:
+    def test_multiple_consecutive_special_chars_collapse(self):
+        assert sanitize_identifier("a---b") == "a_b"
+
+    def test_mixed_special_chars_collapse(self):
+        assert sanitize_identifier("a-.-b") == "a_b"
+
+    def test_leading_special_chars_collapse(self):
+        # Leading hyphens become underscore (valid identifier start)
+        result = sanitize_identifier("---abc")
+        assert result == "_abc"
+
+
+class TestSanitizeIdentifierAlwaysValid:
+    """Verify the result always matches the Terraform identifier regex."""
+
+    @pytest.mark.parametrize("name", [
+        "nginx",
+        "my-app",
+        "123abc",
+        "my app",
+        "café",
+        "",
+        "@#$%^&*",
+        "a---b",
+        "___",
+        "hello_world_123",
+        "日本語テスト",
+        "  leading spaces",
+        "trailing  ",
+        "MixedCase-Name_123",
+        "a",
+        "_",
+        "0",
+    ])
+    def test_result_matches_terraform_regex(self, name):
+        result = sanitize_identifier(name)
+        assert TERRAFORM_IDENTIFIER_RE.match(result), (
+            f"sanitize_identifier({name!r}) = {result!r} does not match "
+            f"Terraform identifier pattern"
+        )
diff --git a/tests/unit/test_scan_profile_validation.py b/tests/unit/test_scan_profile_validation.py
new file mode 100644
index 0000000..1000ebc
--- /dev/null
+++ b/tests/unit/test_scan_profile_validation.py
@@ -0,0 +1,193 @@
+"""Unit tests for ScanProfile validation logic."""
+
+import pytest
+
+from iac_reverse.models import (
+    MAX_RESOURCE_TYPE_FILTERS,
+    PROVIDER_SUPPORTED_RESOURCE_TYPES,
+    ProviderType,
+    ScanProfile,
+)
+
+
+class TestScanProfileValidationCredentials:
+    """Tests for credentials validation."""
+
+    def test_empty_credentials_returns_error(self):
+        profile = ScanProfile(
+            provider=ProviderType.KUBERNETES,
+            credentials={},
+        )
+        errors = profile.validate()
+        assert any("credentials must not be empty" in e for e in errors)
+
+    def test_non_empty_credentials_passes(self):
+        profile = ScanProfile(
+            provider=ProviderType.KUBERNETES,
+            credentials={"kubeconfig_path": "/home/user/.kube/config"},
+        )
+        errors = profile.validate()
+        assert errors == []
+
+
+class TestScanProfileValidationResourceTypeFilters:
+    """Tests for resource_type_filters count limit."""
+
+    def test_none_filters_passes(self):
+        profile = ScanProfile(
+            provider=ProviderType.DOCKER_SWARM,
+            credentials={"host": "localhost"},
+            resource_type_filters=None,
+        )
+        errors = profile.validate()
+        assert errors == []
+
+    def test_empty_filters_passes(self):
+        profile = ScanProfile(
+            provider=ProviderType.DOCKER_SWARM,
+            credentials={"host": "localhost"},
+            resource_type_filters=[],
+        )
+        errors = profile.validate()
+        assert errors == []
+
+    def test_filters_at_max_limit_passes(self):
+        # Use valid resource types repeated to reach the limit
+        valid_types = PROVIDER_SUPPORTED_RESOURCE_TYPES[ProviderType.WINDOWS]
+        filters = (valid_types * (MAX_RESOURCE_TYPE_FILTERS // len(valid_types) + 1))[
+            :MAX_RESOURCE_TYPE_FILTERS
+        ]
+        profile = ScanProfile(
+            provider=ProviderType.WINDOWS,
+            credentials={"host": "win01"},
+            resource_type_filters=filters,
+        )
+        errors = profile.validate()
+        assert errors == []
+
+    def test_filters_exceeding_max_limit_returns_error(self):
+        # Use valid resource types repeated to exceed the limit
+        valid_types = PROVIDER_SUPPORTED_RESOURCE_TYPES[ProviderType.WINDOWS]
+        filters = (valid_types * (MAX_RESOURCE_TYPE_FILTERS // len(valid_types) + 1))[
+            : MAX_RESOURCE_TYPE_FILTERS + 1
+        ]
+        profile = ScanProfile(
+            provider=ProviderType.WINDOWS,
+            credentials={"host": "win01"},
+            resource_type_filters=filters,
+        )
+        errors = profile.validate()
+        assert any("at most" in e and "200" in e for e in errors)
+
+    def test_max_limit_is_200(self):
+        assert MAX_RESOURCE_TYPE_FILTERS == 200
+
+
+class TestScanProfileValidationResourceTypeSupport:
+    """Tests for resource type validation against provider's supported types."""
+
+    def test_valid_resource_types_for_kubernetes(self):
+        profile = ScanProfile(
+            provider=ProviderType.KUBERNETES,
+            credentials={"kubeconfig_path": "/path"},
+            resource_type_filters=["kubernetes_deployment", "kubernetes_service"],
+        )
+        errors = profile.validate()
+        assert errors == []
+
+    def test_valid_resource_types_for_docker_swarm(self):
+        profile = ScanProfile(
+            provider=ProviderType.DOCKER_SWARM,
+            credentials={"host": "localhost"},
+            resource_type_filters=["docker_service", "docker_network"],
+        )
+        errors = profile.validate()
+        assert errors == []
+
+    def test_unsupported_resource_type_returns_error(self):
+        profile = ScanProfile(
+            provider=ProviderType.KUBERNETES,
+            credentials={"kubeconfig_path": "/path"},
+            resource_type_filters=["kubernetes_deployment", "invalid_type"],
+        )
+        errors = profile.validate()
+        assert any("unsupported resource types" in e for e in errors)
+        assert any("invalid_type" in e for e in errors)
+
+    def test_cross_provider_resource_type_returns_error(self):
+        """A resource type valid for one provider is invalid for another."""
+        profile = ScanProfile(
+            provider=ProviderType.KUBERNETES,
+            credentials={"kubeconfig_path": "/path"},
+            resource_type_filters=["docker_service"],
+        )
+        errors = profile.validate()
+        assert any("unsupported resource types" in e for e in errors)
+        assert any("docker_service" in e for e in errors)
+
+    def test_multiple_unsupported_types_listed_in_error(self):
+        profile = ScanProfile(
+            provider=ProviderType.SYNOLOGY,
+            credentials={"host": "nas01"},
+            resource_type_filters=["fake_type_a", "fake_type_b"],
+        )
+        errors = profile.validate()
+        assert any("fake_type_a" in e and "fake_type_b" in e for e in errors)
+
+    @pytest.mark.parametrize("provider", list(ProviderType))
+    def test_all_providers_have_supported_types(self, provider):
+        """Every provider must have at least one supported resource type."""
+        assert provider in PROVIDER_SUPPORTED_RESOURCE_TYPES
+        assert len(PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]) > 0
+
+    @pytest.mark.parametrize("provider", list(ProviderType))
+    def test_all_supported_types_pass_validation(self, provider):
+        """All listed supported types for a provider should pass validation."""
+        supported = PROVIDER_SUPPORTED_RESOURCE_TYPES[provider]
+        profile = ScanProfile(
+            provider=provider,
+            credentials={"key": "value"},
+            resource_type_filters=supported,
+        )
+        errors = profile.validate()
+        assert errors == []
+
+
+class TestScanProfileValidationMultipleErrors:
+    """Tests that all validation errors are returned in a single response."""
+
+    def test_empty_credentials_and_too_many_filters(self):
+        filters = ["invalid_type"] * (MAX_RESOURCE_TYPE_FILTERS + 1)
+        profile = ScanProfile(
+            provider=ProviderType.HARVESTER,
+            credentials={},
+            resource_type_filters=filters,
+        )
+        errors = profile.validate()
+        # Should have at least: credentials error, too many filters, unsupported types
+        assert len(errors) >= 3
+        assert any("credentials" in e for e in errors)
+        assert any("at most" in e for e in errors)
+        assert any("unsupported" in e for e in errors)
+
+    def test_empty_credentials_and_unsupported_types(self):
+        profile = ScanProfile(
+            provider=ProviderType.BARE_METAL,
+            credentials={},
+            resource_type_filters=["nonexistent_type"],
+        )
+        errors = profile.validate()
+        assert len(errors) >= 2
+        assert any("credentials" in e for e in errors)
+        assert any("unsupported" in e for e in errors)
+
+    def test_no_short_circuit_on_first_error(self):
+        """Validation must not stop at the first error found."""
+        profile = ScanProfile(
+            provider=ProviderType.WINDOWS,
+            credentials={},
+            resource_type_filters=["totally_fake_resource"],
+        )
+        errors = profile.validate()
+        # Both credentials and unsupported type errors should be present
+        assert len(errors) >= 2
diff --git a/tests/unit/test_scanner.py b/tests/unit/test_scanner.py
new file mode 100644
index 0000000..d199974
--- /dev/null
+++ b/tests/unit/test_scanner.py
@@ -0,0 +1,480 @@
+"""Unit tests for the Scanner orchestrator."""
+
+import time
+from unittest.mock import MagicMock, patch
+
+import pytest
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ScanProfile,
+    ScanProgress,
+    ScanResult,
+)
+from iac_reverse.plugin_base import ProviderPlugin
+from iac_reverse.scanner.scanner import (
+    AuthenticationError,
+    ConnectionLostError,
+    Scanner,
+    ScanTimeoutError,
+)
+
+
+# ---------------------------------------------------------------------------
+# Helpers / Fixtures
+# ---------------------------------------------------------------------------
+
+
+def make_profile(**overrides) -> ScanProfile:
+    """Create a valid ScanProfile with sensible defaults."""
+    defaults = {
+        "provider": ProviderType.KUBERNETES,
+        "credentials": {"kubeconfig_path": "/home/user/.kube/config"},
+        "endpoints": ["https://k8s-api.local:6443"],
+        "resource_type_filters": None,
+    }
+    defaults.update(overrides)
+    return ScanProfile(**defaults)
+
+
+def make_resource(resource_type: str = "kubernetes_deployment", name: str = "nginx") -> DiscoveredResource:
+    """Create a sample DiscoveredResource."""
+    return DiscoveredResource(
+        resource_type=resource_type,
+        unique_id=f"apps/v1/{resource_type}/{name}",
+        name=name,
+        provider=ProviderType.KUBERNETES,
+        platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+        architecture=CpuArchitecture.AARCH64,
+        endpoint="https://k8s-api.local:6443",
+        attributes={"replicas": 3},
+        raw_references=[],
+    )
+
+
+class MockPlugin(ProviderPlugin):
+    """A mock provider plugin for testing."""
+
+    def __init__(
+        self,
+        supported_types=None,
+        endpoints=None,
+        auth_error=None,
+        discover_result=None,
+        discover_side_effect=None,
+    ):
+        self._supported_types = supported_types or [
+            "kubernetes_deployment",
+            "kubernetes_service",
+            "kubernetes_ingress",
+        ]
+        self._endpoints = endpoints or ["https://k8s-api.local:6443"]
+        self._auth_error = auth_error
+        self._discover_result = discover_result
+        self._discover_side_effect = discover_side_effect
+
+    def authenticate(self, credentials: dict[str, str]) -> None:
+        if self._auth_error:
+            raise self._auth_error
+
+    def get_platform_category(self) -> PlatformCategory:
+        return PlatformCategory.CONTAINER_ORCHESTRATION
+
+    def list_endpoints(self) -> list[str]:
+        return self._endpoints
+
+    def list_supported_resource_types(self) -> list[str]:
+        return self._supported_types
+
+    def detect_architecture(self, endpoint: str) -> CpuArchitecture:
+        return CpuArchitecture.AARCH64
+
+    def discover_resources(
+        self,
+        endpoints: list[str],
+        resource_types: list[str],
+        progress_callback=None,
+    ) -> ScanResult:
+        if self._discover_side_effect:
+            raise self._discover_side_effect
+
+        if self._discover_result:
+            return self._discover_result
+
+        # Default: return one resource per type and invoke progress callback
+        resources = []
+        for i, rt in enumerate(resource_types):
+            resources.append(make_resource(resource_type=rt, name=f"{rt}_instance"))
+            if progress_callback:
+                progress_callback(
+                    ScanProgress(
+                        current_resource_type=rt,
+                        resources_discovered=len(resources),
+                        resource_types_completed=i + 1,
+                        total_resource_types=len(resource_types),
+                    )
+                )
+
+        return ScanResult(
+            resources=resources,
+            warnings=[],
+            errors=[],
+            scan_timestamp="",
+            profile_hash="",
+        )
+
+
+# ---------------------------------------------------------------------------
+# Tests: Successful scan flow
+# ---------------------------------------------------------------------------
+
+
+class TestSuccessfulScan:
+    """Tests for the happy path scan flow."""
+
+    def test_scan_returns_all_discovered_resources(self):
+        profile = make_profile()
+        plugin = MockPlugin()
+        scanner = Scanner(profile, plugin)
+
+        result = scanner.scan()
+
+        assert len(result.resources) == 3
+        assert result.is_partial is False
+        assert result.scan_timestamp != ""
+        assert result.profile_hash != ""
+
+    def test_scan_with_resource_type_filters(self):
+        profile = make_profile(
+            resource_type_filters=["kubernetes_deployment", "kubernetes_service"]
+        )
+        plugin = MockPlugin()
+        scanner = Scanner(profile, plugin)
+
+        result = scanner.scan()
+
+        assert len(result.resources) == 2
+        resource_types = [r.resource_type for r in result.resources]
+        assert "kubernetes_deployment" in resource_types
+        assert "kubernetes_service" in resource_types
+
+    def test_scan_uses_plugin_endpoints_when_profile_has_none(self):
+        profile = make_profile(endpoints=None)
+        plugin = MockPlugin(endpoints=["https://fallback.local:6443"])
+        scanner = Scanner(profile, plugin)
+
+        result = scanner.scan()
+
+        assert len(result.resources) == 3
+
+    def test_scan_uses_profile_endpoints_when_provided(self):
+        profile = make_profile(endpoints=["https://custom.local:6443"])
+        plugin = MockPlugin()
+        scanner = Scanner(profile, plugin)
+
+        # The plugin's discover_resources will be called with profile endpoints
+        result = scanner.scan()
+        assert result is not None
+
+
+# ---------------------------------------------------------------------------
+# Tests: Authentication failure handling
+# ---------------------------------------------------------------------------
+
+
+class TestAuthenticationFailure:
+    """Tests for authentication error handling."""
+
+    def test_auth_failure_raises_authentication_error(self):
+        profile = make_profile()
+        plugin = MockPlugin(auth_error=RuntimeError("Invalid token"))
+        scanner = Scanner(profile, plugin)
+
+        with pytest.raises(AuthenticationError) as exc_info:
+            scanner.scan()
+
+        assert "kubernetes" in exc_info.value.provider_name
+        assert "Invalid token" in exc_info.value.reason
+
+    def test_auth_error_contains_provider_name(self):
+        profile = make_profile(provider=ProviderType.DOCKER_SWARM)
+        plugin = MockPlugin(auth_error=RuntimeError("Connection refused"))
+        scanner = Scanner(profile, plugin)
+
+        with pytest.raises(AuthenticationError) as exc_info:
+            scanner.scan()
+
+        assert exc_info.value.provider_name == "docker_swarm"
+
+    def test_auth_error_contains_reason(self):
+        profile = make_profile()
+        plugin = MockPlugin(auth_error=RuntimeError("Certificate expired"))
+        scanner = Scanner(profile, plugin)
+
+        with pytest.raises(AuthenticationError) as exc_info:
+            scanner.scan()
+
+        assert "Certificate expired" in exc_info.value.reason
+
+    def test_invalid_profile_raises_value_error(self):
+        profile = make_profile(credentials={})
+        plugin = MockPlugin()
+        scanner = Scanner(profile, plugin)
+
+        with pytest.raises(ValueError, match="Invalid scan profile"):
+            scanner.scan()
+
+    def test_no_plugin_raises_value_error(self):
+        profile = make_profile()
+        scanner = Scanner(profile, plugin=None)
+
+        with pytest.raises(ValueError, match="No provider plugin"):
+            scanner.scan()
+
+
+# ---------------------------------------------------------------------------
+# Tests: Progress callback invocation
+# ---------------------------------------------------------------------------
+
+
+class TestProgressCallback:
+    """Tests for progress reporting."""
+
+    def test_progress_callback_invoked_per_resource_type(self):
+        profile = make_profile()
+        plugin = MockPlugin()
+        scanner = Scanner(profile, plugin)
+
+        progress_updates = []
+        scanner.scan(progress_callback=progress_updates.append)
+
+        # Should have one progress update per resource type (3 types)
+        assert len(progress_updates) == 3
+
+    def test_progress_callback_contains_correct_counts(self):
+        profile = make_profile()
+        plugin = MockPlugin()
+        scanner = Scanner(profile, plugin)
+
+        progress_updates = []
+        scanner.scan(progress_callback=progress_updates.append)
+
+        # Last update should show all types completed
+        last = progress_updates[-1]
+        assert last.resource_types_completed == 3
+        assert last.total_resource_types == 3
+
+    def test_progress_callback_shows_incremental_completion(self):
+        profile = make_profile()
+        plugin = MockPlugin()
+        scanner = Scanner(profile, plugin)
+
+        progress_updates = []
+        scanner.scan(progress_callback=progress_updates.append)
+
+        for i, update in enumerate(progress_updates):
+            assert update.resource_types_completed == i + 1
+
+    def test_scan_works_without_progress_callback(self):
+        profile = make_profile()
+        plugin = MockPlugin()
+        scanner = Scanner(profile, plugin)
+
+        # Should not raise
+        result = scanner.scan(progress_callback=None)
+        assert result is not None
+
+
+# ---------------------------------------------------------------------------
+# Tests: Retry logic on transient errors
+# ---------------------------------------------------------------------------
+
+
+class TestRetryLogic:
+    """Tests for retry behavior on transient errors."""
+
+    def test_retries_on_transient_error_then_succeeds(self):
+        profile = make_profile()
+        call_count = {"n": 0}
+        expected_result = ScanResult(
+            resources=[make_resource()],
+            warnings=[],
+            errors=[],
+            scan_timestamp="",
+            profile_hash="",
+        )
+
+        class RetryPlugin(MockPlugin):
+            def discover_resources(self, endpoints, resource_types, progress_callback=None):
+                call_count["n"] += 1
+                if call_count["n"] < 3:
+                    raise RuntimeError("Transient network error")
+                return expected_result
+
+        plugin = RetryPlugin()
+        scanner = Scanner(profile, plugin)
+
+        with patch("iac_reverse.scanner.scanner.time.sleep"):
+            result = scanner.scan()
+
+        assert len(result.resources) == 1
+        assert call_count["n"] == 3
+
+    def test_returns_error_result_after_max_retries_exhausted(self):
+        profile = make_profile()
+
+        class AlwaysFailPlugin(MockPlugin):
+            def discover_resources(self, endpoints, resource_types, progress_callback=None):
+                raise RuntimeError("Persistent failure")
+
+        plugin = AlwaysFailPlugin()
+        scanner = Scanner(profile, plugin)
+
+        with patch("iac_reverse.scanner.scanner.time.sleep"):
+            result = scanner.scan()
+
+        assert result.is_partial is True
+        assert len(result.errors) > 0
+        assert "Persistent failure" in result.errors[0]
+
+    def test_exponential_backoff_timing(self):
+        profile = make_profile()
+        sleep_calls = []
+
+        class FailPlugin(MockPlugin):
+            def discover_resources(self, endpoints, resource_types, progress_callback=None):
+                raise RuntimeError("Transient error")
+
+        plugin = FailPlugin()
+        scanner = Scanner(profile, plugin)
+
+        with patch("iac_reverse.scanner.scanner.time.sleep", side_effect=lambda s: sleep_calls.append(s)):
+            scanner.scan()
+
+        # Should have 3 sleep calls (retries 0, 1, 2 → backoff 1, 2, 4)
+        assert len(sleep_calls) == 3
+        assert sleep_calls[0] == 1.0
+        assert sleep_calls[1] == 2.0
+        assert sleep_calls[2] == 4.0
+
+
+# ---------------------------------------------------------------------------
+# Tests: Partial inventory on connection loss
+# ---------------------------------------------------------------------------
+
+
+class TestConnectionLoss:
+    """Tests for partial inventory return on connection loss."""
