From d9ebdd6fbba31b5f3c2cbae90f650f183958660e Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Mon, 15 Jun 2026 23:24:41 +0900
Subject: [PATCH 01/22] Refresh README presentation

---
 README.md                  | 501 +++----------------------------------
 docs/odysseus-wordmark.png | Bin 0 -> 16877 bytes
 docs/odysseus.jpg          | Bin 45964 -> 53198 bytes
 docs/setup.md              | 425 +++++++++++++++++++++++++++++++
 4 files changed, 463 insertions(+), 463 deletions(-)
 create mode 100644 docs/odysseus-wordmark.png
 create mode 100644 docs/setup.md

diff --git a/README.md b/README.md
index 8eb85229b..dcf07f761 100644
--- a/README.md
+++ b/README.md
@@ -1,476 +1,65 @@
-# Odysseus
+<p align="center">
+  <img src="docs/odysseus-wordmark.png" alt="Odysseus" width="280">
+</p>
 
-> **Branch note:** `dev` is the default branch and contains the latest development changes, but it may be unstable. For the more stable curated branch, use [`main`](https://github.com/pewdiepie-archdaemon/odysseus/tree/main).
+<p align="center">
+  A self-hosted AI workspace for chat, agents, research, documents, email, notes, calendar, and local model workflows.
+</p>
 
-```
-───────────────────────────────────────────────
- ⊹ ࣪ ˖ ૮( ˶ᵔ ᵕ ᵔ˶ )っ  Odysseus vers. 1.0
-───────────────────────────────────────────────
-```
+<p align="center">
+  <a href="#quick-start">Quick Start</a> ·
+  <a href="docs/setup.md">Setup Guide</a> ·
+  <a href="CONTRIBUTING.md">Contributing</a> ·
+  <a href="ROADMAP.md">Roadmap</a>
+</p>
 
-![Odysseus](docs/odysseus.jpg)
+<p align="center">
+  <a href="https://repology.org/project/odysseus-ai/versions"><img src="https://repology.org/badge/vertical-allrepos/odysseus-ai.svg" alt="Packaging status"></a>
+</p>
 
-A self-hosted AI workspace -- meant to be the self-hosted version of the UI experience you get from ChatGPT and Claude. But with more jank and fun. Running on your own hardware, with your own data -- local-first, privacy-first, and no trojan.
+<p align="center">
+  <img src="docs/odysseus.jpg" alt="Odysseus interface">
+</p>
 
-[![Packaging status](https://repology.org/badge/vertical-allrepos/odysseus-ai.svg)](https://repology.org/project/odysseus-ai/versions)
-
-## Features
-  - **Chat** -- chat with any local model or API; adding them is super simple.<br>　<sub>vLLM · llama.cpp · Ollama · OpenRouter · OpenAI · GitHub Copilot</sub>
-  - **Agent** -- hand it tools and let it run the whole task itself.<br>　<sub>built on [opencode](https://github.com/anomalyco/opencode) · MCP · web · files · shell · skills · memory</sub>
-  - **Cookbook** -- Scans your hardware, recommends models, click to download and serve.. easy!<br>　<sub>built on [llmfit](https://github.com/AlexsJones/llmfit) · VRAM-aware · GGUF / FP8 / AWQ · fit scoring · vLLM / llama.cpp serving</sub>
-  - **Deep Research** -- multi-step runs that gather, read, and synthesize sources into a nice visual report.<br>　<sub>adapted from [Tongyi DeepResearch](https://github.com/Alibaba-NLP/DeepResearch)</sub>
-  - **Compare** -- a fun tool to compare models side by side. Test completely blind, no bias!<br>　<sub>multi-model · blind test · synthesis</sub>
-  - **Documents** -- YOU write the text, AI is there to assist, not the opposite.<br>　<sub>multi-tab editor · markdown · HTML · CSV · syntax highlighting · AI edits · suggestions</sub>
-  - **Memory / Skills** -- Persistent memory and skills, your agent evolves over time as it better understands you and your tasks!<br>　<sub>ChromaDB · fastembed (ONNX) · vector + keyword retrieval · import/export</sub>
-  - **Email** -- IMAP/SMTP inbox with AI triage built in: urgency reminders, auto-tag, auto-summary, auto-reply drafts, auto-spam.<br>　<sub>IMAP · SMTP · per-account routing · CalDAV-aware</sub>
-  - **Notes & Tasks** -- Quick notes with reminders, a todo list, and scheduled tasks the agent can act on.<br>　<sub>note pings · checklist · cron-style tasks · ntfy / browser / email channels</sub>
-  - **Calendar** -- Local-first calendar with CalDAV sync to Radicale / Nextcloud / Apple / Fastmail.<br>　<sub>CalDAV pull · .ics import/export · per-calendar colors · agent-aware</sub>
-  - **Works on mobile** -- looks and runs great on your phone, not just desktop.<br>　<sub>responsive · installable (PWA) · touch gestures</sub>
-  - **Extras** -- more to explore, happy if you give it a go!<br>　<sub>image editor · theme editor · file uploads (vision + PDF) · web search · presets · sessions · 2FA</sub>
-
-## Demo
-A full, hover-to-play tour lives on the landing page (`docs/index.html`).
-
-<details>
-<summary>Screenshots / clips</summary>
-
-### Chat & Agents
-![Chat & Agents](docs/chat.gif)
-### Deep Research
-![Deep Research](docs/research.gif)
-### Compare
-![Compare](docs/compare.gif)
-### Documents
-![Documents](docs/document.gif)
-### Notes & Tasks
-![Notes & Tasks](docs/notes.gif)
-
-</details>
+---
 
 ## Quick Start
 
-Defaults work out of the box: clone, run, then configure models/search/email
-inside **Settings**. Only edit `.env` for deployment-level overrides like
-`APP_BIND`, `APP_PORT`, `AUTH_ENABLED`, `DATABASE_URL`, or a pre-seeded admin password.
+> `dev` is the default branch and gets the newest changes first. Use [`main`](https://github.com/pewdiepie-archdaemon/odysseus/tree/main) if you want the more curated branch.
 
-On first setup, Odysseus creates an admin account (`admin` unless
-`ODYSSEUS_ADMIN_USER` is set) and prints a temporary password in the terminal.
-For Docker installs, the same line is in `docker compose logs odysseus`.
-Use that for the first login, then change it in **Settings**.
-
-Contributing? See [CONTRIBUTING.md](CONTRIBUTING.md) for setup, testing, and
-pull request guidelines.
-
-### Docker (recommended)
 ```bash
 git clone https://github.com/pewdiepie-archdaemon/odysseus.git
 cd odysseus
-cp .env.example .env       # optional, but recommended for explicit defaults
+cp .env.example .env
 docker compose up -d --build
 ```
-To include optional extras in the image (PDF viewer, Office extraction; includes AGPL PyMuPDF), build with `docker compose build --build-arg INSTALL_OPTIONAL=true` before `up`.
 
-Open `http://localhost:7000` when the containers are healthy. Docker Compose
-binds the web UI to `127.0.0.1` by default. If the port is taken, set
-`APP_PORT=7001` in `.env` and recreate the container. Set `APP_BIND=0.0.0.0`
-only when you intentionally want LAN/reverse-proxy access.
+Open `http://localhost:7000` when the containers are healthy. The first admin password is printed in `docker compose logs odysseus`.
 
-> **On Apple Silicon (M-series) Macs:** Docker can't reach the Metal GPU, so
-> Cookbook serves local models on CPU only. For GPU-accelerated model serving,
-> run natively instead — see [Apple Silicon](#apple-silicon) below.
+Native installs, GPU notes, Windows/macOS instructions, HTTPS, and configuration live in the [setup guide](docs/setup.md).
 
-### Native Linux / macOS
-```bash
-git clone https://github.com/pewdiepie-archdaemon/odysseus.git
-cd odysseus
-python3 -m venv venv
-source venv/bin/activate
-pip install -r requirements.txt
-python setup.py
-python -m uvicorn app:app --host 127.0.0.1 --port 7000
-```
-Requirements: Python 3.11+. Cookbook also needs `tmux` for background model
-downloads and serves. The app itself is lightweight; local model serving is the
-heavy part and depends on the model, runtime, GPU, and VRAM, so small hosts can
-connect to API or remote model servers instead. Use `--host 0.0.0.0` only when you intentionally want LAN/reverse-proxy access.
+## Features
 
-### Apple Silicon
-Docker on macOS cannot use the Metal GPU. For GPU-accelerated Cookbook on an
-M-series Mac, run Odysseus natively:
+- **Chat + Agents** — local/API models, tools, MCP, files, shell, skills, and memory.
+- **Cookbook** — hardware-aware model recommendations, downloads, and serving.
+- **Deep Research** — multi-step web research with source reading and report generation.
+- **Compare** — blind side-by-side model testing and synthesis.
+- **Documents** — writing-first editor with AI edits, suggestions, Markdown, HTML, CSV, and syntax highlighting.
+- **Email** — IMAP/SMTP inbox with triage, tags, summaries, reminders, and reply drafts.
+- **Notes, Tasks + Calendar** — reminders, todos, scheduled agent tasks, and CalDAV sync.
+- **Extras** — gallery/image editor, themes, uploads, web search, presets, sessions, and 2FA.
 
-```bash
-git clone https://github.com/pewdiepie-archdaemon/odysseus.git
-cd odysseus
-./start-macos.sh
-```
+## Demo
 
-It launches at `http://127.0.0.1:7860`. To expose it to your phone over a trusted LAN/VPN such as Tailscale, bind all interfaces:
-
-```bash
-ODYSSEUS_HOST=0.0.0.0 ./start-macos.sh
-# then open http://<tailscale-ip>:7860
-```
-
-The script also reads `.env` at startup, so `APP_BIND=0.0.0.0` and `APP_PORT`
-set there are picked up automatically without a command-line override each run.
-
-Keep `AUTH_ENABLED=true` (the default) before binding outside loopback. Do not
-expose this port directly to the public internet. To build a clickable app wrapper:
-
-```bash
-./build-macos-app.sh
-```
-
-<details>
-<summary>Cookbook, GPU, Ollama, and troubleshooting notes</summary>
-
-**Docker bundled services.** Compose starts Odysseus, ChromaDB, SearXNG, and
-ntfy. Odysseus and the bundled service ports bind to `127.0.0.1` by default, so
-they are reachable from the host but not exposed to your LAN/public internet
-unless you opt in.
-
-**Cookbook storage in Docker.** Downloads live in `./data/huggingface`
-(`~/.cache/huggingface` in the container). Cookbook-installed Python CLIs and
-serve engines live in `./data/local` (`~/.local` in the container), so they
-survive container recreation.
-
-**Remote servers.** In **Cookbook -> Settings -> Servers**, generate the
-Odysseus SSH key and add the public key to the remote server's
-`~/.ssh/authorized_keys`. From the host you can also run:
-
-```bash
-ssh-copy-id -i data/ssh/id_ed25519.pub user@server
-```
-
-**Docker GPU overlays.** CPU-only users can skip this section. Cookbook can
-only detect GPUs that Docker exposes to the container — if the host runtime or
-device passthrough is not configured, Cookbook sees the iGPU, another card, or
-CPU instead of your intended GPU.
-
-For NVIDIA, `scripts/check-docker-gpu.sh` diagnoses GPU passthrough and can
-optionally install the host runtime or update `.env`.
-
-```bash
-# Read-only diagnostic (default — installs nothing, never edits .env):
-scripts/check-docker-gpu.sh
-
-# Print OS-specific install commands without running them:
-scripts/check-docker-gpu.sh --print-install-commands
-
-# Install NVIDIA Container Toolkit on Ubuntu/Debian (requires sudo):
-scripts/check-docker-gpu.sh --install-nvidia-toolkit
-
-# Write COMPOSE_FILE to .env (only when GPU passthrough is confirmed working):
-scripts/check-docker-gpu.sh --enable-nvidia-overlay
-
-# Full assisted setup — install toolkit, then enable overlay if passthrough works:
-scripts/check-docker-gpu.sh --install-nvidia-toolkit --enable-nvidia-overlay
-```
-
-Safety notes:
-- The app never installs host GPU runtime automatically.
-- The app never edits `.env` automatically.
-- `.env` is only modified when `--enable-nvidia-overlay` is explicitly passed,
-  and only after GPU passthrough succeeds. `--yes` skips prompts but does not
-  bypass the passthrough gate.
-- `.env.bak.*` backups created by `--enable-nvidia-overlay` are ignored by
-  Git and the Docker build context.
-
-To enable manually without the script, add this to `.env`:
-
-```bash
-COMPOSE_FILE=docker-compose.yml:docker/gpu.nvidia.yml
-```
-
-**AMD / ROCm.** AMD setup is read-only diagnostic plus manual `.env` edit. Run:
-
-```bash
-scripts/check-docker-amd-gpu.sh
-```
-
-Then add the reported values to `.env`, replacing `RENDER_GID` with your host's
-numeric render group id:
-
-```bash
-COMPOSE_FILE=docker-compose.yml:docker/gpu.amd.yml
-RENDER_GID=989
-```
-
-For NVIDIA/AMD GPU support, also read the comments in the selected overlay file: docker/gpu.nvidia.yml or docker/gpu.amd.yml.
-
-**Stack-management UIs (Portainer, Coolify, Dockhand, etc.).** These tools
-often accept only a single Compose file and do not reliably honor `COMPOSE_FILE`
-or multiple `-f` overlays. CLI users should keep using the `COMPOSE_FILE`
-overlay workflow above. For stack UIs, point the stack at one of the standalone
-files instead, which bundle the base stack plus the GPU settings:
-
-- `docker-compose.gpu-nvidia.yml` — still requires the NVIDIA Container Toolkit
-  on the host.
-- `docker-compose.gpu-amd.yml` — still requires host ROCm/kfd/DRI setup, the
-  `video`/`render` group membership, and `RENDER_GID` when needed.
-
-The base `docker-compose.yml` plus the `docker/gpu.*.yml` overlays remain the
-source of truth; the standalone files mirror them for single-file deployments.
-
-Verify after enabling either overlay:
-
-```bash
-docker compose exec odysseus nvidia-smi -L   # NVIDIA
-docker compose exec odysseus sh -lc 'test -e /dev/kfd && test -d /dev/dri && ls -l /dev/kfd /dev/dri/renderD*'  # AMD
-```
-
-> **GPU passthrough ≠ llama.cpp CUDA.** `nvidia-smi` passing inside the
-> container confirms Docker GPU access, but llama.cpp also needs `cudart` and
-> the CUDA Toolkit at runtime. If Cookbook logs show `Unable to find cudart
-> library`, `Could NOT find CUDAToolkit`, `CUDA Toolkit not found`, or
-> tensors/layers assigned to CPU, that is a Cookbook/llama.cpp build issue —
-> not a Docker passthrough failure. Reinstall the serve engine via
-> **Cookbook → Dependencies** to get a CUDA-enabled build.
->
-> The same split applies to AMD/ROCm: seeing `/dev/kfd` and `/dev/dri` inside
-> the container confirms device passthrough, not ROCm userspace or a
-> ROCm-enabled vLLM/llama.cpp build. `rocm-smi` and `rocminfo` are not expected
-> inside the slim Odysseus image.
-
-**Ollama with Docker.** If Ollama runs on the host, add this endpoint in
-Settings:
-
-```text
-http://host.docker.internal:11434/v1
-```
-
-Ollama must listen outside its own loopback interface:
-
-```bash
-OLLAMA_HOST=0.0.0.0:11434 ollama serve
-```
-
-This connects Odysseus in Docker to an Ollama server that is already running on
-your host machine; it does not start Ollama inside the container.
-`host.docker.internal` is Docker's hostname for the host machine from inside the
-container. Cookbook **Serve** is a separate workflow for serving downloaded
-models through Odysseus/llama.cpp, so Windows users with an existing Ollama
-install usually only need to add the endpoint in Settings.
-
-**Useful checks.**
-
-```bash
-docker compose ps
-docker compose logs --tail=120 odysseus
-docker compose logs odysseus | grep -E 'ChromaDB|MemoryVectorStore|DEGRADED'
-```
-
-**macOS details.** `start-macos.sh` installs Homebrew deps, creates the venv,
-runs setup, and starts uvicorn on port `7860` because AirPlay often holds
-`7000`. It uses llama.cpp/Ollama for Metal. vLLM/SGLang are CUDA/ROCm-only and
-do not run on macOS. MLX-only models are not served by Odysseus.
-
-</details>
-
-### Native Windows
-
-**One-command launcher** (creates the venv, installs deps, runs setup, starts the
-server; safe to re-run):
-
-```powershell
-git clone https://github.com/pewdiepie-archdaemon/odysseus.git
-cd odysseus
-powershell -ExecutionPolicy Bypass -File .\launch-windows.ps1
-```
-
-Or do it by hand:
-
-```powershell
-git clone https://github.com/pewdiepie-archdaemon/odysseus.git
-cd odysseus
-py -3.11 -m venv venv
-venv\Scripts\Activate.ps1
-pip install -r requirements.txt
-python setup.py
-python -m uvicorn app:app --host 127.0.0.1 --port 7000
-```
-
-If `python` points at an older interpreter, use `py -3.12` (or another installed
-3.11+ version) for the venv step.
-
-**Requirements:** Python 3.11+. The core app (chat, agent, memory, documents,
-email, calendar, deep research) runs fully native. For full **Cookbook** background
-model downloads and the agent shell tool, also install
-[Git for Windows](https://git-scm.com/download/win) (provides `bash.exe`).
-Local GPU *serving* of vLLM/SGLang needs Linux/WSL2; for a local model on Windows,
-[Ollama](https://ollama.com/download) is the easiest path — point Odysseus at
-`http://localhost:11434/v1` in Settings.
-
-Open `http://localhost:7000`, log in with the generated admin password,
-and configure everything else inside **Settings**.
-
-## Troubleshooting & Advanced Setup
-
-### `chromadb-client` conflicts with embedded ChromaDB
-If `chromadb-client` (the lightweight HTTP-only package) is installed alongside the full `chromadb` package, Odysseus starts but ChromaDB silently falls back to HTTP-only mode and fails.
-
-**Fix:** uninstall `chromadb-client` and force-reinstall the full package:
-```bash
-./venv/bin/pip uninstall chromadb-client -y
-./venv/bin/pip install --force-reinstall chromadb
-```
-
-### HTTPS + LAN/Tailscale exposure
-To expose Odysseus on a local network or Tailscale with HTTPS:
-1. Change the bind address to `0.0.0.0` in `.env` (`APP_BIND=0.0.0.0` or `ODYSSEUS_HOST=0.0.0.0`).
-2. Generate a locally-trusted cert for your LAN/Tailscale IPs using [mkcert](https://github.com/FiloSottile/mkcert):
-   ```bash
-   mkcert -install
-   mkcert -cert-file cert.pem -key-file key.pem 192.168.1.100 tailscale-ip
-   ```
-3. Run `uvicorn` with the generated certs:
-   ```bash
-   python -m uvicorn app:app --host 0.0.0.0 --port 7000 --ssl-certfile=cert.pem --ssl-keyfile=key.pem
-   ```
-4. Install the `mkcert` CA on any other device you want to access Odysseus from (e.g., for iOS, email the `rootCA.pem` to yourself, install the profile, and trust it in Certificate Trust Settings).
-
-### Optional Dependencies
-`requirements-optional.txt` contains packages that unlock extra features. It is not installed by default.
-
-| Package | Feature unlocked |
-|---------|-----------------|
-| `faster-whisper` | Local speech-to-text (microphone -> text) via the "local" STT provider. |
-| `ddgs` | DuckDuckGo as a search provider option. |
-| `PyMuPDF` | PDF page rendering in the side viewer panel and form-filling. (Note: AGPL-3.0) |
-| `markitdown` | Office/EPUB document text extraction (converts .docx/.xlsx/.pptx/.xls/.epub to Markdown). |
-
-### Faster, reproducible installs with uv (optional)
-[uv](https://docs.astral.sh/uv/) works as a drop-in replacement for the
-venv + pip steps in the native install guides, no project changes are needed but this change results in faster installs along with a lockfile for reproducible environments. After [installing `uv`](https://docs.astral.sh/uv/getting-started/installation/), use:
-
-```bash
-uv venv venv --python 3.13
-uv pip install -r requirements.txt
-# then continue as usual: python setup.py, uvicorn, ...
-```
-
-`requirements.txt` is intentionally unpinned, so two installs at different times can produce different package versions. If you want a reproducible environment (e.g. across your own machines, or to roll back after a bad upgrade), snapshot and restore exact versions with:
-
-```bash
-uv pip compile requirements.txt -o requirements.lock   # snapshot current resolution
-uv pip sync requirements.lock                          # reproduce it exactly later
-```
-
-`requirements.lock` is gitignored and platform-specific (compile it on the OS you deploy to). Regenerate it deliberately when you want to take upgrades. The plain `uv pip install -r requirements.txt` keeps following the unpinned requirements like pip does.
-
-### Outlook / Office 365 email
-Odysseus email accounts currently use IMAP/SMTP username-password auth. Outlook
-and Microsoft 365 generally require OAuth instead, so normal Microsoft mailbox
-passwords will fail. See [docs/email-outlook.md](docs/email-outlook.md) for the
-current limitation and the planned integration direction.
-
-## Security Notes
-Odysseus is a self-hosted workspace with powerful local tools: shell access, file uploads, model downloads, web research, email/calendar integrations, and API tokens. Treat it like an admin console.
-
-- Keep `AUTH_ENABLED=true` for any network-accessible deployment.
-- Keep `LOCALHOST_BYPASS=false` outside local development.
-- Use `SECURE_COOKIES=true` when Odysseus is served through HTTPS by a trusted reverse proxy or private access gateway.
-- Do not expose it directly to the public internet without HTTPS and a trusted reverse proxy or private access layer.
-- Keep `.env`, `data/`, `logs/`, databases, uploads, generated media, backups, auth/session files, API keys, and model/provider tokens out of Git and private shares. They are ignored by default.
-- Review `data/auth.json` after first boot: disable open signup unless you intentionally want it, make only your own account admin, and keep demo/test accounts non-admin.
-- Non-admin users do not get shell/Python/file read/write by default, and admin-only routes/tools such as MCP management, API tokens, webhooks, model/cookbook serving, backup/vault, and app settings are admin-gated. Other features are controlled by per-user privileges, so review each user's privileges before exposing a deployment.
-- Rotate any API keys or tokens that were ever pasted into a shared chat, demo, screenshot, or log.
-- If you enable API tokens or webhooks, create separate tokens per integration and delete unused ones.
-- Prefer binding manual development runs to `127.0.0.1`; bind to `0.0.0.0` only when you intentionally want LAN/reverse-proxy access.
-- Keep ChromaDB, SearXNG, ntfy, Ollama, vLLM, llama.cpp, databases, and raw model/provider APIs internal-only. Expose only the authenticated Odysseus web/API entrypoint through your trusted proxy or private access layer.
-- Before publishing a fork, run `git status --short` and confirm no private files from `.env`, `data/`, `logs/`, uploads, backups, or local databases are staged.
-
-### Private or proxied deployments
-Odysseus serves plain HTTP on its app port. Docker Compose binds Odysseus and the bundled services to `127.0.0.1` by default, so a typical production/private setup is:
-
-1. Keep Odysseus on localhost, for example `127.0.0.1:7000`.
-2. Terminate HTTPS at a trusted reverse proxy or private access gateway.
-3. Put the authenticated Odysseus web/API entrypoint behind that layer.
-4. Keep raw service and model ports internal-only.
-
-Cloudflare Access, Tailscale, Caddy, nginx, and Traefik can all fit this pattern; none are required by Odysseus. If your access layer reaches Odysseus on the same host, proxy to `http://127.0.0.1:7000` and keep `AUTH_ENABLED=true`, `LOCALHOST_BYPASS=false`, and `SECURE_COOKIES=true`.
-`ALLOWED_ORIGINS` lists exact permitted origins for cross-origin browser/API clients; ordinary same-origin reverse-proxy access usually does not need a special CORS entry.
-
-Common internal-only ports from the default docs/compose setup:
-
-| Port | Service |
-|---|---|
-| `7000` | Odysseus raw app port |
-| `8080` | SearXNG |
-| `8091` | ntfy |
-| `8100` | ChromaDB host port for manual/compose access |
-| `11434` | Ollama |
-| `8000-8020` | Common local model/provider APIs |
+A full hover-to-play tour lives on the landing page: [`docs/index.html`](docs/index.html).
 
 ## Contributing
-Help is welcome. The best entry points are fresh-install testing, provider setup
-bugs, mobile/editor polish, docs, and small focused refactors. See
-[ROADMAP.md](ROADMAP.md) for the current help-wanted list.
 
-## Configuration
-Most setup is done inside the app with `/setup` or **Settings**. Use `.env`
-for deployment-level defaults and secrets you want present before first boot.
-Key settings:
+Help is welcome. The best entry points are fresh-install testing, provider setup bugs, mobile/editor polish, docs, and small focused refactors. See [CONTRIBUTING.md](CONTRIBUTING.md) and [ROADMAP.md](ROADMAP.md).
 
-| Variable | Default | Description |
-|---|---|---|
-| `LLM_HOST` | `localhost` | Your LLM server (e.g. `llm-host.local:8000`) |
-| `LLM_HOSTS` | -- | Comma-separated list for model discovery |
-| `OPENAI_API_KEY` | -- | Optional OpenAI key. Prefer adding providers in the app unless pre-seeding. |
-| `SEARXNG_INSTANCE` | `http://localhost:8080` | SearXNG URL. Docker overrides this to `http://searxng:8080`. |
-| `SEARXNG_SECRET` | generated on first Docker boot | Optional SearXNG cookie/CSRF secret. Leave blank unless you need to pin it. |
-| `APP_BIND` | `127.0.0.1` | Docker Compose host bind address for the web UI. Use `0.0.0.0` only for intentional LAN/reverse-proxy access. |
-| `APP_PORT` | `7000` | Docker Compose host port for the web UI. |
-| `APP_DATA_DIR` | `./data` | Docker Compose host directory for application data volumes. |
-| `APP_LOGS_DIR` | `./logs` | Docker Compose host directory for application logs. |
-| `AUTH_ENABLED` | `true` | Enable/disable login |
-| `LOCALHOST_BYPASS` | `false` | Development-only auth bypass for loopback requests. Keep false for shared/network deployments. |
-| `ALLOWED_ORIGINS` | `http://localhost,http://127.0.0.1` | Comma-separated exact permitted origins for cross-origin browser/API clients. |
-| `SECURE_COOKIES` | `false` | Set true when serving Odysseus through HTTPS at a trusted proxy or private access gateway. |
-| `DATABASE_URL` | `sqlite:///./data/app.db` | Database connection string |
-| `CHROMADB_HOST` | `localhost` | ChromaDB host for vector memory. Docker overrides this to `chromadb`. |
-| `CHROMADB_PORT` | `8100` | ChromaDB port for manual host runs. Docker overrides this to `8000`. |
-| `EMBEDDING_URL` | -- | OpenAI-compatible embeddings endpoint |
-| `ODYSSEUS_CHAT_UPLOAD_MAX_BYTES` | `10485760` | Chat/agent attachment cap in bytes. Raise for larger local PDFs or text documents. |
-| `ODYSSEUS_GALLERY_UPLOAD_MAX_BYTES` | `104857600` | Gallery image upload cap in bytes (100 MB). |
-| `ODYSSEUS_GALLERY_TRANSFORM_UPLOAD_MAX_BYTES` | `26214400` | Gallery transform input cap in bytes (25 MB). |
-| `ODYSSEUS_MEMORY_IMPORT_MAX_BYTES` | `10485760` | Memory import file cap in bytes (10 MB). |
-| `ODYSSEUS_PERSONAL_UPLOAD_MAX_BYTES` | `26214400` | Personal document upload cap in bytes (25 MB). |
-| `ODYSSEUS_EMAIL_COMPOSE_UPLOAD_MAX_BYTES` | `26214400` | Email compose attachment cap in bytes (25 MB). |
-| `ODYSSEUS_STT_MAX_AUDIO_BYTES` | `26214400` | Speech-to-text audio cap in bytes (25 MB). |
-| `ODYSSEUS_ICS_MAX_BYTES` | `10485760` | Calendar `.ics` import cap in bytes (10 MB). |
+## Security
 
-All upload-limit vars are validated (must be a positive integer) and optional; an invalid value fails fast at startup.
-
-### Built-in MCP servers (optional setup)
-
-Odysseus auto-registers a few built-in MCP servers at startup. The npx-based ones (currently the browser server, `@playwright/mcp`) only start when their npm package is already in the local npx cache. If a package isn't cached, that server is skipped with a startup log message explaining what to do, so a fresh install does not block on a multi-minute npm download or hang if Playwright system deps are missing.
-
-To enable the browser MCP (page navigation, screenshots, vision), run once:
-
-```bash
-npx -y @playwright/mcp@latest --version
-```
-
-That installs `@playwright/mcp` plus Playwright (~300MB total). Restart Odysseus and the server will register at startup.
-
-## Architecture
-```
-app.py                   # FastAPI entry point
-core/      auth, database, middleware, constants
-src/       llm_core, agent_loop, agent_tools, chat_processor, search/
-routes/    chat, session, document, memory, model … endpoints
-services/  docs, memory, search, hwfit (Cookbook) …
-static/    index.html + app.js + style.css + js/ (modular front-end)
-docs/      landing page (index.html) + preview clips
-```
-
-## Data
-All user data lives in `data/` (gitignored): `app.db` (sessions, messages, documents),
-`memory.json`, `presets.json`, `uploads/`, `personal_docs/`, `chroma/`, `settings.json`.
-
-To back up or restore everything in `data/`, see the
-[Backup & Restore guide](docs/backup-restore.md).
+Odysseus is a self-hosted workspace with powerful local tools. Keep auth enabled, keep private data out of Git, and do not expose raw model/service ports publicly. Deployment details are in the [setup guide](docs/setup.md#security-notes).
 
 ## Star History
 
@@ -483,19 +72,5 @@ To back up or restore everything in `data/`, see the
 </a>
 
 ## License
-AGPL-3.0-or-later -- see [LICENSE](LICENSE) and [ACKNOWLEDGMENTS.md](ACKNOWLEDGMENTS.md).
 
-```
-                                  |
-                                 |||
-                                |||||
-                  |    |    |   |||||||
-                 )_)  )_)  )_)   ~|~
-                )___))___))___)\  |
-               )____)____)_____)\\|
-             _____|____|____|_____\\\__
-             \                       /
-       ~^~^~~^~^~~^~^~~^~^~~^~^~~^~^~~^~^~~^~^~
-               ~^~  all aboard!  ~^~
-       ~^~^~~^~^~~^~^~~^~^~~^~^~~^~^~~^~^~~^~^~
-```
+AGPL-3.0-or-later -- see [LICENSE](LICENSE) and [ACKNOWLEDGMENTS.md](ACKNOWLEDGMENTS.md).
diff --git a/docs/odysseus-wordmark.png b/docs/odysseus-wordmark.png
new file mode 100644
index 0000000000000000000000000000000000000000..dce21eb660d1a77868c4872dda95a021645f958c
GIT binary patch
literal 16877
zcmc#*WmjBHw>-GRkl^kF2=49#CqaX|69|L5ySux)OK=NLaCdiizdY}sxL;<@n(6Mf
zS9j0u+EvvP@?HKL3L+jN001abl46Pg01^1{Yz`0m@hY(E|M4bVFC`|d?7VcU?c}bk
zawmA-e#qY*C-41T6ovh!@Fxf)ER22v(^__{p*pYqdP+;%(t<TiE8gOJvxdMQ4K3nI
z%AYc1wB&YwKR}_+;=&%$+;P6oY9yk=eV%#!?>^J+oF7}r7aHLcg=92|@c++)zaYf~
z@kvT`KKQ>dHefG1#o&)k#>gOm+DuRLhXzv}1Sr6{mHS8b`wy1*|Dp`RX_MOg1=JG(
zjS3zTKERs8!YMS6&6fOE4EB?-y)`uT4*CC@EzKSZ9mG=ZJl!7Kio_eBhXmWsOIun%
z013jlNuOg06sZpa{U|7E6G?KAMDBQ<_yB+j$pl?ICFNmb6$ynU))~oAD=0h}8Zd%o
zg}h%7*}jZe_d4H3G06DRAqPgFG&pexXCtBz_QhbXUwX{$TMTx8?t&n|+Pe15lE8-s
z9P}JN`=MABZ*s@X|2c5NV*f49FEYiN5z~lHn*>TJIQR&Y#=tCtT!ZB|iA#2Uyuj;3
zthIE?)}ux%iXk!!{;mk%O|Ws{$dR1$Z7G2~c<!z%C9{m&ZFg)(IwZ0+PfbX#^HW$s
zai5l^mH{*NT77cZQF^3BpdHh<8xnEUj|uG~S%4q~gi4o$wuFvQmu`%vmU#k1bPbyz
zNWw=^c_D!w1bLevzn|$7=K-K-p;$d|<yzmu4`?6Q0P%2l@Zd#KdqJ5KPla1;<u9+Z
zdAVzsGkWy@b_#PabwJ7GWv%hN<Af=Z3#}BL+GttL@)um;Xw*~@`OvFy95b{c$?Kca
zRy-P}f{q7Ck%MGux7*QnW5Woe8So#fpG9a;POjt6Z?Z9d80;TA5Z&+hH;f&7GC+tb
z;R=dUD%LS+WY$?IV_J$$40)~HpeKx=MPtd=@+&kcz|ud!SQF$WWRoYoYx(^PifYlc
zhGEnEj<SkQr=pH)x0I5qSqe)pL1ZI8L3Q#i*`OcJ0{s8BICHRF^0<5kt!ASkoX2L3
zX;G^3k!=Gi91LKz-F?fz$*k8DbxGw{$#We*Pb>85Cn7O=&Z>7g(|pES4-P;j*Sl%Q
zkZYC4*du<voce>=X>4qr&)n#S4yATf$bQ<xwGqzE;A4Z%cK0+f!Lmv%j`H6sbRGLo
z2mxD54VFy2%s+C-F^Rvk^}_?d{dk3OqQ_Lx0HN<f!hXG%6mWf8-Ys}EAYl#dzE+yg
zf*Ay#y@H~{qM=Fg(b2hG#l&_F%1cA%-|KDmWr`55@0qytsd7R1{LBT>E5xJd%+0gn
zOwo{66LDhjpD0$SUUUk}IF1wUq@+llv^r6}hy*-yvLsf^{vBpRc#C;QhZXt=4Kh(N
zGztPBJSa*(&1n^cjjX9fOi2g`fcXoB`{<cVm|{SzFQ<XW>(<;Fr_J?ezu0v%XUB5|
z&BCx+2~KNk6Tx+IgN@j2FJq0%)1RBG392bFbSqv#Wp5$tQh95kSg@#K+}zw3tJ+Q}
z$kMy`4)WAgZFtyF6Qn%7grCV;$}E{-{doV1U2tVqexe}(gviNr3t#NV({)j#3rZ?D
zosIjF=hq3?&)zpwd7VE|LcCZ~BqOi1p0*7oou?q68wLE_ISgfV|CT;IYYd>vpL?}a
zNUKc_5R)00S+ohb^1F~w!%+u`b?PaX_?<FfqrkKC!})+FaMCG4M05z*E!q~XBzW30
ztAgBH6DDO7e-f{+y=OY!d+kz`m{s9_mBy>x@mYJ#x*>yOj=`AUVn4q|2xtDJ=LTJG
z-K}Y<n|)WjNMRq7vv7di&~0L!ge<ZPssrlk>=)N=TU$Z}mSD6!!gJKe?Jcwj{tLx%
zg;P+PT1~*XaoKD~7?Fq?9YcKCw?5UD5fwM(>0IgC@Qo|KK1UkA>7Mf%)cW4OB{&gU
z<Z8TV^k<36mm4eUf`rw!7QWlQP6aHi^y2a+tm6dfPUueWzQ0g`UsFM!lX@K2mT5k(
zb0@nQdgc7#Xy06mFl1OWWU2@S^F?IxCd^occk_<yxbTl&g7p$P`hLlx<f;--Q@{*x
zRx{d<%A7nU{)_iHw~>A7Cb)+q!Z%~oM&u_(YJNMN7$D|I@CSgyQ%5ptYB+-zsI@s7
z3=L{I!@ju#_%C9hrB=7QRBH$!yc33)?yeb;gasO!{BKVv?v+JedNz%5bK33omyzsr
zRIje|hQIzaFeLRas2kQLq|=VBw>~7HptW_JH#ISbK@3SLUfzdHzYT%d;Sc}Vi6hXH
zfshH%p{x^KEuzqLqdMsM)pPjeeDmbs6Sw{IFPq7<a^s9Z_}t*d1d!Y3E%)Wz@w;mJ
zLdOGSkC)Am9Ch-1G4Y|f-TmnSB3G+yosx9z<LV#KA{5I*Y_L<})3*`@;0x-w!oREa
zKS_QT#W_sce}V)ksNu)r`~uti948iIbFZsT7BAUgf7jqnrjB5DJno&8Bv{Skprf<5
zIq6+U>WyE1hD;}(ACTkuIl~2Y1RcBKn%KA!rDq#FdO9@)0U{ebbQ~gKlk<fhCM{Hg
zBy*TZz19@{nNbk6JZ1aJpC1bXNLt+}S)t9?iN8q3R<~+lh-hUf%Ie{flfX-&hNb6B
znh7+lfQx0bmVfY;q+FTa9lS<YNuQ25UW~Xoz6^y;r1Z$%OxE}j|2vx9w<c~_8nn-#
zhNBd`-MNz+_^HSRj1|RlIFL!$hoy40yH%w~k?M>3-9CM9kgcpNZc^QuSKU7wYiTsK
zd)h@Qz>;C`qLsRkIp!~DV8;ZbD<m_juFKWlBOu5SVG{D@sQs4gbnf&fl8EU4R`vbJ
z7@D;1PkQ4pkEM&xAF6k0smp@tNA3Z%_2!P{Gw>|rvw`Snv`8<3Jl-t=iUJYte<Mhm
zbv}4!6TvoojBpd5Q`uHs$n(FRtS*ZKXr|hq>7e$^1fc;*2~cSb0{=M<`m%?6R&;f~
zUL4Izwj!<;+v(S)<dNa8iD{-_JNdH_$z|Idl6Rc`1sHm49q^&D<P)-3zP5jUN1yyW
zEFje0+e#S~tdKlG_q9z|OYb|HpTu#VTFJ`O?-naehrO%Zqtcf$@qna%My7;<sVN_U
z+s`4IL7m^woS6;G%no1$2hh;e5~C7ynPT&Mm~!UXwlC@zftbD_L5m1YF8ugawJrhG
z2mvI<<?mUTABJ+L&85T79v_m`Eg}HQqVnyRMf;Ftk^lBdt8`c)0fT9e>qumHR6=NE
zf2Wdqiqn4$bkqo=9zFPZ{hkkIQ_*mXSlyJKkK<ykBPxfNFPT{;`4gO6_6zIO@~>pw
zf?r~e%|E8#<?dwY{QZ2e8!Z!uXRDxKC@;&Twtm~?kLg~8u1D3tYpVU_e8{vw+A^a#
z(X^ofz_(Es)idU(2~%BlVokdGZTjr#Y;En8*s3LRz_^Zfgq7OsTAVo0l39QTlEma5
zzu8&pYOo+ipo7`n;;t>p54_l<)$wqBUld8-sjBK4+0E=)MXzr^4DX%Jt~aqo+53%i
zsH<^fQd0qS*m&LbvS)lfi?8-Y!yF0MEU>Z9s;`(t>Xe*ZqVwY5f_eN<g_gY4^v|u#
z4+oWQLC14v(}7(i%QmZs)5Wy(&5^jGcf-lS_yXB`sj(pefpfu;f!e{<8;`?$b7DRY
zla-M*us(Ejs@?X(OI0ThU4J9q8|gVdpVeh9^LC=d6I>sB0~`PZjTo;xo{f&vp%VY}
zd^M5E6W|+oV+tc6lt$L(Pw@W)5uBb*kW9!bX{=njW;e-(6<r7b;Y_eX@E_@!cl-6F
zC^8~abv|`0*!YQ7XkXs&mm{NK15dfv?*pMmKQH;twg}36<0F^u!kc<}t9dd65e^Po
z$J%J7_cwu8;&tbD(dSPuP@i3T6?~%wIlj0IEpem$LYOdv>f`g;HpLHGfd?Xj!!rkC
z;*3Ylqaq{IMjgj0%#%D}_3P@tN3VhY*miFjo-1Trs^^D9VQ7d5569O%QI0KlJRIh&
zkEV38FX#nhrihUG-Ube$MDf|4ydFAv^()AZvaE3GO|<C}d%YdZqkX+d^Z}&?9ui@s
z*S{WOk24Z-K2~7mclmseQ+S}RBYM~y5RW>aq)G6BRFuhlA7Him>q;NBUNdpaE@FiQ
zgBSkeI8(#*WYuloy<ZOT>r?blJS!YpTGMU7e5B{&MQnwzgwj_9=@O-v&y(T^Ifu_1
z@fce|@~Cgu{^)4W<}>`|^3>b16jYRkUGUR5`an^*kZ=`s6s`?~ci>@}w(%JgB)~?+
zV#2Z&y{W9<Z4S$=uEtuFl$23mw)EGr-S$V#_5(QE?$a~<qh8O90zAa&X$S<V{_Ea7
zKG!#^77#E|;@c+5?x=~f+?|(aNF6+=@)-d_80w{ANvQGo6}&q|wV^xjLnd43kAlYU
zTCE`YQ_<}UKV{>y|7w(=lZDXFKAfCwTy(1SvtweHm+x5<j<KW+`aP9Jx_s;;ZE1SA
z06;m=C->xXsRT#v?w+gRcJ321DLOBBH)`#b!Jttr;8G}rl!_W!vti4qqX>V0d)#qX
zvX6F$8fAv<5q>yn*%O(x&NVB@Vu3u;&Wj?3O$p;vADt{|q}3VOk#65qC7k2Ddh~n3
zKO45kyJk6hrOuE^YTDi-TAtJKa0A^(+=LY;LL$dchwv#pBFm>cM|43xo4JscZe$wg
zPn8Q|`5|?L?Q6kQnwq-q=)?sC0V6~V4k-QQ?SY2assABn|6M;kgO|1POwYq5*Kok6
zTAlHuc&cHxRa&S__@U~`-qb>ykyjK70O;^Ef}L)6M|$m~_5AqR&5ex@injW+@HhZ9
zNYS0+`t2?$r?Bur@rMryF5rEDk0tO@_6My(ZP=)^agDcMki`0LZ`7}NbpOb_r1J{2
zJx(G+;7nNe?QhbVB|I4pB<XGu+Sdo0>h6Wgr!OTX3?1oNNr?2E*vB))Ic2B<ts&id
zB=ZFYn>Iz`?u*5WaH_MK+VG^pEFW8EeTp*|G{GWkW^#AJ{;FFP<yn+xo*U=|YGH*3
z0l+O1qW-A^hWaQahTJ^FwGgS2H5LS*RYf~~L`<+0bXjn78KE4VKPmiUmWWZ*utnwW
za)(!d96_Xi7H6Jrqz-l8gt)9`(V{n^|3a!}bpThHwmq7SSWUxR({*WX(F1N}+}@;m
z4TPu9aywjA*@5`dko8^Kiq8%2aQN?7=J?o!FaWSV-{?l;5G+L<hp<T7m=t2|WVD+z
zCqV#r(`Ft}w}II?tGTdgY<QoQ=64e+@H6cu>$N4Lew%dW2ZWI3ymA{itH-)DlANE&
z*`3nkBLA<wy0NpvwQDzv8K(5Qg6WuMLF~w^)xb|Hj**<>l%QI=VK7MK%hWt0Sk^si
zk|#lWz}{U;NbiMCsnF}9`|cMbaE(KJ#pFmDM%8|ry{OmWtw>M7gzaSISm6eXqO(Bv
zHGP_jMJAMGd~YwEzN~^KkGbDdqus`P5{Hd~%DP&rjGZ|e-_zsNE9)cLh@9=2l7?O*
z?QrB&Px**2as@)cNUw}*y?Wsi*YY{*JRd_>S{b-5?K(JpS%AzewUo1T2C6faWBXux
zxk-l|FTzMp4rMGx@d(+N1n@SCQ}{~9JTn*nJ3rctDhM7ZUa(@=Yq1Uf2TIUXa_FW5
z_f3Cx{dc%YJmGiR##1!?v=vETbv8WwvRJpOLk++BSu{|v$^IdEAm-v0pkLY&^E`v7
z>$RSvOO`TGRz7(k9xpNhob-kA6Ne(C^wG;>78>c2IH9gZTKDAtoO`>JM^0GRebsnh
zr!0ANc~&Q&Lq9!Uce9?#{$mG=oLUe=#|8jpN(xmxy2`)(bLephm)c)r_w0r)4pLQQ
z6tC^njf1al&-tA$qW{>%!j4Z3Cg1_y@0kKMNACIpS;%rfd90_F^(B;`H4Q!7PBxm}
zms*cSsl`+H*G+MS4|GzwP9uVXqBOef*L?NKiFKUzW}@b0Y%(D#A#~69K+|6vvF1U^
zkyljEJ*{=W6{aR!w00gI&~zC;PDPXXk5c&jIVd98Z9RHN9j`!>Sdd7t_DDqMA3EbI
zc{2(OWvc=0;hX^n5PW^>^^H!=OiL?l5vQ2gPzZ=9$%jo7@n+UzW1`slN0K2QXruCY
zQvMo*TO@C>3)ZdB$}#3GnJ{3`cUEs3%K1B*`$@oH0>3ADN>Tw;-ZQq$oOreEE<{^B
z1;0)7S7>2HRu<P)(?Dan8$wvx+u{jtM2(@E$&>utinHtr*9LL57<pbEb?n!SkovU0
z=Hd<P>Lhvs9$9*KnNPLkaEV2G`-B^VaoZ=uS7F2_kEac!?@zzG=BXoJimD4+F3#P&
z+~5|%U>YAf1xWQzSP0fS`Pc=MlmgQ~+Iubkd2PrcZWr80GYnc`Ia%wb7M(s9b`>3k
z@(U8^q3R84^?ZF6bUbyQmipnacJDM<f7_eU*>?GQNnW=2&&#OqU|@4D9~4WIKvBy?
zu1Sjkt>ZV%d4n3IH#>ms=ER^dHncbQ&1LZ~n%CmX(uLDH&c&)v`#Vi(DecR_JpK8_
zLzdtQWRnS6TeUv(@?=mV@+4jS{p`{o?7AANI6gAC-)b)uW_VV#vElC)OZ=jimX<kb
zlaeC)Rcuy;2S7z6tAe^^QwmHtWBr59arOLfZBEG|l&gOw5;$@mu1|2cM!cre2{Oy_
zSUaZ>k-7f=(K0`6&t_U0>&Fwz%rzI^l2_<mxqPBSsf%Ru`|Ps@p9qo|tsx*-6+S2z
zG&O<t?3NaIXw=Ll?aHO7yHi)gl`Ailx>hZAKJM+pYc?=U5psZv%9hc>^)mi;lE=&!
zsQIt?h3mvP>1{tHqQQmFMSHvHuWt*R#_sp;&hvNoW#taDvh&Sl=iay)1uV(W+|91f
z$u?Hrzn_60^LmX4Fiir8rL@q;y_?`!&o;wl{J6KbGp27cY0bal3|bWXCT2jmD9d2j
zL;H`C=hNg*cj(#Q{S~&b_wOX(-d#A$hO+%7_kDlOEi5d$)E<sTP+hDev~sq2y7s_}
z-2Iq*<bfvZgbYa$$1N64mCcKF@}Z{!DaYxI3WU$F4`FAUh?XA4nv&PfI(HpBMR}2j
zK!jH1*=K^((fg~2h>)x<$2i?eoi)T!zt}NP9-5^g%9EMQ5G5fkDZ80!mrv`6`-SK7
zsbJe7rUJF|#zB&u3<{Gwh13zpi7V0PHxx)!#a6RY>)u7yaDPT}smF<f1!k>w&(S{v
z-|Cb>&sJok$864OBD^%A(^Q2wXY1%3mq8y9Gj{jHV=P|2xIeAr7M)-HFqcR^bwmt_
z#Nv~L5WTkl)E^9aLWYk1@KPO*zz#?b5U|@z)O!PfGK=Dv9I`yGOrMaQ7}|oo?PtHx
z_>y*A|DB7$9IJsO&12fyQd)+q`k3!n`+Sl83mtT<9-PbT17ZV_yT8T6>Z5c!N!kUH
z4_A=>1|$t1f938HT!#8%HtagBrP)I@kkS4m`*;xP*1=XX8^gzcuIj{)j$ur{8%tVq
z9^W~h{8%7WVP1wDjxJN5<#jI9?o&grjj_w;x%~vOk+QV-z#W_55`MbpM{WoU_00vI
zD2pM#4{qNrA|Rn3z!slPY8iONVQ%-Ditilr+>nWrSk~vb{3cDwPH*DY?B&()qr`n&
zN~xl<d?DA0x}#y20=&=vt3%^-p{ZXMd9<vgyQ8DSJ<N?qHiSj&w>)GvlgUzEs;z$7
z{yBrJ-5r}T^rA25878P2>q3T}wi*5elSv)!#d)UB^+eUFDiht%a9hdSkWk{|r2d9?
z*n`FV4}5+*%CCiHtC00Jtsrne{5F1`asB%6;Qx$4aoC$ci+Pw10qCtags-Nv+~704
zK7>`Bzgx|%oDWdnScM_e6U=81CZk*3w<~JJ3s2hf!+)jpXusKGZ?r@S562rscY$Bs
z_q+Ckc_PcaVOerwkC>)9lgHzG9ZWkvd$)h<U5`4ReHI9iox@5yuwOY-ml`9u_zy7$
zLBU;^hGn_TsO5!Jl~>vPT@bP3_#O2#ukeGE@W+GArRl0SakV<hI44?pB@WG%Y;I_$
zm`093wS?-(Y>$nnS$K#HLrTb(9dcNG(u{$J1V|7>j;ki0Y6!Db)H8d95jTYKaBN{u
zg9WqUyz^WZ-Hy`b%TyWWor!0tx$2WN7|@EHct-emxFeo=x3?Dtusz#T8&Uk{XS;Pj
zlKW%2r__BMG_OxwFi8=`jdV)v1YJN6n*$j&?`>0f*|Vdu&f<?BYEDpn<Fw{;|8$9Y
zZx+knp!TnZnEre_k00W9Z8aY3h-snY|FvFuQ$II2abw*N2Tf5;7_Y6KIgp@u<B3(b
zs`}Tl0+gpvokY}b)GcC+rD!K@CN}<H_0HXVey#2oWV;M493AI+FPAdYYJ(^~Ju_5(
zT++&*yV68`x)q5S_J{rB$3_xp(tgp`CuT5ydwlS0&iaZhJzM7B`;m@Yu*V<Ao64bD
z!^TMNO;~Pu{(v_^TTKbot6g4aafpepBvde`*_id1njQUS56kySVJXo_nTGRXhyH|g
zAJ)1E6je!o9(8c9`Kxtw`{I7<(N`FoijMrjB)L_Zp0t;lp7Y{{!=apG@tah+ImVkp
zhhtKh6MS0x1)7!{$JooLDs94ok4J$5Xp2iao?hm%veX^#%Xi^HRdTVxB;UjaP;t=-
zId@h|oH`tLO{Dstu1oOeb-7xX&cLemd;CLHmC|1N*H1-)f1K`;e2s%c@L9;HtOt3g
z&s<NXrEL4h_s6ZYyciPXV5wRq0ASVqC3oS>PHi1x`s|38Bq?pqzr7#Dl768u!p}QL
z0{TQ8z#l5mcHIk5NjPMzRKGpx+!MHg5rMoB2JKut_>&H;ehz%uT~n{prvEy)@cU_}
zAH`I@ypb1Xv5(lI#Uc)!0uR|pSQvt6j(!XCgO#@_`hrX*!(6?C9J9|QYRFS^NeAn_
z_U6OdbK_b&#qXgqxM9~C=+WSKwkT@By^Rb%dhaD2>*iq5(7tAe1zo($awh!SG;A=?
z0Yrchy2L%LfCK2IwMt;f@X$n-#6vN&ky#*XDp+6dhH1hScBj6s#CRHyP0{0Lmf10(
z1>5DQegEB~OQqoTI*L@4<>Aq@(@7^eH5k{SKXZ6Tmo(Q_ZT?zU5lhNNv03pk$DU6K
zoZ}rFwy8zPS`IM)5Uo?dVjsx*Jvu*KOp>0dfSdvon#8m1`^BrHPRqsgh^3mKnrTzW
z+_&-S3xCe@%*Ut8CPA*}VM3>OZPGYg@qBDv_vj}_bkVvX3$4++k#xB28^qmMjaKdN
z{1i2Wic#t)#rl`{o4Mw#vGIRBI1N?74i4;MDYEWv9QC}z<qqOn*KdCHJnwUCLf)#q
z>VuWljg1S}ix_+*)K$X2M>l^4gtO{Fi20zInx2-Mrf9QsG(MZ@C5y8#R6aW=;&17)
zPI+PqE01MfCY2?r6}jII75`FWc$elRzDI{nkS%mK8VrVc&UD=z^scrx6kZX^*9@!=
zdndeq93c0SYF%)}js3>3@O(1z4OYw^e`Jd<ZLvd<O3f+JkYsgvkxU?qw6BWkEpmCU
ztnJtKJktIf?<Mhh)YEOxqUw=or4|>had)NKyL-Nu(ap~TGWHc~)4mA<W=*GcZ>J9(
zMS8}7W76IyO+*nHhtwZb*o|H~E9X{iqx;K&-P?;=LAQXpF=<|Xc;StxkTbA;OI$dI
zM-+Y@f^u(3WZaVb%W(H<UfdA3WX>WUqQ3^=9fwTZAF~$g^V@I_Svc6^8=o9lLxuBT
zeFOI%uEK4F{r${}hDAh|VDD=s<Ayzk)t0x-oGcHvlj+{)q<v-8oe+;Mk_>_0f7@W_
zK12Ei!Jlk$SjI`0vD+LLI-sFF&j<A;5-zp!73FHRA-jrhprJ8nq=05*VI^9dn$j`n
z^|Mzvg2k6wOhY9HG4z<ly6`Vm)sL@qH0q8vW4t^p7xr7dG&7ZSs5FRuU=25#!m_kd
zHY!u79P6^*5e)RSMjf{{sbf(Pclj$cN9Qbjg}j*|{RyE(AY@=E6iNdvCQ@W6F2-kV
z)U+zTD40HLijDM``-Th7=)s$|nnaA5RMv3X#p)F`6M7G~7sDahm-^~{-AGo40h~2?
zo=@^8Cz;1`1DX6v)Zj;EhEbBnZMI`Xne>&_kHLbx;Ei^Kcb!DOt?Q_P*T<$`#0393
zJblY@f7RV&%T_+Uy#=WbuhI~bI`)6<&3QeSd%23+`H}TvxT4u<{kZXaj{OIVJLmak
z0yvfpxIQ6<1_rmP)p>fExxNfb>023xNH1@hLU*+K_7gAs%KaDn{C6$mT<-P3Z-<$<
zjsNUa?pTm3Hibcp82slb?OWDQnxrA*iO|Ew(~xEMhm-bXlo#bAG|5<@dL(G%iV$ia
zO}n^MT*Q8F^ax>C;8uXvc=*|nipXnw<IF%;S2wq|wzh_PB?f8|2e|kXn_HLHDjs3N
zBUGep@j8=Q9O`<ElId<ym$C2!3wv+eYHndWJu_X1UDa<wxBqEIA@6qcaMum_CWoUT
zXrGm6^xxCi2hLQfO)RObVO||5|MUASt$$s~V7tGjAjWf~`3Y$p>0doFVzt;exn^??
z(--?Q**%5*f9{mjQlipU_cYgVs44tpw2tueey|7jZ>-N$W4d-{H&=<L0|y{(qvElj
zc6Z8qsdYswEPa%+DV)v+C!3SDd@KjArXMh~lj`;+NoU@QEXcRC)V=XK%0!#@b+FWC
z-*xD#i6SJHbLIlBc5c`K0?DUBb?@-Qys4$s@CNEA<4S&)6FP1wy#AX5_FW(SJQK9z
zwG1WVH`n%eeyAY6=Chre-3hR%IMpMMkx*(givPsT2RZSvP$o~M?7d$dc>_T9KkL0$
z)9#sQGhk)Og^r|{ZCL>T*Q`b9-ik|G>$mUm`Kzx8tatDd4^;xsSIHtYgVwc}mvp5y
z`Gq~O$|Coa)T(UZ1uEJO4nbgC?&!0P*7CT0PjK-8DatN02*?h(L@-Q=<V{TTSlX&y
z-#NU!<fbjuK1)sDby8FwI~y%K#(JqYm<vDeXcKIzCCfVYp|(Hgj-gH<XWO0C3Jj+^
z#;SbtoLgOY|HmjQvL#metjkC@X28qIK=MVS%gtwbb2^m`bR@)!SrEl<o;1gQb$X@F
zD){>FwsOTH?-72!nj}M<@riw<Qdx1@pt0yFd<q9M)M=?Uxgx<l{{v{jh67L^%v-wz
zgMx<3{A)Y7w9Ga<3Jrm<>7XK|o0xG_P|u-8K{JB@UoeqUQEw@nuwSfScBkdhW}elF
zc~HbuHGWNxmztTR*o`_G(op&kJ8?<MB1J0!2ZIFz07-#b^jC9ni%P7G<jE0iC4Q1f
z)h`rY4UcVY-&Z`iR{G`ni`;v6IqT^VP|eWTj(k^icb{|81rLLWaWK#b$^w<H!3s4Q
z_(n_*a0fRv751fUXq%0JBoB_+mMX)VLKrlIRFznm1X<62snef=kq|d$f`Z}qorIC;
zvFZp1hq@I|iJSY>Dnc+@ST!wMGWlS49tD%BKxg<kOytT{NoqB`n~k4D!mtB!51&>!
zE9)w)GbY>T;{#FToSU?vfvpduX<DOw>}o9TSo7zOR>}I+K*|<x*@Yj<x5aYj3J_R@
z1inZq&Pv>}KcBS5{OKL~G?w4j7xlsLekou6!rjZJf@kRZ!3?0H(;$zsoRPHLYijFe
zdC_t{e_i&&i>Kwks9M+si}e@{{vlNjq%ulOOs^`bGR;u*P<zjB6^redSaW3c-IHdH
zgBHGs_WuqRBFoHELI2Uv!0>KA$L{D+oOaVKj`;q0T1E4#32$^96y5nBYN4{|&Z)h>
zR=+4?0*fJ_qLT|x!M?$-)=%w2Dk>_$q!xNI`}GM;7iic@oyNSv^l>FvXgDtvVUwJ6
zGqco8&V7T{Kgbs=8(u~)&lkg=%ybw`r7cYi)))C02}7AuKVeg$xKy|2!T?>Up{0vn
z+e^az6TBRrY(O@G?W$7pn<p3VasKS#m+e+KIMNO0_pT0pNWWMy348$PQn4S~vj55L
z8Z@?+)$Hx<`SA^G;}&k0R2?={J=cjUkwGqpHdkxP=}VDBgl4e{t)I8oB-y$Z$LQ>G
zBd>P3xx81#T2>TtxP`;Qt7zcZ<^|M;IRIydla!0CMCEDY%fFwd`?KFH=gsUFgLBN8
zHRa_|kx|24$MTgQdA@`OI)-EY)Iu|0fj-G$bSgpiHw!=2m)M?xd%BraQB@&*SH;@>
z6fJ6V$E~L5ejs9gDc%^Ti^Fjg!bRLE{FR0R8t|8<x_&m>y78*j&dXiXXkh36#jnYD
z`u!}zL+iRG3!lRxM7RXe&<)|0EwxzX{)54^UY?5zXPj%a-?LZD+L$1+_`|2C=pMx!
zZk}I{)EO#C+8}ugb9@^^w<l0<JklF=>Sa6naIXyh<3mZgK-R-lI-@`IA$Tqlu@&X=
zCFR9U8tFo~dhCR{gmL`Rd70_JR-}4S+0_9B1dM=sNkzpOvU=5Bjt=gV|2kO2OW&5l
z$aJU-8+CMP7Zym(f%0hd7hkW{#Gan+v6vkFAOMSBx3gB`pu>IQ95wbuW29v^^ZFP%
zVvnsNpq(_EKNbzbRdnY*N}$HPmzD9v&2y^0lhzpA{lrwvuHU=0wQ&1GClx6}clXb9
zh>tDvvW*?_sr7eSq7N`)HUlxO^kd|`Yi%3(>nbcHkWP{9O&uF3UkMBNMWK-jaTiBK
zf&gz%!}l}J1+3N~1d+zuH#o0UoX<|g&8G3}%V8w_1Dxj9=`hQmUtZJ)AlH_fj%_gd
z9jqAjGNx_q#v?}ktoENv*$dh0_Nx$Qj<(u#gvgkgoF5t=!x|k}Q^}UN`nwML?mrwX
zPBk~~*eG~+X3di`2CJ|E%nkb*{ivDsu$HMGN9SWj^Lx%O9}R6#2>eyZ&X4gd=e^xB
znQu{EoWlc*F`}MeJ?AD{K}N0GKywZia#SN@g3V(Diw}}|_L^w%Q?X^VzR|GVfUfiF
z@Kij)xx~}eAPAk?`jtGYYLhk!yy5zUzESDqk5pPZ#gQ(vI_MbDH&N}sI^I$1p(Rq~
zHd%4X++HPmhY*Hyd+A~KUgvaJ)=GVU#Clowh}4-Fldmd?NY#{^?(l*{>i_0CUf$^{
z*DekSMV?Mt?)@vMI+KS-l`}(I&sCxI@N&Khq5oL3kMz4^Xh_ZHv@>>J$;WGc)Ee{l
zmi{Ce8cNi(cUWMl42CHaK-F#s`wtA*KLBh;6pChGqB?RiqvNY<+x~6Fa+C=R6XoS4
zr&UNF(07c}FBMHE_WD-js}8bEBE>mtFc!2Ia~FhoBb+2V47(E#aexqSUFG{}K>IS1
zhlfW_ZS52c@-tEO4xtM<brl<E@q%=Xh<|fB;5C+Lt3^`&m&4oTOPkVPhlanNv=Ish
zdcUiDNcEvK8sF$KiAURQtv2@@?0h`DF#+HSHXwY3#c7kr$slP_>r1NRX-AC9g@w9#
zpfAO)XiqB&0RdJ_pM@&Xy8|EN{b<{5+4(Os!QpM{zY~=klkz+B_y5!d1?Jq0Ss{7F
zx#KBHE;?>I%186UILlMcZM8!;duI$`xTQ+f#<ee&yDqGU!qNNy>CpzteZ=eW1dUPS
z1Xarh;Q}^jGZdd*vOHM0BV-6I*6m*mNgfB(#F5oJ1e7|pY(o^}@Ux|G#E-_`#V{<n
zZ(^60V(S82_CK`yT4_t|2AvWX=%ZU7(L95X0d64Z9lZIBelG=iym;mzvx#c5W#lW-
ziaH9sZh3mOuVsw{e1O-|sI_KC+7EEBeg<B0XXjDkB<{Q*{lN^CcISD=_3ML`!+)!H
zc{L<JCx8U<RcN8c+b(rn>z2fHniyH<6Nv{U1+~7bsP9zGKS!LdSt>VY+2CY7_rh<8
z%{8#1c|BtmX%EAT-1cr2HKK%v63uOCpd`_KC{^59Np6*+TAHfn%xd_`c%s?eATA0H
z&+1MeUV|EL!n>IBR~P?TYsR~l&XHw~pZx|)Ftzd&Fl@YJ>WvKVTmrQhmp>#Dz!DX!
zYcyet$pPCtV*U`*-te=<gT=VOMFN6hv6Z@3)UPZZ(sskXSR3(kqP1rYg?H~v(O$Bj
zy<?JjG-Oi;<jtm;+A1mc3yk<#-kR5y>eFAaZLo;fJn22=>mP{X7An7e^0$)Kin>(V
zat$}N7<Nq>>5r4|ffPMAIjujHUYbkn1G4Rt6wQ24l0Nhev0dNwbf(?y#QX_@ZdcKZ
z8KMv+O+!B$>-8(OvfdxV#;i87>35si@OS(y0N{%fxKYx-rldJN?q;`Kc#m%cB%;bs
zJB6+4Ts<hzCBD=jgfxI-T{t-bfH-2#{#({tod2DmDHTep3kBWv#GMSbs_pLX@yXp(
z@BB1cWaN2Dk7EVU-t9G)opWFP+CHqI_Un7eEroD2<Y_IgPV06inr5tTl0bOj291ZT
zQc4?Ymfgchpo3S#(rJN~dHK2>ZHVohELK982t+VR#GXeiNsCGQqGq2k(63sd#jJN)
z{_M6|T-tNl(Lr&6J@@&^vG$);Hglzy^YZxhI0k0suPD<$KU7lO)}K_+7PKp+_14K-
z7WWG>I=|Ah%wsj}d8#Jmd7iZ-MAhdKI%nKvmWQ8;sKqL>$(@c2uMDvUcH^CTxa*y3
zeyFR~r|{2D&m9>fjanVmpPaG49`#=Lyq$kW{F^$FTb;fxyB@wEW-=$55GKip2Lxf4
zKaBgj7ERCTfSbPzn=4v|i@-m}t?~+5%gK=eKwZTe_+2e)jIOezV<<gxOO_cD=n`~#
zyZTo-g3TjFOl-4WYqk7`l@7)}m1o5v_Vi2vSCSOn+gb16`)%Qk{n17)wQ0~1ib8|F
zDTg%#2r`^mWgl!b2{1sC`fsS_Z1tZ<po@ww6%R4-MZq8g(83QiY^2}nLZcFfwCZOq
zcJZ~ghat#18ZBN{rKTHE4wE>c%^Ws8ApJh4RQWqM)G$8x=eXd{^BFlVgsGEZ^kYwm
zPtOs~Pu<I%t{JB4l+4(IGY7opm#p?+@aOnEbMg-+{9fVsa}!5Y)&?+UW-xxWfo)Nk
z#*IypBJdl7@_#|~^aOo-e2`#9+_-cYzr7*XtkTjM5e>Am#E$j@&)O&`JaaddvQ&L=
zJi2+(zpmsdFKN4uldpJWc0UWgKWrtAV5<S|YpWai#ZQE4j5dQM<%2TFh=-Qn%OXyA
zHk#m?kR1{fDm8D(plE&{=139$WuIN_)Dq})GgBUAidqyRkg~X&+4}4If`sJxu;)WQ
z&+3I9n@C@mjPxZ{6*(*f|6e84%+|c`@NiF1=kxv6$yKf0wi}f^+WjTUZDU$bX=%@x
z>3I3>^ngtggVkWgm$73^ytRSsx#R_V`aU867^dGFE>d%U-fFZfq4V~NfLlc`$%~{2
z#FDom0hnpI)jhMb0eLK}tsko`B}9@Z@1G%!>?hgaOAHxcoAtl?z@F4{5zeE-7NudO
z_M@6bF+=06rsAKzts0&{kazi~84-YE;R$dtRd08P^8O&ay@>_PN<$gq!mnLIH+C|=
zMM7w~)zvwkj12LhZy#ghpQ*Ek44~&HC26}EpGS7OyIu`GGu)$UitL4PvT}v>{-`;-
z`a6bBrKIfC>Fq3Fz?GV0XK}ZbaQ#shF+c*cp)$?nVm9zs))_sisXZua3~zmUCvANb
z7mg*=PUp-iQ8;h5zt6Am6EM}d;C)6QI1WkkPWJvLloWMz{7}!tKitMA%$|h{r3`E<
z9qus>y7y|gA9*spDy3!QB<K?R&NeNRrS5vYHOxx=(LpEi^WiZuVfHl4e;tlKI>6m~
zzV`GtjPIzh3=2WsYe0^p3N0?pC<*SVs>I)YEWN(6C9*;A=0?MfXw@&R`{CNx*7cH-
zrbKZ5Cr!4al$8^5Ob3U#9A?`gaBRHoA2K*`?oOWS`{jL4jYsEzzp+RF6Bm!8ebomt
zN$mTsUjKNKlI88<sBGsEAFrk5@iNHCDJ^41_6n8zdK)NI(-*D#L+9Z!lTf$wWqa84
zif*|5wtLn*7sg(Gc`T(#?Fe2G2<}iSiXCx0`S9X8+ugABp7<~D-XhNC(c-3PorCpr
zU!@?7;C*yT{9TKX5XabgX=In-NkGmhe4JwNDC_veU49sR<Ou#u5#A(bVwxN#I<EKQ
z&vywykQ-zW{B()y=y0|mtt?Q6fc^&+VeTi=8|V4}NAXb1PUWXqP{(sJN88#?RaVRQ
zZ2x2PkH_Nty|Hq9hDo%~hme-Ukak9>&vu(RTXue;ze*M)@%$j38c*9kwhP9XnZw9n
z7?xR$b~GOeh|LwvL^~=|{bsQ%-9DgX_#u){>z7n(*a%%iZ1!iZfg5o0snMqb@#PS3
zpf1-x93qIb_<rr0^LzG7&t6YaM$~dDP}kn9(|Var9c^myp8@Zl@WM>;Ji`GL_%O-P
z%j+m4*3_OG=>#3hI2wA#w1O#%iqh&i7451o;{q{h9#8h3|As!$#4)ntmbs|AU+CD)
zCkwV)9Nf>G3^Z+;is8CKTERmYg=!@>L*LcZRLm>NT6A<0Jy`bp52sxg4UF}`!R3y4
z#5i1LR`)uepZx==9nlaY?<Xx}c?zUO^~32oS_`TRYro{>b8X97-=)0b9`cs0rcolO
zw~x8nWJqIz*Skoszx|~Sk3>QaWi_v-0=%b|mZs`+d&-_!r%+GZ+-=jw+R;&$-3D*1
zt7A-%Jp3OY?r?~*m@2)Riu04Zx|+Yo*(B>!Owk#G3;vqaDbJ~wmL46IRwk{D3Zyuk
z-lUwA$8lPg{<-PCvHm^e*NVr?c6|9yUY6p+ATtRFy>QtTu19ANeoM$dL9ft4-|b=h
zNe~%H0`pZAp8HGb+?IX5KHfpC>xejZ#4!RS(<T+{{dnN{Sr$C}&Kqh|FciGM835e7
zP{4{QffWl&s^^FanvT-)LLeZbRaN&4WJL4x^Rv5ZS;%AxdP+)4*c66`mJc4`MFwdl
zJGLxk1%3Q*K*4m&Bu276r!aa)?5tyJu_(x4$<1dz0c9y<fgj!r>&NR#UEPb8#;^}7
z{$NZ6;R8peDZbMd7}Dxr%!vGw4D4tw)K_nuHsg(!towFmg`L5fkWbgv@Q3Pl360s@
zQ=F$2XsP?F8!|qP_(rFah!>6qWRH#-c<p9=@V8k{)PjX%L;DSg;>ojz{&=kskbszd
zmk0+mz}Ej$K9(gZqvg-Z%%xXVvwdYSb(QROzVbp3w<H~1UP?G4I)D-xO6JM+JA3l5
zYv#duG4i8C)+^~5G-xX){Th}NQldo@h?6Rz(bf^B{o4<QOZ-P*Bw*x4#QEsZ*jdHr
zc0>)*5%3){XHLi!Lhdv~A0OZMXOgj5T^4R!Fl;3>-lz?ecy$}MB5$*T;!3Y;`fMeq
zqLONAg@#}S_fh$bGb{#I<=v2)^@ynj<A6k?P^XAAdH&`rw^gZpd79%U*vS5p)Ox)d
z3#xW|VnS)oVQS>f5+!l+B!qID7x|0BMB)!}v?=dpzpzrK?KW^)sI#P1<7@Gl=EU9I
zog>Nk4}-_|ZvKY&Vh&ww`#e;blua7o&+p|*5QIQ-U{P#Bf8$_k_T^7S@gNLPy&1XK
zvDzz=H*!2mX{hF<*|kmaI3*oi6f|sH?4D0TVW4-6fDUN|A9j$UABiCy7QA`5^TURo
zFy)G18mD(M9p98lqsg^#fIVeOGJcSVlr-0A5PL{Jl7MAQL@{FCU|QU5sB0e?U7<C2
zP0g3OVJKlq^eZ}4a4_D&ptP9<l7qK^8HE3;zIpx~87wq#aO&ekON=-7O716en~ya8
z{oK9<@HYCrgTomOAqC2prh;<mjW@uS^YJV6u`Z6FCx`z~ZQLgDBD(j$K7L?!4&-jJ
zPdJ9DB=9}?%EB%l+It-*_+FZA9@Dl!_Uo;ykt3H`>+0Djbnf4G9G{^e;c<mGkT`7=
zoo)|E-}e`Ib-vRWDL@7a`3fcS6dC^QM9uHG6JLU$hEJ=C(!k9H@5%+>@W*)~psM%f
z$1%wae%*tya(^_ALcx7oqBHF89Oii7yA;%2amuSDn<eM(iI+AYgViIUsA<_CxBMDi
z?n9q7w(YG!2bE+Os9GPgQ0()oD~T?nFLBH27Y3cP0qk!zE^8Z)>IS7G0(a}XiTO<T
z%WY7`*(10tq30}<f0K|9=w}lNo}s}IB7w9xZFCJ9Nw9WYn5I3wO`+Uti3OJx^lyQ=
zjl3n}Bnr@!OQ4|Gp3LGTW@V_=?k0vYeGp^)d5WOYF~m8=5b4hXm<t=gFjD$>(#NC6
zovpv`!i<ZeumONDpM{Kfp=Q;@ZWf8|Ud9ctwzE@EOc9n$!K83_czDGjlE}qE(OdNy
zJ411CeJe7aNeVQmP!R}O=b|3P`2I-ihYk#QCr+%v>z+%>ivOF#X`fibT^E3JuZs!p
z>)P1qluf_d?3xG`wlZludO6HmUu)ksu1X4pJi{D^G!a2?95j$NxjqcA`C7_v3_42w
z3&Kbuhu&b!ha)?Uz2J#t^dJ{wOcupDfcBUmGio{Qo9OY`<$DEVhD0v~FmLi}VjIe$
z2a}*kQ~o4yT-pN@(sQJFJ<{Jl#h{^{Gh*?4XXPW4=*;(e?`VherG7H6-<Fe3=p5UH
zOdFAEeS~mXPlEN2mMRg!3d$?&Q+(c5Ncvaxwx6;c5P?FpwJjRUA+{JDQQ4$%$irxS
z00H14|3vdfcIBT@|7x!zC%1iq%hjki6wH)y$(^7j@WBrr*|UjD;}~j4fRcL_ux=l}
z`H)5Y<Ndf4@LIH7iyjIBgW{yODzcC0Wj?%yv%P}V=Uvsoo1eE@6pqh`7yK;Oo*F`H
zPYwlNo>4;!>G}GE>OfFReE=B(1cVp87pZ@jIC2K5A5N>@$|vP)Z4vxsAG4x=i0}kn
zpQf+~bI?+EUwtZNk;U$m7#CNRN^EY|YTN?ISW1<P|7}*M5k_VyVC+=5?#xG+M<A*|
zfL#5$Gh}L)WA+Ps5dnWp#C&L=t{1|jwcUK;zVabcKmkp@gZ1CQJw%)|q4vJLw_h%f
zjMW5=64;mG77=D<=~n|g>WBY)cNafvy@|Xbzh&vL0zN|?P6Mdc_*$PLOzMR%xay>#
zJSvu_!LA?`n}?B)Y;nrbe*nW&$P9>iUDo^%OQxN<@aHjE3DpUT_8|6Oh{ge%LHb0$
z98C$TjKGWhv#EinEq6#@RrTa=?X&uK6MU9j_+l%L)QtIy#4#~>BEqNnM)>#O%o<C5
zqg--7sV(n<iRL;2LmD)Qb1)3L{+s44sWPMXN2*V1b-pU_6R=PLM~v+W0no4?z9G^)
z=0J_s)BV@Q#VmmiJ3A}@Bw)c_@||`FFAZhcilY!$AiT5eLpd&?fQbKYQdIx}+#(>)
zxN|&KsxwPWZ@U%@cP^=pr|LjDp=Hj{#Ov8{cOTj7)Nv7hldf=}W|bbPBBJT|(Y$wM
zTvznz2^u!`{_iad$`RHgy=>Wel?v@Q8YwdMqVG>iY_MUyk=^aTBSWIosS>1h^eY6>
z-*?~TVD*t&lBcABt$RO^;l)qj5$b|*VH<yE`)P4&(M!8}$12J@d(9n7Q(afrW4zR6
z@1yq8x;*l!9fQG+m4NgaU&jlY!81i}l7ej{YW==!rm&1LjVfzsZSX609D$t3*NoA_
z-c>5xkvz~4O<;|;r+9rQZ%&NI91q?<yWgbMy<ux_InGPN76<s=yrgCw;96W>HBiy)
zRVSeaLE_gflsMOdV4%OA--R6%=`8TQEXxn#!(5RM0#{jIQ^ET)2S7+RXhp{7Bb$YH
zTQyCx^<!deNO$S=0~jKb!X!py5YIzWe}u`Cpdy%OTGKc3X-addVLy{jzyt2Hc)3eD
zSzctFdjHbL1hvtbs{8h{AHz{Y4hsC>4FI!cSn;1-_gMFD&P&>KXNR*+3`u{9{{7>5
zI%$j;pI`d*7um%!l{BM|ojxukIiTJrI-`LpN@>RepJKz*ZNwX<BTU2!D&(ZXPblM}
zK~&R9u{y)iSHOR8iai7Z2!5AMMNj^O{SH6|*K(aEWiB@Sn$B6#GL7dDQVlx(p3?d+
z8YF?e;->-yg3bHkIGu6-?f5Jsj)g0KIm>;f)VXdIf*~~*AoVSgMsVc)jn~?Xq$m+B
z^a*}2P!9?UHne}EhppLcN$v|gNbe5!2jJa+2ou6ARI%Fl)+)2V{<a+BK}q6{h?k`V
zI!>+;+7431>BNC&KPx<D#A7?z6)cc-&pNEy4@DgJ@;F*(YOO4=(HqhY)28T~SK4>o
z47iK_E2bb~KRL;wN0dc6!||QBDFB4qw?Mvr-i&mdXZcyw*}1tqJ3E{Ceenii>TrjX
z9t+RELVCvn`rk~bMg>*)Pa3)!m1!tZQFdMV)S55KHtxzr%E_aSyv=5*VAJHE*bDk6
zYuTmdl=i(|xq-Rz<>gWM{iHK2xFsY~#SM$&1!`+AX2S|}_mBYU++lW~fvrz-D!&NI
zkMhkBc2|(u!Nf3jY{E;BQ&{H9Ex+B|+`^G%>91QA++AZ_Q^f0k1S4YtiQAQ&V%0m=
zFe=fQF?HgQ%McAy=pi(DQ@AX8F&$71J@VB6F$qW9gbqi@^2RrtB!L#|J`f(BG*ziG
z7+Wq+F_aAPgWl~$-Lj%1)5MprlgC6-Dl-naz5S4Hk^&=;-Ky`s#XBs<tlCBN%Waao
z{Q<Ml+5`D)O#K}ls|a)vmW-ZuLD`B`Pxf`i=h=A7GOtG81jGrmU{~MluUJShJ!<-O
z6*gvJXVsE$^nnyS{utgL_ni$$U^{AI-RY#3^9aAwEfY88G4N;vHV*nN4+$(=VvDb!
zax5p@*e-|o3^ChPfOa)c$aW}q(@;KK=2IUzsH3B{XIL5$n4lZV>oK`MVO`eEYuBVx
z>l>DWv|_+s&}O)I21JtSS<G<i9lgZiq535yqWz^ApkRbWB39)WwJY-;*;UH+ZI<fm
ziaUl8fQ_O_5T<IGjM2D?EWQw28#JLYW5wz3>WUW=O``!d_=<Mb$VOA%4TfwacYF^i
zH4CH_@wJHM4i&l93Pa$n;3;C@T2B3Q&y?2nNLq(wgGLW_*`T{63<^+e^F8{i{YPA^
zp=^gzy|g%slu*4yAqfQVMHWhYT1elC64gnK5W)u(4GoDa4ETVWKg_c7MT_FoYNaQQ
z9s@{7PJ*p=GTRtZ1eJG`h(~lOp)o%QB16xBZ?g&a!drFJz}Y7ZS@bXSkU9T;a)-8b
zAw{($PYY`=K02Vkhk8}{Hnr@dZm9`f?c&7%1{Rmvd6Ur{w3zA>ppVI<fQF-6!{Mtn
zO^;d^%9Eb`#z1Z;B}5AEgH9>}13>GY^uT{*izrKHOR%w1R4Y53yADFS9`9`MQd2^q
z&}~Tl?uSQvOn2ydx8)`x3GwculNxzo6->i^`OVrA;S<l-7xU8|;+p9@4L98!_Fqdp
z&XoBxeiJn?Avk?W+j`Sbx+$MSFeoJTe98%{{&FOf<(q^gmw-i%5%sIGv|^B_9W+G|
zffdTuzjKC<c_M?#A_4|_GWb%bUxgvjmRcH$k^}G!2*~E8#XI6Z?~xKUE((%Nm|tLu
zY?l(y+BcjM^ZR1fewR|l)IxtsAQ5&&Uw$;kic2*==bjOnlCCJJ>uLJ9M8j=NqXDW^
ztBi#b$>aPloaTtWuHE{-g^0~MdKBKt{^5cEQ_>-(X1cs225CX`QV@Yg8Fuv2PhbCk
zl(3bSAt@4zbAQ<@Na0CgnwO-Jo7xq(-U065ke%w_e?cEN$9a-*H0;JAlSLWouM9P5
z$-o6P55Ypxzv}rvVHzqaK1)YWzy#-%-LVDilrPt6Q(`@8gEa^(vlN%5|GOjp#dm`Y
zidhBy?~GlNYb~KonPS?1pNp2k`-V~UHHJjT&V3^N@Ba+Q0@wd<2aC5Y^Vu*#Zq<yS
zQ{Y1m1f9ie?_HbrKKJyLXz;NI9S_U@{HfXcMAZm%0)h)q&}<JC3XVd^J^G)Sb;8F(
V`ztRm2Oi_V;OXk;vd$@?2>>v^p*a8m

literal 0
HcmV?d00001

diff --git a/docs/odysseus.jpg b/docs/odysseus.jpg
index 982a00f77df6ad3e9bc2f703a74eda677d3bd9b8..7a70bc5fc5c126f1242acb65bb7956c877152ada 100644
GIT binary patch
literal 53198
zcmeFZ2Ut_jwg(!!pr8Q(sY+-Pnp6!{A)yyT3LPc%&?FRTVg&-BLnxt1FqDK|B?uOJ
z3DT>GAiXFmpeX3Wd(XLl|F?bj-FM6T?m5Heo0;s)p0#Jz{ASH6`8oFUE#S1iww^ZN
zzySc@!2TcL=OjQ2aPYu^U)NvKp(BTWrK5)rA3AdE=&@tJ{*N=AU^;%B`S`J8%q+~z
zCr<9CV@#~4SWdG3D*t-Oujap6?O!L4A3Of*8~^Xp&*uQ(@q?R3gby760S*EW90DHr
z*#Z#wMdsl{zv%sII(p#9vEv61F&$>!zwdAwaNywK1BaPT9Y1>X*pZ{h_TTH^p~FXj
zM~|@y${uIu;<*Yp8yI3@J_C}2n4;{w?}er0*D76lkdQ=tT*bkunOo5>gv606U&t%^
z_$DTAXkqTpd=wUgA?)+cis(2vI{EGQ!n@!9J`KN9vES>V{qFW}LV)`u9y)mV$ibrr
z4j%;UQ}BxfARGKJ`x#k5xvO>w{WC{E-nlO}DvrvV-s8~ZL||}<vmbv>08Sn{u>Y!u
zfB+4^myN%^-~Z3^V+?uolq7s{B)cMGB%MlmAmB)2c4%Nix_wP-G|s)Y^yx!JcA-hj
zTA=G?NrNU~-PkJg7AOjZf@;1<$s`ZRUDqx(qiu;R!`Q;a*g|vFE^!E6NlFbnp)PD5
zXTxG|8AYWPo!%|pa`{#r@QfNp+}TwOFIYKqGOEw%Ct#OKbiNvC7R*<eG>DIiDnr41
zFB@BF8TO8<K%NKP9zL|%RT-FQS#q7l;n*?lE+Y)8H|0U38=O<;RI%Z3wfQwtk-R)h
zSrv+ZY<#>FU2j<u{B)+v%toUs@4{EIh<;pb;bk5phPH@w%)_EGB8E&|1ijKsi}Qm)
z2Z4whBQAPr7^3L3xciUDq8vAgVRi_jf5BwWgf{TZoHxA*GrrSp`u$u)(D7+m_ucuT
z+i}f}hX*zE_w4_E|G#v6m^KkXb8iayZ5_)UKlN6CR7^t)?b?0<xP|ohB(_qYW>G2(
zMFtB=_VTAAGqrG|rRP^7$>X@^_@bYHEo=F{mwwHAaK-)dy{2xv*zg;i^(Zy452h6B
zinwlK5T|7EAw+GMef}TsUTU6#tDEz#)t+5)Izs<gNdH)*rgmYWTg@wiP7W!*H100j
z*Y-7-D%O4Ic1kn<$>(*pid?pe{AyxK7OVg6a|)N2A(gMJX5JU(NV05Oo%EG$5?G1+
z^nBW}yj|;})MyNBG)BinkC75Ieaa8IbHl50%sw|};|tOx<>+^*aAod$o=>sTPqE5D
z#_m-kzmf18Wj!bS-of{;!2ut~?7BZ*#r`+SZdjG^5XyLBvy(C;w|*mm_YcbC4^9OP
z*#r#vZf1@<m;6D(+21Hj<6LbcueRkCJpTLO{KNeGeQ@@9`fr<a!f;jk%P^zkq}_M_
z?y~5bhpiKfZ6%5fS68fdBL3Y)k3zA1L46W5caP*;b&1iY45QQz{d&0ShkpZ*dV?)v
ztv9PUyKmpROr4srT_`vj!~74R@#fzEjg!>68O_wcgV?_@pnpgBza#wrVT5-I7;7BG
zyGL{oZF59YUY~gQDdNiA7$PYv`EIrH>sxuG*x1nu8wn0z;TBrXCdN!Hs{sh-(%KhB
zywmP?J~<V}5kp{>K*iY)LdswUV6b#G5)=@yX=syUwqjD$Ib7c%h8$$6xv4D_sn=S5
zp04_ytwi{;V)|tdG`Y1W{A)DfL@j3VWpG0My4wKn`<96g^K5Np|B8OEp8)Uaj$OkJ
zIIW(y{mhzU(!{XViCJdhZf8fK4oKguo;H@2!O1!5h%#KPv7Ea-(-LesTxI@@-1}%0
z9c4f@OBl7=wPMrHNI5A69vz;~m9RKkBb|;<`m{uF1GR*Y^$qTw(T%2qpcwAeI)yKO
z`NfUe_xO`8CahU6G?<Ppgq+1lPix&>zt#H_z?KupxUqj;I~L9#(DX{YC)Hu{)SL_}
z>bexN>(Ebt!R!UOkG!=%@ON8uZ<59Q$Gr1B=g^ZX<+j5pY$NUM?Slk1+cV-W7gL0t
z$2oY4Cg~j{b{(!g@y15q5skukKT1=s6`_t*I9~KqiqtO<0>Z5hxZ*x{#nMYgJu{-|
zQn?7&d)i}#YBb6*)qM?WUi`H6C!n9Q^)cyi7wVM#hysD7)RVu6W{sb-DN!JQ(=Tn0
z#*R=+d8pu<mIB02>50ZwMi%CGzJDM&k|NW_{g95;mfLTK&?1<`k^0{5=y#vtD2uUD
zm<=DZ8{te(z@4<fEYzE^J*u1aT(KT^VLYbU_d<DQaWG#Bn(Bf?6n|SS)fvfuJsx3H
z)1O_$J^B=hvYi|V35P@ns9nfxy8_Vt>+!b4%4Kk_@jkT~>nu+n&R?(@i%Xm^hLp}S
zXL;H<7p38dJh_}^YF2fSq6tbr9M0i4)={GteMXhucQI6`xpHHpILqnqYyD{c8cZd;
zavf$S%SWYBqo%kjUN(tFVFzVyJ^TqU`KW4yZ*;;q1tV5v+0XQ><J05NWld}q_(f^A
z0C$qH_>xk$z?x6<W!izcAc9^|v-9#8JHrEBUcA#0lTIMT8lSMRT9SR3((<)PDm+~c
z878EH$9g-k@i~zdW5O2|uLl>LK;maza?XAD^1@SS57K5u6(@rVTjkTz+ML8Qoi+Bn
zzm>n0+cxu;?RI!~AsKuU{IrW+axw8k+$E{%W{d<WeTkk)GJ8m$m$56h=8thb8=9kW
zN#$BmuaZSs9Ju^Zi%#euUsQcZ>Ru~(k3I6$EvDULF_ERBagr@2(YLbur&}K!$oWJp
z_jEqooUffy$S~|~D}F)lRaPLsn7}~&J%gni>7b9CYbNC%Z%%2P)AqyhrXE32mOXT|
zplie^!X)(#1A6@})SGj0I5=l{x<#s|75zQ9Z4mt(T8@{OzOE#tKZjtxnyvqIXxF93
zt$zw%LJR_fwi6JV6WfC?qwG?s5^#9e9I|n^{@IgdSeIM$z~`@Tj(%afl@uy#)<yXs
zmIFS&lU&L5G&`j5!2+V@nZm`<@g!c_K!LqVvhw6V=4zadSN_T$|B0MQ$w<`Ej?w#g
z)P7<8!U%2f9(v>_Ku%67H$W!W<E5c72Q{;eo7)A6%py(l9<+D$@dYhu3n`TOzv1=H
zVhUT556~CUD~3jw`^>zYB+3(uNHn);g9NjID?n5!9WpvRB_02Md}q{Zhx7HNAHpj>
z1Oz|D_eIHrZ~nZt^<8r|CmdkblanS~J8V3@-E-scJsD<8p#(t>_g?KO>imqy(<sd{
z3Rf5hN=^ACmF7;JH?Yz#+q)V4ato3C-i&!LN5VXaZYiwPf-iqc@I$UwCB8{EWkgPl
z7fYB#9z2{UC|er|j6(&{SIMIl{ChQiqY(6$rfg8*yf)QYxtrWorzvU&gtk-HAKDFy
zt(4v~)$L>j3oAA8jNhn7XqFw!{W3ej&wH|?QvYxlk}8eD@1$WHtd*v<;ELdh(NC{q
zAYES+QNDGiANhQIt&E<&Q)eQHLAna5>);`euctXsy;en<T>pu=`G+Q_;?6e+Ni>>d
zkphGy%rU}47m)QM?bItNP%}nnvA@52Ljs&<p)Cw(M{Yqee4%I>Uk7%&JZ%132J0Qs
z&p_KU9X;&`ZhTY<%FN02lf~+CMejN!-;C@nGm&!Dn;|1U&fA=p7^x<OB#+LeUn}VC
zZqbc*nxEa?AXjweGJN<(LHS`Yk+yihx_bR0$Loc}cx8&kjpCsauzxh8h#E5?4EDiY
zRHQCXIL=JpLvKS3K%P5`)pz&F*8ti0h}{{L%Fg?W%XFPmaunav1x_&~Sg~}>+ka1;
zjDBrgpY&`s<rRDvVyw`QF!?Mhc08@eF755w<K&e49iA`F2ENCDBoa^f?ihQHn~8Dq
z6s)M9>x&}UUD7OL3WrNxh6luEejER0V9~1)cv~@WVQ3{`f%hn1gT0z<{LB~0X9v$+
zJSJJ)V*m1w31Bx2pC>zm(#V+5!_`bX7M;#rCi-o-Jo}fSwM&hq*;*id_vtv@mgM1l
zyL!t|{(L>1Bu8-}i6l8Wa*Kb^{?P%^i@y<ELIhgl>1))~6BILp#9jSDTxlzZv6Dan
z%hy-j&65PQTMKltI@nmnzX#gmpW+`@39L6Qn|l+cT`;(j$tNz$;V5KiR60=qaRj{B
z_?o}+V=7B(eQ@sVdi((Vv4{vZSyG+Av>~XXbkZeuoeYVs`Cj8kR3L3Hl?IV%M33k6
z)Lv5RfVUAhoxNs&#N2+$5XGUBXLM(URkVS_g2qmDP0!T9f<S5Q?g2Whcqdh=JI(NM
zmtEkI=8YNCjZK@zc#NUCf^J<U4YiWqK`Lpn_LgQu)~7QcF5ygK&N+BbJ*h86VSoYE
zA%B5%rE2deo|Wm#fm?4G^B$jBYSC7Kn7rE!#ZsjMhNF8yV!&u<fd7V*b@5tVOmb9o
z^e#mdqaS3P$DGIAt^Bnw4~ki|;4Lb&#yzN#Gvl!<)-w)!NO7FS6s2)6Ep=X8iUe*{
zyBbdMX;|F1p1)o8!q-HvwTKky43SJR9@jDQ1c8JqvAcI-scz|IuclurrA@l#j7oOL
z`CBx%Lij>Y7xay2nyR8(gZE+F1J09D1@x`qoQPJ6qNe&kdz*Pos-|PkdeMeny>j^*
z%Bw*C^|I%bg0{HbyUVMuQQkH?JuMiO0G+)f{~UN5%l=j1J^KF%c>iF>|9t6qwsoi*
zH3zoSBl6HhT0?QzguJ`JQ9qwN_~u+ec1`<Jc>JsDyIP1#yM3&`*FIZ5-|zHXg7oi;
z&o3i&RPNRuZhS=}LcEP6T@J8ew<2YGmzk1x?*8jE{$*z}?Xdk6_=$Wf-8kiGALVws
zEWHuzFJG@!@|V2N3Hh(L|DXFba=v|mUbJ~V^QAfT)4R_$$Zs;ec2?OIMrt$P0#~hr
zTe(ke{RFfq%HLrC{#1RXSiDc=fgQHhbd?|V?px=YliwNfjY4SYlMoJtK!rQ<xNi%_
zKLMpyYC0S9mk0f8I?_89YB=C^HoCPx^u@-$II9{wtPD<|zmDZBgJb<HyJwn1*47}6
zMe%&w)bYroj#MMpk~3{PxXx8Mn`8@;?^&9Fk^hrEzPYN}!WbQ;?U~A4MgQyNDbnsG
z23#}Zq*B3xiuf6wlq~a$&hng$NjR6ylaf%j=}PqqtuFVLY?;SHO7%tC!qrns%K5$-
z>ABRDk#3Mx_oHr4Y!n&%>SOAl_t3^@KoGS;A=Dx=A0&%JtkPb}L)wd9?Wwawr-Sn6
zGcLqYhQ#ukA21tBc3n+n=zca}iP|d_@DB@`=zMMiT64~B+tDl@*m#_|#soGvTVZ34
zyGl6n-rvo9Rit#DE|PRN%%QU4>Z4hOxJbuUxI@2m>th{v?m}bOds6AT*IY&RjQdJ~
z9L*+4&l)ADRivl)-2HX(XKu9pBM6FbDJs4688gUbQ-DJCV90Vb3E`=Gmqb0je!U}U
z5LPRL$+VNVNlA9daK5=|9`7VVZf8V)xum~P+ntFgv_&}ajMYWS+8X3Ui&z;sa+eU&
zDi(Q}C3UK-<juB|?wyQDxJ^1EN$Q41Dw?$T)Epgla^7A-T<ae!pVhRt951Nnuq|QO
zpc^;SzBLj_XL{R7N}MUFWmjnksyCK3hEr9&8Q;Fd&{mY+0=YIdL|aDrWc}zQWTL%g
z@jU_WwmQWt5-W_UGicPiLC0JS&%?*$?n+mF2unha`&NX9MXlA2aY;f3?@Hj2GDgiu
zN`b3qkuhRk^nAO!LGkf)Y8-Uvy9B!R3-|nI=Girq@CwaA*~5Hrqx5*+36H*pqZqzQ
zMUJzR&O(_Z1-{hOdgpEdo5!Cr!tTJj5&0q@l`|-bomW2ABb6R@P8A`A(N;U268R(P
zQ3#kdbd((#5cCsp$4L(M>_|x->Mj%tttolo32^j^|MPlmoclZvJtvo<`6cNU@pMR+
zZ_PrO#9C*}@G_zztBc>`A9H~Ra*zJp?ti>?_@A(k?WI`iInqi&f2a@h>rY*-A5IOv
zvV8aELWgtN55c00A1=p!uLYLe*r)YWN2+z_^j5cX;Sat79xQ=GYrgG5zxKNHPvCer
zVvoI_v2INwGD}#_qZl4jxxvW6{C&(QJV>o;T&w$ZqNHT`^HRkXq30;Rk|2lzSftve
z4^F6|g598%fp-Bz+O?fU2&Fd$uR%g~3wf52A?qyA0l*3Ke?DG+o8!JJ;R^=k*Qp?k
zx_*aReuutoYBLIkLiUHA*P)vwtR?q22A?+8(`Q`0H<kz&CH8vskK<_$pzZ^G32Rm@
zc!C2GcjpjRiO2Cx9CL$!(U^XO6pv|)+@g_M7vY>@W7qPaZ{LmLDo5?C<iIByc^eG*
zQ?)kTnU!7j{nGTy0nwXNR8N#)`-3;LKLMv^q&7Ie5^iDK(rL{c0q+F(pUTd@i(h+a
zhTFr7i6f=k_H8>4gC3-F>@?U5YWch#@uoBS7ZD3B<J@I4)au8iPFPlYIx*r>O_wZY
zJa&-6Zq%2tcB!kUR@=J-Q=_OhCVSpg)IxGqB1PCt79QU(NjEb|T1D8e@CsMnrgMV)
z1xorJzZ()yJYk%f?a+KfpU#s<ejc1QjFTZPHF+GPVHwn=o?elUuXQ*=r<U;rvT;Xa
z+M9{Yq0SDvj0(&pW&XGIY#<>bwdiG0=CBdpg+gBjB5x2YAuh`*Br2#qfzb^1v2GWw
zM!rS$d5LN%!RA(K9!f~HZDG$eTB>d`)QuRaKDpg5%wyBsn<b}C`s(&#MH{Aku|^kL
z&$fEoYGk*tBJtlIelD=iW}|Jl8tFa9H8@3KM8Ul_?%tOqs8np;*}Xxgb;6b<vIfjI
z>=edaf+EN;RoA3f&xypYjd}WbIAEu^;`DghEY7!FKF6(-Yhp@e$xh8Ah~g7pX}5=5
zqH)RX4cOH6KhMXs_HQ(abomQ($=NH*^CVTb>rfy<{tit;C9hD`ir5ONU{KkkbY$gv
z7%nbKSjg<7!Doth7|#E2K!v?%zZ8d{zx?a%e4Lh<^OAv#$DA@ON=!D>AYxzFaJlyf
zKczI_66kCm|LoUf=G&Y>QW(Cc77^XWTtaDM?mn-n1PZ$%Z4oqBDO;4}m6{g8b|yfA
zv<<~nFl>3rD@xzo9Bwm5R?=8T9KEfJF9XY4rlj-W3A&B3<7tUWr_&ZCCgPAf5L$B^
zHvgK#v`HKBtPHJtG`pjVaP97wCccq}>j}2_`PqR?KIPt99&jT_zGZ+XXuj*2Dn^$5
z2m0oLtn%OSLMBjk2Y#%F68{&_$dU@o)&DMM?-ztzbH+tj{Uv|YQ}}zU|Aq1a_U<@_
zA7bel<YD<A!dRVZB`LUh^Yh4)FHv&bt3LsF?7qVS>A;`s*>1lu^3W%d-{n&ois@3V
zjkwRB#V^>%G55?hY>1BXVe|ORZ5m$*j?(X!J5ov~FVO>;0nUAuHt0@21Ms9SvcZ}_
zDIFouRsaWG3~c<YY!j(lX4he(k&@RA7!LKqDs9+0=fDKFCC@C0T!o*2;k$swnz8~#
zAlo<J^D{QbQ>~T^0LP>MJedFD@IWb35WntZ=vk(p75)C&>R<9rZsMQY{m<7xf!;f%
z)Z1K(7gK<$Pj*L9>V(f}=*1L-NkC|J(5S#iZ7sDsA6X2iKVMP)y~c3+MQbRO{=3)<
zv!7Mt85)>3l6aoed@r=>&$EJbBrBRJ0=ozl-;$Enxoc?-<17&Y-$K!6Uh4M0ZH^ua
zwve?=xCbmO@@+WBU23AwDf!qzjBPI8)D}}EB*kp&f#$nV`FTS$7qa{!i|GS&GhM<V
zTf5@6k0h$T%TL+w6Z{P$_a|U!Vsm0F)dXbu=6+{PA;(F<ic0--OYIjqk=B!f&w~eq
zh#8iy*NsL89Lej5$R6W64Na+pUFp^)KOpuANj@syo;@<oNOpP)BW`{w(^u)LgL%cQ
znqVcb)h#G)#SO7tHa9EGz9ZOr=1CE=+o_RxkmNBVkYT4f%giPHdiezD0fP$Z661XL
zd(E<7!jbYErJQAy{Mk8}HhB60#IPWdDdhS+xdy!0$B^S6-_i;2Na^t}w6|@xhoQai
zIiwzKdQ3#+$$g#Ng&|Q2?T?+e_INruWLS3?m{N*?$kQdNzh+_#cU-Vwi|+-GUZ4I{
zs21*Gitfg`&xM@gn}tZ>#66%<S|-JyQ}~v|JK9X+h8=C7W2*GMRSB`HR-IW2eEpz3
zU!7gFV#I}Er57>hHmxCeUSA`cntL?L|FI)cCX~flZ$?zrDTMFYr!&2nw2yIh!-avd
zP#s12{$*bn4)pDGem3v*j&O!UnV4KagMFCOiHkik>UCnQPO6qf?frG9U1LS+@CHuh
z_4`zVT@{HQepNmQ0{$ItXb`AUWBH5=oYw9I0N`%@!Sc*Bc_1In*Z=Vawr&oZUjy9i
zyZSX&`$SN_4-jExW_g0V()cvrpfv!S`b1H^K<y}tQgwxo;{fmHDYa9O;9DY_R_ItE
zp2qL?L|<<g15RqDoxVg=RUGWZ8xwWp)z9J%f5pj?z(-|OqL<7l#%;GQ_|^Sm9(1zn
z?jOYbuay2+fd+pZ>Lq--#S5Nln5enM1>^~4Kl>V<@3r%Y|M%KL%`eLTtY#}AVq`5x
z8sv>iC|>g;o@T#Gw?D>#T&4#uw5Pka)a#bf^AObDCOh*Hi?WFce2n%Nsmhz)z-4On
z(6;Baynvj%0sMoRkgpZ&RVMIEi@#q(i%o+(Y9ik$cmY=|Mn6GXfb{rqaB%Py78cP=
z9(@<B;McsZQIMS(HzBF9ECkucPOJ~mt3@Bo9w9raT%J{Fs<+(TjE049cNR(`84aL%
zn&;s@dMw*kU?-%`@M;F>0sm+(fmNRL<+{ylf}i?Lkdq3J-F6)tk{i6lq;@&}+?3X2
zR@%BHO2*NK>G4;h=Yhjeof`nQKPK&PU*Xd$2gW%)B?CO%b>r|OE?9_9RmkY@lJc-u
z2`c0*;IF*!x3_1iXjfYg&tR8LieESVak^2I0d!q0d^aKa)W25pYz>n?^x+(8(z1dl
zYFc01vH(b2AEXxMtD%RIVmRc}nU;o!C#XL@N4vVj%VZCEx!qRgP&+#6D9<iABA=D`
zf|#kO?;$5WD3F1s=+(JkK>lm^@?qO-zk0rI7XKJRt=do)t8fgaN;fBb)Z}^mJ#iKe
zOF~*p_y{e@xX$_&*Mj%u4}0UAw|)WuWPE-8dnbJQI*`4fNfeyE_f+lXsAvVe4o8+7
z?X_J-^ms#k?B4WP(Z85sy;9n)j%8`56tBg<Nc6e+$k3n%^{8gUDQ)y64l)6UPjEB^
zr<1CZimYqqyJ#k@e&9pPLus<07uM&*MWkxTt=d8ukDL7*2o<A#UvhRBrzqWrw@LX6
z2j?mY8+X!?W{gCw``vVXf|1x4<2ZOvS(3l#?J~+*R1V)Hp5pCPtV+weS?y}pgz;CM
zt8RGwPI$8=!*WrXhnzPhy$BM5n?X#!9nU`1!8mtd{yO-HF~&2O2lqfsMMgq^4|3~e
z^q4G19S&+wl&@Ko>z<e4lM3Z&w0`&Tgddb4Aio#hq=lx7;_^Ow<l>7mv#-lShf9AT
zl)4R@TX>IS8EJ`+m2r`H;d#deD?w(yHv4h@UL9>W_<MRyZ7*&KdNGl@Z<2`hB=*t#
zE{|$w2G>|Mlsd^y+ypQy|ALS|(%+~A^GymZ#abbu#>9cqZFO)`+8d~WcYbF)|NSt^
zrIiqHEi$@|on00ZeuL^beH3FEZSk%2knR>YO&J3+f)oKqpp9i7N|I0BNhV|SPZG2q
z&9uQC@?d)DVUzqo+oD_rYT5gWSQN@kzih;Gs^<MOi(bh=fs31^KcrgB*xBO*KA#z6
ze>dGGq%M(tqP1%57#Cu-`pI`2?bM6o^=6HQoA<X%CTgw7J1NU^qJI3z=B0U71b7%{
zs`w@T`UH@EhvwZ1wk29t+EDL6>VSP4)ch91%6cX(y{nd9#=NZ3>Zjux$YDt?V!+wD
zZYtTm8`B*kAX8&oB5KqUD1xo_NtK`;%ETO!4vPUU)zT%Z!61+rBcc}d?xbuKjo1NP
zt^fzb@Qsg0rXTmt;^v>Sg3#PHCfbycFf1jpcl42TGPKg=6X(L{Pk{K2>18*IoNfX2
zPJe-Jk6`9&t7qz6DqRI_@ncnqA1UVBYU?^e)<fu0ELm;BbYizfZv?e&+W9<F%N;pX
z``P6J4VNUZHswkt1z!OO-uQz{f0h0w6(ufoM)#k1(i~ubGfLE3qoPwz9$5=C7vEC|
zC~UCuqM2U*3D6MiPwq+Ub$C<x70xkenriNzZjTad?4W!2!un}_Xo&)JW{s~|z3QGu
zs;>jPWYiq#sD*c)OI%B}sv?`6WxOajICK=))!6J`=*{^9rM2GW**?C@k$n6KjsQ<;
zs~YHP2<n?(uosqagSpMfb~Pal_%Txm<HES3%w_!?OX(j!>?H%ZqO?uizJ@DI3Kyax
z3lKz8kHk;jpe7rINi`ssqOWw=r_`l%j_BQ}1|Ch?0NJ29P0wY($UG}aauJ+|8pX=O
z;WD}1WyTqg@~05v*wX&9J>Lb-KkaeYt{0DBE8&c^c%YB7sd_~Wx_T#lyq-#Ei?Wz<
z+peoiE^cY}BNt|O0gnHZ7sb9h9|;YzFq1`uDZFMrz{#5yncq2Yr0&N(-sxNS=s<Ai
zVi#WBQ8Mf=cA#Z92D90}w7dV`GXG2!qk`c)apokTqSNG0!1dRjI={<}G>U2pQ@GdT
zfueE#7ts!{H~s0ZYmxk)wsjLyI_BIJjVw8&X?b_=JKm9$>5`|s)pQ>eAMip&)Ya2~
zEA;n;k<Gppr{Yw2T+J&mEm7r@X|KOXR3Rdz{b)oped^B0B3KIJXD~2(hrM*Z3HD@A
zC*nRVk*BAWyX*GRT;=tAQ&SwDZmG!_Myh8x$*}yIO|%@5MPjY_^W_w$lMMATHr|p0
z@#ICd!Ud6j+hJ&5e*L8yk0(H{0$nd`EEHO`3AXxC>{^F&ZEkIB9`updnC7cvORW@Q
z8g)asN<><Or=&+|=o=X-^J$BCT9w~;?kmiIp=@f;=#W)(HuJ?F#FW2R?%Y?|@S3JP
zYNDX`M1+nyQimd$1m<=1oant!<fy~Nl%Pe>2KlwbuvhRe?=8A`;H+qfs7B?C*FAEa
z<g0?UF>6$Eh(@H6WOD&pmPIM3&M1tTMbwh?b&U{AZLB&y`t1@(w4i#Fg7PDxR|*Ni
z({~{&+vDhEU%w~Pq$rRD>n&*`A9g8D_tvK^CV?G*3u}KMBF6)u1-n{dY={_$EUp<f
zgd=Yhu#GW2T)334-Q17nkawfO!fLdm_AY+DJVB}|!JLm8hW1$1PH>Jer$QSyU5$iR
zuS4V^Q0;?%QTSW@_4pKQ>w<3TNt?1Is&K!~9r;VXBoF?h_y3*JAGSQnKhzl|uO#!c
zH}+JwO4Vkg!}o0+vpng~7Vi4}UR@-O{Gxa_(yu4$C&0QkC~l_9JD>0;xmaQ3%dK>o
z#Y$`DgKiHh4@AjsF)M247)Fl8-&il&H~lBDL;P%R3*1j@xBmft5fI9+?@8M3hJ`Ps
zGjI?~d@cRQrwQ<f2uLH;Se{$+1$v=g-YWA8c#3nPq@*br%ytr$n5lKo<sukmsitYH
z>49)bi|$tZGVFFd-?{QL5<2VLDsbe(5r_9R$w9QoF3IDh%*nH5=BA8ZBo+jw?%jD(
z+2+(YZ(lVrZ{y~uy~Bl06it7Rr;7Tv6tWtJr+2&HNkDhH*TQBF4D>+F%ArS3&;0YX
zxfx0G??^@efwonjB%64sbLAlZ{mzy9QFAuj>z+h^3i4eYur-0>6;24f%Vj{mxgoXX
z9S;Fy``W1fX_o&sfpS1Pd@*!T#!H{~Pv&yy`Xl9ue#F3CXH`VpQh>=}J3M>xw`7<8
zWywiS+rW*p->GG|VPm-`S{Hl`Vd1iTk2Aw8+20Nbtp|tf>h?H=*&JU4y9rkApqhvE
zIh0ti4|qb=)Q{O$N{FKQ)1qn(hmb=lMyglkaw9HmMm@N2Hq^-&8+wS6!=~UD<kVm(
zGHm4SFVrp@k=6NO2J-3?!QoSoc1AL@{35(G;U0wLW9d5cP_QSd#<Ht!R!NL=PJ;(y
zlQb~+c|&aQBx;5AwzMaP-M*u@PHA0N5{XtpmHY(c(mDtSx*hjJ{T8JugC(qP5N^9>
zOj}e**lW?Cak^AqpLZP&Bzv*nzZGRnbrv|gp0b1~Ry2AZe6do|l$bBg8)r#0C%PI@
z5@RP#Ra->!a<!oLo*g$wMh3I|=u~R!w)k8MD{oB9BlHH!xFXsWIHQ=Xt#>s>q1<}j
zJkI@c;W{^!1XnG@KDBsK@g_DzH`d3rV;(ofZgPrZ>`~OCq(Xii(BSsHU{TuVt8Zz|
zW)_{~=X~z<?Q}YGwaakby1dHwnYuvP$992{CpE;lP9W^`X8E-6H;lEih!Jd9%ah#N
zE%%3lld2hb8g;_==DAR|W><r;2Du3}9wKWP>Umil#BxpBqcqE+U6v8zXgG(A$e6HU
z>mXe=lGRHq@j-!FVNQOjYQD~vKLIxJb4eAZY!x6#vDH*zEv#ujkgXM}6QePGu<0Q7
zCtz|^t!h>M$H$GywI&Cw)u}nJQ*9Af!Z_;;iaQMSjWr*48@!}mjbyT}FWh&+)15jV
zRR$aM5%9Z8jd?V$d5h`!3k7Q#DP8<nJh`h&$yT8mqiLT6LFniEWHx0B9fB71XqyLq
zB&)b0(V&ukDk-(kuQe@_f2UtyDYkzS;*(kXsWh7{^)jBC33YFbWp<&0OMRk0tj67O
zKH;>~Yi6Yhesp0Z&vG9(nA0<!|F+uy#g;HIN;>m@UXw=tqWe^Pe(U!wqMJnGqo#WL
zJtx!OHxYKCuGcmZ$Zxi1)N}d}y{Wo;F&D>J*J~L?<0W1^CHJp6=ZLeZI69#ZDJ*(;
z_GJduut%C9J$HznR2s!h_oR<4jbgeyu~f4=6JuVKi>e)=4nwaiwz212Ibz^_|2MVP
zU+3b#+vSFfS(+=Oth-k`)qd)zCUaZ#oJW6&=9^fZ8onth9H?LjYK*2vkwHaqOly3o
z3BDopqI8L}e*JifmB`3M%#*PX@jXI`*7sYx(3c7-i>p|Alapg!*VUr)!}{uwGxhEG
zS=TB<!>@}k1y@5)eN~)pksgL|z!V1AQ798EM$NHE8FWdL=26-a^{j;~)%WJ)DOhLt
zD?TpUg!~x`Rf+5Q28-Qvi<mG{VQufaB!L1~$Sp8_&Y}C{lM>%OF*Y@0zL(E+r3~mx
zwUF`I+4?l9LeH&8|6Q{Up0D~IQ#IB$bw1rF$Oi%TvpHweti+K;QR~K*+Qug>B8&Ew
z`n-aaVe3^P#42L7H9)E89#%4m*3q7j?&FilhaMlPsN_B~CX}pth-k=blUZ=pH<N-v
zJK4q0+HA}`hN5r<Y#`Uq{CmiBf$s4G(0fdRj{`n+bT<NvGHVUzE6m@CQ#UR1+GI0p
ztbYQGu2+5a=#`Jmr%L2gG2&@$n6m4fG>9afnVVNi<*cmq)#WptD}y2pJjM9R4-e;&
zegi)NFN}M#-7Q+i^*U`3+`4jTezt_1x|X!q_%c$e^%PG)<5B!G?JSFpfU2*~TwDba
z89t>#@&Zpj<b*38CWzKwD0B2;yGpqxY;V#FeLvCCU>ArAh;BrzxXx>)8WH3Y6?WR2
z4T`Io9{M_1*^W2ap;mo+!I@&=yE25?3mGX=!$_TCX!rFOTgVGl3Z!a%-=VX81@p7T
z7s}y{4XDdfi+xVTOhfOxjFp==s5j?C94PN9_*s&?6M1Jr%diUU`+h^GqUIcy=O6iC
z2w0S8QS8^)Y1)zd9w}LIV+H3?x@=>yDLclU*mYT-{vN_SOsh<&{%A|RZ>h2lD`Hyx
zt8Rw<mK-NxyZbpLd3iYJh_b=!_s~J*?e-|1lY_~7_qbu5=(D$N{WA{YjIZyh%uUxS
zacw_|zLU_CFkCqkN4Yo;j0Yh_`@2uMhuR0*+(HeB*BiDK<{T-#sS0aIz|uv*+5NIp
zoQDTF9C#WZRK7TM$hg)*A}-CL)LtkrBm0ZegolUzZL9PC5R6nzK)7*gBsaJ-eatFE
zjVwAov1108wKi<=EU^|@!BF$lTje9Sv*J%XK8;)xZr}0G`;qV%VfV72%tv09Lr}|~
zI0H}Fdl-17Ly-mRM|W4uuNd)tUF_6)pU^^89L$1Te>59t{oZ<c`lRkba(;uW!P1fR
zzaqhZJU{qPPBBb&|73;@^9*!U_!6<aSmOQRjD!5XvgY&<<0nAj(4Xt7Bfsp;$L0)5
z9X@=UuNu0;iilAP-?ASz9ql8Pz4SEs?Ud*~1)2T==X&+{Ue5B?_!A2R#ng)1G=npG
zIHWO27G*~(^HNWuV;dm!HB0q3`%xDJSnt}Mv8K`BJqL^xI1Pg?ld_Fud%TiNfd~&+
z#9NksuJZ8p_Z!tovdqjO_DFF7)t@GS-4MPJcK-5@Y6KT0+@oR}w*pxv@{HwIzpIwo
zARze7$x;7H&o?`R-Y8Q#jY{30_N*!3H}_H``nd+@W)Tp~^6_!Aah|mto%rO(Gv7j1
z-&Wk{sz{hT%8Tm4Z|+Ck*VdqHL>nI8GGHhRE1G-irY{xJE$jMs*;m96!6F|iI-9|H
z=mdMyS&zz(R$|f}CH}Pfr52x`fREtU?>y<Q(FUkh#bLC|<af#C2es$ks+vw1dDz&5
z!HRWjF?^&ptj_&SQd+7NeFR-PK$shD^BwjVnfrdq@D-yi^n6;u%e45E2TTbWwL*D1
z<}yA+UJ4LycJ<*(u(<5HadB0G_nF%bSogy{_l`un@hn1sXGeq(wZW;Ht|*kL-u-P4
z%&y=Ax5Sef7Ni<fALrps?W_38o`+k(88wioeZ^zr7I{Ubby9w&U>idVe+Tk|1+K4t
z_$Ky*%MQj_fha?OeNH9g$3FKJ4tiy37mwO&zQTC~(lTpDX%?sAJDp5K{FUI|9I&x4
zS*ai=oaW)n7LCyz<%#U1FE<y!&^rE!$Cpm6<+qP{<_OptoYr~3>?CRas`uVOiO;i_
z6j$PWI2gS~%=kh}35avclLul$JrbATy45@iX6;ESYc5jer*KofI(hIF>QhhCB>xdr
z!HMj1k*^lZnq?=PrzbZZjglt$F8XVgyWQwC%Ya0Q_{TI^dH8H^H*t=YL3^N{)s;4W
zfriI7E0-FHK;Kmn^KPjpITtSbn-VRGgm;sp6a|ImA3cU@Q!=uEXXE^mblm4b_>{|U
zs3a-_h{w)&ye3E6WOe``3coM0|6a8?MDkcGR!AnR1jx3suCW=x=8<6ep8X}UeOT5o
z%k)k;yux9A-a6Xd98Z^jU0Cb&h|-l$aw?4e5u+*+<z<^c<p+~hTL{+q^2NheQ%Ua1
z^Y2^*_QNw0;LF*Z6W_^i4l6d<-xhb=BzYxEo>IK~5z0`PldwAR1Xtjj0yBA?KW5;k
zDGov9x8)8CJ6+5JDRQ%Vm+2Ks*5P8E+)(W3JbuSxV#p8+?qNf{<dZ5q`WA$m(3rbF
zI?`uhSn4F9FCdepd;2{K^%JmHP<LlzPixQU#SgCbn`o&}79@(ZsLctJ6FAIaXc8Cl
zjwSRSX{^|<fnu=3HgV@(L$K&rm6}P9<POZ|kyZqgnXG5FjX*HTL^VFQx6Pg2*auvR
zA6{qR>P*1}M<2Ls%ej+Z`bEcRclMg1oj61+i-}ne@fipd3ITyjr=V&}4|(x>)<;Pr
zxCbFW0R`Q6D3==)OxRz%DZQ`=S7=2{hz-gwv)2!$q{N(%_FG)YdlVY(A4(wKF*xF}
zh!o}JytuCZtm-E~z?df3>i!^4I|T||=l31lHOWp$m5g6gdp_*s@IJ_m%?w+<T^+{>
zsxRN1;;?b31Wi7;`y!abUq=N5@%I;@)=IWej9$5as%k(6m*sWj%sFNFO=Z-H@0$>W
z)OH27VpSgQs>dF?--shEO!?R#3>SnT_>X(zK)J;zYKDfeV`7<d=h-K*{18V|a2^}$
zSPYu#4Zgmr9!niUg{A7d^~3qbd8q{~C2roXv!XRmoh#mlrHF?-dQmbYx+=Rc(<@B4
z?sS#liwsV>bkB6V@oBioO7y%B>--%Fg>T_}Irren4}_!5G<8H$Vf|h$btYHc&Ma)P
z8(qdnn}qW{<7(ji2{<|H@%ouj7qx){3bQOY*DUF1Y1eQ*C<{q{s<=jt<;F(`S$@EZ
z^!s@)Da)<PWt>ya`s#JE8RhWfLikt$oJLwy65EV@wu|26?9FF|B(~tpa{#EdB@VQb
zf+!ihC^ZO?p%GR=Hi+m#gIVi3gPG0?=|gL>;;g8%!!RrqsRITTaI7zZrr2K*)Dx6b
zXP-=He7wG6>HK-rQ|iteXAOnsxs_XM(ak$2x>(Qx=TXV`%u{vMlG~<TtloT6bg^=g
zw*`%jTeqVuvoCadqU=#w7Z;8E*%wL|gv$IU?~Y^<fH?TYZx3VPxx+j=`@e{>Hh2xQ
zP-_*T{Qx6(DGqn4LV%)y-}oU@j1m93fwrg&?ATW1G9m(j@~PTMWk6#IQeot)h<uFs
zPr#uDqh8jjSTG&pEe{#Zr)#W^esP@(sNp+6R3KQV1`W9;Ewg#V4J<{CE<((D>n;tR
z#TbfI`J6Q6IyKKK%0}ycp<QcI$$0|4Yw&o050TvE39tMKP>YoK)c+Fz9TKZu+Bh$>
z*<dul_`EQ&tpqYV>~7yOxFLaiQd$#{#k3w(y+v?d6iKzLF<Y@^FJtE(RCK<)8Qsj-
zW!=v9qxr#6941)mpgeE_W8Ur*u8WIEBoU=q<!P-gXSQV-2^sFNU`dkuGmEMQ;D%((
zsT;m?Lp9i=+!>{`+HZMdwCenE2N-g&@I|mjtxccYsv+5~SccVZGgBQ;Q@ofG(p&|v
zHC8)*JLBZGwOxp8l5&bMF1mvdQBWFBerdh+kXlDyrd#bsy(ZI(bt1~v`d@yu=7?)8
zbtzL|$OGlo^6f*vZgyW@b0LIPo+pl5ZksKqQB%!Q(CUXn7HZ1OM6<`uwmriSjtL#q
zw{j*cWwD)cJrk+0Bojd?g~5=>y=nNZ*0gi>qDPvC^*U8yHZ4A%uURLWZe$O+H;inf
z8m=`5v*WtO;@9JopTd+zOXQfF&KQi_j)18)QhD$o7lxvtvplbzu~-b@)>o{wYm^I3
zBc+H2%(3|R6Cg>cWM-WnmQTh=loFS9#7?c(7>uGhPhjSgPAL|V+I1oPFG9zk?IiU)
zp4YIiR;|{b7ayila8LHbUz!UH+Ik}PLwqH_Y}fTY<*JR*7FZ$8SFy}DfRWt0ipbQW
zZiCL^3*T+VYc!NsCaG>uYSK&7TiOJTRZ_jeXN7F!6-U|6W`1={|HPD9d@N;;fZWaL
zoh`T#G(=XU0plk8w_rAqHra8TiVSfGxKq`lx{dwpv%@VhwT&C^XcI#w6W2ku-3yoB
zW?rhu5$9IVzfw4|YOY@=!&ICR^|jOG!^|(IxGlDl_zcO)J4t(lvQB?MW>(9!cUmD_
zj2;!p+4g$dc{4DGI^`=;V@`5yy`J2F%Xq5riX8=s@@6-(m0wq=&O&jRDSD=kwjDcY
z0aQ4z)bwYy;qRO3zghl6oBLnjoQAT3aN+;CKX)Aw(L=G^!iW%ku``$R_9GX|r`Ru9
ziXG^Z;N<Zi@0qdT@4P(D4QG3vXOlTe*%Q&#m8L6{hS5bf0SDMRbAhVQ{{{8`y)puL
zRDwT~;Ow+89me*h;>r<@`ibF?FIGg{q8eYVnJA?kpkBji0O2S>-Y)Yezj=P3v)_8%
zZC|@>YfsR~Gf)H;wL}&I9Bz3MLeJFg5PeLA(g<m!56`KY*DbCT#u|XdhKwEDf9P*x
z-WK1Rn>eW|8|MGiQNYSAEh{RjD9g`!;m!64DSl*455G|17lfs#aN9GC+I<7!Y_RjF
z>z~y{>n*8uRt=WaDSfxglT}9SiikJ15nNv>KSZZEX)OpH7ko?Tv*K@E(O503I!z)9
z<>@gpQqy<|uqwcx9WdWpvq_cu&`h0pDU#TMCrRbO`T!14=zav71?N&q-#xaDrfYzF
zjKpwPDvnZ0*WVz2bTK&(2m==4@iADCg=r_vXfp^|id)#<P0ftT@>T%MdBbd@R+b|d
z-t>D$6)lf0zWW!G_8<A+zubGZUO|k=^_7?SyGJVo)iGz}GFcFRay|*7NPPL#)KptD
zqjn_Gb&#E%jV8B+hSV4C$8nAnsG{Hz=8xVfhqwk=cbSUJK*KmKjc(M(npup}zo{J?
zzgxZ~!!_5yqRv<C+BxCnAp0E#tL#mA6$G-8Pe3oFZe~4+J3O!vYEa?Or6;BAggdNM
zD;)H|NoihZT2qJ^U{rA~Nxp95lM@{?*Is%jh56+W7be6&P>`jA0O5|8e*(0f!v^}g
zev7V%!`VMvO*aU;d(%%eSH_x{Vd1i+w-W2iojF2noJ2cgQw)}H-xNj9=b=H@Xl$Pc
zRx;e5qFXW4aTT-cI-JRJ)eD_F$I}+HICSlpAcoM6Zk|v(QH+FBKiqO&_ja>%6g~bO
z)|KR~@`G`!sGbVWQ*UZ&dhe~oJIrm95I!-_y=g%=#J(KiS=?5*e44Dx2g5l{YfUVS
zUnXpy9n*oJo73_SYKKA4l+d{J<cx<~dd973hV#+iDgD3f#8yJ?&G);Kiyxo7By)n<
zz*MLooxJqHfAT0sC9l<{c4ue&gCCJYGDT}O-+jHf4~xPlp6LwKgDiA(Z_Blr)m2ce
z(#8yCoRvl!H(!4MHn&GtqEy|#hj?v%VC|7D|DnV0kV1eMl@89#@`O1R2{I+vOAo^x
ziZ8%<YsOVjNS~C|=Y`rL+hXYJNn?JgCW9)noAWfKl+s|QX>fwg3HM=#^|85%ke3ZI
zMPKzFNQoahu19xDQn{9s-)a#-)@#Xl*kR&P<_r>I>sZZyFz?@Uy!&phZY#N4y<W<|
z4@lI3;TkG9<!7B}GNjVppyirfiZ>>BebZ8m5Igzp-SpS?rSIarETS%BRVSKhNC&Lk
zAhF9ssYFcpi*OIwu#x77GH}JbSuXNDJry5#GQA^I&_XXQ-mWc<Qzf^ferHf_!*Wa4
zjs5-yX#b<Mp>20VLu1o?%FVUM;Ao!W7!2i{mrqLIr}PXfRNcB)8ntjzWV8z^x0)KT
z6W|`rFxEu#V~zTKs4OUV^FHf&UnPi)V-L#ex^cDyM;TF}2R;=n+v)@I^tZ3E8iz|p
z;foeN?OZh*=i4`lyfqfS;23oNw-x-~ZIe1hMiT{s(5eA?0jBGQKNL{5r>=fZ4Pi&=
zI|-$R=*YXg$0&B^c9xkuPJ<z21y0@1GmbIDFSI_K^LMkxPboF!y!90plltDYO8COA
zs)lxW&9GRHlVZh6_9$Xo8A#v5y}eMF6&7k_eZ<iov6%1Kk$BBcE*Qcf0D;y+Myje{
z<5V?VxW9sfCr%5$iKB`np{fgYWo?-FYal#DzPGsLZo9gU1z}aIT_qQKpDEJP79|zw
z7Si;m1zHQ^YWH*LlCGC!?W(l6d3fkjo6DZnqOPF&adv2ro7W_@B(A9-Le$l?JP#IL
z;*M-Ugc*eJElkRepus8-1Ug4tt`NhCtjJQcZ*jK>xS31FYS;MqzIkH`Qbngz#f}H(
zDxZNGb|i54i4;@MF|9>M2Xpc?=wE-B`8@01Dc}HFq35A_*HUcMk6}TlWd>{@<t->6
zu|%K@iC_BgaO>e0Ax<`sBHJ$K2=s*!LOxnOQ15t+aM1IIUpzd_lo_Z>!Lb#|_N5fY
zy5|JB#rHBcGJgqA%UhL!s1~=xTRs#uthBK=Xe?Y@SO6`J`t=vn?Yib5JS^&m-d(|o
z=qtV6|4E32Vx@iQeT}rmiHD(j^v|>@gC!E#`%_V{x&!SHerKUz9T#IcT-8A36Lo=s
z&I@tjaSqTB_hH;3y(^n=It60EUFK1hFxpo*XRIM;@vt8`oXU082Lq`M8n0`tkpY?+
zKw%ikOEnm*0k+acFLPZx9Xt`TZ)l=jiyhU$T5iA#V+IRg>v!~~G)yBzG$a$q`ivHW
z+?>-$iQ$M!4YX2>BXXd$e*6$-otk1e{1(<Y^*#35TeXiqKGypYC_q(`M&PBa2T~@j
zH|NoI<++Hr)SBKPMS<_rO51fzo0^g0=T0*q6~f~=QcNA2>EUY~=@Y*6PTD=~WFKb-
zrhy9cEvJ#KV7PqZL^Zz?G?glMM6)>Q;=EmNu>-^1rQ~5;cnq{Z&uD8&aMe)%sl`rs
zYwF!GX}VVL`=5ZSHfS3sxjx<Ug?1^<x`_4eZ_DpLTKq5HPjAW4-H>&Ues^nC==ZzV
z%XjOAf$V!nBIml5bey;u0~*O<z7*$UW(j_?Xf7sa-!7D-#`(>YOW(4SI&t?r5B~Ke
z$e&)CdK@1`aIlgZSiXJ!K(~j#M->qmkerWO$FF-rE5Xai3jmsRi4mvKr6JRfls*#Y
zTL6mw=Yja|Hq?lQH75SJ0T6wNG@$$h5Tj_rC{J2}apm32G&rv#iazC0f}}1RxYnIM
z1ls2z<0A$fM#m%l`rTY-0e7(r6C-^o(Av9z6Q!8iRnofaZDzjo(Pu0_0o^<24~ZV`
zYw@flPXT?G!EwmO;?z%P0H|1VR|hNWMe$2)+A5fr!K7_zoOFZC<5d8T6t%n@(Hgx7
zjRblwLcDyID5IiFac264&|h*|YvtI^RS2|2MXUfclz)!XZk1EmU=cEb^7K;#;_;bG
z4xcy<i~UDA=g;5!FXyAiPL@Jy`Y6mQFy{9#M8n}#re43Q;#P*S$Tg8<zU;0a5y{!K
zUPFV*N7Tv<ks0S!{Lsv7#c*UfvO0?&T-_O#Sx{_5*<qlY4t?b*bg<5vJzfJ*RYT>q
z=c^Z84KLp}wU6_1MA1k^x0(Ik?MhsdNTkoXd`|8dW?D%!>b;WegA%dw;H*o%T9C?a
zY`#;)G3z{fZkon!_gaJfG=>QrjPYR2h#r#wuJ`H&zS4fv>DccBcJ#ssj~pJ1SdEtr
zwnL^Q@K;tQoNtYgCq+dw{5}M)8Xc8;!EssPq^n^@dQk1jr`<v@9|UB)aC`dtc7UXZ
z*0#lskPJtbs%l93#2Urv$qGdiBb?%esghUZ8G)Fo!O=hLoCrRKt3I=(w)s!ywePg=
zbzA4l9f}e5uCC>e30pNRWhe?=N$@=;Y`!sQl_2HkMO3e%$5qe-Mrj;ihkVYGo*{8*
zH)p$-MBFy0p<ZXH|ITOmnsbg6);Qwpoo|~wB?6dxiaIHo9;e*&eez(w+Hbh_$U;Pv
zS&TvWp)LkH`!(4u%NoKoE85gQy1alg$7%Cf?})FK`xzvfECiRKuqKbyWMXl&s9D$O
zVUvi6$KQH+h^T^ga&KD->Hb&tYasd=b7Po}7S49vYI)xa(&?DH25zpBXmc-0IA4MT
zeB$G|CC8+wQ8{=L@CF1e=TDvY<pP65DVhgTR4rs;D|4($3@Un33yqspMQ-_#R^Kes
zjN@dpX5AZ_2e}V62S{0#+nbhGIbdGBB*J2o#MKnfxtOg^WU)%f6li983~E!!W#4xE
zW<71ATr#}h$#Z|bL2c8jxP35Ezp!^^qPUpiBxI)t4WaMLU%@GtVr-}roBUgiabLSx
zFhRFLc@fx36qsCw(QipbhJ>n!)<8dDXXHJtw-E^M6?k5sTTekn4U>3Lq-eioYjWgK
z9(i{&@*Q1#iIo_$1?RT<lMLYvR=#d+_7=Gcegr8(N`txPnxo=={OY@A?U(rRTQ0r!
zRYdeuO>ctJNHKO?clJq)th`RF*qv|NH|lL-zmDAD)@j}-AGX;l@>dd?=RM%l9~D(U
zV&m#CLU?&GyPeN3u0U-5!V}vvQxc_J&!X*0s!xigR6j>)f36p~yS=z)bM4s-<SFHq
z$q21{F-yWYOh&ut$Nh<!m*{$wWxUys^)=ed0w>{dv2d#5$tSM{yg4-E6r(X$2rvh3
zXCY#FzMalGk(wS=#DdT{IF?rB%su=A$Y%naG>H`&xb3}bvi71f@OYadmczJ6B7DW9
zV8C`s-h1E#F|o`e0p4B2arxR)$Lp9M5}h_jjjLo$(n;j~m|_#*U5In-2{t?YCWiXa
zcJv)g7*Vg&oDS>Y0Htf-otG8Yly*`jk9I4|gAMrCk!BE12C{M$CY`P~&aK%xcIdRJ
zouP5-o>;^ZPVVNLs2Fz(G+BH7|7q_%z?xjPy>Zm-R#Dgn3@A<M(xnp+QAj|#fh2U0
z&_k0@R6w!NdoLk?gqnmRT|!fO4N^i!1nEtbq9Emq`<`>p-sj%)d}rUg&;5V@@AG}~
zJehainRh0WHEY(aS?jmp9;o3)eMp_8q=J0U%HE9lG*&k#*XrXz;0cm~1{Y2={-pUq
zN#{znd->AaoO3<z|H9?|RnqJ+SYVN6Jgmp$-?`~AI8c~+GF6duhlZ-|NK$_B>k}}{
zqzG4pYz8CjD_>rvtx;Zdew&ATO?}4lO0xC|b<JDu`AkDYP%+@`6tpdTLUq!NyVOXE
z6tk*qfxRVD9XKjFNzy>7apZRpjX!Yx>3khGPg*MYI~CB=j+hL(-5wtdsVK}UmH&f^
zlWL{V*vRA<*XZSi5Ashs#c8>r?2mzTNO1*N&l;R0WpDO4jb%IGm>itlg;$4HGZWG3
zW4M!rjR={PW>(&#zrrz->t2+@65J+;Gcxnpb%D|73=J805k2}z7o^=0dq7|Oy<_Vi
zDsmE}vl4(%1LfWQbd}hphNP!bd_<ZvpVqm!L{`V&?Lld6aa@b*4fj)n^J$3p1&b=+
z@V^b;zsP~<Y^1de^abcj?#Kd&ZGWz&Vp(%!-S|3l&uguYc*pl^k&seQ*Q_Q}0GhyM
z=0qX!ZeP}2dRVZd;2M@jCrlv^`ZvBx>J!%pqP29cBzo1(I(iTub~&%(7Zi{>kg!Wg
zd2Y(Orr?y(5D76WT&t}=$JtdPsqf@&T$hz#Q5=G3F;S1j;)Q<}exP9CL3NX^=}r_8
z&%MkcWWFHk0|fx3M5Dwz;!0A0<}paS;x#*wE?Z!8kw|ve+9%d=1=&|x-?$sx2E?@j
zXfcZ~H>UtVmq;|1tS+#jd)Mer)GrD$!m7mWQD^tC1#a;3iUPyX-cukaSaXeo#40u!
z4C@7J5(LMNXb^GB(FutdY<SGw0v;<MG=CdRdbpL?DoO!zyrV2NV(5o;Royoeg*FQv
zr=DC)q6p|dS=LgolCXi7xI<Zj@s4bEyn4dfWyvWKVTBVcy{V-$^Fm%DDTFE**+g)x
zjj7e$I6_Sng@W`4pVRore~Staz`;5rBP@5X4D+(D3qxYo<)}aLzM!iq0pA*Q63AKM
zW3n>np^_4El8gZR0DF4ijtNB9TP+_w42W350?36x8cd0A)?AAaJ9hOY7mr*RdoLQ)
zzCP5B&wNmE_@T7oc7U$)^jcjuIFN9lOEO=~YaD%55Rg0)rE0#LPZHJR8NA&-=&M%8
zN(6OQ?zMxP>oHE@avkjEF<ioD?UDBlJfliQIRa>f9jiOTgLiQJ41y!&U249ml(*^g
zf-9vfAd<Hv4zvOo?S-Rv;hu34NDGst=t-et!@(3PH(e0qdN^=vTV0=bT!F!ifk$d=
zBL6E^FmceBT^iVf626`2l1(<@G>nU};&%nCml`iunLO<1zL+!-yN2u$X9Y5`n6nRP
z{FK||`>dO^oKji3XnM#!qrTX_?KQGeEeU_{cD_v12<RVa0&>C62_j9cQ|WoOF8G+f
zq>L6jdM2Ifx0&ft>j{z?QmMcU)+DaXi3q!=I15HX>IPKfD(tdA%WIWfAP+OP{OmX4
zAhVp8t3W5G{V!Q;`1DDwJ`XiEKKvbg`MdUVRVq55V_FU|ckGu$ooXf>dMo2FPdJ)L
zRUtnZ@Xu~>5q@ZJ%McN`&Nhek79+mZx!YWy9G}}W%ucsl;Aoi*F~M<{qpCM3Hq)Iw
ziZ5&Y!Bo(?3Y=(JaVc(rYps~<k^?ElB3nG}3)XecnW2cDT(*n=A^(E%)A6^VK(4hK
zR7Gc4rvCDc_VP1Ei}}%}iy9OcG-$X16}BiGo)SV&KQt1<(!IJ$wE;IRwrMd~5H^g2
z!C*BB&Peyu&Gn((Sdf7KZG&!;MK}qY|M?n9BF20UQ5RYX@j{_CMS5eU?sqG)eW_m8
zVHO#jqxBNLh#CUBv#i-uDmrs5cbf7fL}ZM))}ki?yO9tWcr*9;sxyOu%sDB83e$xO
zuQn>a;UiPtq|%vezB1>KWb&M3(ygv7e@`^X3JiD2F%TT7v@{Aay9?!=_=3xZgB{s|
zG4QJTvK;%jW&*(F5?~JmEd&?IdJc6pTI>Rl$1Skm>_oQ5?>Md6DjPa5afu_AgXfgF
z^g|xGe@6G0zI123R)P~J5VqD3i(#3M_?s9QU(^|Ixtn6o78DpI$BZ>oN&C{oWM`!S
zlTcQj>9zsr0nEQyGnj_wZ*28{m-<uBBw&@^7VtjiFB898lzJ8mNryef-{QISjb*?K
zC=dL@#R?V}Rv_5KowFP4W4?o`iy>w*cizjNMWM`-BqfCqS+H0=mU?bp?&@A}sR#v#
z&+n9?twWe6fMfI8+q+*A?l4?vewcr0E!Jk}BjmmOJ&#KIDCHKtL7AR61bsZ9Y@Q3m
zPVc8o#71Z%%+AcJ7zm07WegfHQk^6yPv3VHbnU#l{iWF#Y(=$A_$YC2sjpQ-d>!m|
zLtCJ<EP-I$aWf6<A=KR%#;9Q?+FEToB~iirHA6;Sh#}cZpj_U6Pxj?p-j$XRkGH{*
zL-^vLFRW@N?M2M_AI=DNuOX!(5Lr~4A7f|1w|rN6Uc(GzWlkjH>0DB((AA7#PjXV_
zmpo=3;44h^mqbiEay5i@&6>|@zql>q?JkYv;f-t;Ma%5APkf;oA37!JC!X)1=WM(9
zxL7Y&e+Xq9bf#~C*)@RfEoYTUndz2$!v-!D5-<ObJ=>|IebN%os}scmB^L;4-wZDZ
z9SsQ-?_)Z9iH^M@TgV8H8zxN}Fj+I6>9!Qkwki-;WKlKFQ&LWePqLafd}#&oOkh-~
z9`sBFFh+fJs@88EHe)nZ%hvMk)?I!RM%M#INw34fa4+O2z!OCe4gvr>^PAriGg%+A
z-_YHZ8MazoJNwhBQxrYN<;0?)oIJY}(`U=r0=goWTUMMRIAtG7{_31I-k8{!6Pg#_
znW$UIIBlSxy-`E83m&w~R0|OoI)0t1N_8}JhONgy+Ybbj)?O7LgjFRamoh$W8_O-{
z7D^4QL>|!)jbi)Eyb4DjT@CSUU<RlX2o745nHd=q8)c}#Ltu`9z+3CP-E(wzd$Z;4
zU?O9jE;^iC(`J#Jh`4`9aMZ)$mZk@`u|?yd{FfZ2Ke{^%hf}4zSHGPse?foK<ot{0
zl)Uk#a>9;v>+%+Uggi%I`ETF9+)BCg+gg7tO`9!^Hl;mLQre3)12Fd+lvupa8#;AI
z!3TIq`^f4)yMw~enWH1c8~Q8kp+__)Z@iRGaCxz|YVcKH8*6s5$3)PO%ch0h`u$$0
zAYmi_yD<EB_*egY2mc0W@@JsSnOAq%P^{3u$JZG8`DW&7Y~h^^Yr(TG^mDT_B^?hF
z%|E(B;ZVYC>8P|x;FxZppNM3fR7c1|2NtL2w$lX{ixQs|xF?f<qP0KCv@@!mEo^yo
za(+&Kd5%fsOE8r6zI0bkkJ(wrQ_^g~p~00DkHN}{{X@MMS@~&%oCLitkAc~$U2H6O
zjO!!N=<qcBLv=F^+75?1>^I(*@AKS!J3A6O(S-`E?$NY|eAvX^WOmYyM7?U^)yt9F
z&5n5%eMP#*QIC~jhzc>L^OJ~R72N#VnUs`I@nEp(6`J$E8}9!BUrvxXRw$o{vn@=`
zq@CLPNxo0S_1oApu2X{5E`$a{m}=$n!U4+Ss-eqS-bAlFKzAH6C%O4BR*Z#zT?`;_
zC-b(1l#?Qh@hw)*(2?b@!Ptj{>}jLw^8wP(B@Y85UxLWo{h^%k^V5SlDnYWx1-06{
zMKD{MwiZ#HZcVQ|E8>%FryfKn7u!az`2ze`!fhO@5~hs99#Z$v9#H{VGB+r6@Q;Xv
z4L(;E2ax{D@`uTr=V!!?7%tS{vfv$W97VPnvoV<t|6b`!%`e&#?j=JkYoUXF9%%%V
zD5&8BZxl~|)2gR-p=3G{z|@X^5zfcQ^zC~a9VI}#wcZ@G$u+O%2E7-$lmU!hK}-U4
z15xn)l<Kt}D!0;=H`M}&i^_9MeQP@jL5=EY<c|awz70iKid=eh`Sml-*S|$t_~+*b
z4b7j4Z;|Uc<-+)TfEfkbYO>Cf+#?$Gm#yk6uSzka)u2<51a}G^U?9z&TGUCnk7Ns*
z5f)O7QdH1EXukI5#*P%CabmPMX48it4i%ncdA4%Hmnnca*T>d2NDD>MD#^2W$i1UZ
z8EMD=fHD9;f~{;a*HB-G4UXDHdCubF=P0H{k}#|KYi&gk|GLIHph0ie?!*GaiA>1Y
z6g@XbSPpTl`g)k3z_w+L5@QE<!mv^D!@?c|`(9n;<>`{R9Y`r6sMPDlVySZ!KP`%-
z{w&)|=wk5X>3I~%p)XHe!@ftpZn$V&Xkaao&nf;s*q!NuNh3;e2RX@-)?YZFjOzE4
zh8w4JVAe0p$Ta*iP5PN*lrugcN+U`ZY)ccRI0F4pO-7US%z0zEc9v{RxZWK)tMzh6
z*JAs{TX`Z7nXnA?_$G#tz@NhGaHYb;jGr&4DI1utLwd~wt4gM_2}p6_vabQ+AEbKi
zGjvUTzExPWD#eIIjc^N=r{r(Om*;3A>B$Et0k-qV?l-FsSg9SWPSpMOg(Lt>Xu2fd
zl*)W<=L&I}6#tI9u!nqm?JfU|3?qWkQZYsn4rN#Z^i&r0&)EeLFLjFzLy21YAhJ?#
zL)pm_@^eQtoO15`Mp8i*d0jm!0U=1umP}Az8pDQ6!%|vNmp!H^@a%ohiFqo1`V45I
zN=k?KUCW-!03m_ql<eK#(&hgETTx&OU8L(7!jLPx(73$SWzZWmj&M)(<&tMmjzapC
zVw*i<AvbM$b13&b`8I)QS?4s8PkeOwRdf$*-Y$oaiT#F6SxIL0Dej~_zQszk_c=d$
zq0DNwAtGE_jP|mrmWm?7&qHMZ3f8DIpftNLfn1_M8xu6H@oc9DY~Wlbs(ptdcfRWF
zijb<40nx`kG&FJM22))(xy(7OxKncS{qko(0&W6q$%$<#-Q0BJRxGx@7_G;cfcG6X
zl1hV$pDS=k;x5~XY+Lo{(HV6u)MOCEO-XwiPn={}T*-nn4PBB_zQxF(DZP$V4lc!?
zys{wZwOBc9^=!uIKEzisb4m0i1BZXv1isBxz^WHb+A$e>1BANTSwzmVaB{{K+{89_
zM~usuUCEXU-YTsY#$2dCp841hlq=HRvd<r)x=e8KZ`_dfN%O%i4Z)2UG4Nv-S_D;4
zLNRiottQR-7;eiZ2y88~N<q<uDS+nKmEZoq|8)A#)+nVkn<(aE8XP-a?0#bbZ(pdn
z`?@DZzN=0mBW~G-1DUC)6`^IgRtrM3I9YpV#dZ=OvDBS<tk^Xt=*M3{a;nhF(vQ%0
zyqMA-;XlNspkaT_1j_2j#YaWM^Do>|Q1<HbG;y#{AJ0Hs>*|L}qmpDG9tAKDSs{2)
zuVZQ^^uhjKNGtcKVmzC9{1ySZJos5Ji|3&tNxr7!9R~Z3>omOw1@-`3LvabMMTM9C
zw9{FeHTVfD3=t1s`Q#XF!=%i%lAGk>baI%E{e3aulZI1p8-uiQ?G~H9VUVmvKsgLq
zDW8?cIW}7SL6eL3RdnES+c}@k66Aze?hS@+p(HJ<r;7jwk8pKFp8khsUxU|A*$vx3
zRAb#eedXMo8^-ByaT(6nrG`j!wO&*Z-o<^+8mVS*>&X{EVgmk+PhtBK%o~@RrjC@>
z5l_HT0HEOTTqBJx*pA+{oy*xm?EE@S45{GwQjlp<-30!TyqRYuj)^=?VoL;TDww|r
zr%DzgnvZzlu5(<rw(h(aAb`-D$Id?a4PE?ejk5l&AxMweDW1?-&yU$NG^?vgpYjF+
z6nOU?wmDxP>n*it&CsLo@MC#&`yP$^uMeO9n#V@N_U(J2E5GIi(VV*RYayr=$iQM<
z?up=n&^8rG!{|3Z<qszR#op0eevm8@>CsI+7Gc9mZSA4pPy&vd>lUiQIAz_88KTLV
zCSj%(<d1rABSt{$sqCHRm`f~ZVFV92=p<q^Ka8;Vaqf~qj&h4(6w@6$hmBd=MIi>1
zhSWu8WC2g9tsuW=?#d%Ohq7sGsV;E$6JYvF)5&U}hqQ4hW;1rGHp`TvDSX==KS#o&
z8$VxL_yiF(7P4SE=a8rZ^W1bQ0Wj_KV}RPZqXs2Gr}dY&Iy8jkZA3~wG4$iqa=Yu%
z7s{mrQ}948qn^j;rP5`lRk)cX%v;1K6i0D`m^U=(U0=*+wIk$EfTXQUQ|FzuGW$Qb
zhy>)gg$|hywW)uNg)JyrTbx;Laf~rd(&Q5L?33ESZtS#lXelMplIaQtM@J<F4?AMr
zZ6<cK7H%09powN<g$bfb6>Yi}8wGBad6lDUi?4%c(Pq*>$r~D#f*LlGrw35tC9DEv
zl#a3RaDReEfoh9y_D|sppy56b6V5>Mi8g{mUt2*AVmX(~jxsj6Cq!__tG!Bdb@}(C
z@vlC7{(Wozox4AG>oij6jve0_#as__N6Y^fpHR&~^H}Ojh_NP6XWB_MVU*?i<j*Xf
zu*`Z<YqeXbcO0mDgk^<KlaKX+%vvs1ptkm~E#|B_4(E-S6*v0E*we90;J!JPlUW6G
zX3U<&S!R)<fssQ=I-)146q+vDELp+Geuwv)R&wDP8pN*dMieBBA6SBkfx5%nSJ$qF
zJ-VTJ=|1b~F!6)NMEHjdGE+>@aokw;U_lw59#C1Hi_h0|k+3EMS(Ciebaf78-#6d)
zh)ICJffB3`NzHVsoFM^o*I=yzNye*vrY&%_a4+j6x_HK|)dHj`oIdCl3YiS$BoA=3
zPx{Y#<LdPKB>PwLNYj1RZ%r2!BnYsHVo2+NoWYqvluo>L9H&+jM*YG0(UVsyE{?dx
z`1l_XSFUZ>z;#Z(#ka!Q^0(0Tu(yeQ$cL2m98=zu4a_6)BO0xkATK?{y|Vnmm|W=l
zF3Vl&Wk_eOCc&C_h38_pNgZ5Y9AJ{WNcyVf6pSx)skMQURdIF-6_gwojLy|Tl)dJ?
zctUl?8PD8FDY8Sr&65Vdr<=cmP5c$BFHh6lUhn@w)Cn?gpD~`W1KTpanJ+QK+@Z?h
zb5#O<nz3&gh&S)L9iDpo+Sqszv7${_KNc&~kZYZNSGPlVfG15Z%C}R^3KP-rEaUY`
z2i7K)kSEt%a`DDKFGLF(k}W_Ek6lYou@<Q)G{|C^Ly1Ol$<I4?MZTe$Xs!UP9TJ!k
z^IY&ty78(vyVV1$gZB@FaP8UpC=#BcCE^}Z1#yGuha{f(+2oB0U5Sfe7dz`I$Wsws
zSrau#QUsG_D(tocHpwwgxyT)^_>=p&RnHc=UdG;jd~CFBmcG+yP*db&5lgkxILHHp
z7z3Q*tF=3`Eb`#ce&f~~Q1r-D80w-|7St*1N|zq4IVtk%rxZG`RtI+g0guhco^j^6
zgjhG>!dXDRHas-SwIXdz<Q5Ch(g00=PegzGXw0!J4HE%3myAD6pBx^pO}oC(Sqn)5
z+Hh%}c8<20_VO6_5W-dloOzHqhG^D?0#d*W;ul(N9=f|DI`b(rAn9QIq*U84U7}oM
zv!aJr#67ZDe`d+@9d>TC$ztR`qG7y0qCAf!r9NJ<uPOIENV)9j>fcvU)#wl@Yv24%
z^83?>F>%@O$({4n+1oM)J<MKFDSHw(hNjMBQHu_+x%7q9+J1Z)(8F4ebiGuw%IU7A
z?>f<U-+nhEi+jy^10z%URa?Au?P6-H%eT{}eKo3lpHk}^nWa2`yzIxA{UD7W)9DA-
z_`w{1EGYk9ubV=c;JN_~P@?97NNuoHMVAaO)mhr;`+BZRNJ{iBzu3OCm6-l)4Yk9~
zzK9r!#QAGeMS+Y`^st@GB5WmVC`Vjd(T*p<FRPE~1U7WOIPFGRiE*KsfX%QAccm9t
z=P!XG|KweNKE<0L?QR;9`JgB?aPD_-X+<Unw|{oaZKuTC3owu1RZuvNh>z{NESO(x
z6@%EfyC{*cmEHpM-YTCcC@{8Ge?X7Xl<y45(&JjWR$FI`(qoXg(ELD4=VwKeH!jCx
zmg6Lad&0z7gq&0D>P!>2(q>kz&bc*FuwQS~awBZnT0E9UdfcZwwN%3M6XA#oy``m+
za%txbDcU)X!1nl#Lvq%TRd-7WW@;%1r-H!o#n)g6m7AP+R5J`bkm*`LjJq*BfUNuo
z2P2a-_j!qBK!bOz#}DE!dOc4#m)t$Tv)s2RM;D{VJr6I$B#&pcg>LoK=N4Fl2l8Y)
z-P*|=Y_c&OzHo3(FVaB+juO6<g7OF1vnSB<h>jXl?aLeqM>OoVG-T5is%LM6DIter
zvZ8ZA2s;PSBouC~9G=|6%%JDkP8J~j>Lr!tZC+lI7`=Qm3rc+JCfwpuA_NPQyj1@6
z^V`bc5-yb<Yxtv0%&dtZ5iXT{%pxPV6C*8%3-Vefkl-F-@q{Au5@^_qfa7|^zGj#^
z(LJ#If@c0VXn^0v;y<hfIMov>q(mH1b#bUGFvuM^b9grCh=!ZKUa&QEF%sVEJ!uf2
zm6JdXlr^~;_JCb}&O!u}D2^1FQIsoo&2MXl@4jsKg?;%Q6%nBDUBsG8(m~D)+nGmR
z5|PZWVPiw5aV;VIXZnULxgo)LPv7fvki7!m?e4@b*e5!qL$s|8{&R8Q$UPg*Y{N){
zGLSIk{T6l?ZYAUiATqSRPQKNV&13}%^>|p}bn%+kjxCq4VId6C1BQdinq$N7Zx~+W
zGQQ8!IpD*GR6XZaz3w|J)8r0i^|`Ns@#IUhL8c^B4`y9ym@yR>(!guJewM%|Bhoh+
zbF$!3xu`poStsDegi733hIo6%epjsZ)q%4j4(;k^piY%&Bg7(Kh^|b$7Nd8oE*@rV
zW<!p;<1r^DS?(cI$p(KEBkA#OvQ+HFT1d=%DYmt4^WFkdW5>k6Q9IM5SXQA?glQg1
z&N)Gks%9Xg+@{n%2?2z+HI2uFwFE-A12>!{oVS)7mO``dOK`Oy6&#TuldP^6*{TMZ
z87|)QNa<nCjY%`2G(CvWLtA7aZ=^ndrK3VV1EiN4#c@4H6#6y>Ps`zsEnX|kd#=I%
zV!id1s9s^X-IdN}Rj`eyG3qQ-q)N1p&Oq&wGefp{uHhEL13B6g1dkBIvYw|*FDPLE
zj^GeF(Ym69{ycNuMv1}B)$DR+?Z$v>bEtY0(@=2m3e~}#5SmyTlj|0js&g;$I5grK
z&pEmIn~9#P*Kfz@F<RX?YjWm`iCGcEWa%?A?YrBlS}`d-$r$wxIgv0x38!u2BMOOS
z?S5$-PRCiUlm3i8+LO-hLVT2ssMDlu8Fou|%hAsMpdH=xm0mA1@SF6f`FSL0UAxGb
zLGf)Lkg>8qvA#i_g}>BxO|FxVUi}x)a`3F_Br0ROfQX?Wvk)t-cpKeYMjrQ$Sylt!
z@cfWQj1#n|S96rH`{d2vZxR11cRWUlZ|;Z(+%l0?qRkMZbNX8RVTO-eG8jRcN$$>i
z(FH7wykl*fT0WS(OEvvUbuNmiOkI3m5=Mx=(h0NW)NE4^zBXJD9MPj@<S}~Iz=hyL
zbXk-B+Q0Zy)ydgPMW4NgIky=eMKIYE_d35Ds_1ew-+No}`n9JKLDsG*0r?uS7E!C3
zh3#5I^RBCgXienupS>mqeR)y`$j)DxC{G_Gf~#PbMdS>83ng3c5OwleQX`H<1e}Qo
zp3g=QV~PeVNn&SMY~+{L5~7)nbAQI`@nk}htvJ_4i)_*<Xxy^a_>}rM{58<{dKh<G
zB1**vGl*ya4V#?~4e{}I66Yh`H@fAA>6lcFVWRC-cDf3fsbm^ytLUJE>zk#`&B)Dk
z1I2^vY~h>=C8?JzZ;{v2Y$`eiu7)n9cb&h{L3?3N<1yRmJIsoEEW=#5hW@-hq2~*^
zGhMhw4?gWyBQL5)jgLX);c<Z!Eec@L@njR=&eUz9yjfvrp|%JNS>(-E<L%-#Z7Rfi
zVMZP0qx51t0bmAz66&ozgPY@EU|Ylsb2rLy{j)=90%GC}l9^zHB73SMj>@Uv!k<_%
z+u9sq<6mL~LPEkDpRh+~&uCScwl>3DYMUE|xENMWS65Yrt(;z6lX-dk)6){6m#tj!
z-h$b(q+Y7q%ti{*A%A2YHn^gAy_3ohB~Mj!j)cR8u_52OmlWwPE}8Iq9%tXL%hJYP
zC-Ww5A!l_yZTY^xSBzx=ey6p+#dG-cgESKCKq9Td4Yjl<c-}il#EoQ~tH(<l;Pfp?
z$5oT8CsyTjLPKXE23!O|S!1@6z}AQR3jQxBIf7dnM252;+JXdR+9MqS&K?yXt%~^y
zY%&NHL><Gom*FhQ6=Thp<e)h=Q&O{5?2<svrogJ91yO%ZM>v0q$w-5FdmW#u7ZKj*
z9!<C%^^`uvG%+oFUW|U2u5;y~pWE$Rd`NQCY0uR77N}NlcuBj05ibYN%&pr1J#IMs
zyU_9mFE-crt%BLuOP4^=x~yN=m=rVuOMYoHk6o}OvCar)IZ^tnV3jzj-fTX{;Puky
z8F$;dgNd{XUJ2mf>Z<M!?~iD*<wPqevz0hradE{be+!fSZ!`Q4TO~1>7VkgFJEEyq
z+P{jVy#4YJPF?JdXreD1(R^t;q6s)>yuReSjGXbC@R<IlyCO7u&QDQ9Gco=-v%Pfz
z|E-228gaHc&st2Ee?6S)w=!-!m&Ro7ih>7@6uCOnrQ}yZARqSHF-u?w*hFMN?F__u
zf|$E92ZFfM$DzU(&aS2l2GLh=poCL#5?tKIlO^r*I4-^*u1RUPG>X&X3c}!-;Lo(X
zhUdn1k`(tE%87a5kwx*^LRp;vIJ-~b{tPMu{CP=Z*+?^l$py3Y@U~N84lyBmVt;$B
zypZBioSmb4S@yhoC4|>f^L2>$DD9jNHo`A)CG$Ean81q-YkcZ4rR*^LBHcPGLG$Vi
zCOpTHu4l)$xt2Ii$8<I)cQf|7CJG^n6S{mAe<!E(Tz7#^cfeVc6QaeNx1lu5bwU;3
zZaM$B7hpQ4CjG!9U%LY$Q*tpuEG<trJLZntxPZq4J$=19xzn0;$Tws(uB5Z7K59BY
zk_s1)RoJo(3~Aid(n9LlKfE0xyLT(D^lk24a$N}<#j}iUurGgaRy<>AKeH3g(axZq
z7}zS$QW#^{DxHE~P{r-tcHTz4t)eutRez*fSWn6COb_Z*8zks3TvrKyF(jUCwD8)n
zU&lm(j#B8TugoPV7X87z&AItpURNdLrS)w3mw6&(_sd(n=YS)Z{h%5qc(9bWcC3+5
zEleOTvE+ebMf9gv;|xAWjK;%b;$yAj`N2*Q(=YO!VUL*Mm1**FEq+%+f|sHKSkx_b
zASf9g+h$K}h|AegX})Z3qb^5#3wcu<fhg(vBF!gPWMEP_uJf6C<5K{S34`sq24qtt
zp-R<3(?oB@OfX6QWu;O;pkZ-<u3?-u8TNQ=*3qSE-4#>I@-{3B%JwVC*omTehuWz=
z1Ulr!0V0cQscADRTWbqtPaeoQJL~H##>n_OUxd%-il(xvFsa%v+jOv>^q_qi1oe!s
z$|FPNIUnX)otC&G81CU;)}Q4|@h(2>o*Trs;l{coxU!&3!{E|gjq2qCdkV><S~)oJ
zW^y<U&37cY|JG%8ZQJ~uKQ)rmy`3dc0>sBS5p5DUS0LsT97?o)U;hkwFC_e{#Pvf%
z-t3q08m4i%S<*c{w~H%%dCcip-nRYXJPlebGEh)+E*g8ro95B?Smd;ltAam<fT<xu
z09r`KP#LI0e24mjm}wp1hoFn4l|fEzJYWQFPgKuOAT22{hqqsNt9CXUqan>{yXMB)
zN_6IUMqdbNNV14m%-<?qp3y$7Wgystv2_=qm<U8WUH~C@)JNRjzqw8SEQLt7V`9E@
zquVYVAN!UsvopK-A;CZVB0aiV^2$8U?E2n0PbyqRDc2R$JZVpCPBQ{sFcP^`sCijk
z<oLOtB~V^2=We?Oaac(g1%{gtxNuyAdkzXE9Pms^-WBbe5!YkbuXQ9OqARYHNxP7o
zJxOl(pS*d%WiddpN1R>Q(9qy~qK~0tLbcR_K&5ymtPYL;*_LtnEIm)7nr}G-r2-+>
zM@r^ho&zRVidj30C1wP$dnIM*k?j}@Uj)5dhnol%b5LWPnFA@7(%mtr<kcEcP`+Az
zm$q6Yp|lu+1m#D9btN3Ol4`Z%ciIX%$$FVGX1tk%ERNtxpSUU$(Fh^Gg1|aSiewB>
zAKq9vppzlE!X=n&O!Vmfnq$}?5F`Fm&kb96^z1wjZ)Hw5QjoBxukM=tK_H=p0e)$b
zoa~z#%QXoQ9n>~H%OwtIuk3$n80k4|#3;!xibZnzJcZ`!AaZT(EY;k(TW$x3d-<zD
zYRdg=oP6P`0|^^Gr%Ey7UW+@q2{(Abu)z!{EO@p)p`Q<3t{(sZiust&jirVo`>ZW*
zJ*Q<t39b?Hle`7-4)9ll!@RM*nxYZb*2!I@$2MhgQK3UJtmaj!ReJ2)Pp^mEWu$#P
zu2i1UOs3GU>mT?lZAiUQs_b3k|0G$VQWJkfWBJQIoy@(-9Ly0-x{~_gWm($Y*V7hq
zQdhrEhd<M{jVL-?{0#3mk^A>M?VMM_Kl^CiVnSJ*>dSF}fnE*7`x`*g%k-6}q+N^k
z1jfa}cqro1EXJwe-b7rBfofb}aD=zaa>%?HhsnivPm@9exRUq<I5ITToct9DKN)^r
zEMb|H(cG2xruPi5*BRuowXxL4quCSaELB6qM8kbmi^}0u@x#mlYe}gC!|78E4IXEl
zEBM^04la}Ts?;{CUlugS)4qdCpvvI!@kx0DV;v!ZYGXrYi(%IAgVe(E%wlyqmPjxu
zt73vcs0ISvV;*c_uNLcA)!2-STlo1+k{)yk>7D;P{R}loh-6JBNYZt8P(HNc=c}Ao
z^YdHO!z`S~%7klK7@vH2TAK0nnv76e^s;m-;_hJ9fSwLop>m-ynd-j!<%p*Iwk}+=
zuuoqDW4<6%>^G(<7LQwknO_*Jy?Q@Vj1lYS7AUrFBk!@i)%G!Q)H>>-j2bO66nOta
zKd->YG;DGRG(O+iJq9U!qfaJVcZsvwgX<nk3Z3vc-~B^gQgH&TcooOzkD3&DfzlOk
zof{=^iH{cb{=zhG%m3={Z~|#){;<KxF`LdKns!>hZy%0m8Usb{d(?YMBpMvv)IXw`
zx_o#++_5HS6CW0GMB_FPw5C+><izuv|1CEB$0{Gs`1_e~O?R#AoBF=i+MV?|r4bb>
z=$STF*1@)6A*$amsHd_1o}2-hj`n*ie`aLfzYl!k=M40T*A{3!$wo!(grUX}&#BOI
zIYpH-+Tgfj*0FW*20}}pug0!=W^hREyt+0JLe?j;&em7O%^ARW21?$os3bo-sANnE
z14(i1c4-5xM1993^KM+-0BNeXrD1}O|8%u4OVvchkri8PaS|X!NFr5glt7prR|^!(
z<DD9_?vfO52w(pqcHB&QQICt)fsl;VD!2)TJO#ARp|XHb#86d?Zx$#KVla<eCTl--
z<`JbS1e@61ID~<9_ghg_$}5|OSN{Ib_`@fdXGQ;>RN_k;J|E9G{CY&Qkr`$-DVC;X
zs{1VxtK@KCO~b}QLj!b#uUHS=f0NzaYEsGJZlL!m6nruT-)LJ|?18oJXDa~7IfH}j
z{mN|MV%i`*(nb*JxeO6^c5PNUDzisAV-e2WRgjtmC4{9HA{{ja-n{*o*;({?qB2+?
z^RziWL=4AeTP>a0%EsLGC^<AcidkLaLhi)Ss3*vUq%m!5h0t|&cUiNqkHzrI89Q!t
zwvSyHPxbKs!q38K@s=@TKRE*`V@`2O0?$AMu(d9GU5f#rd|_``H(>#66;rDbr2X*?
z(nnTswEcEl6$r>QD~LbFO8^*#Sfh?;Vl?oLTLvjj3p7BFzaQKG>OCzO7B~opYpo#!
zHPL?0uMF}aVR`+Z-<n7GHy_bdn2QxuNOhArHC95cBtj|@QD$)8HIwiuLBGaaqab6a
zESXmlrNaL2=7?vCV4uyPu(`cAKu^tflY{3<G5sO~D@s#I^teadU%rX+xh5!0LsRE;
zzrwmK@;>+(<WX0nStZ@p!(!cUr~TT~%@hu&-1CX9Q>)F@^)TwLL_^5p5gj^@MOv$B
z@3HK*x8I1$p&D$?+=Yi(_$pfX{>c}TyJxDX5$dPn@`;B^4Wpqkk(G&c%-^`heVM8J
zMt!;ZCZT_Rik|;2fx2IY+cEFx_;-3j7&UHB9Z;|X>6rV6`=l1nUVEx8S}D2y>=DiM
zrLgx6hYTvDM=GIehj47)UlaY}-`j~_u0Eo<xciNJ^m{SDzg6K;$QzW)_M0>6Vf}03
zVxHf}4#L8|)xv6|sF!z6!gWG`vok7ep2s2HA*4z=?ix?7VZ)BY$(I!U_WWSCW+`=4
z0Iy*DP(2&7f@9d3mHRin{bG-3Qsk{T7$R+;;=oqG774^QKgQx{ak|=a6$o!BhUKYi
zX;C9^+eQ^EH^pZRd`(Z|cJ#7tmb;zwc47`p-OgKG>1b-&h}D3~;2-)_6rv8iJy)v9
z1Y9yjWdHIR3jo@=Pp&O0?DRTsD0|-4^)BB;-FbaCHr<(&jLH4(_i+H0M73&0vVtIg
z;1Nwh9#n1LZeev>>FeW#BN_>%eZPZbmg3mZ0|v;ad4YlRWAFGD9(fI_!6gwB0tKV(
z?oiA6Z&sV;iD<z|;PqCPt|F$SCPUm$4iB^getygX>2}G6!5x$O^UX0cul9=-BKB`A
zoDC^*XIvR?IdxF!=b#jlMqr=FqY}q^hi3`GI}UXd6v@KBNi7?bIkQunZA(f`^Hhn2
zO=#igfbY}b&&Gt7M%xKmsF-B`&Yi7qDI?RDZR#egYoNeO)K?c#=IE?aB<r<(`S9#E
zYtjXt@Hx|k2JQ3+^s-6b$uL{l#+ZC{0Zn|ps+3^B&r;o+Hc5LIp~-1kefUhKA&O)2
z0?#*|xsBZOA<9MVEtt3n(Ora=W}T5lyNegPM8q+tPx=#}+av*h+9P?Z^FsM-dHDx;
zj4j^`iRZq|mmW<5jz4))R-iAu*871Ywj(5JefRLZx5uop^@Ln$QG^&1ZPs+NV?r@m
zTNd)(LcD5F7>5wr^=_Y_tuxNjkA4KQQhO>X_w{A^oc}jM7B;{3%&gSmI&#$2XTf23
z;YKC$%%b}pZW**gNsdv)8*d0&m~U*zmH9=l?P}jQS-0y_W*ci$U&3YPpT~rs3jdT2
zENW|th0XWAUrs<P3L-8zB<s8DZEi}eX%||_a7{*I<{XhS%S0Q^k?Qy7l4lzqdl$36
z;zOX$-7d7^gpEpHUAoW1B-9t~WaDmJY#_*uodd%laH$zJW(wZDG){sd?_b;e93ET3
z*{xWV2tijvL&L@<$>_pDPq>+#Q>$W;Hd!q>%n;uaB{k=3ABFKr19TO_;U2~DYitmX
zauwkXS^lOJCCP@B{mR44Xs48EVP>T}DNUc2Mbfb;&tB$Of9R=?Z|y2sMS!>~E{!*6
zv^arb4mp~bA~*`fLLgA1;PCDT%;;Z*@A;ld)}xSW%LN9@yRMMIfusHv1zQlXw@Kt&
z8e$~}t|RNBZ!Uh(VcN;SReqU#^H|H@fd>3*S4M@U^2G{=uX>+X!&s#3vM!y8sKJ3e
zx!8Zo<1^Cq(#*A8c;BJftqbvgnS*TUFI~47Ly3m%I-&C}eex=nw{=)w?Q~Ho;ZSE4
ztf-dll5q|J7CU2yxN<h(4~}TML#hGH5Q=mh24RN!*t9KZV?!>~gaP0t5~~X;!6f&X
zvA*lUm7mXBD9g5o`7jmh9umeepTg1(lFnVLB);q(XaB5KjqVaTbvD~GQ6qayg2!p{
znq_WMwOE$2nMZDg$~nu7?V59K(OLys)=EP0*P+MH$#toxINevde^3VSu`N!MdI(!;
z`T#?%CAtWihnC-O3tA={5^ZgN>5$>WG+k8UHRQ_*a41m#Y)X$n=LLaaHBk>Wu#;`J
zv=?>|#aqr>e%>tUl5kUbh_6`0HS2O?FV<FcZ+I*K=^UBYt%8=}VOzgInq&^qH!ocY
zm5_{M!y`f6YLHG|G5UUfWI?mHnZ^ZhY9iTm&I$;Cb|%3fW-=8W9Ni>sZiZROle%~1
zu{pXYrw!d4`lvcUZDmaGtUGo`G{G?eZ==KWIX%FG0tYT!j2vnG$U%YWqo>5gCFjXr
zUpC0bNntU}zqFLTBUg|OjkyX1LLSj(%;$)s3DaK*vtTr78LOdBdqhK+-c9<7pKrTg
zb3@g8q%OvnyOb|NukmAAYR(*k&`u|tS_>pL1FTt4Gj5Hjd%*5<G3kP3%Ic-yg(c~$
z^obdHYQD7(s9`_@cdDVr1dP-rU8^FCYt*eWFT9{rpULN{8}ROcZSKX$#GEGB01%Hy
zPCA9=SH8b7X4~2hg2x{q@pHN-J7I(`n5du8*CEN{?Bjw;Y97Qn8SPhu35Sm>dymXr
zWt=An#JFAlN?+ecB}@A+!^{gwx#h~2f)U%n?>r7q>k<ct`c@cY!;_y&joOFNaVytb
zYub}6o;*SRvfb>ewxI%S-|$A*NhY=ahrP*vRRW@+k*jldm7t3H0{T}fnT}<0>r1oK
zau0PCdbK%-qjM<3?@@$H%Gm9Yr}inN%tjyP-b(qYS1XRg-&W4m!glSZz9z|QbBVYV
z{;XrpF)k?$csVUj%rTuSHIwuBbV*ah2gv`~GCW_(TWf4aE&;FFrgk%FZ0FTvDdb5N
zyuXb%NrxzKq1{|0=PnzeUr0J%JU81x*SGPFE%qy(Zd_0B0cf{MvhviZrdDT;>o4kL
z=u$atgiMvVqUe%c*4>t%YavzKlfa?6u|zOT`-Z+5<|;v4a%NL5tO`#M#7P1;l%_s<
zU2Gm_`Q!x%(+p75yzRCk=FZDm%57ef0Mu7?-m<Tc^C!2lIS7Q#<`Zuw8}0dDjhRdF
zfQ64}^@fb|MbJUaSfYDJH9IdP-uzts-0i3GL4R)^j8@YDqi}Tk?u8I+=sKkrVnX<$
z`K{e_y))G5Tz)@6v;gi1GxkkTHNU{$(UjzIs=KS6g<FsP6<lgcr=GD8;Y^JK<~rRP
z$#vi{pB#?7|8eHo`?b(lRm^kpApr=T3;uJDjAK6`n_W;i0v}pr6+b(i9c)#5Rxz#?
zDyg0?!v;!GBXVW2MM9<_(?g-5)_bb$q0UTsahHnPFv0tmf$JE9GFcFCajRz_2MW+9
z=Yl%pjoHXT5enec3@kM+-eR%QD<9($)9TJd9bULffJfhjL-QjVTO!<yst>vT!0JnH
zUzppbaokHvQdt-`PJVB&!Rm0#GZ=5j$>F?~XB6sFXJQWj^2_uqI19{SceFV+#(&Gd
z*wK9|o#Y|24{5aEcO~|jDQG6I&R1I5t5(<O)j;~32=&f(U4bjHmx*x~NRgAY=2FzL
zj!wnS*D(z5MOErD-|lmW&VEsE`SyLUatZ`iT3y(mvlP6Iz!%?OC>^-=NUwNQUF-~!
zWVAxJ7zu`<c_|{rs>Qc<^wE#*;4MQiSYgU@;Vr9}<>34(la1XoysQF)gzFDOvTtu>
zfzy*yf?rNccU_9o6eoK0+0+;Eh9(6s73U0D+geZq_KvJDv5qAn2&lSN?mo7z*sx~p
z5&*j=47?@4^QL1|&a1v{$<YSTjwz^K(>&0~c3ZPD&2NDq?IGZbgP)>KiVg&ooKw4h
zhA(8n^uVI}WP@y|>w;R_u7`C;7fJEd!QpYgFD!N=Q%f1M=*%Z*>%>mQQ(a2O{Jup<
zZn<vt9#VtBFe(9NqlWx~-X5Mf-0tnq*c8T>SXr@=+u3xPgttCiP1Z}o?4{`m8bz}{
zo+D0+^odwWIDKCBdHY#bT2a3v%~<A2PG6?7CqkKfr-R@v&!WgJ>TjTeb|9hZUeVd&
zZ1@Uwn+lq!=PbE4i{iH9k}N083j-H$c}|tXZwk7<N$)7v=anKW4BvRZD#(M`e=h&p
zccmH_C%kGazKRy<^H|_#5lypm^xT+~YJnX(wM7*dyV`suT7>A%z~HF)t1T8umlNHj
zcJu1(B*VShmWOjRn-Lq*&MqQ+*G2^gH7LJy@ibsJ`Bl($i*qK#@~Oyq@llaOQl?+E
z*aBE`BV7{Vb!a($aO+Z)>k&=O*F*`OrF1o}$D0Z;g=*cM^G7tV2Y$-)=v~YEts+m6
zgSEU~<L@+i`QJI?pQ*{it;mY~CT5D1*<F@us$l7We-N-$98aSg<!MR{WTx?-Gvq()
zwkSMm>M|O)#Oi3hSv-&63<J2wFb9tL?(^9eLzRrL4K_y{(c~c4HsmC+A^A;EUYvTX
zuUsKQF%squmloMd{)(|f<mqtuP|Zk&s$h^(BhjRna4JK4n)c#=xH0y|0Ce-jN@h1t
zg%0a*wKlExrAyq>9OFhFna9+Gpw5k^yq~Vm)-sh81s1vxai(?BV3jlvyVAQ+Fatrs
z$+4k5*jm7ysGrsQdm@0m@A4N^$fm=BD7Z4~-n1NM2)N&_WRho~*I1Qu7SirMr?C*W
z04NoEo_1f+y|C~>=d{40o504X?=VhK&>I#>?uDdd#&HCpeN6NRF<AyZ!Ftw&B69}m
zR`e3i&Hoc2KO}dD8X#F?Ei5(l@o?DlWv*)_PO~!H?jtMr2)vz#uXNlR_oCD8Ep)~c
zB*%}Rz%Fpvb9yFsi0g&!6!tmqpI?v-=F5XZKQT%_05G&QhF}tvE8vXu@ldMQ0{egd
zkNxr7vyPv0;#1$BGZ2y0(lA{$yl38WL^C?0ploNpOHiiGDuY4+QoH9Xq>-lU<DpB<
zrJd8G6gWZ?5*k|78$@SH*%SkSn}9+h+5DzqO%;O4ttY*`jTtSQuox>=JcCd{M(x60
zkDl%!r+m8o`k|e<&5hOlu++BZ10(6LC?cS<C^{WoRMTj710C5UExVGZ<7Q!RLS5l6
z9hME&S}N{*Jha+Q&-rlXW0l_~%i<T1tZdZOaz_Rc2sSy4N+<bk863W%PwC{@@;^lq
z_TL_^M%_eD?T5SX_3C}{|1#dNo1g{Nr)p#h_>+3syAG|)IA#rthc7o!(8TG^HDl*K
zrWn1R22@)3+Nt(eEak+*e7s+m-0tuN*hJL<x6%>KwIiB&C8OoX;u%LY$$pyx7<Oc8
z%=GlP0}JK%sQ#P=Fl?YlbW3P2%H$J7_t0#iXRlZPQ}_|hK9yx9AK2l)w)!1fQiX3@
z|CxoVkK2#vUT;^*FWtsd)f_doxVswtitKw_IUYweJ0InL)6V6BZKaF7)Ot$0;r+;u
z-)qLE+$iYj=4MJ0KM{bC^hzvFTzRoa{Pf<^m~{zVVyUf`4D*;UbRoM0ki-?4`mwy}
zGFLKE{0qVqq=8|D#i0va2Pj_`xaY^*C7aI?ZX9}73BI4J@9x#uCs(E_0vr0ex|^sS
zKg3A4R~=r4mbiD&ePZA_owC6Pw4fDqfH-flv_>H+I|xHOuk?jHYuWi?H#pi$do;yk
zQqqGnnit>zGkKe(jqBDM!+f)<NGk?1ZJ4KKQ|XGfeS<|Zp}LbeUZoq|+%w8*0xs>;
zi+NC)<Q{ZH6TCdUZEP@7EcapH+hPB9)`5yzPW5gSQREG>o{GU!qb$vm1g|=k+``ID
zc$xR<I`+(ig3zTi*8X3_U4rMl>-785tY+~xhjp-cUnU-Gy|*pl&6DbP0dN!V(=fvr
zE;XN-YI5i{8C_$HAEE%jIv*vY_SFaj03ELDk3JX3*)O(_JGjTm_PT>$2IYycp^<BG
z-y*6*KKljEAj369&Z5ZA&x||S751?-OJE1BBY^IRjj>9*6e-RcYP=0>tw|Z?14qo3
zXVJ@JlfR;i{JH*Q%tqCZ-1+^6MbfjrqOlIRm47(R|FE?I&>9lBMfD+>)ND2`VbaBq
z6k3QgNoMC=E|PEv+^&cN)w0MHn9<tuJ@zdB6eG?!eYK51$H?g!@4W`#;c7fc5}x3*
z^JbfcZN+N^3{#|dMfAJwJPSLN@FKcdgS0~>((d1niXxqPg}Acep!DF@LPTT9spsn7
z8h^Q-W+WF){h+T(PrkcxV^MV4@cEnUgXvT0vb4<{bo?JrU;pfBJ#&ltX@4<%|H0R9
zFT$d|_ln(rtxT}ys}Gszf4uR$mmi_S!=%H*7E1SPQ)mD8O>xa~)Dv^cGitAFw!Wu)
zJRbMOpW~rIsoNFmXZDU`O|9>vx3G4dE8w?dy6?_E{BW<}*8BfrQ~$)TstG{;^7HpD
zJeUwV|3K<{uR17kAt&QPPH{aqoBZ%${n<J&_&UpvuKXC4AGGqH@r56w@?%u~*)`;U
zo>rJSf!i?CG3|jPn%V!r+Mm~Ojs&ceas-cPsFAKurR(48R%y}r*80nJ?C4*XN7b5|
zwzkQWUdoQ-^~9v_OVyTsDXT0!HzE_nD{_X^e*ql6;B8Fs?~&rm-h0M}qMG9iuD~=+
zA)$;#t6zva_p%3gHYg(fu}<FNUH7ZI#ua_{%~j$IKw^#$X{#!<k0F-5A`(K~ZqU#O
zf0r!&wfoP1B)j}@yzYhWgLJ6z0-pS%A^O8d5C7;z|LXid8|DThTK0RSEy&P6{0V<p
zY4H!=^e=w!ue3^GHvC7O|9>=u`hQS^{iE^u!G?aYA(SmuE$jGw3Z3}O``g%PqGba`
zwF*|gWGzy5xf8y#LnT19ZA<;3QA)4~%oi0NE~Da2MIr{16MeIc2?Rp)6s}uyH+VQ(
zH4BqJUk!jlT|%G0{t@Z@|B-VwvCr*fGGz(qyik|1MP|anDFI@_VGP3e?YNET3^4{E
zGTb@FWzjx3%qK@wM<5|T>f+;U?_rKlsw#?ppXjuvHqG|pSlQD`Wbq9#`)RF-F$wvW
zzDl&l*&Rw-^cn6M49;t&L&TWPUqV;szy?AI1{(O1Q`o`pW4K90m5mx)id~LbMYqUF
z*MRE<qCMnWnbX3zgXj@Cv}T6Q!TDha7gQBDGCaIcU^SebI3Xk6SH)i_g|p2woIMmD
z7q4|I$Tou;#4FPh#G)s}p8WD1r9L&M4+<w@6HSC%zj?K7H77SqidA{09{zNFV43WB
zY9k5e9mmRSS=C`F{PK2JHprVef)_9eY$ZsTd$NR*3WnMoO}{$0P}We=CpJ-M9(SyT
zJTw^*i?o`a$iGXfJNY)t`8@xJTfxh|pT|L$#bknCW>uJsdqu*jUPg|XLam1<F1EKK
ziRoW8eT=%{7B|A4dYr7;F3mWw`WAVp^4G*o(_1bFPE=13!@~~^(SJ)ZpEqeR5jdh5
zQhN1qR_WhUC!3i*4t4r%N3ARD{_@wvF}MGtU;LLD5u^0i{xX}gMmb1fw&VsFeN6ds
zlbm%e-UqCa1;dFJwpK318foF{cY<X_M$8xw?3xaY#iZsZURiqRZs$#Bxoht&O{QwC
zCO+e@iDdfpJx6t2&ZIRXFrtTLX<|Tu_ese5hk#m#ul5st|6YQ0Uy9sum&@nXv@6SF
z7Fj8mzm_OU>ya!qJe~g6SFrxIgkzpNwUOgL8u>9?Kd5V>@5em(!B&3dvH$llNa4-h
zM*(^m>%_}>S`<M>@mPd0L&@kSfUUZ~&<Q12zg}uv<d_7?53Vu+Pvk1<U(o63K~)@o
z&b1U0WQ6x{ghJW2OABL{L-0U2915U1iUWZ9&U^0;b0Z9F$sJ2tRUZVMz#T)!Qk`04
zozyB4P}x@tB1C9e2wWt#vTyc;K`Yb6dm}X{NO(vWK5b~*M#c7>K<<a@RUL!(=yjmq
zkOQ`yEeQpbktm4aow+PYc|Fzy0Fm9@biT3X5`Zh)`rw?kF6W3lXNp{wr7*8*?2GBn
zb7eL>JiMIq%1MFme)<46Aym5*!M|S;lQqOf_WZ1KU9tGb&9C*&@3WU}vfb7+Kl^m#
ztF2Kw{r#`;B(`7AqnT(Aj$hy3x*a{ez+GrV2ESJZ>AwbE@;B|Uw#Y{Mr9?lu$b5C2
zWh#C`QV~)#O)z^Lq36HIhz4G~$7f@kSuH#d4gkQ5s3t^$)QiP0{*VgrTLcs5UM?Fw
znW?E&7u?+mLE1)%Si{ZE^YU3LL;6Y3q>4B_&ZV~}I+7<HBin>_Qs};r^9CZ5Jc|@K
z#IiWkcL(>}R_>nYVE&%*O5)PTG|jvV?_RC?%t}tlC+R4<(mdp>a~t{6ZddOqij}1n
z+CBG$oHGz*@|xqetErdb=U=PPtwgrft0->bJw6O=oQh=~W{>g>^jXkbYV!V2@-e#C
zciBvCyY|>@;C7qU)c00N_kJ|;W4L}$*N=JfgRT5vkpH)>C+hshA4=w@#D860$(N}&
z<2$9SAJcU6I4WqaXC$qd%E(O0bO(N0fGxGQtlBMWTYo^Bs@sp8;JK)9c97SmhAsj0
z(BVM>|E)Ebww^k2<QCit?w(GVLkUiLq!MUaJg~{|9On$ah&_bZZmhsLR?sm8`_ma;
l$M-v;Pt0d^$?K%ivkpl2)b)Rv)?fNZI<^1f@_#uR{a@0qpzr_y

