From 4c186c20b9a5a3a95768d9a609c93df37991c663 Mon Sep 17 00:00:00 2001
From: Vidar Holen <spam@vidarholen.net>
Date: Sat, 6 Nov 2021 23:18:19 -0700
Subject: [PATCH 001/244] Post-release CHANGELOG update

---
 CHANGELOG.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9118671..f65bbfa 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,11 @@
+## Git
+### Added
+
+### Fixed
+
+### Changed
+
+
 ## v0.8.0 - 2021-11-06
 ### Added
 - `disable=all` now conveniently disables all warnings

From c5de58ae84954b1c773bfe2b3710daf0d7e92fbd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ville=20Skytt=C3=A4?= <ville.skytta@iki.fi>
Date: Sat, 13 Nov 2021 12:50:53 +0200
Subject: [PATCH 002/244] Comment spelling fixes

---
 src/ShellCheck/AnalyzerLib.hs     | 2 +-
 src/ShellCheck/Checks/Commands.hs | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/ShellCheck/AnalyzerLib.hs b/src/ShellCheck/AnalyzerLib.hs
index 687859f..5f77fba 100644
--- a/src/ShellCheck/AnalyzerLib.hs
+++ b/src/ShellCheck/AnalyzerLib.hs
@@ -351,7 +351,7 @@ isQuoteFreeNode strict shell tree t =
             T_SelectIn {}                   -> return (not strict)
             _                               -> Nothing
 
-    -- Check whether this assigment is self-quoting due to being a recognized
+    -- Check whether this assignment is self-quoting due to being a recognized
     -- assignment passed to a Declaration Utility. This will soon be required
     -- by POSIX: https://austingroupbugs.net/view.php?id=351
     assignmentIsQuoting t = shellParsesParamsAsAssignments || not (isAssignmentParamToCommand t)
diff --git a/src/ShellCheck/Checks/Commands.hs b/src/ShellCheck/Checks/Commands.hs
index 5a29a26..1a48a28 100644
--- a/src/ShellCheck/Checks/Commands.hs
+++ b/src/ShellCheck/Checks/Commands.hs
@@ -735,7 +735,7 @@ getPrintfFormats = getFormats
         --            \____ _____/\___ ____/   \____ ____/\_________ _________/ \______ /
         --                 V          V             V               V               V
         --               flags    field width  precision   format character        rest
-        -- field width and precision can be specified with a '*' instead of a digit,
+        -- field width and precision can be specified with an '*' instead of a digit,
         -- in which case printf will accept one more argument for each '*' used
 
 

From d9a9d5db86122d608b1a6929609e799d175e6aa6 Mon Sep 17 00:00:00 2001
From: Vidar Holen <spam@vidarholen.net>
Date: Sun, 14 Nov 2021 16:39:32 -0800
Subject: [PATCH 003/244] Mark prefix/postfix inc/dec as integers (fixes #2376)

---
 src/ShellCheck/Analytics.hs   | 3 ++-
 src/ShellCheck/AnalyzerLib.hs | 8 +++-----
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 652c2fb..188d683 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -2049,6 +2049,8 @@ prop_checkSpacefulness43= verifyNotTree checkSpacefulness "$foo=42"
 prop_checkSpacefulness44= verifyTree checkSpacefulness "#!/bin/sh\nexport var=$value"
 prop_checkSpacefulness45= verifyNotTree checkSpacefulness "wait -zzx -p foo; echo $foo"
 prop_checkSpacefulness46= verifyNotTree checkSpacefulness "x=0; (( x += 1 )); echo $x"
+prop_checkSpacefulness47= verifyNotTree checkSpacefulness "x=0; (( x-- )); echo $x"
+prop_checkSpacefulness48= verifyNotTree checkSpacefulness "x=0; (( ++x )); echo $x"
 
 data SpaceStatus = SpaceSome | SpaceNone | SpaceEmpty deriving (Eq)
 instance Semigroup SpaceStatus where
@@ -2139,7 +2141,6 @@ checkSpacefulness' onFind params t =
       where
         emit x = tell [x]
 
-    writeF _ (TA_Assignment {}) name _ = setSpaces name SpaceNone >> return []
     writeF _ _ name (DataString SourceExternal) = setSpaces name SpaceSome >> return []
     writeF _ _ name (DataString SourceInteger) = setSpaces name SpaceNone >> return []
 
diff --git a/src/ShellCheck/AnalyzerLib.hs b/src/ShellCheck/AnalyzerLib.hs
index 687859f..9b53f9f 100644
--- a/src/ShellCheck/AnalyzerLib.hs
+++ b/src/ShellCheck/AnalyzerLib.hs
@@ -511,13 +511,11 @@ getModifiedVariables t =
         T_SimpleCommand {} ->
             getModifiedVariableCommand t
 
-        TA_Unary _ "++|" v@(TA_Variable _ name _)  ->
-            [(t, v, name, DataString $ SourceFrom [v])]
-        TA_Unary _ "|++" v@(TA_Variable _ name _)  ->
-            [(t, v, name, DataString $ SourceFrom [v])]
+        TA_Unary _ op v@(TA_Variable _ name _) | "--" `isInfixOf` op || "++" `isInfixOf` op ->
+            [(t, v, name, DataString SourceInteger)]
         TA_Assignment _ op (TA_Variable _ name _) rhs -> do
             guard $ op `elem` ["=", "*=", "/=", "%=", "+=", "-=", "<<=", ">>=", "&=", "^=", "|="]
-            return (t, t, name, DataString $ SourceFrom [rhs])
+            return (t, t, name, DataString SourceInteger)
 
         T_BatsTest {} -> [
             (t, t, "lines", DataArray SourceExternal),

From 499c99372eaef411fc5223393c6799005eebc085 Mon Sep 17 00:00:00 2001
From: Vidar Holen <spam@vidarholen.net>
Date: Sun, 14 Nov 2021 21:34:21 -0800
Subject: [PATCH 004/244] Rewrite SC2032 warning and mention line number (fixes
 #2353)

---
 src/ShellCheck/Analytics.hs | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 188d683..4a7f364 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -2297,7 +2297,7 @@ checkFunctionsUsedExternally params t =
                 let args = skipOver t argv
                 let argStrings = map (\x -> (fromMaybe "" $ getLiteralString x, x)) args
                 let candidates = getPotentialCommands name argStrings
-                mapM_ (checkArg name) candidates
+                mapM_ (checkArg name (getId t)) candidates
             _ -> return ()
     checkCommand _ _ = return ()
 
@@ -2323,14 +2323,19 @@ checkFunctionsUsedExternally params t =
 
     functionsAndAliases = Map.union (functions t) (aliases t)
 
-    checkArg cmd (_, arg) = sequence_ $ do
+    patternContext id =
+        case posLine . fst <$> Map.lookup id (tokenPositions params) of
+          Just l -> " on line " <> show l <> "."
+          _      -> "."
+
+    checkArg cmd cmdId (_, arg) = sequence_ $ do
         literalArg <- getUnquotedLiteral arg  -- only consider unquoted literals
         definitionId <- Map.lookup literalArg functionsAndAliases
         return $ do
             warn (getId arg) 2033
-              "Shell functions can't be passed to external commands."
+              "Shell functions can't be passed to external commands. Use separate script or sh -c."
             info definitionId 2032 $
-              "Use own script or sh -c '..' to run this from " ++ cmd ++ "."
+              "This function can't be invoked via " ++ cmd ++ patternContext cmdId
 
 prop_checkUnused0 = verifyNotTree checkUnusedAssignments "var=foo; echo $var"
 prop_checkUnused1 = verifyTree checkUnusedAssignments "var=foo; echo $bar"

From 9092080a84af694f1a1fbc1d59f89d296f362069 Mon Sep 17 00:00:00 2001
From: Martin Schulze <martin.schulze@vireso.de>
Date: Mon, 15 Nov 2021 11:49:36 +0100
Subject: [PATCH 005/244] bats: Add check for useless negation (SC2314/15)

---
 src/ShellCheck/Analytics.hs | 43 +++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 4a7f364..7c31137 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -199,6 +199,7 @@ nodeChecks = [
     ,checkComparisonWithLeadingX
     ,checkCommandWithTrailingSymbol
     ,checkUnquotedParameterExpansionPattern
+    ,checkBatsTestDoesNotUseNegation
     ]
 
 optionalChecks = map fst optionalTreeChecks
@@ -4863,5 +4864,47 @@ checkExtraMaskedReturns params t = runNodeAnalysis findMaskingNodes params t
     hasParent pred t = any (uncurry pred) (parentChildPairs t)
 
 
+-- hard error on negated command that is not last
+prop_checkBatsTestDoesNotUseNegation1 = verify checkBatsTestDoesNotUseNegation "#!/usr/bin/env/bats\n@test \"name\" { ! true;  false; }"
+prop_checkBatsTestDoesNotUseNegation2 = verify checkBatsTestDoesNotUseNegation "#!/usr/bin/env/bats\n@test \"name\" { ! [[ -e test ]]; false; }"
+prop_checkBatsTestDoesNotUseNegation3 = verify checkBatsTestDoesNotUseNegation "#!/usr/bin/env/bats\n@test \"name\" { ! [ -e test ]; false; }"
+-- acceptable formats: 
+--     using run
+prop_checkBatsTestDoesNotUseNegation4 = verifyNot checkBatsTestDoesNotUseNegation "#!/usr/bin/env/bats\n@test \"name\" { run ! true; }"
+--     using || false
+prop_checkBatsTestDoesNotUseNegation5 = verifyNot checkBatsTestDoesNotUseNegation "#!/usr/bin/env/bats\n@test \"name\" { ! [[ -e test ]] || false; }"
+prop_checkBatsTestDoesNotUseNegation6 = verifyNot checkBatsTestDoesNotUseNegation "#!/usr/bin/env/bats\n@test \"name\" { ! [ -e test ] || false; }"
+-- only style warning when last command
+prop_checkBatsTestDoesNotUseNegation7 = verifyCodes checkBatsTestDoesNotUseNegation [2314] "#!/usr/bin/env/bats\n@test \"name\" { ! true; }"
+prop_checkBatsTestDoesNotUseNegation8 = verifyCodes checkBatsTestDoesNotUseNegation [2315] "#!/usr/bin/env/bats\n@test \"name\" { ! [[ -e test ]]; }"
+prop_checkBatsTestDoesNotUseNegation9 = verifyCodes checkBatsTestDoesNotUseNegation [2315] "#!/usr/bin/env/bats\n@test \"name\" { ! [ -e test ]; }"
+
+checkBatsTestDoesNotUseNegation params t =
+    case t of
+        T_BatsTest _ _ (T_BraceGroup _ commands) -> mapM_ (check commands) commands
+        _ -> return ()
+  where
+    check commands t =
+        case t of
+            T_Banged id (T_Pipeline _ _ [T_Redirecting _ _ (T_Condition idCondition _ _)]) -> 
+                                if t `isLastOf` commands
+                                then style id 2315 "In Bats, ! will not fail the test if it is not the last command anymore. Fold the `!` into the conditional!"
+                                else err id 2315
+                                        "In Bats, ! does not cause a test failure. Fold the `!` into the conditional!"
+                                    
+            T_Banged id cmd -> if t `isLastOf` commands
+                                then styleWithFix id 2314
+                                                "In Bats, ! will not fail the test if it is not the last command anymore. Use `run ! ` (on Bats >= 1.5.0) instead."
+                                                (fixWith [replaceStart id params 0 "run "])
+                                else errWithFix id 2314
+                                                "In Bats, ! does not cause a test failure. Use 'run ! ' (on Bats >= 1.5.0) instead."
+                                                (fixWith [replaceStart id params 0 "run "])
+            _ -> return ()
+    isLastOf t commands = 
+        case commands of
+            [x] -> x == t
+            x:rest -> isLastOf t rest
+            [] -> False
+
 return []
 runTests =  $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |])

From d7971dafd1539de37bb29cb554d5fd4f4b95553b Mon Sep 17 00:00:00 2001
From: Vidar Holen <spam@vidarholen.net>
Date: Sat, 4 Dec 2021 17:37:12 -0800
Subject: [PATCH 006/244] Minor formatting fixes

---
 src/ShellCheck/Analytics.hs | 17 +++++++----------
 1 file changed, 7 insertions(+), 10 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 7c31137..d48104e 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -4868,7 +4868,7 @@ checkExtraMaskedReturns params t = runNodeAnalysis findMaskingNodes params t
 prop_checkBatsTestDoesNotUseNegation1 = verify checkBatsTestDoesNotUseNegation "#!/usr/bin/env/bats\n@test \"name\" { ! true;  false; }"
 prop_checkBatsTestDoesNotUseNegation2 = verify checkBatsTestDoesNotUseNegation "#!/usr/bin/env/bats\n@test \"name\" { ! [[ -e test ]]; false; }"
 prop_checkBatsTestDoesNotUseNegation3 = verify checkBatsTestDoesNotUseNegation "#!/usr/bin/env/bats\n@test \"name\" { ! [ -e test ]; false; }"
--- acceptable formats: 
+-- acceptable formats:
 --     using run
 prop_checkBatsTestDoesNotUseNegation4 = verifyNot checkBatsTestDoesNotUseNegation "#!/usr/bin/env/bats\n@test \"name\" { run ! true; }"
 --     using || false
@@ -4886,21 +4886,18 @@ checkBatsTestDoesNotUseNegation params t =
   where
     check commands t =
         case t of
-            T_Banged id (T_Pipeline _ _ [T_Redirecting _ _ (T_Condition idCondition _ _)]) -> 
+            T_Banged id (T_Pipeline _ _ [T_Redirecting _ _ (T_Condition idCondition _ _)]) ->
                                 if t `isLastOf` commands
                                 then style id 2315 "In Bats, ! will not fail the test if it is not the last command anymore. Fold the `!` into the conditional!"
-                                else err id 2315
-                                        "In Bats, ! does not cause a test failure. Fold the `!` into the conditional!"
-                                    
+                                else err   id 2315 "In Bats, ! does not cause a test failure. Fold the `!` into the conditional!"
+
             T_Banged id cmd -> if t `isLastOf` commands
-                                then styleWithFix id 2314
-                                                "In Bats, ! will not fail the test if it is not the last command anymore. Use `run ! ` (on Bats >= 1.5.0) instead."
+                                then styleWithFix id 2314 "In Bats, ! will not fail the test if it is not the last command anymore. Use `run ! ` (on Bats >= 1.5.0) instead."
                                                 (fixWith [replaceStart id params 0 "run "])
-                                else errWithFix id 2314
-                                                "In Bats, ! does not cause a test failure. Use 'run ! ' (on Bats >= 1.5.0) instead."
+                                else errWithFix   id 2314 "In Bats, ! does not cause a test failure. Use 'run ! ' (on Bats >= 1.5.0) instead."
                                                 (fixWith [replaceStart id params 0 "run "])
             _ -> return ()
-    isLastOf t commands = 
+    isLastOf t commands =
         case commands of
             [x] -> x == t
             x:rest -> isLastOf t rest

From 3a118246ef2e6e37129cb0f1c0d1dae319385520 Mon Sep 17 00:00:00 2001
From: Rune Juhl Jacobsen <runejuhl@petardo.dk>
Date: Tue, 14 Dec 2021 16:00:47 +0100
Subject: [PATCH 007/244] Fix bug in 2126 when using after/before flags with
 grep

Using `--after-context`/`-A` or `--before-context`/`-B` would give a warning
recommending the user to use `grep -c`, even though that would give a different
result than using `grep | wc -l`:

```fundamental
$ echo -e "1\n2\n3" | grep -cA 3 1
1
$ echo -e "1\n2\n3" | grep -A 3 1 | wc -l
3
```
---
 src/ShellCheck/Analytics.hs | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index d48104e..e6e47ea 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -545,6 +545,10 @@ prop_checkPipePitfalls15 = verifyNot checkPipePitfalls "foo | grep bar | wc -cmw
 prop_checkPipePitfalls16 = verifyNot checkPipePitfalls "foo | grep -r bar | wc -l"
 prop_checkPipePitfalls17 = verifyNot checkPipePitfalls "foo | grep -l bar | wc -l"
 prop_checkPipePitfalls18 = verifyNot checkPipePitfalls "foo | grep -L bar | wc -l"
+prop_checkPipePitfalls19 = verifyNot checkPipePitfalls "foo | grep -A2 bar | wc -l"
+prop_checkPipePitfalls20 = verifyNot checkPipePitfalls "foo | grep -B999 bar | wc -l"
+prop_checkPipePitfalls21 = verifyNot checkPipePitfalls "foo | grep --after-context 999 bar | wc -l"
+prop_checkPipePitfalls22 = verifyNot checkPipePitfalls "foo | grep -B 1 --after-context 999 bar | wc -l"
 checkPipePitfalls _ (T_Pipeline id _ commands) = do
     for ["find", "xargs"] $
         \(find:xargs:_) ->
@@ -566,10 +570,10 @@ checkPipePitfalls _ (T_Pipeline id _ commands) = do
             let flagsGrep = maybe [] (map snd . getAllFlags) $ getCommand grep
                 flagsWc = maybe [] (map snd . getAllFlags) $ getCommand wc
             in
-                unless (any (`elem` ["l", "files-with-matches", "L", "files-without-matches", "o", "only-matching", "r", "R", "recursive"]) flagsGrep
+                unless (any (`elem` ["l", "files-with-matches", "L", "files-without-matches", "o", "only-matching", "r", "R", "recursive", "A", "after-context", "B", "before-context"]) flagsGrep
                         || any (`elem` ["m", "chars", "w", "words", "c", "bytes", "L", "max-line-length"]) flagsWc
                         || null flagsWc) $
-                    style (getId grep) 2126 "Consider using grep -c instead of grep|wc -l."
+                    style (getId grep) 2126 "Consider using 'grep -c' instead of 'grep|wc -l'."
 
     didLs <- fmap or . sequence $ [
         for' ["ls", "grep"] $

From e6e558946ca70985dfe1ac905af19e615cbc4cc6 Mon Sep 17 00:00:00 2001
From: Vidar Holen <spam@vidarholen.net>
Date: Tue, 21 Dec 2021 14:07:46 -0800
Subject: [PATCH 008/244] Improve decoding of single quoted literals (fixes
 #2418)

---
 src/ShellCheck/ASTLib.hs | 35 ++++++++++++++++++++++++++++-------
 1 file changed, 28 insertions(+), 7 deletions(-)

diff --git a/src/ShellCheck/ASTLib.hs b/src/ShellCheck/ASTLib.hs
index 83ba5f8..7c88432 100644
--- a/src/ShellCheck/ASTLib.hs
+++ b/src/ShellCheck/ASTLib.hs
@@ -369,6 +369,21 @@ getGlobOrLiteralString = getLiteralStringExt f
     f (T_Glob _ str) = return str
     f _ = Nothing
 
+
+prop_getLiteralString1 = getLiteralString (T_DollarSingleQuoted (Id 0) "\\x01") == Just "\1"
+prop_getLiteralString2 = getLiteralString (T_DollarSingleQuoted (Id 0) "\\xyz") == Just "\\xyz"
+prop_getLiteralString3 = getLiteralString (T_DollarSingleQuoted (Id 0) "\\x1") == Just "\x1"
+prop_getLiteralString4 = getLiteralString (T_DollarSingleQuoted (Id 0) "\\x1y") == Just "\x1y"
+prop_getLiteralString5 = getLiteralString (T_DollarSingleQuoted (Id 0) "\\xy") == Just "\\xy"
+prop_getLiteralString6 = getLiteralString (T_DollarSingleQuoted (Id 0) "\\x") == Just "\\x"
+prop_getLiteralString7 = getLiteralString (T_DollarSingleQuoted (Id 0) "\\1x") == Just "\1x"
+prop_getLiteralString8 = getLiteralString (T_DollarSingleQuoted (Id 0) "\\12x") == Just "\o12x"
+prop_getLiteralString9 = getLiteralString (T_DollarSingleQuoted (Id 0) "\\123x") == Just "\o123x"
+prop_getLiteralString10 = getLiteralString (T_DollarSingleQuoted (Id 0) "\\1234") == Just "\o123\&4"
+prop_getLiteralString11 = getLiteralString (T_DollarSingleQuoted (Id 0) "\\1") == Just "\1"
+prop_getLiteralString12 = getLiteralString (T_DollarSingleQuoted (Id 0) "\\12") == Just "\o12"
+prop_getLiteralString13 = getLiteralString (T_DollarSingleQuoted (Id 0) "\\123") == Just "\o123"
+
 -- Maybe get the literal value of a token, using a custom function
 -- to map unrecognized Tokens into strings.
 getLiteralStringExt :: Monad m => (Token -> m String) -> Token -> m String
@@ -401,14 +416,15 @@ getLiteralStringExt more = g
             '\\' -> '\\' : rest
             'x' ->
                 case cs of
-                    (x:y:more) ->
-                        if isHexDigit x && isHexDigit y
-                        then chr (16*(digitToInt x) + (digitToInt y)) : rest
-                        else '\\':c:rest
+                    (x:y:more) | isHexDigit x && isHexDigit y ->
+                        chr (16*(digitToInt x) + (digitToInt y)) : decodeEscapes more
+                    (x:more) | isHexDigit x ->
+                        chr (digitToInt x) : decodeEscapes more
+                    more -> '\\' : 'x' : decodeEscapes more
             _ | isOctDigit c ->
-                let digits = take 3 $ takeWhile isOctDigit (c:cs)
-                    num = parseOct digits
-                in (if num < 256 then chr num else '?') : rest
+                let (digits, more) = spanMax isOctDigit 3 (c:cs)
+                    num = (parseOct digits) `mod` 256
+                in (chr num) : decodeEscapes more
             _ -> '\\' : c : rest
       where
         rest = decodeEscapes cs
@@ -416,6 +432,11 @@ getLiteralStringExt more = g
           where
             f n "" = n
             f n (c:rest) = f (n * 8 + digitToInt c) rest
+        spanMax f n list =
+            let (first, second) = span f list
+                (prefix, suffix) = splitAt n first
+            in
+                (prefix, suffix ++ second)
     decodeEscapes (c:cs) = c : decodeEscapes cs
     decodeEscapes [] = []
 

From ade2bf7b871362c9c30878294aef8ab775f3ea07 Mon Sep 17 00:00:00 2001
From: Vidar Holen <spam@vidarholen.net>
Date: Sun, 9 Jan 2022 16:50:50 -0800
Subject: [PATCH 009/244] Allow parsing [[ x = ["$y"] ]] (fixes #2165)

---
 src/ShellCheck/Parser.hs | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 92eb61f..8fbdb5a 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -556,7 +556,7 @@ readConditionContents single =
         notFollowedBy2 (try (spacing >> string "]"))
         x <- readNormalWord
         pos <- getPosition
-        when (endedWith "]" x && notArrayIndex x) $ do
+        when (notArrayIndex x && endedWith "]" x && not (x `containsLiteral` "[")) $ do
             parseProblemAt pos ErrorC 1020 $
                 "You need a space before the " ++ (if single then "]" else "]]") ++ "."
             fail "Missing space before ]"
@@ -572,6 +572,7 @@ readConditionContents single =
             endedWith _ _ = False
             notArrayIndex (T_NormalWord id s@(_:T_Literal _ t:_)) = t /= "["
             notArrayIndex _ = True
+            containsLiteral x s = s `isInfixOf` onlyLiteralString x
 
     readCondAndOp = readAndOrOp TC_And "&&" False <|> readAndOrOp TC_And "-a" True
 
@@ -941,6 +942,9 @@ prop_readCondition23 = isOk readCondition "[[ -v arr[$var] ]]"
 prop_readCondition25 = isOk readCondition "[[ lex.yy.c -ot program.l ]]"
 prop_readCondition26 = isOk readScript "[[ foo ]]\\\n && bar"
 prop_readCondition27 = not $ isOk readConditionCommand "[[ x ]] foo"
+prop_readCondition28 = isOk readCondition "[[ x = [\"$1\"] ]]"
+prop_readCondition29 = isOk readCondition "[[ x = [*] ]]"
+
 readCondition = called "test expression" $ do
     opos <- getPosition
     start <- startSpan

From 2292e852e5be3a727a667dce9def79c1d12f0804 Mon Sep 17 00:00:00 2001
From: Vidar Holen <spam@vidarholen.net>
Date: Sun, 23 Jan 2022 14:23:56 -0800
Subject: [PATCH 010/244] Switch linux-x86_64 build from Ubuntu to Alpine for
 musl

---
 build/linux.x86_64/Dockerfile | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/build/linux.x86_64/Dockerfile b/build/linux.x86_64/Dockerfile
index f0ad16a..3112ac2 100644
--- a/build/linux.x86_64/Dockerfile
+++ b/build/linux.x86_64/Dockerfile
@@ -1,16 +1,10 @@
-FROM ubuntu:20.04
+FROM alpine:latest
 
 ENV TARGETNAME linux.x86_64
 
 # Install GHC and cabal
 USER root
-ENV DEBIAN_FRONTEND noninteractive
-RUN apt-get update && apt-get install -y ghc curl xz-utils
-
-# So we'd like a later version of Cabal that supports --enable-executable-static,
-# but we can't use Ubuntu 20.10 because coreutils has switched to new syscalls that
-# the TravisCI kernel doesn't support. Download it manually.
-RUN curl "https://downloads.haskell.org/~cabal/cabal-install-3.2.0.0/cabal-install-3.2.0.0-x86_64-unknown-linux.tar.xz" | tar xJv -C /usr/bin
+RUN apk add ghc cabal g++ libffi-dev curl bash
 
 # Use ld.bfd instead of ld.gold due to
 # x86_64-linux-gnu/libpthread.a(pthread_cond_init.o)(.note.stapsdt+0x14): error:

From 88cdb4e2c9b45becb21bd02cd7b205d5bef8cb56 Mon Sep 17 00:00:00 2001
From: Vidar Holen <spam@vidarholen.net>
Date: Thu, 3 Feb 2022 19:23:46 -0800
Subject: [PATCH 011/244] Warn about spaces around = in alias (fixes #2442)

---
 src/ShellCheck/Checks/Commands.hs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Checks/Commands.hs b/src/ShellCheck/Checks/Commands.hs
index 1a48a28..72d8c09 100644
--- a/src/ShellCheck/Checks/Commands.hs
+++ b/src/ShellCheck/Checks/Commands.hs
@@ -98,7 +98,7 @@ commandChecks = [
     ,checkUnquotedEchoSpaces
     ,checkEvalArray
     ]
-    ++ map checkArgComparison declaringCommands
+    ++ map checkArgComparison ("alias" : declaringCommands)
     ++ map checkMaskedReturns declaringCommands
 
 
@@ -1253,6 +1253,7 @@ prop_checkArgComparison3 = verifyNot (checkArgComparison "declare") "declare a=b
 prop_checkArgComparison4 = verify (checkArgComparison "export") "export a +=b"
 prop_checkArgComparison7 = verifyNot (checkArgComparison "declare") "declare -a +i foo"
 prop_checkArgComparison8 = verify (checkArgComparison "let") "let x = 0"
+prop_checkArgComparison9 = verify (checkArgComparison "alias") "alias x =0"
 -- This mirrors checkSecondArgIsComparison but for arguments to local/readonly/declare/export
 checkArgComparison cmd = CommandCheck (Exactly cmd) wordsWithEqual
   where

From fa15c0a454be93603418a56ed0d625e5c76a83fc Mon Sep 17 00:00:00 2001
From: Patrick Xia <patrickx@google.com>
Date: Thu, 5 May 2022 16:09:02 -0700
Subject: [PATCH 012/244] add SC2316: error on multiple declarations like
 'readonly local'

---
 src/ShellCheck/Checks/Commands.hs | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/src/ShellCheck/Checks/Commands.hs b/src/ShellCheck/Checks/Commands.hs
index 72d8c09..bad4cf2 100644
--- a/src/ShellCheck/Checks/Commands.hs
+++ b/src/ShellCheck/Checks/Commands.hs
@@ -100,6 +100,7 @@ commandChecks = [
     ]
     ++ map checkArgComparison ("alias" : declaringCommands)
     ++ map checkMaskedReturns declaringCommands
+    ++ map checkMultipleDeclaring declaringCommands
 
 
 optionalChecks = map fst optionalCommandChecks
@@ -941,6 +942,21 @@ checkLocalScope = CommandCheck (Exactly "local") $ \t ->
         unless (any isFunctionLike path) $
             err (getId $ getCommandTokenOrThis t) 2168 "'local' is only valid in functions."
 
+prop_checkMultipleDeclaring1 = verify (checkMultipleDeclaring "local") "q() { local readonly var=1; }"
+prop_checkMultipleDeclaring2 = verifyNot (checkMultipleDeclaring "local") "q() { local var=1; }"
+prop_checkMultipleDeclaring3 = verify (checkMultipleDeclaring "readonly") "readonly local foo=5"
+prop_checkMultipleDeclaring4 = verify (checkMultipleDeclaring "export") "export readonly foo=5"
+prop_checkMultipleDeclaring5 = verifyNot (checkMultipleDeclaring "local") "f() { local -r foo=5; }"
+prop_checkMultipleDeclaring6 = verifyNot (checkMultipleDeclaring "declare") "declare -rx foo=5"
+checkMultipleDeclaring cmd = CommandCheck (Exactly cmd) (mapM_ check . arguments)
+  where
+    check t = sequence_ $ do
+        lit <- getLiteralString t
+        guard $ lit `elem` declaringCommands
+        return $ err (getId $ getCommandTokenOrThis t) 2316 $
+                 "This applies " ++ cmd ++ " to the variable named " ++ lit ++
+                 ", which is probably not what you want. Use a separate command or the appropriate `declare` options instead."
+
 prop_checkDeprecatedTempfile1 = verify checkDeprecatedTempfile "var=$(tempfile)"
 prop_checkDeprecatedTempfile2 = verifyNot checkDeprecatedTempfile "tempfile=$(mktemp)"
 checkDeprecatedTempfile = CommandCheck (Basename "tempfile") $

From 282155268829ffe450a21eb728ba0417c9c2578d Mon Sep 17 00:00:00 2001
From: Rune Juhl Jacobsen <runejuhl@petardo.dk>
Date: Tue, 14 Dec 2021 16:00:47 +0100
Subject: [PATCH 013/244] Fix bug in 2126 when using after/before flags with
 grep

Using `--after-context`/`-A` or `--before-context`/`-B` would give a warning
recommending the user to use `grep -c`, even though that would give a different
result than using `grep | wc -l`:

```fundamental
$ echo -e "1\n2\n3" | grep -cA 3 1
1
$ echo -e "1\n2\n3" | grep -A 3 1 | wc -l
3
```
---
 src/ShellCheck/Analytics.hs | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index d48104e..e6e47ea 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -545,6 +545,10 @@ prop_checkPipePitfalls15 = verifyNot checkPipePitfalls "foo | grep bar | wc -cmw
 prop_checkPipePitfalls16 = verifyNot checkPipePitfalls "foo | grep -r bar | wc -l"
 prop_checkPipePitfalls17 = verifyNot checkPipePitfalls "foo | grep -l bar | wc -l"
 prop_checkPipePitfalls18 = verifyNot checkPipePitfalls "foo | grep -L bar | wc -l"
+prop_checkPipePitfalls19 = verifyNot checkPipePitfalls "foo | grep -A2 bar | wc -l"
+prop_checkPipePitfalls20 = verifyNot checkPipePitfalls "foo | grep -B999 bar | wc -l"
+prop_checkPipePitfalls21 = verifyNot checkPipePitfalls "foo | grep --after-context 999 bar | wc -l"
+prop_checkPipePitfalls22 = verifyNot checkPipePitfalls "foo | grep -B 1 --after-context 999 bar | wc -l"
 checkPipePitfalls _ (T_Pipeline id _ commands) = do
     for ["find", "xargs"] $
         \(find:xargs:_) ->
@@ -566,10 +570,10 @@ checkPipePitfalls _ (T_Pipeline id _ commands) = do
             let flagsGrep = maybe [] (map snd . getAllFlags) $ getCommand grep
                 flagsWc = maybe [] (map snd . getAllFlags) $ getCommand wc
             in
-                unless (any (`elem` ["l", "files-with-matches", "L", "files-without-matches", "o", "only-matching", "r", "R", "recursive"]) flagsGrep
+                unless (any (`elem` ["l", "files-with-matches", "L", "files-without-matches", "o", "only-matching", "r", "R", "recursive", "A", "after-context", "B", "before-context"]) flagsGrep
                         || any (`elem` ["m", "chars", "w", "words", "c", "bytes", "L", "max-line-length"]) flagsWc
                         || null flagsWc) $
-                    style (getId grep) 2126 "Consider using grep -c instead of grep|wc -l."
+                    style (getId grep) 2126 "Consider using 'grep -c' instead of 'grep|wc -l'."
 
     didLs <- fmap or . sequence $ [
         for' ["ls", "grep"] $

From fd595d1058a7991a3e925922be2da96c3c023faa Mon Sep 17 00:00:00 2001
From: Vidar Holen <spam@vidarholen.net>
Date: Fri, 6 May 2022 10:06:12 -0700
Subject: [PATCH 014/244] Only trigger SC2316 on unquoted words.

---
 src/ShellCheck/Checks/Commands.hs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Checks/Commands.hs b/src/ShellCheck/Checks/Commands.hs
index bad4cf2..e65dc68 100644
--- a/src/ShellCheck/Checks/Commands.hs
+++ b/src/ShellCheck/Checks/Commands.hs
@@ -948,10 +948,11 @@ prop_checkMultipleDeclaring3 = verify (checkMultipleDeclaring "readonly") "reado
 prop_checkMultipleDeclaring4 = verify (checkMultipleDeclaring "export") "export readonly foo=5"
 prop_checkMultipleDeclaring5 = verifyNot (checkMultipleDeclaring "local") "f() { local -r foo=5; }"
 prop_checkMultipleDeclaring6 = verifyNot (checkMultipleDeclaring "declare") "declare -rx foo=5"
+prop_checkMultipleDeclaring7 = verifyNot (checkMultipleDeclaring "readonly") "readonly 'local' foo=5"
 checkMultipleDeclaring cmd = CommandCheck (Exactly cmd) (mapM_ check . arguments)
   where
     check t = sequence_ $ do
-        lit <- getLiteralString t
+        lit <- getUnquotedLiteral t
         guard $ lit `elem` declaringCommands
         return $ err (getId $ getCommandTokenOrThis t) 2316 $
                  "This applies " ++ cmd ++ " to the variable named " ++ lit ++

From 399c04cc17931c5221672257666f39eda6aefc14 Mon Sep 17 00:00:00 2001
From: Vidar Holen <spam@vidarholen.net>
Date: Fri, 6 May 2022 10:11:52 -0700
Subject: [PATCH 015/244] Mention SC2316 in changelog

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f65bbfa..fb733ce 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,6 @@
 ## Git
 ### Added
+- SC2316: Warn about 'local readonly foo' and similar (thanks, patrickxia!)
 
 ### Fixed
 

From 9aa4c22aa6fb54d511148bdc8b135e353529ffcc Mon Sep 17 00:00:00 2001
From: Frazer Smith <frazer.dev@outlook.com>
Date: Mon, 16 May 2022 06:56:46 +0000
Subject: [PATCH 016/244] ci: update github actions

---
 .github/workflows/build.yml | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 5595219..a435cf4 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -15,7 +15,7 @@ jobs:
           sudo apt-get install cabal-install
 
       - name: Checkout repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           fetch-depth: 0
 
@@ -37,7 +37,7 @@ jobs:
           mv dist-newstyle/sdist/*.tar.gz source/source.tar.gz
 
       - name: Upload artifact
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: source
           path: source/
@@ -51,10 +51,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       - name: Download artifacts
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@v3
 
       - name: Build source
         run: |
@@ -63,7 +63,7 @@ jobs:
           ( cd bin && ../build/run_builder ../source/source.tar.gz ../build/${{matrix.build}} )
 
       - name: Upload artifact
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: bin
           path: bin/
@@ -74,10 +74,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       - name: Download artifacts
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@v3
 
       - name: Work around GitHub permissions bug
         run: chmod +x bin/*/shellcheck*
@@ -92,7 +92,7 @@ jobs:
           rm -rf */ README* LICENSE*
 
       - name: Upload artifact
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: deploy
           path: deploy/
@@ -104,10 +104,10 @@ jobs:
     environment: Deploy
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       - name: Download artifacts
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@v3
 
       - name: Upload to GitHub
         env:

From 7ceb1f15193f43109a547ccc3d8ba74faaa72ade Mon Sep 17 00:00:00 2001
From: ygeyzel <ygeyzel@gmail.com>
Date: Sun, 17 Jul 2022 21:46:42 +0300
Subject: [PATCH 017/244] SC2183 grammer fix: 'variable' instead of 'variables'
 if only one variable

---
 src/ShellCheck/Checks/Commands.hs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Checks/Commands.hs b/src/ShellCheck/Checks/Commands.hs
index e65dc68..d8635ea 100644
--- a/src/ShellCheck/Checks/Commands.hs
+++ b/src/ShellCheck/Checks/Commands.hs
@@ -675,6 +675,7 @@ checkPrintfVar = CommandCheck (Exactly "printf") (f . arguments) where
             let formats = getPrintfFormats string
             let formatCount = length formats
             let argCount = length more
+            let pluraliseIfMany word n = if n > 1 then word ++ "s" else word
 
             return $ if
                 | argCount == 0 && formatCount == 0 ->
@@ -690,7 +691,8 @@ checkPrintfVar = CommandCheck (Exactly "printf") (f . arguments) where
                     return () -- Great: a suitable number of arguments
                 | otherwise ->
                     warn (getId format) 2183 $
-                        "This format string has " ++ show formatCount ++ " variables, but is passed " ++ show argCount ++ " arguments."
+                        "This format string has " ++ show formatCount ++ " " ++ (pluraliseIfMany "variable" formatCount) ++
+                        ", but is passed " ++ show argCount ++ " arguments."
 
         unless ('%' `elem` concat (oversimplify format) || isLiteral format) $
           info (getId format) 2059

From 363c0633e0525e6e7d1714cac83e420875345b85 Mon Sep 17 00:00:00 2001
From: Vidar Holen <spam@vidarholen.net>
Date: Fri, 11 Feb 2022 17:17:04 -0800
Subject: [PATCH 018/244] When reparsing array indices, do it recursively

---
 src/ShellCheck/Analytics.hs | 1 +
 src/ShellCheck/Parser.hs    | 9 +++++----
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index e6e47ea..7da5786 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -2394,6 +2394,7 @@ prop_checkUnused47= verifyNotTree checkUnusedAssignments "a=1; alias hello='echo
 prop_checkUnused48= verifyNotTree checkUnusedAssignments "_a=1"
 prop_checkUnused49= verifyNotTree checkUnusedAssignments "declare -A array; key=a; [[ -v array[$key] ]]"
 prop_checkUnused50= verifyNotTree checkUnusedAssignments "foofunc() { :; }; typeset -fx foofunc"
+prop_checkUnused51= verifyTree checkUnusedAssignments "x[y[z=1]]=1; echo ${x[@]}"
 
 checkUnusedAssignments params t = execWriter (mapM_ warnFor unused)
   where
diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 8fbdb5a..833918c 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -3463,9 +3463,9 @@ notesForContext list = zipWith ($) [first, second] $ filter isName list
 
 -- Go over all T_UnparsedIndex and reparse them as either arithmetic or text
 -- depending on declare -A statements.
-reparseIndices root =
-   analyze blank blank f root
+reparseIndices root = process root
   where
+    process = analyze blank blank f
     associative = getAssociativeArrays root
     isAssociative s = s `elem` associative
     f (T_Assignment id mode name indices value) = do
@@ -3490,8 +3490,9 @@ reparseIndices root =
 
     fixAssignmentIndex name word =
         case word of
-            T_UnparsedIndex id pos src ->
-                parsed name pos src
+            T_UnparsedIndex id pos src -> do
+                idx <- parsed name pos src
+                process idx -- Recursively parse for cases like x[y[z=1]]=1
             _ -> return word
 
     parsed name pos src =

From a4042f752399b0aff032692331e9f561c2cb836c Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Mon, 18 Jul 2022 22:12:31 -0700
Subject: [PATCH 019/244] Parse &&/|| as left-associative

---
 src/ShellCheck/Analytics.hs | 2 +-
 src/ShellCheck/Parser.hs    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 7da5786..f5ff4df 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -867,7 +867,7 @@ prop_checkShorthandIf5 = verifyNot checkShorthandIf "foo && rm || printf b"
 prop_checkShorthandIf6 = verifyNot checkShorthandIf "if foo && bar || baz; then true; fi"
 prop_checkShorthandIf7 = verifyNot checkShorthandIf "while foo && bar || baz; do true; done"
 prop_checkShorthandIf8 = verify checkShorthandIf "if true; then foo && bar || baz; fi"
-checkShorthandIf params x@(T_AndIf id _ (T_OrIf _ _ (T_Pipeline _ _ t)))
+checkShorthandIf params x@(T_OrIf _ (T_AndIf id _ _) (T_Pipeline _ _ t))
         | not (isOk t || inCondition) =
     info id 2015 "Note that A && B || C is not if-then-else. C may run when A is true."
   where
diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 833918c..3958406 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -2286,7 +2286,7 @@ readAndOr = do
         parseProblemAt apos ErrorC 1123 "ShellCheck directives are only valid in front of complete compound commands, like 'if', not e.g. individual 'elif' branches."
 
     andOr <- withAnnotations annotations $
-        chainr1 readPipeline $ do
+        chainl1 readPipeline $ do
             op <- g_AND_IF <|> g_OR_IF
             readLineBreak
             return $ case op of T_AND_IF id -> T_AndIf id

From c3bce51de38fa57b006b932661bdb6237e0c5db5 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Tue, 19 Jul 2022 17:45:54 -0700
Subject: [PATCH 020/244] Allow text to build on Fedora by installing
 dependencies

---
 test/distrotest | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/distrotest b/test/distrotest
index 50a5a17..464768c 100755
--- a/test/distrotest
+++ b/test/distrotest
@@ -63,7 +63,7 @@ debian:testing        apt-get update && apt-get install -y cabal-install
 ubuntu:latest         apt-get update && apt-get install -y cabal-install
 haskell:latest        true
 opensuse/leap:latest  zypper install -y cabal-install ghc
-fedora:latest         dnf install -y cabal-install ghc-template-haskell-devel findutils
+fedora:latest         dnf install -y cabal-install ghc-template-haskell-devel findutils libstdc++-static gcc-c++
 archlinux:latest      pacman -S -y --noconfirm cabal-install ghc-static base-devel
 
 # Ubuntu LTS

From cc04b4011967f873e14c0e6ad506ca37bed1f97f Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Tue, 19 Jul 2022 18:22:11 -0700
Subject: [PATCH 021/244] Freeze macOS dependency by sha256

---
 build/darwin.x86_64/Dockerfile | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/build/darwin.x86_64/Dockerfile b/build/darwin.x86_64/Dockerfile
index ecd1cad..9e33a82 100644
--- a/build/darwin.x86_64/Dockerfile
+++ b/build/darwin.x86_64/Dockerfile
@@ -1,5 +1,4 @@
-# DIGEST:sha256:fa32af4677e2860a1c5950bc8c360f309e2a87e2ddfed27b642fddf7a6093b76
-FROM liushuyu/osxcross:latest
+FROM liushuyu/osxcross@sha256:fa32af4677e2860a1c5950bc8c360f309e2a87e2ddfed27b642fddf7a6093b76
 
 ENV TARGET x86_64-apple-darwin18
 ENV TARGETNAME darwin.x86_64

From 7946bf5657905bba74be360bf16b287008ed1bdb Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Tue, 19 Jul 2022 21:40:03 -0700
Subject: [PATCH 022/244] Upgrade cURL for Windows build image

---
 build/windows.x86_64/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build/windows.x86_64/Dockerfile b/build/windows.x86_64/Dockerfile
index 11e67e8..1e5c5d9 100644
--- a/build/windows.x86_64/Dockerfile
+++ b/build/windows.x86_64/Dockerfile
@@ -12,7 +12,7 @@ WORKDIR /haskell
 RUN curl -L "https://downloads.haskell.org/~ghc/8.10.4/ghc-8.10.4-x86_64-unknown-mingw32.tar.xz" | tar xJ --strip-components=1
 WORKDIR /haskell/bin
 RUN curl -L "https://downloads.haskell.org/~cabal/cabal-install-3.2.0.0/cabal-install-3.2.0.0-x86_64-unknown-mingw32.zip" | busybox unzip -
-RUN curl -L "https://curl.se/windows/dl-7.75.0/curl-7.75.0-win64-mingw.zip" | busybox unzip - && mv curl-7.75.0-win64-mingw/bin/* .
+RUN curl -L "https://curl.se/windows/dl-7.84.0/curl-7.84.0-win64-mingw.zip" | busybox unzip - && mv curl-7.84.0-win64-mingw/bin/* .
 ENV WINEPATH /haskell/bin
 
 # It's unknown whether Cabal on Windows suffers from the same issue

From f77a545282f02010a0c52b66bd6ee5e860c2b314 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Tue, 19 Jul 2022 14:23:27 -0700
Subject: [PATCH 023/244] Control Flow Graph / Data Flow Analysis support

---
 CHANGELOG.md                          |    4 +
 ShellCheck.cabal                      |    8 +
 src/ShellCheck/ASTLib.hs              |  116 ++-
 src/ShellCheck/Analytics.hs           |    2 +
 src/ShellCheck/Analyzer.hs            |    5 +-
 src/ShellCheck/AnalyzerLib.hs         |  142 +--
 src/ShellCheck/CFG.hs                 | 1147 +++++++++++++++++++++++++
 src/ShellCheck/CFGAnalysis.hs         | 1113 ++++++++++++++++++++++++
 src/ShellCheck/Checks/Commands.hs     |    1 +
 src/ShellCheck/Checks/ControlFlow.hs  |  101 +++
 src/ShellCheck/Checks/ShellSupport.hs |    1 +
 src/ShellCheck/Data.hs                |   29 +-
 src/ShellCheck/Debug.hs               |  313 +++++++
 src/ShellCheck/Fixer.hs               |    3 +-
 src/ShellCheck/Parser.hs              |    5 +-
 src/ShellCheck/Prelude.hs             |   48 ++
 test/shellcheck.hs                    |    6 +
 17 files changed, 2909 insertions(+), 135 deletions(-)
 create mode 100644 src/ShellCheck/CFG.hs
 create mode 100644 src/ShellCheck/CFGAnalysis.hs
 create mode 100644 src/ShellCheck/Checks/ControlFlow.hs
 create mode 100644 src/ShellCheck/Debug.hs
 create mode 100644 src/ShellCheck/Prelude.hs

diff --git a/CHANGELOG.md b/CHANGELOG.md
index fb733ce..4763ddd 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,10 @@
 ### Fixed
 
 ### Changed
+- ShellCheck now has a Data Flow Analysis engine to make smarter decisions
+  based on control flow rather than just syntax. Existing checks will
+  gradually start using it, which may cause them to trigger differently
+  (but more accurately).
 
 
 ## v0.8.0 - 2021-11-06
diff --git a/ShellCheck.cabal b/ShellCheck.cabal
index 1167c82..b22b5c8 100644
--- a/ShellCheck.cabal
+++ b/ShellCheck.cabal
@@ -53,6 +53,7 @@ library
       deepseq >= 1.4.0.0,
       Diff >= 0.2.0,
       directory >= 1.2.3.0,
+      fgl,
       mtl >= 2.2.1,
       filepath,
       parsec,
@@ -66,11 +67,15 @@ library
       ShellCheck.Analytics
       ShellCheck.Analyzer
       ShellCheck.AnalyzerLib
+      ShellCheck.CFG
+      ShellCheck.CFGAnalysis
       ShellCheck.Checker
       ShellCheck.Checks.Commands
+      ShellCheck.Checks.ControlFlow
       ShellCheck.Checks.Custom
       ShellCheck.Checks.ShellSupport
       ShellCheck.Data
+      ShellCheck.Debug
       ShellCheck.Fixer
       ShellCheck.Formatter.Format
       ShellCheck.Formatter.CheckStyle
@@ -82,6 +87,7 @@ library
       ShellCheck.Formatter.Quiet
       ShellCheck.Interface
       ShellCheck.Parser
+      ShellCheck.Prelude
       ShellCheck.Regex
     other-modules:
       Paths_ShellCheck
@@ -100,6 +106,7 @@ executable shellcheck
       deepseq >= 1.4.0.0,
       Diff >= 0.2.0,
       directory >= 1.2.3.0,
+      fgl,
       mtl >= 2.2.1,
       filepath,
       parsec >= 3.0,
@@ -120,6 +127,7 @@ test-suite test-shellcheck
       deepseq >= 1.4.0.0,
       Diff >= 0.2.0,
       directory >= 1.2.3.0,
+      fgl,
       mtl >= 2.2.1,
       filepath,
       parsec,
diff --git a/src/ShellCheck/ASTLib.hs b/src/ShellCheck/ASTLib.hs
index 7c88432..7cc5af2 100644
--- a/src/ShellCheck/ASTLib.hs
+++ b/src/ShellCheck/ASTLib.hs
@@ -21,6 +21,7 @@
 module ShellCheck.ASTLib where
 
 import ShellCheck.AST
+import ShellCheck.Prelude
 import ShellCheck.Regex
 
 import Control.Monad.Writer
@@ -138,7 +139,7 @@ getFlagsUntil stopCondition (T_SimpleCommand _ _ (_:args)) =
     flag (x, '-':'-':arg) = [ (x, takeWhile (/= '=') arg) ]
     flag (x, '-':args) = map (\v -> (x, [v])) args
     flag (x, _) = [ (x, "") ]
-getFlagsUntil _ _ = error "Internal shellcheck error, please report! (getFlags on non-command)"
+getFlagsUntil _ _ = error $ pleaseReport "getFlags on non-command"
 
 -- Get all flags in a GNU way, up until --
 getAllFlags :: Token -> [(Token, String)]
@@ -785,5 +786,118 @@ executableFromShebang = shellFor
     basename s = reverse . takeWhile (/= '/') . reverse $ s
     skipFlags = dropWhile ("-" `isPrefixOf`)
 
+
+-- Determining if a name is a variable
+isVariableStartChar x = x == '_' || isAsciiLower x || isAsciiUpper x
+isVariableChar x = isVariableStartChar x || isDigit x
+isSpecialVariableChar = (`elem` "*@#?-$!")
+variableNameRegex = mkRegex "[_a-zA-Z][_a-zA-Z0-9]*"
+
+prop_isVariableName1 = isVariableName "_fo123"
+prop_isVariableName2 = not $ isVariableName "4"
+prop_isVariableName3 = not $ isVariableName "test: "
+isVariableName (x:r) = isVariableStartChar x && all isVariableChar r
+isVariableName _     = False
+
+
+-- Get the variable name from an expansion like ${var:-foo}
+prop_getBracedReference1 = getBracedReference "foo" == "foo"
+prop_getBracedReference2 = getBracedReference "#foo" == "foo"
+prop_getBracedReference3 = getBracedReference "#" == "#"
+prop_getBracedReference4 = getBracedReference "##" == "#"
+prop_getBracedReference5 = getBracedReference "#!" == "!"
+prop_getBracedReference6 = getBracedReference "!#" == "#"
+prop_getBracedReference7 = getBracedReference "!foo#?" == "foo"
+prop_getBracedReference8 = getBracedReference "foo-bar" == "foo"
+prop_getBracedReference9 = getBracedReference "foo:-bar" == "foo"
+prop_getBracedReference10= getBracedReference "foo: -1" == "foo"
+prop_getBracedReference11= getBracedReference "!os*" == ""
+prop_getBracedReference11b= getBracedReference "!os@" == ""
+prop_getBracedReference12= getBracedReference "!os?bar**" == ""
+prop_getBracedReference13= getBracedReference "foo[bar]" == "foo"
+getBracedReference s = fromMaybe s $
+    nameExpansion s `mplus` takeName noPrefix `mplus` getSpecial noPrefix `mplus` getSpecial s
+  where
+    noPrefix = dropPrefix s
+    dropPrefix (c:rest) | c `elem` "!#" = rest
+    dropPrefix cs = cs
+    takeName s = do
+        let name = takeWhile isVariableChar s
+        guard . not $ null name
+        return name
+    getSpecial (c:_) | isSpecialVariableChar c = return [c]
+    getSpecial _ = fail "empty or not special"
+
+    nameExpansion ('!':next:rest) = do -- e.g. ${!foo*bar*}
+        guard $ isVariableChar next -- e.g. ${!@}
+        first <- find (not . isVariableChar) rest
+        guard $ first `elem` "*?@"
+        return ""
+    nameExpansion _ = Nothing
+
+-- Get the variable modifier like /a/b in ${var/a/b}
+prop_getBracedModifier1 = getBracedModifier "foo:bar:baz" == ":bar:baz"
+prop_getBracedModifier2 = getBracedModifier "!var:-foo" == ":-foo"
+prop_getBracedModifier3 = getBracedModifier "foo[bar]" == "[bar]"
+prop_getBracedModifier4 = getBracedModifier "foo[@]@Q" == "[@]@Q"
+prop_getBracedModifier5 = getBracedModifier "@@Q" == "@Q"
+getBracedModifier s = headOrDefault "" $ do
+    let var = getBracedReference s
+    a <- dropModifier s
+    dropPrefix var a
+  where
+    dropPrefix [] t        = return t
+    dropPrefix (a:b) (c:d) | a == c = dropPrefix b d
+    dropPrefix _ _         = []
+
+    dropModifier (c:rest) | c `elem` "#!" = [rest, c:rest]
+    dropModifier x        = [x]
+
+-- Get the variables from indices like ["x", "y"] in ${var[x+y+1]}
+prop_getIndexReferences1 = getIndexReferences "var[x+y+1]" == ["x", "y"]
+getIndexReferences s = fromMaybe [] $ do
+    match <- matchRegex re s
+    index <- match !!! 0
+    return $ matchAllStrings variableNameRegex index
+  where
+    re = mkRegex "(\\[.*\\])"
+
+prop_getOffsetReferences1 = getOffsetReferences ":bar" == ["bar"]
+prop_getOffsetReferences2 = getOffsetReferences ":bar:baz" == ["bar", "baz"]
+prop_getOffsetReferences3 = getOffsetReferences "[foo]:bar" == ["bar"]
+prop_getOffsetReferences4 = getOffsetReferences "[foo]:bar:baz" == ["bar", "baz"]
+getOffsetReferences mods = fromMaybe [] $ do
+-- if mods start with [, then drop until ]
+    match <- matchRegex re mods
+    offsets <- match !!! 1
+    return $ matchAllStrings variableNameRegex offsets
+  where
+    re = mkRegex "^(\\[.+\\])? *:([^-=?+].*)"
+
+
+-- Returns whether a token is a parameter expansion without any modifiers.
+-- True for $var ${var} $1 $#
+-- False for ${#var} ${var[x]} ${var:-0}
+isUnmodifiedParameterExpansion t =
+    case t of
+        T_DollarBraced _ False _ -> True
+        T_DollarBraced _ _ list ->
+            let str = concat $ oversimplify list
+            in getBracedReference str == str
+        _ -> False
+
+--- A list of the element and all its parents up to the root node.
+getPath tree t = t :
+    case Map.lookup (getId t) tree of
+        Nothing     -> []
+        Just parent -> getPath tree parent
+
+isClosingFileOp op =
+    case op of
+        T_IoDuplicate _ (T_GREATAND _) "-" -> True
+        T_IoDuplicate _ (T_LESSAND  _) "-" -> True
+        _                                  -> False
+
+
 return []
 runTests = $quickCheckAll
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index f5ff4df..bf5d179 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -24,8 +24,10 @@ module ShellCheck.Analytics (runAnalytics, optionalChecks, ShellCheck.Analytics.
 import ShellCheck.AST
 import ShellCheck.ASTLib
 import ShellCheck.AnalyzerLib hiding (producesComments)
+import qualified ShellCheck.CFGAnalysis as CF
 import ShellCheck.Data
 import ShellCheck.Parser
+import ShellCheck.Prelude
 import ShellCheck.Interface
 import ShellCheck.Regex
 
diff --git a/src/ShellCheck/Analyzer.hs b/src/ShellCheck/Analyzer.hs
index eb231c2..ff2e457 100644
--- a/src/ShellCheck/Analyzer.hs
+++ b/src/ShellCheck/Analyzer.hs
@@ -25,6 +25,7 @@ import ShellCheck.Interface
 import Data.List
 import Data.Monoid
 import qualified ShellCheck.Checks.Commands
+import qualified ShellCheck.Checks.ControlFlow
 import qualified ShellCheck.Checks.Custom
 import qualified ShellCheck.Checks.ShellSupport
 
@@ -42,11 +43,13 @@ analyzeScript spec = newAnalysisResult {
 
 checkers spec params = mconcat $ map ($ params) [
     ShellCheck.Checks.Commands.checker spec,
+    ShellCheck.Checks.ControlFlow.checker spec,
     ShellCheck.Checks.Custom.checker,
     ShellCheck.Checks.ShellSupport.checker
     ]
 
 optionalChecks = mconcat $ [
     ShellCheck.Analytics.optionalChecks,
-    ShellCheck.Checks.Commands.optionalChecks
+    ShellCheck.Checks.Commands.optionalChecks,
+    ShellCheck.Checks.ControlFlow.optionalChecks
     ]
diff --git a/src/ShellCheck/AnalyzerLib.hs b/src/ShellCheck/AnalyzerLib.hs
index 67c35b4..e998f2c 100644
--- a/src/ShellCheck/AnalyzerLib.hs
+++ b/src/ShellCheck/AnalyzerLib.hs
@@ -23,9 +23,11 @@ module ShellCheck.AnalyzerLib where
 
 import ShellCheck.AST
 import ShellCheck.ASTLib
+import qualified ShellCheck.CFGAnalysis as CF
 import ShellCheck.Data
 import ShellCheck.Interface
 import ShellCheck.Parser
+import ShellCheck.Prelude
 import ShellCheck.Regex
 
 import Control.Arrow (first)
@@ -96,7 +98,9 @@ data Parameters = Parameters {
     -- The root node of the AST
     rootNode           :: Token,
     -- map from token id to start and end position
-    tokenPositions     :: Map.Map Id (Position, Position)
+    tokenPositions     :: Map.Map Id (Position, Position),
+    -- Result from Control Flow Graph analysis (including data flow analysis)
+    cfgAnalysis :: CF.CFGAnalysis
     } deriving (Show)
 
 -- TODO: Cache results of common AST ops here
@@ -189,8 +193,9 @@ makeCommentWithFix severity id code str fix =
         }
     in force withFix
 
-makeParameters spec =
-    let params = Parameters {
+makeParameters spec = params
+  where
+    params = Parameters {
         rootNode = root,
         shellType = fromMaybe (determineShell (asFallbackShell spec) root) $ asShellType spec,
         hasSetE = containsSetE root,
@@ -215,9 +220,14 @@ makeParameters spec =
         shellTypeSpecified = isJust (asShellType spec) || isJust (asFallbackShell spec),
         parentMap = getParentTree root,
         variableFlow = getVariableFlow params root,
-        tokenPositions = asTokenPositions spec
-    } in params
-  where root = asScript spec
+        tokenPositions = asTokenPositions spec,
+        cfgAnalysis = CF.analyzeControlFlow cfParams root
+    }
+    cfParams = CF.CFGParameters {
+        CF.cfLastpipe = hasLastpipe params,
+        CF.cfPipefail = hasPipefail params
+    }
+    root = asScript spec
 
 
 -- Does this script mention 'set -e' anywhere?
@@ -408,12 +418,6 @@ usedAsCommandName tree token = go (getId token) (tail $ getPath tree token)
         getId word == currentId || getId (getCommandTokenOrThis t) == currentId
     go _ _ = False
 
--- A list of the element and all its parents up to the root node.
-getPath tree t = t :
-    case Map.lookup (getId t) tree of
-        Nothing     -> []
-        Just parent -> getPath tree parent
-
 -- Version of the above taking the map from the current context
 -- Todo: give this the name "getPath"
 getPathM t = do
@@ -559,12 +563,6 @@ getModifiedVariables t =
                     return (place, t, str, DataString SourceChecked)
             _ -> Nothing
 
-isClosingFileOp op =
-    case op of
-        T_IoDuplicate _ (T_GREATAND _) "-" -> True
-        T_IoDuplicate _ (T_LESSAND  _) "-" -> True
-        _                                  -> False
-
 
 -- Consider 'export/declare -x' a reference, since it makes the var available
 getReferencedVariableCommand base@(T_SimpleCommand _ _ (T_NormalWord _ (T_Literal _ x:_):rest)) =
@@ -746,13 +744,6 @@ getModifiedVariableCommand base@(T_SimpleCommand id cmdPrefix (T_NormalWord _ (T
 
 getModifiedVariableCommand _ = []
 
-getIndexReferences s = fromMaybe [] $ do
-    match <- matchRegex re s
-    index <- match !!! 0
-    return $ matchAllStrings variableNameRegex index
-  where
-    re = mkRegex "(\\[.*\\])"
-
 -- Given a NormalWord like foo or foo[$bar], get foo.
 -- Primarily used to get references for [[ -v foo[bar] ]]
 getVariableForTestDashV :: Token -> Maybe String
@@ -767,18 +758,6 @@ getVariableForTestDashV t = do
     -- in a non-constant expression (while filtering out foo$x[$y])
     toStr _ = return "\0"
 
-prop_getOffsetReferences1 = getOffsetReferences ":bar" == ["bar"]
-prop_getOffsetReferences2 = getOffsetReferences ":bar:baz" == ["bar", "baz"]
-prop_getOffsetReferences3 = getOffsetReferences "[foo]:bar" == ["bar"]
-prop_getOffsetReferences4 = getOffsetReferences "[foo]:bar:baz" == ["bar", "baz"]
-getOffsetReferences mods = fromMaybe [] $ do
--- if mods start with [, then drop until ]
-    match <- matchRegex re mods
-    offsets <- match !!! 1
-    return $ matchAllStrings variableNameRegex offsets
-  where
-    re = mkRegex "^(\\[.+\\])? *:([^-=?+].*)"
-
 getReferencedVariables parents t =
     case t of
         T_DollarBraced id _ l -> let str = concat $ oversimplify l in
@@ -857,17 +836,6 @@ isConfusedGlobRegex ('*':_) = True
 isConfusedGlobRegex [x,'*'] | x `notElem` "\\." = True
 isConfusedGlobRegex _       = False
 
-isVariableStartChar x = x == '_' || isAsciiLower x || isAsciiUpper x
-isVariableChar x = isVariableStartChar x || isDigit x
-isSpecialVariableChar = (`elem` "*@#?-$!")
-variableNameRegex = mkRegex "[_a-zA-Z][_a-zA-Z0-9]*"
-
-prop_isVariableName1 = isVariableName "_fo123"
-prop_isVariableName2 = not $ isVariableName "4"
-prop_isVariableName3 = not $ isVariableName "test: "
-isVariableName (x:r) = isVariableStartChar x && all isVariableChar r
-isVariableName _     = False
-
 getVariablesFromLiteralToken token =
     getVariablesFromLiteral (getLiteralStringDef " " token)
 
@@ -880,73 +848,6 @@ getVariablesFromLiteral string =
   where
     variableRegex = mkRegex "\\$\\{?([A-Za-z0-9_]+)"
 
--- Get the variable name from an expansion like ${var:-foo}
-prop_getBracedReference1 = getBracedReference "foo" == "foo"
-prop_getBracedReference2 = getBracedReference "#foo" == "foo"
-prop_getBracedReference3 = getBracedReference "#" == "#"
-prop_getBracedReference4 = getBracedReference "##" == "#"
-prop_getBracedReference5 = getBracedReference "#!" == "!"
-prop_getBracedReference6 = getBracedReference "!#" == "#"
-prop_getBracedReference7 = getBracedReference "!foo#?" == "foo"
-prop_getBracedReference8 = getBracedReference "foo-bar" == "foo"
-prop_getBracedReference9 = getBracedReference "foo:-bar" == "foo"
-prop_getBracedReference10= getBracedReference "foo: -1" == "foo"
-prop_getBracedReference11= getBracedReference "!os*" == ""
-prop_getBracedReference11b= getBracedReference "!os@" == ""
-prop_getBracedReference12= getBracedReference "!os?bar**" == ""
-prop_getBracedReference13= getBracedReference "foo[bar]" == "foo"
-getBracedReference s = fromMaybe s $
-    nameExpansion s `mplus` takeName noPrefix `mplus` getSpecial noPrefix `mplus` getSpecial s
-  where
-    noPrefix = dropPrefix s
-    dropPrefix (c:rest) | c `elem` "!#" = rest
-    dropPrefix cs = cs
-    takeName s = do
-        let name = takeWhile isVariableChar s
-        guard . not $ null name
-        return name
-    getSpecial (c:_) | isSpecialVariableChar c = return [c]
-    getSpecial _ = fail "empty or not special"
-
-    nameExpansion ('!':next:rest) = do -- e.g. ${!foo*bar*}
-        guard $ isVariableChar next -- e.g. ${!@}
-        first <- find (not . isVariableChar) rest
-        guard $ first `elem` "*?@"
-        return ""
-    nameExpansion _ = Nothing
-
-prop_getBracedModifier1 = getBracedModifier "foo:bar:baz" == ":bar:baz"
-prop_getBracedModifier2 = getBracedModifier "!var:-foo" == ":-foo"
-prop_getBracedModifier3 = getBracedModifier "foo[bar]" == "[bar]"
-prop_getBracedModifier4 = getBracedModifier "foo[@]@Q" == "[@]@Q"
-prop_getBracedModifier5 = getBracedModifier "@@Q" == "@Q"
-getBracedModifier s = headOrDefault "" $ do
-    let var = getBracedReference s
-    a <- dropModifier s
-    dropPrefix var a
-  where
-    dropPrefix [] t        = return t
-    dropPrefix (a:b) (c:d) | a == c = dropPrefix b d
-    dropPrefix _ _         = []
-
-    dropModifier (c:rest) | c `elem` "#!" = [rest, c:rest]
-    dropModifier x        = [x]
-
--- Useful generic functions.
-
--- Get element 0 or a default. Like `head` but safe.
-headOrDefault _ (a:_) = a
-headOrDefault def _   = def
-
--- Get the last element or a default. Like `last` but safe.
-lastOrDefault def [] = def
-lastOrDefault _ list = last list
-
---- Get element n of a list, or Nothing. Like `!!` but safe.
-(!!!) list i =
-    case drop i list of
-        []    -> Nothing
-        (r:_) -> Just r
 
 -- Run a command if the shell is in the given list
 whenShell l c = do
@@ -999,17 +900,6 @@ isBashLike params =
         Dash -> False
         Sh -> False
 
--- Returns whether a token is a parameter expansion without any modifiers.
--- True for $var ${var} $1 $#
--- False for ${#var} ${var[x]} ${var:-0}
-isUnmodifiedParameterExpansion t =
-    case t of
-        T_DollarBraced _ False _ -> True
-        T_DollarBraced _ _ list ->
-            let str = concat $ oversimplify list
-            in getBracedReference str == str
-        _ -> False
-
 isTrueAssignmentSource c =
     case c of
         DataString SourceChecked -> False
diff --git a/src/ShellCheck/CFG.hs b/src/ShellCheck/CFG.hs
new file mode 100644
index 0000000..101a0d7
--- /dev/null
+++ b/src/ShellCheck/CFG.hs
@@ -0,0 +1,1147 @@
+{-
+    Copyright 2022 Vidar Holen
+
+    This file is part of ShellCheck.
+    https://www.shellcheck.net
+
+    ShellCheck is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    ShellCheck is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <https://www.gnu.org/licenses/>.
+-}
+{-# LANGUAGE TemplateHaskell #-}
+{-# LANGUAGE DeriveAnyClass, DeriveGeneric #-}
+
+-- Constructs a Control Flow Graph from an AST
+module ShellCheck.CFG (
+    CFNode (..),
+    CFEdge (..),
+    CFEffect (..),
+    CFStringPart (..),
+    CFVariableProp (..),
+    CFGResult (..),
+    CFValue (..),
+    CFGraph,
+    CFGParameters (..),
+    IdTagged (..),
+    buildGraph
+    , ShellCheck.CFG.runTests -- STRIP
+    )
+  where
+
+import GHC.Generics (Generic)
+import ShellCheck.AST
+import ShellCheck.ASTLib
+import ShellCheck.Interface
+import ShellCheck.Prelude
+import ShellCheck.Regex
+import Control.DeepSeq
+import Control.Monad
+import Control.Monad.Identity
+import Data.List hiding (map)
+import Data.Maybe
+import qualified Data.Map as M
+import qualified Data.Set as S
+import Control.Monad.RWS.Lazy
+import Data.Graph.Inductive.Graph
+import Data.Graph.Inductive.Query.DFS
+import Data.Graph.Inductive.PatriciaTree as G
+import Debug.Trace -- STRIP
+
+import Test.QuickCheck.All (forAllProperties)
+import Test.QuickCheck.Test (quickCheckWithResult, stdArgs, maxSuccess)
+
+
+-- Our basic Graph type
+type CFGraph = G.Gr CFNode CFEdge
+
+-- Node labels in a Control Flow Graph
+data CFNode =
+    -- A no-op node for structural purposes
+    CFStructuralNode
+    -- A no-op for graph inspection purposes
+    | CFEntryPoint String
+    -- Drop current prefix assignments
+    | CFDropPrefixAssignments
+    -- A node with a certain effect on program state
+    | CFApplyEffects [IdTagged CFEffect]
+    -- The execution of a command or function by literal string if possible
+    | CFExecuteCommand (Maybe String)
+    -- Execute a subshell. These are represented by disjoint graphs just like
+    -- functions, but they don't require any form of name resolution
+    | CFExecuteSubshell String Node Node
+    -- Assignment of $?
+    | CFSetExitCode Id
+    -- The virtual 'exit' at the natural end of a subshell
+    | CFImpliedExit
+    -- An exit statement resolvable at CFG build time
+    | CFResolvedExit
+    -- An exit statement only resolvable at DFA time
+    | CFUnresolvedExit
+    -- An unreachable node, serving as the unconnected end point of a range
+    | CFUnreachable
+    -- Assignment of $!
+    | CFSetBackgroundPid Id
+  deriving (Eq, Ord, Show, Generic, NFData)
+
+-- Edge labels in a Control Flow Graph
+data CFEdge =
+    CFEErrExit
+    -- Regular control flow edge
+    | CFEFlow
+    -- An edge that a human might think exists (e.g. from a backgrounded process to its parent)
+    | CFEFalseFlow
+    -- An edge followed on exit
+    | CFEExit
+  deriving (Eq, Ord, Show, Generic, NFData)
+
+-- Actions we track
+data CFEffect =
+    CFModifyProps String [CFVariableProp]
+    | CFReadVariable String
+    | CFWriteVariable String CFValue
+    | CFWriteGlobal String CFValue
+    | CFWriteLocal String CFValue
+    | CFWritePrefix String CFValue
+    | CFDefineFunction String Id Node Node
+    | CFUndefine String
+    | CFUndefineVariable String
+    | CFUndefineFunction String
+    | CFUndefineNameref String
+    -- Usage implies that this is an array (e.g. it's expanded with index)
+    | CFHintArray String
+    -- Operation implies that the variable will be defined (e.g. [ -z "$var" ])
+    | CFHintDefined String
+  deriving (Eq, Ord, Show, Generic, NFData)
+
+data IdTagged a = IdTagged Id a
+  deriving (Eq, Ord, Show, Generic, NFData)
+
+-- Where a variable's value comes from
+data CFValue =
+    -- The special 'uninitialized' value
+    CFValueUninitialized
+    -- An arbitrary array value
+    | CFValueArray
+    -- An arbitrary string value
+    | CFValueString
+    -- An arbitrary integer
+    | CFValueInteger
+    -- Token 'Id' concatenates and assigns the given parts
+    | CFValueComputed Id [CFStringPart]
+  deriving (Eq, Ord, Show, Generic, NFData)
+
+-- Simplified computed strings
+data CFStringPart =
+    -- A known literal string value, like 'foo'
+    CFStringLiteral String
+    -- The contents of a variable, like $foo
+    | CFStringVariable String
+    -- An value that is unknown but an integer
+    | CFStringInteger
+    -- An unknown string value, for things we can't handle
+    | CFStringUnknown
+  deriving (Eq, Ord, Show, Generic, NFData)
+
+-- The properties of a variable
+data CFVariableProp = CFVPExport | CFVPArray
+  deriving (Eq, Ord, Show, Generic, NFData)
+
+-- Options when generating CFG
+data CFGParameters = CFGParameters {
+    -- Whether the last element in a pipeline runs in the current shell
+    cfLastpipe :: Bool,
+    -- Whether all elements in a pipeline count towards the exit status
+    cfPipefail :: Bool
+}
+
+data CFGResult = CFGResult {
+    -- The graph itself
+    cfGraph :: CFGraph,
+    -- Map from Id to start/end node
+    cfIdToNode :: M.Map Id (Node, Node)
+}
+  deriving (Show)
+
+buildGraph :: CFGParameters -> Token -> CFGResult
+buildGraph params root =
+    let
+        (nextNode, base) = execRWS (buildRoot root) (newCFContext params) 0
+        (nodes, edges, mapping) =
+--            renumberTopologically $
+                removeUnnecessaryStructuralNodes
+                    base
+    in
+        CFGResult {
+            cfGraph = mkGraph nodes edges,
+            cfIdToNode = M.fromList mapping
+        }
+
+remapGraph remap (nodes, edges, mapping) =
+    (
+        map (remapNode remap) nodes,
+        map (remapEdge remap) edges,
+        map (\(id, (a,b)) -> (id, (remapHelper remap a, remapHelper remap b))) mapping
+    )
+
+prop_testRenumbering =
+    let
+        s = CFStructuralNode
+        before = (
+            [(1,s), (3,s), (4, s), (8,s)],
+            [(1,3,CFEFlow), (3,4, CFEFlow), (4,8,CFEFlow)],
+            [(Id 0, (3,4))]
+            )
+        after = (
+            [(0,s), (1,s), (2,s), (3,s)],
+            [(0,1,CFEFlow), (1,2, CFEFlow), (2,3,CFEFlow)],
+            [(Id 0, (1,2))]
+            )
+    in after == renumberGraph before
+
+-- Renumber the graph for prettiness, so there are no gaps in node numbers
+renumberGraph g@(nodes, edges, mapping) =
+    let renumbering = M.fromList (flip zip [0..] $ sort $ map fst nodes)
+    in remapGraph renumbering g
+
+prop_testRenumberTopologically =
+    let
+        s = CFStructuralNode
+        before = (
+            [(4,s), (2,s), (3, s)],
+            [(4,2,CFEFlow), (2,3, CFEFlow)],
+            [(Id 0, (4,2))]
+            )
+        after = (
+            [(0,s), (1,s), (2,s)],
+            [(0,1,CFEFlow), (1,2, CFEFlow)],
+            [(Id 0, (0,1))]
+            )
+    in after == renumberTopologically before
+
+-- Renumber the graph in topological order
+renumberTopologically g@(nodes, edges, mapping) =
+    let renumbering = M.fromList (flip zip [0..] $ topsort (mkGraph nodes edges :: CFGraph))
+    in remapGraph renumbering g
+
+prop_testRemoveStructural =
+    let
+        s = CFStructuralNode
+        before = (
+            [(1,s), (2,s), (3, s), (4,s)],
+            [(1,2,CFEFlow), (2,3, CFEFlow), (3,4,CFEFlow)],
+            [(Id 0, (2,3))]
+            )
+        after = (
+            [(1,s), (2,s), (4,s)],
+            [(1,2,CFEFlow), (2,4,CFEFlow)],
+            [(Id 0, (2,2))]
+            )
+    in after == removeUnnecessaryStructuralNodes before
+
+-- Collapse structural nodes that just form long chains like x->x->x.
+-- This way we can generate them with abandon, without making DFA slower.
+--
+-- Note in particular that we can't remove a structural node x in
+-- foo -> x -> bar , because then the pre/post-condition for tokens
+-- previously pointing to x would be wrong.
+removeUnnecessaryStructuralNodes (nodes, edges, mapping) =
+    remapGraph recursiveRemapping
+        (
+            filter (\(n, _) -> n `M.notMember` recursiveRemapping) nodes,
+            filter (`S.notMember` edgesToCollapse) edges,
+            mapping
+        )
+  where
+    regularEdges = filter isRegularEdge edges
+    inDegree = counter $ map (\(from,to,_) -> from) regularEdges
+    outDegree = counter $ map (\(from,to,_) -> to) regularEdges
+    structuralNodes = S.fromList $ map fst $ filter isStructural nodes
+    candidateNodes = S.filter isLinear structuralNodes
+    edgesToCollapse = S.fromList $ filter filterEdges regularEdges
+
+    remapping :: M.Map Node Node
+    remapping = foldl' (\m (new, old) -> M.insert old new m) M.empty $ map orderEdge $ S.toList edgesToCollapse
+    recursiveRemapping = M.fromList $ map (\c -> (c, recursiveLookup remapping c)) $ M.keys remapping
+
+    filterEdges (a,b,_) =
+        a `S.member` candidateNodes && b `S.member` candidateNodes
+
+    orderEdge (a,b,_) = if a < b then (a,b) else (b,a)
+    counter = foldl' (\map key -> M.insertWith (+) key 1 map) M.empty
+    isRegularEdge (_, _, CFEFlow) = True
+    isRegularEdge _ = False
+
+    recursiveLookup :: M.Map Node Node -> Node -> Node
+    recursiveLookup map node =
+        case M.lookup node map of
+            Nothing -> node
+            Just x -> recursiveLookup map x
+
+    isStructural (node, label) =
+        case label of
+            CFStructuralNode -> True
+            _ -> False
+
+    isLinear node =
+        M.findWithDefault 0 node inDegree == 1
+        && M.findWithDefault 0 node outDegree == 1
+
+
+remapNode :: M.Map Node Node -> LNode CFNode -> LNode CFNode
+remapNode m (node, label) =
+    (remapHelper m node, newLabel)
+  where
+    newLabel = case label of
+        CFApplyEffects effects -> CFApplyEffects (map (remapEffect m) effects)
+        CFExecuteSubshell s a b -> CFExecuteSubshell s (remapHelper m a) (remapHelper m b)
+--        CFSubShellStart reason node -> CFSubShellStart reason (remapHelper m node)
+
+        _ -> label
+
+remapEffect map old@(IdTagged id effect) =
+    case effect of
+        CFDefineFunction name id start end -> IdTagged id $ CFDefineFunction name id (remapHelper map start) (remapHelper map end)
+        _ -> old
+
+remapEdge :: M.Map Node Node -> LEdge CFEdge -> LEdge CFEdge
+remapEdge map (from, to, label) = (remapHelper map from, remapHelper map to, label)
+remapHelper map n = M.findWithDefault n n map
+
+data Range = Range Node Node
+  deriving (Eq, Show)
+
+data CFContext = CFContext {
+    cfIsCondition :: Bool,
+    cfIsFunction :: Bool,
+    cfLoopStack :: [(Node, Node)],
+    cfExitTarget :: Maybe Node,
+    cfReturnTarget :: Maybe Node,
+    cfParameters :: CFGParameters
+}
+newCFContext params = CFContext {
+    cfIsCondition = False,
+    cfIsFunction = False,
+    cfLoopStack = [],
+    cfExitTarget = Nothing,
+    cfReturnTarget = Nothing,
+    cfParameters = params
+}
+
+-- The monad we generate a graph in
+type CFM a = RWS CFContext ([LNode CFNode], [LEdge CFEdge], [(Id, (Node, Node))]) Int a
+
+newNode :: CFNode -> CFM Node
+newNode label = do
+    n <- get
+    put (n+1)
+    tell ([(n, label)], [], [])
+    return n
+
+newNodeRange :: CFNode -> CFM Range
+-- newNodeRange label = nodeToRange <$> newNode label
+newNodeRange label = nodeToRange <$> newNode label
+
+-- Build a disjoint piece of the graph and return a CFExecuteSubshell. The Id is used purely for debug naming.
+subshell :: Id -> String -> CFM Range -> CFM Range
+subshell id reason p = do
+    start <- newNode $ CFEntryPoint $ "Subshell " ++ show id ++ ": " ++ reason
+    end <- newNode CFStructuralNode
+    middle <- local (\c -> c { cfExitTarget = Just end, cfReturnTarget = Just end}) p
+    linkRanges [nodeToRange start, middle, nodeToRange end]
+    newNodeRange $ CFExecuteSubshell reason start end
+
+
+withFunctionScope p = do
+    end <- newNode CFStructuralNode
+    body <- local (\c -> c { cfReturnTarget = Just end, cfIsFunction = True }) p
+    linkRanges [body, nodeToRange end]
+
+
+nodeToRange :: Node -> Range
+nodeToRange n = Range n n
+
+link :: Node -> Node -> CFEdge -> CFM ()
+link from to label = do
+    tell ([], [(from, to, label)], [])
+
+registerNode :: Id -> Range -> CFM ()
+registerNode id (Range start end) = tell ([], [], [(id, (start, end))])
+
+linkRange :: Range -> Range -> CFM Range
+linkRange = linkRangeAs CFEFlow
+
+linkRangeAs :: CFEdge -> Range -> Range -> CFM Range
+linkRangeAs label (Range start mid1) (Range mid2 end) = do
+    link mid1 mid2 label
+    return (Range start end)
+
+-- Like linkRange but without actually linking
+spanRange :: Range -> Range -> Range
+spanRange (Range start mid1) (Range mid2 end) = Range start end
+
+linkRanges :: [Range] -> CFM Range
+linkRanges [] = error "Empty range"
+linkRanges (first:rest) = foldM linkRange first rest
+
+sequentially :: [Token] -> CFM Range
+sequentially list = do
+    first <- newStructuralNode
+    rest <- mapM build list
+    linkRanges (first:rest)
+
+withContext :: (CFContext -> CFContext) -> CFM a -> CFM a
+withContext = local
+
+withReturn :: Range -> CFM a -> CFM a
+withReturn _ p = p
+
+asCondition :: CFM Range -> CFM Range
+asCondition = withContext (\c -> c { cfIsCondition = True })
+
+newStructuralNode = newNodeRange CFStructuralNode
+
+buildRoot :: Token -> CFM Range
+buildRoot t = do
+    entry <- newNodeRange $ CFEntryPoint "MAIN"
+    impliedExit <- newNode CFImpliedExit
+    end <- newNode CFStructuralNode
+    start <- local (\c -> c { cfExitTarget = Just end, cfReturnTarget = Just impliedExit}) $ build t
+    range <- linkRanges [entry, start, nodeToRange impliedExit, nodeToRange end]
+    registerNode (getId t) range
+    return range
+
+applySingle e = CFApplyEffects [e]
+
+-- Build the CFG.
+build :: Token -> CFM Range
+build t = do
+    range <- build' t
+    registerNode (getId t) range
+    return range
+  where
+    build' t = case t of
+        T_Annotation _ _ list -> build list
+        T_Script _ _ list -> do
+            sequentially list
+
+        TA_Assignment id op var@(TA_Variable _ name indices) rhs -> do
+            -- value first: (( var[x=1] = (x=2) )) runs x=1 last
+            value <- build rhs
+            subscript <- sequentially indices
+            read <-
+                if op == "="
+                then none
+                -- This is += or something
+                else newNodeRange $ applySingle $ IdTagged id $ CFReadVariable name
+
+            write <- newNodeRange $ applySingle $ IdTagged id $ CFWriteVariable name $
+                        if null indices
+                        then CFValueInteger
+                        else CFValueArray
+
+            linkRanges [value, subscript, read, write]
+
+        TA_Assignment id op lhs rhs -> do
+            -- This is likely an invalid assignment like (( 1 = 2 )), but it
+            -- could be e.g. x=y; (( $x = 3 )); echo $y, so expand both sides
+            -- without updating anything
+            sequentially [lhs, rhs]
+
+        TA_Binary _ _ a b -> sequentially [a,b]
+        TA_Expansion _ list -> sequentially list
+        TA_Sequence _ list -> sequentially list
+
+        TA_Trinary _ cond a b -> do
+            condition <- build cond
+            ifthen <- build a
+            elsethen <- build b
+            end <- newStructuralNode
+            linkRanges [condition, ifthen, end]
+            linkRanges [condition, elsethen, end]
+
+        TA_Variable id name indices -> do
+            subscript <- sequentially indices
+            hint <-
+                if null indices
+                then none
+                else nodeToRange <$> newNode (applySingle $ IdTagged id $ CFHintArray name)
+            read <- nodeToRange <$> newNode (applySingle $ IdTagged id $ CFReadVariable name)
+            linkRanges [subscript, hint, read]
+
+        TA_Unary id op (TA_Variable _ name indices) | "--" `isInfixOf` op || "++" `isInfixOf` op -> do
+            subscript <- sequentially indices
+            read <- newNodeRange $ applySingle $ IdTagged id $ CFReadVariable name
+            write <- newNodeRange $ applySingle $ IdTagged id $ CFWriteVariable name $
+                        if null indices
+                        then CFValueInteger
+                        else CFValueArray
+            linkRanges [subscript, read, write]
+        TA_Unary _ _ arg -> build arg
+
+        TC_And _ SingleBracket _ lhs rhs -> do
+            sequentially [lhs, rhs]
+
+        TC_And _ DoubleBracket _ lhs rhs -> do
+            left <- build lhs
+            right <- build rhs
+            end <- newStructuralNode
+            -- complete
+            linkRanges [left, right, end]
+            -- short circuit
+            linkRange left end
+
+        -- TODO: Handle integer ops
+        TC_Binary _ mode str lhs rhs -> do
+            left <- build lhs
+            right <- build rhs
+            linkRange left right
+
+        TC_Empty {} -> newStructuralNode
+
+        TC_Group _ _ t -> build t
+
+        -- TODO: Mark as checked
+        TC_Nullary _ _ arg -> build arg
+
+        TC_Or _ SingleBracket _ lhs rhs -> sequentially [lhs, rhs]
+
+        TC_Or _ DoubleBracket _ lhs rhs -> do
+            left <- build lhs
+            right <- build rhs
+            end <- newStructuralNode
+            -- complete
+            linkRanges [left, right, end]
+            -- short circuit
+            linkRange left end
+
+        -- TODO: Handle -v, -z, -n
+        TC_Unary _ _ op arg -> do
+            build arg
+
+        T_Arithmetic id root -> do
+            exe <- build root
+            status <- newNodeRange (CFSetExitCode id)
+            linkRange exe status
+
+        T_AndIf _ lhs rhs -> do
+            left <- build lhs
+            right <- build rhs
+            end <- newStructuralNode
+            linkRange left right
+            linkRange right end
+            linkRange left end
+
+        T_Array _ list -> sequentially list
+
+        T_Assignment {} -> buildAssignment DefaultScope t
+
+        T_Backgrounded id body -> do
+            start <- newStructuralNode
+            fork <- subshell id "backgrounding '&'" $ build body
+            pid <- newNodeRange $ CFSetBackgroundPid id
+            status <- newNodeRange $ CFSetExitCode id
+
+            linkRange start fork
+            -- Add a join from the fork to warn about variable changes
+            linkRangeAs CFEFalseFlow fork pid
+            linkRanges [start, pid, status]
+
+        T_Backticked id body ->
+            subshell id "`..` expansion" $ sequentially body
+
+        T_Banged id cmd -> do
+            main <- build cmd
+            status <- newNodeRange (CFSetExitCode id)
+            linkRange main status
+
+        T_BatsTest id _ body -> do
+            -- These are technically set by the 'run' command, but we'll just define them
+            -- up front to avoid figuring out which commands named "run" belong to Bats.
+            status <- newNodeRange $ applySingle $ IdTagged id $ CFWriteVariable "status" CFValueInteger
+            output <- newNodeRange $ applySingle $ IdTagged id $ CFWriteVariable "output" CFValueString
+            main <- build body
+            linkRanges [status, output, main]
+
+        T_BraceExpansion _ list -> sequentially list
+
+        T_BraceGroup id body ->
+            sequentially body
+
+        T_CaseExpression id t [] -> build t
+
+        T_CaseExpression id t list -> do
+            start <- newStructuralNode
+            token <- build t
+            branches <- mapM buildBranch list
+            end <- newStructuralNode
+
+            let neighbors = zip branches $ tail branches
+            let (_, firstCond, _) = head branches
+            let (_, lastCond, lastBody) = last branches
+
+            linkRange start token
+            linkRange token firstCond
+            mapM_ (uncurry $ linkBranch end) neighbors
+            linkRange lastBody end
+
+            unless (any hasCatchAll list) $
+                -- There's no *) branch, so assume we can fall through
+                void $ linkRange token end
+
+            return $ spanRange start end
+
+          where
+            -- for a | b | c, evaluate each in turn and allow short circuiting
+            buildCond list = do
+                start <- newStructuralNode
+                conds <- mapM build list
+                end <- newStructuralNode
+                linkRanges (start:conds)
+                mapM_ (`linkRange` end) conds
+                return $ spanRange start end
+
+            buildBranch (typ, cond, body) = do
+                c <- buildCond cond
+                b <- sequentially body
+                linkRange c b
+                return (typ, c, b)
+
+            linkBranch end (typ, cond, body) (_, nextCond, nextBody) = do
+                -- Failure case
+                linkRange cond nextCond
+                -- After body
+                case typ of
+                    CaseBreak -> linkRange body end
+                    CaseFallThrough -> linkRange body nextBody
+                    CaseContinue -> linkRange body nextCond
+
+            -- Find a *) if any
+
+            hasCatchAll (_,cond,_) = any isCatchAll cond
+            isCatchAll c = fromMaybe False $ do
+                pg <- wordToExactPseudoGlob c
+                return $ pg `pseudoGlobIsSuperSetof` [PGMany]
+
+        T_Condition _ _ op -> build op
+
+        T_CoProc id maybeName t -> do
+            let name = fromMaybe "COPROC" maybeName
+            start <- newStructuralNode
+            parent <- newNodeRange $ applySingle $ IdTagged id $ CFWriteVariable name CFValueArray
+            child <- subshell id "coproc" $ build t
+            end <- newNodeRange $ CFSetExitCode id
+
+            linkRange start parent
+            linkRange start child
+            linkRange parent end
+            linkRangeAs CFEFalseFlow child end
+
+            return $ spanRange start end
+        T_CoProcBody _ t -> build t
+
+        T_DollarArithmetic _ arith -> build arith
+        T_DollarDoubleQuoted _ list -> sequentially list
+        T_DollarSingleQuoted _ _ -> none
+        T_DollarBracket _ t -> build t
+
+        T_DollarBraced id _ t -> do
+            let str = concat $ oversimplify t
+            let modifier = getBracedModifier str
+            let reference = getBracedReference str
+            let indices = getIndexReferences str
+            let offsets = getOffsetReferences str
+            vals <- build t
+            others <- mapM (\x -> nodeToRange <$> newNode (applySingle $ IdTagged id $ CFReadVariable x)) (indices ++ offsets)
+            deps <- linkRanges (vals:others)
+            read <- nodeToRange <$> newNode (applySingle $ IdTagged id $ CFReadVariable reference)
+            totalRead <- linkRange deps read
+
+            if any (`isPrefixOf` modifier) ["=", ":="]
+              then do
+                optionalAssign <- newNodeRange (applySingle $ IdTagged id $ CFWriteVariable reference CFValueString)
+                result <- newStructuralNode
+                linkRange optionalAssign result
+                linkRange totalRead result
+              else return totalRead
+
+        T_DoubleQuoted _ list -> sequentially list
+
+        T_DollarExpansion id body ->
+            subshell id "$(..) expansion" $ sequentially body
+
+        T_Extglob _ _ list -> sequentially list
+
+        T_FdRedirect id ('{':identifier) op -> do
+            let name = takeWhile (/= '}') identifier
+            expression <- build op
+            rw <- newNodeRange $
+                if isClosingFileOp op
+                then applySingle $ IdTagged id $ CFReadVariable name
+                else applySingle $ IdTagged id $ CFWriteVariable name CFValueInteger
+
+            linkRange expression rw
+
+
+        T_FdRedirect _ name t -> do
+            build t
+
+        T_ForArithmetic _ initT condT incT bodyT -> do
+            init <- build initT
+            cond <- build condT
+            body <- sequentially bodyT
+            inc <- build incT
+            end <- newStructuralNode
+
+            -- Forward edges
+            linkRanges [init, cond, body, inc]
+            linkRange cond end
+            -- Backward edge
+            linkRange inc cond
+            return $ spanRange init end
+
+        T_ForIn id name words body -> forInHelper id name words body
+
+        -- For functions we generate an unlinked subgraph, and mention that in its definition node
+        T_Function id _ _ name body -> do
+            range <- local (\c -> c { cfExitTarget = Nothing }) $ do
+                entry <- newNodeRange $ CFEntryPoint $ "function " ++ name
+                f <- withFunctionScope $ build body
+                linkRange entry f
+            let (Range entry exit) = range
+            definition <- newNodeRange (applySingle $ IdTagged id $ CFDefineFunction name id entry exit)
+            exe <- newNodeRange (CFSetExitCode id)
+            linkRange definition exe
+
+        T_Glob {} -> none
+
+        T_HereString _ t -> build t
+        T_HereDoc _ _ _ _ list -> sequentially list
+
+        T_IfExpression id ifs elses -> do
+            start <- newStructuralNode
+            branches <- doBranches start ifs elses []
+            end <- newStructuralNode
+            mapM_ (`linkRange` end) branches
+            return $ spanRange start end
+          where
+            doBranches start ((conds, thens):rest) elses result = do
+                cond <- asCondition $ sequentially conds
+                action <- sequentially thens
+                linkRange start cond
+                linkRange cond action
+                doBranches cond rest elses (action:result)
+            doBranches start [] elses result = do
+                rest <-
+                    if null elses
+                    then newNodeRange (CFSetExitCode id)
+                    else sequentially elses
+                linkRange start rest
+                return (rest:result)
+
+        T_Include _ t -> build t
+
+        T_IndexedElement _ indicesT valueT -> do
+            indices <- sequentially indicesT
+            value <- build valueT
+            linkRange indices value
+
+        T_IoDuplicate _ op _ -> build op
+
+        T_IoFile _ op t -> do
+            exp <- build t
+            doesntDoMuch <- build op
+            linkRange exp doesntDoMuch
+
+        T_Literal {} -> none
+
+        T_NormalWord _ list -> sequentially list
+
+        T_OrIf _ lhs rhs -> do
+            left <- build lhs
+            right <- build rhs
+            end <- newStructuralNode
+            linkRange left right
+            linkRange right end
+            linkRange left end
+
+        T_Pipeline _ _ [cmd] -> build cmd
+        T_Pipeline id _ cmds -> do
+            start <- newStructuralNode
+            hasLastpipe <- reader $ cfLastpipe . cfParameters
+            (leading, last) <- buildPipe hasLastpipe cmds
+            end <- newStructuralNode
+
+            mapM_ (linkRange start) leading
+            mapM_ (\c -> linkRangeAs CFEFalseFlow c end) leading
+            linkRanges $ [start] ++ last ++ [end]
+          where
+            buildPipe True [x] = do
+                last <- build x
+                return ([], [last])
+            buildPipe lp (first:rest) = do
+                this <- subshell id "pipeline" $ build first
+                (leading, last) <- buildPipe lp rest
+                return (this:leading, last)
+            buildPipe _ [] = return ([], [])
+
+        T_ProcSub id op cmds -> do
+            start <- newStructuralNode
+            body <- subshell id (op ++ "() process substitution") $ sequentially cmds
+            end <- newStructuralNode
+
+            linkRange start body
+            linkRangeAs CFEFalseFlow body end
+            linkRange start end
+
+        T_Redirecting _ redirs cmd -> do
+            -- For simple commands, this is the other way around in bash
+            -- We do it in this order for comound commands like { x=name; } > "$x"
+            redir <- sequentially redirs
+            body <- build cmd
+            linkRange redir body
+
+        T_SelectIn id name words body -> forInHelper id name words body
+
+        T_SimpleCommand id vars [] -> do
+            -- Vars can also be empty, as in the command "> foo"
+            assignments <- sequentially vars
+            status <- newNodeRange (CFSetExitCode id)
+            linkRange assignments status
+
+        T_SimpleCommand id vars list@(cmd:_) ->
+            handleCommand t vars list $ getUnquotedLiteral cmd
+
+        T_SingleQuoted _ _ -> none
+
+        T_SourceCommand _ originalCommand inlinedSource -> do
+            cmd <- build originalCommand
+            end <- newStructuralNode
+            inline <- withReturn end $ build inlinedSource
+            linkRange cmd inline
+            linkRange inline end
+            return $ spanRange cmd inline
+
+        T_Subshell id body -> do
+            main <- subshell id "explicit (..) subshell" $ sequentially body
+            status <- newNodeRange (CFSetExitCode id)
+            linkRange main status
+
+        T_UntilExpression id cond body -> whileHelper id cond body
+        T_WhileExpression id cond body -> whileHelper id cond body
+
+        T_CLOBBER _ -> none
+        T_GREATAND _ -> none
+        T_LESSAND _ -> none
+        T_LESSGREAT _ -> none
+        T_DGREAT _ -> none
+        T_Greater _ -> none
+        T_Less _ -> none
+        T_ParamSubSpecialChar _ _ -> none
+
+        x -> error ("Unimplemented: " ++ show x)
+
+--  Still in `where` clause
+    forInHelper id name words body = do
+        entry <- newStructuralNode
+        expansion <- sequentially words
+        assignmentChoice <- newStructuralNode
+        assignments <-
+            if null words || any willSplit words
+            then (:[]) <$> (newNodeRange $ applySingle $ IdTagged id $ CFWriteVariable name CFValueString)
+            else mapM (\t -> newNodeRange $ applySingle $ IdTagged id $ CFWriteVariable name $ CFValueComputed (getId t) $ tokenToParts t) words
+        body <- sequentially body
+        exit <- newStructuralNode
+        -- Forward edges
+        linkRanges [entry, expansion, assignmentChoice]
+        mapM_ (\t -> linkRanges [assignmentChoice, t, body]) assignments
+        linkRange body exit
+        linkRange expansion exit
+        -- Backward edge
+        linkRange body assignmentChoice
+        return $ spanRange entry exit
+
+    whileHelper id cond body = do
+        condRange <- asCondition $ sequentially cond
+        bodyRange <- sequentially body
+        end <- newNodeRange (CFSetExitCode id)
+
+        linkRange condRange bodyRange
+        linkRange bodyRange condRange
+        linkRange condRange end
+
+
+handleCommand cmd vars args literalCmd = do
+    -- TODO: Handle assignments in declaring commands
+
+    case literalCmd of
+        Just "exit" -> regularExpansion vars args $ handleExit
+        Just "return" -> regularExpansion vars args $ handleReturn
+        Just "unset" -> regularExpansionWithStatus vars args $ handleUnset args
+
+        Just "declare" -> handleDeclare args
+        Just "local" -> handleDeclare args
+        Just "typeset" -> handleDeclare args
+
+        Just "printf" -> regularExpansionWithStatus vars args $ handlePrintf args
+        Just "wait" -> regularExpansionWithStatus vars args $ handleWait args
+
+        Just "mapfile" -> regularExpansionWithStatus vars args $ handleMapfile args
+        Just "readarray" -> regularExpansionWithStatus vars args $ handleMapfile args
+
+        Just "DEFINE_boolean" -> regularExpansionWithStatus vars args $ handleDEFINE args
+        Just "DEFINE_float" ->   regularExpansionWithStatus vars args $ handleDEFINE args
+        Just "DEFINE_integer" -> regularExpansionWithStatus vars args $ handleDEFINE args
+        Just "DEFINE_string" ->  regularExpansionWithStatus vars args $ handleDEFINE args
+
+        -- This will mostly behave like 'command' but ok
+        Just "builtin" ->
+            case args of
+                [_] -> regular
+                (_:newargs@(newcmd:_)) ->
+                    handleCommand newcmd vars newargs $ getLiteralString newcmd
+        Just "command" ->
+            case args of
+                [_] -> regular
+                (_:newargs@(newcmd:_)) ->
+                    handleOthers (getId newcmd) vars newargs $ getLiteralString newcmd
+        _ -> regular
+
+  where
+    regular = handleOthers (getId cmd) vars args literalCmd
+    handleExit = do
+        exitNode <- reader cfExitTarget
+        case exitNode of
+            Just target -> do
+                exit <- newNode CFResolvedExit
+                link exit target CFEExit
+                unreachable <- newNode CFUnreachable
+                return $ Range exit unreachable
+            Nothing -> do
+                exit <- newNode CFUnresolvedExit
+                unreachable <- newNode CFUnreachable
+                return $ Range exit unreachable
+
+    handleReturn = do
+        returnTarget <- reader cfReturnTarget
+        case returnTarget of
+            Nothing -> error $ pleaseReport "missing return target"
+            Just target -> do
+                ret <- newNode CFStructuralNode
+                link ret target CFEFlow
+                unreachable <- newNode CFUnreachable
+                return $ Range ret unreachable
+
+    handleUnset (cmd:args) = do
+        case () of
+                _ | "n" `elem` flagNames -> unsetWith CFUndefineNameref
+                _ | "v" `elem` flagNames -> unsetWith CFUndefineVariable
+                _ | "f" `elem` flagNames -> unsetWith CFUndefineFunction
+                _ -> unsetWith CFUndefine
+      where
+        pairs :: [(String, Token)] -- [(Flag string, token)] e.g. [("-f", t), ("", myfunc)]
+        pairs = map (\(str, (flag, val)) -> (str, flag)) $ fromMaybe (map (\c -> ("", (c,c))) args) $ getGnuOpts "vfn" args
+        (names, flags) = partition (null . fst) pairs
+        flagNames = map fst flags
+        literalNames :: [(Token, String)] -- Literal names to unset, e.g. [(myfuncToken, "myfunc")]
+        literalNames = mapMaybe (\(_, t) -> getLiteralString t >>= (return . (,) t)) names
+        -- Apply a constructor like CFUndefineVariable to each literalName, and tag with its id
+        unsetWith c = newNodeRange $ CFApplyEffects $ map (\(token, name) -> IdTagged (getId token) $ c name) literalNames
+
+
+    variableAssignRegex = mkRegex "^([_a-zA-Z][_a-zA-Z0-9]*)="
+
+    handleDeclare (cmd:args) = do
+        isFunc <- asks cfIsFunction
+        let (evaluated, effects) = mconcat $ map (toEffects isFunc) args
+        before <- sequentially $ evaluated
+        effect <- newNodeRange $ CFApplyEffects effects
+        result <- newNodeRange $ CFSetExitCode (getId cmd)
+        linkRanges [before, effect, result]
+      where
+        opts = map fst $ getGenericOpts args
+        array = "a" `elem` opts || "A" `elem` opts
+        integer = "i" `elem` opts
+        func = "f" `elem` opts || "F" `elem` opts
+        global = "g" `elem` opts
+        writer isFunc =
+            case () of
+                _ | global -> CFWriteGlobal
+                _ | isFunc -> CFWriteLocal
+                _ -> CFWriteVariable
+
+        toEffects :: Bool -> Token -> ([Token], [IdTagged CFEffect])
+        toEffects isFunc (T_Assignment id mode var idx t) =
+            let
+                pre = idx ++ [t]
+                isArray = array || (not $ null idx)
+                asArray = [ IdTagged id $ (writer isFunc) var CFValueArray ]
+                asString = [ IdTagged id $ (writer isFunc) var $
+                    if integer
+                    then CFValueInteger -- TODO: Also handle integer variable property
+                    else CFValueComputed (getId t) $ [ CFStringVariable var | mode == Append ] ++ tokenToParts t
+                  ]
+            in
+                (pre, if isArray then asArray else asString )
+
+        toEffects isFunc t =
+            let
+                pre = [t]
+                literal = fromJust $ getLiteralStringExt (const $ Just "\0") t
+                isKnown = '\0' `notElem` literal
+                match = fmap head $ variableAssignRegex `matchRegex` literal
+                name = fromMaybe literal match
+
+                typer def =
+                    if array
+                    then CFValueArray
+                    else
+                        if integer
+                        then CFValueInteger
+                        else def
+
+                asLiteral = [
+                    IdTagged (getId t) $ (writer isFunc) name $
+                        typer $ CFValueComputed (getId t) [ CFStringLiteral $ drop 1 $ dropWhile (/= '=') $ literal ]
+                    ]
+                asUnknown = [
+                    IdTagged (getId t) $ (writer isFunc) name $
+                        typer $ CFValueString
+                    ]
+                asBlank = [
+                    IdTagged (getId t) $ (writer isFunc) name $
+                        typer $ CFValueComputed (getId t) []
+                    ]
+            in
+                case () of
+                    _ | not (isVariableName name) -> (pre, [])
+                    _ | isJust match && isKnown -> (pre, asLiteral)
+                    _ | isJust match -> (pre, asUnknown)
+                    _ -> (pre, asBlank)
+
+    handlePrintf (cmd:args) =
+        newNodeRange $ CFApplyEffects $ maybeToList findVar
+      where
+        findVar = do
+            flags <- getBsdOpts "v:" args
+            (flag, arg) <- lookup "v" flags
+            name <- getLiteralString arg
+            return $ IdTagged (getId arg) $ CFWriteVariable name CFValueString
+
+    handleWait (cmd:args) =
+        newNodeRange $ CFApplyEffects $ maybeToList findVar
+      where
+        findVar = do
+            let flags = getGenericOpts args
+            (flag, arg) <- lookup "p" flags
+            name <- getLiteralString arg
+            return $ IdTagged (getId arg) $ CFWriteVariable name CFValueInteger
+
+    handleMapfile (cmd:args) =
+        newNodeRange $ CFApplyEffects [findVar]
+      where
+        findVar =
+            let (id, name) = fromMaybe (getId cmd, "MAPFILE") $ getFromArg `mplus` getFromFallback
+            in IdTagged id $ CFWriteVariable name CFValueArray
+
+        getFromArg = do
+            flags <- getGnuOpts "d:n:O:s:u:C:c:t" args
+            (_, arg) <- lookup "" flags
+            name <- getLiteralString arg
+            return (getId arg, name)
+
+        getFromFallback =
+            listToMaybe $ mapMaybe getIfVar $ reverse args
+        getIfVar c = do
+            name <- getLiteralString c
+            guard $ isVariableName name
+            return (getId c, name)
+
+    handleDEFINE (cmd:args) =
+        newNodeRange $ CFApplyEffects $ maybeToList findVar
+      where
+        findVar = do
+            name <- listToMaybe $ drop 1 args
+            str <- getLiteralString name
+            guard $ isVariableName str
+            return $ IdTagged (getId name) $ CFWriteVariable str CFValueString
+
+    handleOthers id vars args cmd =
+        regularExpansion vars args $ do
+            exe <- newNodeRange $ CFExecuteCommand cmd
+            status <- newNodeRange $ CFSetExitCode id
+            linkRange exe status
+
+    regularExpansion vars args p = do
+            args <- sequentially args
+            assignments <- mapM (buildAssignment PrefixScope) vars
+            exe <- p
+            dropAssignments <-
+                if null vars
+                then
+                    return []
+                else do
+                    drop <- newNodeRange CFDropPrefixAssignments
+                    return [drop]
+
+            linkRanges $ [args] ++ assignments ++ [exe] ++ dropAssignments
+
+    regularExpansionWithStatus vars args@(cmd:_) p = do
+        initial <- regularExpansion vars args p
+        status <- newNodeRange $ CFSetExitCode (getId cmd)
+        linkRange initial status
+
+
+none = newStructuralNode
+
+data Scope = DefaultScope | GlobalScope | LocalScope | PrefixScope
+
+buildAssignment scope t = do
+    op <- case t of
+            T_Assignment id mode var indices value -> do
+                expand <- build value
+                index <- sequentially indices
+                read <- case mode of
+                    Append -> newNodeRange (applySingle $ IdTagged id $ CFReadVariable var)
+                    Assign -> none
+                let valueType = if null indices then f id value else CFValueArray
+                let scoper =
+                                case scope of
+                                    PrefixScope -> CFWritePrefix
+                                    LocalScope -> CFWriteLocal
+                                    GlobalScope -> CFWriteGlobal
+                                    DefaultScope -> CFWriteVariable
+                write <- newNodeRange $ applySingle $ IdTagged id $ scoper var valueType
+                linkRanges [expand, index, read, write]
+              where
+                f :: Id -> Token -> CFValue
+                f id t@T_NormalWord {} = CFValueComputed id $ [CFStringVariable var | mode == Append] ++ tokenToParts t
+                f id t@(T_Literal _ str) = CFValueComputed id $ [CFStringVariable var | mode == Append] ++ tokenToParts t
+                f _ T_Array {} = CFValueArray
+
+    registerNode (getId t) op
+    return op
+
+
+tokenToParts t =
+    case t of
+        T_NormalWord _ list -> concatMap tokenToParts list
+        T_DoubleQuoted _ list -> concatMap tokenToParts list
+        T_SingleQuoted _ str -> [ CFStringLiteral str ]
+        T_Literal _ str -> [ CFStringLiteral str ]
+        T_DollarArithmetic {} -> [ CFStringInteger ]
+        T_DollarBracket {} -> [ CFStringInteger ]
+        T_DollarBraced _ _ list | isUnmodifiedParameterExpansion t -> [ CFStringVariable (getBracedReference $ concat $ oversimplify list) ]
+        -- Check if getLiteralString can handle it, if not it's unknown
+        _ -> [maybe CFStringUnknown CFStringLiteral $ getLiteralString t]
+
+return []
+runTests =  $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |])
diff --git a/src/ShellCheck/CFGAnalysis.hs b/src/ShellCheck/CFGAnalysis.hs
new file mode 100644
index 0000000..99ce450
--- /dev/null
+++ b/src/ShellCheck/CFGAnalysis.hs
@@ -0,0 +1,1113 @@
+{-
+    Copyright 2022 Vidar Holen
+
+    This file is part of ShellCheck.
+    https://www.shellcheck.net
+
+    ShellCheck is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    ShellCheck is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <https://www.gnu.org/licenses/>.
+-}
+{-# LANGUAGE TemplateHaskell #-}
+{-# LANGUAGE RankNTypes #-}
+{-# LANGUAGE DeriveAnyClass, DeriveGeneric #-}
+
+{-
+    Data Flow Analysis on a Control Flow Graph.
+
+    This module implements a pretty standard iterative Data Flow Analysis.
+    For an overview of the process, see Wikipedia.
+
+    Since shell scripts rely heavily on global variables, this DFA includes
+    tracking the value of globals across calls. Each function invocation is
+    treated as a separate DFA problem, and a caching mechanism (hopefully)
+    avoids any exponential explosions.
+
+    To do efficient DFA join operations (or merges, as the code calls them),
+    some of the data structures have an integer version attached. On update,
+    the version is changed. If two states have the same version number,
+    a merge is skipped on the grounds that they are identical. It is easy
+    to unintentionally forget to update/invalidate the version number,
+    and bugs will ensure.
+
+    For performance reasons, the entire code runs in plain ST, with a manual
+    context object Ctx being passed around. It relies heavily on mutable
+    STRefs. However, this turned out to be literally thousands of times faster
+    than my several attempts using RWST, so it can't be helped.
+-}
+
+module ShellCheck.CFGAnalysis (
+    analyzeControlFlow
+    ,CFGParameters (..)
+    ,CFGAnalysis (..)
+    ,ProgramState (..)
+    ,VariableValue (..)
+    ,SpaceStatus (..)
+    ,getIncomingState
+    ,getOutgoingState
+    ,ShellCheck.CFGAnalysis.runTests -- STRIP
+    ) where
+
+import GHC.Generics (Generic)
+import ShellCheck.AST
+import ShellCheck.CFG
+import qualified ShellCheck.Data as Data
+import ShellCheck.Prelude
+import Control.Monad
+import Control.Monad.ST
+import Control.DeepSeq
+import Data.List hiding (map)
+import Data.STRef
+import Data.Maybe
+import qualified Data.Map as M
+import qualified Data.Set as S
+import Data.Graph.Inductive.Graph
+import Data.Graph.Inductive.Query.DFS
+import Debug.Trace -- STRIP
+
+import Test.QuickCheck
+
+
+iterationCount = 1000000
+cacheEntries = 10
+
+-- The result of the data flow analysis
+data CFGAnalysis = CFGAnalysis {
+    graph :: CFGraph,
+    tokenToNode :: M.Map Id (Node, Node),
+    nodeToData :: M.Map Node (ProgramState, ProgramState)
+} deriving (Show, Generic, NFData)
+
+-- The program state we expose externally
+data ProgramState = ProgramState {
+    variablesInScope :: M.Map String VariableValue,
+    stateIsReachable :: Bool
+--    internalState :: InternalState
+} deriving (Show, Eq, Generic, NFData)
+
+-- Conveniently get the state before a token id
+getIncomingState :: CFGAnalysis -> Id -> Maybe ProgramState
+getIncomingState analysis id = do
+    (start,end) <- M.lookup id $ tokenToNode analysis
+    fst <$> M.lookup start (nodeToData analysis)
+
+-- Conveniently get the state after a token id
+getOutgoingState :: CFGAnalysis -> Id -> Maybe ProgramState
+getOutgoingState analysis id = do
+    (start,end) <- M.lookup id $ tokenToNode analysis
+    snd <$> M.lookup end (nodeToData analysis)
+
+getDataForNode analysis node = M.lookup node $ nodeToData analysis
+
+-- The current state of data flow at a point in the program, potentially as a diff
+data InternalState = InternalState {
+    sVersion :: Integer,
+    sGlobalValues :: VersionedMap String VariableValue,
+    sLocalValues :: VersionedMap String VariableValue,
+    sPrefixValues :: VersionedMap String VariableValue,
+    sFunctionTargets :: VersionedMap String FunctionValue,
+    sIsReachable :: Maybe Bool
+} deriving (Show, Generic, NFData)
+
+newInternalState = InternalState {
+    sVersion = 0,
+    sGlobalValues = vmEmpty,
+    sLocalValues = vmEmpty,
+    sPrefixValues = vmEmpty,
+    sFunctionTargets = vmEmpty,
+    sIsReachable = Nothing
+}
+
+unreachableState = modified newInternalState {
+    sIsReachable = Just False
+}
+
+-- The default state we assume we get from the environment
+createEnvironmentState :: InternalState
+createEnvironmentState = do
+    foldl' (flip ($)) newInternalState $ concat [
+        addVars Data.internalVariables unknownVariableValue,
+        addVars Data.variablesWithoutSpaces spacelessVariableValue,
+        addVars Data.specialIntegerVariables spacelessVariableValue
+        ]
+  where
+    addVars names val = map (\name -> insertGlobal name val) names
+    spacelessVariableValue = VariableValue {
+        literalValue = Nothing,
+        spaceStatus = SpaceStatusClean
+    }
+
+
+modified s = s { sVersion = -1 }
+
+insertGlobal :: String -> VariableValue -> InternalState -> InternalState
+insertGlobal name value state = modified state {
+    sGlobalValues = vmInsert name value $ sGlobalValues state
+}
+
+insertLocal :: String -> VariableValue -> InternalState -> InternalState
+insertLocal name value state = modified state {
+    sLocalValues = vmInsert name value $ sLocalValues state
+}
+
+insertPrefix :: String -> VariableValue -> InternalState -> InternalState
+insertPrefix name value state = modified state {
+    sPrefixValues = vmInsert name value $ sPrefixValues state
+}
+
+insertFunction :: String -> FunctionValue -> InternalState -> InternalState
+insertFunction name value state = modified state {
+    sFunctionTargets = vmInsert name value $ sFunctionTargets state
+}
+
+internalToExternal :: InternalState -> ProgramState
+internalToExternal s =
+    ProgramState {
+        -- Avoid introducing dependencies on the literal value as this is only for debugging purposes right now
+        variablesInScope = M.map (\c -> c { literalValue = Nothing }) flatVars,
+        -- internalState = s, -- For debugging
+        stateIsReachable = fromMaybe True $ sIsReachable s
+    }
+  where
+    flatVars = M.unionsWith (\_ last -> last) $ map mapStorage [sGlobalValues s, sLocalValues s, sPrefixValues s]
+
+-- Dependencies on values, e.g. "if there is a global variable named 'foo' without spaces"
+-- This is used to see if the DFA of a function would result in the same state, so anything
+-- that affects DFA must be tracked.
+data StateDependency =
+    DepGlobalValue String VariableValue
+    | DepLocalValue String VariableValue
+    | DepPrefixValue String VariableValue
+    | DepFunction String (S.Set FunctionDefinition)
+    -- Whether invoking the node would result in recursion (i.e., is the function on the stack?)
+    | DepIsRecursive Node Bool
+    deriving (Show, Eq, Ord, Generic, NFData)
+
+-- A function definition, or lack thereof
+data FunctionDefinition = FunctionUnknown | FunctionDefinition String Node Node
+    deriving (Show, Eq, Ord, Generic, NFData)
+
+-- The Set of places a command name can point (it's a Set to handle conditionally defined functions)
+type FunctionValue = S.Set FunctionDefinition
+
+-- The scope of a function. ("Prefix" refers to e.g. `foo=1 env`)
+data VariableScope = PrefixVar | LocalVar | GlobalVar
+    deriving (Show, Eq, Ord, Generic, NFData)
+
+-- Create an InternalState that fulfills the given dependencies
+depsToState :: S.Set StateDependency -> InternalState
+depsToState set = foldl insert newInternalState $ S.toList set
+  where
+    insert :: InternalState -> StateDependency -> InternalState
+    insert state dep =
+        case dep of
+            DepFunction name val -> insertFunction name val state
+            DepGlobalValue name val -> insertGlobal name val state
+            DepLocalValue name val -> insertLocal name val state
+            DepPrefixValue name val -> insertPrefix name val state
+            DepIsRecursive _ _ -> state
+
+unknownFunctionValue = S.singleton FunctionUnknown
+
+-- The information about the value of a single variable
+data VariableValue = VariableValue {
+    literalValue :: Maybe String, -- TODO: For debugging. Remove me.
+    spaceStatus :: SpaceStatus
+}
+    deriving (Show, Eq, Ord, Generic, NFData)
+
+-- Whether or not the value needs quoting (has spaces/globs), or we don't know
+data SpaceStatus = SpaceStatusEmpty | SpaceStatusClean | SpaceStatusDirty deriving (Show, Eq, Ord, Generic, NFData)
+
+
+unknownVariableValue = VariableValue {
+    literalValue = Nothing,
+    spaceStatus = SpaceStatusDirty
+}
+
+emptyVariableValue = VariableValue {
+    literalValue = Just "",
+    spaceStatus = SpaceStatusEmpty
+}
+
+mergeVariableValue a b = VariableValue {
+    literalValue = if literalValue a == literalValue b then literalValue a else Nothing,
+    spaceStatus = mergeSpaceStatus (spaceStatus a) (spaceStatus b)
+}
+
+mergeSpaceStatus a b =
+    case (a,b) of
+        (SpaceStatusEmpty, y) -> y
+        (x, SpaceStatusEmpty) -> x
+        (SpaceStatusClean, SpaceStatusClean) -> SpaceStatusClean
+        _ -> SpaceStatusDirty
+
+-- A VersionedMap is a Map that keeps an additional integer version to quickly determine if it has changed.
+-- * Version -1 means it's unknown (possibly and presumably changed)
+-- * Version 0 means it's empty
+-- * Version N means it's equal to any other map with Version N (this is required but not enforced)
+data VersionedMap k v = VersionedMap {
+    mapVersion :: Integer,
+    mapStorage :: M.Map k v
+}
+    deriving (Generic, NFData)
+
+-- This makes states more readable but inhibits copy-paste
+instance (Show k, Show v) => Show (VersionedMap k v) where
+    show m = (if mapVersion m >= 0 then "V" ++ show (mapVersion m) else "U") ++ " " ++ show (mapStorage m)
+
+instance Eq InternalState where
+    (==) a b = stateIsQuickEqual a b || stateIsSlowEqual a b
+
+instance (Eq k, Eq v) => Eq (VersionedMap k v) where
+    (==) a b = vmIsQuickEqual a b || mapStorage a == mapStorage b
+
+instance (Ord k, Ord v) => Ord (VersionedMap k v) where
+    compare a b =
+        if vmIsQuickEqual a b
+        then EQ
+        else mapStorage a `compare` mapStorage b
+
+
+-- A context with STRefs manually passed around to function.
+-- This is done because it was dramatically much faster than any RWS type stack
+data Ctx s = Ctx {
+    -- The current node
+    cNode :: STRef s Node,
+    -- The current input state
+    cInput :: STRef s InternalState,
+    -- The current output state
+    cOutput :: STRef s InternalState,
+
+    -- The current functions/subshells stack
+    cStack :: [StackEntry s],
+    -- The input graph
+    cGraph :: CFGraph,
+    -- An incrementing counter to version maps
+    cCounter :: STRef s Integer,
+    -- A cache of input state dependencies to output effects
+    cCache :: STRef s (M.Map Node [(S.Set StateDependency, InternalState)]),
+    -- The states resulting from data flows per invocation path
+    cInvocations :: STRef s (M.Map [Node] (S.Set StateDependency, M.Map Node (InternalState, InternalState)))
+}
+
+-- Whenever a function (or subshell) is invoked, a value like this is pushed onto the stack
+data StackEntry s = StackEntry {
+    -- The entry point of this stack entry for the purpose of detecting recursion
+    entryPoint :: Node,
+    -- The node where this entry point was invoked
+    callSite :: Node,
+    -- A mutable set of dependencies we fetched from here or higher in the stack
+    dependencies :: STRef s (S.Set StateDependency),
+    -- The original input state for this stack entry
+    stackState :: InternalState
+}
+    deriving (Eq, Generic, NFData)
+
+
+-- Overwrite a base state with the contents of a diff state
+-- This is unrelated to join/merge.
+patchState :: InternalState -> InternalState -> InternalState
+patchState base diff =
+    case () of
+        _ | sVersion diff == 0 -> base
+        _ | sVersion base == 0 -> diff
+        _ | stateIsQuickEqual base diff -> diff
+        _ ->
+            InternalState {
+                sVersion = -1,
+                sGlobalValues = vmPatch (sGlobalValues base) (sGlobalValues diff),
+                sLocalValues = vmPatch (sLocalValues base) (sLocalValues diff),
+                sPrefixValues = vmPatch (sPrefixValues base) (sPrefixValues diff),
+                sFunctionTargets = vmPatch (sFunctionTargets base) (sFunctionTargets diff),
+                sIsReachable = sIsReachable diff `mplus` sIsReachable base
+            }
+
+patchOutputM ctx diff = do
+    let cOut = cOutput ctx
+    oldState <- readSTRef cOut
+    let newState = patchState oldState diff
+    writeSTRef cOut newState
+
+-- Merge (aka Join) two states. This is monadic because it requires looking up
+-- values from the current context. For example:
+--
+--   f() {
+--     foo || x=2
+--     HERE         # This merge requires looking up the value of $x in the parent frame
+--   }
+--   x=1
+--   f
+mergeState :: forall s. Ctx s -> InternalState -> InternalState -> ST s InternalState
+mergeState ctx a b = do
+    -- Kludge: we want `readVariable` & friends not to read from an intermediate state,
+    --         so temporarily set a blank input.
+    let cin = cInput ctx
+    old <- readSTRef cin
+    writeSTRef cin newInternalState
+    x <- merge a b
+    writeSTRef cin old
+    return x
+
+  where
+
+    merge a b =
+        case () of
+            _ | sIsReachable a == Just True && sIsReachable b == Just False
+                    || sIsReachable a == Just False && sIsReachable b == Just True ->
+                error $ pleaseReport "Unexpected merge of reachable and unreachable state"
+            _ | sIsReachable a == Just False && sIsReachable b == Just False ->
+                return unreachableState
+            _ | sVersion a >= 0 && sVersion b >= 0 && sVersion a == sVersion b -> return a
+            _ -> do
+                globals <- mergeMaps ctx mergeVariableValue readGlobal (sGlobalValues a) (sGlobalValues b)
+                locals <- mergeMaps ctx mergeVariableValue readVariable (sLocalValues a) (sLocalValues b)
+                prefix <- mergeMaps ctx mergeVariableValue readVariable (sPrefixValues a) (sPrefixValues b)
+                funcs <- mergeMaps ctx S.union readFunction (sFunctionTargets a) (sFunctionTargets b)
+                return $ InternalState {
+                    sVersion = -1,
+                    sGlobalValues = globals,
+                    sLocalValues = locals,
+                    sPrefixValues = prefix,
+                    sFunctionTargets = funcs,
+                    sIsReachable = liftM2 (&&) (sIsReachable a) (sIsReachable b)
+                }
+
+-- Merge a number of states, or return a default if there are no states
+-- (it can't fold from newInternalState because this would be equivalent of adding a new input edge).
+mergeStates :: forall s. Ctx s -> InternalState -> [InternalState] -> ST s InternalState
+mergeStates ctx def list =
+    case list of
+        [] -> return def
+        (first:rest) -> foldM (mergeState ctx) first rest
+
+-- Merge two maps, key by key. If both maps have a key, the 'merger' is used.
+-- If only one has the key, the 'reader' is used to fetch a second, and the two are merged as above.
+mergeMaps :: (Ord k) => forall s.
+    Ctx s ->
+    (v -> v -> v) ->
+    (Ctx s -> k -> ST s v) ->
+    (VersionedMap k v) ->
+    (VersionedMap k v) ->
+    ST s (VersionedMap k v)
+mergeMaps ctx merger reader a b =
+    if vmIsQuickEqual a b
+    then return a
+    else do
+        new <- M.fromDistinctAscList <$> reverse <$> f [] (M.toAscList $ mapStorage a) (M.toAscList $ mapStorage b)
+        vmFromMap ctx new
+  where
+    f l [] [] = return l
+    f l [] b = f l b []
+    f l ((k,v):rest1) [] = do
+        other <- reader ctx k
+        f ((k, merger v other):l) rest1 []
+    f l l1@((k1, v1):rest1) l2@((k2, v2):rest2) =
+        case k1 `compare` k2 of
+            EQ ->
+                f ((k1, merger v1 v2):l) rest1 rest2
+            LT -> do
+                nv2 <- reader ctx k1
+                f ((k1, merger v1 nv2):l) rest1 l2
+            GT -> do
+                nv1 <- reader ctx k2
+                f ((k2, merger nv1 v2):l) l1 rest2
+
+vmFromMap ctx map = return $ VersionedMap {
+    mapVersion = -1,
+    mapStorage = map
+}
+
+-- Give a VersionedMap a version if it does not already have one.
+versionMap ctx map =
+    if mapVersion map >= 0
+    then return map
+    else do
+        v <- nextVersion ctx
+        return map {
+            mapVersion = v
+        }
+
+-- Give an InternalState a version if it does not already have one.
+versionState ctx state =
+    if sVersion state >= 0
+    then return state
+    else do
+        self <- nextVersion ctx
+        ssGlobalValues <- versionMap ctx $ sGlobalValues state
+        ssLocalValues <- versionMap ctx $ sLocalValues state
+        ssFunctionTargets <- versionMap ctx $ sFunctionTargets state
+        return state {
+            sVersion = self,
+            sGlobalValues = ssGlobalValues,
+            sLocalValues = ssLocalValues,
+            sFunctionTargets = ssFunctionTargets
+        }
+
+-- Like 'not null' but for 2+ elements
+is2plus :: [a] -> Bool
+is2plus l = case l of
+    _:_:_ -> True
+    _ -> False
+
+-- Use versions to see if two states are trivially identical
+stateIsQuickEqual a b =
+    let
+        va = sVersion a
+        vb = sVersion b
+    in
+        va >= 0 && vb >= 0 && va == vb
+
+-- A manual slow path 'Eq' (it's not derived because it's part of the custom Eq instance)
+stateIsSlowEqual a b =
+    check sGlobalValues
+    && check sLocalValues
+    && check sPrefixValues
+    && check sFunctionTargets
+    && check sIsReachable
+  where
+    check f = f a == f b
+
+-- Check if two VersionedMaps are trivially equal
+vmIsQuickEqual :: VersionedMap k v -> VersionedMap k v -> Bool
+vmIsQuickEqual a b =
+    let
+        va = mapVersion a
+        vb = mapVersion b
+    in
+        va >= 0 && vb >= 0 && va == vb
+
+-- A new, empty VersionedMap
+vmEmpty = VersionedMap {
+    mapVersion = 0,
+    mapStorage = M.empty
+}
+
+-- Map.null for VersionedMaps
+vmNull :: VersionedMap k v -> Bool
+vmNull m = mapVersion m == 0 || (M.null $ mapStorage m)
+
+-- Map.lookup for VersionedMaps
+vmLookup name map = M.lookup name $ mapStorage map
+
+-- Map.insert for VersionedMaps
+vmInsert key val map = VersionedMap {
+    mapVersion = -1,
+    mapStorage = M.insert key val $ mapStorage map
+}
+
+-- Overwrite all keys in the first map with values from the second
+vmPatch :: (Ord k) => VersionedMap k v -> VersionedMap k v -> VersionedMap k v
+vmPatch base diff =
+    case () of
+        _ | mapVersion base == 0 -> diff
+        _ | mapVersion diff == 0 -> base
+        _ | vmIsQuickEqual base diff -> diff
+        _ -> VersionedMap {
+            mapVersion = -1,
+            mapStorage = M.unionWith (flip const) (mapStorage base) (mapStorage diff)
+        }
+
+-- Modify a variable as with x=1. This applies it to the appropriate scope.
+writeVariable :: forall s. Ctx s -> String -> VariableValue -> ST s ()
+writeVariable ctx name val = do
+    (_, typ) <- readVariableWithScope ctx name
+    case typ of
+        GlobalVar -> writeGlobal ctx name val
+        LocalVar -> writeLocal ctx name val
+        -- Prefixed variables actually become local variables in the invoked function
+        PrefixVar -> writeLocal ctx name val
+
+writeGlobal ctx name val = do
+    modifySTRef (cOutput ctx) $ insertGlobal name val
+
+writeLocal ctx name val = do
+    modifySTRef (cOutput ctx) $ insertLocal name val
+
+writePrefix ctx name val = do
+    modifySTRef (cOutput ctx) $ insertPrefix name val
+
+-- Look up a variable value, and also return its scope
+readVariableWithScope :: forall s. Ctx s -> String -> ST s (VariableValue, VariableScope)
+readVariableWithScope ctx name = lookupStack get dep def ctx name
+  where
+    def = (unknownVariableValue, GlobalVar)
+    get = getVariableWithScope
+    dep k v =
+        case v of
+            (val, GlobalVar) -> DepGlobalValue k val
+            (val, LocalVar) -> DepLocalValue k val
+            (val, PrefixVar) -> DepPrefixValue k val
+
+getVariableWithScope :: InternalState -> String -> Maybe (VariableValue, VariableScope)
+getVariableWithScope s name =
+    case (vmLookup name $ sPrefixValues s, vmLookup name $ sLocalValues s, vmLookup name $ sGlobalValues s) of
+        (Just var, _, _) -> return (var, PrefixVar)
+        (_, Just var, _) -> return (var, LocalVar)
+        (_, _, Just var) -> return (var, GlobalVar)
+        _ -> Nothing
+
+undefineFunction ctx name =
+    writeFunction ctx name $ FunctionUnknown
+
+undefineVariable ctx name =
+    writeVariable ctx name $ emptyVariableValue
+
+readVariable ctx name = fst <$> readVariableWithScope ctx name
+
+readGlobal ctx name = lookupStack get dep def ctx name
+  where
+    def = unknownVariableValue
+    get s name = vmLookup name $ sGlobalValues s
+    dep k v = DepGlobalValue k v
+
+readFunction ctx name = lookupStack get dep def ctx name
+  where
+    def = unknownFunctionValue
+    get s name = vmLookup name $ sFunctionTargets s
+    dep k v = DepFunction k v
+
+writeFunction ctx name val = do
+    modifySTRef (cOutput ctx) $ insertFunction name $ S.singleton val
+
+-- Look up each state on the stack until a value is found (or the default is used),
+-- then add this value as a StateDependency.
+lookupStack :: forall s k v.
+    -- A function that maybe finds a value from a state
+    (InternalState -> k -> Maybe v)
+    -- A function that creates a dependency on what was found
+    -> (k -> v -> StateDependency)
+    -- A default value, if the value can't be found anywhere
+    -> v
+    -- Context
+    -> Ctx s
+    -- The key to look up
+    -> k
+    -- Returning the result
+    -> ST s v
+lookupStack get dep def ctx key = do
+    top <- readSTRef $ cInput ctx
+    case get top key of
+        Just v -> return v
+        Nothing -> f (cStack ctx)
+  where
+    f [] = return def
+    f (s:rest) = do
+        -- Go up the stack until we find the value, and add
+        -- a dependency on each state (including where it was found)
+        res <- fromMaybe (f rest) (return <$> get (stackState s) key)
+        modifySTRef (dependencies s) $ S.insert $ dep key res
+        return res
+
+-- Like lookupStack but without adding dependencies
+peekStack get def ctx key = do
+    top <- readSTRef $ cInput ctx
+    case get top key of
+        Just v -> return v
+        Nothing -> f (cStack ctx)
+  where
+    f [] = return def
+    f (s:rest) =
+        case get (stackState s) key of
+            Just v -> return v
+            Nothing -> f rest
+
+-- Check if the current context fulfills a StateDependency
+fulfillsDependency ctx dep =
+    case dep of
+        DepGlobalValue name val -> (== (val, GlobalVar)) <$> peek ctx name
+        DepLocalValue name val -> (== (val, LocalVar)) <$> peek ctx name
+        DepPrefixValue name val -> (== (val, PrefixVar)) <$> peek ctx name
+        DepFunction name val -> (== val) <$> peekFunc ctx name
+        DepIsRecursive node val -> return $ val == any (\f -> entryPoint f == node) (cStack ctx)
+  --      _ -> error $ "Unknown dep " ++ show dep
+  where
+    peek = peekStack getVariableWithScope (unknownVariableValue, GlobalVar)
+    peekFunc = peekStack (\state name -> vmLookup name $ sFunctionTargets state) unknownFunctionValue
+
+-- Check if the current context fulfills all StateDependencies
+fulfillsDependencies ctx deps =
+    f $ S.toList deps
+  where
+    f [] = return True
+    f (dep:rest) = do
+        res <- fulfillsDependency ctx dep
+        if res
+            then f rest
+            else return False
+
+-- Create a brand new Ctx given a Control Flow Graph (CFG)
+newCtx g = do
+    c <- newSTRef 1
+    input <- newSTRef undefined
+    output <- newSTRef undefined
+    node <- newSTRef undefined
+    cache <- newSTRef M.empty
+    invocations <- newSTRef M.empty
+    return $ Ctx {
+        cCounter = c,
+        cInput = input,
+        cOutput = output,
+        cNode = node,
+        cCache = cache,
+        cStack = [],
+        cInvocations = invocations,
+        cGraph = g
+    }
+
+-- The next incrementing version for VersionedMaps
+nextVersion ctx = do
+    let ctr = cCounter ctx
+    n <- readSTRef ctr
+    writeSTRef ctr $! n+1
+    return n
+
+-- Create a new StackEntry
+newStackEntry ctx point = do
+    deps <- newSTRef S.empty
+    state <- readSTRef $ cOutput ctx
+    callsite <- readSTRef $ cNode ctx
+    return $ StackEntry {
+        entryPoint = point,
+        callSite = callsite,
+        dependencies = deps,
+        stackState = state
+    }
+
+-- Call a function with a new stack entry on the stack
+withNewStackFrame ctx node f = do
+    newEntry <- newStackEntry ctx node
+    newInput <- newSTRef newInternalState
+    newOutput <- newSTRef newInternalState
+    newNode <- newSTRef node
+    let newCtx = ctx {
+        cInput = newInput,
+        cOutput = newOutput,
+        cNode = newNode,
+        cStack = newEntry : cStack ctx
+    }
+    x <- f newCtx
+
+    {-
+    deps <- readSTRef $ dependencies newEntry
+    selfcheck <- fulfillsDependencies newCtx deps
+    unless selfcheck $ error $ pleaseReport $ "Unmet stack dependencies on " ++ show (node, deps)
+    -}
+
+    return (x, newEntry)
+
+-- Check if invoking this function would be a recursive loop
+-- (i.e. we already have the function on the stack)
+wouldBeRecursive ctx node = f (cStack ctx)
+  where
+    f [] = return False
+    f (s:rest) = do
+        res <-
+            if entryPoint s == node
+            then return True
+            else f rest
+        modifySTRef (dependencies s) $ S.insert $ DepIsRecursive node res
+        return res
+
+-- The main DFA 'transfer' function, applying the effects of a node to the output state
+transfer ctx label =
+  --traceShow ("Transferring", label) $
+    case label of
+        CFStructuralNode -> return ()
+        CFEntryPoint _ -> return ()
+        CFImpliedExit -> return ()
+        CFResolvedExit {} -> return ()
+
+        CFExecuteCommand cmd -> transferCommand ctx cmd
+        CFExecuteSubshell reason entry exit -> transferSubshell ctx reason entry exit
+        CFApplyEffects effects -> mapM_ (\(IdTagged _ f) -> transferEffect ctx f) effects
+
+        CFUnresolvedExit -> patchOutputM ctx unreachableState
+        CFUnreachable -> patchOutputM ctx unreachableState
+
+        -- TODO
+        CFSetBackgroundPid _ -> return ()
+        CFSetExitCode _ -> return ()
+        CFDropPrefixAssignments {} ->
+            modifySTRef (cOutput ctx) $ \c -> modified c { sPrefixValues = vmEmpty }
+--        _ -> error $ "Unknown " ++ show label
+
+
+-- Transfer the effects of a subshell invocation. This is similar to a function call
+-- to allow easily discarding the effects (otherwise the InternalState would have
+-- to represent subshell depth, while this way it can simply use the function stack).
+transferSubshell ctx reason entry exit = do
+    let cout = cOutput ctx
+    initial <- readSTRef cout
+    runCached ctx entry (f entry exit)
+    -- Clear subshell changes. TODO: track this to warn about modifications.
+    writeSTRef cout initial
+  where
+    f entry exit ctx = do
+        (states, frame) <- withNewStackFrame ctx entry (flip dataflow $ entry)
+        let (_, res) = fromMaybe (error $ pleaseReport "Subshell has no exit") $ M.lookup exit states
+        deps <- readSTRef $ dependencies frame
+        registerFlowResult ctx entry states deps
+        return (deps, res)
+
+-- Transfer the effects of executing a command, i.e. the merged union of all possible function definitions.
+transferCommand ctx Nothing = return ()
+transferCommand ctx (Just name) = do
+    targets <- readFunction ctx name
+    --traceShowM ("Transferring ",name,targets)
+    transferMultiple ctx $ map (flip transferFunctionValue) $ S.toList targets
+
+-- Transfer a set of function definitions and merge the output states.
+transferMultiple ctx funcs = do
+--    traceShowM ("Transferring set of ", length funcs)
+    original <- readSTRef out
+    branches <- mapM (apply ctx original) funcs
+    merged <- mergeStates ctx original branches
+    let patched = patchState original merged
+    writeSTRef out patched
+  where
+    out = cOutput ctx
+    apply ctx original f = do
+        writeSTRef out original
+        f ctx
+        readSTRef out
+
+-- Transfer the effects of a single function definition.
+transferFunctionValue ctx funcVal =
+    case funcVal of
+        FunctionUnknown -> return ()
+        FunctionDefinition name entry exit -> do
+            isRecursive <- wouldBeRecursive ctx entry
+            if isRecursive
+                then return () -- TODO: Find a better strategy for recursion
+                else runCached ctx entry (f name entry exit)
+  where
+    f name entry exit ctx = do
+        (states, frame) <- withNewStackFrame ctx entry (flip dataflow $ entry)
+        deps <- readSTRef $ dependencies frame
+        let res =
+                case M.lookup exit states of
+                    Just (input, output) -> do
+                        -- Discard local variables. TODO: track&retain variables declared local in previous scopes?
+                        modified output { sLocalValues = vmEmpty }
+                    Nothing -> do
+                        -- e.g. f() { exit; }
+                        unreachableState
+        registerFlowResult ctx entry states deps
+        return (deps, res)
+
+
+-- Register/save the result of a dataflow of a function.
+-- At the end, all the different values from different flows are merged together.
+registerFlowResult ctx entry states deps = do
+    -- This function is called in the context of a CFExecuteCommand and not its invoked function,
+    -- so manually add the current node to the stack.
+    current <- readSTRef $ cNode ctx
+    let parents = map callSite $ cStack ctx
+    -- A unique path to this flow context. The specific value doesn't matter, as long as it's
+    -- unique per invocation of the function. This is required so that 'x=1; f; x=2; f' won't
+    -- overwrite each other.
+    let path = entry : current : parents
+    modifySTRef (cInvocations ctx) $ M.insert path (deps, states)
+
+
+-- Look up a node in the cache and see if the dependencies of any entries are matched.
+-- In that case, reuse the previous result instead of doing a new data flow.
+runCached :: forall s. Ctx s -> Node -> (Ctx s -> ST s (S.Set StateDependency, InternalState)) -> ST s ()
+runCached ctx node f = do
+    cache <- getCache ctx node
+    case cache of
+        Just v -> do
+            -- traceShowM $ ("Running cached", node)
+            patchOutputM ctx v
+        Nothing -> do
+            -- traceShowM $ ("Cache failed", node)
+            (deps, diff) <- f ctx
+            modifySTRef (cCache ctx) (M.insertWith (\_ old -> (deps, diff):(take cacheEntries old)) node [(deps,diff)])
+            -- traceShowM $ ("Recomputed cache for", node, deps)
+            patchOutputM ctx diff
+
+-- Get a cached version whose dependencies are currently fulfilled, if any.
+getCache :: forall s. Ctx s -> Node -> ST s (Maybe InternalState)
+getCache ctx node = do
+    cache <- readSTRef $ cCache ctx
+    -- traceShowM $ ("Cache for", node, "length", length $ M.findWithDefault [] node cache, M.lookup node cache)
+    f $ M.findWithDefault [] node cache
+  where
+    f [] = return Nothing
+    f ((deps, value):rest) = do
+        match <- fulfillsDependencies ctx deps
+        if match
+            then return $ Just value
+            else f rest
+
+-- Transfer a single CFEffect to the output state.
+transferEffect ctx effect =
+    case effect of
+        CFReadVariable name -> do
+            void $ readVariable ctx name
+        CFWriteVariable name value -> do
+            val <- cfValueToVariableValue ctx value
+            writeVariable ctx name val
+        CFWriteGlobal name value -> do
+            val <- cfValueToVariableValue ctx value
+            writeGlobal ctx name val
+        CFWriteLocal name value -> do
+            val <- cfValueToVariableValue ctx value
+            writeLocal ctx name val
+        CFWritePrefix name value -> do
+            val <- cfValueToVariableValue ctx value
+            writePrefix ctx name val
+        CFUndefineVariable name -> undefineVariable ctx name
+        CFUndefineFunction name -> undefineFunction ctx name
+        CFUndefine name -> do
+            -- This should really just unset one or the other
+            undefineVariable ctx name
+            undefineFunction ctx name
+        CFDefineFunction name id entry exit ->
+            writeFunction ctx name $ FunctionDefinition name entry exit
+
+        -- TODO
+        CFUndefineNameref name -> undefineVariable ctx name
+        CFHintArray name -> return ()
+        CFHintDefined name -> return ()
+        CFModifyProps {} -> return ()
+--        _ -> error $ "Unknown effect " ++ show effect
+
+
+
+-- Transfer the CFG's idea of a value into our VariableState
+cfValueToVariableValue ctx val =
+    case val of
+        CFValueArray -> return unknownVariableValue -- TODO: Track array status
+        CFValueComputed _ parts -> foldM f emptyVariableValue parts
+        CFValueInteger -> return unknownIntegerValue
+        CFValueString -> return unknownVariableValue
+        CFValueUninitialized -> return emptyVariableValue
+--        _ -> error $ "Unknown value: " ++ show val
+  where
+    f val part = do
+        next <- computeValue ctx part
+        return $ val `appendVariableValue` next
+
+-- A value can be computed from 0 or more parts, such as x="literal$y$z"
+computeValue ctx part =
+    case part of
+        CFStringLiteral str -> return $ literalToVariableValue str
+        CFStringInteger -> return unknownIntegerValue
+        CFStringUnknown -> return unknownVariableValue
+        CFStringVariable name -> readVariable ctx name
+
+-- Append two VariableValues as if with z="$x$y"
+appendVariableValue :: VariableValue -> VariableValue -> VariableValue
+appendVariableValue a b =
+    VariableValue {
+        literalValue = liftM2 (++) (literalValue a) (literalValue b),
+        spaceStatus = appendSpaceStatus (spaceStatus a) (spaceStatus b)
+    }
+
+appendSpaceStatus a b =
+    case (a,b) of
+        (SpaceStatusEmpty, _) -> b
+        (_, SpaceStatusEmpty) -> a
+        (SpaceStatusClean, SpaceStatusClean) -> a
+        _ ->SpaceStatusDirty
+
+unknownIntegerValue = VariableValue {
+    literalValue = Nothing,
+    spaceStatus = SpaceStatusClean
+}
+
+literalToVariableValue str = VariableValue {
+    literalValue = Just str,
+    spaceStatus = literalToSpaceStatus str
+}
+
+withoutChanges ctx f = do
+    let inp = cInput ctx
+    let out = cOutput ctx
+    prevInput <- readSTRef inp
+    prevOutput <- readSTRef out
+    res <- f
+    writeSTRef inp prevInput
+    writeSTRef out prevOutput
+    return res
+
+-- Get the SpaceStatus for a literal string, i.e. if it needs quoting
+literalToSpaceStatus str =
+    case str of
+        "" -> SpaceStatusEmpty
+        _ | all (`notElem` " \t\n*?[") str -> SpaceStatusClean
+        _ -> SpaceStatusDirty
+
+type StateMap = M.Map Node (InternalState, InternalState)
+
+-- Classic, iterative Data Flow Analysis. See Wikipedia for a description of the process.
+dataflow :: forall s. Ctx s -> Node -> ST s StateMap
+dataflow ctx entry = do
+    pending <- newSTRef $ S.singleton entry
+    states <- newSTRef $ M.empty
+    -- Should probably be done via a stack frame instead
+    withoutChanges ctx $
+        f iterationCount pending states
+    readSTRef states
+  where
+    graph = cGraph ctx
+    f 0 _ _ = error $ pleaseReport "DFA did not reach fix point"
+    f n pending states = do
+        ps <- readSTRef pending
+        if S.null ps
+            then return ()
+            else do
+                let (next, rest) = S.deleteFindMin ps
+                nexts <- process states next
+                writeSTRef pending $ foldl (flip S.insert) rest nexts
+                f (n-1) pending states
+
+    process states node = do
+        stateMap <- readSTRef states
+        let inputs = filter (\c -> sIsReachable c /= Just False) $ mapMaybe (\c -> fmap snd $ M.lookup c stateMap) incoming
+        input <-
+            case incoming of
+                [] -> return newInternalState
+                _ ->
+                    case inputs of
+                        [] -> return unreachableState
+                        (x:rest) -> foldM (mergeState ctx) x rest
+        writeSTRef (cInput ctx) $ input
+        writeSTRef (cOutput ctx) $ input
+        writeSTRef (cNode ctx) $ node
+        transfer ctx label
+        newOutput <- readSTRef $ cOutput ctx
+        result <-
+            if is2plus outgoing
+            then
+                -- Version the state because we split and will probably merge later
+                versionState ctx newOutput
+            else return newOutput
+        writeSTRef states $ M.insert node (input, result) stateMap
+        case M.lookup node stateMap of
+            Nothing -> return outgoing
+            Just (oldInput, oldOutput) ->
+                if oldOutput == result
+                then return []
+                else return outgoing
+      where
+        (incomingL, _, label, outgoingL) = context graph $ node
+        incoming = map snd $ filter isRegular $ incomingL
+        outgoing = map snd outgoingL
+        isRegular = ((== CFEFlow) . fst)
+
+runRoot ctx entry exit = do
+    let env = createEnvironmentState
+    writeSTRef (cInput ctx) $ env
+    writeSTRef (cOutput ctx) $ env
+    writeSTRef (cNode ctx) $ entry
+    (states, frame) <- withNewStackFrame ctx entry $ \c -> dataflow c entry
+    deps <- readSTRef $ dependencies frame
+    registerFlowResult ctx entry states deps
+    -- Return the final state, used to invoke functions that were declared but not invoked
+    return $ snd $ fromMaybe (error $ pleaseReport "Missing exit state") $ M.lookup exit states
+    
+
+analyzeControlFlow :: CFGParameters -> Token -> CFGAnalysis
+analyzeControlFlow params t =
+    let
+        cfg = buildGraph params t
+        (entry, exit) = M.findWithDefault (error $ pleaseReport "Missing root") (getId t) (cfIdToNode cfg)
+    in
+        runST $ f cfg entry exit
+  where
+    f cfg entry exit = do
+        ctx <- newCtx $ cfGraph cfg
+        -- Do a dataflow analysis starting on the root node
+        exitState <- runRoot ctx entry exit
+
+        -- All nodes we've touched
+        invocations <- readSTRef $ cInvocations ctx
+        let invokedNodes = M.fromDistinctAscList $ map (\c -> (c, ())) $ S.toList $ M.keysSet $ groupByNode $ M.map snd invocations
+
+        -- Invoke all functions that were declared but not invoked
+        -- This is so that we still get warnings for dead code
+        -- (it's probably not actually dead, just used by a script that sources ours)
+        let declaredFunctions = getFunctionTargets exitState
+        let uninvoked = M.difference declaredFunctions invokedNodes
+        analyzeStragglers ctx exitState uninvoked
+
+        -- Now round up all the states from all data flows
+        -- (FIXME: this excludes functions that were defined in straggling functions)
+        invocations <- readSTRef $ cInvocations ctx
+        invokedStates <- flattenByNode ctx $ groupByNode $ M.map addDeps invocations
+
+        -- Fill in the map with unreachable states for anything we didn't get to
+        let baseStates = M.fromDistinctAscList $ map (\c -> (c, (unreachableState, unreachableState))) $ uncurry enumFromTo $ nodeRange $ cfGraph cfg
+        let allStates = M.unionWith (flip const) baseStates invokedStates
+
+        -- Convert to external states
+        let nodeToData = M.map (\(a,b) -> (internalToExternal a, internalToExternal b)) allStates
+
+        return $ nodeToData `deepseq` CFGAnalysis {
+            graph = cfGraph cfg,
+            tokenToNode = cfIdToNode cfg,
+            nodeToData = nodeToData
+        }
+
+
+    -- Include the dependencies in the state of each function, e.g. if it depends on `x=foo` then add that.
+    addDeps :: (S.Set StateDependency, M.Map Node (InternalState, InternalState)) -> M.Map Node (InternalState, InternalState)
+    addDeps (deps, m) = let base = depsToState deps in M.map (\(a,b) -> (base `patchState` a, base `patchState` b)) m
+
+    -- Collect all the states that each node has resulted in.
+    groupByNode :: forall k v. M.Map k (M.Map Node v) -> M.Map Node [v]
+    groupByNode pathMap = M.fromListWith (++) $ map (\(k,v) -> (k,[v])) $ concatMap M.toList $ M.elems pathMap
+
+    -- Merge all the pre/post states for each node. This would have been a foldM if Map had one.
+    flattenByNode ctx m = M.fromDistinctAscList <$> (mapM (mergePair ctx) $ M.toList m)
+
+    mergeAllStates ctx pairs =
+        let
+            (pres, posts) = unzip pairs
+        in do
+            pre <- mergeStates ctx (error $ pleaseReport "Null node states") pres
+            post <- mergeStates ctx (error $ pleaseReport "Null node states") posts
+            return (pre, post)
+
+    mergePair ctx (node, list) = do
+        merged <- mergeAllStates ctx list
+        return (node, merged)
+
+    -- Get the all the functions defined in an InternalState
+    getFunctionTargets :: InternalState -> M.Map Node FunctionDefinition
+    getFunctionTargets state =
+        let
+            declaredFuncs = S.unions $ mapStorage $ sFunctionTargets state
+            getFunc d =
+                case d of
+                    FunctionDefinition _ entry _ -> Just (entry, d)
+                    _ -> Nothing
+            funcs = mapMaybe getFunc $ S.toList declaredFuncs
+        in
+            M.fromList funcs
+
+
+analyzeStragglers ctx state stragglers = do
+    mapM_ f $ M.elems stragglers
+  where
+    f def@(FunctionDefinition name entry exit) = do
+        writeSTRef (cInput ctx) state
+        writeSTRef (cOutput ctx) state
+        writeSTRef (cNode ctx) entry
+        transferFunctionValue ctx def
+
+
+return []
+runTests = $quickCheckAll
diff --git a/src/ShellCheck/Checks/Commands.hs b/src/ShellCheck/Checks/Commands.hs
index e65dc68..cac06bc 100644
--- a/src/ShellCheck/Checks/Commands.hs
+++ b/src/ShellCheck/Checks/Commands.hs
@@ -30,6 +30,7 @@ import ShellCheck.AnalyzerLib
 import ShellCheck.Data
 import ShellCheck.Interface
 import ShellCheck.Parser
+import ShellCheck.Prelude
 import ShellCheck.Regex
 
 import Control.Monad
diff --git a/src/ShellCheck/Checks/ControlFlow.hs b/src/ShellCheck/Checks/ControlFlow.hs
new file mode 100644
index 0000000..9b7635e
--- /dev/null
+++ b/src/ShellCheck/Checks/ControlFlow.hs
@@ -0,0 +1,101 @@
+{-
+    Copyright 2022 Vidar Holen
+
+    This file is part of ShellCheck.
+    https://www.shellcheck.net
+
+    ShellCheck is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    ShellCheck is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <https://www.gnu.org/licenses/>.
+-}
+{-# LANGUAGE TemplateHaskell #-}
+
+-- Checks that run on the Control Flow Graph (as opposed to the AST)
+-- This is scaffolding for a work in progress.
+
+module ShellCheck.Checks.ControlFlow (checker, optionalChecks, ShellCheck.Checks.ControlFlow.runTests) where
+
+import ShellCheck.AST
+import ShellCheck.ASTLib
+import ShellCheck.CFG hiding (cfgAnalysis)
+import ShellCheck.CFGAnalysis
+import ShellCheck.AnalyzerLib
+import ShellCheck.Data
+import ShellCheck.Interface
+
+import Control.Monad
+import Control.Monad.Reader
+import Data.Graph.Inductive.Graph
+import qualified Data.Map as M
+import qualified Data.Set as S
+import Data.List
+import Data.Maybe
+
+import Test.QuickCheck.All (forAllProperties)
+import Test.QuickCheck.Test (quickCheckWithResult, stdArgs, maxSuccess)
+
+
+optionalChecks :: [CheckDescription]
+optionalChecks = []
+
+-- A check that runs on the entire graph
+type ControlFlowCheck = Analysis
+-- A check invoked once per node, with its (pre,post) data
+type ControlFlowNodeCheck = LNode CFNode -> (ProgramState, ProgramState) -> Analysis
+-- A check invoked once per effect, with its node's (pre,post) data
+type ControlFlowEffectCheck = IdTagged CFEffect -> Node -> (ProgramState, ProgramState) -> Analysis
+
+
+checker :: AnalysisSpec -> Parameters -> Checker
+checker spec params = Checker {
+    perScript = const $ sequence_ controlFlowChecks,
+    perToken = const $ return ()
+}
+
+controlFlowChecks :: [ControlFlowCheck]
+controlFlowChecks = [
+        runNodeChecks controlFlowNodeChecks
+    ]
+
+controlFlowNodeChecks :: [ControlFlowNodeCheck]
+controlFlowNodeChecks = [
+    runEffectChecks controlFlowEffectChecks
+    ]
+
+controlFlowEffectChecks :: [ControlFlowEffectCheck]
+controlFlowEffectChecks = [
+    ]
+
+runNodeChecks :: [ControlFlowNodeCheck] -> ControlFlowCheck
+runNodeChecks perNode = do
+    cfg <- asks cfgAnalysis
+    runOnAll cfg
+  where
+    getData datas n@(node, label) = do
+        (pre, post) <- M.lookup node datas
+        return (n, (pre, post))
+
+    runOn :: (LNode CFNode, (ProgramState, ProgramState)) -> Analysis
+    runOn (node, prepost) = mapM_ (\c -> c node prepost) perNode
+    runOnAll cfg = mapM_ runOn $ mapMaybe (getData $ nodeToData cfg) $ labNodes (graph cfg)
+
+runEffectChecks :: [ControlFlowEffectCheck] -> ControlFlowNodeCheck
+runEffectChecks list = checkNode
+  where
+    checkNode (node, label) prepost =
+        case label of
+            CFApplyEffects effects -> mapM_ (\effect -> mapM_ (\c -> c effect node prepost) list) effects
+            _ -> return ()
+
+
+return []
+runTests =  $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |])
diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index 22a6a5f..9ad17f5 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -25,6 +25,7 @@ import ShellCheck.AST
 import ShellCheck.ASTLib
 import ShellCheck.AnalyzerLib
 import ShellCheck.Interface
+import ShellCheck.Prelude
 import ShellCheck.Regex
 
 import Control.Monad
diff --git a/src/ShellCheck/Data.hs b/src/ShellCheck/Data.hs
index e22b424..fb82ca8 100644
--- a/src/ShellCheck/Data.hs
+++ b/src/ShellCheck/Data.hs
@@ -2,9 +2,27 @@ module ShellCheck.Data where
 
 import ShellCheck.Interface
 import Data.Version (showVersion)
-import Paths_ShellCheck (version)
 