+
+    def test_connection_error_returns_partial_result(self):
+        profile = make_profile()
+
+        class ConnectionLossPlugin(MockPlugin):
+            def discover_resources(self, endpoints, resource_types, progress_callback=None):
+                raise ConnectionError("Connection reset by peer")
+
+        plugin = ConnectionLossPlugin()
+        scanner = Scanner(profile, plugin)
+
+        with pytest.raises(ConnectionLostError) as exc_info:
+            scanner.scan()
+
+        partial = exc_info.value.partial_result
+        assert partial.is_partial is True
+        assert len(partial.errors) > 0
+
+    def test_connection_lost_error_has_partial_result(self):
+        profile = make_profile()
+        partial = ScanResult(
+            resources=[make_resource()],
+            warnings=["partial"],
+            errors=["lost connection"],
+            scan_timestamp="",
+            profile_hash="",
+            is_partial=True,
+        )
+
+        class RaisesConnectionLost(MockPlugin):
+            def discover_resources(self, endpoints, resource_types, progress_callback=None):
+                raise ConnectionLostError(partial_result=partial)
+
+        plugin = RaisesConnectionLost()
+        scanner = Scanner(profile, plugin)
+
+        with pytest.raises(ConnectionLostError) as exc_info:
+            scanner.scan()
+
+        assert exc_info.value.partial_result.is_partial is True
+        assert len(exc_info.value.partial_result.resources) == 1
+
+
+# ---------------------------------------------------------------------------
+# Tests: Warning for unsupported resource types
+# ---------------------------------------------------------------------------
+
+
+class TestUnsupportedResourceTypes:
+    """Tests for warning logging on unsupported resource types."""
+
+    def test_unsupported_types_generate_warnings(self):
+        profile = make_profile(
+            resource_type_filters=[
+                "kubernetes_deployment",
+                "nonexistent_type",
+                "another_fake_type",
+            ]
+        )
+        plugin = MockPlugin()
+        scanner = Scanner(profile, plugin)
+
+        result = scanner.scan()
+
+        # Should have warnings for the 2 unsupported types
+        unsupported_warnings = [
+            w for w in result.warnings if "Unsupported resource type" in w
+        ]
+        assert len(unsupported_warnings) == 2
+        assert "nonexistent_type" in unsupported_warnings[0]
+        assert "another_fake_type" in unsupported_warnings[1]
+
+    def test_unsupported_types_do_not_block_supported_types(self):
+        profile = make_profile(
+            resource_type_filters=[
+                "kubernetes_deployment",
+                "nonexistent_type",
+            ]
+        )
+        plugin = MockPlugin()
+        scanner = Scanner(profile, plugin)
+
+        result = scanner.scan()
+
+        # Should still discover the supported type
+        assert len(result.resources) == 1
+        assert result.resources[0].resource_type == "kubernetes_deployment"
+
+    def test_all_unsupported_types_returns_empty_resources(self):
+        profile = make_profile(
+            resource_type_filters=["fake_type_1", "fake_type_2"]
+        )
+        plugin = MockPlugin()
+        scanner = Scanner(profile, plugin)
+
+        result = scanner.scan()
+
+        assert len(result.resources) == 0
+        assert len(result.warnings) == 2
+
+    def test_warning_includes_provider_name(self):
+        profile = make_profile(
+            resource_type_filters=["unsupported_thing"]
+        )
+        plugin = MockPlugin()
+        scanner = Scanner(profile, plugin)
+
+        result = scanner.scan()
+
+        assert "kubernetes" in result.warnings[0]
diff --git a/tests/unit/test_scanner_filtering.py b/tests/unit/test_scanner_filtering.py
new file mode 100644
index 0000000..56356df
--- /dev/null
+++ b/tests/unit/test_scanner_filtering.py
@@ -0,0 +1,234 @@
+"""Unit tests for Scanner resource type filtering behavior.
+
+Validates Requirements 6.2 and 6.3:
+- 6.2: When resource type filters are specified, discover only those types
+- 6.3: When no resource type filters are specified, discover all supported types
+"""
+
+import pytest
+from unittest.mock import patch
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ScanProfile,
+    ScanProgress,
+    ScanResult,
+)
+from iac_reverse.plugin_base import ProviderPlugin
+from iac_reverse.scanner.scanner import Scanner
+
+
+# ---------------------------------------------------------------------------
+# Helpers
+# ---------------------------------------------------------------------------
+
+
+def make_profile(**overrides) -> ScanProfile:
+    """Create a valid ScanProfile with sensible defaults."""
+    defaults = {
+        "provider": ProviderType.KUBERNETES,
+        "credentials": {"kubeconfig_path": "/home/user/.kube/config"},
+        "endpoints": ["https://k8s-api.local:6443"],
+        "resource_type_filters": None,
+    }
+    defaults.update(overrides)
+    return ScanProfile(**defaults)
+
+
+def make_resource(resource_type: str, name: str = "instance") -> DiscoveredResource:
+    """Create a sample DiscoveredResource."""
+    return DiscoveredResource(
+        resource_type=resource_type,
+        unique_id=f"{resource_type}/{name}",
+        name=name,
+        provider=ProviderType.KUBERNETES,
+        platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+        architecture=CpuArchitecture.AARCH64,
+        endpoint="https://k8s-api.local:6443",
+        attributes={},
+        raw_references=[],
+    )
+
+
+class FakePlugin(ProviderPlugin):
+    """A fake plugin that tracks which resource types were requested."""
+
+    def __init__(self, supported_types: list[str]):
+        self._supported_types = supported_types
+        self.discovered_types: list[str] = []
+
+    def authenticate(self, credentials: dict[str, str]) -> None:
+        pass
+
+    def get_platform_category(self) -> PlatformCategory:
+        return PlatformCategory.CONTAINER_ORCHESTRATION
+
+    def list_endpoints(self) -> list[str]:
+        return ["https://k8s-api.local:6443"]
+
+    def list_supported_resource_types(self) -> list[str]:
+        return self._supported_types
+
+    def detect_architecture(self, endpoint: str) -> CpuArchitecture:
+        return CpuArchitecture.AARCH64
+
+    def discover_resources(
+        self,
+        endpoints: list[str],
+        resource_types: list[str],
+        progress_callback=None,
+    ) -> ScanResult:
+        self.discovered_types = resource_types
+        resources = [make_resource(rt) for rt in resource_types]
+        return ScanResult(
+            resources=resources,
+            warnings=[],
+            errors=[],
+            scan_timestamp="",
+            profile_hash="",
+        )
+
+
+# ---------------------------------------------------------------------------
+# Tests: Requirement 6.2 - Filters specified, only those types discovered
+# ---------------------------------------------------------------------------
+
+
+class TestFilteredResourceTypes:
+    """Requirement 6.2: When filters are specified, discover only listed types."""
+
+    def test_single_filter_discovers_only_that_type(self):
+        """Only the single filtered type should be discovered."""
+        supported = ["kubernetes_deployment", "kubernetes_service", "kubernetes_ingress"]
+        plugin = FakePlugin(supported_types=supported)
+        profile = make_profile(resource_type_filters=["kubernetes_deployment"])
+        scanner = Scanner(profile, plugin)
+
+        result = scanner.scan()
+
+        assert len(result.resources) == 1
+        assert result.resources[0].resource_type == "kubernetes_deployment"
+        assert plugin.discovered_types == ["kubernetes_deployment"]
+
+    def test_multiple_filters_discovers_only_those_types(self):
+        """Only the filtered types should be discovered, not all supported."""
+        supported = ["kubernetes_deployment", "kubernetes_service", "kubernetes_ingress"]
+        plugin = FakePlugin(supported_types=supported)
+        profile = make_profile(
+            resource_type_filters=["kubernetes_deployment", "kubernetes_service"]
+        )
+        scanner = Scanner(profile, plugin)
+
+        result = scanner.scan()
+
+        assert len(result.resources) == 2
+        discovered_types = {r.resource_type for r in result.resources}
+        assert discovered_types == {"kubernetes_deployment", "kubernetes_service"}
+        assert "kubernetes_ingress" not in plugin.discovered_types
+
+    def test_unsupported_types_in_filter_are_skipped_with_warnings(self):
+        """Unsupported types in the filter list produce warnings and are skipped."""
+        supported = ["kubernetes_deployment", "kubernetes_service"]
+        plugin = FakePlugin(supported_types=supported)
+        profile = make_profile(
+            resource_type_filters=[
+                "kubernetes_deployment",
+                "nonexistent_type",
+                "another_fake",
+            ]
+        )
+        scanner = Scanner(profile, plugin)
+
+        result = scanner.scan()
+
+        # Only the supported type should be discovered
+        assert len(result.resources) == 1
+        assert result.resources[0].resource_type == "kubernetes_deployment"
+
+        # Warnings for unsupported types
+        assert len(result.warnings) == 2
+        warning_text = " ".join(result.warnings)
+        assert "nonexistent_type" in warning_text
+        assert "another_fake" in warning_text
+
+    def test_empty_filter_list_results_in_no_resources(self):
+        """An empty filter list means no types are requested, so nothing is discovered."""
+        supported = ["kubernetes_deployment", "kubernetes_service", "kubernetes_ingress"]
+        plugin = FakePlugin(supported_types=supported)
+        profile = make_profile(resource_type_filters=[])
+        scanner = Scanner(profile, plugin)
+
+        result = scanner.scan()
+
+        assert len(result.resources) == 0
+        assert plugin.discovered_types == []
+
+    def test_all_filters_unsupported_results_in_no_resources(self):
+        """When all filtered types are unsupported, no resources are discovered."""
+        supported = ["kubernetes_deployment", "kubernetes_service"]
+        plugin = FakePlugin(supported_types=supported)
+        profile = make_profile(
+            resource_type_filters=["fake_type_a", "fake_type_b"]
+        )
+        scanner = Scanner(profile, plugin)
+
+        result = scanner.scan()
+
+        assert len(result.resources) == 0
+        assert len(result.warnings) == 2
+
+
+# ---------------------------------------------------------------------------
+# Tests: Requirement 6.3 - No filters, discover all supported types
+# ---------------------------------------------------------------------------
+
+
+class TestNoFilterAllTypes:
+    """Requirement 6.3: When no filters specified, discover all supported types."""
+
+    def test_no_filters_discovers_all_supported_types(self):
+        """With resource_type_filters=None, all supported types are discovered."""
+        supported = ["kubernetes_deployment", "kubernetes_service", "kubernetes_ingress"]
+        plugin = FakePlugin(supported_types=supported)
+        profile = make_profile(resource_type_filters=None)
+        scanner = Scanner(profile, plugin)
+
+        result = scanner.scan()
+
+        assert len(result.resources) == 3
+        discovered_types = {r.resource_type for r in result.resources}
+        assert discovered_types == set(supported)
+        assert plugin.discovered_types == supported
+
+    def test_no_filters_with_many_supported_types(self):
+        """All supported types are passed to discover_resources when no filter."""
+        supported = [
+            "kubernetes_deployment",
+            "kubernetes_service",
+            "kubernetes_ingress",
+            "kubernetes_config_map",
+            "kubernetes_persistent_volume",
+            "kubernetes_namespace",
+        ]
+        plugin = FakePlugin(supported_types=supported)
+        profile = make_profile(resource_type_filters=None)
+        scanner = Scanner(profile, plugin)
+
+        result = scanner.scan()
+
+        assert len(result.resources) == 6
+        assert plugin.discovered_types == supported
+
+    def test_no_filters_produces_no_warnings(self):
+        """When no filters are specified, there should be no filtering warnings."""
+        supported = ["kubernetes_deployment", "kubernetes_service"]
+        plugin = FakePlugin(supported_types=supported)
+        profile = make_profile(resource_type_filters=None)
+        scanner = Scanner(profile, plugin)
+
+        result = scanner.scan()
+
+        assert result.warnings == []
diff --git a/tests/unit/test_snapshot_store.py b/tests/unit/test_snapshot_store.py
new file mode 100644
index 0000000..3a9f354
--- /dev/null
+++ b/tests/unit/test_snapshot_store.py
@@ -0,0 +1,245 @@
+"""Unit tests for the SnapshotStore class."""
+
+import json
+import time
+from pathlib import Path
+
+import pytest
+
+from iac_reverse.incremental.snapshot_store import SnapshotStore
+from iac_reverse.models import (
+    CpuArchitecture,
+    DiscoveredResource,
+    PlatformCategory,
+    ProviderType,
+    ScanResult,
+)
+
+
+def _make_scan_result(
+    profile_hash: str = "abc123",
+    resource_name: str = "test-resource",
+) -> ScanResult:
+    """Create a sample ScanResult for testing."""
+    resource = DiscoveredResource(
+        resource_type="kubernetes_deployment",
+        unique_id="apps/v1/deployments/default/nginx",
+        name=resource_name,
+        provider=ProviderType.KUBERNETES,
+        platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+        architecture=CpuArchitecture.AARCH64,
+        endpoint="https://k8s-api.internal.lab:6443",
+        attributes={"replicas": 3, "image": "nginx:1.25"},
+        raw_references=["default/services/nginx-svc"],
+    )
+    return ScanResult(
+        resources=[resource],
+        warnings=["some warning"],
+        errors=[],
+        scan_timestamp="2024-01-15T10:30:00Z",
+        profile_hash=profile_hash,
+        is_partial=False,
+    )
+
+
+class TestStoreSnapshot:
+    """Tests for storing snapshots."""
+
+    def test_store_creates_file_in_correct_directory(self, tmp_path: Path) -> None:
+        """Storing a snapshot creates a JSON file in the snapshot directory."""
+        snapshot_dir = tmp_path / "snapshots"
+        store = SnapshotStore(base_dir=str(snapshot_dir))
+        result = _make_scan_result(profile_hash="prof1")
+
+        store.store_snapshot(result, "prof1")
+
+        files = list(snapshot_dir.iterdir())
+        assert len(files) == 1
+        assert files[0].name.startswith("prof1_")
+        assert files[0].name.endswith(".json")
+
+    def test_store_creates_directory_if_not_exists(self, tmp_path: Path) -> None:
+        """Storing a snapshot creates the snapshot directory if it doesn't exist."""
+        snapshot_dir = tmp_path / "nested" / "deep" / "snapshots"
+        store = SnapshotStore(base_dir=str(snapshot_dir))
+        result = _make_scan_result()
+
+        store.store_snapshot(result, "abc123")
+
+        assert snapshot_dir.exists()
+        assert len(list(snapshot_dir.iterdir())) == 1
+
+    def test_stored_file_contains_valid_json(self, tmp_path: Path) -> None:
+        """The stored snapshot file contains valid JSON with expected fields."""
+        snapshot_dir = tmp_path / "snapshots"
+        store = SnapshotStore(base_dir=str(snapshot_dir))
+        result = _make_scan_result(profile_hash="prof1")
+
+        store.store_snapshot(result, "prof1")
+
+        files = list(snapshot_dir.iterdir())
+        with open(files[0], "r") as f:
+            data = json.load(f)
+
+        assert data["profile_hash"] == "prof1"
+        assert data["scan_timestamp"] == "2024-01-15T10:30:00Z"
+        assert len(data["resources"]) == 1
+        assert data["resources"][0]["resource_type"] == "kubernetes_deployment"
+        assert data["resources"][0]["provider"] == "kubernetes"
+        assert data["resources"][0]["architecture"] == "aarch64"
+
+
+class TestLoadPrevious:
+    """Tests for loading previous snapshots."""
+
+    def test_load_returns_correct_scan_result(self, tmp_path: Path) -> None:
+        """Loading a previous snapshot returns the correct ScanResult."""
+        snapshot_dir = tmp_path / "snapshots"
+        store = SnapshotStore(base_dir=str(snapshot_dir))
+        original = _make_scan_result(profile_hash="prof1", resource_name="nginx")
+
+        store.store_snapshot(original, "prof1")
+        loaded = store.load_previous("prof1")
+
+        assert loaded is not None
+        assert loaded.profile_hash == "prof1"
+        assert loaded.scan_timestamp == "2024-01-15T10:30:00Z"
+        assert loaded.is_partial is False
+        assert loaded.warnings == ["some warning"]
+        assert loaded.errors == []
+        assert len(loaded.resources) == 1
+
+        resource = loaded.resources[0]
+        assert resource.resource_type == "kubernetes_deployment"
+        assert resource.unique_id == "apps/v1/deployments/default/nginx"
+        assert resource.name == "nginx"
+        assert resource.provider == ProviderType.KUBERNETES
+        assert resource.platform_category == PlatformCategory.CONTAINER_ORCHESTRATION
+        assert resource.architecture == CpuArchitecture.AARCH64
+        assert resource.endpoint == "https://k8s-api.internal.lab:6443"
+        assert resource.attributes == {"replicas": 3, "image": "nginx:1.25"}
+        assert resource.raw_references == ["default/services/nginx-svc"]
+
+    def test_load_returns_none_when_no_snapshot_exists(self, tmp_path: Path) -> None:
+        """Loading when no snapshot exists returns None."""
+        snapshot_dir = tmp_path / "snapshots"
+        store = SnapshotStore(base_dir=str(snapshot_dir))
+
+        result = store.load_previous("nonexistent")
+
+        assert result is None
+
+    def test_load_returns_none_when_directory_does_not_exist(
+        self, tmp_path: Path
+    ) -> None:
+        """Loading when the snapshot directory doesn't exist returns None."""
+        snapshot_dir = tmp_path / "does_not_exist"
+        store = SnapshotStore(base_dir=str(snapshot_dir))
+
+        result = store.load_previous("prof1")
+
+        assert result is None
+
+    def test_load_returns_most_recent_snapshot(self, tmp_path: Path) -> None:
+        """When multiple snapshots exist, load returns the most recent one."""
+        snapshot_dir = tmp_path / "snapshots"
+        store = SnapshotStore(base_dir=str(snapshot_dir))
+
+        # Store first snapshot
+        result1 = _make_scan_result(profile_hash="prof1", resource_name="first")
+        store.store_snapshot(result1, "prof1")
+        time.sleep(1.1)  # Ensure different timestamp
+
+        # Store second snapshot
+        result2 = _make_scan_result(profile_hash="prof1", resource_name="second")
+        store.store_snapshot(result2, "prof1")
+
+        loaded = store.load_previous("prof1")
+        assert loaded is not None
+        assert loaded.resources[0].name == "second"
+
+
+class TestRetention:
+    """Tests for snapshot retention/pruning."""
+
+    def test_retains_at_least_two_most_recent_snapshots(self, tmp_path: Path) -> None:
+        """Only the 2 most recent snapshots are kept per profile."""
+        snapshot_dir = tmp_path / "snapshots"
+        store = SnapshotStore(base_dir=str(snapshot_dir))
+
+        # Store 4 snapshots with different timestamps
+        for i in range(4):
+            result = _make_scan_result(
+                profile_hash="prof1", resource_name=f"resource-{i}"
+            )
+            store.store_snapshot(result, "prof1")
+            time.sleep(1.1)  # Ensure different timestamps
+
+        # Should only have 2 files remaining
+        files = list(snapshot_dir.iterdir())
+        assert len(files) == 2
+
+        # The most recent should be loadable
+        loaded = store.load_previous("prof1")
+        assert loaded is not None
+        assert loaded.resources[0].name == "resource-3"
+
+    def test_two_snapshots_are_not_pruned(self, tmp_path: Path) -> None:
+        """Exactly 2 snapshots are retained without pruning."""
+        snapshot_dir = tmp_path / "snapshots"
+        store = SnapshotStore(base_dir=str(snapshot_dir))
+
+        store.store_snapshot(_make_scan_result(profile_hash="prof1"), "prof1")
+        time.sleep(1.1)
+        store.store_snapshot(_make_scan_result(profile_hash="prof1"), "prof1")
+
+        files = list(snapshot_dir.iterdir())
+        assert len(files) == 2
+
+
+class TestMultipleProfiles:
+    """Tests for multiple profile isolation."""
+
+    def test_multiple_profiles_do_not_interfere(self, tmp_path: Path) -> None:
+        """Snapshots from different profiles don't interfere with each other."""