literal 45964
zcmeEv1wb81x^ClyAi;vWYvAAzB)9~33j~)yZ~_Dg1kJ%YxVyW165QP-3GN9R{GII1
zeYtbrzTM31+jn>7rjhQhuIjF;{;U44e(T$r+Yi7!SxFg500tHSq@h2+?K~g`AR{B+
zLB4bMFB=*v+V>3|9UT)B6Z#(w4ITa7Jxok2Y%FL3CN?$>4h}v(9v(3<2_+@NZ99O8
z3_F4Vz`<Yvuvh>b7I51EkO2S;0?c1F;Fk>s77iW(5efMY%3WxNntK2&3>+LRJRAZ7
zJUleFC-gc1kBNXq!TtylTlpyxr9BSlRb&P-m1xCVT$Rz!)Eq_*zIRaW<KYt!($Lb;
zGca;;ar5x<@r#K|NJ>e|$f~NTYiMd|>lmAunweWzS~)s7ySTn^bN74g9}pN691;~B
z1Bs1`Pe{zn%FfBn%P%Obtg5c5t*dWneD}Viv#YzOw{L8GVsdJFW_Ir5r<K*U^^MJ~
z?JtK%$0w&}U(YYTwF?H?&i~l{+OYr9E=*{<VBz86;E}$y3kKE|`Ui&zk3hkWi1kPr
z>8U+7CFm70j%Z{?#oIen94eo2jT}Z%?o)Gqr1|o#X@6<ik2TEqceU()H|%@6<^WVU
z7yuR%4igXtK36NL*)fb>kBR_yD?AbSeE_0A){aG|lL)b|;ELfig|LtUlO5C@iE(vg
z(4$tPAqInae(x3-=DPBilkG8te<Ch?H0VvCGFFKXgZE3W>f!)EVpZ%GcsPBC%fdwA
zgX#9O$j=`8A3-qcuZSWe&^f@D&;fz6=1oa<zTOs5Q0|GwL;*&A8RWf@cq5vVW5Nde
z;Fn921UH+5&@poFKgNg_dnGt>=R)OI<zIX_lI<~uCHtjN2!xjk5fah<H}7bvjS9T!
z3A}MDTV>SI5CbR=DQ<yO>vNRYZzY=lMjd{Z_}N!~WGZ<Zz8^w$nOO<jUSoqaM}4P7
zRdD{5Vik%RQKn@VMo%-gJd^KoefDlyeNOEur*OqBu(ggcd<&Fmoa){JBOrsz%}Iyz
zjIFEUaLel{g|?$F1V@&skDuKF7XG#152T7?#S6uhc=LI^nBB|F(gyBvWSpustymNL
zrzS<qE05o1R>2vf&;vlG5AY9mFn!=#zzO@9pft8~X<6>b<`$UZdRG(y5?#p~88Kxs
zEqj{1)VGl((U(e;NQRxL*b-)r#9KObIyS~r-(b=Fjudx>7iA#5Vx?8y$|z~nJ=Jno
zBS)6inb<AmLvbTFWQbcU6_0*fJy6L#WY?KUy383(RImXe+HBs2-_t!-yU@it8ob&E
z@~hJD4A;e!<tmyEZCNuXoA^{zAg3?*JllWzwS;oYJZj1r=2$JLxxx0uMs~r|Ny|qi
zQF0!RZpk%HmZmoMbEq}hU&|*b-C>AAyhD{tI5Bh(CpIXEAen5B6)HWeD^aBDy6Xs;
zmdF;Lj=F=1t3t-E#y)csC}^)kz_)eu@MtpZK5KD9W|Z=}?1gaZ29>_i*3^R+>MoT@
z+SK$pLE3n^ciwUp#BtOO9EK|^Wp2-EmzgtY8^};amnJ+b&XVWLk%U!qWY~zpf0gz~
zC&5wJeG!BCSe=kv%awYXQ#bZ{c3^6#!lHJVKzdZUODzklSkP@%Bm2?9QCPD+jeKWz
zRMcpm(|{FY`|7vX#yaO@#lp{}CrVvzI>+cE!h!<;$|3;5pKgaoo`MNm>z;N~qnc-r
zH7apXo&TsVznl1!Z&=R@BAL=5#b7!goauy;68_MbT%GZmc=kbo_-N&xsc{|e20^}M
z&|}k@1a(-G$UvlJzD~7VN}CHDJ<F`a2?joR(pz9+<*?AHLq4UCHo>p;Lub{_{9Hyl
ze1LX<*1H&pL(7ZH_DjMNdF0sC%}mRjBV8XHbR6_|&>WBe93=oo0s#I*JHzfX3C!zJ
zZ5TsEoU*&Nl8l}bQVOT{5*6*^+N#ThH>%VLOU-16BX_m!5B9TFN|^4shvX?H1VNBX
z{ePVD?(dbA+HkD)sJbe@C5s$X%l?$Q!j-3!!*tj;4Px!iU+mH=&I1wG+BtZ-6{<fh
zh_NA-(5jtCYiS5>FfKgTbkJYm3}+p$vt{c5KfOl!sO5|mIvHthO03ADt)9QSX2W7*
zkkF+scNw%ErDjt?(Qk+0ZD$2hWUP?vYmx3#Q5b?wqK`Wox$b6g$ggAVvdI9e?uKA>
z##D7{oM%Oos*dZECnFs#*IBL`ZcEnByEwWPA3Jp_7p!SiNG@v?4G#|-R0O+Tif$^<
z9kG)WIRM0@GhK`jR&{IC`T2>BjrFtI)&QE*i35^Ia0B})-Q9MfnNFpGH3_0-d5v+0
zuP&n&hT08Hsk?qm`*Upk08%-zx|Iwyhb+Wg{c`A(<CiJ<f6Ng7ankvd<b?4fTf~t%
zlQ2Q>xqx!voVUlE0K)5k%#444U;jD_>|UN^=6IHR2c;aMer7&AEOd$gC+WjKC%60Y
zmxIrKJu2?)q#>e3$p4H%aFrek)1o7H{HZZI!0KE^uR&4BtC%wry|bXu@-M1I_$_7U
zObN8(jr>d=4Xpc#b6P8hLu+&Q(0t4z+`;NJQ)P&JV&Tm$XhVYdCtOJynq-s$Tayr-
zu;eUKef5%xkS=xo=HtnWDu#AVLp~t#oG^7?+AOA7+8C|($=jxt`LSZzEh|Ssq9>-4
zF*Hn_4te9lJyT;|1D|_IXXM|r&Cn8P=n?x1!kH5%4p&dmRN;&JH}qIiq4#;Jr3O@o
zmW<sPsni+A=7B7Co>Q(Nu-*c+mfptnH5~Gc9ee9BqCH4G_I2?4e1h!S8>;mdj}@pQ
zusZNWhLVO9x*mcj9V|Vf2X>`u&Wa(YS8}VGt@$;yF$GUgQwB)HpKZ>2?Y;&?$hi4d
zxSq)CtZSh%Q_g8{8kawRO3J-&n}?5c?m7P^p~gsE(QB#gm29$VYl}D5aie^GEHYKS
zORPTlk+M&5!_GDnzm2S$dDu(I@O$d2gz)%J65vWyLmD*~Qq2~7)M?D-M(?LbS?da|
z`=`|S>FJejk#bh21e+2;rZbcT1<b0JRT5GbsM+I!KR#z=OE0?KNBZJ1Nkh~osmO6i
zsge@gdqjDT+t~8Fh#+65B>NKc4TJQmiX=L<$a~&{K{0!Kn*P9O0^}ez_QOnnvh*Ap
zGqeS}I8a-Xf!&z${PY2NW&|p12msKh1HXB9w>E|FjY6pAy<lbnmyq;(cmG__=1+vu
zesfd4!#bhgNgO{wO+V@9H@}xZN`de6BMoB&z(<dusJVptF}x-A6;Ohcy@a)8-H{A^
zaa?D8$CO=WojC+}yXjdt;6Cu_ojONdqKSUn{z_ul^A~z=l5EiPKPF``IP@pT(Bz3p
zuh8vMCol7W>N18KK_tZ}kuzXIr^;S|xX3r`+wvCF#dg)7b|(WFWNi;!&DK-0x;@Q~
zo*Qm)T2>n)5b;qh*nd^!Y%#R#^Xq>Q>{`d$w`)2-UdA_Qjqk{G9>TH4x1rpnacEqi
zm{ultFNJU|R^}dBhyekw8L}I>Yqxt1ZFST<e#pRUf`^q+Kz+mp7FzSlOb8$T`F>;g
zoRqk1j-`P@+<2W)^yXRQ!GaH?Tf)n$yngs((rexlfwX(f7v8ht%tS_Lmx0SG1J8`J
zP(Qd7teW!2g%+z6;C=O?X5>!ex@h}~hzqHk+s9(wLz}pO>CLXL=dQ|5H@94M_nT0o
zak(>_*r!+ck^YE@&`xW1X^`2DGkEPSXF^OqQPx(^W^Vk0;*XZ{&7iU*_zLbbjrTGO
zPm$op3M6>)3>!5oJwU`cI7zi7EDztuDok5TrY%S|O1#(OB+5j`)p~iw_7pPbv8w*n
zxnB8<6Xe<Nj6lp}hNHd;5oR*ZVU_a09cps9LfXSED?pE~-6{K|8ZP5n-H?(Uiq;(D
zPf#vnvwWpUTAii*s&iWoJEkGhln5VDL;h<o<0CSjhbpV1O}oVX2B1YncgDfRC!bcm
z_R`)J8!IazrvDz&MwnL!mB^DU3KEY+ZIVzzM)(&1;$Oq#pJzWJ0{nl_OKirMnL#(3
z#XjX^|2kOllYahzEcgGxi~MhT!gu;%nbW;4bb8~mIJ-g64n)~^Kh-#PUi8Mg2u6B{
zZe%4ttEc)^JBQvwCVy#qXS3A$wPqRa&4X*2D9`A}WQW%eZs0I(gdck_IUAuZxFIFO
zx?L4KG3aZ(1-`;H?FyR)+yZH1x4>KP>-rRY+5-(5k9lQla&>QZZLuPo`3O%*1!4YZ
zrC2^vb|PEMj^L(=5X%K+N#}w>mCBdB+2b|UUOJE`$}w4e2mQE27nnM;y)L?z;%fRs
z`_d8w-PEw|m+B=#7R^OTZp7lW5-1z#jO|BZc2;BcpC%Lc9cA@ey~GCva%<{DIdTV#
z-Kdz@r0!gn3?_qD?a+l$#;Te^-U+kVa@<6PY4ZR|4}|@R%O<kV-A~B)TN~XY=^L8n
zcjGDVXv+mH6rR}R!EIZY)U}p}FjO#xbJ;>B>rOo1fkK4z48f~rRTY&n&gY4Xu6zq-
zbK|xKU+Gw<H1EI;89!$UgERb8ow#N;p7mx=K!=X5-)Nalkd5D7TYGNJU~$>l%hba_
zg~hVYW@=sREwdFt<fNjgnvYjNoikIsE%VAi-w}h-eb6PhKis;;2cEIq&feU*iLtE{
z&}*IOaYc@lA6Gv7La;C*z3n-Q&3yAc8{<npz`X)hUu2<xvTf{cj@;q+!jIWo%@-qT
zDeXbD;0s2Pawv`dlzaTRAmI;|^Sj&w3s!BFm{1mY@Pn$X-#q>Oq@q6<ZTxt3zf%!*
zCr&i4^h6V>4{GB0s9v|jE<i0thZNy%AEH^oF~6>6%+Msky)5ozxYn;+a}`B#(+lMm
zsaRf;#cr|Sm*Y5ni=Xt)O)fU_Nhi*;7IgNUw-qO?ZvpBz>)F@)+Id$+AH9XTOimBy
zxo4FlPTr&1@94M}=UVJ(<tr{;kFWv9h4O;IAvHs8@6;Bv6TQq881=qn@5VJ%Zkp@P
z>FHNUQ%0G=QB%f}yMNH=@_j?zB1+9yw{@Q<ZRx>cFKo3;3#32LK+L~a$|bHKMblQl
zZfEmpKTZUn3~pqcZ!w$H1mO-dg)hD75qW4lf%K&)Lxj!aQpePj)UE<1L7^kH@kuMk
z!P?2Bt=euf{hh6;py@Yj;yqnQ{Y->jtDW_f2^a$)kvSw~ZKA^xFK?>s)s48OqP8Z_
zCv}Is_Nck+<SJ^lgEK3xc~iBmLkC%Lhd9rYf?<J9`^Cn{#IDZyg_-Tf7H}y<{^FVO
zu#I5BT~0;Jr}aoG+2P8mlSKtZEjh2#u`*$E8bg<?KYMNyT07)ad!nhu)LJII|CD%i
zjmpmmO#FZV;{TeZ$#OKmdUMhqIqGekMIj7O{ioC0{hrm<pFwqri0bX6Oty#{aUUVb
zED8yO$mZ!%X7*&48Xdh{BI`i3;^mX0%bi=`WynCmssxF!PSK)g&pKV|x^C<um93zV
zZ+bQ)KyO<%t2w2IxVX13s!c4!1^@&+$UZ$E7`FgmZj5gMw}vy$K0pKi`XIC^i8O)t
zsvri?Lb82kOh=lqa+o{v&nkg`E?fSa78U>c$9`Y7d|US7)|i{ZNi?d)+R5e%xO+<7
z0)@Uru5gtQeBLFUy2=)?PK6^(ZA=FF*~(I}%p$QFgkpECPqU<j5l!eL4IbtKM;G`*
zHzVZ-m-pfuUj{*+G7mfw64V^!wM(2Pz2CAksdF~iDh;AfNG`5XhhKKzowmh6r23rC
z6nl}F(2(CGoTN*jp6gWP?>9s%TwjTQ=5;K&NM_6K%eOO@U8-rFh`EQmS7v?Okf1Xi
zYv*TuYPT}1_el~hV2I!Ui7-mkoQ`gRnSJzGLrI=7ZRwJ>VDxL(;Q4w{g=J%i&a0X}
zi^ryeqgQ=uDzHAkO#zWysP_Ri5dds>vtXK#2)aBsfxDr975@B$U_Xv&{$M%3L$LdX
zm<ejqb_p9-*H(mzPvg*^m=0DTR!{c@Vlr|gf+W>E=pT9s?$Bn%R24c$d2K5WmIz6&
z5$_Lm#;>O4CW)Zc(YfZoiH$QbJ@V3DGBFiOI8fWldx}keq}v-~Gq+s;kI5vi{o&|g
zESf*jxj+EldIjS|aSJzjpW6OXqkzGxl`VI12@I+7(O{!4-r}K~1$THH!D1bFy?pz;
z`lu!dbn1SPb6&D;W!dY7T0UPSdHHe0p&Tf6+=}o#(uQctKcJLWwrp`_o}6%oZ<bb8
z?v6!&B8fp|a?A|$kW>wts>^Ct(AxRE@$#(Y{LRx2u2um&F{X?NfIVn;WbDGb%S&cZ
z@<_fZNJi`FU!`e3S;%kh)IUmr|HMKRBv{`{sfb){0x&hDQ}=taJjak0#864;nINuk
zLatZ25(dpx(uiNzv{hXe!u8Z*CPR_IWsMc0#dGt53z=N)AEFc`lt3~UYN1TAk8}D;
zHHrp}spQt?(`pP&;?={1QOzPX_R2EEkBam!TXP6oNFt-=-0Je#Y?cX-ya;?Za`_XZ
zO0qmdDEgOV=TGP-c5DPBO)>dG-Ro7WJr!jmXJc7SJ@oZ_iv@E!EJ!jU)mBi|{Q0*0
zz>aefyO*eXy(bdxBc81LyvC84_Uo-3qQxX(91-k2*_uq{J?fP6n)9kc#n)jw1MF^~
zb03r3t_7r0_GGoN;R=%@$?3)lo$OcwLz}29$>l{uwWD22#LhdMrxRfzfZ=Zj!1~pj
z6FN>-^{-_N`>WLfADtgEhW*VFgr5ceKPec#4`(<;;YNC>eRa=W*ul1ouWic)8_KYc
z;GJ=%K4H&-ryD0&@4Er>KHXm>G;YQkPE=2nHCFdo%}nu`C>t;zo?$5(-CYUxK=r;;
zsH!h#2RN|twd3Q=H_O;mP{*`N&}VCnvr_q*9Vtvi5`t!i7T^258iLsg8Op;mlg>@j
zahj;gthhvrsr1fyx98757snGf9a-0pmh2AJ6ws0EFIzV=W_6?4uUX5v1vreeqqfI9
zQq=CmQaADi&l)`MXZ_4psAYnR&XiQbniSiV5KrGLnHp!mywAh$JV8ll)fM%YC{sEt
z96K)BejALFe+#_A)a$eyXmBTpcM$TJZD}k)8_LvISbY87>$9dJO1*7){t<g*m$1&-
z&J)wJ>!z;+`1FFDH{RXGjuok=@3gT!hZ9R&nU`IZ*NV#en;0>W^7W=kbm~a2pHK9x
zD<>MDwM;ZxIi&=(Ro{%(#_h3_hb)e+YOUR^-v?mI>+I+1x91ZaS={lH7ot|9*4$f4
z!=kK%O%g@Nq)i2Rh!2tA%6RiF>+J7P$A-NB{+51xVEjaYe=uD4<JJ9+05S41Il;J+
zGQ2ndoC|@bLK^QTZo~Y0IKP8Odd0{a5{xx0$>q66)joE1?H_J%scPQP$bd?Oc$YMg
zL$t$1_!C8xlFIuMt=(+qpXDpJput&Y1aqEJ{1fI-zm_Kb>5N-&ZT3h7Op?P$%7s#^
zv9gnk5f3xyM?<BmQzBJD(%FClL+~IY`3)`HQM&vrj9vJ{7>_3OfT>R_*J>&<;rj*8
z*Ys11+~=5;=I8uX!O=e6LlzElE|G)Cmy!#CDC&$a*<)I8ht2V{KdhiQ6<1Hrd@>D@
z)_oS#vjj#KE^*nHtjppY${Gx+8$hyy5sv2?OY|VV1>P6fg1^w*c{C@JH@oSf;;sLV
zub1`3vVqv^l2AGsPnr1GSwheCTL5K?Bl#Qyb?4p3CloDiMs=p10t#^|kSuUMW77FC
zJjRZG?wdTFxkc&Edd164^!*DY?HgO2YT4;w?okdpMFb-m%;L$$);XSv26seL7%T1a
z^Y&*;i`49}#Yben)T!}ul}>$G+&+|`!qJQXhwE%9Y_IC)>wVt9yTjWWsQTK<D2G6R
zj%9#<VzT-c*xkuOrU`(7KO3|Vrx_@<Pr*+leV4~L=>*zIpEwSxzLcg0vB&C}va#{@
zo)vL`7m{`zQ|iH-7UQo=&vQmLb~45}+1=pu2I&JZQ$4;+RddAb?m}ieT$J8jO7r#U
zRq$<Zu~xr9sB^P9P(MY5*yha`Rdc99c1OEhCf<)JIryvXjjV6)`Nt&szk3%Ce?nJI
zB5%PUr0y6r2I0}LqR-Ly+vI;Hzb5!u+rtlRmJs)_i6GVQ-RPS&XU~=JBF)%OQy)KJ
zF=r?)Jqf76a+ONemv)fp+L|w9oR+st@3M*gbm(1`bv=3|nUIuPEA3Z_Z`wPkqF1o%
z$Te!EgI`;Rr*RnkQBZnYs3rpwvX~l3FsX^rOZuWekxoD#F*K{YpwsSviY^Ak1~W{s
z!DS+=QPJl#l3rNAJy$V2H5HyKRq*5?`tB?BBy!jn<m%CMCXPg-*@c6hP53n~+v9yL
z9ws#9mpG}p`7&FMa5AFf_WHXjr9EFA`X;gW;!;)XdjO1`$6;otlIG@<8So7oW<%UH
z&hkP;c#4c4=`;xt++Q7NQ19C(PUfahX6HCEh8UXsamAnCt+DhgZ-MamwxxWdh>q=*
z!sPL=O*v81&lNS!#t!cfp#Ea|Qb$~3mlARNQiP^;+#J1EG9^?Ksm2V)#}A?h!)}2%
z-L#8s;S@2Jk5Sx@2qp3NZ5mc@s7FWrj4qXr86<~Y`uPQ5?B0`eNKkeuo`rn*nhJ?l
zAc~NeZ?zcNDz;&z<Ort1u)}>=9gTJvdmaS8lH;gdf@O6*FhE1SXP&1^l=4-MKJh8B
z9q2r2g+ezw5Wt=vYrd%)*9W5uyUp$Gwo#Suo79Bb9IbXxurJs~-;Ma#H9*=XyFy(b
ztF;oE#B`4W5eX(tQK9)_YHHku3)Ik)ebCghk}(k_-@2jdYK`Om^jwUe$dNc+gjje9
zj*PuqEOC`dvSqoxX9Jv+w(MLcmc3{DFno{6+H&t>h+qXDBfz{)5ur#$bg7A}E8s{y
z#?GgHPD4HKUe>YA?Oc-S1Pcdq_Xw_Tef4Ta1Sqy@IDoGIb864Heh+y026O&YZX9^e
znCC9mD4%Ss3%yyGsJ%!&jePc6GLQ~rgD_mHMJfcrj-%GaDJT$VYGVzQB=qZ02jl5q
zMLJbL=*40a!3Nsee8SDUCvsY$jUoUFBHldi0BhB$|LlugMJe#Pt?)rIoL=?nc@n>1
z+=KUd(GzE1VxI11$y-EKK6DO0EsAY)*rUI!G;jvXP_gr=P7sdO*H;|QJ`J9oFOI69
z_GD7q4+5Ke>Ksd@(bvo5jqDU@V)RT<(9xad?oVfEbauEZRcw-Yr>GUiR+thW)AVbg
z9b5G5G;0zZJ&pb<yTXM~79`qUzNlN$SGGuv`emmcQ}3ADB2P{?&v<H3b^Udt)=;X@
zh*A-PGE3R>iSaSv(Q2kZFE|3^;S6=Mq4F9*Te-~+dS860&kwvy1w0w)O2jQuUN-Iz
zB|q5ztopnt`U>-XP?v1A8jc!eBh_>9TOfjEYPjX-+H23ylD|38m~D<a^yV;aOIh`6
z(3IVV0Gszdgr&7D@_j(39Qsmn?|!K89k|okaNa}3jTS5EW<^x2btbM*bXSBqg768H
zkY$t;B$=8beo+6V<t-3+A{O=(Uv4owGxfA)o~_J;-Abi?yK>{OFizDo_md1j<$)cR
zTgu<Ps-hu9qU|spy+_3ubs8PhRMjxSBALUQ#1AflU>p-C#)&q(aC&!!tZulVo>YHK
za8-ods!q*N)US|N_9U$ia;GGv^dXHDAzor-=<e+Bi_DF|7EHLqcTL`;C$H=|6gi`K
zG>y8yaOKcgTqM$%*c)#<s;_O~8izSJMn`Y&Ki|@ssjlNbyLVn*AzWr){J3J8(s$vJ
zV74md@wujOetrz=erozhSEpT<r(d275l4q}%H)KApY}4^M@eQkDx~Dk_BtBrfD-yr
z6No=d5|v>h)>(V#I@L<SbF-(qAFl|VFsi(%Vo;shTUb(~pUT~k-Cjg3G=6}DVyE=D
zYrKr6yg@sQC}b6LTVQOf(a&<+&6hKp3Z8cuX{=B#0X`1Imp=hvIAVE*W7VkA5`Dto
zvoU%yD=LHCDR4~Ha52gCg(g{Q;EiG^&CMxZ*#{2oIi+JVs(sgjk6%DlZ@>w0Q(GnK
z)H%yycq-*LgRO^hwt5BdCv%=wIeV*hN7Z9#2`&6EGbr_~CY;5^j#D|ig$_&W&Wy6z
z$qAeM?`LRADjNLP!k_n71i`(U#vRo93Vv_PvTvvx-z`5gyc4O_b>_lpH?<=+QM#2c
zmdGlX6UP6dRO@hvQM!({Ca*M&rTCs~;dz&W2p!4rSd}x06;b`eAQsA39LfGfRVVm4
zeFrXFM9!SfTZ{^rZ)D;p%Luw-*_0)RU*7^Nb7xz(KxJb4XidPFiDT7()Mft-PF^FU
z@;dk1D_nGUu9W-7jb>&3IJbc1fc+Q`)J54}hAbr0_t|^1NJ$4hdZm5uCAg_v4<x#T
zQtYo~qoGDo?vH4uo7if2ENZkDy$<^$Pw?|iTNk~it^DGaFw5U>TE)Jvjb$s`(~x(i
z89G|8)16IGJY7mEV3f+&t*j?<4L^!hzXd*0S4IRTDFkPeb-)@62hnChN&@>XQ=ZJF
z$TLbkS@kr+(3IE9`-Dco`JOnE-D33v+yt@tVWCcK1$W`L7QFanzJN!XyS*!+24xG4
z!r-%>BK1knDE7@<M3LVtQu=o(@Leeiw+ZzFDK1Ir2gGgs_C$8uQ%x62RQln|SKM)j
zACHj~D@8vJ2@zrYy`1fDmitq&yT7-V#gd>1k+7eXrV`}M-&{b#>l@#tdUC1L)FvM$
zns=t@V@;XKrp&xm6jGqAz1c(+|J!t8|2jvFU$1Qc6=$gUH=CKljZEascQg+$^0QTa
zF*4Et^jB-4W@!TvR~g);rv@L00p2{WljcCzL~Qbxxy+G1NP0&)1{!#h3<69K+Vv{+
zg|YcR_RqePq1%Wqpk5Km&7NR2ilvVva#QJuXhIU2d|-m*%4vX&LplCTo&vX&AS951
zIIK|ek?9lOgRq(uoH3D)D@Miqm{7o);+wlva(~QfU?vb6zaYil<qjr1k&#-sKoZ%z
zbo=8%@3}Z%)dz{LnAM-zq{i`!o}A3%ad3F8#kikMl$jIhbWNXf6{|jUARu#Ip3Pzu
zneTGtA--lp7nD7uqR`eNxMMEp(EYXH;6Ssd?5Kix&>3`EX|=tK!NFzsrZ$Nvj?jtf
zafoqmsHq+;5B9pD0CYBGf_Yx5E*eY(qisKLO&s|(v5w4{L&(e|_k8Z)dCxq=g`a8u
zu5Rc&ZdMd;vBL}GrDxWu>~9ZJ*UL>O%4orohf!I!NM!A7ZE;qkox<&bv;)R`4>%Xv
z5UnzB4vcN8Jv8Gf3DjshB4p})b^GD>pYRUxYfvYqtQLdED%g_?j)hv+%OVXnjQEnE
zm94Fv<vQY03fXEH(cY>(l>Q_fNmm&em=r)S-UC7xraI8u*~W7a5RjcUIUIf-O}-Lt
zho%#9IlXN@Fks3@QzpaGf_6^X=mu^HrD%xaM9(0yB|ETxD;&J4=BP;X{vh%VH_&?w
z2X~yY`L^k`t|fbRYzL<bjL&b4SODWPo~3L#TKEZ*#*cMW4Hm}YcX+z}D@gvIxn~N+
z5)4wq;>{p8A2(B&*V7O~CO_RfYkd0crf%!G+A)+T3x#U##8Hk@5$`@#AjK}FRDD&u
zaj+5gpy594KFVfa(4b_KMzrrHE8&;Ht+iok2X2t+IJJ<R?$}Cxsr1~AvczoflG&Gr
z6OQBzz=IEv43I(*7?XTUqIJsYLsSlue0{*!#?3zxMZZME`&^;L(npV(>uF>#;IyNX
z5Od!4!WKaFa6giEy_=zHRDmFal%JiA0K*ft1a-6L2&+aiV6q%?j1157vh*n{@yo9i
z>46~*Ep)v3oL9Z=I2|K#rG^4v*Oy#GRNMMdtBns(Z|bH>w|7#6eUj~TR_TUIRI>pS
zjYZ&KC~MF?Gjv|{WOM}K*&>TJN#$Q#kaXH>`E;y2bn4#G$coe+K7&2$wv7o82+qt8
z?xi9QYYs`|8<nBsV@dYGAWa^_-=__V!t?UG3aKMN4NP`e#jb+}Flnzkhm(CzGRmB{
zCbT&7DVHOhnN{l^_h&?mm8pon`jP^TRF`M?L;E*r{^azCzm+Qg4PBA{i--BY$dl%O
z46pxtIN(ot?K}OvVk~e$5r`1xm!OfRsu%<S>${$<hG8(|K`(a|g}xqV4cEmv5>N-#
zcZ4(tbmvW#E<JMIH1{ms^Yk5bQml|&r;!IYGry^ao1e>Vc|olO7XPSeJ3e9DwxTk!
z*oc#IBN{rnFD&bOXX7~^YEVVbr5H}Hde5pFH=b{wF$Gu_r4pAK9Du*gm&w4BFEOJ|
zBqz@$mh1*8GuGSm-HMfSToWH<4)ofXk?C57$dP({Dhjo%<7H>?k2J<aG@ZkX3?SZ^
zDvG+io7OWtcer`tT37I-e^_^ECFAq;KnW;L{4kqs168bk11L<!aB0ssnskw3mPh}(
zq{t-|{~^nm?1h7*poNnA_1ghDZ6>#(s}QFXg^Rg)ltzx4`naJWb{P_*^EwFlW5ayi
zNx@JNj*F6HWI&7*BS(~%$X+tc$d{!sc^<L#(U+ZjTs3L(o)WwB(XL}#*ImT2q-v@o
zm406n#XZAHrY(^U`HI^ocTu-bNYL5&0+#UVysLXrn3{wW2(d4RBt2Y;&!#t`yaglW
z?qow86#J;D<8Oh*^_m#2N{y+Gqo(D74S!AR+O)=`L(eyADjJ7!``Z*FIe3(0Tx>?5
zgL%3|B=~3ZZG3yRMbJP|5~q<ok?nfVjtolO_jkT3_m-5h+B|=Hsow7)xOeSDMzvOR
z3&85?6Ur6PszthVs6S3Jd26=GUT1eD(kXChnJ5?VLOsfnfSw@QGSsC2wfT5wM_%*{
z-Sc=sr7$x#>3BpiHe}d(XB&h@s6F+JKQPcs)%t24q(IC%<kyflZ!Nhb=!<K7xmeOr
zk5!-=xeR=kM?qWe!Py%j5iiNTNfA{mJ=^<=8A^AJ#u_@n)GX99w71)%27;RA5Cy(e
zcPoq4m3smI=rQUpnLSP23LlB^Yvul&{nu+wkXo|pvj(>(DV~y9mOP#pcvNFqazz%V
zDFoS3Tv0Sj1aK=*XP%K$+AL4?Cl<CsLzxz{1Zj>hFWC^K9<}c&#;GNt+o;xNH->h}
zvqV>sRgD&HLi>V5v|T&K1VST&`bu_x#n{lV9vy<#xuPdQY$}3TU5rr{KOep(t6ZK`
z|53;`wk8mNwr*+pl|qP!(hp1#csBf8_frT<DX_Fad$=Ox_x}hB00w&z;LbmC=yQfb
zG{4UOTbv{(=+!t9s7VWh9n{|T*J~sO5xN`zp!p@F6)XL(uE%}5g#YcnM*lE~*^g_R
z|MfY)+b6&r|LY9V|A_W2utxLA4j2k8jD&y~GXPq4Evr+sDtj!7e*`8rE?aq=4j|Dj
z;miR*+6$I>@b$KD{A-Xi<0ER+8?u~7k3|W1h&;TKZvmYEpL@O3-T2)j#usW%Kt%7o
z&vtg+jA77J$3x66$30~wSOTVduq)3WB|GQm!=T2kEl2m9emg1$XLvXZDhdkge0wYu
z24Y9u^>tYxT}rtH2z`C-b+>ZN=kabOngY}ylebS6iG*69#tlJYv;y{B0&1K<fc)Y9
z4QcAkpcu3|yj1YS<`3PS@)?4}sBbXG{gg+b&;0-sc6AG!6mkp#)a+l9vBx8qveMzZ
z9&@jxv>fexRpacSh_&MmOKHv8QL=rm3cU}9A?UdKVHgC4`h+i+0u{my-XIvRQ|!us
zo}l3XFvfNZd25@3j4kZQranqXUG{t7p9_yWC_)w$7@(eTs-b@A58b^lwiy92IssR2
z48><=>CmE85bEQ-t#J2}$Ko-Hkoozx>5@kx$R-=l`_J6N6(9)g$R?pj+(OF7ThMxc
z>x&<l#QuA;d^ab+mTX$oyzIaj7*GFXaSK3AfJCM~8J?OY$0~{X&zdt5SsH4>hbzXG
z%Hfp9xuS0CRVzEFr5#|7<7&v&F9lf1x4zCzopUu49}%a(>TV;djrclbzl-ps8In_}
zN(mo5xB+MT(QgPrOb6$bOMYn}s7OvK2Ye}@>Pox#7FVsRfdD0|pxZk~K6g>dhAEh%
zQryG{QF>S`>}n#%zH_EQ4uWFupyOoh^=|yJaka7It7QKfZ_4iTsg2XvWa^&z24e|r
zuYq`KQg7EfTj_mCi<+gxxIwZlBtgj9eu9I-vS34-Dkig-u3nD`6HV*lD2^b(yX)Q0
zj|ACuunguF^tMeCq6DfMh-{@hlDgE~S8(r-o;xum@I2sn;_c2jCzMSuBT2Gyqrs6n
zh!CY$+*Cyu+gl!*M=-S4EgVr`oC;_7Spd}7zn<40ab=7&mOH1%+VISPr={OE4qGwx
zMgyvG7!$AJd`$Js#<p8fn17~i(zu~cT?TevOZn5`J+ei5f+NxW=Sm#1!wzdqWlb4+
zUs}ovVi@XMnr4^VA`>qZGVb%}O7l2<aP0E*WRmsx$eLq&de}=@_%8lgK9Lf|hh(RM
zwK${XG8*%lQ8mBqAmwTrr`UD4_taL!eQLaY(F-0LsWr?h`Z0mmYGOtn=y@l!nVs@G
z8HJXSGF&9CW)ir7#qZMb{t;)+-^jJ}lmJ+jFFR1)E!SNF<)RNrs{tUU*?r_6C5Hg;
zP;T7*YcBmqKl?7NL>h(8_@24m=TNkFHkxm_7^I;e(cK(Qw`8=e3Z3+s{=?q-cM;a#
z)DQf*sSU<m$pQvdRtfYCCu*v>J)?U3Tu|#M>`IA^&QsO|bFPe!5i~%fV)x=LnXDLn
zczcFQKfWk?UwKb9LNJK2hS+M8cSAV-INg}8KqK$))j^mY?;u4CQ-t~}!o9b=0$;`j
z3s6lK%2bhC6!_X#IDIno0*a}{sO-1x!R|`z!IdqKsTRjCXD(FmI~@pB-)6%BJ0d$G
z$VPtzcJ|}U^gH9jARdoCcrc*^Ao^*)Czz*sS7c~nm~3K}+fvaG^>J2}e6M@J?<-P~
zSz&+uf_~5Xa})YOYSsE$tw<7TEG83k{8jZg`6j+Y2=;yrmws2l1r|2ilrg1y*4X!x
zQ$p^&r#`4;um6zj0TZo5$SpLJ4$;f@xo?<7gU)9JT**_H^4jWJ+DaG%?sG(ON7jPP
z7ha7oOh3w**VDC<1wU1CdpQUrA9!7|<_$QiSmI1HdTut&bY;h6O!rF~x?#Bqxd_SM
zJUKY6Xd;6+H)?!knPd6PI{(=mjauvQwFx^J&w#+og#6k#uCO<Gon;v{lY2*e+uBXD
zSA-U44PDb}wmN9c@y*Gc`_1wFK|MG7t}8;5!6kd7Nhx%~EZf$eah^jOjhDmpmi|0h
z5bnXd3C7H>o>$~+BAbrdgl&QQ6(f$4P;};b?48h~`PB2}m*x46cZlK7_-5BywX;xG
zW2ilMqqPYeJo=5Z*TD}EPg+|plRcm9NJr?gG~!Ys%-4Hk((zr}YvT!$G?CD%l}=v9
zPpHA<|M;u?p7T#B>i*6v5QM5x05PmM(ii}_vXnSrsG9^DXV>qsXoW;CGWm1U_6@5u
zE=9!nU<r)Kfj~hd5kUkFL?0{-{FBIN{JqC-(-EFV-I3nK;JY9UNA$rBkgklJA$1%s
zk@6Ekc~6a1e*ADFwJYl{*_ew3G5FU1dYqjk=3XQ5Ee}>44uFgRKLW6Suhc&y#s7D?
z%YR~LetwDc0G#Tjoa+M=4nvc*06X>_ZD+kD@q|OSD$%vU*?KkokdTIUf`gMnr}_F|
z<%&lV|8<=%NRnx|ZP(|3k&&weoWKn2QQbF=rK3(go&)~3`_XS^hd=$5{-)~u&ye_^
z{FPKiQcXt7ieN5Axa#k0#(&-2r_t{xy5})<lEI<q#N)3PnkBIX_VCtW?$@cMqi#%)
zlOWSgUWja#uX(E?K-k7=TD>r17JO=Z3z!o-E>+Ex2J|jKvRjmsaVpy3(;f}le0}NP
z*1Px$r+c;Q;KV%l5kUcKTIZo@g2q=N>mzn#@(;ckEiRz9Hi94Bj4ZKty$s1*9%n`$
z?XA$Y;UW&w-bm(w9F#}rm+InrR;&xhcZ(17=X+;yD$ng-4h;no?Amu1Y0y^494~C~
zZ7@ic%xQX=v-p8O)vg2+$v1YGJE=Svy6YHA6**SPy0pWOnsl~Oy7|5|>U3yK!17e0
z=3`jz**=|p3TT!@2!a^OB+TSRn~NEf9NX03g~TIahWO!cV!|Iw{5gjH48!Gbw&D92
zqS0V{M10SIp&Edxj+-hRX6@zaYtplS)pdt-y~64|5>YQ|UY?tabwLp`lp@fjlP1`<
zxO<v3r4XX(iAkM(;G)dTF=+cqI{QVklZjC=$39<vLGH-wv8XCdf@cOx%%SA<@dBa6
zOUAZOHx(Qt)ba){E3kWsbo!S3?^8B4yprwYtO($vAc?`=7U6o5GPm79hu<=0%))Xq
zCqBy3(NE;Lip3^&qW57^$JKKtc=e5IWt#_%?D)W2Kj~FArS=NGJ7<qJQd(LV8C{KV
z<DUBebDt;pLkh|NU4X&AH@Nx!Nfb{RlmH0KruL&Nc{mZeDyq_0;)l_!Gwq?ZWxZrK
z102$$sBbr8FD{ZNt@MrLJlE7f{Z)*>3etGUKwd>dvXeIzYb~dMheuLN+}(zUb^DU&
zOBkd9+4a;*xdH0BU|X>JR%!JM<B0v|G*rQNlkd|cf3Q#VlS0_EdP*2tdiHGHI-O9z
znIXUUusmwoP`@a`kzDVFuXvD8WxY+zk<4P=KQ`(Xph_$0IaWC}u(X8T*Kkq|6HRs=
za`3R%j_b`C1g99dPqFRj9LVchTdZT@vEqDgBVXXRMan<sLa3kBn;7C)kJf<t|Ivo{
zaQ;Tw&9D4af2;moNj5Xq*6-vr9gsiP4T0fGV3~-rL!Ue*_VTK}w>qOw8H06XRu;RI
zmJgM8zb#=ll6vTom~^A-?v-_A4O?3g9QX75XMg;pho9r&=X~&UKKys(2TOnDSBU>n
zKY!^xZRG_SJV|PIQmIvIRn9pMc~G({7X#*$`a-k!3wMoI_5Ot}Mx!Es_u~oQ1uJ(x
z8Aef&eKho@f~rP6P-l%X-3V+cVa1X`wUXW+Xe$bDObD!V!^KoZ%|Zm8V)al9oMFMV
zuPmSp7kXfcHo4ZkVb;}aDT;k;Qt-qRO*1#;HG_n-+4xQzR_hiP-GC(#6I_k26J2V}
z8_l6v#3#KpIa76)gYsOHv`4lk&S3^npVMMZGKTlI_-{!tWCse@-Or=UcPBF;)2v+q
zfv0b3>R)9A`>s;mb0xQxM&e3SAIu4+iq>6>wP?-Uv$Bch9o5P(N?!|c8j?3xceFH;
zRyu1aoqhU$$bNooA^MB-=eMp$84cKpu;*Pj<lCSsd*KCxHC0yM)LVc;Ok=snZuX)w
zl<|a2Sp~tTiHLV@c4y?cWVb9K8NAYe3kdro`ZmNVc5Lh@8~LjU&ZB>p!%kV0KDY1Q
z(1w^iGj}bB(@fXui}YvK1zPQ-YLVBoEk*(zLiK}<H6r*+cYPXqAMGR)Uo+smp;#7$
z=pQDSzRY}?MNPa%K=OjGfN?HX;+R1rGC)`m5s`q$(A?I}n^+BEBS*R4Wn)p9g|Add
zL47d4HQ#Vnz*J#kUBpp%{jLMIq8wC<xNs<Vw3MA^)T2rNt?qlFq4T<=^}JU*sw}5I
zZHL3=3Nzh0DBFmh4+m;gR_O`oe3(=aq}S@+A+pZ03`q^nW#^2H3~nbxYi0$TsQ~AY
z^D|Wy!9ir(WqZjoy6AP8!*KB-*&ANIY-JOHSsbfPahVzEEc_lg8aD!@X<VvpZK4ts
z^>lJHeney(U&)0JD?8EBMONB)Bf}+#(sEMod=21P?W9Oswq-{uxh95-La|;a?_E|t
z^$d`gzKoSWJ!Y6Z$0VdQR)6;@wW(Y2r3!r}_O!uQ1Qdq?V;_(wG`cR4;!O8LvbeGu
z0Jgr*UJ``}2`M8T5zgXIV2J(WD>WwB30-;vE|~`-r#Ltz6R2y0BZDPx;>rC9YB%WC
z2)YfnRCHws2|8<y$MP3MPI#}jff4u;Y+GMCb%C@2@ga8b#*%L_yn#V9N8!=z9ywC)
zVs#jj&_ZHVu{MeXVe^zBf4*0q<p=wV#K@USz7Vcw^ACChKgJhO8^e2X1{(FQGpY|)
znko6DzFq~}3G%H+>?%K;!`VKYIU-j&Cz8YN5+R+vsSY#>S|7>M!JLO-Z5La^4>u0G
zN|ex5>2VktE<%IBs8EpJN#(n;k}~RaXwlMj5$N(VCFs^0BMD%FY#+O{31GBTV_a@E
zsW85$iqBHLPL<!SCs6f^4&P7_xX+Y{(qu#I-2#=M$#j8)MH$dg1D0YLRO5X+UcK78
zktb(HgsM}&=`+-F@$NQ}t%&TxHsIp;e2dkC(8NQj-;xw!ns@b5>ZCC2BgrWC+;yO^
zf1*=fK@kiP^LGrRzPmpQr4hP?6<vQqTDJhOM^Q^oE2~09A&q9JVz^+(@$1sm7(#6~
zaCf5Oxz`bF&GS8q;FmKm+jD9^PLni3142?iGrz-=RoBy36w9tV%-<~_8`2GQ6?W6j
zCP)esMrJ2Xj3jVFCR<JUr;-$;8ecHauFk&Ya8o9}^!n^~z8<N-KkG$9P;glnn;Pex
z5v@7?xXGSj2CvU1ykV5>{Z}s|kf*<lUhzmE@7B6f3C}pq<wI3kEs#K~9WHk*fAo-*
z?Aj=3;Cyn9gK>2V@BSC&O2)!+_?KHvXd`=QO=&sO3p$do3vzcuoPKjay<gc5{?^zP
zD*rJdOWXn%qc@*!0mk5i!#f9u$j`2|#LTz*IMrSm3J-YBSGqb6f_!izdNtf|T>?I3
z=Gmk4m=thEf|-oI9ruDEw2^lx8cz<cwi#JrD+%ZmMLPY6Q)_Sqf;7aKsW)Djo2_J!
zNN7So>p10)N0*|nh8l|`&;wlaLbVZ?3|g6*i86@z8@SN?GSqBP6L#98wfQ>xPBDc~
z(1%93DFMZje58|T(AzyW4az(8i%c0{-}6(4hJM4E?4y=>@^FuL`1}CMqpenGu%(Gx
z58}`A3l>Bx38>_#*o?ZVGLG}NpjDx9%XYX+966SmOQDSl$&2i|YoeyM4?RxEgTz_d
z3NjM9-YX6eB*`-Dvy*Z+1!zk_kC=VfP`$iczTLbM|A;CES!NDhWETzE9e={lLjFA*
zAWz&S#D?!qY6b12#QNT~dN&^=d=jLbzs9FC^7BRBgGR2qud_8{i~@Qa43}Icre3fh
zei);0hB`omf=|4PE_0U8upnCAZ|!(F=}^e#V8=fx>x#)elG(q2N42J3D04TA@1$^I
zpHihlBHEdDjS9|!9N>Ms^OyT%zJdJ+Ib$sRED3z@n}*6LJD5<D72fvKtM^d7>gGa#
z5(fcw6z6Mf@GJ1ewG}^9Yh@BCJ5q1DE$9xl4un?u<pxGG7P_OdYQ4V+`_Q^1vwL*3
zd^(&VX%r4B(igP6t;gvI*5Cv)M)n%TCs`AI*MFf0_5oKcJ48>YWcHi)2gVT@U++c;
z)I<dJ7ba2x^}Z&<ytaU1weX;u8s$ZJSMlMGPoYy>U_tr`mmxXUuLkL_g>&Db=3VY9
zd9ur$D`;3``#ZZ`PA}pIIr!3GDnqgYNE3?L9eGy<ya%QdmkaRB2(@*(7K$n|oW_ZS
zm-dl{deElvx#ACd>6X7)ujF~W>}|lT<4$=aLos!ToEth!p+(l0kzvt+rq7;KI~RjF
zY){1$&gl!zkYh!+A10o{)ro2%?^Cj&nVHy%)2!vuROOAyKH^MOz{!G}t?Ci_)Q~uy
zpx=66%z<HcZdBc<(a<pBZ7q7rWVSgE+t9O3T&qc%MNGJ{qhQ)^%t2;$ejXZH^yVvd
z#i6hpbz0Nh7{c|;lMLxqzk{&~s|85$qbNU>)?n*8Ri%H<TjjR~jKV2{e$qJn4DVdo
z`=;8vzO66Q<H{HMOC+pu?;8%qCD;0{mH#(%_4%JrrTZ+xE1!f*?x%hELN-+>kRG;~
zaK%jbxk~ATlQg#&9`^6p^L+PY@wrgC!%HF$HF$fL8(Rp(N}|7iEwLbVIf2)Q_+-3t
zq^n4iyX3iFJwGW}IFck(WUius9nx20Ha1zhhFR3{`WVFBDKvYM%~`4pieqdo8!6FI
zwN!m)N|YJb3$(>teyRU}j-(^OTQe^jq>f#?eW^E?2k)57MC|<G%Si$3yA{hD-4y{M
z=z1U>U<D;B`}C?Hm7)vtLj&Lb|5c0R{6gq&poYj<*PS=&*vqTXUnsSg2MkZfSQNni
z7ZX1v4pk98+E?k=_e4FdX5f?2Ey~}mLSFi9GwI0lAJSiS*FltS0Zi2p4JODb<GPi-
z?X={h*B6t8NvLD1G02_rZ0CV3(z8b5)&y4dS%3;XtBgU9P-gL1d0zv~bMlLjD%tmp
zt1*cnh<(7L0{WsTrOfQR|BPV#Z>rV)n29(H#y%W6A(;p$LZ?E;%Uh2;VB$K<7E~^o
zZ-Jx1!u6GHD>s9ual@pmF*p6fS4UP2(c2blo<5~7&cuIbN^8IH8Jdps0)L`jS$W?^
zxPxq)S<+=dCe5oZ#SJ;gDW=|+eUL$w{PlZfsEPXd_?qWy))!}t9e>TWu#|U{*LR7W
z`p+c2Pb9!TV8AKh$oO!B6k$2*KZh0N`KS}bSOF^Q+iAC53aroO1{qxly#}!C_-M<v
z3Q-3XKW9+wL<pBql(tHz%N~a8-vS@P<hgqK`7@4Jp(u7DOQH!x2wwZ#1&x}xNw7Sd
zc0B1#rNdR$wEP*wE0|)idZoN%?rr8hu6`A2G1YqD-QM%z)Y&`wi<Da=mtR*?Odwn-
z|BZS%FIQPsL!yg$@<i4bCX%C&7#(wV)rEYSRpk+OvJ$PO&}8_|MGBk$G-V~bJ|Y=W
z{2lB+*0y4yV{n9bP$Rbv6Eww~RsPbAYEKnMz22yvIC6scqzlcEHqWl&-27Px|8s)w
zv6`)-Z7B}E*qiOmXIn+fMvIpjAx3#j)Niwf(}@#%VlC;OH4NvaU!XYbY|FXQ-c?_%
z;gq2`1!H}pHTEHq5t=PLX6eA11#f<A(;`!Tu|6|~e^smUi1%emw&Pes->B@uTtYmr
zzUcO8%gu^o17T=ozt_k^qQoz&2&*rqr0whwyOdUh+Z`}+>?Z3#Q&Y>I+4<Z^GMsL3
zYFiQ}TrsUi-Z+DYVE2G@<GMU5-1k!pee?0jrAaM&NBm)B>a8KV6vQkr;9_#R_;qnp
zGIq@Sa|wLCfLVj=luF~+B5Ihsy_KeGYYXS)kk7v(PJr?1>))fUDi5K#JS6p-@t9QQ
z3}C;%Qck>5YZcYNL#eWM<QY=g(vKHwHu(zvq0Jew6J^mkw3A!9Z5_kibBmcmK<g(Y
zkbMaWa{T+`2jV1K>Eh+)>KS{!O#Oo)hq~gZj{-gv58!!WoH=&4m}wdGKBWTrY;UWG
zKX2T0_q%4&vUHt^?~i#`TFSmfSK#QIc=cwg@idoJJ$2pEua=aLB$WsLFb5xUVc#i(
zo{^&~UDa()5kb7?1_LI03LaO5oISHr)|p9A34HJ_F3q4>0hhXXwPdx1VMpW3ycKq~
z@!g2G-c1c+Hdh>S#WK(B?N5VD%#H%iG<Jww_0C8k92(KYyNlB*1w8b$?-DJwOWLpz
zy^6%IHL45;BPi|1UX8_LA*sW&TP3QMP+P;tS{@GJF!l*=B&`5#89Uk_D-}hY`}^FF
z?t>z~G);yV5l*sNoYtxEl}2qE&gUs>FUsXT=a7I;@-%P+)tcE5^*v`4$e<Nc8Om`y
zc%`Ddy5%qsSJPU`&8{emA?w2h>;DtLeS?T7Z7)0}?oN1G0EX6sHx;ebQHQG+M;d2_
zXYAqcd<7_PqHRbzyG&KSi08`Sm@{Y9YNlG<wcaYBf*1*)HaV;Wz&N%G1wI@PX~MEW
z$xhU<Jr=W9vARZMaC&uG<iB7P%3XO?yjQ89`l|N>c%s(5omFQo?0{LS&C=+D_lp44
zWPA1gBEmEWTt#Q+=f^k&x4;9B$kHH_R1+Cc#NNWCW4{xT`^1C%Zq%dmJL_WHJk$xR
zVb>1A{Cr$qqU%*Iv*B~IEIfpMmIjhdcdsKW@~{*NDPBaA-(Ot!l~R1{sMdK@*cTE~
z#MHIw_%@su?kFqT)1|z@e~-Iz2|C}uY;rUB!bvf<*FCS{7E;rQsDcyOPd`lBoufvW
zoa!_Nq6&^-$`~3$6efL_7&3M6)Y0my$I)vqcFlo_#<P|~0c1bORBlEMq@R)?NZ&_%
zmiBU#j@e428rc-;5mEb&HxiW8U%DG5$+6}482c(iTfJf=H8Wl>MQc})rV$rG0VA%t
ztd##q$upw`X@TJ@p$l%W;t}Kf*1nf%9D)EfW>_`XI4H8lO)2~A9T<frT~BXrhELQY
zOM1oBNDg%cX)24u7EGb!axB=13d7?fU?ui#g3!GYjJ`g-5e@vb#J)Y?jZ#*LVIul<
zITPUvs4MBFQt@Kl`<Nz6{ua=tyLJ@5z#7|npg4&n<L;F|Cft#C^I-I~cd+7>K^B)q
zvClEE-^^p3H?R2o)F%#m0g-_WwW4&)p?%flLi0iPGMdmSQ-I1x9y`H_@Ev_MWBAFF
z=bzc~SY>G4Ui3~T)AhcPyx%li=N0Je{$wsWy}G3hbXsO(_F-{0B1kVg0{ckv>i9%8
zj0r_@X?J<a$eTl5S?W``XA=Pj^TX{2ixZP`+xmo1qlf|~YEC73;D4=}`NqLLz|Ql`
z{rB^qyFUL@bN1iwdaGN}8>YSaocLiu`=J&{*Lq7-{qZC9QOdhG-Zj;8bN<n}V(ZIJ
z!XP4^Za8YEoMaw318)(_|F-_sI`gse;)B|!FW=c}sqa6rY+aLVZN&Oh?=Q|2DOq#i
z0;)qelX9284h(h@mRuNORO=h4A{M_&x_{*=m8R2Qoz<^g6>>~|l6$=Gs;rr!;&j2o
zT+2f|brw6V$g^9vViLFhRo>$uC8;}QG**?mOipT|U2vc}d(iW^FUDvFY)VO9T<;u`
zHTj+A>~6o;?@UbV%l|XjCjUAABP=v_&qcQI`cr3pV}Mt=*e;@;m^wp`&c@nu`44Mu
z?XFzJ^ZxHmDY3e9_RqK2f4>Mk{B~_<zKN&I{ks!W=Wp)+`Ii6hm-<7iL!-|Mxto7a
ziA;a<_+Pa%a1(?4hgDa@KD$gj`}d|;<Zlb$on;q*TOr;5Xl)JMb5W(ZzRYzR(S~NY
z3Ke}~`{q{+JOMOp)yYzo?vroUzKT@YBq<GAn$Nz}9ef={>Tb&xp{M&^GcCVu`=7yT
zr7wqB=C^X@<;N;z`i_K~ZSvToz2TRTR!o%M^PH?h-X(ke#3sKeneD%DUHSRh|ElbP
zJ~_5|^P9|a;2E+u^)qXq&pj=7;>EW4&N1)joB#Pz{~Ne5t2aIU#-;bWZRINdGZ_6o
zZ#~U+;)TsR&cz?tpVhV&=ez-4*wp!JQdY9uV{5I@t}ws1bEa*08Gm--{NG3BpIf}_
ztAJ{X(b?s{zI?M>9kx;8%I?y{R=Imy1MjR@Eo|R9>Avyyq?4~bec14=X-7L@jYe69
zjBCqGA9uy?0T!AS1@-b#rD8s;Y1`@*r~W(24+^^n^&d-<mQO8D<(?Hg{r-OjhSd6v
zz;t4p@}FTJ`+o-UFs;h)vVfh-Z`Qv5(-!_)#QyU&e`HOy(}DHqiBV0nMgszxj79@u
zG$2OHh|$7wwAL7{K1bUTqirK#%W`-$2`-^Ed_k?{luQ=GPmIa0?mr9)@>J};SG|8n
z(j;G1A`XQ>TCqf<t^#n)0jYxx_||lc$}tS4AQ(+Ql&wt0*Oea$a-->IH2qML&PUVF
qX!;pVKZB`7FtXe-TK<fdKcnT($jbAB$+x5B&uIBWN%>R%|0V#;foA0Z

diff --git a/docs/setup.md b/docs/setup.md
new file mode 100644
index 000000000..c809dc66f
--- /dev/null
+++ b/docs/setup.md
@@ -0,0 +1,425 @@
+# Odysseus Setup Guide
+
+This page keeps the detailed install, deployment, troubleshooting, and configuration notes out of the front README.
+
+## Quick Start
+
+> **Branch note:** `dev` is the default branch and contains the latest development changes, but it may be unstable. For the more stable curated branch, use [`main`](https://github.com/pewdiepie-archdaemon/odysseus/tree/main).
+
+Defaults work out of the box: clone, run, then configure models/search/email
+inside **Settings**. Only edit `.env` for deployment-level overrides like
+`APP_BIND`, `APP_PORT`, `AUTH_ENABLED`, `DATABASE_URL`, or a pre-seeded admin password.
+
+On first setup, Odysseus creates an admin account (`admin` unless
+`ODYSSEUS_ADMIN_USER` is set) and prints a temporary password in the terminal.
+For Docker installs, the same line is in `docker compose logs odysseus`.
+Use that for the first login, then change it in **Settings**.
+
+Contributing? See [CONTRIBUTING.md](CONTRIBUTING.md) for setup, testing, and
+pull request guidelines.
+
+### Docker (recommended)
+```bash
+git clone https://github.com/pewdiepie-archdaemon/odysseus.git
+cd odysseus
+cp .env.example .env       # optional, but recommended for explicit defaults
+docker compose up -d --build
+```
+To include optional extras in the image (PDF viewer, Office extraction; includes AGPL PyMuPDF), build with `docker compose build --build-arg INSTALL_OPTIONAL=true` before `up`.
+
+Open `http://localhost:7000` when the containers are healthy. Docker Compose
+binds the web UI to `127.0.0.1` by default. If the port is taken, set
+`APP_PORT=7001` in `.env` and recreate the container. Set `APP_BIND=0.0.0.0`
+only when you intentionally want LAN/reverse-proxy access.
+
+> **On Apple Silicon (M-series) Macs:** Docker can't reach the Metal GPU, so
+> Cookbook serves local models on CPU only. For GPU-accelerated model serving,
+> run natively instead — see [Apple Silicon](#apple-silicon) below.
+
+### Native Linux / macOS
+```bash
+git clone https://github.com/pewdiepie-archdaemon/odysseus.git
+cd odysseus
+python3 -m venv venv
+source venv/bin/activate
+pip install -r requirements.txt
+python setup.py
+python -m uvicorn app:app --host 127.0.0.1 --port 7000
+```
+Requirements: Python 3.11+. Cookbook also needs `tmux` for background model
+downloads and serves. The app itself is lightweight; local model serving is the
+heavy part and depends on the model, runtime, GPU, and VRAM, so small hosts can
+connect to API or remote model servers instead. Use `--host 0.0.0.0` only when you intentionally want LAN/reverse-proxy access.
+
+### Apple Silicon
+Docker on macOS cannot use the Metal GPU. For GPU-accelerated Cookbook on an
+M-series Mac, run Odysseus natively:
+
+```bash
+git clone https://github.com/pewdiepie-archdaemon/odysseus.git
+cd odysseus
+./start-macos.sh
+```
+
+It launches at `http://127.0.0.1:7860`. To expose it to your phone over a trusted LAN/VPN such as Tailscale, bind all interfaces:
+
+```bash
+ODYSSEUS_HOST=0.0.0.0 ./start-macos.sh
+# then open http://<tailscale-ip>:7860
+```
+
+The script also reads `.env` at startup, so `APP_BIND=0.0.0.0` and `APP_PORT`
+set there are picked up automatically without a command-line override each run.
+
+Keep `AUTH_ENABLED=true` (the default) before binding outside loopback. Do not
+expose this port directly to the public internet. To build a clickable app wrapper:
+
+```bash
+./build-macos-app.sh
+```
+
+<details>
+<summary>Cookbook, GPU, Ollama, and troubleshooting notes</summary>
+
+**Docker bundled services.** Compose starts Odysseus, ChromaDB, SearXNG, and
+ntfy. Odysseus and the bundled service ports bind to `127.0.0.1` by default, so
+they are reachable from the host but not exposed to your LAN/public internet
+unless you opt in.
+
+**Cookbook storage in Docker.** Downloads live in `./data/huggingface`
+(`~/.cache/huggingface` in the container). Cookbook-installed Python CLIs and
+serve engines live in `./data/local` (`~/.local` in the container), so they
+survive container recreation.
+
+**Remote servers.** In **Cookbook -> Settings -> Servers**, generate the
+Odysseus SSH key and add the public key to the remote server's
+`~/.ssh/authorized_keys`. From the host you can also run:
+
+```bash
+ssh-copy-id -i data/ssh/id_ed25519.pub user@server
+```
+
+**Docker GPU overlays.** CPU-only users can skip this section. Cookbook can
+only detect GPUs that Docker exposes to the container — if the host runtime or
+device passthrough is not configured, Cookbook sees the iGPU, another card, or
+CPU instead of your intended GPU.
+
+For NVIDIA, `scripts/check-docker-gpu.sh` diagnoses GPU passthrough and can
+optionally install the host runtime or update `.env`.
+
+```bash
+# Read-only diagnostic (default — installs nothing, never edits .env):
+scripts/check-docker-gpu.sh
+
+# Print OS-specific install commands without running them:
+scripts/check-docker-gpu.sh --print-install-commands
+
+# Install NVIDIA Container Toolkit on Ubuntu/Debian (requires sudo):
+scripts/check-docker-gpu.sh --install-nvidia-toolkit
+
+# Write COMPOSE_FILE to .env (only when GPU passthrough is confirmed working):
+scripts/check-docker-gpu.sh --enable-nvidia-overlay
+
+# Full assisted setup — install toolkit, then enable overlay if passthrough works:
+scripts/check-docker-gpu.sh --install-nvidia-toolkit --enable-nvidia-overlay
+```
+
+Safety notes:
+- The app never installs host GPU runtime automatically.
+- The app never edits `.env` automatically.
+- `.env` is only modified when `--enable-nvidia-overlay` is explicitly passed,
+  and only after GPU passthrough succeeds. `--yes` skips prompts but does not
+  bypass the passthrough gate.
+- `.env.bak.*` backups created by `--enable-nvidia-overlay` are ignored by
+  Git and the Docker build context.
+
+To enable manually without the script, add this to `.env`:
+
+```bash
+COMPOSE_FILE=docker-compose.yml:docker/gpu.nvidia.yml
+```
+
+**AMD / ROCm.** AMD setup is read-only diagnostic plus manual `.env` edit. Run:
+
+```bash
+scripts/check-docker-amd-gpu.sh
+```
+
+Then add the reported values to `.env`, replacing `RENDER_GID` with your host's
+numeric render group id:
+
+```bash
+COMPOSE_FILE=docker-compose.yml:docker/gpu.amd.yml
+RENDER_GID=989
+```
+
+For NVIDIA/AMD GPU support, also read the comments in the selected overlay file: docker/gpu.nvidia.yml or docker/gpu.amd.yml.
+
+**Stack-management UIs (Portainer, Coolify, Dockhand, etc.).** These tools
+often accept only a single Compose file and do not reliably honor `COMPOSE_FILE`
+or multiple `-f` overlays. CLI users should keep using the `COMPOSE_FILE`
+overlay workflow above. For stack UIs, point the stack at one of the standalone
+files instead, which bundle the base stack plus the GPU settings:
+
+- `docker-compose.gpu-nvidia.yml` — still requires the NVIDIA Container Toolkit
+  on the host.
+- `docker-compose.gpu-amd.yml` — still requires host ROCm/kfd/DRI setup, the
+  `video`/`render` group membership, and `RENDER_GID` when needed.
+
+The base `docker-compose.yml` plus the `docker/gpu.*.yml` overlays remain the
+source of truth; the standalone files mirror them for single-file deployments.
+
+Verify after enabling either overlay:
+
+```bash
+docker compose exec odysseus nvidia-smi -L   # NVIDIA
+docker compose exec odysseus sh -lc 'test -e /dev/kfd && test -d /dev/dri && ls -l /dev/kfd /dev/dri/renderD*'  # AMD
+```
+
+> **GPU passthrough ≠ llama.cpp CUDA.** `nvidia-smi` passing inside the
+> container confirms Docker GPU access, but llama.cpp also needs `cudart` and
+> the CUDA Toolkit at runtime. If Cookbook logs show `Unable to find cudart
+> library`, `Could NOT find CUDAToolkit`, `CUDA Toolkit not found`, or
+> tensors/layers assigned to CPU, that is a Cookbook/llama.cpp build issue —
+> not a Docker passthrough failure. Reinstall the serve engine via
+> **Cookbook → Dependencies** to get a CUDA-enabled build.
+>
+> The same split applies to AMD/ROCm: seeing `/dev/kfd` and `/dev/dri` inside
+> the container confirms device passthrough, not ROCm userspace or a
+> ROCm-enabled vLLM/llama.cpp build. `rocm-smi` and `rocminfo` are not expected
+> inside the slim Odysseus image.
+
+**Ollama with Docker.** If Ollama runs on the host, add this endpoint in
+Settings:
+
+```text
+http://host.docker.internal:11434/v1
+```
+
+Ollama must listen outside its own loopback interface:
+
+```bash
+OLLAMA_HOST=0.0.0.0:11434 ollama serve
+```
+
+This connects Odysseus in Docker to an Ollama server that is already running on
+your host machine; it does not start Ollama inside the container.
+`host.docker.internal` is Docker's hostname for the host machine from inside the
+container. Cookbook **Serve** is a separate workflow for serving downloaded
+models through Odysseus/llama.cpp, so Windows users with an existing Ollama
+install usually only need to add the endpoint in Settings.
+
+**Useful checks.**
+
+```bash
+docker compose ps
+docker compose logs --tail=120 odysseus
+docker compose logs odysseus | grep -E 'ChromaDB|MemoryVectorStore|DEGRADED'
+```
+
+**macOS details.** `start-macos.sh` installs Homebrew deps, creates the venv,
+runs setup, and starts uvicorn on port `7860` because AirPlay often holds
+`7000`. It uses llama.cpp/Ollama for Metal. vLLM/SGLang are CUDA/ROCm-only and
+do not run on macOS. MLX-only models are not served by Odysseus.
+
+</details>
+
+### Native Windows
+
+**One-command launcher** (creates the venv, installs deps, runs setup, starts the
+server; safe to re-run):
+
+```powershell
+git clone https://github.com/pewdiepie-archdaemon/odysseus.git
+cd odysseus
+powershell -ExecutionPolicy Bypass -File .\launch-windows.ps1
+```
+
+Or do it by hand:
+
+```powershell
+git clone https://github.com/pewdiepie-archdaemon/odysseus.git
+cd odysseus
+py -3.11 -m venv venv
+venv\Scripts\Activate.ps1
+pip install -r requirements.txt
+python setup.py
+python -m uvicorn app:app --host 127.0.0.1 --port 7000
+```
+
+If `python` points at an older interpreter, use `py -3.12` (or another installed
+3.11+ version) for the venv step.
+
+**Requirements:** Python 3.11+. The core app (chat, agent, memory, documents,
+email, calendar, deep research) runs fully native. For full **Cookbook** background
+model downloads and the agent shell tool, also install
+[Git for Windows](https://git-scm.com/download/win) (provides `bash.exe`).
+Local GPU *serving* of vLLM/SGLang needs Linux/WSL2; for a local model on Windows,
+[Ollama](https://ollama.com/download) is the easiest path — point Odysseus at
+`http://localhost:11434/v1` in Settings.
+
+Open `http://localhost:7000`, log in with the generated admin password,
+and configure everything else inside **Settings**.
+
+## Troubleshooting & Advanced Setup
+
+### `chromadb-client` conflicts with embedded ChromaDB
+If `chromadb-client` (the lightweight HTTP-only package) is installed alongside the full `chromadb` package, Odysseus starts but ChromaDB silently falls back to HTTP-only mode and fails.
+
+**Fix:** uninstall `chromadb-client` and force-reinstall the full package:
+```bash
+./venv/bin/pip uninstall chromadb-client -y
+./venv/bin/pip install --force-reinstall chromadb
+```
+
+### HTTPS + LAN/Tailscale exposure
+To expose Odysseus on a local network or Tailscale with HTTPS:
+1. Change the bind address to `0.0.0.0` in `.env` (`APP_BIND=0.0.0.0` or `ODYSSEUS_HOST=0.0.0.0`).
+2. Generate a locally-trusted cert for your LAN/Tailscale IPs using [mkcert](https://github.com/FiloSottile/mkcert):
+   ```bash
+   mkcert -install
+   mkcert -cert-file cert.pem -key-file key.pem 192.168.1.100 tailscale-ip
+   ```
+3. Run `uvicorn` with the generated certs:
+   ```bash
+   python -m uvicorn app:app --host 0.0.0.0 --port 7000 --ssl-certfile=cert.pem --ssl-keyfile=key.pem
+   ```
+4. Install the `mkcert` CA on any other device you want to access Odysseus from (e.g., for iOS, email the `rootCA.pem` to yourself, install the profile, and trust it in Certificate Trust Settings).
+
+### Optional Dependencies
+`requirements-optional.txt` contains packages that unlock extra features. It is not installed by default.
+
+| Package | Feature unlocked |
+|---------|-----------------|
+| `faster-whisper` | Local speech-to-text (microphone -> text) via the "local" STT provider. |
+| `ddgs` | DuckDuckGo as a search provider option. |
+| `PyMuPDF` | PDF page rendering in the side viewer panel and form-filling. (Note: AGPL-3.0) |
+| `markitdown` | Office/EPUB document text extraction (converts .docx/.xlsx/.pptx/.xls/.epub to Markdown). |
+
+### Faster, reproducible installs with uv (optional)
+[uv](https://docs.astral.sh/uv/) works as a drop-in replacement for the
+venv + pip steps in the native install guides, no project changes are needed but this change results in faster installs along with a lockfile for reproducible environments. After [installing `uv`](https://docs.astral.sh/uv/getting-started/installation/), use:
+
+```bash
+uv venv venv --python 3.13
+uv pip install -r requirements.txt
+# then continue as usual: python setup.py, uvicorn, ...
+```
+
+`requirements.txt` is intentionally unpinned, so two installs at different times can produce different package versions. If you want a reproducible environment (e.g. across your own machines, or to roll back after a bad upgrade), snapshot and restore exact versions with:
+
+```bash
+uv pip compile requirements.txt -o requirements.lock   # snapshot current resolution
+uv pip sync requirements.lock                          # reproduce it exactly later
+```
+
+`requirements.lock` is gitignored and platform-specific (compile it on the OS you deploy to). Regenerate it deliberately when you want to take upgrades. The plain `uv pip install -r requirements.txt` keeps following the unpinned requirements like pip does.
+
+### Outlook / Office 365 email
+Odysseus email accounts currently use IMAP/SMTP username-password auth. Outlook
+and Microsoft 365 generally require OAuth instead, so normal Microsoft mailbox
+passwords will fail. See [docs/email-outlook.md](docs/email-outlook.md) for the
+current limitation and the planned integration direction.
+
+## Security Notes
+Odysseus is a self-hosted workspace with powerful local tools: shell access, file uploads, model downloads, web research, email/calendar integrations, and API tokens. Treat it like an admin console.
+
+- Keep `AUTH_ENABLED=true` for any network-accessible deployment.
+- Keep `LOCALHOST_BYPASS=false` outside local development.
+- Use `SECURE_COOKIES=true` when Odysseus is served through HTTPS by a trusted reverse proxy or private access gateway.
+- Do not expose it directly to the public internet without HTTPS and a trusted reverse proxy or private access layer.
+- Keep `.env`, `data/`, `logs/`, databases, uploads, generated media, backups, auth/session files, API keys, and model/provider tokens out of Git and private shares. They are ignored by default.
+- Review `data/auth.json` after first boot: disable open signup unless you intentionally want it, make only your own account admin, and keep demo/test accounts non-admin.
+- Non-admin users do not get shell/Python/file read/write by default, and admin-only routes/tools such as MCP management, API tokens, webhooks, model/cookbook serving, backup/vault, and app settings are admin-gated. Other features are controlled by per-user privileges, so review each user's privileges before exposing a deployment.
+- Rotate any API keys or tokens that were ever pasted into a shared chat, demo, screenshot, or log.
+- If you enable API tokens or webhooks, create separate tokens per integration and delete unused ones.
+- Prefer binding manual development runs to `127.0.0.1`; bind to `0.0.0.0` only when you intentionally want LAN/reverse-proxy access.
+- Keep ChromaDB, SearXNG, ntfy, Ollama, vLLM, llama.cpp, databases, and raw model/provider APIs internal-only. Expose only the authenticated Odysseus web/API entrypoint through your trusted proxy or private access layer.
+- Before publishing a fork, run `git status --short` and confirm no private files from `.env`, `data/`, `logs/`, uploads, backups, or local databases are staged.
+
+### Private or proxied deployments
+Odysseus serves plain HTTP on its app port. Docker Compose binds Odysseus and the bundled services to `127.0.0.1` by default, so a typical production/private setup is:
+
+1. Keep Odysseus on localhost, for example `127.0.0.1:7000`.
+2. Terminate HTTPS at a trusted reverse proxy or private access gateway.
+3. Put the authenticated Odysseus web/API entrypoint behind that layer.
+4. Keep raw service and model ports internal-only.
+
+Cloudflare Access, Tailscale, Caddy, nginx, and Traefik can all fit this pattern; none are required by Odysseus. If your access layer reaches Odysseus on the same host, proxy to `http://127.0.0.1:7000` and keep `AUTH_ENABLED=true`, `LOCALHOST_BYPASS=false`, and `SECURE_COOKIES=true`.
+`ALLOWED_ORIGINS` lists exact permitted origins for cross-origin browser/API clients; ordinary same-origin reverse-proxy access usually does not need a special CORS entry.
+
+Common internal-only ports from the default docs/compose setup:
+
+| Port | Service |
+|---|---|
+| `7000` | Odysseus raw app port |
+| `8080` | SearXNG |
+| `8091` | ntfy |
+| `8100` | ChromaDB host port for manual/compose access |
+| `11434` | Ollama |
+| `8000-8020` | Common local model/provider APIs |
+
+## Configuration
+Most setup is done inside the app with `/setup` or **Settings**. Use `.env`
+for deployment-level defaults and secrets you want present before first boot.
+Key settings:
+
+| Variable | Default | Description |
+|---|---|---|
+| `LLM_HOST` | `localhost` | Your LLM server (e.g. `llm-host.local:8000`) |
+| `LLM_HOSTS` | -- | Comma-separated list for model discovery |
+| `OPENAI_API_KEY` | -- | Optional OpenAI key. Prefer adding providers in the app unless pre-seeding. |
+| `SEARXNG_INSTANCE` | `http://localhost:8080` | SearXNG URL. Docker overrides this to `http://searxng:8080`. |
+| `SEARXNG_SECRET` | generated on first Docker boot | Optional SearXNG cookie/CSRF secret. Leave blank unless you need to pin it. |
+| `APP_BIND` | `127.0.0.1` | Docker Compose host bind address for the web UI. Use `0.0.0.0` only for intentional LAN/reverse-proxy access. |
+| `APP_PORT` | `7000` | Docker Compose host port for the web UI. |
+| `APP_DATA_DIR` | `./data` | Docker Compose host directory for application data volumes. |
+| `APP_LOGS_DIR` | `./logs` | Docker Compose host directory for application logs. |
+| `AUTH_ENABLED` | `true` | Enable/disable login |
+| `LOCALHOST_BYPASS` | `false` | Development-only auth bypass for loopback requests. Keep false for shared/network deployments. |
+| `ALLOWED_ORIGINS` | `http://localhost,http://127.0.0.1` | Comma-separated exact permitted origins for cross-origin browser/API clients. |
+| `SECURE_COOKIES` | `false` | Set true when serving Odysseus through HTTPS at a trusted proxy or private access gateway. |
+| `DATABASE_URL` | `sqlite:///./data/app.db` | Database connection string |
+| `CHROMADB_HOST` | `localhost` | ChromaDB host for vector memory. Docker overrides this to `chromadb`. |
+| `CHROMADB_PORT` | `8100` | ChromaDB port for manual host runs. Docker overrides this to `8000`. |
+| `EMBEDDING_URL` | -- | OpenAI-compatible embeddings endpoint |
+| `ODYSSEUS_CHAT_UPLOAD_MAX_BYTES` | `10485760` | Chat/agent attachment cap in bytes. Raise for larger local PDFs or text documents. |
+| `ODYSSEUS_GALLERY_UPLOAD_MAX_BYTES` | `104857600` | Gallery image upload cap in bytes (100 MB). |
+| `ODYSSEUS_GALLERY_TRANSFORM_UPLOAD_MAX_BYTES` | `26214400` | Gallery transform input cap in bytes (25 MB). |
+| `ODYSSEUS_MEMORY_IMPORT_MAX_BYTES` | `10485760` | Memory import file cap in bytes (10 MB). |
+| `ODYSSEUS_PERSONAL_UPLOAD_MAX_BYTES` | `26214400` | Personal document upload cap in bytes (25 MB). |
+| `ODYSSEUS_EMAIL_COMPOSE_UPLOAD_MAX_BYTES` | `26214400` | Email compose attachment cap in bytes (25 MB). |
+| `ODYSSEUS_STT_MAX_AUDIO_BYTES` | `26214400` | Speech-to-text audio cap in bytes (25 MB). |
+| `ODYSSEUS_ICS_MAX_BYTES` | `10485760` | Calendar `.ics` import cap in bytes (10 MB). |
+
+All upload-limit vars are validated (must be a positive integer) and optional; an invalid value fails fast at startup.
+
+### Built-in MCP servers (optional setup)
+
+Odysseus auto-registers a few built-in MCP servers at startup. The npx-based ones (currently the browser server, `@playwright/mcp`) only start when their npm package is already in the local npx cache. If a package isn't cached, that server is skipped with a startup log message explaining what to do, so a fresh install does not block on a multi-minute npm download or hang if Playwright system deps are missing.
+
+To enable the browser MCP (page navigation, screenshots, vision), run once:
+
+```bash
+npx -y @playwright/mcp@latest --version
+```
+
+That installs `@playwright/mcp` plus Playwright (~300MB total). Restart Odysseus and the server will register at startup.
+
+## Architecture
+```
+app.py                   # FastAPI entry point
+core/      auth, database, middleware, constants
+src/       llm_core, agent_loop, agent_tools, chat_processor, search/
+routes/    chat, session, document, memory, model … endpoints
+services/  docs, memory, search, hwfit (Cookbook) …
+static/    index.html + app.js + style.css + js/ (modular front-end)
+docs/      landing page (index.html) + preview clips
+```
+
+## Data
+All user data lives in `data/` (gitignored): `app.db` (sessions, messages, documents),
+`memory.json`, `presets.json`, `uploads/`, `personal_docs/`, `chroma/`, `settings.json`.
+
+To back up or restore everything in `data/`, see the
+[Backup & Restore guide](docs/backup-restore.md).

From b3e186746ac5052728058b332b36720d061d04d3 Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Fri, 19 Jun 2026 00:32:47 +0000
Subject: [PATCH 02/22] Docker compose: mount docker.sock + install Docker CLI
 so Cookbook can reach sibling containers

Cookbook now needs to docker-exec into ollama-rocm (and any other sibling
container holding a model server) from inside its own container, so:

- Dockerfile installs the Docker CLI from the static binary tarball
  (the Debian docker.io package ships dockerd but not the client on slim)
- docker-compose.yml bind-mounts /var/run/docker.sock and adds group_add
  for the host docker group (default GID 963)
- entrypoint.sh detects the socket GID, creates a local group with that
  GID, and runs usermod -aG before gosu-dropping to the app user so the
  supplementary group propagates through (gosu strips by default)
---
 Dockerfile           | 17 +++++++++++++++++
 docker-compose.yml   | 10 ++++++++++
 docker/entrypoint.sh | 33 +++++++++++++++++++++++++++++++--
 3 files changed, 58 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 996e06faa..bed5e2002 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -20,6 +20,23 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
     gosu \
     && rm -rf /var/lib/apt/lists/*
 
+# Docker CLI (client only — daemon stays on the host via the
+# /var/run/docker.sock mount). The Debian `docker.io` package ships
+# dockerd but not the client binary on slim, so grab the static client
+# tarball from download.docker.com instead.
+ARG DOCKER_CLI_VERSION=27.5.1
+RUN ARCH="$(dpkg --print-architecture)" \
+    && case "$ARCH" in \
+         amd64) DARCH=x86_64 ;; \
+         arm64) DARCH=aarch64 ;; \
+         *) echo "unsupported arch $ARCH"; exit 1 ;; \
+       esac \
+    && curl -fsSL "https://download.docker.com/linux/static/stable/${DARCH}/docker-${DOCKER_CLI_VERSION}.tgz" \
+       -o /tmp/docker.tgz \
+    && tar -xzf /tmp/docker.tgz -C /tmp \
+    && install -m 0755 /tmp/docker/docker /usr/local/bin/docker \
+    && rm -rf /tmp/docker /tmp/docker.tgz
+
 WORKDIR /app
 
 # Install Python deps first (layer cache). Optional extras (PyMuPDF AGPL, etc.)
diff --git a/docker-compose.yml b/docker-compose.yml
index 0b350c2e1..dd708303f 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -16,6 +16,16 @@ services:
       # land under /app/.local for the odysseus user. Persist them so a
       # container recreate does not silently remove installed serve engines.
       - ${APP_DATA_DIR:-./data}/local:/app/.local:z
+      # Docker socket — lets Cookbook launch commands like
+      # `docker exec ollama-rocm ollama show <tag>` reach the host's
+      # Docker daemon (and sibling containers like ollama-rocm /
+      # ollama-test). The in-container user needs to be in the
+      # socket's owning group — see `group_add` below; the GID
+      # there must match the host's `docker` group (defaults to 963
+      # on Debian, 999 on Ubuntu — override via env if yours differs).
+      - /var/run/docker.sock:/var/run/docker.sock
+    group_add:
+      - "${DOCKER_GID:-963}"
     extra_hosts:
       # Lets the container reach local services on the Docker host, including
       # Ollama at http://host.docker.internal:11434.
diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh
index 668018ac1..7d796d9ff 100644
--- a/docker/entrypoint.sh
+++ b/docker/entrypoint.sh
@@ -24,6 +24,31 @@ if ! getent passwd "$PUID" >/dev/null 2>&1; then
     useradd -u "$PUID" -g "$PGID" -M -s /bin/sh -d /app odysseus
 fi
 
+# Docker-socket group plumbing. When /var/run/docker.sock is bind-
+# mounted (cookbook uses `docker exec` to reach sibling containers
+# like ollama-rocm), the socket is owned by root:docker on the host.
+# We need the in-container odysseus user to be in the matching group
+# so `gosu PUID:PGID` doesn't strip it. compose's `group_add` only
+# applies to the initial root process — gosu drop resets supplementary
+# groups — so detect the socket's GID here and add the user via the
+# username form `gosu odysseus` below.
+DOCKER_SOCK="${DOCKER_SOCK:-/var/run/docker.sock}"
+if [ -S "$DOCKER_SOCK" ]; then
+    SOCK_GID="$(stat -c '%g' "$DOCKER_SOCK" 2>/dev/null || echo '')"
+    if [ -n "$SOCK_GID" ] && [ "$SOCK_GID" != "0" ]; then
+        # Create the group locally if missing, then add odysseus to it.
+        if ! getent group "$SOCK_GID" >/dev/null 2>&1; then
+            groupadd -g "$SOCK_GID" docker_host || true
+        fi
+        SOCK_GROUP="$(getent group "$SOCK_GID" | cut -d: -f1)"
+        if [ -n "$SOCK_GROUP" ]; then
+            ODY_USER="$(getent passwd "$PUID" | cut -d: -f1)"
+            [ -z "$ODY_USER" ] && ODY_USER=odysseus
+            usermod -aG "$SOCK_GROUP" "$ODY_USER" 2>/dev/null || true
+        fi
+    fi
+fi
+
 # Repair ownership on every writable path the app touches at runtime.
 #
 # Bind-mounted dirs (/app/data, /app/logs) are the obvious ones, but
@@ -83,9 +108,13 @@ export PATH="/app/.local/bin:$PATH"
 # Run first-time setup as the app user so data/ files get the right ownership.
 # setup.py is idempotent — skips auth.json / .env if they already exist.
 # || true so a setup failure never prevents the container from starting.
-gosu "$PUID:$PGID" python /app/setup.py || true
+# Use the username form (no :GID) so supplementary groups from /etc/group
+# (including the docker-socket group set above) flow through to the child.
+ODY_USER="$(getent passwd "$PUID" | cut -d: -f1)"
+[ -z "$ODY_USER" ] && ODY_USER="$PUID:$PGID"
+gosu "$ODY_USER" python /app/setup.py || true
 
 # Drop root and run the actual app. `gosu` is preferred over `su` /
 # `sudo` because it cleans up the process tree (no extra shell layer)
 # so signals (SIGTERM from `docker stop`) reach uvicorn directly.
-exec gosu "$PUID:$PGID" "$@"
+exec gosu "$ODY_USER" "$@"

From 1324e1b0d593bb69af965084782c1cffc3b35623 Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Fri, 19 Jun 2026 00:33:07 +0000
Subject: [PATCH 03/22] Cookbook backend detection: report Vulkan on AMD hosts
 without ROCm; gate CUDA build on actual NVIDIA hardware

Three classes of incorrect detection fixed:

(1) AMD GPU + no ROCm installed (e.g. Strix Halo) was reported as
    backend=rocm everywhere, so launch commands emitted
    HIP_VISIBLE_DEVICES (silent no-op on Vulkan) and the from-source
    build path failed. Both _probe_amd_sysfs (routes/cookbook_routes)
    and _detect_amd (services/hwfit/hardware) now probe rocminfo /
    hipconfig / vulkaninfo at detection time and report vulkan when
    only Vulkan is present.

(2) Build helper was picking the CUDA branch on AMD hosts whenever a
    stray pip-installed nvcc was on PATH (vLLM wheels carry one
    without libcudart). Added _odysseus_has_nvidia_hw() that checks
    nvidia-smi / /dev/nvidia* / lspci, and gates both the nvcc PATH
    augmentation and the CUDA elif branch on real hardware.

(3) Build chain reordered to ROCm/HIP > CUDA > Vulkan > CPU. Vulkan
    tier added between CUDA and CPU as a portable fallback for hosts
    with a GPU but no native toolchain (the common Strix Halo case).
    Same _append_llama_cpp_linux_accel_build_lines also auto-attempts
    sudo -n apt/pacman/dnf install of cmake/build-essential/git when
    they are missing, surfacing a clear no-passwordless-sudo warning
    otherwise.
---
 routes/cookbook_helpers.py | 177 ++++++++++++++++++++++++++++++++++---
 routes/cookbook_routes.py  | 124 ++++++++++++++++++++++++--
 services/hwfit/hardware.py |  12 ++-
 3 files changed, 293 insertions(+), 20 deletions(-)

diff --git a/routes/cookbook_helpers.py b/routes/cookbook_helpers.py
index bb819f3f8..3600a9ad1 100644
--- a/routes/cookbook_helpers.py
+++ b/routes/cookbook_helpers.py
@@ -784,25 +784,149 @@ def _append_llama_cpp_linux_accel_build_lines(runner_lines: list[str]) -> None:
     to hard-wire CUDA on Linux. That made ROCm hosts attempt a CUDA configure and
     fail with "CUDA Toolkit not found" instead of building with HIP.
     """
+    # Try a prebuilt binary from llama.cpp's GitHub releases FIRST — no
+    # cmake/build-essential/git/CUDA-headers needed at all. The from-source
+    # build below stays as a fallback (custom flags, esoteric arch, no
+    # internet, etc). 30 seconds vs 5+ minutes of compile, and removes
+    # every OS-package dep from the launch path. Sets _odysseus_have_prebuilt=1
+    # on success; the existing build-tier if/elif chain below is gated on
+    # that variable so we never compile twice or shadow the prebuilt symlink.
+    runner_lines.append('    _odysseus_have_prebuilt=""')
+    runner_lines.append('    _odysseus_arch="$(uname -m)"')
+    runner_lines.append('    _odysseus_prebuilt_url=""')
+    runner_lines.append('    if command -v curl >/dev/null 2>&1 && [ "$_odysseus_arch" = "x86_64" ]; then')
+    runner_lines.append('      _odysseus_pat=""')
+    runner_lines.append('      _odysseus_has_nv_inline() { command -v nvidia-smi >/dev/null 2>&1 && nvidia-smi -L 2>/dev/null | grep -q "GPU "; }')
+    runner_lines.append('      _odysseus_has_vk_inline() { ldconfig -p 2>/dev/null | grep -q "libvulkan\\.so" || command -v vulkaninfo >/dev/null 2>&1 || [ -e /usr/lib/x86_64-linux-gnu/libvulkan.so.1 ]; }')
+    runner_lines.append('      _odysseus_has_vkdev_inline() { ls /dev/dri/renderD* >/dev/null 2>&1 || (lspci 2>/dev/null | grep -Ei \'VGA|3D|Display\' | grep -Eiq \'AMD|ATI|Radeon\'); }')
+    runner_lines.append('      if _odysseus_has_nv_inline; then')
+    runner_lines.append('        _odysseus_pat="ubuntu.*cuda"')
+    runner_lines.append('      elif _odysseus_has_vkdev_inline && _odysseus_has_vk_inline; then')
+    runner_lines.append('        _odysseus_pat="ubuntu.*vulkan"')
+    runner_lines.append('      else')
+    runner_lines.append('        _odysseus_pat="ubuntu-x64\\\\.zip"')
+    runner_lines.append('      fi')
+    runner_lines.append('      _odysseus_prebuilt_url="$(curl -fsSL --max-time 15 https://api.github.com/repos/ggml-org/llama.cpp/releases/latest 2>/dev/null | grep \'"browser_download_url"\' | cut -d\'"\' -f4 | grep -iE "$_odysseus_pat" | grep -iv "arm\\|aarch64" | head -1)"')
+    runner_lines.append('    fi')
+    # Accept any of unzip / bsdtar / python3 -m zipfile as the extractor.
+    # python3 is essentially always present on modern Linux, so this lets
+    # the prebuilt path work on minimal Ubuntu installs that lack `unzip`.
+    runner_lines.append('    if [ -n "$_odysseus_prebuilt_url" ] && (command -v unzip >/dev/null 2>&1 || command -v bsdtar >/dev/null 2>&1 || command -v python3 >/dev/null 2>&1); then')
+    runner_lines.append('      echo "[odysseus] Found prebuilt llama-server: $_odysseus_prebuilt_url"')
+    runner_lines.append('      mkdir -p ~/bin "$HOME/.cache/odysseus/llama-cpp-prebuilt" && cd "$HOME/.cache/odysseus/llama-cpp-prebuilt"')
+    runner_lines.append('      rm -f llama-cpp.zip')
+    runner_lines.append('      if curl -fsSL --max-time 120 "$_odysseus_prebuilt_url" -o llama-cpp.zip && [ -s llama-cpp.zip ]; then')
+    runner_lines.append('        rm -rf build && mkdir -p build')
+    runner_lines.append('        if command -v unzip >/dev/null 2>&1; then unzip -qq -o llama-cpp.zip -d build; elif command -v bsdtar >/dev/null 2>&1; then bsdtar -xf llama-cpp.zip -C build; else python3 -c "import zipfile; zipfile.ZipFile(\\"llama-cpp.zip\\").extractall(\\"build\\")"; fi')
+    runner_lines.append('        _odysseus_extracted="$(find build -type f -name llama-server 2>/dev/null | head -1)"')
+    runner_lines.append('        if [ -n "$_odysseus_extracted" ]; then')
+    runner_lines.append('          chmod +x "$_odysseus_extracted"')
+    runner_lines.append('          ln -sf "$_odysseus_extracted" ~/bin/llama-server')
+    runner_lines.append('          _odysseus_libdir="$(dirname "$_odysseus_extracted")"')
+    runner_lines.append('          mkdir -p ~/.config && echo "export LD_LIBRARY_PATH=\\"$_odysseus_libdir:\\${LD_LIBRARY_PATH:-}\\"" > ~/.config/odysseus-llama-cpp-env')
+    runner_lines.append('          _odysseus_have_prebuilt=1')
+    runner_lines.append('          echo "[odysseus] Prebuilt llama-server installed at $_odysseus_extracted"')
+    runner_lines.append('        fi')
+    runner_lines.append('      fi')
+    runner_lines.append('      [ -z "$_odysseus_have_prebuilt" ] && echo "[odysseus] Prebuilt download/extract failed — falling back to from-source build."')
+    runner_lines.append('    elif [ -z "$_odysseus_prebuilt_url" ]; then')
+    runner_lines.append('      echo "[odysseus] No matching prebuilt llama-server for this host (arch=$_odysseus_arch) — will build from source."')
+    runner_lines.append('    fi')
+    runner_lines.append('  if [ -z "$_odysseus_have_prebuilt" ]; then')
     # Detect pip-installed nvcc (from vLLM/nvidia CUDA wheels) and put it on PATH
-    # so cmake's CUDA configure can find it. We keep this after the ROCm/HIP
-    # check — a machine with both stacks should honor the native HIP toolchain on
-    # AMD hosts instead of accidentally preferring a stray nvcc wheel.
-    runner_lines.append('    for _cudir in ~/.local/lib/python*/site-packages/nvidia/cu13 ~/.local/lib/python*/site-packages/nvidia/cu12 ~/.local/lib/python*/site-packages/nvidia/cuda_nvcc; do')
-    runner_lines.append('      [ -x "$_cudir/bin/nvcc" ] && export CUDA_HOME="$_cudir" && export PATH="$_cudir/bin:$PATH" && break')
-    runner_lines.append('    done')
+    # so cmake's CUDA configure can find it — BUT only when actual NVIDIA
+    # hardware is present. On AMD/Intel hosts the pip nvcc is a misleading
+    # leftover (no libcudart, no GPU it could target) and would otherwise
+    # send the build down the CUDA branch and fail with "CUDA Toolkit not
+    # found" instead of trying Vulkan.
+    runner_lines.append('    _odysseus_has_nvidia_hw() {')
+    runner_lines.append('      command -v nvidia-smi >/dev/null 2>&1 && nvidia-smi -L 2>/dev/null | grep -q "GPU " && return 0')
+    runner_lines.append('      ls /dev/nvidia* >/dev/null 2>&1 && return 0')
+    runner_lines.append('      lspci 2>/dev/null | grep -iE \'VGA|3D|Display\' | grep -iq nvidia && return 0')
+    runner_lines.append('      return 1')
+    runner_lines.append('    }')
+    runner_lines.append('    if _odysseus_has_nvidia_hw; then')
+    runner_lines.append('      for _cudir in ~/.local/lib/python*/site-packages/nvidia/cu13 ~/.local/lib/python*/site-packages/nvidia/cu12 ~/.local/lib/python*/site-packages/nvidia/cuda_nvcc; do')
+    runner_lines.append('        [ -x "$_cudir/bin/nvcc" ] && export CUDA_HOME="$_cudir" && export PATH="$_cudir/bin:$PATH" && break')
+    runner_lines.append('      done')
+    runner_lines.append('    fi')
     # rm -rf build so a prior poisoned CMakeCache.txt (e.g. from a failed CUDA
     # or HIP attempt) doesn't cause the next configure to reuse stale settings.
     runner_lines.append('    mkdir -p ~/bin')
-    runner_lines.append('    cd ~/llama.cpp && rm -rf build')
+    # Try to install cmake / build-essential / git automatically before the
+    # build, but ONLY via passwordless sudo (`sudo -n`) — interactive sudo
+    # would hang a tmux-backgrounded serve task waiting for a password. If
+    # sudo asks for a password the install is skipped silently and the
+    # diagnosis pattern (cookbook_routes.py / cookbook_helpers.py) surfaces
+    # an explicit "install cmake" suggestion in the Cookbook diagnosis
+    # toolbar after the inevitable build failure.
+    runner_lines.append('    _odysseus_apt_bootstrap() {')
+    runner_lines.append('      local _missing=""')
+    runner_lines.append('      command -v cmake >/dev/null 2>&1 || _missing="$_missing cmake"')
+    runner_lines.append('      command -v g++ >/dev/null 2>&1 || command -v gcc >/dev/null 2>&1 || _missing="$_missing build-essential"')
+    runner_lines.append('      command -v git >/dev/null 2>&1 || _missing="$_missing git"')
+    runner_lines.append('      [ -z "$_missing" ] && return 0')
+    runner_lines.append('      if command -v apt-get >/dev/null 2>&1 && sudo -n true 2>/dev/null; then')
+    runner_lines.append('        echo "[odysseus] Auto-installing missing build deps via apt:$_missing"')
+    runner_lines.append('        sudo -n env DEBIAN_FRONTEND=noninteractive apt-get update -qq 2>&1 | tail -3')
+    runner_lines.append('        sudo -n env DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends $_missing 2>&1 | tail -5 || true')
+    runner_lines.append('      elif command -v pacman >/dev/null 2>&1 && sudo -n true 2>/dev/null; then')
+    runner_lines.append('        echo "[odysseus] Auto-installing missing build deps via pacman:$_missing"')
+    runner_lines.append('        local _pacpkgs="$(echo "$_missing" | sed -e \'s/build-essential/base-devel/g\')"')
+    runner_lines.append('        sudo -n pacman -Sy --needed --noconfirm $_pacpkgs 2>&1 | tail -5 || true')
+    runner_lines.append('      elif command -v dnf >/dev/null 2>&1 && sudo -n true 2>/dev/null; then')
+    runner_lines.append('        echo "[odysseus] Auto-installing missing build deps via dnf:$_missing"')
+    runner_lines.append('        local _dnfpkgs="$(echo "$_missing" | sed -e \'s/build-essential/gcc gcc-c++ make/g\')"')
+    runner_lines.append('        sudo -n dnf install -y $_dnfpkgs 2>&1 | tail -5 || true')
+    runner_lines.append('      else')
+    runner_lines.append('        echo "[odysseus] WARNING: missing build deps ($_missing) — passwordless sudo is unavailable, cannot auto-install. Cookbook Diagnosis will explain the fix after the build fails."')
+    runner_lines.append('      fi')
+    runner_lines.append('    }')
+    runner_lines.append('    _odysseus_apt_bootstrap')
+    runner_lines.append('    _odysseus_missing_build_deps=""')
+    runner_lines.append('    command -v cmake >/dev/null 2>&1 || _odysseus_missing_build_deps="$_odysseus_missing_build_deps cmake"')
+    runner_lines.append('    command -v git >/dev/null 2>&1 || _odysseus_missing_build_deps="$_odysseus_missing_build_deps git"')
+    runner_lines.append('    command -v g++ >/dev/null 2>&1 || command -v gcc >/dev/null 2>&1 || _odysseus_missing_build_deps="$_odysseus_missing_build_deps build-essential"')
+    runner_lines.append('    if [ -n "$_odysseus_missing_build_deps" ]; then')
+    runner_lines.append('      echo "ERROR: llama.cpp source build needs missing packages:$_odysseus_missing_build_deps"')
+    runner_lines.append('      if command -v apt-get >/dev/null 2>&1; then')
+    runner_lines.append('        echo "Install on this host: sudo apt-get update && sudo apt-get install -y cmake build-essential git"')
+    runner_lines.append('      elif command -v pacman >/dev/null 2>&1; then')
+    runner_lines.append('        echo "Install on this host: sudo pacman -Sy --needed cmake base-devel git"')
+    runner_lines.append('      elif command -v dnf >/dev/null 2>&1; then')
+    runner_lines.append('        echo "Install on this host: sudo dnf install -y cmake gcc gcc-c++ make git"')
+    runner_lines.append('      fi')
+    runner_lines.append('      echo "Alternative: install a native llama-server on PATH, then relaunch."')
+    runner_lines.append('      ODYSSEUS_PREFLIGHT_EXIT=127')
+    runner_lines.append('    fi')
+    runner_lines.append('    cd ~/llama.cpp')
+    runner_lines.append('    _odysseus_has_vulkan() {')
+    runner_lines.append('      ldconfig -p 2>/dev/null | grep -q \'libvulkan\\.so\' && return 0')
+    runner_lines.append('      [ -e /usr/lib/libvulkan.so.1 ] && return 0')
+    runner_lines.append('      [ -e /usr/lib/x86_64-linux-gnu/libvulkan.so.1 ] && return 0')
+    runner_lines.append('      command -v vulkaninfo >/dev/null 2>&1 && return 0')
+    runner_lines.append('      return 1')
+    runner_lines.append('    }')
+    runner_lines.append('    _odysseus_has_vulkan_device() {')
+    runner_lines.append('      ls /dev/dri/renderD* >/dev/null 2>&1 && return 0')
+    runner_lines.append('      lspci 2>/dev/null | grep -Ei \'VGA|3D|Display\' | grep -Eiq \'AMD|ATI|Radeon\' && return 0')
+    runner_lines.append('      return 1')
+    runner_lines.append('    }')
+    # Backend preference: native ROCm/HIP > native CUDA > Vulkan > CPU.
+    # Vulkan is a portable fallback that works on AMD when ROCm isn't
+    # installed (e.g. Strix Halo) and on any vendor's discrete GPU, but
+    # it's ~30-40% slower than native HIP/CUDA for LLM inference — only
+    # pick it when no native toolchain is present.
     runner_lines.append('    if command -v hipconfig &>/dev/null || [ -d /opt/rocm ] || [ -n "$ROCM_PATH" ] || [ -n "$HIP_PATH" ]; then')
+    runner_lines.append('      rm -rf build')
     runner_lines.append('      if command -v hipconfig &>/dev/null; then')
     runner_lines.append('        export HIPCXX="${HIPCXX:-$(hipconfig -l)/clang}"')
     runner_lines.append('        export HIP_PATH="${HIP_PATH:-$(hipconfig -R)}"')
     runner_lines.append('      fi')
     runner_lines.append('      echo "[odysseus] ROCm/HIP detected — building llama-server with HIP support..."')
     runner_lines.append('      cmake -B build -DCMAKE_BUILD_TYPE=Release -DGGML_HIP=ON && cmake --build build -j"$NPROC" --target llama-server && ln -sf ~/llama.cpp/build/bin/llama-server ~/bin/llama-server')
-    runner_lines.append('    elif command -v nvcc &>/dev/null; then')
+    runner_lines.append('    elif command -v nvcc &>/dev/null && _odysseus_has_nvidia_hw; then')
+    runner_lines.append('      rm -rf build')
     # nvcc alone is not sufficient — pip-installed CUDA wheels or incomplete
     # tooling can expose nvcc without shipping libcudart, causing cmake to fail
     # mid-build with "CUDA runtime library not found". Check cudart explicitly
@@ -826,18 +950,24 @@ def _append_llama_cpp_linux_accel_build_lines(runner_lines: list[str]) -> None:
     runner_lines.append('        echo "[odysseus]   Ensure libcudart is installed (e.g. cuda-runtime package) and visible via ldconfig or CUDA_HOME."')
     runner_lines.append('        cmake -B build -DCMAKE_BUILD_TYPE=Release && cmake --build build -j"$NPROC" --target llama-server && ln -sf ~/llama.cpp/build/bin/llama-server ~/bin/llama-server')
     runner_lines.append('      fi')
+    runner_lines.append('    elif _odysseus_has_vulkan_device && _odysseus_has_vulkan; then')
+    runner_lines.append('      echo "[odysseus] Vulkan-capable GPU detected (no ROCm/CUDA toolchain installed) — building llama-server with Vulkan support..."')
+    runner_lines.append('      rm -rf build-vulkan')
+    runner_lines.append('      cmake -B build-vulkan -DCMAKE_BUILD_TYPE=Release -DGGML_VULKAN=ON && cmake --build build-vulkan -j"$NPROC" --target llama-server && ln -sf ~/llama.cpp/build-vulkan/bin/llama-server ~/bin/llama-server')
     runner_lines.append('    else')
-    runner_lines.append('      echo "[odysseus] WARNING: no HIP/CUDA toolchain found — building llama-server for CPU only."')
+    runner_lines.append('      echo "[odysseus] WARNING: no HIP/CUDA/Vulkan toolchain found — building llama-server for CPU only."')
     runner_lines.append('      echo "[odysseus]   GPU inference will not be available for this llama.cpp build."')
-    runner_lines.append('      echo "[odysseus]   Install ROCm for AMD GPUs or vLLM/CUDA tooling for NVIDIA, then re-launch this serve task."')
+    runner_lines.append('      echo "[odysseus]   Install Vulkan (libvulkan-dev) / ROCm for AMD GPUs or CUDA tooling for NVIDIA, then re-launch this serve task."')
+    runner_lines.append('      rm -rf build')
     runner_lines.append('      cmake -B build -DCMAKE_BUILD_TYPE=Release && cmake --build build -j"$NPROC" --target llama-server && ln -sf ~/llama.cpp/build/bin/llama-server ~/bin/llama-server')
     runner_lines.append('    fi')
+    runner_lines.append('  fi  # end _odysseus_have_prebuilt guard')
 
 
 def _llama_cpp_rebuild_cmd() -> str:
     """Shell command that clears the Cookbook-managed llama.cpp build.
 
-    Removes the cached ``llama-server`` symlink and the ``~/llama.cpp/build``
+    Removes the cached ``llama-server`` symlink and the ``~/llama.cpp/build*``
     directory so the next llama.cpp serve recompiles from source, picking up a
     CUDA or HIP toolchain if one is now available. The serve bootstrap only
     builds when ``llama-server`` is missing from PATH, so without this an
@@ -847,10 +977,10 @@ def _llama_cpp_rebuild_cmd() -> str:
     return (
         'mkdir -p "$HOME/bin" && '
         'rm -f "$HOME/bin/llama-server" && '
-        'rm -rf "$HOME/llama.cpp/build" && '
+        'rm -rf "$HOME/llama.cpp/build" "$HOME/llama.cpp/build-vulkan" && '
         'echo "[odysseus] Cleared the cached llama.cpp build. '
         'Re-launch the serve task to rebuild llama-server from source '
-        '(CUDA or HIP will be used if a toolchain is now available)."'
+        '(Vulkan, HIP, or CUDA will be used if a matching toolchain is now available)."'
     )
 
 
@@ -1113,8 +1243,27 @@ def _diagnose_serve_output(text: str) -> dict | None:
             "SGLang is not installed or not in PATH on this server.",
             [{"label": "install SGLang in Cookbook Dependencies", "op": "dependency", "package": "sglang[all]"}],
         ),
+        # System build deps come BEFORE the generic llama.cpp catch-all so
+        # cmake / build-essential / git missing → a specific OS-package
+        # remediation instead of "install llama-cpp-python[server]" (which
+        # itself fails to compile when cmake is absent).
         (
-            r"llama-server.*command not found|llama\.cpp.*not found|No module named.*llama_cpp|No module named 'starlette_context'|git: command not found|cmake: command not found",
+            r"cmake: command not found|cmake.*not found.*[Cc]ould not",
+            "cmake is required to build llama.cpp from source but isn't installed on this server.",
+            [{"label": "install build deps for llama.cpp (apt: cmake build-essential git / pacman: cmake base-devel git / dnf: cmake gcc-c++ make git / brew: cmake git)", "op": "dependency", "package": "llama-cpp-python[server]"}],
+        ),
+        (
+            r"^(make|g\+\+|gcc): command not found|Could not find C\+\+ compiler",
+            "A C/C++ compiler (build-essential) is required to build llama.cpp from source.",
+            [{"label": "install build deps for llama.cpp on this server", "op": "dependency", "package": "llama-cpp-python[server]"}],
+        ),
+        (
+            r"^git: command not found",
+            "git is required to clone the llama.cpp source tree.",
+            [{"label": "install build deps for llama.cpp on this server", "op": "dependency", "package": "llama-cpp-python[server]"}],
+        ),
+        (
+            r"llama-server.*command not found|llama\.cpp.*not found|No module named.*llama_cpp|No module named 'starlette_context'",
             "llama.cpp / llama-cpp-python dependencies are missing.",
             [{"label": "install llama.cpp dependencies or llama-cpp-python[server]", "op": "dependency", "package": "llama-cpp-python[server]"}],
         ),
diff --git a/routes/cookbook_routes.py b/routes/cookbook_routes.py
index af25dd8e8..0bd38d19f 100644
--- a/routes/cookbook_routes.py
+++ b/routes/cookbook_routes.py
@@ -189,8 +189,27 @@ def setup_cookbook_routes() -> APIRouter:
                 "SGLang is not installed or not in PATH on this server.",
                 [{"label": "install SGLang in Cookbook Dependencies", "op": "dependency", "package": "sglang[all]"}],
             ),
+            # System build deps come BEFORE the generic llama.cpp catch-all
+            # so cmake / build-essential / git missing → a specific OS-package
+            # remediation instead of "install llama-cpp-python[server]" (which
+            # itself fails to compile when cmake is absent).
             (
-                r"llama-server.*command not found|llama\.cpp.*not found|No module named.*llama_cpp|No module named 'starlette_context'|git: command not found|cmake: command not found",
+                r"cmake: command not found|cmake.*not found.*[Cc]ould not",
+                "cmake is required to build llama.cpp from source but isn't installed on this server.",
+                [{"label": "install build deps for llama.cpp (apt: cmake build-essential git / pacman: cmake base-devel git / dnf: cmake gcc-c++ make git / brew: cmake git)", "op": "dependency", "package": "llama-cpp-python[server]"}],
+            ),
+            (
+                r"^(make|g\+\+|gcc): command not found|Could not find C\+\+ compiler",
+                "A C/C++ compiler (build-essential) is required to build llama.cpp from source.",
+                [{"label": "install build deps for llama.cpp on this server", "op": "dependency", "package": "llama-cpp-python[server]"}],
+            ),
+            (
+                r"^git: command not found",
+                "git is required to clone the llama.cpp source tree.",
+                [{"label": "install build deps for llama.cpp on this server", "op": "dependency", "package": "llama-cpp-python[server]"}],
+            ),
+            (
+                r"llama-server.*command not found|llama\.cpp.*not found|No module named.*llama_cpp|No module named 'starlette_context'",
                 "llama.cpp / llama-cpp-python dependencies are missing.",
                 [{"label": "install llama.cpp dependencies or llama-cpp-python[server]", "op": "dependency", "package": "llama-cpp-python[server]"}],
             ),
@@ -1243,8 +1262,16 @@ def setup_cookbook_routes() -> APIRouter:
             req.cmd = _pip_install_no_cache(req.cmd)
             # Accept common aliases and enforce server extras for llama-cpp so
             # `python -m llama_cpp.server` has all runtime dependencies.
-            req.cmd = re.sub(r"(?<![A-Za-z0-9_.-])llama_cpp(?![A-Za-z0-9_.-])", "llama-cpp-python[server]", req.cmd)
-            req.cmd = re.sub(r"(?<![A-Za-z0-9_.-])llama-cpp-python(?!\[)", "llama-cpp-python[server]", req.cmd)
+            # CRITICAL: the lookbehind / lookahead must also exclude `/` so
+            # the regex DOESN'T mangle a URL path like
+            #   https://abetlen.github.io/llama-cpp-python/whl/cu124
+            # The previous regex turned that URL into
+            #   https://abetlen.github.io/llama-cpp-python[server]/whl/cu124
+            # which pip then couldn't resolve → silent fallback to source
+            # build of the .tar.gz → CPU-only binary (because CMAKE_ARGS
+            # isn't set), defeating the entire purpose of the CUDA index.
+            req.cmd = re.sub(r"(?<![A-Za-z0-9_.\-/])llama_cpp(?![A-Za-z0-9_.\-/])", "llama-cpp-python[server]", req.cmd)
+            req.cmd = re.sub(r"(?<![A-Za-z0-9_.\-/])llama-cpp-python(?![\[/])", "llama-cpp-python[server]", req.cmd)
             if "llama-cpp-python" in req.cmd and "--extra-index-url" not in req.cmd:
                 req.cmd += " --extra-index-url https://abetlen.github.io/llama-cpp-python/whl/cpu"
             # PEP-508-style package spec — letters, digits, `.-_` for the
@@ -1426,6 +1453,69 @@ def setup_cookbook_routes() -> APIRouter:
                 runner_lines.append('  else')
                 _append_llama_cpp_linux_accel_build_lines(runner_lines)
                 runner_lines.append('  fi')
+                # Source the env file the prebuilt-download path writes so
+                # LD_LIBRARY_PATH includes the directory holding libllama.so
+                # and friends. No-op when prebuilt wasn't used.
+                runner_lines.append('  [ -r ~/.config/odysseus-llama-cpp-env ] && . ~/.config/odysseus-llama-cpp-env')
+                # Auto-upgrade pip llama-cpp-python to the CUDA-enabled
+                # wheel when (a) NVIDIA hardware is present and (b) the
+                # currently-installed wheel is CPU-only. Without this the
+                # user gets the Python server happily running at 3 tok/s
+                # because pip's default index ships CPU-only wheels.
+                # Forward-compat: cu124 wheels work on driver/runtime
+                # 12.4+ including the cu13.x line.
+                runner_lines.append('  if command -v nvidia-smi >/dev/null 2>&1 && nvidia-smi -L 2>/dev/null | grep -q "GPU " && python3 -c "import llama_cpp" 2>/dev/null; then')
+                runner_lines.append('    if ! python3 -c "import llama_cpp; import sys; sys.exit(0 if llama_cpp.llama_supports_gpu_offload() else 1)" 2>/dev/null; then')
+                runner_lines.append('      echo "[odysseus] NVIDIA detected but installed llama-cpp-python is CPU-only — reinstalling with CUDA wheel index for GPU offload..."')
+                runner_lines.append('      python3 -m pip install --user --break-system-packages --force-reinstall --no-cache-dir "llama-cpp-python[server]" --extra-index-url https://abetlen.github.io/llama-cpp-python/whl/cu124 2>&1 | tail -8 || echo "[odysseus] WARNING: CUDA wheel reinstall failed — Python server will stay CPU-only (slow). Manual fix: pip install --user --force-reinstall \'llama-cpp-python[server]\' --extra-index-url https://abetlen.github.io/llama-cpp-python/whl/cu124"')
+                runner_lines.append('      if python3 -c "import llama_cpp; import sys; sys.exit(0 if llama_cpp.llama_supports_gpu_offload() else 1)" 2>/dev/null; then')
+                runner_lines.append('        echo "[odysseus] llama-cpp-python now supports GPU offload."')
+                runner_lines.append('      fi')
+                runner_lines.append('    fi')
+                runner_lines.append('  fi')
+                # SHORT-CIRCUIT before the build/pip fallback: if the
+                # native binary is missing but llama_cpp Python is already
+                # installed, drop a wrapper at ~/bin/llama-server that
+                # translates llama-server CLI args to llama_cpp.server's
+                # underscore-style flags. The user's serve command stays
+                # `llama-server ...` and "just works" — no build, no cmake,
+                # no second install. This is the path that unblocks every
+                # remote where pip-installed llama-cpp-python is already
+                # working but Cookbook used to insist on a native binary.
+                runner_lines.append('  if ! command -v llama-server >/dev/null 2>&1 && python3 -c "import llama_cpp" 2>/dev/null; then')
+                runner_lines.append('    mkdir -p ~/bin')
+                runner_lines.append('    cat > ~/bin/llama-server <<\'_ODY_LLAMA_SHIM_EOF\'')
+                runner_lines.append('#!/usr/bin/env bash')
+                runner_lines.append('# Auto-generated by Odysseus Cookbook: a `llama-server` lookalike')
+                runner_lines.append('# that translates the native CLI to `python -m llama_cpp.server`.')
+                runner_lines.append('# Lets cookbook-generated launch commands run unchanged on hosts')
+                runner_lines.append('# where only the pip llama-cpp-python package is installed.')
+                runner_lines.append('ARGS=()')
+                runner_lines.append('while [ $# -gt 0 ]; do')
+                runner_lines.append('  case "$1" in')
+                runner_lines.append('    -ngl|--gpu-layers|--n-gpu-layers) ARGS+=(--n_gpu_layers "$2"); shift 2 ;;')
+                runner_lines.append('    -c|--ctx-size) ARGS+=(--n_ctx "$2"); shift 2 ;;')
+                runner_lines.append('    -b|--batch-size) ARGS+=(--n_batch "$2"); shift 2 ;;')
+                runner_lines.append('    -ub|--ubatch-size) shift 2 ;;  # llama-cpp-python has no separate ubatch')
+                runner_lines.append('    --flash-attn) ARGS+=(--flash_attn true); shift 2 ;;')
+                runner_lines.append('    --cache-type-k) ARGS+=(--type_k "$2"); shift 2 ;;')
+                runner_lines.append('    --cache-type-v) ARGS+=(--type_v "$2"); shift 2 ;;')
+                runner_lines.append('    --n-cpu-moe) ARGS+=(--n_cpu_moe "$2"); shift 2 ;;')
+                runner_lines.append('    --mmproj) ARGS+=(--clip_model_path "$2"); shift 2 ;;')
+                runner_lines.append('    --image-max-tokens) shift 2 ;;  # native-only')
+                runner_lines.append('    --no-mmap) ARGS+=(--no_mmap true); shift ;;')
+                runner_lines.append('    --no-warmup) shift ;;  # native-only')
+                runner_lines.append('    --chat-template) ARGS+=(--chat_format "$2"); shift 2 ;;')
+                runner_lines.append('    --fit|--split-mode|--tensor-split|--main-gpu|--parallel) shift 2 ;;  # native-only')
+                runner_lines.append('    --mlock) ARGS+=(--use_mlock true); shift ;;')
+                runner_lines.append('    *) ARGS+=("$1"); shift ;;')
+                runner_lines.append('  esac')
+                runner_lines.append('done')
+                runner_lines.append('exec python3 -m llama_cpp.server "${ARGS[@]}"')
+                runner_lines.append('_ODY_LLAMA_SHIM_EOF')
+                runner_lines.append('    chmod +x ~/bin/llama-server')
+                runner_lines.append('    echo "[odysseus] Created llama-server shim → python -m llama_cpp.server (no native binary needed)"')
+                runner_lines.append('  fi')
                 runner_lines.append('  # If the native build failed, fall back to the Python bindings.')
                 runner_lines.append('  if ! command -v llama-server &>/dev/null && ! python3 -c "import llama_cpp" 2>/dev/null; then')
                 runner_lines.append('    echo "llama-server build failed — installing Python bindings as fallback..."')
@@ -1834,6 +1924,25 @@ def setup_cookbook_routes() -> APIRouter:
         out, err = await _run_gpu_shell("ls -1 /sys/class/drm 2>/dev/null", host, ssh_port, timeout=4)
         if err is not None or not out:
             return []
+        # Pick the runtime label up-front so each GPU dict gets the
+        # right `backend`. AMD silicon can be driven by ROCm/HIP (native)
+        # OR Vulkan (mesa RADV). Reporting "rocm" on a host where no
+        # ROCm toolchain is installed misleads the frontend env-var
+        # prefix logic — it would emit `HIP_VISIBLE_DEVICES=` for a
+        # Vulkan-only stack, which is a silent no-op at best.
+        rt_out, _ = await _run_gpu_shell(
+            'command -v rocminfo >/dev/null 2>&1 && echo rocm '
+            '|| (command -v hipconfig >/dev/null 2>&1 && echo rocm) '
+            '|| (command -v vulkaninfo >/dev/null 2>&1 && echo vulkan) '
+            '|| echo unknown',
+            host, ssh_port, timeout=4,
+        )
+        _amd_runtime = (rt_out or "").strip().splitlines()[-1:][0].strip() if rt_out else "rocm"
+        if _amd_runtime not in ("rocm", "vulkan"):
+            # Default to rocm so existing ROCm-installed hosts keep
+            # working; "unknown" only happens when neither toolchain is
+            # detected (e.g. minimal sysfs read on a fresh box).
+            _amd_runtime = "rocm"
         gpus = []
         for entry in out.split():
             if not entry.startswith("card") or "-" in entry:
@@ -1877,7 +1986,7 @@ def setup_cookbook_routes() -> APIRouter:
                 "free_mb": free_mb, "total_mb": total_mb, "used_mb": used_mb,
                 "gtt_used_mb": gtt_used_mb,
                 "util_pct": 0, "busy": bool(total_mb and (free_mb / total_mb) < 0.85),
-                "processes": [], "backend": "rocm", "source": "amd-sysfs",
+                "processes": [], "backend": _amd_runtime, "source": "amd-sysfs",
                 "unified_memory": unified,
             })
         if gpus:
@@ -2018,10 +2127,15 @@ def setup_cookbook_routes() -> APIRouter:
 
         amd_gpus = await _probe_amd_sysfs(host, ssh_port)
         if amd_gpus:
+            # The per-GPU dict already carries the runtime label picked by
+            # _probe_amd_sysfs (rocm vs vulkan); mirror that into the
+            # wrapper so the frontend can read `data.backend` directly
+            # without scanning the list.
+            _amd_wrap_backend = str(amd_gpus[0].get("backend") or "rocm")
             return {
                 "ok": True,
                 "gpus": amd_gpus,
-                "backend": "rocm",
+                "backend": _amd_wrap_backend,
                 "source": "amd-sysfs",
                 "fallback_from": "nvidia-smi",
                 "nvidia_error": nvidia_error,
diff --git a/services/hwfit/hardware.py b/services/hwfit/hardware.py
index a3ad7ba05..0473475ed 100644
--- a/services/hwfit/hardware.py
+++ b/services/hwfit/hardware.py
@@ -282,7 +282,17 @@ def _detect_amd():
             "gpus": cards,
             "gpu_groups": groups,
             "homogeneous": len(groups) <= 1,
-            "backend": "rocm",
+            # Pick the actual runtime label: ROCm/HIP only when its
+            # toolchain is installed, otherwise Vulkan if vulkaninfo is
+            # present (mesa RADV works fine on RDNA/CDNA when ROCm
+            # packages are absent — see Strix Halo where ROCm support
+            # is still backporting). Reporting "rocm" on a Vulkan-only
+            # host misleads downstream env-var pinning
+            # (HIP_VISIBLE_DEVICES is a no-op there).
+            "backend": (
+                "rocm" if (_run(["which", "rocminfo"]) or _run(["which", "hipconfig"]))
+                else ("vulkan" if _run(["which", "vulkaninfo"]) else "rocm")
+            ),
             "unified_memory": is_apu,
             # AMD ISA/family so downstream can tell datacenter Instinct (CDNA,
             # where vLLM/SGLang run AWQ/GPTQ reliably) from consumer Radeon

From f01465e87f6fcb20f5a857926b969f0b8202fa10 Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Fri, 19 Jun 2026 00:33:19 +0000
Subject: [PATCH 04/22] Cookbook Dependencies: per-OS+backend install command +
 install-system-deps endpoint

When a llama.cpp launch needs cmake/build-essential/git the user used to
get a four-distro dump ("apt: x / pacman: y / dnf: z / brew: w") and
had to pick the right one. Now:

- shell_routes /api/cookbook/packages probes /etc/os-release on the
  target in the same SSH round-trip as the existing system-prereq
  check, classifies into debian / arch / fedora / alpine / suse /
  macos, and builds a single install_cmd_for_target string from the
  (os_family, backend) matrix. CUDA hosts get nvidia-cuda-toolkit;
  ROCm gets rocm-dev / rocm-hip-sdk; Vulkan gets libvulkan-dev /
  vulkan-headers; etc.

- llama_cpp catalog entry gets system_prereqs: [cmake, g++, git].
  When any of those are missing on the target, the row picks up
  pkg.build_deps_missing + pkg.install_cmd_for_target for the
  frontend to render.

- New POST /api/cookbook/install-system-deps endpoint runs the right
  package manager via passwordless sudo on the target. Allowlisted to
  {cmake, build-essential, g++, gcc, git, tmux, make}; sudo -n only
  so it can never hang waiting for a password (returns a clear
  "passwordless sudo unavailable" error via stderr instead).
---
 routes/shell_routes.py | 307 ++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 304 insertions(+), 3 deletions(-)

diff --git a/routes/shell_routes.py b/routes/shell_routes.py
index b4e52325d..406d80bb3 100644
--- a/routes/shell_routes.py
+++ b/routes/shell_routes.py
@@ -961,12 +961,84 @@ def setup_shell_routes() -> APIRouter:
 
         return StreamingResponse(generate(), media_type="text/event-stream")
 
+    def _os_id_from_release(text: str) -> str:
+        """Map /etc/os-release contents to a canonical family for our matrix."""
+        if not text:
+            return ""
+        ids = []
+        for line in text.splitlines():
+            line = line.strip()
+            if line.startswith("ID=") or line.startswith("ID_LIKE="):
+                ids += line.split("=", 1)[1].strip().strip('"').split()
+        ids = [i.lower() for i in ids]
+        if any(x in ids for x in ("debian", "ubuntu", "linuxmint", "pop", "elementary")):
+            return "debian"
+        if any(x in ids for x in ("arch", "manjaro", "endeavouros", "cachyos", "garuda")):
+            return "arch"
+        if any(x in ids for x in ("fedora", "rhel", "centos", "rocky", "almalinux", "ol")):
+            return "fedora"
+        if "alpine" in ids:
+            return "alpine"
+        if any(x in ids for x in ("suse", "opensuse", "opensuse-leap", "opensuse-tumbleweed", "sles")):
+            return "suse"
+        return ""
+
+    # Matrix lookup keyed on (os_family, backend) → (pkg_mgr_cmd_template, pkg_list_per_dep).
+    # Each `system_prereqs` name resolves to a list of OS-specific package
+    # names that get joined into the final `sudo apt install -y …` etc.
+    # command. Backend-specific extras (CUDA toolkit, ROCm, Vulkan headers)
+    # are added only when the detected backend needs them.
+    _PKG_NAMES = {
+        # canonical-name → {os_id: [actual_pkg_names_on_this_os]}
+        "cmake":           {"debian": ["cmake"], "arch": ["cmake"], "fedora": ["cmake"], "alpine": ["cmake"], "suse": ["cmake"], "macos": ["cmake"]},
+        "build-essential": {"debian": ["build-essential"], "arch": ["base-devel"], "fedora": ["gcc", "gcc-c++", "make"], "alpine": ["build-base"], "suse": ["gcc-c++", "make"], "macos": []},
+        "g++":             {"debian": ["g++"], "arch": ["gcc"], "fedora": ["gcc-c++"], "alpine": ["g++"], "suse": ["gcc-c++"], "macos": []},
+        "gcc":             {"debian": ["gcc"], "arch": ["gcc"], "fedora": ["gcc"], "alpine": ["gcc"], "suse": ["gcc"], "macos": []},
+        "make":            {"debian": ["make"], "arch": ["make"], "fedora": ["make"], "alpine": ["make"], "suse": ["make"], "macos": []},
+        "git":             {"debian": ["git"], "arch": ["git"], "fedora": ["git"], "alpine": ["git"], "suse": ["git"], "macos": ["git"]},
+        "tmux":            {"debian": ["tmux"], "arch": ["tmux"], "fedora": ["tmux"], "alpine": ["tmux"], "suse": ["tmux"], "macos": ["tmux"]},
+    }
+    _BACKEND_EXTRAS = {
+        "cuda":   {"debian": ["nvidia-cuda-toolkit"], "arch": ["cuda"], "fedora": ["cuda-toolkit"], "alpine": [], "suse": ["cuda"], "macos": []},
+        "rocm":   {"debian": ["rocm-dev"], "arch": ["rocm-hip-sdk"], "fedora": ["rocm-devel"], "alpine": [], "suse": ["rocm-dev"], "macos": []},
+        "vulkan": {"debian": ["libvulkan-dev", "vulkan-tools"], "arch": ["vulkan-headers", "vulkan-tools"], "fedora": ["vulkan-headers", "vulkan-tools"], "alpine": ["vulkan-loader-dev", "vulkan-tools"], "suse": ["vulkan-devel", "vulkan-tools"], "macos": []},
+    }
+    _PKG_MGR = {
+        "debian": "sudo apt install -y {pkgs}",
+        "arch":   "sudo pacman -S --needed {pkgs}",
+        "fedora": "sudo dnf install -y {pkgs}",
+        "alpine": "sudo apk add {pkgs}",
+        "suse":   "sudo zypper install -n {pkgs}",
+        "macos":  "brew install {pkgs}",
+    }
+
+    def _install_cmd_for_target(os_id: str, backend: str, missing: list[str]) -> str:
+        """Build a single OS+backend-aware install command for the missing prereqs."""
+        if not os_id or os_id not in _PKG_MGR:
+            return ""
+        pkgs: list[str] = []
+        seen: set[str] = set()
+        for m in missing:
+            for p in _PKG_NAMES.get(m, {}).get(os_id, []):
+                if p not in seen:
+                    pkgs.append(p); seen.add(p)
+        # Add backend-specific extras only when the build would actually
+        # consume them (a CUDA toolkit isn't useful on a Vulkan box).
+        backend = (backend or "").lower()
+        for p in _BACKEND_EXTRAS.get(backend, {}).get(os_id, []):
+            if p not in seen:
+                pkgs.append(p); seen.add(p)
+        if not pkgs:
+            return ""
+        return _PKG_MGR[os_id].format(pkgs=" ".join(pkgs))
+
     @router.get("/api/cookbook/packages")
     async def list_packages(
         request: Request,
         host: str | None = None,
         ssh_port: str | None = None,
         venv: str | None = None,
+        backend: str | None = None,
     ):
         """Check which optional packages are installed.
 
@@ -1015,6 +1087,12 @@ def setup_shell_routes() -> APIRouter:
                 "kind": "system",
                 "install_hint": "Install Docker on the selected server and allow this user to run docker.",
             },
+            # Note: cmake / gcc / git are not separate dependency rows —
+            # they're declared as `system_prereqs` on llama_cpp (and any
+            # other engine that compiles from source) so they appear as
+            # an inline status note on that engine's row instead of
+            # cluttering the panel with raw OS package names that aren't
+            # meaningful product-level dependencies on their own.
             # ── LLM ── installs on GPU servers for model serving/downloading
             {
                 "name": "hf_transfer",
@@ -1029,6 +1107,13 @@ def setup_shell_routes() -> APIRouter:
                 "desc": "Serve GGUF models via llama.cpp",
                 "category": "LLM",
                 "target": "remote",
+                # Build-toolchain prereqs. Cookbook's launch bootstrap
+                # compiles llama-server from source when no prebuilt
+                # binary is present; without these the build aborts
+                # with `cmake: command not found`. Surfaced inline on
+                # this row so the user doesn't have to chase three
+                # separate OS-package rows.
+                "system_prereqs": ["cmake", "g++", "git"],
             },
             {
                 "name": "sglang",
@@ -1143,14 +1228,28 @@ def setup_shell_routes() -> APIRouter:
                 raise HTTPException(400, str(e))
             except Exception:
                 remote_status = {}
-        if host and remote_system_names:
+        # Union of system_names + every package's system_prereqs. Probing
+        # the prereqs alongside the main system deps in a single SSH call
+        # avoids a second round-trip per Cookbook → Dependencies refresh.
+        prereq_names: set[str] = set()
+        for p in packages:
+            for pr in p.get("system_prereqs") or []:
+                prereq_names.add(str(pr))
+        all_system_names = list(set(remote_system_names) | prereq_names)
+        # Detect the target's OS family + read /etc/os-release in the same
+        # SSH round-trip as the prereq probe — used downstream to render a
+        # single OS-specific install command per row instead of dumping
+        # every distro's syntax onto the user.
+        target_os_id: str = ""
+        if host and all_system_names:
             try:
                 checks = []
-                for name in remote_system_names:
+                for name in all_system_names:
                     qn = shlex.quote(name)
                     checks.append(
                         f"if command -v {qn} >/dev/null 2>&1; then echo {qn}=1; else echo {qn}=0; fi"
                     )
+                checks.append("echo '---OSREL---'; cat /etc/os-release 2>/dev/null || true")
                 inner = " ; ".join(checks)
                 argv = _ssh_base_argv(host, ssh_port) + [inner]
                 proc = await asyncio.create_subprocess_exec(
@@ -1160,14 +1259,32 @@ def setup_shell_routes() -> APIRouter:
                 )
                 out, _err = await asyncio.wait_for(proc.communicate(), timeout=12)
                 txt = out.decode("utf-8", errors="replace").strip()
+                _section, _osrel_lines = "probe", []
                 for line in txt.splitlines():
+                    if line.strip() == "---OSREL---":
+                        _section = "osrel"; continue
+                    if _section == "osrel":
+                        _osrel_lines.append(line)
+                        continue
                     name, sep, value = line.strip().partition("=")
-                    if sep and name in remote_system_names:
+                    if sep and name in all_system_names:
                         remote_status[name] = value == "1"
+                target_os_id = _os_id_from_release("\n".join(_osrel_lines))
             except ValueError as e:
                 raise HTTPException(400, str(e))
             except Exception:
                 pass
+        elif not host:
+            # Local target — probe in-process so the inline install command
+            # still appears in the dep panel when the cookbook container
+            # itself is the selected server.
+            try:
+                with open("/etc/os-release", encoding="utf-8") as f:
+                    target_os_id = _os_id_from_release(f.read())
+            except Exception:
+                target_os_id = ""
+            if sys.platform == "darwin":
+                target_os_id = "macos"
 
         for pkg in packages:
             on_remote = bool(host and pkg.get("target") == "remote")
@@ -1229,6 +1346,94 @@ def setup_shell_routes() -> APIRouter:
                     # 500 the entire packages panel; report it as not usable.
                     pkg["installed"] = False
 
+            # llama_cpp partial-state probe: when the package is installed
+            # but the wheel was built CPU-only AND the target has NVIDIA
+            # hardware, mark the row as partial (yellow/orange) with a
+            # one-click upgrade to the CUDA wheel. Without this the row
+            # reads "ready" green while inference runs at 3 tok/s on GPU
+            # silicon — actively misleading.
+            if pkg["name"] == "llama_cpp" and pkg.get("installed"):
+                _gpu_capable = False
+                _has_nvidia_target = False
+                if on_remote and host:
+                    try:
+                        # Activate the configured venv FIRST so the probe
+                        # runs against the same python the launch script
+                        # would activate. Without this prefix, bare
+                        # `python3` was checked — which can disagree with
+                        # the venv's wheel (e.g. user-site has CUDA wheel
+                        # but venv has CPU-only), and the dep panel then
+                        # showed "ready" green while every launch fell to
+                        # CPU.
+                        _vp = _venv_activate_prefix(venv)
+                        probe = (
+                            f'{_vp}python3 -c "import llama_cpp; import sys; '
+                            'sys.exit(0 if llama_cpp.llama_supports_gpu_offload() else 1)" '
+                            '&& echo llama_cpp_gpu=1 || echo llama_cpp_gpu=0; '
+                            'command -v nvidia-smi >/dev/null 2>&1 '
+                            '&& nvidia-smi -L 2>/dev/null | grep -q "GPU " '
+                            '&& echo nvidia=1 || echo nvidia=0'
+                        )
+                        argv = _ssh_base_argv(host, ssh_port) + [probe]
+                        proc = await asyncio.create_subprocess_exec(
+                            *argv, stdout=asyncio.subprocess.PIPE, stderr=asyncio.subprocess.PIPE,
+                        )
+                        out, _ = await asyncio.wait_for(proc.communicate(), timeout=8)
+                        txt = out.decode("utf-8", errors="replace")
+                        if "llama_cpp_gpu=1" in txt:
+                            _gpu_capable = True
+                        if "nvidia=1" in txt:
+                            _has_nvidia_target = True
+                    except Exception:
+                        pass
+                else:
+                    try:
+                        import llama_cpp as _lcp  # type: ignore
+                        _gpu_capable = bool(_lcp.llama_supports_gpu_offload())
+                    except Exception:
+                        _gpu_capable = False
+                    _has_nvidia_target = shutil.which("nvidia-smi") is not None
+                if (not _gpu_capable) and _has_nvidia_target:
+                    pkg["partial"] = True
+                    pkg["partial_reason"] = "Installed but CPU-only wheel — GPU detected on this target. Upgrade to a CUDA wheel for ~10× faster inference."
+                    pkg["partial_action"] = "reinstall_llama_cpp_cuda"
+            # Attach per-package system_prereqs status. We probed each
+            # prereq name above; surface "Missing build deps: …" ONLY
+            # when the package itself is not installed — if the package
+            # works (e.g. llama-cpp-python already imports cleanly), the
+            # build toolchain is irrelevant and surfacing it as a red
+            # flag confuses users ("ready" + "missing" on the same row).
+            _prereqs = list(pkg.get("system_prereqs") or [])
+            if _prereqs:
+                if on_remote:
+                    _pr_present = {n: bool(remote_status.get(n)) for n in _prereqs}
+                else:
+                    _pr_present = {n: shutil.which(n) is not None for n in _prereqs}
+                pkg["system_prereqs_status"] = _pr_present
+                _missing = [n for n, ok in _pr_present.items() if not ok]
+                # Suppress the "missing build deps" hint when the package
+                # itself is installed — build deps are only relevant if
+                # the user would need to recompile from source.
+                if pkg.get("installed"):
+                    _missing = []
+                if _missing:
+                    # Build a target-specific install command from the
+                    # (os_family, backend) matrix when we know both. Fall
+                    # back to the multi-distro hint only when the target's
+                    # OS can't be classified (e.g. ssh probe failed).
+                    _resolved_os = target_os_id or "debian"  # safest default
+                    _cmd = _install_cmd_for_target(_resolved_os, backend or "", _missing)
+                    if _cmd and target_os_id:
+                        _hint = "Missing build deps for this target: " + ", ".join(_missing)
+                        pkg["install_cmd_for_target"] = _cmd
+                        pkg["install_cmd_os"] = target_os_id
+                        pkg["install_cmd_backend"] = (backend or "").lower()
+                    else:
+                        _hint = "Missing build deps: " + ", ".join(_missing) + ". Install via apt: cmake build-essential git / pacman: cmake base-devel git / dnf: cmake gcc-c++ make git / brew: cmake git."
+                    _existing_note = pkg.get("status_note") or ""
+                    pkg["status_note"] = (_existing_note + " — " + _hint) if _existing_note else _hint
+                    pkg["build_deps_missing"] = _missing
+
             if pkg.get("installed"):
                 update_status = _package_pip_update_status(pkg, probe)
                 pkg["pip_update_available"] = update_status.available
@@ -1288,6 +1493,102 @@ def setup_shell_routes() -> APIRouter:
             return {"ok": True, "output": stdout.decode()[-200:]}
         return {"ok": False, "error": stderr.decode()[-300:]}
 
+    @router.post("/api/cookbook/install-system-deps")
+    async def install_system_deps(request: Request):
+        """Install OS-level system packages (cmake/build-essential/git/tmux)
+        on a remote target or in the local container. Admin only.
+
+        Bounded by a per-package allowlist — anything outside the catalog
+        is rejected so the route can't be coerced into installing arbitrary
+        OS packages. Uses `sudo -n` (passwordless) so the call returns a
+        clear "needs sudo password" error instead of hanging when interactive
+        sudo is required.
+        """
+        _require_admin(request)
+        body = await request.json()
+        raw = body.get("packages") or []
+        host = (body.get("remote_host") or "").strip()
+        ssh_port = body.get("ssh_port")
+        # Names users can request — must match canonical names used in the
+        # deps catalog's `system_prereqs` field and on the System rows.
+        ALLOWED = {"cmake", "build-essential", "g++", "gcc", "git", "tmux", "make"}
+        pkgs = [str(p).strip() for p in raw if str(p).strip() in ALLOWED]
+        if not pkgs:
+            return {"ok": False, "error": "no installable packages requested (allowlist: " + ", ".join(sorted(ALLOWED)) + ")"}
+        # Re-map to the right package name per OS. apt/dpkg use the names
+        # as-is; pacman has base-devel for build-essential, etc.
+        def _apt(names): return list(names)
+        def _pacman(names):
+            return ["base-devel" if n == "build-essential" else n for n in names]
+        def _dnf(names):
+            out = []
+            for n in names:
+                if n == "build-essential": out += ["gcc", "gcc-c++", "make"]
+                elif n == "g++": out += ["gcc-c++"]
+                else: out.append(n)
+            return out
+        def _brew(names):
+            return [n for n in names if n not in ("build-essential", "g++", "gcc", "make")]
+        # Build a single shell snippet that detects the package manager and
+        # runs the right install. Non-interactive sudo (-n) only — if sudo
+        # asks for a password the script reports it instead of hanging.
+        apt_pkgs = " ".join(shlex.quote(p) for p in _apt(pkgs))
+        pac_pkgs = " ".join(shlex.quote(p) for p in _pacman(pkgs))
+        dnf_pkgs = " ".join(shlex.quote(p) for p in _dnf(pkgs))
+        brew_pkgs = " ".join(shlex.quote(p) for p in _brew(pkgs))
+        # Error messages go to stderr (>&2) so the route's error field
+        # gets populated. Without the redirect, `echo "ERROR…"` on stdout
+        # left stderr empty and the frontend toast fell through to a
+        # bare "HTTP 200" instead of surfacing the real reason.
+        script = (
+            'set -e; '
+            'if ! sudo -n true 2>/dev/null; then '
+            '  echo "ERROR: passwordless sudo unavailable on this target. Run once: sudo apt install -y ' + " ".join(pkgs) + ' (or your distro equivalent: pacman -S, dnf install, brew install). After that, Cookbook can install the rest." >&2; exit 2; fi; '
+            'if command -v apt-get >/dev/null 2>&1; then '
+            f'  sudo -n env DEBIAN_FRONTEND=noninteractive apt-get update -qq && sudo -n env DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends {apt_pkgs}; '
+            'elif command -v pacman >/dev/null 2>&1; then '
+            f'  sudo -n pacman -Sy --needed --noconfirm {pac_pkgs}; '
+            'elif command -v dnf >/dev/null 2>&1; then '
+            f'  sudo -n dnf install -y {dnf_pkgs}; '
+            'elif command -v brew >/dev/null 2>&1; then '
+            f'  brew install {brew_pkgs}; '
+            'else '
+            '  echo "ERROR: no supported package manager (apt/pacman/dnf/brew) on this target." >&2; exit 3; fi'
+        )
+        try:
+            if host:
+                argv = _ssh_base_argv(host, ssh_port) + [script]
+            else:
+                argv = ["bash", "-lc", script]
+        except ValueError as e:
+            raise HTTPException(400, str(e))
+        try:
+            proc = await asyncio.create_subprocess_exec(
+                *argv, stdout=asyncio.subprocess.PIPE, stderr=asyncio.subprocess.PIPE
+            )
+            out, err = await asyncio.wait_for(proc.communicate(), timeout=180)
+        except asyncio.TimeoutError:
+            return {"ok": False, "error": "Install timed out after 180s"}
+        ok = (proc.returncode == 0)
+        # Combine stderr + (last lines of stdout) into a single error
+        # blob when ok=False — some package managers print useful failure
+        # context to stdout, and a script that exits via `echo ...; exit N`
+        # without `>&2` would otherwise hand back an empty error string
+        # and force the frontend to show a bare "HTTP 200".
+        err_txt = err.decode("utf-8", errors="replace").strip()
+        out_txt = out.decode("utf-8", errors="replace").strip()
+        if not ok:
+            tail_out = out_txt[-500:] if out_txt else ""
+            combined = err_txt or tail_out or f"exit code {proc.returncode}"
+        else:
+            combined = None
+        return {
+            "ok": ok,
+            "exit_code": proc.returncode,
+            "output": out_txt[-1000:],
+            "error": combined,
+        }
+
     @router.post("/api/cookbook/rebuild-engine")
     async def rebuild_engine(request: Request):
         """Clear the cached llama.cpp build so the next serve recompiles.

From ee6fd8ffe8321a80fee2571ef42b7a3bf6e1be4c Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Fri, 19 Jun 2026 00:33:37 +0000
Subject: [PATCH 05/22] Cookbook UI: backend-aware env vars, always-show
 MoE/EP/Reasoning toggles, GPU default, Firefox-mobile expand

Frontend half of the backend-detection + per-OS install command work,
plus a pile of mobile/UX fixes:

Backend awareness:
- _gpuEnvPrefix() picks CUDA_VISIBLE_DEVICES / HIP_VISIBLE_DEVICES /
  nothing based on detected hwfit backend + scanned-host match (so a
  stale ajax scan does not leak CUDA env vars into a kierkegaard
  Vulkan launch). Replaces 6 hardcoded CUDA_VISIBLE_DEVICES sites.
- GGML_CUDA_ENABLE_UNIFIED_MEMORY only emitted when backend is
  actually CUDA (was leaking onto Vulkan/ROCm via saved presets).

Per-target install command:
- Dep rows render a single mono command box + Copy button when the
  server resolved pkg.install_cmd_for_target. Reused in the build-deps
  install failure toast so the toast and the row show the same line.
- Diagnosis patterns split cmake/g++/git out of the generic
  llama-cpp-python catch-all so a missing-cmake failure surfaces a
  cmake-specific message + per-distro Copy buttons.

Form toggles always visible:
- Reasoning Parser, Expert Parallel, MoE Env Vars no longer gated on
  model-family detection. Detection still hints (parser tag shown when
  matched); toggle works with sensible defaults otherwise. MiniMax M-
  series added to MoE family detector so the auto-fill is right.