-shellcheckVersion = showVersion version -- VERSIONSTRING
+
+{-
+If you are here because you saw an error about Paths_ShellCheck in this file,
+simply comment out the import below and define the version as a constant string.
+
+Instead of:
+
+    import Paths_ShellCheck (version)
+    shellcheckVersion = showVersion version
+
+Use:
+
+    -- import Paths_ShellCheck (version)
+    shellcheckVersion = "kludge"
+
+-}
+
+import Paths_ShellCheck (version)
+shellcheckVersion = showVersion version  -- VERSIONSTRING
+
 
 internalVariables = [
     -- Generic
@@ -43,9 +61,12 @@ internalVariables = [
     "flags_error", "flags_return"
   ]
 
-specialVariablesWithoutSpaces = [
-    "$", "-", "?", "!", "#"
+specialIntegerVariables = [
+    "$", "?", "!", "#"
   ]
+
+specialVariablesWithoutSpaces = "-" : specialIntegerVariables
+
 variablesWithoutSpaces = specialVariablesWithoutSpaces ++ [
     "BASHPID", "BASH_ARGC", "BASH_LINENO", "BASH_SUBSHELL", "EUID", "LINENO",
     "OPTIND", "PPID", "RANDOM", "SECONDS", "SHELLOPTS", "SHLVL", "UID",
diff --git a/src/ShellCheck/Debug.hs b/src/ShellCheck/Debug.hs
new file mode 100644
index 0000000..c991308
--- /dev/null
+++ b/src/ShellCheck/Debug.hs
@@ -0,0 +1,313 @@
+{-
+
+This file contains useful functions for debugging and developing ShellCheck.
+
+To invoke them interactively, run:
+
+    cabal repl
+
+At the ghci prompt, enter:
+
+    :load ShellCheck.Debug
+
+You can now invoke the functions. Here are some examples:
+
+    shellcheckString "echo $1"
+    stringToAst "(( x+1 ))"
+    stringToCfg "if foo; then bar; else baz; fi"
+    writeFile "/tmp/test.dot" $ stringToCfgViz "while foo; do bar; done"
+
+The latter file can be rendered to png with GraphViz:
+
+    dot -Tpng /tmp/test.dot > /tmp/test.png
+
+To run all unit tests in a module:
+
+    ShellCheck.Parser.runTests
+    ShellCheck.Analytics.runTests
+
+To run a specific test:
+
+    :load ShellCheck.Analytics
+    prop_checkUuoc3
+
+If you make code changes, reload in seconds at any time with:
+
+    :r
+
+===========================================================================
+
+Crash course in printf debugging in Haskell:
+
+    import Debug.Trace
+
+    greet 0 = return ()
+    -- Print when a function is invoked
+    greet n | trace ("calling greet " ++ show n) False = undefined
+    greet n = do
+        putStrLn "Enter name"
+        name <- getLine
+        -- Print at some point in any monadic function
+        traceM $ "user entered " ++ name
+        putStrLn $ "Hello " ++ name
+        -- Print a value before passing it on
+        greet $ traceShowId (n - 1)
+
+
+===========================================================================
+
+If you want to invoke `ghci` directly, such as on `shellcheck.hs`, to
+debug all of ShellCheck including I/O, you may see an error like this:
+
+    src/ShellCheck/Data.hs:5:1: error:
+        Could not load module ‘Paths_ShellCheck’
+    it is a hidden module in the package ‘ShellCheck-0.8.0’
+
+This can easily be circumvented by running `./setgitversion` or manually
+editing src/ShellCheck/Data.hs to replace the auto-deduced version number
+with a constant string as indicated.
+
+Afterwards, you can run the ShellCheck tool, as if from the shell, with:
+
+    $ ghci shellcheck.hs
+    ghci> runMain ["-x", "file.sh"]
+
+-}
+
+module ShellCheck.Debug () where
+
+import ShellCheck.Analyzer
+import ShellCheck.AST
+import ShellCheck.CFG
+import ShellCheck.Checker
+import ShellCheck.CFGAnalysis as CF
+import ShellCheck.Interface
+import ShellCheck.Parser
+import ShellCheck.Prelude
+
+import Control.Monad
+import Control.Monad.Identity
+import Control.Monad.RWS
+import Control.Monad.Writer
+import Data.Graph.Inductive.Graph as G
+import Data.List
+import Data.Maybe
+import qualified Data.Map as M
+import qualified Data.Set as S
+
+
+-- Run all of ShellCheck (minus output formatters)
+shellcheckString :: String -> CheckResult
+shellcheckString scriptString =
+    runIdentity $ checkScript dummySystemInterface checkSpec
+  where
+    checkSpec :: CheckSpec
+    checkSpec = emptyCheckSpec {
+        csScript = scriptString
+    }
+
+dummySystemInterface :: SystemInterface Identity
+dummySystemInterface = mockedSystemInterface [
+    -- A tiny, fake filesystem for sourced files
+    ("lib/mylib1.sh", "foo=$(cat $1 | wc -l)"),
+    ("lib/mylib2.sh", "bar=42")
+    ]
+
+-- Parameters used when generating Control Flow Graphs
+cfgParams :: CFGParameters
+cfgParams = CFGParameters {
+    cfLastpipe = False,
+    cfPipefail = False
+}
+
+-- An example script to play with
+exampleScript :: String
+exampleScript = unlines [
+    "#!/bin/sh",
+    "count=0",
+    "for file in *",
+    "do",
+    "  (( count++ ))",
+    "done",
+    "echo $count"
+    ]
+
+-- Parse the script string into ShellCheck's ParseResult
+parseScriptString :: String -> ParseResult
+parseScriptString scriptString =
+    runIdentity $ parseScript dummySystemInterface parseSpec
+  where
+    parseSpec :: ParseSpec
+    parseSpec = newParseSpec {
+        psFilename = "myscript",
+        psScript = scriptString
+    }
+
+
+-- Parse the script string into an Abstract Syntax Tree
+stringToAst :: String -> Token
+stringToAst scriptString =
+    case maybeRoot of
+        Just root -> root
+        Nothing -> error $ "Script failed to parse: " ++ show parserWarnings
+  where
+    parseResult :: ParseResult
+    parseResult = parseScriptString scriptString
+
+    maybeRoot :: Maybe Token
+    maybeRoot = prRoot parseResult
+
+    parserWarnings :: [PositionedComment]
+    parserWarnings = prComments parseResult
+
+
+astToCfgResult :: Token -> CFGResult
+astToCfgResult = buildGraph cfgParams
+
+astToDfa :: Token -> CFGAnalysis
+astToDfa = analyzeControlFlow cfgParams
+
+astToCfg :: Token -> CFGraph
+astToCfg = cfGraph . astToCfgResult
+
+stringToCfg :: String -> CFGraph
+stringToCfg = astToCfg . stringToAst
+
+stringToDfa :: String -> CFGAnalysis
+stringToDfa = astToDfa . stringToAst
+
+cfgToGraphViz :: CFGraph -> String
+cfgToGraphViz = cfgToGraphVizWith show
+
+stringToCfgViz :: String -> String
+stringToCfgViz = cfgToGraphViz . stringToCfg
+
+stringToDfaViz :: String -> String
+stringToDfaViz = dfaToGraphViz . stringToDfa
+
+-- Dump a Control Flow Graph as GraphViz with extended information
+stringToDetailedCfgViz :: String -> String
+stringToDetailedCfgViz scriptString = cfgToGraphVizWith nodeLabel graph
+  where
+    ast :: Token
+    ast = stringToAst scriptString
+
+    cfgResult :: CFGResult
+    cfgResult = astToCfgResult ast
+
+    graph :: CFGraph
+    graph = cfGraph cfgResult
+
+    idToToken :: M.Map Id Token
+    idToToken = M.fromList $ execWriter $ doAnalysis (\c -> tell [(getId c, c)]) ast
+
+    idToNode :: M.Map Id (Node, Node)
+    idToNode = cfIdToNode cfgResult
+
+    nodeToStartIds :: M.Map Node (S.Set Id)
+    nodeToStartIds =
+        M.fromListWith S.union $
+            map (\(id, (start, _)) -> (start, S.singleton id)) $
+                M.toList idToNode
+
+    nodeToEndIds :: M.Map Node (S.Set Id)
+    nodeToEndIds =
+        M.fromListWith S.union $
+            map (\(id, (_, end)) -> (end, S.singleton id)) $
+                M.toList idToNode
+
+    formatId :: Id -> String
+    formatId id = fromMaybe ("Unknown " ++ show id) $ do
+        (OuterToken _ token) <- M.lookup id idToToken
+        firstWord <- words (show token) !!! 0
+        -- Strip off "Inner_"
+        (_ : tokenName) <- return $ dropWhile (/= '_') firstWord
+        return $ tokenName ++ " " ++ show id
+
+    formatGroup :: S.Set Id -> String
+    formatGroup set = intercalate ", " $ map formatId $ S.toList set
+
+    nodeLabel (node, label) = unlines [
+        show node ++ ". " ++ show label,
+        "Begin: " ++ formatGroup (M.findWithDefault S.empty node nodeToStartIds),
+        "End: " ++ formatGroup (M.findWithDefault S.empty node nodeToEndIds)
+        ]
+
+
+-- Dump a Control Flow Graph with Data Flow Analysis as GraphViz
+dfaToGraphViz :: CF.CFGAnalysis -> String
+dfaToGraphViz analysis = cfgToGraphVizWith label $ CF.graph analysis
+  where
+    label (node, label) =
+        let
+            desc = show node ++ ". " ++ show label
+        in
+            fromMaybe ("No DFA available\n\n" ++ desc) $ do
+                (pre, post) <- M.lookup node $ CF.nodeToData analysis
+                return $ unlines [
+                    "Precondition: " ++ show pre,
+                    "",
+                    desc,
+                    "",
+                    "Postcondition: " ++ show post
+                    ]
+
+
+-- Dump an Control Flow Graph to GraphViz with a given node formatter
+cfgToGraphVizWith :: (LNode CFNode -> String) -> CFGraph -> String
+cfgToGraphVizWith nodeLabel graph = concat [
+    "digraph {\n",
+    concatMap dumpNode (labNodes graph),
+    concatMap dumpLink (labEdges graph),
+    tagVizEntries graph,
+    "}\n"
+    ]
+  where
+    dumpNode l@(node, label) = show node ++ " [label=" ++ quoteViz (nodeLabel l) ++ "]\n"
+    dumpLink (from, to, typ) = show from ++ " -> " ++ show to ++ " [style=" ++ quoteViz (edgeStyle typ)  ++ "]\n"
+    edgeStyle CFEFlow = "solid"
+    edgeStyle CFEExit = "bold"
+    edgeStyle CFEFalseFlow = "dotted"
+
+quoteViz str = "\"" ++ escapeViz str ++ "\""
+escapeViz [] = []
+escapeViz (c:rest) =
+    case c of
+        '\"' -> '\\' : '\"' : escapeViz rest
+        '\n' -> '\\' : 'l' : escapeViz rest
+        '\\' -> '\\' : '\\' : escapeViz rest
+        _ -> c : escapeViz rest
+
+
+-- Dump an Abstract Syntax Tree (or branch thereof) to GraphViz format
+astToGraphViz :: Token -> String
+astToGraphViz token = concat [
+    "digraph {\n",
+    formatTree token,
+    "}\n"
+    ]
+  where
+    formatTree :: Token -> String
+    formatTree t = snd $ execRWS (doStackAnalysis push pop t) () []
+
+    push :: Token -> RWS () String [Int] ()
+    push (OuterToken (Id n) inner) = do
+        stack <- get
+        put (n : stack)
+        case stack of
+            [] -> return ()
+            (top:_) -> tell $ show top ++ " -> " ++ show n ++ "\n"
+        tell $ show n ++ " [label=" ++ quoteViz (show n ++ ": " ++ take 32 (show inner)) ++ "]\n"
+
+    pop :: Token -> RWS () String [Int] ()
+    pop _ = modify tail
+
+
+-- For each entry point, set the rank so that they'll align in the graph
+tagVizEntries :: CFGraph -> String
+tagVizEntries graph = "{ rank=same " ++ rank ++ " }"
+  where
+    entries = mapMaybe find $ labNodes graph
+    find (node, CFEntryPoint name) = return (node, name)
+    find _ = Nothing
+    rank = unwords $ map (\(c, _) -> show c) entries
diff --git a/src/ShellCheck/Fixer.hs b/src/ShellCheck/Fixer.hs
index 1409b24..2376842 100644
--- a/src/ShellCheck/Fixer.hs
+++ b/src/ShellCheck/Fixer.hs
@@ -22,6 +22,7 @@
 module ShellCheck.Fixer (applyFix, removeTabStops, mapPositions, Ranged(..), runTests) where
 
 import ShellCheck.Interface
+import ShellCheck.Prelude
 import Control.Monad.State
 import Data.Array
 import Data.List
@@ -228,7 +229,7 @@ applyReplacement2 rep string = do
 
     let (l1, l2) = tmap posLine originalPos in
         when (l1 /= 1 || l2 /= 1) $
-            error "ShellCheck internal error, please report: bad cross-line fix"
+            error $ pleaseReport "bad cross-line fix"
 
     let replacer = repString rep
     let shift = (length replacer) - (oldEnd - oldStart)
diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 3958406..9f9241c 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -27,6 +27,7 @@ import ShellCheck.AST
 import ShellCheck.ASTLib hiding (runTests)
 import ShellCheck.Data
 import ShellCheck.Interface
+import ShellCheck.Prelude
 
 import Control.Applicative ((<*), (*>))
 import Control.Monad
@@ -210,7 +211,7 @@ getNextIdSpanningTokenList list =
 -- Get the span covered by an id
 getSpanForId :: Monad m => Id -> SCParser m (SourcePos, SourcePos)
 getSpanForId id =
-    Map.findWithDefault (error "Internal error: no position for id. Please report!") id <$>
+    Map.findWithDefault (error $ pleaseReport "no parser span for id") id <$>
         getMap
 
 -- Create a new id with the same span as an existing one
@@ -1918,7 +1919,7 @@ readPendingHereDocs = do
                         -- The end token is just a prefix
                         skipLine
                     | hasTrailer ->
-                        error "ShellCheck bug, please report (here doc trailer)."
+                        error $ pleaseReport "unexpected heredoc trailer"
 
                     -- The following cases assume no trailing text:
                     | dashed == Undashed && (not $ null leadingSpace) -> do
diff --git a/src/ShellCheck/Prelude.hs b/src/ShellCheck/Prelude.hs
new file mode 100644
index 0000000..7e9011b
--- /dev/null
+++ b/src/ShellCheck/Prelude.hs
@@ -0,0 +1,48 @@
+{-
+    Copyright 2022 Vidar Holen
+
+    This file is part of ShellCheck.
+    https://www.shellcheck.net
+
+    ShellCheck is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    ShellCheck is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <https://www.gnu.org/licenses/>.
+-}
+
+-- Generic basic utility functions
+module ShellCheck.Prelude where
+
+-- Get element 0 or a default. Like `head` but safe.
+headOrDefault _ (a:_) = a
+headOrDefault def _   = def
+
+-- Get the last element or a default. Like `last` but safe.
+lastOrDefault def [] = def
+lastOrDefault _ list = last list
+
+--- Get element n of a list, or Nothing. Like `!!` but safe.
+(!!!) list i =
+    case drop i list of
+        []    -> Nothing
+        (r:_) -> Just r
+
+
+-- Like mconcat but for Semigroups
+sconcat1 :: (Semigroup t) => [t] -> t
+sconcat1 [x] = x
+sconcat1 (x:xs) = x <> sconcat1 xs
+
+sconcatOrDefault def [] = def
+sconcatOrDefault _ list = sconcat1 list
+
+-- For more actionable "impossible" errors
+pleaseReport str = "ShellCheck internal error, please report: " ++ str
diff --git a/test/shellcheck.hs b/test/shellcheck.hs
index e463403..1a272af 100644
--- a/test/shellcheck.hs
+++ b/test/shellcheck.hs
@@ -5,8 +5,11 @@ import System.Exit
 import qualified ShellCheck.Analytics
 import qualified ShellCheck.AnalyzerLib
 import qualified ShellCheck.ASTLib
+import qualified ShellCheck.CFG
+import qualified ShellCheck.CFGAnalysis
 import qualified ShellCheck.Checker
 import qualified ShellCheck.Checks.Commands
+import qualified ShellCheck.Checks.ControlFlow
 import qualified ShellCheck.Checks.Custom
 import qualified ShellCheck.Checks.ShellSupport
 import qualified ShellCheck.Fixer
@@ -19,8 +22,11 @@ main = do
         ShellCheck.Analytics.runTests
         ,ShellCheck.AnalyzerLib.runTests
         ,ShellCheck.ASTLib.runTests
+        ,ShellCheck.CFG.runTests
+        ,ShellCheck.CFGAnalysis.runTests
         ,ShellCheck.Checker.runTests
         ,ShellCheck.Checks.Commands.runTests
+        ,ShellCheck.Checks.ControlFlow.runTests
         ,ShellCheck.Checks.Custom.runTests
         ,ShellCheck.Checks.ShellSupport.runTests
         ,ShellCheck.Fixer.runTests

From 642ad8612597b28af4026bde289985583fddb69d Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Tue, 19 Jul 2022 14:33:00 -0700
Subject: [PATCH 024/244] Add SC2317 warning about unreachable commands

---
 CHANGELOG.md                |  1 +
 src/ShellCheck/Analytics.hs | 32 ++++++++++++++++++++++++--------
 2 files changed, 25 insertions(+), 8 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4763ddd..6e1dba3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,7 @@
 ## Git
 ### Added
 - SC2316: Warn about 'local readonly foo' and similar (thanks, patrickxia!)
+- SC2317: Warn about unreachable commands
 
 ### Fixed
 
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index bf5d179..e6c0160 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -202,6 +202,7 @@ nodeChecks = [
     ,checkCommandWithTrailingSymbol
     ,checkUnquotedParameterExpansionPattern
     ,checkBatsTestDoesNotUseNegation
+    ,checkCommandIsUnreachable
     ]
 
 optionalChecks = map fst optionalTreeChecks
@@ -4129,13 +4130,6 @@ checkAliasUsedInSameParsingUnit params root =
     checkUnit :: [Token] -> Writer [TokenComment] ()
     checkUnit unit = evalStateT (mapM_ (doAnalysis findCommands) unit) (Map.empty)
 
-    isSourced t =
-        let
-            f (T_SourceCommand {}) = True
-            f _ = False
-        in
-            any f $ getPath (parentMap params) t
-
     findCommands :: Token -> StateT (Map.Map String Token) (Writer [TokenComment]) ()
     findCommands t = case t of
             T_SimpleCommand _ _ (cmd:args) ->
@@ -4146,7 +4140,7 @@ checkAliasUsedInSameParsingUnit params root =
                         cmd <- gets (Map.lookup name)
                         case cmd of
                             Just alias ->
-                                unless (isSourced t || shouldIgnoreCode params 2262 alias) $ do
+                                unless (isSourced params t || shouldIgnoreCode params 2262 alias) $ do
                                     warn (getId alias) 2262 "This alias can't be defined and used in the same parsing unit. Use a function instead."
                                     info (getId t) 2263 "Since they're in the same parsing unit, this command will not refer to the previously mentioned alias."
                             _ -> return ()
@@ -4157,6 +4151,14 @@ checkAliasUsedInSameParsingUnit params root =
         when (isVariableName name && not (null value)) $
             modify (Map.insertWith (\new old -> old) name arg)
 
+isSourced params t =
+    let
+        f (T_SourceCommand {}) = True
+        f _ = False
+    in
+        any f $ getPath (parentMap params) t
+
+
 -- Like groupBy, but compares pairs of adjacent elements, rather than against the first of the span
 prop_groupByLink1 = groupByLink (\a b -> a+1 == b) [1,2,3,2,3,7,8,9] == [[1,2,3], [2,3], [7,8,9]]
 prop_groupByLink2 = groupByLink (==) ([] :: [()]) == []
@@ -4910,5 +4912,19 @@ checkBatsTestDoesNotUseNegation params t =
             x:rest -> isLastOf t rest
             [] -> False
 
+
+prop_checkCommandIsUnreachable1 = verify checkCommandIsUnreachable "foo; bar; exit; baz"
+prop_checkCommandIsUnreachable2 = verify checkCommandIsUnreachable "die() { exit; }; foo; bar; die; baz"
+prop_checkCommandIsUnreachable3 = verifyNot checkCommandIsUnreachable "foo; bar || exit; baz"
+checkCommandIsUnreachable params t =
+    case t of
+        T_Pipeline {} -> sequence_ $ do
+            state <- CF.getIncomingState (cfgAnalysis params) id
+            guard . not $ CF.stateIsReachable state
+            guard . not $ isSourced params t
+            return $ info id 2317 "Command appears to be unreachable. Check usage (or ignore if invoked indirectly)."
+        _ -> return ()
+  where id = getId t
+
 return []
 runTests =  $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |])

From da4885a71d08c76c6ff5d01012d135d54fa68f4e Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Tue, 19 Jul 2022 14:33:00 -0700
Subject: [PATCH 025/244] Use DFA for SC2086

---
 CHANGELOG.md                |   1 +
 src/ShellCheck/Analytics.hs | 272 ++++++++++++++----------------------
 2 files changed, 104 insertions(+), 169 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6e1dba3..66d5369 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,7 @@
 - SC2317: Warn about unreachable commands
 
 ### Fixed
+- SC2086: Now uses DFA to make more accurate predictions about values
 
 ### Changed
 - ShellCheck now has a Data Flow Analysis engine to make smarter decisions
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index e6c0160..0062879 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -54,7 +54,6 @@ treeChecks :: [Parameters -> Token -> [TokenComment]]
 treeChecks = [
     nodeChecksToTreeCheck nodeChecks
     ,subshellAssignmentCheck
-    ,checkSpacefulness
     ,checkQuotesInLiterals
     ,checkShebangParameters
     ,checkFunctionsUsedExternally
@@ -203,6 +202,7 @@ nodeChecks = [
     ,checkUnquotedParameterExpansionPattern
     ,checkBatsTestDoesNotUseNegation
     ,checkCommandIsUnreachable
+    ,checkSpacefulnessCfg
     ]
 
 optionalChecks = map fst optionalTreeChecks
@@ -221,7 +221,7 @@ optionalTreeChecks = [
         cdDescription = "Suggest quoting variables without metacharacters",
         cdPositive = "var=hello; echo $var",
         cdNegative = "var=hello; echo \"$var\""
-    }, checkVerboseSpacefulness)
+    }, nodeChecksToTreeCheck [checkVerboseSpacefulnessCfg])
 
     ,(newCheckDescription {
         cdName = "avoid-nullary-conditions",
@@ -2009,109 +2009,6 @@ doVariableFlowAnalysis readFunc writeFunc empty flow = evalState (
         writeFunc base token name values
     doFlow _ = return []
 
----- Check whether variables could have spaces/globs
-prop_checkSpacefulness1 = verifyTree checkSpacefulness "a='cow moo'; echo $a"
-prop_checkSpacefulness2 = verifyNotTree checkSpacefulness "a='cow moo'; [[ $a ]]"
-prop_checkSpacefulness3 = verifyNotTree checkSpacefulness "a='cow*.mp3'; echo \"$a\""
-prop_checkSpacefulness4 = verifyTree checkSpacefulness "for f in *.mp3; do echo $f; done"
-prop_checkSpacefulness4a= verifyNotTree checkSpacefulness "foo=3; foo=$(echo $foo)"
-prop_checkSpacefulness5 = verifyTree checkSpacefulness "a='*'; b=$a; c=lol${b//foo/bar}; echo $c"
-prop_checkSpacefulness6 = verifyTree checkSpacefulness "a=foo$(lol); echo $a"
-prop_checkSpacefulness7 = verifyTree checkSpacefulness "a=foo\\ bar; rm $a"
-prop_checkSpacefulness8 = verifyNotTree checkSpacefulness "a=foo\\ bar; a=foo; rm $a"
-prop_checkSpacefulness10= verifyTree checkSpacefulness "rm $1"
-prop_checkSpacefulness11= verifyTree checkSpacefulness "rm ${10//foo/bar}"
-prop_checkSpacefulness12= verifyNotTree checkSpacefulness "(( $1 + 3 ))"
-prop_checkSpacefulness13= verifyNotTree checkSpacefulness "if [[ $2 -gt 14 ]]; then true; fi"
-prop_checkSpacefulness14= verifyNotTree checkSpacefulness "foo=$3 env"
-prop_checkSpacefulness15= verifyNotTree checkSpacefulness "local foo=$1"
-prop_checkSpacefulness16= verifyNotTree checkSpacefulness "declare foo=$1"
-prop_checkSpacefulness17= verifyTree checkSpacefulness "echo foo=$1"
-prop_checkSpacefulness18= verifyNotTree checkSpacefulness "$1 --flags"
-prop_checkSpacefulness19= verifyTree checkSpacefulness "echo $PWD"
-prop_checkSpacefulness20= verifyNotTree checkSpacefulness "n+='foo bar'"
-prop_checkSpacefulness21= verifyNotTree checkSpacefulness "select foo in $bar; do true; done"
-prop_checkSpacefulness22= verifyNotTree checkSpacefulness "echo $\"$1\""
-prop_checkSpacefulness23= verifyNotTree checkSpacefulness "a=(1); echo ${a[@]}"
-prop_checkSpacefulness24= verifyTree checkSpacefulness "a='a    b'; cat <<< $a"
-prop_checkSpacefulness25= verifyTree checkSpacefulness "a='s/[0-9]//g'; sed $a"
-prop_checkSpacefulness26= verifyTree checkSpacefulness "a='foo bar'; echo {1,2,$a}"
-prop_checkSpacefulness27= verifyNotTree checkSpacefulness "echo ${a:+'foo'}"
-prop_checkSpacefulness28= verifyNotTree checkSpacefulness "exec {n}>&1; echo $n"
-prop_checkSpacefulness29= verifyNotTree checkSpacefulness "n=$(stuff); exec {n}>&-;"
-prop_checkSpacefulness30= verifyTree checkSpacefulness "file='foo bar'; echo foo > $file;"
-prop_checkSpacefulness31= verifyNotTree checkSpacefulness "echo \"`echo \\\"$1\\\"`\""
-prop_checkSpacefulness32= verifyNotTree checkSpacefulness "var=$1; [ -v var ]"
-prop_checkSpacefulness33= verifyTree checkSpacefulness "for file; do echo $file; done"
-prop_checkSpacefulness34= verifyTree checkSpacefulness "declare foo$n=$1"
-prop_checkSpacefulness35= verifyNotTree checkSpacefulness "echo ${1+\"$1\"}"
-prop_checkSpacefulness36= verifyNotTree checkSpacefulness "arg=$#; echo $arg"
-prop_checkSpacefulness37= verifyNotTree checkSpacefulness "@test 'status' {\n [ $status -eq 0 ]\n}"
-prop_checkSpacefulness37v = verifyTree checkVerboseSpacefulness "@test 'status' {\n [ $status -eq 0 ]\n}"
-prop_checkSpacefulness38= verifyTree checkSpacefulness "a=; echo $a"
-prop_checkSpacefulness39= verifyNotTree checkSpacefulness "a=''\"\"''; b=x$a; echo $b"
-prop_checkSpacefulness40= verifyNotTree checkSpacefulness "a=$((x+1)); echo $a"
-prop_checkSpacefulness41= verifyNotTree checkSpacefulness "exec $1 --flags"
-prop_checkSpacefulness42= verifyNotTree checkSpacefulness "run $1 --flags"
-prop_checkSpacefulness43= verifyNotTree checkSpacefulness "$foo=42"
-prop_checkSpacefulness44= verifyTree checkSpacefulness "#!/bin/sh\nexport var=$value"
-prop_checkSpacefulness45= verifyNotTree checkSpacefulness "wait -zzx -p foo; echo $foo"
-prop_checkSpacefulness46= verifyNotTree checkSpacefulness "x=0; (( x += 1 )); echo $x"
-prop_checkSpacefulness47= verifyNotTree checkSpacefulness "x=0; (( x-- )); echo $x"
-prop_checkSpacefulness48= verifyNotTree checkSpacefulness "x=0; (( ++x )); echo $x"
-
-data SpaceStatus = SpaceSome | SpaceNone | SpaceEmpty deriving (Eq)
-instance Semigroup SpaceStatus where
-    SpaceNone <> SpaceNone = SpaceNone
-    SpaceSome <> _ = SpaceSome
-    _ <> SpaceSome = SpaceSome
-    SpaceEmpty <> x = x
-    x <> SpaceEmpty = x
-instance Monoid SpaceStatus where
-    mempty = SpaceEmpty
-    mappend = (<>)
-
--- This is slightly awkward because we want to support structured
--- optional checks based on nearly the same logic
-checkSpacefulness params = checkSpacefulness' onFind params
-  where
-    emit x = tell [x]
-    onFind spaces token _ =
-        when (spaces /= SpaceNone) $
-            if isDefaultAssignment (parentMap params) token
-            then
-                emit $ makeComment InfoC (getId token) 2223
-                         "This default assignment may cause DoS due to globbing. Quote it."
-            else
-                unless (quotesMayConflictWithSC2281 params token) $
-                    emit $ makeCommentWithFix InfoC (getId token) 2086
-                             "Double quote to prevent globbing and word splitting."
-                                (addDoubleQuotesAround params token)
-
-    isDefaultAssignment parents token =
-        let modifier = getBracedModifier $ bracedString token in
-            any (`isPrefixOf` modifier) ["=", ":="]
-            && isParamTo parents ":" token
-
-    -- Given a T_DollarBraced, return a simplified version of the string contents.
-    bracedString (T_DollarBraced _ _ l) = concat $ oversimplify l
-    bracedString _ = error "Internal shellcheck error, please report! (bracedString on non-variable)"
-
-prop_checkSpacefulness4v= verifyTree checkVerboseSpacefulness "foo=3; foo=$(echo $foo)"
-prop_checkSpacefulness8v= verifyTree checkVerboseSpacefulness "a=foo\\ bar; a=foo; rm $a"
-prop_checkSpacefulness28v = verifyTree checkVerboseSpacefulness "exec {n}>&1; echo $n"
-prop_checkSpacefulness36v = verifyTree checkVerboseSpacefulness "arg=$#; echo $arg"
-prop_checkSpacefulness44v = verifyNotTree checkVerboseSpacefulness "foo=3; $foo=4"
-checkVerboseSpacefulness params = checkSpacefulness' onFind params
-  where
-    onFind spaces token name =
-        when (spaces == SpaceNone
-                && name `notElem` specialVariablesWithoutSpaces
-                && not (quotesMayConflictWithSC2281 params token)) $
-            tell [makeCommentWithFix StyleC (getId token) 2248
-                    "Prefer double quoting even when variables don't contain special characters."
-                    (addDoubleQuotesAround params token)]
-
 -- Don't suggest quotes if this will instead be autocorrected
 -- from $foo=bar to foo=bar. This is not pretty but ok.
 quotesMayConflictWithSC2281 params t =
@@ -2121,74 +2018,111 @@ quotesMayConflictWithSC2281 params t =
         _ -> False
 
 addDoubleQuotesAround params token = (surroundWith (getId token) params "\"")
-checkSpacefulness'
-    :: (SpaceStatus -> Token -> String -> Writer [TokenComment] ()) ->
-            Parameters -> Token -> [TokenComment]
-checkSpacefulness' onFind params t =
-    doVariableFlowAnalysis readF writeF (Map.fromList defaults) (variableFlow params)
+
+prop_checkSpacefulnessCfg1 = verify checkSpacefulnessCfg "a='cow moo'; echo $a"
+prop_checkSpacefulnessCfg2 = verifyNot checkSpacefulnessCfg "a='cow moo'; [[ $a ]]"
+prop_checkSpacefulnessCfg3 = verifyNot checkSpacefulnessCfg "a='cow*.mp3'; echo \"$a\""
+prop_checkSpacefulnessCfg4 = verify checkSpacefulnessCfg "for f in *.mp3; do echo $f; done"
+prop_checkSpacefulnessCfg4a= verifyNot checkSpacefulnessCfg "foo=3; foo=$(echo $foo)"
+prop_checkSpacefulnessCfg5 = verify checkSpacefulnessCfg "a='*'; b=$a; c=lol${b//foo/bar}; echo $c"
+prop_checkSpacefulnessCfg6 = verify checkSpacefulnessCfg "a=foo$(lol); echo $a"
+prop_checkSpacefulnessCfg7 = verify checkSpacefulnessCfg "a=foo\\ bar; rm $a"
+prop_checkSpacefulnessCfg8 = verifyNot checkSpacefulnessCfg "a=foo\\ bar; a=foo; rm $a"
+prop_checkSpacefulnessCfg10= verify checkSpacefulnessCfg "rm $1"
+prop_checkSpacefulnessCfg11= verify checkSpacefulnessCfg "rm ${10//foo/bar}"
+prop_checkSpacefulnessCfg12= verifyNot checkSpacefulnessCfg "(( $1 + 3 ))"
+prop_checkSpacefulnessCfg13= verifyNot checkSpacefulnessCfg "if [[ $2 -gt 14 ]]; then true; fi"
+prop_checkSpacefulnessCfg14= verifyNot checkSpacefulnessCfg "foo=$3 env"
+prop_checkSpacefulnessCfg15= verifyNot checkSpacefulnessCfg "local foo=$1"
+prop_checkSpacefulnessCfg16= verifyNot checkSpacefulnessCfg "declare foo=$1"
+prop_checkSpacefulnessCfg17= verify checkSpacefulnessCfg "echo foo=$1"
+prop_checkSpacefulnessCfg18= verifyNot checkSpacefulnessCfg "$1 --flags"
+prop_checkSpacefulnessCfg19= verify checkSpacefulnessCfg "echo $PWD"
+prop_checkSpacefulnessCfg20= verifyNot checkSpacefulnessCfg "n+='foo bar'"
+prop_checkSpacefulnessCfg21= verifyNot checkSpacefulnessCfg "select foo in $bar; do true; done"
+prop_checkSpacefulnessCfg22= verifyNot checkSpacefulnessCfg "echo $\"$1\""
+prop_checkSpacefulnessCfg23= verifyNot checkSpacefulnessCfg "a=(1); echo ${a[@]}"
+prop_checkSpacefulnessCfg24= verify checkSpacefulnessCfg "a='a    b'; cat <<< $a"
+prop_checkSpacefulnessCfg25= verify checkSpacefulnessCfg "a='s/[0-9]//g'; sed $a"
+prop_checkSpacefulnessCfg26= verify checkSpacefulnessCfg "a='foo bar'; echo {1,2,$a}"
+prop_checkSpacefulnessCfg27= verifyNot checkSpacefulnessCfg "echo ${a:+'foo'}"
+prop_checkSpacefulnessCfg28= verifyNot checkSpacefulnessCfg "exec {n}>&1; echo $n"
+prop_checkSpacefulnessCfg29= verifyNot checkSpacefulnessCfg "n=$(stuff); exec {n}>&-;"
+prop_checkSpacefulnessCfg30= verify checkSpacefulnessCfg "file='foo bar'; echo foo > $file;"
+prop_checkSpacefulnessCfg31= verifyNot checkSpacefulnessCfg "echo \"`echo \\\"$1\\\"`\""
+prop_checkSpacefulnessCfg32= verifyNot checkSpacefulnessCfg "var=$1; [ -v var ]"
+prop_checkSpacefulnessCfg33= verify checkSpacefulnessCfg "for file; do echo $file; done"
+prop_checkSpacefulnessCfg34= verify checkSpacefulnessCfg "declare foo$n=$1"
+prop_checkSpacefulnessCfg35= verifyNot checkSpacefulnessCfg "echo ${1+\"$1\"}"
+prop_checkSpacefulnessCfg36= verifyNot checkSpacefulnessCfg "arg=$#; echo $arg"
+prop_checkSpacefulnessCfg37= verifyNot checkSpacefulnessCfg "@test 'status' {\n [ $status -eq 0 ]\n}"
+prop_checkSpacefulnessCfg37v = verify checkVerboseSpacefulnessCfg "@test 'status' {\n [ $status -eq 0 ]\n}"
+prop_checkSpacefulnessCfg38= verify checkSpacefulnessCfg "a=; echo $a"
+prop_checkSpacefulnessCfg39= verifyNot checkSpacefulnessCfg "a=''\"\"''; b=x$a; echo $b"
+prop_checkSpacefulnessCfg40= verifyNot checkSpacefulnessCfg "a=$((x+1)); echo $a"
+prop_checkSpacefulnessCfg41= verifyNot checkSpacefulnessCfg "exec $1 --flags"
+prop_checkSpacefulnessCfg42= verifyNot checkSpacefulnessCfg "run $1 --flags"
+prop_checkSpacefulnessCfg43= verifyNot checkSpacefulnessCfg "$foo=42"
+prop_checkSpacefulnessCfg44= verify checkSpacefulnessCfg "#!/bin/sh\nexport var=$value"
+prop_checkSpacefulnessCfg45= verifyNot checkSpacefulnessCfg "wait -zzx -p foo; echo $foo"
+prop_checkSpacefulnessCfg46= verifyNot checkSpacefulnessCfg "x=0; (( x += 1 )); echo $x"
+prop_checkSpacefulnessCfg47= verifyNot checkSpacefulnessCfg "x=0; (( x-- )); echo $x"
+prop_checkSpacefulnessCfg48= verifyNot checkSpacefulnessCfg "x=0; (( ++x )); echo $x"
+prop_checkSpacefulnessCfg49= verifyNot checkSpacefulnessCfg "for i in 1 2 3; do echo $i; done"
+prop_checkSpacefulnessCfg50= verify checkSpacefulnessCfg "for i in 1 2 *; do echo $i; done"
+prop_checkSpacefulnessCfg51= verify checkSpacefulnessCfg "x='foo bar'; x && x=1; echo $x"
+prop_checkSpacefulnessCfg52= verifyNot checkSpacefulnessCfg "x=1; if f; then x='foo bar'; exit; fi; echo $x"
+prop_checkSpacefulnessCfg53= verifyNot checkSpacefulnessCfg "s=1; f() { local s='a b'; }; f; echo $s"
+prop_checkSpacefulnessCfg54= verifyNot checkSpacefulnessCfg "s='a b'; f() { s=1; }; f; echo $s"
+prop_checkSpacefulnessCfg55= verify checkSpacefulnessCfg "s='a b'; x && f() { s=1; }; f; echo $s"
+prop_checkSpacefulnessCfg56= verifyNot checkSpacefulnessCfg "s=1; cat <(s='a b'); echo $s"
+
+checkSpacefulnessCfg = checkSpacefulnessCfg' True
+checkVerboseSpacefulnessCfg = checkSpacefulnessCfg' False
+
+checkSpacefulnessCfg' :: Bool -> (Parameters -> Token -> Writer [TokenComment] ())
+checkSpacefulnessCfg' dirtyPass params token@(T_DollarBraced id _ list) =
+    when (needsQuoting && (dirtyPass == not isClean)) $
+        unless (name `elem` specialVariablesWithoutSpaces || quotesMayConflictWithSC2281 params token) $
+            if dirtyPass
+            then
+                if isDefaultAssignment (parentMap params) token
+                then
+                    info (getId token) 2223
+                             "This default assignment may cause DoS due to globbing. Quote it."
+                else
+                    infoWithFix id 2086 "Double quote to prevent globbing and word splitting." $
+                        addDoubleQuotesAround params token
+            else
+                styleWithFix id 2248 "Prefer double quoting even when variables don't contain special characters." $
+                    addDoubleQuotesAround params token
+
   where
-    defaults = zip variablesWithoutSpaces (repeat SpaceNone)
-
-    hasSpaces name = gets (Map.findWithDefault SpaceSome name)
-
-    setSpaces name status =
-        modify $ Map.insert name status
-
-    readF _ token name = do
-        spaces <- hasSpaces name
-        let needsQuoting =
-                  isExpansion token
-                  && not (isArrayExpansion token) -- There's another warning for this
-                  && not (isCountingReference token)
-                  && not (isQuoteFree (shellType params) parents token)
-                  && not (isQuotedAlternativeReference token)
-                  && not (usedAsCommandName parents token)
-
-        return . execWriter $ when needsQuoting $ onFind spaces token name
-
-      where
-        emit x = tell [x]
-
-    writeF _ _ name (DataString SourceExternal) = setSpaces name SpaceSome >> return []
-    writeF _ _ name (DataString SourceInteger) = setSpaces name SpaceNone >> return []
-
-    writeF _ _ name (DataString (SourceFrom vals)) = do
-        map <- get
-        setSpaces name
-            (isSpacefulWord (\x -> Map.findWithDefault SpaceSome x map) vals)
-        return []
-
-    writeF _ _ _ _ = return []
-
+    name = getBracedReference $ concat $ oversimplify list
     parents = parentMap params
+    needsQuoting =
+              not (isArrayExpansion token) -- There's another warning for this
+              && not (isCountingReference token)
+              && not (isQuoteFree (shellType params) parents token)
+              && not (isQuotedAlternativeReference token)
+              && not (usedAsCommandName parents token)
 
-    isExpansion t =
-        case t of
-            (T_DollarBraced _ _ _ ) -> True
-            _ -> False
+    isClean = fromMaybe False $ do
+        state <- CF.getIncomingState (cfgAnalysis params) id
+        value <- Map.lookup name $ CF.variablesInScope state
+        return $ CF.spaceStatus value == CF.SpaceStatusClean
+
+    isDefaultAssignment parents token =
+        let modifier = getBracedModifier $ bracedString token in
+            any (`isPrefixOf` modifier) ["=", ":="]
+            && isParamTo parents ":" token
+
+    -- Given a T_DollarBraced, return a simplified version of the string contents.
+    bracedString (T_DollarBraced _ _ l) = concat $ oversimplify l
+    bracedString _ = error $ pleaseReport "bracedString on non-variable"
+
+checkSpacefulnessCfg' _ _ _ = return ()
 
-    isSpacefulWord :: (String -> SpaceStatus) -> [Token] -> SpaceStatus
-    isSpacefulWord f = mconcat . map (isSpaceful f)
-    isSpaceful :: (String -> SpaceStatus) -> Token -> SpaceStatus
-    isSpaceful spacefulF x =
-        case x of
-          T_DollarExpansion _ _ -> SpaceSome
-          T_Backticked _ _ -> SpaceSome
-          T_Glob _ _         -> SpaceSome
-          T_Extglob {}       -> SpaceSome
-          T_DollarArithmetic _ _ -> SpaceNone
-          T_Literal _ s      -> fromLiteral s
-          T_SingleQuoted _ s -> fromLiteral s
-          T_DollarBraced _ _ l -> spacefulF $ getBracedReference $ concat $ oversimplify l
-          T_NormalWord _ w   -> isSpacefulWord spacefulF w
-          T_DoubleQuoted _ w -> isSpacefulWord spacefulF w
-          _ -> SpaceEmpty
-      where
-        globspace = "*?[] \t\n"
-        containsAny s = any (`elem` s)
-        fromLiteral "" = SpaceEmpty
-        fromLiteral s | s `containsAny` globspace = SpaceSome
-        fromLiteral _ = SpaceNone
 
 prop_CheckVariableBraces1 = verify checkVariableBraces "a='123'; echo $a"
 prop_CheckVariableBraces2 = verifyNot checkVariableBraces "a='123'; echo ${a}"

From 8dc0fdb4cc3ae7cdea693b5dd2bead54fad7422e Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Wed, 20 Jul 2022 12:43:28 -0700
Subject: [PATCH 026/244] Precompile new fgl dependency on armv6hf

---
 build/linux.armv6hf/Dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/build/linux.armv6hf/Dockerfile b/build/linux.armv6hf/Dockerfile
index bd5795c..f933dda 100644
--- a/build/linux.armv6hf/Dockerfile
+++ b/build/linux.armv6hf/Dockerfile
@@ -52,6 +52,7 @@ RUN pirun apt-get install -y ghc cabal-install
 ENV CABALOPTS "--ghc-options;-split-sections -optc-Os -optc-Wl,--gc-sections;--gcc-options;-Os -Wl,--gc-sections -ffunction-sections -fdata-sections"
 RUN pirun cabal update
 RUN IFS=";" && pirun cabal install --dependencies-only $CABALOPTS ShellCheck
+RUN IFS=';' && pirun cabal install $CABALOPTS --lib fgl
 
 # Copy the build script
 WORKDIR /pi/scratch

From 3ee4419ef4f4cda211401b1e97898dda5eb2e684 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Thu, 21 Jul 2022 15:06:05 -0700
Subject: [PATCH 027/244] Suppress SC2086 for variables declared -i (ref #2541)

---
 CHANGELOG.md                  |   1 +
 src/ShellCheck/Analytics.hs   |  16 +-
 src/ShellCheck/CFG.hs         | 102 ++++++----
 src/ShellCheck/CFGAnalysis.hs | 365 ++++++++++++++++++++++++++--------
 4 files changed, 358 insertions(+), 126 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 66d5369..7da6077 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,7 @@
 
 ### Fixed
 - SC2086: Now uses DFA to make more accurate predictions about values
+- SC2086: No longer warns about values declared as integer with declare -i
 
 ### Changed
 - ShellCheck now has a Data Flow Analysis engine to make smarter decisions
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 0062879..ca918ba 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -24,6 +24,7 @@ module ShellCheck.Analytics (runAnalytics, optionalChecks, ShellCheck.Analytics.
 import ShellCheck.AST
 import ShellCheck.ASTLib
 import ShellCheck.AnalyzerLib hiding (producesComments)
+import ShellCheck.CFG
 import qualified ShellCheck.CFGAnalysis as CF
 import ShellCheck.Data
 import ShellCheck.Parser
@@ -46,6 +47,7 @@ import Data.Ord
 import Data.Semigroup
 import Debug.Trace -- STRIP
 import qualified Data.Map.Strict as Map
+import qualified Data.Set as S
 import Test.QuickCheck.All (forAllProperties)
 import Test.QuickCheck.Test (quickCheckWithResult, stdArgs, maxSuccess)
 
@@ -2076,6 +2078,14 @@ prop_checkSpacefulnessCfg53= verifyNot checkSpacefulnessCfg "s=1; f() { local s=
 prop_checkSpacefulnessCfg54= verifyNot checkSpacefulnessCfg "s='a b'; f() { s=1; }; f; echo $s"
 prop_checkSpacefulnessCfg55= verify checkSpacefulnessCfg "s='a b'; x && f() { s=1; }; f; echo $s"
 prop_checkSpacefulnessCfg56= verifyNot checkSpacefulnessCfg "s=1; cat <(s='a b'); echo $s"
+prop_checkSpacefulnessCfg57= verifyNot checkSpacefulnessCfg "declare -i s=0; s=$(f); echo $s"
+prop_checkSpacefulnessCfg58= verify checkSpacefulnessCfg "f() { declare -i s; }; f; s=$(var); echo $s"
+prop_checkSpacefulnessCfg59= verifyNot checkSpacefulnessCfg "f() { declare -gi s; }; f; s=$(var); echo $s"
+prop_checkSpacefulnessCfg60= verify checkSpacefulnessCfg "declare -i s; declare +i s; s=$(foo); echo $s"
+prop_checkSpacefulnessCfg61= verify checkSpacefulnessCfg "declare -x X; y=foo$X; echo $y;"
+prop_checkSpacefulnessCfg62= verifyNot checkSpacefulnessCfg "f() { declare -x X; y=foo$X; echo $y; }"
+prop_checkSpacefulnessCfg63= verify checkSpacefulnessCfg "f && declare -i s; s='x + y'; echo $s"
+prop_checkSpacefulnessCfg64= verifyNot checkSpacefulnessCfg "declare -i s; s='x + y'; x=$s; echo $x"
 
 checkSpacefulnessCfg = checkSpacefulnessCfg' True
 checkVerboseSpacefulnessCfg = checkSpacefulnessCfg' False
@@ -2110,7 +2120,11 @@ checkSpacefulnessCfg' dirtyPass params token@(T_DollarBraced id _ list) =
     isClean = fromMaybe False $ do
         state <- CF.getIncomingState (cfgAnalysis params) id
         value <- Map.lookup name $ CF.variablesInScope state
-        return $ CF.spaceStatus value == CF.SpaceStatusClean
+        return $ isCleanState value
+
+    isCleanState state =
+        (all (S.member CFVPInteger) $ CF.variableProperties state)
+        || CF.spaceStatus (CF.variableValue state) == CF.SpaceStatusClean
 
     isDefaultAssignment parents token =
         let modifier = getBracedModifier $ bracedString token in
diff --git a/src/ShellCheck/CFG.hs b/src/ShellCheck/CFG.hs
index 101a0d7..a4bd166 100644
--- a/src/ShellCheck/CFG.hs
+++ b/src/ShellCheck/CFG.hs
@@ -32,6 +32,7 @@ module ShellCheck.CFG (
     CFGraph,
     CFGParameters (..),
     IdTagged (..),
+    Scope (..),
     buildGraph
     , ShellCheck.CFG.runTests -- STRIP
     )
@@ -105,7 +106,8 @@ data CFEdge =
 
 -- Actions we track
 data CFEffect =
-    CFModifyProps String [CFVariableProp]
+    CFSetProps Scope String (S.Set CFVariableProp)
+    | CFUnsetProps Scope String (S.Set CFVariableProp)
     | CFReadVariable String
     | CFWriteVariable String CFValue
     | CFWriteGlobal String CFValue
@@ -143,7 +145,7 @@ data CFValue =
 data CFStringPart =
     -- A known literal string value, like 'foo'
     CFStringLiteral String
-    -- The contents of a variable, like $foo
+    -- The contents of a variable, like $foo (may not be a string)
     | CFStringVariable String
     -- An value that is unknown but an integer
     | CFStringInteger
@@ -152,7 +154,7 @@ data CFStringPart =
   deriving (Eq, Ord, Show, Generic, NFData)
 
 -- The properties of a variable
-data CFVariableProp = CFVPExport | CFVPArray
+data CFVariableProp = CFVPExport | CFVPArray | CFVPAssociative | CFVPInteger
   deriving (Eq, Ord, Show, Generic, NFData)
 
 -- Options when generating CFG
@@ -961,71 +963,92 @@ handleCommand cmd vars args literalCmd = do
 
     handleDeclare (cmd:args) = do
         isFunc <- asks cfIsFunction
-        let (evaluated, effects) = mconcat $ map (toEffects isFunc) args
+        -- This is a bit of a kludge: we don't have great support for things like
+        -- 'declare -i x=$x' so do one round with declare x=$x, followed by declare -i x
+        let (evaluated, assignments, added, removed) = mconcat $ map (toEffects isFunc) args
         before <- sequentially $ evaluated
-        effect <- newNodeRange $ CFApplyEffects effects
+        assignments <- newNodeRange $ CFApplyEffects assignments
+        addedProps <- if null added then newStructuralNode else newNodeRange $ CFApplyEffects added
+        removedProps <- if null removed then newStructuralNode else newNodeRange $ CFApplyEffects removed
         result <- newNodeRange $ CFSetExitCode (getId cmd)
-        linkRanges [before, effect, result]
+        linkRanges [before, assignments, addedProps, removedProps, result]
       where
         opts = map fst $ getGenericOpts args
-        array = "a" `elem` opts || "A" `elem` opts
+        array = "a" `elem` opts || associative
+        associative = "A" `elem` opts
         integer = "i" `elem` opts
         func = "f" `elem` opts || "F" `elem` opts
         global = "g" `elem` opts
+        export = "x" `elem` opts
         writer isFunc =
             case () of
                 _ | global -> CFWriteGlobal
                 _ | isFunc -> CFWriteLocal
                 _ -> CFWriteVariable
 
-        toEffects :: Bool -> Token -> ([Token], [IdTagged CFEffect])
+        scope isFunc =
+            case () of
+                _ | global -> GlobalScope
+                _ | isFunc -> LocalScope
+                _ -> DefaultScope
+
+        addedProps = S.fromList $ concat $ [
+            [ CFVPArray | array ],
+            [ CFVPInteger | integer ],
+            [ CFVPExport | export ],
+            [ CFVPAssociative | associative ]
+          ]
+
+        removedProps = S.fromList $ concat $ [
+            -- Array property can't be unset
+            [ CFVPInteger | 'i' `elem` unsetOptions ],
+            [ CFVPExport | 'e' `elem` unsetOptions ]
+          ]
+
         toEffects isFunc (T_Assignment id mode var idx t) =
             let
                 pre = idx ++ [t]
-                isArray = array || (not $ null idx)
-                asArray = [ IdTagged id $ (writer isFunc) var CFValueArray ]
-                asString = [ IdTagged id $ (writer isFunc) var $
-                    if integer
-                    then CFValueInteger -- TODO: Also handle integer variable property
-                    else CFValueComputed (getId t) $ [ CFStringVariable var | mode == Append ] ++ tokenToParts t
-                  ]
+                val = [ IdTagged id $ (writer isFunc) var $ CFValueComputed (getId t) $ [ CFStringVariable var | mode == Append ] ++ tokenToParts t ]
+                added = [ IdTagged id $ CFSetProps (scope isFunc) var addedProps | not $ S.null addedProps ]
+                removed = [ IdTagged id $ CFUnsetProps (scope isFunc) var addedProps | not $ S.null removedProps ]
             in
-                (pre, if isArray then asArray else asString )
+                (pre, val, added, removed)
 
         toEffects isFunc t =
             let
+                id = getId t
                 pre = [t]
                 literal = fromJust $ getLiteralStringExt (const $ Just "\0") t
                 isKnown = '\0' `notElem` literal
                 match = fmap head $ variableAssignRegex `matchRegex` literal
                 name = fromMaybe literal match
 
-                typer def =
-                    if array
-                    then CFValueArray
-                    else
-                        if integer
-                        then CFValueInteger
-                        else def
+                asLiteral =
+                    IdTagged id $ (writer isFunc) name $
+                        CFValueComputed (getId t) [ CFStringLiteral $ drop 1 $ dropWhile (/= '=') $ literal ]
+                asUnknown =
+                    IdTagged id $ (writer isFunc) name $
+                        CFValueString
+
+                added = [ IdTagged id $ CFSetProps (scope isFunc) name addedProps ]
+                removed = [ IdTagged id $ CFUnsetProps (scope isFunc) name removedProps ]
 
-                asLiteral = [
-                    IdTagged (getId t) $ (writer isFunc) name $
-                        typer $ CFValueComputed (getId t) [ CFStringLiteral $ drop 1 $ dropWhile (/= '=') $ literal ]
-                    ]
-                asUnknown = [
-                    IdTagged (getId t) $ (writer isFunc) name $
-                        typer $ CFValueString
-                    ]
-                asBlank = [
-                    IdTagged (getId t) $ (writer isFunc) name $
-                        typer $ CFValueComputed (getId t) []
-                    ]
             in
                 case () of
-                    _ | not (isVariableName name) -> (pre, [])
-                    _ | isJust match && isKnown -> (pre, asLiteral)
-                    _ | isJust match -> (pre, asUnknown)
-                    _ -> (pre, asBlank)
+                    _ | not (isVariableName name) -> (pre, [], [], [])
+                    _ | isJust match && isKnown -> (pre, [asLiteral], added, removed)
+                    _ | isJust match -> (pre, [asUnknown], added, removed)
+                    -- e.g. declare -i x
+                    _ -> (pre, [], added, removed)
+
+        -- find "ia" from `define +i +a`
+        unsetOptions :: String
+        unsetOptions =
+            let
+                strings = mapMaybe getLiteralString args
+                plusses = filter ("+" `isPrefixOf`) strings
+            in
+                concatMap (drop 1) plusses
 
     handlePrintf (cmd:args) =
         newNodeRange $ CFApplyEffects $ maybeToList findVar
@@ -1103,6 +1126,7 @@ handleCommand cmd vars args literalCmd = do
 none = newStructuralNode
 
 data Scope = DefaultScope | GlobalScope | LocalScope | PrefixScope
+  deriving (Eq, Ord, Show, Generic, NFData)
 
 buildAssignment scope t = do
     op <- case t of
diff --git a/src/ShellCheck/CFGAnalysis.hs b/src/ShellCheck/CFGAnalysis.hs
index 99ce450..0007a67 100644
--- a/src/ShellCheck/CFGAnalysis.hs
+++ b/src/ShellCheck/CFGAnalysis.hs
@@ -50,7 +50,9 @@ module ShellCheck.CFGAnalysis (
     ,CFGParameters (..)
     ,CFGAnalysis (..)
     ,ProgramState (..)
+    ,VariableState (..)
     ,VariableValue (..)
+    ,VariableProperties
     ,SpaceStatus (..)
     ,getIncomingState
     ,getOutgoingState
@@ -77,9 +79,21 @@ import Debug.Trace -- STRIP
 import Test.QuickCheck
 
 
+-- The number of iterations for DFA to stabilize
 iterationCount = 1000000
+-- There have been multiple bugs where bad caching caused oscillations.
+-- As a precaution, disable caching if there's this many iterations left.
+fallbackThreshold = 10000
+-- The number of cache entries to keep per node
 cacheEntries = 10
 
+logVerbose log = do
+    -- traceShowM log
+    return ()
+logInfo log = do
+    -- traceShowM log
+    return ()
+
 -- The result of the data flow analysis
 data CFGAnalysis = CFGAnalysis {
     graph :: CFGraph,
@@ -89,9 +103,9 @@ data CFGAnalysis = CFGAnalysis {
 
 -- The program state we expose externally
 data ProgramState = ProgramState {
-    variablesInScope :: M.Map String VariableValue,
+--    internalState :: InternalState, -- For debugging
+    variablesInScope :: M.Map String VariableState,
     stateIsReachable :: Bool
---    internalState :: InternalState
 } deriving (Show, Eq, Generic, NFData)
 
 -- Conveniently get the state before a token id
@@ -111,9 +125,9 @@ getDataForNode analysis node = M.lookup node $ nodeToData analysis
 -- The current state of data flow at a point in the program, potentially as a diff
 data InternalState = InternalState {
     sVersion :: Integer,
-    sGlobalValues :: VersionedMap String VariableValue,
-    sLocalValues :: VersionedMap String VariableValue,
-    sPrefixValues :: VersionedMap String VariableValue,
+    sGlobalValues :: VersionedMap String VariableState,
+    sLocalValues :: VersionedMap String VariableState,
+    sPrefixValues :: VersionedMap String VariableState,
     sFunctionTargets :: VersionedMap String FunctionValue,
     sIsReachable :: Maybe Bool
 } deriving (Show, Generic, NFData)
@@ -135,31 +149,33 @@ unreachableState = modified newInternalState {
 createEnvironmentState :: InternalState
 createEnvironmentState = do
     foldl' (flip ($)) newInternalState $ concat [
-        addVars Data.internalVariables unknownVariableValue,
-        addVars Data.variablesWithoutSpaces spacelessVariableValue,
-        addVars Data.specialIntegerVariables spacelessVariableValue
+        addVars Data.internalVariables unknownVariableState,
+        addVars Data.variablesWithoutSpaces spacelessVariableState,
+        addVars Data.specialIntegerVariables spacelessVariableState
         ]
   where
     addVars names val = map (\name -> insertGlobal name val) names
-    spacelessVariableValue = VariableValue {
-        literalValue = Nothing,
-        spaceStatus = SpaceStatusClean
+    spacelessVariableState = unknownVariableState {
+        variableValue = VariableValue {
+            literalValue = Nothing,
+            spaceStatus = SpaceStatusClean
+        }
     }
 
 
 modified s = s { sVersion = -1 }
 
-insertGlobal :: String -> VariableValue -> InternalState -> InternalState
+insertGlobal :: String -> VariableState -> InternalState -> InternalState
 insertGlobal name value state = modified state {
     sGlobalValues = vmInsert name value $ sGlobalValues state
 }
 
-insertLocal :: String -> VariableValue -> InternalState -> InternalState
+insertLocal :: String -> VariableState -> InternalState -> InternalState
 insertLocal name value state = modified state {
     sLocalValues = vmInsert name value $ sLocalValues state
 }
 
-insertPrefix :: String -> VariableValue -> InternalState -> InternalState
+insertPrefix :: String -> VariableState -> InternalState -> InternalState
 insertPrefix name value state = modified state {
     sPrefixValues = vmInsert name value $ sPrefixValues state
 }
@@ -169,24 +185,38 @@ insertFunction name value state = modified state {
     sFunctionTargets = vmInsert name value $ sFunctionTargets state
 }
 
+addProperties :: S.Set CFVariableProp -> VariableState -> VariableState
+addProperties props state = state {
+    variableProperties = S.map (S.union props) $ variableProperties state
+}
+
+removeProperties :: S.Set CFVariableProp -> VariableState -> VariableState
+removeProperties props state = state {
+    variableProperties = S.map (\s -> S.difference s props) $ variableProperties state
+}
+
 internalToExternal :: InternalState -> ProgramState
 internalToExternal s =
     ProgramState {
-        -- Avoid introducing dependencies on the literal value as this is only for debugging purposes right now
-        variablesInScope = M.map (\c -> c { literalValue = Nothing }) flatVars,
+        -- Censor the literal value to avoid introducing dependencies on it. It's just for debugging.
+        variablesInScope = M.map censor flatVars,
         -- internalState = s, -- For debugging
         stateIsReachable = fromMaybe True $ sIsReachable s
     }
   where
+    censor s = s {
+        variableValue = (variableValue s) {
+            literalValue = Nothing
+        }
+    }
     flatVars = M.unionsWith (\_ last -> last) $ map mapStorage [sGlobalValues s, sLocalValues s, sPrefixValues s]
 
 -- Dependencies on values, e.g. "if there is a global variable named 'foo' without spaces"
 -- This is used to see if the DFA of a function would result in the same state, so anything
 -- that affects DFA must be tracked.
 data StateDependency =
-    DepGlobalValue String VariableValue
-    | DepLocalValue String VariableValue
-    | DepPrefixValue String VariableValue
+    DepState Scope String VariableState
+    | DepProperties Scope String VariableProperties
     | DepFunction String (S.Set FunctionDefinition)
     -- Whether invoking the node would result in recursion (i.e., is the function on the stack?)
     | DepIsRecursive Node Bool
@@ -199,10 +229,6 @@ data FunctionDefinition = FunctionUnknown | FunctionDefinition String Node Node
 -- The Set of places a command name can point (it's a Set to handle conditionally defined functions)
 type FunctionValue = S.Set FunctionDefinition
 
--- The scope of a function. ("Prefix" refers to e.g. `foo=1 env`)
-data VariableScope = PrefixVar | LocalVar | GlobalVar
-    deriving (Show, Eq, Ord, Generic, NFData)
-
 -- Create an InternalState that fulfills the given dependencies
 depsToState :: S.Set StateDependency -> InternalState
 depsToState set = foldl insert newInternalState $ S.toList set
@@ -211,11 +237,26 @@ depsToState set = foldl insert newInternalState $ S.toList set
     insert state dep =
         case dep of
             DepFunction name val -> insertFunction name val state
-            DepGlobalValue name val -> insertGlobal name val state
-            DepLocalValue name val -> insertLocal name val state
-            DepPrefixValue name val -> insertPrefix name val state
+            DepState scope name val -> insertIn True scope name val state
+            -- State includes properties and more, so don't overwrite a state with properties
+            DepProperties scope name props -> insertIn False scope name unknownVariableState { variableProperties = props } state
             DepIsRecursive _ _ -> state
 
+    insertIn overwrite scope name val state =
+        let
+            (mapToCheck, inserter) =
+                case scope of
+                    PrefixScope -> (sPrefixValues, insertPrefix)
+                    LocalScope -> (sLocalValues, insertLocal)
+                    GlobalScope -> (sGlobalValues, insertGlobal)
+                    DefaultScope -> error $ pleaseReport "Unresolved scope in dependency"
+
+            alreadyExists = isJust $ vmLookup name $ mapToCheck state
+        in
+            if overwrite || not alreadyExists
+            then inserter name val state
+            else state
+
 unknownFunctionValue = S.singleton FunctionUnknown
 
 -- The information about the value of a single variable
@@ -225,20 +266,45 @@ data VariableValue = VariableValue {
 }
     deriving (Show, Eq, Ord, Generic, NFData)
 
+data VariableState = VariableState {
+    variableValue :: VariableValue,
+    variableProperties :: VariableProperties
+}
+    deriving (Show, Eq, Ord, Generic, NFData)
+
 -- Whether or not the value needs quoting (has spaces/globs), or we don't know
 data SpaceStatus = SpaceStatusEmpty | SpaceStatusClean | SpaceStatusDirty deriving (Show, Eq, Ord, Generic, NFData)
 
+-- The set of possible sets of properties for this variable
+type VariableProperties = S.Set (S.Set CFVariableProp)
+
+defaultProperties = S.singleton S.empty
+
+unknownVariableState = VariableState {
+    variableValue = unknownVariableValue,
+    variableProperties = defaultProperties
+}
 
 unknownVariableValue = VariableValue {
     literalValue = Nothing,
     spaceStatus = SpaceStatusDirty
 }
 
-emptyVariableValue = VariableValue {
+emptyVariableValue = unknownVariableValue {
     literalValue = Just "",
     spaceStatus = SpaceStatusEmpty
 }
 
+unsetVariableState = VariableState {
+    variableValue = emptyVariableValue,
+    variableProperties = defaultProperties
+}
+
+mergeVariableState a b = VariableState {
+    variableValue = mergeVariableValue (variableValue a) (variableValue b),
+    variableProperties = S.union (variableProperties a) (variableProperties b)
+}
+
 mergeVariableValue a b = VariableValue {
     literalValue = if literalValue a == literalValue b then literalValue a else Nothing,
     spaceStatus = mergeSpaceStatus (spaceStatus a) (spaceStatus b)
@@ -296,6 +362,8 @@ data Ctx s = Ctx {
     cCounter :: STRef s Integer,
     -- A cache of input state dependencies to output effects
     cCache :: STRef s (M.Map Node [(S.Set StateDependency, InternalState)]),
+    -- Whether the cache is enabled (see fallbackThreshold)
+    cEnableCache :: STRef s Bool,
     -- The states resulting from data flows per invocation path
     cInvocations :: STRef s (M.Map [Node] (S.Set StateDependency, M.Map Node (InternalState, InternalState)))
 }
@@ -304,6 +372,8 @@ data Ctx s = Ctx {
 data StackEntry s = StackEntry {
     -- The entry point of this stack entry for the purpose of detecting recursion
     entryPoint :: Node,
+    -- Whether this is a function call (as opposed to a subshell)
+    isFunctionCall :: Bool,
     -- The node where this entry point was invoked
     callSite :: Node,
     -- A mutable set of dependencies we fetched from here or higher in the stack
@@ -369,9 +439,9 @@ mergeState ctx a b = do
                 return unreachableState
             _ | sVersion a >= 0 && sVersion b >= 0 && sVersion a == sVersion b -> return a
             _ -> do
-                globals <- mergeMaps ctx mergeVariableValue readGlobal (sGlobalValues a) (sGlobalValues b)
-                locals <- mergeMaps ctx mergeVariableValue readVariable (sLocalValues a) (sLocalValues b)
-                prefix <- mergeMaps ctx mergeVariableValue readVariable (sPrefixValues a) (sPrefixValues b)
+                globals <- mergeMaps ctx mergeVariableState readGlobal (sGlobalValues a) (sGlobalValues b)
+                locals <- mergeMaps ctx mergeVariableState readVariable (sLocalValues a) (sLocalValues b)
+                prefix <- mergeMaps ctx mergeVariableState readVariable (sPrefixValues a) (sPrefixValues b)
                 funcs <- mergeMaps ctx S.union readFunction (sFunctionTargets a) (sFunctionTargets b)
                 return $ InternalState {
                     sVersion = -1,
@@ -517,15 +587,15 @@ vmPatch base diff =
             mapStorage = M.unionWith (flip const) (mapStorage base) (mapStorage diff)
         }
 
--- Modify a variable as with x=1. This applies it to the appropriate scope.
-writeVariable :: forall s. Ctx s -> String -> VariableValue -> ST s ()
+-- Set a variable. This includes properties. Applies it to the appropriate scope.
+writeVariable :: forall s. Ctx s -> String -> VariableState -> ST s ()
 writeVariable ctx name val = do
-    (_, typ) <- readVariableWithScope ctx name
+    typ <- readVariableScope ctx name
     case typ of
-        GlobalVar -> writeGlobal ctx name val
-        LocalVar -> writeLocal ctx name val
+        GlobalScope -> writeGlobal ctx name val
+        LocalScope -> writeLocal ctx name val
         -- Prefixed variables actually become local variables in the invoked function
-        PrefixVar -> writeLocal ctx name val
+        PrefixScope -> writeLocal ctx name val
 
 writeGlobal ctx name val = do
     modifySTRef (cOutput ctx) $ insertGlobal name val
@@ -536,39 +606,97 @@ writeLocal ctx name val = do
 writePrefix ctx name val = do
     modifySTRef (cOutput ctx) $ insertPrefix name val
 
+updateVariableValue ctx name val = do
+    (props, scope) <- readVariablePropertiesWithScope ctx name
+    let f = case scope of
+                GlobalScope -> writeGlobal
+                LocalScope -> writeLocal
+                PrefixScope -> writeLocal -- Updates become local
+    f ctx name $ VariableState { variableValue = val, variableProperties = props }
+
+updateGlobalValue ctx name val = do
+    props <- readGlobalProperties ctx name
+    writeGlobal ctx name VariableState { variableValue = val, variableProperties = props }
+
+updateLocalValue ctx name val = do
+    props <- readLocalProperties ctx name
+    writeLocal ctx name VariableState { variableValue = val, variableProperties = props }
+
+updatePrefixValue ctx name val = do
+    -- Prefix variables don't inherit properties
+    writePrefix ctx name VariableState { variableValue = val, variableProperties = defaultProperties }
+
+
 -- Look up a variable value, and also return its scope
-readVariableWithScope :: forall s. Ctx s -> String -> ST s (VariableValue, VariableScope)
+readVariableWithScope :: forall s. Ctx s -> String -> ST s (VariableState, Scope)
 readVariableWithScope ctx name = lookupStack get dep def ctx name
   where
-    def = (unknownVariableValue, GlobalVar)
+    def = (unknownVariableState, GlobalScope)
     get = getVariableWithScope
-    dep k v =
-        case v of
-            (val, GlobalVar) -> DepGlobalValue k val
-            (val, LocalVar) -> DepLocalValue k val
-            (val, PrefixVar) -> DepPrefixValue k val
+    dep k (val, scope) = DepState scope k val
 
-getVariableWithScope :: InternalState -> String -> Maybe (VariableValue, VariableScope)
+-- Look up the variable's properties. This can be done independently to avoid incurring a dependency on the value.
+readVariablePropertiesWithScope :: forall s. Ctx s -> String -> ST s (VariableProperties, Scope)
+readVariablePropertiesWithScope ctx name = lookupStack get dep def ctx name
+  where
+    def = (defaultProperties, GlobalScope)
+    get s k = do
+        (val, scope) <- getVariableWithScope s k
+        return (variableProperties val, scope)
+    dep k (val, scope) = DepProperties scope k val
+
+readVariableScope ctx name = snd <$> readVariablePropertiesWithScope ctx name
+
+getVariableWithScope :: InternalState -> String -> Maybe (VariableState, Scope)
 getVariableWithScope s name =
     case (vmLookup name $ sPrefixValues s, vmLookup name $ sLocalValues s, vmLookup name $ sGlobalValues s) of
-        (Just var, _, _) -> return (var, PrefixVar)
-        (_, Just var, _) -> return (var, LocalVar)
-        (_, _, Just var) -> return (var, GlobalVar)
+        (Just var, _, _) -> return (var, PrefixScope)
+        (_, Just var, _) -> return (var, LocalScope)
+        (_, _, Just var) -> return (var, GlobalScope)
         _ -> Nothing
 
 undefineFunction ctx name =
     writeFunction ctx name $ FunctionUnknown
 
 undefineVariable ctx name =
-    writeVariable ctx name $ emptyVariableValue
+    writeVariable ctx name $ unsetVariableState
 
 readVariable ctx name = fst <$> readVariableWithScope ctx name
+readVariableProperties ctx name = fst <$> readVariablePropertiesWithScope ctx name
 
 readGlobal ctx name = lookupStack get dep def ctx name
   where
-    def = unknownVariableValue
+    def = unknownVariableState -- could come from the environment
     get s name = vmLookup name $ sGlobalValues s
-    dep k v = DepGlobalValue k v
+    dep k v = DepState GlobalScope k v
+
+
+readGlobalProperties ctx name = lookupStack get dep def ctx name
+  where
+    def = defaultProperties
+    get s name = variableProperties <$> (vmLookup name $ sGlobalValues s)
+    -- This dependency will fail to match if it's shadowed by a local variable,
+    -- such as in  x=1; f() { local -i x; declare -ag x; } because we'll look at
+    -- x and find it to be local and not global. FIXME?
+    dep k v = DepProperties GlobalScope k v
+
+readLocal ctx name = lookupStackUntilFunction get dep def ctx name
+  where
+    def = unsetVariableState -- can't come from the environment
+    get s name = vmLookup name $ sLocalValues s
+    dep k v = DepState LocalScope k v
+
+-- We only want to look up the local properties of the current function,
+-- though preferably even if we're in a subshell.  FIXME?
+readLocalProperties ctx name = fst <$> lookupStackUntilFunction get dep def ctx name
+  where
+    def = (defaultProperties, LocalScope)
+    with tag f = do
+        val <- variableProperties <$> f
+        return (val, tag)
+
+    get s name = (with LocalScope $ vmLookup name $ sLocalValues s) `mplus` (with PrefixScope $ vmLookup name $ sPrefixValues s)
+    dep k (val, scope) = DepProperties scope k val
 
 readFunction ctx name = lookupStack get dep def ctx name
   where
@@ -581,9 +709,11 @@ writeFunction ctx name val = do
 
 -- Look up each state on the stack until a value is found (or the default is used),
 -- then add this value as a StateDependency.
-lookupStack :: forall s k v.
+lookupStack' :: forall s k v.
+    -- Whether to stop at function boundaries
+    Bool
     -- A function that maybe finds a value from a state
-    (InternalState -> k -> Maybe v)
+    -> (InternalState -> k -> Maybe v)
     -- A function that creates a dependency on what was found
     -> (k -> v -> StateDependency)
     -- A default value, if the value can't be found anywhere
@@ -594,13 +724,14 @@ lookupStack :: forall s k v.
     -> k
     -- Returning the result
     -> ST s v
-lookupStack get dep def ctx key = do
+lookupStack' functionOnly get dep def ctx key = do
     top <- readSTRef $ cInput ctx
     case get top key of
         Just v -> return v
         Nothing -> f (cStack ctx)
   where
     f [] = return def
+    f (s:_) | functionOnly && isFunctionCall s = return def
     f (s:rest) = do
         -- Go up the stack until we find the value, and add
         -- a dependency on each state (including where it was found)
@@ -608,6 +739,9 @@ lookupStack get dep def ctx key = do
         modifySTRef (dependencies s) $ S.insert $ dep key res
         return res
 
+lookupStack = lookupStack' False
+lookupStackUntilFunction = lookupStack' True
+
 -- Like lookupStack but without adding dependencies
 peekStack get def ctx key = do
     top <- readSTRef $ cInput ctx
@@ -621,26 +755,30 @@ peekStack get def ctx key = do
             Just v -> return v
             Nothing -> f rest
 
--- Check if the current context fulfills a StateDependency
-fulfillsDependency ctx dep =
+-- Check if the current context fulfills a StateDependency if entering `entry`
+fulfillsDependency ctx entry dep =
     case dep of
-        DepGlobalValue name val -> (== (val, GlobalVar)) <$> peek ctx name
-        DepLocalValue name val -> (== (val, LocalVar)) <$> peek ctx name
-        DepPrefixValue name val -> (== (val, PrefixVar)) <$> peek ctx name
+        DepState scope name val -> (== (val, scope)) <$> peek scope ctx name
+        DepProperties scope name props -> do
+            (state, s) <- peek scope ctx name
+            return $ scope == s && variableProperties state == props
         DepFunction name val -> (== val) <$> peekFunc ctx name
+        -- Hack. Since we haven't pushed the soon-to-be invoked function on the stack,
+        -- it won't be found by the normal check.
+        DepIsRecursive node val | node == entry -> return True
         DepIsRecursive node val -> return $ val == any (\f -> entryPoint f == node) (cStack ctx)
   --      _ -> error $ "Unknown dep " ++ show dep
   where
-    peek = peekStack getVariableWithScope (unknownVariableValue, GlobalVar)
+    peek scope = peekStack getVariableWithScope $ if scope == GlobalScope then (unknownVariableState, GlobalScope) else (unsetVariableState, LocalScope)
     peekFunc = peekStack (\state name -> vmLookup name $ sFunctionTargets state) unknownFunctionValue
 
 -- Check if the current context fulfills all StateDependencies
-fulfillsDependencies ctx deps =
+fulfillsDependencies ctx entry deps =
     f $ S.toList deps
   where
     f [] = return True
     f (dep:rest) = do
-        res <- fulfillsDependency ctx dep
+        res <- fulfillsDependency ctx entry dep
         if res
             then f rest
             else return False
@@ -652,6 +790,7 @@ newCtx g = do
     output <- newSTRef undefined
     node <- newSTRef undefined
     cache <- newSTRef M.empty
+    enableCache <- newSTRef True
     invocations <- newSTRef M.empty
     return $ Ctx {
         cCounter = c,
@@ -659,6 +798,7 @@ newCtx g = do
         cOutput = output,
         cNode = node,
         cCache = cache,
+        cEnableCache = enableCache,
         cStack = [],
         cInvocations = invocations,
         cGraph = g
@@ -672,20 +812,21 @@ nextVersion ctx = do
     return n
 
 -- Create a new StackEntry
-newStackEntry ctx point = do
+newStackEntry ctx point isCall = do
     deps <- newSTRef S.empty
     state <- readSTRef $ cOutput ctx
     callsite <- readSTRef $ cNode ctx
     return $ StackEntry {
         entryPoint = point,
+        isFunctionCall = isCall,
         callSite = callsite,
         dependencies = deps,
         stackState = state
     }
 
 -- Call a function with a new stack entry on the stack
-withNewStackFrame ctx node f = do
-    newEntry <- newStackEntry ctx node
+withNewStackFrame ctx node isCall f = do
+    newEntry <- newStackEntry ctx node isCall
     newInput <- newSTRef newInternalState
     newOutput <- newSTRef newInternalState
     newNode <- newSTRef node
@@ -753,7 +894,7 @@ transferSubshell ctx reason entry exit = do
     writeSTRef cout initial
   where
     f entry exit ctx = do
-        (states, frame) <- withNewStackFrame ctx entry (flip dataflow $ entry)
+        (states, frame) <- withNewStackFrame ctx entry False (flip dataflow $ entry)
         let (_, res) = fromMaybe (error $ pleaseReport "Subshell has no exit") $ M.lookup exit states
         deps <- readSTRef $ dependencies frame
         registerFlowResult ctx entry states deps
@@ -763,12 +904,12 @@ transferSubshell ctx reason entry exit = do
 transferCommand ctx Nothing = return ()
 transferCommand ctx (Just name) = do
     targets <- readFunction ctx name
-    --traceShowM ("Transferring ",name,targets)
+    logVerbose ("Transferring ",name,targets)
     transferMultiple ctx $ map (flip transferFunctionValue) $ S.toList targets
 
 -- Transfer a set of function definitions and merge the output states.
 transferMultiple ctx funcs = do
---    traceShowM ("Transferring set of ", length funcs)
+    logVerbose ("Transferring set of ", length funcs)
     original <- readSTRef out
     branches <- mapM (apply ctx original) funcs
     merged <- mergeStates ctx original branches
@@ -792,7 +933,7 @@ transferFunctionValue ctx funcVal =
                 else runCached ctx entry (f name entry exit)
   where
     f name entry exit ctx = do
-        (states, frame) <- withNewStackFrame ctx entry (flip dataflow $ entry)
+        (states, frame) <- withNewStackFrame ctx entry True (flip dataflow $ entry)
         deps <- readSTRef $ dependencies frame
         let res =
                 case M.lookup exit states of
@@ -827,25 +968,31 @@ runCached ctx node f = do
     cache <- getCache ctx node
     case cache of
         Just v -> do
-            -- traceShowM $ ("Running cached", node)
+            logInfo ("Running cached", node)
+            -- do { (deps, diff) <- f ctx; unless (v == diff) $ traceShowM ("Cache FAILED to match actual result", node, deps, diff); }
             patchOutputM ctx v
+
         Nothing -> do
-            -- traceShowM $ ("Cache failed", node)
+            logInfo ("Cache failed", node)
             (deps, diff) <- f ctx
             modifySTRef (cCache ctx) (M.insertWith (\_ old -> (deps, diff):(take cacheEntries old)) node [(deps,diff)])
-            -- traceShowM $ ("Recomputed cache for", node, deps)
+            logVerbose ("Recomputed cache for", node, deps)
+            -- do { f <- fulfillsDependencies ctx node deps; unless (f) $ traceShowM ("New dependencies FAILED to match", node, deps); }
             patchOutputM ctx diff
 
 -- Get a cached version whose dependencies are currently fulfilled, if any.
 getCache :: forall s. Ctx s -> Node -> ST s (Maybe InternalState)
 getCache ctx node = do
     cache <- readSTRef $ cCache ctx
-    -- traceShowM $ ("Cache for", node, "length", length $ M.findWithDefault [] node cache, M.lookup node cache)
-    f $ M.findWithDefault [] node cache
+    enable <- readSTRef $ cEnableCache ctx
+    logVerbose ("Cache for", node, "length", length $ M.findWithDefault [] node cache, M.lookup node cache)
+    if enable
+        then f $ M.findWithDefault [] node cache
+        else return Nothing
   where
     f [] = return Nothing
     f ((deps, value):rest) = do
-        match <- fulfillsDependencies ctx deps
+        match <- fulfillsDependencies ctx node deps
         if match
             then return $ Just value
             else f rest
@@ -857,16 +1004,52 @@ transferEffect ctx effect =
             void $ readVariable ctx name
         CFWriteVariable name value -> do
             val <- cfValueToVariableValue ctx value
-            writeVariable ctx name val
+            updateVariableValue ctx name val
         CFWriteGlobal name value -> do
             val <- cfValueToVariableValue ctx value
-            writeGlobal ctx name val
+            updateGlobalValue ctx name val
         CFWriteLocal name value -> do
             val <- cfValueToVariableValue ctx value
-            writeLocal ctx name val
+            updateLocalValue ctx name val
         CFWritePrefix name value -> do
             val <- cfValueToVariableValue ctx value
-            writePrefix ctx name val
+            updatePrefixValue ctx name val
+
+        CFSetProps scope name props ->
+            case scope of
+                DefaultScope -> do
+                    state <- readVariable ctx name
+                    writeVariable ctx name $ addProperties props state
+                GlobalScope -> do
+                    state <- readGlobal ctx name
+                    writeGlobal ctx name $ addProperties props state
+                LocalScope -> do
+                    out <- readSTRef (cOutput ctx)
+                    state <- readLocal ctx name
+                    writeLocal ctx name $ addProperties props state
+                PrefixScope -> do
+                    -- Prefix values become local
+                    state <- readLocal ctx name
+                    writeLocal ctx name $ addProperties props state
+
+        CFUnsetProps scope name props ->
+            case scope of
+                DefaultScope -> do
+                    state <- readVariable ctx name
+                    writeVariable ctx name $ removeProperties props state
+                GlobalScope -> do
+                    state <- readGlobal ctx name
+                    writeGlobal ctx name $ removeProperties props state
+                LocalScope -> do
+                    out <- readSTRef (cOutput ctx)
+                    state <- readLocal ctx name
+                    writeLocal ctx name $ removeProperties props state
+                PrefixScope -> do
+                    -- Prefix values become local
+                    state <- readLocal ctx name
+                    writeLocal ctx name $ removeProperties props state
+
+
         CFUndefineVariable name -> undefineVariable ctx name
         CFUndefineFunction name -> undefineFunction ctx name
         CFUndefine name -> do
@@ -880,11 +1063,9 @@ transferEffect ctx effect =
         CFUndefineNameref name -> undefineVariable ctx name
         CFHintArray name -> return ()
         CFHintDefined name -> return ()
-        CFModifyProps {} -> return ()
 --        _ -> error $ "Unknown effect " ++ show effect
 
 
-
 -- Transfer the CFG's idea of a value into our VariableState
 cfValueToVariableValue ctx val =
     case val of
@@ -905,12 +1086,17 @@ computeValue ctx part =
         CFStringLiteral str -> return $ literalToVariableValue str
         CFStringInteger -> return unknownIntegerValue
         CFStringUnknown -> return unknownVariableValue
-        CFStringVariable name -> readVariable ctx name
+        CFStringVariable name -> variableStateToValue <$> readVariable ctx name
+   where
+    variableStateToValue state =
+        case () of
+            _ | all (CFVPInteger `S.member`) $ variableProperties state -> unknownIntegerValue
+            _ -> variableValue state
 
 -- Append two VariableValues as if with z="$x$y"
 appendVariableValue :: VariableValue -> VariableValue -> VariableValue
 appendVariableValue a b =
-    VariableValue {
+    unknownVariableValue {
         literalValue = liftM2 (++) (literalValue a) (literalValue b),
         spaceStatus = appendSpaceStatus (spaceStatus a) (spaceStatus b)
     }
@@ -922,12 +1108,12 @@ appendSpaceStatus a b =
         (SpaceStatusClean, SpaceStatusClean) -> a
         _ ->SpaceStatusDirty
 
-unknownIntegerValue = VariableValue {
+unknownIntegerValue = unknownVariableValue {
     literalValue = Nothing,
     spaceStatus = SpaceStatusClean
 }
 
-literalToVariableValue str = VariableValue {
+literalToVariableValue str = unknownVariableValue {
     literalValue = Just str,
     spaceStatus = literalToSpaceStatus str
 }
@@ -965,6 +1151,13 @@ dataflow ctx entry = do
     f 0 _ _ = error $ pleaseReport "DFA did not reach fix point"
     f n pending states = do
         ps <- readSTRef pending
+
+        when (n == fallbackThreshold) $ do
+            -- This should never happen, but has historically been due to caching bugs.
+            -- Try disabling the cache and continuing.
+            logInfo "DFA is not stabilizing! Disabling cache."
+            writeSTRef (cEnableCache ctx) False
+
         if S.null ps
             then return ()
             else do
@@ -1012,12 +1205,12 @@ runRoot ctx entry exit = do
     writeSTRef (cInput ctx) $ env
     writeSTRef (cOutput ctx) $ env
     writeSTRef (cNode ctx) $ entry
-    (states, frame) <- withNewStackFrame ctx entry $ \c -> dataflow c entry
+    (states, frame) <- withNewStackFrame ctx entry False $ \c -> dataflow c entry
     deps <- readSTRef $ dependencies frame
     registerFlowResult ctx entry states deps
     -- Return the final state, used to invoke functions that were declared but not invoked
     return $ snd $ fromMaybe (error $ pleaseReport "Missing exit state") $ M.lookup exit states
-    
+
 
 analyzeControlFlow :: CFGParameters -> Token -> CFGAnalysis
 analyzeControlFlow params t =

From e7f05d662ad1830cc9b4bce59a7b6767fa07d8c0 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Fri, 22 Jul 2022 10:29:19 -0700
Subject: [PATCH 028/244] In addition to start/end, track sets of nodes
 belonging to tokens

---
 src/ShellCheck/CFG.hs         | 66 ++++++++++++++++++++++-------------
 src/ShellCheck/CFGAnalysis.hs | 12 ++++---
 src/ShellCheck/Debug.hs       |  2 +-
 3 files changed, 50 insertions(+), 30 deletions(-)

diff --git a/src/ShellCheck/CFG.hs b/src/ShellCheck/CFG.hs
index a4bd166..4906d80 100644
--- a/src/ShellCheck/CFG.hs
+++ b/src/ShellCheck/CFG.hs
@@ -168,8 +168,10 @@ data CFGParameters = CFGParameters {
 data CFGResult = CFGResult {
     -- The graph itself
     cfGraph :: CFGraph,
-    -- Map from Id to start/end node
-    cfIdToNode :: M.Map Id (Node, Node)
+    -- Map from Id to nominal start&end node (i.e. assuming normal execution without exits)
+    cfIdToRange :: M.Map Id (Node, Node),
+    -- A set of all nodes belonging to an Id, recursively
+    cfIdToNodes :: M.Map Id (S.Set Node)
 }
   deriving (Show)
 
@@ -177,21 +179,24 @@ buildGraph :: CFGParameters -> Token -> CFGResult
 buildGraph params root =
     let
         (nextNode, base) = execRWS (buildRoot root) (newCFContext params) 0
-        (nodes, edges, mapping) =
+        (nodes, edges, mapping, association) =
 --            renumberTopologically $
                 removeUnnecessaryStructuralNodes
                     base
     in
         CFGResult {
             cfGraph = mkGraph nodes edges,
-            cfIdToNode = M.fromList mapping
+            cfIdToRange = M.fromList mapping,
+            cfIdToNodes = M.fromListWith S.union $ map (\(id, n) -> (id, S.singleton n)) association
         }
 
-remapGraph remap (nodes, edges, mapping) =
+remapGraph :: M.Map Node Node -> CFW -> CFW
+remapGraph remap (nodes, edges, mapping, assoc) =
     (
         map (remapNode remap) nodes,
         map (remapEdge remap) edges,
-        map (\(id, (a,b)) -> (id, (remapHelper remap a, remapHelper remap b))) mapping
+        map (\(id, (a,b)) -> (id, (remapHelper remap a, remapHelper remap b))) mapping,
+        map (\(id, n) -> (id, remapHelper remap n)) assoc
     )
 
 prop_testRenumbering =
@@ -200,17 +205,20 @@ prop_testRenumbering =
         before = (
             [(1,s), (3,s), (4, s), (8,s)],
             [(1,3,CFEFlow), (3,4, CFEFlow), (4,8,CFEFlow)],
-            [(Id 0, (3,4))]
+            [(Id 0, (3,4))],
+            [(Id 1, 3), (Id 2, 4)]
             )
         after = (
             [(0,s), (1,s), (2,s), (3,s)],
             [(0,1,CFEFlow), (1,2, CFEFlow), (2,3,CFEFlow)],
-            [(Id 0, (1,2))]
+            [(Id 0, (1,2))],
+            [(Id 1, 1), (Id 2, 2)]
             )
     in after == renumberGraph before
 
 -- Renumber the graph for prettiness, so there are no gaps in node numbers
-renumberGraph g@(nodes, edges, mapping) =
+renumberGraph :: CFW -> CFW
+renumberGraph g@(nodes, edges, mapping, assoc) =
     let renumbering = M.fromList (flip zip [0..] $ sort $ map fst nodes)
     in remapGraph renumbering g
 
@@ -220,17 +228,19 @@ prop_testRenumberTopologically =
         before = (
             [(4,s), (2,s), (3, s)],
             [(4,2,CFEFlow), (2,3, CFEFlow)],
-            [(Id 0, (4,2))]
+            [(Id 0, (4,2))],
+            []
             )
         after = (
             [(0,s), (1,s), (2,s)],
             [(0,1,CFEFlow), (1,2, CFEFlow)],
-            [(Id 0, (0,1))]
+            [(Id 0, (0,1))],
+            []
             )
     in after == renumberTopologically before
 
 -- Renumber the graph in topological order
-renumberTopologically g@(nodes, edges, mapping) =
+renumberTopologically g@(nodes, edges, mapping, assoc) =
     let renumbering = M.fromList (flip zip [0..] $ topsort (mkGraph nodes edges :: CFGraph))
     in remapGraph renumbering g
 
@@ -240,12 +250,14 @@ prop_testRemoveStructural =
         before = (
             [(1,s), (2,s), (3, s), (4,s)],
             [(1,2,CFEFlow), (2,3, CFEFlow), (3,4,CFEFlow)],
-            [(Id 0, (2,3))]
+            [(Id 0, (2,3))],
+            [(Id 0, 3)]
             )
         after = (
             [(1,s), (2,s), (4,s)],
             [(1,2,CFEFlow), (2,4,CFEFlow)],
-            [(Id 0, (2,2))]
+            [(Id 0, (2,2))],
+            [(Id 0, 2)]
             )
     in after == removeUnnecessaryStructuralNodes before
 
@@ -255,12 +267,13 @@ prop_testRemoveStructural =
 -- Note in particular that we can't remove a structural node x in
 -- foo -> x -> bar , because then the pre/post-condition for tokens
 -- previously pointing to x would be wrong.
-removeUnnecessaryStructuralNodes (nodes, edges, mapping) =
+removeUnnecessaryStructuralNodes (nodes, edges, mapping, association) =
     remapGraph recursiveRemapping
         (
             filter (\(n, _) -> n `M.notMember` recursiveRemapping) nodes,
             filter (`S.notMember` edgesToCollapse) edges,
-            mapping
+            mapping,
+            association
         )
   where
     regularEdges = filter isRegularEdge edges
@@ -305,8 +318,6 @@ remapNode m (node, label) =
     newLabel = case label of
         CFApplyEffects effects -> CFApplyEffects (map (remapEffect m) effects)
         CFExecuteSubshell s a b -> CFExecuteSubshell s (remapHelper m a) (remapHelper m b)
---        CFSubShellStart reason node -> CFSubShellStart reason (remapHelper m node)
-
         _ -> label
 
 remapEffect map old@(IdTagged id effect) =
@@ -325,6 +336,7 @@ data CFContext = CFContext {
     cfIsCondition :: Bool,
     cfIsFunction :: Bool,
     cfLoopStack :: [(Node, Node)],
+    cfTokenStack :: [Id],
     cfExitTarget :: Maybe Node,
     cfReturnTarget :: Maybe Node,
     cfParameters :: CFGParameters
@@ -333,19 +345,22 @@ newCFContext params = CFContext {
     cfIsCondition = False,
     cfIsFunction = False,
     cfLoopStack = [],
+    cfTokenStack = [],
     cfExitTarget = Nothing,
     cfReturnTarget = Nothing,
     cfParameters = params
 }
 
 -- The monad we generate a graph in
-type CFM a = RWS CFContext ([LNode CFNode], [LEdge CFEdge], [(Id, (Node, Node))]) Int a
+type CFM a = RWS CFContext CFW Int a
+type CFW = ([LNode CFNode], [LEdge CFEdge], [(Id, (Node, Node))], [(Id, Node)])
 
 newNode :: CFNode -> CFM Node
 newNode label = do
     n <- get
+    stack <- asks cfTokenStack
     put (n+1)
-    tell ([(n, label)], [], [])
+    tell ([(n, label)], [], [], map (\c -> (c, n)) stack)
     return n
 
 newNodeRange :: CFNode -> CFM Range
@@ -367,16 +382,19 @@ withFunctionScope p = do
     body <- local (\c -> c { cfReturnTarget = Just end, cfIsFunction = True }) p
     linkRanges [body, nodeToRange end]
 
+-- Anything that happens recursively in f will be attributed to this id
+under :: Id -> CFM a -> CFM a
+under id f = local (\c -> c { cfTokenStack = id:(cfTokenStack c) }) f
 
 nodeToRange :: Node -> Range
 nodeToRange n = Range n n
 
 link :: Node -> Node -> CFEdge -> CFM ()
 link from to label = do
-    tell ([], [(from, to, label)], [])
+    tell ([], [(from, to, label)], [], [])
 
 registerNode :: Id -> Range -> CFM ()
-registerNode id (Range start end) = tell ([], [], [(id, (start, end))])
+registerNode id (Range start end) = tell ([], [], [(id, (start, end))], [])
 
 linkRange :: Range -> Range -> CFM Range
 linkRange = linkRangeAs CFEFlow
@@ -412,7 +430,7 @@ asCondition = withContext (\c -> c { cfIsCondition = True })
 newStructuralNode = newNodeRange CFStructuralNode
 
 buildRoot :: Token -> CFM Range
-buildRoot t = do
+buildRoot t = under (getId t) $ do
     entry <- newNodeRange $ CFEntryPoint "MAIN"
     impliedExit <- newNode CFImpliedExit
     end <- newNode CFStructuralNode
@@ -426,7 +444,7 @@ applySingle e = CFApplyEffects [e]
 -- Build the CFG.
 build :: Token -> CFM Range
 build t = do
-    range <- build' t
+    range <- under (getId t) $ build' t
     registerNode (getId t) range
     return range
   where
diff --git a/src/ShellCheck/CFGAnalysis.hs b/src/ShellCheck/CFGAnalysis.hs
index 0007a67..daade43 100644
--- a/src/ShellCheck/CFGAnalysis.hs
+++ b/src/ShellCheck/CFGAnalysis.hs
@@ -97,7 +97,8 @@ logInfo log = do
 -- The result of the data flow analysis
 data CFGAnalysis = CFGAnalysis {
     graph :: CFGraph,
-    tokenToNode :: M.Map Id (Node, Node),
+    tokenToRange :: M.Map Id (Node, Node),
+    tokenToNodes :: M.Map Id (S.Set Node),
     nodeToData :: M.Map Node (ProgramState, ProgramState)
 } deriving (Show, Generic, NFData)
 
@@ -111,13 +112,13 @@ data ProgramState = ProgramState {
 -- Conveniently get the state before a token id
 getIncomingState :: CFGAnalysis -> Id -> Maybe ProgramState
 getIncomingState analysis id = do
-    (start,end) <- M.lookup id $ tokenToNode analysis
+    (start,end) <- M.lookup id $ tokenToRange analysis
     fst <$> M.lookup start (nodeToData analysis)
 
 -- Conveniently get the state after a token id
 getOutgoingState :: CFGAnalysis -> Id -> Maybe ProgramState
 getOutgoingState analysis id = do
-    (start,end) <- M.lookup id $ tokenToNode analysis
+    (start,end) <- M.lookup id $ tokenToRange analysis
     snd <$> M.lookup end (nodeToData analysis)
 
 getDataForNode analysis node = M.lookup node $ nodeToData analysis
@@ -1216,7 +1217,7 @@ analyzeControlFlow :: CFGParameters -> Token -> CFGAnalysis
 analyzeControlFlow params t =
     let
         cfg = buildGraph params t
-        (entry, exit) = M.findWithDefault (error $ pleaseReport "Missing root") (getId t) (cfIdToNode cfg)
+        (entry, exit) = M.findWithDefault (error $ pleaseReport "Missing root") (getId t) (cfIdToRange cfg)
     in
         runST $ f cfg entry exit
   where
@@ -1250,7 +1251,8 @@ analyzeControlFlow params t =
 
         return $ nodeToData `deepseq` CFGAnalysis {
             graph = cfGraph cfg,
-            tokenToNode = cfIdToNode cfg,
+            tokenToRange = cfIdToRange cfg,
+            tokenToNodes = cfIdToNodes cfg,
             nodeToData = nodeToData
         }
 
diff --git a/src/ShellCheck/Debug.hs b/src/ShellCheck/Debug.hs
index c991308..b6015e5 100644
--- a/src/ShellCheck/Debug.hs
+++ b/src/ShellCheck/Debug.hs
@@ -202,7 +202,7 @@ stringToDetailedCfgViz scriptString = cfgToGraphVizWith nodeLabel graph
     idToToken = M.fromList $ execWriter $ doAnalysis (\c -> tell [(getId c, c)]) ast
 
     idToNode :: M.Map Id (Node, Node)
-    idToNode = cfIdToNode cfgResult
+    idToNode = cfIdToRange cfgResult
 
     nodeToStartIds :: M.Map Node (S.Set Id)
     nodeToStartIds =

From 95b3cbf0714df47feba9ff8d465c27cb6503f38f Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Fri, 22 Jul 2022 11:11:09 -0700
Subject: [PATCH 029/244] Qualify Data.Map as M instead of tedious Map

---
 src/ShellCheck/Checks/Commands.hs | 42 +++++++++++++++----------------
 1 file changed, 21 insertions(+), 21 deletions(-)

diff --git a/src/ShellCheck/Checks/Commands.hs b/src/ShellCheck/Checks/Commands.hs
index cac06bc..081ec5f 100644
--- a/src/ShellCheck/Checks/Commands.hs
+++ b/src/ShellCheck/Checks/Commands.hs
@@ -39,7 +39,7 @@ import Data.Char
 import Data.Functor.Identity
 import Data.List
 import Data.Maybe
-import qualified Data.Map.Strict as Map
+import qualified Data.Map.Strict as M
 import Test.QuickCheck.All (forAllProperties)
 import Test.QuickCheck.Test (quickCheckWithResult, stdArgs, maxSuccess)
 
@@ -114,7 +114,7 @@ optionalCommandChecks = [
         cdNegative = "command -v javac"
     }, checkWhich)
     ]
-optionalCheckMap = Map.fromList $ map (\(desc, check) -> (cdName desc, check)) optionalCommandChecks
+optionalCheckMap = M.fromList $ map (\(desc, check) -> (cdName desc, check)) optionalCommandChecks
 
 prop_verifyOptionalExamples = all check optionalCommandChecks
   where
@@ -163,27 +163,27 @@ prop_checkGenericOptsT1 = checkGetOpts "-x -- -y" ["x"] ["-y"] $ return . getGen
 prop_checkGenericOptsT2 = checkGetOpts "-xy --" ["x", "y"] [] $ return . getGenericOpts
 
 
-buildCommandMap :: [CommandCheck] -> Map.Map CommandName (Token -> Analysis)
-buildCommandMap = foldl' addCheck Map.empty
+buildCommandMap :: [CommandCheck] -> M.Map CommandName (Token -> Analysis)
+buildCommandMap = foldl' addCheck M.empty
   where
     addCheck map (CommandCheck name function) =
-        Map.insertWith composeAnalyzers name function map
+        M.insertWith composeAnalyzers name function map
 
 
-checkCommand :: Map.Map CommandName (Token -> Analysis) -> Token -> Analysis
+checkCommand :: M.Map CommandName (Token -> Analysis) -> Token -> Analysis
 checkCommand map t@(T_SimpleCommand id cmdPrefix (cmd:rest)) = sequence_ $ do
     name <- getLiteralString cmd
     return $
         if '/' `elem` name
         then
-            Map.findWithDefault nullCheck (Basename $ basename name) map t
+            M.findWithDefault nullCheck (Basename $ basename name) map t
         else if name == "builtin" && not (null rest) then
             let t' = T_SimpleCommand id cmdPrefix rest
                 selectedBuiltin = fromMaybe "" $ getLiteralString . head $ rest
-            in Map.findWithDefault nullCheck (Exactly selectedBuiltin) map t'
+            in M.findWithDefault nullCheck (Exactly selectedBuiltin) map t'
         else do
-            Map.findWithDefault nullCheck (Exactly name) map t
-            Map.findWithDefault nullCheck (Basename name) map t
+            M.findWithDefault nullCheck (Exactly name) map t
+            M.findWithDefault nullCheck (Basename name) map t
 
   where
     basename = reverse . takeWhile (/= '/') . reverse
@@ -205,7 +205,7 @@ checker spec params = getChecker $ commandChecks ++ optionals
     optionals =
         if "all" `elem` keys
         then map snd optionalCommandChecks
-        else mapMaybe (\x -> Map.lookup x optionalCheckMap) keys
+        else mapMaybe (\x -> M.lookup x optionalCheckMap) keys
 
 prop_checkTr1 = verify checkTr "tr [a-f] [A-F]"
 prop_checkTr2 = verify checkTr "tr 'a-z' 'A-Z'"
@@ -1005,20 +1005,20 @@ checkWhileGetoptsCase = CommandCheck (Exactly "getopts") f
 
     check :: Id -> [String] -> Token -> Analysis
     check optId opts (T_CaseExpression id _ list) = do
-            unless (Nothing `Map.member` handledMap) $ do
-                mapM_ (warnUnhandled optId id) $ catMaybes $ Map.keys notHandled
+            unless (Nothing `M.member` handledMap) $ do
+                mapM_ (warnUnhandled optId id) $ catMaybes $ M.keys notHandled
 
-                unless (any (`Map.member` handledMap) [Just "*",Just "?"]) $
+                unless (any (`M.member` handledMap) [Just "*",Just "?"]) $
                     warn id 2220 "Invalid flags are not handled. Add a *) case."
 
-            mapM_ warnRedundant $ Map.toList notRequested
+            mapM_ warnRedundant $ M.toList notRequested
 
         where
-            handledMap = Map.fromList (concatMap getHandledStrings list)
-            requestedMap = Map.fromList $ map (\x -> (Just x, ())) opts
+            handledMap = M.fromList (concatMap getHandledStrings list)
+            requestedMap = M.fromList $ map (\x -> (Just x, ())) opts
 
-            notHandled = Map.difference requestedMap handledMap
-            notRequested = Map.difference handledMap requestedMap
+            notHandled = M.difference requestedMap handledMap
+            notRequested = M.difference handledMap requestedMap
 
     warnUnhandled optId caseId str =
         warn caseId 2213 $ "getopts specified -" ++ (e4m str) ++ ", but it's not handled by this 'case'."
@@ -1372,10 +1372,10 @@ checkUnquotedEchoSpaces = CommandCheck (Basename "echo") check
         m <- asks tokenPositions
         redir <- getClosestCommandM t
         sequence_ $ do
-            let positions = mapMaybe (\c -> Map.lookup (getId c) m) args
+            let positions = mapMaybe (\c -> M.lookup (getId c) m) args
             let pairs = zip positions (drop 1 positions)
             (T_Redirecting _ redirTokens _) <- redir
-            let redirPositions = mapMaybe (\c -> fst <$> Map.lookup (getId c) m) redirTokens
+            let redirPositions = mapMaybe (\c -> fst <$> M.lookup (getId c) m) redirTokens
             guard $ any (hasSpacesBetween redirPositions) pairs
             return $ info (getId t) 2291 "Quote repeated spaces to avoid them collapsing into one."
 

From 9caeec104b5b70054c1b4238d4dfde4c641ea12e Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Fri, 22 Jul 2022 11:25:07 -0700
Subject: [PATCH 030/244] SC2318: Warn about backreferencing in `declare x=1
 y=$x` (fixes #1653)

---
 CHANGELOG.md                      |  1 +
 src/ShellCheck/Checks/Commands.hs | 53 +++++++++++++++++++++++++++++++
 2 files changed, 54 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7da6077..dce3e27 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,7 @@
 ### Added
 - SC2316: Warn about 'local readonly foo' and similar (thanks, patrickxia!)
 - SC2317: Warn about unreachable commands
+- SC2318: Warn about backreferences in 'declare x=1 y=$x'
 
 ### Fixed
 - SC2086: Now uses DFA to make more accurate predictions about values
diff --git a/src/ShellCheck/Checks/Commands.hs b/src/ShellCheck/Checks/Commands.hs
index 081ec5f..acbf967 100644
--- a/src/ShellCheck/Checks/Commands.hs
+++ b/src/ShellCheck/Checks/Commands.hs
@@ -27,6 +27,8 @@ module ShellCheck.Checks.Commands (checker, optionalChecks, ShellCheck.Checks.Co
 import ShellCheck.AST
 import ShellCheck.ASTLib
 import ShellCheck.AnalyzerLib
+import ShellCheck.CFG
+import qualified ShellCheck.CFGAnalysis as CF
 import ShellCheck.Data
 import ShellCheck.Interface
 import ShellCheck.Parser
@@ -37,12 +39,16 @@ import Control.Monad
 import Control.Monad.RWS
 import Data.Char
 import Data.Functor.Identity
+import qualified Data.Graph.Inductive.Graph as G
 import Data.List
 import Data.Maybe
 import qualified Data.Map.Strict as M
+import qualified Data.Set as S
 import Test.QuickCheck.All (forAllProperties)
 import Test.QuickCheck.Test (quickCheckWithResult, stdArgs, maxSuccess)
 
+import Debug.Trace -- STRIP
+
 data CommandName = Exactly String | Basename String
     deriving (Eq, Ord)
 
@@ -102,6 +108,7 @@ commandChecks = [
     ++ map checkArgComparison ("alias" : declaringCommands)
     ++ map checkMaskedReturns declaringCommands
     ++ map checkMultipleDeclaring declaringCommands
+    ++ map checkBackreferencingDeclaration declaringCommands
 
 
 optionalChecks = map fst optionalCommandChecks
@@ -1405,5 +1412,51 @@ checkEvalArray = CommandCheck (Exactly "eval") (mapM_ check . concatMap getWordP
             _ -> False
 
 
+prop_checkBackreferencingDeclaration1 = verify (checkBackreferencingDeclaration "declare") "declare x=1 y=foo$x"
+prop_checkBackreferencingDeclaration2 = verify (checkBackreferencingDeclaration "readonly") "readonly x=1 y=$((1+x))"
+prop_checkBackreferencingDeclaration3 = verify (checkBackreferencingDeclaration "local") "local x=1 y=$(echo $x)"
+prop_checkBackreferencingDeclaration4 = verify (checkBackreferencingDeclaration "local") "local x=1 y[$x]=z"
+prop_checkBackreferencingDeclaration5 = verify (checkBackreferencingDeclaration "declare") "declare x=var $x=1"
+prop_checkBackreferencingDeclaration6 = verify (checkBackreferencingDeclaration "declare") "declare x=var $x=1"
+prop_checkBackreferencingDeclaration7 = verify (checkBackreferencingDeclaration "declare") "declare x=var $k=$x"
+checkBackreferencingDeclaration cmd = CommandCheck (Exactly cmd) check
+  where
+    check t = foldM_ perArg M.empty $ arguments t
+
+    perArg leftArgs t =
+        case t of
+            T_Assignment id _ name idx t -> do
+                warnIfBackreferencing leftArgs $ t:idx
+                return $ M.insert name id leftArgs
+            t -> do
+                warnIfBackreferencing leftArgs [t]
+                return leftArgs
+
+    warnIfBackreferencing backrefs l = do
+        references <- findReferences l
+        let reused = M.intersection backrefs references
+        mapM msg $ M.toList reused
+
+    msg (name, id) = warn id 2318 $ "This assignment is used again in this '" ++ cmd ++ "', but won't have taken effect. Use two '" ++ cmd ++ "'s."
+
+    findReferences list = do
+        cfga <- asks cfgAnalysis
+        let graph = CF.graph cfga
+        let nodesMap = CF.tokenToNodes cfga
+        let nodes = S.unions $ map (\id -> M.findWithDefault S.empty id nodesMap) $ map getId $ list
+        let labels = mapMaybe (G.lab graph) $ S.toList nodes
+        let references = M.fromList $ concatMap refFromLabel labels
+        return references
+
+    refFromLabel lab =
+        case lab of
+            CFApplyEffects effects -> mapMaybe refFromEffect effects
+            _ -> []
+    refFromEffect e =
+        case e of
+            IdTagged id (CFReadVariable name) -> return (name, id)
+            _ -> Nothing
+
+
 return []
 runTests =  $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |])

From e47480e93af07a7e72ee0eb8c0d7d57c92ec35e4 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Fri, 22 Jul 2022 16:28:24 -0700
Subject: [PATCH 031/244] Also emit SC2004 for array indices (fixes #1666)

---
 src/ShellCheck/Analytics.hs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index ca918ba..8b8d489 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -1460,7 +1460,8 @@ prop_checkArithmeticDeref7 = verifyNot checkArithmeticDeref "(( 10#$n ))"
 prop_checkArithmeticDeref8 = verifyNot checkArithmeticDeref "let i=$i+1"
 prop_checkArithmeticDeref9 = verifyNot checkArithmeticDeref "(( a[foo] ))"
 prop_checkArithmeticDeref10= verifyNot checkArithmeticDeref "(( a[\\$foo] ))"
-prop_checkArithmeticDeref11= verifyNot checkArithmeticDeref "a[$foo]=wee"
+prop_checkArithmeticDeref11= verify checkArithmeticDeref "a[$foo]=wee"
+prop_checkArithmeticDeref11b= verifyNot checkArithmeticDeref "declare -A a; a[$foo]=wee"
 prop_checkArithmeticDeref12= verify checkArithmeticDeref "for ((i=0; $i < 3; i)); do true; done"
 prop_checkArithmeticDeref13= verifyNot checkArithmeticDeref "(( $$ ))"
 prop_checkArithmeticDeref14= verifyNot checkArithmeticDeref "(( $! ))"
@@ -1477,6 +1478,7 @@ checkArithmeticDeref params t@(TA_Expansion _ [T_DollarBraced id _ l]) =
             T_Arithmetic {} -> return normalWarning
             T_DollarArithmetic {} -> return normalWarning
             T_ForArithmetic {} -> return normalWarning
+            T_Assignment {} -> return normalWarning
             T_SimpleCommand {} -> return noWarning
             _ -> Nothing
 

From 2f28847b0897a8f91c6f227ed098470eea383dd4 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Fri, 22 Jul 2022 16:35:14 -0700
Subject: [PATCH 032/244] Normalize spaces around = in unit tests

---
 src/ShellCheck/ASTLib.hs              |  10 +-
 src/ShellCheck/Analytics.hs           | 392 +++++++++++++-------------
 src/ShellCheck/Checks/Commands.hs     |  76 ++---
 src/ShellCheck/Checks/ShellSupport.hs | 106 +++----
 src/ShellCheck/Parser.hs              |  90 +++---
 5 files changed, 337 insertions(+), 337 deletions(-)

diff --git a/src/ShellCheck/ASTLib.hs b/src/ShellCheck/ASTLib.hs
index 7cc5af2..7b4f9e5 100644
--- a/src/ShellCheck/ASTLib.hs
+++ b/src/ShellCheck/ASTLib.hs
@@ -810,11 +810,11 @@ prop_getBracedReference6 = getBracedReference "!#" == "#"
 prop_getBracedReference7 = getBracedReference "!foo#?" == "foo"
 prop_getBracedReference8 = getBracedReference "foo-bar" == "foo"
 prop_getBracedReference9 = getBracedReference "foo:-bar" == "foo"
-prop_getBracedReference10= getBracedReference "foo: -1" == "foo"
-prop_getBracedReference11= getBracedReference "!os*" == ""
-prop_getBracedReference11b= getBracedReference "!os@" == ""
-prop_getBracedReference12= getBracedReference "!os?bar**" == ""
-prop_getBracedReference13= getBracedReference "foo[bar]" == "foo"
+prop_getBracedReference10 = getBracedReference "foo: -1" == "foo"
+prop_getBracedReference11 = getBracedReference "!os*" == ""
+prop_getBracedReference11b = getBracedReference "!os@" == ""
+prop_getBracedReference12 = getBracedReference "!os?bar**" == ""
+prop_getBracedReference13 = getBracedReference "foo[bar]" == "foo"
 getBracedReference s = fromMaybe s $
     nameExpansion s `mplus` takeName noPrefix `mplus` getSpecial noPrefix `mplus` getSpecial s
   where
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 8b8d489..1429e1b 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -638,15 +638,15 @@ prop_checkShebang6 = verifyNotTree checkShebang "#!/usr/bin/env ash\n# shellchec
 prop_checkShebang7 = verifyNotTree checkShebang "#!/usr/bin/env ash\n# shellcheck shell=sh\n"
 prop_checkShebang8 = verifyTree checkShebang "#!bin/sh\ntrue"
 prop_checkShebang9 = verifyNotTree checkShebang "# shellcheck shell=sh\ntrue"
-prop_checkShebang10= verifyNotTree checkShebang "#!foo\n# shellcheck shell=sh ignore=SC2239\ntrue"
-prop_checkShebang11= verifyTree checkShebang "#!/bin/sh/\ntrue"
-prop_checkShebang12= verifyTree checkShebang "#!/bin/sh/ -xe\ntrue"
-prop_checkShebang13= verifyTree checkShebang "#!/bin/busybox sh"
-prop_checkShebang14= verifyNotTree checkShebang "#!/bin/busybox sh\n# shellcheck shell=sh\n"
-prop_checkShebang15= verifyNotTree checkShebang "#!/bin/busybox sh\n# shellcheck shell=dash\n"
-prop_checkShebang16= verifyTree checkShebang "#!/bin/busybox ash"
-prop_checkShebang17= verifyNotTree checkShebang "#!/bin/busybox ash\n# shellcheck shell=dash\n"
-prop_checkShebang18= verifyNotTree checkShebang "#!/bin/busybox ash\n# shellcheck shell=sh\n"
+prop_checkShebang10 = verifyNotTree checkShebang "#!foo\n# shellcheck shell=sh ignore=SC2239\ntrue"
+prop_checkShebang11 = verifyTree checkShebang "#!/bin/sh/\ntrue"
+prop_checkShebang12 = verifyTree checkShebang "#!/bin/sh/ -xe\ntrue"
+prop_checkShebang13 = verifyTree checkShebang "#!/bin/busybox sh"
+prop_checkShebang14 = verifyNotTree checkShebang "#!/bin/busybox sh\n# shellcheck shell=sh\n"
+prop_checkShebang15 = verifyNotTree checkShebang "#!/bin/busybox sh\n# shellcheck shell=dash\n"
+prop_checkShebang16 = verifyTree checkShebang "#!/bin/busybox ash"
+prop_checkShebang17 = verifyNotTree checkShebang "#!/bin/busybox ash\n# shellcheck shell=dash\n"
+prop_checkShebang18 = verifyNotTree checkShebang "#!/bin/busybox ash\n# shellcheck shell=sh\n"
 checkShebang params (T_Annotation _ list t) =
     if any isOverride list then [] else checkShebang params t
   where
@@ -700,9 +700,9 @@ checkForInQuoted params (T_ForIn _ _ multiple _) =
 checkForInQuoted _ _ = return ()
 
 prop_checkForInCat1 = verify checkForInCat "for f in $(cat foo); do stuff; done"
-prop_checkForInCat1a= verify checkForInCat "for f in `cat foo`; do stuff; done"
+prop_checkForInCat1a = verify checkForInCat "for f in `cat foo`; do stuff; done"
 prop_checkForInCat2 = verify checkForInCat "for f in $(cat foo | grep lol); do stuff; done"
-prop_checkForInCat2a= verify checkForInCat "for f in `cat foo | grep lol`; do stuff; done"
+prop_checkForInCat2a = verify checkForInCat "for f in `cat foo | grep lol`; do stuff; done"
 prop_checkForInCat3 = verifyNot checkForInCat "for f in $(cat foo | grep bar | wc -l); do stuff; done"
 checkForInCat _ (T_ForIn _ f [T_NormalWord _ w] _) = mapM_ checkF w
   where
@@ -775,10 +775,10 @@ checkFindExec _ _ = return ()
 
 
 prop_checkUnquotedExpansions1 = verify checkUnquotedExpansions "rm $(ls)"
-prop_checkUnquotedExpansions1a= verify checkUnquotedExpansions "rm `ls`"
+prop_checkUnquotedExpansions1a = verify checkUnquotedExpansions "rm `ls`"
 prop_checkUnquotedExpansions2 = verify checkUnquotedExpansions "rm foo$(date)"
 prop_checkUnquotedExpansions3 = verify checkUnquotedExpansions "[ $(foo) == cow ]"
-prop_checkUnquotedExpansions3a= verify checkUnquotedExpansions "[ ! $(foo) ]"
+prop_checkUnquotedExpansions3a = verify checkUnquotedExpansions "[ ! $(foo) ]"
 prop_checkUnquotedExpansions4 = verifyNot checkUnquotedExpansions "[[ $(foo) == cow ]]"
 prop_checkUnquotedExpansions5 = verifyNot checkUnquotedExpansions "for f in $(cmd); do echo $f; done"
 prop_checkUnquotedExpansions6 = verifyNot checkUnquotedExpansions "$(cmd)"
@@ -906,7 +906,7 @@ checkDollarStar _ _ = return ()
 
 
 prop_checkUnquotedDollarAt = verify checkUnquotedDollarAt "ls $@"
-prop_checkUnquotedDollarAt1= verifyNot checkUnquotedDollarAt "ls ${#@}"
+prop_checkUnquotedDollarAt1 = verifyNot checkUnquotedDollarAt "ls ${#@}"
 prop_checkUnquotedDollarAt2 = verify checkUnquotedDollarAt "ls ${foo[@]}"
 prop_checkUnquotedDollarAt3 = verifyNot checkUnquotedDollarAt "ls ${#foo[@]}"
 prop_checkUnquotedDollarAt4 = verifyNot checkUnquotedDollarAt "ls \"$@\""
@@ -1037,32 +1037,32 @@ ltt t = trace ("Tracing " ++ show t)  -- STRIP
 prop_checkSingleQuotedVariables  = verify checkSingleQuotedVariables "echo '$foo'"
 prop_checkSingleQuotedVariables2 = verify checkSingleQuotedVariables "echo 'lol$1.jpg'"
 prop_checkSingleQuotedVariables3 = verifyNot checkSingleQuotedVariables "sed 's/foo$/bar/'"
-prop_checkSingleQuotedVariables3a= verify checkSingleQuotedVariables "sed 's/${foo}/bar/'"
-prop_checkSingleQuotedVariables3b= verify checkSingleQuotedVariables "sed 's/$(echo cow)/bar/'"
-prop_checkSingleQuotedVariables3c= verify checkSingleQuotedVariables "sed 's/$((1+foo))/bar/'"
+prop_checkSingleQuotedVariables3a = verify checkSingleQuotedVariables "sed 's/${foo}/bar/'"
+prop_checkSingleQuotedVariables3b = verify checkSingleQuotedVariables "sed 's/$(echo cow)/bar/'"
+prop_checkSingleQuotedVariables3c = verify checkSingleQuotedVariables "sed 's/$((1+foo))/bar/'"
 prop_checkSingleQuotedVariables4 = verifyNot checkSingleQuotedVariables "awk '{print $1}'"
 prop_checkSingleQuotedVariables5 = verifyNot checkSingleQuotedVariables "trap 'echo $SECONDS' EXIT"
 prop_checkSingleQuotedVariables6 = verifyNot checkSingleQuotedVariables "sed -n '$p'"
-prop_checkSingleQuotedVariables6a= verify checkSingleQuotedVariables "sed -n '$pattern'"
+prop_checkSingleQuotedVariables6a = verify checkSingleQuotedVariables "sed -n '$pattern'"
 prop_checkSingleQuotedVariables7 = verifyNot checkSingleQuotedVariables "PS1='$PWD \\$ '"
 prop_checkSingleQuotedVariables8 = verify checkSingleQuotedVariables "find . -exec echo '$1' {} +"
 prop_checkSingleQuotedVariables9 = verifyNot checkSingleQuotedVariables "find . -exec awk '{print $1}' {} \\;"
-prop_checkSingleQuotedVariables10= verify checkSingleQuotedVariables "echo '`pwd`'"
-prop_checkSingleQuotedVariables11= verifyNot checkSingleQuotedVariables "sed '${/lol/d}'"
-prop_checkSingleQuotedVariables12= verifyNot checkSingleQuotedVariables "eval 'echo $1'"
-prop_checkSingleQuotedVariables13= verifyNot checkSingleQuotedVariables "busybox awk '{print $1}'"
-prop_checkSingleQuotedVariables14= verifyNot checkSingleQuotedVariables "[ -v 'bar[$foo]' ]"
-prop_checkSingleQuotedVariables15= verifyNot checkSingleQuotedVariables "git filter-branch 'test $GIT_COMMIT'"
-prop_checkSingleQuotedVariables16= verify checkSingleQuotedVariables "git '$a'"
-prop_checkSingleQuotedVariables17= verifyNot checkSingleQuotedVariables "rename 's/(.)a/$1/g' *"
-prop_checkSingleQuotedVariables18= verifyNot checkSingleQuotedVariables "echo '``'"
-prop_checkSingleQuotedVariables19= verifyNot checkSingleQuotedVariables "echo '```'"
-prop_checkSingleQuotedVariables20= verifyNot checkSingleQuotedVariables "mumps -run %XCMD 'W $O(^GLOBAL(5))'"
-prop_checkSingleQuotedVariables21= verifyNot checkSingleQuotedVariables "mumps -run LOOP%XCMD --xec 'W $O(^GLOBAL(6))'"
-prop_checkSingleQuotedVariables22= verifyNot checkSingleQuotedVariables "jq '$__loc__'"
-prop_checkSingleQuotedVariables23= verifyNot checkSingleQuotedVariables "command jq '$__loc__'"
-prop_checkSingleQuotedVariables24= verifyNot checkSingleQuotedVariables "exec jq '$__loc__'"
-prop_checkSingleQuotedVariables25= verifyNot checkSingleQuotedVariables "exec -c -a foo jq '$__loc__'"
+prop_checkSingleQuotedVariables10 = verify checkSingleQuotedVariables "echo '`pwd`'"
+prop_checkSingleQuotedVariables11 = verifyNot checkSingleQuotedVariables "sed '${/lol/d}'"
+prop_checkSingleQuotedVariables12 = verifyNot checkSingleQuotedVariables "eval 'echo $1'"
+prop_checkSingleQuotedVariables13 = verifyNot checkSingleQuotedVariables "busybox awk '{print $1}'"
+prop_checkSingleQuotedVariables14 = verifyNot checkSingleQuotedVariables "[ -v 'bar[$foo]' ]"
+prop_checkSingleQuotedVariables15 = verifyNot checkSingleQuotedVariables "git filter-branch 'test $GIT_COMMIT'"
+prop_checkSingleQuotedVariables16 = verify checkSingleQuotedVariables "git '$a'"
+prop_checkSingleQuotedVariables17 = verifyNot checkSingleQuotedVariables "rename 's/(.)a/$1/g' *"
+prop_checkSingleQuotedVariables18 = verifyNot checkSingleQuotedVariables "echo '``'"
+prop_checkSingleQuotedVariables19 = verifyNot checkSingleQuotedVariables "echo '```'"
+prop_checkSingleQuotedVariables20 = verifyNot checkSingleQuotedVariables "mumps -run %XCMD 'W $O(^GLOBAL(5))'"
+prop_checkSingleQuotedVariables21 = verifyNot checkSingleQuotedVariables "mumps -run LOOP%XCMD --xec 'W $O(^GLOBAL(6))'"
+prop_checkSingleQuotedVariables22 = verifyNot checkSingleQuotedVariables "jq '$__loc__'"
+prop_checkSingleQuotedVariables23 = verifyNot checkSingleQuotedVariables "command jq '$__loc__'"
+prop_checkSingleQuotedVariables24 = verifyNot checkSingleQuotedVariables "exec jq '$__loc__'"
+prop_checkSingleQuotedVariables25 = verifyNot checkSingleQuotedVariables "exec -c -a foo jq '$__loc__'"
 
 
 checkSingleQuotedVariables params t@(T_SingleQuoted id s) =
@@ -1353,8 +1353,8 @@ checkGlobbedRegex _ _ = return ()
 
 
 prop_checkConstantIfs1 = verify checkConstantIfs "[[ foo != bar ]]"
-prop_checkConstantIfs2a= verify checkConstantIfs "[ n -le 4 ]"
-prop_checkConstantIfs2b= verifyNot checkConstantIfs "[[ n -le 4 ]]"
+prop_checkConstantIfs2a = verify checkConstantIfs "[ n -le 4 ]"
+prop_checkConstantIfs2b = verifyNot checkConstantIfs "[[ n -le 4 ]]"
 prop_checkConstantIfs3 = verify checkConstantIfs "[[ $n -le 4 && n != 2 ]]"
 prop_checkConstantIfs4 = verifyNot checkConstantIfs "[[ $n -le 3 ]]"
 prop_checkConstantIfs5 = verifyNot checkConstantIfs "[[ $n -le $n ]]"
@@ -1459,14 +1459,14 @@ prop_checkArithmeticDeref6 = verify checkArithmeticDeref "(( a[$i] ))"
 prop_checkArithmeticDeref7 = verifyNot checkArithmeticDeref "(( 10#$n ))"
 prop_checkArithmeticDeref8 = verifyNot checkArithmeticDeref "let i=$i+1"
 prop_checkArithmeticDeref9 = verifyNot checkArithmeticDeref "(( a[foo] ))"
-prop_checkArithmeticDeref10= verifyNot checkArithmeticDeref "(( a[\\$foo] ))"
-prop_checkArithmeticDeref11= verify checkArithmeticDeref "a[$foo]=wee"
-prop_checkArithmeticDeref11b= verifyNot checkArithmeticDeref "declare -A a; a[$foo]=wee"
-prop_checkArithmeticDeref12= verify checkArithmeticDeref "for ((i=0; $i < 3; i)); do true; done"
-prop_checkArithmeticDeref13= verifyNot checkArithmeticDeref "(( $$ ))"
-prop_checkArithmeticDeref14= verifyNot checkArithmeticDeref "(( $! ))"
-prop_checkArithmeticDeref15= verifyNot checkArithmeticDeref "(( ${!var} ))"
-prop_checkArithmeticDeref16= verifyNot checkArithmeticDeref "(( ${x+1} + ${x=42} ))"
+prop_checkArithmeticDeref10 = verifyNot checkArithmeticDeref "(( a[\\$foo] ))"
+prop_checkArithmeticDeref11 = verify checkArithmeticDeref "a[$foo]=wee"
+prop_checkArithmeticDeref11b = verifyNot checkArithmeticDeref "declare -A a; a[$foo]=wee"
+prop_checkArithmeticDeref12 = verify checkArithmeticDeref "for ((i=0; $i < 3; i)); do true; done"
+prop_checkArithmeticDeref13 = verifyNot checkArithmeticDeref "(( $$ ))"
+prop_checkArithmeticDeref14 = verifyNot checkArithmeticDeref "(( $! ))"
+prop_checkArithmeticDeref15 = verifyNot checkArithmeticDeref "(( ${!var} ))"
+prop_checkArithmeticDeref16 = verifyNot checkArithmeticDeref "(( ${x+1} + ${x=42} ))"
 checkArithmeticDeref params t@(TA_Expansion _ [T_DollarBraced id _ l]) =
     unless (isException $ concat $ oversimplify l) getWarning
   where
@@ -1602,7 +1602,7 @@ checkOrNeq _ _ = return ()
 
 prop_checkValidCondOps1 = verify checkValidCondOps "[[ a -xz b ]]"
 prop_checkValidCondOps2 = verify checkValidCondOps "[ -M a ]"
-prop_checkValidCondOps2a= verifyNot checkValidCondOps "[ 3 \\> 2 ]"
+prop_checkValidCondOps2a = verifyNot checkValidCondOps "[ 3 \\> 2 ]"
 prop_checkValidCondOps3 = verifyNot checkValidCondOps "[ 1 = 2 -a 3 -ge 4 ]"
 prop_checkValidCondOps4 = verifyNot checkValidCondOps "[[ ! -v foo ]]"
 checkValidCondOps _ (TC_Binary id _ s _ _)
@@ -1670,11 +1670,11 @@ checkTestRedirects _ (T_Redirecting id redirs cmd) | cmd `isCommand` "test" =
 checkTestRedirects _ _ = return ()
 