+        snapshot_dir = tmp_path / "snapshots"
+        store = SnapshotStore(base_dir=str(snapshot_dir))
+
+        result_a = _make_scan_result(profile_hash="profile_a", resource_name="res-a")
+        result_b = _make_scan_result(profile_hash="profile_b", resource_name="res-b")
+
+        store.store_snapshot(result_a, "profile_a")
+        store.store_snapshot(result_b, "profile_b")
+
+        loaded_a = store.load_previous("profile_a")
+        loaded_b = store.load_previous("profile_b")
+
+        assert loaded_a is not None
+        assert loaded_a.resources[0].name == "res-a"
+        assert loaded_b is not None
+        assert loaded_b.resources[0].name == "res-b"
+
+    def test_pruning_only_affects_matching_profile(self, tmp_path: Path) -> None:
+        """Pruning for one profile does not remove snapshots from another."""
+        snapshot_dir = tmp_path / "snapshots"
+        store = SnapshotStore(base_dir=str(snapshot_dir))
+
+        # Store 4 snapshots for profile_a (should prune to 2)
+        for i in range(4):
+            result = _make_scan_result(
+                profile_hash="profile_a", resource_name=f"a-{i}"
+            )
+            store.store_snapshot(result, "profile_a")
+            time.sleep(1.1)
+
+        # Store 1 snapshot for profile_b
+        result_b = _make_scan_result(profile_hash="profile_b", resource_name="b-0")
+        store.store_snapshot(result_b, "profile_b")
+
+        # profile_a should have 2 files, profile_b should have 1
+        all_files = list(snapshot_dir.iterdir())
+        a_files = [f for f in all_files if f.name.startswith("profile_a_")]
+        b_files = [f for f in all_files if f.name.startswith("profile_b_")]
+
+        assert len(a_files) == 2
+        assert len(b_files) == 1
diff --git a/tests/unit/test_state_builder.py b/tests/unit/test_state_builder.py
new file mode 100644
index 0000000..0cd17a4
--- /dev/null
+++ b/tests/unit/test_state_builder.py
@@ -0,0 +1,681 @@
+"""Unit tests for the StateBuilder."""
+
+import json
+import uuid
+
+import pytest
+
+from iac_reverse.models import (
+    CodeGenerationResult,
+    CpuArchitecture,
+    DependencyGraph,
+    DiscoveredResource,
+    GeneratedFile,
+    PlatformCategory,
+    ProviderType,
+    ResourceRelationship,
+    StateEntry,
+    StateFile,
+)
+from iac_reverse.state_builder import StateBuilder
+
+
+# ---------------------------------------------------------------------------
+# Helpers / Fixtures
+# ---------------------------------------------------------------------------
+
+
+def make_resource(
+    resource_type: str = "kubernetes_deployment",
+    unique_id: str = "apps/v1/deployments/default/nginx",
+    name: str = "nginx",
+    raw_references: list[str] | None = None,
+    attributes: dict | None = None,
+    provider: ProviderType = ProviderType.KUBERNETES,
+    platform_category: PlatformCategory = PlatformCategory.CONTAINER_ORCHESTRATION,
+) -> DiscoveredResource:
+    """Create a sample DiscoveredResource for testing."""
+    return DiscoveredResource(
+        resource_type=resource_type,
+        unique_id=unique_id,
+        name=name,
+        provider=provider,
+        platform_category=platform_category,
+        architecture=CpuArchitecture.AARCH64,
+        endpoint="https://k8s-api.local:6443",
+        attributes=attributes or {"replicas": 3, "image": "nginx:1.25"},
+        raw_references=raw_references or [],
+    )
+
+
+def make_code_generation_result() -> CodeGenerationResult:
+    """Create a minimal CodeGenerationResult for testing."""
+    return CodeGenerationResult(
+        resource_files=[
+            GeneratedFile(
+                filename="kubernetes_deployment.tf",
+                content='resource "kubernetes_deployment" "nginx" {}',
+                resource_count=1,
+            )
+        ],
+        variables_file=GeneratedFile(
+            filename="variables.tf", content="", resource_count=0
+        ),
+        provider_file=GeneratedFile(
+            filename="providers.tf", content="", resource_count=0
+        ),
+    )
+
+
+def make_dependency_graph(
+    resources: list[DiscoveredResource],
+    relationships: list[ResourceRelationship] | None = None,
+) -> DependencyGraph:
+    """Create a DependencyGraph from resources and optional relationships."""
+    return DependencyGraph(
+        resources=resources,
+        relationships=relationships or [],
+        topological_order=[r.unique_id for r in resources],
+        cycles=[],
+        unresolved_references=[],
+    )
+
+
+# ---------------------------------------------------------------------------
+# Tests: Single resource produces valid state entry
+# ---------------------------------------------------------------------------
+
+
+class TestSingleResource:
+    """Tests for state generation with a single resource."""
+
+    def test_single_resource_produces_one_state_entry(self):
+        """A single resource in the graph produces exactly one state entry."""
+        resource = make_resource()
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="3.2.1")
+
+        assert len(state.resources) == 1
+
+    def test_state_entry_has_correct_resource_type(self):
+        """State entry resource_type matches the discovered resource type."""
+        resource = make_resource(resource_type="kubernetes_deployment")
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert state.resources[0].resource_type == "kubernetes_deployment"
+
+    def test_state_entry_has_sanitized_resource_name(self):
+        """State entry resource_name is a valid Terraform identifier."""
+        resource = make_resource(name="my-nginx-app")
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        # Hyphens should be replaced with underscores
+        assert state.resources[0].resource_name == "my_nginx_app"
+
+    def test_state_entry_provider_id_is_unique_id(self):
+        """State entry provider_id is the live infrastructure unique_id."""
+        resource = make_resource(unique_id="apps/v1/deployments/default/nginx")
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert state.resources[0].provider_id == "apps/v1/deployments/default/nginx"
+
+    def test_state_entry_attributes_from_discovery(self):
+        """State entry attributes contain the full discovery attribute set."""
+        attrs = {"replicas": 3, "image": "nginx:1.25", "namespace": "default"}
+        resource = make_resource(attributes=attrs)
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert state.resources[0].attributes == attrs
+
+
+# ---------------------------------------------------------------------------
+# Tests: Multiple resources produce multiple state entries
+# ---------------------------------------------------------------------------
+
+
+class TestMultipleResources:
+    """Tests for state generation with multiple resources."""
+
+    def test_multiple_resources_produce_multiple_entries(self):
+        """Each resource in the graph produces a corresponding state entry."""
+        resources = [
+            make_resource(
+                resource_type="kubernetes_deployment",
+                unique_id="deploy/nginx",
+                name="nginx",
+            ),
+            make_resource(
+                resource_type="kubernetes_service",
+                unique_id="svc/nginx-svc",
+                name="nginx-svc",
+            ),
+            make_resource(
+                resource_type="kubernetes_namespace",
+                unique_id="ns/default",
+                name="default",
+            ),
+        ]
+        graph = make_dependency_graph(resources)
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="2.0.0")
+
+        assert len(state.resources) == 3
+
+    def test_multiple_resources_have_distinct_entries(self):
+        """Each state entry corresponds to a different resource."""
+        resources = [
+            make_resource(
+                resource_type="kubernetes_deployment",
+                unique_id="deploy/nginx",
+                name="nginx",
+            ),
+            make_resource(
+                resource_type="kubernetes_service",
+                unique_id="svc/redis",
+                name="redis",
+            ),
+        ]
+        graph = make_dependency_graph(resources)
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        types = {e.resource_type for e in state.resources}
+        assert "kubernetes_deployment" in types
+        assert "kubernetes_service" in types
+
+
+# ---------------------------------------------------------------------------
+# Tests: Lineage is a valid UUID
+# ---------------------------------------------------------------------------
+
+
+class TestLineage:
+    """Tests for state file lineage UUID generation."""
+
+    def test_lineage_is_valid_uuid(self):
+        """The state file lineage is a valid UUID string."""
+        resource = make_resource()
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        # Should not raise ValueError
+        parsed = uuid.UUID(state.lineage)
+        assert str(parsed) == state.lineage
+
+    def test_lineage_is_unique_per_build(self):
+        """Each build produces a different lineage UUID."""
+        resource = make_resource()
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state1 = builder.build(code_result, graph, provider_version="1.0.0")
+        state2 = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert state1.lineage != state2.lineage
+
+
+# ---------------------------------------------------------------------------
+# Tests: Dependencies are included as Terraform resource addresses
+# ---------------------------------------------------------------------------
+
+
+class TestDependencies:
+    """Tests for dependency references in state entries."""
+
+    def test_dependencies_as_terraform_addresses(self):
+        """Dependencies are formatted as resource_type.resource_name."""
+        namespace = make_resource(
+            resource_type="kubernetes_namespace",
+            unique_id="ns/default",
+            name="default",
+        )
+        deployment = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="deploy/nginx",
+            name="nginx",
+            raw_references=["ns/default"],
+        )
+        relationship = ResourceRelationship(
+            source_id="deploy/nginx",
+            target_id="ns/default",
+            relationship_type="dependency",
+            source_attribute="namespace",
+        )
+        graph = make_dependency_graph(
+            [namespace, deployment], relationships=[relationship]
+        )
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        # Find the deployment entry
+        deploy_entry = next(
+            e for e in state.resources if e.resource_type == "kubernetes_deployment"
+        )
+        assert "kubernetes_namespace.default" in deploy_entry.dependencies
+
+    def test_resource_without_dependencies_has_empty_list(self):
+        """A resource with no relationships has an empty dependencies list."""
+        resource = make_resource()
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert state.resources[0].dependencies == []
+
+    def test_multiple_dependencies_all_included(self):
+        """All dependency relationships are included in the state entry."""
+        ns = make_resource(
+            resource_type="kubernetes_namespace",
+            unique_id="ns/default",
+            name="default",
+        )
+        svc = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="svc/nginx-svc",
+            name="nginx-svc",
+        )
+        deployment = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="deploy/nginx",
+            name="nginx",
+        )
+        relationships = [
+            ResourceRelationship(
+                source_id="deploy/nginx",
+                target_id="ns/default",
+                relationship_type="dependency",
+                source_attribute="namespace",
+            ),
+            ResourceRelationship(
+                source_id="deploy/nginx",
+                target_id="svc/nginx-svc",
+                relationship_type="reference",
+                source_attribute="service",
+            ),
+        ]
+        graph = make_dependency_graph([ns, svc, deployment], relationships=relationships)
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        deploy_entry = next(
+            e for e in state.resources if e.resource_type == "kubernetes_deployment"
+        )
+        assert len(deploy_entry.dependencies) == 2
+        assert "kubernetes_namespace.default" in deploy_entry.dependencies
+        assert "kubernetes_service.nginx_svc" in deploy_entry.dependencies
+
+
+# ---------------------------------------------------------------------------
+# Tests: Sensitive attributes are marked
+# ---------------------------------------------------------------------------
+
+
+class TestSensitiveAttributes:
+    """Tests for sensitive attribute detection."""
+
+    def test_password_attribute_marked_sensitive(self):
+        """Attributes containing 'password' are marked sensitive."""
+        resource = make_resource(
+            attributes={"db_password": "secret123", "name": "mydb"}
+        )
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert "db_password" in state.resources[0].sensitive_attributes
+
+    def test_token_attribute_marked_sensitive(self):
+        """Attributes containing 'token' are marked sensitive."""
+        resource = make_resource(
+            attributes={"api_token": "abc123", "endpoint": "https://api.local"}
+        )
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert "api_token" in state.resources[0].sensitive_attributes
+
+    def test_secret_attribute_marked_sensitive(self):
+        """Attributes containing 'secret' are marked sensitive."""
+        resource = make_resource(
+            attributes={"client_secret": "xyz", "client_id": "app1"}
+        )
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert "client_secret" in state.resources[0].sensitive_attributes
+
+    def test_key_attribute_marked_sensitive(self):
+        """Attributes containing 'key' are marked sensitive."""
+        resource = make_resource(
+            attributes={"private_key": "-----BEGIN RSA KEY-----", "name": "cert1"}
+        )
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert "private_key" in state.resources[0].sensitive_attributes
+
+    def test_certificate_attribute_marked_sensitive(self):
+        """Attributes containing 'certificate' are marked sensitive."""
+        resource = make_resource(
+            attributes={"tls_certificate": "cert-data", "port": 443}
+        )
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert "tls_certificate" in state.resources[0].sensitive_attributes
+
+    def test_non_sensitive_attributes_not_marked(self):
+        """Attributes without sensitive patterns are not marked."""
+        resource = make_resource(
+            attributes={"replicas": 3, "image": "nginx:1.25", "namespace": "default"}
+        )
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert state.resources[0].sensitive_attributes == []
+
+    def test_nested_sensitive_attributes_detected(self):
+        """Sensitive attributes in nested dicts are detected."""
+        resource = make_resource(
+            attributes={
+                "config": {"database_password": "secret", "host": "localhost"}
+            }
+        )
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert "config.database_password" in state.resources[0].sensitive_attributes
+
+
+# ---------------------------------------------------------------------------
+# Tests: Schema version is set from provider_version
+# ---------------------------------------------------------------------------
+
+
+class TestSchemaVersion:
+    """Tests for schema_version setting from provider_version."""
+
+    def test_schema_version_from_major_version(self):
+        """Schema version is the major version number from provider_version."""
+        resource = make_resource()
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="3.2.1")
+
+        assert state.resources[0].schema_version == 3
+
+    def test_schema_version_single_digit(self):
+        """Schema version works with a single digit version string."""
+        resource = make_resource()
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1")
+
+        assert state.resources[0].schema_version == 1
+
+    def test_schema_version_defaults_to_zero_on_invalid(self):
+        """Schema version defaults to 0 if provider_version is unparseable."""
+        resource = make_resource()
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="invalid")
+
+        assert state.resources[0].schema_version == 0
+
+
+# ---------------------------------------------------------------------------
+# Tests: to_json() produces valid JSON with correct structure
+# ---------------------------------------------------------------------------
+
+
+class TestToJson:
+    """Tests for state file JSON serialization."""
+
+    def test_to_json_produces_valid_json(self):
+        """to_json() output is valid JSON."""
+        resource = make_resource(
+            attributes={"replicas": 3, "image": "nginx:1.25"}
+        )
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        json_str = state.to_json()
+        parsed = json.loads(json_str)
+        assert isinstance(parsed, dict)
+
+    def test_to_json_has_version_4(self):
+        """JSON output has version field set to 4."""
+        resource = make_resource()
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        parsed = json.loads(state.to_json())
+        assert parsed["version"] == 4
+
+    def test_to_json_has_serial_1(self):
+        """JSON output has serial field set to 1."""
+        resource = make_resource()
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        parsed = json.loads(state.to_json())
+        assert parsed["serial"] == 1
+
+    def test_to_json_has_terraform_version(self):
+        """JSON output includes the terraform_version."""
+        resource = make_resource()
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder(terraform_version="1.7.0")
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        parsed = json.loads(state.to_json())
+        assert parsed["terraform_version"] == "1.7.0"
+
+    def test_to_json_has_valid_lineage_uuid(self):
+        """JSON output lineage is a valid UUID."""
+        resource = make_resource()
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        parsed = json.loads(state.to_json())
+        # Should not raise ValueError
+        uuid.UUID(parsed["lineage"])
+
+    def test_to_json_resources_have_correct_structure(self):
+        """JSON resources have mode, type, name, provider, and instances."""
+        resource = make_resource(
+            resource_type="kubernetes_deployment",
+            name="nginx",
+            attributes={"replicas": 3},
+        )
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="2.0.0")
+
+        parsed = json.loads(state.to_json())
+        assert len(parsed["resources"]) == 1
+
+        res = parsed["resources"][0]
+        assert res["mode"] == "managed"
+        assert res["type"] == "kubernetes_deployment"
+        assert res["name"] == "nginx"
+        assert "provider" in res
+        assert len(res["instances"]) == 1
+
+    def test_to_json_instance_has_attributes_with_id(self):
+        """JSON instance attributes include the provider_id as 'id'."""
+        resource = make_resource(
+            unique_id="apps/v1/deployments/default/nginx",
+            attributes={"replicas": 3},
+        )
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        parsed = json.loads(state.to_json())
+        instance = parsed["resources"][0]["instances"][0]
+        assert instance["attributes"]["id"] == "apps/v1/deployments/default/nginx"
+        assert instance["attributes"]["replicas"] == 3
+
+    def test_to_json_instance_has_schema_version(self):
+        """JSON instance includes schema_version."""
+        resource = make_resource()
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="3.0.0")
+
+        parsed = json.loads(state.to_json())
+        instance = parsed["resources"][0]["instances"][0]
+        assert instance["schema_version"] == 3
+
+    def test_to_json_instance_has_dependencies(self):
+        """JSON instance includes dependencies list."""
+        ns = make_resource(
+            resource_type="kubernetes_namespace",
+            unique_id="ns/default",
+            name="default",
+        )
+        deployment = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="deploy/nginx",
+            name="nginx",
+        )
+        relationship = ResourceRelationship(
+            source_id="deploy/nginx",
+            target_id="ns/default",
+            relationship_type="dependency",
+            source_attribute="namespace",
+        )
+        graph = make_dependency_graph([ns, deployment], relationships=[relationship])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        parsed = json.loads(state.to_json())
+        deploy_res = next(
+            r for r in parsed["resources"] if r["type"] == "kubernetes_deployment"
+        )
+        instance = deploy_res["instances"][0]
+        assert "kubernetes_namespace.default" in instance["dependencies"]
+
+
+# ---------------------------------------------------------------------------
+# Tests: State file metadata
+# ---------------------------------------------------------------------------
+
+
+class TestStateFileMetadata:
+    """Tests for state file top-level metadata."""
+
+    def test_version_is_4(self):
+        """State file version is always 4."""
+        resource = make_resource()
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert state.version == 4
+
+    def test_serial_is_1(self):
+        """State file serial is 1 for initial generation."""
+        resource = make_resource()
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert state.serial == 1
+
+    def test_custom_terraform_version(self):
+        """StateBuilder accepts a custom terraform_version."""
+        resource = make_resource()
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder(terraform_version="1.8.0")
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert state.terraform_version == "1.8.0"
diff --git a/tests/unit/test_state_builder_unmapped.py b/tests/unit/test_state_builder_unmapped.py
new file mode 100644
index 0000000..bc5fb51
--- /dev/null
+++ b/tests/unit/test_state_builder_unmapped.py
@@ -0,0 +1,468 @@
+"""Unit tests for unmapped resource handling in StateBuilder.
+
+Tests that resources with missing provider-assigned identifiers or
+unrecognized resource types are excluded from the state file, warnings
+are logged, and the unmapped resources list is correctly populated.
+"""
+
+import logging
+
+import pytest
+
+from iac_reverse.models import (
+    CodeGenerationResult,
+    CpuArchitecture,
+    DependencyGraph,
+    DiscoveredResource,
+    GeneratedFile,
+    PlatformCategory,
+    ProviderType,
+    ResourceRelationship,
+)
+from iac_reverse.state_builder import StateBuilder
+
+
+# ---------------------------------------------------------------------------
+# Helpers / Fixtures
+# ---------------------------------------------------------------------------
+
+
+def make_resource(
+    resource_type: str = "kubernetes_deployment",
+    unique_id: str = "apps/v1/deployments/default/nginx",
+    name: str = "nginx",
+    attributes: dict | None = None,
+    provider: ProviderType = ProviderType.KUBERNETES,
+    platform_category: PlatformCategory = PlatformCategory.CONTAINER_ORCHESTRATION,
+) -> DiscoveredResource:
+    """Create a sample DiscoveredResource for testing."""
+    return DiscoveredResource(
+        resource_type=resource_type,
+        unique_id=unique_id,
+        name=name,
+        provider=provider,
+        platform_category=platform_category,
+        architecture=CpuArchitecture.AARCH64,
+        endpoint="https://k8s-api.local:6443",
+        attributes=attributes or {"replicas": 3, "image": "nginx:1.25"},
+        raw_references=[],
+    )
+
+
+def make_code_generation_result() -> CodeGenerationResult:
+    """Create a minimal CodeGenerationResult for testing."""