Mobile + GPU default:
- Launch tab cached-list flex collapsed to 0px on mobile because the
  desktop `flex: 1 1 0` had no parent height to grow into. Override
  to `flex: 0 0 auto` in the cookbook mobile @media block.
- doclib-card expand on mobile (Firefox no :has() support) pins
  explicit px heights so the launch form actually appears.
- llama_mode defaults to gpu when hwfit detected cuda/rocm/vulkan/
  metal on the current target, instead of always cpu (which was
  forcing -ngl 0 on first-open and burning 35GB models on CPU).
---
 static/js/cookbook-diagnosis.js |  46 +++-
 static/js/cookbook-hwfit.js     |  12 +-
 static/js/cookbook.js           | 364 +++++++++++++++++++++++++++++---
 static/js/cookbookServe.js      | 340 +++++++++++++++++++++++++----
 static/style.css                |  20 +-
 5 files changed, 706 insertions(+), 76 deletions(-)

diff --git a/static/js/cookbook-diagnosis.js b/static/js/cookbook-diagnosis.js
index 5ac387178..200803313 100644
--- a/static/js/cookbook-diagnosis.js
+++ b/static/js/cookbook-diagnosis.js
@@ -461,6 +461,40 @@ export const ERROR_PATTERNS = [
       { label: 'Copy install command', action: () => _copyText('curl -fsSL https://ollama.com/install.sh | sh') },
     ],
   },
+  // System build deps must be checked BEFORE the llama-server catch-all:
+  // a `cmake: command not found` failure ALSO produces `llama-server:
+  // command not found` later in the script (the build aborts then the
+  // run line fails) — pattern order is first-match-wins, so without
+  // these specific entries the user gets the misleading "install
+  // llama-cpp-python[server]" suggestion when the actual blocker is a
+  // missing OS-package toolchain that pip can't ship.
+  {
+    pattern: /cmake: command not found|cmake.*not found.*Could not/i,
+    message: 'cmake is required to compile llama.cpp from source, but it is not installed on this server.',
+    suggestion: 'Suggested action: install cmake via the OS package manager — apt: cmake build-essential / pacman: cmake base-devel / dnf: cmake gcc-c++ make / brew: cmake. Cookbook can do this automatically on the next launch if your user has passwordless sudo for apt/pacman/dnf.',
+    fixes: [
+      { label: 'Open Dependencies', action: () => _openCookbookDependencies('llama_cpp') },
+      { label: 'Copy apt install', action: () => _copyText('sudo apt install -y cmake build-essential git') },
+      { label: 'Copy pacman install', action: () => _copyText('sudo pacman -Sy --needed cmake base-devel git') },
+      { label: 'Copy dnf install', action: () => _copyText('sudo dnf install -y cmake gcc gcc-c++ make git') },
+    ],
+  },
+  {
+    pattern: /^(make|g\+\+|gcc): command not found|Could not find C\+\+ compiler/i,
+    message: 'A C/C++ compiler (build-essential / base-devel) is required to compile llama.cpp.',
+    fixes: [
+      { label: 'Open Dependencies', action: () => _openCookbookDependencies('llama_cpp') },
+      { label: 'Copy apt install', action: () => _copyText('sudo apt install -y build-essential') },
+    ],
+  },
+  {
+    pattern: /^git: command not found/i,
+    message: 'git is required to clone the llama.cpp source tree.',
+    fixes: [
+      { label: 'Open Dependencies', action: () => _openCookbookDependencies('llama_cpp') },
+      { label: 'Copy apt install', action: () => _copyText('sudo apt install -y git') },
+    ],
+  },
   {
     pattern: /llama-server.*command not found|llama\.cpp.*not found|No module named.*llama_cpp|No module named 'starlette_context'/i,
     message: 'llama-cpp-python server is not installed. Run: pip install "llama-cpp-python[server]"',
@@ -688,11 +722,15 @@ export function _showDiagnosis(panel, diagnosis, sourceText) {
   copyBtn.addEventListener('click', async (e) => {
     e.stopPropagation();
     const bundle = _diagnosisCopyBundle(task, diagnosis, sourceText, suggestionText);
-    try {
-      await navigator.clipboard.writeText(bundle);
+    // Use the shared helper which falls back to execCommand('copy') on
+    // non-HTTPS origins (Tailscale IPs, LAN IPs, etc.) — navigator.clipboard
+    // is silently a no-op on those, which is why the button appeared dead
+    // for users on http://100.113.161.2:7011 over Tailscale/mobile.
+    const ok = await _copyText(bundle);
+    if (ok) {
       copyBtn.classList.add('copied');
       setTimeout(() => { if (copyBtn.isConnected) copyBtn.classList.remove('copied'); }, 1200);
-    } catch (_) {}
+    }
   });
 
   const dismissBtn = document.createElement('button');
@@ -757,7 +795,7 @@ export function _showDiagnosis(panel, diagnosis, sourceText) {
       });
       row.appendChild(btn);
     }
-    body.appendChild(row);
+    diag.appendChild(row);
   }
 }
 
diff --git a/static/js/cookbook-hwfit.js b/static/js/cookbook-hwfit.js
index 243d3c9c7..9098d8082 100644
--- a/static/js/cookbook-hwfit.js
+++ b/static/js/cookbook-hwfit.js
@@ -578,7 +578,9 @@ export async function _hwfitFetch(fresh = false) {
   const _cached = fresh ? null : _readScanCache(_sig);
   const wp = spinnerModule.createWhirlpool(18);
   if (_cached) {
-    _hwfitCache = _cached;
+    // Tag the restored cache with its host too (scan-sig keys cache per
+    // host, so a hit here is always for the current remoteHost).
+    _hwfitCache = { ..._cached, _scannedHost: remoteHost || '' };
     _hwfitRenderHw(hw, _cached.system);
     if (!remoteHost && _cached.system && _cached.system.platform) {
       _envState.platform = _cached.system.platform;
@@ -750,7 +752,11 @@ export async function _hwfitFetch(fresh = false) {
         : _olRows;
       data.models = (data.models || []).concat(_olFiltered);
     }
-    _hwfitCache = data;
+    // Tag the cache with the host this scan was for, so downstream
+    // code (_gpuEnvVarName, backend-aware command builders) can avoid
+    // trusting a stale scan when the user switches the server picker
+    // to a different target without re-running hwfit.
+    _hwfitCache = { ...data, _scannedHost: remoteHost || '' };
     _hwfitRenderHw(hw, data.system);
     // Propagate local platform from hardware probe so _isWindows(task) works
     // for local tasks (menu items, shell commands, etc.).
@@ -1679,7 +1685,7 @@ export function _expandModelRow(row, modelData) {
       } else if (runBackend === 'llamacpp') {
         const dir = `"$HOME/.cache/huggingface/hub/models--${modelData.name.replace(/\//g, '--')}/snapshots"`;
         const ggufPath = `$({ find ${dir} -name '*-00001-of-*.gguf' 2>/dev/null | sort; find ${dir} -name '*.gguf' 2>/dev/null | sort; } | head -1)`;
-        cmd = `MODEL_FILE=${ggufPath} && { [ -n "$MODEL_FILE" ] && [ -f "$MODEL_FILE" ]; } || { echo "ERROR: No GGUF found on this host. Download a GGUF quant or switch backend."; exit 1; } && llama-server --model "$MODEL_FILE" --host 0.0.0.0 --port 8080 -ngl 99 -c ${maxCtx} || python3 -m llama_cpp.server --model "$MODEL_FILE" --host 0.0.0.0 --port 8080 --n_gpu_layers 99 --n_ctx ${maxCtx}`;
+        cmd = `llama-server --model "${ggufPath}" --host 0.0.0.0 --port 8080 -ngl 99 -c ${maxCtx} --flash-attn auto`;
       } else {
         cmd = `vllm serve ${modelData.name} --host 0.0.0.0 --port ${port}`;
         cmd += ` --tensor-parallel-size ${tp}`;
diff --git a/static/js/cookbook.js b/static/js/cookbook.js
index 81acc9e0d..3aaa70465 100644
--- a/static/js/cookbook.js
+++ b/static/js/cookbook.js
@@ -259,6 +259,15 @@ function _detectModelOptimizations(modelName) {
     opts.kvCacheDtype = 'fp8';
     opts.tips.push('fp8 KV cache required — bf16 OOMs at usable context');
   }
+  // MiniMax MoE — Abab/M1/M2/M2.5/M2.7 are all MoE (Lightning Attention +
+  // MoE in M1, full sparse MoE from M2 onward). They benefit from the
+  // same --enable-expert-parallel flag as the Qwen/DeepSeek families,
+  // and the toggle has to be detectable here for the Expert Parallel
+  // checkbox in the serve form to render at all.
+  else if (n.includes('minimax')) {
+    opts.flags.push('--enable-expert-parallel');
+    opts.tips.push('MoE expert parallel for MiniMax');
+  }
   // Reasoning parser — applies independently of MoE detection. Without this
   // flag, models like MiniMax-M2.x, DeepSeek-R1, Qwen3 reasoning, GLM-4.x,
   // gpt-oss leak <think> blocks as plain text instead of separating them
@@ -419,6 +428,38 @@ export function _psQuote(value) {
   return "'" + String(value ?? '').replace(/'/g, "''") + "'";
 }
 
+// Pick the GPU-pinning env-var name for the detected backend. NVIDIA uses
+// CUDA_VISIBLE_DEVICES; ROCm/HIP uses HIP_VISIBLE_DEVICES; Vulkan and
+// Apple Metal don't take an index env var at all (and CUDA_VISIBLE_DEVICES
+// is a silent no-op on those, which silently hides "wrong backend" config
+// bugs). Returns 'cmd ' style prefix ('CUDA_VISIBLE_DEVICES=0 ') or '' when
+// the backend doesn't support pinning. Pass isWindows=true to get PowerShell
+// `$env:` syntax instead. backend defaults to whatever hwfit detected.
+function _gpuEnvVarName() {
+  // Only emit a pinning env var when we POSITIVELY know the backend AND
+  // the hwfit scan was actually run against the currently-targeted host.
+  // Without the target-match guard, switching the server picker from an
+  // NVIDIA box (cuda) to a local/Vulkan target preserved the stale
+  // `cuda` backend in the cache, leaking `CUDA_VISIBLE_DEVICES=` into
+  // launches that don't have an NVIDIA GPU at all. Default to "" when
+  // unsure — the user sees a clean command and is prompted to scan.
+  const cachedHost = String(_hwfitCache?._scannedHost || '');
+  const currentHost = String(_envState.remoteHost || '');
+  if (cachedHost !== currentHost) return '';
+  const sb = String(_hwfitCache?.system?.backend || '').toLowerCase();
+  if (sb === 'cuda') return 'CUDA_VISIBLE_DEVICES';
+  if (sb === 'rocm') return 'HIP_VISIBLE_DEVICES';
+  return ''; // vulkan / metal / mps / apple / cpu / generic / unknown — no env-var pinning
+}
+function _gpuEnvPrefix(gpuId, isWindows = false) {
+  const id = String(gpuId || '').trim();
+  if (!id) return '';
+  const varName = _gpuEnvVarName();
+  if (!varName) return '';
+  if (isWindows) return `$env:${varName}="${id}"; `;
+  return `${varName}=${id} `;
+}
+
 export function _buildEnvPrefix() {
   if (_isWindows()) return _buildEnvPrefixWindows();
   let parts = [];
@@ -431,7 +472,8 @@ export function _buildEnvPrefix() {
   }
   let envVars = [];
   if (_envState.hfToken) envVars.push('export HF_TOKEN=' + _shellQuote(_envState.hfToken));
-  if (_envState.gpus) envVars.push('export CUDA_VISIBLE_DEVICES=' + _shellQuote(_envState.gpus));
+  const _envGpuVar = _gpuEnvVarName();
+  if (_envState.gpus && _envGpuVar) envVars.push(`export ${_envGpuVar}=` + _shellQuote(_envState.gpus));
   if (envVars.length) parts.push(envVars.join(' && '));
   if (parts.length === 0) return '';
   return parts.join(' && ') + ' &&';
@@ -447,7 +489,8 @@ function _buildEnvPrefixWindows() {
     parts.push('conda activate ' + _psQuote(_envState.envPath));
   }
   if (_envState.hfToken) parts.push('$env:HF_TOKEN=' + _psQuote(_envState.hfToken));
-  if (_envState.gpus) parts.push('$env:CUDA_VISIBLE_DEVICES=' + _psQuote(_envState.gpus));
+  const _winGpuVar = _gpuEnvVarName();
+  if (_envState.gpus && _winGpuVar) parts.push(`$env:${_winGpuVar}=` + _psQuote(_envState.gpus));
   if (parts.length === 0) return '';
   return parts.join('; ') + ';';
 }
@@ -468,10 +511,18 @@ export function _buildServeCmd(f, modelName, backend) {
     // the bare "auto" input that used to back gpu_id is gone, and the
     // button strip is the only source for which devices to pin.
     const gpuId = (f.gpus || f.gpu_id || '').toString().trim();
-    if (gpuId) cmd += `CUDA_VISIBLE_DEVICES=${gpuId} `;
+    cmd += _gpuEnvPrefix(gpuId);
     if (f.moe_env) {
       const _opts = _detectModelOptimizations(modelName);
-      if (_opts.envVars.length) cmd += _opts.envVars.join(' ') + ' ';
+      if (_opts.envVars.length) {
+        cmd += _opts.envVars.join(' ') + ' ';
+      } else {
+        // Fallback when the user toggles MoE Env on for a model the
+        // family detector didn't classify as MoE — emit the generic
+        // vLLM MoE optimization env vars so the toggle is never a
+        // silent no-op (was the case before the "always show" change).
+        cmd += 'VLLM_USE_DEEP_GEMM=0 VLLM_USE_FLASHINFER_MOE_FP16=1 OMP_NUM_THREADS=4 ';
+      }
     }
     // Pinned attention backend (Attention field). Empty = let vLLM pick.
     const _attn = (f.vllm_attn_backend ?? '').toString().trim();
@@ -513,7 +564,7 @@ export function _buildServeCmd(f, modelName, backend) {
     // the bare "auto" input that used to back gpu_id is gone, and the
     // button strip is the only source for which devices to pin.
     const gpuId = (f.gpus || f.gpu_id || '').toString().trim();
-    if (gpuId) cmd += `CUDA_VISIBLE_DEVICES=${gpuId} `;
+    cmd += _gpuEnvPrefix(gpuId);
     const _extraEnv = (f.extra_env ?? '').toString().replace(/\s+/g, ' ').trim();
     if (_extraEnv) cmd += _extraEnv + ' ';
     cmd += `${_py3Bin} -m sglang.launch_server --model-path ${modelName} --host 0.0.0.0 --port ${f.port || '30000'}`;
@@ -536,24 +587,39 @@ export function _buildServeCmd(f, modelName, backend) {
     // CPU-only serve (-ngl 0): drop the GPU-only flags, otherwise the command
     // mixes "zero GPU layers" with CUDA unified-memory + flash-attn and fails to
     // start (issue #1291). Only affects the ngl=0 path; GPU serving is unchanged.
+    // The Inference mode pill (GPU/CPU) above gates this — when the user picks
+    // CPU, force ngl=0 here so all downstream flag-suppression fires
+    // consistently regardless of what the (now-hidden) ngl input shows.
+    if (String(f.llama_mode || '').toLowerCase() === 'cpu') {
+      f.ngl = '0';
+    } else if (String(f.llama_mode || '').toLowerCase() === 'gpu' && (!f.ngl || String(f.ngl).trim() === '0')) {
+      f.ngl = '99';
+    }
     const _cpuOnly = String(f.ngl).trim() === '0';
+    // GGML_CUDA_* env vars are no-ops on Vulkan/ROCm/Metal/CPU. Only emit
+    // them when the detected backend is actually CUDA AND the hwfit scan
+    // was run against the currently-targeted host, so a saved preset
+    // from a prior NVIDIA target doesn't pollute a non-NVIDIA launch
+    // with misleading prefixes.
+    const _sb = String(_hwfitCache?.system?.backend || '').toLowerCase();
+    const _hwfitHost = String(_hwfitCache?._scannedHost || '');
+    const _curHost = String(_envState.remoteHost || '');
+    const _isCudaTarget = (_sb === 'cuda') && (_hwfitHost === _curHost);
     const lcPrefix = (() => {
       let p = '';
-      if (f.unified_mem && !_cpuOnly && !_isWindows()) p += `GGML_CUDA_ENABLE_UNIFIED_MEMORY=1 `;
-      if (gpuId && !_isWindows()) p += `CUDA_VISIBLE_DEVICES=${gpuId} `;
+      if (f.unified_mem && !_cpuOnly && !_isWindows() && _isCudaTarget) p += `GGML_CUDA_ENABLE_UNIFIED_MEMORY=1 `;
+      // No GPU env var in CPU mode — `-ngl 0` already disables offload
+      // so CUDA_VISIBLE_DEVICES / HIP_VISIBLE_DEVICES would be misleading
+      // clutter ("why is CUDA pinned for a CPU run?").
+      if (!_isWindows() && !_cpuOnly) p += _gpuEnvPrefix(gpuId);
       return p;
     })();
-    if (f.unified_mem && !_cpuOnly && _isWindows()) cmd += `$env:GGML_CUDA_ENABLE_UNIFIED_MEMORY="1"; `;
-    if (gpuId && _isWindows()) cmd += `$env:CUDA_VISIBLE_DEVICES="${gpuId}"; `;
-    if (!_isWindows()) {
-      // Resolve GGUF path once, fail loudly if nothing matched (prevents
-      // `--model ""` which causes confusing downstream errors).
-      cmd += `MODEL_FILE=${ggufPath} && { [ -n "$MODEL_FILE" ] && [ -f "$MODEL_FILE" ]; } || { echo "ERROR: No GGUF found on this host. Either download the model here, or switch to the server where it's cached."; exit 1; } && `;
-    }
-    const modelArg = _isWindows() ? `"${ggufPath}"` : `"$MODEL_FILE"`;
-    // Prefer the native llama-server binary on Linux — its minja templating
-    // renders modern GGUF chat templates that the Python bindings' Jinja2
-    // rejects (do_tojson ensure_ascii). Fall back to llama_cpp.server.
+    if (f.unified_mem && !_cpuOnly && _isWindows() && _isCudaTarget) cmd += `$env:GGML_CUDA_ENABLE_UNIFIED_MEMORY="1"; `;
+    if (_isWindows() && !_cpuOnly) cmd += _gpuEnvPrefix(gpuId, true);
+    const modelArg = `"${ggufPath}"`;
+    // Prefer native llama-server. The backend bootstrap resolves/builds the
+    // right binary (Vulkan/HIP/CUDA/Metal/CPU), so keep the generated command
+    // as a validator-safe binary + args with no shell chaining.
     // Don't suppress stderr — surface real errors (missing file, lib, OOM).
     // Optional perf/fit flags from a hardware profile (see services/hwfit/
     // profiles.py). n_cpu_moe offloads MoE expert layers to CPU when the model
@@ -575,9 +641,16 @@ export function _buildServeCmd(f, modelName, backend) {
       _lcExtra += ` --n-cpu-moe ${_ncm}`;
       _lcpExtra += ` --n_cpu_moe ${_ncm}`;   // llama-cpp-python uses underscores
     }
+    // Flash-attn default = auto: native llama-server picks whether to
+    // enable based on the build/model; explicit ON (the Flash-attn
+    // toggle in the form) forces it. "auto" is a meaningful arg, not
+    // omission — older builds without flash-attn ignore it cleanly,
+    // newer ones get the speedup without the user having to know.
     if (f.flash_attn && !_cpuOnly) {
       _lcExtra += ' --flash-attn on';
       _lcpExtra += ' --flash_attn true';
+    } else if (!_cpuOnly) {
+      _lcExtra += ' --flash-attn auto';
     }
     if (_kv) {
       _lcExtra += ` --cache-type-k ${_kv} --cache-type-v ${_kv}`;
@@ -613,12 +686,11 @@ export function _buildServeCmd(f, modelName, backend) {
       // llama-cpp-python takes the projector via --clip_model_path.
       _lcpExtra += ` --clip_model_path "${f._mmproj_path}"`;
     }
-    const _lcpServer = `${lcPrefix}${py} -m llama_cpp.server --model ${modelArg} --host 0.0.0.0 --port ${f.port || '8080'} --n_gpu_layers ${f.ngl || '99'} --n_ctx ${f.ctx || '8192'}${_lcpExtra}`;
     if (_isWindows()) {
+      const _lcpServer = `${lcPrefix}${py} -m llama_cpp.server --model ${modelArg} --host 0.0.0.0 --port ${f.port || '8080'} --n_gpu_layers ${f.ngl || '99'} --n_ctx ${f.ctx || '8192'}${_lcpExtra}`;
       cmd += _lcpServer;
     } else {
       cmd += `${lcPrefix}llama-server --model ${modelArg} --host 0.0.0.0 --port ${f.port || '8080'} -ngl ${f.ngl || '99'} -c ${f.ctx || '8192'}${_lcExtra}`;
-      cmd += ` || ${_lcpServer}`;
     }
   } else if (backend === 'ollama') {
     const ollamaPort = f.port || '11434';
@@ -652,7 +724,7 @@ export function _buildServeCmd(f, modelName, backend) {
     }
   } else if (backend === 'diffusers') {
     const gpuStr = f.gpus?.trim();
-    if (gpuStr) cmd += `CUDA_VISIBLE_DEVICES=${gpuStr} `;
+    cmd += _gpuEnvPrefix(gpuStr);
     const diffusersPy = _isWindows() ? 'python' : _py3Bin;
     cmd += `${diffusersPy} scripts/diffusion_server.py --model ${modelName} --port ${f.port || '8100'}`;
     if (f.diff_dtype && f.diff_dtype !== 'bfloat16') cmd += ` --dtype ${f.diff_dtype}`;
@@ -771,6 +843,14 @@ async function _fetchDependencies() {
       if (_depPort) _pkgParams.set('ssh_port', _depPort);
       if (_depVenv) _pkgParams.set('venv', _depVenv);
     }
+    // Pass the detected backend so the server can build a single
+    // OS+backend-aware install command per row (e.g. add nvidia-cuda-toolkit
+    // on a CUDA-Debian box, vulkan-headers on a Vulkan-Arch box, etc.)
+    // instead of dumping every distro's syntax as a hint.
+    const _depBackend = String(_hwfitCache?.system?.backend || '').toLowerCase();
+    if (_depBackend && _hwfitCache?._scannedHost === _depHost) {
+      _pkgParams.set('backend', _depBackend);
+    }
     const resp = await fetch('/api/cookbook/packages' + (_pkgParams.toString() ? '?' + _pkgParams.toString() : ''));
     const data = await resp.json();
     const pkgs = data.packages || [];
@@ -832,18 +912,61 @@ async function _fetchDependencies() {
       // For backends with a recipe catalog (vllm / sglang / llama_cpp),
       // append a caret button that toggles a per-row recipe panel below.
       const hasRecipe = RECIPE_BACKENDS.has(pkg.name);
-      const recipeCaret = hasRecipe
-        ? `<button class="cookbook-dep-tag cookbook-dep-recipe-caret" data-dep-recipe-toggle="${esc(pkg.name)}" title="Pick a model to see the exact install commands" aria-expanded="false" style="background:none;border:1px solid var(--border);padding:2px 6px;display:inline-flex;align-items:center;cursor:pointer;"><svg width="11" height="11" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.5" stroke-linecap="round" stroke-linejoin="round" style="transition:transform 0.15s"><polyline points="6 9 12 15 18 9"/></svg></button>`
-        : '';
+      // Standalone recipe-caret button removed — the "Pick install
+      // command" action lives inside the Installed ▾ dropdown menu
+      // (see _showDepMenu) so each row only has ONE caret to click.
+      // Kept the variable so downstream concat code stays the same.
+      const recipeCaret = '';
       const recipePanel = hasRecipe ? _recipePanelHtml(pkg.name) : '';
+      // When llama_cpp (or any future engine) reports build_deps_missing
+      // from its system_prereqs probe, surface a one-tap install button
+      // that fires the OS package manager on the target via
+      // /api/cookbook/install-system-deps. Keeps the user inside Cookbook
+      // instead of forcing them out to a shell to apt/pacman/dnf.
+      const _bdm = Array.isArray(pkg.build_deps_missing) ? pkg.build_deps_missing : [];
+      const _buildDepsBtn = _bdm.length
+        ? `<button type="button" class="cookbook-dep-tag cookbook-dep-install cookbook-dep-install-sysdeps" data-dep-sysdeps="${esc(_bdm.join(','))}" data-dep-target="${isLocal ? 'local' : 'remote'}" title="Install ${esc(_bdm.join(', '))} via the OS package manager on this target (requires passwordless sudo or root).">Install build deps</button>`
+        : '';
+      // Render the target-specific install command as a compact mono box
+      // when the server resolved it (target's /etc/os-release was readable
+      // AND the backend is known). The box doubles as the source of truth
+      // for the "Install build deps" button's failure toast — both surfaces
+      // show the same string for the same target.
+      const _instCmd = (_bdm.length && pkg.install_cmd_for_target) ? String(pkg.install_cmd_for_target) : '';
+      const _instCmdOs = pkg.install_cmd_os ? String(pkg.install_cmd_os) : '';
+      const _instCmdBe = pkg.install_cmd_backend ? String(pkg.install_cmd_backend) : '';
+      const _instLabel = (_instCmdOs && _instCmdBe) ? `${_instCmdOs} + ${_instCmdBe}` : (_instCmdOs || _instCmdBe || 'this target');
+      const _instCmdBox = _instCmd
+        ? `<div class="cookbook-dep-install-cmd" data-dep-cmd="${esc(_instCmd)}" style="margin-top:6px;font-size:10.5px;opacity:0.85;">`
+          + `<div style="opacity:0.65;margin-bottom:2px;">Install on ${esc(_instLabel)}:</div>`
+          + `<div style="display:flex;gap:4px;align-items:stretch;">`
+          + `<code style="flex:1;padding:4px 6px;background:color-mix(in srgb, var(--fg) 6%, transparent);border:1px solid var(--border);border-radius:4px;font-family:var(--mono, ui-monospace, monospace);font-size:10.5px;white-space:pre-wrap;word-break:break-all;">${esc(_instCmd)}</code>`
+          + `<button type="button" class="cookbook-dep-cmd-copy" data-dep-cmd-copy="${esc(_instCmd)}" title="Copy install command" style="padding:2px 8px;font-size:10px;border:1px solid var(--border);border-radius:4px;background:none;cursor:pointer;color:var(--fg-muted);">Copy</button>`
+          + `</div></div>`
+        : '';
+      // Partial-state row (replaces the cryptic yellow "Partial ▾" tag).
+      // Renders inline as a yellow banner with two clear actions: one-tap
+      // Install (runs the reinstall in cookbook) or Copy command (paste
+      // into a terminal). Same content surfaces whether the user solves
+      // it from inside Cookbook or from a shell.
+      const _gpuWheelCmd = 'CMAKE_ARGS="-DGGML_CUDA=on" python3 -m pip install --user --break-system-packages --force-reinstall --no-cache-dir "llama-cpp-python[server]" --extra-index-url https://abetlen.github.io/llama-cpp-python/whl/cu124';
+      const _gpuUpgradeBox = (pkg.partial && pkg.partial_action === 'reinstall_llama_cpp_cuda')
+        ? `<div class="cookbook-dep-gpu-upgrade" style="margin-top:6px;font-size:11px;display:flex;align-items:center;gap:6px;flex-wrap:wrap;background:color-mix(in srgb, var(--yellow, #f1fa8c) 14%, transparent);border:1px solid color-mix(in srgb, var(--yellow, #f1fa8c) 40%, var(--border));padding:6px 8px;border-radius:6px;">`
+          + `<span style="flex:1;min-width:160px;">Installed CPU-only — GPU detected on this target. Upgrade for ~10× faster inference.</span>`
+          + `<button type="button" class="cookbook-dep-tag cookbook-dep-install cookbook-dep-install-gpu-wheel" data-dep-target="${isLocal ? 'local' : 'remote'}" data-dep-gpu-cmd="${esc(_gpuWheelCmd)}" style="font-weight:600;">Install GPU wheel</button>`
+          + `<button type="button" class="cookbook-dep-tag cookbook-dep-cmd-copy" data-dep-cmd-copy="${esc(_gpuWheelCmd)}" title="Copy command to clipboard">Copy command</button>`
+          + `</div>`
+        : '';
       return `<div class="cookbook-dep-row${winBlocked ? ' cookbook-dep-blocked' : ''}" data-pkg-name="${esc(pkg.name)}" data-dep-pip="${esc(pkg.pip || '')}" data-dep-target="${isLocal ? 'local' : 'remote'}" data-dep-kind="${esc(pkg.kind || 'python')}">`
         + `<div class="cookbook-dep-info">`
         + `<div class="memory-item-title">${_depGlyphHtml(pkg.name)}${esc(pkg.name)}</div>`
         + `<div class="memory-item-meta" style="font-size:10px;opacity:0.5;margin-top:2px;">${esc(pkg.desc)}</div>`
         + note
         + updateNote
+        + _instCmdBox
         + `</div>`
         + _rebuildBtn
+        + _buildDepsBtn
         + `<span class="cookbook-dep-tag cookbook-dep-cat">${esc(pkg.category)}</span>`
         + _statusTag(pkg, isLocal, isSystemDep, winBlocked)
         + recipeCaret
@@ -985,8 +1108,15 @@ async function _fetchDependencies() {
         if (!res.ok || !data.ok) {
           // FastAPI HTTPException returns {detail: …}; the route's own
           // path returns {ok:false, error:…}. Surface whichever we get.
+          // Long duration + an OK button — the default 1.2s toast was
+          // disappearing before the user could read multi-clause errors
+          // like "tmux missing on remote".
           const reason = data.detail || data.error || `HTTP ${res.status}`;
-          uiModule.showToast('Install failed: ' + String(reason).slice(0, 200));
+          uiModule.showToast('Install failed: ' + String(reason).slice(0, 400), {
+            duration: 20000,
+            action: 'OK',
+            onAction: () => {},
+          });
           return;
         }
         // _dep flags this as a pip dependency/driver install (not a servable
@@ -996,12 +1126,16 @@ async function _fetchDependencies() {
         if (statusEl) { statusEl.textContent = upgrade ? 'Updating...' : 'Installing...'; statusEl.disabled = true; }
         uiModule.showToast(`${upgrade ? 'Updating' : 'Installing'} ${pkgName} on ${targetHost}...`);
       } catch (err) {
-        uiModule.showToast('Install failed: ' + err.message);
+        uiModule.showToast('Install failed: ' + err.message, {
+          duration: 20000,
+          action: 'OK',
+          onAction: () => {},
+        });
       }
     }
 
     // Wire install buttons (not-installed packages)
-    list.querySelectorAll('.cookbook-dep-install:not(.cookbook-dep-recipe-run)').forEach(btn => {
+    list.querySelectorAll('.cookbook-dep-install:not(.cookbook-dep-recipe-run):not(.cookbook-dep-install-sysdeps)').forEach(btn => {
       btn.addEventListener('click', async (e) => {
         e.stopPropagation();
         const pipName = btn.dataset.depPip;
@@ -1010,6 +1144,143 @@ async function _fetchDependencies() {
       });
     });
 
+    // Wire "Install build deps" buttons — surfaced on rows whose
+    // system_prereqs are missing (e.g. llama_cpp with no cmake on the
+    // target). One-tap call to /api/cookbook/install-system-deps; the
+    // route enforces a per-package allowlist and uses passwordless
+    // sudo only, so it can never silently hang or stretch beyond the
+    // build-toolchain set the catalog declares.
+    // "Partial ▾" upgrade tag: clicking it fires the action-specific
+    // install routine (currently only `reinstall_llama_cpp_cuda` —
+    // forces pip install with the abetlen CUDA wheel index to add GPU
+    // offload). Same install flow used at launch-time auto-fix, but
+    // user-initiated here so they don't have to launch + wait + retry.
+    list.querySelectorAll('.cookbook-dep-partial').forEach(btn => {
+      btn.addEventListener('click', async (e) => {
+        e.stopPropagation();
+        const action = btn.dataset.depPartialAction || '';
+        if (action !== 'reinstall_llama_cpp_cuda') return;
+        const isLocal = btn.dataset.depTarget === 'local';
+        if (!isLocal) {
+          const depsServerSel = document.getElementById('hwfit-deps-server');
+          if (depsServerSel) _applyServerSelection(depsServerSel.value);
+        }
+        const targetLabel = isLocal ? 'this server' : (_envState.remoteHost || 'remote');
+        const cmd = 'CMAKE_ARGS="-DGGML_CUDA=on" python3 -m pip install --user --break-system-packages --force-reinstall --no-cache-dir "llama-cpp-python[server]" --extra-index-url https://abetlen.github.io/llama-cpp-python/whl/cu124';
+        try {
+          const reqBody = {
+            repo_id: 'llama-cpp-python-cuda',
+            cmd,
+            remote_host: _envState.remoteHost || undefined,
+            ssh_port: _getPort(_envState.remoteHost) || undefined,
+            platform: _envState.platform || undefined,
+          };
+          const res = await fetch('/api/model/serve', {
+            method: 'POST', credentials: 'same-origin',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify(reqBody),
+          });
+          const data = await res.json().catch(() => ({}));
+          if (res.ok && data.ok) {
+            const payload = { repo_id: 'pip llama-cpp-python[CUDA]', _cmd: cmd, remote_host: _envState.remoteHost || '', _dep: true };
+            _addTask(data.session_id, 'pip llama-cpp-python[CUDA]', 'download', payload);
+            uiModule.showToast(`Reinstalling llama-cpp-python with CUDA wheels on ${targetLabel} (~1-3 min)…`, 4000);
+          } else {
+            uiModule.showToast('Upgrade failed: ' + String(data.detail || data.error || `HTTP ${res.status}`).slice(0, 300), {
+              duration: 20000, action: 'OK', onAction: () => {},
+            });
+          }
+        } catch (err) {
+          uiModule.showToast('Upgrade request failed: ' + err.message, { duration: 20000, action: 'OK', onAction: () => {} });
+        }
+      });
+    });
+
+    // Inline command-box "Copy" buttons — one per row that has a
+    // resolved per-target install command. Same string surfaces here
+    // and in the toast/diagnosis so the user always sees one answer.
+    list.querySelectorAll('.cookbook-dep-cmd-copy').forEach(btn => {
+      btn.addEventListener('click', async (e) => {
+        e.stopPropagation();
+        const cmd = btn.dataset.depCmdCopy || '';
+        if (!cmd) return;
+        try { await navigator.clipboard.writeText(cmd); }
+        catch { /* fall through */ }
+        const orig = btn.textContent;
+        btn.textContent = 'Copied';
+        setTimeout(() => { if (btn.isConnected) btn.textContent = orig; }, 1200);
+      });
+    });
+    list.querySelectorAll('.cookbook-dep-install-sysdeps').forEach(btn => {
+      btn.addEventListener('click', async (e) => {
+        e.stopPropagation();
+        const names = (btn.dataset.depSysdeps || '').split(',').map(s => s.trim()).filter(Boolean);
+        if (!names.length) return;
+        const isLocal = btn.dataset.depTarget === 'local';
+        // Pull the per-target install command from the sibling box on
+        // the same row, so failure toasts surface the SAME line the
+        // user already sees inline. No duplicated formatting logic.
+        const _row = btn.closest('.cookbook-dep-row');
+        const _cmdBox = _row?.querySelector('.cookbook-dep-install-cmd');
+        const _resolvedCmd = _cmdBox?.dataset.depCmd || '';
+        // Mirror _installDep: the Dependencies tab has its own server
+        // picker that can override _envState. Apply it before reading
+        // remoteHost, otherwise the install silently runs on the wrong
+        // target (container ends up with the packages, the real remote
+        // host stays broken, success toast misleads the user).
+        if (!isLocal) {
+          const depsServerSel = document.getElementById('hwfit-deps-server');
+          if (depsServerSel) _applyServerSelection(depsServerSel.value);
+        }
+        const targetLabel = isLocal ? 'this server' : (_envState.remoteHost || 'remote');
+        const origText = btn.textContent;
+        btn.textContent = 'Installing…';
+        btn.disabled = true;
+        try {
+          const body = { packages: names };
+          if (!isLocal && _envState.remoteHost) {
+            body.remote_host = _envState.remoteHost;
+            const _p = _getPort(_envState.remoteHost);
+            if (_p) body.ssh_port = _p;
+          }
+          const res = await fetch('/api/cookbook/install-system-deps', {
+            method: 'POST', credentials: 'same-origin',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify(body),
+          });
+          const data = await res.json().catch(() => ({}));
+          if (res.ok && data.ok) {
+            uiModule.showToast(`Installed ${names.join(', ')} on ${targetLabel}. Refreshing…`, 4000);
+            // Refresh the deps panel so the row updates (prereqs now present).
+            try { await _fetchDependencies(); } catch {}
+          } else {
+            const reason = data.error || data.detail || `HTTP ${res.status}`;
+            // Append the per-target install command (if we already know it
+            // from the row) so the user can copy-paste it without leaving
+            // the toast. Otherwise just surface the error.
+            const _suffix = _resolvedCmd ? `\n\nRun on ${targetLabel}: ${_resolvedCmd}` : '';
+            uiModule.showToast('Build-deps install failed: ' + String(reason).slice(0, 300) + _suffix, {
+              duration: 25000,
+              action: _resolvedCmd ? 'Copy command' : 'OK',
+              onAction: async () => {
+                if (_resolvedCmd) {
+                  try { await navigator.clipboard.writeText(_resolvedCmd); } catch {}
+                }
+              },
+            });
+            btn.textContent = origText;
+            btn.disabled = false;
+          }
+        } catch (err) {
+          uiModule.showToast('Install request failed: ' + err.message, {
+            duration: 20000, action: 'OK', onAction: () => {},
+          });
+          btn.textContent = origText;
+          btn.disabled = false;
+        }
+      });
+    });
+
     // ── Recipe panel wiring (per-backend dropdown with model + commands) ──
     // Caret toggle: shows/hides the panel directly below the backend row.
     list.querySelectorAll('[data-dep-recipe-toggle]').forEach(btn => {
@@ -1577,8 +1848,22 @@ function _wireTabEvents(body) {
   if (dlBtn && dlInput) {
     function _stripHfUrl(input) {
       let repo = input.trim();
+      // Strip a leading `hf download` / `hf-cli download` / `huggingface-cli
+      // download` wrapper so a paste from CLI docs Just Works. Drop the
+      // command prefix; the rest is parsed by the existing strippers.
+      repo = repo.replace(/^(?:huggingface-cli|hf-cli|hf)\s+(?:download|d)\s+/i, '');
+      // Strip the `hf://` (and `huggingface://`) scheme — the HF CLI
+      // accepts it as an alias and users naturally copy it. Same effect
+      // as the bare `org/repo[/file.gguf]` form after the strip.
+      repo = repo.replace(/^(?:hf|huggingface):\/\//i, '');
       // Strip Ollama-style "hf.co/" prefix if present (e.g. hf.co/unsloth/...:tag)
       repo = repo.replace(/^hf\.co\//, '');
+      // Full HF blob/resolve URL → turn into `org/repo/path/to/file` so
+      // the downstream `_splitRepoFile` can pick the file out.
+      // Matches: https://huggingface.co/org/repo/blob/branch/path/to/file.gguf
+      //          https://huggingface.co/org/repo/resolve/branch/path/to/file.gguf
+      const hfBlob = repo.match(/^https?:\/\/huggingface\.co\/([^/]+\/[^/?#]+)\/(?:blob|resolve)\/[^/?#]+\/([^?#]+)/);
+      if (hfBlob) return `${hfBlob[1]}/${hfBlob[2]}`;
       const hfMatch = repo.match(/^https?:\/\/huggingface\.co\/([^/]+\/[^/?#]+(?::[^/?#\s]+)?)/);
       if (hfMatch) repo = hfMatch[1];
       return repo;
@@ -1590,6 +1875,22 @@ function _wireTabEvents(body) {
       if (!m) return { repo: raw, include: null };
       return { repo: m[1], include: `*${m[2]}*` };
     }
+    // Split `org/repo/path/to/file.gguf` (or `.safetensors`/`.bin`) into
+    // repo + exact file include. Lets the user paste a path straight out
+    // of a HuggingFace "Files and versions" page or a copied filename
+    // without needing to peel the repo/file apart by hand. Returns null
+    // when the input doesn't look like a deep file path.
+    function _splitRepoFile(raw) {
+      // Must have at least 3 slash-separated segments AND end in a
+      // model-file extension to avoid eating Ollama tags or repo-only
+      // inputs like `org/repo`.
+      const parts = raw.split('/');
+      if (parts.length < 3) return null;
+      const fname = parts[parts.length - 1];
+      if (!/\.(gguf|safetensors|bin|pt|pth|onnx|mlx)(\?[^?]*)?$/i.test(fname)) return null;
+      const repo = parts.slice(0, 2).join('/');
+      return { repo, include: fname.replace(/\?.*$/, '') };
+    }
     // Ollama-library name. Matches `qwen2.5:14b`, `llama3:latest`, and the
     // (rare) `library/<name>:<tag>` form which we normalize by stripping the
     // namespace. The backend's _is_ollama_download check expects the same
@@ -1605,7 +1906,14 @@ function _wireTabEvents(body) {
       const rawRepo = _stripHfUrl(dlInput.value);
       if (!rawRepo) return;
       const ollamaName = _ollamaName(rawRepo);
-      const { repo, include: autoInclude } = ollamaName ? { repo: ollamaName, include: null } : _splitRepoTag(rawRepo);
+      // Prefer the deep-file split (org/repo/file.gguf → repo + exact
+      // include) over the tag split (org/repo:tag → glob include), and
+      // both over the plain repo case. Ollama names still take priority
+      // since they go through a different backend.
+      const _fileSplit = !ollamaName ? _splitRepoFile(rawRepo) : null;
+      const { repo, include: autoInclude } = ollamaName
+        ? { repo: ollamaName, include: null }
+        : (_fileSplit || _splitRepoTag(rawRepo));
       // HuggingFace repo IDs must be `org/model`. A bare model name would 404
       // at snapshot_download time with a raw traceback, so reject it up front.
       // Ollama names (single-segment with a tag) skip this check — they go
diff --git a/static/js/cookbookServe.js b/static/js/cookbookServe.js
index f3b5842b2..aba3f7926 100644
--- a/static/js/cookbookServe.js
+++ b/static/js/cookbookServe.js
@@ -10,6 +10,7 @@ import { providerLogo } from './providers.js';
 import { modelColor } from './chatRenderer.js';
 import { bindMenuDismiss, dismissOrRemove } from './escMenuStack.js';
 import { openCookbookDependencies } from './cookbook-diagnosis.js';
+import { _hwfitCache } from './cookbook-hwfit.js';
 
 // Shared state/functions injected by init()
 let _envState;
@@ -495,6 +496,7 @@ function _rerenderCachedModels() {
         item.classList.remove('doclib-card-expanded');
         item.style.flexDirection = '';
         item.style.alignItems = '';
+        item.style.maxHeight = '';
         list.style.minHeight = '';
         list.style.maxHeight = '';
         return;
@@ -508,6 +510,7 @@ function _rerenderCachedModels() {
         c.classList.remove('doclib-card-expanded');
         c.style.flexDirection = '';
         c.style.alignItems = '';
+        c.style.maxHeight = '';
       });
 
       const shortName = repo.split('/').pop();
@@ -620,13 +623,31 @@ function _rerenderCachedModels() {
       // stays as the source-of-truth so every existing change handler
       // (updateBackendVisibility, runtime readiness, command builder)
       // still fires via dispatchEvent('change') on selection.
-      panelHtml += `<label>${_l('Backend','Inference engine: vLLM, SGLang, llama.cpp, Ollama, or Diffusers')}<div class="hwfit-backend-picker" data-backend-picker style="position:relative;width:100%;"><select class="hwfit-sf hwfit-backend-source" data-field="backend" style="display:none;">${backendOpts}</select><button type="button" class="hwfit-backend-btn" data-backend-btn aria-haspopup="listbox" aria-expanded="false" style="display:flex;align-items:center;gap:6px;width:100%;height:28px;padding:0 8px;background:var(--bg);color:var(--fg);border:1px solid var(--border);border-radius:4px;font:inherit;font-size:11px;cursor:pointer;text-align:left;"><span class="hwfit-backend-btn-icon" data-backend-icon-slot aria-hidden="true" style="display:inline-flex;align-items:center;justify-content:center;width:16px;height:16px;color:var(--accent, var(--red));flex-shrink:0;"></span><span class="hwfit-backend-btn-label" data-backend-label style="flex:1;min-width:0;overflow:hidden;text-overflow:ellipsis;white-space:nowrap;"></span><svg width="10" height="10" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.5" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true" style="opacity:0.6;flex-shrink:0;"><polyline points="6 9 12 15 18 9"/></svg></button><div class="hwfit-backend-menu" data-backend-menu role="listbox" hidden style="position:absolute;top:calc(100% + 4px);left:0;right:0;z-index:100;background:var(--panel, var(--bg));border:1px solid var(--border);border-radius:6px;box-shadow:0 6px 20px rgba(0,0,0,0.22);padding:4px;"></div></div></label>`;
+      panelHtml += `<label>${_l('Backend','Inference engine: vLLM, SGLang, llama.cpp, Ollama, or Diffusers')}<div class="hwfit-backend-picker" data-backend-picker style="position:relative;width:100%;"><select class="hwfit-sf hwfit-backend-source" data-field="backend" style="display:none;">${backendOpts}</select><button type="button" class="hwfit-backend-btn" data-backend-btn aria-haspopup="listbox" aria-expanded="false" style="display:flex;align-items:center;gap:6px;width:100%;height:28px;padding:0 8px;background:var(--bg);color:var(--fg);border:1px solid var(--border);border-radius:4px;font:inherit;font-size:11px;cursor:pointer;text-align:left;position:relative;top:-3px;"><span class="hwfit-backend-btn-icon" data-backend-icon-slot aria-hidden="true" style="display:inline-flex;align-items:center;justify-content:center;width:16px;height:16px;color:var(--accent, var(--red));flex-shrink:0;"></span><span class="hwfit-backend-btn-label" data-backend-label style="flex:1;min-width:0;overflow:hidden;text-overflow:ellipsis;white-space:nowrap;"></span><svg width="10" height="10" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.5" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true" style="opacity:0.6;flex-shrink:0;"><polyline points="6 9 12 15 18 9"/></svg></button><div class="hwfit-backend-menu" data-backend-menu role="listbox" hidden style="position:absolute;top:calc(100% + 4px);left:0;right:0;z-index:100;background:var(--panel, var(--bg));border:1px solid var(--border);border-radius:6px;box-shadow:0 6px 20px rgba(0,0,0,0.22);padding:4px;"></div></div></label>`;
       panelHtml += `<input type="hidden" class="hwfit-sf" data-field="host" value="${esc(_es.remoteHost || '')}" />`;
+      // Inference mode pill (llama.cpp only) — lives directly to the
+      // RIGHT of Backend in Row 1 so the engine and the GPU/CPU choice
+      // are read together. .hwfit-backend-llamacpp visibility class
+      // hides it when the user switches to vLLM/SGLang/Ollama.
+      {
+        // Default CPU — works on every host without GPU/wheel matching
+        // hassle. User picks GPU explicitly if they have the right setup
+        // (avoids "click Launch → silent CPU fallback because the wheel
+        // is CPU-only" surprises that ate hours of debugging).
+        // Layout: CPU on left, GPU on right → mode-right triggers when
+        // GPU is selected so the sliding pill animates rightward.
+        // Default to GPU mode when hwfit detected a GPU backend on the
+        // current target — CPU as a global default sent the user down a
+        // 35GB-model-on-CPU rabbit hole (-ngl 0, no flash-attn, no GPU
+        // offload). Falls back to CPU only when hwfit detected no GPU
+        // (cpu_x86 / generic / unscanned) or the cache is stale.
+        const _hwBackend = String(_hwfitCache?.system?.backend || '').toLowerCase();
+        const _hwScanMatch = String(_hwfitCache?._scannedHost || '') === String(_envState.remoteHost || '');
+        const _llamaModeDefault = (_hwScanMatch && ['cuda', 'rocm', 'vulkan', 'metal', 'mps', 'apple'].includes(_hwBackend)) ? 'gpu' : 'cpu';
+        const _llamaMode = sv('llama_mode', _llamaModeDefault);
+        panelHtml += `<label class="hwfit-backend-llamacpp">${_l('Inference','CPU (default) = -ngl 0 (works anywhere). GPU = -ngl 99 (offload all layers; needs CUDA/ROCm/Vulkan-built llama-cpp).')}<div class="mode-toggle${_llamaMode === 'gpu' ? ' mode-right' : ''}" data-llama-mode-toggle style="display:flex;width:100%;height:30px;position:relative;top:2px;"><button type="button" class="mode-toggle-btn${_llamaMode === 'cpu' ? ' active' : ''}" data-llama-mode="cpu" aria-pressed="${_llamaMode === 'cpu'}" style="flex:1;"><span style="position:relative;top:-5px;">CPU</span></button><button type="button" class="mode-toggle-btn${_llamaMode === 'gpu' ? ' active' : ''}" data-llama-mode="gpu" aria-pressed="${_llamaMode === 'gpu'}" style="flex:1;"><span style="position:relative;top:-5px;">GPU</span></button></div><input type="hidden" class="hwfit-sf" data-field="llama_mode" value="${esc(_llamaMode)}" /></label>`;
+      }
       panelHtml += `<label>${_l('venv','Path to Python venv or conda env activate script')}<input type="text" class="hwfit-sf hwfit-sf-wide" data-field="venv" value="${esc(sv('venv', _es.envPath || _srvVenv || ''))}" placeholder="~/venv" /></label>`;
-      // Dtype lives in Row 1 (next to venv) — it's the first knob people
-      // change when matching the model to the box, so it earns top-row
-      // real estate over Row 2's launch-tuning controls.
-      panelHtml += `<label>${_l('Dtype','Data type for weights. auto picks best for GPU')}<select class="hwfit-sf" data-field="dtype">${dtypeOpts}</select></label>`;
       const defaultPort = defaultBackend === 'ollama' ? '11434' : _nextAvailablePort();
       panelHtml += `<label>${_l('Port','HTTP port for the API server')}<input type="text" class="hwfit-sf" data-field="port" value="${esc(sv('port', defaultPort))}" /></label>`;
       const _activeGpus = (defaultGpus || '').split(',').map(s => s.trim()).filter(Boolean);
@@ -642,7 +663,7 @@ function _rerenderCachedModels() {
       // separates the GPU chiclets from the GPU Mem field that follows
       // (asked-for breathing room; 4px on either side felt cramped on
       // the GPU-Mem boundary).
-      const _gpusLabelHtml = `<label class="hwfit-gpus-label" style="margin:0 8px 0 4px;">${_l('GPUs','Toggle which GPUs to use')}<div class="cookbook-gpu-group">${_gpuBtnsHtml}</div><input type="hidden" class="hwfit-sf" data-field="gpus" value="${esc(defaultGpus)}" /></label>`;
+      const _gpusLabelHtml = `<label class="hwfit-gpus-label cookbook-llama-gpu-only" style="margin:0 8px 0 4px;">${_l('GPUs','Toggle which GPUs to use')}<div class="cookbook-gpu-group">${_gpuBtnsHtml}</div><input type="hidden" class="hwfit-sf" data-field="gpus" value="${esc(defaultGpus)}" /></label>`;
       // Save / saved-configs split button — sits at the right end of Row 1.
       panelHtml += _slotsHtml;
       panelHtml += `</div>`;
@@ -664,10 +685,12 @@ function _rerenderCachedModels() {
       // (Swap, KV Cache, Attention backend, Env vars, llama.cpp batch/ubatch)
       // moved to the Advanced fold below to keep this row scannable.
       panelHtml += `<div class="hwfit-serve-row hwfit-serve-row-core hwfit-backend-vllm hwfit-backend-sglang hwfit-backend-llamacpp hwfit-backend-ollama">`;
-      // Order: TP → Context → Max Seqs → GPUs → GPU Mem.
-      // Dtype moved up to Row 1. GPUs moved here next to GPU Mem so the
-      // "which devices + how much of them" decisions sit adjacent. Max
-      // Seqs follows Context per the "request-shape" cluster.
+      // Order: Dtype → TP → Context → Max Seqs → GPUs → GPU Mem.
+      // Dtype moved down from Row 1 to make space for the Inference pill
+      // (llama.cpp GPU/CPU toggle, llamacpp-only). GPUs lives next to
+      // GPU Mem so "which devices + how much" sit adjacent. Max Seqs
+      // follows Context per the "request-shape" cluster.
+      panelHtml += `<label>${_l('Dtype','Data type for weights. auto picks best for GPU')}<select class="hwfit-sf" data-field="dtype">${dtypeOpts}</select></label>`;
       panelHtml += `<label class="hwfit-backend-vllm hwfit-backend-sglang">${_l('TP','Tensor Parallelism — split model across N GPUs')}<select class="hwfit-sf" data-field="tp">${tpOpts}</select></label>`;
       // ctx resets to the model's max on every panel open (the real ctx slider
       // lives in the Scan/Download toolbar — see cookbook.js .hwfit-ctx-control).
@@ -711,12 +734,6 @@ function _rerenderCachedModels() {
       // container — left an empty trailing column gap on wide modals).
       panelHtml += `<label class="hwfit-backend-vllm hwfit-backend-sglang" style="grid-column:1 / -1;">${_l('Env','Extra KEY=VALUE env-var pairs prepended to the launch (space-separated). Example: CUDACXX=$VIRTUAL_ENV/lib/python3.10/site-packages/nvidia/cuda_nvcc/bin/nvcc — points flashinfer at the venv-bundled nvcc when the system one is too old for your GPU.')}<input type="text" class="hwfit-sf" data-field="extra_env" value="${esc(sv('extra_env',''))}" placeholder="CUDACXX=/path/to/nvcc NCCL_P2P_DISABLE=1" style="width:100%;" /></label>`;
       panelHtml += `</div>`;
-      // Advanced llama.cpp row (Batch / UBatch — moved out of Core for the
-      // same "rarely touched" reason as the vLLM extras above).
-      panelHtml += `<div class="hwfit-serve-row hwfit-backend-llamacpp">`;
-      panelHtml += `<label class="hwfit-backend-llamacpp">${_l('Batch','llama.cpp prompt batch size. Leave blank for llama.cpp default.')}<input type="text" class="hwfit-sf" data-field="llama_batch_size" value="${esc(sv('llama_batch_size', ''))}" placeholder="2048" /></label>`;
-      panelHtml += `<label class="hwfit-backend-llamacpp">${_l('UBatch','llama.cpp physical micro-batch size. Leave blank for llama.cpp default.')}<input type="text" class="hwfit-sf" data-field="llama_ubatch_size" value="${esc(sv('llama_ubatch_size', ''))}" placeholder="512" /></label>`;
-      panelHtml += `</div>`;
       // Row 2b: Diffusers settings
       const diffDtypeOpts = ['bfloat16','float16','float32'].map(d => `<option value="${d}"${sv('diff_dtype','bfloat16')===d?' selected':''}>${d}</option>`).join('');
       const deviceMapOpts = ['balanced','auto','sequential'].map(d => `<option value="${d}"${sv('diff_device_map','balanced')===d?' selected':''}>${d}</option>`).join('');
@@ -740,13 +757,19 @@ function _rerenderCachedModels() {
       panelHtml += `<div class="hwfit-serve-checks hwfit-backend-vllm hwfit-backend-sglang">`;
       panelHtml += `<label class="hwfit-sf-cb"><input type="checkbox" class="hwfit-sf" data-field="trust_remote"${sv('trust_remote',false)?' checked':''} /> Trust Remote Code${_h('Allow model to run custom code from HuggingFace')}</label>`;
       panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm"><input type="checkbox" class="hwfit-sf" data-field="auto_tool"${sv('auto_tool',false)?' checked':''} /> Auto Tool Choice${_h('Enable function/tool calling for agent mode')}</label>`;
-      if (_rp_name) panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm"><input type="checkbox" class="hwfit-sf" data-field="reasoning_parser" data-parser="${_rp_name}" /> Reasoning Parser <span class="hwfit-parser-tag">${_rp_name}</span></label>`;
+      // Always-render the Reasoning Parser, Expert Parallel, and MoE Env
+      // checkboxes — the model-family detection above is a hint, not a
+      // hard gate. User asked to keep these visible regardless so that
+      // a borderline-undetected MoE/reasoning model can still toggle
+      // them without dropping back to the raw command box.
+      panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm"><input type="checkbox" class="hwfit-sf" data-field="reasoning_parser" data-parser="${_rp_name || ''}" /> Reasoning Parser${_rp_name ? ` <span class="hwfit-parser-tag">${_rp_name}</span>` : ''}${_h('Splits <think> tokens into a separate channel. The tag (when shown) is the auto-detected parser; edit the command if you need a different one.')}</label>`;
       panelHtml += `<label class="hwfit-sf-cb"><input type="checkbox" class="hwfit-sf" data-field="enforce_eager"${sv('enforce_eager',false)?' checked':''} /> Enforce Eager${_h('Disable CUDA graphs. Slower but uses less memory')}</label>`;
       panelHtml += `<label class="hwfit-sf-cb"><input type="checkbox" class="hwfit-sf" data-field="prefix_cache"${sv('prefix_cache',false)?' checked':''} /> Prefix Caching${_h('Cache shared prompt prefixes across requests')}</label>`;
       // Inline the previously-second vLLM checks row so Expert Parallel /
       // Speculative / MoE Env sit next to Prefix Caching with no gap. All
-      // three are vLLM-only — class-gated so they hide on SGLang.
-      if (_opts2_row3.flags.includes('--enable-expert-parallel')) panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm"><input type="checkbox" class="hwfit-sf" data-field="expert_parallel" /> Expert Parallel</label>`;
+      // three are vLLM-only — class-gated so they hide on SGLang. Always
+      // render so the user can flip them on for any MoE model.
+      panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm"><input type="checkbox" class="hwfit-sf" data-field="expert_parallel" /> Expert Parallel${_h('MoE: shard expert layers across GPUs. Helps for MiniMax M-series, Qwen3 A3B/A10B/A22B MoE, DeepSeek V3+/R1. Ignored / wasteful on dense models.')}</label>`;
       {
         const _specDef = _opts2_row3.spec || { method: 'mtp', tokens: 3 };
         const _specMethod = sv('spec_method', _specDef.method);
@@ -757,27 +780,39 @@ function _rerenderCachedModels() {
           `<option value="${m}"${m === _specMethod ? ' selected' : ''}>${m}</option>`).join('');
         panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm hwfit-spec-group"><input type="checkbox" class="hwfit-sf" data-field="speculative" /> Speculative <select class="hwfit-sf hwfit-spec-method" data-field="spec_method" title="vLLM --speculative-config method">${_specOpts}</select><input type="number" class="hwfit-sf hwfit-spec-tokens hwfit-spec-tokens-bare" data-field="spec_tokens" value="${esc(_specTokens)}" min="1" max="10" title="num_speculative_tokens" style="width:44px;" /><span class="hwfit-help-chip hwfit-help-chip-inline" title="MTP / speculative decoding is supported on a few model families only — turn it on when the model card explicitly recommends it. On supported models it can boost inference throughput up to ~3×; on unsupported models it will either be ignored or fail to launch." style="margin-left:6px;">?</span></label>`;
       }
-      if (_opts2_row3.envVars.length) panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm"><input type="checkbox" class="hwfit-sf" data-field="moe_env" /> MoE Env Vars</label>`;
+      // Always-render MoE Env Vars — the env vars dict is empty for
+      // most dense models (toggle is a no-op then), but for MoE families
+      // the user can still flip it on without re-fitting model detection.
+      panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm"><input type="checkbox" class="hwfit-sf" data-field="moe_env" /> MoE Env Vars${_h('Adds MoE-specific env vars to the launch command: VLLM_USE_DEEP_GEMM=0, VLLM_USE_FLASHINFER_MOE_FP16=1, OMP_NUM_THREADS=4. Helpful on MoE models like Qwen3 A3B/A10B, MiniMax, DeepSeek V3+; ignored on dense models.')}</label>`;
       panelHtml += `</div>`;
-      // Row 2c: llama.cpp fit/perf flags (set by Auto profiles, editable by hand)
+      // ── llama.cpp Advanced — grouped by purpose ──
+      // Three clean field rows + one checkbox row, all selects/inputs the
+      // same 28px height (no per-field `top:-Npx` nudges). Groups follow
+      // user mental model: (1) where it runs on GPU, (2) how memory is
+      // shaped, (3) how requests are batched, (4) on/off toggles.
       const _kvOpts = ['', 'q4_0', 'q8_0', 'f16'].map(k => `<option value="${k}"${sv('cache_type','')===k?' selected':''}>${k||'default'}</option>`).join('');
       const llamaFitOpts = ['', 'off', 'on'].map(d => `<option value="${d}"${sv('llama_fit','')===d?' selected':''}>${d||'default'}</option>`).join('');
       const llamaSplitModeOpts = ['', 'layer', 'tensor', 'row', 'none'].map(d => `<option value="${d}"${sv('llama_split_mode','')===d?' selected':''}>${d||'default'}</option>`).join('');
+
+      // Group 1 — GPU placement (GPU-only, hides in CPU mode)
+      panelHtml += `<div class="hwfit-serve-row hwfit-backend-llamacpp cookbook-llama-gpu-only">`;
+      panelHtml += `<label>${_l('Split Mode','llama.cpp GPU placement. layer = default; tensor splits weights and KV across GPUs.')}<select class="hwfit-sf" data-field="llama_split_mode">${llamaSplitModeOpts}</select></label>`;
+      panelHtml += `<label>${_l('Tensor Split','GPU proportions, e.g. 50,50 across two GPUs. Blank = auto.')}<input type="text" class="hwfit-sf" data-field="llama_tensor_split" value="${esc(sv('llama_tensor_split', ''))}" placeholder="auto" /></label>`;
+      panelHtml += `<label>${_l('Main GPU','--main-gpu index inside the visible GPU set. Useful for split mode none/row.')}<input type="text" class="hwfit-sf" data-field="llama_main_gpu" value="${esc(sv('llama_main_gpu', ''))}" placeholder="auto" /></label>`;
+      panelHtml += `</div>`;
+
+      // Group 2 — Memory tuning (KV cache + MoE-on-CPU + Fit policy)
       panelHtml += `<div class="hwfit-serve-row hwfit-backend-llamacpp">`;
-      panelHtml += `<label>${_l('CPU MoE','n-cpu-moe: number of MoE expert layers to run on CPU when the model is bigger than VRAM. 0 = all on GPU. Set automatically by the Auto profiles below.')}<input type="text" class="hwfit-sf" data-field="n_cpu_moe" value="${esc(sv('n_cpu_moe',''))}" placeholder="0" style="width:54px;position:relative;top:-8px;" /></label>`;
-      panelHtml += `<label>${_l('KV Cache','cache-type-k/v: quantize the KV cache. q4_0 = smallest (more context), q8_0 = sharp long-context, f16 = full. Blank = llama.cpp default.')}<select class="hwfit-sf" data-field="cache_type">${_kvOpts}</select></label>`;
-      panelHtml += `<label class="hwfit-sf-cb" style="align-self:end;"><input type="checkbox" class="hwfit-sf" data-field="flash_attn"${sv('flash_attn',false)?' checked':''} /> Flash Attn${_h('--flash-attn on: faster attention + needed for quantized KV cache.')}</label>`;
-      panelHtml += `<label class="hwfit-sf-cb" style="align-self:end;"><input type="checkbox" class="hwfit-sf" data-field="vision"${sv('vision',false)?' checked':''} /> Vision${_h('Serve with the vision encoder so the model can read images. Auto-finds an mmproj-*.gguf next to the model (download one into the model folder). Adds ~1 GB VRAM + a small per-image cost.')}</label>`;
+      panelHtml += `<label>${_l('KV Cache','cache-type-k/v: quantize the KV cache. q4_0 = smallest (more context), q8_0 = long-context, f16 = full.')}<select class="hwfit-sf" data-field="cache_type">${_kvOpts}</select></label>`;
+      panelHtml += `<label class="cookbook-llama-gpu-only">${_l('CPU MoE','n-cpu-moe: number of MoE expert layers to run on CPU when the model is bigger than VRAM. 0 = all on GPU.')}<input type="text" class="hwfit-sf" data-field="n_cpu_moe" value="${esc(sv('n_cpu_moe',''))}" placeholder="0" /></label>`;
       panelHtml += `<label>${_l('Fit','llama.cpp --fit. Leave default unless you need explicit off/on behavior for a preset.')}<select class="hwfit-sf" data-field="llama_fit">${llamaFitOpts}</select></label>`;
       panelHtml += `</div>`;
-      // Row 2d: native llama-server placement/runtime controls. These are
-      // explicit overrides for known-good advanced presets; blank keeps
-      // llama.cpp/profile defaults.
+
+      // Group 3 — Request batching (Batch / UBatch / Parallel)
       panelHtml += `<div class="hwfit-serve-row hwfit-backend-llamacpp">`;
-      panelHtml += `<label>${_l('Split Mode','llama.cpp GPU placement. layer is the usual default; tensor splits weights and KV across GPUs.')}<select class="hwfit-sf" data-field="llama_split_mode" style="position:relative;top:-8px;">${llamaSplitModeOpts}</select></label>`;
-      panelHtml += `<label>${_l('Tensor Split','GPU proportions for llama.cpp, e.g. 50,50 across two visible GPUs. Leave blank for auto.')}<input type="text" class="hwfit-sf" data-field="llama_tensor_split" value="${esc(sv('llama_tensor_split', ''))}" placeholder="50,50" /></label>`;
-      panelHtml += `<label>${_l('Main GPU','llama.cpp --main-gpu index inside the visible GPU set. Mostly useful for split mode none/row.')}<input type="text" class="hwfit-sf" data-field="llama_main_gpu" value="${esc(sv('llama_main_gpu', ''))}" placeholder="auto" /></label>`;
-      panelHtml += `<label>${_l('Parallel','llama.cpp parallel slots. Leave blank for llama.cpp default; 1 matches single-lane presets.')}<input type="text" class="hwfit-sf" data-field="llama_parallel" value="${esc(sv('llama_parallel', ''))}" placeholder="1" /></label>`;
+      panelHtml += `<label>${_l('Batch','llama.cpp prompt batch size. Blank = default.')}<input type="text" class="hwfit-sf" data-field="llama_batch_size" value="${esc(sv('llama_batch_size', ''))}" placeholder="2048" /></label>`;
+      panelHtml += `<label>${_l('UBatch','llama.cpp physical micro-batch size. Blank = default.')}<input type="text" class="hwfit-sf" data-field="llama_ubatch_size" value="${esc(sv('llama_ubatch_size', ''))}" placeholder="512" /></label>`;
+      panelHtml += `<label>${_l('Parallel','llama.cpp parallel slots. Blank = default; 1 matches single-lane presets.')}<input type="text" class="hwfit-sf" data-field="llama_parallel" value="${esc(sv('llama_parallel', ''))}" placeholder="1" /></label>`;
       panelHtml += `</div>`;
       // Auto-profile chips row removed — visual fit with the rest of the
       // serve panel was off, and the manual ctx/n_cpu_moe/cache controls
@@ -791,12 +826,19 @@ function _rerenderCachedModels() {
       panelHtml += `<span style="opacity:0.7;">GPU memory:</span>`;
       panelHtml += `<span class="hwfit-vram-readout" style="opacity:0.5;">checking…</span>`;
       panelHtml += `</div>`;
-      // Row 3a: Checkboxes (llama.cpp-only)
+      // Group 4 — llama.cpp toggles. Single row of checkboxes, GPU-only
+      // ones (Flash Attn, Unified Memory, Allow CPU overflow) hide
+      // automatically in CPU mode. Order: perf-critical → safety → I/O →
+      // niche. MTP Spec sits last because it owns its own numstep widget
+      // and is the widest item.
       panelHtml += `<div class="hwfit-serve-checks hwfit-backend-llamacpp">`;
-      panelHtml += `<label class="hwfit-sf-cb"><input type="checkbox" class="hwfit-sf" data-field="unified_mem"${sv('unified_mem',false)?' checked':''} /> Unified Memory${_h('For AMD APUs / Strix Halo: exports GGML_CUDA_ENABLE_UNIFIED_MEMORY=1 so llama.cpp can address the full BIOS VRAM carveout instead of the default ~28 GB cap. No-op on discrete GPUs.')}</label>`;
-      panelHtml += `<label class="hwfit-sf-cb"><input type="checkbox" class="hwfit-sf" data-field="llama_no_mmap"${sv('llama_no_mmap',false)?' checked':''} /> No mmap${_h('Adds --no-mmap for native llama-server. Useful for some high-context/local-storage setups, but not a universal default.')}</label>`;
-      panelHtml += `<label class="hwfit-sf-cb"><input type="checkbox" class="hwfit-sf" data-field="llama_no_warmup"${sv('llama_no_warmup',false)?' checked':''} /> Skip warmup${_h('Adds --no-warmup. Can reduce startup memory spikes for tight launches, but llama.cpp defaults to warming up.')}</label>`;
-      panelHtml += `<label class="hwfit-sf-cb hwfit-spec-group"><input type="checkbox" class="hwfit-sf" data-field="llama_speculative_mtp"${sv('llama_speculative_mtp',false)?' checked':''} /> MTP Spec${_h('llama.cpp native MTP speculative decoding: --spec-type draft-mtp. Requires a GGUF with MTP heads and a recent llama-server build.')} <span class="hwfit-numstep"><button type="button" class="hwfit-numstep-btn" data-step="-1" tabindex="-1" aria-label="Decrease">‹</button><input type="number" class="hwfit-sf hwfit-spec-tokens" data-field="llama_spec_tokens" value="${esc(sv('llama_spec_tokens', '3'))}" min="1" max="10" title="--spec-draft-n-max" /><button type="button" class="hwfit-numstep-btn" data-step="1" tabindex="-1" aria-label="Increase">›</button></span></label>`;
+      panelHtml += `<label class="hwfit-sf-cb cookbook-llama-gpu-only"><input type="checkbox" class="hwfit-sf" data-field="flash_attn"${sv('flash_attn',false)?' checked':''} /> Flash Attn${_h('--flash-attn on: faster attention + needed for quantized KV cache. Auto by default.')}</label>`;
+      panelHtml += `<label class="hwfit-sf-cb cookbook-llama-gpu-only"><input type="checkbox" class="hwfit-sf" data-field="unified_mem"${sv('unified_mem',false)?' checked':''} /> Unified Memory${_h('For AMD APUs / Strix Halo: exports GGML_CUDA_ENABLE_UNIFIED_MEMORY=1 so llama.cpp can address the full BIOS VRAM carveout instead of the default ~28 GB cap. No-op on discrete GPUs.')}</label>`;
+      panelHtml += `<label class="hwfit-sf-cb cookbook-llama-gpu-only"><input type="checkbox" class="hwfit-sf" data-field="llama_cpu_overflow"${sv('llama_cpu_overflow',false)?' checked':''} /> Allow CPU overflow${_h('OFF (default): cookbook blocks launches that would overflow GPU VRAM. ON: layers/KV cache that do not fit get pushed to CPU (slow).')}</label>`;
+      panelHtml += `<label class="hwfit-sf-cb cookbook-llama-gpu-only"><input type="checkbox" class="hwfit-sf" data-field="vision"${sv('vision',false)?' checked':''} /> Vision${_h('Serve with the vision encoder so the model can read images. Auto-finds an mmproj-*.gguf next to the model. Adds ~1 GB VRAM.')}</label>`;
+      panelHtml += `<label class="hwfit-sf-cb"><input type="checkbox" class="hwfit-sf" data-field="llama_no_mmap"${sv('llama_no_mmap',false)?' checked':''} /> No mmap${_h('Adds --no-mmap. Useful for some high-context/local-storage setups.')}</label>`;
+      panelHtml += `<label class="hwfit-sf-cb"><input type="checkbox" class="hwfit-sf" data-field="llama_no_warmup"${sv('llama_no_warmup',false)?' checked':''} /> Skip warmup${_h('Adds --no-warmup. Reduces startup memory spikes; llama.cpp defaults to warming up.')}</label>`;
+      panelHtml += `<label class="hwfit-sf-cb hwfit-spec-group"><input type="checkbox" class="hwfit-sf" data-field="llama_speculative_mtp"${sv('llama_speculative_mtp',false)?' checked':''} /> MTP Spec${_h('llama.cpp native MTP speculative decoding: --spec-type draft-mtp. Requires a GGUF with MTP heads.')} <span class="hwfit-numstep"><button type="button" class="hwfit-numstep-btn" data-step="-1" tabindex="-1" aria-label="Decrease">‹</button><input type="number" class="hwfit-sf hwfit-spec-tokens" data-field="llama_spec_tokens" value="${esc(sv('llama_spec_tokens', '3'))}" min="1" max="10" title="--spec-draft-n-max" /><button type="button" class="hwfit-numstep-btn" data-step="1" tabindex="-1" aria-label="Increase">›</button></span></label>`;
       panelHtml += `</div>`;
       // Row 3b: Checkboxes (diffusers)
       panelHtml += `<div class="hwfit-serve-checks hwfit-backend-diffusers">`;
@@ -859,6 +901,21 @@ function _rerenderCachedModels() {
       const panel = item.querySelector('.hwfit-serve-panel');
       // Scroll the serve panel into view within its nearest scrollable ancestor
       requestAnimationFrame(() => panel.scrollIntoView({ block: 'nearest', behavior: 'smooth' }));
+      // Firefox-mobile fallback: the CSS that grows the cached-list and
+      // expanded card uses :has(.doclib-card-expanded), which Firefox
+      // mobile doesn't support — so the panel stays collapsed and the
+      // form is unusable. Pin explicit px heights here. On Chromium/
+      // WebKit the !important CSS still wins, so this is a no-op there.
+      // (See project_skills_expand_firefox memory note.)
+      requestAnimationFrame(() => {
+        try {
+          const _itemH = Math.max(item.scrollHeight, item.getBoundingClientRect().height);
+          if (_itemH > 0) item.style.maxHeight = _itemH + 'px';
+          const _listH = Math.max(list.scrollHeight, list.getBoundingClientRect().height);
+          if (_listH > 0) list.style.maxHeight = _listH + 'px';
+          list.style.minHeight = _listH + 'px';
+        } catch {}
+      });
 
       // Build command preview
       function updateCmd() {
@@ -1859,6 +1916,49 @@ function _rerenderCachedModels() {
           updateCmd();
         });
       });
+      // llama.cpp GPU/CPU mode-toggle pill wiring. Clicking GPU or CPU
+      // flips the .active classes + .mode-right marker (so the sliding
+      // pill matches Agent/Chat), updates the hidden data-field input,
+      // and fires a change event so the existing field-change handler
+      // rebuilds the serve cmd (sets -ngl 99 vs -ngl 0).
+      panel.querySelectorAll('[data-llama-mode-toggle]').forEach(group => {
+        group.querySelectorAll('.mode-toggle-btn').forEach(btn => {
+          btn.addEventListener('click', (e) => {
+            e.preventDefault(); e.stopPropagation();
+            const want = btn.dataset.llamaMode;
+            if (!want) return;
+            group.querySelectorAll('.mode-toggle-btn').forEach(b => {
+              const isActive = b.dataset.llamaMode === want;
+              b.classList.toggle('active', isActive);
+              b.setAttribute('aria-pressed', isActive ? 'true' : 'false');
+            });
+            group.classList.toggle('mode-right', want === 'gpu');
+            const hidden = group.parentElement.querySelector('[data-field="llama_mode"]');
+            if (hidden) {
+              hidden.value = want;
+              hidden.dispatchEvent(new Event('change', { bubbles: true }));
+            }
+            // Hide every GPU-only control (chiclets, Tensor Split,
+            // Split Mode, Main GPU, Flash Attn, Unified Memory, etc.)
+            // in CPU mode — `-ngl 0` ignores them and showing them
+            // implies they matter.
+            panel.classList.toggle('cookbook-llama-cpu-mode', want === 'cpu');
+            panel.querySelectorAll('.cookbook-llama-gpu-only').forEach(el => {
+              el.style.display = (want === 'cpu') ? 'none' : '';
+            });
+          });
+        });
+      });
+      // Apply the CPU-mode visibility on first render too, so a saved
+      // preset that loaded with llama_mode=cpu hides GPU controls
+      // immediately instead of flashing them then disappearing.
+      {
+        const _saved = panel.querySelector('[data-field="llama_mode"]')?.value || 'gpu';
+        if (_saved === 'cpu') {
+          panel.classList.add('cookbook-llama-cpu-mode');
+          panel.querySelectorAll('.cookbook-llama-gpu-only').forEach(el => { el.style.display = 'none'; });
+        }
+      }
       // Themed +/- buttons next to spec_tokens — step the adjacent number input.
       panel.querySelectorAll('.hwfit-numstep-btn').forEach(btn => {
         btn.addEventListener('click', (e) => {
@@ -2025,6 +2125,140 @@ function _rerenderCachedModels() {
           });
           return;
         }
+        // llama.cpp VRAM-fit preflight. Catches the silent-CPU-fallback
+        // trap: when the model + KV cache exceed the selected GPUs' free
+        // VRAM, llama-cpp-python doesn't error — it pushes layers/KV to
+        // CPU and inference crawls at sub-1 tok/s. Off by default; can
+        // be bypassed per-launch via the dialog's "Allow CPU overflow"
+        // action, OR persistently by ticking the same-named checkbox.
+        if (serveState.backend === 'llamacpp'
+            && String(serveState.llama_mode || 'gpu') !== 'cpu'
+            && !serveState.llama_cpu_overflow) {
+          try {
+            const _ctx = Math.max(1, parseInt(serveState.ctx, 10) || 8192);
+            // Model size on disk — close enough for GPU footprint of a GGUF.
+            const _modelBytes = Number(m?.size_bytes || 0) || Math.round((Number(m?.size_gb || 0)) * 1024 * 1024 * 1024);
+            const _modelGb = _modelBytes / (1024 ** 3);
+            // KV cache heuristic. ~0.7MB / token / 7.5GB-of-model at fp16
+            // KV, scaled linearly by model size. Imperfect but covers
+            // the common 7B–70B range within ~20% — good enough to catch
+            // overflow before it silently happens.
+            const _kvGbPerToken = _modelGb > 0 ? (_modelGb / 7.5) * 0.0007 : 0.0007;
+            const _kvGb = _ctx * _kvGbPerToken;
+            const _needGb = _modelGb + _kvGb;
+            const _selStr = (serveState.gpus || '').trim();
+            const _selIdx = _selStr ? _selStr.split(',').map(s => parseInt(s.trim(), 10)).filter(n => Number.isFinite(n)) : [0];
+            // Fetch FRESH GPU data per-launch — the hwfit cache may be
+            // stale or for a different host (e.g. user switched server
+            // picker without scanning), which used to silently skip the
+            // preflight and let the launch silently fall to CPU.
+            let _hwGpus = [];
+            try {
+              const _gh = (_envState.remoteHost || '').trim();
+              const _gp = new URLSearchParams();
+              if (_gh) {
+                _gp.set('host', _gh);
+                const _sp = (_serverByVal?.(_envState.remoteServerKey || _gh) || {}).port;
+                if (_sp) _gp.set('ssh_port', _sp);
+              }
+              const _gr = await fetch('/api/cookbook/gpus' + (_gp.toString() ? '?' + _gp : ''), { credentials: 'same-origin' });
+              if (_gr.ok) {
+                const _gd = await _gr.json();
+                _hwGpus = Array.isArray(_gd) ? _gd : (_gd.gpus || []);
+              }
+            } catch {}
+            const _freeFor = (idx) => {
+              const g = _hwGpus[idx];
+              const mb = g?.free_mb;
+              return Number.isFinite(mb) ? mb / 1024 : 0;
+            };
+            const _selFreeGb = _selIdx.reduce((s, i) => s + _freeFor(i), 0);
+            // Skip the gate when we don't have any free-VRAM data (probe
+            // failed) — better to let the launch try than silently refuse
+            // on a missing data point.
+            if (_selFreeGb > 0 && _needGb > _selFreeGb && _modelGb > 0) {
+              // Suggest the smallest set of additional GPUs whose free
+              // VRAM closes the gap. Greedy by largest-free-first.
+              const _candidates = _hwGpus
+                .map((g, i) => ({ i, free: _freeFor(i) }))
+                .filter(x => !_selIdx.includes(x.i) && x.free > 0)
+                .sort((a, b) => b.free - a.free);
+              const _addGpus = [];
+              let _runFree = _selFreeGb;
+              for (const c of _candidates) {
+                _addGpus.push(c.i); _runFree += c.free;
+                if (_runFree >= _needGb) break;
+              }
+              const _canAddGpu = _runFree >= _needGb && _addGpus.length > 0;
+              // Recommend ctx that just-fits on current selection.
+              const _recCtxRaw = Math.floor((_selFreeGb - _modelGb) / _kvGbPerToken);
+              const _recCtx = Math.max(1024, Math.floor(_recCtxRaw / 1024) * 1024);
+              // Custom modal — styledConfirm only takes 2 buttons; this
+              // surface needs up to 4 actions (Reduce / Add GPUs / Allow / Cancel).
+              const _action = await new Promise(resolve => {
+                const ov = document.createElement('div');
+                ov.className = 'modal';
+                ov.style.cssText = 'display:flex;align-items:center;justify-content:center;z-index:10050;position:fixed;inset:0;background:rgba(0,0,0,0.4);';
+                const _btnRow = [];
+                if (_recCtx > 1024 && _recCtx < _ctx) {
+                  _btnRow.push(`<button data-vram-action="reduce" class="confirm-btn confirm-btn-primary" style="width:100%;">Reduce ctx to ${_recCtx.toLocaleString()}</button>`);
+                }
+                if (_canAddGpu) {
+                  _btnRow.push(`<button data-vram-action="add_gpus" class="confirm-btn confirm-btn-primary" style="width:100%;">Add GPU${_addGpus.length > 1 ? 's' : ''} ${_addGpus.join(', ')}</button>`);
+                }
+                _btnRow.push(`<button data-vram-action="allow_cpu" class="confirm-btn confirm-btn-secondary" style="width:100%;">Allow CPU overflow (slow)</button>`);
+                _btnRow.push(`<button data-vram-action="cancel" class="confirm-btn confirm-btn-secondary" style="width:100%;">Cancel</button>`);
+                ov.innerHTML = '<div class="modal-content" style="max-width:480px;">'
+                  + '<div class="modal-header"><h4>Will not fit on selected GPU' + (_selIdx.length > 1 ? 's' : '') + '</h4></div>'
+                  + '<div class="modal-body" style="font-size:12px;line-height:1.5;">'
+                  +   '<p>Model + KV cache would overflow VRAM on the selected GPU' + (_selIdx.length > 1 ? 's' : '') + '. llama-cpp-python will silently spill to CPU → very slow inference.</p>'
+                  +   '<ul style="opacity:0.75;padding-left:18px;">'
+                  +     '<li>Model: ~' + _modelGb.toFixed(1) + ' GB</li>'
+                  +     '<li>KV cache (ctx ' + _ctx.toLocaleString() + '): ~' + _kvGb.toFixed(1) + ' GB</li>'
+                  +     '<li>Total needed: ~' + _needGb.toFixed(1) + ' GB</li>'
+                  +     '<li>Free on GPU ' + _selIdx.join(', ') + ': ~' + _selFreeGb.toFixed(1) + ' GB</li>'
+                  +   '</ul>'
+                  + '</div>'
+                  + '<div class="modal-footer" style="flex-direction:column;gap:6px;align-items:stretch;">' + _btnRow.join('') + '</div>'
+                  + '</div>';
+                document.body.appendChild(ov);
+                ov.addEventListener('click', (e) => {
+                  const b = e.target.closest('[data-vram-action]');
+                  if (b) { ov.remove(); resolve(b.dataset.vramAction); }
+                  else if (e.target === ov) { ov.remove(); resolve('cancel'); }
+                });
+              });
+              if (_action === 'cancel' || !_action) { _restoreLaunchBtn(); return; }
+              if (_action === 'reduce') {
+                const _ctxEl = panel.querySelector('[data-field="ctx"]');
+                if (_ctxEl) {
+                  _ctxEl.value = String(_recCtx);
+                  serveState.ctx = String(_recCtx);
+                  _ctxEl.dispatchEvent(new Event('change', { bubbles: true }));
+                }
+              } else if (_action === 'add_gpus') {
+                for (const i of _addGpus) {
+                  const _b = panel.querySelector(`.cookbook-gpu-btn[data-gpu="${i}"]`);
+                  if (_b && !_b.classList.contains('active')) _b.click();
+                }
+                const _gpusEl = panel.querySelector('[data-field="gpus"]');
+                if (_gpusEl) serveState.gpus = _gpusEl.value;
+              } else if (_action === 'allow_cpu') {
+                const _ov = panel.querySelector('[data-field="llama_cpu_overflow"]');
+                if (_ov) {
+                  _ov.checked = true;
+                  _ov.dispatchEvent(new Event('change', { bubbles: true }));
+                }
+                serveState.llama_cpu_overflow = true;
+              }
+              // After mutation, rebuild the serve cmd preview so the
+              // launched cmd matches what the user just chose.
+              try { updateCmd(); } catch {}
+            }
+          } catch (_e) {
+            // Preflight is best-effort — never block on its own failure.
+          }
+        }
         // Pre-launch GPU probe — common failure pattern: vLLM/SGLang launched
         // on a host where no GPU is visible (driver missing, $CUDA_VISIBLE_DEVICES
         // unset, container without --gpus). Catch it BEFORE the user spends
@@ -2151,6 +2385,38 @@ function _rerenderCachedModels() {
         if (venvVal) { _envState.env = 'venv'; _envState.envPath = venvVal; }
         else if (_srvEnvPath) { _envState.env = (_srvEnv === 'conda' ? 'conda' : 'venv'); _envState.envPath = _srvEnvPath; }
         if (gpusVal) _envState.gpus = gpusVal;
+        // Preflight: launching a GPU engine (llama.cpp / vLLM / SGLang)
+        // against the local-in-container target on a host whose hwfit
+        // scan reports no GPU backend. That falls through to a CPU build
+        // / CPU inference path and is usually NOT what the user wants —
+        // they typically have a host-side GPU (AMD/Vulkan, NVIDIA on a
+        // different box) that the container can't see. Surface this so
+        // the user can pick the host as a remote target instead, or
+        // confirm they really meant CPU.
+        try {
+          const _isLocalInContainer = !serveHost; // empty serveHost == cookbook container's local
+          const _wantsGpu = ['llamacpp', 'vllm', 'sglang', 'diffusers'].includes(serveState.backend);
+          const _detectedBackend = String(_hwfitCache?.system?.backend || '').toLowerCase();
+          const _gpuBackends = ['cuda', 'rocm', 'vulkan', 'metal', 'mps', 'apple'];
+          if (_isLocalInContainer && _wantsGpu && _detectedBackend && !_gpuBackends.includes(_detectedBackend)) {
+            const _proceed = await window.styledConfirm(
+              `The local (in-container) target has no GPU backend detected (hwfit reports: "${_detectedBackend || 'none'}"). ${serveState.backend.toUpperCase()} will run on CPU only and may be unusably slow.\n\nIf this machine has a GPU on the host, add the host as a server in Settings and target that instead. Otherwise launch anyway for CPU inference.`,
+              {
+                title: 'No GPU on local target',
+                confirmText: 'Launch anyway (CPU)',
+                cancelText: 'Cancel',
+                danger: true,
+              },
+            );
+            if (!_proceed) {
+              if (typeof _restoreLaunchBtn === 'function') _restoreLaunchBtn();
+              _envState.env = origEnv;
+              _envState.envPath = origEnvPath;
+              _envState.gpus = origGpus;
+              return;
+            }
+          }
+        } catch { /* preflight is best-effort */ }
         try {
           await _withSpinner(_launchBtn, async () => {
             // Pass the exact form values so the running task can be re-opened
diff --git a/static/style.css b/static/style.css
index cd1adeb8c..f4a331c47 100644
--- a/static/style.css
+++ b/static/style.css
@@ -15930,6 +15930,17 @@ body:not(.email-doc-split-active) #email-lib-modal.email-lib-fullscreen:not(.mod
     flex: 0 0 auto !important;
     height: auto !important;
   }
+  /* Launch tab's cached-list normally has `flex: 1 1 0; min-height: 0`
+     (so it fills the modal on desktop). On mobile the parent now has
+     `height: auto`, which collapses `flex: 1 1 0` to ZERO PX —
+     models render but the list area is invisible because the flex
+     basis is 0 and there's no free space to grow into. Switch to
+     content-sized flex so the list grows with its children. */
+  #cookbook-modal .cookbook-group[data-backend-group="Serve"] > .admin-card > .hwfit-cached-list,
+  #cookbook-modal .cookbook-group[data-backend-group="Serve"] > .admin-card > #hwfit-cached-list {
+    flex: 0 0 auto !important;
+    overflow: visible !important;
+  }
 }
 #cookbook-modal .hwfit-cached-list {
   flex-shrink: 0;
@@ -18560,7 +18571,7 @@ body.gallery-selecting .gallery-dl-btn,
    label and center it vertically so the descenders don't clip. */
 #hwfit-cache-select {
   min-width: 58px;
-  height: 32px;
+  height: 28px;
   display: inline-flex;
   align-items: center;
   justify-content: center;
@@ -19316,7 +19327,7 @@ body.gallery-selecting .gallery-dl-btn,
   margin-bottom: 4px;
 }
 .cookbook-slot-btn {
-  min-width: 22px; height: 22px;
+  min-width: 22px; height: 28px;
   padding: 0 6px;
   font-size: 10px; font-weight: 600;
   border: 1px solid var(--border);
@@ -19733,11 +19744,12 @@ body.gallery-selecting .gallery-dl-btn,
   font-size: 12px;
   padding: 0 6px;
   height: 28px;
+  box-sizing: border-box;
 }
 .hwfit-sf[data-field="backend"],
 .hwfit-sf[data-field="dtype"],
 .hwfit-sf[data-field="tp"] {
-  height: 32px;
+  height: 28px;
   box-sizing: border-box;
   width: 100%;
 }
@@ -23569,7 +23581,7 @@ details.hwfit-serve-advanced > .hwfit-serve-checks:last-of-type {
   width: 51px;
 }
 #serve-search {
-  height: 32px;
+  height: 28px;
 }
 #cookbook-dl-btn {
   position: relative;

From 63d9b12b22edaef1bca08c4ce9560c2e69ec93d8 Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Fri, 19 Jun 2026 00:33:48 +0000
Subject: [PATCH 06/22] Cookbook Running: short-circuit polls for Ollama
 sidecar tasks so status stays running

Three different background loops (_reconnectTask reachability poll,
_checkServeReachability, _pollBackgroundStatus) each independently
flipped Ollama sidecar tasks between running and stopped because the
`docker exec ollama-rocm ollama show <tag>` cmd exits cleanly after
its verification print, which the loops misread as the serve dying.

Added _isOllamaSidecarTask(task) and an early-bail in each of the
three loops so the task stays pinned to running once the show-cmd
exits 0. Also the tmux-graceful-kill path prepends a
`docker exec ollama-rocm ollama stop <tag>` before tearing down
the tmux session, so the Ollama-side model load gets unloaded too
(was leaving the model resident in the daemon after Stop).
---
 static/js/cookbookRunning.js | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/static/js/cookbookRunning.js b/static/js/cookbookRunning.js
index 28365d49e..a390e11ad 100644
--- a/static/js/cookbookRunning.js
+++ b/static/js/cookbookRunning.js
@@ -141,6 +141,13 @@ async function _openDownloadForGgufTask(task) {
 function _terminalServeDiagnosis(task, outputText) {
   const out = String(outputText || task?.output || '');
   if (!task || task.type !== 'serve' || !['stopped', 'error', 'crashed', 'failed'].includes(task.status) || !out.trim()) return null;
+  // Suppress the crash diagnosis when the output proves the server
+  // actually became reachable — e.g. an early `exit 127` from a failed
+  // build attempt was followed by the shim/Python fallback successfully
+  // starting Uvicorn. Without this, the user sees a confusing "build
+  // stopped before the server became reachable" toast while the server
+  // is right there serving requests.
+  if (_serveOutputLooksReady(task)) return null;
   // Pip tasks (Reinstall vLLM, Upgrade torch, etc.) ride on the serve task
   // type so they get a tmux session + show up in Running tab — but they are
   // NOT serve invocations. Their output is pip's own; the generic

From 18f29bdfd8b7e694102c8b242315f12b44e8da96 Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Fri, 19 Jun 2026 00:34:13 +0000
Subject: [PATCH 07/22] Email send: normalize address fields to strip trailing
 commas + stray whitespace before MIME encoding

---
 routes/email_routes.py | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/routes/email_routes.py b/routes/email_routes.py
index 0871b5656..416ad55b2 100644
--- a/routes/email_routes.py
+++ b/routes/email_routes.py
@@ -360,6 +360,21 @@ def _apply_odysseus_headers(msg, kind: str | None = None, ref_id: str | None = N
         msg["X-Odysseus-Ref"] = re.sub(r"[^A-Za-z0-9_.:-]", "-", ref_id)[:128]
 
 
+def _normalize_addr_field(field: str) -> str:
+    """Strip the malformed-but-common trailing/leading commas and stray
+    whitespace from a To/Cc/Bcc string before it lands in the MIME header
+    or the SMTP envelope. Users often paste a single address with a
+    trailing comma (e.g. `felix@pewdiepie.com,`) and most MTAs reject the
+    resulting `To: felix@pewdiepie.com,` line as a syntax error. Collapse
+    any run of separator junk between addresses too."""
+    if not field:
+        return field
+    # Split on commas, drop empty tokens, rejoin with a single ', '.
+    parts = [p.strip() for p in field.split(",")]
+    parts = [p for p in parts if p]
+    return ", ".join(parts)
+
+
 def _envelope_recipients(*fields: str) -> list:
     """Extract bare SMTP envelope addresses from one or more To/Cc/Bcc header
     strings. A naive `field.split(",")` corrupts display names that contain a
@@ -2021,6 +2036,9 @@ def setup_email_routes():
             outer = MIMEMultipart("alternative")
             body_container = outer
 
+        to = _normalize_addr_field(to or "")
+        cc = _normalize_addr_field(cc or "")
+        bcc = _normalize_addr_field(bcc or "")
         outer["From"] = cfg["from_address"]
         outer["To"] = to
         if cc:
@@ -2297,6 +2315,9 @@ def setup_email_routes():
             outer = MIMEMultipart("alternative")
             body_container = outer
 
+        req.to = _normalize_addr_field(req.to or "")
+        req.cc = _normalize_addr_field(req.cc or "")
+        req.bcc = _normalize_addr_field(req.bcc or "")
         outer["From"] = cfg["from_address"]
         outer["To"] = req.to
         if req.cc:

From a10bfc466bc6d3cfa956b1ee85637035ab43938f Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Fri, 19 Jun 2026 00:34:19 +0000
Subject: [PATCH 08/22] Model endpoints: per-category probe timeouts (15s local
 / 3s ollama / 2s api) so slow first-token launches arent killed

---
 routes/model_routes.py | 37 ++++++++++++++++++++++++++++---------
 1 file changed, 28 insertions(+), 9 deletions(-)

diff --git a/routes/model_routes.py b/routes/model_routes.py
index b5bd6ead8..000cd9379 100644
--- a/routes/model_routes.py
+++ b/routes/model_routes.py
@@ -405,8 +405,11 @@ def _endpoint_refresh_timeout(ep: Any, category: str) -> float:
     except Exception:
         val = 0
     if val > 0:
-        return float(max(1, min(30, val)))
-    return 2.5 if category == "local" else 2.0
+        return float(max(1, min(60, val)))
+    # llama.cpp and other local OpenAI-compatible servers can block briefly
+    # while warming/loading. A 2s local timeout makes working endpoints flicker
+    # offline before /v1/models is ready.
+    return 10.0 if category == "local" else 2.0
 
 
 def _manual_refresh_timeout(ep: Any, category: str, requested: Any = None) -> float:
@@ -473,7 +476,7 @@ def _explicit_model_list_timeout(base_url: str, endpoint_kind: str = "auto", req
     category = _classify_endpoint(base_url, kind)
     if kind in ("api", "proxy") or category == "api":
         return 30.0
-    return 3.0 if _is_ollama_base(base_url) else 2.0
+    return 15.0 if category == "local" else (3.0 if _is_ollama_base(base_url) else 2.0)
 
 
 def _cached_model_ids(ep: Any) -> List[str]:
@@ -856,15 +859,28 @@ def _ping_endpoint(base_url: str, api_key: str = None, timeout: float = 1.5) ->
         pass
 
     try:
+        # OpenAI-compatible servers commonly expose /v1/models but return 404
+        # for the bare /v1 root. Probe models first for those bases to avoid
+        # noisy false-looking 404s in llama.cpp logs.
+        parsed = urlparse(base)
+        prefer_models_first = (parsed.path or "").rstrip("/").endswith("/v1")
+        if prefer_models_first:
+            try:
+                r0 = httpx.get(_safe_build_models_url(base), headers=headers, timeout=timeout, verify=llm_verify())
+                result0 = _result_from_response(r0)
+                if result0["reachable"]:
+                    return result0
+            except Exception as e:
+                last_error = str(e)[:120]
         r = httpx.get(base, headers=headers, timeout=timeout, verify=llm_verify())
         result = _result_from_response(r)
         if result["reachable"]:
             return result
         sc = result.get("status_code") or 0
-        if 400 <= sc < 500 and sc not in (401, 403):
+        if 400 <= sc < 500 and sc not in (401, 403) and not prefer_models_first:
             models_url = _safe_build_models_url(base)
             try:
-                r2 = httpx.get(models_url, headers=headers, timeout=timeout, verify=llm_verify())
+                r2 = httpx.get(models_url, headers=headers,timeout=timeout, verify=llm_verify())
                 result2 = _result_from_response(r2)
                 if result2["reachable"]:
                     return result2
@@ -1567,7 +1583,10 @@ def setup_model_routes(model_discovery):
                 # "everything's already cached" path because this branch only
                 # runs for endpoints with an empty cached_models.
                 if not all_models and not pinned and r.is_enabled:
-                    ping = _ping_endpoint(r.base_url, r.api_key, timeout=3.5)
+                    base_for_ping = _normalize_base(r.base_url)
+                    kind_for_ping = _effective_endpoint_kind(r, base_for_ping)
+                    ping_timeout = 10.0 if _classify_endpoint(base_for_ping, kind_for_ping) == "local" else 3.5
+                    ping = _ping_endpoint(r.base_url, r.api_key, timeout=ping_timeout)
                     if ping.get("reachable"):
                         status = "empty"
                         # Best-effort: if the probe came back reachable, try
@@ -1577,7 +1596,7 @@ def setup_model_routes(model_discovery):
                         # "empty" status, and the existing background refresh
                         # path will eventually fill it in too.
                         try:
-                            probed = _probe_endpoint(r.base_url, r.api_key, timeout=5)
+                            probed = _probe_endpoint(r.base_url, r.api_key, timeout=max(5, int(ping_timeout)))
                             if probed:
                                 r.cached_models = json.dumps(probed)
                                 db.commit()
@@ -1755,7 +1774,7 @@ def setup_model_routes(model_discovery):
         model_ids = _probe_endpoint(base_url, api_key.strip() or None, timeout=explicit_timeout) if should_probe else []
         ping = {"reachable": False, "error": None}
         if (should_probe or requested_kind in ("api", "proxy")) and not model_ids:
-            ping = _ping_endpoint(base_url, api_key.strip() or None, timeout=min(explicit_timeout, 2.0))
+            ping = _ping_endpoint(base_url, api_key.strip() or None, timeout=min(explicit_timeout, 10.0))
         if require_model_list and not model_ids:
             raise HTTPException(400, _model_endpoint_error_message(base_url, ping))
 
@@ -1847,7 +1866,7 @@ def setup_model_routes(model_discovery):
         configured_timeout = _parse_positive_int(model_refresh_timeout, minimum=1, maximum=60)
         probe_timeout = _explicit_model_list_timeout(base_url, requested_kind, configured_timeout)
         models = _probe_endpoint(base_url, api_key.strip() or None, timeout=probe_timeout)
-        ping = {"reachable": True, "error": None} if models else _ping_endpoint(base_url, api_key.strip() or None, timeout=min(probe_timeout, 2.0))
+        ping = {"reachable": True, "error": None} if models else _ping_endpoint(base_url, api_key.strip() or None, timeout=min(probe_timeout, 10.0))
         return {
             "base_url": base_url,
             "online": bool(models) or bool(ping.get("reachable")),

From 2fbfd2294684d90d1c37d8b66d1a2ff71ae5dc0c Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Fri, 19 Jun 2026 00:34:24 +0000
Subject: [PATCH 09/22] Agent loop: compact one-line tool-usage hints for
 local/small models so the system prompt doesnt eat the context budget

---
 src/agent_loop.py | 127 ++++++++++++++++++++++++++++++++++++++++++----
 1 file changed, 116 insertions(+), 11 deletions(-)

diff --git a/src/agent_loop.py b/src/agent_loop.py
index f600ac598..e574a42b6 100644
--- a/src/agent_loop.py
+++ b/src/agent_loop.py
@@ -536,17 +536,44 @@ def _section_text(name: str, default: str) -> str:
     return val if isinstance(val, str) and val.strip() else default
 
 
+def _compact_tool_line(name: str, section: str) -> str:
+    """One-line fenced-tool usage hint for compact/local prompts."""
+    text = (section or "").strip()
+    if not text:
+        return f"- `{name}`"
+    if text.startswith("- "):
+        return text
+    lines = [ln.strip() for ln in text.splitlines() if ln.strip()]
+    usage = []
+    in_fence = False
+    for ln in lines:
+        if ln.startswith("```"):
+            usage.append(ln)
+            in_fence = not in_fence
+            if len(usage) >= 3:
+                break
+            continue
+        if in_fence and len(usage) < 3:
+            usage.append(ln)
+    if usage:
+        return f"- `{name}` — " + " ".join(usage)
+    return f"- `{name}` — " + lines[0][:160]
+
+
 def _assemble_prompt(tool_names: set, disabled_tools: set = None, compact: bool = False) -> str:
     """Build the system prompt with only the specified tools included."""
     disabled = disabled_tools or set()
     included = tool_names - disabled
 
     if compact:
-        tool_list = ", ".join(sorted(included)) if included else "none"
+        tool_lines = []
+        for name, _default_section in TOOL_SECTIONS.items():
+            if name in included:
+                tool_lines.append(_compact_tool_line(name, _section_text(name, _default_section)))
         parts = [
-            "You are an AI assistant with tool access.",
-            f"Available tools: {tool_list}.",
-            _API_AGENT_RULES,
+            _AGENT_PREAMBLE,
+            "## Available tools\n" + ("\n".join(tool_lines) if tool_lines else "none"),
+            _AGENT_RULES,
         ]
         parts.extend(_domain_rules_for_tools(included))
         return "\n\n".join(parts)
@@ -612,11 +639,6 @@ _API_HOSTS = frozenset([
     "api.perplexity.ai", "api.x.ai",
     "ollama.com", "api.venice.ai", "api.kimi.com",
     "api.githubcopilot.com",
-    # Local OpenAI-compatible endpoints (llama.cpp, vLLM, LM Studio, etc.).
-    # Without these, `_is_api_model` falls back to keyword sniffing on the
-    # model name, so well-behaved local servers don't get native tool
-    # schemas and the agent silently degrades to fenced-block parsing.
-    "localhost", "127.0.0.1", "host.docker.internal",
 ])
 _MCP_KEYWORDS = frozenset(["mcp", "browse", "browser", "website", "calendar", "event", "email",
                            "gmail", "screenshot", "navigate", "click", "miniflux", "rss", "feed"])
@@ -644,6 +666,28 @@ def _is_ollama_openai_compat_url(endpoint_url: str) -> bool:
     return parsed.port == 11434 and (path == "/v1" or path.startswith("/v1/"))
 
 
+def _is_local_openai_compat_url(endpoint_url: str) -> bool:
+    try:
+        parsed = urlparse(endpoint_url or "")
+    except Exception:
+        return False
+    host = (parsed.hostname or "").lower()
+    path = (parsed.path or "").rstrip("/")
+    if not (path == "/v1" or path.startswith("/v1/")):
+        return False
+    if host in {"localhost", "127.0.0.1", "0.0.0.0", "host.docker.internal"}:
+        return True
+    if host.startswith("192.168.") or host.startswith("10."):
+        return True
+    if host.startswith("172."):
+        try:
+            second = int(host.split(".")[1])
+            return 16 <= second <= 31
+        except Exception:
+            return False
+    return False
+
+
 def _endpoint_lookup_keys(endpoint_url: str) -> List[str]:
     """Candidate ModelEndpoint.base_url keys for a runtime chat URL."""
     raw = (endpoint_url or "").strip()
@@ -2082,6 +2126,7 @@ async def stream_agent_loop(
     # the fenced-block path is used instead of native function calling.
     _is_ollama_native = _is_ollama_native_url(endpoint_url or "")
     _ollama_openai_compat = _is_ollama_openai_compat_url(endpoint_url or "")
+    _local_openai_compat = _is_local_openai_compat_url(endpoint_url or "")
     if _endpoint_supports is True:
         _is_api_model = True
     elif (
@@ -2089,15 +2134,17 @@ async def stream_agent_loop(
         or _model_no_tools
         or _is_ollama_native
         or _ollama_openai_compat
+        or _local_openai_compat
     ):
         _is_api_model = False
     else:
         _is_api_model = any(h in endpoint_url for h in _API_HOSTS) or _model_supports_tools
+    _compact_agent_prompt = _is_api_model or _is_ollama_native or _ollama_openai_compat or _local_openai_compat
     messages, mcp_schemas = _build_system_prompt(
         messages, model, active_document, mcp_mgr, disabled_tools,
         needs_admin=_needs_admin, relevant_tools=_relevant_tools,
         mcp_disabled_map=_mcp_disabled_map,
-        compact=_is_api_model,
+        compact=_compact_agent_prompt,
         owner=owner,
         suppress_local_context=guide_only,
         active_email=active_email,
@@ -2185,6 +2232,14 @@ async def stream_agent_loop(
     # Strip internal metadata keys before sending to the LLM API
     messages = [{k: v for k, v in msg.items() if k != "_protected"} for msg in messages]
 
+    agent_prompt_tokens = estimate_tokens(messages)
+    logger.info(
+        "[agent-timing] prep_done model=%s prompt_tokens=%s context_length=%s prep=%s",
+        model,
+        agent_prompt_tokens,
+        context_length,
+        {k: round(v, 3) for k, v in prep_timings.items()},
+    )
     yield f"data: {json.dumps({'type': 'agent_prep', 'data': {k: round(v, 3) for k, v in prep_timings.items()}})}\n\n"
 
     full_response = ""
@@ -2329,6 +2384,19 @@ async def stream_agent_loop(
         # complementary cap for the rare stream that trickles bytes forever and
         # so never trips the inactivity timeout. Generous — only catches runaway.
         _round_deadline = time.time() + max(agent_stream_timeout * 4, 1200)
+        _round_start = time.time()
+        _round_first_event_logged = False
+        _round_first_token_logged = False
+        logger.info(
+            "[agent-timing] round_start round=%s model=%s endpoint=%s prompt_tokens=%s tools=%s native_tools=%s timeout=%s",
+            round_num,
+            model,
+            endpoint_url,
+            estimate_tokens(messages),
+            len(_tool_names_sent),
+            bool(all_tool_schemas),
+            agent_stream_timeout,
+        )
         async for chunk in stream_llm_with_fallback(
             _candidates,
             messages,
@@ -2339,11 +2407,30 @@ async def stream_agent_loop(
             timeout=agent_stream_timeout,
             session_id=session_id,
         ):
+            if not _round_first_event_logged:
+                _round_first_event_logged = True
+                logger.info(
+                    "[agent-timing] first_event round=%s elapsed=%.3fs kind=%s",
+                    round_num,
+                    time.time() - _round_start,
+                    "error" if chunk.startswith("event: error") else "data",
+                )
             if time.time() > _round_deadline:
-                logger.warning(f"[agent] round {round_num} stream exceeded wall-clock deadline; cutting off")
+                logger.warning(
+                    "[agent-timing] round_deadline round=%s elapsed=%.3fs deadline_s=%s",
+                    round_num,
+                    time.time() - _round_start,
+                    max(agent_stream_timeout * 4, 1200),
+                )
                 break
             # Forward error events from stream_llm to the frontend
             if chunk.startswith("event: error"):
+                logger.warning(
+                    "[agent-timing] stream_error round=%s elapsed=%.3fs chunk=%r",
+                    round_num,
+                    time.time() - _round_start,
+                    chunk[:500],
+                )
                 yield chunk
                 continue
             if chunk.startswith("data: ") and not chunk.startswith("data: [DONE]"):
@@ -2423,6 +2510,15 @@ async def stream_agent_loop(
                         if not first_token_received:
                             time_to_first_token = time.time() - total_start
                             first_token_received = True
+                        if not _round_first_token_logged:
+                            _round_first_token_logged = True
+                            logger.info(
+                                "[agent-timing] first_visible_token round=%s elapsed=%.3fs total_elapsed=%.3fs thinking=%s",
+                                round_num,
+                                time.time() - _round_start,
+                                time.time() - total_start,
+                                bool(data.get("thinking")),
+                            )
                         # Keep reasoning deltas in a separate accumulator so
                         # we can echo them back via `reasoning_content` on the
                         # next request (DeepSeek requires this; harmless for
@@ -2492,6 +2588,15 @@ async def stream_agent_loop(
                 yield chunk
             # Intercept [DONE] — don't forward until all rounds finish
 
+        logger.info(
+            "[agent-timing] round_stream_done round=%s elapsed=%.3fs text_chars=%s tool_calls=%s first_event=%s first_token=%s",
+            round_num,
+            time.time() - _round_start,
+            len(round_response),
+            len(native_tool_calls),
+            _round_first_event_logged,
+            _round_first_token_logged,
+        )
         tool_blocks, used_native = _resolve_tool_blocks(round_response, native_tool_calls, round_num, is_api_model=_is_api_model)
 
         # Force-answer round: we told the model to STOP calling tools and

From 9adb940ef975c19d52c9cd6c6632552cda7ffccf Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Fri, 19 Jun 2026 00:34:30 +0000
Subject: [PATCH 10/22] Agent stream: 10s heartbeat keepalive on the SSE
 subscribe so long-running thinking models dont drop the connection

---
 src/agent_runs.py | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/src/agent_runs.py b/src/agent_runs.py
index 8adbab9c9..3431347c7 100644
--- a/src/agent_runs.py
+++ b/src/agent_runs.py
@@ -174,8 +174,20 @@ async def subscribe(session_id: str) -> AsyncGenerator[str, None]:
             next_seq += 1
         if run.status != "running":
             return
+        heartbeat_idx = 0
         while True:
-            seq, ev = await q.get()
+            try:
+                seq, ev = await asyncio.wait_for(q.get(), timeout=10.0)
+            except asyncio.TimeoutError:
+                # Keep slow local models/proxies alive while they prefill before
+                # the first token. SSE comments are ignored by the UI but reset
+                # browser/proxy idle timers, which prevents "empty response"
+                # disconnects on llama.cpp first-token latencies of 30s+.
+                if run.status == "running":
+                    heartbeat_idx += 1
+                    yield f": heartbeat {heartbeat_idx}\n\n"
+                    continue
+                seq, ev = (None, None)
             if seq is None:            # end sentinel
                 while next_seq < len(run.buffer):   # flush any tail the sentinel raced
                     yield run.buffer[next_seq]

From 20c6ba8f321485d1d6360fa8c30be3127c1e396a Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Fri, 19 Jun 2026 00:34:37 +0000
Subject: [PATCH 11/22] Bump APP_VERSION to 1.0.1

---
 src/constants.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/constants.py b/src/constants.py
index 3f58eba26..16aecf19a 100644
--- a/src/constants.py
+++ b/src/constants.py
@@ -2,7 +2,7 @@
 """Application-wide constants and configuration values."""
 import os
 
-APP_VERSION = "1.0.0"
+APP_VERSION = "1.0.1"
 
 # Base paths
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) + "/"

From 8cc76b53a20acaeb35bb9890464102bf2c96f31a Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Fri, 19 Jun 2026 00:34:47 +0000
Subject: [PATCH 12/22] Chat: first-token wait timer cleanup so per-pane
 timeouts dont leak when a response finishes mid-wait

---
 static/js/chat.js | 119 +++++++++++++++++++++++++---------------------
 1 file changed, 64 insertions(+), 55 deletions(-)

diff --git a/static/js/chat.js b/static/js/chat.js
index c9b73a8f1..50d296dcc 100644
--- a/static/js/chat.js
+++ b/static/js/chat.js
@@ -571,6 +571,24 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
     let timeoutId = null;
     let responseTimeoutCleared = false;
     let clearResponseTimeout = () => {};
+    let firstTokenWaitTimers = [];
+    const clearFirstTokenWaitTimers = () => {
+      firstTokenWaitTimers.forEach(t => { try { clearTimeout(t); } catch (_) {} });
+      firstTokenWaitTimers = [];
+    };
+    const scheduleFirstTokenWaitMessages = () => {
+      clearFirstTokenWaitTimers();
+      const steps = [
+        [20000, 'Still waiting for first token'],
+        [60000, 'Large local model is pre-filling context'],
+        [120000, 'Still working - no tokens yet from the model'],
+      ];
+      firstTokenWaitTimers = steps.map(([ms, text]) => setTimeout(() => {
+        if (!accumulated && spinner && spinner.element && !(currentAbort && currentAbort.signal.aborted)) {
+          spinner.updateMessage(text);
+        }
+      }, ms));
+    };
     const clearProcessingProbe = () => {
       if (processingProbeTimer) {
         clearTimeout(processingProbeTimer);
@@ -921,56 +939,7 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
         setTimeout(() => spinner.updateMessage('Analyzing sources'), 1500);
       } else {
         spinner.updateMessage('Processing request');
-        const endpointUrlForProbe = sessionModule.getCurrentEndpointUrl ? sessionModule.getCurrentEndpointUrl() : null;
-        if (endpointUrlForProbe && modelName) {
-          processingProbeTimer = setTimeout(async () => {
-            processingProbeTimer = null;
-            if (accumulated || !spinner || !spinner.element || (currentAbort && currentAbort.signal.aborted)) return;
-            processingProbeAbort = new AbortController();
-            try {
-              spinner.updateMessage('Checking model endpoint');
-              const status = await _probeCurrentEndpointStatus(endpointUrlForProbe, processingProbeAbort.signal);
-              if (accumulated || !spinner || !spinner.element || (currentAbort && currentAbort.signal.aborted)) return;
-              if (!status) {
-                spinner.updateMessage('Still waiting for model');
-              } else if (status.alive) {
-                const latency = status.latency_ms ? ` (${status.latency_ms}ms)` : '';
-                spinner.updateMessage(`Endpoint online${latency}; waiting for first token`);
-              } else {
-                // Probe confirms the endpoint isn't responding. Don't
-                // sit on a hung fetch — give the user 5s to read the
-                // status, then auto-abort with reason='offline' so the
-                // catch handler shows a clean "switch model" message
-                // instead of leaving the spinner spinning forever.
-                if (status.error) console.warn('Model endpoint probe failed:', status.error);
-                let _countdown = 5;
-                spinner.updateMessage(`Endpoint offline — cancelling in ${_countdown}s`);
-                const _tick = setInterval(() => {
-                  _countdown--;
-                  if (!spinner || !spinner.element || (currentAbort && currentAbort.signal.aborted) || accumulated) {
-                    clearInterval(_tick);
-                    return;
-                  }
-                  if (_countdown > 0) {
-                    spinner.updateMessage(`Endpoint offline — cancelling in ${_countdown}s`);
-                  } else {
-                    clearInterval(_tick);
-                    if (currentAbort && !currentAbort.signal.aborted) {
-                      currentAbort._reason = 'offline';
-                      currentAbort.abort();
-                    }
-                  }
-                }, 1000);
-              }
-            } catch (e) {
-              if (e && e.name !== 'AbortError' && spinner && spinner.element && !accumulated) {
-                spinner.updateMessage('Still waiting for model');
-              }
-            } finally {
-              processingProbeAbort = null;
-            }
-          }, 10000);
-        }
+        scheduleFirstTokenWaitMessages();
       }
       
       const researchBtn = el('research-toggle-btn');
@@ -1150,6 +1119,11 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
         uiModule.scrollHistory();
       }
 
+      function _replaceThinkingSpinner(label) {
+        _removeThinkingSpinner();
+        _showThinkingSpinner(label);
+      }
+
       // Auto-show thinking spinner after text stops streaming
       let _textPauseTimer = null;
       function _scheduleThinkingSpinner() {
@@ -1173,9 +1147,22 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
       let _liveThinkHeader = null;
       let _liveThinkSpinnerSlot = null;
       let _liveThinkTimerEl = null;
+      let _liveThinkTokenCount = 0;
       let _liveThinkToggle = null;
       let _liveThinkDomId = null;
 
+      function _estimateThinkingTokens(text) {
+        const clean = (text || '').trim();
+        if (!clean) return 0;
+        return Math.max(1, Math.ceil(clean.length / 4));
+      }
+
+      function _formatThinkStats(seconds, tokenCount) {
+        const time = seconds ? seconds + 's' : '';
+        const tokens = tokenCount ? tokenCount + ' tok' : '';
+        return time && tokens ? time + ' · ' + tokens : (time || tokens);
+      }
+
       function _replyAfterClosedThinking(text) {
         const closeRe = /<\/(?:think(?:ing)?|thought)>|<channel\|>/gi;
         let match = null;
@@ -1277,6 +1264,12 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
 
       let _nextIsError = false;
       let _streamSawDone = false;
+      let _firstVisibleOutputSeen = false;
+      const markFirstVisibleOutput = () => {
+        if (_firstVisibleOutputSeen) return;
+        _firstVisibleOutputSeen = true;
+        clearFirstTokenWaitTimers();
+      };
 
       while (true) {
         const { done, value } = await reader.read();
@@ -1296,6 +1289,7 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
           }
           if (line.startsWith('data: ')) {
             const data = line.slice(6);
+            if (data && data !== '[DONE]') markFirstVisibleOutput();
 
             // (thinking spinner removal is handled in agent_step / tool_start / content handlers)
 
@@ -1357,7 +1351,7 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
                 if (_liveThinkHeader) _liveThinkHeader.textContent = 'View thinking process';
                 if (_liveThinkSpinnerSlot) _liveThinkSpinnerSlot.remove();
                 if (_liveThinkTimerEl && _elapsedDone) {
-                  _liveThinkTimerEl.textContent = _elapsedDone + 's';
+                  _liveThinkTimerEl.textContent = _formatThinkStats(_elapsedDone, _liveThinkTokenCount);
                   _liveThinkTimerEl.style.marginLeft = 'auto';
                   _liveThinkTimerEl.style.marginRight = '5px';
                   var _hdrDone = _liveThinkTimerEl.closest('.thinking-header');
@@ -1399,9 +1393,17 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
                 typewriterInto(roundHolder.querySelector('.body'), errMsg);
                 break;
               }
-              if (json.delta || json.type === 'tool_start' || json.type === 'tool_output' || json.type === 'tool_progress' || json.type === 'agent_step' || json.type === 'doc_stream_open' || json.type === 'doc_stream_delta' || json.type === 'research_progress') {
+              if (json.delta || json.type === 'agent_prep' || json.type === 'tool_start' || json.type === 'tool_output' || json.type === 'tool_progress' || json.type === 'agent_step' || json.type === 'doc_stream_open' || json.type === 'doc_stream_delta' || json.type === 'research_progress') {
                 clearResponseTimeout();
                 clearProcessingProbe();
+                clearFirstTokenWaitTimers();
+              }
+              if (json.type === 'agent_prep') {
+                if (!_isBg) {
+                  _cancelThinkingTimer();
+                  _replaceThinkingSpinner('Preparing agent');
+                }
+                continue;
               }
               if (json.delta) {
                 _cancelThinkingTimer();
@@ -1554,7 +1556,7 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
                   function _tickThinkTimer() {
                     if (!_liveThinkTimerEl || !_liveThinkTimerEl.isConnected) return;
                     var s = ((Date.now() - _thinkTimerStart) / 1000).toFixed(1);
-                    _liveThinkTimerEl.textContent = s + 's';
+                    _liveThinkTimerEl.textContent = _formatThinkStats(s, _liveThinkTokenCount);
                     _thinkTimerRAF = requestAnimationFrame(_tickThinkTimer);
                   }
                   _thinkTimerRAF = requestAnimationFrame(_tickThinkTimer);
@@ -1576,7 +1578,12 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
                       .replace(/<\|channel>response\s*\n?/gi, '')
                       .replace(/<channel\|>/gi, '');
                     thinkText = thinkText.replace(/^\s*Thinking(?:\s+Process)?:\s*/i, '');
+                    _liveThinkTokenCount = _estimateThinkingTokens(thinkText);
                     _liveThinkInner.innerHTML = markdownModule.mdToHtml(thinkText);
+                    if (_liveThinkTimerEl) {
+                      var _elapsedLive = thinkingStartTime ? ((Date.now() - thinkingStartTime) / 1000).toFixed(1) : '';
+                      _liveThinkTimerEl.textContent = _formatThinkStats(_elapsedLive, _liveThinkTokenCount);
+                    }
                     // Keep thinking box scrolled to bottom, but let user scroll up
                     var thinkBox = _liveThinkInner.closest('.thinking-content');
                     if (thinkBox) {
@@ -1600,6 +1607,7 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
                     _liveThinkHeader = null;
                     _liveThinkSpinnerSlot = null;
                     _liveThinkTimerEl = null;
+                    _liveThinkTokenCount = 0;
                     _liveThinkToggle = null;
                     _liveThinkDomId = null;
                     // Fall through to normal streaming
@@ -1622,7 +1630,7 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
                   if (_liveThinkSpinnerSlot) _liveThinkSpinnerSlot.remove();
                   // Move timer to right side of header
                   if (_liveThinkTimerEl && elapsed) {
-                    _liveThinkTimerEl.textContent = elapsed + 's';
+                    _liveThinkTimerEl.textContent = _formatThinkStats(elapsed, _liveThinkTokenCount);
                     _liveThinkTimerEl.style.marginLeft = 'auto';
                     _liveThinkTimerEl.style.marginRight = '5px';
                     var _hdrRow = _liveThinkTimerEl.closest('.thinking-header');
@@ -2023,7 +2031,7 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
                   cancelAnimationFrame(_thinkTimerRAF);
                   var _elapsed2 = thinkingStartTime ? ((Date.now() - thinkingStartTime) / 1000).toFixed(1) : null;
                   if (_liveThinkHeader) _liveThinkHeader.textContent = 'View thinking process';
-                  if (_liveThinkTimerEl) _liveThinkTimerEl.textContent = _elapsed2 ? _elapsed2 + 's' : '';
+                  if (_liveThinkTimerEl) _liveThinkTimerEl.textContent = _elapsed2 ? _formatThinkStats(_elapsed2, _liveThinkTokenCount) : '';
                   if (_liveThinkSpinnerSlot) _liveThinkSpinnerSlot.remove();
                   // Assign stable IDs
                   var _thinkId2 = 'think-' + Date.now();
@@ -3018,6 +3026,7 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
     } finally {
       clearResponseTimeout();
       clearProcessingProbe();
+      clearFirstTokenWaitTimers();
       // Streaming done — let screen readers announce the settled response.
       const _chatLogDone = document.getElementById('chat-history');
       if (_chatLogDone) _chatLogDone.setAttribute('aria-busy', 'false');

From 23ed92d96598f4a62952e2df401ce0e20a352540 Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Fri, 19 Jun 2026 00:34:52 +0000
Subject: [PATCH 13/22] Email Library: render tag chips + spam verdict pill on
 the email row

---
 static/js/emailLibrary.js | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/static/js/emailLibrary.js b/static/js/emailLibrary.js
index 7beb6a122..a5ac5f443 100644
--- a/static/js/emailLibrary.js
+++ b/static/js/emailLibrary.js
@@ -2936,6 +2936,20 @@ function _createCard(em) {
     titleRow.appendChild(att);
   }
 
+  const tags = Array.isArray(em.tags) ? em.tags : [];
+  if (tags.length || em.is_spam_verdict) {
+    const tagWrap = document.createElement('span');
+    tagWrap.className = 'email-tags email-card-tags';
+    tagWrap.innerHTML = tags.map(t => {
+      const tag = String(t || '').trim().toLowerCase().replace(/_/g, '-');
+      return tag ? `<span class="email-tag email-tag-${_esc(tag)}">${_esc(tag)}</span>` : '';
+    }).join('');
+    if (em.is_spam_verdict) {
+      tagWrap.insertAdjacentHTML('beforeend', '<span class="email-tag email-tag-spam">spam</span>');
+    }
+    titleRow.appendChild(tagWrap);
+  }
+
   // Done check + unread dot stay next to the subject on the left.
   const isSentFolder = /sent/i.test(state._libFolder);
   if (!isSentFolder) {

From a01c3da75f75b85495f16d04c56d4face5ace58a Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Fri, 19 Jun 2026 00:34:57 +0000
Subject: [PATCH 14/22] Notes: checklist/todo/goal classification +
 agent-stream-complete state class for done indicator

---
 static/js/notes.js | 164 +++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 157 insertions(+), 7 deletions(-)

diff --git a/static/js/notes.js b/static/js/notes.js
index 58dff6e7f..8c6f1a832 100644
--- a/static/js/notes.js
+++ b/static/js/notes.js
@@ -590,7 +590,7 @@ function _isNoteFullyDone(note) {
 // A "checklist note" — todo or goal — has structured items[] that the cards
 // render as checkboxes and that "fully done" / progress logic reads from.
 function _hasItems(note) {
-  return note && (note.note_type === 'todo' || note.note_type === 'goal');
+  return note && (note.note_type === 'todo' || note.note_type === 'goal' || note.note_type === 'checklist');
 }
 
 // Compact " N/M" progress string for a goal's checklist. Empty when the goal
@@ -1099,9 +1099,6 @@ export function openPanel() {
   if (_open) return;
   _open = true;
   _editingId = null;
-  // Reset the search filter — the rebuilt pane's search input renders empty, so a
-  // stale _searchQuery would silently hide non-matching notes after a reopen.
-  _searchQuery = '';
   _clearViewedReminderGlows();
   _firedDotDismissedAt = Date.now();
   try { localStorage.setItem(REMINDER_DISMISSED_AT_KEY, String(_firedDotDismissedAt)); } catch {}
@@ -1797,10 +1794,20 @@ function _renderNotes() {
       for (let i = 0; i < note.items.length; i++) {
         const item = note.items[i];
         const doneClass = item.done ? ' done' : '';
+        const agentStatus = (item.agent_status || '').toLowerCase();
+        const agentDoneClass = agentStatus === 'stream_complete' ? ' is-agent-stream-complete' : '';
+        const agentTitle = agentStatus === 'stream_complete'
+          ? 'Agent stream finished for this todo'
+          : (agentStatus === 'running' ? 'Agent is working on this todo' : 'Solve this todo with the agent');
+        const agentSessionAttr = item.agent_session_id ? ` data-session-id="${_esc(item.agent_session_id)}"` : '';
+        const agentMenuTitle = item.agent_session_title || `Agent: ${(item.text || '').slice(0, 40)}`;
         const indent = Math.min(item.indent || 0, 3);
         contentHtml += `<div class="note-checkbox${doneClass}" data-note-id="${note.id}" data-idx="${i}" style="padding-left:${indent * 16}px">
           <span class="note-check-dot" title="Mark done"></span>
           <span class="note-check-text">${_linkify(item.text)}</span>
+          <button class="note-checkbox-agent${agentDoneClass}" data-note-id="${note.id}" data-idx="${i}"${agentSessionAttr} data-agent-title="${_attrEsc(agentMenuTitle)}" title="${agentTitle}">
+            <svg width="10" height="10" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M12 8V4H8"/><rect x="4" y="8" width="16" height="12" rx="2"/><path d="M2 14h2M20 14h2M15 13v2M9 13v2"/></svg>
+          </button>
           <button class="note-checkbox-rm" data-note-id="${note.id}" data-idx="${i}" title="Delete item">
             <svg width="10" height="10" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.5" stroke-linecap="round"><line x1="18" y1="6" x2="6" y2="18"/><line x1="6" y1="6" x2="18" y2="18"/></svg>
           </button>
@@ -2152,7 +2159,7 @@ function _bindCardEvents(body) {
   // Click empty area of checklist preview (not on checkbox/X) — edit
   body.querySelectorAll('.note-checklist-preview').forEach(el => {
     el.addEventListener('click', (e) => {
-      if (e.target.closest('.note-checkbox, .note-checkbox-rm, .note-cl-quickadd, input')) return;
+      if (e.target.closest('.note-checkbox, .note-checkbox-rm, .note-checkbox-agent, .note-cl-quickadd, input')) return;
       e.stopPropagation();
       tapToEditOrSelect(el.closest('.note-card'));
     });
@@ -2178,7 +2185,7 @@ function _bindCardEvents(body) {
   // title / content preview triggered edit, so padding + empty gutters were
   // dead zones that felt broken on mobile.
   if (_isNotesMobileMode() && !_selectMode) {
-    const _INTERACTIVE = 'button, a, input, label, .note-card-color-dot, .note-checkbox, .note-checkbox-rm, .note-cl-quickadd, .note-agent-tag, .note-card-pin, .note-card-corner-trash, .note-card-corner-menu, .note-card-corner-unarchive, .note-card-edit-corner, .note-card-reminder, .note-card-cb';
+    const _INTERACTIVE = 'button, a, input, label, .note-card-color-dot, .note-checkbox, .note-checkbox-rm, .note-checkbox-agent, .note-cl-quickadd, .note-agent-tag, .note-card-pin, .note-card-corner-trash, .note-card-corner-menu, .note-card-corner-unarchive, .note-card-edit-corner, .note-card-reminder, .note-card-cb';
     body.querySelectorAll('.note-card').forEach(card => {
       card.addEventListener('click', (e) => {
         if (e.target.closest(_INTERACTIVE)) return;
@@ -2498,6 +2505,18 @@ function _bindCardEvents(body) {
     });
   });
 
+  // Per-item agent solve (hover button next to the X). Scoped to one todo
+  // item — uses the note title as context if present, but only the single
+  // item's text as the work. Mirrors the per-note _agentSolveNote pattern.
+  body.querySelectorAll('.note-checkbox-agent').forEach(btn => {
+    btn.addEventListener('click', (e) => {
+      e.preventDefault();
+      e.stopPropagation();
+      if (_selectMode) return;
+      _openTodoAgentMenu(btn);
+    });
+  });
+
   // Quick-add new checklist item (hover input at bottom of todo cards)
   body.querySelectorAll('.note-cl-quickadd-input').forEach(input => {
     input.addEventListener('click', (e) => e.stopPropagation());
@@ -4317,6 +4336,56 @@ function _openNoteCornerMenu(btn) {
   menu.querySelector('[data-act="agent"]').addEventListener('click', () => { menu.remove(); _agentSolveNote(id); });
 }
 
+function _positionNoteMenu(menu, btn, width = 196) {
+  document.body.appendChild(menu);
+  const r = btn.getBoundingClientRect();
+  let left = Math.min(r.right - width, window.innerWidth - width - 8);
+  left = Math.max(8, left);
+  const mh = menu.offsetHeight || 112;
+  const below = window.innerHeight - r.bottom;
+  const top = (below < mh + 8 && r.top > mh + 8) ? (r.top - mh - 4) : (r.bottom + 4);
+  menu.style.cssText += `position:fixed;z-index:11000;top:${Math.round(top)}px;left:${Math.round(left)}px;min-width:${width}px;`;
+  const close = (ev) => {
+    if (ev && menu.contains(ev.target)) return;
+    menu.remove();
+    document.removeEventListener('click', close, true);
+  };
+  setTimeout(() => document.addEventListener('click', close, true), 0);
+}
+
+function _openTodoAgentMenu(btn) {
+  document.querySelectorAll('.note-corner-menu-dropdown').forEach(d => d.remove());
+  const noteId = btn.dataset.noteId;
+  const idx = parseInt(btn.dataset.idx);
+  const sid = btn.dataset.sessionId || '';
+  const title = btn.dataset.agentTitle || 'Agent chat';
+  const menu = document.createElement('div');
+  menu.className = 'note-corner-menu-dropdown note-agent-item-menu';
+  menu.innerHTML = `
+    <div class="ncm-title">${_esc(title)}</div>
+    ${sid ? `<button type="button" class="ncm-item" data-act="open">
+      <svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M15 3h6v6"/><path d="M10 14L21 3"/><path d="M18 13v6a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2V8a2 2 0 0 1 2-2h6"/></svg>
+      <span>Open this agent chat</span>
+    </button>` : ''}
+    <button type="button" class="ncm-item" data-act="run">
+      <svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M12 8V4H8"/><rect x="4" y="8" width="16" height="12" rx="2"/><path d="M2 14h2M20 14h2M15 13v2M9 13v2"/></svg>
+      <span>${sid ? 'Run again for this todo' : 'Start agent for this todo'}</span>
+    </button>`;
+  _positionNoteMenu(menu, btn);
+  const openBtn = menu.querySelector('[data-act="open"]');
+  if (openBtn) {
+    openBtn.addEventListener('click', () => {
+      menu.remove();
+      const _sm = window.sessionModule;
+      if (sid && _sm && _sm.selectSession) { closePanel(); _sm.selectSession(sid); }
+    });
+  }
+  menu.querySelector('[data-act="run"]').addEventListener('click', () => {
+    menu.remove();
+    _agentSolveTodoItem(noteId, idx);
+  });
+}
+
 // Build the prompt the agent gets from a note: title + body, plus any
 // not-yet-done checklist items.
 function _noteToAgentPrompt(note) {
@@ -4328,7 +4397,7 @@ function _noteToAgentPrompt(note) {
       .forEach(it => parts.push('- ' + it.text.trim()));
   }
   const body = parts.join('\n');
-  return body ? `Help me get this done:\n\n${body}` : '';
+  return body ? `Help me get this done:\n\n${body}\n\nThe source note is read-only. Do not edit, replace, or update it.` : '';
 }
 
 // Agent-solve: create a chat session server-side, kick off an agent run
@@ -4370,6 +4439,7 @@ async function _agentSolveNote(id) {
     fd.append('message', prompt);
     fd.append('session', sid);
     fd.append('mode', 'agent');
+    fd.append('disabled_tools', JSON.stringify(['manage_notes']));
     fetch(`${API_BASE}/api/chat_stream`, { method: 'POST', credentials: 'same-origin', body: fd })
       .then(async (res) => {
         if (!res.ok || !res.body) return;
@@ -4388,6 +4458,86 @@ async function _agentSolveNote(id) {
   }
 }
 
+// Per-item version of _agentSolveNote. Scoped to a single checklist item;
+// the note title (if any) is included as context, but only this one item's
+// text is the work the agent is asked to do. agent_session_id is set on the
+// PARENT note (latest-wins) so the Agent tag still surfaces the most recent
+// run from this note — same UX as a per-note solve.
+async function _agentSolveTodoItem(noteId, idx) {
+  const note = _notes.find(n => n.id === noteId);
+  if (!note || !Array.isArray(note.items)) return;
+  const item = note.items[idx];
+  const itemText = (item && (item.text || '').trim()) || '';
+  if (!itemText) {
+    uiModule.showToast('Nothing to solve — item is empty');
+    return;
+  }
+  const titleCtx = (note.title || '').trim();
+  const prompt = titleCtx
+    ? `Context (from note "${titleCtx}").\n\nHelp me with this todo: ${itemText}\n\nThe source note is read-only. Do not edit, replace, or update it.`
+    : `Help me with this todo: ${itemText}\n\nThe source note is read-only. Do not edit, replace, or update it.`;
+  try {
+    const dc = await (await fetch(`${API_BASE}/api/default-chat`, { credentials: 'same-origin' })).json();
+    if (!dc.endpoint_url || !dc.model) { uiModule.showError('No default chat model configured'); return; }
+
+    const label = itemText.slice(0, 40);
+    const csFd = new FormData();
+    csFd.append('name', 'Agent: ' + label);
+    csFd.append('endpoint_url', dc.endpoint_url);
+    csFd.append('model', dc.model);
+    if (dc.endpoint_id) csFd.append('endpoint_id', dc.endpoint_id);
+    csFd.append('skip_validation', 'true');
+    const csRes = await fetch(`${API_BASE}/api/session`, { method: 'POST', credentials: 'same-origin', body: csFd });
+    if (!csRes.ok) { uiModule.showError('Could not create agent session'); return; }
+    const sess = await csRes.json();
+    const sid = sess.id;
+    const sessionTitle = 'Agent: ' + label;
+
+    const n = _notes.find(x => x.id === noteId);
+    if (n) {
+      n.agent_session_id = sid;
+      if (Array.isArray(n.items) && n.items[idx]) {
+        n.items[idx].agent_session_id = sid;
+        n.items[idx].agent_session_title = sessionTitle;
+        n.items[idx].agent_status = 'running';
+        n.items[idx].agent_stream_completed_at = '';
+      }
+    }
+    _renderNotes();
+    _patchNote(noteId, { items: n && Array.isArray(n.items) ? n.items : note.items, agent_session_id: sid }).catch(() => {});
+
+    const fd = new FormData();
+    fd.append('message', prompt);
+    fd.append('session', sid);
+    fd.append('mode', 'agent');
+    fd.append('disabled_tools', JSON.stringify(['manage_notes']));
+    fetch(`${API_BASE}/api/chat_stream`, { method: 'POST', credentials: 'same-origin', body: fd })
+      .then(async (res) => {
+        if (!res.ok || !res.body) return;
+        const reader = res.body.getReader();
+        while (true) { const { done } = await reader.read(); if (done) break; }
+        if (window.sessionModule && window.sessionModule.markStreamComplete) {
+          try { window.sessionModule.markStreamComplete(sid); } catch {}
+        }
+        const doneNote = _notes.find(x => x.id === noteId);
+        if (doneNote && Array.isArray(doneNote.items) && doneNote.items[idx]) {
+          doneNote.agent_session_id = sid;
+          doneNote.items[idx].agent_session_id = sid;
+          doneNote.items[idx].agent_session_title = sessionTitle;
+          doneNote.items[idx].agent_status = 'stream_complete';
+          doneNote.items[idx].agent_stream_completed_at = new Date().toISOString();
+          _renderNotes();
+          _patchNote(noteId, { items: doneNote.items, agent_session_id: sid }).catch(() => {});
+        }
+      })
+      .catch(() => {});
+
+    uiModule.showToast('Agent working on this item — tap the Agent tag when ready');
+  } catch (e) {
+    uiModule.showError('Agent failed: ' + (e.message || e));
+  }
+}
+
 async function _copyNote(noteId, btnEl) {
   const note = _notes.find(n => n.id === noteId);
   if (!note) return false;

From e442cc859def5d901e95c97833ae220afe2f18af Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Fri, 19 Jun 2026 00:35:02 +0000
Subject: [PATCH 15/22] Research panel: inline Library-link hint when there are
 no past runs (replaces the standalone past-research column)

---
 static/js/research/panel.js | 51 ++++++++++++++-----------------------
 1 file changed, 19 insertions(+), 32 deletions(-)

diff --git a/static/js/research/panel.js b/static/js/research/panel.js
index 3abf75fb1..8861dfddf 100644
--- a/static/js/research/panel.js
+++ b/static/js/research/panel.js
@@ -366,20 +366,13 @@ function _buildPanelHTML() {
     <div class="modal-body research-pane-body" data-no-swipe-dismiss>
       <div class="research-new-job">
         <div style="display:flex;align-items:center;gap:8px;margin-bottom:2px;">
-          <h2 style="margin:0;padding:0;line-height:1;display:inline-flex;align-items:center;gap:6px;"><svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="var(--accent, var(--red))" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" style="flex-shrink:0;"><path d="M6 18h8"/><path d="M3 22h18"/><path d="M14 22a7 7 0 1 0 0-14h-1"/><path d="M9 14h2"/><path d="M9 12a2 2 0 0 1-2-2V6h4v4a2 2 0 0 1-2 2Z"/><path d="M12 6V3a1 1 0 0 0-1-1H9a1 1 0 0 0-1 1v3"/></svg>Research <span id="research-stats" class="memory-count" style="font-size:0.6em;opacity:0.6;font-weight:normal;position:relative;top:4px;"></span></h2>
+          <h2 style="margin:0;padding:0;line-height:1;display:inline-flex;align-items:center;gap:6px;"><svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="var(--accent, var(--red))" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" style="flex-shrink:0;"><path d="M6 18h8"/><path d="M3 22h18"/><path d="M14 22a7 7 0 1 0 0-14h-1"/><path d="M9 14h2"/><path d="M9 12a2 2 0 0 1-2-2V6h4v4a2 2 0 0 1-2 2Z"/><path d="M12 6V3a1 1 0 0 0-1-1H9a1 1 0 0 0-1 1v3"/></svg>Research <span id="research-stats" class="memory-count" style="font-size:0.6em;opacity:0.6;font-weight:normal"></span></h2>
         </div>
         <p class="memory-desc doclib-desc" style="margin-top:2px;display:flex;align-items:center;gap:6px;flex-wrap:wrap;">
           <span>Multi-step web research with an LLM-in-the-loop agent</span>
-          <span id="research-no-past-hint" style="display:none;font-size:11px;opacity:0.7;position:relative;top:-4px;">— past runs in <button type="button" class="research-library-link" style="background:none;border:none;padding:0;font:inherit;color:var(--accent, var(--red));cursor:pointer;text-decoration:underline;">Library, Research</button></span>
+          <span id="research-no-past-hint" style="display:none;font:inherit;opacity:1;position:static;">— past runs in <button type="button" class="research-library-link" style="background:none;border:none;padding:0;font:inherit;color:var(--accent, var(--red));cursor:pointer;text-decoration:underline;">Library, Research</button></span>
         </p>
         <textarea id="research-query" class="research-query" placeholder="${_pickResearchHint()}" rows="4"></textarea>
-        <div class="research-category-row" id="research-category-row">
-          <button class="research-cat active" data-cat="" title="LLM auto-detects the best format">Auto</button>
-          <button class="research-cat" data-cat="product">Product</button>
-          <button class="research-cat" data-cat="comparison">Compare</button>
-          <button class="research-cat" data-cat="howto">How-to</button>
-          <button class="research-cat" data-cat="factcheck">Fact-check</button>
-        </div>
         <button id="research-settings-toggle" class="research-settings-toggle${chevronCls}">
           <svg width="12" height="12" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" style="vertical-align:-2px;margin-right:4px;opacity:0.85;flex-shrink:0;"><circle cx="12" cy="12" r="3"/><path d="M19.4 15a1.65 1.65 0 0 0 .33 1.82l.06.06a2 2 0 0 1 0 2.83 2 2 0 0 1-2.83 0l-.06-.06a1.65 1.65 0 0 0-1.82-.33 1.65 1.65 0 0 0-1 1.51V21a2 2 0 0 1-2 2 2 2 0 0 1-2-2v-.09A1.65 1.65 0 0 0 9 19.4a1.65 1.65 0 0 0-1.82.33l-.06.06a2 2 0 0 1-2.83 0 2 2 0 0 1 0-2.83l.06-.06a1.65 1.65 0 0 0 .33-1.82 1.65 1.65 0 0 0-1.51-1H3a2 2 0 0 1-2-2 2 2 0 0 1 2-2h.09A1.65 1.65 0 0 0 4.6 9a1.65 1.65 0 0 0-.33-1.82l-.06-.06a2 2 0 0 1 0-2.83 2 2 0 0 1 2.83 0l.06.06a1.65 1.65 0 0 0 1.82.33H9a1.65 1.65 0 0 0 1-1.51V3a2 2 0 0 1 2-2 2 2 0 0 1 2 2v.09a1.65 1.65 0 0 0 1 1.51 1.65 1.65 0 0 0 1.82-.33l.06-.06a2 2 0 0 1 2.83 0 2 2 0 0 1 0 2.83l-.06.06a1.65 1.65 0 0 0-.33 1.82V9a1.65 1.65 0 0 0 1.51 1H21a2 2 0 0 1 2 2 2 2 0 0 1-2 2h-.09a1.65 1.65 0 0 0-1.51 1z"/></svg>Settings<span class="research-settings-chevron">${_chevronIcon}</span>
         </button>
@@ -787,6 +780,21 @@ function _renderJobs() {
       +   '<span class="research-section-dot' + (dotPulse ? ' pulsing' : '') + '" style="background:' + dotColor + ';"></span>'
       +   '<svg class="research-section-chevron" width="12" height="12" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.5" stroke-linecap="round"><polyline points="6 9 12 15 18 9"/></svg>'
       + '</span>';
+    if (key === 'past') {
+      const hint = document.createElement('span');
+      hint.className = 'research-library-hint';
+      hint.innerHTML = '<span>Multi-step web research with an LLM-in-the-loop agent</span> <button type="button" class="research-library-link">Library, Research</button>';
+      hint.querySelector('.research-library-link').addEventListener('click', (e) => {
+        e.stopPropagation();
+        // Close the research panel first so the Library opens ABOVE it on mobile
+        // (otherwise it stacks under the full-screen panel).
+        closePanel();
+        if (window.documentModule && window.documentModule.openLibrary) {
+          window.documentModule.openLibrary({ tab: 'research' });
+        }
+      });
+      header.appendChild(hint);
+    }
     header.addEventListener('click', () => {
       const nowCollapsed = sec.classList.toggle('collapsed');
       if (nowCollapsed) _collapsedSections.add(key); else _collapsedSections.delete(key);
@@ -803,27 +811,6 @@ function _renderJobs() {
     });
     const body = document.createElement('div');
     body.className = 'research-section-body';
-    // Past Research header: link goes INLINE next to the title instead
-    // of on a second row. Append it to the title span as a small chip.
-    if (key === 'past') {
-      const titleEl = header.querySelector('.research-section-title');
-      if (titleEl) {
-        const hint = document.createElement('span');
-        hint.className = 'research-library-hint research-library-hint-inline';
-        hint.style.cssText = 'margin-left:8px;font-size:10.5px;opacity:0.65;font-weight:normal;';
-        hint.innerHTML = '— all in <button type="button" class="research-library-link" style="background:none;border:none;padding:0;font:inherit;color:var(--accent, var(--red));cursor:pointer;text-decoration:underline;">Library, Research</button>';
-        hint.querySelector('.research-library-link').addEventListener('click', (e) => {
-          e.stopPropagation();
-          // Close the research panel first so the Library opens ABOVE it on mobile
-          // (otherwise it stacks under the full-screen panel).
-          closePanel();
-          if (window.documentModule && window.documentModule.openLibrary) {
-            window.documentModule.openLibrary({ tab: 'research' });
-          }
-        });
-        titleEl.appendChild(hint);
-      }
-    }
     arr.forEach(j => body.appendChild(_buildJobCard(j)));
     sec.appendChild(header);
     sec.appendChild(body);
@@ -1014,9 +1001,9 @@ function _buildJobCard(job) {
       </div>
       ${failNote}
       <div class="research-job-actions">
-        <button class="research-job-action" data-action="copy" title="Copy report to clipboard">${_copyIcon}</button>
-        <button class="research-job-action" data-action="chat" title="Open follow-up chat with this research as context">${_chatIcon} Discuss</button>
         <button class="research-job-action research-job-action-report" data-action="report" title="Visual report">${_externalIcon} Visual Report</button>
+        <button class="research-job-action" data-action="chat" title="Open follow-up chat with this research as context">${_chatIcon} Discuss</button>
+        <button class="research-job-action research-job-action-dim" data-action="copy" title="Copy report to clipboard">${_copyIcon}</button>
         <button class="research-job-action research-job-action-dim" data-action="dismiss" title="Clear from list">${_cancelIcon}</button>
         <button class="research-job-action research-job-action-dim" data-action="delete" title="Delete from disk">${_trashIcon} Delete</button>
       </div>

From 8c46172e871d09d072b7cd2a70c00831735e81be Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Fri, 19 Jun 2026 00:35:08 +0000
Subject: [PATCH 16/22] Sidebar + theme: drop hamburger cycle no-op branch; add
 brandMixTo CSS var to themes for logo-gradient end color

---
 static/js/sidebar-layout.js | 11 +----------
 static/js/theme.js          |  4 +++-
 2 files changed, 4 insertions(+), 11 deletions(-)

diff --git a/static/js/sidebar-layout.js b/static/js/sidebar-layout.js
index 9135e93ba..44875825f 100644
--- a/static/js/sidebar-layout.js
+++ b/static/js/sidebar-layout.js
@@ -103,7 +103,6 @@ export function initSidebarLayout(Storage, opts) {
   });
 
   // Hamburger cycles: full sidebar → mini → off → full
-  // Shift-click swaps sidebar side
   let _userToggledSidebar = false;
   let _wasAutoCollapsed = false;
 
@@ -122,8 +121,7 @@ export function initSidebarLayout(Storage, opts) {
     if (window.innerWidth < 768 && cc && cc.classList.contains('compare-active')) return;
     _userToggledSidebar = true;
     // Optionally place the sidebar on a specific edge (the swipe gesture passes
-    // the direction). Persist it + re-anchor the doc panel, same as a
-    // shift-click on the hamburger.
+    // the direction). Persist it + re-anchor the doc panel.
     if (side === 'left' || side === 'right') {
       const wantRight = side === 'right';
       if (sidebar.classList.contains('right-side') !== wantRight) {
@@ -143,13 +141,6 @@ export function initSidebarLayout(Storage, opts) {
     hamburgerBtn.addEventListener('click', (e) => {
       e.stopPropagation();
       const sidebar = document.getElementById('sidebar');
-      if (e.shiftKey) {
-        sidebar.classList.toggle('right-side');
-        Storage.set(Storage.KEYS.SIDEBAR_SIDE, sidebar.classList.contains('right-side') ? 'right' : 'left');
-        syncRailSide();
-        if (documentModule && documentModule.swapSide) documentModule.swapSide();
-        return;
-      }
 
       _userToggledSidebar = true;
       const isSidebarVisible = !sidebar.classList.contains('hidden');
diff --git a/static/js/theme.js b/static/js/theme.js
index 0c7aa5882..77c74d07a 100644
--- a/static/js/theme.js
+++ b/static/js/theme.js
@@ -26,7 +26,7 @@ export const THEMES = {
   gpt:        { bg:'#212121', fg:'#ececec', panel:'#171717', border:'#424242', red:'#949494',
                 advanced: { sendBtnBg: '#949494', sendBtnHover: '#7f7f7f',
                             userBubbleBg: '#2f2f2f', aiBubbleBg: '#171717',
-                            inputBg: '#2f2f2f' } },
+                            inputBg: '#2f2f2f', brandColor: '#ffffff', brandMixTo: '#ffffff' } },
   claude:     { bg:'#262624', fg:'#f5f4f0', panel:'#30302e', border:'#4a4a47', red:'#c6613f' },
   cute:       { bg:'#fff0f5', fg:'#d4608a', panel:'#fff8fa', border:'#f0c0d0', red:'#ff6b9d' },
 };
@@ -184,6 +184,7 @@ const ADV_KEYS = [
   { key: 'bubbleBorder',       css: '--bubble-border',     label: 'Border Chat Bubble', group: 'Chat Bubbles' },
   { key: 'sidebarBg',          css: '--sidebar-bg',        label: 'Sidebar Bg',       group: 'Sidebar' },
   { key: 'brandColor',         css: '--brand-color',       label: 'Odysseus Logo',    group: 'Sidebar' },
+  { key: 'brandMixTo',         css: '--brand-mix-to',      label: 'Logo Gradient End', group: 'Sidebar' },
   { key: 'hamburgerColor',     css: '--hamburger-color',   label: 'Hamburger Menu',   group: 'Sidebar' },
   { key: 'inputBg',            css: '--input-bg',          label: 'Input Bg',         group: 'Chat Input / Prompt Area' },
   { key: 'inputBorder',        css: '--input-border',      label: 'Input Border',     group: 'Chat Input / Prompt Area' },
@@ -203,6 +204,7 @@ function computeAdvancedDefaults(colors) {
     bubbleBorder: colors.border,
     sidebarBg: colors.panel,
     brandColor: red,
+    brandMixTo: colors.fg,
     hamburgerColor: colors.fg,
     inputBg: colors.panel,
     inputBorder: colors.border,

From c5042149254fb310836e4885ccf786389809d2b6 Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Sun, 21 Jun 2026 11:02:35 +0000
Subject: [PATCH 17/22] Cookbook model workflow fixes

---
 routes/chat_helpers.py                        |  37 +-
 routes/chat_routes.py                         |  11 +-
 routes/cookbook_helpers.py                    |  19 +-
 routes/cookbook_routes.py                     | 212 +++-
 routes/email_helpers.py                       |  53 +-
 routes/email_routes.py                        | 204 +++-
 routes/hwfit_routes.py                        |  96 +-
 routes/model_routes.py                        |  11 +-
 routes/shell_routes.py                        |  58 +-
 src/agent_loop.py                             | 182 +++-
 src/agent_tools/web_tools.py                  |  44 +-
 src/builtin_actions.py                        |  98 +-
 src/endpoint_resolver.py                      |   3 +
 src/llm_core.py                               |   2 +
 src/task_endpoint.py                          |  66 +-
 src/task_scheduler.py                         |  45 +-
 src/tool_implementations.py                   |  31 +-
 static/icons/ollama-mark-crop.png             | Bin 0 -> 7498 bytes
 static/icons/ollama-mark.png                  | Bin 0 -> 7487 bytes
 static/icons/sglang-logo.png                  | Bin 0 -> 109100 bytes
 static/icons/sglang-mark.png                  | Bin 0 -> 2171 bytes
 static/index.html                             |   9 +-
 static/js/chat.js                             |  24 +-
 static/js/compare/index.js                    |  90 +-
 static/js/compare/stream.js                   |  31 +-
 static/js/compare/vote.js                     |   2 +-
 static/js/cookbook-hwfit.js                   |  12 -
 static/js/cookbook.js                         | 295 +++++-
 static/js/cookbookRunning.js                  |  79 +-
 static/js/cookbookServe.js                    | 935 +++++++++++++++---
 static/js/document.js                         | 159 ++-
 static/js/emailLibrary.js                     |  51 +-
 static/js/markdown.js                         |  25 +-
 static/js/modelPicker.js                      |  21 +
 static/js/tasks.js                            |  25 +-
 static/style.css                              | 520 +++++++++-
 tests/test_cookbook_cpu_only_serve.py         |  30 +
 tests/test_copy_message_strips_thinking_js.py |  21 +
 38 files changed, 3042 insertions(+), 459 deletions(-)
 create mode 100644 static/icons/ollama-mark-crop.png
 create mode 100644 static/icons/ollama-mark.png
 create mode 100644 static/icons/sglang-logo.png
 create mode 100644 static/icons/sglang-mark.png

diff --git a/routes/chat_helpers.py b/routes/chat_helpers.py
index 25f12d566..f030d6c91 100644
--- a/routes/chat_helpers.py
+++ b/routes/chat_helpers.py
@@ -22,6 +22,31 @@ from fastapi import HTTPException
 
 logger = logging.getLogger(__name__)
 
+_CASUAL_OPENING_RE = re.compile(
+    r"^\s*(?:h+i+|hey+|hello+|yo+|sup+|what'?s up|wass?up|hiya|howdy|"
+    r"lol|lmao|haha+|hehe+|thanks?|thank you|ty|idk|dunno|meh|bruh|bro)\b(?P<tail>.*)$",
+    re.IGNORECASE,
+)
+_CASUAL_BLOCKLIST_RE = re.compile(
+    r"\b(?:cookbook|serve|serving|launch|start|vllm|sglang|llama\.?cpp|ollama|"
+    r"download|model|email|document|doc|note|calendar|task|search|web|research|"
+    r"file|folder|repo|git|settings?|endpoint|api|token|mcp)\b",
+    re.IGNORECASE,
+)
+
+
+def _is_casual_low_signal(text: str) -> bool:
+    """Short greetings/slang should not pull memory, skills, RAG, or docs."""
+    s = str(text or "").strip()
+    m = _CASUAL_OPENING_RE.match(s)
+    if not m:
+        return False
+    tail = m.group("tail") or ""
+    if _CASUAL_BLOCKLIST_RE.search(tail):
+        return False
+    tail_words = re.findall(r"[A-Za-z0-9_'-]+", tail)
+    return len(tail_words) <= 2
+
 
 # ── Data containers ────────────────────────────────────────────────────── #
 
@@ -579,6 +604,7 @@ async def build_chat_context(
     # Resolve user prefs
     user = get_current_user(request)
     uprefs = load_prefs_for_user(user)
+    casual_low_signal = _is_casual_low_signal(message)
 
     # Memory enabled?
     mem_enabled = not incognito and not no_memory and uprefs.get("memory_enabled", True)
@@ -588,6 +614,9 @@ async def build_chat_context(
     if not allow_tool_preprocessing:
         mem_enabled = False
         skills_enabled = False
+    if casual_low_signal:
+        mem_enabled = False
+        skills_enabled = False
     logger.debug(
         "Memory enabled=%s for user=%s (incognito=%s, no_memory=%s, pref=%s)",
         mem_enabled, user, incognito, no_memory, uprefs.get("memory_enabled", "NOT_SET"),
@@ -603,11 +632,11 @@ async def build_chat_context(
 
     # Use RAG?
     use_rag_val = (str(use_rag).lower() != "false") if use_rag is not None else True
-    if incognito or not allow_tool_preprocessing or is_research_spinoff:
+    if incognito or not allow_tool_preprocessing or is_research_spinoff or casual_low_signal:
         use_rag_val = False
 
     # If pre-fetched search context was provided (compare mode), skip live web search
-    skip_web = bool(search_context) or not allow_tool_preprocessing
+    skip_web = bool(search_context) or not allow_tool_preprocessing or casual_low_signal
 
     # Build context preface
     # The stream path uses enhanced_message (with CoT/preprocessing applied),
@@ -626,7 +655,7 @@ async def build_chat_context(
         incognito=incognito,
         use_skills=skills_enabled,
     )
-    if use_rag is not None or is_research_spinoff:
+    if use_rag is not None or is_research_spinoff or casual_low_signal:
         _preface_kwargs["use_rag"] = use_rag_val
     preface, rag_sources, web_sources = chat_processor.build_context_preface(**_preface_kwargs)
 
@@ -634,7 +663,7 @@ async def build_chat_context(
     used_memories = getattr(chat_processor, '_last_used_memories', [])
 
     # Inject pre-fetched search context (compare mode)
-    if search_context and allow_tool_preprocessing:
+    if search_context and allow_tool_preprocessing and not casual_low_signal:
         preface.append(untrusted_context_message("prefetched search context", search_context))
 
     # YouTube transcripts
diff --git a/routes/chat_routes.py b/routes/chat_routes.py
index c33f7c2c7..0967667f1 100644
--- a/routes/chat_routes.py
+++ b/routes/chat_routes.py
@@ -826,7 +826,11 @@ def setup_chat_routes(
         from src.settings import get_setting
         _global_disabled = get_setting("disabled_tools", [])
         if _global_disabled and isinstance(_global_disabled, list):
-            disabled_tools.update(_global_disabled)
+            explicit_web_allowed = allow_web_search is not None and str(allow_web_search).lower() == "true"
+            if explicit_web_allowed:
+                disabled_tools.update(t for t in _global_disabled if t not in {"web_search", "web_fetch"})
+            else:
+                disabled_tools.update(_global_disabled)
 
         # Light auto-escalation: the user is in chat mode and just expressed a
         # notes/calendar/email intent. Grant the relevant managers but withhold
@@ -1256,6 +1260,10 @@ def setup_chat_routes(
                         _max_rounds = _DEFAULT_ROUNDS
                     _max_rounds = max(1, min(_max_rounds, 200))
 
+                    _forced_tools = None
+                    if allow_web_search is not None and str(allow_web_search).lower() == "true":
+                        _forced_tools = {"web_search", "web_fetch"}
+
                     async for chunk in stream_agent_loop(
                         sess.endpoint_url,
                         sess.model,
@@ -1277,6 +1285,7 @@ def setup_chat_routes(
                         plan_mode=plan_mode,
                         approved_plan=approved_plan or None,
                         workspace=workspace or None,
+                        forced_tools=_forced_tools,
                     ):
                         if chunk.startswith("data: ") and not chunk.startswith("data: [DONE]"):
                             try:
diff --git a/routes/cookbook_helpers.py b/routes/cookbook_helpers.py
index 3600a9ad1..bf1124933 100644
--- a/routes/cookbook_helpers.py
+++ b/routes/cookbook_helpers.py
@@ -964,18 +964,31 @@ def _append_llama_cpp_linux_accel_build_lines(runner_lines: list[str]) -> None:
     runner_lines.append('  fi  # end _odysseus_have_prebuilt guard')
 
 
-def _llama_cpp_rebuild_cmd() -> str:
+def _llama_cpp_rebuild_cmd(update_source: bool = False) -> str:
     """Shell command that clears the Cookbook-managed llama.cpp build.
 