 prop_checkPS11 = verify checkPS1Assignments "PS1='\\033[1;35m\\$ '"
-prop_checkPS11a= verify checkPS1Assignments "export PS1='\\033[1;35m\\$ '"
+prop_checkPS11a = verify checkPS1Assignments "export PS1='\\033[1;35m\\$ '"
 prop_checkPSf2 = verify checkPS1Assignments "PS1='\\h \\e[0m\\$ '"
 prop_checkPS13 = verify checkPS1Assignments "PS1=$'\\x1b[c '"
 prop_checkPS14 = verify checkPS1Assignments "PS1=$'\\e[3m; '"
-prop_checkPS14a= verify checkPS1Assignments "export PS1=$'\\e[3m; '"
+prop_checkPS14a = verify checkPS1Assignments "export PS1=$'\\e[3m; '"
 prop_checkPS15 = verifyNot checkPS1Assignments "PS1='\\[\\033[1;35m\\]\\$ '"
 prop_checkPS16 = verifyNot checkPS1Assignments "PS1='\\[\\e1m\\e[1m\\]\\$ '"
 prop_checkPS17 = verifyNot checkPS1Assignments "PS1='e033x1B'"
@@ -1943,7 +1943,7 @@ prop_subshellAssignmentCheck3 = verifyTree    subshellAssignmentCheck "( A=foo;
 prop_subshellAssignmentCheck4 = verifyNotTree subshellAssignmentCheck "( A=foo; rm $A; )"
 prop_subshellAssignmentCheck5 = verifyTree    subshellAssignmentCheck "cat foo | while read cow; do true; done; echo $cow;"
 prop_subshellAssignmentCheck6 = verifyTree    subshellAssignmentCheck "( export lol=$(ls); ); echo $lol;"
-prop_subshellAssignmentCheck6a= verifyTree    subshellAssignmentCheck "( typeset -a lol=a; ); echo $lol;"
+prop_subshellAssignmentCheck6a = verifyTree    subshellAssignmentCheck "( typeset -a lol=a; ); echo $lol;"
 prop_subshellAssignmentCheck7 = verifyTree    subshellAssignmentCheck "cmd | while read foo; do (( n++ )); done; echo \"$n lines\""
 prop_subshellAssignmentCheck8 = verifyTree    subshellAssignmentCheck "n=3 & echo $((n++))"
 prop_subshellAssignmentCheck9 = verifyTree    subshellAssignmentCheck "read n & n=foo$n"
@@ -2027,67 +2027,67 @@ prop_checkSpacefulnessCfg1 = verify checkSpacefulnessCfg "a='cow moo'; echo $a"
 prop_checkSpacefulnessCfg2 = verifyNot checkSpacefulnessCfg "a='cow moo'; [[ $a ]]"
 prop_checkSpacefulnessCfg3 = verifyNot checkSpacefulnessCfg "a='cow*.mp3'; echo \"$a\""
 prop_checkSpacefulnessCfg4 = verify checkSpacefulnessCfg "for f in *.mp3; do echo $f; done"
-prop_checkSpacefulnessCfg4a= verifyNot checkSpacefulnessCfg "foo=3; foo=$(echo $foo)"
+prop_checkSpacefulnessCfg4a = verifyNot checkSpacefulnessCfg "foo=3; foo=$(echo $foo)"
 prop_checkSpacefulnessCfg5 = verify checkSpacefulnessCfg "a='*'; b=$a; c=lol${b//foo/bar}; echo $c"
 prop_checkSpacefulnessCfg6 = verify checkSpacefulnessCfg "a=foo$(lol); echo $a"
 prop_checkSpacefulnessCfg7 = verify checkSpacefulnessCfg "a=foo\\ bar; rm $a"
 prop_checkSpacefulnessCfg8 = verifyNot checkSpacefulnessCfg "a=foo\\ bar; a=foo; rm $a"
-prop_checkSpacefulnessCfg10= verify checkSpacefulnessCfg "rm $1"
-prop_checkSpacefulnessCfg11= verify checkSpacefulnessCfg "rm ${10//foo/bar}"
-prop_checkSpacefulnessCfg12= verifyNot checkSpacefulnessCfg "(( $1 + 3 ))"
-prop_checkSpacefulnessCfg13= verifyNot checkSpacefulnessCfg "if [[ $2 -gt 14 ]]; then true; fi"
-prop_checkSpacefulnessCfg14= verifyNot checkSpacefulnessCfg "foo=$3 env"
-prop_checkSpacefulnessCfg15= verifyNot checkSpacefulnessCfg "local foo=$1"
-prop_checkSpacefulnessCfg16= verifyNot checkSpacefulnessCfg "declare foo=$1"
-prop_checkSpacefulnessCfg17= verify checkSpacefulnessCfg "echo foo=$1"
-prop_checkSpacefulnessCfg18= verifyNot checkSpacefulnessCfg "$1 --flags"
-prop_checkSpacefulnessCfg19= verify checkSpacefulnessCfg "echo $PWD"
-prop_checkSpacefulnessCfg20= verifyNot checkSpacefulnessCfg "n+='foo bar'"
-prop_checkSpacefulnessCfg21= verifyNot checkSpacefulnessCfg "select foo in $bar; do true; done"
-prop_checkSpacefulnessCfg22= verifyNot checkSpacefulnessCfg "echo $\"$1\""
-prop_checkSpacefulnessCfg23= verifyNot checkSpacefulnessCfg "a=(1); echo ${a[@]}"
-prop_checkSpacefulnessCfg24= verify checkSpacefulnessCfg "a='a    b'; cat <<< $a"
-prop_checkSpacefulnessCfg25= verify checkSpacefulnessCfg "a='s/[0-9]//g'; sed $a"
-prop_checkSpacefulnessCfg26= verify checkSpacefulnessCfg "a='foo bar'; echo {1,2,$a}"
-prop_checkSpacefulnessCfg27= verifyNot checkSpacefulnessCfg "echo ${a:+'foo'}"
-prop_checkSpacefulnessCfg28= verifyNot checkSpacefulnessCfg "exec {n}>&1; echo $n"
-prop_checkSpacefulnessCfg29= verifyNot checkSpacefulnessCfg "n=$(stuff); exec {n}>&-;"
-prop_checkSpacefulnessCfg30= verify checkSpacefulnessCfg "file='foo bar'; echo foo > $file;"
-prop_checkSpacefulnessCfg31= verifyNot checkSpacefulnessCfg "echo \"`echo \\\"$1\\\"`\""
-prop_checkSpacefulnessCfg32= verifyNot checkSpacefulnessCfg "var=$1; [ -v var ]"
-prop_checkSpacefulnessCfg33= verify checkSpacefulnessCfg "for file; do echo $file; done"
-prop_checkSpacefulnessCfg34= verify checkSpacefulnessCfg "declare foo$n=$1"
-prop_checkSpacefulnessCfg35= verifyNot checkSpacefulnessCfg "echo ${1+\"$1\"}"
-prop_checkSpacefulnessCfg36= verifyNot checkSpacefulnessCfg "arg=$#; echo $arg"
-prop_checkSpacefulnessCfg37= verifyNot checkSpacefulnessCfg "@test 'status' {\n [ $status -eq 0 ]\n}"
+prop_checkSpacefulnessCfg10 = verify checkSpacefulnessCfg "rm $1"
+prop_checkSpacefulnessCfg11 = verify checkSpacefulnessCfg "rm ${10//foo/bar}"
+prop_checkSpacefulnessCfg12 = verifyNot checkSpacefulnessCfg "(( $1 + 3 ))"
+prop_checkSpacefulnessCfg13 = verifyNot checkSpacefulnessCfg "if [[ $2 -gt 14 ]]; then true; fi"
+prop_checkSpacefulnessCfg14 = verifyNot checkSpacefulnessCfg "foo=$3 env"
+prop_checkSpacefulnessCfg15 = verifyNot checkSpacefulnessCfg "local foo=$1"
+prop_checkSpacefulnessCfg16 = verifyNot checkSpacefulnessCfg "declare foo=$1"
+prop_checkSpacefulnessCfg17 = verify checkSpacefulnessCfg "echo foo=$1"
+prop_checkSpacefulnessCfg18 = verifyNot checkSpacefulnessCfg "$1 --flags"
+prop_checkSpacefulnessCfg19 = verify checkSpacefulnessCfg "echo $PWD"
+prop_checkSpacefulnessCfg20 = verifyNot checkSpacefulnessCfg "n+='foo bar'"
+prop_checkSpacefulnessCfg21 = verifyNot checkSpacefulnessCfg "select foo in $bar; do true; done"
+prop_checkSpacefulnessCfg22 = verifyNot checkSpacefulnessCfg "echo $\"$1\""
+prop_checkSpacefulnessCfg23 = verifyNot checkSpacefulnessCfg "a=(1); echo ${a[@]}"
+prop_checkSpacefulnessCfg24 = verify checkSpacefulnessCfg "a='a    b'; cat <<< $a"
+prop_checkSpacefulnessCfg25 = verify checkSpacefulnessCfg "a='s/[0-9]//g'; sed $a"
+prop_checkSpacefulnessCfg26 = verify checkSpacefulnessCfg "a='foo bar'; echo {1,2,$a}"
+prop_checkSpacefulnessCfg27 = verifyNot checkSpacefulnessCfg "echo ${a:+'foo'}"
+prop_checkSpacefulnessCfg28 = verifyNot checkSpacefulnessCfg "exec {n}>&1; echo $n"
+prop_checkSpacefulnessCfg29 = verifyNot checkSpacefulnessCfg "n=$(stuff); exec {n}>&-;"
+prop_checkSpacefulnessCfg30 = verify checkSpacefulnessCfg "file='foo bar'; echo foo > $file;"
+prop_checkSpacefulnessCfg31 = verifyNot checkSpacefulnessCfg "echo \"`echo \\\"$1\\\"`\""
+prop_checkSpacefulnessCfg32 = verifyNot checkSpacefulnessCfg "var=$1; [ -v var ]"
+prop_checkSpacefulnessCfg33 = verify checkSpacefulnessCfg "for file; do echo $file; done"
+prop_checkSpacefulnessCfg34 = verify checkSpacefulnessCfg "declare foo$n=$1"
+prop_checkSpacefulnessCfg35 = verifyNot checkSpacefulnessCfg "echo ${1+\"$1\"}"
+prop_checkSpacefulnessCfg36 = verifyNot checkSpacefulnessCfg "arg=$#; echo $arg"
+prop_checkSpacefulnessCfg37 = verifyNot checkSpacefulnessCfg "@test 'status' {\n [ $status -eq 0 ]\n}"
 prop_checkSpacefulnessCfg37v = verify checkVerboseSpacefulnessCfg "@test 'status' {\n [ $status -eq 0 ]\n}"
-prop_checkSpacefulnessCfg38= verify checkSpacefulnessCfg "a=; echo $a"
-prop_checkSpacefulnessCfg39= verifyNot checkSpacefulnessCfg "a=''\"\"''; b=x$a; echo $b"
-prop_checkSpacefulnessCfg40= verifyNot checkSpacefulnessCfg "a=$((x+1)); echo $a"
-prop_checkSpacefulnessCfg41= verifyNot checkSpacefulnessCfg "exec $1 --flags"
-prop_checkSpacefulnessCfg42= verifyNot checkSpacefulnessCfg "run $1 --flags"
-prop_checkSpacefulnessCfg43= verifyNot checkSpacefulnessCfg "$foo=42"
-prop_checkSpacefulnessCfg44= verify checkSpacefulnessCfg "#!/bin/sh\nexport var=$value"
-prop_checkSpacefulnessCfg45= verifyNot checkSpacefulnessCfg "wait -zzx -p foo; echo $foo"
-prop_checkSpacefulnessCfg46= verifyNot checkSpacefulnessCfg "x=0; (( x += 1 )); echo $x"
-prop_checkSpacefulnessCfg47= verifyNot checkSpacefulnessCfg "x=0; (( x-- )); echo $x"
-prop_checkSpacefulnessCfg48= verifyNot checkSpacefulnessCfg "x=0; (( ++x )); echo $x"
-prop_checkSpacefulnessCfg49= verifyNot checkSpacefulnessCfg "for i in 1 2 3; do echo $i; done"
-prop_checkSpacefulnessCfg50= verify checkSpacefulnessCfg "for i in 1 2 *; do echo $i; done"
-prop_checkSpacefulnessCfg51= verify checkSpacefulnessCfg "x='foo bar'; x && x=1; echo $x"
-prop_checkSpacefulnessCfg52= verifyNot checkSpacefulnessCfg "x=1; if f; then x='foo bar'; exit; fi; echo $x"
-prop_checkSpacefulnessCfg53= verifyNot checkSpacefulnessCfg "s=1; f() { local s='a b'; }; f; echo $s"
-prop_checkSpacefulnessCfg54= verifyNot checkSpacefulnessCfg "s='a b'; f() { s=1; }; f; echo $s"
-prop_checkSpacefulnessCfg55= verify checkSpacefulnessCfg "s='a b'; x && f() { s=1; }; f; echo $s"
-prop_checkSpacefulnessCfg56= verifyNot checkSpacefulnessCfg "s=1; cat <(s='a b'); echo $s"
-prop_checkSpacefulnessCfg57= verifyNot checkSpacefulnessCfg "declare -i s=0; s=$(f); echo $s"
-prop_checkSpacefulnessCfg58= verify checkSpacefulnessCfg "f() { declare -i s; }; f; s=$(var); echo $s"
-prop_checkSpacefulnessCfg59= verifyNot checkSpacefulnessCfg "f() { declare -gi s; }; f; s=$(var); echo $s"
-prop_checkSpacefulnessCfg60= verify checkSpacefulnessCfg "declare -i s; declare +i s; s=$(foo); echo $s"
-prop_checkSpacefulnessCfg61= verify checkSpacefulnessCfg "declare -x X; y=foo$X; echo $y;"
-prop_checkSpacefulnessCfg62= verifyNot checkSpacefulnessCfg "f() { declare -x X; y=foo$X; echo $y; }"
-prop_checkSpacefulnessCfg63= verify checkSpacefulnessCfg "f && declare -i s; s='x + y'; echo $s"
-prop_checkSpacefulnessCfg64= verifyNot checkSpacefulnessCfg "declare -i s; s='x + y'; x=$s; echo $x"
+prop_checkSpacefulnessCfg38 = verify checkSpacefulnessCfg "a=; echo $a"
+prop_checkSpacefulnessCfg39 = verifyNot checkSpacefulnessCfg "a=''\"\"''; b=x$a; echo $b"
+prop_checkSpacefulnessCfg40 = verifyNot checkSpacefulnessCfg "a=$((x+1)); echo $a"
+prop_checkSpacefulnessCfg41 = verifyNot checkSpacefulnessCfg "exec $1 --flags"
+prop_checkSpacefulnessCfg42 = verifyNot checkSpacefulnessCfg "run $1 --flags"
+prop_checkSpacefulnessCfg43 = verifyNot checkSpacefulnessCfg "$foo=42"
+prop_checkSpacefulnessCfg44 = verify checkSpacefulnessCfg "#!/bin/sh\nexport var=$value"
+prop_checkSpacefulnessCfg45 = verifyNot checkSpacefulnessCfg "wait -zzx -p foo; echo $foo"
+prop_checkSpacefulnessCfg46 = verifyNot checkSpacefulnessCfg "x=0; (( x += 1 )); echo $x"
+prop_checkSpacefulnessCfg47 = verifyNot checkSpacefulnessCfg "x=0; (( x-- )); echo $x"
+prop_checkSpacefulnessCfg48 = verifyNot checkSpacefulnessCfg "x=0; (( ++x )); echo $x"
+prop_checkSpacefulnessCfg49 = verifyNot checkSpacefulnessCfg "for i in 1 2 3; do echo $i; done"
+prop_checkSpacefulnessCfg50 = verify checkSpacefulnessCfg "for i in 1 2 *; do echo $i; done"
+prop_checkSpacefulnessCfg51 = verify checkSpacefulnessCfg "x='foo bar'; x && x=1; echo $x"
+prop_checkSpacefulnessCfg52 = verifyNot checkSpacefulnessCfg "x=1; if f; then x='foo bar'; exit; fi; echo $x"
+prop_checkSpacefulnessCfg53 = verifyNot checkSpacefulnessCfg "s=1; f() { local s='a b'; }; f; echo $s"
+prop_checkSpacefulnessCfg54 = verifyNot checkSpacefulnessCfg "s='a b'; f() { s=1; }; f; echo $s"
+prop_checkSpacefulnessCfg55 = verify checkSpacefulnessCfg "s='a b'; x && f() { s=1; }; f; echo $s"
+prop_checkSpacefulnessCfg56 = verifyNot checkSpacefulnessCfg "s=1; cat <(s='a b'); echo $s"
+prop_checkSpacefulnessCfg57 = verifyNot checkSpacefulnessCfg "declare -i s=0; s=$(f); echo $s"
+prop_checkSpacefulnessCfg58 = verify checkSpacefulnessCfg "f() { declare -i s; }; f; s=$(var); echo $s"
+prop_checkSpacefulnessCfg59 = verifyNot checkSpacefulnessCfg "f() { declare -gi s; }; f; s=$(var); echo $s"
+prop_checkSpacefulnessCfg60 = verify checkSpacefulnessCfg "declare -i s; declare +i s; s=$(foo); echo $s"
+prop_checkSpacefulnessCfg61 = verify checkSpacefulnessCfg "declare -x X; y=foo$X; echo $y;"
+prop_checkSpacefulnessCfg62 = verifyNot checkSpacefulnessCfg "f() { declare -x X; y=foo$X; echo $y; }"
+prop_checkSpacefulnessCfg63 = verify checkSpacefulnessCfg "f && declare -i s; s='x + y'; echo $s"
+prop_checkSpacefulnessCfg64 = verifyNot checkSpacefulnessCfg "declare -i s; s='x + y'; x=$s; echo $x"
 
 checkSpacefulnessCfg = checkSpacefulnessCfg' True
 checkVerboseSpacefulnessCfg = checkSpacefulnessCfg' False
@@ -2157,13 +2157,13 @@ checkVariableBraces params t@(T_DollarBraced id False l)
 checkVariableBraces _ _ = return ()
 
 prop_checkQuotesInLiterals1 = verifyTree checkQuotesInLiterals "param='--foo=\"bar\"'; app $param"
-prop_checkQuotesInLiterals1a= verifyTree checkQuotesInLiterals "param=\"--foo='lolbar'\"; app $param"
+prop_checkQuotesInLiterals1a = verifyTree checkQuotesInLiterals "param=\"--foo='lolbar'\"; app $param"
 prop_checkQuotesInLiterals2 = verifyNotTree checkQuotesInLiterals "param='--foo=\"bar\"'; app \"$param\""
 prop_checkQuotesInLiterals3 =verifyNotTree checkQuotesInLiterals "param=('--foo='); app \"${param[@]}\""
 prop_checkQuotesInLiterals4 = verifyNotTree checkQuotesInLiterals "param=\"don't bother with this one\"; app $param"
 prop_checkQuotesInLiterals5 = verifyNotTree checkQuotesInLiterals "param=\"--foo='lolbar'\"; eval app $param"
 prop_checkQuotesInLiterals6 = verifyTree checkQuotesInLiterals "param='my\\ file'; cmd=\"rm $param\"; $cmd"
-prop_checkQuotesInLiterals6a= verifyNotTree checkQuotesInLiterals "param='my\\ file'; cmd=\"rm ${#param}\"; $cmd"
+prop_checkQuotesInLiterals6a = verifyNotTree checkQuotesInLiterals "param='my\\ file'; cmd=\"rm ${#param}\"; $cmd"
 prop_checkQuotesInLiterals7 = verifyTree checkQuotesInLiterals "param='my\\ file'; rm $param"
 prop_checkQuotesInLiterals8 = verifyTree checkQuotesInLiterals "param=\"/foo/'bar baz'/etc\"; rm $param"
 prop_checkQuotesInLiterals9 = verifyNotTree checkQuotesInLiterals "param=\"/foo/'bar baz'/etc\"; rm ${#param}"
@@ -2227,9 +2227,9 @@ prop_checkFunctionsUsedExternally1 =
   verifyTree checkFunctionsUsedExternally "foo() { :; }; sudo foo"
 prop_checkFunctionsUsedExternally2 =
   verifyTree checkFunctionsUsedExternally "alias f='a'; xargs -0 f"
-prop_checkFunctionsUsedExternally2b=
+prop_checkFunctionsUsedExternally2b =
   verifyNotTree checkFunctionsUsedExternally "alias f='a'; find . -type f"
-prop_checkFunctionsUsedExternally2c=
+prop_checkFunctionsUsedExternally2c =
   verifyTree checkFunctionsUsedExternally "alias f='a'; find . -type f -exec f +"
 prop_checkFunctionsUsedExternally3 =
   verifyNotTree checkFunctionsUsedExternally "f() { :; }; echo f"
@@ -2305,49 +2305,49 @@ prop_checkUnused6 = verifyNotTree checkUnusedAssignments "var=4; (( var++ ))"
 prop_checkUnused7 = verifyNotTree checkUnusedAssignments "var=2; $((var))"
 prop_checkUnused8 = verifyTree checkUnusedAssignments "var=2; var=3;"
 prop_checkUnused9 = verifyNotTree checkUnusedAssignments "read ''"
-prop_checkUnused10= verifyNotTree checkUnusedAssignments "read -p 'test: '"
-prop_checkUnused11= verifyNotTree checkUnusedAssignments "bar=5; export foo[$bar]=3"
-prop_checkUnused12= verifyNotTree checkUnusedAssignments "read foo; echo ${!foo}"
-prop_checkUnused13= verifyNotTree checkUnusedAssignments "x=(1); (( x[0] ))"
-prop_checkUnused14= verifyNotTree checkUnusedAssignments "x=(1); n=0; echo ${x[n]}"
-prop_checkUnused15= verifyNotTree checkUnusedAssignments "x=(1); n=0; (( x[n] ))"
-prop_checkUnused16= verifyNotTree checkUnusedAssignments "foo=5; declare -x foo"
-prop_checkUnused16b= verifyNotTree checkUnusedAssignments "f() { local -x foo; foo=42; bar; }; f"
-prop_checkUnused17= verifyNotTree checkUnusedAssignments "read -i 'foo' -e -p 'Input: ' bar; $bar;"
-prop_checkUnused18= verifyNotTree checkUnusedAssignments "a=1; arr=( [$a]=42 ); echo \"${arr[@]}\""
-prop_checkUnused19= verifyNotTree checkUnusedAssignments "a=1; let b=a+1; echo $b"
-prop_checkUnused20= verifyNotTree checkUnusedAssignments "a=1; PS1='$a'"
-prop_checkUnused21= verifyNotTree checkUnusedAssignments "a=1; trap 'echo $a' INT"
-prop_checkUnused22= verifyNotTree checkUnusedAssignments "a=1; [ -v a ]"
-prop_checkUnused23= verifyNotTree checkUnusedAssignments "a=1; [ -R a ]"
-prop_checkUnused24= verifyNotTree checkUnusedAssignments "mapfile -C a b; echo ${b[@]}"
-prop_checkUnused25= verifyNotTree checkUnusedAssignments "readarray foo; echo ${foo[@]}"
-prop_checkUnused26= verifyNotTree checkUnusedAssignments "declare -F foo"
-prop_checkUnused27= verifyTree checkUnusedAssignments "var=3; [ var -eq 3 ]"
-prop_checkUnused28= verifyNotTree checkUnusedAssignments "var=3; [[ var -eq 3 ]]"
-prop_checkUnused29= verifyNotTree checkUnusedAssignments "var=(a b); declare -p var"
-prop_checkUnused30= verifyTree checkUnusedAssignments "let a=1"
-prop_checkUnused31= verifyTree checkUnusedAssignments "let 'a=1'"
-prop_checkUnused32= verifyTree checkUnusedAssignments "let a=b=c; echo $a"
-prop_checkUnused33= verifyNotTree checkUnusedAssignments "a=foo; [[ foo =~ ^{$a}$ ]]"
-prop_checkUnused34= verifyNotTree checkUnusedAssignments "foo=1; (( t = foo )); echo $t"
-prop_checkUnused35= verifyNotTree checkUnusedAssignments "a=foo; b=2; echo ${a:b}"
-prop_checkUnused36= verifyNotTree checkUnusedAssignments "if [[ -v foo ]]; then true; fi"
-prop_checkUnused37= verifyNotTree checkUnusedAssignments "fd=2; exec {fd}>&-"
-prop_checkUnused38= verifyTree checkUnusedAssignments "(( a=42 ))"
-prop_checkUnused39= verifyNotTree checkUnusedAssignments "declare -x -f foo"
-prop_checkUnused40= verifyNotTree checkUnusedAssignments "arr=(1 2); num=2; echo \"${arr[@]:num}\""
-prop_checkUnused41= verifyNotTree checkUnusedAssignments "@test 'foo' {\ntrue\n}\n"
-prop_checkUnused42= verifyNotTree checkUnusedAssignments "DEFINE_string foo '' ''; echo \"${FLAGS_foo}\""
-prop_checkUnused43= verifyTree checkUnusedAssignments "DEFINE_string foo '' ''"
-prop_checkUnused44= verifyNotTree checkUnusedAssignments "DEFINE_string \"foo$ibar\" x y"
-prop_checkUnused45= verifyTree checkUnusedAssignments "readonly foo=bar"
-prop_checkUnused46= verifyTree checkUnusedAssignments "readonly foo=(bar)"
-prop_checkUnused47= verifyNotTree checkUnusedAssignments "a=1; alias hello='echo $a'"
-prop_checkUnused48= verifyNotTree checkUnusedAssignments "_a=1"
-prop_checkUnused49= verifyNotTree checkUnusedAssignments "declare -A array; key=a; [[ -v array[$key] ]]"
-prop_checkUnused50= verifyNotTree checkUnusedAssignments "foofunc() { :; }; typeset -fx foofunc"
-prop_checkUnused51= verifyTree checkUnusedAssignments "x[y[z=1]]=1; echo ${x[@]}"
+prop_checkUnused10 = verifyNotTree checkUnusedAssignments "read -p 'test: '"
+prop_checkUnused11 = verifyNotTree checkUnusedAssignments "bar=5; export foo[$bar]=3"
+prop_checkUnused12 = verifyNotTree checkUnusedAssignments "read foo; echo ${!foo}"
+prop_checkUnused13 = verifyNotTree checkUnusedAssignments "x=(1); (( x[0] ))"
+prop_checkUnused14 = verifyNotTree checkUnusedAssignments "x=(1); n=0; echo ${x[n]}"
+prop_checkUnused15 = verifyNotTree checkUnusedAssignments "x=(1); n=0; (( x[n] ))"
+prop_checkUnused16 = verifyNotTree checkUnusedAssignments "foo=5; declare -x foo"
+prop_checkUnused16b = verifyNotTree checkUnusedAssignments "f() { local -x foo; foo=42; bar; }; f"
+prop_checkUnused17 = verifyNotTree checkUnusedAssignments "read -i 'foo' -e -p 'Input: ' bar; $bar;"
+prop_checkUnused18 = verifyNotTree checkUnusedAssignments "a=1; arr=( [$a]=42 ); echo \"${arr[@]}\""
+prop_checkUnused19 = verifyNotTree checkUnusedAssignments "a=1; let b=a+1; echo $b"
+prop_checkUnused20 = verifyNotTree checkUnusedAssignments "a=1; PS1='$a'"
+prop_checkUnused21 = verifyNotTree checkUnusedAssignments "a=1; trap 'echo $a' INT"
+prop_checkUnused22 = verifyNotTree checkUnusedAssignments "a=1; [ -v a ]"
+prop_checkUnused23 = verifyNotTree checkUnusedAssignments "a=1; [ -R a ]"
+prop_checkUnused24 = verifyNotTree checkUnusedAssignments "mapfile -C a b; echo ${b[@]}"
+prop_checkUnused25 = verifyNotTree checkUnusedAssignments "readarray foo; echo ${foo[@]}"
+prop_checkUnused26 = verifyNotTree checkUnusedAssignments "declare -F foo"
+prop_checkUnused27 = verifyTree checkUnusedAssignments "var=3; [ var -eq 3 ]"
+prop_checkUnused28 = verifyNotTree checkUnusedAssignments "var=3; [[ var -eq 3 ]]"
+prop_checkUnused29 = verifyNotTree checkUnusedAssignments "var=(a b); declare -p var"
+prop_checkUnused30 = verifyTree checkUnusedAssignments "let a=1"
+prop_checkUnused31 = verifyTree checkUnusedAssignments "let 'a=1'"
+prop_checkUnused32 = verifyTree checkUnusedAssignments "let a=b=c; echo $a"
+prop_checkUnused33 = verifyNotTree checkUnusedAssignments "a=foo; [[ foo =~ ^{$a}$ ]]"
+prop_checkUnused34 = verifyNotTree checkUnusedAssignments "foo=1; (( t = foo )); echo $t"
+prop_checkUnused35 = verifyNotTree checkUnusedAssignments "a=foo; b=2; echo ${a:b}"
+prop_checkUnused36 = verifyNotTree checkUnusedAssignments "if [[ -v foo ]]; then true; fi"
+prop_checkUnused37 = verifyNotTree checkUnusedAssignments "fd=2; exec {fd}>&-"
+prop_checkUnused38 = verifyTree checkUnusedAssignments "(( a=42 ))"
+prop_checkUnused39 = verifyNotTree checkUnusedAssignments "declare -x -f foo"
+prop_checkUnused40 = verifyNotTree checkUnusedAssignments "arr=(1 2); num=2; echo \"${arr[@]:num}\""
+prop_checkUnused41 = verifyNotTree checkUnusedAssignments "@test 'foo' {\ntrue\n}\n"
+prop_checkUnused42 = verifyNotTree checkUnusedAssignments "DEFINE_string foo '' ''; echo \"${FLAGS_foo}\""
+prop_checkUnused43 = verifyTree checkUnusedAssignments "DEFINE_string foo '' ''"
+prop_checkUnused44 = verifyNotTree checkUnusedAssignments "DEFINE_string \"foo$ibar\" x y"
+prop_checkUnused45 = verifyTree checkUnusedAssignments "readonly foo=bar"
+prop_checkUnused46 = verifyTree checkUnusedAssignments "readonly foo=(bar)"
+prop_checkUnused47 = verifyNotTree checkUnusedAssignments "a=1; alias hello='echo $a'"
+prop_checkUnused48 = verifyNotTree checkUnusedAssignments "_a=1"
+prop_checkUnused49 = verifyNotTree checkUnusedAssignments "declare -A array; key=a; [[ -v array[$key] ]]"
+prop_checkUnused50 = verifyNotTree checkUnusedAssignments "foofunc() { :; }; typeset -fx foofunc"
+prop_checkUnused51 = verifyTree checkUnusedAssignments "x[y[z=1]]=1; echo ${x[@]}"
 
 checkUnusedAssignments params t = execWriter (mapM_ warnFor unused)
   where
@@ -2381,40 +2381,40 @@ prop_checkUnassignedReferences6 = verifyNotTree checkUnassignedReferences "foo=.
 prop_checkUnassignedReferences7 = verifyNotTree checkUnassignedReferences "getopts ':h' foo; echo $foo"
 prop_checkUnassignedReferences8 = verifyNotTree checkUnassignedReferences "let 'foo = 1'; echo $foo"
 prop_checkUnassignedReferences9 = verifyNotTree checkUnassignedReferences "echo ${foo-bar}"
-prop_checkUnassignedReferences10= verifyNotTree checkUnassignedReferences "echo ${foo:?}"
-prop_checkUnassignedReferences11= verifyNotTree checkUnassignedReferences "declare -A foo; echo \"${foo[@]}\""
-prop_checkUnassignedReferences12= verifyNotTree checkUnassignedReferences "typeset -a foo; echo \"${foo[@]}\""
-prop_checkUnassignedReferences13= verifyNotTree checkUnassignedReferences "f() { local foo; echo $foo; }"
-prop_checkUnassignedReferences14= verifyNotTree checkUnassignedReferences "foo=; echo $foo"
-prop_checkUnassignedReferences15= verifyNotTree checkUnassignedReferences "f() { true; }; export -f f"
-prop_checkUnassignedReferences16= verifyNotTree checkUnassignedReferences "declare -A foo=( [a b]=bar ); echo ${foo[a b]}"
-prop_checkUnassignedReferences17= verifyNotTree checkUnassignedReferences "USERS=foo; echo $USER"
-prop_checkUnassignedReferences18= verifyNotTree checkUnassignedReferences "FOOBAR=42; export FOOBAR="
-prop_checkUnassignedReferences19= verifyNotTree checkUnassignedReferences "readonly foo=bar; echo $foo"
-prop_checkUnassignedReferences20= verifyNotTree checkUnassignedReferences "printf -v foo bar; echo $foo"
-prop_checkUnassignedReferences21= verifyTree checkUnassignedReferences "echo ${#foo}"
-prop_checkUnassignedReferences22= verifyNotTree checkUnassignedReferences "echo ${!os*}"
-prop_checkUnassignedReferences23= verifyTree checkUnassignedReferences "declare -a foo; foo[bar]=42;"
-prop_checkUnassignedReferences24= verifyNotTree checkUnassignedReferences "declare -A foo; foo[bar]=42;"
-prop_checkUnassignedReferences25= verifyNotTree checkUnassignedReferences "declare -A foo=(); foo[bar]=42;"
-prop_checkUnassignedReferences26= verifyNotTree checkUnassignedReferences "a::b() { foo; }; readonly -f a::b"
-prop_checkUnassignedReferences27= verifyNotTree checkUnassignedReferences ": ${foo:=bar}"
-prop_checkUnassignedReferences28= verifyNotTree checkUnassignedReferences "#!/bin/ksh\necho \"${.sh.version}\"\n"
-prop_checkUnassignedReferences29= verifyNotTree checkUnassignedReferences "if [[ -v foo ]]; then echo $foo; fi"
-prop_checkUnassignedReferences30= verifyNotTree checkUnassignedReferences "if [[ -v foo[3] ]]; then echo ${foo[3]}; fi"
-prop_checkUnassignedReferences31= verifyNotTree checkUnassignedReferences "X=1; if [[ -v foo[$X+42] ]]; then echo ${foo[$X+42]}; fi"
-prop_checkUnassignedReferences32= verifyNotTree checkUnassignedReferences "if [[ -v \"foo[1]\" ]]; then echo ${foo[@]}; fi"
-prop_checkUnassignedReferences33= verifyNotTree checkUnassignedReferences "f() { local -A foo; echo \"${foo[@]}\"; }"
-prop_checkUnassignedReferences34= verifyNotTree checkUnassignedReferences "declare -A foo; (( foo[bar] ))"
-prop_checkUnassignedReferences35= verifyNotTree checkUnassignedReferences "echo ${arr[foo-bar]:?fail}"
-prop_checkUnassignedReferences36= verifyNotTree checkUnassignedReferences "read -a foo -r <<<\"foo bar\"; echo \"$foo\""
-prop_checkUnassignedReferences37= verifyNotTree checkUnassignedReferences "var=howdy; printf -v 'array[0]' %s \"$var\"; printf %s \"${array[0]}\";"
-prop_checkUnassignedReferences38= verifyTree (checkUnassignedReferences' True) "echo $VAR"
-prop_checkUnassignedReferences39= verifyNotTree checkUnassignedReferences "builtin export var=4; echo $var"
-prop_checkUnassignedReferences40= verifyNotTree checkUnassignedReferences ": ${foo=bar}"
-prop_checkUnassignedReferences41= verifyNotTree checkUnassignedReferences "mapfile -t files 123; echo \"${files[@]}\""
-prop_checkUnassignedReferences42= verifyNotTree checkUnassignedReferences "mapfile files -t; echo \"${files[@]}\""
-prop_checkUnassignedReferences43= verifyNotTree checkUnassignedReferences "mapfile --future files; echo \"${files[@]}\""
+prop_checkUnassignedReferences10 = verifyNotTree checkUnassignedReferences "echo ${foo:?}"
+prop_checkUnassignedReferences11 = verifyNotTree checkUnassignedReferences "declare -A foo; echo \"${foo[@]}\""
+prop_checkUnassignedReferences12 = verifyNotTree checkUnassignedReferences "typeset -a foo; echo \"${foo[@]}\""
+prop_checkUnassignedReferences13 = verifyNotTree checkUnassignedReferences "f() { local foo; echo $foo; }"
+prop_checkUnassignedReferences14 = verifyNotTree checkUnassignedReferences "foo=; echo $foo"
+prop_checkUnassignedReferences15 = verifyNotTree checkUnassignedReferences "f() { true; }; export -f f"
+prop_checkUnassignedReferences16 = verifyNotTree checkUnassignedReferences "declare -A foo=( [a b]=bar ); echo ${foo[a b]}"
+prop_checkUnassignedReferences17 = verifyNotTree checkUnassignedReferences "USERS=foo; echo $USER"
+prop_checkUnassignedReferences18 = verifyNotTree checkUnassignedReferences "FOOBAR=42; export FOOBAR="
+prop_checkUnassignedReferences19 = verifyNotTree checkUnassignedReferences "readonly foo=bar; echo $foo"
+prop_checkUnassignedReferences20 = verifyNotTree checkUnassignedReferences "printf -v foo bar; echo $foo"
+prop_checkUnassignedReferences21 = verifyTree checkUnassignedReferences "echo ${#foo}"
+prop_checkUnassignedReferences22 = verifyNotTree checkUnassignedReferences "echo ${!os*}"
+prop_checkUnassignedReferences23 = verifyTree checkUnassignedReferences "declare -a foo; foo[bar]=42;"
+prop_checkUnassignedReferences24 = verifyNotTree checkUnassignedReferences "declare -A foo; foo[bar]=42;"
+prop_checkUnassignedReferences25 = verifyNotTree checkUnassignedReferences "declare -A foo=(); foo[bar]=42;"
+prop_checkUnassignedReferences26 = verifyNotTree checkUnassignedReferences "a::b() { foo; }; readonly -f a::b"
+prop_checkUnassignedReferences27 = verifyNotTree checkUnassignedReferences ": ${foo:=bar}"
+prop_checkUnassignedReferences28 = verifyNotTree checkUnassignedReferences "#!/bin/ksh\necho \"${.sh.version}\"\n"
+prop_checkUnassignedReferences29 = verifyNotTree checkUnassignedReferences "if [[ -v foo ]]; then echo $foo; fi"
+prop_checkUnassignedReferences30 = verifyNotTree checkUnassignedReferences "if [[ -v foo[3] ]]; then echo ${foo[3]}; fi"
+prop_checkUnassignedReferences31 = verifyNotTree checkUnassignedReferences "X=1; if [[ -v foo[$X+42] ]]; then echo ${foo[$X+42]}; fi"
+prop_checkUnassignedReferences32 = verifyNotTree checkUnassignedReferences "if [[ -v \"foo[1]\" ]]; then echo ${foo[@]}; fi"
+prop_checkUnassignedReferences33 = verifyNotTree checkUnassignedReferences "f() { local -A foo; echo \"${foo[@]}\"; }"
+prop_checkUnassignedReferences34 = verifyNotTree checkUnassignedReferences "declare -A foo; (( foo[bar] ))"
+prop_checkUnassignedReferences35 = verifyNotTree checkUnassignedReferences "echo ${arr[foo-bar]:?fail}"
+prop_checkUnassignedReferences36 = verifyNotTree checkUnassignedReferences "read -a foo -r <<<\"foo bar\"; echo \"$foo\""
+prop_checkUnassignedReferences37 = verifyNotTree checkUnassignedReferences "var=howdy; printf -v 'array[0]' %s \"$var\"; printf %s \"${array[0]}\";"
+prop_checkUnassignedReferences38 = verifyTree (checkUnassignedReferences' True) "echo $VAR"
+prop_checkUnassignedReferences39 = verifyNotTree checkUnassignedReferences "builtin export var=4; echo $var"
+prop_checkUnassignedReferences40 = verifyNotTree checkUnassignedReferences ": ${foo=bar}"
+prop_checkUnassignedReferences41 = verifyNotTree checkUnassignedReferences "mapfile -t files 123; echo \"${files[@]}\""
+prop_checkUnassignedReferences42 = verifyNotTree checkUnassignedReferences "mapfile files -t; echo \"${files[@]}\""
+prop_checkUnassignedReferences43 = verifyNotTree checkUnassignedReferences "mapfile --future files; echo \"${files[@]}\""
 prop_checkUnassignedReferences_minusNPlain   = verifyNotTree checkUnassignedReferences "if [ -n \"$x\" ]; then echo $x; fi"
 prop_checkUnassignedReferences_minusZPlain   = verifyNotTree checkUnassignedReferences "if [ -z \"$x\" ]; then echo \"\"; fi"
 prop_checkUnassignedReferences_minusNBraced  = verifyNotTree checkUnassignedReferences "if [ -n \"${x}\" ]; then echo $x; fi"
@@ -2792,11 +2792,11 @@ prop_checkUnpassedInFunctions6 = verifyNotTree checkUnpassedInFunctions "foo() {
 prop_checkUnpassedInFunctions7 = verifyTree checkUnpassedInFunctions "foo() { echo $1; }; foo; foo;"
 prop_checkUnpassedInFunctions8 = verifyNotTree checkUnpassedInFunctions "foo() { echo $((1)); }; foo;"
 prop_checkUnpassedInFunctions9 = verifyNotTree checkUnpassedInFunctions "foo() { echo $(($b)); }; foo;"
-prop_checkUnpassedInFunctions10= verifyNotTree checkUnpassedInFunctions "foo() { echo $!; }; foo;"
-prop_checkUnpassedInFunctions11= verifyNotTree checkUnpassedInFunctions "foo() { bar() { echo $1; }; bar baz; }; foo;"
-prop_checkUnpassedInFunctions12= verifyNotTree checkUnpassedInFunctions "foo() { echo ${!var*}; }; foo;"
-prop_checkUnpassedInFunctions13= verifyNotTree checkUnpassedInFunctions "# shellcheck disable=SC2120\nfoo() { echo $1; }\nfoo\n"
-prop_checkUnpassedInFunctions14= verifyTree checkUnpassedInFunctions "foo() { echo $#; }; foo"
+prop_checkUnpassedInFunctions10 = verifyNotTree checkUnpassedInFunctions "foo() { echo $!; }; foo;"
+prop_checkUnpassedInFunctions11 = verifyNotTree checkUnpassedInFunctions "foo() { bar() { echo $1; }; bar baz; }; foo;"
+prop_checkUnpassedInFunctions12 = verifyNotTree checkUnpassedInFunctions "foo() { echo ${!var*}; }; foo;"
+prop_checkUnpassedInFunctions13 = verifyNotTree checkUnpassedInFunctions "# shellcheck disable=SC2120\nfoo() { echo $1; }\nfoo\n"
+prop_checkUnpassedInFunctions14 = verifyTree checkUnpassedInFunctions "foo() { echo $#; }; foo"
 checkUnpassedInFunctions params root =
     execWriter $ mapM_ warnForGroup referenceGroups
   where
@@ -2971,12 +2971,12 @@ checkSuspiciousIFS params (T_Assignment _ _ "IFS" [] value) =
 checkSuspiciousIFS _ _ = return ()
 
 
-prop_checkGrepQ1= verify checkShouldUseGrepQ "[[ $(foo | grep bar) ]]"
-prop_checkGrepQ2= verify checkShouldUseGrepQ "[ -z $(fgrep lol) ]"
-prop_checkGrepQ3= verify checkShouldUseGrepQ "[ -n \"$(foo | zgrep lol)\" ]"
-prop_checkGrepQ4= verifyNot checkShouldUseGrepQ "[ -z $(grep bar | cmd) ]"
-prop_checkGrepQ5= verifyNot checkShouldUseGrepQ "rm $(ls | grep file)"
-prop_checkGrepQ6= verifyNot checkShouldUseGrepQ "[[ -n $(pgrep foo) ]]"
+prop_checkGrepQ1 = verify checkShouldUseGrepQ "[[ $(foo | grep bar) ]]"
+prop_checkGrepQ2 = verify checkShouldUseGrepQ "[ -z $(fgrep lol) ]"
+prop_checkGrepQ3 = verify checkShouldUseGrepQ "[ -n \"$(foo | zgrep lol)\" ]"
+prop_checkGrepQ4 = verifyNot checkShouldUseGrepQ "[ -z $(grep bar | cmd) ]"
+prop_checkGrepQ5 = verifyNot checkShouldUseGrepQ "rm $(ls | grep file)"
+prop_checkGrepQ6 = verifyNot checkShouldUseGrepQ "[[ -n $(pgrep foo) ]]"
 checkShouldUseGrepQ params t =
     sequence_ $ case t of
         TC_Nullary id _ token -> check id True token
diff --git a/src/ShellCheck/Checks/Commands.hs b/src/ShellCheck/Checks/Commands.hs
index acbf967..4bae17e 100644
--- a/src/ShellCheck/Checks/Commands.hs
+++ b/src/ShellCheck/Checks/Commands.hs
@@ -216,18 +216,18 @@ checker spec params = getChecker $ commandChecks ++ optionals
 
 prop_checkTr1 = verify checkTr "tr [a-f] [A-F]"
 prop_checkTr2 = verify checkTr "tr 'a-z' 'A-Z'"
-prop_checkTr2a= verify checkTr "tr '[a-z]' '[A-Z]'"
+prop_checkTr2a = verify checkTr "tr '[a-z]' '[A-Z]'"
 prop_checkTr3 = verifyNot checkTr "tr -d '[:lower:]'"
-prop_checkTr3a= verifyNot checkTr "tr -d '[:upper:]'"
-prop_checkTr3b= verifyNot checkTr "tr -d '|/_[:upper:]'"
+prop_checkTr3a = verifyNot checkTr "tr -d '[:upper:]'"
+prop_checkTr3b = verifyNot checkTr "tr -d '|/_[:upper:]'"
 prop_checkTr4 = verifyNot checkTr "ls [a-z]"
 prop_checkTr5 = verify checkTr "tr foo bar"
 prop_checkTr6 = verify checkTr "tr 'hello' 'world'"
 prop_checkTr8 = verifyNot checkTr "tr aeiou _____"
 prop_checkTr9 = verifyNot checkTr "a-z n-za-m"
-prop_checkTr10= verifyNot checkTr "tr --squeeze-repeats rl lr"
-prop_checkTr11= verifyNot checkTr "tr abc '[d*]'"
-prop_checkTr12= verifyNot checkTr "tr '[=e=]' 'e'"
+prop_checkTr10 = verifyNot checkTr "tr --squeeze-repeats rl lr"
+prop_checkTr11 = verifyNot checkTr "tr abc '[d*]'"
+prop_checkTr12 = verifyNot checkTr "tr '[=e=]' 'e'"
 checkTr = CommandCheck (Basename "tr") (mapM_ f . arguments)
   where
     f w | isGlob w = -- The user will go [ab] -> '[ab]' -> 'ab'. Fixme?
@@ -339,20 +339,20 @@ prop_checkGrepRe6 = verifyNot checkGrepRe "grep foo \\*.mp3"
 prop_checkGrepRe7 = verify checkGrepRe "grep *foo* file"
 prop_checkGrepRe8 = verify checkGrepRe "ls | grep foo*.jpg"
 prop_checkGrepRe9 = verifyNot checkGrepRe "grep '[0-9]*' file"
-prop_checkGrepRe10= verifyNot checkGrepRe "grep '^aa*' file"
-prop_checkGrepRe11= verifyNot checkGrepRe "grep --include=*.png foo"
-prop_checkGrepRe12= verifyNot checkGrepRe "grep -F 'Foo*' file"
-prop_checkGrepRe13= verifyNot checkGrepRe "grep -- -foo bar*"
-prop_checkGrepRe14= verifyNot checkGrepRe "grep -e -foo bar*"
-prop_checkGrepRe15= verifyNot checkGrepRe "grep --regex -foo bar*"
-prop_checkGrepRe16= verifyNot checkGrepRe "grep --include 'Foo*' file"
-prop_checkGrepRe17= verifyNot checkGrepRe "grep --exclude 'Foo*' file"
-prop_checkGrepRe18= verifyNot checkGrepRe "grep --exclude-dir 'Foo*' file"
-prop_checkGrepRe19= verify checkGrepRe "grep -- 'Foo*' file"
-prop_checkGrepRe20= verifyNot checkGrepRe "grep --fixed-strings 'Foo*' file"
-prop_checkGrepRe21= verifyNot checkGrepRe "grep -o 'x*' file"
-prop_checkGrepRe22= verifyNot checkGrepRe "grep --only-matching 'x*' file"
-prop_checkGrepRe23= verifyNot checkGrepRe "grep '.*' file"
+prop_checkGrepRe10 = verifyNot checkGrepRe "grep '^aa*' file"
+prop_checkGrepRe11 = verifyNot checkGrepRe "grep --include=*.png foo"
+prop_checkGrepRe12 = verifyNot checkGrepRe "grep -F 'Foo*' file"
+prop_checkGrepRe13 = verifyNot checkGrepRe "grep -- -foo bar*"
+prop_checkGrepRe14 = verifyNot checkGrepRe "grep -e -foo bar*"
+prop_checkGrepRe15 = verifyNot checkGrepRe "grep --regex -foo bar*"
+prop_checkGrepRe16 = verifyNot checkGrepRe "grep --include 'Foo*' file"
+prop_checkGrepRe17 = verifyNot checkGrepRe "grep --exclude 'Foo*' file"
+prop_checkGrepRe18 = verifyNot checkGrepRe "grep --exclude-dir 'Foo*' file"
+prop_checkGrepRe19 = verify checkGrepRe "grep -- 'Foo*' file"
+prop_checkGrepRe20 = verifyNot checkGrepRe "grep --fixed-strings 'Foo*' file"
+prop_checkGrepRe21 = verifyNot checkGrepRe "grep -o 'x*' file"
+prop_checkGrepRe22 = verifyNot checkGrepRe "grep --only-matching 'x*' file"
+prop_checkGrepRe23 = verifyNot checkGrepRe "grep '.*' file"
 
 checkGrepRe = CommandCheck (Basename "grep") check where
     check cmd = f cmd (arguments cmd)
@@ -400,7 +400,7 @@ checkGrepRe = CommandCheck (Basename "grep") check where
 
 
 prop_checkTrapQuotes1 = verify checkTrapQuotes "trap \"echo $num\" INT"
-prop_checkTrapQuotes1a= verify checkTrapQuotes "trap \"echo `ls`\" INT"
+prop_checkTrapQuotes1a = verify checkTrapQuotes "trap \"echo `ls`\" INT"
 prop_checkTrapQuotes2 = verifyNot checkTrapQuotes "trap 'echo $num' INT"
 prop_checkTrapQuotes3 = verify checkTrapQuotes "trap \"echo $((1+num))\" EXIT DEBUG"
 checkTrapQuotes = CommandCheck (Exactly "trap") (f . arguments) where
@@ -657,19 +657,19 @@ prop_checkPrintfVar6 = verify checkPrintfVar "printf foo bar baz"
 prop_checkPrintfVar7 = verify checkPrintfVar "printf -- foo bar baz"
 prop_checkPrintfVar8 = verifyNot checkPrintfVar "printf '%s %s %s' \"${var[@]}\""
 prop_checkPrintfVar9 = verifyNot checkPrintfVar "printf '%s %s %s\\n' *.png"
-prop_checkPrintfVar10= verifyNot checkPrintfVar "printf '%s %s %s' foo bar baz"
-prop_checkPrintfVar11= verifyNot checkPrintfVar "printf '%(%s%s)T' -1"
-prop_checkPrintfVar12= verify checkPrintfVar "printf '%s %s\\n' 1 2 3"
-prop_checkPrintfVar13= verifyNot checkPrintfVar "printf '%s %s\\n' 1 2 3 4"
-prop_checkPrintfVar14= verify checkPrintfVar "printf '%*s\\n' 1"
-prop_checkPrintfVar15= verifyNot checkPrintfVar "printf '%*s\\n' 1 2"
-prop_checkPrintfVar16= verifyNot checkPrintfVar "printf $'string'"
-prop_checkPrintfVar17= verify checkPrintfVar "printf '%-*s\\n' 1"
-prop_checkPrintfVar18= verifyNot checkPrintfVar "printf '%-*s\\n' 1 2"
-prop_checkPrintfVar19= verifyNot checkPrintfVar "printf '%(%s)T'"
-prop_checkPrintfVar20= verifyNot checkPrintfVar "printf '%d %(%s)T' 42"
-prop_checkPrintfVar21= verify checkPrintfVar "printf '%d %(%s)T'"
-prop_checkPrintfVar22= verify checkPrintfVar "printf '%s\n%s' foo"
+prop_checkPrintfVar10 = verifyNot checkPrintfVar "printf '%s %s %s' foo bar baz"
+prop_checkPrintfVar11 = verifyNot checkPrintfVar "printf '%(%s%s)T' -1"
+prop_checkPrintfVar12 = verify checkPrintfVar "printf '%s %s\\n' 1 2 3"
+prop_checkPrintfVar13 = verifyNot checkPrintfVar "printf '%s %s\\n' 1 2 3 4"
+prop_checkPrintfVar14 = verify checkPrintfVar "printf '%*s\\n' 1"
+prop_checkPrintfVar15 = verifyNot checkPrintfVar "printf '%*s\\n' 1 2"
+prop_checkPrintfVar16 = verifyNot checkPrintfVar "printf $'string'"
+prop_checkPrintfVar17 = verify checkPrintfVar "printf '%-*s\\n' 1"
+prop_checkPrintfVar18 = verifyNot checkPrintfVar "printf '%-*s\\n' 1 2"
+prop_checkPrintfVar19 = verifyNot checkPrintfVar "printf '%(%s)T'"
+prop_checkPrintfVar20 = verifyNot checkPrintfVar "printf '%d %(%s)T' 42"
+prop_checkPrintfVar21 = verify checkPrintfVar "printf '%d %(%s)T'"
+prop_checkPrintfVar22 = verify checkPrintfVar "printf '%s\n%s' foo"
 
 checkPrintfVar = CommandCheck (Exactly "printf") (f . arguments) where
     f (doubledash:rest) | getLiteralString doubledash == Just "--" = f rest
@@ -1069,10 +1069,10 @@ prop_checkCatastrophicRm4 = verify checkCatastrophicRm "rm -fr /home/$(whoami)/*
 prop_checkCatastrophicRm5 = verifyNot checkCatastrophicRm "rm -r /home/${USER:-thing}/*"
 prop_checkCatastrophicRm6 = verify checkCatastrophicRm "rm --recursive /etc/*$config*"
 prop_checkCatastrophicRm8 = verify checkCatastrophicRm "rm -rf /home"
-prop_checkCatastrophicRm10= verifyNot checkCatastrophicRm "rm -r \"${DIR}\"/{.gitignore,.gitattributes,ci}"
-prop_checkCatastrophicRm11= verify checkCatastrophicRm "rm -r /{bin,sbin}/$exec"
-prop_checkCatastrophicRm12= verify checkCatastrophicRm "rm -r /{{usr,},{bin,sbin}}/$exec"
-prop_checkCatastrophicRm13= verifyNot checkCatastrophicRm "rm -r /{{a,b},{c,d}}/$exec"
+prop_checkCatastrophicRm10 = verifyNot checkCatastrophicRm "rm -r \"${DIR}\"/{.gitignore,.gitattributes,ci}"
+prop_checkCatastrophicRm11 = verify checkCatastrophicRm "rm -r /{bin,sbin}/$exec"
+prop_checkCatastrophicRm12 = verify checkCatastrophicRm "rm -r /{{usr,},{bin,sbin}}/$exec"
+prop_checkCatastrophicRm13 = verifyNot checkCatastrophicRm "rm -r /{{a,b},{c,d}}/$exec"
 prop_checkCatastrophicRmA = verify checkCatastrophicRm "rm -rf /usr /lib/nvidia-current/xorg/xorg"
 prop_checkCatastrophicRmB = verify checkCatastrophicRm "rm -rf \"$STEAMROOT/\"*"
 checkCatastrophicRm = CommandCheck (Basename "rm") $ \t ->
diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index 9ad17f5..c12da2d 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -92,55 +92,55 @@ prop_checkBashisms6 = verify checkBashisms "[ \"$a\" == 42 ]"
 prop_checkBashisms7 = verify checkBashisms "echo ${var[1]}"
 prop_checkBashisms8 = verify checkBashisms "echo ${!var[@]}"
 prop_checkBashisms9 = verify checkBashisms "echo ${!var*}"
-prop_checkBashisms10= verify checkBashisms "echo ${var:4:12}"
-prop_checkBashisms11= verifyNot checkBashisms "echo ${var:-4}"
-prop_checkBashisms12= verify checkBashisms "echo ${var//foo/bar}"
-prop_checkBashisms13= verify checkBashisms "exec -c env"
-prop_checkBashisms14= verify checkBashisms "echo -n \"Foo: \""
-prop_checkBashisms15= verify checkBashisms "let n++"
-prop_checkBashisms16= verify checkBashisms "echo $RANDOM"
-prop_checkBashisms17= verify checkBashisms "echo $((RANDOM%6+1))"
-prop_checkBashisms18= verify checkBashisms "foo &> /dev/null"
-prop_checkBashisms19= verify checkBashisms "foo > file*.txt"
-prop_checkBashisms20= verify checkBashisms "read -ra foo"
-prop_checkBashisms21= verify checkBashisms "[ -a foo ]"
-prop_checkBashisms22= verifyNot checkBashisms "[ foo -a bar ]"
-prop_checkBashisms23= verify checkBashisms "trap mything ERR INT"
-prop_checkBashisms24= verifyNot checkBashisms "trap mything INT TERM"
-prop_checkBashisms25= verify checkBashisms "cat < /dev/tcp/host/123"
-prop_checkBashisms26= verify checkBashisms "trap mything ERR SIGTERM"
-prop_checkBashisms27= verify checkBashisms "echo *[^0-9]*"
-prop_checkBashisms28= verify checkBashisms "exec {n}>&2"
-prop_checkBashisms29= verify checkBashisms "echo ${!var}"
-prop_checkBashisms30= verify checkBashisms "printf -v '%s' \"$1\""
-prop_checkBashisms31= verify checkBashisms "printf '%q' \"$1\""
-prop_checkBashisms32= verifyNot checkBashisms "#!/bin/dash\n[ foo -nt bar ]"
-prop_checkBashisms33= verify checkBashisms "#!/bin/sh\necho -n foo"
-prop_checkBashisms34= verifyNot checkBashisms "#!/bin/dash\necho -n foo"
-prop_checkBashisms35= verifyNot checkBashisms "#!/bin/dash\nlocal foo"
-prop_checkBashisms36= verifyNot checkBashisms "#!/bin/dash\nread -p foo -r bar"
-prop_checkBashisms37= verifyNot checkBashisms "HOSTNAME=foo; echo $HOSTNAME"
-prop_checkBashisms38= verify checkBashisms "RANDOM=9; echo $RANDOM"
-prop_checkBashisms39= verify checkBashisms "foo-bar() { true; }"
-prop_checkBashisms40= verify checkBashisms "echo $(<file)"
-prop_checkBashisms41= verify checkBashisms "echo `<file`"
-prop_checkBashisms42= verify checkBashisms "trap foo int"
-prop_checkBashisms43= verify checkBashisms "trap foo sigint"
-prop_checkBashisms44= verifyNot checkBashisms "#!/bin/dash\ntrap foo int"
-prop_checkBashisms45= verifyNot checkBashisms "#!/bin/dash\ntrap foo INT"
-prop_checkBashisms46= verify checkBashisms "#!/bin/dash\ntrap foo SIGINT"
-prop_checkBashisms47= verify checkBashisms "#!/bin/dash\necho foo 42>/dev/null"
-prop_checkBashisms48= verifyNot checkBashisms "#!/bin/sh\necho $LINENO"
-prop_checkBashisms49= verify checkBashisms "#!/bin/dash\necho $MACHTYPE"
-prop_checkBashisms50= verify checkBashisms "#!/bin/sh\ncmd >& file"
-prop_checkBashisms51= verifyNot checkBashisms "#!/bin/sh\ncmd 2>&1"
-prop_checkBashisms52= verifyNot checkBashisms "#!/bin/sh\ncmd >&2"
-prop_checkBashisms53= verifyNot checkBashisms "#!/bin/sh\nprintf -- -f\n"
-prop_checkBashisms54= verify checkBashisms "#!/bin/sh\nfoo+=bar"
-prop_checkBashisms55= verify checkBashisms "#!/bin/sh\necho ${@%foo}"
-prop_checkBashisms56= verifyNot checkBashisms "#!/bin/sh\necho ${##}"
-prop_checkBashisms57= verifyNot checkBashisms "#!/bin/dash\nulimit -c 0"
-prop_checkBashisms58= verify checkBashisms "#!/bin/sh\nulimit -c 0"
+prop_checkBashisms10 = verify checkBashisms "echo ${var:4:12}"
+prop_checkBashisms11 = verifyNot checkBashisms "echo ${var:-4}"
+prop_checkBashisms12 = verify checkBashisms "echo ${var//foo/bar}"
+prop_checkBashisms13 = verify checkBashisms "exec -c env"
+prop_checkBashisms14 = verify checkBashisms "echo -n \"Foo: \""
+prop_checkBashisms15 = verify checkBashisms "let n++"
+prop_checkBashisms16 = verify checkBashisms "echo $RANDOM"
+prop_checkBashisms17 = verify checkBashisms "echo $((RANDOM%6+1))"
+prop_checkBashisms18 = verify checkBashisms "foo &> /dev/null"
+prop_checkBashisms19 = verify checkBashisms "foo > file*.txt"
+prop_checkBashisms20 = verify checkBashisms "read -ra foo"
+prop_checkBashisms21 = verify checkBashisms "[ -a foo ]"
+prop_checkBashisms22 = verifyNot checkBashisms "[ foo -a bar ]"
+prop_checkBashisms23 = verify checkBashisms "trap mything ERR INT"
+prop_checkBashisms24 = verifyNot checkBashisms "trap mything INT TERM"
+prop_checkBashisms25 = verify checkBashisms "cat < /dev/tcp/host/123"
+prop_checkBashisms26 = verify checkBashisms "trap mything ERR SIGTERM"
+prop_checkBashisms27 = verify checkBashisms "echo *[^0-9]*"
+prop_checkBashisms28 = verify checkBashisms "exec {n}>&2"
+prop_checkBashisms29 = verify checkBashisms "echo ${!var}"
+prop_checkBashisms30 = verify checkBashisms "printf -v '%s' \"$1\""
+prop_checkBashisms31 = verify checkBashisms "printf '%q' \"$1\""
+prop_checkBashisms32 = verifyNot checkBashisms "#!/bin/dash\n[ foo -nt bar ]"
+prop_checkBashisms33 = verify checkBashisms "#!/bin/sh\necho -n foo"
+prop_checkBashisms34 = verifyNot checkBashisms "#!/bin/dash\necho -n foo"
+prop_checkBashisms35 = verifyNot checkBashisms "#!/bin/dash\nlocal foo"
+prop_checkBashisms36 = verifyNot checkBashisms "#!/bin/dash\nread -p foo -r bar"
+prop_checkBashisms37 = verifyNot checkBashisms "HOSTNAME=foo; echo $HOSTNAME"
+prop_checkBashisms38 = verify checkBashisms "RANDOM=9; echo $RANDOM"
+prop_checkBashisms39 = verify checkBashisms "foo-bar() { true; }"
+prop_checkBashisms40 = verify checkBashisms "echo $(<file)"
+prop_checkBashisms41 = verify checkBashisms "echo `<file`"
+prop_checkBashisms42 = verify checkBashisms "trap foo int"
+prop_checkBashisms43 = verify checkBashisms "trap foo sigint"
+prop_checkBashisms44 = verifyNot checkBashisms "#!/bin/dash\ntrap foo int"
+prop_checkBashisms45 = verifyNot checkBashisms "#!/bin/dash\ntrap foo INT"
+prop_checkBashisms46 = verify checkBashisms "#!/bin/dash\ntrap foo SIGINT"
+prop_checkBashisms47 = verify checkBashisms "#!/bin/dash\necho foo 42>/dev/null"
+prop_checkBashisms48 = verifyNot checkBashisms "#!/bin/sh\necho $LINENO"
+prop_checkBashisms49 = verify checkBashisms "#!/bin/dash\necho $MACHTYPE"
+prop_checkBashisms50 = verify checkBashisms "#!/bin/sh\ncmd >& file"
+prop_checkBashisms51 = verifyNot checkBashisms "#!/bin/sh\ncmd 2>&1"
+prop_checkBashisms52 = verifyNot checkBashisms "#!/bin/sh\ncmd >&2"
+prop_checkBashisms53 = verifyNot checkBashisms "#!/bin/sh\nprintf -- -f\n"
+prop_checkBashisms54 = verify checkBashisms "#!/bin/sh\nfoo+=bar"
+prop_checkBashisms55 = verify checkBashisms "#!/bin/sh\necho ${@%foo}"
+prop_checkBashisms56 = verifyNot checkBashisms "#!/bin/sh\necho ${##}"
+prop_checkBashisms57 = verifyNot checkBashisms "#!/bin/dash\nulimit -c 0"
+prop_checkBashisms58 = verify checkBashisms "#!/bin/sh\nulimit -c 0"
 prop_checkBashisms59 = verify checkBashisms "#!/bin/sh\njobs -s"
 prop_checkBashisms60 = verifyNot checkBashisms "#!/bin/sh\njobs -p"
 prop_checkBashisms61 = verifyNot checkBashisms "#!/bin/sh\njobs -lp"
@@ -441,9 +441,9 @@ checkBashisms = ForShell [Sh, Dash] $ \t -> do
                 _ -> False
 
 prop_checkEchoSed1 = verify checkEchoSed "FOO=$(echo \"$cow\" | sed 's/foo/bar/g')"
-prop_checkEchoSed1b= verify checkEchoSed "FOO=$(sed 's/foo/bar/g' <<< \"$cow\")"
+prop_checkEchoSed1b = verify checkEchoSed "FOO=$(sed 's/foo/bar/g' <<< \"$cow\")"
 prop_checkEchoSed2 = verify checkEchoSed "rm $(echo $cow | sed -e 's,foo,bar,')"
-prop_checkEchoSed2b= verify checkEchoSed "rm $(sed -e 's,foo,bar,' <<< $cow)"
+prop_checkEchoSed2b = verify checkEchoSed "rm $(sed -e 's,foo,bar,' <<< $cow)"
 checkEchoSed = ForShell [Bash, Ksh] f
   where
     f (T_Redirecting id lefts r) =
@@ -529,11 +529,11 @@ checkMultiDimensionalArrays = ForShell [Bash] f
     isMultiDim l = getBracedModifier (concat $ oversimplify l) `matches` re
 
 prop_checkPS11 = verify checkPS1Assignments "PS1='\\033[1;35m\\$ '"
-prop_checkPS11a= verify checkPS1Assignments "export PS1='\\033[1;35m\\$ '"
+prop_checkPS11a = verify checkPS1Assignments "export PS1='\\033[1;35m\\$ '"
 prop_checkPSf2 = verify checkPS1Assignments "PS1='\\h \\e[0m\\$ '"
 prop_checkPS13 = verify checkPS1Assignments "PS1=$'\\x1b[c '"
 prop_checkPS14 = verify checkPS1Assignments "PS1=$'\\e[3m; '"
-prop_checkPS14a= verify checkPS1Assignments "export PS1=$'\\e[3m; '"
+prop_checkPS14a = verify checkPS1Assignments "export PS1=$'\\e[3m; '"
 prop_checkPS15 = verifyNot checkPS1Assignments "PS1='\\[\\033[1;35m\\]\\$ '"
 prop_checkPS16 = verifyNot checkPS1Assignments "PS1='\\[\\e1m\\e[1m\\]\\$ '"
 prop_checkPS17 = verifyNot checkPS1Assignments "PS1='e033x1B'"
diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 9f9241c..e6a2999 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -719,20 +719,20 @@ prop_a6 = isOk readArithmeticContents " 1 | 2 ||3|4"
 prop_a7 = isOk readArithmeticContents "3*2**10"
 prop_a8 = isOk readArithmeticContents "3"
 prop_a9 = isOk readArithmeticContents "a^!-b"
-prop_a10= isOk readArithmeticContents "! $?"
-prop_a11= isOk readArithmeticContents "10#08 * 16#f"
-prop_a12= isOk readArithmeticContents "\"$((3+2))\" + '37'"
-prop_a13= isOk readArithmeticContents "foo[9*y+x]++"
-prop_a14= isOk readArithmeticContents "1+`echo 2`"
-prop_a15= isOk readArithmeticContents "foo[`echo foo | sed s/foo/4/g` * 3] + 4"
-prop_a16= isOk readArithmeticContents "$foo$bar"
-prop_a17= isOk readArithmeticContents "i<(0+(1+1))"
-prop_a18= isOk readArithmeticContents "a?b:c"
-prop_a19= isOk readArithmeticContents "\\\n3 +\\\n  2"
-prop_a20= isOk readArithmeticContents "a ? b ? c : d : e"
-prop_a21= isOk readArithmeticContents "a ? b : c ? d : e"
-prop_a22= isOk readArithmeticContents "!!a"
-prop_a23= isOk readArithmeticContents "~0"
+prop_a10 = isOk readArithmeticContents "! $?"
+prop_a11 = isOk readArithmeticContents "10#08 * 16#f"
+prop_a12 = isOk readArithmeticContents "\"$((3+2))\" + '37'"
+prop_a13 = isOk readArithmeticContents "foo[9*y+x]++"
+prop_a14 = isOk readArithmeticContents "1+`echo 2`"
+prop_a15 = isOk readArithmeticContents "foo[`echo foo | sed s/foo/4/g` * 3] + 4"
+prop_a16 = isOk readArithmeticContents "$foo$bar"
+prop_a17 = isOk readArithmeticContents "i<(0+(1+1))"
+prop_a18 = isOk readArithmeticContents "a?b:c"
+prop_a19 = isOk readArithmeticContents "\\\n3 +\\\n  2"
+prop_a20 = isOk readArithmeticContents "a ? b ? c : d : e"
+prop_a21 = isOk readArithmeticContents "a ? b : c ? d : e"
+prop_a22 = isOk readArithmeticContents "!!a"
+prop_a23 = isOk readArithmeticContents "~0"
 readArithmeticContents :: Monad m => SCParser m Token
 readArithmeticContents =
     readSequence
@@ -925,8 +925,8 @@ prop_readCondition7  = isOk readCondition "[[ ${line} =~ ^[[:space:]]*# ]]"
 prop_readCondition8  = isOk readCondition "[[ $l =~ ogg|flac ]]"
 prop_readCondition9  = isOk readCondition "[ foo -a -f bar ]"
 prop_readCondition10 = isOk readCondition "[[\na == b\n||\nc == d ]]"
-prop_readCondition10a= isOk readCondition "[[\na == b  ||\nc == d ]]"
-prop_readCondition10b= isOk readCondition "[[ a == b\n||\nc == d ]]"
+prop_readCondition10a = isOk readCondition "[[\na == b  ||\nc == d ]]"
+prop_readCondition10b = isOk readCondition "[[ a == b\n||\nc == d ]]"
 prop_readCondition11 = isOk readCondition "[[ a == b ||\n c == d ]]"
 prop_readCondition12 = isWarning readCondition "[ a == b \n -o c == d ]"
 prop_readCondition13 = isOk readCondition "[[ foo =~ ^fo{1,3}$ ]]"
@@ -1701,9 +1701,9 @@ readDollarBraced = called "parameter expansion" $ do
     id <- endSpan start
     return $ T_DollarBraced id True word
 
-prop_readDollarExpansion1= isOk readDollarExpansion "$(echo foo; ls\n)"
-prop_readDollarExpansion2= isOk readDollarExpansion "$(  )"
-prop_readDollarExpansion3= isOk readDollarExpansion "$( command \n#comment \n)"
+prop_readDollarExpansion1 = isOk readDollarExpansion "$(echo foo; ls\n)"
+prop_readDollarExpansion2 = isOk readDollarExpansion "$(  )"
+prop_readDollarExpansion3 = isOk readDollarExpansion "$( command \n#comment \n)"
 readDollarExpansion = called "command expansion" $ do
     start <- startSpan
     try (string "$(")
@@ -1795,17 +1795,17 @@ prop_readHereDoc6 = isOk readScript "cat << foo\\ bar\ncow\nfoo bar"
 prop_readHereDoc7 = isOk readScript "cat << foo\n\\$(f ())\nfoo"
 prop_readHereDoc8 = isOk readScript "cat <<foo>>bar\netc\nfoo"
 prop_readHereDoc9 = isOk readScript "if true; then cat << foo; fi\nbar\nfoo\n"
-prop_readHereDoc10= isOk readScript "if true; then cat << foo << bar; fi\nfoo\nbar\n"
-prop_readHereDoc11= isOk readScript "cat << foo $(\nfoo\n)lol\nfoo\n"
-prop_readHereDoc12= isOk readScript "cat << foo|cat\nbar\nfoo"
-prop_readHereDoc13= isOk readScript "cat <<'#!'\nHello World\n#!\necho Done"
-prop_readHereDoc14= isWarning readScript "cat << foo\nbar\nfoo \n"
-prop_readHereDoc15= isWarning readScript "cat <<foo\nbar\nfoo bar\nfoo"
-prop_readHereDoc16= isOk readScript "cat <<- ' foo'\nbar\n foo\n"
-prop_readHereDoc17= isWarning readScript "cat <<- ' foo'\nbar\n  foo\n foo\n"
-prop_readHereDoc18= isOk readScript "cat <<'\"foo'\nbar\n\"foo\n"
-prop_readHereDoc20= isWarning readScript "cat << foo\n  foo\n()\nfoo\n"
-prop_readHereDoc21= isOk readScript "# shellcheck disable=SC1039\ncat << foo\n  foo\n()\nfoo\n"
+prop_readHereDoc10 = isOk readScript "if true; then cat << foo << bar; fi\nfoo\nbar\n"
+prop_readHereDoc11 = isOk readScript "cat << foo $(\nfoo\n)lol\nfoo\n"
+prop_readHereDoc12 = isOk readScript "cat << foo|cat\nbar\nfoo"
+prop_readHereDoc13 = isOk readScript "cat <<'#!'\nHello World\n#!\necho Done"
+prop_readHereDoc14 = isWarning readScript "cat << foo\nbar\nfoo \n"
+prop_readHereDoc15 = isWarning readScript "cat <<foo\nbar\nfoo bar\nfoo"
+prop_readHereDoc16 = isOk readScript "cat <<- ' foo'\nbar\n foo\n"
+prop_readHereDoc17 = isWarning readScript "cat <<- ' foo'\nbar\n  foo\n foo\n"
+prop_readHereDoc18 = isOk readScript "cat <<'\"foo'\nbar\n\"foo\n"
+prop_readHereDoc20 = isWarning readScript "cat << foo\n  foo\n()\nfoo\n"
+prop_readHereDoc21 = isOk readScript "# shellcheck disable=SC1039\ncat << foo\n  foo\n()\nfoo\n"
 prop_readHereDoc22 = isWarning readScript "cat << foo\r\ncow\r\nfoo\r\n"
 prop_readHereDoc23 = isNotOk readScript "cat << foo \r\ncow\r\nfoo\r\n"
 readHereDoc = called "here document" $ do
@@ -2555,9 +2555,9 @@ prop_readForClause6 = isOk readForClause "for ((;;))\ndo echo $i\ndone"
 prop_readForClause7 = isOk readForClause "for ((;;)) do echo $i\ndone"
 prop_readForClause8 = isOk readForClause "for ((;;)) ; do echo $i\ndone"
 prop_readForClause9 = isOk readForClause "for i do true; done"
-prop_readForClause10= isOk readForClause "for ((;;)) { true; }"
-prop_readForClause12= isWarning readForClause "for $a in *; do echo \"$a\"; done"
-prop_readForClause13= isOk readForClause "for foo\nin\\\n  bar\\\n  baz\ndo true; done"
+prop_readForClause10 = isOk readForClause "for ((;;)) { true; }"
+prop_readForClause12 = isWarning readForClause "for $a in *; do echo \"$a\"; done"
+prop_readForClause13 = isOk readForClause "for foo\nin\\\n  bar\\\n  baz\ndo true; done"
 readForClause = called "for loop" $ do
     pos <- getPosition
     (T_For id) <- g_For
@@ -2689,10 +2689,10 @@ prop_readFunctionDefinition6 = isOk readFunctionDefinition "?(){ foo; }"
 prop_readFunctionDefinition7 = isOk readFunctionDefinition "..(){ cd ..; }"
 prop_readFunctionDefinition8 = isOk readFunctionDefinition "foo() (ls)"
 prop_readFunctionDefinition9 = isOk readFunctionDefinition "function foo { true; }"
-prop_readFunctionDefinition10= isOk readFunctionDefinition "function foo () { true; }"
-prop_readFunctionDefinition11= isWarning readFunctionDefinition "function foo{\ntrue\n}"
-prop_readFunctionDefinition12= isOk readFunctionDefinition "function []!() { true; }"
-prop_readFunctionDefinition13= isOk readFunctionDefinition "@require(){ true; }"
+prop_readFunctionDefinition10 = isOk readFunctionDefinition "function foo () { true; }"
+prop_readFunctionDefinition11 = isWarning readFunctionDefinition "function foo{\ntrue\n}"
+prop_readFunctionDefinition12 = isOk readFunctionDefinition "function []!() { true; }"
+prop_readFunctionDefinition13 = isOk readFunctionDefinition "@require(){ true; }"
 readFunctionDefinition = called "function" $ do
     start <- startSpan
     functionSignature <- try readFunctionSignature
@@ -2890,14 +2890,14 @@ prop_readAssignmentWord5 = isOk readAssignmentWord "b+=lol"
 prop_readAssignmentWord7 = isOk readAssignmentWord "a[3$n'']=42"
 prop_readAssignmentWord8 = isOk readAssignmentWord "a[4''$(cat foo)]=42"
 prop_readAssignmentWord9 = isOk readAssignmentWord "IFS= "
-prop_readAssignmentWord9a= isOk readAssignmentWord "foo="
-prop_readAssignmentWord9b= isOk readAssignmentWord "foo=  "
-prop_readAssignmentWord9c= isOk readAssignmentWord "foo=  #bar"
-prop_readAssignmentWord11= isOk readAssignmentWord "foo=([a]=b [c] [d]= [e f )"
-prop_readAssignmentWord12= isOk readAssignmentWord "a[b <<= 3 + c]='thing'"
-prop_readAssignmentWord13= isOk readAssignmentWord "var=( (1 2) (3 4) )"
-prop_readAssignmentWord14= isOk readAssignmentWord "var=( 1 [2]=(3 4) )"
-prop_readAssignmentWord15= isOk readAssignmentWord "var=(1 [2]=(3 4))"
+prop_readAssignmentWord9a = isOk readAssignmentWord "foo="
+prop_readAssignmentWord9b = isOk readAssignmentWord "foo=  "
+prop_readAssignmentWord9c = isOk readAssignmentWord "foo=  #bar"
+prop_readAssignmentWord11 = isOk readAssignmentWord "foo=([a]=b [c] [d]= [e f )"
+prop_readAssignmentWord12 = isOk readAssignmentWord "a[b <<= 3 + c]='thing'"
+prop_readAssignmentWord13 = isOk readAssignmentWord "var=( (1 2) (3 4) )"
+prop_readAssignmentWord14 = isOk readAssignmentWord "var=( 1 [2]=(3 4) )"
+prop_readAssignmentWord15 = isOk readAssignmentWord "var=(1 [2]=(3 4))"
 readAssignmentWord = readAssignmentWordExt True
 readWellFormedAssignment = readAssignmentWordExt False
 readAssignmentWordExt lenient = called "variable assignment" $ do

From 819470fa1de0e024125aad7e2d2499ca5627f8b9 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Fri, 22 Jul 2022 17:06:24 -0700
Subject: [PATCH 033/244] Omit SC3021 about `>& file` unless definitely
 non-numeric (fixes #2520)

---
 src/ShellCheck/Checks/ShellSupport.hs | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index c12da2d..30a19b9 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -135,6 +135,8 @@ prop_checkBashisms49 = verify checkBashisms "#!/bin/dash\necho $MACHTYPE"
 prop_checkBashisms50 = verify checkBashisms "#!/bin/sh\ncmd >& file"
 prop_checkBashisms51 = verifyNot checkBashisms "#!/bin/sh\ncmd 2>&1"
 prop_checkBashisms52 = verifyNot checkBashisms "#!/bin/sh\ncmd >&2"
+prop_checkBashisms52b = verifyNot checkBashisms "#!/bin/sh\ncmd >& $var"
+prop_checkBashisms52c = verify checkBashisms "#!/bin/sh\ncmd >& $dir/$var"
 prop_checkBashisms53 = verifyNot checkBashisms "#!/bin/sh\nprintf -- -f\n"
 prop_checkBashisms54 = verify checkBashisms "#!/bin/sh\nfoo+=bar"
 prop_checkBashisms55 = verify checkBashisms "#!/bin/sh\necho ${@%foo}"
@@ -225,7 +227,8 @@ checkBashisms = ForShell [Sh, Dash] $ \t -> do
             warnMsg id 3018 $ filter (/= '|') op ++ " is"
     bashism (TA_Binary id "**" _ _) = warnMsg id 3019 "exponentials are"
     bashism (T_FdRedirect id "&" (T_IoFile _ (T_Greater _) _)) = warnMsg id 3020 "&> is"
-    bashism (T_FdRedirect id "" (T_IoFile _ (T_GREATAND _) _)) = warnMsg id 3021 ">& is"
+    bashism (T_FdRedirect id "" (T_IoFile _ (T_GREATAND _) file)) =
+        unless (all isDigit $ onlyLiteralString file) $ warnMsg id 3021 ">& filename (as opposed to >& fd) is"
     bashism (T_FdRedirect id ('{':_) _) = warnMsg id 3022 "named file descriptors are"
     bashism (T_FdRedirect id num _)
         | all isDigit num && length num > 1 = warnMsg id 3023 "FDs outside 0-9 are"

From b261ec24f9ebcb911e7ff4264e5ea7d36cc93f59 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Fri, 22 Jul 2022 20:16:01 -0700
Subject: [PATCH 034/244] Include exit codes in DFA (ref #2541)

---
 src/ShellCheck/CFG.hs         |  8 ++-
 src/ShellCheck/CFGAnalysis.hs | 92 +++++++++++++++++++++++++++--------
 2 files changed, 77 insertions(+), 23 deletions(-)

diff --git a/src/ShellCheck/CFG.hs b/src/ShellCheck/CFG.hs
index 4906d80..1085d8f 100644
--- a/src/ShellCheck/CFG.hs
+++ b/src/ShellCheck/CFG.hs
@@ -651,7 +651,10 @@ build t = do
                 pg <- wordToExactPseudoGlob c
                 return $ pg `pseudoGlobIsSuperSetof` [PGMany]
 
-        T_Condition _ _ op -> build op
+        T_Condition id _ op -> do
+            cond <- build op
+            status <- newNodeRange $ CFSetExitCode id
+            linkRange cond status
 
         T_CoProc id maybeName t -> do
             let name = fromMaybe "COPROC" maybeName
@@ -798,7 +801,8 @@ build t = do
             start <- newStructuralNode
             hasLastpipe <- reader $ cfLastpipe . cfParameters
             (leading, last) <- buildPipe hasLastpipe cmds
-            end <- newStructuralNode
+            -- Ideally we'd let this exit code be that of the last command in the pipeline but ok
+            end <- newNodeRange $ CFSetExitCode id
 
             mapM_ (linkRange start) leading
             mapM_ (\c -> linkRangeAs CFEFalseFlow c end) leading
diff --git a/src/ShellCheck/CFGAnalysis.hs b/src/ShellCheck/CFGAnalysis.hs
index daade43..893c34a 100644
--- a/src/ShellCheck/CFGAnalysis.hs
+++ b/src/ShellCheck/CFGAnalysis.hs
@@ -104,11 +104,29 @@ data CFGAnalysis = CFGAnalysis {
 
 -- The program state we expose externally
 data ProgramState = ProgramState {
---    internalState :: InternalState, -- For debugging
+    -- internalState :: InternalState, -- For debugging
     variablesInScope :: M.Map String VariableState,
+    exitCodes :: S.Set Id,
     stateIsReachable :: Bool
 } deriving (Show, Eq, Generic, NFData)
 
+internalToExternal :: InternalState -> ProgramState
+internalToExternal s =
+    ProgramState {
+        -- Censor the literal value to avoid introducing dependencies on it. It's just for debugging.
+        variablesInScope = M.map censor flatVars,
+        -- internalState = s, -- For debugging
+        exitCodes = fromMaybe S.empty $ sExitCodes s,
+        stateIsReachable = fromMaybe True $ sIsReachable s
+    }
+  where
+    censor s = s {
+        variableValue = (variableValue s) {
+            literalValue = Nothing
+        }
+    }
+    flatVars = M.unionsWith (\_ last -> last) $ map mapStorage [sGlobalValues s, sLocalValues s, sPrefixValues s]
+
 -- Conveniently get the state before a token id
 getIncomingState :: CFGAnalysis -> Id -> Maybe ProgramState
 getIncomingState analysis id = do
@@ -130,6 +148,7 @@ data InternalState = InternalState {
     sLocalValues :: VersionedMap String VariableState,
     sPrefixValues :: VersionedMap String VariableState,
     sFunctionTargets :: VersionedMap String FunctionValue,
+    sExitCodes :: Maybe (S.Set Id),
     sIsReachable :: Maybe Bool
 } deriving (Show, Generic, NFData)
 
@@ -139,6 +158,7 @@ newInternalState = InternalState {
     sLocalValues = vmEmpty,
     sPrefixValues = vmEmpty,
     sFunctionTargets = vmEmpty,
+    sExitCodes = Nothing,
     sIsReachable = Nothing
 }
 
@@ -196,31 +216,25 @@ removeProperties props state = state {
     variableProperties = S.map (\s -> S.difference s props) $ variableProperties state
 }
 
-internalToExternal :: InternalState -> ProgramState
-internalToExternal s =
-    ProgramState {
-        -- Censor the literal value to avoid introducing dependencies on it. It's just for debugging.
-        variablesInScope = M.map censor flatVars,
-        -- internalState = s, -- For debugging
-        stateIsReachable = fromMaybe True $ sIsReachable s
-    }
-  where
-    censor s = s {
-        variableValue = (variableValue s) {
-            literalValue = Nothing
-        }
-    }
-    flatVars = M.unionsWith (\_ last -> last) $ map mapStorage [sGlobalValues s, sLocalValues s, sPrefixValues s]
+setExitCode id = setExitCodes (S.singleton id)
+setExitCodes set state = modified state {
+    sExitCodes = Just $ set
+}
 
 -- Dependencies on values, e.g. "if there is a global variable named 'foo' without spaces"
 -- This is used to see if the DFA of a function would result in the same state, so anything
 -- that affects DFA must be tracked.
 data StateDependency =
+    -- Complete variable state
     DepState Scope String VariableState
+    -- Only variable properties (we need properties but not values for x=1)
     | DepProperties Scope String VariableProperties
+    -- Function definition
     | DepFunction String (S.Set FunctionDefinition)
     -- Whether invoking the node would result in recursion (i.e., is the function on the stack?)
     | DepIsRecursive Node Bool
+    -- The set of commands that could have provided the exit code $?
+    | DepExitCodes (S.Set Id)
     deriving (Show, Eq, Ord, Generic, NFData)
 
 -- A function definition, or lack thereof
@@ -242,6 +256,7 @@ depsToState set = foldl insert newInternalState $ S.toList set
             -- State includes properties and more, so don't overwrite a state with properties
             DepProperties scope name props -> insertIn False scope name unknownVariableState { variableProperties = props } state
             DepIsRecursive _ _ -> state
+            DepExitCodes s -> setExitCodes s state
 
     insertIn overwrite scope name val state =
         let
@@ -400,6 +415,7 @@ patchState base diff =
                 sLocalValues = vmPatch (sLocalValues base) (sLocalValues diff),
                 sPrefixValues = vmPatch (sPrefixValues base) (sPrefixValues diff),
                 sFunctionTargets = vmPatch (sFunctionTargets base) (sFunctionTargets diff),
+                sExitCodes = sExitCodes diff `mplus` sExitCodes base,
                 sIsReachable = sIsReachable diff `mplus` sIsReachable base
             }
 
@@ -444,12 +460,14 @@ mergeState ctx a b = do
                 locals <- mergeMaps ctx mergeVariableState readVariable (sLocalValues a) (sLocalValues b)
                 prefix <- mergeMaps ctx mergeVariableState readVariable (sPrefixValues a) (sPrefixValues b)
                 funcs <- mergeMaps ctx S.union readFunction (sFunctionTargets a) (sFunctionTargets b)
+                exitCodes <- mergeMaybes ctx S.union readExitCodes (sExitCodes a) (sExitCodes b)
                 return $ InternalState {
                     sVersion = -1,
                     sGlobalValues = globals,
                     sLocalValues = locals,
                     sPrefixValues = prefix,
                     sFunctionTargets = funcs,
+                    sExitCodes = exitCodes,
                     sIsReachable = liftM2 (&&) (sIsReachable a) (sIsReachable b)
                 }
 
@@ -493,6 +511,18 @@ mergeMaps ctx merger reader a b =
                 nv1 <- reader ctx k2
                 f ((k2, merger nv1 v2):l) l1 rest2
 
+-- Merge two Maybes, like mergeMaps for a single element
+mergeMaybes ctx merger reader a b =
+    case (a, b) of
+        (Nothing, Nothing) -> return Nothing
+        (Just v1, Nothing) -> single v1
+        (Nothing, Just v2) -> single v2
+        (Just v1, Just v2) -> return $ Just $ merger v1 v2
+  where
+    single val = do
+        result <- merger val <$> reader ctx
+        return $ Just result
+
 vmFromMap ctx map = return $ VersionedMap {
     mapVersion = -1,
     mapStorage = map
@@ -708,6 +738,12 @@ readFunction ctx name = lookupStack get dep def ctx name
 writeFunction ctx name val = do
     modifySTRef (cOutput ctx) $ insertFunction name $ S.singleton val
 
+readExitCodes ctx = lookupStack get dep def ctx ()
+  where
+    get s () = sExitCodes s
+    def = S.empty
+    dep () v = DepExitCodes v
+
 -- Look up each state on the stack until a value is found (or the default is used),
 -- then add this value as a StateDependency.
 lookupStack' :: forall s k v.
@@ -872,13 +908,13 @@ transfer ctx label =
         CFExecuteCommand cmd -> transferCommand ctx cmd
         CFExecuteSubshell reason entry exit -> transferSubshell ctx reason entry exit
         CFApplyEffects effects -> mapM_ (\(IdTagged _ f) -> transferEffect ctx f) effects
+        CFSetExitCode id -> transferExitCode ctx id
 
         CFUnresolvedExit -> patchOutputM ctx unreachableState
         CFUnreachable -> patchOutputM ctx unreachableState
 
         -- TODO
         CFSetBackgroundPid _ -> return ()
-        CFSetExitCode _ -> return ()
         CFDropPrefixAssignments {} ->
             modifySTRef (cOutput ctx) $ \c -> modified c { sPrefixValues = vmEmpty }
 --        _ -> error $ "Unknown " ++ show label
@@ -891,8 +927,11 @@ transferSubshell ctx reason entry exit = do
     let cout = cOutput ctx
     initial <- readSTRef cout
     runCached ctx entry (f entry exit)
+    res <- readSTRef cout
     -- Clear subshell changes. TODO: track this to warn about modifications.
-    writeSTRef cout initial
+    writeSTRef cout $ initial {
+        sExitCodes = sExitCodes res
+    }
   where
     f entry exit ctx = do
         (states, frame) <- withNewStackFrame ctx entry False (flip dataflow $ entry)
@@ -947,6 +986,8 @@ transferFunctionValue ctx funcVal =
         registerFlowResult ctx entry states deps
         return (deps, res)
 
+transferExitCode ctx id = do
+    modifySTRef (cOutput ctx) $ setExitCode id
 
 -- Register/save the result of a dataflow of a function.
 -- At the end, all the different values from different flows are merged together.
@@ -1001,8 +1042,10 @@ getCache ctx node = do
 -- Transfer a single CFEffect to the output state.
 transferEffect ctx effect =
     case effect of
-        CFReadVariable name -> do
-            void $ readVariable ctx name
+        CFReadVariable name ->
+            case name of
+                "?" -> void $ readExitCodes ctx
+                _ -> void $ readVariable ctx name
         CFWriteVariable name value -> do
             val <- cfValueToVariableValue ctx value
             updateVariableValue ctx name val
@@ -1235,7 +1278,14 @@ analyzeControlFlow params t =
         -- (it's probably not actually dead, just used by a script that sources ours)
         let declaredFunctions = getFunctionTargets exitState
         let uninvoked = M.difference declaredFunctions invokedNodes
-        analyzeStragglers ctx exitState uninvoked
+
+        let stragglerInput =
+                exitState {
+                    -- We don't want `die() { exit $?; }; echo "Sourced"` to assume $? is always echo
+                    sExitCodes = Nothing
+                }
+
+        analyzeStragglers ctx stragglerInput uninvoked
 
         -- Now round up all the states from all data flows
         -- (FIXME: this excludes functions that were defined in straggling functions)

From f7857028f7a019b47c8a5294dd8d4182e5bed864 Mon Sep 17 00:00:00 2001
From: ygeyzel <ygeyzel@gmail.com>
Date: Sat, 23 Jul 2022 19:24:16 +0300
Subject: [PATCH 035/244] Add escape characters to SC2028: \a, \b, \e, \f, \v,
 \\, \', \OOO, \xHH

---
 src/ShellCheck/Checks/Commands.hs | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Checks/Commands.hs b/src/ShellCheck/Checks/Commands.hs
index 4bae17e..67c3c48 100644
--- a/src/ShellCheck/Checks/Commands.hs
+++ b/src/ShellCheck/Checks/Commands.hs
@@ -481,9 +481,16 @@ prop_checkUnusedEchoEscapes2 = verifyNot checkUnusedEchoEscapes "echo -e 'foi\\n
 prop_checkUnusedEchoEscapes3 = verify checkUnusedEchoEscapes "echo \"n:\\t42\""
 prop_checkUnusedEchoEscapes4 = verifyNot checkUnusedEchoEscapes "echo lol"
 prop_checkUnusedEchoEscapes5 = verifyNot checkUnusedEchoEscapes "echo -n -e '\n'"
+prop_checkUnusedEchoEscapes6 = verify checkUnusedEchoEscapes "echo '\\506'"
+prop_checkUnusedEchoEscapes7 = verify checkUnusedEchoEscapes "echo '\\5a'"
+prop_checkUnusedEchoEscapes8 = verifyNot checkUnusedEchoEscapes "echo '\\8a'"
+prop_checkUnusedEchoEscapes9 = verifyNot checkUnusedEchoEscapes "echo '\\d5a'"
+prop_checkUnusedEchoEscapes10 = verify checkUnusedEchoEscapes "echo '\\x4a'"
+prop_checkUnusedEchoEscapes11 = verify checkUnusedEchoEscapes "echo '\\xat'"
+prop_checkUnusedEchoEscapes12 = verifyNot checkUnusedEchoEscapes "echo '\\xth'"
 checkUnusedEchoEscapes = CommandCheck (Basename "echo") f
   where
-    hasEscapes = mkRegex "\\\\[rnt]"
+    hasEscapes = mkRegex "\\\\([rntabefv\\']|[0-7]{1,3}|x([0-9]|[A-F]|[a-f]){1,2})"
     f cmd =
         whenShell [Sh, Bash, Ksh] $
             unless (cmd `hasFlag` "e") $

From 5cf6e01ce902421065d8eee24c7a4a10d842efa9 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 23 Jul 2022 09:38:58 -0700
Subject: [PATCH 036/244] Warn when $? refers to echo or condition (ref #2541)

---
 CHANGELOG.md                  |  1 +
 src/ShellCheck/Analytics.hs   | 37 +++++++++++++++++++++++++++++++++++
 src/ShellCheck/AnalyzerLib.hs |  3 +++
 src/ShellCheck/CFGAnalysis.hs |  1 +
 4 files changed, 42 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index dce3e27..5ff01c3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,7 @@
 - SC2316: Warn about 'local readonly foo' and similar (thanks, patrickxia!)
 - SC2317: Warn about unreachable commands
 - SC2318: Warn about backreferences in 'declare x=1 y=$x'
+- SC2319/SC2320: Warn when $? refers to echo/printf/[ ]/[[ ]]/test
 
 ### Fixed
 - SC2086: Now uses DFA to make more accurate predictions about values
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 1429e1b..07bf25b 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -205,6 +205,7 @@ nodeChecks = [
     ,checkBatsTestDoesNotUseNegation
     ,checkCommandIsUnreachable
     ,checkSpacefulnessCfg
+    ,checkOverwrittenExitCode
     ]
 
 optionalChecks = map fst optionalTreeChecks
@@ -4876,5 +4877,41 @@ checkCommandIsUnreachable params t =
         _ -> return ()
   where id = getId t
 
+
+prop_checkOverwrittenExitCode1 = verify checkOverwrittenExitCode "x; [ $? -eq 1 ] || [ $? -eq 2 ]"
+prop_checkOverwrittenExitCode2 = verifyNot checkOverwrittenExitCode "x; [ $? -eq 1 ]"
+prop_checkOverwrittenExitCode3 = verify checkOverwrittenExitCode "x; echo \"Exit is $?\"; [ $? -eq 0 ]"
+prop_checkOverwrittenExitCode4 = verifyNot checkOverwrittenExitCode "x; [ $? -eq 0 ]"
+checkOverwrittenExitCode params t =
+    case t of
+        T_DollarBraced id _ val | getLiteralString val == Just "?" -> check id
+        _ -> return ()
+  where
+    check id = sequence_ $ do
+        state <- CF.getIncomingState (cfgAnalysis params) id
+        let exitCodeIds = CF.exitCodes state
+        guard . not $ S.null exitCodeIds
+
+        let idToToken = idMap params
+        exitCodeTokens <- sequence $ map (\k -> Map.lookup k idToToken) $ S.toList exitCodeIds
+        return $ do
+            when (all isCondition exitCodeTokens) $
+                warn id 2319 "This $? refers to a condition, not a command. Assign to a variable to avoid it being overwritten."
+            when (all isPrinting exitCodeTokens) $
+                warn id 2320 "This $? refers to echo/printf, not a previous command. Assign to variable to avoid it being overwritten."
+
+    isCondition t =
+        case t of
+            T_Condition {} -> True
+            T_SimpleCommand {} -> getCommandName t == Just "test"
+            _ -> False
+
+    isPrinting t =
+        case getCommandBasename t of
+            Just "echo" -> True
+            Just "printf" -> True
+            _ -> False
+
+
 return []
 runTests =  $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |])
diff --git a/src/ShellCheck/AnalyzerLib.hs b/src/ShellCheck/AnalyzerLib.hs
index e998f2c..88da89e 100644
--- a/src/ShellCheck/AnalyzerLib.hs
+++ b/src/ShellCheck/AnalyzerLib.hs
@@ -89,6 +89,8 @@ data Parameters = Parameters {
     hasPipefail        :: Bool,
     -- A linear (bad) analysis of data flow
     variableFlow       :: [StackData],
+    -- A map from Id to Token
+    idMap              :: Map.Map Id Token,
     -- A map from Id to parent Token
     parentMap          :: Map.Map Id Token,
     -- The shell type, such as Bash or Ksh
@@ -218,6 +220,7 @@ makeParameters spec = params
                 Sh   -> True
                 Ksh  -> containsPipefail root,
         shellTypeSpecified = isJust (asShellType spec) || isJust (asFallbackShell spec),
+        idMap = getTokenMap root,
         parentMap = getParentTree root,
         variableFlow = getVariableFlow params root,
         tokenPositions = asTokenPositions spec,
diff --git a/src/ShellCheck/CFGAnalysis.hs b/src/ShellCheck/CFGAnalysis.hs
index 893c34a..bb90860 100644
--- a/src/ShellCheck/CFGAnalysis.hs
+++ b/src/ShellCheck/CFGAnalysis.hs
@@ -804,6 +804,7 @@ fulfillsDependency ctx entry dep =
         -- it won't be found by the normal check.
         DepIsRecursive node val | node == entry -> return True
         DepIsRecursive node val -> return $ val == any (\f -> entryPoint f == node) (cStack ctx)
+        DepExitCodes val -> (== val) <$> peekStack (\s k -> sExitCodes s) S.empty ctx ()
   --      _ -> error $ "Unknown dep " ++ show dep
   where
     peek scope = peekStack getVariableWithScope $ if scope == GlobalScope then (unknownVariableState, GlobalScope) else (unsetVariableState, LocalScope)

From ea4e0091c7b403ace135eddf1e508ff2fc0f783f Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 23 Jul 2022 15:38:42 -0700
Subject: [PATCH 037/244] Additionally pluralize 'arguments' in SC2183

---
 src/ShellCheck/Checks/Commands.hs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/ShellCheck/Checks/Commands.hs b/src/ShellCheck/Checks/Commands.hs
index 8bca2ba..e97ecd6 100644
--- a/src/ShellCheck/Checks/Commands.hs
+++ b/src/ShellCheck/Checks/Commands.hs
@@ -706,8 +706,8 @@ checkPrintfVar = CommandCheck (Exactly "printf") (f . arguments) where
                     return () -- Great: a suitable number of arguments
                 | otherwise ->
                     warn (getId format) 2183 $
-                        "This format string has " ++ show formatCount ++ " " ++ (pluraliseIfMany "variable" formatCount) ++
-                        ", but is passed " ++ show argCount ++ " arguments."
+                        "This format string has " ++ show formatCount ++ " " ++ pluraliseIfMany "variable" formatCount ++
+                        ", but is passed " ++ show argCount ++ pluraliseIfMany " argument" argCount ++ "."
 
         unless ('%' `elem` concat (oversimplify format) || isLiteral format) $
           info (getId format) 2059

From 30bb0e0093172b93fecb53dca9d5d657962d8c0a Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 23 Jul 2022 20:10:58 -0700
Subject: [PATCH 038/244] SC2321: Warn about redundant $(()) in arr[$((i))]=x
 (ref: #1666)

---
 CHANGELOG.md                |  1 +
 src/ShellCheck/Analytics.hs | 18 ++++++++++++++++++
 2 files changed, 19 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5ff01c3..669579f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,7 @@
 - SC2317: Warn about unreachable commands
 - SC2318: Warn about backreferences in 'declare x=1 y=$x'
 - SC2319/SC2320: Warn when $? refers to echo/printf/[ ]/[[ ]]/test
+- SC2321: Suggest removing $((..)) in array[$((idx))]=val
 
 ### Fixed
 - SC2086: Now uses DFA to make more accurate predictions about values
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 07bf25b..e92f3ff 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -206,6 +206,7 @@ nodeChecks = [
     ,checkCommandIsUnreachable
     ,checkSpacefulnessCfg
     ,checkOverwrittenExitCode
+    ,checkUnnecessaryArithmeticExpansionIndex
     ]
 
 optionalChecks = map fst optionalTreeChecks
@@ -4913,5 +4914,22 @@ checkOverwrittenExitCode params t =
             _ -> False
 
 
+prop_checkUnnecessaryArithmeticExpansionIndex1 = verify checkUnnecessaryArithmeticExpansionIndex "a[$((1+1))]=n"
+prop_checkUnnecessaryArithmeticExpansionIndex2 = verifyNot checkUnnecessaryArithmeticExpansionIndex "a[1+1]=n"
+prop_checkUnnecessaryArithmeticExpansionIndex3 = verifyNot checkUnnecessaryArithmeticExpansionIndex "a[$(echo $((1+1)))]=n"
+checkUnnecessaryArithmeticExpansionIndex params t =
+    case t of
+        T_Assignment _ mode var [TA_Sequence _ [ TA_Expansion _ [expansion@(T_DollarArithmetic id _)]]] val ->
+            styleWithFix id 2321 "Array indices are already arithmetic contexts. Prefer removing the $(( and ))." $ fix id
+        _ -> return ()
+
+  where
+    fix id =
+        fixWith [
+            replaceStart id params 3 "", -- Remove "$(("
+            replaceEnd id params 2 ""    -- Remove "))"
+        ]
+
+
 return []
 runTests =  $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |])

From 52dac51cd4d919667e3a2d3d3feec1d516464392 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 24 Jul 2022 14:06:01 -0700
Subject: [PATCH 039/244] SC2323: Warn about redundant parens in a[(x+1)] and
 $(( ((x)) )) (ref: #1666)

---
 CHANGELOG.md                |  2 ++
 src/ShellCheck/AST.hs       |  4 +++-
 src/ShellCheck/Analytics.hs | 33 +++++++++++++++++++++++++++++++++
 src/ShellCheck/CFG.hs       |  1 +
 src/ShellCheck/Parser.hs    |  4 +++-
 5 files changed, 42 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 669579f..cef16f4 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,8 @@
 - SC2318: Warn about backreferences in 'declare x=1 y=$x'
 - SC2319/SC2320: Warn when $? refers to echo/printf/[ ]/[[ ]]/test
 - SC2321: Suggest removing $((..)) in array[$((idx))]=val
+- SC2322: Suggest collapsing double parentheses in arithmetic contexts
+- SC2323: Suggest removing wrapping parentheses in a[(x+1)]=val
 
 ### Fixed
 - SC2086: Now uses DFA to make more accurate predictions about values
diff --git a/src/ShellCheck/AST.hs b/src/ShellCheck/AST.hs
index 2cd2f6f..ca5007a 100644
--- a/src/ShellCheck/AST.hs
+++ b/src/ShellCheck/AST.hs
@@ -45,6 +45,7 @@ data InnerToken t =
     | Inner_TA_Variable String [t]
     | Inner_TA_Expansion [t]
     | Inner_TA_Sequence [t]
+    | Inner_TA_Parenthesis t
     | Inner_TA_Trinary t t t
     | Inner_TA_Unary String t
     | Inner_TC_And ConditionType String t t
@@ -204,6 +205,7 @@ pattern T_Annotation id anns t = OuterToken id (Inner_T_Annotation anns t)
 pattern T_Arithmetic id c = OuterToken id (Inner_T_Arithmetic c)
 pattern T_Array id t = OuterToken id (Inner_T_Array t)
 pattern TA_Sequence id l = OuterToken id (Inner_TA_Sequence l)
+pattern TA_Parentesis id t = OuterToken id (Inner_TA_Parenthesis t)
 pattern T_Assignment id mode var indices value = OuterToken id (Inner_T_Assignment mode var indices value)
 pattern TA_Trinary id t1 t2 t3 = OuterToken id (Inner_TA_Trinary t1 t2 t3)
 pattern TA_Unary id op t1 = OuterToken id (Inner_TA_Unary op t1)
@@ -256,7 +258,7 @@ pattern T_Subshell id l = OuterToken id (Inner_T_Subshell l)
 pattern T_UntilExpression id c l = OuterToken id (Inner_T_UntilExpression c l)
 pattern T_WhileExpression id c l = OuterToken id (Inner_T_WhileExpression c l)
 
-{-# COMPLETE T_AND_IF, T_Bang, T_Case, TC_Empty, T_CLOBBER, T_DGREAT, T_DLESS, T_DLESSDASH, T_Do, T_DollarSingleQuoted, T_Done, T_DSEMI, T_Elif, T_Else, T_EOF, T_Esac, T_Fi, T_For, T_Glob, T_GREATAND, T_Greater, T_If, T_In, T_Lbrace, T_Less, T_LESSAND, T_LESSGREAT, T_Literal, T_Lparen, T_NEWLINE, T_OR_IF, T_ParamSubSpecialChar, T_Pipe, T_Rbrace, T_Rparen, T_Select, T_Semi, T_SingleQuoted, T_Then, T_UnparsedIndex, T_Until, T_While, TA_Assignment, TA_Binary, TA_Expansion, T_AndIf, T_Annotation, T_Arithmetic, T_Array, TA_Sequence, T_Assignment, TA_Trinary, TA_Unary, TA_Variable, T_Backgrounded, T_Backticked, T_Banged, T_BatsTest, T_BraceExpansion, T_BraceGroup, TC_And, T_CaseExpression, TC_Binary, TC_Group, TC_Nullary, T_Condition, T_CoProcBody, T_CoProc, TC_Or, TC_Unary, T_DollarArithmetic, T_DollarBraceCommandExpansion, T_DollarBraced, T_DollarBracket, T_DollarDoubleQuoted, T_DollarExpansion, T_DoubleQuoted, T_Extglob, T_FdRedirect, T_ForArithmetic, T_ForIn, T_Function, T_HereDoc, T_HereString, T_IfExpression, T_Include, T_IndexedElement, T_IoDuplicate, T_IoFile, T_NormalWord, T_OrIf, T_Pipeline, T_ProcSub, T_Redirecting, T_Script, T_SelectIn, T_SimpleCommand, T_SourceCommand, T_Subshell, T_UntilExpression, T_WhileExpression #-}
+{-# COMPLETE T_AND_IF, T_Bang, T_Case, TC_Empty, T_CLOBBER, T_DGREAT, T_DLESS, T_DLESSDASH, T_Do, T_DollarSingleQuoted, T_Done, T_DSEMI, T_Elif, T_Else, T_EOF, T_Esac, T_Fi, T_For, T_Glob, T_GREATAND, T_Greater, T_If, T_In, T_Lbrace, T_Less, T_LESSAND, T_LESSGREAT, T_Literal, T_Lparen, T_NEWLINE, T_OR_IF, T_ParamSubSpecialChar, T_Pipe, T_Rbrace, T_Rparen, T_Select, T_Semi, T_SingleQuoted, T_Then, T_UnparsedIndex, T_Until, T_While, TA_Assignment, TA_Binary, TA_Expansion, T_AndIf, T_Annotation, T_Arithmetic, T_Array, TA_Sequence, TA_Parentesis, T_Assignment, TA_Trinary, TA_Unary, TA_Variable, T_Backgrounded, T_Backticked, T_Banged, T_BatsTest, T_BraceExpansion, T_BraceGroup, TC_And, T_CaseExpression, TC_Binary, TC_Group, TC_Nullary, T_Condition, T_CoProcBody, T_CoProc, TC_Or, TC_Unary, T_DollarArithmetic, T_DollarBraceCommandExpansion, T_DollarBraced, T_DollarBracket, T_DollarDoubleQuoted, T_DollarExpansion, T_DoubleQuoted, T_Extglob, T_FdRedirect, T_ForArithmetic, T_ForIn, T_Function, T_HereDoc, T_HereString, T_IfExpression, T_Include, T_IndexedElement, T_IoDuplicate, T_IoFile, T_NormalWord, T_OrIf, T_Pipeline, T_ProcSub, T_Redirecting, T_Script, T_SelectIn, T_SimpleCommand, T_SourceCommand, T_Subshell, T_UntilExpression, T_WhileExpression #-}
 
 instance Eq Token where
     OuterToken _ a == OuterToken _ b = a == b
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index e92f3ff..eed2d25 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -207,6 +207,7 @@ nodeChecks = [
     ,checkSpacefulnessCfg
     ,checkOverwrittenExitCode
     ,checkUnnecessaryArithmeticExpansionIndex
+    ,checkUnnecessaryParens
     ]
 
 optionalChecks = map fst optionalTreeChecks
@@ -3280,6 +3281,7 @@ checkReturnAgainstZero params token =
             _:next@(TA_Unary _ "!" _):_ -> isOnlyTestInCommand next
             _:next@(TC_Group {}):_ -> isOnlyTestInCommand next
             _:next@(TA_Sequence _ [_]):_ -> isOnlyTestInCommand next
+            _:next@(TA_Parentesis _ _):_ -> isOnlyTestInCommand next
             _ -> False
 
     -- TODO: Do better $? tracking and filter on whether
@@ -4931,5 +4933,36 @@ checkUnnecessaryArithmeticExpansionIndex params t =
         ]
 
 
+prop_checkUnnecessaryParens1 = verify checkUnnecessaryParens "echo $(( ((1+1)) ))"
+prop_checkUnnecessaryParens2 = verify checkUnnecessaryParens "x[((1+1))+1]=1"
+prop_checkUnnecessaryParens3 = verify checkUnnecessaryParens "x[(1+1)]=1"
+prop_checkUnnecessaryParens4 = verify checkUnnecessaryParens "$(( (x) ))"
+prop_checkUnnecessaryParens5 = verify checkUnnecessaryParens "(( (x) ))"
+prop_checkUnnecessaryParens6 = verifyNot checkUnnecessaryParens "x[(1+1)+1]=1"
+prop_checkUnnecessaryParens7 = verifyNot checkUnnecessaryParens "(( (1*1)+1 ))"
+prop_checkUnnecessaryParens8 = verifyNot checkUnnecessaryParens "(( (1)+1 ))"
+checkUnnecessaryParens params t =
+    case t of
+        T_DollarArithmetic _ t -> checkLeading "$(( (x) )) is the same as $(( x ))" t
+        T_ForArithmetic _ x y z _ -> mapM_ (checkLeading "for (((x); (y); (z))) is the same as for ((x; y; z))")  [x,y,z]
+        T_Assignment _ _ _ [t] _ -> checkLeading "a[(x)] is the same as a[x]" t
+        T_Arithmetic _ t -> checkLeading "(( (x) )) is the same as (( x ))" t
+        TA_Parentesis _ (TA_Sequence _ [ TA_Parentesis id _ ]) ->
+            styleWithFix id 2322 "In arithmetic contexts, ((x)) is the same as (x). Prefer only one layer of parentheses." $ fix id
+        _ -> return ()
+  where
+
+    checkLeading str t =
+        case t of
+            TA_Sequence _ [TA_Parentesis id _ ] -> styleWithFix id 2323 (str ++ ". Prefer not wrapping in additional parentheses.") $ fix id
+            _ -> return ()
+
+    fix id =
+        fixWith [
+            replaceStart id params 1 "", -- Remove "("
+            replaceEnd id params 1 ""    -- Remove ")"
+        ]
+
+
 return []
 runTests =  $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |])
diff --git a/src/ShellCheck/CFG.hs b/src/ShellCheck/CFG.hs
index 1085d8f..6f6d4f1 100644
--- a/src/ShellCheck/CFG.hs
+++ b/src/ShellCheck/CFG.hs
@@ -479,6 +479,7 @@ build t = do
         TA_Binary _ _ a b -> sequentially [a,b]
         TA_Expansion _ list -> sequentially list
         TA_Sequence _ list -> sequentially list
+        TA_Parentesis _ t -> build t
 
         TA_Trinary _ cond a b -> do
             condition <- build cond
diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index e6a2999..0dd6621 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -821,11 +821,13 @@ readArithmeticContents =
         return $ TA_Expansion id pieces
 
     readGroup = do
+        start <- startSpan
         char '('
         s <- readSequence
         char ')'
+        id <- endSpan start
         spacing
-        return s
+        return $ TA_Parentesis id s
 
     readArithTerm = readGroup <|> readVariable <|> readExpansion
 

From 982681fc05ca8db887431691d1cc40633e20d828 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 24 Jul 2022 14:30:31 -0700
Subject: [PATCH 040/244] Add unit test to ensure SC2321 does not trigger on
 associative arrays

---
 src/ShellCheck/Analytics.hs | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index eed2d25..8499d8d 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -4919,6 +4919,7 @@ checkOverwrittenExitCode params t =
 prop_checkUnnecessaryArithmeticExpansionIndex1 = verify checkUnnecessaryArithmeticExpansionIndex "a[$((1+1))]=n"
 prop_checkUnnecessaryArithmeticExpansionIndex2 = verifyNot checkUnnecessaryArithmeticExpansionIndex "a[1+1]=n"
 prop_checkUnnecessaryArithmeticExpansionIndex3 = verifyNot checkUnnecessaryArithmeticExpansionIndex "a[$(echo $((1+1)))]=n"
+prop_checkUnnecessaryArithmeticExpansionIndex4 = verifyNot checkUnnecessaryArithmeticExpansionIndex "declare -A a; a[$((1+1))]=val"
 checkUnnecessaryArithmeticExpansionIndex params t =
     case t of
         T_Assignment _ mode var [TA_Sequence _ [ TA_Expansion _ [expansion@(T_DollarArithmetic id _)]]] val ->

From f1148b8b41087dba8441a2c79980441522e3b23b Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Mon, 25 Jul 2022 10:00:50 -0700
Subject: [PATCH 041/244] Include postdominators in CFGResult

---
 src/ShellCheck/CFG.hs         | 86 ++++++++++++++++++++++++++++++++---
 src/ShellCheck/CFGAnalysis.hs |  5 +-
 2 files changed, 84 insertions(+), 7 deletions(-)

diff --git a/src/ShellCheck/CFG.hs b/src/ShellCheck/CFG.hs
index 6f6d4f1..ad05e93 100644
--- a/src/ShellCheck/CFG.hs
+++ b/src/ShellCheck/CFG.hs
@@ -54,6 +54,8 @@ import qualified Data.Set as S
 import Control.Monad.RWS.Lazy
 import Data.Graph.Inductive.Graph
 import Data.Graph.Inductive.Query.DFS
+import Data.Graph.Inductive.Basic
+import Data.Graph.Inductive.Query.Dominators
 import Data.Graph.Inductive.PatriciaTree as G
 import Debug.Trace -- STRIP
 
@@ -171,9 +173,11 @@ data CFGResult = CFGResult {
     -- Map from Id to nominal start&end node (i.e. assuming normal execution without exits)
     cfIdToRange :: M.Map Id (Node, Node),
     -- A set of all nodes belonging to an Id, recursively
-    cfIdToNodes :: M.Map Id (S.Set Node)
+    cfIdToNodes :: M.Map Id (S.Set Node),
+    -- A map to nodes that the given node postdominates
+    cfPostDominators :: M.Map Node (S.Set Node)
 }
-  deriving (Show)
+  deriving (Show, Generic, NFData)
 
 buildGraph :: CFGParameters -> Token -> CFGResult
 buildGraph params root =
@@ -183,12 +187,20 @@ buildGraph params root =
 --            renumberTopologically $
                 removeUnnecessaryStructuralNodes
                     base
-    in
-        CFGResult {
+
+        idToRange = M.fromList mapping
+        isRealEdge (from, to, edge) = case edge of CFEFlow -> True; _ -> False
+        onlyRealEdges = filter isRealEdge edges
+        (_, mainExit) = fromJust $ M.lookup (getId root) idToRange
+
+        result = CFGResult {
             cfGraph = mkGraph nodes edges,
-            cfIdToRange = M.fromList mapping,
-            cfIdToNodes = M.fromListWith S.union $ map (\(id, n) -> (id, S.singleton n)) association
+            cfIdToRange = idToRange,
+            cfIdToNodes = M.fromListWith S.union $ map (\(id, n) -> (id, S.singleton n)) association,
+            cfPostDominators = findPostDominators mainExit $ mkGraph nodes onlyRealEdges
         }
+    in
+        deepseq result result
 
 remapGraph :: M.Map Node Node -> CFW -> CFW
 remapGraph remap (nodes, edges, mapping, assoc) =
@@ -1190,5 +1202,67 @@ tokenToParts t =
         -- Check if getLiteralString can handle it, if not it's unknown
         _ -> [maybe CFStringUnknown CFStringLiteral $ getLiteralString t]
 
+
+-- Change all subshell invocations to instead link directly to their contents.
+-- This is used for producing dominator trees.
+inlineSubshells :: CFGraph -> CFGraph
+inlineSubshells graph = relinkedGraph
+  where
+    subshells = ufold find [] graph
+    find (incoming, node, label, outgoing) acc =
+        case label of
+            CFExecuteSubshell _ start end -> (node, label, start, end, incoming, outgoing):acc
+            _ -> acc
+
+    relinkedGraph = foldl' relink graph subshells
+    relink graph (node, label, start, end, incoming, outgoing) =
+        let
+            -- Link CFExecuteSubshell to the CFEntryPoint
+            subshellToStart = (incoming, node, label, [(CFEFlow, start)])
+            -- Link the subshell exit to the
+            endToNexts = (endIncoming, endNode, endLabel, outgoing)
+            (endIncoming, endNode, endLabel, _) = context graph end
+        in
+            subshellToStart & (endToNexts & graph)
+
+findEntryNodes :: CFGraph -> [Node]
+findEntryNodes graph = ufold find [] graph
+  where
+    find (incoming, node, label, _) list =
+        case label of
+            CFEntryPoint {} | null incoming -> node:list
+            _ -> list
+
+findDominators main graph = asSetMap
+  where
+    inlined = inlineSubshells graph
+    entryNodes = main : findEntryNodes graph
+    asLists = concatMap (dom inlined) entryNodes
+    asSetMap = M.fromList $ map (\(node, list) -> (node, S.fromList list)) asLists
+
+findTerminalNodes :: CFGraph -> [Node]
+findTerminalNodes graph = ufold find [] graph
+  where
+    find (_, node, label, _) list =
+        case label of
+            CFUnresolvedExit -> node:list
+            CFApplyEffects effects -> f effects list
+            _ -> list
+
+    f [] list = list
+    f (IdTagged _ (CFDefineFunction _ id start end):rest) list = f rest (end:list)
+    f (_:rest) list = f rest list
+
+findPostDominators :: Node -> CFGraph -> M.Map Node (S.Set Node)
+findPostDominators mainexit graph = asSetMap
+  where
+    inlined = inlineSubshells graph
+    terminals = findTerminalNodes inlined
+    (incoming, _, label, outgoing) = context graph mainexit
+    withExitEdges = (incoming ++ map (\c -> (CFEFlow, c)) terminals, mainexit, label, outgoing) & inlined
+    reversed = grev withExitEdges
+    postDoms = dom reversed mainexit
+    asSetMap = M.fromList $ map (\(node, list) -> (node, S.fromList list)) postDoms
+
 return []
 runTests =  $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |])
diff --git a/src/ShellCheck/CFGAnalysis.hs b/src/ShellCheck/CFGAnalysis.hs
index bb90860..dc0a4b1 100644
--- a/src/ShellCheck/CFGAnalysis.hs
+++ b/src/ShellCheck/CFGAnalysis.hs
@@ -99,6 +99,7 @@ data CFGAnalysis = CFGAnalysis {
     graph :: CFGraph,
     tokenToRange :: M.Map Id (Node, Node),
     tokenToNodes :: M.Map Id (S.Set Node),
+    postDominators :: M.Map Node (S.Set Node),
     nodeToData :: M.Map Node (ProgramState, ProgramState)
 } deriving (Show, Generic, NFData)
 
@@ -1304,7 +1305,8 @@ analyzeControlFlow params t =
             graph = cfGraph cfg,
             tokenToRange = cfIdToRange cfg,
             tokenToNodes = cfIdToNodes cfg,
-            nodeToData = nodeToData
+            nodeToData = nodeToData,
+            postDominators = cfPostDominators cfg
         }
 
 
@@ -1355,5 +1357,6 @@ analyzeStragglers ctx state stragglers = do
         transferFunctionValue ctx def
 
 
+
 return []
 runTests = $quickCheckAll

From e9784fa9a77f6f018997f5d164148422f7da0b33 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Mon, 25 Jul 2022 11:57:04 -0700
Subject: [PATCH 042/244] Refine #2544 to not warn when $? postdominates [ ]
 (fixes #2544)

---
 src/ShellCheck/Analytics.hs   | 13 +++++++++++--
 src/ShellCheck/CFGAnalysis.hs | 10 ++++++++++
 2 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 8499d8d..42d5a9e 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -4884,7 +4884,11 @@ checkCommandIsUnreachable params t =
 prop_checkOverwrittenExitCode1 = verify checkOverwrittenExitCode "x; [ $? -eq 1 ] || [ $? -eq 2 ]"
 prop_checkOverwrittenExitCode2 = verifyNot checkOverwrittenExitCode "x; [ $? -eq 1 ]"
 prop_checkOverwrittenExitCode3 = verify checkOverwrittenExitCode "x; echo \"Exit is $?\"; [ $? -eq 0 ]"
-prop_checkOverwrittenExitCode4 = verifyNot checkOverwrittenExitCode "x; [ $? -eq 0 ]"
+prop_checkOverwrittenExitCode4 = verifyNot checkOverwrittenExitCode "x; [ $? -eq 0 ] && echo Success"
+prop_checkOverwrittenExitCode5 = verify checkOverwrittenExitCode "x; if [ $? -eq 0 ]; then var=$?; fi"
+prop_checkOverwrittenExitCode6 = verify checkOverwrittenExitCode "x; [ $? -gt 0 ] && fail=$?"
+prop_checkOverwrittenExitCode7 = verifyNot checkOverwrittenExitCode "[ 1 -eq 2 ]; status=$?"
+prop_checkOverwrittenExitCode8 = verifyNot checkOverwrittenExitCode "[ 1 -eq 2 ]; exit $?"
 checkOverwrittenExitCode params t =
     case t of
         T_DollarBraced id _ val | getLiteralString val == Just "?" -> check id
@@ -4898,7 +4902,7 @@ checkOverwrittenExitCode params t =
         let idToToken = idMap params
         exitCodeTokens <- sequence $ map (\k -> Map.lookup k idToToken) $ S.toList exitCodeIds
         return $ do
-            when (all isCondition exitCodeTokens) $
+            when (all isCondition exitCodeTokens && not (usedUnconditionally t exitCodeIds)) $
                 warn id 2319 "This $? refers to a condition, not a command. Assign to a variable to avoid it being overwritten."
             when (all isPrinting exitCodeTokens) $
                 warn id 2320 "This $? refers to echo/printf, not a previous command. Assign to variable to avoid it being overwritten."
@@ -4909,6 +4913,11 @@ checkOverwrittenExitCode params t =
             T_SimpleCommand {} -> getCommandName t == Just "test"
             _ -> False
 
+    -- If we don't do anything based on the condition, assume we wanted the condition itself
+    -- This helps differentiate `x; [ $? -gt 0 ] && exit $?` vs `[ cond ]; exit $?`
+    usedUnconditionally t testIds =
+        all (\c -> CF.doesPostDominate (cfgAnalysis params) (getId t) c) testIds
+
     isPrinting t =
         case getCommandBasename t of
             Just "echo" -> True
diff --git a/src/ShellCheck/CFGAnalysis.hs b/src/ShellCheck/CFGAnalysis.hs
index dc0a4b1..ff88810 100644
--- a/src/ShellCheck/CFGAnalysis.hs
+++ b/src/ShellCheck/CFGAnalysis.hs
@@ -56,6 +56,7 @@ module ShellCheck.CFGAnalysis (
     ,SpaceStatus (..)
     ,getIncomingState
     ,getOutgoingState
+    ,doesPostDominate
     ,ShellCheck.CFGAnalysis.runTests -- STRIP
     ) where
 
@@ -140,6 +141,15 @@ getOutgoingState analysis id = do
     (start,end) <- M.lookup id $ tokenToRange analysis
     snd <$> M.lookup end (nodeToData analysis)
 
+-- Conveniently determine whether one node postdominates another,
+-- i.e. whether 'target' always unconditionally runs after 'base'.
+doesPostDominate :: CFGAnalysis -> Id -> Id -> Bool
+doesPostDominate analysis target base = fromMaybe False $ do
+    (_, baseEnd) <- M.lookup base $ tokenToRange analysis
+    (targetStart, _) <- M.lookup target $ tokenToRange analysis
+    postDoms <- M.lookup baseEnd $ postDominators analysis
+    return $ S.member targetStart postDoms
+
 getDataForNode analysis node = M.lookup node $ nodeToData analysis
 
 -- The current state of data flow at a point in the program, potentially as a diff

From c57e447c89a9ba64bd717560edbeb2192bb7b92a Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Tue, 26 Jul 2022 09:46:07 -0700
Subject: [PATCH 043/244] Correctly discard overlapping fixes in diff output
 (fixes #2370)

---
 src/ShellCheck/Formatter/Diff.hs | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/ShellCheck/Formatter/Diff.hs b/src/ShellCheck/Formatter/Diff.hs
index 197b3af..15d00d7 100644
--- a/src/ShellCheck/Formatter/Diff.hs
+++ b/src/ShellCheck/Formatter/Diff.hs
@@ -203,10 +203,9 @@ formatDoc color (DiffDoc name lf regions) =
 buildFixMap :: [Fix] -> M.Map String Fix
 buildFixMap fixes = perFile
   where
-    splitFixes = concatMap splitFixByFile fixes
+    splitFixes = splitFixByFile $ mconcat fixes
     perFile = groupByMap (posFile . repStartPos . head . fixReplacements) splitFixes
 
--- There are currently no multi-file fixes, but let's handle it anyways
 splitFixByFile :: Fix -> [Fix]
 splitFixByFile fix = map makeFix $ groupBy sameFile (fixReplacements fix)
   where

From b5f5e6347d59be6b26ce8761646fe95ac7b2f3c7 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Tue, 26 Jul 2022 10:42:01 -0700
Subject: [PATCH 044/244] Discard next rather than existing fixes when they
 overlap

---
 src/ShellCheck/Fixer.hs | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/ShellCheck/Fixer.hs b/src/ShellCheck/Fixer.hs
index 2376842..43a97ab 100644
--- a/src/ShellCheck/Fixer.hs
+++ b/src/ShellCheck/Fixer.hs
@@ -87,6 +87,7 @@ instance Ranged Replacement where
 instance Monoid Fix where
     mempty = newFix
     mappend = (<>)
+    mconcat = foldl mappend mempty -- fold left to right since <> discards right on overlap
 
 instance Semigroup Fix where
     f1 <> f2 =

From 4a27c9a8d50996438ff4853206be674e28069386 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Tue, 26 Jul 2022 15:33:25 -0700
Subject: [PATCH 045/244] Fix overlap check

---
 src/ShellCheck/Fixer.hs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ShellCheck/Fixer.hs b/src/ShellCheck/Fixer.hs
index 43a97ab..358dec9 100644
--- a/src/ShellCheck/Fixer.hs
+++ b/src/ShellCheck/Fixer.hs
@@ -36,7 +36,7 @@ class Ranged a where
     end     :: a -> Position
     overlap :: a -> a -> Bool
     overlap x y =
-        (yStart >= xStart && yStart < xEnd) || (yStart < xStart && yEnd > xStart)
+        xEnd > yStart && yEnd > xStart
         where
             yStart = start y
             yEnd = end y

From a30ac402eb39d3e60cd3a64abd48d00c85d49bab Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Wed, 27 Jul 2022 11:29:55 -0700
Subject: [PATCH 046/244] Don't use & for updates as result is unspecified

This fixes `Prelude.foldl1: empty list []` when script has `( exit )`
---
 src/ShellCheck/CFG.hs | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/ShellCheck/CFG.hs b/src/ShellCheck/CFG.hs
index ad05e93..39747cf 100644
--- a/src/ShellCheck/CFG.hs
+++ b/src/ShellCheck/CFG.hs
@@ -1203,6 +1203,9 @@ tokenToParts t =
         _ -> [maybe CFStringUnknown CFStringLiteral $ getLiteralString t]
 
 
+-- Like & but well defined when the node already exists
+safeUpdate ctx@(_,node,_,_) graph = ctx & (delNode node graph)
+
 -- Change all subshell invocations to instead link directly to their contents.
 -- This is used for producing dominator trees.
 inlineSubshells :: CFGraph -> CFGraph
@@ -1223,7 +1226,7 @@ inlineSubshells graph = relinkedGraph
             endToNexts = (endIncoming, endNode, endLabel, outgoing)
             (endIncoming, endNode, endLabel, _) = context graph end
         in
-            subshellToStart & (endToNexts & graph)
+            subshellToStart `safeUpdate` (endToNexts `safeUpdate` graph)
 
 findEntryNodes :: CFGraph -> [Node]
 findEntryNodes graph = ufold find [] graph
@@ -1259,7 +1262,7 @@ findPostDominators mainexit graph = asSetMap
     inlined = inlineSubshells graph
     terminals = findTerminalNodes inlined
     (incoming, _, label, outgoing) = context graph mainexit
-    withExitEdges = (incoming ++ map (\c -> (CFEFlow, c)) terminals, mainexit, label, outgoing) & inlined
+    withExitEdges = (incoming ++ map (\c -> (CFEFlow, c)) terminals, mainexit, label, outgoing) `safeUpdate` inlined
     reversed = grev withExitEdges
     postDoms = dom reversed mainexit
     asSetMap = M.fromList $ map (\(node, list) -> (node, S.fromList list)) postDoms

From 3ce310e939427216e461681e0a71c4883ff5bf03 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Wed, 27 Jul 2022 14:25:19 -0700
Subject: [PATCH 047/244] Plug space leaks when processing multiple files

---
 shellcheck.hs                     | 2 +-
 src/ShellCheck/Formatter/JSON.hs  | 3 ++-
 src/ShellCheck/Formatter/JSON1.hs | 3 ++-
 src/ShellCheck/Formatter/TTY.hs   | 3 ++-
 4 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/shellcheck.hs b/shellcheck.hs
index bf70445..a525251 100644
--- a/shellcheck.hs
+++ b/shellcheck.hs
@@ -225,7 +225,7 @@ runFormatter sys format options files = do
     f :: Status -> FilePath -> IO Status
     f status file = do
         newStatus <- process file `catch` handler file
-        return $ status `mappend` newStatus
+        return $! status `mappend` newStatus
     handler :: FilePath -> IOException -> IO Status
     handler file e = reportFailure file (show e)
     reportFailure file str = do
diff --git a/src/ShellCheck/Formatter/JSON.hs b/src/ShellCheck/Formatter/JSON.hs
index 7c26421..6b38532 100644
--- a/src/ShellCheck/Formatter/JSON.hs
+++ b/src/ShellCheck/Formatter/JSON.hs
@@ -23,6 +23,7 @@ module ShellCheck.Formatter.JSON (format) where
 import ShellCheck.Interface
 import ShellCheck.Formatter.Format
 
+import Control.DeepSeq
 import Data.Aeson
 import Data.IORef
 import Data.Monoid
@@ -103,7 +104,7 @@ collectResult ref cr sys = mapM_ f groups
     comments = crComments cr
     groups = groupWith sourceFile comments
     f :: [PositionedComment] -> IO ()
-    f group = modifyIORef ref (\x -> comments ++ x)
+    f group = deepseq comments $ modifyIORef ref (\x -> comments ++ x)
 
 finish ref = do
     list <- readIORef ref
diff --git a/src/ShellCheck/Formatter/JSON1.hs b/src/ShellCheck/Formatter/JSON1.hs
index 54aad34..2169bf6 100644
--- a/src/ShellCheck/Formatter/JSON1.hs
+++ b/src/ShellCheck/Formatter/JSON1.hs
@@ -23,6 +23,7 @@ module ShellCheck.Formatter.JSON1 (format) where
 import ShellCheck.Interface
 import ShellCheck.Formatter.Format
 
+import Control.DeepSeq
 import Data.Aeson
 import Data.IORef
 import Data.Monoid
@@ -120,7 +121,7 @@ collectResult ref cr sys = mapM_ f groups
         result <- siReadFile sys (Just True) filename
         let contents = either (const "") id result
         let comments' = makeNonVirtual comments contents
-        modifyIORef ref (\x -> comments' ++ x)
+        deepseq comments' $ modifyIORef ref (\x -> comments' ++ x)
 
 finish ref = do
     list <- readIORef ref
diff --git a/src/ShellCheck/Formatter/TTY.hs b/src/ShellCheck/Formatter/TTY.hs
index 8dd90d4..e28696c 100644
--- a/src/ShellCheck/Formatter/TTY.hs
+++ b/src/ShellCheck/Formatter/TTY.hs
@@ -23,6 +23,7 @@ import ShellCheck.Fixer
 import ShellCheck.Interface
 import ShellCheck.Formatter.Format
 
+import Control.DeepSeq
 import Control.Monad
 import Data.Array
 import Data.Foldable
@@ -88,7 +89,7 @@ rankError err = (ranking, cSeverity $ pcComment err, cCode $ pcComment err)
 appendComments errRef comments max = do
     previous <- readIORef errRef
     let current = map (\x -> (rankError x, cCode $ pcComment x, cMessage $ pcComment x)) comments
-    writeIORef errRef . take max . nubBy equal . sort $ previous ++ current
+    writeIORef errRef $! force . take max . nubBy equal . sort $ previous ++ current
   where
     fst3 (x,_,_) = x
     equal x y = fst3 x == fst3 y

From f4409122799d7967ff843259bc3a51e2fcad2cef Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Wed, 27 Jul 2022 19:47:37 -0700
Subject: [PATCH 048/244] Refactor to not generate Parameters twice

---
 src/ShellCheck/ASTLib.hs    |  4 ++++
 src/ShellCheck/Analytics.hs | 39 +++++++++++++++----------------------
 src/ShellCheck/Analyzer.hs  |  4 ++--
 src/ShellCheck/Checker.hs   |  5 +++--
 4 files changed, 25 insertions(+), 27 deletions(-)

diff --git a/src/ShellCheck/ASTLib.hs b/src/ShellCheck/ASTLib.hs
index 7b4f9e5..56903ee 100644
--- a/src/ShellCheck/ASTLib.hs
+++ b/src/ShellCheck/ASTLib.hs
@@ -898,6 +898,10 @@ isClosingFileOp op =
         T_IoDuplicate _ (T_LESSAND  _) "-" -> True
         _                                  -> False
 
+getEnableDirectives root =
+    case root of
+        T_Annotation _ list _ -> [s | EnableComment s <- list]
+        _ -> []
 
 return []
 runTests = $quickCheckAll
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 42d5a9e..e878dc4 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -19,7 +19,7 @@
 -}
 {-# LANGUAGE TemplateHaskell #-}
 {-# LANGUAGE FlexibleContexts #-}
-module ShellCheck.Analytics (runAnalytics, optionalChecks, ShellCheck.Analytics.runTests) where
+module ShellCheck.Analytics (checker, optionalChecks, ShellCheck.Analytics.runTests) where
 
 import ShellCheck.AST
 import ShellCheck.ASTLib
@@ -71,29 +71,22 @@ treeChecks = [
     ,checkArrayValueUsedAsIndex
     ]
 
-runAnalytics :: AnalysisSpec -> [TokenComment]
-runAnalytics options =
-    runList options treeChecks ++ runList options optionalChecks
+checker spec params = mkChecker spec params treeChecks
+
+mkChecker spec params checks =
+    Checker {
+        perScript = \(Root root) -> do
+            tell $ concatMap (\f -> f params root) all,
+        perToken = const $ return ()
+    }
   where
-    root = asScript options
-    optionals = getEnableDirectives root ++ asOptionalChecks options
-    optionalChecks =
-        if "all" `elem` optionals
+    all = checks ++ optionals
+    optionalKeys = asOptionalChecks spec
+    optionals =
+        if "all" `elem` optionalKeys
         then map snd optionalTreeChecks
-        else mapMaybe (\c -> Map.lookup c optionalCheckMap) optionals
+        else mapMaybe (\c -> Map.lookup c optionalCheckMap) optionalKeys
 
-runList :: AnalysisSpec -> [Parameters -> Token -> [TokenComment]]
-    -> [TokenComment]
-runList spec list = notes
-    where
-        root = asScript spec
-        params = makeParameters spec
-        notes = concatMap (\f -> f params root) list
-
-getEnableDirectives root =
-    case root of
-        T_Annotation _ list _ -> [s | EnableComment s <- list]
-        _ -> []
 
 checkList l t = concatMap (\f -> f t) l
 
@@ -318,12 +311,12 @@ producesComments f s = not . null <$> runAndGetComments f s
 
 runAndGetComments f s = do
         let pr = pScript s
-        prRoot pr
+        root <- prRoot pr
         let spec = defaultSpec pr
         let params = makeParameters spec
         return $
             filterByAnnotation spec params $
-                runList spec [f]
+                f params root
 
 -- Copied from https://wiki.haskell.org/Edit_distance
 dist :: Eq a => [a] -> [a] -> Int
diff --git a/src/ShellCheck/Analyzer.hs b/src/ShellCheck/Analyzer.hs
index ff2e457..06b6e53 100644
--- a/src/ShellCheck/Analyzer.hs
+++ b/src/ShellCheck/Analyzer.hs
@@ -35,13 +35,13 @@ analyzeScript :: AnalysisSpec -> AnalysisResult
 analyzeScript spec = newAnalysisResult {
     arComments =
         filterByAnnotation spec params . nub $
-            runAnalytics spec
-            ++ runChecker params (checkers spec params)
+            runChecker params (checkers spec params)
 }
   where
     params = makeParameters spec
 
 checkers spec params = mconcat $ map ($ params) [
+    ShellCheck.Analytics.checker spec,
     ShellCheck.Checks.Commands.checker spec,
     ShellCheck.Checks.ControlFlow.checker spec,
     ShellCheck.Checks.Custom.checker,
diff --git a/src/ShellCheck/Checker.hs b/src/ShellCheck/Checker.hs
index ef8182f..db793f1 100644
--- a/src/ShellCheck/Checker.hs
+++ b/src/ShellCheck/Checker.hs
@@ -20,9 +20,10 @@
 {-# LANGUAGE TemplateHaskell #-}
 module ShellCheck.Checker (checkScript, ShellCheck.Checker.runTests) where
 
+import ShellCheck.Analyzer
+import ShellCheck.ASTLib
 import ShellCheck.Interface
 import ShellCheck.Parser
-import ShellCheck.Analyzer
 
 import Data.Either
 import Data.Functor
@@ -85,7 +86,7 @@ checkScript sys spec = do
                     asCheckSourced = csCheckSourced spec,
                     asExecutionMode = Executed,
                     asTokenPositions = tokenPositions,
-                    asOptionalChecks = csOptionalChecks spec
+                    asOptionalChecks = getEnableDirectives root ++ csOptionalChecks spec
                 } where as = newAnalysisSpec root
         let analysisMessages =
                 maybe []

From d0dd81e1faa506232193ad91030dd2cb9f2d4a66 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Thu, 28 Jul 2022 08:56:44 -0700
Subject: [PATCH 049/244] Allow quoting values in directives (fixes #2517)

---
 CHANGELOG.md              |  1 +
 shellcheck.1.md           |  3 +++
 src/ShellCheck/Checker.hs | 12 ++++++++++++
 src/ShellCheck/Parser.hs  | 23 +++++++++++++++++------
 4 files changed, 33 insertions(+), 6 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index cef16f4..c363eb5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -17,6 +17,7 @@
   based on control flow rather than just syntax. Existing checks will
   gradually start using it, which may cause them to trigger differently
   (but more accurately).
+- Values in directives/shellcheckrc can now be quoted with '' or ""
 
 
 ## v0.8.0 - 2021-11-06
diff --git a/shellcheck.1.md b/shellcheck.1.md
index 146d791..c345a2b 100644
--- a/shellcheck.1.md
+++ b/shellcheck.1.md
@@ -282,6 +282,9 @@ Here is an example `.shellcheckrc`:
     source-path=SCRIPTDIR
     source-path=/mnt/chroot
 
+    # Since 0.9.0, values can be quoted with '' or "" to allow spaces
+    source-path="My Documents/scripts"
+
     # Allow opening any 'source'd file, even if not specified as input
     external-sources=true
 
diff --git a/src/ShellCheck/Checker.hs b/src/ShellCheck/Checker.hs
index db793f1..6518e0d 100644
--- a/src/ShellCheck/Checker.hs
+++ b/src/ShellCheck/Checker.hs
@@ -244,6 +244,9 @@ prop_canStripPrefixAndSource2 =
 prop_canSourceDynamicWhenRedirected =
     null $ checkWithIncludes [("lib", "")] "#shellcheck source=lib\n. \"$1\""
 
+prop_canRedirectWithSpaces =
+    null $ checkWithIncludes [("my file", "")] "#shellcheck source=\"my file\"\n. \"$1\""
+
 prop_recursiveAnalysis =
     [2086] == checkRecursive [("lib", "echo $1")] "source lib"
 
@@ -413,6 +416,15 @@ prop_sourcePathAddsAnnotation = result == [2086]
         csCheckSourced = True
     }
 
+prop_sourcePathWorksWithSpaces = result == [2086]
+  where
+    f "dir/myscript" _ ["my path"] "lib" = return "foo/lib"
+    result = checkWithIncludesAndSourcePath [("foo/lib", "echo $1")] f emptyCheckSpec {
+        csScript = "#!/bin/bash\n# shellcheck source-path='my path'\nsource lib",
+        csFilename = "dir/myscript",
+        csCheckSourced = True
+    }
+
 prop_sourcePathRedirectsDirective = result == [2086]
   where
     f "dir/myscript" _ _ "lib" = return "foo/lib"
diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 0dd6621..4ff45ed 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -992,6 +992,10 @@ prop_readAnnotation5 = isOk readAnnotation "# shellcheck disable=SC2002 # All ca
 prop_readAnnotation6 = isOk readAnnotation "# shellcheck disable=SC1234 # shellcheck foo=bar\n"
 prop_readAnnotation7 = isOk readAnnotation "# shellcheck disable=SC1000,SC2000-SC3000,SC1001\n"
 prop_readAnnotation8 = isOk readAnnotation "# shellcheck disable=all\n"
+prop_readAnnotation9 = isOk readAnnotation "# shellcheck source='foo bar' source-path=\"baz etc\"\n"
+prop_readAnnotation10 = isOk readAnnotation "# shellcheck disable='SC1234,SC2345' enable=\"foo\" shell='bash'\n"
+prop_readAnnotation11 = isOk (readAnnotationWithoutPrefix False) "external-sources='true'"
+
 readAnnotation = called "shellcheck directive" $ do
     try readAnnotationPrefix
     many1 linewhitespace
@@ -1007,12 +1011,19 @@ readAnnotationWithoutPrefix sandboxed = do
     many linewhitespace
     return $ concat values
   where
+    plainOrQuoted p = quoted p <|> p
+    quoted p = do
+        c <- oneOf "'\""
+        start <- getPosition
+        str <- many1 $ noneOf (c:"\n")
+        char c <|> fail "Missing terminating quote for directive."
+        subParse start p str
     readKey = do
         keyPos <- getPosition
         key <- many1 (letter <|> char '-')
         char '=' <|> fail "Expected '=' after directive key"
         annotations <- case key of
-            "disable" -> readElement `sepBy` char ','
+            "disable" -> plainOrQuoted $ readElement `sepBy` char ','
               where
                 readElement = readRange <|> readAll
                 readAll = do
@@ -1027,21 +1038,21 @@ readAnnotationWithoutPrefix sandboxed = do
                     int <- many1 digit
                     return $ read int
 
-            "enable" -> readName `sepBy` char ','
+            "enable" -> plainOrQuoted $ readName `sepBy` char ','
               where
                 readName = EnableComment <$> many1 (letter <|> char '-')
 
             "source" -> do
-                filename <- many1 $ noneOf " \n"
+                filename <- quoted (many1 anyChar) <|> (many1 $ noneOf " \n")
                 return [SourceOverride filename]
 
             "source-path" -> do
-                dirname <- many1 $ noneOf " \n"
+                dirname <- quoted (many1 anyChar) <|> (many1 $ noneOf " \n")
                 return [SourcePath dirname]
 
             "shell" -> do
                 pos <- getPosition
-                shell <- many1 $ noneOf " \n"
+                shell <- quoted (many1 anyChar) <|> (many1 $ noneOf " \n")
                 when (isNothing $ shellForExecutable shell) $
                     parseNoteAt pos ErrorC 1103
                         "This shell type is unknown. Use e.g. sh or bash."
@@ -1049,7 +1060,7 @@ readAnnotationWithoutPrefix sandboxed = do
 
             "external-sources" -> do
                 pos <- getPosition
-                value <- many1 letter
+                value <- plainOrQuoted $ many1 letter
                 case value of
                     "true" ->
                         if sandboxed

From c76b8d9a327812fe8164e9b667650d0c183978d8 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Thu, 28 Jul 2022 09:37:23 -0700
Subject: [PATCH 050/244] Let annotations take effect earlier (fixes #2534)

---
 src/ShellCheck/Checker.hs | 11 ++++++
 src/ShellCheck/Parser.hs  | 80 +++++++++++++++++++--------------------
 2 files changed, 49 insertions(+), 42 deletions(-)

diff --git a/src/ShellCheck/Checker.hs b/src/ShellCheck/Checker.hs
index 6518e0d..c8d2c39 100644
--- a/src/ShellCheck/Checker.hs
+++ b/src/ShellCheck/Checker.hs
@@ -496,6 +496,17 @@ prop_fileCannotEnableExternalSources2 = result == [1144]
         csCheckSourced = True
     }
 
+prop_rcCanSuppressEarlyProblems1 = null result
+  where
+    result = checkWithRc "disable=1071" emptyCheckSpec {
+        csScript = "#!/bin/zsh\necho $1"
+    }
+
+prop_rcCanSuppressEarlyProblems2 = null result
+  where
+    result = checkWithRc "disable=1104" emptyCheckSpec {
+        csScript = "!/bin/bash\necho 'hello world'"
+    }
 
 return []
 runTests = $quickCheckAll
diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 4ff45ed..d461fc7 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -38,7 +38,6 @@ import Data.Functor
 import Data.List (isPrefixOf, isInfixOf, isSuffixOf, partition, sortBy, intercalate, nub, find)
 import Data.Maybe
 import Data.Monoid
-import Debug.Trace -- STRIP
 import GHC.Exts (sortWith)
 import Prelude hiding (readList)
 import System.IO
@@ -458,8 +457,8 @@ called s p = do
     pos <- getPosition
     withContext (ContextName pos s) p
 
-withAnnotations anns =
-    withContext (ContextAnnotation anns)
+withAnnotations anns p =
+    if null anns then p else withContext (ContextAnnotation anns) p
 
 readConditionContents single =
     readCondContents `attempting` lookAhead (do
@@ -3258,44 +3257,51 @@ prop_readScript3 = isWarning readScript "#!/bin/bash\necho hello\xA0world"
 prop_readScript4 = isWarning readScript "#!/usr/bin/perl\nfoo=("
 prop_readScript5 = isOk readScript "#!/bin/bash\n#This is an empty script\n\n"
 prop_readScript6 = isOk readScript "#!/usr/bin/env -S X=FOO bash\n#This is an empty script\n\n"
+prop_readScript7 = isOk readScript "#!/bin/zsh\n# shellcheck disable=SC1071\nfor f (a b); echo $f\n"
 readScriptFile sourced = do
     start <- startSpan
     pos <- getPosition
-    optional $ do
-        readUtf8Bom
-        parseProblem ErrorC 1082
-            "This file has a UTF-8 BOM. Remove it with: LC_CTYPE=C sed '1s/^...//' < yourscript ."
-    shebang <- readShebang <|> readEmptyLiteral
-    let (T_Literal _ shebangString) = shebang
-    allspacing
-    annotationStart <- startSpan
-    fileAnnotations <- readAnnotations
     rcAnnotations <- if sourced
                      then return []
                      else do
                         filename <- Mr.asks currentFilename
                         readConfigFile filename
-    let annotations = fileAnnotations ++ rcAnnotations
-    annotationId <- endSpan annotationStart
-    let shellAnnotationSpecified =
-            any (\x -> case x of ShellOverride {} -> True; _ -> False) annotations
-    shellFlagSpecified <- isJust <$> Mr.asks shellTypeOverride
-    let ignoreShebang = shellAnnotationSpecified || shellFlagSpecified
 
-    unless ignoreShebang $
-        verifyShebang pos (executableFromShebang shebangString)
-    if ignoreShebang || isValidShell (executableFromShebang shebangString) /= Just False
-      then do
-            commands <- withAnnotations annotations readCompoundListOrEmpty
-            id <- endSpan start
-            verifyEof
-            let script = T_Annotation annotationId annotations $
-                            T_Script id shebang commands
-            reparseIndices script
-        else do
-            many anyChar
-            id <- endSpan start
-            return $ T_Script id shebang []
+    -- Put the rc annotations on the stack so that one can ignore e.g. SC1084 in .shellcheckrc
+    withAnnotations rcAnnotations $ do
+        hasBom <- wasIncluded readUtf8Bom
+        shebang <- readShebang <|> readEmptyLiteral
+        let (T_Literal _ shebangString) = shebang
+        allspacing
+        annotationStart <- startSpan
+        fileAnnotations <- readAnnotations
+
+        -- Similarly put the filewide annotations on the stack to allow earlier suppression
+        withAnnotations fileAnnotations $ do
+            when (hasBom) $
+                parseProblemAt pos ErrorC 1082
+                    "This file has a UTF-8 BOM. Remove it with: LC_CTYPE=C sed '1s/^...//' < yourscript ."
+            let annotations = fileAnnotations ++ rcAnnotations
+            annotationId <- endSpan annotationStart
+            let shellAnnotationSpecified =
+                    any (\x -> case x of ShellOverride {} -> True; _ -> False) annotations
+            shellFlagSpecified <- isJust <$> Mr.asks shellTypeOverride
+            let ignoreShebang = shellAnnotationSpecified || shellFlagSpecified
+
+            unless ignoreShebang $
+                verifyShebang pos (executableFromShebang shebangString)
+            if ignoreShebang || isValidShell (executableFromShebang shebangString) /= Just False
+              then do
+                    commands <- readCompoundListOrEmpty
+                    id <- endSpan start
+                    verifyEof
+                    let script = T_Annotation annotationId annotations $
+                                    T_Script id shebang commands
+                    reparseIndices script
+                else do
+                    many anyChar
+                    id <- endSpan start
+                    return $ T_Script id shebang []
 
   where
     verifyShebang pos s = do
@@ -3388,16 +3394,6 @@ parsesCleanly parser string = runIdentity $ do
             return $ Just . null $ parseNotes userState ++ parseProblems systemState
         (Left _, _) -> return Nothing
 
--- For printf debugging: print the value of an expression
--- Example: return $ dump $ T_Literal id [c]
-dump :: Show a => a -> a     -- STRIP
-dump x = trace (show x) x    -- STRIP
-
--- Like above, but print a specific expression:
--- Example: return $ dumps ("Returning: " ++ [c])  $ T_Literal id [c]
-dumps :: Show x => x -> a -> a -- STRIP
-dumps t = trace (show t)       -- STRIP
-
 parseWithNotes parser = do
     item <- parser
     state <- getState

From 04db46381fe515d6e3e66b7d3c33c60fa0275471 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Thu, 28 Jul 2022 19:00:03 -0700
Subject: [PATCH 051/244] Use Data.Map.Strict instead for a ~15% parsing
 speedup

---
 src/ShellCheck/Parser.hs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index d461fc7..aeaf703 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -46,7 +46,7 @@ import Text.Parsec.Error
 import Text.Parsec.Pos
 import qualified Control.Monad.Reader as Mr
 import qualified Control.Monad.State as Ms
-import qualified Data.Map as Map
+import qualified Data.Map.Strict as Map
 
 import Test.QuickCheck.All (quickCheckAll)
 

From 77069f7445681747ff88eaa56b6bd23b596eee99 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Fri, 29 Jul 2022 21:05:33 -0700
Subject: [PATCH 052/244] Store postdominators as Array Node [Node] for a
 significant win

---
 src/ShellCheck/CFG.hs         | 17 ++++++++++-------
 src/ShellCheck/CFGAnalysis.hs |  8 ++++----
 2 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/src/ShellCheck/CFG.hs b/src/ShellCheck/CFG.hs
index 39747cf..771e870 100644
--- a/src/ShellCheck/CFG.hs
+++ b/src/ShellCheck/CFG.hs
@@ -47,6 +47,8 @@ import ShellCheck.Regex
 import Control.DeepSeq
 import Control.Monad
 import Control.Monad.Identity
+import Data.Array.Unboxed
+import Data.Array.ST
 import Data.List hiding (map)
 import Data.Maybe
 import qualified Data.Map as M
@@ -174,10 +176,10 @@ data CFGResult = CFGResult {
     cfIdToRange :: M.Map Id (Node, Node),
     -- A set of all nodes belonging to an Id, recursively
     cfIdToNodes :: M.Map Id (S.Set Node),
-    -- A map to nodes that the given node postdominates
-    cfPostDominators :: M.Map Node (S.Set Node)
+    -- An array (from,to) saying whether 'from' postdominates 'to'
+    cfPostDominators :: Array Node [Node]
 }
-  deriving (Show, Generic, NFData)
+  deriving (Show)
 
 buildGraph :: CFGParameters -> Token -> CFGResult
 buildGraph params root =
@@ -200,7 +202,7 @@ buildGraph params root =
             cfPostDominators = findPostDominators mainExit $ mkGraph nodes onlyRealEdges
         }
     in
-        deepseq result result
+        result
 
 remapGraph :: M.Map Node Node -> CFW -> CFW
 remapGraph remap (nodes, edges, mapping, assoc) =
@@ -1256,8 +1258,8 @@ findTerminalNodes graph = ufold find [] graph
     f (IdTagged _ (CFDefineFunction _ id start end):rest) list = f rest (end:list)
     f (_:rest) list = f rest list
 
-findPostDominators :: Node -> CFGraph -> M.Map Node (S.Set Node)
-findPostDominators mainexit graph = asSetMap
+findPostDominators :: Node -> CFGraph -> Array Node [Node]
+findPostDominators mainexit graph = asArray
   where
     inlined = inlineSubshells graph
     terminals = findTerminalNodes inlined
@@ -1265,7 +1267,8 @@ findPostDominators mainexit graph = asSetMap
     withExitEdges = (incoming ++ map (\c -> (CFEFlow, c)) terminals, mainexit, label, outgoing) `safeUpdate` inlined
     reversed = grev withExitEdges
     postDoms = dom reversed mainexit
-    asSetMap = M.fromList $ map (\(node, list) -> (node, S.fromList list)) postDoms
+    (_, maxNode) = nodeRange graph
+    asArray = array (0, maxNode) postDoms
 
 return []
 runTests =  $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |])
diff --git a/src/ShellCheck/CFGAnalysis.hs b/src/ShellCheck/CFGAnalysis.hs
index ff88810..e6b1701 100644
--- a/src/ShellCheck/CFGAnalysis.hs
+++ b/src/ShellCheck/CFGAnalysis.hs
@@ -69,6 +69,7 @@ import Control.Monad
 import Control.Monad.ST
 import Control.DeepSeq
 import Data.List hiding (map)
+import Data.Array.Unboxed
 import Data.STRef
 import Data.Maybe
 import qualified Data.Map as M
@@ -100,9 +101,9 @@ data CFGAnalysis = CFGAnalysis {
     graph :: CFGraph,
     tokenToRange :: M.Map Id (Node, Node),
     tokenToNodes :: M.Map Id (S.Set Node),
-    postDominators :: M.Map Node (S.Set Node),
+    postDominators :: Array Node [Node],
     nodeToData :: M.Map Node (ProgramState, ProgramState)
-} deriving (Show, Generic, NFData)
+} deriving (Show)
 
 -- The program state we expose externally
 data ProgramState = ProgramState {
@@ -147,8 +148,7 @@ doesPostDominate :: CFGAnalysis -> Id -> Id -> Bool
 doesPostDominate analysis target base = fromMaybe False $ do
     (_, baseEnd) <- M.lookup base $ tokenToRange analysis
     (targetStart, _) <- M.lookup target $ tokenToRange analysis
-    postDoms <- M.lookup baseEnd $ postDominators analysis
-    return $ S.member targetStart postDoms
+    return $ targetStart `elem` (postDominators analysis ! baseEnd)
 
 getDataForNode analysis node = M.lookup node $ nodeToData analysis
 

From 0df934514298adadc40651696d5b854784efa0a5 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Tue, 2 Aug 2022 11:25:35 -0700
Subject: [PATCH 053/244] Trace numerical status, use for SC2071 (ref #2541)

---
 src/ShellCheck/Analytics.hs   | 21 +++++++--
 src/ShellCheck/CFGAnalysis.hs | 84 ++++++++++++++++++++++++++---------
 2 files changed, 82 insertions(+), 23 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index e878dc4..b5bac35 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -1167,6 +1167,10 @@ prop_checkNumberComparisons18 = verify checkNumberComparisons "[[ foo -eq 2 ]]"
 prop_checkNumberComparisons19 = verifyNot checkNumberComparisons "foo=1; [[ foo -eq 2 ]]"
 prop_checkNumberComparisons20 = verify checkNumberComparisons "[[ 2 -eq / ]]"
 prop_checkNumberComparisons21 = verify checkNumberComparisons "[[ foo -eq foo ]]"
+prop_checkNumberComparisons22 = verify checkNumberComparisons "x=10; [[ $x > $z ]]"
+prop_checkNumberComparisons23 = verify checkNumberComparisons "x=0; if [[ -n $def ]]; then x=$def; fi; while [ $x > $z ]; do lol; done"
+prop_checkNumberComparisons24 = verify checkNumberComparisons "x=$RANDOM; [ $x > $z ]"
+prop_checkNumberComparisons25 = verify checkNumberComparisons "[[ $((n++)) > $x ]]"
 
 checkNumberComparisons params (TC_Binary id typ op lhs rhs) = do
     if isNum lhs || isNum rhs
@@ -1242,9 +1246,20 @@ checkNumberComparisons params (TC_Binary id typ op lhs rhs) = do
       numChar x = isDigit x || x `elem` "+-. "
 
       isNum t =
-        case oversimplify t of
-            [v] -> all isDigit v
-            _ -> False
+        case getWordParts t of
+            [T_DollarArithmetic {}] -> True
+            [b@(T_DollarBraced id _ c)] ->
+                let
+                    str = concat $ oversimplify c
+                    var = getBracedReference str
+                in fromMaybe False $ do
+                    state <- CF.getIncomingState (cfgAnalysis params) id
+                    value <- Map.lookup var $ CF.variablesInScope state
+                    return $ CF.numericalStatus (CF.variableValue value) >= CF.NumericalStatusMaybe
+            _ ->
+                case oversimplify t of
+                    [v] -> all isDigit v
+                    _ -> False
 
       isFraction t =
         case oversimplify t of
diff --git a/src/ShellCheck/CFGAnalysis.hs b/src/ShellCheck/CFGAnalysis.hs
index e6b1701..634d354 100644
--- a/src/ShellCheck/CFGAnalysis.hs
+++ b/src/ShellCheck/CFGAnalysis.hs
@@ -54,29 +54,31 @@ module ShellCheck.CFGAnalysis (
     ,VariableValue (..)
     ,VariableProperties
     ,SpaceStatus (..)
+    ,NumericalStatus (..)
     ,getIncomingState
     ,getOutgoingState
     ,doesPostDominate
     ,ShellCheck.CFGAnalysis.runTests -- STRIP
     ) where
 
-import GHC.Generics (Generic)
-import ShellCheck.AST
-import ShellCheck.CFG
-import qualified ShellCheck.Data as Data
-import ShellCheck.Prelude
+import Control.DeepSeq
 import Control.Monad
 import Control.Monad.ST
-import Control.DeepSeq
-import Data.List hiding (map)
 import Data.Array.Unboxed
-import Data.STRef
-import Data.Maybe
-import qualified Data.Map as M
-import qualified Data.Set as S
+import Data.Char
 import Data.Graph.Inductive.Graph
 import Data.Graph.Inductive.Query.DFS
+import Data.List hiding (map)
+import Data.Maybe
+import Data.STRef
 import Debug.Trace -- STRIP
+import GHC.Generics (Generic)
+import qualified Data.Map as M
+import qualified Data.Set as S
+import qualified ShellCheck.Data as Data
+import ShellCheck.AST
+import ShellCheck.CFG
+import ShellCheck.Prelude
 
 import Test.QuickCheck
 
@@ -183,16 +185,20 @@ createEnvironmentState = do
     foldl' (flip ($)) newInternalState $ concat [
         addVars Data.internalVariables unknownVariableState,
         addVars Data.variablesWithoutSpaces spacelessVariableState,
-        addVars Data.specialIntegerVariables spacelessVariableState
+        addVars Data.specialIntegerVariables integerVariableState
         ]
   where
     addVars names val = map (\name -> insertGlobal name val) names
     spacelessVariableState = unknownVariableState {
         variableValue = VariableValue {
             literalValue = Nothing,
-            spaceStatus = SpaceStatusClean
+            spaceStatus = SpaceStatusClean,
+            numericalStatus = NumericalStatusUnknown
         }
     }
+    integerVariableState = unknownVariableState {
+        variableValue = unknownIntegerValue
+    }
 
 
 modified s = s { sVersion = -1 }
@@ -289,7 +295,8 @@ unknownFunctionValue = S.singleton FunctionUnknown
 -- The information about the value of a single variable
 data VariableValue = VariableValue {
     literalValue :: Maybe String, -- TODO: For debugging. Remove me.
-    spaceStatus :: SpaceStatus
+    spaceStatus :: SpaceStatus,
+    numericalStatus :: NumericalStatus
 }
     deriving (Show, Eq, Ord, Generic, NFData)
 
@@ -301,6 +308,9 @@ data VariableState = VariableState {
 
 -- Whether or not the value needs quoting (has spaces/globs), or we don't know
 data SpaceStatus = SpaceStatusEmpty | SpaceStatusClean | SpaceStatusDirty deriving (Show, Eq, Ord, Generic, NFData)
+--
+-- Whether or not the value needs quoting (has spaces/globs), or we don't know
+data NumericalStatus = NumericalStatusUnknown | NumericalStatusEmpty | NumericalStatusMaybe | NumericalStatusDefinitely deriving (Show, Eq, Ord, Generic, NFData)
 
 -- The set of possible sets of properties for this variable
 type VariableProperties = S.Set (S.Set CFVariableProp)
@@ -314,12 +324,14 @@ unknownVariableState = VariableState {
 
 unknownVariableValue = VariableValue {
     literalValue = Nothing,
-    spaceStatus = SpaceStatusDirty
+    spaceStatus = SpaceStatusDirty,
+    numericalStatus = NumericalStatusUnknown
 }
 
 emptyVariableValue = unknownVariableValue {
     literalValue = Just "",
-    spaceStatus = SpaceStatusEmpty
+    spaceStatus = SpaceStatusEmpty,
+    numericalStatus = NumericalStatusEmpty
 }
 
 unsetVariableState = VariableState {
@@ -334,7 +346,8 @@ mergeVariableState a b = VariableState {
 
 mergeVariableValue a b = VariableValue {
     literalValue = if literalValue a == literalValue b then literalValue a else Nothing,
-    spaceStatus = mergeSpaceStatus (spaceStatus a) (spaceStatus b)
+    spaceStatus = mergeSpaceStatus (spaceStatus a) (spaceStatus b),
+    numericalStatus = mergeNumericalStatus (numericalStatus a) (numericalStatus b)
 }
 
 mergeSpaceStatus a b =
@@ -344,6 +357,16 @@ mergeSpaceStatus a b =
         (SpaceStatusClean, SpaceStatusClean) -> SpaceStatusClean
         _ -> SpaceStatusDirty
 
+mergeNumericalStatus a b =
+    case (a,b) of
+        (NumericalStatusDefinitely, NumericalStatusDefinitely) -> NumericalStatusDefinitely
+        (NumericalStatusDefinitely, _) -> NumericalStatusMaybe
+        (_, NumericalStatusDefinitely) -> NumericalStatusMaybe
+        (NumericalStatusMaybe, _) -> NumericalStatusMaybe
+        (_, NumericalStatusMaybe) -> NumericalStatusMaybe
+        (NumericalStatusEmpty, NumericalStatusEmpty) -> NumericalStatusEmpty
+        _ -> NumericalStatusUnknown
+
 -- A VersionedMap is a Map that keeps an additional integer version to quickly determine if it has changed.
 -- * Version -1 means it's unknown (possibly and presumably changed)
 -- * Version 0 means it's empty
@@ -1154,7 +1177,8 @@ appendVariableValue :: VariableValue -> VariableValue -> VariableValue
 appendVariableValue a b =
     unknownVariableValue {
         literalValue = liftM2 (++) (literalValue a) (literalValue b),
-        spaceStatus = appendSpaceStatus (spaceStatus a) (spaceStatus b)
+        spaceStatus = appendSpaceStatus (spaceStatus a) (spaceStatus b),
+        numericalStatus = appendNumericalStatus (numericalStatus a) (numericalStatus b)
     }
 
 appendSpaceStatus a b =
@@ -1164,14 +1188,25 @@ appendSpaceStatus a b =
         (SpaceStatusClean, SpaceStatusClean) -> a
         _ ->SpaceStatusDirty
 
+appendNumericalStatus a b =
+    case (a,b) of
+        (NumericalStatusEmpty, x) -> x
+        (x, NumericalStatusEmpty) -> x
+        (NumericalStatusDefinitely, NumericalStatusDefinitely) -> NumericalStatusDefinitely
+        (NumericalStatusUnknown, _) -> NumericalStatusUnknown
+        (_, NumericalStatusUnknown) -> NumericalStatusUnknown
+        _ -> NumericalStatusMaybe
+
 unknownIntegerValue = unknownVariableValue {
     literalValue = Nothing,
-    spaceStatus = SpaceStatusClean
+    spaceStatus = SpaceStatusClean,
+    numericalStatus = NumericalStatusDefinitely
 }
 
 literalToVariableValue str = unknownVariableValue {
     literalValue = Just str,
-    spaceStatus = literalToSpaceStatus str
+    spaceStatus = literalToSpaceStatus str,
+    numericalStatus = literalToNumericalStatus str
 }
 
 withoutChanges ctx f = do
@@ -1191,6 +1226,15 @@ literalToSpaceStatus str =
         _ | all (`notElem` " \t\n*?[") str -> SpaceStatusClean
         _ -> SpaceStatusDirty
 
+-- Get the NumericalStatus for a literal string, i.e. whether it's an integer
+literalToNumericalStatus str =
+    case str of
+        "" -> NumericalStatusEmpty
+        '-':rest -> if isNumeric rest then NumericalStatusDefinitely else NumericalStatusUnknown
+        rest -> if isNumeric rest then NumericalStatusDefinitely else NumericalStatusUnknown
+  where
+    isNumeric = all isDigit
+
 type StateMap = M.Map Node (InternalState, InternalState)
 
 -- Classic, iterative Data Flow Analysis. See Wikipedia for a description of the process.