+    return CodeGenerationResult(
+        resource_files=[
+            GeneratedFile(
+                filename="kubernetes_deployment.tf",
+                content='resource "kubernetes_deployment" "nginx" {}',
+                resource_count=1,
+            )
+        ],
+        variables_file=GeneratedFile(
+            filename="variables.tf", content="", resource_count=0
+        ),
+        provider_file=GeneratedFile(
+            filename="providers.tf", content="", resource_count=0
+        ),
+    )
+
+
+def make_dependency_graph(
+    resources: list[DiscoveredResource],
+    relationships: list[ResourceRelationship] | None = None,
+) -> DependencyGraph:
+    """Create a DependencyGraph from resources and optional relationships."""
+    return DependencyGraph(
+        resources=resources,
+        relationships=relationships or [],
+        topological_order=[r.unique_id for r in resources],
+        cycles=[],
+        unresolved_references=[],
+    )
+
+
+# ---------------------------------------------------------------------------
+# Tests: Resource with empty unique_id is excluded from state
+# ---------------------------------------------------------------------------
+
+
+class TestEmptyUniqueIdExcluded:
+    """Resources with empty unique_id are excluded from state."""
+
+    def test_empty_string_unique_id_excluded(self):
+        """A resource with empty string unique_id produces no state entry."""
+        resource = make_resource(unique_id="")
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert len(state.resources) == 0
+
+    def test_whitespace_only_unique_id_excluded(self):
+        """A resource with whitespace-only unique_id produces no state entry."""
+        resource = make_resource(unique_id="   ")
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert len(state.resources) == 0
+
+    def test_tabs_and_newlines_unique_id_excluded(self):
+        """A resource with tabs/newlines-only unique_id is excluded."""
+        resource = make_resource(unique_id="\t\n")
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert len(state.resources) == 0
+
+
+# ---------------------------------------------------------------------------
+# Tests: Resource with None-like identifier is excluded
+# ---------------------------------------------------------------------------
+
+
+class TestNoneLikeIdentifierExcluded:
+    """Resources with None-like identifiers are excluded from state."""
+
+    def test_none_unique_id_excluded(self):
+        """A resource with None unique_id produces no state entry."""
+        resource = make_resource()
+        # Manually set unique_id to None (bypassing type hints)
+        resource.unique_id = None  # type: ignore[assignment]
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert len(state.resources) == 0
+
+    def test_empty_string_is_falsy_excluded(self):
+        """Empty string is falsy and should be excluded."""
+        resource = make_resource(unique_id="")
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert len(state.resources) == 0
+
+
+# ---------------------------------------------------------------------------
+# Tests: Unrecognized resource type is excluded
+# ---------------------------------------------------------------------------
+
+
+class TestUnrecognizedResourceTypeExcluded:
+    """Resources with unrecognized resource types are excluded."""
+
+    def test_unknown_resource_type_excluded(self):
+        """A resource with an unrecognized type produces no state entry."""
+        resource = make_resource(
+            resource_type="totally_unknown_type",
+            unique_id="some/valid/id",
+            name="mystery",
+        )
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert len(state.resources) == 0
+
+    def test_misspelled_resource_type_excluded(self):
+        """A misspelled resource type is excluded."""
+        resource = make_resource(
+            resource_type="kuberntes_deployment",  # typo
+            unique_id="deploy/nginx",
+            name="nginx",
+        )
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert len(state.resources) == 0
+
+
+# ---------------------------------------------------------------------------
+# Tests: Warning is logged for unmapped resources
+# ---------------------------------------------------------------------------
+
+
+class TestWarningLogged:
+    """Warnings are logged for unmapped resources."""
+
+    def test_warning_logged_for_empty_unique_id(self, caplog):
+        """A warning is logged when a resource has empty unique_id."""
+        resource = make_resource(
+            unique_id="",
+            name="orphan-resource",
+            resource_type="kubernetes_deployment",
+        )
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        with caplog.at_level(logging.WARNING):
+            builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert any("orphan-resource" in record.message for record in caplog.records)
+        assert any(
+            "missing provider-assigned resource identifier" in record.message
+            for record in caplog.records
+        )
+
+    def test_warning_logged_for_unrecognized_type(self, caplog):
+        """A warning is logged when a resource has unrecognized type."""
+        resource = make_resource(
+            resource_type="alien_resource",
+            unique_id="some/id",
+            name="alien",
+        )
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        with caplog.at_level(logging.WARNING):
+            builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert any("alien" in record.message for record in caplog.records)
+        assert any(
+            "not recognized" in record.message for record in caplog.records
+        )
+
+    def test_warning_includes_resource_type_and_name(self, caplog):
+        """Warning message identifies the resource by type and name."""
+        resource = make_resource(
+            resource_type="unknown_type",
+            unique_id="id/123",
+            name="my-resource",
+        )
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        with caplog.at_level(logging.WARNING):
+            builder.build(code_result, graph, provider_version="1.0.0")
+
+        # The warning should contain the resource identifier (type.name)
+        assert any(
+            "unknown_type.my-resource" in record.message
+            for record in caplog.records
+        )
+
+
+# ---------------------------------------------------------------------------
+# Tests: Mapped resources still produce valid state entries alongside unmapped
+# ---------------------------------------------------------------------------
+
+
+class TestMappedAlongsideUnmapped:
+    """Mapped resources produce valid entries even when unmapped ones exist."""
+
+    def test_valid_resource_produces_entry_alongside_unmapped(self):
+        """A valid resource still gets a state entry when others are unmapped."""
+        valid_resource = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="deploy/nginx",
+            name="nginx",
+        )
+        unmapped_resource = make_resource(
+            resource_type="kubernetes_service",
+            unique_id="",  # empty - unmappable
+            name="orphan-svc",
+        )
+        graph = make_dependency_graph([valid_resource, unmapped_resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert len(state.resources) == 1
+        assert state.resources[0].resource_type == "kubernetes_deployment"
+        assert state.resources[0].provider_id == "deploy/nginx"
+
+    def test_multiple_valid_resources_with_one_unmapped(self):
+        """Multiple valid resources produce entries; unmapped one is excluded."""
+        resources = [
+            make_resource(
+                resource_type="kubernetes_deployment",
+                unique_id="deploy/nginx",
+                name="nginx",
+            ),
+            make_resource(
+                resource_type="kubernetes_service",
+                unique_id="svc/redis",
+                name="redis",
+            ),
+            make_resource(
+                resource_type="unknown_type",
+                unique_id="id/mystery",
+                name="mystery",
+            ),
+        ]
+        graph = make_dependency_graph(resources)
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert len(state.resources) == 2
+        types = {e.resource_type for e in state.resources}
+        assert "kubernetes_deployment" in types
+        assert "kubernetes_service" in types
+        assert "unknown_type" not in types
+
+    def test_valid_entries_have_correct_attributes(self):
+        """Valid entries retain full attributes even when unmapped exist."""
+        valid_resource = make_resource(
+            resource_type="docker_service",
+            unique_id="svc/web",
+            name="web",
+            attributes={"replicas": 2, "image": "web:latest"},
+            provider=ProviderType.DOCKER_SWARM,
+            platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+        )
+        unmapped_resource = make_resource(
+            resource_type="docker_service",
+            unique_id="",
+            name="broken",
+            provider=ProviderType.DOCKER_SWARM,
+            platform_category=PlatformCategory.CONTAINER_ORCHESTRATION,
+        )
+        graph = make_dependency_graph([valid_resource, unmapped_resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        state = builder.build(code_result, graph, provider_version="2.0.0")
+
+        assert len(state.resources) == 1
+        assert state.resources[0].attributes == {"replicas": 2, "image": "web:latest"}
+
+
+# ---------------------------------------------------------------------------
+# Tests: Unmapped resources list contains correct entries
+# ---------------------------------------------------------------------------
+
+
+class TestUnmappedResourcesList:
+    """The unmapped_resources property contains correct entries."""
+
+    def test_unmapped_list_empty_when_all_mapped(self):
+        """When all resources are mappable, unmapped list is empty."""
+        resource = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="deploy/nginx",
+            name="nginx",
+        )
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert builder.unmapped_resources == []
+
+    def test_unmapped_list_contains_empty_id_resource(self):
+        """Resource with empty unique_id appears in unmapped list."""
+        resource = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="",
+            name="orphan",
+        )
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert len(builder.unmapped_resources) == 1
+        identifier, reason = builder.unmapped_resources[0]
+        assert "kubernetes_deployment.orphan" == identifier
+        assert "missing provider-assigned resource identifier" in reason
+
+    def test_unmapped_list_contains_unrecognized_type_resource(self):
+        """Resource with unrecognized type appears in unmapped list."""
+        resource = make_resource(
+            resource_type="alien_widget",
+            unique_id="widget/123",
+            name="my-widget",
+        )
+        graph = make_dependency_graph([resource])
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert len(builder.unmapped_resources) == 1
+        identifier, reason = builder.unmapped_resources[0]
+        assert "alien_widget.my-widget" == identifier
+        assert "not recognized" in reason
+
+    def test_unmapped_list_contains_multiple_entries(self):
+        """Multiple unmapped resources all appear in the list."""
+        resources = [
+            make_resource(
+                resource_type="kubernetes_deployment",
+                unique_id="",
+                name="no-id",
+            ),
+            make_resource(
+                resource_type="fake_type",
+                unique_id="fake/id",
+                name="fake",
+            ),
+            make_resource(
+                resource_type="kubernetes_service",
+                unique_id="svc/valid",
+                name="valid",
+            ),
+        ]
+        graph = make_dependency_graph(resources)
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+        builder.build(code_result, graph, provider_version="1.0.0")
+
+        assert len(builder.unmapped_resources) == 2
+        identifiers = [entry[0] for entry in builder.unmapped_resources]
+        assert "kubernetes_deployment.no-id" in identifiers
+        assert "fake_type.fake" in identifiers
+
+    def test_unmapped_list_resets_on_new_build(self):
+        """The unmapped list is reset on each new build call."""
+        unmapped_resource = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="",
+            name="orphan",
+        )
+        valid_resource = make_resource(
+            resource_type="kubernetes_deployment",
+            unique_id="deploy/nginx",
+            name="nginx",
+        )
+        code_result = make_code_generation_result()
+
+        builder = StateBuilder()
+
+        # First build with unmapped resource
+        graph1 = make_dependency_graph([unmapped_resource])
+        builder.build(code_result, graph1, provider_version="1.0.0")
+        assert len(builder.unmapped_resources) == 1
+
+        # Second build with valid resource - unmapped list should reset
+        graph2 = make_dependency_graph([valid_resource])
+        builder.build(code_result, graph2, provider_version="1.0.0")
+        assert len(builder.unmapped_resources) == 0
diff --git a/tests/unit/test_synology_plugin.py b/tests/unit/test_synology_plugin.py
new file mode 100644
index 0000000..d1d92ae
--- /dev/null
+++ b/tests/unit/test_synology_plugin.py
@@ -0,0 +1,499 @@
+"""Unit tests for the Synology DSM provider plugin."""
+
+from unittest.mock import MagicMock, patch
+
+import pytest
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    PlatformCategory,
+    ScanProgress,
+)
+from iac_reverse.scanner import AuthenticationError, SynologyPlugin
+
+
+class TestSynologyPluginAuthentication:
+    """Tests for SynologyPlugin.authenticate()."""
+
+    def test_authenticate_missing_host_raises(self):
+        """Authentication fails when host is not provided."""
+        plugin = SynologyPlugin()
+        with pytest.raises(AuthenticationError) as exc_info:
+            plugin.authenticate({"port": "5001", "username": "admin", "password": "pass"})
+        assert "synology" in str(exc_info.value).lower()
+        assert "host" in str(exc_info.value).lower()
+
+    def test_authenticate_missing_username_raises(self):
+        """Authentication fails when username is not provided."""
+        plugin = SynologyPlugin()
+        with pytest.raises(AuthenticationError) as exc_info:
+            plugin.authenticate({"host": "nas01", "port": "5001", "password": "pass"})
+        assert "username" in str(exc_info.value).lower()
+
+    def test_authenticate_missing_password_raises(self):
+        """Authentication fails when password is not provided."""
+        plugin = SynologyPlugin()
+        with pytest.raises(AuthenticationError) as exc_info:
+            plugin.authenticate({"host": "nas01", "port": "5001", "username": "admin"})
+        assert "password" in str(exc_info.value).lower()
+
+    @patch("iac_reverse.scanner.synology_plugin.SynologyDSM")
+    def test_authenticate_success(self, mock_dsm_class):
+        """Successful authentication sets internal state."""
+        mock_api = MagicMock()
+        mock_api.login.return_value = True
+        mock_dsm_class.return_value = mock_api
+
+        plugin = SynologyPlugin()
+        plugin.authenticate({
+            "host": "nas01.local",
+            "port": "5001",
+            "username": "admin",
+            "password": "secret",
+            "use_ssl": "true",
+        })
+
+        assert plugin._authenticated is True
+        mock_dsm_class.assert_called_once_with(
+            "nas01.local", 5001, "admin", "secret", use_https=True, verify_ssl=False
+        )
+
+    @patch("iac_reverse.scanner.synology_plugin.SynologyDSM")
+    def test_authenticate_login_failure(self, mock_dsm_class):
+        """Authentication raises when login returns False."""
+        mock_api = MagicMock()
+        mock_api.login.return_value = False
+        mock_dsm_class.return_value = mock_api
+
+        plugin = SynologyPlugin()
+
+        with pytest.raises(AuthenticationError) as exc_info:
+            plugin.authenticate({
+                "host": "nas01.local",
+                "port": "5001",
+                "username": "admin",
+                "password": "wrong",
+            })
+        assert "synology" in str(exc_info.value).lower()
+        assert "login failed" in str(exc_info.value).lower()
+
+    @patch("iac_reverse.scanner.synology_plugin.SynologyDSM")
+    def test_authenticate_connection_error(self, mock_dsm_class):
+        """Authentication raises on connection error."""
+        mock_dsm_class.side_effect = ConnectionError("Connection refused")
+
+        plugin = SynologyPlugin()
+
+        with pytest.raises(AuthenticationError) as exc_info:
+            plugin.authenticate({
+                "host": "nas01.local",
+                "port": "5001",
+                "username": "admin",
+                "password": "secret",
+            })
+        assert "synology" in str(exc_info.value).lower()
+
+    @patch("iac_reverse.scanner.synology_plugin.SynologyDSM")
+    def test_authenticate_use_ssl_false(self, mock_dsm_class):
+        """Authentication respects use_ssl=false."""
+        mock_api = MagicMock()
+        mock_api.login.return_value = True
+        mock_dsm_class.return_value = mock_api
+
+        plugin = SynologyPlugin()
+        plugin.authenticate({
+            "host": "nas01.local",
+            "port": "5000",
+            "username": "admin",
+            "password": "secret",
+            "use_ssl": "false",
+        })
+
+        mock_dsm_class.assert_called_once_with(
+            "nas01.local", 5000, "admin", "secret", use_https=False, verify_ssl=False
+        )
+
+
+class TestSynologyPluginMetadata:
+    """Tests for SynologyPlugin metadata methods."""
+
+    def test_get_platform_category(self):
+        """Returns STORAGE_APPLIANCE category."""
+        plugin = SynologyPlugin()
+        assert plugin.get_platform_category() == PlatformCategory.STORAGE_APPLIANCE
+
+    def test_list_supported_resource_types(self):
+        """Returns all five Synology resource types."""
+        plugin = SynologyPlugin()
+        types = plugin.list_supported_resource_types()
+        assert types == [
+            "synology_shared_folder",
+            "synology_volume",
+            "synology_storage_pool",
+            "synology_replication_task",
+            "synology_user",
+        ]
+
+    def test_list_endpoints_default(self):
+        """Returns HTTPS endpoint by default."""
+        plugin = SynologyPlugin()
+        plugin._host = "nas01.local"
+        plugin._port = "5001"
+        plugin._use_ssl = True
+        assert plugin.list_endpoints() == ["https://nas01.local:5001"]
+
+    def test_list_endpoints_no_ssl(self):
+        """Returns HTTP endpoint when SSL is disabled."""
+        plugin = SynologyPlugin()
+        plugin._host = "nas01.local"
+        plugin._port = "5000"
+        plugin._use_ssl = False
+        assert plugin.list_endpoints() == ["http://nas01.local:5000"]
+
+
+class TestSynologyPluginArchitecture:
+    """Tests for SynologyPlugin.detect_architecture()."""
+
+    def test_detect_architecture_no_api(self):
+        """Returns AMD64 when no API is connected."""
+        plugin = SynologyPlugin()
+        assert plugin.detect_architecture("https://nas01:5001") == CpuArchitecture.AMD64
+
+    def test_detect_architecture_arm(self):
+        """Detects ARM architecture from model info."""
+        plugin = SynologyPlugin()
+        mock_info = MagicMock()
+        mock_info.model = "DS220j"
+        mock_info.cpu_hardware_name = "ARM Realtek RTD1296"
+        plugin._api = MagicMock()
+        plugin._api.information = mock_info
+
+        result = plugin.detect_architecture("https://nas01:5001")
+        assert result == CpuArchitecture.ARM
+
+    def test_detect_architecture_aarch64(self):
+        """Detects AArch64 architecture from model info."""
+        plugin = SynologyPlugin()
+        mock_info = MagicMock()
+        mock_info.model = "DS923+"
+        mock_info.cpu_hardware_name = "aarch64 Cortex-A55"
+        plugin._api = MagicMock()
+        plugin._api.information = mock_info
+
+        result = plugin.detect_architecture("https://nas01:5001")
+        assert result == CpuArchitecture.AARCH64
+
+    def test_detect_architecture_amd64(self):
+        """Detects AMD64 architecture from model info."""
+        plugin = SynologyPlugin()
+        mock_info = MagicMock()
+        mock_info.model = "DS1621+"
+        mock_info.cpu_hardware_name = "AMD Ryzen V1500B"
+        plugin._api = MagicMock()
+        plugin._api.information = mock_info
+
+        result = plugin.detect_architecture("https://nas01:5001")
+        assert result == CpuArchitecture.AMD64
+
+    def test_detect_architecture_alpine_is_arm(self):
+        """Detects Alpine (Marvell ARM) as ARM architecture."""
+        plugin = SynologyPlugin()
+        mock_info = MagicMock()
+        mock_info.model = "DS218j"
+        mock_info.cpu_hardware_name = "Alpine AL-212"
+        plugin._api = MagicMock()
+        plugin._api.information = mock_info
+
+        result = plugin.detect_architecture("https://nas01:5001")
+        assert result == CpuArchitecture.ARM
+
+    def test_detect_architecture_exception_returns_amd64(self):
+        """Returns AMD64 on exception during detection."""
+        plugin = SynologyPlugin()
+        plugin._api = MagicMock()
+        plugin._api.information = property(lambda self: (_ for _ in ()).throw(RuntimeError("fail")))
+        # Simulate attribute access raising
+        type(plugin._api).information = property(lambda self: (_ for _ in ()).throw(RuntimeError("fail")))
+
+        result = plugin.detect_architecture("https://nas01:5001")
+        assert result == CpuArchitecture.AMD64
+
+
+class TestSynologyPluginDiscovery:
+    """Tests for SynologyPlugin.discover_resources()."""
+
+    def _make_authenticated_plugin(self):
+        """Create a plugin with mocked API."""
+        plugin = SynologyPlugin()
+        plugin._api = MagicMock()
+        plugin._authenticated = True
+        plugin._host = "nas01.local"
+        plugin._port = "5001"
+        plugin._use_ssl = True
+
+        # Default: no architecture info
+        mock_info = MagicMock()
+        mock_info.model = "DS920+"
+        mock_info.cpu_hardware_name = "Intel Celeron J4125"
+        plugin._api.information = mock_info
+
+        return plugin
+
+    def test_discover_shared_folders(self):
+        """Discovers shared folders from storage API."""