     Removes the cached ``llama-server`` symlink and the ``~/llama.cpp/build*``
     directory so the next llama.cpp serve recompiles from source, picking up a
     CUDA or HIP toolchain if one is now available. The serve bootstrap only
     builds when ``llama-server`` is missing from PATH, so without this an
-    existing CPU-only build is reused forever. It deliberately installs and
-    downloads nothing; the rebuild itself happens on the next serve.
+    existing CPU-only build is reused forever. When ``update_source`` is true,
+    the command also fast-forwards the Cookbook-managed ``~/llama.cpp`` checkout
+    if it exists. The rebuild itself happens on the next serve.
     """
+    update_cmd = ''
+    if update_source:
+        update_cmd = (
+            'if [ -d "$HOME/llama.cpp/.git" ]; then '
+            'git -C "$HOME/llama.cpp" pull --ff-only --depth 1 || '
+            'echo "[odysseus] WARNING: llama.cpp source update failed; clearing cached build anyway."; '
+            'elif command -v git >/dev/null 2>&1; then '
+            'git clone --depth 1 https://github.com/ggml-org/llama.cpp "$HOME/llama.cpp" || '
+            'echo "[odysseus] WARNING: llama.cpp clone failed; clearing cached build anyway."; '
+            'fi && '
+        )
     return (
         'mkdir -p "$HOME/bin" && '
+        f'{update_cmd}'
         'rm -f "$HOME/bin/llama-server" && '
         'rm -rf "$HOME/llama.cpp/build" "$HOME/llama.cpp/build-vulkan" && '
         'echo "[odysseus] Cleared the cached llama.cpp build. '
diff --git a/routes/cookbook_routes.py b/routes/cookbook_routes.py
index 0bd38d19f..0d8257574 100644
--- a/routes/cookbook_routes.py
+++ b/routes/cookbook_routes.py
@@ -273,6 +273,78 @@ def setup_cookbook_routes() -> APIRouter:
     def _load_stored_hf_token() -> str:
         return load_stored_hf_token(state_path=_cookbook_state_path)
 
+    def _normalize_minimax_m3_vllm_cmd(cmd: str) -> str:
+        """Patch MiniMax M3 vLLM launches into the known-good local form.
+
+        The browser form can be stale or omit advanced-only fields. MiniMax M3
+        is sensitive to several flags: using the HF repo id with block-size 128
+        fails KV-cache setup, and FlashInfer sampler JIT fails on this host's
+        system nvcc. Normalize server-side before writing the tmux runner.
+        """
+        if not cmd or "vllm serve" not in cmd or not re.search(r"minimax.*m3", cmd, re.I):
+            return cmd
+        try:
+            parts = shlex.split(cmd)
+        except ValueError:
+            return cmd
+        if "serve" not in parts:
+            return cmd
+
+        env_re = re.compile(r"^[A-Za-z_][A-Za-z0-9_]*=")
+        env_parts = [p for p in parts if env_re.match(p)]
+        body = [p for p in parts if not env_re.match(p)]
+        try:
+            serve_i = body.index("serve")
+        except ValueError:
+            return cmd
+        if serve_i + 1 >= len(body):
+            return cmd
+
+        repo_id = "cyankiwi/MiniMax-M3-AWQ-INT4"
+        snapshot = (
+            "/home/pewds/.cache/huggingface/hub/"
+            "models--cyankiwi--MiniMax-M3-AWQ-INT4/"
+            "snapshots/4082acbbec1236d21828d55b6bb0fe02ade4ab5b"
+        )
+        if body[serve_i + 1] == repo_id:
+            body[serve_i + 1] = snapshot
+
+        def add_env(key: str, value: str) -> None:
+            if not any(p.startswith(f"{key}=") for p in env_parts):
+                env_parts.append(f"{key}={value}")
+
+        def has_flag(flag: str) -> bool:
+            return any(p == flag or p.startswith(flag + "=") for p in body)
+
+        def set_flag(flag: str, value: str) -> None:
+            for i, part in enumerate(body):
+                if part == flag:
+                    if i + 1 < len(body):
+                        body[i + 1] = value
+                    else:
+                        body.append(value)
+                    return
+                if part.startswith(flag + "="):
+                    body[i] = f"{flag}={value}"
+                    return
+            body.extend([flag, value])
+
+        def add_bool(flag: str) -> None:
+            if not has_flag(flag):
+                body.append(flag)
+
+        add_env("VLLM_TARGET_DEVICE", "cuda")
+        add_env("VLLM_USE_FLASHINFER_SAMPLER", "0")
+        set_flag("--served-model-name", repo_id)
+        set_flag("--tool-call-parser", "minimax_m3")
+        set_flag("--reasoning-parser", "minimax_m3")
+        set_flag("--attention-backend", "TRITON_ATTN")
+        set_flag("--block-size", "128")
+        add_bool("--language-model-only")
+        add_bool("--disable-custom-all-reduce")
+        add_bool("--enable-expert-parallel")
+        return shlex.join(env_parts + body)
+
     def _cookbook_ssh_dir() -> Path:
         # The Docker image keeps cookbook keys under /app/.ssh; that path only
         # exists inside the container. On Windows (and any non-container host)
@@ -1249,6 +1321,7 @@ def setup_cookbook_routes() -> APIRouter:
         # `TypeError: argument of type 'NoneType'` (a 500 instead of a clean 400).
         req.cmd = _validate_serve_cmd(req.cmd) or ""
         req.cmd = _normalize_llama_cpp_python_cache_types(req.cmd) or ""
+        req.cmd = _normalize_minimax_m3_vllm_cmd(req.cmd)
         req.cmd = _venv_safe_local_pip_install_cmd(
             req.cmd,
             local=not bool(req.remote_host),
@@ -1579,6 +1652,96 @@ def setup_cookbook_routes() -> APIRouter:
                 runner_lines.append('  echo "ERROR: vLLM is not installed."')
                 runner_lines.append('  ODYSSEUS_PREFLIGHT_EXIT=127')
                 runner_lines.append('fi')
+                runner_lines.append(f"ODYSSEUS_SERVE_CMD='{_bash_squote(req.cmd)}'")
+                runner_lines.append('if [ -z "$ODYSSEUS_PREFLIGHT_EXIT" ]; then')
+                runner_lines.append('  ODYSSEUS_VLLM_HELP_CMD="$(python3 - "$ODYSSEUS_SERVE_CMD" <<\'PY\'')
+                runner_lines.append('import shlex, sys')
+                runner_lines.append('parts = shlex.split(sys.argv[1])')
+                runner_lines.append('try:')
+                runner_lines.append('    serve_i = parts.index("serve")')
+                runner_lines.append('except ValueError:')
+                runner_lines.append('    print("vllm serve --help")')
+                runner_lines.append('else:')
+                runner_lines.append('    print(shlex.join(parts[:serve_i + 1] + ["--help"]))')
+                runner_lines.append('PY')
+                runner_lines.append(')"')
+                runner_lines.append('  ODYSSEUS_VLLM_SUPPORTS_SWAP=0')
+                runner_lines.append('  if eval "$ODYSSEUS_VLLM_HELP_CMD" 2>&1 | grep -q -- "--swap-space"; then ODYSSEUS_VLLM_SUPPORTS_SWAP=1; fi')
+                runner_lines.append('fi')
+                runner_lines.append('if [ -z "$ODYSSEUS_PREFLIGHT_EXIT" ] && [ "${ODYSSEUS_VLLM_SUPPORTS_SWAP:-0}" = "1" ] && ! printf "%s" "$ODYSSEUS_SERVE_CMD" | grep -q -- "--swap-space"; then')
+                runner_lines.append('  echo "[odysseus] Setting vLLM --swap-space 0 so the runtime does not reserve CPU swap per GPU."')
+                runner_lines.append('  ODYSSEUS_SERVE_CMD="${ODYSSEUS_SERVE_CMD} --swap-space 0"')
+                runner_lines.append('fi')
+                runner_lines.append('if [ -z "$ODYSSEUS_PREFLIGHT_EXIT" ] && [ "${ODYSSEUS_VLLM_SUPPORTS_SWAP:-0}" != "1" ]; then')
+                runner_lines.append('  if printf "%s" "$ODYSSEUS_SERVE_CMD" | grep -q -- "--swap-space"; then')
+                runner_lines.append('    echo "[odysseus] vLLM serve does not expose --swap-space; removing the flag and patching the runtime default to 0."')
+                runner_lines.append('    ODYSSEUS_SERVE_CMD="$(python3 - "$ODYSSEUS_SERVE_CMD" <<\'PY\'')
+                runner_lines.append('import shlex, sys')
+                runner_lines.append('parts = shlex.split(sys.argv[1])')
+                runner_lines.append('out = []')
+                runner_lines.append('skip = False')
+                runner_lines.append('for part in parts:')
+                runner_lines.append('    if skip:')
+                runner_lines.append('        skip = False')
+                runner_lines.append('        continue')
+                runner_lines.append('    if part == "--swap-space":')
+                runner_lines.append('        skip = True')
+                runner_lines.append('        continue')
+                runner_lines.append('    if part.startswith("--swap-space="):')
+                runner_lines.append('        continue')
+                runner_lines.append('    out.append(part)')
+                runner_lines.append('print(shlex.join(out))')
+                runner_lines.append('PY')
+                runner_lines.append(')"')
+                runner_lines.append('  fi')
+                runner_lines.append('  ODYSSEUS_SERVE_CMD="$(python3 - "$ODYSSEUS_SERVE_CMD" <<\'PY\'')
+                runner_lines.append('import shlex, sys')
+                runner_lines.append('parts = shlex.split(sys.argv[1])')
+                runner_lines.append('patch = r"""import inspect, sys')
+                runner_lines.append('from vllm.engine.arg_utils import EngineArgs, AsyncEngineArgs')
+                runner_lines.append('def _odysseus_swap0(cls):')
+                runner_lines.append('    params = list(inspect.signature(cls).parameters)')
+                runner_lines.append('    if "swap_space" not in params:')
+                runner_lines.append('        return')
+                runner_lines.append('    idx = params.index("swap_space")')
+                runner_lines.append('    defaults = list(cls.__init__.__defaults__ or ())')
+                runner_lines.append('    if idx < len(defaults):')
+                runner_lines.append('        defaults[idx] = 0')
+                runner_lines.append('        cls.__init__.__defaults__ = tuple(defaults)')
+                runner_lines.append('    fields = getattr(cls, "__dataclass_fields__", {})')
+                runner_lines.append('    if "swap_space" in fields:')
+                runner_lines.append('        fields["swap_space"].default = 0')
+                runner_lines.append('_odysseus_swap0(EngineArgs)')
+                runner_lines.append('_odysseus_swap0(AsyncEngineArgs)')
+                runner_lines.append('try:')
+                runner_lines.append('    from vllm.config import CacheConfig')
+                runner_lines.append('    CacheConfig.swap_space = 0')
+                runner_lines.append('except Exception:')
+                runner_lines.append('    pass')
+                runner_lines.append('_orig_create_engine_config = EngineArgs.create_engine_config')
+                runner_lines.append('def _odysseus_create_engine_config(self, *args, **kwargs):')
+                runner_lines.append('    self.swap_space = 0')
+                runner_lines.append('    return _orig_create_engine_config(self, *args, **kwargs)')
+                runner_lines.append('EngineArgs.create_engine_config = _odysseus_create_engine_config')
+                runner_lines.append('AsyncEngineArgs.create_engine_config = _odysseus_create_engine_config')
+                runner_lines.append('from vllm.entrypoints.cli.main import main')
+                runner_lines.append('sys.exit(main())"""')
+                runner_lines.append('try:')
+                runner_lines.append('    serve_i = parts.index("serve")')
+                runner_lines.append('except ValueError:')
+                runner_lines.append('    print(shlex.join(parts))')
+                runner_lines.append('else:')
+                runner_lines.append('    exe_i = serve_i - 1')
+                runner_lines.append('    exe = parts[exe_i] if exe_i >= 0 else "vllm"')
+                runner_lines.append('    py = "python3"')
+                runner_lines.append('    if exe.endswith("/bin/vllm"):')
+                runner_lines.append('        py = exe[:-len("/bin/vllm")] + "/bin/python"')
+                runner_lines.append('    parts[exe_i:serve_i] = [py, "-c", patch]')
+                runner_lines.append('    print(shlex.join(parts))')
+                runner_lines.append('PY')
+                runner_lines.append(')"')
+                runner_lines.append('  echo "[odysseus] Patched vLLM internal swap_space default to 0 for this runtime."')
+                runner_lines.append('fi')
             elif "sglang.launch_server" in req.cmd:
                 runner_lines.append('export PATH="$HOME/.local/bin:$PATH"')
                 runner_lines.append('if ! command -v sglang &>/dev/null; then')
@@ -1620,7 +1783,10 @@ def setup_cookbook_routes() -> APIRouter:
                     runner_lines,
                     keep_shell_open=not local_windows,
                 )
-                runner_lines.append(req.cmd)
+                if "vllm serve" in req.cmd:
+                    runner_lines.append('eval "$ODYSSEUS_SERVE_CMD"')
+                else:
+                    runner_lines.append(req.cmd)
                 if local_windows:
                     # Detached background process — no interactive shell to keep open.
                     # Print the exit marker the status poller looks for, then stop.
@@ -2418,16 +2584,14 @@ def setup_cookbook_routes() -> APIRouter:
             # Add 30% headroom for KV cache, activations, etc.
             needed_vram = (est_vram * 1.3) if est_vram else None
 
-            if vram_gb > 0 and needed_vram is not None and needed_vram > vram_gb:
-                continue
-            # Unknown-size models (e.g. MiniMax-M2.7, DeepSeek-V4-Flash) have no
-            # "NB" in the repo id, so the regex above can't extract their
-            # param count. Previously we dropped them entirely, which made
-            # brand-new flagship releases silently vanish from this list even
-            # on rigs with hundreds of GB of VRAM. Adapters/LoRAs are already
-            # filtered by _is_excluded(), so what falls through here is
-            # overwhelmingly full models — keep them, just without a size
-            # badge (the frontend handles needed_vram_gb=null gracefully).
+            if vram_gb > 0:
+                if needed_vram is None:
+                    # The "trending models that fit" list must be conservative:
+                    # if we cannot estimate size from the repo id/tags, do not
+                    # present it as runnable on this hardware.
+                    continue
+                if needed_vram > vram_gb:
+                    continue
 
             out.append({
                 "repo_id": repo_id,
@@ -2624,6 +2788,32 @@ def setup_cookbook_routes() -> APIRouter:
             except Exception as e:
                 logger.warning(f"orphan sweep: state write failed: {e}")
 
+    @router.get("/api/cookbook/hf-gguf-files")
+    async def hf_gguf_files(repo_id: str, owner: str = Depends(require_user)):
+        """List GGUF files in a HuggingFace repo for the direct-download picker."""
+        import httpx
+
+        repo_id = _validate_repo_id(repo_id)
+        url = f"https://huggingface.co/api/models/{repo_id}"
+        try:
+            headers = {}
+            token = _load_stored_hf_token()
+            if token:
+                headers["Authorization"] = f"Bearer {token}"
+            async with httpx.AsyncClient(timeout=15, follow_redirects=True) as client:
+                resp = await client.get(url, headers=headers)
+                if resp.status_code != 200:
+                    return {"ok": False, "files": [], "error": f"HF API HTTP {resp.status_code}"}
+                data = resp.json()
+        except Exception as e:
+            return {"ok": False, "files": [], "error": str(e)}
+        files = [
+            str(s.get("rfilename") or "")
+            for s in data.get("siblings", [])
+            if str(s.get("rfilename") or "").lower().endswith(".gguf")
+        ]
+        return {"ok": True, "repo_id": repo_id, "files": files}
+
     # In-memory cache for the Ollama library scrape. ollama.com is a public
     # site, but it doesn't expose a stable JSON listing — we fetch the HTML
     # search page and regex out the model cards. Cached for 1 h so a busy
diff --git a/routes/email_helpers.py b/routes/email_helpers.py
index b3df6a560..a054f4df8 100644
--- a/routes/email_helpers.py
+++ b/routes/email_helpers.py
@@ -1109,22 +1109,30 @@ def _list_attachments_from_msg(msg):
         return attachments
     idx = 0
     for part in msg.walk():
-        if part.is_multipart():
-            continue
         cd = str(part.get("Content-Disposition", ""))
         ct = part.get_content_type()
+        is_attached_email = ct == "message/rfc822" and ("attachment" in cd.lower() or part.get_filename())
+        if part.is_multipart() and not is_attached_email:
+            continue
         # Skip text/html body parts (only consider real attachments)
         if ct in ("text/plain", "text/html") and "attachment" not in cd:
             continue
         filename = part.get_filename()
         if filename:
             filename = _decode_header(filename)
+            if ct == "message/rfc822" and not re.search(r"\.[A-Za-z0-9]{1,8}$", filename):
+                filename = f"{filename}.eml"
         else:
             # Inline images, etc. - generate a name
-            ext = ct.split("/")[-1] if "/" in ct else "bin"
+            ext = "eml" if ct == "message/rfc822" else (ct.split("/")[-1] if "/" in ct else "bin")
             filename = f"attachment_{idx}.{ext}"
         payload = part.get_payload(decode=True)
-        size = len(payload) if payload else 0
+        if payload is None and ct == "message/rfc822":
+            try:
+                payload = part.as_bytes()
+            except Exception:
+                payload = b""
+        size = len(payload) if payload is not None else 0
         attachments.append({
             "index": idx,
             "filename": filename,
@@ -1136,29 +1144,58 @@ def _list_attachments_from_msg(msg):
     return attachments
 
 
+def _is_likely_signature_image_attachment(att: dict) -> bool:
+    """Match the reader's inline signature/logo image filter."""
+    filename = str((att or {}).get("filename") or "").lower()
+    if not re.search(r"\.(png|jpe?g|gif|bmp|svg|webp)$", filename):
+        return False
+    size = int((att or {}).get("size") or 0)
+    if re.search(r"^image\d{3,}\.(png|jpe?g|gif)$", filename):
+        return True
+    if re.search(r"^(signature|logo|sig|footer|banner)[-_\d]*\.(png|jpe?g|gif|svg)$", filename):
+        return True
+    return 0 < size < 30 * 1024
+
+
+def _has_visible_attachments(msg) -> bool:
+    """Return True only for attachments the reader will render as chips."""
+    return any(
+        not _is_likely_signature_image_attachment(att)
+        for att in _list_attachments_from_msg(msg)
+    )
+
+
 def _extract_attachment_to_disk(msg, index, target_dir):
     """Extract a specific attachment to disk and return the file path."""
     if not msg.is_multipart():
         return None
     idx = 0
     for part in msg.walk():
-        if part.is_multipart():
-            continue
         cd = str(part.get("Content-Disposition", ""))
         ct = part.get_content_type()
+        is_attached_email = ct == "message/rfc822" and ("attachment" in cd.lower() or part.get_filename())
+        if part.is_multipart() and not is_attached_email:
+            continue
         if ct in ("text/plain", "text/html") and "attachment" not in cd:
             continue
         if idx == index:
             filename = part.get_filename()
             if filename:
                 filename = _decode_header(filename)
+                if ct == "message/rfc822" and not re.search(r"\.[A-Za-z0-9]{1,8}$", filename):
+                    filename = f"{filename}.eml"
             else:
-                ext = ct.split("/")[-1] if "/" in ct else "bin"
+                ext = "eml" if ct == "message/rfc822" else (ct.split("/")[-1] if "/" in ct else "bin")
                 filename = f"attachment_{idx}.{ext}"
             # Sanitize
             safe_name = re.sub(r"[^\w\s\-.]", "_", filename).strip()
             payload = part.get_payload(decode=True)
-            if not payload:
+            if payload is None and ct == "message/rfc822":
+                try:
+                    payload = part.as_bytes()
+                except Exception:
+                    payload = b""
+            if payload is None:
                 return None
             target_dir.mkdir(parents=True, exist_ok=True)
             filepath = target_dir / safe_name
diff --git a/routes/email_routes.py b/routes/email_routes.py
index 416ad55b2..81d2b7330 100644
--- a/routes/email_routes.py
+++ b/routes/email_routes.py
@@ -44,7 +44,7 @@ from routes.email_helpers import (
     _send_smtp_message, _smtp_security_mode,
     _IMAP_TIMEOUT_SECONDS, _open_imap_connection,
     _imap_connect, _imap, _decode_header, _detect_sent_folder, _detect_drafts_folder,
-    _extract_attachment_text, _list_attachments_from_msg,
+    _extract_attachment_text, _list_attachments_from_msg, _has_visible_attachments, _is_likely_signature_image_attachment,
     _extract_attachment_to_disk, _extract_html, _extract_text,
     _fetch_sender_thread_context, _pre_retrieve_context,
     _EMAIL_REPLY_SYS_PROMPT_BASE, _POOL_HOOKS,
@@ -58,6 +58,7 @@ from routes.email_pollers import _start_poller
 logger = logging.getLogger(__name__)
 
 ODYSSEUS_MAIL_ORIGIN = "odysseus-ui"
+EMAIL_READ_ATTACHMENT_VERSION = 2
 
 
 def _email_tag_owner_aliases(account_id: str | None, owner: str = "") -> list[str]:
@@ -244,6 +245,21 @@ def _imap_uid_fetch(conn, uid_set: str | bytes, query: str):
     return conn.uid("FETCH", _uid_bytes(uid_set), query)
 
 
+def _imap_search_quote(value: str) -> str:
+    return '"' + str(value or "").replace("\\", "\\\\").replace('"', '\\"') + '"'
+
+
+def _message_id_chain(*values: str) -> list[str]:
+    seen = set()
+    out = []
+    for value in values:
+        for mid in re.findall(r"<[^>]+>", value or ""):
+            if mid not in seen:
+                seen.add(mid)
+                out.append(mid)
+    return out
+
+
 def _uid_from_fetch_meta(meta_b: bytes) -> str:
     m = re.search(rb"\bUID\s+(\d+)\b", meta_b)
     return m.group(1).decode() if m else ""
@@ -1003,6 +1019,65 @@ def setup_email_routes():
                 except Exception:
                     pass
 
+    def _related_thread_attachments_sync(
+        folder: str,
+        account_id: str | None,
+        owner: str,
+        current_uid: str,
+        current_message_id: str,
+        in_reply_to: str,
+        references: str,
+        limit: int = 12,
+    ) -> list[dict]:
+        """Return visible attachments from referenced messages in this folder."""
+        wanted_ids = _message_id_chain(references, in_reply_to)
+        current_mid = (current_message_id or "").strip()
+        wanted_ids = [mid for mid in wanted_ids if mid and mid != current_mid]
+        if not wanted_ids:
+            return []
+
+        related: list[dict] = []
+        try:
+            with _imap(account_id, owner=owner) as conn:
+                conn.select(_q(folder), readonly=True)
+                # Search newest referenced messages first; cap work so opening
+                # a long thread stays bounded.
+                for mid in reversed(wanted_ids[-10:]):
+                    if len(related) >= limit:
+                        break
+                    status, data = _imap_uid_search(conn, f'(HEADER Message-ID {_imap_search_quote(mid)})')
+                    if status != "OK" or not data or not data[0]:
+                        continue
+                    for uid_b in reversed(data[0].split()[-3:]):
+                        source_uid = uid_b.decode(errors="ignore")
+                        if not source_uid or source_uid == str(current_uid):
+                            continue
+                        st2, msg_data = _imap_uid_fetch(conn, source_uid, "(BODY.PEEK[])")
+                        if st2 != "OK" or not msg_data or not isinstance(msg_data[0], tuple):
+                            continue
+                        msg = email_mod.message_from_bytes(msg_data[0][1])
+                        source_from = _decode_header(msg.get("From", ""))
+                        source_subject = _decode_header(msg.get("Subject", ""))
+                        source_date = msg.get("Date", "")
+                        for att in _list_attachments_from_msg(msg):
+                            if _is_likely_signature_image_attachment(att):
+                                continue
+                            enriched = dict(att)
+                            enriched.update({
+                                "source_uid": source_uid,
+                                "source_folder": folder,
+                                "source_message_id": (msg.get("Message-ID") or "").strip(),
+                                "source_from": source_from,
+                                "source_subject": source_subject,
+                                "source_date": source_date,
+                            })
+                            related.append(enriched)
+                            if len(related) >= limit:
+                                break
+        except Exception as e:
+            logger.debug(f"related thread attachment lookup failed uid={current_uid}: {e}")
+        return related
+
     @router.get("/list")
     async def list_emails(
         folder: str = Query("INBOX"),
@@ -1273,6 +1348,17 @@ def setup_email_routes():
             sender_name, sender_addr = email.utils.parseaddr(sender)
             parsed_date = email.utils.parsedate_to_datetime(date_str) if date_str else None
             attachments = _list_attachments_from_msg(msg)
+            related_attachments = []
+            if not _has_visible_attachments(msg):
+                related_attachments = _related_thread_attachments_sync(
+                    folder,
+                    account_id,
+                    owner,
+                    uid,
+                    message_id,
+                    in_reply_to,
+                    references,
+                )
 
             if mark_seen:
                 # Set \Seen in a separate readwrite session so concurrent reads
@@ -1381,6 +1467,8 @@ def setup_email_routes():
                 "body": body,
                 "body_html": body_html,
                 "attachments": attachments,
+                "related_attachments": related_attachments,
+                "attachment_version": EMAIL_READ_ATTACHMENT_VERSION,
                 "cached_summary": cached_summary,
                 "cached_ai_reply": cached_ai_reply,
                 "boundaries": cached_boundaries,
@@ -1411,6 +1499,12 @@ def setup_email_routes():
         """Read email body. Cached for 30m, sync IMAP work runs in a thread."""
         ck = _read_cache_key(account_id, folder, uid, owner=owner)
         cached = _read_cache_get(ck)
+        if cached is not None:
+            # Older cached read responses lack the thread-attachment fallback.
+            # Fetch once so replies that reference prior attachments can show
+            # those files without waiting for cache expiry.
+            if cached.get("attachment_version") != EMAIL_READ_ATTACHMENT_VERSION:
+                cached = None
         if cached is not None:
             if mark_seen:
                 try:
@@ -1599,6 +1693,65 @@ def setup_email_routes():
                     return None
             doc_session_id = _resolve_doc_session()
 
+            def _create_markdown_doc(content: str, summary: str):
+                from src.database import SessionLocal as _SL, Document as _Doc, DocumentVersion as _DV
+                doc_id = str(uuid.uuid4())
+                ver_id = str(uuid.uuid4())
+                _db = _SL()
+                try:
+                    _db.query(_Doc).filter(_Doc.is_active == True).update({"is_active": False})
+                    _db.add(_Doc(
+                        id=doc_id, session_id=doc_session_id, title=title,
+                        language="markdown", current_content=content,
+                        version_count=1, is_active=True,
+                    ))
+                    _db.add(_DV(
+                        id=ver_id, document_id=doc_id, version_number=1,
+                        content=content, summary=summary, source="upload",
+                    ))
+                    _db.commit()
+                finally:
+                    _db.close()
+                _tag_doc_with_source(doc_id)
+                return doc_id
+
+            def _attached_email_markdown(path):
+                raw_bytes = path.read_bytes()
+                if not raw_bytes:
+                    return f"# Attached email: {base}\n\n_(empty email attachment)_"
+                try:
+                    attached_msg = email_mod.message_from_bytes(raw_bytes)
+                except Exception as e:
+                    return f"# Attached email: {base}\n\nCould not parse this email attachment: {e}"
+
+                attached_subject = _decode_header(attached_msg.get("Subject", "")) or base
+                attached_from = _decode_header(attached_msg.get("From", ""))
+                attached_to = _decode_header(attached_msg.get("To", ""))
+                attached_cc = _decode_header(attached_msg.get("Cc", ""))
+                attached_date = attached_msg.get("Date", "")
+                attached_body = _extract_text(attached_msg).strip()
+                attached_atts = _list_attachments_from_msg(attached_msg)
+
+                lines = [f"# Attached email: {attached_subject}", ""]
+                if attached_from:
+                    lines.append(f"**From:** {attached_from}")
+                if attached_to:
+                    lines.append(f"**To:** {attached_to}")
+                if attached_cc:
+                    lines.append(f"**Cc:** {attached_cc}")
+                if attached_date:
+                    lines.append(f"**Date:** {attached_date}")
+                lines.extend(["", "## Body", "", attached_body or "_(no readable body)_"])
+                if attached_atts:
+                    lines.extend(["", "## Attachments", ""])
+                    for att in attached_atts:
+                        size = int(att.get("size") or 0)
+                        size_label = f"{size} B" if size < 1024 else f"{round(size / 1024)} KB"
+                        name = att.get("filename") or f"attachment_{att.get('index', '')}"
+                        ctype = att.get("content_type") or "application/octet-stream"
+                        lines.append(f"- {name} ({ctype}, {size_label})")
+                return "\n".join(lines).strip()
+
             # ── PDF path (existing) ────────────────────────────────────
             if ext == ".pdf":
                 import shutil as _shutil
@@ -1645,6 +1798,15 @@ def setup_email_routes():
                 _tag_doc_with_source(doc_id)
                 return {"doc_id": doc_id, "filename": filepath.name}
 
+            # ── Attached email (.eml / message/rfc822) ────────────────
+            if ext == ".eml":
+                try:
+                    content = _attached_email_markdown(filepath)
+                except Exception as e:
+                    return {"error": f"Failed to read email attachment: {e}", "filename": base}
+                doc_id = _create_markdown_doc(content, "Imported attached email")
+                return {"doc_id": doc_id, "filename": filepath.name}
+
             # ── DOCX path: extract text → markdown document ───────────
             if ext == ".docx":
                 try:
@@ -1682,25 +1844,7 @@ def setup_email_routes():
                     lines.append("")
                 content = "\n".join(lines).strip() or f"_(empty {base})_"
 
-                from src.database import SessionLocal as _SL, Document as _Doc, DocumentVersion as _DV
-                doc_id = str(uuid.uuid4())
-                ver_id = str(uuid.uuid4())
-                _db = _SL()
-                try:
-                    _db.query(_Doc).filter(_Doc.is_active == True).update({"is_active": False})
-                    _db.add(_Doc(
-                        id=doc_id, session_id=doc_session_id, title=title,
-                        language="markdown", current_content=content,
-                        version_count=1, is_active=True,
-                    ))
-                    _db.add(_DV(
-                        id=ver_id, document_id=doc_id, version_number=1,
-                        content=content, summary="Imported from DOCX", source="upload",
-                    ))
-                    _db.commit()
-                finally:
-                    _db.close()
-                _tag_doc_with_source(doc_id)
+                doc_id = _create_markdown_doc(content, "Imported from DOCX")
                 return {"doc_id": doc_id, "filename": filepath.name}
 
             # ── Plain text / markdown ────────────────────────────────
@@ -1709,25 +1853,7 @@ def setup_email_routes():
                     content = filepath.read_text(encoding="utf-8", errors="replace")
                 except Exception as e:
                     return {"error": f"Failed to read text file: {e}", "filename": base}
-                from src.database import SessionLocal as _SL, Document as _Doc, DocumentVersion as _DV
-                doc_id = str(uuid.uuid4())
-                ver_id = str(uuid.uuid4())
-                _db = _SL()
-                try:
-                    _db.query(_Doc).filter(_Doc.is_active == True).update({"is_active": False})
-                    _db.add(_Doc(
-                        id=doc_id, session_id=doc_session_id, title=title,
-                        language="markdown", current_content=content,
-                        version_count=1, is_active=True,
-                    ))
-                    _db.add(_DV(
-                        id=ver_id, document_id=doc_id, version_number=1,
-                        content=content, summary="Imported from email attachment", source="upload",
-                    ))
-                    _db.commit()
-                finally:
-                    _db.close()
-                _tag_doc_with_source(doc_id)
+                doc_id = _create_markdown_doc(content, "Imported from email attachment")
                 return {"doc_id": doc_id, "filename": filepath.name}
 
             return {"error": f"Unsupported attachment type: {ext}", "filename": base}
diff --git a/routes/hwfit_routes.py b/routes/hwfit_routes.py
index 5e38b9ca3..0dad0ddd7 100644
--- a/routes/hwfit_routes.py
+++ b/routes/hwfit_routes.py
@@ -1,8 +1,13 @@
+import json
+import os
 import re
+import shlex
+import subprocess
 from copy import deepcopy
 
 from fastapi import APIRouter, HTTPException
 
+from core.platform_compat import run_ssh_command
 from routes._validators import validate_remote_host, validate_ssh_port
 
 
@@ -107,6 +112,73 @@ def _apply_manual_hardware(system, manual_mode="", manual_gpu_count="", manual_v
     return system
 
 
+def _run_model_probe(host: str, ssh_port: str, cmd: str) -> str:
+    try:
+        if host:
+            r = run_ssh_command(
+                host,
+                ssh_port or None,
+                cmd,
+                timeout=15,
+                connect_timeout=5,
+                strict_host_key_checking=False,
+                text=True,
+            )
+        else:
+            r = subprocess.run(["bash", "-lc", cmd], capture_output=True, text=True, timeout=15)
+        if r.returncode == 0:
+            return (r.stdout or "").strip()
+    except Exception:
+        return ""
+    return ""
+
+
+def _inspect_model_path(model_path: str, host: str = "", ssh_port: str = "") -> dict:
+    """Read lightweight metadata from a local or SSH-visible HF model folder."""
+    path = (model_path or "").strip()
+    if not path or path.startswith(("http://", "https://")):
+        return {}
+    if not (path.startswith("/") or path.startswith("~")):
+        return {}
+
+    qpath = shlex.quote(path)
+    qconfig = shlex.quote(os.path.join(path, "config.json"))
+    out = {}
+    exists = _run_model_probe(host, ssh_port, f"test -d {qpath} && printf found || printf missing")
+    if exists != "found":
+        target = host or "local container"
+        out["model_probe_error"] = f"Model path is not visible on {target}: {path}"
+        return out
+    raw_config = _run_model_probe(host, ssh_port, f"test -f {qconfig} && sed -n '1,240p' {qconfig}")
+    if raw_config:
+        try:
+            cfg = json.loads(raw_config)
+        except Exception:
+            cfg = {}
+        for key in ("context_length", "max_position_embeddings", "n_ctx_train", "model_max_length", "max_seq_len"):
+            value = cfg.get(key)
+            if isinstance(value, (int, float)) and value > 0:
+                out["model_ctx_max"] = int(value)
+                break
+    else:
+        out["model_probe_error"] = f"config.json not found in model path: {path}"
+
+    size_cmd = (
+        f"find {qpath} -type f \\( -name '*.safetensors' -o -name '*.bin' -o -name '*.gguf' \\) "
+        "-printf '%s\\n' 2>/dev/null | awk '{s+=$1} END {if (s>0) printf \"%.6f\", s/1073741824}'"
+    )
+    weights = _run_model_probe(host, ssh_port, size_cmd)
+    try:
+        weights_gb = float(weights)
+    except Exception:
+        weights_gb = 0.0
+    if weights_gb > 0:
+        out["model_weights_gb"] = round(weights_gb, 3)
+    elif "model_probe_error" not in out:
+        out["model_probe_error"] = f"No model weight files found in: {path}"
+    return out
+
+
 def setup_hwfit_routes():
     router = APIRouter(prefix="/api/hwfit", tags=["hwfit"])
 
@@ -235,7 +307,7 @@ def setup_hwfit_routes():
         return {"system": system, "models": results}
 
     @router.get("/profiles")
-    def get_serve_profiles(model: str = "", host: str = "", ssh_port: str = "", platform: str = "", fresh: bool = False, serve_weights_gb: float = 0.0, serve_quant: str = ""):
+    def get_serve_profiles(model: str = "", model_path: str = "", host: str = "", ssh_port: str = "", platform: str = "", fresh: bool = False, serve_weights_gb: float = 0.0, serve_quant: str = ""):
         """Compute llama.cpp serve profiles (Quality/Balanced/Speed) for `model`
         against the detected hardware on `host` (or local). Returns concrete
         flags (n_gpu_layers, n_cpu_moe, cache_type, ctx) the serve UI can apply.
@@ -272,8 +344,16 @@ def setup_hwfit_routes():
                 if nn and (nn == want or want.endswith(nn) or nn.endswith(want)):
                     m = entry
                     break
+        path_meta = _inspect_model_path(model_path or model, host=host, ssh_port=ssh_port)
         if m is None:
-            return {"system": system, "profiles": [], "error": "model not in catalog"}
+            return {
+                "system": system,
+                "profiles": [],
+                "error": "model not in catalog",
+                "model_ctx_max": int(path_meta.get("model_ctx_max") or 0),
+                "model_weights_gb": float(path_meta.get("model_weights_gb") or 0),
+                "model_probe_error": path_meta.get("model_probe_error") or "",
+            }
         # Surface the model's trained context limit so the serve UI can clamp a
         # user-typed context down to it (asking for ctx > n_ctx_train overflows
         # and, with a quantized KV cache, can crash the GPU).
@@ -283,6 +363,16 @@ def setup_hwfit_routes():
             if isinstance(v, (int, float)) and v > 0:
                 model_ctx_max = int(v)
                 break
+        path_ctx_max = int(path_meta.get("model_ctx_max") or 0)
+        if path_ctx_max > 0:
+            model_ctx_max = max(model_ctx_max, path_ctx_max)
+        model_weights_gb = float(path_meta.get("model_weights_gb") or 0)
+        if model_weights_gb <= 0:
+            for k in ("min_vram_gb", "required_gb", "size_gb", "recommended_ram_gb", "min_ram_gb"):
+                v = m.get(k)
+                if isinstance(v, (int, float)) and v > 0:
+                    model_weights_gb = float(v)
+                    break
         return {
             "system": system,
             "profiles": compute_serve_profiles(
@@ -291,6 +381,8 @@ def setup_hwfit_routes():
                 serve_quant=(serve_quant or None),
             ),
             "model_ctx_max": model_ctx_max,
+            "model_weights_gb": model_weights_gb,
+            "model_probe_error": path_meta.get("model_probe_error") or "",
         }
 
     @router.get("/image-models")
diff --git a/routes/model_routes.py b/routes/model_routes.py
index 000cd9379..69528f6dc 100644
--- a/routes/model_routes.py
+++ b/routes/model_routes.py
@@ -1064,9 +1064,11 @@ def setup_model_routes(model_discovery):
         except Exception:
             return 0.0
 
-    def _failure_delay(fails: int) -> float:
+    def _failure_delay(fails: int, *, empty_local: bool = False) -> float:
         if fails <= 0:
             return 0.0
+        if empty_local:
+            return min(5.0 * (2 ** max(0, fails - 1)), 30.0)
         return min(_REFRESH_FAILURE_BASE * (2 ** max(0, fails - 1)), _REFRESH_FAILURE_MAX)
 
     def _should_refresh_endpoint(ep: Any, now: float, force: bool = False) -> tuple[bool, Dict[str, Any]]:
@@ -1097,7 +1099,12 @@ def setup_model_routes(model_discovery):
         fails = int(state.get("fail_count") or 0)
         if fails and not force:
             last_failure = float(state.get("last_failure") or 0.0)
-            if now - last_failure < _failure_delay(fails):
+            empty_local = (
+                not cached
+                and category == "local"
+                and str(getattr(ep, "id", "") or "").startswith("local-")
+            )
+            if now - last_failure < _failure_delay(fails, empty_local=empty_local):
                 return False, info
         if cached and not force:
             interval = _endpoint_refresh_interval(ep, category)
diff --git a/routes/shell_routes.py b/routes/shell_routes.py
index 406d80bb3..245181832 100644
--- a/routes/shell_routes.py
+++ b/routes/shell_routes.py
@@ -330,6 +330,9 @@ def add_user_install_bins_to_path():
         candidates.append(os.path.join(site.USER_BASE, 'bin'))
     except Exception:
         pass
+    candidates.append(os.path.expanduser('~/bin'))
+    candidates.append(os.path.expanduser('~/llama.cpp/build/bin'))
+    candidates.append(os.path.expanduser('~/llama.cpp/build-vulkan/bin'))
     candidates.append(os.path.expanduser('~/.local/bin'))
     parts = os.environ.get('PATH', '').split(os.pathsep) if os.environ.get('PATH') else []
     changed = False
@@ -1188,6 +1191,7 @@ def setup_shell_routes() -> APIRouter:
         # venv over SSH so a remote `pip install` actually reflects here.
         remote_status: dict = {}
         remote_details: dict = {}
+        remote_probe_error = ""
         remote_names = [
             p["name"]
             for p in packages
@@ -1226,8 +1230,34 @@ def setup_shell_routes() -> APIRouter:
                         break
             except ValueError as e:
                 raise HTTPException(400, str(e))
-            except Exception:
+            except Exception as e:
                 remote_status = {}
+                remote_probe_error = f"SSH package probe failed: {str(e)[:160]}"
+            if "llama_cpp" in remote_names:
+                try:
+                    inner = (
+                        'export PATH="$HOME/.local/bin:$HOME/bin:'
+                        '$HOME/llama.cpp/build/bin:$HOME/llama.cpp/build-vulkan/bin:$PATH"; '
+                        "command -v llama-server 2>/dev/null || true"
+                    )
+                    argv = _ssh_base_argv(host, ssh_port) + [inner]
+                    proc = await asyncio.create_subprocess_exec(
+                        *argv,
+                        stdout=asyncio.subprocess.PIPE,
+                        stderr=asyncio.subprocess.PIPE,
+                    )
+                    out, _err = await asyncio.wait_for(proc.communicate(), timeout=8)
+                    llama_server_path = out.decode("utf-8", errors="replace").strip().splitlines()
+                    llama_server_path = llama_server_path[-1].strip() if llama_server_path else ""
+                    if llama_server_path:
+                        remote_status["llama_cpp"] = True
+                        probe = remote_details.setdefault("llama_cpp", {})
+                        if isinstance(probe, dict):
+                            probe.setdefault("binaries", {})["llama-server"] = llama_server_path
+                except Exception as e:
+                    if not remote_probe_error:
+                        remote_probe_error = f"SSH llama-server probe failed: {str(e)[:160]}"
+                    pass
         # Union of system_names + every package's system_prereqs. Probing
         # the prereqs alongside the main system deps in a single SSH call
         # avoids a second round-trip per Cookbook → Dependencies refresh.
@@ -1272,7 +1302,9 @@ def setup_shell_routes() -> APIRouter:
                 target_os_id = _os_id_from_release("\n".join(_osrel_lines))
             except ValueError as e:
                 raise HTTPException(400, str(e))
-            except Exception:
+            except Exception as e:
+                if not remote_probe_error:
+                    remote_probe_error = f"SSH system probe failed: {str(e)[:160]}"
                 pass
         elif not host:
             # Local target — probe in-process so the inline install command
@@ -1290,7 +1322,12 @@ def setup_shell_routes() -> APIRouter:
             on_remote = bool(host and pkg.get("target") == "remote")
             probe = None
             if on_remote:
-                pkg["installed"] = bool(remote_status.get(pkg["name"], False))
+                if remote_probe_error and pkg["name"] not in remote_status:
+                    pkg["installed"] = None
+                    pkg["probe_error"] = remote_probe_error
+                    pkg["status_note"] = remote_probe_error
+                else:
+                    pkg["installed"] = bool(remote_status.get(pkg["name"], False))
                 probe = remote_details.get(pkg["name"])
                 if isinstance(probe, dict):
                     pkg["details"] = probe
@@ -1353,9 +1390,19 @@ def setup_shell_routes() -> APIRouter:
             # reads "ready" green while inference runs at 3 tok/s on GPU
             # silicon — actively misleading.
             if pkg["name"] == "llama_cpp" and pkg.get("installed"):
+                _native_llama_server = bool(
+                    isinstance(probe, dict)
+                    and isinstance(probe.get("binaries"), dict)
+                    and probe["binaries"].get("llama-server")
+                )
                 _gpu_capable = False
                 _has_nvidia_target = False
-                if on_remote and host:
+                if _native_llama_server:
+                    # Native llama-server is the launcher path Cookbook now
+                    # prefers. Do not mark this as a CPU-only Python wheel just
+                    # because llama-cpp-python is absent from the selected venv.
+                    _gpu_capable = True
+                elif on_remote and host:
                     try:
                         # Activate the configured venv FIRST so the probe
                         # runs against the same python the launch script
@@ -1609,7 +1656,8 @@ def setup_shell_routes() -> APIRouter:
             return {"ok": False, "error": f"Unsupported engine: {engine}"}
         host = str(body.get("remote_host") or "").strip()
         ssh_port = body.get("ssh_port")
-        cmd = _llama_cpp_rebuild_cmd()
+        update_source = bool(body.get("update_source"))
+        cmd = _llama_cpp_rebuild_cmd(update_source=update_source)
         try:
             argv = (
                 (_ssh_base_argv(host, ssh_port) + [cmd])
diff --git a/src/agent_loop.py b/src/agent_loop.py
index e574a42b6..40e4232bb 100644
--- a/src/agent_loop.py
+++ b/src/agent_loop.py
@@ -751,6 +751,17 @@ def _extract_last_user_message(messages: List[Dict]) -> str:
 
 
 _LOW_SIGNAL_RE = re.compile(r"^[\W_]*$", re.UNICODE)
+_CASUAL_OPENING_RE = re.compile(
+    r"^\s*(?:h+i+|hey+|hello+|yo+|sup+|what'?s up|wass?up|hiya|howdy|"
+    r"lol|lmao|haha+|hehe+|thanks?|thank you|ty|idk|dunno|meh|bruh|bro)\b(?P<tail>.*)$",
+    re.IGNORECASE,
+)
+_CASUAL_BLOCKLIST_RE = re.compile(
+    r"\b(?:cookbook|serve|serving|launch|start|vllm|sglang|llama\.?cpp|ollama|"
+    r"download|model|email|document|doc|note|calendar|task|search|web|research|"
+    r"file|folder|repo|git|settings?|endpoint|api|token|mcp)\b",
+    re.IGNORECASE,
+)
 _EXPLICIT_CONTINUATION_RE = re.compile(
     r"^\s*(?:"
     r"yes|y|yeah|yep|ok|okay|sure|do it|go ahead|continue|carry on|"
@@ -760,6 +771,17 @@ _EXPLICIT_CONTINUATION_RE = re.compile(
     r")\s*[.!?]*\s*$",
     re.IGNORECASE,
 )
+_RETRY_CONTINUATION_RE = re.compile(
+    r"\b(?:try again|retry|again|rerun|re-run|run it again|launch it again|"
+    r"start it again|failed|fails?|died|crashed|broke|insta|instantly)\b",
+    re.IGNORECASE,
+)
+_COOKBOOK_CONTEXT_RE = re.compile(
+    r"\b(?:cookbook|serve|serving|served|launch|start|preset|vllm|sglang|"
+    r"llama\.?cpp|ollama|download|cached models?|model servers?|running models?|"
+    r"gpu box|ajax|qwen|gemma|llama|mistral|minimax)\b",
+    re.IGNORECASE,
+)
 
 
 def _is_explicit_continuation(text: str) -> bool:
@@ -767,6 +789,37 @@ def _is_explicit_continuation(text: str) -> bool:
     return bool(_EXPLICIT_CONTINUATION_RE.match(str(text or "").strip()))
 
 
+def _is_casual_low_signal(text: str) -> bool:
+    """True for short greetings/slang that should not inherit stale context."""
+    s = str(text or "").strip()
+    m = _CASUAL_OPENING_RE.match(s)
+    if not m:
+        return False
+    tail = m.group("tail") or ""
+    if _CASUAL_BLOCKLIST_RE.search(tail):
+        return False
+    # Allow a short vocative/address after the opener without hardcoding the
+    # address term itself: "hey man", "yo dude", "sup <name>". Longer tails are
+    # more likely to be an actual request and should get normal context/tooling.
+    tail_words = re.findall(r"[A-Za-z0-9_'-]+", tail)
+    return len(tail_words) <= 2
+
+
+def _is_contextual_retry_continuation(messages: List[Dict], text: str) -> bool:
+    """Treat "try again / it failed" as a continuation only for active tool work.
+
+    These follow-ups are common after Cookbook launches: the latest user turn
+    says only "try again it failed", while the actionable model/host/command
+    details live one or two turns back. Keep this intentionally narrow so
+    ordinary chat does not inherit stale Cookbook context.
+    """
+    latest = str(text or "").strip()
+    if not latest or not _RETRY_CONTINUATION_RE.search(latest):
+        return False
+    recent = _recent_context_for_retrieval(messages, max_user=5, max_chars=1200)
+    return bool(_COOKBOOK_CONTEXT_RE.search(recent))
+
+
 def _assistant_requested_followup(messages: List[Dict]) -> bool:
     """True when the previous assistant turn asked for missing task details.
 
@@ -808,11 +861,12 @@ def _classify_agent_request(messages: List[Dict], last_user: str) -> Dict[str, o
     which domain rule packs get appended to the system prompt.
     """
     text = str(last_user or "").strip()
-    continuation = _is_explicit_continuation(text) or _assistant_requested_followup(messages)
+    retry_continuation = _is_contextual_retry_continuation(messages, text)
+    continuation = _is_explicit_continuation(text) or _assistant_requested_followup(messages) or retry_continuation
     retrieval_query = _recent_context_for_retrieval(messages) if continuation else text
     q = retrieval_query.lower()
 
-    if not text or bool(_LOW_SIGNAL_RE.match(text)):
+    if not text or bool(_LOW_SIGNAL_RE.match(text)) or _is_casual_low_signal(text):
         return {
             "low_signal": True,
             "continuation": False,
@@ -907,6 +961,7 @@ def _build_system_prompt(
     compact: bool = False,
     owner: Optional[str] = None,
     suppress_local_context: bool = False,
+    suppress_skills: bool = False,
     active_email: Optional[Dict[str, str]] = None,
 ) -> List[Dict]:
     """Build agent system prompt, inject MCP/document context, merge consecutive system msgs."""
@@ -924,7 +979,7 @@ def _build_system_prompt(
         _ov_sig = _hl.sha256(_json.dumps(get_builtin_overrides() or {}, sort_keys=True).encode()).hexdigest()
     except Exception:
         _ov_sig = ""
-    cache_key = (frozenset(disabled_tools or []), bool(mcp_mgr), needs_admin, _rt_key, compact, _ov_sig, owner, suppress_local_context)
+    cache_key = (frozenset(disabled_tools or []), bool(mcp_mgr), needs_admin, _rt_key, compact, _ov_sig, owner, suppress_local_context, suppress_skills)
     if _cached_base_prompt and _cached_base_prompt_key == cache_key and not active_document:
         agent_prompt = _cached_base_prompt
         # Skill index is user-editable (name + description), so it must never
@@ -934,6 +989,7 @@ def _build_system_prompt(
             disabled_tools, mcp_mgr, needs_admin, relevant_tools,
             mcp_disabled_map=mcp_disabled_map, compact=compact, owner=owner,
             suppress_local_context=suppress_local_context,
+            suppress_skills=suppress_skills,
         )
     else:
         agent_prompt, _skill_index_block = _build_base_prompt(
@@ -945,6 +1001,7 @@ def _build_system_prompt(
             compact=compact,
             owner=owner,
             suppress_local_context=suppress_local_context,
+            suppress_skills=suppress_skills,
         )
         if not active_document:
             _cached_base_prompt = agent_prompt
@@ -1228,7 +1285,7 @@ def _build_system_prompt(
     # few. If the teacher wrote a procedure for "open my X chat" last
     # time the student failed, this is where the student finds it
     # before deciding which tool to call.
-    if not suppress_local_context:
+    if not suppress_local_context and not suppress_skills:
         try:
             last_user = _extract_last_user_message(messages)
             # Respect the user's skills-enabled toggle (mirrors memory_enabled).
@@ -1395,6 +1452,7 @@ def _build_base_prompt(
     compact: bool = False,
     owner: Optional[str] = None,
     suppress_local_context: bool = False,
+    suppress_skills: bool = False,
 ):
     """Build the agent prompt with only relevant tools included.
 
@@ -1447,7 +1505,7 @@ def _build_base_prompt(
     # The caller wraps it in untrusted_context_message and ships it as a
     # user-role message — same treatment as the matched-skills block.
     skill_index_block = ""
-    if not suppress_local_context:
+    if not suppress_local_context and not suppress_skills:
         try:
             from services.memory.skills import SkillsManager
             from src.constants import DATA_DIR
@@ -1866,6 +1924,7 @@ async def stream_agent_loop(
     approved_plan: Optional[str] = None,
     tool_policy: Optional[ToolPolicy] = None,
     workspace: Optional[str] = None,
+    forced_tools: Optional[Set[str]] = None,
     _is_teacher_run: bool = False,
 ) -> AsyncGenerator[str, None]:
     """Streaming agent loop generator.
@@ -1905,6 +1964,18 @@ async def stream_agent_loop(
     _needs_admin = _detect_admin_intent(messages)
     _last_user = _extract_last_user_message(messages)
     _intent = _classify_agent_request(messages, _last_user)
+    _low_signal_turn = bool(_intent.get("low_signal"))
+    _casual_low_signal_turn = _is_casual_low_signal(_last_user)
+    _direct_low_signal = (
+        _low_signal_turn
+        and not bool(_intent.get("continuation"))
+        and not plan_mode
+        and not approved_plan
+        and (_casual_low_signal_turn or active_document is None)
+        and (_casual_low_signal_turn or not active_email)
+        and (_casual_low_signal_turn or not workspace)
+        and not forced_tools
+    )
     # Tool retrieval uses the latest message by default. It may inherit recent
     # user turns only for explicit continuations ("yes", "do it", "1").
     _retrieval_query = str(_intent.get("retrieval_query") or _last_user)
@@ -1912,11 +1983,86 @@ async def stream_agent_loop(
         "[agent-intent] latest=%r continuation=%s low_signal=%s domains=%s retrieval_query=%r",
         _last_user[:120],
         bool(_intent.get("continuation")),
-        bool(_intent.get("low_signal")),
+        _low_signal_turn,
         sorted(_intent.get("domains") or []),
         _retrieval_query[:200],
     )
     _mcp_disabled_map = _load_mcp_disabled_map() if mcp_mgr else {}
+    if _direct_low_signal:
+        logger.info("[agent] direct low-signal reply path for latest=%r", _last_user[:80])
+        direct_messages = [{"role": "user", "content": _last_user}]
+        direct_response = ""
+        direct_start = time.time()
+        direct_actual_model = model
+        real_input_tokens = 0
+        real_output_tokens = 0
+        try:
+            async for chunk in stream_llm_with_fallback(
+                [(endpoint_url, model, headers)] + list(fallbacks or []),
+                direct_messages,
+                temperature=temperature,
+                max_tokens=min(max_tokens or 128, 128),
+                prompt_type=None,
+                tools=None,
+                timeout=int(get_setting("agent_stream_timeout_seconds", 300) or 300),
+                session_id=session_id,
+            ):
+                if chunk.startswith("data: ") and not chunk.startswith("data: [DONE]"):
+                    try:
+                        data = json.loads(chunk[6:])
+                    except json.JSONDecodeError:
+                        yield chunk
+                        continue
+                    if data.get("type") == "usage":
+                        usage = data.get("data", {}) or {}
+                        direct_actual_model = usage.get("model") or direct_actual_model
+                        real_input_tokens += usage.get("input_tokens", 0) or 0
+                        real_output_tokens += usage.get("output_tokens", 0) or 0
+                        continue
+                    if data.get("type") == "model_actual":
+                        direct_actual_model = data.get("model") or direct_actual_model
+                        data["requested_model"] = model
+                        yield f"data: {json.dumps(data)}\n\n"
+                        continue
+                    if data.get("type") == "fallback":
+                        direct_actual_model = data.get("answered_by") or direct_actual_model
+                        yield chunk
+                        continue
+                    if "delta" in data:
+                        if not data.get("thinking"):
+                            direct_response += data.get("delta", "")
+                        yield chunk
+                        continue
+                    yield chunk
+                elif chunk.startswith("event: "):
+                    yield chunk
+        except Exception as _direct_err:
+            logger.warning("[agent] direct low-signal path failed: %s", _direct_err)
+            fallback = "Hey."
+            direct_response += fallback
+            yield f"data: {json.dumps({'delta': fallback})}\n\n"
+
+        if not direct_response.strip():
+            fallback = "Hey."
+            direct_response = fallback
+            yield f"data: {json.dumps({'delta': fallback})}\n\n"
+
+        duration = time.time() - direct_start
+        metrics = {
+            "model": direct_actual_model,
+            "requested_model": model,
+            "input_tokens": real_input_tokens or estimate_tokens(direct_messages),
+            "output_tokens": real_output_tokens or max(len(direct_response) // 4, 1),
+            "total_time": round(duration, 2),
+            "response_time": round(duration, 2),
+            "agent_rounds": 0,
+            "tool_calls": 0,
+            "direct_low_signal": True,
+        }
+        yield f"data: {json.dumps({'type': 'metrics', 'data': metrics})}\n\n"
+        yield "data: [DONE]\n\n"
+        return
+
     if plan_mode and mcp_mgr:
         # Allow read-only MCP tools to investigate, block write/unknown ones:
         # hide them from the schemas AND reject them at runtime by qualified name.
@@ -1932,7 +2078,7 @@ async def stream_agent_loop(
     _t1 = time.time()
     if _relevant_tools:
         logger.info(f"[tool-rag] Using caller-provided relevant_tools ({len(_relevant_tools)} tools)")
-    if not guide_only and not _relevant_tools and bool(_intent.get("low_signal")):
+    if not guide_only and not _relevant_tools and _low_signal_turn:
         from src.tool_index import ALWAYS_AVAILABLE
         if workspace:
             # An active workspace IS the file-work signal: a vague "look at the
@@ -2023,6 +2169,15 @@ async def stream_agent_loop(
     if _relevant_tools is not None and active_document is not None:
         _relevant_tools.update({"edit_document", "update_document", "suggest_document"})
 
+    # Per-request UI toggles are stronger than retrieval. If the user turns on
+    # Search, the model must see the search tools even when the latest text is a
+    # typo or otherwise low-signal for tool RAG.
+    if not guide_only and forced_tools:
+        if _relevant_tools is None:
+            from src.tool_index import ALWAYS_AVAILABLE
+            _relevant_tools = set(ALWAYS_AVAILABLE)
+        _relevant_tools.update(t for t in forced_tools if t not in disabled_tools)
+
     # The skill index injected by _build_system_prompt tells the model to
     # call `manage_skills action=view`, and Jaccard-matched skills are pasted
     # into the prompt as procedures to follow — but neither path goes through
@@ -2030,7 +2185,7 @@ async def stream_agent_loop(
     # (grep, read_file, ...) that aren't in its schema list. Keep the schemas
     # in lockstep: manage_skills is callable whenever any skill is indexed,
     # and a matched skill's declared requires_toolsets ride along with it.
-    if not guide_only and _relevant_tools is not None:
+    if not guide_only and _relevant_tools is not None and not _low_signal_turn:
         try:
             from services.memory.skills import SkillsManager
             from src.constants import DATA_DIR
@@ -2147,6 +2302,7 @@ async def stream_agent_loop(
         compact=_compact_agent_prompt,
         owner=owner,
         suppress_local_context=guide_only,
+        suppress_skills=_low_signal_turn,
         active_email=active_email,
     )
     if plan_mode and not guide_only:
@@ -2753,6 +2909,15 @@ async def stream_agent_loop(
                 _intent_nudge_count += 1
                 _matched_phrase = _intent_match.group(0).strip()
                 logger.info(f"[agent] intent-without-action nudge #{_intent_nudge_count} on round {round_num}: {_matched_phrase!r}")
+                _lower_phrase = _matched_phrase.lower()
+                _cookbook_log_hint = ""
+                if any(_word in _lower_phrase for _word in ("log", "logs", "output", "tail", "status")):
+                    _cookbook_log_hint = (
+                        " If this is about a Cookbook/model serve, the concrete calls are: "
+                        "`list_served_models` first, then `tail_serve_output` with the "
+                        "session_id from the serve/list result. Never answer with "
+                        "\"check logs\" when those tools are available."
+                    )
                 messages.append({
                     "role": "system",
                     "content": (
@@ -2761,6 +2926,7 @@ async def stream_agent_loop(
                         "see you announced the action but didn't run it, which "
                         "is the most frustrating thing you can do. "
                         "DO IT NOW: emit the actual function call this turn. "
+                        f"{_cookbook_log_hint}"
                         "If you decided not to do it after all, say so plainly in "
                         "one sentence instead of restating the plan."
                     ),
diff --git a/src/agent_tools/web_tools.py b/src/agent_tools/web_tools.py
index 87a4b697f..f1410e18e 100644
--- a/src/agent_tools/web_tools.py
+++ b/src/agent_tools/web_tools.py
@@ -7,6 +7,7 @@ from src.constants import MAX_OUTPUT_CHARS
 class WebSearchTool:
     async def execute(self, content: str, ctx: dict) -> dict:
         from src.search import comprehensive_web_search
+        progress_cb = ctx.get("progress_cb") if isinstance(ctx, dict) else None
         raw = content.strip()
         query = raw
         time_filter = None
@@ -37,18 +38,39 @@ class WebSearchTool:
             elif " news" in q_lc or q_lc.startswith("news ") or q_lc.endswith(" news"):
                 time_filter = "week"
         loop = asyncio.get_running_loop()
-        text, sources = await asyncio.wait_for(
-            loop.run_in_executor(
-                None,
-                lambda: comprehensive_web_search(
-                    query,
-                    max_pages=max_pages,
-                    time_filter=time_filter,
-                    return_sources=True,
+        if progress_cb:
+            await progress_cb({
+                "elapsed_s": 0,
+                "tail": f"Searching web for: {query[:160]}",
+            })
+        try:
+            text, sources = await asyncio.wait_for(
+                loop.run_in_executor(
+                    None,
+                    lambda: comprehensive_web_search(
+                        query,
+                        max_pages=max_pages,
+                        time_filter=time_filter,
+                        return_sources=True,
+                    ),
                 ),
-            ),
-            timeout=30,
-        )
+                timeout=30,
+            )
+        except asyncio.TimeoutError:
+            return {
+                "error": f"web_search timed out after 30s: {query[:200]}",
+                "exit_code": 1,
+            }
+        except Exception as e:
+            return {
+                "error": f"web_search failed: {type(e).__name__}: {str(e) or 'no details'}",
+                "exit_code": 1,
+            }
+        if progress_cb:
+            await progress_cb({
+                "elapsed_s": 30,
+                "tail": "Search completed; preparing sources.",
+            })
         output = text[:MAX_OUTPUT_CHARS] if len(text) > MAX_OUTPUT_CHARS else text
         if sources:
             output += "\n\n<!-- SOURCES:" + json.dumps(sources) + " -->"
diff --git a/src/builtin_actions.py b/src/builtin_actions.py
index a598cb652..bf4ddd950 100644
--- a/src/builtin_actions.py
+++ b/src/builtin_actions.py
@@ -76,8 +76,7 @@ async def action_consolidate_memory(owner: str, **kwargs) -> Tuple[str, bool]:
         import json
         import re
         from src.constants import DATA_DIR
-        from src.endpoint_resolver import resolve_endpoint
-        from src.llm_core import llm_call_async
+        from src.llm_core import llm_call_async_with_fallback
         from src.memory import MemoryManager
 
         manager = MemoryManager(DATA_DIR)
@@ -116,10 +115,9 @@ async def action_consolidate_memory(owner: str, **kwargs) -> Tuple[str, bool]:
             if len(group_memories) < 2:
                 return False
 
-            url, model, headers = resolve_endpoint("utility", owner=group_owner or None)
-            if not url or not model:
-                url, model, headers = resolve_endpoint("default", owner=group_owner or None)
-            if not url or not model:
+            from src.task_endpoint import resolve_task_candidates
+            candidates = resolve_task_candidates(owner=group_owner or None)
+            if not candidates:
                 return False
 
             try:
@@ -147,13 +145,11 @@ async def action_consolidate_memory(owner: str, **kwargs) -> Tuple[str, bool]:
                     "\"drop\":[{\"id\":\"existing id\",\"reason\":\"short reason\"}]}\n\n"
                     f"MEMORIES:\n{json.dumps(items, ensure_ascii=False)}"
                 )
-                raw = await llm_call_async(
-                    url=url,
-                    model=model,
+                raw = await llm_call_async_with_fallback(
+                    candidates,
                     messages=[{"role": "user", "content": prompt}],
                     temperature=0.0,
                     max_tokens=4096,
-                    headers=headers,
                     timeout=120,
                 )
                 from src.text_helpers import strip_think
@@ -604,8 +600,7 @@ async def action_classify_events(owner: str, **kwargs) -> Tuple[str, bool]:
     try:
         from datetime import timedelta
         from core.database import SessionLocal, CalendarEvent
-        from src.endpoint_resolver import resolve_endpoint
-        from src.llm_core import llm_call_async
+        from src.llm_core import llm_call_async_with_fallback
         import re as _re, json as _json
 
         db = SessionLocal()
@@ -620,10 +615,9 @@ async def action_classify_events(owner: str, **kwargs) -> Tuple[str, bool]:
             if not events:
                 return "No upcoming events to classify", True
 
-            llm_url, llm_model, llm_headers = resolve_endpoint("utility", owner=owner)
-            if not llm_url:
-                llm_url, llm_model, llm_headers = resolve_endpoint("default", owner=owner)
-            llm_available = bool(llm_url and llm_model)
+            from src.task_endpoint import resolve_task_candidates
+            llm_candidates = resolve_task_candidates(owner=owner)
+            llm_available = bool(llm_candidates)
 
             # Pull user memories so the LLM has personal context (relationships,
             # job, hobbies). Helps it know e.g. "<name> is your spouse" so their
@@ -699,11 +693,11 @@ async def action_classify_events(owner: str, **kwargs) -> Tuple[str, bool]:
                     f"EVENTS: {_json.dumps(items)}"
                 )
                 try:
-                    raw = await llm_call_async(
-                        url=llm_url, model=llm_model,
+                    raw = await llm_call_async_with_fallback(
+                        llm_candidates,
                         messages=[{"role": "user", "content": prompt}],
                         temperature=0.1, max_tokens=16384,
-                        headers=llm_headers, timeout=180,
+                        timeout=180,
                     )
                     from src.text_helpers import strip_think as _st
                     raw = _st(raw or "", prose=False, prompt_echo=False)
@@ -810,8 +804,7 @@ async def action_learn_sender_signatures(owner: str, **kwargs) -> Tuple[str, boo
         import asyncio as _aio
         from datetime import datetime as _dt, timedelta as _td
         from routes.email_helpers import _email_cache_owner_clause, _imap_connect, SCHEDULED_DB
-        from src.endpoint_resolver import resolve_endpoint
-        from src.llm_core import llm_call_async
+        from src.llm_core import llm_call_async_with_fallback
 
         # 1. Pull recent UIDs + From headers cheaply (header-only fetch).
         def _pull_headers():
@@ -891,11 +884,11 @@ async def action_learn_sender_signatures(owner: str, **kwargs) -> Tuple[str, boo
         if not eligible:
             return "All sender sigs already cached (or no eligible senders)", True
 
-        url, model, headers = resolve_endpoint("utility", owner=owner)
-        if not url or not model:
-            url, model, headers = resolve_endpoint("default", owner=owner)
-        if not url or not model:
+        from src.task_endpoint import resolve_task_candidates
+        candidates = resolve_task_candidates(owner=owner)
+        if not candidates:
             return "No LLM endpoint available", False
+        model = candidates[0][1]
 
         analyzed = 0
         no_sig = 0
@@ -949,11 +942,11 @@ async def action_learn_sender_signatures(owner: str, **kwargs) -> Tuple[str, boo
             )
 
             try:
-                raw = await llm_call_async(
-                    url=url, model=model,
+                raw = await llm_call_async_with_fallback(
+                    candidates,
                     messages=[{"role": "user", "content": prompt}],
                     temperature=0.0, max_tokens=600,
-                    headers=headers, timeout=60,
+                    timeout=60,
                 )
                 from src.text_helpers import strip_think as _st
                 sig = _st(raw or "", prose=False, prompt_echo=False).strip()
@@ -1137,7 +1130,6 @@ async def action_test_skills(owner: str, **kwargs) -> Tuple[str, bool]:
         from services.memory.skills import SkillsManager
         from src.constants import DATA_DIR
         from routes.skills_routes import _run_skill_test_once, _skill_test_task
-        from src.endpoint_resolver import resolve_endpoint
 
         # #3 SCOPE GUARD: refuse to run on a None/empty owner — otherwise
         # `sm.load(owner=None)` returns every user's skills and we'd cross-
@@ -1152,27 +1144,40 @@ async def action_test_skills(owner: str, **kwargs) -> Tuple[str, bool]:
         if not names:
             raise TaskNoop("no skills to test")
 
-        url, model, headers = resolve_endpoint("default", owner=owner)
-        if not url or not model:
+        from src.task_endpoint import resolve_task_candidates
+        candidates = resolve_task_candidates(owner=owner)
+        if not candidates:
             return "No Default/Utility model configured — set one in Settings.", False
 
         # #2 NO SILENT MODEL SWAP: if the configured model isn't served by the
         # endpoint, try a basename match — but fail loudly instead of grabbing
         # `avail[0]` which could be an embedding-only model and produce 36
         # garbage transcripts → 36 'unknown' verdicts with no hint why.
+        url, model, headers = candidates[0]
         try:
             from src.llm_core import list_model_ids
-            avail = list_model_ids(url, headers=headers)
-            if avail and model not in avail:
-                import os as _os
-                base = _os.path.basename((model or "").rstrip("/"))
-                m = next((a for a in avail if _os.path.basename(a.rstrip("/")) == base), None)
-                if m:
-                    model = m
-                else:
-                    return (f"Default model '{model}' not served by endpoint {url}. "
-                            f"Available: {', '.join(avail[:8])}{'…' if len(avail) > 8 else ''}. "
-                            "Set a valid Default model in Settings."), False
+            import os as _os
+
+            selected = None
+            mismatch_notes = []
+            for cand_url, cand_model, cand_headers in candidates:
+                avail = list_model_ids(cand_url, headers=cand_headers)
+                if not avail or cand_model in avail:
+                    selected = (cand_url, cand_model, cand_headers)
+                    break
+                base = _os.path.basename((cand_model or "").rstrip("/"))
+                matched = next((a for a in avail if _os.path.basename(a.rstrip("/")) == base), None)
+                if matched:
+                    selected = (cand_url, matched, cand_headers)
+                    break
+                mismatch_notes.append(
+                    f"{cand_model} not served by {cand_url}; available: "
+                    f"{', '.join(avail[:8])}{'...' if len(avail) > 8 else ''}"
+                )
+            if selected:
+                url, model, headers = selected
+            elif mismatch_notes:
+                return "No configured task fallback model is served. " + " | ".join(mismatch_notes[:3]), False
         except Exception as _e:
             logger.warning(f"test_skills model resolve check failed (continuing): {_e}")
 
@@ -1483,7 +1488,6 @@ async def action_check_email_urgency(owner: str, **kwargs) -> Tuple[str, bool]:
         from pathlib import Path as _P
         from core.database import SessionLocal as _SL, EmailAccount as _EA
         from routes.email_helpers import _imap_connect, _decode_header
-        from src.endpoint_resolver import resolve_endpoint, resolve_utility_fallback_candidates
         from src.llm_core import llm_call_async_with_fallback
 
         # Per-owner state file so multi-user runs don't clobber each other's
@@ -1505,12 +1509,10 @@ async def action_check_email_urgency(owner: str, **kwargs) -> Tuple[str, bool]:
 
         # ── 1. Resolve LLM candidates (utility primary + utility fallbacks; fall
         # through to default chat as a last resort).
-        url, model, headers = resolve_endpoint("utility", owner=owner)
-        if not url or not model:
-            url, model, headers = resolve_endpoint("default", owner=owner)
-        if not url or not model:
+        from src.task_endpoint import resolve_task_candidates
+        candidates = resolve_task_candidates(owner=owner)
+        if not candidates:
             return "No LLM endpoint available", False
-        candidates = [(url, model, headers)] + resolve_utility_fallback_candidates(owner=owner)
 
         # ── 2. Enumerate enabled accounts. Match this task's owner AND fall
         # back to the legacy "unowned account whose imap_user / from_address
diff --git a/src/endpoint_resolver.py b/src/endpoint_resolver.py
index 34d451d9c..ac5a6b7ad 100644
--- a/src/endpoint_resolver.py
+++ b/src/endpoint_resolver.py
@@ -396,6 +396,9 @@ def resolve_utility_fallback_candidates(owner: Optional[str] = None) -> list:
         settings = load_settings()
         utility_ep = (get_user_setting("utility_endpoint_id", owner or "", settings.get("utility_endpoint_id", "")) or "").strip()
         if not utility_ep:
+            utility_chain = get_user_setting("utility_model_fallbacks", owner or "", settings.get("utility_model_fallbacks") or []) or []
+            if utility_chain:
+                return _resolve_fallback_candidates("utility_model_fallbacks", owner=owner)
             return _resolve_fallback_candidates("default_model_fallbacks", owner=owner)
     except Exception:
         pass
diff --git a/src/llm_core.py b/src/llm_core.py
index 1338ef91a..ba567ed81 100644
--- a/src/llm_core.py
+++ b/src/llm_core.py
@@ -2130,6 +2130,8 @@ async def stream_llm(url: str, model: str, messages: List[Dict], temperature: fl
                                             yield _stream_delta_event(reasoning, thinking=True)
                                         content = delta.get("content") or ""
                                         if content:
+                                            content = re.sub(r"<mm:think(\s+[^>]*)?>", r"<think\1>", content, flags=re.IGNORECASE)
+                                            content = re.sub(r"</mm:think>", "</think>", content, flags=re.IGNORECASE)
                                             stripped = content.lstrip()
                                             # gpt-oss harmony format (<|channel|>analysis/final): route via the harmony
                                             # stream router. Sticky once the first marker appears — distinct from the
diff --git a/src/task_endpoint.py b/src/task_endpoint.py
index 6e477a3ec..6f9a27c09 100644
--- a/src/task_endpoint.py
+++ b/src/task_endpoint.py
@@ -1,6 +1,11 @@
-"""Shared resolver for background-task AI endpoint (auto-naming, memory, sorting)."""
+"""Shared resolver for background-task AI endpoints."""
 
-from src.endpoint_resolver import resolve_endpoint
+from src.endpoint_resolver import (
+    resolve_chat_fallback_candidates,
+    resolve_endpoint,
+    resolve_utility_fallback_candidates,
+)
+from src.llm_core import llm_call_async_with_fallback
 
 
 def resolve_task_endpoint(fallback_url=None, fallback_model=None, fallback_headers=None, owner=None):
@@ -11,3 +16,60 @@ def resolve_task_endpoint(fallback_url=None, fallback_model=None, fallback_heade
     endpoint cannot be resolved.
     """
     return resolve_endpoint("task", fallback_url, fallback_model, fallback_headers, owner=owner)
+
+
+def resolve_task_candidates(
+    fallback_url=None,
+    fallback_model=None,
+    fallback_headers=None,
+    owner=None,
+):
+    """Return ordered background-task LLM candidates.
+
+    Order:
+    1. configured Background Tasks endpoint/model, or caller fallback
+    2. Utility endpoint/model
+    3. Default endpoint/model
+    4. Utility fallback chain
+    5. Default fallback chain
+    """
+    candidates = []
+
+    def _append(url, model, headers):
+        if not url or not model:
+            return
+        key = (url, model)
+        if any((u, m) == key for u, m, _ in candidates):
+            return
+        candidates.append((url, model, headers or {}))
+
+    _append(*resolve_task_endpoint(fallback_url, fallback_model, fallback_headers, owner=owner))
+    _append(*resolve_endpoint("utility", owner=owner))
+    _append(*resolve_endpoint("default", owner=owner))
+    for url, model, headers in resolve_utility_fallback_candidates(owner=owner):
+        _append(url, model, headers)
+    for url, model, headers in resolve_chat_fallback_candidates(owner=owner):
+        _append(url, model, headers)
+
+    return candidates
+
+
+async def task_llm_call_async(
+    messages,
+    *,
+    fallback_url=None,
+    fallback_model=None,
+    fallback_headers=None,
+    owner=None,
+    **kwargs,
+):
+    """Call the shared background-task LLM candidate chain."""
+    candidates = resolve_task_candidates(
+        fallback_url=fallback_url,
+        fallback_model=fallback_model,
+        fallback_headers=fallback_headers,
+        owner=owner,
+    )
+    if not candidates:
+        raise RuntimeError("No LLM endpoint available for background task")
+    return await llm_call_async_with_fallback(candidates, messages=messages, **kwargs)
diff --git a/src/task_scheduler.py b/src/task_scheduler.py
index 6c8ab148a..b9ff51b6b 100644
--- a/src/task_scheduler.py
+++ b/src/task_scheduler.py
@@ -833,6 +833,14 @@ class TaskScheduler:
                     owner=task.owner,
                     body=run.result if output == "notification" else None,
                 )
+            elif run.status == "error":
+                self.add_notification(
+                    task.name,
+                    "error",
+                    task_id,
+                    owner=task.owner,
+                    body=run.error or run.result,
+                )
 
             # Log result to the assistant chat so all task activity is visible.
             # Skip skipped/error rows — user shouldn't see "skipped: …" noise
@@ -1406,12 +1414,18 @@ class TaskScheduler:
             )
         except Exception as e:
             logger.warning(f"Agent loop failed for task '{task.name}', falling back to simple call: {e}")
-            from src.llm_core import llm_call_async
+            from src.task_endpoint import task_llm_call_async
             messages = [
                 {"role": "system", "content": system_prompt},
                 {"role": "user", "content": task.prompt},
             ]
-            result = await llm_call_async(url=endpoint_url, model=model, messages=messages, timeout=120)
+            result = await task_llm_call_async(
+                messages,
+                fallback_url=endpoint_url,
+                fallback_model=model,
+                owner=task.owner,
+                timeout=120,
+            )
 
         # Strip the model's chain-of-thought before saving/delivering. Task
         # output is LLM-only, so prose=True (which also removes untagged
@@ -1636,13 +1650,17 @@ class TaskScheduler:
         # Honor per-task max_steps (defense against runaway agent loops).
         # Falls back to 20 if not set — the historical default.
         _task_max_rounds = task.max_steps if task.max_steps and task.max_steps > 0 else 20
-        # Tasks are background workloads — they share the Utility model's
-        # fallback chain (Settings → Utility Model → Fallbacks). A downed
-        # primary endpoint won't silently yield `(no output)` — same recipe
-        # chat uses but with the utility list (`utility_model_fallbacks`).
+        # Tasks are background workloads: use the shared task fallback chain
+        # behind the primary endpoint so a downed primary won't silently yield
+        # `(no output)`.
         try:
-            from src.endpoint_resolver import resolve_utility_fallback_candidates
-            _task_fallbacks = resolve_utility_fallback_candidates(owner=task.owner or None)
+            from src.task_endpoint import resolve_task_candidates
+            _task_fallbacks = resolve_task_candidates(
+                fallback_url=endpoint_url,
+                fallback_model=model,
+                fallback_headers=headers,
+                owner=task.owner or None,
+            )[1:]
         except Exception:
             _task_fallbacks = []
         async for event_str in stream_agent_loop(
@@ -1679,21 +1697,22 @@ class TaskScheduler:
         # asking it to summarize what it did. Guarantees output.
         if not full_text.strip():
             try:
-                from src.llm_core import llm_call_async_with_fallback
-                from src.endpoint_resolver import resolve_utility_fallback_candidates
+                from src.task_endpoint import task_llm_call_async
                 grace_context = "You ran out of steps. "
                 if tool_results:
                     grace_context += "Here's what your tools returned:\n" + "\n".join(tool_results[-5:])
                 else:
                     grace_context += "No tool results were captured."
                 grace_context += "\n\nSummarize what you accomplished and what's still pending. Be concise."
-                _grace_candidates = [(endpoint_url, model, headers)] + resolve_utility_fallback_candidates(owner=task.owner or None)
-                full_text = await llm_call_async_with_fallback(
-                    _grace_candidates,
+                full_text = await task_llm_call_async(
                     messages=[
                         {"role": "system", "content": system_content},
                         {"role": "user", "content": grace_context},
                     ],
+                    fallback_url=endpoint_url,
+                    fallback_model=model,
+                    fallback_headers=headers,
+                    owner=task.owner or None,
                     timeout=30,
                 )
                 full_text = (full_text or "").strip()
diff --git a/src/tool_implementations.py b/src/tool_implementations.py
index ae7246ec6..f1ac33007 100644
--- a/src/tool_implementations.py
+++ b/src/tool_implementations.py
@@ -1119,8 +1119,8 @@ async def do_manage_settings(content: str, owner: Optional[str] = None) -> Dict:
             _ALIASES = {
                 "shell": ["bash"],
                 "terminal": ["bash"],
-                "search": ["web_search"],
-                "web": ["web_search"],
+                "search": ["web_search", "web_fetch"],
+                "web": ["web_search", "web_fetch"],
                 "browser": ["builtin_browser"],
                 "documents": ["create_document", "edit_document", "update_document", "suggest_document"],
                 "doc": ["create_document", "edit_document", "update_document", "suggest_document"],
@@ -1132,7 +1132,7 @@ async def do_manage_settings(content: str, owner: Optional[str] = None) -> Dict:
                 "notes": ["manage_notes"],
                 "calendar": ["manage_calendar"],
                 "email": ["mcp__email__list_emails", "mcp__email__read_email", "mcp__email__send_email"],
-                "research": ["web_search"],  # research is a per-request flag, not a tool — closest analog
+                "research": ["web_search", "web_fetch"],  # research is a per-request flag, not a tool — closest analog
             }
 
             if action == "list_tools":
@@ -2714,13 +2714,25 @@ async def do_serve_model(content: str, owner: Optional[str] = None) -> Dict:
                 endpoint_added=endpoint_added, endpoint_id=endpoint_id or "",
             )
             note = "" if registered else " (state-write failed — task may not show in UI)"
+            where = host or "local"
+            log_path = f"/tmp/odysseus-tmux/{sid}.log"
             return {
-                "output": f"Serving {repo_id} (session: {sid}){note}",
+                "output": (
+                    f"Serving {repo_id} on {where} (session: {sid}){note}\n"
+                    f"Next required check: call list_served_models. If this task is not ready, "
+                    f"call tail_serve_output with session_id={sid} and tail=400 before answering. "
+                    f"Do not tell the user to check logs; you have the log tool."
+                ),
                 "session_id": sid,
                 "task_type": "serve",
                 "phase": "running",
                 "host": host,
                 "endpoint_id": endpoint_id,
+                "log_path": log_path,
+                "next_tools": [
+                    {"name": "list_served_models", "arguments": {}},
+                    {"name": "tail_serve_output", "arguments": {"session_id": sid, "tail": 400}},
+                ],
                 "exit_code": 0,
             }
         # FastAPI HTTPException puts the message under `detail`, not `error`.
@@ -3057,8 +3069,17 @@ async def do_tail_serve_output(content: str, owner: Optional[str] = None) -> Dic
         MAX_CHARS = 8000
         if len(output_text) > MAX_CHARS:
             output_text = "…(earlier output truncated)…\n" + output_text[-MAX_CHARS:]
+        if not output_text:
+            output_text = (
+                f"No log output captured yet for {session_id} on {host_label}. "
+                "This usually means the tmux wrapper has started but the model process "
+                "has not printed anything yet. Do not stop here: call list_served_models "
+                "again to check whether it is still loading, ready, or crashed; if it is "
+                "still not ready, call tail_serve_output again with a larger tail after "
+                "the next status check."
+            )
         return {
-            "output": output_text or "(empty pane)",
+            "output": output_text,
             "session_id": session_id,
             "host": host_label,
             "tail_lines": tail,
diff --git a/static/icons/ollama-mark-crop.png b/static/icons/ollama-mark-crop.png
new file mode 100644
index 0000000000000000000000000000000000000000..2554b38a14bf90287c29b2fcdadd2705c87fa148
GIT binary patch
literal 7498
zcmV-Q9kt?#P)<h;3K|Lk000e1NJLTq006ZB008a?1^@s6e;P)e0012kNkl<Zc%1E>
zdAM9fmB4@fUP2ZiJ6Q<?3_(I542x`v558bj5EL0<bQlB7d^0*2GV=*2D&ptDsNga>
z=%;|p3>cL#WI!VhTcQRO5knw^B_V<ElCWead-8hzINf>u`rW==b*gUPd%NrReP!^y
zS9MNRoxWYS>eM*}vPl7W8}N?OzwM=;?*g6!9s|~-qgqQb1~?UXJFs8rXM2I=z~iNV
zi|MGAABF%|0ZWj<s#UrW!~T1qe;SH5G5wKoeGD1rxOrHD%-4`K6wNyAz)WBr@q-vu
zRst6xPxpYH0y2&(v7du=$o#ceH`=Nk3@pHYAgjw=geQiUA;|c-&cOm?K3kgOfKJ>8
zvs{(}hc&VTO~7HuxcQocPGnwNk`sXS_#4b}c@>z{z<%VJNyvElo`dzs{I(Pmf!FXq
znC0>kFt%a6$tPoxaY||qUPI=&CD<QWOmc%+E`I>}HK<Q{qaQLpNzcJzWWJl8ACdfE
zmdke=)Tg}hT^ctBKWb2)Qe!&x_db1=y}-1F^ejJ2L&l|1bI^s%dsEUMSVrRpvs{(|
z0~*l3JTQRt=AbDL$*!jHgIO-uHK2ca;5yQqgR2|RzlJgd-D#n(vKbhabSE>;C}bSc
znuB#T=y0s95ki0~fME@i6~%!x;giCWtC4X?i(!ZzGzI;Ewdg<LTY<}fYk=Jj?YspX
zlyG0O%0Wo~wPUv%8UM?W`OvnrmL^$Se;oZF>;cZHXzLQ(c2B;LSTD297toJc7c%Z;
z&Ozoy+up|$>tzF3h<*UR64Bm`4()XUef@Va)AYs7zvjk>HoxM~-a`LfY%G(|KUtq6
z`b4lF@T{`UBJd&az05WrLO)i|QhN@bQ?}Vf&V6&PM?at!#I!rzq20OOdY2F8q93cc
zLz4>}+P&Ue?^57tbe&#I{hgVIm2K|?hI{H?))|iUS2Ioz*J-;Ay${dRp8D5tCZhi&
zUuMw$w1nGl1};NCMkekBF74;igKs9f&Thoav#Wsqo8Uh8?&X5}&_78{uE*_<%$G*S
zO!w|J9_@hMVj<&GN*UXLfi9iP0RxeKYR2bN7IJP;%E;Y=r4O(PU1!g>kaH0FHRF37
z`j-dZi*8(YVs}V&wo=X}#7=U<3Ftby9{YXdc}iK|)OIc>d=uTc%(Il!7yY%oM6P@#
z<@<4(vfcy8k*p2(C}njh>*a+GWj)*R+>Oke2CbdMl9W-Oq^$R#qRy|7PrWV20fQ9v
z^1vW;H@b_+c-o?wH_+QjD%6XxRI6xDnzZ|+XDa1ooiovm$6}?tNlJN3l=5Op;z`{f
zopHViyr`7<kg{H`o)i{n`=uSn7m@k1WfBQ^?ImH<Z%6l5`zLhE2!P)!>z$~qmvyxL
z(vD*hnLk_lAok*wB(_wvONb{OWIn2_H^o6_nF25#d6S=v^nW}OF?0YhlI}Z_Mc@r&
z|M(3gHpWYcbI?=B*Z*4{bkg=qJB}dp_dZ3vNx&ipxxGljsE<(Ad&)uP8sHV+5X*WK
z5s$N-mh}!toPEv$-U*C0tXDvc9AHAk@An|5dGnE%uldLaz=nS4j-X$`Ej+Sz{<QYe
zP;N!{(r~P!T<r<wWW)B40=|U)XkJsc0{;Vi6ga?8&&f(zt|xrQD&^klD7PUzfPKfh
za1UefRfXIlaDGgi2Lk_y1Q>6WA=fHffZLED=y84-=PTR)YD}9Z3_#~QuifLWNfIxL
znizJk0oxtrYPW|DkNDZ4z_)-^zz@mBF3ADFrO3MXapdV8b^03B9}`@+*R~_`Xp8rl
zhgmV|l^*22psY8(;=d0^z7Agi{skE9s#HRp2;7OhU|vp7;~pPbqdwa4t7N63PUZu7
zwxj#%`<VyXLzJ@TAPzkLj@~&c?eaYEVPsh{N7=>*>k;qG&y=#gW+3pr`!PmY?+p*K
zHzJ;2woli0Ax1IOgAQpi2{GpR=;mM(y2F!dwDULyiIeRG-$uP({XdChohSLLu{Y|G
z_5UO{bSUes_9S0Bk6OEl#P^!obicNm*FDJ(Y3OwL8aM4cYV9Tx-$t$d#MvG&)S}Z<
zJFSMVansIYrk~VWHhXGkqo;OSjg6k#@imW5WW}i0XRMu8qp8L}S9in=@U@I_rHH(I
ztwfHxUqepY_D5oI3`f#aXC)s>R>sW>&1Td-wgxq91|9)^3;YrBw%bytP62ViIte-Y
zJ`=gEl1Ap<w8kwFn$4(-4V1MW*&DtKG3H&C^^3sEr81}VvvG*;#zlztU!#_XjU2bc
z$;z5KPb@_IF2*6wP7h*l(6#6UZU)|s9H@K)e|z{XLspF1SA=_4r>I&KfnOrGpWg}0
z26iMQtITpF(D|XjERx->^fhj2W-8c6R*c$Lz(!w(IF<Y!G3E~dk0sE4J+>lw505~M
zd}9JKe2rTs0&n^@>b=T(z5=29TpO+dJ_ekDWQR?g?Z|TENZ@w-_SIKg+IiI4O(edJ
zT6^58b%d(scu(!zf!y=^DcO68dL8kro{so?`@q+@Y3DK1?hWJ7xgLJogX}@T2BrLR
z*^Imd=7ph1L?u_()eZOw?DK7<e60_7L+FF9Q+Iff{aK~#a(NN+`-)kj09=cEYUa;+
z(B%%LY_D6(zW1s3AcqdNZ^5RY)ZxG}$k*J#$cbD5Ij#GorOZnH0GvlY4<U-c*O1+k
z|0Fs`iwUz3$D+1Un_Ced=QYS>W0S2#%@cPEVmIDM;`HhT?61AA1P&|x_W{Vs+C(Ib
zz!Atz<q4SIsJ3ANva?a|1TYUwN0uW=<YIpdnWx3bx7tc1=lCMJW0kBRI`l&vFOq}A
zMvq|s^|J?gQaprP@=4qBM>4Xv>XCDCOQLF9HUmE{$<^dnd?cA+@QZd`)#$R4=FM0B
z&!j)Trp3qmR1cCkd|8n|o4(nN_*ZDI^yh(_Nx)bV!n?gBVbseLXwx@eMwTAUN)gH1
z@=Dr@7?1~h;dIjfN{cJ=X+H17TD%K!wn}@<<I3rY_1+`<BS*Sv4^~v!j{Vzt-f_w0
z-iZ0g%0-E~%qIN-iz+uI+3Acj1oxBHq{{3hI-JCsdNBTcIehXaa!Ao?Y((B6vdCbP
zIeYNRaNr5je*#36s}k&Y*6D|w4yHW^QRR<h#AP*#kx1a}v<E4wY{xF)Wi#?6(w~P~
z<tZ{4DQg&w4MuKT?o6)hx#3{4y%X{bVn>-^B;84fvRIx$u0#dk3bGy9^-p+sV!Jvt
z9SZy!Nga_CMa1dlNyI>3LOjRHf!g~cvDii-u`~`xLc{JxzCCWIIh>VzaUyUb-7W$f
zk?~!D?2?pESw|pi-9wSvHpiCg4o+CVrAR`gmlKu~$t2|FMG~Lbt-vpUOYj^#FyKTx
z5~t*gB>VofiWEHeCLy<*eRpOt5_TZzr$NA-0^%b41H|>zw=HziK*Jt`d{z1Ez!Qk;
zVpeXq2kaPuBtqJPU%OaA1I|1KBTnHyKaGD&Fy>}q4Dt@6$<kG;EF!^g?lvT#iw{M+
z5XbT%Nhuphl`|3VJ70$VOA>nU-QY>V^}q*{P%w}w2I2R@$PK;~JR3h>DNm!%^B2e;
z1;nr0$Mv!<#16f15Ptjy9w6*$v?}k#&r9U1cyf2R+k-N5(O=yUGzX{Q#|8FoS4BEJ
zC~+^I6V(KA%PGk1b61<{&?>MWa%AZu{C6Z1gCdY$&c@xbYAMPG<tH5lFUL=6;6U?n
zIqpwu>xf+YBaSUvfm?y8_I(Ys5I?}ps9(eKe&c5x1^$Dwqk-0;Kklc~pD`6S011?+
z6?8A@WS9!%k7JNDBU)QC&Z+LQ-r0yG_z46|`67CI+m69jaRK<VgOFJsIvHp!`XiSV
zv^Mv#dIC;xX#9D?esn;`1?cVWk$R1P*P-!?{PZu-f)tRz_Zqv~OLuJZUi3lk{%IOs
zLhy+WxN#2p2Wrh-kPe4NFZ0^HKr2!}A7<lEwHm!i+29+5qws(q{t2B8b|G<1da*>=
z;I|X#T%a`>gx*E<^6JLMp}z$1SIP7*(4uH>%lx#up^KFby+AlU4EW_dbhfyPk}Z~Z
zEKXG_aBr!>K)@Fd0^1bz4yKgHv24^QC>6M0SuYT%#Wvu#%DN|j7<B=OlV;0K;8CUU
zKp>9!%6i9u81)!*2{NBX_caj+)MKHt-q9dNZJTnr%%7F@0)cuwh3v-Jas-G`AF34m
zjIv%JP>(H0Mq*nI0Ws>xlNbY@SJn#zOn5<2XE@N_2YrB<70P<eMga--egZHV`3f9Y
zDt(dQ=6#U|NEZ^V=(W<nou%?3@GP>VE61Q~byh0tjqQUz9YLqEo|eJD$-r1-(mN4H
zmQ4-T17tt+Twoe-2IjZs+mM?Yhm`*R+amtvO=L^!K_oEZDkn{K3`T;hk3&ARtC1{P
zjU4N>%6fePeuDk!&2Be+tvC+&Inj67c9ecMr2%>jLvp4(ir-MRaiyyy?+O}|<Yx-?
z$NIPi=mBzhTQg>-fzGHKk;uIb_zJMcK%X7RRk9?G?2iU+LAEa&VaT=0wvrx4C(y?N
zGJYnPVD}*NlC=N)3<F)FN(bnSdPTw=0=QYB*XKRTpA5`FZdRme%++OYNw3Ks`}%o>
z9yfcGAH@uXPEJOhbmk<jgH;zW-BI>%B+!b<H$<9cPf1VLY_ZePFQ+bclpV(mrA{57
zGwK})cBUOzrtDA=*+tNPHU16ox`XUA%IhV)HMAk)rIo!5nXe?!uBqPzI-@R<+-;W`
zN_{HJnU*pK1G7EIO|#6#etY&z4{~Q%$~5JRN_{4_A?YeKBoVZx4Y<}rJJT%wb_%jJ
znB-S!Be)pphs{oq%{bNKT9SEb)aK9J-3M5wtb7>q_2ZM1(EFlPGS=|#rXxv62YHaW
z7jYd}gnXs1K=xWY>0YxI5Ca&8Oxj_{3*T{wF}i-0AAvXneFXT8!QY#XQ$3j{A^X@q
znV_t<rVkeJ$f}rxq`dIS>7Lt*<09a{a0|e*7Riz@4_JT%6gT0eh@TAt-VMATN%W+B
zQVl{bZ~PsyuiOYu$G=f)9&YQ9*w>teZte0zSFIzsUa3oUxv`F%kDyPkvj?~b$)BCn
zOHzBO{d>^w!t5^fGmaaTZC97;T{~RGf#|kUpDZ^pPT7$sJa+{A8TExRGNvIH95hC9
z8!*vNSB;rilB@X;?j(NQe4(PvMi}+Gm3sW5+&}?|R%+Y8E_9a*;<#GbnaZ*eIG{%R
zN1{un^B~Eb<k@g^Ne^4yHz56v;sA7WUtO;D*iX<M1{IMVlYRV7*~kYxcjlc+Ju1r&
zYP3BN`v^drkmyrcxiMcr^x1@6Kb}VVABAf~{~|JPKAEr7<3p8=d`sDg?{#$>@SIYY
zBH|xWD_G$7E!$d*pPiT_I0Dhnra#}W(bi$O`L#TU-z~ji=o20F*k;zQt=1xeC4F+f
zQkO2^(i&}^f!$H?Jp3=Md~+b8r_K1BQKPL((I1tc@3~)>D)m@V-Oxek9e2+0+$n(X
zSnALPTv?;7KG;3g=8&H_+xsE<n)YomwI4!PVsF^r@!usLvecnmZjWm031wsdn?T3f
zfUjZpLEA%o1_PUPANP|VgD$flqPJ-ud&QiqU>0Uuh<lOw@qLmw3H`(MqfrfBuWW1&
z$!&9;hD=zkfqsVg?5BO`z8+PtEG56W(+6Xo$aOjKOU4dlTx-qs{gfQ>6TtSpr(AYX
z;jLKtRzDRv;?-~q$)=ebj)X=#7I`x5K#qeK5`UHcLf|fg_IDyz#h!9gGgYP{r+Owi
z;Qty~w$!2xIVC(D$;q+{S-L!i-mRh@qmd6>tzDWp9su4G^@{@faK5{cua2zo8_e{-
z&Xc@Bz`r7%k3T|OLaUcE6OeDkpCFF*wjPCXT!&eIP5eR{&G*pRUcDt1*Elph*IW1e
zFdDP<;mgR=$dxh3wf^e%pGW*T1|hM$t4}k#fG>HF57Lj9BXo#bMreIYlHe%x+jwtL
zXW2L!-4SxRoad{T9x#1D{DdcYadDNqh`)T$1)S(fk59zNF@Cx=kTxX4me%HOGZAv9
zgMd!luNV2kq#qm6t>L2BU?4B9eAbg512H@LzSEODSFXTq+>9djo`72jfVpHNQ<urE
zhta3p5Zj~c>f+;aM48(R<Sq9oPs>!?PBS025oU8z6;<XT2Rdo7KV~1yIBz~%erh1E
zR_Q_<?R{Z#LfnOnQ(BC~%_X9U<;|UU;2yB$8DOZYyY5Uj)Y0e5(jkc3fM%?|=TQ%k
zewoOf>RGNSBXGO$TST0mtR2mM?kKc~+$>3h4g=ki*l#@wyFA-n$c{)7mkrh#$nQu%
zZaoUXuMBjnH*TkBgiiprItownv@wnj1KpB3Xc>g0!>;Glzl>!3X39KOM}AsHJ;gw;
zdgZ@e6!@G61+H{aKuL#zUh@;y;i4GXog|-7b$*QeG>!U71HIzPdgM%?CiQkHzKQ!2
zt=6rJwDED1I*vDDezykLp0NC+`=`a#9<D;huO{`3dKd8V(!W}Y4t2Gdq*fSDau;VI
zKK{n!gk`r=O21YIO$rKET<qa57;M9u>?iNQ?K)E$`=PHI{7rxS23f4;_?X`fAldN4
zlQBE`HyJ12xY)xKJoy;8?!O-8LkUaTF$+sOD?uIVT};r%zcXQ09oa=>e3JaOsKrsZ
zZ5Q`S*KEt%af|*r*Hr-r9<QNOWl1s*<cd17XCx^5(K@n=$oQni+!{KWls$-Ds=3uc
z_$KtBqkM2vgicW<ZkgahImLCY(vgtd<Lk&RmzxrjZ^8uJ+zM{h3LcHwS9q;5Q!CgL
z(=gNX-h|{&rS`<lA-S*%^*&7H;v+bu3o|j(Gpg)Bc^Yi$a2{2j!v8IETl!#rY@O60
z$dO1~jsHWE65R)Uic+$j1ULt?{w5Ixz?MFk9T3$j))zb4k-RQifst2hQs5hy>ARY2
zIn8Srjr7B$zu!nn$7<e#-o{?R@<sRk4#FNHI}wcz#r#IaLj3twH=2Qn{wDq0g+9x%
zZwlx`A`}rjHO3{XeyxBhY4Kysb-$nd8TLTzLL~e+9W`rm26|hYZ7Spd<ldJ?$fIQE
zDP3kP5;xkW52I4i)Sgk8ZQqs4X0msDUcjyomE|pJ2LtWFN0b7J)Q^Xp7PGMHM<?m;
z4%A~BqNh#2W~HI10g2mO+y&COvYPBhH_}}0>_YZKv-Z>;h4??%p2|H!Hm=!4u^;9y
zxz**4dX1NJz-Su(x}W|f##nR%w*~k&(*N2XThe0-x(80$`q$&@=<IGCb+#u@Q8rwp
zG5Nt=IT`)Mhh4~_$ptj-WpZFi-W>FCF}5Q8&N?oa2V!r*XfFjkL-t+}Yw<qZPD+c&
z4d@4uNK5A;F`ixfUnsS6ZmHb|aL<RnqtxF#P@r}Uzk20!l?_!twzb=Fb4!iqfnOup
zukJ?w#2tXVs8zm9b|GK$TM;MrK1dMo0&-lw0lA1g7#XWh#5rdSa;tkRe%HL)fDa?v
zeR-gW*pVg;$r->`qkhqb-PTuSIaQ%Z+MJC3<s|E6HThU_RC6l2{%)qm1Hm+`Ky}$b
zI)1r67>DFPOxp;3mIWk}jkpoCqmOj8@4`o=b!%NPe}@Fh&Lf>j9?5Hw^=F>hf%M}n
zq+fYtFJey`_StWxQ6HmhY@xDVR@e*NfVhgzOIa5!^AP=SAiocoGFp3zwBP&CJ@$RZ
zSIz=wk)I{Wf|9<?#F^;E;=ZWHqGBu8D_x`)S}bW!K~Ae&x7B=?Z6&=_5sGraP;_?~
zU#M=VfNpbtRZ>065JQkOX!oLb^l~k4mE>Pq(x=&3h5Z=qqUx+*jG~bumZ4OefPP5c
z>}!yH?xpBY`r;;MX{r5dO7cwdxHJ<FqZ_+1(0%x#z4ft7t94G<iL7H6RQ#-f4CZj$
z0?w~1l{Lr&wKB`ly{nA|)|8EUgi?4K!BDbB5jpHwowg!Pgx0P`K=+njY{0!3^12@y
z$TnKL8Ux)%t@Sy0Q&}$%h(l{vZTtQQ{W13@WxYTk4y|3aL$^_D9msbo>jeUFXzgk&
zxId}aD(eLTacJ$T$CFx1QjvxNt&Njim5q9<vc7iLBoK&0Ygb#L+o+x1HUk0AIPJ!j
zD{D`%vKBrd&>U#(stDaiy;<3a_9QY8h(l{vo56kgVUjE-5U@pSSL>kLsI`6zhb!v^
z0&!^VYAtjdb!=X`7`$Xk3IwXq+Ep({C{42X9fZB=fM5Ee3pTXxz@~ERMB^LXk9>q1
z3*?6>=q^R<v)@XiUZPZ@S?|gP(m`ua`|Q_;QD-f4Kp@{}?J3fJwIQEgC!8z>{LqHj
zlg17sL*ETR9}P5*vGfAjL;GOef!Ht5^9j2hcv7j%1<HDXKqXo`dJ?f;p!c#t8}i^{
z@*5;FkPX@qJJJwqw=U_wlFAwzXbnuW^+uK0mrIwNFL@2F7{~_m(AizxoG$>kD;wX7
zK5}ZHwK)c{AC2AJZX)1)%EpVpUC!MLv?6z*w>hJnHht+1eWiI?=P@lqAU#e-|CC;X
zh3}Czr(F?voUjuTFryu@7p<*X<?cKj$sDB>_GxV|11-g;(c9P_6n@wDI0)Q^K8H-8
zH8>u(fcE!jgt}zEEdtAdVH&}Kre_#pA1?N#_71(@QSfZ7;6PI|8#lXhN_ct_`Zv=e
zlDp%BE(!#ijt`>C=~6Cx5xaEa4hIE_L?oCAv^1K8S(W7uA4-fvLaVwca-<JM0=ef%
z-0Wx*2HAW~oclYGOsXz~dyD~aw}Wf(n7yJ6ea56BFvFK3fm|~Ky$wB#;SDR(Ygk>t
z3S-rKv(2Gypm}hygB6G!dc(!nwFn&QQ<*?+8IPMCdGp!t54`B0$X|RZ5@-tkg5H*1
zMC{R-nGQ-6f%AMQ5oj9D!_A&%x+>5QiBG0gV4<r5fu>|3dYgI`$F$a$I0!ESr@06Z
zG%cs$W>=TE2zU8J-R&Yc(Dd9*3M+sk(Vx-pB82%3#4`!86ODa!5pzl%w@-aBP*5uT
z9|WI|Ks+xXcA}wxGDgTEbf2O%z=29-1Fgk@=<mZWvK2NS{nFzqRrdm|%2nu>Acxop
zx?Cw}J1|_|zd#Ez9I+dXy<HyFV68QEhf={`QOb}M2pF;su^SB?Hh;Vl-6uyI;4jeH
zT#U}%R+<VJsT8mq80yxyK#MXIu^)}yjjV1gYWZ=ZQn4q24a&NK)@B3x*yz3NHOi>9
zK^}jrtQQD?-hO)7Ym`w>RyO{)vR)tndi&{RuTe&Ql(O+Bl=T7u(A$rZy}pV4Vtq3q
zLs!6!HpGr>ZST#fhAJ6=?(k$8p6`zZT8=JsS(k@Xk(mp68}-3Tg`QW|3j`|B+EEX?
ztv2d0%0^cy>jeUpXzi$n-Bug*AZ4SkD(eLTm1ym#huu~i^$2C7>y`Bafl9P?)WdFl
z?O3e#)J~wa@nT2SMm<>BPT2Vf_&{q%J?ysHsI?ABVfhj8f!2<C*sZVS$7WCM1X>#}
zc2sTDMP)l7w@bhWT081tx79}7>&Vd%?N(qQP>I%#df08XQEyc?8g7pVe4q{f*u!pp
zEk8yn>jeUp)J=U+gV^QA8fBy7mGuIFN~}U2RM5k2eXXhArmPnTRHC(`*fq8G>|J{W
zED)$fYe%tmTL3m<@2I_paFaaX#!$qLY;A8NRWTo<UKE!q6lw>~R@4gw%AAeZku6K9
z^P&ifz<VV^Ae(>-TKidK@<%h!1r^zXW7>j1%hC_AAC2A3FcC08*?19{>e{<NOEML`
z%}uCoENc0&5?G>CZb1D%2?TnfwVP*&h^JS}OYbg)fW7E$0|x@j5c{#^7g0a_e?PP2
UkZ(hP4*&oF07*qoM6N<$f>5WP-T(jq

literal 0
HcmV?d00001

diff --git a/static/icons/ollama-mark.png b/static/icons/ollama-mark.png
new file mode 100644
index 0000000000000000000000000000000000000000..8cd2cf1ed8043caf62e8b069330889c0cf0f5a3b
GIT binary patch
literal 7487
zcmai(cQhQ#_wb2?NFj+R!76Dw(R+;$5ky$MWU&$5vU=}Q7Ktuv^<Y<9y?48;-dmJd
ztBbmN`FWn_`~Ll&Gjrz7y`OXMIdf;`+%xm}ou=yDTa33zNJ#Fgy;gpIHCB+2kdoXa
zzmkYg#HX(YO6S*xt|TP4Y5wV?Bq?x)D<!GxdsQWpqCV!;tI2h1MGZv~5_I(KGtdnZ
z66O&#Wkp?2(#=%Lax0))cz}cG9V*T*LhiRiGk{OoG&yBV+4?viJY%$Y0(r*x>Ibd!
zxAJZ-ZRbe*`$rax?}8NG4P1{`AyZMlL3{7|Y1c@PQ2)T})(rBm_oyhmtiJ|$sJH1<
zs3AUc-gh)!=-NMN?bHQf#{U1?T4$TC)~9j3Fxfiddhl4<oc@H<?Nc=n4?(vV6DC_+
zvU$r#cfFs5cVoA;&*8lGO`n1o=SEB`zpkXg`38G@>&0~I*!Nf(Oe_TK`)FBluUSUW
zoT=0BHlm$^);*S-+Ctzb-^N|!R+XmChcgDOVMjmd9_EZMMi~1sEH&pSXrq#5QR@!R
zHzs_d6h#mIV~UGA?}lv-^~Y&`{*8PWix2e-RVJ>@zJK$$z{{<UdW|ji)4(u?Cmh!?
zpLcMw6g}&GDMFR}8&U+;p33va5{<<>!8;&0GKFl(!%l;8o&JCaD4yhSdf9sMR#Sk1
z9+SH!`2jIL{&1TXD1W6dfSbMG&q@g?{?t0D-gYSG%1Cj;r*k!Q=YxrgC`HeqS<1VK
zk*2p<Og)v_%e5|n5QcH)w~OqP8I0#2DmO#^Q!pbbLwfzXZ9x2Wg(VzzwHcS++NzfV
zk6F9^OtgtI&T3E4h{&;IQTo1DR=Q-(+G#m!dP#H5F5eD(89HY;VSLNS19Zp{=c)?Q
z8iFb{tv0!BFnD0nysCvWn4vH3+pUXt%iW}Yc<?2v^gw^=Z&%YNsf@WXLCgBXEzYmU
zo@^QQ;&#_0j1NeUUPtdzX>n3Fg{s=trZ;h2h(;W8?meL-q!xyUI0X^AaNs~Qj^MM&
zR~RAm_&>-P+5&#s+u{TRXGW-;F7d|uDI7j}_t%V)fXG}8zA(bt4rFx6Q4;upA;%T=
zsTk`I6Ma3@Fz}r5M0g6-3decHw_)mtxZX1ZKTrR{@Zg99V(eK$;O=2w^_g0rzY&(R
zy@4&~OvQT}(tsVBG=8`=*+G1=F5Xfl3K-B@j}=+;X5NE-MMs5<C=`&Lh=%QHS^_+1
zD-q9`PE_Uj@OypRwo6NP+$_A&oEv(RQgyklf8Mp!e)P@10<0g=V}zGtY_%+9SMc|3
z@0k$L&^S8<^l4`<)A~vFzeM6NEyW(VAwj<@z8L8%j}Tz8&Xf58`(rhkG-xIKgb9uB
z@=axD(o4OQ&8@xlm}yR5CO7|V1ltN*#@Y&Hm?tpJe8by(!3sHj80|7(pabQn8ET~z
zoaP7&St&K~;&*r^Col$cVaPyk#E2)zu-(fN)D#P2?NrG^JiKpk3I?byZK`yHXqNhH
z0@-bYDUD`r1D;O{UAxc{L*#U|PYJ9`2sz2?$gEgNgMWSDqg{WnKws(_WiMm8>iimA
zgA+gQ;6ClYq!Emh4q~$D1*kp0B#%GEp1rZZW8pN<3=P5+UrNVCRhW-Kt}ktYzeMav
znLo-`8VTTMqVJ>v`4w~8-|lG9=3}uw#GEHp>aK3=Ewq}wo6xxy5JlarQaC5DwsUyI
z<(g7uLg=P%n$3||i6-1k*-@vAwojEunW^Bumo|uOq>B`ABz-08o@*?j?(!FL5_C*H
z(+4^6ZVcYCM5BvFXc__Eh%EW!%?PkPb{nm6*K%8XlH6^J6zr0_wWUkWU@rQxuAwAL
zmt2u`F%eybK8xnQyVSoR?KFe`t4=HMC4s@cfNx8Wacnb#&*yBiwN(x{5g+DfNSt`~
zN6jw~=O(}^gqUs6G_Q(-jckf8ZAo>+$}WLSm1R*-{&-lgw0|^PlzlugI!soR7&-&9
z1U7zP$va+{H4!Vok9QR;<omH{J?=7YJZa2;ioF=~%X~wD2uPffwEgX_1}fI6;guXT
zz|h3^iGOpm?p28KIkdE#tX5o|AOE_nzcEY<<9@Z{DN0}2ac|FMaw!l}#*Bbkrm9Z)
z#tVHn9*O<|`xzHu_fTLBCL-C>i4nzxxUm%0uB!bNbzAXw5Fh8EMuhjN6hX@RvVh{U
zU3|9d9Q+4?8Lax<=oq`-1$zeT92N1?aS_Ig2A!ggHA{k@Ya>rS64>=6hcU{qfULif
zH)8A_#on6Mt@rIk%B(HD3mz78G<TXPE!0i(<#c;g#rrlT&(;2}(Y)PZPpiM~gci_y
zdPZ*1dO`<7`gQnCR3l_#P8;9#Te=8>3RR;aa>J+^Z6}$Y>+o7MYC#6Z<jXhO$I={-
zLmnYeoaZIX)=L5hLBVSa@_$~}mfopT2$Yci^O%um#lPhCPDiV|zE}D#C1JWPjdAVq
zn#ujYI;oi_EwLNY+)na)*JT?^e02E|QFow?B_$!iO?Pk+gvt6>@aV{^k(z5_OH%Et
zp*)(A$H1_2<*W#Lja`<7x6z%biOL>P$BLWv$;KnpIF%xW70K~%cxgj^$&BvD2!ObZ
zhGCSw@q{35dfWtTxIBpbiCCnoAXbmA-5l-J#I*^<AD%_&oSS8OA{X>~-AZ}lBTVog
zQ?W*M;`7~h5ZSZxA@;y-Rv57gR#+pBl$<wwt(*h=jHxEv+}N|RJlA90{@zTNk)zWc
z*XILstAb6?W*pM4Uq7AN(($%kI^<3TV`|GB`IcvMm&8OOsL)O=8ELv^%7~0zJ4fMo
z4wtvwxo%F0fU%xpJz;A0dmUKazX@j%-pijTg8+2QUs-0kW9fB$;f9RPlM+^TgS+jo
z1gJTm0O4j3KF))wQ+tq>!#SeP6J7x64bVmv0F0Wb8?*s!hTI-v;i)8Iq+^r3s>sd`
zO_?8t@wquocIOB<e%Vf=;0Ns*-~@Cp4tUzGV$FTA9-+mpb*t4Z=V{tE(Wr7ebXCfC
zeQv(bwgo#ZyQ6vy31?rdk)#IWz^qC`4adgafOo=6B;7l5qS4$`=6ZP-+fUn?T3vFQ
zD4j<Tro6P@O$C6FCoZFD)F>10x7;$MUDGaMYg#n>nWn(4;yOZ#%vQU<vkr?jN~#}Q
zWJ_XS2FW(Yl4hHJ6*0|TbYboA9U)}4zuUGz;n`R+Rzuk2^EnEElRH;;=GaL4OedlH
zJ56wf@7rMtGe1^6Sw$WoT-GX#rfE;NKev@V#Y_Uc2rY@)YrXB`;Mzg68reMU#w;=B
zC`c*5ao@sj9OC!_s#EvcP;1~*$am}%+GRUFe^0a1Np~%eZky7MgB`j4fiI41>s`Z>
zy3DLa4tL~B8jIs1+{k^PqBX>uU7PCKvmI)L<)*@BHt!QUCe_*YAvTOi21rtLaT?E{
z5nlG5KhmM0c&z&7_T#RjqIWgwLvr9}<pOr5OG(pW(&he@Ye_TosJD^(6fja5RJE6O
z2M1m5FDKf{CLs!H=#P1jBK$|2?&c{?Eo03x3$0n<S!zq+_YyKU*!)&Okdv25XjAqO
zQKX7)V7xQ5mu3GJmmS3fdAr*nK1PHlf%~bFMRKAJ{Yt^EFf}55na4cqSmdI@q$l>;
zH5rvkUeohC4Zwq5*mh%<%-x(}i3BG$>j&)oY_lFUp|HQ)UfX^qUW~8r)Q)#1L#tB}
zd##<=_+;7mWu7oTF*}5OuGhBEXLFCJb?}Ol7C0DBVD=}o5+j<zRu^+{dk;QSl~qf_
z<1z$uJN@0}lJ7*SCbiu-c=}8zHsgLSw`(S2E?P#Pu(_wJ(c5`bsa^uT%Zf^2c&O<L
zGKH@hgz;-o<El9HdJ;6FMw<H;73GK{xo%Kp{=YEO#CPnCO#N~A{Rlkqp>|e(-YINL
ztzf&*1>Q1mn(Qrgju^lhkj=%syDt!q?|eZJp$_)@@v$9QF%MtkS_k;LipS$aU6VGv
z+tU13^aQmg(l~ToN|-sQ64*`Nm)QQ*Xycxc%-B|6JROXJ`B{z6B)8qVv{(A$6oa4m
z5T-Ei^Yw3M`u2$b4H|RD9Q6Ecg501cV{y!R(3A(g)$@#js!qtzyp6-%vYj&jFcuJR
z%%;5jEf1IN!%~}jRU^ILw4NF0X6DreW{PTq4{qABC3P<j5(*PZE|j8Tsn;En@wK<7
z`VH<SSD)<<bW!GC@)|wW>x9!yOVjno!gP#pNNMsnnopR1i4Y~4uwX0mJQ84AU69@2
z^nj;Ku2L!^GNm5xWUe#Hs7A%65lVwXM&Nmr3KnWHU5HGAT`MFUQfV&(yJTCNi0gLn
z=f~!g2W!b?doGoK%cI9(oE9ZUo6U#?3zNZDNUs(CfuyFJ3DPq%w}FJ?xm{o~txF)i
zLvX|1QiB0OfBqMrPd09T=?q5}TCAH%YdU^HTub<)<@+7?%v73urd*hZ=_i}5om4PN
z)aYniHn&7WS5u0J?{q<_P@iUmvdm_c%slkBV*$D9SbiP5bQ;Ca#V|(m@g3Mve)G&x
zp|;d;c9To;{Zu3Nimp&Qida$FLZ+<BbFshV52L!~6QI+uRXQ_#QkRSJeqH*q?_s5&
zYd8|Hl;^66n$>=K3}TLe5u+III>kHmL|z9!AaXva+0#9J4WhnY9znXyZAhznU{B+x
zK{y~F1*c34-DNb6LBAQAV$@4|DE8i0T%J9c#Mp$h%1v#D@aW2#>-yHorTdo1$!QaM
zzW_x`DU3Ib3VeN=2ciU!MhTr_a>8fZgW;?NQm#KnTfP*pH^h-U4O};(JPv2bl^w9P
zwyiY4bl1YCv_{d&m14cyZK_QE+blqeN9p{rg)bTEZjKdWnz%PkLTj<0@v13@AV@7|
zhU1b=5VEEAmp{9_Z~0CHs&=!qeFCBB^L=67;qvGXF={wU|LkDntI$ZD@~CqXTGn_^
zt-(+XdDG~n&ulLAAo8fHey2?IDqX9b>F4`TK5}q=grBtd0(XW!^`?2rpN@!kk&h1v
z=$K6~Rh(o(OV#F^EM?Um3}LweX7kPfHaTYVRUX~H6{TsjW@V+_fh3-6FKoWC3;5c{
zvSUVyT`*ME>ErYV@}!q?P<Z%gSN*xJm*G<;p8IajGNt^le|v`SmZDTBAa5Fr%1LA*
z6L=|e>D?1>feY+sjo7rEmZ^r4MAX}TE5G;JREgpjDul*e&JVLLU#E7R@uV6Xb`1uV
z72S#PX*rlm==7hLYk$-}Y815<wRLgtS?d#jl&1qPx=OcNf6uKgvr&mB%s8mW)0<@Q
z8Rs{BqA$s}2S{oi8`|2dS8YnCQ;mH;WW*^yRi&-0Q0X2k^yXt#I+6S|Q(v6XqaEq(
zVJY1>${*-9%NKslv&Wd9{?5X?NvUC*eZrt0ZceY#O6mxt3;99cHf*#R=^%YRQ>m5w
zEf)N@Zu1?X!-XLfFlN{p4GXJ(<K-2E2BaS3$bpM<k8UbRY~S-k@{2FoP;6$H3ZAFW
ztrNL~MKk3Ot`WdBXh88M@1hPy$)y-I`RJ$+&Bt(Y|2+7Hzg%g7Iaj~tTiOBsDf;2G
z{zI;>J8yREK#eYrtADD&8c-3ZpOdwf3!9hsaow|+$`S{6g)|`#o!{Co>K@f3>eXcU
zl?#9Lbzj#RBQ0f(-zuzU{$P*&@;A8iv8~&0udv;{<W8{{>|1L(bgZ>Wxr}{E8lTHF
zq-~r&%`rsyQ?p|P^d{1@{r&GvhF1cHQ6+od!p^I9+r}rc4-XVAyY1eQha^E++XZcm
z<~^s>>t3FE&Igt<U}N}{m%@&_{C-r!HmJwN54fH4(J#m|kPiIJjZL{1WWAKLJ%MS<
z`Ouoy6UEl9UrU;~GZ~*v9z`pvV;;rhr<{tCqnA;P7IQvR7)IZUDvM=fSug7T#Jliu
z)LUWI5K5TJ008mUlM*pgs;Ix}r7xk_29i%iS<vUzya<4=g)IhNs>gRH_-|jItpG1t
zDT?r#`aiBS?sy@gNFb|1Ec~%Leb#VsEy%d-cxcr@SAIL-rp+ZqJVjLArCQE1USGF1
z)Lp=uF8@q#ac=$->$<kY&6E2>bN8BJwD%+@%f;>0ay&R5`hHovk#-hCWT$5t)0R@M
ztu0qQ4*k)bM%F^pU3V%H>y$#xMZJ%wzGW<A<fo4O;4@jZ^LHQy`~*<J%wDxQilojE
zh;-6nA@2aHRF6|1pIUQKJL!byPTvIOyZ+ipk><|+VM)W?+$%)%*5+3_X}OOE-yOf*
zz2lSHa8*Ogv#ZWwku1(Sa^T;=j}LaE-z$-n+{u6Wt0=}aI$g_)4XrvplYn<o{+V@c
zt<D4=kvJVU+{4NpoD_>R!}QCm;Vu2b{9YUa<)UK!>OZaX<5W8-1>K5@cNFjCJWRaF
zySCI<7SB==*3gHwli}4fU~+Bbz3;YaG>KVr#dYgkTlf2gA-iArp8w3E8|*A{`q3h1
zVqBEvqe#62aHDFMjy2Z$Ck2J{W1xvxHCOt@BN$7lXUY(?qgqy<oQ~Gr+JXQ?h*4Rn
zv`y=cD&98s$Zlg<8tFgp<39U1Ws>gw<z)3ufWbxX1J8hP@_O|w>npIrWOO&2)U8Zi
z*G*}ZfXvOC%Mp>ifBpflNPA~G=O}w9?b9?8u~@Ap8_7g|29TWJ(yP#&k>|<xmQW@f
z5y44$k_0c;b$uR`h_}*vo_kSM$ggEDI4>{@U)FzZ^pahqKD+UXo6Gws=UOG`<v}cj
z<xNeWNYwcN>e|I!Rh(o9uY1{WV3XylHuwm1LhG{6Dx_JXHb`cf(1GQ2yL9t`u^@EW
zK{nKSZg=XEKEML#TU!`sJutaAr?39$5pkOf__$8@H(xI#H92x!MeF^5OF<@r*?*rQ
zqg+Mmx0Y>v;g9Qn4dC71%y)+3B*o0KcOapyQ#G;3KO^kKzC1?v_XbVT14jngB2~dp
zz@a+%F~!^d?lG8dmRokq`ABlj^%D(dsuN(CDZ>HC);MZDhKu=WUFAT|s))qMpZY}f
z-K5h5FWwPWZ+p{G_M6lC?W0HL@oJwNO(&#B-&E?5?mx+H0xFY6hMl~miaasg@1Qbc
zD|(%`{R~Nw_RheE@`oWuuGj7IH2={3LmDK-N;^_;{}D0sbT<@Ny<nCYsdAgvKP&h&
zs>T<kdUx~JIs3Vl3>}gsoyP9<^$o%owr9u-M<l&D&~v(mYeob#Jezcn(j3^JAfQ(W
zU^SvtB-?tS*Q)p46fxu=!T;P5`j!<@@KHhfW#!fsMq*_1h`FJCKVx`cHR~m}R|7g2
z$jCx{RRuGvKpCl2@v{I1^3AMN!E@wp30D|Sw5rEILV(K+=4e&(yDOjmG{eouc9`Xi
z)k2G~5&$TgBwm{dZCrGpE(L{Exi%Zzx)dK}YINr#^Y8&(B6k8DoQ7;EHqkQ9Yikwb
z<mU#^2r~*tExB=n7h+$|=JW4`b$RaunUYay91O0QJs-Cl^~l_S2(E0o>IS^$r@m8v
z!?NLFvtN5{1KUA}2{#u<4ug0)rCUXLi9Yh%4t(k|q5|gyM*S9!Lr|Y1^a6g8oNv*$
zIVCkTm8Jj1R=P<SZKe-hZ$t^5j;fW)Lm+^emwV>V4e`68{jv8s+%XAk^Ka>}g!UVM
z9t#bIGVqw~I`{pdqo}GiWLY%X+YRze#ceh|Z%#^oqR#jLdOBzp&=QET_j8-t8<9DB
zQ`ra~nJLm1PGFw70s;md`YDt?83Z}vDMhH7elu@BeRc^-y`F4qou6Xgo<#yMd}3PI
zxILKfh`Rk;Ervx`7(}VSqL%q&ChOzN(^ZP|8l&FpfO7*ez4a=ck^UH1*{D53XEX{*
zD{I;t>OSm$GB`r<mI;OMUZbyi-EApv?MskqjxFL+|50YNnfi1f7R=i?gDO$Kdt(P9
zUo>C=Y@6lC1?ErN)@&B()xEv{g^|R&^f#!!ypF9hmG|eVzU}U$0+><6G0p(c@P0E&
z@0_B1N_aILH6f_fwAXh_EWx29ODSKIWKn0*6pXoXP@~3TCA-QbB1vC`3-CZS#>nu;
zUau|vHe<5*>)_8<;usd3!rxiytk*rY4gK&!T-T`i_@@!3rI%Ynd<C~#6dt8t`RZJG
zl0o%FTx}3Zu}yL;1*&KX`g?Y0+CVI&mUV4}>EAhB#pv?9ilnB0L9O@E+GVGIj~|Me
zLtf9cceR?&7Daa4-~vB0a1+hNk8ltx{*$-V9CDDaU-m&`vr(0KTXA>Si$3G;v?5WG
zfT~xi`<1H_$!b$DyUP;dbrhGPIs7ANbQB&no!O`%R>1K+O8DkKk>RyxH`NmG66h=E
ziQ5%dvF2J6{_|f&J3&W$Guiors|!+FvS!Pt%Bf!J$?tPwRuN0HZ$&9qe$xEQb-jIo
z3AX1=(+ZR9C6zVge^oH%l$$3I2UBa{S^h?WLg=lFN93(1NH*Ju>B$mDibWTPiMz3{
zIH*@{${Io^g!ci8)LUJK>3C%ezmm*px9Kpb9B7MwgT53U&CCHnMGb7uY+kOKi5a|P
z*~ncY{|sFtJ(<)JBVQAHcCHUJv`k%P6ESuYU^;S1{;`*n-$I+}9q7+n%apQrBTA4?
zvs}Y&QP;XwQG5lPS!b!l?U{^r-ncHQDYJq>)}+J5;0?thdd<0opKTt&cY@3cv}~Y^
z8$MROHW8^jbCi%)1&);tWJTWZ)T1)Fn0J%%-H`AQ%>u@kX@mab92~l@KRDY_J+hWk
zVC5p+)Jh17+o+l#gvlyKm5Hrf^UGf8-T<65w10_C#24JHeLV<#-#Tn+6(HQvIkUqk
z*~d5#@+?<<dH~P=#>!BMtVEq4VOR3BXRREJBbn53(y;HWbb-I8;F3~`cv*HFE^$aR
zdhYk8ZA(xp21y1@;`6z&Q1$U`YeFaF4ZuJ&^di{NAk3`I0@S4B{`UtydzIu|Hv3!l
zQLV*of&^Fs{SW}&n>5cYnR_O(nCJo*O{YL54E&M8H7ioWn$7sIhGgEa2Zt5kgua&4
ze<m_-FWEPhejD{`!1BG(`Z*0Z79oH&WP*OrM4iVg;5gQvN@@lSU_13m;1>q{D_gM<
z$8O{yas!`VnXi;?aS_w~Y%N~MycKI?J3My2GBmO=tqeVUvgkW0_v$y3&o^dkiIsM5
z)&t*Ht<P)RRw0qh9L)O`ror|ZH>pJQlx5295+wel(?cx>r-K@9ZB+e2e1{E>;9?df
zg3=R*tt_7}vG(H*y3piDuD_W6q3l21V0y$;-Bg0@hAjM-a9Hi_^@=mk1p9kWj-p-Q
zo&zvZu@fWj&1bfDF<90v$c6#2EWym@vp3ov&Vxl;j`sg!T-yZWWhA2jDF5Jn@2my-
z^{OsmsH9CgEA%0%fysw<gz`}oZv=-GQ?GYGPqNfN^s{v#Z_}zh>e^Qg$@V6Xv1(Xk
zmRId29T8Is$@zB|FRfNyz1+sbP>T|)25ur+RWq6XnfAYV|A+QgSVCaT9I3ogYji}s
zRhx$#ocVuPrPR~o-L|eEpz0p<r`<8+=l{dFC%1p|Yf=?RrQ}XKYR_>pjTI_jSKI#=
zIkogp6*iUGAVj`z*rAAkjU`B|-qG+Ij0ozEjxR;mTzSchp#bz;8AXYDE^ugp6l3+T
zN<@Qkao|;{p$E7-!Y7Dx)UMAG>*_y$UK4xmL{Swz^|E-+Lhis@yWU`jm(yPBYLWKK
z6n4_bg9N_Z19%pPQIta7m#lHTE>^d?&Fxb6V3<xq=XR~4JlzZ*W&VfnS7$Hz-!uSS
zzy6z=B)$!$Ndx^TnrNUneZHzpgTI+K2Pc98Tz7XvVr5COW3SLG;E2Pea4`nJcSGUo
Qzmr7mm8No$(ud&x12B~oumAu6