From 4806719035de364dd2d49f97112dd8b3a255e3b0 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Tue, 2 Aug 2022 15:47:59 -0700
Subject: [PATCH 054/244] Handle variable assignments from `read` in CFG

---
 src/ShellCheck/CFG.hs  | 35 ++++++++++++++++++++++++++++++++++-
 src/ShellCheck/Data.hs |  1 +
 2 files changed, 35 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/CFG.hs b/src/ShellCheck/CFG.hs
index 771e870..e0c6267 100644
--- a/src/ShellCheck/CFG.hs
+++ b/src/ShellCheck/CFG.hs
@@ -41,6 +41,7 @@ module ShellCheck.CFG (
 import GHC.Generics (Generic)
 import ShellCheck.AST
 import ShellCheck.ASTLib
+import ShellCheck.Data
 import ShellCheck.Interface
 import ShellCheck.Prelude
 import ShellCheck.Regex
@@ -936,6 +937,8 @@ handleCommand cmd vars args literalCmd = do
         Just "mapfile" -> regularExpansionWithStatus vars args $ handleMapfile args
         Just "readarray" -> regularExpansionWithStatus vars args $ handleMapfile args
 
+        Just "read" -> regularExpansionWithStatus vars args $ handleRead args
+
         Just "DEFINE_boolean" -> regularExpansionWithStatus vars args $ handleDEFINE args
         Just "DEFINE_float" ->   regularExpansionWithStatus vars args $ handleDEFINE args
         Just "DEFINE_integer" -> regularExpansionWithStatus vars args $ handleDEFINE args
@@ -1113,7 +1116,7 @@ handleCommand cmd vars args literalCmd = do
             in IdTagged id $ CFWriteVariable name CFValueArray
 
         getFromArg = do
-            flags <- getGnuOpts "d:n:O:s:u:C:c:t" args
+            flags <- getGnuOpts flagsForMapfile args
             (_, arg) <- lookup "" flags
             name <- getLiteralString arg
             return (getId arg, name)
@@ -1125,6 +1128,36 @@ handleCommand cmd vars args literalCmd = do
             guard $ isVariableName name
             return (getId c, name)
 
+    handleRead (cmd:args) = newNodeRange $ CFApplyEffects main
+      where
+        main = fromMaybe fallback $ do
+            flags <- getGnuOpts flagsForRead args
+            return $ fromMaybe (withFields flags) $ withArray flags
+
+        withArray :: [(String, (Token, Token))] -> Maybe [IdTagged CFEffect]
+        withArray flags = do
+            (_, token) <- lookup "a" flags
+            return $ fromMaybe [] $ do
+                name <- getLiteralString token
+                return [ IdTagged (getId token) $ CFWriteVariable name CFValueArray ]
+
+        withFields flags = mapMaybe getAssignment flags
+
+        getAssignment :: (String, (Token, Token)) -> Maybe (IdTagged CFEffect)
+        getAssignment f = do
+            ("", (t, _)) <- return f
+            name <- getLiteralString t
+            return $ IdTagged (getId t) $ CFWriteVariable name CFValueString
+
+        fallback =
+            let
+                names = reverse $ map fromJust $ takeWhile isJust $ map (\c -> sequence (getId c, getLiteralString c)) $ reverse args
+                namesOrDefault = if null names then [(getId cmd, "REPLY")] else names
+                hasDashA = any (== "a") $ map fst $ getGenericOpts args
+                value = if hasDashA then CFValueArray else CFValueString
+            in
+                map (\(id, name) -> IdTagged id $ CFWriteVariable name value) namesOrDefault
+
     handleDEFINE (cmd:args) =
         newNodeRange $ CFApplyEffects $ maybeToList findVar
       where
diff --git a/src/ShellCheck/Data.hs b/src/ShellCheck/Data.hs
index fb82ca8..4090922 100644
--- a/src/ShellCheck/Data.hs
+++ b/src/ShellCheck/Data.hs
@@ -159,5 +159,6 @@ shellForExecutable name =
         _ -> Nothing
 
 flagsForRead = "sreu:n:N:i:p:a:t:"
+flagsForMapfile = "d:n:O:s:u:C:c:t"
 
 declaringCommands = ["local", "declare", "export", "readonly", "typeset", "let"]

From ccab132b385a215a37ce7e6f4d2601454b0437b0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lawrence=20Vel=C3=A1zquez?= <vq@larryv.me>
Date: Tue, 20 Sep 2022 17:36:46 -0400
Subject: [PATCH 055/244] Reflow lists of internal shell variables

No functional changes; this just makes the next few commits cleaner.
---
 src/ShellCheck/Data.hs | 41 +++++++++++++++++++++++------------------
 1 file changed, 23 insertions(+), 18 deletions(-)

diff --git a/src/ShellCheck/Data.hs b/src/ShellCheck/Data.hs
index 4090922..3c9013f 100644
--- a/src/ShellCheck/Data.hs
+++ b/src/ShellCheck/Data.hs
@@ -30,23 +30,26 @@ internalVariables = [
 
     -- Bash
     "BASH", "BASHOPTS", "BASHPID", "BASH_ALIASES", "BASH_ARGC",
-    "BASH_ARGV", "BASH_CMDS", "BASH_COMMAND", "BASH_EXECUTION_STRING",
-    "BASH_LINENO", "BASH_REMATCH", "BASH_SOURCE", "BASH_SUBSHELL",
-    "BASH_VERSINFO", "BASH_VERSION", "COMP_CWORD", "COMP_KEY",
-    "COMP_LINE", "COMP_POINT", "COMP_TYPE", "COMP_WORDBREAKS",
-    "COMP_WORDS", "COPROC", "DIRSTACK", "EUID", "FUNCNAME", "GROUPS",
-    "HISTCMD", "HOSTNAME", "HOSTTYPE", "LINENO", "MACHTYPE", "MAPFILE",
-    "OLDPWD", "OPTARG", "OPTIND", "OSTYPE", "PIPESTATUS", "PPID", "PWD",
-    "RANDOM", "READLINE_LINE", "READLINE_POINT", "REPLY", "SECONDS",
-    "SHELLOPTS", "SHLVL", "UID", "BASH_ENV", "BASH_XTRACEFD", "CDPATH",
-    "COLUMNS", "COMPREPLY", "EMACS", "ENV", "FCEDIT", "FIGNORE",
+    "BASH_ARGV", "BASH_CMDS", "BASH_COMMAND",
+    "BASH_EXECUTION_STRING", "BASH_LINENO",
+    "BASH_REMATCH", "BASH_SOURCE", "BASH_SUBSHELL", "BASH_VERSINFO",
+    "BASH_VERSION", "COMP_CWORD", "COMP_KEY", "COMP_LINE", "COMP_POINT",
+    "COMP_TYPE", "COMP_WORDBREAKS", "COMP_WORDS", "COPROC", "DIRSTACK",
+    "EUID", "FUNCNAME", "GROUPS", "HISTCMD",
+    "HOSTNAME", "HOSTTYPE", "LINENO", "MACHTYPE", "MAPFILE", "OLDPWD",
+    "OPTARG", "OPTIND", "OSTYPE", "PIPESTATUS", "PPID", "PWD", "RANDOM",
+    "READLINE_LINE", "READLINE_POINT",
+    "REPLY", "SECONDS", "SHELLOPTS", "SHLVL", "UID",
+    "BASH_ENV", "BASH_XTRACEFD", "CDPATH", "COLUMNS",
+    "COMPREPLY", "EMACS", "ENV", "FCEDIT", "FIGNORE",
     "FUNCNEST", "GLOBIGNORE", "HISTCONTROL", "HISTFILE", "HISTFILESIZE",
     "HISTIGNORE", "HISTSIZE", "HISTTIMEFORMAT", "HOME", "HOSTFILE", "IFS",
-    "IGNOREEOF", "INPUTRC", "LANG", "LC_ALL", "LC_COLLATE", "LC_CTYPE",
-    "LC_MESSAGES", "LC_MONETARY", "LC_NUMERIC", "LC_TIME", "LINES", "MAIL",
-    "MAILCHECK", "MAILPATH", "OPTERR", "PATH", "POSIXLY_CORRECT",
-    "PROMPT_COMMAND", "PROMPT_DIRTRIM", "PS1", "PS2", "PS3", "PS4", "SHELL",
-    "TIMEFORMAT", "TMOUT", "TMPDIR", "auto_resume", "histchars", "COPROC",
+    "IGNOREEOF", "INPUTRC", "LANG", "LC_ALL", "LC_COLLATE",
+    "LC_CTYPE", "LC_MESSAGES", "LC_MONETARY", "LC_NUMERIC", "LC_TIME",
+    "LINES", "MAIL", "MAILCHECK", "MAILPATH", "OPTERR", "PATH",
+    "POSIXLY_CORRECT", "PROMPT_COMMAND", "PROMPT_DIRTRIM", "PS1",
+    "PS2", "PS3", "PS4", "SHELL", "TIMEFORMAT", "TMOUT", "TMPDIR",
+    "auto_resume", "histchars", "COPROC",
 
     -- Other
     "USER", "TZ", "TERM", "LOGNAME", "LD_LIBRARY_PATH", "LANGUAGE", "DISPLAY",
@@ -68,9 +71,11 @@ specialIntegerVariables = [
 specialVariablesWithoutSpaces = "-" : specialIntegerVariables
 
 variablesWithoutSpaces = specialVariablesWithoutSpaces ++ [
-    "BASHPID", "BASH_ARGC", "BASH_LINENO", "BASH_SUBSHELL", "EUID", "LINENO",
-    "OPTIND", "PPID", "RANDOM", "SECONDS", "SHELLOPTS", "SHLVL", "UID",
-    "COLUMNS", "HISTFILESIZE", "HISTSIZE", "LINES"
+    "BASHPID", "BASH_ARGC", "BASH_LINENO", "BASH_SUBSHELL", "EUID",
+    "LINENO", "OPTIND", "PPID", "RANDOM",
+    "SECONDS",
+    "SHELLOPTS", "SHLVL", "UID", "COLUMNS", "HISTFILESIZE",
+    "HISTSIZE", "LINES"
 
     -- shflags
     , "FLAGS_ERROR", "FLAGS_FALSE", "FLAGS_TRUE"

From f28462b01ca634b4649e0a6dd11a0a8a207d5729 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lawrence=20Vel=C3=A1zquez?= <vq@larryv.me>
Date: Tue, 20 Sep 2022 19:10:39 -0400
Subject: [PATCH 056/244] Remove duplicate "COPROC" from internal vars list

---
 src/ShellCheck/Data.hs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ShellCheck/Data.hs b/src/ShellCheck/Data.hs
index 3c9013f..8c65474 100644
--- a/src/ShellCheck/Data.hs
+++ b/src/ShellCheck/Data.hs
@@ -49,7 +49,7 @@ internalVariables = [
     "LINES", "MAIL", "MAILCHECK", "MAILPATH", "OPTERR", "PATH",
     "POSIXLY_CORRECT", "PROMPT_COMMAND", "PROMPT_DIRTRIM", "PS1",
     "PS2", "PS3", "PS4", "SHELL", "TIMEFORMAT", "TMOUT", "TMPDIR",
-    "auto_resume", "histchars", "COPROC",
+    "auto_resume", "histchars",
 
     -- Other
     "USER", "TZ", "TERM", "LOGNAME", "LD_LIBRARY_PATH", "LANGUAGE", "DISPLAY",

From 966fb3e3dd3b49e64f022478f18f7aa4bad53a27 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lawrence=20Vel=C3=A1zquez?= <vq@larryv.me>
Date: Tue, 20 Sep 2022 19:12:05 -0400
Subject: [PATCH 057/244] Recognize more Bash internal variables

  - BASH_ARGV0, introduced in Bash 5.0
  - BASH_COMPAT, 4.3
  - BASH_LOADABLES_PATH, 4.4
  - CHILD_MAX, 4.3
  - EPOCHREALTIME, 5.0
  - EPOCHSECONDS, 5.0
  - EXECIGNORE, 4.4
  - INSIDE_EMACS, 4.4
  - PS0, 4.4
  - READLINE_ARGUMENT, 5.2
  - READLINE_MARK, 5.1
  - SRANDOM, 5.1

Fixes #1780 and #2554.
---
 src/ShellCheck/Data.hs | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/src/ShellCheck/Data.hs b/src/ShellCheck/Data.hs
index 8c65474..35f314f 100644
--- a/src/ShellCheck/Data.hs
+++ b/src/ShellCheck/Data.hs
@@ -30,24 +30,24 @@ internalVariables = [
 
     -- Bash
     "BASH", "BASHOPTS", "BASHPID", "BASH_ALIASES", "BASH_ARGC",
-    "BASH_ARGV", "BASH_CMDS", "BASH_COMMAND",
-    "BASH_EXECUTION_STRING", "BASH_LINENO",
+    "BASH_ARGV", "BASH_ARGV0", "BASH_CMDS", "BASH_COMMAND",
+    "BASH_EXECUTION_STRING", "BASH_LINENO", "BASH_LOADABLES_PATH",
     "BASH_REMATCH", "BASH_SOURCE", "BASH_SUBSHELL", "BASH_VERSINFO",
     "BASH_VERSION", "COMP_CWORD", "COMP_KEY", "COMP_LINE", "COMP_POINT",
     "COMP_TYPE", "COMP_WORDBREAKS", "COMP_WORDS", "COPROC", "DIRSTACK",
-    "EUID", "FUNCNAME", "GROUPS", "HISTCMD",
+    "EPOCHREALTIME", "EPOCHSECONDS", "EUID", "FUNCNAME", "GROUPS", "HISTCMD",
     "HOSTNAME", "HOSTTYPE", "LINENO", "MACHTYPE", "MAPFILE", "OLDPWD",
     "OPTARG", "OPTIND", "OSTYPE", "PIPESTATUS", "PPID", "PWD", "RANDOM",
-    "READLINE_LINE", "READLINE_POINT",
-    "REPLY", "SECONDS", "SHELLOPTS", "SHLVL", "UID",
-    "BASH_ENV", "BASH_XTRACEFD", "CDPATH", "COLUMNS",
-    "COMPREPLY", "EMACS", "ENV", "FCEDIT", "FIGNORE",
+    "READLINE_ARGUMENT", "READLINE_LINE", "READLINE_MARK", "READLINE_POINT",
+    "REPLY", "SECONDS", "SHELLOPTS", "SHLVL", "SRANDOM", "UID", "BASH_COMPAT",
+    "BASH_ENV", "BASH_XTRACEFD", "CDPATH", "CHILD_MAX", "COLUMNS",
+    "COMPREPLY", "EMACS", "ENV", "EXECIGNORE", "FCEDIT", "FIGNORE",
     "FUNCNEST", "GLOBIGNORE", "HISTCONTROL", "HISTFILE", "HISTFILESIZE",
     "HISTIGNORE", "HISTSIZE", "HISTTIMEFORMAT", "HOME", "HOSTFILE", "IFS",
-    "IGNOREEOF", "INPUTRC", "LANG", "LC_ALL", "LC_COLLATE",
+    "IGNOREEOF", "INPUTRC", "INSIDE_EMACS", "LANG", "LC_ALL", "LC_COLLATE",
     "LC_CTYPE", "LC_MESSAGES", "LC_MONETARY", "LC_NUMERIC", "LC_TIME",
     "LINES", "MAIL", "MAILCHECK", "MAILPATH", "OPTERR", "PATH",
-    "POSIXLY_CORRECT", "PROMPT_COMMAND", "PROMPT_DIRTRIM", "PS1",
+    "POSIXLY_CORRECT", "PROMPT_COMMAND", "PROMPT_DIRTRIM", "PS0", "PS1",
     "PS2", "PS3", "PS4", "SHELL", "TIMEFORMAT", "TMOUT", "TMPDIR",
     "auto_resume", "histchars",
 
@@ -72,9 +72,9 @@ specialVariablesWithoutSpaces = "-" : specialIntegerVariables
 
 variablesWithoutSpaces = specialVariablesWithoutSpaces ++ [
     "BASHPID", "BASH_ARGC", "BASH_LINENO", "BASH_SUBSHELL", "EUID",
-    "LINENO", "OPTIND", "PPID", "RANDOM",
-    "SECONDS",
-    "SHELLOPTS", "SHLVL", "UID", "COLUMNS", "HISTFILESIZE",
+    "EPOCHREALTIME", "EPOCHSECONDS", "LINENO", "OPTIND", "PPID", "RANDOM",
+    "READLINE_ARGUMENT", "READLINE_MARK", "SECONDS",
+    "SHELLOPTS", "SHLVL", "SRANDOM", "UID", "COLUMNS", "HISTFILESIZE",
     "HISTSIZE", "LINES"
 
     -- shflags

From 0845b8118352c929d414231af23d302cb748178d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lawrence=20Vel=C3=A1zquez?= <vq@larryv.me>
Date: Tue, 20 Sep 2022 20:00:23 -0400
Subject: [PATCH 058/244] Add READLINE_POINT to list of variables without
 spaces

---
 src/ShellCheck/Data.hs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ShellCheck/Data.hs b/src/ShellCheck/Data.hs
index 35f314f..7d6f5b4 100644
--- a/src/ShellCheck/Data.hs
+++ b/src/ShellCheck/Data.hs
@@ -73,7 +73,7 @@ specialVariablesWithoutSpaces = "-" : specialIntegerVariables
 variablesWithoutSpaces = specialVariablesWithoutSpaces ++ [
     "BASHPID", "BASH_ARGC", "BASH_LINENO", "BASH_SUBSHELL", "EUID",
     "EPOCHREALTIME", "EPOCHSECONDS", "LINENO", "OPTIND", "PPID", "RANDOM",
-    "READLINE_ARGUMENT", "READLINE_MARK", "SECONDS",
+    "READLINE_ARGUMENT", "READLINE_MARK", "READLINE_POINT", "SECONDS",
     "SHELLOPTS", "SHLVL", "SRANDOM", "UID", "COLUMNS", "HISTFILESIZE",
     "HISTSIZE", "LINES"
 

From fcc473e27fffc2dfe404c24b30f2cbb7e897ace8 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Wed, 21 Sep 2022 18:11:18 -0700
Subject: [PATCH 059/244] Include inherited env for DFA of leftover functions
 (fixes #2560)

---
 src/ShellCheck/Analytics.hs   | 2 ++
 src/ShellCheck/CFGAnalysis.hs | 8 ++++----
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index b5bac35..e9ea36a 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -2099,6 +2099,8 @@ prop_checkSpacefulnessCfg61 = verify checkSpacefulnessCfg "declare -x X; y=foo$X
 prop_checkSpacefulnessCfg62 = verifyNot checkSpacefulnessCfg "f() { declare -x X; y=foo$X; echo $y; }"
 prop_checkSpacefulnessCfg63 = verify checkSpacefulnessCfg "f && declare -i s; s='x + y'; echo $s"
 prop_checkSpacefulnessCfg64 = verifyNot checkSpacefulnessCfg "declare -i s; s='x + y'; x=$s; echo $x"
+prop_checkSpacefulnessCfg65 = verifyNot checkSpacefulnessCfg "f() { s=$?; echo $s; }; f"
+prop_checkSpacefulnessCfg66 = verifyNot checkSpacefulnessCfg "f() { s=$?; echo $s; }"
 
 checkSpacefulnessCfg = checkSpacefulnessCfg' True
 checkVerboseSpacefulnessCfg = checkSpacefulnessCfg' False
diff --git a/src/ShellCheck/CFGAnalysis.hs b/src/ShellCheck/CFGAnalysis.hs
index 634d354..7b270a8 100644
--- a/src/ShellCheck/CFGAnalysis.hs
+++ b/src/ShellCheck/CFGAnalysis.hs
@@ -1300,8 +1300,7 @@ dataflow ctx entry = do
         outgoing = map snd outgoingL
         isRegular = ((== CFEFlow) . fst)
 
-runRoot ctx entry exit = do
-    let env = createEnvironmentState
+runRoot ctx env entry exit = do
     writeSTRef (cInput ctx) $ env
     writeSTRef (cOutput ctx) $ env
     writeSTRef (cNode ctx) $ entry
@@ -1321,9 +1320,10 @@ analyzeControlFlow params t =
         runST $ f cfg entry exit
   where
     f cfg entry exit = do
+        let env = createEnvironmentState
         ctx <- newCtx $ cfGraph cfg
         -- Do a dataflow analysis starting on the root node
-        exitState <- runRoot ctx entry exit
+        exitState <- runRoot ctx env entry exit
 
         -- All nodes we've touched
         invocations <- readSTRef $ cInvocations ctx
@@ -1336,7 +1336,7 @@ analyzeControlFlow params t =
         let uninvoked = M.difference declaredFunctions invokedNodes
 
         let stragglerInput =
-                exitState {
+                (env `patchState` exitState) {
                     -- We don't want `die() { exit $?; }; echo "Sourced"` to assume $? is always echo
                     sExitCodes = Nothing
                 }

From 581981ba7696e642ce4ffa57d6cc2a585ad631d5 Mon Sep 17 00:00:00 2001
From: Christian Nassif-Haynes <ch.na.ha@gmail.com>
Date: Sat, 24 Sep 2022 07:20:48 +1000
Subject: [PATCH 060/244] Suppress SC2311 with `set -o posix`

---
 src/ShellCheck/Analytics.hs   |  1 +
 src/ShellCheck/AnalyzerLib.hs | 21 +++++++++------------
 2 files changed, 10 insertions(+), 12 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index e9ea36a..9d924f6 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -4686,6 +4686,7 @@ prop_checkSetESuppressed15 = verifyTree    checkSetESuppressed "set -e; f(){ :;
 prop_checkSetESuppressed16 = verifyTree    checkSetESuppressed "set -e; f(){ :; }; until set -e; f; do :; done"
 prop_checkSetESuppressed17 = verifyNotTree checkSetESuppressed "set -e; f(){ :; }; g(){ :; }; g f"
 prop_checkSetESuppressed18 = verifyNotTree checkSetESuppressed "set -e; shopt -s inherit_errexit; f(){ :; }; x=$(f)"
+prop_checkSetESuppressed19 = verifyNotTree checkSetESuppressed "set -e; set -o posix; f(){ :; }; x=$(f)"
 checkSetESuppressed params t =
     if hasSetE params then runNodeAnalysis checkNode params t else []
   where
diff --git a/src/ShellCheck/AnalyzerLib.hs b/src/ShellCheck/AnalyzerLib.hs
index 88da89e..444c751 100644
--- a/src/ShellCheck/AnalyzerLib.hs
+++ b/src/ShellCheck/AnalyzerLib.hs
@@ -203,22 +203,22 @@ makeParameters spec = params
         hasSetE = containsSetE root,
         hasLastpipe =
             case shellType params of
-                Bash -> containsLastpipe root
+                Bash -> isOptionSet "lastpipe" root
                 Dash -> False
                 Sh   -> False
                 Ksh  -> True,
         hasInheritErrexit =
             case shellType params of
-                Bash -> containsInheritErrexit root
+                Bash -> isOptionSet "inherit_errexit" root
                 Dash -> True
                 Sh   -> True
                 Ksh  -> False,
         hasPipefail =
             case shellType params of
-                Bash -> containsPipefail root
+                Bash -> isOptionSet "pipefail" root
                 Dash -> True
                 Sh   -> True
-                Ksh  -> containsPipefail root,
+                Ksh  -> isOptionSet "pipefail" root,
         shellTypeSpecified = isJust (asShellType spec) || isJust (asFallbackShell spec),
         idMap = getTokenMap root,
         parentMap = getParentTree root,
@@ -247,13 +247,14 @@ containsSetE root = isNothing $ doAnalysis (guard . not . isSetE) root
             _ -> False
     re = mkRegex "[[:space:]]-[^-]*e"
 
-containsPipefail root = isNothing $ doAnalysis (guard . not . isPipefail) root
+
+containsSetOption opt root = isNothing $ doAnalysis (guard . not . isPipefail) root
   where
     isPipefail t =
         case t of
             T_SimpleCommand {}  ->
                 t `isUnqualifiedCommand` "set" &&
-                    ("pipefail" `elem` oversimplify t ||
+                    (opt `elem` oversimplify t ||
                         "o" `elem` map snd (getAllFlags t))
             _ -> False
 
@@ -267,12 +268,8 @@ containsShopt shopt root =
                         (shopt `elem` oversimplify t)
                 _ -> False
 
--- Does this script mention 'shopt -s inherit_errexit' anywhere?
-containsInheritErrexit = containsShopt "inherit_errexit"
-
--- Does this script mention 'shopt -s lastpipe' anywhere?
--- Also used as a hack.
-containsLastpipe = containsShopt "lastpipe"
+-- Does this script mention 'shopt -s $opt' or 'set -o $opt' anywhere?
+isOptionSet opt root = containsShopt opt root || containsSetOption opt root
 
 
 prop_determineShell0 = determineShellTest "#!/bin/sh" == Sh

From ef5f9a7af5e2f8287c535a45bba352ea193aab4b Mon Sep 17 00:00:00 2001
From: Christian Nassif-Haynes <ch.na.ha@gmail.com>
Date: Sun, 25 Sep 2022 03:04:20 +1000
Subject: [PATCH 061/244] Add `mapfile` to harmless commands for SC2094

---
 src/ShellCheck/Analytics.hs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index e9ea36a..7237462 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -807,6 +807,7 @@ prop_checkRedirectToSame6 = verifyNot checkRedirectToSame "echo foo > foo"
 prop_checkRedirectToSame7 = verifyNot checkRedirectToSame "sed 's/foo/bar/g' file | sponge file"
 prop_checkRedirectToSame8 = verifyNot checkRedirectToSame "while read -r line; do _=\"$fname\"; done <\"$fname\""
 prop_checkRedirectToSame9 = verifyNot checkRedirectToSame "while read -r line; do cat < \"$fname\"; done <\"$fname\""
+prop_checkRedirectToSame10 = verifyNot checkRedirectToSame "mapfile -t foo <foo"
 checkRedirectToSame params s@(T_Pipeline _ _ list) =
     mapM_ (\l -> (mapM_ (\x -> doAnalysis (checkOccurrences x) l) (getAllRedirs list))) list
   where
@@ -852,7 +853,7 @@ checkRedirectToSame params s@(T_Pipeline _ _ list) =
     isHarmlessCommand arg = fromMaybe False $ do
         cmd <- getClosestCommand (parentMap params) arg
         name <- getCommandBasename cmd
-        return $ name `elem` ["echo", "printf", "sponge"]
+        return $ name `elem` ["echo", "mapfile", "printf", "sponge"]
     containsAssignment arg = fromMaybe False $ do
         cmd <- getClosestCommand (parentMap params) arg
         return $ isAssignment cmd

From 128351f5ef002be2ca3d2b2e3e2859c2c6c84e9a Mon Sep 17 00:00:00 2001
From: Peter Oliver <git@mavit.org.uk>
Date: Fri, 7 Oct 2022 17:02:31 +0100
Subject: [PATCH 062/244] Permit colon after exec
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

ShellCheck throws warning SC2093 when a script contains commands that could never be executed because they are after an `exec`.  Command `:` does nothing, so add it to the list of commands that don’t trigger this warning.
---
 src/ShellCheck/Analytics.hs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index aa99934..ba2379d 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -1876,6 +1876,7 @@ prop_checkSpuriousExec7 = verifyNot checkSpuriousExec "exec file; echo failed; e
 prop_checkSpuriousExec8 = verifyNot checkSpuriousExec "exec {origout}>&1- >tmp.log 2>&1; bar"
 prop_checkSpuriousExec9 = verify checkSpuriousExec "for file in rc.d/*; do exec \"$file\"; done"
 prop_checkSpuriousExec10 = verifyNot checkSpuriousExec "exec file; r=$?; printf >&2 'failed\n'; return $r"
+prop_checkSpuriousExec11 = verifyNot checkSpuriousExec "exec file; :"
 checkSpuriousExec _ = doLists
   where
     doLists (T_Script _ _ cmds) = doList cmds False
@@ -1891,7 +1892,7 @@ checkSpuriousExec _ = doLists
 
     stripCleanup = reverse . dropWhile cleanup . reverse
     cleanup (T_Pipeline _ _ [cmd]) =
-        isCommandMatch cmd (`elem` ["echo", "exit", "printf", "return"])
+        isCommandMatch cmd (`elem` [":", "echo", "exit", "printf", "return"])
         || isAssignment cmd
     cleanup _ = False
 

From 43aca62ca7ffa84a406623d81fd67758b577bfa5 Mon Sep 17 00:00:00 2001
From: Christian Nassif-Haynes <ch.na.ha@gmail.com>
Date: Sun, 9 Oct 2022 07:59:05 +1100
Subject: [PATCH 063/244] Fix false positive for SC2312 when using `time`

---
 src/ShellCheck/Analytics.hs | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index aa99934..bf77c9c 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -4765,8 +4765,12 @@ prop_checkExtraMaskedReturns32 = verifyNotTree checkExtraMaskedReturns "false <
 prop_checkExtraMaskedReturns33 = verifyNotTree checkExtraMaskedReturns "{ false || true; } | true"
 prop_checkExtraMaskedReturns34 = verifyNotTree checkExtraMaskedReturns "{ false || :; } | true"
 prop_checkExtraMaskedReturns35 = verifyTree checkExtraMaskedReturns "f() { local -r x=$(false); }"
+prop_checkExtraMaskedReturns36 = verifyNotTree checkExtraMaskedReturns "time false"
+prop_checkExtraMaskedReturns37 = verifyNotTree checkExtraMaskedReturns "time $(time false)"
+prop_checkExtraMaskedReturns38 = verifyTree checkExtraMaskedReturns "x=$(time time time false) time $(time false)"
 
-checkExtraMaskedReturns params t = runNodeAnalysis findMaskingNodes params t
+checkExtraMaskedReturns params t =
+    runNodeAnalysis findMaskingNodes params (removeTransparentCommands t)
   where
     findMaskingNodes _ (T_Arithmetic _ list) = findMaskedNodesInList [list]
     findMaskingNodes _ (T_Array _ list) = findMaskedNodesInList $ allButLastSimpleCommands list
@@ -4799,6 +4803,13 @@ checkExtraMaskedReturns params t = runNodeAnalysis findMaskingNodes params t
       where
         simpleCommands = filter containsSimpleCommand cmds
 
+    removeTransparentCommands t =
+        doTransform go t
+      where
+        go cmd@(T_SimpleCommand id assigns (_:args)) | isTransparentCommand cmd
+          = T_SimpleCommand id assigns args
+        go t = t
+
     inform t = info (getId t) 2312 ("Consider invoking this command "
         ++ "separately to avoid masking its return value (or use '|| true' "
         ++ "to ignore).")
@@ -4831,6 +4842,10 @@ checkExtraMaskedReturns params t = runNodeAnalysis findMaskingNodes params t
             ,"shopt"
             ]
 
+    isTransparentCommand t = fromMaybe False $ do
+        basename <- getCommandBasename t
+        return $ basename == "time"
+
     parentChildPairs t = go $ parents params t
       where
         go (child:parent:rest) = (parent, child):go (parent:rest)

From 81c2ecaccb47ced29e9e596f0d53b3068eff6811 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Tue, 11 Oct 2022 19:40:29 -0700
Subject: [PATCH 064/244] Remove true/false from SC2216/SC2217 (fixes #2603)

---
 src/ShellCheck/Data.hs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/ShellCheck/Data.hs b/src/ShellCheck/Data.hs
index 7d6f5b4..550ff87 100644
--- a/src/ShellCheck/Data.hs
+++ b/src/ShellCheck/Data.hs
@@ -121,10 +121,10 @@ commonCommands = [
 
 nonReadingCommands = [
     "alias", "basename", "bg", "cal", "cd", "chgrp", "chmod", "chown",
-    "cp", "du", "echo", "export", "false", "fg", "fuser", "getconf",
+    "cp", "du", "echo", "export", "fg", "fuser", "getconf",
     "getopt", "getopts", "ipcrm", "ipcs", "jobs", "kill", "ln", "ls",
     "locale", "mv", "printf", "ps", "pwd", "renice", "rm", "rmdir",
-    "set", "sleep", "touch", "trap", "true", "ulimit", "unalias", "uname"
+    "set", "sleep", "touch", "trap", "ulimit", "unalias", "uname"
     ]
 
 sampleWords = [

From fa7943ac0e79dc3ac94bede40c55b8f407a699d6 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Tue, 11 Oct 2022 20:10:34 -0700
Subject: [PATCH 065/244] Revert "Add employer mandated disclaimer"

This reverts commit 5202072a3439935fbc5a9b92fe66833633f63437.
---
 LICENSE | 10 ----------
 1 file changed, 10 deletions(-)

diff --git a/LICENSE b/LICENSE
index 0df6056..f288702 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,13 +1,3 @@
-Employer mandated disclaimer:
-
-  I am providing code in the repository to you under an open source license.
-  Because this is my personal repository, the license you receive to my code is
-  from me and other individual contributors, and not my employer (Facebook).
-
-  - Vidar "koala_man" Holen
-
-----
-
                     GNU GENERAL PUBLIC LICENSE
                        Version 3, 29 June 2007
 

From a524929b6920ed4950b5bf5a97c57a40dd9b09f5 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Wed, 12 Oct 2022 20:21:48 -0700
Subject: [PATCH 066/244] Remove outdated test

---
 src/ShellCheck/Analytics.hs | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index bf77c9c..e8bc4b9 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -3575,7 +3575,6 @@ prop_checkPipeToNowhere4 = verify checkPipeToNowhere "printf 'Lol' << eof\nlol\n
 prop_checkPipeToNowhere5 = verifyNot checkPipeToNowhere "echo foo | xargs du"
 prop_checkPipeToNowhere6 = verifyNot checkPipeToNowhere "ls | echo $(cat)"
 prop_checkPipeToNowhere7 = verifyNot checkPipeToNowhere "echo foo | var=$(cat) ls"
-prop_checkPipeToNowhere8 = verify checkPipeToNowhere "foo | true"
 prop_checkPipeToNowhere9 = verifyNot checkPipeToNowhere "mv -i f . < /dev/stdin"
 prop_checkPipeToNowhere10 = verify checkPipeToNowhere "ls > file | grep foo"
 prop_checkPipeToNowhere11 = verify checkPipeToNowhere "ls | grep foo < file"

From 14056a7f3a5917cba81582b33624948e83d7a50d Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Wed, 12 Oct 2022 20:20:59 -0700
Subject: [PATCH 067/244] Don't suggest pgrep for `ps -p .. | grep` (fixes
 #2597)

---
 src/ShellCheck/Analytics.hs | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index e8bc4b9..77c527f 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -550,6 +550,7 @@ prop_checkPipePitfalls19 = verifyNot checkPipePitfalls "foo | grep -A2 bar | wc
 prop_checkPipePitfalls20 = verifyNot checkPipePitfalls "foo | grep -B999 bar | wc -l"
 prop_checkPipePitfalls21 = verifyNot checkPipePitfalls "foo | grep --after-context 999 bar | wc -l"
 prop_checkPipePitfalls22 = verifyNot checkPipePitfalls "foo | grep -B 1 --after-context 999 bar | wc -l"
+prop_checkPipePitfalls23 = verifyNot checkPipePitfalls "ps -o pid,args -p $(pgrep java) | grep -F net.shellcheck.Test"
 checkPipePitfalls _ (T_Pipeline id _ commands) = do
     for ["find", "xargs"] $
         \(find:xargs:_) ->
@@ -563,8 +564,15 @@ checkPipePitfalls _ (T_Pipeline id _ commands) = do
               ]) $ warn (getId find) 2038
                       "Use -print0/-0 or -exec + to allow for non-alphanumeric filenames."
 
-    for' ["ps", "grep"] $
-        \x -> info x 2009 "Consider using pgrep instead of grepping ps output."
+    for ["ps", "grep"] $
+        \(ps:grep:_) ->
+            let
+                psFlags = maybe [] (map snd . getAllFlags) $ getCommand ps
+            in
+                -- There are many ways to specify a pid: 1, -1, p 1, wup 1, -q 1, -p 1, --pid 1.
+                -- For simplicity we only deal with the most canonical looking flags:
+                unless (any (`elem` ["p", "pid", "q", "quick-pid"]) psFlags) $
+                    info (getId ps) 2009 "Consider using pgrep instead of grepping ps output."
 
     for ["grep", "wc"] $
         \(grep:wc:_) ->
@@ -782,6 +790,7 @@ prop_checkUnquotedExpansions7 = verifyNot checkUnquotedExpansions "cat << foo\n$
 prop_checkUnquotedExpansions8 = verifyNot checkUnquotedExpansions "set -- $(seq 1 4)"
 prop_checkUnquotedExpansions9 = verifyNot checkUnquotedExpansions "echo foo `# inline comment`"
 prop_checkUnquotedExpansions10 = verify checkUnquotedExpansions "#!/bin/sh\nexport var=$(val)"
+prop_checkUnquotedExpansions11 = verifyNot checkUnquotedExpansions "ps -p $(pgrep foo)"
 checkUnquotedExpansions params =
     check
   where
@@ -795,7 +804,7 @@ checkUnquotedExpansions params =
             warn (getId t) 2046 "Quote this to prevent word splitting."
 
     shouldBeSplit t =
-        getCommandNameFromExpansion t == Just "seq"
+        getCommandNameFromExpansion t `elem` [Just "seq", Just "pgrep"]
 
 
 prop_checkRedirectToSame = verify checkRedirectToSame "cat foo > foo"

From d9c9e60fb0064a45188dd93993ad86253ac5a0b3 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Thu, 13 Oct 2022 19:46:15 -0700
Subject: [PATCH 068/244] Allow arbitrary bats @test names (fixes #2587)

---
 src/ShellCheck/AST.hs    |  2 +-
 src/ShellCheck/Parser.hs | 19 ++++++++++++++++---
 2 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/src/ShellCheck/AST.hs b/src/ShellCheck/AST.hs
index ca5007a..5c20416 100644
--- a/src/ShellCheck/AST.hs
+++ b/src/ShellCheck/AST.hs
@@ -142,7 +142,7 @@ data InnerToken t =
     | Inner_T_CoProcBody t
     | Inner_T_Include t
     | Inner_T_SourceCommand t t
-    | Inner_T_BatsTest t t
+    | Inner_T_BatsTest String t
     deriving (Show, Eq, Functor, Foldable, Traversable)
 
 data Annotation =
diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index aeaf703..969f4b7 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -2500,16 +2500,29 @@ readBraceGroup = called "brace group" $ do
     spacing
     return $ T_BraceGroup id list
 
-prop_readBatsTest = isOk readBatsTest "@test 'can parse' {\n  true\n}"
+prop_readBatsTest1 = isOk readBatsTest "@test 'can parse' {\n  true\n}"
+prop_readBatsTest2 = isOk readBatsTest "@test random text !(@*$Y&! {\n  true\n}"
+prop_readBatsTest3 = isOk readBatsTest "@test foo { bar { baz {\n  true\n}"
+prop_readBatsTest4 = isNotOk readBatsTest "@test foo \n{\n true\n}"
 readBatsTest = called "bats @test" $ do
     start <- startSpan
-    try $ string "@test"
+    try $ string "@test "
     spacing
-    name <- readNormalWord
+    name <- readBatsName
     spacing
     test <- readBraceGroup
     id <- endSpan start
     return $ T_BatsTest id name test
+  where
+    readBatsName = do
+        line <- try . lookAhead $ many1 $ noneOf "\n"
+        let name = reverse $ f $ reverse line
+        string name
+
+    -- We want everything before the last " {" in a string, so we find everything after "{ " in its reverse
+    f ('{':' ':rest) = dropWhile isSpace rest
+    f (a:rest) = f rest
+    f [] = ""
 
 prop_readWhileClause = isOk readWhileClause "while [[ -e foo ]]; do sleep 1; done"
 readWhileClause = called "while loop" $ do

From b770984dfcfb90d74b2ca7c1ad11cd35bb45d45e Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Thu, 13 Oct 2022 21:04:38 -0700
Subject: [PATCH 069/244] Try to parse the inside of traps (fixes #2584)

---
 src/ShellCheck/Parser.hs | 21 ++++++++++++++++++---
 1 file changed, 18 insertions(+), 3 deletions(-)

diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 969f4b7..837735a 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -2112,6 +2112,7 @@ prop_readSimpleCommand11 = isOk readSimpleCommand "/\\* foo"
 prop_readSimpleCommand12 = isWarning readSimpleCommand "elsif foo"
 prop_readSimpleCommand13 = isWarning readSimpleCommand "ElseIf foo"
 prop_readSimpleCommand14 = isWarning readSimpleCommand "elseif[$i==2]"
+prop_readSimpleCommand15 = isWarning readSimpleCommand "trap 'foo\"bar' INT"
 readSimpleCommand = called "simple command" $ do
     prefix <- option [] readCmdPrefix
     skipAnnotationAndWarn
@@ -2141,9 +2142,12 @@ readSimpleCommand = called "simple command" $ do
             id2 <- getNewIdFor id1
 
             let result = makeSimpleCommand id1 id2 prefix [cmd] suffix
-            if isCommand ["source", "."] cmd
-                then readSource result
-                else return result
+            case () of
+                _ | isCommand ["source", "."] cmd -> readSource result
+                _ | isCommand ["trap"] cmd -> do
+                        syntaxCheckTrap result
+                        return result
+                _ -> return result
   where
     isCommand strings (T_NormalWord _ [T_Literal _ s]) = s `elem` strings
     isCommand _ _ = False
@@ -2163,6 +2167,17 @@ readSimpleCommand = called "simple command" $ do
                     parseProblemAtId (getId cmd) ErrorC 1131 "Use 'elif' to start another branch."
             _ -> return ()
 
+    syntaxCheckTrap cmd =
+        case cmd of
+            (T_Redirecting _ _ (T_SimpleCommand _ _ (cmd:arg:_))) -> checkArg arg (getLiteralString arg)
+            _ -> return ()
+      where
+        checkArg _ Nothing = return ()
+        checkArg arg (Just ('-':_)) = return ()
+        checkArg arg (Just str) = do
+            (start,end) <- getSpanForId (getId arg)
+            subParse start (tryWithErrors (readCompoundListOrEmpty >> verifyEof) <|> return ()) str
+
     commentWarning id =
         parseProblemAtId id ErrorC 1127 "Was this intended as a comment? Use # in sh."
 

From 86e2b76730bef5ec509828d138c67d6b49b89b7f Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 29 Oct 2022 12:50:07 -0700
Subject: [PATCH 070/244] Improve SC1059 error message

---
 src/ShellCheck/Parser.hs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 837735a..dd0f0f0 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -2566,7 +2566,7 @@ readDoGroup kwId = do
         parseProblem ErrorC 1058 "Expected 'do'."
         return "Expected 'do'"
 
-    acceptButWarn g_Semi ErrorC 1059 "No semicolons directly after 'do'."
+    acceptButWarn g_Semi ErrorC 1059 "Semicolon is not allowed directly after 'do'. You can just delete it."
     allspacing
 
     optional (do

From 84d8530f14e35ff3fb7688fb11935b60b02deaf0 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 29 Oct 2022 12:50:37 -0700
Subject: [PATCH 071/244] Add SVG logo

---
 doc/shellcheck_logo.svg | 294 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 294 insertions(+)
 create mode 100644 doc/shellcheck_logo.svg