+        plugin = self._make_authenticated_plugin()
+        plugin._api.storage.shares = [
+            {
+                "name": "photos",
+                "path": "/volume1/photos",
+                "desc": "Photo library",
+                "is_encrypted": False,
+                "enable_recycle_bin": True,
+                "vol_path": "/volume1",
+            },
+            {
+                "name": "backups",
+                "path": "/volume1/backups",
+                "desc": "Backup storage",
+                "is_encrypted": True,
+                "enable_recycle_bin": False,
+                "vol_path": "/volume1",
+            },
+        ]
+
+        progress_updates = []
+        result = plugin.discover_resources(
+            endpoints=["https://nas01.local:5001"],
+            resource_types=["synology_shared_folder"],
+            progress_callback=lambda p: progress_updates.append(p),
+        )
+
+        assert len(result.resources) == 2
+        assert result.resources[0].resource_type == "synology_shared_folder"
+        assert result.resources[0].name == "photos"
+        assert result.resources[0].unique_id == "synology/shared_folder/photos"
+        assert result.resources[0].provider.value == "synology"
+        assert result.resources[0].platform_category == PlatformCategory.STORAGE_APPLIANCE
+        assert result.resources[0].architecture == CpuArchitecture.AMD64
+        assert result.resources[0].attributes["encryption"] is False
+        assert result.resources[1].name == "backups"
+        assert result.resources[1].attributes["encryption"] is True
+
+    def test_discover_volumes(self):
+        """Discovers volumes from storage API."""
+        plugin = self._make_authenticated_plugin()
+        plugin._api.storage.volumes = [
+            {
+                "id": "volume_1",
+                "display_name": "Volume 1",
+                "status": "normal",
+                "fs_type": "btrfs",
+                "size": {"total": "4TB", "used": "2TB"},
+                "pool_path": "pool_1",
+            },
+        ]
+
+        result = plugin.discover_resources(
+            endpoints=["https://nas01.local:5001"],
+            resource_types=["synology_volume"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.resources) == 1
+        vol = result.resources[0]
+        assert vol.resource_type == "synology_volume"
+        assert vol.unique_id == "synology/volume/volume_1"
+        assert vol.name == "Volume 1"
+        assert vol.attributes["fs_type"] == "btrfs"
+        assert vol.attributes["size_total"] == "4TB"
+        assert vol.raw_references == ["synology/storage_pool/pool_1"]
+
+    def test_discover_storage_pools(self):
+        """Discovers storage pools from storage API."""
+        plugin = self._make_authenticated_plugin()
+        plugin._api.storage.storage_pools = [
+            {
+                "id": "pool_1",
+                "display_name": "Storage Pool 1",
+                "status": "normal",
+                "raid_type": "SHR-2",
+                "size": {"total": "8TB", "used": "4TB"},
+                "disks": ["disk1", "disk2", "disk3", "disk4"],
+            },
+        ]
+
+        result = plugin.discover_resources(
+            endpoints=["https://nas01.local:5001"],
+            resource_types=["synology_storage_pool"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.resources) == 1
+        pool = result.resources[0]
+        assert pool.resource_type == "synology_storage_pool"
+        assert pool.unique_id == "synology/storage_pool/pool_1"
+        assert pool.attributes["raid_type"] == "SHR-2"
+        assert pool.attributes["disk_count"] == 4
+
+    def test_discover_replication_tasks(self):
+        """Discovers replication tasks from replication API."""
+        plugin = self._make_authenticated_plugin()
+        plugin._api.replication.tasks = [
+            {
+                "id": "repl_1",
+                "name": "Offsite Backup",
+                "status": "active",
+                "type": "snapshot_replication",
+                "destination": "remote-nas.local",
+                "schedule": {"frequency": "daily"},
+                "shared_folder": "backups",
+            },
+        ]
+
+        result = plugin.discover_resources(
+            endpoints=["https://nas01.local:5001"],
+            resource_types=["synology_replication_task"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.resources) == 1
+        task = result.resources[0]
+        assert task.resource_type == "synology_replication_task"
+        assert task.unique_id == "synology/replication_task/repl_1"
+        assert task.name == "Offsite Backup"
+        assert task.attributes["destination"] == "remote-nas.local"
+        assert task.raw_references == ["synology/shared_folder/backups"]
+
+    def test_discover_users(self):
+        """Discovers users from users API."""
+        plugin = self._make_authenticated_plugin()
+        plugin._api.users.users = [
+            {
+                "name": "admin",
+                "description": "System administrator",
+                "email": "admin@example.com",
+                "expired": False,
+                "groups": ["administrators"],
+            },
+            {
+                "name": "john",
+                "description": "Regular user",
+                "email": "john@example.com",
+                "expired": False,
+                "groups": ["users"],
+            },
+        ]
+
+        result = plugin.discover_resources(
+            endpoints=["https://nas01.local:5001"],
+            resource_types=["synology_user"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.resources) == 2
+        assert result.resources[0].resource_type == "synology_user"
+        assert result.resources[0].name == "admin"
+        assert result.resources[0].unique_id == "synology/user/admin"
+        assert result.resources[0].attributes["groups"] == ["administrators"]
+        assert result.resources[1].name == "john"
+
+    def test_discover_multiple_resource_types(self):
+        """Discovers multiple resource types in one call."""
+        plugin = self._make_authenticated_plugin()
+        plugin._api.storage.shares = [
+            {"name": "data", "path": "/volume1/data", "desc": "", "is_encrypted": False,
+             "enable_recycle_bin": True, "vol_path": "/volume1"},
+        ]
+        plugin._api.users.users = [
+            {"name": "admin", "description": "", "email": "", "expired": False, "groups": []},
+        ]
+
+        result = plugin.discover_resources(
+            endpoints=["https://nas01.local:5001"],
+            resource_types=["synology_shared_folder", "synology_user"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.resources) == 2
+        types = {r.resource_type for r in result.resources}
+        assert types == {"synology_shared_folder", "synology_user"}
+
+    def test_discover_unsupported_type_adds_warning(self):
+        """Unsupported resource types produce warnings."""
+        plugin = self._make_authenticated_plugin()
+
+        result = plugin.discover_resources(
+            endpoints=["https://nas01.local:5001"],
+            resource_types=["synology_nonexistent"],
+            progress_callback=lambda p: None,
+        )
+
+        assert len(result.resources) == 0
+        assert len(result.warnings) == 1
+        assert "synology_nonexistent" in result.warnings[0]
+
+    def test_discover_progress_callback_called(self):
+        """Progress callback is invoked for each resource type."""
+        plugin = self._make_authenticated_plugin()
+        plugin._api.storage.shares = []
+
+        progress_updates: list[ScanProgress] = []
+        plugin.discover_resources(
+            endpoints=["https://nas01.local:5001"],
+            resource_types=["synology_shared_folder", "synology_volume"],
+            progress_callback=lambda p: progress_updates.append(p),
+        )
+
+        # Should have initial + per-type + final updates
+        assert len(progress_updates) >= 3
+        assert progress_updates[0].total_resource_types == 2
+
+    def test_discover_handles_api_error_gracefully(self):
+        """API errors for one type don't prevent other types from being discovered."""
+        plugin = self._make_authenticated_plugin()
+
+        # Storage raises an error
+        type(plugin._api).storage = property(
+            lambda self: (_ for _ in ()).throw(RuntimeError("API error"))
+        )
+        plugin._api.users = MagicMock()
+        plugin._api.users.users = [
+            {"name": "admin", "description": "", "email": "", "expired": False, "groups": []},
+        ]
+
+        result = plugin.discover_resources(
+            endpoints=["https://nas01.local:5001"],
+            resource_types=["synology_shared_folder", "synology_user"],
+            progress_callback=lambda p: None,
+        )
+
+        # Users should still be discovered even though shared folders errored
+        assert len(result.errors) == 1
+        assert "synology_shared_folder" in result.errors[0]
+        user_resources = [r for r in result.resources if r.resource_type == "synology_user"]
+        assert len(user_resources) == 1
+
+    def test_discover_empty_endpoints_uses_default(self):
+        """When endpoints list is empty, uses list_endpoints()."""
+        plugin = self._make_authenticated_plugin()
+        plugin._api.storage.shares = []
+
+        result = plugin.discover_resources(
+            endpoints=[],
+            resource_types=["synology_shared_folder"],
+            progress_callback=lambda p: None,
+        )
+
+        # Should not raise - uses default endpoint
+        assert result is not None
+
+
+class TestSynologyPluginIsProviderPlugin:
+    """Verify SynologyPlugin properly implements ProviderPlugin ABC."""
+
+    def test_is_instance_of_provider_plugin(self):
+        """SynologyPlugin is a ProviderPlugin."""
+        from iac_reverse.plugin_base import ProviderPlugin
+
+        plugin = SynologyPlugin()
+        assert isinstance(plugin, ProviderPlugin)
diff --git a/tests/unit/test_validator.py b/tests/unit/test_validator.py
new file mode 100644
index 0000000..7429dca
--- /dev/null
+++ b/tests/unit/test_validator.py
@@ -0,0 +1,689 @@
+"""Unit tests for the Terraform Validator.
+
+Tests cover:
+- Successful validation (init + validate + plan all pass)
+- Missing terraform binary
+- terraform init failure
+- terraform validate failure with errors
+- terraform plan showing drift (planned changes)
+- Error parsing from terraform JSON output
+"""
+
+import json
+from unittest.mock import MagicMock, patch
+
+import pytest
+
+from iac_reverse.models import PlannedChange, ValidationError, ValidationResult
+from iac_reverse.validator import Validator
+
+
+# ---------------------------------------------------------------------------
+# Helpers
+# ---------------------------------------------------------------------------
+
+def _make_completed_process(returncode=0, stdout="", stderr=""):
+    """Create a mock CompletedProcess-like object."""
+    mock = MagicMock()
+    mock.returncode = returncode
+    mock.stdout = stdout
+    mock.stderr = stderr
+    return mock
+
+
+VALIDATE_SUCCESS_JSON = json.dumps(
+    {"valid": True, "error_count": 0, "diagnostics": []}
+)
+
+PLAN_NO_CHANGES_JSON = "\n".join(
+    [
+        json.dumps({"type": "version", "terraform": "1.7.0"}),
+        json.dumps(
+            {
+                "type": "change_summary",
+                "changes": {"add": 0, "change": 0, "remove": 0},
+            }
+        ),
+    ]
+)
+
+
+# ---------------------------------------------------------------------------
+# Tests: missing terraform binary
+# ---------------------------------------------------------------------------
+
+
+class TestMissingTerraformBinary:
+    def test_returns_failure_result_when_terraform_not_found(self, tmp_path):
+        """When terraform binary is absent, all success flags are False and
+        a descriptive error is included."""
+        with patch("shutil.which", return_value=None):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert isinstance(result, ValidationResult)
+        assert result.init_success is False
+        assert result.validate_success is False
+        assert result.plan_success is False
+        assert len(result.errors) == 1
+        error = result.errors[0]
+        assert "Terraform" in error.message
+        assert "required" in error.message.lower() or "PATH" in error.message
+
+    def test_no_planned_changes_when_terraform_not_found(self, tmp_path):
+        with patch("shutil.which", return_value=None):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.planned_changes == []
+
+    def test_correction_attempts_zero_when_terraform_not_found(self, tmp_path):
+        with patch("shutil.which", return_value=None):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.correction_attempts == 0
+
+
+# ---------------------------------------------------------------------------
+# Tests: terraform init failure
+# ---------------------------------------------------------------------------
+
+
+class TestTerraformInitFailure:
+    def test_init_failure_returns_correct_flags(self, tmp_path):
+        """When terraform init fails, init_success is False and subsequent
+        stages are not run."""
+        init_result = _make_completed_process(
+            returncode=1, stderr="Error: Failed to install provider"
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run", return_value=init_result
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.init_success is False
+        assert result.validate_success is False
+        assert result.plan_success is False
+
+    def test_init_failure_includes_error_message(self, tmp_path):
+        init_result = _make_completed_process(
+            returncode=1, stderr="Error: Failed to install provider"
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run", return_value=init_result
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert len(result.errors) >= 1
+        assert "terraform init failed" in result.errors[0].message.lower()
+        assert "Failed to install provider" in result.errors[0].message
+
+    def test_init_failure_stops_pipeline(self, tmp_path):
+        """After init failure, validate and plan should not be called."""
+        init_result = _make_completed_process(returncode=1, stderr="init error")
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run", return_value=init_result
+        ) as mock_run:
+            validator = Validator()
+            validator.validate(str(tmp_path))
+
+        # Only one subprocess.run call (for init)
+        assert mock_run.call_count == 1
+
+
+# ---------------------------------------------------------------------------
+# Tests: successful validation
+# ---------------------------------------------------------------------------
+
+
+class TestSuccessfulValidation:
+    def test_all_flags_true_on_success(self, tmp_path):
+        """When init, validate, and plan all succeed with zero changes,
+        all success flags are True."""
+        init_result = _make_completed_process(returncode=0)
+        validate_result = _make_completed_process(
+            returncode=0, stdout=VALIDATE_SUCCESS_JSON
+        )
+        plan_result = _make_completed_process(
+            returncode=0, stdout=PLAN_NO_CHANGES_JSON
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[init_result, validate_result, plan_result],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.init_success is True
+        assert result.validate_success is True
+        assert result.plan_success is True
+
+    def test_no_errors_on_success(self, tmp_path):
+        init_result = _make_completed_process(returncode=0)
+        validate_result = _make_completed_process(
+            returncode=0, stdout=VALIDATE_SUCCESS_JSON
+        )
+        plan_result = _make_completed_process(
+            returncode=0, stdout=PLAN_NO_CHANGES_JSON
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[init_result, validate_result, plan_result],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.errors == []
+
+    def test_no_planned_changes_on_success(self, tmp_path):
+        init_result = _make_completed_process(returncode=0)
+        validate_result = _make_completed_process(
+            returncode=0, stdout=VALIDATE_SUCCESS_JSON
+        )
+        plan_result = _make_completed_process(
+            returncode=0, stdout=PLAN_NO_CHANGES_JSON
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[init_result, validate_result, plan_result],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.planned_changes == []
+
+    def test_correction_attempts_zero_on_success(self, tmp_path):
+        init_result = _make_completed_process(returncode=0)
+        validate_result = _make_completed_process(
+            returncode=0, stdout=VALIDATE_SUCCESS_JSON
+        )
+        plan_result = _make_completed_process(
+            returncode=0, stdout=PLAN_NO_CHANGES_JSON
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[init_result, validate_result, plan_result],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.correction_attempts == 0
+
+
+# ---------------------------------------------------------------------------
+# Tests: terraform validate failure with errors
+# ---------------------------------------------------------------------------
+
+
+class TestTerraformValidateFailure:
+    def _make_validate_error_json(
+        self, filename="main.tf", line=10, summary="Invalid attribute", detail="No such attribute"
+    ):
+        return json.dumps(
+            {
+                "valid": False,
+                "error_count": 1,
+                "diagnostics": [
+                    {
+                        "severity": "error",
+                        "summary": summary,
+                        "detail": detail,
+                        "range": {
+                            "filename": filename,
+                            "start": {"line": line, "column": 1},
+                            "end": {"line": line, "column": 20},
+                        },
+                    }
+                ],
+            }
+        )
+
+    def test_validate_failure_sets_correct_flags(self, tmp_path):
+        init_result = _make_completed_process(returncode=0)
+        validate_result = _make_completed_process(
+            returncode=1, stdout=self._make_validate_error_json()
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run", side_effect=[init_result, validate_result]
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.init_success is True
+        assert result.validate_success is False
+        assert result.plan_success is False
+
+    def test_validate_failure_parses_file_name(self, tmp_path):
+        init_result = _make_completed_process(returncode=0)
+        validate_result = _make_completed_process(
+            returncode=1,
+            stdout=self._make_validate_error_json(filename="kubernetes_deployment.tf"),
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run", side_effect=[init_result, validate_result]
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert len(result.errors) == 1
+        assert result.errors[0].file == "kubernetes_deployment.tf"
+
+    def test_validate_failure_parses_line_number(self, tmp_path):
+        init_result = _make_completed_process(returncode=0)
+        validate_result = _make_completed_process(
+            returncode=1,
+            stdout=self._make_validate_error_json(line=42),
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run", side_effect=[init_result, validate_result]
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.errors[0].line == 42
+
+    def test_validate_failure_parses_error_message(self, tmp_path):
+        init_result = _make_completed_process(returncode=0)
+        validate_result = _make_completed_process(
+            returncode=1,
+            stdout=self._make_validate_error_json(
+                summary="Unsupported argument",
+                detail="An argument named 'foo' is not expected here.",
+            ),
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run", side_effect=[init_result, validate_result]
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert "Unsupported argument" in result.errors[0].message
+        assert "foo" in result.errors[0].message
+
+    def test_validate_failure_multiple_errors(self, tmp_path):
+        validate_json = json.dumps(
+            {
+                "valid": False,
+                "error_count": 2,
+                "diagnostics": [
+                    {
+                        "severity": "error",
+                        "summary": "Error one",
+                        "detail": "",
+                        "range": {
+                            "filename": "main.tf",
+                            "start": {"line": 5, "column": 1},
+                        },
+                    },
+                    {
+                        "severity": "error",
+                        "summary": "Error two",
+                        "detail": "",
+                        "range": {
+                            "filename": "variables.tf",
+                            "start": {"line": 12, "column": 3},
+                        },
+                    },
+                ],
+            }
+        )
+        init_result = _make_completed_process(returncode=0)
+        validate_result = _make_completed_process(
+            returncode=1, stdout=validate_json
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run", side_effect=[init_result, validate_result]
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert len(result.errors) == 2
+        assert result.errors[0].file == "main.tf"
+        assert result.errors[1].file == "variables.tf"
+
+    def test_validate_ignores_warning_diagnostics(self, tmp_path):
+        """Only error-severity diagnostics should be included in errors."""
+        validate_json = json.dumps(
+            {
+                "valid": False,
+                "error_count": 1,
+                "diagnostics": [
+                    {
+                        "severity": "warning",
+                        "summary": "Deprecated attribute",
+                        "detail": "Use new_attr instead.",
+                        "range": {
+                            "filename": "main.tf",
+                            "start": {"line": 3, "column": 1},
+                        },
+                    },
+                    {
+                        "severity": "error",
+                        "summary": "Real error",
+                        "detail": "",
+                        "range": {
+                            "filename": "main.tf",
+                            "start": {"line": 7, "column": 1},
+                        },
+                    },
+                ],
+            }
+        )
+        init_result = _make_completed_process(returncode=0)
+        validate_result = _make_completed_process(
+            returncode=1, stdout=validate_json
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run", side_effect=[init_result, validate_result]
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert len(result.errors) == 1
+        assert result.errors[0].message == "Real error"
+
+    def test_validate_failure_stops_plan(self, tmp_path):
+        """When validate fails, plan should not be run."""
+        init_result = _make_completed_process(returncode=0)
+        validate_result = _make_completed_process(
+            returncode=1,
+            stdout=self._make_validate_error_json(),
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run", side_effect=[init_result, validate_result]
+        ) as mock_run:
+            validator = Validator()
+            validator.validate(str(tmp_path))
+
+        # Only init and validate calls, no plan
+        assert mock_run.call_count == 2
+
+
+# ---------------------------------------------------------------------------
+# Tests: terraform plan showing drift
+# ---------------------------------------------------------------------------
+
+
+class TestTerraformPlanDrift:
+    def _make_plan_with_changes(self, changes):
+        """Build a terraform plan JSON stream with the given changes.