literal 0
HcmV?d00001

diff --git a/static/icons/sglang-logo.png b/static/icons/sglang-logo.png
new file mode 100644
index 0000000000000000000000000000000000000000..c13afe5713458cd787e996f94b75a02f3c72e217
GIT binary patch
literal 109100
zcmaI7cRXBA^f$h{7P}&>5+#JiB8j$^5Pf$EmQ~V3uS<xQsL@v^+9DCFhag1>QKAz)
zItikS9z9wR{Py#Gp4aPn{`mcV=f3XjxpU8*nKQF9=iGDOa}TGkj`#osJi3F`H_*Rr
zNCyA_kd*U+7T^K`;8a!hyMUBS0I=)76im70?Bd~ePXh}#G%|+M&H;dw<A2D?#{KF4
z;{IP#iqzrg|B@XM`+t@A|IdUHY~5`rB0H25;YO*P(k504&-(a(@z?+3t^XIV_#f}>
z@zjGNqyHc8_TZi>g(pz>>yQ60-unOIZJxUQCm&0ZQFM0l{I9P6=s)e~ZCxJTr~E=F
zCpW+ya1WpX!2YK{<(fjSxd6cJ0|0=E^ndcK$pAogH~_#g@qh9VIRF4-7ywW;@PG3D
zPoF%sa<lrM;=q&?WM>Be{3!$gE*k*=EQ0_5oyq^)qa^<yZG%&8aZ}pmN;w__oB*}}
zH~<H50oVY<DIAJ2sFDB~3|?PTZk(bNU!?P-CiB0IfT4Yh9r|VCsMQOwJ)@%-sZBh3
zp_hA{1-G|2w^H-l3atnmywqGpH4NJL<J-_|L8`TyL?>1JSbvCw*Z&k}O?vyJPB&0|
z0`oZg0%ds_!d1sEB~|P!isoNSjEvDT)G*-3O_4Y%oDmMFwcbCS^+)<qQP6jOax1G@
zd_zjAxrZM^e)qO@HlFCUGAn&*6V6Khu)Ogkc`+39xz6i|PadcYNUAIP9XZZhn_k#<
z^Mj0m@WcS<;aB^@Cq&+dV|_&lZGkFv&0AS~(S8waD=9_JlbpEO@hT;4*M<zaS8}w)
zPLowXiau017pB>I<lobbp9{DMx^+zw$kKfI;^M%C%VGOSa<VLQ+-kYX;lAAj!`@au
zYPR=(=m@oqtjyG%yy2b{!9u%v+wNZz@4pKTc`yI?MbiKn6HAW6WL0I{zqJ%XRqOjL
zE4zqk|KejhDU%r~DKBq~4aVkKlGe>$%PP?n^M;tfz>AgL!SqKB(NWOBh>ND1!sQ1h
zl|5#8SB~C--sHk^4MF&Y3a$!0#_7VfkrDAuPt*RIqxibII=#BOr&cs$2w3rlgOI`R
z(nd`Uhjme@0Nsfyv2-UBx$RU(XYc<g2l#!J_VOEAk1!tn{N=5!PcrLGbhAgD+{cgW
zndBUqB!M$7lLng|RmH=1yq>n%{YNKN7dLsAKR>e~y>1o#nbfYBFXt!1>&s<xScc}~
zjg5lt6gy8&$V^r_Pg*HR(o7-UzmXPyiLlT7LrPIdxA(K6dwVaQ=eFK^FGn2b|9+tS
zeP!ilXK47~@YMA5G<%)|!6I0BZA)Cok2`7}_U^;uUya$-Gr5m@dI)NGA}h;z_RdAn
z7jL1)7b4UDR60CsJEtD$ZqE1oya+W`XvjbLR$w-RI#YRB>6xNLqboW3NWeMM_VFTE
z;7lc`W~5{@uY19fy;F4ZVYt`NN+oGO{N`NL?pcnQ)Y7EY#EpH!?j)f+v#;-EPSZAK
zMk}UQ%Mt~h)#dx61K}ySHM<e7L0zAz&BszssIm7l3s=2dWU2}kXS|Zi;tH-EP!-|7
zrIBSu43;maE791!r@D=3l?m19_55ByCYz<_Ty`c%)p@Bi02t<p^fb4J?1%5FJlFb`
z{&tg1n$TPSbDXnFldJjeaGK^;S9F2UwaPWYC9XlW<Qz;gK0Pi!IrimuHGqRo(lcV7
zdUE_p@ZEb8;7|Bf(Q@)<FTjQ%5g^k>n0t_iE1Y<Vy5SPy1;LnbO4&(0cBGLRhZBha
z{<eS3(W&e2cvlJHm1qDk0|Uc$(0I@!O~T>D#OVT-oJ8qJp^TAbQcY1!&IqIrYcFC`
zkpFs7TmWJzgvQ1*!_jF^7Bd2Ol32Az-9Y{P*g8TX{`1cpcw>iaXmkez4u@QaG4Hwa
z!=jEs&WD<11ZrosD432%8r(*v=X$z<G4OSg8a%f9)6i`&C^%JQkWoL$8Yd<QVH3>d
z%f&(7V7Ml5H2GIxXe0|50|TqUH8rsyr<Z{FcSGZM)1~i;zQ4nC6_IPChERir$Xpj7
z=mUU2aHLwZdMk1{A{Yn-gW@`{DiGWY!OB>8Dhmz~ty#guHz8K1po@lm!hkVgH5f(>
zHOkG*K?2OH;V)JE<ZlN-;1FhK#6%Q=`7$5H!f`kX5sC0Q2u2M?#-rds?AO%nyi||x
zjHo0mt`Eu|5|xvatCr~T0`I1No6e7t5e+9qSRpt$a2zBw5lt!8fj^v5Y7{(L8kdAp
z8#ai*hv10-q47CVR1^%+R*{IqM*yK=6wzX>cz~HaN#uuX&RczeRETA8RMfk-^!b@d
z6v+x+T>cd>kVy^3&BxE5L<W+<G?sYbU|=xi$^8XYI%*h94eXvMw5k7{gyU!Cw+8|L
z6GyhF!KC0)p}hbqdPpc33m2k30oSNctX=)bUgkD<;hc=S35UZ&;4h+H7>YZjFj_=w
z)<0DwFr)0Uhtv3OYw2?f=N8HGX`;Avgc0EJ2SnMk93&7A1_Lj(h3MYb>Rw^KH^3{%
ziRv~qG&g2(dWu$4W1@zT3~lU4W&I>TI%KCnFV6dIYRSMws^JOniq_b$5Sc&?Lo%sJ
zV(#Ak-fH{I{r>AlVyWuWV^gpC>WTVu8W;1WMcI<+aR_%a4UmPRgrJ(*9jfvhpk6qq
zup|T2MjrOdYrhpkM=i?C#2S-kc5dx2#d|``I;nT4SC!e$B={~|o%+&II<8#s@iHj>
zE6p9IJC}PoG?Ln`vUCv<9nfG{b>2XX6tq?tCK00*cE7k?&e;z4hG@yp|Ki>CmdP^T
z?qubKJxFu2Tn1PFA)(zjghg1yJ80e8`?>Rai<}T;BF$Y_!*C0{;1IGxLnNoKQ&EZ1
zr)$E)Of^(sZ}rj5YHA1=bbluNZ1tP0|9pddq<h66YVy<<RV17N`$IjhXt~RmPHP#W
z8U+uzETlOYh9*j0V}^#=_V&@og0Wqm`?%e=e@`Uby3N{Kq6^r5zw5i+ZGuHE<Ytaq
zi@I$4ov}^U^{%uxv^p!7tmv`LXMA}<!vrpCVdA%D1_fJLBGjxAoD0oFL~Ckn;`(YQ
zksx@BspTzK14E2!$KQRY-phMO3m;DvFM9LGE-m*<Vqh&ackVhNA;B<^C?6JuMA@Kv
z|9f;$7y+q`F)jIig(g_&sg<PH_ktwK2&$<WaWITcq`%%OQC`iupXev7`0MY&{rG{@
zKD|3Ii~}K7`rB11s@U%4R0f+20*!Q<6Qn>QdyyK9QF}d6d@%oX{_fEUaYTGC@R@7+
z%4dz3n4kYPDAN*rH$opc4DU`X8%1J4v0!WN5l**j0Ww}YmDJCaFn8|4JK{m?u-h-n
z2JI5zB9{CUW)@1uQ|qq97UEg@L+J|K7WMB=U$1O6v2qGVUA~FY?bS;HP$dx&w0t&k
zoI0_{fHi~&JSVCybD?tg*m~u>ql5IMLH>5_)J*M+vdWaXZW@{@wgyV#n<wI!Nug*W
z2D^M!U~H%`H?_2fI_x1h7!82dRPX`A@?^Z*jF>4?t%HkJkBz5Dd|TY<9@WBgua=?n
zjUh=BJq(Q+XNaAZfHoZ8#X*Zje~#*Ql6Fb6|GIxCxd^}?m6`mRHj*}T`bR#`52e{U
z#TgUD8I>>NtZIDs34N%jmuSr-st6zlnAA2^0KH`OTKSTye?ziJ=PN3~E6nux=H^?}
z%m^zIY|bv8sHhEynrq+jd(Go<+9UbaZgfxXHTw$h_UVrDHwX?ug^a}s06}k3sU<o0
zKHo_$v<hfPh*;XKZR}*W{CN81yX#$ArKZ{v_M@!wy`d}o{J8$lFEx=uQo+noYpLmC
zX>2;`C3$+7kkU(X;44(P@HV70I;m2)Z3;;YBl@BQ;6OB*|Lf+wZ1z^UrM|`G=-bB|
zTcHC{QT$X0Lr{d;RRlrvEe4L^Ah7A!>lBry5UBC})q!^V>S{e~x1>Pp8oZhQhqe&}
zEChk3lOzN9U<&|IM3<;>&j_XFg)^nq#;(PVcW^C~!&Qi7NnaN|sD~a7^#%P;)wNDN
zA_FRcZqo$@7D2o1dlIIZ?n>;5y$G--QChPZL!{Rf=m0V#=Xc+VImk~cLf4J0HwFBC
zD7^lCntj`%;bNz@zw}NHCk_ioQ;Zxi39ivfPe(`<tw_o5?(&p3C6*>X2@}fAA#;HG
zP*P9%kw_|tz-Kr{$%=^t06Wd=V{CRzB09hCUwm5-UJ*VRcfipja9z^&DM$zjfGhI(
zw3Oy(kbK~o^uX|UhIhQHi;MC1r5M`I0Tnqp&%<$QJeCxO?!e-O(IBfZeP)7~@g-Eq
zQ1|H0ts9G9e-i;OuF?p>;WU=zqhTDh;5LuzAB2TKB!F7mm=O!TdZGT_ku1Bgx!>Bq
zkC8ZfG!d*BOHm!HnFe9PEXwqp@I%YJvU!>ePn=xSCmKALzwWk5WCzIe;izD6U@IKR
z9Cgfx5jC>c8HA{JYVB5D>oI#o4QAcrxZY(diN|W9LQ^NNBd_219UVmk!=04Y7iw^+
zZIcX6o|8Mhjv85V2>>WF+zNz1gAh0py2K%bWE&6+hGQ7Al>MGJDwyY_@J_j(ZWVvt
zjARHnrMDCs?*f3MaW*a;1OowkH)lf4<vfAQy@N}gFvh!=UpisKzS85FThR1qkPQmV
zpG5zn8}Xfm5eUsGnk%1C8bKy1FuK$o&Rrfeb#Il@YxwKjjIaZ0f)LC!ls2fTmL!^n
z9<(zN!Gk_0JL!xDDUsig8)&Piedn65O$M&F<&}~x;WjqLa7j0{q#^j&RP~@+I&?Jp
z>hfxB#<#eeKv2~6H%xD!Ib@drS$c~)d#q+E=Wv)2zzD5|)sqIpfv1NbGx|k)SDcOx
zH|w@*P7A67cH6fVvDToD@i6dPaO|@JQ<k?eDH0`=9y8`O_K}?!26%5yH65_{@!UR+
zb5*2^4#sOy{_oZZbU~V6#{$2hu}k_VhKk$Tk4hF_XaOv9->855VLiEZ&822#u628J
zt{C6sNHf4YKiS!||112nnW8NgKtm2?GPv^QoiH0{c=L(aq$EH}VML6#ereM?=x9lT
zSAOyanbqxOEVZVMON=N_jJUA{7vFq5LcE4%*)8Vt<m_=tUDMvTN9M}6GT2ap1W_0W
z;W!X-)tcv1r?Iq7(Vj=h*3lz3jfX%aS8>$gMEA8L#iy=*hI7tiyN3<ib;nD>KAY*K
znL*;gBmjyCG`trz$U?{TRN52q(JJ0s(PQM)E>c&?>))aXJNYFV0fXb*zQcxiV!Av7
zjKHQ3mpr)^kcA37wYvebfeYWgEmY3saVRY~D+tJ3gh`3Ola23>JTWR7Va?1HNs!82
z{zGRN1eD}uS_m!uSCajAKK)Bub;A#?nZRFPdn6it|K=lt>7x)2ULbyVhY}?kMD=Oz
z2lOb7)vqs-$IN{<$F*_%Fn(YX!ZPa4aISg}`$NFP09(O3$ZFo2<;_Cf4FCPFJ;L;=
zR0JmwqQhf^z&9pJ?#gYK#}5E&U4kYA&c{)%A4Ic>&?joAfBGy=`nS*G^)yW5$EM0o
z8x*RX15SPn*v1NW<=DQz$A4FkL#?OkkCYU0Ue@9wW!j`V%lDA{xDQ4ml_Ai077Rb3
ztdR$F-LOg2{i@LO6|w4>TED8zcJ?MuHu^DQTv#txQ9-4tYKl;~w9(@m%DA!px!9-{
zy~-sjzHa4{_bUHZ8=TFTLQhNmPAgr{xMqET2qCFY6%TN^t2pe>A9;~NRuiSu)hqq$
zuDAcL+9YsOAz0|i(oUwD+G0A5xuB}VYi|~q3y%B6#-;<O%?6atejNc2=w>EMnY1Ij
zV!ZYtlBv8XPxRZc=MGJi%Mb9@%L7$?k5k!;zv~I!^7VhloK*fwx%!<2`3jM<#Zo-q
zCy`ch!Oo}CjiUJT(doLwsf%W+*|UGu9G9d8V45cTY@21B#(YH*k(x@kQNmW`-kamz
zv)5#K|1Qfm2@**}DB|1I&0#njCd`u2Q21Hs)@``2PB7j?u?1mP^RJ_H))ZnsBKA4*
zyzz14pZu7|0KUAnBrVMM`Nv@)*SxVT{TTs&V^%OINm3blq@toTX;Rce+f~%(;icXh
zDOdj$h1nCXfuPN=?_2DGqxl9$3C=Zku&@e)ij+KqzM-WiS|fKK49!Os%y8Vt?Bg?4
z^F6)Bi(YLDIkyNxhV6|wdv#j#sUMQVmx}*xm;q1@@R6R1&ajHMkb{RiSJ)2YYAv^_
z&j+1p8C3pk)CfceN4FT#lb2;ic~}-DF+K7c-J)hgOqHYa?cqOI9;D1%6iC?c1X|Bt
zOK3PTYyKpt-E$B3(jn3`x3qOB)ZG7kxfrwv;nNt-xubol-2a+c%t?>xV6gY}znNrq
zbDyQ9*R+ItLXjP5M^zh=I6wSgdHmh9HzNNupWoWan>u`xebJ$3Ku$Q__MJO%RXJmZ
zh>3}%q^NUZX-(`O1~E+R{xqqk7TVK+kJ)0P3>)Js*F2Mx2O}6a8@*4fHZ6P)AEG<l
z&1}l>b*2Jum0&$M5%iINy1h4bNbfKiC>ON8d2M;+z%S5$+ckh?a4`2yQnWs;(aP^3
zRnFDUM<tUtM}#aRV%c@PuO7<_mFn<Dm`??6dX6bQZ|&A-3S>>{b|`8|8?7)b9%ObK
z)+dUe0pG6gmb1!O%;mY7+BBN`werrKH>tSxlvjxAyylmd>oVaH?ZId(`*g}cg27aT
zt@1RXwv(ISlAmdz@%3I~nT(BlF`Yr=ux_q22bb5jJohgp+`*6X(dGIp6{d{&;GB+5
zWGz1P^iGR0HXOxBWErN|I+Tg_3_mD0ihNk_-)U|CEv6q34AZ1f7VQaWOp4c>{nqnF
z>__(a>6=o;KjS+=)>qkV`aFwgcpPsSlS1V){B@w6)D|~BR-d&CEbrA_430GUG^FI)
z8a?48u*>IsU@whPHEDd>XI?;!U5*j`h_RsdyEA4?Rl7HF)Nt^tJ7}dT@>cKWME)DW
z=lHI>BHC*=FU0Peu%!+-&7AMqEFWsj9CTc&Hc3fIG1dwhB{SrIyVYkqnA+*Jl}d+Z
zOAGgM$ZiZi|3YL7SZ@rv2y)HZ?y!``mh-P84zI5&)2>ze*fRJv)mI${_3qX+)t!$`
zw+|1OKQMw6f2NZ2&{@A-vApMZq$BqPi%N7bYK-qGA%`lTF<wZIrcKslo~E$XIE#%k
zDc)#o%z5&$eyaLu^3<<Q;NIErBjqD@Z%Y5+v|o{Ae(&I>XQXNRj!)t<?<Zpcb{rU%
zo<WzBmp-!QKB!9pCpAIireorcvehHTAMZp}at}jxZspXo>9MnkUku2u7t5{uD!iEc
z+4SHlJC<Sf+w>-L?cR9%x?w4p!?EAqS~`1w{?wgW{@|}G5BapxPSU=@*Kg2mV$itp
zoMFC*$UAFX+b$9Dz_MwTmv<C(-R&Dg+Sebl*w9AhBF5N*s!y?_{vC0eE1O>SquXb4
zu^ZN9Ghx&pt0PYt7HFn%ILn7QVVSOsdha?KXD<}(8?R5Ut3_%fDo1Fp`F>Ek)Vyq4
z#wHYTc&z1B@&a3@e5&DgjnlbhP}~TnF3h>SZZdc+D{H)F{;$RRZ`u||A8B(RI9KX=
z<b?U97+@0`edm|&6qR+KYU~}0o0W}Iot;dHsZ8qho*5@&1_^R5N*0kX_t5Ziw~K~}
zeEID2-+t%wfv;YqIb^QFo*g9IMh)hz=xsiJBa@%#B`cY|72@p~r`oCP*CSDrX{zDq
z?8C#>rdys;8u@?`q}n5cJ10|r*k6<I|D6z_RrQG0snc&!)MM@an2Sm8l+b9cqx<BE
zqK}Nr?ZnWOfZdL2g$T>Ric#a9fmzPq$MQMKuOMP3Crz>MM)xfKo%7zrIT*&R54Jqp
z`!V>=Y`iKpgLJxqn(h@g{`XkYW0S@EeE9P^xF>BCn|EuoK+cADbtd|{o+bUHGFkM-
ztJ5{tv)!|MiB2U2*H~xzxe9XbTlg)T#gO}>?%0&|to(fBvDq+K6?wS5yQlj}(N$W^
z-Qa7L&2PO&fWJ)_C$b-^2Lcv(w_g)#jf<-k;1dQOsvo_4WnX`aUaD&GFW9`|Sf#qa
z^Rr=Z#oDJ<+;}2QeS<a5|M<l_Rpe(%h<M;4>!$L>`@-|1Kx)oMMTYL^l%kDryK7nX
zu2#WuT~mi_>g!SuYHF8QJ+`7L-XW-`R@y2~w1?Y+#iA5zeLvUr2Qla@8T#Yj{_C^O
zR)k@3k%-7!syC<QMysRon-+K!dHsp3qw<iWxE!#-&;BAS`&Wa}#~QPO%)BQ_CFfSU
z71UqH3!u;k<_r(FPp>y6#lDQ<rstQ5NEEERYd?0vS>U0%l?VSkpto`+oa3{i8lLS&
zFI5w<*r0&j7BxHdhF|0~!@SJKy;Y~{0{_${<VQm>3}9T<$xoWejloas$#31oJfYcq
z+qXgo8yA?~(zlA&#%%Sk&WqfCV21uF%@=+;`(|I|pJQoZDxZ-No1KU`!HlJ1gBJe|
zsirk(sv<WO;}Sw+p!LKK&*a%k*q~Ry9G#1m{esdvUnQ=GPi&nnS}4%*CxPixm_!<@
z%Y~_xPAih(b5lYtX{UN|rB;qi9y|8+@a3uyw`o4mh=<@QORg|!V1rC#eSb^8j&bHZ
z{62&qh=Jj%zWSU_NDWpTDa0lGS)5Rojjw7+Gg_Ui=l#aHoTjNpYgCa?lCDb97I!t6
zkOCB&*j?$2kF@X`W<^6nFm#_@iM{^dfgKA(1?TuY{vICiq-0Z$N{QQC)i<?pDLO-1
z8T07&=`|jSAES89HrWB}v8?~b#{oJ>s;!(QXI1V)#)uqeS@MG!qnp;*>EE}K2itGH
z`Z>U&1dYqIx~)34nr8o_g;C3q#u9hqyGq?@nnpkLMW`VRSoR?%{wDkWW`nNK*A1hd
zO@Hh5l=Peg4U<b&DUQ)D<2OJ#rzfP<Ths;LQlQc0+L-yyri&zqH3GvDQEaY`TcG#Y
zG7?6knWAeeOpk6z8kcyZdDpq!`o8LDxdpxWZB+YD7Vao6(PcSs=XG`{m&$QZ=N+Pv
zdRREs$1g(}e=zIkHY%if>`TYfx2*d`;kpLGZhExgFKeGg<<gt&LMtcc+iS#Fm__6<
zzZ6{l>HuvsFqq-rx45o{%_zNRiMqX4!QU&K@BWe9xP}`l*=y?F=hO4|+ez3XT9rpt
z^e|p<T=vOUk4&CXNF1E#RQUntljD=!Ti0EFcPM$_@vq!F%)T{$uYXq9dn=Ah{>hn?
z<98lG@dK90N_8N`tqbx6BNL((#c$vuX9%A5<D9;ipMG=AZMrb;$s-}!KGS$M$%vP=
z>FYPJnA-hGxq07u(VJpqQk7ryPCQqm7C#7_$XcZpJ^YSw;)qwGQ2z^#u(<ZPwd(lh
z>Pn{}df8ZCdIH1ztT8Lp)ObaZsp$B?M(xvun1u@MXLNIy7Q}??<VJVm&4j=H&hgEk
z89ntsCD!(<4_4(x3+9q)R6=`j?EGJMn<caz4ZhRf-2QoX4Z~#%Rx29(`JC<Q^HUEH
z6LL&*_;K5$$LFy4nOB@rtvTW~1G;xp-fF7|Jm~@92;E_(K^ZZj)ykfr`v4nO=+7q)
zm`lPKlpB5{K;tu>?vsDs$GU0_V6|t(0HOL(_VHE;p<Br|U!C{9AwSz-4JwGeNA><)
zY9zonZh+GjW)beeubmC*@_HfSV*&iNvN~wJrgr|0+WS$dHnk?lCm=$=tJkNWmNuWs
z94hbk-B0VfZ3T$>ar^ZpRYuqBLzV}8N#X(W^4pog1w37xm*`&n>W;Vkdwlh-OHAP<
z6N3t7kC~$>ITm1WFe238jb${8@89RLCvWHtw*2K|xk`vt$}nr0-hv!)oWh+QGyee9
z;t&h47rtxRSJ|a*smCD%X30uZ^`{rhp3Ob{2=U{R9x7YQ&#9VN)t_MNWmR&QzouW(
zKS#k=>o)Uy!BA%@$l1KaHQM`FIOwaP=QSDog=5dcsY9IXSZV-6MgUi5PO09D@TtfT
zby*qDQcJhd-afwcCNq6qajvJ*a5$O(DEsZpJ=hspmrVR4+O=6YZx%ZEbHR<t<~4k5
zIq>njrS()d8ER_<p~d{1{l?BrQa86~v(qc4uC=`NOe2*m7&YcfWyV{Nd~zyj-R%DK
zYY*R**{Re!fOAYp=42)N4e)>nf%r}>g-GuG-6f#_Tm9s$fSVt;)5B(zyYua4$XaPD
zk?)q*6@K3bDpgryuO7LT@7XjJ@ZGirmJRDJZwz*c%U`}J?fWGrHdAkZnxQXXMK!)m
z^3Ki5<o(dCV(3E_j#mcs&jA_zThHe+h;{(0vS0le5epaHT>D%#_6-(GUSsIAQdBsS
z{@cMX2Zo<LV=iiEH-aTMo<A46vC(jR8qGH%+3$4c*?7(?rSWaykZ;M0$HF-|uB;OZ
zHwboiGbUJwR|KoYNQgZeSxHz^E!wEtGXYsMqhTE%em_G?Ddp5bLYQ$k+?CAM#A)}B
zJikCTa4!bA2}%~Fs@AHxuHC;14S)JhlNWlwf(1mQA3lT^rt8Y%Zl<yN%w#m4z7XB_
zzTLHyS{SXBmHlQ}+RR%+ZipGetX(DELuc}M1xKpEq!uGi;}>(%tK^qJSGV$9di$#g
zCNx+56+`wFyr4B}Td_TMtMXr{k0ZhApMK@uq&422IuB@jDi&7u!me{;u<u|Vk&~3d
z8~{=qxi$Ff1BsI+*>SqJvP|mv@i*4_@6<1^skU>PA8y`8A(B|EV3s1CWX{zU##H^g
zgPJ!SI`;~<B6w6(lGDhJZ<+ZvSRaLMopD*Wvv3%f=iV^?venCp?T&rMEV8<2GdMVK
z0)@QMQcH_TZuhFdCVb>@iwIYXR#Z~8e^Ih%spVm2zBMTsBofuI_Wc<c$-;p!7!IZN
z_--!T{R$zwt^DYhF;$vkJ)4{4QO!*K9({4poAqVDVtHr!O$CDuo8_52jWBRBk={gU
zqcbN@W%WDVi$3S?f(nMMw^#=49-&Tae&cfGZ1?HS67>$iDChRDR!h6n_82&v6c$Pt
z*Gdfies`c>7|;@YkIB9KPv+;r<)H)Y_+`%{53h(<Mz!j%)#?}m^^GN2eaZ8OuLqL*
zzS4IYD$V}=NQ`gPv%tV$^!Iu;xfKtO23NzAV%lr34_Sq=JFR~d$em<Oy{W*qVmBF%
z9?c*Zvvy`hWMz3?eISXr>s_;j7xY%mTT#Jm$ZLl%doI8pa@K}W><<sc{<Lob_5B9i
zSE!ktUUGh1>J^E+^`pT7edp3$tir>A_Q5rIm^FJ1+mvbgeYQVWvhRI#Hcy%?LtmC1
zyH*G3ny{&)eB_PHQl25BF-~S8Eg2tzRCPaI=|t5{PK_lKdi(XW@<i$cpLp&_*>-Yc
zTo@VyC8?h3rWP~L?xXLk)MNp`oKe`<suCvI!3IrP5@FLfUM%~@G7l;RsaDj2_Il&X
z>h=l>b()(YHp2$t7T8A?KXm}@Z<5qMQRSBmU`w~Ly{NIAF8h+lkjTHj*I*@`J-Ng2
z$2Y%Nty2TK@o*^vjnjqu6Tg4fPv$sZ=X79rc#=K1Nrp*{-Q9_j7LFEN9iIK)M&=95
z#f=_{kNUCK%i(e0?+%i@bNQ7|U{(Ypx^BB`qq`vG`fEooy6SXsaM(hyMT!@F7S`>M
zhqjlVyYe0)kk+}u{aY9)>VxBt8ecC=-9RauWrwC2KiU1I(6O)9_Y~@+!K5L-vyT8f
ztbl`Ol#5DHscxx!H1TGlV4S_&R&zu~;AD7e3+!8;XS{<1U^=oeZ1UGDEAz|7d10I%
z-})5-0|NYiIuzZY_Ni^{EgnEO4Yb*XB3akm>IA;9?;cQhoybcZ-Mt}0>NS8~6c3J1
z7P4^WzCn!XN-y_fTeG1)GORbW><d2~|4q|(NiKXPwoX`S>=Z_h+KYsoncHtHn4SIv
zePE(^C@J^FsjfCoz5dxACKm0c(g|^zTi1Sa<=@w8TW+po8XC)w%>{4!<&|=)-(HP-
zDJ{%^9>`vfd46?CJd@gkc3^4vlU7CUs4KC*vGF&e_$DDbs#iBDebnRZUT^G@@)XIv
zWNux7q?=IK`Hp$z0k(v`y3e6FZ(3L2TD_XffOU|g?nvhHJ*kux&%OT4H)*9(bX<yU
zqZ>bH+!&_65z0FduPv(C<xhS6M)mGEVC(#RUy7Cw?pJH|*UP>dHmdqlsUa3xO64fS
zgIL)wxd9I*+%ffkX5iQ-LmpQwLQH4u)6?6Z+>NE?V54JSyT0VFl&}0M)le!|D*55i
z=wq~FXKpeXYYm6SU9-8lPAqA<9EMCiGN>8gqs1JZ-uQ3j|B;K7N;ai#`=!3R+4DG4
zUH*^mC->($yLnhUyXDMq=8()ck);Vt2g1}spO)PV1@;Nd9FRr2InzrGn=Kd>3`V_s
zQ?4LqFQG7|*+mQLz%bk~_7<K7!*BfD*tK?H;0;3{5Tu7s8%(^FEV0xhnsjOFd`_o@
zw`K@nxn<?+KHGewI|uS`8N|sbo{n^S5=cZKNk4W12B(GZ`9eSpk%=$m)`s%j2miVU
z-IbyfADZS|7h0{2bIZK}LyX4G7H)q-_VzY|jh|Gby*q^<FKs)tY@V~D6k0!P<m^3`
z;_G$R_YO_Xv|5ukqg5gW8CpX80vEka-f>2Vfvf;Rh@P1P^UccVnm1oE<X-=Pf$8!c
zHb9G2uJ!cxiXV9jxWO*y&1$r7XQ3U2#shv=ITLPM7Vs@5)j4bVHAt}DdqY2d{l(Qd
zvov>2!kdE_m|H}C4D;(#Ra2T;M&C9q9ZUP6Wue^f^={J!nlzlkLOqT3mxTU&5gN4t
z<NX&ZHyVDFK1^o=(-r@R322i^`ZL4w<??F4g*_9ccjTO(CzbpK5jvNa8t<@(@a8P9
zHX1QI%9y%McC7g^>1I4%!aj~yyL%UdVPaxx-U^+rqAr>4%<Ngr=b|EufFWc8UPyC|
zJHIaH*y6;3#|ZDfS#WDW!|TQ9na4DbzR0ba2R|#`B&d_+YTWIJi4IAmo}xE&^-a&W
z$oEU@eXU)cW*arCHe6=e_$SJFY4||8S)g(Oc7>p?c~qIoBaTl;Jda$bJy-h1%#Is(
z8ORdBu`Cd$kR5)4#+M-7Bc)?rZu8y%mK4g{e<!`(@Rfo0B|SYAI*tKvL&&PKE|=kC
ziG>uy(#-P51A#|t0;N-*Hb*mQOC~GRt6U}pO{%rS(3X4*ppN}xsSNJ94Y`Dtj~dyv
zPnQRKN}JqQ>b@+Tcsn;(EBUm#AaEVSVFYYZW$v?xOyM`jkpus{+1W?agvPvDGdw)w
zOXjJET!_3c*)CJpy=HL_7Q+I_0#t<PN1mZ;5qque+fDy|u$NAsS1FV>Saq=3edZM8
zByp1PLJX*}UL@bV^~%~;r2j(in9t#lQj77^-O!kMPY+{f1^1<)Q@+dY(rj=WQ9)_`
zUTB={jnuJA(#_Og#=m<nbcC`vS4I~%8&r!|?p<up5_WZZ0vgKL@;t%mmz>tuDK>9$
zja=@K=qDk#JhbitfiFKPpK@M<=sniW^55*bA8GOBDB@_!BaVuBff<C70&sCg_q8@7
zNdTkM-2s03lB)QV1mlIRoJvJuU1xSxspK~G2u=i)RPWB4QT&(+zq%H|@>otuabUfZ
zBP-#N?nBjvSM&LgxZKy-uGfpyx=)&Ij0eU!&DQw!piX9+KBX2gY172rO1p1hyGmys
zTI5#`57%K&7kA%rBdmx+;le^@PiE4acb{$?ti(5-pFBOI8k-e2!UBMt2u}CQ&Ge+F
zFHPNW;WKA`lhdCYcK-yf9Gotzl4AR$-KAB6pYp#6@Xw00LM52{A1p@au}9_=D){X7
zTV0&je|DK@zl|)&R@Q6Y30R2!oKWr8d2XcOwK*+cXLS^Huz6E%uT-fl^;9%vR59D@
zg<5>cVyv;t-tgCwgBhN}rQSDOhaDb70i&&T^loCQ+4DP$Q*P@A7(*-?hfbArhSFF<
zqRG%j+Yrl*xYvhl;*17c3Fd_Y!mdC*a5AC95<re~Q=lEEX7QOHbQfl@(7gS{w#WHY
z?$Z@0iirPOP>@XcH&M1C;r6fcbw5mCw91!#VRP%*EyXj5ES?&;aY^51+H&eEf7>y&
zVql=%&nfT9;Xf1MT&O4nP%=1WEQr}-dEH|EP^@~h&N&^312CcSkBf!?8p%myoV6v9
zrMTs;fg7ajoBgwcbDiyzRZpLd(M=Z64cup#CW!NK?&_ai*HYA_&iKHyw!PER>9W)2
z6so$?pXwyF4nnHnxEiEm;xf0n5_Hgf>%c@i^kebD$I<%J@QXx;vC)dyPg61tHC3vt
zAzO2|hJMq5-#?_<vcUC(R~duC@Lc8fuD}Mp^8<EX-@g;<)f)&Y6!9y(qfEUOzf4C)
zSaNVc2D@%aqkv!-3^sX<-MEl9V84I;>64Gla1IDVnk6xmh}IGq@2m=t!_P0w9`{EF
zP=fLSN4HG8psY!@>UK1i0GT8}YcIDTSjcFz!Z<UWQ9Qvl(tShX%rgUE+B%YY6&1Uj
zF%Pkj5cvAc$LQT=+Ly<#BVT681qB(#vVcjZ##z(fO*zbu`y^)mxO=-!%2Qc$qr+}-
zAt9|us44;tmmC4mLxCWT80r6MCU|#MBwoeX$llW;U&Hk$nFvG~BsoY43BEo4YdjWu
zcIk0K!%nfp%=zG?i)Xq?7o3QKHn%hr?SSJi@oAh%#4>|!I@5**f4_=VOP(`@CXqSt
zoLZejNPz=OOeTNY+&V2uo2woXV*9avM(^9&qir|@1jMAARza=%>;L@S6`nn7$t1xz
ztYFQSoE_tU)|Y@_aB>YZ7Udvn{4JPB!oYY`rt3Cmxk~GA>P=Pj!O$Jdnvf)7aQCT7
zMKgnb(C)_W7-PWhV&C@PIWHnNNfXqCiMl0Z2>?mPv;mSyfU%cX(9P59GqMLVCkvzg
za%V?PLXbJgTTF^=_mrNyZo+Gc?5B!5J;PP=_g}r`R@sNsfGvgKgTqf!-z;r>PEe_K
zy`U|nW=0W-1w@X=97!BRJROIPDt2`1>$fxtRE?xYilb!|XXq4Ocr=&qJcg9%9Ymu;
z!3dz#Q0L0*)2N!f6<)uCgVyT6Uv{mKBmfA6YW<WL#wQ)zUBL(K4xs?PM$L;Xcs9ke
z`w}HC){%U3kO&%|ZJyAYO-MVgF^jqKN-(0rWsKqJ@ZJ<p8zG7qEV`aTN0L`O-b|+D
zZKQ^WaYTlPvLZNB@$yjuc%+mt64@cMf_k|IfrJ!?{%GB0kEs6a`{bzdEijdoihp4R
ziFn)fCvj2&7jk%?64vslD`_~J5sPi*paoi?BP3;D%xEl88i@!a%qP*oztnv8_~WtS
zE-4(i8x(gdezEFSoHT08LC0Oqk7;#AMPQ1pl-|9E2CUrDy|Wmgk0!=a8~rjV#2x=C
zENxn8Os@tZU^GUCDPb7PBxtXeM&H*kFcSInmzy{+=@oYfyerV}bZxKHklY?KS!$I*
z3<f|U(gK{9gxscSmuqQ@EdKUC>YsYPeOPzcMo2+(qEo`GI5?7`!#Gj_5hS!5REL6o
z<Ye@kt-tu&uK0IMnT2UC44<$pIWQSM#6A3@V{8S!&Q(7Z>CFC@Ntj*b>_(TS5H;fU
z*e{U&NoLdYBaI{T>bPehD>PrIAO^q;=}XcF0ec5YFyylQ55Z449zZxX1cEJ`4mcXo
zlPEYmQ=*jw2$Ut_FQs-77S9DHFAry*a<O~)@0<kqMXzb*JSD+nE7OU6{B~e0C|dGS
z&Ye_(;4AuZhiYE`lkU3GX_b9{WJ|pniVVvWE08PbYaNSqyQ+BoQgwZDQqzIWBnSd}
zYZOvbp$OmqH#BhVxQwg%^D@V4q$P|PN}9_-Xi3`);|t=-@(lA{&k6RiYAa*VXqf-{
zrfXewh0Xejc*gVxP7Wea6M}L{fu^nIxlcJiE*dHIKMCiZ^x5`;N?E2dF^xJkQ&3_^
zAWJzXiKA=0x%n<JrYr4jk`^dxIzjo|zNvED$C>Biu{m#?ji?v7{xgP)?5MHh`fFXX
zk|A)*<o4t>26giqJ~uQ7oF0zW{?-sn>e&ul2~OCy3B+24F@b?$d>kNb4g%h79G>bW
z_PPo8=D&^znLXW^EUgQel;=?jlwxA;FxEjap~3Z0$ITKSsAnJRDqbA7X8&vU3PTV-
z#loXgSs`zYG$XKZn{Fm%6hqBhwzo+-urP_@8O7Ntj(VP^<Lr!7+V1Cgjsyp3Jz>Xw
z4$$;D<M$WntH!cu)6a>d$BY3m5C|zPX*BUe$s_i#QU31`m!S>TGMI`J3`5C)VfO%1
zMtLxz`{<P5Q!T;#FZ3XYh4Qnxe!Y#r&NSW3Nh(bO1%kt2DWi=}78gJLbh9dC>+^u(
z`NR;fuL#r%_aAN*8fMj1fk53zjvy8N{Nj%ceGB@!{JBssfkD<H^kVPg_N8057}Dtb
z_PnIX?j?)sH&z9+cv>4T?Vk(q1uY$6?7|RmJ8_ZDtDk&!pDNVERSJc@OiZ-xsNmBC
zp)9`25e1B!xduaqh28@|isyf~>qq0Z17`d77&0dq!5k#cJsl+Q{(f8ML$BT2ChXb&
zM%O~C8$(G*cn8pm0Mi7ZQp)f>{!~tjYIA~GV&AmotOA0zyAOUGems;o|E90jN3QD~
ziSV-0HSQj3-!@#~t9puF9JZEk{JhWz=Lb*&gHvAK)mA^A?+FDt>OurU;a#zI!F)EC
zTb_dGpX#zax~IJ)n2iWH=v~PU{H;-PDs{h5e1q&}DNjY;OwT0wMsRt-+?cUE`*gqN
zbgRKfTayC;0|O;>A!G?+>}9ftv{+k(>9UXyjv97yv=y-a&D+9Y_IRby45QY^DVnl$
zZ0IOl^Rm=TrwEPw^bG4!Qn>JUixUV0Iaqg<dpQd%eD192*p}m?kAjQB5y3`8W{S#S
z)X&uy&g7z(oBQ*vLGuR|7YfR|R?m;Uy)lqb%`hMVPY36RT|K<}!<BkW;^I#XZ@}Dy
zGXlX0HsV;kP7i&GAjak!r9z>av6*`jufFmVT4pR1{99XkmM>kLOG#qX;y6a#%)Hjb
z9PQ;*p%!|Wz?(UpG7M49B7zHb31_P%u^2d*iL?|Tn<^R_R7KT-fS~yKkU(o1=6+7D
zE`q2=OgWa=@-ypnR@uEZ;NtJCEdV4|6M_V3q{88B8w)RH=?e6CPp52neJ<iT`3PtL
z=gWCGA1*`(P6M$_;(!2kdpF&7m;NN_!ET@abItg>>D@NkGk<ZxXb~5@45J>kPc`7W
z%I4l>HF)Nt?gOH7UIM3-R@{BIJbu0j<4jJ2;Ceo!MOz=uGB)eLiLqVWfL@r#Ago&&
zLE!HB!TcU(**yFFU(>&a$*Q;<J7BOrQ4NF|W!?O9H;6+m+h^@_B=5g*b9ivC=Jine
zuS8@Ek~NBxL&#kay)1h`Q(<cGCwfq}@o3{sfG~q;?Zs-7f(e!C6*Z)B4-Famxj^o*
zumvsCL3A@~ig;DS%NLJ${dzn(CHWwr@`_2vD9ssV9yE&H4T<{7p-mTIiIRcAQ$F7T
zYT_B1zFa{yW0IoQ05(McsiesO{WagLe&xNtZz8vAc;I|OR3QKm1Q~3{2Z3IN+o(ba
zE_t%`w)eW};Ex-3zpY3#)-N^Z%l(tMpuR}~tWOx{SrK|SGhTkWt1JDQ5}c;B{7I+4
zRLE0vpw7{p`qGYw?s)=G{J_hT(4zZQ6b|po0JOjmWVWkf0UDBI7zYiB0I&kcC9yVd
z2(164OVjh;%@5tK=lst|x8Fty1cyljSqQ^OJ|H;FJ^z+ZcL;m-->n6S2LJ6t?VZh_
z-y`&Kk<nLMK8+$T+gPpAQ$V6*7B1L^i9B%I6UyJ;@FmCsEy)H3M%xBJne<fBLo*RT
zHFQdBdOnWsEfCc9gahtQ#n(X=gmuA5z>Zk(UfFEMn>E=+iW}!T10uo3)tJFUPDm;s
znN76=l|p)EIxi+ntPflr+CIOaovHn#cfm3%rjCJquW!E^;XvQVx8Au{D|aKRpjolf
z12DY(%j$2t$?P39yC`WYgwg2h*xjAJpqp?q5XdP9C#PCMqJW^XdooGg0B9_tBbbRu
zV(29iUI*Y?AEW>51)ZHRUYqK>%|``6!9hJ>&DKO_>n=kO&|1zI44G?Zi8Md{n#agv
z*n4qw#N!-Cby*tiu23|@wd~bj<ME=Tm5U?-5*YUd4oPXZMoaiVVS@p&FNhTt*g_-y
zfpbS-Ad0deSdpRu-zuOm5qtPZaNAU`CXt^0vOcfRih;gj{SH@T;KqD0UWhOb#*mS{
z))O!^G!fj2CK{IL#!>Hlb+nK_uBl!cJ*Yo-Ju|tZ_JH+H4+?MN$l>lB3DF&S#U55C
zlv8vKVDmmX?0(Q@0u4QY<~k@z)N$MQ)AOB&bd<Rnk_3jS0yHAfMIYh_-0--rUKA7!
zXgO&%?LqIBZ7aJC(0ZXV!!RTu*eI1?4dUlZioFc9zM()3fm@u;NJ(r=*ZMgRT;yHw
z-oXs{kJSXk7}eEW%e3NJRsO<fpctIkzycGY(R{wRN*fK(0%Fi9-g|f1X!K5Ccq~6$
zGl_)5Xd;3QpHY$N5lA>?EP4rB%81EYq-u50>0+7Qbf1SN3IYb&b`W|guPv%bAOajE
zxYcGzl$!NlI%Yqdsz?#O*qQ~XQ%j1M3yt=sNyf=NCQyPdmRc3m<uwgdq%ZthEi8Kf
zkYF{CJzbJmae)mYY<5#skq8%{M<aDQBHFa3C_5q|B^@|YO@Cfv44q5AI9Krw46A_}
zb=-z`wcMZw167*|#!;{Im+2$|H~;oXOu6-Cl>XZ}dSl6oX@72HL%!9KI?6Cqn_V&)
zKoWZ`d!J3O*<SbVPI|Q>nhgO*UIH4;=x{Q;C^aWA<8;BCXt=Zh2B2!4&p_a|#M5@Y
zJr3RkH@P-GKd4$yO%Ib~pt%wKEGYts0)wf**5Mx3P7=z8o5czBejd9Q$7hc@*!A`G
zlc^nheM5C3`e7LbBG7kN5?(vT(4u7oq0b5HW+u6@4rQE>iVC*KW~+033^F*?=_Q|y
zD!~a`G!=}GfH_`aK6$6ytk>joI3AB<UVvPpMNlEZWDgLf#vdMZ9J<$zD_v(!0U2i+
z7oKn;-SsGxWLk@f)R+T<9RJ$YET+w>)^w3{VdA2up{LUBQo=L{Lx_rswe|69w%WD0
z5|$hbr^UH}$TEBef6yJk5<!wk^|tOOKaZ84c|W`~)v-V@fgp1UtcpfR<B5j2Oh9Ce
zM%HPE^BL8JY%=fx`uq1mHb)yrLwBuKhN^=fl0(kK;>QMz#82Uu+pk^x3pip`OR|io
zcX0SQg4hV4-9^Gf={1opiO{lgTGUTt@M>%A&(8j{i^eBoVZANzXnJcGtq>usH3z7y
zTwd~!EWv$V*AyoJw*(7rXUrg-9T|+tc_Pm*4}1Dx=srpS5Ffvf%IXCHH~=6pH73R9
zOGaoqJ4qMvwZ$+G07`9p!V6!I7x8Lme(JYBacN~UjU)%Lh2dzVwKX|oy2oKrSH_^E
zZKNBxZECO_Z!^jjcPo>x|B<h*r%8RqC%-)};a7)C>_IQOATU-K+Sq&xK<ip<%WN&5
zbAz(@B4mig+jNc3GSaioHU;X0tPsGLKuHG>sB4^?ukDGbyDiFkYV}ZZY{s&o(vHDc
zZ0(zPwDG`#?G*sii+3Bxv;W?t3tXaX47nGzWHzYTvYT#7!<+<!JAi=P<hFt*W|!YJ
zoCK9BRX8Sr!5C&RBH23RHV6+laL}*;CPLD>y6jVoD6#UW+p7%bEXCq~F;7mxl<<Jn
z#U^i^j7>8@O$ccdt<b=VNKE19gIlI1@<mvtQVJgObNgQZx72$xg8<-!CCWvS0oD+>
z9i+@n0Z8#W%Lu4chn}?i5jOs3+$`}u+N#c{%a=LaU&!yV2kl32!>M3aGQGnDa$N~H
zw0#n&#sblVKv?W)NJ3>b6XSH&yd|#<6okptG`5tFlOWJ_L^7!Cg#r)+0%@xj+)5S;
zWnjYX9I$lRy?)*P=^O-mO6{a2znAW({N)D_MKlWOV}4^R^zHiX6UbT^z*-)N$IDn<
zt7}>JJ?c;`eA&zVf{=QL6iW@{yp)PA+K2}LF~%Ql$?K+t-Fyv!jRj#NF1s(wgD5z7
zt2X_?pAr`S+q$$6W?U+tWe3We9!1)idI7|tWztyTf)2^HH3_eIlvei1g5gZy+mtm7
z2-d)X%7zsvkoy8?gq=?EeKsKqc<o(rNOss2$}ZkikN1U?SE)fv2pq`7B53nome}%_
ztsH7a>C2E{IA2*!t?#wx0ZWIOBep5vmM{_-9!=!qVCKS**>q;=B5eB|B!JU?>|rB|
zly5fF066it@6x}HL_HpO)U%MUqClfRj@NgN!V9Fj4D;~cgf?2|4i+Pn(gZOK>KzpT
z{u?%`QE|BfpFU-o6%NT|I5bkAe4fw46MpAxz8_=VTOT-UbPP#CVurwP1XpZwp0o8(
z@Zg-xb|Hw0?(#FRMCokhfN1E`r!W)}D0!b5!6)-F9`&a`I?;W?)Svo+b9mvya6nC0
zTLxD5;xI9r9fW13220v>ms+DW3@w@OF~8-Dz?FCZo@Ov`tuGt@Xq#fIE+l;kk0DAU
zWHLf5^{h#uCsjKKBxBm9osS?8vAK=Ullvl0N~I>U96{M-hp_3^c*3z`0d>GZG@0RG
z65ifj@QaU%$kEnJ`7Ejj4x;+R35SM|U|hpBo86}F-><J`o#VwWA*>$GIm@#?TXj@W
z{!$002V&IdjZRuEcc|ES&=F`5q+7^w1+E$J{70iykF`7=sR19sI^k^sXSlrtEe522
z{92Q|8DT9{7_kzx+t0Ykpq|Xn57N{w%?KH?1|i@$WHW5S6nYf=eSyVK_EI@Lsf_p*
zf2k~Zb4A`o&f-zdn2+WMYEbhU`@@~^f%EUz>NvuKWwg}*(fPAlEyva!!IES+BE2;K
zqh@z`lPEWRQga(O&>GSvbokJJ)80Ct4_V6A>$g*vApSgP?NxT21Cq9Ynu!T*eav`&
z$BK!s%v=>NYvd#wI&w*OV>YRULr|IukEVx3^=*I}v+g!AhUC$K+)93KU{n0g$6Wp`
zGC<%!;2m(7;dzN1javgmv!jnGN$2MUAm4E%)7FSanhQ*i!2?(*1-!~REoK~MS<QQK
zeRoXBRm@T^V5us>R8<YjkIdr)*%c8lYjAuaexiXQz#JTw5$WQ$JYOPC6GW+=qLDyg
z3qGoEQ`$n~KkvFC3D6ZVn`-(__x$&w1`pCY1H|9UjI_BTdb_{*7gcZ=n7OMjg%-0m
zR5qfX){KIq0g@~&=qR17eE-W*xs?dmBPIl3JU(b4F5Ld#`>}r_46p@!GZYB45fr^@
zlhgF+I5?Q(R4aaP-_8G5Y!49uY-=NkwiO(?HO}-#Uxplhga8nvfcf-nmCtkB=h04D
zJwyOYh0$k<Kl|g8*Nfntph$IWxsji0N+Q?MYpG~@O=dJ6-yAl+@1l5TtPh9zPQC1K
z$7*Ix>2o9X@{omh<uM$UR7UI)Z9y2Q4M<a6Os?4V4k91{zt5wU*!gJR8$k>BgzT_R
zfk*gZ&*xNb4=uxP=Dn;*xHz48AI`6^`=?rfU62}nnH~cUx3gsaXf0CoZ0zPvO_s@q
z93d^ADg+u5O@^h<ZE@C?hddR0PzfYSWuH!Hlf&WO`;~<&>W)BYR4Oa*78Bn3;r;;1
zE**Ids$5IaJ{4hUZEY>oX7^k#rKHu-I$sD`bW;=EFR+y5>VFY^X}fF0&(`D{5DJVg
zON~l`*cHWxC$kovZ_iyv%Gd_<w5$yI>9Xta+mVRTeJIJ~an=OEW-kw<zyy!Pr4RoP
zQD5QL)c41|jRB)KI%U)ZK^dulz(x)MK~M>4Mku8sB{c@(K#&1Sw+I#>AYG%UgoF~3
zN-EvWo_&AM>v=u@z&+=lbMLvI_vam#aVZ7Yt4^6KJ6oKm^*d$r(f!ANM!Z&ogJdA0
z%g1Z?TiOe$#XiFD?*omScTc?1EHD5A&y<+-j>W(pbp851y4q&?_8kFn@xoW~2j33-
z!?FLg(t~%475d)a(1g<h802yZI5?vGMoPT-W=lSp+IfxeDj<ABxuvMb-!ioVN&atA
z;%vPGucLp&c1u5bjsBBm_AQ;JtZAd&z8*S#`eP?s`UPI2SC$rD7!A6FbNrOjFQf3X
z3&0=}MFhkc-=3Iy(nx8#xNjrC#{!gaO;4lFa5THXBT(zhJ=X6QccOg_88A}5b>T<k
z;P9r6!$UQfyE&?lX5VXn{3SkJN~GF&6wCm_;>u!_D9-y`mR)p2V6_!{DA+Tn0ZWm3
zcbgaFgm7igT-bm5+1Ac18!_hcvy}n<E^sk`@^5&_u3@i8z$eSL;CIIskG<-_PxGtI
zEA48$&p9COJ@;In_RLqRbU)#o^)b8;&?f28i934c*l{~KPyBToS;BPP`Z0iHcFs`p
z7|A$Amc4rNtPJ(^itMNSf6JU;UG;;eZq3So4W)Y<O<VQqHT~R=*2iK}`&&ZxdspbI
zL$;{~Fp&=M4}OKwM3W^(-$$GFk-A2VF&(GkpZka@VDj#dVHq<BAus=d`@`)2jd3ku
z`?amv6u0c&B{nz|W_r6gH}KE<-}7}$Jm1f+G9CKVcuv)~XOG$iP+sEY5fW(VNbeWr
zZ3f$zsI})zFh~dBD?7;9{E2vXmtjJVEhLY##LvO9(zWC(+b&^tCF`A^y4~VkI0^;N
zD{u%r8jJC*nW@CddQVk4Q#@rkVc;~J10(MU@6oG%IU)LUO*;rYngQ$}0<Jz9ywlp%
zGo#x2wlq55(fzY>Uq%%|b4VH$a2V^pM`FtgrXL+~1wtTTPBVvGr?UhN41fzPXU{Id
z=^TGL&|3(lOLCxtfT0d!Mcq${LGu$AtqRR`S=tA7KSvu^j?C*nt&J)ZHlq?B_alO}
zm%b<${{jPmK+zkLuJ=X`$dS}k5TIi(h}O*05}|pm$G-m=Km^EVNbJCR;;VUxkNylM
z%ZxC@N`7#BH=XhIlhRRn%IpdcvG0nk`2h{6&+5|~<);uh^f&2{j$2R%8YM23T#1~J
z-)`Ueqe%uLc*&FE^u*77ECFn_lPZn<_1P$qJpSltgjM^0*IIwLqlC!ve^KnP-_MZl
z9~zH)_#s|^d<wt|+mb$xa$Exd<t{ToATnZ_sEfH0FHl_|3>{F9xBC69#*`PAyX~?0
zAjJ;_`2~)UN@eP9>|4U@XV|OmY!0{07bXH!99J?kQDXTl0<)52z`7;rHx0%B>Ila%
zq=_Rm^?pw0$3;N#xF`d?I0a7yXN7mWofrEryQ;=6vc|iWT(wFTUfs7IIQt#@kiStL
zU(N)?kiURSrJ(pID2S-+4R;m`S}CW!9>j*#0b!$Y47~VLWOgH??joaa8`41(;kBb>
z)6wZ=uhv<gZCdovlBSQJx+4t=eWN_^rYmI-7Gns}Ks!nI2Jt@wE8J@mAcE8gc?w*r
zrb&dsdFeoOS|QOF^MMoH@~#kG_g*{_t{|_hAPjn~9`Lf05juGM+_8@>@b@3-V<GA5
zB`jWM?Cs#*#Cd*DyF9!d1Bs%}k+^ofrdfYuLJOdhh>HP2%K2rhKy1keiR3X9*jd?~
z7cAFLRF-N4Ug{T8Z_{#7ElA7DC%72B5%%d<w9hpcnB~cj_=^E3^kF^IqBumb4k%YZ
zA`~M~1Kn=t84XzGc9v(RNj8YEe0`?3i5oO!;!AVQaNwf@6C=EC?p{?W-&;248M&A|
zMCej1DtBZ#+Op#;@HmaN=EmF@HbW_W{SWV_e_@E}WhUb=IDpo#cj&g(6)TFzC?gme
zjZ0@JHwgB>=maN1AaJx9FZHrFZ0Ha*!kX<)um5&&>T08uowjMhxR%50%q~aB^;!ea
z05l3<5LZ4APKVAhg9yF6&j;w@=Y^hgZ!VuHkl_Y6aPrs}7B(FKP3x<25ug?IfXamS
z*cb)QOTJ)pU%TBgnJBzv(Cm%!fr#r#;NXmK0uVngliqs^6oEGCnn$sVM|ch3Jo-yF
z7Q9B$s9q}5r2J_3o(NF~&?;U?EdZD&LTaxVc8nC~G}mgNp%8*(Y&86XtzH<p_~_S_
zn4hX9-{T+riV@^vM7WQ=ieJ3QXUhHz>40J%qU+0bJ^OxPk_9SmfFKw76g)G+v?^+Y
z1aZs|?O#~l3{b-KLDLHvaJm4{m_trQbG;L3dt8Umcs4usS?5WS0<BT?`dIns_|4_D
z5ryuBHWd@UZBL9V?;Joh|1%EGa9`V>hpF+iu9JM66+)!MW(xm~v}Z&D7(v0qyly&l
z)CIm&`y4(0*XNNG4X8l!0qzpwjj-=W)WJRB!ixjX<(LS*ZVH*@OGTMAo^>vih>03c
zb<%G3DCw`WkOt-Sw?bKta88sftt%bSDg{P#fqRj>`MEcH_ZmbX%m&Qkr}4*E*xJ*S
zfTAkj05>ERKKDgEk%RHrhlR=&z~{Pt5a2}KBe|BevSh-sj)UtBP(hrl^ZKu|ErEb_
z40mAP-emJx>pj`5lF?k1{j*V8dFOQ;HPC_=JVe*y?GySuVWv7>Mns!=TyWp~0v!Se
zfumfBuoMGKCSCKw?4yaCH!^lzz<4Q1IEg5{yAZ-6U+|LyV$1+G%~r{@J$czO=j`@9
zdzO8p$?GH~V125Yve0c$VRUeygX*B59oIg`b6pL^?Fo-p2ty!H4D$ZY#mkHr96$sH
zkSmr5qr<|z*mYE6t_AP@aT1Jwmgbo>7-$^!qilX9-o*17C{*lm)HRjN(Ajp%h~}R5
zqag1(@6q^xsq%n>QOyH+EmtB~F_ubq-q)@Q-T=My9ybKYUDm3QnvBW=x|3x3z;VnV
zGMV{vUqq&B&{)9!TgOn)wb;B{oV2D8Ma}ihn?rt~)=<CAP~HlTWzUuVfU`H@`{p&P
z$vuH5FE9H9A9QO{p843v-KW7P<w0niw7m{AYH=3Tf;jjhAEwkn9lwkcVr5d$2Hzi%
zVOB_jP+5>6SCruO^?E217iR=K7Dq@^J9ZomjV^s7K>SGkGHRJNF0N79a?ezz^IA6A
zYtDYk3Tggy&jL!&pn!bUkDR(2tSIFiHM&GTc%kP7{dbiB4kMHil35TQDZ>HsoU;gl
zv9%w({2T_v%D`N1K?kCU!uvV*>npMzO1wI{roY=SOgYMJNx!=37rtEN)*Q0W2W;oP
zWrj=?_ab_VbSKO(@~KE-GaNIu$(epBKtco_z`i4fqb?K6j6Q0vKeVjk;j^?-90-IR
zZc)=79aJhe<KWF;BfRuJP1M|Go9+`hU4QPg_VIb{cdVeE9$Lg@tP8^Zc(tQs9w457
zA0Zut0*Ni}K4yiBgCO$UWH?#R6@?LK$Z@*xvbhaJn=UMOg<AIMpOId4ll%jbV%Aq=
z`-~yb)28rwv4%R3#^)8WvX;}n(N-9il|+EZdq(a)x1@~guTN;Bc%6Y*B{stXaKG^Q
zEHB0#508#ON7K+H5+k0Fr`Y&?sM?7aX}6(HsvtZkO8MX(>)=lcq+)H$)tH8zq<Ngs
zbON{N8t)5G57`Z#p&@?FbJf;^qN;)N=To#<!K*?p9U<t)N^h#pzHYcVzzZ4heHgfJ
z8jGbRFA?lt8-HQZ@xXvv5{}9PbLzx7|1wsek+HSXDftoj%uVqo;NFG9<-U{J$KDg?
z?-N4ieC!}lEj+p)4xX%hee-(-NkMj!2FU3yuWV7_9aadi`+Gi(L=Aykb=;NH+CRm8
z=6wzpaxYk6W|6(#)%N<4+|@kTZ+G98b57exv4UaH%+*YTz3POs)eEIx!cXVI7Xtbj
z;o>@Anro<NuMls$4q3`IwD_EBVcfk=on-O5rr`s=)=be1Y4Be8d@C#zMF)&h8C&^A
z`qP@c#4RE^j5Y;uCF3(gUs_X(*BtgWL>aRqiGF7Lx%Y3zkg4M1b7vYxJ}93Kn6J9L
z{6w>vu;h~fm*-<5f4JcEhSo3~JNI5G-k1b72Bb58hU>9owVzu~Tw}UdlkHp%it2rR
zq-#`PX928#V*yuB<r!gKUd#=}N$<qxHm)Dp%R$8>sT<g?tbCeS$#mG?`8=Wxq$uZm
zXXnNo?cuz1Lg`l$7z|caNRN9&d?v@LTFa=~`e*ugFWxlqD^3pvx>PYP{9C%Ap#HMm
zV#fE@n#m5Xlb38$dmb|v__V+<Q=+2)@6l}E<=GQ99c(%g;aZ)sS3oB`aeU9D1W4n{
z2=3^;MJG-($BdnhxFh5u61JtpElK9*fPjcq^<R0oLbBPbO1ll?-MTN2dM_|GFXhv>
zY}o>ha5&!2)M?9K?X{dOqae{Jc`3Mba9n&w=0@}1p6}FaCv&2}*b=lQ-GHP@;|shD
zXG6cN(<fYPoCG8fq@Q`Vpj_W(q4SYGY?k+>aPW8T(&gzr1^csav~t66NyFH<_>Z1P
zQrw3t8#D9^4smWVe5DUq*xxzsk7ypAQUab*&+7Z4QVx~9<j>+DL9FMyb}2a!H|2y$
z#uQ2{k7FY8N?Xvhzs);2iF;^cXH7EA91B`$sN1$bD6TmjPelX8@se=)iQ14@+MLrr
z7pvK+bV5wpKrG_YLz<A~oEeo6CssOyLz@h^7tGuSe-WkA#rk$pkGtr*<(CToh%|2K
z<SLWI;Zuf+@dcM}w-GfVy(xgkrR<iY>!Qg9F7aefXVKtrZ&<=)MFI{k4kKZAj;Un(
z$VQ_wJ&ghkg~EFBLb1?c7@t~Pbwp=)q%I=}&-l%n*0hvPbt;4fQattN_1mwC4F)N5
z4HwQ&&0}Jqrrh9kFVpG$i`-kM5w<$eWJdVM5Y4c$<5sntlYj4}#G^XEU=ERV0n{fs
zQRnBTvP}9LItUl<UfD$^?_*uV!{e0AyR9a#S_4<OQx>&14!@b>a46Fh+H@}zb}4tP
z2B-a8c#ID=i~wPz?`h!2_C^|f&bxd}A|e3M_^*~EJrsi%uc$LsnGAn)IwK+_33&j}
z>ZpDHF+z`KdAeR?lCCVyq4Z*nkV8=a^zoo<NVjWR)EhXH{KP}Z3B`;1Fx!g_YU*o5
ze64{O84K=dus`e-WbWl8fnmtPTf9G5#pV5HL(-n@2qYS~e1ZezXFh_dg(Vw$FHqNA
zJifX-(?zvmO<!Z@)wqlVPBJf!<=tUfB`GyGoElD7m?*_N^zZJsNYSyQ=NFE5X6gqZ
zG?h{vU;`3BPzEM#^_)B=;_Le|s)@2_2>E6SLG#gr@Ux4#54X5(Rk`Gh=z*%9Gs%o+
zhMlM8nsF%L900t?2?t2cxyOrZ;bB*qQE{|TajW0YiC}ulW`E1m-6|Lzf|tO6kCQMQ
zNqgr<h!eW<EGaVNgzgU`92E8DWBg11<_l*36~+0VOE_evGQ-amW@yW;lo<)|%J^ss
zA5-JuSoH~>P*-V`e7DZc9e*-YbymX~Pegil6(VqP#*iUY0g*fwVOGa1nB#*sLv=Ay
z;hiWX&@b<Y{^+Jsl??G!^y5F|pp;Ex&EunsovtxpP9SVdPwSNQ{qmn5J``R~6o)bm
z(rTe0aI51icsguXT2@|JoZ1`)kuxIi6vo|RRK@rkJtlh3#NvF5xKMB$bn^k}(!g0`
z;V+O_nj7h;-OcJ-P1x>7lUR5%8Vq(6pl=O7`Xd^)RC-U000wI(|D5(<zO_j@t7$$J
zxCmetZ>1ht58GgOA>%J0|7P7UgPx!JV!n+9$)^|q>mFFPSqSe&qaMIXbu+)ZALleJ
ztl5X$1Ph`$(Y)1(hlv5@<d)6nd4g%OPKysxxB2gQwj6m0pSQ_^Fb@0#5jaT8SL;g=
zivf0(MCeW2?BxO8LeZLvGcclBKZ3GDnq*_DGH^Z@fMpurDsr0Egj$Yb`;aV;0irKh
z3O6Id<8;p#a(@{lqVrrUiCi-<mp6>nYsZNuXGgL&f+SSZmW(Of7;#UmaO4+K%=vkg
z9DsF4pZEk!E`&Pk(xOXQf1NCw&6u;1Mmcui`{6MX=bKfzEs{<cx&;T+SQl#Sh_p7r
z{czP+^DBUR$Bh?J^2AD4HIa7pbg*gW>AE|{0fdN#^Wx(~teKQV&|R$07tPqug*v!y
zMd+XyWAB$SegaHwgb<Y?G>qm~kC=Mm5^|6EL6r`7QD|a0np606$#P!yl)V25hXO+*
zEZ4gC=3cB^Q2l%mV5iPXrv*|LLz^M7apW|FmWm>iw%}wV6b1&nl;WIG`WE!}j#OW~
zGXc9I9`6QsTmGXD`zM`%Q;sCU=^{zWpg+|!;Rm8Q;S0YnGb1z9oXzf@5uZl23XL|c
zonE!S76Il@qsj$9BA81AI?=bL^buu3f?@f(2$#}WoDmbmPUzkI$`y%U>JbBqAdR!j
zDW_GM=l9Cscqmnh_L3#Pc4NjhF}H!zl_x`T<rN+HkZSt<xm@i@5q(0-ZXXA)0|Jyp
zw!{-eqYxfCi$Z{WZ&ud*|BjiPI0%#=X~AZ(z2~p@Nqe(jG0(g#$KHQ3Y;?($0mROE
z4S@ZayR6wNnyb1;ss=d?=@79C-ysHn;x3QQ1dI+cwcvsB7Ey|>G4Aou!3>=e80T*F
z_fc}|i}&P0YUZ5ttuFlR&xn+{C$`yA1y^R<uiKygQ%*Uro|!94h9^CfLjkJ)#he;y
z))Rgwt{vzqCh$@7|3V5fo<}N-RqSz$vX-5$ABm8_41*biG6g?BbKeq;8IgqiTbmNf
zd$@7?zXJ!*3ImH;kV7S`U4@GOs@4JP{%v+e!?Mnwbz1=gW)6m=MIjDUChgNP{_2^b
z%=R-kO^hi(q>CBreC>lJ#A7bE_V<X1=GKD<5eIk?0}N*1k~NS)Mvs}Gt3zoX(LzyL
z*i!gmH2?99xO;b-4eE#DHt&*Td*?oyl(SDaP#WBHQ8X2Bkmt{x{_xFJ(JLC&Yt8Rm
zX(3LaF*;PBt{i>MnY)R4m?V+dp(8&`Ah7dsL=g~8p&s<lQtuHtUzLl-f(Qh-&uXIV
z-~J!3^H-K*ElZi=m}!pLtXK|0HjlbFu->Mqt_QN)#Tu=mEg|#Wq7EdaYfPFav+WJ6
zDLq?A-e}7<yNCk<2X`)Hh`CL^o`ipzS^Wb4<m4{nYXiQI6?bP)Vyo&Wy;Ui=wd*mE
zF;=#af`#p&HW_@$%sp7`@82eD_f;9GRrS5!I@8-6GP{%$^%{AoDLxNX>8TCfy3HK)
z-$~T8yHX4>0`L_>U%#tzM^-DBqr0Y4;?0oZbdE3-Oc%<j%el!S?}+_=+*=|C*Z0;i
zvY?2OtGhFm`aoe@rXN8Y*ACL)QYe&|(`%l_v)rkAqJ7Xtt2`rLCIlhS5yG%rezy2r
z<9MP43r}|t)rr>8k#bg)i-~JGt5-E_HMf7z%t#PtfWUozJp1ZyQhE|qRfKbBSVc~&
z)NiL*zu$W0!8sUC0ZGrLgrBxF0xDh8#dT4*l84?W=EAOtOO#___$6kuSI}{!>-=xF
z>h;qtlaT$B8FgV$41-iGMhBMeovzdMAf=p%*);(!MS!rs!{tfl6MW*Hxnw+3|I4AQ
zi9_^HBK1aRam!ywxj}lsmec!pzvfb;$7Em-`5T1Sw)0-$S6^J;63}dR{#*z!&_Ujh
zg!jjo0vryy18jHJ+}I)wVxbHL2%Y;x*C_JDMzuQU^$1Qlfw2HSyiI3k)NbwUsIdhE
z)4I?<z8kr={U^@-YS4lpg0K60wNkqCdG1pNG=KpQzZ;MkKpB?V-RTZ@XVN7C7~Qoz
zIWy1R&^<g6+R)hl;Vdg=AWi@qi^djOC;y1*Eiu=gW46ithLgNB%Z%ca&cpc-I{ABp
zsjaYrv|^#cNj-~Q_QIv@wjYwSHQ|Y`sXC7^CdFq+QNburF7p9O$cmO-==u2+6c+8k
znC1!heFxfn8L+>dYNwy4GeE@L*AneOc_g#rM&7zJ@m`-~e*^}JzQb|A;Xb{c{D{gT
zD~&z0j&2`PpCxkrH2Pn4pp_&0)<23LwrcE{lwO?A7enQoKP`feoi|((-I|}yqD3L>
zL@P;@0Ks1MJ<Y_0#)E$SFfL>gT;c`-W{^%_l6cE(<yM~}?Zy{Q$h(3(LYyve2J%9Q
z#mDK>f+14p4UIlaeT8$u$X?)mZ}!cqmX6q<6=QoYG_#Btd&O&`utVVoB4r^Ibv0)k
zvpb!#A!!WtvR+@r;UIqF=+ORLhG^gpNfc!-uyq#_#XJz=CnG=m0q>)`UZS~7VIh$Y
z#tJ>XXBxghuAc+M;z7A@UQcvoWA3t@!j)dMt&F8LE$j}bMML$djInfOQ2tUNk766S
zIu3aodjFN5MLNUwy5@h1zeIPqC`@EH4kk(-dwnqx5V0rxvLW9P+tz!Q(M&@l4nr|q
zy!%wF9JA~d?A&z|b`!tuM*F+AQSpcCmTcZm^!P^_JOT<F{J@<cJmB{*A}<<Ng1K{x
zzu3pOX&kU$))=-0d_~Z~V?^<s?4kgx#AG=-jX<MOy_^w6W1kYMolt%Z0f0|S1C~0;
zg`*@VC-#+n2ORKaqi_LryA%?fc4*>o?1bce5!sh^4>HbJeX_9}Tpr=XE1~e7h30am
zO%ct8+WC(=Y#lN%sjpCWsT)yb%dCfQ%Zok1HjOQ#OU(w}3Zvykf7JlYXcA0bIfC@_
z(nD$r>hAu&a^?!_@7--b{cG8XvR-45C5x7@>e&;_w`)vHq`Re04<F?Y^1su|k5;*#
zGaYZd7<o_|_+-a2Q5*|}F*3+OdsP@`8Rxv{A}*>u@v68>9jB_OFTevK54?dV;=Wij
z0QnqV$u+KxET#>zH#dtk-q}nZkh$WBJva#u#whB8fgRs2e`-RHZduRAA*oN`=SOhA
z#L=j00b7wgSDJCmB3e2UF%U-<U?l^T^tyADOllq0sHtO-k8i~ua|;Kp6oBL}z2hb1
zA@5GT$+ZH&<*euuulB0M>kXW(zkDdrC@&fJr$SY4ESwoide7{%aAlS*bjFV3=KzL9
zw@=Y@u0mCz?U|wQ(U`!fsi@XlxWt2aQ95v(6qLl(IblTV)U<tapZvhOH2&+Sqpq6M
z!4n=@v~#qhJ8wP48IpHr@ed_5P;RHa6@ENE;kq6G)~B~mK<x!~GSf*xVXr2uC<6FC
zcg2@ccV$ikGn)gRLO#G?uG;rY<0rC<q826<Hk$l5$h?W=;6x{QTgH7L3<a=Ann2CA
zQVIi#f@)oNxt&V}YigYZ1O^o*cwi26*LZbS*SvhH)3q6S>|uBAE#@mSbd>p<w|zhJ
z1GdIMAf&q&e;?8Bp7rN~hmnc}ujgC!@Y$URmynIuqY1)LK7Nd(sHmtG2poqkmBu7R
zv^ag+=dE)^4!bx1ZB`a-f3sm@0U!SDU^?5Btg3qW6yt@rH;Vt0#Q*T=$(HjQ9cuH<
zvb?N0@Q2&ky%{=2t@tR{dwwx7zqNUUr$SMR42hUm)GsQr4s^35@2xFZFtpla_{+f1
zz`dO(yT;Ss^uDC}*ryt~TGC1EDf^BTW|p3-eYgniM!?qNiEZ7Q(r^!EjCD3+@6Ck2
z_4QkN=nh3KF{9Q+ymV||+_Ya%lfRJ^gD(3WQ7tft5NFJ(U&<>6-=sNqt3qHEJ>nKK
z*PC6nw_mfBk0E0op+3j2iGM^NFzNb%^^llbR;+h5Hya=jjJO1_S`@u-B{cjf7Jpyo
zCX|TCY#jRWaO>NNusU11P60WM%*?*Rg#ug^IH!UF!<=dtOTC%-**<}!;tQ5292NkB
zvZks$fZ1yg2!PTJNDGB78`C`O#J{}H%P;YKQ+slLOOnW&ACsqeuUo=zG1|~V<M>#K
zd__c*ozGbnSd7B%2};a{uls2ai27zL8}E44cux?o?^n}8fIvMu<h5v_!pyRoSj&$L
zM#gQ`pR&1Ya=FBd$rvY>=DDoqosAh>QoJdP7A;hOnNhV8@!a=&<H7Nn*swS|qpqkq
z8kspPs9(x_)fIBB*vF&%i%n*yOm9u|iI+gqMpGz|2+(td&h=Sk_bguuyA(q|o63<)
zP>LLx+Bgn@Ab6n$X(c)WSwjJ>9-J7Yz&p%Ni7}rm{YKN{xkI2_3^*SH#ld;6@iXB8
zrI5E)d)enT%R7out_yu<c|LzGC>Q8^JLIzyfmmp-*ODc$e#RI*LVJwF{FYsCSz*yP
zVS*>8OMt6EUzI}bPokA1X>W_M0|ys5e%UzV4`(~yG_Xk~f8o}V$G$4>u!NwxDlX~K
z=bcl6Fr#{($!AXSgCP?_8{@=~BbpZ?97$wkUPGkvjvvgN4IGk;YJA4y@2SS;bd!jR
znt%7R5UaqL-LevV-x^*FBCybZ1*Y;1HF#$=K8i!YetO2klPfT2=)givVD7P9v*wDn
z*q0QEX{^ysNzG)Vh)PI1HBOfS?rf9&Hlu7Jikfu-N`6?_L#Xqnm{Xg>rT{&5_!s<_
zXWwj9TlTyJ0JMr)x)DYkr61*W1;aOAA2hjV>F5-4fv_@gXuqTQ@RcUHz3i-Eb#CjA
za_P^MLNl{9zla3Qd%b`d;EkN*-?3KU%K{Xf+F{F?Q6HH)>>3WN(rC$FV7%hMF-9}M
zw}vNn_K8C>34P>RW%rjhwVOvgSL`d($!T%YP$W>>sjpnV+F(yTWV*Yq`f+Y6vaEJt
zHhR9dUl)>|BIk`=&`?GF<F!pKj@=~XF3^cYW%9YPAd)y->7dCG10R5sTe1D4GDI_e
zI2s7_L|MvvCRz5ktc3drv&i+N<uO?KAmpU}Y~Kr``!;igJZ4_ZSoHt=>94>URA5k6
zqcIpZ9N{P)l~2?zy11;`KwG!CS%fsOxT;_iuoVdE1&BXHA|j(u)^gwI+;;73W#6JA
z3bf25S?aViB(CrDuDuC{il)<pTa}`WRB1skZJd6`9hdem3-Mo8T#32gd~|YE+^yz2
zH;mU6YI);&?EI^9gZiXbR8a6ezRk|K?`3~Fl_tXuxC<J<OE^931B~5T)-Ml%Fp{wu
zimn^mxS&60CPM19^l~0}%Q66L;5G;^<7>kIEjRr1Q^NK5PYffU?l+%ZroQDq<INC;
zue|iEcuo~pi|Eoh!~c{R^0EA;!R<$*Kn^rBvpgh{Su85WE<!7!@?iSSPIkauT+%Cc
z0({)Sx5DpBhSYRuP|$+Nt0aFp2++zGz>b4JY6}@f|EZnG?s`X!47qz)MmPUV@YcDR
zRUg)K3}VKRNf^n6ELxGzLhIjSin<N8-dMI$@5(V&3N8+PLz3@`_%c7##@1A)x8ZX{
z7tKg~mj_aoxaQ<<zHq8$7q(c3?-eDM!*TIg)pWHCe-+)I2c9(vC>hB3m*~Nem6kTW
z-A?sjtCo%@4s@1ggSPbU8e0E@2|YVZZy*nSr#hYC1W9KFTpWguCW&+xaCp|R8`h9g
zIFJH{!tW2H|1&f1+#a7f?SB~qA(jKQ5OWYxOgY@J9{H&`c-QChysG26{>(r7DWc88
z9uTPr?#`XeaO352|G*vbACI$(9f+Wt-i>P=?|0y0;8wt6Bom}9iI{RHV(62%V98Ju
zBmC`K!q7m^RdC;Hm!rcb0sUm7iy+8sM?H-@w%6~kj$Zz0XUmH78(p!3;d{M?=g}-*
z4I2)wVB-z+ipIHAoacCLBSQ;@>B8^wf(Kez4w{y#QlmMRSlRkeI_w1IyetSt%lf95
zl*?I@LcM($n-?$&gm)0r_A*VAzP`7fYHu5f!C!OieZ8myg%979vClLK6&{!x)Z+Hy
zqbu>*FZ0&9A~@X;?8wJUC;nCYo0RQqhla*$V%97<8Pabg9hZ(LHfjU6+g5mTu5IBZ
zJ!EkX4>`phdy28h@Pn1Vc2+bl2KQHe8HPLiP7=H!@-S^wmwXMZAE?D%Y;$EAvDY+{
zU_{<=@m`vs<jhpURGyyGapw}{(sA=y3v{-Fvj4?%7&*S;nvV;hs-9^Y0zB1ERx3>|
zUb`5lX8;8o3{^yE0Z;S&5H>VqM%o))MbQfqi#-jp_Kl&219Uh5C_)Sl*9Veqtm;`z
zDfClO1J<dX?s_Nw;Tx1mLRM34u-sRy-b>88fwweZTHDUcKfSiL+hp9EgTGH*oqo6@
z8@8bf1XES`qHu_Op@bQ~<lB&$vJmO1tI$diGuH%({T4@;8h4on@eyKJj70T6>H`u*
z{*Wc)3!A?S`O#Q?xh|x)NE_ZwX@aQ)J(_W%+CSjw>v#Kk6_&rT#ylOJdwbL*=sD%v
zmy;W^GDz98TIAQmIs#o#@XIk;_W;dvYSV=$9=&hx$R!pDKai7aTG<O%ubzvdCbDPg
zn?mDL_VbQ42w@rB#7=&eos94!3uRIL?=znz;c>3at}j{dxfV+wKXczDv2nb42veG_
zUswx2Fu!>IZ%d(K5&jr1n8xg>0+0yu-K!r6-G7HCf9A9<uggDXOQkDXNVZj1@fIb(
z;m$6eaSBfIc#_IxrU2`p(S%hod=X+a+R=Ep=6Ipy0nO9JpA$Bg7%kqfwJUOME_o*n
zNz}eQKS@%J%pd+>#^ii|G*>;|LktgKl>h8vW_J?llTZ0er-<W=H)hKolKZ@+9pIy`
z+Q0Y;4gn)|fx4&;8(?Y&<P~LH48gpQWML^%l0D?1Oq7wwM}6kaT!{dNw38<|6uztm
zo~dq^lSaGL5PqDaoe)BkMS~{l5}E0$nHgVc9hDw5N3L5GuSi4Q5fC+zE`4$e2c?ri
zkA7lM(75|CM`Cc%2!L};(T{^wYODXIVv<#_-*V<zD`ijm@m6n6=e(qIJOk%rOlm@z
zN84Y;pi3>3$V`pL!=>LtID8r9dEsPWB(W6BEoqwfYU3PsT-JE~68;OLsB3c3^BIa8
zOP>qR1-s`UM#*GRBLftaOV>OZq}KX$p(&((nFdtH!rdjG;X?^N|6WF>x_>QuC&dMc
z*!m%nHiQ3%A?Qe6K0)rI_Q7pnFeE90YBBySoeJc<A+>Qff1ua$Gd`J?a48a`+}Bd$
z`M{>`aAp($h62;$j(jBv_=5Lu>o7r?vVX4()Zbh5x7(9F`^QtLP491u7Z=AANp~w|
zpbs*EzkdX|n5K2+x<?9JI2^Y)PvH3a1<XhL4CrVf8KV_p_U)K0Y>sitqPibtR=#le
zR$W)u+XHoq>W*#)6nvlc)_@L5@v*^bn)&qfEn(m*3GK9KrQN<TO4$xq&}kUAP?`?E
zN(JOEVE;<<g~;6$DrRs^7h|mno8LHG(+sc{Oa!CRDD2p4Oxvx9fG|q;$g-wy{xx#a
z!c9PCxP+2&&&PyZbvE)B@)v;IRZ$RQ8vh2MIqsjo#+UC7igmV4a#o8I6cPKOoeAz_
zqpnFPD)B$aAo4%Rz<eBjd|aj;4C<h&PAcH?tFdAc<BjLpE!%TO*W9SD{byZzZ>9;!
zc$U$P<8vv%#Uhu|fp=2;9BA{4t9|d+kK?4WZJha2f(GpmB>rxl@F--X{!9H<jcQ6R
z)Bk}u?EG<M(|IHC-@Wh55P1+@R329-9ShFj3f#FG?%E$!k<ZV2sbo^4{#~Yk;Dwvn
zAgC!P)cqzGM@eGAp!a^_&)~en!2M5|m+Jcbc1JSwX4VtJ45-D<mKhZ1B5(Wn8>5<S
z&BSdJc&zap%l;T8zv05kCpd4LgOwhX&wqi4>Pp#e(%e^HF{)*J7nL@2>0J#(GApCC
zoHFlR%-dsQ<pK63FffXyIQ9U4+G^&P6<)zJM7r2*T|I4;{aQ2AU!Wk4NWMSiAN@1$
zBv{vvwhP(!X19E2pUrlsL>8{x!%I(tLPy(*h(nnj7u?Qgy^2D%Lh`RMUn(J$fIu#f
znTzd1l@`^0Ung85jNIrn`*iJXV|Vsr1{S#~-Zk2=ZsEfu!HJqQte_UJZ@ge7uB^OB
z87x1Ce0DM&-hI&QiO0oPfbh%>qP!S9X(DV+ZC&2wDAf>#meZwL>VGJyxYFC7tiJ-t
zvuD8J);lQL%aNU?)5#2+mn)b&jHv6C8ur(4dyM9Vm9qnYf%omr^0>0Av6ctmqG*vv
zv00T9uBkM32g%<<PUiD)axe36xX)L!ph@hW<0oR_f$>tZnpSLzaRUR;`TdGw(a84k
zIoa$4KSmHxQM8~SwxI2E!pEm~gD9;Uc-#X?A0DGcrSOvtN~}%bpVm$ZxtnD00D8*y
z$%3YN=IqB9M?miE;^|V&T4PX8vrsCt_mTF*`QjX+2)zi<K|;m_3_%8we9b3I0rD>D
zffuTcqY6a-U8XHqX`98J$qLsYe`B!5IxB*g@}@#(JNXvYhU`1uqDKZ6b!X0Jzc-5}
zG(I!r)j}bBS4wIAqZ*3fE1=NHvX<@DQ4>403BQx+n!xw7mxTlW1?XT^36RIg%Bw^$
zD0=L2ZlG}LlZDR3-qr!6uD3#Vh0Bwy;PZ4QF(^uh8ItFqKIgbPcccHq`X<v9m<X@&
zFe=(x3p?^Tj%^N^b9xMpa{O9|nkTS?*mnN72=d(tjL$T$%nn(a%x_=1Ik`1(PnL@<
zglvB;7KgzCZ|S-EKt-_D^Rp(68=R?MWLR~@?rYbb$;{;N3Axo=5BGG67flB0!np3x
z&^YcSTA=oXk#FC<opO}xlRjTP2+7Aq5iyJW^I26Pw&vL{Q4SaA?cXepd9twzY8>q{
znRtfJnxDwBjE2qj&jecQ0D1@&xZY`i7W_V<cCI*lag!u574+~ve}4XN`0{1CuHs+I
zV|5FiON-Z%l=KHr^Z)iO&oLeu$e|&1!i&G`ey5(#r_K-3^XNe$fa1=HH|2UqPx#8$
zA-jFrH*fh4@}ZynJ4|gkS<$2%*z#95&6VVaIY!5bTk&xc#}^P0RQ++-Zf*l_s{cZ3
zIn0q4_7W^{kOJyo?Oi7MsB6;7ODzgId9|Z<T6sD!_l>_gx!0$so+^dUNk68hr*@)U
zQAsM+A4>H9)?YV|qCfwHOi1s3r_$&rOuXgyJN&5Syfyb)?HT*5+Voz!+fSV?G_w}k
zHT5-^7e5eZJ4%U3@QvY-Ep1a)jB_`Ab<cFlpYhGyp;(zsRz`}Sa?#iPZ~8uCw-08x
zISL<?CX~p@o|YXZ*|db-V!-0c^%w?$zq<aaw$RogkUzUbmh4;>SL-~O2{=JJN|`Wa
z>p=Yp!|YV<@v2yH8W3ba6=1oh#zU#JOZL=xdpN-`^pQW-JqjkK<KDOi;5YAHt_?hV
zJG_H6L*WS@9C?2tzw~H)#=rZwzlI>hUg?=!FXB1Ov`-pVbA6G)YS<>Ft%BWDw0)%Y
z<F23`>rU^wx<T(CM~$|x=;|P4sdr8Dbls5D7rt8lJ%^MC;G>0M{rRpjwu+;1Y8rb3
zx3281^ZbN}T^0RdT6ei=^6C92o|<PvAAM0M;#Zh48_S(B?|qSR>AYjMHv+NnH7yUl
zk;Xs5$4S>id-e^XydEjy-K)I=ejx@jqa@*Ua?V^wW7z3Fyi1O?`Pi^*?I_vDO0ZIR
z=0r_44;KM@MIHUUI11ARB9~~Myd16laq)Zgelh{6c$)^w)yUGiXHhrUx=HTY84-di
z8L_lKe3Z>LK3q_LammO7a=FX8_v86T`@}gnR!=KSNIEmSys}Uw5>Oo(sWSK^$N&p}
zOc4&Od$|0o$(8yMC)%HF2W*_GmD%#DX$EfAusJJ0L3j|pmwQPPl~kTKdp<)6wp&WF
zZ=_@q$f6IhH>7bj@XgtDq2iXaZELWg$|Zib_~)J)kHzxp+k-B`OyN#BrGs{J0pYrK
zzp4^wFN%X1h+?ayG>XD+Jw7x2r!#sMF}pe3n5FjQY9v(7KaGntUUvR#B>es(&tQsB
z_==)a<wH&#D7Kn6KQWFala_G4JEQRMYv}2`%nx@DohT&`*TUVZ#;kOqi_J&h_(vp>
zx<8TqW0e{g0!sc>yJef9ouM9m8PRsLGrL?($jr+KKK-FjFmX_lm}=#d_i@&xJ2$*U
z4_DCEs+Al)X+}wpm?=A&2eN0{qcV(|k7w*vq<S-ej%ZGl>&hce98nC)G48)cf9`nY
z?9Xz0F$|_8`amZtnjiPL2Nb$*;vM($g-P?ZPd=VT0|WDm+5w}|r5d@Y&$cWX6IF{6
z;q9sO!K2fSX-5Vq2nP3+PoR65e-)Okd|26rxtUYA@Kc*D(}hDE0{ju~`|sd-V*q+{
zD>(cw7cH0upGP*bjvRnQbqF#*u1-Fo6j%HHmDQk-2@tV1@m`p>E#MW8UU&M2#^}>5
zoZioY0i?sm@?4D8R<Qmq7s|Aks5Fvcac0ph%JZwMO#z7|{_VI{)WGhUy0oP8vDG|6
zKIvla+l55>cq9Z$0|nVpG@H+yHETR>g&gkB1fjvLad|Rg?MhJqEwT-Iw#elAlRm2}
zXHFY`s~vT8O8#31C9QaH>jc+o%XMXy{^sMM^eXZg3=R8<?DY!}-Xw0bszu=NI?PQj
zB~9OQPhtht1LmCAF=XE7IAYJ6-kTPuOyrDiCXTdsg5h3CuT8?`$!RwQJD-?PjwUGc
zZLS+lX94!mPUL$y6DEWBNM4E|P3#)A7Se28s6A#Aw$uATuy!8%Ov_mpuO7OTE~sV_
za<I!^<Wd1sqDH(SPb|OPu9=V>B~DJ2Dm{$|KW+)t?PqP^reTPJfyABj4e23}`dGCO
z6N_BmFgW4UXRnF_rrn|Qn2a>m!1eH>&hUM<D}=R;`n5`ZFjY}i0eCEm{e@&fcL`I}
z$~5I4s(6RF`f|f=y(ziH(#|b$z)kmWCD$<0IdE&jZA3w{U<(--fDu22T5|=|DQvhg
zEmv2$P<O<cGHNlupb&87K^AxnlJqxA&bwH8;^IHs)KqNrcE>HV<}>IV84bnCI1+_a
zcEdyd9LN&9glo@ya=3M5E=#_s;&%X%EdfDGE#!q`HnmCufnVuCi7~bD7wzr#=FLHA
z>u=u~)ds{xaF)eHa85tH>ZjUaFT`EvtG_CGt1J#bwrq2$Xs%jXY5`am$yur{eD+)4
zb(|Sak#Za{GreYy|BZ&HK;$DhQCe-7r$;S8OW)V6nM0nOY-Ej6H6&n(SMlN<M&jtl
zqkC7+r*oI&n@&&NuDsEUCs>O;_@b94HvI=+E%a=W&LoV|YmIQebcz3ZncMNTKc=UD
zJ|w5Vk1moMU6cqxe{X!M_JS>fnb-Bxpm|ge>fkC|=y@s~@~6pq@qEulj@(OTMWf`e
zpK%)$wt&-CHSP}K@I_zIN^CuIlHfBVe#mTp@PYd2dv%*4w*-xFcb#}$Tb+`sN5p%7
z!q2T7A6`ErkMGTb#XbaFzx=Pg_Ld(#8#Q6|fd`*aYS7o2gYXdD{-&^Yr=&;Gk<`LY
z{wDqA#lxriO2LiS<x<ossY%5fMEK$*2Sfyvu4#KF_b^o09;z9-yuyg51HQsi6*!1z
zCmN4?{M7!)tM8F1r_ZPOz2dDs;t`^^Z<8j3f9&VHUhHC;QLD^3x+OPgeEZfe`dwJF
zZaDA`!6?$!ZrA5D)jqLO-`lG9N!J(-jFfVFa&%NLo^><1__1^A24B#>ANQW&1a-P9
z!5|QW{P{nhv&jUR<)VbJGpeDOgU*)(ejF7+Hr6~kH}9_X{2spakte|8hcyrNX;6Cb
zrHH^d>&4bDe72)coks3GPMERHj)>3g$%0h)r5l71%alR8KL=;R_E*{-QZ3+G&zVzq
z_LP28&6;$J6(=p$Xljg1WE4#jKnhdg&wycw30Xo^0^mRl2GEA^RBlJE`Zov}p=N1>
z4`*M_J>sKOxm{?c1e~n`mD0+mncK+;vlrq8|E1(S&YIEv?rHR7)H4)f{9)p+qRa!M
z_6wOs`4)#vEyuLu(=TLhBTc(tP_TH<5GG>XLagom&bK;w?xXhsC4vcT2mLrnlqrcg
z0)KRq!6L_j%$IffZO6FQ7;}STjhZ0qa}m<z0Lt&&1$oK><?mAXX~t!1>omv4D&=2f
zwm<%Eil$1Oe36=!atGy;FGKCuhGQGTuEzjAoJ_a5+wF`VKCM6K9OY5wM&k1%v01DR
z8`N|iOhCFtuLE-QOzdOVGjp{XAdNh$sS)=jU|{jmHqB}-xUi#9Ys@p+k(c%P@ZTpD
zF5h$1**1=7mTDW-j&{pdDWTB&C09p&ja4|3+2;B1U6TA=G(IrrNCLAM?@8&9Z)`*N
z7yelOr%XMK%QMI07V}-BFJ<WjMdUtMI%f^_S?DOG1ez{_?uD;6Np~gsG%mP4P#%E1
z27mU$^vbejJ)UQ90<jaJOBHHa{icuFw=Z9v@*B;z+3&tU88O_Tko*g(ES-z4daO8Y
zYpaa1yk&ks_v|q>jY1AH<i2R$^3#M9^}5$Dqpa~Ng`3ImC4lx86kQ>+W*eejpiGi=
zr4tJ{-}1N{yOUraAg0r02|#npCT8~Y?9XQXciZZBZ<Vjbo>2aV=KhHfT%AbBu01$A
zc?h^Sf}Fc7@aZetl6_8(+>NiZT0QZtj|JxI9Zp`xD#WTSi@(3bVBF5XCUH(`7NyT^
zRD{pr-dh&j$vau3`N=_Wii}v(+-iOOr)`eD^df;-hgklCh>HTtCm*T)&C)-VzH|~`
z6Tb9(=D@_h`6S;%`ARrV*7?7yHPc6%tyHO;Yu}ht&$igF`JtYkd?)uftRNsdeS$C<
z?Kopnc6+kv<{PCSlckA4eX?Ko-^j``qk(acV7_YY{LRf4w=EpN$*&vENq!$Y%7jDQ
zuvmF+ojlscK9q3|(xv4vI@3FJMt_>J*)kKl#Wj&qG$97GA=p!Xs<X`mkZ_)gY2*B!
z>8E+s*Y7y7b7_n2tfZ&=SurHCA(=aKP2ffEJbdK)KAtbm{APMO_2wcE&C4!5C{!1v
z>Ks@0o{Cu?zX67AoLCTUdXC@6>crx3HckoBCX#gzZ0+rRDr)oKtNv;a(Iayd9!+1$
z1r{>cnfeR9p80OSxZkg?da~|)JD`*2cXe&Ded>H;urgFOo}M!xSL$t5_C)98KB#4m
zElk&&BE#f&1I%~{;oK;5eE9SZbR~z>;W@vaJ5{54I!>c`!xT=WHr)&6uWyQG<}y)!
z<d;#7`*VY?!KvX)_ok7)YTM3gvjt_*Qas!55TM?%$)Z<UgrhK9-`HRzLtg%JeK)W1
zPHfBRO0#%^Jzj~P7C1k&S@idY{Us-w5G5sn*_;MjF1w@ti`2-BGzqc!BtwBX+U1Vq
znXv5?;d)xV9k+594+R$Out1Bt%WzZ`vPH_Jck;WEDA{jS?Y(M2?eI-J4n%dNA%+_l
zHz>pQ#LH#PAqF}mkYoX>OUQxuNlPx?lX2Iv_7DArHSFf;qKPMvFeI)^Tphvyd|jCO
z#=9@5_^<9KOqzcB2_EP5KyGVKKAu7TZ0k#BPv=_<dT%gYw;`sHU(2Q%e_N#P%5dZI
z#Ks<N)Bcad&N#00D>zuk_NTcOM9~EZxQIsZRPAom(o4;2FW@q_%$Vy0&&HoE49;jY
z9n7|0eWrK=3NBaTH3~~hl|FchE>9Y_>0qw(*MCLm4G=J&oIVF%D&X(KE6JXCoG)6;
zM{i_X5oX;z(ea`w57g}~ZWmvk6-YRwzhJ|VbJV3@M$3p1;X*AxMh^XC>V6Tv@}j0`
z<MLG>C5VDCibIZ>>i4@GpA&3UGCTE}U4hxBG|_Cxrn~vYhpb;0I>0!{gI>RQy<w)+
znh@RfkbkFtP{h9=QT;mc=%c5aA|pZ(&A{>v=MvD&-`2~VDE5B9tNHES=mjmPTlh{*
ze<+o{C>^IWNa7Xkl9@<bA+!0L=W=-0>Oyv+j$@*z3wNXGPLtoxRDIsQ%9I!2PGH)}
z*T%&%%GGAk=k|?(Qc!oilRQzPZW&_Bvn265Li0`+P2fTMm8RcY&Ku8wl0dKys{XpE
zjb?B@%hJuTgCDX}M==uzm98|jP>xh3gyuZYgvK>!O(w!KUc47MuFDbs&1o#aRQ+SE
z$%C5Px`RKF>8WS&&3VB!LKnE7K_J{H7*K8<?EJ)b8gCO2sE}6nd1>zIm8Mk9v-MyG
zkUXu9fNc)wA;TkdQ`mXp5?gle8F`BOTQq2g&M#{*&3~Dh)7hBxBGDg>b^TQWZ*Olu
zS>213kDc&m1U@rOOWT*H{IbAO4E3#v93UMaC#phGyZCRcQ$e*jk#8WdXKz%dp=GoG
zguy8)4-S74l$C9$Dw~!(qjI|1xidO_u;~vOg~J^f2?h$=G%ZsH4vyc%MVf9{jq&;l
z-;xr^-L9lPqlKB9D`cdeRoW*C*sFH6Ei#&#m)}-Xc#>@c?eW{}{uMX5Q|gg2ks8Ei
z3WY#k_SVL!pEJ#ko3}hV{IwR~8Gcd)VE7#cCtyH`xYK1Hqp6__iu$~3#h)Cf`G)SW
zw~zI7Dm<8IOaq_=N!HB9Wt(N;x=*)y-$LKRl#<*(&~P4+{67mrSyEGVkP9`Z9iHiD
z>tf+}2qcCtFK%JG)Z^(=)4rjJ@YH@zrq6h#g*-F^Ch33&;2q*lK?8i_`)n}ZLOc6P
z=7vvohz}{^eFv6rYd@wHaB+H-MlR}7c6qSf)$L2%&x}-cff2-f8fBq3{{h80Dp2H$
z$(m{IU=7_$9$j=0p;2(4OM6_Wc08|E9NoP0R`$YqzS?xT-^>Wopeq`~NDu+>inbs_
zHZ>ahz>b@$&gm<Y8x?oIY10L(|Hl2QN`^>EehBuo`cyS~_`Er<;d^u7BRK+u4vNz4
z*fo3T`qzxF%4X^HuQ-IJzvunz<AsBnj7S<i#xdr^!XCp{RWSh_M=$ihhaUXhxb8a|
zJQFSp#^8)1aD`eKMmJ8i<ov%!7fzhc{#xQ|?;W~roKUqGw(pck_)~pFjYXR9AibA~
za#lt@pOdXHy$CG=N#as4RDP}9_W$y0KfL>8-gD&Eovo=5b#5p?ImE9x14&Jdn?8Q7
ztII2H_8NO*M@<2ZYcI1=ywMJD2%;#8`~_v><=Oo7-SFuwa?y4vjClLw592Y9I>Fe9
zmJCSm6ziHx*r)~eAZC=OW<MkLsE1_ETK)4c?cjsW+j&L?4ol}ADMQa@)c5jjSy8w`
zI6}*25v13a+cHOus##;x*h=?Z>bI|4X;Sl!XidAB{K^1^M0Z7_Y~oifoAP^h<4nMG
z4d{}$7Yt*N`(|Oezpl6$y^k%xdh~fwAEXd;b+6s^CSC-%SkmEUg<$f{`XqbQ$aT9k
z(z^hm$@(~r;8l(WAvlKQN|549ZHl_c)!Wl+o_o64a<*}DKC{$v{4sKLZBiSCHIJ5x
zq59Z(5g3~)&JvodN|}O_f;(|m3VV9iCDKPx8$vhp0C@fkhqXm6%HbSSh4aaaC2mo8
z^37X1P+TqZDgKI5o~oB!ey;&(IM`n%cP8+!ewi2q4&xXkUUi)!hzW1A37@npl(ht5
zLsV&Qn;Kmt7vkb1i~%C0-l`lE%B*RbSp8Ymo+_ocPd{-^t-aPlSM@D%%zwa*(XQ#9
zuT!>Y$2&P>Fav|vaEwlm4LXFLxCHAoEo~?DW_3M2Fp<stJ^cObJX;UIfNXaKX!$@y
zhRQ=6Ru=@}E>}_`;GhTMbdcGobess(LVH8Dxz$xcwl+i-d64em@pLsGG4sapoiT!o
z*7Uujl}Fi@NB9C$#o6J<RM4YK1V-}0t^d!%Rf3xLncPypjel=BuDllmkRQZyJ9P<|
z0#FlAG&b8-h-TFIXgmZjP6GrdD*|aEYH#q*Oe)=WOiNjwdKHiz^vjy9fM_Sne|KWq
z@gfXms_iG=$3&S5KiW%M3tQ-ru=M3Z%M3qMSw814oZB7(EH+W9-Wbkz@R)>nYJ$OV
zJcK&j$lsks=he<(T<<~!9|{@;q~g_dX{g1WRJ)%O5AMzi{~wah!lB9Uec0O=FiJ+Z
zjz;N{#*OY!De06Dkd_{u!hjDA5>g^5CEX?6UDAw3N(A10fA2rAJ?HG~xz9QGeP7pZ
zi@B3*(pz2Z&#kBf%~5e8&S;LL36pJ+M-tPq^0}vCb(n?Y2u27ctP7m7-Yn*4VA62Z
z)HS;){f(wl*9qw718|HtIZ>o)Pk9@wnAmFDzy^R73&+@3S-^}HU03A`^A@j9cY@z{
zM+!|GR6k`lKeRq{sWZ;Gur3LI$F-yL_&e~LqH)KUit0DHOc@dAqu9@2zibkX;=wnK
z=6Jz}`lJ!kzDE&WNhE2o$VkRkZ7^(E9s9Opwe<o9g~Nwat+?Pug&xHU&M)}cYo5Jc
z_4r`>!$(OstfjVC$MO9VStLGw?vSK&Ylrh=U>j`7H(C`064E9~Qe`q4otq17zzLwG
zo)wiGYAZbb_xLy(e;6uIX7E3%N=qKWY|jP%H5vRD#@EdMgryS>t2pq<7m+qoIkhyk
zNGnz^kLZ6vbr|+Rx^Ct>9#l)ax1KL!?%&r(G}Tr{Y8(#^pB7sTQ{Uhxnt95gV^g-!
zH=D_B)@G1mX|IRh6wWv2m5<d}hIkfSe5!KrNRgY2RloJ#cKEL{m<<qNLk)xK1!bSC
zna_vqcRY@R(pKsgv5xW-RnNUscx5T%i+UGT565nOe7g7NsF)m{a43XvY5KC8ng+S2
zdfVd&Qng*K<+S|p_<f=IxQYcdr+$e=0u)@`8}!)l8*WWZ7Qh9u@F`iP0bJ^Sny;TP
zl1`nqpwjN_UTo*p$yNALWEwhBHIv~5=NEZzzdEm}98g~qZ{PqTcKR?6I|MLk1C>_y
zO#K?~Yu5bIk}vhp%kawmGf5~C!UVEusm6x=vX7NCd;E$b1+plCf<u3nwv?H<X=V?0
zkl_t06-b@V%hp9!Q@Q;2-H|_2fm|M;@0-1Lc|{?1>cN8z8jS*hQo<%i<}B_1w_&Y6
znD%PpGinS#M@g*K#K*cYMMffN^t!H!{M7FE!K1ot%rLf1`<iN3_cx7=H@CVL!;T}9
zA@B5foit014r-I4w(9kFJOYQ>V21JSwS2L+2=bnPg<4oml~*Md@HA>nN$Sa$EaSYm
zf5{Bbeu}_gKsh;h$4}De)6cgZhMKa`Fd0f#s9s^nw-FKFk)A)_dOVbbd_R2}=;o=O
ziz+!9(xS+)v#LCg2)x2x2>g4RF9&5TA*r4%<m;Lv#-1Ug?mRVp<bBvl-uvSmcq?_X
z#3>gJd#S2M6vb)PBK9o3p>KzTv`e6?>boYA*Jo^mEq_@8m9|@#BKaq`#jP?Se3EME
z&GUMgLda~x-ALd7)t|rY8r<REgek%DaGofLX<N}tZ2TmG^-JdmcGG=)!K{BZQ~_I8
z+zPSQp~IM;pdu3V@!pt+SoGnByaudp)&cr`;BoGcCW_$0-Ft+&FpzHl9pAp%k(aX1
ze3cHDbEW8MIdpyuF-<Uh)i0C%RUPpbx@pZnFgFxD{}H>7O{C$dlD;W1>(zPo+CQlr
zBxKko2qS)1HsY6GAT@k?y7zFwB#{1JLa1>zD5dBaLXjD=*NheAZNj;=k=Kt;<Qv6P
zr_NbklAGq>`#I<SoJuaI89b$-qYKsGl6_=qN}QV($0S|<MQc8e<@g_{xNMAHw>2O2
zpG0>M0<po^YQOOh3=Fd4Hv|2!NrV`Gz$%<7@tlm`+2DL^`U<X)%|B!$j*pOQi)Jc`
zb>cl+dR(Wnx^7IR3TIM)$^rT3toguA4Q#MXkbjyV9Q)EC@FCT-iAnOYkjkrd_ko)R
z$BZe`7Dlb71qA;k^X?#P=VzowSp$qmK*5}|PH`E?txSoiMh$0c)%eL56YS69?(iZZ
z`AuJjRom|IOvfEG+v=%5g27q{p<mnD-E)p=Qc%cer+|t5vB%r?MY`icQwjHe!{deL
zJs2VuX7_1i-dp<Mm*su#?MNBify9E^=v5=-E-2>CBE~#f31uB*ygz*^ld-HEFTotX
z1h}GeueRg^Z=L<+oo-gs!$d7C%E^)%S!i#YVk4alJKCuL(Q|EQIrq+MfwBzu$<EUM
z;tV}$F0d!S{QOaz6?cojCD-2slF4;qSl2Ey5?cQ>m-Zxl(^bu!l9m*eOItoDImR4m
zbb~nXtMwM0AEFOG?R2riKbnxy4E&(}?cg9&CIPy?3(7s{sd?;q^>15ncNLP|ep>gq
zI}rbHdMN>dfDswJgy0^Qids;9z1Xu8|088bN+vl`fVo~Xpy082sgL2yXZi3IgOWdy
zGJPiSGi^+q(;iP~je9&@d!V$OYdAV`^j%uAvE;Rg)h)HVYfR-a!MFO{3sF%0al~i5
z`<`_p_!ajEFI!0IhS$SI;MLODv-TEo|G(9y_lpt%TTZj~Y(<a^GitpZH2y`^re%&;
zJVz4du<toTpl>MI7tyrzp6SGqQ8J%rTOP~acX%2<Uq&tb3iNo=zFqvRuYPs)&@t27
zvcfm$s#a@iwLBt1o)Ls2$4?3aq#}l%H&vX#D<oRdU$zfM+LxH$I0W9lddLYt*OwEU
zvK5a?-u_P5?3cc3<A%aeY;3`hG?)u3CH(SA@`Lw!*R?PLg=y0|JfK>43+jv){U?=9
z6Z7s&>n!)z_oC^Sb;zx_oy`w+buuZKTLU16&;Olp251Qspo5c<YU30Na{kJ&?p8BC
zCTjb=`L(}+^`jNuLm|Y+ZEweNZYDQIz0gD_E2;xV${5B0nC!O-cLkT^t0&8MM^hXE
zA~57nag&ls=b6b*zM^-^d<Baku4h_3CNgJtWQ?$St3}+2cNw7>0v0A!Ht)23pJbbv
zueS_F*71bJ5gHfo_P8?qt8Syh6haA4_nKo?#>rDL*R8IlXN!SLj=og<k}jBRmQ<bZ
z9k<A#-#R4*R?jqoO!(gf6jH($w!P=CI=&SPA?QdFTxKLohb(vf<qiMbKmH|Kso!FZ
ze_d)T-QJ(1#FIPfcn1+mlxG^)!<NA-@h0HSF(z~~lEoBl3{}lz)$cx&%|AZ>4Y`iu
zFU`X_m|>3Km3-)l(lcp$e_hcKRpSL*lNfUtJ0A#>xLR(1oJH5K)MMc>g86#nFe;VM
zpNSH@-^5-y(U{1{x&DWM&+G6r`Zeh^769ySZrAPyDXmnfh)a#GN1Dh*z5z-jYl(iG
zlrySAf?MnpOtqUmpNTbKvUjyn_`xv3RKzA;lR`60;^`RgF$oA1j5!@hc-3EEgx7x$
zueI73+Z;1-kJrnW8b<2J>fcif96{h@7_xg$vJt>TZ^!&<wb;Zug->+=$i!EXulUEe
zNS4(4)xF+5x#eDB#B0oN<L67o%Pfy96MkkjHOXX~Zqn_fH+?L~Yhr|o#4tj^m~gf}
zJXt8vWq`@8`N#7yXk#$DF<=XEWtiHI0}_V8W>Cu*?cZmjN8^_?+EXI&(tAa#zT3zU
zo{6zXR!?B^&;Q8B90<JM#=lE$vCwj<;UxfjNRKMalFALCDeoveM$o)J_`s07;7FID
zuP#{?8@QNe|3KYk-X1Ht9#IfI7u+Ht5vc@;d))#3t-_0(#@W4P@LN}<f+F|?B3UXb
z9?3T>)`uS3AMbLkh8?ez3KJ92Z8H|VQYY-W`N5O*v(mv!WvuTi(DL-k96spp>^#69
zecxb3sX-!m^)rL46Sk+(@D*M-T-yw)W<?F10wyxc_Dy0acZ{%V`g=OMv3O!>FI$-+
z!C*jh2Af=**8{{-^?oPtgx&l78=hX-*%fwEIDF7AjR-OHE_Gh@#^G%pdSJg7P{9rg
zR!Xt_mRa%VJ?fH{SLNfQKHMNY0l0x-r-E3f5|wB{0^B{5YUS5o*4pClLBU8ely%?C
zRiwq3pB!bt)!O~qTE4;4#^?4HIoVX%^a;`Heg!n#F;!-*q0A+v47^_qBSk^gMZsyD
zJXkros-H_VGWAM)Auw290#w<I#*&UE4bKLIY0-zOzUc_?KDs^Y<c)+0)I$WSzB|a=
zOpEO@S77qM507`so;0*Cl2Mvx*2NP{7$S7+9oKbZpGk*a>5HekuOTdQ&~aB~(fwbZ
zkv?PFtPA&GFf_>=)q?>BF!ICu*vw$ip}I5D-CM`|!FFK27`^~(^M#*LMq~}irNqN_
z;J+lJh@FSC63LRL1(5@t<<zenB~!J{ZS91gc}@<oyC|Yn;-8t&Gh;I;$a9lu+ZS{C
z$qV_cM-2L7!!X!qns9Xzn8Sa3m}7>jF5FMRGoWR&x&}kUgwY^lzhAUg+`I>9wqu6D
zdl!X6=EEM}csFelAXWfM#|U6PL{8LrBPIys-&bb+WN~n;{UD2>{&Au(2v4kK%Wyz-
zA0G_05AT4J@_{3*{k#>Q9yjlxZ80?_az=H$uBJ5_T({epIr^s@{w>8tRvSH4Bm5Z|
zMOZ%+k&dWpHUWMv{gortOwE>M%fv*>`jfB)ug$ZhkF-+hL@<|RlA}Yv7A){Gr4ByP
z?LGex<V>#!&Z5Fw&=F&N*OJ&f>3rk-(2%p$`fXBHPZ{kd*op*X`294mSZOWLuPEK3
z<C=bs+ULlHbZoEVUwFufu7txq+xZy=++)LbAU*nQmQe&|4wtth$BP%-X+R8~*+qD*
zxR*14{=WWkC-ASGjmUy*)3w%+$68S`9sIw_19KCD+LD9g@!zDt0!Tj6=xLrxTN_i0
z@afdLG#G-qt=3>i>OY*(jmF>Oevv~7_y7Fv*){#b1{fW%ulJbw_{iR9T+T7`bz0VI
zO;qhOtbAR%)Pc8-uvA*Ki5de>SBynk`OwTS!mq~!LBb|tde<zQY*y9kT!Fy5*`kY!
zZ~{emsKHkVr0TnejDE$>4jI(iP0qhxnlD|v{I@2)7E<Nv;$Yj-95MSGCI3>1<CbH?
zW-4N4OWL+|KffeWa!xO{`RV0|;Iz8`+~<APk)nu;P#XaKE`2mA(sco2u)k}X;fu{L
z{*!igeN(PAOF+qr9B@|`0=dw1jHPN~axd>z+RJ`|CJZTa)>g52zsM(5V_GmgDKvXp
zUt5#<1nj@MP0q2WVoW^<lDnIx*W{nfyAu2PPUnpge!3Hr0yo*$h{}FU^`5<b`uTwK
zvsO>z<%dOOEzFH;*UzTMo%YqgQl3|91BK*r6X{7vf&GJXk(x|^nwh{x&CeisYilH-
zY7}Z$u>@;{>h7%~OpS}|G@18t;P2|>H7*&#!WD&i&qOpx-+ysNb+4-CmgJAVB}pdw
z4Q3;6m|_4qyl~IH<47&>h$CqW;3{DaBKhDJ@JRKzeUDyzh|<haB<w`S#(sbFb#8Lw
z74b3&wwr7HtsZ@zw2~G0R6pLTZ}{-|>d6A5j30K!A~{DHnbE(Y_;xSj!<LUgL^>fZ
z?6CA%-2HWL;4gl+wcxC;vGDBYxxWu|_2LnQKd}F0c?dQX>vzuaidFAJVh`U)pZQgw
z<Cdg}K_Hn8SWhPKng7Yx#I$Sz5E$5NCkNbmJtl}Jm6TC!1S!Shvhs`~XZ3XJG7~hO
z$PCuUdX=-lzV7^Gv4$t$z!^_P;1wI@+XKAjM4}qKU6Mef{rssLFOwz&F+R%fe_AVp
z3&W0K&ASqv(7n|!$Pf60W_cI9**5ngSNM?M91xk`BgpnOk1^o8pJ$|z99{o`IAEXf
zYSAyWORjo78+on~>7J1)ZGZVM;jmim(*u!!PyYXUc<q^zC~<(Em&CZMf#^52M!tAO
zy~=D>vU@}2UysaXJz4=a9PWchS@}_wF{r(Iu%AS4`!y%Qr^i&dRk^iU%kz&r&DSkG
zzx)YY<6h)Oa%4`_;Ej7N$Pk7fut|yihMF2$TC7m)8J3#fEi2A7Y+jwjAZ6ewP-oKN
zhd&h}O5RJs07XlRx8z1gWvmgOWjvDc&BOBwjCQ&-s<vRpySo{fCY1klUwCI+p8V}7
z=1<3_Mj=|fPjS6kItPz?gG9R;b2%!Uwy~QH-e*21NUpT95ph%h8M{TU&c5H&h=u7c
z*;!NpKJN1xwO4S9w0q+7r_+VDdIQ#c$7=pt4tNgL0s_gwE_GyD2b-QQC0AeNmn)XT
zhwn-9$=t($+9!AgRa3VEyMdm@^er2{kX#mPcw(zE;8hzMPl2aSfKo?GckS~65X3Rd
zZpIJ%>x3g_lQzwIA|<1kQjz3l(FlCdUwSTj?L8Z~(%CNu<%2P=8r=-teaUw?q=xJM
zF4W7{b@~A<HDC!fcj8@<8z50NGV^VFM&c1c)nBFC{->uEz36&+h|UdFvw>di1P${Z
zd#9r$c+z1dOzWYX!)n~tKW5K%(m*q!sPyz|6i4d7JRYs)xbPxy;oI52W!>$~!24&0
zR3d~CBv3viEJ}pLCh%`y+!=o}OFryk`-j>lwibpTuV0o_&PP?6*ACMS{v|xeEXrd1
zf;p>DyfU=4?R0U00p0uw{Lw-H3Gkf)oCd`!i}T1L<gt5H=Qv{0-)d<|hrB6cg%^`-
z4PUtC>?+#Q7dzYp?bUYXY+oJp@CM#tM$wEumG8+?0sU4F&$$s-uD}L^<#hcJ@PkcB
z!#rA3{Km8itpfVqOz_gdpJ-d5Px2*YI?{Js=)itAMW8w#M1atjtg~$?pm*Y(b=wC*
zRti+vkob&yOr8oTU25=xlr)_=rD<O!5M)q!kxxx|mt6Vfr;YL4vsW<%${MJiOhV$-
zhKN{0o&|mRP90lk&u{r%Kb9+)M`}r5JUTHFViyh_9fC~|dSXT5++SXB>+YJgcQiS#
zUh88RW{KEWJ0QtxYynR$4LBTV)mHIxMGubsE$ZS!m<omKh%4Rl_-Mk%iDXBT%P&JQ
zZ(^_mj|Q*HhO*y-I)$F&hJH%gNFRHEDfSlX!i%u2wjIaR0NMo}KmEab>l8f|7X@^K
zM>KMixtyQWg?!A=eAVwXrBl%x5wF~yc3NR3{cr^Q=|1rBl{Pws0)xp9j>^Y)NM<|P
z7JxeGkZOWVd8x*i?+JB+j(HK{7>27^%|#S};he|RZFjI4HT9G5Gq&zmeqM=?YvY%3
zr$4B{PJM}`km&6_&Rmr-YtIIR>^D_Di6HjTIi8ulv*>C2&fU>teJbKWGBvVTuI^7Y
z8&SjzEWuc*5g^ybD?o!Z!Six`hxE9*XQf@HkY+Het1rYWv{JTf|7F?Ins|*Ha19DZ
zg>vCliBOo0QKkKq#70qg3&pfVFK}`7ugc~IV4V#v<BAB)F@wL~{Ea@H?HB_Md7NK7
zGwBc^lN+FxI4$aVru;(}{T0)#6$wh(-csy5x5l{`ZPMP!su$XOaM9@4Ob)PXydi#Q
zyc~J@ml7kuLdaYdg}e&vpVsf_Rf8k6r}fcRZXM!KI-6mRgW%z~@y@w7sN)x!w^d8G
z8FLje&mKHj5NudopDs3JEhV$sKsvy=91;!=d}hko^f)+$2~Urb7I=dkaxPq$A@vl0
z2zzZK@6y<p9M!{8z_J>8v+QiQS2$EWgnK{x0j#ARODlGxGL*O2$JD2#mAd@2t3LMs
z$4ZOVo8BCwHTB*2*kQuwQPr)307;`Fit%Xj?{5UKn3y<{(Bd-)(52R%c*+t_qSw<r
z68D^E+6+OkI@8CK9Q~YT4SSAFWGLUN`%O|qNz*bq7p?hC3qGxtxl|^|jg3~b8Q$^U
zXUk)-z_3i+?3K;HclV2K#FY+9BV)lhW;kF{XKDJJ{O{Vvl>F<9%~MHlwXrCSx!$i5
z%wB;c>9!RriXo>IcJ^;_t4tOaveC^KE`6Xh^PWu7c>m7@AX;EGsn=C;L@+G+myoM5
zu4{+*3#y=WS9N*MxEa6u|41_9ItF|?7b*ij85=r#@6$sdc;G)pp~H3oAdm(9l<^b9
z`r#-5EU%@VL{hd{(5hu@L1Nj+%fu5wI5$Pn#u=$|dXbJTaXmv^9+NE*Z=o?hP$j}V
z+#;YbM$4QJLpE8Bbkx=V#R%NHA{8`@H$r~RS=hKPsV6QUgF|wCeF=YXk4M})eR4ff
zM=w@yQe$jR08*bR;FGpdGAP`r-ngooFD;P<{8q?)#5TKx1%F1mz-HB8%xQ`7*DWpE
zbP@bR=lZ|&|GlJ6#P}7>;A)GRL{BD8yI2W8zg@3@bH>@PtMP4|Be#3(=t?%+fw4#V
z1<Rw)-`$84N1CXb+4sh^`8+mV8M|Rh4hd~3&un@cX(&fc1cD(<(HOn<*CPW+nnJpy
zam2R)ym6|iwCV|>#)6^exVMW>$sFQ3I-(f@&W_N(*Td%cp?FoFk}O_!cTEx4=aV3y
zB&l{{A15+`O3c#gghID#b>3@Hyc^(2`|=+_rv^$IKDUt0CK;q`*DW5fcbtu0?DK}A
zz!uAyBpQeBH(pagwMfS0QaQjz&NWi4Win2Ab_Q{DnFx<B1BXs-bc4BK3f*{3$A4jS
z;GL>XMbWAXI$nApl&??O##tOD1}RC49jYM`4G;N-$C37VKv;Hk34i>|u?@9Lku3R2
z#xJYFOk>&?^sU~?q@jW?To0S91JD&K!rA^Qs*i$PuB?x4^V_!0gqA+%HJSraT#6&8
zMEr8+*1Ac;!Z)R23KJloJj^Fb9bq2a<@D6RY7!Qu>|4_rltfS8%z^-tzeS`fGP{56
z{0}Td6`qi1XZ*yFTuUcoh)}R3GqKNh0Z)a&%=dwx$)1Nd+Pv2{ym_{F)*L{u&i;AT
zPc(C5y;_xI^99F_uJI3-J>9Y9sX@+MS_QTYg<=<o&gY%i&6!d|EZ2&*qVjXLxK<5)
znY*5`ZGoE)9*#6!9SJm{tu&oZAIE=#EShqaf4jODAipkUV4Kkvg-LOxcqHzC<dZ|N
z=b0kk7KDhpVXAOHrW~}8*8l5?b3`{?%)Egi(-EZ33Tg^s`tEADZ-sCohbAX+RxXmC
zM<IJjx-5uyg<G_010%3o8koFKNDlh<X&uS_S46v<;*XxiLW_U=O^?Jt7ktS;F^ZJ6
zefZI!7d&HJ&)hj3G}t*|3W-s(J>n|48ah$DTQ;6vzWWU9f0Bb8J^W;aXj_=x)*qgJ
z$wvPIC#fZ}9FC~0wY-IEYXOB0UZ=mv+vF-@=P1ofsv8gWc%mq0;FiA9+APOn!_ILz
zo_r7fVX`aFe|S&SKN<`LDTkjGZEvQ+Y!lg{BGV2N=VjKjH8i2aaz7n0i-~q$Yo?5M
z&U2wg&WU)VenLm%n?`1_3I?9+yxd;l*zigU0HTKX&954vO4iryc<cZqZ{PN8r%y*x
zRS6{(GNM^L+w*^Xmw6&M7s<0AhQI8-eS$e?Z}diSf30lyU-FsdaAP2h6``Sg>-zCH
z5lpT#4aFX}hW(fvKl8&umXP#?>bo|_ojGw3JR0h%jM{V7O$htSdUVce+mBE--H{I%
z5e$E-IlqXBaUmy?C)XOchQ0)>QWaZ0sUb1X5ZWp**V&h|A+#J4c9OAVhv<f2f@qVl
z$;$}t1}f*Qa&+ejF#wbfw?VdkgPC-8PGI-C0}%4s2%|V<#?yMeA}q)YS_Qs3BTMlC
zWa(s081)ekN$2Q#+{I;r{hv?r_Cv8_?aoV06%yhD1!^{C;jQVpxzQntR6-)}1YK_b
z)&}+CzQF>{@C_{Em}lp|)oHlsZD}BFl#-9F^v49$5C5eqe{^5_V2lSt$13w?1^{=y
z0V9fe5Qq-i9gwlODt#OJIUXpQ_DRZepX;y8yaWG88p~8Al?*gV@Qj}n<FfE+O~-*~
zli%mdwTnN1@U6EH7MJvE0`9<!5UNpQ5ah*<R&^hbww8$B{mQ--1rc-bx4dmyG-24U
zU!n88%eq_MZgLaAruKM9|NmmH^Oh^+9-7$EkZNfRm{!K01Z^rC=dHk)V|F7{WhT-l
z0OZqqiN)6I&5r8CJwh#lP5Mv7^2_|wrP5cH6;{%+J7!1c2vEnRV6JjC-$vy4MhLq3
z?s<pYk0{|C>*=rn?U}~#5WP{}vWcIz)coW<*5X~nCU@r_?O&+K?QxT-b6GItsp@pj
zfQCIp3gvJSp_L>vhiC3i))+<VsVhz3N#~{U;|nBerv;oiBn&~cN74c#B1X9hBdPOm
z<;JZosDbg@t@}zZ!WFoNeq_AkQat>xbTK@wnjqnI<EzlUZH%v+%ul$E4+PN|m>+_j
zCg4(9PzR&P6b82E!<?A*s5HOtKWEB#S{nJ&h(>>TUmaWU)^-Tm7=IZ?gU3%t$r5~=
zm51$~lY%+nDwW3oG@_V+EmrW#r}}GBn!%X1F&tRxdz2C>qTTGEY<qq0IVHo?$g_-s
zZ#)Z-XMRT!cT>vpe7#$C>M56Jb?}*D0bktwWjWgj>TPr}PaPLus5M0g-mWNPYM$S5
z2zn`C6h0^?C|ETlBWIk*@+YRyWBqh{j*5KqMX9;apy+P_H3v%U_z}gGZ@^NLv{=Zy
z(fP`<BkVMu2JK%*&s+Rhx$WP;7gDOp;%u1kK_)*Uu`{S60c^0XLW0CC?b83oc@vq4
z6F**c1!EEedEw77!{*|C>9_nrO|eIaFeTxRmK*)m@Q0pGgg*Ex?ro1zJm0Umc;Vkb
za70Qkw2CG#R7qe|wO8iqsYtgrez?&N4IUO;Kxtm5z$>KZ@sG&EaZVZD4nIxoaLmg{
z7&36>AUM)7v><&XoFu_&p5pi+HFc(rQn2}ut&aZXJN3DL;H_x*jv<9IO2`HvK$$pn
z-bgp+g(gV1sj-0#SZBlGu^~XL#FqjU#h=yP#PA;bEB|S{vXc#2_6+e}z%eJJe~e!&
zq%iClR%0TBbyR$qduFIxjLN8nMn%_VW}89XPyPjza`Pe8h1K9aa%6aXd8*8(|1Qz8
zq~kWvgHd?yQK7Mo2n0@oIUPmbC8XBHE`2*(fhwbHB{tloW2_5cI)BWJ0@DhlBj8F#
z`)h9I2HAFE7cHpe2HF44g^#s}!4{boX>TyHMTi+Pm4(uYBa$t6_%ab}rj`OGSHl2I
z$t)+M6fEt&{t%b#dc5QfT+%GeE3`YNnr*Qmpu?Jb{FaFoDTYm^4De)a_K;BZL74;l
zoc4G|vhtHFYdrGjplR>OyM@T#*Y6rbY5rpwXEnGPllqb?m@Vd36e-peYRVRcu{VA#
zphpf=5k-O_LK_@?GIR-@G^m^Q`@r^H_M|%4*f3}6fEjYk8B?05EK>st0f3r=r9QeE
z7_-S7Q#QxE>&|jTRyv~46&)R4sDm5PJ0Z_*Pl<?~HdStMPp~~+E(wTbj@XnK{l3oj
zK1kLJ+)kciAH&0g(u8aSw89-l2~jBFaHwV8XN3tLRN6n{z<JF@Bg5mGp)T7>ZLXN$
zn#WaEs${tW8;o#3$xN@pk^B44|7dpVzx-zulAY`S%J_Y*@hSUaMkLBc;<)+xSo5hF
z_OkaF(cI%r)NW4T--$Pq5D3SQ0fCoU7>&{esS*reC%bWwVa9lW@-U!zA=IGGH|)<l
zVL^`FvW#Y$$2gC|5hw(;-Z`!Y*Y_2;y(SweBExc;q4@iWmIIHolRB8shWP&U-q(Qf
z#CyH7Rk8h2{sR-ua5QY7fGCU+PYKhbZz1q;S|RV$rYh~<^(*5knH0Od@}U-cx+fLw
z?vu<qIsj!htN|q9K7QS<Zi;)B1&Lt8cH;HZJhQBdMmAchh}3yfVA@08GqKT9?+e@$
z(c6{E>OM#$rpKHp)I1FbM+Rd8M2#!i%2r_uIo+SF{Yety*0&Y#nc}Iu!^6#5Yd&Cs
z!xASU7WAkf<8-IhhO)m?*nB64JeVz)xau6uK%w{znJN<?;rdY|!a&~nelMsp!16^X
z6BCA#*KJ14mIe#5g5$6-f?>7itrC6R>t1)^+!=f{n6mn9Y*NwreI^)kL`GJiFN~FD
zp2Ds_#X6ZnhWe0g=JVbUG8UpLsrLN;+l^_y&-oi+pzXE%57*=-*)kZq$%G4w{9I&*
zNt>wIkWMl3Q@-2pVLSbF-XGXh=FOFqC!919llBYM@rwQr0F0f60AVm<P#iP8eDpQX
z_YltXbQ&%t#<6&<R~mCS;RmyyF1q3%aM8e<>#8P`yEh^aGrR0CJSP0EmrugecQ}Ng
zOi_c#&`@fE@(+1Sti%rs&+e5o6bQ<{l~<?fU0DX*T|r64Wk_JLgbHw^vA0cwqrvOK
z;4JefnI?DW`xG7>=<)09;#vkE*vUtP^T>Dgo^Fgz;0Z@0R}E3uywG?Wi3|+W-)Y6d
z*rRXD%K6hMxWD*jpRTc9%_f5?Fe?0LkDnuVuz*DlzzUtG*v-H-n0#1a8ouL=D9_1t
zaF?xJTEA<gAOU!`<WO82pWGiNrBN$rSwZRKyD^10&<-UGZ=6k84Oeu+etQK9Oz<Uu
z3I!v&Z7VHvgLYG;)Bv4e##k3TRvIO}v?CFo?^Zlp70uJeOf_UTF`f0|*qD2eXe|R0
zc<ckG?rOy9m7yXD3JGIEekd&UR^74VvIHWq$e2Dd@xf-(ph+^EZxx?K9zKf{em5Y%
zpEgWzeW2L=ub{sQmI!&02n@l9i#@Fus%wk%1ez^R_7o~2IL;=L+w*COOvt+v<NoPo
zJzI0>=VeTMP05D=N2>V$+-VQEcqc7K4FU-w|FaSwh(aMh{1*yM0+lPsHy{VG2Hrnq
z9`dMg5NcJMR~7nrc3KcZlgMYeTo!u<gW?6bvo2iBS|<;0XY{^!J#f!x^s?y}(!RmF
zw3Z1Z`#1v$ZU{i};$*-(0N@@KN6ym6S2x`iyKV~?Pyh?NO$gJIAG5LaVPKSbELo&-
z-c0|4I^VY(NS%T%^LOqR>k(CUa<_4~6z5Q(Of(D3PD_c*3TK{Ti<xWxly!^GhLqG}
zlMvga>6|;iZR_-RPjrXWA~^awa8H8QjGEROY|c5;#{_8AZ2NOZ{7l0C?-77Hu?UZe
z4KF>x01^g;BNM<fYWU?ZtxZA6&Y-*{O7I)!J#`0OR=>ql_^^=%A5<2ckoJ^N07+QI
z*^ir&JR0_8On5Hy>tbTAuaCn2ZC_=<DP>rL*GG?6VKy)zB?3BsK<>VNxI_2wr$#Tp
z@4)-klMf0efm>zKP~#<Nfs|1+IE+07a8A{OCxg8lsdiS}8Maf)V-E4=!T0FxcQgb=
z>1ND0Q7*Aq`zmMaKUBu7`uMIVjPt9>z~66uK$GQXKg7yPoC~5@1O6qv$Cyol2xuRE
ztEedP`dX-7{KEs4;ul}KH0odo8*I=@Nr4m&H-jg#1bqg5EY;~=s<EMb`(%w>KuAW_
zkicQc_HRLT{RB3c4|6DlVGyd!jG+~fSM_DnR*Zzo9wKwuofNxhWGU}i^l&(Y{1`mq
z`|5_yjy4fn3rFG2u=f)H(a*b?sGPRb?&=ysFcb_<Cx->`RdtYp5~(BjUtxIEwqYMD
z48^c``hjwE-mCU$^*fj9*<ESK<R|8dn5$Yd076s=83vrBJ7M5Lb8}hoMKPU721|6#
z@ofA#kW8M3n!U%vbXpI*v9&;vTa`^Rd=?$U`M2_C9yc!VX$N6~P1Jy&VEQm2VQ?rR
zjBkLAR0dXr{f^}LIZh_Ke|oX8t0VOYtq-eq*%JzF3$gB6JOmaWvWm-601xUDa{p(N
z7T-8Rn0&b)1Z;ofBl8ozUhKwcv5b}9a6fEn`2nBA-0FK$zlSsu_Xc3{(AUtmfI{Ly
z(wNfm@KB62n;np<v`llg@ULm^`P*!V*FmG1*)lJNCiA_U1_de|1++U=hKB^GJGh`=
zR#|}|K=4Nt3t*qfV`Nf1g+@?T%j<fCMqXqu;K|~4a$7wNbRBe%oh>U1;={+Y`d0Mk
z-;QI`vo+tNK)=fyJoq@u1_(+^FXQK9Q-#H{U=8rGVFjgej!&LnuQ1&XkVU?%wdEcX
zXt-dYUA8DedaZq==}`MXnV11cXH5t*NCd<F^xaaW&hCTwAo2-jo}ogfuU;Q#fXnun
zDvrgknP3iFQ94Z=DeQp2y{1=ZpLg5*_r^IPBQk=@P+a~jd|;OntdE9;UnF)Ao;xwG
zt;$jB^8AKN`pe+>K;5cLH<!a+U1+BqPRren0ETRzJ2+3s6^jD0z!(8}B7L1PLkIXV
z)$I6oPlBmUu}WvQ_m`vpeE4nex%&nb4CR0FK}Ti!w{zo3#H#DbH^It)+i&lIz>MBl
zKo1|iIXn@gD18D0(y(mFVf6Gf1HzX&8pCq}OmN%Nr};#UeNP?q9jbP=A4_)3HtE_<
zR#^Ge-~e?ir`Mz`tm*tT>u*yR*dwejHAZcmLYi7GAQob#rmu-Rc-eKW@P4kIS5$%o
zG$2@!I%4l`MSxFM-R6vOul;t%c|-FykQyvzW{E6t83j@WSdVBQ4Gs<qRMcLbEkK79
zuq7G)Rt-53<CgA#W||}H7CPDn;fy2v-_sD1!DXQzUP4d_hyfUog{7w!o;oq2idKm<
zPAgnb)Cgv3(l9Dz<r^zg;xss3yTS*t@qf|J?zRr(G`l;R3%F?_4meXa6(clLfkmOH
z*`}09sZsDCs9C51X`dAc7?<&`*i^X3fb^o$#|l3yKus=#?Lz+|?XJ=Is~(xN)i`kN
zBGVajlN9@&5n^LwV}{UA1mfZK)RGxf1_oQVGS_&)4ib%OWDh|ruP#d{f*83<kP%!q
zH3R}LX^7d%HNq}WFv!(e{}b;yiMHFroc4J*tN@CSN1bS<W&;a@GlKPzK+I%NZ+<Lw
zvAoA8*+sn{ao}vJ#wozS0OMyCEv-ZxX-3dgzhnmvBpfbgv~gfKHUHTJ0Z6r!pg4Fy
zWf=6rSd}32$XM694Y`{KwWDY5)0<?;QU_YgB5Pqo+*GoJe8||Dg{3I3^M2>s`*_Lo
zy*z?SAT?8{1rmcQ>9c|)bmStG;5I2JAP&oB$8cea2kBY;me>vj;NSjt1iC%McB&Ri
z^x4{xruEBB40K)O;m<KOp)89HW8{cHB8CkHW%=J9Si!;5{3O8Mpp}D)pE69Qhu-bK
z%AA89HgJSz=<y0}PBI*Z6-BYAa}ftxJ6{he){u5N?)}Q1s34OIw_tNnhX^7uW+N;m
zh@g@TD6u-WZmRa&G5gIhv-awn8q(TT>7+&*#)0K04sBDf{5Z_7{$968gSw$C2&iCn
z6bo)Fiuyec9$2F`ytn=C^ap-zT6#+j$Cy{Bknw}q07cMr15=nref^0K18Oj|isF~{
zpC@!{4Ueta?H@O)Yu37<C_5TDHnEJ+&;oi4x{b!X&s_$TkQpSErI3|_lvM3`S$l&x
zRE&ISFc3;T<>OF$lD{ID_3^qmVDC=Rj2a|B3I{M&5n4(rQ77Rsjw>~}@21WK%@0pe
zOtaR?a$&7JlP+8Y$?8u~8z<omhz{$rYxZLU4u5X`ML)sdM*bw6FkoA8C4tzK#YI(+
zm{RjdjCEKb$_2v6mNux5%a*bW-OXs<K8Uu=^;C^nuFoxEw44=KvlD*3erfvYzPODa
zSC&+^Th8h=q??VD=>yoxXcSj}R(dO~nnS6=En3Jl=_MvDTF=~~YNljHt#}kffDxU}
zE;+3Po;bumy#qmnLTun{FjN^o#zqPyU`%Ae!iwb+0MdPgw+$DjX(|C`8iYoXOGj>y
z_e=v8Nf^SDmv#{Y=d$-b?-&2Ay61$LVotV1m?aq#1EEZ$3l25o=MRqMgA=$Wrn(YA
zDE7I0C(Ly))tN_=23H|y>L6Mfq8$5~!W%&KW2xcr=XK}3^WE%(sgzqaju4y${91sB
zlo=>v1{dH{66iDU)5m06X2BAo6<o|)k}|Y$^L3n^PPg}J1&j^e83x@MCm!=;wH@eJ
zf_F2!&7xf$A5xG=yI__Ow(c@D{2CTZCsJ6syseCFExPN6O7bw@Tw|q@TRZcgiNaS%
zqf2ieEn|aif2!%_`;(u?iVgl}TbmJ@#KohZWf=eCQ!XNl9RySN0228~VKoYvFb%XC
zcOk=vgP_Ro1t)(kPMh7H3>J}amy}n}rqrFVe)|$e^=X~B-Tkkiq6UaMZ3ILDWdSA)
z@+swp5~{+wky*B2QIe_a?033UQPabOlv^^mQE^iq70)%#*qXX5m<0=x?LRV7V@@us
zxb^f;pFHzET6Uvi#gt#rX$%W1Aw$#DV1tR(n^t&(*>YK|jDQZ^<QEP@LF=D<VXh;N
z16H4_cNVW1ao$?stTx|u$4dtsh7rKb1<H~9%tXqGp-3n-I8onh)ZpYZ*Z!ZENxsh7
ziIP%XrIzkQ@XC=-=E>Ml0W3R@(h38PKHTGZpWUDsW9lai{u_J(db4}<Fd!*R5sVkA
zzK(=}f??%T6y7OFu!`<n^YZ%5Zz+~cg<9M6dM>wYzhbGjm^>WMfSaq0u7)-&YRm#b
zz$f{@0)!!`wBg~ZZ_wP!0irps@15i^Y1OYqw#&jc-ET8&r<qM+Rm!Sg$D8G?xO9*D
z)*ml5dR?cEN}l1vlKKc`Ae}6j9v(<201rk%f=v<ug~G!b^e{!1N{X^8;&=R2SuG4P
zMs9SqYTZS*73zV)%(zdCeEZ9r+b<6p3DxMLkVqD4m@<fwKTg<&ni^ga(O~LjVZfS>
z%Dhg2P5xjmsBzCu?RlMX#%9fGGZV)nYI%LU*nGEf<n{E^W%K*CYZj0a%z>Px8_EO}
zz+-`v7m{Ek3b=eptPudARg65&y0hkyFj1ZCofY>~X7Se(1)+Te@yE?<;$;EJ^VVXB
zG8Bsl2(&84>+xe2OkyE~+J3qIcaK{s<zsH3zH4D~h{w47Kp0SUWExbK%*v^9O4k#F
zZRfiCVQH4`>Eh+AZ+yVT<w;<Fj0Xt|xkZ+(8ry3N0A462*M?~k0f3Ztlaq-QcYix{
zUL~o8riAsoHmlL?NQ{+I$wO-x44ngq42c7dC;G$lz)(z}?@J_062p($C&cXTpf*l!
zV`Go4Ty9cn%13O~t0ANO?r9bK!ZRbTvyzpw^D0|t<DaviR=Ve;Pp_sl+pZ?bs5G<B
zmX$%BP>5nw0`(N$XC)ZsL9jqd2c*sw0T+L-{qIeiI<EgbXQ2ybQ~xgFm|=b7OM2pN
zVe7M|xaNA4q$%zDclq`WFtLaQ5{@TkPl;kt4yQ5Of>bOtJl1ChY%Tg49A6j?tc<Gs
zm$>|_Gr90P2c&_HimULuFz30eEHJ70spzMnkf+kUQQgL(e&KVbs(b)J{?`_h=CibN
z+H!JG1iS-``%7f?zTWw+b1q=_$azcQ;RLo&ODQ=Ec9=CAzn<Pr=E^|Q9XFrMGQZb&
zO7mrVj~@&S1^1v_ELh+I>FMTOhaHz9#$M?1hAL2BO&B3!WyAo@zL#M{>eyp;ck2v&
z@u4(r*>x9K(eBU(?e6%tJNBoG6J8SvM}p~Xf=W4}f4hP}O3mjCek<2&m>Qsfdx>_3
zkj%el5(y3!6Rr{?8NwsiM>dxD^PYEYXs0#T&Y125s<CHMF8E+@sE{DW(POTFqE3=<
zmi%~f)m%SZ?_@5lhQ;XbM)zMv<Zv7mYw3X6ib0H%c*YrOANG33soA9gx5DeL&GE1~
zyu0`djo<xVo*RhK!5!{Gh#zewsuggWo#Pk(%sX>#)zCMB?tZsWF3E1&r@@9OW&iF#
zE51zmWaF=c*Gcx#V)e-GXzTFz_g_d}gZP8MN_~C)f)&jhaoNNsqTYY&V#-h#5{yQD
zuBI|h#M(3koPqMfsOsO;?Fb{M65Hc?f5VmLCA8-X+uhY#ZEI45iR8{gvADaW+G`eD
zD>!ZETp%F8>i+U%_ioj~|8f+cZuwsWFKiz3O0zJZ<+@l=%<h`ss&J@3TyD!Ytbg`r
zebi9uD*9Koo<iH74DWRt?PjkA`j(lw^ZCJ=U47w;?`k|LyQ#S$Hw^CkNPA|RZ|5Qq
zZvK+Mp%34OZ456nmYf#G;(S{j*J3xvLe9@wh5Qn{+Q@(yKrlGKJw!7P_tE-A&@%hb
zB%!7H-Ej}GQ`yMMfo}cJ&-WtuCca6LBG1g&Fa*f&4go=r+`cJaDR1_Et&v>n<{G%1
z(}nuH0>-R*N&MItWv2mWF4>ZNwwuzIUCR{Z4QftqR|^vgZ~gio<TC@~Mjk<H`#EPr
zTCo4U$Y&Pm<e149as!B=zJKR6LGZ7cVat`=I1bVs0%El$o^0UY^zC{?-{|^t(8`c$
zN6C=$V~~EmhjExb{SVR~M}`A7_6Z&l-r;TSRdXQsRkNnZYKTh0k}UY(R^aFytLH0(
zVj!5dIGHaHzq1HWW}MHFTD|Qt_BD_A3A5E@rNtL25#y{*V_Wa#0c!(_d~rO^vv0fz
zhdR}iySjbuVcdNk#ob<+_AlNUZ_R}w2&dmYeYW-cC;o=3KHlR!Bbd&LxEz~kRlu>r
zA5w4RA+$OHs*=J}-xik$rqeBc?OIqN<6g`ay1)!Mu(MMyu#2t73~k`G)AL0hX~Q0)
zT{{FWi3C^t9CU1_1m1*I_2lcADxPiQY}Zp9%Msc?h)8xEyJiM1_m`T?n34<@uJ|`%
z$!{4+)hWA19k_E5G0R1bYXX!*iUw$^hzc};9o#u(cSe2alF&b;pRVzPN!V#<S;%)P
z;0>+qQ`xP0b7}|a*(v+ICe=Js=Xv$~t;INPTW|Vb6xtN|rE3C^oRd^ZqCIQ8ayEx>
z;S_(45KNesAo$dz`emz0b{X&c1?0C+9Dcz^v2u`9o0gdaoY~fnc*tmO-eM1nr2Xe!
zW0D0)v-io$6ViG~&#hl}6kStz-#^~u5X1a%<3%Q_Y({LQ=VSWp8i!u1)#L|@?YtYZ
zWGS9{5n8h-@TrZU4M*rtBCBtQfF)(DbP8qxEYlNYOMM4V%#$o~#Z$Rjx8rZ@SK)iM
z;Tk%?WgXrjnuTVotOxpO&lQky64L}}yHT(CiuWRB#B^OrN>LR)F=ptsTS)-zU%hve
zO~XR6&KZ7HG=)Y&%b!{RjvquClb%f4d(#)VhN$!qRY9Izb<P5E13yz{;9z8}=Nmrv
zTg7WUmP!tMvfJXtA8I5?x%J*M1<%6oj~ez(-}X$FkPp$1UMkitg>mz+1sVHH%40TJ
z|G3dES%XBJB(f>+?I-@K&#~b$L_|acBne_t<91VyV<znm{1+l)_5~p<MfJ=9zN)oN
zEf(*hZ0kWU+w79@RAYFfPz9sx1(`xi3v*9CnCcHt$qh=x^9fZk_-d|^25xAchnL92
zb>RQ2H_fet=TR_`i6wiRehe9RsQl2J62`W9q|6hA5~LjY(9Z{M1P16w**1V)nglw0
zn<PI^v~c0bUpJD~{%RtDzUqYwNX=<k3V4Rr{$QAsp0Fbr<|J9s1qh~4aMTu(=fZ@*
zI$F>y)A_==FUv0I{34N+Lha+R^{}JmBQl3C9l50ZAAo+vYKDNJ5EX2;CHHq!^~01Y
zTiH6K*_NjzM?a-!LkS+#bQo3GF4yJ)$%ax2qj{MPTt*vb^&Dz9*`009&Lp)NuN6PO
zcT{|&-6|c*M8D{15<6<RYDKFOrC_KH+T?QbPzpB8BNxn+k7?vAwWnG6c;eZM*{|3w
zk&HwwCc<^2IEMDxk{eE{3cliNag>DjD(UE6`qVC*C5iCbhz|(Mv)Cv`c6ypTB~v9j
zWw)lt*RyXU3g*>BAXMIAACI~^dj1{uNQLn>Br`Qcln@#+Oqjr@jZH}R@#R+R_U<Lt
z{6`X5IhpaTp)m+xmhXUvg3!XPp0oJ|<CPlT5lp&yhToU?hw<)+;9HpCl|x%Hw(74R
zg^b^W0V*CZoyV<tSF5Y6K4Y^ga{n=8cv09yWD@nFz)SbU{{qKfUFA7EC=ryVWUphE
zFm2f#<sYNmC)JozGI$8#uf%+?;`G7#Sj~%`e7kb5%htlFL~IO<<J)puE~Ui9v>}xs
zLrrs}nZ|~4*Fh{#<Z&YW^;;N|i|u_fMM{Gz0!mReP^v^>U#(ZUOUgFJDUZqNSJsJ7
zyP@jDdE>N#%D&8apR{zRz7JX+(kM|e6#CZv)c>P-`Yp>ZbvHGy>KW~0?V~5WL#0rj
zZ)e996K}LS%El?l<q#uE9?^XQM4mRg7KwvS_)Zn+44tO$y;};6Qd3!UB7Yft*0YcA
z%6+Z!8XpOQpuSIk@RAF>UySFn$r{XlKaqu{Tl_b@gckv;fQ$ahJ9;nRh(PqIR40c-
z)5?0a`beeL3cG8I4hX08gA3-i?ZWV_m@1Aa%hX^HnB8+#9T$Vo$A4FdjiOnazx}tg
z0S!y(XD*%H*bboR+MVz$6MP3JN4=zZI*u>P@vYIM$&O!HhMJUBWpu*XoBquu>z7}p
z&>&=y;n$i-j&8PGzP!a$`wHiFe}44H<xYJzlezal!LI$_oVf2$Y<?-PRBsU|T)m^<
zNlL+=+4Srf2aQs8;~nzrj`NoMS?pgepbZVg5bqb9p^R-tWOObPrb`d17yEp<5dXno
z*~+av#(fit7}|WkC$6cf9ptWK*Epr4utfL*zZ5P|KTsOH<UFNU>{Y!--#hghTWqIf
z`z+k`5m1?>#~2$K-YmYtvH6+;3?<PC9}=K2A?L51xjxC}#vh=^-p*(|hQx5i)0JX(
z*5Yp{?>GE#YwA)0+EKW`!Rjp80DTt@`zc+;>*gvxS^PxFS6!%D$+kRc5)O8q$lmdj
zi1*2bj!?(9atL9P0?NPlO$XJP*RINz1*;Rv8C>ySRZE|*zt@R0KdL9$jU|V6;AmlM
zku(O4a!tHt_i{3LE2C85aV_*-t^2@_=8Xdg>n&qz(@~a+qPDj7TOb8|8Z?U&+7p}N
z^UzVz%aXM5xk)aVA#dqiNod0fQlip>GRe$ws^t5?_ARj_FPeMOCkgq?P5dC)UxHGQ
z#tbidYo8=q<K0tUW(%_5kQZ{3m2)Op<&y>^SR`r*Mot-?c6-HN4X=KjLL<qy?iKeW
zEIib_1oPQZ!{4C}xl==D3t5;JsyA;xLJ@DB*#_|AJ;hr*9xX^=eT7b>D-6|E!v{C>
zxC<22`S=DUQ?m!pLqKWBd|G>IduVAS(`|vqdhE1Dzs(#M4(96TfWg8ulvV7z<(JnO
z{e%3#jCF&;(!WVo26<@5L<s~YGVOBo=U~=>N|?b7jUyI8r@K3trf(04<?g~q|FWwg
z(341>00qCW{|V-BO(HUT$7$U1b0kbyfQ&rxj+v0YL43NOvHJJ<FO{Aj&y79*eosb_
zfhp7`_y~mwu_rPK{RZ|5x+_=4WRmt{!Gq>f2H!UiAXXzA>Z$}NPR)@rHs9Ne1OhXh
z#n6p&NWKWwy!o8c?%0XRu=_B#e3O-DXw#H#zm-zCPm9vpuCM^3ksXe!&!M4d>rqG)
zAUGf2oHjv@5CyRKO$4U-c{%aFS0{_2@;KKoq77;i{p=c&i9^wrn+KkBH5uKdcYCMI
zITBY7xIoN3J_V65X*Yz3xthOmP(y~!^wVtz#;P7<CHgbeH88R?ZQI2|?oY<L=Cr?Y
z_*b2u52z=;JE_jMrx<57g4}j8l8>p2PtnfRnU8u(VK=8eQ=Tm;2%*ffLO*G#&(P_q
z@bd|;ic9-5YSCXTg?8-^;#arq0f%2`&^koDAMNCnhn?!L<}}cGJWj@PGR%Yu39d`?
zB={k^{eDzdm7N4NzKt=vUK(I(>hQ8MdCNugx3Qy}X+&-UtTdN4Z(<hG%}2NtN=HJU
zj%C2${&3q&g+jprL75m6BGW;gcr?;}&O7X7uw~7MYzYr;D;t>dk1kIcx17HR*K4;=
zVPFK9Z<whI@_Cw^rIlu5n!uTsc8?EtjzR{9nx#Nx>k7JxkD0v&xf<*TNx@)dcc3y3
zPFmRy54Q~T3~$!$Ksgwbgvbl`wk;?!j|P1r16_^U=PIstiOa&se(`B-S2TXf>pNG%
zmHW<&dd}RT>dp!rv6wWn{w-E6?04(6dfz6+2#rpxCF!fe09T8UfJq;$E-T%~te-aO
zLGUuMufIkdB|@90540Y!ty%{OcK8rc%F46pbIw9TfOPb)*BLVgnh(kMuiTD2!ChMa
zZQIv|i?hJIHxwk#`rG%uupehrL7+BpvQ5Qrp&#)BTW9hV-!^x@`2|7pqx}Ewanr!5
zgUfzwkI#008w<R6f2`L>6Ar~lZ{ArJkdV-P2E25YmA>4)7b|yrSP)}`o5f<$4;L6>
zIwyMg%0|yIW~KH11V%q)*O`P6giN>^Z3TyPPQ}6Ao3+(zvLzBo2S`>}hPiZtmPEIk
zQVH;Uxr%7sef0ma_0~~sb=wzcf<vKb(Ncmt1TF4bDDLi3iWi6CS}5-B?pEC0p|}-y
zcg;(`@80*jZ;W>`@<%d~lasaAUTdy-_MQtW*vw^;2Hm)oOu+9>5wlFZfpTP=TEzG!
zubA}x!oX~w<XZo)UTAM}_1H}^-J8Mr3Bl_IVi-dqgQ9E+e1DD<aJYgv0N7-2{{5y7
zy7R^i1Q#+CZr{)4c75)emzAE=d&z}(Q15E`R&)ijZo+?yiv+@uj*Xw)n^Bf*|F-Sh
zcpQyy9+Yob$B{D^Qp92r5ENt$<J!}m=^Z=skvTj7pV}~-t)C!LGBR$2OT1&}BC4eF
z(qSEgLT~$U#<mSeW1<D{rIDui_B)hWz<t2OCNL@qH3r;2r)4~;Al`I9RArTF+d+&(
z(ND1DLy?l-@#xA&N3j>K`2lv=>SDMX!)KjOc=p07E1*COps9!^Du|~4Sk5c>ZH7sz
z+XpoZ%ue=&ZQ2)C4C9<CXmsM$Lw17Cv4=?n1}jHXL1d00Sd;%lBvU-pa6pX=??gMb
z&d9TH;aAs$qS%gy88{Y37?BF9t{+*c6Yrm9l?5GZd%xjRz|R&<{VwA8VjYe&i=kli
z$Z9StdzAR2Fys3&DwNFzi421~uP<ErN&<dvK;iP|a+EmmK;%nGQOEO>KNw304o*w@
zD{$=FYkZ~Wj&f!I7&Qh)3Ti(sE3t?oOzET?6eO6n1pwbwdTdI5kG$8>W9AapR(KMT
zP*8GbrN9UNPY#ocBU?n1PI}xd2%%g0JmNEs%<c0v`1A%TWksiI<-fBf^;&OomtkR9
zK@_Z@f6g6Y7$N1etGuB-(ZP|gs0UdaDGX}taMFeWB15@N+0=7az7OIi$Eb`61HhfK
z3k(9-?Uggg;B;-rld*>%KvrmSR4vwQe><_=^}6%L#TIdJ)CYBN@C#H!QS7%C5qSv}
z9SY3aHTbD;pl)c$mapAwj~M-!)0ovCs{aTF18gm|<K8Ms+p(9r(c-hl=v*Vo038gy
zahbqJL=ForE9)UVsGkt<fOs{Yh7F;H41w&xUm}(yeivb4He`{3GO-HpUe=kvL`!~u
z*>AIL^B{p*<n5pj^d6Jh%i-1(`F1ngZ!MB_g-joPIa#u+i^#O>{bcI(dOR`;Ot?TD
z)z+o`QCshW>^tHWOoRYoDU<M?FAPx25K4#@VK#){C<E=jL{5@SJnuLPdM;<IvV{yq
zg-}><f*E}#k1zJKO?Kl>rVkfBD0BE$vmzlsJeVULE>5(ceTQMis3S186epM#-IMox
zs&#=Z0C$6-eSranRUulr5@KlN;TWo7z1uTe*WTW?YQ|}94_6(Is}q9nqgdV&V1c4o
z;kw!DB+)4wdBvz1A_Lq(U|-Gl>MhgndQXADBqfW0w=|&cvZ*ja`NOQMO1_J+RY7-p
zd<;@woG5}=O{j)su0#n+j2EHPsfW07n%l+T8+rcoXsf~SD8Q!?01Q}^3f_~C?&LHo
ze}FMEne31rrdUzxPlR@+!QNn^ttT&7%7O+ggQ2CUCJJf4TqUP=ZiU!{heJE*Np}kq
z3YT-_NQljj!c|=;BV;^m-et_8_sB2{LM{(l1YE(eB1j?j_{vl!Qfxw5pTN!``N52l
ziKNxYUA~HdsE+oQ_a7@?BbL910J<ktFl5zcQBEAUWrA<@94A(_(TvmJ3;`QH6r{gH
z2r&)0aK!-+IFI`i-|vFVTrb{8HtIv>w9SEBAYe2FP}v8FgztAB0@`CBuH|`@grCAi
zGM<@yknDJg=h&UncU$+L2V29C)xzbe?nJh4*zEP<b$ASD+boNk2_c!{6JQ{KfT|sb
z7e$f*lzyJl*1l+vwBLvWuh2ax-uGAD$Bi#@`pyxd2I9G<nu$%TtTd}>b&Tdt$E&_N
zxcJ>**b8mJ<w|<_m)({%PPRcfF)>+9LvPa;^HaMZ$leIa^ZsXEAgc%s_zh||7`5xN
zl<xz-gLNoKe}NaGjLmm>X#V{u^L3=-W`3A#WJfD^rx}d4`-sa4&l~ne&Ag%r4QNW3
z`^eZ)$6rBe9_e}7B6y`%fSp81Mk7uChQa%sSUuMeGH%Lsv0dqPCjULg9)Jw5gutG{
z8LoNn3XO~N`AC=bPU|j~p#v*ug>rn5(htwc>$PgwZEn9B2+N0R$}E#O8*R5asZRtg
z-Hul=OEWq<xnR&b?yU67X2aPgzVFdDLhd6tDGk_g;G$IT?hpHByH1C7hcC<{`J4`o
zZF@kdRh>wo_CchvLFfC?I*AnXo^Dpo6;jJ%%b`$J*PGsY!AsB<!+Z*ZMfr~N#q9#?
z=t+XK+|ig8@z87Besim*+52348_yByy+V%7XJdWAI*781kQ}K6+oYJqEU;gmxufoS
zig>6vQO|vMp`o$EE0~3V%O_e>3g4I%1Dq!r82<yLzu9Lsf0I(n7Afep>59(Z8f<@>
zYneUeXGu6$6{Jh(u(l*!y7h=;G6Thhu$tnih|9~%>zAH|ANcNm$e*>H=-z#$OorBP
zvZERiksk7ul@)5IeB<6{se3MKuan<lyYbD1c0mCq(3=e~A~uQjZ!S%3PTF2e-1uJt
z$>)#TU$gyL#yL``*e_4JYB;S4=d@<>a{~;W5CrNEFO;l77>Ye}yZa`4iY|7cem>%A
z{f!fRU2M>_^fcCZ0v?6y5);N|Q!@+h*=VeQETs24c3h9@qOaE23R3t^AxTICu~;L4
ze0(ZO13~(hl2eH<{c^cH&)WJeuhvj)=@;B?B+L|xniXa%_L*HCg1M@+Mjk`A@QP69
z<qi1!Y*2}zSRI)bW;qyD6|Q)^@vJqGx3a^T8s8WgpxKR@V%T4@`ZA5~MQ4w=G34Fq
zavFTP>NJK6!a@pw83CgbNl&9n!A5JK2)D0wRJ}Sbg*4v>PUv{v>w4VUyy+3n!k>aG
zT}=+^qcV=*NHE<8GqwB|+m68rk4ns`;TwiY-F%`lpfVa2`kFBG<rVEnuwjm5jq>-*
z!vN&MGuWdcmcRfAXNe5N_lc6F&-;@#Cl<x*ws(8fQ8#1BWj>Ma`a1vN=?}FHmr#%}
zXNrXu)kuwmF#$P|yVYqTX(1!3Ch@CwR7KAlR{RnlIKm(ad_x+#cy@I#c2Y6|%=8z8
z9%dZ@fg^!-a;}B7r$T>5u^uTT)EE#d1!|80XGjt$YlHZ93iH$K-3rs1EmL6z@7?v0
z{4pfDF^T186M@#qL=%G5Ox=`*WBO<^xn3zbPqsUno=y@9jFDkcHbGQb{8RukG8s~m
zpLE&vd=L5@iQtljdm#z5SLww=U<e$kKL$PqRkazkId?d`bcoJXzPHPHAG4q>8L`0Q
zLN)gL*4GUyR4gN&L5V7cH;#g`{e&YcatOqO+GwS0=)7W${UdSJK0Yx9A>43mvj<`^
zvJ)aR7!+!r1Scm<UOkt1Da)I=-d;@{g6|Y@z^oLkY^a@J46I~alL|L~&lkjrj^k@9
z9<;6Vy@}Qu<1^pJuYv#yj9B5A<V?r069bmf7k0Fno!$>`dLOLB5TD)5z(^q>VPPRs
zUjl`EM&G3f*Y*ZzJixckYq?#O+kW_1m0s)Z0=X=s%L$E^4oLQmmL1l>f<=Rq1q^Wr
zA|S3_RC>z$b3OIRqn|C<PgJBfV8;Xsg~yJ94QmRj`;C%J$D9bZ7fxA6U~kYwl;WxU
zg@OX!E6vd%MKw`@Xk$gb0^s4I^}WyQOVFe%A<Kd`#QqCK79kj<0nvalteE%NzF0;e
z<4~*b6d9gRiTc=1%<i|n`tFCYnZFDtzVZgZA;W?Uv5qqOS+P^i7_E{<IreTjG>CUZ
zLnf%eIzS+%aFkK86lnn^P!tQ>$e6|lY13S;!Zx9KRgpb)ar3_K!220)O7{JG09$`(
z1S)jrs8GKjsWB|6AmPj57>O=P_?P9tnL>H~n@#h((}#yf0|}8)4iKz^k)f7xGA5gw
zRe7~60=N771arE=`U4*Tj2{43wb)S#42Md=86FenQ*-a>a<};E?&2{iTVclQkt&(V
zjjO0)&kl!RU;x;K_7n?;XX^sPU5ZYx;Z3ZsyWw&i-^}ZI-0URkH9hS{o+XCc8({ka
zxsbS!82W2=ofFN<IW$nYU-A<qo9OX^cVS~b0o5j-O_qd0(DL*AKz@jbFEdv^0?||Z
zPiLQ)$1}bnghXr(T8t)H`A|^6Aiy964dszyq$W6=UFRa=C2sLJ?N+P5%@lBPo=A6D
zN5+S?-pZwbZu<%{w3=Zr;5RI9N=J2g&D-(SZsPlxtrC_$OerK}1WTt0T~3$Cxr{fW
zZl(X8GhneN82uJc8;>T3pkNB0j=~ZUge(OD`N*bjBaw1)n;KhPZEaQB&gQ7gd!Me*
zKe?R#+9*i9jWH3bO<G36lIjFxH_6q0C1B8SHr#gPGH^>1)u9AiII1$oRx5G<Dg2Qd
zp3>uQgVFD7)DKt3hdSCkT{%+W$(At2?AU_}fD1@a$24I;P69xMAdu-$@ze#M&wE}{
zt`^?t^Lm}8Yuh&4pJixLv3!h@-~{FYlZ063r*N&Re)KUtuuCvRsyj5<DizNn_V&-A
zf<RC)xy=&~qRiC@P?<8}8t>E5i?tYLHK_u!crFW}XeTNhSP0n+BgBx^5`>YOAM+S5
zzy1U!E5pMY|8V^McA=5v*MqLh@jBZwt^oy?54IH=3o15P!Ov8pc5X6!H)UeWzlsl=
zTQ^0`lD?q+tIwDZAO_?|c6oo&#f#XcX!X04-=4oCWM)AA)LM^>#;9N+CmR)C8Y#&K
z4#hvj7atUh#rkth89SiwZr$6~wy8}Gy<*Ejtr7ioV3B&WJ-Cw<85;(*6A3v=S`-W*
zb#1v0GAnN)W*Ib}Hurj#Y}y|GbJ{SLrvwL8N;~C05a7nYoi{S{P?4!%nz%h2S?!Tj
zPbDME3HgbQHW2hh2o%doYk&lDM1u?YtR@Z5=PvMk+&|~qxb$;3wYL06d10alh)gJk
zlqDV40)PO56Uj26nX!uCxO?O8$tuZ+PIAdjS7rvtMiRyn(<DBrYaS@oZWEQ*%Wbwh
zn>%9ez1dxy`qB3x1SyQ>EhcOjOTPkqvMo%E5Ayb)kk3MRe3{QNiA^Shj!lI=gUa};
zXSLJd+K)wQJaZ&6GGKr63<ymKWGUfe5K3XDVU-~VwXb>ZPBo+Y&r$|WT3jKlAySl@
zl_p7-HjgIPjk#Lkz}4?3hm{`$?#{c~h!iI<#S}2a72_;WRYdv}SW*&pk=WlP+a^J^
zP*Q)zyu(;Z&7G2XBGT>9st9OfJGHH8QQq43tHlr&Q-}jt(ostpSNJA?e0+U`dTOXz
z3<nFpv0J%???kET0UUkupsObQ$ch#sD$>7y%W$jedUx~`f3a?(<8^yFRQWUVLt9gO
z=sTcf2u%cyuTd7(CiE)$5nz%msf=OaLdNulQ2YiLZnJK7iM*~8&)iCR7B*zgG6ho+
z)#pcHh4Cpr!B9kL_yLhfec+^^1Rg<1eF00gj6nIjxq;BM40S^#wqihxForA!rnn-`
zjhP)~q=c<63=FXMsJ23*oW3+s&;GKp<MwG;!!R)ZT?j=E1sPq==O47l2w|ULMEsH|
zjA01|3aXH$-eML%F2<i-@7%qrFftrgD`UVvY^Tjgt_Ws&Q<T@ikRg%LOozvstS|uB
zD1fkLKrEw}a7wn35MhDZ^y$M%UWc7LI#^sl3@#`HL=z(QR$TF$ZCS4IIg7(m&p3>M
zdA1JoaQR*1X{GB`QYy3KrB!9?>9)GFo^^Q{$S(vGb}bYSRKXPQf}5rQqLP}tPaS~n
z>cPlYI&8~)9c@Xly^cnAICaR-GuvZ2t6C%4+{l$KV$0BTXdjx98P8-<>PH%k0!0*s
z0`Zd!NB!8r1S1QhaBM(aT&TNP6RPbQl6@4apVOhU1jfM9ir@^9hS87>9}*58@?!{h
zuJ)x3_9Sw;Z(!<nm}ksX6wsGZL7QB|(&W&H7KI?^gqToCv91FM26k(ZLGTnqQJ=Q*
z<!1|-^L{;7i#c4D1?jcCL#wr>$qO_b%6|v#JuVg$A`MI03l4ybHK|BWB6XD9<;+~Y
z%uN`uX4+H#ijtp~2cz^>8bf##6oZK=4D~e(xNKhxR%_0N`jpE4cl7jwTsSzGl%k4a
z(0v62)_-tdK7airqXsxJQW(xrp^J};!I6f8&te~up{JN0<m#2}1Pp<Zfowoj0wN#Z
zC>_a<nd_H@@|whw-x+XK9RY8YhEPCK$k4?TVqsC?I3O}4zYq*RggX1f*<VJcQ4(-a
zK1;|1ps0X>2?un9LAHadPPRtC2>41XO-oy-oD%|r<5Lrt2ZIy}f*Qt(GnQQxmMyl4
zidzK9gf(;5TmTAHgYz{M7Nr@bDCvC^0zlki7_`Ai&<_(}!X=yS1v$aemuZlKpq})J
zd`n0SP8dM}i~*Az{@IRAs6jSPSV>7KhLnwz1`t>gg91VtL=wYsh?D&U$^%j%OAY41
z4Vnnd6zZo|^OTI@=EX3>K*LScd%tZAIAI#eD3;|hXFbHSel#Evl(od9fIgwCyDR~y
zLjBclHVD;}oD|rfa1^E3eMPh+7VD-_MhyI;5RkZGD3aMxNxJ~ZQA78@7Tj&hRAB%R
z4*C!VKq*`x&=+Lff4pL;_5=h9M<E!(Ng=>MSA7t2!5G!9qOt}>jf!E_2#d+VnhHsn
zLG_$KQhxYUJ|?X5V3VbP&)JqBMairQq=;8ZLWUt=8*}avm`7IAsE3L9!vz-r2N$KL
zMFh3MBh_FMGD`^RqIiIhh?d42YLp59Nbr#p3{H-VvV@HSB>yCNwkjx-ri1Pr6aq+7
zj)AU59f#%Wmz@0aSbeHcVUR#g;Wl3!1$oUz@uNedhzB+BH6;f3fzTfSnux%{bz>q;
z{ziY>Af^|_=99<Dm^NjyHutKYTB_p?g1)w3Q>q~2Bw|Ca!6RT})|5{bmd=l-M5WMy
z6#=j|PN7pZ$m)IiRE@LSnFns!Wmy4!)sn^*a)_NX%NwH~Fq@HO8~X;D`6};Y+=&p?
zC58kHuNDIQq}oCx(JoQ=BqQwz)jUCqJmZlu)d(8XimkpxsV%qMUHmH4@J9cqSrh8W
zw1_NE%1@HKuT4g=HJ3FfHOA&OHpg_i#9ziFmRm2s23tChI%~TfY=%^`t^p-koWInB
zk_;Zp#BsPSrdbziP<uG398J2$sux>Zo82kzn0Dqh=1wO$8#RZL;8-UgG<FOqQ91oC
zUFMWq7oci9*iW0g_Ag0a)2@Q8OyHf>Hh26!+2A;YS=r!WWjBhBbOssYIeq6DnVkFD
z0fFe(00C+WT%hX-005&AHXTR@K(d7qh!#tiq3r0$&SN{&KF31-ynf@wysutvpzKPR
z6gT5;_96(2YKp#-8B9`?k%i7|@XY_HdY!U$&3xaup?);+j26@}wZ6F?vK~d`{UrF{
znwk1a?oAJYxTkhL+dh(P^A;Eja($0|Mt_LBhwKQv{pIpYP{Hf$+2vXP1S+NGsNeGv
zd^ywLdC0eQclHd~@}ByB;kf|$0TFz@dzc6yS@53s9);jNK}Eh_B%dZ;CN8{p1n42N
zFKu_`ugnnnSHUGgU%@G8_tJd`{}Tj~dEoM*e?syy5tz9sxafTZ(SLP>Kqg6Uyl?cM
zJ6vAD9cSK;kgM~;SM*nTi0vZ;mSjY*2eSSQc?gHJJO#e4@8CV2J=?CJ-(`|_Om&Py
z9wDX>`9H9b$Rfn&2?*qYzf;irW$Fd}S^m-XO21qmUO@dR^Re>Gd-3(P<-DE$>8?@y
z&&yqp{60xy$I&bLvi`l-?Q8AxU6!Q!>rmvB9dp3*It207dv?9yL#N;*q~*~T;?k3P
z(sAqM<DKE1a1#Vk9$Y_yTtFbu>luOyf_Xu_*F7MRv%&%Il}yO`&Ffo;p*IBbn_?m`
zQFS9`q~v_abk^0R=CGAj(@Bqjp}8V~K2(suS|Y#dxddNHGX#~c?LGL%vlsHf@nfM0
z{$rcwe6k&95TUuy@a3{1L+oP)rlUfKv`mj#t8A~$C}Wsi{%WXsp~fBa!1Et@+*?TL
zVZJv$+hLBYVC>TX2zl6<=JC?SGcbKwZmSqh-J(k&=k)98CIXDaL<5A%gomlk?`kEa
zo?o9miu&`n+I_i{1M|srj_HYP`~aAwf3L9;-Us7Fjo}wA+LwX}l4X2Z4)lOKTz<&4
z5eACk-@oH;HX>FT4uSNdeAkbh$q`V6iIw91<+CHq_B72~CTtIk86vC8v$R4vFxw2}
zAKPe`>zo1Q3Dp_B(Nw!zxP?XaD?O0K>HcdSgh_j^!I=%gJ5fmG(4wflLH8Q7^L^09
zH!4lFLcypsL880^g&RoU?JedQ*T-3nAoy=uOjmMW?Q*t4(r<;bs5dSxWSB~<(w)fY
zSw50J362rzDcjGHC%JIPadIMJ-R=y9dN^$Nwlz5z>Gg<ZjUpU+Zt{*X3*J@LNshA;
zZb;x7YJzsw+$NWW>wVw<Gh9Z9t&@(HdL&3Jzj5Pgl!;?=1pV4rL-A5K8PGnQU}NHb
z)fIn{Je$daW0kBHEQ9a+5*x{hoM3(l9cA%CYJ!?vYj5$!nH;81eNoE`sx552OJ+l8
zPGH35QXvCMOr{sPqSwg8M*s1CKJtCmS{$MoyR6@VjL*%*{GrWqjyV+#tyb4+Bd#rm
z!IrSikqSz$+KZR_sqXmMf5Jt8vJB0Ys0q62K{8AMeS<r{X+Gf_xbgAc7!NYRZ<Y4r
zn*K_iFS@-k?<9f4s|~Kff|FTJq@v)2eQm$^bSD`6(oQ`okNNF)%<HFl>fOwMjaUJA
z<?qrN*GDu;J>11!&8BcLiLk4dyF4#C2t4r}@Vt;@pqzqjvvO#K%cgvk{O8@3`s^Fq
zi~>V*I%iPUy&+m+HFYCWatXGX+3I`l(XzBg)rN1b7$b}q0+@qt1%8xvV<WNuGY~?P
z*EnJg)H&Bb6;sR!rVgDIy``)V2H4s&I_Q1obcw;(t<Zl-HWT~7_xE|aBZWsAwDYF&
z8^#nd;TnT(O@q>h-wvq|)oGX6P!Xsg9wG^Z6uuMu?-WxYBrRMHq&y~*!c-P>nvyZ@
zw(IHnIYpLgVbfORgVR@8@2;0id_Rd3%VBp^1xBey^7fzE_@60?Zw`k+V(F+fQM@fx
zdVnHtiSey{^rh2->?_@{HbnJzX%itw)=zRfu{)^!OM55`VD05AhZz1?)E$08wO`l6
z_dTsU%Ns#PGtwIKBL3@iD@~xAKS91!4$E!xkEt}9!y7Sba~C(1E1b*Eq&S-h8u>*k
zyJqAt#3$@MGHz08|DUkY{5@Q3;D-KHLYz5yVhU}HGslC=q$;nO{3~^Thnaczh`IK-
z4LdS^yO*!hfxkk*!&}j_-|_~G@mtoS<{oHR0i*O-N^6<v;Gv+u4pUlo(%$`ON~Mq(
zrTPA~io?&R{Pd^U6K-%{|8~l4aN+jiK>j@<EbZ;P>xo;<wUs6oW*eQP#6~7rnfWt<
zI-r@&nROjqW;S?Nwd#0sYpD{xw6&!1W+t=KiB~6fjC5k3@cFRq8P%~Iqp&yOClX_%
z>i+a5av>pco5$_u!-jvh$U)C%UFx|#zl0PEhc@6K9US1AZt-Q$=xCQd@mnROEM*vj
z*O+A=@0?>lYD+NDyP1Z1xKYI%l<Oe(=Mnz-$|!BsdT1kzq@c09Xs7)kH9frdN7H9Q
zXv2FCw6XB0o_}2hIxv)f!*6FZ({Cy*LAY60F4H3nRvXlT61BOpg)Dg+?dL_8hluFB
zCNN{sTo84Skp3N&29JqflucG-vgE%1SKr8R4miWQK<iQQN)*^|TIGY@ixbVze5AeT
zFOv~Aj<zM+c4GcP_>BpdJ}0ONnxqPEj+TlYEBTsJZ^Ym8HG8*TAiqnYIVKE#8_<8#
zNvx!J+ZjTc!Ci&<8|@+cTljObr;P>tEysmQ{~x68D^1!ZWRrCzTx0fj1#!bXj%``Z
z)|4q&Vod+di@uw`iQ~U>zBG?!DyENEE^?7h#0X$xy^l5QI#rV{rfAqmi*J%LzqM0*
zQ~$`)7;bY(o^&#EB{~X+-kgInIu%bk|FX$Bxp+A;vE^kWERH30t@xaXeM2~;*XS3&
zy&m-JGXI$Ol@gCu|7&GuT`c*Jn7ahksNya{vleq}{)3CIx=51&flrZ;cTr#2+g{tN
zn3}PMT>U=Uw<*t>dm{}Rw@bRcetGcXSLjwkDz7rc@bnNn4Q#n8bjc%i_KCbtnCEFB
zNO-}zG*QH(ugLct@gV9r^Za~j>lO+RSF5z%uC`|#o@Dwz*^=Xpk_9zZ_>6MnBl%L6
z2}WwT?s`rEb2HfNI|)3c&Rdq4LKf3mXFR2lca^dXA3t0{(ont^OGGqac6xvRIAD+X
zalXBP>S<8wlbO-;clpN%(|Si65}41;<TX59%X|1;;SAmW9imt8@4R4tHh)Cn|G4Qz
zH1I2T8@hIAI}xa5hb+k%RL;QC7V&egQRYS`S=_-7VC1yuPu<TNgNyl=BBz-=axlB@
zvZ!dFNRr0Wmj?82R{Kvt!IN|&FY-E<`7vl?<mhK!XWA<XIJga2tx~T4)>&2u<6Q_8
zz}2ODM~vJ^OKN<%E5ysKWkaSjs`8&iYxu(g?R^|eP$Ol6H6ak?whR*eDBOr7ah3i7
zI48dxXA7O2Nph@&b+IJx6f#baSFAsm)l&7YuQCmhyoPN{QN@N)pJ2P&$Nxnlma+QI
zFO3A1Cl-3a+8zfZblO}^cJFQ392eXQt)A!W{+T!VDF|on#U>B(Qw%hxI3{-%<ILKL
zWTOsDgq%SQKLdm`DWEYYUv#fom@JXlg`pqQ$?i4`CQKWXqow&R;lDl#@+b>`9T4pm
zHQwI&CUV8lYkij;^OF?QAAJ}Zq|wo#m-$~a8Mz6`?tGO4Arpvcmlxi#o&LOQoo$Dp
ziNge2q8;n}O<a^?%t~-xOEO-ovT)AcV%kl^<0N(sCny$n!<^NEKK-EF&;K|K$^F}p
z_qLJH#cfqK&^M-4ZtmJPg)pB!6$uAj%@t3M<o`w<?Qc%DpcT8?^MZe_8oh^t9ekrD
zIMu@?ZCd|^k11cI`7R(2A78-245+?56_=FIvH2%x_E2zhOH^;HwU<`Z{voBTv#lMX
zgHQ?QGI@!nLa*>-7?^4_|G508n+hT=+NSchwpwh|p-JUtpvVd4nNG#H>*SayGw>fk
zi0%@R1pjqFNXKn`h^6drbp4r)oVByH3lu78VsZ~{LuXEZPe!Y@sK=wsMck^F%3`gk
zHQX%A3dN5`ry?JupdEq%ozy?iSc=CsFefvtPC3TC1c7w_7pYO*9%q#AO@2(_rI=b@
zcM_y_oo<oY3rLwLqq4!Aw*O7U?K%d6D+)|eraV>cPrPU}0Q$JjK3j{7C<rQ@KUy5A
z8Rf}H^ra=$G57J}N4!Y`P}6+ELduH8Ul@z45T&(|lf;McVSoxgdXDa}gsulxRbs!w
zeiqVHz5Tn)3;El{tAk<0`ur82?J4ESuWqxfBFDAS(gSt-&>3I_IWpgdHS^5WrK`cw
ztNuE4W#&#0`~cf!OJx`;E(H^hn3~ZWRt9G^k^|i}io$Q4T`~(e=+wQrPpLO~GL&b*
zKVT<H0{e!!-Soc#=_`n(dZ-Bg4&w|k+sVzT@<GTdrcko0pk!)uU`xZPO+}4GLMGfZ
z%d;_QM8tA^Z#Svef7Q%eU^ylenkBjhvk{Pmu*`Xnb!Jd2v0hSVc41PFSV44&cU+XE
zxO=q$Vvy@IbXuuH<2`s5rQ01=AeoQr9Jya2<@4IxIKl(Z$d>LWvL4<w`!upy43qaw
zgnAo$dyiB>1^L8-U>po}N44xzxQ8HfHll7%j*N}_0(^v16e%?%i+woOUrP#e?$%If
zbm*P9fj|yuSCA52S%E0Q;nSWPXETs?W1MdVMNqgm-}ogAHe{LX2Q8%P3a|5AcJ?D!
z{~nCK%VX@fIMnR_>!ZPLi+icH3~bNEn&&l_Go_ft<I9nt;`k>XOS20!g{5-rYwB`-
zaSR#Vg*%{p0RMFDz5a3r+Evy}1yV!Gev_TLQ0c_e_@_Kh?^2eJ6DM5h*b=KhyAB8d
zrljT{$?Vd8Ds8RlYgSPwJ?WYzA1^7t5q-)g+-?2gB7WSVFuu#f_9)2*Epc?Ui}B4i
zsJqYnk|celh`+N;Z(MI{K8YaJs6Bki1v6tTaxuQK{`N~su@#T5VIo^$(rS_@N5Hv6
z+$$fOt>y28KWS-tI69bk3%w18NHGdUARhOj8qpoIbr+>YBE}}pxHIcXO^zOle(4k{
zW3OL(#?|CL=^@j$>jG1|NoZF=BJ!MJ$>FFn(8lf2=-mntIW%<pZ@Uxz0D6UO38)CY
zl;d~A$gAHX1?0Z?)mX1p*KROEpoNG*w4+U@w?p_)nexh~1Ys+ST;0vP+zzc@Jen<x
zd$M$7!}}^C`BUPMj3+#v6b4O&r}xfjXYkuG1CmjwUy^)uUqw+C|5IwH;%WE530+h1
z`}BZ!GRdHjy@gYc;r-*2P|<g$X6%(|BwBnhc{=PsVY^;c`R}8w=sn)zNbEA~WefxR
z(jM<HS7Kws9sBpF@Gem3CH1XBTX>JpEY9`-R7uJkizUsyJyKL1KWkyuJ9NzW)+cpo
zxpz&*Au4_0=H+jp!-cQr)c)lRN4}ER_`B51oRWt5W))I8I|}z;;g0V-uA*=|k^ENM
zDgFCG+QOjG=63bfTbKBsiIC2yRpdHvFZ}-(LJ30nzf|1AQVV|62F6{LL8DL>jsa?j
zdc>g7SKd?kcpLB<XLBZq@sW<p0CwpQ$8Qp%6n60<*-l-$tJaAsMc#ZW=f4>}d`n-u
z+*=9~C2ed!O7`%r2yAJM^3E@StezqvR5_j=O^JM@n>(Ky6gCDfsq}-^p}IEjv@#Ex
z9cJ7H;3DDk_ElduSI{je-MK|kq6O>(ne$HMzzFGLhr=zY2-7aN*aXb3N5k1UPfC6<
z&(fP>B7&mZP5wJ@|0!wfE*>k|M~e`~caBcvHZta^D5u{Ayx(!Iy=d*MCA<{f!AM7=
zWI-f~L6x&VsTJTrFEVmGa9}i_QH#eUb=a^g)l%Yf6L#C&+{~q)^K2Fq{~Z8sr+uv;
z4=dn-R+V*6A^v!4eNAIsUW&c2K`-uaMS~KR+dW4A{=BYbyQuGyF~?AHJkLVGD?AoL
zc+u1MGd<)x;>!`$F@B8Yh&mBs#X7a(h?o~y`05JL0%-jGPr+n!`rUn2x7OW}yP{H#
zmMpQ6mMVjSw<^a)`QkX!jX+`Zw3zqHO@*53>`tUOU$|CXnT!p3Lu}2rt+k~Q2AIK^
zXWedXJ*l*5%%WxWy6q2r(E-)`cszCBQ#S_g$}$Zuo#qRH7{hOX?E_UFjCZ~%4`<+i
zYJAcC(Nn?TBCi7X=(DhhDQmXU*zZ1u2hL`3HKKHLzV(uAI*`d}X1tWO!>k?+W=AEj
zUsValCH$x@|I|hQ!0(ZgV|A6|l>wDyquUT#^b0^1J$j+Q`@QI)O6$brT%t1#v5BGr
z%nEjP$TEg)+lih?0!1hxFdgRYRnw`yF#O$*NSE69-#8p%SnoGmD~d|A!c!79rvh|b
zy%us&1!==c-CI|(k~iSYHqjKY9sr|fx;fOL{zloR-<{Z?CClGvvJ|bl&c_^{gi9YP
zN{&pNqJ&}jAPgw@Z)T@Vlwn=wO4p^7RDMzPG2Y&25L)?$=cN~=TncT&4v)4Qo-0Mj
z*jF(mU^Txf6us!}`1MxAv6<}k-6m<+XMR?L!S}xq;(MFF5tV03_OziWr+qo>^0ck;
zETZZECu#pf`c$H_W7^x@Dcilla;$nze0=}>zg5aeNfz3<O0y3EmzoSCCHtE8x_iGS
zI+aTJDfW3)54p6>Kqb0E<!{K!f<4J$^NcL9(^Qg-zz%oMixN+vbnDYAli8B)1fjvS
z61|Hv7cBYlsqN(Lhd<8V!%MFx5v{>7wM#;@|3gO!ht5^AbG7drmmT(s?2|A5mmT>J
zhWL1OqhQ@}?K?RXU_Z1Zg$6$jsjvx+n;D-gJOI;8sSQL$w2IfJoAc-yPSZ<a2Km0j
zUwVjh?(5$)`2<_w#T^U3TM#@=n>WrZHHwW;9YXB6e<2S<wwqO6uzt2)`=3&#xZrcJ
z5t-@^e3iGFTn$C14ZD~HeAeouUJsA9Y&vd^$(%)u`d3Bu@?FD!5bS@rw0`oZumgr(
zPrDlDi<nvYN2);owWdEIGF@9b+7{jQ;e;)5q>kI~rRd+bw|6J3Uqk~9+%_h!EtL)6
z;mO>JI@FfKvQ(QQFrOicQ!+8_)8!~@EPhOGr$}m~xy7Ua=8bow1pn5L|Il}nS5tn6
z?mX}p7}ruTUv~A;6bx%P%zlO0KeqEzEp(Be#hrY!uK9~;;jO_XptrG^&E4K|%u#qd
z7mO`=vrFCt_sAHu{1d1N8Y8`+<`3iY%<0ok-gVM}gL~s8vejFGX{Ysy#DJP@Pql6$
zfEiKEIU><IrU$Ja%%gKS7nj|vPTg14xjI+VP8J1}K4U})T^fu~LPaK5FtiCYl>(7a
zVmY)scw0lP-Ls)T3TpQHH|76hG>q7Vgb>trmPQd9l}k^2!)Z2CFxz|H8rW~nTfPlp
zr5<Gyz|~^IEB6sFhZXw;|J0YzJ(6Z0NXKZ#9$GmC8*roiO^zIYJ)Ayc!-tzpaQF1|
zA=;mv8*N5lL}E<+1=eo~TwVITb5O1ZKbHEOEMP_H{bx)8?V3Bj?h%%YhQ=_$i^Xl<
z;#28g@22}fi1$QlsSH`qGqfMyvMM;DOoAMzJjV}Xz`jjP#fY61(Ri5F$Hf<vx-54k
z-ezGQ{(WQ92)~RgZ0+JwmOts8x|iauo<Pt1Ut0Bmvkw;;x5SVI-4}B})_av9vvQMW
zf)vId_g9MDGxd3pQO4gOF!5$38eETr{LW<tApOgb8D`l2Ygt{4&YxHMGqWPJ8=0<f
zxkOu!Yl>`+!WzWi`#Vn(T^%6;a_@dmqUk)(@mYq;?W1Z{AhU-g-r-4C9q$HB`{_3D
z+-skPreN@K3Glectc!8D)GJcpRecVQNGQXPM!1z+ZVdDfmLSfT#OjEKYiGIO=nw)4
zXi~eZ)J-OUnO*DjCayQ^ZFd3cnVz@D(aFz89vEPas9y)@Q`ETC1OY)n(~Yga;I`uS
zXHVK_l^Tx5%@E&8Xs*Kq_b5EyMmEkS<W(V%ETY<PKd4$hFu_y<IeGnwN2etj-9{~e
z(>9qg6NQArH1C*hW9sTd&bjx;$JJ*&qcRFb+Mnq+ho!~$zi&~|6hmIk2PBxA8L@AT
zfU>*T1BjGQYjM3UHunmz_My&tw%P6F-QG__;ARd5nkiH%!wE-xkr8rdwzg0ai{NAd
zp|)=T(E_M+zQ3$f1hhCTKoXX?7!XDywX84?dBOhciNd?=uCDz4(>N`r*8nc^qQz);
zZ#8vE%5_nd%nwwZli|(YYe>By>`S-Tb%*J2HfC`#osZUQDf<aQ*<M;%-{0{|!yFxs
zm4(sH$zrDEs{LGUp#Sv=QCdk7iWDLghdwfmqn)=c?`MS8lD*Z<I}ICS!DhLo2taa5
zkwrwV2eXHi^{yO0|9fC}xwn|2ZWks#{wzxV!8-!*?k>)|`kN8x7@OU_P}&-QQKWu6
z$!Z=u@L>mZHnq4ddlz_6`T19&7gz>xgn2U56|jYz3P3T$zge1?j!MNl9xHtQHOlTA
zq7?gmxB23SrL_>jvJNf#g~ETGbt>DN;Tvsh+||+#*?uP7i3qAn7ze8V3(FceMqY=y
zc#-i5x!ioxnLGZ`Y?8cxU3bR(b8wz;hs@)C{4&X9p61?hlGjLtT*c{>-mJpY^9>SX
zg#-b3IENo0vXM0e{vR4tcJ2-}l?(NU{=Ne9%O{|wL5K4<@0ix%k2a{Rt;C%uM=lc+
zTkHoBRC%9}{`m&EB2fFKo{>x&-Lo5=#5y?bMR|;?K4m3$?B~B(^kl?Oeuatfs=8!V
z&F?47AGR1@{_4aDeL2&=?7DYU@sm(~L>wWrzQ0(U%dlgeX4$<k=3ebpclx|gULcgd
zl4q#eM$7Y`rd7<%um4MD8L%n9D8G6)wgOEBS*-?X_3Z#$7tW{S34aNDV)0%kHkxWa
z6(%jMEhv;&>hE69E_`x(O{yt-hb<?{filP;$f4mQ1ov#FPgFNV&e!>$1gGW-6?{g~
zUY8~<honb#asDye61Xb<3(LDONBdpoA*lT`r_>69O07i}R{k*d(@>Q-d%u9-SsVk3
zm$yzSSqYF?SB7lROM!VedWbq(F)?m?y6ULy+vNP*Bm*Uq=Fx_m2XLqk`|F%lZGf4|
z{FM{YPn>f#30oUPeV%g9%AFmwzg2yV=I4s`F+8oGwJ|SkX@7E*_%PxIT%GptmYO?+
zq~`~z9-?y*E<Z;e&9%6!1xna{EE%5v7}KoJ%|amx;n$S*W6n3D+B4t#pJU6iEQ457
zS4eSUYQ4#;;~dtd2#W}-G3_rsE6ot$cHsFQ9=(ZJXbkPM>^fKN@`!fQ1hG-&Yw+Lu
zPcs7qfSFf@$yit2&L9&LYL@RQn^FU0;QjPbwl|LQ)GvghIfueV($@|oGS^@Hem^^6
z2KY*U*zqO&r3@@6#ixD5H2j)au-Za&##8YRySh-m!Gp&0X4Ad!aR1a2+<Byv;K)iO
z@J{Zd!rS0-7E8_$T)R?|KXzFYX>c-FLOiN_iI?$3Zv;HJ{;ZsPY+Dk{HsmGVpuf|f
zdw;mBX#14oS7Qt)KR`CnUi*hM|3Bt=IgujK5d-_iIs2IISI)*$OXTB`m1>XXTmW}#
zGR0Ri|3=DfCgp+l0;GQ243#zalVYmm(BOl0Y8NVvoN%k`k0mt+)KWADbS<#|FEgwO
z`F-H!CE*=5XMjH7brUTmHA*oRuwdlQ)ZjOrag7LG$W#8Mynt=X(*tqzP+j}1zebSF
zvIVUwUBWs3{|?qzT$<0JY5>41Jq7@Jz}Yc5%?X7F7kwjvVNuC}r=EiI4w={}VpOB7
z$9X~(U;ARxk{I=5k)?Z23uFE#>Wk+mVs!U8<4-*Cg%a2t0R{7`i{w+8&dx2;*>Q#M
z*q<N{E)>H)2%M2yTk2h>;-SchZ}SA-t|3_fE+WUjs`uyjS{_ete`8-vk`E3*VeLOH
zU7$~-^}`kI`NTV)xPA}&4OQ)8984+`z8a6IqspF)ZD}Pk;ze>XM9_3~6ze=EmaI%&
z123+KzoIL`@q_*7AiFOp-s?PIds2uboO%L6<2KR%Zaq}0?$%KEg&dCCB+j)dJW%Cf
zhNk5`qhFRcq2!ARchqJG4`uXC5+{-r$xb$z0l^9HVzb*^TaS>@x!v?cCRNOUU9*e6
z%dqT^fQ%cV%wXj)ec0A_nb3Z=^*-;)ZP<P|E>TgZ8OU2?qiK=Ks@}R3{bJ-)#t+pv
zhwd`QRrT#dZA^jVS`^39qt8Y%LQnJ4b7a%D=4D8Y@;?9Yz_C0SCdrQ7KPxjLbT*kg
zxM3GDfdI1RRK<9UBeRC0`h)#S8z<gm8=IZT=3om%@S9t5Ni)64|666LFkwJ^ABr9^
zhrHLS(WrU21tVX}itp^N*~;ZzPZtSV_6u5wCXyB<kdK1mro7T{OdnIGbQCRo1Kee?
z^YguLLT4BzjCym*a2=d1-P)jA*N$MiXI(S5>yrn&*&B1cYC?6?A79cn&w2H{WgckI
z8!jJ~hr&=`fshjUyz13}OLalGLN6=eG1;%~lsDOk(svvkZ{7;7jx;6%0+`X>eP15!
z^#9aqYnd=on6jDGeSWNKo^zY%Ho$mH`p65)<K^2G!2b2o5^c0AOn=<HCD0%^ZJ^r)
z;e@owX4ettNvIDn)ZQW&U2z_#mp-@AMkA%G+Zny)*siDTf!APC+eYDV_BDv)5Lu+f
z?8J9#^cNM?L09(3NMw@Lu6@t2npXK4w;=8>weW;Rsc?Q4FA0H0TS@Z5{obONd{S^x
ztqSj1ad#%aTZ4*zVS~*F1lZG(jG!u;>}1!9`lc|Er^1sQv73<E{if?Ol-zS&BV2d;
zX>uaEaWMfJCB=9A2Dl&Acw7Gv_Ih4|Rmq@BNtj3G!cSra+NqYFecZw<IXxd#-ma~c
zju0K@`^wns+g;y=S{T5$mg%DFylh{?*Uy_6G$_*9C8;b;_fIW2b;4nm^c{Wv%IUkn
zuvwLivp?^6laqd_^5EI!*%eC(Vk=;v;s;DN)`^pRg{TFp=L#LvP`9shmrEbGOO*xw
z=2N!!kmA!9$Uw}Jbpfrtwo__S)f^xa5;)7wEeOq+BZR0%Wl+k&udnplYK6;nU1m}o
z4Xy@Nb>XxRktooS?vVQJ519<|RF-W0YNjkh8Ve>=w#=A|>1OdCMjDE*Vo~0crQt~G
zz5K+i2tbK(h_f8}@Ic^2*7H3enMjf3lQ>U`<sWHjdW9UbUz=<4CD{Y~IS1V4??@63
zHfLd683YdT4NbJr;sWRU3430|mu@;@ddTwjx_z)I>aSUk4MRw+<?r}NQC-7C6Bh5y
z?-M4!T+&8a7S3@rk(SypdH>pUXV-=2EM<MU+CSYca8VMYZG(;Mrk4}Fs|Mlwi=&0h
zcyFj0qJPOgm5BtfusFafR(){@w{JF#wZ#faH6GZilf4Y+A8j4Q&wt)4{iTNFHtI=j
zXERNd?2prtcH@H5h0YxraEi7h>IgPUyvnFp_W_^`1+O%6GYJuENV)pD<<O+7NV)_I
z|4C1|sun~cWiTlF@#v)SCwnx6TduTLG@d8H<DqCvgNRG}u*h`k5KX!-NS0z3E4X|B
zwQgmyC-wYrqCLp@tDz9OQ8(SMs!4w56_QPh0Sv;Dm7v6MfHs+hS`_)Hj82VA3^%T}
zlk0?&)G6H$P_kWcMIov+iRy=3F2VIYh?XFp-u1OH(ou!{^Eu4AaRK6xT$n+a&Ptzg
zz%t`y_}0h3J~d%WJtkFQvG;j-E$_E-^cI)qk2>KHlr$h{wVn-LqL+RlrN;7dJIn=X
z$_e(h6*jVqAGaWKMacY{d(32!Yk^<pvM}c<zxq?s&a|nNFO-H=;Or8H?eBd(+l)I&
zIr=g)5{t$Jnx@PA$)#Kw11+;QeMeU(d4`xv!{SfAbCrO<2>PH*B@boeeoTV($7gOu
zTr736y&L*mPnpY|{1aW9XjKq1?{l@}(jPNi>CSro!$hYTyKGca!L2{<C<xd>2gX;m
zbWsvycYK9IJrjxReVpo3^VWTD1%CGU-)~JU^zKreGN04ky1jv)4&Tpn^r!f=u{j0!
z(B|=lhiX;3)5lkEFUT+Mn<u$_wF&{1hB-+*ObA32xjb`3PdA}g&x%{S%+lT~<6i!H
zb>ib1+s?OEPzmghQ`IE6g&1~@3pV4mGs2=P9fqI}&S8#vhRS4KM{->!)ySe4dujVL
zomJWH-#dy}Puyta_rNpvBWl%QV{3PktfA1>hwHAQ<HO;UN(Y-S`EtQ6+YR|FCWeDn
zI+kw1X^KSO0Du%!;UI6e%s=9_q-<vjf4p*$zL?%N#b0pQ4=n#NvB$>>A^#fp8JRD>
z{{CY}JAE=yK`rdw3yZZGzjEAkSjRO{pG_&JznK#(MTZR}AYE``7(<OQTuh$R(5fXo
zt~|g`@mpTey~53X7kITyi8q3XN7-s2a;V{l>`1jx<d83ic72gjMz1WJs>~SAJE~AS
zQZuTRwRprgRN1a6c?Qe(_<l#J`IC!+6@#{|!5>&q%pd5^M5d=;f1~BA^c0fDpCb%^
z)nV8IB)DQ=O1&wan@^?CPSG28V!lP{vqI*&8x4$LU;o|x<nk%ejD$0<lDP%z_<n$|
ztK;`<%PMIYZVTr{<DcSHJJiU^z)_(dGCm{{NLs)7`jCND^huBA0;M~%(05X%H~c-g
zjLYjUNdxlo@nY)=rC|;WU9Q%zrCgao2`C@>03F=)Z_IN~5?$P0i;TNt{g0SA>BsvU
zzQ3`M(w7!iGZn-`6Z3(>n-3Y5?f4`7Z-9fHeF@c4Q+&8CyP6y7&rE*9F_ErY5mPu7
zk<z2WyF%#WJi#h+KNdT5?CdR{jft=qlzWDPZ*D4oKZ;~$_-8*B1|KlEF^F1!U=V-r
zyCx|)gxmUg4W(o)nHPnf0ZlW|RJyALnIJ2S^@EyhlmEWT;M;tLqx*$i42RD`lv;@T
zGx%bMsBa4(R6Wjxz<{ZS4kl-JPZ7?Gvhk>epG^n2``=?7zK!bcra!3eg~MqG#fK)X
zxlZkYxaFgD15f-UY>(nU8nQLxMGj~=sE?j9zsk-sqSX#=CzX8=Ny9rwCB1tJ`8BwN
z;i#w9Hf4`PSt0LPn)euh#kKQk4({FYDb{(%70rInFtOePo6wZayPYNXPJ#!%F9e?7
zvuH#`E^&l581;glpD!WCFIgTdAIZV{29VmP$=p;%#n*2HBD?Sk?9RToBV`{@qGSfL
z&4ktG4{e_9(n|0I^EgCk5dO4!(?Jg540iU{r}J=+*ji7%5afEW_>yLMtwg9sn>6ox
zSG}i882e&*9D?DMb$Rj-u`h%d@&cYRe_bm+i)l{WnBP$pmpVJHdRvt#*&2~<g;#OW
z<MQX)ylKNdM*a9_H@*5`!0j{nSh`X?GuH+~ejl>%hB`S>p{zNTk%elkz4H>zOL1Wu
z40yUhJe8Z#Wfd>OK==JsnChbgpP?paa8SQ#)+YP~Fm2UNTd7wvpPOeqz;~Bag|J-p
zA)@x$?@r1x0g1i^W$uG-0X6sL{G!*E_;1?k3WXnmsPU@fdbPAZ!#ip=K>I4A?hX0&
z9b{VX5CbJoUnHWa+jedbhnMLyiJ0Ubwd&e=YT1FSR&!nnwQXDmTIA-<$1lCH-K!en
z4c4ZNl`IkC{zjcqKoQ@Tm5oY1-iG^$NrB?oi%*Ovwowy}jmSa(F(++iJ~eRf0`J*q
z)Ux*lL485YVK_u7F6}uP>3}Jq;bKgrrLtQ^)5r)7yk%|OaJwa*#~Nd|*Ma}R2xlNR
z@pUi66K&{N%~<+KVfx0PgvY$Zzh<YA8QW3cIAvb~)7c~!z1Bp-Ug4WvnF6MQ6ajpR
z;wjpXV!EVomxJ!}1B6WW&rveCHOuAH37+PBG*!KCq9M&>2RP>p^UG@$MfMoNuW^HW
z#;CHc&}jz1L*@8@m^8<ZsNJBY?oj>HlV4J>GGO-r=PtF~X=NWF;Ke_v;x|M!9ya-p
zU!BQ##QR{MV$}Rb*TCK=H2=!jwysf2l8z3y&H!0g?s0F;aJ6A!ejLwn(n<#n?&MdZ
zLqvxKe6(4w2MH9QV8$hrA6QYR6Lv4mlTK!tZri6yEt?6UwGP#mgojddf}2oB<IJw+
z*TH<R>JxVM!b2h5JP}sLAFa0YWP-ahYlE1SI+ZcCG3&_`f$D9NaI=$kyd;t|lV-B7
z$i`of2wUd%F)ur78i4io?jrQ+aw5x|l<+#!pE7qbIyG;@P%Mc0wA}q)u}7=h-;cgz
ztEbzN-Iw@pn9#EZdvargrV0^#6mx#x+%^`N_HzboEou|1EOQ4nPs9nE+@lmS@e_*j
zj#4KDeopr>1HhTa!~m3Mr|X=*SA>l|?43(&7B^iND$yq^&X(M7*fMOVO!*$psV(!q
zl{F5z?(ENEUAC+j7EUakRQ@BF)0q8$Ij1L;w|pVdMSfIUwRR1(m=WwWk>nx7ieFyv
z{rH1};1{tvStO^f%jn4GzS0B(zm?)I+px7uLw*PJ+Ex6+5xkps2S3uCAtoBTx+^g1
zv1T+E;`^UH^g4R;*P{kjxN04TviNl5GUEx#R=KoaKa+gEunu9_FIpg-WlWT)bB%Kt
zrtj6@N=B0(MEA8Is9oa`t6fsTRVp%B?y=qqnxmtdd0tt+Wi&DlQgF3gac{@`J|~1L
z5;$(V75KyKvotnMgF<L0^)kg)wO9;gtVZBPUzvMa<}ZpYOTsh@G{1{V=61y&1B@r1
zjD$NG!{^_w5`9pUfH_8jotRf&>~jXJ`QLb)D<T#hBA17M4-b5&PMd-oO0)fvdsD`C
zRFgRv+-MrJ2ppCz`lBQLC^*-|c?%?s#pLi=FURGc<c^Zc{GRApw{Lc)<vQLzuuwdr
zuQJafB=|FS$g!B7eauL#u<P!2S9e~+;!|JKWNg+c%d4Vomdff`B*|nO`jV{drOG>T
zhmMzl8?=P7aCj{~Cr@RO{|9J5m%m*`Q8D_S+GD%}##^u$fxwP9zc<?3E11ARYS^H*
zK&XD=Jk9%ybz^H)hu`_CH!ktj`s7s<O;s=`N#02F_vFI0g*|vaT}!3Equ|h_aA$cg
znZT4OA-)ixBNJZVLRk~f)S;(7O9Crx|0}aIl5)ZaiEAt5zOJdwkj*tJMc|5Uhaf=?
zxRQ{`Y7DOGIW{kG#5N~JeLKj{ithne<63Slb#GMxwH`d7X+o-{63q9cc38yE%)yYA
zaWGGBT<|-gDpUuyl{f><tzZeI=c>G>V7q(xe`yiJ?j%ZvOMG27d7l_3QZ_nQdRdX+
z4xYU_Q?6|xnI;?j3*X@}FdX8YhLV$HgkQoeN#~Hr6)Y-(S6FHgl;Dm^e_h}+;k!6W
zk<sjZYtc6f<vnWzu20GeF3=C$BKxT;`~)EL&6Rx|JTqy^3=edaS+6xI{x=b>`kWSp
zJFkt_yhUV}d^r6qO~gM0MU-tFh1+h#9szF){&`rQkC|YCnb^?$JIav_FztEocy=st
zdJ*hSA#9^>IZxw<L$ZxF=sTBrF8Q#wT;&*x87!f!Vpv{r)YbY6T7>Aj%*U{LapERd
z-H4vJ@wS8k*@_5!F#ANAOsncTZXwDWSZcMu*}9(Q?bla&7JvW%pLc=UOll`Mn)BDd
zSTZ2eg?ypr<FjU<UwB-=*b&(?O8rnS|4mC|z=R_nTB7ry#v4lMgO722VMvU^v4B)C
zdHfVWqSVrKBr_i_J1`AtHw+cRzHd*(?qbaR4mn*y6l<7!b-;(Ue4^t9o`BXVvvXC<
z)`;3HK9D3F>!Yx+)6f5}9=x!^wyx?^)JkRFVUwmLG#?j`W4**h*GVuxWd;w;VE=|_
zlcQV;meWZ6e4%M}VQrU6x=eW=-x8{&qnIw9wWd~F($A-($6f_cLS{qyi!fzem6ANX
z4mpVdi;2e9s5euhM7S{a!jyF(I$0|qT$6GSTMz=iPi`y?=ifp!At|UQ|6LQxZ>wI8
zi@7+Z9WM98e9IduuigdC91gp{=wnpvMzs5NJt;ME`lTfsHKxEdL3|}6&ibnM7b*qX
zfvR9}zcLr;HB(f;ecuF;ZpS^LPe8$g@ExMC`NtM9D=~!7K=^as2X?oR#Qf`KhiiU}
zz?re>o5jX&CI8AvQa6kfcN1)c<uZr5Nqit+)^51Tz%AGitBqR#0005wIR{~WcYh*t
zY)SGrei5g^zv##sF%D(JX?+z9{Mucw0Ms+f-xJeke#FmV=?Jq3C18En?71EXJ3Wh)
zEfg<ESP$at>e1Zj0b0?VQ3r#P&b#qWp~yJ}lC_5NoX|gD33_Z>j-k_m^WQzRdPt(q
z$$=Ztl`taAUw(7uc5?1j%0*X-tASahyB+`d?d!14!UkB5wdU{-r<cTS1YouxoUGY|
z=SY=>-nLwp5v!wJsnm~UwNJobyE=<Pjy!bp08lN@Y)TbbfB|8Hlrf_A4*9)C+p8#y
zk5&hEQqU#&&LPM09p>kaA_h7nQAqSxk5&vk^bf2RT|p034}O<9BVE|Uuy?Y_{2ey$
zM=+=;;OsL~p%9Xc7fjK+21nF~YnyzHAL;rUEKBIdP=dZ_@E2sk1Np*T^ot=$df{wf
znYKI^p#W=k!m0;rw6y-SfTbDdR9VMK-~PT@_=*gjdcd6JZ^--0=_Hcl?O@>kLYrK-
z!Ps#oFtq(GIj&yZclt-h^hfaBrUs^RpwbY|e@N)8aYM?ARm|VuHVutg8tL_O8EgXb
zK5F#NsoRm{F0`5oddKlW@dK>-vZ|Sr@zxhV3Kxx*^|K$_B$3&8$o7ryTSM1!J#x7l
zx2Imphe6``_kz5}KRY54qZ$(ukC#1Ql(okMFo@W;F*dOo1rI3#%>8kNI!XLIIG--4
z=~CdJ_h`W)%`lr?*1uBXFhgWZymBr^Uh7$`ktL`(#jG&&@F^~3y)2DWuy><-;^osw
zH6N|JfB*mk+mTQvQ-LB=6m~ZUu<DWs$i8xeRnhK<ncwf*s91^hUllZ~K_!CCr}|&^
zi6L+v)1;~rpeyS&oTXG-S2uPEX^@PhyLKfJ6E4~UIQchI2$WV(9F%l)61fGw?|kVW
z!c2YKz-}=Jz;2k>i!fBAF2cOof^lNddi|BA|D7Ha1UpG!ji790Xzc6-X#WY-H!peP
zdUzvGf{FZCS9JN>QO!<077&!o;zY<`gfF)Vhp^MnQ`eXAp|N9Z4(@M_IFAkb#%;)$
z&>>Q|+Wxp<@Y?EvG-LR`;O()PvDOT1bh8Krl%R@V@ZSz_Z4oNztDm9*Hn_kVR+GT*
zK0ZFW8u6QNjx#HXLn3t{R_E_5s!&GM9GK|UowpAswX4o=h1F&1nB4s9`Q~C<*;5xK
z)8`DlxsY`LYR850R<R?~&{H(9002=4+pR5l&kayF*}$v_Rv*fXagPtqVcq7>$Ze?y
zFN0;&t1+3p6WaqOHL+s@WFqL$UqangiD=-?dk~oYqN|FOTl8=E;pt<zy~Gi8^Ughn
z9o~EVLUa|iH&rh8t*#4id^7~bgVWB~fZAJ*N!IMPNCt}b(bl7wb2NP;DhxD-QlW@h
zDDze~61OrQ8XzMMu0*5Z(N)EW@QE~u88;uKigIc`akmLrSjugdj)BvNi<tee0A}$*
z>Z~8QU}H}pO?c=^zQ_{xtN;K57;TUGa`^r^x~zY!;J+?eQ4&&?mEE2gwctAEq2X8_
zU6cZY6#9@4pZCwQI{t}dYqHNWJ8%>?pnFA$+keX!q&>w}Tj-F({UQyA4q~H6#h+3D
zSjtJqRHI=eVJs2tar8ppKZIU2!@8>iGc*eX>q%EcCv}2iE__GCo_QBD+i7gBaFuV)
z#DqF0d`QewmNO0MaFHie@44RC0H9(H-;{9=0Kefs3DNb#f%v}X!I-?bSZ7|hiIzZc
z&0Qbw{);mt?*Qj2m8pbdd|}yQbgc!(gHRZ1j(R5(O@dl8?^=j*PC~%#+NB#SPE3tV
z#6@!U_bkcD_2Q0Aeh+kQ<rypnG<k;WfJKaE@*E9(P<J8U%bQlk-WrDuFJ%f8ddu3}
zRDX#KZa%ZHd6W85c1fEb1EkZ}-^nWS39Lk3-QL~FY~o!2Lb+nf1J&+r??Xi@2!snq
zkPeMfYk&X&YBPx7xmVc!TJ35J1+M_zs$Y9R#yHE#)>C-~LZ%rxUgB;thpI2XqOs1X
z!JuVN7;g5DE&@ZCo9T|Zne&V3ovvJ0(A93>WB@KNsA#;ye1nd2Ifl-tOBFV0drYWI
zvr3e9r?}8yP=>!DY*@SO%)L4yd9%~yvnqHXR4g%%u^D?zA<ruFJ8G>WnN4(%1G1Gy
zRFe0yNV>=w_;^wWeczvJYA^s(Fq83ioGx6NOwFuQ9?hKaeX`G0zKq6M3@uEv(r4V8
z8uznC=#5mMH{k^qOaO~o32pJlWpOBE8!^jave5(*0pfa=tLB0u(+F|Z3oYbkfGejN
zB?U>!qO?u!0;6~mSSp2RM7q+qxvT*v-#IOVUEeeglF1=0?n)PM*ojBap?R*}t_b0}
zCpnl<`kY<l3rC>i9L`zeS5n>Zuz{ky6>x`}ylcz~@|Y)5M)%8Ic;3~*p6;lTJtCH?
zCL!U98D0b5<4_ctD%K5ym-dX-3*-ac#`0!TvsAG9;u#K-pq+X&H}`xY5LaEr^NTo&
z?26J<b!o{YuJ%S^IY@?0n!I+}IXp9XxgoN%kfYfPb#&YfT!|+C20x160qy&3R<Xm@
z000sAbsEEamkyp9;Im=)^9jq==!BP&vjlz!W<artT$Ay-Z5>&if6H512@@t7II<Es
z6-y%?Zp!g!*pW_XE(izCyy3e`mOdJ`NIK(GRlA}{7#HQeVNBf8cFB7nCv1sjpWZzG
z*n^9;?L(n^c^!#kR<SUhP#>ppEF3zF+qrNVxO7FM*a#pI;V&{cI*pPa`-RE`<2SgN
zq!0GqV0-oYO-eT9kV^z6_5F)no;L8{X|OC$y4!SMAE*2~i!OlS;vBU^G+|h|VnAsS
zAK(FPNM+EnGF0P!NQii9741TwBesl(5+{Hc%oe;xT$)dO&7vKa9tZo-8#JObQ>X`#
zrk}qxM&RPaGD{SKE-kc+^Wq3JY}o&Y3b7v=V!#DHoxcy{H~N*B)Jw(f>H+G>;2cYK
z{N4PuM1nIZ!#-n7j?>C#W#gv+004g}*$6NP!u5L~$eIG0-U6iGP3E<@`QlWCG58r<
zQyA*~61L#u|CyX##_thYx#aReIGGb)AwZ~Fcy$t&e@Gf7j|gl7&!-f9q3%RFs9OgF
z9&mR67Cr#^#1zi~hNmmX@Ln4Jn;5J3k+Y0bycv<xEqSXj3`T?phS91OG)*RmauuLn
z6cOb}KXw9FzbTZJrvFUMjCPr(1(w=8_cbW(Rx{?|tqQ;f^dGL+sh=Pf$hR0!tAksj
z>eOU8sw?|fVp2!EHP+N2MK=6Sos(kJ=($qVZD<Y9WHF)}Grp7nSYK`XI0i3}$gIyp
z!Vi;=X4{}k;Rl+fKV#EJRkb!hDhaF<M&4YjgU+yO2^i_s&quB_G@j_5k1cdFI%4j?
zT|=o*&`Bb2CH`uauWJj88~$Bh!$ByT5!HgK(<>Ec#+N~R3V&Sj)P*;S5>2gCq2#sV
zppmks%hsHArjGXRi7+{wP1o+Iq_HdsepkgEL#?fzQ`OS6c7Cpk%=#6=UdeOT6$EeI
zT_`6!<M3b%>rClCordB_H_5V892P#5@JRPW8C`~%)?J70dBxdo>2sd)I_ZD_5qNbU
zgn@E8F3SyNA@1onvvM&<3^>4kE0}ZQQX%lT$<8N}CM<c8-~99O!)a5^kZ8&Vm&S^r
zJID`=5G@@<j{D!63t6NqNP5q<XwQHJd;YeHgM@ed1B^PMb?Fcf2#>;atmiS|*77t?
z!}s6GLP;#8JsVxURHJQoO6$yKNuSbaMOqC>KUJ9YkH)GNCj~|Kc}H$dXJYgU6Cl;J
zg`VU4jG~B_bShNQXS2|{rF>-zF1<$X!SjvV87A@*<|~k+LS6fJuwN!)G)ClJRvBnM
zSNNrWkN9gMA<+6zk<P{ojuE7ZwzvFz2at)~)MOKF{n0Y9&;VVERj>1{u*AI^dWO$`
zl7~v1_wWul^WH$oV7)zRbX7P!qrk_d_v)8G-?rHo2f#-(Bq`_*`>fZ0ITr`a2SI`6
ztL-v$++GOaM7kczK}R}@LOp`>*qCoCfBN{xQPr?kzyJURV#)57ue~r>WY~&hm~9X=
zm#R=gkxI9$6l@oO*czD9V?tl3VCZWMk|!%Y0y~F3Zgt(fWBS1c47i%<G5)Vk(`+Hj
z`R`a|S!*k>soc5sS}^5bCgkqKXghRC*tJj;@TXbU+Ll-Owk#Wg(Gm+Jpd8VM0FOs3
zLYY`KT};tzWSuXAdeBWt2CeiE1`-K4{m+g|su>TN^Fet~7!&JCetRLU+AS5f>t~T%
zJWUZCzg$p`Ia@J<9U81^gQNc4Gr6Asg=F&BjdPsDaX5j|=;Gbb>)CL8bfQVn009Ly
z!r6wcNMJXvm21}fVC1$W!?1=@fvXKaF+SsLDmb3JHu!TGPIY4Z@^2}h^`h}E2N(|k
zNhY-yemSR6TSj@5^djxnW=J9cHF*A!od`7<9i)9cE22{eR#OOsDv+?9Mk(aP&pZ@*
zukbKPvA|UA)#qKlYRr#=p)h$$qaG(Av}3BF!T$ZrCZR&3z`p;(_UiF#q!DM!87*4?
zV+zXJaf`YLFP!ZfL<nA1F>m)*!Igmm9E!=U#ay}%?<Oe`kvb+1^|)5pZlQ;F_~5fn
zB^l*FAIi0<<_NBni%qVP390fK5<ObVc2DZ&rC9>hIsEZfQB}vLB8rUd4-ANe)I9M-
z^3_1AtL|e>XRIK@SNEteNE0vJqFqIqWHksNxfx|Nz{IboqN|=(L-ZD&0ihg<#YoId
zRE4;WC~s*ZaCb;7sap}rdTvtAhjo#tXZf_YawT5l6=^GguLnTpUtlnSuoRK-XeFjB
zvvi@IK12(}U5vb8p71V<U|mWC(Oh($+#2(vHKPHakP%BjIR%@^Y(Z1i%RYCp(=bSI
zUecnRk%0pPefO?}*T~Hb19wH{hEF#*;lSHU%!fe|Fd|nB)e!1~1Ls~Xl779XpPhW^
zAnjFiX6!9Kel$EII!Q$;MEOxg*gVomUNPV_ZFZwCql&xzMLu_{HDkTlAaEfCn-eW3
z?SoNWIC7bI*C>YF@}rMFOloI@ZVV3*K~bUkIFbLdpCwS4ZCr!klbleWj#zI`1@@Oy
zDs`8Bgh*)`=Kt!;({Zr{BP3<C9%~oI|5PWHCqvzqqPL#U*(F7P&0XH{QE9u%))@19
zLMT~>qCER19&<DVZHDNtFX<YU>9f8WEpdFwsxzZD+f+?Y(BAkWS0>M+W&i*SM8~p?
zaB(@F3CWlE=;NmPNTWtsct_p3fgP+Rt}LP?^<`y>&$XV7ig|h(wnYn*XbNq?rgYUi
zvZGs?kj+z_EuwM{VG#}6p8Y#MWQW3pBn7J<ZG;uu&EMJMP#ffK3xO+@rj2;L1*&A;
za}LAKcSQ>}ddGicAhszyJ3>Hk{LRe$q(mXFehtT_5j)dNuav_$<&uv|qOPWP1TE~U
zxj@Mec+EnQ{ljy&VBr1D?!+CY-i$yg_~e3?u9tn5vF%*YT$Fl(*<L!Md)ET)vku#2
z8DzVzveNPD_s_3{A;@U>pv{?m9J&qz@O9ue&!7Z$IO3-opk@@`SeCw{dcM3_QLAiz
z8T65f)=o}_<3S^5rvdQz|DCjGDt;TLiAMadH9BM-B(&%F5%ex3B&Eb+$0gzSZV(B6
z>^;4;13$n{zW=pHc7@aMA?-33QFBa3up<vPzJmh5Nu4G19L$u<0OQt!Ri0esiG&OP
zrE{urEC%vn7n^NlmW-7{=5ZZdohds`o9<kWZ+f0a8_)hx=k0vd05Fz=Yay##q&y$N
zp%9TF{qnX&qAw}yKu>w+z;E~J?HDHbRS#364IlZb%<*g!A6Qq_rTVwNw#lkncQ*sL
z_RSIgbbZiyxf2k6t5pWI=E_<gM#-xC<u`#Y@0sQ2lfz!OWtor|BP)ysyoa1&00qSL
z@%zR^Kmk64n_U=XFrWHKFcy`jyJ}PoN6CI$6#wlaqo+-Dy7o*3V!QTlwWB@==OFEs
zOjILdNCF2CTwy+e75avB#XCEqC=f$MXcbiUM0gUe%*nSKT-Y%5FaD<&dW4luSct!e
zS((nsb&LHcF#-_fXOpMeq5JsoxkK0lsBtW~`~eppmMQ#i<!LJ8SrOZa$U7Ovwc#Gd
zu>@b?UMVA{@!<+X$V8_mAEukGFqDd5!OB@<`~VPCLZ6Ae=bTqkjP9F?rZQ$aWjLK+
zMGv9bGD8fdqIm9;tF}JL;gHgG%jIjT2l|aB+#=QDi!vn>$ifqVxDrMvYf%M2mrIGw
z8Ir+3z!((|7ag@u>Z0&Rf+lUJFCRYH286C3K_o&<zFw+Q1A2NsFtpwP&iw3W7=#@{
z>@9>{KTRc&IGPCpz;Qav1@-9+U`%Un@>1JsQeb-4+x%tVIbwLU#n`)32YXnAs;j1+
zGNFClx1ChSuw6Ej{p3{=zq@i&X$z9ZWWur8q}hCTrLrzY^V(6ZQu>;wHG=7Q-m2E}
zuVKgnW>(F=YFY%?GFUQ$kb~o-gOw>`KEfGWY5ha_qce$0Qf1Xy1|C*BpHv~72wEr&
ztD=u=)83+ec>+0Tb!6~bhO#R=MiT%JZKELo*uY)KL(frTBYEQ;lsuCjxh`&4Y_4$l
z@y_VxlQ9P*0bw4+FygIk<k7hq@tAgD5_v_fe!MWPfPfA#ukLuPXO^)N3c~0q9T-KD
z&VY%#g;(nHPB~aqiIgCz(nFfWdntj=Tb6fV;xJJ1yu`F}L-<eb6+;rarrfEwxv}2%
zhGYU~7-{kK^duVs4|Sk?VG3JB?W`$!r5dOm5RtT~eYJ7ZELT8Sg9}%Z^9|E4@4b&x
z>nA?tSYVrc3uZ?y|C(>4DRUM69+}b-3$x1e?v3{_nG1E0$qj~otCgTHgCQCSL>b^b
zt{OG0QBz44)2G6u;C|2m08N82R`E;vs!yYUscSS4j$YU0i(GPw-&(6Fcg*DdY>zH0
zq<Za*(m{{*D@ExNKSJy`9S&fal>m$&`-=3l0c|#19!zI!s`>K&eED^$ggYCAwQyvi
zsG*dq??$&bFf9{*M*ZqW(4d@F-;zRKv_iC^<4j=t8f6vxuM0LeM#}Z<A%-d_{vct(
z1)!qu{Kt$f@YV_5EhxnxG%(hQriMar1UzvBMnNmw5BILs?023Ks(#`oh)3NE?4b!9
zEay~hpPgO@Qv+xi_3{9DOR~l-{1}0&Ly-)6d9#{zUSZL+KFWZ%0w1IWb%xFEg@gux
z;{6d?V`)vf!N%J)Z^H`%riIu}?jnK4gcTCw@CT-2apRIWGkx}7=D0rizWbVl8L}z*
zA?87F98%~htN1uETq%xk5#1%;lZ^Bih7R%HdV`I{BHa-wi_iy%*ERSpaJN44;O3$T
zkt_SedEb~3bS{w>t(IMg^3tX$zVC80CJQbQ)N>cDz7#1flj$^pcOO=er;C6AP0ZZV
zuMmFF0-I`Y67lXq?(m3x3jqHS(5X<i(v?<F!lym^X*mfKAk_|KU|vpb^R<XCkn;^2
zpakP2p!OFR&ACd7jl6k8+Agn;(Zmwz!2lV=UbyOWE>}t9_06&2)(468*VpTe;I8sh
z<ILS(c_%~wn<dq@bKuH7qD;QhC<UQ2Y~Wn?LEDNAA{IELMss0Ae{yBEkqVWhkcVjs
z0vXcZB5(<6zl(gm#Dk~~wULMPpM^3oQ3?F#o4JMv-;mtugI&T_@yo(<V|t)NH$JGR
zKB`S~cFWr;GrpUSiP3ca$O&%OCNUJh$p%I4ISb>3bDe~DCE{^MCN{2dqI1WqaKEI#
zyZksB`TP2+j4zqjA6gWK!s$))yVgBo1PW`e3&~Nta+i_3Y+`Wh6|{mozPNjS7YYN9
z9Fm~p-N}wVESbiajY3<DE9g$i2~(>vp&x<Scz*O?QjX7O;C!>`_KM86hl((G9I9Yp
zr#{eY&YUnTR`TnBIjD4e0a4siFXReTZ`wuBZl-Tu8Pp-~pn_SlGxfMT85Zbu-m*J!
zd#Ckw0UvjZ@m-;f2%suRMf2UVm((RI6tqUH7{B?{K`KZ}YQQH-O&1$e%557Pj9_Ze
z(8ACkEQ!5bFlZw)<F!#TL*pLn-su_$gO4QlDY9i;qXCHv_J1)McC6J8R$?vPkLX+#
zkGGh)i&k%}0`#l(0FEiXK(RM^v;*$}qN$+fo0_LYR4@?=*B1e)j9(GXAh1<79S;R?
z^EBy2%aLf-qEI`37Vk6?;j@S3flRT2L_j!+q?W86HGsy4a~nAu678R!TEXjJuKbL-
zVL98qAbdX|{9KPh#$;1()x!jI_?)ZU%lZ&^hpi5A1ThsX84g_M;p(KB$r+*MI>ah5
z-E;z<r_l0((lE3ja_JTv4oM8V&OVUhL0=$uF+)#BnK{BvdrdyZZIeb=&l3n^m>$+W
ztzX(ad8wgzKPwLG|1Mde3_JYqsd7-_*cJnW!cH3hL<g(3POLXm1)3$H`{?1b7!x@1
zU1vd@lXA)eWg9n8ee(zgmok@hT=Qh6+eg0L?|0@=S>@HK-h5<IW1EU4rVigR+osS5
z2@6n+u_y)&em~1gn49*qxgn|Wu8KJy4=@fvt{L+_zuc{Wi&=->{3mQ2t`2Z-+;{nH
zbSwi)T;;4uo_CS57O}}Rhjio7%sv_?2GTUVFk_rLyF;t(KjSbbU34^>AZ(~O?z6Ht
zSZ#r<qwdQ&{ihH-BO7-P3DY&~jzOV%Y2R$cR&?ILQ+Y2PfGqvxeZ`lpInO%4+(Cl4
z=~<BhG5PI$EWK=n;Dijd$;hibS3$;Cz-0bs($4uG7Xt2)WJEO(P7;2vn@kKOOBcvI
z;1zU&S3f#j%=yR^#19isLM36Z18HI=d7|b!VIoR8o?3J3rkH8sfZrO^s)L<k2NCn+
zz0U+8(5#i#fR0D}Cv}*K={N2u*IzfggT6ui3JO(MZ9%b|)vnthV;WusIYk7sKf_j`
z@reLQl)iJ@k<({1rHAO}&L0AT!q~v0`5Pp8v&hzi;isB){2wbD?AId!mkj|57$gd@
z*T{tonS}i+ZbDcfDG%<8bTB#J!1Is=qV7HZk$}D7n!Yyh4-huzPwUOsjl{&56?<k)
z#d%SpH6`dWuBGKpo>q^!x40sZ*>lcZlz?W~r{MrFtwnJFTd3sF0*5RW_w0rtl{{sU
zhS-|$*$}SH$xh+;1ji+(><YRm_vQumx#<dkxt&tXa7fs_Q&K@iQbEo2JF`r)P;+im
zssHUW0EV??TEL)-2FTN<aQy-H(D*Q1`Y}$LLHZ+SVZZ{?J(bT!NyNn%x`Ten$@r32
z+}<5i?y5!Ko}ztp)MGY%i***M9i@q>b*sy)+tf#Hhz4`GcADxsC4N~YO@hb}O0q?!
zs9Oa2|1b)p--am4Od91jjP7!6bX<!<kxx&q-3965v~=5K*xsX}9HWS)Ub>?`FqVMD
zkJ6<hQvIF#>Yrz3t+VOlPT7i<?-!j?h+J3@yn{hx`hm*7epkIsXMpCg9W+==W4a((
zL|JSJ@J2H`VOL?@*Np(mPI__q^(7zZC=vN3fi!fD=P<~Q?LUsJg!OFM@eHn0SvB;=
z9^UvGRH_{(Q&ymWWPFLO5ODqs8{jexG08lWWAXxF0Cqh*${C1mkC^KgS6TJym0y$J
z+{&j83!jUt{LV`k8L9vP0?rV;@L+lf?toSwdqx64nw0sqo0tRD+MG1U_DepWxqzC!
zzUP7kUKhh@+T^eNIX3@=A-ig!8MVYNE?@O$CvUbA9@X{?Z4#Uc%31u5JR0_38m@~x
z+hzO#B(oR=luGw1_Nph}Fb2VBpgoA{fwfYt<Dw7m$qXxjzwesp*k}xB`O`0Pk3kut
zSYHkT9r6jh?PY)^hz<bp$2TxvLZdm|d4*v2h(rF+L+OdV@`D&0S>uOWLl=HP@=}zl
z5to1bK?l33k;WTC3Eab`l!Rc}W%*B}3yDy&)B)MRp=H;&D8ven*Ai+%hx9c+J%Fi5
zC-~+l`KH*9(me+sg&t+swWK=Xht~`<(X^*djhdGKGW;*6<ixTe$E%r$N}q!3_m_{^
zGxM89J-08fbz>R$K{5Z8BOFG<Zp&2AsclI7M~MgtVpAP9Ri&UGzf4f({g)K_!maAa
z;Iv;~0?$A6MZVxY7TFROoOKeDME0(i1!VKdBK_X7^M?h}J{Cq0!&7*buhuBVz9i&$
zMHdpxE2VePooMNhM%CtW(iPR<0LuhKh-8N8$2&aKiTNJ_Ch@@dkT~rp`Vl1YPSBo`
zUN=S?$M$N~<Z7GapyEKoN?J=aq($3GvyMETyqI&eIs^^n005&~vl+P;d_uMEuFOxM
zh0R;WQ9kIY^rRfq+LZC{mqoQgG)&T{+_b~1MJ#GDFLo7y01Q~aCDu3d%<{5P?irwp
zw05I)hY^F=6G87@PUQXjiCdhHA(hpgII$<@Eaz6rg2}IPh;t$X$YpR}n;_HRX*>MS
zR6)Nd<4vGau3z8<g)4!sdIBNDZMl2Y@Fu~mwsOXB3hjs#DM)_@@=ioq$eVJuK96jA
z_<N^>_0Ai~5jV6LVj6`C39|<a+_AXUF2wn#`cnDOpy(h3-JUk9%w36m;mUYz48;=t
z{-&h|x>3OG71re>)DnuTB0H$W25>x3ibWjA-@Y^H4RmNs56}lpmM#H^!{f`fa}-%U
zec09)j!kz8=qDTk;(c(OP80CwpuYN@aP~!xPuA`srrNo2+*cEIgIpNy?aWe7%G}~H
z_lTb(ak1r@=tG~zDv!R1Da*)V0`1FiZ6QVo<+R7LRev_tRC>A%<GdQ?zaF6nu1+-Y
z2SnM_N)y94h;{3!Wt=sHQcYP|Rw&bNHO0BHPi!zzXt4#|+QX+L7YEU+mfJ<C(KclQ
zoSAze{$03ufS1HF%r3#edrjldS2p~(|2Fh@g+dS${)(-7j>b-Cb^5tqs|msXW)}b*
zXxcSAo}Bl*zg)PH9eqrHa_i)<+R*)HCzc`JQ|4s2?s>5l=_zxt%dp2~iTkZ8)$(17
zvmj*G2-Zgyj^0#|mXi4X39NCre-x?uo#I=>-YtNFxnS%4Xx`XkkVH!X(`}ANs0?kb
z1>N9bX1A-NXSUpZxk3}1klFvKsptgAG~#SK;d9+>GT^0vk=3vbE_k=Jm-biS^6_|1
zK&P@H6^KZN<+n!$``-CHJ7w7%xHLH-6^ei^wP}Hq2k89bJaHv#6uPO;nw5qM;r3$8
zDj60{{N1)oBihq{4}3E2C2wC7)Sa*>LC2zKNR278qm{VCSQzv(_C|Gk26)(P3i($h
z_`Zki8bo1nyfs(4sWL{l!cekI92wrC<B5HhZzW&~BW5w=O2to$7F02i3c=^Q|Bdy*
z@sUTz@27drBcY$BeKz4}Ux%Mbf|CIOsoRuxXocK^3z$N`v7a*Ck};WFqEg-b9urOh
zRjf_GEbJm~N`~{`L1pSfKP4KZGr!OLvPC-<HofH$TL~y<;_6Zy;4Eh2jW*<Z0AADS
z;&X)>u{@PvR>J=-4gHZu+d{5vku87KHzzE4hi6zh9F+v)vvZE_iLeA$`d{JKA6Gc}
zO5J255`X{zD{Akx73W`4C|UU|5VilvC>m4h`QAEStS6T*#@5BUn*wOIBU62d(fsyC
zW>=5pI*Ytyr<SCc1JvQ@?UlJe#PHjVXIXZ<CfnDxu}^3E<s6xsxe29Np{WwctVks)
zfnh9R)!PiMt2H>fHqV#!bWovIr~q(gPHEjWTL87buWDE>VvZ$f^jzvnG%Vqk-MWVX
z$}EC;D<Ta_1BoTDIHVKNwqtw_N?4%E_hWII>kPrXdYNoTHDm|heVX5$68;=AScAhB
zEDnI=2IQn;pne=3dk17<2|X3<m~mlw)F{KDC1mqF8<&+D$KZ(GTn1?)cY`{cE@^vF
zh9OouhJ36WDXWM7Id6W*%$FxzMT=?AZTo;wAl`9nS?XA~H&`11LlH^6a%!fjug>hX
z{n@JE94m8ZAax+?3FH|^81_eRdF=-NaKsaBg;}kb_uc<)Ah#qHf^F^aL^v1*6jc5k
zu_836iKzqQrR<ICDI`6uA5>7+luES)Ye04cPbqk_3<T48*8;U^G`F38=&L6w00DmX
zpivVTpT}EYX3|unjLjh9xj+|F;F}GPje1nl*hBo1k(MmxG(@Ey)09*)22WAC;=OSz
zHLN@>{VLtP734Fe-G=8QrA8|E^oN#Zz=q=8|F-&UrbCf(q`gdiEQE9Xw-|^d6aegy
z2#;-D26K?eDz9Qew|J=T`)egy5-gI;Dvexn`_uCe-IY})H*;<<PI@Zy5Xe&4a9TH~
zm|e?sQWy2!<=@F}U)X*oJcwlg*O|Y87Au<yhR;1-*LvkBkR6Bt<HR(X`_4^eJly~Q
z00000^{?aoc3c_Gn#a<FMMD)AsIyP=8@d?AEThR_R{%%EWN0hm5(@@ECW%18Zzma3
zL7DYrxZ4^-OC&!|+#<+%Gd4B~8AWHXw$O95q~&}^WD6k!1bL${`W-Nj$I#~G#jBJn
zW(2>Q74s*`KYyGtx{-aoXBUS(^7pwWPfVFO8QH5?pd<&w-~IdAV{o-On^_7ngVuXW
z+-bTSa4PsrOCSjHFLS;QQ-@zNAnPLv!bIoZu#NvtIA?u4l44psWDeRuf=oNMr2RzQ
ztN10fQeggVUFb$ykaz$Q5n}qW?R?ke^jD{$`rwpqThdHGkO0h@oqABaSP$?t(~yn4
z8<{4SNqliz4}#@=_Frn42FH;R^_vflGpphuzI2ax^4#6{q(RO0(_5!MLt&}Fs0%@V
z&6Hvlf(HU@S#bFWMkEpL%qY@QIrD%mCTOvQW99<P_n8#sM9A{tz3V>=UhMm5?MKp4
zf$5O&?uEhN-S%4^doFw0o)9LNDSuELkSUR9yXxG7DTVpeeaUr5GYS^aorxl7*IepR
z+bmg#E;DK^t}95{%{fs`n3r@~D0fEKcRA*fU`c;f?d$oSFFGYihop15!3QMMu(5Mp
zXTiC=3({|tr(QPJtEW2zZ2FwA?&UA#{)m%FI(q@I`Xn*Cv2Flo`sU%Axp#tTg#2op
z?jHNSoQ<vhqJ}(nJ^e@{USSrk377YSi;xJunhV5fbuAIfyK@^2_<?E802|f}E@4f=
z(96~)wjSQ`Pq%zwrq-@(tK}_ZMatBdWnP@$@BoF$O8{pewEj<h2zjJBGn1C#Ckj&7
zR1>IM8nS@Z2);+;qq@E%HVx2Wd@q<U^aG%_Pu_q1b>V*;SHs*-l*6r0m;$q(Z2kVL
zE_jJjBZUd-yyNYDDRfifa56#1=<fMPNSIez=K<Ep=}@UZ+KG%_f|8_SfmwIIWt$LT
z*?~W=Qa7;Z3aSKIV#@79yy7C^m*nTGJW{S$rE?#bTy9WDk=!lFSsPRUwXh|}{XMjR
zB?&(zpZmQKb8C8_w}ETBwO^h2Or7g=`0HWlc~}H6RuffMdc)s1S+WuBFzxb4am;E;
zB`JmZp3#8I1+0O&Ky9#QM6;pjBT*i-?QPDR<&r01t0+=?8mEt4gt=ZnQ!6gg!rD@1
z@_~GCVeer4VvMjd0k9N70G;eK?CntePyhtriMiSr3P>17?9f7|{;yK~zyjHa>?Q#|
zmIR>kUKyA%%g_5%<`V@*L2L-_BO=OK+AtBXdHe9=UF7PAdLE9XtCkoumS6Rly2c_Q
zi}E&4OXzvLq2_L}Ka!G;Me77TE}DS%0;JVn{zm($S_26Zn>OaWj?EG}F>CDz;3ZNf
z==Kfh9K1dfV^LWU1rA?dyj)d_*x)_f_K(x|edYEx;))Ob5P%MtuREnoJuG0tRhvaW
zD1h|qP3ajdoH0xJp}^gGq;Rg_T1|yCHnvos_6tgN(g4HNKzh}0Jz(3MLmYt4Y+siz
zJ{lMRFaer8ula!+6p}xqgR!^t09Kqak`V;TIUSXJV*VT>TtNDm#?2tB4R1fk%d>8$
zZ%3QxL<!`2$S+gHd~r%Fxipl1{#@~QKHD7o6}gC*b%2C)mMVV1LbNJjGXBM#7LJwt
zf@MqVowe_EE;a(&>0?{EFWP`anrmkli5&3RA7B6hDX40G%9GuqNEQ~3dqqT;Hn~VV
zxSI)gi^;1(B)4gz?Vtfm%zq~;=ZkyyT{<5`%ntltnA{MtR;Mc+wa1<UB5bi3@nB^%
zc%Jx|Ev?4I$r38H0ZJjlM|(fBsjF+uprHfD2eowN>9<=ku@)DLAf(riZp^_EjMAnn
zu{;$=CI^~>c-E;%UV9WnjdcOk>h*@8a%=kY>P}ku%Js&CbMET|!?od6mX{i!T^5AV
zM}FriJKiQl-1XITL+%N3h_xWrA~dR3+hBFb)?o6;28yx5TzDRaBIJ(b*F{d_$@**n
z9_(h7+{y6>ue40IMl@bZFb#){nu#jxePTaDGwo*ZdV7j&%yKhnOGkQGt2ldZM;e}w
z((EX(Y_8B{v*ATON=MIdwmxsY)Or8On*YSF?bMIlPs$;_qa&5qNyVb&cCy-C?45PX
zZo|`AaZTZL|F@62Ws4GFC?G!%ahf{0&aBCP9+O;Xd5BV)<~HX&R6LXt>-<Qb`xR1>
z(Sct0dV~p;Nz|n0fo=AGoe){C(O!0d?lNB$5Lq&vbq<dF)^=E{w}x`xxG5eGXs|nC
zO%)U?3W)yVACFL?;4~E9s?R)abi70%!ZBXMKE*GnZU-}Xdlh;d9mv&<2RkbM-&QC~
z)(G;Vf8h4FGm1)ao-dAHykz8L`U(#rG^kXcPTY14O}nfjwpe91NJHRREZed7N>&ox
zBVJg3@0nDHBJs44D9ld^TR5CfJTrr|0-+|pB7Tn3ut%}%w>-4M@!eOmP*WVX*4u?4
zP&qzgmFCv;Y>PglX?JIyt_b6NsrwM%Dm|Ny*WPHJr<du$g~Y|Tw8`=oRM_yN-r?j0
z{9J62;p0=)w>qR`w&)x0I84X4`DexL6VvV1J`Y`&7(9$yK3C&wak%ipX}@>)tOHqG
zgp1y80$FkW-<!Jfvr(hSS|AwoJ<w<_XAE?6E3h8-%!C8vaI!5%g%A;N)U9o=wNajp
z^&LQ6V>E6++1pwaKa?N^*5V&-mg%cft1sxru=!Q=K4=^e@7(SKIx{pRB$jB!ZF3w9
z$l3&n+D>n|yT?kVN@2S|K#JI}t6zU1z2>tH+9aiX;l+00N=O9Xc6XV<F~i$fHe}t<
z`SV_o?Db*-S3UW`-tV>dBtoVQ2}`VT&H1JSJQ$b=dMryPq&&cMsgj=YlFFFW@B9*(
zLGfo>3`Qtg$E$~jhsAd}1+WY)VH6D3s88_RkQRE5-frBw>;)a$DZ#4F1=LnOQCIu~
zIbpx~q=RU^DXS>{o9*BY`~dW3!5b+3A|%^W<N*@fBI^nW1NBlLpXjAT)CY(G{$5<2
zz$5soJPfICE>Fz(ZA$2ka|E;Or$uK|U0_}puDk8Z;n3*ry1d)4^+@Ha+AWaL1dlrD
z{7&Jif^h%<2GCC}e$R=-572ZaPbxU0mb@eBbQm0yHl#47GCcN$B}3pS+DXCKaV9Z`
z{ybBp4S=2oh?@HmP?gwD30bbS!xG3{D0najRZ^l%c%4E&@NkOC1JpHL=UvRh1M!T}
z3Z@lBrn8yrQEdnr9V*_66{vyBXD4c1JIyhF8%ptw)O)yaDAVDaXo=hCCbty{r3b#F
z`QSa_CtchfR5>zRWCV@=%5I+{4G*sizW)_;ty2|!L|u^CDP1kL%s)GqzwNF#^M5^~
z!!dGW^_2H<7XL^7y4kiXLIYbFfqKP#;n<e30UQ~L03PZ;z7|XG_8zEFCOeA9(GntL
z`H1O=Ph3`nDvZn<TRZ1&h%rR**~)wyr1)qjM9o9>ulVhI#Y4)flAyou(yZW9Gb?+j
zM7;qQ$iSJH^tHDC*qkkxIK4#s{9o<H$9X8f7ShotA{cq`^r*oUA^u^PD&&nO>~7@!
zVP#5hfj?-y9K>GVKAqEf>H?qaeqC*x=dCsG8z&k?PswIz%vQ((fNG!Q-5T>JEkq4Z
z+*D_|-4YVK>1`e?j77k2p_Q?)KGgkS%#uPI9+vQ1I2tBHCmMEvvmP5}8f&%;xaJ8_
z+cWvBQDH^s|I+>w&dKn<-^H!^obrZdm2KLVN8U=shk>PYC!6G;J1`UP^c@@4`I9fI
zIf%Y18Yg7xfA#HiVvNJ?N|O=e6`P=|h!KcQMKG2!#eIq2JT^Q65lRSDpTJsY1fHXe
z%b1m~7{wMD#jle1t?N|=ex;WXn~P8q*5uY&{X;Mp`5I6Q*R9ErpbW~ypsIS<kXwsw
zZ+=^8P0HuvWqru7q6MtAF1?wkB5|{Ori_^#br%^WOeK^B!Vy(5D~Up6EJ1Dc%v9~l
z^3fwrkhpFtT%fmLbB;E7HMKGv>HA}%8@&cd7r+@ztIX2Rw4Czdr-?$IiLnU}FvxIY
zsfD=CQ=Au1w9PVfijVG=0EHkN1V=tDnA+^&(H*K@%6L)yGXbwI<vtZjjD?C!e6h+R
z5hg7|!dE1uRFgD51sm{P$6aB}L0u(Eo)kyf9_Uek($-;uKIvc}eM@&d_bYn#2ql1k
z@Rr3nh(ax3G^+t6Vr@5M4sKSFtWEm4!>~Mh&n5p0J){S~rDdGU7=+A1fYi+urFaGP
z7ehON*jG6Q;?>c#+Er!Y=wXroj@`t#X?D1w9s|b<je2bhMz;(PeskFJ4cKG{x3o-l
zn32`m^;R|0(0I2__buhsNGH|>lR+Pg;_l~3lGj@Agyg-vR~a(`J6Roo)mMsWU1|bq
zZ{_N&R5k!H<j04v+!CDsc3ZkHO;b>7k#Mvh(qoab=QmrrLp0!5V|o53VsU+d^IocZ
zVeIq!I|GiIue+l7QoqNCM6#LV*mYwG8+ne1hNbjLO&mqVZ1{0H#z2^E`w5Xa2tWWn
zUo8ckj{K!)_A%xYL7XF2W36wkXAzC|f~HOCOQn{BVeSbz-FVUDuqxfbl%O6+#*~Hz
z!=xtk1_VPi$f<we*8{a^c%*I^=@DK^Kbx|Ng&3rK+fUF|9vNNYKAV)dH#9BZdOKef
zAMfi)u3^!_H%<JG-h9{HR->8ieG~?Nzl~y=3(2*q^EUg4qf1%2bKnd7({XVFa19$%
z*9pSXMlal|Ll}~;v!HPEkWq$-Ng1N}L%$PzhDG=?I);v?YQhtX8b-HoBFOGhR{@Bl
z^iZG10j4fa`<3#$s%Fq*HhyQ=ZvWB&MXdeMvy$`G++!tr?kU=}UyXF?j$5GJ6<-uK
zY#&+pUt4#0{(g}ZiM$FpF9m>$ZG(hP6M)RDxtE$(iqXqC-g+aAzsLOtQ~?JAkSOE%
z)2-67(#)ntvfaS^iC5{V<4*2Gp6uTXV9bebt5h%<E>*Ct`RI5smuc|axiI<RFc>D+
z3M%FYp}Jl?3m$Sh2fv;a5GN0j3|0bZVmkGKphS+Io+Px8I5(b0OV2fw4#VoUR0^+3
zc4gFN($)dmen<=4ps)U=1CSGUyWlp+5vQcT?n1ychhf~9yGFFcfY88Cn0qix6iY5@
z1WKAllSk<QDhd)=0Xd3&*4EfQi0&GmIqC1JPfly&-9FA?{WmSE|I3pw-;9mypU%og
zv^o!3BE%?&aQMDR6q4m%yXB01)zv>k1!C*T2HDXARuv8o{RJt@n4bx_a&IRAasUUU
zo@JIts=4VbDxz{H9x}z;^*&G$X*XqM_z!hUuWjJmFEy84Zi8Hs0((Jgw)B|v73NT_
z$4f-Cc%N*~H${RFvg-1II$(zyO{{Rg6x$p*U%0|6qG{7f$p8pR8nikgLi{WClp8GK
zR+wCC;;wQYBRBq!&}eNM1GFZ~hq9nD-p_cfd{E15mBz=%zr2~;QBVl;^1J^gRymC!
z9O8z0bSu9E-K)@d<-GmnV7M^>$;#-&@8v#N_t&==M3Ur40oznQUOb1_TL>?6Xg0+N
zzFW!28c7>y6coBZxX>U@6j6V=y)V259EBa<HsiG^h=<0+kDE#EgpHXl2TzK@5i?z~
zi4+5F#MDB2SD{yVvaRqB1RvLDFqo9EK3s+MZR+$H%^|b=-I$vrQN`$>6rZGrLdcrf
z=>!)y*Q?Iq3dL}qOVxZB-#nzVPPH*u5o$@kFkzZjb3({CO-!c?&VRzX1p$rxlq8ss
zt+*Eo>E21Yi?ZnmKY0I?-Xh_HQUOxC8WP?VjPS*fwY1ggO*ND?#mH!U0KR~w_%`cy
z7y52BP+j<;;t>xC@LavO7>$H;M=sY0Ivk=Yq3mmq)5VjW4}j<y2;x?{?7Et~%ekh1
zBF%le?$?C#D~8f*LBfF&nMSNe^PaZI3S`x%-d1@6EoMF{NGFVuD)wU<t3vv6u9XDg
z{qHU=6=-vOkjwa*Z#IG+^vXcysCovo{+M=KUp&d*S91b=V(m0wk@JI&9u^8RZ%#oU
zeixXtw+)He<P>D3Ze%)g^eMAokbrLyLbmKxfIY@pPr9UWGo2wy_u9MxU`OcuTkIF;
zm9^QiE=*K0r$$%$fhj>u(2?MejyJV|tAP<Y1=PnMGAj4DB=LhS%SxHET8(<SD3-QQ
zBIv41Pe|M64YzUqTO1j<5Jd1Fy1=D^)t4Y@hV626*;*ea9Jy@gkD8F^L;Q0>#2F=W
z%)Q(x^4K=sO=0YL_Y@_mB^rKB6cn5mkD$$fWW<d!Xry!|&k6eVe;bot$bvb`Zs|M8
ziKqcde~(aHC-V>h#K!`Zyy_`u{InSQxCqCgZBX`*+A^QFjfTT25tsHZ$>AS=Q*gX6
z$n((VFiZLus*#m3h5^uTkP|{3L<fzXN)usrAPVf1jA|N|WWndV|Bdy*@sTa$2aCc?
zF{+q(@l&Ufef`@Hj4)8%THRUZ#Sv_x&q~l;eJ{+^%oYCP>wI{rax^JhE$$+-(FS;k
zw&DAw<A;Kl{Z1DQ#D`42CipDhZ|K?><ulP6r9V|8gWg=#oVpB2<PGb@EOai5>U9{M
z7zaFh0<E+4gbHAy{W<mReLifPfbb#UR^h+fQ)|oJz^?0E2jn-7INrTW)1H!qsg*uW
z1IP!fXHKRVvbuV6f&7}00s_v(#9}_Y3<ehxFH2{m3U=KNPWNuMKDjE+(TlR&x6l){
z%*OX!^SoWS@CCB=-HYdbd*PkaHaoG=xhB_;kf83EV8e6)-SqZ>IRhl@p}F%z^d7Xl
zTw|>hlyRK!$~fP{ZcR2%B#N(mNGo_ExrR}ovCJcft>rGmD`o4tCs3e~8fFKrIxjaX
zKzO^gU|9AD(cmGu-C)K$(J>Y%dY*wH&9kmxXbmal-b387yONmPJ1>B{=`7K<qTSXB
zkdh%bDfv3~=Xi}A=hVY=L^N<*k=XG1+h6opovh5s#fv{TjQhl|5rhBFep%1Y9%oYg
z94$N3egJQF(r%x}FRId5=_i73J59B0HF<=xH>tDyl^MjXT!t*C;TT1^=Vr~}GmHQ0
z%(?%Qq5gc1zvhR%sRJNzCSB&4_p7QVKh(+S2nZv}FQJBa<9eo|{oaAlz@zQmb)?~!
zJc%i*%Ml%2_-Q|4d{(^(egv6YsyNzoRND}_OZt_X{Ntjji%eZtd)um(6&hoTg<BnN
zlzXg-Q}qN;q4%Hz{3cx*J%5TG%ruE9DrV6VUx%jQgEy!9H$^k;eFe{ec1Y!N?`30|
z?hNMlhnLA;xN7ZSi74tJ#t9XlnBf<(m&t7tt!Gr%9yVh$o!K6-3kHF3<6ME$>{3;r
z+&w1uq!Wz>(Q3Q#DUCD-__B8ss!duts&sV15yRxg2>m8DPX!HR=oVTKeG`QzGiouN
z=oPArCxRp8Z*;;+AOcrUlPa~yP>*fZcsRpid0&cua_b#ci;7AIeHdJ=!f{!Bk06XW
zE_!%>S&9xA`eN>lPg<F09r+8Ypu#}Pk}3<UB(k8t4Sut_cmZ!Rns0Tl9ScQ8*m7J1
zoFD)o){wN;v#Wpcv|I_AV%0CNi)bn%W06qJAhST+io-0*3MgDaS9u<$y~XqB0C$ml
zJv(L|u)H!w>3dtq?p7!pa;TH~%9s(p<PBn5l`JFbBK*y`!ka@q2bh2vH9W&>QaD^y
zHo%0j9sCc&?SjM|kDvPeYV3j<afL-iwjLl8Y+IQUmy(X3zN|R=j9R~r(=~^Y8Y`t&
zwk86e7da$No&|gN0aJXq>)&XiqsQ5-d6tXe5|GOUMSo_5$gETj*c$v)hUGI|2D~-!
zi(2SfJC@32gc^y}_&l$QS(Mce6~IjiY%juDPfYL(Jx-m5Uahn+7QFONl$s4ZoXD4X
zB0JrUh{^TVa%5dKrx@(-If<4F44V;~mxy{?O0WJCcqdeo@79mc^Z%iOUdz${mSj@U
z3ng$T)gd|g(gAKBGrObC&SXzgDKzL^@7q0SdoJ^_6UY^z)Lk`M6)70*H)tF|M#g_R
z`dY=F^?XNQ1rQO6OfZpZGyDL$MkSYpA)=(ej@7oW#3i%-MVSEj>G}S<WsR3W7WZm{
z&IUs|KM26eK2UT|EwbUY7BdEp4{eA6VB>RZRu$j=x>41#Ku{AVXI3OZRgUAM_84?h
zY!Fs*S~?yHJO+JW$&Kj0ugK^h^#q{)O3DCVK%l>j0Q4zZjm7Mgl#YL}wjJ9u(B&md
zMOP@r+4bb#6{0G@9^s@`Prh$AFRr26PLSZ9IukXHpG}o5cfHb>3z%&UcuC0BA8Jrs
zd|A8ao5lfX>f4{p7r;%E>5gW0t?7*PNF*CMgNP9_I{DtSa+KBSz7lF$)~&|D0u;UU
zLNb4ap};8eD1Oh&QsQfwO~1+o`cyI>p0RKltgZaU0*|OM@VJj!1oyG#v`|8qx6W$M
zU4RAmKgz`GO7b4*ey-8?g5x&eKL{zDfO2pe+k^vQqmzBoW6y3?ksCL&r)GF#X>iE(
zh6~~}x(Jm}ca(!L314=pZpJeXZWH=dj*4tD2hT>RZchlz`1z(?ITEw(U-Y1HJD+E6
z56j<8%=3g{p&XKC^C|9rFwqD`H}WYcSWgVdd^WK0ZBF*m)=?N*$8WR_KFz2fsLsC@
zK>6<pJcK_U2l+l`R~P@Gqy<3y?=;b$&QYp)L}@YiZjtKX4XJ;DeV=l+o9*q*Ri;@Z
z>bk|6$L=wn*5_bE{C-Kg(6@lVbB%+Ca(<0!ZOV=T-LSv7y*b`?uAiPCB?(qU{`#15
z#obXaiq~Q0txC<)!UVetuC_+h&DJVSd(>ZXFI=*X_mzYFDgal@cy?^~Z*XMeP=;us
zW#Whb&)fWkLKK{-Q$HLfIF+z)k(s&C!Q&l`W^0l?LHE!aSQaqBw5f2s#wf>Q!sc$Y
z2zkztU3=bX$ktg)$vy6h69X(^XqEvVF*01)^WQK>RC9jv8mC>$p$6FFz)P)ii)2`%
z(^zlW%YDg4D1f8bmAZ^Mw2;u~gVVq&sz3@TxhDE$qG8mg-$^zB1Q$iHO7=PW8j|8A
zba!qz!xj93x4=w+rnH<Y<K)X}m;~GpVh0DcEPKG1i#ZpCGt1sk13YOI7=33J%7rd|
zI-lTg2DwwxP${5JclEDUMX`M^3ZTK7a;OjO)3F6ukJY6mr^v$M(7gJR{i84phH2!q
z5G_VX#xuf6OCS+AIR*wsMt1#yQR}Q?I){t`Frkc7!HCEmB?g_W1)~$E%v_h_DVaR6
zs?~qYHXUE420#Kqipta;ti!|tH7l{6kw#ovLNCuMc8EI;(pkj7Qlmd=Q*she^bvgs
z!S(BIas1-BZKA^U(WPW8iw{5`ql;!;m(^y_L_(%1m{VCuoe*uO=$yW-z@h;c0HyC+
z4zcjZ`J2{V|9_T|1_tZhac2&ysb^Eh*rC280==5<lXgzzUMa7=>`#NUrdgh4h%#kY
zET#t!niYk_=B4pG>G(M-cX@1tEb1dh^r`7Ekq$GKi1CW*L{iZqc>FW^pL1_A<n}SZ
zZf!hG1xeUCgk;}ncS+%zY9<DN2d2U|J^`=71g%Avw2{X9s^>&M|7R*9PdtYfIiCQ~
zYvu;T^-b_1l4dpAIA@B5OMxx$KZ2}XO|KKP*|u^is2B_+)Zlpq1ryB`*O4WX)vX1r
z@|8fE>B$C@q_Ey4wo2ESg5ft~$R?C2pFiy`a4jkIwBU>P4+X}+;I~XZ$giZJn<JjA
zq+sH#TAoL*NFDU4D#5fJA}i2WR-u90X10@P(=KfEmDY6eJJZz&`TFH5lK;qMP2)Q*
z56)*+QDQlDazj=$Uhz0XIY4WfWpx<*^{G#-k|ERzz?lJ=W^S1V`iP<ZPj`=w-SDg)
zl085)fCZ}DY6f?p;#W=>zq8X+t_yvs5vGyBO&v44a1-}(TY>32LAZ&U&GnUc(yY|{
z<DvG$G^W+QAU%+{M<(v|)Q1<u6s8$XopYHm>N}y<Yxb3|hRsTe*VHNlj-_XOYdiw|
zBHo-Y{GN%m3csa%WYg!Fyu1FLMek;|;`rr<fv6M6Rc2n?BIC-${Hv%hfn6LGe=(vk
zqL`2r(@spB$jCmZtnNzY7?aexh2Nw{Fk5*OnM{Ov6(ueo(js5cd{}6VwD7j~`$5mv
z-o&Umr@E}!o>;vbBl)!ZTan^@rs4V~6j-+qB_&YMPudRNo9mu!Wkw9cjtonkJXjQM
z9*p6!t;kxkx%{=I9G}n1m%Q0o;^ojk=zv*CVzwHpqbJpsud%X4CI_cfU2EU9gX@!y
zo~6*R5=i8O<UM_SFZmDT0mh$oqq@-<q^NwQ|LbaR-LqX}uvS-ZzQvpk&II1#BS2_i
zet7B-V!HdSnHXt*OfT6F{ETDpPlr7~owxShH{ztdm$S)m!69X9_Z_C6_P?vBrhD<(
zB}(S*0o|~_yKG$;(a!-7tZpA$voRp+G!8;sgS5AV!wu#Wx)O|s5*)J&9`y`^=*&Gv
za|1w>L@7q_F6aCc%Ag(JW`s3gGW>V?`{sBxxAxVAEMsOd%U|~@x!s+UGF)&1Zo*uX
zd2{WYH?;iiNV4`^0015Q+t>tZvSIPCw7KNN<E8Sw8yd)>Ey3@U-l1i{lQ|`cW=lUK
z#<4u<H95b%vbDehUV0A7a*4+zd%LmkmdWkO=~+r!D5t>EE=hWzdOf5grl#-sS1*L-
zwbxS&34JNmd>3wt;vWKuuo`A9>rj}t8x~9PoVFr!)`G$}tV`U-pZXO4XD4Xy$lME0
zTQGoKMoZ<%06LZ#sRg)i2{^+q7q(FC&q-@tndF_HG`&pd^wPglhySmCGo~5K*u>>~
zAL80-0dF#v!JOb%gGEv~7)0H>*VgvkgU))#5Zk;A#dnQNjHOdneTo&R8|>kz`nK48
ztyMt3-YdR}b@l=Cfe5rCKB%#2+A3sNn3DBA@<6rINcFvPl|=C(ub4Lh+nwivygRCZ
zGPZWRyoFf{@-&VOS7asy48-~R3a;-F9qk6IoA~F0ri;RQl1)clpW#>{Q3OIs-k|P4
zX7*<yZz<Fc5Vy+w^dWvke=%V5I9>*gW3n6pJm-Ktg?~Vd9!XT(52o7LD9X)=&vZ`)
zS8;BpajYvqXT2p@nLBE`^O#|ag`%9LYp|<D?J0{#<<aC9Gl=}b5cmWwg8#m>AE=9@
z|4#{+fikSMD~_D9$C`p3p|FXoKD|;GTA7$6E1v7J(86h>@A$`FOFSd;RTJr)6n)=U
z(vZT;FKC}sLJ*?yeA&BQ8e4elkb^t6l#RiHqc(Or(;=^nfHSLyn~@~~iam}y`ZUz!
zziQRl5uR+@=#qFn849=szMdnCR~Kj5ZUXo5+2t?0g#|7E973wqZ4=H=T4H@Ik3d2Q
ze=#D@Z)5PVslzL~#*uA>`y>>aT8qQ<(fm)ikh;Rk_y19eEL|zMEE(EX+8`*h%C14{
z!%>|ML^_a*YU?BMq~hW2C})J1r<iH0)2FPRQYINyDWdVNeW6$2teLO%i;7dsSR&ZZ
zh3TsA&U1&AZ4f8~JQfDT<UGc-t+ocI`*s#EKh{6Pzuf9yF}HM-cR|ayY?126o}Q>T
z!CfI>uiYkFV}Qq{!(O6KeEHPO=b@e%$@IHa!6L+sv6<DUEytOFQ4^8%R^XE<hebY&
zv{;gGYV}Es1AM_0ANVds4Dfz4u%BwxOnH(-UP|%81KL_?*bnt>Szt)|Ph0}OBFh{r
zS|=8Kpc<F3g%4#LwifcCDhvAy<m)vRYzv%NtBF<fZ-|LyaH=1X^&S~E!?e{k0UQv4
z+evP#r;^|BZ8v8&&l1&>^=>R&Pm-S1o@W92IKFmJuUy~=15c!X^}+SBIm7!C?WHDA
z+MeQD^3=S6dCWIE^g2)2V1Zv?wK#p~HX9sUv>)0{A5vE!yHs5xI!A~}=_u_u92N@1
z#S(jd*wr<Rs?m$|tW+1}xT_`Iv@d8r(7IJMy(Zoa{h!Z=2V$+?Ip!<>XrR#jKOv?`
zyPFKB&IAa`SuC@cXXZ5I{4!?Uj&{h3yW)$d3!UvOhRBe8_5MPz?0HUT+-`5(fW&-P
zt4rlC6u~B%l2!a|WHlF7poCbiCo}WD#{r=w1Z7L0Pen!nwyee7vQL4C<{741^uv%`
z_b3KOrk@7UF_{y#<v`X;JuhqECR~&|kCFYsGk>o{Fy0@vrps9)L|)DmXCL><;C1sT
zyD(X33PnK5fhnWItM7pc1Orb!H;Yq3&-jYUOj0mVBuy|)N|Zlaywvbf6mp&scW|rT
z?uijw)+R5Vgl6(3!0}EPLmnKL*muu=2(k-e;VKA26q4S4MPX`L6a%V{?#RbbUhYPY
zSWipmt?IL0CHJOB$k_E40AtA~%BYTa!VS@vm+jx;umBJa=Dg?&5cTt&(KytM%jSv^
zfOV#&#O&yZe=5Cz&z?2b0_r}tPlxT2%3*1)(jlW=><t$T#;3JbgEjy{<Ik$$rV4}o
z)QEQKs`oyRnBr52^GWr3%B5On%=mJ%#|5EiOvDRr8g@!Ppnae(hyIT`1>!?V(9xwy
z&Q<hSg9&9s&fmrC<l3%7NU8u~<Gg@%M`Y~QTR(E0`pB;1fIO;%>?V?j-$crmm9x92
z?@x0E?@-%#kyHA=+EBJvIv9uCxD>w>Lns#<-fO<;=Siy(_Z-bhVP&~~B0S1)1-;Po
z^B=>P-)7@Yws^P;7Qn2YNLLtvL+k|Li@w!vuSk&+$LGaAG$9LrOj_8a%ikjyHC}Z3
zm#2;9oNuZ5JUPIoV7Y3WTl+gdr(W}ymgtDOusyF`?z}UfYaRr8Oqddyt2iNV7Q?5+
zOW!Dg>f4zUjUZ8m>UMslEpY1bHbLX%OJ+a-HH$}EN0zUO0lrTM)^>7t_EfP9r&^st
z3(EA9;A5}sHoo=%%_pF_lk@`>vw%hKNk-N?@(|YLcACNY^XiyMIK3QOO_Gv{jfNEh
zvyCo;iH=(i8V$Xa(Q4-po6wvUffp(8WF?xQm^Dbg<^qTuULQXgKv8M7z=m*j^}6Q>
z##;>7D<XZohOoR{L6HPXL1;)LfpS5eF0ZAMay9)-fGOSkro}F6&G4obZgt(=DRhj%
z-Se|SJxenDyzFN<7_s_Pq@gLE?16c&8>}F!PjfCLsV{X-bMFoE4cm3?M#dLK++4|P
z(+e<00*PK5N&X%U(l8P<<mnb7`J!V97g1`VSppqZP}`-|P{?D&YtdUBcpp&(Ki#UJ
zA&de?iC4LKob+eW@=|0kHYajmubTC&bLKUkuJPK*Hq9B|LdROXy#9#>f&B`afi($*
z9|#)K7VWwyioz@1Zq!HsvDw(67-cDS`UJ_t0CWB>-%esRRupRw-;wlTI3}l#5~WeM
zP=Fb<P>3LKr+m?^`Fz2vtiLi7Ep9sn%y~LKWJ~o!1n}eMFh0Q)dZsB4f)vLLCTte)
zq36I}oElHBypKO)0l@*5-TF8<`VV^b$<XziJ0sq_#&ZG~60EQxF6C7d2acG$8rwWW
z4r4jm)HfoD?0pr;ReWx{3HS9Ydb&?fvEX^i{C`oR^?rr2b@%Q152uWvBec}K8ZHDd
z*7Kz|4(i;|r2oyC0r~IxTV+H%Bsn<&mp77V)iXfHme52LY{yx~rDD(PfLR@uj1FmE
zHr=b@3%dXH)GXwUvBIh7xAIX`xb6!4hD{fVkR)d?Glh3BZUNo~Iotq@%03eDc5dIc
zSPhtX5I2-D(R0IOGzswSg4oaPDy1sSL9Z*2KEXcHufi?AR+y)Ff?*?Vf!S~h7I(Mk
zcrvA<M4J!Sk$p{lz{QKoDY;Z<j`}324q$P|kL3oksl10&#@VOUi-jv|DCt(y{zs;a
z@mlI#9Z#b12XYI1-@%B1{8m>P|NNU-0u4Z`T;E2SWF${A=6@%ij#%JhdxdFO-`3{^
zpV6K#o}L}+jVFVg803^)MxC$f5ybob$l>`a*v^pf=u|s$=UpCqg}kx93N#VQTc!3P
z;Mj>US6^LhbUc(z))t*~_gsMm(1CD?r1|ewV;5}x$2@95!zvpBywQhVt&$Gli$(yw
z^<__=L4#RUvw#3pvGknP?9n^|*u)t+xQFc>DE3)YA)F!%e}BkSoM4=7xXq5_Qh<>w
zVsM;-;#ro279M+oYA^>K)^gMVy55LOaQDpW6AD8p^ySKJSPIDqyQ2!5!2KBNfd6B)
zMs7GtwxRSGiZ39dW%d9h&-U2^hyX-dK6OIvC0K?g0fyugnHA;vqUgk9!r!#6%_XAV
zB`oJu9q)W8qOZyzOguI?m%l1Bhc0EOH_{wet}Qj1g2VP7=*NkfQ@bjMh?Z`R6I{-6
zB;Q4Ti!PSR1Le75cW;k$TYX^bA^_cvC!U9r!2hEHzb26y0y}``+LWE2sWEI@%O@~D
zQDhnc7|6WfA)V$ZP`00i8tM!~{kQB%52pk~LF!K9Z};0xRH0U@`crj}{BC5h5G$q}
z{Trg1bsvfV;0j&%bi?4zAm0!<D(T6v;jDG#lHjn9fZ>wh3s>h0DAF7CZtLG@qQ+yM
z+5_&iL0<l=xm<z;fYz_;Er)k@-A8-Mgb_4NSq2r_x7)VgyYyUveqmn9(~k;B_=qs}
z+xrLfZ&+^zLTk!>g^=d=xR0El(%=?EUqqSzq!xasu}e`+S(lP^SA`{9{agHT^@0F|
zRB`thiq``H5%GVVQrV7(xSvO}NsTxwB7;Uxw8|rj;myXtk2X?wm7=BTy0N6q+8!p>
z1zv5psE3^(F?o@^REgx<7JTpJH+Fk4%7wPlIo#)x6ynG!eblmY+UQLVxiiIvuh%2=
zOFZ<*RgAaME|#Dh<9<ij59+XQ0Dqh2@L+<R-gcbADebUl%kb1>xl_x)6@qDwqwDft
z*+m7jnmDgJ+o4EOW}yi%myuW-i?x<wq_8n~Nt3<J=*O6@HQVMQ&tCv^S}j4gy(Z@T
zt{=Ur)1&<^2saUV%IbE|1{n&FTCL1Bh6tvbF!cyW?#KELY*mZ+YB6Y}X~F_2uPg#6
z%@fcr^B(v|N5bqb1M76VRT1p9X>6L>vDG%JcVXE%sCWWsaR9W#v=QL`vU9$oa6*i6
z%+&@<Ql3x6!GNMDNX{`nFSO_mnl=2BO&nHnOJ<EcW61rryh30$;Kh-f`=S8AaA;!t
zRy0UeyxBu!)6NZeY=j_Ma+As#P0_Fb>*VSj!_7x-Sq(Rv=uy1E?Q_JJTI#qr5v-zq
zziecHpNVba#T9x#-?HTqR{xjrz_$1?)E0*cf+`Nfl!W3NkijV$X+|`>0sf|UY4!LT
z`2o44djBFzBq4vYZf%gZ7xxw`O$kUkEe*VE`l~k$nlQCH+8Ucu`EiQP#?W`Op2a<-
zlqX;=)&Sffk;9cb*nfgHNybP{5|b$+F~=DpPlU2Zr#YAs1#_5nShVe>^_rHtpIU*;
zqmL%r8Vb9rlNn{9X<YRRzbV+Cts!5h>WDn>TlN^IkDOhLR-({f`3o!>lja*pEoWTP
zY7`<6gxTIiEQh{AwJH$1;akFalw3CRNjwDY&yoGcTlqJ$Lbq$LY3z^d*hTnLozH5>
z#l_^)@uj6G8^>HB5!~cQ?{Gf;cgpo^(((;YE>gf)4B?p@Mumb0+vy<3sUxGhZ+}7L
zJR(3HeM_l7Ha-4!$T-pMR?;y&8dNF*K#6`+zg#LJBFbNKdHoun>uLP;aJ7`ffdjN9
zhS~L1>!vbU+=aadEJZfqQt{J?%d^VgL>2a38v&Cm1Ws>%%DGYSxZGt*c52IJ0q?}^
z+++GA)zWC0xV$6_V89uoLr{8~GQ)#BEveYLteG3Tx}D|i=&TOA;ceJbWKGs?lvoyO
zldTM$(4g`o`ezw^?HHXooM2jjTdh0gWT?zLzbc`qOFN^FPp}9q!_nwO{?GsbSY20I
z#fC~#veZ^ZlpSY;Ju+Q5wfDDz3HZEvaKUR0bZ~?wse^%@pqh-b{Ka`B&tJr_eK?gn
zBES9%_+V9-oodr|&$gv5Yvpvh@I@{qF$!)^AVg7Q(B55(AFk+5nPDb7#V_8gNt9X$
z8?YzEdf*=C!PZ|qqOOkk4p8wu9M7wEVnfQ1icE_iv{e!g8F?B;ULa4L7`|BqUR#5F
z6~_mAi}W{YcUBVB%vT8{f~JT-NKlo6{x88&?Oea<<SWZ756&djiGa#}!0|-mvDSbg
z7d!HdL0y<v`5A@w$e;$O0-6r(-U~Lv_MXC(zGqMUf#A=cyWOuSZe0v?fq`)ym1pMQ
zaspd<4M&gDN4mVup?4?*Vwp<Cr-^|s3)|1!h1Swt43ZlAlHNJ~w~H7S#)D!*hInh1
z6*-Q8Gq_eY1C#Nl7aH8^yck@%X;j9{#bN~Ca0)a6SZ)GeEAV<rVf_@kPO}9?d*4D3
zob!GF71<m<R^e8_Em)lNnDO*R0&97GW4I+M9-&*-RA8OdIm?UIB}fWW{4l}Z&64i$
zS7iV&GFX0Dgbo0)WyJOk$Uj%W5G&a&-8Z&+-dyUa_fC))#y@9x!4)RRjpPRfoli0@
z*rLq1IbkePFJ6<>%rhFaEc#AQDX+6Cgme^7HBzK=uyE{{Um?#qHyMySQg{_mdlu|?
zMmO-wz+yl=yqq!q7G{EOb;X4m*>3W0UAm?QpAt^vX<NrgzqAuAP<g<}XclgTBh`Al
zA%-Cu3lA1O&~GN)b0XRHGCHaLy5!>7DI+j;uSw0ibA5>_Dpwr=F|~x?o%QWTGM5}N
zdv8ox*byRF;|?3%gUz$R!^IAkcCjiAS+%S{M*F{tV%+*gVUvh_1rcQm!VsJIcmL>x
zibl<-$*u5<F3xzov%!Jk41tS7&iwk1Es9~bkkZKR-mG>~f0R6#^T#V9L@lTI(XB(K
za+fY@%Y6brep%|d#P%TNW<R`BzlE3J^8|0F?&Z5rwGFor;V$}bn`NYr^&9shVCyP5
zA`LU!BT{rZy=mUQX}=)*J6q;y3OVm70s%YVK&%o`VMsd^+bswC*`@shQ1`Y{v0|9S
zmVgb9{K`<qUg!Wsm;pAd)FjSiP57Bd*n@@2Xm+oO4}nm=r7nXMDvu1;CD{WKuby=X
zN1@2Z@VzvXwn7Mz+)!3<Tup!p`XJ4w)}oa2Qpo9ba$sNjcsI+8k%&iy(km3#kXK4j
zrfel(f20>e;+Zu>Fc9<QZaldn75D9_yvk^TG$q9H0E~Go{!c#Q<Z21;trh|N+*$f=
z$BD)pv@691h<9CU-mIet!dS;#qJ>>0-!Y95L>2y=ed446Q>1HCqfUZePLe|M*@}?a
zIgO#Kt<F)Rt=;H3;j@KCP>{QkIb{!nO@$?n*91GUixxZFfJlG(vT9_nW*b_yr61`c
zrRsIrRCg50&Q{`rZ8r$V-1Rj3moTgu4JFDn-|UXK7=<G(wYeWk7>Y=TfB*oYj@XP!
zu*B1JkVZUhY;rqjI#F3MG_%@{6*O3_jJkZIfzKYPQs*k!QGK45hT0c2Y-9sx-Z&)v
zb8-tB83u%;v;-tE{3emH6!VJ7)?80}3+<}R${w_Hb6veFo7uWW&J8mrGjKuCpXhs8
zDhXfdB3h?ft1n2C8g}CD=~<t`3G2=G0{e&4xUuZ&hc<qFw^&`(G^euSjz(tNX}E7l
zL$@RT%jzgcJ-=YbCq=V?wpAi%=Q);h=f8_Wi2oo{;vhJF5HnY|-%~Rp?fWcjIrfy+
z&l4c0KS>IbU?uP|^(Y5yxO;4vi`v5sl@YvOD0EQX`6{{nI)gbErQ~{rAa#^r5jHzd
z9cBGZay}^0+hH_FXfB?&^49axS>rz`{v8m&kz{F+A=%YFR)?w^)W&i2_kR5Go$?J_
zZ0pQRsOmPItxsPBDDy^9Y3ZkA{YkH2gRh9BfUvGiCU7PGM2vd@SqxO&I^v)bx9p%j
z7%~#rMA}^~n(gT%!G+q!KQx5>g2V-(8;yK%!zrWpKE!1EGK<6=?$D7^@QG+HF*6Wk
zX6Mdijfn?oM%iym_yQ#CW){b|@SPyjPO~W%;u&%%b3R%P{WDsQYtX#wd|ynWfVw0-
zrE;<3{h`*(!jyFwU9-I`N_t}>=#JR=_|Wi-=y1Bg)hR71*I5@1ipj%Q;vEZ1!O;_B
zr2)<K!9d`zC}PU>dvRe-#Wg@(O;CR*5B8r!vBz8-{<e`2Cw&t_($SgiM!AmO1H`+p
zXQh_iU23Zro<xZlzjIp?WEiB8+eU|G@<DL*0DG;-K9%~HYD(9`a-qn=WM1|GM@5$d
zee0i~Jmi;@fxfK)LRCFFA*oA-nT;@U<XSVb`<>k0({W!E&1IHatXjod#WhhB^5P4o
z^-2yt9{>g^52Uq)YeO->3tIdi+4U60q{Gu^e?1(EIbPm#iu4?zK18{Tl>Cq!CR#(9
zGhue28*9+ZDm|-*m)k%Gb)^1ge<HG$_b0TQ9#0t5I>auT@ctJyjvZ0W*8aqiLDKoq
z9fnH8J>z3zP52YBc}l*(H;0HIa8X<@h~qN+_rK#B5Q{D!G@5-)cXYxH{}ytD!ShfO
zEx7}jyI^W`wjJ==U@iB4#zBxuxFTp3KU+MM^m`f}TE<DT>>ZQIgPN3KjFt7ETPbOj
zSVQD?P*b;P-4BRp;L6BpsGN&Z0dHj8XtNIJFrcITh_m<bFT7H^B~VF*^E&yC`*X9I
z)z85(3fP+4j55g9Q<d8g>OEW)Q!@9GAA7TmG1xvD^o@APvLJ!a8A+WbL_r^v%dqT+
z=SVr6CuR?d{rqS!+W(u_r#v$k4+!+4d<7rr)dcpalawF49ePul!LYa5$#7W|pi%8B
zc`QLp<ILdrd9qQ?2I5~ecr%4w0<r{=fP+*f#CmzJre}=On=({B+dd8aHBllj&eoj}
zz<x${de=*934oC3@@M2%^C}7`wQ=8%2z}d`rI;hy9gd9yX4V6d)#Z5-Po*`!O*Q-V
zDVym4m~Q5yeG@(U71N9vbhxjrPYnNosH>G(pCv$5az&e;w-Nu3JyRd5BbjvS&-aEL
z9>Ss?{wA;+e&Z@>);rq0X6mg?_2SL{ZfA6MZo3it1izb_db9ul05iTl9Dm3~5<O$$
znsB1Q&wS2(rYDl5VpAK`mNTv1oX0!RpxlasT(YW7$Pevt%`wb+oP8S-j!khHv2;g>
zaxFzc(?G4ikyl3tgdCF7PU#W@suFldEwEWH`UUZ?Mz+l0iNGB!Knt}srL>p5C+|T?
z%m{9X`jwW;id%yj;wp+A$_{LJ^}12kVfIO0d$5@drsCQdtMH1beiJ)D2-zGVWvkC)
zzDRAt;&Xv7xj875g24hL^TyQjfk|>PWU6S=)&gOtXtY6{jmZ&r4KL22nPV*&vPvx9
zw!<GBI64i_(+3Y$rP-T1t^bciD^CD1uUQQy#@Gj0lf2C7nD<|+WF@;uN6>rtsW=UI
zS*=js`H31N(GW9Wad&Y%#szZ=mKABXAPdThP^wn7>-0-sgwf$BORdDt+!w-D3dP85
zIc&LZ2A{2Zu0AT;iKuzdw@=5u3OQ=H^vE^boO=(lU!k6p48?t$*g(b-Q16G}FO=rc
z0E1rHj*lJiN^qtI8kR1NgpFbN_{mDjxJ@^aqsv`a;9`$VS#3OqZWPNn8Hc+O6j<n1
zn5+nx;8K~-Czez;3$ogYo4K1$SShqeA3LLGI+~c7Q{q|i&tO~i!0-13R*8rkBP6PJ
z8Rfl#;BluO5FV|9{ot1;00?ze+QQHn@5+jXnr6u?Hr_{#mVFhj|CH|<VM5dSfnY{W
z-fDA}WBU21*b{2fZIePrbTQxluXUHX=>RZ$?#b!_1N{QiuMmhgoA#u|dIFTMM6=&?
zqvW;|zc?BhX|F1$iR8rVI>I;#trAtdt+PW2lm<mh$R4EC6~qmSj?BFY1%77lAYYSA
zjFyCicwe<@?1;}caNIaUI*_0pYfNeC<gW{O4%hu>ziKk!|3F+cMzUYRj-?bdeM$g{
zP2vHswE4$UqRI>?!pdW*4TwF~fn>pd#oJn+C}}ZTDx(9ld;levjhc=I!$%qQ5%JUG
zkOzX2N-DMjwbH!Cs=RsQN)G$Num}4YNb70e%A>VhF549$+Pq(ZSlJ$pS1t5hf}j^j
zB_BXwNObSvB1TOZ>`IEn8h$%V#uBavD*ylh000wJjrvA?_7h5_<a@$4OUdOti8EGP
znG)GmWWiPEpYT<gunQle+qz)^#AN+HZPLc>I*k=Dd<y?%l8biH7}*QpsbeyjHy>rt
zmI$-p2=iA(Gz}5J_=!)yk*ljnkW!hkgS~Af0fH(rb%lm8!TU(Qf}lx+S!fA-W6Aht
ze$cbhM~k$cSa45!D80)e-~a#s61ega5g>q!1L0~FZ$YFtqO`Ua1B;b=-{1w#?X{Ue
zh?JOT6VjbHY9!)+aq$->eD?r%H-`FNclTguY3u_h^L*HDfd<)Yk?F%Y7)Y;G40oYq
z-=k!4Lp#uMF_<XZsZB*gtgeGg>VEA~seTN+oc$8i{xpV_#-Mw27}<T<=n4B(Bwo%|
zsKOjpKbdr%qn>3|m>cJK8{&s|j6N{MeLUk&e_CGF;H<H&m5%r3I}kGdZD|N)7aHTr
zF}5D99V0HkrTBmVfdhv})pBAg<`OVOTLDI8<$aU;!>{+qM3`?#fO92{q%+u%VNwzk
z!}5~{kH}neP;cKhRJ3Ck+?vNW`{zD>0|c>UsYRr>p8R8k-@p@~5x2PmZ|&T7#{5Wo
zi<ye#6{~(SC?$?(BvSUO&I-hOgkjUI03>dVL$2PFo74p7eF|PQeLAl4aZddziT;=O
zpUr!d{PXi*$BH8-9GfJp*Mc(QPdtm79ZTjUhKH<pJA<?@f|9|SRk(_#$X3_Qi!0h}
z^;iMNbbG?0xorvgy{`BBO2o86*}Hz{9(z5ah5w^Vi6O~MH7x+aU_KnzQlEh4)bj%>
zp=w)C{~l;8N%|%vQhPG0gF#_4_IFl7Bub)t88cYuRG`1XwnTlQN%A&=9d9U-ygJ6x
zp1eAuKNG*=oGS(Z-mw5rrE=kl<pU%wjW$ydm!(Ve6xICIklf@$_=Xu0k**~Zrp!Hx
z?{4pI<hF4xfFTbDs{G!>IfvLE<SDgbr85mFp-zE-000{hYQ<UbNcX9w4R@8?l^nPp
z{B0MjacCoDBa+(u192_3+l<*aL-GEE+Go92?rRyLF*sKC{6q&fm?X|H9w)8ZAvq?5
zL7cmz58o@ALFsjzg+CE?&B%@jNVjOBHqOLl;I?i>P(&m<UD?*>d4xeG4iFLCgm?e|
z05zT?E$T=byq0&p6QRc3+;i`<cV708Jc@p-^QtBocN=AjLJvb!hsZTO+4s+zXEFS`
z)JI4&ZSnp3ug!9!FIM3W;DvleX@j=U82pVB7Eab$O>`amNb<dJV{l%6!jwW$1e^gh
zHcTa0ME8WZW@;}C^5r0OI<9SJ>(~B(4AYx>1~fGaJUg`U&DnS;iJng$L0|cWC>Lfe
zN+R~C<`n>uOB^Ih7th~q4HFu8GnX@V#{tdV!GPrvis%0LSkY0$Br!w2;H&w5<aHoN
z!pb!SjcQ4=(+dW%n3T4>lUtU#THt4!?ZYSkywVsp_sjzwzuA}N30^GW=Skqoww+q;
z{Vc{jM?I%(*YdpTf}&)0VF_pSI2?9`qa^$4q*q=KBU%!KXJ`Qr6g<tB@+#`yJFdsv
z!5m{QabY2Mu(+B&wo;c0^Bx<?<d1bSSI8j^9Y$@0Yj7<MR1=WC4|c6{O>@MFw!%;*
z$C=~Rhb>DoQGo+yKv3K2WILpNTlO}}*lD(#iVjDXCsWn!6?x#tKxnxPiZu?ql7T64
zW>(t3P;8}^o{F%3%6yUSsoDcWm>;2;dZPR}u{tqPQK5=-@f;115=`d?QNs0a*6onS
zrqOQ0^t9{1T^3ry1T7rW4Fol`d~i-szPR)WTfJnN8MkuluxNiAM=z<^<@cr=aI_W|
zTBW^@^<@H~bb?PdT6Zl>^SyF(fF?mL2HgeW1nwC`Z#XQ5FhBqRWtqFZ?0P&`K}?J$
zcfMYkLE-QEXAvT9T_D5f<a5#!ZR4Te>~aE$ASAnv9UHgD|C6v$L&=-Z2AUx}-vu^>
zLA8Q1XRyzZ8}<-BN`<?&;oJm5I{Q6sMZs*nKuH3wOD7NrlQ)qw7`A)>001hFI|8|O
zZrxv0LrDq&2Hx%#``=#s$2EkGYn=Vuu%vvnNx7byG@^2vMYH30@z<swuZRxcmnkY0
zpG<YyV}LuEoRoDKH8@BQq{6e_6H4rj(&E_l^03_!k2y<Gy5|C_lmg9dRyuL&B^lyq
zSBRdcJCB(rKY(;Pe1?T)2C9Z5Av6X6Y}?BAbsj`M)`4p|&+Y@p1=E4Ta>Z(h=%^TP
zpZ!g=w~6KJ?0=9%S4w~WIOGuKt$_%>121pSzV&&d!DDw~Yy^os@)-i9g-~0>Vq9Az
zhv(6y-mfZPi->~w7^CprK9FUMPN>ich*-h~@_slZ$uFKE3J#)}%w0(Q;y^TIKso#D
z%u(=buM=hDgSn#8zkD)g=d{UM;?&<3FlVdizsQGI$57X0Xk+IXgL4YVMT^{hV>0SG
z&k9`B2Z9DHT}&V$7e!`#?F@r2Jxl-r?+qcaH~g7t4CVy{%V~O$I%7Syl<!7Yu$f(m
z)SguZn`<aCd6$?*BUO(0*zSbslKV&9eOYqy1TTIpx;gJ#9#nbxq=s8<1p-6!#gD6q
z3>h6PEv1Oes$1>$P=~WT9Va8}x9axp6N=>2<n+fTgF7{A6x)Au|CYBzjy?^V&6-(`
z6%T_mlhZLT43n`x>y|fv7q&zCwNNsCLqu2g!xJUvI=PDR(KEQDgMP}#BVO<tBoQJw
z`nLqBDRV71Xahf5mgLip(~nyvkdHFL$d%g@IxJ_y+{3%&FF_gR27mwnhVQ9PDDMvR
z&R#c%Hc4@VYI>BV8~=T}Z;^CFkdHfb<}ivBu>Id`>#uaO#BUL)|BEWLfw69vaSPOh
zFw~g5sb*F(mi^khPv@}b89UN`*?)wu>#sAkY8|!po)>IC_>;NI^YP|xaw`3pnsg>U
z)x%9hC-Xgy#6rWR6li3?U%;-ai2$mba&Xsg9Vq~UQ`w~Lb7Vf9e8`xa87E<=N%YoO
zy`nd-(lQzO<4(8ck<@^?7nfuzVl7AM(kLAA;r#mG_(-<EJVJFxyQ1~e3&G2ai9;y4
z6NNPy9-ky28$I287!ET23sdWFnVY@~S~pEgnOp3A@cz`t+OFf8|J-~!H2<s@@9I7l
zyDMD+U2aj)hkay#=|FMVpq-V&tcmxwYiH`}=58T&CxIWW(leQie(0ozzG@>A%|^yl
zHhKil*^!o#avH{sZ5<RJ=pj&uZ~*_$R1LE`zZq)x{_fe`<-9<1D-cmwFP?+rdeya6
ztr{{{2ysO;-=7x=hMJncMuOVjB)hqyv2291W6E2Be%v&tJGTM2)&0US$=(0}6eQrY
zs+_z7bwiYf{*)i@mL66YAztw=(32nlr~z%i)!VV&I!tM<YcBK|QAfQg1~6MTSo#ax
z3(*g0%y-W#dm1>gu8FNatiZqsqF<BXjaEFA$cp|A%G#HX+VMOF0(0N$H)K$?0t3Mi
z20xj4G)C_Z3{LG)<4j&?f~LJ5Nt4@0naoTF2l5F9{s>FJtW`6K)$E`*wcD+A0S;%X
zMeI?I+e!BXT)FBO?*KFFns3pGJSc66E<XZxRg21sZPB-oxPSov8p>qU4u&G8xj@4T
z8Jjtf1r0-opi;{rM4p4`vzhnJ(kz`QM+~zJQgT`!&=h0d<eEoTanIz2cWEEhjUU?J
z(IyHD7?x3q%~eX8*+6+67Rh2apZN@|`yGGOII|y-n5t_rBl%fmpxI`$R}R2QwfA}M
zdYv?8d$d`MU1SNNfXn4&l9}qh9X?TRgF1jPg(=W#fkuPg3JjG6@)R{EU_n;6JYWHa
zG<Oc1WdP>!Y{GY!rqn~Ab1wCo<1EwQP+m-MC=9~%`Kp0CMhyZdXg-)v_iizMh{MK;
zKAzdNPiFs4B4W+t-4RgjeQ>0rU0_G9<PXF4+tk54XIH;+FnO1apQ(%$SKWC4<bjTb
zwbZz1Wo;Bq_ZWQPlLVj|J})zI9xir9iAQ9{#8_S|U4-wGCUD9o)^k|W?qFaWbKl&9
z{GkqmaCVzYCeH2L!VQ#f_Ih~!@jp@|M04)czLfCQ02?G^XzbUo#Tkw-stE_<+LSGJ
zJbYi)Ro6{B<hl6M;vC>+PXI<^f6dH|+_K4p(M(4x?CjJ<vEMxn-r1%A01#r;8^fDE
z^562t+%?m*;UeXQHUc`T&8r&9%=t7-M+LS50=4Kc3nvFR(F09<Y$`p0sTz!#UZnL>
z9fZ!clW$*HCl8OwXwQKFS3-N3cDsF3#x5k?L&~CPs3GDTUL8HD>ws}gIh2g?87>`B
z0ycSPplmH+5v2w)KNkx)B~cC4(P7TnieZMqu$RgU@YBvc(sbfBOdSMJ3gf3mAdcwN
zL)AVMn{cY}5Q`siPlO&9q}YQYAY)-HPI3WhDf01WdAx74Qa1}JWP;)2^`mZL=r1s>
zYeDLuBjgY#T)pt{Gz_EY;Axq68E*2$<AVVYtvxDx<7~x?)2bM`gXEI9jdKB8Hin?f
zXhva778gE7NN0Eg1!HyT4RLb^)v&9+QlMH%oYx=AUbHfJ&iW#v&+=w!(>So6wh34A
zVhZ82aNplU+9xbBAAgoBbdM@->s(mA<r%1NI3>Ge+Ol}j>7vWzsC}(y`UZP4-x_gE
zU9lyS##emUPXjDBtxzc~nm+t#-MeSI;4~gk0?7<#A^?&xgpQm71Q8<Z=vfD8#7+?s
zny@J>HgL?I7pi~xe5F_5T}w~fZ=+)B=0%+Q0jca(s;Y-*-g3QMgAB##u7;Ii;H6w8
zc8Qa_mBE?WjC1;YRwWDZ$hswEI*Ee~@9e2{*1T}b&NyoEDB3KKhkekr(UpT?A?0{_
z91Xieai8$)NFWPb?4WC5__^9t44MHAQ;#Pr%K}(-HiiAy%UlV+AP-$Ly%+T_{q03X
zpC7<>{3C4i`#kG1fP1nCo0P?y;BU^@CI=o#8j{*GKT6m{0qY=D!e($Bk%*U)`j1B8
z2V-UhLsEU&M0Aq7<K@N<LI@&6<cZo4b0RvYXe%EzRgTuszUd7!YTW-_d6Se4!UNBA
zky@<0nb!na+3>PGa?vCT0i6}BNEHB5A))3M$ZCWlX6?49(8M6ZKPC;@$ab9QRAN4^
z{OY2~K1q9YUCXT3X3^y2F_S>IBQ<`!!^j$ks*Z*tL{HS8ou(wiE+{w`w{;R|{`N?`
z)9uvDKBZf(0hJk#DN;#*dulN80kL=rG@WjD(gDO6OjNOZ1;}ome72Wip?(SM0xOwu
z)8G4Pqu{99*1t08gz4O@d(*=EKy2$%vhuRVTqJjR(9(Y?HxfY0waz_&8HU+z?%a@u
z7lHKjHMg!+bV_(7(wF|S60o-y_TK*@9E4G`JD@{o3N#{*gDZVC?2R|bmlID(HmGH4
zC&j{py>=}JU6n;1*nN`XW7tNl&!I5mv2cPDG!H|MiA3$BHO5>N!XpflI~dolxFe&u
zWhxFgR?x_znSto6svGRxwPAJ6Wonr!#*VU;Dhg_Y<qSX0GP~5qHf9tWpUN=)|7Hd%
zEJtPXe?#Wi>6e|?htXO#b1PE@`PlVm6W|!~Cd(5p%L#Iv7knlla~Ujg<TO@B{_UKz
zbHu1IKb%EY<!Me`H(7ymlsAgaQu5llD;WO+5bUuWT%n2P;xo-+dc|s<gJpsPm0>gi
ze$f(YFZkb<Zx}5Kqp$&Q$S@MzODSS^?#j@EqyC7=lu{Wg+!CZdvgQ(gTfO|IvR}fk
zTs{F=LK&S!^lvDesbOd+jKQpx)rT)~dIBJfe^;KX#5IA@e;5OEu4H%^d=sFJaj(5R
zAHcl0)X$JxC1?i|_+Q{x=9G_nL*Cn#h$ZjRflI4k>#}hK(cNEka=kB&{SMS4-#_@<
z6|ogqPpWg2tMP*k4%}aa!Ah-LFN-h$141Whf|Z_WBOdKoT1d)1D0uXYB?Zm9;NQ_6
z)lyQGObFMt{{tdnu7jSJ!{pj0dBp?TJ!!K6LT9qQ2W8J>L@FEQe!D$)?!9M{2U-zq
z9jdwztIzdU!Kz(W3fL(|Y~t^R@PxG%GHEx|QCF3YNu8NJezP~XCg=8WE9Cv4<EqFm
z6Y>8anzGJMU(RF$xXRisX%6`+`b}I@y<WW?`9wU+<+@y%E1KGicRL+PUk`4}`R$|r
zaesFI5|>j_flus0SLUn;fjS^b2!R;6tV~^Sgy-3F9rxc1$!Xigf=2mGhZx|$&8O(4
zpY7>*pc6;GK<G#(II%rtkmt$E-veTesmeOVP1%k!Z%QazIE(iuB;rMC9|@8+VLfA|
zf<+uVP|(3C{M+^k5ha+2UE4?q#7~%!%f?40DY$ao4--cRNrqcuCy$%-;MoOw`voh)
z^N?13O={W@_C>p8Pg6LPX%HQ1xnOtyx5lB&P-?6i%%tF*C3#s<MBv&Lg7{nMP+mCu
zX@iC839-$gY;NV)9hv>#I5QXQOT$QS_Qj)M_OGdBg8;%tKXnF_%!3*N8LGBo25V9(
z_F^p&ot@e+%m8aTu+UdLz+=R}W}lWfDSlt6hdi<xY}g>1l58aLl+#DvxqfmO%0<V@
zQTs3kCIlQP%v;`PI2)e#3z`Lj@WLzbQtjQ0Q~&Ir@8g?3rnq3hL@&>LEZwaNN9M`+
zHQh2W32?nAnoHjvLZv&fTE=;}$5GlDRSXK$X{-@_3Jnyn^{;=<S{z1={8S0{fiP-J
zLt=Hci+n@;2Emo_ScGMTaAwPDKfW+lc*j1<2ulX`k4u^~%qUWFEsTB-J`HbFcNjVO
zbw#1wQCn}>*btpJ{_Jz&HYuCe3E-YZxK{w~81_lKYKBfn$M6-kfW|4|Hoe;QIcqj#
z_6<C)cx7hn*)f8KWgh=M6d7tl4R7=vs1$}<a-ebWu7jOaWMH_ccB+<05w}+m@)M48
zW*{s!a{A|+pWfTu)-A0P(DUT1dn$c^VG_@t6VPIW6Q4?WUed!Rt#mv_&s7IsXgM8w
z+!h^{t;o2e58+qT3|4vfvD^e(MTG_|I8ja6V7)}NSjMHR6h*=GEh3Sy_WnidD_)FA
z+){$(&|V>Oct;B<G~OAl-3QK-`(P&KuFbx}@7SgRh$ww$$axc@4wED}D<TrePE9+e
zEsLZ|&|fdDBz@6L2#prUEs5=O>KH+H<M>rER`zbQ_M7v`&yE3b%snjxbqHN=#4@PG
zHi)!26ldlf)SG+C{GlOCIvB~C0*SB>Jn)D-ef`XhS%|@IzM-I#HHVg&M;^dMi@FeO
zJKD_O{SKe<nOQdoPyiCiKQ|j#-L<K{+|G)%aS{1A_9}t}fthWd2Vn<TS%uPfOGzwK
z_)@NR&@lJ2lkt}p!}<@mJ)g-+Lvj>C{+0vU*KRwyQzZ6&0=sk6PJ&NZtkIDsVr=${
z(>KCr?&8<ab5Mu{o$ZG2^Hzk<*{)%Q>Sc!PY?#_L9*z5>)0)+RIf<JXJdU;jKjO;Z
znEGF5y=1ns>pF*b>HuKHj*QiInJG+4;QJmZ(QV3Qw+Yz`ofH~ayO_l~@X?#|*uGQc
z<T95~*d4gUlXfZZ*Y5pwxx_D{3+=P=@lDoFKuk&QF(LC=zWKLa_GD+I>R3XZ@b`W^
z<ltc1m_+eZwErRH)F_^_NuT3_JHMoKQh8j}UW)`FR+|d_;{67KvI~Egh%=aeyTFxK
zU&!);UHmJgI-`dm^^GBXy;-@MG7C3vOw2lbKEHSMqUchpwIjLdb!W6tdB+tN@@su(
zT>9`s!d_AhB7G~|Eu|g8ctT40?+FfL%RvW{`D{uPsvfKYlLDw&qflv}LO7o3tbHl7
z)J`G%@RrdKR(=x4ty&dt1I!tPs>Va;9%s;W@1SSD?XoUz8+sCTBb^T)Kn39X@<N4u
z9x4{N9?CKpmE;D9e3nbdkx5?}?NY4h1>N1Ly_IJLAok2ZCM3hC{e+#(i7z6t4w@__
zvE2|YA}qE9_#+xYaS$oUXqjelom<nHqlNe4pfXUOJ`KC~#JCAn5q=@i#op7LGx>Zw
z2(-tQFZFXC5;5<(Es;Apr%^N9vhhSHm}C!orh@`rvF?&z9KpUPNIgiG4@A_vL3D#@
znL;;K&;SM;c`%Qzrlaz9$5_~v)w=54?8rMaci65b=Qx0F?EL>-xIy0S@Ska1A3*Ia
zUS;nP&g8Q7*{J+;>ce-CWHiP`e9Sh4yA6ljxCW*q{wWT&-)ZN`M|L{F)_a@D0KcAN
zay>#%<TFiiZRsx2CcN$D>{I1Rop%3<3m^&fH;`*bdTK11fu+Nb$`<z&&Wkub(<Zrx
zu>0^SS&ITNBHbXm&`4t1f)%S4Mh~*+PD~!I2N-!ak5fFNg`Q8~3v1lFbVTLg7+t$J
z>L7?l#jc4-yPI+npC`p~2TXjoSqmGR(#g<UcPE2l&eXZ1h0TbbmnJjx_JfP&Y@Ny%
z4THJ-6^B8iZF(NlEUHwK^?#7WSawVZ8Ocl3vL+KYgC@>W$kiNk6hKhYC1oI2(f@Ie
za<+$X@t+n0X_~P`3XW@k#CaqF)n8Klz~(;QU6U%W#iS30{_eKPhRbF)z2|=0eNF|w
zN9Z8`4P_G_nPOCvUC2?e<WtXZn9v6Jz;jhfaohv^&y2_OS9KhRPGxL6FvM()4>Ld0
zJBNJ;Erm3)3}9xZzPc|px|>r?g{LZ2-04E_fq@9oJwo~NY&}?~xI-B}rC^&5i=#2h
zKy{DT#|n-V;->*+c@>|@c6g?a;nhmh)mDapIAkgUv*PeKHW3!&XlB;k#(K%<TWRK5
ziem&aK+R}FadHtzWcJgS%}J4~SOUhl&AM*w5hX@puEtOT?;L9M4N#p<x^!XPu8eY&
zG!TeYR}_VJ=h>l#_PvM{0kgEk%}_4T|4VFhT3X8vc<d^wEj8T6e5&MtwIk)#lUbfT
z<M&3(FX-AIbT%-tjf+LPQ9+1J<s>7e;`jss!3r^W6w6L^BwACi!HR^2Isynr^xL!M
zap*oRJyuL0i0I9I0o#Nq(QelB!!T;tIAg8`rI<;S>5QhOHgO5mCQn$Fmhy__XXGeL
z+m2k?OG;msT!Xet|M9|ejgTHQGXMhT`siFFiqR+)nbZb%s-o4Uci2y>kXYNareF1q
z+i2j1TT(|7ackaZ4=lf)x0$T#)s5iAvx;Q!vPxv}6t{PB1f_jNna7y)Vz3^MPu_u`
zCIt+&C}mAFl8dZT`pCbx=UK;pf81`wN2~`%z2dwwX*bIRkG7M*smchv;8<;f;ZO?s
z&2c1mv|%9rstA|bg*hUa>WKn?dbPiQd}gVP#*V7ZVe);k&g)J*DiGB>?(W_`!QU)B
z5!Z`=Tx@B;d*E~vVWx)jh)iZZ)bTZ<VOw8IYG^NjfMFB)8#+cq&5cia_t!P_Y*Qax
zFIl6_sN0W$d$_delk2uB%waL^j!9~@;6G28^TN00XOWmc|HZf*l8$bJC%lYiS16RX
ze+PuqfK_ROJXS`|MS+J;z5ji-CP`b2RM%_A$4~YO)KZQ1Se=Yh=j55Zm(s!kwts0L
z>`=~gbW3n62&Vc6P!_cPV~BMWYJcUz{hYWIwZzx6ZUOg+|6No~1_W5p$z-ICT8D?N
zo<RH)!YW5j`0}_pfI}0KR|pOvD0F+o)oyxOhr)<^N;Xqm&K1vdMZ((k287Rm&N%BC
zGt>oi8;dQL@Bzv^cg=*uV?Y1(ev3kzUPS_@kap5FJGO$RlrW4ltmx+40j5LXZ?B{r
z{dQlOI1}u&4u6F2%W(L7R#j=T@Vg%AYl!L$I$+x>A7(GP&SITUiQ1Uk1lRNN7YqTM
z!ajhVKSmkjpm4;DZF5T>IT{XnJb1g}z6JpdBJ<q{>I<IyD%Uu*!8kf@1}yTdbVXg3
z%g~BKRWq;GN}-nX$y9cC0dyL5aui27|CMbV?G)1uttNkatT(cW-mBaeV19C;)E6(H
ztx}_&c3sHIOQom~M&JexxqbT)sA(_c1z5h!+vU1GIhu!l{8)Je3#>WmD%A<9$Hj`G
z&zov!9r`(+5x+~w3*rMdD<=%l+HV`DVfwwB>!Pzhf47=n@OOX+yu1xN-7iKLc`5d(
z#;U?PHO7HG6G527715*91gbgC`h40Y%S49ZLNDY%I*yEJM!;v5P}vt%I>vlly>BLh
z<UBxC-z&WkxoLR8H@Z@4ZAgFbqSth03R;k<Z?r#x>}iKk3t5Xq@jWX9RyGsIVC_=k
zuSf<EvP*y@X|lwWdLZ271n(@unzBqs5yp4-6u^kjK$mEw4u4NrA7_Y7!Ek-qCg|Nk
zkG5QvO8zvm`BnHHVE;aOo@f{YqG%33*%v4l-~Yw6pKtQP9!|K3*yVcjagy!J4tf7;
zZO9<sCE45Sc_z-Zu@rce8B!c;MiXlg!Y>Cv<B(xpA(>2KQP%%!W1$7SZ8|Giy3@MG
z6^GeKGSRhCOTF9{TpqGMWeU*}XI4umdHV8@X0Wt|2xnxq9em{-kl4YCbH)|D_ml~8
z|HCDb-G+D8J-sy?;rYSMKMm*s-~Q*B3Ic<{40O8$WJ+iCL?XP)m**4zO7b+;JS0u<
z)5_Tu19JXy&yEayy-Q!$1W7tHXs7+>E#mfWfx{w|7puBAksD!lGOdz*!57WlcF&1s
zZBe-}!laV`BDTz#(kw0M;k%rXgB*&_nhL@1sb!%M^-11qEFI}*P`rlo$F+0#WM0ZO
z!Nt@E2ee;n=Jx(QCccaHCC{#F)B32*Lqfxu$a;aJ<>LjiwpEy}-7l1j!SE4YnL5m=
zzH1OXbh6fhj0T!d3TT}G08agvs%AV2_$R<ikI)a~jFYsnL9_yruCRO$c|yM$ZGw2d
z`)%wqKCy(0WH&3jGykpzk=?s~5+-*!D2%R3cgImYb~FGhDxYPW%|;5IQ9IcS6P9Iq
zTxB+6_IEtku*`o)JtOsviy9X*DF?9FD*dZ2S)``5u!GIRIGS<tHrVGdEn*kySbr9~
zfjJrkJS*{)bT(fWfW7CI*X==e$FN#c&_3JS6{s`btw`s^JeJL)`<$$jU$BP4AV^8y
zVKC&<=Rm<9nr7EE(Rg|TBo+@m+zK7!^a%{a$ELN>CIC$}4WXviYhC9fCIuhVh!1=R
z>-_WMN%stxqN6TQx+O}`Rm@Z~)(ZkxCqT3Id{E(MnnEHFG<oY97|~qfP1?{QdcE3b
z{=G5tyKDD@c2~}9xM5FpM2lD-<#W1QST_3`FAz;e+OlL=VDQ%F0BG|GEZ|0VkfG@J
z1;JqrG<EB*000000002FqgnD{y3TdtwCD62h<np?q{YW61Hxtob0E}99qA{~9H2Bu
zKjkwY6ccryEQg7!KXU_RE{J(n-Q6KWiF3ebjrNm+??jy8w}9^r)Eqb$7(xL&ZjeTQ
zDVF__YbT|W#}hR6+dAulzQ4rvPBvvfzLCMfuM|t4eco_9O#YmUk1&*Unp|H=Wi|8I
z;M??f=iWBA_trYo!+Y+7JYn2KzHr+MLUZm>{RG2hl5u<WU(O0fP`Z!+00000$+!$g
zA1iNGr+d;q>e-E|-m0w?Jq1xgxZQMF!aaPQl0dV@g7nvxZo3C9Nb1!sCizs8$$sG#
zHng;j`VYeoL5DkF`;8&&?HB;?s$X3DWa`EQe6d(?lch<oAOMCE2@0F@o9l6eL*sB|
zv!i9$#z6eL8{RQ3ESrQ90!s@1F0WNp&^w<8;jJ?ERu```Jd_0+)@Hzyp*Rp@G2-ey
zec5M&woqyybgPpD6+79FnXk3;CqaD4&{{B}t2utV7(Tc*%X8^JKcxB@#rv^YhMdCG
zZ5@VzZBZ(34MgK;Xw82#!2fcrLSt)F@dw$U7WDWEX5$s%7bgcG%<~XCPoFfEMMx!8
z?c?puRA0rAR=^5`{<-A1UlSDnea6Yf_n)ftGAsxTYAt!47Q#sWu?{Fcv$bu#zB%Iz
z4x6~o)fobzJ&v{}5}H+8lf)GWP`3JICn($Z#pgSd-Ga^`GZ|07n7R@SpD@Z5QlSSB
zb=7P)46VrAaZ0XwHt1huO=jV-)XV5vsYhTOPjC4Hk9s+Qu3Q*p1N;#Yc4{2|3YI$q
z`Oe}w3@LznE#P$cW`20**wkrT<h>Cu@aE<HG$npNzW#xCT_$?L0tjRFlP*l;-9o*-
z#chN&(+*6WKTlU1q%%1UHGt*jO!v3mv$eU%6J<pv70B$A^l$7!j9tA|f_KyUggPw>
zi*;E#X^1PMqT>-eQ)pF9amidn-JbQ)thxR<i;?*(&4}=ve(BHcfK%$d|HPo>wV{)h
z<WoPGme0;@=hlk@Fw4KZ49<SHJZ`qCOo9L)_;vAG%Nb0mOl*^qVHTQ_oc}=z6Wj(V
zYyb>4A7pc(9`r8d+44H5ACJwK0ZJ`WBKQeuU4(Coc~13z9b&<V+Db_twOTYCMF%ng
zFwFF|LpsmGd_j8&?H97MW670}TS;Q$@xTeN0*y1A*BkFxePum^D|f2d*5Emm<!F90
z=ZQ^|b}4yckfzjCXP-ghvH3NZfQU*JGn6fK{ZE);n*v}eHQ;`;@t9Ow|Kh8%2V=d4
zn2Q^;J>l7v?YBv=YTo(;-$mgiTS~YBL7rg#6|0!z)+=aGd=qJMGB}#)CLe|H06G#t
zD9*?(CQiM2aCzjC$B~$KYz5N7`a&`*Mgu@0pBT<KDS+Eqie1}6O^eohj`6tadKSV4
zXn}KOg}h!_FPHLw`)GMoHP4nfwdgp0`4N}d$Uj}VajQlsnpDPiGTnDeuZuk*RR@B#
z<Gqxq5uEtUJvASuO>Ngw+P|aO0OG9JuzYldHoqo%pP5hc*o&ix<=sgNi&Y1JHBtOd
zm+Fk#2>$p00$I3Ltzz|CZ~;@^tN`eUs!agOVwQwffH@%(l;)AAM|>mLwjyNk?yR(v
zFnS6auZW@$0p1z&j$Eff-X{DuJ+Y~7!P_~R@MN$WQb}G#b7(@`Z?L94CvlA)B)B9v
z<b0SHV@zPkl_M~1!9k6|mFn{LW|`R>w8r;xF|rRS_UF_@*7{r$gYV_$^vBzi&yt(r
zRXU>aGQ(K!^5;XozY?8W@&^j^XaOq0d|amJV|TUQfHfLS*++C>61kbYy}D<)>yp_^
zf~8sYe<3II^+fqo;n8U+lvdkv@Cg<4JRPx_IR&#yh9%z+Bhd?+kx;-3DG4xg<cB|e
z0@TRCABhu%0aytFcCn_w0W3aZg&s96w0u~Ud<tw1900y)_9mcqH7$ZB<}Wa7DU(36
z%T5)TL^rRZMcWrXAWIgAE1^zE#L>k_<VXg;vYJW=@go?~vg{?ym`&ZP$+7+qsMv@j
zn^JfL&;Zw?A(azsWge2b56ZHe8d$vo4n0c+sl$?tWjb`qb1atyQU8Y_Lg<rwfkuVU
zVMd&~5qbBIxno}`K#$ow%<p1e5LX9behLdf<N}tm6aZa-5!3Jx{<HksEF~MM4vwaJ
zOy)1-;kX9i_B<2Q%&3ud<Bwr%TAukKFAP7lz*@&S1S)@7PS2(@%0+g5_$Sl~^4-dF
zZ`<KBjH^FRq;k&L-%n+sCU=_&#Wf9M%%Z7|Ss<&i35xD>oTlcFSJnjl02Xrt33grK
z62ONii=E)V2kMlQMgO|%C~|na(tdJ_;tL5GBm5mO0z*E1l5}7Aka@2%xtfOQ4OPwN
z4eWs|Hi;!2rfT<@lnMJE*oEJ+aiuj6`LA>wB80}0CxjR{ac;+@dn<Rl>HJ$IyD9*y
zNKBy7n5u-Sisy^)E&l^kZ=rlcuHfXUa9sMsLWNOv%EQ_kM(w=XbpKidJQLxdhr8R7
z8=@dVMsMiZb~Ue;S4OoPEwmNnNkU>{(2A9t^km`PW`3ki;xPaLkW<&A&HQ_0g(1ka
z9$7=?rYF<Hx0)iAkmc2DbZq2Ht&x!gQ>1iSk65FMq%Rhcq-tJ=y-_SlWd;M~!O05s
z#%7LYQ*`mvXS~K3cc6j%XL^L!9*?5)j;YZG|A8qAsWQ@&OM;Fa(HGIB1@eSW5cXCC
z@DjGvS$l?%Zyd2AGH+j8kl7oi=&pbWR(RLC;*0<~KH&Vt<e%x3D2}GpS2xLJwqBYo
z_L~Ct4iLu#TcJzW%LGZFy|$W@pP*O>l7*xFNPfyO@HdhW)Ipzg;w_&&V}>z&doUhl
z2Gc3M0yK>uj343qZkJ+5!v-g#QB54(9;NS|ymRJ~U_u93GYGeB7)s&&Sh9<rgD+LF
zJ+~EhLax9ft#eWNQo(ky=603tn^T0|YvN!*PiuT)bh5}kw}AL%C2hF;fg0jxgr^`=
zYI6OPP^nN$?yT-5LCTbXAI?QExuOn1wYpI;fJi2qBDLnEVqEiQ8s=yM6uR=^Af)_Z
zCdqC_g;}!+!Z<+(zmxz;DG=d+8G?04E|Y(idJxyIi|0w_NnlL|g9C)Rj<K?k&AkQM
zX3%4|2rLJU-QQ?Uv;_W>x&S;%s{ku;<pqittsv1^-%Hg&SxBbD*6)y#;c?n&Rwj9n
z2?58rh5|Rhe<}JR1Vu`<OI$?x(sh!Yks8FBEuxX)PhpI`19c6!ihN%asPjtmSNcHQ
zK>1pEc~KPRTq>UmZp<A~NDyi6?zlYxJ|d0i_Oj{-a2n4)H4DAF3Pd(N^AmvwbCh^7
zCAqb*VGh2`RMNB0IgE#0PlB(mP#LJTVo%en75%gy@E|mjd%Fm~V-X0u1?cx;oVVLX
zGA+dM-x4_W!4?kkfGHsjc;zfQul)scD}nst>@I)_O$O2S_c@7YhJMg**m)(o^tYVv
z$3}Sv)HkuP0VsT%$szYLl;WGuI%d2jM694q0Ph}`b<!@0z#JB4>4N@t3U2EX+AYF9
zV#>FQ(1GgCpa5&Pr3sxcHHb&P1J(LU04lh2?T7-Wl?6b?BG6NL5z!Bzc0_y?g49eW
z_FM4doJRK2=jWVF{F5ULTC?m8!7Ss53U)m!E)*38!6~{?V+o|ISVu$)yjp?c&EoIS
zP*0v+mdUF|fbt~e%0cbIKVnPR08>%Zmjat{fG3KN{_nfwqTF$t6a;30mqg2ru15-V
zmGl$*d5APPv>6WPvXGc9_1jyw6b2?(VtlSwzeR=*kd(r-h<UOcF4YY9tRy7Lj>%uq
z4>RCkzxd5gPX@3g?E?4DZEs|i7upD!2;cvV=eFblYZysN+|w&>#jwNTz@=qwX{A!!
zzsiK9s=+sX=>Py8W}$VCyTbWTH;TQ5pBJ67PQ#}%9pO7U6NPkbUioSj9!Z12ncQSp
z-*G2#l%Sxp6hftfBeGf_d_1t3pLu~RvG|d8l7uIVV8uKNi6x2w0*rdB9dg>uAA7je
z^m?P_6=UyuF^Vx~VDR$!QiUWWSw!gpIAifJ-;*tEZ0II`BXAA*Gb#4vB2XX#ilq}_
zn;H}?<v;=bx>?CQ$xHTbG1RAjR!|}_GZ^g4K8@ZM{uF;Hw3!P(Dvl<gGG~2iSK8E-
zI3Q3C$cqZ)vhu)}z>2Xdc_?<;fevzcWO+;f$jZBf$AFgbOwrN5)0f^}(Ce>99?hdO
zARSPgr1}Tu8xvtm->gQc8|UeZLt`(#^Db=jV<Xp>gpRuyh&thP$4%gMV8RH?CfX1)
zi<TCk?!CC1h?u16v}A9@SJUJM;@ePF6Ci<3h;0aDj$%5t{W}Hul^PM5=UJ_MmfBNn
zhEROnNWH%C2gU}3iAJU8tn)#%(vY_dM9rWLt_F*n8pJy;JPm%T)V7yibR^f9mDDWJ
z@gPa?=r@2uDnC7+WYfzrTKoo`+2q-O9&57~c-N=sC9D8AUGZt09dlJ}h?9z*R?BuZ
zxZKW>ggclzOXeo6Y#_}?@+gZU8*!7IsC$Xm`rMF^qt+Kd6#c8VZcbhGH`~ublP8_{
z_3{%dm~85~Z;1?gD8M`;5F^JdZYE^Q@z%q|NkGaT#SMQ`i|xGd%+auU#@OwQZIS}r
zm?u;T249@4u`(*0b3Jeu<B(<2+Is9_*))+ELmMN*OIc>oK(U)WNPi@wG4izG<_uE>
z?|rvlV99Km&nr&3q42Pq%R<Z9N?~}vR4+esslNj#=>}61)|i)RdcsY4&YNPBzb?G4
z_s!CgnZ%G3&U;}xg$3Z|-KMQ(M);^T&KBb`6!&1Sc?$v$e-c!q6<I-S3`ci%tTiCU
z%g+19{wRmP)U@q=OY6jrgQ_ZCtYKNp*mtNx+?{|G%R|0(fYua+9o7paFHV-8dtFl(
zredxyd7_%)^^1xe#_@*gf#OM0s_o1b*jQ$tB;7?QNRkot?amfg9xIi`ey{+B<3#Tw
zzALh^xs-PkhE3~+w_KIKDHlMTc@EPoA_BZ0-+{FzsJNE@((sMES1lh84c4h1<u`5f
zKUm0TFL+c$_(HX<MMO9}%RA`({@&`b(R?lFMB|F?9V4+Sniu%IYLO*JM$;?ZmT+-z
z_-``1tTaS1>KFKY00Lx;zx#@75816@w3kuAYzS68x!ck;(KzZTG;Y<zB)=QeF%XKe
zS`dWoiswUQ((EKLkuSe8Jc_Mx$NFmORrCTsu$XKQT_X2S_oy|4EK^~~1KC=xM<k(w
z@MhjZ3dtP?dn7K)()fkYG(=&?o5)zaQcZc#Y>_}-cYK*$XAz*?Y<=$G4DZKFn<7Hp
zWrDTCRuwWzN0UiCl1<(iTANeNremm!Z;REx2gXS!5{P!rL_VatwP!WuKqMBkR<xN5
z)wOtM6*%-oI+a+<5T3>fBB|g90t8uucy826)9L5|f#bm(kdVrZqDSanFOeWLT(^4S
z=9U$t*Ai45<^GE>uyM<NB#C-loacC+jmE;w7>V~JqOhKc4ZLG^s!<+t1&rnJ_#9yE
zdWH>*3~ONlclCsEKU%jyoz3##kiVxiZaija$z$Lo8QUQuVudM4xyV~6m*x_>Qspgu
zdWnLNbZ0r{8Wn`TDjKW7m6NPW=GAJcAB7ariV=*AE62uA)x`>R`?dEzX_|<g-oWN4
z`n(E2-hzw<kO)4?TBffWKfsn9`Oc3i!d6~=6}OB5rxgG7<JWC9Y979aSQ<<#j&P4~
zQJ7a8;U3_lFrY|B){X+_j;0TWd*b}kaTu2U#g0WDK`S2w%ygt01B6_OFDR>}&h>1*
zvN+38@}l4wtH;@*YrCtVP&NXMK{PI%&EyKOvpimShqy-}k_!!~y=8Px{!KKKO!em#
zg`D3z0@Enqk-w+Te`I*ba}FF{RlW5|vZ7@NE>1;jhFMHC#N6-%ko9ha6ZDEAFq%w3
zTM6BU{DyAyZ*JtktyvPv&;biN2HD#Y@=3{ZIoQJZd0;G~-|wgKKxAy=c7gFLquFFG
zT@F*)`a@K;UiwI;U(df=uU1SlaT#2wtNstTP)(^4jpcDZ#lGmFNiR<t`J=`{DhFAA
z&j}W-=o9#e$-x!Uqox}{CdAV>Bg|FKd8isFT(Jv5wHa7t865RNm%S3rj$@mC+$mE}
z39zPJi_}uA-|}Ia%^w0~%HV`><t7%400vtc+XS7P0(VeSwh-SBDCxX)TU=S1-M`jY
zqlZYvw<=D$`L@?vvVI1$vh@b9V2bPpJhQ<<Q^H@I@N#j}ZWGWWk?RCjiFf%S%j;{U
zl3bhZ8Kkf&Z2UADawBXM^qT;AGp2Ic%U3k2#;=<Ao29OyKKSC?yzo5Z`wIKGv6~gM
zBk%`T<LgD@t9w#VBFR)|mg3XyWnv?BaN!&K9t>t*RI)e&@2%-mVuc*gj_tmH4j|Q$
z)eo<6KSDr_xCP>r;f>7-SDxFKz4;MT7E7Aj{IniA%b0-h+7S;3F7$0pvEmQZzsL78
zH?88L5g98lZ&}(+(|OHPZ`~b8c>erz9`NQprOjpaR^=N38CFmSsXxGt+<0>)e>e>e
zH}c|i?U;hK|Jm2x7s_u&t`6LQYTK2(0T6n{C5yGaD{o8ul!8$c&qXN~y)zLLulNHT
zlXtNbWx!MEmO2L=2qHboC&co70c$DIm@)IXF4Vu=af(Tg`{Vob&hz2K)>)yUdw5%9
zUP6!HdBB52-ABk-ODZO+t;&6|5@|YVr5JnFHW|!OqllJe5Z8IiP?;M`c*dgBnV~w>
zCuCxb>K$~|<1GKUfw;B=oaGkzAn3NKzMK#Ywm;M>Gj9vA@F+Td(38c&HpH4K_R^1(
z9?iisEM*Be`H9Wkmkv4Ks1LQ$)QrhKMmA_DH--erz4{O8%QA?H&xfd<cAP!cbrsjc
zF$F2$n$=0;5A!P9Sy^vT=_vXS2nn@Zdey+E*%7jzmhFpuQm+Gt2M7KDC9P7>A!`y>
z>T`Nza2;__;Hli^RYs6RR!UpwIgvv_26dj&ncw|xny>iz)22|D&nP;H9UdRZ>KCpY
zw5gY`fCQtemN9I*mT&f`P{Q$o7!WF1l)^1HWX``;S@a<gTXDo(dxwSXSyr{vrWy6h
z1O=@XEt9}A4i^mo00PLbz*q3|q{l-;V=iY{Yn5Lv%lksxPK$z)6qTIvrizEycG%Ls
zH{23#`>{%lv38)iRsyP->;LsxDj0Slf7upoQ9qLdJ3zkcRd^k*%-GF>oSzL;2*Kzc
zB~2!Y!&-R9@8>{adyY71Cop{FJRZS9UeD}#IocIdj@rFQmyKP3`;uYEg$3$k26#&|
z>J6)C%cFdkqz|ISt{5i)F7$*IUUm^XLR15~lv38*@V6X)Ab~o|ssDaPcOeKjvto)d
z{?8Hyn{aZJo+PvdHvS#aCbD?j9c-RVl734_&4@+>G^ZJhvptF)utRyL1s+~+#lRO2
zFWX>u&^=9N^Z5qXMaXJNeIGH!cehk4Fd4rk05jtXE_Y_JLdwa#Owqf$5|mfcVkh2E
zvzenYHPoUdg@9(tfSWsPW_yFD;$~>$F1|>`B$+NTdP5l`F3xYTs;nkd+r%JSEK{~8
zq|tWh$B%VjG6<$-4nc=5x)lIRIr&KQC{&jy{KU&li=b)=YOuHf`Gzj1&pJ#f$^o3(
z#blaRMnEI4^{08eW}_PBb{~g0ZNLiq##jnj%T=uSbb^Syd+S2r(s2_7d5X&a;ow!_
z;RQ%jS#{986BO>IJ6N+dkIGidP%llr*dPQg(^fs*R-1(n@syyAV9-kIy{W;J{4;`L
zTv!4^I2Sb&p)uxuv@)<dQsBeOXtfUhVfwT4AefWxPn60SlFe+JO4c{q1vlR0uE(*V
zZH(edSAx5*@RD-`@t<U7KRq$7oCB<{s*<biyo$K*p3gg^8J!4=!Vsivz!2xK4zfaq
zs-Ag25zp{&0!)NQibZS~6zx4i(7I210cba!Bn<}hqbFjdpBn=<&Bf=P(d_(CG4uCT
zvvGOnbbCJ&Eb8g{_&C7ofD<Dq6LdsVoXJwr+V$UvH8i7R+@HcQ3lyBrZh?>FGjNWO
zyRO(_{crrM2$n^kD9`u+BL5P{Oa=^d<aST|i~ZJbq_kWSb%;EXaQxwls7tMa|K-yY
z>7T8amkIj)afbD_00000004R3VHSUtsXOs`NU(j?0SImY(nK~Kj~36FV-Ln(>fpYh
z;6VVxV91CcTgk0f0U{~9e$65C*W)D;z}{Vvx?7kT?6ERiC^cA34vzYyIkeuB0e)BX
zZh9Pce0m08S1AF-K%Bdqo-812ajlcH4Rlqi$C(dP>+t9T8axZQU#L+Uu`^R;pxmGT
z3+CkzBB+&W+!5$Q4Knj>#0~ZvarmRgAD`Jwgp0zo)w9aKP)A)0b5uQA004D8cHbm+
zTrPE!tjp6r0x)Rf#UsRH=pd&g|7O}9S86boLUCNRTL?oS@xh1TGA*e+6KY>3{#J00
zMk6iAyNFafRHS>+fs<_R^Ariqw9GjJ*V}Mi{q4i4t*eGyq;+vHoXpRzVygLm`>u^s
zfffM;ed!VzhLG`V03<35t+c{s&Qd&>_Opg*lcaLVK#KPOtLHrK#0P;l4Cii}-SKp9
zPhR%oqkLW-Nw8c)Q6bE@Z)z{_Hw4^I)A`_P`k)QcYS-Igl}2BqBO;l*u1vim_C<)B
zMtWbP%+pQBBov!7;^Ju;btTt=;l{P8tVh(&q-lbQbazxP=>|W29eDn97>|^XOGfyu
z(V&v&alonfBc|>W3|Kq;#NO&@tay7gqPAYLDL-FW&SUV_0smE0_Yksd<hF@sO}TOv
zoSHM23_qy5o>ce?ihBAZ*<`5+KX&8dWo?aH7m<r2Ie|>SyS4G4W61XzAJC?%I!V4q
z>2cQc)KeD^gDGJkva8GMx7t<b0-2A~e_P=Kgt&pL<VR}u`m}Ja&mZOsmT?juZ{4?{
zBvh!z&(dXV_7NV(-kpnVtYdRIqH;z=egNv8833am_5Ndt;cKUXGbyx57_eHhi`@li
z7T*H+l;v&7+~%)my2i4Y(}E`pWWdw+O{Xm=a&j??3K?yKx9{W7TAWAf82nt<gndGk
zld<uxzJlvSsrkGn%A#FIg)@CGQ?uO<7nunoUbrh@UB0f*(p2qw)_@ylgJ1vv7stfo
z8Wytw1HCfo?<)P79T^AX%&mWdfMb_sBpc16!Oc7o%84;ml#TBT!?rPniJB&&<#!$_
zGk$y(b=K`PrwQY{?*-%(4-a%s8Gw4T|Cy!g+dB-AS*)13yzW^!x9Gxsp~CBANMrw&
zRtE{GGJ{?-U%u0xgtX5MWQ-X)KZzRbcVrF$hAU74-e_lP?JZZmXrmG@esn`0$g)|u
zw{XM$2XMB89h?7^A(}mz&C8WuZ-Hyamhz62c%XX9>}VKbc$mg@WVt<hv;J=?DPW@o
zV)rl~cM=nTpqr`OsUFG6k#=PXS3VROlnZwD;97gvkk^|B=$-utwf<V7_S{bL4-h_b
zOjP|%;oxLP%OH+vCh|Xo339jGv&k=P7XTx@WHXwM`k{S+UwG#qj<H_V(mvV{m~V!1
zhH}i5IPer&9(0@)jG(*_Zeh&s&O{0*Hw2!lLc~HJWHXX^jvFm3PEQyUJI`T?{}2N0
zB+-0+cK&YN&S-?tfoBKWSfxqFb{}XTssDN={Xfm&oxv{~iPdDyWjh#$TN<ET^uS}J
z4FK#wBxq~SLZl99IMCTY%W8EDrxqrbh1_?ADTUOIVD)de6i3=!iK7$@gCyBh>lgeG
z9!n+#3fDpDeY(C5WlBVi7p?`DZJkW=HN);)mm;wPni%7uzCeI=TWn0Qs+VEH;4JTL
zqJLqm@Vj$!=2I<=A(x-wo0vyB>|zuy!$S%dr$^Ey4*F^~>PER&MK6{dj}K(z6=gAA
zIZry^TWtgclM(D2(bq@&gIc(XtPZfo2je7&GO2VqFlJi<XHuVA<!CjBQ}$_hbpy|x
zVtwR2cybC{m+cC|+OZ>?W$olQ+@gU93>$o&)l3`F`mT60`{s=w+}<>m4c^IJg}Nc1
OL_h!l000000000dCz+%G