diff --git a/doc/shellcheck_logo.svg b/doc/shellcheck_logo.svg
new file mode 100644
index 0000000..836aa63
--- /dev/null
+++ b/doc/shellcheck_logo.svg
@@ -0,0 +1,294 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg
+   width="100%"
+   height="100%"
+   viewBox="0 0 4000 4000"
+   version="1.1"
+   xml:space="preserve"
+   style="fill-rule:evenodd;clip-rule:evenodd;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:1.5;"
+   id="svg124"
+   sodipodi:docname="shellcheck.svg"
+   inkscape:version="1.1.2 (0a00cf5339, 2022-02-04)"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:xlink="http://www.w3.org/1999/xlink"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:svg="http://www.w3.org/2000/svg"><sodipodi:namedview
+   id="namedview126"
+   pagecolor="#ffffff"
+   bordercolor="#666666"
+   borderopacity="1.0"
+   inkscape:pageshadow="2"
+   inkscape:pageopacity="0.0"
+   inkscape:pagecheckerboard="0"
+   showgrid="false"
+   inkscape:zoom="0.125"
+   inkscape:cx="2540"
+   inkscape:cy="2236"
+   inkscape:window-width="1550"
+   inkscape:window-height="1082"
+   inkscape:window-x="503"
+   inkscape:window-y="159"
+   inkscape:window-maximized="1"
+   inkscape:current-layer="svg124" />
+    <g
+   id="g122"><path
+     d="m 2096.6192,1246.2672 c 0,0 243.6278,-292.73795 662.3938,-298.38953 429.5871,-5.79755 587.762,129.85723 727.3938,273.93773 146.3635,151.0269 297.4285,495.7741 319.0688,799.7537 25.2527,354.7244 -143.984,972.7331 -212.8461,1168.5164 L 1987.5041,2818.0971 Z"
+     style="fill:#cecfcb;stroke:#000000;stroke-width:87.9348px"
+     id="path2"
+     sodipodi:nodetypes="csssccc" /><path
+     d="m 846.41409,2043.7355 c 0,0 36.1207,762.8045 541.72901,1157.5057 505.6248,394.7012 686.2285,58.1215 825.7859,-229.2026 139.5574,-287.324 707.1621,-1531.3881 49.2556,-2068.73344 -394.0445,-321.83582 -664.9501,0 -664.9501,0 z"
+     style="fill:#cecfcb;stroke:#000000;stroke-width:90.3511px"
+     id="path4" /><path
+     d="m 1055.8815,781.15138 c 0,0 476.1371,-130.10035 666.5919,35.10279 190.4549,165.20315 124.5509,873.69513 -134.6318,1219.27213 -177.32,236.4267 -499.0081,534.6198 -783.90221,212.1601 -243.7001,-275.8311 -173.1005,-610.4241 -174.0199,-859.5259 -0.9195,-249.0854 425.96201,-607.00912 425.96201,-607.00912 z"
+     style="fill:#cecfcb;stroke:#000000;stroke-width:90.3511px"
+     id="path6" /><path
+     d="m 578.82499,1256.7466 c 0,0 -15.3349,409.363 190.3564,479.4208 205.6912,70.0578 367.69271,-202.3911 372.07651,-441.6089 4.3673,-239.2178 88.9391,-458.20806 0,-558.82075 C 1050.9396,633.56531 889.67689,621.89174 769.18139,667.86359 l -190.3564,351.81601 z"
+     style="fill:#cecfcb;stroke:#000000;stroke-width:90.3511px"
+     id="path8" /><path
+     d="m 577.54439,655.28701 c 0,0 122.9911,-28.69957 191.637,47.6137 90.2197,100.2679 -163.43,320.86709 -190.3564,553.84589 -14.3333,124.0255 -225.11428,-86.6733 -144.1217,-237.067 50.4869,-138.63795 98.2156,-260.79174 142.8411,-364.39259 z"
+     style="fill:#cecfcb;stroke-width:1.64185"
+     id="path10" /><g
+     clip-path="url(#_clip1)"
+     id="g27"
+     transform="matrix(1.641852,0,0,1.641852,-1328.5801,-1172.751)">
+            <g
+   transform="translate(-92,-181)"
+   id="g17">
+                <path
+   d="m 1222.67,1513.96 c 0,0 10.39,9.22 26.19,28.9 5.58,6.94 11.3,14.93 18.06,24.29 2.78,3.86 5.58,7.88 8.72,12.03 2.86,3.79 5.84,7.7 9.06,11.66 2.19,2.7 4.54,5.36 6.98,8.07 5.42,6.05 11.07,12.09 17.03,18.76 11.75,13.13 23.89,26.32 35.96,43.29 -2.37,-12.79 -4.84,-23.98 -8.24,-35.26 -2.48,-8.21 -5.25,-15.56 -8.34,-22.88 -3.35,-7.91 -6.91,-15.11 -10.91,-21.9 -2.86,-4.84 -5.97,-9.32 -9.24,-13.44 -2.61,-3.3 -5.36,-6.34 -8.19,-9.12 -7.44,-7.32 -14.74,-13.38 -21.98,-18.42 -12.32,-8.56 -23.03,-13.99 -32.15,-18 -14.58,-6.41 -22.95,-7.98 -22.95,-7.98 z"
+   id="path15" />
+            </g>
+            <g
+   transform="rotate(-7.9485578,-680.95822,1718.6662)"
+   id="g21">
+                <path
+   d="m 1222.67,1513.96 c 0,0 10.39,9.22 26.19,28.9 5.58,6.94 11.3,14.93 18.06,24.29 2.78,3.86 5.58,7.88 8.72,12.03 2.86,3.79 5.84,7.7 9.06,11.66 2.19,2.7 4.54,5.36 6.98,8.07 5.42,6.05 11.07,12.09 17.03,18.76 11.75,13.13 23.89,26.32 35.96,43.29 -2.37,-12.79 -4.84,-23.98 -8.24,-35.26 -2.48,-8.21 -5.25,-15.56 -8.34,-22.88 -3.35,-7.91 -6.91,-15.11 -10.91,-21.9 -2.86,-4.84 -5.97,-9.32 -9.24,-13.44 -2.61,-3.3 -5.36,-6.34 -8.19,-9.12 -7.44,-7.32 -14.74,-13.38 -21.98,-18.42 -12.32,-8.56 -23.03,-13.99 -32.15,-18 -14.58,-6.41 -22.95,-7.98 -22.95,-7.98 z"
+   id="path19" />
+            </g>
+            <g
+   transform="rotate(-7.9485578,-1286.1686,1408.925)"
+   id="g25">
+                <path
+   d="m 1222.67,1513.96 c 0,0 10.39,9.22 26.19,28.9 5.58,6.94 11.3,14.93 18.06,24.29 2.78,3.86 5.58,7.88 8.72,12.03 2.86,3.79 5.84,7.7 9.06,11.66 2.19,2.7 4.54,5.36 6.98,8.07 5.42,6.05 11.07,12.09 17.03,18.76 11.75,13.13 23.89,26.32 35.96,43.29 -2.37,-12.79 -4.84,-23.98 -8.24,-35.26 -2.48,-8.21 -5.25,-15.56 -8.34,-22.88 -3.35,-7.91 -6.91,-15.11 -10.91,-21.9 -2.86,-4.84 -5.97,-9.32 -9.24,-13.44 -2.61,-3.3 -5.36,-6.34 -8.19,-9.12 -7.44,-7.32 -14.74,-13.38 -21.98,-18.42 -12.32,-8.56 -23.03,-13.99 -32.15,-18 -14.58,-6.41 -22.95,-7.98 -22.95,-7.98 z"
+   id="path23" />
+            </g>
+        </g><path
+     d="m 577.54439,655.28701 c 0,0 122.9911,-28.69957 191.637,47.6137 90.2197,100.2679 -163.43,320.86709 -190.3564,553.84589 -14.3333,124.0255 -225.11428,-86.6733 -144.1217,-237.067 50.4869,-138.63795 98.2156,-260.79174 142.8411,-364.39259 z"
+     style="fill:none;stroke:#000000;stroke-width:90.3511px"
+     id="path29" /><path
+     d="m 266.36254,673.34738 c 0,0 153.56405,-123.1389 311.18185,-18.06037 0,0 24.6278,237.97002 -142.8411,364.39259 0,0 -52.65422,-4.827 -168.34075,-346.33222 z"
+     style="fill:#cecfcb;stroke-width:1.64185"
+     id="path31" /><g
+     clip-path="url(#_clip2)"
+     id="g40"
+     transform="matrix(1.641852,0,0,1.641852,-1328.5801,-1172.751)">
+            <g
+   transform="rotate(-7.9485578,-1086.2543,2510.3147)"
+   id="g38">
+                <path
+   d="m 1222.67,1513.96 c 0,0 10.39,9.22 26.19,28.9 5.58,6.94 11.3,14.93 18.06,24.29 2.78,3.86 5.58,7.88 8.72,12.03 2.86,3.79 5.84,7.7 9.06,11.66 2.19,2.7 4.54,5.36 6.98,8.07 5.42,6.05 11.07,12.09 17.03,18.76 11.75,13.13 23.89,26.32 35.96,43.29 -2.37,-12.79 -4.84,-23.98 -8.24,-35.26 -2.48,-8.21 -5.25,-15.56 -8.34,-22.88 -3.35,-7.91 -6.91,-15.11 -10.91,-21.9 -2.86,-4.84 -5.97,-9.32 -9.24,-13.44 -2.61,-3.3 -5.36,-6.34 -8.19,-9.12 -7.44,-7.32 -14.74,-13.38 -21.98,-18.42 -12.32,-8.56 -23.03,-13.99 -32.15,-18 -14.58,-6.41 -22.95,-7.98 -22.95,-7.98 z"
+   id="path36" />
+            </g>
+        </g><path
+     d="m 266.36254,673.34738 c 0,0 153.56405,-123.1389 311.18185,-18.06037 0,0 24.6278,237.97002 -142.8411,364.39259 0,0 -52.65422,-4.827 -168.34075,-346.33222 z"
+     style="fill:none;stroke:#000000;stroke-width:90.3511px"
+     id="path42" /><path
+     d="m 678.86309,1312.9472 c 0,0 17.0588,15.1379 43.0001,47.4496 9.1615,11.3944 18.5529,24.5128 29.6518,39.8805 4.5644,6.3376 9.1616,12.9378 14.317,19.7515 4.6957,6.2226 9.5884,12.6423 14.8752,19.144 3.5956,4.433 7.454,8.8003 11.4601,13.2498 8.8988,9.9332 18.1753,19.8499 27.9607,30.8011 19.2918,21.5575 39.2239,43.2135 59.041,71.0758 -3.8912,-20.9993 -7.9465,-39.3716 -13.5288,-57.8917 -4.0718,-13.4796 -8.6198,-25.5472 -13.6931,-37.5656 -5.5002,-12.9871 -11.3452,-24.8084 -17.9126,-35.9566 -4.6957,-7.9465 -9.8018,-15.302 -15.1707,-22.0664 -4.2852,-5.4182 -8.8003,-10.4094 -13.4468,-14.9737 -12.2153,-12.0184 -24.2009,-21.968 -36.0879,-30.243 -20.2276,-14.0542 -37.8118,-22.9695 -52.7855,-29.5533 -23.9382,-10.5243 -37.6805,-13.102 -37.6805,-13.102 z"
+     id="path44"
+     style="stroke-width:1.64185" /><g
+     transform="matrix(1.6149153,-0.29618673,0.29618673,1.6149153,-1565.261,-1311.9087)"
+     id="g48">
+            <path
+   d="m 1222.67,1513.96 c 0,0 10.39,9.22 26.19,28.9 5.58,6.94 11.3,14.93 18.06,24.29 2.78,3.86 5.58,7.88 8.72,12.03 2.86,3.79 5.84,7.7 9.06,11.66 2.19,2.7 4.54,5.36 6.98,8.07 5.42,6.05 11.07,12.09 17.03,18.76 11.75,13.13 23.89,26.32 35.96,43.29 -2.37,-12.79 -4.84,-23.98 -8.24,-35.26 -2.48,-8.21 -5.25,-15.56 -8.34,-22.88 -3.35,-7.91 -6.91,-15.11 -10.91,-21.9 -2.86,-4.84 -5.97,-9.32 -9.24,-13.44 -2.61,-3.3 -5.36,-6.34 -8.19,-9.12 -7.44,-7.32 -14.74,-13.38 -21.98,-18.42 -12.32,-8.56 -23.03,-13.99 -32.15,-18 -14.58,-6.41 -22.95,-7.98 -22.95,-7.98 z"
+   id="path46" />
+        </g><path
+     d="m 880.17059,1861.3258 c 0,0 13.4303,24.0531 43.0821,57.1529 19.8993,22.2142 46.3659,47.9913 81.04191,72.6355 21.7381,15.4334 46.5465,29.931 74.4415,42.5075 10.9512,4.942 22.4441,9.4243 34.4461,13.2826 15.1871,4.8763 31.1295,8.9153 47.7779,11.8378 23.2322,4.1046 47.5808,6.3211 73.2102,6.5345 23.4128,0.1806 47.4331,-1.1328 72.6026,-4.6957 33.6416,-4.7777 67.907,-13.0855 104.3562,-25.2188 -37.5164,2.7747 -71.9624,1.7568 -105.095,-1.0344 -23.8889,-2.0194 -46.251,-5.336 -67.9727,-9.3914 -23.1501,-4.318 -44.7733,-10.0645 -65.6084,-16.0244 -14.7438,-4.2032 -28.8637,-8.8004 -42.6224,-13.2005 -22.3785,-7.1749 -43.5255,-14.3334 -63.1949,-22.3785 -14.5632,-5.9435 -28.3055,-11.8377 -41.4239,-17.9126 -92.66621,-42.9016 -145.04121,-94.0945 -145.04121,-94.0945 z"
+     id="path50"
+     style="stroke-width:1.64185" /><path
+     d="m 1273.2135,1391.7561 c 0,0 25.892,22.7725 61.4873,65.1816 11.2467,13.381 22.789,28.5518 35.8909,45.233 7.454,9.5063 15.0722,19.5544 23.5934,29.5861 11.8214,13.9229 25.0055,27.5011 37.697,43.1643 8.6525,10.6721 17.3708,21.065 26.089,32.7386 12.6258,16.8946 24.7099,33.6087 36.2685,53.3602 -2.9225,-23.2979 -6.8465,-44.1494 -12.7079,-64.9681 -4.2196,-14.9901 -9.2765,-28.6339 -14.9901,-42.1464 -6.1077,-14.3826 -12.8065,-27.6323 -20.3918,-40.1104 -5.3361,-8.7839 -11.1482,-16.9275 -17.2887,-24.4964 -4.8435,-5.96 -9.9497,-11.4766 -15.2036,-16.5663 -13.5124,-13.0528 -27.0249,-24.0532 -40.4552,-33.264 -22.0008,-15.0557 -41.7687,-25.0875 -58.5156,-32.5579 -25.7935,-11.5094 -41.4732,-15.1543 -41.4732,-15.1543 z"
+     id="path52"
+     style="stroke-width:1.64185" /><path
+     d="m 1306.0505,1178.3154 c 0,0 44.8554,27.3532 105.3413,73.0295 20.5724,15.5155 42.4582,33.0834 65.7397,51.9318 13.9065,11.2467 28.0264,23.0845 42.7538,34.758 21.2128,16.8454 43.2464,33.3789 64.0323,52.1617 14.7602,13.3318 29.1264,26.6636 42.8195,41.309 20.8515,22.3292 39.7984,45.43 55.6916,71.8967 -8.0615,-30.7848 -19.456,-59.4515 -34.3476,-87.1988 -10.1138,-18.8156 -21.6067,-36.3342 -34.249,-53.3438 -12.7736,-17.2066 -26.4831,-33.3131 -41.2433,-48.2704 -9.9989,-10.1467 -20.4739,-19.5873 -31.2773,-28.322 -8.2749,-6.7151 -16.7961,-12.9213 -25.4323,-18.6678 -21.3933,-14.2349 -42.7538,-26.3846 -63.5232,-36.5969 -32.4923,-15.9916 -62.1934,-27.1234 -86.6734,-35.464 -36.5969,-12.4617 -59.6321,-17.223 -59.6321,-17.223 z"
+     id="path54"
+     style="stroke-width:1.64185" /><path
+     d="m 1306.0505,961.59091 c 0,0 55.8558,-2.41352 127.851,20.01417 10.1959,3.1852 20.556,6.83011 31.4415,10.75413 14.6782,5.28677 29.5369,11.95269 45.1345,19.07829 9.5884,4.3838 19.4888,8.7183 29.5205,13.6438 14.2841,7.0272 28.8802,14.3498 43.5584,23.6263 13.8408,8.751 27.5995,18.0768 41.5716,29.3235 19.4232,15.614 38.4194,32.7056 57.3007,54.3124 -11.2467,-27.4025 -23.5606,-50.7989 -37.9925,-72.1101 -11.0168,-16.2544 -22.8546,-30.1773 -35.3819,-43.0165 -13.8408,-14.1856 -28.3055,-26.15475 -43.3613,-36.35065 -10.8034,-7.32266 -21.9351,-13.43035 -33.149,-18.53651 -8.8332,-4.02254 -17.7648,-7.32266 -26.6801,-9.94962 -22.4769,-6.63308 -44.2315,-10.31083 -64.8203,-11.5258 -26.0726,-1.52692 -49.1899,0.32837 -69.3026,3.44789 -41.0299,6.37038 -65.6905,17.2887 -65.6905,17.2887 z"
+     id="path56"
+     style="stroke-width:1.64185" /><path
+     d="m 1989.0609,1447.5791 c 0,0 35.3984,22.8217 86.8704,55.6424 17.6828,11.2631 36.7447,23.5277 57.4156,35.9237 14.0543,8.4391 28.5025,17.0752 43.5419,25.0054 14.7931,7.7824 30.0459,14.6453 45.0853,21.8366 23.6262,11.2795 46.3823,21.7874 67.595,33.4117 24.8741,13.611 46.5794,26.5323 63.9501,41.621 -11.7228,-20.671 -27.7308,-41.3747 -48.0241,-62.5053 -11.887,-12.3796 -24.7591,-24.1189 -38.8134,-35.8417 -13.3154,-11.1153 -27.1727,-21.7874 -41.8836,-31.7041 -9.6377,-6.5018 -19.5873,-12.5602 -29.734,-18.0933 -7.6674,-4.1867 -15.4991,-7.9794 -23.3635,-11.4601 -19.2918,-8.5376 -38.2716,-15.7618 -56.5947,-21.853 -28.5354,-9.5064 -54.0497,-15.9588 -75.164,-21.0978 -31.5235,-7.6839 -50.881,-10.8855 -50.881,-10.8855 z"
+     id="path58"
+     style="stroke-width:1.64185" /><path
+     d="m 1430.2895,2527.9177 c 11.8706,18.9798 23.4785,37.1551 36.1371,55.2319 19.3082,27.6159 38.994,53.7542 60.5187,78.8417 16.9603,19.7679 34.7087,38.4194 53.3273,56.2006 8.0287,7.6675 16.3036,15.0394 24.8413,22.0501 11.4437,9.3914 23.2486,18.2738 35.3819,26.6472 18.3559,12.6587 37.1879,24.1353 56.4633,35.1028 19.3902,11.0169 38.7805,21.1471 58.8604,30.6698 30.1444,14.2841 60.2559,26.4174 91.5004,38.0582 -29.7832,-21.3605 -57.5141,-43.8046 -85.8525,-67.1189 -22.2306,-18.2903 -43.7061,-36.876 -65.5099,-55.9379 -12.8557,-11.2467 -25.5636,-22.5919 -38.5999,-33.7894 -8.6033,-7.3883 -17.3215,-14.6781 -26.1875,-21.8366 -13.2498,-10.7213 -26.713,-21.1799 -40.1597,-31.8519 -13.4468,-10.6885 -26.8279,-21.262 -40.4389,-31.9505 -40.7671,-32.0489 -80.9433,-63.9993 -120.282,-100.3171 z"
+     id="path60"
+     style="stroke-width:1.64185" /><g
+     transform="matrix(1.641852,0,0,1.641852,-1076.4409,-1453.8508)"
+     id="g64">
+            <path
+   d="m 1680.34,2253.96 c 7.23,11.56 14.3,22.63 22.01,33.64 11.76,16.82 23.75,32.74 36.86,48.02 10.33,12.04 21.14,23.4 32.48,34.23 4.89,4.67 9.93,9.16 15.13,13.43 6.97,5.72 14.16,11.13 21.55,16.23 11.18,7.71 22.65,14.7 34.39,21.38 11.81,6.71 23.62,12.88 35.85,18.68 18.36,8.7 36.7,16.09 55.73,23.18 -18.14,-13.01 -35.03,-26.68 -52.29,-40.88 -13.54,-11.14 -26.62,-22.46 -39.9,-34.07 -7.83,-6.85 -15.57,-13.76 -23.51,-20.58 -5.24,-4.5 -10.55,-8.94 -15.95,-13.3 -8.07,-6.53 -16.27,-12.9 -24.46,-19.4 -8.19,-6.51 -16.34,-12.95 -24.63,-19.46 -24.83,-19.52 -49.3,-38.98 -73.26,-61.1 z"
+   id="path62" />
+        </g><g
+     transform="matrix(1.6226262,-0.25052367,0.25052367,1.6226262,-1424.0007,-1329.7528)"
+     id="g68">
+            <path
+   d="m 1680.34,2253.96 c 7.23,11.56 14.3,22.63 22.01,33.64 11.76,16.82 23.75,32.74 36.86,48.02 10.33,12.04 21.14,23.4 32.48,34.23 4.89,4.67 9.93,9.16 15.13,13.43 6.97,5.72 14.16,11.13 21.55,16.23 11.18,7.71 22.65,14.7 34.39,21.38 11.81,6.71 23.62,12.88 35.85,18.68 18.36,8.7 36.7,16.09 55.73,23.18 -18.14,-13.01 -35.03,-26.68 -52.29,-40.88 -13.54,-11.14 -26.62,-22.46 -39.9,-34.07 -7.83,-6.85 -15.57,-13.76 -23.51,-20.58 -5.24,-4.5 -10.55,-8.94 -15.95,-13.3 -8.07,-6.53 -16.27,-12.9 -24.46,-19.4 -8.19,-6.51 -16.34,-12.95 -24.63,-19.46 -24.83,-19.52 -49.3,-38.98 -73.26,-61.1 z"
+   id="path66" />
+        </g><path
+     d="m 1989.0609,1132.3435 c 0,0 33.0341,15.7782 81.3702,37.1715 11.7557,5.2211 24.1024,10.3437 37.385,15.3842 5.2703,2.0031 10.6392,3.8912 16.1558,5.533 7.2078,2.118 14.5468,3.9405 22.0008,5.5988 11.2796,2.5284 22.3785,4.318 33.6908,6.633 11.7064,2.3971 22.674,4.433 33.9864,7.0436 18.7007,4.3016 35.1684,8.2257 51.2586,14.5796 -11.6407,-13.6438 -24.283,-25.8756 -39.8642,-38.2387 -9.7033,-7.7003 -19.5873,-14.3662 -30.4399,-21.0485 -10.5243,-6.4854 -21.0978,-12.3139 -32.3445,-17.4529 -7.4212,-3.3822 -14.9901,-6.2555 -22.6411,-8.6362 -5.845,-1.8224 -11.7228,-3.2344 -17.5843,-4.3509 -14.6124,-2.7583 -28.5353,-4.4494 -41.9657,-5.2703 -21.3933,-1.3135 -39.3388,-0.6732 -54.6408,0.033 -23.2322,1.0836 -36.3671,3.021 -36.3671,3.021 z"
+     id="path70"
+     style="stroke-width:1.64185" /><g
+     transform="matrix(1.641852,0,0,1.641852,-1026.4793,-1159.6161)"
+     id="g74">
+            <circle
+   cx="1687.5699"
+   cy="1350.34"
+   r="504.608"
+   style="fill:#bfbfec;fill-opacity:0.71"
+   id="circle72" />
+        </g><g
+     id="g78"
+     transform="matrix(1.641852,0,0,1.641852,-1133.7366,-1444.5054)">
+            <use
+   xlink:href="#_Image3"
+   x="1221.99"
+   y="992.93103"
+   width="1061.95"
+   height="1061.95"
+   transform="scale(0.999949)"
+   id="use76" />
+        </g><g
+     transform="matrix(1.641852,0,0,1.641852,-1026.4793,-1159.6161)"
+     id="g82">
+            <path
+   d="m 1687.57,818.216 c -293.68,0 -532.12,238.434 -532.12,532.124 0,293.68 238.44,532.12 532.12,532.12 293.69,0 532.12,-238.44 532.12,-532.12 0,-293.69 -238.43,-532.124 -532.12,-532.124 z m 0,55.026 c 263.32,0 477.1,213.778 477.1,477.098 0,263.31 -213.78,477.09 -477.1,477.09 -263.31,0 -477.09,-213.78 -477.09,-477.09 0,-263.32 213.78,-477.098 477.09,-477.098 z"
+   id="path80" />
+        </g><path
+     d="m 1153.1777,1637.7384 c 67.5458,68.7772 146.995,125.8644 234.9654,167.8465 L 554.03309,3262.4002 304.69322,3119.6411 1153.1777,1637.722 Z"
+     style="fill:#c48c00;stroke:#000000;stroke-width:90.3511px"
+     id="path84" /><path
+     d="m 779.01609,1096.2228 c 0,0 16.5827,13.5781 46.7271,53.4094 3.4971,4.6136 6.9778,9.3257 11.1974,14.3662 5.3688,6.4032 10.787,13.496 17.5185,20.4903 4.0062,4.1703 8.5705,8.0779 13.3647,12.1169 6.8301,5.7629 14.12,10.9676 21.9844,17.0424 7.4212,5.7301 14.6453,10.9676 22.8874,17.1245 11.6244,8.6854 22.6248,16.2544 35.4312,26.3518 -4.9748,-15.8111 -9.1287,-28.716 -14.6289,-42.3762 -4.039,-9.9661 -8.0779,-18.4216 -12.6094,-27.107 -4.942,-9.4735 -9.8511,-17.7813 -15.3842,-25.6129 -3.9897,-5.648 -8.2421,-10.7213 -12.6587,-15.3021 -3.5956,-3.7105 -7.339,-7.0107 -11.1645,-9.9496 -10.4258,-8.0286 -20.1456,-14.2184 -29.6847,-19.1276 -13.8901,-7.142 -25.0875,-11.2795 -35.5461,-14.4154 -25.5308,-7.651 -37.4342,-7.0107 -37.4342,-7.0107 z"
+     id="path86"
+     style="stroke-width:1.64185" /><path
+     d="m 2660.2262,1221.2375 c 33.3978,-17.5232 71.3651,-28.1453 112.1597,-33.237 54.5599,-6.8032 113.153,-2.0705 171.2598,12.6682 27.3649,6.9307 54.3064,16.3013 80.6834,27.7038 25.8178,11.1569 50.7315,24.6113 74.54,40.0804 15.6495,10.1645 30.7007,21.2941 45.2221,33.2127 14.3754,11.7922 28.3644,24.1707 41.2178,37.9412 30.6739,31.1978 58.7363,58.6149 85.5418,81.9975 54.7024,47.7063 101.7914,80.3904 144.4986,103.6369 69.2295,37.7126 125.5432,49.9001 183.9999,58.3492 -54.8902,-17.5497 -106.5946,-39.0609 -168.1719,-85.3352 -37.3064,-28.0535 -77.4222,-65.4017 -124.715,-116.452 -23.4779,-25.3525 -48.8717,-53.6501 -75.9699,-86.3272 -14.533,-16.6194 -30.0492,-32.1996 -46.8297,-46.0878 -16.7627,-13.8745 -34.6415,-26.2276 -53.2778,-37.0972 -27.7483,-16.1952 -57.0667,-29.3655 -87.2823,-39.2491 -30.1311,-9.8467 -60.9142,-16.7738 -91.8301,-20.3811 -63.6358,-7.4212 -126.716,-2.6505 -183.2184,14.2626 -40.5541,12.1503 -77.0487,30.3383 -107.828,54.3141 z"
+     id="path88"
+     style="stroke-width:1.59794" /><g
+     transform="matrix(1.5650446,0,0,1.6315275,-1061.523,-619.08961)"
+     id="g92">
+            <path
+   d="m 2374.85,1368.34 c 0,0 36.32,-10.26 89.44,-14.69 38.13,-3.19 84.55,-2.69 132.72,6.71 33.67,6.56 67.79,17.99 100.68,36.24 14.97,8.31 29.73,17.88 44.08,29.21 13.4,10.57 26.7,22.27 39.12,36.17 38.43,41.19 72.58,72.7 103.88,96.31 50.25,37.9 91.25,55.92 124.08,66.05 -25.55,-12.31 -55.48,-31.25 -90.6,-62.87 -17.91,-16.12 -36.83,-35.53 -57.46,-58.95 -16.4,-18.63 -33.79,-39.61 -51.98,-63.82 -10.25,-13.27 -21.01,-25.27 -32.41,-35.93 -12.23,-11.43 -25.08,-21.43 -38.43,-29.88 -28.51,-18.05 -58.85,-29.96 -89.18,-37.1 -38.82,-9.15 -77.54,-10.74 -113.2,-8.03 -91.19,6.93 -160.74,40.58 -160.74,40.58 z"
+   id="path90" />
+        </g><g
+     transform="matrix(1.5650446,0,0,1.6315275,-1128.124,-317.52693)"
+     id="g96">
+            <path
+   d="m 2411.95,1342.52 c 24.63,-0.75 52.69,-2.12 83.37,-1.59 37.36,0.65 77.87,4.84 120.02,18.02 14.61,4.57 29.29,10.29 44.23,17.2 20.14,9.31 40.3,21.28 60.82,36.08 10.27,7.4 20.67,15.45 31.16,24.3 9.77,8.24 19.79,16.93 29.65,26.69 23.77,22.73 43.83,41.64 61.65,57.12 27.55,23.95 48.97,40.11 67.46,51.69 39.27,24.6 64.33,28.11 106.54,36.31 -38.96,-14.23 -62.11,-21.49 -96.1,-50.53 -15.98,-13.66 -33.98,-32.14 -57.59,-58.2 -15.62,-17.23 -33.66,-37.5 -54.66,-62.16 -10.01,-11.35 -20,-21.85 -30.3,-31.27 -11.24,-10.28 -22.69,-19.39 -34.27,-27.36 -23.33,-16.07 -46.93,-27.95 -70.21,-36.62 -17.12,-6.37 -34.03,-11.02 -50.74,-14.12 -37.87,-7.02 -73.92,-7.03 -107.44,-3.7 -38.97,3.86 -73.76,12.17 -103.59,18.14 z"
+   id="path94" />
+        </g><g
+     transform="matrix(1.5556313,-0.17867515,0.17139434,1.6217142,-1363.681,466.07604)"
+     id="g100">
+            <path
+   d="m 2411.95,1342.52 c 24.63,-0.75 52.69,-2.12 83.37,-1.59 37.36,0.65 77.87,4.84 120.02,18.02 14.61,4.57 29.29,10.29 44.23,17.2 20.14,9.31 40.3,21.28 60.82,36.08 10.27,7.4 20.67,15.45 31.16,24.3 9.77,8.24 19.79,16.93 29.65,26.69 23.77,22.73 43.83,41.64 61.65,57.12 27.55,23.95 48.97,40.11 67.46,51.69 39.27,24.6 64.33,28.11 106.54,36.31 -38.96,-14.23 -62.11,-21.49 -96.1,-50.53 -15.98,-13.66 -33.98,-32.14 -57.59,-58.2 -15.62,-17.23 -33.66,-37.5 -54.66,-62.16 -10.01,-11.35 -20,-21.85 -30.3,-31.27 -11.24,-10.28 -22.69,-19.39 -34.27,-27.36 -23.33,-16.07 -46.93,-27.95 -70.21,-36.62 -17.12,-6.37 -34.03,-11.02 -50.74,-14.12 -37.87,-7.02 -73.92,-7.03 -107.44,-3.7 -38.97,3.86 -73.76,12.17 -103.59,18.14 z"
+   id="path98" />
+        </g><g
+     transform="matrix(1.4729449,0,0,1.6315275,-995.35512,-1017.2161)"
+     id="g115">
+            <ellipse
+   cx="2661.52"
+   cy="2514.75"
+   rx="472"
+   ry="380"
+   style="fill:#cecfcb"
+   id="ellipse102" />
+            <clipPath
+   id="_clip4">
+                <ellipse
+   cx="2661.52"
+   cy="2514.75"
+   rx="472"
+   ry="380"
+   id="ellipse104" />
+            </clipPath>
+            <g
+   clip-path="url(#_clip4)"
+   id="g111">
+                <g
+   transform="matrix(1.06253,0,0,1,-67.2689,-113.517)"
+   id="g109">
+                    <use
+   xlink:href="#_Image5"
+   x="2125.3"
+   y="2248.27"
+   width="888.448"
+   height="582"
+   transform="scale(0.999379,1)"
+   id="use107" />
+                </g>
+            </g>
+            <ellipse
+   cx="2661.52"
+   cy="2514.75"
+   rx="472"
+   ry="380"
+   style="fill:none;stroke:#000000;stroke-width:56.67px"
+   id="ellipse113" />
+        </g></g>
+    <g
+   id="Layer1">
+    </g>
+    <defs
+   id="defs122">
+        <image
+   id="_Image3"
+   width="1062px"
+   height="1062px"
+   xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABCYAAAQmCAYAAADsq74/AAAACXBIWXMAAA7EAAAOxAGVKw4bAAAgAElEQVR4nOyd65bjONJr6ayeef/nPV+XfX70sDqMBCKClOy0M4G1tMSbbpQtkVsQdRmWZVmWZb29brfb5av34St0uVxuX70PlmVZlmUd08dX74BlWZZlWZZlWZZlWT9XP/LpimVZlmU9Sy/sZHjV/XpJB4SdGZZlWZb1OP311TtgWZZlWdbD9KrwIVO2z4YDlmVZlvUN9Y4NFsuyLMt6mp7gePiKe/Gr3/+/AkA8dJt2XFiWZVmWlh0TlmVZlvV8fRXseHUgMTX3U3XmH9HJj3VjiGBZlmVZT9S7NFAsy7Is65BOdD6cee/srsv362PqgoYzgcQp67LTwrIsy/oJsmPCsizLsvo6Cghw+WfDkncDHGcBhd3jPgIFLgeXtyzLsqwfo3droFiWZVnWGOMUB8TO8s8CAI8CGNV2vlqP6sjjeo9u55EOjEP7ZoeFZVmW9Y6yY8KyLMv6iVrtkB8FBbtjPqxsZxcyvAqcuI29fel0xHHMCrWd7pgW1X7idlZggZ0WlmVZ1o/TqzRGLMuyLGuMccgJcWYn/lng4oz9+CoXR1ev5E6oyuxua/UYz9qPnW2PMeyssCzLsl5LdkxYlmVZ30G7nfOzl8vW9yjXhMFEr1zlyFD5bL2VA6MCF5VjY8VpYYeFZVmW9fayY8KyLMt6ih7shDi78767Ppa+CiTOgCCd/NVyj9aZAKKTvvopUpa++znTG8wrneGwsLPCsizLelnZMWFZlmW9slY732eV7wCGR4GFR7ozdvfhbO126DvlngUmMofFBeJKXafFGQ4LOyssy7Ksl9WrPCWxLMuy3lRf5IQ4ywHRgQBVmUfHV8utrOPVtQMwdgHEs+PdMjH9KLixs8KyLMt6SdkxYVmWZX2FHuVs6JR7JEiowMZRKHEGtDgj/6iOvppwVod+BSZUYGEHVKCzonJa7Dos7KywLMuyXlrv9uTEsizLerKe7IjodpjPcEB0IcFqehbe3Yfu8qpctb5qubP1qK9fnAUiViBEdx1V+uo+qDLVOnbWt1rmk+yosCzLsjLZMWFZlmU9Qo8GDGc4IHbAQhU+a92d/LPHsljN39VZg1eq9LNcDyvwYXUdu2Bj12GxO3YFkx0VlmVZ1umyY8KyLMsaY2w5I84c4+AIqNh1NnQhwg6YyNKPhM+I76afrUcCiCq+G+5AhCy8CzuO7AOLV+vsLrea90l2UliWZVlj2DFhWZZl7emsMR/OcEJk61IuhFXnQ3cbbJtdELIKNVhalZ+l7aR3dUbHd3WMB5W/2+Fn+Rl4yNbRARrqeDrbOOqsODJWhR0VlmVZ1rLsmLAsy/ohelFHxBlOiA5EyMI7YOLIOo6Wy8I7+arMM9V5wn/0lYxVaLBSTrkhVsHEjntj9ziyMtkyWfkqvcr7JDsqLMuyfobsmLAsy7KYdh0RO+BBhXddChUoWF3HGfOzoMSO02Q1fyVvRaud1V0QEeNnQIcZXwUC2bwCEhVYWV2H2g90Pii3Q+aQYNuwo8KyLMta0lc/IbEsy7JO1oIz4pmOiCNAYtWtkAGGnbJHgcTOMXbLY7ks3M3Pyh9RpzN61BWB8aNggnX2zwQTK4DhKNDoHmMWfhlHhZ0UlmVZ30t2TFiWZf1MPdIR0e1cs/CZLoYKFHSBwu5+HIEbq2VU/k4c9Sww0X2tAOO7rzx0yiiocMQVsbqOCmzs7oeKY3g6K6LDAsvaUWFZlmUdkh0TlmVZb6YHjxVxpiPiGc6Hyp2wCyiy7VX70d0GK5+VweMajXJZuopX6UfVfYrefTqfuRuyckc6+qtuiFUwkQEJdpzd/ejGV+YqLUvHfBXv5n2SHRWWZVnvJTsmLMuyvre6nc6VTm1VdqUTjvEVJ8JRoLCyjhXw8CiIMaC8infSWViVyYTlup3BTkeVlWHAgaXvgImjsKFaVxdOqLIq3F1HNVf115lfwnxA/gjpuCymYzzqItIty7Ksb6BHPQ2xLMuyDurJY0WsPHXfARE4ryDFCmxYLdtNOxKvwqw+VusR18vyqrBKe3T7oPOkXEGKLLz75P8MMHFWfBVSVPFO2erYjsxVWicdlYGJFrSwk8KyLOs1ZceEZVnWe2sVPLB4N7wLHlheB1ao+AdJ7yy7k97ZfrXcTriKK0iB4e7vYBVEVOVXO3/dDmrW6WX5Wecb47thlX8l5arldtLVOjvbZ8ekyrB8lcfmY/zzu2G/DZU+dQvlcJ3ddViWZVkvrEc/EbEsy7IKPcgZUQGLrAPM0o+AiU4c884AE9XUKd/ZfrUvKr+TzuLsfLHyQ5Rj6Ziv4ke1+mS8CyZYuVU40Ul/BJjoAomV8qvbz44ti4/mXJ2LIdLV+cd8Fe/m/ZGdFJZlWV8rOyYsy7LeQ7sdyayDWsGJ7lN+nHfBRAUaVoFDt1y2Dzjf2Va3Hqp0NVcQIltO5bN1MB0FFFWnrwMgWDrrzM7wTue5k94BCFXeVcxXgMQqyOjuU7VcVV9DlMXwgGUuEGdpqixbNq7D0MGyLOvFdfaTEMuyLEvoSc6IlQ5p9ZS9CyaqzrpK74KJR09xH7pg4isABcsfkD4g/yiYOLudsPoEfCVdPXHvdKCfASQeBSbOmDr7oPKy+qnCcY75qkwnXcW7eX9kJ4VlWdZzZMeEZVnWa6nbQaw6nNkT9arz2wmvgInY+X80ZFCA4RHbzo73TDChwtl8HExXWgUVVafuDCBRzatO8ZlgogsnVicFMq4P2Jbadvd4s3gVvkB86gJx1C2Uy+JR1Toty7KsJ+rsJyGWZVk/Xi/ujFgFE6tpZ4IJVT5bzzPBxCq42IkPkr8yH810FVeqynU7fN0n3jtAAufsyfwOiMD4M6YdMKHyVmHGqpuDla3Shphn529AWiddxbt5f2QnhWVZ1rmyY8KyLOtrpDp2RwFENc8gRTf+KOCQlWGAga2nghavBCa65wHLdOMD0jrpKn62zgISM9yNV6AB814BTKzChyuEB0k7ut0dgFHVY3YeLpB+IekdzbIXiEetrtOyLMs6QY9ueFiWZX17HXRIdDuIVbrqzLIynU7ySue76vBXzocOYDgCJnacFyvlqnqr6lqdG1VmNOO4HpbejSthuW6HbvWJdgYqVqDEmYBiNf8oEKggxC6YqOLd/d8dJ6NT16OYq7zRTFdxlfZJdlBYlmUdkx0TlmVZz9Fux1DNWdqHSO92pFV6t4O+AgAUYFgNd/JfEUxU4CELr8xHM13FUV1gMVV11o4AidX5TviVwUTlgmD5ah0dOHEEWOzUG0sfZH4d//wubzCPZVAzHcux5S5Dr8eyLMs6SQYTlmVZTZ08dsRqx7HTSWVgott5PtJBr0AAc0Y8OrwTXwUW1aTqfGyGcR5/K6uAYjd+VKtPrFeBxAx/JaDoTjsAYgVQnAUmuvDirDEtOnU+wnxAXOVHVeAC18n+B3fLqvuDnRSWZVk9GUxYlmWdK9WRWwEPVV4GIHahRDZI5EoHv4ISHUjRXYfKfycwsQInqrwBeWyO5VQctVq+Agyr5TtAYsYZYMjyqs7vu4CJKp3ld0HGCsBYARcrXxdR5+dC0uY6L1DmEvKZFIhgy1TrsizLshZkMGFZliXUcEhk+VWHUaWrzmmcV2ACl+0ONjlE2S4QYLChCyZWlt0ttwooVkFFdi6OAIkKTgzI30nv5p+l6ql296m4Sj8CJWK4AyKq/ApEnAUkVgEFQoUVMNEpq/J3wcQsk9X3CPMBcfXb2JECGJ+2j/cROygsy7K4DCYsy7L2VHXsMJ51FHcBBEvD/J3XL1ZexTgyV3Bix2Xx7mCC/Qay3wb7PbHwLpjopndVAQiV3gETLJzNWSc2Aw0Yf3Uw0QUHca4gxdF5B1h0jvU2/vkfdgbYnPkXkjbGnpNiCoEEW6a7LsuyLCvo0U9ELMuyXl5P/qqG6lCyTmjXGdGZdl7HWHE7dEFEBiNW4cbZgGIVRKyCim4c5x1AocIGE//OFZBQ+bugojsdfZXjDCDBQASDFN11HHVdrICKlWmE+RXiWA7z2BzLqbhK+yQ7KSzL+umyY8KyLKunCkp0OooqrjqqVfouiOiO77ADHCrQsJp+BqD4DmACw6MRfhUoMfVsODHD2AFl63hnMHEESFTwIUvvllXLqngV3gUV87xdIP1CykxdivjULclXy1iWZVlBZzU2LMuy3kYnjh3RARMrMCKGj0CIDphYfbViBy7sAIgzAMXZr3IcBRIKPOykD0hn4S6QOAoiVLluJ6wLKjJAsQMnYtpO+tmAYhVIVJ36M4DECpjogorVV0dWwcSuq2I0wyo+RBqGUen/xA4Ky7J+muyYsCzLule3s8Y6jmre6XzuTl33QAYfVmHBCrTYhRrZvqhj33VKPANMDJHXTWfzsZmP6ah3AhM7+WfBCZb2bDCRzbNO/wqAWI13y6pt7ToqPkgdHYEUt/HPbxx/BzENhctcQjoqW49lWdaPk8GEZVnfVl88doTqpFbx1Q50xzWQQYQMLnQhwxkgYgWOsGPsgAkFII6CCXUOR1JmNNOz+VjMV/EqvZuvVHW+VgEFxo+AiTnvAooMSKj0XTChAEQnnXXuV8DEUVDRLVM5Kth+ZMCi46TI4AWewwHhs2ACgouY9k9E3L/spLAs67vKYMKyrJ+uCkqwzh6GVcfwA8p0O7TdzrXqqHfdDB3gsAIndkCFAiRdYPFVYGIMfX7HQhiXH6ScimfhCj6sQobd5RQ0OLocy8/CnbgCE51wTLuKvGeCiQ6AUBBgF0Tslt+BIawMq0fmpKicFdm5G/9bdgIKnE8pgJEBjrOgh2VZ1ltq9+mHZVnWy+lEh0QHTLD4KpjodJCzznjmesjARBcudMtksGMXTHSARAUiuvGdKTu/YyGM8yMwgq2TlcnSn90uwI5YBSIw3gUTMaziXw0mKlDRjXfmWXjH7VCBii7QWHVWZMeT1UFWj9mE53eQ/CHiQ6RhOEv7JDsoLMv6LrJjwrKsn6aqI5Z1GnGehVen7Cl/1xmx6m7oQofVsmc4J3bmKyAigxNj/AsdMviAeaocpo8D89FMZ3kqvQsjdqFFt+O0Ayk6wIKlr8xVp1PBCgUmYl4FL3ZeSVgBEwoo7AKKM4DECphQ5TJgoQBF5aDA6ZLER5hfQhh1g/xLSB8hzdDBsqwfo2c/GbEsyzpNJ31dYwdMZJ3QFQhROSRWnARnQIQj0y4MOQNMrACJZ4EJFj4yH5vpWVmlZ7UNqk5XB1R0QYRK3wUVWfhRYOKRgGLXKXEUWByZVsFEBiqy+qsmdh4HCWfzUaSzMlR2UFiW9a6yY8KyrO+q6mlxB0ioTqLqrO5ACdaZ7nb0u53/nelXs1x3WxlIWQEQHyRewYkh5gpKZMAiS8f8AWlZPJurclU65qt4Z5mz1ek8dcBETD8LTsxwJ67ARdVxrfIQYMR5F1JcSbwLKLKO/hnOiN/NcjvbyvZBgYtYRx8w78AJdl6v45//UfzdYHzqFvJZepRah2VZ1lvrWU9FLMuyDmvTIbHTuVOdzFUw0YUPrNPeAROPBA67U3e/FajIgISCE48GE5im4mq+AinYOrrpqNX01TJHtAMmVtN3gEUXTmRzBR0w/ggwUUGJCkh0QcUqiFidzgAX3f3O6oTVdQdWxHPGzjULR1XpVdof2UFhWda7yI4Jy7K+iyoo0Xka3e2YdibWqVbwgXXezwIRq0ACy6nlKuCwCiJYuIITDD6snqcOnBiNvJ05rnc003EdTN1y1fKP0m5nSXXYVsohcFDpHQih5lVnNIMSqxODFt2w6qTvgooqHYFDF0A8GlRkYGLOL/+bf0A9qulSpI0Qr5SV767DsizrpfXohodlWda2TnBIdMBE1fHsgAn2lD6Gsw54lXcGRFgte8aUQReVvwojjoIJdV6HyB9JmZX5TlilrQIIVe6r2wOqY9XtcO0+YV4J7wKKGM4gxi6wOAImFKSogIPKP2v6DfMVaLECMTpQhoWx/li8c24HCWfzLJyl/ZEdFJZlvarsmLAs613VhRJHgER3Yh3mFRixO/0SYVamAhG74KI6rk4dqPkg6RkQWp1GkoZzlj8gXcVxmZ10VkbFq/Tdco/WKoSo0rP1VSCjk35rxGN6BTB2wQQDFSoNIUY2X+28rwCLVZhQgYrfC+taBRaqDj6gri+b52uEZSvF7ajluuuyLMt6KRlMWJb1Mvoih8QOmFCd6Q6QqDr2HciQlatARBdUHJ2quqjqsgMmFKBQ5xLTWbkh5go4jEYem7OynbhKW8k/Wv5RWu1MVeU7T5O78c6T6ypvF0ywMiw9e2K/CiYUjFDw4uypCyJYfhd6sPTquFRdVHXZgRMY31EEFpj2TwTus3ZQWJb1KjKYsCzrXdSFEl0gMcZ95zfmqQ4vgxCdTniMd4BAB0woSNFNX4EdHaDCAEtWLwpMsHrPoATms/OIv4EPiCvw0IEPFXjI8nagRJa+WuZI+bM1nwSfWV51uI7CiSxPAYxOHJe9Qrzq0FYdYczPOtUMQGRQAtO64GIVIqjy2XpWwIQqkx3fDH/8b375X9pHyK8A0gjLxnVUmv+DCCRwue66LMuyvlRf3RCxLOsH64kOCdZpHUODCdUxzqBE1kFfBREVZNgBEY8eY6KqkwpCZGBiZxoiPgYHEwPKYryCCxlUOAs4rNyzv/v9faWjVZXdARhdeKHcEYPEV8AExnemFTAR07LO+VlTBSxWQMUOzOhOVZ2oesT4GP+e73jes3PP5lk4S/sjOygsy/oq2TFhWdarqgslss5l9gS9+wSedbhxfhaI6IS7QKILIipHRXaMCspUYKICEatggp3jsRCOc8xXZTrpKq7SsvRVfXcwsaKsLm4in6VnoCLGO+kMUOD8g5TNwARL64IJBSU6YCLrnFcd+QoWdOHCSn4nvAsqrv87b/FYZ/wC9a3imB5/J1gGhXmsnFrWsizrS+WGi2VZT9MTHBLZk/IVIFFBiKNAouNy+EXiO4CiCyBWpgpIVHV3BEJUYGKIfFaGzVl4Bzxk6VVeVt737TUpWNBdbiWvAy6qJ9tszoBGF1asTggrmCuimncARXfafYWjAhMMSHS30Z1W664z4TkeJBznWThL+yM7KCzLepbcwLEs62kqwEQXSnSBRAUlVCe56lhjmZ1PdK4Ah+68Wl93H1dAhIIOLM7qvAMlxv/KsXOJaYOkYxjLDMjr5GfLdLVz//U9e087HaujICPrACpYUnUuq45oBijG+KcDzPIqOME60NckrsBEB1Ssfp1jFUxk8zNe+VBjUlQgpwOIqvObAYptOGEwYVnWs+RGjmVZD9MXOSQqMJF1mFnn+lHOCOWOOBtMVOlnOCM6UGIVSKyAiWqOv6MKKnSgQ/e3/ZX32e/aoXiFOq3qttP568QzOFHNd8FE1jlegROsA74LKM5yTGRAQrkqznZSsHrLAFAHTHQBRRbO0v7IoMKyrEfJYMKyrIfpixwSH2GuOrtZZ1o5JDKnwaozgkGJRzknVpwRGZhYgRDKIYHngJ3DjiOiCx0qaDFIWRWvyu+WeZRU5+HdOhWqDl+xblfKVFAiplWdzAxesI4sxhXEqIDFWU6KzrQKKlbBxAqcOPIlkMxBkdUjOwcjzO2gsCzr7WUwYVnWaXoRhwQDE9hBrjreXSChQEQ275Z5lGOi44zIQE3HGdFxRGRgAtOHmHegBIarPNQjnQ9HGvjuHOQ6cr4eea5XgEUGL1bgBM4rQDFG3ilW7olVJ4XqqGcA4kzHBAMPHUdFZxyLFUCRgZusvkeY20FhWdbby1/lsCzrWXqkQyLr/LJOc8chUX3FYgdAPBNMrLglMjCROSEq+MPO2a4zYmWOYRav0lfLrKrzxHxl+Uct8wp6xkOUuI3bA7Z52Vhvtk+sM7kyr0DFx/jcyc3ARefVBAYrKjBRdfKrL2ycBSZ2gMX1f/XYPZZZFuth1tkl5F0g7Uby4vm6hHDUDfJYObWsZVnWqXrGzd6yrG+qF3JIVEBi1x2hAEAXKijQUIGHI2CiCyNYPWTgRgGJI2BiwDxLj1IuhgxMVMvuaKWxfjZ46KzvjHV8hXauK49Yx275M39b6hx1nBUsveOgwPRVMKEAhXJMVPEjkOIImMB89jWPLqDYGZcic5tkdZ6dv0HCcZ6Fs7Q/soPCsqxdGUxYlrWtLxxDotMpzkAEAxMrY0ZkMKEDGo6ACXRknA0lWLqq6wkfWDnlgMB0zBvJPKoCDKu/zVWtOh6y/E7n8+z8V+88HDl/u/lnbvPR4Kv6zWQdygpOYJpyWKhOMQMRWE51uB8BJx4BJlj66qse1ZgUWZ2wul0BFYOE2RzDWdoYw2DCsqx9GUxYltXWmzkkVt0RXUdEBzpUQOIMMLECITIooepPuSWYKwLz8Byq+EjSop7lhHikC6HTuO/Cjt1yu2VWyil1z8sRN0QXDlTlqutYJ72b3y2jdKazouuoUHEGJlinuXIArMCJZ4CJClDsvB7SAROVi8IOCsuyvpUMJizLauuNHBIdKMFcEcqV0HVIPAJMPApKrAAJdR46Dokh8thcpQ2Sv5pXqergYbksrdt473Qas+Vj+pnA5Eg5paNgogsAzoARXTBxBGhg/qOA2srvJnt6nnVkO1PmpuiCirPgxCPAxKqDgu2LOoYKTthBYVnWt5DBhGVZUt/IIZENCJnBiJXXMs4EE2ybnWPqgJkKRKyACTx3WXyQ+SBxlbdzvzriGNiBDQoS7Dx93AURXaBxVv6qjjoMVl0RO/nVNaxaxy7EyNJXy6BWf5tsGQUkqngFJjqgouqYZ3CCAYCVMShWQMTK6x8KUmT7bweFZVnfVgYTlmVJbYCJCkTMuQISY/QdEjtQogMjOlAhgxI768hcG8rdseqMYOEKSmSTOn8ViFh9sp2VzbTqOOgsswMcsgb+6jp247vp3fyudqFEN30lvgsfjqxjdb9W1tHRSicy65BWoEKlsSl7ys863xmwqDry6hUKFT8CJlbX0YUUO2NRqLrOQMUgYTbHMIvfyWDCsiwlfy7UsqxPSoDEytPHFSDRBRMKPmST6ugzINBxN6wAiQ6oyKDEzqsaFZhA+JCBCXWu1PnE8AhpLBzjKx2tTsN2p/PehQgrTxG76zqyjtVyu+ln6ywQ0e34r0CFM9ex8pu/iTI756QDM3D9uP1svVknNoMTMb0CEwpSdMDEL5FevUqxCiIqQNGFG/O6fw3xa5hjOJvmdTjWFzsfQ6TH30H3t4e/HbrcbF8YUFiWhTKYsCzrqFQjXIEJBiLmPOssr0KJzB2ROSR2oUQXTBxxSnRARAUjMkcE5rHzNsS86oyNJP0IlOh0rlc69l040IEYrOHPtt+FFNn+d8LZtl9FK7+fTlitcxUkYPlqG9k6O+u6hTlbTimWuY3+fytuc2Xd3afrCkzMjnaMM1DRdVJ0pl3nxBlgovsKyK+QxsAEc06oaS4zz1esxwuEWblM8XfAfq+vdn2xLOuFZTBhWdYjX9mYczWNkYOJXRjBOvfV+A5nTJX7YgVKsOPK6iKDEV0woYDEIGE2x7AqUylrzHZdAzHcBQIZSOiCiUevIytXhVkc9Sxg0f1ddK49KtwBDCvzr1oHK4dPp3eU1S2m4e9CwRRWlgGJGEcY0QETGaRQrzrMznx0UpzhnFgFEx1owdYZIUOEFR1IMX9zsf7w3ESp89EV+53cLY/tDjsoLMsymLAsq9Luk0EFJhiIOAokMhCB4b8g7cypAhGVM6LjkFD10gEQK1BikLRu5w+1AyWqJ/1Z2azR3YECCgwcWXZnXWyuwuw4VYeDhVWZR0r9LjLQNdM6AOwIQMh+9yp+ZF0rcIIBihjv/N9WynbLxzKxLAMTg6SxKXbEO8BCQYnq1Y6Ok+IZYCJOv8YYf49798QMR+fEB+xzB1LE85SlXccxsd+nZVkWlcGEZf1AHfzaRtVRYJ3cCkxkQOIydIdddfIzOLACJv4q8tV6uk6JzCXRBRQIHFacEQo8dDtlWLarrHG64g7oQIcdqKCAwhnr2NmvOGfrzsqxsEqrOg27nYrV600Ft7qA7CiY6AKF7rqOrqMqi0+pLyItls20cl5wfWqfMjARwwgnMC1zUqy+2jGBBQKJVeeEcj/8XZTLlv8g25n3jAgoMgfF73F/f8gAhbq2sGtgdv3A3wr+DrC8HRSWZRlMWJb1SRV4wHIViGBgogMkYlr2ekMGH466I84AEx1nRAYmLiLM6lHFd4DEEGlVp7GSggoxvwMccB3ZU1iWzpa5inTVMO9ub3W/duLZNjG/G0d9FZioYFgHSnTj2XVNzTsQI1vXh0jf2S+1ntgBxXJMcZmOsvJqu6uAAmEFOimUe+Imwso5UTkpVsHEr6Jc5ZpQ645uisxBweJdB4U6F5VKEDE+/y4sy/rhMpiwrB+kxa9tsIZuDK8CCQYjKjCRdeA7rogumKgAxBmvcBwBEl2XxAqIyDo/GB6ijFLW2Kw60yyt6uRneVWnJy7DwMTqOtQyVTlcfzfemavymI56VKehex3KwENnPsM78S6AUP+jLNwBE6vrqGAGm4/xuQOJ0CCTOi+dZW7j87aq/w2DEzG+4p5gaeicwPjuKx1dMLHirGBuihiOecxRgfeGG8zZOBTZNMLy7BqFv40SXPjrHZb182QwYVkWkwIROFcNaNZRxo501QlXnfjslQ0EEl3gcCaYyBwSK69sKHjD6rcCE4OEVdoQcZWGqjq97InbKnCIZbJODYavZNkVoNCJ75bNjnEciK+Ex4F0pS6EYOnd8G68+j+sQokjQCNb1wfkre5r51hjx3RA2SHSbqIMlq/K4fZxXypAgctMaBEdFSvOiV8Qz5wTKw6KXXcEAxgRNqBz4mPcHz+6QdBBgU6K+duIzokIfSL8wXOohOe0Km9Z1g+UwYRlfWMd+NpGBSaqxrTqRCsIkUGJCkjsgInV9KMOiTOARMchwc5FBSFWwASKNSwr6MDSVAeepXWBwBEw0c3vrKu7z6qreE4AACAASURBVN16OBJnYZX26E7DKgg7C0bE+KPBRDf9CJjY3eeqHqZuJK3SzrWEle+CiZm+46DIAIVyUhx1UCinBIIJ5aBA6IDOiaxsdFAwOIG/q1tIxzrF8zFCObz+ZMLf2N1yHnvCsn6ODCYs6+eqghLZPJsUiOgAicptsOuMwPwjYEJBia92SOC5Yecspg0RV2koBhwwXgEIltZJxzQFHI6Chy6IuMJ8BVSs1MOR+SjiVWO/Ww6lfnfdckeuU9U8+6+sdPI/YL4KJI6AiwxgrFwbqmvGDeZKnTKxXIxn67pBeAz+X7mRshNa7DooVgDFDpxQTgkFKn6J+XRO4FwBCgUnGKyIgGLWVwzvwAg8v1MYtyzrh8hgwrK+oTbHkjgKJBiMqMBE9rrGGa9sVEBi5xWODpjInB9YDxmQUBCi02mJ526INBaPyhqHWQe401nudi7OABNnTdX2O2CCpatlqvSV+SjSu/lnqQIW1e/1ESBiiPCzwMSR6cj2O/Wg5jdI66g699VyO2AiwokZ7gCKGcdXITpjUOyCCQQQKr7jpIh5Ck48agyKjtjv6W55jz1hWd9XBhOW9XPEGoEXSK8ao7OjPEbviX7XHcGgRPbqRgYU/krKHQETGZBYdUkoGLECJeY5YOcopg0RV2lTqkMb46sAIqZVnfass/+ICben5kdBRqceqvramY9muopX6UoVeKjiXwUmVuDECjTI5s+EFwpidOsL07DjisKOZva7uEFclYngYYR59l+NcCLGYzqDFB8h/Gvcd+Kjc+EIoFCgIov/TdKjSwLHnYjHq+DEZdyDCkwfIRzPAb460xX+HvAag78Jy7K+qQwmLOsb6MSvbahGd0zLwETlCMgcBhmI6ICJRwGJDExkIIKlZ3WVAQl1ThBMDCg/SDoTa/R1OrSdTnOno74LJpiNeCX/0WBiF0h0gcXKfDTTVfxsvQKY2I2fAQSOgImqrMpn2+3uv0rD+QzfIK8jdc67y7HfMPv/oFsixhmkiHkRSCj3RAwfARMd50TmovhItsFABR5/3O/422KveOD1Kqv/GK5+Lyz9Nsbndo8dFJb1/jKYsKyfpawD222AK6cEAxGZO4JBipiuXtPI4p3wCphg+6qcETOujp+5IpRTIuarczMgPKBslTbV6aiuggeWV4GHFYjQAQ8sb7X82RPWy26c1fNI4gPSOukqflRnAYkZVvFXAhNHYQPLWy3f2f4g82wZVb8x7QZzparMzI9xVWbuu/rvxDESYplZD7NznoEJhBezE4+AgoGJLqSonBIVoPg1PgMLNv5EfMUjAo1LOFZ0VMzpFsrNeAZxUXjO43kZ4/N5tyzrG8tgwrLeUE/62kan0VvBiA6UUECgAhOPBBIdGKGcEhWQUGCHNewZmBhQRp1rJtUwZPFOZ7gDIc4AE5hXxc8GE2dDi6oOVZylj0Ycl++kY/5ZyjqeLD9Lx+sZi2fXudX40WkXJnTBROW8qrYxyHz1GKu6j/MYzn5n6jeQlWcdW/bbjxPCCAQTDFCwVz3QSXEUTFROiQxQoGsCHRLKZfERwggnooPiBuH4qsfKtbOjeE5j/J+IHRSW9fYymLCs76duwz9rsFeNW/U6ggIRap5NGWCYaRWQWAETEYYoF4c6RgUiMijB4qMIs3lU1nCvGucsTUGKFShxBECsQIms3FFw8cpgojsfIc4a7I8GFN3rEuZheuc6FpftpHfjR6fMGbWapq4lO3BiFVhUx5nVI+bF35X6DdxEXsxn64jLxjk6KmI4lptlr2S+AiomLIgOhQgs/h45rOg6JWL4Y3yGGZ3xJz5InnJSoIMihuO1n90PuornA6XSLct6UxlMWNYb6aSxJGa82/BWT/pZJ1xBCNbJr0BB1xFxFEhUYKLjlFB1UnUmsgY9hkdIGyQ9Kut4xnjWmV2BD7tgYsUJUQGILpg4Aj/OnlTdVueC5Y8kf4gyGGbxKr2r7rVLXbfwd8/+B/jfwbnKrzrWZ01HocERMNFZVm1nwPxIHWTnYox/O6KXEFfqXAuxLPvvxTCCCQQa7DUOBip+DT0WxW+R13FOdKFExzmhtjfXEZ0SlxCP+6scFMo5gXXNrn0jlJvCc3wj6XfL++sdlvV+MpiwrO+pqkGfNcCzhrBySDAwccQhseqIyGBFTEf4wGBJBiWOOiSwsd9trGOjLGuIq8Yda/hdRZkdKLHiNliBCWoey1UQYhU8vAuYyM4tprHlsTxTt5xS97eryqn/AyuP/yVcvkrProtnTKtgYhUyfDSWWQEVK+6KFWDB6jeek4+hO6UxfIP4gHKYP+MxL/5PMH4l5VYdFBFIzE48OigUmIhuii6U+EXiOJ5EdFRg2gfkxTTlnJhzdFDMeov3mVn2BnmV4nkYELYs65vIYMKyXlgPGEui0/CuYEQMY6dddfC7IGLVEdEdW2IFTCj3RwYkug3+2PAe4/P5YHMMR7GGWdZBxXkFJrrwoQsZVqBDVQbL7rgrdoHEUVCh6hrT1bkZkIblWP5IynXiZ0tduzDO0tX1TeWr/1l1PVTp3anbie/CBJWP1+dsHdl1qrvdzjF089i5GSSeQQiUWl9WvgP55jTLrzgo0B2hHBQIJtC50HFQqHl0T1SOCgQVDEbEcDzuzhgUnWvhZfDzgYrlY/yfiMeesKy3kcGEZb2vqoZ81hCPHWTWiGQN1MwhoZwRDAB0oMJqXIU/yLxySijosgolYn3G+mdhNl+V6piOcdwZsfIqRAUIusCBwYaVZb87mNidjyId1S1Xqfv7rjqpO3P1f2P/yU56d3oWmOjMM+DcmVdp2fXvmuSz+r6RtPG/5RWgWL1uZuXnPsxrd/zfXUM+gxNzjtexmI7x6JyIzgY2WOWKgwLdEhjHsSj+hu0qQHEN4Vg2OiaYgyKGGaSI19dZRikCIixbLWtZ1ovKYMKyXlCbY0msNMyrRiXrgLNO++rrGivOiF040QUTLKzAhKqTqgMy82K9Y3iEtEHSo1TnMoZZ57XrjOh0xBWYqOBDF0RUTohXAhTd+lN1XqVjPqavzMdm+qOlfvfd9JU56+xmHeRuescRkAGGCjhU+RWQUFAiu65lcENdAxWYqOopq794rgbEs2vlbvlZhv1HB8TnhB3k2XlX1ywFKhSgYODjI+QrQPGxEWdf52DjUMTfDcKJy/jsnJjTLeSPkBavnWPc1/dlfD4HSrPMhaT9E/HYE5b1sjKYsKz3FnZwuw1v1WhUICIDE10ooV7DiHMFH7owIwMR6rUN5ozANNUwzxrWrO7xvKCyhnPWoVRQotsRxk76GHmnfdUBsQomzlznTwcTO+HRSN+V+o3jdawbXpl3r4+r6a8IJlZgw2rZzj7gNZMdwxj3He0KTtwg/ZaEB1mOKcuPefM/+DH0fxfLVQ6K3xBHQBHhRAQAHQfFDpSIrgkEDsw5oeDEZXDnBDooZn2hc4LVbSY8fwYOlvWmMpiwrBfQiWNJZI3nrKG8CySq1zUqMNF1Rpz96kYFJlQDXHUYqk4MO2fZOWcNq6wD2gUTWQe6AhPKydCBBd30I+vamStQUYGGLqjYBRSjmZ7NR4ivwAi2/JlS1zKVpq5xmN+Zq/9jde1U6d3ra5V+BohYhQkZdO0u00nPjmUkx965zo4iXGml7CyX/ZcvIn6BMIMWDFBcx+dXOzoOil0oEV/pQNgQ158NmBnDl6GdE5eQP0K4c/+KZS4hPMb9ucS0u2uZx56wrNeTwYRlvb52GuKdxnLVKGWdduU8qF7VqKBDxynRBRLKsYHHkwGJqlEd01mdZ+cHw6isE5l1WrsNOgUasnAXHlQwocrrwovKSXFL4q8GJlRaJz3GB6Rl5XbjZ0ld0zrxS5KflWP/UZXeSetMZ4MJ1eFfARMVXOjkr25D7V8VrpwU2flBMBAVO6rqWqyWxTz2H72Oz9uPx6OufQw4oIui46DIIMSvIh9BA4IKLJfBCQQUc6pe8ZjzWU+Z8BxhvcdrGMYty3oxGUxY1hfqgWNJdBrLGZBAEKHCmYuhev2iE2bxVTDxQeYYrhrtWV2yuo/C88TUgREx3oUQHdjQ6cB33Q1Z+iqI2HVMZJAiO75nAwlM3wmz+ICymIZhFq/Sj6p73UOAgGFWHsvh9XE1XHWAV665VfpKB77T8T8LRFSAIkvvXlsZcMnqoJrwfN5CmlL2+1NlO1BxdognPEBYwa5bCCYUoMi+3sGgA36tg0GKDrxAQIJ5eF7jl0fG+Hy+0Dkx65DVsbqWZmLn/245jz1hWV8vgwnLeg9VDe6Y1mn8dqcVh0TmdlDuh6Nwgu2Pgil4XLtQYozPQEKdkyHiUdiJPANEsM501YmvOvid+AqIqJZbARWd4+nUySPAhDpvQ+Rj+hi8oT5C+CiYWEk7Q+z/UKXtgok4/xDprEOL6UfgxBlgIsvvgIpVELECH6q8LN45ntiJX4ET6rwyTXigyrB8jEcAMcb9//YW8hAkxOsbAoaYNuEAAxQfYX4d/7oj2CdC2bgSnTC+qjHzuw6KCCyyewDCCrwGd8XOl2VZLyyDCct6or5oLImq0cde18BOfQYjum6Ildc4MgdGBSbwGBiMqBrIWYdiDA4m4nlS5znr/GEnNYYrMKE62DvQgQGBCibsll0BEWeAiQpQHAEQzwQTKlwBiWxZpmeCCZbXhRXqOonhrwITXWCxAyQqMHE2qFgBFJ2yarsVvOjUW3beRphX6oKNMTQoZP/xCDsioGDQIkKKmJ85KCKwiI6H6JZgY0yodAYt5jYikFh1UOB5GZAWr8msPlXdjpDGAAWW+SfisScs68tkMGFZr6MKSnQazR0gwSbswK9Aia77IRs7ooITCoao/cyOL2vsZg1b1sDFc5Upe6pdQYlsyjrfWcd/BUCswobdZTr7UIGKrwYTY9yDBHU+h8gbybKDlMFw9jtjqvKfparzp/K7UKL6/3bABC6LgPIrwUSng9+JPwJIVMtkwKKCE9iJ71zDY4cXw1PYke1Cibi+j5Aep4uIs+OJsCJzUCCkiEDi75COr2R8JGks/WN8dkHEMJbtDpB5JfFLiM96nPOZpoTnDOs5Xu8wblnWF8lgwrKeoC8cS6LTiFROAzYpJ0MFIRSIUGUyAFK5I5hbgtXDUSDRARPZk+lOp1V1lFnHGTvrVQf+VaYOMHk0mFCw55lgAsuz5UeSP5JyK/lYTsVXpYBCVX4HVCgwofK711osfzaYOBNQqOtcFwC8ypQdV0ybHc7r0PWLcTx3I6wnU/XbjOVuEGYTdpjjXMGKCSliHcwy6jUPTGPwIaahSwLzMhdF9XpHPLZ4LNkXPOI5Hkl94nU2Uzw/mPZPxGNPWNbTZDBhWa+lbqO5auR2GpidVzaUMyJzPazAie6gmZVTAkHEjkMi62TE+sewUtWhHKPfwELYoDrZrwgifkN8dX/OBhIrcGIk86whrICEiq/Mcf0sD1VBhlVIsatuh68bxzR17Yx5K/OsA6vysNxHMu9ex3fAxCqgqMBAdm19BVDB6uoK6behzxWeMwUoLkmeKofAQcFMBiYYlJhx9lWOOEcYoMakwDEoImRA6IB5LC2ul41DwSBFBErXwQHFvPaOEMfrdUd4/gwcLOtFZDBhWQ/UglNCdX6rhq9qtGYNUOWOiGH1RY1dINEd5LILJhSQwDirD9bgV2AiOzdMrIOYPRVXndzqCX8HPqiOPIMFXaiwW2YFQFTxFUCB0KaCPkfARJaGeZi+Mj8aHo30bv6uVgEFS98NnwEoMD1LOwImFJDogIqqI1/Fd6cOuOjCDXUtz8AE5kU4gWCC1XUUS2Ni94iqPF4PRogzQBH3PR4X+yrHnKNzIgMTyjmROSRUmhp/AseeQOiAYQUoYn3M63esvwwYX0J4jPtzhml31z87Jyzr8TKYsKznq2p0Vw3gqtHaaeSpjn6EA52vbWQQYgVOZK9rHIUSqmHPQEQFJDJ1QETWcGIdZRZecR+o/B3gUC2zCyi6x5CBGVVPWb0OUmZ1wnOq4kOUGaRMNlflMT0Lo54NJ3ahBOZloFD9d7swYobxGoxlFZTA+OrE4EUFJeK1n4U794gjgKKCDdm1enWdq8eAHfbYAWZwAgFGTENleVhOLXv7337E68J13K97ztnxxGsvAoesntgYFB8hDcMfSRrbXoyzsScuouyEEdFNgYBiXsPHuL8exnQmPFexflEq3bKsB8lgwrJO1OJXN1h4p2FbNdjYKw7d1zU6r2EwINFxSKyACbbvVaNWNd4zMIHnIs6jWGNFdUQ7YIJ1plmHO+vUz3AGCFQeS++WPcsxoUBElq7q6lFgAs+hinfSh4hj2ZHks3j226zSmJ4NJrJyVZoCERjPwEUGJ2LaI0HFCphgUCIDE1X60akLIFj6EXihwEx1T7iSNDaxc1pppRxeL0aIM0CB8CReKxFaxLrK3BPs1Y7KQcGcExmoYGXY1zvicWWAItbFvK53r+WxnvFczTKf4IS/2mFZj5PBhGU9T10oUTVkVYP0CJConBErjoiuQ2J1LAk8jlUgwUBEBiQwrFQ9Ee90flfdAdV0BECo+FmgQgGHDnRBuJBBHQV/jkx4bjP4wPJxeRbPymH+Spytf6X8o1VBhdXyWVx1LjMwEePqmqGu4Zi3Mym4imF17VvtvFfldkFEVX4FTsxOcgUv1LHP+ezEY2dfnYdYDju1nd8t6wjHvFvYTryPMDAx959NMx/HomBTNfZE5qDI1sniOPZE9htjUAIBxQQSU3jd7yjW60jClmU9UAYTlnWCNr660QUTWWO0ajQyh0HlkGBOiVUQsQokGJhgDdnMKaEanVhvqp7ZPKp6Qs06ohmYOANCxDIVNMjgwS6IeJZTAoED1ucZYIKduww6dIAEW2Yk8ZVwJ47puw3rsxvkHdiXLde91lZgohNW8c48u86oKctfBRMMSrD7RedesjNVELkCFZmjYs6x48te5evCiiukqTqfwjQFG6Kq33Asl0FNBigYpIjHxb7iwRwUDExUDgo1qbEnGIxQY09E+HAZ/wKJIcrNOpnX+1hvq7BiLju3hWn/RDz2hGWdJoMJy3quqsZtNq0CiU7joQIIR8BEB0RkUKLrlFANSQYisvrHMJPqXF4hLesUV1BCwYndVzS64AHTu06ILqjA41HwBSGEqq+sbs+CEoOEsfwg5brxAWmddBVfSdsp8wx1oAUr00lT8U56BimyuLrGY5kjcEIBis59Q8EKVfYMEKHKdwFFBqgrd0V1PNiZj7Bilo8gAM8b5rNOLSrCBZV3C+uO95y4LO53nGY+OieU2wQHr8wARWdS21HOCXZuokOierUj3o/nPMIIrEumeE5e5fpoWd9eBhOWdUAHv7ox46oxmjUwO0CCgQn2BYxqPIidadUh0YESalINdgYm2Llg5zDrLLKwAhMVhFCd8+7UhQwZeFgFFx1Q0pkyUFHVXQUdFIhg5yjLGySM8x0YodY1RNlOXKV18o6UPaIOiOiUPQImMF4ByxVIsQImWFqVp657FZhg95NVEFFN3Vc0usCiA6ozONJ95QOPPcKJCAHYOZpivwGmTpmZn8HQC5mzzvqshxmuoEHHQbHinFDnJOYzN4U6nh1AEe8RSrGOLySdAgs7JyzruAwmLOt8VbCCNTRjfBVIxEaZAhIMTGROiEeAiS6UqBqYqtHCQETWScDwVNaRxMZh9iS+ghIVmOiOB9F1PuyCiQpArACK6vgRKlxJvAMgWLo6hyqfxbH8gLKdeRSuC9fZje+mK70imMjKd9Or+EzLQEd3ztaVwQYs34ETqtOm7iEIItT95QikqEDyqlOiO++ss7ufeLxXMcd6j+Bihqdm/gjpWCaWU7/Bec34GPfXjyssG89vvMZGOHEJ8eycVQ6K3ek32QaLs98fQolZPwpizPqe4Q+IK0Xgg1LplmVtymDCshb0pK9usEYlazSxBlrllDjbGXH01Q21/9mEjekMTGDd43mZqmBEDGdgIutc74CILmw4AiR2X/VYmVaAhAIRDDYoMMEmdQ4rMIFlWBzLsjmWy8IqrWoEH81/trr7Q59Qkvxq+ax8de3GeHVdUVAClzkCJrr3EHatZGDiTEDRhQVngQl2/8ggRjY+RQYqZkf1Cnl4rrJzqNQpM/MraIqwhHXWI2SJ9fFr8HEnjjonKicFuiXimBPsNz2PI4bjGBSDlJ31hIBCQeJZHs9JrOe75fzVDsval8GEZZ2nLpRQjUzV2e42+lZdEs8CE2pfOk+6OkCCTVjv7LxMZR3JbqcXO9ssrZoyhwSbI5RQ8bMBxc7UARMMNDBYwep+kPlRCJH9HobIw3AFFlS5qrxSpwH8bo3kTw1/UWYlX5XPIENVLgt37wcqPYMVH2ReAQsGvxmcOANM7IKKVRDRua9k95krSavuRXOZ27ivPwUDKijBOsAqPebdwn7cYJm4b+r6PPNxDAp13s92TuCETgoGK2LZWbe/YR6PrwIUlWJ9jiRsWdYBGUxYVkMP+OpGp9GoGgU7DomuS+I/SV4GIrpgQjkl8NhYA5jVVQdIZDAihrMOahdIKEDxu0jDeAcidCDFCqCogMQRp4SqIwUfMhBxJpjAuQISuCyLZ+ldwLCa3s3fLfsuih2ETj7WQZWexbv3gAxuVNevs8BEB1So+1CWvgIkzgAUKpyVqwAFdsa7Doq4HAKKaqqU3cOwHLs2jrBPDJbM/Z+d9dnRj7AiAgDmomBgouuYUPU7YYQCEqtf78C6YoBCTZXYteduOY89YVl9GUxY1rnqNDA7QCLekNkNPN7YM2fC6qsbR8DEUSiRNf4yIIH1zuo+KuuYznkFIjpQQk27QALDXXixCyZ2YUQGaDpQogMnxug3KhVwUOc9po2kbKccpqt4J2+3UXv2+p6lLiyIyo7pIvJVOttWBhey9E65ahl1zbuS+Rj/gorqvsOuqx1IvgMn2D1tF0zsgItsmd+QhvEMmiPUuIayFahQijBBpWf5scw1xBmUmL+bCCcYcGAAAaFBZ7mV35ACEmr5CDXQOTHvaVhf8T7UVaz7V7+WWtbbyGDCshI94KsbqoHSuVGrRhYbwyFzM6yACMyvHBIKSLAGZdXYyxrMWYOenYfs6fcKkFAugAxIdBwJK3BhBTw8C0xkgOZG4rtAogsmBsy7YCLOVVonXcWz9KpxezT/3bQKVLJOXmc7neWxrFq2CyxY2gqYwPSYX4GJrNOcgYnsftWFFY8CE93wCqDAzrqC6bdQFuHE7MSuAoq5bIzHeVY+AooRwpdxv08KVuBcndtZL3+TtKwNg2mZkwIdFGwe6xGBC4MRMX/WT6wnvCdFsXMS0ymwsHPCsmoZTFjWuipYoRqSWSebNe6Yq+CvwW/mGZDInBJngImOU0Idj2rUVo04bMx1OyXq6XgGIzogIsbPcERkUOJsMJFBiB0wUYEcVrcD5hmQ6KSPJB3z2FyVq9KzspWydR7Rd2sEq//6LrjJrh1sGdZZxHIrYIKlV3CCpWH8KtJZZ3TAvOoEZuBiFUzsAIoMTHTSO2DjN8wROLD9xuOfZScEiDBA3d+YOvc3XH/8Tc59iHAi/j4QSjAwwY4djxu/3qEgRvU7yfKjS0MBijjuxLyvREiBbQcEFAgjPiAeFc8tSqVbliVkMGFZRE2nBAt3G4KsUZc14qI7IqapVyhWX9XovsKRbWsXSCgwUQGJDExkHcmqo6uABMKIaurCh44TYhdQHAUTXSDB6obVqXJIDJh3wcQQ8yp/NPJW46sd49UGqyr/0xq+1fGudu7UuVfwQJ1Htn7MU2UrIKHyFKhQ+atgQt2zYjq7hncBxaPBxE4822bsnGNcTREGzPkHhNX9LYMVo8ib+epaykAG+33M41NjTyB0wNctYv39TdKUU+IsB0W8r0znRMxDQDPvP2Pc358+Rn4NVm2QT3DCzgnL0jKYsKy+ulBCNQTVDTRroEUgwW7kZ40hsQMmKqdEBSXw2LGeVH1i/WfCjmM2IZBYhRKdVzT+JulngIgMTGD4UVBC1RsLDzKvzo8CD0Pkj2Q+mvnZMqrcbmNzFWxYXLv11IWb1XJYFjsm7ClqB0yofBaO8QpM4JPx2BGbc3ZtZjD5UXCCgYNHgQm27r/GZwcFvtpRgfcIMSLMUIACFX83nftfhA2YhtdQBibmfs4pwgfliJjLoXMCx6BQk/rNZL+lzEEx9+Ey7qFEdFQwsfuCckzEZfAcSThhWRaXwYRljfHVX91gjTPWMFJAooIRK0DiP2KdLB63XzXsssaGavBmQKLbiVAd2gxIsA62ghCrDokKTCjgcMYrHVcR34ERHTCR1fEg8y6IYPMMUgzI76SzPJXebXAeBRfVflj3qq4RqAo8dDsxVacxK4d5K2AC4xkwx3QGgiswEdMqMLEDKfBemAGJHfCQpeO60SXBHBTMOcHuf7EDG6GEAhTq/DFVedhRZtfQS8jvgCz8LSgY0YUTqs2QtSUyBwXWX9x/dFDEY5z1gnN2j8rE/u+3MT63O+2gsCyDCctaVdZJXgESsaFWPRU6AiQeASbY/lSNxg6QyBpiVWN/inVQu0CCgQgGJrJXIapXM6r0M8FE5pQ40yGh4A6GOxOet0HCK3NcfkA6ll3JV+V38x+17E8Vq7PudaRaD9NcdwWuMiAx82PnFZfFDmZ3riCGut5WHdAsXN3zVsBEdo98JJiI+b8h/TcJI5iYaR23YMdBwc5fF4Zl+XOb8TcX53P/4hR/F+w4ZvrZX+vo/IaysScu495BgWlYT+y+Ujkn4rLqmmBZlpDBhPWj9YCvbnQba6rxpRpM3bEkFGjoxrsOiayBVwEJ1ahlDWRV99kT8Ozphuo4KxDRdUasgolVULHy6oZ6ZSN7lSNzRmRgooIRCkzg+VHxkaRl8264E0etll8ttyw/aftHyfX8T5FHbv5/c3XvwHJVp1Llx/RdQMHSMsCO6RWY6N77qo4mAxAKVKw4KKqpCyyye1/lpIjXuwuEO4BC7yr0QAAAIABJREFUtUmi8J7JfpvZ9XkCiFk2TgxcxXAEBRWYQNjEzh8796peMjjGjiHCiQH5sy5wnkEKBI2YToGFx56wLIMJy1pRt0GnbohZwyvegP8K81WnxCPABAMkWWOwegqyCiQwjKpABOtAV53vrDOfvTbxN5TpTkfAhEqr3B1dZ0RM74KHyikxRHgVQKwACUxbBRCr+btlrdcU69ipcmOIzkeQys+AhYISO4AC5xmcwLT4tHzVUaHuBxWYyO4zrBP7SDCBZdUYFNFJEfftJuoi5l+gbAYn5vnJfqNZPgKKGY/n9jb49uNvQYGH6jWOuZz6Lez8dpRzIq4DoQtzUyhAEcFTpliflmUVMpiwfqQOOCWyxlvVEMueFGRgInMxKNDQBRBnv7pRNSpYHVWN5jHyp9S7QIKBiawD33Et7IKJM5wSuyBCQRlWX10w0QESClCszAeJr0CKal2ZDjc0/WTsXJ1Vn8n94czzpQAEAosMVHTXvQooYji73zEoUYEJ1alk90vs6Fag4mznRBdMIHyYefPaGwHFB4RnebxWXsg8AxQIKpg6+ez6zDrx6reQ/SZYOwAhgmpLoFNC/SawjvA3F+vpGuYRTqjjjOUnNJp1FOsMhUAohZd2Tlg/WQYTlvWvulAia6h1aL5qODE3gnJGzLxHgAnm0MieKmWNhgxGsMYUgxIo1knNOsqs482gRNchseN0eASYwH1bBRMKRGRQYgdGnA0iOnCCxXfTj5a1fqawM5KVG0N0UkT6jaRfoAx2bOO6joKKaoodvaqjmIGJqhPK7j9nOie60+8ifoW0K+zjTRx77ABfQjnW7pi6hfTsN8jAB2puG39juO1534jnPnsgM/PVGBTVb6GCWgp6YL1FhwTWzcxTmvfCefyVGGyK2/M9xbKGwYT1w9R0SlSNtRmuGl1qUg0l9epGNlVgovsZ0Mop0QESqvGQgQlV91NVx5RBCAxnMGLHIbEDJv5ulqvWq4CJgiqrDgkGJFbABJ6XLD4a8xHiqyCiCyq6+VJ+svW9tHs+yf3ljN8FQoUzll8BFR0wj3F2T8zARMzLQEXmoFBwIgMSq6Aiuy921rvioIjQInZmZzjWGzsfFZQYRX4FlRF+IJRCOKXOZYQT+HWNLqTq/HbiutnvMh7T3PeOe4Ld5zCvAhyzzN31ws4J6yfKYMKyOHBg8W4DjIEI1WBi7ggGJCqHxBlgonJKVEACj1/Vk4ISqKzTmgEJBiXUtOOQWIUMZ4EJ5ohQDomYxuqBARsFdo5CiSHKjCQ+IC1Lx/xu+moZy3qkso7kzB+hTBe0MSAx0/Hp7UXEWTimZffG2enGTh+D1itPw6czgd1rs/kRMIFOiC7MOMtBcQt5cx7PI+tsT+H5rqAE5jNIggCCAQoGlPBcdj8lqn4Lnd9M1l7D3y8Cid+D1+kY3DWR/Y/H+Fy/Ek5Y1k+TwYT1rbUwlsRMy6BEdnNThF81imK8GkviCIiowATbbscpkTUcWAMpa9RGZR1U1SFmHWvshCtnxI5DogMZsEwXTOC22X5VQKIzxXpTMGIFQmRAYkBeJz5OiKPaDT4/obJ2tPq7WXRYdIHEankFPFicXcNjnrres86rul9Unc45ocsgdoArMJHdjzOnBAKGjoPimqy/clDg/RbLIZCozoUSy4+d59lhZtf6CCkyQKEABp7rrC2FdXIp0nE7cWKveOAycZ8nnBiDH+OsM3V/xDqt/nd/0vA64fuT9Z1lMGFZ/2in0VU1nlSj6K//xfHVDQYLjjokMjDBHBJxn+Y+4k1/hrNGZAUkMmVAYoz6tQPmDFDOCOaU6ICICjTsgAkFJSogoeAEggeWpyDEKpQYJJzNu2WiVtNXy1jWKyt7yj3zx/jc0emWZ9tgnc8h5up+ydJmZ+4jhOe9Ax0V6km46sBGJ8WKgyKDE8opUTkomFtCOSgijLjCPIIIBmXQxYCd7QgOUOo3pcrG6/48dwiv4rn8PT6fY3Ve57xyUHTXw/JVO46lRRdErBNVZ/PeOY9dlVH/Od+nrB8vgwnrW+rAVzdiOmtUMbpekX3WWIlgInNKdMFD9xUOto3MITH3tZpUHbE6Zg1fjGedYvbEX4GJDEZU7ogVMKHAw85rH10gseqQUPMMSFTnogsmBikzGmWzeJUu5SdO1iuo+h0+aMyKP5sv1imf4A5+Te9ACszDzmp8Qt3paLIpdtp3AEUHQHQdFFeyrsxBEfMZnJhgYoYREsx8PA/sXIywDKp6eBABxYDtR/DEtj3T0UGB5ywbbyKmKadEBS4qeDb3Meb9hvphsG3Wx5zfxn1dRMW6z/5nd+fIY09Y31kGE5alG1kYr258zHaZ2UIZJFgBEyycgQkGQVhjijXYVKNQ3ehZo2hAGkp1hGNDhjklqmnFGbELIs4AE2c6JCpnhHJExHR2LjKXA0KHCjicAR7cMLOseylnRddRkQGJmR47ojPtAnkxHctg2o3kxw76nGeAQkGLXQfFCqhQ6R23xEzDvHkNzxwUOCGo+IAwE56zLJ+Vw+3OZXCa53B27uP5zB5yTEiRnesKRFTlEIQwEBF/s5iOdRLvcZWDIi6jQJFl/RgZTFjfSic6JdSNNbuxdRs5K2NJdBwRKpy9wsGABAMTmUOCgQmsQ1X/rHOqnswjmMg64llHvuOMqMDELqA4CibOcEhkQCKb8NyMxlylZfHDjgg/QbK+k7q/55OdFRW4kLsxPt9X2X0hhjMwMeEE3mMe7aDYARPooFDxzEGx4qRgbY7MQaHqXXWsRyg/kvxYjt0f8FzG8leYq7aWAgcdKIVtGdVuydp78TgG7O8EFAPKMefEnCPAHxC/kHT6n7RzwvqOMpiwfrJUI0rdpCqnBHMZKBBQjQPRBRO7Y0qoiR1PdvyscZM1dMboPXVXnemOOyLr5CtXAwIJBSfOBBNsfxVQqZwRlUNiFUyMZniMz+exm67i3TzLstZVOSqOrPMMJwWbIrjoOihUpzUCgwgqEDgcARUsXo03MY/rr6Gv7wgwJuiYAEI5KD7CHNs1KDyPFbRAzW2NwX8H0TlxCfNOu6t7jrP2SgW2VHsmgxHxeKKwHirXxCwb/0OW9aNkMGF9Cx1wSqgbELuBq5ufasREMFE5JHaBxOrnQBkkQZhSNQBYHam6nco6ssoloebMIaHARGeqwAQLn+GUUDBixSWBddKBO5kbYgVGnA0i7IywrA2p/0NyX2Tl6VPZRPg0V6V3nRRZhxAhxBXCeG/OOrJz2QglrhDfBROZUwLT0EERwUO2LYQRET7ENolyUMR6ZPWfCe/prH2F9w0GlmL5eA7ZeVRtMgUxVoCEWm9cF/t6R9z335CGxzXGv+d21km8LzNh3do5Yf0YGUxY31ldKJE1kDIoUdlAzxhL4gwwUTkl4jF0nBKqIcnqOCoDEmNoCJE5BFinvuOQUPEukDjjc6DKFdEBE6qeVpwS8Vww62nljFAgAsureDfPsqzHq3JSYKcI4wxUrDopPiBflUU4EePVE3EGKiKUmABhB1Io50SEElUYwUTHQTGXiU4J5aC4hPzoooj57HegIASew6kITTrOCQYpVoDTUTBRgY+snfg75LG6GuP+fI2k3JT67wwSt6xvI4MJ663VdEpguAIReJNSN7+qwXLmWBJnOSUUmOi4JNiNW9V19jRdPaHPOt0KSKy6Izpg4hFAInNJrICJzE2SOSMyV8SsezxPA8oOUQbTu3EpP/mxrON68lc/1LUf1x3LqY5cB0zETixzUnQBxZWEd90TyjlRAQp0TjCHROagQDgxgQNzTsQn9xEEYd3jOcCOMS43IF/db+K5Y9tEMJG1zTrlzgYUmduEAQo8tlkPqk3EFP8r8X9k54T17WQwYX1HVVCiAhNVg0Y5Jdh4EhWQmOEzwQSDIswhgcfBjjW7QWP9KlVQAjvWnanjjIjw4DpyyFDldcafuJJ5xy2xMmGddZ0R2CDKAETliGAuCpWfpVmW9T7Cp+LKOTHTKocUPg2OHTd2nx7js6OCAYv4ZHrOu2Di97i/z0cHBLohPsY/91acY9kIIX6Pz1DiN4nH+/YV8jIHxRWWUc6J6KCI7olZT0zsfFXlouL2VLuLOSiqNsnZzokOABkiLdbBIOlT816NDopMDEhU/zPLejsZTFhvqQWnRAdSKCiROSVYJ19BAQUm/iPCZ726odwSEUZ0bugKRrAbMuvMVk/u0Q3QdUgwKFFBA4QPXQDBBr7cARMMSDzaITFGD0wMkXYGmKDykx3L+jqdNDbFWUIHRXafycAEgo6PkIaOiswJGTuO6KBgZeY8c1FcIZ4BC4QM2TYQVkQnBT5EUfeJCCWqBxIolo7nk92X4npXHBSVk1O16bpgInNFqO3GsnOff4t1zGOt4ATCP5Vn54T1bWQwYX0nVVCie6OpGiw7r26or2fM+X9F+o5TgrkkulCi86QA6xqlnsYrhwQDEqwjvwolus6II69yIHhAIIHhFadEBSUyMDEa4Qo8ZECCxVWaZVnfV+zpeEzLnBVqXRE0xPTMUaFABYMH6JRQDgqMx2s4woKPkM7aBpkzAoHFjP8Fc3RQxPuFghPKQYGQYkKJGY7tokwZrMicFdNBMcuqCR0Uq+22FTDB9iVzawwRnkCiqqMx1pwT6r/0CU5Y1rvKYMJ6Kx1wSqhGDKPkqvOeAQmEE6tjSXTBRMcpkb2PunLjZjdgrO+sU5s5JDJ3RAYkqlc2OmDib5JXzTNHRgdMdIEEq58OiFgFE9l8bMY/yU9sLOv99OSxKaqnwlkHMIYVmIjx+SQboUPWsY1uiQkHYnsgricbByIuX73KgU6KK1kXAxTZtiOA+EXCEcBEOKHqeKazc1/BCgXHFXxgrgnWbusCjAxMZO2hqi4yuMLKTOF9GiFFB/R9Ohd2TljvKIMJ6zsogxA479yosAOvnBLMpVC5JB4BJhiQmO+8Vk6Jzo0d61jpiENCOSWY8yADEtUYEeiUWHFL4GsbDEzsAgmEEB2HxBj/NmAUlIgNEhYfkNaJqzTLsqwpfFqedahiPFsP68AihBjj89NvBirik+oMTCDEiHN0TrAHAdHtEOFD9ipHBBIILq6kjHqlg00RVkQIMcPooqgcFLF+M6ly0TmRAQpMx/bKGc6JkeRfYP3VPqo6YIrHrxwU7P9UwgnLejcZTFhvIfKEhl3g2Q0BbxjZTYY5JDpOia5LIsKJVTBROSXYviGMUGCC3egHmccw69R2HRIKTKhOfRdGMPDQcUpUY0lUYKICEgxMYB0oGJE5JMbIwcSAtCHCdkZYltXWwtgUZ14XGMhgHdaoDExcxr1jAl0Dql1QAYoIIWZ+5p7IXuVQoIK98vGLbEuBiuiYQOcETpdQJnMHMKmO8wXi8V7Ezhfb7pWkZQ9YqgdSCkyo9qOqhyw/Oiei4n18xiMoYpBiitXxXTk7J6x3ksGE9V2kOtQxXUEJbICgw0C9soFzBBDKKcHCCkzEMIMgCCKYU6J6gpA1MliDg3V+51w95Ved8iMOiY474kynhJrwWFjaDpTARglCCBXOzk+UnRGWZT1bXSdFtQx2cmM6dlrHuO94xo4vAw0MRMT4L7Hc7/H5YQbCgggSEGYgfKicE+iaiOue6ZmLIh5PdE5ESBHhATpRYod+hDx1fjA/Ch0bTKyTXzk+VwDFSNbTBTNVm2qM+/VExeOOMII5KOIy2X/Hst5KBhPWS6o5lkSMs/TODYlN1asbmUtiBUZkYCJzS2SvbmROiXjMFf3H+s2exGcOCeaUyDrzOw6JzAVxplOCAYkKTGRQogISO2CiMx8iXqX7iYtlWVKbToozOlXMPYHhKGwTYEca3RMZrGBAA50TatyHo84J5ZqIsCJuCyFFBBAzHl0Us/0wxv09KeuoYz2zc60UIQiuN9ZrTMf7I2vvqYcxA8oNKFOF2T7+LdYfw+icwGOZivf/eV4wfwoBXUy7c078WcD3c+sFZTBhfQchnFgh5ApIMKcEuhYyp0T2qkYHWGRAgjkl2LutyiHBnggMCGdiT+YzIMGmLpDIAETlkGBwYuXzoBmMQLdE5pDIQEQFJrC+2RMlFh8iDcMoN1Qsy3qm2NPzmT7GfecKO7pqPaxjex33nT/WRsgABcIJ5aD4GPevdjBIMcvuOCcUlLjCNhGC/DXy+3L2esdHSEfnxJyjc2JAGSWVHzvi2GmP52x28tFBodo37AFNBA0ZjMD1sPYU20dso+KxqzqI93LlmIhls/+HZb2FDCasl9IDnBLq9Y0ZZs6C1bEkmFPiCJjIxpJQTokIJNRYEplTQtWp6uSqJ/s7QCJ29qsva6w4JCpgUTkxFJBQTolsQqcE1lkGH7I0PE9j6HOGKhswfqJiWdZR4XWkORYFQoauFNDIOqoKTEyYoZwTLD2OLRHhAt4vItRAZ0PmnIiwYtVBcYV1snvSB8zV2BMKUHQecGAbg7Xj8H6H61fnMnNOZA+sFIxAMNFxnKJzgrWxIlTB9Fg3Y9z/XpiWnBN/Mj32hPWCMpiw3lnqYq8m7Kgzh0THKaHGkcB5NYYEwghcB3NnrAIJtC9mdH9A2hQ2DlSnuuqcZ538FSjRfWWjM97EnF/J9jMwsQMlMhAxGxwZlBgkHOejGVdplmVZryLWYWWuiGwZLM8gRLwXfoi8jnMCHRT4mgdCCgYjposCwYICEPG+VDkocMwJhBPs9Y8IILqAAjvyI+RlEELlx3pU963YfsmcE+ohVRdg4HpHsly1n530eLwVnIjLzLq0rLeTwYT1EjrglMiINSPeamLvgVZOieprG53BLTtOCXRJKDCx+upGrFPV2FNP7VlnGzviyhWBT3+UW2EVSHTBBNuOAhOZyyOGEcyw+sicERmYGElanA8Rr9L9xMSyrKfpC8aiYIBirpNBepyw4xyv2+x+iw6K67jvWOKrHb8gP8IBdEjEMIsrBwUDFuieiPnKRTHzYt3OKbY3WP2qDjN7yh/T42skuN44XSGMZavXLti+x/M6yDoUqFD7OUj+hCl4/Agh2MMhJgbo4nbtnLBeVgYT1jsqu+llcILBiM6rG2wsCTUuRAYkVHkEHWc4JTLyjzdkJQUlFJBQLgkGIjIo0QUTGZzInBLMnVE5JZRDgoGJzCExGxI4r1wSbJ6FUW5wWJb1zmJP02f6GPedLtUBVk/mZ3xejz/IHMEEc1DM++4tpEUQwFwUcUIgwcagULAB70v4+obaDron2PomjMD5PEbmnJjzrnOimx+dE1nHXzkncLnKOYHggblDBlmOlRlkGVUHTLENcE3KzTLqf2BZLyuDCetLdZJTYgxNsbHBgGNKKKcEc0somNB1SnQGuFxxSiBgYSAmo/UxrDq9lVOiAyRiIyr78sWKK2J1XIlVMKEcEmrqOiS6YKIzx3CWdic/GbEs69X05LEo5jKqTcG2MyfloIhhfL0Dw8o5gS4KDCtA0XFRIJhQQGKG2T2MuSdYmVlnWHdZPVewQkH7DDzsOCeydtSKc6LjpsDtRqiC+xdhxNwP1r5ASDdCHPP/zbRzwnoBGUxY7yRFoTPSrV7b6Dgl1Ksb2eCVHSCh4ETmlMBp9dWNitCPwTvACCN2gUT3lY0VR0QHTigw0XFKrEIJ5ZQYQ4OIFSCRhbM0y7Ks7yr2dD2mrTw5js6J2KmdwqfllYOCTcxBkU0MTDBAodwSmTMDgUR8teOvwe/30S2xAihipz4q1iOTyo/OCTy3WSdftR1ZW0qVndtn6SxNtVUH5KNUOv7esvJ2TlhvJYMJ60t0glNCTRmUUECCgQnmaGAQ4llOiZVXNxilH5CWdYLVk/7KKYFug+y1DeaU6IKIXSDRGdyy65SoHBJdMFGdizjHcJY2xvCTD8uy3ldfMBZFXB92Hu92bdzfV5WDQkGK2cH/GPf3ksxBwcBEBBTojsjAe+agwHs8jkOhAIWCE7NOWEce65DV8xS6WyrnRPbwCtuL6lxnZZVzotMGU2AC83+L/NieiHAivlYTZeeE9TYymLDeQUehBHbou06J7lc3nuGUUEAC6X5mUVRSUOIMlwR7deOoQ6Iz5sSKU2IXSiiHhHJDqDR2HsbgjQuUGw6WZVn/quOg6C6vHBTz/hoBBoKJykGRgYbK6VAt13FNKAdFxzkR72URSCj3RHRKYMc+pu86J2Ydq3ObtSEx/YhzYkCe2ibLHyM/dpXPnBNMdk5YbyGDCeupeoBTgnXKGZSIcTagZPbqRjWWxKOdEupYqlc3GJhgnd3MJVE5JJhbovO6xiqAOAIkGJhgIIUdGzv+yiHRBRN4PiowwZa5k59wWJb13bU4FkUXSKDUU3iWhnnKQYFOitlpj53LCAmYg6LjnOi4JjIHReWciHnMNVG93tEBBXgOMqFToAMgVDuSbSsrG50TQ+SzfejsZ1T2+8V2hoIUdk5YLy+DCesVtQslEEwopwQ6EzpjSahXOP47aiCx45T4GDmYqIBEdSMfow8kZph13tWrG8oVoZwSR+FEBj86Y0isjiWxCiSwvsf43NCogESVZ1mWZd1LPYWvrrNqmQuE4zTTPiAeYcScYkc9pkXQoMag+AvKMefEqmtCOSmYcwLvfcw1Mcbne94IZUaoK6aqDaPyo3Oi6vBn4GLXObEz9kT32FT6PN4JJDIHBYNmlvUyMpiwnqJNp0QGJhSUYB35swa53AETHbcEc3EwsMIATPa0Id50WKdXdbCxI6468QxMdAa0fDSQWBlLojuOhAIQLB3rtnJCVOlSfpJhWdZP18lf82DpEUjg/ZYBCizHnBMIKphzAsegQGjQGRSz65pg4B7HnmBgAu+BCF0mtBghDcPoPugK2zoZ/L+E+riEeNbWzLa36pxQbTS2XZWvxpz4HbbbgRNTCCfof8LOCeuZMpiwXknqxq+gBM4RSpzhlOgAiGogzEcNctm54UWxDrJqaOCUjSOhnBKPgBK7DokVp4RyjUSLJM4rOBHrfUCc3ezdALAsy3qc0BXRARTVOrA8dlLjPWHGGaDoOicqB8WuawK3z7bFHBRzGXRS4DxCiTH+bddcx2c4EcEOk8qP65sQIi4zyDKsXZU9GMPlsnXvllX7iYpwIv6uVuGEZX2pDCash+qgUyLG8YYQ4zjFzj12/jNIsPvKhhpPIgMTnUEu1asb7J1FrLusE6ye+mcNFeY6YCDgyECWf48x/k+kd8aUqIBE97WN7GnQKpiozgVL/yQ/qbAsy+rp5K95rDgoVHsnlkMwwZ72z457xznRcVBk93N1P8ygxl8Qxn1jDgr2egdCiuzh1AqciB3teE+uHAnVQzGVX71Wm7VhO/sxIP9vUQ+xXTKXZXCCOSQuIv3fheycsJ4ggwnrFZTdjNgFHV9rUGNKdKFE99WNjkOieoVDAYmOU0Ld1Mb4fAOLUlCCuQKw4951SJwBJbpgAsNHoYRqVGVOCTskLMuyvo/OdFBcwzwqOic+xn2HMN5r8PWO7lc7rlBOgQVcTwU9KjiBceWgmMcd02LdZWNPrMKJAeE49gTmdxwLFbhgy2ZQY2U/mCKcUMvZOWG9nQwmrIfoC5wSajwJ9eqG+hTo6pQNcMkGuzzilMgo+hTr/LInFN2GSOeVjZ2xJBSA6L66oV7fUO6OzrEyILEKJrDuO+mf5CcSlmVZ5+qkr3mw9BUHxUyfy0Q3RHyVI3NQsPt0bF8oYDDviwxYZK8+ZnAi3iPnetV9VDkn8LjZAJJV22fG43lhdYnrHUOfu246K7PiolD7gcK036RMlJ0T1tvJYML6Sj3CKaGARAQT3a9u7ACKakwJdHIoIIFOCXVzZjcv1lHOnBLojsicEhkkOMMZ0QET6jWOVSihXCMMSNghYVmW9XP0SAdFvLdHQDGXYc4J5qBQDggEBKuOix0nRTb2hAItzDkRxZwTMY85KFT6VMc5gW0tHFNikHJq2RVVzokdZ8UYdk5YbySDCetUPdEpUX19A1+dOOvVjc6YEv8h255h3M8OkGBPD5TwZqI628odETv3Mcxe2cjABIIHBSJ2xpRYeXWj0+jqOCXOABJ2SFiWZb2InuCgwCfRWVsnlotzNeG4E/jKREzHr2tkLgm8d2YOCvXQg91PMR7HnlAPUZRzIsIKBSeYIhxi0EN1/OMy2BbtOih2nRO4rkyqXW3nhPU2MpiwvkKPcErEDj8b02HXKVENelkNdnn01Y1I6rtQgt3kmUNANUCug0OAzBnxSDBx1gCXCGUQPqgnO1m9ZvXP8izLsqz30yMcFKzD2R17YpbrDIyJU+WgUOtj91Dl3MDXPBgwmXXCXu+IdRbbRljHlUMC02fHPDonGDSK6b9FOivP8tl+ZFKAYnU51kaxc8J6aRlMWKfoC5wS1ZgS2UCXK06JDphgY0qwV0kilMicEmpMiS6UqIAEc0hkYGJlHIkKSFSvcKw6JZjDo+OQ6IIJrNs4Z3XP0j/JTxgsy7JeSyc7KFheTFdgYkDabdx3EpVzIo6nUN0DlYOi45TI4hFGZO2QeH/FsSXQQRFdEziP4VU4we7xbL2Vo6FKj21YlVdtB/dNPdRjY07YOWG9lQwmrGfqEU6JapBLBiUqMPHfJI+th03Z1zfYsSggcRaUUA2PzM55xqCWR8BEF0pg42iG47FjOAIJ5ZKowIQdEpZlWT9TlYNiVbPTOO9L6JzAgRznk+9fkL/jhKjGnqicEpVjQwGL6ZaI4TF4m2Z27KPjIaoDJ1i+Wt9chq0vAwdsOdbeZcur7VSqytk5Yb2NDCasQ3qgUwIdBJVTohpPYmUsiQ6Y6Ly6sTrIJXtfkdVlVNapzhoKK0AiAxMKPJzhlGBgQjkkIphgx46wpgITY2E+RPyP/CTBsizrvXSSgyITc06oDi26JnCcha6DQn25o2ozZE4JBiqydglzTyCswONikGL1QQ7Cidjhjq4Adi4wb8CctWNVPLoW1HFk298Rg2gKTtg5YX2ZDCasZ2jHKYEd9iNQovvqRgYkul/f6Iwp0Xl9A+tY5xrzAAAgAElEQVSOqXPjVw2JaiyJrlPiDDChoASCCQYiqrEkug0hfEIzkjmGWdyyLMv6OWIOipUnzQgpriE8O+OxQ4jOiWzsCXREKAiBwKLrnFhxUOBXO7J78dGvdqh0PFcRFLBtdRwS2T7s5qvyu2JtGTsnrJeSwYS1pSc5JS6j55SIQAAdEq/qlMBjrui46hwrJ0D2xKMzloQCExV4+IpXNyowwepoB0iwGzK9SfuJgWVZ1vfSgoNi1T0RO8qZiyJ2qm8knDkn2Ksg7J5ZwQnlnKgcFeoBCrs3j7C/K1/tqCAFcw3EbUXQE9ebOSRUejc/e1jXXR8eZ6bL+OfcxPqyc8J6GRlMWI/UM5wSEQyw1zZe1SmBx965wbCOMnMEVEDiyFgSZ4IJ9crILpDARhCGY50pOBHnKs2yLMuyVhQ7derJMz7Jj/o9Pj/EyMCEAhQZzJ/zs50TbLvZuBPolsCxJ1CzLRWhQsxj9arS2Vc74jJxXqV387Fcpe6DQSU7J6yXlcGEtaQnOCWqgS7/GhxMdL+8wSDEVzklFA2P9adgBHvykD3h2B1LogIQq4Ndsm1k+7fy6kb2FEaBCVXHg4RZfIzhJwOWZVk/TYmDQnVoVx0Uqm3A2lf4xD927DPnBDoo8IsdrG2ROS7Y2BOsfNaOyWDFIOnsyx3MaTKgnBJ+teMZzomoLC+TWo8qixDCzgnry2UwYT1SO06JDpTYHVNiFUocdUowt0Rl0WNSUELd+M8cS+JMMMHGkjjy6oZq7MybKmvgYD3G+s3ClmVZlnWG4pP6zhPoWeY6PrcX2Nc7RgjHtkjlnFD3VnRQZGBCPSzIykcQkoGJeVxq7InY1tz5ageTGneCLXPUObECITrL7axvxTlhWafLYMI6qu6FWUEJll45JSoosfLqBoIJ9VnRHaeEAhLq6xtRlVMic0mcOZZEBSQUoOiMK7HilMgaT8odEdNUXWKds5utvAH7SYBlWZY1xr/3g82vd3RcFdFJgcuic+IyPrcbGKBQE7Yx8NUL1e7IwARbv9ouKzPCfrOxJz5CmevQcEIJHRaxPYGwQz10w/Vkzglcl1ofK9d1U3TaKPF3NdeZOSfGuN926pywrBUZTFiPUHZRRqcEc0wccUocHU+CgQnllGDARLk/VqDE1CqUYC4DBgG6AOH/SPgImOiMJfH3+NzImeF4zFmDJ3vSMiAN09U5sCzLsqyjYk/tO+ACNd0T0UURgUMGHuLXO7KHHFV+52GBWo8CHAhABsRjvyW7d6+OOaHyszEn4jJH0nedEl1V62cPaSrnRIRflnWaDCaslsgTgMopUUGJzCFxplMCQURnoMuuU0IBic6YEqwOo/CmnN3IlVOiGkdihrPXL7pAQoGJ1a9uTDDRaQBVT14YkMjmQ8T/yA4Jy7IsK9PC1zvGyB0U6n6DT7hZ2yJ2HLMpugwyB0OnDdIFE9m9Ox4jKxfzcFBMdWyxvRm1Aifi9pljgZ2/jnNCOR9WynZUtV3ieq/j/tgrOIHbuPtNe6wJa0UGE9aZemWnxAqU6DglOmNKHIUSWQOhAyQ6g1t2gMQKqKgcEsopwV4/YcdagYgOmBiQj3VvWZZlWc+Q6tyNsfdEOjooYgeRtSdmm2WMc77aUQEJdR9nDxuqr3bEaeWrHdi578KJKeXEqNa1kl5pt51i54T18jKYsFK9oFPiPyScQYjugJfMIRHjO58DXYES6klBBiQimMi+ulENcpkBCcw7+jnQnbEkznh1g9UxC9/JhN+yLMs6opMcFEyzU5hNuE50E4wQj/OsHZLdh7G90h0nqrq3K9eEAhTsWJlrIoq10bpwYtchgeeeLae20TmO7LeWLTuGnRPWF8hgwjpDX+mUWHmNI3NNKOjxTCiBN9zsiQNzGczXIDqDW3YcEhiuXvvoOiXQGYHzeKyrQIKBiW7YsizLsr5SsZPHwqv3rNi5ZIAiOiduYR7zK0eEAg5ZXN3ns3s97ju717P4VKyH7tgTO86JVXVgA1PnOFm5Cn6x+rRzwnqKDCYsqic4JRic6IwpwSBFNZZE5xWOakyJGWYgRYEXVkcodgOobvrKKRHBROZgqF7NWAETu4NcxnDllOg8TRkkjnVa1b1JvmVZlvVQNR0UO53KuVz2xD52IKObYEAaCyswoRwO1QMGFs7y2SseIxzDTKucEwgVlINhhPx4TmIHHNfD2nkqHfMqF0S2buWMyNo/3XQ7J6ynyWDCOqIKSjDHBIMROGVOCfX1jEdAibNcEmPwGwrS/g6UQHdB7PhjOHM1ZGNFZEDirFc3Vi2eGB+QN8bnG6p6mqLSLMuyLOsVxJ7Sx/tW9dQ7rkO9SqBAf7x3rrzasfIqJnNPZIBiAgl2jAgiYrqqn9WvdrD02e5jbbkx7uudpZ8tBbHOXH+EFKqMnRPWtgwmrDsRco9STokBcQYn1JcrGKRQr2/sOiWwHHsVpPv1jQ6YYHUWxTrXGZhgA1wyMFFNna9rMDCxOqZENpZEZzyJ7EkMazxlc6zzTzK5tyzLsr5C8/5z4tc7EEiM8W+Hkj2hV/fXODimKtN51XI0ymcAg20THRRxG2P8CwyygTEVsKngxBR+rQPPF3NCKFBUuSG6kIH9hrrtGzxnqPgbwuXitrHu6PrsnLCYDCasjlRHm13MMxihxpSoXtvofn1jxSmRuSQ6X9+o3BKq7sbQUEI9Uag+A6q+usFe2ahe0fh/Ir07pkQ1noRySrAnKKxusN5ifWLdsjq3LMuyrHcT6+zhqxnVstEdEJ98Z4BipsdOePYgIXNMVA6KDrhQHWfc707/Jh7/I8ecyF7jiMIOfgaqMu22d1aWi69zqHYu/i7tpLBKGUxYYwxK6qcU6WXldqCEcidUUKJySuyCCdwH5e7AV1S6ZLsDJdjrG9WnQDtOic7YEQgmuk6J7qdAj7oksO5inWKYxccYJvSWZVnWa2nh6x2d1ziY0DXBHALsvhsHx0RIgfft6uECa/OMkYMJ9WCCOSdUW+E2Prs/1JgTUxmcYOqOXZG5CZTTAvO77uZMDPSsvP4xz132e2SvsdDfudtl1hgGE1auzH4W085wSigYcbZTojumBBvs8tlQonJKKDBRDW6ZOSM6r3GwL350PgMaw+qpCzZIsL4GCWP9WpZlWdZPUew8syfVqrxyv8Zy7N6LX+7IoAR7+MDcDwxM4D6wbajjG438qFU4EfPVeq7jXxgSy3ZBR6WqzbPbJlpZrjvmRFyvnROWlMHED9cBpwSDEayjXkEJ5ZBgA14+0inRHezyAuFdKMFu1EedEmqQSwYbOmAC18m2qfax++pG9oSFNYpYXaq6/iOTeMuyLOudlDgo2BNu9uQd0xBIjMHHnriFsvE+HJ0TalBMBQ8UpGAPaCKYYO2EuI+qDTFE2QlWWDp+XSPGV+FEBC7zgRYDEx33Q6Zd50QGbTrAA+sonjO2DTsnrJYMJiymI06JyjHR/RRo5XrYcUpkQKI70KU69h0occQpkQ1smTkgjnx9o+OUYGNKZO+cqgbNgPRYjxhmdW1ZlmVZ312qwxzBQrVsNfYEWw7vxwoMKHiQvdoR19F9NaTaD3UcTLNO8LWMFTgR13O0XVLBhw5IOJKP5WL56A6xc8I6LIOJH6oHOiUyIMHGlmCQAt0NHSjRcUrE9eM2V76+sQolsom5CjKnBAMF1esYO2BCjSVROSXYmBL4pOSoUwLDLD7GMHm3LMuyvocaX+9Q7glUfOI9Rj72xCwf2yzVmBMMHlSAQbULKodF9vCiAhfsM6Nj3MME5ihZdU7stkPi+qp1dB6OVXGsr+7yEeDMc6PK2zlhpTKYsKLOdkpgRx8HusxcEitQYsUp8R+y/WdDCeyssw79zqsbFXhQIAJf33jUIJdVA0WBiZGELcuyLMv6LHxKvfKEGp0TEULE9eNcAYHqvq9e1ciWG8ky/yHHpI5dpaObBPNW0tV6MrEHg5m6x7daD2P80+7LZOeEdYoMJqypVadEBilYx77z1Y3O2BI7A12y8SuYa+NZUGJlPInOqxtdR0T31Q2EFBmQYK9tYLz75IQ99RiQh+l3MmG3LMuyvrNOGHtiQN7sLKo2TgxncKDrnGAPLBSQ6L4CksENtY05xQEq8XjG+Do4oV7RUcrylPsC21fKjTPGP21A1h6LsCFrG2e/T8MJa4xhMGF91gqQwI57Z6DLo+NKHHVKvBqUqFwSmVOiAhIrr3Z03RLVlzeyMSU60xifb5qqji3LsizL+qzYWWTp3XtofJUhdtZxnRUQiOAgWz4byLJqN2AbIms/rLYtvtI50V13dUydeunkd5bD1znUegwkrDsZTPwwkXcTsw42I+b4+gaDFNmAlxWgWIETGaA40ykRj7Wqs+6TAgUkEEbEMLoajoKJjlOi++WN1UEuVYNjjPubFCPzn2SnhGVZlvUTdeLYE3G57IFM9YAh+2KHelDD2gHd8SVY2kjy1CDbt3E/7gQqtncxnYm9ChPHYzgidS6VI4bNYzkFdrJ0DEeINV/rwO1kv8W7PI818TNlMGFFMQiB8ZUxJXCgSwYhumNJrLgkznRKnAElsjElVr68wcBEB0hUg1z+X7LdVacENjiqxskg4UHClmVZlmUdF3YQd8eeiOurHjqoMnEdGXzIwINaX/UQZJDlMsUO9wqciPWtlt9R5ZxgdZKVX03P2sNxzIkprIsR4m7vWWMMg4kfo4ZTQr0ftgIldj4NuvPVjQxQVE6JGWavnLAvjFRQAm9wDEp0Xt/IgAR7hUPBhy6YyL7AcWSQy+rpBtbTIOlZHY8xTNAty7IsK+qEsSeyjii6Ba6Qp0DAIHkxfbYd/hp5+6HjklgFGeqhyIC0WS6OOZHBBda+zuBE9XpwplabaXMdnXRVbozPcIKNKzHjF5Fu58QPk8GEFVU5JVZf23jEWBIVlGCDaTKnhAIq7FWVMXIogTcvBSXU1zcqKNF9ZeP/JXlsPIkYx+1fxz2YqIAEc0h03hXFulR1bFmWZVnWMeETa0yv7rnTMRG/wNB9co/3fhxzogIJWZrKY/vRVbZc5pxgdZzBid39U+q2p56x3eiwqRzHlmUw8d1FnBIodcFQUKKCFPj6hvoKx9GxJSqHROaUwH1l42WsOCVmvAslul/dyMaT2AETmVMCAQkDE3gsK2NJZE8mGHGnNykTc8uyLMuqtTn2BBujgClCiWzsiZj+AekfkN95uKHShsjrAAy1v/i1DhRzPkytwImZ94ssk0m1pSoAkc2rOlHrx7JsbBL1O8Q8+ruzc+JnyGDiZ6p6jWP19Y1HD3C5Ayle1Smx8vpG59Of2XTWlzd2vrqhBpdS9WdZlmVZ1tepey+eHc/oFmBjT8TyrEP7q8hny2cd5Wz/u+U6+VFf6ZxYLdedd7e1sr9szAlcFzp2PPbED5TBxDdV4pRg40fE8FljSnQ+D9qFFN0xJTIoofb9qFOCEX50FUQwwcZwUC6G7tgRnS9xVF/dUGCi8+pG5ylFBiZU3f6RCbllWZZlravhnBhDjz2RCV0TmXMigwosTz38GM11qYclHRcA206Wjq+1fMAyq86J7sCYyrnQKVfNVd1gPltOqQsn4jo/wQk7J763DCZ+ls6CEpVj4qhT4r9h3h1TQsGJM7++UV28zxhTQn15Q722gfNVt0RnkMsVp0TW0GB1iHVrWZZlWdZzhR3o+AR75cl15pyI657zqv2Ay3XbFurBCFvfFHaKb830MT7DiLjOFThx5Gsd6hxV565qn6lyKj2DXKfACev7ymDim2nDKcHKYUe9M6bEI5wSnTElME3tzyqUUDeiKeYWyGBEBiUYjDgDTKixJZRzY3WQy5X3OQfkDci7k0m4ZVmWZZ2n5Ksdf5JmUYjPNHb/Vg+2Zn63jcCAQ3zgw8pg+2uIudoHfOU0bht1G3zMCayj2I5Uzgk1FsUqnGD7iutW7a4u3Fk9b2ob+NuIcILVt50TP1QGEz9DmVMipq28xvGIMSWiQyJzSmSvcZwBJVDqYowd9NUxJRg02BlLQg10mbkl4j7FfVVgAhsI3dc3hohblmVZlvX6Up3D7Ek2ezJePbxg5Vg7ImtvVOvG7ZwhhBE4ZsTMixBCpa/ACQRJmF4tp9KrusvOW2d7sw1ZtbvtnPiBMpj4/qqcEgpKKIfE7idCzxr4svPaBo4t8UinRDXQJUKA7KsbR4BE9TlQ9epGBBPdr27EtFlHK1BC3lhMvi3Lsizr8doce6LTWWQd7bgsbkc95Og8ua8elFQTrr+zPabb+BcmZGNGsLqd6Ude61jZX/WwLYM7av1qeQWXxrgfj2MM/buIeYYTP0QGEz9HCCjmfAVGPMMpcRRMHIESKHXxXYUSakyJ1a9uqNc2lGOCbTMbU4IdCx5v96bO5hi2LMuyLOt1xZ5cj9HrIKon4+rhRdWWYOuuYIFanpVT8Sqd6ZnOCSWESZiu6qdT/53lO6rGJDGQ+GEymPgmIsQ7+6PP/M608hWOR48pEdf1ik4JNmUDT646JDIw0Xl1g4GJlbEkdsHEEHE7JCzLsizrC9Uce4LBiUrqybgaBwHX/RHKZGVVPo43wQAI2262PbbvbOyJuf/Pdk4odRwP7OsnrFzXIZHVLxuThO0z091v0WNNfC8ZTPwMVQ6Js17bYGn4BY2jr3EwWPEKTokVKMHGgshgxJExJapPgna/uqGskoOE4xzr1LIsy7Ks9xI+5Z/xOM8Ux5yoHpxhh3+lg4z5LL2SasfswJlXcE4oVe21rD5jPL7ay9ZTbW+uo9pXuyZ+gAwm3lwNpwRzBWA+dtiPvs7BYMLqKxzVWBVsgEvl7ngFp0Q20OUOmFCAQw1yecQpUT1lyG769CZism1ZlmVZr6fG2BO7r3agg6LTtmDxzL2J85Wn/J22TRduRD3aOcFAzg3yY/oRoIP1P8KxrZzHeIyzTtRXOi5Qnv4O7Zz4HjKY+BlCu9RRGJG9rrHilui+5lE5JDJI8QpOiQwk7Lgkdr6+seuU6Ny8x/h8I7Esy7Is62do9Yl21zmB8QwMKEChylb72llPV1/xtQ6Ms+PoAgTV9qvW392f6isdal3WN5PBxJuKkGyU+oMzKIEd+KMDXyoggfnMMdFxSjDXBIMRbMI6URdU5ZTAr1dUX99gX8rYdUkg0Fj5+kbllGBPIaqnErEO1Y3nTibZlmVZlvX6OuCcwHLxyXhsd868lSfuq+mq3Eo+HheqAznG6Dsn4jYjnGAPF9X2s3ZuVgcDlsO2YLaenfMy5/NYGLCqfl/3he2ceGsZTHwvVa9xZONKMCix6pSoHBIIIirHRPc1DgQTzA1ytlOCOSbwSxgrY0msjimRuSR2nBJ486nGlIh154u/ZVmWZf1sRWBRtQvYmBOrgyBm6dhOOUPVflQPDMc45pyI9cTWk3XoYzx7uMRAhFpe1XH3fOE2I6hRY07MumB1Z30DGUy8mRKnxAXCHShx1pgS3S9wqPzKJVGNKRH3FWFLF0pMVWNKoFsC3QnKIYFgQgGIakyJ6vWNI06J7BWOWF/tm5GJtWVZlmW9r5KvdrAn2erJP8tTX+048iQ+cwJ0yrF2zwhlMK4625kq50TntY65neu4/ypI3H8cc0I9hKvizDHBHmbhOjp1Hfcn/h7YmBM41gTm0d+p26HvJYOJ76FdKLEKI6rXN3CciZXBLnedEvErHMopEeskSl2ku2NKdKFE1zGx+grHI5wS3Rv8SMKWZVmWZf0cYWcxAxVMj3BOYN5qO6VyIBzRjnMCFTvw6pOlY3zeb2z7qnQFYhSoiGEFfLLtRlW/hxacsN5PBhPvLwUlsvIdSHGWS6I72OUqjEDnhHJKIKhRF8bVr2/gaxtqsMsdCBHzOl/fYGNcMIfEb3JsCkwMEWd19+lGYEJtWZZlWd9PxdgTK53FWb5yt2LHnaXHNOV6UG2bbNnO+rL9yTShBDoC5roqOIHOCTXmRKdNl6WvvNpRravabvZ7YPVrOPHNZDDxfYSAYs7PfG3jF8yrz4JWIOIMp8QZA17ixXf36xvZqxs7UKL79Q0GTNhAnXh8CkpUN5Io3wAsy7Isyxrjc4d6xuM8Uxx7YkqBCgUmVFq23I6q9VQPCqPwaxs7zgm1X1X7rQI0FahYAT2d/Ymqvt5iIPHNZDDxJiJketUZoQaFPGNcCeWQqF7d6I4pEeMKqqjXOP5UIcxjOpu6r290B7pkMOLIZ0HZvpw9pgQDFFifd7JTwrIsy7K+vw58tWMVTmBbjrXnqo7xIHNVVq0nEx4jS0fNupjH+RHS4/Id5wQOHhnL4GseXYfEEOWGWA7XfeRrK7GPMmB9uH3U3e/OY028lwwmvpeqMSVWXttgICI6JdQYE/h1DuWMOHPgywpKoNhFGDvuu2NKnPX1jWqgSwUkzhxTYgx94bcsy7Isy1rRinPi6JgTXYdAV50HgjvpMZ85JzrrZHCie5zK+dBxTGAc88a4Bx24XZU+1fkd4DLWG8tg4sWVfIVjqvrD7rzOwYDFzrgSmWPizNc2VqDElLqIotugO6ZE1ynx/0T6o5wSDLxkNJvVEaZ9kkm0ZVmWZf08HXBOYLkYnx1sZuVfefKuyqvlVFm1r11lx/4rbDPChVUQEj+/im4DfOC06mDAY8DyuJ2qrTmP89fIt7s61oTKt3PiTWQw8Z5Stq5Vp4RyTSAkYK6IjlOCAYzdsSWyfV9xSjDKy8aUUI6JI1BiZUIXRscpwV7fuA0NJdRNe5C4ZVmWZVnWUUVgodoZ+PQ/G3Oi2k7lrFBSD/5Wxo5YXR9zPmTbZHAClQEiVg7TmGMia1cq5wSDD0Pk4/50v9KBAMjt2DeTwcT76QLhDpRgX654xJgSyilRgYuuUwK/wrHjkFBQQjklFJxYGVNChTMg0X2Fg+37ypgSY3y+cKubxh+ZOFuWZVmWNYXtguCgYG4B7CxjuTE+P/1nY04wVW2cu91urIutY7UNxJ78q/UdhRPomMDt/ArhjnNipmVf5+g4JzrbUE6NzEET94P9vtxefSMZTLyXVqEEG4eBAQnlmqjgxIpTAvNXXudgUALhRKZdp0T2+sYOlDgypoRySygggTS7+voG1tUgeZZlWZZlWbva7TzGATGrMSdW2y27zomuusud5ZyIIIfBianKOVG5bHecE9k02/psPzIHDe674cQby2DiRVV8hSPrjKtxF7JXONSrG680pgQDLB173a5TooIS+CrHqlOi+1nQzpgS8VjYjUA5JYaIs/A/FWynhGVZlmVZhYqxJzrjBTAHBftKw6qboft0n62T5TFVDols36ZW4URcbq4H62zOO84J9TrGGc4JVj5bz9wf5qDp/Ib+wAmPNfHaMph4PyGgmPOVMSUUBEBgwL6gseKUyJwT6qsfq1/fYPUydbZTovrqxpHXN5RbAvcpgxLslY3KKdGGEpZlWZZlWScI4UQ1/sEUc06sOhliZzXTjtPhDD3KOaEcJazOb+NzH1G1IY86J+a64mCY1f51xpyYeW7PvpEMJl5MhVOCKRtbIoMUarDLzuc7z3BKKLdENqZEhBJVHXWhROzYMwBwJpRggAIH0GSvb8T9WhlTIpsGmQ8RN1m2LMuyLGtZi86J7msdypGQPYFn+eqpfba+qWx8jEwd13NUF05g3c18tXzXOcHgApZn68Xl2DJsHdl+sPHl2O+K6e63ZufEa8pg4j21CiGqQS6zgS/ZlzQqYNEZ7HIFUGQDXnagBKO61QCXK1Bi1zWRjSeRfXnjqVDCsizLsizrAYpwIsbjPFN0UGTbGEPDgNHMr8qvOiy6+zXGveOh2ges07l8lHJJsLiCB8whocY5GyLMxkPDsSayfc7GHFHLWC8sg4kXESHJqMqytgopGKjoOiX+C5Mac2IFRnRABIMSeIFnF1J24WSvQlSfBmVjS6jXNM5wSuDXNzpQQr0TmD0xGCT+TwWbJFuWZVmWdVCFc2IM/joHgxP45HyMGk5cxj9tqswBgdvuiDkUYjxrt2KcvaY809l+I4RggEftTxx3InNOYDxzVKi6Y46L6tUOtd14bFhfFbih+2fnxGvJYOK1pWjsDoTofBpUwYkKMjCnhFqODbbZGVui65SY88op0YERCiTsuiZ2ocQRp8QgYcuyLMuyrFdXxzkRn7R3nBOVjjonVHq1/c56ovMB3SW4DKZHIJGpCwcUZFCvTKtlOuNPVO1Y5Zxgv5+OE8f6IhlMvK46RPWsVzpWxpPoTJVLgu1H9RWOXadEd0wJ9fqG+vqGghE7UOL/xL5kYOIGc+aUGINf3Afkf5LJsWVZlmVZZ+sE5wTmx04pfq0ha/9kOqMNxDrKyhGhtsvK41c2WMc7rg/rRo01gfE4GCW2Lyt3bgUZEExky3+IdSg3NSrWgaoz60VkMPGaWoUSR1wS0cXQGT8iAxCZU0KBCjbQZQUlUOqCtzumxCqM6OYdhRKMPNspYVmWZVnWd9aOcyJrN56prmNC5WegQgkhQ9c5weAEQgk2vsPMi2AipmGbW0EGVWaENFwve6CmfgfKMWM48SYymPhiFV/hyAhghBIdUFHBiY5Loiq3OsAlc0so+IJ1o5wSylJ29pgS6IzofhJUQYlssMu47+zYMjAxhr6wf5KdEpZlWZZlPVonjjkxhc6JuezvseaY6JYrxy8Yn/e9atuqh5G43diZRzjB9jN2zHH96MCI+67al9cwX4UQymURYUfHkTHTsP8T18PqIub9qTOPNfEaMph4XeGFas7PfGUje42jAyKwDMZx/Z1XN84aUyJzTGQOiZWxJCrXRPb1DXRKdKBE9508pN+WZVmWZVnvriPOiV11HREqXjk3uvvH1odf6+g4J3D5KWxTx9c4BuTN/iPChFVQwV7piM6JKNa2xXKVU8ZuiReXwcQXqXBKMCkoseKWiPEOkDhjXInOFzhi2u7rG9kFMHuVQ40p0X2dowslcP2PdErEOkqdEibDlmVZlmV9lbAdEtrHlXNikPQxtHMiGzhma2gAACAASURBVBiTratyRHRBhHIqsAdw6qEcS8OxF+J+VHBiLh8dF6xd/UukZ84JVla105ljAmEHG+sCvyrSeaCp2rt3vy87J75WBhOvrR0IgZ19NaZE/BIHcz50x4nY/fKGeo1DOSaiMqdE9fUN5ZY4C0RUTgmEEytOicolwai2ZVnW/2fvXbcbx5kgW9jVc97/eWe6yufH1+hOp/MKgLruvZaWJZIiQYqqUgQjkwAAr0L1qvf83ZQlFjSnExInkhPZ2HVDy8ic0O+bxygq6Zh/9UMmJ7KLg5U7dMx1yulyHNIwkdPmc1nOER0zfh8/KBgTN8ZISmgq/3DtJCWytIR8/H/q0UlJeKZEpXSjYkrI1/IfMM+U+Hv8TElUekrslm94xkTU6LJ7S9AsKfHjH2CcYAAAAHg0jN4TVopBpyn0cmP8J067xkSEl6iQr1eSE9b6ve1Y83WvCbm+iqFi3UbUMwG85IRnNHi/NyspCjndu0uINCbmWORxzY6pOT6SE/cBY+IxiP5x20lMeHffyPpLZMaFdxeOaFurDS8ttHvbvQuHZ06cTEtkSYmTpkSUlOAfVAAAAHgFpNCuJifG+N5zYpcs8dA1LKLlImNFTpdlGZF5Yk3X6xnDPp5eekEmJyKToZKiiH7zetvWxsR8HhlSc74+VvxmvjMYE/dH/+Ng/cPjGRKeQdFNSlT7SVRLPaztR0kJ+bqK5aZmfSV2yzfk3Te81ITVTJOkBAAAAECR5K4dneTE5KQ5MbdpCXxvmWpyomJEWMvrnhPV39TSzLDKOmRy4mv4yYX5/moKIkpMyD4TleSEXFaO3yrpsIybjskFF4Ix8Th4/yhpQ8KbFhkS1duEdvtJWEmJ3VKOiBUzonpb0N3SjUoJB0kJAAAAgD0eITkhxzK3X+Gq5ITE6jkRjWU+1+/LLoDJaTo5Yd2Bo/LQBoX3m3jqnIlMjGidJD9vr9SF380PAMbEjdi4C4d8Xinj6BoRnTtvZP0lKg0uvdKN7NhkDuxuUmK3nKPS4LJiSlRdZuvYyNffDyhJCQAAAHgyLkxOyN9apaGMn0Je/07Xy0fLXZGc0MkC631DLR+tVycnrLt06N+qQ00bw/8tmyUnOukL6+4i+hhWjIhv8+k1cVswJh6DzITQyYjodptWf4ndpERUslE1JyoGxRg//+EcI4567SYlqmZEp+Fl9bagVlLCcplJSgAAAAB8Zyc5MakmHeQ2K++zftdmxkT0/k5yQt8K1Fpmvv4aP8doNcOcWGaDfq3vrFFNS3i/hyu/i2WTTvlXpmQ8jUFq4kHAmLiYxl045nP9D5BXvrGbljiRkFgxI7xbg+pj8e8hFH8r/8h1zAmr/MLrKVFJSMjp0a1A5Vi9qBtJCQAAAIBxWXJijP/SEzo5sZKQiC64VYwHvR752vvN7KWPtTlhmRDWdM/UsAyALM1QLUvuJCcq65Ljk8dJlnW0TC2SE7cBY+I+RP+Y6deeIfEx/hP+1WaXlVt87qQnLEPCS0qsmBJavGdmRJaQOH0njkpPiT/DNilISgAAAAD0uTI5UU1IeFSTD5GB4Rkh2bhkY8t5jFbNCf2b3GuAGRkTO8kJz7jwmnFaTT2H+quPhTxfKucPHAZj4vZ47qs1LTMndFoiKrG4oq9EJyVhucjWPusIVuSiytTByWaXOz0lPFMi+ge38pCQlAAAAIC344LkhBbV06zQv8d/Z0MLHmPYv+31dG85TxtY75Pj0fsmp1vv08Jcbm+aFLI/h2UI6BSwZ1p0kxPe+4czT07Tx8s6V4YxDXPixmBM3I9KQiIzI3Qi4eQdOCJTw+tfYRkUcvzRP9iSalLCS0xUjIjInMhKOE7efcP6x5ukBAAAAECPleSEvPJuXVmvki0fGQj6bychUUleyPTAnOclJ6xxy8aSXomH9Zv9/xjTVlMTw5mukxNDLK9/M8/PN0rHWIYF3AiMiYtYuAuHXG7+I1AxKHRSompEnOwtIV9X0hLWP7rdpERWyrHT7NK7a0eUloh6W1TuvuEZExKSEgAAAPD2HExOSDNCCnDdc+LHEMRf62LjSOZbJc1yun6v7BXhrdcbn/Wb0jNsovXo0pCZmhhqmtxe5yKc9TvfS2NEF/D03URkamLuh0xhRHw7l+g1cS0YE/ehmpaImkZaJsCVSQldJuL1k6jeHjQyak4mJXRTykpvCS8x4a0zMyispES1IZA+JvI1AAAAAHznRHIiIzME5nPPpKgaFZ4BYW03Wn6M/C4d3j7Mv9qYGOK51+vhr/H993yWnPB6sHnvl5+b1CNDTI/MqIqxBTcCY+IwB+7C0TEpsrINrwHm/zFe7yYlorSEfF6l+o9YNS1RTUZYJkbWS8LaftWUICkBAAAAsMCFyYlqYkK+rvyuH8Zza73W3531f4z/hLq1XQ/dRFKmEebfX+Pn71QvDZFdlLPm6d/NfxXeYyUnIuOmZWaRnLgGjInbsPqPl2VI6DtxRI9KOcfqXTeyO294iYmI7B+iyIzQhsTvEfeIuKLxZdeUICkBAAAAcA1XJSc+Rq0Zpje9m5jQ68suZv5Wy86/8m4bX8Yy0T7M90+kMSHNCZ2cqCYfKn0msvn6oW9tOp97xo08X+Q+yvlwIRgT1+MlJPS0rjmhjYGVnhLWvGopRyUp4RkS1j+AkXOaJSW0MXDqThxZWsJrcFn9h5WkBAAAAMAmN0xOZIaDXi5KNVjr81IP8rf1p7NMxdiQd9WI9ksLcctIGeOnEeAlJ8bwDQrrN3+mCbz5XkmJlZrQ+zXHrPe5amrBJhgTt6OakLCMCO8uHF6aoXuXjW5fCa+UpGJOVEyJbk8Jy5DwGlZ2Sjoio8Iq28gMCpISAAAAALflZHKimi6IfveOYQt9TytYDTGz7VQuCmY9J6wUgZeckK+t5MTX+K8EYyc5ESUoZCoiMigmUa+JuR7LsICLwJg4xIG7cHTNiR0jopOQiPpVdBtdyudfxt/MPe30lMhuFSqnW80uV9IS2pDQd+EgKQEAAABwETfuOeElJKxlsuTEUMtZpdDWdG/5KDmhEwZyujUua7qXnJCGwFDz9G/9yGDILlZGF/vk9E9jvtynKDFh8W05ek2cBWPiNlTTEh0zYqWnRPeRJSI6ZRyeEzn/dswIr7dDxYSwjIgsMbFy9w3LlCApAQAAAHAfTiYnNBVjwntf1ViwkhN6eW9c1mt9lw0rITHUdG2STObvV93XQRoV83exlZyI0tKZMZEZFsN5PYmSE6QmbgjGxPVk/xB1jIqOGeHdbePUXTgiM8KKo028pERmTkiDQr5eSUpU52eGRNTo0toXkhIAAAAAF3NhckL+tpNYzTCt38JR0iGbnyUn5Lz5uzRKalhC3TNqtGkxtyHHKX/f/hLvjX7rZxfvsnnS6Ijeo8cXHRd5PKxjABeBMXENkVvaTUpYyYSr0xJeIkNv3xt75uCuJiWy3hKZ+eCVbFivM3Oi0/iSpAQAAADAY7CTnFhFawHvuTYqhpqvkxN6/Xqe91vcS07MeV5yQqJ7VFi/Zb27dFSTE5XG8lGiQmqX6OLgGH5yQqZJ5LHgt/phMCY2SXpLRA6oJdwjo6JiRFjTV3tKWOusNrn0UiJjrCUlKuUct0xKVO++kSUk5DEhKQEAAABwkI3kxFDz9O9XbVLo38G/jelDPdd32vCMCuv3tl73p1inNZ5qcmKo6d5vem8M8jhlvSas5ET2m7rzu1tPt/pNRLpNEppZ9Jo4A8bEdVgnepaYsEyJam+JK3tMZD0lvH8wPapmhJea8O7A0UlKWHftmM8948NLcHSNCe/5UM8BAAAA4Bo6yQn5u01eWZ9kAl6+no//p6YN9beanNBmh17OMzP0+LK7dFjTpSkyxs/ft9OciO6SUek1Ue050UktS8NijLjXhNw30hIXgTGxyI3uwhHdnjMzFXRCotNbIivlqJZtZMmJSnzrxN03sluFest7RoT1j2Lm1Or91s/HMP6Rw3kFAAAA2GMhOaFTFPP1LA+Y03SCwkpDy+leMsJ7vpqcqKxXj++Per+FFuXW/o3x/dhYhsQf43mln0SkG/4ylp/PI2Nkjtc6Ltnv8G/LkZzYA2PiWqpJiayvhJeQuKq3RHRHjkopxxj2P2iVf2ykITFfW70dKkmJ7C4blVKOTkpC/yOYpSb0sQEAAACA26Ij/fO199tsCl1dzjHGT0FbMQSseV6ptGVweMkJa73zd7Ye71yP9TvVuvBolUFUkhOWBljpNZH9Fv9r2L/JLYNC7281OQGHwZg4j3ciZyaFZVREZRu690OWlNhpfFlJSlRMifk3MybmPzjaHOgmJaoGxaoh4SUnOqUcJjitAAAAAGcJkhMTLchXzAn5fqvXRJSMWJ2vl/VKOoYxXb7WQt0yIazpXnJC9nXQhoDVP8LTBdY8a1k5TRse8rFzlw5tYsEhMCbOYH1Z59+V1ETnLhw7qQkvHeGVkOg+GLumhP5HJCqdyAyKyJDIls3uxGGZEzumBAAAAAA8NjvJCY31+7hiRGQXB73kxKcxzTMphtoPnZyomBM6eTHfq1MUMrFgGQny70pywjM2ZElHdJcOr6RDmxH6vIjOEyiCMdGkcRcOa1rXnOjchaOblNDrzAyJLC2hj8W/h0z87aQlKk0vM0PCa355onTD259uUuLba5ISAAAAANdiJCd06UVVdEYX3+Z7o+TEUM+z/m1DvccyJSqv9UOO17qgtpKc8O7S4RkUlkmxkpz4a9i/1fU07y4d+rOR+2clJ/QxotfEIhgT59AGxfxbNSIqvSWuuAtHdsePbhmHJEtKWG5n14yo9orQ6Qj9Hmtb3b4SJCUAAAAAXosoOTGneamJ6ILmfK2NCT090w5VA8Jar2WcTKSxMOd55oR+bhkT2pzQhoHVG2I1OeEZGzI5ETXDHP8spzWOTk7I4wKbYEwUCWrRPFaTElnpxu7dODomhfePn/xHz8NKBpxMSlgJif+rHp2eEl5aIvpHURsS8rW17+7xwVEFAAAAuC0LyYmhpk+RO6dpg0JrASs5IZeTvRmihENkcEQmRXW9Ojmh993TAHI/9LGx0hJWsjgqj/aSEtZv9uguHVFqQicn5LlgnRcuJCd6YEzsUflHwTMntNCvJCROpiSytETVma2YE1FSompGVG4X6hkXlWRF59ag1j9u+h/PoZ4DAAAAwPPi/aabAlz+nWjjQU63Hn8by+uLmZWLnB/G30iXaLLkhIWervtLyNSEnmaVcfw1fuoHLymxepcOvX1pVMjjE5kxVqoEFsCYWEf/gxF9SfU/JJHo1wZF9y4clTRE15SouKqeg1hJSngmRSUlUb0t6MlbgUaxL73f+piQlAAAAAB4IIrJiQ9j+lDLWxfl5PLzN/P87Vu5oFkxFqJ1WOUhJ5IT+rVX5iG3qQ0KTyPIUoxf4nVUwmHpDG146IuKU+vM9MTcD2lOzOnzfRrrnOH3/QIYE/t0/pGwnMxf46cZcdVdOKolGycaXlbMiMiQ0K8rpRiVu29ESYwT/SSs1AQAAAAAPDfanPCWmX+95MTHsHs6ZJqic5FTXxgdxvzMENHjkwkIPW++1uaENkf0b2StP6xSDGkkZL0lunfpsJIcMjkxX0fpknaJB9hgTCQs9JaYVMyJSmoiupNGpbfErknRTUpYTvHJtMROckIbECvJCV2nliUnJiQlAAAAAB6YQnJCo3/PTRE7xveyDu+CnvWb2ko0fBrLVi6Idl5/jO8iXG5LJgyGmKb3Yx4Tb6xS8EcNKPUFTv372/tt7vWasN6nNc/cnjZRLA3U+h1Pr4kaGBNreP+IVNISlkFRSUtckZTwTAnPQKkkJeZfKzEh3c6ot8RKP4lqcmK12aVltGTGBP/4AAAAALwO1avjUshHJR3ebUSz5ET18WH89UwJKxEgzRVpKsj0SJSckGkJeWymAZCVdOjkRJaU8H7LT3NCpzKs3/JzXDrpEekgfV5o4wYKYEz0yRIUFXOi2ltip3wju7NHpdFl9I/kxEtKVMo5qnff8BISO3fhqBgSVhysakh8qdcAAAAA8JxYhoT1e1i/1iUdE/372uo3oZezDIaPYJ16HdqY8N6jExRzOatU2RPg2rSwUhPaDJgGhf7NPX+Ha03TMSa85IQ0kGSvCb2vnhaKfuNjTjTBmFinkpawRH5kRlyZlIjKNn6pv5lB4ZGZEb+D59XURGQ8WNP/n1pnpYTD+kcti5npYyBfAwAAAMBz45kT1m89LeClOeH9lraMBmlG/K2mRcnsSI/odcnp83e5leiYyOREtj96XyZa+E9TQhsU0lDQZkTXmLCSE5YRoo0TPXZZrqPNqYphAQ4YEw5Gb4nsH5GrkhJe6qHTQyJb544ZoamkJSyDoHrLz6i/RFa60UlLWGaEnBbtu3z9DWrLAAAAAB4bo9fEJEtODDVP9mWQvyfn+7zUhDQIxrBTEplJ4f2ur5RxePP1RbmqRrDSG3MdUUmH1hKeOeHdneP3+K55dHLiS71H95uoJieGWMba72/nE3rABmNijYoZUTUnKnfiuCopoRMTXspjNykRpSaqjS8rpkM0z7rbR7fhZZSWICkBAAAA8Pp0khNj/Cd4dUmH9dvam/a3eG4ZDJ4RoRMR3mv9Hp2csLTAbnJCJhSGeC71yfwNLss3LHOi2nNCrs+aPj8r6/e+dSwyfQQNMCb6dJITVTMiMigy88FLTlSSEtW0hHY5x/gZUfNEe5aUyEo2qnfhqJoTVSOi+hjq+RjGP0Q4owAAAADPxUJyIkrVzr9RciJrhuklJKILo95yq8kJ67fwnG4Jdmu6TE3I5IR1l45pRmTJCZ2U8Eo7ZHpCT5/rmeOOkhNyvy2ieWCAMVFD/2NUTUdEbmZkSlyVlKjchSMyJTT6ixslJaJyjkpSolKisZqUqJZyeP84WccEAAAAAF4XKVDla+u3oPzdaCUnqlrj7xFrjuyRJSdkYkI+LF1giXV9TIaari92SnMiKumQ5kElOVHtOWGZE3o8c/8/xfQx7P4bEp0mQSMkYEwokt4S1j8cetmd5IRlKKyaEt2eErdISqyWblSTEtXbglaNCGuaxJr2DZISAAAAAM9NkJyYeCUN+nezVSrwZ/z8ze2VUmQXRivTLSMiW88wnk9kSYcW4FFywjInpCmgm2BWkhOZMSF7TkSpC9lrQo5Pj3uI92m0dvr32NBrwgZjoo71xaykJlZMid2kRGZIXHUXDs+Q8MyJTvKhm5ZY6SVRSUwM9RwAAAAAYBIlJsb4mZgY46fG8Eo6rN/qWe+ISoLCWo9+zDHp8erfxZ520Bd7P8Vr/Ttb36VD/0b/y3leMSa89ehyEMuY0AmRSC9JIwbdUABj4h8CBzSja054vSU8UyJLTljpCit9octHVs0ITWZOWKbETkKik5T4W22vYkhEZRtj/PxHaRjPcUABAAAAXgwjOSGvhs/XH850ifzNLJfLzADrQmkl8VDpQ/HprD966N/KVQ1h7cNchy7p0P0fLFNBpyAsg8JLSehpcluWMWGZEksGBMmJ72BMxHjRpYoBEc2vmhKrqYnsbhz6LhzePzYemRHhOZMrpRyrKQn52tu+ZUhE5oRnSgAAAAAAjPHTnPCWkVfltUEh+Rh2acf8Xf/3+Kk39OuolDsr6fh0tq/1gjQXvH3R0/X2phEwxHNpUHwNPy3RKemomhOypGOW3Oi0x0SW5Ex0aiI7L94ajAmfzPGzvpA7SYndBphRn4qov8SHem6ZMGP8FOSVpIRlCHRKN6yExEpPiWr5RmZGWJCUAAAAAHgjCskJjZWYmH9laYd1IdQyBCqpiM5F0+hipZz+x1nGSk54JoUU61Lky3TCGN9NCWlMWGmJaq8J2WNCPjxzQu6XTE7o/Zj7UklOYE44YEzkVCJNlS+8Z1J4RsRO48uOGeGVcVj/sGpTIktKrDa9XLn7RqfHRNeU8P4zAQAAAADQZP0F9AU/q6RDEmmQ+ddKTuz2mvC0gkxS6LFOAf8xfor3oaZ7BoU0AqR+sko5dEPMzJiI9IvuZ6GPg1XOMcctj4VnxKAhAt7emEjuwmERGRVVEyJ7VMyJzNyopiUyU6KSlPBMisyEkNOj/hFRj4ndpITehyghoefxjwsAAAAATCwRGl3sm+J3TrMMiplUiEop5O/6qEw7ujipS0OyhxyrTk14yYmhpluaShsAOrmgS7ClqVDpNeElJyxjolrerdMjmRHxbT69Jv7H2xsTCZZgzx6R21i9C0c3LVFNSkQuqd5Xi44hUUlPnLoLh9VXomtORP/4DPV8DP8fGgAAAAB4XzxzwvvtOM2JqKTDu0vHfEgzIdIiuw/9+16OSe6nV8YxnOkyeTDGz9/iWk/N3+7ShLD6TXSTE95dOvQxkAaKZxZ5+46GcMCY8LGSFPpEi5ISlikhzYnV3hJZqsIzQipJiQoraYlOj4ksNdEp3agmJSpOaGhKvLvDCQAAAPBuGL0mJl1zwiqXnu/RKQWrCaZ3kTRLS2QXLStpa50W0ImJCllyQveamOPRZRwyKbGSnLDMCd0IU45LjlPui95/bz4IMCa+45kR3UdmSuw0uawkJSqJiY45UTEiMkNCJhquvguHNid2+kqQlAAAAACALh1zQv7u1MkJKdqj5IQuxbDMB60PPL3wIdbVMSaknrAEu4V14VeWt+jUhL5Lh5WcsNLbneSELumw7tIhH3LMM1HhgUnh8LbGRNJbIhLqVTNCGhGeKbF7F46sp0Q3KSGnfRl/M4PCuj1n9+4b1YTEalqiYkZMSEoAAAAAQMhCcmKoad7vbily5/NpUESpCc+YsKZZeiZKXsxyBq/nhZeckMfCOgZzurUf05iI7tJhJSeqxoRMTljGxB+1be+hNZalE1yz6t17TbytMRFgGRSZGVE1KLLeEt3+EtWkRPSPVpSYsP5xjJIS87mXaLgiKZH1lvhtjL2SkLBMCgAAAACADlKQz9cTKeKH+qvLOX6P72QXSqO7dHhJiTk9MzbmwzMoJNNY0OaE3A+9/DwG8r3SoNDJCWkeVHtN/BbL6oua1jq8XhNWysMyYIaYP+ehLwQYE3UiQyIzIixTonoHjixpET2yejH9D4j8gkRJCc+kyPpJWHfh8F6vmhSVtIRlTozx05Bw/7F4VycTAAAAAGyC5MQkK++Yf6cI1qkJ+du9kprwjInowqqe9rezvDYootSEJ8Yjs8Iq5/ga9l06dMlFpMN0ylsbFF6vCa0lOiUd6IYCGBP/w/oyVB+em1gxKLQhoY2L3aSEF9vS/7hZx2CMniER9Zc41VsiSkV4tWTdco6hngMAAAAAnCK6Yi5f614T+q9OLHiaRPeJ6CQoonXMbUWpCZ0Ikfsw1DIfaprWW/L3uh67ZUxIY0GXms/52pTwGl9KDaF7TUwDQqY7rOOgsQyat+btjImN3hJyfuZAWl/wqjnhlXV4/Si8PhaZMxrtp2TVnPCSEqt34fASGPofmhUzIvqH4Ns8khIAAAAAEGEkJ6QZYaETE3K6LusY4z8xPA0BzxyYesVKPVhJiao5YSUnstREtP8aPUZ5LHRqQhoIuteElZSQzTGz1MQvMU0bIdIkkYkJ6xh4+zjG92Pz7bx5N93xdsZEQOTSRUkJy6HMGl6u9JNYTUxE++BRMSI8B9JLTFzRWyK6A8eX+ltJSgzjNQAAAADASbzUhGVMSFPij/g7p1mGhDYUvESFdSE1MyesbUTGyGQK+ImnRXQqxEtOyDFbJR3VXhOeQaETGFJXzNcyOaHT15nuipIzbwnGRE5mTqwkJTrmRKePRDcpIV9rp7aalPAMierdOFZ7TFT7SlQNiWFM4x8JAAAAADiFLFmwUgReaYc2KLzkROWialTunSUnvHlRasJLTngmhVwmSk7I9IJOM3i9JnSzy6gZ5i9jfda2tDHhJSfkvoHBuxsT2r2qJCV0WmIlKeGVaWR35+iYFJZ5spqY0KmDLCFxKilRueOGHkunfEM7m5gSAAAAAHAlnjlh/fa0LhhO8T/Gf3fqmKaANCi8UgyrX0TnYmc1oW0Jdp0osNAXUT/F66/xfQyzrGOaBzrRYCUntAHxe/w0Laq9JnSSQu+71l1RcmLOf1sN8jbGxGJviU5aopqUiNIS1vyst0Sl6aVnRujXnnCP0gjaoKj2lsiSEt57q3fhqJgRer/l6+8H6s1qvAAAAABgj+AuHdXkhJdk1umJ+XtcTrN0gDYpPNPB0jW/1Xs/jPfO3+E6PTHHpfdL77eXpNCCf4jnspxjHhuv14Q2IGQTTK/XhExOyIcuJdFGjKXBLOPBNanerdfE2xgTAZZBkZkQ3nTPkMiaWkbzo8TE57DNCe8fI8+k0KLcSknMR3YHjpN34agYESulHHo/JW/xxQcAAACAu6JTA9aVc6uUY6jlPsbP5IRMT1ipiUjHRAmKD7We38PXHrqsY45fmgtSlEepAiuJIf/qsVZ6TWhDIrtDh/eQ25bJCZn0GOp4SLLUzNuAMeETfSkyQ0K+jkowdntLRGkJ7WJ6qRDPiY0SE1nZRlTO0e0l0UlKHC/beBeHEgAAAACuIUhOTLLyjuj3uhS8upzDMgwqxkSUoLCSE9WLotZvcrmvXrpbCn2dTrASE9qkqPSakM893fZHLfNHbVOPzdOT6AuDdzUmrJO+mpSIyia8HhOR+aBLODq9JbKyDS9CpOmWbngGxamkRKW3xImml1ZiAgAAAADg1kRXzr3khC510OUclhGx0mvCS2frdeiSDp2akMjkxDDmS7NC76eXoNCJiSg5IVMTsqRDJims9Vh/ZWJCl3R4yQmNlZh5K17emFjoLWF9eVaSEispiai3hGVGZD0mIlPCqvGykgSRESGnZUmJ1d4Sp8yIjG/LkJQAAAAAgJMYyQld0uDhJSd0rwkrOWGVWmiTwrsQG6W0dXJCTs8ulMp90MdCHw9d5iGTE9oA0IbBfPwlplupCe8uHZaW0+uXyQnLmNDJCXkcrH3+53qGdgAAIABJREFUYVC9S6+JlzcmAjz3Tb72kghRYqJqSlivu70lMjPC+4dA4yUmsvTErZMScrurSQnSEgAAAADwiGT9BqLkhHxMc8AzKOZv7iw5UdEd1jr0b3OpoXSvicycsUS9TktIQyAzJ7SWsUwKPS0yJnSfiTkOnRaZhsqcrg0Lz6R5G97ZmLDwhLw2I7rmRHbXjWpfCesfB6/kJDMjNFFSolK+UU1KZKZElJSo9pbIkhNWMgQAAAAA4B5YojQr6Zh/5e9fy5ywSjr+Ht81hDYWqprDS05oI0ImOea+WfueYQl9bUxEyYmod0T1Lh1zPXO/rYfsOaF1h9Zp6JB/eDdjQici5HPrdTUxkSUkTpkTnmMZpSRWkxJf42dKISrfOHEHjkpfCS8xkaUkrNIV6zUAAAAAwK3xrqBbF9Oyko75XJoTlrnwt/Pc0x1RCblch0xmWCaFHPMU8JMsOeHpHWlMeOZExZSQWse6S8dvtX4vOZElJiqpCS8585K8rDGR9Jaw8JISUTpCf3GrpRyZGWFNt7aRGRR6P8aInVZtUHgpCc+UiAyKqKeE9b6VnhLWNElavvHqtVsAAAAAcF+Kd+n4d3FjunVFXqYmhnguf89bBoU0JOTvcispITWJtaxOY0hDQgv1Kbp1OUe271E5xyzl0NpAmhReiUZkUljLSZNCGhW6pEM+Mn1m8e8xefVeEy9rTARYJ4R24DpJicyU6CQlVnpKWI8sMeGZEpEBEBkUJ3tMVEo4vLFGZstLfoEBAAAA4KXxfsPqPhMTWTYRlXR4aYnsQqylS7z3y+15qW5pRsiUQHSRWSYQ5vvkQ49dpiUsgyIzJTyTwioVkebEaq8JfVzegnc0JiyiSFA1KVEt6eiWcej1Wu5lp3xj4iUNIlPCMye0QVExKbz3VXpKZOUbFb4t96rOIwAAAAA8Jht36ZDLeqkJ+fASE3+Pvu7xLpjO3+16uv79bo1tjO8lHZWk+/yrkxPSGPg1vusbbVJUTIjIlLDKOaQ5IXtfaPNF67a31yLvYkxYjpuXlqgYFFUjomJGRHfoiMo2pCFRNScqfRi8Ug7LlLi6r4TefvbIjIq3/8IDAAAAwNOgew5YRKmJ+ZimhDYoKqmHqjGRpbk/xbatEgzvAmOWnJDrks+t1IQ0D3RJhm56GZkU2WNuTxoTlikjS1r0fuqSlpfXMS9nTCS9JSzBbgl5K+6kv5jeF1YaFiu3Ao0Micyg8MyWMfx+C1kpR2RKRMmJjhmRmRRVA8L7x801KEhKAAAAAMA9cZITVooiEu5ZcsIr6ZA6x+sb4RkTsteE91657mmOyL9zv+TvdV3a4L22EhOynEOXVsjEhE5OaCMiMynkOq2kyExrzNSINE88farNCDnt38//VXtNvJwxEeAZD1YyIktMeGkJy2ywzIkoWRGVc3RNCU0nJZH1lrgyMeGZI11zYozvX3DrNQAAAADAo+EJcuu3rRS+8/UYP7WB/n0tkwzzr2xeWTEmPBPCmi7LObRx4v1+ty4qW+UQ2pyYz6UJ8TVsY0KnJ+a0qJxDvscq6bD2XY91iOl6XzND6uV4J2NCE5VxdKJJqz0lrkhKWPtmfcGrSYnMjFhNSHQekSEhp1l4kTAAAAAAgGchEuo6IWylJsb4bkZo3WOZEVYKIjMmfollLU0lt2uVNsh9iVIEcrpnTsi/UXLC03LdnhNzWqQbtfnilXO8pX55dWMiKtuoPDpmhHdS75oTlikRjTnCMyQ8gyIzDXYSEpWkhByfNd3bLwwJAAAAAHhFsgtyuueENgKs3/vSjJjGglWSUTEmdAJDaxidnJiCfY5bC/hI33gXmbVBYZVxeMZEZkpETTB1csIyJqJeE3q/xvhpzLysxnkZY2Kht0S03DyZLXNC1xRFpkT17hvWdL1+y5zIkhMWVnKi01uia1Lo+V5PCb0tz6Co9pGI9vvlarIAAAAA4LlZuEuHjvtb6QkthHVyQhoIOjkhkxJZckJrA6+kY07zek3IfauYEvP5LI2QaQmZmJCaRxoJXgIiSkpY5sRc32+xTW1OZL0mLH1inQsv2WviZYyJAM94kK89gZ8lJvTryHiwlvGWX0lKRF/cKClxy94SXlIiS0x0+kvo/QYAAAAAeAW8uL8u3dbJCauEwuo14SUnvGRElqBY6TWhkxNyHywsbVdNTngGRSUpoZfRhoSVmJCGjBzfENOt3iJDzHtZ3sGYsOiWbnjmhHeHjazBZXZb0Cgp4RkVQz0/0VtCvu72lqgmJbp9JaqGhPWP9cs4igAAAADwmjTu0jHUNOuvTk7Mv7rfhNQYO8mJ+dfqNSEFvDZK5EOO2zJi9L5LLSSTE/KRJSc6SQmr3MMrj7EeUa8Ja3/fglc1JqyyDk/EdwwKy0TQ0z3DoXLHjq4ZYRkSFpmor5ZxeAZDx7SoJiV+q/FVzQnXlAAAAAAAeFI8cyJLTkhT4mt8NyQyMe3dNlSbD7+M1zIx4f21ek14v/GjxIQ8PlZaQiYmdHIiKunwyjysFIXWhTu9JqwyFm3MvJzGeXpjYqG3hFX6oE9gy5yw0gxZz4gsKWF9ya3XFXMiYzUp4ZVx6OfZPMvg2O0tUU5KAAAAAAA8OSvJCW1ODPHc6zUhtZD+DW+ZEt68T7Xe32qaVWIiL7zq1ESEvmCrkxOWKWElOaLkhNYvVtJCJjF+G9v6FK+lmSL3I0qJ/DClXqXXxNMbEwGe8SBfe0J/NTERlXNUDA0vMeG5aXo/NZ2URNRbIusZ0UlLVO/G8aX+VlITet8BAAAAAF4JLdSt37zSmJg9G6T4lyaA1WviY9TvzvG38VqK/agZpv7975VzeGUcQ023UhOevtOphigloUs3rOdWYsIyJeS+6/ENMd37nF8yLTHGaxsTFt3Sjcyg8MozsuSEXk+WjqiYE9pF85zS7BH1fqiYFZUeEtXeEpEh0eLZHUQAAAAAeC+MXhNVLD0gDQr5sHpN6ASFpQO0QWEZFlrXWOUinjGhkxP6+RDLzH3U2kjuk2cQaF0WJSe8PhNWYiLrMzETE5bx4qUmXppXMyaisg3vRK2YFN3eElmfiaz5ZTUxkZVyrPSW8Mo2qoZExaiQfSw6ZkSWlHibLy4AAAAAvD1WaYeeP/9aZR06NSF7TeikQ5ackNrISk1Y79fmxNRi3u/9qKzDS8tLjeeVdFi9JuTxiPpL7PSakJ+DTkxYqYl5DOR+voz+eSVjwqvN0dO8k9ZKKVhftKy3RLRMZHhYX/LIoIjwDIiKGWH1gdhtbinX423zkt4SJCUAAAAA4Jk5dJcOqQvm8tKY0P0mZMLhb/E6S054qQnZdyHSOJZpMsZ/xkIlPWKVSMheE1aPCS/pYBkSnilR7TUhj7H8bDw9W+o18ey8kjEx8YwH+dpLIugTpZqYqKQlIrNCP8/KN1bMiU5SIivf6BoWVm+JSlLCMyj0/un9BgAAAAB4ZaJeE1OseqUc+rf1NCV0akI+vMSD7DPxWzz3mmNmqQkvOaH3M0tOROl4aRr8EsfAMhisxESUmrASE9oI+RSv6TXxD09rTDRrrTxB75VueI/IYFjpLWFNt8YUjV+7ZvqLm/WY0CZBZkhY6YhKWsJbf2ROWPsxnPkAAAAAAO+Il6CwSiCsco4x/NSEfHg6wbrQqlMTlkGhSx1kyYMuaZDJCS3KPeFulXLM1IQ2DKSJIJMTllFxqtfE3LZlwGjtl+qdZ787x9MaE4qobMNyzSzBHxkRlVKMKC2RGRVW+UY23siY8VIS2pyQ/R6qhoSVjPDSEplJEaUkspKOMX5+gQEAAAAA3pHoSroU9hKrhCJKTUS9JiyTwruF6G/110pNTMEukwNe2YPeJ/lclnJobfU17LIObTBUek1ketHrNZElJqzUxNwfuZ9Pr4lewZjwEgR6GWs5K5lQSUpIg0GbDd3eEtZ8PSZrX63XUfmGLo2oJCU8o6LTU8IyJXZ7Slh8W+ZZnUIAAAAAAAun18QYtRLv+dfSB9qg8IwDr9eENiWs1/phrV+XW0hh7mkDrZU8wW6lJuZfnd5Y7TXxe/w0NCrJich0kcdgqOlD7d9T659XMCYm1gdoRXis5IE2JbpJiewR9ZbwzIjKwyIyJLzURMeA8HpMVEyLyJSomBOkJQAAAAAAbDKRammEubxOTmTmhJX8lv0mLJPCSmDoabrXhHxoPeBdkNavPV0ojQk53k6vCe9hHSOrZEUnQ6LkhORlDInJ0xkTC/fx9U5YLynRMSKipES3t0TFoDAPifo7n3ulEV45RdQPImtqmSUnukkJOd3bZ72/YwySEgAAAADw2izcpWOIedKMsJIT8q9nTkRpCf1XmxRaZ1iiXfa68MwJvb/ePnuGhExOdHtNWEkJr7RDr0cbFZ/ib5QWLxsQz9pr4umMiYQsYRAlJnYSEVlSotpbojpeTRTPqpgUUW8JLymRGRad3hI6ySH3KyvreKovHAAAAADABegSAO838lxGGhSyj4PVa0LrpajXhExN/FbP9fs6vSa8x8f4ue9DvZYJhLms1lvSKNBGRNZrovrwEhNzn63EhNy3SAc+Pa9mTHhoQW+ZEd4jSjx4SYm/xk8DIisRsVIccrwZFSNCf6my3hLdUo3MjOiWcYxhmxEAAAAAAFBDx/7l72yrnEMnJv6o1/JvlJ6IkhNWr4lfxjZXSzokMm2gUxPaIJAGgpd0iHpMRAl5r8+ENSY59pcp14h4dmNCukeVh04gVEyJE4mJqN4oKt2oJCWidESUlLBMCa9UI+ovUTUnqmUcpCQAAAAAANbxSh10CXiWsta9Jj7E86ykQ6cl5nMraWEZHtKckMJdpju8kgfrdaQPtTlhacHVXhMyLRGZE1liIirtl8s9rU56GmPC6C1RSRF0Sjqsk3A1KeG9P0pjRAaF3p8x7JMu6tXQSUpkiYlK6cdOUiIyJOgtAQAAAABvz0KviciY0E0WrV4TVnLCu/tGlJywdIcW7XKbWrjrUg6JV9Ji6cG5jrl+Xc6hx2yZFV5SQj/k++UxlA85Hm1IVJMT/y7zbL0mnsaYCKgkDKwT0UpMWF+cU4+olKNinHQSE1rsV3tLeEaDl5So9JSwTInIQPHMCdeUAAAAAACAMYZvTnjJCavXhHzulXHohIM0IrLkhGVkWELd6zURpSaii9leEkEaA7KUY7enhJec+K22I7dvGTF6HzyeWh+9gjHhESUjvKTESimHlZSIzAmvpki+lvug98nDE/tZn4lOYqJTxqHXHyUlrH2IeOovHQAAAADAhVhJAj1fL2clJ2RiQmoWq/QiKufQusrTDzJRYD10csBLTUy0ISNfW6mJ+VfrwZmmiPSglQCJkhNZOYdOTUxDZWqol+NZjQldK6TnZYmJyJCISjFOpSW0KRGlPrKaoigtUTUiKk0tPXPCWr5avlEp6RjGcwAAAAAA8NE9B6wyAJmYGGK5anLCSkx4poSlLSwtFiUnpGC3UhOWXoq0otaGMr0gDZITqQmtK71yDistYenaMX6aLnNapeTj4Xh4Y2Kzt4SXSsimR2mITkIiSktY264aEfLvfJ6lJSp9H+6VlND7VuZZaqYAAAAAAK7A6DVRxevRIIW/7jWxk5zQF209PaJNASnWs14Tllgfapo2JHSviZXUhJegkNP+iPVYpoQuK5EPmZioGA//LvMsvSYe3pgIiBIR1rJWOUeUkuiWdETryEo5LCMl2h+dJNBpiWrpRpSU2LkbR5SSqCYlvN4SAAAAAABQJ0tNeMkJbVBoXWEZFJEpoZ97yQkt2mViQiYndGpCpgWii9uyNMLqNWGZEnpMu/pQpzJkbwkrNaHR06PP+Cl4ZmNCUy2HqCQlqk6Yl5zQ8+T6re3OMcl9yfDEvBb6lTRDpVzjxK1BIxPCS1DoZMj/DtCDO34AAAAAALdk4S4dc3p00VOWdFjlHF5iwjIp5sMyL7QukfOkftNjs/REpqV0iYtOTWjjQCfqvfKOzl06onIOz5zQRoWVEnlans2YqNQIedMzU8IyD07UEEWmRGaiaCJRHyUSdPlGlH7o3BK0mpiIjJOqUfESXzgAAAAAgBui0wNRObVlSnj6QpZ1eMZE5VaiVnLit5j3aWxbmglWrwmJl5yI9KLWhpZRsqsTs0dmTsjP1ft8nyo98UzGhFW6YS0TnVxZUmLXkOiceNIo8QwJ+TpKFGSGhFfKsZqUsKZb29lJSwAAAAAAwPV4iQkrNSENCStBEZkRUiN5yQn5sModqr0m5L55JQ+WbrR6TOyUcEQPKy2h9aFMc3yNn5pR6ygrIfMUWuuZjImJJdy9aRUH7IoTzVpfdtLtJCaqvSUic8LqJWE9t6JWURnHSlpC7i8AAAAAAOxjlXbo+VlqQhoUMi0hkw5aJ3g9JnS/Cf3Q4r3aa0LiJSbmc0sveiUdcr9P6kVZGiKNEW0MWakJvU9PZ0hMHtaYaHaVzUo3rHRCxf3qnnReAiNywPS0KlEpx9ewDYPMWLAMiSxJYZWKeEaJTnZ4XxbXoKC3BAAAAACAz2KviSHme4kJLykhX+tmltqEyEyJE70mqppK79dQ+xslJlYMCmt5LzVhlXPM/bYuZqca6dHvzvGwxkSC9WFk6YPo5LoiqhOtOyrjyL5IUdJgt7eEl5DQy0eJCe/hJSLoLQEAAAAAcC2rvSasco7512reqBMTXj8Jz6BY7TVh6YlIV3kaUhoCVnJijulkst5KS0hzItO4XgnLU/GsxoQmKuewDIEVAyK6C4d3wkVJiciQsNwvT9Br8X+yt8TqbUG9nhJ6usfTfZEAAAAAAJ4EL1Ugdceff57rNII2Jjzd8Tls7WElB1Z7TVjCXacmpK7wSh48c6KSnMj0oyxLiR5WckJuW/eYkPv0dGUbFs9iTGSpiJHMz0yJ3aSE935v/d4+ZImJrDfDid4S0bRdg6K6HwAAAAAAcB3ZRUIp7K2SDkt3yKSDZUxEWsQyJKSol+vX5kSkKzxtpctcLP0oExPTGJGJkNP60TInPANGGxLefn6p5R6WhzMmjN4SWWlDpXzDMyVOlGxYaYpoW5k5YR4W55EZAt3eEl6CIjMlPHMiSkxkfFvmUWuhAAAAAAAeEafXxBi10vFOYkIaEZ4xIRMRuozDMiW0brESE7Kkw0pNeGmJYUy3TAldymHpx7/EOHf0pGVKVM0JKx1i7ee38+HR9NXDGRMB1sm0Y0pYJsLqiWSlLypJiWz/JCtJCZ2WyHpLdNMSnikhx9XpLfFQXw4AAAAAgBcmE7JzGW1KePpDmhGdxISVmtC9Jrw0wYleE9rA0HrSSzbo5ydSE1Yao2JOWPviTXtInsmYkFRKOLQRUElLdE6qzOSwTAltUMjXer+y3hJa/Mt/FHZ6S3TKNzxTwjIodElHZET8O/3RnDwAAAAAgGciuUuHRAp5+TteTpNGQGRORMZE1mvCSkfo1MTcxh/11yvliHpNzP3Rr+f+VpL3nYvd3jJeasJKc2QlHU+noR7dmLBSBVbcRs+3DAn53DMRTiQmrJPTMkqscXtEKYnTvSUyM0KvPyrh8Eo6tIupnwMAAAAAwHVEvQf07/LIoPDMCXn1fyU1oW87Kg0PnZiQpoRMdXR7TczXWktqc8IySFb0Y6RJ5zalhrXSEnI/LONJGzIPq7Ue2ZioCHfLfMgSEpkR4c3LzItKUsJLTmR0yjg8gyLrLdExK6JtVMyIh/1CAAAAAAC8OZYxYZV0TGPi9/iZoshKOqxbhurXlo6x0hRSE1mmRGRMTKSGnPv8Kf5GyYnOxevs4aUm5kMf/zleue96v4aY/rDmxGe+yN3xEhHesl45x4pJ0S3niMyJnaSEfh2ZEZ2Sjm5aopqUyJIR1ZIOAAAAAAC4lurv9c5F0mqCeyW57ekQS5dY+2iRJfEjDXlSU0ZaMtKV1r7o/XloHiYxYdyNI8Iq2bBOGu8k6tT7VE6yzIywTqIoeqP/esLfKpuw/kGoJiX+duZFyYvoH6ZuSuLfZegtAQAAAABwjkavCYk2J2RJh+x5ILXAvOqv+07IEo1fw09K/Bq+hrESEzItIccjxzv1mC5t0Pvp6UudUvD0ZTStoj1lCYzehkxtyCSIpTFTLfVod+d4hsTEGPbBzsyJajmHdLpWXa2sTigaa4Q+STJ3smIkdBzJSslGJTGhx26lJR7iCwEAAAAA8EZ4v8urqYlOWXn1AmqWmMh0i3dhNNMb1YvfkQZcSUtUUhP6wnumLzua8yF4mMREkyhqY6UVVko3Os7WiZPHIvvyZwaFd3tQLymhp8l53he+U86B+QAAAAAA8BxYSW6tS6aeyQwK3cxSpiIqSQl9+1ArOfEpns9xaR0SlT/I51ZiIrvQvaov9cPrMxGlOPTYn053PaoxkaUiRjJfGhJZcuJEHdAvZ1uZKeGRuZPalMicw93ERDY/MyKytAQAAAAAANwXKd51fwYt8rPkhBbX2kg4oU+8Uof5V49R7ldkUETlHJbWs8yEExrT2pY2JPQj2z99HB6GRzQmsqhJxYjw0hKdkyBaptpfwjMl9L54VEyJE9Eoy5GUKYqsfCMzKjLoLQEAAAAAcAMu7DVR0Seyx0SkRXZ6TWTmxI9DYuxnZE5EpR2ZdqxqT6/XhB6P12tC7ovFw5kTn/ceQIB30lQenbTEiqMVrcs7cbQhYZGVQWSmxK4hsVLDFSUmrH0axnMAAAAAALgf3u/07Le9l5jI9MRp3eJdPF0pM8/KOjINuKovO6mJqi6O9u2huHtiong3jm4JR2RIVJ2sTi1Q98QxD4XxWn/RK/8AeF/4Sm+JSmSqa05QsgEAAAAA8LzoC4qWJpk6xyq3qF5IrdylQ67HSk1YYxvjeymKTkhULojPdIIu55Ba8c9Y05OeJrXKVaTO7JR0uHrsUe7OcXdjIkEKeUvUr5oTO05W5aHLOKoGRSUxob94VzqQv9X6uiUbWVoCAAAAAAAeCylqv9R0rWEyvTLFtRTaJzSKVeqgjQpd7mDpFktfyuezwuBLvPbMiVvozcyUsPblSz1/SB61lCOKnmTlG52TwzpZvOUry1qmRFTC0SnpuEVvCc/gyHpLeMmOjH+X+fj4+Lq3SwcAAAAA8C4Yv7+rv98zHRDplFuVcmTlHOYhCV5XL4J7JRqR6dAp5/D0Z6eU4yHLOR7NmIhKNqxpXlKialScqPmp9Jaonihj9BIT+st975qtaB+G8RwAAAAAAB4H73d79Xd/djH1igupUdl5t9S8quMqmlBOP5GYsPRuRWtG0x6Gu5VyGL0logNTPUEqzlXl5MlSFZkZ4U03D4X4G33RLUdSf8ErfSOiZaq9JKLX+h8AAAAAAAB4fqRu+aPmfYz/ygtmqUNkTshSDEuv6N4S1jJTb8n1WUmOz+HrLL0PmlWToqopox4TWa+JqMeE1qCREfM1xv17TTxaYmJiHcwoNdGNu1Sdq0r0xtq+d0JUnamq8+glG045kXr9WVLCG/8IlgUAAAAAgMcjSk14y3r65Sp9kumiqn7RWBou0qCRJq2YE6tJfU9/yv2w9uHhePTml5qsfKOTmug4VtnJsFO6ITnVW2L3y19NShzpLVFYHgAAAAAALmD+HheJ9q+RaxepA8b478r7nJYlJ3a1ip6mExPyIdMFWmtl+6mF/Uxf6LRCZiRUSjUirapTE5b+/TKmP43WepTERJQoqMZn9PPKh96p86k0IomMiOikr9Rqef0lTiQmvHV7BkWlxmyov/SWAAAAAAB4DqLf8ZVeE1mfiav0S3SRNRq3h5far2hOz5y4da+JSGPrfbwbj5CYqByIqCyielJUDQYvOVFJTVSiNN7+WskDK3pUdRxPfcmjh5WYGCP/ggMAAAAAwPMxf+PPq/E6MaGTBJ3Ud1WnWPOsxITWUJ/q9Rj/aTepXaRek/tr6dC5XktT/h62fqwm96v6VqdC5BiryYm7pyseJTExhu9Gectm0Rlr+kpX1IpjVXGtLLw6p1W38WStllejVUlMWPsCAAAAAADPR+U3vqcTqsnsq/RLlpgYxmtNJ7mfXRzfTUxE2rejoeW0h+DmiQnjbhwRlUiKd4JYjpSXiMjSE9VYzTwpvP34dijU8+hLnJkTpwyJKDURjYneEgAAAAAAT8zBXhMyNTGv5Fsa5nP8TDzsJL+9PhNSt8gEgdQwkZgfarm5X/P9J7Vk9N7f47vm7D7kfrjc6+4cj1DKIYlKNnYcqiw24yUluvU9eiyRYzXGz5oty5zQhkBmKFSNCP3+rGQjcho9h5TeEgAAAAAAz8s0J6Lf8tLAsPSMZ06cSEtYukhqvzldljzoMcr9qyb2PV1a0aIVXVpJ7lsJfl1Ko8s5oovld+Xz3gNIsKImUblEJT7TOVEq77XGIser98eiakp4X+KOQZHNq5oSXhQKAAAAAADei0grRLqmo1UyQ2L1YqunZywtt2JK7N6do2JKeBpZj/1huXdiIktFjGS+dQJY07rO1G6zy2x/soRBxZSIUhTdeiwvieHVZHUeAAAAAADw/Hi/7aMEeNRrwko2rKQlMkNCPqLkhORD/Z37l2lSz6DYuTuHpUet7WRpCb0/kkoy5lLuaUxUHJvsQ4+SElktz44pYcVmLIPCQn/YuiTCMgJOmRGdpIRVkxWZFBH/zqe3BAAAAADA47LQa8IzJqRQnsL5dDmHpYWyO3TIscl9iF4P8VpfXJemQCfB32l82UlOSNPFMyg87mZOfN5jowrrJK8mJqomRceZqiQl9HY8M6IamclcxfnaMxG6X1rr/StlHNH45T9QAAAAAADwvGSpiJHMz8o5vGk7F1p/O9tdSX1n+jTTi90kf0WfZrq4U9Jx9zKPRzAmJPJAZQc4+9CryYnV91gfdnQCSKoxp0pawquvOtVbwvoC6/0AAAAAAID3JTIoVvVNVcOc1DcWlQvm3QvlXV3auXhe0acPx6MYE9bBs+ZHiYmu4bDS/TRKSlRNiUnFqavUSZ0o24i+vBU3sVPWAQDKCwsLAAAgAElEQVQAAAAAz01FE1T1zW4qvNNnYiUtMUbdnIi040pyolLKEV3Qt8Zs7cPduVmPCVGjVKGSRqikJbqP6klgOVIrH+zqF/eUkxh9gXUZR6Wkw9q/McagtwQAAAAAwBPR7DXhmRN//nnPfP45+hdcV1MVlV4T+lHVcp4u/TNsjfrrnzGtJicqj0qaYz5SbTY/91vpuHs1v4zMBr2MtVwlzdBJSqyeGFVHauKJec+QmM+zpMNJFzH64urp3j6RnAAAAAAAeD3mb/wP9XpOk7pBT5NGRVWPdHROpJk+x3c9M1972kzuk/VcHoedi+a7OtXbpjSBLLMlMphKxsVpPm+9wRG7UJHAj1IK1fTDqvPUdaEsvJqrndorb5r1nsqy2ozQ063x633EkAAAAAAAeG2yi61yWkVrVPROZl509E6WopDjt6jqwspF9NVkfyUtEc2LuHl5xz2MiUnFoDhVvnHiThzVmMwY/oed1WBFpsSOgxiZFt6XM4s6WfsAAAAAAADvQ0UjZHonSolf0Wci0ztj+PrG0nyZXo0upHf16k6639Ks1v7dhXsaEx5V9ylLSqwYF5lBUTUpMnZMiWpCwppfTUtkpkTZiPj4+PiivwQAAAAAwHPS/D1f0RBad0R6pmJSVHVS15wID4vxqJgRniGxo12rZkRXs96UexsT2cHZMSgqzpP1oVZSE9G4sw85KumoRI2yuFK35ioyKKIvZifqBAAAAAAAr0Wl1Nua302In9A8kdZa0TWWBuyUcFgaNLprZKXXxIoZ8TBmxeXNLy+6G0eWYshSDxX3auUD1/vhHpbiI3MOq7VXu70l9DLe/sjXAAAAAADwenyN/7TO/N2vtY/UFXP+n/Fdz1VTE5ULrFHCQt6do6rDsjIHud8rF9BP6lVPH1e0darbbnV3jnslJlYdHH3wq4kJz43qRGh2IjG7cSbtGFZTE9GXdCUxYdVeWfsKAAAAAACvS6QDMh3R0TwruqeaFO+UsVvspvstHWqlJSqGhdxWNemv92EEy13OvYwJj+wD7XzIVz+qkZfoC+l9EXaSEtm8qhmxUmv1L/SWAAAAAAB4HRZ/33dT4rsXZSvzPf0V6Z9KacejaVRPQz9E6Ybm8lIORebU6NerRkTmPFWTElUXLPuAM8fQ+kJmsaZuUsIyJb6MbVXjTdoRBQAAAACA90OWNVhiPjMkPoevf7rmRKV8XU/7NMZm7ZtEa9f5dzU9kSX9V1IU87hGelV+Zvq53P/LuWViInNkoshJNw7TdZZWyzi8fctKOuTzLMq08ugkJbpxpggMCgAAAACA96CiDbLEeFXbeDrn1KNz8TUzKXYusF+tX/V4suTEzVIVt05MTDq1LqsGhecy7dwXtpuY6KQPoi9gFkvKoky7pkS2P2P4X1wAAAAAAHhNvsbPpIREXnnX2udz2Dqoak50++zN6Z/D1kGVC7Mf6q+cvmtInNCuK+l+a39uru0uS0x8fX19NO7IYR2sygd7hfsUfbDaVYo+XP1hegI/cgwjgyHqLeF9aTN30HILh/EaAAAAAAAgI7rQaWmR7MLsTnLcK23PdJDeHwtLI3p68kTi39Os0bwxbI1d0uxNfd/mMmMiwDoo1jJe1OTTmB59wNb9X6u9JbT5EZVyVD6kSpwpcg07aQnPIfxjbCMr37DKTzAqAAAAAABAUtEQlg6ytEmkZ3bvzhFpsY7e8XRhV8dmmrXaXyLTsWPk+ttb5lLuVcqhyco1IqdpJSaTfZjdSExGt4xDTsu+WFlSYrV8Y+WLefn9bQEAAAAA4H7M3/vFq+dVc+Jz2Loo0jiVppdy+q9hGyEVLZTta6YX7538zx5313C3Skxo5yWqbck+yMqH2HWWVj/IjCi6JL8QnltYdQYr9VTR+isGRCXaBAAAAAAA74mne7xls8R4Vt7R0UfR+rUu83RPJ0HRNSpOa1tvGxUtW9XuR7mFMZHttBUbiUom9AG9h9Pk7Zu1r96JrhMLkTMYzY/SE55zGKU2rPFa+4RBAQAAAAAAFQFf0RyeUeE1+O/qpJUkuZyvibTgCUNiR7vO196YuxfeLzcnbpWYGMM2H8bofYDZB1rpK7HSXKSboPAcwsgMqKQmTt+NIyvZ0NO8f2QAAAAAAOB9iXRCpjOy5IRnMHT1kZeWqCQmvP24IiFh6dhuciIqIfF0+DDm3yQtMcYFPSYWO3V6aYSrHSbvw7S2W/2Qoi+cNa3yBew+qqZEZlKUobcEAAAAAMD70Ow1MfG00Mc/fz/HGa3TfXhaSL/+ENO9RILWjHOfMl27e3eOqq7VY/kYDe03P+/T+u+WiYlJFh/ZdZo8B+mXem598NqI8D5QuS9e+YaVMujWUFVrpyo1VJ3ERJSkaJsWAAAAAADwNmQXZaNH90Lsrk6KtJnWcXrfJNlFdqkro0SDp1NXeyiuaO4xbI17KfcwJiTeQchKOa5IT0RRl6x0I0N/2Spfvl0nsNJbomJOZPsFAAAAAABQ0Q6ZKREZFd2+El2NFY2lSvdC+1W6NtLRkfa+G1ffLjQyG7zlM2epmpSoJCd2HKWMqhNYMShWa6esbXwZ070vXJacAAAAAAAAmMwSB08raB3l6SRtDlQuyK7qJWsbn8bYdDmHx4mKgGpCItO2WkP/Gbmm9SoCos91mysTE9EHthIpuVVyYiUp4e1rlkLwyjdWncCuUeGVaVCuAQAAAAAAp6lokI4RcSpZPjWSN85IH3n6cMWQuEVSYuci/GWpiqsTE2PUnJjTcZduDU7FAInGO/FO2sgJrKQlMicwiyVp5zEyJ6JxAwAAAAAAVNEaIktMWKmJSmlGRSt1UhM6MeHt04f6q5ep6syqtq3eadLT0ZkR4aUiLk1LjHEbY0LiCXz5/J6OUvShWeOXRA6bNc0zDPSXrOv+VcwJr3ZKL5PC3TgAAAAAAN6X5t05pO4Y4z/BO6d9DlsvrWqfynu8UntPy81xz+lRYkI+r+rPW1cEyDFa+3cTPm+0HcuQsOZbH8bOh1TtL1GNu3j7M/F6MFS/XNUvkPU6ukdvVrNllZhkzwEAAAAAADyq+sK6cOqZBFHCvKqdOo/ogq2XLOhWBng6t9MrsXsxPirdqOje4xwzJr6+vj6a97CNRL+1zFVOkrVub5vdDyZKJ+wYFbtfrOxR2S8AAAAAAABNVU9UHlm64Wq9FF3Mjehoy8icOFEZ0NHcZa27oP9DbpGYsCIsw5jmuUedD2ulW6l1gujpHapfrIpBUamTymqlOqaEtQ/DeA4AAAAAAODh6YhId1TNiUw3ZTqqmjKvJswreDqzctF9VeNaF+GzKgE9XqnlL+UWxoSFFxnJDIKTTlLVqNBj02O2qAj/W6QjqqaEHjcAAAAAAMBVdA2KW6fMs3FZRPpWv65o0dPJiUo1wM1KNzRXNb/Uzoq3c55TE5kUFbdIv658sNG2vTFPvJPU+0JlX7LO3TgqUaTI9bO+ZCtxJQAAAAAAAAutKT5Gz4yoGhQ7d+ewtv0ZjE/vj/yr93lV51pattt7oqO5LeZnpf8e5QpjInJYOgfF+qB2naNsG5UYiyYyI/Rr7wslp3Was1RNCmv7lQSFC3fjAAAAAACAycLdOeZfS6toQyDTRN1UhHyPp8+yC7jahLD2O9OXWbphV/uuGhRzvFE65Kge/Dy5MoUVW5HPrdfeB+Qd2Cw5Uf2wohOj4iJ5ZIkJ74vgfcl+O9MzU0I/jwwIr8QDAAAAAACgi1ca4S1r6aRO4jzTUpFmipLuXU1Uufge6d3sYWlfTzNXjQjvtX5+nCuNiQp6R60PSB/gXefIW2cnJeGRxZCqEaTTj9WSDQwKAAAAAABYwTIkrGVWEue30k+RntoxKqxpV2rdqJJgjItNhwq3MCa8nY0OhOcoWc7PzgcVrT9ykDSWgI9MimocyaqFqqQmou1njzHsLxmmBAAAAAAAdIh0RVenWIlwLzmxqqOs9ERkSHgGRbVCQGvPUxq3om8zravnXcp2j4nmvUuzuEgUQfFMhB33qBprsT4k83CMn18066SufKl23D3PoIjSEyXoLQEAAAAAAB7NXhMTz4j4NKbdS0fNscjxWvv4IZaLzInKhfhd3esZIfP5n/Fd62rtm2q/+Tnv6sQr78oRifrqB5QdyFMfVGZE6LFKIucsih51UxN6eid6pKeP8XO8w5iPCQEAAAAAACeQYl0/10I40zOZHlrt1ecl3LVBovdp7ov1XC9jad2TF+J3LsbLMWpzRXJcJ36eXqFDJ5WgP5yo5GLXiIjmDfW8QjV+dKtHVKrRSU5gUAAAAAAAwAqZzuholltpqEhPrSTPs4vzFc26o4G95x3D4lJOGxPVgXcNCu38VD+gbLnMKRrGc4l1MmYnbzcp0bkTR2Xb3pco+gcBAAAAAABglchssJatPqrJiZVbiq7oKQtLV1b1b5aCiJbzdPQJI+K4YXHSmMgGFu1o90PZjbJ487wTxSIq3bCmyS/PFa6fXtcVTh8AAAAAAMBpqgZEpHlOpc0z/WSNV+6HhXchvGI6nNbEFSOialIcMydOJyYmWSmEdyB2YyudJEXHJfL2wzo55XPPlKh+OVY6yK4+xvC/SAAAAAAAACfJtNNuYqJyp8PV1MQInksibenp4GoiYsW4qOrwaD+OJiUmVzW/1HgOUXbwd40Kb11doyKj4/BdkZTw1nksKcHdOAAAAAAAoMrBu3NU9c6V+iobV6d6wNPBHXNi1YjwDI0/47v21e+7XAtelZgYI3ZUKomFyECwoigd12jXiJDo6M6Oq6fdPe/1amLCGu8w5mNCAAAAAADAFUSpg6GeP7K2ssZbJTMMKtO8Mo1o+aoOt8Y7nHlHWDYmvr6+PhruV6VMwjqIu2mJ6oGP0hx6rBbWl0s7bNZJfsrVq3yJ9NgqyQkMCgAAAAAAOEGmOzoa5modpadZOmuMWE9Fule/9jTxjhb2Kge87XhjLWn+pj/wg9OlHNX0QSUpUUk9ZE7RCYfImu6J+oqjZ53YVXcv+gJ1DApNlqwAAAAAAADYZZY9aK1h6caqIbGanIgMia/h66lIC+r90RpSzl/Vw9H8qobuJib0vlj7tMWVpRxjrCUWogN1wiHy5lljtojMCP06S06ccvU8IyL7MgEAAAAAADwKlYu8j6CzLO2n98Mi058dLbtTQbBTXXAJpxIT1YF2DYquyVBxi6x1nDr42Reom3iofllWjQgMCgAAAAAAuDdTk2j9VTUqTmiqLEmxe6FXpig87VvRw5XURFVT7xoRc5ltTXnCmMgG7O1YxZDYcYf0B2U5RNkYM7Joj+XkZSbF6hco25413hTuxgEAAAAAAKs0786RpRIyXXVKZ0Xbix4dPemlJ6KL6Tu6eMWMkNMjXZjNTzldyqFdIGv+SmoiSkl4SYkoVRF9CN5ziRb2nhHRNSOqPSW89Wfj8vaD5AQAAAAAANyaVb0SXQw++ahoPGtcmkxvWjq4kobQ+railztGRbYfxzhtTGiqwt9LNuy4Qt66ogMeTbfwnDw5fyUytPvFqTp7HpgUAAAAAABwBZkO6STRTyfTM/1mjXOMWF9V9WZFu57Sxt704Tz3jIpjXGFMRA5K9YOolGNE06MUxYorZFFJTGRfkOoXJ3r/StQo2w8AAAAAAICrsC7oWvO7BsXVmquSmLCoaOPMnIiqASp6ObqA743J24/jJkXbmGjenzTaMe8AWgd/xyHyPsSOOeGRRXcqX6bVKJG1jmoqAvMBAAAAAAAekUjDVDTVac1VKdnoXuCtmhLV0owsJWG99gyMaJwpTb/gX07dlWOM2qC7iYnIGerU0lSTFtZ4JFHqYNXBW3HzdhITesz6OQAAAAAAwC2YGuRDPZ/zqomJHSOio7vm689ha6yhXmuNae1355FVBXR1dDcxofdD7+8yJ40JSffArrhF3TqaigERfQCVJISef8UXxluPFyGqpii+wd04AAAAAADgFAt355h/o3IJSxOd1lyWrpPbt7SWNFes/bU0qNa/J7VxVW//KSw79+so7VIOxYf6Gy3XdYCitEMlEZG9zpwii25SIiu5yFIS2Requn1rzPo5AAAAAADAPcg0yonEREV3Zfqtq7ssooSC1+rASz9YKQrP2FgxLKIL93p/KoaTy44xUd1w5BBVDIYTD/0BeWPrHMzoxDvt3HlfgopzN4L5AAAAAAAAj0KkW6pJ9Ss1WJRUt15HRFr0itTESosDb6zVfSqzm5iYG9cxFP1cvo4cIu+gZwewGk+JHKCqSRFFd3ZKN6wvlPdez9GzHLvoi5NNBwAAAAAAuJKKRrHMCUsHVTVUNaG+mpiopCXk60zDVpMO1YqCLBkRTYueL3PCmKigB949oCecoOqBrxzUqnOnDYQdx84zJaIkhN5ulpTAoAAAAAAAgFuQ6ZJIx1T0167mijSdtV1rXB5VXZpdqF+pIKjqcDmeyzlpTOgDKp9XUhT6QET1NRUXqVs7U+VUYsL70nivK+uvmhBZsgIAAAAAAOBqvCSEt2xXf2ktlWmwSLudSExYVLRq1qqgkpzItHZHw1vPt7gyMaF30Hp+lRO0+rD2wSJLJkRlGiecOz3NG0c1KQEAAAAAAPBoVPWNpZFOarDMqNDjtfD05srjZI8JTxd7+v0STt8u1HNTVg5wNM07kJkDlBkS3nRP3GdfFM9I8FIQ3hfAW0c03fpCYFAAAAAAAMCjMzWLFsIVnZUl0qNUenQxuPKw9kHuh7U/c3pFO+vUQ1UvV/V1pJctnX9MW5aNieL9ZieRm3KlA9QxNarjrSQSsvknHDtrXdmXop2YmPcXBgAAAAAAOM3UG0V9WdE4mUY6qcE6OlBf6I4SE/p15+L9yR4TWTJizks14/x8q/pyNzHRGXzHiLDSEFlaYtcBGuq5JEtKZLVHUVIic+qy9VcdO2vcAAAAAAAAj4LWKFliompKeNMibVZJTszpn6Ovs6TAzy6gV42FSnuEqkauan3JssY83WOiIvyrBsOOE1Q5qPp5lSii430xTtQ1ZV8K60tQ/XJgUgAAAAAAwD2oaJVM61QuDp/SY15iwhpbBa1PIwNiqGVPVBZEWlpvr2JWLLFqTFQHYh3kaoJiNS1RTUZ4pkQlNZE5cZV6pY5r161v0uP1IDkBAAAAAAD3pqpLpNbJHpGeqpbMV3SdtY5svzwNmhkCFTNhVUtXLuxnLBsWK8ZEtiHPQak4LjtpiWpzzDnNGkeGFv7WiReZB6dqmrLERCVNAQAAAAAA8MisaJ5b6jFrnGPU9ZdnAFj6ttPKYLfKQI7PG2+2Xy1O9JiYf62NdxIS1YPVKf2oJCaqRImJykkfLZOd8FH/iaoJgVEBAAAAAACPTCVdUNViVR1V1WzdBPsca0d3VhMTlQvxp/R3ZEbMaXM/lzXmFbcL1c+1+2OlFYaadiItseIAZdM7on/Hmeue/NlYUrgbBwAAAAAA3IrNu3NUNFBHj2XLrV4U9sR8ZsBUjYVV/RwZICN5nu3HEieaX1qDlPMiA2LF2ekYEB3Hx5p+6sS3XLusnkmvq7Js9MUYzjwAAAAAAIBHI9IwldRCR09ly5y6cDypaNLqI7oTR9fgyHS7JvICWlx9Vw49L6uVyepjMkeoa0p4B3iM/ISKTvxTiYnqlyobGwAAAAAAwLOSaR69XKanbtHzz9sPC0ujVk2J6t03smmeYWGNM9LRS+wYE5G4tw6qnr/j/lQ+mIopocdbpevQZSewTlZ4saLKFyFyFIczHwAAAAAA4FHQ5oM1PzIcolSEpb06uqzykPuQEenSbtKhopmrF/GtMURjtOaVSXtMFGt+JNbyVafHO5iV+piKieGNJ8Ny4eTzijlxC2dOjzH7MmBSAAAAAADAI/A1Ym0WaR9r2UxXnez5Z2lEObZMc2YGQcV08JIRmeaumBjWeEtacvoJWU/D1cRExRGxnJXKo3pblO56MhfIIjMh9HLWiV4xLDwDIvtCeOPMqJgWAAAAAAAAt6SqUzyNljWz9AyLKGlR0Xh6/JFZoYkSCivJiNO9G/WYPCoegcupHhMdh6dqKlQdHzm90rxDj3sVfQJ70aGK89Z15uQYsi8CBgQAAAAAADwzp3TRqi6LltO6cJVIq2YmRfcuHV19LseRXfRfomtMVDesnRX9/q5zc8XdODomheXI6fme41aJEGVfms77vPFjVAAAAAAAwDOwonGyRHqmvTzNJudniQk9rmHMl3iatJJcsLRyJ0HRKeGIdLS3Xy3DIu0xoVZe2bh1cLODabk9O11Fu05PZR8rDlzXmasmJfQ0axx6rCUDIqv1AQAAAAAAuIqpR4q9DStGgJ6WGRUne0xY4/D260MsW72wP6dF/Rard7WsXszPNH5mvJT05okeE9GB7poQ2bKVdXoHrzJeSXSC6/mZs9ZJPFQdu5VSDwAAAAAAgGcjMh46OinTaCvvs7RY9YJypqWtaZaeXtXQKyUe2XgrBtMPTvaYkM8jpyd6T6cuJjt4ervVZIRF15DI3LjMqcu+WHJceoyYEQAAAAAA8KqsaKNuL4lTqYkVbRYlJlZMBk83y2nZtrNp25wyJjSeW9J1eK56WGOSeCdP14RYddx2I0N6HzAqAAAAAADgGYl0zepF49VUROdmBZGmlFTTEVc+sptIDPH6iBGhOWlMZI5KZBBEB6XyumtKWAd6kp3s1jTLrTvtxFnzrbFXTAiMCgAAAAAAeESqeibSQ1UToqPP5HNre6sXkSWWZq0aC57ZUKk80Nvv6Pcj7BgTmWNSOaCnEhPdBh56jBmZAdFNOqykITonuzZQ9FgBAAAAAAAeFe/C8Bg/dc8tHlq/dUruq1g69ZQOPrEePUZr7MtGxckeE5ZjEqUV9IFfSUp8GuupOjuVg1ZJJlgna9ZPInPpVoyMMfa/DAAAAAAAAI9KdDG2c1G40+evOm84zzsXiKs6NtLT1V4TmZ6OxmMtu8WKMaEH6S1jzbu1w2ON2doXjXXieE7YKdct+qJUDRJvX6L5AAAAAAAAj0hH60R6aaWRpZWSqFwsHs60aJxj+Fo1Mihupaf19r3xLycn/uq+oYDnrmQHYiUpETlJ1hj0GDO8kztKNmQxn44jZyUivBN/qGVC5v2CAQAAAAAA7s3UJ19fX5lWm3rnQ7zW87LkQpZit+Zluk9OtwIAcswRWeI/08G36tl4lG5iojqQ7GCdfux0Ea0c1Mzx6iYiTj+iMY9gGQAAAAAAgEcmS0XIeacenpbLNJ43poyOdr0iMZEZEXrblX1pmRduYqLgVM2NVQfvpRiqZkPk7Hjb03Uz0Tg9IgeuckJ3urz+MZ5XjIiKUQEAAAAAAPAKdPVRRXPt3EEx021fw9ecH2JZrVvn80rrAq2RK5UHmSFR1flznqtFp7/gJferiYmKMzKXk3/1e0+7N9EtT7wxeGPWWIaEfL7isK2cwJ3l9dgxKQAAAAAA4BWINM5VOmtH641hb9ci0qqVC/FXJSe8MURjjsbvUjEmshVVHZRVkyE6yNlYvYNY5fQJ3K1lir5I1jgxIgAAAAAA4B3wNFCk305osp0Lzh2yC+2eHvZ09kkzw9pedV9MdnpMZAmEXaPiVokJjXdy7xgUnc6vOxGhUXgNAAAAAADwTFQ0z85F4xNarmpIdEyKeycmumkJnbQos3K7UL1hPQjPELCeV0yH6KBb46k4Oh2qJ5Z3slfrlronuvfcG6feFwAAAAAAgEfF0zOe7rGer5gVnbtzRBeL9Tg7ZIaEp2sjs6JjXugxVJISXZ39jV1jQuO5I/dKTHQO5Bj+CeN9AbyT+JTTFhkM8kvXHT8AAAAAAMCjE+kYSwdl+mnFrKiYGJ3EhDX+MeoX+u+ZmBjj+3iOccKYiA5g5qSsJCcyh6iynEVkPMxp1RMvqk3qJiS88VjTMSAAAAAAAODV8bSRNd/TVFW9Zr2uXriu6LkKncRER09XNLu1Xmv6FivGROaQRI7OysFZWY81ngr6xLBSCfN1dDLf6lHZF4wKAAAAAAB4Zqra5tZ6LLtwHY29o9Myo+BW+rrjBbT4q/sGY8NVh6SarFh1dCqvTycoIqdsx3mrmhJt08G7bywAAAAAAMC9mXrl6+uro9s8nVYxFlb1m6cDrTHI5braeUf3dvV2tp5szMtas5OY0EkIb5ndg3ELRyc6qBWHq+qUnXLcvBPfG/+ycQEAAAAAAPCAaNHvLRPptlvpN2vM1r5YeNo1Mg6u1teRUWGN15vncrL5ZSWhYL2+4v6pmVGRkRkCnfkd5626fW+sAAAAAAAA74KnhTKdJqevJCV2dWKFTF93kg6r+jravjfWJa64K4c30JMHrJqYGOJ1JzWh6ZoPVyUmsiQESQkAAAAAAHhlOproXokJKzVRoaNlr0hMZAaFtf0j/Ogx0ajlqSYYVk2GysGV25PP5Xut+V2qCQZ5cq7cjcPaXmX7GBEAAAAAAPCOVBMKnaRDlJyIEu/R9jt8iPdJTat17jCedy/qnzAu5CPc3+k36N6H1cSE59RYy12RjDjt8ER4J1hkFNyqRkmODzMCAAAAAADgPzytdA/95j23xpfxjDq76iGMMdZLOboGhZ5edVs6B8h7rtddoeqkee9bPYnleqx1ZtMAAAAAAADehV3dtGtWWOOJluskKDJDwHp+lRFhbT8ad5vMmKiuNNqB0yZExaDQ26ngpRMqBsWpx4keE9kyAAAAAAAAz4iXQIiWWdVdJx5yTJnWjLD0tJx+dTIi0vgdz8Blp/llxUnRhsHpphzWNqKDZ43To3oidc2GbldXa5vZctG+AAAAAAAAPAsVrdMxArILzyu9Ajv6zaOiVysa+MTD6tlY1f9L/Gh+GWxEP4+W188j52XHwbHWV9mX6kGrnLhXO2zeyVwxGzouHAAAAAAAwCMyNU2m4SytZGmrW2k5awwRev8yI6MaFFjV2toL8Mbp7ceXeu4SGRPRxjyTQU/znkdmR9fBWU1LeGSO2y1ObGssFYPERXc9BbwpEfkAACAASURBVAAAAAAAeFSmfknuGunpstGcfg8dV9WondTEToVCtm79XC8vp3na0523U8rhbUi/jlyYXRenmqTI8A7cvU9szxyp7AtGBAAAAAAAvBIdrXNvzVbVcpV9qSYjvOk75sSJi/8pJ3pMWNMq804frGj7kUGhTxhvGT3va/TqjXYarAAAAAAAAMAaKxpsV+uNEeu5ig6tXJhfMRg6QQBrPJHeX6JjTEQb0QdATz/l4FQPoN5Gtg+W6VBJRnjTd922yvqtfSAtAQAAAAAAr0wm+juJhpMazlpnNn0YryeeftbL3PKhx5aZEWWj4kQph7Uxb4CrO10xIqLtdshObvn6qtvMeNv1xgUAAAAAAPCuVDTTVReWLV3obVduf4cVvV1ZZlVv72rwtjGROSVXOzhym9b6rXFVqZzIHVduxYjQ64q2r79Y0T4AAAAAAAC8Epku8jRUpsF29Vy0fW8fKqzq4SsSE3rd3rjKrCYmqg5NNH3VlOjMl9uvUD15rnbY9BcnGgMAAAAAAMC7UzEK9HJXJeCrWrLCjq7W61ldNpuu57epGBNZ+iDaeNXA2DEoKmOIXkdo9+2qR7QNazoAAAAAAADYVDTVPbRelaqGrWjk3WSE3k53XjT+fzl9u9C50RM7m7kzkYPjjatL9cS1pu26apnjZz0HAAAAAAB4NzJ9VNFcOxquoxs7VM2AFdOhuw69zFFOGhPdqMgpB8dyYXYPlnWS6efW8ieTEp0TGnMCAAAAAADekYo+86afSk5424+er2CZCWPcTotb4znCijFRcV0q06vLdtyeaLreB4/sRDllQujn1rajE7dyUmNYAAAAAADAK1DVadV5HY22a1RY4/GITAZr2hVaujIt226LqjGRrThybjxnZcehyXY8Ohh6ehbF8Za7xcPatkc0dgAAAAAAgGfH0m3VZfW0W+u3SHPq/Yi0bCUdEc1bTUZE648omRR/zSdfX1+VN3QNCj19ZWej9WeGRNupUVRONM8E6JysnkMXOX4lPj4+MCgAAAAAAOApmXqmqFfHyDVUZA5UTAxrvfMh7/JhrWOHzBCoGgZdXR4tk43X3ef5ec7PN0tMVI2IzLmJ3nPiYY21cuJGJ5a1nDfvCqdt1ZTAiAAAAAAAgFdmVRNFhsSptMQYsa6LDI4MT/NGGvlEaqKq7Ttj/8ZO80vPOfGWrR4k7z3VZatjqgr4irNmTas6bpV1eeM64bwBAAAAAAA8Mx3t1DUnvHVU9eEYdc3mLZclG6xpnu6O1lN9TzSmJTxjouJ4REQGgjW/6uhE24nGXnVxJNFJqJc54arp9UTTsvECAAAAAAC8OhWN1NFXO7quox8rZCmF6nKraYnM8FjBfb9lTFQiGNEyVRfGW2fmynQOSNeI8E7aaNnTzlp3jAAAAAAAAPA/VvWVlXSIXq9cgF4Z46Sqf1cSEt1lMj+g4il8o9pjortTK45LJTnhbT96vsLKybfjqFnb9QwMAAAAAAAAiIkMh8hA0O89pf+i7Vbp6t8sEZHpbm9Zb/3ZeF26PSasQXobtqZX4iLRzq8ekAzv5LBOnKpJELlm3ZRFdbwAAAAAAADvTHQBeCfd3tWA1vTqeDO6AYGK7vbW0dX91vOUneaXEZnrsuPcnE5GRK/l9I7B0ElNZMmILGmRpTAAAAAAAABejSj90NVXFUOik4zwtm2N0XvdYeVivzW/qt+Pc8qYiAZa3ZGdZbLlK1QSCx0nrerGVd23aLwAAAAAAADvzoqmOqXnrGW893bHm2lkvVy1tMJ6b7a9ynba7BoT2Q5bJoWe331UtlE1Liys9IGXSthx0zJHrWJWkJQAAAAAAIB3pqqJopSEXmZX33mabkW/7WjgThVCVslgjUdva5kVY6KSauguX9mJqvNzEs8c6KQcsviOt35veQAAAAAAAIjpaKoVzeYt113/Dt2ggH7PajKiUuHQomJMVFfaWS5LRFTSEiOZXsVLQOhlVkozspiPHsOtT2QAAAAAAIBXpaKvIl22m5roaMsqlubVWlpPX01NeNv2Xmdjdjnd/DJKS1Tckx3HZqeEI3PI9HK7jlrnJPZOZAAAAAAAAPhOpUTDm97RctG8qvHQ0XZV/dvV3VlpiLe+oxULVWOiW4oRxUbk/Kpbkx0sb1zR6w7aUTvppOltYDoAAAAAAABcR1WX7SQl9PMVqpq2opk7qQlvWx3tn837RjcxEZkBK45N5NR0dzoac5cVxyw6Ia3lvsYYf/55VFMR1bgP5gYAAAAAALwiVR0UmQ7e9KrhoF9nurGjLy1WNHCmpbPUhN6up/O9bbfGHBkTkVNiDc4aTDSvm5awDsrR+MioRXKsaadctep0b7wYEgAAAAAA8A5UtFAn1bCr6yItVxn/LpZG9rR3NTXhzY+2Xx3bN3Z6TETuifc8OwDedqIDmb3fG3OGdRKtOF3Zydg9IXfjQAAAAAAAAK/KKa1WXSYyOVbHNUZd31YqFioVDJXp1ti85y12m19a8ZD5N4qCrKQlKs7MqoMj6ZyYVdfMm2ets4u1PgAAAAAAgFdnVwt1UxTRPC85kW03olqhUL3IL6d1khR6GWubW9UMf+28WZHVl3QMhO687KBV0CelfN41DqquWjeRUR7Dx8cHRgUAAAAAALwEU998fX3tXHBeLaHXy1XxthWN0cPTuKeSEN66I229ZUZITtwuNBr8GLZpoJfLUhN6O5HhUSUyB6LlrfdnTpm3jN7eqdIRAAAAAACAV6VbqhHpvorO08tlWtBabzT+lYvhkiwQsFK5oNdhrU8us8UJY2KM+kB2ali6CYgOmZtmTasYGNWTq3MSAwAAAAAAQJ9V3VXVeJVEhvWeVa7S4R3tfUSjrxoTUW2JXi56j5esyCIj1vqjaVU6jtb8u5qW8JIT1QRHdewAAAAAAACvyKpWii5My+erOq8yxl1DoptaqPaTyCofKutu0zEmMqMginVEcZAulfWtrDsqqfCWs+btOmlVMCIAAAAAAAD+Y1UjdTVZlrSozlsZb2RIdMoyqtuqavzO/B9kxkTVdfEGYi2X1bx4PSWqYziZmMhqklZrj7LtZtO7ywAAAAAAALwqq7op0meezqukJqL1dMZcpdIWYQxfd0c9JKrGxqp3MMYY469iV9OTBsVObcuVfSY01RPUe++qS5bVJGXrBgAAAAAAeFci7dSdrud3t23NP8kj6PCKV+Du9/QjTjW/lButzMviIFnviCsNikp6YdUhqzhylbEAAAAAAABAncoFYWteJx2vt7OTjI9YqVzQy3jmw2rlwhYnjYlsp7z3VBMb1YNnjadL5qRl71tdv5wPAAAAAAAAZ9lJxuvlq/NPpd8zo8Ga1tHblWWqxkULz5joDKrT48F6n1fTsmI6RCmMHVZctO6JaDlsAAAAAAAAcJZMe2U6r5qgj7ZRpau7KymJqh6PxhStP8Kcv5KY6KYTTpgDVZens/yk4lxVSzK893XnAQAAAAAAwO04od26unElRdHVvbs6vGtSLG1TGxMn60SsA7bi0lTrZ/Q2I7KTQz7PTpJO7dHKNkhZAAAAAAAA2FQ0UbfsQs+r9JjIxljpPZHNk3ipBW/ZVR1+SemGXtfpHhNebctV65fzqlQ/6CvEfsWEiLaPAQEAAAAAAFAnMh2i91ylB08uN0a978QOUQ+LI1jGxImVV82DiluTbeOka9M1DfTykZtmrc9a1tsupgQAAAAAAECfis7LekRk+s3SbSeSERU62jjS396y2bQuP9bxGc003nzSBOhw3JH5h8wMsKZnJkN3u5G5kb0XAAAAAAAAvpM1o7xab1UuPF+xXclVGrq7/WyZMUZ+V47TiYVqXYu1nWxaZd6kayJEJ/RKDdIuV0WLAAAAAAAAnpWdC8bWerK0hO4zcfoitsdKM8qKBq/0eoy2uewfnOwxoTdabWJZXZ/3/NZOUMVgWGmAMozXAAAAAAAAcJ7oAnP0nooOvJWu8/TwFX0eL9Xdu8ZEpxOoXiZKSmQ7fu+SDr1MJVVROcmt93beAwAAAAAA8I5ccWE40nMdrVfZ1imiCoToZhUd86Fa6VDmVGLiFomFq7ZRMSVOOV/VtAUAAAAAAABcwy30mFf6fysiQ+LkNo6st2JMrCYWrChJlrDo7NgVqYnqiWN1XJXr0PO6ZR+YEwAAAAAAAOepJNWjRHz0Hmv91na7aYtVPM1c0eGWhu/6AOX3VRMTq/UqpxyU6IBesd1bOWjVdWNUAAAAAAAA9OlorCu13ont3usuG6vNMPVzlyuaX0Z9IbKeEvL1GGsH/YqmHxZeZ9bhTN911QAAAAAAAGCN1TS8TjZYyQf9/AoqOnelsiHrOWG9/7jOvuquHFdyD4dojLMnGoYDAAAAAADA43G6x8StiO5k+fCcNiZOOzTROm95e9Dq/OjkIx0BAAAAAADw+FS0W6ep5b3uyCGnZxUMlfV0lylz0pi41105rtruTvfUjjvWWQ7zAgAAAAAA4D6saLJb3JXjZiUXhe0usWpMZHUn1vLRcrv3Qa3eb3UFrzmJriUiCQEAAAAAAPA87F5MtvpPXNlUU7KigTNN7m2jOpZsGy6nEhPdHTy5/ltzdc0RRgYAAAAAAMAenYvHp2/d+Uia7mo9fkSr36P5Zbd3xK1NiZ2TKLo7x+p6HumkBgAAAAAAeDZ27pyR3Y1jZzy3Ius9oZe7eTDgKmPiytKKW3DViULZBwAAAAAAwP2plmfcaruPzqUa/x535YiWu+cdOXYbmUTzKut91hMUAAAAAADgGenqtKr+q277qt4T0fRK/8ed7SzRMSYeJQFxr3uyclcMAAAAAAAAqHBr/XgvnezR8g/u0WNCsnoL0HsfaF1nZDVPAQAAAAAAgNfC036P0iNwNfFwV419b2MC+tz7RAcAAAAAAAA4xq2NictvM/Jg0DAFAAAAAADg+XkVDXaXHhIZz5SYeJQeFwAAAAAAAACPzFPp51sZE09zQAAAAAAAAADeiLtXNjxTYgIAAAAAAAAAXgyMCQAAAAAAAAC4GxgTAAAAAAAAAHA3bmVMvEoHUwAAAAAAAIBXItLrN9Hyz5SY+BoYHAAAAAAAAAAZT6Wfb21M3N2JuTFXdTDlLicAAAAAAAC341U0WFV331SfP1NiAv7Hq3whAAAAAAAAAO5uTHjxksyduXe64sP5q+cDAAAAAADA6+BpP08b3prVRMRdNXbHmHiUGpUv5/nVfIz7n2QAAAAAAADw+NxaP95LJ3u0/IPTiYndepUv5+/qdjqsnDjR8h/O85V1AQAAAAAAwFm6Oq2q/6rbvkIDVrT2id6PRzX5VaUcX+NxEhYrXNm0MjoBMScAAAAAAACuJ9JkV6YdnlXzXarx79FjopuGuLW5sXOi6BN4tc5IrudZT1wAAAAAAIBHQGqr1ZS81nm7uvGWRNrbKgG5ecDglDFx9W1AHyl5ceok8k5mjAgAAAAAAIA9Okn10ymJR9J0V+vxI1p91Zio1qfI5bOd2UlKXBkr8cwD7bpRngEAAAAAAPA8VLVatezjlhefVzRw12BY0ftLmvxkKcfVqYbVW4uu0m1eqd+7e5LvrBMAAAAAAADOsnvDhKv03I6pcHq7S9zjrhy6hsV7fY87c1hkJ0+11ijrGYHpAAAAAAAAcH8q2q1jONxK62W9JLzKh5Xqhae4K8eV3KvfxKvWHAEAAAAAAMD/uLqn4FV4RsMj9Wt0ucKYiEouIofmVDfQW30IUS2RNd06MUlRAAAAAAAAXE832f5hPPRylf4Sp6jo3NMVDDcrEakaE6ti/9Sguwd+d7vRCXVlagKDAgAAAAAA4BwdjXWLhPzOdm/RN+LEdtv+QcWYWG04WUlAZMmJ7rh2sO6useqq6XnZieklKQAAAAAAAOAckYaLpsn37qbhrSTGFVQv5Ed3yeyaDEv+walSjlt1/LzV7UD19FMnTWU9mBIAAAAAAADXcauEfLdJ5klWAwDdbRxZ764xkSUgvPdUuoJG92W9Ii3Rma6XiRy1qqlRdem64wMAAAAAAHh1Ktqpm1SP9Fw39XCvO3N0e0p0NH203RZX3ZVD79SukxJ1GD2x/g7V1MMVXwwAAAAAAADYZyUhX9WBtzQhLD18Shuf1vUunjFRuSvGyp0zsrRE1XmpjCuic6JU0hDeNOv5iZP0lic7AAAAAADAM9DVSVFyPtN1erlMN+6OSdLVw1UNvmpAbPsHn8aC0Yru0QFUbvveJRxXnGzdEg4MCQAAAAAAAJ8do+DqC8k7bQQ63LqywNt+tswYw05MnBh4NeVQcWqybZw80NUT1Ou4Gjlp1vqsZb3tYkgAAAAAAAD0qei8yMjQ86Oy/Gqzy5P6rqONq5UL3vou8QtO9pjwaluuqG+x5lWpngBXGAEddy76UgAAAAAAAECOp7F2ewbujuXEcmPUSjd2iW5WcQRtTJxMH1jNN7zGGVFdizemnU6gHXNgpVNr1luisw3SFAAAAAAAADYVTdTRWys9BKuasTqeCpYWzrTzig6/oqnmj3WtJCZWmlHuuimdSEp1+UnlZLKamlROmMxUwFAAAAAAAAC4Pye0W1c3drTlpKt7d3V4tcXC1jazu3JEG/cGWTUpqi5NZ0c912jX2Yl6RHgumue0kX4AAAAAAAC4H5n2ynSeN+2Kcvyu7s5KOzp6PBpTtP4Ic/7pHhPyeXVQVZcn6mFxxKUReCfXTtlFZf1yPgAAAAAAAJylctG5so5uechKOkJT7SfRMQrk8pVlLintOGlMjFF3VTzHp2o0nEhBeGSJBvk8c8iqUZ7o/QAAAAAAALBHpNWsZaOERLaMt81sepVqH8ZKesKanm0nm9fmr4+Pj68xxvj6+ooOzteID17nwEQHZ/X9V7DjpFXme9uplIJ8jNsdBwAAAAAAgGchujDcna7nd7dtzT/JI+jwpdKNyfQjssTE6kYipyVyZfTzyjiqtTYVssRDNK/qonVO0OrJDwAAAAAA8K6s6qZqYqI6rasnT5HpZa2xKz0mrHVfZlB0SjmyGhVvfhQTWaGyvpV1VyI3lXmWQeEtZzl1VTAkAAAAAAAA/mNVI3U1WSchv7stTXRhXpdp7OrwjsbvzP/Bao8JL9lgLRe9p+LUdOtaTiYmvOmVuqLOMnqdlTFVxw4AAAAAAPCKrGqlLD2xq/MqY9zRb55ZkL1HvjerXFjpN7EcQDjV/LK68W5ti55/VV+FLL5jTcvSEPp5tn1rOwAAAAAAAHCGVd11IhnfLeuvcJUO72jvIxr9hDGRxTo8pyVyarx51jZWSzi6tT6ZSbHipuntdWqSPDA0AAAAAADgleloo0z3VXSeXi7TgtZ6o/F3NZ8mK92oVC5Uyj+i0o4t/tpdgSByWjq1LSvzog9gRdBX3a1oXdHy0ZfjiJs277Iyu5wCAAAAAAA8K8ldJC2yVHw3GT8K86PtWePqrKtjCqwkIbJeEqfbKHxjNzHhHZRs4B2nJivj6BgeFbKTo+OUZfOsdXax1gcAAAAAAPDq7GohT5OtaDwvgZFtN6JqIlSW61QueNvwKhqiMZTYMSa8AxE993a06tysJDC8MWesJBqq66nMW1kfAAAAAADAO3NKq1WXiUyL1XGNUde31ZYHp5IVemwVgyQlMiY8J8QbkJ6ezVtJTXTGtkJmIGS1R92Ht65sujdeDAsAAAAAAHgHKloo01nWMqu6LtJylfHvYmnkbjIiMzVWKxRS/d5NTGT1JVXHRs/Xz63X3rTKmLt0khGVk91a7mP87/h/GtuoGBGZawcAAAAAAPBqVHVQZFR40ysXk63X1VTFavp9RQNnWrpiOFSrIazttMZcNSaqpRbZ8p4TU01NWNuoOjY76QrvpDuRltDbwFQAAAAAAAC4jqou20nD6+crVDVtRTN30xLVEo+uV2By4nahesPWQLLkhF4+m19NZlTNiGrEpuJ0raQssnRFd/0AAAAAAADvSKShKqn2qpaL5lnb6a5LU9W/Xd3dMTS88WxTMSaqG+wsV3VuMsMhml7FOzH1MtWTuOqmWSdq5toBAAAAAABAjYq+inTZieREVVtWsTSvl3RYSUtcUZWQLreSmFgZ7Il4R7SeckSkyYmyi5V0RSW9AQAAAAAAADYdTbWbiJfL3fJCc6aPM+28U7GQLd9it5SjeyCyRETlUdnGaknHGL5zFk3fddP0uvQ2O2MFAAAAAAB4F6qayNJakSbbTUvobXbGKtnRwDtpiY4psR0UONVjIop9dGIhq8vspjHGiA2HaPpKlKdiVHTGCwAAAAAA8O6saKpTes5axntvd7zVioVMU0dpiRNJimVON7+cVJMOFWem4u6sYjlk3nKnHTVrvdlJ7I2Z5AQAAAAAwP/P3rktN64jSxR298z/f++Zbvs87I3ucrpuAKn7WhEKSSRFARRJsZJZBXglMqf5any1cuO5e6O5ugHdjUU7dN0Q1fxu/H46q8LEroUj6/DORqw21iqVIOFNq3ac7k66oqhV7QUAAAAAAHhlovhpxQVRzcu+O4v/uu2tWImLV2/2d4SIbLr3uqQSJipnwuoGqeZXyk30/dnrHbo77FG3RPa9lZMCAAAAAAAAfCKhQV/rZ/SzZ8V/2fd2WY1/j2QqjGTZaP1Ve0M8YaIK6Kugf0XA8NaZrX/VGbEiTqzsODs7X0eF22kjAAAAAAAA/MNufBWJFjs3raPv2WnjpBv/dmPvI3F3pQd0NIUvRI6Jo46DVcWlo9pUGzVr+4qYMcl2Pl3mqHLmfU82rWovAAAAAADAs9OJkVbiqyNx3Ur82CGKYTPXQvT51ccY8XecoRN840jxyxXlZEWEiD7TXbbbpu5O4SlnHffDjrK24qTAPQEAAAAAALAWO63eXI7W0Y0Px+jHbNFyqzfps7g7W0/3M1mbtujWmMjmdxSa7DNnPLy2djZKx2Zjl4vmnf2I2pZN784HAAAAAAB4ZHZjolVRYjWGs98TxXWRgNKJ46KYN4uRj8TYw1lPNL2jHYT8nC/e3t4+xxjj8/Mz2yCfI99gXRWmq9RU6482TDR/lRW1rPpsdx1niBN/mL/n/H0BAAAAAAAehSI+9eiKEvb1qkNC1zsf7/8+MifFLp4zYmW+zjsjdu+29xsan3ZTObrOCV1+pbMrqk1X0en0pbLiRMtd4+F9d0TWdgAAAAAAgEfHi9u6y+q0a8dvWcyp/ejeqLfTunHzqlvCW0/WHu+zJTs1JlY6nk0/Y+OtfK/2IaIK6M/aSfW1992ZwNARHxAnAAAAAADgGejGad15KzHabuyXtTUiEx68aZeIpTvTVowDJUeKXyod5eash/e9q8pNRrRjRjvamYpaZ773/QAAAAAAAK9GJz6Lpp/lqIi+P3u9gycIjHG9WNxrzymcKUxMjnQqExdW1J6oXausCAW7O3G0Q3eFCEQJAAAAAAB4Zar4qBNzHYnhdm8wV2Sx7VlOie46dJlT6QgTkQpj56/OO6rSRO+z9kfvM85Qz446J7zpAAAAAAAA4NO9kRwtf6lYr0s3hu3EyGc5I3b1gKz9f9h1THQFh2z6UUGiM99+f4eOAHCJndVWb/UOnqwNAAAAAAAAr04WI0UChReHnS1IRG3sxnJH4mpdz+6y1XSdv8yqMBEF/Lud3xUnovV77eqyIkR0ltndabvKnqe+IVQAAAAAAMArUMVFUQxVxWBniBArQkWX3Xj47Hjc++6oXW3OqDGxopTsdLq7YbLvXaHjULi0whZ9b9QuAAAAAACAV6XrUvCmnfHQuDD6Xvv9R9iJtzvL7MbbR2PwJWEi+7IdR8MlHl6bPOVIqRSz1elHRYnO+r0+2M8DAAAAAAA8G1HMNGR6FrdFy515Y7kzfTjvJ1H8rMtc86Ftq4wBbcHiiGOis2GyeUc2Rnd61taJ7jDRMt4OtOKYOOKuAAAAAAAAgD3OcEGsLjtGHs914tDqBr83LZu+K0Bk3x+1dYmzhwvtihHV/JUNFW2YkUxXuoJEVwG7pPrW7QuCBgAAAAAAPBMrsc6tY7ZuLNfpSxXvnhlnd+Lw4bw/xM9k3ufIlZs38zpzKFSOhp2N+PHvo+OWGM77jM4Opq8vvWN3Dqq0n5+fn29jjPH29nbqDgQAAAAAAHA2M34pODOeunYc16XjWoji5KOixEhe6/JRe7O+/CETJvTDb/K682VHxIeuUqPr6/RlUu0Q11TZoh3ba0On7XYZxAgAAAAAAHhUusF85Va4diy32v4q7o2WrdazG2urKDGc11nb9HXIGTUmOhtiTjui4OwqPLZNXjsjop1Zp1UPzTfKcpW8dXvfWS2X9QUAAAAAAOBR6N5MXonfvGk78duqIJH1pROvdmLgMx42bo++N2rXFpUw0V1xR2VRheWS4oR+T4dVIeASj85OP8bXNkXtRYwAAAAAAIBnQp0PnWV2464zHrZNVayZ4cXTdvol4mpdv9eelXg7XW7XMVF9eUdJOVOs0O/sbtCIriARfW5XhLDr8dZZTQMAAAAAAHgVjsZNR8UKrz2rAkVEFjNHry8lUHjfn7V7ma4w4bkRouWu4YxYVXhWiHYc7/XZilu0Hq99CBEAAAAAAAB/iWKlW8Rv0WuvfRWPGGd3NYQxhlP8co7a0KiC2mnoykPrT3TqUdjvs6/nZ9+D+as7QlfxsjvnTm6S932d73+TPgIAAAAAALwCVZzkxVTRcpno4MV5up7s+1fwYl2NkaNlu/H2mQKFN88lGiXySPFLj6gxl1J4oo2r3z2S6R2qnffSipt3UGXtxE0BAAAAAADPyEpMdCTuOhq/aXs6rMSylxIdOs6IthDR5UxhIhMedLp9f3SsVf2+6vs7dBwK3fmVcyJT3KL1R20FAAAAAAB4FaJYqOtgWI3XzooTO1TxddfBcIYgUbkiDgsUK8KEboBomSNOh7MdEztuCW+n1um3ckzo90ftxzkBAAAAAADPhDohomU6gsG1agRGcVkWp3VcE9eOrzMhw2tvNC/kW42JRTLVk+7JhQAAIABJREFUpLPs0Y2h66nez0cnYK8UrkoJW1XedirALgsPs3ZIlNsDAAAAAABwKxq1DpUsTusIC7vxWxQHem2wy3U4K+5djber9VRt3mYnlaNSP+z8WzsmsnZ6REqWN/0Sitvqo9OXZfECAAAAAADgjujGNteOx46MqrgSp0WuhGvH1ytawBJn1JjoKix2XrbcjqJTra9DpHjZHalj1VlV3jriQ/V9K4IFAAAAAADAI1O5EToxVTdey5zu0fdpHcEsnuvQjXOPmgLserL1etMPcYlROeyznX6Jx4c8oo3b3YDRjtHd8TLR4YijImtPZ8dGsAAAAAAAgEcji2O8OKiKn3YcEZmY0b1xXbV/jDzw1/kr8fAZD23ncKYf4qgwUQX7kTiw45TwNrrXnkr5Wd2A1Y5VKW/Z2LeVmNFxUXjtyg5IAAAAAACAe6e6QavvO+6ISoSIYrRO3Fa1c4XsxnrlmIjEilXnxOqN/kNCxaowETUsWsZOu4VjQr+/Q3fHOkNpiw6G1fVrW7P3AAAAAAAAj0Qn5tkRIc6M5bz4rBNbZlQCxbUdE5VbQsWMNh1holphJgScITKs1pjw2tbti3JUkMh2/o4il+3gXjsRIQAAAAAA4BXo3Ki9REx2lkBRUd1oj+LhKM4+U8zwvq/bF5euY6LrOMjcEvb1PTkmounRjnQpVS3bgbvLa9sRKgAAAAAA4BnIYpxLxVlHYr0x/O/16DgQ7PtrOSaiNmRtztof8jOa8fb29jnGqMaRjQQHbciOOFE5Jz5G/X3zM+/O/DH+7hifI95JjuzAWU2JTJFbyV/y2tX68QEAAAAAAB6Q1fioE3OtxG47QkhEJ37u3oiv4ucV8SJqjze9FCCmvhBxpMZEtVy38Wc8qh8qa3sniI92+jOUtDMeWZtHsgwAAAAAAMA9E7kPdJkzH7sjLUZtqliJXTtx8JkP77s7fVm6WR46Jg4QqSuVsNBVdryNb7+7q/B0dhDPfZA5GrzpR8bF1Z25o8DNeemOMJ0wlXIFAAAAAABwaQqnvqUTC2UxlMZcO6NxdOJBr90dspv7Os1bbjWeXhU2tI2nsDNcqG6QaBlv3qUUno61ZYzvbYra31W8LqHCeQdHpLR1XBG4JgAAAAAA4BFZiXWyeGknJcMTI6rP6PdGMaVHxzVxq3havz9q/7ZwsSNMZI3wNmZX4dlRdj6c9USqTtSejK4gkKlu3WnZgdI9CCLlEAAAAAAA4NHx4p2dG8Iro3F0543gdSRSeHTj2Cye7o52WcXTWXu8ZQ9xRJio1JCoM9dUeCJhRNtY0VHCvB11xy1x5GHbNWT6ygEBAAAAAABwK7wbsNHN2Gs8uqkctl2rRI7/e4mntY1e27dFirMcE7MRXWUnW+5aOTHRRtOdKHImVMJApMTtVnr15ntt7xwEiBMAAAAAAHCPdOOZLB7q3DRejc+8FPudm8hZHzO3QiUsRGJD5aQ4Gr+fwpnChCVSTC6l8Kw+vDZZoh2lo6R1c5dWRYgjOztCBAAAAAAAPCJZXLPjfKjisDPiPa+tUR+yGPVajyOjXJ7CmTUm7OuOouLN95wRK0pP5IzIvrtDxy2xosRVKl114Nh2aRu7rgkAAAAAAIBHYyc26sZhO872SpxYjc1WHAyZQ6ISHey06ruraYfZFSY08I+W2d140bJHnBGd9lqinX1FoIh24LOUuso5gUgBAAAAAACPThTnrMZJVYy287mOIBHdQK5iaW9ax+nQjaFX4vFO7J/1KeXnwrKfIw9yM8tH5mKoNk7kosimVRtRp72Z6VEfOwdCdYDsqnFRbYloB5/Typ1ijhf89vZ2itIFAAAAAADQZcYjTbLYJ4qTuqNynO2WGON7Wy2ZMyKb7gkSKzHz6sARnRi/08eUVcdE58ttA6oN21V0zq5DYduobfZQ5Ss7GFSp260lUQkV0eei9lfLAAAAAAAA3AM7MU4WJ1UiQ9ctUaXaa7uGM98SxaQdoSASJc6MsW27ojg66tfSje8za0x0HQqdx8q4q3Z6VbRjRYyo8ASI1dylarmOAhcpgwgRAAAAAADwDJwVF+3GZdlyGhfuksWqWazbiZV3UjZW4vrDnFFjIlumUnc6ys2uW6IzDqv2R1GlqzoQuopcR9HzDozOgdg5GBAsAAAAAADg3ujGKVGMVgkNkTvC+9xKjKft91wTUb+82DQSHDoxbyd+XomxtU0RHY0gpBQm3t7ePhfrD3jLdh0S0cbqqD2dHyVqT0UmAnQeZ+UwdVwU2q5uvwAAAAAAAG5FJ3aJYh9v2U5K/dk1JkbyOmPFqbDqmqhi7pWUDtueFl094Ugqh6on2bxMBVpVcirFqLNxbRv1dYfujqkHRFVPInNJdNYT7firjgoAAAAAAIBbUQX2ldAQxVBZCkY3LlsRKDpkcenKjf1dR0QlRGRx9CjmtTmrxsSk6tCKM6I7bTdXZgy/nZPKhbDialhV5LIUj44oUQkVAAAAAAAAj0IV8+hyVTx1aSd7FINF070YtXsj/4xRLTMnhdfOLI7e4gxhIlNHooavKj5nKT8rStAYcXDfcUlEuUyV8NAVI7ppHcNMQ6QAAAAAAIBHIIthVtwLnXjqaO2/LB7zpndi0hVx4kh8XQ0ekQkRmRawxM+jKxA+x98N7rkSIiVoyLSqiugZbokx4g1o+2HJAv8VoeLsnKaqLeWOMscPXqwnAgAAAAAAsMyMP5rsxEAr8Vi13Eo8NpLpY+QxqH29Iijsxs7e943iddWPLY4KEzOAn43Sjb+i8nRFhm6NiY7ys4L2c8c10VXvIoWuckp0XBMWRAgAAAAAALgXVoL+KhbrxlHdmG2l1oRt6wqVY2ElBeOs+LtyTJzimthJ5ai+MGr4igJ0lmuiypWpNrRid7Rox6uEhmvlNHUOagAAAAAAgHtlJ+a5ZjzmtXOMfvzlxaORwFCNxtF1UKwIEF5M34mdl0WK3RoT3UA+EgA6osTO/M5oHNr+TECxRDue53yoFDrdyataFDsKXedAQLAAAAAAAIBb041LKlGiI0JULonVuM5bR9WvKAbtOiYykeFIBkIWR3fj/y3nxK4wUTWkEgS6G+ZSdSaG87qL7liRYNHJVVpV6joChbatc5AjTgAAAAAAwC3oxCpVrBMJEpeIxyIBwmtbB+9mfrc0wW683I2l9fui+Yc5o8aEJVKDOg4J3ShHXBO7uTKfQR/eZLnKMVEdFN68LP+po+ZVIsVwpp26MwEAAAAAABygE89kgkQnTqvc6tlN5m4c2CEK/HWZjmCRxchHBo2oRIjThIq2MDFHa2hWT11p/BlOiY4SlG20Oa0SJd7Mc2bV6ah3R/ObOqKETit3FkbnAAAAAACAS3FwNA5vWlecOCMGW4kDtR8eHWfCag2JTnx8VIgoWY0nLzFc6Bh/N/yneV4VJDriQlQQ5IhjwvImz7pMtaOuOCc6LopM8Xv/t88dxwSiAwAAAAAA3Ctdx0QnRvLEiSwe6zglKqFC2zrJ4tBO7OxlGHTi5W58ncXLUXtP4f3MlQleR7KN3bGdnFVjoqsKRRu7UsiiHf/M3CY7LWpHdqAAAAAAAADcMyuOhSpuOhKDVU4Kba9HFG/uPI5mFmQxeBW/X4QzhYnIeRB1zr6PFCDPEVG5JHYFiy4dQaJjH/JUuux9Z/1dMcJbBuECAAAAAACuiY1FVmOYbnyUPVex2Wr8pf3qsCNEVMJCFUtX5Q6qGN57fYhLOiYs2rFO0Y4zcmg6StBIpkdoQJ85KLpCxapi11HoVp0TiBMAAAAAAHANqrikckhU8dcZTvUopvO+12tXRDcujWLZS9WYsPNtey7OGcJEZffQ5aoNv/JDVMJDR5yw7dV+eZzlmMgsQh3FzrMoVU6ITH0EAAAAAAC4Np0YJXJWeKkbnRgqS9O4pGMiijmrGLabEbB6o74jkOi07PU2R4SJ7pd7y61swDMe+oNEbVvZoLqz6Y4Y7chHFbtIyFhR7rpKHgAAAAAAwLXI4pbMsZDFSGfGYHO6/X5tf5csFs3EhDPi4ioOr9ra7VObo46JyG3gLdd1R6ykZXQVoU6tikywmHg73o5jomszqg6iVeVuyDQECgAAAAAAuDVVjHKGU70Td1Xx22rc5RE5E6I41YuPvddVRsFuLcZOrK/9Wubs4UInautYtZqcpQqtWlTma28nejPLRVaiIdN3DpizlTuvjeVOM8cXXh1/FgAAAAAAQJnxRRONYbJY50yneleIyNqZOSomXgya3Vi/VFy8Gpd3hIotzhQmtIHej9ARCDIFyFOIomUqR8XH+GfnqhwT0Y6ly2Q77soBcMYB8+HMmw8VVz7lNQAAAAAAwDXInBJRPHOpG8CduGvFoa7TO3Fw55E5I1bj6Ko9HhcRKZaFiXkHval4ZY2ONkwmLOyqQ6uKUVfNiw4efZ8dTGcIEdH8qB9WoAAAAAAAALgXshimE1OdHXNlDvnofUVXgKhuwHedElWqh52ftbNk13H/vvOhgk951nkrjolK2cmEBm8dnR0g6o+SCRDdg6J7sHQOukzBqxQ97QcAAAAAAMClqFIeqnhmxaF+ZsxVOSaiWKoTG3fcEVGM24mXsxv1UZuifpx+k/sSwoTF65j3urMxz8ilicSJrL1jxBvesx7pjnn0ADnTYtRxU4xiHgAAAAAAwC5VHLIjSBx1SXRitOjG9Bh5fNWNNzux61mxcTR9BK/bjoldzhYmvM7o/JXHai2JSDnqOie07VE/qpSNXSvRj8YyHatR1K6oHzglAAAAAADg2uzGK5locYkbv1mM13GgdwN/FSUqcaHjqqjWkz2qfpzGGcUvP0ce1EYdq8SInRyaSIiIfsSqjRWVoncpJc9T87x1f4yvB4e2q+wvo3MAAAAAAMAuB0fj0GkdweASYkQ37lshck5k9R/OyiToihHdOPlwrHiWY6Ib1O+4JTr2kyhvpruOFZUoIxIlKjFi9wDy1r9yoOCUAAAAAACAW9N1TGRx1tGYKhMpKqd6h07s24mHO1kC3Zh61TER9ekwZwkTESudVjdDV6zYzaXx8mm0zR66A2aKnqe0XcJeFCl5q0IFAAAAAADAregKEbeOs7zYT/vhUcWfqyLDrlNiVaA4TYCIOCOVw+I11vtRuuJEN00jUpB21aGoT2/y7M3vHEyeAuc9ujUnonV8DP8AUnT657/TLrrzAQAAAADASxHdzI2WjYSIHfd5FltFQsdK6oY3PYsxd+Phyi3RiaF3BIiLChXbwsSsOdDMGaoCf0+5uaRCVP0I9r3uWFVKREfBqwSJM9S9StGz0zN3COIEAAAAAAAcJYsbs8C/K1CcGUd1nBNDXitZ3KvvKzfDTiwcuS6i74na2ooHj9YkfD/y4YJPedZ5nUe0UT21Z1UpWlWIIt7kdcc1sarmrTgnKkVP2zuc+R2xCQAAAAAAYJUo9sjilHuMrbz2dsni3u60zEVRxdOr8XAW25/C2akcEZUrIRIULqkUrfxA1Y7WPWAuofJl66za1d6xGJ0DAAAAAAC6LI7GMVkVIq4VX3UFinBzBI8q7j0zBs5u5ldujotzKceEdsib73X0qBDR/cyqShT1I1P7ogNp5aD5ETwfUfW6bgoAAAAAAIBL0XVF7DomvFiqG1dV8dVIXluqNAlvWhXbrmYLZHGw9/1Z/D6C+Yc5U5ioGtjpqP4gRxWizo+lP77XHg+17kQ7aiROXELZi94fVfgAAAAAAAAuxYoDPYuBznBKVPGT117bD48og6AjNpwdE3dTNzpuidNEirMdE12rR8ex4IkTq4JFtVzmllAFycPb8S6h7HVVvVWHRNXuqI8AAAAAAABdspu33rJnOCZWY6nV2Crqo+LFld34d8cpUcXRq9kDUZ9OdU6cLUxEdDeA/iDe6yMKkfc9mWq0usGPHjhnP7oKX+WcQJwAAAAAAIAdqjhjJWa5Vgx1tvPcizG7cekZMXD0+iyh4jCXKn7pNf7NzKuUouzHOPrjeD96x9Ji30d2nU8zrTqAVp0TOr1rQ7KPj/H1QLd9+BxffyP7GgAAAAAA4Aie6DCGH1tF8cyqU2LVOfEmz5FAoX1SkSKLKbOb8mfGup1Mgc7N+asIFYeFiTlKQ7PqqtfZSCnKRIQzf6TuDzWGH7h/2RzDP5g+xtedtitOnK3weW2ZokQLRucAAAAAAICIE0fjiOKZW8VRkbDybRPI69Ub8WfdjO/c6I9EibYAcVZc+H7GSgoq5SWbV/1Quz9YpUx11aNJppxFO/WKW8KrIJupfSv2o8g25fURAAAAAACgSxZXrMYpHVHix/geO+2MdFjFUbYvXh+rLIHKyX80xl29Ea9t9vpwUa4hTGRoZ3XDRarOmfYWTxHatal0DqJLqHsd9S8SICL70XCmI04AAAAAAECHTgDfiVFuGT9VN3tXqOLOS8S6HaFijL3Y91QuKUxEHa3sIpFAkVlQ5uO3M21FnOgoSit0BIpK8cucFF0xIlL/qjbbaQAAAAAAAKtEzvJoWS9OqkQK64yoYqmOSyISJFbopG4cESW82DeKmSvHRBWr6+vTuUTxy89R59t0NkxkczmqHHV2jEjFilS+T3m/qvjZaStD2ahVqeuYeP+3v5HqV+5w1JoAAAAAAIDJYm2JKmVjxTGxMxSo/UwUn1VuDu2Pu1lGHl96ceiZsW8nFt65KX96DHgpx8Rn8OwttyNQVGqRvu/8qN0fxJue7aCZY6Kj+P1IHqsWpMyGtJLiAQAAAAAA0KWbshHFSd2Ujip2yuKoKm6rYqgxejHkSpzrxbJV7LsS53aEiG5sf4hLCRMV3R8rU5Au+agsLbbNHtUO2zmoznx0DySECAAAAAAAuDRRHNIRKa4RO1Xt8qhuaHdj2rPi3iquzmLyq3MNYSIL7ivVyL7v/DiRWrSqIun0FVZVv+xA66h9XevSitIXqZljxAciAAAAAADAGHEcsSpIdEWJLFbqxE2dmE3bvUIlEFwixrUxdEegiOL0MdZj4mVOEybe3t4+F+sNZBvBW+ZSzglv3dF3rgoVuoNfU/nz1r9qRcr6BQAAAAAAoHTjiR1R4hoxVBXDdViJLbs34XedEisxdzvW3Yj/U67hmBgj3xB2vic6HBEjuvk3HfXI+/GUyFlwVIjoVJj1FMDowK4Oss5rAAAAAACAiG584QkBVTyTxUEro3F0hYqqf5NuhoDGn0di2RWRIop5tQ9Rfy7GJUblyJidejPvvVSPFWvLWUpS9kNpG72d8M3pX2Rd8ixClRixI2BUKuC76c98P/7dBrY/IYzOAQAAAADwumyOxhHFJivu8rPipU76xmpKRxXnrsSmZ8e+WZzrtf8qXEOYiAJ5O31FlOj8WL+D5+4PNae/j+8/2hjffyTPJfEp8yPnQnbQrYzO0RUl5uuPER9g2q+o3wAAAAAAABGdeKNyeXeEhiOjcXhxWdZub3rltPdcEl0xwsa09lHFt6vixBhxvHfxOPC9XmSbrPHZRunaXW6lKHn98qZ1duyuHWlFAex83jsBjGAaAAAAAADAGXRikEqQWB0EoBtvZSkmWXwUxYf3kBGwG3dHXEyguLRjYroiosDdWz7aoJVbInJJrOTmrPxYVeCuqR1ZGkfHNVE9OkJE5Zrw+uCR/a4AAAAAAPCaZGJDxzGhbolVoWInXspitK44Ydm58b6bAVDFthpDdwSISKi4aOx3ScdEh6jDt3BKrNpduj+Md7B11MAjRVoiJbBqy+qBh6sCAAAAAADG6MUO2SOKV85wlndirKwtXVaFiEvFtR3nhNfem3ELYSITIM6wvHScElFejv2ejrIU/YDRzpuJEVFax6oKuHKwVieHzGoFAAAAAACgVGkalTixIjAcjZOy2ExTO7RvlihOzDIBvPg2ilNXayjuZARczR3hcXoqxxydYbE6axb0X9IlkQ0fqt/7Pr7+UDOd4dsmMMt5O/CRA/AMJdA7CGcftV3tHZLROQAAAAAAXofFeG9SxUKd2Oioa6J7w9Zrr+2Hh+dGiOLLbmx6lnsiastS/HapeO+ajgnvRxrj64aonBKVQOEpSd7j6A9apXZEtp/oIFTLUHQAruROrQ4dGh1wemAquCcAAAAAAF6bLE6o4oyVG7Ya7+zWltB0jSg+0v7o9DOd/55zwsavK66J6HuzOHw486920/kawkTWmcg2kqVOqFBwtqrUESSivkVpHd6O7h0IRxVBT5zo1JrQNupyXp86iiEAAAAAADw3nuDgLVPFHJFAEd2EXY2TOjdsvZhtTlOyWPAsgWI3dp3vozZXcW7V19O5lmNCVZmoY50fsPOD7ubg7DokIipl0FPssgOpmztVKYOVcyLrC4IEAAAAAAAomfPaW7ZySlRO8pX4qHJNVHFR1hfLJRwUO7Ft9B0rIkQVu5/KpYcL7VL9aO/OtMqmckRpWhUqqp00sipFB6KdVtmQMnFiRRn8KNo4RmOnpNYEAAAAAMDzslhbooqDVp3kHVGicltE8VcVC6WbpXh0hYNLO/93b7hfnGs5JiyefcRbxvshNZVjVVnq1ppQC0z0A2t7KzoHY3ZAHq06+2P4B6PXBu9gXD1AAQAAAADgdejEEF4c5MUmWTzTcZDvDg26I0jo+9U4topZu26JKo4do46/o2UuysWEibe3t8+Fu+ZewH+PSpP3o0Z91B05sjZlCmFWzLLjiOgWfokOSm0vAAAAAABAlyiu6N6c7cQzWYxUDQ7QiYO0Px5ejBjFk5EocUbMms0bw4+xWzH7Yny/zK1SObRD+gN3LSfVjxSNyrE7SoemlEQ/5ps82+nddI4f/7ZtxzGxOjqHTeXw0jpm/7ID0S4HAAAAAADPT+WKGMH8bvpGJDDs1t3LxInOY3JWvHp27LqbtnHz1I5rpnJUHcxSJlZ+4B3FafcHjvqWuSi8g7dzMK48dsWJo3YmXBUAAAAAAK9BJzbI0jeOiBJnx09R+olHFvudIVBcMn7V9lRCxNVEims7JqI77zr96A+qalKkMHVrTXRUJ/ujRZYf28/KMVHZmTK1sCtOeHld6pbwDtLJ5/jeNwAAAAAAeB2im6/VI4tJKlFixUFexVgdp4fSjRO78WwWq0b1JjqPlRvsnsByNa7pmOhQ/YiXVp5WHl2rS2ZhitwJnhCxelCuOidWrEsln5+fb4sVewEAAAAA4E7ZvL5fESiOihJe/BQJFZ2YTOO4jHuMUaMY+qYpGxH3UmNi4jkpIsvJhzN9VXnqOie67gmvDzotOhg/Rn5g7h6c3oH449/vi75HXRPa9jH+uiX0t/SmAQAAAADA85DFPFkc0UnhyIr+Hx2NwxMnOjdpPY66JDpO/647QoWIKIbN+jCS5S7OxYWJWbmzqa5FKRLVj+tNu2atifnoKoir9qaOc6I6uO1Di2rqwfgu/ZrOmilYeGLEMNMRJwAAAAAAnpNOqkOUrhHFHlX80o13qmndOMzDS+E/KkqcEa9G8XEnti655EgclluncqwoODs/+E5l02gH6SpP1Q+9qhxGuVar+VUrRWI6B+aOxQkAAAAAAJ6DKK6Jlu06Jjz3xNGYJ4u1dlM39H3m9K8EhixO7YzI0Y2bvX4sCRWX4tbChEd3o2Y/8qr65Flosh+9o0aNEf+4kTuic5AeyaXqFIPp2plaIgS1JgAAAAAAHpfF6/muK7zrlsjioCoe6tyMjeKecrM4j8rF4MWaZ8SuOwLF3bnbbylMZBvjiCVmxzmx4paofvAx4h/b7uhHxInq4OyIFFZR9KxVlTjh9QEAAAAAAF6HToxQxTvzfRSvHIl3dkWJKL7J0iJWRYqotkTl8O8+OjGr17+bcAthoiNI6Hv9kVecE7s/pLcjHVGfshSO6ODsuCWqgzBL+6jsTDrda7/2EYECAAAAAOC5yWIBjRs6sca1452oTd2UjlWH/87N9ZXYNvv+HcfE1QWKWzkmMpVJl/GW67gaVhwTuwLGkRSOaLo9UDL10E4/W0GMDlKdHvUJgQIAAAAA4PmIrvs1NqjiibMd4p2YKWuX10edHsV9l3T2d2pLZNMjEWLVSXFxrjZc6MboHPO5ssocUZ46StTv8c/O7AkSH+OfHVvb1A3KM5tTV0WsxInqoPZG6Hg3ffswbZl904M1E2K+/O7XquoKAAAAAAD7OHFbFuNUqRtRGkdHhOjM796UreKv9uZxHhonapx5trO/65pYdUuMMa4ft11NmCiYnX6T13b+GdaYjhK1okh5ooT3g3s7eTcH6ywVMTtAp/DiiRPVwesJMYgPAAAAAADPixfQV3FDduP1UnHOqjCRpW7Y152b5pWjvxufrsSomaM/u+l/c26VyhGhGytTfzJFqnJB7DgnKkVqBNPG+P5jdw/WVdfEjpK4k3ul/QAAAAAAgNclS/HYjW+OOMN34xuPrihRxaZH4tJKoPBiZK+9d8s9CBNZzou+zxwTKzvCEedEpIZ5P3Z3B+gKFEfVxGgd1cFbqYnZfIQLAAAAAIDHpnJFjGJ+JUpE0466witBouuaqOLTKl5cdUp0XBNVXJw5J7z+3ZRbChOdzh8RIypFqlNYpFKzqh3BQ3d0PZC9g6USI3asTl3bU/dAzvgzf3EcZAAAAAAAuCLO9XrnWn/XCb6btpHFQp0Ujjkt6mMmTqgbYcXJvxqPrsallUhRcTOB4tY1Jj7H3zoFHm9mua5Vxpt2pjLlfc970j6vP96OrwfKXG/nsSNSeOuw/bPzPpw2dp0RN1ffAAAAAADgMB2nQUekyISEM8WIHUe43nStUvc9MaASFs5w8kdxcNcx4c2/adx2D6kcGdmG9Db+ikJVLbtabCT64bU/Hqt2Jz1wvfdn15pYsToBAAAAAMDrUIkSHRd49yZrFQftiBIeUZq+F4NWJQWiOLOKRVecElVcetc3jG/tmFA8h0HllngftSixqk51dxptg23XMNOjnd06QqKDWN0L1tnwe3w/EHdqTfww6/IeH+Y5yyWLqJwxAAAAAABwf1hMcRzWAAAgAElEQVR3dOdG5ZGbrUdSOConRiVKdOKZKi7t3ChfGY2je2M9u3FfOT7uhqsLE3M81Gadgcoy00nv2BEcMiFDUx7sY+7wUT/0oNXpehB/jjqt40g+1nxYgcMKHp44Ybfz7Ovse7Vz/1lm/v7XHh8XAAAAAAC+48RnnXhNUzW6tSUi53YkMuykqmdt6jrAI+fBbiy56uCPPrsaH7eFiFvFZ/eUyhGlbETLVikc3vTVWhMr9plKrfKIDoYqJ8s7cM8QKbJ1Z+kc2m6vLwAAAAAA8Hh0rvFXakuc7Zqo1u3FMdqXjI5TouOWWI1DuzFuN/aMUjzugntI5chSHewykQ3Fphl01aeOKhV9JnJN2DZoCopN2Zh4B8S7WU7TOTKRIjtId90T0UN/C9vujxH3FwAAAAAAHhtNf9DAP4sjjooRndgnEiO893Oa9utTnudrLw6NhIKsXmFHjFhxV6hAYtvYdUrcPG67F8eEbkCd10nd6Owg1c6wMzpHV6nKfuxOblakNnoH4lHb04raGLV7DP9Axz0BAAAAAHDfZNfxndoSK67vM+OXjkhROb4tkau/E3N6AsVRx4QnRHhxaJXGoSLGzbkXYaJLJUpkNpqo1kT243fFibNyeqIDulIfvQP1rJQOezBnCqSd1unnGGN44yQDAAAAAMCVcK7Hd2tLeILEiuN7JVbpxC/ahpXaEn82z/DjzG78GcWVVexZxaqdmPguBIcu9ypMRKkb0fyuzUV3km6NidU8n2in2BUoooM6UwzPfFQHddX+kSwLAAAAAAD3h3ct373+1/jlUvFJFRd14xclS4vwYtAsJj1rNI4qJvUEid3UjqtzsxoTzugcnyPeSaqdoqNWvY/9XB9v+o8R7wwf4+uOP6dHB7G+/zSvvVoT0YH407Q3Ooh/Sh+8A/yH2Wb6+DCvZ79U4JrtHONOd3wAAAAAAFgiS9PoOiU03SKKV34G86JlotQNFSW8vlSpHKvx50pM2YlJu2LEjnP/z7xbj5Z4b44JT+HJpmUWlq5zopvjs6JcHdlBPItRdALQg/psRXLVDpX1YTivAQAAAADgfoiu27vX/R1R4sw4JXrtpZh0xIhuHNd1M3SdEpeoLeH1SafdDfcmTEyiDbXqlKjEiE6qxmpdCm8nse3X/nicVWvijAM9Eii8nDJ9X0GtCQAAAACAG3BybYnKKRHFGZe6kZrdTK1c+t5772Z458b3TrzZjWs7N8W9Pt6VIDG5h+FCM2xKg31t52fOibMcEx0Fyz5sysNsxzDvJ14ah33tiRMzdWIeZDalZKZfnHWgz3Xa79C0jk6u2cSms9zlAQEAAAAA8OIcrS0RCRJnxSiRwBGlmKy4JqKb36tx5qXizcop4fVFX98lNxcmnFoTHipKVM6JGTR3HBPVTlPNnwdEJE5onQkbnH/ZFOPrzqIH+JD1ZWqkJ1BobYms1sQPWY9dt4oT2i8vfWOMOz8QAAAAAADAJYs/qrSNFYe31o3wak1k6/aECG+69s0jEyhWBYhuvJnFqivixFLKxq1rS0xuLkwkeAG8p/pkaR2VmrWa85PtJDOIV3Ei2kEicULf64GlwoAnHJytQGqfVJhQwcSKMZ5Aoa/v4mAAAAAAAHhROrUldPnqhqknRFwrlSNL41hJ6ajKB2Sx4Wp82a0xUYkSVSrHXXKPwkQUtNv581l3EpvuEO0476MvNHSULM8toe4NbavnIuhYozriREeJrJwSc3SPKXKoc0LTOWwfZ7/swV4dAH/EiemcuRflDgAAAADgmXCc6iu1JTJHQic+2RlxY0WQOFJbIhMk1KVwxJm/ImREcWZHpMi4u1jrHoWJMeo76d2Ujq5r4qhjYgbu+l1e4F6ldGj/OuKEiiNeCsYR5TFKVbHiRHSyUpHC9mu+BgAAAACA21K5JTLnQdcpcWZ84s2vRIlMoBgjjy011pvvo/jwzPoSXbdE1Y8x7jT+uldhosJzHkQuhV1BIlO4dJoXuKs4MYN0b8epBAo96D/Hd3EiUiRne1ccFNYxEYkdehJSwcU7CYxxpwcCAAAAAAB8oUqDyFwLGpv8lMeqQ0KXyZwSXl2JXUEiEiV2hIjVOLRyS2SCxMPxfusGNImUniM7j+5IK8pW9vlqJ1qx2GS5XJfM4crWXdmmKnUyUiw7FjIAAAAAADiP6Lq865bopG+spp5n8UknbomEiCre6LjxqxjwErUlPOdEFV+uxJx3wd04Jpqjc0wycWK6E6xbIbr733FDdHayrM6E5+LwHB9/NoX0cx7w9r2mdHSFiswpYd97Tgu73eZ7u72tm8P+Pvak0BFivuwH1JoAAAAAADjOSbUlMhHAxiBRPGKdD51ROFZqS3g3Su10258x/NSG7KZ3JVJEtSVWnPiZa8JLJdm5+f3PhrizOOsRHBPRjhItG+1EHdfEkTygru1mxWqjSt+KbeqIYyI6CVQnhMzqNYppAAAAAABwfXbdEllc4sUQR2MRjXE6aRxeHz2iOK1THuDMmDKLJbO40uuL9ueuuRvHhIPnKNCdyf5Ic77nnFgRIzJFK9vZojoTdkeeB8Rs73QYVIH5bm7XPJB/j/ikEDknvGU/ZH1znXObqyskOrGN8QAHBwAAAADAC5LFHl784d28rISGzCnh1ZKoUjc6qeUZKkB47oTVG9w7YkU3ncNrrxdfPYxAcc/CxBjfg3YrUGi6wHwdqVv2dSQk7ChcutPZg2dOfzfPmYIVHTTRCcGmieiJQFMxMlGiq1RqKof33VYU0hSU4Txb5nJ3e8AAAAAAADwBnhtC30cpEV2nxKpbwhMrovSOyLkdiRMRHaeEihJHxQebxlG5MDzxIXPif8p77evdcu/CRIQG8pEg8S7vK4VrZafy1hG5Jqw4MQ8O6/R4H98D8kiQ8U4SViD4Yd5bl4Me9Fa4sK6JjlCh4o49Keh2twLF7L/nhrH82RbUmgAAAAAA2GehtoQnUESCROSc6LolIuHh5/CFB8+RoW3JBAn7/tN59tImKqeEjQNXbnZXzv3KIdERKB6ORxImvJQHTxXyxIloJ9K7/2c4Jn7I+lWciHKCqpSOTMWc6/XcGlZo8Ipaeq6Jyknx4TyrOGHb5Z0YIh7yQAIAAAAAeDCydA1vmcwx0RUlOm4JL72j65hYTePwYrKstoTGfkfiyI7IoQKJF/NG8aXXv7vl7oQJZ3SOKmDPhIlKnDgqSMzHr/H3oKicE/Yg0Z0oUy/taxUk5iOyU00BwYoxUVqHdU14QoYKEpE4YR0Ttr1j/D2oMr4omjgnAAAAAAD6bI7CMZeLAv4o3qhEicgdEYkPndoSUb2JnVSOTIzI4sdf/z6OxpPZd+2KEtrPMcb9xlN3J0wEVLUHspSOjnNChYQz1K55IKlzwhMUtH8rtSayE4WmXWQnihXXhAoTKkpE/dN+RNzlwQIAAAAA8CRUcYUuVwkCu04Jzy3hiRQ7TolubYmOOKEpGEdvdGdOjBVRQvvjzX+I2OpRhIkKDX51p3obtTjRcUXMA6Ja1nNMeEJJFLzbnaeqNaF1NCrXhJ4ErHBhXRN2u0TCxO/g+2ab1CGitSa0r7bPD3EAAQAAAAA8GJ2boCuOia5AUdWWWEnd8OpcrNaWmK89UaJyUHTjx66bIhMlvHhS2//wPKowoRtf0yIy50THMXFGiofnlrCOiUicmP2JWKk1YU8QVmCoak2oW0KXt44Q3WZWmND+eQqm11cVZp7iYAMAAAAAuBFeWkf3sSJE6HRPcIiGBvWWfx+xMHG0tkQmSkSx4dEY0YszK8dEJ4VjJa3jLrlbYcKpNZER/SBTCPBcCh0RYnXH03VFgbttwzBt1JSHDO+EYR0KP6SfntOhSuuwDgorUHhpK1aoyIQX2+booFFV88+y1JoAAAAAAIgpaktUQXslSthpKhh4rohIcOjWltBUjh9O+1YECYt3A7vrlNi5ke0t731HlMbRSekIuff46W6FiYQq5WHFMaGOhiPql5fK4QXt6pzIdqzspDLfq1NCn3drTWQOCj1h2H5ZcULTOea06uTxTZAAAAAAAIBDeAJF5ZSIRApPMIiEhUiQOFJbQoWSrmti12F/RJDo3NCOXBOVU0L7ZKc9FI8kTHiChO5snnNCA+NoZ9MA/kyBwntYh4PnKrD9GcMP0rNUjiilY4oHVa0J3Q7e8laIUBFm9qVK5/D6CgAAAAAA12EljcMTCrJUjKi+xJHaElkqh9c3GyMO83oljePsG9mZWyISSjpOiYcVKB5JmBjje6qDt9G9QN/+sJE4YXe2owJFtC797