+
+        changes: list of (addr, action) tuples
+        """
+        lines = [json.dumps({"type": "version", "terraform": "1.7.0"})]
+        for addr, action in changes:
+            lines.append(
+                json.dumps(
+                    {
+                        "type": "planned_change",
+                        "change": {
+                            "resource": {"addr": addr},
+                            "action": action,
+                        },
+                    }
+                )
+            )
+        total_add = sum(1 for _, a in changes if a == "create")
+        total_change = sum(1 for _, a in changes if a == "update")
+        total_remove = sum(1 for _, a in changes if a == "delete")
+        lines.append(
+            json.dumps(
+                {
+                    "type": "change_summary",
+                    "changes": {
+                        "add": total_add,
+                        "change": total_change,
+                        "remove": total_remove,
+                    },
+                }
+            )
+        )
+        return "\n".join(lines)
+
+    def test_plan_with_add_sets_plan_success_false(self, tmp_path):
+        plan_output = self._make_plan_with_changes(
+            [("kubernetes_deployment.nginx", "create")]
+        )
+        init_result = _make_completed_process(returncode=0)
+        validate_result = _make_completed_process(
+            returncode=0, stdout=VALIDATE_SUCCESS_JSON
+        )
+        plan_result = _make_completed_process(returncode=2, stdout=plan_output)
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[init_result, validate_result, plan_result],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.plan_success is False
+
+    def test_plan_with_add_reports_change_type_add(self, tmp_path):
+        plan_output = self._make_plan_with_changes(
+            [("kubernetes_deployment.nginx", "create")]
+        )
+        init_result = _make_completed_process(returncode=0)
+        validate_result = _make_completed_process(
+            returncode=0, stdout=VALIDATE_SUCCESS_JSON
+        )
+        plan_result = _make_completed_process(returncode=2, stdout=plan_output)
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[init_result, validate_result, plan_result],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert len(result.planned_changes) == 1
+        change = result.planned_changes[0]
+        assert change.resource_address == "kubernetes_deployment.nginx"
+        assert change.change_type == "add"
+
+    def test_plan_with_update_reports_change_type_modify(self, tmp_path):
+        plan_output = self._make_plan_with_changes(
+            [("docker_service.web", "update")]
+        )
+        init_result = _make_completed_process(returncode=0)
+        validate_result = _make_completed_process(
+            returncode=0, stdout=VALIDATE_SUCCESS_JSON
+        )
+        plan_result = _make_completed_process(returncode=2, stdout=plan_output)
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[init_result, validate_result, plan_result],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.planned_changes[0].change_type == "modify"
+
+    def test_plan_with_delete_reports_change_type_destroy(self, tmp_path):
+        plan_output = self._make_plan_with_changes(
+            [("harvester_virtualmachine.dev_vm", "delete")]
+        )
+        init_result = _make_completed_process(returncode=0)
+        validate_result = _make_completed_process(
+            returncode=0, stdout=VALIDATE_SUCCESS_JSON
+        )
+        plan_result = _make_completed_process(returncode=2, stdout=plan_output)
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[init_result, validate_result, plan_result],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.planned_changes[0].change_type == "destroy"
+
+    def test_plan_with_multiple_changes(self, tmp_path):
+        plan_output = self._make_plan_with_changes(
+            [
+                ("kubernetes_deployment.nginx", "create"),
+                ("docker_service.web", "update"),
+                ("harvester_virtualmachine.old_vm", "delete"),
+            ]
+        )
+        init_result = _make_completed_process(returncode=0)
+        validate_result = _make_completed_process(
+            returncode=0, stdout=VALIDATE_SUCCESS_JSON
+        )
+        plan_result = _make_completed_process(returncode=2, stdout=plan_output)
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[init_result, validate_result, plan_result],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert len(result.planned_changes) == 3
+        addresses = {c.resource_address for c in result.planned_changes}
+        assert "kubernetes_deployment.nginx" in addresses
+        assert "docker_service.web" in addresses
+        assert "harvester_virtualmachine.old_vm" in addresses
+
+    def test_plan_with_changes_sets_validate_success_true(self, tmp_path):
+        """Drift does not affect validate_success — only plan_success."""
+        plan_output = self._make_plan_with_changes(
+            [("kubernetes_deployment.nginx", "create")]
+        )
+        init_result = _make_completed_process(returncode=0)
+        validate_result = _make_completed_process(
+            returncode=0, stdout=VALIDATE_SUCCESS_JSON
+        )
+        plan_result = _make_completed_process(returncode=2, stdout=plan_output)
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[init_result, validate_result, plan_result],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.init_success is True
+        assert result.validate_success is True
+        assert result.plan_success is False
+
+
+# ---------------------------------------------------------------------------
+# Tests: JSON parsing edge cases
+# ---------------------------------------------------------------------------
+
+
+class TestJsonParsing:
+    def test_validate_with_invalid_json_output(self, tmp_path):
+        """When terraform validate returns non-JSON, a parse error is reported."""
+        init_result = _make_completed_process(returncode=0)
+        validate_result = _make_completed_process(
+            returncode=1, stdout="not valid json"
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run", side_effect=[init_result, validate_result]
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.validate_success is False
+        assert len(result.errors) >= 1
+        assert any("parse" in e.message.lower() or "json" in e.message.lower() for e in result.errors)
+
+    def test_validate_error_without_range(self, tmp_path):
+        """Errors without range info should still be parsed with empty file and no line."""
+        validate_json = json.dumps(
+            {
+                "valid": False,
+                "error_count": 1,
+                "diagnostics": [
+                    {
+                        "severity": "error",
+                        "summary": "No range error",
+                        "detail": "Something went wrong",
+                    }
+                ],
+            }
+        )
+        init_result = _make_completed_process(returncode=0)
+        validate_result = _make_completed_process(
+            returncode=1, stdout=validate_json
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run", side_effect=[init_result, validate_result]
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert len(result.errors) == 1
+        assert result.errors[0].file == ""
+        assert result.errors[0].line is None
+        assert "No range error" in result.errors[0].message
+
+    def test_plan_with_malformed_lines_skipped(self, tmp_path):
+        """Malformed JSON lines in plan output should be skipped gracefully."""
+        plan_output = "\n".join(
+            [
+                "not json",
+                json.dumps({"type": "version", "terraform": "1.7.0"}),
+                "also not json",
+                json.dumps(
+                    {
+                        "type": "change_summary",
+                        "changes": {"add": 0, "change": 0, "remove": 0},
+                    }
+                ),
+            ]
+        )
+        init_result = _make_completed_process(returncode=0)
+        validate_result = _make_completed_process(
+            returncode=0, stdout=VALIDATE_SUCCESS_JSON
+        )
+        plan_result = _make_completed_process(returncode=0, stdout=plan_output)
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[init_result, validate_result, plan_result],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        # Should not raise; plan_success True because no changes
+        assert result.plan_success is True
+        assert result.planned_changes == []
+
+
+# ---------------------------------------------------------------------------
+# Tests: Validator export
+# ---------------------------------------------------------------------------
+
+
+class TestValidatorExport:
+    def test_validator_importable_from_package(self):
+        from iac_reverse.validator import Validator as V
+
+        assert V is Validator
+
+    def test_validator_is_instantiable(self):
+        v = Validator()
+        assert v is not None
diff --git a/tests/unit/test_validator_autocorrect.py b/tests/unit/test_validator_autocorrect.py
new file mode 100644
index 0000000..e13838f
--- /dev/null
+++ b/tests/unit/test_validator_autocorrect.py
@@ -0,0 +1,766 @@
+"""Unit tests for the Validator auto-correction loop.
+
+Tests cover:
+- Successful correction on first attempt
+- Correction after multiple attempts
+- Failure after max attempts exhausted
+- correction_attempts count is accurate
+- Original errors are preserved when correction fails
+"""
+
+import json
+from unittest.mock import MagicMock, patch
+
+import pytest
+
+from iac_reverse.models import ValidationError, ValidationResult
+from iac_reverse.validator import Validator
+
+
+# ---------------------------------------------------------------------------
+# Helpers
+# ---------------------------------------------------------------------------
+
+
+def _make_completed_process(returncode=0, stdout="", stderr=""):
+    """Create a mock CompletedProcess-like object."""
+    mock = MagicMock()
+    mock.returncode = returncode
+    mock.stdout = stdout
+    mock.stderr = stderr
+    return mock
+
+
+VALIDATE_SUCCESS_JSON = json.dumps(
+    {"valid": True, "error_count": 0, "diagnostics": []}
+)
+
+PLAN_NO_CHANGES_JSON = "\n".join(
+    [
+        json.dumps({"type": "version", "terraform": "1.7.0"}),
+        json.dumps(
+            {
+                "type": "change_summary",
+                "changes": {"add": 0, "change": 0, "remove": 0},
+            }
+        ),
+    ]
+)
+
+
+def _make_validate_error_json(
+    filename="main.tf", line=10, summary="Unsupported argument", detail="An argument named 'bad_attr' is not expected here."
+):
+    return json.dumps(
+        {
+            "valid": False,
+            "error_count": 1,
+            "diagnostics": [
+                {
+                    "severity": "error",
+                    "summary": summary,
+                    "detail": detail,
+                    "range": {
+                        "filename": filename,
+                        "start": {"line": line, "column": 1},
+                        "end": {"line": line, "column": 20},
+                    },
+                }
+            ],
+        }
+    )
+
+
+def _make_missing_provider_error_json(provider_name="kubernetes"):
+    return json.dumps(
+        {
+            "valid": False,
+            "error_count": 1,
+            "diagnostics": [
+                {
+                    "severity": "error",
+                    "summary": "Missing required provider",
+                    "detail": f"provider \"{provider_name}\" configuration not present",
+                    "range": {
+                        "filename": "main.tf",
+                        "start": {"line": 1, "column": 1},
+                        "end": {"line": 1, "column": 20},
+                    },
+                }
+            ],
+        }
+    )
+
+
+# ---------------------------------------------------------------------------
+# Tests: Successful correction on first attempt
+# ---------------------------------------------------------------------------
+
+
+class TestSuccessfulCorrectionFirstAttempt:
+    """Validation fails initially but succeeds after one correction attempt."""
+
+    def test_removes_unknown_attribute_and_passes(self, tmp_path):
+        """When an unknown attribute error occurs, the offending line is removed
+        and re-validation succeeds on the first attempt."""
+        # Create a .tf file with a bad attribute on line 3
+        tf_file = tmp_path / "main.tf"
+        tf_file.write_text(
+            'resource "aws_instance" "example" {\n'
+            '  ami = "ami-123"\n'
+            '  bad_attr = "should be removed"\n'
+            '  instance_type = "t2.micro"\n'
+            "}\n"
+        )
+
+        init_result = _make_completed_process(returncode=0)
+        # First validate fails with unknown attribute on line 3
+        validate_fail = _make_completed_process(
+            returncode=1,
+            stdout=_make_validate_error_json(
+                filename="main.tf",
+                line=3,
+                summary="Unsupported argument",
+                detail="An argument named 'bad_attr' is not expected here.",
+            ),
+        )
+        # Second validate succeeds after correction
+        validate_success = _make_completed_process(
+            returncode=0, stdout=VALIDATE_SUCCESS_JSON
+        )
+        plan_result = _make_completed_process(
+            returncode=0, stdout=PLAN_NO_CHANGES_JSON
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[init_result, validate_fail, validate_success, plan_result],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.init_success is True
+        assert result.validate_success is True
+        assert result.correction_attempts == 1
+
+        # Verify the file was corrected
+        content = tf_file.read_text()
+        assert "bad_attr" not in content
+        assert "ami" in content
+        assert "instance_type" in content
+
+    def test_adds_missing_provider_block_and_passes(self, tmp_path):
+        """When a missing provider error occurs, an empty provider block is added
+        and re-validation succeeds."""
+        tf_file = tmp_path / "main.tf"
+        tf_file.write_text(
+            'resource "kubernetes_deployment" "app" {\n'
+            '  metadata {\n'
+            '    name = "app"\n'
+            '  }\n'
+            '}\n'
+        )
+
+        init_result = _make_completed_process(returncode=0)
+        validate_fail = _make_completed_process(
+            returncode=1,
+            stdout=_make_missing_provider_error_json("kubernetes"),
+        )
+        validate_success = _make_completed_process(
+            returncode=0, stdout=VALIDATE_SUCCESS_JSON
+        )
+        plan_result = _make_completed_process(
+            returncode=0, stdout=PLAN_NO_CHANGES_JSON
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[init_result, validate_fail, validate_success, plan_result],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.validate_success is True
+        assert result.correction_attempts == 1
+
+        # Verify provider block was added
+        providers_file = tmp_path / "providers.tf"
+        assert providers_file.exists()
+        content = providers_file.read_text()
+        assert 'provider "kubernetes"' in content
+
+
+# ---------------------------------------------------------------------------
+# Tests: Correction after multiple attempts
+# ---------------------------------------------------------------------------
+
+
+class TestCorrectionAfterMultipleAttempts:
+    """Validation requires multiple correction attempts before succeeding."""
+
+    def test_succeeds_after_two_correction_attempts(self, tmp_path):
+        """Two different errors require two correction passes."""
+        tf_file = tmp_path / "main.tf"
+        tf_file.write_text(
+            'resource "aws_instance" "example" {\n'
+            '  ami = "ami-123"\n'
+            '  bad_attr1 = "remove me"\n'
+            '  instance_type = "t2.micro"\n'
+            '  bad_attr2 = "also remove me"\n'
+            "}\n"
+        )
+
+        init_result = _make_completed_process(returncode=0)
+
+        # First validate: error on line 3 (bad_attr1)
+        validate_fail_1 = _make_completed_process(
+            returncode=1,
+            stdout=_make_validate_error_json(
+                filename="main.tf",
+                line=3,
+                summary="Unsupported argument",
+                detail="An argument named 'bad_attr1' is not expected here.",
+            ),
+        )
+        # Second validate: error on line 4 (bad_attr2 is now on line 4 after removal)
+        validate_fail_2 = _make_completed_process(
+            returncode=1,
+            stdout=_make_validate_error_json(
+                filename="main.tf",
+                line=4,
+                summary="Unsupported argument",
+                detail="An argument named 'bad_attr2' is not expected here.",
+            ),
+        )
+        # Third validate succeeds
+        validate_success = _make_completed_process(
+            returncode=0, stdout=VALIDATE_SUCCESS_JSON
+        )
+        plan_result = _make_completed_process(
+            returncode=0, stdout=PLAN_NO_CHANGES_JSON
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[
+                init_result,
+                validate_fail_1,
+                validate_fail_2,
+                validate_success,
+                plan_result,
+            ],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.validate_success is True
+        assert result.correction_attempts == 2
+
+    def test_succeeds_on_third_attempt(self, tmp_path):
+        """Validation succeeds on the third (max) correction attempt."""
+        tf_file = tmp_path / "main.tf"
+        tf_file.write_text(
+            'resource "aws_instance" "example" {\n'
+            '  ami = "ami-123"\n'
+            '  bad1 = "x"\n'
+            '  bad2 = "y"\n'
+            '  bad3 = "z"\n'
+            '  instance_type = "t2.micro"\n'
+            "}\n"
+        )
+
+        init_result = _make_completed_process(returncode=0)
+
+        validate_fail_1 = _make_completed_process(
+            returncode=1,
+            stdout=_make_validate_error_json(
+                filename="main.tf", line=3,
+                summary="Unsupported argument",
+                detail="An argument named 'bad1' is not expected here.",
+            ),
+        )
+        validate_fail_2 = _make_completed_process(
+            returncode=1,
+            stdout=_make_validate_error_json(
+                filename="main.tf", line=3,
+                summary="Unsupported argument",
+                detail="An argument named 'bad2' is not expected here.",
+            ),
+        )
+        validate_fail_3 = _make_completed_process(
+            returncode=1,
+            stdout=_make_validate_error_json(
+                filename="main.tf", line=3,
+                summary="Unsupported argument",
+                detail="An argument named 'bad3' is not expected here.",
+            ),
+        )
+        validate_success = _make_completed_process(
+            returncode=0, stdout=VALIDATE_SUCCESS_JSON
+        )
+        plan_result = _make_completed_process(
+            returncode=0, stdout=PLAN_NO_CHANGES_JSON
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[
+                init_result,
+                validate_fail_1,
+                validate_fail_2,
+                validate_fail_3,
+                validate_success,
+                plan_result,
+            ],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.validate_success is True
+        assert result.correction_attempts == 3
+
+
+# ---------------------------------------------------------------------------
+# Tests: Failure after max attempts exhausted
+# ---------------------------------------------------------------------------
+
+
+class TestFailureAfterMaxAttempts:
+    """Validation still fails after all correction attempts are exhausted."""
+
+    def test_fails_after_max_attempts_with_uncorrectable_error(self, tmp_path):
+        """When errors cannot be corrected, fails after max attempts."""
+        tf_file = tmp_path / "main.tf"
+        tf_file.write_text(
+            'resource "aws_instance" "example" {\n'
+            '  ami = "ami-123"\n'
+            '  bad_attr = "remove me"\n'
+            "}\n"
+        )
+
+        init_result = _make_completed_process(returncode=0)
+
+        # Each validate returns the same error (correction removes line but
+        # new errors keep appearing)
+        validate_fail = _make_completed_process(
+            returncode=1,
+            stdout=_make_validate_error_json(
+                filename="main.tf",
+                line=3,
+                summary="Unsupported argument",
+                detail="An argument named 'bad_attr' is not expected here.",
+            ),
+        )
+        # After first correction removes line 3, subsequent validates still fail
+        # with a different uncorrectable error (no file/line info)
+        validate_fail_no_fix = _make_completed_process(
+            returncode=1,
+            stdout=json.dumps({
+                "valid": False,
+                "error_count": 1,
+                "diagnostics": [
+                    {
+                        "severity": "error",
+                        "summary": "Some complex error",
+                        "detail": "Cannot be auto-corrected",
+                    }
+                ],
+            }),
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[
+                init_result,
+                validate_fail,
+                validate_fail_no_fix,  # After first correction, new error with no file
+            ],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.validate_success is False
+        # Stopped after 1 attempt because the second error has no file info
+        # and cannot be corrected
+        assert result.correction_attempts >= 1
+
+    def test_fails_with_max_3_attempts_default(self, tmp_path):
+        """With default max_correction_attempts=3, stops after 3 attempts."""
+        tf_file = tmp_path / "main.tf"
+        # Write a file where the error line keeps being valid for removal
+        tf_file.write_text(
+            'resource "aws_instance" "example" {\n'
+            '  attr1 = "a"\n'
+            '  attr2 = "b"\n'
+            '  attr3 = "c"\n'
+            '  attr4 = "d"\n'
+            '  attr5 = "e"\n'
+            "}\n"
+        )
+
+        init_result = _make_completed_process(returncode=0)
+
+        def make_fail(line, attr):
+            return _make_completed_process(
+                returncode=1,
+                stdout=_make_validate_error_json(
+                    filename="main.tf",
+                    line=line,
+                    summary="Unsupported argument",
+                    detail=f"An argument named '{attr}' is not expected here.",
+                ),
+            )
+
+        # 4 failures: first 3 get corrected, 4th is returned as final failure
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[
+                init_result,
+                make_fail(2, "attr1"),
+                make_fail(2, "attr2"),
+                make_fail(2, "attr3"),
+                make_fail(2, "attr4"),  # This one exceeds max attempts
+            ],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.validate_success is False
+        assert result.correction_attempts == 3
+
+    def test_custom_max_attempts_respected(self, tmp_path):
+        """Custom max_correction_attempts value is respected."""
+        tf_file = tmp_path / "main.tf"
+        tf_file.write_text(
+            'resource "aws_instance" "example" {\n'
+            '  attr1 = "a"\n'
+            '  attr2 = "b"\n'
+            '  attr3 = "c"\n'
+            "}\n"
+        )
+
+        init_result = _make_completed_process(returncode=0)
+
+        def make_fail(line, attr):
+            return _make_completed_process(
+                returncode=1,
+                stdout=_make_validate_error_json(
+                    filename="main.tf",
+                    line=line,
+                    summary="Unsupported argument",
+                    detail=f"An argument named '{attr}' is not expected here.",
+                ),
+            )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[
+                init_result,
+                make_fail(2, "attr1"),
+                make_fail(2, "attr2"),  # Exceeds max_correction_attempts=1
+            ],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path), max_correction_attempts=1)
+
+        assert result.validate_success is False
+        assert result.correction_attempts == 1
+
+
+# ---------------------------------------------------------------------------
+# Tests: correction_attempts count is accurate
+# ---------------------------------------------------------------------------
+
+
+class TestCorrectionAttemptsCount:
+    """The correction_attempts field accurately reflects the number of attempts."""
+
+    def test_zero_attempts_when_validation_passes_immediately(self, tmp_path):
+        """No correction attempts when validation passes on first try."""
+        init_result = _make_completed_process(returncode=0)
+        validate_result = _make_completed_process(
+            returncode=0, stdout=VALIDATE_SUCCESS_JSON
+        )
+        plan_result = _make_completed_process(
+            returncode=0, stdout=PLAN_NO_CHANGES_JSON
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[init_result, validate_result, plan_result],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.correction_attempts == 0
+
+    def test_one_attempt_when_first_correction_fixes(self, tmp_path):
+        """correction_attempts is 1 when first correction resolves the issue."""