literal 0
HcmV?d00001

diff --git a/static/icons/sglang-mark.png b/static/icons/sglang-mark.png
new file mode 100644
index 0000000000000000000000000000000000000000..3e0fe3eda51977519637fff23717f39a2e9817da
GIT binary patch
literal 2171
zcmV->2!!{EP)<h;3K|Lk000e1NJLTq001xm001xu1^@s6R|5Hm000O=Nkl<Zc%1B7
zd2mzL)j#*$w`h6KS}h@Oc*O=|6G1+}0||i-G870cO*$#<Bur?5k|C6&ghJ9zVdy|o
z=t7r3ldfq}(j;t|kObVaxD-MFV`Iz`Y-|><ShB43>FK?9JJJjpGLdE3$kov4?;kzA
zcka38ci%bZo_iz;?s5E&K)Qj`ZNP0rS8@af$e;j%1b`$tjvi*a21JntU}-65m~3O6
z8XXo`2HjL8we|1~(YNDLSZ)d>9*_Q0hQ`C(Ol0^@vHm4r2rnWCX%R&MQ54W>P-C`@
z-pVq{{*A}`dUkiH{l1X25tzUu^O{n94QI(NuUxbo9OEYfMKjQM?J8W@^#-(`sFCus
z>5aUO{C;`0yW?M;_<GV71M5a=U$y2H%$%|5*I+I#1q#!E5CV<K3^`TPK=S+XwYtWM
zW+QXfX-2JYwL~KEUPD^4P&tFLEjni5_$8}AV=#W<d6Y=ylS_dySa^4zvLM&0vro*3
zuPZGC3VHegHp75z70!NTFvCLD#3>L6s-uB`wcLv1x_ep(XfQIeybxRIMBoGiC@N?H
zfYH<Oh0{WyM^amYx4J<NiwWhtH(P;akP9Ic=nBTqL}?+==$C6qSn6s1XkWiF{?0b&
zIQ=mgc<N)M%3UYA;}b|r777rM3po<REsb-G1;rp_<$mtD=;?)Hn_mPf==wCv#%w-v
z)pup*O+}5TD{cFLl?HgZLbF)|nl;&zrcxvB`#-=e2cFhuXg&N9V99r-Fo${86$~AH
zyxQ;Yk>l%0>rQNA0M?gtRU-xMN?(A?R0#+=4Z3I)@cU*X`pdbSfz~yrLsGlczmB8{
z*f7AtBATii!Ln98rX`7}XM3dZu4YN8_1_(l=@x*cdHOd5JyV#U#jdPt^VR?EVkmON
zJ@DA1f_R<{>HaX8f8hZmU#EH**R4*fEfS&+J(Mjx^ZFc1&ZbHhvv)zD-VIoZP&4#e
z>N29#TU+XqGaizuMrWFkZBefN?;>rfD4H`LOvR<3NMYzWb8^zPn(9eL9%j!gGko93
z_BB3zTI$DB6Jx%O{tBWgn?b;by4|6kbAjZ?Cd@)+3h>%d`f5W_`Ggspeg%#RlVcgf
zked(Llcs`oOeI`7dZd`haz=TMwywh!a$g#xJC$ld^Q{8iJ7xo2Z#GbWdi9*Iz1EZL
zX<z^snqgobqgmbLs@3a(%lKl=VjFuOI2W&gZnyGPSpnywGM#oX#^-7P)|G0v(-@nx
zGU;EoxPr~Ew<^h7KM;Yk40=v<)%BV7eq}~Zdl)dM)%XKyRk2ND`>B(o$MXYEJdOwS
z@>tC;Sj2uKKa2UXO5_vkP6R@c!B{^K0TV-I^N#Gq3TPU1nRd9|A+Kn<q3o&3;-8KN
z_U1|!YvSZMJpx!+h|L?y`FBC#mgQ&B>sd~HdtHsE=lmdi|27f^ai5~P#a>rJ1%!~;
z&S^2>1FAy2Ep74^gFr2qTWVNWVDg<^QX_`_1YnF7U{)^8K9tElC5rS0nV@jVNO~y+
z@(0fy>T?}(4a#$pBhcbkj<laT{<TOb2#i)2SEj4(6iB{4C9{y-<rT$ud%e;&9OU-3
zw2|M8&B<84e=c)D6-lWK^nAC6ED8p}o@v7G*sb_y*ImI&tB(i7O9PyH6CvS7mPdo|
zQn}EW^Wd!9i7VFvMSVVL1zoq`@QdFCF5G=M&q1%+e%jseO0z<i<WXhQt$Yop5Rnz&
z2>~6;pzEd#>VU;a{W&a2=U;0Gc%uP3Sf3vhfhd+`;rplA_0^Wq<BX#p{U(@;N<o&w
z&{=yD&hPvqP@<=)D34iw(;YbW=s$wu?E-oANcs_{N&lYBjCY%j__r*IoT=-S{O`Al
z(!Ms8Brc>=NFa(;MYv>!UBA^AL|=*?E~57+3cOY$-fOquZOyj=7nU6lirshAELsHc
z^U=E9_6&ARNgn&uhnGE{JYO#<DYAQT1frN?MDX=u&ge8VC4v?cM8S<u-4XBJt0D1k
zH`KVUFrBBye7l%$D9mAhq~+x8GxvI2Jt?O!1Q>3=h5-;=ogF3mgZm#e9c_5rHtvZ$
zD&^JhkWOTM0FX@ZMH6F<TYA&ySDiqJV~T@IhWDT_>_^I4uY5pJK?sG(XlEu9KNsHx
zhMhoDgme;FZ5P9&SkKdXM~Y`md2`pn0IV!$>9H1;<1kRsK=AjX8&ZVWfnd{HvjuNh
zAwUQacSx1@G>hT4+xzc*4uq5jRV--7YJMOv-1CIMot5eB9q_XpgemYlGU?aMM)b-L
zkGQVw?HYzsVz4OVP$5rq8^<kv26Pr{Jdw{F$aUqC>GGbP&lv^w<boni=iaVRcqntG
zlmJgtBch+hv%d_8qQKwY3R<fp)@^7z_92)`#{r`gfYA%UJ96Oio}IL!g4M)OLvHU3
zTM+j)orn4z8$p#LAbNVBwR#tby*+Sh>uQkv-aADRx(inx76M_P2Wq#y0QY}y3otq!
zt{>V5`LiAa^QcNFn6nT*`N^{>n`>AIaDoxCs%F8}{ci$MRp_d%0mtP32U!e4%Ljjj
zQ41EQY_4H*p|XW50CO5}T{r`F=hWD*FYb$Hq3Dq(!RDNDrzjb64o!6siz<m73cYRD
zL2nxYh4Y?>-8Yt0#5&RDF%x3nqu2h<_SiK-5Dcnh$R%D%2{eV&21St%9$dBf;bi1Z
z8Pq|BhWdYYgol(uVK{oD6EXm;t<Y5zSQt};Mu?F3b8r}Zv`ntP*BtEI&=66E)Daub
x=B|)LfJOansD}U7;GX}l#63^o-vIys|Nmb14*}d^Zgc<u002ovPDHLkV1oSR8R-B3

literal 0
HcmV?d00001

diff --git a/static/index.html b/static/index.html
index 89b0ebb34..e0e84bd0b 100644
--- a/static/index.html
+++ b/static/index.html
@@ -879,7 +879,7 @@
           <span class="grow">Library</span>
           <button type="button" class="list-item-plus-btn" id="library-new-doc-btn" title="New document">
             <svg class="list-item-plus-icon" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.5" stroke-linecap="round" stroke-linejoin="round" style="width:11px;height:11px;"><line x1="12" y1="5" x2="12" y2="19"/><line x1="5" y1="12" x2="19" y2="12"/></svg>
-            <span class="list-item-plus-label">new</span>
+            <span class="list-item-plus-label">document</span>
           </button>
         </div>
         <div class="list-item" id="tool-notes-btn">
@@ -1005,7 +1005,12 @@
           <button type="button" class="model-picker-btn" id="model-picker-btn" title="Switch model"><span id="model-picker-label">Select model</span> <svg width="10" height="10" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="3" stroke-linecap="round" stroke-linejoin="round"><polyline points="6 15 12 9 18 15"/></svg></button>
           <div class="model-picker-menu hidden" id="model-picker-menu">
             <div class="model-picker-search-row">
-              <input type="text" id="model-picker-search" placeholder="Search models..." autocomplete="off" aria-label="Search models">
+              <div class="model-picker-search-wrap">
+                <input type="text" id="model-picker-search" placeholder="Search models..." autocomplete="off" aria-label="Search models">
+                <button type="button" class="model-picker-refresh-btn" id="model-picker-refresh-btn" title="Refresh model picker" aria-label="Refresh model picker">
+                  <svg width="12" height="12" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.4" stroke-linecap="round" stroke-linejoin="round"><polyline points="23 4 23 10 17 10"/><path d="M20.49 15a9 9 0 1 1-2.12-9.36L23 10"/></svg>
+                </button>
+              </div>
               <button type="button" class="model-picker-action-btn primary" id="model-picker-add-models-btn" title="Add model endpoints" aria-label="Add model endpoints">
                 <svg width="12" height="12" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.4" stroke-linecap="round" stroke-linejoin="round"><path d="M12 5v14"/><path d="M5 12h14"/></svg>
               </button>
diff --git a/static/js/chat.js b/static/js/chat.js
index 50d296dcc..c0b91f980 100644
--- a/static/js/chat.js
+++ b/static/js/chat.js
@@ -1164,6 +1164,7 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
       }
 
       function _replyAfterClosedThinking(text) {
+        text = markdownModule.normalizeThinkingMarkup(text || '');
         const closeRe = /<\/(?:think(?:ing)?|thought)>|<channel\|>/gi;
         let match = null;
         let last = null;
@@ -1174,7 +1175,7 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
 
       // Direct render helper for streaming text
       _renderStream = () => {
-        let dt = stripToolBlocks(roundText);
+        let dt = markdownModule.normalizeThinkingMarkup(stripToolBlocks(roundText));
         const bodyEl = roundHolder.querySelector('.body');
         const contentEl = _ensureStreamLayout(bodyEl);
 
@@ -1466,12 +1467,13 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
                 // 1. Normal: <think>...no closing tag yet
                 // 2. Malformed: <think></think>\n...text but no second </think> yet
                 // 3. Qwen3.5: "Thinking Process:" without <think> tags
-                let hasUnclosedThink = markdownModule.hasUnclosedThinkTag(roundText);
+                const normalizedRoundText = markdownModule.normalizeThinkingMarkup(roundText);
+                let hasUnclosedThink = markdownModule.hasUnclosedThinkTag(normalizedRoundText);
                 // Detect non-tag thinking patterns: "Thinking:", "Thinking Process:", Gemma-style reasoning
                 // These patterns don't use <think> tags, so we simulate unclosed thinking during streaming
                 const _replyPrefixes = ['Hey', 'Hi ', 'Hi!', 'Hello', 'Sure', 'Yes', 'No ', 'No,', 'Yo', 'OK', 'Here', 'Absolutely', 'Of course', 'Great', 'Alright', 'Thanks', 'Welcome', 'Good ', "I'm happy", "I'd be"];
-                if (!hasUnclosedThink && !/<(?:think(?:ing)?|thought)(?:\s+[^>]*)?>|<\|channel>thought/i.test(roundText)) {
-                  const _trimmedRT = roundText.trimStart();
+                if (!hasUnclosedThink && !/<(?:think(?:ing)?|thought)(?:\s+[^>]*)?>|<\|channel>thought/i.test(normalizedRoundText)) {
+                  const _trimmedRT = normalizedRoundText.trimStart();
                   const _isReasoning = markdownModule.startsWithReasoningPrefix(_trimmedRT);
                   if (_isReasoning) {
                     // Check if we can see a reply boundary yet (newline then reply pattern)
@@ -1496,9 +1498,9 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
                     }
                   }
                 }
-                if (!hasUnclosedThink && /^<(?:think(?:ing)?|thought)(?:\s+[^>]*)?>\s*<\/(?:think(?:ing)?|thought)>/i.test(roundText)) {
+                if (!hasUnclosedThink && /^<(?:think(?:ing)?|thought)(?:\s+[^>]*)?>\s*<\/(?:think(?:ing)?|thought)>/i.test(normalizedRoundText)) {
                   // Empty <think></think> — the model likely put thinking outside the tags
-                  const afterEmpty = roundText.replace(/^<(?:think(?:ing)?|thought)(?:\s+[^>]*)?>\s*<\/(?:think(?:ing)?|thought)>/i, '').trim();
+                  const afterEmpty = normalizedRoundText.replace(/^<(?:think(?:ing)?|thought)(?:\s+[^>]*)?>\s*<\/(?:think(?:ing)?|thought)>/i, '').trim();
                   const closeTags = (afterEmpty.match(/<\/(?:think(?:ing)?|thought)>/gi) || []).length;
                   if (closeTags === 0 && afterEmpty.length > 0) {
                     hasUnclosedThink = true; // still waiting for real closing tag
@@ -1508,10 +1510,10 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
                 // Only applies when there's a second </think> later (model leaked thinking outside tags)
                 // Do NOT trigger if the text after </think> contains tool calls (that's real content)
                 if (!hasUnclosedThink && isThinking) {
-                  const _thinkMatch = roundText.match(/<(?:think(?:ing)?|thought)(?:\s+[^>]*)?>([\s\S]*?)<\/(?:think(?:ing)?|thought)>/i);
+                  const _thinkMatch = normalizedRoundText.match(/<(?:think(?:ing)?|thought)(?:\s+[^>]*)?>([\s\S]*?)<\/(?:think(?:ing)?|thought)>/i);
                   const _thinkLen = _thinkMatch ? _thinkMatch[1].trim().length : 0;
                   if (_thinkLen < 20) {
-                    const _afterClose = roundText.replace(/<(?:think(?:ing)?|thought)(?:\s+[^>]*)?>([\s\S]*?)<\/(?:think(?:ing)?|thought)>/i, '').trim();
+                    const _afterClose = normalizedRoundText.replace(/<(?:think(?:ing)?|thought)(?:\s+[^>]*)?>([\s\S]*?)<\/(?:think(?:ing)?|thought)>/i, '').trim();
                     // Only keep waiting if there's trailing text that looks like thinking (not tool calls)
                     const _hasToolCall = /```(?:bash|python|web_search|read_file|write_file|create_document|edit_document|manage_|generate_image)/i.test(_afterClose);
                     const _hasOrphanClose = /<\/(?:think(?:ing)?|thought)>/i.test(_afterClose);
@@ -1572,7 +1574,7 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
                 } else if (hasUnclosedThink && isThinking) {
                   if (_liveThinkInner) {
                     // Extract raw thinking text (strip known thinking wrappers and prefixes)
-                    var thinkText = roundText
+                    var thinkText = markdownModule.normalizeThinkingMarkup(roundText)
                       .replace(/<\/?(?:think(?:ing)?|thought)(?:\s+[^>]*)?>/gi, '')
                       .replace(/<\|channel>thought\s*\n?/gi, '')
                       .replace(/<\|channel>response\s*\n?/gi, '')
@@ -2045,7 +2047,7 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
                 if (!roundFinalized) {
                   roundFinalized = true;
                   if (spinner && spinner.element) spinner.destroy();
-                  const dt = stripToolBlocks(roundText);
+                  const dt = markdownModule.normalizeThinkingMarkup(stripToolBlocks(roundText));
                   if (dt.trim()) {
                     var _body3 = roundHolder.querySelector('.body');
                     var _contentEl3 = _ensureStreamLayout(_body3);
@@ -3405,7 +3407,7 @@ import { wireArrowUpRecall, getLastUserMessageFromChatHistory } from './composer
     };
 
     const renderDelta = () => {
-      const dt = stripToolBlocks(roundText);
+      const dt = markdownModule.normalizeThinkingMarkup(stripToolBlocks(roundText));
       contentDiv.innerHTML = markdownModule.mdToHtml(markdownModule.squashOutsideCode(dt));
       uiModule.scrollHistory();
     };
diff --git a/static/js/compare/index.js b/static/js/compare/index.js
index f3720780c..c8b4d8f3a 100644
--- a/static/js/compare/index.js
+++ b/static/js/compare/index.js
@@ -73,6 +73,45 @@ function isCompareActive() {
   return state.isActive;
 }
 
+function _compareModeLabel() {
+  return ({ search: ' search providers', agent: ' agents', research: ' research models' }[state._compareMode] || ' models');
+}
+
+function _setToolbarMode(mode, syncModeTools = !state.isActive) {
+  const target = mode === 'agent' ? 'agent' : 'chat';
+  const toggleState = Storage.loadToggleState();
+  toggleState.mode = target;
+  Storage.saveToggleState(toggleState);
+  const agentBtn = document.getElementById('mode-agent-btn');
+  const chatBtn = document.getElementById('mode-chat-btn');
+  const modeToggle = agentBtn?.closest('.mode-toggle') || chatBtn?.closest('.mode-toggle') || document.querySelector('.mode-toggle');
+  if (agentBtn && chatBtn) {
+    agentBtn.classList.toggle('active', target === 'agent');
+    chatBtn.classList.toggle('active', target === 'chat');
+    agentBtn.setAttribute('aria-pressed', target === 'agent' ? 'true' : 'false');
+    chatBtn.setAttribute('aria-pressed', target === 'chat' ? 'true' : 'false');
+  }
+  if (modeToggle) {
+    modeToggle.classList.toggle('mode-chat', target === 'chat');
+    modeToggle.classList.toggle('mode-right', target === 'chat');
+  }
+  if (syncModeTools) {
+    document.querySelectorAll('[data-mode-tool]').forEach(b => { b.style.display = target === 'agent' ? '' : 'none'; });
+  }
+}
+
+function _syncCompareModeFromToolbar(mode) {
+  if (!state.isActive) return;
+  state._compareMode = mode === 'agent' ? 'agent' : 'chat';
+  _setToolbarMode(state._compareMode, false);
+  const headerLabel = document.querySelector('.compare-header-label');
+  if (headerLabel) {
+    headerLabel.textContent = 'Comparing' + _compareModeLabel() + (state._blindMode ? ' (blind)' : '') + ' · ' + state._timeout + 's timeout';
+  }
+  const evalWrap = document.getElementById('cmp-eval-wrap');
+  if (evalWrap && typeof evalWrap._renderItems === 'function') evalWrap._renderItems();
+}
+
 // ────────────────────────────────────────────────────────────────────────────
 // ── closeCompare ──
 // ────────────────────────────────────────────────────────────────────────────
@@ -170,12 +209,7 @@ async function deactivate(teardown) {
   });
 
   // Restore agent/chat mode to what it was before compare
-  const _ts = Storage.loadToggleState();
-  _ts.mode = state._savedMode;
-  Storage.saveToggleState(_ts);
-  const _ab2 = document.getElementById('mode-agent-btn'), _cb2 = document.getElementById('mode-chat-btn');
-  if (_ab2 && _cb2) { _ab2.classList.toggle('active', state._savedMode === 'agent'); _cb2.classList.toggle('active', state._savedMode === 'chat'); }
-  document.querySelectorAll('[data-mode-tool]').forEach(b => { b.style.display = state._savedMode === 'agent' ? '' : 'none'; });
+  _setToolbarMode(state._savedMode, true);
 
   // Delete unsaved sessions, then reload
   if (teardown) {
@@ -258,19 +292,30 @@ async function _buildCompareUI() {
     if (el) state._savedIndicatorDisplay[id] = el.style.display;
   });
 
-  // 5. Save current mode and lock to the right one for this compare type
+  // 5. Save current mode and seed the toolbar for this compare type.
   const _toggleState = Storage.loadToggleState();
   state._savedMode = _toggleState.mode || 'chat';
   const _targetMode = (state._compareMode === 'agent') ? 'agent' : 'chat';
-  _toggleState.mode = _targetMode;
-  Storage.saveToggleState(_toggleState);
+  _setToolbarMode(_targetMode, false);
   const _ab = document.getElementById('mode-agent-btn'), _cb = document.getElementById('mode-chat-btn');
+  let _modeCleanup = null;
+  const _onCompareModeClick = (ev) => {
+    ev.stopPropagation();
+    ev.stopImmediatePropagation();
+    _syncCompareModeFromToolbar(ev.currentTarget === _ab ? 'agent' : 'chat');
+  };
   if (_ab && _cb) {
-    _ab.classList.toggle('active', _targetMode === 'agent');
-    _cb.classList.toggle('active', _targetMode === 'chat');
+    _ab.addEventListener('click', _onCompareModeClick, true);
+    _cb.addEventListener('click', _onCompareModeClick, true);
+    _modeCleanup = document.createElement('span');
+    _modeCleanup.style.display = 'none';
+    _modeCleanup._cleanup = () => {
+      _ab.removeEventListener('click', _onCompareModeClick, true);
+      _cb.removeEventListener('click', _onCompareModeClick, true);
+    };
   }
   const _modeToggle = document.querySelector('.mode-toggle');
-  if (_modeToggle) { _modeToggle.style.pointerEvents = 'none'; _modeToggle.style.opacity = '0.4'; }
+  if (_modeToggle) { _modeToggle.style.pointerEvents = ''; _modeToggle.style.opacity = ''; }
 
   // 6. Force tool toggles per compare mode
   disableToolToggles();
@@ -289,6 +334,7 @@ async function _buildCompareUI() {
   // 7. Hide existing chat container children (preserves event listeners)
   const container = document.getElementById('chat-container');
   state._compareElements = [];
+  if (_modeCleanup) state._compareElements.push(_modeCleanup);
   Array.from(container.children).forEach(child => {
     if (child.style.display === 'none') return;
     child.dataset.cmpHidden = '1';
@@ -302,9 +348,9 @@ async function _buildCompareUI() {
   headerBar.className = 'compare-header-bar';
   headerBar.style.cssText = 'display:flex;align-items:center;justify-content:space-between;padding:6px 10px;flex-shrink:0;';
   const headerLabel = document.createElement('span');
+  headerLabel.className = 'compare-header-label';
   headerLabel.style.cssText = 'font-size:10px;font-weight:400;color:var(--fg);white-space:nowrap;overflow:hidden;text-overflow:ellipsis;min-width:0;';
-  const _modeLabel = ({ search: ' search providers', agent: ' agents', research: ' research models' }[state._compareMode] || ' models');
-  headerLabel.textContent = 'Comparing' + _modeLabel + (state._blindMode ? ' (blind)' : '') + ' · ' + state._timeout + 's timeout';
+  headerLabel.textContent = 'Comparing' + _compareModeLabel() + (state._blindMode ? ' (blind)' : '') + ' · ' + state._timeout + 's timeout';
   // Left side: the Compare tool icon (two side-by-side panes, matching the
   // rail/sidebar icon) + the label. Other tool headers carry their icon; this
   // one was missing it.
@@ -475,7 +521,7 @@ async function _buildCompareUI() {
   }
   const msgTA = document.getElementById('message');
   if (msgTA) {
-    msgTA.placeholder = 'Enter prompt for all models...';
+    msgTA.placeholder = window.matchMedia('(max-width: 767px)').matches ? '' : 'Enter prompt for all models...';
     requestAnimationFrame(() => msgTA.focus());
   }
 
@@ -891,8 +937,7 @@ async function _executeCompare(message) {
     let sharedSearchContext = null;
     let sharedSearchSources = null;
     const webChk = document.getElementById('web-toggle');
-    const toggleState = Storage.loadToggleState();
-    const isAgentMode = (toggleState.mode || 'chat') === 'agent';
+    const isAgentMode = state._compareMode === 'agent';
     const webOn = webChk && webChk.checked;
     // In agent mode, web_search is a tool (handled per-pane); in chat mode, pre-search and share
     if (webOn && !isAgentMode) {
@@ -1198,6 +1243,15 @@ function _setupEvalPicker() {
 
   function _renderItems() {
     const mode = state._compareMode || 'chat';
+    const label = btn.querySelector('.cmp-eval-label');
+    if (label) {
+      label.textContent = ({
+        agent: 'Agent prompts',
+        chat: 'Chat prompts',
+        search: 'Search prompts',
+        research: 'Research prompts'
+      }[mode] || 'Eval prompts');
+    }
     // research/html aren't first-class compare types — fall back gracefully
     const key = EVAL_PROMPTS[mode] ? mode
       : (mode === 'research' ? 'search' : 'chat');
@@ -1258,8 +1312,10 @@ function _setupEvalPicker() {
   };
   document.addEventListener('click', _onDocClick);
 
+  _renderItems();
   wrap.appendChild(btn);
   wrap.appendChild(menu);
+  wrap._renderItems = _renderItems;
   inputTop.appendChild(wrap);
 
   // Expected-answer chip — placed above the chat-input-bar (outside it), so
diff --git a/static/js/compare/stream.js b/static/js/compare/stream.js
index 6117922b9..5bb7f9bcc 100644
--- a/static/js/compare/stream.js
+++ b/static/js/compare/stream.js
@@ -551,23 +551,46 @@ async function streamToPane(paneIdx, sessionId, message, aiMsgEl, opts) {
       footer.className = 'msg-footer';
       const span = document.createElement('span');
       span.className = 'response-metrics';
-      let text = metrics.output_tokens + ' tokens | ' + metrics.tokens_per_second + ' tok/s';
+      const outputTokens = metrics.output_tokens;
+      const responseTime = metrics.response_time ?? metrics.total_time;
+      const explicitTps = metrics.tokens_per_second ?? metrics.gen_tps ?? metrics.tps;
+      const numericOutput = Number(outputTokens);
+      const numericTime = Number(responseTime);
+      const numericTps = Number(explicitTps);
+      const derivedTps = Number.isFinite(numericTps)
+        ? numericTps
+        : (Number.isFinite(numericOutput) && Number.isFinite(numericTime) && numericTime > 0)
+          ? numericOutput / numericTime
+          : null;
+      const tpsLabel = derivedTps != null
+        ? (derivedTps >= 100 ? String(Math.round(derivedTps)) : derivedTps.toFixed(2).replace(/\.?0+$/, ''))
+        : null;
+      const parts = [];
+      if (outputTokens != null && outputTokens !== 'undefined') {
+        parts.push(outputTokens + ' tokens');
+      }
+      if (tpsLabel != null) {
+        parts.push(tpsLabel + ' tok/s');
+      }
+      if (responseTime != null && responseTime !== 'undefined' && parts.length === 0) {
+        parts.push(responseTime + 's');
+      }
       // Add per-request cost and cost per 1000
       const _model = metrics.model || (state._selectedModels[paneIdx] && state._selectedModels[paneIdx].model) || '';
       const _cost = getModelCost(_model, metrics.input_tokens || 0, metrics.output_tokens || 0);
       // Build the metrics span with optional cost and context
-      span.textContent = text;
+      span.textContent = parts.join(' | ');
       if (_cost !== null) {
         const _cost1k = _cost * 1000;
         const costSpan = document.createElement('span');
         costSpan.style.color = 'var(--color-success, #4caf50)';
         costSpan.title = 'Estimated cost per 1,000 responses like this one';
-        costSpan.textContent = ' | $' + (_cost1k < 1 ? _cost1k.toFixed(2) : _cost1k.toFixed(0)) + '/1k';
+        costSpan.textContent = (span.textContent ? ' | ' : '') + '$' + (_cost1k < 1 ? _cost1k.toFixed(2) : _cost1k.toFixed(0)) + '/1k';
         span.appendChild(costSpan);
       }
       if (metrics.context_percent > 0) {
         const ctx = document.createElement('span');
-        ctx.textContent = ' | ' + metrics.context_percent + '% ctx';
+        ctx.textContent = (span.textContent ? ' | ' : '') + metrics.context_percent + '% ctx';
         if (metrics.context_percent >= 85) ctx.style.color = 'var(--color-error)';
         else if (metrics.context_percent >= 70) ctx.style.color = '#ff9900';
         span.appendChild(ctx);
diff --git a/static/js/compare/vote.js b/static/js/compare/vote.js
index c7e64b53d..8c07dcee5 100644
--- a/static/js/compare/vote.js
+++ b/static/js/compare/vote.js
@@ -181,7 +181,7 @@ function handleVote(winnerIdx) {
 
     let html = '';
     const caret = ' <span class="pane-title-caret">&#x25BE;</span>';
-    if (isWinner) html = '<span style="color:var(--red);margin-right:4px;">&#x2605;</span><strong>' + escapeHtml(name) + '</strong> <span style="color:var(--red);font-size:0.82em;font-weight:800;text-transform:uppercase;letter-spacing:1px;position:relative;top:-2px;">Winner!</span>' + caret;
+    if (isWinner) html = '<span style="color:var(--green, #50fa7b);margin-right:4px;">&#x2605;</span><strong>' + escapeHtml(name) + '</strong> <span style="color:var(--green, #50fa7b);font-size:0.82em;font-weight:800;text-transform:uppercase;letter-spacing:1px;position:relative;top:0;">Winner!</span>' + caret;
     else if (isTie) html = '<span style="opacity:0.5;margin-right:4px;">=</span><strong>' + escapeHtml(name) + '</strong>' + caret;
     else html = '<strong>' + escapeHtml(name) + '</strong>' + caret;
     el.innerHTML = html;
diff --git a/static/js/cookbook-hwfit.js b/static/js/cookbook-hwfit.js
index 9098d8082..ed2b29940 100644
--- a/static/js/cookbook-hwfit.js
+++ b/static/js/cookbook-hwfit.js
@@ -1421,23 +1421,11 @@ export function _expandModelRow(row, modelData) {
 
   const dlSource = _downloadSourceRepo(modelData, backend);
   const hfUrl = `https://huggingface.co/${dlSource.repo}`;
-  // Official vendor recipe deep-links. These point to vLLM / SGLang's curated
-  // hardware-specific launch-command pages. They 404 for uncatalogued models \u2014
-  // a known tradeoff; user just gets the vendor's "model not found" page.
-  const _recipeRepo = modelData.name || '';
-  const _vllmUrl = _recipeRepo ? `https://recipes.vllm.ai/${_recipeRepo}` : '';
-  const _sglangUrl = _recipeRepo ? `https://docs.sglang.io/cookbook/autoregressive/${_recipeRepo}${_sglangHashFor(modelData)}` : '';
   let html = `<div class="hwfit-action-panel" data-model-name="${esc(modelData.name)}">`;
   html += `<div class="hwfit-panel-header">`;
   html += `<span class="hwfit-panel-model">${esc(modelData.name)}${dlSource.kind ? ` <span style="opacity:0.5;font-size:10px;">(${esc(dlSource.kind)} ${esc(modelData.quant || '')})</span>` : (modelData.quant_repo ? ` <span style="opacity:0.5;font-size:10px;">(${esc(modelData.quant)})</span>` : '')}</span>`;
   html += `<span class="hwfit-panel-badge">${esc(label)}</span>`;
   html += `<a href="${esc(hfUrl)}" target="_blank" rel="noopener" class="hwfit-panel-hf-link" title="View download source on HuggingFace">HF \u2197</a>`;
-  if (backend === 'vllm' && _vllmUrl) {
-    html += `<a href="${esc(_vllmUrl)}" target="_blank" rel="noopener" class="hwfit-panel-hf-link" title="vLLM official recipe (curated launch command). 404s if this model isn't in vLLM's recipes catalog.">vLLM \u2197</a>`;
-  }
-  if (backend === 'sglang' && _sglangUrl) {
-    html += `<a href="${esc(_sglangUrl)}" target="_blank" rel="noopener" class="hwfit-panel-hf-link" title="SGLang cookbook (hash pre-filled with your detected hardware). 404s if this model isn't in SGLang's cookbook catalog.">SGLang \u2197</a>`;
-  }
   html += `</div>`;
   html += `<div class="hwfit-panel-actions">`;
   html += `<button class="cookbook-btn hwfit-dl-btn">Download</button>`;
diff --git a/static/js/cookbook.js b/static/js/cookbook.js
index 3aaa70465..5b95fad1e 100644
--- a/static/js/cookbook.js
+++ b/static/js/cookbook.js
@@ -267,6 +267,10 @@ function _detectModelOptimizations(modelName) {
   else if (n.includes('minimax')) {
     opts.flags.push('--enable-expert-parallel');
     opts.tips.push('MoE expert parallel for MiniMax');
+    if (/\bm3\b/.test(n)) {
+      opts.kvCacheDtype = 'fp8';
+      opts.tips.push('MiniMax M3 defaults: fp8 KV cache, block-size 128, TRITON attention');
+    }
   }
   // Reasoning parser — applies independently of MoE detection. Without this
   // flag, models like MiniMax-M2.x, DeepSeek-R1, Qwen3 reasoning, GLM-4.x,
@@ -308,6 +312,9 @@ function _detectModelOptimizations(modelName) {
  */
 export function _detectReasoningParser(modelName) {
   const n = (modelName || '').toLowerCase();
+  // MiniMax M3 — newer vLLM nightly/parser builds use minimax_m3. This must
+  // be checked before the M2.x rule and before the generic MiniMax tool parser.
+  if (n.includes('minimax') && /\bm3\b/.test(n)) return 'minimax_m3';
   // MiniMax M2 / M2.5 / M2.7 — released with a dedicated parser. Catch M2
   // before plain "minimax" so M2.x doesn't fall through to a wrong parser.
   if (n.includes('minimax') && n.match(/\bm2(?:\.\d)?\b/)) return 'minimax_m2';
@@ -349,6 +356,7 @@ export function _detectToolParser(modelName) {
   if (n.includes('mistral') || n.includes('mixtral')) return 'mistral';
   if (n.includes('deepseek-v3')) return 'deepseek_v3';
   if (n.includes('deepseek')) return 'deepseek_v3';
+  if (n.includes('minimax') && /\bm3\b/.test(n)) return 'minimax_m3';
   if (n.includes('minimax') && n.includes('m2')) return 'minimax_m2';
   if (n.includes('minimax')) return 'minimax';
   if (n.includes('gemma')) return 'pythonic';
@@ -376,7 +384,9 @@ export function _detectBackend(model) {
     return { backend: 'unsupported', label: 'Unsupported' };
   }
   const isAwqLike = /^AWQ|^GPTQ|^NVFP4/.test(q) || ['FP8', 'FP4', 'MXFP4', 'NF4', 'INT4', 'INT8', 'W4A16', 'W8A8', 'W8A16'].includes(q) || /\b(awq|gptq|fp8|fp4|nvfp4|mxfp4|nf4|int4|int8|w4a16|w8a8|w8a16)\b/i.test(_nm);
-  const isGgufLike = model.is_gguf || /^Q[2-8]/.test(q) || /^IQ/.test(q) || q === 'GGUF' || _nm.includes('gguf');
+  const hasGgufFile = Array.isArray(model.gguf_files)
+    && model.gguf_files.some(f => f && typeof f.rel_path === 'string' && /\.gguf$/i.test(f.rel_path));
+  const isGgufLike = model.is_gguf || hasGgufFile || /^Q[2-8]/.test(q) || /^IQ/.test(q) || q === 'GGUF' || _nm.includes('gguf');
 
   // Image gen models → diffusers
   if (model.is_image_gen || model.is_diffusion || model._tag === 'image') {
@@ -495,14 +505,22 @@ function _buildEnvPrefixWindows() {
   return parts.join('; ') + ';';
 }
 
+function _venvRootFromPath(path) {
+  let p = (path || '').toString().trim().replace(/\/+$/, '');
+  if (!p) return '';
+  p = p.replace(/\/bin\/(?:activate|python(?:3(?:\.\d+)?)?|vllm|pip(?:3)?)$/i, '');
+  return p;
+}
+
 export function _buildServeCmd(f, modelName, backend) {
   // When a venv is configured on the chosen server, use the venv's binaries
   // by absolute path. Bare `vllm` / `python3` relies on PATH, and SSH non-
   // interactive sessions often leave a user-site install (~/.local/bin/vllm)
   // ahead of the venv's bin, so the WRONG vllm gets launched even with the
   // venv activated. Absolute path sidesteps the whole PATH question.
-  const _isVenv = _envState.env === 'venv' && _envState.envPath;
-  const _venvBin = _isVenv ? (_envState.envPath.replace(/\/+$/, '') + '/bin/') : '';
+  const _formVenv = (f.venv ?? '').toString().trim();
+  const _activeVenvPath = _venvRootFromPath(_formVenv || (_envState.env === 'venv' ? (_envState.envPath || '') : ''));
+  const _venvBin = _activeVenvPath ? (_activeVenvPath + '/bin/') : '';
   const _vllmBin = _venvBin ? `${_venvBin}vllm` : 'vllm';
   const _py3Bin = _venvBin ? `${_venvBin}python3` : 'python3';
   let cmd = '';
@@ -524,21 +542,26 @@ export function _buildServeCmd(f, modelName, backend) {
         cmd += 'VLLM_USE_DEEP_GEMM=0 VLLM_USE_FLASHINFER_MOE_FP16=1 OMP_NUM_THREADS=4 ';
       }
     }
-    // Pinned attention backend (Attention field). Empty = let vLLM pick.
-    const _attn = (f.vllm_attn_backend ?? '').toString().trim();
-    if (_attn) cmd += `VLLM_ATTENTION_BACKEND=${_attn} `;
     // Free-text "Env" field — verbatim KEY=VAL pairs (space-separated).
     // Collapse any pasted newlines/tabs so the backend allowlist (which
     // rejects \n / \r) doesn't trip on a multi-line paste from a model card.
     const _extraEnv = (f.extra_env ?? '').toString().replace(/\s+/g, ' ').trim();
     if (_extraEnv) cmd += _extraEnv + ' ';
     cmd += `${_vllmBin} serve ${modelName} --host 0.0.0.0 --port ${f.port || '8000'}`;
+    const _servedModelName = (f.served_model_name ?? '').toString().trim();
+    if (_servedModelName) cmd += ` --served-model-name ${_servedModelName}`;
+    // Pinned attention backend (Attention field). Empty = let vLLM pick.
+    const _attn = (f.vllm_attn_backend ?? '').toString().trim();
+    if (_attn) cmd += ` --attention-backend ${_attn}`;
     const _gemma4ChatTemplate = _gemma4ThinkingChatTemplateArg(modelName);
     if (_gemma4ChatTemplate) cmd += ` --chat-template ${_gemma4ChatTemplate}`;
     cmd += ` --tensor-parallel-size ${f.tp || '1'}`;
+    const _blockSize = (f.vllm_block_size ?? '').toString().trim();
+    if (/^\d+$/.test(_blockSize)) cmd += ` --block-size ${_blockSize}`;
     cmd += ` --max-model-len ${f.ctx || '8192'}`;
     cmd += ` --gpu-memory-utilization ${f.gpu_mem || '0.90'}`;
-    if (f.swap && f.swap !== '0') cmd += ` --swap-space ${f.swap}`;
+    const _swapRaw = (f.swap ?? '').toString().trim().toLowerCase();
+    if (_swapRaw && !['0', 'off', 'none', 'false'].includes(_swapRaw)) cmd += ` --swap-space ${_swapRaw}`;
     cmd += ` --dtype ${f.dtype || 'auto'}`;
     const _kv = (f.vllm_kv_cache_dtype ?? '').toString().trim();
     if (_kv === 'fp8') cmd += ' --kv-cache-dtype fp8';
@@ -548,10 +571,12 @@ export function _buildServeCmd(f, modelName, backend) {
     if (f.prefix_cache) cmd += ' --enable-prefix-caching';
     if (f.auto_tool) cmd += ` --enable-auto-tool-choice --tool-call-parser ${_detectToolParser(modelName)}`;
     if (f.expert_parallel) cmd += ' --enable-expert-parallel';
+    if (f.language_model_only) cmd += ' --language-model-only';
+    if (f.disable_custom_all_reduce) cmd += ' --disable-custom-all-reduce';
     if (f.reasoning_parser) {
       const rp = typeof f.reasoning_parser === 'string' && f.reasoning_parser !== 'true'
-        ? f.reasoning_parser : (f._reasoning_parser_value || 'qwen3');
-      cmd += ` --reasoning-parser ${rp}`;
+        ? f.reasoning_parser : (f._reasoning_parser_value || _detectReasoningParser(modelName) || '');
+      if (rp) cmd += ` --reasoning-parser ${rp}`;
     }
     if (f.speculative) {
       const _specMethod = (f.spec_method || 'mtp').trim() || 'mtp';
@@ -590,9 +615,11 @@ export function _buildServeCmd(f, modelName, backend) {
     // The Inference mode pill (GPU/CPU) above gates this — when the user picks
     // CPU, force ngl=0 here so all downstream flag-suppression fires
     // consistently regardless of what the (now-hidden) ngl input shows.
-    if (String(f.llama_mode || '').toLowerCase() === 'cpu') {
+    const _llamaMode = String(f.llama_mode || '').toLowerCase();
+    if (_llamaMode === 'unified') f.unified_mem = true;
+    if (_llamaMode === 'cpu') {
       f.ngl = '0';
-    } else if (String(f.llama_mode || '').toLowerCase() === 'gpu' && (!f.ngl || String(f.ngl).trim() === '0')) {
+    } else if (['gpu', 'unified'].includes(_llamaMode) && (!f.ngl || String(f.ngl).trim() === '0')) {
       f.ngl = '99';
     }
     const _cpuOnly = String(f.ngl).trim() === '0';
@@ -616,7 +643,8 @@ export function _buildServeCmd(f, modelName, backend) {
     })();
     if (f.unified_mem && !_cpuOnly && _isWindows() && _isCudaTarget) cmd += `$env:GGML_CUDA_ENABLE_UNIFIED_MEMORY="1"; `;
     if (_isWindows() && !_cpuOnly) cmd += _gpuEnvPrefix(gpuId, true);
-    const modelArg = `"${ggufPath}"`;
+    const needsGgufPrelude = /^\$\(\{\s*find\s/.test(String(ggufPath || ''));
+    const modelArg = needsGgufPrelude ? '"$MODEL_FILE"' : `"${ggufPath}"`;
     // Prefer native llama-server. The backend bootstrap resolves/builds the
     // right binary (Vulkan/HIP/CUDA/Metal/CPU), so keep the generated command
     // as a validator-safe binary + args with no shell chaining.
@@ -692,6 +720,9 @@ export function _buildServeCmd(f, modelName, backend) {
     } else {
       cmd += `${lcPrefix}llama-server --model ${modelArg} --host 0.0.0.0 --port ${f.port || '8080'} -ngl ${f.ngl || '99'} -c ${f.ctx || '8192'}${_lcExtra}`;
     }
+    if (needsGgufPrelude) {
+      cmd = `MODEL_FILE=${ggufPath} && { [ -n "$MODEL_FILE" ] && [ -f "$MODEL_FILE" ]; } || { echo "ERROR: No GGUF found on this host"; exit 1; } && ${cmd}`;
+    }
   } else if (backend === 'ollama') {
     const ollamaPort = f.port || '11434';
     // GGUF + Ollama: delegate to the iGPU-bound ollama-test container via
@@ -860,7 +891,7 @@ async function _fetchDependencies() {
     const _statusTag = (pkg, isLocal, isSystemDep, winBlocked) => {
       if (winBlocked) return `<span class="cookbook-dep-tag cookbook-dep-na">N/A</span>`;
       if (pkg.installed && isSystemDep) return `<span class="cookbook-dep-tag cookbook-dep-installed" title="Found on selected server">Installed</span>`;
-      if (pkg.installed && pkg.pip_update_available === false) {
+      if (pkg.installed && pkg.pip_update_available === false && pkg.name !== 'llama_cpp') {
         const tip = esc(pkg.update_note || pkg.status_note || 'Found externally; update outside Odysseus.');
         return `<span class="cookbook-dep-tag cookbook-dep-installed" title="${tip}">Installed</span>`;
       }
@@ -902,9 +933,7 @@ async function _fetchDependencies() {
       // diagnosis-style `_launchServeTask` with `pip install --force-reinstall`
       // so the user can watch the pip install in the Running tab.
       let _rebuildBtn = '';
-      if (pkg.name === 'llama_cpp') {
-        _rebuildBtn = `<button type="button" class="cookbook-dep-tag cookbook-dep-rebuild" id="cookbook-rebuild-engine" title="Clear the cached llama.cpp build so the next serve recompiles from source (use after installing a CUDA/ROCm toolkit to turn a CPU-only build into a GPU build).">Rebuild</button>`;
-      } else if (pkg.name === 'vllm' && pkg.installed) {
+      if (pkg.name === 'vllm' && pkg.installed) {
         _rebuildBtn = `<button type="button" class="cookbook-dep-tag cookbook-dep-rebuild cookbook-dep-reinstall" data-reinstall-pkg="vllm" title="Force-reinstall vLLM (pulls a matching torch). Runs as a tmux task in the Running tab.">Reinstall</button>`;
       } else if (pkg.name === 'sglang' && pkg.installed) {
         _rebuildBtn = `<button type="button" class="cookbook-dep-tag cookbook-dep-rebuild cookbook-dep-reinstall" data-reinstall-pkg="sglang" title="Force-reinstall SGLang (pulls a matching torch). Runs as a tmux task in the Running tab.">Reinstall</button>`;
@@ -1410,12 +1439,59 @@ async function _fetchDependencies() {
     });
 
 
-    // Wire the ⋮ menu on installed packages — currently just "Update".
+    async function _rebuildLlamaCpp(updateSource = false, statusEl = null) {
+      const sel = document.getElementById('hwfit-deps-server');
+      if (sel) _applyServerSelection(sel.value);
+      const host = _envState.remoteHost || '';
+      const where = host || 'this server';
+      const action = updateSource ? 'Update llama.cpp source and rebuild' : 'Rebuild llama.cpp engine';
+      const detail = updateSource
+        ? 'This fast-forwards the Cookbook-managed ~/llama.cpp checkout when possible, then clears the cached llama-server build. The next launch recompiles or installs the latest matching prebuilt.'
+        : 'This clears the cached llama-server build. The next launch recompiles or installs a matching prebuilt.';
+      if (!confirm(`${action} on ${where}?\n\n${detail}`)) return;
+      const oldText = statusEl?.textContent;
+      if (statusEl) {
+        statusEl.disabled = true;
+        statusEl.textContent = updateSource ? 'Updating...' : 'Clearing...';
+      }
+      try {
+        const res = await fetch('/api/cookbook/rebuild-engine', {
+          method: 'POST', credentials: 'same-origin',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({
+            engine: 'llamacpp',
+            remote_host: host || undefined,
+            ssh_port: _getPort(host) || undefined,
+            update_source: !!updateSource,
+          }),
+        });
+        const data = await res.json().catch(() => ({}));
+        if (!res.ok || !data.ok) {
+          const reason = data.detail || data.error || `HTTP ${res.status}`;
+          uiModule.showToast(`${updateSource ? 'Update' : 'Rebuild'} failed: ` + String(reason).slice(0, 300), {
+            duration: 20000, action: 'OK', onAction: () => {},
+          });
+        } else {
+          uiModule.showToast(`${updateSource ? 'Updated source and cleared' : 'Cleared'} llama.cpp build on ${where}. Re-launch the serve task to rebuild.`);
+        }
+      } catch (err) {
+        uiModule.showToast(`${updateSource ? 'Update' : 'Rebuild'} failed: ` + err.message);
+      } finally {
+        if (statusEl) {
+          statusEl.disabled = false;
+          statusEl.textContent = oldText;
+        }
+      }
+    }
+    window._cookbookRebuildLlamaCpp = _rebuildLlamaCpp;
+
+    // Wire the installed-package menu.
     function _showDepMenu(anchor) {
       document.querySelectorAll('.cookbook-dep-menu').forEach(d => d.remove());
       const row = anchor.closest('.cookbook-dep-row');
       if (!row) return;
       const pipName = row.dataset.depPip;
+      const rowPkgName = row.dataset.pkgName || '';
       const pkgName = row.querySelector('.memory-item-title')?.textContent || pipName;
       const isLocalOnly = row.dataset.depTarget === 'local';
       const dropdown = document.createElement('div');
@@ -1436,6 +1512,29 @@ async function _fetchDependencies() {
         await _installDep(pipName, pkgName, isLocalOnly, true, null);
       });
       dropdown.appendChild(it);
+      if (rowPkgName === 'llama_cpp') {
+        const rebuildIco = '<svg width="13" height="13" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12a9 9 0 1 1-2.64-6.36"/><path d="M21 3v6h-6"/></svg>';
+        const rebuild = document.createElement('div');
+        rebuild.className = 'dropdown-item-compact';
+        rebuild.innerHTML = `<span class="dropdown-icon">${rebuildIco}</span><span>Rebuild</span>`;
+        rebuild.title = 'Clear the cached llama-server build so the next launch rebuilds it.';
+        rebuild.addEventListener('click', async (e) => {
+          e.stopPropagation();
+          dropdown.remove();
+          await _rebuildLlamaCpp(false, null);
+        });
+        dropdown.appendChild(rebuild);
+        const source = document.createElement('div');
+        source.className = 'dropdown-item-compact';
+        source.innerHTML = `<span class="dropdown-icon">${upIco}</span><span>Update source + rebuild</span>`;
+        source.title = 'Fast-forward ~/llama.cpp when possible, then clear the cached build.';
+        source.addEventListener('click', async (e) => {
+          e.stopPropagation();
+          dropdown.remove();
+          await _rebuildLlamaCpp(true, null);
+        });
+        dropdown.appendChild(source);
+      }
       document.body.appendChild(dropdown);
       const close = (ev) => {
         if (!dropdown.contains(ev.target) && ev.target !== anchor && !anchor.contains(ev.target)) {
@@ -1698,33 +1797,7 @@ function _wireTabEvents(body) {
       if (sel) _applyServerSelection(sel.value);
       const host = _envState.remoteHost || '';
       const where = host || 'this server';
-      if (!confirm(`Rebuild the llama.cpp engine on ${where}?\n\nThis clears the cached llama-server build so the next serve recompiles from source (with CUDA/HIP if a toolchain is present). It does not download or install anything.`)) return;
-      const _label = rebuildBtn.textContent;
-      rebuildBtn.disabled = true;
-      rebuildBtn.textContent = 'Clearing...';
-      try {
-        const res = await fetch('/api/cookbook/rebuild-engine', {
-          method: 'POST', credentials: 'same-origin',
-          headers: { 'Content-Type': 'application/json' },
-          body: JSON.stringify({
-            engine: 'llamacpp',
-            remote_host: host || undefined,
-            ssh_port: _getPort(host) || undefined,
-          }),
-        });
-        const data = await res.json().catch(() => ({}));
-        if (!res.ok || !data.ok) {
-          const reason = data.detail || data.error || `HTTP ${res.status}`;
-          uiModule.showToast('Rebuild failed: ' + String(reason).slice(0, 200));
-        } else {
-          uiModule.showToast(`Cleared llama.cpp build on ${where}. Re-launch the serve task to rebuild with GPU support.`);
-        }
-      } catch (err) {
-        uiModule.showToast('Rebuild failed: ' + err.message);
-      } finally {
-        rebuildBtn.disabled = false;
-        rebuildBtn.textContent = _label;
-      }
+      if (window._cookbookRebuildLlamaCpp) await window._cookbookRebuildLlamaCpp(false, rebuildBtn);
     });
   }
 
@@ -1835,6 +1908,9 @@ function _wireTabEvents(body) {
   // Download input
   const dlBtn = document.getElementById('cookbook-dl-btn');
   const dlInput = document.getElementById('cookbook-dl-repo');
+  const dlGgufRow = document.getElementById('cookbook-dl-gguf-row');
+  const dlGgufQuant = document.getElementById('cookbook-dl-gguf-quant');
+  const dlGgufNote = document.getElementById('cookbook-dl-gguf-note');
   const dlCardToggle = document.getElementById('cookbook-download-card-toggle');
   const dlCardBody = document.getElementById('cookbook-download-card-body');
   const dlCardArrow = document.getElementById('cookbook-download-card-arrow');
@@ -1868,6 +1944,87 @@ function _wireTabEvents(body) {
       if (hfMatch) repo = hfMatch[1];
       return repo;
     }
+    function _ggufQuantFromPath(path) {
+      const clean = String(path || '').split('?')[0];
+      const parts = clean.split('/').filter(Boolean);
+      const dir = parts.length > 1 ? parts[0] : '';
+      const file = parts[parts.length - 1] || clean;
+      const dirQuant = dir.match(/^(?:I?Q\d(?:_[A-Z0-9]+){0,3}|UD-[A-Z0-9_]+)$/i);
+      if (dirQuant) return dirQuant[0].toUpperCase();
+      const fileQuant = file.match(/(?:^|[-_.\/])((?:I?Q\d(?:_[A-Z0-9]+){0,3})|(?:UD-[A-Z0-9_]+))(?=(?:[-_.]|\.gguf|$))/i);
+      return fileQuant ? fileQuant[1].toUpperCase() : '';
+    }
+    function _ggufIncludeForQuant(files, quant) {
+      const matches = files.filter(f => _ggufQuantFromPath(f) === quant);
+      if (!matches.length) return '';
+      const dirs = Array.from(new Set(matches.map(f => f.includes('/') ? f.split('/').slice(0, -1).join('/') : '')));
+      if (dirs.length === 1) {
+        const prefix = dirs[0] ? `${dirs[0]}/` : '';
+        return `${prefix}*${quant}*.gguf`;
+      }
+      return `*${quant}*.gguf`;
+    }
+    function _hideGgufPicker(message = '') {
+      if (dlGgufRow) dlGgufRow.style.display = 'none';
+      if (dlGgufQuant) {
+        dlGgufQuant.innerHTML = '';
+        dlGgufQuant.dataset.repo = '';
+      }
+      if (dlGgufNote) dlGgufNote.textContent = message;
+    }
+    async function _scanGgufRepo(rawValue) {
+      if (!dlGgufRow || !dlGgufQuant || !dlGgufNote) return false;
+      const rawRepo = _stripHfUrl(rawValue || '');
+      const ollamaName = _ollamaName(rawRepo);
+      const fileSplit = !ollamaName ? _splitRepoFile(rawRepo) : null;
+      const split = ollamaName ? { repo: ollamaName, include: null } : (fileSplit || _splitRepoTag(rawRepo));
+      const repo = split.repo || '';
+      if (ollamaName || split.include || !/^[^\s/]+\/[^\s/]+$/.test(repo)) {
+        _hideGgufPicker();
+        return false;
+      }
+      dlGgufRow.style.display = 'flex';
+      dlGgufQuant.innerHTML = '<option value="">Scanning...</option>';
+      dlGgufQuant.dataset.repo = repo;
+      dlGgufNote.textContent = '';
+      try {
+        const res = await fetch(`/api/cookbook/hf-gguf-files?repo_id=${encodeURIComponent(repo)}`, { credentials: 'same-origin' });
+        if (!res.ok) throw new Error(`HTTP ${res.status}`);
+        const data = await res.json();
+        if (!data.ok) throw new Error(data.error || 'scan failed');
+        if (dlGgufQuant.dataset.repo !== repo) return false;
+        const files = (data.files || [])
+          .map(s => String(s || ''))
+          .filter(name => /\.gguf$/i.test(name));
+        const byQuant = new Map();
+        files.forEach(name => {
+          const quant = _ggufQuantFromPath(name);
+          if (!quant) return;
+          if (!byQuant.has(quant)) byQuant.set(quant, []);
+          byQuant.get(quant).push(name);
+        });
+        if (!byQuant.size) {
+          _hideGgufPicker('No GGUF quants found');
+          return false;
+        }
+        const quantRank = q => {
+          const m = q.match(/^I?Q(\d)/i);
+          return m ? Number(m[1]) : 99;
+        };
+        const quants = Array.from(byQuant.keys()).sort((a, b) => quantRank(a) - quantRank(b) || a.localeCompare(b));
+        dlGgufQuant.innerHTML = quants.map(q => {
+          const include = _ggufIncludeForQuant(files, q);
+          const count = byQuant.get(q).length;
+          return `<option value="${esc(include)}">${esc(q)} (${count})</option>`;
+        }).join('');
+        const first = dlGgufQuant.options[0];
+        dlGgufNote.textContent = first ? first.value : '';
+        return !!(first && first.value);
+      } catch (err) {
+        _hideGgufPicker(`GGUF scan failed: ${err.message || err}`);
+        return false;
+      }
+    }
     // Split `org/repo:tag` (Ollama/llama.cpp style) into repo + include-glob.
     // The `:tag` picks a specific GGUF quantization file from the repo.
     function _splitRepoTag(raw) {
@@ -1902,7 +2059,7 @@ function _wireTabEvents(body) {
       }
       return null;
     }
-    const triggerDownload = () => {
+    const triggerDownload = async () => {
       const rawRepo = _stripHfUrl(dlInput.value);
       if (!rawRepo) return;
       const ollamaName = _ollamaName(rawRepo);
@@ -1914,6 +2071,9 @@ function _wireTabEvents(body) {
       const { repo, include: autoInclude } = ollamaName
         ? { repo: ollamaName, include: null }
         : (_fileSplit || _splitRepoTag(rawRepo));
+      let pickerInclude = (!ollamaName && !_fileSplit && !autoInclude && dlGgufQuant?.dataset.repo === repo)
+        ? (dlGgufQuant.value || '')
+        : '';
       // HuggingFace repo IDs must be `org/model`. A bare model name would 404
       // at snapshot_download time with a raw traceback, so reject it up front.
       // Ollama names (single-segment with a tag) skip this check — they go
@@ -1923,6 +2083,25 @@ function _wireTabEvents(body) {
         dlInput.focus();
         return;
       }
+      const looksGgufRepo = !ollamaName && !_fileSplit && !autoInclude && /\bgguf\b/i.test(repo);
+      if (looksGgufRepo && !pickerInclude) {
+        const oldText = dlBtn.textContent;
+        dlBtn.disabled = true;
+        dlBtn.textContent = 'Scanning...';
+        try {
+          const found = await _scanGgufRepo(rawRepo);
+          pickerInclude = (found && dlGgufQuant?.dataset.repo === repo) ? (dlGgufQuant.value || '') : '';
+        } finally {
+          dlBtn.disabled = false;
+          dlBtn.textContent = oldText;
+        }
+        if (!pickerInclude) {
+          uiModule.showToast('Pick a GGUF quant first. Odysseus will not download the whole GGUF repo without an include pattern.');
+          return;
+        }
+        uiModule.showToast('Pick the GGUF quant, then press Download again.');
+        return;
+      }
       // Resolve the host straight from THIS window's server dropdown, by index
       // into the (consistent) servers list. We deliberately don't use
       // _envState.remoteHost — there can be multiple copies of the cookbook
@@ -1939,7 +2118,7 @@ function _wireTabEvents(body) {
       let envPath = host ? (_hsrv.envPath || '') : _envState.envPath;
       const payload = { repo_id: repo };
       if (ollamaName) payload.backend = 'ollama';
-      if (autoInclude) payload.include = autoInclude;
+      if (autoInclude || pickerInclude) payload.include = autoInclude || pickerInclude;
       if (_envState.hfToken && !ollamaName) payload.hf_token = _envState.hfToken;
       if (host) { payload.remote_host = host; const _sp3 = _getPort(host); if (_sp3) payload.ssh_port = _sp3; }
       const srvPlatform = _getPlatform(host);
@@ -1966,6 +2145,16 @@ function _wireTabEvents(body) {
     dlInput.addEventListener('keydown', (e) => {
       if (e.key === 'Enter') triggerDownload();
     });
+    let _ggufScanTimer = null;
+    const _scheduleGgufScan = () => {
+      clearTimeout(_ggufScanTimer);
+      _ggufScanTimer = setTimeout(() => _scanGgufRepo(dlInput.value), 350);
+    };
+    dlInput.addEventListener('input', _scheduleGgufScan);
+    dlInput.addEventListener('blur', () => _scanGgufRepo(dlInput.value));
+    dlGgufQuant?.addEventListener('change', () => {
+      if (dlGgufNote) dlGgufNote.textContent = dlGgufQuant.value || '';
+    });
   }
 
   // Latest HF models that fit — collapsible card list
@@ -2095,12 +2284,6 @@ function _wireTabEvents(body) {
           return data.models || [];
         };
         let models = await _fetchLatest(vram);
-        // If the VRAM filter wiped everything out (often a flaky/zero hardware
-        // probe for a remote server — a huge-VRAM box should fit MORE, not
-        // fewer), fall back to the unfiltered trending list so something shows.
-        if (!models.length && vram > 0) {
-          models = await _fetchLatest(0);
-        }
         if (['rocm', 'metal', 'mps', 'apple', 'generic', 'cpu'].includes(hwInfo.backend)) {
           models = models.filter(m => !_hfModelLooksAwqLike(m));
         }
@@ -2438,6 +2621,11 @@ function _renderRecipes() {
   html += `<input type="text" class="cookbook-dl-repo" id="cookbook-dl-repo" placeholder="org/model-name, qwen2.5:14b, or HF URL" style="flex:1;min-width:0;" />`;
   html += `<button class="cookbook-btn cookbook-dl-btn" id="cookbook-dl-btn">Download</button>`;
   html += `</div>`;
+  html += `<div id="cookbook-dl-gguf-row" style="display:none;margin-top:1px;gap:5px;align-items:center;font-size:11px;">`;
+  html += `<span style="opacity:0.65;flex-shrink:0;">GGUF</span>`;
+  html += `<select class="cookbook-field-input" id="cookbook-dl-gguf-quant" style="height:28px;min-width:118px;flex:0 0 auto;"></select>`;
+  html += `<span id="cookbook-dl-gguf-note" style="opacity:0.55;white-space:nowrap;overflow:hidden;text-overflow:ellipsis;"></span>`;
+  html += `</div>`;
   // Ollama-library browse used to live here as its own collapsible dropdown,
   // but that duplicated the Engine filter (which already has Ollama). The
   // standalone UI is gone — to find Ollama models, set Engine = Ollama in
@@ -2454,7 +2642,7 @@ function _renderRecipes() {
   html += `<span id="cookbook-hf-latest-arrow" style="display:inline-block;transition:transform 0.15s;pointer-events:none;opacity:0.6;font-size:11px;">\u25B8</span>`;
   html += `</button>`;
   html += `</div>`;
-  html += `<div id="cookbook-hf-latest-list" style="display:none;margin-top:4px;max-height:320px;overflow-y:auto;flex-direction:column;gap:4px;"></div>`;
+  html += `<div id="cookbook-hf-latest-list" style="display:none;margin-top:4px;max-height:320px;overflow-y:auto;overscroll-behavior:contain;flex-direction:column;gap:4px;"></div>`;
   html += `</div>`;
   html += `</div>`;  // /#cookbook-dl-tab-fold-body (whole Download card body)
 
@@ -2884,6 +3072,7 @@ const shared = {
   _getPort,
   _sshPrefix,
   _serverByVal,
+  _serverKey,
   _selectedServer,
   _getPlatform,
   _isWindows,
diff --git a/static/js/cookbookRunning.js b/static/js/cookbookRunning.js
index a390e11ad..7672edfd2 100644
--- a/static/js/cookbookRunning.js
+++ b/static/js/cookbookRunning.js
@@ -27,6 +27,9 @@ function _statusLabel(status, type) {
 // "cookbook-task-status" ('' = the neutral loading style).
 function _taskBadge(task) {
   if (task._unreachable && task.status === 'running') return { text: 'unreachable', cls: 'cookbook-task-error' };
+  if (task.type === 'download' && task.status === 'running') {
+    return { text: _statusLabel(task.status, task.type), cls: 'cookbook-task-downloading' };
+  }
   if (task.type === 'serve' && task.status === 'running' && task.progress) {
     // Same green "running" pill — just with dynamic phase text, so it doesn't
     // read as a different status while the server is coming up.
@@ -52,13 +55,13 @@ function _downloadOutputLooksActive(task) {
 
 function _canClearTask(task) {
   if (!task || task.status === 'running') return false;
-  if (task.type === 'serve' && (task.status === 'ready' || task._serveReady)) return false;
+  if (task.type === 'serve' && (task.status === 'ready' || (task._serveReady && !['stopped', 'error', 'crashed', 'failed', 'completed'].includes(task.status)))) return false;
   // If the tmux output still shows an in-flight download, the task isn't
   // actually finished — hide the clear/check pill so it doesn't show on a
   // task that's still doing work. (The next render will reflect this and
   // ideally the self-heal flips status back to running.)
   if (_downloadOutputLooksActive(task)) return false;
-  return ['done', 'stopped', 'error', 'crashed', 'failed'].includes(task.status);
+  return ['done', 'completed', 'stopped', 'error', 'crashed', 'failed'].includes(task.status);
 }
 
 function _clearPillLabel(task) {
@@ -66,6 +69,13 @@ function _clearPillLabel(task) {
   return 'clear';
 }
 
+function _venvRootFromPath(path) {
+  let p = (path || '').toString().trim().replace(/\/+$/, '');
+  if (!p) return '';
+  p = p.replace(/\/bin\/(?:activate|python(?:3(?:\.\d+)?)?|vllm|pip(?:3)?)$/i, '');
+  return p;
+}
+
 // A pip dependency/driver install (payload._dep) reports success with the
 // runner's "=== Process exited with code 0 ===" sentinel and pip's
 // "Successfully installed" line — never the HuggingFace download markers
@@ -263,6 +273,7 @@ let _copyText;
 let _persistEnvState;
 let _refreshDependencies;
 let _serverByVal;
+let _serverKey;
 let _selectedServer;
 let modelLogo;
 let esc;
@@ -688,8 +699,10 @@ export function _saveTasks(tasks) {
 export function _addTask(sessionId, name, type, payload) {
   let tasks = _loadTasks();
   const remoteHost = (payload && payload.remote_host) || _envState.remoteHost || '';
-  const sshPort = (payload && payload.ssh_port) || _getPort(remoteHost) || '';
-  const platform = (payload && payload.platform) || _getPlatform(remoteHost) || '';
+  const remoteServerKey = (payload && payload.remote_server_key) || '';
+  const remoteServerName = (payload && payload.remote_server_name) || '';
+  const sshPort = (payload && payload.ssh_port) || _getPort(remoteServerKey || remoteHost) || '';
+  const platform = (payload && payload.platform) || _getPlatform(remoteServerKey || remoteHost) || '';
   // Serving a model supersedes its finished download — clear the matching
   // finished download card (covers serving directly from the Serve tab, not just
   // via the download card's "Serve →" button).
@@ -704,7 +717,7 @@ export function _addTask(sessionId, name, type, payload) {
       return !(key && t.type === 'download' && t.status === 'queued' && _downloadDedupeKey(t) === key);
     });
   }
-  const task = _stripTaskSecrets({ id: sessionId, sessionId, name, type, status: 'running', output: '', ts: Date.now(), payload: payload || null, remoteHost, sshPort, platform });
+  const task = _stripTaskSecrets({ id: sessionId, sessionId, name, type, status: 'running', output: '', ts: Date.now(), payload: payload || null, remoteHost, remoteServerKey, remoteServerName, sshPort, platform });
   tasks.push(task);
   _saveTasks(tasks);
   // New action → collapse all other cards, leave only this one open.
@@ -1520,14 +1533,18 @@ function _parseServeCmdToFields(cmd) {
   return fields;
 }
 
-export async function _launchServeTask(shortName, repo, cmd, fields, hostOverride) {
+export async function _launchServeTask(shortName, repo, cmd, fields, hostOverride, targetMeta = null) {
   // Host resolution mirrors the download path: when the caller passes an explicit
   // host (resolved from the dropdown the user actually picked), use it and look
   // up that server's port/platform from the shared servers list. Only fall back
   // to _envState.remoteHost for legacy callers (diagnosis/pip-update).
   const _host = (hostOverride !== undefined) ? (hostOverride || '') : (_envState.remoteHost || '');
-  const _hsrv = _serverByVal(_envState.remoteServerKey || _host)
+  const _targetKey = targetMeta?.serverKey || '';
+  const _hsrv = (_targetKey && _targetKey !== 'local' ? _serverByVal(_targetKey) : null)
+    || (hostOverride === undefined ? _serverByVal(_envState.remoteServerKey || _host) : null)
     || _envState.servers.find(s => s.host === _host) || {};
+  const _serverMetaKey = _targetKey || (_hsrv && _serverKey ? _serverKey(_hsrv) : '') || (_host || 'local');
+  const _serverMetaName = targetMeta?.serverName || _hsrv.name || (_host ? _host : 'Local');
   const _hplatform = _host ? (_hsrv.platform || '') : (_envState.platform || '');
 