sgxEQkv0cGmboSjtSY8d0U03Yod9mC231u5JqK+VcIMAAAAAADE7NaWyNwSUUp4JEZ0pu/WllitM7HqmNDY7qhAkcWhWRqHFytWQsVDxU6PJkxkqBK2I05M8aCzU2WjdPwafw+aSpzwDhwVYDxsQK8nDbve6V5Qh8NstxanUeeE2ou8k45dr6ZzzEfmmpj98Bwhw0z/swy1JgAAAAAA/rJZW2LFLVGlcWTiROWUOKO2RNTHb5tKXmc3rFWIyEbaWBmFIxMqKlGick08JI8sTEQpD15QX4kTmoZw1LITCR6eIOIVw5zTJt5Jxgvwu7UmpnigxSzVOaECReScUGFCRQmtN/Eu/bFCiiX6jQEAAAAAoIfeDOyIEB1xouuU6IzCEbkrVmtLjOGLE5EzInNL2Djw7PhQ11GJElV/7PSH5O6FCWd0jo6bQAP9t/HdnVA5J6zz4YdMi5wS0cMTPOzOb9ulzoJvm0T6OadVAoW6GKxjQk8wUY2JKJ3DChPWIWJFINuerG9LBxPOCQAAAAB4ZZqjGHpUaeKZGLEjTngCROTGiN5XtSUq10SVuhGlc6w8POeETsucEtn0rkvizzKPEifdvTARMANbrxbDpywzX1c7oZfOcbTWhA3qVQT4kOeONScTKlSUUIHCE0dUiPCcE1mah67Le7aOCe1n5Jyw6O+4LF4AAAAAALwYGiPY15VTInIpZGkcq4UtVaiohg/t1Jbw6KZDqACgboaj8WDmkvCEiMwR4cWJdtpDxkqPKkx0UMeEpnFUAkV3B+w6KKI0Ea0JkdWayNwikWvCChOR6mlFCj1h6AHZdU7Y17YdepBFCmd2QCFOAAAAAAD4VA6KzGlwLadE9MhEkcotoXjBu32dxYGr8aB9rKZ0eIKE935Oe0qeQZioAti5jP6wVhBQt4R1OBxVxzLXROSYmIJKp9aEvlfXhHeC8cSDyh3hiRK6nAoTkXNChZjpnLCOiUiQsS6Zpz0wAQAAAAA2iG76VbUloteVU8ITJKoaEzsChbY56o8SueYjJ70nJJwVD3rr7Lomov5EDoqH42GEiYO1JqIdMnJOqMOh45TwnBO6g2vQPr9HA/Wo1oSKFF6qh+easMJAlHKROSb04FGnhE3rsNtMv9NL6Zj90hNK1Gc77c82oNYEAAAAALwSG6NwRMF8N33Dc1BUQ4J2HRPvzutINMmECBsjZQG9JwR4QkGWirEyCke0vpV0jk6c82eZR4uLHkaYCOjUHPCcCG/mvXVMRDvirnNChw31xIn50PQLbyesHBNzWrfWhKZgeLUmVkbn8FI6Pp332k/vBBM5J+a0hzrQAAAAAACuhAoU87n7WHFKRGKE55TopHZ4QkhVW2LFMeEJFFFax64IsZPKoekblUDhxYoPHR89ujDRxbPAWJdCplZZMWHVOZEJHTaVQ1NL9MDquEO8k45XbHLFOaGjc1TOCU+YULeGJ0yoc2L2I3KLAAAAAABAjyylY9cp0REnVhwTmSiR1ZeoYqQx/DhQBYEslUPnq0iRiRb2c11RwnN6PD3PJkx4P5oNetUxEVl5VDzYVcR+je8Hk7ombDrHkVoTnvOgOvHYdnjOCSs8eM4Jm+qhDxVmNKXEikPW0TH+XafXz0mV0gIAAAAA8Ep00zYmmiaRxQsrAkTknqhSP6w4UQkRkdPaEqVuRNM1plHR4SzHRCR4dNu7mtrxMDycMOHUmqjw3AbqmLDOhd/yPnJKWHdE5pzwcormd2g9BnVMqIASpW7Yfs1pkWtiuhasSKAOCtu+yjlRpXR4YoVXa0LbPMbfgzHq87fUDmpNAAAAAMAzs1Fbws6LAv7MMbHjkoiECE/wiMSQTKTo9HeMOODXWK9yTNj4L3JKZMJF9p2ei8PrR4tHjYMeTphIyGz/6kDwHBOeOOE5CzKhouOcmNOsAGDX3ak1McmEikiciAQJKx5orQkrPHh1Jip7kidOeCkdY/jOD4UUDwAAAACAr2QpGx03dUeUqNI0KvdE5pg4I4WjW5PBi3X0BmyVprHiiDjbMWH7+xQ8gzDhBameQ0KXU9eEihORlUcP2JXROXR9Xq2Jt/G1XVmtCX3vqYfeyWcKBN6B6dWaqJwTmXoaiROeMBGlo8y+ZnxZDucEAAAAADwThVMiY1WcyESJyjXRTdmoak2spHL82UTJ+8gtEYkH2bysxkSU+tG5gWuFCNvuyEHxVALFMwgTY/gBu8VzSOh0FQbUOaG1ITzly6ZvRI6JqtaEFUm0vVWtCTvdO+lMMUBfd2pN6OsopSNySOjDqzVh0zgsc74F1wQAAAAAwD9UbonKjXCktkRUVyJ6vVJbYsUtMUbPedBxwndqS3jTL+GU8PqlfX54HlaYWKw1oT+oDWjVNWGFico58UOmea4Ju5y3g0a1JtQ1oa4C268xvh6gc5l35/3n+C5MRLUmKoFCUzoi94Ttm03lmA8rwtj22r69OfOsQ+YpDkgAAAAAgEWi6+asJkMUB6w+uqkdmesiE0q0vdq3Mb7GEMO8zlI3PkcuJHjxnydUqDix4pTQdmXtL3l0p/jDChMJWeCeOSbmdC+dw4oI1umQiRKrtSbezPTZhqrWROaYGLJc5p6Iak1oSocKEOqciFwTH2aePQDt93vpHFNYsY6Jt/H1N7b9tPMBAAAAAJ4VL60jc01kqREqDqwIECo2ZIJER5SI2qn9jIhiJxvvWVGickxk873XK06JjmNC+2T7+VQ8kzAR3UkfMk2XszuBTaPQFAv77DkmMtdEt9aEnW4dHBqUa2AeoQG+uhNmHzwlcQoJWivCS+XQ58g1YdfpHYieZck7yY7x9WAMHRTUmgAAAACAR2ZjFI6sJkNW7FIFg6q2xEohTO97vPeVc6K1yYYf39h4pjs9S+/whAtvuq47cnBEjgmvb/b9U/BMwsQY+Z30Mb47JCIVzdshvdoQlSiROSbs+nSa/W7rcIgsPVWtCfs6c06oa8IKEp5rInuOHpoqErkmVJRQYcJCSgcAAAAAvBqeQNF5ZPUmPMGgEiGq9I0Vx0TV9ojdGC8SFrqjcXgiRMcxoTdpvWlev7TPT8OzCRMV0Q9sUzumUyF7qNBwtNaECgL2MYUKT1QZ43swrsKMDeitc8I+qpSOSCGtBArPNWHdEpVrwnO5eI6JEpwTAAAAAPBINGvpeRxxShytK+G5JbLhQbN0DhUqhrz+dJ6z9I1OfOfFe91CmDujcMy2TTIh4ql5ZmHCS+0Yo19rItthV2tNqIPCqzWRuSYix4RXb8GSqaia0hGJE5rKodtDi2GqYKEPrTUxn9U1Yfsd1ZpQvN8ZAAAAAOBZWEnb0FQITY/IBIpIYMgEiMwZsSJK7Dom5nPHMbFSW6IzKseKU8K7OavTtS/az6fj4YUJZ3QOT5BYrTWhwsDcyVZqTegB7i1v1/3D+S77/VGtCe1fuKnG1xOU7bdXa0IdDp5TwiuGGc3TWhP2ALTfbdtk23io1gQAAAAAwINzdm2J3ZoSngCRiRVnOCUqOqkbNtaK3kcCxRm1Jaz4oOKE1w+vf/b9GON5HOEPL0wEqItAf6yq1sQUAiJxoltrIhIrIudE5JiwwoS23QbflXMiO1FZ54SKEeqc8Ebj0PfRgR89tNbEFCts+zxhIkpdQZwAAAAAgGchEiW6NSXm60gQWE3ZyNwSmWMiEiWO1pawr7viRMcp0XFLnOGY8FLZM5Hi6XhWYaIi23nH6NWaUGHBig5eGofO95wWdpq1Wqkwoc4JfT3G1wPYLhOlc6hzwroZPJdDt8aE56LwThTeQWnbFzkmlpwT1JoAAAAAgHvm5FE4IsdEt4ZE5o5YES3UldFN4/D6/ek8r4oRUTpH5pTwRAnPSdG5KVsJFC/HKwgT3l30Mb46Dz6cadmObUUEtfxEqR2eKKHLa6qIdU54QoKqapVjYr62aRJaa8JzTtiH1pzIhAnPIqVDhqqlybomtL+TuT2G8zzMsrglAAAAAOBZ0Gv6+dxN3eg6Jbo1JipxInJMZOkblUChZM4DL56LRAkrLGRCRCRgqPjRFSJ0uvbJ9vOpeRphYqPWxAiWsztJVmvC7njvw99Zu06JKKXDOiemg+NN3o/xN4D/szmyTSXbQ1M5rHPCExA0zcOrPZE5J6w4oScLrTXhCTGRa8QTn7Tff+bjnAAAAACAe6JwSnhUKR0dMUJrS+w4JTL3Rbe2hOeQyMgC/BWnRLdmRHcIURVAvBuxkfAQpW24AsWzxTFPI0wEqIsgUp0yhc1L6fDEg8gKFIkSUS0Ku+4d50QlSsxndU6oQOGldagwYWtLVA4KfUTOCT1JWZFIDz4r1Hg81cEKAAAAAC/PasrGqmPiUk6JyDGh7e46JcY4xynhxW+ZOFF9ftUx4bngM5HiaXl2YSJD7f66I895nVoTKkx4IkRXlNA0EXVpqHNC3QS2b2P4woyqq1mtCT2wo1oTndQOe1L6kNfZwWoFFHVNePlmWd8BAAAAAB4JL3XZzusKFd2aEitFMHcLYJ5RW2K+zgQJ70bpUXEiEiiymLErULwsryRMRIG73cGtINHZwdXZkI28ERXGfHc+o2kc+l5TOrx0B3WLjPH9IJ/PKk7s1JroCBOelSmyOOlJdIyvB6wVKKxoY7Hbwvb7pQ96AAAAALh7ouv4SHxYdU10RIpr1paIHkrkLKhEiUqI6BS47KSARAJFlnri9Un7+/Q8nTCxUWtCA9352u40NpVCUyvs9KoYpn2v9SfUMWGFD/sdnjCh4sQYdUDundxWak3YVIxurQlP3Jif0W2e2ZzUNZGlsUS//5f95NlytAAAAADgMVgYhSML3KuUjkyEOOKQiFJBVmtLRGKEvdbfFSVWnBLeKBueEBF9hzfdi28mWdqGK1A8a9zydMJEgLoHPMt/FgRrCoUnHth0Ds8JUYkUOvSorlvFECskzPe6A2cnOTvNO5FZgaISJyp1MjtoM3vTFIW0KGZkdfpwpg2zLG4JAAAAAHgUMuFh1R1xaadExzFh26HtX3FMeLFaJVBULomOGJEJF1aw8OKeLNb0+qV9fnpeRZioiHYIm9phhQnrnLA1IdTxsFJzwnNP2Gk2rcO6ODLHRIZVXm0NhyilIxIn1CnRFSZ+B5+LlEWtg+E5J7xUnar/OCcAAAAA4OpsjMKhy64IFbcSI6pHR4xQMseEfe0JBpFAsVNToitKdASKl+cVhQnP2j/G1+D+w5mmzgkVJ1So2BEldJ6uz3NNeAfxDOJt34a8t0H9nGYFChUmrHMhck3Y1x1hQk8emTChv4P2cTK3iwcHPQAAAAA8Eln9hSzY7zgkzhAospSQSqiIRImOU6Lrwo5ECc8tcUSc6DoldLr2zfb3pXhaYaKoNeHx6SyngoR1TnjihCdMrDgnvFSQ387r7ASlbgLbtyHbwC5TpXJ4dilPkIhqTXgKpv3Mz/H94NWUDtsu+/t4J+kPs0zU92/gnAAAAACAS+I4JZQoQLfXuqtpHZUo4Tkp/vPvI3NI6DSdv+qU8FzQGrBnAkUkGFQiQ1eMsNM9AaRySnj9GM50+/6fDfPk8cnTChMBM4i16Q6Ra6JyTnjihAoTmRuiK1LYdXvOCSskRLag6OSneWs24H8bXwUJ65aYryO3RHaQRoriinPih2mnCkp6IveEGO83BwAAAAC4FVFaR3ZDMhIkbE2H7BEN87mbyhG5JqyLQ9vcTeOIYp0sPovSNyoxwnNSzNeZALLilPDcEp5I8TK8mjBRoTuIVeusa0JTKioHxRFRQoUJFSfexte2jfFVSOnmqqlgM0UKrTlhxQrPLRHVmqiECbsuPXijlA51h1TCxBjff1ftOwAAAADANdGbhSuiRCZOdApddkSJrnOiW19C+9slEyJWRYkdcSITIrIbrpnjA/7llYWJjmsic0xoSkfmnLA7ulUw9b2mcWQPm9ahqSbRDl85J+yJbW4jFSb0hGcFhZ/j+4G4IkzYdc11eykdmlqi/ZzbI+qzJ04AAAAAANySFVGiStvo1pg4o/ClFSXeRyxOnO2UWBElOkOB7hS9rFI3IseE9s329yV5emGiqDXhpTpoasB8ra6JKQj8Hl8PsqrWhHVHeFarquaEHRVjfre2S50T+jrq85vzGStMeLUmVJzwnBP2YIxqTkTOCRUmrEjiCRNRSkd1kH9ZjloTAAAAAHAmB0bh2BUnVp0SkTOi65TwvjdzSkTvP53nI06JrFZE9Oi4LfS7MoFikqVtuALFq8QjTy9MBGiKg/djW8fEREUAdU6oGKGpHN7JYromrKPCW14FD00pUREhCti99A49KbzLfLsu7YM9QXScE5GDIhInspQObdsYX3/LzDmBawIAAAAA7oWuW2JVjLiWU6KbxtF1THjX+h3XRJWyoWkaKl50hYosjsluwkb98Pr+UryqMNHBC+C9VI7KOfHLvM/cE56Dwqs1oeki6uDQ92P8FSyG0ycVK7wTYlZnQgUDe+DpSbByUFRChHcwqxjjncBtvyLHjHsCwDkBAAAAAEdYGIVjvu6mc3hCReWU6DxWRuM4MgqHd63+ZdON7zFGJUbsiBQdp8Sv8V2UWHFK2D6BA8JEfufcHgiWNzPdOiasa8I+1AGho3RorYnINaHCxPv4fhBYJ8VsZ3RgRCkf89nWmpgnjilKaBFMm9phnRMdq1VXYbTT7bacbYz6qc6JzJULDQsAACAASURBVDETihQAAAAAACfh3SzMRImOU+JsgWLVKbFaW8LbFh2HRJbS0a0tkU2L5nfqS0ROjsop8fLxx8sIExu1Jub0yEakKR1TMIgEisgpoa4Jne99zju4rRgxhZQ5z/ZDD/zopKAChV3HfO+ldGgaRyRO7NSa8JwTsx/aRs89YfulYoSd9k2cwDkBAAAAACskTonIIaHTVtI5ukLETm2JI06JyjHxZZM577O0jY4YEc2Llu3UmIhimkqEiBwUrkDxanHHywgTAdmdc53miRL63qZb6ElDa02oKGFrTOj8Tq0J+962z7o9bErHGN9PBna6qrWazqGuCS+Nw6s1ER3E3VoT3gGvzolh5nVtYu30DgAAAACATY6kbWh8oaLANWpLdN0SVT8iMjHCm+alVnRqS2SjcHRSO7wbrd5N1OqhfX9ZXl2Y6BA5JtQ1UTkn7LPnmvBqTHRrTdjvssKEpi/YYN32bYyvJwi7jJ4IdRuoY8IKCpW66Z1somW6B7dNP1H3hPYz2gaIEwAAAABwNkecEp1UjtWUDXVKdEbl6KZvZAKF9v9Tnufryi3RrSnRrS3RESOqm6orbgkwIEz8JQrY7fzINfExYjFCHQ1ZKkf2XNWasOkcKphEB0bXXvZu3ut6pigx27rieug4Jz7luTrwp3Ni/iZWrJjbJeprtQ8AAAAAABzFc/NWgsSbPGt9uswpcWZtiSiFo0rn2HVMdMSJVRHiqDgRiRIdcUJFCmKOf3k5YWKz1sQw8z1xYpjXKk5kzolKoPDSPaJaE1YIyZRJdU1UdJwT6prwtlMmTkQ2LT0J/XTmWWHIppZY58R8jpRpu1zU/y/7zavlfAEAAABAD6e2RHXdvZK+oU4JdU1kgsJ/5LFSY+KnfEflllhJ31BWxAj7PkrByIpadgSJ7LsrMaLqo30/xnjdOOPlhIkADdQjx8R89sQJFSZsaoXndIhEiZnW4dWkyGpNaFqHuiY858RkzstOovbEqNtBXRN6ElkZpWP1oWKIrX8x22mfx7/Le32cy+GaAAAAAIBL4KUz7IoR13BMZKNwVG6JjjgRxViVOLHrmLDzI9GiW/jSxiBdp4QnWBBzDISJFexBMwNbm8oxDzYrSHgnFis2ZK6JrMZEVGsiOgFEzgmLJ058jvjEmbkmvINTRQrvRNM5AUUnq+rAt06RKeDMfmlfrXPGPVHgnAAAAAAASzIKx8S76Wdf2+vsjkBxtLZE5ZyIHBg7bgnt6xi5KLEqRHQeK26Jbq0JT6DQ2AQaIEx8p7pjngkU6qDQNA4VJzxHRFUMc6fWxBQRbNvG+Fo7YvZD39sUCF2+ck1EgoR9jg7u7KDviBXaznczfW6HIc+ZcyYUKQAAAAAAArzr645rQq/vOyNuXKK2hK57vl+tLeFtizFiQUJvPh51SlSjc+j0rlMiEySyGIW4QnhZYeJArYlI2dPUCU3lUAHBOh7UOZE925OAV2tCVVabZuKlc1QpLBqwZ64JrfHwY3zfRvqcOSUiESI6GUQnAE0/8U6QnhhVOihwTgAAAAC8NolTInJI6LSddI4dISJySHRG4/AECU+UyJwSfzaZPNvpmXOiI0bsFL6snBb63V1Xt0coULx6PPGywkRAJ1C386KHdStYx4QVJ7TWhOecqIQJ+/m5vjd5tm3x0jm8QFzRk6p1TmjfVYzwXBM/x/cTTeSU8ArLeKJFdDKYbRrje38954QlEqte+qQBAAAAACXdtI2OGJGNwOE5Gs4chSNzanScEp4gY6nEiBWnxI4oUQkUmZO7SuGoxApiCgPCREwkUthA1e6Ic96crykdKk5orYkV54QWxlTnhP3O6KSnB0h2wrB0nBNROocVJbKTTiU6RM4Jb1ltmxUsKmuZXW6+nsvinAAAAAB4YTacEpUoUTklVt0Su6NwRPUkMlEickp0WHFK2OlVrYgdIeLX6IkSGn/Yvmi/tK/ggDCR4+043s6mB9GbPKtQkNWaWHVO6LrUOWG/PzpZ2PoLY8QnEu8kq2kS1jVh++Id0NkoHdXDc05kyqT3fvJhtpUHzgkAAAAA6LAqSmhadleMsI6GFSdEJUh0hYij4sSKSyJzTJzhlNipLdFxR3ixCAS8vDAR1JoYI7+DPud7B9ScNx+eayGrNbHqnLAjdFjnxNuITxCVc8IG4uoaiU6ulWsiEnF0lI7KLVE5J6LP2PYNeZ59suKEd+JAnAAAAACAiEiU8JbzrtVXxImVUTcy10Q1CkdnJI4oztDt4F2HVwJFp6bEagHMqqbEzmgcKyLEl3k4rv/h5YWJBlEQane8D1nGOifUNWHTOrJaE6vOibdgPeqcsO/tCUMDdRuwD1lO3RJ2m1jXhE7zHBOe82HXORE5JLyTg54Y7W9on73PIEgAAAAAQIQKFPN5JXWjOwrH2a6J7Htt/BG1u0qVjq7Vs7TuSzolstoSWfyh7cYtcRCEiRgvMNf5ulzknLBpHPMgrmpNdJ0TnvvCrtNTY732jfE1pUOD745zwqvnYJ0T0UEbnYAyUcP7fDUtOlFMVKyxRCeTLwowtSYAAAAAnhuntkQWM8z5K6JEN42jGnVjd/QNT6SI2nfUKbEiRnh1IFbEicwN4dWW6DglJtHNUIUYIQBhIse6B8b4HqzPZbzaBJ57Qh0TKiREromuMGEfWhDTOiV+/9tG65zwDqbMfmZfW+eEBv+23oQVKCLnRJZPlimp3nu7/ef3KyowqZvEQ/cLAAAAAIAxeg4JvXGYCRE6/VKjcFSCxCVH4dAblfa6PxMQznJLdApeZjdMoxuiw3kNAQgT/+LUmuiSpQ7YdA51TkQuB2/40Mo5oe4KK07od2XOCXvgdLdDxzlR1ZrouBw6rghVLz2xpXJO2N9syOdsfz3R6s9yOCcAAAAAnouGU8JzC9j3O26Jqv6D55TIakx0nRPXHIUjuimp7gVPlOg4J6L5R5wSUUzRhjjhKwgTfTLXxJyvB9hc3goBVqDQ/CxPnNATQeWcyFwX1jHxNv46J/RkYlM6xohPNN4Jd7onVAxQcSITGnZqTKzkfI3gvWKdMFmOHAAAAADAGHFKQ1eMyNI3dlwS3dSNqq6EJ1CsiBNdMaJyTKgocfYoHFV9iU66uOeWgAKECSEYpUPzo6KDLrvbr8KE556wwkLkguikdGgah3cCUTeHuiYiIcb23W4b76Q7l4kKYapA0REaVp0W0cO6OmzbtA9WYBpmeW9bfAPnBAAAAMBj03BUv8mznR6lb1RCxU5NiSMOiY44UaVwDHmtNwCj6/jMMZGNxnGkyOWqKBG1O7rGV1Hiz2viAh+EiR42AJ/vvWXmsw1mbQ0HdUzMk5EdpaNyPXRrTfwK1h3ZyKxQoQH72/i+DYZMt2KEbhcrBth+6MHt1ZroOigih0QmWnjttNhaE5FjwhNuONkAAAAAPDdVGsdq+kZnFI7VWhE7YkTH0RE5JTKHcSZK2NfVkJ1njcbhCRKeOBHdQLX968QZUIAwsY4XoM/p+uylc2gKha3/8C7vO46JyBkROSe8E4nXTu1PFHCraOGdfOcB+kPWkTlMovc7dSii7/Kmz2mdE61ddr622+TvQjgnAAAAAB6KxCnhpTPb151HV5zoiA5dp0TmnNDv66ZueNfKu06JTIzInBL/+/exOyqH991d50QE1/yLIEzs0dkJvYPPEwS8WhNTmNDilZlTouucsA4JexIYZvqbea9uAA89Oatzwm4Hb5QOPTntOiciIWOM+ETi/Zaec8KmdXjLl+IEAAAAADw8q6JEdhOxI0TMadEwoFF6x2pxy2uNwuFd33tCwLWcEjtiROcBiyBMBAS1Jsb4fuBFVh3vrr0nTGhah6ei6kHpOSWyk8cvZ90d54Q9sLITjsU7OVvXxFHnRHWC8D4zzHPlmIicE2N8FSe8Ew7OCQAAAIAHZ8Mp4S0XXXNXqRz2/U5dic5nIvEjckpk6Rsddt0SqzUl1DnRWefZBS+133/g+j8HYWKfKPi0Qa29w/5mpqljwlNUrQixUnOiEidU1LBtOHuUDuucUCHAc06oeho5J6KTWiZQ/JTptl3RScJOt6JNtA1wTgAAAAA8J5lTwk7rpG10Rtyo6kt0Cl9mIkTHKdERKCK6YoQ6Ji7plFh1TKzcHB0jjyugAGFiHRt8RvP1OXJOfJhndU5oGkckTmSpHfZAs+v0VFwv1cS6JjTQjvLJopP0FCmse0ILYNrviVIzdJsqHRdFtFyleto0l8w5gzgBAAAA8DxUTomuKBHdSFwdDtSKD//997E7Gken+GXUN90eWRyUCRQqSFSpF7uixNlOiQyu/RdBmNhjBuBZ4KkH5IcsO3f26VSITmCVc6JbcyKyjkUnUBuET6aooOLExE63J6spSnya13Y7eY+f4+u20+fuo1I0s+lDnrNto32y2wMAAAAAHh8VKOZzdD3dTd/oDAu6OiJHJUZkdSZmHGHbHokSihcDedfnWQrHERFixymRjcTRSeMYzmtYBGGiwKk10SUKgG1Qq2kdqhp2nBPZ6Bx6MskUT/uIak14zolh3tu+z/c2kLcpIXNdNpUjcjhU7zsnimgdw1nWotM/xleh5SNYXvmiJFNrAgAAAOC+cK73q+v/SIzIbgqupHBELomVUTi6hS8j8cQTWoa87jglPJFiVYTQGhLVaByRU+LIDc7la3eu93sgTBynujuuB+NcVgWAqNaEJ0jY15VTQhXP6CSpJwnbTts/FSMi54TFuiT0hPXD2U568vpplvGU1upk0nFORO3zBIsspcMytw0nIwAAAIDHpnJIZCkcmTjhFaCM3BI7zon/jO9ixKo4ETkmLJkoEdWWOCJSnDUSh9a50PauuiVgE4SJfWxAbsUJb7kpQLyb9/agzmpNRG6J7ugc9v1v57NV7pjnmrB0lOT5rGkd9lG5JoZM89YRnQgzgSI64bw73zWfPQtbtF1UnMA5AQAAAHBHNJwSnktA5x8RJ6q6EituiU7xy1W3REeMmM+7bgmv4GUkUqw4J6J1rtzgtE5rbxt4NzlhEYSJY6hbINoRvXQITeNQ14QVJjxBQk92q7UmvFE6qsfEOiC0n9F7K0qMUbtLvBOcjqyxYr/yUjcqkUPbpu2eaR322YMTFAAAAMBjo9fEK+kbWQqHN/JGJi50Clp69SQqcaIzTGhGJUSs1JQ4q7ZEJEp4AoWKEJ1YIYoXYAOEiSYbtSbsHfJoh7bihBUpPMeEHVEjEya8eZ56+ybzhrOcJ0zMNr6b99pn7bddLnNOeKN0rLgcPCoXRSVMeO8tNq3DihNe3+10nBMAAAAAN2TRKaHT9Vq6ckisuiQqt0Q0Gkd39I2VUTiybWTRa+2OONGpKVHVklgZhaNyTGQCRBZzfIPr+jUQJs7DuiciO489WCd64E9RQgUK+/BG6aicEt4Jx3vfESZmmoP2zztxqaskck5k4sRwpkUiQ9dBod8fWbS6SqitF+KtQ4UaAAAAALh/OjfwdsWIqMjlSk0JT5DopnFkcUMUByjZNfqOW+LSo3BkdS66tSW0/3ACCBOLOM4JT5CI7pBHgbY6J6woEQkGKlJkYkP0+CXrtp/RNuhJWYUJT4TwpkfOiSl2dJ0T1fvs5KGfG+Z5xTnRPWHb5e17uzzOCQAAAIArsOGUqFzFlVDRHRbUExz+K48zRuDoOiU6osR8roQJTxjwBIlMoKhqS0Sf7bglVp0S0c1OruM3QZg4By/o1DvkGshrYBy5JiLnxO4oHZE4ETkn5vdPbLqCOic64oQ6L+Zn3+UzlUMiKmoZnViyE89wnpXOCaZTawLnBAAAAMD9U4kS0U1AW/ctEyJ0WtcpsSpIdGpK2H4cFSW0ZkMmSFyitkQndWNVnIjiBt0WcACEifOxO6Z3h7xSFiPXhHcC7IzSUTknPEdGpphaIcU7QHecEypwTNfEkGn2+6o6EV3lc2X+kNceXXHCvv++EM4JAAAAgFNp1IrrOiUqUSJzSlxzBA4VKOb7rlvCbosvm9I8d9wSkSDRFRrOGIUjckt0xQjbd67PLwDCxGXxdlp7IGutifmsrgkthrkySkflnPBOrpk1bbon7EnKCgtzXiROeP1VYWKY1+/j735qTxDetG5RS7ust8wI5tnpb/LesuOcwEkBAAAAcH2yNI4VUaJyTHQFiUqgyJwSc5o30oeKJStpHJbKKeG5ErLhQM9wSHRG4TijtgTX6hcEYWKToNbEGP4BbIkC3yylwxMoqlE6IudEdYLtuCZURbUHqroBou0xp88A3qZ1zOcf4/t20tcd50SVwpG9/nCmj2B53TZWnPAEDW/f+XLCwzkBAAAAcIzEKaE3zVSU0HnR9bEnTnTdElZw6Dghuk6JquBl5qCOiNwDq06JSJDQUTi6TolsFI6oxkW3vkTGl2W4Xj8GwsTl8AJPnT+frSihhTA1ncM7+XmjdFROiU5Kh/2+rBjmxHNOeOh0W19ChYEf8l5PFl7RymgEjmw9mctCP+/hLTd/yzH8bdESJwAAAADgdCpRInJOZGkcXZfEj1ELEtmwoNlIHlnRyyoWyJwSE+8mXvTwhIGzHBKduhKdNI5VpwTX6RcCYeIgC6N0RAGuLm8DWs8tEQkIXq0J70SzI0x4J249WeuBm4kSnpPCts9uCytQZMLErnNimPl22ZGsy2uf/r72N7TbwzuZ4ZwAAAAAOJkNp4TSdUhUIkXlaug4IVacEl1BonJFR3jXwZFTojPaRlVbIqspcXQUjqxP0U3MYV9zfX4OCBOXQQPv+d7bmW0gbPFcE51ROqqT5UqtCT1pWeeEttPyLu89EUK3kRUl5nZRvBPC3Icv6ZyI2tPFOic8cE4AAAAAXIfMKWGndcUIT4To1JNQsUEFiMwpEYkUWuSy45roihKVEBGlTKykcpzplOiMwtFN5+g6qOEACBOXx3MHzOn67B3wkWvCczh0nA+rtSY6zgl1TdiaESpCeILNkOfIOWFdE+/m/RjHnBND5mcnJE/kGM602Tfti4pQ9nM4JwAAAAAOcsAp0b1+1ht+0dCcR0bf2HVKqGCy45TQa9LqetkTJ7xRMrrOiOrRqS1x1igcE669LwzCxHXI7oJHzgk9OfyW957D4VcwfaXmRPR5dUx4qvLE1pqwbpHMOWHXlzknIlHgZzC/65zwLF3e92a/X4QdpQPnBAAAAMD1OeKUiMSIqLbESqrGylCg3YKXnXSOFafEfK4cE1nRyUvVmNipLdEVKsbI4wM4EYSJk7jSKB3qnMjy3jLLmaf4RsJE5Zjwail4ToMowFbRwgbwnnOiKobpnTQj50QkVFTrj5bXaRbrIsE5AQAAAHAyJzolopt1GuCvDgnaESNWnRLZCCBVDBCJElF8siJO7NSW2K0p0a0rwSgcdwzCxPWoAvTMOWEftt7EL7OM1pvIhIkVx0RkX1PnhG3vxDonbN+zz8zPKZlzIlI19XWW5uGldnhE6mnH9oVzAgAAAOC6nOWU6AgSnjixm7IROSUuVfhS6TolIkHAChQdceKoEDGnd+tKZE4J3BI3AGHi8kRB5pBpmTKpo3TYWhNe7QnPDbEy3xMmxvBPXt5653R7MGufK3HCc0zY7aLOCd1mY3wfaSMTLzq/QyRcdNY3wTkBAAAAcCJXcEpUokTXLdEdDrRbU+LMUTi+bFLn/SWcEp47IqspkYkUUfHN3doS3ZuQcBIIE9dBA3HPRRAFxJrSMV97YoSefH6NryeiM5wT7/J9njAyxtf+es4JD/3zmOvXmhWWTN38jyyny0fvvenKkZMTzgkAAACAy3K2U8IrLJmJEZHIsJK64a0jG3njfcTihOeCrq5D53MkRnjuhCMjcHRFiE5NiVVxYjjvdVvABUGYOBmn1oRSBZuZbWp+br7ujNLxa/gno456mp3EMufEkGcrrnhpGh7z81ac8LaPHamjc4LxTrLZfF1Htv6VkxbOCQAAAIADXNEpERW6PGMUjsoxEbkmunUlvOv5LvM62T53nBJnjcLhiRKro3Dspm2E19Rcb18GhInbkN39tgeHBqvzZGIDfT0x2JOpN0rHfK5G54hOZJ5IYZ0Ttq3DzPccD50/kzG+ihneejJlsxIXvOW85aPvOuKowDkBAAAAcC6Xckp00zciF0S3joRXS6JT/LJzTd91SniPSJDwnBKrRS/PLHI5p0VCyqpAAVcCYeJCnDBKh01hUNeEdU6oGNBxPlROiejz1vGw4pzwHCF2efs8l4mUbc858WN8P5no92WFL3V9kZMiEymi742wfcQ5AQAAANDkgk4JdRZXokQmTmSiQyelY6WmROSYyBzP9nXnRl7kljjTKbGS2uE5NTpChF7jZ3xZhuvry4IwcTs6d77tATSxJ5HfZprWetBaE5kS3HVORGJFpsBOR8B87fXV+9NQccKKEnPbZM/RcnZ65pioPq+snqjUGYNzAgAAAGCfM5wSHVHi58jFiOrRKXa5k8qx4pTwrjcrQWK+zmo7WMFgdZSNqu5EVk8iK3rJKBwPAsLE9YmCy+FM8w4UG7zOE4wO29lxPqw+RrCeap027cT2x+uzRcUJrw0WO0rHfI4cDZkgUTkgqhNaRHTS837P6PPDLGen4ZwAAACAp+eKTgkvnSMTJVbrSnSHEF2pK2HFiep6/s8mlWc7veOW6BS67NaTWBmNw3NqdMWIMfxrd88ZDVcEYeI2qBtAg84oINYROmxqx28zLRo+tHPi7dSa0BPeSL7Hujom0x1g00J0m+h0+z0qSli6Dokx4u3sLd91TlTt6ggPms7hLYtzAgAAAOAyTglvlIujTolriBO7Ton5POMNT4zIRt64RC2JquCl1y6v7R2HROSYhiuCMHFhThilwxsu07vLbsWJzCVxxDURCRPRNG2fZUec8D43mSeVyDkR1YzwXtvnEUyvHBOZKustP3/Td/PeA+cEAAAAvBQnOiWqG3Ya4Fc1JSIB4Rqjb1TpG/baXLfVpCtKVC6Js0bhyJwSVSrHam2JtkOC6+jrgDBxH1R3vefBZOs1RGpw5JjQehM7rolV54Rtn4fWnMjECf2cihOZkBAJD5GLwlsumh9ROSSqz42BcwIAAAAg4ohTQq9rq5oSViRQUaJTU+KoU2JFnMhuGFqia+IjYsSZ7omsfkXlmlD3RMc1ATcGYeJKbIzS4QWa6pqwn5933G3qROWS2HFPDPl89l06z07Tk4LdDivihLYlck4MeR85HDJhwpuvn9fX3vsM7RPOCQAAAHhJLuCUiGpKVIUuo9E3zkrn6NSr6KZtrIgS9v2uQHGGQ6JTU6LrlFitLRFuF66brwvCxP0QBZV6B326DOxJYzolJuqcUEU4yqnruCXe5P0Y30+AlmiaxXNOeHifU444J6LPddh1SGSoSyb7bpwTAAAA8AoccUp4171HRt/wRIn/muf/yrRrpXFkosTES+PoiBFZHQgVF3ZH5shcGt4oHJEzIhMphvMebgjCxO2Jgsoh0+x7HelCa07YVI4otWOM3O7VVZoj54S94x99v23/kHVVRO4NPcmuOiei+ZXSeqmTXCVO4JwAAACAp+KCTokzRInMKXFG2saKU2JVjFC8oD4SKFQQqOpJrLgnOiJFNSyotj8TJIYzjWvjG4MwcR9o6sJ8nwXANqAf43ugbsWAIfPmY9ab6DonMoFiONP0uxX7OU8o6P4p2ZoTWarFfI6cE9HyK8spZ5zkcE4AAADAq3Nrp8RK2saKQHHG6BuZe1nxAnYVJDKnhPf6f/LsCRQ7o3B4w4LupHFE1/8jeA83AGHiyjRH6fizeDLfnkTssvak1HFOZI4JtwvJZyPnhP55RM4J7b+3DTTQtuKGN1qH0hEgMuFiVbCwbTxC9Ltn3xc6cHBOAAAAwL3hXB9HN7Yqp4Ren6owseuU6Ba8XBEjvGk/RuyYsOKE9rXadh1BYieVI6sv8X/yWK0rUTklMlHCo3Q2c318GxAm7pvsoJgnkvfxNVDVgD9yTtiT2f+GfyLfcVEMZ7qnalsqcSESJ3T6qihhp+2kdGSf7yqx3ROfOmUyscNzTgAAAAA8OrtOCXtNG4kSnQKXZ4gSu44JFSWyNI6OKBGlb3RG4fAEiq47whMk/mfW6X2XFSWqNI6OYwLuEISJG3FglA59751k5jrsSB2ec2KMWEzo1p0Y8hm7zo5jwhMXPmQdngiRTbdtsdtJ601EJ6jM8rUrTMy2efM7jgr7u9q+dZwTdvqX/U3vTKAQAwAAwLVo1pKw77tOiehGW8cpEQ0JekYax9G0jUiM6IgS89kG8Jn7YMUpsTPyRuWW6DglKhGiEiO+zOM6+LYgTNwv1V1vvYNumZ/77UzT5X79+9qzvKljIlOk5/y5Ll2n/c7qJKq1IlbEidmeSjhY5doOiawdtuZExznBSRYAAAAenUs5JVSU8FItOqKEHYXjbKdER5iw28aS3czsiBJR/YdoFI4qVaMSJKoROnZqS3jbA+4MhIkbEzgnOi6KOS8aQnR+bj5+O9NUTOi4G7pCxTDPmao7zDLz2XMqqAihbgDbj2yUj7nuH/LezrfTvZNaR93vnvQ6bom53PwdO84J247SOfFnJrUnAAAA4MIccEpE16mRU0ID+5VCl1ZAqNwRKkjo+5WRN7w2V4Xoddt4N9S8x2oKR8ct0XVTZHUlOmKE15fMIRFd83PdeycgTNwnkTgRHTRRUBoJAJ4A8cuZv+KWiEbpiNoRtVGdEztpHd1CmGPEKmp1grqUI6JCnTI4JwAAAOCZ8YQIfZ85Jc4WJSoRYtUpYduyMwqH3UaWbvqGpk1060RE7oeV4UDnvKimRHckjswxMUYiSsD9gDBxv6yKE5EKqifvbHSOMeKUjhF8JvuTiBwTM5i2d/+HrGcSiRP2M3Yb6Ak6ckxYMqdDpLyecULruiXmsrZvU4yy28Y6JzxnBM4JAAAAuBknOSXs+44Y4QkTu6Nv/Fde6/vuKByd0Tc6KRy6bSKnRFVTwhMAKrfEYwN1jwAAIABJREFUSl2JztChZ6RsIEo8MAgT940XTEbiRGTn15OWl9JhH7/G95O9546ITpLdlBBtX4atGTE/Uzkn1Hkx2XU66Hed5Zg4I+UD5wQAAAA8GztOCU+U0NoSmVNiRZRYcU1Ew4JeavSN+RylbWSpG52RN7SIZSU6ZKkbR1wSHaeEt23gDkGYuBOcWhNKVeMgOwnNz9iHFsb0Hpl74lsXRv6nkc33lp/T9AQzZJ7Xjki0sC6OyVx3VnMi2ra6nuFM75CJCVYwytatzomsnTgnAAAA4Gqc4JSorlUzp8T7+C4AnOmUWClseaSmRCZKRE6JyFF9iRE4/k8eHcHil/OdO24Jj2zePxuQ69u7AmHiMckOoso5odM0tUPz18b4fhKM3BPeH8UY9ck0a59FRYVMhPDWtVJzwg3UG5/bpfq8tsvDOieqdb3J8wRHBQAAAFyDS4sS2SgcZzklujUlVKyI6kl0nBLRjcKuUyJyS3TFiK5TQj9jX2fuiLNSOuDBQJi4M4JROsaIA9Lszn3lnIhqPMxpdnQNzznhnRg9AWIlvSNbr9aasH2uxImoIOYhpXWD6M9kBNN12/xO5o/x/ffvihT2s9/ECZwTAAAAsErTKeFdi9rXnhihwkR39I35uhoS1BMgutMyUSJqU5YuXV17j+HHA/M60IoTGugfHYHDOiWiehLVKBzqnDhSVyLiyzyuZ+8ThInHwwskdf587jgn5gnuY3wfmeN/8pnoj0HV6sg5YYmmZ+q5FRe8u/w74sStTkzd780cEtl65+/fdVDM7wrFCQAAAIATqESJSJjwCl2+jbUhQas0jmpY0BXXhCeAeKNwZDUlOqLExLs55TkmKiFiToscD9WwoN26EvNxplPC2x7wICBM3CmBc6LjopjzbACvjon5nN2Bj/4URjJ/ZT3RiB3ReuezDbTtembfd8SJleBfT/oVXh90nrdM5w/IW6cdrcPbZpPOPoRzAgAAAJZZcEp0RIrqhpiXwtEdfaMrSKy6JbLaEp4oocLEqigxsWJElMbRKXxZCQ6ZU6I7EsdubQn73kPn/XnN9et9gzDxWLRs9wYbjOqoDXryz4YRzf4cOs6JEaxH22HJTr6Zc6KzriPOid0T2qc8R1TbZXX5VefEyv4FAAAA0CUSJbKbM5FT4sjoG1Why87jTFHiDKeEF7hr+kY3ZSNzQxxxSkSjcKhY4okSK6NwuKIE3D8IE4/HavBo3RLqNpjPv0f8Z+BN23FOdIphVt9hsW6QESyj7dDPd5wTqw6J7Du7okP2Pbpd1PESrSty0Hjf6e1fX5bTOyEo0AAAAK/Lwqgbc1p0vThfRze+VJiIClxGwoQ3dOeKUyISJCLxIytweYZTIgrSV2pK3Mop0Und+By1IIEo8SQgTDwmmrIw36/UnIgCXE/NjgSEI84JpfpDywQIb7SObF32c5Vzout0iNhdX9WHrqPCfo/noIk+o9sdAAAA4CiRU8JOr64pK1EiqinhCRGZY2K1loQ38kY0NOilnBJR2oYVJbqFLc9wSthpXupGVU+iO/oG9SWeAISJO8epNaFUqQx6wHo1J+xjuie81I4x8hE2dH1fuuI8rzgnvO+xfemKEzrfpri8jX/+KOxnfyyss/oufe/11dseumy2jt8y3XNGWAdNdiL/5pQw06g9AQAA8OIsOCWiGyvZdVCUuhEVuVxJ4VhJ1ajSNlSU+I98/45ToiJK34hEihWnxOroGx2nRJS6sSpGZNsihOvTxwBh4rnIDrrKOTFkWjRdR+7oOCcy4SIKuCvscp7zIVuX55yYVI6G1end+RHZH7k3XedH7fDSObxlpwAEAAAAcITOTSoVJDxh4ohToiNMrIzA4YkfkVMiGhrUu37OqGpKdEffqNI3usN/Zk6JaNSPTipH5ZTYSbOGOwZh4kEIRukYow5AJzpKQ+acyGpOrDgnvnQhWMYTLvR7vfVoHytxIvpc1q6Ial3Z56o7BdF3dbbLm7z3pmvNiZWCmPbzOCcAAABelANOiejmVOSSmK9tQG+FCRUAvKKTmTCRCQ+dVI6owGUkTGiac+aU8LZxJUr8dp69gpMdcWLVMXFWTQl1fayIEV/mcT36WCBMPA/dugDRnfLOHXl7Ev3lLO/92XRH58i+tzN9DD81YS5jt4++n9MiccNjt0bEKt4feue7ouW15sSKOOE5KHBUAAAAwBh9USK6JvQcEm/DH3XjfXwN/qtCl54wcbYokQkSnlPCEymibTlG7BioakocrS0ROSay5a0YsiNQdIpd2u0CTwDCxOPjCRJZUKy1JiLnhBbDzJwRHcdDJlSsrmfIvPna9sFzTmQBtRU1uuKErt977wkx0Tz9fNTv6rNjfB2tQ8WI4cxbyePz9jecEwAAAE9O0ymRXatlj6ymhFejIXNJWHFip8hlNvqGPnspJJ30jeomnSVzSlyqpsTKaByZA+OMtA0Pncc154ODMPEctIJF5zOrzoksuNZlIgHCW29nftQ+y4/xdVhMxVvXUedERdTe1ZNnpaJX86p2dGpO6GfegtcAAADwOlSiRCVMdGpKeMJEVOSyOyxod9QNzyVxVJQ4yynxOWKHxI4YkaVueJ+LakxkDokdp8RIXo/BNehTgDDxYCSjdKyKEzaAV8fEfH4b30d5yISJqO6EXS5K7YjUY+/PzGvPZIoTc5l381pFCDt9suOciNwMk+g3qLbpihBUrSP6Hee20hN95KyI/jB1nruf4qAAAAB4HBZqScxpHZFCr/uOjL5xtlOik7bhiRJVTQlvuNPOzTfv+swTJXYLX64Uu+y4IypBoiNG2Pd2O7RFCa43HxOEiedCA2+vJoDFBp922MwxeidLnR4Fz9H6PKEiWn/VHhscW8eDPYlV4oT2ZafmxMof+A7en/zK90XT1TmxWhiTPwAAAIDXJbv2i0SJM0bfiASDazglsnoSZzkl5nOUxnG0pkQ0ysbq8KArxS89UaI7VCj1JZ4YhIkHJXFOTLSegjd9vp8BqA1G9c+k65yo7u5XlYez9Vd9sctbN4hdVkWIaH27zolMgNDfZMXxkM2PlvemV86JaPSW7I/B24auYEHtCQAAgPvnwKgbdnrnEbkkdpwS2egbq44JT4SIRuE4wymh102RKGHFCc8h8ct57rolOqkbZ47AoaJEVVvCm/Z1Q3J9+dAgTLwGVa2J+WzvkHedCt7yK6JFVYtitz0WdT6oODGS6bONZ9ecqNpdiRyZYOOtZ3W7rdacmNsOAAAAXgvvmqQSIzJRIqolEQkT1egbO26JqMjlEVHCuybzrsey9I1ugUtPlOiOvpG5Is50SnRH3ygFCXgOECYeHMc54d2xfnOmD1n+rJoT3mgYug6vHZ0/Nf1c5iBQInFCv3/I9DNG68j6X/15Z8voerxlo5oe2e/4Nr7WnuiIFF4akW0XzgkAAIA754BTorpu0ZoSK04Jr8DkrlOiEiYyocNrh1ec80ynRCZK7NSU6Ba+PGPkjSM1JSaRW/fLslxPPgcIE69B9452NkpH54772/jn5DRfZ8JBZ/rZ3MI54QbmY62fq9ttRcCww4p67NSc8Pa3zv4HAAAA98fKzSR9b0WJzCmhLon3UQsSWT2Jn+MfEWI+r9SS6NSUmK+1zddySkTpGyo+7Iy+kbklPEFi1ymxMlQo15AvAMLEk9BwTijRAe7lsH35qlHfca+m6/OKA0CJpkdc2jnhtfXTmdcRFLzl381ztr7q+6LfNWq792fZRet7/J3BqB0AAAA3I3FITLxgunMtF426MZ81kPfSISJBYk7LClyuChNV6obn4LDCxLWdEl1RouOQWFmm65aI3B2VCFGlbeCUeGIQJl4H6wCoDviVoLNS0aPlo+Wq+Sq4dPqk3NI5EU3viiud7Tvb+L/k8yos/R5f/yjnPG840Y9RtzdL7eBPBAAA4P7xbnZ476MbKt1RN6JCl0dH31gddSOqJeE5JTqihHfDx7t+OluUONsxccnClx1hguvGFwFh4vnxBInIFWDfV44JG9Dq9DHyPyudX31eyRwCXc52TugfT9beyukQLdd5RDUlvO/zfstKELJ9jv48ov2t3P+oPQEAAHB5FmpJzGkrooRXT8K+1qD+0qNvHHVKeIUuNYXDE2Cia7sxznNKVLUlVlwRq06JS6VtTHQa14ZPDsLEaxAFi1GRmfns3Rnv/pF17uyvLBcRBdAdkeJM58TZOXBZ+ytxx76O1HpverZOK1BVNSc8t4TufwAAAHD/dG8qeYKEDdKjehLR6BuaslG5Jf4bPHeEiV1RQl0Sug2qm2e7osTq6BueQ+JWTomuMIEo8YIgTDwZTq2JSeWcGDLPuzNuHRTRCTdyAlROgSy4/tJFZ7qerLzPRVTOiRFMVzEicltUbYq2hVdDwv7pjeBZ/xiH89lf4/t2nK+tA0Y/ax86akdH9fZ+M1ewoPYEAADAeSzWkrDvuzc/9FqjGnWjGn3jSKHLjjARCR5eOyIhJRMmom171CkROSSi4Tt3Rt/YcUpEYoR3fZiNwjGced+W47rwOUGYeC1WnBNj5HfGI5Gj+mOL1lMtp8t3p3c46pyw65lUtTCi6XNaJmJkoo5+3hNyvPXpQwWKCC/dJ1v2TZ5tW/iTAQAAuD5dUaISJjKXRJW6kY3AEaVudNM4ouKYUS2JrktCRQnvmsu7jjrDKbFTU8I6JC7llKjSODLXxBgNUQKeF4SJJ2XDObEjTvz5upHfaY+md4Ns/S7v+6vlsuA8qhmRiROT6ZyYJ9t3WdbrRzU9+vPPXBTZZ4esYz5+BctEAoX3iJwTu6N26LR/3lB7AgAAYJmNWhLRs14veNckHafEaj0JzymxWlfCEzPOEiZ0W1TbOBIl7Pud9I3KIdEVIjLBo+uUiJwTh0UJrgOfG4SJ1ySqAXBEnJhUgkL1B7kqVFTt0Pde2sd8PuKcGM7ns/ZU0732ZctG4kI0zft8JJh48xUVI6xg04E/GgAAgNtR3SzKHp1RN7SWxPvIXRJRPYksjePIqBs6+oYnTFxy9I0josRuusauUJGJE0dECW9bwQuBMPHkJM6JSVQbITpBRHfG9Q77kOlZoFv9GXrPnfUrn+OffV7nfY5//nSOOCfmfE/csN8TtTv7wx+N5bw6E3rBkE1TtV9/1/lnE7XDc05kQla137lCEs4JAACAmgWnRHV9ZV9n1xCrRS6nMKFOBU9AqFIyMmGiGnUjckpEwooKMSvXoPPZC9Q1sF8RJS5dUyJqS7emRCRG2G2TXtdx3fcaIEyAJTvo7Qk1qzlxlOwPMlt+df3Xck58jH/+yLzv2Wm3qvEqYLwn86ppdr2awuGl6nhoWksnrSNz7ETTAQAAYI3qWiq6NvAECX3dESSi0Tcqp4QnPmSCxErqRpS+ocJEJkroNZRytlNCC1120zdW6kqs1JbYGRp0jIYgAa8FwsSL4DgnvDvTb8F0+1yldXgnaO8knU1fYWcd0yHhTbfOg6444TGD8jH+ihOeA8JbV+SK0HmRE2Ik8zoXFrP2hNeWatQOK0TMZ5vWEf0Beds2rD3BqB0AAAB/2awlYV9nNzK86wlNZ+gWufTEiGxY0CPCROTAqOpJeMLEm7z2rtE8MlFiZ0jQrkPi/+S1vj9TjFhJ37DbxUvj+HI9x/Xda4EwARbvzvV8b6d1ak54QaXl6PTOnfujdMUJbZNOsyJFB0/Y6boesrseWfrG+/jnD0nbET2iopi6T3QcE3ZZFcf4QwIAADiPTJSohIlIiFgtchmNuhHVlchqTGROCW+dOgxoR5SIxIhbiRKVU2LXNeEJH7YNXj2JVVGiqi0BLwzCxIvRcE5YsgDRWvW9WhPz9c5oHV+aXDzbdirZn0WXKU5E7a6+MysCmV0AzOlVLYjqQiJzR0TihTonsoetPRHNH+P7n1PloFCoPQEAACAcrCVRCRHeNUUlSKw4JaI0jmpY0KoYZpbC4aWT7A4JWokS3uNSTonVNI1Vh8RK2kYlSkTb6w9cz70mCBOgqCMgOzHYO+GrAfvq53bXf5ZzYuU7o+k761nZLp0LDG9+lCdpvyv6U/acE97n7Z/UroNC18mfFgAAwHdWr6kyIUJfe0JE5ZRQQcATDCJR4SxBonJJRILEPYkSXafEWbUkIoHCS9/4HL5Ikd2M4joOvoAwARMrSIS5/cHnrBKqQec8ef+SaboOXd5bNjuBZX8Q3rzVk+GuODEDaFtvYU73/ti6YoJOj5wR2fvIfaEXHr+Sdc1HNmqHuibs6+hPS/cJC7UnAADgJTmhloR9Xz2yApdnFLn0nBJHhImspkTHJeHVlIiulyLOECWsMLE66kZWWyISI7xp2qaopkR2PZcJEmFdCXhdECbAEokT2QljnmyrmhNjfBUnlO4f7cofsuUMlXZHnJjb1C6T1ZxYveBYTe3IPlPlUEbpH28jH7XDChSZiBVB7QkAAIA1PFGiuj6IbmBosF4JEipGeMJEJCZUjoiOUyIqsJm5JKKaErcQJaYwcMQp0aklETkm1LWhbe3WlPCECUQJCEGYeFGcWhOTVefEh5nviRO6/t/O/OyE3xUmvLYpWT+62D+qaN06/XPE9TjeZdnsosGb7rVr5XV0AdK5c+ItM/eH3+b9h8wfI3ZO2G2T5SJOdB/9sjy1JwAA4Bm4QC2J+d77P+8UuVTHQVbgMhMmug6J7HX2WK0nUd3IifCuZzxhoiNKeI9KjNgRJTKHRKfIZSeFw9tG9v0XuF57bRAmwONM50TnZG6pljs6/+gJb/5ReeupxAkVcI44J7I7HbadkcAwxvc/Xu8POSuG6bXDCk8qnlgi50RWLNR+Ntofq/0UAADgWehcK+hz9oicEp6roBp5o5O6kT3/15muYkRVS6LjlIiEibOcEjZwXxUlznZK7NaVyApe4pSA00CYeHEu6JzQO+BhE0b9x6p076LvEJ045/QfI3Y8zGkenjhhvysTGKLpnc/Z1/ZCYwz/AsT7Q9bfKLqboA9bd0JH7/g008f4/keu281T3b19dsh0d/9GkQcAgHvmhFoS0bWEfZ/dkLDvvZSHzlCgUbHLLA0jEyZ0XVUtiVWnRHTtsyJKaMBuA3srTFgBYEeUqJwS3doSnVE4svQNnBJwGggTkHHEOdElO9kf+dzuer2TqU6f4oR1PnS+W8WJSbSeal36HF2ERH+0njDhfVYFC28YUe87fsuzXbfuI/pnFv256Wfs/ljtmwAAAM9GJkpkNzEqYcJzShwpcukJCpVAUaVt2GmVIJE5JS4tSuizV8fhGk4Jb4QPbcuKKIFTAk4FYQLGGOOIc2LIvPm8Ik7Yk5R3h77zuWh+FNxqAGyx3/0jmP7/7b3bcuNI07Obds+6//td37T9H8xbM2kYyMwqUt41EMGoLSmJlFiVD0Equw4UVMB1VnkCJyaTilxf3ReZ+zJXROekqOCD2mYGEBlOoHNiLXmQi+CD/Y7wu/rmGNtBYVmWZX0lFQ6JJTafwPoKTHTPkmBggt26kfMIJKYPudwFE1OnBHtfyinBPv8ESrCgm922wR54yRbmXmBgAsHDiVNCOSRY3S6UYLJTwtqSwYQ1EQbSeKUa+y59BeeE6ocgRbWjWH3lnGAQooITzKGhxAbRqo8CDZOUWTvx2RMIKJ7jLYRYgxx77+yhmFeePYHfT/V9tSzLsqyvrg5KsLRaOiBRwYju9o07wUT3HAkGJv4i75fdvlFdcGH7POL9HK2DEtUzJTqnxOQ2jhOnxPSZEt2zJRiYwDzbd5YlZTBhvVHhnFhSwR69Mh39Fe81COC/dci3GO8Hi+nJrqO73Uk2inrmYMjrdHBilSswga/xAuWVVw9ymgIJ1a+b8HQDfYYSyjlR/WvH7c+e+Lfgf++wLMuyPkGHz5J4gjo2PudyNb5Xt25MgcQETOz+5Wd36wZzayCYUM+TqOY3at/j/AD/dWOlj3qmxK5TQj1LQkEJBlQ6GKFu2eguJHm+ZVEZTFhXVDkncp/8YMw7Xzvr7u3j6yB4wXoEAwzgdHBiaXJ7CAb6axvPwfdFnoB0gAL7Tq+soHNCAYrKOcEABRvsuu/c2jbW5f3hQdGyLMv6ilLjOJtH7Fw4wDH+xCkxBRJXwUTOV6/zHG/BRPevG2qOUu37iVMiOybYsyU++pkS6m9BK6dE97eg3ZL3kWVty2DCoiLOicoZUQV5OcBmzgk20E7r2ZXxzg2hNKG8r/H2mRO5Pj+fQTkZ0CFRCeEEm2hgfZDXzhOQv6Gucjp0AEO5MTrgsaADQgp29Wfts+rZE90xX9tT9dQ58e8bMdG3LMuybtTmsyS6vAIRk3E559XDLXNePWBycuvGDpiobt9g//iBYEK5JLoLJ7hvFYxgUOLk9o3umRIVgPj/RX0FIU5gBAKJzjmhnKz/7VzPq6xCBhPWHeqcE/kfLBjtZ2IAhNWr1+wGftSdpFc5HhBOoLA+Oy+mn1M5EVhdBSCYe0KBialzYrXnWzjwnzvWQJjBRf78DG51wu+nyluWZVnWZ2oCIjA9ARLV7Rt33brBnimRy6dAgrkjJk4JBSSq+eKjoUT3TAkFJe58nkT3TIkdKGFZl2QwYZX6IOdEdzJjV7wnJ8KO4Kor7k+iH1vvF9QvdXBCiQ2QGVCoAVVNSnKbGpA7QKEmL91AP7lCseDDSvOzRrBPhD4OEwcFijkq7KCwLMuybtPBv22sug5MTBY1nq865jKYAInKKdHdmrEDJBBMVH8FOnFKTKDErlMCnylR/fOGerbEI27hqIAEPluCuSbslLA+XAYT1p16hHMib/tE3XZ3X2+n/g7nxOq7ttM5J6aTlTxR2QEUFXBgzgnloMhLdktEymfnBAMUecDcEe77KVyzLMuyrDul5kKTtLvIUF1gyAv7F4vqXzeUW2L67xoVkGDPlOighAISzP2J+09pF0pc+feNHShx5d83Kihhp4T1JWQwYY30RZ0TU1Wuh52+HR3GYPc1/vuseWBc5SmciPgPSkycE9iOr8+uFFSTmwmQUBMg9lyLyjkRof+xIy95sIzgx6lyTrB9bweFZVmWdUkXHBLY1o3tFZjYuXVDgYk7HnI5BRKdW4L9+wa6PKZOCXUMlnBegUG6WljgP3FJYBlBxBRM2ClhfXsZTFiP0Fd0TkxVnmAv1K8BEh9o2cEJ1q6cGBH15IaBCjVxwbZTMMEgReecwOdNqL8VxTQPpBl0KLUgIurvsWVZlmXtSEEJNheqwMQa/7uLCApGVA4J5ZS4E0woOKGcEvg3oLt/BXoVSkyfKfE3STunRC7fDSXslLC+lQwmrKvqnBPYbwmdEzu2/A5e4DYV0Z24KCbOidxePXNilfEWBfaZcN91cKICD+qfOlheAYsJkFBXLHB7CCjUkqEEAxSv8fbzTY4zEwMUqp46KHxFwLIs689W4ZSoHBIqX43pFZjAMVsBiZ1bN7DcAYYpmKieJcFu2chggn0uNj9R+zGini+wZfJMCQUkprdwKBDB6tnDM3ecEswhUUEJtq+wzrIuyWDCeqS6k1R2Tty17dMTY7e93fbOOaHaVL2CE+r182Cs/qmDXWVRy9QpUZX/hra/m9dlUAKvVOTPld0S7KpH535Ap4/dEpZlWdbdUiACUwyq1QUFNiazCwUdkMgAQMGCDkyw/ARMTB5uefVfNzqnRBWgd8+U2HFKTP99YwIlJv++MXVKoDtkeuuGZd0mgwlrS+RZE0vMOYFBXu63pOBEdfK7SmqnTorKGbHjnMj16HBQkCJSv/ze8gDLXr8akCdgYqdfdcVClfGZEwtA/F28Pv5rB7bhrRvVIKqOX6fSVeFnT1iWZf1Z2nRI5PoOTKhxvAIT1XLXv25MHRInz5OYAonuWRJ5v7D9GsEv6Ci3QHfrxl1OiZ1bNxiU+D/y+uovQVceP1/nlGBzTsz/K8+DrBMZTFiPFMIJJQYnJoQbX2unfrffVecEczTg7Ri5jTkkKufEyb92TEBENwGY1rPl5F87FKDIyxpcI/4bSDO4YPuG7bf8/Z18jy3LsiyLqXJGrLSCEzheT8bYDkjs/uvG7q0bH/EsCQVrGPzJUheV1DMlHuWUuOOfN/6PvL6CEgxE7DolPBeyHiaDCetIH+CcWEH2b9KXqaO6yqanTr4f5ZxAOIEOCZQCNWt/7Tgnrj57AicKagJRTSj+hjwDG8w5UQGKV8hP/r0jUv+Jyu+zHRSWZVk/Swf/ttE5I1bauSWYI6ACE+ofK9g/W1TPkjhxSnzEsyTYBRE158mqLiAxGPFVnRLVMyWmTokJlMD9g/vOTgnrdhlMWB+hj3ROVO/hjn53Oyci9p0TuZ2pc06s5c5nT9zhnGDlvN7vlCKgwAXhS3ZN5EH5KfhAXIl9n+2osCzL+nOloMTUKYEBtbpIUI3HDEwwtwS6E+5ySkzAxB3PkmAXLjoosTRxSiggcfczJf6OfafEKZSwU8L6FjKYsC7pA5wTnYNgIhZ0njonXgb9grQv54R6/eyYwCsoEziBAXblnDi9QlP1YyBh1znxBOUMJP5OeeagyPV536BzImD/5LK6WtAJv9O57p+CHRSWZVnfSgcOiVx3AiQqMKGcEurfNhBGVE6JUyCx45C441kSnVMi71+mat6mHgbJXBITIIHPgTgBE+xvRdmtG1OnBIMRdkpYX0oGE9ZH6sQ5oa5CVK8xfS9du4IMrN+OQ6IKfNeAi3UdnGDt6MSoBnEGJHacE52DYuKcyK6IyjlROSjw3zsQYmRIgXn1DIqp7KCwLMv6M3TFIbFSHGcjuFOiGzs7h8SjnBInt26oWzbU7ScMRtwJJTqnBIIJ5ZRQz37IUGHHHTH55w0FJLp/32AX2uyUsL6EDCasW/RA58Rqy0FjFex3TgbcRuWcWH1eUrrjoFCv84vUL+GkhUEKJoQTeR9jyhwT7PYH5aDoXBOdU6KyaqJz4jepQzjROSgykMifrwNNFUBixwzb7KCwLMv6JrrJIYFtU6eEAhOV4G1qAAAgAElEQVQVnJ8+3FI5JBBIdIChAxIV4FDvB8EEfjYFaBTwYcI5GQvOGYzYeaZEd+vGDphQ2+vABHvfDEjYKWF9WRlMWJ+hO50Tu0RXBes76+T6ansVoMCHYq58djeg4yFSGxNzTqz8c2rDZ3jg5Ol3Woc5Itik6TfpN3FKVMChclBUkGLy7AnmnIjg4Kn7rjIQketXmwdvy7Ks76nOIcHq2UWACA75lVOiWqZAQjkkHgkm2Guy2zWmt26wBfc5E7vQNHFKoPuA/etFBSQmD7w8fcilcktULgk7JaxvIYMJ61Z9gnNiegKtnAzYvrOw97He51+kL0IG9f6fUx0DM0tsUpS3tbaD70MN8rmMgTxzc1RuCjaJUldGcGF/JbrgQ37mBHs9dmsHW/J3EF0U6gpC3n+sz2qLpt4OCsuyrE/UzQ6JDkhMwARzBkyBRC6zWycmt2x0IGJ6uwaDH91zJBiYUHMLtt+z1NjNLjxMHnK5wES1PApIZDAxfaaEAhJ2SlhfXgYT1mfqDufE5DVyutvebZtBCTzZ5/6/oC86J3C9NTAzMYdEVb+UoQfbZgUmcNK00s7NMHVKVG6IlaoHZaJrI6+jriCsz5n3Wx640VlhB4VlWdbP14lDYqUMRKy0c0qcuCQYlJjcunEnmGAgQt3CUbkjrjoluotO6JRQQAJv3cDbN9jDKNXtG1NYobbrZ0pYf4wMJqyH6IOdE0y4vgIFV5wTijxXsELVM0Dxmj4zm8zkz9FdRchX+JVzYsEf/IcLNTlAwPB37E+wuskKc1AgkMhOig5OMAfF+twZVuDxRXXHPeLtPsZ1sd4OCsuyrAfqkx0SK+2ABBs/d58lUd1ScXILx8QhwdwZaoxnTgnlGmH7V4nNGyuXRAUkTv594xRMTG7dQCCxnBx2Slg/SgYT1lfQnc6JvI2/N98Drp/b1FL1Veuq16neB4MRua1ySKj27JzIzoFVVs6JifNh10GhtoeggQGJybMnOgdF/nzokGDfTzsoLMuyfo4e5ZBYaec6nDgkJlBi4pC4A0xUz5DIZebu6MZ/5ZKYQIm7nRKTWzd2bt9QzooKSDAo4WdKWD9SBhPWQ/WBzgl1Qv07OETogEFHmtWCV9k7qIF1U+cEy+/AieygyK9XWSd3QUUFDKpJCnvWxAQ2VJAiP3eic1C8Qlo5J5a6AR/3Ma6L9W9eS13p85ULy7Kstxo4I5Y+wiGxUhwvKzChnAUdjJiCiemtGxOwseOQUGM+gzUMACl1MCIDiR2nhAISV54rwdab/OuGeqZE/jxsvmqnhPWtZDBhfSWxK9NMzDmxgk22TVaeOhaqgLTruws1uve5AMX67M+wzhXnxNreK/TPy29IKzCx0g4sdFeLFLjA50pkKFEBkRdYZ4EH5qBY+4o5J/L3FI+dHRSWZVlfW3c6JLBOXfVXEL8C951Tonq+wy6cmICJ7lkS1ftXn1/tNzwGTB2UeIF89ZDLDkqoh1PibRuYXrl1o3qmBIMSdkpY31oGE9aH6IJzQikH5ss1sYJNdsJlJ2WsV+2q33rdnLKBMW8nqxosFiT4lcq/0rpqQtRNrpTW6+XjkR8KWbkmmINCXQFBMNFdCWLL32k9BigqBwU6JzKsUIAiOynwGEfo7xBzpbCrEhMHBbb9U/CzKCzL+sN1+OwIbNt1SGBbBSamEH7qlJg4JHbdEpUzQjkkmFMCwQR+NuUaUXOZfCzYBRy1qFs3MoxgYAKhQPWAy10wocDG1CmhnimxAyXUHJft34jwvML6WBlMWF9R6so0isEJNQFR2+jqmaNBneBfivY8WKzlr6JvhhAKXET8N7AznU7WsnMiA4pVxolZDuDZ1Q/moGDPjjh1TSgwUTkoOufEqnuO96AiD/oKWDBAgZo6K3bWsSzLsv6TGueYE4KtM3FI7AKJVceC984p0bkWJrdi7ICJziHxF3nv7LOxz6/2Yzd3iZgDiQpMTG7dmMCJqUOi+scN9jwJdEuwz5I/7xUoYVlfQgYT1odq0zkRqa6CE5VT4M3Lk9fsrnqzvDrpd84JBBz4PtS2f4V+nxlQVJAC9wHu73x1Hz9zNXnA5zSs48HsmgsE/E3adt0Tf0P/yjmRHRT47x0ZkOQBP4MK/MwMSKx91X2P2ORgKjxm77ZhB4VlWT9dF/9dA8sKTCgIweoqGF85JdTtDpPnSdwJJNT66JRgjo3pcyTynECBCXYcIvTVfTZvUg+CnD7ksnNKnIIJ9nyK6a0bCrAoMDGZi2TReYLnD9ZnyGDC+g7KgWCl/OwJto2cVu1q8FNwAevvdE5kOFG9/3x1H+FEDqbVuqx9OScQEilA8RT8YZLsSolyTuw4KdA10YGJnQdprlRNcta+RlDBJkqR+uZ1Imbf66qvHRSWZVn/qYMSCkiwdOWfIZ06JO6EEjtOiV04wcBEd8tGd+sGG/crl0Te90w4h8OxtnNK7D7kcscp0f3zBgMRuVw9S4LdunEFSljWl5bBhPUputE5sYLCNWFAOKFOzJMTd9WugtBVDlGv4Ea3TQYo8pInTCvFAZ+9Jl59Vw6KXFc5KJhrQoEA5pxAMLHjmjh1TqCDYn2GDk5MHRRM1fdgKvyt5Lp/Cv43D8uyvqlu+ncNle+AxA6YmDokEEp0Y9yuU2IKJDqHhHJK3O2SYPs9gs+3VoqLAhLVbRuVU4IBhFMwUaXstSsgwZ4pgXNF5eCM4PMNOg/w/MD6TBlMWN9JOQBkbUt4RVttq6ufggk1EDzCObHqfkHdUh7k73JORLx3T0zARAUolHNCOSB2XBMdoKjcE2vBZ1CoSc/UQYHfW+WgqITbsYPCsqw/XR/hkFBX+nccEpVTooMRHTjYhRNq/YlTYhdIdC6JCH4Ml9RcSDkl2LMYWNA/dUlMgQQr7zzkUjkl1DMlqgtYQfKW9S1kMGF9qm5wTqx2fBZAxH+TiuxiWOWKwKs+Oc/I9K5zQjkoWN/cZ0GCX/H+PVTOCZwMZHWwQgGaHUDBJnUMRrCHWqqJ229Sl50UDFBM3BOrT4YObIKwHBYLGigHBYNIWd2VjYnwN8Ha/in4WRSWZX0x3fTvGipfOSMC8h2YUA6JlceAHR0SU6eEggUdfFBtE2dE5ZI4ARIMTOTjkPMskGZzNAYk1K0bCCY6p4SCClMwwR50Wd260TklGJB4FXW4zzCf29/J8wDrK8hgwvqOYlegWZ/smDh1TlTQIL+Ogh0R750T1X2BE+dEvp1jcmsHOicita19udO+wEikFCdtOWj/DW1smT4ronNL5AmfAhS/U92aGKhtZTDBHBQLvOAECR0Uqw+Ci9yO32nsg8I2BvFwW5ZlWd9RU6g+cUQoOFFd3Z84JBiYUC4DBiGeQ7sVutswJnCiuiWkghLV52D7o3JK5P3PhHOLKZDAWzeuOCXU7RcnTgm2TJ0Su8+TCJK3rG8lgwnrS+gT/q0Dt5Pr2Yl9OgiwgQOdEwxkYB2+ZuWcWCDiV7x/jxlQPEG52xe5Pe9HfO/oGMjulM490TklFJhA8FC5KH5D/m+y3ZdUrpwTuYxuClwmDooJ+Mq/gZOJBv6Gct0/BT+LwrKsD9KNz46oygpIVGUVTCuHhFqYY6JzSigw0TklqrJqU+BDvc+JS0K5SqrjsaQCaTb/qYDEnU4JBigmTokKTCinhHJj4uedgomI93MLtn8jwuO89bVkMGF9Z1VXk7NyALm0MzCy+tzOBs+A+gg9oEydE7go5wRTdjKgg4JdxVftWRmM5OC3WnLAzoCDuq1DOSoYoMh9K+fEKv+Kt6ACXRS5PbsnMqxQkyXloMBjj/Wvoj4fDzw+qApo2EFhWdZXVgcl2EUHzDMAoepUUF05JDoooYJ8hBCVc2ECHFR7VddBCQQqHZCo3Cbs+CyxgHqleYw8vXWDQQn1PInqr0ERTCinRLVMb91Y+fx5OyiBFzgs61vKYML6UrrgnMB+KIQTzCUR8X5QrOrVPX5sQA3oq/LV4MPqI94CgsmtHStlVy5Y0FuJOShw+x2kqFwUGUKgo0JBB+WWyO35AZjsuRPMJZHXzUAiuyYqSLH6MSBROSlUPfstTITrs7Z/Cn4WhWVZF/VBz45Y+c4pUYEJdTtCByVY8K6cEVMw0T2k8uRBlt3zI9TtGhMgwRwSCkzgOFKNd9NbNyqnhAITzCWxCyY6pwSDIwxIqGdKTJ0SbF/munfyeG59RRlMWD9BOcCrtALgiJATIQywWb0i1B1AqMBExNvBdwI+GIyIVMfeYwYU6JyI1FZJtS9Akt8LTvrWAMzAxGQCxABC5aBA9wRCCQUpmIsCX3P1yROkzkGBzglMFZB6gvXYflbff/x9VEDDTgrLsj5Sajxh0HyaVkCiurKvQMQESnROCeVQYDDiFEhUYEK9bgckVp7tD+WUwONQaXJhJ+eZs+DvlHZOiQoi4K0a03y3sPdWAYkdlwTO8SzrW8tgwvqSQpKbrrhUwVXlnMhB+Uu8HzDZ4Kjq2QCqAMLEJcEcFfjaebBit3hE+nwLEGQ48ZzqEVBMJxCr/wp0WX1+77nvCqwj5XPAvQJ65ZpgzoZdBwXroyAFc1FUz5/I0KFzUOR2BBMKamV138dT4W8r1/1T8LMoLMsS+oRnR6x0xynBAunKGcHGIwUhOrfEzm0b6naNHYfEFEbgLRs5zz4/23fV8WHzqkh5BeSrBR0SyilRLd0zJDoYwfLMpYHvTTkl8HPj/sD9laXq/pXHaes7yGDC+imaXDleQWEuLzFQkdNc3xFr1laRbwQTO6Q8L79SGlCn9glOMLCtghCqPQOQfFyeYJ0MLNA18RLvJ0N5Yc+KUK4JBiR2nBPsKsyveD/JQDBROSieRXml+buhXBUB7er4YD0KgcRkHcuyrBPtAgiW7+AEA+8qmD6FEixl+ep5DhOnBAKKrl/nzJi4JNQ+UA4JvLjBjuESgxRsvsNABHNKsAsGu0Bi5xkSE6eEepZE55R4hTzum4j3c4AgZcv6tjKYsL6FyLMnMHjKdZVzYgVya4B9gXUUca6AQ9euBpY8EAWUdwCFusqOzgn2PvNEY+0HnPhl+MD2cRYGz/l1FZhASJHTCk6gc2HiiDhxTrDXeiF1v6CdOSiqZe2bDCdwf6KrZkl979YxCbLOFb3Zlp0UlvXn6IOdESvPylMwoa7yI6CYLBMgMQETU6dEd5vG9FaNXSChYAQDExHvj0/E3nyKzXsYmFDPklC3bkyAxOQZEjt/BarABAMSv4vPX8058z5FSPFGHoet7ySDCesnSAXO3ZXfHDRWhD9vV9VX0EDR710woQLav4IPZL8gz95nnsCtdOqcQE0cFBk6sKtYGUwsIDCdMCIkQBdF55xgZXRHYBknHbmdOSg6OPEa77+XCJKqMquPlFYOCAUy7KSwLGtXUwCB5Sqt8tXCwETllNgFEn9BHS4dnKjSK7dqdFAi59k+6BwS3bwpS82VJvMchBLMIXHFKTF9uGUHJCqXBBv/Vx3O3yoogRCihBKW9d1kMGF9KzX/2tEFVApOqAG2GhjU4Kr6BOl7AibU60/7rYnIBFCwCQiK1edjMXFQZEdBdk78TnmcUDI4gM+cwDRDigwqMP2b1Cv3BE460E2R87/i7WSkW7JzYuKgqCYx1eRm6Q5nxZt1uyurvpJjWV9PG46IpbucEVjfwQjsN3VITGEEC+KvgInOLdGlFZBggEKBlMopseuQYPMDBOIr381bFJRQYAKBwCmQ6MBE5ZT4DfmdWzfwgoTaRxHvx+0WSnh8tb6jDCasn6QJnKiUg8HqNbDcBYB5AGYOitV/CiZ2nRN5+QVpBSjQORGpLe9r1l6JOSjWerhkYMGAAy5/Qzk7F9AFgQCC3cqhgAWbIL2Q18rvE4EDXjWp4ASmef9VsCp/tzKYeyLbUFK/JbaenRSW9WepgxJTZwTWsfwz1E0cErtQAgN2BiYQSLC//6zAhIITnTNCvcYESlQwAvdJt3/zsVJCOLELJCZQ4i6nxJV/3WC3buD7nbgkuzF8C0pY1neVwYT1LbXpnHizatEW8R5OdPT6WdRPCTiz793lnFB913tecGJJAQo1Kan2L6uv9kWGHWrBAF3BCZzAsHU6J8XfkEdgUb0Gc07kyUpuY6BCLWsfZTgxcVBkse8q5h8hum0/m8KyPk8PckZg3RRMTNwRalzqHBJTdwQDEswlMQUTkwddTp0RHfxgUKICEQxMKIeEckossXFmpdU8hQXoKrBXt23c4ZQ4fZZEBybUhYfpfC7vTwUi3o2VHj+t7yyDCesnCuHEjmsi4m2wqCZujGKvsoIYFUA4AROdc0JNArJbYuXX5IRBjDxhyZo4J14H/dZ21/7Or1cF6RWcYLAC04kzQj17Aicj6tYQXH5BnrkmJpbPXQcF1gfkM/jAVAmPaYZMubzqPFmyrO8rBRi6MqtXQS6Ch5z/CIcEc0swKNEt3e0WOw+wvPIMiR2HRHUxooISKDXvwQsmE6eEWjoXwxUwMQUSV2/d6KCEumhQQgnL+u4ymLC+tQ6eOaFO5Hi1PiBfDRpdO4IENWCfpt3S9VsTGDYAZjiR9wnuK5S6qoKOCzXoLoeEes3Vnp0UOKFUkwZ0VTDnBAMWCDNYuVteSB5dExMHhfpePQc/5liOeL/vQ7R1YA/7nejNtv1sCsu6rpscEapteu5nY4EKeDswoZwR6IpAELELJjq3RAckdhwRVb4DE8zFcQIkFJiIeH8csnAetPLVPEQ5JJRbAoHE3bdudEDi/+B1mUPixCnRjctsjsn2/b/yuGj9BBlMWD9Z7IruztXgpRwsqn4VoFAB+J2Aolr+Iv0QTLzGWziBDgo2aakcFLjvg5TzOvl9ZOiQt8UC9qeUz5MvBivQQYG3YTCnRAcomBNiurzA+qs8ARM40cHjOnVShGh/KvrgbwfBhQIaFeCwo8KyPlcdaOjKO86IzhGh6qtbDqYggoEJ5TTYcSrsOCRU/plsY+KOQBDBwIRykZy6I1TgrILuqUsi5zH4f7RT4uR5EhMgMb2YFCSfU9z3lvXjZDBh/Qg1zokIHhRVwVAOjPPVnAUnKqpdEXA2QN8BKNS22HbxfSCQWOUlDFiVgyJLBa9KzEHBgmHlnMiggoGJzkGx+jMXRQYUz6TuxDmh3BPrvVYTnWqSl4/zM+QnE6PJBKkDDZ3DAoXbY21vK/1sCsv6Vx/sjKhABNZPrr6zc3oFJBSg6ADE6sNuc6huhXgEkDgFEycOCQYm1H7FY5TTCB4gV/McNk9ZeRbQnzol1L9nXHFIqGdJYJm5Pdh4PJmjRfCxVu3/iPC4Z/0sGUxYf7LY1V+lBSTUpAwDe1y3AxZVgLnjlKiCVnROsIHxF6SVc2Kl6JwI6MPqETag8muuPgiL7nRQvKQUnyORXROdU+LEOYHrvkB5gYqdZR3nqXNiCil2nBS7YuvaSWFZ96pzRpyAiR1nRM5PFwUidpwRzFHAXAe7LokKTEzhxHNK73ZIdO4IdnGhc0tE6DFiMk9hwbyCEROnhHpg5d3PkvhbvN/JhYLJRYG8by3rj5TBhPWjdME5gf1yubqawAYVrH+GupWfOhxwgJ8MhAw+ZEBRDZbPKc2QhX2mzjmB6iY8VeC83sNT6tc5KBA8KHDwAv2Yq2LilGBAY9dBUaXV8e8A12SSlOuDtAfJY91U+Js80ZvXnF459hUm6zvowAmxtOOIUPWPdkbkOhU0s6BaAQkFKZiz4CqY6P4WdOKQ2AETyumx45CowEQ+ZpiPeH++X/lu3sLGIjXeMXcEwoGpQ2LlJ/12bttAMMEgS3dBiY2tuK9Z3Tt5HLN+ogwmLGt+tTcHr51zIg8+v6BtbYsN6B1xrwBE1+8vyKvXzm6JSHl0MSCgyBOgrIlDAvsxre2+QN/KQZFBQ07zRBXhQwYTykExdUqcOCg6QHGHgwKdFGtBMBSkD2vrnBSR6pcYJMxCcMH62VFhWW+1Cx6wzOq7vrvOCGxjQTNzRtzpkGBg4tQhMXFOIIjYcUZMoATuGxyPp1ACxSD0ShnknoxHynmgHBJYt3vrxgRMMAgyGaO7eRvbR0HKER7LLMtgwvqZeoBzYmkFxZVzorqivMrooqgCwQmIyO2M3DMgkUFEdlEgdFgTIjaI5sB0TYbWftlxUGTlYJYFygFl5qBASLGcFAgnVl3npFAOCgUgThwUOFHrAAU73gpKVd+fnEf4xOBFNHVRpBH7QOIOvXktOyusz9SDnBBdn65epZM+U2fE1CGhQMSTyJ84JBAOVLBgCiJ2HBJTZwT7PNX+YPsRj4E6dkssWJ7MT9iYw8YqBBPMJcEARQcYpmCigh5TIMHGXbY/urlh3s+s7p08Llk/WQYTlvWPcjCEQVQFKdBBobaL21gBIBu81IA2BRNVPUKKDCuw/4IR2UGR8zmIzZOfVWYT1KydCXQGFPl1n0iKroAMJpSDYtUzSDFxUEydEt16Ck7c6aBgxzrv0/z9U86KIHUdmMjAqfqNdeAioH3S384K67trF/KelBFGqLIKbk+gBCtfdUl0IGIHSlwBExOHBL6vyiGRywxEKOBTHTulDkgwuK0WNrYxYF/BgjvAxORZEggm1BisxtYplED44/HJssJgwvrhQrKcrlRVgRAr5wFFTbxW+ySIq65MV0BBXanAAXMCJjKUmJD+55T+En3UFRq2z9hAPJl8V/uYgYq15M/N4EWGEspFkcHGDphQDoopoNhxUOD3QUErNZnCVEGL7nsepD7Xdb87JezfadKfvqadFdaOLjghlibr7wDdXK/AxA6MqIAEliv40AXV3S0KLGjfdUhMgMQJiJiCCQZKlDOCLRPI08GkJTx/dfAZYYSaZ7BxSgGJDkbs3Jqx45RAMFGNu2qsVXO4bixU5Tfy+GL9STKYsKz/AtiVX5pcZc3tOdBl/fLyi9SvcgcIuiBzAiQUpMiwAtt/pVQBCnQzMEvpUoYHTAwysPbc5yWVX+L9pA0/UwYW2UFRAQp0UExAwxRIdNtlkzw2YZo4Kdh3pQIU6/iewAlWXnkG/vB44+8S65h2gMfkt25Zj9QEyl4td3BCgYecvwolqqv9u04JFcyrWyM+CkycOiQqMKH2kQISePwC6pUUlOggtgIS1Xg2dUhcBROVUwIhCXu/03G0GxerFPOW9UfKYML6o9Q8e2IawOQ+GPxiny54exb1bLCrBsXuykU1qOZ18gMyf0E5Q4n83hFQPKX6tT+qyStTN4HKgWQGFHkf5gAX88wxgeWpg+IRYKJ7nReoU1eoGLSYfJcqQNZNwiYTtOlk7QRIKF1dP+vNNk6vlPtK2NfUDc6HpZ3tdOfCrr6DDqzuFEzsLBMwUYGIXK8CeAUlEBDsgojT5S6HhNo/1T5mxy1IPkIHx2xh8wUcNzqHROeUWHkFFu5wSCh3BAMTbCydjJF5jIuox7wQZY8P1h8pgwnL+k/sKu0TpJ1ycNtdlXiN/5wTeX010E1AxBRgYH2+ut45JxBSZEDxnMoZECCkQPfEasN9zsSAwxK+NgMTCkqsY5bBxMRBscov8c/kZgorroIJdVWqAxMVpJpMvFR+F0ycggr2/chlBFZB6qOon/zOp+cD68/VFEp0gIHVT/K5fBVEYHkHRrA8AxEKTFROAuWKUE6JR4CJ53h7u0b1micOCZZ2y1I3B1FpBSOqOcEU1lew4G4wUQGQCfyvxstuDAySzykeC8v642UwYf2RuvCvHWoAyQHw6rsC39U+CdRWwP5M2qor2JOr42qw/R0R/x/0Zf/eoQZg5ZzAz7TyaqJbadJeBcQMeuRjlifO+fNOHBR53z6n8hXwcOqcUEBiB1RUEGwKJlR9DOriIJ0If9MKVOwAiqnotu66Mu8ra//oRqeD0s727zinqX4dmDgFEtW5uQMQUzChAu8TEKFcEVeBxE5/BSZ2HBJsH5wCiQpMMFCrzstszjEBEmwsY4DgxCnRAYrulg1168YVl0Qe63A/sv2bRc/bPp9bf7IMJixrrhzQVsoBKk4W2OD/C/IR/wX73YB4ElxW/X+RNrydg93esdIKUDyl9lVmEy5UhghMrF2Biqf477jk96D2z1PKZ6fFghKYIpg4BQ5XnBMILLp89X3oJmUKVjyLfiGOC9YHqcc6lT6JPEq1KWCh2ieTyMl5w/ramkIJBbpO+3cQIuenAILVVQAC6ztHBJa74HsCJqr83U6Jrj+DDuz1lRuiAhPdPlXHJVLKVJ0zK7BcjQnKtcegxB1OiR0wUQERNa6qsVGNfd34hvvesqxGBhPWH60Lzgnsh1pBrZogdsHaM6nrgkPWnw201dV1hA4ZPuS2v+D1n0keAcXUOcEABQZ21QSsgkAZkCCgwDxCCwYoMphhkzMFHDoQMV2vAhX4PrrJV7dU30E1Weu+oxNggW0xTBU46IACtqv1p9u7Q+W2P8Ap8FN0ZT/tAoauXwVaVTueG3eBBK7bAQi1dGCiSncW5TZgkKICCwo07ACIKZjo3B1sXyCY6IBE9z1YYtC1Ot9Wcw0FJNh4pxwKDEpMQMTOQy07p4QaV9l8aXfe1e3zEH0iIuyUsKwwmLCsXWVgMR1EVgAcJM3bzUsO6NXVaTVpmF4B31l/Bd8IJ9b6z9AXAQUuGRCwya3SNDjIgemq7wAFAge1f57jrTsi16ODIudf4u0zKCo4cQeYYJNGVj6BE9WkjU3cEFZESifAAvux+iDlfJwD+uTvX65HTSb7rJ/SyeSTbduT2Fp3wZrJ1ejqdTsAUa3T1SvYwPpU9SzgfU5pFSxXtx5MnREVmFBQYschcQImJm6MXWfERzoksti5sgLJ3dxAjVEZTJxCiatgogISavzdgfHT8Qr3t2VZAxlMWFa8J9XpCmSu37kyugKealK4+qnBLQf2rK+6Wt1NJqb1eWFuiQwi8jMp1qKcEwgG1udTV+3y/lSatKnJBAKKfOwyOEEIwYBFTjOQ+A1t3cTuahknXco5sfMdmEzaWNsVMKF+G4nl93EAACAASURBVB2MYPAioH/VHjH/vWM/1b8LJrrXwfa7Au8/RVOoebrdCYBQ/dT4sAMmFKSYgIgTMFEF2FcdEqw8uXViCiYm4KIDExNnhAISuN86IMGObUBdRH2eY+fPav7A5hNqjMmB/51OialDgr0OA/sIJtTYp8a2yXiE4xLLR8T7eadlWQYTlrWjHByzfDfIrMA3SMpeay2/0vpq8rBSdStGNdmo6hWcyLd2qH/v+EVS5pzIgAAhhZqUdaAi9137k22jAhQIGhiMYGAi39qBDgoGJhREuAtMVE6Ku+EEtlUQTYEK1mcyEZy2q3Wwzyo/NWXUFDzcBRo8uX2rKSDY3c4O2OjWnQAHtU0FbyftbMkAYqWsDwueJ4H3VSgxARB3golqm7sgoto3EyARJD+VAhHs/DuZA3RQQsGBK06JU4dEBhMv8RZITMa5bszqQHiVtyyrkMGEZRE1z57Iwe6b1UhdXm9N/BBQsIlCdhng+hjQTwZSnGCwAVrdOpDbKhiRYUWuW+89w4nKQZEhxeTqEVPVno/TBFC8QpqhBZvUoTuiclAoMHEXgLgKJqawgk1wJ+lVMDEFFh2IqMBETtVvv2rDdbG/ei21/Wk9bven6BTgdNubbncCLNQ2p/UdbGB1FYBQ9R2YqJwQDEJMgcTktoc7wMQUSFRgQjkkWBk/P9s3V4CEOmew8gRIdGCCjRUKSCinBIMIHXDo2jsIgmPfAhPsM+Hnxv2D49RknFHHJCLCTgnLKmQwYVn7ynCC1atBZwWpuZwnH2tgy31y3XJOZDDBBlI22ConRXeVZLX/Eu0T5wSClud4+5kyjHklfdgkeu2bVa+OCaoK7jpQkoFJBg64HxFa5DI6KLK7ogIWlbNiB2zsAooTMMEmvB24YBPmaongE8VqwngFTnTAItc/FWVcn0l9R7vJ7C7Q+Gm6AitV+xQG7QCIq1Ciqs/tz0U7nlNVHQuuKxBxAiZ2gMQOWKjyOwCiAhG4KBDBwEQFJALqJlIgVgXZbKxedVNHX+eUeASY6BwSzB0xcUpUY8+qD6jHfY8ygLCsTRlMWFahB/xrR4YRakLCgqy8PQzgcR0FKBScqJwSq736tw7cduWcQOiw0vyZEAbkyVzE+/1WQQkWIHT92cTkKd6/J4QOT1DGfYROCrzlYwIopkDio8FEByumYAJBximYYJPzCZBQk80diJFTdn5Q2ulbrY/6rpPmKRR45PauAIgqZfk7gMQOmKiu3ldgYhdCfCSY2AEUHZBQ74d9bgVoKvhTHVeWZrHzjzrnsfOqAhN43q9ghAIEV27duMMh0d22gXXVeKTGEzwWahx4IzslLKuXwYRl3asckOwMQiuwzbAhbxMnSmswzI6DarDt4EQVVFbLL7JtTNU6OcXPtgL4DDMyHMCJXhZChKpdqQMUCk5g+ZXUI4TYBRRTIDHpV4GJCljswgn8PqnJ4HSCiJPuIGkFMUKkHYxQgUA09aOJa+jvZfd9rc41HVT96tp5n13fXTgxARNsXayvAtCuXQWxCCByWgXBFYCooERVvwsjJo6EE/BQ9TsFEmypAM0EREyABOaXuvOXAhLVPIHB6FMocTeYQCjRgQk17lVzm+lYk/d3BD/XW5Z1QQYTljXQwDkR8d8kYjJQrUBDTVbyYIiggrWrSQkDBH+RPmxRE5K8MGcEpnn5K9Xn4H5NAjOEYVBgTfii2X9K1VUo1rebqCAsQQhR7eMKaEwBBR4nrJtCjgpMXHFNqMkggxBskjgBFVfAxARUVBPRLj8FFAoWYL06t+yce76bpr/VnfYOREyABNZXeVaegAgsXwUTKnBW4EEF3VeWCg5MwQSCh1xmdR0M6UCEAhNq302hRMTbYxrQtjQBphWY6MaiblxRzgQFJu5aKiihlp0xqxtbcP+qY4H5N7JTwrLmMpiwrPuUr2qy/HRweoF12WRjTaReU1rBhgUEsF09O+J0YWAiwwt8/Wfom8EEWxgMyJPrDHxQeb1JPeuDk5T1mRigWO+nCtArUDEBFFdAxKlj4opzYgIm8kRR5as6dZxCtO3mWTmgL0uxX5VXdd05ZNI+CfS/mnbBQ9euzg9dPpe7gFIBid08gxBd0MsCZDxXIpR4FJiYAogTMNGBCtx+BR+mDgm2H3F/q+MUkI8ivzQFp+xc2Y053fjBYED1nIdHQIlTh8RK2effGTsuQQnLsvZkMGFZG0LyffO/duCkRgGKZ1hv1bE8C+IQWLCBe+KWqBwUyjmR81iHsCLDl7ys/YiTv4CyAhQBfXNa9WGTFqzP7y1Di1xWATtCot+kbQIL7nZKdCBiB1R0gIKBiQpITCaXq586hl2+gxIdkFCAgm0LtzktT+unUOKjJtq7kET1n9ZPAUUFLqYp21YXqE7ARAclqoA5B9gTMHECJDrnweS2ihMwMdnWFRChUrX/1TGMIr/UnV/YuYmdN1VgXp3r2dKBiTscEarcuSQQTEzGHzaWKODDxoasd3V2SFjWuQwmLOt+ZTjB6rtBawGJDlCoIGuBiUlgmAFFLl91UlTOicmzJ3JwzyaQCAOeU/5J1KGegh+rfIzyfsfJZIYjLPBd71+l1fHAfuq47Lgb7nJMnACJ7rvYAYtqQlnBCWzDY9S1Bclj2kELFmSobYXoOymruknblb5XtAMmJvCwqpuWFWDI+WmZpRV4UIEutnVBMetTBdgsIN+BERNAcZdjYmfd04Xthw5KRLwHEiyfVUGJCkhE8PNeN6awMWEKJR7hlMBbNRiU6JwSk7GoAxIVmIjQ50MDCMu6WQYTlnVBD/jXjqwFJNjERgVXa1KWAQWbvLCAEP9ZQ01qrjonVoq3eeDrrsllzlcOCpww5v3NrloxqQkk68OuoFTvjcGKajKJdWzypZwUbOK5CzOmIGJ3cqjK1f6YAIoKUlTwgh23CZg4gRIVmJjWq/JO3Umfj9AEVEwgBKvrQERVvwMjcnkHTEzaFJB4LvpMQASDEBW0qECEggJTADGBD9PXqNqqz6wghNr/FZiIlFff7w5YsvMSO++p86oC1QpK3H3rhurPttc5JBiYmACJagxg5/h8PCbnXjslLOsGGUxY1scqA4tqEMuB9tICFZHSCaBgQEIN3AgUVCA8WTpAoRwU7LaOVb8+Gy6rb95vK/8k6lAZIijl/b62s97TqmcTyKd4e2xeilRNLp+hnPucQINdx8QuiNhdOkjzSspq4skmoadwogsUsE2lE0gxzU/KWH86ab57sj2BD9V6av0piNjJq/Ik7eDEHVCCBc0MTGC/KZy4skxBxY7rYQd+TD4P7p8KSuT9x45TQD4gr9SdMxiIYOc+de5kEALTE4fEDpyowET1WtUtG9X40wGJVcf2c3WetizrwTKYsKwb9IB/7VhaQS2bAL2mdBJsPYt+CATYgzLRCbHjmthxULBnT+RgPsMKnGSuz5P3TZ5YLrH9qdQFQ7kfQic2wcH3uN43woedSSfCnDxpYyBp9xaNKajoIIn6HB00Y3k28bwCJqZLiPw0uMD1Wbnqh+07Zbb9nf6PVgcWdvt3YELByQpG7AAJtf7psgsmGIxQ+cpJ0AX4k+c5TEDE7va6thMIwfZxByZYPkg+i/2u2TlDgYkO5Fbn7m7crpwRv0ndyTMkFOjYcUh0YGJy3sf9rY4N5t/ITgnLuk8GE5b1cVoBqcpPBzeEFfgaCCPw1o5J0KhAggqEq4nRFFCwWzsQRiCsUAsDFCv/JOpQef1KOBHNr533ewSfHOX3+BJvj1M3+WTB++/oj88EJtwFInYX9ZkVrGFlNiHF/kH67ICJCZyo6kOUsW8U7aysIMekjunuSffkKrLq19VN4YQCjjtgYgolTsDECn4ZeKjKFYxQwKEDD7vLLqg4hRLYZwe6dFCHLewYBkk7TSFmBVc7IIEQAiHF7q0b1a0Xp2Cic0jsAAk2Vuyez/OxqPKWZT1QBhOWdaMe8K8dGEyrCVMOcNkAzAAFTngQOlTPnGBX6NnyK+U7QFG5JxggURPZl1RmgEIFHwpQMO30U0Esgol1bF7i7XGaBOsIcar2KUzYBRCngKKbYFf7QEGKR4GJ7lhifZB6zGOfKlX9sZ617dTttO9qB/RN6zoAoeqr4HIKJSrwoOrvBBMVjOjcAZ2z4AqQuBM67L7HDsJUgGcCJqJIs6rfW3ceqc5peH7sXG5Tl0QHJKbPjJg+0BLr2HudjC/Veb86T7PjgHpXZ4eEZT1OBhOW9fHKcILV50GPwQrUS/DJUQco8gQHQcNq6/5BQ5URQLA6BBS/Ul3lnmBuizUBzfV5YsoABUIfrENNAip1bHMbTj4j3h+jF1LGtJqsqgnsLkQ4ARh3gQn1/rv6CkqwSauayGZ4oY5VBytCtGH9TnqSV3UfDSWWduHEDpjo8iepCkinECLiLWxYqYISqq6DE5OgfOoqOF2uAIeq3+T9s8+6CyXyMZqCiO77HNGfD6pzU3WO34USf/+vXrkVdiDDDpiobhfB98o+RzU+TIGEghDqPGcAYVkfLIMJy3qgLv5rR+6TB9Tuis5r6qcG52dIMY/QAkFB/jcIhA1VnXJQrO1Pnj2RHRQ5WMd/8cDPjHAAJ6Z5/+N+7VRdNWN9WYDI3isem7X/EV5UYIK17TzE9OqCE0sFIjpwsQMkpqDiTjChJr4VvIiDFLcfw/qdcrf+qa4CCQUoJvV3AAlWxrY7wcQOiDgFFN2C/Xee6/CIpfocal+pfd0dq8n3J6v6XbHfvwIT1XlMnVunLgkFJrpnSFS3cXS3fHS3a1RgYjIudGCC7f8Q5SDliAg7JSzrA2QwYVlfSwgodgbCl/hvcrWC2bzdClCw4Jct1bMndhwSeRLyq9guwgjc/jNJmZPiGfowQFFBnydoX/lKVT88RlVwi8ACPwcDE6ruBAw8alHv75GAQk38GZToAEQ1CUaIwY5niLSaNLMy5hnIiKKf0i686DSBDKxd9ZtewVbgkZUrOMGABF5Z3106OHEFTOwCCbXeZy/V51J13X5kx1Md40h1LK/EftPduUOd5yooUaXVrRoKRlQAooIXahsdlGDveWfMmJ6Tu9SyrC8ggwnL+gA94F87uiA6bysH4dWyAl52qweDExkgTBwSv0QbOifYLR7VMygYoMDbOfB2j5VngGKyT68GVbnfK+Q7MLGOFU5mM7ToJrpqsquO+QnMOAUg3fu8AiY+AlBEnIGJEyhRgYmuftr+UdoFEVX9DozI5Y8CE48EEh1guAtAnKyn1mH1HWDp9s1kwePJvgMhyhE1vLsDSGCZ3bYxcUpMYMTOrRtdXr02c0cw10c3NkzPzTFIQ5T/lZ0SlvVxMpiwrK8jDHgxaEaI0Q2WL/F+koWToRW0r2D3Od5OhJTlH50Lv0heuSXwVo4MJVSdegbF7+CAIn+2DCsYnGCAogogAtZBuBDx/lhG8GOIbRlOIEyK4JMvhDLP8f44s0lvF+CfQoZp3+r1Jv3UZ/lsMKEmxztgYpJWUIK1hairziOPmpBXwA5/F5P2Dk5M0gmYYEHsyfIIMFHlK3AxdSjcASgqAFEBkw48TKAEHrMg+ZxmdVBCAQkElOq8Mjnvqts2VKA/eYZEByemEII9R2ICJRRsmZzTd867eJzGUMKyrI+VwYRlfaCG/9oR8TbADVGXA10MqNkEDIPdZ3hdFuyugD5PoHI9u70Cb8foAAVCiQwufkE7bnvBB3RQ/Ia+DEY8x3tnxdpHa4K79h3uz4C2IG3Yr+vD+k8C3HxcEUp0Qfq0bVqetN0BIk7BRLdPpgHEFTAxLatUTbar9ar8bt0dmgZ/ClJ0QCLnp4BiEsCeggkFGrryDqCYgolTULEDJKavPf08U/hQLey4BrQFtKEmMCLnOzChzmuVc6ByHlRgYgIjdl0R09s22PusxgA2JkzOwRH8OLBykHJEvJ+nWZb1cTKYsKzvIQQUOwPnS7yfkOFAryaYCCQmDop8G0YFJSZ5hB95mxlYYB0++2LBCXzuBEKOXJ9TnORmgLHySk9Nn649gh83LKslfw4VjOMEcAoIduDDKeSYvp8KVLDP+1FgYgIj2GRaTawfASbU+eQjwQSrvxNMsHqV7wCEqn8kmMB8F8RPAv9TmLADLSbvB/tP9sEVENF9r5i63xYCCXUuOIES3e0aC0RkILEDI07ghHqNiUOiAhPsPL57nq1Sy7K+sAwmLOsT9YnPnsjbfE55NdCv4HYF8hjQrnr2HAgFHPCWDqxHlwQ6K6p/5+ieQ5EhhQIza19mOIET4yUVAHWaXKXD45/BVBcAZzihJsaTfAckJrBg0rYLIKr3p8oVcJiCiLsARVUXog/mA+oD6lm/abmr39UJkMAy+40pQFHBB+x3Aih2gcQOiNgJ4HfARFc/ad99jQ5IVPkJjKiOWUBdFPkl9n2vAl787U7OLyowRxhRAYkJmDgpd9Ciu12jAxEMTLDz+vRc2x2fLHkus1PCsj5fBhOW9fW1AmQs53QJy0wvqV8OWJ+CD/oYrCOMYJMqdXtHvkUDJyp4O4dyR2D/fNvGc2gHBTojMshgE/M8MV59X+PtZHmV2YLHbakDF/kYsgCMHf8qeGXHM38eNnkOKKtJ9R0QYQo9VDrtpz7LpB6XO8EEqw+Rnk7EX6HM8rt1J5r+HqogsoMSKijdaf+qYGKSdk6JCTw4AQ6qf/VZovjsEygRTZ6lWd25OEL/DnNeLerchucuFrQjmKhABAMSd8AJdbvGDpRQIKICE6fnVXXMsN6yrC8qgwnL+gL6pGdPPEH/yjmBgW2eRCg4of5RA0FFBR0m5erfOZSDgvXLS4YVax++Qr6bQAcpd6om0aovmyjnPJvAIZTACXNAGfuxK1p3wINHA4nuPWO7KneBiNrvu/XYjvWT9CSPumtCX32vKxhR5XdSFbjugghsn1zVr8BDByJOQMUuoLiyzcr1UH2GKD7r5HhEkY9UF6Q+qwpg1e+U1VXnGXbuOrltYwomrtzGUaXV8kLyu0Bicq7FfZ+l6t7JDgnL+noymLCs7608sD6FGIChfzWxwyB8TRRwApuD2wpOMFiBKbud46ScXRYTBwX2w3/tyGWcmL/E24k07leciL+Kvuz4qQk0a2fbfYV8xH+woQqG0UmR4QUDEfgd6WDFLmxQ293dZhcwTD7jdwYTapI+rX+0VOA4rf8pYKJyF5yCCQUOWHl3mxMIUX3G6f7Lx+oZyqwP5lk5q/o94G8woj4XqHMgO2+p2xtUkF+BiDudEritCZBQDonTWzZwH0dRzscr4uPPX5Zl3SiDCcv6gnrwsydwWxjYonMCQUUOZHNAy+AE3krBwIR6hsQJlPgLttk5KPJ2EMAwIKMm/HnfsYl1xPtJtAq8mHb65n5V8MkmesxJ0U0aJwF+By1UugMpqnTyfqr+1ec9WdgxqCbgXf1OGk096q4J//Q7/BlAAstTQLELIj4SUExgxA7s6OrU552AiWp/52OGYCJIH8xnse9w9Xth+er8p6ApWxiYUC6JDkzceRvHBEzge8TPUzklqnN83p9B6tVxymmI8r+yU8Kyvq4MJizr+2oFw1jOabfuS/CJYN4GBqs5YH9NeQYnnoNPThBMLEcDgxR4uwcrV3nloFCAQoGJiYPiJd5PxF/j/f7N9UpTCFH1z8cw4v0k7oXUsyW7YybwYhrwd+Bhkk7WvVrffdbdRe1rrFfHJqBuWsbtsXpVvlsKPGCZ1WMQOil/BzBxpZ7Bhx3gsANEurbpfpgCCDwWWbvnyaUqwGXnx+7cptwAFYjAvAISyqUwhQqTv/e88lDL6rPh+Vmdq3fPhyHqWNmyrG8igwnL+sK6+OwJphwkY5lNxnOfV5JfQSuCChbQKkCBTgp0RuQ6lVaAYvrvHc+Qz/12HBQZTrD9q4IoNulWUkFb1f8VylkqWMY6BSV2g/iJY2ECJLqJ7hQ47JbvWtg+V4FSFUBNywF1VT22T+uX1Hezq58Aih04UYEIrL8LSEwD9NNy5VjYdVdM8x1kmMCHav/mY7LAREDf3CdEOasKWKvf18p357Qq8FYLu91hF0ycAgnllOhABIMQFZhQcKY756vzIh6vIHlWjoj38yjLsr6uDCYs62fqNThYmOgl/psIrmBUQYo1sWBgIjsj0DmB8EGBiuxsYM+KwPKOg4KBCdbvd7wFFOxfPJ6gXDkoFLAIqMf8Um5jqiBEzq9jtfKYdsEzLpWTIiDtJvrVBPbE7dBNhL8rmDhJo6nfqdsR+75WdR2gOEm/G5jYgQa77orJuqsuIL2yD7pjEdAW0NbVLVXfe/xt5bw6h6nzjQrCFYhgdX+ncueMmMCJq46I1YbvqYIrah905+nJeTEfO5a3LOuHyGDCsr6RLj57AoNSXL+bSK4+OZh9TW05QM2B+Qrk84QlgwoGCfBWj8pRsQMl/ipej7kkWBuCiisOCpzkR5PvNOn7mvrk95Tb1CSxaqsm9QHpJADYhQZTMLFbN51MTxa1v7r9GsP6Ko1hPWtT/SaqvotPIp/LXf0VENGVu/pTIDFp34EUFVzYhR+sLSA9hQ/dscF8iD4o9p2sfg/dea07x0wcEur2BuY02AETJ8+W2AUTyiGB779ySOB+mpxL2fGKVK6O8zvZKWFZ308GE5b18/QafBK36ncH6+ygyAHs2hZeKUcHBXNOdP/i8Tv1XzAB4cIulKjcEqqdrYvAYbIoB8Vr1JP753i7rxEkZFVtk3bs0wW/XbC9FnTSrADnCrCYTHbZdnehyKRtZ1H7qtun1b6PQRnXZ/XT8lWpwLMrs3oMaFn5O4CJCRxgoKDbxgRKVADi5HN3+z5EW4iyqluaBLKYvkCf6vdeOSQmY1gFJaaLggoVbKj6vEDK3heDEJ1DAvO75052rDAfg3rLsr6pDCYs6xvqAc+eyOt1E8/V5xnWeSX5FYhm50R2SuQJj3IvTJwTU6fExDlRPXeCvb/n1MZu62BOCgwUVMCwxCb0r6SspIKATrjtKkju2rDfDpg4hQm43Y+AD9WEu6tX5Ul9FOWAukm9Kl/VFRCB9RWcmATJHw0oHg0mJtu6E0yo/VkBiSjqWDmLfRfZ97X7zXTOKAUmKofA1CGxAyauAImqrFwalTNCuSReIc/K0/MjSzHPyhHxfl5kWdb3k8GEZf1ZWsFszufBHMu4Hk48V312TSCYQMBQOSkyoHiBNDsX/oLyrlOic050kII9e2KVEVQoMJHhBu5fvPUjgu//tW5EPcF/Je25H34HVB98T5PJpQq8mZMi90NwcQUmTPoxUDJ9H9OJd1evyl39JI1hvSrfrbsAxST9KmAiQgOAq66KST/2utP3PQUPuZ31wfqubqn7Hud29VvFOua8Yg6J3NYF6hjMn7okdsDETh1bKodH5ZBQ+0qdc7tjEqnM8pZl/XAZTFjWD1DhoGABJw70WJ8D1S4wxnwOXrOjIE9E2K0NWKecFOr5ExWgYE6JXecEAxPPwQGFclRMnkGx0hcoq2BhCYHBVCpomKyjvi+YTgJsNlm9AwjsLI8AEzufdwIevgKY2A0UKiA2KT8STKj2LjBX/R4NJq4u7HV3Pm8UdapPQJsqZ7HvWPU9xu9091tlQIJBCAYkFIhQgf0JmNh5PsT070Sr96Lef7VU+7EDE5giiJgcfzskLOsHymDCsv4cscAVwcXOQL+C5xwUr2B6AYj1GggqnqGfevYEgoo8aVrPn8jPoVDPhXikc+IZtpWdE79IPkOJClI8kTIueb+HaEPlugpm4PdBbes13r/eJFjuAnflpGCT3Y+CF93rs/fRlSfgoQrC7gIT0/a71EGxu8EEy+c6BRy6PhFnwf4jocPua1efEfcVS7s21A6UYN/H6e9qF0pUjoAqcFe3QdztlOiAA3t+BHv9F5Lv3CDVvto9f07SrEefiyzL+iIymLCsH6iL/95RKQfC3ST3NfV/hbq85CAd4QS7xYM5LpiDonJKKDAxcVAoMNG5JjKw6FwUTyllcILBihDlnE51sl7+Pk0Ahaqb1O+CCdVWrfMZYIL1jaLfJI3DetQpsJh+l6YgQtXvAIpcrkDFZ4GJk21Urz/9vKwe63KKedVHaRKE7p4zJhBiAiR2XBKnYKICDDv1UzBRvecdh0TnjLgDSMjzjJ0SlvVzZTBhWX+ucgCZyznd2c5aFmzI+bxN5pxQcALhw+/Uhik6KLKTQjkjTh0UCk50oGKyMECBcAL3eRe4vJI8in0XKlXbYn12gAULyqtgBN05rH/EDBzsAIzuNbsyy3f74bSc64O0jQODm6QCWiyr7yqDDLvlLhifgok7wMIEfExfc/Keu/0QpC/WsbKqQ00AWfV7mfw+FYh4BJA4cUs8CkAoh0Tn/OiAxARKsGMRJFV1rGxZ1h8igwnL+sH6wH/vwLpI+VWPgAInkAxOKHcEAwg7Toqpo+Lk9o4KTFwFFE8kz8qToCWnU02Ckm7d16KuC9ZZn0mwvwsmuj7qfdwJJrDttMzyJ+WuXkl9R6ZggpXvgBIh0jvBxJV1p2Bi8l4nnzWnQfpE0adTBciwXP3Gcr4DERWYeJRDogMRu7dwXAUTlTOiul0D6xSEyHXs2OAxzCnmWTki3s9jLMv6uTKYsCyLaQGEnK8mB7l/xD8TFpxwI6BAKFHBCQUd8iSLuSymoOEUSJw6KNgzKCowceqg6IKeV5JXmvTJ/XKZ9VnK368KVKh0B1wwZ0Ve5wXKJ/CjgxJYdwd4mAQBd5Tv0hUokctduvIn5aq+Kk/y+D6foTzZ9glw6PYT1rHytG1p8l3c+b1NwYRySEzAhArirzok7gIT67XUrRoMTEyhBIM3k31fHcNo8pZlWRFhMGFZf5QuPnuC1efAFstdcPya+r9CHUIL9tyGDCQQBLzEe1hwB5jAZ1Co15g6KH7HHqBAWPGU6p6K8gRURLw/Prmu0k4ws4TbZ9+vKahQbQpcqO0wMIHbUqCger3q9Vl+WsZ8FwReBRGnwcQEZk3KU0DB8tPymbu+MgAAHeZJREFU5LeBqVoH29U2GJioXr/aVvdeA/qpY6PWqcS+H1d/s1MQwcAEgxBXgcSOQ2K17wCHO8BE55CoQI0CPFeAREAb1lPZKWFZf54MJizLQi1IgHVLClxU28LJdMT7WztWypwTykGBLgl0TnTOht0FAcYETDBQgTBi5xYPdnsHQgp0VFwBFEvse7H6qDamSX/2unmdaQA+BQUrRUdFQPkUOlzdZk5VfhdKVH2VPgtM5LorcGKaXgEZJ9ucbqPrG0V915fpBEp0Aan6zp9CiR2XRLf8LvInDom7wAR7HQUkdqFEtS8D6joQweDDzvnHsqw/XAYTlvUHauPZExEaRGDwiOuzSbm6YtcBijzpYdBCOSly/hFg4sQ5wYCEutVjeosHc08wMDGBFRHvj12ue4VyNPWsbhLw4Pby6ytAweon8KJaZxceTGDEdFssVflpQHAHoLhLO0ACyzvBOGs/AQFd+cq2urRaJ6Cs9kHXt9POd6f63ndgQkGICZhQToAJkFBB/tQp0YGKO8DE1CHRLWof7oAJlsaw/p3skLAsy2DCsqxOORBc5St6+d/21sTnOaUdoKiWykGRgcLU9bCzXHVOdO6JVaegBLvlA0HEjpMiivLK47FSmvQ57c/6VuAiRH0XTE3W+ahtVP26PCuj1D67W9PAuIIXUwiR66/Ais/ahupX9VHlaRtqEmhOgB0LcCdQQt1eMAEQq40F7wpCnDgl7gAT1WtV8OQqkMggojsusZFmGTxYllXKYMKyrLscFJVWsMgC4DdvJd5OvnPwO4EUykGxnufQwYKrt35ccU5UTorfzedmYGLHScFABgMU0yvBuQ0nquq4V+Ud5ddV39UqyOoC/J0rhruAYfraVZ8qr9at+n2Upt+BHTCB5SnImACN7jU6MLGzreo9o6bAh2knmOzgA2tTQIJdle/ABMKICkx0DokplLgLSFT9FZio3vsURuB+3gUTsZGGKP8rOyQsy0JdmfxZlvVDRcAEamfir664K1BR3YLQuQbYgg4EBAYdqNiBE7vOCUwrWLG7sP3FAATu71xWx0odT8xHqmP5XD65envSZ3JFr5tkT0HCzraubGO332n93ZrAh6p+EsCrflNIccc2phCjez3WvtumtAu/VlmBCQUlsL4LlhWM2AERDExUEALTO8FEt018TwggHnXLhgJD7HjmVNWx8hsZTFiWhbJjwrKsdyr+vWNpTSjUFWmlV1iHBbwh6p/SOnlSpVwDzEWBt3gsAMDqKtgwBRBT2DF1TlS3e0zBRAUpWLmCSBNgoYTfHfxOsb6qPBFuv/ruqrZp0PYoMHFaPq2ftk+1Czx363fKHwEmrr6vnW1MVME4VV99lysAwerY0oEJ5YyYgAkV1E+cEneACVZfOSK6WzYUmMB9gftL7esKTATJsxTzrPxGBhKWZSmdDGyWZf0hOnBOYF13FbG6Kr/adh0UDE5Uz21QYKC6BeMqsJg6KCrnxA6cqIBFByeei+OAx64qB0mDlCcB4VSTCfA0WJ8EddMrh6pf17bTrspd/932XZ3CCdXeBfIn7ZPv6U6/aZ+qfrcPavLd7L6nCjp05RwAK0cEAocKQJxAiYkz4k4wUa2rYEQFJHahxC6ImAKJKl/V/SuDCcuylAwmLMsaqwEVU0ixAygiajDBQEUXmKvAvnIrKFiwCx6mYEK9lyo/XSowwUBFBSYqoNTBCpaquiDtu22duoAf+1V1J9BgCjPUNk8BwzRIuBpMTI/NacC++705gWO726zWxfY7vrs7bVXAqYBEByiqpQITk3RnYYG+ckpcARMTcNE5IhicUBCighIV6JmAiSB5lmK+qosIgwjLsuYymLAsa6wf5KDoQMXERVHBhjvBhHJ23AEndgEF2+/smOAxVOWAOlYO0s706ABv2mcHAFyFESevedJnp5/SVTAx6XMXUNgBDCfnxJM+Sh2Y6uAXtk+hBCsz+MCC5CmIeASUmN5OsVvutlm5I6YgonNG2CFhWda3lsGEZVnH+kYOigmsqIL96e0WU9CwCzt2wcTJbR4V2FH7euqmYMdSwQgFL1C7V8inbVNN4cCk/RQsPOI1v4quHL/T9jtf8xHfsUlbBSoUdMB8LlcgYscVgf1UgL0DJbrbHU7BxBRITBwSLJ2CiWqf2CFhWdaPk8GEZVnH+mYOigpUTJwU1UMpu9sw7gQT7P1MyjtwgsEK5aSo4FB17Dowxb4HIdbBetbWrXuinQn47mT9KpS4axufoY9wIewe/53+d363Tp0Qqr5yPmBaXWWfBsWVW2ISgE+hhCrvgIcdMDHdhno/O64IOyQsy/ojZDBhWdZt+kIOiiqQnrgEqsB+B1CcAocrYOLEQaFAzQT0XAET6tgGye+kmGflrn63z652HRfd+o9a5yvoZP9fBQ8fccx3+lTfl+6q98QpMQESUzAxCaSnAfnUIfEIMDFxSkyBxOSzVOCmAxJ2SFiW9e1lMGFZ1m36Qg6KlVZB86mLogr8p9DhTjCxAyhUfQUm2H5SZbW/FTRSxxLrQ6T4fem+S5M21J0OC9SVCb2DgVpXjtcjj/WOi2UCI1ZelSsnBJYr8KCCYJVX5YkjIrd3gf0JkDgBEzvb7gDE1B3RwZ9IqR0SlmV9exlMWJb1MH2ig2KlVVCsguwppNh5JsUOtLgbSHSgYuqk2IETzFGxAyZ2nBQTOFE5K7CvKnf97+p7t646Mz5bH+Fk2NUV54NqrwLCLqisoMSJMyKivyrfOSEUlJiAiSsg4pGAYvqaUyDBQI3aj8oZYYeEZVk/Rl9hgLcs64fqizgoWEA8CaR3g/gTSHDqqLgCKCrnROekUPts6qSo6qpjqCBGDNMKXsRBWdXtbuOj9FMCia8wZzlxPqi6SXnHCYEpgw2sbeKIuOKMQBAxARO7z5A4ARK7jojutXeXKeipoIMdEpZl/Rh9hUHesqw/RJ/koKiu2LO6LgDHPlWAvwMNHg0kOhBRtStAceqk2AEUET2YUKCighMsnbZX60x1Mv56zD7TSSC1u84VB8SkfRJ4VoFrxBxMYDB8lzOiAhJdkP9IxwQCih1nhHqf7LNWwGYChbrjOwFXmK/qIsIgwrKsj5MnOZZlfZg+yUGB5WqpoIQKxh/hpEBYcQIm7nBM7IKK6b7bhRMTeNEBKtaHpSzfQQj1va6+76cgw+P2nhQEmK6309bBidfQAWIVUDJAUQWkVxYVJFeBNQu0p86IKaiYgodJO/t3jUc4I3b33WTBYxwkn9MqX9X9K4MJy7I+Sp7gWJb1afogB0Wu2wUUufwRTopJ/m7HRAcsqs+o6hm4wP2q8iewgh3j2MjnFNtVn0m9Kqu6qn5XP318vytYmkIGVqfKk3oFKSrYoPKnYEI5I7q8CrarwFzVTd0IdzkmpvmPcEbsAAkFHxSQOIYRBhGWZX2W/vrsN2BZliX0Gu+Dq1y38mrS9RTvt7HKq+4Z0idYL5df/tfvJd4G3i/BA/Zcj8tvKF8BFVNwMQUVpwsDOBMwgekJmJjAikjpM5QZsMDyFTjB2tj3VtWr7fzJ2gmeur5TOFEFe1MowYCECipfxLonEKIDE9VV/A5MVHDidOncClPHxF0golrUflD7lu3XiP+Odz7u1bFnaZWv6izLsj5dnuRYlvVl9EAHBaYdmMClCq5VgK0C9ykQqP6WdMcZcdUxUQGIrp7tjxMw0YGK3K6OY6SUgYkKSqhylUbRF+un5a5+t8+V/ndrN1ia9D8BDlW5CvK6QHFS3gETLGjtrsBXgXEHJpQDoAMTHbB4tGNCbXMKIa46I1SeHccOTExSzFd1ERF2SFiW9WVkx4RlWd9Fr/E+eMp1Kz8NWJ7inwngSiN4MPuc+q++KxB+TeW1rc498BKzQH8CDSp48dGOiSmU2EmD1HdgYgInqn4hUgUmYtDGUtZ3UlZ12L4TbOz2f5TuhhOTAG0XSlRXpru2KqhUsGEKJbrANwfOEXVg3QXcE+Bwddl1TOzAjgpKdJ9L7YsO7uQ+7HhWdVVa5as6y7KsL6fPvkJiWZYl9QkOCgUmqqv16mp/BygqIDFdOlfFDog4fThm97km++AUTEyOTbVEUYcpaw+oV2Vc56Se9VHlrv6036M1DaBUvw4ysLYORFT1DEawIPEqmNhdVEC8CyaqYHxa7sDDBBZUIOKKG2IKIDo4MwFDO2AiNlLMV3UREXZIWJb1ZWXHhGVZ31Wv8T6gynUrP5mEsfXW8jveB6+45HVe4p+A+SV4UM6ARBW874KJDip8pmNiB0pU0OcuUBFNPbZH0WcnPcmrugnIqNbv6j9KU9jQrT+BE5OrzQow7KYTOHEVTFQgYpKfwAkVlD9qmfwjRuem2AUQ7DOxz6v2+wRM4LENkq/SKl/VWZZlfXl99kTEsixrrAc5KHJ7F4zuLCyIVgF7Byu64H8CGU6fbTH5l45JuwIVVf2jwcQUWMSg7STF7cawHrfBtAss1PqP0mnwpADETr/XYf1VIDEFFFeXK2CiAw5TUDF1Hpw+cHLSr3oexOR9M0jB0imEOAETkepYivmqLiLCDgnLsr6N7JiwLOun6DXeB1O5bjI5w/4rOMz5iH8C4Ii3ASouL/FfoPya6iowUcGKCl6cuB8e5ZiYvO8dULELKFg5NtJdUDGBEBWIYABCQYWuHrVbv9vniqa/xyv1Ck5U9RgAqvIulKhARMQ/54ZpWkGJKZC4C0RMIMDJcnI7xuRBlRMIwUCEAhQVgFjHTEEI9n0KKKv6rs6yLOvb6dETD8uyrIfpwEGR67ugrwogJ2CiWlgQXrWduhOuLKf/ztH170DEBFDgPlN97wITu4BiF0Z0cEP1w/ppuavv2u5QFUztgoeuPL0aPYUSuXwFSNwJJliw/AL1J0CiAxU7joSr4GH6GtVrKwjB9tEEQOyCCSzvgglsfyc7JCzL+q6yY8KyrJ+q1+DBFU7ankQ928YqrwlnF7iqZU18n/+XVgG2ggEVuLgDTOwu1Xud9JuAiQo+VPUKDsVGOjnW0eSvpDGs79qu1N+t3aCrAhF3QYlJWuW7ulMAwYLnDk6wQPwUTOw4ED5qYa+p4ELVR+3fKZiIpi4GaTT1rI9lWdaP0kdNPizLsh6uxkGxNL26PEmr/O7SBdtXwMQUEuyAh7uAxRUwMQUSDFA8GkzkOqyPC2k09V1bta1Op3OGaSBVgQdWr2Bita1TEMGueH80mFDgYQdEXAUTpwBiZ70rMKQCExOIc7JEk5+kMSy/kx0SlmX9FNkxYVnWn6bXeBtgrUndE7RXQVHuu9ZdS25XQS1bXuJtAP0SfRDOgv0KYpzAhimQqEDJRwGKKZhgoGJ3UccV66PJY8pgRkC/q/ko6k/hw6l2YcQdeVVWUELlFYCo6neWKYg4ARN3AQm1/hVAMQETFYDI+2XHITGFEAseqe9DiHKIOsxXdZZlWT9WHz0BsSzL+jAdOiiwjl19VsEjph2YqNo6B0UHKSow0UGAE7BwCiI6ADEBFNU+quqvgAp17LA+mjzrj/1UeSePdbvj/+l66srwlfXuhBG5/NlgQgXI3VX+HUDRuQimYKIDDDv9T2CJAhO4P04cEtWxi+BgIqBPiPxlGGGHhGVZP1UGE5Zl/VgNwUREDyeq8uTq9zRwncKJCbBgAKNyWEzdDpM+V2DIBFCwz/jRYKI7dtH0C9EWYl2WxsV6VPd7OZ0zdIGUasd6BSum9VUAWYGJCaC4CiXuBhMYnF8FEqeggsGEaR8FIioYMXFE7ECJqhyDNIZlVfdOBhOWZf1UGUxYlvXH6eK/eWB5F1Dkui64nSwTJ0UFLE5cC1ccEVNQUb0X9dk7MDEtX1nY8YyiPZo+2J7TOGzHetR0bqD6TQOnu4HECZjogITqfxVCTMDEtFzdrtABibtARFXehSMTAKHyFXSYLHg8g9RjXZWGKHf1BhCWZf1x8jMmLMuy3uo1eMC1JolP0K+acOa+a92n1NYFrZPlJf4JrF+gvgq+Kzig+py4Hk4AxBRQKBBROSk+AkxU8OFRcALzUzCxU8f0CDBR1bFg75X0Y+tchRKT8meAiSo4vwIkJsBiCifUOuxzVH2qfXEFSsQwr8oh6jCPMniwLMtKmk4+LMuyfqw+4VkUWO7AhKqvlg5MdMCiggtTmPBRYELlT4HEVVAxPY6sHKQd66Loj+sEqWdtqq6q39XOVeMquFPBYBUcVoAil3cAhKo/BRG7gGLqHng0mJhuq4MSk890BUJMjiPmVRnzHYxoIYQdEpZl/emyY8KyLGum13gfoOU6NRl9asoRb4PT3OcKnNhxUHSB/cShsAswKhByF5D4jmCiSr8znPhsKMHABKbfFUxcARQTULADHE4Ayc5nPl3UMWX12MZS7KfKqs6yLMsC3XUVxLIs68fpwc+iyO3TYHQaAOf2afCtgv0OCFxJd90ZFdC4AiQ6EDEFFZPjcQImWHtAPWvDOtVHtTPtzhu6oOwuMJHzKsDsAMUumNgFFF1wfXIrRxXoT/tPb604SVXdLpjI9SfHA+tCpN33bQIiqno7IyzLsoTsmLAsyzrTa/AgbU06n6A82VZO1zZYUPoM5SoQfgkeWDNHRYi+XcB/BVzsgoad1/hOYILlWX/sx8q4/qR+2n6XVKDXtVf1HaBQQWmV/45gYtdBoeDEKXiY3HqCoGHiiFh9qv0dKX2BMvbDtoC2ST2TwYNlWdaBHj3xsCzL+jG68CyKXN8FitVV7ymYwDrWhwXfa9vTwLwDBztgQkGKE0BxFUg86laOq4AC21S5SrGfKitNwUUHHlT/rlwFkhWc+EwgsQsqrgKKDhx0MGIKJKavU33eHTAxOT6RUgYmctq1VfXYLmWHhGVZ1kx2TFiWZd2r1+BBG05On0Q92xama8KtgtYTOPEC6Q68mJZ3bxfZgRLfFUzs5HdSXD9I+6Tc1U81Dewm5UlgeQokVP47gIlTOHEKHCblKD7nzoL7WpUxPQUPHZDo2izLsqxNXZ1oWJZl/fE6dFJMyyrgVKkKZq9Aiw5MnAT6d4GJE0CxCyCw33R/7ezv2MhPUpU/BRPTdlQXvE3BBIMRrP0OIDENhneD6WmAfgIslBvhDjCx+75OwcRkf0fTl6Vd20n5neyMsCzLuiY7JizLsj5Gr/E2qFuT2KemXG0rp2vdLojtgt9qYa6KiPNnNOw4GhgUmd528tXBhDoWVV6VMX8VSOyCil0Qoeo7QFGBClXehRNd+bPBxBRIBKmrtrELIPC1dvaR2l9q32PKjndA3aRelVWdZVmWdbN2r3xYlmVZjW56FkVXrq6QXwUTXRnbTm992AEaV8DELoi4uqj9tbOfq/y0HFA3qVflu7ULIqr6CkZg+U4goervXiogcAeY2AUQp2BiZz+rtirt2iblrv5f2SFhWZZ1r+yYsCzL+hy9Bg/+1mT3qSlX28zpWjfXd+Ai5yd11XMpEGCs9Aq46OADvtbOa34FMBGiD7azFPtH0W9SVur6TYO2K4BiEpBOgESu+4pgAgEDpruAYce5kV9r+l5Z364uRMryrO+0XpWnbZZlWdaD9OgrIpZlWdb/9AWcFCu/AyZUflK+CiZOlo8EE+rzTutjo57lcxqkT9evqlfanTd0Qd5uYInBadfvBEio+imYUPUfDSbufs0piKjKXR5TBiNU3xB9Wbmr/1d2RliWZX2M7JiwLMv6WnoNHvytyfFTU55sM6/7RLZ1F6jA+uoZFWrdj1jye8D0BE50+2EXTARp60DDXUBiF0R0mgaIU0BR9dsJfu8CE6ov9lGg4VGQYec9TQHE3SAC21WfSb0qT9ssy7KsD9bdEw7LsixrUx/spMj1eGW96jO9cj8JxBUU2An+r/S7A0zstKlyV69SPG6TVPXHeqWr84UuCLwLTKggd5LuAgos77TdCSam603f0w546PZnlQ9Rp/pEUa/KXf2/sjPCsizrc2XHhGVZ1vfQa/DgcE2mn5oy1ld9I9VPYQSmOwH6C2mr1lHQQG3jCsiYvH73XlT7pP5KOaCuqsd2Vb6q3UByEqB2ge20PKmvgnxsZ4E+W+8UNHTvZef1q89WlWOYVmCC1avjj+2qPG2zLMuyvojunnBYlmVZN+mDnBQ7+VMwUfU5gRlTMMH67PR7BJiY5k/LmJ9+Dz57PrB7RZwFsSt/Wj7N3wUmpn0n/aavX32maNITMBEH+Um5q/9XdkZYlmV9TdkxYVmW9b31GjyoXJPvJyjvbuMJynmbd6SVg0CVmcOiKmPbpH0KSU5hRLUfpilul7V1eVX3aFAxCTRPgtnqqnsXOO9e8Z+Cgq58Cj6uAge2v3aBwyRVdZN6VHcesyzLsr6pPvsKiWVZlrWpoZNiSfU9vZKOgTDrewoodvqqdXYgwc42dmDCo8BEQH9VntSzvOrzCE0CTwUrJvWs36PBRLetDhRg/QkMqbbRpXeCCNxmDPpW5a7+neyMsCzL+l6yY8KyLOtn6zV4kLkm7U9NGetz3ap/TWnue/XKvypPQAGr2wEBO4Bjuo0u3QETJ/2wXpW7+quaBp27Qe0kUFbpbgB/FWJMttHVT/piflreSVVdVY/tqjxtsyzLsr65Hn1FxLIsy/pgfeCzKVR5Gkiz/A6c6NK7YMEd7+MU1nR9dtqnZdRdc4UusNy9in4FREz77MAE1j+gfBcEufo+qjLmq/17esxUuav/V3ZEWJZl/SzZMWFZlvVn6jX2nBTVdnJ/XKdyVKj8Rzgtdsq77+vEDXEVOnT7lK2j2qv+VzQJJFWQ3LXvwomu/SoMqLaxCwo+w/mg8lcdEV1912ZZlmX9UNkxYVmW9Yfog59NMSnvAorcvgsY2Gvc6c7o0ilwuNqPte2277TtaDcYPYUUuXyHq2KV7wATuK1pGd/T7jaq9zPN31Hu6t/JzgjLsqw/Q3ZMWJZlWUyPdFSw18j9cJ3dYH3HRdBBjFPXRrfOlX5V/qRd9flITQLaj3JTnPS7y61w4l44/RxVn2qdqn9X37VZlmVZf6g+eyJiWZZlfRF9kKMC63eu/J/c5qCC8l23xql7Y7qNaf1dbojp8evqp7ojsL0LVkyD7x0XBStX25i4FtTnOXmfqnwVRNgRYVmWZd0iOyYsy7KsE506KrC+c1Tk9VT5asDfwZGp82L6Hq7k7yif1t+tq7DiSvk0v+tCmDoi2LZOAUrVB2VHhGVZlvUlZMeEZVmWVWrTSbHUraMCebX+Hc6K7rXvgAd3bXvS/lEA4q65wjRgfSSwOLkFpNrmLpg42XbXb2ebqty9tuo3lp0RlmVZViU7JizLsqxHSDkqcjuTclrc4azA17gKME7gw+l7mK6v+k3rT/tN9Sg4ge1XIcYpwKi2sQscuveg+nTbONnebh/LsizL2pIdE5ZlWdYlPdhR0fU/6Xf3rREf6Xq4uh+m7bv9proKJlT7Xbcq3OW2uLt89zMf7IiwLMuyvpTsmLAsy7I+Q1NHxfRZFbge9lN9dhwWn1Wu6k8dEV/9wsRp4DxxGaj6jy5P++T6RztOdl7DsizLsm7TV5+YWJZlWT9En+ys2O0/gQB3ujhO1j/Z9m6/j3ZMPDLwPnUXXF3/Tlhyd/9WdkJYlmVZHyE7JizLsqyvrKvOimjaJw4L1pc5K1T9I8HEyfZP+z1aH/X8idPtXAEMqv1Rt7ac9rEsy7KsT9FXmYxYlmVZVkQ8zFmh+t293iPcDV/teRHT7dwVCH9U8H6HC0PVn36Guz77O9kJYVmWZX0lGUxYlmVZX0qHYCJib0y7+xaGu4DHyfswmJj3e9StJLuf9c5bLo72s8GEZVmW9ZVkMGFZlmV9S10AGBEfBx66/ncCko8AOo/UaaB8ZxB/5aGRVf+7wYWUgYNlWZb1HfVVJiOWZVmWtaWLYCLibAz8KHfCVRBy+jqfrUcF1VdBQbe9q/2urvOvDCYsy7Ks76ivNiGxLMuyrIfoBpAR8XWBw3d70OVUjwQAk+18FMCQMmiwLMuy/gT5Xzksy7Isa67uX0Im65+oe82PDuC/mz5j//yp+9qyLMuytvXdrpxYlmVZ1ofqJqcF6tHj79W/EP0quuuZD3e97rHsfLAsy7IsLTsmLMuyLOvjlYPUR8CCaUD/1UDFZwbvBgeWZVmW9Un6ahMSy7Isy/pRepDjYqqfNs5/Gjyw48GyLMuyHic7JizLsizr52oSTH8VeOHA37Isy7L+UH2VyYhlWZZlWRf0yc6MT5OdDJZlWZb1/fX82W/AsizLsizLsizLsqw/V/8PbczqJLCUs5MAAAAASUVORK5CYII=" />
+        <image
+   id="_Image5"
+   width="889px"
+   height="582px"
+   xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA3kAAAJGCAYAAADmq0wZAAAACXBIWXMAAA7EAAAOxAGVKw4bAAAgAElEQVR4nOy9wbLjuq4sKN84o/60HnS8//+Z/Qanva+KRQJIIAFCMjOiwpKQSECyRBLGcvnz//2f//f/uf6Lz7XGzBblS/6jXdPz2KVcvPurmGh+0fiV/rNtj7/1emTzWfHY8bP03ma32CJjUQWfbUe5iF6G/6/gn2J/jR/Vs/hLnJmtko9eH3TfEi/Tjuz/IxzzxLPosfNjxv8nmW/JEfVnXN8MvV+xR/QsNhP/P///668VeKv4kWKLUeAx4lcVMzNuZnGYzWfGi/pb7xm23lPtK05ET7Mx+RX2bD22/9vxzxW7Rqh/NB4j/iX4jHoav1J/5M58tethyY9p/+da52vZ/1zyOaHxLHqR/ND41nir95rFn+1rmlr82bki/qttlt71I/YRiJ7kC/H/c9UubtCFRcXi0BIX2ffmJ/mh+1E9j78nHnr+2fyseB7/ar032Fdci57Fls3vZNew2787LBN+RE/zR/iWgkfSQwsyTc/q683Xonf3/yx4M44lvwr7uKCc+VmKBVY8axHmzQ+Nb4038tDziBbb1n2tALH6W7ejeqs8n24fEdEb4eH/28lbEgzHrHz2oixqz95H8vtMjkX2o3qov3Zekq0LPyNe1B+9x9l6T7NbbOwxicmvtls5Gb4M/664L+x26O2OP/peg7+khxaMGfqjv7a4RfPLtN8LjVW+1uKGGU/S8+Trje+JNx5j8yWuJb/xnLzvN6O4Q/SuF9pHVOv9hVWRx15Modi9WGTb0cUfWw/xt7yXK/5ncmwX33r9VjYtB2+8Fdebb1SPFS/LbtnXbJHnBX1WUX3ExtC3xujs3x3j4qdaj82P2O/vtbSAlfhSPIb+eGw8H83uzS/DPj5bEgc9f3Y8zd9TjGbGy+aviiPN/wL5lvFhzEPT08YaSW9m71zIafYR1Xp/YFbkWRZJKD+6qHqqHVmsottWvYj/k/jauUt8iz/Kt+Tn9WfoIfl1s0vHIno7+ZX+Vo3O/t0xW1BW6rH5bPtsQWzV0xbTHn0LX7JL3B37n+vPc0TPz1ucaByr/yw/NP6T+Pf98RibPysiPcXhGAstTq161wPtI6r1/sVY5LEXN+hCY/fikWmX/KR9tp7X/4l89HpZc/DyJX/Jx5OvR8+b3w67dhx9BlBNbSyL6iM2hGPlIloZ/rv1NWifVI9A87V8Eo74R/nZ9kg+4+KQoT/jrjjSIvt+fGexhxbJo31cgEbjaXrWosnq/zR+9b5WcFj9rdtRvVWene0jqvWu6/qzyKteFKGLsifZP5Nj6D5TD/XX8ujI17gWPqofjee5H7zxGfl1sK+4O/QQm1WfGQ/lo3ps/936K0gL2A76qL/Gz7SvCiRETypSUH1PQYfmt2N/ZZvlPvPVii5rPKuelB/i/1T+dePdbWz+LCfv/cUo7hC964H2EdV64k8ooIsLZDHF0Ntpjy7WKvUs7+2K/5kc28XXzhe9Hll8Vjx2fFZ+O/ZHRO5vhl7UztbTwNZj++/Wt8ZfTbS79VF/jZ9pv7+X0gJV0pP4qL7EtxSXWkG1234N3Lt9dn6jr8Sp1nsqf1b0afxr4Rvlz6DxLePLmIemp41Vkt7Mfgq9xbHVTyhIk6p10SjBswjtYvfYqvQ0f22x2Yk/217xvdeJFV/a9viz4zPy67AvHbf4svWsdnSMZdiz9dj+u/U1zBZ4nfRRf41fbbcUKFl8bXHqjd/dvjrfVXGSqZdVLHXgj8es91sG3/peZPqvtll6V0P7iDI963+8ItmQxSVbb4fdwlvZMvU0f6t+J773vCN6LD4zHju+N79d+5ZjkXEG1fPa0RyZ9mo+2383ovlbPrlm+kf51fYRlXxtManpdSjYEPt9oT4ev262Sj3E/4n83ftaQVHlb92O6q3yfEOhN0LkW/7jFcmGLCLZejvt4+vKp0pP89f8OvI17sxmuV6IXibf4s+OH8nvCfurY1V6aLyoHmqv5rP9nwppgZvhz+Zn2lddiUq+trjU9J5m/1x/XoNV0Vah5/F/En91/4162fzP8LrSy/af5Z2ldzW0j/DoSRp/8bX/eEWyIYtJth7b7ln8RfzZeuOxlf5nYV/5ZvK198P6fml6WflF+VZ/63vNur+7PZuzY8jzxNbz2Nl6qL2az/Z/OsbFSrY/m59pv98b0oI1g28p7lC9iH0EW39WDKMFXURvll/EvxvfWoxoel7+NbFfE471/rc+z1q8lQbyPEb0Zva3FXpLPek/XrkEG7ooY+qx7d7F8QfgePWs/iufiP4HiG/hI9cOOR+LHju/KN/i79Hy3G8z3tPs0rEKvahWhb2az/Z/OmYLyEx/Nr/abik4rPxV8ablY9XzFo/e843GvxcHUryZT0QP8X8KX/pgYHUM+XBB469yRfKL6EvxkGJ19GHpWfLT4mXYR3j0JP9/91f/8cqdKB1jLIx2LxYtPG0/Q8/qP9tm6KP5W/ha3qvtiB47vwz+yua9t633m/W+6mjXjqPPgJfr9fHoMe1RPtt/tz4K5JPV69Lzt3xSjfhH+bvtIyL8cbE3+msFlqaH7ltj3f3GBV8k/ldrxZvlo8W3Fk1W/6fwx+PsYlzK7w52flb9mc2yrcVbxUWKZSQnLR7TPsJ73UdMz3v2H69IyXgXYQy9TPv4uvKx7kf1PP4fov7qukX4Gndm0+y784vy0XyQeJ58Oj+jK/uKW6XH5Ffbo3y2/259K+4LpQ56qL/G32mfFRxRvqWIi+ih+1q80f65/syBUSxYr6c1fjR/b7wO/PGYVIis4qH8z/C60tPyY+ivislovOvG8xZ3SH5aPJZ9BKJn0fxDb1XkRRdjbD223bM4Yupl+1v0V+cz25b0rHzr9ZtpMPJDNCJ61XyNy9b3xvPqrzSY8Xbzq+1RPtt/tz6KcTGxWw/11/g77ff32vIJtoWP5CPpjRyvfRZ7le947zPiS9dnxV0dQ4u/J/JnRd+Kv4qHFJfjgn/GHxf91nws+yNQ/phjNN5MTzt/tLBC4jHs1tykYyZYf0IBXUQx9Zh2y2I1Wy/iz+JbzuejxEP41niSH5ofcm3Q96oDX/K32hD9SDyLticfdjwP18PvYI/y2f679VHMFow79VB/jb/TrhUnUb7Hf8bRNKx2tNPBiO8pVqwFFKNY6sQfj622Z9xd8SJ8y3sd4V/Dvsd/1JLs0fzQeFb7isvQ+xeWn1BAF29MPaZd8rOeA0PP68/iz7Znekg8iW+NZ/FD80PyYOhV863+mqZVnxVP4ln22fGQY0x+pb2az/bvBvR8LJ8sM/2j/J32cfEV5UsLXWu8WewVR7Nr8Wf7WlGA5jcuGJH4Hr1ZgfMk/mp/9Fu9T9XxPPndYbl+Ef4Iq/9qe6UjFbyW/LzxVvZrwrkW9qjedV36TyggiziLLboo9Npni1J0n6mH+mfwPwZ/aRvlS/EsWp54EXt3vsU/opcRb3WMkU9FPNQfyaXCXs1n+z8V0gI5w5/Nr7ZbixQrP+LPKKhGuxZ/tVhnxL8v/KV4q/hevafypQ8IVsc6xPPkhxSfDL41/1WxOm6vNCP5ReLN7CtOmp70EwrMxRqqh9rRxRYjH4SfvVhE36uP4DPbtsaT+Ox4iAZifwrf669xs+NJsSzxs+Np/gx+tb2az/Z/OsbFRbY/m19tr+bf78/Zgmq0jYtDr33koHZP/PFZlDgZeky+pRhmXT9L8ciKNy7wrfevd/+6HbfEG5HxPGpj13idxniz67iKr+Wn6aF2FB69f+2rn1BAF1maLbKo1OwemzdeZHtly+Sv7NbcJf3qeMi18NgZelV8S34MvUg8y340vqaNjFPscQ6xVdir+Wz/p2O2AM30Z/Mz7dpi2RMP1Z9xVjZ0H4230vTG1zoX1nwiemjBZOGj+cz4UqGP6DHjST7WfFnxZjbLexfhr7YRf0lvtEv6WYXezL7ihuJp//EKe+GTYbfwVjYkHmsbjevlI3kh/jvjIboee0RvJ99qQ3wY8azanvirY5F4nlgefoW9ms/2fxvG64F+qov6s/mZ9nFxhepJi1ar/gjJH93X4lkLLEZx991Him5LfE1v9I/w0XwkvhbHqseOt9pH/aPx7n53WK6/h2/d1uKt4mbzUPulxLrbXfGk/3iFvdDJtI+vKx9vPIs+yp/xWHwtr+92xL86npXrte/W8/Cr9ZB4nv1ofIlr0fP4M/lsezWf7f9WSAvcDH82n223FjlWIPqrAlHyR/e1eJJd6zR49y25IvE126wI8vLRfDT+eMyjx4qnca35MuON54QUoyjfkqM13nXjrQoh6f326KH2FYcWb/Ufr0QXQ6hedDEZzad6Mcfgr85ntj3Ti/pLnE727771/WfFq+Lv0vPaM/aj8TRb9vPNtlfz2f5vx7hYyfZn89n2bD3J/36veoo362LeGm+lvTpmiS+dD5KPR0/zj/DRfDQ+qscoaFf+1zXX0vxn+3ctb7xRS4t3B8qX8vXEm+lJ5+PRQ+Ktjlmh6f1hn/3HK+giJ7roQ+zoYtarYdXfxbdcn0+i/2q7kx3xY8er4Fv8I3pWzZkNtXvyWWlE4nlisfRRu5Xj4Xr4bP+3Y7YAzfRH+LPFL6on2bXFdVQP1ff4a9dIsnsW658hBzR+tFiYxc/01/i79KRCfnWs2n9WtFmK26p4Uf417Ev+nsILyYcRb2VfcSG98T9eYSxUmIs/y/ZKxxrPq7+LP9ue6WX5r/w03R12ix87XiVf8mfoWfOzxFgdi+TjOWblSmOFZkfHUYsd5SJ6FfwoquON8H7qusJ4Pqg+6o/wx8WLR0+yz/SZeqi+x3+mZeFY4s320aJ5tI8LwEh8jx7qr/F36Wl+q/jV/loBsDtelD9ilieTN+ZjzU+LJ8WZaWlx/9JDfifPYmMuAmfbkcWgFA/V78D/GPy17ah/Z/vMZrk/mPEy+Wx/j74Wz2L35uPZR+NpGgx9xB6NH9WL8qOojveFtMDuoI/6a3xL0YLqfYZ9ST+qh+oj/hbt0Y7GWy22PfHvC3UknhTfo4f6a/ydeuOx1faMm+0/OwdLcVIVj8lH81n5WPS8+WnxtBxmgPSsv5NnsUUXe8hiMKqXvTiL8C3vhTXeZ2H/CDFn20/yt2gw7V49rz4rP6s9mt8qpjV+djyGP6qP6kXjR/Wi/Ciq463ia58m79JH/TV+tl40PrL4ivjPNGa2cbEn2aP7aPzx2ZE4aHyPnuTv4Uf0ovmt8hkX4J7r6y2m77D4fxZ+o954XrN4K/9u/O8xqdAb9SV7NN7qmBWinuV38iy2yCJSsqPbKHdms3BYfM0Xzddqt17XVfyn+KN+O99rj77XX7N58vPso/ERHylelj+qj9qztDx8r48XlbFmmC0AO+mj/hof0ZstfjV7JL5HD/WXzimjeMve/1x/nqPlPYvoefwjfKueVMiz4kkxo/Et/lL8mU16L6N2j96VyF/5j1qIHc3PG2/FFfW038mz2JDFGGJHtyN+lslBi4vytXzQfK3xZjwk/lP8UT+PnaXn0Wfmh2hoNsu+J/7qWCQeyx/VR+0sjQif5VupycSYn/dT1yx91F/jI3rj4sZij8TX9KRFrzWfEdon/d33kaJ5VVAgeog/g2/V0/zY8djxrf7avregsdqj8UZE+at8oufN5kl5z7Tu9qme9Dt5K8HVMab9MzmWrSfto/4a32qXtqPxPsH4nf0RLa+docfU9/hrepF4jH0tvsS16mf6d7NH+Wz/bL0sSAvcDvqov8a32C+BY7Ej8TW9iP+qQJT8n7C/so0YCwpUz+PP4CN64zFmPC0WI77kb4mv5cywM/RW5+Thr/xnPkihh+aHxltxzHraf7wi2bTFV9S+Uy+yGNRys+iNxxnxRp+Vxmx7Fj/bv6s9W4+VDyt+x/0REX/L8+N9frvYo3y2f7ZeNsbFQzd91F/jd7NH+ZL//V5kF1vfY7vslmJ1fBZRvYh/df6seFLc7PirfK5Ljj8WEddwLOLf8XnXxsLZdbPaPeeLxEPxh+/szzVXCa6OMe3oNltPWtx9hGMrfkSPGU/iSdtWPYY/89pk2Hfoef098Z+4Lx23HkNiSf6oPttu5UT4LN9KzSzMFnZM7Sugj/pr/G52Bl96/9jFnCfnqF0rHrT9z0Qj09/KX11rVI8Zb+aTFd+bT/R8EH/LtbDaGfzVtpV/gXaLPiOehH/5WpGnLXSYdnSbrSfFQc/zQ9aLxBu3Z7aIHtMfibPDXqnHzAexPWEfOWblrnw1G5oLy+7levhenw7aWRhz9n7qKmlHPslF/DV+NzuDL71/mr9HfxZrxWHYP0J+lv1VUZLlb+WPx7XiweoXjVcVX4uz4kXPB/X3Fkir+F4+a9t6HmyedJ4aPtc1/49X7gTpGNP+mRyr1LPwZzzNLm179CLxPsp+VI+Rj8V3l323nsc/oveG/REWvqTB0Gfau/NRZOtn4b7QYeldAU3Uv6LoYNoz+J9hX/JH9Hdcm8/15zl5zieqh/oj/PGYR48Vb8XNjO/JJ3o+Vv/ZOXnsLL7lHK38y2BHzteip8XQ8Nd/vHIXkY5l2HfrRfgr+2dhR85N85ltz+KNPLae1X91bFc+mr9FA7Gz+F5/dH/HWBDNP6qn+aP6UT0N3fgosvWzMS42duuh/hq/m72ab92fxZjZxsUf0z4+SxIHKda8epJ/lI/qMfKb+Y8LdDS+VABq8dF8sv3vkPzHosWiJ/G1sW52XhG+ZPeMd0g8Ld8/MPsx9MpFHbrN1mNse+0z28puzcfqz9az+EvXZkc+Hn/UT3u/vXyPvycfay5su5cz84nGZOqz7d35KLL12ZAW9Axdrx7qr/E72mcL9BUf1bcWc+P+Kka0eIws9jVOld7MP8K36kmFuEXP4i/FZPt3yyfDf1ZkWt5fS3HK4F+g3aLPjPcHxh9Dr1zcodtsvaq8LPYPGDfiz9ZD/D3HMvNB/FE/7f1m8hGbVV/TrLCvbNp+VM+iheiz7d35KLL1szBO2l10UX+N39E+3jPszoDmr92zSD4Z+1oR/Llq9SwFFMK36ml+mp7Vf7XP9tfyrs4ny99a4Oza1vIaweIh9uu69J9QyFrEfSbHKvXYfJZd22b6s/U0f4t2p+uz4iL3SETPwkf8GflU2zUbuo/qsflse3c+imx9FmYTa4a+Vxf11/hPsH+G/Tsf1Uf8ZzY0n4x9zeZZnEf02HxEbzyGxpP8tVgZ/t3yYfp/bZ/hdWW35JDFvwx25Pwseqh9+uea1+RYhn23XoSfZf8s7J9rnd9s2+LP1lv5sPW62b/7mh3V8/I1Lls/Y39EtR6bz7Z356PI1mfjPll31Ef9Nf7T7No+0/9+7+4o5rT9Mb/xWZM4UT3N3xMvoheNN/Mftz3F87hgj77fET2L/zXhzfyviV3zn8EyniF6M742Vmr6kp7l/NIKvfHPNcekxu2oHd1m6zG2d9it+Y3XbuXP1rMeY+vttCN+qJ6HL/lbbYh+xb5mi+jt4LPt1fyonxfV8VZYLV6y4qD63vy0eE+za4vzav+O+5/rz3OSCh6vHoO/ei9QvWg8r74lfykH673p1fP4S/fObrtHTzpPi/412R9tq3wohZxkn/3vmp/FdtSObrP1qvJi22e8kf8R9MZttp6Wa5ZeB7vFD9WL8K3+mqZVP2t/dSyit5PPtlfzo35d9KMYJ/lucbL8nmaf8cd7S/qkne3fcV8rWj+XX8/ib+WPx7XFv9UPjefVt+a/2kevI6rnKWbGYx3s3nyt25q+NW+UH7aPRZ53UajZP5NjlXps/g77x8DXtrP1Vny2Xgf7zGa5vxA9hG/xj+h12B+R7c/ms+3VfLZ/93hfzCbWinjWONH8tHhPs1v4n2E/07/jvmbzFA+IP8Ifj3n0ovEi+lL+WuzVMaaexf8zvI657LZ79SzXwKp/3XirwmuVV1qht/qPV2aDW9S+W2/F9fAt9lU+Gtfio2nP+Nl6lvOd6a2OefWy/S0aiD3KZ/t33B+R7c/ms+3VfLZ/93ir+NqnsrviRfPT/J9mj/LZ/p3378/WuD8eQ/Us/ggf1bMWsOj5aQXeKv6KLxWUWj6r/Lx6d/8Rkt5YyFzX3zor/1kcxB7Vu+c2blv10cIMiR+yV/xOnrboRPQY25ZcLXzJbs0HuVYW7V16nvP15uTJL8sf9bPcb1Y+2/8J+5oN8d/BR+1ZPC8/W6c72OdpmfgRHTS/2ULBo9/NHuWz/Z+4/7m9XpNttr/Gt+qtCivpWIW/lD+il31+s1wjehb/2bVB7BfIt+iN2it/T+EVjQ/ZK34nj6XH2rbYI9dhxpvpI3lb8tmlFzlfzzE0vyx/1M9yv6F8tn/X/dUxxH8nH7Vn8bz8bJ2u8b7QijEvVueDxhsXC2w/jdfNHuWz/Z+4vyqysvw1vlVP89Pyz/L3Xk/0ukXyu8ObnzUfSgEjwKu3O070Ovxlr/qdvPEV1Zv5R/gWPYS/Oj+Nr21b43XQQ8/XEiv7+nn9ES3pno/w2f5P3B/RnY/ad+uhYOt1Afu8rEUVqmf1my0MIvrd7FE+2/+J++O2p5hA/DU+ojceW23PuFn+q/w9eln5rYo2j57mL10Dr30VE9GTzuG+b+VLdk982J71O3mexYgWL8KvWLx5rsdnYf8IepL2Tj2L/ornzXfmLx2rsH/3I9dYu3+Y/k/cH9Gdj9p366Fg670d98l9hx6b380e5bP9n7z/ub1ek22L/0XkI/nM7JqWxV8q4CznJ50nqrfSR/XGQgbRGzVW/iOk/Fb5rHRGf4Qv5TbLx8Ov1vv3WMbv5K1ss8Wo1Seyjebj0ZOOsfRm29J+pV6XfFGdrHuHca9q+1H/N+yPqOZH/az2LF6Wf7beU2CZyCv1ZgsBBn+2OK6wr/KL8tF83r4/HkP8NS0P35LP5/Z6Lba9dim+J39EL3p9MvRm10qyI/lZ9KTi0JOfJTeEP+Yj6UmFs6vQy/idPBaPtY3mg+rNeJ74iN5nwkOuC1OvS76oTobd4ofqZfo/dX9ENT/qZ7Vn8bz8ar2nY3U9tGItS29clLD4Gi/LnnUczefsr/c/w/HV4tjLX+2vijaWPTt/a1xUn6XnKjgc+c2KH0u8EWh+7O3qvP+1Z/1O3vi68lnpWfwRPpqPR++zQW/Gk7Yz9Xbmq9kq7DOb5f616rH937A/oprfzR7ls/2z9brCWhRV6a2KGjZ/xWPbtfxYfDSfN+7PrgWqp2kifGs+4/bsmMduiY/k79FD9LP0pGsi2b3XzxNvFRPRm2l4+aucpPy9ev8i63fyLDZNL8KPLO6s5yb5ePKz6ll4s+MWjRXPckzTt2rt0vP6WzQ88bz6v7A/oprfzR7ls/2z9brjPvl30EP92Xy2vTv/Tfvj9nisez4zzmzb6n8JNmv+WoEVvT6a3jXhIXqjxuo87ryZ3sy+ym+lN+pYrt8Iy3gn5ePhSxro9RDtmb+TN1uManqMba99ZlvZredrje/Vi+hb9Kzn4s3Dc31Zehn+kh8Sj6H/C/sjqvlsO1unq/+vAL1OloVDpX+Un2WfffI/82Pzrfm8cf9ze70m2yv/2bVk8JF8pBiWeDP/VXyPHpKfN99V7tn5zriza8fMz1KUWuNbzxXho/mMfE3vj+1Ov5PH2mbYP2DcSHyvHlN/pqf5WY5J181zfdl6TH+LnyUeS//N+yOq+Ww7W8fLZ/tn63WFVmytsLo+Vj2WP4ufZUf9WHzr8TfuWwoaqRhb6Xj53nyi+WnxvXrW/LQ8JN4dVfmOx8b4WflpY5g1ftY2mo8776zfyftMjlXyWXZtmxkf0bNeF1R/xkNia+9R5Pqy9Zj+Fi00XkT/V/ZHVPPZ9my9bv5vBXpdLAuSSv8ov8q+ylNbjKJ8NJ837o/bSDEwHmPwrflo2lq8FVeKj+h58vPmuyoas/PV4jPzk/Skc7LmZ8nBykfzWfmI9qzfyZshk59l/yzs0r52rVY+Kw1LLJb+jGeJZ/VbbVuOsfXY9hUX1Yvq/8L+iGo+256t183/4E/cJ/cn+Gv8bvYon+3/5P37s4/6jxoMvpbPZziOxLf4o9dj1Bt5aH6WfK9h36s3aq70Vry7beRfin113UbtUcdyvis/CdL5oXxPPlr8f4+xfycP3b7ve3UQ++w4U3/ctp6r9Xx36lfEW+my9Rh2LX5UD9X/hf3dx6vs1Xy2/279KniLqhW062JZSDD9o/wu9lnxgPDZ/k/eXxVimv/n9npNtr18Sz6SD9vfo9dJf8Yd3wtNb3xF9aN2y/la8rUU35brMMab5YLkA+kxfycP3V7Bq4PGQf1Ru/U8ZrZRf8ar1s+Ot9Jl6zHtWvyInkf/rfu7j1fZs/W6+T8drPO3FoureFn+Xn43e/Q42//J+5/r74WlxX9WsDH43nyy/LXz0PR268+Kk2vCm+Ux43v1o3YtvxVWcdBtVN/LV+2s38n7TI4hejN/RN8SX+JH9dHz+G5L+5JetX52PM2WpRexIxqonkf/F/ZHVPOr7dV8tv9u/SxYFwxWaNfBshBg+kf5Xe2fYR/ls/2fuj8esxYT922tOEH4Uj4aN8Mf0euoP15zy/VY8VF9ix4rv1k+Mx1rcayd3xhz3EbzsehRfycP4TMWPxJHihfVRvQ+C85H0VjZVjyLvkXT6pcZz6pfpbfyR/nI8xDJ5437I6r51fZqPtt/t3427pP9E+Kh/mx+N3uUz/b/pf3P7fWabEf5K//rmmtl+2t6I6+L/lh4rPRXBcq1sGn6MyD2UdujN+Zo1UTyj+jP+Es743fyZgtP64IWWcBa/ZB4WnzUbuVb82fpW96bGU/az44n6e/QG+0I3/NsRPN5w/7u41X2bD22/279LtDOk10EjvFQfdSfze9in33aj/DZ/k/an507qqdpInxLPpX+Hr2364+vktaqsPfaGXraeV2L45JeRH+mtbQzfifPy0d12X7R8/bqzXiZ+pZ4M541flY8aXuH3mi38q3xvPpv3N99vIu9ms/231XhMvEAACAASURBVK2fBWtxxTo/7RNitj+b380ePc72f9L+5/p7IfnkfNj+Iy96fZ6qvypAVtfbVLAA9hFePTQOml/6ebB+J2+2eEX50r6mr+l5dTL1PsX6lngWP2mbFc+iX6k320b5UjyG/hv3R1Tzq+3Zemz/3fq7oJ2XdSHgjYfqo/5sflf7Z9hH+Wz/p+yPxzyL/5WWhy/57PBH9N6q/xlepXga32Nn6a2uwcx/xpXirXw8/KWd9Tt5FhvCr1pMfYZXi57lPNDridos+tp+xG+WIyueVX/lw9LT/CUOEs+qb83nifurY4g/k19t9/BRTZZvB/3uuE/uHfVnCwNmPE1f02PYkfhoPI//uBBE9Lrtf495/GfvjZX/uR3zxNvhr+mNvB36l8Fvpj/zm9ks8aTnY0T0eUP1ZpqSvyceoj/yV8/UP9fF/Z281QIU5SML3IidoWflW89f019dK8TPGy8S3xNP0rceQ/QQf0t8NJ62r+XzxP0oj328yl7NZ/lWar4B43VhF33SwiDDFzkfi76mF7Fb488Wg1I8S7Fmzceq12l/7DJU+M80ZtszbrW/R2+3/vgqac3ev+p4lXoe+1XMn9n+Pcb8nbwVUD4rD3aeo93Kn/E8+qt4Hr8xvsXPG98bT9qWrm1Ez+JvjY/G0/Yt+TxlP8pjH+9iz9bL0tih3RnaJ7JMbY/mqiixxtRia/qRT+gR+yy+VmhpttWxlfaYj0evw76Ud4X/an/UQYtPtv/I8xbD2fqr92N1PbLef2+8Kj2vfUQWX81z1+/kafxqu5e/2l7xvPpavBUPjW/V8cRH4ln1V3yPnsdfsiPxtH1LPk/c12yIP4NfbY/wUe0sjUy9p2K8DtqEjmpH9VAN9Hw0fU2PYUcLt5Uewv8M+zONiN7O/c/wWuU/K9i1Y7v9Eb1d+tL7MdNf8avj7dDz2q8C/sznD/uu38mTuFV264LTwkOvV9Q2Oz76afurbYufJ741Hlvfqof6W+yWeJZ9az5d91fHInpMfrW9ms/2r9J8C2YT8269iIbFF9HXuPfFjtVf0rTo3e0M/mrxZtUbtaR4nn1J35JfRF/aX723Hv/P7ViVv6Y38ir0r2E/8v6tNJF4Fr+Rfyl25vMftaPjV3S8+8Me/Z08xvYOu3RM0qvW98az6Hj8xnvDGt8Tj60v6aH+Fi00nraPxOuyH+Uhx7x8hh3lInoePtt/t/4bIC06dumN7xuiZ4mP6Fv10IWPFN9iny2+UL62OLforc4vWvxZ9O+vEf3LwJ/5S/Et+pIP29+jV63PjDd7f9B44ysaT9ND+Bn2S+Cjz591PPh3e/advBGWBWpku9o+41n0qvW98Sw6o57Fz/q+suKx9aVtxH+2b4mhxUP2pRgd9qM86fiKy+Iz7VaOh+vhs/1363eF9gkvS9+rF81Pi4/qS3paYTbzj3wCrxVSHv4Yd5WHeeEWjLfStJ6rRf+7P9NH8tPie/Wz/GfngehV63vjWd8fSWfmv3o/0OdiBPIcZdi9eaH8v+zSd/LGfXSxivB32D8A33peLH1GPG0/orPaZsVj61v0UP8ZX3seJDuyb4nXYV+zIf47+Kh9t162f9dY3YBM8jv0x/cG1dLio/qSHrrwscSX7LN4LP5H2Zf0tIUdGm+lObuW0eJhPIbkZ+FL+ho3wx/Rq9ZnxVu9P9Z40vuLxFvpofwK++x8LmHbw//L/j/XGp/FdgZ/ZosskDT/2eIPyXnGl87/ztf8ZjqWeBYdLR+rjoW32q/Wz/af3TfI9ffszxDRs8RD7FJu1niV/FmOkp4GND+rZgRR/4P3wnNvoM9DhMN4fjXf6vEI1WPGW/lY82HPH5nXp3o9gOpl6nvjWf088Wc2S/xVPAmSPqKHjh+o/8ih8v/nmr851jeGydduEo//7ObL4CP5zGJJ+9Zj0v7ufJB4bH3r+4X4e/ja/YbuR66xdV/TXx37XPr10PSs/hJ/pT/z99gs8T16DB+mf/d4HZF9Ddj62fdl9Dn82qXnjD0OWOJ5+VL+6D4a7z6HMOeL1fyIxBttDH1kroz6e/SY+uOrJ9742im+J57Gt8Zf8dj+Uf4f+57fyavme/2rzsPyZsx4nsHSo7M7n1n8HfrSNuLP4Es5ofvotjU/K8/y3CDHrcek4x4ti56Vs1MPAVuvWzwWvH8ayTpf6U8Zq/W0PxWUfGZci56Wr9VujY/86WiEv8p/lbfFz/qnnlIejH3kvO/7sxyZ+t54Vv9ZnpHradWPXo+Vf7f43njW52KElbcC6k/n/8/NeH8dt8djbP7MHvG/v1p5Xv6da/GfcbT91bZlf3c+1mOZ+pIe6h/lj6+e93QVaxbHe8+snsXVsZXdqj/T8Pgj+lablaPF98T0cHfodYvHxO7cO733Hl/Gc1f53HvGQe+4Kfmj+5Z40fnGuj++Iv6WfK36mjYyp1r9ET2W/up6WONJ17NbfCSe9X5BdFc8hj+L/y9W38nThDTbbPCxann9Nb50kSzxvecv6Wgx7hqWB4aRjyU/Tz7aQ4bqj3lJD1ckPzZ/hsj1HHOQYkj5RJ5viz1y/pb8LGOKx8aK74l5cNAR7HuX/exE1y8ze3Q8i+TDGG+j8wsSfwSqr+U7ctjzM+qv5bvSY+qP3FX+ml9m/JmON7413gzs+Zqx/kDXO2b92XfyNAGNr93cGXZrfpJvVN8azxofySdy/t780Hys8bPeX00P8Y/wrfd7dN9yjqtjnws/n9m+FG+mb83PauviH/XxxKjU6xYvA7vPods9wL6HK/TQcUfTlPRGPnsclPQy9y353V89+pq/NgcjfI1r8Zfmcsv5RfQ9+aPvcST++MqOb+FL91OUn2HX8ptxl/zI7+RF/Vh26SJKemx9NB56Xa0P2koPzcd7fSz5eB50Sc+ah1XP+vBF+CMi/tJ+9DnzxLfGQ/noc4fYKvwj3Az/bL23Iev6WL/n4Y0f/U4f6u/lZ+l1+c6eJ5+K7/RZ9q3/fbslz+h5Mvdn5xPJd6XH+g6ZxY/5fnvj7/6O3gjrfWvlZ9u9ef3Fl76TN+5bF8fjq+THsF8D16JnPS+PviUeGl/KB83Pkk/k+mj5eOJJvuNrVE/zZ/C1/BF/z7VE7J744/FVDIQ/s2v6VluFf4Sb4Z+td2BH9rWvvtfY/KgeOi5pNkmvYtyz6jH3rfNKVB+Zz9D5zzN/r7hSvtocz9ZH8tf2WfGt58uIb3kdY0b5FXbJb7Y95Wf9Tt7MpmlE/GcniuQ842sXUntTrDqW+DMdRn4WHUt+3nys8aR9y32B5OfJB+WjzwOqh56vdC6rfJHzQc/fkt/Mx2Or8D84OOgDbbxDbF87Mp6i+VjWB5KNMR8g+UXnP3S+j/JHHmN9sWs9JOnP4nnie3Qs+Yywxl/5rfLzxEP00PEC9R85Ij/zd/K0N9XjP7tZMvhIPrNY0r4nvuWB6pQfko/3/YjoMexR/spf2o7oW/Yt8a322XvH4kv5ILYKfwaf7Z+td4Aj+z2ovufY/Ao95jjAGhdn/gw9xH6fo6LzzSweos/me+zIemTctx5j6VvyR+OPr5F8LPkh/mh8NB5yPVY8tr/I3/E7eV7/7LykCz3zZw52UnxkEOuQnzcfa7wZH9HLsEf52sM6g1df0o2el6S9i1/pH+F6+NV6T4ufBfS3kqywXi9v/JV+9DuB3b+zh36HDolf+R28lZ9XD7FL52XZR78DhZ4Hyo/ax3jffUtenuuH6rO/48j+jt4I9P1c+c/ex4r7B+WtgPqr/KzfyZMW4x7/+6uV5+XfuRb/GUfb1/Kx6nTMz5MPEs8aU4rPtEf5Wu7X5FhEf3X9Vs/q6phm1/QZfKutwj/C9fCr9Z4WPxO7z63bvZJ9r2v8iD1j3IiMayu7ZS5H9Dz2yHwzm9MRfWQNYuF77SPXemylIfEi+tb8rfGl6+XJB72+Vv/o9fDeH9p7rN3/Xn+Vb/2dvNVgsuLP7BF/VM/CR/KZvbkzrhbjruEd7KL5WR/IqA5yvSzxRpv0cCD5rx4a7f6Qzn/lY/X3PH/I+zWLIdm0/CzxmHzEVuF/cHDQG9XjR4TvmX80PaadPV9Zzgfx1/gWvZXdul6oXh8x1oer+Gg+Vh1LfhKQfCLxLOuTmU9EL7Le+wOW38nTbk7pRkD9JTuTv3qQLP6z2DPtSD6WB9ibnzX/aH7WfLzvz0rfqof4S/E1viWmZ18apFbxVsc+l37+Vr2ZnclHbBX+O/jVek+LX4Hd59jtntn9jOweByzjLMpfjcszfmf7/dW7dkD8Jb7FfrdF9T16luuw0kfjWeKj+VTnh/rv5FvfT8Rf1LP8Tt5MUBq8vP6ovpcvXWQknvVBQPNBBrFIfuiDHMkvEm+mZ8kL0bM+PFJ8i82y7dm35mWxo8eReKgeYqvwj3A9fLb/bv23wXq9nvIdvpXek7+zl/GdO8mfwUe/Q7jz97w0+4p3Lfys2yt/b95fvZlfRN+rZz0/i5/0vljja/ms9KryC393LZmP6kXz+dfP+jt591fL4lR6lRbdFnuUf+d64810Rg1vPtq+5fp5dKX8I/lF43nOF9HT/NH71ZqL1d+qL8VD7Kvr49VbgcGv9I9wPXy2/279X8bua7v73st+VjqNGwy+NO5Gx+Fqu3U+i65BVjpW+31fm/NRfURv5YvoW+JZ41vz2ZWfJ58dfI8eqj89bv2dvJlNeuM0aHy23oy/8o/qrPKxvnkad+SzdVd+qK72kHrjafcNmp8nn5kfcn1WGlI81K7po/FHLqJnsaH8Sv+Dg4PnIvpso/6e8V7jZo/vmXb2fBhdP1r0mOsHRM+zvllpWmxafMb6MTM/CVI+mh+TH9Wz6C+B/E6e9SZY8TX/VR6IHsK3nDdDzzLgWa63NV9tPyN/JD9PvKgew27he/yl7U722Xtj0bPY3ANYgf8OPtt/t/7B/mu8+x7c/YxV29Fxh8FH7N99zxoC2bfkd58TPXqSv0cfXQtZzsuqN8sX1UfWMp741veoIj9Lvqg/mx/Vs+gv82D8Tl7Uj6UXjY8MLoie5wHxnK/3QdT0vfmi8aUbd3azW/Uy7NH7UXs4rTrVdost+7lF8/FwPFwPn+2/W/9Axur6Z31nbxXfGy+aPxofjafpW+2reKj+TM/yXSyEH7Hfj91jMfbR3xGbXYfM70Rp+t9jM13P+Wt60XxHrOLNdDzxtf3znT0MXj3Vz/o7edJie3yV/Cz+Hr0If+ZvvQ7W11Vus33P+aJxEP1ovp74ki+qx7avYkf9R61u9u/+7D2w6jH5iA3heLgePtt/t/6BH9XvDTtet2clatf4EX3LOIvwvXbv2sG6P5vTtfw8eggf1beuN2ZcVG/Ft+oj8SLxtf2q/DKvVxY/orfyX23/+2r9nTyUM75RqJ3JlwYFi84qPrLv8bXmb3lAxn30fCy6q3w98SV9q57F32qf5SftW/SR82XbtfgzO3p9NCDPoYfP9j84ODiwwjIPsvjR8Zs932j6s/wietn8McfK9Q5yXyDxvPEZ61zP+lPjWq7XCOv6cebH5FvslhhTIL+Tt7roqL/2sLD5M9/7vie+RXfMAX215q/tV52Ppo3E1/iVdm0b0df0EH3PviW+xc7kW3yy7dV8tv9u/YPngX1PdHtmsscEzzin2SJ8i95n+BfRk+z3V8tagq0n8VF9j107x8hayHNNtbUOEt+TD5pfdb6oP5tvsUs6or/0v2uuoD2YWTpRvvXG0/Q8up7rhMZBz499Pqz4Vv0qu3Xbej95eZF9JE+LffwX4WvXoMK+yk8Dymf779Y/eDbY90e354f9/K/GL8nXOsYz+NV6kfkrSw/VtfJRe/b6hxXPGj+aj/f9qMoX9Wfzs3Rcv5MnBbf6318lHRYfHXC015XOagJA9dH8o+eH6Gp60fgW/Wq7dB7I4KE9sJZ8vO+ZlAua3wwMfie7ht3+u/UP3gP2vYLqZT9L7Hyyx8EIf2XPmge0OW61b5lnPXqIHeVb7COXsebRco3Gs8T35mPNb1e+nnyy+Na8If/I7+RJmA0mWXzUb7ZvGfysA9Fq3zLIZMQd46900TiW64/EX+mvdJHzsfhLdss9hg54kXy0eLMYmk0734jewcHBwa8ge/z0jN+Sf3Q+0Oaz7PlzpoXO76z1gvVcveshz/owY33rXc9auGi+Fl3k/ZnpIX4efoQj+jN/J2+ls7Kz+KOv1V+KbxlgvPqSrmW/y/lp2kh8je/RQ/wt9hVf2kb0LPlY4q2OWflsPatPJ7uG3f679Q+4qPoJhc7o9kxkjDHMcdQzjkv+0XkBsd/nNstaJKLniRfR017RtY8lvvUaWvKTdDznW5Fv5PpZ8kX9PXwpjqYn+s86echAIQHVifKjeVtv9Kj+Shfd98ZnnR+an3RjSnyvntXfatceqJWOVc+rY4kzG/A8ehabxkfss/yZ+hrQ+Fa9LGTrH8Twz+LfwX/R7flgjDeWYxp/Nf6g89ZKG9Fj2dnzH2s+9+ppyF4fea+nFt+aj1V/pYvmu9LPyjcLrPNe+mf8Tt74Kumw+Na8ra+rXDz5WfL1PgAdzs+THxIvqhfVR9+La3IM0ZM0rfFWdpQvaTD4kh0d8FD9qB4Ktl61/kEMp5izo9uzEhlb2OPkyLHoI/l75hWvXZr/ZnM8ooeseSx81B7RQ9Y8M+2ZFpIfuoZC9Fn5Rq9f9P2y+CNxNP7Krvpn/U7ejJvJv/ut/NH42r72Jlj2vb6W84vGtZ6fJz8p3krXEleKF9XPPh8tXyne6piEiB6Df3BwcPALyB4vGfMBose2s+dfzR/le+xRPev18qzPxn10PelZe3ryHRHJH4G3/oj4R8eDJSfzd/KsehJ/dnN4/D35WvVnuSL7Geen7SP63vyl/DS+x67dn1H9a+DNtjP0UPuKE9HTbOwBijlAdkBFfqdT1Bfd35vu+Vmwe8xAxlyLD+N8tHFe8s+epyT7/RWZa2c61nWBxEfs18Ct1pvpW9aDVj1Jh5FvRf5avGi+iD/y/q94ov/O38nLjiNdKEbenhte2vfG98SxxIvmj15/q97KrvGy9bN4qF2L5dGbDbaShqa/0tTyX2l1RXV+5zteuVh9p0771wXd84ti9/hhGX8tx6x6qH7G/MC2s3isbdTOXu/sWr9Z82GtN1fxkDgRsNbjVn/2c7D0z/qdPFRPekXiaPmy9Mb80BvSex0t56fto/EY+SPxo3YtL4++pDmzs/W89hWXoadxNH3ExuBXY2d+b1q4d8HTr+nT80eweyxhjosWO6qPxMuYl5A5UZrjNb2ZP8r32NE1EUPPcp6StlXPsh705JudP3J+Ff5W/mp79Tz8dTzrd/Jm/MhAyvBf6WkDYGSAte7Pzg/ZXz1Y0r71/C05aO+PFH/Fj9olePS168vUQ+0oGHrZ/IODg4M3gjEWovNf5nzBtnvmdy1ehB/Nx6MXXZd51ncr3ej6dKUr7TPyt8ZF6wv0ftX8oz6iXvR38mZvBovP9recp2WfFV86P09e930knqab9f5o/A72a3JMGnQYeqh9xYnoaUDiZYCdb5Q/w+7Oye74b8LTr2V1/k+/XjPsHtPQcdszr0j+2fOYZNfWLpreai728i1rqdWrxous5bz+Y3zPeXnzZec/vq7ijDG8+Uf8LX4Wnqj3n+tvWAcCZMDw8Nn+mh66zwbyIGh5ed6P6Pmy+bvtu3isvGd2TU8DGo8NVD+br+G72M2+Llr8g3eg2/vZLZ9sfJ/jrPPW9D8T2+yYlW+Jd7db9Nj2WU6Vehqs/ll5z/wY53GB+Vj1LXGY8VZxZnEtetHrzbpfzDzv7+TdX608L5/tP9PzFjyM+LNXax6zfc/7wTxfNn+HfbY/2jL1vPYV16KnAY3HBqqfzUfwa4vhAz663UPd8qnEzrEOHcctfGRsz5i3LHOmtibR9GY6Hr41H21Nh9olPmNNqmlHX6V8Gflbz2eVS9X1Xm177wdVL/I7eRGf8UJ5YkkPbUTXsj/Ln7nP0PJcn8j5ruJb40b0LPFQf+n9yNZD42nw5H9wcHBw0A/o+Mwez6Pzl8ce0ZvZ2OuZ7PWLxkfmc9Z60RrHs16Oxl2dD6u2iT5T7PXX0sfzO3neytRbqSJxI3re+OMNzNhn5rfKlXm+Gh/VZ9pX29KgtvKt1FvZV5yInmZD4u2wR/nXld+Z+OXOx0EM3e6d7s9Kh+vVfcyLLn6z5zlpjkX17q+Sj5VfaY/y71zvWk7LR4sT0be8Srkw9Rm61rUjEk/kzb6Th0J70Nh+K/+onje+5UFC9kfNaH5SHI+eNV80nnXARu3VebD1kHirh147xuRX2qP8EdnfodO++3KQiw6L/07YfT3Y8Xefz4jvc239zhtqZ/M9/t2/o5el2/U8R/7od010LHpaPqPuLA4Tq/NjfadvjDNuZ+mw4v2r5/2dvGjleX/1+t39GXlEXu+5RPfZ+WdcHyRfNF5UTzvXmZ/Gr9az2ldci57FhvIr7VG+hPO/Eb4P5xr/id3X4+0F3h3dx0LL3IHEypj3VnOsprdac1nnbOuaj21n8rV1p+dVym0Wm/06i5EZJ6p/zzcj3orv/p28CHflz1ik3U9QG7iYi0I0lmXfMgihQK6PRee+L/l73t+onjTwe/iZepo/Ck88ZvyDg4ODg/dAm4+9vha7hS/Nt5b1SYQ/s0f8UT0LH1nv7V6favvR9SuaR1Sfvf6FuJHfybNWkuxK16O3isGIk/U625bOjXl9onoeO3r/rezStoefrbfiIEDjofZsPQae3hno3Il4Os61/RO7r8fTn9UOQMdgBj9zXEfjR+zanI3y0bWw5n9/RddmGWu5+z577byKI+0z489epdzQV4+/h7+ME/mdPDbYca03LiseG94bH9VnXY/oAIzyWP6svLP0rLEs8RCbh7/7OWJ/py77O3qreAc9cd4fGeeDkVp8xyXkd+5QvvRdMjYs2neOlh9DL8r3+u/Ka9S5JrqMe0CLo+13/45f9P2gxWH8Tt4YMPoarZxX+a0KpYx4zFekwGNcn6ie5m/RX21b77cZN8Kv0kOwuhbaMW98jR89HyZOp+CAjXMPyDgF3j6gYzPCR+eVKCzxIvOsda2B8q1rFMT/I9ijfGQNmLFGlnKX9plr61UO7DW11x+Js+SzfidvvDBRZOhp+9pF9u4zId0AkbyQ62GB9v5Z7JYYiC3CR/WsMTJ9M+/Dg4ODg4PfQMb8E52fkPkZXU8w1h+R869ef0fXjzM9bd+73o4gsn5G47RZ7zF+J49VuWbreSpixn51/pa8EL2VtsXfmi9iX22v4rP4iD0KJH5U32OPIlv/uk4374CH897LeHoX7xffX/YcEp1HtRjMedpSYCD8+6u21rCuRaxrNs/ajukv5W9Zm2a/WtfDzHhRPTQvkcf4nTwpqU56aDz2fjasD5o1n+zziQ7Q1jzY/Mz3VZp0GDE13+z7tOI5uCPrO3oHB9d17oconl4cPh3fcTHy2193/89E6wPYVzE6/x4dOw82z5sviq/GqHtN4jDiWfNZ5THLixkv+/f0zHqs38ljV7KZepZ4WQVeRf5aXmg+nvNB9SW+FtsSP8q32Gd8BBa9SAzNN5p/NH4mzuLugI1zT8VwCrw+YM5d6Lw5O8acl1f21RoA5a/WXNqaTONZ4lv0svwlPct6uGoNLOWRdf7svK1+0+Os38mb+TIXdWw9JC5jf5Y/uo/Aou3Rl84nom/hawN5Nh/Ri9pRnx3PxsHBr+IUDAcHa3jmv+j8j873kXzQ9VS3+Z61no6sb5mQ3o+KPHZrilzm7+RZK8vdlfKu13v+q3Na7Wfn4/Vn6q/0pO0KfrV9xVnBM2HuALowPt+7OeiCf4Z/BzE8vYu3eyzbAUZhoellzrMRPW3NgPKltZCFh+h59DV/Rh7MVy23qviMuB4dMX6n38nT0DUvK6QbU9offdj5dNdHddj83XYJTynwvkC/I9flO3WdrymCNyw2O+Fcz1o8rTh82/3xHQe7fIfPY5/l1IHP5rH8Vv5XUC+Kb8zZeVXmE72uUR3Vj/U7eatiJKNy3lGps1+/25b97PP16CN8i77FLhU02fxddgmaXmc87ZPw3fEZeMM57Mbp6O3DKfD6IDrP7J5XV+sOyaatjVG+tia0rlW8a07vmnXU6rCGzl4jW/KIxv9u0+OzficvS0PSlh5Uy/5OeHKfvbnMfBDdDL5kRwsaRgHEnkii+WjodH8f9MKbF5wVOEXdwUEeonMle71q0YvwERvDB12vSf6V6wypgN65vmesL1m+qgbzd/LYlW2kktf2n/g62/ZU/qxPEjx8SWdltxZYKF8Cu8CLPsRvLOBONy8Pb+84jeeX/e9gL97exet4j0U+FPX4V8A7r2trGYveTMe7ZrbyGGvf6rWzdf1elc/sVco1oufVEf2Yv5M3BpolkRFHuyEsD+sTYL3xWfps/q641deJGe+J9ykC73f0ULCuY8fFGIKn578b5/r1xtuLwWp8x03k+0F3Pupfgc/F/U5fdj67dHdfh0vZf8t3ALOvc8rv5I2+ER1PZa3td/gkIPIqFXgsfUTPwrfYLcU4iz/bnwHRs9gRvL3AuyN7wO60yKjE2ztSp6N38MUp8PKAzkWeuTYTjHncssaw6LPWypb8PoIdXVNXreFnse/7u9besxyYulG9lX/q7+RVQnvwZvvWh3b3ACVhVWwxta1cjS/Z0YKLzfcUfB6Ng4MKvL0oefv5HRz8OqLzLWKPFrEMfXS9pdmftn5HiuhqaIV8VgyKb/bv5O2svFmfHIz7u/POvt6rbfcnCUY91H+1r/E9emxEY3YY+EZ0/2T7TUXB0ztOp6N2wMTbu3i/cM+z53GG3cq3FCgIP7pGQ/WyagDLa1WcyOtqm6mfll/m7+SxdLKwKo6s+93Q9X2L6nXLhxXbE7/jfXcH+h27lf8I1nn/wmLpjref79vP74CLtxeDT8fnwr8jF7VHcrTo7Y7fZG4TkAAAIABJREFUTb86ThTd81Tzy/qdvCdV6pECr0P+4ysjv9W295MITQ/1lzRXdoZeBG8v8O5gD4TdBtYueHrH63T0DqpwCrxnIDrPo3bLvGpZR6zWNCiftTaz6mWu/S1xOqyZLXmO2xlxUvLL/J28Ck02tAFgVUxZfCsxyw/1Z/p4BlKEz9DPLPAODph4epHz9PwPDg7ygMzVGXYrh+W7Y70V0Wdod15jWRoG2fFoGv+5/ixcZuSnVMI7K/zVpxNd8vP6M+Os7NL26pjE9wzgkfi/gn8u7LxRfrVeJ3QveLrnp+Hp+Wfhrc/TiLd38TR+x/v/c/XLa8zpvi/ZMvj3Y+OrxT7btr5q+pHXK5BX1es3ty+y870W25T3K+N38kZoC+inwlPgVaLqukfjoP7s80IKvDfdvx7MBkALXwNb71fw9Ovx9PyfjnP9/8TbisHu7++46O8IrRCL8tnYHX+Frnl9IRVemfmmX5dvkbcqRsbj3tfV9ltev9vS/u78svmW4tbqP9vX+BZ7tt6v4HTpctBt4hvRPT8NT8+fhfOs/Y1T4O3D7kW/ttBG7Gy9sdBYxVpprvy115V+RO877nTo1kn5XcOxirhp71fW7+RlanWEVqDcC74d12JWcFp8mNzs82YXZG+/Zw/64J+r96Kse34anp4/G+d6/IlzLd4PbT7v9oGulEP2eot9/p71ZyVm+VXnm/Z+zb6Tt9qOvmbpPuV1tl15PaxxVtuo/uqYZs/mZzy8nQewL7RuGdpNO908O3YvIn89/sEcT3tfrOPD6rxm/juuQbcu3hu6gquOxorjsUsxI/HH7svIn9kj/tqrpo+8XiSdrNcO+X2R8n5l/k5ele5TYCnwOmB3Xmj8nQVep/fNgtmfJSD2FV8DW++t6H7+3fPT8PT8WXjauPVFdnHEiBFBxfkh/Kc9L6tF+8hBCjlLTFZhmBEPBUs/O88ouudnhXoe0nfyZtus1yzdp72utndfbzQvyYdlr9BD8NSF0nXxu3rReL+C3RPJr8c/+C+e9j54x46sD60ycAo8HrSFr2RHCzU03oo/vo7cVQzUX3u16lt1Lqd/9mu3/L6gv1+Vv5O3I0Z33Iul7OuB6Hty0QquanTI4eDguv472O5eQP5y/INnA71/Rr7mf+7Pd0NbC1jWCpXriQ4fQEc0uq+9KtbbCFJzqfidvJnubPvXXy8jD9Ubj7Hy0fRX/hpf0ljxuyEjR3b37XTz/KheEL49Xrf4v4ruz2d1t6sK3bp4T8DYAamIseqeWPwlLY2vdW+s+SHdIYSv5efVyXqNnl9GPpHrNfr/cX4Vv5M34mkL9gMu0Pf/SfdLdn7jnxmgdq+eBjTer2L3+f96/AMZXd8f77jqHQ+74q1Frhff97XzeTELwyfg6flXI/16Vf1OnrWb86uvl5Hnvb6ovsbX9D3+mp6FvxOV+VR39bL9n4q3d9h2T9C74/8Kuj+7p7g510ACe3EsLbzRQk3Ts/Jn3RuPPtIdQvirHFD/qlfv+WXkwbhed/yhV/U7eQc6mNeboRXV6HT/dMrl4Pn456pdNL09Xrf4v4ZzvQ8O1rCsH7qvMZD8up9LFG8/vz9w/07eHbMOCqtblaX/1NfVNut6s96fLLuFjwKNvwPZ3bPTzbMje4F79Lnolk9XoM/j7uv61PEjG9VdPI0ftUf5XbDqCs1smr+kNR5Du0GaP7u7hOZf/Ro9v+x8otfrD70d38k7+BPsAudpqD7/Ttf4/kBm+K8mGZTP9n8Lqs/37fG6xX86os9zNc77jeFpxV+U/0aghSHbP1uvG95+fn/hXuRJHQ9GVylT/+mvq+2IXiS+lFOVnbHwyNDMQHUX7Ze7dhKe3hF7uj6Kbvl0Afps7r6ObxxLsnEKvH2QCgVL4SD5SB2d+/bKR+ruSHZUz6Jjyb/6tVs+WdfrX5xO3ntROXHunqQt8XfneNAXTy+Onq6Pols+3RD9C4FqPC3f3Tj3fy94CrtK7Ix9sBnj/65532Z1k7L0n/56B+P6oHpWPqpn1UcgxbDER/U9YHe3srtzb+7mPb3oYet31/OiSx5VQJ+33ddnd75dx6cIGNeouou3+z7chbG4WnWTLP7Wjo/HrnW7NL6lq8TUi752y0fLL6R3OnkHGqIFGhvMfNjnw/5EGtXz8jWs9N42eT+teHubvhVd8qhG9Hmtxu58f+E+YZ5jdfF3cHDwJ9APAlSMRR6zSyV1dH79ddwej2XrRfkzO6K/smtg6mcuhJ7W1avWq8LTi57uHbjdi7jd8auAPnu7r8vufJ84VnlwCryekBbqloW7tePEtM+6SQjf0p1i6kVfu+Wzes/CuqeTd8DC7ol1d/yDPnha8ZWt313vafGrwf4LgWzsznd3/Ar82jPwZFgKu4ODFNx/J4/Rnbomx6q7ZF1f72BcH1SPzZeA8tn+FWB316L2KL9aD439JH2WXte8svSeFr8K3+eu2/lq48HuDt3u+FnY/RxHu3jsLmC358KKVffGy2fZte6Sxke7VVE9dvdshUfmczp5Bwd+oJ8Ya3yrfQTK18DW24WnFYdZut31nha/Gl07U+h4lBWvW/wqdBvfTnF3cNAM4/+uGekqSR2gX38dt8dj2Xps/soe5bP9q1Dd1Yvyq/VY6Laoydbrlk+23tPiV+H7LHY5X21s2N1B2x2/At3GwlPg2eHt2Kz4GfZZdwnhW7pVTD1G92yFHfnR8jmdvIODd+DNhV63BU22Xrd8svWeFr8a3Tp51fnsPv/d8Uf82v1/cHDgROQ7eXfMOi6/9iqBcX1QPTZfAspn+3uQXcREu3We/DIKPQmrWLsXId2Kmt3+bJ0svafE3gHLJ7xV+D732fmM48vuDl2X65+Nbl28X+nyaR03lM+yz7pMCN/StWLqZXTVkPdjVz5T/unkHfwysj+h1fStdgkZCyHr9aieTE9Hb69Olt6uGE+C9wOXDFR1tqrGZw2V1xZB9/HwFHcHB5vh/U7euD0e+7XXcXsFtn4Vf2WP8tn+XnTv6kW0vZoSuhaB2fF3F227/bP1qvXfAsunzOx4V2LMjA+uJH0Nv3gfngKvDt6O0YqfYZ91kxC+pTvF1Mvonq2wI19z/NPJOzjogW6FnhbvEmLunnC7FTNP98/Wq9Z/G6o6a1Xxnq5/cHBw0ALSd/IkzDoub3tFkHE9UH2NL+EXOnbRQijajbPEf1Kh9435hDhd/uzx6f5ZWjv034bKbl5VJy+7gxfVf2uR2L2L9ytdvm4dPlZ+li4VU6+iq7Yz31X8z3Wd7+Qd/Bain+BaO1hIh8uz8NjdQbNev92T6ynuOP4sjUy9X8dsgs+O9bROG1v31+7h7OLqFHcHB2SsvpM3bq+wu9uW2cWLdKiy4nv5K3s1n+3vxe6uXjSXHV27Mf4T4x7/vf7Zegf/RXZX72mdvNPBi+MUeHV4awfvvm3pTjH1Krp5O/NdxjudvIODOSoLqScWepXYXZwcfy6evAB7Ap7aacvS767XHed5PTh4KFZF3qzD0u01ExnnH40f4T+144ZgLHrQImjGlzSY3TwP3+uzA92KhF3+kbhPPecqvYM/UdHN697Ji3bwtLH1rR3B6rEi2sX7pS4fE9YO36xrxOCv8rF0rTzjz84uX2W+f8Q7nbyDN2H8hBX9xNVT6En6q4ca5Uu+vzRh7S5UKou7p54ry5+N3flUL+gtCyqmPvP8WJ2yqA46frP0u+JpxV+Uf3DweGhF3u5undQVq+zo7cr3dPR8iHT10EIP1ffwWb670a0b1G3REuW/zZ+NXflkd9VQsPPJ0LsCmqeDxwHzPT0FXh9YO3L37Vm3yMu35GPpVlnh0c/o5lXm+y9OJ+/g4G94Cr1KdMrFglPc5fLf5s/G7nxYnSkW2Pl009vtv1s/ii7PS5X/7vM9OEiD9Dt5jO5VFmYdpd2v7Hw1fzReRK8DIt05i57Frv3pZlU3j+GPxuqsX/lnlBHfysXH7kKt28Jpdz6nm4dpXQG93f6jzgqd7odMIOdp4UqcmY3J3wmtAxflV+Uz6zpF/C1dLcb5V3b9aNfjdPIOnoTxE9DsT2xXhd4IbVEg6XvAWoRUo0tHr6JAi/hW59fBf7d+NrILBhRjPlF9pt7uThyr04bOB93QYbxGC7So/9PHmYODP7D6nTxGV6uyo7f7ddyO5rvSOx29/6Kyq2fR9nQFI6js4o1xO+u/7c8ou+fH9t+t3xXZXcBuXb3dnTiW/wq/eB+fAs+Pt3Tw7tuz7lXE39Id84IRn5kvlM/p5B10wa7CxYKOuVXm1H3x/rbiqXt+bP/d+t3B6ixV6e/upD3d/214wl8mRAvKg4OWkL6TF8GsQ9T9NQLL+Ub1EPtTIHXk2N25aLct2+5B18lnV9HQuZjqnFsH/9363fGL3bzdnTjUfxzfGR2EpyOjwMu2a9y3jkVahy67oyh1tTzjAbOrtjO+N5/PdZ3v5B30w1joXbd9j9bdX9Nj2UdEFx0rvWp0Xch3LKC65dStiHvaQskyoe6MPwLNh31+swVilf+uTlxWR/RNiBZYET5D743vycGLsfpO3rjtxe7uHNLFyzxfr/5bO3paxw7twiHxLHrsrhy7i/eUiabTn9wc/in0opA+xOl0Lm/qynn8qzt5p4NnwynweqJLB+++PeteWWHR83TPdsZH8vkj/unkHXQAuwhiIKMw63aOWTjF3bP5bP9svWxYF5Bdnu+sjlJ1Z8zr/7R42Xq7UT1eZehJGk8bzw5+CKsib9Yh2tFdqwLjfKP6ETy1oxdBtDtnKbokjqdoe2qht6tI6Fb87PwkuprP9s/Wywby6WkHvKmb5+nMVcaLdg5HnS/Y91PV3BPJ2+MbLcBGTnScj+hpMTqNMSOqOn6WLlekA8fosjHGX0r808k7eDLGTzy1T0BX/DssEy0yqWdP3J3xS8Vdhxwq+Wz/bL1sZOfr+UApU6/S39PZqozH6rxld/B2P1PsAs7DZXbktAJv9/U+OFCLvJ1dvJ0dvax8s8939/XbhWhXz2pDOB5ud1QXAk/j745fzWf7Z+s9FW/qynn8o52y7HiM/O54agdvROV48gsFXtcCsqqDd9+2dLOs8Ogz42fk8y9OJ++gK3YWRxmF3gXwu+EUd73jV/PZ/tl6Twd7/IjqVft3j7f7eu7WX8XbrZGpx9Q/491BGqTfybN0r7Iw60hVdA+9iHbQNP9f6NDNiqb7MbQ7F+nmWexWzsiXwF7EZcGr36lYOYVejM/2z9Z7Ok43L94py+rMsTp5jA6AhKc8U9VjM2pnjpU7OoK7kN3xW/lbul7MDhyjC0g739PJO+gES6F3TTjXwo7yV/Y7PH9ag34i3BVPLu7eVtQ9rYirvre7PUvRD3A8E35Er9qfzZ/5vr2Tt3pPdv5FTGf/ncXdSu+tBd7BJqx+J8/S9ars6FV08U5Hrwe0Qm/FYfLR/Cw+ErL/TCcLuwsdlN9dr1v8bv7d463A7sJlx+vepfPwL8DnaZ28t3Tw7jgFHjf+Tuzq4N23Ld0zLzzxmPmI8U8n78CLaOEk2T2FVBTZhZ6mdxE1T3H3LL1u8bv5d4+ngf18Z8er9v81fjf/bug2f1XodxuzDl6C+3fyEMw6ShXdtixYzieq9wZIHTKtA2fp0HljM/jRfBjYNdB74+4udlBudz2Efwq9XvE0nG7ee/neTtxsPqz01/SqwH4uJD3PuI6MxVqH7mCNjA4eIx9L1y1jfKfEP528gyiqC73r+ntSlTqCM/4dnoky+uc1Wg4sZE0uHYq77gVb9+5i1P9pRd9uZCwAmPHQcTAaPxpv5KP5MPneTlq3Dl63Z7JijIkUhJZisNs1Pfgx3Iu8SMeqootX2dFjxX9LR49ZyEULvRkf7epFYnt9NL0O6FC8Ifyn6+3OP+p/Cr09YH9qnN0Vy463u6uHfuh3OnhzMO/pU+A9B107ePdtSzeNBWr808k78CBSVFnsGehe6O3E7mIN5T9db3f+Uf9T3O1FVgfH+xcVu+Nl5787Pts/W88bv1IvUuBFc8ieP874evAvxv9d875t6a5VwZMfM9+3dORGaB22XbnM9qN8jeMt9CS8/c8wUb+dxU23wusUegcRnG5ert7IvTbG9+SD6Hzx1GeSOXZ5CsToPPRPov2p76kFrA7grCvG7Aiir974U73TyTvohPETRfQT1NlDYZnIon9us8JTBtg3FnfdiqzqfLrzq/WeBssHVpV6aEGAxovy2XozroWTEd+TT6UOC9VjSHXHr7rAOzj46881ka7Yzo6ep4t3Onr/i04dvBmiXT2rDeGMfAlV17PbwvrXC6tu+XTnV+s9Bbu7dFH/3fwMvQvQrDh/JJ+V/xdvec6iHTWE84QC760FIKvjdd+eddOY+Xm6eZR4p5N3YEWk0LLYo6gu9DSti6i30u+i9+vFVLd8Itoen27349PBHj+ieqj/bn53vWo+278bMsarygLPE4M9pxy8FN4ib9bRir5mwpJvVK8Doh06zT/bvuJa+BrH6n8H689hqpFdtHl9mMUJI15lPqeLt1fvaTjdvBh/p56n85fJH/2+YHQsKsB8DioKPKTD1gFP6fhldPA8/pYuHLMjGIp3OnkHI6oLvWvCuRb22U1smbi0SVGLj+KJkx+qx+Z2KsgYGt2KvurCP3ux0Hkx4kH2Ajy7INjNR+0jmHpdO3nsDl63Z5D94WRGQdjtmh28HNEij9nFq+zoseJ36egxO3gWPabdkjOjQ2eZlL94agdvRPbCvroQ6RZvt93Dj9wTp9DLwenaxfjdunrdOnlP7eCNqPxQ8xcLvK4dvS4dvPu2pbvmBTXe6eQdWBApwlZ2tBjNLvRG7gXwu+EUd3n2Dl1AlFtZ2EXjddCvRlaHxavXrROl8aP27vGq+dV61nhVetUFXrcPCw9ehP9ccnerCrOOmKX792tAO3bRDh8Tno6fRcNiQzgjX8JT/uzFq/+k4qs61m57tl7Uv+s93RWnmxfjM7t5lk5ZdbxKvqbzxVOewcoPzRgFntZRy7a/BdEOXjakrhwt39PJO6iEpdAbYZlYov6azwrdBo0Rv1TcVRdd3a5BdhFWXSRG0e3ZtHwAxdRH9VD/3Xy2fcaN/Ik/O14lP1snGr9SL9KB8/ifAu+Aim+RN+uS7ezoWbp4v9TRe3IHb4RW6Fn4CMdz/lUdPDRutf7Tir0d9k7dRSvHw434MHyfEG+F7E+RT9eOb78Uzu54mfyV/xddnisUzPnqbQXeU9/TGZ7Swbtvm79jh+J08n4XWvGTad9R6F0GDSuy9LJwiju/Pbuws3BOF693PA3ZHZCofrdOksbfbe8eL8pn++8G+8Os7ALPE5M9Rxy8BKsiz/MduVm3LQvsjl6XDmF2x27kaP5Mu5aLh49yxoGO9ecr2WDFqS5OEG63Qk7jPK3Qreaz/bvH03C6eVz+bnv3eCP3AvXvfl+w79+ufxGzu8DbPXZJ+ezOrRLsjmCWnvh6OnkHFYXeiAh/ZbP4j/A+ZF0np4ju07pTGfbI5F5dhJ2ij4voApitj8bPXsDv5nezj+gWb8b13rNPm+9Y8TIKOonTbUy8rv75HSjQirxIF+909OyIdOQY/Gw7mo/ER2x3zh1P6eCx4z6tEKm2V0/qUe4p9LhAOiM7cz9du172J8S7AM2ndvBGRPI+BZ6cX8d8WXhKB+++vXw9nbzfhFYYeey7C73LoOHl78Yp7ux2z+S8+3xQ7inuuPCe/67xIxo/e7xk81n2FSeqz9arjhflo6jSz/TfWeBVf/h38GDcfyePiVlHbNbty4z3BjALJ4u/NzdLfE0jWuh97XegHb7u6FTs7S6M2IXg7nwRPqMQ9HIjPkx/NtB8fq2bl61f0Y27BA6zu2bpnFXG83byGB0HCV3GgJ1jM4OfbdewW5+FJ3bwVJxO3vuAFk6sWKv4Ixh8jSNxJX5XdCjudhdBqD3709jddisnS4/py/CvRnW+0T+hi/hbixZEX+NH7RrY8WfcyAeSzHiWfCJ8TWfEE/5c0+KfMcdE+DsKvIPmuBd5mR22WRfvdPTWiHa4OhV6GfwZ546nfIKIYvek9UT7mws55ifQHr1u/m/F6dr5480K1N1dw+p41Z28p86/lR+adS/wPO9RdkGZVZC26Lhl6Z1O3sEXWjGVXbhp/EvJL8LvjlPcYfbMeBWFGbsY61zcdV3wdcJYoHj9veNhdafIarfEnHE1f1Z+1dejy/z5tPmXPZ5qnOoCz6rJ4B40w7fIq+6Ade243QsNawdJ4kft0fwy85W0M/hf+x3sDl8WWINk9mJ6Z7GWoV0dz+qbHd/D3V2onYWEDNb3pCLxsz499/pfgMYYj9Gtknyj3UamnZ1Ptn83MIvADgWeBkSfPfY/+Z5p1cH74nTyfg+MQm9EFX+ENulZ+d3hyZtZBFQXYFF7RbyMT3O9Wla97E9vdxeKB3N4Ft2WcRnRZ+tpQOJZ4mt6qH3GzezUMfPREPXfhW5j8o4CT8NbCrKfwVjk/WpHj91Ri9qj+Un+HfLz8O94SgdvBPMTth386kLpCfGihVynYryan6XxJuzoinTr2o1al6InxfMWvN54VruUE6OTx8zHoh/x7wr2h2TdCzxp/vR86InEe9K907KD98Xp5L0XWvHELvSQ2DP9C4iRzWfjFHc8Pc/kyY5XWWxlLBYYMSP6GRpvhdRNQjV2ja9MPcv1YPtbz0+LmdWp2/1+sf27IWP+rSzwGPNR9ZxwQMKqyOvSYXsbqjto2fYV18Jf+dyR3eHbBW8emcVeZuFSXShVxKss9DR+h0m6+oOMX0P0E112dy5bv6J7FrHP+Jfg0ynfaDeUoY/oZGP3h7DIXMEo8CS96Nhv0dPOJwpUPzsfK1I6gqeT93xUF3rXhHMt7LObVNJf6WkaXn41OhV32UVK9qeNGZ+WRuLttmuc7MKNPTn+etE3Gyer/K1FgFWfobfT7v0Tz6x8PPYZ18Kx6Hn0EZ0uYM/DjDmIWeAdvBBakXc6ehxECy1Jj6GP2C05aoVbZIJi8Lsgo3hD+NX27oVjx3jM+FaOhxvxqdB6Ek7XrpddwqwA3J2vxX4pHEQvqr/yr0b0no6OrZGCDeVnFIDSfL+j4ET1dxXAKR287/bp5D0HSGH1xEJvtF8KJ8LfjVPc9dLTbJmF1W7/HfwqraciOp5l+7PHZ6t9xanyl3zv9sx4FfZqPtvfG6/K/+kFXsacc5AEa5H3lI6eVqhk8zP1GPEzCr070D/F/JWO3QqZi+luhZ7mU6nnmaTYhWOlv1Wjkl+t9zRkd+Oq4zO6k1dAQ/Nnd8+q47HtI/dK5I9+X3QdAyo/dO1Q4El2dG5i8FG9X8G0I3g6ec9Dt0JPs80eQssEuNJH+F2RsYDuWNRJtg56zKJzdyHXrYiLTr6/NnkzF7ieRTYS36LP1pOQcb5Re3U8tn3Gze7kef1YqB6znlAwnYLq4UCLvK4dPa0wyeZX63Ww34H8GaeFg0xAM/5TUPmJYEf7br2Mwmp3IYfcU90LPZZGd5yunax1BfRWf0KpFZ1ee3W8KvulcBj8L57yzDPHwycWeOx8suO/FdMO3henk9cXSOGYYUfjX9ffg3skJ0n/6fil4g4thDz2yuLy1wq7Cv0MjSeBPb6NBQY7vqbv1ZO0JD3UP5p/p3gd7NX83aiev0fOEwu8g004RZ4MrdCJ2qV4mj9SJKGxLPGtmndE/mRkxh+RNUlkDWLsxXN1sRax7y602IVV50I7ys8uDDP8fx3RDli1fnW3itEhZMZjdw+Zdi2+Ry/C747Mef0JBR5i75DPq3GKvP5ACy1U+1L0x/gjJL4Wb2XXYqzwlAeYUbAhXI+9U1G3sncuBNHzz/ZH7VEf9rP4lGfbg92L3IyCTdNDP/Bj2yVYOnDReMzzs86rkU4d8oGsRS/C74KMD9Yq57QOBdVPF2AVOEXeHFphFbWz40WBxJd878fueGoHb0T1wrV6Yd+xMJPsu/kax1M8Z/tn6zF8KrTeiid08HZ+x8yTPztedVeS0cmT4jP0EP5TwJy/n17gZfMZ9lfiFHl9wC7kUA12oTfaL8VfsmvI/iTwFHd99DyFS2W+p7A7hR0K5vg1W/wz41v0NY51PsjwR/Ifiw/P/KUVY5HzY+Rnse/Wexoq5u/MAs+qiegfbMLTizy0MEIKmY72ETv1JF+L/souIdrxY4ERp3oxXjGRZOmxJ7kMvsaJTvzMhUN24ZbxHL594YB85ylDj82Pdmey/aPdtKhe9/w0rUvg7+rkPeUvejLmasmGFniRucYTP1sPBTvfrXh6kfdEoIVXVG+0j/AUoisNq77GWUGbVLIReYDZi+SdE8Uuvcjgi+pn8DvZrRwPN+JTodUBlnExUy+bb9GqLAAjXymwdOAQvRm65Vf5lzkoX9PpAuYHczP7GwumAzKeWuShhRJaCGXaNT56Pp74mi1yfRHbnSOhSwcvGjd70M+279bLLrSyJ1nE1sU/4pO9aHgq3ta1G7kXqJ/t36kr1j0/q/0SONWdvF1/5hl9htkfnEqcigJPmh9/oUBtWdA+tch7A5iFlEUvWuhdQPyZTfOXwPqkj4VT3Pnt7MEdzSWaj8Vnd2EWfb+q+dV6u8Eez8aCgR0f0bdwJQ7iP7PP/DVN7XqMdpT/pPwq7FE+298bL9M/+8PLSEHCmIO83AMQu4u8SKHD4D/JztK7Q+sgzuKv/D32EV07ditkLn6zF/MeX68eQyu70MrmP8k/wo34VOq9DdFuCFs/2g1i6GsFFTMeykfzq+4OZttH7gXw2f5sZBaB7LkLnSvQeVjzyShINX6kwH0cdhd5vwC0MI3qjfZLiDn7BBDtACL6GrRJrAu6f/KFTgSanaXHHqyleGx9jfO0QjBbj+lboVeJ3YvSjPjoB3oWrVkRtNKPxEfjVeSHfkC7OubRq7DPuE/p5I1xs/yz56SMOUvDTxVYHbCryEMLHza/0q7xq+Lfweys1T0LAAAgAElEQVQAeuwjntbB+4Jd7GXrReNH9difQnbgS/bdhdzu+5Ptn633RHTo4GV3bSJdo4x4KD+7CxfpAnaxXwpHwu4PTVbI/lAsMh+z50o032gBWhHvFTidvDrsLFQl7ZXepfhH7FH+buxePD+9uOtWqLELrcj1ri7sLD6dirs3TMbM8W622Gf6WLhZeuh8NONkxmPMl1KxhsbXYmTN59XrBbY/G9njZfTDxB0FnoaI3hvmhDRUF3nsQgflP8meoafZZvHvyPyTjRm/O3YWex4tb3GQVUghGtWFqMbXbLsLOea9hOoxfSs1K4F2i9h67O4Hqhft/kTjM+Kx+Lu7eRbfTPuXE3nvNP1OYK4bOhZ4aDyJj+pn58u43lE+hNPJ4wMtTKN6FvuISGF4EeyrfJ6CHcVdZRHi8UH46MBv0djN1zgdC8GIT7Z+pVYF0D9hr9azxIrEiHxAmPHnfGg8Jn+0z+ZN5PrMEI0/883s1GnnK8GivwPRZ7J6jmYXjNsLnIO6Ig8tfNj8SrvG35HfCLQwPB28OaqLPbb9CfzswqmyMKsoHD0cD7eCv0uTjd1du9H3Cvh79NhdOzR+NB6bn92Fy4ifaZ/x0euN6HdB5fphd4HniY/Y2Xo7CtiUgvd08vKwu1C9lJhIfppe1P40nOKOx39CocYutHbfD15ulf4OzUywx7/ZAj3TV8rfoqdxrPPHjIPEt86P3fkzGyO+FqNq/s/m70aH9UNlgedBiwLpDUCLPLRwyQa7MOrcAfTq3cHsAK7sWjwEGYsiFjoM1Fb7EwqjzoWoh6/Z2IWjR8PLzy4Md+hlI6ObdwU0s7tZM/8roBHpdlnsT+ZXdfMi1xc5X0/nD+F3R+VaoaLAY8ZD9TPyfVQBejp5cbALX3ahp9lGvRGWQi2rg9dp0H5SUbeydy7suhVpbL7GQa8nymUXhahP9rPcaay4rvgHXGyg+SD87AJO8vkC+YDR0sHqzB/ts3kWuR4zRK6vxz7jvrWT98XuNUXFHL61wDmwF3nsQiYKZiHEKKQk/q787kDyGWF5v6MTyois+ys6yOwelKP2J/A7F6IZfMlefb+hMbMLw07aCNhdu1H7AvWru3aj1hXQY3SpLDGexGd24TKuL8M+5iThbZ28LzLXB7sLPM9chMRD+RUF7JaC93TyeEALYXahdwkxR7un0JP0o3y2/0qvyv8Ud2v7EwqvysJuxmHeb28v7Cr0UbDHr5k2oo/6MMd7S2zUX9P0zIe/xJ/ZWHoV9ii/O7I/rNtd4CGxPXoe/muhFXlo4RL1Zxc+ne1ZencwO4AW+wjt4Yr6o6gs9hiL68jiPbN4ydCuLix38i22ynutonD7tUIvs5vn0c/udlR3fxgdQvT6vZXP7uZZOouS3RIf1fPgLR8yV8+tEXs3PsOOgroWOZ08HNHCF9VDCz3NNupdir/FPsLzCbPH34qKQZa5KPcs+plFhJUf0ciceCzxLbZs/pP8I9wM/93xqj+g0j5wy4ilLcLvGLnZdgmWjp9WML6ZP9pn83zk/YquKyzxUT0Pdn9wFJnzPXb2HFtREB0oWBV50UIG9WcWOtl2jb8rvzuQfDR/i32E9vBWL5BYutFBNarXbVB/WuGFFjrZfMTGsEfjs3wYvjvjZXfpmPEyuhzVXbvRdin+aLxf46Nd0Qw9ye6Jj+hZ4mWg8oOxjnMt057N71DAUtYip5P3v0CL2d2F7CXEHO2WQk/yR+0aov7eeFn+nYu7jMEeyWf3ZKP57+Ajvtn+Vo0In+2/O96u8csTb7b4jsaz2leciL/lfGbzHxIvix+Zvzvxs/Wi8aPI0qvy3z3nVhRI2fzXgF3k7S58WB268RXVn/ln5XsHswPosWuI+kfRqdjzaEUW+90Ktafly+Y/yZ/BZ/vvjvekbp7HnxHvCmgw/NHzReKxu1GV/Fnu7O5qtJur6Uf0GPGYyB57O829qL0bv8JO5Z9Ono5oYcbWk2JY9C7FP2LXEPX3okNxF9FAi4qZncGP5Pi0fDvwK/0jXA+f7V+N7HyrP1BD+B0KuNHf0vHLLOCi+VTyZ/PweK7IB75svRGWdQOipyFrnVI9RlYWdys+u+A5AMEq8nYWOmz7d3/FserNdJj537HqFq6ORQfg7AVHFnYXe2y7R293oVZZSO2Y1CJ8jVPhX8ln+78FT+vajVpXQM/jH8k/owDs1LWb8bVzQLtwbL2ZXdJH9Sz+SDwWMsfbjnMx057N32Gn8H+5k8cuTK2+Vr3RfgkxR7ul0JP8UbuGqH8UTy7u0MF2Zo/qR+NVTiaa/2hPG1yd+SA2hn6Uz1gIneLuT7DGW6sGGk/iW2JLHMQfnR+t8aJ8z3xdydeucXY+bHuUz/b3xqvkP73Aq+Y/FmORl134oIVNpp3Nr8r3DmYH0GMfYXn/dyISf2ehN7N79JCBGvG3cqPxV/bdk1iUH7UzCkEvN+LD9H8buncjdufn6WZJ8aLdqcxuk1ZMeviR7huaT4V95F4An+3PBrsIjM5dzLkZtf+jcNB1TJRfYQ/hlzt5XuwsbCXtld6l+EfsK/6IXR28LzIWrU8o6iQboh8t4tgTBxrfwkcLpWhhxX7/rZydegi6LLCqgH6glhFbW2TfYeEyF9loR80aY6YX5bM6giPX+oGvhT8C+cAXzafCPuM+pZM3xq3is+e8ioIpyv85fIs8duGC8nfas+Ox9O5A8tf8PfYR3Tt4X7AH0R327MIB0X9aoZYdH7F57ZF4jPhRzV1anRHtio1aF1Hvq7kzv0j8jC6Yxp9xIufL7CoyunCRLmCV/VI4Erp18r5gju+MAoo9V1vt4ysjHluvosA14Zc6eZmFKSP+aL8E/dGO5ofqa0D51Xh6ccfUyyhsfj0+kgs7njXmTj0U3RZX2WCOn7PFeDQ+cz6w5Deb3yz8GUcrTir4nvncGh/lo+fHyKebXUO39czu9UunAs8KtGBKKbA64F7kMQoflF9pz+SPr8x872B2AD32ESh/JzIWrpnFHrO4eEKh9KT4Hj7iy47HiM/mV+t1B7Nb5tGrjh+1z/iX4JPZHfPwNf+ZnRm/mj/aNN+IXYuvoWsn74vKoq967mYUgBIf1c/ON8P+B36pk+fFzsJW0l7pXYp/xB7lVyJzkZpR3DELPosPo6iJ5PyG+BG+xsm4xzwcD9fDr9bbDfYHZJkf0FkX1ZJexO5ZdGd/YBm9ftHz7XR+Fv7sw+vMdYp2f0nouq6pLO5W9sw5PFzQOPivx38uTuGC8nfas/RWHG+8O5D8NX+PfcRTOnjZC1P2ILqDv7tQenL8DD7Tn1EIVvKr9XbhdO14+awKqJXeDv6MYz3fJ5wf+v5WdPKk+BY+or8LO9crFXO5ZM8oGKUY2fHSCuA3d/KqC1NN7xp8NPuodbdrepo/ao/yq7F78dq9uIsWKjsngw7xI/yoPVoYWjUq+dV6u8EeP7PH7+j8MVvgs/S14gHtmGXyPfN9h3wj/JmddT/tut93o+N6pbLA8wDVY8ffBq3Iqy6UvPbv9ujD4iN617UezKz713B8Ft/rj9hHPKWD90Xm4pS9UN/BRzQQ/ycUaoyJjclHfKP61hiV/Gq93XhaN4/RrbvAmJH4lm5QFt/T7UL9d+a7o/uH2rX4TP5uVBZ91XN71K7xUf3sfOn2J3by2IUnytcKve/2FdifxdKOrfxnx632KH8XMhakGYvqXYVgdKD2FJGMIimSU+eibmWPFoLR+Dv5KLotyCzzTKUe+wM95gd+aMfJE7+SP5sntYIL8dfio3xLvEo+wz7jnnUO3545x0fjefivw6rIqyqMPPYVf3zV9FG+xR4t7laDoXWA04q9kb+yj3haB++LDoOgZH8CHyk0nlCo7SqsNdvMjk5iUe4p9DjY3aWL+u/sokTjd+hKeTpHVv8d+VbzM+xS/Ci/C3audyrmesmeUTBKMbLj0eydOnmWYjJLi12Yzoq3qP261ucU5WtA+btxijs7P6OwQfLx6En8pxV2Mw6zGGMXihV8FN0WY+zxMqrHHu9nC3hNy6KHzl8zjlZcVPCj83VVvlXri+h6JNse5e/G7vVOdE5kFGwSGHqR+FsxFnnWwmZ81fgWO6rvKbwyO4zZ9u/+HQy+hKd28K5r/8Bnse8qPnYVVtb8KwrP3XzNxiz0duhF+Si6jU2/0M27AE1md9ASv1u3SvOf2Vnx0e5f1N8TD9VD7Jb4UX4nVM4NkbnXs26w2sdXq97Mz8K36pfbO3XyVtAKoWx+J7uUu5V/CfYofyeeUNRJth18bbCQ/CuKysg5divqLPcner5MezWf7d8N0fOJfsC2+wM9TQ/tUEXjVfIZHblI/JE/m8e1+Ih/lO/Rm/lK6xQtfpTfAR3WQJY52LtOiM75Ffx2+BZ5nkJkfNX4VvtMFy2EMvm77HdYOpQr/sw+4qkdvA6DXMReze9YWFUVnk/hM+1Wjofr4bP934JuXbuReyl8dtdOi8/sKjH4M07k+kbzjXYZs7ugDD3JjsaP8rtg53rIMvcx9WbbUjxJb+afUYCW2Hd28rTChqnPyKfafk0418KO8jWg/N14c3GXUViw43ce/C22nfwO9mo+2/9tiI6/meP9bPGN6kXs2uIf7Zhl8j3z8+740v5KI8pH80H1qvm7sXs95ClIMvUs/Mg1az1/3Yu8SGEyvq58R42qwknLrzofi/27fweDL+GpHbwvdg9uUV9EL6MQssavKDwlTXah2JFfba/ms/3fhs7dPAu/2p7dbZL4aPfN4985PoOP5oPoWfSZfC+q4lSve7xrB8vx1Ty74jDy2xkftmd08rRCZne8ToWcpdDTbBr/EuxRfhd0KO4yB0aPfkXRxB7s0VhWvZm9G7+bvZpfrbcblnmq0j/K320fUcmfzZtawYP4d4/P4KP5oPfLjNttXbR7zMxeF3nmdem45fyiBVQ1n47/XLxCZeUz2kc9RiEk8a35eeNn2e+wXK8Vf2Yf8fQO3he7B7UKvazCyhO/+nyyr08Hfid7Nb9abxequ3RR/25du9F2DfZqvqczZPV/QvwIH83Ho2fJUUJ2h037kD4LlfOLZW5E1lOS3vhqic9Y+yDxI/qQfdd38maFioez4qP6HQq9S8h5tKN8DSi/G95e3EULi+zBOKqn2bKvTyX/CfZqfrXebkTH22r/6HyTadeKA+kDTBY/On9747PWD9H4Eb4lP43Ptkf5KKT3IzNelT1asHj0o/FRtJ2jvL+TV2G/74+vqP7Mv/p8VvbrWj/cKH/00268t3Twrmt/oaf5MAqF6MC38vcWdmy9lb3q+uzkI75RfWuMSn613m6cbl6uHe0Gsfma/8y+0vN0x1D/nd08RvdP00P8PXoeeNdfrDxY8ZB1wHg8slaQeP8sOGh8ND82P2x/wu/kjYgWVmw91H4tOIzjVjvK64gORZ1kYxaJ0aLJUyRV6s3sO4vKCr7Fjtzj3Ys+tv/TgZ5/9AM51F/jd7ePyOQzOoJS/Nk8rekh/tH41XyP3ghNf8Zlr5Os6zg2OhR3K55lzaDpWNcu0TVLBT+MyO/kVdm/+yuOVW+ms+P8vvt3WIvAFX+E1b7Sfwo6FXoz+w4+Upx11xuPVV+fCr5k73Z/R/ls/1/B6drZ7Tu6Tkh+nvjRrmG0S7e7K8ru4nr0ET1LvDu8utXjL3P+8sz16HpD2kfjd+Ob7Z06eVqhhPIljYpC7xo4SD6rYq/K3h3dFr+7i7toIfI0PYn/tMJuxul2f0f5bP9fQ3S8Rv13zz8Ru7TYr+Ij+WvFyefCr8dqf6bBPp8KflQvqh8F63mOxmfx2XNoR7uE1vMZ63fyUPt3e1bcMPijfeaffb7f/ev6e/C5huOS3oqfYX8Sui2EM4sFKxeJFy2uPIUVWw/ho+9fNl+zIfe3p5CMxPPw2f6/htPNs9t3dPO6de8sMZF8tNiIP7t7mpH/jMMas9idwRHZY3Pm3NixwJvZx1evXlZ+/6Kik6cVRt347ELve+wyHF/xNB2WvTOeUNRJNgY/UgRWFIDs/CLXrFtRFy3EGIWcl1vBr9bbDXQM1s7fMu8x+Z3ts3mukq910CzxZrFXepb4K01LPozzYfMvxY7c75Z1Efr8SGCtw7KLOZSfMUd2LPAkZPNhMH8nb2Vf8cdXTR/lj7YVJ+v879CKuFnOM/8s+1PwpEJvZo/y2YMmIz67sMrUs9i68Zn27vxqvV1gdgU8em/v6lk6P5n8iD+7q1TRNdx9vVE91B/Vs/gj8bzILgIr58pO9n8mxzQ9ND4t3y7fyZsVSihfK7wkDUahdwkxR/uML+WM6qP27nhzcWcZDDOLw+hgouln66H+2YUamk+FvTu/Wm832OMxqsfmd7N3588KmNHX4m+Jz9aT9lca1debbY/y2f5W/Sx/j/0tBd4KKL8Mlb+Tl82X7N/t2eDB6NitPpmxduwQf6b9aehU7GUPdIi/lWuN7y3EIvntPF+Ny+Cj+aB2K8fDreBX6+3G6ebV2iv50e6ZxR+Jz9ab+TPPx5Nv5f0T7cRVdfK+6Fb0IfxuBV52PLZeyu/kaYVRNl8r9KzbK71rwVkdtx5DdFn2p6BDcccuCJGBL1rUMIosdn4dz5fJR/NB7SiXGa+j/9OgnS86Zo96lnmUye9kj3bMovzZvIu835o/Gp+tN3JnQP0j/Ar7jNu1kzfGyfLPnkO7FXgeoHrs+Cm/k9eNvyrSvIXeXecLbTC1DihasTfyvfanYnexV6GHFAu7B1FUv/v5WmwoH80HsUfjR+N1838Lol2+3V2t3fbd/GhXC+30aP5svZE72tDzifJ32C+FI6G6k/fFzqKPPfd2t2t8VN+dT5fv5F3XvBiy8j2FqaZ3DT6SxqoI1Io3Fh+1Pw27F7vZetHBEYnv0WPnV3m+Gf4aP1svGj8ar5v/2xAdv1F/Nr+bvZo/K1hGX4t/NP5bzkfjd7NrqF6f7SzuZvaM+Xt3gRflpyHzd/IieuMrO7+7/nXZB6fxzULOV/P38mfI+qRo1ydQnpgZC1+0OEG1EA3E31s4RYqzHXool/GeWWwePYudqbW7UDuF3p843Ty/3dJdyuZHu18SrMWYV2/mX3k+Fn/0/WHatfgadq6jInGtfsi8jB7vVuD9o3Ci8cJ6jE6eVmhl86OF3nf7AvYvgacVbppN48/y8PJQVA5KHYo6ycZc1LMLIsux7gUb+3y9XA/fo4fYGRrs5yvbv3u86rHWOgfs4u+0z+a/av4IxF/roFnWJxG9kTtD5vnM4kff/5lvZJ2FPi+ofgaeXNytju8s8Gao1lPB+J08Nv+7bynOPPEjxZ1U7Gnx77B0AFf8mX0E+5MibTDMQqdCb2bfwY8UU0dvL/9p9iif7d81XrTrlh1vN7/abunUZPGjXTFPfLbeyB1t2eej8Rl6EbsW38JH9LOQPf5Xzq87C8Dx1aOXxpc6ebPiQ0KEb/HNKvS++1fAPtO/JhxJD+FrQPmo3inuavlIoXP0+r2fT7NH+Wz/p8Sr+mQ+ez5g86vtXv7KB9FHijHv+WTpzTQqz2elUb2e2v28ZONNxd2KX1kAWqDpWX1hSL+Td98fX2fcCH+1vcoH1au0X9d88Loft/JHP+3NRjt+GjS9TsWehYsWD5o9WoygXCRetBjyDHK79Bj+Ffwn2aN8tn/3eKebJ/Mz7ZZuk6YX7WZF85H82Xozf+T8M64Hev1R/ZlPxK7FZ/KzkTkXVK+bxuMdCkCP3vjq1vN8J08rdFB+tR7bfi04jONWO8qzQss3C9GCzcKNLIKzBq5IEVhRALLzqzrf3fwn2KN8tn+2HhtafuxP7cd41rlhFz/TPpunUL0REX2Nr3WwVsUUS2/kzhDJJzv+CMb7j9q1+BLY6zQvsueE3eukHQXebr2/YPmdvO/+ihPlr+wzHYm/y/7dv8NaBK74I6z2lT4Kq97uYi866LAXzlE+I16k2IsOQrv1PP47+d3sUT7bP1uvCtldvt1dOpTPtlvmR2Rujep7OjuSP1tv5I62aD7Z8S0aUj4Zdil+lF+F6qIvc71UXeAx9f6ZHHPHX/2EwqywmQlk8le+Vj22/Ro40jmsikBvpy5qR2GNl4VT3PH8LYVRdX67zzfCR/N5gj3KZ/tn61WDPT5H9Xfz2faIHlLMZOWD7nv1Zhqe85f0LP7R+Fq8bvYoPxtPK+40jeoCTwNDzx1f+k6eVviw+R0KOWvHbvVJjOV8VvwMOwpUL3Pxhd74Hm7k/DKKiZW/NZY1vlePnV/V+WpcBh/Np9pu5UT4LN8KvWr8UjeP9ZcpiD3SjfHoRfytxRMzPtJNY+vN/KPxtXid7CufrmNa1jyBzPeSLTJXVxWA46tVjx6f8Tt5KLTCCuVXF3rfY5fh+Iqn6bDsKKx6GYNTtGBDOBUL+GgBgmh6B0KrHju/XefL5KP5VNu9XA/f61Optxva+UTH8FEfHcOZ/B3znpafZNf0tA4Wmo9lncCOPyKSD6o384/G1+JdjeySzxcdunqdiruVXSt4JP+qAs+aE2OOU/Vmv5OHFkIVhVWHQu8OrYib5T/zz7Kj8OrtXthVL6Sr+RnxmYPk087XYkP5aD6V9u78ar2uYH+qv7urt7tzgnb10E4M6q/xM+N7unJsvZlG5Hp44u20a+ja1eu8HmPP9Uz7P5Nj7Hjm+LP/eGUFrRBC+ZrG7kLvEvJbDUZa8bvyZ9tRoHq7F3OnuDt6mf4av1oPtXfnV+t1R5fxnMV/mj3K7+yPFFNZeiuNLH+NX23XwH7+o3jiegwp8FA9j3233r9Y/ccrq2No4Wbl318vwaei0Bvj32Ht2CH+iH3ksRZDXj3mYqz7wKL5IHwr11o8/JpelT9iZ+sx7F6uh+/1qdDqjt3jeQYf7aYx7WjnhcFH80G6N+z42XrV/hrfo4fYLfElsJ9/NrqszazHmTy0IPtH4Xj13PyK7+RphRWbh9qvBWd13HoM0bXaUZ4VqB5jMOoycFjsWQVfZDA6enn+Fjtbj2m3ciJ8li9T46noMp4z+eP7Gf2AE7Gj8yyDj+YzFiirYxnxs/Wq/TW+R2/mG7nfJbCffxa6rNF2FHcrnlawoXxUD8bsO3nXcGy0MworqTt3XX939zI6dpYBYjWYWAcQrdgb+Sv7iN2f/H4Rjd9lEPHao3y2/6/pZfuj+lG9anuU383/qdg9nlfwJS7bvqOTF8kH9Y/Gz9ar9tf4DD3JjsaP6u/C7vWaxNcKKLaeZB9fo3oW+5IvdfK0Qgnla4XeJcTQii1LPMl/Fg/95EnK13N+ElA+W+8UdzF+9+Kpu162P6of1au2R/nd/J+OLuP5Lj7b/jb+0/Sq/TV+tl41vxod1mtZBZlFL2N9ES3wzHzpd/LG/dm2lY/a76+X4GPRG/1n+9dw3JK/5o/Gm9lHoHwNET3GwqzD4BHxjQw8kr811lv0Ovgz9FmxLHaWRoTP8mVqPBXop/+a1gXqIfHZnb8Mu3Q+3fmW9UpET/Nn67Hje+JF89n5fHTD7nUbws9c50g6/yw4mgYSw6Rn+U6eVkihfKuel3ctYl5OnlboSf7e4yugfKYecwDaPUhENaMLfm+R9Ha9Sn+mvjcGYs/S8vC9PhVaT8V4DSJjvGeeQOKz560Mu3Q+3fmW9UpEb/RfFT1ePc0/Gt8T71Ls2v2/8/nogt3rNgZfK7Csx9FCzBrfkh+Cf2Y/oWAtzMZXjW+1r4o2a7y73xfI4GnNf6aPxl/xR3Tp4LEXY08bNNh66P7b9ar9d/NR+269KL9a76mIdvWinQFLVwPR39HJG+1aUdGJb+mcRfQ0RPXQ6xH19/ARPY9d0o/yu6ByvtIKIpRv0dOKvch6KZqfOf/VTyjMChsJGYXeJeQws0s5a/qW/NB8JLvGR/VReOOzcIq7o7fTfzcfte/Wi/Kr9Z6O6Hif7c+ev6rt3flSMTXTRPVY+ey6Hux41fYofzd2r980n4wCSkNlAWfJ71+O9J28WWHELOQQ+/31uvTB4BqOR+Jb9RG79ZObaAdPGzR2Lu66DxSaHdGzcq3FQ3e9p/hH+Gg+DDvKPcXes8D6iw1GJ0/zR7qNHTp5o13KP8pH87HEkzQ9ekx/jx4zPoNfaY/yu2H3Wg7hRwsszae6wFP5s+/kaYUPyo/aV7xL2L8Enqdjhx6P+qE8zX8EqscYfHYPBFFfRoFgLbLeotfV38NH82HarRwPt4JfrfdURMd7lo7Ff3zPLNxOnRUp/ygfzccSbwQaP5q/VnBWXw/m+6Xlw7ZH+V2we03H4D+5wDPB8zt5s2OZhR5S3ElFFXo+d1iLwJFv1RvRrYMX9fP6Zy+eqwcVtn93vaf5a/xqPdTenV+t9xSwOnijnlfH04mQuLs7Jxa7VsQgfEbnSsqFET/iz9Zj58/gZ9qj/K6oXN9ZCzIr36In7e8o8Ez22X+8cgnHJGQXelfAPtO/rr81LF3Elf/Iz7RriPqv9Kr8dy+WuxUfT9PTbN2ur8av1kPt3fnVek9D1nhdNX/sng/Z9iifGQ8pnrrkn3k9dvDZ9ii/G3av7zLWDy0KtID9X6z+45Xx2Piq8Z9g/+5f198P/zUcl/RW/Ay7BvYnwiN+qdizFCcon+3fXQ/l7r6+7Hyq7dX8qF+VXnewP8n36qHzh5W/u3OS0UnS+FJ3kx0vI36mv6bHiB/RR+Oj/gx+Z1St8xjHOxZoEftf/PHPNWeFzCxAl0KNUeh9j12G4yuepsOya4j6a7pV/jsWy5kFH9u/u56VUxnfaqvSY9qr+VG/Kr2ngD1ue/VQPyt/97yJ2hn88V62fLjM7LxF4zP9V0XWSo8R/w5UH40vxVzpR/kd8aTibnW8cwFnsf8Fy+/kffdXnN2Fmtd+hzZYzK7JzD/LriG7g8fS7V7sVfPZ/t31NM3d15edT7W9ms/2z9brit2dvKwOnjWfbvYMvlT0ZHTy2PEj/qgeOz6qj8bX8Ktdvez1Xia/YwHnskd+J69DoYbYr/tUfswAACAASURBVAnnWthnfOmaoPqoXUPU36pf5f/LxZ2lMHpacdfp+lbkU22v5rP9s/W6gz1+o3q7+d3s1fzjX+sfte9+XrrjycXdit+ygLPYkd/Jmx3rVsitPmFcffJi7dgh/oh95HkXN+xPgmdgaCMaOxbO0eIL5SP+bD2Lf7diNBrfolGph9qzeF4+279bHDYsH5wy9a163s4fi9/NvoMvdW+6+1d0IjU+kj/DjnTbsp8vK9AikwXmPLR73fY0+/R38lB0KOS0T1ik49ZjiK7VjvKy/CXNKq2dC+jqgWNHAYj4V+hVxke0KvRQexbPy2f7V+vugraIZOmjeqgfm9/NvoM/3huWD5u7+EfPv/r6afoWuxQP1Y/yrageT9nz0CnwcPv0d/I6FGoR+3f/Dm1wsHbktGJv5K/sI7p28qr1utmr+d2Kq4rzq/TX+NV6qH23XrZ/93hedO3gjf5Wv9PJy+f/M+x39u/QyRv5Uv6avscuPQu7O3nR5gEL2fNbJr9jAWeyS7+TN3PoUshZi7WVTRtsZv4RvgaUz/Zf6bGwe3HcabDw7Ef13pYP6q/xq/VQ+269bP/u8aJgj89s/ez5KjpfVtu787v5786Hza+2R/lsvVPc6fwWBZzFbv2dvNn+7kLvu39dfz/M13Ac1Zv5W+KNftrNxPoE1uuvgaln0dq5mNYepAo+Mhh59N6WD5tfrdeN5+VX6z0V7Ouwa/5gz2+nk4fxO/pL3Sy2fwW/0h7lazpfsMafqA5r3lrZWes2y/HWBd51+b6T163Q+x67DMeteqiu1c/Ly/LXdKs0dhR3nQo+SzER0XtbPmx+tV43npfP9u8ez4u3dPBQPxav2t6d39F/fBYtH8Z7/Sv4V6E9ys/SYY+vO4u7lT1S9G0v4Cz22XfyruFYV/sd2uDl1bPGG2G1r/Q1ZHfwWLrsRebuxXs1P1vv6fmw+dV6Gqr1ovxqvaeAfd675w/2/La7k7K7M4fyn+D/z7DP9N/Bz7RH+Sv/L566Pty9HpT8WxRwFrvUyetQyEU+eWLqVds1RP2t+lX+ux/mbvxuxVS3fNj8aj0Np7g7kLB7/mDPb7vnW62Y6cb/df/dfLY9ymf7W/Wz/DusB19R4F2X/Dt54/7uQu+v5J161/X3wy3pVdo1VH1Cw9LvVOyhD/LM/n/bO5tlu3HlzELXZbu77SfTQKFHdXjQrycPyqfuLookkMhfAGtF1KA2Mr8EeUgiEyBES/uR/njrefYnwt/afrRd+nsVuyh7KRSB9/SStOjxY9R/dCXCSm+2XZofPOll2F9Xo07zt7SX9se6XWtv7S9l5aJPmzdd20sVeK29r+R9OlUq9HptV732YCP5Paq9h9ZfGifK3+Mmlt7Yb+0W9pL+eOt59CfS39p+tJ3iTgfFnIxe0jir5+0fbTfbbpUHZNi/Fawn+H+itZf2Z0RP0q61t/aXxvHyz2jvFVRv/uUKvNb++Q+vVCrknto/eVptfPrtyb/3kL+L59HeI3oFzypOdrGXreftX60/0f7W9tr26Ou9ur0UisA/WXUF72o/WqRa6Y22j47XUr1M+1+X/z/NX2Mv7c+M3lu71t7af5adir5eQTXSll7gtfb8CYUKhV67sWkP7SOF3lubNJ51ew+t/2y8KP/sYsxaj+LO19/aXttOcaeD4u7vWD/vo8cf6/HQevzN1ou2P92/Zx+t14N8Mbd9mwKvtfc9eVmFXmu/31zt8rtU785fau/R3iNrBc8qnsTf40bWaFrf6B7+2cVWtn/PfvZ3r3jedlH21v5asuM/oU2ytOOFVM/a/8l+dKXBa/z1Whmsan+6f88+Wq/Hqit5T1iPR9HjtiYPSS8A7/bkRRd67cHm6XfrFUCJvXV7D63/LBFJn+eNbF0Qau2t/bOLq2z/nv3s717xvO2q2kupkpRYoU3SrOJJVxC0/qPFotZutt1at7r96f49+2i9HuSNse0exd2TfXgBWOE7eXedfbu5NHoae8v2HtkreFZxs27a2fZoe/x1/j37aD3r9ur21v5asuN/wQremP1oUek1Pvfij7ZXtz/dv2cfrddjt5W8L6zHo8h8oFdQSe3D2u/+4ZV285tFe7vY3Pk8tfVu/hE9rb1lew+tvxaKO197/HX+PftoPev26vbW/lqy41+Jfn5njzdSf+/xNbq9uv3p/j37aL0e2fezNdWLu57PsgVea8//8Mrdb9r2z+BPMw2zK3Yjehr70farnfTirrKCZxU/O1mm2KvtH/W7l19Ue7S9tb+3XlW0xylN0rzHG+8Vv6jx13r8984/tPbZK2kWK2ffBP4z9tL+aPR67JI/PlG96PO0Dy8Ar69rRhR6nx0ZeUhZ6s3+PtoutbPys4biztf+dP+o3738otqr21v7a8mO/4XV81uaFM7qS1cYZuNrx1er8dd6/K/+u/S4qvl//tZe2jT20v682UvbtfZavyhOLu6e7N0LwMjv5H3Su3k89Czsn9qvzM7cjOpHQbHna3+6f7b9au3R9tb+3npV0B4XK3iy9qd4vaLUavyPyj+09tLzUcX/zv7X5f+t7aX90bRb2X+xynO1UtHXK6C87d3aPb+T125srh3y1PO07+Ft7w3Fna/96f7Z9qu1R9tb+3vr7Yb3eBA9PmnHV+v+Wo//0flHtH22/2r20vZo+2wqFXdP7VsUeK35fifvLniknpf9W/uV3sVVfQZG058R38zkWXqj3rVr9T39R+yz/a3tZ3+ParfWmbW39vfW02LVn+gkStpv7Qqg9XgmjfekP7qyMbsiN7sSY6WXZT/a/4oreZH2X7/NXp9RK3nVnrujVC/6PO3dC0Dv7+S9aUfoWdi3gfYrq8/AzDwsJD4Zyba0oHpr1+p7+Evss/2t7Wd/j2q31omyt/b31vMmqr/aFbNZfavxTBpvtDjU2j21W/tJ9bLsR3/XxlvlfDzZf/7WXtpYyZNxcnH3ZG9eAHp+J++T6w0RoWdlP9J+pffHrr6C90V20pl900r1sv2j41V7aEbrSduz9bz9vfW0zPaHFTxdfOn4+qQ/WkTOjuc9/V5RpNWLspf2n5W839t/Xf5foxdtX5VK+WOvgPK2N2u3/E5eu7G5BvTU87SXtvfQ+ntDcSfTy/aPjkdxJ2vP1vP299bTYnV+qj+vs8Yjqb+1fXR7tp7Wfvd41vbeetH21aieP/Z8yhZ4rdl+J+8ueKSel/0dszMnq6zgfUGx9962evFkFa/a715+Vu3V7a39q8cbxbpf1klZr3/RK3Y9/97429O3fiNntH125Uaq52VvtfIVHS/L3lsv2n6WXhFrxW55pMTevAC0/k7eXfBIPQv79tIutbPyiyY76cy+KXs+VYut6HjVfvfys2rP1vP299bTMtsfr+e11fmRzvhn+0uTxSoreF5+0b9L+18lXpa9t160/Szez/Pd8kgLe3UBaPmdvE+uq2URelb2d+1XZmdaRvWrcHqxt2rxVTVetn219ur21v7V4z1h3Q9W8HT6WSt41/ZeUdorgrLtpf3Pipdt760XbS9FOwk0S6V8sldgedtPt2u+k9dubK4BPfU87Xt422eTnWxS3O0VL9u+Wnt1e2v/6vGiiR4PtPG8/a3H02rtu9lX75+1vbdetL2U0eOzjmdl79G+RIHXmu47eXfiMyt2s3qj9p+/j9o/4W1fjezk87RiT/p79XjZv1dpr25v7Z+tvwrS86BN4nrjX7a/VF+rF9UuzT+s7K9+VvpZK23ex/9kbx2/R9ZKnvR+GyW6CMxsHynwJPraAvC3Iu/LQFKY9do89e7s24OP5PcnvO2rkJ2EUtytHS/791Xaq9tb+1ePF4V2RcwqnjSJ9PKX6ldZoRttz/r9qV2rbxXPq3/W/bGO3yMrz5Teb6P+s6yeV15tLPTFBaDmO3mfXFfXIvSe7N/aezfpE6et4H2RnXSeWuyN2leP590fbfzo9ur21v7Z+lWRHjcreLZ6We2j+YfW/kpvJWu2P7PxvPvn1R+r+D2iV/K8VvC8dEb1PNstCjypvrjAa032nbx2Y3MVHF2xm9GT2N+1XwvHN3upvta+GtnJ52rFRPVii+Iut726vbV/tv5uWI8nWj1vf+vxtlp7Rv7zplet/9HHb20vbY+2t/Yf1Y/SsxivNQXeSP4SUuC1JvtO3p34zIrdrN6Mfa+t98eynnHsYT2IW+GVZFLs2diP/h4dT+tnHSeqvbq9tb+3HvyJdPyR6l3Rjm/eK3LWelHtTysvUvur36ye1UqY1/F6H39PT7tSN7rSZp2f9tD6e2E9/mn1NPojBZ5EX1wASr+TdyeuLfQkeqP2V0ZnZO703+x7N7WUKjfZFxR3te0p7tZqr25v7Z+tvwvS8WdWb1Tfy996vB3Vi263+t1KT6rvfVza/s3+bh1/tF1qN2tv7T8bL0qvYnuvYHvzn9ETfSfvk+vq2kyhJ9WT2F+52mhnSKqu4F2Jvqmk9hR7sfbV+hetF91e3d7a31vvVKTjj1TvCit4Me29IuTJ/opWT7uy5X283sc/qjdqP9v+hTY/7VF1Be9KdL7Zs7XMF6T6UwVea7Lv5N2Jj67Yec+cjMxIjBSDT/rSdileelZQ3K1tX61/0XrR7dXtrf299eDvWI8X1vpSf+vxVqsX3W6hdzeJHZVvZed3HufTU0/arrW39vcms7h7spcWYG/tYQVea/Lv5N0JjRZ6d53JsH9rvyLV62G9AjiKle5pxZ7371nFV9bv0XpR7dXtrf299WAM6XgWrT+SQ0jieY/fWe1PKz2eb0Bp4luvBM72T6r/ZG8d37pda3/1+2KV53b2eKopwLztu3oj38m70lux6xVivTZr+zbQfsVrBU8aTwvFnU6P4s7m92i9Ku3V7a39vfXgT6TjWaT+TCJZZfzOapf+/tQeFV8bd5fzENWutdf6ZRGdd/bsR/ytCzap/W/tI9/JuxOZKfQ+0cxASe1H2q9I9XpkreBZxzm12LPSq1LsZdlH60W3V7e39vfWg3uk41mk/lvuMBvPe/yu0t4rMt70LN5oksZ/Kq6u9Oyl8aT6o/ZW8a3brey/WPU5nTmezhR4knzCpcBrbfw7eXdivUKvdfw/26NmakbbtfbW/loo7nL1qhdfq53Pau3V7a39vfVAhvf4Um28tO5Phfa7Ik2i18vXJHrR9tbnt1o+mZ2PZuefWrLH02r51HCB15r8O3m9tqeH1RcZ9pL2K9YreNnJ0OnF3uzvT+1W9rv+Hq0X1V7d3trfWw9s6I13FvrSVb1PZlb43nyk+lo9z/anfGpE72llJ0pPaz+70uXd/178qPar3Rfe+WsPaZHpRaW8tFeAedv/1j76nbwrPXtNYai1b4p2rb21vxUUd3O/P7VT3L3/Hq1Xpb26vbW/tx6M0RvvLLVHNDX9keQfI/oWelHts3rS3631tL9X7WeVdqndrL2U6Od99ng6055a4LU2/p28O2FJYaiZsZLaz7Rf2W0F7wuKvfd27G3to/Wi26vbW/t768EcvfFOqz2zAveJdPVvNNkd0bfQi2i3eEOpV8R462ntn54n0f3pxc9q/8I7f+2hXfTwonp+6mn/WAC+fSevtfGHZ+9BenczS+3f+mM1UzJrb+1vDcXdezv2/XbpDJN1/Mj2UZsZ2wh7Lw0PLbDHevyJHg+t7aP1Rto931Cy7p93/Gr2q7Vr7aXM9seL6vmpNN+wsP/rt7fv5N05vz2YeoWb1n60P5L2K1r7K1WToaiiLztZjyo+dv39qV1z3qUFZER7tp6Xr6WGhxb4MjLGSvU+8V7hs7af0RuZjH6LJy30enoj7U8rQ1FvUEnjZ9lf/azzS6v8tNd/qd4oWfltVH46am+d77zZmBZ4rfW/kzfSdi3crlja3/Xnzme03cr+SpUVvCsUd/ftFHdj7R5/F80DMrs92n7Wx8I3UhPm8XhVqze+Wvtb20v0Rs6fpnD79NfmL0/t0t+f2qPiZ/3u5WfV7mU3inV+6z1WVCruntql+Y7G/ldr79/J+2Rkhsfy1YSoGRIr+yurJD7eRd9q7dl61ex7bdnny7pdahtR1Fn5U+CdwdvYqtH8ZOcVvJHzJ82PejGs85tekTaiZ9E/afwo+ysW58uy/cpo/0f1elTJb6PHy8z8w6XAa+39O3l3zm+vWloXes2xPdq+GhR3tfSq2VfT69lYF2QZepX9ozTBBo9C76rfFDGk/ZsZnyX5jEW8T/sRf+/8565Ik+hZ9q+afbSetN1bTxvPm92Ku56NW4HXWv87eXdCvULvk5EVwCf7iPYrWnsp0pvci1n9Ub+sos7aL0ov6/dovRFfb/9RjVn7mXurYlEXqQ96vAs9bYwZX4nPaD7ziUX+ELFCN9KuybeeVo6i9Kzsr37eelbtV7svtHo9/StVn/Pe46P3hLB1vvRY4LV2/528K28rcKvNkPRuEq29lOybiOKult5Jxd1Te3ZBKLGPLuCqFX/Zzy+4Zzbpk2h/MRND0r+ZeNLX267aknyg0htKVvmW9Hdrvar9imr3snvyu1LlDbXo8c5ivNfkH9Ji8Gpzm0+NvK75NCMknbGqMsN1h9Zeimb20xPrm0Jqb92+m95q/bVsjyjwJNdzRIFXraiL0gYdb+N5BW2Jxky8no9l/vCUH2n0Ldot8q1eEeStN2t/xVvPq/2L3rNWOqmz6greFe/x0XK8vi3AlLG7BV5r469rjhR61vbX9tbx17Rr7aXM9scLirvaejPxI2eUVm8ftZmxjdL30MjQBhso9Oz0vfMPi3bPFUXr/mXE99SLbo+2r8ZKxd1Te0iB11r/O3m9thn7T643/sgMg+UM3RXtqyhWy+VavG+CWfusZN7aL0rPKr7mvEofUCu0a+wp8GAVKPRs9a3zD+0KXa/NOp5GT9O/p5Uqa72rX8TfU9J+JTq/7emN4j2GaPQtJoSt8603m25+9vSdvCufF/3IhTI7Y/KmNRKvp99DO8MxenHtcnNQ3PnoVSjunto1D6jV27U+3vqWvpViwDjWidxbjBntmf5J4lnre+YfI+2e+dZovOwVNOnv1fys2qPtR/Wy0Ma3KOgkttL8rGfTy89+tfb8nbw7x7dC783+rjOWr3KO6r+xywqedRzrom+19mw96xmh7OOp1j5rW1Hf0rdSDJAxMl5mxpjxlfhY63vkH95vOFnHszg+i/71iq9ZvSte8Wbbr6y6gnfFe/zwzn+t8zOt/28FXmvj38m72ozMCEgfnJoZo2h7a39rKO507dl62fG1ej2bbH+NbYT9rE8k1ft3MhGFnoaIQq8JY0TmH71jufpb5Fu9/kjizbRX71+leD2i81trvd2Lu55NWIHXmu47eXfBtCt02hmQuxga+yta/yyiij4rO6/2Kn5Wv0frjfhW9/fWs/CNnqSppg96vAs9rb53ofdl/4k0v/HU88q3LNqfVrp21ZuNd/Xzar/afWFt3/O/kjUORI+PlvYz+YYkX/vNVvudvLtgIxeW9QzJk77W3to/Goq7Wn4rF3dP7ZULOu8Cq6J+pF61eKciHe+y9UeT2rvYMz5vvpJ8xVrPIt+689G2S39fXS9Ld7Rdajdr/+R/hdc1bdp7NlL92/xM8528T0aX5Z9stDMud/oa+ytVZzSkZF/01noWN0GleNnxLdt3LPAiZxAp8GCUkTG3kr5Ebya2ZPwfzVes9SLfcJpt7xU9u+mNxrsS1f6FNF+VPotXyXcjx2OpvUf+MmWv+U7eXYDRFbqReG/+WTMaVVfselDc1Y/nPaNDe5yelwbAiWiLzJF8YuY1UMtXMaX6mvhSf4v+fLZX11utXWtv7e9N5eJuxD4iP/zrN+138no2WTNQT0jte/5StK+FWjGrP+pnZefVXt1Pc9zSB8QO7VJbaz1rDev7P7rApKCNR1sIRevPFFba+Nr8xlpvtBj7wvuNql6bRb7mkR8+rYRVWRH1ar+itb+yy3N8xaJutL2b7818J++p7dM/e8bjitR+1F9K9k1DcVfbr8IM0E7tozZeepa+Fv7eetXi7UL05KB2vLTW673OJoktzW+s9ST+V6T5kTa+RT4WkR9Kf9+l3cr+StUVvCvR42l28SfNT361NvedvJG27BmPK1L7nr8U7bK5F6td5NntqTMyBu3Vzqd1e7ael6+Fv7detXg7MTJGV46n1dP4a/Mba71R/0+0K2Yz8a1W3CLzw16xZx0vq/0KK3hjrJzvThV4rf39O3mt9V8dmH1wzMz4SP3f2rX2WqxmWKxY+WLPatfcgNnxpA8IabwK/pl6nr4AsF+h14Tx3uyfCilNfMt8T5u/Sduj40W3R9uvTvV8t2czXeC1dr8n7xPvGaIZ/0+8Zzx6/lK8kr3oVYLTi76V4q1QoFHg+Wt46lWLtyOaIqdCPAu9nQq9r/ZPVnqjaub4PfuTFS+y/cpq+a8V2eOhxD61wGut/7rmyIOjfdi8tc3632lctaJmMGYvLl7X3KN9h3jZBZmnv7eehW92wZipr6V6/56wSo68jr83vlrpz+jNJKaS49Hoa/OdK1b5U/SK2V1fPn08+xMdL7M92v7Jf1Wy892ejYf/r+vrml9oZ2xG20Ztomc8ev5Som4ObZzsm6Byu7Rg2iHeSv7eeha+FHjzVO/fGyNjYCbe/dPoz/hKfKz1R/OdT2Zfm3yykeZL2hWzXptnf6LjZbRfWS3/9cJ6TMjMf10KvNbu/3XNT4fPGZvsQu9q2xztrf29obiLbc/oj+YBkd3es6HAA4Andiz0rvZNqafpz0z8XryenmV7dLzo9mh7a39rdiruRvWmFwSeirxPw+hC75Ns+57/KngXgacUfdLfI9qlBWFEu8SeAs/fP1tfS/X+jTBTSETi3T+t/u6FnoVetH8vn4poj17BjGy/Em1/ZYfncGv5RZ3UVpX//XFj9HYj3QnOvDPe03jTirAf9a9GdDJJcecT76nd44FQqb1n411gRRdw1Yu/7Hi7kXX+pDP+XvG04+2I/8yrab38RKofqZfhn7niVXlF0bo9y/5K1fzX+nmanf/2bKT+v1p7/hi69h1sqU2v0Iy27/mvindSuXvRl9mfmQdE9vmT2lLgxflXjwd2jIzRleJp/Gd8JT4W+Y6lXob/yMKAV/tTfprVH4/2K6zg+VChqBu1nyrwWnvfk2c5Y9Lz19iOxtfYrw7Fna7du0BZrb+jNlZ6uxV4AOAHhZ7cv3U0NPFHVrQk/iN6K7dXt1+dlYq7Ub3bAq+19z15GTMmvfg9JPp39leqXvTWCWbGRWmp59k+U6Cs1l9L/1GNUfsdC7xs/+rxwJ6Z8TQzXob/CYXeJ94rbHfxd1lR9Gi/osmfLex77Jofa/yzJ8h/s7/bk9da/IxJL36PWf0euyU33hf/TsXdU7umIFmtvxb+EvuMB2S0/sp6q8XfFc2rjJHxvcZvS39p4v3p85Y7Rer18qWoFSmP/lu+UVa9fVbvilc+PKq3Ctb5i9bHIx/7Nfq6pveMRi9+D+sZi6ozFFeyk0KKvve21fob6V9BL1p/Zb3V4u+MdHysHl+rp/Gf8e0VGtF6PZuIFSnPV0mzV9hYwZPpVcF7UUPrb5kfP+af0tc1R9o+A3o+uHq+b/G9/b3JTggp7vrtlQusbP8KehY+ALA+FYpW70JPYjuTv2lW2LT+q7dn60nZPT9eqbh7av/rN8l38iRtlv6fzDw4Lf1XIfoir3BRr9KeXWBl+1fQ0/pkT7JE660W/wRYzcv1HymUMgq9T7T9O32FLbr9ilTvita+xy7P+ch8OSLf+dtvo9/Ju5L9DnkPL/9qZCeHFHfv7dkF1Qr+mXrWvtn342rxQIfX38t6z92ofvb4bpWP9PKbN+2IfMk6f6u6QrZK+5WsFTzy43h/9wJx9Dt5Ehut/1f7J6zgzRF9kVP0jfvin6tn7UuBB7swswoVqR/t72mfkS9Z52/ZK2Crt1+ZWXixtO+x61ixZb4s+U6exMbiwXW1bQJ7a//V2PJipb1Me88muiCz1tt1EAOAGKILPUs9b/+RFa5s/8z26va7kbHiF5Y/zf7DKyM2o/6fRO/Ru7LKRZ5xUUr8KerWapfaRhd4katqqxeoK8SD+rCap49Hobeu/1f7J9VX+Kztr6ySH/eonD+bF4yj38m7a3sL4PUO+aj9qP+s3iqwoke7pr1no/XX2EbYz/pEaHnoaanWn1OxSsZm/55Re4Ci/Ufspa/K9fQl+dYVj/ztJP8rUSt80v542Y/670K1fFmqeWs787pmxAyJ1r7nf2XVGYrKMxIz+tlFzentEnsKvDwtDz0t1fpzMt6rcNHxV1r1s17xY4Uvx/8TVvD2JDN/DsufvL6TN2rzadsc7aP1vKG4s23v2Zzgb63nWeBFULFPAFCfjCJ3tUKvdTSy/SX2o4saq+zRs/avRvX8WRrj1TbiO3mfZNv3kP7xJK9xzNhbUW2VJHJFaoUCK9vfWs+7wMu+PqVU19NSrT/Aal62v7X9boXeV/sn0StmM/lm5gqhVK9nf0XrL9Wzwnv8iS4KTfMnj+/k3Wn0OhS9R29Ur8fqyeNpK3o9m9P9d9Sr7O+tF60PtbD6e3uPj6vv4Yuyf8vFehqWeqvveYvcw2jdH0t7a/9RvSpkj//W+fOtj8d38u4C7bqCN6pjXZTOUm0FJHJFr2efXWBl+++oV9nfWy9aH/bFe1Vw9VW/TPuZY/VcoYtY0YpcwYvIh1nBs6H6GOqd39z6eH0nT2P7Zd+E+hJ7Ldd4o8UIr2uO2a+2QphdoO1QkFGEAADIqVjoNUGfRla0tHvevPfMSfNhbTyNvbW/t95ovMr6KQVea77fydPYzvpoZyykeBdDUbrVizqpbYWibtSeAi/+Psr299aL1of9YTWvtn21Qu+r/ZPMPYAVVhit40n1emj9e3qrkDm+mxZ4rfl9J0+iZ6nfw+qPx+uaMfbRBUd2e88mwj9TT6ufXbydXqxV79+uVJ8xj9pzZ61n3wVr1AAAGY9JREFUNZ5n7tnraXvkf5F73irsmbP++0bnl9b5Ka9r2vmr8yWv7+RpfGb139h1Bc86zgpFnaVe5IoeBR4FXmV9LdX7tzPeq2xaqq3SafVWtq+wIpbRH889c6zgveutiuVxpOVL/5gMENFh6xO8y4V3h/b4pP7W9hl6nv5S25Hj0caQUl0PAGAVKk0CRU8Yeo9v1uOjxXhdOT/y9l8dj/rD0+fV1vs7eVof7xmGqrOf1RLs1VfsJPYWA0alFUBpvAy9aPtq/tn6Wqr37wRYzYvV885/KuhH5n+7rTBK43npveHtvwor59tdW6/v5En1ej4S3wi9qlQr5qT20XoZM5qa9p5N9b9HdfvV9VaLD7ZY/T29krfR/lXbw6fJHyr8GwaRe+Ss9SL23Hn1ZySetd6bfZT/LmSP9yYrgF7fyZu1/fT55JQVvCvZF5nWv1pRJ7XNXvGT2Ff/21S3X11vtfhQl+xVwexVOkv/6ity1fWqrahlrRiO6t3ZX2EF755KY7xJgdfa8548iwR21vbJ3/IPYK1nTbXjlfqP2GfraeJZFIiZBR4AAMTg/XzOyNdWm1C11LPOhzzyq8r+1fA4nhIFXmv1v5N3p/FJ9r8CJHltIZJqK3ZS+2i9agNWpt6M5ur2q+utFh/qw2perr+H/Qkrep+ctucu+o25VVf8Kky6WPq+5ocVv5P35n/FWk9K5YvFQ2/1Ys5Db6UZSI3tDvbW/t561eJZs3r/vaiSHK0yvmbvQYre85e556viHkD23L3bR/nP6lWhYj6gzucqfifvyf+TKit41rrWVCvqpLbRepbHW/H4Zm13sLf299arFs+a1fvvSfYqmpbo/q+2Sqf1X3lFzkPPckUta8VwVG/G3tv/yirPLs8xqESB19r7d/Ksgmt8IrRm4/96+f9stP2R+s/YW9hY6c2cr5ULPAAAOIPq41E1Pev8JyKfisz3ovWs8e5fmQKvNd2evNkVvU8yZ88syLqQs1chsu2jCzJrvewC7zR7a39vvWrxrFm9/xFUGN80sJrn6+9hv/qKnrWe5QrhrJ6nvbV/T6/HKtuovOOZ5odfe/Is32l+sx/VH9XLShZ4XTPGPkNv5RlIje2IffXrqZp/tr6W6v3bHa/zH1V8afMDq3jWe4ii90Rl79l78tlVb7U9d9l79Eb1eqxenFnrmyxA/PHR4D2L9InFDEHmLGeV5Cd7RcLTfocCqrqexJ4Cz5Yqz5AnqvcP5skeP69498daf4dVu1ntns8OepJ81Vovwt7av6fXw+veX7loNCnwWpvfkzfbCQtfS41V+dXsLyhpAUGBt7YeAABA9mSxh96bz0zuEqkXrW/tnx0vuv9fMTO1Hn3+uBhF/quZFrNr1jMQVcl+aHqvilAwxupJfVjFs6V6EV69f6CH1bxcvUqreR722Xo9n+p6VvqfZK/wSeOtQtkCr7Xf9+SNBJh5R/pJY/bkrLInzpvVij9r++wZvmi9GVvvGUMN0fFW09NSrT9QC+vxV8tof7z3/Gj38Hn5r2YfpfemfedTXU+jfxdDEsvCX0r286RyPHX+NrMnz2oFTjsL9kmlGUlPspNS7SsAlvrVCzIKvFrxVtPTUq0/sA/Zq4DVV/1Y5Ytd5ZPaVtfT+rCCF0/JAq+1v+/J806wPTQ+tXa4UJ6wPr4ZPQo8vY+VnvX5BAAAqEr1CdDM/MXT98uffOKZsgVea79/J2+1Fb07vU9WWeHzvoGqr7rsVuBlH3+lv1eFeKvpaanWH9gPVvNq+a9m772ilbWi94nH8Y/qW8SzjL8rpQu81u4/hj4SQLOnzmJPX0/TUrsS2cmpd3J/+iuOFY4/0t7afzW9avGqs8v52CU5Gv17ZO+5sd7Dx549G3tJrvmmKYnvsSfO8/hn9LXxrOOfhPUbd2qf3sfQ34Qy/1XNO81PVh1EK6/oVStAPPQp8OLsrf1X06sWrzo7nY/sVbBoso/X440hVvli7DNW5KQ+0vxz5nxJ9LXxrOOfQrkCr7V/7snzTjAtfUf1V0oKvPur1a9WgHjoe/fXmgp9AAAA8KTC+J2Zb1j4Zhcgu5N9fh99Zv/hFY2Pha8kxud/VfDul1bfwt/D1ks/u7/VVtlYxfPVqxavOjuejx2P6Y3s4632TIj2P8E+exyX2mryrIy8Tht/V8oWeK3d/8MrPSp8J29U/0r1CzNihTPSv8KDVOJTrb+r21fz99arFs+b3Y4nmujxL5vR443ew8eevXXtvb87V2EPn1TfOp42/il4LdiofP/RszIOaqnR06+4gndl5xW9agVTz6daf1e3r+bvrVctnje7Hc9OrP63Wf3ezH7WVRsLPO2rjdsjPhZ5mdTeMs9c/fniQckCr7W5Ik8b3FJDEqvShendn+zl+BUfvNl6AAAAIKP6G1Ae+tH5mYfGLpQt8FqbL/K0nbDUkMaLWOG7xolcWcz+u6xY4FWamdzBvpq/t161eN7sdjw7svrfaPV7NPuZV21MwN7WftbHwvdTIyqvrUrpAq+1f35CoYflO70e38mTxoyM/UZE/AoPAs94vDKZZ1/N31uvWjwtq/UXZMz+favs6Rvtv1V/n+KxZ09m/+S/in618/MWS5ODWz8fGE9sz4FJ/j26klet4zMxM2YcMlf0vuJn+M5oUOCtZV/N31uvWjwtq/UX4ljt2ljh7RhLveqrfFL/avrVzo9lLAsNVvDuqVYn/WpN9rpmtQPQxvfsQ/bFr41/eoEnJft6BgAAABsqj+kVCr2rVuXzFUG14/+rP9I9eTsVeq3ZrbRlz2xYxqfAq6Vf0b6av7detXhaVusvxLPaNbLaRF72M7PaGFFRP3IiOfrvYaVx1Ttxha/0s2FkT57HHrrs72xo32kfJftCz34QVHywrq6v8c++nqs9DLP1tVTvH6zN7PWVtafvqb/s2bPx9443er3N9m9E3/u7e3cxJLFm4r3Ftsznr5w2PpXMR0ZW8jw6nv3Ht1rB6+lGYx2fAq+WvsY/u0CjwLOlev/gXKpdm6s9K7KftdXHFk/7im/mWPp75fMnruB9UvYZk/EPr6zAzE2beY484p9c4M1w2j0CAACwGxXzC8t4EbkQ+VARsv7hFQ89a976V2nmotpK6w4FXjX71eJZ+3vrRetrqd4/gGrX6GrPjOxnbvUxppq91GfFN60qxqhA6WfL054863dsV3tnd/ad5wrHY9mH6AdR9AxaxYFipXjW/t560fpSqvUHQMPT9cyevRi9aP/q8azs33wlPjPP+wrfyRvR/uLkMa1E/vK0krdasmbNaH8rrei1RoHn6Vu94Mou0FZ7ZlS4Xz+p1h8AL6pd66s9a7Kf1dXHpsj+Vc9bvDQytFeizDNF+gmFkxh5XbMSKxd40frV/nYAAACQA4WeHeRXhXgr8qrNPmVw1+eKx7F6gbfbzFv1mctq/t560fpSqvUHwJtq1/xqz5zsZ3b1MWqFwotCb09KPUu+9uSdvgfvE+k7xZWOyaMvmQ+i3R7sqw3M1v7eetH6Uqr1ByCT0fshag8fe/Z8/bV/72p76laIZxFfqmmpvRMp+c4/3hqtgy2C9z4yLyjw/GNofLMLrGx/b71ofSnV+gOwCtn3zmrPquxn/Qpjv8Z3pXieWp6au5H2DGFP3j0jf5DdL+zsVwm8WaGPAAAA4Ed0LkChB2F8FnnVZpOyeet/tWOr9LfbfU/fCvGq+XvrRetLqdYfgNXIvodWe2ZlP/N3H2Mzzg+F3pqkPjv+kBi/UP2dXOt33q3svcl+UGs1Tnhw7+TvrRetXz3+0vz3f/1/zt8NP35+z/qOXHW898xlxz99z57Wv+KeP62/5XfxZuJLtXmmjxOSH1m9rln9DxvRv2rnoELCT4F3jr+3XrR+9fhLQ4H3DOdGTPb5Wu1Zlz1WrOaf2d/sPCxTe2fCnhnsyQMvuPkBAAAA5qmeS1Xv39FYFnnV/9AnzWasNlOW7b9af6v5e+tF61ePvzSsVPXhHInJPl+rPfOyx4zV/Ffrr7V/tv5OhP4tvv34+f0/J0Sq7Rmo1p8vsi98Bgb8Lf299aL1q8cvBYXHGrCn7zeyz4d3fGt9rR7+a/tn68OfmIy3syt51Qb7av1pLb9P1RJ6/Nf299aL1q8evxQUeOvA3+o3ss/Has/K7LEG/1z/bH0wPMfsyQMAAAAAANgITZFXrZqv1J/svjCzh7+lv7detH71+KVgZWg9+Jv9Rvb5WO2ZmT3m4J/rn61/Mqbn9tuPn9//4+53yyATZMePIvpGYSDYy381vWj96vFToRCAOw7c05d9vKvtoaq2Zyy7P6v7Z+vDHEPj99NKXvbgnx0/Ago8/C2prhetXz1+KhR48MSB10b28a72rN1t7DvdP1sf5Az/TdiTBwAAAAAAsBFvRV529Z4d3xNW8fC3pLpetH71+KkcuFIDQg68RrKPd7Vn7m5j4On+2fowjuhv8bQnzxve8b2H4s+W7P5UOx5vvWj96vFDOTAxhwTYs7dd/Gp75Kz1sv2t9ar1x5pq/Xmi+nj7q7W81zWrn5wMKPBsye5PtePx1ovWrx4/FAo8iOLAay37eFd7VlfTy/a31qvWH2uq9eeO6n38q3/syQMAAAAAANiIzCKveiUcCat4tmT3p9rxeOtF61ePH8qBKyuQzIHXXPbxrvbMrqaX7W+tV60/1lTrzyeV+9bapX/ffvz8/v8MRFd5h3Z1eNDX0qvWH2+9aP3q8UM5MLGGDThgD1/28bFnL9f/dL1q8VYhZDy3Wskj+fBntYR9d71q/fHWi9avHj8UCjxYlQOu3ezjW+1ZX02vWn9W06sWbwXCzgl78gAAAAAAADbCssijWveDmbpaetX6460XrV89figHrITA5hxwDWcf32rP/Gp61fqzml61eJUJPRfffvz8/n/vfo/sBJjBgx69lfSrxw/lgEQYgD16+8WvvmcMPV+yr/dTGcoXnlbySDbWY7WEH71aetH61eOHQoEHp3DAtZ59fKuv0qBXS69aPBCcc/bkAQAAAAAAbMRbkUd1vg6rreqgV0svWr96/FAOWNkA+BsHXPPZx7f6ag56tfSqxTsZ0bl+2pMXza7v9Fa78FcrDqrreeuf9qDOju/KAYktgDkb7uHLPp7V92zxXUBfsq9PMKTK65o7Jj/Vjun0Auf0468Wr1p8VyjwAObY8N7JPp7Vx5bTx/LVjh8SqVLkAQAAAAAAgAGVirydZg+qHctqMz/V9bz1V59pXS2+KxuuRACEsuE9lH08q48xp4/pqx0/JPHtx8/v/2fGz7wncMfqD+LV9Vfrb7V41eK7smEiClCODffoXck+vtX37Hnrr9bfaP3q8avikj/MruSRzPizWwGwmv5q/a0Wr1p8VyjwAGI44F7LPr7dxiZyg1j96vEr4nZOKr2uCQAAAAAAAEo0RR7VuB/MpOXqr9bfavGqxXflgJUFgFIccM9lH99uYxQ5Qqx+9fiVcD0Xs3vyoCY8mM/Sz45XLb4rBySWAMvDnr3t4q++R211/ex4MMev1nhdcyd2KyjQrx2vWnxXKPAA1uCAezX7+HYb29CvHQ/k/PU3osgDAAAAAADYCIq8PdhtJgf92vGqxXflgJUBgK044J7NPr7dxjj0a8eDcf72t/n24+f3f3cIwju791S7MXZ7MOx2PNnxqsV35YDEEOB4NtyzV+14dtsjttvxZMezZpX+p+QXXit5JEu/U+2c7Fag7HY82fGqxXeFAg/gDDa816sdz25j427Hkx3PmhX6n9ZHXtcEAAAAAADYCM8ib4XqOopq52K3maLdjic7XrX4rmw4sw8AL2x4z1c7nt3GyN2OJzueNZX7n9o3rz15EEP2hb3bg+i089mjWn9M2TDRAwAhG+7Ru1Lt+Hbfc7Z7vB7V+nMqfCdvcbITVAq8veJfqdYfUyjwAKC1I54F1Y5vt9zhtHg9qvXnRPhOHgAAAAAAwI5Q5K1J9kzJbjNVp53PHtX6Y8oBM/cAIOCAZ0K149sthzgtXo9q/TmJ376T928BQU95R3e1Czu7v6c9CLPjX6nWH1MOSNwAwJkN9+xVP57s/p22py47fjSzx7tkPhG1krfkyRGy2jFm95cCL5dq/TGFAg8ALNjwWVL9eLL7R26yNzPHu+w54nVNAAAAAACAjYgs8pathAdY7diy+8tMWS7V+mPKhjPvAJDIhs+U6seT3T9ylL2RHO/S5yZqTx74kH3xEb821funYsPECwCKs+EevSvVjy+7f6fH71G9f0fB65rrkp3gEr821funggIPADI44NlT/fiy+3d6/B7V+3cUFHkAAAAAAAAbQZG3JtkzJcSvTfX+qThgJh0ACnPAM6j68WX37/T4Par37xi+/fj5/V89dB00V2D1C7ta/7P7kx2/R/X+mXJAYgUAi8OevXSq9Y/+5FLleFPyF6+VvBOTsdWPuVr/s/uTHb9H9f6ZQoEHACtwwLOq+vFV6x/9yaXC8ab1gdc1AQAAAAAANsKzyKtQPUex+rFW6392f7Lj96jeP1MOmBkHgI044JlV/fiq9Y/+5JJ5vKnn2mtPHuRQ/cat1r9q/blSvX+mHJAYAcBhHLBH78pqx1utv9X6c6V6/+ADXtfch+oJcrX+VevPler9M4UCDwB25MBn22rHW62/1fpzpXr/4AOKPAAAAAAAgI2gyNuD6jMr1fpXrT9XqvfPlANnugHgIA58xq12vNX6W60/V6r3D/6Xbz9+fv/j7vfwnpzB6jdG9f5X79+V1fpryoGJDwAczoF79K6sdvzV+1u9f1p2P75ZhvKnp5U8ki97Vj+n1ftfvX9XVuuvKRR4AHAiPPuWG/uq97d6/7TsfnwzDJ8TXtcEAAAAAADYiLcij+rZjtXPZfX+V+/fldX6awoz2QBwMjwDlxsDq/e3ev+07H58EkTn4mlPHpzBajcO/V0IEhkAABns2Vt+D9Zq/V+tvyCA1zXPZbUEnP4uBAUeAIAcnp3Lj52r9X+1/oIAijwAAAAAAICNoMg7k9VmbujvQjATDQAwD8/Q5cfQ1fq/Wn9hEPbkrcVuN+Lqx7N6/00hMQEA8IU9e9vtIeN4wA1W8tZhtwR69eNZvf+mUOABAPjDs3a7sZfjATco8gAAAAAAADaCIm8NdpsZWf14Vu+/KcwsAwDEwTN3uzGY4wEXvv34+f1fRuzce7Imp1/Iux3/bsdjCokFAEAt2KPXZbfzs9vxWLPr+ZnKv0ZX8kjufuf0c7Lb8e92PKZQ4AEA1INnc5fdzs9ux2PNjudn+ph4XRMAAAAAAGAjJEXejtXxLKefi92Of7fjMYWZYgCAuvCM7rLb+dnteKzZ6fyojmV0Tx6cwU43xh27H58KEgUAgL1gz16X3c/P7scHL/C6Jnyxe4K/+/GpoMADANgPnu1ddj8/ux8fvECRBwAAAAAAsBEUedDa/jM9ux+fCmZ6AQD2hWd8l93Pz+7HBw+wJ28vTruRTzteUxj4AQDOgj16ak4/f6cf/1KwkrcPpyXspx2vKRR4AADnwbNfzenn7/TjXwqKPAAAAAAAgI2gyNuD02ZWTjteU5jJBQA4F8YANaefv9OPfxnYkxcLN4YMzpcCBnIAAJDAnj1zOJ8yOF+GsJIXBwm3DM6XAgo8AACQwthhDudTBufLEIo8AAAAAACAjaDIi4GZCRmcLwXMxAIAwCyMIeZwPmVwvoz49uPndwo98IIb1REGYgAAiIQ9e+5wfsEMCjzwggLEEQo8AACIhrHHHc4vmEGRBwAAAAAAsBEUeeABM1GOMJMKAABZMAa5w/kFE9iTBxJ48ATCQAoAACvBnr1wON/wCAUejELBEQgFHgAArAZjVzicb3iEIg8AAAAAAGAjKPJgBGaKAmEmFAAAVoUxLBzON9zCnryz4EFQCAZCAAA4CfbslYO/x8ZQ4J0DBUUhKPAAAOA0GPvKwd9jYyjyAAAAAAAANoIi7wyYqSkEM5kAAHAqjIHl4O+xKezJqw033sIwkAEAAIzDnr3l4e9XCAq8ulAgLAwFHgAAgAzGzuXh71cIijwAAAAAAICNoMirCTMhC8NMJAAAwByMocvD368I7MmTwYV7MAw8AAAAebBnDzpwfXxAgTcOCf7BUOABAADkwlgMHbg+PqDIAwAAAAAA2AiKvDGYGTgYZg4BAABqwJgMHbg+/pdvvN8M8CcMHAAAAPtAjgsnw0oeQKPAAwAA2A3GdjgZijwAAAAAAICNoMiD42GmDwAAYE8Y4+FU2JMH28KDHQAAAEYhJ4adYCUPtoQCDwAAACSQO8BOUOQBAAAAAABsBEUebAczcQAAADADOQTsAnvyYBl48AIAAEAVyKGhMqzkwRJQ4AEAAEAlyE2gMhR5AAAAAAAAG0GRB+VhpgwAAAAqQo4CVWFPHqTBgxEAAABOgZwbImElD1KgwAMAAICTIPeBSCjyAAAAAAAANoIiD8JhJgsAAABOhBwIomBPHkzDgwoAAADAB3J00MBKHkxBgQcAAADgB7kWaKDIAwAAAAAA2AiKPBDDzBIAAACAP+RcMAt78g6GBwcAAADAnpDjnw0reYdCgQcAAACwL+R6Z0ORBwAAAAAAsBEUeQfCzA4AAADA/pDznQt78haCGxUAAAAAMqBmWAtW8haBAg8AAAAAsiAXXQuKPAAAAAAAgI2gyFsAZk4AAAAAIBty0nVgT54CLnQAAAAAAH+oWWSwkjcJBR4AAAAAQAzk3jIo8gAAAAAAADaCIm8CZhIAAAAAAGIhBx/nfwDfXDVBmYTeeAAAAABJRU5ErkJggg==" />
+    
+        
+        
+        
+        
+        
+        <clipPath
+   id="_clip1">
+            <path
+   d="M1160.96,1113.4C1160.96,1113.4 1235.87,1095.92 1277.68,1142.4C1332.63,1203.47 1178.14,1337.83 1161.74,1479.73C1153.01,1555.27 1024.63,1426.94 1073.96,1335.34C1104.71,1250.9 1133.78,1176.5 1160.96,1113.4Z"
+   id="path12" />
+        </clipPath>
+        
+        
+        
+        <clipPath
+   id="_clip2">
+            <path
+   d="M971.429,1124.4C971.429,1124.4 1064.96,1049.4 1160.96,1113.4C1160.96,1113.4 1175.96,1258.34 1073.96,1335.34C1073.96,1335.34 1041.89,1332.4 971.429,1124.4Z"
+   id="path33" />
+        </clipPath>
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+    </defs>
+</svg>