+        tf_file = tmp_path / "main.tf"
+        tf_file.write_text(
+            'resource "null_resource" "test" {\n'
+            '  unknown_field = "value"\n'
+            "}\n"
+        )
+
+        init_result = _make_completed_process(returncode=0)
+        validate_fail = _make_completed_process(
+            returncode=1,
+            stdout=_make_validate_error_json(
+                filename="main.tf",
+                line=2,
+                summary="Unsupported argument",
+                detail="An argument named 'unknown_field' is not expected here.",
+            ),
+        )
+        validate_success = _make_completed_process(
+            returncode=0, stdout=VALIDATE_SUCCESS_JSON
+        )
+        plan_result = _make_completed_process(
+            returncode=0, stdout=PLAN_NO_CHANGES_JSON
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[init_result, validate_fail, validate_success, plan_result],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.correction_attempts == 1
+
+    def test_attempts_count_matches_actual_corrections_applied(self, tmp_path):
+        """correction_attempts matches the number of correction loops executed."""
+        tf_file = tmp_path / "main.tf"
+        tf_file.write_text(
+            'resource "null_resource" "test" {\n'
+            '  bad1 = "x"\n'
+            '  bad2 = "y"\n'
+            '  good = "keep"\n'
+            "}\n"
+        )
+
+        init_result = _make_completed_process(returncode=0)
+        validate_fail_1 = _make_completed_process(
+            returncode=1,
+            stdout=_make_validate_error_json(
+                filename="main.tf", line=2,
+                summary="Unsupported argument",
+                detail="An argument named 'bad1' is not expected here.",
+            ),
+        )
+        validate_fail_2 = _make_completed_process(
+            returncode=1,
+            stdout=_make_validate_error_json(
+                filename="main.tf", line=2,
+                summary="Unsupported argument",
+                detail="An argument named 'bad2' is not expected here.",
+            ),
+        )
+        validate_success = _make_completed_process(
+            returncode=0, stdout=VALIDATE_SUCCESS_JSON
+        )
+        plan_result = _make_completed_process(
+            returncode=0, stdout=PLAN_NO_CHANGES_JSON
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[
+                init_result,
+                validate_fail_1,
+                validate_fail_2,
+                validate_success,
+                plan_result,
+            ],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.correction_attempts == 2
+
+
+# ---------------------------------------------------------------------------
+# Tests: Original errors preserved when correction fails
+# ---------------------------------------------------------------------------
+
+
+class TestOriginalErrorsPreserved:
+    """When correction fails, the remaining errors are reported accurately."""
+
+    def test_errors_from_final_validation_are_returned(self, tmp_path):
+        """After exhausting attempts, the errors from the last validation run
+        are returned in the result."""
+        tf_file = tmp_path / "main.tf"
+        tf_file.write_text(
+            'resource "aws_instance" "example" {\n'
+            '  attr1 = "a"\n'
+            '  attr2 = "b"\n'
+            '  attr3 = "c"\n'
+            '  attr4 = "d"\n'
+            "}\n"
+        )
+
+        init_result = _make_completed_process(returncode=0)
+
+        def make_fail(attr):
+            return _make_completed_process(
+                returncode=1,
+                stdout=_make_validate_error_json(
+                    filename="main.tf",
+                    line=2,
+                    summary="Unsupported argument",
+                    detail=f"An argument named '{attr}' is not expected here.",
+                ),
+            )
+
+        # 3 corrections + final failure
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[
+                init_result,
+                make_fail("attr1"),
+                make_fail("attr2"),
+                make_fail("attr3"),
+                make_fail("attr4"),
+            ],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.validate_success is False
+        assert len(result.errors) >= 1
+        # The final error should be about attr4
+        assert "attr4" in result.errors[0].message
+
+    def test_uncorrectable_errors_preserved_with_file_info(self, tmp_path):
+        """Errors that cannot be corrected retain their file and line info."""
+        tf_file = tmp_path / "main.tf"
+        tf_file.write_text('invalid terraform content\n')
+
+        init_result = _make_completed_process(returncode=0)
+
+        # Error that doesn't match any correction pattern
+        validate_fail = _make_completed_process(
+            returncode=1,
+            stdout=json.dumps({
+                "valid": False,
+                "error_count": 1,
+                "diagnostics": [
+                    {
+                        "severity": "error",
+                        "summary": "Completely unknown error type",
+                        "detail": "This cannot be auto-corrected at all",
+                        "range": {
+                            "filename": "main.tf",
+                            "start": {"line": 1, "column": 1},
+                            "end": {"line": 1, "column": 10},
+                        },
+                    }
+                ],
+            }),
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[init_result, validate_fail],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.validate_success is False
+        assert result.correction_attempts == 0  # No correction was possible
+        assert len(result.errors) == 1
+        assert result.errors[0].file == "main.tf"
+        assert result.errors[0].line == 1
+        assert "Completely unknown error type" in result.errors[0].message
+
+    def test_no_correction_when_error_has_no_file(self, tmp_path):
+        """Errors without file information cannot be corrected."""
+        init_result = _make_completed_process(returncode=0)
+
+        validate_fail = _make_completed_process(
+            returncode=1,
+            stdout=json.dumps({
+                "valid": False,
+                "error_count": 1,
+                "diagnostics": [
+                    {
+                        "severity": "error",
+                        "summary": "Unsupported argument",
+                        "detail": "An argument named 'foo' is not expected here.",
+                    }
+                ],
+            }),
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[init_result, validate_fail],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.validate_success is False
+        # No file info means no correction can be applied
+        assert result.correction_attempts == 0
+
+
+# ---------------------------------------------------------------------------
+# Tests: Syntax error correction
+# ---------------------------------------------------------------------------
+
+
+class TestSyntaxErrorCorrection:
+    """Tests for syntax error auto-correction."""
+
+    def test_trailing_comma_fixed(self, tmp_path):
+        """Trailing commas before closing braces are removed."""
+        tf_file = tmp_path / "main.tf"
+        tf_file.write_text(
+            'resource "null_resource" "test" {\n'
+            '  triggers = {\n'
+            '    key = "value",\n'
+            '  }\n'
+            '}\n'
+        )
+
+        init_result = _make_completed_process(returncode=0)
+        validate_fail = _make_completed_process(
+            returncode=1,
+            stdout=json.dumps({
+                "valid": False,
+                "error_count": 1,
+                "diagnostics": [
+                    {
+                        "severity": "error",
+                        "summary": "Invalid character",
+                        "detail": "trailing comma not allowed",
+                        "range": {
+                            "filename": "main.tf",
+                            "start": {"line": 3, "column": 18},
+                            "end": {"line": 3, "column": 19},
+                        },
+                    }
+                ],
+            }),
+        )
+        validate_success = _make_completed_process(
+            returncode=0, stdout=VALIDATE_SUCCESS_JSON
+        )
+        plan_result = _make_completed_process(
+            returncode=0, stdout=PLAN_NO_CHANGES_JSON
+        )
+
+        with patch("shutil.which", return_value="/usr/bin/terraform"), patch(
+            "subprocess.run",
+            side_effect=[init_result, validate_fail, validate_success, plan_result],
+        ):
+            validator = Validator()
+            result = validator.validate(str(tmp_path))
+
+        assert result.validate_success is True
+        assert result.correction_attempts == 1
+
+        content = tf_file.read_text()
+        assert ",\n  }" not in content
diff --git a/tests/unit/test_variable_extractor.py b/tests/unit/test_variable_extractor.py
new file mode 100644
index 0000000..08e8ca8
--- /dev/null
+++ b/tests/unit/test_variable_extractor.py
@@ -0,0 +1,405 @@
+"""Unit tests for the VariableExtractor."""
+
+import pytest
+
+from iac_reverse.models import (
+    CpuArchitecture,
+    DiscoveredResource,
+    ExtractedVariable,
+    PlatformCategory,
+    ProviderType,
+)
+from iac_reverse.generator import VariableExtractor
+
+
+# ---------------------------------------------------------------------------
+# Helpers
+# ---------------------------------------------------------------------------
+
+
+def make_resource(
+    resource_type: str = "kubernetes_deployment",
+    unique_id: str = "default/deployments/nginx",
+    name: str = "nginx",
+    provider: ProviderType = ProviderType.KUBERNETES,
+    platform_category: PlatformCategory = PlatformCategory.CONTAINER_ORCHESTRATION,
+    architecture: CpuArchitecture = CpuArchitecture.AARCH64,
+    attributes: dict | None = None,
+) -> DiscoveredResource:
+    """Create a sample DiscoveredResource for testing."""
+    return DiscoveredResource(
+        resource_type=resource_type,
+        unique_id=unique_id,
+        name=name,
+        provider=provider,
+        platform_category=platform_category,
+        architecture=architecture,
+        endpoint="https://k8s-api.local:6443",
+        attributes=attributes or {},
+        raw_references=[],
+    )
+
+
+# ---------------------------------------------------------------------------
+# Tests: No shared values produces no variables
+# ---------------------------------------------------------------------------
+
+
+class TestNoSharedValues:
+    """Tests that no variables are produced when values are not shared."""
+
+    def test_empty_resources_produces_no_variables(self):
+        """An empty resource list produces no variables."""
+        extractor = VariableExtractor()
+        result = extractor.extract_variables([])
+        assert result == []
+
+    def test_single_resource_produces_no_variables(self):
+        """A single resource cannot have shared values."""
+        resource = make_resource(attributes={"namespace": "default", "replicas": 3})
+        extractor = VariableExtractor()
+        result = extractor.extract_variables([resource])
+        assert result == []
+
+    def test_two_resources_no_common_values_produces_no_variables(self):
+        """Two resources with completely different attribute values produce no variables."""
+        r1 = make_resource(
+            unique_id="r1",
+            name="app-a",
+            attributes={"namespace": "alpha", "replicas": 1},
+        )
+        r2 = make_resource(
+            unique_id="r2",
+            name="app-b",
+            attributes={"namespace": "beta", "replicas": 2},
+        )
+        extractor = VariableExtractor()
+        result = extractor.extract_variables([r1, r2])
+        assert result == []
+
+    def test_two_resources_same_key_different_values_no_variable(self):
+        """Two resources with the same key but different values produce no variable."""
+        r1 = make_resource(
+            unique_id="r1",
+            name="app-a",
+            attributes={"environment": "staging"},
+        )
+        r2 = make_resource(
+            unique_id="r2",
+            name="app-b",
+            attributes={"environment": "production"},
+        )
+        extractor = VariableExtractor()
+        result = extractor.extract_variables([r1, r2])
+        assert result == []
+
+
+# ---------------------------------------------------------------------------
+# Tests: Value appearing in 2 resources produces a variable
+# ---------------------------------------------------------------------------
+
+
+class TestSharedValueExtraction:
+    """Tests that shared values are correctly extracted as variables."""
+
+    def test_same_value_in_two_resources_produces_variable(self):
+        """A value appearing in 2 resources for the same key produces a variable."""
+        r1 = make_resource(
+            unique_id="r1",
+            name="app-a",
+            attributes={"namespace": "production"},
+        )
+        r2 = make_resource(
+            unique_id="r2",
+            name="app-b",
+            attributes={"namespace": "production"},
+        )
+        extractor = VariableExtractor()
+        result = extractor.extract_variables([r1, r2])
+
+        assert len(result) == 1
+        assert result[0].name == "var_namespace"
+
+    def test_same_value_in_three_resources_produces_one_variable(self):
+        """A value appearing in 3 resources still produces exactly one variable."""
+        resources = [
+            make_resource(
+                unique_id=f"r{i}",
+                name=f"app-{i}",
+                attributes={"region": "us-east-1"},
+            )
+            for i in range(3)
+        ]
+        extractor = VariableExtractor()
+        result = extractor.extract_variables(resources)
+
+        assert len(result) == 1
+        assert result[0].name == "var_region"
+
+    def test_multiple_shared_keys_produce_multiple_variables(self):
+        """Multiple shared attribute keys each produce their own variable."""
+        r1 = make_resource(
+            unique_id="r1",
+            name="app-a",
+            attributes={"namespace": "default", "environment": "prod"},
+        )
+        r2 = make_resource(
+            unique_id="r2",
+            name="app-b",
+            attributes={"namespace": "default", "environment": "prod"},
+        )
+        extractor = VariableExtractor()
+        result = extractor.extract_variables([r1, r2])
+
+        var_names = {v.name for v in result}
+        assert "var_namespace" in var_names
+        assert "var_environment" in var_names
+
+
+# ---------------------------------------------------------------------------
+# Tests: Default is set to most common value
+# ---------------------------------------------------------------------------
+
+
+class TestDefaultValue:
+    """Tests that the default value is set to the most common value."""
+
+    def test_default_is_most_common_value(self):
+        """When only one value is shared (2+ resources), default is that value."""
+        r1 = make_resource(
+            unique_id="r1", name="app-a", attributes={"namespace": "production"}
+        )
+        r2 = make_resource(
+            unique_id="r2", name="app-b", attributes={"namespace": "production"}
+        )
+        r3 = make_resource(
+            unique_id="r3", name="app-c", attributes={"namespace": "staging"}
+        )
+        extractor = VariableExtractor()
+        result = extractor.extract_variables([r1, r2, r3])
+
+        # "production" appears in 2 resources, "staging" in 1 (not shared)
+        # The variable for "production" should have default = "production"
+        assert len(result) == 1
+        assert result[0].default_value == '"production"'
+
+    def test_default_with_equal_counts_picks_one(self):
+        """When values have equal counts, each variable gets its own value as default."""
+        r1 = make_resource(
+            unique_id="r1", name="app-a", attributes={"namespace": "alpha"}
+        )
+        r2 = make_resource(
+            unique_id="r2", name="app-b", attributes={"namespace": "alpha"}
+        )
+        r3 = make_resource(
+            unique_id="r3", name="app-c", attributes={"namespace": "beta"}
+        )
+        r4 = make_resource(
+            unique_id="r4", name="app-d", attributes={"namespace": "beta"}
+        )
+        extractor = VariableExtractor()
+        result = extractor.extract_variables([r1, r2, r3, r4])
+
+        # Both "alpha" and "beta" appear in 2 resources each
+        # Both should produce variables; each with its own value as default
+        assert len(result) == 2
+        defaults = {v.default_value for v in result}
+        assert '"alpha"' in defaults
+        assert '"beta"' in defaults
+
+
+# ---------------------------------------------------------------------------
+# Tests: Type expression matches value type
+# ---------------------------------------------------------------------------
+
+
+class TestTypeExpression:
+    """Tests that type expressions match the Python value type."""
+
+    def test_string_value_has_string_type(self):
+        """A string attribute value produces type = string."""
+        r1 = make_resource(
+            unique_id="r1", name="app-a", attributes={"namespace": "default"}
+        )
+        r2 = make_resource(
+            unique_id="r2", name="app-b", attributes={"namespace": "default"}
+        )
+        extractor = VariableExtractor()
+        result = extractor.extract_variables([r1, r2])
+
+        assert result[0].type_expr == "string"
+
+    def test_integer_value_has_number_type(self):
+        """An integer attribute value produces type = number."""
+        r1 = make_resource(
+            unique_id="r1", name="app-a", attributes={"replicas": 3}
+        )
+        r2 = make_resource(
+            unique_id="r2", name="app-b", attributes={"replicas": 3}
+        )
+        extractor = VariableExtractor()
+        result = extractor.extract_variables([r1, r2])
+
+        assert result[0].type_expr == "number"
+
+    def test_boolean_value_has_bool_type(self):
+        """A boolean attribute value produces type = bool."""
+        r1 = make_resource(
+            unique_id="r1", name="app-a", attributes={"enabled": True}
+        )
+        r2 = make_resource(
+            unique_id="r2", name="app-b", attributes={"enabled": True}
+        )
+        extractor = VariableExtractor()
+        result = extractor.extract_variables([r1, r2])
+
+        assert result[0].type_expr == "bool"
+
+    def test_number_default_format(self):
+        """A number default is formatted without quotes."""
+        r1 = make_resource(
+            unique_id="r1", name="app-a", attributes={"replicas": 3}
+        )
+        r2 = make_resource(
+            unique_id="r2", name="app-b", attributes={"replicas": 3}
+        )
+        extractor = VariableExtractor()
+        result = extractor.extract_variables([r1, r2])
+
+        assert result[0].default_value == "3"
+
+    def test_bool_default_format(self):
+        """A boolean default is formatted as true/false."""
+        r1 = make_resource(
+            unique_id="r1", name="app-a", attributes={"enabled": False}
+        )
+        r2 = make_resource(
+            unique_id="r2", name="app-b", attributes={"enabled": False}
+        )
+        extractor = VariableExtractor()
+        result = extractor.extract_variables([r1, r2])
+
+        assert result[0].default_value == "false"
+
+
+# ---------------------------------------------------------------------------
+# Tests: used_by lists all resources using the variable
+# ---------------------------------------------------------------------------
+
+
+class TestUsedBy:
+    """Tests that used_by correctly lists all resources using the variable."""
+
+    def test_used_by_contains_both_resource_ids(self):
+        """used_by lists both resource unique_ids that share the value."""
+        r1 = make_resource(
+            unique_id="ns/deployments/app-a",
+            name="app-a",
+            attributes={"namespace": "production"},
+        )
+        r2 = make_resource(
+            unique_id="ns/deployments/app-b",
+            name="app-b",
+            attributes={"namespace": "production"},
+        )
+        extractor = VariableExtractor()
+        result = extractor.extract_variables([r1, r2])
+
+        assert len(result) == 1
+        assert "ns/deployments/app-a" in result[0].used_by
+        assert "ns/deployments/app-b" in result[0].used_by
+
+    def test_used_by_contains_all_three_resource_ids(self):
+        """used_by lists all three resource unique_ids when value is shared by 3."""
+        resources = [
+            make_resource(
+                unique_id=f"ns/deployments/app-{i}",
+                name=f"app-{i}",
+                attributes={"environment": "prod"},
+            )
+            for i in range(3)
+        ]
+        extractor = VariableExtractor()
+        result = extractor.extract_variables(resources)
+
+        assert len(result[0].used_by) == 3
+        for i in range(3):
+            assert f"ns/deployments/app-{i}" in result[0].used_by
+
+    def test_used_by_excludes_resources_with_different_value(self):
+        """used_by does not include resources that have a different value for the key."""
+        r1 = make_resource(
+            unique_id="r1", name="app-a", attributes={"namespace": "production"}
+        )
+        r2 = make_resource(
+            unique_id="r2", name="app-b", attributes={"namespace": "production"}
+        )
+        r3 = make_resource(
+            unique_id="r3", name="app-c", attributes={"namespace": "staging"}
+        )
+        extractor = VariableExtractor()
+        result = extractor.extract_variables([r1, r2, r3])
+
+        # Only the "production" variable should exist (2 resources)
+        assert len(result) == 1
+        assert "r1" in result[0].used_by
+        assert "r2" in result[0].used_by
+        assert "r3" not in result[0].used_by
+
+
+# ---------------------------------------------------------------------------
+# Tests: generate_variables_tf output
+# ---------------------------------------------------------------------------
+
+
+class TestGenerateVariablesTf:
+    """Tests for the variables.tf file content generation."""
+
+    def test_empty_variables_produces_empty_string(self):
+        """No variables produces an empty string."""
+        extractor = VariableExtractor()
+        result = extractor.generate_variables_tf([])
+        assert result == ""
+
+    def test_single_variable_produces_valid_block(self):
+        """A single variable produces a valid Terraform variable block."""
+        var = ExtractedVariable(
+            name="var_namespace",
+            type_expr="string",
+            default_value='"production"',
+            description="Shared namespace value extracted from 2 resources",
+            used_by=["r1", "r2"],
+        )
+        extractor = VariableExtractor()
+        result = extractor.generate_variables_tf([var])
+
+        assert 'variable "var_namespace"' in result
+        assert "type        = string" in result
+        assert 'description = "Shared namespace value extracted from 2 resources"' in result
+        assert 'default     = "production"' in result
+
+    def test_multiple_variables_separated_by_blank_line(self):
+        """Multiple variables are separated by blank lines."""