   // Replace any serve already targeting this same host:port — you can't run two
@@ -1572,7 +1589,7 @@ export async function _launchServeTask(shortName, repo, cmd, fields, hostOverrid
     }
   } else {
     if (_envState.env === 'venv' && _envState.envPath) {
-      const p = _envState.envPath;
+      const p = _venvRootFromPath(_envState.envPath);
       envPrefix = 'source ' + (p.endsWith('/bin/activate') ? p : p + '/bin/activate');
     } else if (_envState.env === 'conda' && _envState.envPath) {
       envPrefix = 'eval "$(conda shell.bash hook)" && conda activate ' + _envState.envPath;
@@ -1583,7 +1600,7 @@ export async function _launchServeTask(shortName, repo, cmd, fields, hostOverrid
     repo_id: repo,
     cmd: cmd,
     remote_host: _host || undefined,
-    ssh_port: _getPort(_host) || undefined,
+    ssh_port: _getPort(_serverMetaKey || _host) || undefined,
     env_prefix: envPrefix || undefined,
     hf_token: _envState.hfToken || undefined,
     gpus: _envState.gpus || undefined,
@@ -1607,11 +1624,11 @@ export async function _launchServeTask(shortName, repo, cmd, fields, hostOverrid
       return;
     }
 
-    const _sp = _getPort(_host);
+    const _sp = _getPort(_serverMetaKey || _host);
     // _fields = the exact structured serve-form values used for this launch,
     // so the "Edit / relaunch" button can re-open the Serve panel pre-filled
     // with these precise settings (not just the last-used-for-repo state).
-    const payload = { repo_id: repo, remote_host: _host || undefined, ssh_port: _sp || undefined, _cmd: cmd, _fields: fields || undefined, _env: _usedEnv, _envPath: _usedEnvPath, _gpus: _usedGpus };
+    const payload = { repo_id: repo, remote_host: _host || undefined, remote_server_key: _serverMetaKey || undefined, remote_server_name: _serverMetaName || undefined, ssh_port: _sp || undefined, _cmd: cmd, _fields: fields || undefined, _env: _usedEnv, _envPath: _usedEnvPath, _gpus: _usedGpus };
     _addTask(data.session_id, shortName, 'serve', payload);
     uiModule.showToast(`Serving ${shortName}...`);
     // Auto-register may have enabled an existing (offline) endpoint for this
@@ -1760,16 +1777,25 @@ export function _renderRunningTab() {
   }
 
   // Group tasks by server
-  const _serverName = (host) => {
-    if (!host) return 'Local';
-    const srv = _serverByVal(_envState.remoteServerKey || host)
-      || _envState.servers.find(s => s.host === host);
-    return srv?.name || host;
+  const _taskServerKey = (task) => task?.remoteServerKey || task?.remoteHost || '';
+  const _serverName = (keyOrTask) => {
+    if (keyOrTask && typeof keyOrTask === 'object') {
+      const task = keyOrTask;
+      if (task.remoteServerName) return task.remoteServerName;
+      const srv = task.remoteServerKey ? _serverByVal(task.remoteServerKey) : null;
+      if (srv?.name) return srv.name;
+      if (!task.remoteHost) return 'Local';
+      return (_envState.servers.find(s => s.host === task.remoteHost)?.name) || task.remoteHost;
+    }
+    const key = keyOrTask || '';
+    if (!key || key === 'local') return 'Local';
+    const srv = _serverByVal(key);
+    return srv?.name || key;
   };
   const serverGroups = {};
   for (const t of tasks) {
-    const key = t.remoteHost || '';
-    if (!serverGroups[key]) serverGroups[key] = { name: _serverName(key), serve: [], download: [] };
+    const key = _taskServerKey(t);
+    if (!serverGroups[key]) serverGroups[key] = { name: _serverName(t), serve: [], download: [] };
     serverGroups[key][t.type === 'serve' ? 'serve' : 'download'].push(t);
   }
 
@@ -1816,12 +1842,12 @@ export function _renderRunningTab() {
       e.stopPropagation();  // don't toggle the section collapse (was an inline onclick, blocked by CSP)
       const host = btn.dataset.clearServer;
       const allTasks = _loadTasks();
-      const toRemove = allTasks.filter(t => (t.remoteHost || '') === host && _canClearTask(t));
+      const toRemove = allTasks.filter(t => _taskServerKey(t) === host && _canClearTask(t));
       // Bail with a clear message instead of silently doing nothing when
       // every task on this server is still running (nothing finished to
       // clear yet) — the previous behavior looked like the button was dead.
       if (!toRemove.length) {
-        const stillRunning = allTasks.filter(t => (t.remoteHost || '') === host && t.status === 'running').length;
+        const stillRunning = allTasks.filter(t => _taskServerKey(t) === host && t.status === 'running').length;
         const _msg = stillRunning
           ? `No finished tasks on ${_serverName(host)} — ${stillRunning} still running. Stop them first to clear.`
           : `No finished tasks on ${_serverName(host)}.`;
@@ -1830,7 +1856,7 @@ export function _renderRunningTab() {
         return;
       }
       if (!await window.styledConfirm(`Clear ${toRemove.length} finished task${toRemove.length === 1 ? '' : 's'} on ${_serverName(host)}?`, { confirmText: 'Clear' })) return;
-      const remaining = allTasks.filter(t => (t.remoteHost || '') !== host || !_canClearTask(t));
+      const remaining = allTasks.filter(t => _taskServerKey(t) !== host || !_canClearTask(t));
       _saveTasks(remaining);
       // Fade/slide each finished card out (same exit as the per-card clear)
       // instead of yanking them instantly.
@@ -1864,7 +1890,7 @@ export function _renderRunningTab() {
     btn.addEventListener('click', async (e) => {
       e.stopPropagation();  // don't toggle the section collapse
       const host = btn.dataset.stopServer;
-      const running = _loadTasks().filter(t => (t.remoteHost || '') === host && t.status === 'running');
+      const running = _loadTasks().filter(t => _taskServerKey(t) === host && t.status === 'running');
       if (!running.length) { uiModule.showToast(`Nothing running on ${_serverName(host)}`); return; }
       if (!await window.styledConfirm(`Stop ${running.length} running task${running.length > 1 ? 's' : ''} on ${_serverName(host)}?`, { confirmText: 'Stop all' })) return;
       // Mark every task as user-stopped BEFORE firing the kills so that the
@@ -2177,9 +2203,6 @@ export function _renderRunningTab() {
         if (task.status !== 'running' && task.status !== 'queued') {
           items.push({ group: 'run', label: 'Reconnect tmux', action: 'reconnect' });
         }
-        if (task.status === 'running') {
-          items.push({ group: 'run', label: 'Stop', action: 'stop', danger: true });
-        }
         items.push({ group: 'run', label: 'Restart', action: 'retry' });
         // ── Edit section ────────────────────────────────────────────
         // Merged "Edit & relaunch" — opens the structured serve panel
@@ -2539,7 +2562,7 @@ export function _renderRunningTab() {
     });
 
     // Route to the right server section body
-    const serverBodyId = `server-body-${(task.remoteHost || 'local').replace(/[^a-zA-Z0-9-]/g, '_')}`;
+    const serverBodyId = `server-body-${(_taskServerKey(task) || 'local').replace(/[^a-zA-Z0-9-]/g, '_')}`;
     const targetBody = document.getElementById(serverBodyId);
     if (targetBody) targetBody.appendChild(el);
     else group.appendChild(el);
@@ -3393,7 +3416,8 @@ function _refreshServerDots() {
   let tasks;
   try { tasks = _loadTasks(); } catch { return; }
   const byKey = {};
-  for (const t of tasks) { (byKey[t.remoteHost || ''] = byKey[t.remoteHost || ''] || []).push(t); }
+  const _taskServerKeyForDot = (task) => task?.remoteServerKey || task?.remoteHost || '';
+  for (const t of tasks) { (byKey[_taskServerKeyForDot(t)] = byKey[_taskServerKeyForDot(t)] || []).push(t); }
   document.querySelectorAll('.cookbook-section-header').forEach(header => {
     const dot = header.querySelector('.cookbook-srv-status');
     if (!dot) return;
@@ -3798,6 +3822,7 @@ export function initRunning(shared) {
   _persistEnvState = shared._persistEnvState;
   _refreshDependencies = shared._refreshDependencies;
   _serverByVal = shared._serverByVal;
+  _serverKey = shared._serverKey;
   _selectedServer = shared._selectedServer;
   modelLogo = shared.modelLogo;
   esc = shared.esc;
diff --git a/static/js/cookbookServe.js b/static/js/cookbookServe.js
index aba3f7926..da48507f7 100644
--- a/static/js/cookbookServe.js
+++ b/static/js/cookbookServe.js
@@ -18,6 +18,7 @@ let _sshCmd;
 let _getPort;
 let _sshPrefix;
 let _serverByVal;
+let _serverKey;
 let _getPlatform;
 let _isWindows;
 let _isMetal;
@@ -41,9 +42,40 @@ let _nextAvailablePort;
 
 // Storage keys
 const SERVE_STATE_KEY = 'cookbook-serve-state';
+const SERVE_FAVORITES_KEY = 'cookbook-serve-favorite-models';
 
 let _cachedAllModels = [];
 
+function _loadServeFavorites() {
+  try {
+    const raw = JSON.parse(localStorage.getItem(SERVE_FAVORITES_KEY) || '[]');
+    return new Set(Array.isArray(raw) ? raw.filter(Boolean).map(String) : []);
+  } catch {
+    return new Set();
+  }
+}
+
+function _saveServeFavorites(favorites) {
+  try {
+    localStorage.setItem(SERVE_FAVORITES_KEY, JSON.stringify(Array.from(favorites || [])));
+  } catch {}
+}
+
+function _isServeFavorite(repo) {
+  return _loadServeFavorites().has(String(repo || ''));
+}
+
+function _toggleServeFavorite(repo) {
+  const key = String(repo || '');
+  if (!key) return false;
+  const favorites = _loadServeFavorites();
+  const next = !favorites.has(key);
+  if (next) favorites.add(key);
+  else favorites.delete(key);
+  _saveServeFavorites(favorites);
+  return next;
+}
+
 function _repoLooksAwqLike(model, repo) {
   const q = String(model?.quant || '').toUpperCase();
   const n = `${repo || ''} ${model?.repo_id || ''} ${model?.name || ''} ${model?.path || ''}`.toLowerCase();
@@ -53,7 +85,9 @@ function _repoLooksAwqLike(model, repo) {
 function _repoLooksGgufLike(model, repo) {
   const q = String(model?.quant || '').toUpperCase();
   const n = `${repo || ''} ${model?.repo_id || ''} ${model?.name || ''} ${model?.path || ''}`.toLowerCase();
-  return !!model?.is_gguf || /^Q[2-8]/.test(q) || /^IQ/.test(q) || q === 'GGUF' || n.includes('gguf');
+  const hasGgufFile = Array.isArray(model?.gguf_files)
+    && model.gguf_files.some(f => f && typeof f.rel_path === 'string' && /\.gguf$/i.test(f.rel_path));
+  return !!model?.is_gguf || hasGgufFile || /^Q[2-8]/.test(q) || /^IQ/.test(q) || q === 'GGUF' || n.includes('gguf');
 }
 
 function _serveBackendWarning(model, repo, backend, fields = {}) {
@@ -96,6 +130,352 @@ function _allGpuIds(count) {
   return Array.from({ length: Math.floor(n) }, (_, i) => String(i)).join(',');
 }
 
+function _shellSplitForPreview(cmd) {
+  const s = String(cmd || '');
+  const out = [];
+  let cur = '';
+  let quote = '';
+  let escNext = false;
+  for (const ch of s) {
+    if (escNext) {
+      cur += ch;
+      escNext = false;
+      continue;
+    }
+    if (ch === '\\') {
+      cur += ch;
+      escNext = true;
+      continue;
+    }
+    if (quote) {
+      cur += ch;
+      if (ch === quote) quote = '';
+      continue;
+    }
+    if (ch === '"' || ch === "'") {
+      quote = ch;
+      cur += ch;
+      continue;
+    }
+    if (/\s/.test(ch)) {
+      if (cur) {
+        out.push(cur);
+        cur = '';
+      }
+      continue;
+    }
+    cur += ch;
+  }
+  if (cur) out.push(cur);
+  return out;
+}
+
+function _formatServeCmdPreview(cmd) {
+  const raw = String(cmd || '');
+  if (raw.startsWith('MODEL_FILE=$({')) {
+    const marker = /&&\s+([A-Za-z_][A-Za-z0-9_]*=\S+\s+)*(?:[A-Za-z_][A-Za-z0-9_]*=\S+\s+)?(?:llama-server|python3?\s+-m\s+llama_cpp\.server)\b/;
+    const match = raw.match(marker);
+    if (match && match.index > 0) {
+      const prelude = raw.slice(0, match.index).replace(/\s+/g, ' ').trim();
+      const rest = raw.slice(match.index).replace(/^\s*&&\s*/, '');
+      return `${prelude}\n&&\n${_formatServeCmdPreview(rest)}`;
+    }
+  }
+  const tokens = _shellSplitForPreview(cmd);
+  if (tokens.length <= 4) return String(cmd || '');
+  const lines = [];
+  let i = 0;
+  while (i < tokens.length && /^[A-Za-z_][A-Za-z0-9_]*=/.test(tokens[i])) {
+    lines.push(tokens[i]);
+    i++;
+  }
+  if (tokens[i]) {
+    const head = [tokens[i++]];
+    if (tokens[i] && !tokens[i].startsWith('--') && !/^[A-Za-z_][A-Za-z0-9_]*=/.test(tokens[i])) head.push(tokens[i++]);
+    if (tokens[i] && !tokens[i].startsWith('--') && !/^[A-Za-z_][A-Za-z0-9_]*=/.test(tokens[i])) head.push(tokens[i++]);
+    lines.push(head.join(' '));
+  }
+  while (i < tokens.length) {
+    const t = tokens[i++];
+    if (t.startsWith('--')) {
+      const vals = [];
+      while (i < tokens.length && !tokens[i].startsWith('--') && !/^[A-Za-z_][A-Za-z0-9_]*=/.test(tokens[i])) {
+        vals.push(tokens[i++]);
+      }
+      lines.push([t, ...vals].join(' '));
+    } else {
+      lines.push(t);
+    }
+  }
+  return lines.join('\n');
+}
+
+function _normalizeServeCmdForLaunch(cmd) {
+  return String(cmd || '')
+    .replace(/MODEL_FILE=\$\(\{\s+/g, 'MODEL_FILE=$({ ')
+    .replace(/\s+\}\s+\|\s+head\s+-1\)/g, ' } | head -1)')
+    .replace(/\s*;\s*/g, '; ')
+    .replace(/\s*\|\|\s*/g, ' __ODY_OR__ ')
+    .replace(/\s*\|\s*/g, ' | ')
+    .replace(/\s+__ODY_OR__\s+/g, ' || ')
+    .replace(/\s+/g, ' ')
+    .trim();
+}
+
+function _modelSizeGb(model, explicitGb = 0) {
+  const explicit = Number(explicitGb || 0);
+  if (Number.isFinite(explicit) && explicit > 0) return explicit;
+  const bytes = Number(model?.size_bytes || 0);
+  if (Number.isFinite(bytes) && bytes > 0) return bytes / (1024 ** 3);
+  const gb = Number(
+    model?.size_gb
+    || model?.required_gb
+    || model?.vram_needed
+    || model?.min_vram_gb
+    || model?.recommended_ram_gb
+    || model?.min_ram_gb
+    || 0
+  );
+  if (Number.isFinite(gb) && gb > 0) return gb;
+  if (_isMiniMaxM3Model(model)) return 240;
+  return 0;
+}
+
+function _parseParamsB(text) {
+  const s = String(text || '');
+  const m = s.match(/(\d+(?:\.\d+)?)\s*([bBmMtT])\b/);
+  if (!m) return 0;
+  const n = parseFloat(m[1]);
+  if (!Number.isFinite(n) || n <= 0) return 0;
+  const unit = m[2].toLowerCase();
+  if (unit === 't') return n * 1000;
+  if (unit === 'b') return n;
+  if (unit === 'm') return n / 1000;
+  return 0;
+}
+
+function _knownModelContextMax(model) {
+  if (_isMiniMaxM3Model(model)) return 1048576;
+  return 0;
+}
+
+function _modelIdentityText(model) {
+  return [
+    model?.repo_id,
+    model?.quant_repo,
+    model?.name,
+    model?.id,
+    model?.path,
+    model?.model_path,
+    model?.served_model_name,
+    model?.quant,
+    model?.format,
+  ].filter(Boolean).join(' ').toLowerCase();
+}
+
+function _isMiniMaxM3Model(model) {
+  const name = _modelIdentityText(model);
+  return (
+    (/minimax/.test(name) && /\bm3\b/.test(name))
+    || /minimax-m3/.test(name)
+    || /models--cyankiwi--minimax-m3-awq-int4/.test(name)
+    || /cyankiwi\/minimax-m3-awq-int4/.test(name)
+  );
+}
+
+function _isMiniMaxM2Model(model) {
+  const name = _modelIdentityText(model);
+  return /minimax/.test(name) && /\bm2(?:\.\d+)?\b/.test(name);
+}
+
+function _modelContextMaxForServe(model, explicitMax) {
+  const explicit = Number(explicitMax || 0);
+  if (Number.isFinite(explicit) && explicit > 0) return explicit;
+  const known = _knownModelContextMax(model);
+  if (known > 0) return known;
+  for (const key of ['context_length', 'max_position_embeddings', 'n_ctx_train', 'model_max_length', 'max_seq_len']) {
+    const value = Number(model?.[key] || 0);
+    if (Number.isFinite(value) && value > 0) return value;
+  }
+  const catalogCtx = Number(model?.context || 0);
+  if (Number.isFinite(catalogCtx) && catalogCtx > 0) return catalogCtx;
+  return 131072;
+}
+
+function _estimateVllmContextFit(model, fields, modelCtxMax, modelWeightsGb = 0, fitSystem = null) {
+  const sys = fitSystem || _hwfitCache?.system || {};
+  const isMiniMaxM3 = _isMiniMaxM3Model(model);
+  const gpuIds = String(fields.gpus || '').split(',').map(s => parseInt(s.trim(), 10)).filter(Number.isFinite);
+  const tp = Math.max(1, parseInt(fields.tp, 10) || gpuIds.length || 1);
+  const selectedCount = Math.max(1, gpuIds.length || tp);
+  const groups = Array.isArray(sys.gpu_groups) ? sys.gpu_groups : [];
+  const activeGroup = sys.active_group || groups[0] || null;
+  const perGpuGb = Number(activeGroup?.vram_each)
+    || (Number(sys.gpu_vram_gb) / Math.max(1, Number(sys.gpu_count) || selectedCount))
+    || 0;
+  if (!perGpuGb) {
+    return { needsHardwareScan: true, reason: 'scan hardware first to estimate context from VRAM' };
+  }
+
+  const gpuUtil = Math.min(0.99, Math.max(0.1, parseFloat(fields.gpu_mem) || 0.90));
+  const budgetGb = perGpuGb * selectedCount * gpuUtil;
+  const modelGb = _modelSizeGb(model, modelWeightsGb);
+  if (!modelGb) return { needsModelSize: true, reason: 'model weight size unknown; scan model files or enter context manually' };
+  const modelMax = Math.max(1024, _modelContextMaxForServe(model, modelCtxMax));
+
+  if (isMiniMaxM3) {
+    const perGpuBudgetGb = perGpuGb * gpuUtil;
+    const modelShardGb = modelGb / Math.max(1, tp);
+    const fixedOverheadGb = Math.max(1.5, perGpuBudgetGb * 0.035);
+    const freeForKv = perGpuBudgetGb - modelShardGb - fixedOverheadGb;
+    const kvGbPerToken = (29.25 / 1048576) * (String(fields.vllm_kv_cache_dtype || '').toLowerCase() === 'fp8' ? 1 : 1.8);
+    if (freeForKv <= 0) {
+      return {
+        ctx: 1024,
+        budgetGb,
+        modelGb,
+        kvGbPerToken,
+        reason: `model shard ${modelShardGb.toFixed(1)}G exceeds per-GPU usable ${perGpuBudgetGb.toFixed(1)}G before KV`,
+      };
+    }
+    const raw = Math.floor((freeForKv / kvGbPerToken) * 0.99);
+    const rounded = Math.max(1024, Math.floor(raw / 128) * 128);
+    const ctx = Math.min(modelMax, rounded);
+    return {
+      ctx,
+      budgetGb,
+      modelGb,
+      kvGbPerToken,
+      reason: `~${ctx.toLocaleString()} tokens fits per-GPU KV (${freeForKv.toFixed(1)}G free)`,
+    };
+  }
+
+  const name = `${model?.repo_id || ''} ${model?.name || ''} ${model?.quant || ''}`;
+  const lower = name.toLowerCase();
+  const isMoE = /\bmoe\b|a\d+b|minimax|deepseek|mixtral|kimi-k2|glm-4\.5/.test(lower);
+  const totalParams = _parseParamsB(name) || Math.max(1, modelGb / 0.58);
+  const activeFromName = (() => {
+    const m = lower.match(/\ba(\d+(?:\.\d+)?)b\b/);
+    return m ? parseFloat(m[1]) : 0;
+  })();
+  const activeParams = activeFromName || (isMoE ? Math.min(totalParams, 32) : totalParams);
+  const effectiveActiveParams = (/minimax/.test(lower) && /\bm3\b/.test(lower)) ? 23 : activeParams;
+  const kvDtype = String(fields.vllm_kv_cache_dtype || '').toLowerCase();
+  const kvFactor = kvDtype === 'fp8' ? 0.55 : 1;
+  const kvGbPerTokenTotal = Math.max(0.00002, 0.000008 * effectiveActiveParams * kvFactor);
+  const kvGbPerToken = kvGbPerTokenTotal / Math.max(1, tp);
+  const perGpuBudgetGb = perGpuGb * gpuUtil;
+  const modelShardGb = modelGb / Math.max(1, tp);
+  const fixedOverheadGb = Math.max(1.5, perGpuBudgetGb * 0.035);
+  const freeForKv = perGpuBudgetGb - modelShardGb - fixedOverheadGb;
+  if (freeForKv <= 0) {
+    return {
+      ctx: 1024,
+      budgetGb,
+      modelGb,
+      kvGbPerToken,
+      reason: `model shard ${modelShardGb.toFixed(1)}G exceeds per-GPU usable ${perGpuBudgetGb.toFixed(1)}G before KV`,
+    };
+  }
+  const raw = Math.floor(freeForKv / kvGbPerToken);
+  const rounded = Math.max(1024, Math.floor(raw / 1024) * 1024);
+  const ctx = Math.min(modelMax, rounded);
+  return {
+    ctx,
+    budgetGb,
+    modelGb,
+    kvGbPerToken,
+    reason: `~${ctx.toLocaleString()} tokens fits per-GPU KV (${freeForKv.toFixed(1)}G free)`,
+  };
+}
+
+function _estimateLlamaContextFit(model, fields, modelCtxMax, modelWeightsGb = 0, fitSystem = null, profileData = null) {
+  const profiles = Array.isArray(profileData?.profiles) ? profileData.profiles : [];
+  const preferred = profiles.find(p => String(p?.key || '').toLowerCase() === 'balanced')
+    || profiles.find(p => Number(p?.ctx) > 0)
+    || null;
+  const modelMax = Math.max(1024, _modelContextMaxForServe(model, modelCtxMax));
+  if (preferred && Number(preferred.ctx) > 0) {
+    const ctx = Math.min(modelMax, Number(preferred.ctx));
+    return {
+      ctx,
+      reason: `profile ${preferred.label || preferred.key || 'fit'} fits scanned hardware`,
+    };
+  }
+
+  const sys = fitSystem || _hwfitCache?.system || {};
+  const modelGb = _modelSizeGb(model, modelWeightsGb);
+  const backend = String(fields.backend || '').toLowerCase();
+  const llamaMode = String(fields.llama_mode || '').toLowerCase();
+  const isCpuMode = backend === 'llamacpp' && llamaMode === 'cpu';
+  const isUnifiedMode = backend === 'llamacpp' && (llamaMode === 'unified' || fields.unified_mem);
+  if (!modelGb) {
+    return {
+      ctx: Math.min(modelMax, 32768),
+      needsModelSize: true,
+      reason: 'model weight size unknown; using model limit fallback',
+    };
+  }
+
+  if (isCpuMode) {
+    return {
+      ctx: Math.min(modelMax, 131072),
+      modelGb,
+      reason: 'CPU mode uses system RAM; capped to trained limit',
+    };
+  }
+
+  const gpuIds = String(fields.gpus || '').split(',').map(s => parseInt(s.trim(), 10)).filter(Number.isFinite);
+  const selectedCount = Math.max(1, gpuIds.length || parseInt(fields.tp, 10) || 1);
+  const groups = Array.isArray(sys.gpu_groups) ? sys.gpu_groups : [];
+  const activeGroup = sys.active_group || groups[0] || null;
+  const totalVramGb = Number(activeGroup?.vram_each)
+    ? Number(activeGroup.vram_each) * selectedCount
+    : (Number(sys.gpu_vram_gb) || 0);
+  if (!totalVramGb) {
+    return {
+      ctx: Math.min(modelMax, 32768),
+      modelGb,
+      needsHardwareScan: true,
+      reason: 'scan hardware first; using model limit fallback',
+    };
+  }
+
+  const totalRamGb = Number(sys.total_ram_gb) || 0;
+  const availableRamGb = Number(sys.available_ram_gb) || 0;
+  const unifiedPoolGb = isUnifiedMode
+    ? Math.max(
+        totalVramGb,
+        availableRamGb,
+        totalRamGb > 0 ? totalRamGb * 0.85 : 0
+      )
+    : totalVramGb;
+  const usableGb = isUnifiedMode
+    ? Math.max(1, unifiedPoolGb - Math.max(2.0, unifiedPoolGb * 0.08))
+    : Math.max(1, totalVramGb - Math.max(1.0, selectedCount * 0.6));
+  const freeForKv = usableGb - modelGb;
+  const kv = String(fields.cache_type || '').toLowerCase();
+  const kvFactor = kv === 'q4_0' ? 0.55 : (kv === 'q8_0' ? 1 : (kv === 'f16' ? 1.9 : 1));
+  const kvGbPerToken = Math.max(0.00008, (modelGb / 7.5) * 0.0007 * kvFactor);
+  if (freeForKv <= 0) {
+    return {
+      ctx: Math.min(modelMax, 8192),
+      modelGb,
+      kvGbPerToken,
+      reason: `model ${modelGb.toFixed(1)}G exceeds usable ${isUnifiedMode ? 'unified memory' : 'VRAM'} ${usableGb.toFixed(1)}G before KV`,
+    };
+  }
+  const raw = Math.floor(freeForKv / kvGbPerToken);
+  const rounded = Math.max(1024, Math.floor(raw / 1024) * 1024);
+  const ctx = Math.min(modelMax, rounded);
+  return {
+    ctx,
+    modelGb,
+    kvGbPerToken,
+    reason: `~${ctx.toLocaleString()} tokens fits llama.cpp KV (${freeForKv.toFixed(1)}G free ${isUnifiedMode ? 'unified' : 'VRAM'})`,
+  };
+}
+
 function _selectedServeTarget(panel) {
   const select = document.getElementById('hwfit-server-select') || document.getElementById('hwfit-dl-server');
   const servers = Array.isArray(_envState.servers) ? _envState.servers : [];
@@ -117,6 +497,8 @@ function _selectedServeTarget(panel) {
     : (server?.name || 'local server');
   return {
     host,
+    serverKey: server ? (_serverKey?.(server) || '') : (select?.value || ''),
+    serverName: server?.name || '',
     port: host ? (_getPort(host) || server?.port || '') : '',
     venv,
     platform: server?.platform || _envState.platform || '',
@@ -152,6 +534,9 @@ function _runtimeNoteText(backend, pkg, target) {
   const label = labels[backend] || backend;
   if (!pkg) return `${label} readiness unavailable for ${target.label}.`;
   const note = pkg.status_note || pkg.update_note || '';
+  if (pkg.installed === null || pkg.probe_error) {
+    return note ? `${label} readiness unavailable for ${target.label}: ${note}` : `${label} readiness unavailable for ${target.label}.`;
+  }
   if (pkg.installed) {
     return note ? `${label} ready on ${target.label}: ${note}` : `${label} ready on ${target.label}.`;
   }
@@ -226,6 +611,13 @@ function _runnableGgufFiles(model) {
   return primary.length ? primary : files;
 }
 
+function _selectedGgufSizeGb(model, relPath) {
+  const file = _runnableGgufFiles(model).find(f => f.rel_path === relPath);
+  const bytes = Number(file?.size_bytes || 0);
+  if (!Number.isFinite(bytes) || bytes <= 0) return 0;
+  return bytes / (1024 ** 3);
+}
+
 function _ggufFileLabel(file) {
   const base = (file.name || file.rel_path || '').split('/').pop();
   const size = _formatGgufSize(file.size_bytes);
@@ -281,6 +673,12 @@ function _rerenderCachedModels() {
   else if (sortVal === 'size-desc') allModels.sort((a, b) => _parseSize(b.size) - _parseSize(a.size));
   else if (sortVal === 'size-asc') allModels.sort((a, b) => _parseSize(a.size) - _parseSize(b.size));
   else if (sortVal === 'recent') allModels.sort((a, b) => (b.mtime || 0) - (a.mtime || 0));
+  const favorites = _loadServeFavorites();
+  allModels.sort((a, b) => {
+    const af = favorites.has(String(a.repo_id || '')) ? 1 : 0;
+    const bf = favorites.has(String(b.repo_id || '')) ? 1 : 0;
+    return bf - af;
+  });
 
   let html = '';
   let visibleCount = 0;
@@ -303,8 +701,9 @@ function _rerenderCachedModels() {
     // living on the same line as the model name.
     const _isDownloading = m.status === 'downloading';
     const _isDlActive = _isDownloading ? _isActivelyDownloading(m.repo_id) : false;
+    const _isFavorite = favorites.has(String(m.repo_id || ''));
     const isSelectMode = document.getElementById('hwfit-cache-select')?.classList.contains('active');
-    html += `<div class="doclib-card memory-item" data-repo="${esc(m.repo_id)}" data-tag="${m._tag || ''}" data-family="${m._family || ''}" style="cursor:pointer;">`;
+    html += `<div class="doclib-card memory-item${_isFavorite ? ' memory-pinned cookbook-serve-favorite-model' : ''}" data-repo="${esc(m.repo_id)}" data-tag="${m._tag || ''}" data-family="${m._family || ''}" style="cursor:pointer;">`;
     html += `<span class="serve-select-cb memory-select-dot" style="display:${isSelectMode ? 'inline-block' : 'none'};cursor:pointer;"></span>`;
     html += `<div style="flex:1;min-width:0;">`;
     const _mc = modelColor(m.repo_id) || '';
@@ -314,7 +713,8 @@ function _rerenderCachedModels() {
     const _downloadingPill = _isDownloading
       ? ` <span class="cookbook-serve-downloading-pill${_isDlActive ? '' : ' is-stalled'}" title="${_isDlActive ? 'Download in progress' : 'Download stalled — retry to resume'}">${_isDlActive ? 'downloading' : 'stalled'}</span>`
       : '';
-    html += `<div class="memory-item-title"${_mc ? ` style="color:${_mc}"` : ''}>${modelLogo(m.repo_id)}${esc(shortName)}${hfLink ? ` <a href="${esc(hfLink)}" target="_blank" rel="noopener" class="cookbook-hf-link">HF ↗</a>` : ''}${_runningPill}${_downloadingPill}</div>`;
+    const _favoritePill = _isFavorite ? ' <span class="memory-cat-badge memory-cat-pinned cookbook-serve-fav-badge">pinned</span>' : '';
+    html += `<div class="memory-item-title"${_mc ? ` style="color:${_mc}"` : ''}>${modelLogo(m.repo_id)}${esc(shortName)}${_favoritePill}${hfLink ? ` <a href="${esc(hfLink)}" target="_blank" rel="noopener" class="cookbook-hf-link">HF ↗</a>` : ''}${_runningPill}${_downloadingPill}</div>`;
     html += `<div class="memory-item-meta" style="font-size:10px;opacity:0.4;margin-top:2px;">${metaParts.join(' \u00b7 ')}</div>`;
     html += `</div>`;
     const _bk = _detectBackend(m).backend;
@@ -397,7 +797,12 @@ function _rerenderCachedModels() {
       const _deleteIco = '<svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M3 6h18"/><path d="M8 6V4a2 2 0 0 1 2-2h4a2 2 0 0 1 2 2v2"/><path d="M19 6v14a2 2 0 0 1-2 2H7a2 2 0 0 1-2-2V6"/></svg>';
       const _selectIco = '<span style="font-size:16px;line-height:1;position:relative;top:-2px;">●</span>';
       const _schedIco = '<svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><rect x="3" y="4" width="18" height="18" rx="2"/><line x1="16" y1="2" x2="16" y2="6"/><line x1="8" y1="2" x2="8" y2="6"/><line x1="3" y1="10" x2="21" y2="10"/></svg>';
+      const _favNow = _isServeFavorite(repo);
+      const _favIco = _favNow
+        ? '<svg width="14" height="14" viewBox="0 0 24 24" fill="currentColor" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M19 21l-7-5-7 5V5a2 2 0 0 1 2-2h10a2 2 0 0 1 2 2z"/></svg>'
+        : '<svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M19 21l-7-5-7 5V5a2 2 0 0 1 2-2h10a2 2 0 0 1 2 2z"/></svg>';
       const items = [];
+      items.push({ label: _favNow ? 'Unfavorite' : 'Favorite', icon: _favIco, action: 'favorite' });
       if (m && m.status === 'ready') items.push({ label: 'Serve', icon: _serveIco, action: 'serve' });
       if (m && m.status === 'downloading') items.push({ label: 'Retry', icon: _retryIco, action: 'retry' });
       if (m && m.status === 'ready') items.push({ label: 'Schedule…', icon: _schedIco, action: 'schedule' });
@@ -410,6 +815,11 @@ function _rerenderCachedModels() {
         div.addEventListener('click', () => {
           closeDropdown();
           if (opt.action === 'serve') item.click();
+          else if (opt.action === 'favorite') {
+            const favored = _toggleServeFavorite(repo);
+            uiModule.showToast(favored ? 'Favorited — pinned to top' : 'Unfavorited');
+            _rerenderCachedModels();
+          }
           else if (opt.action === 'delete') _deleteCachedModel(repo, item, false, m);
           else if (opt.action === 'retry') _retryCachedModel(repo, m);
           else if (opt.action === 'schedule') {
@@ -532,16 +942,22 @@ function _rerenderCachedModels() {
       const ss = (_byRepo[repo] && typeof _byRepo[repo] === 'object')
         ? _byRepo[repo]
         : (_lastUsed || (_isLegacyFlat ? _allSs : {}));
+      const _modelSs = (_byRepo[repo] && typeof _byRepo[repo] === 'object') ? _byRepo[repo] : null;
+      const _repoForcedBackend = !!(_modelSs && _modelSs._forceBackend);
+      const _isMiniMaxM3 = _isMiniMaxM3Model({ ...m, repo_id: repo });
+      const _isMiniMaxM2 = _isMiniMaxM2Model({ ...m, repo_id: repo });
+      const _isMiniMaxMSeries = _isMiniMaxM3 || _isMiniMaxM2;
+      const svm = (k, def) => (_modelSs && _hasOwn(_modelSs, k)) ? _modelSs[k] : def;
       const detectedBackend = _detectBackend(m).backend;
       const _allowedBackends = new Set(_isWindows()
         ? ['llamacpp', 'diffusers']
         : (_isMetal() ? ['llamacpp', 'ollama'] : ['vllm', 'sglang', 'llamacpp', 'ollama', 'diffusers']));
-      const defaultBackend = (ss._forceBackend && ss.backend && _allowedBackends.has(ss.backend))
+      const defaultBackend = (_repoForcedBackend && ss.backend && _allowedBackends.has(ss.backend))
         ? ss.backend
         : detectedBackend;
-      const savedMatchesBackend = !!ss._forceBackend || (ss.backend || 'vllm') === detectedBackend;
+      const savedMatchesBackend = _repoForcedBackend || (ss.backend || 'vllm') === detectedBackend;
       const sv = (k, def) => (ss[k] !== undefined && savedMatchesBackend) ? ss[k] : def;
-      const defaultTp = defaultBackend === 'llamacpp' ? '1' : sv('tp', '1');
+      const defaultTp = defaultBackend === 'llamacpp' ? '1' : sv('tp', _isMiniMaxMSeries ? '8' : '1');
       const detectedGpuIds = _allGpuIds(_getGpuToggleTotal?.());
       const defaultGpus = defaultBackend === 'llamacpp'
         ? '0'
@@ -555,7 +971,7 @@ function _rerenderCachedModels() {
       // OOMs. _detectModelOptimizations seeds opts.kvCacheDtype for
       // those families; honour it unless the user has a saved override.
       const _kvOptsCheck = _detectModelOptimizations(repo);
-      const _kvAutoDefault = (_kvOptsCheck && _kvOptsCheck.kvCacheDtype) || 'auto';
+      const _kvAutoDefault = (_kvOptsCheck && _kvOptsCheck.kvCacheDtype) || (_isMiniMaxMSeries ? 'fp8' : 'auto');
       const _kvSelected = sv('vllm_kv_cache_dtype', _kvAutoDefault);
       const vllmKvCacheOpts = ['auto','fp8'].map(d => `<option value="${d}"${_kvSelected===d?' selected':''}>${d}</option>`).join('');
       const _l = (name, tip) => `<span>${name}<span class="hwfit-hint" title="${tip}">?</span></span>`;
@@ -567,6 +983,11 @@ function _rerenderCachedModels() {
       const _ggufOptions = _ggufChoices.map(f =>
         `<option value="${esc(f.rel_path)}"${f.rel_path === _defaultGguf ? ' selected' : ''}>${esc(_ggufFileLabel(f))}</option>`
       ).join('');
+      const _minimaxM3Snapshot = '/home/pewds/.cache/huggingface/hub/models--cyankiwi--MiniMax-M3-AWQ-INT4/snapshots/4082acbbec1236d21828d55b6bb0fe02ade4ab5b';
+      const _defaultServeModel = _isMiniMaxM3 ? _minimaxM3Snapshot : (m.is_local_dir && m.path ? `${m.path}/${repo}` : repo);
+      const _savedModelPath = String(svm('model_path', _defaultServeModel) || '').trim();
+      const _modelPathValue = _isMiniMaxM3 && (!_savedModelPath || _savedModelPath === repo) ? _minimaxM3Snapshot : _savedModelPath;
+      const _defaultServedModelName = _isMiniMaxM3 ? repo : '';
       // Build save slots
       const _allPresets = _loadPresets();
       const _repoShort = repo.split('/').pop();
@@ -583,15 +1004,10 @@ function _rerenderCachedModels() {
       const _arrowTitle = _modelPresets.length > 0
         ? `${_modelPresets.length} saved launch config${_modelPresets.length === 1 ? '' : 's'} for ${_repoShort} — click ▾ to load or delete`
         : `No saved launch configs for ${_repoShort} yet — click Save to add one`;
-      // Wrap the Save split in a <label> so it picks up the same "field
-      // title + ?-help" treatment as Backend / venv / Port / GPUs sitting
-      // beside it in Row 1. Button text is "Save" (the action), label is
-      // "Settings" (what the saved blob represents).
-      let _slotsHtml = `<label>${_l('Settings','Saved launch configurations for this model — click ▾ to load or delete')}`
-        + `<div class="cookbook-serve-slots cookbook-saved-split">`
-        + `<button type="button" class="cookbook-slot-btn cookbook-saved-save" title="Save current config"><svg width="11" height="11" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M19 21H5a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2h11l5 5v11a2 2 0 0 1-2 2z"/><polyline points="17 21 17 13 7 13 7 21"/><polyline points="7 3 7 8 15 8"/></svg>Save</button>`
+      let _slotsHtml = `<div class="cookbook-serve-slots cookbook-saved-split" title="Saved launch configurations for this model — click ▾ to load or delete">`
+        + `<button type="button" class="cookbook-slot-btn cookbook-saved-save" title="Save current preset"><svg width="11" height="11" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M19 21H5a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2h11l5 5v11a2 2 0 0 1-2 2z"/><polyline points="17 21 17 13 7 13 7 21"/><polyline points="7 3 7 8 15 8"/></svg>Preset</button>`
         + `<button type="button" class="cookbook-slot-btn cookbook-saved-arrow" title="${esc(_arrowTitle)}">${_arrowLabel}</button>`
-        + `</div></label>`;
+        + `</div>`;
 
       let panelHtml = `<div class="hwfit-serve-panel">`;
       // Runtime-readiness note pinned at the top of the serve area so the
@@ -608,7 +1024,8 @@ function _rerenderCachedModels() {
           : `This model's download isn't complete yet (${esc(m.size || 'partial')}). The serve will start but is likely to crash on a missing shard. Wait for the download to finish, or relaunch after it's done.`;
         panelHtml += `<div class="hwfit-serve-warn" style="margin:0 0 8px;padding:6px 10px;border-radius:5px;font-size:11px;background:color-mix(in srgb, var(--color-warning, #f0ad4e) 14%, transparent);border:1px solid color-mix(in srgb, var(--color-warning, #f0ad4e) 40%, transparent);color:var(--color-warning, #f0ad4e);display:flex;gap:6px;align-items:flex-start;line-height:1.4;"><span aria-hidden="true">⚠</span><span>${_warnText}</span></div>`;
       }
-      // Row 1: Backend + Server + Env
+      panelHtml += `<div class="hwfit-serve-preset-row">${_slotsHtml}</div>`;
+      // Row 1: Engine + Server + Env
       panelHtml += `<div class="hwfit-serve-row">`;
       const _backendChoices = _isWindows()
         ? [['llamacpp','llama.cpp'],['diffusers','Diffusers']]
@@ -623,7 +1040,7 @@ function _rerenderCachedModels() {
       // stays as the source-of-truth so every existing change handler
       // (updateBackendVisibility, runtime readiness, command builder)
       // still fires via dispatchEvent('change') on selection.
-      panelHtml += `<label>${_l('Backend','Inference engine: vLLM, SGLang, llama.cpp, Ollama, or Diffusers')}<div class="hwfit-backend-picker" data-backend-picker style="position:relative;width:100%;"><select class="hwfit-sf hwfit-backend-source" data-field="backend" style="display:none;">${backendOpts}</select><button type="button" class="hwfit-backend-btn" data-backend-btn aria-haspopup="listbox" aria-expanded="false" style="display:flex;align-items:center;gap:6px;width:100%;height:28px;padding:0 8px;background:var(--bg);color:var(--fg);border:1px solid var(--border);border-radius:4px;font:inherit;font-size:11px;cursor:pointer;text-align:left;position:relative;top:-3px;"><span class="hwfit-backend-btn-icon" data-backend-icon-slot aria-hidden="true" style="display:inline-flex;align-items:center;justify-content:center;width:16px;height:16px;color:var(--accent, var(--red));flex-shrink:0;"></span><span class="hwfit-backend-btn-label" data-backend-label style="flex:1;min-width:0;overflow:hidden;text-overflow:ellipsis;white-space:nowrap;"></span><svg width="10" height="10" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.5" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true" style="opacity:0.6;flex-shrink:0;"><polyline points="6 9 12 15 18 9"/></svg></button><div class="hwfit-backend-menu" data-backend-menu role="listbox" hidden style="position:absolute;top:calc(100% + 4px);left:0;right:0;z-index:100;background:var(--panel, var(--bg));border:1px solid var(--border);border-radius:6px;box-shadow:0 6px 20px rgba(0,0,0,0.22);padding:4px;"></div></div></label>`;
+      panelHtml += `<label>${_l('Engine','Inference engine: vLLM, SGLang, llama.cpp, Ollama, or Diffusers')}<div class="hwfit-backend-picker" data-backend-picker style="position:relative;width:100%;"><select class="hwfit-sf hwfit-backend-source" data-field="backend" style="display:none;">${backendOpts}</select><button type="button" class="hwfit-backend-btn" data-backend-btn aria-haspopup="listbox" aria-expanded="false" style="display:flex;align-items:center;gap:6px;width:100%;height:28px;padding:0 8px;background:var(--bg);color:var(--fg);border:1px solid var(--border);border-radius:4px;font:inherit;font-size:11px;cursor:pointer;text-align:left;position:relative;top:-3px;"><span class="hwfit-backend-btn-icon" data-backend-icon-slot aria-hidden="true" style="display:inline-flex;align-items:center;justify-content:center;width:16px;height:16px;color:var(--accent, var(--red));flex-shrink:0;"></span><span class="hwfit-backend-btn-label" data-backend-label style="flex:1;min-width:0;overflow:hidden;text-overflow:ellipsis;white-space:nowrap;"></span><svg width="10" height="10" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.5" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true" style="opacity:0.6;flex-shrink:0;"><polyline points="6 9 12 15 18 9"/></svg></button><div class="hwfit-backend-menu" data-backend-menu role="listbox" hidden style="position:absolute;top:calc(100% + 4px);left:0;right:0;z-index:100;background:var(--panel, var(--bg));border:1px solid var(--border);border-radius:6px;box-shadow:0 6px 20px rgba(0,0,0,0.22);padding:4px;"></div></div></label>`;
       panelHtml += `<input type="hidden" class="hwfit-sf" data-field="host" value="${esc(_es.remoteHost || '')}" />`;
       // Inference mode pill (llama.cpp only) — lives directly to the
       // RIGHT of Backend in Row 1 so the engine and the GPU/CPU choice
@@ -644,8 +1061,10 @@ function _rerenderCachedModels() {
         const _hwBackend = String(_hwfitCache?.system?.backend || '').toLowerCase();
         const _hwScanMatch = String(_hwfitCache?._scannedHost || '') === String(_envState.remoteHost || '');
         const _llamaModeDefault = (_hwScanMatch && ['cuda', 'rocm', 'vulkan', 'metal', 'mps', 'apple'].includes(_hwBackend)) ? 'gpu' : 'cpu';
-        const _llamaMode = sv('llama_mode', _llamaModeDefault);
-        panelHtml += `<label class="hwfit-backend-llamacpp">${_l('Inference','CPU (default) = -ngl 0 (works anywhere). GPU = -ngl 99 (offload all layers; needs CUDA/ROCm/Vulkan-built llama-cpp).')}<div class="mode-toggle${_llamaMode === 'gpu' ? ' mode-right' : ''}" data-llama-mode-toggle style="display:flex;width:100%;height:30px;position:relative;top:2px;"><button type="button" class="mode-toggle-btn${_llamaMode === 'cpu' ? ' active' : ''}" data-llama-mode="cpu" aria-pressed="${_llamaMode === 'cpu'}" style="flex:1;"><span style="position:relative;top:-5px;">CPU</span></button><button type="button" class="mode-toggle-btn${_llamaMode === 'gpu' ? ' active' : ''}" data-llama-mode="gpu" aria-pressed="${_llamaMode === 'gpu'}" style="flex:1;"><span style="position:relative;top:-5px;">GPU</span></button></div><input type="hidden" class="hwfit-sf" data-field="llama_mode" value="${esc(_llamaMode)}" /></label>`;
+        const _savedUnified = !!sv('unified_mem', false);
+        const _llamaModeRaw = sv('llama_mode', _llamaModeDefault);
+        const _llamaMode = _savedUnified && _llamaModeRaw !== 'cpu' ? 'unified' : _llamaModeRaw;
+        panelHtml += `<label class="hwfit-backend-llamacpp">${_l('Inference','CPU = -ngl 0. GPU = -ngl 99. Unified = GPU offload plus GGML_CUDA_ENABLE_UNIFIED_MEMORY=1 for unified-memory CUDA systems.')}<div class="mode-toggle mode-toggle-three${_llamaMode === 'gpu' ? ' mode-mid' : (_llamaMode === 'unified' ? ' mode-third' : '')}" data-llama-mode-toggle style="display:flex;width:100%;height:30px;position:relative;top:2px;"><button type="button" class="mode-toggle-btn${_llamaMode === 'cpu' ? ' active' : ''}" data-llama-mode="cpu" aria-pressed="${_llamaMode === 'cpu'}" style="flex:1;"><span style="position:relative;top:-7px;">CPU</span></button><button type="button" class="mode-toggle-btn${_llamaMode === 'gpu' ? ' active' : ''}" data-llama-mode="gpu" aria-pressed="${_llamaMode === 'gpu'}" style="flex:1;"><span style="position:relative;top:-7px;">GPU</span></button><button type="button" class="mode-toggle-btn${_llamaMode === 'unified' ? ' active' : ''}" data-llama-mode="unified" aria-pressed="${_llamaMode === 'unified'}" style="flex:1;"><span style="position:relative;top:-7px;">Unified</span></button></div><input type="hidden" class="hwfit-sf" data-field="llama_mode" value="${esc(_llamaMode)}" /><input type="hidden" class="hwfit-sf" data-field="unified_mem" value="${_llamaMode === 'unified' ? '1' : ''}" /></label>`;
       }
       panelHtml += `<label>${_l('venv','Path to Python venv or conda env activate script')}<input type="text" class="hwfit-sf hwfit-sf-wide" data-field="venv" value="${esc(sv('venv', _es.envPath || _srvVenv || ''))}" placeholder="~/venv" /></label>`;
       const defaultPort = defaultBackend === 'ollama' ? '11434' : _nextAvailablePort();
@@ -664,8 +1083,7 @@ function _rerenderCachedModels() {
       // (asked-for breathing room; 4px on either side felt cramped on
       // the GPU-Mem boundary).
       const _gpusLabelHtml = `<label class="hwfit-gpus-label cookbook-llama-gpu-only" style="margin:0 8px 0 4px;">${_l('GPUs','Toggle which GPUs to use')}<div class="cookbook-gpu-group">${_gpuBtnsHtml}</div><input type="hidden" class="hwfit-sf" data-field="gpus" value="${esc(defaultGpus)}" /></label>`;
-      // Save / saved-configs split button — sits at the right end of Row 1.
-      panelHtml += _slotsHtml;
+      panelHtml += _gpusLabelHtml;
       panelHtml += `</div>`;
       // (hwfit-serve-runtime-note moved to the top of the panel — see above.)
       if (_ggufChoices.length > 1) {
@@ -694,14 +1112,16 @@ function _rerenderCachedModels() {
       panelHtml += `<label class="hwfit-backend-vllm hwfit-backend-sglang">${_l('TP','Tensor Parallelism — split model across N GPUs')}<select class="hwfit-sf" data-field="tp">${tpOpts}</select></label>`;
       // ctx resets to the model's max on every panel open (the real ctx slider
       // lives in the Scan/Download toolbar — see cookbook.js .hwfit-ctx-control).
-      panelHtml += `<label>${_l('Context','Max tokens per request — resets to the model max on every open. Lower = less VRAM')}<input type="text" class="hwfit-sf" data-field="ctx" value="${esc(m.context_length || m.context || '20000')}" /></label>`;
+      const _knownCtxDefault = _knownModelContextMax({ ...m, repo_id: repo });
+      const _ctxDefault = _knownCtxDefault ? String(_knownCtxDefault) : (m.context_length || m.context || '20000');
+      const _ctxSavedValue = sv('ctx', _ctxDefault);
+      const _ctxValue = _isMiniMaxMSeries && ['20000', '32768'].includes(String(_ctxSavedValue)) ? _ctxDefault : _ctxSavedValue;
+      panelHtml += `<label class="hwfit-context-label">${_l('Context','Max tokens per request. Calculate suggests a value from model limit + selected GPU VRAM; edit manually to override.')}<span class="hwfit-context-control"><input type="text" class="hwfit-sf" data-field="ctx" value="${esc(_ctxValue)}" /><button type="button" class="hwfit-context-calc-btn cookbook-btn" title="Calculate and use suggested context from scanned hardware">Auto</button></span><span class="hwfit-auto-ctx-note"></span></label>`;
       panelHtml += `<label class="hwfit-backend-vllm hwfit-backend-sglang">${_l('Max Seqs','Maximum concurrent requests. Lower = less memory. Default 4 — prosumer GPUs often OOM on vLLM default 256 during CUDA graph capture.')}<input type="text" class="hwfit-sf" data-field="max_seqs" value="${esc(sv('max_seqs', '4'))}" placeholder="4" /></label>`;
       // GPU "auto" field removed — the GPU button strip below already
       // writes data-field="gpus" (the canonical comma-separated device
       // list) and the command builders now read from that single source.
-      panelHtml += `<label class="hwfit-backend-vllm hwfit-backend-sglang">${_l('GPU Mem','Fraction of GPU memory (0.0–1.0). Lower if OOM')}<input type="text" class="hwfit-sf" data-field="gpu_mem" value="${esc(sv('gpu_mem', '0.90'))}" /></label>`;
-      // GPUs button strip at the far right of Row 2.
-      panelHtml += _gpusLabelHtml;
+      panelHtml += `<label class="hwfit-backend-vllm hwfit-backend-sglang">${_l('GPU Mem','Fraction of GPU memory (0.0–1.0). Lower if OOM')}<input type="text" class="hwfit-sf" data-field="gpu_mem" value="${esc(sv('gpu_mem', _isMiniMaxMSeries ? '0.95' : '0.90'))}" /></label>`;
       panelHtml += `</div>`;
       // ── Advanced (collapsed by default) ──
       // Everything below the fold is tuning users only touch occasionally:
@@ -710,20 +1130,36 @@ function _rerenderCachedModels() {
       // monitor. Wrapped in a native <details> so toggle state survives
       // re-renders cheaply and a closed fold doesn't trigger any layout
       // work for the dozens of nested inputs.
-      panelHtml += `<details class="hwfit-serve-advanced">`;
+      panelHtml += `<details class="hwfit-serve-advanced"${_isMiniMaxM3 ? ' open' : ''}>`;
       panelHtml += `<summary class="hwfit-serve-advanced-summary">Advanced</summary>`;
       // Advanced vLLM/SGLang row (KV Cache, Attention, Swap, Env)
       panelHtml += `<div class="hwfit-serve-row hwfit-backend-vllm hwfit-backend-sglang">`;
+      panelHtml += `<label class="hwfit-backend-vllm" style="grid-column:1 / -1;">${_l('Served Name','vLLM --served-model-name. Keeps the OpenAI model id stable when serving from a local snapshot path.')}<input type="text" class="hwfit-sf" data-field="served_model_name" value="${esc(svm('served_model_name', _defaultServedModelName))}" placeholder="${esc(repo)}" style="width:100%;" /></label>`;
+      panelHtml += `<label class="hwfit-backend-vllm" style="grid-column:1 / -1;">${_l('Model Path','Argument passed after `vllm serve`. MiniMax M3 auto-fills the cached snapshot path because the nightly runtime needs the local repo files.')}<input type="text" class="hwfit-sf" data-field="model_path" value="${esc(_modelPathValue)}" placeholder="${esc(repo)}" style="width:100%;" /></label>`;
       panelHtml += `<label class="hwfit-backend-vllm">${_l('KV Cache','vLLM --kv-cache-dtype. auto uses the model/runtime default; fp8 reduces KV memory for long context.')}<select class="hwfit-sf" data-field="vllm_kv_cache_dtype" style="height:32px;">${vllmKvCacheOpts}</select></label>`;
       // Attention backend selector — pin the kernel impl. Default `auto` lets
       // vLLM pick FlashInfer (which JITs on first use and breaks on older
       // system nvcc) → FlashAttention → xformers. Forcing FLASH_ATTN skips
       // the JIT entirely, fixing the `nvcc fatal: Unsupported gpu
       // architecture 'compute_89'` failure mode on Ada / Hopper hosts.
-      const vllmAttnBackendOpts = ['auto', 'FLASH_ATTN', 'XFORMERS', 'FLASHINFER', 'TORCH_SDPA']
-        .map(b => `<option value="${b === 'auto' ? '' : b}"${(sv('vllm_attn_backend','') === (b === 'auto' ? '' : b)) ? ' selected' : ''}>${b}</option>`).join('');
+      const _attnDefault = _isMiniMaxMSeries ? 'TRITON_ATTN' : '';
+      const _attnSelected = _isMiniMaxMSeries
+        ? (String(svm('vllm_attn_backend', '') || '').trim() || _attnDefault)
+        : svm('vllm_attn_backend', _attnDefault);
+      const vllmAttnBackendOpts = ['auto', 'TRITON_ATTN', 'FLASH_ATTN', 'XFORMERS', 'FLASHINFER', 'TORCH_SDPA']
+        .map(b => `<option value="${b === 'auto' ? '' : b}"${(_attnSelected === (b === 'auto' ? '' : b)) ? ' selected' : ''}>${b}</option>`).join('');
       panelHtml += `<label class="hwfit-backend-vllm">${_l('Attention','vLLM VLLM_ATTENTION_BACKEND. auto = vLLM picks (often FLASHINFER, which JITs and can fail on old nvcc). FLASH_ATTN skips the JIT entirely.')}<select class="hwfit-sf" data-field="vllm_attn_backend" style="height:32px;">${vllmAttnBackendOpts}</select></label>`;
-      panelHtml += `<label class="hwfit-backend-vllm">${_l('Swap','CPU swap space in GB. Leave empty to omit (removed in newer vLLM)')}<input type="text" class="hwfit-sf" data-field="swap" value="${esc(sv('swap', ''))}" placeholder="off" /></label>`;
+      panelHtml += `<label class="hwfit-backend-vllm">${_l('Block Size','vLLM --block-size. Controls KV-cache block granularity. Leave blank for runtime default; some sparse-attention or custom runtimes need a specific value.')}<input type="text" class="hwfit-sf" data-field="vllm_block_size" value="${esc(svm('vllm_block_size', _isMiniMaxM3 ? '128' : ''))}" placeholder="auto" /></label>`;
+      panelHtml += `<label class="hwfit-backend-vllm">${_l('Swap','vLLM CPU swap space in GB. Blank/off omits the flag; enter a positive number only for older vLLM runtimes that support --swap-space.')}<input type="text" class="hwfit-sf" data-field="swap" value="${esc(sv('swap', ''))}" placeholder="off" /></label>`;
+      {
+        const _envPresetDefault = _isMiniMaxM3 ? 'minimax_m3_cuda' : '';
+        const _envPresetVal = svm('vllm_env_preset', _envPresetDefault);
+        const _envPresetOpts = [
+          ['', 'None'],
+          ['minimax_m3_cuda', 'CUDA native sampler'],
+        ].map(([v, label]) => `<option value="${v}"${_envPresetVal === v ? ' selected' : ''}>${label}</option>`).join('');
+        panelHtml += `<label class="hwfit-backend-vllm" style="grid-column:1 / 2;">${_l('Env Preset','Adds known-good environment variables without typing them. CUDA native sampler adds VLLM_TARGET_DEVICE=cuda and disables FlashInfer sampler JIT; useful when system nvcc cannot compile the sampler for the GPU architecture.')}<select class="hwfit-sf" data-field="vllm_env_preset" style="height:32px;">${_envPresetOpts}</select></label>`;
+      }
       // Free-text env-vars field. Anything pasted here is prepended to the
       // launch command verbatim. Use for CUDACXX, PATH overrides, NCCL_*
       // tuning, or any other KEY=VALUE pair that doesn't have a dedicated
@@ -732,7 +1168,7 @@ function _rerenderCachedModels() {
       // grid-column: 1 / -1 makes Env span every column of the Advanced
       // row's CSS grid (the old flex:1 1 100% did nothing in a grid
       // container — left an empty trailing column gap on wide modals).
-      panelHtml += `<label class="hwfit-backend-vllm hwfit-backend-sglang" style="grid-column:1 / -1;">${_l('Env','Extra KEY=VALUE env-var pairs prepended to the launch (space-separated). Example: CUDACXX=$VIRTUAL_ENV/lib/python3.10/site-packages/nvidia/cuda_nvcc/bin/nvcc — points flashinfer at the venv-bundled nvcc when the system one is too old for your GPU.')}<input type="text" class="hwfit-sf" data-field="extra_env" value="${esc(sv('extra_env',''))}" placeholder="CUDACXX=/path/to/nvcc NCCL_P2P_DISABLE=1" style="width:100%;" /></label>`;
+      panelHtml += `<label class="hwfit-backend-vllm hwfit-backend-sglang" style="grid-column:2 / -1;">${_l('Env','Extra KEY=VALUE env-var pairs prepended to the launch (space-separated). The Env Preset above covers the usual MiniMax M3 values; use this for additional overrides.')}<input type="text" class="hwfit-sf" data-field="extra_env" value="${esc(svm('extra_env', sv('extra_env','')))}" placeholder="NCCL_P2P_DISABLE=1" style="width:100%;" /></label>`;
       panelHtml += `</div>`;
       // Row 2b: Diffusers settings
       const diffDtypeOpts = ['bfloat16','float16','float32'].map(d => `<option value="${d}"${sv('diff_dtype','bfloat16')===d?' selected':''}>${d}</option>`).join('');
@@ -755,21 +1191,23 @@ function _rerenderCachedModels() {
       const _rp_flag = _opts2_row3.flags.find(f => f.includes('--reasoning-parser'));
       const _rp_name = _rp_flag ? _rp_flag.split(' ')[1] : '';
       panelHtml += `<div class="hwfit-serve-checks hwfit-backend-vllm hwfit-backend-sglang">`;
-      panelHtml += `<label class="hwfit-sf-cb"><input type="checkbox" class="hwfit-sf" data-field="trust_remote"${sv('trust_remote',false)?' checked':''} /> Trust Remote Code${_h('Allow model to run custom code from HuggingFace')}</label>`;
-      panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm"><input type="checkbox" class="hwfit-sf" data-field="auto_tool"${sv('auto_tool',false)?' checked':''} /> Auto Tool Choice${_h('Enable function/tool calling for agent mode')}</label>`;
+      panelHtml += `<label class="hwfit-sf-cb"><input type="checkbox" class="hwfit-sf" data-field="trust_remote"${sv('trust_remote',_isMiniMaxMSeries)?' checked':''} /> Trust Remote Code${_h('Allow model to run custom code from HuggingFace')}</label>`;
+      panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm"><input type="checkbox" class="hwfit-sf" data-field="auto_tool"${sv('auto_tool',_isMiniMaxMSeries)?' checked':''} /> Auto Tool Choice${_h('Enable function/tool calling for agent mode')}</label>`;
       // Always-render the Reasoning Parser, Expert Parallel, and MoE Env
       // checkboxes — the model-family detection above is a hint, not a
       // hard gate. User asked to keep these visible regardless so that
       // a borderline-undetected MoE/reasoning model can still toggle
       // them without dropping back to the raw command box.
-      panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm"><input type="checkbox" class="hwfit-sf" data-field="reasoning_parser" data-parser="${_rp_name || ''}" /> Reasoning Parser${_rp_name ? ` <span class="hwfit-parser-tag">${_rp_name}</span>` : ''}${_h('Splits <think> tokens into a separate channel. The tag (when shown) is the auto-detected parser; edit the command if you need a different one.')}</label>`;
+      panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm"><input type="checkbox" class="hwfit-sf" data-field="reasoning_parser" data-parser="${_rp_name || ''}"${sv('reasoning_parser',_isMiniMaxMSeries)?' checked':''} /> Reasoning Parser${_rp_name ? ` <span class="hwfit-parser-tag">${_rp_name}</span>` : ''}${_h('Splits <think> tokens into a separate channel. The tag (when shown) is the auto-detected parser; edit the command if you need a different one.')}</label>`;
       panelHtml += `<label class="hwfit-sf-cb"><input type="checkbox" class="hwfit-sf" data-field="enforce_eager"${sv('enforce_eager',false)?' checked':''} /> Enforce Eager${_h('Disable CUDA graphs. Slower but uses less memory')}</label>`;
       panelHtml += `<label class="hwfit-sf-cb"><input type="checkbox" class="hwfit-sf" data-field="prefix_cache"${sv('prefix_cache',false)?' checked':''} /> Prefix Caching${_h('Cache shared prompt prefixes across requests')}</label>`;
       // Inline the previously-second vLLM checks row so Expert Parallel /
       // Speculative / MoE Env sit next to Prefix Caching with no gap. All
       // three are vLLM-only — class-gated so they hide on SGLang. Always
       // render so the user can flip them on for any MoE model.
-      panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm"><input type="checkbox" class="hwfit-sf" data-field="expert_parallel" /> Expert Parallel${_h('MoE: shard expert layers across GPUs. Helps for MiniMax M-series, Qwen3 A3B/A10B/A22B MoE, DeepSeek V3+/R1. Ignored / wasteful on dense models.')}</label>`;
+      panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm"><input type="checkbox" class="hwfit-sf" data-field="expert_parallel"${sv('expert_parallel',_isMiniMaxMSeries)?' checked':''} /> Expert Parallel${_h('MoE: shard expert layers across GPUs. Helps for MiniMax M-series, Qwen3 A3B/A10B/A22B MoE, DeepSeek V3+/R1. Ignored / wasteful on dense models.')}</label>`;
+      panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm"><input type="checkbox" class="hwfit-sf" data-field="language_model_only"${sv('language_model_only',_isMiniMaxM3)?' checked':''} /> Language Model Only${_h('vLLM --language-model-only. Needed by MiniMax M3 text serving when the repo also contains VL components.')}</label>`;
+      panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm"><input type="checkbox" class="hwfit-sf" data-field="disable_custom_all_reduce"${sv('disable_custom_all_reduce',_isMiniMaxM3)?' checked':''} /> Disable Custom All Reduce${_h('vLLM --disable-custom-all-reduce. Useful for some 8-GPU/nightly configurations.')}</label>`;
       {
         const _specDef = _opts2_row3.spec || { method: 'mtp', tokens: 3 };
         const _specMethod = sv('spec_method', _specDef.method);
@@ -827,13 +1265,12 @@ function _rerenderCachedModels() {
       panelHtml += `<span class="hwfit-vram-readout" style="opacity:0.5;">checking…</span>`;
       panelHtml += `</div>`;
       // Group 4 — llama.cpp toggles. Single row of checkboxes, GPU-only
-      // ones (Flash Attn, Unified Memory, Allow CPU overflow) hide
+      // ones (Flash Attn, Allow CPU overflow) hide
       // automatically in CPU mode. Order: perf-critical → safety → I/O →
       // niche. MTP Spec sits last because it owns its own numstep widget
       // and is the widest item.
       panelHtml += `<div class="hwfit-serve-checks hwfit-backend-llamacpp">`;
       panelHtml += `<label class="hwfit-sf-cb cookbook-llama-gpu-only"><input type="checkbox" class="hwfit-sf" data-field="flash_attn"${sv('flash_attn',false)?' checked':''} /> Flash Attn${_h('--flash-attn on: faster attention + needed for quantized KV cache. Auto by default.')}</label>`;
-      panelHtml += `<label class="hwfit-sf-cb cookbook-llama-gpu-only"><input type="checkbox" class="hwfit-sf" data-field="unified_mem"${sv('unified_mem',false)?' checked':''} /> Unified Memory${_h('For AMD APUs / Strix Halo: exports GGML_CUDA_ENABLE_UNIFIED_MEMORY=1 so llama.cpp can address the full BIOS VRAM carveout instead of the default ~28 GB cap. No-op on discrete GPUs.')}</label>`;
       panelHtml += `<label class="hwfit-sf-cb cookbook-llama-gpu-only"><input type="checkbox" class="hwfit-sf" data-field="llama_cpu_overflow"${sv('llama_cpu_overflow',false)?' checked':''} /> Allow CPU overflow${_h('OFF (default): cookbook blocks launches that would overflow GPU VRAM. ON: layers/KV cache that do not fit get pushed to CPU (slow).')}</label>`;
       panelHtml += `<label class="hwfit-sf-cb cookbook-llama-gpu-only"><input type="checkbox" class="hwfit-sf" data-field="vision"${sv('vision',false)?' checked':''} /> Vision${_h('Serve with the vision encoder so the model can read images. Auto-finds an mmproj-*.gguf next to the model. Adds ~1 GB VRAM.')}</label>`;
       panelHtml += `<label class="hwfit-sf-cb"><input type="checkbox" class="hwfit-sf" data-field="llama_no_mmap"${sv('llama_no_mmap',false)?' checked':''} /> No mmap${_h('Adds --no-mmap. Useful for some high-context/local-storage setups.')}</label>`;
@@ -864,24 +1301,20 @@ function _rerenderCachedModels() {
       // Command preview + actions. Wrap the textarea so a floating Copy
       // button can sit at its top-right corner — same pattern as the chat
       // run-output panel.
+      panelHtml += `<details class="hwfit-serve-cmd-details">`;
+      panelHtml += `<summary class="hwfit-serve-cmd-summary">Launch command</summary>`;
       panelHtml += `<div class="hwfit-serve-cmd-wrap">`;
       panelHtml += `<textarea class="hwfit-serve-cmd" spellcheck="false" rows="2"></textarea>`;
       panelHtml += `<button type="button" class="cookbook-btn hwfit-serve-copy hwfit-serve-copy-inline" title="Copy launch command" aria-label="Copy"><svg width="13" height="13" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><rect x="9" y="9" width="13" height="13" rx="2"/><path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"/></svg></button>`;
       panelHtml += `</div>`;
+      panelHtml += `</details>`;
       panelHtml += `<div class="hwfit-serve-actions">`;
-      // Split button: main "Clear Server" + caret that opens Probe / Cancel.
-      // The .cookbook-gpu-probe button stays in the DOM but hidden so the
-      // existing event-listener wiring further down keeps working — the
-      // popup just programmatically clicks it.
-      panelHtml += `<span class="cookbook-gpu-split">`;
-      panelHtml += `<button class="cookbook-btn cookbook-gpu-clear cookbook-gpu-split-main" title="Clear server GPU memory by stopping processes that hold VRAM (SIGTERM first)">Clear Server</button>`;
-      panelHtml += `<button class="cookbook-btn cookbook-gpu-split-arrow" type="button" aria-haspopup="menu" aria-label="More GPU actions" title="More GPU actions"><svg width="10" height="10" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.5" stroke-linecap="round" stroke-linejoin="round"><polyline points="6 15 12 9 18 15"/></svg></button>`;
-      panelHtml += `</span>`;
-      panelHtml += `<button class="cookbook-btn cookbook-gpu-probe" style="display:none;" title="Probe GPU memory and running GPU processes">Probe GPUs</button>`;
-      // Copy moved inside the command textarea (top-right). Spacer then
-      // pushes Cancel + Launch to the right.
-      panelHtml += `<span class="hwfit-serve-actions-spacer"></span>`;
       panelHtml += `<button class="cookbook-btn hwfit-serve-cancel" type="button" title="Close this configuration panel"><svg width="11" height="11" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.4" stroke-linecap="round" stroke-linejoin="round" style="vertical-align:-1px;margin-right:5px;flex-shrink:0;"><line x1="18" y1="6" x2="6" y2="18"/><line x1="6" y1="6" x2="18" y2="18"/></svg>Cancel</button>`;
+      // Copy moved inside the command textarea (top-right). Spacer then
+      // pushes Clear Server + Launch to the right.
+      panelHtml += `<span class="hwfit-serve-actions-spacer"></span>`;
+      panelHtml += `<button class="cookbook-btn cookbook-gpu-clear" style="display:none;" title="Clear server GPU memory by stopping processes that hold VRAM (SIGTERM first)">Clear Server</button>`;
+      panelHtml += `<button class="cookbook-btn cookbook-gpu-probe" style="display:none;" title="Probe GPU memory and running GPU processes">Probe GPUs</button>`;
       // Launch + a small ^ that opens an inline schedule form. The form
       // creates a ScheduledTask (action=cookbook_serve), so the schedule
       // ends up in the existing Tasks UI for edit/delete/pause.
@@ -889,7 +1322,7 @@ function _rerenderCachedModels() {
       panelHtml += `<button class="cookbook-btn hwfit-serve-launch"><svg width="11" height="11" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" style="vertical-align:-1px;margin-right:4px;flex-shrink:0;"><polygon points="13 2 3 14 12 14 11 22 21 10 12 10 13 2"/></svg>Launch</button>`;
       // Chevron points DOWN because the schedule form opens beneath the
       // panel — the arrow signals the direction of motion, not menu state.
-      panelHtml += `<button class="cookbook-btn hwfit-serve-schedule-arrow" type="button" aria-haspopup="true" aria-label="Schedule this serve on a recurring window" title="Schedule this serve as a recurring task"><svg width="10" height="10" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.5" stroke-linecap="round" stroke-linejoin="round"><polyline points="6 9 12 15 18 9"/></svg></button>`;
+      panelHtml += `<button class="cookbook-btn hwfit-serve-schedule-arrow" type="button" aria-haspopup="menu" aria-label="More launch actions" title="More launch actions"><svg width="10" height="10" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.5" stroke-linecap="round" stroke-linejoin="round"><polyline points="6 9 12 15 18 9"/></svg></button>`;
       panelHtml += `</span>`;
       panelHtml += `</div>`;
       panelHtml += `</div>`;
@@ -925,7 +1358,7 @@ function _rerenderCachedModels() {
           else f[el.dataset.field] = el.value;
         });
         const backend = f.backend || 'vllm';
-        const serveModel = m.is_local_dir && m.path ? `${m.path}/${repo}` : repo;
+        const serveModel = (f.model_path || '').trim() || (m.is_local_dir && m.path ? `${m.path}/${repo}` : repo);
         if (backend === 'llamacpp') {
           const ggufChoices = _runnableGgufFiles(m);
           const selectedGguf = ggufChoices.find(file => file.rel_path === f.gguf_file);
@@ -951,11 +1384,19 @@ function _rerenderCachedModels() {
         }
         if (f.reasoning_parser) {
           const _rpEl2 = panel.querySelector('[data-field="reasoning_parser"]');
-          f._reasoning_parser_value = _rpEl2?.dataset?.parser || 'qwen3';
+          f._reasoning_parser_value = _rpEl2?.dataset?.parser || '';
+        }
+        if (f.vllm_env_preset === 'minimax_m3_cuda') {
+          const existingEnv = String(f.extra_env || '').trim();
+          const envParts = existingEnv ? existingEnv.split(/\s+/) : [];
+          const hasEnv = (key) => envParts.some(p => p.startsWith(`${key}=`));
+          if (!hasEnv('VLLM_TARGET_DEVICE')) envParts.unshift('VLLM_TARGET_DEVICE=cuda');
+          if (!hasEnv('VLLM_USE_FLASHINFER_SAMPLER')) envParts.push('VLLM_USE_FLASHINFER_SAMPLER=0');
+          f.extra_env = envParts.join(' ');
         }
         let cmd = _buildServeCmd(f, serveModel, backend);
         if (f.extra && f.extra.trim()) cmd += ' ' + f.extra.trim();
-        const _ce2 = panel.querySelector('.hwfit-serve-cmd'); _ce2.value = cmd; _ce2.style.height = 'auto'; _ce2.style.height = _ce2.scrollHeight + 'px';
+        const _ce2 = panel.querySelector('.hwfit-serve-cmd'); _ce2.value = _formatServeCmdPreview(cmd); _ce2.style.height = 'auto'; _ce2.style.height = _ce2.scrollHeight + 'px';
         panel._cmd = cmd;
         panel._host = f.host || '';
         return cmd;
@@ -970,7 +1411,94 @@ function _rerenderCachedModels() {
       //  - panel._modelCtxMax: the model's actual trained limit (set by the
       //    profiles fetch below) — a tighter, model-specific cap when known.
       const ABSOLUTE_CTX_MAX = 1048576;   // 1M tokens — above any real n_ctx_train
+      panel._modelCtxMax = panel._modelCtxMax || _knownModelContextMax(m) || 0;
+      panel._modelWeightsGb = panel._modelWeightsGb || 0;
+      panel._fitSystem = panel._fitSystem || null;
       const _ctxEl0 = panel.querySelector('[data-field="ctx"]');
+      const _ctxAutoNote = panel.querySelector('.hwfit-auto-ctx-note');
+      const _ctxCalcBtn = panel.querySelector('.hwfit-context-calc-btn');
+      if (_ctxEl0) _ctxEl0.dataset.autoCtx = '0';
+      panel._contextProfileData = panel._contextProfileData || null;
+      function _collectServeFields() {
+        const f = {};
+        panel.querySelectorAll('.hwfit-sf').forEach(el => {
+          if (el.type === 'checkbox') f[el.dataset.field] = el.checked;
+          else f[el.dataset.field] = el.value;
+        });
+        return f;
+      }
+      function _updateRecommendedCtx(apply = true) {
+        if (!_ctxEl0) return;
+        const f = _collectServeFields();
+        const backend = f.backend || 'vllm';
+        let fit = null;
+        if (backend === 'vllm' || backend === 'sglang') {
+          fit = _estimateVllmContextFit(m, f, panel._modelCtxMax, panel._modelWeightsGb, panel._fitSystem);
+        } else if (backend === 'llamacpp' || backend === 'ollama') {
+          const ggufGb = _selectedGgufSizeGb(m, f.gguf_file);
+          fit = _estimateLlamaContextFit(m, f, panel._modelCtxMax, ggufGb || panel._modelWeightsGb, panel._fitSystem, panel._contextProfileData);
+        } else {
+          if (_ctxAutoNote) _ctxAutoNote.textContent = '';
+          return;
+        }
+        if (!fit) {
+          if (_ctxAutoNote) _ctxAutoNote.textContent = '';
+          return;
+        }
+        if ((fit.needsHardwareScan || fit.needsModelSize) && !fit.ctx) {
+          if (_ctxAutoNote) {
+            _ctxAutoNote.textContent = fit.reason;
+            _ctxAutoNote.title = fit.reason;
+          }
+          return;
+        }
+        if (_ctxAutoNote) {
+          _ctxAutoNote.textContent = `Auto ${fit.ctx.toLocaleString()} · ${fit.reason}`;
+          const _llamaMemoryLabel = String(f.llama_mode || '').toLowerCase() === 'unified' || f.unified_mem
+            ? 'unified system memory'
+            : 'selected GPU memory';
+          _ctxAutoNote.title = backend === 'llamacpp' || backend === 'ollama'
+            ? `Estimated from scanned GGUF/model size, trained context limit, and ${_llamaMemoryLabel} for llama.cpp KV cache.`
+            : `Estimated from model size, selected GPU VRAM, GPU utilization, TP, and KV dtype.`;
+        }
+        if (apply && _ctxEl0.dataset.autoCtx === '1') {
+          const next = String(fit.ctx);
+          if (_ctxEl0.value !== next) {
+            _ctxEl0.value = next;
+            updateCmd();
+          }
+        }
+      }
+      async function _loadContextProfile() {
+        const target = _selectedServeTarget(panel);
+        const host = (target.host || '').trim();
+        const params = new URLSearchParams({ model: repo });
+        const profileModelPath = panel.querySelector('[data-field="model_path"]')?.value?.trim();
+        if (profileModelPath && profileModelPath !== repo) params.set('model_path', profileModelPath);
+        if (host) {
+          params.set('host', host);
+          const _sp = (_serverByVal?.(target.serverKey || host) || (_es.servers || []).find(s => s.host === host) || {}).port;
+          if (_sp) params.set('ssh_port', _sp);
+        }
+        const res = await fetch(`/api/hwfit/profiles?${params}`);
+        const data = await res.json();
+        const ctxMax = Number(data && data.model_ctx_max) || 0;
+        const weightsGb = Number(data && data.model_weights_gb) || 0;
+        if (data && data.system && typeof data.system === 'object' && !data.system.error) {
+          panel._fitSystem = data.system;
+        }
+        panel._contextProfileData = data || null;
+        if (weightsGb > 0) panel._modelWeightsGb = weightsGb;
+        if (ctxMax > 0) {
+          panel._modelCtxMax = Math.max(ctxMax, _knownModelContextMax(m) || 0);
+          _clampCtx(false);
+        }
+        if (_ctxAutoNote && data?.model_probe_error && (!ctxMax || !weightsGb)) {
+          _ctxAutoNote.textContent = data.model_probe_error;
+          _ctxAutoNote.title = data.model_probe_error;
+        }
+        return { ctxMax, weightsGb, data };
+      }
       function _clampCtx(announce) {
         if (!_ctxEl0) return;
         const cap = panel._modelCtxMax > 0 ? panel._modelCtxMax : ABSOLUTE_CTX_MAX;
@@ -983,9 +1511,58 @@ function _rerenderCachedModels() {
         }
       }
       if (_ctxEl0) {
-        _ctxEl0.addEventListener('change', () => _clampCtx(false));
+        _ctxEl0.addEventListener('input', () => { _ctxEl0.dataset.autoCtx = '0'; });
+        _ctxEl0.addEventListener('change', () => { _ctxEl0.dataset.autoCtx = '0'; _clampCtx(false); _updateRecommendedCtx(false); });
         _ctxEl0.addEventListener('blur', () => _clampCtx(false));
+        if (_ctxCalcBtn) {
+          let _ctxAutoTouchHandled = false;
+          const _runContextAuto = async () => {
+            if (_ctxCalcBtn.disabled) return;
+            const oldHtml = _ctxCalcBtn.innerHTML;
+            let calcWp = null;
+            _ctxCalcBtn.disabled = true;
+            _ctxCalcBtn.textContent = '';
+            try {
+              calcWp = spinnerModule.createWhirlpool(12);
+              calcWp.element.classList.add('hwfit-context-calc-spinner');
+              _ctxCalcBtn.appendChild(calcWp.element);
+            } catch (_) {
+              _ctxCalcBtn.textContent = '...';
+            }
+            try {
+              await _loadContextProfile();
+            } catch (err) {
+              if (_ctxAutoNote) {
+                _ctxAutoNote.textContent = 'context scan failed';
+                _ctxAutoNote.title = err?.message || 'context scan failed';
+              }
+            } finally {
+              if (calcWp) calcWp.destroy();
+              _ctxCalcBtn.disabled = false;
+              _ctxCalcBtn.innerHTML = oldHtml;
+            }
+            _ctxEl0.dataset.autoCtx = '1';
+            _updateRecommendedCtx(true);
+            _ctxEl0.dataset.autoCtx = '0';
+            _clampCtx(false);
+          };
+          _ctxCalcBtn.addEventListener('pointerup', (ev) => {
+            if (ev.pointerType !== 'touch') return;
+            ev.preventDefault();
+            ev.stopPropagation();
+            _ctxAutoTouchHandled = true;
+            _runContextAuto();
+            setTimeout(() => { _ctxAutoTouchHandled = false; }, 350);
+          });
+          _ctxCalcBtn.addEventListener('click', async (ev) => {
+            ev.preventDefault();
+            ev.stopPropagation();
+            if (_ctxAutoTouchHandled) return;
+            await _runContextAuto();
+          });
+        }
         _clampCtx(false);   // fix any stale/preset value already present
+        _updateRecommendedCtx(false);
       }
 
       // Tighten the ctx slider's upper bound to the model's trained limit.
@@ -995,20 +1572,8 @@ function _rerenderCachedModels() {
       // the rest of the serve panel was off — but this clamp is essential.
       (async () => {
         try {
-          const host = (_es.remoteHost || '').trim();
-          const params = new URLSearchParams({ model: repo });
-          if (host) {
-            params.set('host', host);
-            const _sp = (_es.servers || []).find(s => s.host === host)?.port;
-            if (_sp) params.set('ssh_port', _sp);
-          }
-          const res = await fetch(`/api/hwfit/profiles?${params}`);
-          const data = await res.json();
-          const ctxMax = Number(data && data.model_ctx_max) || 0;
-          if (ctxMax > 0) {
-            panel._modelCtxMax = ctxMax;
-            _clampCtx(false);
-          }
+          const { ctxMax, weightsGb } = await _loadContextProfile();
+          if (ctxMax > 0 || weightsGb > 0) _updateRecommendedCtx(false);
         } catch { /* clamp falls back to the static default */ }
       })();
 
@@ -1071,9 +1636,9 @@ function _rerenderCachedModels() {
       // custom picker so the dropdown lists "[V] vLLM", "[⚡] SGLang", etc.
       const _BACKEND_GLYPHS = {
         vllm:   '<svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.4" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true"><path d="M3 4l7 16 7-16"/><path d="M14 4l4 9 3-9"/></svg>',
-        sglang: '<svg width="14" height="14" viewBox="0 0 24 24" fill="currentColor" stroke="none" aria-hidden="true"><polygon points="13 2 3 14 12 14 11 22 21 10 12 10 13 2"/></svg>',
-        llamacpp: '<svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true"><circle cx="12" cy="12" r="9"/><path d="M8 12h8M12 8v8"/></svg>',
-        ollama: '<svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true"><path d="M6 10a6 6 0 0 1 12 0v4a4 4 0 0 1-8 0v-1"/><circle cx="10" cy="9" r="1"/><circle cx="14" cy="9" r="1"/></svg>',
+        sglang: '<span aria-hidden="true" style="display:block;width:14px;height:14px;background:currentColor;-webkit-mask:url(/static/icons/sglang-mark.png) center/contain no-repeat;mask:url(/static/icons/sglang-mark.png) center/contain no-repeat;"></span>',
+        llamacpp: '<svg width="14" height="14" viewBox="0 0 600 600" fill="none" aria-hidden="true"><path d="M600 392L504.249 558L504.137 557.929C487.252 584.069 458.193 600 426.864 600H120L240 392H600Z" fill="currentColor"/><path d="M240 392H0L199.602 46.0254C216.032 17.5463 246.411 0 279.29 0H466.154L240 392Z" fill="currentColor"/></svg>',
+        ollama: '<img src="/static/icons/ollama-mark-crop.png" alt="" aria-hidden="true" width="14" height="14" style="display:block;width:14px;height:14px;object-fit:contain;" />',
         diffusers: '<svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true"><circle cx="12" cy="12" r="4"/><path d="M12 2v3M12 19v3M2 12h3M19 12h3M5 5l2 2M17 17l2 2M5 19l2-2M17 7l2-2"/></svg>',
       };
 
@@ -1212,7 +1777,11 @@ function _rerenderCachedModels() {
           const { pkg, target } = await _fetchServeRuntimePackage(panel, backend);
           if (panel._runtimeReadinessSeq !== seq) return;
           _writeNote(_runtimeNoteText(backend, pkg, target));
-          if (!pkg?.installed) {
+          if (pkg?.installed === null || pkg?.probe_error) {
+            note.style.color = 'var(--fg-muted)';
+            note.style.borderColor = 'color-mix(in srgb, var(--fg) 16%, transparent)';
+            note.style.background = 'color-mix(in srgb, var(--fg) 4%, transparent)';
+          } else if (!pkg?.installed) {
             note.style.color = 'var(--red)';
             note.style.borderColor = 'color-mix(in srgb, var(--red) 40%, transparent)';
             note.style.background = 'color-mix(in srgb, var(--red) 8%, transparent)';
@@ -1335,6 +1904,31 @@ function _rerenderCachedModels() {
         });
         const _gf = panel.querySelector('[data-field="gpus"]');
         if (_gf) _gf.value = activeGpus.join(',');
+        {
+          const modeHidden = panel.querySelector('[data-field="llama_mode"]');
+          const unifiedHidden = panel.querySelector('[data-field="unified_mem"]');
+          const loadedUnified = ['1', 'true', 'yes', 'on'].includes(String(unifiedHidden?.value || '').toLowerCase());
+          const loadedMode = loadedUnified && modeHidden?.value !== 'cpu'
+            ? 'unified'
+            : (modeHidden?.value || 'gpu');
+          if (modeHidden) modeHidden.value = loadedMode;
+          if (unifiedHidden) unifiedHidden.value = loadedMode === 'unified' ? '1' : '';
+          const modeGroup = panel.querySelector('[data-llama-mode-toggle]');
+          if (modeGroup) {
+            modeGroup.querySelectorAll('.mode-toggle-btn').forEach(btn => {
+              const isActive = btn.dataset.llamaMode === loadedMode;
+              btn.classList.toggle('active', isActive);
+              btn.setAttribute('aria-pressed', isActive ? 'true' : 'false');
+            });
+            modeGroup.classList.toggle('mode-right', false);
+            modeGroup.classList.toggle('mode-mid', loadedMode === 'gpu');
+            modeGroup.classList.toggle('mode-third', loadedMode === 'unified');
+          }
+          panel.classList.toggle('cookbook-llama-cpu-mode', loadedMode === 'cpu');
+          panel.querySelectorAll('.cookbook-llama-gpu-only').forEach(el => {
+            el.style.display = loadedMode === 'cpu' ? 'none' : '';
+          });
+        }
         updateBackendVisibility();
         updateRuntimeReadinessNote();
         updateCmd();
@@ -1392,7 +1986,12 @@ function _rerenderCachedModels() {
       // fixed at the toggle and right-aligned to it.
       function _showSavedConfigMenu(anchor) {
         document.querySelectorAll('.cookbook-saved-menu').forEach(d => { if (typeof d._dismiss === 'function') d._dismiss(); else d.remove(); });
-        const modelSlots = _presetsForModel(_loadPresets(), repo);
+        const modelSlots = _presetsForModel(_loadPresets(), repo)
+          .map((preset, slotIdx) => ({ preset, slotIdx }))
+          .sort((a, b) => {
+            const favDelta = (b.preset.favorite ? 1 : 0) - (a.preset.favorite ? 1 : 0);
+            return favDelta || (a.slotIdx - b.slotIdx);
+          });
         const dropdown = document.createElement('div');
         dropdown.className = 'dropdown cookbook-saved-menu';
         let closeMenu = () => { dropdown.remove(); anchor.classList.remove('cookbook-menu-active'); };
@@ -1409,13 +2008,18 @@ function _rerenderCachedModels() {
           empty.textContent = 'No saved configs yet';
           dropdown.appendChild(empty);
         }
-        modelSlots.forEach((p, idx) => {
+        modelSlots.forEach(({ preset: p, slotIdx }, idx) => {
           const it = document.createElement('div');
-          it.className = 'dropdown-item-compact';
+          it.className = 'dropdown-item-compact' + (p.favorite ? ' cookbook-saved-favorite' : '');
           it.style.cssText = 'display:flex;align-items:center;justify-content:space-between;gap:8px;';
           const lbl = document.createElement('span');
           lbl.textContent = p.label || `Config ${idx + 1}`;
           lbl.style.cssText = 'flex:1;min-width:0;overflow:hidden;text-overflow:ellipsis;white-space:nowrap;';
+          const fav = document.createElement('button');
+          fav.type = 'button';
+          fav.className = 'cookbook-saved-fav-btn' + (p.favorite ? ' active' : '');
+          fav.title = p.favorite ? 'Unfavorite' : 'Favorite';
+          fav.innerHTML = '<svg width="13" height="13" viewBox="0 0 24 24" fill="currentColor" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M19 21l-7-5-7 5V5a2 2 0 0 1 2-2h10a2 2 0 0 1 2 2z"/></svg>';
           const del = document.createElement('button');
           del.type = 'button';
           del.innerHTML = '×';
@@ -1424,6 +2028,12 @@ function _rerenderCachedModels() {
           del.addEventListener('mouseenter', () => { del.style.color = '#f44'; });
           del.addEventListener('mouseleave', () => { del.style.color = 'var(--fg-muted)'; });
           it.appendChild(lbl);
+          if (p.favorite) {
+            const badge = document.createElement('span');
+            badge.className = 'memory-cat-badge memory-cat-pinned cookbook-saved-fav-badge';
+            badge.textContent = 'pinned';
+            it.appendChild(badge);
+          }
           if (p.confirmedWorking) {
             const badge = document.createElement('span');
             badge.className = 'cookbook-saved-confirmed';
@@ -1431,13 +2041,14 @@ function _rerenderCachedModels() {
             badge.innerHTML = '<svg width="11" height="11" viewBox="0 0 24 24" fill="none" stroke="#50fa7b" stroke-width="3" stroke-linecap="round" stroke-linejoin="round"><polyline points="20 6 9 17 4 12"/></svg>';
             it.appendChild(badge);
           }
+          it.appendChild(fav);
           it.appendChild(del);
           it.addEventListener('click', (e) => {
-            if (e.target === del) return;
+            if (e.target === del || e.target === fav || fav.contains(e.target)) return;
             e.stopPropagation();
             // Close the menu FIRST so it always dismisses, even if loading throws.
             closeMenu();
-            _loadSlotIntoPanel(idx);
+            _loadSlotIntoPanel(slotIdx);
             // Confirm the click landed — loading is silent otherwise, so it was
             // unclear the settings actually changed.
             uiModule.showToast(`Loaded "${p.label || `Config ${idx + 1}`}"`);
@@ -1448,12 +2059,23 @@ function _rerenderCachedModels() {
               setTimeout(() => _cmdBox.classList.remove('cookbook-cmd-flash'), 600);
             }
           });
+          fav.addEventListener('click', (e) => {
+            e.stopPropagation();
+            const cur = _loadPresets();
+            const target = _presetsForModel(cur, repo)[slotIdx];
+            if (target) {
+              target.favorite = !target.favorite;
+              _savePresets(cur);
+              uiModule.showToast(target.favorite ? 'Favorited — pinned to top' : 'Unfavorited');
+              _showSavedConfigMenu(anchor);
+            }
+          });
           del.addEventListener('click', async (e) => {
             e.stopPropagation();
             const label = p.label || `Config ${idx + 1}`;
             if (!await window.styledConfirm(`Delete saved config "${label}"?`, { confirmText: 'Delete', danger: true })) return;
             const cur = _loadPresets();
-            const toRemove = _presetsForModel(cur, repo)[idx];
+            const toRemove = _presetsForModel(cur, repo)[slotIdx];
             if (toRemove) {
               const gi = cur.indexOf(toRemove);
               if (gi >= 0) cur.splice(gi, 1);
@@ -1529,6 +2151,7 @@ function _rerenderCachedModels() {
             }
           }
           updateCmd();
+          try { _updateRecommendedCtx(false); } catch {}
         });
       });
 
@@ -1536,6 +2159,65 @@ function _rerenderCachedModels() {
       const _probeBtn = panel.querySelector('.cookbook-gpu-probe');
       const _clearBtn = panel.querySelector('.cookbook-gpu-clear');
       const _splitArrow = panel.querySelector('.cookbook-gpu-split-arrow');
+      const _launchMoreBtn = panel.querySelector('.hwfit-serve-schedule-arrow');
+      if (_launchMoreBtn) {
+        _launchMoreBtn.addEventListener('click', (ev) => {
+          if (ev.__openScheduleDirect) return;
+          ev.preventDefault();
+          ev.stopPropagation();
+          document.querySelectorAll('.cookbook-launch-actions-menu').forEach(m => { if (typeof m._dismiss === 'function') m._dismiss(); else m.remove(); });
+          const menu = document.createElement('div');
+          menu.className = 'cookbook-task-dropdown cookbook-launch-actions-menu';
+          let closeMenu = () => menu.remove();
+          const mk = (label, cls, onClick) => {
+            const it = document.createElement('div');
+            it.className = 'dropdown-item-compact' + (cls ? ' ' + cls : '');
+            it.style.cssText = 'display:flex;align-items:center;gap:8px;';
+            it.textContent = label;
+            it.addEventListener('click', (e) => {
+              e.stopPropagation();
+              closeMenu();
+              if (onClick) onClick();
+            });
+            return it;
+          };
+          menu.appendChild(mk('Copy launch command', '', () => {
+            updateCmd();
+            const cmdBox = panel.querySelector('.hwfit-serve-cmd');
+            const cmd = (_cmdManuallyEdited && cmdBox)
+              ? cmdBox.value
+              : _formatServeCmdPreview(panel._cmd || cmdBox?.value || '');
+            _copyText(cmd).then(() => uiModule.showToast('Launch command copied'));
+          }));
+          menu.appendChild(mk('Schedule', '', () => {
+            const direct = new MouseEvent('click', { bubbles: true, cancelable: true });
+            direct.__openScheduleDirect = true;
+            _launchMoreBtn.dispatchEvent(direct);
+          }));
+          menu.appendChild(mk('Clear Server', 'cookbook-dropdown-danger', () => _clearBtn?.click()));
+          menu.appendChild(mk('Cancel', 'dropdown-cancel-mobile', () => {}));
+          const r = _launchMoreBtn.getBoundingClientRect();
+          menu.style.position = 'fixed';
+          menu.style.right = (window.innerWidth - r.right) + 'px';
+          document.body.appendChild(menu);
+          {
+            const vv = window.visualViewport;
+            const viewTop = vv ? vv.offsetTop : 0;
+            const viewBottom = vv ? vv.offsetTop + vv.height : window.innerHeight;
+            const mh = menu.offsetHeight;
+            const m = 8;
+            let top = r.bottom + 4;
+            if (top + mh > viewBottom - m) {
+              const above = r.top - 4 - mh;
+              top = above >= viewTop + m ? above : Math.max(viewTop + m, viewBottom - mh - m);
+            }
+            menu.style.top = top + 'px';
+          }
+          const _scrollClose = () => closeMenu();
+          closeMenu = bindMenuDismiss(menu, () => { menu.remove(); window.removeEventListener('scroll', _scrollClose, true); }, (e) => !menu.contains(e.target) && e.target !== _launchMoreBtn);
+          window.addEventListener('scroll', _scrollClose, true);
+        });
+      }
       // Split-button arrow opens a small popup with the secondary action
       // (Probe GPUs) + a Cancel item. The popup re-uses the same probe
       // logic by programmatically clicking the hidden .cookbook-gpu-probe.
@@ -1914,13 +2596,16 @@ function _rerenderCachedModels() {
             updateRuntimeReadinessNote();
           }
           updateCmd();
+          if (['backend', 'tp', 'gpu_mem', 'vllm_kv_cache_dtype', 'gpus'].includes(e.target.dataset.field)) {
+            try { _updateRecommendedCtx(false); } catch {}
+          }
         });
       });
-      // llama.cpp GPU/CPU mode-toggle pill wiring. Clicking GPU or CPU
-      // flips the .active classes + .mode-right marker (so the sliding
+      // llama.cpp CPU/GPU/Unified mode-toggle wiring. Clicking a mode
+      // flips the .active classes + marker class (so the sliding
       // pill matches Agent/Chat), updates the hidden data-field input,
       // and fires a change event so the existing field-change handler
-      // rebuilds the serve cmd (sets -ngl 99 vs -ngl 0).
+      // rebuilds the serve cmd (sets -ngl 99 vs -ngl 0 and unified env).
       panel.querySelectorAll('[data-llama-mode-toggle]').forEach(group => {
         group.querySelectorAll('.mode-toggle-btn').forEach(btn => {
           btn.addEventListener('click', (e) => {
@@ -1932,14 +2617,21 @@ function _rerenderCachedModels() {
               b.classList.toggle('active', isActive);
               b.setAttribute('aria-pressed', isActive ? 'true' : 'false');
             });
-            group.classList.toggle('mode-right', want === 'gpu');
+            group.classList.toggle('mode-right', false);
+            group.classList.toggle('mode-mid', want === 'gpu');
+            group.classList.toggle('mode-third', want === 'unified');
             const hidden = group.parentElement.querySelector('[data-field="llama_mode"]');
             if (hidden) {
               hidden.value = want;
               hidden.dispatchEvent(new Event('change', { bubbles: true }));
             }
+            const unified = group.parentElement.querySelector('[data-field="unified_mem"]');
+            if (unified) {
+              unified.value = want === 'unified' ? '1' : '';
+              unified.dispatchEvent(new Event('change', { bubbles: true }));
+            }
             // Hide every GPU-only control (chiclets, Tensor Split,
-            // Split Mode, Main GPU, Flash Attn, Unified Memory, etc.)
+            // Split Mode, Main GPU, Flash Attn, etc.)
             // in CPU mode — `-ngl 0` ignores them and showing them
             // implies they matter.
             panel.classList.toggle('cookbook-llama-cpu-mode', want === 'cpu');
@@ -1954,6 +2646,14 @@ function _rerenderCachedModels() {
       // immediately instead of flashing them then disappearing.
       {
         const _saved = panel.querySelector('[data-field="llama_mode"]')?.value || 'gpu';
+        const _group = panel.querySelector('[data-llama-mode-toggle]');
+        if (_group) {
+          _group.classList.toggle('mode-right', false);
+          _group.classList.toggle('mode-mid', _saved === 'gpu');
+          _group.classList.toggle('mode-third', _saved === 'unified');
+        }
+        const _unified = panel.querySelector('[data-field="unified_mem"]');
+        if (_unified) _unified.value = _saved === 'unified' ? '1' : '';
         if (_saved === 'cpu') {
           panel.classList.add('cookbook-llama-cpu-mode');
           panel.querySelectorAll('.cookbook-llama-gpu-only').forEach(el => { el.style.display = 'none'; });
@@ -2062,15 +2762,38 @@ function _rerenderCachedModels() {
         // rejects \n / \r outright (`Invalid characters in cmd`), so collapse
         // all whitespace to single spaces before launch — same effect as the
         // user manually re-flowing the textarea, no behavior change.
-        const _rawLaunchCmd = _cmdTextarea ? _cmdTextarea.value : panel._cmd;
-        const launchCmd = String(_rawLaunchCmd || '').replace(/\s+/g, ' ').trim();
-        if (_cmdTextarea && _cmdTextarea.value !== launchCmd) _cmdTextarea.value = launchCmd;
+        const _rawLaunchCmd = (_cmdManuallyEdited && _cmdTextarea) ? _cmdTextarea.value : panel._cmd;
+        const launchCmd = _normalizeServeCmdForLaunch(_rawLaunchCmd);
         const serveState = {};
         panel.querySelectorAll('.hwfit-sf').forEach(el => {
           if (el.type === 'checkbox') serveState[el.dataset.field] = el.checked;
           else serveState[el.dataset.field] = el.value;
         });
         serveState.backend = serveState.backend || (_detectBackend(m).backend) || 'vllm';
+        // Resolve the target host from the visible Server dropdown before any
+        // preflight checks. _envState.remoteHost can lag behind the panel's
+        // selected server, which made cross-server serves look like port
+        // collisions.
+        const _selectedServeTarget = (() => {
+          const target = { host: _envState.remoteHost || '', serverKey: '', serverName: '', env: '', envPath: '' };
+          const ssEl = document.getElementById('hwfit-server-select') || document.getElementById('hwfit-dl-server');
+          if (!ssEl || ssEl.value == null) return target;
+          if (ssEl.value === 'local') {
+            target.host = '';
+            target.serverKey = 'local';
+            target.serverName = 'Local';
+            return target;
+          }
+          const srv = _serverByVal?.(ssEl.value) || _envState.servers[parseInt(ssEl.value)];
+          if (srv) {
+            target.host = srv.host || '';
+            target.serverKey = _serverKey?.(srv) || ssEl.value || '';
+            target.serverName = srv.name || srv.host || '';
+            target.env = srv.env || '';
+            target.envPath = srv.envPath || '';
+          }
+          return target;
+        })();
 
         // Pre-launch: check our own task list for a serve already running
         // on this host. Offer to stop+launch as the default action — the
@@ -2079,10 +2802,11 @@ function _rerenderCachedModels() {
         // common case instantly without waiting for a network round-trip.
         try {
           const _runningMod = await import('./cookbookRunning.js');
-          const _hostStr = _envState.remoteHost || '';
+          const _hostStr = _selectedServeTarget.host || '';
+          const _serverKeyStr = _selectedServeTarget.serverKey || (_hostStr || 'local');
           const _active = (_runningMod._loadTasks ? _runningMod._loadTasks() : []).filter(t =>
             t && t.type === 'serve'
-            && (t.remoteHost || '') === _hostStr
+            && ((t.remoteHost || '') === _hostStr || (t.remoteServerKey || '') === _serverKeyStr)
             && (t.status === 'running' || t.status === 'ready' || t._serveReady)
           );
           if (_active.length) {
@@ -2154,11 +2878,11 @@ function _rerenderCachedModels() {
             // preflight and let the launch silently fall to CPU.
             let _hwGpus = [];
             try {
-              const _gh = (_envState.remoteHost || '').trim();
+              const _gh = (_selectedServeTarget.host || '').trim();
               const _gp = new URLSearchParams();
               if (_gh) {
                 _gp.set('host', _gh);
-                const _sp = (_serverByVal?.(_envState.remoteServerKey || _gh) || {}).port;
+                const _sp = (_serverByVal?.(_selectedServeTarget.serverKey || _gh) || {}).port;
                 if (_sp) _gp.set('ssh_port', _sp);
               }
               const _gr = await fetch('/api/cookbook/gpus' + (_gp.toString() ? '?' + _gp : ''), { credentials: 'same-origin' });
@@ -2267,11 +2991,11 @@ function _rerenderCachedModels() {
           || (serveState.backend === 'diffusers');
         if (_needsGpu) {
           try {
-            const _probeHost = (_envState.remoteHost || '').trim();
+            const _probeHost = (_selectedServeTarget.host || '').trim();
             const _probeParams = new URLSearchParams();
             if (_probeHost) {
               _probeParams.set('host', _probeHost);
-              const _sp = (_serverByVal?.(_envState.remoteServerKey || _probeHost) || {}).port;
+              const _sp = (_serverByVal?.(_selectedServeTarget.serverKey || _probeHost) || {}).port;
               if (_sp) _probeParams.set('ssh_port', _sp);
             }
             const _probeRes = await fetch('/api/cookbook/gpus' + (_probeParams.toString() ? '?' + _probeParams : ''), { credentials: 'same-origin' });
@@ -2305,7 +3029,7 @@ function _rerenderCachedModels() {
             || launchCmd.match(/OLLAMA_HOST=[^:\s]+:(\d{2,5})\b/);
           const _port = _portMatch ? _portMatch[1] : '';
           if (_port) {
-            const _portHost = (_envState.remoteHost || '').trim();
+            const _portHost = (_selectedServeTarget.host || '').trim();
             const _checkInner = `ss -tlnp 2>/dev/null | awk '$4 ~ /:${_port}$/ {print; exit}' || netstat -tlnp 2>/dev/null | awk '$4 ~ /:${_port}$/ {print; exit}'`;
             const _cmd = _portHost
               ? `ss h ${_portHost} <<<"" 2>/dev/null; ssh -o ConnectTimeout=4 -o StrictHostKeyChecking=no ${_portHost} ${JSON.stringify(_checkInner)}`
@@ -2362,23 +3086,11 @@ function _rerenderCachedModels() {
         const venvVal = panel.querySelector('[data-field="venv"]')?.value?.trim();
         const gpusVal = panel.querySelector('[data-field="gpus"]')?.value?.trim();
         const origGpus = _envState.gpus;
-        // Resolve the target host from the visible Server dropdown — the reliable
-        // source. Relying on _envState.remoteHost silently sent serves to Local
-        // when that value was stale/empty. Pass it explicitly to the launcher.
-        let serveHost = _envState.remoteHost || '';
-        let _srvEnv = '', _srvEnvPath = '';
-        const _ssEl = document.getElementById('hwfit-server-select') || document.getElementById('hwfit-dl-server');
-        if (_ssEl && _ssEl.value != null) {
-          if (_ssEl.value === 'local') serveHost = '';
-          else {
-            const _srv = _serverByVal?.(_ssEl.value) || _envState.servers[parseInt(_ssEl.value)];
-            if (_srv) {
-              serveHost = _srv.host;
-              _srvEnv = _srv.env || '';
-              _srvEnvPath = _srv.envPath || '';
-            }
-          }
-        }
+        const serveHost = _selectedServeTarget.host || '';
+        const serveServerKey = _selectedServeTarget.serverKey || '';
+        const serveServerName = _selectedServeTarget.serverName || '';
+        const _srvEnv = _selectedServeTarget.env || '';
+        const _srvEnvPath = _selectedServeTarget.envPath || '';
         // The venv field wins; otherwise fall back to the env configured for the
         // selected server in Settings, so the activation isn't silently dropped
         // when the field is left blank (the per-server venv wasn't being applied).
@@ -2421,7 +3133,7 @@ function _rerenderCachedModels() {
           await _withSpinner(_launchBtn, async () => {
             // Pass the exact form values so the running task can be re-opened
             // in the Serve panel pre-filled with these settings (Edit button).
-            await _launchServeTask(shortName, repo, launchCmd, serveState, serveHost);
+            await _launchServeTask(shortName, repo, launchCmd, serveState, serveHost, { serverKey: serveServerKey, serverName: serveServerName });
           });
         } finally {
           _envState.env = origEnv;
@@ -2438,7 +3150,7 @@ function _rerenderCachedModels() {
         // copying collapses the whole serve panel mid-flight.
         e.preventDefault();
         e.stopPropagation();
-        const cmd = panel.querySelector('.hwfit-serve-cmd').value;
+        const cmd = _cmdManuallyEdited ? panel.querySelector('.hwfit-serve-cmd').value : _formatServeCmdPreview(panel._cmd);
         _copyText(cmd).then(() => {
           const btn = panel.querySelector('.hwfit-serve-copy');
           const origHtml = btn.innerHTML;
@@ -2843,6 +3555,7 @@ export function initServe(shared) {
   _getPort = shared._getPort;
   _sshPrefix = shared._sshPrefix;
   _serverByVal = shared._serverByVal;
+  _serverKey = shared._serverKey;
   _getPlatform = shared._getPlatform;
   _isWindows = shared._isWindows;
   _isMetal = shared._isMetal;
diff --git a/static/js/document.js b/static/js/document.js
index cfa2025d0..78dc99341 100644
--- a/static/js/document.js
+++ b/static/js/document.js
@@ -24,6 +24,7 @@ import * as Modals from './modalManager.js';
   let _autoDetectDebounce = null;
   let _autoTitleDebounce = null;
   let _autoSaveDebounce = null;
+  let _lastAutoSaveErrorAt = 0;
   let _animationInProgress = false;
   let _animationCancel = null;      // function to cancel current animation
   let _htmlPreviewActive = false;   // true when inline HTML preview iframe is showing
@@ -153,6 +154,20 @@ import * as Modals from './modalManager.js';
       addDocToTabs,
       syncDocIndicator: _syncDocIndicator,
     });
+    const sidebarNewDocBtn = document.getElementById('library-new-doc-btn');
+    if (sidebarNewDocBtn && !sidebarNewDocBtn.dataset.docNewWired) {
+      sidebarNewDocBtn.dataset.docNewWired = '1';
+      sidebarNewDocBtn.addEventListener('click', async (e) => {
+        e.preventDefault();
+        e.stopPropagation();
+        try {
+          await newDocument();
+        } catch (err) {
+          console.error('Failed to create document from sidebar button:', err);
+          if (uiModule) uiModule.showError('Failed to create document');
+        }
+      });
+    }
     _maybeOpenDocFromHash();
     window.addEventListener('hashchange', _maybeOpenDocFromHash);
   }
@@ -2685,6 +2700,104 @@ import * as Modals from './modalManager.js';
     await _uploadComposeFiles(files);
   }
 
+  function _isMarkdownImageFile(file) {
+    if (!file) return false;
+    if ((file.type || '').toLowerCase().startsWith('image/')) return true;
+    return /\.(avif|bmp|gif|jpe?g|png|svg|webp)$/i.test(file.name || '');
+  }
+
+  function _markdownImageAlt(name) {
+    const base = String(name || 'image').replace(/\.[^.]+$/, '').trim() || 'image';
+    return base.replace(/[\[\]\n\r]/g, ' ').replace(/\s+/g, ' ').trim() || 'image';
+  }
+
+  function _activeDocLanguage() {
+    const doc = activeDocId && docs.get(activeDocId);
+    return ((doc && doc.language) || document.getElementById('doc-language-select')?.value || '').toLowerCase();
+  }
+
+  function _scheduleMarkdownImageAutosave(ta) {
+    updateLineNumbers(ta.value);
+    const codeEl = document.getElementById('doc-editor-code');
+    if (codeEl && !codeEl.dataset.hasDiff) {
+      codeEl.textContent = ta.value + '\n';
+      codeEl.style.minHeight = ta.scrollHeight + 'px';
+    }
+    clearTimeout(_hlDebounce);
+    _hlDebounce = setTimeout(syncHighlighting, 80);
+    clearTimeout(_autoTitleDebounce);
+    _autoTitleDebounce = setTimeout(() => autoTitleFromContent(ta.value), 600);
+    clearTimeout(_autoSaveDebounce);
+    _autoSaveDebounce = setTimeout(() => { saveDocument({ silent: true }); }, 800);
+  }
+
+  function _insertMarkdownImages(uploadedFiles) {
+    const ta = document.getElementById('doc-editor-textarea');
+    if (!ta) return;
+    const files = Array.isArray(uploadedFiles) ? uploadedFiles : [];
+    if (!files.length) return;
+
+    const start = ta.selectionStart || 0;
+    const end = ta.selectionEnd || start;
+    const before = ta.value.slice(0, start);
+    const after = ta.value.slice(end);
+    const lines = files.map(file => {
+      const id = encodeURIComponent(file.id || file.file_id || '');
+      const alt = _markdownImageAlt(file.name || file.filename);
+      return id ? `![${alt}](/api/upload/${id})` : '';
+    }).filter(Boolean);
+    if (!lines.length) return;
+
+    const prefix = before && !before.endsWith('\n') ? '\n' : '';
+    const suffix = after && !after.startsWith('\n') ? '\n' : '';
+    const insert = `${prefix}${lines.join('\n\n')}${suffix}`;
+    _replaceRange(ta, start, end, insert);
+    const caret = start + insert.length;
+    ta.selectionStart = caret;
+    ta.selectionEnd = caret;
+    ta.focus();
+    _scheduleMarkdownImageAutosave(ta);
+    _refreshMarkdownPreviewIfVisible(activeDocId, ta.value);
+  }
+
+  async function _uploadMarkdownImages(files) {
+    const images = Array.from(files || []).filter(_isMarkdownImageFile);
+    if (!images.length) {
+      if (uiModule) uiModule.showError('Choose an image file');
+      return;
+    }
+    if (_activeDocLanguage() !== 'markdown') {
+      if (uiModule) uiModule.showError('Switch the document to markdown before inserting images');
+      return;
+    }
+
+    const fd = new FormData();
+    images.forEach(file => fd.append('files', file));
+    try {
+      const res = await fetch(`${API_BASE}/api/upload`, {
+        method: 'POST',
+        credentials: 'same-origin',
+        body: fd,
+      });
+      let data = null;
+      try { data = await res.json(); } catch (_) {}
+      if (!res.ok) throw new Error((data && (data.error || data.detail)) || `HTTP ${res.status}`);
+      const uploaded = Array.isArray(data?.files) ? data.files : [];
+      if (!uploaded.length) throw new Error('No uploaded files returned');
+      _insertMarkdownImages(uploaded);
+      if (uiModule) uiModule.showToast(images.length === 1 ? 'Image inserted' : 'Images inserted');
+    } catch (err) {
+      console.error('Failed to insert markdown image:', err);
+      if (uiModule) uiModule.showError('Failed to insert image');
+    }
+  }
+
+  async function _handleMarkdownImageUpload(e) {
+    const files = e.target.files;
+    e.target.value = '';
+    await _uploadMarkdownImages(files);
+  }
+
   function _renderComposeAttachments() {
     const container = document.getElementById('doc-email-compose-atts');
     if (!container) return;
@@ -3751,9 +3864,12 @@ import * as Modals from './modalManager.js';
       const res = await fetch(`${API_BASE}/api/document`, {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },
+        credentials: 'same-origin',
         body: JSON.stringify({ session_id: sessionId, title: '', content }),
       });
+      if (!res.ok) throw new Error(`Document create failed: HTTP ${res.status}`);
       const doc = await res.json();
+      if (!doc || !doc.id) throw new Error('Document create failed: missing id');
       addDocToTabs(doc, sessionId);
       // Set the content into the map so switchToDoc preserves it
       const d = docs.get(doc.id);
@@ -3980,6 +4096,7 @@ import * as Modals from './modalManager.js';
         <input type="hidden" id="doc-email-source-folder" />
         <input type="file" id="doc-email-file-input" multiple style="display:none" />
       </div>
+      <input type="file" id="doc-md-image-input" accept="image/*" multiple style="display:none" />
       <div class="doc-md-toolbar" id="doc-md-toolbar" style="display:none">
         <div class="md-toolbar-items" id="md-toolbar-items">
           <span class="md-view-toggle" id="doc-md-view-toggle" style="display:none" role="group" aria-label="Edit or preview">
@@ -4002,7 +4119,7 @@ import * as Modals from './modalManager.js';
           <button type="button" class="md-dd-toggle" data-dd="list" title="List"><span style="font-variant-numeric:tabular-nums;">1.</span><svg width="8" height="8" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="3.5" stroke-linecap="round" stroke-linejoin="round"><polyline points="6 9 12 15 18 9"/></svg></button>
           <span class="md-toolbar-sep"></span>
           <button type="button" data-md="link" title="Link"><svg width="12" height="12" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M10 13a5 5 0 0 0 7.54.54l3-3a5 5 0 0 0-7.07-7.07l-1.72 1.71"/><path d="M14 11a5 5 0 0 0-7.54-.54l-3 3a5 5 0 0 0 7.07 7.07l1.71-1.71"/></svg></button>
-          <button type="button" id="md-toolbar-attach-btn" class="md-toolbar-attach-btn" title="Attach files"><svg width="13" height="13" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="m21.44 11.05-9.19 9.19a6 6 0 0 1-8.49-8.49l8.57-8.57A4 4 0 1 1 17.93 8.8l-8.59 8.57a2 2 0 0 1-2.83-2.83l8.49-8.48"/></svg></button>
+          <button type="button" id="md-toolbar-attach-btn" class="md-toolbar-attach-btn" title="Insert image"><svg width="13" height="13" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="m21.44 11.05-9.19 9.19a6 6 0 0 1-8.49-8.49l8.57-8.57A4 4 0 1 1 17.93 8.8l-8.59 8.57a2 2 0 0 1-2.83-2.83l8.49-8.48"/></svg></button>
           <button type="button" class="md-dd-toggle md-toolbar-email-hide" data-dd="code" title="Code">\`<svg width="8" height="8" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="3.5" stroke-linecap="round" stroke-linejoin="round"><polyline points="6 9 12 15 18 9"/></svg></button>
           <button type="button" data-md="hr" title="Horizontal rule">—</button>
           <span class="md-toolbar-sep"></span>
@@ -4601,9 +4718,14 @@ import * as Modals from './modalManager.js';
       document.getElementById('doc-email-file-input')?.click();
     });
     document.getElementById('md-toolbar-attach-btn')?.addEventListener('click', () => {
-      document.getElementById('doc-email-file-input')?.click();
+      if (_activeDocLanguage() === 'email') {
+        document.getElementById('doc-email-file-input')?.click();
+      } else {
+        document.getElementById('doc-md-image-input')?.click();
+      }
     });
     document.getElementById('doc-email-file-input')?.addEventListener('change', _handleAttachUpload);
+    document.getElementById('doc-md-image-input')?.addEventListener('change', _handleMarkdownImageUpload);
 
     // Cc/Bcc toggle
     document.getElementById('doc-email-show-cc')?.addEventListener('click', () => {
@@ -4839,6 +4961,26 @@ import * as Modals from './modalManager.js';
         clearTimeout(_autoSaveDebounce);
         _autoSaveDebounce = setTimeout(() => { saveDocument({ silent: true }); }, 2000);
       });
+      ta.addEventListener('paste', (e) => {
+        if (_activeDocLanguage() !== 'markdown') return;
+        const files = Array.from(e.clipboardData?.files || []).filter(_isMarkdownImageFile);
+        if (!files.length) return;
+        e.preventDefault();
+        _uploadMarkdownImages(files);
+      });
+      ta.addEventListener('dragover', (e) => {
+        if (_activeDocLanguage() !== 'markdown') return;
+        const items = Array.from(e.dataTransfer?.items || []);
+        if (!items.some(item => item.kind === 'file' && /^image\//i.test(item.type || ''))) return;
+        e.preventDefault();
+      });
+      ta.addEventListener('drop', (e) => {
+        if (_activeDocLanguage() !== 'markdown') return;
+        const files = Array.from(e.dataTransfer?.files || []).filter(_isMarkdownImageFile);
+        if (!files.length) return;
+        e.preventDefault();
+        _uploadMarkdownImages(files);
+      });
       ta.addEventListener('scroll', () => {
         const code = document.getElementById('doc-editor-code');
         if (code) code.style.minHeight = ta.scrollHeight + 'px';
@@ -5547,7 +5689,7 @@ import * as Modals from './modalManager.js';
     // any dropdown that just opened. Preventing the default mousedown keeps the
     // textarea focused, so formatting hits the live selection and menus stay up.
     toolbar.addEventListener('mousedown', (e) => {
-      if (e.target.closest('[data-md], .md-dd-toggle, .emoji-picker-btn')) e.preventDefault();
+      if (e.target.closest('[data-md], .md-dd-toggle, .emoji-picker-btn, .md-toolbar-attach-btn')) e.preventDefault();
     });
 
     toolbar.addEventListener('click', (e) => {
@@ -5975,6 +6117,7 @@ import * as Modals from './modalManager.js';
       const res = await fetch(`${API_BASE}/api/document`, {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },
+        credentials: 'same-origin',
         body: JSON.stringify({
           session_id: sessionId,
           title: '',
@@ -5982,7 +6125,9 @@ import * as Modals from './modalManager.js';
           language: 'markdown',
         }),
       });
+      if (!res.ok) throw new Error(`Document create failed: HTTP ${res.status}`);
       const doc = await res.json();
+      if (!doc || !doc.id) throw new Error('Document create failed: missing id');
       addDocToTabs(doc, sessionId);
       if (!isOpen) openPanel();
       // Re-enable editor if it was in empty state
@@ -8265,8 +8410,10 @@ import * as Modals from './modalManager.js';
       const res = await fetch(`${API_BASE}/api/document/${activeDocId}`, {
         method: 'PUT',
         headers: { 'Content-Type': 'application/json' },
+        credentials: 'same-origin',
         body: JSON.stringify({ content: textarea.value }),
       });
+      if (!res.ok) throw new Error(`Document save failed: HTTP ${res.status}`);
       const doc = await res.json();
       const badge = document.getElementById('doc-version-badge');
       if (badge) { const _v = doc.version_count || 1; badge.textContent = `v${_v}`; badge.style.display = _v > 1 ? '' : 'none'; }
@@ -8279,7 +8426,11 @@ import * as Modals from './modalManager.js';
       if (!silent && uiModule) uiModule.showToast('Document saved');
     } catch (e) {
       console.error('Failed to save document:', e);
-      if (!silent && uiModule) uiModule.showError('Failed to save document');
+      const now = Date.now();
+      if (uiModule && (!silent || now - _lastAutoSaveErrorAt > 10000)) {
+        uiModule.showError(silent ? 'Autosave failed' : 'Failed to save document');
+        _lastAutoSaveErrorAt = now;
+      }
     }
   }
 
diff --git a/static/js/emailLibrary.js b/static/js/emailLibrary.js
index a5ac5f443..3735d0052 100644
--- a/static/js/emailLibrary.js
+++ b/static/js/emailLibrary.js
@@ -4574,11 +4574,12 @@ function _wireAttachmentHandlers(reader, folder) {
       const uid = openBtn.dataset.openUid;
       const index = openBtn.dataset.openIndex;
       const name = openBtn.dataset.openName || `attachment-${index}`;
+      const sourceFolder = openBtn.dataset.openFolder || useFolder;
       if (!uid || index == null) return;
       const orig = openBtn.style.opacity;
       openBtn.style.opacity = '0.4';
       try {
-        const folderQs = encodeURIComponent(useFolder);
+        const folderQs = encodeURIComponent(sourceFolder);
         const res = await fetch(
           `${API_BASE}/api/email/attachment-as-doc/${encodeURIComponent(uid)}/${encodeURIComponent(index)}?folder=${folderQs}${_acct()}`,
           { method: 'POST', credentials: 'same-origin' }
@@ -4632,8 +4633,9 @@ function _wireAttachmentHandlers(reader, folder) {
       const uid = chip.dataset.attUid;
       const index = chip.dataset.attIndex;
       const name = chip.dataset.attName || `attachment-${index}`;
+      const sourceFolder = chip.dataset.attFolder || useFolder;
       if (!uid || index == null) return;
-      const url = `${API_BASE}/api/email/attachment/${encodeURIComponent(uid)}/${encodeURIComponent(index)}?folder=${encodeURIComponent(useFolder)}${_acct()}`;
+      const url = `${API_BASE}/api/email/attachment/${encodeURIComponent(uid)}/${encodeURIComponent(index)}?folder=${encodeURIComponent(sourceFolder)}${_acct()}`;
       if (_isMobileUA) {
         window.open(url, '_blank');
         return;
@@ -4712,25 +4714,50 @@ function _isLikelySignatureImage(a) {
 // Build the attachments header+chips HTML for an email read response. Pulled
 // out so both the initial-open and the swap-reader paths can render it.
 function _buildAttsHtmlFor(uid, data) {
-  if (!data || !data.attachments || !data.attachments.length) return '';
-  const _OPENABLE_RE = /\.(pdf|docx|txt|md|markdown)$/i;
-  const visible = data.attachments.filter(a => !_isLikelySignatureImage(a));
-  if (!visible.length) return '';
-  const chips = visible.map(a => {
+  if (!data) return '';
+  const _OPENABLE_RE = /\.(pdf|docx|txt|md|markdown|eml)$/i;
+  const currentAttachments = Array.isArray(data.attachments) ? data.attachments : [];
+  const relatedAttachments = Array.isArray(data.related_attachments) ? data.related_attachments : [];
+  if (!currentAttachments.length && !relatedAttachments.length) return '';
+  const visible = currentAttachments.filter(a => !_isLikelySignatureImage(a));
+  const hidden = currentAttachments.filter(a => _isLikelySignatureImage(a));
+  const related = relatedAttachments.filter(a => !_isLikelySignatureImage(a));
+  const renderChip = (a, extraClass = '') => {
     const openable = _OPENABLE_RE.test(a.filename || '');
+    const chipUid = a.source_uid || a.uid || uid;
+    const chipFolder = a.source_folder || data.folder || state._libFolder || 'INBOX';
     const openBtn = openable
-      ? `<span class="email-attachment-open" title="Open in document editor" data-open-uid="${_esc(uid)}" data-open-index="${a.index}" data-open-name="${_esc(a.filename)}"><svg width="12" height="12" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M14 2H6a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V8z"/><polyline points="14 2 14 8 20 8"/><line x1="8" y1="13" x2="16" y2="13"/><line x1="8" y1="17" x2="16" y2="17"/><line x1="8" y1="9" x2="10" y2="9"/></svg><span class="email-attachment-open-label">Open</span></span>`
+      ? `<span class="email-attachment-open" title="Open in document editor" data-open-uid="${_esc(chipUid)}" data-open-index="${a.index}" data-open-name="${_esc(a.filename)}" data-open-folder="${_esc(chipFolder)}"><svg width="12" height="12" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M14 2H6a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V8z"/><polyline points="14 2 14 8 20 8"/><line x1="8" y1="13" x2="16" y2="13"/><line x1="8" y1="17" x2="16" y2="17"/><line x1="8" y1="9" x2="10" y2="9"/></svg><span class="email-attachment-open-label">Open</span></span>`
       : '';
-    return `<button type="button" class="email-attachment-chip" data-att-uid="${_esc(uid)}" data-att-index="${a.index}" data-att-name="${_esc(a.filename)}"><svg width="12" height="12" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="m21.44 11.05-9.19 9.19a6 6 0 0 1-8.49-8.49l8.57-8.57A4 4 0 1 1 17.93 8.8l-8.59 8.57a2 2 0 0 1-2.83-2.83l8.49-8.48"/></svg><span>${_esc(a.filename)}</span><span class="att-size">${Math.round((a.size||0)/1024)} KB</span>${openBtn}</button>`;
-  }).join('');
+    return `<button type="button" class="email-attachment-chip${extraClass}" data-att-uid="${_esc(chipUid)}" data-att-index="${a.index}" data-att-name="${_esc(a.filename)}" data-att-folder="${_esc(chipFolder)}"><svg width="12" height="12" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="m21.44 11.05-9.19 9.19a6 6 0 0 1-8.49-8.49l8.57-8.57A4 4 0 1 1 17.93 8.8l-8.59 8.57a2 2 0 0 1-2.83-2.83l8.49-8.48"/></svg><span>${_esc(a.filename)}</span><span class="att-size">${Math.round((a.size||0)/1024)} KB</span>${openBtn}</button>`;
+  };
+  const chips = visible.map(a => renderChip(a)).join('');
+  const hiddenChips = hidden.map(a => renderChip(a, ' email-attachment-chip-muted')).join('');
+  const relatedChips = related.map(a => renderChip(a, ' email-attachment-chip-related')).join('');
+  const visibleSection = visible.length
+    ? '<div class="email-reader-atts">' + chips + '</div>'
+    : '';
+  const relatedSection = related.length
+    ? '<div class="email-reader-atts-hidden-note">From earlier in this thread</div><div class="email-reader-atts email-reader-atts-related">' + relatedChips + '</div>'
+    : '';
+  const hiddenSection = hidden.length
+    ? '<div class="email-reader-atts-hidden-note">Filtered inline images / signature files</div><div class="email-reader-atts email-reader-atts-hidden">' + hiddenChips + '</div>'
+    : '';
+  const label = visible.length
+    ? `Attachments (${visible.length + related.length})`
+    : related.length
+      ? `Thread attachments (${related.length})`
+      : `Hidden inline attachments (${hidden.length})`;
   return (
     '<div class="email-reader-atts-wrap collapsed">'
     +   '<div class="email-reader-atts-header email-summary-toggle" role="button" tabindex="0">'
     +     '<svg width="11" height="11" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="m21.44 11.05-9.19 9.19a6 6 0 0 1-8.49-8.49l8.57-8.57A4 4 0 1 1 17.93 8.8l-8.59 8.57a2 2 0 0 1-2.83-2.83l8.49-8.48"/></svg>'
-    +     `<span>Attachments (${data.attachments.length})</span>`
+    +     `<span>${label}</span>`
     +     '<svg class="email-summary-chevron" width="10" height="10" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.5" stroke-linecap="round" stroke-linejoin="round" style="margin-left:auto;transition:transform .15s ease;"><polyline points="6 9 12 15 18 9"/></svg>'
     +   '</div>'
-    +   '<div class="email-reader-atts">' + chips + '</div>'
+    +   visibleSection
+    +   relatedSection
+    +   hiddenSection
     + '</div>'
   );
 }
diff --git a/static/js/markdown.js b/static/js/markdown.js
index 41a62b3d2..0dde5ae3c 100644
--- a/static/js/markdown.js
+++ b/static/js/markdown.js
@@ -36,6 +36,14 @@ function linkHtml(text, url) {
   return `<a href="${escapeHtml(safeUrl)}" target="_blank" rel="noopener noreferrer">${safeText}</a>`;
 }
 
+function imageHtml(alt, url, title) {
+  const safeUrl = safeLinkUrl(url);
+  if (!safeUrl || safeUrl.startsWith('#')) return escapeHtml(alt || '');
+  const safeAlt = escapeHtml(alt || '');
+  const safeTitle = title ? ` title="${escapeHtml(title)}"` : '';
+  return `<img src="${escapeHtml(safeUrl)}" alt="${safeAlt}"${safeTitle} loading="lazy" decoding="async">`;
+}
+
 function _isModelEndpointUrl(rawUrl) {
   try {
     const parsed = new URL(String(rawUrl || ''), window.location.origin);
@@ -146,7 +154,7 @@ function sanitizeAllowedHtml(html) {
  * Check if text has unclosed think tag
  */
 export function hasUnclosedThinkTag(text) {
-  text = text || '';
+  text = normalizeThinkingMarkup(text || '');
   const openCount =
     (text.match(/<(?:think(?:ing)?|thought)(?:\s+[^>]*)?>/gi) || []).length
     + (text.match(/<\|channel>thought/gi) || []).length;
@@ -163,6 +171,10 @@ export function startsWithReasoningPrefix(text) {
 export function normalizeThinkingMarkup(text) {
   if (!text) return text;
   let normalized = text;
+  // MiniMax M-series can emit namespaced reasoning tags like
+  // <mm:think>...</mm:think>. Normalize them into the shared thinking parser.
+  normalized = normalized.replace(/<mm:think(\s+[^>]*)?>/gi, (_m, attrs = '') => `<think${attrs || ''}>`);
+  normalized = normalized.replace(/<\/mm:think>/gi, '</think>');
   normalized = normalized.replace(/<thought(\s+[^>]*)?>/gi, (_m, attrs = '') => `<think${attrs || ''}>`);
   normalized = normalized.replace(/<\/thought>/gi, '</think>');
   normalized = normalized.replace(/<\|channel>thought\s*\n?([\s\S]*?)<channel\|>\s*/gi, (_m, content = '') => {
@@ -535,6 +547,12 @@ export function mdToHtml(src, opts) {
     '$1[#$2](#$2)',
   );
 
+  // Convert markdown images before links so ![alt](url) does not become
+  // literal "!" plus a normal link.
+  s = s.replace(/!\[([^\]\n]*)\]\(([^)\s]+)(?:\s+"([^"]*)")?\)/g, (match, alt, url, title) => {
+    return imageHtml(alt, url, title);
+  });
+
   // Convert markdown links [text](url) to clickable links
   // Internal #hash links navigate in-page; external links open in new tab
   s = s.replace(/\[([^\]]+)\]\(([^)]+)\)/g, (match, text, url) => {
@@ -573,8 +591,9 @@ export function mdToHtml(src, opts) {
     return placeholder;
   });
 
-  // ALSO preserve <a> tags the same way (they're now in the HTML from markdown conversion)
-  s = s.replace(/<a\s+[^>]*>.*?<\/a>/gi, (match) => {
+  // ALSO preserve <a>/<img> tags the same way (they're now in the HTML from
+  // markdown conversion)
+  s = s.replace(/<(?:a\s+[^>]*>.*?<\/a|img\s+[^>]*?)>/gi, (match) => {
     const placeholder = `___ALLOWED_HTML_${allowedHtmlBlocks.length}___`;
     allowedHtmlBlocks.push(sanitizeAllowedHtml(match));
     return placeholder;
diff --git a/static/js/modelPicker.js b/static/js/modelPicker.js
index f486c2335..5538bf278 100644
--- a/static/js/modelPicker.js
+++ b/static/js/modelPicker.js
@@ -112,6 +112,7 @@ function _initModelPickerDropdown() {
   const search = document.getElementById('model-picker-search');
   const listEl = document.getElementById('model-picker-list');
   const searchRow = menu ? menu.querySelector('.model-picker-search-row') : null;
+  const refreshBtn = document.getElementById('model-picker-refresh-btn');
   if (!wrap || !btn || !menu || !search || !listEl) return;
 
   function _close() {
@@ -608,6 +609,26 @@ function _initModelPickerDropdown() {
 
   search.addEventListener('input', () => _populate(search.value));
   search.addEventListener('click', (e) => e.stopPropagation());
+  if (refreshBtn) {
+    refreshBtn.addEventListener('click', async (e) => {
+      e.stopPropagation();
+      refreshBtn.disabled = true;
+      refreshBtn.classList.add('spinning');
+      try {
+        if (window.modelsModule && window.modelsModule.refreshModels) {
+          await window.modelsModule.refreshModels(true);
+        }
+        await _refreshLocalProbe();
+        if (!menu.classList.contains('hidden')) _populate(search.value || '');
+        updateModelPicker();
+      } catch (_) {
+        uiModule.showToast('Model refresh failed');
+      } finally {
+        refreshBtn.disabled = false;
+        refreshBtn.classList.remove('spinning');
+      }
+    });
+  }
   search.addEventListener('keydown', (e) => {
     _handlePickerKeydown(e, listEl, '.model-switch-item', _close);
   });
diff --git a/static/js/tasks.js b/static/js/tasks.js
index a74bde151..2914389b9 100644
--- a/static/js/tasks.js
+++ b/static/js/tasks.js
@@ -17,9 +17,16 @@ let _tasksFetched = false;   // first-fetch sentinel — `false` → show loadin
 let _escHandler = null;
 let _viewingRuns = null; // task id when viewing run history
 let _clockInterval = null;
+let _taskFailurePending = false;
 
 const DAYS_OF_WEEK = ['Monday', 'Tuesday', 'Wednesday', 'Thursday', 'Friday', 'Saturday', 'Sunday'];
 
+function _setTaskFailurePending(active) {
+  _taskFailurePending = !!active;
+  document.getElementById('tool-tasks-btn')?.classList.toggle('task-failure-pending', _taskFailurePending);
+  document.getElementById('rail-tasks')?.classList.toggle('task-failure-pending', _taskFailurePending);
+}
+
 // ---- API ----
 
 async function _fetchTasks() {
@@ -2238,6 +2245,9 @@ function _renderActivityEntry(entry) {
     status = _classifyResult(entry.result);
   }
   const statusDot = `<span class="task-log-status task-log-status-${status}" title="${status}"></span>`;
+  const failedTag = status === 'error'
+    ? '<span class="task-log-failed-tag">(failed)</span>'
+    : '';
   // Render the result through markdown so code blocks, lists, links look right.
   let resultHtml;
   const _isRunning = entry.status === 'running' || entry.status === 'queued';
@@ -2361,7 +2371,7 @@ function _renderActivityEntry(entry) {
       <div class="task-log-row-head">
         ${statusDot}
         <span class="task-log-task-icon">${_taskIcon({ action: entry.action, task_type: entry.kind })}</span>
-        <span class="task-log-name">${_escHtml(entry.taskName)}</span>${_taskAiMark(entry)}
+        <span class="task-log-name">${_escHtml(entry.taskName)}</span>${failedTag}${_taskAiMark(entry)}
         ${repeatBadge}
         <span style="flex:1"></span>
         ${rightHtml}
@@ -2502,8 +2512,11 @@ function _renderMainView() {
 
 export function openTasks(focusId, opts) {
   const o = opts || {};
+  const openActivityForFailure = _taskFailurePending && !focusId && o.filter === undefined;
+  _setTaskFailurePending(false);
   if (_open) {
     // Already open — just focus the requested task / apply filter.
+    if (openActivityForFailure) _switchTab('activity');
     if (o.filter !== undefined) { _taskFilter = o.filter; _renderList(); }
     if (focusId) _focusTask(focusId);
     return;
@@ -2610,7 +2623,7 @@ export function openTasks(focusId, opts) {
   // of an empty modal-body that fills in after the fetch resolves — that delay
   // was visible as a "flicker" right after opening.
   _activeTab = 'tasks';
-  _switchTab('tasks');
+  _switchTab(openActivityForFailure ? 'activity' : 'tasks');
   _fetchTasks().then(() => {
     // Re-render so the list swaps the Loading row for real cards.
     _renderList();
@@ -2704,7 +2717,13 @@ async function _pollTaskNotifications() {
       const msg = `Task ${ok ? 'finished' : 'failed'}: ${n.task_name}`;
       if (!uiModule) continue;
       if (ok) uiModule.showToast(msg, { duration: 5000 });
-      else uiModule.showError(msg);
+      else {
+        _setTaskFailurePending(true);
+        uiModule.showError(msg);
+        if (_open && document.querySelector('.tasks-tab.active[data-tab="activity"]')) {
+          _renderActivityView();
+        }
+      }
     }
   } catch (e) {
     // Silently ignore — server may be unreachable
diff --git a/static/style.css b/static/style.css
index f4a331c47..44ef5e6c9 100644
--- a/static/style.css
+++ b/static/style.css
@@ -2676,6 +2676,15 @@ body.bg-pattern-sparkles {
     .mode-toggle.mode-right::before {
       transform: translateX(100%);
     }
+    .mode-toggle.mode-toggle-three::before {
+      width: 33.3333%;
+    }
+    .mode-toggle.mode-toggle-three.mode-mid::before {
+      transform: translateX(100%);
+    }
+    .mode-toggle.mode-toggle-three.mode-third::before {
+      transform: translateX(200%);
+    }
     #mode-agent-btn {
       border-radius: 10px 0 0 10px;
     }
@@ -2715,6 +2724,15 @@ body.bg-pattern-sparkles {
     .mode-toggle-btn + .mode-toggle-btn {
       border-left: none;
     }
+    @media (max-width: 768px) {
+      .mode-toggle.mode-toggle-three [data-llama-mode="unified"] > span {
+        font-size: 0;
+      }
+      .mode-toggle.mode-toggle-three [data-llama-mode="unified"] > span::after {
+        content: 'Unif';
+        font-size: 11px;
+      }
+    }
     /* Message count badge in the chat-meta header (next to the title).
        Auto-hides when empty so a brand-new chat doesn't show "0 msgs". */
     .chat-meta-count {
@@ -2822,10 +2840,14 @@ body.bg-pattern-sparkles {
       transform: translateX(10px) scale(0.88);
       pointer-events: none;
     }
+    .model-picker-search-wrap {
+      position: relative;
+      min-width: 0;
+    }
     .model-picker-menu input[type="text"] {
       width: 100%;
       box-sizing: border-box;
-      padding: 6px 8px;
+      padding: 6px 30px 6px 8px;
       font-size: 0.82em;
       border: 1px solid var(--border);
       border-radius: 4px;
@@ -2842,6 +2864,37 @@ body.bg-pattern-sparkles {
     .model-picker-menu input[type="text"]::placeholder {
       color: color-mix(in srgb, var(--fg) 30%, transparent);
     }
+    .model-picker-refresh-btn {
+      appearance: none;
+      position: absolute;
+      top: 50%;
+      right: 4px;
+      transform: translateY(-50%);
+      width: 22px;
+      height: 22px;
+      border: 0;
+      border-radius: 4px;
+      background: transparent;
+      color: color-mix(in srgb, var(--fg) 54%, transparent);
+      display: inline-flex;
+      align-items: center;
+      justify-content: center;
+      padding: 0;
+      cursor: pointer;
+    }
+    .model-picker-refresh-btn:hover,
+    .model-picker-refresh-btn:focus-visible {
+      color: var(--fg);
+      background: color-mix(in srgb, var(--fg) 8%, transparent);
+      outline: none;
+    }
+    .model-picker-refresh-btn:disabled {
+      opacity: 0.7;
+      cursor: default;
+    }
+    .model-picker-refresh-btn.spinning svg {
+      animation: model-picker-refresh-spin 0.75s linear infinite;
+    }
     .model-picker-action-btn {
       appearance: none;
       display: inline-flex;
@@ -4102,7 +4155,7 @@ body.bg-pattern-sparkles {
       .sidebar {
         position: fixed !important;
         top: 0; bottom: 0; left: 0;
-        z-index: 200;
+        z-index: 400;
         width: 80% !important;
         max-width: 340px;
         box-shadow: 4px 0 20px rgba(0,0,0,0.5);
@@ -4133,7 +4186,7 @@ body.bg-pattern-sparkles {
       #sidebar-backdrop {
         position: fixed;
         inset: 0;
-        z-index: 199;
+        z-index: 390;
         background: rgba(0,0,0,0.4);
         opacity: 0;
         pointer-events: none;
@@ -6882,7 +6935,7 @@ pre { background: var(--code-bg, var(--hl-bg, #282c34)) !important; }
        inside .chat-input-top, matching .model-picker-wrap's slot. */
     .chat-input-top > .cmp-eval-wrap {
       position: absolute;
-      top: 0; right: 0;
+      top: -2px; right: 0;
       z-index: 2;
     }
     .cmp-eval-btn {
@@ -7224,14 +7277,16 @@ pre { background: var(--code-bg, var(--hl-bg, #282c34)) !important; }
       width: 100%; order: 99; margin-top: -4px; padding-bottom: 2px; padding-left: 2px;
     }
     .pane-finish-badge {
-      font-weight: 600; color: var(--red);
+      font-weight: 600; color: var(--green, #50fa7b);
+      position: relative;
+      top: 2px;
     }
     .compare-pane.winner .pane-header {
-      background: color-mix(in srgb, var(--red) 12%, transparent);
-      border-bottom-color: color-mix(in srgb, var(--red) 30%, var(--border));
+      background: color-mix(in srgb, var(--green, #50fa7b) 12%, transparent);
+      border-bottom-color: color-mix(in srgb, var(--green, #50fa7b) 30%, var(--border));
     }
     .compare-pane.winner .pane-title {
-      color: var(--red);
+      color: var(--green, #50fa7b);
     }
     .compare-pane.loser .pane-header {
       opacity: 0.5;
@@ -7501,6 +7556,33 @@ pre { background: var(--code-bg, var(--hl-bg, #282c34)) !important; }
         padding: 14px 8px 10px 8px !important;
         min-height: 44px;
       }
+      .compare-pane .pane-header {
+        align-items: flex-start;
+        row-gap: 3px;
+      }
+      .compare-pane .pane-title-btn {
+        flex: 0 0 100%;
+        width: 100%;
+        order: 0;
+        padding-right: 2px;
+      }
+      .compare-pane .pane-timer,
+      .compare-pane .pane-finish-badge,
+      .compare-pane .pane-actions {
+        order: 1;
+      }
+      .compare-grid[data-cols="4"] .compare-pane .pane-timer,
+      .compare-grid[data-cols="5"] .compare-pane .pane-timer,
+      .compare-grid[data-cols="6"] .compare-pane .pane-timer {
+        width: auto;
+        order: 1;
+        margin-top: 0;
+        padding-bottom: 0;
+        padding-left: 0;
+      }
+      .compare-pane .pane-actions {
+        margin-left: auto;
+      }
       /* Mode tabs: icons only, centered */
       .compare-mode-tab span { display: none; }
       .compare-mode-tabs { justify-content: center; }
@@ -18869,7 +18951,7 @@ body.gallery-selecting .gallery-dl-btn,
   top: -6px;
 }
 #serve-bulk-bar #serve-bulk-cancel {
-  top: 0 !important;
+  top: -2px !important;
   display: inline-flex;
   align-items: center;
   justify-content: center;
@@ -19212,6 +19294,14 @@ body.gallery-selecting .gallery-dl-btn,
   position: relative;
   top: -3px;
 }
+@media (max-width: 768px) {
+  .cookbook-section-header .cookbook-clear-btn {
+    top: -3px;
+  }
+  .cookbook-task-check {
+    top: 4px;
+  }
+}
 /* "Stop all" sits just left of "Clear finished"; it carries the auto margin so
    the pair is pushed together to the right of the section title. */
 .cookbook-section-header .cookbook-stop-all-btn {
@@ -19355,25 +19445,68 @@ body.gallery-selecting .gallery-dl-btn,
 .cookbook-saved-save {
   padding: 0 10px;
   gap: 4px;
-  background: var(--red);
-  color: #fff;
-  border-color: var(--red);
+  background: var(--bg);
+  color: var(--fg);
+  border-color: var(--border);
   font-weight: 600;
   opacity: 1;
   border-top-right-radius: 0;
   border-bottom-right-radius: 0;
 }
 .cookbook-saved-save:hover {
-  background: color-mix(in srgb, var(--red) 80%, white);
-  border-color: color-mix(in srgb, var(--red) 80%, white);
+  background: var(--border);
+  border-color: var(--accent);
   opacity: 1;
 }
 .cookbook-saved-arrow {
   padding: 0 6px;
+  background: var(--bg);
+  color: var(--fg);
+  border-color: var(--border);
+  opacity: 1;
   border-top-left-radius: 0;
   border-bottom-left-radius: 0;
   border-left: none;
 }
+.cookbook-saved-menu .cookbook-saved-favorite {
+  border-left: 3px solid var(--red);
+  background: color-mix(in srgb, var(--red) 4%, transparent);
+}
+.cookbook-saved-fav-btn {
+  width: 20px;
+  height: 20px;
+  padding: 0;
+  border: 1px solid transparent;
+  border-radius: 6px;
+  background: none;
+  color: var(--fg-muted);
+  opacity: 0.55;
+  cursor: pointer;
+  display: inline-flex;
+  align-items: center;
+  justify-content: center;
+  flex-shrink: 0;
+}
+.cookbook-saved-fav-btn:hover,
+.cookbook-saved-fav-btn.active {
+  color: var(--red);
+  opacity: 1;
+  background: color-mix(in srgb, var(--red) 10%, transparent);
+}
+.cookbook-saved-fav-badge {
+  flex-shrink: 0;
+}
+.cookbook-serve-favorite-model {
+  border-left-color: var(--red) !important;
+  background: color-mix(in srgb, var(--red) 4%, transparent);
+}
+.cookbook-serve-fav-badge {
+  display: inline-flex;
+  align-items: center;
+  vertical-align: 1px;
+  margin-left: 5px;
+  margin-right: 2px;
+}
 .cookbook-slot-saved { background: color-mix(in srgb, var(--accent) 10%, transparent); border-color: color-mix(in srgb, var(--accent) 30%, transparent); color: var(--accent); }
 .cookbook-slot-saved:hover { background: color-mix(in srgb, var(--accent) 20%, transparent); }
 .cookbook-slot-btn.active { opacity: 1; background: var(--accent); color: #fff; border-color: var(--accent);
@@ -19502,9 +19635,9 @@ body.gallery-selecting .gallery-dl-btn,
   background: color-mix(in srgb, var(--green, #50fa7b) 18%, transparent);
   color: var(--green, #50fa7b);
   border: 1px solid color-mix(in srgb, var(--green, #50fa7b) 35%, transparent);
-  /* Match the Install button + Installed ▾ split width so all three variants
-     align in a mixed row. */
-  min-width: 75.85px;
+  /* Match Install + Installed ▾ so all three variants align in mixed rows. */
+  width: 87.7px;
+  min-width: 87.7px;
   padding: 0 10px;
   box-sizing: border-box;
 }
@@ -19527,9 +19660,8 @@ body.gallery-selecting .gallery-dl-btn,
   font-weight: 500;
   position: relative;
   top: -3px;
-  /* Width matches the measured Installed ▾ split button (75.85px) so a row of
-     mixed Install / Installed deps lines up. */
-  min-width: 75.85px;
+  width: 87.7px;
+  min-width: 87.7px;
   padding: 0 10px;
   /* Strip the native button box so it's the same height as the sibling tags
      (Firefox renders <button> taller otherwise); height comes from .cookbook-dep-tag. */
@@ -19574,6 +19706,8 @@ body.gallery-selecting .gallery-dl-btn,
    opens the actions menu (Update). Replaces the old ⋮ button. */
 .cookbook-dep-installed-btn {
   padding: 0;
+  width: 87.7px;
+  min-width: 87.7px;
   cursor: pointer;
   font-family: inherit;
   overflow: hidden;
@@ -19619,8 +19753,20 @@ body.gallery-selecting .gallery-dl-btn,
    padding now (16px → 8px) per follow-up tweak, brings the title back
    over the actual Save button instead of overshooting it. */
 .hwfit-serve-row label:has(> .cookbook-serve-slots) {
+  grid-column: -2 / -1;
+  justify-self: end;
   text-align: right;
-  padding-right: 8px;
+  padding-right: 0;
+}
+.hwfit-serve-row label:has(> .cookbook-serve-slots) > span {
+  display: inline-block;
+  position: relative;
+  left: -33px;
+}
+.hwfit-serve-preset-row {
+  display: flex;
+  justify-content: flex-end;
+  margin: 0 0 6px;
 }
 /* Expanded serve panel — make sure it can be scrolled past when it
    grows taller than the visible viewport. Caps panel height to viewport
@@ -19635,6 +19781,10 @@ body.gallery-selecting .gallery-dl-btn,
   .hwfit-cached-item .hwfit-serve-panel {
     max-height: calc(100svh - 120px);
   }
+  .hwfit-serve-preset-row {
+    justify-content: flex-end;
+    margin: -2px 0 6px;
+  }
 }
 .hwfit-serve-row label {
   font-size: 10px;
@@ -19642,6 +19792,114 @@ body.gallery-selecting .gallery-dl-btn,
   white-space: nowrap;
   letter-spacing: 0.3px;
 }
+.hwfit-serve-row-core .hwfit-context-label {
+  grid-column: span 2;
+  width: auto;
+  min-width: 0;
+  max-width: none;
+  justify-self: start;
+}
+.hwfit-context-control {
+  display: block;
+  position: relative;
+  align-items: center;
+  margin-top: 2px;
+  width: 100px;
+}
+.hwfit-context-control .hwfit-sf[data-field="ctx"] {
+  min-width: 0;
+  width: 100%;
+  padding-right: 40px;
+}
+.hwfit-serve-row-core label:has(.hwfit-sf[data-field="max_seqs"]) {
+  position: relative;
+  left: 0;
+}
+.hwfit-serve-row-core label:has(.hwfit-sf[data-field="gpu_mem"]) {
+  position: relative;
+  left: -1px;
+}
+.hwfit-serve-row-core .hwfit-gpus-label {
+  position: relative;
+  left: -69px;
+}
+.hwfit-context-calc-btn {
+  position: absolute;
+  right: 3px;
+  top: -4px;
+  width: 34px;
+  height: 28px;
+  min-width: 34px;
+  padding: 0;
+  font-size: 10px;
+  line-height: 1;
+  display: inline-flex;
+  align-items: center;
+  justify-content: center;
+  text-align: center;
+  overflow: hidden;
+  white-space: nowrap;
+}
+.hwfit-context-calc-btn .spinner-whirlpool {
+  width: 12px !important;
+  height: 12px !important;
+  margin: 0 auto !important;
+}
+.hwfit-context-calc-btn .ai-spinner-whirlpool {
+  width: 12px !important;
+  height: 12px !important;
+}
+@media (min-width: 769px) {
+  [data-llama-mode-toggle].mode-toggle.mode-toggle-three .mode-toggle-btn > span {
+    top: -6px !important;
+  }
+  .mode-toggle.mode-toggle-three [data-llama-mode="unified"] > span {
+    font-size: 0;
+  }
+  .mode-toggle.mode-toggle-three [data-llama-mode="unified"] > span::after {
+    content: 'Unif';
+    font-size: 11px;
+  }
+}
+@media (max-width: 768px) {
+  .hwfit-serve-row-core .hwfit-context-label {
+    display: flex;
+    flex-direction: column;
+    align-items: flex-start;
+  }
+  details.hwfit-serve-advanced label:has(.hwfit-sf[data-field="vllm_env_preset"]),
+  details.hwfit-serve-advanced label:has(.hwfit-sf[data-field="extra_env"]) {
+    grid-column: 1 / -1 !important;
+  }
+  .hwfit-context-control {
+    display: inline-flex;
+    align-items: center;
+    gap: 4px;
+    width: auto;
+  }
+  .hwfit-context-control .hwfit-sf[data-field="ctx"] {
+    width: 100px;
+    padding-right: 6px;
+  }
+  .hwfit-context-calc-btn {
+    position: relative;
+    top: -2px;
+    left: 2px;
+    right: auto;
+    flex: 0 0 34px;
+    width: 34px;
+    min-width: 34px;
+  }
+}
+.hwfit-auto-ctx-note {
+  display: block;
+  margin-top: 3px;
+  font-size: 9px;
+  opacity: 0.6;
+  white-space: nowrap;
+  overflow: hidden;
+  text-overflow: ellipsis;
+}
 .hwfit-serve-row label select,
 .hwfit-serve-row label input {
   display: block;
@@ -19917,23 +20175,66 @@ body.gallery-selecting .gallery-dl-btn,
 .hwfit-serve-extra .hwfit-sf {
   width: 100%;
 }
+.hwfit-serve-cmd-details {
+  margin: 6px 0 0;
+}
+.hwfit-serve-cmd-summary {
+  display: flex;
+  align-items: center;
+  gap: 6px;
+  list-style: none;
+  cursor: pointer;
+  user-select: none;
+  padding: 6px 10px;
+  border: 1px solid var(--border);
+  border-radius: 5px;
+  background: color-mix(in srgb, var(--fg) 4%, transparent);
+  color: var(--fg-muted);
+  font-size: 10px;
+  letter-spacing: 0.3px;
+}
+.hwfit-serve-cmd-summary::-webkit-details-marker {
+  display: none;
+}
+.hwfit-serve-cmd-summary::after {
+  content: '';
+  margin-left: auto;
+  width: 0;
+  height: 0;
+  border-left: 4px solid currentColor;
+  border-top: 3px solid transparent;
+  border-bottom: 3px solid transparent;
+  opacity: 0.6;
+  transform: rotate(0deg);
+  transition: transform 0.18s ease;
+}
+.hwfit-serve-cmd-details[open] > .hwfit-serve-cmd-summary::after {
+  transform: rotate(90deg);
+}
+.hwfit-serve-cmd-details[open] > .hwfit-serve-cmd-summary {
+  border-bottom-left-radius: 0;
+  border-bottom-right-radius: 0;
+}
 .hwfit-serve-cmd {
-  margin: 6px 0;
+  margin: 0;
   padding: 8px 10px;
   background: color-mix(in srgb, var(--fg) 4%, transparent);
   border: 1px solid var(--border);
+  border-top: none;
   border-radius: 4px;
+  border-top-left-radius: 0;
+  border-top-right-radius: 0;
   font-family: 'Berkeley Mono', 'SF Mono', 'Fira Code', monospace;
   font-size: 10px;
-  white-space: pre-wrap;
-  word-break: break-all;
+  white-space: pre;
+  word-break: normal;
   width: 100%;
   box-sizing: border-box;
   resize: none;
   color: var(--fg);
   line-height: 1.5;
-  min-height: 36px;
-  overflow: hidden;
+  min-height: 112px;
+  overflow: auto;
 }
 .hwfit-serve-actions {
   display: flex;
@@ -19946,6 +20247,10 @@ body.gallery-selecting .gallery-dl-btn,
   font-size: 11px;
 }
 .hwfit-serve-actions-spacer { flex: 1 1 auto; }
+.hwfit-serve-actions .cookbook-serve-slots {
+  margin: 0;
+  align-self: stretch;
+}
 .hwfit-serve-launch {
   background: var(--accent-primary, var(--red));
   color: #fff;
@@ -20017,7 +20322,7 @@ body.gallery-selecting .gallery-dl-btn,
     width: 32px;
     height: 32px;
     min-width: 32px;
-    top: -5px;
+    top: -3px;
   }
   .cookbook-task .cookbook-task-menu-btn:active {
     opacity: 1;
@@ -20040,6 +20345,12 @@ body.gallery-selecting .gallery-dl-btn,
 .hwfit-serve-cmd-wrap {
   position: relative;
 }
+.hwfit-serve-cmd-title {
+  margin: 2px 0 3px;
+  font-size: 10px;
+  color: var(--fg-muted);
+  letter-spacing: 0.3px;
+}
 .hwfit-serve-cmd-wrap .hwfit-serve-cmd {
   /* Just enough breathing room so a cursor at line-end doesn't actually
      touch the Copy icon — text otherwise uses the full width of the box. */
@@ -20171,6 +20482,7 @@ body.gallery-selecting .gallery-dl-btn,
 }
 /* Status-driven left stripe via :has() — graceful fallback to neutral. */
 .cookbook-task:has(.cookbook-task-running) { border-left-color: var(--green, #50fa7b); }
+.cookbook-task:has(.cookbook-task-downloading) { border-left-color: var(--color-accent, #00aaff); }
 .cookbook-task:has(.cookbook-task-done)    { border-left-color: var(--green, #50fa7b); }
 .cookbook-task:has(.cookbook-task-error)   { border-left-color: var(--color-error, var(--warn, #f87171)); }
 .cookbook-task:has(.cookbook-task-queued)  { border-left-color: var(--color-warning, #f0ad4e); }
@@ -20222,6 +20534,10 @@ body.gallery-selecting .gallery-dl-btn,
   background: color-mix(in srgb, var(--fg) 10%, transparent);
   color: var(--fg-muted);
 }
+.cookbook-task[data-type="download"][data-status="running"] .cookbook-task-type[data-type="download"] {
+  background: color-mix(in srgb, var(--color-accent, #00aaff) 18%, transparent);
+  color: var(--color-accent, #00aaff);
+}
 /* Finished state — overrides the per-type colors so a completed download or
    serve task shows the same green FINISHED chip. */
 .cookbook-task-type.cookbook-task-type-done {
@@ -20390,6 +20706,7 @@ body.gallery-selecting .gallery-dl-btn,
   line-height: 16px;
 }
 .cookbook-task-running { background: color-mix(in srgb, var(--green, #50fa7b) 20%, transparent); color: var(--green, #50fa7b); }
+.cookbook-task-downloading { background: color-mix(in srgb, var(--color-accent, #00aaff) 20%, transparent); color: var(--color-accent, #00aaff); }
 /* Stopping: same pill treatment as "running" but orange. */
 .cookbook-task-stopping { background: color-mix(in srgb, var(--orange, #ffb86c) 22%, transparent); color: var(--orange, #ffb86c); }
 .cookbook-task-done { background: color-mix(in srgb, var(--green) 15%, transparent); color: var(--green); }
@@ -20434,6 +20751,16 @@ body.gallery-selecting .gallery-dl-btn,
 .cookbook-task-header {
   cursor: pointer;
 }
+.cookbook-task[data-type="serve"] .cookbook-task-header {
+  margin: 4px 4px 0;
+  border-radius: 6px;
+}
+.cookbook-task[data-type="serve"] .cookbook-output-wrap {
+  margin: 0 4px 4px;
+}
+.cookbook-task[data-type="serve"] .cookbook-output-pre {
+  border-radius: 6px;
+}
 
 /* Env bar — match admin-card */
 .cookbook-env-bar {
@@ -20555,6 +20882,9 @@ body.gallery-selecting .gallery-dl-btn,
 
 /* Mobile cookbook sizing — kept in line with calendar/library modals. */
 @media (max-width: 768px) {
+  .hwfit-serve-row-core .hwfit-context-label {
+    grid-column: 1 / -1;
+  }
   /* The Speculative control (checkbox + method dropdown + token stepper)
      is too wide for a phone — the stepper ran off the right edge of the
      modal. Let the group wrap onto its own line, take full width, and
@@ -20562,10 +20892,19 @@ body.gallery-selecting .gallery-dl-btn,
   .hwfit-spec-group {
     flex-wrap: wrap;
     flex-basis: 100%;
+    column-gap: 4px;
     row-gap: 4px;
   }
-  .hwfit-spec-group .hwfit-spec-method { min-width: 0; flex: 1 1 auto; }
+  .hwfit-spec-group .hwfit-spec-method {
+    min-width: 0;
+    flex: 0 1 82px;
+    max-width: 82px;
+  }
   .hwfit-numstep { flex: 0 0 auto; }
+  .hwfit-spec-group .hwfit-help-chip-inline {
+    flex: 0 0 auto;
+    margin-left: 2px !important;
+  }
   .cookbook-card-title { font-size: 13px; }
   .cookbook-card-desc { font-size: 12px; }
   .cookbook-field-label { font-size: 12px; }
@@ -22310,6 +22649,9 @@ body:not(.welcome-ready) #welcome-screen {
     transform: scaleY(0.4) translateY(8px);
   }
 }
+@keyframes model-picker-refresh-spin {
+  to { transform: rotate(360deg); }
+}
 
 @keyframes modal-enter {
   from {
@@ -22401,6 +22743,25 @@ body:not(.welcome-ready) #welcome-screen {
 }
 
 /* ── Tasks ── */
+#tool-tasks-btn.task-failure-pending,
+#rail-tasks.task-failure-pending {
+  color: var(--red, #f87171);
+}
+#tool-tasks-btn.task-failure-pending::after,
+#rail-tasks.task-failure-pending::after {
+  content: '';
+  width: 7px;
+  height: 7px;
+  border-radius: 999px;
+  background: var(--red, #f87171);
+  box-shadow: 0 0 7px var(--red, #f87171), 0 0 3px var(--red, #f87171);
+  flex: 0 0 auto;
+}
+#rail-tasks.task-failure-pending::after {
+  position: absolute;
+  right: 8px;
+  top: 8px;
+}
 .tasks-modal-content { max-width: 600px; width: min(600px, 92vw); background: var(--bg); font-size: 12px; }
 
 /* Tasks tabs reuse the .memory-tab look. The Brain window's tab bar is
@@ -22449,6 +22810,14 @@ body:not(.welcome-ready) #welcome-screen {
      title still reads in dark mode. Lightness stays adaptive. */
   color: hsl(var(--cat-hue) 60% 60%);
 }
+.task-log-failed-tag {
+  color: var(--red, #f87171);
+  font-size: 10px;
+  font-weight: 700;
+  line-height: 1;
+  white-space: nowrap;
+  margin-left: -2px;
+}
 .task-log-task-icon {
   display: inline-flex;
   align-items: center;
@@ -23152,6 +23521,8 @@ input.settings-select::placeholder { color: color-mix(in srgb, var(--fg) 35%, tr
   gap: 6px;
   padding-left: 12px;
   border-left: 2px solid color-mix(in srgb, var(--fg) 12%, transparent);
+  max-width: 100%;
+  box-sizing: border-box;
 }
 .settings-fallback-num {
   font-size: 11px;
@@ -23159,7 +23530,24 @@ input.settings-select::placeholder { color: color-mix(in srgb, var(--fg) 35%, tr
   min-width: 14px;
   text-align: right;
 }
-.settings-fallback-row .settings-select { flex: 1; min-width: 0; }
+.settings-fallback-row .settings-select {
+  width: 0;
+  min-width: 0;
+  min-inline-size: 0;
+  box-sizing: border-box;
+  overflow: hidden;
+  text-overflow: ellipsis;
+}
+.settings-fallback-row .settings-select:first-of-type {
+  flex: 0 1 128px;
+  width: 128px;
+  max-width: 34%;
+}
+.settings-fallback-row .settings-select:nth-of-type(2) {
+  flex: 1 1 0;
+  width: 0;
+  max-width: 100%;
+}
 /* Cookbook Serve Advanced fold — wraps the rarely-touched tuning rows
    (KV/Attention/Swap/Env for vLLM, llama.cpp batch/cache/split, VRAM
    monitor, speculative, extra args). Matches the existing .hwfit-panel-
@@ -23240,6 +23628,40 @@ details.hwfit-serve-advanced > .hwfit-serve-row label select,
 details.hwfit-serve-advanced > .hwfit-serve-row label input {
   margin-top: 1px;
 }
+details.hwfit-serve-advanced label:has(.hwfit-sf[data-field="vllm_attn_backend"]) {
+  position: relative;
+  left: -83px;
+}
+details.hwfit-serve-advanced label:has(.hwfit-sf[data-field="vllm_block_size"]) {
+  position: relative;
+  left: -51px;
+}
+details.hwfit-serve-advanced .hwfit-sf[data-field="vllm_block_size"] {
+  width: calc(100% - 6px);
+}
+details.hwfit-serve-advanced label:has(.hwfit-sf[data-field="swap"]) {
+  position: relative;
+  left: -45px;
+}
+details.hwfit-serve-advanced label:has(.hwfit-sf[data-field="vllm_kv_cache_dtype"]) {
+  position: relative;
+  left: 2px;
+}
+@media (max-width: 768px) {
+  details.hwfit-serve-advanced label:has(.hwfit-sf[data-field="vllm_block_size"]) {
+    left: 1px;
+  }
+  details.hwfit-serve-advanced label:has(.hwfit-sf[data-field="swap"]) {
+    left: -3px;
+  }
+  details.hwfit-serve-advanced > .hwfit-serve-checks .hwfit-sf-cb {
+    flex: 1 1 100%;
+  }
+}
+details.hwfit-serve-advanced .hwfit-sf[data-field="vllm_kv_cache_dtype"] {
+  width: 60px;
+  min-width: 60px;
+}
 details.hwfit-serve-advanced > .hwfit-serve-checks {
   gap: 4px;
   row-gap: 4px;
@@ -23253,6 +23675,9 @@ details.hwfit-serve-advanced > .hwfit-serve-checks.hwfit-backend-sglang,
 details.hwfit-serve-advanced > .hwfit-serve-extra {
   margin-top: -8px;
 }
+details.hwfit-serve-advanced > .hwfit-serve-extra {
+  margin-top: -18px;
+}
 details.hwfit-serve-advanced > .hwfit-serve-row:last-of-type,
 details.hwfit-serve-advanced > .hwfit-serve-checks:last-of-type {
   margin-bottom: 0;
@@ -23260,7 +23685,6 @@ details.hwfit-serve-advanced > .hwfit-serve-checks:last-of-type {
 
 .settings-fallback-remove {
   flex-shrink: 0;
-  margin-right: 4px;
   width: 32px;
   height: 32px;
   display: inline-flex;
@@ -29267,8 +29691,15 @@ button .spinner-whirlpool {
 .email-reader-atts-wrap > .email-reader-atts {
   border-bottom: none !important;
 }
-.email-reader-atts-wrap.collapsed > .email-reader-atts { display: none; }
+.email-reader-atts-wrap.collapsed > .email-reader-atts,
+.email-reader-atts-wrap.collapsed > .email-reader-atts-hidden-note { display: none; }
 .email-reader-atts-wrap.collapsed .email-summary-chevron { transform: rotate(-90deg); }
+.email-reader-atts-hidden-note {
+  padding: 0 14px 6px;
+  font-size: 10px;
+  color: var(--fg-muted);
+  opacity: 0.65;
+}
 
 /* Quote fold = neutral full-width band (matches attachments header). */
 .email-quote-fold {
@@ -30428,22 +30859,27 @@ body.doc-find-active mark.doc-find-mark.current {
      attribute tooltips were slow / unreliable, so we just grow the chip. */
   max-width: 90vw;
 }
-.email-attachment-chip > span:not(.att-size) {
+.email-attachment-chip > span:not(.att-size):not(.email-attachment-open) {
   overflow: hidden; text-overflow: ellipsis; white-space: nowrap;
   flex: 1 1 auto; min-width: 0;
 }
-.email-attachment-chip:hover > span:not(.att-size) {
+.email-attachment-chip:hover > span:not(.att-size):not(.email-attachment-open) {
   overflow: visible;
   text-overflow: clip;
 }
 .email-attachment-chip .att-size { opacity: 0.5; font-size: 10px; flex-shrink: 0; }
+.email-attachment-chip-muted { opacity: 0.65; }
+.email-attachment-chip-muted:hover { opacity: 1; }
+.email-attachment-chip-related {
+  border-color: color-mix(in srgb, var(--accent) 30%, var(--border));
+}
 /* "Open in editor" launch icon — same prominent style on desktop AND mobile
    (was 24px / dim / no border on desktop, easy to miss). Accent-tinted
    background + border makes it read as a real action. */
 .email-attachment-open {
   display: inline-flex; align-items: center; gap: 4px;
-  height: 22px; padding: 0 9px; border-radius: 11px;
-  margin-left: 6px; flex-shrink: 0;
+  height: 22px; padding: 0 9px; border-radius: 999px;
+  margin-left: 6px; flex: 0 0 auto;
   font-size: 10px; font-weight: 500; letter-spacing: 0.02em;
   color: var(--accent-primary, var(--red));
   background: color-mix(in srgb, var(--accent-primary, var(--red)) 10%, transparent);
@@ -30466,7 +30902,8 @@ body.doc-find-active mark.doc-find-mark.current {
   display: none;
 }
 .email-attachment-chip:not(:hover) .email-attachment-open {
-  width: 22px;
+  width: 28px;
+  min-width: 28px;
   padding: 0;
   justify-content: center;
   gap: 0;
@@ -35930,6 +36367,13 @@ body.research-panel-view #research-divider { display:none; }
   font-size: 14px;
   font-weight: 600;
   letter-spacing: -0.03em;
+  position: relative;
+  top: 2px;
+}
+.research-new-job > .doclib-desc {
+  position: relative;
+  top: 4px;
+  margin-bottom: 6px;
 }
 @media (max-width: 600px) {
   /* Keep the "Research" title visible on mobile (matches the Cookbook tab
@@ -36418,6 +36862,7 @@ body.research-panel-view #research-divider { display:none; }
 }
 .research-section:not(.collapsed) > .research-section-header { border-bottom: 1px solid var(--border); }
 .research-section-header:hover { background: color-mix(in srgb, var(--fg) 4%, transparent); }
+.research-section-header:has(.research-library-hint) { padding-bottom: 4px; }
 .research-section-title { font-size: 14px; font-weight: 600; letter-spacing: -0.03em; }
 .research-section-chevron { flex-shrink: 0; opacity: 0.55; transition: transform 0.2s ease; }
 .research-section.collapsed .research-section-chevron { transform: rotate(-90deg); }
@@ -37065,7 +37510,8 @@ body.theme-frosted .modal {
 .research-library-hint {
   /* full-width line in the header, pulled up with negative MARGIN (collapses
      the gap so it moves up without making the header taller). */
-  width: 100%; flex-basis: 100%; margin: -22px 0 0; line-height: 1.2;
+  width: 100%; flex-basis: 100%; margin: -26px 0 0; line-height: 1.2;
+  font-size: calc(1em - 2px); opacity: 0.55;
 }
 .research-library-link {
   background: none; border: none; padding: 0; cursor: pointer;
diff --git a/tests/test_cookbook_cpu_only_serve.py b/tests/test_cookbook_cpu_only_serve.py
index b46c3e080..5fbd333c6 100644
--- a/tests/test_cookbook_cpu_only_serve.py
+++ b/tests/test_cookbook_cpu_only_serve.py
@@ -16,6 +16,7 @@ from pathlib import Path
 
 SRC = Path(__file__).resolve().parent.parent / "static/js/cookbook.js"
 SERVE_SRC = Path(__file__).resolve().parent.parent / "static/js/cookbookServe.js"
+ROUTES_SRC = Path(__file__).resolve().parent.parent / "routes/cookbook_routes.py"
 
 
 def test_cpu_only_drops_gpu_only_flags():
@@ -51,3 +52,32 @@ def test_windows_diffusers_uses_python_not_python3():
     assert "const diffusersPy = _isWindows() ? 'python' : _py3Bin;" in text
     assert "cmd += `${diffusersPy} scripts/diffusion_server.py" in text
     assert "cmd += `python3 scripts/diffusion_server.py" not in text
+
+
+def test_vllm_blank_swap_omits_swap_space_flag():
+    text = SRC.read_text(encoding="utf-8")
+
+    assert "const _swapRaw = (f.swap ?? '').toString().trim().toLowerCase();" in text
+    assert "['0', 'off', 'none', 'false'].includes(_swapRaw)" in text
+    assert "if (_swapRaw && !['0', 'off', 'none', 'false'].includes(_swapRaw)) cmd += ` --swap-space ${_swapRaw}`;" in text
+
+
+def test_serve_preflight_uses_selected_server_not_stale_env_host():
+    text = SERVE_SRC.read_text(encoding="utf-8")
+
+    assert "const _selectedServeTarget = (() => {" in text
+    assert "const _hostStr = _selectedServeTarget.host || '';" in text
+    assert "(t.remoteHost || '') === _hostStr" in text
+    assert "const _probeHost = (_selectedServeTarget.host || '').trim();" in text
+    assert "const _portHost = (_selectedServeTarget.host || '').trim();" in text
+
+
+def test_vllm_route_strips_swap_space_when_runtime_rejects_it():
+    text = ROUTES_SRC.read_text(encoding="utf-8")
+
+    assert "Removing --swap-space 0; off is represented by omitting the vLLM flag." in text
+    assert "vLLM serve does not support --swap-space; removing it" in text
+    assert "ODYSSEUS_VLLM_HELP_CMD" in text
+    assert "print(shlex.join(parts[:serve_i + 1] + [\"--help\"]))" in text
+    assert "eval \"$ODYSSEUS_VLLM_HELP_CMD\" 2>&1 | grep -q -- \"--swap-space\"" in text
+    assert "eval \"$ODYSSEUS_SERVE_CMD\"" in text
diff --git a/tests/test_copy_message_strips_thinking_js.py b/tests/test_copy_message_strips_thinking_js.py
index 4c88bb6d4..4c912925c 100644
--- a/tests/test_copy_message_strips_thinking_js.py
+++ b/tests/test_copy_message_strips_thinking_js.py
@@ -126,6 +126,27 @@ def test_plain_reply_copy_text_is_unchanged(node_available):
     assert out["content"] == raw
 
 
+def test_minimax_namespaced_thinking_is_extracted(node_available):
+    raw = (
+        '<mm:think>The user said "idk" - just casual.</mm:think>'
+        "Haha fair. Well, I'm here whenever you figure it out."
+    )
+    out = _extract_thinking_blocks(raw)
+
+    assert out["thinkingBlocks"] == ['The user said "idk" - just casual.']
+    assert out["content"] == "Haha fair. Well, I'm here whenever you figure it out."
+    assert "mm:think" not in out["content"]
+
+
+def test_minimax_orphan_closing_tag_drops_leaked_reasoning(node_available):
+    raw = "</mm:think>Hi! What can I do for you?"
+    out = _extract_thinking_blocks(raw)
+
+    assert out["thinkingBlocks"] == []
+    assert out["content"] == "Hi! What can I do for you?"
+    assert "mm:think" not in out["content"]
+
+
 def test_thinking_only_message_yields_empty_content(node_available):
     # The copy handler falls back to the raw text in this case so the button
     # still copies something for turns interrupted mid-thinking.