From 3342902d9a354c71ba72a939af82d535f043d079 Mon Sep 17 00:00:00 2001
From: ArenM <aren@peacevolution.org>
Date: Thu, 17 Nov 2022 18:06:10 -0500
Subject: [PATCH 072/244] Warn about 'read' without a variable in POSIX sh

Dash throws an error if the read command isn't supplied a variable name.
---
 src/ShellCheck/Checks/ShellSupport.hs | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index 30a19b9..eda6882 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -184,6 +184,10 @@ prop_checkBashisms96 = verifyNot checkBashisms "#!/bin/dash\necho $_"
 prop_checkBashisms97 = verify checkBashisms "#!/bin/sh\necho ${var,}"
 prop_checkBashisms98 = verify checkBashisms "#!/bin/sh\necho ${var^^}"
 prop_checkBashisms99 = verify checkBashisms "#!/bin/dash\necho [^f]oo"
+prop_checkBashisms100 = verify checkBashisms "read -r"
+prop_checkBashisms101 = verify checkBashisms "read"
+prop_checkBashisms102 = verifyNot checkBashisms "read -r foo"
+prop_checkBashisms103 = verifyNot checkBashisms "read foo"
 checkBashisms = ForShell [Sh, Dash] $ \t -> do
     params <- ask
     kludge params t
@@ -284,6 +288,13 @@ checkBashisms = ForShell [Sh, Dash] $ \t -> do
           argString = concat $ oversimplify arg
           flagRegex = mkRegex "^-[eEsn]+$"
 