+        vars_list = [
+            ExtractedVariable(
+                name="var_namespace",
+                type_expr="string",
+                default_value='"default"',
+                description="Shared namespace",
+                used_by=["r1", "r2"],
+            ),
+            ExtractedVariable(
+                name="var_replicas",
+                type_expr="number",
+                default_value="3",
+                description="Shared replicas",
+                used_by=["r1", "r2"],
+            ),
+        ]
+        extractor = VariableExtractor()
+        result = extractor.generate_variables_tf(vars_list)
+
+        assert 'variable "var_namespace"' in result
+        assert 'variable "var_replicas"' in result
+        # Two blocks separated by a blank line
+        assert "\n\n" in result
diff --git a/tests/unit/test_windows_plugin.py b/tests/unit/test_windows_plugin.py
new file mode 100644
index 0000000..1bd6935
--- /dev/null
+++ b/tests/unit/test_windows_plugin.py
@@ -0,0 +1,529 @@
+"""Unit tests for the Windows Discovery Plugin.
+
+Tests use mocks for the winrm session to avoid requiring actual
+Windows hosts for testing.
+"""
+
+import json
+from unittest.mock import MagicMock, patch
+
+import pytest
+
+from iac_reverse.models import CpuArchitecture, PlatformCategory, ProviderType
+from iac_reverse.scanner.scanner import AuthenticationError
+from iac_reverse.scanner.windows_plugin import (
+    InsufficientPrivilegesError,
+    WindowsDiscoveryPlugin,
+    WinRMNotEnabledError,
+    WMIQueryError,
+    WINDOWS_RESOURCE_TYPES,
+)
+
+
+# ---------------------------------------------------------------------------
+# Fixtures
+# ---------------------------------------------------------------------------
+
+
+@pytest.fixture
+def plugin():
+    """Create a fresh WindowsDiscoveryPlugin instance."""
+    return WindowsDiscoveryPlugin()
+
+
+@pytest.fixture
+def credentials():
+    """Standard test credentials."""
+    return {
+        "host": "192.168.1.100",
+        "username": "admin",
+        "password": "secret",
+        "transport": "ntlm",
+        "port": "5986",
+        "use_ssl": "true",
+    }
+
+
+@pytest.fixture
+def mock_session():
+    """Create a mock WinRM session."""
+    session = MagicMock()
+    return session
+
+
+def make_ps_result(stdout: str = "", stderr: str = "", status_code: int = 0):
+    """Helper to create a mock PowerShell result."""
+    result = MagicMock()
+    result.std_out = stdout.encode("utf-8")
+    result.std_err = stderr.encode("utf-8")
+    result.status_code = status_code
+    return result
+
+
+# ---------------------------------------------------------------------------
+# Authentication Tests
+# ---------------------------------------------------------------------------
+
+
+class TestAuthenticate:
+    """Tests for WindowsDiscoveryPlugin.authenticate()."""
+
+    @patch("iac_reverse.scanner.windows_plugin.winrm.Session")
+    def test_authenticate_success(self, mock_session_cls, plugin, credentials):
+        """Successful authentication creates a session."""
+        mock_session = MagicMock()
+        mock_session.run_ps.return_value = make_ps_result("WIN-SERVER01")
+        mock_session_cls.return_value = mock_session
+
+        plugin.authenticate(credentials)
+
+        mock_session_cls.assert_called_once_with(
+            "https://192.168.1.100:5986/wsman",
+            auth=("admin", "secret"),
+            transport="ntlm",
+            server_cert_validation="ignore",
+        )
+        assert plugin._host == "192.168.1.100"
+
+    @patch("iac_reverse.scanner.windows_plugin.winrm.Session")
+    def test_authenticate_http_no_ssl(self, mock_session_cls, plugin):
+        """Authentication with use_ssl=false uses HTTP."""
+        creds = {
+            "host": "myhost",
+            "username": "user",
+            "password": "pass",
+            "transport": "ntlm",
+            "port": "5985",
+            "use_ssl": "false",
+        }
+        mock_session = MagicMock()
+        mock_session.run_ps.return_value = make_ps_result("MYHOST")
+        mock_session_cls.return_value = mock_session
+
+        plugin.authenticate(creds)
+
+        mock_session_cls.assert_called_once_with(
+            "http://myhost:5985/wsman",
+            auth=("user", "pass"),
+            transport="ntlm",
+            server_cert_validation="validate",
+        )
+
+    def test_authenticate_missing_host(self, plugin):
+        """Missing host raises AuthenticationError."""
+        creds = {"username": "user", "password": "pass"}
+        with pytest.raises(AuthenticationError, match="host is required"):
+            plugin.authenticate(creds)
+
+    def test_authenticate_missing_username(self, plugin):
+        """Missing username raises AuthenticationError."""
+        creds = {"host": "myhost", "password": "pass"}
+        with pytest.raises(AuthenticationError, match="username is required"):
+            plugin.authenticate(creds)
+
+    def test_authenticate_missing_password(self, plugin):
+        """Missing password raises AuthenticationError."""
+        creds = {"host": "myhost", "username": "user"}
+        with pytest.raises(AuthenticationError, match="password is required"):
+            plugin.authenticate(creds)
+
+    @patch("iac_reverse.scanner.windows_plugin.winrm.Session")
+    def test_authenticate_connection_refused(self, mock_session_cls, plugin, credentials):
+        """Connection refused raises WinRMNotEnabledError."""
+        mock_session_cls.side_effect = Exception("connection refused")
+
+        with pytest.raises(WinRMNotEnabledError):
+            plugin.authenticate(credentials)
+
+    @patch("iac_reverse.scanner.windows_plugin.winrm.Session")
+    def test_authenticate_access_denied(self, mock_session_cls, plugin, credentials):
+        """Access denied during auth test raises AuthenticationError."""
+        mock_session = MagicMock()
+        mock_session.run_ps.return_value = make_ps_result(
+            stderr="Access is denied", status_code=1
+        )
+        mock_session_cls.return_value = mock_session
+
+        with pytest.raises(AuthenticationError):
+            plugin.authenticate(credentials)
+
+
+# ---------------------------------------------------------------------------
+# Platform Category and Resource Types Tests
+# ---------------------------------------------------------------------------
+
+
+class TestPlatformInfo:
+    """Tests for platform category and resource type listing."""
+
+    def test_get_platform_category(self, plugin):
+        """Returns PlatformCategory.WINDOWS."""
+        assert plugin.get_platform_category() == PlatformCategory.WINDOWS
+
+    def test_list_supported_resource_types(self, plugin):
+        """Returns all 13 Windows resource types."""
+        types = plugin.list_supported_resource_types()
+        assert len(types) == 13
+        assert "windows_service" in types
+        assert "windows_scheduled_task" in types
+        assert "windows_iis_site" in types
+        assert "windows_iis_app_pool" in types
+        assert "windows_network_adapter" in types
+        assert "windows_firewall_rule" in types
+        assert "windows_installed_software" in types
+        assert "windows_feature" in types
+        assert "windows_hyperv_vm" in types
+        assert "windows_hyperv_switch" in types
+        assert "windows_dns_record" in types
+        assert "windows_local_user" in types
+        assert "windows_local_group" in types
+
+    def test_list_endpoints_before_auth(self, plugin):
+        """Returns empty list before authentication."""
+        assert plugin.list_endpoints() == []
+
+    @patch("iac_reverse.scanner.windows_plugin.winrm.Session")
+    def test_list_endpoints_after_auth(self, mock_session_cls, plugin, credentials):
+        """Returns host after authentication."""
+        mock_session = MagicMock()
+        mock_session.run_ps.return_value = make_ps_result("SERVER")
+        mock_session_cls.return_value = mock_session
+
+        plugin.authenticate(credentials)
+        assert plugin.list_endpoints() == ["192.168.1.100"]
+
+
+# ---------------------------------------------------------------------------
+# Architecture Detection Tests
+# ---------------------------------------------------------------------------
+
+
+class TestDetectArchitecture:
+    """Tests for CPU architecture detection via WMI."""
+
+    @patch("iac_reverse.scanner.windows_plugin.winrm.Session")
+    def test_detect_amd64(self, mock_session_cls, plugin, credentials):
+        """Architecture code 9 maps to AMD64."""
+        mock_session = MagicMock()
+        mock_session.run_ps.side_effect = [
+            make_ps_result("SERVER"),  # auth test
+            make_ps_result("9"),  # architecture query
+        ]
+        mock_session_cls.return_value = mock_session
+
+        plugin.authenticate(credentials)
+        arch = plugin.detect_architecture("192.168.1.100")
+        assert arch == CpuArchitecture.AMD64
+
+    @patch("iac_reverse.scanner.windows_plugin.winrm.Session")
+    def test_detect_arm(self, mock_session_cls, plugin, credentials):
+        """Architecture code 5 maps to ARM."""
+        mock_session = MagicMock()
+        mock_session.run_ps.side_effect = [
+            make_ps_result("SERVER"),
+            make_ps_result("5"),
+        ]
+        mock_session_cls.return_value = mock_session
+
+        plugin.authenticate(credentials)
+        arch = plugin.detect_architecture("192.168.1.100")
+        assert arch == CpuArchitecture.ARM
+
+    @patch("iac_reverse.scanner.windows_plugin.winrm.Session")
+    def test_detect_aarch64(self, mock_session_cls, plugin, credentials):
+        """Architecture code 12 maps to AARCH64."""
+        mock_session = MagicMock()
+        mock_session.run_ps.side_effect = [
+            make_ps_result("SERVER"),
+            make_ps_result("12"),
+        ]
+        mock_session_cls.return_value = mock_session
+
+        plugin.authenticate(credentials)
+        arch = plugin.detect_architecture("192.168.1.100")
+        assert arch == CpuArchitecture.AARCH64
+
+    @patch("iac_reverse.scanner.windows_plugin.winrm.Session")
+    def test_detect_architecture_wmi_failure(self, mock_session_cls, plugin, credentials):
+        """WMI query failure raises WMIQueryError."""
+        mock_session = MagicMock()
+        mock_session.run_ps.side_effect = [
+            make_ps_result("SERVER"),
+            make_ps_result(stderr="WMI error", status_code=1),
+        ]
+        mock_session_cls.return_value = mock_session
+
+        plugin.authenticate(credentials)
+        with pytest.raises(WMIQueryError):
+            plugin.detect_architecture("192.168.1.100")
+
+
+# ---------------------------------------------------------------------------
+# Resource Discovery Tests
+# ---------------------------------------------------------------------------
+
+
+class TestDiscoverResources:
+    """Tests for resource discovery via WinRM."""
+
+    @patch("iac_reverse.scanner.windows_plugin.winrm.Session")
+    def test_discover_services(self, mock_session_cls, plugin, credentials):
+        """Discovers Windows services."""
+        services_json = json.dumps([
+            {"Name": "wuauserv", "DisplayName": "Windows Update", "Status": 4, "StartType": 3},
+            {"Name": "Spooler", "DisplayName": "Print Spooler", "Status": 4, "StartType": 2},
+        ])
+        mock_session = MagicMock()
+        mock_session.run_ps.side_effect = [
+            make_ps_result("SERVER"),  # auth
+            make_ps_result("9"),  # architecture
+            make_ps_result("false"),  # hyperv check
+            make_ps_result(services_json),  # services
+        ]
+        mock_session_cls.return_value = mock_session
+
+        plugin.authenticate(credentials)
+        callback = MagicMock()
+        result = plugin.discover_resources(
+            endpoints=["192.168.1.100"],
+            resource_types=["windows_service"],
+            progress_callback=callback,
+        )
+
+        assert len(result.resources) == 2
+        assert result.resources[0].resource_type == "windows_service"
+        assert result.resources[0].name == "wuauserv"
+        assert result.resources[0].provider == ProviderType.WINDOWS
+        assert result.resources[0].platform_category == PlatformCategory.WINDOWS
+        assert result.resources[0].architecture == CpuArchitecture.AMD64
+        callback.assert_called()
+
+    @patch("iac_reverse.scanner.windows_plugin.winrm.Session")
+    def test_discover_scheduled_tasks(self, mock_session_cls, plugin, credentials):
+        """Discovers scheduled tasks."""
+        tasks_json = json.dumps([
+            {"TaskName": "Backup", "TaskPath": "\\Custom\\", "State": 3},
+        ])
+        mock_session = MagicMock()
+        mock_session.run_ps.side_effect = [
+            make_ps_result("SERVER"),
+            make_ps_result("9"),
+            make_ps_result("false"),
+            make_ps_result(tasks_json),
+        ]
+        mock_session_cls.return_value = mock_session
+
+        plugin.authenticate(credentials)
+        callback = MagicMock()
+        result = plugin.discover_resources(
+            endpoints=["192.168.1.100"],
+            resource_types=["windows_scheduled_task"],
+            progress_callback=callback,
+        )
+
+        assert len(result.resources) == 1
+        assert result.resources[0].resource_type == "windows_scheduled_task"
+        assert result.resources[0].name == "Backup"
+        assert result.resources[0].attributes["task_path"] == "\\Custom\\"
+
+    @patch("iac_reverse.scanner.windows_plugin.winrm.Session")
+    def test_discover_hyperv_skipped_when_not_installed(
+        self, mock_session_cls, plugin, credentials
+    ):
+        """Hyper-V resources are skipped when role is not installed."""
+        mock_session = MagicMock()
+        mock_session.run_ps.side_effect = [
+            make_ps_result("SERVER"),
+            make_ps_result("9"),
+            make_ps_result("false"),  # hyperv NOT installed
+        ]
+        mock_session_cls.return_value = mock_session
+
+        plugin.authenticate(credentials)
+        callback = MagicMock()
+        result = plugin.discover_resources(
+            endpoints=["192.168.1.100"],
+            resource_types=["windows_hyperv_vm"],
+            progress_callback=callback,
+        )
+
+        assert len(result.resources) == 0
+        assert any("Hyper-V role not installed" in w for w in result.warnings)
+
+    @patch("iac_reverse.scanner.windows_plugin.winrm.Session")
+    def test_discover_hyperv_vms_when_installed(
+        self, mock_session_cls, plugin, credentials
+    ):
+        """Hyper-V VMs are discovered when role is installed."""
+        vms_json = json.dumps([
+            {
+                "Name": "TestVM",
+                "VMId": "abc-123",
+                "State": 2,
+                "MemoryAssigned": 4294967296,
+                "ProcessorCount": 4,
+                "Generation": 2,
+            }
+        ])
+        mock_session = MagicMock()
+        mock_session.run_ps.side_effect = [
+            make_ps_result("SERVER"),
+            make_ps_result("9"),
+            make_ps_result("true"),  # hyperv IS installed
+            make_ps_result(vms_json),
+        ]
+        mock_session_cls.return_value = mock_session
+
+        plugin.authenticate(credentials)
+        callback = MagicMock()
+        result = plugin.discover_resources(
+            endpoints=["192.168.1.100"],
+            resource_types=["windows_hyperv_vm"],
+            progress_callback=callback,
+        )
+
+        assert len(result.resources) == 1
+        assert result.resources[0].resource_type == "windows_hyperv_vm"
+        assert result.resources[0].name == "TestVM"
+        assert result.resources[0].attributes["vm_id"] == "abc-123"
+
+    @patch("iac_reverse.scanner.windows_plugin.winrm.Session")
+    def test_discover_local_users(self, mock_session_cls, plugin, credentials):
+        """Discovers local user accounts."""
+        users_json = json.dumps([
+            {"Name": "Administrator", "Enabled": True, "Description": "Built-in admin", "LastLogon": "2024-01-01"},
+        ])
+        mock_session = MagicMock()
+        mock_session.run_ps.side_effect = [
+            make_ps_result("SERVER"),
+            make_ps_result("9"),
+            make_ps_result("false"),
+            make_ps_result(users_json),
+        ]
+        mock_session_cls.return_value = mock_session
+
+        plugin.authenticate(credentials)
+        callback = MagicMock()
+        result = plugin.discover_resources(
+            endpoints=["192.168.1.100"],
+            resource_types=["windows_local_user"],
+            progress_callback=callback,
+        )
+
+        assert len(result.resources) == 1
+        assert result.resources[0].resource_type == "windows_local_user"
+        assert result.resources[0].name == "Administrator"
+
+    @patch("iac_reverse.scanner.windows_plugin.winrm.Session")
+    def test_discover_insufficient_privileges(
+        self, mock_session_cls, plugin, credentials
+    ):
+        """Insufficient privileges are captured as errors."""
+        mock_session = MagicMock()
+        mock_session.run_ps.side_effect = [
+            make_ps_result("SERVER"),
+            make_ps_result("9"),
+            make_ps_result("false"),
+            make_ps_result(stderr="Access is denied", status_code=1),
+        ]
+        mock_session_cls.return_value = mock_session
+
+        plugin.authenticate(credentials)
+        callback = MagicMock()
+        result = plugin.discover_resources(
+            endpoints=["192.168.1.100"],
+            resource_types=["windows_service"],
+            progress_callback=callback,
+        )
+
+        assert len(result.resources) == 0
+        assert len(result.errors) == 1
+        assert "Insufficient privileges" in result.errors[0]
+
+    @patch("iac_reverse.scanner.windows_plugin.winrm.Session")
+    def test_discover_wmi_query_failure(
+        self, mock_session_cls, plugin, credentials
+    ):
+        """WMI query failures are captured as errors."""
+        mock_session = MagicMock()
+        mock_session.run_ps.side_effect = [
+            make_ps_result("SERVER"),
+            make_ps_result("9"),
+            make_ps_result("false"),
+            make_ps_result(stderr="Invalid class", status_code=1),
+        ]
+        mock_session_cls.return_value = mock_session
+
+        plugin.authenticate(credentials)
+        callback = MagicMock()
+        result = plugin.discover_resources(
+            endpoints=["192.168.1.100"],
+            resource_types=["windows_feature"],
+            progress_callback=callback,
+        )
+
+        assert len(result.resources) == 0
+        assert len(result.errors) == 1
+        assert "WMI query failed" in result.errors[0]
+
+    @patch("iac_reverse.scanner.windows_plugin.winrm.Session")
+    def test_discover_empty_result(self, mock_session_cls, plugin, credentials):
+        """Empty PowerShell output returns no resources."""
+        mock_session = MagicMock()
+        mock_session.run_ps.side_effect = [
+            make_ps_result("SERVER"),
+            make_ps_result("9"),
+            make_ps_result("false"),
+            make_ps_result(""),  # empty output
+        ]
+        mock_session_cls.return_value = mock_session
+
+        plugin.authenticate(credentials)
+        callback = MagicMock()
+        result = plugin.discover_resources(
+            endpoints=["192.168.1.100"],
+            resource_types=["windows_local_group"],
+            progress_callback=callback,
+        )
+
+        assert len(result.resources) == 0
+        assert len(result.errors) == 0
+
+
+# ---------------------------------------------------------------------------
+# Error Handling Tests
+# ---------------------------------------------------------------------------
+
+
+class TestErrorHandling:
+    """Tests for WinRM-specific error handling."""
+
+    def test_winrm_not_enabled_error(self):
+        """WinRMNotEnabledError contains host info."""
+        err = WinRMNotEnabledError("myhost", "connection refused")
+        assert "myhost" in str(err)
+        assert "connection refused" in str(err)
+        assert err.host == "myhost"
+
+    def test_wmi_query_error(self):
+        """WMIQueryError contains query info."""
+        err = WMIQueryError("Win32_Processor", "invalid class")
+        assert "Win32_Processor" in str(err)
+        assert "invalid class" in str(err)
+        assert err.query == "Win32_Processor"
+
+    def test_insufficient_privileges_error(self):
+        """InsufficientPrivilegesError contains operation info."""
+        err = InsufficientPrivilegesError("Get-Service", "access denied")
+        assert "Get-Service" in str(err)
+        assert "access denied" in str(err)
+        assert err.operation == "Get-Service"
+
+    @patch("iac_reverse.scanner.windows_plugin.winrm.Session")
+    def test_no_session_raises_winrm_not_enabled(
+        self, mock_session_cls, plugin
+    ):
+        """Running PowerShell without session raises WinRMNotEnabledError."""
+        plugin._host = "testhost"
+        with pytest.raises(WinRMNotEnabledError):
+            plugin._run_powershell("Get-Service")