From 92daf4e56049a00aa1b8aa43c8f4afc37b27bc80 Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Mon, 22 Jun 2026 01:49:15 +0000
Subject: [PATCH 18/22] Cookbook launch and gallery upload fixes

---
 routes/cookbook_routes.py                     |  13 ++
 routes/model_routes.py                        |  62 +++++-
 routes/shell_routes.py                        |   4 +-
 routes/upload_routes.py                       |  79 ++++++-
 src/llm_core.py                               |   5 +-
 src/tool_parsing.py                           | 126 ++++++++++-
 static/js/cookbook.js                         | 112 ++++++++--
 static/js/cookbookDownload.js                 |  23 +-
 static/js/cookbookRunning.js                  | 173 ++++++++++++---
 static/js/cookbookServe.js                    | 197 ++++++++++++++++--
 static/js/modelPicker.js                      |  58 ++++--
 static/js/notes.js                            |  20 +-
 static/style.css                              | 186 +++++++++++++++--
 ..._example_not_executed_for_native_models.py |  54 +++++
 tests/test_upload_multifile.py                |  70 +++++++
 15 files changed, 1047 insertions(+), 135 deletions(-)

diff --git a/routes/cookbook_routes.py b/routes/cookbook_routes.py
index 3308d26ae..89f15543d 100644
--- a/routes/cookbook_routes.py
+++ b/routes/cookbook_routes.py
@@ -2446,6 +2446,17 @@ def setup_cookbook_routes() -> APIRouter:
 
             disk_tasks = on_disk.get("tasks") or [] if isinstance(on_disk, dict) else []
             incoming_tasks = data.get("tasks") if isinstance(data.get("tasks"), list) else []
+            incoming_removed = data.get("removedTasks") if isinstance(data.get("removedTasks"), dict) else {}
+            disk_removed = on_disk.get("removedTasks") if isinstance(on_disk, dict) and isinstance(on_disk.get("removedTasks"), dict) else {}
+            removed_tasks = {**disk_removed, **incoming_removed}
+            data["removedTasks"] = removed_tasks
+            removed_ids = set(removed_tasks.keys())
+            if removed_ids:
+                incoming_tasks = [
+                    t for t in incoming_tasks
+                    if not (isinstance(t, dict) and t.get("sessionId") in removed_ids)
+                ]
+                data["tasks"] = incoming_tasks
             # Anti-poisoning guard: a stale browser tab can keep POSTing a
             # download task as status='done' from before the strict-finish
             # fix landed, undoing any server-side correction. For each
@@ -2483,6 +2494,8 @@ def setup_cookbook_routes() -> APIRouter:
                 sid = t.get("sessionId")
                 if not sid or sid in incoming_ids:
                     continue  # client's version wins
+                if sid in removed_ids:
+                    continue  # intentional cross-device clear/remove
                 ts = t.get("ts") or 0
                 if isinstance(ts, (int, float)) and (now_ms - ts) <= RACE_WINDOW_MS:
                     preserved.append(t)
diff --git a/routes/model_routes.py b/routes/model_routes.py
index 69e882d60..89636b310 100644
--- a/routes/model_routes.py
+++ b/routes/model_routes.py
@@ -714,6 +714,16 @@ def _effective_endpoint_kind(ep: Any, base_url: str) -> str:
     return "auto"
 
 
+def _is_loading_model_response(resp: Any) -> bool:
+    if getattr(resp, "status_code", None) != 503:
+        return False
+    try:
+        body = resp.text or ""
+    except Exception:
+        body = ""
+    return "loading model" in body.lower()
+
+
 
 def _probe_endpoint(base_url: str, api_key: str = None, timeout: int = 5) -> List[str]:
     """Probe a base URL's /models endpoint and return list of model IDs.
@@ -778,6 +788,9 @@ def _probe_endpoint(base_url: str, api_key: str = None, timeout: int = 5) -> Lis
                         models.append(_e)
             return [m for m in models if _is_chat_model(m)]
     except httpx.HTTPStatusError as e:
+        if e.response is not None and _is_loading_model_response(e.response):
+            logger.info(f"Endpoint still loading model at {url}")
+            return []
         if api_key:
             status = e.response.status_code if e.response is not None else "unknown"
             logger.warning(f"Failed to probe {url} with API key: HTTP {status}")
@@ -827,6 +840,15 @@ def _ping_endpoint(base_url: str, api_key: str = None, timeout: float = 1.5) ->
         or "ollama" in (parsed_base.hostname or "").lower()
     )
 
+    def _is_loading_model_response(r) -> bool:
+        if getattr(r, "status_code", None) != 503:
+            return False
+        try:
+            body = r.text or ""
+        except Exception:
+            body = ""
+        return "loading model" in body.lower()
+
     def _result_from_response(r) -> Dict[str, Any]:
         if 300 <= r.status_code < 400:
             loc = r.headers.get("location", "")
@@ -843,6 +865,13 @@ def _ping_endpoint(base_url: str, api_key: str = None, timeout: float = 1.5) ->
                 "status_code": r.status_code,
                 "error": None,
             }
+        if _is_loading_model_response(r):
+            return {
+                "reachable": True,
+                "loading": True,
+                "status_code": r.status_code,
+                "error": "Loading model",
+            }
         return {"reachable": False, "status_code": r.status_code, "error": f"HTTP {r.status_code}"}
 
     last_error: Optional[str] = None
@@ -1427,7 +1456,7 @@ def setup_model_routes(model_discovery):
                 t0 = _time.time()
                 ping = _ping_endpoint(base, ep.api_key, timeout=1.5)
                 entry["latency_ms"] = round((_time.time() - t0) * 1000)
-                entry["status"] = "online" if ping.get("reachable") or cached_count else "offline"
+                entry["status"] = "loading" if ping.get("loading") else ("online" if ping.get("reachable") or cached_count else "offline")
                 entry["error"] = ping.get("error")
                 entry["model_count"] = cached_count or (len(ANTHROPIC_MODELS) if provider == "anthropic" else 0)
             except Exception as e:
@@ -1606,7 +1635,32 @@ def setup_model_routes(model_discovery):
                     ping_timeout = 10.0 if _classify_endpoint(base_for_ping, kind_for_ping) == "local" else 3.5
                     ping = _ping_endpoint(r.base_url, r.api_key, timeout=ping_timeout)
                     if ping.get("reachable"):
-                        status = "empty"
+                        status = "loading" if ping.get("loading") else "empty"
+                        if ping.get("loading"):
+                            base = _normalize_base(r.base_url)
+                            kind = _effective_endpoint_kind(r, base)
+                            results.append({
+                                "id": r.id,
+                                "name": r.name,
+                                "base_url": r.base_url,
+                                "has_key": bool(r.api_key),
+                                "api_key_fingerprint": _api_key_fingerprint(r.api_key),
+                                "is_enabled": r.is_enabled,
+                                "models": visible,
+                                "pinned_models": pinned,
+                                "hidden_count": len(hidden),
+                                "online": True,
+                                "status": status,
+                                "ping_error": (ping or {}).get("error") if ping else None,
+                                "model_type": getattr(r, "model_type", None) or "llm",
+                                "supports_tools": getattr(r, "supports_tools", None),
+                                "endpoint_kind": kind,
+                                "category": _classify_endpoint(base, kind),
+                                "model_refresh_mode": _endpoint_refresh_mode(r, kind),
+                                "model_refresh_interval": getattr(r, "model_refresh_interval", None),
+                                "model_refresh_timeout": getattr(r, "model_refresh_timeout", None),
+                            })
+                            continue
                         # Best-effort: if the probe came back reachable, try
                         # to populate cached_models in the background so the
                         # NEXT picker load shows "online" instead of "empty".
@@ -1859,7 +1913,7 @@ def setup_model_routes(model_discovery):
             "models": _merge_model_ids(model_ids, _pinned),
             "pinned_models": _pinned,
             "online": bool(model_ids) or bool(_pinned) or bool(ping.get("reachable")),
-            "status": "online" if (model_ids or _pinned) else ("empty" if ping.get("reachable") else "offline"),
+            "status": "online" if (model_ids or _pinned) else ("loading" if ping.get("loading") else ("empty" if ping.get("reachable") else "offline")),
             "ping_error": ping.get("error") if ping else None,
             "endpoint_kind": requested_kind,
             "category": _classify_endpoint(base_url, requested_kind),
@@ -1888,7 +1942,7 @@ def setup_model_routes(model_discovery):
         return {
             "base_url": base_url,
             "online": bool(models) or bool(ping.get("reachable")),
-            "status": "online" if models else ("empty" if ping.get("reachable") else "offline"),
+            "status": "online" if models else ("loading" if ping.get("loading") else ("empty" if ping.get("reachable") else "offline")),
             "ping_error": ping.get("error") if ping else None,
             "models": models,
             "count": len(models),
diff --git a/routes/shell_routes.py b/routes/shell_routes.py
index 52b39e3bb..d133b9254 100644
--- a/routes/shell_routes.py
+++ b/routes/shell_routes.py
@@ -1108,7 +1108,7 @@ def setup_shell_routes() -> APIRouter:
             {
                 "name": "llama_cpp",
                 "pip": "llama-cpp-python[server]",
-                "desc": "Serve GGUF models via llama.cpp",
+                "desc": "Great for single-GPU or CPU inference with GGUF models",
                 "category": "LLM",
                 "target": "remote",
                 # Build-toolchain prereqs. Cookbook's launch bootstrap
@@ -1129,7 +1129,7 @@ def setup_shell_routes() -> APIRouter:
             {
                 "name": "vllm",
                 "pip": "vllm",
-                "desc": "High-throughput LLM serving engine",
+                "desc": "Great for high-throughput multi-GPU inference",
                 "category": "LLM",
                 "target": "remote",
             },
diff --git a/routes/upload_routes.py b/routes/upload_routes.py
index 1e197dd49..8b8f2d292 100644
--- a/routes/upload_routes.py
+++ b/routes/upload_routes.py
@@ -3,11 +3,16 @@ import os
 import time
 import json
 import asyncio
+import shutil
+import uuid
+from pathlib import Path
 from fastapi import APIRouter, Request, File, UploadFile, HTTPException
 from typing import List
 import logging
 from core.middleware import require_admin
+from core.database import SessionLocal, GalleryImage
 from src.auth_helpers import effective_user
+from src.constants import GENERATED_IMAGES_DIR
 from src.upload_handler import count_recent_uploads
 
 logger = logging.getLogger(__name__)
@@ -50,6 +55,69 @@ def setup_upload_routes(upload_handler):
             raise HTTPException(404, "File not found")
 
         raise HTTPException(404, "File not found")
+
+    def _promote_chat_image_to_gallery(meta: dict, owner: str | None) -> str | None:
+        """Make chat-uploaded images visible in Gallery without changing chat storage."""
+        is_image_file = getattr(upload_handler, "is_image_file", None)
+        if not callable(is_image_file):
+            return None
+        if not is_image_file(meta.get("name", ""), meta.get("mime", "")):
+            return None
+
+        source_path = meta.get("path")
+        if not source_path or not os.path.isfile(source_path):
+            return None
+
+        db = SessionLocal()
+        try:
+            file_hash = meta.get("hash")
+            if file_hash:
+                q = db.query(GalleryImage).filter(
+                    GalleryImage.file_hash == file_hash,
+                    GalleryImage.is_active == True,  # noqa: E712
+                )
+                if owner:
+                    q = q.filter(GalleryImage.owner == owner)
+                existing = q.first()
+                if existing:
+                    return existing.id
+
+            image_dir = Path(GENERATED_IMAGES_DIR)
+            image_dir.mkdir(parents=True, exist_ok=True)
+            ext = Path(meta.get("name") or source_path).suffix.lower()
+            if ext not in {".png", ".jpg", ".jpeg", ".webp", ".gif"}:
+                mime_ext = {
+                    "image/png": ".png",
+                    "image/jpeg": ".jpg",
+                    "image/jpg": ".jpg",
+                    "image/webp": ".webp",
+                    "image/gif": ".gif",
+                }.get(meta.get("mime", ""))
+                ext = mime_ext or ".png"
+            filename = f"{uuid.uuid4().hex[:12]}{ext}"
+            dest_path = image_dir / filename
+            shutil.copy2(source_path, dest_path)
+
+            image_id = str(uuid.uuid4())
+            db.add(GalleryImage(
+                id=image_id,
+                filename=filename,
+                prompt=meta.get("name") or "Chat upload",
+                model="chat-upload",
+                owner=owner,
+                file_hash=file_hash,
+                width=meta.get("width"),
+                height=meta.get("height"),
+                file_size=meta.get("size"),
+            ))
+            db.commit()
+            return image_id
+        except Exception as e:
+            db.rollback()
+            logger.warning("Failed to add chat image upload to gallery: %s", e)
+            return None
+        finally:
+            db.close()
     
     @router.post("")
     async def api_upload(request: Request, files: List[UploadFile] = File(...)):
@@ -78,8 +146,10 @@ def setup_upload_routes(upload_handler):
         
         for u in files:
             try:
-                meta = upload_handler.save_upload(u, client_ip, owner=effective_user(request))
-                out.append({
+                owner = effective_user(request)
+                meta = upload_handler.save_upload(u, client_ip, owner=owner)
+                gallery_id = _promote_chat_image_to_gallery(meta, owner)
+                item = {
                     "id": meta["id"],
                     "name": meta["name"],
                     "mime": meta["mime"],
@@ -89,7 +159,10 @@ def setup_upload_routes(upload_handler):
                     "width": meta.get("width"),
                     "height": meta.get("height"),
                     "is_duplicate": meta.get("is_duplicate", False)
-                })
+                }
+                if gallery_id:
+                    item["gallery_id"] = gallery_id
+                out.append(item)
             except HTTPException:
                 raise
             except Exception as e:
diff --git a/src/llm_core.py b/src/llm_core.py
index 9981e41e2..20a4b544c 100644
--- a/src/llm_core.py
+++ b/src/llm_core.py
@@ -907,7 +907,10 @@ def _anthropic_rejects_temperature(model: str) -> bool:
     return (int(match.group(1)), int(match.group(2))) >= (4, 7)
 
 # Models that support structured thinking — may output </think> without opening tag
-_THINKING_MODEL_PATTERNS = ("qwen3", "qwq", "deepseek-r1", "deepseek-reasoner", "minimax", "m2-reap", "gemma")
+_THINKING_MODEL_PATTERNS = (
+    "qwen3", "qwq", "deepseek-r1", "deepseek-reasoner", "minimax",
+    "m2-reap", "gemma", "stepfun", "step-3", "step3",
+)
 
 def _supports_thinking(model: str) -> bool:
     """Check if model supports structured thinking output."""
diff --git a/src/tool_parsing.py b/src/tool_parsing.py
index c9548cce9..7a0638973 100644
--- a/src/tool_parsing.py
+++ b/src/tool_parsing.py
@@ -39,6 +39,10 @@ _XML_TOOL_CALL_RE = re.compile(
     r"<(?:[\w]+:)?(?:tool_call|function_call)>\s*([\s\S]*?)</(?:[\w]+:)?(?:tool_call|function_call)>",
     re.IGNORECASE,
 )
+_XML_OPEN_TOOL_CALL_RE = re.compile(
+    r"<(?:[\w]+:)?(?:tool_call|function_call)>\s*([\s\S]*)\Z",
+    re.IGNORECASE,
+)
 _XML_INVOKE_RE = re.compile(
     r'<invoke\s+name=["\'](\w+)["\']>\s*([\s\S]*?)</invoke>',
     re.IGNORECASE,
@@ -47,6 +51,24 @@ _XML_PARAM_RE = re.compile(
     r'<parameter\s+name=["\'](\w+)["\']>([\s\S]*?)</parameter>',
     re.IGNORECASE,
 )
+_XML_DIRECT_TOOL_RE = re.compile(
+    r"<\s*([A-Za-z_][\w-]*)\s*>([\s\S]*?)</\s*\1\s*>",
+    re.IGNORECASE,
+)
+
+# Pattern 3b: StepFun Step-3.x native tool-call tokens. The tokenizer defines:
+#   <｜tool▁calls▁begin｜> ... <｜tool▁calls▁end｜>
+#   <｜tool▁call▁begin｜>tool_name<｜tool▁sep｜>{...}<｜tool▁call▁end｜>
+# These can leak as text through llama.cpp/Ollama-style endpoints when the
+# engine does not return structured OpenAI tool_calls.
+_STEPFUN_TOOL_CALL_RE = re.compile(
+    r"<｜tool▁call▁begin｜>\s*([A-Za-z_][\w.-]*)\s*<｜tool▁sep｜>\s*([\s\S]*?)\s*<｜tool▁call▁end｜>",
+    re.IGNORECASE,
+)
+_STEPFUN_TOOL_CALLS_WRAPPER_RE = re.compile(
+    r"</?｜tool▁calls▁(?:begin|end)｜>",
+    re.IGNORECASE,
+)
 
 # Pattern 4: <tool_code> blocks (MiniMax-M2.5 style)
 # {tool => 'tool_name', args => '<param>value</param>'}
@@ -446,6 +468,76 @@ def _parse_xml_invoke(inv_match) -> Optional[ToolBlock]:
     return function_call_to_tool_block(tool_name, json.dumps(params))
 
 
+def _parse_xml_direct_tool(tool_match) -> Optional[ToolBlock]:
+    """Parse direct XML tool tags inside <tool_call>.
+
+    Some local models emit:
+      <tool_call><web_search>query</web_search></tool_call>
+    instead of the invoke/parameter shape:
+      <tool_call><invoke name="web_search"><parameter name="query">query</parameter></invoke></tool_call>
+    Keep this as an adapter to the canonical function-call converter so aliases
+    and per-tool argument formatting stay in one place.
+    """
+    tool_name = tool_match.group(1).lower().replace("-", "_")
+    if tool_name in {"invoke", "parameter", "tool_call", "function_call"}:
+        return None
+    mapped = _TOOL_NAME_MAP.get(tool_name) or (tool_name if tool_name in TOOL_TAGS else None)
+    if not mapped:
+        return None
+    body = tool_match.group(2).strip()
+    if not body:
+        return None
+    try:
+        params = json.loads(body)
+        if not isinstance(params, dict):
+            params = {}
+    except json.JSONDecodeError:
+        if mapped == "web_search":
+            params = {"query": body}
+        elif mapped == "web_fetch":
+            params = {"url": body}
+        elif mapped == "bash":
+            params = {"command": body}
+        elif mapped == "python":
+            params = {"code": body}
+        elif mapped in ("read_file", "write_file"):
+            params = {"path": body}
+        else:
+            params = {"content": body}
+    from src.tool_schemas import function_call_to_tool_block
+    return function_call_to_tool_block(mapped, json.dumps(params))
+
+
+def _parse_stepfun_tool_call(call_match) -> Optional[ToolBlock]:
+    """Parse StepFun native tool-call tokens into an Odysseus ToolBlock."""
+    tool_name = call_match.group(1).lower().replace("-", "_").replace(".", "_")
+    mapped = _TOOL_NAME_MAP.get(tool_name) or (tool_name if tool_name in TOOL_TAGS else None)
+    if not mapped:
+        return None
+    body = call_match.group(2).strip()
+    if not body:
+        return None
+    try:
+        params = json.loads(body)
+        if not isinstance(params, dict):
+            params = {}
+    except json.JSONDecodeError:
+        if mapped == "web_search":
+            params = {"query": body}
+        elif mapped == "web_fetch":
+            params = {"url": body}
+        elif mapped == "bash":
+            params = {"command": body}
+        elif mapped == "python":
+            params = {"code": body}
+        elif mapped in ("read_file", "write_file"):
+            params = {"path": body}
+        else:
+            params = {"content": body}
+    from src.tool_schemas import function_call_to_tool_block
+    return function_call_to_tool_block(mapped, json.dumps(params))
+
+
 def _parse_tool_code_block(raw: str) -> Optional[ToolBlock]:
     """Parse a <tool_code>{tool => 'name', args => '...'}</tool_code> block (MiniMax style)."""
     # Extract tool name
@@ -511,8 +603,9 @@ def parse_tool_blocks(text: str, skip_fenced: bool = False) -> List[ToolBlock]:
     2. [TOOL_CALL] ... [/TOOL_CALL] blocks (some models)
     3. XML-style <tool_call>/<invoke> blocks
     4. <tool_code> blocks (MiniMax-M2.5 style)
-    5. DeepSeek DSML markup (normalized to <invoke> first)
-    6. Non-native local model fallback: prose mentioning web_search followed by
+    5. StepFun Step-3 native <｜tool▁call▁begin｜> tokens
+    6. DeepSeek DSML markup (normalized to <invoke> first)
+    7. Non-native local model fallback: prose mentioning web_search followed by
        bare JSON args, e.g. {"query":"...", "time_filter":"week"}
 
     `skip_fenced`: when True, Pattern 1 (fenced ```bash/```python/```json code
@@ -567,12 +660,38 @@ def parse_tool_blocks(text: str, skip_fenced: bool = False) -> List[ToolBlock]:
 
     # Pattern 3: XML-style <tool_call>/<invoke> blocks
     if not blocks:
+        for step_call in _STEPFUN_TOOL_CALL_RE.finditer(text):
+            block = _parse_stepfun_tool_call(step_call)
+            if block:
+                blocks.append(block)
+        if blocks:
+            return blocks
         # Try wrapped: <tool_call><invoke ...>...</invoke></tool_call>
         for m in _XML_TOOL_CALL_RE.finditer(text):
             for inv in _XML_INVOKE_RE.finditer(m.group(1)):
                 block = _parse_xml_invoke(inv)
                 if block:
                     blocks.append(block)
+            if not blocks:
+                for direct in _XML_DIRECT_TOOL_RE.finditer(m.group(1)):
+                    block = _parse_xml_direct_tool(direct)
+                    if block:
+                        blocks.append(block)
+        # Some local models stream an opening <tool_call> wrapper and a
+        # complete inner tool tag, but forget the closing </tool_call>.
+        if not blocks:
+            for m in _XML_OPEN_TOOL_CALL_RE.finditer(text):
+                body = m.group(1)
+                for inv in _XML_INVOKE_RE.finditer(body):
+                    block = _parse_xml_invoke(inv)
+                    if block:
+                        blocks.append(block)
+                if blocks:
+                    break
+                for direct in _XML_DIRECT_TOOL_RE.finditer(body):
+                    block = _parse_xml_direct_tool(direct)
+                    if block:
+                        blocks.append(block)
         # Try bare <invoke> without wrapper
         if not blocks:
             for inv in _XML_INVOKE_RE.finditer(text):
@@ -614,7 +733,10 @@ def strip_tool_blocks(text: str, skip_fenced: bool = False) -> str:
     text = _normalize_dsml(text)
     cleaned = text if skip_fenced else _TOOL_BLOCK_RE.sub('', text)
     cleaned = _TOOL_CALL_RE.sub('', cleaned)
+    cleaned = _STEPFUN_TOOL_CALL_RE.sub('', cleaned)
+    cleaned = _STEPFUN_TOOL_CALLS_WRAPPER_RE.sub('', cleaned)
     cleaned = _XML_TOOL_CALL_RE.sub('', cleaned)
+    cleaned = _XML_OPEN_TOOL_CALL_RE.sub('', cleaned)
     cleaned = _TOOL_CODE_RE.sub('', cleaned)
     if not skip_fenced:
         raw_web_json = _parse_raw_web_json_lookup(cleaned)
diff --git a/static/js/cookbook.js b/static/js/cookbook.js
index b778c1df9..43a3ad5d0 100644
--- a/static/js/cookbook.js
+++ b/static/js/cookbook.js
@@ -230,14 +230,30 @@ export function _isMetal() {
 }
 
 /** Detect model-specific vLLM optimizations */
+function _isStepFunStepModel(modelName) {
+  const n = (modelName || '').toLowerCase();
+  return n.includes('stepfun')
+    || n.includes('step-3')
+    || n.includes('step3')
+    || n.includes('step_3');
+}
+
 function _detectModelOptimizations(modelName) {
   const n = (modelName || '').toLowerCase();
   const opts = { envVars: [], flags: [], tips: [] };
 
+  // StepFun Step-3.x MoE models. Their tokenizer defines the Step tool-call
+  // and thinking tags; vLLM/SGLang need the step3p5 parser instead of generic
+  // Hermes/XML guesses, and the MoE backend should default to expert parallel.
+  if (_isStepFunStepModel(modelName)) {
+    opts.flags.push('--enable-expert-parallel');
+    opts.tips.push('StepFun Step-3 MoE: expert parallel');
+    opts.tips.push('StepFun parser: step3p5 for native tool calls and reasoning tags');
+  }
   // Qwen3.5 MoE models — MoE-specific env vars + expert-parallel.
   // The --reasoning-parser flag is added uniformly below via
   // _detectReasoningParser, no longer hardcoded here.
-  if (n.includes('qwen3.5') || n.includes('qwen3-') && (n.includes('a10b') || n.includes('a22b') || n.includes('a3b'))) {
+  else if (n.includes('qwen3.5') || n.includes('qwen3-') && (n.includes('a10b') || n.includes('a22b') || n.includes('a3b'))) {
     opts.envVars.push('VLLM_USE_DEEP_GEMM=0', 'VLLM_USE_FLASHINFER_MOE_FP16=1', 'VLLM_USE_FLASHINFER_SAMPLER=0', 'OMP_NUM_THREADS=4');
     opts.flags.push('--enable-expert-parallel');
     opts.tips.push('MoE optimizations: expert parallel + flashinfer MoE kernels');
@@ -312,6 +328,9 @@ function _detectModelOptimizations(modelName) {
  */
 export function _detectReasoningParser(modelName) {
   const n = (modelName || '').toLowerCase();
+  // StepFun Step-3.x uses Step's native <think> / tool-call tokens. vLLM
+  // registers this parser as step3p5.
+  if (_isStepFunStepModel(modelName)) return 'step3p5';
   // MiniMax M3 — newer vLLM nightly/parser builds use minimax_m3. This must
   // be checked before the M2.x rule and before the generic MiniMax tool parser.
   if (n.includes('minimax') && /\bm3\b/.test(n)) return 'minimax_m3';
@@ -348,6 +367,7 @@ export function _detectReasoningParser(modelName) {
  */
 export function _detectToolParser(modelName) {
   const n = (modelName || '').toLowerCase();
+  if (_isStepFunStepModel(modelName)) return 'step3p5';
   if (n.includes('qwen3') && n.includes('coder')) return 'qwen3_coder';
   if (n.includes('qwen3')) return 'qwen3_xml';
   if (n.includes('qwen')) return 'hermes';   // Qwen2.5 / Qwen2 / Qwen1.5
@@ -601,6 +621,13 @@ export function _buildServeCmd(f, modelName, backend) {
     if (f.dtype && f.dtype !== 'auto') cmd += ` --dtype ${f.dtype}`;
     if (f.max_seqs && f.max_seqs.toString().trim()) cmd += ` --max-running-requests ${f.max_seqs.toString().trim()}`;
     if (f.trust_remote) cmd += ' --trust-remote-code';
+    if (f.auto_tool) cmd += ` --enable-auto-tool-choice --tool-call-parser ${_detectToolParser(modelName)}`;
+    if (f.expert_parallel) cmd += ' --enable-expert-parallel';
+    if (f.reasoning_parser) {
+      const rp = typeof f.reasoning_parser === 'string' && f.reasoning_parser !== 'true'
+        ? f.reasoning_parser : (f._reasoning_parser_value || _detectReasoningParser(modelName) || '');
+      if (rp) cmd += ` --reasoning-parser ${rp}`;
+    }
     if (!f.prefix_cache) cmd += ' --disable-radix-cache';
     if (f.enforce_eager) cmd += ' --disable-cuda-graph';
   } else if (backend === 'llamacpp') {
@@ -909,10 +936,10 @@ async function _fetchDependencies() {
     // matches the engine you're configuring. Unknown packages get no
     // icon (the name alone is fine for librosa, hf_transfer, etc.).
     const _DEP_GLYPHS = {
-      vllm:    '<svg width="13" height="13" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.4" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true"><path d="M3 4l7 16 7-16"/><path d="M14 4l4 9 3-9"/></svg>',
-      sglang:  '<svg width="13" height="13" viewBox="0 0 24 24" fill="currentColor" stroke="none" aria-hidden="true"><polygon points="13 2 3 14 12 14 11 22 21 10 12 10 13 2"/></svg>',
-      llama_cpp: '<svg width="13" height="13" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true"><circle cx="12" cy="12" r="9"/><path d="M8 12h8M12 8v8"/></svg>',
-      ollama:  '<svg width="13" height="13" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true"><path d="M6 10a6 6 0 0 1 12 0v4a4 4 0 0 1-8 0v-1"/><circle cx="10" cy="9" r="1"/><circle cx="14" cy="9" r="1"/></svg>',
+      vllm: '<svg width="13" height="13" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.4" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true"><path d="M3 4l7 16 7-16"/><path d="M14 4l4 9 3-9"/></svg>',
+      sglang: '<span aria-hidden="true" style="display:block;width:13px;height:13px;background:currentColor;-webkit-mask:url(/static/icons/sglang-mark.png) center/contain no-repeat;mask:url(/static/icons/sglang-mark.png) center/contain no-repeat;"></span>',
+      llama_cpp: '<svg width="13" height="13" viewBox="0 0 600 600" fill="none" aria-hidden="true"><path d="M600 392L504.249 558L504.137 557.929C487.252 584.069 458.193 600 426.864 600H120L240 392H600Z" fill="currentColor"/><path d="M240 392H0L199.602 46.0254C216.032 17.5463 246.411 0 279.29 0H466.154L240 392Z" fill="currentColor"/></svg>',
+      ollama: '<img src="/static/icons/ollama-mark-crop.png" alt="" aria-hidden="true" width="13" height="13" style="display:block;width:13px;height:13px;object-fit:contain;" />',
       diffusers: '<svg width="13" height="13" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true"><circle cx="12" cy="12" r="4"/><path d="M12 2v3M12 19v3M2 12h3M19 12h3M5 5l2 2M17 17l2 2M5 19l2-2M17 7l2-2"/></svg>',
     };
     const _depGlyphHtml = (name) => {
@@ -2138,7 +2165,10 @@ function _wireTabEvents(body) {
         }
       }
       const shortName = repo.split('/').pop();
-      _retryDownload(shortName, payload);
+      const displayName = payload.include
+        ? `${shortName} · ${_ggufQuantFromPath(String(payload.include).replace(/\*/g, '')) || String(payload.include).replace(/\*/g, '').replace(/\.gguf$/i, '')}`
+        : shortName;
+      _retryDownload(displayName, payload);
       dlInput.value = '';
     };
     dlBtn.addEventListener('click', triggerDownload);
@@ -2179,18 +2209,13 @@ function _wireTabEvents(body) {
       const folded = dlFoldBody.classList.contains('is-folded');
       _setFolded(!folded);
     });
-    // Auto-fold on any downward scroll inside the cookbook modal,
-    // and auto-expand when the user scrolls all the way back to the
-    // top of whichever scroller they're in. The chevron ▸ still
-    // toggles manually.
+    // Auto-fold on any downward scroll inside the cookbook modal. Do not
+    // auto-expand on upward/top scroll — once the user collapses Download,
+    // it should stay collapsed until the header is clicked again.
     const _maybeFold = () => {
       if (dlFoldBody.classList.contains('is-folded')) return;
       _setFolded(true, /* persist */ false);
     };
-    const _maybeExpand = () => {
-      if (!dlFoldBody.classList.contains('is-folded')) return;
-      _setFolded(false, /* persist */ false);
-    };
     // Capture phase so scrolls on nested scrollers (.hwfit-list,
     // .cookbook-body, .modal-content) all hit us.
     const _modal = dlFold.closest('#cookbook-modal') || document;
@@ -2205,7 +2230,6 @@ function _wireTabEvents(body) {
       const y = tgt.scrollTop;
       const prev = _lastY.get(tgt) || 0;
       if (y > prev) _maybeFold();
-      else if (y <= 0) _maybeExpand();
       _lastY.set(tgt, y);
     }, true);
   }
@@ -2621,10 +2645,10 @@ function _renderRecipes() {
   html += `<input type="text" class="cookbook-dl-repo" id="cookbook-dl-repo" placeholder="org/model-name, qwen2.5:14b, or HF URL" style="flex:1;min-width:0;" />`;
   html += `<button class="cookbook-btn cookbook-dl-btn" id="cookbook-dl-btn">Download</button>`;
   html += `</div>`;
-  html += `<div id="cookbook-dl-gguf-row" style="display:none;margin-top:1px;gap:5px;align-items:center;font-size:11px;">`;
-  html += `<span style="opacity:0.65;flex-shrink:0;">GGUF</span>`;
-  html += `<select class="cookbook-field-input" id="cookbook-dl-gguf-quant" style="height:28px;min-width:118px;flex:0 0 auto;"></select>`;
-  html += `<span id="cookbook-dl-gguf-note" style="opacity:0.55;white-space:nowrap;overflow:hidden;text-overflow:ellipsis;"></span>`;
+  html += `<div id="cookbook-dl-gguf-row" class="cookbook-dl-gguf-row" style="display:none;">`;
+  html += `<span class="cookbook-dl-gguf-label">GGUF</span>`;
+  html += `<select class="cookbook-field-input" id="cookbook-dl-gguf-quant"></select>`;
+  html += `<span id="cookbook-dl-gguf-note"></span>`;
   html += `</div>`;
   // Ollama-library browse used to live here as its own collapsible dropdown,
   // but that duplicated the Engine filter (which already has Ollama). The
@@ -3047,6 +3071,56 @@ export function isVisible() {
   return !modal.classList.contains('hidden');
 }
 
+let _sharedSyncInFlight = false;
+let _sharedSyncLast = 0;
+async function _refreshSharedCookbookState(reason = '') {
+  if (!isVisible() || _sharedSyncInFlight) return;
+  const now = Date.now();
+  if (now - _sharedSyncLast < 1500) return;
+  _sharedSyncInFlight = true;
+  _sharedSyncLast = now;
+  try {
+    const ok = await _syncFromServer();
+    if (!ok) return;
+    try { Object.assign(_envState, _readStoredEnvState()); } catch {}
+    const modal = document.getElementById('cookbook-modal');
+    const activeTab = modal?.querySelector('.cookbook-tab.active')?.dataset?.backend || '';
+    if (activeTab === 'Running') {
+      _renderRunningTab();
+    } else if (activeTab === 'Settings') {
+      const active = document.activeElement;
+      const editingSettings = active && active.closest && active.closest('.cookbook-settings-stack');
+      if (!editingSettings) {
+        _renderRecipes();
+        const tab = document.querySelector('#cookbook-modal .cookbook-tab[data-backend="Settings"]');
+        if (tab) tab.click();
+      }
+    }
+  } catch (e) {
+    console.warn('[cookbook] shared state refresh failed', reason, e);
+  } finally {
+    _sharedSyncInFlight = false;
+  }
+}
+
+document.addEventListener('cookbook:state-synced', () => {
+  try { Object.assign(_envState, _readStoredEnvState()); } catch {}
+  if (isVisible()) {
+    const activeTab = document.querySelector('#cookbook-modal .cookbook-tab.active')?.dataset?.backend || '';
+    if (activeTab === 'Running') _renderRunningTab();
+  }
+});
+
+window.addEventListener('focus', () => { _refreshSharedCookbookState('focus'); });
+document.addEventListener('visibilitychange', () => {
+  if (document.visibilityState === 'visible') _refreshSharedCookbookState('visible');
+});
+setInterval(() => {
+  if (!isVisible()) return;
+  const activeTab = document.querySelector('#cookbook-modal .cookbook-tab.active')?.dataset?.backend || '';
+  if (activeTab === 'Running') _refreshSharedCookbookState('active-poll');
+}, 5000);
+
 // Close button
 document.addEventListener('DOMContentLoaded', () => {
   const closeBtn = document.getElementById('close-cookbook-modal');
diff --git a/static/js/cookbookDownload.js b/static/js/cookbookDownload.js
index 6ea07cc85..295189c28 100644
--- a/static/js/cookbookDownload.js
+++ b/static/js/cookbookDownload.js
@@ -85,6 +85,22 @@ function _ggufIncludePattern(model, source) {
   return '*.gguf';
 }
 
+function _ggufDisplayPartFromInclude(include) {
+  const clean = String(include || '').replace(/\*/g, '');
+  const parts = clean.split('/').filter(Boolean);
+  const file = parts[parts.length - 1] || clean;
+  const dir = parts.length > 1 ? parts[parts.length - 2] : '';
+  const quant = `${dir} ${file}`.match(/\b(?:UD-)?(?:IQ[1-8]_[A-Z0-9]+|Q[2-8]_K_[MLS]|Q[2-8]_[0-9A-Z]+|Q[2-8])\b/i);
+  if (quant) return quant[0].toUpperCase().replace(/^UD-/, '');
+  return file.replace(/\.gguf$/i, '').replace(/-\d{5}-of-\d{5}$/i, '');
+}
+
+function _downloadTaskName(shortName, payload) {
+  const include = payload?.include || '';
+  const part = include ? _ggufDisplayPartFromInclude(include) : '';
+  return part ? `${shortName} · ${part}` : shortName;
+}
+
 function _missingGgufMessage(model) {
   const name = model?.name || 'this model';
   if (/\bnvfp4\b/i.test(name)) {
@@ -519,6 +535,7 @@ export async function _runModelDownload(panel, model, backend, hostOverride) {
   }
 
   const shortName = (model.name || repo).split('/').pop();
+  const taskName = _downloadTaskName(shortName, payload);
   const targetHost = host || 'local';
 
   const tasks = _loadTasks();
@@ -576,7 +593,7 @@ export async function _runModelDownload(panel, model, backend, hostOverride) {
   if (activeOnHost) {
     const queueId = `queue-${Date.now().toString(36)}`;
     const allTasks = _loadTasks();
-    allTasks.push({ id: queueId, sessionId: queueId, name: shortName, type: 'download', status: 'queued', output: '', ts: Date.now(), payload, remoteHost: host });
+    allTasks.push({ id: queueId, sessionId: queueId, name: taskName, type: 'download', status: 'queued', output: '', ts: Date.now(), payload, remoteHost: host });
     _saveTasks(allTasks);
     _renderRunningTab();
     uiModule.showToast(`Queued ${shortName} — waiting for current download`);
@@ -601,8 +618,8 @@ export async function _runModelDownload(panel, model, backend, hostOverride) {
       uiModule.showToast('Download failed: ' + (data.error || ''), 9000);
       return;
     }
-    _addTask(data.session_id, shortName, 'download', payload);
-    uiModule.showToast(`Downloading ${shortName}...`);
+    _addTask(data.session_id, taskName, 'download', payload);
+    uiModule.showToast(`Downloading ${taskName}...`);
   } catch (e) {
     uiModule.showToast('Download failed: ' + e.message, 9000);
   }
diff --git a/static/js/cookbookRunning.js b/static/js/cookbookRunning.js
index fae84ce68..9fed23a8a 100644
--- a/static/js/cookbookRunning.js
+++ b/static/js/cookbookRunning.js
@@ -38,6 +38,47 @@ function _taskBadge(task) {
   return { text: _statusLabel(task.status, task.type), cls: 'cookbook-task-' + task.status };
 }
 
+function _ggufDisplayPartFromPath(path) {
+  const parts = String(path || '').split('/').filter(Boolean);
+  const file = parts[parts.length - 1] || '';
+  const dir = parts.length > 1 ? parts[parts.length - 2] : '';
+  const text = `${dir} ${file}`;
+  const quant = text.match(/\b(?:UD-)?(?:IQ[1-8]_[A-Z0-9]+|Q[2-8]_K_[MLS]|Q[2-8]_[0-9A-Z]+|Q[2-8])\b/i);
+  if (quant) return quant[0].toUpperCase().replace(/^UD-/, '');
+  return file.replace(/\.gguf$/i, '').replace(/-\d{5}-of-\d{5}$/i, '');
+}
+
+function _downloadDisplayName(name, task) {
+  const include = task?.payload?.include || '';
+  if (!include || String(name || '').includes(' · ')) return name;
+  const part = _ggufDisplayPartFromPath(include.replace(/\*/g, ''));
+  return part ? `${name} · ${part}` : name;
+}
+
+function _taskDisplayName(task) {
+  const name = String(task?.name || '').trim();
+  if (task?.type === 'download') return _downloadDisplayName(name, task);
+  if (task?.type !== 'serve') return name;
+  const gguf = task?.payload?._fields?.gguf_file || task?.payload?.gguf_file || '';
+  if (!gguf || name.includes(' · ')) return name;
+  const part = _ggufDisplayPartFromPath(gguf);
+  return part ? `${name} · ${part}` : name;
+}
+
+function _canLaunchDownloadedTask(task) {
+  return task?.type === 'download' && ['done', 'completed'].includes(task.status || '') && !!(task.payload?.repo_id || task.name);
+}
+
+function _downloadServeFields(task) {
+  const include = String(task?.payload?.include || '').trim();
+  if (!include) return null;
+  return {
+    backend: 'llamacpp',
+    _forceBackend: true,
+    _preferredGgufInclude: include,
+  };
+}
+
 // A download task whose tmux output still shows an active per-shard line
 // (e.g. "model-00012-of-00082.safetensors: 56%|") is NOT actually finished —
 // the cookbook just lost track. The clear pill becomes a "reconnect" affordance
@@ -282,6 +323,40 @@ let _detectToolParser;
 let _detectModelOptimizations;
 let _buildServeCmd;
 
+function _taskServerSelection(task) {
+  const host = task?.remoteHost || task?.payload?.remote_host || '';
+  const savedKey = task?.remoteServerKey || task?.payload?.remote_server_key || '';
+  const server = (savedKey ? _serverByVal(savedKey) : null)
+    || (host ? _serverByVal(host) : null)
+    || (host ? _envState.servers.find(s => s.host === host) : null)
+    || null;
+  const key = server ? (_serverKey ? _serverKey(server) : savedKey) : (savedKey || (host || 'local'));
+  return { host, server, key };
+}
+
+function _selectTaskServer(task) {
+  const { host, server, key } = _taskServerSelection(task);
+  _envState.remoteHost = host;
+  _envState.remoteServerKey = key === 'local' ? '' : key;
+  if (server) {
+    _envState.env = server.env || 'none';
+    _envState.envPath = server.envPath || '';
+    _envState.platform = server.platform || '';
+  } else if (!host) {
+    _envState.env = 'none';
+    _envState.envPath = '';
+    _envState.platform = '';
+  }
+  document.querySelectorAll('#hwfit-server-select, #hwfit-dl-server, #hwfit-cache-server, #hwfit-deps-server').forEach(sel => {
+    if (!sel || sel.tagName !== 'SELECT') return;
+    const wanted = key || (host || 'local');
+    if ([...sel.options].some(o => o.value === wanted)) sel.value = wanted;
+    else if (host && [...sel.options].some(o => o.value === host)) sel.value = host;
+    else sel.value = host ? wanted : 'local';
+  });
+  return { host, server, key };
+}
+
 // When a new action is started (download / dependency / serve), this holds the
 // new task's id so the next render collapses every other card and leaves only
 // the new one open. Consumed (cleared) by _renderRunningTab.
@@ -654,16 +729,31 @@ function _loadPrunedTasks() {
 const _REMOVED_KEY = 'cookbook-removed-tasks';
 const _TOMBSTONE_TTL_MS = 24 * 3600 * 1000;
 function _loadTombstones() {
-  try { return JSON.parse(localStorage.getItem(_REMOVED_KEY)) || {}; }
+  try {
+    const tomb = JSON.parse(localStorage.getItem(_REMOVED_KEY)) || {};
+    const now = Date.now();
+    let changed = false;
+    for (const k in tomb) {
+      if (now - tomb[k] > _TOMBSTONE_TTL_MS) {
+        delete tomb[k];
+        changed = true;
+      }
+    }
+    if (changed) localStorage.setItem(_REMOVED_KEY, JSON.stringify(tomb));
+    return tomb;
+  }
   catch { return {}; }
 }
+function _saveTombstones(tomb) {
+  localStorage.setItem(_REMOVED_KEY, JSON.stringify(tomb || {}));
+}
 function _tombstoneTask(id) {
   if (!id) return;
   const tomb = _loadTombstones();
   const now = Date.now();
   tomb[id] = now;
   for (const k in tomb) { if (now - tomb[k] > _TOMBSTONE_TTL_MS) delete tomb[k]; }
-  localStorage.setItem(_REMOVED_KEY, JSON.stringify(tomb));
+  _saveTombstones(tomb);
 }
 function _isTombstoned(id) {
   const ts = _loadTombstones()[id];
@@ -1098,6 +1188,7 @@ function _syncToServer() {
       if (!_envState || !Array.isArray(_envState.servers) || _envState.servers.length === 0) return;
       const state = {
         tasks: _loadTasks(),
+        removedTasks: _loadTombstones(),
         presets: _loadPresets(),
         env: _envState,
         serveState: null,
@@ -1146,9 +1237,16 @@ export async function _syncFromServer() {
 
     const localTasks = _loadTasks();
     const serverTasks = state.tasks || [];
+    const serverTombstones = (state.removedTasks && typeof state.removedTasks === 'object') ? state.removedTasks : {};
+    const localTombstones = _loadTombstones();
+    const mergedTombstones = { ...serverTombstones, ...localTombstones };
+    for (const [id, ts] of Object.entries(serverTombstones)) {
+      if (localTombstones[id] == null || Number(ts) > Number(localTombstones[id])) mergedTombstones[id] = ts;
+    }
+    _saveTombstones(mergedTombstones);
 
     const localIds = new Set(localTasks.map(t => t.sessionId));
-    const merged = [...localTasks];
+    const merged = localTasks.filter(t => !_isTombstoned(t.sessionId));
     for (const t of serverTasks) {
       if (!localIds.has(t.sessionId) && !_isTombstoned(t.sessionId)) {
         merged.push(t);
@@ -1165,6 +1263,18 @@ export async function _syncFromServer() {
       const { remoteHost: _rh, env: _e, envPath: _ep, platform: _pf, ...settings } = state.env;
       delete settings.hfToken;
       Object.assign(_envState, settings);
+      const selected = (_envState.remoteServerKey && _serverByVal?.(_envState.remoteServerKey))
+        || (_envState.remoteHost ? (_envState.servers || []).find(s => s.host === _envState.remoteHost) : null);
+      if (selected) {
+        _envState.env = selected.env || 'none';
+        _envState.envPath = selected.envPath || '';
+        _envState.platform = selected.platform || '';
+      } else if (!_envState.remoteHost) {
+        const local = (_envState.servers || []).find(s => !s.host || s.host === 'local');
+        _envState.env = local?.env || 'none';
+        _envState.envPath = local?.envPath || '';
+        _envState.platform = local?.platform || '';
+      }
       const { hfToken, ...safeState } = _envState;
       localStorage.setItem('cookbook-last-state', JSON.stringify(safeState));
     }
@@ -1174,6 +1284,7 @@ export async function _syncFromServer() {
     if (state.serveState) {
       localStorage.setItem(SERVE_STATE_KEY, JSON.stringify(state.serveState));
     }
+    document.dispatchEvent(new CustomEvent('cookbook:state-synced', { detail: state }));
     return true;
   } catch { return false; }
 }
@@ -1332,17 +1443,11 @@ async function _openServeEditForTask(task, cmdOverride, fieldOverrides = null) {
   if (fieldOverrides && typeof fieldOverrides === 'object') {
     fields = { ...(fields || {}), ...fieldOverrides };
   }
-  // Switch the active server to the one this serve ran on (mirrors _openEdit).
-  const _tHost = task.remoteHost || '';
-  _envState.remoteHost = _tHost;
-  const _tSrv = _serverByVal(_envState.remoteServerKey || _tHost)
-    || _envState.servers.find(s => s.host === _tHost);
-  if (_tSrv) { _envState.env = _tSrv.env || 'none'; _envState.envPath = _tSrv.envPath || ''; _envState.platform = _tSrv.platform || ''; }
-  else if (!_tHost) { _envState.env = 'none'; _envState.envPath = ''; _envState.platform = ''; }
-  document.querySelectorAll('#hwfit-server-select, #hwfit-dl-server, #hwfit-cache-server, #hwfit-deps-server').forEach(sel => {
-    if (!sel || sel.tagName !== 'SELECT') return;
-    sel.value = _tHost || 'local';
-  });
+  fields = { ...(fields || {}), _replaceTaskId: task.sessionId };
+  // Switch the active server to the exact profile this serve ran on. The
+  // dropdown stores stable srv: keys, not raw host strings, so preserving only
+  // task.remoteHost can relaunch against the local container by accident.
+  _selectTaskServer(task);
   try {
     const { openServePanelForRepo } = await import('./cookbookServe.js');
     await openServePanelForRepo(repo, fields);
@@ -1553,6 +1658,20 @@ export async function _launchServeTask(shortName, repo, cmd, fields, hostOverrid
   const _serverMetaKey = _targetKey || (_hsrv && _serverKey ? _serverKey(_hsrv) : '') || (_host || 'local');
   const _serverMetaName = targetMeta?.serverName || _hsrv.name || (_host ? _host : 'Local');
   const _hplatform = _host ? (_hsrv.platform || '') : (_envState.platform || '');
+  const _replaceTaskId = fields?._replaceTaskId || '';
+  if (_replaceTaskId) {
+    try {
+      const _old = _loadTasks().find(t => t.sessionId === _replaceTaskId);
+      if (_old && _old.type === 'serve') {
+        await fetch('/api/shell/exec', {
+          method: 'POST', credentials: 'same-origin',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({ command: _tmuxGracefulKill(_old) }),
+        });
+        _removeTask(_old.sessionId);
+      }
+    } catch {}
+  }
 
   // Replace any serve already targeting this same host:port — you can't run two
   // servers on one port, so re-serving (or retrying) should stop & remove the
@@ -1750,7 +1869,7 @@ export function _renderRunningTab() {
       '<div style="display:flex;align-items:baseline;gap:8px;margin-bottom:2px;">' +
       '<h2 style="margin:0;padding:0;line-height:1;">Active <span id="running-count" class="memory-count" style="font-size:0.6em;opacity:0.6;font-weight:normal">' + activeCount + '</span></h2>' +
       '</div>' +
-      '<p class="memory-desc doclib-desc" style="margin-top:6px;">Active downloads and serving processes.</p>' +
+      '<p class="memory-desc doclib-desc" style="margin-top:6px;">Active downloads, installs and model launches.</p>' +
       '</div>';
     const firstGroup = body.querySelector('.cookbook-group');
     if (firstGroup) body.insertBefore(group, firstGroup);
@@ -1863,6 +1982,7 @@ export function _renderRunningTab() {
         return;
       }
       if (!await window.styledConfirm(`Clear ${toRemove.length} finished task${toRemove.length === 1 ? '' : 's'} on ${_serverName(host)}?`, { confirmText: 'Clear' })) return;
+      toRemove.forEach(t => _tombstoneTask(t.sessionId));
       const remaining = allTasks.filter(t => _taskServerKey(t) !== host || !_canClearTask(t));
       _saveTasks(remaining);
       // Fade/slide each finished card out (same exit as the per-card clear)
@@ -2000,11 +2120,12 @@ export function _renderRunningTab() {
 
     const _bdg = _taskBadge(task);
     const _bdgTitle = (task._unreachable && task.status === 'running') ? ' title="Server not responding — it may have crashed"' : '';
+    const displayName = _taskDisplayName(task);
     el.innerHTML = `
       <div class="cookbook-task-header">
         <span class="cookbook-task-type${(task.status === 'done' && task.type === 'download') ? ' cookbook-task-type-done' : ''}" data-type="${esc(task.type)}">${esc((task.status === 'done' && task.type === 'download') ? 'finished' : task.type)}</span>
-        <span class="cookbook-task-name">${modelLogo(task.name)}${esc(task.name)}</span>
-        <span class="cookbook-task-indicator"><span class="cookbook-task-wave" style="display:${task.status === 'running' ? '' : 'none'}"></span><span class="cookbook-task-check" title="Clear" style="display:${_canClearTask(task) ? '' : 'none'}"><svg class="cookbook-task-check-ico" width="12" height="12" viewBox="0 0 24 24" fill="none" stroke="#50fa7b" stroke-width="3" stroke-linecap="round" stroke-linejoin="round"><polyline points="20 6 9 17 4 12"/></svg><svg class="cookbook-task-clear-ico" width="12" height="12" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="3" stroke-linecap="round" stroke-linejoin="round"><line x1="18" y1="6" x2="6" y2="18"/><line x1="6" y1="6" x2="18" y2="18"/></svg><span class="cookbook-task-done-label">${esc(_clearPillLabel(task))}</span><span class="cookbook-task-clear-label">clear</span></span></span>
+        <span class="cookbook-task-name">${modelLogo(task.name)}${esc(displayName)}</span>
+        <span class="cookbook-task-indicator"><span class="cookbook-task-wave" style="display:${task.status === 'running' ? '' : 'none'}"></span>${_canLaunchDownloadedTask(task) ? '<button type="button" class="cookbook-task-serve-btn" title="Open in Launch"><svg width="12" height="12" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.4" stroke-linecap="round" stroke-linejoin="round"><polygon points="13 2 3 14 12 14 11 22 21 10 12 10 13 2"/></svg><span>Launch</span></button>' : ''}<span class="cookbook-task-check" title="Clear" style="display:${_canClearTask(task) ? '' : 'none'}"><svg class="cookbook-task-check-ico" width="12" height="12" viewBox="0 0 24 24" fill="none" stroke="#50fa7b" stroke-width="3" stroke-linecap="round" stroke-linejoin="round"><polyline points="20 6 9 17 4 12"/></svg><svg class="cookbook-task-clear-ico" width="12" height="12" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="3" stroke-linecap="round" stroke-linejoin="round"><line x1="18" y1="6" x2="6" y2="18"/><line x1="6" y1="6" x2="18" y2="18"/></svg><span class="cookbook-task-done-label">${esc(_clearPillLabel(task))}</span><span class="cookbook-task-clear-label">clear</span></span></span>
         <button type="button" class="cookbook-task-start-now" title="Start this queued download now" style="display:${(task.type === 'download' && task.status === 'queued') ? '' : 'none'}"><svg width="11" height="11" viewBox="0 0 24 24" fill="currentColor" aria-hidden="true"><polygon points="8 5 19 12 8 19 8 5"/></svg><span>start now</span></button>
         <span class="cookbook-task-status ${_bdg.cls}"${_bdgTitle}>${esc(_bdg.text)}</span>
         <button class="cookbook-task-menu-btn" title="Actions">&#8942;</button>
@@ -2076,19 +2197,11 @@ export function _renderRunningTab() {
           e.stopPropagation();
           const repo = task.payload?.repo_id || task.name;
           if (!repo) { uiModule.showToast('No model info on this task'); return; }
-          // Point the active server at the one it downloaded to.
-          const _tHost = task.remoteHost || '';
-          _envState.remoteHost = _tHost;
-          const _tSrv = _serverByVal(_envState.remoteServerKey || _tHost)
-            || _envState.servers.find(s => s.host === _tHost);
-          if (_tSrv) { _envState.env = _tSrv.env || 'none'; _envState.envPath = _tSrv.envPath || ''; _envState.platform = _tSrv.platform || ''; }
-          else if (!_tHost) { _envState.env = 'none'; _envState.envPath = ''; _envState.platform = ''; }
-          document.querySelectorAll('#hwfit-server-select, #hwfit-dl-server, #hwfit-cache-server, #hwfit-deps-server').forEach(sel => {
-            if (sel && sel.tagName === 'SELECT') sel.value = _tHost || 'local';
-          });
+          // Point the active server at the exact profile it downloaded to.
+          _selectTaskServer(task);
           try {
             const { openServePanelForRepo } = await import('./cookbookServe.js');
-            await openServePanelForRepo(repo);
+            await openServePanelForRepo(repo, _downloadServeFields(task));
             // Serving it supersedes the finished download — clear the card from
             // the Running tab (smooth exit) now that we've jumped to Serve.
             _animateOutThenRemove(el, task.sessionId);
@@ -3558,7 +3671,9 @@ async function _probeEndpointUntilOnline(epId, host, port) {
     try {
       // Hit the probe endpoint — it re-probes server-side and updates
       // cached_models. We consume (and discard) the SSE stream.
-      await fetch(`/api/model-endpoints/${epId}/probe`, { credentials: 'same-origin' }).then(r => r.text()).catch(() => {});
+      const probeRes = await fetch(`/api/model-endpoints/${epId}/probe`, { credentials: 'same-origin' }).catch(() => null);
+      if (probeRes && probeRes.status === 404) return;
+      if (probeRes) await probeRes.text().catch(() => {});
       const eps = await fetch('/api/model-endpoints', { credentials: 'same-origin' }).then(r => r.json()).catch(() => []);
       const ep = (eps || []).find(e => e.id === epId);
       if (ep && (ep.models || []).length) {
diff --git a/static/js/cookbookServe.js b/static/js/cookbookServe.js
index a22c73af3..5ebeb0aaf 100644
--- a/static/js/cookbookServe.js
+++ b/static/js/cookbookServe.js
@@ -477,7 +477,9 @@ function _estimateLlamaContextFit(model, fields, modelCtxMax, modelWeightsGb = 0
 }
 
 function _selectedServeTarget(panel) {
-  const select = document.getElementById('hwfit-server-select') || document.getElementById('hwfit-dl-server');
+  const select = panel?.querySelector?.('#hwfit-server-select')
+    || document.getElementById('hwfit-server-select')
+    || document.getElementById('hwfit-dl-server');
   const servers = Array.isArray(_envState.servers) ? _envState.servers : [];
   let host = _envState.remoteHost || '';
   let server = host ? (_serverByVal?.(_envState.remoteServerKey || host) || servers.find(s => s.host === host)) : null;
@@ -643,6 +645,122 @@ function _ggufFileLabel(file) {
   return `${quant}${base}${size || split ? ` (${[size, split.replace(/^, /, '')].filter(Boolean).join(', ')})` : ''}${role}`;
 }
 
+function _ggufTaskDisplayPart(model, relPath) {
+  const rel = String(relPath || '');
+  if (!rel) return '';
+  const file = _ggufFilesForModel(model).find(f => f.rel_path === rel);
+  if (file?.quant) return String(file.quant).toUpperCase().replace(/^UD-/, '');
+  const parts = rel.split('/').filter(Boolean);
+  const base = parts[parts.length - 1] || '';
+  const parent = parts.length > 1 ? parts[parts.length - 2] : '';
+  const text = `${parent} ${base}`;
+  const quant = text.match(/\b(?:UD-)?(?:IQ[1-8]_[A-Z0-9]+|Q[2-8]_K_[MLS]|Q[2-8]_[0-9A-Z]+|Q[2-8])\b/i);
+  if (quant) return quant[0].toUpperCase().replace(/^UD-/, '');
+  return base.replace(/\.gguf$/i, '').replace(/-\d{5}-of-\d{5}$/i, '');
+}
+
+function _serveTaskDisplayName(shortName, model, fields) {
+  const name = String(shortName || '').trim();
+  const backend = String(fields?.backend || '').toLowerCase();
+  if (backend !== 'llamacpp' && backend !== 'ollama') return name;
+  const part = _ggufTaskDisplayPart(model, fields?.gguf_file);
+  return part && !name.includes(` · ${part}`) ? `${name} · ${part}` : name;
+}
+
+function _safeGgufRelPath(relPath) {
+  const rel = String(relPath || '').replace(/\\/g, '/').replace(/^\/+/, '');
+  if (!rel || rel.startsWith('../') || rel.includes('/../') || rel === '..') return '';
+  if (rel.includes('\0')) return '';
+  return rel;
+}
+
+function _ggufDeleteChoice(repo, files) {
+  return new Promise(resolve => {
+    let overlay = document.getElementById('cookbook-gguf-delete-overlay');
+    if (!overlay) {
+      overlay = document.createElement('div');
+      overlay.id = 'cookbook-gguf-delete-overlay';
+      overlay.className = 'modal hidden';
+      overlay.innerHTML =
+        '<div class="modal-content styled-confirm-box cookbook-gguf-delete-box" role="dialog" aria-modal="true" aria-labelledby="cookbook-gguf-delete-title">' +
+          '<div class="modal-header"><h4 id="cookbook-gguf-delete-title">Delete GGUF files</h4></div>' +
+          '<div class="modal-body">' +
+            '<p id="cookbook-gguf-delete-msg"></p>' +
+            '<div id="cookbook-gguf-delete-list" class="cookbook-gguf-delete-list"></div>' +
+          '</div>' +
+          '<div class="modal-footer cookbook-gguf-delete-actions">' +
+            '<button type="button" id="cookbook-gguf-delete-cancel" class="confirm-btn confirm-btn-secondary">Cancel</button>' +
+            '<button type="button" id="cookbook-gguf-delete-repo" class="confirm-btn confirm-btn-secondary">Whole repo</button>' +
+            '<button type="button" id="cookbook-gguf-delete-selected" class="confirm-btn confirm-btn-danger">Delete selected</button>' +
+          '</div>' +
+        '</div>';
+      document.body.appendChild(overlay);
+    }
+
+    const safeFiles = files
+      .map(f => ({ ...f, rel_path: _safeGgufRelPath(f.rel_path) }))
+      .filter(f => f.rel_path);
+    const msg = overlay.querySelector('#cookbook-gguf-delete-msg');
+    const list = overlay.querySelector('#cookbook-gguf-delete-list');
+    const cancelBtn = overlay.querySelector('#cookbook-gguf-delete-cancel');
+    const repoBtn = overlay.querySelector('#cookbook-gguf-delete-repo');
+    const selectedBtn = overlay.querySelector('#cookbook-gguf-delete-selected');
+    const prevFocus = document.activeElement;
+
+    msg.textContent = `${repo} has multiple GGUF files. Pick what to delete.`;
+    list.innerHTML = safeFiles.map((file, idx) => {
+      const label = esc ? esc(_ggufFileLabel(file)) : _ggufFileLabel(file);
+      const rel = esc ? esc(file.rel_path) : file.rel_path;
+      return `<label class="cookbook-gguf-delete-row">
+        <input class="cookbook-gguf-delete-cb" type="checkbox" value="${idx}">
+        <span class="cookbook-gguf-delete-main">${label}</span>
+        <span class="cookbook-gguf-delete-path">${rel}</span>
+      </label>`;
+    }).join('');
+
+    function cleanup(result) {
+      overlay.classList.add('hidden');
+      overlay.style.display = 'none';
+      cancelBtn.removeEventListener('click', onCancel);
+      repoBtn.removeEventListener('click', onRepo);
+      selectedBtn.removeEventListener('click', onSelected);
+      overlay.removeEventListener('click', onBackdrop);
+      document.removeEventListener('keydown', onKey);
+      try { prevFocus && prevFocus.focus && prevFocus.focus(); } catch {}
+      resolve(result);
+    }
+    function onCancel() { cleanup(null); }
+    function onRepo() { cleanup({ mode: 'repo' }); }
+    function onSelected() {
+      const selected = [...list.querySelectorAll('input[type="checkbox"]:checked')]
+        .map(input => safeFiles[Number(input.value)])
+        .filter(Boolean);
+      if (!selected.length) {
+        uiModule.showToast?.('Select at least one GGUF file.');
+        return;
+      }
+      cleanup({ mode: 'files', files: selected });
+    }
+    function onBackdrop(e) { if (e.target === overlay) cleanup(null); }
+    function onKey(e) {
+      if (e.key === 'Escape') {
+        e.preventDefault();
+        e.stopPropagation();
+        cleanup(null);
+      }
+    }
+
+    cancelBtn.addEventListener('click', onCancel);
+    repoBtn.addEventListener('click', onRepo);
+    selectedBtn.addEventListener('click', onSelected);
+    overlay.addEventListener('click', onBackdrop);
+    document.addEventListener('keydown', onKey);
+    overlay.classList.remove('hidden');
+    overlay.style.display = '';
+    selectedBtn.focus();
+  });
+}
+
 function _shellPathExpr(path) {
   const s = String(path || '');
   if (s === '~') return '${HOME}';
@@ -729,7 +847,7 @@ function _rerenderCachedModels() {
       ? ` <span class="cookbook-serve-downloading-pill${_isDlActive ? '' : ' is-stalled'}" title="${_isDlActive ? 'Download in progress' : 'Download stalled — retry to resume'}">${_isDlActive ? 'downloading' : 'stalled'}</span>`
       : '';
     const _favoritePill = _isFavorite ? ' <span class="memory-cat-badge memory-cat-pinned cookbook-serve-fav-badge">pinned</span>' : '';
-    html += `<div class="memory-item-title"${_mc ? ` style="color:${_mc}"` : ''}>${modelLogo(m.repo_id)}${esc(shortName)}${_favoritePill}${hfLink ? ` <a href="${esc(hfLink)}" target="_blank" rel="noopener" class="cookbook-hf-link">HF ↗</a>` : ''}${_runningPill}${_downloadingPill}</div>`;
+    html += `<div class="memory-item-title cookbook-serve-title"${_mc ? ` style="color:${_mc}"` : ''}><span class="cookbook-serve-title-name">${modelLogo(m.repo_id)}${esc(shortName)}</span>${_favoritePill}${hfLink ? ` <a href="${esc(hfLink)}" target="_blank" rel="noopener" class="cookbook-hf-link">HF ↗</a>` : ''}${_runningPill}${_downloadingPill}</div>`;
     html += `<div class="memory-item-meta" style="font-size:10px;opacity:0.4;margin-top:2px;">${metaParts.join(' \u00b7 ')}</div>`;
     html += `</div>`;
     const _bk = _detectBackend(m).backend;
@@ -962,6 +1080,11 @@ function _rerenderCachedModels() {
       const _isMiniMaxM3 = _isMiniMaxM3Model({ ...m, repo_id: repo });
       const _isMiniMaxM2 = _isMiniMaxM2Model({ ...m, repo_id: repo });
       const _isMiniMaxMSeries = _isMiniMaxM3 || _isMiniMaxM2;
+      const _toolParserDefault = _detectToolParser(repo);
+      const _isStepFunStep = _toolParserDefault === 'step3p5';
+      const _nativeToolDefault = _isMiniMaxMSeries || _isStepFunStep;
+      const _reasoningDefault = _isMiniMaxMSeries || _isStepFunStep;
+      const _expertParallelDefault = _isMiniMaxMSeries || _isStepFunStep;
       const svm = (k, def) => (_modelSs && _hasOwn(_modelSs, k)) ? _modelSs[k] : def;
       const _serveTarget = _selectedServeTarget();
       const _backendChoices = _backendChoicesForTarget(_serveTarget);
@@ -993,8 +1116,15 @@ function _rerenderCachedModels() {
       const _l = (name, tip) => `<span>${name}<span class="hwfit-hint" title="${tip}">?</span></span>`;
       const _ggufChoices = _runnableGgufFiles(m);
       const _savedGguf = String(sv('gguf_file', '') || '');
+      const _preferredGgufInclude = String(sv('_preferredGgufInclude', '') || '').replace(/\*/g, '').toLowerCase();
+      const _preferredGguf = _preferredGgufInclude
+        ? (_ggufChoices.find(f => String(f.rel_path || '').toLowerCase().includes(_preferredGgufInclude))
+          || _ggufChoices.find(f => String(f.name || '').toLowerCase().includes(_preferredGgufInclude)))
+        : null;
       const _defaultGguf = _ggufChoices.some(f => f.rel_path === _savedGguf)
         ? _savedGguf
+        : (_preferredGguf?.rel_path || '')
+          ? _preferredGguf.rel_path
         : (_ggufChoices[0]?.rel_path || '');
       const _ggufOptions = _ggufChoices.map(f =>
         `<option value="${esc(f.rel_path)}"${f.rel_path === _defaultGguf ? ' selected' : ''}>${esc(_ggufFileLabel(f))}</option>`
@@ -1026,6 +1156,10 @@ function _rerenderCachedModels() {
         + `</div>`;
 
       let panelHtml = `<div class="hwfit-serve-panel">`;
+      const _replaceTaskId = String(sv('_replaceTaskId', '') || '');
+      if (_replaceTaskId) {
+        panelHtml += `<input type="hidden" class="hwfit-sf" data-field="_replaceTaskId" value="${esc(_replaceTaskId)}" />`;
+      }
       // Runtime-readiness note pinned at the top of the serve area so the
       // user sees "vLLM ready on …" before scrolling into the configure
       // form. Hidden until the readiness probe returns. The × button
@@ -1202,20 +1336,20 @@ function _rerenderCachedModels() {
       const _rp_name = _rp_flag ? _rp_flag.split(' ')[1] : '';
       panelHtml += `<div class="hwfit-serve-checks hwfit-backend-vllm hwfit-backend-sglang">`;
       panelHtml += `<label class="hwfit-sf-cb"><input type="checkbox" class="hwfit-sf" data-field="trust_remote"${sv('trust_remote',_isMiniMaxMSeries)?' checked':''} /> Trust Remote Code${_h('Allow model to run custom code from HuggingFace')}</label>`;
-      panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm"><input type="checkbox" class="hwfit-sf" data-field="auto_tool"${sv('auto_tool',_isMiniMaxMSeries)?' checked':''} /> Auto Tool Choice${_h('Enable function/tool calling for agent mode')}</label>`;
+      panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm hwfit-backend-sglang"><input type="checkbox" class="hwfit-sf" data-field="auto_tool"${sv('auto_tool',_nativeToolDefault)?' checked':''} /> Auto Tool Choice${_h('Enable function/tool calling for agent mode')}</label>`;
       // Always-render the Reasoning Parser, Expert Parallel, and MoE Env
       // checkboxes — the model-family detection above is a hint, not a
       // hard gate. User asked to keep these visible regardless so that
       // a borderline-undetected MoE/reasoning model can still toggle
       // them without dropping back to the raw command box.
-      panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm"><input type="checkbox" class="hwfit-sf" data-field="reasoning_parser" data-parser="${_rp_name || ''}"${sv('reasoning_parser',_isMiniMaxMSeries)?' checked':''} /> Reasoning Parser${_rp_name ? ` <span class="hwfit-parser-tag">${_rp_name}</span>` : ''}${_h('Splits <think> tokens into a separate channel. The tag (when shown) is the auto-detected parser; edit the command if you need a different one.')}</label>`;
+      panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm hwfit-backend-sglang"><input type="checkbox" class="hwfit-sf" data-field="reasoning_parser" data-parser="${_rp_name || ''}"${sv('reasoning_parser',_reasoningDefault)?' checked':''} /> Reasoning Parser${_rp_name ? ` <span class="hwfit-parser-tag">${_rp_name}</span>` : ''}${_h('Splits <think> tokens into a separate channel. The tag (when shown) is the auto-detected parser; edit the command if you need a different one.')}</label>`;
       panelHtml += `<label class="hwfit-sf-cb"><input type="checkbox" class="hwfit-sf" data-field="enforce_eager"${sv('enforce_eager',false)?' checked':''} /> Enforce Eager${_h('Disable CUDA graphs. Slower but uses less memory')}</label>`;
       panelHtml += `<label class="hwfit-sf-cb"><input type="checkbox" class="hwfit-sf" data-field="prefix_cache"${sv('prefix_cache',false)?' checked':''} /> Prefix Caching${_h('Cache shared prompt prefixes across requests')}</label>`;
       // Inline the previously-second vLLM checks row so Expert Parallel /
       // Speculative / MoE Env sit next to Prefix Caching with no gap. All
       // three are vLLM-only — class-gated so they hide on SGLang. Always
       // render so the user can flip them on for any MoE model.
-      panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm"><input type="checkbox" class="hwfit-sf" data-field="expert_parallel"${sv('expert_parallel',_isMiniMaxMSeries)?' checked':''} /> Expert Parallel${_h('MoE: shard expert layers across GPUs. Helps for MiniMax M-series, Qwen3 A3B/A10B/A22B MoE, DeepSeek V3+/R1. Ignored / wasteful on dense models.')}</label>`;
+      panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm hwfit-backend-sglang"><input type="checkbox" class="hwfit-sf" data-field="expert_parallel"${sv('expert_parallel',_expertParallelDefault)?' checked':''} /> Expert Parallel${_h('MoE: shard expert layers across GPUs. Helps for MiniMax M-series, StepFun Step-3, Qwen3 A3B/A10B/A22B MoE, DeepSeek V3+/R1. Ignored / wasteful on dense models.')}</label>`;
       panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm"><input type="checkbox" class="hwfit-sf" data-field="language_model_only"${sv('language_model_only',_isMiniMaxM3)?' checked':''} /> Language Model Only${_h('vLLM --language-model-only. Needed by MiniMax M3 text serving when the repo also contains VL components.')}</label>`;
       panelHtml += `<label class="hwfit-sf-cb hwfit-backend-vllm"><input type="checkbox" class="hwfit-sf" data-field="disable_custom_all_reduce"${sv('disable_custom_all_reduce',_isMiniMaxM3)?' checked':''} /> Disable Custom All Reduce${_h('vLLM --disable-custom-all-reduce. Useful for some 8-GPU/nightly configurations.')}</label>`;
       {
@@ -2870,11 +3004,11 @@ function _rerenderCachedModels() {
             // preflight and let the launch silently fall to CPU.
             let _hwGpus = [];
             try {
-              const _gh = (_selectedServeTarget.host || '').trim();
+              const _gh = (launchTarget.host || '').trim();
               const _gp = new URLSearchParams();
               if (_gh) {
                 _gp.set('host', _gh);
-                const _sp = (_serverByVal?.(_selectedServeTarget.serverKey || _gh) || {}).port;
+                const _sp = (_serverByVal?.(launchTarget.serverKey || _gh) || {}).port;
                 if (_sp) _gp.set('ssh_port', _sp);
               }
               const _gr = await fetch('/api/cookbook/gpus' + (_gp.toString() ? '?' + _gp : ''), { credentials: 'same-origin' });
@@ -3069,6 +3203,7 @@ function _rerenderCachedModels() {
           try { cur = JSON.parse(localStorage.getItem(SERVE_STATE_KEY)) || {}; } catch {}
           const byRepo = (cur && cur._byRepo && typeof cur._byRepo === 'object') ? cur._byRepo : {};
           const _saved = { ...serveState, _forceBackend: true };
+          delete _saved._replaceTaskId;
           byRepo[repo] = _saved;
           localStorage.setItem(SERVE_STATE_KEY, JSON.stringify({ _byRepo: byRepo, _lastUsed: _saved }));
         } catch {}
@@ -3127,7 +3262,8 @@ function _rerenderCachedModels() {
           await _withSpinner(_launchBtn, async () => {
             // Pass the exact form values so the running task can be re-opened
             // in the Serve panel pre-filled with these settings (Edit button).
-            await _launchServeTask(shortName, repo, launchCmd, serveState, serveHost, { serverKey: serveServerKey, serverName: serveServerName });
+            const taskDisplayName = _serveTaskDisplayName(shortName, m, serveState);
+            await _launchServeTask(taskDisplayName, repo, launchCmd, serveState, serveHost, { serverKey: serveServerKey, serverName: serveServerName });
           });
         } finally {
           _envState.env = origEnv;
@@ -3188,7 +3324,6 @@ function _resolveCacheHost() {
 }
 
 async function _deleteCachedModel(repo, itemEl, skipConfirm = false, model = null) {
-  if (!skipConfirm && !(await uiModule.styledConfirm(`Delete ${repo} from cache?`, { confirmText: 'Delete', danger: true }))) return;
   const m = model || _cachedAllModels.find(x => x.repo_id === repo);
   // Delete the EXACT on-disk path the scan reported. Models in a custom
   // model dir live at <path>/<repo>; HF-cache models at
@@ -3204,13 +3339,32 @@ async function _deleteCachedModel(repo, itemEl, skipConfirm = false, model = nul
   } else {
     target = `~/.cache/huggingface/hub/models--${repo.replace(/\//g, '--')}`;
   }
+  let deleteChoice = { mode: 'repo' };
+  const ggufFiles = _ggufFilesForModel(m);
+  if (!skipConfirm) {
+    if (ggufFiles.length > 1) {
+      deleteChoice = await _ggufDeleteChoice(repo, ggufFiles);
+      if (!deleteChoice) return;
+    } else if (!(await uiModule.styledConfirm(`Delete ${repo} from cache?`, { confirmText: 'Delete', danger: true }))) {
+      return;
+    }
+  }
   const host = _resolveCacheHost();
   let cmd;
   if (_isWindows()) {
     const winTarget = target.startsWith('~')
       ? target.replace(/^~/, '$env:USERPROFILE').replace(/\//g, '\\')
       : target.replace(/\//g, '\\');
-    cmd = `Remove-Item -Recurse -Force "${winTarget}" -ErrorAction SilentlyContinue`;
+    if (deleteChoice.mode === 'files') {
+      const targets = deleteChoice.files
+        .map(f => _safeGgufRelPath(f.rel_path))
+        .filter(Boolean)
+        .map(rel => `${winTarget}\\${rel.replace(/\//g, '\\')}`);
+      if (!targets.length) return;
+      cmd = targets.map(p => `Remove-Item -Force "${p.replace(/"/g, '\\"')}" -ErrorAction SilentlyContinue`).join('; ');
+    } else {
+      cmd = `Remove-Item -Recurse -Force "${winTarget}" -ErrorAction SilentlyContinue`;
+    }
     if (host) {
       const pf = _sshPrefix(_getPort(host));
       cmd = `ssh ${pf}${host} "powershell -Command \\"${cmd}\\""`;
@@ -3219,7 +3373,16 @@ async function _deleteCachedModel(repo, itemEl, skipConfirm = false, model = nul
     // $HOME expands inside double quotes; ~ would not, so normalize the
     // fallback. Quoting also handles spaces in custom model-dir paths.
     const unixTarget = target.startsWith('~') ? target.replace(/^~/, '$HOME') : target;
-    cmd = `rm -rf "${unixTarget}"`;
+    if (deleteChoice.mode === 'files') {
+      const targets = deleteChoice.files
+        .map(f => _safeGgufRelPath(f.rel_path))
+        .filter(Boolean)
+        .map(rel => `${target.replace(/\/+$/, '')}/${rel}`);
+      if (!targets.length) return;
+      cmd = `rm -f ${targets.map(p => _shellPathExpr(p)).join(' ')} && find ${_shellPathExpr(target)} -type d -empty -delete`;
+    } else {
+      cmd = `rm -rf "${unixTarget}"`;
+    }
     if (host) cmd = _sshCmd(host, cmd, _getPort(host));
   }
   // Deleting a large model (tens/hundreds of GB) can take a while, especially
@@ -3244,7 +3407,13 @@ async function _deleteCachedModel(repo, itemEl, skipConfirm = false, model = nul
       body: JSON.stringify({ command: cmd }),
     });
     if (!res.ok) { uiModule.showError(`Delete failed (${res.status})`); return; }
-    if (itemEl) {
+    if (deleteChoice.mode === 'files') {
+      if (m && Array.isArray(m.gguf_files)) {
+        const removed = new Set(deleteChoice.files.map(f => _safeGgufRelPath(f.rel_path)));
+        m.gguf_files = m.gguf_files.filter(f => !removed.has(_safeGgufRelPath(f.rel_path)));
+      }
+      await _fetchCachedModels(false);
+    } else if (itemEl) {
       itemEl.querySelector('.cookbook-delete-overlay')?.remove();
       itemEl.style.transition = 'opacity 0.24s ease, transform 0.24s ease, max-height 0.28s ease, padding 0.28s ease, margin 0.28s ease';
       itemEl.style.maxHeight = `${Math.max(itemEl.getBoundingClientRect().height, itemEl.scrollHeight)}px`;
@@ -3258,9 +3427,9 @@ async function _deleteCachedModel(repo, itemEl, skipConfirm = false, model = nul
       requestAnimationFrame(() => { itemEl.style.maxHeight = '0'; });
       await new Promise(resolve => setTimeout(resolve, 300));
       if (itemEl.parentElement) itemEl.remove();
+      // Drop from the in-memory list so a re-render/filter doesn't resurrect it.
+      _cachedAllModels = _cachedAllModels.filter(x => x.repo_id !== repo);
     }
-    // Drop from the in-memory list so a re-render/filter doesn't resurrect it.
-    _cachedAllModels = _cachedAllModels.filter(x => x.repo_id !== repo);
   } catch (e) {
     uiModule.showError('Delete failed: ' + (e && e.message ? e.message : e));
   } finally {
diff --git a/static/js/modelPicker.js b/static/js/modelPicker.js
index 5538bf278..12fb3479e 100644
--- a/static/js/modelPicker.js
+++ b/static/js/modelPicker.js
@@ -77,6 +77,7 @@ function _handlePickerKeydown(e, listEl, itemSelector, closeFn) {
 // Dependencies injected via initModelPicker()
 let _deps = null;
 let _autoSelectingDefault = false;
+let _defaultChatPickInFlight = false;
 
 function _modelExists(modelId, url) {
   if (!modelId || !window.modelsModule || !window.modelsModule.getCachedItems) return false;
@@ -91,6 +92,43 @@ function _modelExists(modelId, url) {
   });
 }
 
+async function _ensureDefaultPendingChat() {
+  if (!_deps || _defaultChatPickInFlight) return;
+  if (_deps.getCurrentSessionId && _deps.getCurrentSessionId()) return;
+  const pending = _deps.getPendingChat && _deps.getPendingChat();
+  if (pending && pending.modelId) return;
+  _defaultChatPickInFlight = true;
+  try {
+    let dc = null;
+    try {
+      const res = await fetch(`${API_BASE}/api/default-chat`, { credentials: 'same-origin' });
+      if (res.ok) dc = await res.json();
+    } catch (_) {}
+    if (dc && dc.endpoint_url && dc.model) {
+      _deps.setPendingChat({
+        url: dc.endpoint_url,
+        modelId: dc.model,
+        endpointId: dc.endpoint_id || '',
+      });
+      try { window.__odysseusDefaultChat = dc; } catch (_) {}
+      updateModelPicker();
+      return;
+    }
+    // No configured default: preserve the old convenience fallback.
+    if (window.modelsModule && window.modelsModule.getCachedItems) {
+      const items = window.modelsModule.getCachedItems();
+      const first = items.find(item => !item.offline && ((item.models || []).length || (item.models_extra || []).length));
+      if (first) {
+        const models = (first.models || []).concat(first.models_extra || []);
+        _deps.setPendingChat({ url: first.url, modelId: models[0], endpointId: first.endpoint_id });
+        updateModelPicker();
+      }
+    }
+  } finally {
+    _defaultChatPickInFlight = false;
+  }
+}
+
 /**
  * Initialize the model picker dropdown.
  * @param {Object} deps
@@ -710,25 +748,7 @@ export function updateModelPicker() {
     }
   }
   if (!modelId && !_autoSelectingDefault && window.modelsModule && window.modelsModule.getCachedItems) {
-    const items = window.modelsModule.getCachedItems();
-    const first = items.find(item => !item.offline && ((item.models || []).length || (item.models_extra || []).length));
-    if (first) {
-      const models = (first.models || []).concat(first.models_extra || []);
-      modelId = models[0];
-      if (!currentSessionId) {
-        _deps.setPendingChat({ url: first.url, modelId, endpointId: first.endpoint_id });
-      } else {
-        if (s) { s.model = modelId; s.endpoint_url = first.url; }
-        _autoSelectingDefault = true;
-        const fd = new FormData();
-        fd.append('model', modelId);
-        fd.append('endpoint_url', first.url || '');
-        if (first.endpoint_id) fd.append('endpoint_id', first.endpoint_id);
-        fetch(`${API_BASE}/api/session/${currentSessionId}`, { method: 'PATCH', body: fd })
-          .catch(() => {})
-          .finally(() => { _autoSelectingDefault = false; });
-      }
-    }
+    _ensureDefaultPendingChat();
   }
 
   const displayName = modelId ? modelId.split('/').pop() : 'Select model';
diff --git a/static/js/notes.js b/static/js/notes.js
index fa754b771..9758f3608 100644
--- a/static/js/notes.js
+++ b/static/js/notes.js
@@ -1896,10 +1896,6 @@ function _renderNotes() {
       ${_hasItems(note) ? `<div class="note-cl-quickadd"><input type="text" class="note-cl-quickadd-input" placeholder="+ Add item" data-note-id="${note.id}" /></div>` : ''}
       ${reminderTagHtml}
       ${noteTags.length ? `<div class="note-card-label">${noteTags.map(t => `<button type="button" class="note-card-label-chip" data-note-label-filter="${_esc(t)}" title="Filter #${_esc(t)}">#${_esc(t)}</button>`).join(' ')}</div>` : ''}
-      ${note.agent_session_id ? `<button class="note-agent-tag" data-note-id="${note.id}" data-session-id="${_esc(note.agent_session_id)}" title="Open the agent's chat for this note">
-        <svg width="11" height="11" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.2" stroke-linecap="round" stroke-linejoin="round"><path d="M12 8V4H8"/><rect x="4" y="8" width="16" height="12" rx="2"/><path d="M2 14h2M20 14h2M15 13v2M9 13v2"/></svg>
-        <span>Agent</span>
-      </button>` : ''}
       <div class="note-card-actions">
         <div class="note-card-colors">${colorDots}</div>
         <span style="flex:1"></span>
@@ -2304,16 +2300,6 @@ function _bindCardEvents(body) {
       _openNoteCornerMenu(btn);
     });
   });
-  // Agent tag — opens the chat session the agent ran for this note.
-  body.querySelectorAll('.note-agent-tag').forEach(tag => {
-    tag.addEventListener('click', (e) => {
-      e.preventDefault();
-      e.stopPropagation();
-      const sid = tag.dataset.sessionId;
-      const _sm = window.sessionModule;
-      if (sid && _sm && _sm.selectSession) { closePanel(); _sm.selectSession(sid); }
-    });
-  });
   body.querySelectorAll('.note-card-label-chip').forEach(chip => {
     chip.addEventListener('click', (e) => {
       e.preventDefault();
@@ -4383,18 +4369,16 @@ function _openTodoAgentMenu(btn) {
   const noteId = btn.dataset.noteId;
   const idx = parseInt(btn.dataset.idx);
   const sid = btn.dataset.sessionId || '';
-  const title = btn.dataset.agentTitle || 'Agent chat';
   const menu = document.createElement('div');
   menu.className = 'note-corner-menu-dropdown note-agent-item-menu';
   menu.innerHTML = `
-    <div class="ncm-title">${_esc(title)}</div>
     ${sid ? `<button type="button" class="ncm-item" data-act="open">
       <svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M15 3h6v6"/><path d="M10 14L21 3"/><path d="M18 13v6a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2V8a2 2 0 0 1 2-2h6"/></svg>
-      <span>Open this agent chat</span>
+      <span>Open</span>
     </button>` : ''}
     <button type="button" class="ncm-item" data-act="run">
       <svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M12 8V4H8"/><rect x="4" y="8" width="16" height="12" rx="2"/><path d="M2 14h2M20 14h2M15 13v2M9 13v2"/></svg>
-      <span>${sid ? 'Run again for this todo' : 'Start agent for this todo'}</span>
+      <span>${sid ? 'Run again' : 'Run Agent'}</span>
     </button>`;
   _positionNoteMenu(menu, btn);
   const openBtn = menu.querySelector('[data-act="open"]');
diff --git a/static/style.css b/static/style.css
index 44ef5e6c9..97dec8b08 100644
--- a/static/style.css
+++ b/static/style.css
@@ -5324,6 +5324,84 @@ body.bg-pattern-sparkles {
     .confirm-btn-primary:hover { filter:brightness(1.15); }
     .confirm-btn-danger { background:var(--color-danger); color:#fff; border-color:transparent; }
     .confirm-btn-danger:hover { background:var(--color-error); }
+    #cookbook-gguf-delete-overlay {
+      background:rgba(0,0,0,0.5);
+      backdrop-filter:blur(4px);
+      pointer-events:auto !important;
+      z-index:99999 !important;
+      position:fixed !important;
+      inset:0 !important;
+    }
+    .cookbook-gguf-delete-box {
+      width:560px;
+      max-width:92vw;
+    }
+    .cookbook-gguf-delete-list {
+      display:flex;
+      flex-direction:column;
+      gap:6px;
+      max-height:42vh;
+      overflow:auto;
+      padding:2px 2px 4px;
+    }
+    .cookbook-gguf-delete-row {
+      display:grid;
+      grid-template-columns:18px minmax(0,1fr);
+      gap:7px 8px;
+      align-items:start;
+      padding:7px 8px;
+      border:1px solid var(--border);
+      border-radius:7px;
+      background:color-mix(in srgb, var(--panel, var(--bg)) 92%, var(--fg) 8%);
+      cursor:pointer;
+    }
+    .cookbook-gguf-delete-row:hover {
+      border-color:color-mix(in srgb, var(--accent-primary, var(--fg)) 45%, var(--border));
+    }
+    .cookbook-gguf-delete-cb {
+      -webkit-appearance:none;
+      appearance:none;
+      width:8px !important;
+      height:8px !important;
+      min-width:8px;
+      min-height:8px;
+      padding:0;
+      margin:4px 0 0;
+      border:1px solid var(--border);
+      border-radius:50%;
+      background:transparent;
+      box-sizing:content-box;
+      cursor:pointer;
+      transition:background 0.15s, border-color 0.15s, transform 0.12s;
+    }
+    .cookbook-gguf-delete-cb:hover {
+      border-color:var(--accent, var(--red));
+      transform:scale(1.12);
+    }
+    .cookbook-gguf-delete-cb:checked {
+      background:var(--accent, var(--red));
+      border-color:var(--accent, var(--red));
+    }
+    .cookbook-gguf-delete-main,
+    .cookbook-gguf-delete-path {
+      min-width:0;
+      overflow:hidden;
+      text-overflow:ellipsis;
+      white-space:nowrap;
+    }
+    .cookbook-gguf-delete-main {
+      font-size:0.86rem;
+      color:var(--fg);
+    }
+    .cookbook-gguf-delete-path {
+      grid-column:2;
+      margin-top:-2px;
+      font-size:0.74rem;
+      opacity:0.58;
+    }
+    .cookbook-gguf-delete-actions {
+      flex-wrap:wrap;
+    }
     /* Styled prompt — text-input dialog (used in place of window.prompt) */
     #styled-prompt-overlay {
       background:rgba(0,0,0,0.5);
@@ -19222,6 +19300,18 @@ body.gallery-selecting .gallery-dl-btn,
   background: color-mix(in srgb, var(--red) 20%, transparent);
 }
 .cookbook-gpu-kill:disabled { opacity: 0.4; cursor: wait; }
+.cookbook-serve-title {
+  display: flex;
+  align-items: center;
+  gap: 4px;
+  min-width: 0;
+}
+.cookbook-serve-title-name {
+  min-width: 0;
+  overflow: hidden;
+  text-overflow: ellipsis;
+  white-space: nowrap;
+}
 .cookbook-hf-link {
   font-size: 9px;
   text-decoration: none;
@@ -19234,6 +19324,7 @@ body.gallery-selecting .gallery-dl-btn,
   vertical-align: 1px;
   letter-spacing: 0.3px;
   font-weight: 600;
+  flex-shrink: 0;
 }
 .cookbook-hf-link:hover {
   opacity: 0.8;
@@ -19626,6 +19717,9 @@ body.gallery-selecting .gallery-dl-btn,
   position: relative;
   top: -2px;
 }
+.cookbook-dep-reinstall {
+  top: -3px;
+}
 .cookbook-dep-rebuild:hover {
   background: color-mix(in srgb, var(--accent, var(--red)) 18%, transparent);
   color: var(--accent, var(--red));
@@ -20619,6 +20713,11 @@ body.gallery-selecting .gallery-dl-btn,
 }
 .cookbook-task[data-status="done"] .cookbook-task-check-ico { display: inline; }
 .cookbook-task[data-status="done"] .cookbook-task-clear-ico { display: none; }
+@media (max-width: 820px) {
+  .cookbook-task-check {
+    top: 2px;
+  }
+}
 .cookbook-task-start-now {
   display: inline-flex;
   align-items: center;
@@ -20652,24 +20751,30 @@ body.gallery-selecting .gallery-dl-btn,
 /* "Serve" button on a finished download — green pill matching the "running" /
    finished badge (it sits next to the green FINISHED chip + check). */
 .cookbook-task-serve-btn {
-  font-size: 9px;
-  font-weight: 600;
-  padding: 1px 6px;
-  border: none;
-  border-radius: 3px;
-  line-height: 16px;
+  display: inline-flex;
+  align-items: center;
+  gap: 3px;
+  padding: 1px 6px 1px 4px;
+  border: 0;
+  border-radius: 9px;
+  line-height: 1;
   flex-shrink: 0;
   cursor: pointer;
   font-family: inherit;
-  background: color-mix(in srgb, var(--green, #50fa7b) 20%, transparent);
+  font-size: 9px;
+  text-transform: lowercase;
+  background: transparent;
   color: var(--green, #50fa7b);
   position: relative;
   top: -2px;
+  margin-right: 2px;
   appearance: none;
   -webkit-appearance: none;
   -moz-appearance: none;
+  transition: background 0.15s;
 }
-.cookbook-task-serve-btn:hover { background: color-mix(in srgb, var(--green, #50fa7b) 32%, transparent); }
+.cookbook-task-serve-btn svg { flex-shrink: 0; }
+.cookbook-task-serve-btn:hover { background: color-mix(in srgb, var(--green, #50fa7b) 16%, transparent); }
 .cookbook-task-sub {
   padding: 1px 10px 4px;
   line-height: 1;
@@ -21448,6 +21553,31 @@ body.gallery-selecting .gallery-dl-btn,
 .cookbook-dl-btn:hover {
   opacity: 0.9;
 }
+.cookbook-dl-gguf-row {
+  margin-top: -1px;
+  gap: 5px;
+  align-items: center;
+  justify-content: flex-end;
+  font-size: 11px;
+  position: relative;
+  top: -2px;
+}
+.cookbook-dl-gguf-label {
+  opacity: 0.65;
+  flex-shrink: 0;
+}
+#cookbook-dl-gguf-quant {
+  height: 28px;
+  min-width: 118px;
+  flex: 0 0 auto;
+}
+#cookbook-dl-gguf-note {
+  opacity: 0.55;
+  white-space: nowrap;
+  overflow: hidden;
+  text-overflow: ellipsis;
+  max-width: 240px;
+}
 
 /* HF link in search panel */
 .hwfit-panel-hf-link {
@@ -31920,24 +32050,34 @@ body.notes-drag-mode .note-card-pin svg {
 .note-corner-menu-dropdown .ncm-item:hover {
   background: color-mix(in srgb, var(--fg) 8%, transparent);
 }
-/* "Agent" tag on a note that has a linked agent chat session */
-.note-agent-tag {
-  align-self: flex-start;
+.note-checkbox-agent {
   display: inline-flex;
   align-items: center;
-  gap: 5px;
-  background: color-mix(in srgb, var(--accent, var(--red)) 14%, transparent);
-  border: 1px solid color-mix(in srgb, var(--accent, var(--red)) 35%, transparent);
+  justify-content: center;
+  width: 14px;
+  height: 14px;
+  padding: 0;
+  margin: 0 1px;
+  border: 0;
+  background: transparent;
   color: var(--accent, var(--red));
-  border-radius: 999px;
-  padding: 3px 10px 3px 8px;
-  font-size: 11px;
-  font-weight: 600;
+  box-shadow: none;
   cursor: pointer;
-  margin-top: 2px;
-  transition: background 0.12s;
+  opacity: 0;
+  transition: opacity 0.12s, color 0.12s;
+}
+.note-checkbox:hover .note-checkbox-agent { opacity: 0.55; }
+.note-checkbox-agent:hover {
+  background: transparent;
+  opacity: 1 !important;
+}
+.note-checkbox-agent.is-agent-stream-complete {
+  color: #50fa7b;
+  opacity: 0.9;
+}
+.note-checkbox-agent svg {
+  display: block;
 }
-.note-agent-tag:hover { background: color-mix(in srgb, var(--accent, var(--red)) 24%, transparent); }
 
 .note-card {
   /* Same tint that .doclib-card uses so a default (uncolored) note
@@ -36414,6 +36554,10 @@ body.research-panel-view #research-divider { display:none; }
 .research-setting {
   display:flex; flex-direction:column; flex:1; min-width:90px;
 }
+.research-settings-row .research-setting:nth-last-child(-n + 3) {
+  position: relative;
+  top: 3px;
+}
 .research-setting-label {
   font-size:9px; text-transform:uppercase; letter-spacing:0.5px;
   opacity:0.5; margin-bottom:2px;
diff --git a/tests/test_fenced_example_not_executed_for_native_models.py b/tests/test_fenced_example_not_executed_for_native_models.py
index 2b69ebc5b..9cac7ab8d 100644
--- a/tests/test_fenced_example_not_executed_for_native_models.py
+++ b/tests/test_fenced_example_not_executed_for_native_models.py
@@ -221,6 +221,60 @@ def test_skip_fenced_still_recovers_xml_invoke_markup():
     assert "latest python release" in blocks[0].content
 
 
+def test_stepfun_native_tool_tokens_are_executed_even_when_fenced_fallback_is_skipped():
+    leaked = (
+        "<｜tool▁calls▁begin｜>"
+        "<｜tool▁call▁begin｜>web_search<｜tool▁sep｜>"
+        '{"query":"Sweden news today"}'
+        "<｜tool▁call▁end｜>"
+        "<｜tool▁calls▁end｜>"
+    )
+    blocks = parse_tool_blocks(leaked, skip_fenced=True)
+    assert len(blocks) == 1
+    assert blocks[0].tool_type == "web_search"
+    assert "Sweden news today" in blocks[0].content
+    assert strip_tool_blocks(leaked, skip_fenced=True) == ""
+
+
+def test_stepfun_native_tool_tokens_accept_plain_web_query():
+    leaked = (
+        "<｜tool▁call▁begin｜>web_search<｜tool▁sep｜>"
+        "Sweden news today"
+        "<｜tool▁call▁end｜>"
+    )
+    blocks = parse_tool_blocks(leaked, skip_fenced=True)
+    assert len(blocks) == 1
+    assert blocks[0].tool_type == "web_search"
+    assert "Sweden news today" in blocks[0].content
+
+
+def test_skip_fenced_still_recovers_direct_xml_tool_markup():
+    leaked = (
+        "I'll search now.\n"
+        "<tool_call><web_search>News in Sweden today 2026-06-22</web_search></tool_call>"
+    )
+    blocks = parse_tool_blocks(leaked, skip_fenced=True)
+    assert len(blocks) == 1
+    assert blocks[0].tool_type == "web_search"
+    assert "News in Sweden today 2026-06-22" in blocks[0].content
+    assert strip_tool_blocks(leaked, skip_fenced=True) == "I'll search now."
+
+
+def test_skip_fenced_recovers_direct_xml_tool_markup_with_unclosed_wrapper():
+    leaked = (
+        "I'll search now.\n"
+        "<tool_call>\n"
+        "<web_search>\n"
+        "Sweden news today 2026-06-22\n"
+        "</web_search>"
+    )
+    blocks = parse_tool_blocks(leaked, skip_fenced=True)
+    assert len(blocks) == 1
+    assert blocks[0].tool_type == "web_search"
+    assert "Sweden news today 2026-06-22" in blocks[0].content
+    assert strip_tool_blocks(leaked, skip_fenced=True) == "I'll search now."
+
+
 def test_skip_fenced_still_recovers_dsml_markup():
     dsml = (
         "Let me search for that.\n"
diff --git a/tests/test_upload_multifile.py b/tests/test_upload_multifile.py
index ef2e43596..2e40948e6 100644
--- a/tests/test_upload_multifile.py
+++ b/tests/test_upload_multifile.py
@@ -19,7 +19,12 @@ from pathlib import Path
 
 import pytest
 from fastapi import APIRouter
+from sqlalchemy import create_engine
+from sqlalchemy.orm import sessionmaker
+from sqlalchemy.pool import NullPool
 
+import core.database as cdb
+from core.database import GalleryImage
 from src.upload_handler import count_recent_uploads, UploadHandler
 import routes.upload_routes as up
 
@@ -82,6 +87,10 @@ def _files(n):
     return [types.SimpleNamespace(filename=f"f{i}.txt") for i in range(n)]
 
 
+def _image_upload(name="photo.png", content=b"not really png but enough for route metadata"):
+    return types.SimpleNamespace(filename=name, file=io.BytesIO(content))
+
+
 @pytest.fixture(autouse=True)
 def _reset_router(monkeypatch):
     # Module-level router accumulates routes across setup calls; reset it.
@@ -163,3 +172,64 @@ def test_six_file_batch_is_not_rate_limited(tmp_path):
         assert meta and meta.get("id")
         saved += 1
     assert saved == 6
+
+
+async def test_chat_image_upload_is_added_to_gallery(tmp_path, monkeypatch):
+    engine = create_engine(
+        f"sqlite:///{tmp_path / 'gallery.db'}",
+        connect_args={"check_same_thread": False},
+        poolclass=NullPool,
+    )
+    cdb.Base.metadata.create_all(engine)
+    TestingSession = sessionmaker(bind=engine, autoflush=False, autocommit=False)
+    gallery_dir = tmp_path / "generated_images"
+
+    monkeypatch.setattr(up, "SessionLocal", TestingSession)
+    monkeypatch.setattr(up, "GENERATED_IMAGES_DIR", str(gallery_dir))
+
+    h = UploadHandler(base_dir=str(tmp_path), upload_dir=str(tmp_path / "uploads"))
+    up.setup_upload_routes(h)
+    endpoint = _endpoint(up.router)
+
+    result = await endpoint(_request(user="alice"), [_image_upload()])
+    uploaded = result["files"][0]
+
+    assert uploaded["gallery_id"]
+    db = TestingSession()
+    try:
+        image = db.query(GalleryImage).filter(GalleryImage.id == uploaded["gallery_id"]).one()
+        assert image.owner == "alice"
+        assert image.model == "chat-upload"
+        assert image.prompt == "photo.png"
+        assert image.file_hash == uploaded["hash"]
+        assert (gallery_dir / image.filename).exists()
+    finally:
+        db.close()
+
+
+async def test_non_image_chat_upload_is_not_added_to_gallery(tmp_path, monkeypatch):
+    engine = create_engine(
+        f"sqlite:///{tmp_path / 'gallery.db'}",
+        connect_args={"check_same_thread": False},
+        poolclass=NullPool,
+    )
+    cdb.Base.metadata.create_all(engine)
+    TestingSession = sessionmaker(bind=engine, autoflush=False, autocommit=False)
+    monkeypatch.setattr(up, "SessionLocal", TestingSession)
+    monkeypatch.setattr(up, "GENERATED_IMAGES_DIR", str(tmp_path / "generated_images"))
+
+    h = UploadHandler(base_dir=str(tmp_path), upload_dir=str(tmp_path / "uploads"))
+    up.setup_upload_routes(h)
+    endpoint = _endpoint(up.router)
+
+    result = await endpoint(_request(user="alice"), [types.SimpleNamespace(
+        filename="notes.txt",
+        file=io.BytesIO(b"plain text upload"),
+    )])
+
+    assert "gallery_id" not in result["files"][0]
+    db = TestingSession()
+    try:
+        assert db.query(GalleryImage).count() == 0
+    finally:
+        db.close()

From 57e7229219ae64342bac82abfa45f54a790f6877 Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Mon, 22 Jun 2026 02:08:25 +0000
Subject: [PATCH 19/22] CI fixes for cookbook workflow sync

---
 docker-compose.gpu-amd.yml           |  9 +++++++++
 docker-compose.gpu-nvidia.yml        | 10 ++++++++++
 routes/model_routes.py               | 15 +--------------
 src/agent_loop.py                    | 18 +++++++++++-------
 static/js/notes.js                   |  1 +
 tests/test_gpu_compose_standalone.py |  9 ++++-----
 tests/test_tool_support_heuristic.py |  2 +-
 7 files changed, 37 insertions(+), 27 deletions(-)

diff --git a/docker-compose.gpu-amd.yml b/docker-compose.gpu-amd.yml
index 82e22e440..5d5f8427e 100644
--- a/docker-compose.gpu-amd.yml
+++ b/docker-compose.gpu-amd.yml
@@ -28,6 +28,14 @@ services:
       # land under /app/.local for the odysseus user. Persist them so a
       # container recreate does not silently remove installed serve engines.
       - ${APP_DATA_DIR:-./data}/local:/app/.local:z
+      # Docker socket — lets Cookbook launch commands like
+      # `docker exec ollama-rocm ollama show <tag>` reach the host's
+      # Docker daemon (and sibling containers like ollama-rocm /
+      # ollama-test). The in-container user needs to be in the
+      # socket's owning group — see `group_add` below; the GID
+      # there must match the host's `docker` group (defaults to 963
+      # on Debian, 999 on Ubuntu — override via env if yours differs).
+      - /var/run/docker.sock:/var/run/docker.sock
     extra_hosts:
       # Lets the container reach local services on the Docker host, including
       # Ollama at http://host.docker.internal:11434.
@@ -93,6 +101,7 @@ services:
       - /dev/kfd
       - /dev/dri
     group_add:
+      - "${DOCKER_GID:-963}"
       - video
       - ${RENDER_GID:-render}
 
diff --git a/docker-compose.gpu-nvidia.yml b/docker-compose.gpu-nvidia.yml
index 1b551c669..c1f2cddb0 100644
--- a/docker-compose.gpu-nvidia.yml
+++ b/docker-compose.gpu-nvidia.yml
@@ -27,6 +27,16 @@ services:
       # land under /app/.local for the odysseus user. Persist them so a
       # container recreate does not silently remove installed serve engines.
       - ${APP_DATA_DIR:-./data}/local:/app/.local:z
+      # Docker socket — lets Cookbook launch commands like
+      # `docker exec ollama-rocm ollama show <tag>` reach the host's
+      # Docker daemon (and sibling containers like ollama-rocm /
+      # ollama-test). The in-container user needs to be in the
+      # socket's owning group — see `group_add` below; the GID
+      # there must match the host's `docker` group (defaults to 963
+      # on Debian, 999 on Ubuntu — override via env if yours differs).
+      - /var/run/docker.sock:/var/run/docker.sock
+    group_add:
+      - "${DOCKER_GID:-963}"
     extra_hosts:
       # Lets the container reach local services on the Docker host, including
       # Ollama at http://host.docker.internal:11434.
diff --git a/routes/model_routes.py b/routes/model_routes.py
index 89636b310..00fdb6eb0 100644
--- a/routes/model_routes.py
+++ b/routes/model_routes.py
@@ -896,25 +896,12 @@ def _ping_endpoint(base_url: str, api_key: str = None, timeout: float = 1.5) ->
         pass
 
     try:
-        # OpenAI-compatible servers commonly expose /v1/models but return 404
-        # for the bare /v1 root. Probe models first for those bases to avoid
-        # noisy false-looking 404s in llama.cpp logs.
-        parsed = urlparse(base)
-        prefer_models_first = (parsed.path or "").rstrip("/").endswith("/v1")
-        if prefer_models_first:
-            try:
-                r0 = httpx.get(_safe_build_models_url(base), headers=headers, timeout=timeout, verify=llm_verify())
-                result0 = _result_from_response(r0)
-                if result0["reachable"]:
-                    return result0
-            except Exception as e:
-                last_error = str(e)[:120]
         r = httpx.get(base, headers=headers, timeout=timeout, verify=llm_verify())
         result = _result_from_response(r)
         if result["reachable"]:
             return result
         sc = result.get("status_code") or 0
-        if 400 <= sc < 500 and sc not in (401, 403) and not prefer_models_first:
+        if 400 <= sc < 500 and sc not in (401, 403):
             models_url = _safe_build_models_url(base)
             try:
                 r2 = httpx.get(models_url, headers=headers,timeout=timeout, verify=llm_verify())
diff --git a/src/agent_loop.py b/src/agent_loop.py
index 27a448da4..f753a0b5b 100644
--- a/src/agent_loop.py
+++ b/src/agent_loop.py
@@ -2000,6 +2000,7 @@ async def stream_agent_loop(
         and not bool(_intent.get("continuation"))
         and not plan_mode
         and not approved_plan
+        and not guide_only
         and (_casual_low_signal_turn or active_document is None)
         and (_casual_low_signal_turn or not active_email)
         and (_casual_low_signal_turn or not workspace)
@@ -2103,7 +2104,7 @@ async def stream_agent_loop(
 
     # RAG-based tool selection: retrieve relevant tools for this query.
     # If caller provided a pre-computed set (e.g. task_scheduler), use that.
-    _relevant_tools = set() if guide_only else relevant_tools
+    _relevant_tools = relevant_tools
     _t1 = time.time()
     if _relevant_tools:
         logger.info(f"[tool-rag] Using caller-provided relevant_tools ({len(_relevant_tools)} tools)")
@@ -2279,7 +2280,7 @@ async def stream_agent_loop(
     _model_supports_tools = any(kw in _model_lc for kw in (
         "gpt-4", "gpt-5", "gpt-o", "claude", "gemini", "gemma",
         "qwen3", "qwen2.5", "mixtral", "mistral", "llama-3.1", "llama-3.2",
-        "llama-3.3", "llama-4",
+        "llama-3.3", "llama-4", "llama3.1", "llama3.2", "llama3.3", "llama4",
         # Local-served models that follow OpenAI-style function calling
         # via vLLM's `--enable-auto-tool-choice`. Belt-and-suspenders
         # with the per-endpoint flag above.
@@ -2310,7 +2311,6 @@ async def stream_agent_loop(
     # the fenced-block path is used instead of native function calling.
     _is_ollama_native = _is_ollama_native_url(endpoint_url or "")
     _ollama_openai_compat = _is_ollama_openai_compat_url(endpoint_url or "")
-    _local_openai_compat = _is_local_openai_compat_url(endpoint_url or "")
     if _endpoint_supports is True:
         _is_api_model = True
     elif (
@@ -2318,12 +2318,11 @@ async def stream_agent_loop(
         or _model_no_tools
         or _is_ollama_native
         or _ollama_openai_compat
-        or _local_openai_compat
     ):
         _is_api_model = False
     else:
         _is_api_model = any(h in endpoint_url for h in _API_HOSTS) or _model_supports_tools
-    _compact_agent_prompt = _is_api_model or _is_ollama_native or _ollama_openai_compat or _local_openai_compat
+    _compact_agent_prompt = _is_api_model or _is_ollama_native or _ollama_openai_compat
     messages, mcp_schemas = _build_system_prompt(
         messages, model, active_document, mcp_mgr, disabled_tools,
         needs_admin=_needs_admin, relevant_tools=_relevant_tools,
@@ -2782,7 +2781,12 @@ async def stream_agent_loop(
             _round_first_event_logged,
             _round_first_token_logged,
         )
-        tool_blocks, used_native = _resolve_tool_blocks(round_response, native_tool_calls, round_num, is_api_model=_is_api_model)
+        tool_blocks, used_native = _resolve_tool_blocks(
+            round_response,
+            native_tool_calls,
+            round_num,
+            is_api_model=(_is_api_model and not guide_only),
+        )
 
         # Force-answer round: we told the model to STOP calling tools and
         # answer. If it ignored that and emitted a (possibly DSML) tool
@@ -2866,7 +2870,7 @@ async def stream_agent_loop(
         # model with no real native_tool_calls) must not be stripped from the
         # persisted text either — otherwise it streams once and then disappears
         # on reload (#3222 follow-up).
-        cleaned_round = strip_tool_blocks(round_response, skip_fenced=(_is_api_model and not used_native)).strip()
+        cleaned_round = strip_tool_blocks(round_response, skip_fenced=(_is_api_model and not used_native and not guide_only)).strip()
         round_texts.append(cleaned_round)
 
         if not tool_blocks:
diff --git a/static/js/notes.js b/static/js/notes.js
index 9758f3608..3b5a4e555 100644
--- a/static/js/notes.js
+++ b/static/js/notes.js
@@ -1120,6 +1120,7 @@ export function openPanel() {
   }
   _open = true;
   _editingId = null;
+  _searchQuery = '';
   _clearViewedReminderGlows();
   _firedDotDismissedAt = Date.now();
   try { localStorage.setItem(REMINDER_DISMISSED_AT_KEY, String(_firedDotDismissedAt)); } catch {}
diff --git a/tests/test_gpu_compose_standalone.py b/tests/test_gpu_compose_standalone.py
index 57bdaf341..64c52577c 100644
--- a/tests/test_gpu_compose_standalone.py
+++ b/tests/test_gpu_compose_standalone.py
@@ -124,9 +124,9 @@ def test_nvidia_odysseus_adds_only_overlay(base):
         {"driver": "nvidia", "count": "all", "capabilities": ["gpu"]}
     ]
 
-    # No AMD-only keys leaked in.
+    # Base Docker socket group is preserved; no AMD-only keys leaked in.
     assert "devices" not in svc
-    assert "group_add" not in svc
+    assert svc["group_add"] == base_svc["group_add"]
 
 
 def test_amd_odysseus_adds_only_overlay(base):
@@ -137,11 +137,10 @@ def test_amd_odysseus_adds_only_overlay(base):
     # Environment is unchanged from base for AMD.
     assert svc["environment"] == base_svc["environment"]
 
-    # devices and group_add are new and match the overlay exactly.
+    # devices are new; group_add preserves the base Docker group and appends AMD groups.
     assert "devices" not in base_svc
-    assert "group_add" not in base_svc
     assert svc["devices"] == ["/dev/kfd", "/dev/dri"]
-    assert svc["group_add"] == ["video", "${RENDER_GID:-render}"]
+    assert svc["group_add"] == base_svc["group_add"] + ["video", "${RENDER_GID:-render}"]
 
     # No NVIDIA-only keys leaked in.
     assert "deploy" not in svc
diff --git a/tests/test_tool_support_heuristic.py b/tests/test_tool_support_heuristic.py
index 9294fc740..468a210b5 100644
--- a/tests/test_tool_support_heuristic.py
+++ b/tests/test_tool_support_heuristic.py
@@ -18,7 +18,7 @@ def _compute_is_api_model(model: str, endpoint_url: str, endpoint_supports=None)
     model_supports_tools = any(kw in model_lc for kw in (
         "gpt-4", "gpt-5", "gpt-o", "claude", "gemini", "gemma",
         "qwen3", "qwen2.5", "mixtral", "mistral", "llama-3.1", "llama-3.2",
-        "llama-3.3", "llama-4",
+        "llama-3.3", "llama-4", "llama3.1", "llama3.2", "llama3.3", "llama4",
         "minimax", "kimi", "yi-", "phi-3", "phi-4", "command-r",
         "glm-4", "internlm", "hermes",
         "deepseek-v", "deepseek-chat",

From 19dd82b8f6ef546db7a6b095a3885685737f950e Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Mon, 22 Jun 2026 02:20:15 +0000
Subject: [PATCH 20/22] CI test fixes for dev sync

---
 src/agent_loop.py                             |  1 +
 tests/test_aux_llm_owner_scope.py             |  3 +-
 tests/test_builtin_actions_owner_scope.py     | 47 +++++++++----------
 tests/test_builtin_memory_consolidation.py    | 12 +++--
 .../test_consolidate_memory_explicit_drops.py | 10 ++--
 tests/test_cookbook_cpu_only_serve.py         | 12 ++---
 tests/test_cookbook_helpers.py                | 10 ++--
 ...t_cookbook_same_host_server_profiles_js.py |  6 +--
 tests/test_docker_devops_hardening.py         |  4 +-
 9 files changed, 53 insertions(+), 52 deletions(-)

diff --git a/src/agent_loop.py b/src/agent_loop.py
index f753a0b5b..c90168324 100644
--- a/src/agent_loop.py
+++ b/src/agent_loop.py
@@ -2005,6 +2005,7 @@ async def stream_agent_loop(
         and (_casual_low_signal_turn or not active_email)
         and (_casual_low_signal_turn or not workspace)
         and not forced_tools
+        and not relevant_tools
     )
     # Tool retrieval uses the latest message by default. It may inherit recent
     # user turns only for explicit continuations ("yes", "do it", "1").
diff --git a/tests/test_aux_llm_owner_scope.py b/tests/test_aux_llm_owner_scope.py
index 534a2e429..9bd55482d 100644
--- a/tests/test_aux_llm_owner_scope.py
+++ b/tests/test_aux_llm_owner_scope.py
@@ -43,7 +43,8 @@ def test_background_session_sort_uses_owner_task_endpoint():
 def test_scheduler_fallbacks_and_research_headers_are_owner_scoped():
     src = _src("src/task_scheduler.py")
 
-    assert "resolve_utility_fallback_candidates(owner=task.owner or None)" in src
+    assert "resolve_task_candidates(" in src
+    assert "owner=task.owner or None" in src
     assert 'resolve_endpoint(\n                    "research",' in src
     assert "owner=task.owner or None" in src
     assert "headers_from_resolver = False" in src
diff --git a/tests/test_builtin_actions_owner_scope.py b/tests/test_builtin_actions_owner_scope.py
index a13f41d24..d14a94462 100644
--- a/tests/test_builtin_actions_owner_scope.py
+++ b/tests/test_builtin_actions_owner_scope.py
@@ -51,23 +51,19 @@ class _Db:
         self.closed = True
 
 
-def _resolver_spy(monkeypatch, utility_result=("", "", {}), default_result=("http://llm", "model", {})):
-    from src import endpoint_resolver
+def _resolver_spy(monkeypatch, candidates=None):
+    from src import task_endpoint
 
     calls = []
-    fallback_calls = []
 
-    def fake_resolve(kind, *args, **kwargs):
-        calls.append((kind, kwargs.get("owner")))
-        return utility_result if kind == "utility" else default_result
+    def fake_candidates(*args, **kwargs):
+        calls.append(kwargs.get("owner"))
+        if candidates is None:
+            return [("http://llm", "model", {})]
+        return list(candidates)
 
-    def fake_fallbacks(*args, **kwargs):
-        fallback_calls.append(kwargs.get("owner"))
-        return []
-
-    monkeypatch.setattr(endpoint_resolver, "resolve_endpoint", fake_resolve)
-    monkeypatch.setattr(endpoint_resolver, "resolve_utility_fallback_candidates", fake_fallbacks)
-    return calls, fallback_calls
+    monkeypatch.setattr(task_endpoint, "resolve_task_candidates", fake_candidates)
+    return calls
 
 
 @pytest.mark.asyncio
@@ -88,7 +84,7 @@ async def test_classify_events_resolves_llm_for_task_owner(monkeypatch):
         location="",
     )
     db = _Db({FakeCalendarEvent: [event]})
-    calls, _fallback_calls = _resolver_spy(monkeypatch, utility_result=("http://llm", "model", {}))
+    calls = _resolver_spy(monkeypatch)
 
     monkeypatch.setattr(database, "CalendarEvent", FakeCalendarEvent)
     monkeypatch.setattr(database, "SessionLocal", lambda: db)
@@ -97,7 +93,7 @@ async def test_classify_events_resolves_llm_for_task_owner(monkeypatch):
 
     assert ok is True
     assert "Scanned 1 upcoming event" in message
-    assert calls == [("utility", "alice")]
+    assert calls == ["alice"]
     assert db.closed is True
 
 
@@ -122,7 +118,7 @@ async def test_learn_sender_signatures_resolves_llm_for_task_owner(monkeypatch):
         def logout(self):
             return None
 
-    calls, _fallback_calls = _resolver_spy(monkeypatch, utility_result=("", "", {}), default_result=("", "", {}))
+    calls = _resolver_spy(monkeypatch, candidates=[])
     imap_owners = []
 
     def fake_imap_connect(_account_id=None, owner=""):
@@ -135,14 +131,14 @@ async def test_learn_sender_signatures_resolves_llm_for_task_owner(monkeypatch):
 
     assert ok is False
     assert message == "No LLM endpoint available"
-    assert calls == [("utility", "alice"), ("default", "alice")]
+    assert calls == ["alice"]
     assert imap_owners == ["alice"]
 
 
 @pytest.mark.asyncio
 async def test_learn_sender_signatures_writes_owner_scoped_cache(monkeypatch, tmp_path):
     from routes import email_helpers
-    from src import endpoint_resolver, llm_core
+    from src import llm_core, task_endpoint
     from src.builtin_actions import action_learn_sender_signatures
 
     db_path = tmp_path / "scheduled_emails.db"
@@ -205,15 +201,15 @@ async def test_learn_sender_signatures_writes_owner_scoped_cache(monkeypatch, tm
 
     monkeypatch.setattr(email_helpers, "_imap_connect", fake_imap_connect)
     monkeypatch.setattr(
-        endpoint_resolver,
-        "resolve_endpoint",
-        lambda kind, *args, **kwargs: ("http://llm", "alice-model", {}),
+        task_endpoint,
+        "resolve_task_candidates",
+        lambda *args, **kwargs: [("http://llm", "alice-model", {})],
     )
 
-    async def fake_llm_call_async(**_kwargs):
+    async def fake_llm_call_async(_candidates, **_kwargs):
         return "Writer Example\nExample Co.\nwriter@example.com"
 
-    monkeypatch.setattr(llm_core, "llm_call_async", fake_llm_call_async)
+    monkeypatch.setattr(llm_core, "llm_call_async_with_fallback", fake_llm_call_async)
 
     message, ok = await action_learn_sender_signatures("alice")
 
@@ -253,7 +249,7 @@ async def test_check_email_urgency_resolves_llm_candidates_for_task_owner(monkey
         from_address = _Column()
 
     db = _Db({FakeEmailAccount: []})
-    calls, fallback_calls = _resolver_spy(monkeypatch, utility_result=("http://llm", "model", {}))
+    calls = _resolver_spy(monkeypatch)
 
     monkeypatch.chdir(tmp_path)
     monkeypatch.setattr(database, "EmailAccount", FakeEmailAccount)
@@ -262,6 +258,5 @@ async def test_check_email_urgency_resolves_llm_candidates_for_task_owner(monkey
     with pytest.raises(TaskNoop, match="no email accounts configured"):
         await action_check_email_urgency("alice")
 
-    assert calls == [("utility", "alice")]
-    assert fallback_calls == ["alice"]
+    assert calls == ["alice"]
     assert db.closed is True
diff --git a/tests/test_builtin_memory_consolidation.py b/tests/test_builtin_memory_consolidation.py
index bebd43586..0b4b6b49f 100644
--- a/tests/test_builtin_memory_consolidation.py
+++ b/tests/test_builtin_memory_consolidation.py
@@ -29,8 +29,8 @@ def _read_memories(data_dir):
 @pytest.mark.asyncio
 async def test_consolidate_memory_empty_owner_treats_each_owner_separately(monkeypatch, tmp_path):
     from src import constants
-    from src import endpoint_resolver
     from src import llm_core
+    from src import task_endpoint
     action_consolidate_memory = _import_consolidate_action()
 
     long_alice_text = "Alice private project context. " + ("A" * 2200)
@@ -44,11 +44,15 @@ async def test_consolidate_memory_empty_owner_treats_each_owner_separately(monke
         ],
     )
     monkeypatch.setattr(constants, "DATA_DIR", str(data_dir))
-    monkeypatch.setattr(endpoint_resolver, "resolve_endpoint", lambda *args, **kwargs: ("http://llm", "model", {}))
+    monkeypatch.setattr(
+        task_endpoint,
+        "resolve_task_candidates",
+        lambda *args, **kwargs: [("http://llm", "model", {})],
+    )
 
     prompts = []
 
-    async def fake_llm_call_async(**kwargs):
+    async def fake_llm_call_async(_candidates, **kwargs):
         prompt = kwargs["messages"][0]["content"]
         prompts.append(prompt)
         if "alice-long" in prompt:
@@ -71,7 +75,7 @@ async def test_consolidate_memory_empty_owner_treats_each_owner_separately(monke
             }
         )
 
-    monkeypatch.setattr(llm_core, "llm_call_async", fake_llm_call_async)
+    monkeypatch.setattr(llm_core, "llm_call_async_with_fallback", fake_llm_call_async)
 
     message, ok = await action_consolidate_memory("")
 
diff --git a/tests/test_consolidate_memory_explicit_drops.py b/tests/test_consolidate_memory_explicit_drops.py
index ed9bc0234..b03e651bc 100644
--- a/tests/test_consolidate_memory_explicit_drops.py
+++ b/tests/test_consolidate_memory_explicit_drops.py
@@ -29,24 +29,24 @@ class _FakeMM:
 
 def test_omitted_memory_survives_only_explicit_drop(monkeypatch):
     import src.memory
-    import src.endpoint_resolver
     import src.llm_core
+    import src.task_endpoint
 
     _FakeMM.saved = None
     monkeypatch.setattr(src.memory, "MemoryManager", _FakeMM)
     monkeypatch.setattr(
-        src.endpoint_resolver, "resolve_endpoint",
-        lambda kind, owner=None: ("http://x/v1", "model", {}),
+        src.task_endpoint, "resolve_task_candidates",
+        lambda owner=None: [("http://x/v1", "model", {})],
     )
 
-    async def fake_llm(**kwargs):
+    async def fake_llm(_candidates, **kwargs):
         # Model keeps 'a', drops 'b', and OMITS 'c' entirely.
         return json.dumps({
             "keep": [{"id": "a", "text": "Likes dark roast coffee", "category": "preference"}],
             "drop": [{"id": "b", "reason": "duplicate of a"}],
         })
 
-    monkeypatch.setattr(src.llm_core, "llm_call_async", fake_llm)
+    monkeypatch.setattr(src.llm_core, "llm_call_async_with_fallback", fake_llm)
 
     msg, ok = asyncio.run(ba.action_consolidate_memory("alice"))
 
diff --git a/tests/test_cookbook_cpu_only_serve.py b/tests/test_cookbook_cpu_only_serve.py
index 5c21e5c60..bcb06b098 100644
--- a/tests/test_cookbook_cpu_only_serve.py
+++ b/tests/test_cookbook_cpu_only_serve.py
@@ -68,18 +68,18 @@ def test_vllm_blank_swap_omits_swap_space_flag():
 def test_serve_preflight_uses_selected_server_not_stale_env_host():
     text = SERVE_SRC.read_text(encoding="utf-8")
 
-    assert "const _selectedServeTarget = (() => {" in text
-    assert "const _hostStr = _selectedServeTarget.host || '';" in text
+    assert "function _selectedServeTarget(panel) {" in text
+    assert "const _hostStr = launchTarget.host || '';" in text
     assert "(t.remoteHost || '') === _hostStr" in text
-    assert "const _probeHost = (_selectedServeTarget.host || '').trim();" in text
-    assert "const _portHost = (_selectedServeTarget.host || '').trim();" in text
+    assert "const _probeHost = (launchTarget.host || '').trim();" in text
+    assert "const _portHost = (launchTarget.host || '').trim();" in text
 
 
 def test_vllm_route_strips_swap_space_when_runtime_rejects_it():
     text = ROUTES_SRC.read_text(encoding="utf-8")
 
-    assert "Removing --swap-space 0; off is represented by omitting the vLLM flag." in text
-    assert "vLLM serve does not support --swap-space; removing it" in text
+    assert "Setting vLLM --swap-space 0 so the runtime does not reserve CPU swap per GPU." in text
+    assert "vLLM serve does not expose --swap-space; removing the flag and patching the runtime default to 0." in text
     assert "ODYSSEUS_VLLM_HELP_CMD" in text
     assert "print(shlex.join(parts[:serve_i + 1] + [\"--help\"]))" in text
     assert "eval \"$ODYSSEUS_VLLM_HELP_CMD\" 2>&1 | grep -q -- \"--swap-space\"" in text
diff --git a/tests/test_cookbook_helpers.py b/tests/test_cookbook_helpers.py
index a7c3ee017..5d2db5dda 100644
--- a/tests/test_cookbook_helpers.py
+++ b/tests/test_cookbook_helpers.py
@@ -348,7 +348,7 @@ def test_serve_pip_install_normalizes_llama_cpp_alias_and_adds_wheel_index():
     src = (pathlib.Path(__file__).resolve().parent.parent
         / "routes" / "cookbook_routes.py").read_text(encoding="utf-8")
 
-    assert "re.sub(r\"(?<![A-Za-z0-9_.-])llama_cpp(?![A-Za-z0-9_.-])\", \"llama-cpp-python[server]\", req.cmd)" in src
+    assert "re.sub(r\"(?<![A-Za-z0-9_.\\-/])llama_cpp(?![A-Za-z0-9_.\\-/])\", \"llama-cpp-python[server]\", req.cmd)" in src
     assert "if \"llama-cpp-python\" in req.cmd and \"--extra-index-url\" not in req.cmd:" in src
     assert "https://abetlen.github.io/llama-cpp-python/whl/cpu" in src
 
@@ -626,7 +626,7 @@ def test_llama_cpp_linux_bootstrap_prefers_rocm_before_cuda():
     script = "\n".join(runner_lines)
 
     assert "mkdir -p ~/bin" in script
-    assert script.index("mkdir -p ~/bin") < script.index("cd ~/llama.cpp && rm -rf build")
+    assert script.index("mkdir -p ~/bin") < script.index("cd ~/llama.cpp")
     assert 'command -v hipconfig &>/dev/null || [ -d /opt/rocm ] || [ -n "$ROCM_PATH" ] || [ -n "$HIP_PATH" ]' in script
     assert 'cmake -B build -DCMAKE_BUILD_TYPE=Release -DGGML_HIP=ON' in script
     assert 'cmake -B build -DCMAKE_BUILD_TYPE=Release -DGGML_CUDA=ON' in script
@@ -676,7 +676,7 @@ def test_llama_cpp_linux_bootstrap_nvcc_without_cudart_warns_and_falls_back():
     # outer else that handles no-GPU-toolchain). Verify it appears at least once
     # before the outer "no HIP/CUDA toolchain" warning.
     cpu_cmake = 'cmake -B build -DCMAKE_BUILD_TYPE=Release &&'
-    no_toolchain_warn = 'WARNING: no HIP/CUDA toolchain found'
+    no_toolchain_warn = 'WARNING: no HIP/CUDA/Vulkan toolchain found'
     assert cpu_cmake in script
     assert script.index(cpu_cmake) < script.index(no_toolchain_warn)
 
@@ -693,8 +693,8 @@ def test_llama_cpp_linux_bootstrap_keeps_cpu_fallback_when_no_gpu_toolchain():
     _append_llama_cpp_linux_accel_build_lines(runner_lines)
     script = "\n".join(runner_lines)
 
-    assert 'WARNING: no HIP/CUDA toolchain found — building llama-server for CPU only.' in script
-    assert 'Install ROCm for AMD GPUs or vLLM/CUDA tooling for NVIDIA' in script
+    assert 'WARNING: no HIP/CUDA/Vulkan toolchain found — building llama-server for CPU only.' in script
+    assert 'Install Vulkan (libvulkan-dev) / ROCm for AMD GPUs or CUDA tooling for NVIDIA' in script
 
 
 def test_llama_cpp_rebuild_cmd_clears_cached_build_paths():
diff --git a/tests/test_cookbook_same_host_server_profiles_js.py b/tests/test_cookbook_same_host_server_profiles_js.py
index 13f7d2db4..6ed56a241 100644
--- a/tests/test_cookbook_same_host_server_profiles_js.py
+++ b/tests/test_cookbook_same_host_server_profiles_js.py
@@ -50,14 +50,14 @@ def test_serve_launch_preflights_use_selected_target_and_port():
     assert "if (launchTarget.port) _probeParams.set('ssh_port', launchTarget.port);" in SERVE
     assert "const _portHost = (launchTarget.host || '').trim();" in SERVE
     assert "StrictHostKeyChecking=no ${_sshPrefix(launchTarget.port)}${_portHost}" in SERVE
-    assert "let serveHost = launchTarget.host || '';" in SERVE
+    assert "const serveHost = launchTarget.host || '';" in SERVE
     assert SERVE.index(launch_target) < SERVE.index("const _runningMod = await import('./cookbookRunning.js');")
 
 
 def test_running_tab_resolves_profile_key_not_first_host():
-    assert "_serverByVal(_envState.remoteServerKey || _tHost)" in RUNNING
+    assert "_serverByVal(_targetKey)" in RUNNING
     assert "_serverByVal(_envState.remoteServerKey || _host)" in RUNNING
-    assert "_serverByVal(_envState.remoteServerKey || host)" in RUNNING
+    assert "_serverByVal(savedKey)" in RUNNING
     assert "_serverByVal = shared._serverByVal;" in RUNNING
     assert "_selectedServer = shared._selectedServer;" in RUNNING
 
diff --git a/tests/test_docker_devops_hardening.py b/tests/test_docker_devops_hardening.py
index 7d7b6d37c..95185f5f5 100644
--- a/tests/test_docker_devops_hardening.py
+++ b/tests/test_docker_devops_hardening.py
@@ -59,8 +59,8 @@ def test_docker_entrypoint_does_not_resolve_root_commands_from_app_local_path():
     path_export = script.index('export PATH="/app/.local/bin:$PATH"')
     gosu_capture = script.index('GOSU_BIN="$(command -v gosu)"')
     python_capture = script.index('PYTHON_BIN="$(command -v python)"')
-    setup_call = script.index('"$GOSU_BIN" "$PUID:$PGID" "$PYTHON_BIN" /app/setup.py')
-    final_exec = script.index('exec "$GOSU_BIN" "$PUID:$PGID" "$@"')
+    setup_call = script.index('"$GOSU_BIN" "$ODY_USER" "$PYTHON_BIN" /app/setup.py')
+    final_exec = script.index('exec "$GOSU_BIN" "$ODY_USER" "$@"')
 
     assert gosu_capture < path_export < setup_call
     assert python_capture < path_export < setup_call

From fbdec22dcbc57f615c7de9274553090f9505e564 Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Mon, 22 Jun 2026 02:39:18 +0000
Subject: [PATCH 21/22] CodeQL hardening for cookbook sync

---
 routes/cookbook_routes.py    |  8 +++--
 routes/email_routes.py       | 15 ++++++--
 routes/hwfit_routes.py       | 19 ++++++++--
 routes/model_routes.py       | 18 ++++++++--
 src/tool_parsing.py          | 68 +++++++++++++++++++++++++++---------
 static/js/cookbookRunning.js | 47 +++++++++++++++++--------
 static/js/cookbookServe.js   | 37 ++++++++++++++++----
 static/js/notes.js           |  4 +--
 8 files changed, 166 insertions(+), 50 deletions(-)

diff --git a/routes/cookbook_routes.py b/routes/cookbook_routes.py
index 89f15543d..f57ecf6e5 100644
--- a/routes/cookbook_routes.py
+++ b/routes/cookbook_routes.py
@@ -281,7 +281,8 @@ def setup_cookbook_routes() -> APIRouter:
         fails KV-cache setup, and FlashInfer sampler JIT fails on this host's
         system nvcc. Normalize server-side before writing the tmux runner.
         """
-        if not cmd or "vllm serve" not in cmd or not re.search(r"minimax.*m3", cmd, re.I):
+        cmd_lower = (cmd or "").lower()
+        if not cmd or "vllm serve" not in cmd_lower or "minimax" not in cmd_lower or "m3" not in cmd_lower:
             return cmd
         try:
             parts = shlex.split(cmd)
@@ -2823,8 +2824,9 @@ def setup_cookbook_routes() -> APIRouter:
                 if resp.status_code != 200:
                     return {"ok": False, "files": [], "error": f"HF API HTTP {resp.status_code}"}
                 data = resp.json()
-        except Exception as e:
-            return {"ok": False, "files": [], "error": str(e)}
+        except Exception:
+            logger.exception("HF GGUF file scan failed for %s", repo)
+            return {"ok": False, "files": [], "error": "HF API request failed"}
         files = [
             str(s.get("rfilename") or "")
             for s in data.get("siblings", [])
diff --git a/routes/email_routes.py b/routes/email_routes.py
index ace319626..1a45eaf00 100644
--- a/routes/email_routes.py
+++ b/routes/email_routes.py
@@ -1645,6 +1645,13 @@ def setup_email_routes():
                 return {"error": f"Attachment index {index} not found"}
 
             from pathlib import Path as _Path
+            target_root = _Path(target_dir).resolve()
+            filepath = _Path(filepath).resolve()
+            try:
+                filepath.relative_to(target_root)
+            except ValueError:
+                logger.warning("Rejected attachment path outside extraction dir: %s", filepath)
+                return {"error": "Invalid attachment path"}
             base = _Path(filepath).name
             if base.startswith("."):
                 return {"error": "Invalid filename", "filename": base}
@@ -1727,8 +1734,9 @@ def setup_email_routes():
                     return f"# Attached email: {base}\n\n_(empty email attachment)_"
                 try:
                     attached_msg = email_mod.message_from_bytes(raw_bytes)
-                except Exception as e:
-                    return f"# Attached email: {base}\n\nCould not parse this email attachment: {e}"
+                except Exception:
+                    logger.exception("Failed to parse attached email %s", base)
+                    return f"# Attached email: {base}\n\nCould not parse this email attachment."
 
                 attached_subject = _decode_header(attached_msg.get("Subject", "")) or base
                 attached_from = _decode_header(attached_msg.get("From", ""))
@@ -1809,7 +1817,8 @@ def setup_email_routes():
                 try:
                     content = _attached_email_markdown(filepath)
                 except Exception as e:
-                    return {"error": f"Failed to read email attachment: {e}", "filename": base}
+                    logger.exception("Failed to read email attachment %s", base)
+                    return {"error": "Failed to read email attachment", "filename": base}
                 doc_id = _create_markdown_doc(content, "Imported attached email")
                 return {"doc_id": doc_id, "filename": filepath.name}
 
diff --git a/routes/hwfit_routes.py b/routes/hwfit_routes.py
index 0dad0ddd7..0a1f00a60 100644
--- a/routes/hwfit_routes.py
+++ b/routes/hwfit_routes.py
@@ -332,8 +332,23 @@ def setup_hwfit_routes():
             # "deepseek-ai/DeepSeek-Coder-V2-Lite-Instruct".
             s = (s or "").lower().strip()
             s = s.split("/")[-1]                     # drop org prefix
-            s = re.sub(r"[-_.]?gguf$", "", s)        # drop trailing gguf marker
-            s = re.sub(r"[-_.](q\d[^/]*|iq\d[^/]*|fp8|bf16|f16|awq[^/]*|gptq[^/]*)$", "", s)
+            for suffix in ("-gguf", "_gguf", ".gguf", "gguf"):
+                if s.endswith(suffix):
+                    s = s[: -len(suffix)]
+                    break
+            cut_at = None
+            for idx, ch in enumerate(s):
+                if ch not in "-_." or idx + 1 >= len(s):
+                    continue
+                suffix = s[idx + 1:]
+                if (
+                    suffix in {"fp8", "bf16", "f16"}
+                    or suffix.startswith(("awq", "gptq", "iq"))
+                    or (suffix.startswith("q") and len(suffix) > 1 and suffix[1].isdigit())
+                ):
+                    cut_at = idx
+            if cut_at is not None:
+                s = s[:cut_at]
             return s
 
         m = catalog.get(model)
diff --git a/routes/model_routes.py b/routes/model_routes.py
index 00fdb6eb0..fb9555438 100644
--- a/routes/model_routes.py
+++ b/routes/model_routes.py
@@ -582,6 +582,18 @@ def _safe_build_headers(api_key: Optional[str], base_url: str) -> dict:
         return {"Authorization": f"Bearer {api_key}"} if api_key else {}
 
 
+def _redact_url_for_log(url: str) -> str:
+    """Return a URL safe for logs by removing userinfo and query/fragment."""
+    try:
+        parsed = urlparse(url or "")
+        host = parsed.hostname or ""
+        if parsed.port:
+            host = f"{host}:{parsed.port}"
+        return urlunparse((parsed.scheme, host, parsed.path, "", "", ""))
+    except Exception:
+        return "<endpoint>"
+
+
 def _is_discovery_only_provider(provider: str) -> bool:
     return provider == "chatgpt-subscription"
 
@@ -789,13 +801,13 @@ def _probe_endpoint(base_url: str, api_key: str = None, timeout: int = 5) -> Lis
             return [m for m in models if _is_chat_model(m)]
     except httpx.HTTPStatusError as e:
         if e.response is not None and _is_loading_model_response(e.response):
-            logger.info(f"Endpoint still loading model at {url}")
+            logger.info("Endpoint still loading model at %s", _redact_url_for_log(url))
             return []
         if api_key:
             status = e.response.status_code if e.response is not None else "unknown"
-            logger.warning(f"Failed to probe {url} with API key: HTTP {status}")
+            logger.warning("Failed to probe %s with API key: HTTP %s", _redact_url_for_log(url), status)
             return []
-        logger.warning(f"Failed to probe {url}: {e}")
+        logger.warning("Failed to probe %s: %s", _redact_url_for_log(url), e)
     except Exception as e:
         if api_key:
             logger.warning(f"Failed to probe {url} with API key: {e}")
diff --git a/src/tool_parsing.py b/src/tool_parsing.py
index 7a0638973..d140ee43b 100644
--- a/src/tool_parsing.py
+++ b/src/tool_parsing.py
@@ -61,14 +61,11 @@ _XML_DIRECT_TOOL_RE = re.compile(
 #   <｜tool▁call▁begin｜>tool_name<｜tool▁sep｜>{...}<｜tool▁call▁end｜>
 # These can leak as text through llama.cpp/Ollama-style endpoints when the
 # engine does not return structured OpenAI tool_calls.
-_STEPFUN_TOOL_CALL_RE = re.compile(
-    r"<｜tool▁call▁begin｜>\s*([A-Za-z_][\w.-]*)\s*<｜tool▁sep｜>\s*([\s\S]*?)\s*<｜tool▁call▁end｜>",
-    re.IGNORECASE,
-)
-_STEPFUN_TOOL_CALLS_WRAPPER_RE = re.compile(
-    r"</?｜tool▁calls▁(?:begin|end)｜>",
-    re.IGNORECASE,
-)
+_STEPFUN_CALL_BEGIN = "<｜tool▁call▁begin｜>"
+_STEPFUN_CALL_SEP = "<｜tool▁sep｜>"
+_STEPFUN_CALL_END = "<｜tool▁call▁end｜>"
+_STEPFUN_CALLS_BEGIN = "<｜tool▁calls▁begin｜>"
+_STEPFUN_CALLS_END = "<｜tool▁calls▁end｜>"
 
 # Pattern 4: <tool_code> blocks (MiniMax-M2.5 style)
 # {tool => 'tool_name', args => '<param>value</param>'}
@@ -508,13 +505,53 @@ def _parse_xml_direct_tool(tool_match) -> Optional[ToolBlock]:
     return function_call_to_tool_block(mapped, json.dumps(params))
 
 
-def _parse_stepfun_tool_call(call_match) -> Optional[ToolBlock]:
+def _iter_stepfun_tool_calls(text: str):
+    """Yield StepFun native tool-call token bodies without regex backtracking."""
+    pos = 0
+    while True:
+        start = text.find(_STEPFUN_CALL_BEGIN, pos)
+        if start < 0:
+            return
+        name_start = start + len(_STEPFUN_CALL_BEGIN)
+        sep = text.find(_STEPFUN_CALL_SEP, name_start)
+        if sep < 0:
+            return
+        end = text.find(_STEPFUN_CALL_END, sep + len(_STEPFUN_CALL_SEP))
+        if end < 0:
+            return
+        raw_name = text[name_start:sep].strip()
+        body = text[sep + len(_STEPFUN_CALL_SEP):end].strip()
+        if raw_name and len(raw_name) <= 128:
+            yield raw_name, body
+        pos = end + len(_STEPFUN_CALL_END)
+
+
+def _strip_stepfun_tool_markup(text: str) -> str:
+    """Remove StepFun tool-call token blocks and wrappers using literal scans."""
+    out = []
+    pos = 0
+    while True:
+        start = text.find(_STEPFUN_CALL_BEGIN, pos)
+        if start < 0:
+            out.append(text[pos:])
+            break
+        end = text.find(_STEPFUN_CALL_END, start + len(_STEPFUN_CALL_BEGIN))
+        if end < 0:
+            out.append(text[pos:])
+            break
+        out.append(text[pos:start])
+        pos = end + len(_STEPFUN_CALL_END)
+    cleaned = "".join(out)
+    return cleaned.replace(_STEPFUN_CALLS_BEGIN, "").replace(_STEPFUN_CALLS_END, "")
+
+
+def _parse_stepfun_tool_call(tool_name: str, body: str) -> Optional[ToolBlock]:
     """Parse StepFun native tool-call tokens into an Odysseus ToolBlock."""
-    tool_name = call_match.group(1).lower().replace("-", "_").replace(".", "_")
+    tool_name = tool_name.lower().replace("-", "_").replace(".", "_")
     mapped = _TOOL_NAME_MAP.get(tool_name) or (tool_name if tool_name in TOOL_TAGS else None)
     if not mapped:
         return None
-    body = call_match.group(2).strip()
+    body = (body or "").strip()
     if not body:
         return None
     try:
@@ -660,8 +697,8 @@ def parse_tool_blocks(text: str, skip_fenced: bool = False) -> List[ToolBlock]:
 
     # Pattern 3: XML-style <tool_call>/<invoke> blocks
     if not blocks:
-        for step_call in _STEPFUN_TOOL_CALL_RE.finditer(text):
-            block = _parse_stepfun_tool_call(step_call)
+        for tool_name, body in _iter_stepfun_tool_calls(text):
+            block = _parse_stepfun_tool_call(tool_name, body)
             if block:
                 blocks.append(block)
         if blocks:
@@ -733,8 +770,7 @@ def strip_tool_blocks(text: str, skip_fenced: bool = False) -> str:
     text = _normalize_dsml(text)
     cleaned = text if skip_fenced else _TOOL_BLOCK_RE.sub('', text)
     cleaned = _TOOL_CALL_RE.sub('', cleaned)
-    cleaned = _STEPFUN_TOOL_CALL_RE.sub('', cleaned)
-    cleaned = _STEPFUN_TOOL_CALLS_WRAPPER_RE.sub('', cleaned)
+    cleaned = _strip_stepfun_tool_markup(cleaned)
     cleaned = _XML_TOOL_CALL_RE.sub('', cleaned)
     cleaned = _XML_OPEN_TOOL_CALL_RE.sub('', cleaned)
     cleaned = _TOOL_CODE_RE.sub('', cleaned)
@@ -744,6 +780,6 @@ def strip_tool_blocks(text: str, skip_fenced: bool = False) -> str:
             _, (start, end) = raw_web_json
             cleaned = cleaned[:start] + cleaned[end:]
     # Strip bare <invoke> blocks not wrapped in <tool_call>
-    cleaned = re.sub(r'<invoke\s+name=["\'].*?</invoke>', '', cleaned, flags=re.DOTALL | re.IGNORECASE)
+    cleaned = _XML_INVOKE_RE.sub('', cleaned)
     cleaned = re.sub(r'\n{3,}', '\n\n', cleaned)
     return cleaned.strip()
diff --git a/static/js/cookbookRunning.js b/static/js/cookbookRunning.js
index 9fed23a8a..f2aba5641 100644
--- a/static/js/cookbookRunning.js
+++ b/static/js/cookbookRunning.js
@@ -619,7 +619,7 @@ async function _startQueuedDownload(task) {
       if (t.sessionId === data.session_id) return false;
       return !(key && t.type === 'download' && t.status === 'queued' && _downloadDedupeKey(t) === key);
     });
-    if (!found) tasks.push(_stripTaskSecrets(launchedTask));
+    if (!found) tasks.push(_redactTaskForStorage(launchedTask));
     _saveTasks(tasks);
     _renderRunningTab();
     _startBackgroundMonitor();
@@ -760,12 +760,22 @@ function _isTombstoned(id) {
   return ts != null && (Date.now() - ts) <= _TOMBSTONE_TTL_MS;
 }
 
-function _stripTaskSecrets(task) {
+function _redactStoredText(value) {
+  return String(value || '')
+    .replace(/hf_[A-Za-z0-9]{20,}/g, '[redacted-token]')
+    .replace(/((?:api[_-]?key|token|authorization|password|passwd|secret)\s*[=:]\s*)(["']?)[^\s"']+/gi, '$1$2[redacted]');
+}
+
+function _redactTaskForStorage(task) {
   if (!task || typeof task !== 'object') return task;
   const safe = { ...task };
+  if (typeof safe.output === 'string') safe.output = _redactStoredText(safe.output);
   if (safe.payload && typeof safe.payload === 'object') {
     safe.payload = { ...safe.payload };
     delete safe.payload.hf_token;
+    delete safe.payload.hfToken;
+    if (typeof safe.payload._cmd === 'string') safe.payload._cmd = _redactStoredText(safe.payload._cmd);
+    if (typeof safe.payload.cmd === 'string') safe.payload.cmd = _redactStoredText(safe.payload.cmd);
   }
   return safe;
 }
@@ -774,15 +784,14 @@ function _stripStateSecrets(state) {
   const safe = { ...state };
   if (safe.env && typeof safe.env === 'object') {
     const { hfToken, ...env } = safe.env;
-    if (hfToken) env.hfToken = hfToken;
     safe.env = env;
   }
-  if (Array.isArray(safe.tasks)) safe.tasks = safe.tasks.map(_stripTaskSecrets);
+  if (Array.isArray(safe.tasks)) safe.tasks = safe.tasks.map(_redactTaskForStorage);
   return safe;
 }
 
 export function _saveTasks(tasks) {
-  localStorage.setItem(TASKS_KEY, JSON.stringify((tasks || []).map(_stripTaskSecrets)));
+  localStorage.setItem(TASKS_KEY, JSON.stringify((tasks || []).map(_redactTaskForStorage)));
   _syncToServer();
 }
 
@@ -807,7 +816,7 @@ export function _addTask(sessionId, name, type, payload) {
       return !(key && t.type === 'download' && t.status === 'queued' && _downloadDedupeKey(t) === key);
     });
   }
-  const task = _stripTaskSecrets({ id: sessionId, sessionId, name, type, status: 'running', output: '', ts: Date.now(), payload: payload || null, remoteHost, remoteServerKey, remoteServerName, sshPort, platform });
+  const task = _redactTaskForStorage({ id: sessionId, sessionId, name, type, status: 'running', output: '', ts: Date.now(), payload: payload || null, remoteHost, remoteServerKey, remoteServerName, sshPort, platform });
   tasks.push(task);
   _saveTasks(tasks);
   // New action → collapse all other cards, leave only this one open.
@@ -1102,14 +1111,24 @@ function _presetEnvFields(task) {
   };
 }
 
+function _redactPresetForStorage(preset) {
+  if (!preset || typeof preset !== 'object') return preset;
+  const safe = { ...preset };
+  if (typeof safe.cmd === 'string') safe.cmd = _redactStoredText(safe.cmd);
+  if (typeof safe.command === 'string') safe.command = _redactStoredText(safe.command);
+  delete safe.hf_token;
+  delete safe.hfToken;
+  return safe;
+}
+
 function _saveTaskAsPreset(task, label) {
   const host = task.remoteHost || 'localhost';
   const portMatch = task.payload?._cmd?.match(/--port\s+(\d+)/);
   const port = portMatch ? portMatch[1] : '8000';
   const presets = _loadPresets();
   if (presets.some(p => p.cmd === task.payload._cmd)) return false;
-  presets.push({ name: task.name, model: task.payload.repo_id, backend: 'vllm', host, port, cmd: task.payload._cmd, remoteHost: task.remoteHost || '', label: label || task.name, ..._presetEnvFields(task) });
-  _savePresets(presets);
+  presets.push(_redactPresetForStorage({ name: task.name, model: task.payload.repo_id, backend: 'vllm', host, port, cmd: task.payload._cmd, remoteHost: task.remoteHost || '', label: label || task.name, ..._presetEnvFields(task) }));
+  _savePresets(presets.map(_redactPresetForStorage));
   return true;
 }
 
@@ -1152,7 +1171,7 @@ function _autoSaveWorkingConfig(task) {
   const existing = presets.find(p => p.cmd === cmd);
   if (existing) {
     task._autoSaved = true;
-    if (!existing.confirmedWorking) { existing.confirmedWorking = true; _savePresets(presets); }
+    if (!existing.confirmedWorking) { existing.confirmedWorking = true; _savePresets(presets.map(_redactPresetForStorage)); }
     return;   // already saved → just confirm it, no duplicate, no toast
   }
   // Respect the per-model cap the manual save flow uses (max 5).
@@ -1160,13 +1179,13 @@ function _autoSaveWorkingConfig(task) {
   const host = task.remoteHost || 'localhost';
   const portMatch = cmd.match(/--port[=\s]+(\d+)/);
   const port = portMatch ? portMatch[1] : '8000';
-  presets.push({
+  presets.push(_redactPresetForStorage({
     name: task.name, model, backend: 'vllm', host, port,
     cmd, remoteHost: task.remoteHost || '',
     label: _autoConfigLabel(task), confirmedWorking: true, autoSaved: true,
     ..._presetEnvFields(task),
-  });
-  _savePresets(presets);
+  }));
+  _savePresets(presets.map(_redactPresetForStorage));
   task._autoSaved = true;
   uiModule.showToast('Saved working config');
 }
@@ -1252,7 +1271,7 @@ export async function _syncFromServer() {
         merged.push(t);
       }
     }
-    localStorage.setItem(TASKS_KEY, JSON.stringify(merged.map(_stripTaskSecrets)));
+    localStorage.setItem(TASKS_KEY, JSON.stringify(merged.map(_redactTaskForStorage)));
 
     if (state.env) {
       // The active server selection (remoteHost + its env/path/platform) is a
@@ -3711,7 +3730,7 @@ async function _pollBackgroundStatus() {
             }
           }
           if (added > 0) {
-            localStorage.setItem(TASKS_KEY, JSON.stringify(merged.map(_stripTaskSecrets)));
+            localStorage.setItem(TASKS_KEY, JSON.stringify(merged.map(_redactTaskForStorage)));
             _renderRunningTab();
           }
         }
diff --git a/static/js/cookbookServe.js b/static/js/cookbookServe.js
index 5ebeb0aaf..06a990b82 100644
--- a/static/js/cookbookServe.js
+++ b/static/js/cookbookServe.js
@@ -61,6 +61,28 @@ function _saveServeFavorites(favorites) {
   } catch {}
 }
 
+function _redactStoredCommand(value) {
+  return String(value || '')
+    .replace(/hf_[A-Za-z0-9]{20,}/g, '[redacted-token]')
+    .replace(/((?:api[_-]?key|token|authorization|password|passwd|secret)\s*[=:]\s*)(["']?)[^\s"']+/gi, '$1$2[redacted]');
+}
+
+function _redactServeStateForStorage(value) {
+  if (!value || typeof value !== 'object') return value;
+  if (Array.isArray(value)) return value.map(_redactServeStateForStorage);
+  const safe = { ...value };
+  for (const key of Object.keys(safe)) {
+    if (/token|password|passwd|secret|api[_-]?key/i.test(key)) {
+      delete safe[key];
+    } else if (typeof safe[key] === 'string' && /cmd|command|args|env/i.test(key)) {
+      safe[key] = _redactStoredCommand(safe[key]);
+    } else if (safe[key] && typeof safe[key] === 'object') {
+      safe[key] = _redactServeStateForStorage(safe[key]);
+    }
+  }
+  return safe;
+}
+
 function _isServeFavorite(repo) {
   return _loadServeFavorites().has(String(repo || ''));
 }
@@ -2118,7 +2140,7 @@ function _rerenderCachedModels() {
           if (el.type === 'checkbox') fields[el.dataset.field] = el.checked;
           else fields[el.dataset.field] = el.value;
         });
-        presets.push({ name: shortName, model: repo, cmd, remoteHost: host, port: fields.port || '8000', label, fields });
+        presets.push(_redactServeStateForStorage({ name: shortName, model: repo, cmd, remoteHost: host, port: fields.port || '8000', label, fields }));
         _savePresets(presets);
         uiModule.showToast(`Saved "${label}"`);
         _updateSavedToggleLabel();
@@ -2209,7 +2231,7 @@ function _rerenderCachedModels() {
             const target = _presetsForModel(cur, repo)[slotIdx];
             if (target) {
               target.favorite = !target.favorite;
-              _savePresets(cur);
+              _savePresets(cur.map(_redactServeStateForStorage));
               uiModule.showToast(target.favorite ? 'Favorited — pinned to top' : 'Unfavorited');
               _showSavedConfigMenu(anchor);
             }
@@ -2223,7 +2245,7 @@ function _rerenderCachedModels() {
             if (toRemove) {
               const gi = cur.indexOf(toRemove);
               if (gi >= 0) cur.splice(gi, 1);
-              _savePresets(cur);
+              _savePresets(cur.map(_redactServeStateForStorage));
             }
             uiModule.showToast(`Deleted "${label}"`);
             _updateSavedToggleLabel();
@@ -3205,7 +3227,7 @@ function _rerenderCachedModels() {
           const _saved = { ...serveState, _forceBackend: true };
           delete _saved._replaceTaskId;
           byRepo[repo] = _saved;
-          localStorage.setItem(SERVE_STATE_KEY, JSON.stringify({ _byRepo: byRepo, _lastUsed: _saved }));
+          localStorage.setItem(SERVE_STATE_KEY, JSON.stringify(_redactServeStateForStorage({ _byRepo: byRepo, _lastUsed: _saved })));
         } catch {}
         const origEnv = _envState.env;
         const origEnvPath = _envState.envPath;
@@ -3352,6 +3374,7 @@ async function _deleteCachedModel(repo, itemEl, skipConfirm = false, model = nul
   const host = _resolveCacheHost();
   let cmd;
   if (_isWindows()) {
+    const _psSingleQuote = (value) => `'${String(value || '').replace(/'/g, "''")}'`;
     const winTarget = target.startsWith('~')
       ? target.replace(/^~/, '$env:USERPROFILE').replace(/\//g, '\\')
       : target.replace(/\//g, '\\');
@@ -3361,9 +3384,9 @@ async function _deleteCachedModel(repo, itemEl, skipConfirm = false, model = nul
         .filter(Boolean)
         .map(rel => `${winTarget}\\${rel.replace(/\//g, '\\')}`);
       if (!targets.length) return;
-      cmd = targets.map(p => `Remove-Item -Force "${p.replace(/"/g, '\\"')}" -ErrorAction SilentlyContinue`).join('; ');
+      cmd = targets.map(p => `Remove-Item -Force ${_psSingleQuote(p)} -ErrorAction SilentlyContinue`).join('; ');
     } else {
-      cmd = `Remove-Item -Recurse -Force "${winTarget}" -ErrorAction SilentlyContinue`;
+      cmd = `Remove-Item -Recurse -Force ${_psSingleQuote(winTarget)} -ErrorAction SilentlyContinue`;
     }
     if (host) {
       const pf = _sshPrefix(_getPort(host));
@@ -3490,7 +3513,7 @@ export async function openServePanelForRepo(repo, fields) {
       // overridable defaults.
       const _seeded = { ...fields, _forceBackend: true };
       byRepo[repo] = _seeded;
-      localStorage.setItem(SERVE_STATE_KEY, JSON.stringify({ _byRepo: byRepo, _lastUsed: _seeded }));
+      localStorage.setItem(SERVE_STATE_KEY, JSON.stringify(_redactServeStateForStorage({ _byRepo: byRepo, _lastUsed: _seeded })));
     } catch {}
   }
   // Switch to the Serve tab (its click handler triggers _fetchCachedModels).
diff --git a/static/js/notes.js b/static/js/notes.js
index 3b5a4e555..e7e3a7ded 100644
--- a/static/js/notes.js
+++ b/static/js/notes.js
@@ -1825,13 +1825,13 @@ function _renderNotes() {
         const agentTitle = agentStatus === 'stream_complete'
           ? 'Agent stream finished for this todo'
           : (agentStatus === 'running' ? 'Agent is working on this todo' : 'Solve this todo with the agent');
-        const agentSessionAttr = item.agent_session_id ? ` data-session-id="${_esc(item.agent_session_id)}"` : '';
+        const agentSessionAttr = item.agent_session_id ? ` data-session-id="${_attrEsc(item.agent_session_id)}"` : '';
         const agentMenuTitle = item.agent_session_title || `Agent: ${(item.text || '').slice(0, 40)}`;
         const indent = Math.min(item.indent || 0, 3);
         contentHtml += `<div class="note-checkbox${doneClass}" data-note-id="${note.id}" data-idx="${i}" style="padding-left:${indent * 16}px">
           <span class="note-check-dot" title="Mark done"></span>
           <span class="note-check-text">${_linkify(item.text)}</span>
-          <button class="note-checkbox-agent${agentDoneClass}" data-note-id="${note.id}" data-idx="${i}"${agentSessionAttr} data-agent-title="${_attrEsc(agentMenuTitle)}" title="${agentTitle}">
+          <button class="note-checkbox-agent${agentDoneClass}" data-note-id="${_attrEsc(note.id)}" data-idx="${i}"${agentSessionAttr} data-agent-title="${_attrEsc(agentMenuTitle)}" title="${_attrEsc(agentTitle)}">
             <svg width="10" height="10" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M12 8V4H8"/><rect x="4" y="8" width="16" height="12" rx="2"/><path d="M2 14h2M20 14h2M15 13v2M9 13v2"/></svg>
           </button>
           <button class="note-checkbox-rm" data-note-id="${note.id}" data-idx="${i}" title="Delete item">

From 993d504de3bc65a59f71075e4d76813301ae22eb Mon Sep 17 00:00:00 2001
From: pewdiepie-archdaemon <pewdiepie-archdaemon@users.noreply.github.com>
Date: Mon, 22 Jun 2026 02:45:05 +0000
Subject: [PATCH 22/22] Clear remaining CodeQL path and parser alerts

---
 routes/email_routes.py | 39 ++++++++++++++++++++++++++++++---------
 src/tool_parsing.py    | 24 +++++++++++++++++++++++-
 2 files changed, 53 insertions(+), 10 deletions(-)

diff --git a/routes/email_routes.py b/routes/email_routes.py
index 1a45eaf00..77be0cdeb 100644
--- a/routes/email_routes.py
+++ b/routes/email_routes.py
@@ -1645,13 +1645,12 @@ def setup_email_routes():
                 return {"error": f"Attachment index {index} not found"}
 
             from pathlib import Path as _Path
-            target_root = _Path(target_dir).resolve()
-            filepath = _Path(filepath).resolve()
-            try:
-                filepath.relative_to(target_root)
-            except ValueError:
+            target_root = os.path.abspath(str(target_dir))
+            filepath_str = os.path.abspath(str(filepath))
+            if os.path.commonpath([target_root, filepath_str]) != target_root:
                 logger.warning("Rejected attachment path outside extraction dir: %s", filepath)
                 return {"error": "Invalid attachment path"}
+            filepath = _Path(filepath_str)
             base = _Path(filepath).name
             if base.startswith("."):
                 return {"error": "Invalid filename", "filename": base}
@@ -1728,8 +1727,7 @@ def setup_email_routes():
                 _tag_doc_with_source(doc_id)
                 return doc_id
 
-            def _attached_email_markdown(path):
-                raw_bytes = path.read_bytes()
+            def _attached_email_markdown(raw_bytes: bytes):
                 if not raw_bytes:
                     return f"# Attached email: {base}\n\n_(empty email attachment)_"
                 try:
@@ -1814,9 +1812,32 @@ def setup_email_routes():
 
             # ── Attached email (.eml / message/rfc822) ────────────────
             if ext == ".eml":
+                def _attachment_bytes_from_msg():
+                    if not msg.is_multipart():
+                        return b""
+                    idx = 0
+                    for part in msg.walk():
+                        cd = str(part.get("Content-Disposition", ""))
+                        ct = part.get_content_type()
+                        is_attached_email = ct == "message/rfc822" and ("attachment" in cd.lower() or part.get_filename())
+                        if part.is_multipart() and not is_attached_email:
+                            continue
+                        if ct in ("text/plain", "text/html") and "attachment" not in cd:
+                            continue
+                        if idx == index:
+                            payload = part.get_payload(decode=True)
+                            if payload is None and ct == "message/rfc822":
+                                try:
+                                    payload = part.as_bytes()
+                                except Exception:
+                                    payload = b""
+                            return payload or b""
+                        idx += 1
+                    return b""
+
                 try:
-                    content = _attached_email_markdown(filepath)
-                except Exception as e:
+                    content = _attached_email_markdown(_attachment_bytes_from_msg())
+                except Exception:
                     logger.exception("Failed to read email attachment %s", base)
                     return {"error": "Failed to read email attachment", "filename": base}
                 doc_id = _create_markdown_doc(content, "Imported attached email")
diff --git a/src/tool_parsing.py b/src/tool_parsing.py
index d140ee43b..4b19d9236 100644
--- a/src/tool_parsing.py
+++ b/src/tool_parsing.py
@@ -545,6 +545,28 @@ def _strip_stepfun_tool_markup(text: str) -> str:
     return cleaned.replace(_STEPFUN_CALLS_BEGIN, "").replace(_STEPFUN_CALLS_END, "")
 
 
+def _strip_bare_invoke_markup(text: str) -> str:
+    """Remove bare <invoke ...>...</invoke> blocks without regex backtracking."""
+    out = []
+    pos = 0
+    while True:
+        start = text.lower().find("<invoke", pos)
+        if start < 0:
+            out.append(text[pos:])
+            break
+        tag_end = text.find(">", start)
+        if tag_end < 0:
+            out.append(text[pos:])
+            break
+        close = text.lower().find("</invoke>", tag_end + 1)
+        if close < 0:
+            out.append(text[pos:])
+            break
+        out.append(text[pos:start])
+        pos = close + len("</invoke>")
+    return "".join(out)
+
+
 def _parse_stepfun_tool_call(tool_name: str, body: str) -> Optional[ToolBlock]:
     """Parse StepFun native tool-call tokens into an Odysseus ToolBlock."""
     tool_name = tool_name.lower().replace("-", "_").replace(".", "_")
@@ -780,6 +802,6 @@ def strip_tool_blocks(text: str, skip_fenced: bool = False) -> str:
             _, (start, end) = raw_web_json
             cleaned = cleaned[:start] + cleaned[end:]
     # Strip bare <invoke> blocks not wrapped in <tool_call>
-    cleaned = _XML_INVOKE_RE.sub('', cleaned)
+    cleaned = _strip_bare_invoke_markup(cleaned)
     cleaned = re.sub(r'\n{3,}', '\n\n', cleaned)
     return cleaned.strip()