+    bashism t@(T_SimpleCommand _ _ (cmd:args))
+        | t `isCommand` "read" && length (onlyNames args) == 0 =
+            warnMsg (getId cmd) 3061 "read without a variable is"
+      where
+        notFlag arg = head (concat $ oversimplify arg) /= '-'
+        onlyNames = filter (notFlag)
+
     bashism t@(T_SimpleCommand _ _ (cmd:arg:_))
         | getLiteralString cmd == Just "exec" && "-" `isPrefixOf` concat (oversimplify arg) =
             warnMsg (getId arg) 3038 "exec flags are"

From 2a16a4e8c18745887ca33c545854bdcb3097fede Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 10 Dec 2022 10:46:49 -0800
Subject: [PATCH 073/244] Add missing imports for later GHC versions

---
 ShellCheck.cabal              | 9 ++++++---
 shellcheck.hs                 | 2 ++
 src/ShellCheck/AnalyzerLib.hs | 1 +
 src/ShellCheck/Fixer.hs       | 1 +
 4 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/ShellCheck.cabal b/ShellCheck.cabal
index b22b5c8..abb32d0 100644
--- a/ShellCheck.cabal
+++ b/ShellCheck.cabal
@@ -54,11 +54,12 @@ library
       Diff >= 0.2.0,
       directory >= 1.2.3.0,
       fgl,
-      mtl >= 2.2.1,
       filepath,
+      mtl >= 2.2.1,
       parsec,
-      regex-tdfa,
       QuickCheck >= 2.7.4,
+      regex-tdfa,
+      transformers,
       -- When cabal supports it, move this to setup-depends:
       process
     exposed-modules:
@@ -112,6 +113,7 @@ executable shellcheck
       parsec >= 3.0,
       QuickCheck >= 2.7.4,
       regex-tdfa,
+      transformers,
       ShellCheck
     default-language: Haskell98
     main-is: shellcheck.hs
@@ -128,11 +130,12 @@ test-suite test-shellcheck
       Diff >= 0.2.0,
       directory >= 1.2.3.0,
       fgl,
-      mtl >= 2.2.1,
       filepath,
+      mtl >= 2.2.1,
       parsec,
       QuickCheck >= 2.7.4,
       regex-tdfa,
+      transformers,
       ShellCheck
     default-language: Haskell98
     main-is: test/shellcheck.hs
diff --git a/shellcheck.hs b/shellcheck.hs
index a525251..4e8a155 100644
--- a/shellcheck.hs
+++ b/shellcheck.hs
@@ -34,6 +34,8 @@ import qualified ShellCheck.Formatter.Quiet
 
 import           Control.Exception
 import           Control.Monad
+import           Control.Monad.IO.Class
+import           Control.Monad.Trans.Class
 import           Control.Monad.Except
 import           Data.Bits
 import           Data.Char
diff --git a/src/ShellCheck/AnalyzerLib.hs b/src/ShellCheck/AnalyzerLib.hs
index 444c751..47ea91d 100644
--- a/src/ShellCheck/AnalyzerLib.hs
+++ b/src/ShellCheck/AnalyzerLib.hs
@@ -32,6 +32,7 @@ import ShellCheck.Regex
 
 import Control.Arrow (first)
 import Control.DeepSeq
+import Control.Monad
 import Control.Monad.Identity
 import Control.Monad.RWS
 import Control.Monad.State
diff --git a/src/ShellCheck/Fixer.hs b/src/ShellCheck/Fixer.hs
index 358dec9..0d3c8f4 100644
--- a/src/ShellCheck/Fixer.hs
+++ b/src/ShellCheck/Fixer.hs
@@ -23,6 +23,7 @@ module ShellCheck.Fixer (applyFix, removeTabStops, mapPositions, Ranged(..), run
 
 import ShellCheck.Interface
 import ShellCheck.Prelude
+import Control.Monad
 import Control.Monad.State
 import Data.Array
 import Data.List

From 495e34d10179715e8a675ca3e721b47757c9dc0f Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 11 Dec 2022 14:18:47 -0800
Subject: [PATCH 074/244] Add missing Semigroup import for older GHC

---
 src/ShellCheck/Prelude.hs | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/ShellCheck/Prelude.hs b/src/ShellCheck/Prelude.hs
index 7e9011b..7610c46 100644
--- a/src/ShellCheck/Prelude.hs
+++ b/src/ShellCheck/Prelude.hs
@@ -21,6 +21,9 @@
 -- Generic basic utility functions
 module ShellCheck.Prelude where
 
+import Data.Semigroup
+
+
 -- Get element 0 or a default. Like `head` but safe.
 headOrDefault _ (a:_) = a
 headOrDefault def _   = def

From 74b1745a1998c5b0a203a5d3c67dade7997ad1b2 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 11 Dec 2022 14:48:00 -0800
Subject: [PATCH 075/244] Fix compiler error on some GHC versions

Fixes the following error:

    src/ShellCheck/CFGAnalysis.hs:1394:40: error:
	* Couldn't match expected type `[S.Set a]'
		      with actual type `M.Map String FunctionValue'
	* In the second argument of `($)', namely
	    `mapStorage $ sFunctionTargets state'
	  In the expression: S.unions $ mapStorage $ sFunctionTargets state
	  In an equation for `declaredFuncs':
	      declaredFuncs = S.unions $ mapStorage $ sFunctionTargets state
	* Relevant bindings include
	    declaredFuncs :: S.Set a
	      (bound at src/ShellCheck/CFGAnalysis.hs:1394:13)
---
 src/ShellCheck/CFGAnalysis.hs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ShellCheck/CFGAnalysis.hs b/src/ShellCheck/CFGAnalysis.hs
index 7b270a8..cac913e 100644
--- a/src/ShellCheck/CFGAnalysis.hs
+++ b/src/ShellCheck/CFGAnalysis.hs
@@ -1391,7 +1391,7 @@ analyzeControlFlow params t =
     getFunctionTargets :: InternalState -> M.Map Node FunctionDefinition
     getFunctionTargets state =
         let
-            declaredFuncs = S.unions $ mapStorage $ sFunctionTargets state
+            declaredFuncs = S.unions $ M.elems $ mapStorage $ sFunctionTargets state
             getFunc d =
                 case d of
                     FunctionDefinition _ entry _ -> Just (entry, d)

From 3cae6cd6abe16b18a1c95598561d5afca1135cec Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 11 Dec 2022 15:05:33 -0800
Subject: [PATCH 076/244] Allow building on deepseq < 1.4.2.0

---
 src/ShellCheck/CFGAnalysis.hs | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/ShellCheck/CFGAnalysis.hs b/src/ShellCheck/CFGAnalysis.hs
index cac913e..4e36cf5 100644
--- a/src/ShellCheck/CFGAnalysis.hs
+++ b/src/ShellCheck/CFGAnalysis.hs
@@ -20,6 +20,7 @@
 {-# LANGUAGE TemplateHaskell #-}
 {-# LANGUAGE RankNTypes #-}
 {-# LANGUAGE DeriveAnyClass, DeriveGeneric #-}
+{-# LANGUAGE CPP #-}
 
 {-
     Data Flow Analysis on a Control Flow Graph.
@@ -433,6 +434,13 @@ data StackEntry s = StackEntry {
 }
     deriving (Eq, Generic, NFData)
 
+#if MIN_VERSION_deepseq(1,4,2)
+-- Our deepseq already has a STRef instance
+#else
+-- Older deepseq (for GHC < 8) lacks this instance
+instance NFData (STRef s a) where
+    rnf = (`seq` ())
+#endif
 
 -- Overwrite a base state with the contents of a diff state
 -- This is unrelated to join/merge.

From 985ca2530d475f6bf93fa81d31cc220fccddeea8 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 11 Dec 2022 16:34:29 -0800
Subject: [PATCH 077/244] Add Docker testing for older and newer Ubuntu
 versions

---
 test/buildtest  | 3 ++-
 test/distrotest | 3 +++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/test/buildtest b/test/buildtest
index 1d194fc..469539b 100755
--- a/test/buildtest
+++ b/test/buildtest
@@ -22,7 +22,8 @@ fi
 
 cabal install --dependencies-only --enable-tests "${flags[@]}" ||
   cabal install --dependencies-only "${flags[@]}" ||
-    die "can't install dependencies"
+    cabal install --dependencies-only --max-backjumps -1 "${flags[@]}" ||
+      die "can't install dependencies"
 cabal configure --enable-tests "${flags[@]}" ||
   die "configure failed"
 cabal build ||
diff --git a/test/distrotest b/test/distrotest
index 464768c..e1711ea 100755
--- a/test/distrotest
+++ b/test/distrotest
@@ -67,7 +67,10 @@ fedora:latest         dnf install -y cabal-install ghc-template-haskell-devel fi
 archlinux:latest      pacman -S -y --noconfirm cabal-install ghc-static base-devel
 
 # Ubuntu LTS
+ubuntu:22.04          apt-get update && apt-get install -y cabal-install
 ubuntu:20.04          apt-get update && apt-get install -y cabal-install
+ubuntu:18.04          apt-get update && apt-get install -y cabal-install
+ubuntu:16.04          apt-get update && apt-get install -y cabal-install
 
 # Stack on Ubuntu LTS
 ubuntu:20.04          set -e; apt-get update && apt-get install -y curl && curl -sSL https://get.haskellstack.org/ | sh -s - -f && cd /mnt && exec test/stacktest

From 8754c21244ada70c070763644044fa166387f708 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 11 Dec 2022 16:37:49 -0800
Subject: [PATCH 078/244] Avoid $ trigger TH

---
 src/ShellCheck/Formatter/CheckStyle.hs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ShellCheck/Formatter/CheckStyle.hs b/src/ShellCheck/Formatter/CheckStyle.hs
index c79ac21..6ad6c9c 100644
--- a/src/ShellCheck/Formatter/CheckStyle.hs
+++ b/src/ShellCheck/Formatter/CheckStyle.hs
@@ -88,7 +88,7 @@ outputError file error = putStrLn $ concat [
 attr s v = concat [ s, "='", escape v, "' " ]
 escape = concatMap escape'
 escape' c = if isOk c then [c] else "&#" ++ show (ord c) ++ ";"
-isOk x = any ($x) [isAsciiUpper, isAsciiLower, isDigit, (`elem` " ./")]
+isOk x = any ($ x) [isAsciiUpper, isAsciiLower, isDigit, (`elem` " ./")]
 
 severity "error" = "error"
 severity "warning" = "warning"

From a7c5be93dcbd4c219615e44030073158df4426e5 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 11 Dec 2022 12:29:05 -0800
Subject: [PATCH 079/244] Tighten bounds on packages

---
 ShellCheck.cabal | 61 ++++++++++++++++++++++++++----------------------
 1 file changed, 33 insertions(+), 28 deletions(-)

diff --git a/ShellCheck.cabal b/ShellCheck.cabal
index abb32d0..dab588c 100644
--- a/ShellCheck.cabal
+++ b/ShellCheck.cabal
@@ -45,21 +45,26 @@ library
       build-depends:
         semigroups
     build-depends:
-      aeson,
-      array,
-      base >= 4.8.0.0 && < 5,
-      bytestring,
-      containers >= 0.5,
-      deepseq >= 1.4.0.0,
-      Diff >= 0.2.0,
-      directory >= 1.2.3.0,
-      fgl,
-      filepath,
-      mtl >= 2.2.1,
-      parsec,
-      QuickCheck >= 2.7.4,
-      regex-tdfa,
-      transformers,
+      -- The lower bounds are based on GHC 7.10.3
+      -- The upper bounds are based on GHC 9.4.3
+      aeson                >= 1.4.0 && < 2.2,
+      array                >= 0.5.1 && < 0.6,
+      base                 >= 4.8.0.0 && < 5,
+      bytestring           >= 0.10.6 && < 0.12,
+      containers           >= 0.5.6 && < 0.7,
+      deepseq              >= 1.4.1 && < 1.5,
+      Diff                 >= 0.4.0 && < 0.5,
+      fgl                  >= 5.7.0 && < 5.9,
+      filepath             >= 1.4.0 && < 1.5,
+      mtl                  >= 2.2.2 && < 2.3,
+      parsec               >= 3.1.14 && < 3.2,
+      QuickCheck           >= 2.14.2 && < 2.15,
+      regex-tdfa           >= 1.2.0 && < 1.4,
+      transformers         >= 0.4.2 && < 0.6,
+
+      -- getXdgDirectory from 1.2.3.0
+      directory            >= 1.2.3 && < 1.4,
+
       -- When cabal supports it, move this to setup-depends:
       process
     exposed-modules:
@@ -101,17 +106,17 @@ executable shellcheck
     build-depends:
       aeson,
       array,
-      base >= 4 && < 5,
+      base,
       bytestring,
       containers,
-      deepseq >= 1.4.0.0,
-      Diff >= 0.2.0,
-      directory >= 1.2.3.0,
+      deepseq,
+      Diff,
+      directory,
       fgl,
-      mtl >= 2.2.1,
+      mtl,
       filepath,
-      parsec >= 3.0,
-      QuickCheck >= 2.7.4,
+      parsec,
+      QuickCheck,
       regex-tdfa,
       transformers,
       ShellCheck
@@ -123,17 +128,17 @@ test-suite test-shellcheck
     build-depends:
       aeson,
       array,
-      base >= 4 && < 5,
+      base,
       bytestring,
       containers,
-      deepseq >= 1.4.0.0,
-      Diff >= 0.2.0,
-      directory >= 1.2.3.0,
+      deepseq,
+      Diff,
+      directory,
       fgl,
       filepath,
-      mtl >= 2.2.1,
+      mtl,
       parsec,
-      QuickCheck >= 2.7.4,
+      QuickCheck,
       regex-tdfa,
       transformers,
       ShellCheck

From 7cfcf6db8a3d5a15cfd361293bbbe2d38d473c5e Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 11 Dec 2022 19:22:42 -0800
Subject: [PATCH 080/244] Fix stack build

---
 test/distrotest | 2 +-
 test/stacktest  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/test/distrotest b/test/distrotest
index e1711ea..53a40a7 100755
--- a/test/distrotest
+++ b/test/distrotest
@@ -73,7 +73,7 @@ ubuntu:18.04          apt-get update && apt-get install -y cabal-install
 ubuntu:16.04          apt-get update && apt-get install -y cabal-install
 
 # Stack on Ubuntu LTS
-ubuntu:20.04          set -e; apt-get update && apt-get install -y curl && curl -sSL https://get.haskellstack.org/ | sh -s - -f && cd /mnt && exec test/stacktest
+ubuntu:22.04          set -e; apt-get update && apt-get install -y curl && curl -sSL https://get.haskellstack.org/ | sh -s - -f && cd /mnt && exec test/stacktest
 EOF
 
 exit "$final"
diff --git a/test/stacktest b/test/stacktest
index ae04f1b..9eb8d1e 100755
--- a/test/stacktest
+++ b/test/stacktest
@@ -3,7 +3,7 @@
 # various resolvers. It's run via distrotest.
 
 resolvers=(
-  nightly-"$(date -d "3 days ago" +"%Y-%m-%d")"
+#  nightly-"$(date -d "3 days ago" +"%Y-%m-%d")"
 )
 
 die() { echo "$*" >&2; exit 1; }

From ae199edb680dd416790b7890fa52e64a11f2b4af Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 11 Dec 2022 20:50:33 -0800
Subject: [PATCH 081/244] Let distrotest fail fast when there remaining
 executables

---
 test/distrotest | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/test/distrotest b/test/distrotest
index 53a40a7..4ad66f8 100755
--- a/test/distrotest
+++ b/test/distrotest
@@ -25,6 +25,13 @@ exit 0
 echo "Deleting 'dist' and 'dist-newstyle'..."
 rm -rf dist dist-newstyle
 
+execs=$(find . -name shellcheck)
+
+if [ -n "$execs" ]
+then
+  die "Found unexpected executables. Remove and try again: $execs"
+fi
+
 log=$(mktemp) || die "Can't create temp file"
 date >> "$log" || die "Can't write to log"
 

From 8c5fdc3522236767e9ce840b57da2a13b32eb4ed Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Mon, 12 Dec 2022 21:49:01 -0800
Subject: [PATCH 082/244] Update copyright years

---
 shellcheck.1.md                   | 2 +-
 src/ShellCheck/Analytics.hs       | 2 +-
 src/ShellCheck/Analyzer.hs        | 2 +-
 src/ShellCheck/AnalyzerLib.hs     | 2 +-
 src/ShellCheck/Checker.hs         | 2 +-
 src/ShellCheck/Checks/Commands.hs | 2 +-
 src/ShellCheck/Parser.hs          | 2 +-
 7 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/shellcheck.1.md b/shellcheck.1.md
index c345a2b..9675e79 100644
--- a/shellcheck.1.md
+++ b/shellcheck.1.md
@@ -378,7 +378,7 @@ long list of wonderful contributors.
 
 # COPYRIGHT
 
-Copyright 2012-2021, Vidar Holen and contributors.
+Copyright 2012-2022, Vidar Holen and contributors.
 Licensed under the GNU General Public License version 3 or later,
 see https://gnu.org/licenses/gpl.html
 
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index f50510d..1f6d96d 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -1,5 +1,5 @@
 {-
-    Copyright 2012-2021 Vidar Holen
+    Copyright 2012-2022 Vidar Holen
 
     This file is part of ShellCheck.
     https://www.shellcheck.net
diff --git a/src/ShellCheck/Analyzer.hs b/src/ShellCheck/Analyzer.hs
index 06b6e53..53717ed 100644
--- a/src/ShellCheck/Analyzer.hs
+++ b/src/ShellCheck/Analyzer.hs
@@ -1,5 +1,5 @@
 {-
-    Copyright 2012-2019 Vidar Holen
+    Copyright 2012-2022 Vidar Holen
 
     This file is part of ShellCheck.
     https://www.shellcheck.net
diff --git a/src/ShellCheck/AnalyzerLib.hs b/src/ShellCheck/AnalyzerLib.hs
index 47ea91d..ca928fd 100644
--- a/src/ShellCheck/AnalyzerLib.hs
+++ b/src/ShellCheck/AnalyzerLib.hs
@@ -1,5 +1,5 @@
 {-
-    Copyright 2012-2021 Vidar Holen
+    Copyright 2012-2022 Vidar Holen
 
     This file is part of ShellCheck.
     https://www.shellcheck.net
diff --git a/src/ShellCheck/Checker.hs b/src/ShellCheck/Checker.hs
index c8d2c39..b56be68 100644
--- a/src/ShellCheck/Checker.hs
+++ b/src/ShellCheck/Checker.hs
@@ -1,5 +1,5 @@
 {-
-    Copyright 2012-2020 Vidar Holen
+    Copyright 2012-2022 Vidar Holen
 
     This file is part of ShellCheck.
     https://www.shellcheck.net
diff --git a/src/ShellCheck/Checks/Commands.hs b/src/ShellCheck/Checks/Commands.hs
index e97ecd6..691836f 100644
--- a/src/ShellCheck/Checks/Commands.hs
+++ b/src/ShellCheck/Checks/Commands.hs
@@ -1,5 +1,5 @@
 {-
-    Copyright 2012-2021 Vidar Holen
+    Copyright 2012-2022 Vidar Holen
 
     This file is part of ShellCheck.
     https://www.shellcheck.net
diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index dd0f0f0..7a50967 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -1,5 +1,5 @@
 {-
-    Copyright 2012-2021 Vidar Holen
+    Copyright 2012-2022 Vidar Holen
 
     This file is part of ShellCheck.
     https://www.shellcheck.net

From a526ee08290cc127bc1aa5a05e9b927af87b6ef3 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Mon, 12 Dec 2022 19:58:11 -0800
Subject: [PATCH 083/244] Stable version 0.9.0

This release is dedicated to Mindustry: the most fun you can
have with open source (outside of shell scripting of course).
---
 CHANGELOG.md     | 2 +-
 ShellCheck.cabal | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index c363eb5..57951c8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,4 +1,4 @@
-## Git
+## v0.9.0 - 2022-12-12
 ### Added
 - SC2316: Warn about 'local readonly foo' and similar (thanks, patrickxia!)
 - SC2317: Warn about unreachable commands
diff --git a/ShellCheck.cabal b/ShellCheck.cabal
index dab588c..1226588 100644
--- a/ShellCheck.cabal
+++ b/ShellCheck.cabal
@@ -1,5 +1,5 @@
 Name:             ShellCheck
-Version:          0.8.0
+Version:          0.9.0
 Synopsis:         Shell script analysis tool
 License:          GPL-3
 License-file:     LICENSE

From 5a3eb89e385d3667ecda33cfe769571ffc9dd7a3 Mon Sep 17 00:00:00 2001
From: Samuel Lijin <sam@trunk.io>
Date: Fri, 3 Feb 2023 09:17:47 -0800
Subject: [PATCH 084/244] Document Trunk Check integration

Trunk Check is a universal linter which integrates with a wide variety of linters and formatters, `shellcheck` included.

We're big fans of `shellcheck` and figured that you might find our tool to be interesting enough to include it in the integrations list.
---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 6f3e4a9..8cf3584 100644
--- a/README.md
+++ b/README.md
@@ -112,6 +112,7 @@ Services and platforms that have ShellCheck pre-installed and ready to use:
 * [Code Factor](https://www.codefactor.io/)
 * [CircleCI](https://circleci.com) via the [ShellCheck Orb](https://circleci.com/orbs/registry/orb/circleci/shellcheck)
 * [Github](https://github.com/features/actions) (only Linux)
+* [Trunk Check](https://trunk.io/products/check) (universal linter; [allows you to explicitly version your shellcheck install](https://github.com/trunk-io/plugins/blob/bcbb361dcdbe4619af51ea7db474d7fb87540d20/.trunk/trunk.yaml#L32)) via the [shellcheck plugin](https://github.com/trunk-io/plugins/blob/main/linters/shellcheck/plugin.yaml)
 
 Most other services, including [GitLab](https://about.gitlab.com/), let you install
 ShellCheck yourself, either through the system's package manager (see [Installing](#installing)),

From 78dea1d4f93987c7e52df121f8062da3387d0f2e Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 4 Feb 2023 10:27:59 -0800
Subject: [PATCH 085/244] Update changelog from release

---
 CHANGELOG.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 57951c8..fc1c0ce 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,11 @@
+## Git
+### Added
+
+### Fixed
+
+### Changed
+
+
 ## v0.9.0 - 2022-12-12
 ### Added
 - SC2316: Warn about 'local readonly foo' and similar (thanks, patrickxia!)

From 2842ce97b88a9cd9551f5f42f67a97e17a523b53 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 4 Feb 2023 11:38:20 -0800
Subject: [PATCH 086/244] Remove fgl-5.8.1.0 as a dependency

ShellCheck is temporarily broken by
https://github.com/haskell/fgl/commit/c8f56c18242b0c3e916892c5db56a609ec396637
---
 ShellCheck.cabal | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ShellCheck.cabal b/ShellCheck.cabal
index 1226588..8afebe1 100644
--- a/ShellCheck.cabal
+++ b/ShellCheck.cabal
@@ -54,7 +54,7 @@ library
       containers           >= 0.5.6 && < 0.7,
       deepseq              >= 1.4.1 && < 1.5,
       Diff                 >= 0.4.0 && < 0.5,
-      fgl                  >= 5.7.0 && < 5.9,
+      fgl                  >= 5.7.0 && < 5.8.1.0,
       filepath             >= 1.4.0 && < 1.5,
       mtl                  >= 2.2.2 && < 2.3,
       parsec               >= 3.1.14 && < 3.2,

From c05380d518056189412e12128a8906b8ca6f6717 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 4 Feb 2023 13:19:27 -0800
Subject: [PATCH 087/244] Count CFEExit as control flow for the purposes of
 finding dominators

---
 src/ShellCheck/CFG.hs | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/ShellCheck/CFG.hs b/src/ShellCheck/CFG.hs
index e0c6267..f882adc 100644
--- a/src/ShellCheck/CFG.hs
+++ b/src/ShellCheck/CFG.hs
@@ -192,7 +192,7 @@ buildGraph params root =
                     base
 
         idToRange = M.fromList mapping
-        isRealEdge (from, to, edge) = case edge of CFEFlow -> True; _ -> False
+        isRealEdge (from, to, edge) = case edge of CFEFlow -> True; CFEExit -> True; _ -> False
         onlyRealEdges = filter isRealEdge edges
         (_, mainExit) = fromJust $ M.lookup (getId root) idToRange
 
@@ -1301,7 +1301,10 @@ findPostDominators mainexit graph = asArray
     reversed = grev withExitEdges
     postDoms = dom reversed mainexit
     (_, maxNode) = nodeRange graph
-    asArray = array (0, maxNode) postDoms
+    -- Holes in the array cause "Exception: (Array.!): undefined array element" while
+    -- inspecting/debugging, so fill the array first and then update.
+    initializedArray = listArray (0, maxNode) $ repeat []
+    asArray = initializedArray // postDoms
 
 return []
 runTests =  $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |])

From b1ca3929e387446f3e3db023d716cf3787370437 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 4 Feb 2023 19:55:25 -0800
Subject: [PATCH 088/244] Upgrade cross-compilers to 9.2.5 to handle
 hashable-1.4.2.0

---
 build/darwin.x86_64/Dockerfile | 11 +++++++----
 build/linux.aarch64/Dockerfile | 14 ++++++++++----
 2 files changed, 17 insertions(+), 8 deletions(-)

diff --git a/build/darwin.x86_64/Dockerfile b/build/darwin.x86_64/Dockerfile
index 9e33a82..a53245f 100644
--- a/build/darwin.x86_64/Dockerfile
+++ b/build/darwin.x86_64/Dockerfile
@@ -6,15 +6,18 @@ ENV TARGETNAME darwin.x86_64
 # Build dependencies
 USER root
 ENV DEBIAN_FRONTEND noninteractive
-RUN apt-get update && apt-get install -y ghc automake autoconf llvm curl
+RUN sed -e 's/focal/kinetic/g' -i /etc/apt/sources.list
+RUN apt-get update
+RUN apt-get dist-upgrade -y
+RUN apt-get install -y ghc automake autoconf llvm curl alex happy
 
 # Build GHC
 WORKDIR /ghc
-RUN curl -L "https://downloads.haskell.org/~ghc/8.10.4/ghc-8.10.4-src.tar.xz" | tar xJ --strip-components=1
-RUN ./boot && ./configure --host x86_64-linux-gnu --build x86_64-linux-gnu --target "$TARGET"
+RUN curl -L "https://downloads.haskell.org/~ghc/9.2.5/ghc-9.2.5-src.tar.xz" | tar xJ --strip-components=1
+RUN ./configure --host x86_64-linux-gnu --build x86_64-linux-gnu --target "$TARGET"
 RUN cp mk/flavours/quick-cross.mk mk/build.mk && make -j "$(nproc)"
 RUN make install
-RUN curl -L "https://downloads.haskell.org/~cabal/cabal-install-3.2.0.0/cabal-install-3.2.0.0-x86_64-unknown-linux.tar.xz" | tar xJv -C /usr/local/bin
+RUN curl -L "https://downloads.haskell.org/~cabal/cabal-install-3.9.0.0/cabal-install-3.9-x86_64-linux-alpine.tar.xz" | tar xJv -C /usr/local/bin
 
 # Due to an apparent cabal bug, we specify our options directly to cabal
 # It won't reuse caches if ghc-options are specified in ~/.cabal/config
diff --git a/build/linux.aarch64/Dockerfile b/build/linux.aarch64/Dockerfile
index 60537b3..d5320e9 100644
--- a/build/linux.aarch64/Dockerfile
+++ b/build/linux.aarch64/Dockerfile
@@ -6,19 +6,25 @@ ENV TARGETNAME linux.aarch64
 # Build dependencies
 USER root
 ENV DEBIAN_FRONTEND noninteractive
-RUN apt-get update && apt-get install -y ghc automake autoconf build-essential llvm curl qemu-user-static gcc-$TARGET
+
+# These deps are from 20.04, because GHC's compiler/llvm support moves slowly
+RUN apt-get update && apt-get install -y llvm gcc-$TARGET
+
+# The rest are from 22.10
+RUN sed -e 's/focal/kinetic/g' -i /etc/apt/sources.list
+RUN apt-get update && apt-get install -y ghc alex happy automake autoconf build-essential curl qemu-user-static
 
 # Build GHC
 WORKDIR /ghc
-RUN curl -L "https://downloads.haskell.org/~ghc/8.10.4/ghc-8.10.4-src.tar.xz" | tar xJ --strip-components=1
+RUN curl -L "https://downloads.haskell.org/~ghc/9.2.5/ghc-9.2.5-src.tar.xz" | tar xJ --strip-components=1
 RUN ./boot && ./configure --host x86_64-linux-gnu --build x86_64-linux-gnu --target "$TARGET"
 RUN cp mk/flavours/quick-cross.mk mk/build.mk && make -j "$(nproc)"
 RUN make install
-RUN curl -L "https://downloads.haskell.org/~cabal/cabal-install-3.2.0.0/cabal-install-3.2.0.0-x86_64-unknown-linux.tar.xz" | tar xJv -C /usr/local/bin
+RUN curl -L "https://downloads.haskell.org/~cabal/cabal-install-3.9.0.0/cabal-install-3.9-x86_64-linux-alpine.tar.xz" | tar xJv -C /usr/local/bin
 
 # Due to an apparent cabal bug, we specify our options directly to cabal
 # It won't reuse caches if ghc-options are specified in ~/.cabal/config
-ENV CABALOPTS "--ghc-options;-split-sections -optc-Os -optc-Wl,--gc-sections;--with-ghc=$TARGET-ghc;--with-hc-pkg=$TARGET-ghc-pkg"
+ENV CABALOPTS "--ghc-options;-split-sections -optc-Os -optc-Wl,--gc-sections -optc-fPIC;--with-ghc=$TARGET-ghc;--with-hc-pkg=$TARGET-ghc-pkg"
 
 # Prebuild the dependencies
 RUN cabal update && IFS=';' && cabal install --dependencies-only $CABALOPTS ShellCheck

From e6e8ab0415f720afee5f426b6ca09757a4ed12ce Mon Sep 17 00:00:00 2001
From: Felipe Santos <felipecassiors@gmail.com>
Date: Sun, 5 Feb 2023 11:13:07 -0300
Subject: [PATCH 089/244] Mention VS Code ShellCheck binaries distribution

---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 6f3e4a9..a1c59a7 100644
--- a/README.md
+++ b/README.md
@@ -232,6 +232,8 @@ Alternatively, you can download pre-compiled binaries for the latest release her
 or see the [GitHub Releases](https://github.com/koalaman/shellcheck/releases) for other releases
 (including the [latest](https://github.com/koalaman/shellcheck/releases/tag/latest) meta-release for daily git builds).
 
+You can also find pre-compiled binaries repackaged in `.tar.gz` format in the [VS Code ShellCheck Binaries](https://github.com/vscode-shellcheck/shellcheck-binaries/releases) repository. It also includes a pre-compiled binary for **Apple M1** processors.
+
 Distro packages already come with a `man` page. If you are building from source, it can be installed with:
 
 ```console

From 08b437974e871d82213545b9a079bcb794f7a58a Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 23 Apr 2023 16:47:49 -0700
Subject: [PATCH 090/244] Rewrite vscode-shellcheck blurb

---
 README.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index a1c59a7..3a839aa 100644
--- a/README.md
+++ b/README.md
@@ -232,7 +232,8 @@ Alternatively, you can download pre-compiled binaries for the latest release her
 or see the [GitHub Releases](https://github.com/koalaman/shellcheck/releases) for other releases
 (including the [latest](https://github.com/koalaman/shellcheck/releases/tag/latest) meta-release for daily git builds).
 
-You can also find pre-compiled binaries repackaged in `.tar.gz` format in the [VS Code ShellCheck Binaries](https://github.com/vscode-shellcheck/shellcheck-binaries/releases) repository. It also includes a pre-compiled binary for **Apple M1** processors.
+There are currently no official binaries for Apple Silicon, but third party builds are available via
+[ShellCheck for Visual Studio Code](https://github.com/vscode-shellcheck/shellcheck-binaries/releases).
 
 Distro packages already come with a `man` page. If you are building from source, it can be installed with:
 

From 1164aa4efc225129302e2a2450e907ad842d41e4 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 23 Apr 2023 19:35:54 -0700
Subject: [PATCH 091/244] Installing custom docker should no longer be
 necessary for buildx

---
 .multi_arch_docker | 18 ------------------
 1 file changed, 18 deletions(-)

diff --git a/.multi_arch_docker b/.multi_arch_docker
index a9f7401..1c5d32b 100755
--- a/.multi_arch_docker
+++ b/.multi_arch_docker
@@ -3,28 +3,10 @@
 # binaries previously built and deployed to GitHub.
 
 function multi_arch_docker::install_docker_buildx() {
-  # Install up-to-date version of docker, with buildx support.
-  local -r docker_apt_repo='https://download.docker.com/linux/ubuntu'
-  curl -fsSL "${docker_apt_repo}/gpg" | sudo apt-key add -
-  local -r os="$(lsb_release -cs)"
-  sudo add-apt-repository "deb [arch=amd64] $docker_apt_repo $os stable"
-  sudo apt-get update
-  sudo apt-get -y -o Dpkg::Options::="--force-confnew" install docker-ce
-
-  # Enable docker daemon experimental support (for 'pull --platform').
-  local -r config='/etc/docker/daemon.json'
-  if [[ -e "$config" ]]; then
-    sudo sed -i -e 's/{/{ "experimental": true, /' "$config"
-  else
-    echo '{ "experimental": true }' | sudo tee "$config"
-  fi
-  sudo systemctl restart docker
-
   # Install QEMU multi-architecture support for docker buildx.
   docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
 
   # Instantiate docker buildx builder with multi-architecture support.
-  export DOCKER_CLI_EXPERIMENTAL=enabled
   docker buildx create --name mybuilder
   docker buildx use mybuilder
   # Start up buildx and verify that all is OK.

From 5fec3f9b34bc0ba3d2d02d4a7613cb3a62ed4c15 Mon Sep 17 00:00:00 2001
From: James Morris <jamesmorris2@gmail.com>
Date: Mon, 24 Apr 2023 22:08:22 -0400
Subject: [PATCH 092/244] Add fish to the badShells list

---
 src/ShellCheck/Parser.hs | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 7a50967..9d7df00 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -3360,6 +3360,7 @@ readScriptFile sourced = do
         "awk",
         "csh",
         "expect",
+        "fish",
         "perl",
         "python",
         "ruby",

From 46b678fca8f8aac035d04e676f77f1a92f6742f4 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 30 Apr 2023 14:37:37 -0700
Subject: [PATCH 093/244] Minor fixes to POSIX read without variable check

---
 src/ShellCheck/Checks/ShellSupport.hs | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index eda6882..cf8acc9 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -188,6 +188,7 @@ prop_checkBashisms100 = verify checkBashisms "read -r"
 prop_checkBashisms101 = verify checkBashisms "read"
 prop_checkBashisms102 = verifyNot checkBashisms "read -r foo"
 prop_checkBashisms103 = verifyNot checkBashisms "read foo"
+prop_checkBashisms104 = verifyNot checkBashisms "read ''"
 checkBashisms = ForShell [Sh, Dash] $ \t -> do
     params <- ask
     kludge params t
@@ -288,13 +289,6 @@ checkBashisms = ForShell [Sh, Dash] $ \t -> do
           argString = concat $ oversimplify arg
           flagRegex = mkRegex "^-[eEsn]+$"
 
-    bashism t@(T_SimpleCommand _ _ (cmd:args))
-        | t `isCommand` "read" && length (onlyNames args) == 0 =
-            warnMsg (getId cmd) 3061 "read without a variable is"
-      where
-        notFlag arg = head (concat $ oversimplify arg) /= '-'
-        onlyNames = filter (notFlag)
-
     bashism t@(T_SimpleCommand _ _ (cmd:arg:_))
         | getLiteralString cmd == Just "exec" && "-" `isPrefixOf` concat (oversimplify arg) =
             warnMsg (getId arg) 3038 "exec flags are"
@@ -390,6 +384,9 @@ checkBashisms = ForShell [Sh, Dash] $ \t -> do
                 let literal = onlyLiteralString format
                 guard $ "%q" `isInfixOf` literal
                 return $ warnMsg (getId format) 3050 "printf %q is"
+
+            when (name == "read" && all isFlag rest) $
+                warnMsg (getId cmd) 3061 "read without a variable is"
       where
         unsupportedCommands = [
             "let", "caller", "builtin", "complete", "compgen", "declare", "dirs", "disown",

From b3932dfa10804434fb8c15dc32e428c5a1c3bfa4 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Mon, 1 May 2023 00:02:53 -0400
Subject: [PATCH 094/244] Fix #2734: adjust bounds to compile on 9.6

The whole test suite passes for me, including prop_checkOverwrittenExitCode8,
and I get the same set of findings with this build and shellcheck.net on
tools/testing/selftests/net/icmp_redirect.sh.
---
 ShellCheck.cabal | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/ShellCheck.cabal b/ShellCheck.cabal
index 8afebe1..f09521f 100644
--- a/ShellCheck.cabal
+++ b/ShellCheck.cabal
@@ -46,7 +46,7 @@ library
         semigroups
     build-depends:
       -- The lower bounds are based on GHC 7.10.3
-      -- The upper bounds are based on GHC 9.4.3
+      -- The upper bounds are based on GHC 9.6.1
       aeson                >= 1.4.0 && < 2.2,
       array                >= 0.5.1 && < 0.6,
       base                 >= 4.8.0.0 && < 5,
@@ -54,13 +54,13 @@ library
       containers           >= 0.5.6 && < 0.7,
       deepseq              >= 1.4.1 && < 1.5,
       Diff                 >= 0.4.0 && < 0.5,
-      fgl                  >= 5.7.0 && < 5.8.1.0,
+      fgl                  (>= 5.7.0 && < 5.8.1.0) || (>= 5.8.1.1 && < 5.9),
       filepath             >= 1.4.0 && < 1.5,
-      mtl                  >= 2.2.2 && < 2.3,
+      mtl                  >= 2.2.2 && < 2.4,
       parsec               >= 3.1.14 && < 3.2,
       QuickCheck           >= 2.14.2 && < 2.15,
       regex-tdfa           >= 1.2.0 && < 1.4,
-      transformers         >= 0.4.2 && < 0.6,
+      transformers         >= 0.4.2 && < 0.7,
 
       -- getXdgDirectory from 1.2.3.0
       directory            >= 1.2.3 && < 1.4,

From f03c437e2fe0d669d1e64dcedd305d5bd8ca0608 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Wed, 24 May 2023 16:38:53 -0400
Subject: [PATCH 095/244] Get rid of a dangerous partial function from
 checkSpacefulnessCfg'

---
 src/ShellCheck/Analytics.hs | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 1f6d96d..ecc170d 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -2134,7 +2134,8 @@ checkSpacefulnessCfg' dirtyPass params token@(T_DollarBraced id _ list) =
                     addDoubleQuotesAround params token
 
   where
-    name = getBracedReference $ concat $ oversimplify list
+    bracedString = concat $ oversimplify list
+    name = getBracedReference bracedString
     parents = parentMap params
     needsQuoting =
               not (isArrayExpansion token) -- There's another warning for this
@@ -2153,14 +2154,10 @@ checkSpacefulnessCfg' dirtyPass params token@(T_DollarBraced id _ list) =
         || CF.spaceStatus (CF.variableValue state) == CF.SpaceStatusClean
 
     isDefaultAssignment parents token =
-        let modifier = getBracedModifier $ bracedString token in
+        let modifier = getBracedModifier bracedString in
             any (`isPrefixOf` modifier) ["=", ":="]
             && isParamTo parents ":" token
 
-    -- Given a T_DollarBraced, return a simplified version of the string contents.
-    bracedString (T_DollarBraced _ _ l) = concat $ oversimplify l
-    bracedString _ = error $ pleaseReport "bracedString on non-variable"
-
 checkSpacefulnessCfg' _ _ _ = return ()
 
 

From b625cc1accb3249322ca757b6709840f7582b072 Mon Sep 17 00:00:00 2001
From: Nicolas Theodarus <nicolastheodarus@gmail.com>
Date: Sun, 28 May 2023 12:33:16 +0200
Subject: [PATCH 096/244] add dependabot.yml

---
 .github/dependabot.yml | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..81bae9a
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,7 @@
+version: 2
+
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"

From 01aee1a859913a02b529d1f25469693166d3fe7c Mon Sep 17 00:00:00 2001
From: Danny Faught <dfaught@vmware.com>
Date: Fri, 28 Jul 2023 14:19:54 -0400
Subject: [PATCH 097/244] improve short description

* The short description used to say that until commit
  aac7d76047a5b28d064b17a5d0fac022054d05a0 from 2014. It appears that
  it was changed by mistake in that commit to something less readable.

* With the message "use -print0/-0" we were confused and introduced a
  bug in our code because we didn't understand what to do with the
  "-0".

* SC2011 (source
  https://github.com/koalaman/shellcheck/blob/c9e27c24700cdc5b84cfca1f7a90fe07f542867c/src/ShellCheck/Analytics.hs#L591)
  uses that exact warning message, we copied it from there.

Signed-off-by: Bruce Ricard <bricard@vmware.com>
---
 src/ShellCheck/Analytics.hs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index ecc170d..3bb1ed0 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -562,7 +562,7 @@ checkPipePitfalls _ (T_Pipeline id _ commands) = do
                 hasParameter "print0",
                 hasParameter "printf"
               ]) $ warn (getId find) 2038
-                      "Use -print0/-0 or -exec + to allow for non-alphanumeric filenames."
+                      "Use 'find .. -print0 | xargs -0 ..' or 'find .. -exec .. +' to allow non-alphanumeric filenames."
 
     for ["ps", "grep"] $
         \(ps:grep:_) ->

From 372c0b667e7b6f36a5f1a42a9802eb0246ee3e95 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 30 Jul 2023 13:47:00 -0700
Subject: [PATCH 098/244] SC2324: Warn when x+=1 appends.

---
 CHANGELOG.md                  |  1 +
 src/ShellCheck/ASTLib.hs      |  9 +++++++++
 src/ShellCheck/Analytics.hs   | 38 +++++++++++++++++++++++++++++++++++
 src/ShellCheck/CFGAnalysis.hs | 16 +++++++++++++++
 4 files changed, 64 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index fc1c0ce..8f4426e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,6 @@
 ## Git
 ### Added
+- SC2324: Warn when x+=1 appends instead of increments.
 
 ### Fixed
 
diff --git a/src/ShellCheck/ASTLib.hs b/src/ShellCheck/ASTLib.hs
index 56903ee..64fa762 100644
--- a/src/ShellCheck/ASTLib.hs
+++ b/src/ShellCheck/ASTLib.hs
@@ -886,6 +886,15 @@ isUnmodifiedParameterExpansion t =
             in getBracedReference str == str
         _ -> False
 
+-- Return the referenced variable if (and only if) it's an unmodified parameter expansion.
+getUnmodifiedParameterExpansion t =
+    case t of
+        T_DollarBraced _ _ list -> do
+            let str = concat $ oversimplify list
+            guard $ getBracedReference str == str
+            return str
+        _ -> Nothing
+
 --- A list of the element and all its parents up to the root node.
 getPath tree t = t :
     case Map.lookup (getId t) tree of
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index ecc170d..dbad0f5 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -201,6 +201,7 @@ nodeChecks = [
     ,checkOverwrittenExitCode
     ,checkUnnecessaryArithmeticExpansionIndex
     ,checkUnnecessaryParens
+    ,checkPlusEqualsNumber
     ]
 
 optionalChecks = map fst optionalTreeChecks
@@ -5007,5 +5008,42 @@ checkUnnecessaryParens params t =
         ]
 
 
+prop_checkPlusEqualsNumber1 = verify checkPlusEqualsNumber "x+=1"
+prop_checkPlusEqualsNumber2 = verify checkPlusEqualsNumber "x+=42"
+prop_checkPlusEqualsNumber3 = verifyNot checkPlusEqualsNumber "(( x += 1 ))"
+prop_checkPlusEqualsNumber4 = verifyNot checkPlusEqualsNumber "declare -i x=0; x+=1"
+prop_checkPlusEqualsNumber5 = verifyNot checkPlusEqualsNumber "x+='1'"
+prop_checkPlusEqualsNumber6 = verifyNot checkPlusEqualsNumber "n=foo; x+=n"
+prop_checkPlusEqualsNumber7 = verify checkPlusEqualsNumber "n=4; x+=n"
+prop_checkPlusEqualsNumber8 = verify checkPlusEqualsNumber "n=4; x+=$n"
+prop_checkPlusEqualsNumber9 = verifyNot checkPlusEqualsNumber "declare -ia var; var[x]+=1"
+checkPlusEqualsNumber params t =
+    case t of
+        T_Assignment id Append var _ word -> sequence_ $ do
+            state <- CF.getIncomingState (cfgAnalysis params) id
+            guard $ isNumber state word
+            guard . not $ fromMaybe False $ CF.variableMayBeDeclaredInteger state var
+            return $ warn id 2324 "var+=1 will append, not increment. Use (( var += 1 )), declare -i var, or quote number to silence."
+        _ -> return ()
+
+  where
+    isNumber state word =
+        let
+            unquotedLiteral = getUnquotedLiteral word
+            isEmpty = unquotedLiteral == Just ""
+            isUnquotedNumber = not isEmpty && fromMaybe False (all isDigit <$> unquotedLiteral)
+            isNumericalVariableName = fromMaybe False $ do
+                str <- unquotedLiteral
+                CF.variableMayBeAssignedInteger state str
+            isNumericalVariableExpansion =
+                case word of
+                    T_NormalWord _ [part] -> fromMaybe False $ do
+                        str <- getUnmodifiedParameterExpansion part
+                        CF.variableMayBeAssignedInteger state str
+                    _ -> False
+        in
+            isUnquotedNumber || isNumericalVariableName || isNumericalVariableExpansion
+
+
 return []
 runTests =  $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |])
diff --git a/src/ShellCheck/CFGAnalysis.hs b/src/ShellCheck/CFGAnalysis.hs
index 4e36cf5..3b4f957 100644
--- a/src/ShellCheck/CFGAnalysis.hs
+++ b/src/ShellCheck/CFGAnalysis.hs
@@ -59,6 +59,8 @@ module ShellCheck.CFGAnalysis (
     ,getIncomingState
     ,getOutgoingState
     ,doesPostDominate
+    ,variableMayBeDeclaredInteger
+    ,variableMayBeAssignedInteger
     ,ShellCheck.CFGAnalysis.runTests -- STRIP
     ) where
 
@@ -153,6 +155,20 @@ doesPostDominate analysis target base = fromMaybe False $ do
     (targetStart, _) <- M.lookup target $ tokenToRange analysis
     return $ targetStart `elem` (postDominators analysis ! baseEnd)
 
+-- See if any execution path results in the variable containing a state
+variableMayHaveState :: ProgramState -> String -> CFVariableProp -> Maybe Bool
+variableMayHaveState state var property = do
+    value <- M.lookup var $ variablesInScope state
+    return $ any (S.member property) $ variableProperties value
+
+-- See if any execution path declares the variable an integer (declare -i).
+variableMayBeDeclaredInteger state var = variableMayHaveState state var CFVPInteger
+
+-- See if any execution path suggests the variable may contain an integer value
+variableMayBeAssignedInteger state var = do
+    value <- M.lookup var $ variablesInScope state
+    return $ (numericalStatus $ variableValue value) >= NumericalStatusMaybe
+
 getDataForNode analysis node = M.lookup node $ nodeToData analysis
 
 -- The current state of data flow at a point in the program, potentially as a diff

From 9490b9488627a06e0a4af1c11644b7936b8a2422 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 30 Jul 2023 16:52:40 -0700
Subject: [PATCH 099/244] Save and restore pending here docs when sourcing
 files (fixes #2803)

---
 CHANGELOG.md              |  3 ++-
 src/ShellCheck/Checker.hs |  9 +++++++++
 src/ShellCheck/Parser.hs  | 10 ++++++++--
 3 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8f4426e..c6c9513 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,8 +1,9 @@
 ## Git
 ### Added
-- SC2324: Warn when x+=1 appends instead of increments.
+- SC2324: Warn when x+=1 appends instead of increments
 
 ### Fixed
+- source statements with here docs now work correctly
 
 ### Changed
 
diff --git a/src/ShellCheck/Checker.hs b/src/ShellCheck/Checker.hs
index b56be68..c79f90f 100644
--- a/src/ShellCheck/Checker.hs
+++ b/src/ShellCheck/Checker.hs
@@ -508,5 +508,14 @@ prop_rcCanSuppressEarlyProblems2 = null result
         csScript = "!/bin/bash\necho 'hello world'"
     }
 
+prop_sourceWithHereDocWorks = null result
+  where
+    result = checkWithIncludes [("bar", "true\n")] "source bar << eof\nlol\neof"
+
+prop_hereDocsAreParsedWithoutTrailingLinefeed = 1044 `elem` result
+  where
+    result = check "cat << eof"
+
+
 return []
 runTests = $quickCheckAll
diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 9d7df00..341a435 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -2283,8 +2283,13 @@ readSource t@(T_Redirecting _ _ (T_SimpleCommand cmdId _ (cmd:file':rest'))) = d
 
     subRead name script =
         withContext (ContextSource name) $
-            inSeparateContext $
-                subParse (initialPos name) (readScriptFile True) script
+            inSeparateContext $ do
+                oldState <- getState
+                setState $ oldState { pendingHereDocs = [] }
+                result <- subParse (initialPos name) (readScriptFile True) script
+                newState <- getState
+                setState $ newState { pendingHereDocs = pendingHereDocs oldState }
+                return result
 readSource t = return t
 
 
@@ -3322,6 +3327,7 @@ readScriptFile sourced = do
               then do
                     commands <- readCompoundListOrEmpty
                     id <- endSpan start
+                    readPendingHereDocs
                     verifyEof
                     let script = T_Annotation annotationId annotations $
                                     T_Script id shebang commands

From dd747b2a98c3214978a97b9ee0ec38e635b6e621 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 30 Jul 2023 19:18:27 -0700
Subject: [PATCH 100/244] SC2325/SC2326: Warn about ! ! foo and foo | ! bar
 (fixes #2810)

---
 CHANGELOG.md                          |  2 ++
 src/ShellCheck/Checks/ShellSupport.hs | 26 ++++++++++++++++++++++++++
 src/ShellCheck/Parser.hs              | 22 +++++++++++++++-------
 3 files changed, 43 insertions(+), 7 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index c6c9513..0338f7d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,8 @@
 ## Git
 ### Added
 - SC2324: Warn when x+=1 appends instead of increments
+- SC2325: Warn about multiple `!`s in dash/sh.
+- SC2326: Warn about `foo | ! bar` in bash/dash/sh.
 
 ### Fixed
 - source statements with here docs now work correctly
diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index cf8acc9..c7ece1a 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -60,6 +60,8 @@ checks = [
     ,checkBraceExpansionVars
     ,checkMultiDimensionalArrays
     ,checkPS1Assignments
+    ,checkMultipleBangs
+    ,checkBangAfterPipe
     ]
 
 testChecker (ForShell _ t) =
@@ -566,5 +568,29 @@ checkPS1Assignments = ForShell [Bash] f
     escapeRegex = mkRegex "\\\\x1[Bb]|\\\\e|\x1B|\\\\033"
 
 
+prop_checkMultipleBangs1 = verify checkMultipleBangs "! ! true"
+prop_checkMultipleBangs2 = verifyNot checkMultipleBangs "! true"
+checkMultipleBangs = ForShell [Dash, Sh] f
+  where
+    f token = case token of
+        T_Banged id (T_Banged _ _) ->
+            err id 2325 "Multiple ! in front of pipelines are a bash/ksh extension. Use only 0 or 1."
+        _ -> return ()
+
+
+prop_checkBangAfterPipe1 = verify checkBangAfterPipe "true | ! true"
+prop_checkBangAfterPipe2 = verifyNot checkBangAfterPipe "true | ( ! true )"
+prop_checkBangAfterPipe3 = verifyNot checkBangAfterPipe "! ! true | true"
+checkBangAfterPipe = ForShell [Dash, Sh, Bash] f
+  where
+    f token = case token of
+        T_Pipeline _ _ cmds -> mapM_ check cmds
+        _ -> return ()
+
+    check token = case token of
+        T_Banged id _ ->
+            err id 2326 "! is not allowed in the middle of pipelines. Use command group as in cmd | { ! cmd; } if necessary."
+        _ -> return ()
+
 return []
 runTests =  $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |])
diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 341a435..ffc58e2 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -2296,14 +2296,18 @@ readSource t = return t
 prop_readPipeline = isOk readPipeline "! cat /etc/issue | grep -i ubuntu"
 prop_readPipeline2 = isWarning readPipeline "!cat /etc/issue | grep -i ubuntu"
 prop_readPipeline3 = isOk readPipeline "for f; do :; done|cat"
+prop_readPipeline4 = isOk readPipeline "! ! true"
+prop_readPipeline5 = isOk readPipeline "true | ! true"
 readPipeline = do
     unexpecting "keyword/token" readKeyword
-    do
-        (T_Bang id) <- g_Bang
-        pipe <- readPipeSequence
-        return $ T_Banged id pipe
-      <|>
-        readPipeSequence
+    readBanged readPipeSequence
+
+readBanged parser = do
+    pos <- getPosition
+    (T_Bang id) <- g_Bang
+    next <- readBanged parser
+    return $ T_Banged id next
+ <|> parser
 
 prop_readAndOr = isOk readAndOr "grep -i lol foo || exit 1"
 prop_readAndOr1 = isOk readAndOr "# shellcheck disable=1\nfoo"
@@ -2359,7 +2363,7 @@ readTerm = do
 
 readPipeSequence = do
     start <- startSpan
-    (cmds, pipes) <- sepBy1WithSeparators readCommand
+    (cmds, pipes) <- sepBy1WithSeparators (readBanged readCommand)
                         (readPipe `thenSkip` (spacing >> readLineBreak))
     id <- endSpan start
     spacing
@@ -2389,6 +2393,10 @@ readCommand = choice [
     ]
 
 readCmdName = do
+    -- If the command name is `!` then
+    optional . lookAhead . try $ do
+        char '!'
+        whitespace
     -- Ignore alias suppression
     optional . try $ do
         char '\\'

From 90d3172dfec30a7569f95b32479ae97af73b8b2e Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 13 Aug 2023 16:32:53 -0700
Subject: [PATCH 101/244] Add a newSystemInterface to go with the rest of the
 new* constructors

---
 shellcheck.hs               |  2 +-
 src/ShellCheck/Interface.hs | 15 ++++++++++++---
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/shellcheck.hs b/shellcheck.hs
index 4e8a155..6be9bb1 100644
--- a/shellcheck.hs
+++ b/shellcheck.hs
@@ -396,7 +396,7 @@ ioInterface options files = do
     inputs <- mapM normalize files
     cache <- newIORef emptyCache
     configCache <- newIORef ("", Nothing)
-    return SystemInterface {
+    return (newSystemInterface :: SystemInterface IO) {
         siReadFile = get cache inputs,
         siFindSource = findSourceFile inputs (sourcePaths options),
         siGetConfig = getConfig configCache
diff --git a/src/ShellCheck/Interface.hs b/src/ShellCheck/Interface.hs
index 7528559..077212f 100644
--- a/src/ShellCheck/Interface.hs
+++ b/src/ShellCheck/Interface.hs
@@ -39,11 +39,12 @@ module ShellCheck.Interface
     , ColorOption(ColorAuto, ColorAlways, ColorNever)
     , TokenComment(tcId, tcComment, tcFix)
     , emptyCheckResult
-    , newParseResult
-    , newAnalysisSpec
     , newAnalysisResult
+    , newAnalysisSpec
     , newFormatterOptions
+    , newParseResult
     , newPosition
+    , newSystemInterface
     , newTokenComment
     , mockedSystemInterface
     , mockRcFile
@@ -135,6 +136,14 @@ newParseSpec = ParseSpec {
     psShellTypeOverride = Nothing
 }
 
+newSystemInterface :: Monad m => SystemInterface m
+newSystemInterface =
+    SystemInterface {
+        siReadFile = \_ _ -> return $ Left "Not implemented",
+        siFindSource = \_ _ _ name -> return name,
+        siGetConfig = \_ -> return Nothing
+    }
+
 -- Parser input and output
 data ParseSpec = ParseSpec {
     psFilename :: String,
@@ -311,7 +320,7 @@ data ColorOption =
 
 -- For testing
 mockedSystemInterface :: [(String, String)] -> SystemInterface Identity
-mockedSystemInterface files = SystemInterface {
+mockedSystemInterface files = (newSystemInterface :: SystemInterface Identity) {
     siReadFile = rf,
     siFindSource = fs,
     siGetConfig = const $ return Nothing

From 410ec54617c86586cd6b5662ecc035898bd8aefa Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 5 Sep 2023 08:21:55 +0000
Subject: [PATCH 102/244] Bump actions/checkout from 3 to 4

Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/build.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index a435cf4..2ca94f2 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -15,7 +15,7 @@ jobs:
           sudo apt-get install cabal-install
 
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
@@ -51,7 +51,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Download artifacts
         uses: actions/download-artifact@v3
@@ -74,7 +74,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Download artifacts
         uses: actions/download-artifact@v3
@@ -104,7 +104,7 @@ jobs:
     environment: Deploy
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Download artifacts
         uses: actions/download-artifact@v3

From c89ec2fd492d37722f2c93aaae500cc91a84e1c4 Mon Sep 17 00:00:00 2001
From: Max Ulidtko <ulidtko@gmail.com>
Date: Sun, 1 Oct 2023 19:57:19 +0200
Subject: [PATCH 103/244] Fix: do []-related bashism checks on test(1) calls
 too

---
 src/ShellCheck/Checks/ShellSupport.hs | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index c7ece1a..1f012d2 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -19,6 +19,7 @@
 -}
 {-# LANGUAGE TemplateHaskell #-}
 {-# LANGUAGE FlexibleContexts #-}
+{-# LANGUAGE ViewPatterns #-}
 module ShellCheck.Checks.ShellSupport (checker , ShellCheck.Checks.ShellSupport.runTests) where
 
 import ShellCheck.AST
@@ -91,6 +92,9 @@ prop_checkBashisms3 = verify checkBashisms "echo $((i++))"
 prop_checkBashisms4 = verify checkBashisms "rm !(*.hs)"
 prop_checkBashisms5 = verify checkBashisms "source file"
 prop_checkBashisms6 = verify checkBashisms "[ \"$a\" == 42 ]"
+prop_checkBashisms6b = verify checkBashisms "test \"$a\" == 42"
+prop_checkBashisms6c = verify checkBashisms "[ foo =~ bar ]"
+prop_checkBashisms6d = verify checkBashisms "test foo =~ bar"
 prop_checkBashisms7 = verify checkBashisms "echo ${var[1]}"
 prop_checkBashisms8 = verify checkBashisms "echo ${!var[@]}"
 prop_checkBashisms9 = verify checkBashisms "echo ${!var*}"
@@ -106,6 +110,7 @@ prop_checkBashisms18 = verify checkBashisms "foo &> /dev/null"
 prop_checkBashisms19 = verify checkBashisms "foo > file*.txt"
 prop_checkBashisms20 = verify checkBashisms "read -ra foo"
 prop_checkBashisms21 = verify checkBashisms "[ -a foo ]"
+prop_checkBashisms21b = verify checkBashisms "test -a foo"
 prop_checkBashisms22 = verifyNot checkBashisms "[ foo -a bar ]"
 prop_checkBashisms23 = verify checkBashisms "trap mything ERR INT"
 prop_checkBashisms24 = verifyNot checkBashisms "trap mything INT TERM"
@@ -203,6 +208,7 @@ checkBashisms = ForShell [Sh, Dash] $ \t -> do
         if isDash
         then err  id code $ "In dash, " ++ s ++ " not supported."
         else warn id code $ "In POSIX sh, " ++ s ++ " undefined."
+    asStr = getLiteralString
 
     bashism (T_ProcSub id _ _) = warnMsg id 3001 "process substitution is"
     bashism (T_Extglob id _ _) = warnMsg id 3002 "extglob is"
@@ -218,17 +224,31 @@ checkBashisms = ForShell [Sh, Dash] $ \t -> do
     bashism (TC_Binary id SingleBracket op _ _)
         | op `elem` [ "<", ">", "\\<", "\\>", "<=", ">=", "\\<=", "\\>="] =
             unless isDash $ warnMsg id 3012 $ "lexicographical " ++ op ++ " is"
+    bashism (T_SimpleCommand id _ [asStr -> Just "test", lhs, asStr -> Just op, rhs])
+        | op `elem` [ "<", ">", "\\<", "\\>", "<=", ">=", "\\<=", "\\>="] =
+            unless isDash $ warnMsg id 3012 $ "lexicographical " ++ op ++ " is"
     bashism (TC_Binary id SingleBracket op _ _)
         | op `elem` [ "-ot", "-nt", "-ef" ] =
             unless isDash $ warnMsg id 3013 $ op ++ " is"
+    bashism (T_SimpleCommand id _ [asStr -> Just "test", lhs, asStr -> Just op, rhs])
+        | op `elem` [ "-ot", "-nt", "-ef" ] =
+            unless isDash $ warnMsg id 3013 $ op ++ " is"
     bashism (TC_Binary id SingleBracket "==" _ _) =
             warnMsg id 3014 "== in place of = is"
+    bashism (T_SimpleCommand id _ [asStr -> Just "test", lhs, asStr -> Just "==", rhs]) =
+            warnMsg id 3014 "== in place of = is"
     bashism (TC_Binary id SingleBracket "=~" _ _) =
             warnMsg id 3015 "=~ regex matching is"
+    bashism (T_SimpleCommand id _ [asStr -> Just "test", lhs, asStr -> Just "=~", rhs]) =
+            warnMsg id 3015 "=~ regex matching is"
     bashism (TC_Unary id SingleBracket "-v" _) =
             warnMsg id 3016 "unary -v (in place of [ -n \"${var+x}\" ]) is"
+    bashism (T_SimpleCommand id _ [asStr -> Just "test", asStr -> Just "-v", _]) =
+            warnMsg id 3016 "unary -v (in place of [ -n \"${var+x}\" ]) is"
     bashism (TC_Unary id _ "-a" _) =
             warnMsg id 3017 "unary -a in place of -e is"
+    bashism (T_SimpleCommand id _ [asStr -> Just "test", asStr -> Just "-a", _]) =
+            warnMsg id 3017 "unary -a in place of -e is"
     bashism (TA_Unary id op _)
         | op `elem` [ "|++", "|--", "++|", "--|"] =
             warnMsg id 3018 $ filter (/= '|') op ++ " is"

From 9605396bef40abdb830bc4c607c3736c007e3482 Mon Sep 17 00:00:00 2001
From: Max Ulidtko <ulidtko@gmail.com>
Date: Sun, 1 Oct 2023 21:23:25 +0200
Subject: [PATCH 104/244] Docs: describe fixes of PR #2837 in changelog

---
 CHANGELOG.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0338f7d..b9ce1fb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,12 @@
 - SC2324: Warn when x+=1 appends instead of increments
 - SC2325: Warn about multiple `!`s in dash/sh.
 - SC2326: Warn about `foo | ! bar` in bash/dash/sh.
+- SC3012: Warn about lexicographic-compare bashism in test like in [ ]
+- SC3013: Warn bashism `test _ -op/-nt/-ef _` like in [ ]
+- SC3014: Warn bashism `test _ == _` like in [ ]
+- SC3015: Warn bashism `test _ =~ _` like in [ ]
+- SC3016: Warn bashism `test -v _` like in [ ]
+- SC3017: Warn bashism `test -a _` like in [ ]
 
 ### Fixed
 - source statements with here docs now work correctly

From 6a6d8e9fc488b3b20ab93da2915cccb42e208ddc Mon Sep 17 00:00:00 2001
From: Vidar Holen <spam@vidarholen.net>
Date: Sun, 8 Oct 2023 18:52:05 -0700
Subject: [PATCH 105/244] Revert "Bump actions/checkout from 3 to 4"

This reverts commit 410ec54617c86586cd6b5662ecc035898bd8aefa.
---
 .github/workflows/build.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 2ca94f2..a435cf4 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -15,7 +15,7 @@ jobs:
           sudo apt-get install cabal-install
 
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3
         with:
           fetch-depth: 0
 
@@ -51,7 +51,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3
 
       - name: Download artifacts
         uses: actions/download-artifact@v3
@@ -74,7 +74,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3
 
       - name: Download artifacts
         uses: actions/download-artifact@v3
@@ -104,7 +104,7 @@ jobs:
     environment: Deploy
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3
 
       - name: Download artifacts
         uses: actions/download-artifact@v3

From 99a94421ab77397ae98e192a722ba7e61c103dec Mon Sep 17 00:00:00 2001
From: Vidar Holen <spam@vidarholen.net>
Date: Sun, 8 Oct 2023 19:42:31 -0700
Subject: [PATCH 106/244] Manually install 'hub' dependency

---
 .github/workflows/build.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index a435cf4..3e6fb27 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -103,6 +103,11 @@ jobs:
     runs-on: ubuntu-latest
     environment: Deploy
     steps:
+      - name: Install Dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get install hub
+
       - name: Checkout repository
         uses: actions/checkout@v3
 

From dc2f388310c48eefe4613edf71a703f07d02ffa7 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sat, 14 Oct 2023 18:12:51 -0400
Subject: [PATCH 107/244] Adjust bounds to compile on 9.8

You'll need --allow-newer=fgl:deepseq for it to work too,
until haskell/fgl#111 gets merged.
---
 ShellCheck.cabal | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/ShellCheck.cabal b/ShellCheck.cabal
index f09521f..76516db 100644
--- a/ShellCheck.cabal
+++ b/ShellCheck.cabal
@@ -46,13 +46,13 @@ library
         semigroups
     build-depends:
       -- The lower bounds are based on GHC 7.10.3
-      -- The upper bounds are based on GHC 9.6.1
-      aeson                >= 1.4.0 && < 2.2,
+      -- The upper bounds are based on GHC 9.8.1
+      aeson                >= 1.4.0 && < 2.3,
       array                >= 0.5.1 && < 0.6,
       base                 >= 4.8.0.0 && < 5,
-      bytestring           >= 0.10.6 && < 0.12,
-      containers           >= 0.5.6 && < 0.7,
-      deepseq              >= 1.4.1 && < 1.5,
+      bytestring           >= 0.10.6 && < 0.13,
+      containers           >= 0.5.6 && < 0.8,
+      deepseq              >= 1.4.1 && < 1.6,
       Diff                 >= 0.4.0 && < 0.5,
       fgl                  (>= 5.7.0 && < 5.8.1.0) || (>= 5.8.1.1 && < 5.9),
       filepath             >= 1.4.0 && < 1.5,

From 8b3c37aa36bcb74b09d71eba4ce0ce0141b8bd4f Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Mon, 16 Oct 2023 00:06:53 -0400
Subject: [PATCH 108/244] Use find instead of listToMaybe and filter

---
 src/ShellCheck/Analytics.hs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 7e8b510..3cebb24 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -3320,7 +3320,7 @@ checkReturnAgainstZero params token =
 
     isFirstCommandInFunction = fromMaybe False $ do
         let path = getPath (parentMap params) token
-        func <- listToMaybe $ filter isFunction path
+        func <- find isFunction path
         cmd <- getClosestCommand (parentMap params) token
         return $ getId cmd == getId (getFirstCommandInFunction func)
 

From 4fd0615501b6909c8ca61ef080bb07b8e8de1301 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Mon, 16 Oct 2023 00:55:04 -0400
Subject: [PATCH 109/244] Stop using head in isLeadingNumberVar

---
 src/ShellCheck/Analytics.hs | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 3cebb24..5f77f77 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -4378,9 +4378,8 @@ checkEqualsInCommand params originalToken =
         return $ isVariableName str
 
     isLeadingNumberVar s =
-        let lead = takeWhile (/= '=') s
-        in not (null lead) && isDigit (head lead)
-            && all isVariableChar lead && not (all isDigit lead)
+        case takeWhile (/= '=') s of
+            lead@(x:_) -> isDigit x && all isVariableChar lead && not (all isDigit lead)
 
     msg cmd leading (T_Literal litId s) = do
         -- There are many different cases, and the order of the branches matter.

From 2a95bc6be3c9fe411e1ddb96e78b467ef2347bdb Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Mon, 16 Oct 2023 20:00:31 -0400
Subject: [PATCH 110/244] Switch to getLiteralStringDef to avoid an unnecessary
 fromJust

---
 src/ShellCheck/CFG.hs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ShellCheck/CFG.hs b/src/ShellCheck/CFG.hs
index f882adc..2fe11e7 100644
--- a/src/ShellCheck/CFG.hs
+++ b/src/ShellCheck/CFG.hs
@@ -1058,7 +1058,7 @@ handleCommand cmd vars args literalCmd = do
             let
                 id = getId t
                 pre = [t]
-                literal = fromJust $ getLiteralStringExt (const $ Just "\0") t
+                literal = getLiteralStringDef "\0" t
                 isKnown = '\0' `notElem` literal
                 match = fmap head $ variableAssignRegex `matchRegex` literal
                 name = fromMaybe literal match

From 1aeab287e62ab562142fdb8a42e3f486f93216dd Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Fri, 3 Nov 2023 01:33:49 -0400
Subject: [PATCH 111/244] Add nil case that went missing in 4fd0615

---
 src/ShellCheck/Analytics.hs | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 5f77f77..dadf512 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -4380,6 +4380,7 @@ checkEqualsInCommand params originalToken =
     isLeadingNumberVar s =
         case takeWhile (/= '=') s of
             lead@(x:_) -> isDigit x && all isVariableChar lead && not (all isDigit lead)
+            [] -> False
 
     msg cmd leading (T_Literal litId s) = do
         -- There are many different cases, and the order of the branches matter.

From be8e4b2b8aac4177ef31092397f1ea2cad8e66ad Mon Sep 17 00:00:00 2001
From: Grische <github@grische.xyz>
Date: Sat, 25 Nov 2023 12:44:46 +0100
Subject: [PATCH 112/244] add basic busybox sh support

---
 CHANGELOG.md                  | 1 +
 src/ShellCheck/ASTLib.hs      | 7 ++++---
 src/ShellCheck/Analytics.hs   | 4 ++--
 src/ShellCheck/AnalyzerLib.hs | 4 ++--
 src/ShellCheck/Data.hs        | 2 ++
 src/ShellCheck/Interface.hs   | 5 ++---
 src/ShellCheck/Parser.hs      | 5 +++--
 7 files changed, 16 insertions(+), 12 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b9ce1fb..897aa27 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,6 +9,7 @@
 - SC3015: Warn bashism `test _ =~ _` like in [ ]
 - SC3016: Warn bashism `test -v _` like in [ ]
 - SC3017: Warn bashism `test -a _` like in [ ]
+- Added support for busybox sh
 
 ### Fixed
 - source statements with here docs now work correctly
diff --git a/src/ShellCheck/ASTLib.hs b/src/ShellCheck/ASTLib.hs
index 64fa762..cf55498 100644
--- a/src/ShellCheck/ASTLib.hs
+++ b/src/ShellCheck/ASTLib.hs
@@ -758,8 +758,8 @@ prop_executableFromShebang6 = executableFromShebang "/usr/bin/env --split-string
 prop_executableFromShebang7 = executableFromShebang "/usr/bin/env --split-string bash -x" == "bash"
 prop_executableFromShebang8 = executableFromShebang "/usr/bin/env --split-string foo=bar bash -x" == "bash"
 prop_executableFromShebang9 = executableFromShebang "/usr/bin/env foo=bar dash" == "dash"
-prop_executableFromShebang10 = executableFromShebang "/bin/busybox sh" == "ash"
-prop_executableFromShebang11 = executableFromShebang "/bin/busybox ash" == "ash"
+prop_executableFromShebang10 = executableFromShebang "/bin/busybox sh" == "busybox sh"
+prop_executableFromShebang11 = executableFromShebang "/bin/busybox ash" == "busybox ash"
 
 -- Get the shell executable from a string like '/usr/bin/env bash'
 executableFromShebang :: String -> String
@@ -776,7 +776,8 @@ executableFromShebang = shellFor
             [x] -> basename x
             (first:second:args) | basename first == "busybox" ->
                 case basename second of
-                   "sh" -> "ash" -- busybox sh is ash
+                   "sh" -> "busybox sh"
+                   "ash" -> "busybox ash"
                    x -> x
             (first:args) | basename first == "env" ->
                 fromEnvArgs args
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index dadf512..5df2f35 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -646,10 +646,10 @@ prop_checkShebang9 = verifyNotTree checkShebang "# shellcheck shell=sh\ntrue"
 prop_checkShebang10 = verifyNotTree checkShebang "#!foo\n# shellcheck shell=sh ignore=SC2239\ntrue"
 prop_checkShebang11 = verifyTree checkShebang "#!/bin/sh/\ntrue"
 prop_checkShebang12 = verifyTree checkShebang "#!/bin/sh/ -xe\ntrue"
-prop_checkShebang13 = verifyTree checkShebang "#!/bin/busybox sh"
+prop_checkShebang13 = verifyNotTree checkShebang "#!/bin/busybox sh"
 prop_checkShebang14 = verifyNotTree checkShebang "#!/bin/busybox sh\n# shellcheck shell=sh\n"
 prop_checkShebang15 = verifyNotTree checkShebang "#!/bin/busybox sh\n# shellcheck shell=dash\n"
-prop_checkShebang16 = verifyTree checkShebang "#!/bin/busybox ash"
+prop_checkShebang16 = verifyNotTree checkShebang "#!/bin/busybox ash"
 prop_checkShebang17 = verifyNotTree checkShebang "#!/bin/busybox ash\n# shellcheck shell=dash\n"
 prop_checkShebang18 = verifyNotTree checkShebang "#!/bin/busybox ash\n# shellcheck shell=sh\n"
 checkShebang params (T_Annotation _ list t) =
diff --git a/src/ShellCheck/AnalyzerLib.hs b/src/ShellCheck/AnalyzerLib.hs
index ca928fd..d864e32 100644
--- a/src/ShellCheck/AnalyzerLib.hs
+++ b/src/ShellCheck/AnalyzerLib.hs
@@ -284,8 +284,8 @@ prop_determineShell7 = determineShellTest "#! /bin/ash" == Dash
 prop_determineShell8 = determineShellTest' (Just Ksh) "#!/bin/sh" == Sh
 prop_determineShell9 = determineShellTest "#!/bin/env -S dash -x" == Dash
 prop_determineShell10 = determineShellTest "#!/bin/env --split-string= dash -x" == Dash
-prop_determineShell11 = determineShellTest "#!/bin/busybox sh" == Dash -- busybox sh is a specific shell, not posix sh
-prop_determineShell12 = determineShellTest "#!/bin/busybox ash" == Dash
+prop_determineShell11 = determineShellTest "#!/bin/busybox sh" == BusyboxSh -- busybox sh is a specific shell, not posix sh
+prop_determineShell12 = determineShellTest "#!/bin/busybox ash" == BusyboxSh
 
 determineShellTest = determineShellTest' Nothing
 determineShellTest' fallbackShell = determineShell fallbackShell . fromJust . prRoot . pScript
diff --git a/src/ShellCheck/Data.hs b/src/ShellCheck/Data.hs
index 550ff87..6a87123 100644
--- a/src/ShellCheck/Data.hs
+++ b/src/ShellCheck/Data.hs
@@ -156,6 +156,8 @@ shellForExecutable name =
         "sh"    -> return Sh
         "bash"  -> return Bash
         "bats"  -> return Bash
+        "busybox sh"  -> return BusyboxSh
+        "busybox ash"  -> return BusyboxSh
         "dash"  -> return Dash
         "ash"   -> return Dash -- There's also a warning for this.
         "ksh"   -> return Ksh
diff --git a/src/ShellCheck/Interface.hs b/src/ShellCheck/Interface.hs
index 077212f..c574cee 100644
--- a/src/ShellCheck/Interface.hs
+++ b/src/ShellCheck/Interface.hs
@@ -28,7 +28,7 @@ module ShellCheck.Interface
     , AnalysisSpec(asScript, asShellType, asFallbackShell, asExecutionMode, asCheckSourced, asTokenPositions, asOptionalChecks)
     , AnalysisResult(arComments)
     , FormatterOptions(foColorOption, foWikiLinkCount)
-    , Shell(Ksh, Sh, Bash, Dash)
+    , Shell(Ksh, Sh, Bash, Dash, BusyboxSh)
     , ExecutionMode(Executed, Sourced)
     , ErrorMessage
     , Code
@@ -221,7 +221,7 @@ newCheckDescription = CheckDescription {
     }
 
 -- Supporting data types
-data Shell = Ksh | Sh | Bash | Dash deriving (Show, Eq)
+data Shell = Ksh | Sh | Bash | Dash | BusyboxSh deriving (Show, Eq)
 data ExecutionMode = Executed | Sourced deriving (Show, Eq)
 
 type ErrorMessage = String
@@ -335,4 +335,3 @@ mockedSystemInterface files = (newSystemInterface :: SystemInterface Identity) {
 mockRcFile rcfile mock = mock {
     siGetConfig = const . return $ Just (".shellcheckrc", rcfile)
 }
-
diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index ffc58e2..abd4d94 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -3349,8 +3349,8 @@ readScriptFile sourced = do
     verifyShebang pos s = do
         case isValidShell s of
             Just True -> return ()
-            Just False -> parseProblemAt pos ErrorC 1071 "ShellCheck only supports sh/bash/dash/ksh scripts. Sorry!"
-            Nothing -> parseProblemAt pos ErrorC 1008 "This shebang was unrecognized. ShellCheck only supports sh/bash/dash/ksh. Add a 'shell' directive to specify."
+            Just False -> parseProblemAt pos ErrorC 1071 "ShellCheck only supports sh/bash/dash/ksh/'busybox sh' scripts. Sorry!"
+            Nothing -> parseProblemAt pos ErrorC 1008 "This shebang was unrecognized. ShellCheck only supports sh/bash/dash/ksh/'busybox sh'. Add a 'shell' directive to specify."
 
     isValidShell s =
         let good = null s || any (`isPrefixOf` s) goodShells
@@ -3366,6 +3366,7 @@ readScriptFile sourced = do
         "sh",
         "ash",
         "dash",
+        "busybox sh",
         "bash",
         "bats",
         "ksh"

From 1e1045e73e0c66a947390785e95d924203e837fc Mon Sep 17 00:00:00 2001
From: Grische <github@grische.xyz>
Date: Sat, 25 Nov 2023 12:52:32 +0100
Subject: [PATCH 113/244] make busybox sh Dash-like

---
 src/ShellCheck/Analytics.hs           |  6 +++++-
 src/ShellCheck/AnalyzerLib.hs         |  4 ++++
 src/ShellCheck/Checks/Commands.hs     |  4 ++--
 src/ShellCheck/Checks/ShellSupport.hs | 12 +++++++-----
 4 files changed, 18 insertions(+), 8 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 5df2f35..108682a 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -1204,6 +1204,7 @@ checkNumberComparisons params (TC_Binary id typ op lhs rhs) = do
             case shellType params of
                 Sh -> return ()  -- These are unsupported and will be caught by bashism checks.
                 Dash -> err id 2073 $ "Escape \\" ++ op ++ " to prevent it redirecting."
+                BusyboxSh -> err id 2073 $ "Escape \\" ++ op ++ " to prevent it redirecting."
                 _ -> err id 2073 $ "Escape \\" ++ op ++ " to prevent it redirecting (or switch to [[ .. ]])."
 
     when (op `elem` arithmeticBinaryTestOps) $ do
@@ -2782,6 +2783,7 @@ checkFunctionDeclarations params
             when (hasKeyword && hasParens) $
                 err id 2111 "ksh does not allow 'function' keyword and '()' at the same time."
         Dash -> forSh
+        BusyboxSh -> forSh
         Sh   -> forSh
 
     where
@@ -4044,7 +4046,8 @@ prop_checkModifiedArithmeticInRedirection3 = verifyNot checkModifiedArithmeticIn
 prop_checkModifiedArithmeticInRedirection4 = verify checkModifiedArithmeticInRedirection "cat <<< $((i++))"
 prop_checkModifiedArithmeticInRedirection5 = verify checkModifiedArithmeticInRedirection "cat << foo\n$((i++))\nfoo\n"
 prop_checkModifiedArithmeticInRedirection6 = verifyNot checkModifiedArithmeticInRedirection "#!/bin/dash\nls > $((i=i+1))"
-checkModifiedArithmeticInRedirection params t = unless (shellType params == Dash) $
+prop_checkModifiedArithmeticInRedirection7 = verifyNot checkModifiedArithmeticInRedirection "#!/bin/busybox sh\ncat << foo\n$((i++))\nfoo\n"
+checkModifiedArithmeticInRedirection params t = unless (shellType params == Dash || shellType params == BusyboxSh) $
     case t of
         T_Redirecting _ redirs (T_SimpleCommand _ _ (_:_)) -> mapM_ checkRedirs redirs
         _ -> return ()
@@ -4356,6 +4359,7 @@ checkEqualsInCommand params originalToken =
             Bash -> errWithFix id 2277 "Use BASH_ARGV0 to assign to $0 in bash (or use [ ] to compare)." bashfix
             Ksh -> err id 2278 "$0 can't be assigned in Ksh (but it does reflect the current function)."
             Dash -> err id 2279 "$0 can't be assigned in Dash. This becomes a command name."
+            BusyboxSh -> err id 2279 "$0 can't be assigned in Busybox Ash. This becomes a command name."
             _ -> err id 2280 "$0 can't be assigned this way, and there is no portable alternative."
     leadingNumberMsg id =
         err id 2282 "Variable names can't start with numbers, so this is interpreted as a command."
diff --git a/src/ShellCheck/AnalyzerLib.hs b/src/ShellCheck/AnalyzerLib.hs
index d864e32..4990822 100644
--- a/src/ShellCheck/AnalyzerLib.hs
+++ b/src/ShellCheck/AnalyzerLib.hs
@@ -206,18 +206,21 @@ makeParameters spec = params
             case shellType params of
                 Bash -> isOptionSet "lastpipe" root
                 Dash -> False
+                BusyboxSh -> False
                 Sh   -> False
                 Ksh  -> True,
         hasInheritErrexit =
             case shellType params of
                 Bash -> isOptionSet "inherit_errexit" root
                 Dash -> True
+                BusyboxSh -> True
                 Sh   -> True
                 Ksh  -> False,
         hasPipefail =
             case shellType params of
                 Bash -> isOptionSet "pipefail" root
                 Dash -> True
+                BusyboxSh -> isOptionSet "pipefail" root
                 Sh   -> True
                 Ksh  -> isOptionSet "pipefail" root,
         shellTypeSpecified = isJust (asShellType spec) || isJust (asFallbackShell spec),
@@ -899,6 +902,7 @@ isBashLike params =
         Bash -> True
         Ksh -> True
         Dash -> False
+        BusyboxSh -> False
         Sh -> False
 
 isTrueAssignmentSource c =
diff --git a/src/ShellCheck/Checks/Commands.hs b/src/ShellCheck/Checks/Commands.hs
index 691836f..8be60a7 100644
--- a/src/ShellCheck/Checks/Commands.hs
+++ b/src/ShellCheck/Checks/Commands.hs
@@ -930,7 +930,7 @@ prop_checkTimedCommand2 = verify checkTimedCommand "#!/bin/dash\ntime ( foo; bar
 prop_checkTimedCommand3 = verifyNot checkTimedCommand "#!/bin/sh\ntime sleep 1"
 checkTimedCommand = CommandCheck (Exactly "time") f where
     f (T_SimpleCommand _ _ (c:args@(_:_))) =
-        whenShell [Sh, Dash] $ do
+        whenShell [Sh, Dash, BusyboxSh] $ do
             let cmd = last args -- "time" is parsed with a command as argument
             when (isPiped cmd) $
                 warn (getId c) 2176 "'time' is undefined for pipelines. time single stage or bash -c instead."
@@ -954,7 +954,7 @@ checkTimedCommand = CommandCheck (Exactly "time") f where
 prop_checkLocalScope1 = verify checkLocalScope "local foo=3"
 prop_checkLocalScope2 = verifyNot checkLocalScope "f() { local foo=3; }"
 checkLocalScope = CommandCheck (Exactly "local") $ \t ->
-    whenShell [Bash, Dash] $ do -- Ksh allows it, Sh doesn't support local
+    whenShell [Bash, Dash, BusyboxSh] $ do -- Ksh allows it, Sh doesn't support local
         path <- getPathM t
         unless (any isFunctionLike path) $
             err (getId $ getCommandTokenOrThis t) 2168 "'local' is only valid in functions."
diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index 1f012d2..7112b92 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -76,7 +76,7 @@ verifyNot c s = producesComments (testChecker c) s == Just False
 prop_checkForDecimals1 = verify checkForDecimals "((3.14*c))"
 prop_checkForDecimals2 = verify checkForDecimals "foo[1.2]=bar"
 prop_checkForDecimals3 = verifyNot checkForDecimals "declare -A foo; foo[1.2]=bar"
-checkForDecimals = ForShell [Sh, Dash, Bash] f
+checkForDecimals = ForShell [Sh, Dash, BusyboxSh, Bash] f
   where
     f t@(TA_Expansion id _) = sequence_ $ do
         str <- getLiteralString t
@@ -196,14 +196,16 @@ prop_checkBashisms101 = verify checkBashisms "read"
 prop_checkBashisms102 = verifyNot checkBashisms "read -r foo"
 prop_checkBashisms103 = verifyNot checkBashisms "read foo"
 prop_checkBashisms104 = verifyNot checkBashisms "read ''"
-checkBashisms = ForShell [Sh, Dash] $ \t -> do
+prop_checkBashisms105 = verifyNot checkBashisms "#!/bin/busybox sh\nset -o pipefail"
+checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
     params <- ask
     kludge params t
  where
   -- This code was copy-pasted from Analytics where params was a variable
   kludge params = bashism
    where
-    isDash = shellType params == Dash
+    isBusyboxSh = shellType params == BusyboxSh
+    isDash = shellType params == Dash || isBusyboxSh
     warnMsg id code s =
         if isDash
         then err  id code $ "In dash, " ++ s ++ " not supported."
@@ -590,7 +592,7 @@ checkPS1Assignments = ForShell [Bash] f
 
 prop_checkMultipleBangs1 = verify checkMultipleBangs "! ! true"
 prop_checkMultipleBangs2 = verifyNot checkMultipleBangs "! true"
-checkMultipleBangs = ForShell [Dash, Sh] f
+checkMultipleBangs = ForShell [Dash, BusyboxSh, Sh] f
   where
     f token = case token of
         T_Banged id (T_Banged _ _) ->
@@ -601,7 +603,7 @@ checkMultipleBangs = ForShell [Dash, Sh] f
 prop_checkBangAfterPipe1 = verify checkBangAfterPipe "true | ! true"
 prop_checkBangAfterPipe2 = verifyNot checkBangAfterPipe "true | ( ! true )"
 prop_checkBangAfterPipe3 = verifyNot checkBangAfterPipe "! ! true | true"
-checkBangAfterPipe = ForShell [Dash, Sh, Bash] f
+checkBangAfterPipe = ForShell [Dash, BusyboxSh, Sh, Bash] f
   where
     f token = case token of
         T_Pipeline _ _ cmds -> mapM_ check cmds

From 00ffd2db33724c31d8857d278379f8140a3f5fce Mon Sep 17 00:00:00 2001
From: Grische <github@grische.xyz>
Date: Sat, 25 Nov 2023 13:50:23 +0100
Subject: [PATCH 114/244] silence SC3010 for busybox sh

---
 src/ShellCheck/Checks/ShellSupport.hs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index 7112b92..9ade1c1 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -197,6 +197,7 @@ prop_checkBashisms102 = verifyNot checkBashisms "read -r foo"
 prop_checkBashisms103 = verifyNot checkBashisms "read foo"
 prop_checkBashisms104 = verifyNot checkBashisms "read ''"
 prop_checkBashisms105 = verifyNot checkBashisms "#!/bin/busybox sh\nset -o pipefail"
+prop_checkBashisms106 = verifyNot checkBashisms "#!/bin/busybox sh\nx=x\n[[ \"$x\" = \"$x\" ]]"
 checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
     params <- ask
     kludge params t
@@ -221,7 +222,8 @@ checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
     bashism (T_DollarBracket id _) = warnMsg id 3007 "$[..] in place of $((..)) is"
     bashism (T_SelectIn id _ _ _) = warnMsg id 3008 "select loops are"
     bashism (T_BraceExpansion id _) = warnMsg id 3009 "brace expansion is"
-    bashism (T_Condition id DoubleBracket _) = warnMsg id 3010 "[[ ]] is"
+    bashism (T_Condition id DoubleBracket _) =
+        unless isBusyboxSh $ warnMsg id 3010 "[[ ]] is"
     bashism (T_HereString id _) = warnMsg id 3011 "here-strings are"
     bashism (TC_Binary id SingleBracket op _ _)
         | op `elem` [ "<", ">", "\\<", "\\>", "<=", ">=", "\\<=", "\\>="] =

From 903421fb5dff31993c07b8b25eb0d46c388cfba0 Mon Sep 17 00:00:00 2001
From: Grische <github@grische.xyz>
Date: Sat, 25 Nov 2023 13:53:13 +0100
Subject: [PATCH 115/244] silence SC3014 for busybox sh

---
 src/ShellCheck/Checks/ShellSupport.hs | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index 9ade1c1..e1a09dd 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -198,6 +198,7 @@ prop_checkBashisms103 = verifyNot checkBashisms "read foo"
 prop_checkBashisms104 = verifyNot checkBashisms "read ''"
 prop_checkBashisms105 = verifyNot checkBashisms "#!/bin/busybox sh\nset -o pipefail"
 prop_checkBashisms106 = verifyNot checkBashisms "#!/bin/busybox sh\nx=x\n[[ \"$x\" = \"$x\" ]]"
+prop_checkBashisms107 = verifyNot checkBashisms "#!/bin/busybox sh\nx=x\n[ \"$x\" == \"$x\" ]"
 checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
     params <- ask
     kludge params t
@@ -238,9 +239,9 @@ checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
         | op `elem` [ "-ot", "-nt", "-ef" ] =
             unless isDash $ warnMsg id 3013 $ op ++ " is"
     bashism (TC_Binary id SingleBracket "==" _ _) =
-            warnMsg id 3014 "== in place of = is"
+        unless isBusyboxSh $ warnMsg id 3014 "== in place of = is"
     bashism (T_SimpleCommand id _ [asStr -> Just "test", lhs, asStr -> Just "==", rhs]) =
-            warnMsg id 3014 "== in place of = is"
+        unless isBusyboxSh $ warnMsg id 3014 "== in place of = is"
     bashism (TC_Binary id SingleBracket "=~" _ _) =
             warnMsg id 3015 "=~ regex matching is"
     bashism (T_SimpleCommand id _ [asStr -> Just "test", lhs, asStr -> Just "=~", rhs]) =

From ac63dc33c9b9b3576bc6e3f44049a9e6a53dfaea Mon Sep 17 00:00:00 2001
From: Grische <github@grische.xyz>
Date: Sat, 25 Nov 2023 13:55:07 +0100
Subject: [PATCH 116/244] silence SC3020 for busybox sh

---
 src/ShellCheck/Checks/ShellSupport.hs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index e1a09dd..4409751 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -199,6 +199,7 @@ prop_checkBashisms104 = verifyNot checkBashisms "read ''"
 prop_checkBashisms105 = verifyNot checkBashisms "#!/bin/busybox sh\nset -o pipefail"
 prop_checkBashisms106 = verifyNot checkBashisms "#!/bin/busybox sh\nx=x\n[[ \"$x\" = \"$x\" ]]"
 prop_checkBashisms107 = verifyNot checkBashisms "#!/bin/busybox sh\nx=x\n[ \"$x\" == \"$x\" ]"
+prop_checkBashisms108 = verifyNot checkBashisms "#!/bin/busybox sh\necho magic &> /dev/null"
 checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
     params <- ask
     kludge params t
@@ -258,7 +259,8 @@ checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
         | op `elem` [ "|++", "|--", "++|", "--|"] =
             warnMsg id 3018 $ filter (/= '|') op ++ " is"
     bashism (TA_Binary id "**" _ _) = warnMsg id 3019 "exponentials are"
-    bashism (T_FdRedirect id "&" (T_IoFile _ (T_Greater _) _)) = warnMsg id 3020 "&> is"
+    bashism (T_FdRedirect id "&" (T_IoFile _ (T_Greater _) _)) =
+        unless isBusyboxSh $ warnMsg id 3020 "&> is"
     bashism (T_FdRedirect id "" (T_IoFile _ (T_GREATAND _) file)) =
         unless (all isDigit $ onlyLiteralString file) $ warnMsg id 3021 ">& filename (as opposed to >& fd) is"
     bashism (T_FdRedirect id ('{':_) _) = warnMsg id 3022 "named file descriptors are"

From a3b8be82fe2b5d41837463bf81b1a92bb84e3835 Mon Sep 17 00:00:00 2001
From: Grische <github@grische.xyz>
Date: Sat, 25 Nov 2023 13:58:49 +0100
Subject: [PATCH 117/244] silence SC3048 for busybox sh

---
 src/ShellCheck/Checks/ShellSupport.hs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index 4409751..6ebdd70 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -200,6 +200,7 @@ prop_checkBashisms105 = verifyNot checkBashisms "#!/bin/busybox sh\nset -o pipef
 prop_checkBashisms106 = verifyNot checkBashisms "#!/bin/busybox sh\nx=x\n[[ \"$x\" = \"$x\" ]]"
 prop_checkBashisms107 = verifyNot checkBashisms "#!/bin/busybox sh\nx=x\n[ \"$x\" == \"$x\" ]"
 prop_checkBashisms108 = verifyNot checkBashisms "#!/bin/busybox sh\necho magic &> /dev/null"
+prop_checkBashisms109 = verifyNot checkBashisms "#!/bin/busybox sh\ntrap stop EXIT SIGTERM"
 checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
     params <- ask
     kludge params t
@@ -399,7 +400,7 @@ checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
                         return $ do
                             when (upper `elem` ["ERR", "DEBUG", "RETURN"]) $
                                 warnMsg (getId token) 3047 $ "trapping " ++ str ++ " is"
-                            when ("SIG" `isPrefixOf` upper) $
+                            when (not isBusyboxSh && "SIG" `isPrefixOf` upper) $
                                 warnMsg (getId token) 3048
                                     "prefixing signal names with 'SIG' is"
                             when (not isDash && upper /= str) $

From ca255fe3263e53c7cb21618eac7d5e52e5c0a665 Mon Sep 17 00:00:00 2001
From: Grische <github@grische.xyz>
Date: Sat, 25 Nov 2023 14:04:11 +0100
Subject: [PATCH 118/244] silence SC3046 and SC3051 for busybox sh

---
 src/ShellCheck/Checks/ShellSupport.hs | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index 6ebdd70..f4c93fc 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -201,6 +201,7 @@ prop_checkBashisms106 = verifyNot checkBashisms "#!/bin/busybox sh\nx=x\n[[ \"$x
 prop_checkBashisms107 = verifyNot checkBashisms "#!/bin/busybox sh\nx=x\n[ \"$x\" == \"$x\" ]"
 prop_checkBashisms108 = verifyNot checkBashisms "#!/bin/busybox sh\necho magic &> /dev/null"
 prop_checkBashisms109 = verifyNot checkBashisms "#!/bin/busybox sh\ntrap stop EXIT SIGTERM"
+prop_checkBashisms110 = verifyNot checkBashisms "#!/bin/busybox sh\nsource /dev/null"
 checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
     params <- ask
     kludge params t
@@ -391,7 +392,8 @@ checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
                     (\x -> (not . null . snd $ x) && snd x `notElem` allowed) flags
                 return . warnMsg (getId word) 3045 $ name ++ " -" ++ flag ++ " is"
 
-            when (name == "source") $ warnMsg id 3046 "'source' in place of '.' is"
+            when (name == "source" && not isBusyboxSh) $
+                warnMsg id 3046 "'source' in place of '.' is"
             when (name == "trap") $
                 let
                     check token = sequence_ $ do
@@ -440,7 +442,9 @@ checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
             ("wait", Just [])
             ]
     bashism t@(T_SourceCommand id src _)
-        | getCommandName src == Just "source" = warnMsg id 3051 "'source' in place of '.' is"
+      | getCommandName src == Just "source" =
+          unless isBusyboxSh $
+            warnMsg id 3051 "'source' in place of '.' is"
     bashism (TA_Expansion _ (T_Literal id str : _))
         | str `matches` radix = warnMsg id 3052 "arithmetic base conversion is"
       where

From fdcce458c189848b76d3779e35581cd012af201d Mon Sep 17 00:00:00 2001
From: Grische <github@grische.xyz>
Date: Sat, 25 Nov 2023 15:10:44 +0100
Subject: [PATCH 119/244] silence some shell expansions for busybox sh

---
 src/ShellCheck/Checks/ShellSupport.hs | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index f4c93fc..e652cb5 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -202,6 +202,15 @@ prop_checkBashisms107 = verifyNot checkBashisms "#!/bin/busybox sh\nx=x\n[ \"$x\
 prop_checkBashisms108 = verifyNot checkBashisms "#!/bin/busybox sh\necho magic &> /dev/null"
 prop_checkBashisms109 = verifyNot checkBashisms "#!/bin/busybox sh\ntrap stop EXIT SIGTERM"
 prop_checkBashisms110 = verifyNot checkBashisms "#!/bin/busybox sh\nsource /dev/null"
+prop_checkBashisms111 = verify checkBashisms "#!/bin/dash\nx='test'\n${x:0:3}" -- SC3057
+prop_checkBashisms112 = verifyNot checkBashisms "#!/bin/busybox sh\nx='test'\n${x:0:3}" -- SC3057
+prop_checkBashisms113 = verify checkBashisms "#!/bin/dash\nx='test'\n${x/st/xt}" -- SC3060
+prop_checkBashisms114 = verifyNot checkBashisms "#!/bin/busybox sh\nx='test'\n${x/st/xt}" -- SC3060
+prop_checkBashisms115 = verify checkBashisms "#!/bin/busybox sh\nx='test'\n${!x}" -- SC3053
+prop_checkBashisms116 = verify checkBashisms "#!/bin/busybox sh\nx='test'\n${x[1]}" -- SC3054
+prop_checkBashisms117 = verify checkBashisms "#!/bin/busybox sh\nx='test'\n${!x[@]}" -- SC3055
+prop_checkBashisms118 = verify checkBashisms "#!/bin/busybox sh\nxyz=1\n${!x*}" -- SC3056
+prop_checkBashisms119 = verify checkBashisms "#!/bin/busybox sh\nx='test'\n${x^^[t]}" -- SC3059
 checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
     params <- ask
     kludge params t
@@ -282,7 +291,8 @@ checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
         warnMsg id 3028 $ str ++ " is"
 
     bashism t@(T_DollarBraced id _ token) = do
-        mapM_ check expansion
+        unless isBusyboxSh $ mapM_ check simpleExpansions
+        mapM_ check advancedExpansions
         when (isBashVariable var) $
             warnMsg id 3028 $ var ++ " is"
       where
@@ -452,14 +462,16 @@ checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
     bashism _ = return ()
 
     varChars="_0-9a-zA-Z"
-    expansion = let re = mkRegex in [
+    advancedExpansions = let re = mkRegex in [
         (re $ "^![" ++ varChars ++ "]", 3053, "indirect expansion is"),
         (re $ "^[" ++ varChars ++ "]+\\[.*\\]$", 3054, "array references are"),
         (re $ "^![" ++ varChars ++ "]+\\[[*@]]$", 3055, "array key expansion is"),
         (re $ "^![" ++ varChars ++ "]+[*@]$", 3056, "name matching prefixes are"),
+        (re $ "^[" ++ varChars ++ "*@]+(\\[.*\\])?[,^]", 3059, "case modification is")
+        ]
+    simpleExpansions = let re = mkRegex in [
         (re $ "^[" ++ varChars ++ "*@]+:[^-=?+]", 3057, "string indexing is"),
         (re $ "^([*@][%#]|#[@*])", 3058, "string operations on $@/$* are"),
-        (re $ "^[" ++ varChars ++ "*@]+(\\[.*\\])?[,^]", 3059, "case modification is"),
         (re $ "^[" ++ varChars ++ "*@]+(\\[.*\\])?/", 3060, "string replacement is")
         ]
     bashVars = [

From b6d4952e2e0602c894f6d9f28e7004c205cbcae7 Mon Sep 17 00:00:00 2001
From: Andreas Abel <andreas.abel@ifi.lmu.de>
Date: Wed, 6 Dec 2023 18:41:53 +0100
Subject: [PATCH 120/244] Testsuite: report which module failed the tests

This also fixes the problem that the testsuite threw `exitFailure`
even when it succeeded (which I found inexplicable).

Once this is published, the testsuite could be enabled in Stackage again.
---
 .gitignore         |  1 +
 test/shellcheck.hs | 37 ++++++++++++++++++++-----------------
 2 files changed, 21 insertions(+), 17 deletions(-)

diff --git a/.gitignore b/.gitignore
index 6d5f1ae..cf373a8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -20,3 +20,4 @@ cabal.config
 /parts/
 /prime/
 *.snap
+/dist-newstyle/
diff --git a/test/shellcheck.hs b/test/shellcheck.hs
index 1a272af..d5e056d 100644
--- a/test/shellcheck.hs
+++ b/test/shellcheck.hs
@@ -18,21 +18,24 @@ import qualified ShellCheck.Parser
 
 main = do
     putStrLn "Running ShellCheck tests..."
-    results <- sequence [
-        ShellCheck.Analytics.runTests
-        ,ShellCheck.AnalyzerLib.runTests
-        ,ShellCheck.ASTLib.runTests
-        ,ShellCheck.CFG.runTests
-        ,ShellCheck.CFGAnalysis.runTests
-        ,ShellCheck.Checker.runTests
-        ,ShellCheck.Checks.Commands.runTests
-        ,ShellCheck.Checks.ControlFlow.runTests
-        ,ShellCheck.Checks.Custom.runTests
-        ,ShellCheck.Checks.ShellSupport.runTests
-        ,ShellCheck.Fixer.runTests
-        ,ShellCheck.Formatter.Diff.runTests
-        ,ShellCheck.Parser.runTests
+    failures <- filter (not . snd) <$> mapM sequenceA tests
+    if null failures then exitSuccess else do
+      putStrLn "Tests failed for the following module(s):"
+      mapM (putStrLn . ("- ShellCheck." ++) . fst) failures
+      exitFailure
+  where
+    tests =
+      [ ("Analytics"          , ShellCheck.Analytics.runTests)
+      , ("AnalyzerLib"        , ShellCheck.AnalyzerLib.runTests)
+      , ("ASTLib"             , ShellCheck.ASTLib.runTests)
+      , ("CFG"                , ShellCheck.CFG.runTests)
+      , ("CFGAnalysis"        , ShellCheck.CFGAnalysis.runTests)
+      , ("Checker"            , ShellCheck.Checker.runTests)
+      , ("Checks.Commands"    , ShellCheck.Checks.Commands.runTests)
+      , ("Checks.ControlFlow" , ShellCheck.Checks.ControlFlow.runTests)
+      , ("Checks.Custom"      , ShellCheck.Checks.Custom.runTests)
+      , ("Checks.ShellSupport", ShellCheck.Checks.ShellSupport.runTests)
+      , ("Fixer"              , ShellCheck.Fixer.runTests)
+      , ("Formatter.Diff"     , ShellCheck.Formatter.Diff.runTests)
+      , ("Parser"             , ShellCheck.Parser.runTests)
       ]
-    if and results
-      then exitSuccess
-      else exitFailure

From 74282b0a9319bdcc0e3a4a17e2db1969e1c73be2 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 10 Dec 2023 17:05:29 -0800
Subject: [PATCH 121/244] Recognize 'busybox' in --shell and directives. Add to
 doc texts.

---
 shellcheck.1.md                       | 3 ++-
 shellcheck.hs                         | 2 +-
 src/ShellCheck/Checks/ShellSupport.hs | 2 ++
 src/ShellCheck/Data.hs                | 1 +
 4 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/shellcheck.1.md b/shellcheck.1.md
index 9675e79..89f6d50 100644
--- a/shellcheck.1.md
+++ b/shellcheck.1.md
@@ -85,7 +85,8 @@ not warn at all, as `ksh` supports decimals in arithmetic contexts.
 
 **-s**\ *shell*,\ **--shell=***shell*
 
-:   Specify Bourne shell dialect. Valid values are *sh*, *bash*, *dash* and *ksh*.
+:   Specify Bourne shell dialect. Valid values are *sh*, *bash*, *dash*, *ksh*,
+    and *busybox*.
     The default is to deduce the shell from the file's `shell` directive,
     shebang, or `.bash/.bats/.dash/.ksh` extension, in that order. *sh* refers to
     POSIX `sh` (not the system's), and will warn of portability issues.
diff --git a/shellcheck.hs b/shellcheck.hs
index 6be9bb1..6f12238 100644
--- a/shellcheck.hs
+++ b/shellcheck.hs
@@ -115,7 +115,7 @@ options = [
         "Specify path when looking for sourced files (\"SCRIPTDIR\" for script's dir)",
     Option "s" ["shell"]
         (ReqArg (Flag "shell") "SHELLNAME")
-        "Specify dialect (sh, bash, dash, ksh)",
+        "Specify dialect (sh, bash, dash, ksh, busybox)",
     Option "S" ["severity"]
         (ReqArg (Flag "severity") "SEVERITY")
         "Minimum severity of errors to consider (error, warning, info, style)",
diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index e652cb5..d070497 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -211,6 +211,8 @@ prop_checkBashisms116 = verify checkBashisms "#!/bin/busybox sh\nx='test'\n${x[1
 prop_checkBashisms117 = verify checkBashisms "#!/bin/busybox sh\nx='test'\n${!x[@]}" -- SC3055
 prop_checkBashisms118 = verify checkBashisms "#!/bin/busybox sh\nxyz=1\n${!x*}" -- SC3056
 prop_checkBashisms119 = verify checkBashisms "#!/bin/busybox sh\nx='test'\n${x^^[t]}" -- SC3059
+prop_checkBashisms120 = verify checkBashisms "#!/bin/sh\n[ x == y ]"
+prop_checkBashisms121 = verifyNot checkBashisms "#!/bin/sh\n# shellcheck shell=busybox\n[ x == y ]"
 checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
     params <- ask
     kludge params t
diff --git a/src/ShellCheck/Data.hs b/src/ShellCheck/Data.hs
index 6a87123..917142e 100644
--- a/src/ShellCheck/Data.hs
+++ b/src/ShellCheck/Data.hs
@@ -156,6 +156,7 @@ shellForExecutable name =
         "sh"    -> return Sh
         "bash"  -> return Bash
         "bats"  -> return Bash
+        "busybox"  -> return BusyboxSh -- Used for directives and --shell=busybox
         "busybox sh"  -> return BusyboxSh
         "busybox ash"  -> return BusyboxSh
         "dash"  -> return Dash

From f2729f73cbffde5ef332ce943bc07021302781ab Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 10 Dec 2023 17:57:33 -0800
Subject: [PATCH 122/244] Abuse STRIP to avoid crashes on unsupported AST nodes

---
 src/ShellCheck/CFG.hs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/CFG.hs b/src/ShellCheck/CFG.hs
index 2fe11e7..0cd6326 100644
--- a/src/ShellCheck/CFG.hs
+++ b/src/ShellCheck/CFG.hs
@@ -887,7 +887,9 @@ build t = do
         T_Less _ -> none
         T_ParamSubSpecialChar _ _ -> none
 
-        x -> error ("Unimplemented: " ++ show x)
+        x -> do
+            error ("Unimplemented: " ++ show x) -- STRIP
+            none
 
 --  Still in `where` clause
     forInHelper id name words body = do

From a9e7bf1950ed50bdfbc818710085c6414f8bf20e Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 10 Dec 2023 19:13:34 -0800
Subject: [PATCH 123/244] Reparse indices after attaching here docs (fixes
 #2846)

---
 src/ShellCheck/Checker.hs | 3 +++
 src/ShellCheck/Parser.hs  | 6 +++---
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/src/ShellCheck/Checker.hs b/src/ShellCheck/Checker.hs
index c79f90f..6c9166f 100644
--- a/src/ShellCheck/Checker.hs
+++ b/src/ShellCheck/Checker.hs
@@ -516,6 +516,9 @@ prop_hereDocsAreParsedWithoutTrailingLinefeed = 1044 `elem` result
   where
     result = check "cat << eof"
 
+prop_hereDocsWillHaveParsedIndices = null result
+  where
+    result = check "#!/bin/bash\nmy_array=(a b)\ncat <<EOF >> ./test\n $(( 1 + my_array[1] ))\nEOF"
 
 return []
 runTests = $quickCheckAll
diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index abd4d94..701010f 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -3339,7 +3339,8 @@ readScriptFile sourced = do
                     verifyEof
                     let script = T_Annotation annotationId annotations $
                                     T_Script id shebang commands
-                    reparseIndices script
+                    userstate <- getState
+                    reparseIndices $ reattachHereDocs script (hereDocMap userstate)
                 else do
                     many anyChar
                     id <- endSpan start
@@ -3487,8 +3488,7 @@ parseShell env name contents = do
             return newParseResult {
                 prComments = map toPositionedComment $ nub $ parseNotes userstate ++ parseProblems state,
                 prTokenPositions = Map.map startEndPosToPos (positionMap userstate),
-                prRoot = Just $
-                    reattachHereDocs script (hereDocMap userstate)
+                prRoot = Just script
             }
         Left err -> do
             let context = contextStack state

From 4c1d9171b26074e52736f3a58635d69a18326d68 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Mon, 11 Dec 2023 15:08:39 -0500
Subject: [PATCH 124/244] Remove partial head function from
 src/ShellCheck/Formatter/TTY.hs

---
 src/ShellCheck/Formatter/TTY.hs | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/ShellCheck/Formatter/TTY.hs b/src/ShellCheck/Formatter/TTY.hs
index e28696c..e503639 100644
--- a/src/ShellCheck/Formatter/TTY.hs
+++ b/src/ShellCheck/Formatter/TTY.hs
@@ -31,9 +31,9 @@ import Data.Ord
 import Data.IORef
 import Data.List
 import Data.Maybe
-import GHC.Exts
 import System.IO
 import System.Info
+import qualified Data.List.NonEmpty as NE
 
 wikiLink = "https://www.shellcheck.net/wiki/"
 
@@ -117,19 +117,19 @@ outputResult options ref result sys = do
     color <- getColorFunc $ foColorOption options
     let comments = crComments result
     appendComments ref comments (fromIntegral $ foWikiLinkCount options)
-    let fileGroups = groupWith sourceFile comments
+    let fileGroups = NE.groupWith sourceFile comments
     mapM_ (outputForFile color sys) fileGroups
 
 outputForFile color sys comments = do
-    let fileName = sourceFile (head comments)
+    let fileName = sourceFile (NE.head comments)
     result <- siReadFile sys (Just True) fileName
     let contents = either (const "") id result
     let fileLinesList = lines contents
     let lineCount = length fileLinesList
     let fileLines = listArray (1, lineCount) fileLinesList
-    let groups = groupWith lineNo comments
+    let groups = NE.groupWith lineNo comments
     forM_ groups $ \commentsForLine -> do
-        let lineNum = fromIntegral $ lineNo (head commentsForLine)
+        let lineNum = fromIntegral $ lineNo (NE.head commentsForLine)
         let line = if lineNum < 1 || lineNum > lineCount
                         then ""
                         else fileLines ! fromIntegral lineNum
@@ -139,7 +139,7 @@ outputForFile color sys comments = do
         putStrLn (color "source" line)
         forM_ commentsForLine $ \c -> putStrLn $ color (severityText c) $ cuteIndent c
         putStrLn ""
-        showFixedString color commentsForLine (fromIntegral lineNum) fileLines
+        showFixedString color (toList commentsForLine) (fromIntegral lineNum) fileLines
 
 -- Pick out only the lines necessary to show a fix in action
 sliceFile :: Fix -> Array Int String -> (Fix, Array Int String)

From e5208ccb50e3d10957c13f0b77d19936fa4842e1 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Mon, 11 Dec 2023 15:43:35 -0500
Subject: [PATCH 125/244] Remove partial head function from
 src/ShellCheck/Formatter/JSON1.hs

---
 src/ShellCheck/Formatter/JSON1.hs | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/ShellCheck/Formatter/JSON1.hs b/src/ShellCheck/Formatter/JSON1.hs
index 2169bf6..b4dbe35 100644
--- a/src/ShellCheck/Formatter/JSON1.hs
+++ b/src/ShellCheck/Formatter/JSON1.hs
@@ -27,9 +27,9 @@ import Control.DeepSeq
 import Data.Aeson
 import Data.IORef
 import Data.Monoid
-import GHC.Exts
 import System.IO
 import qualified Data.ByteString.Lazy.Char8 as BL
+import qualified Data.List.NonEmpty as NE
 
 format :: IO Formatter
 format = do
@@ -114,10 +114,10 @@ outputError file msg = hPutStrLn stderr $ file ++ ": " ++ msg
 collectResult ref cr sys = mapM_ f groups
   where
     comments = crComments cr
-    groups = groupWith sourceFile comments
-    f :: [PositionedComment] -> IO ()
+    groups = NE.groupWith sourceFile comments
+    f :: NE.NonEmpty PositionedComment -> IO ()
     f group = do
-        let filename = sourceFile (head group)
+        let filename = sourceFile (NE.head group)
         result <- siReadFile sys (Just True) filename
         let contents = either (const "") id result
         let comments' = makeNonVirtual comments contents

From 5a961371a75baea7d04ce96bf8b85e548f566e1a Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Mon, 11 Dec 2023 15:55:29 -0500
Subject: [PATCH 126/244] Remove partial head function from
 src/ShellCheck/Formatter/GCC.hs

---
 src/ShellCheck/Formatter/GCC.hs | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/ShellCheck/Formatter/GCC.hs b/src/ShellCheck/Formatter/GCC.hs
index 5106e4c..b921753 100644
--- a/src/ShellCheck/Formatter/GCC.hs
+++ b/src/ShellCheck/Formatter/GCC.hs
@@ -23,8 +23,8 @@ import ShellCheck.Interface
 import ShellCheck.Formatter.Format
 
 import Data.List
-import GHC.Exts
 import System.IO
+import qualified Data.List.NonEmpty as NE
 
 format :: IO Formatter
 format = return Formatter {
@@ -39,13 +39,13 @@ outputError file error = hPutStrLn stderr $ file ++ ": " ++ error
 outputAll cr sys = mapM_ f groups
   where
     comments = crComments cr
-    groups = groupWith sourceFile comments
-    f :: [PositionedComment] -> IO ()
+    groups = NE.groupWith sourceFile comments
+    f :: NE.NonEmpty PositionedComment -> IO ()
     f group = do
-        let filename = sourceFile (head group)
+        let filename = sourceFile (NE.head group)
         result <- siReadFile sys (Just True) filename
         let contents = either (const "") id result
-        outputResult filename contents group
+        outputResult filename contents (NE.toList group)
 
 outputResult filename contents warnings = do
     let comments = makeNonVirtual warnings contents

From e5028481e24e6e95ee11c6fae2323fca80449700 Mon Sep 17 00:00:00 2001
From: slycordinator <68940237+slycordinator@users.noreply.github.com>
Date: Thu, 14 Dec 2023 15:24:49 +0900
Subject: [PATCH 127/244] Add installation directions for winge

ShellCheck is now available on winget, so we can add it to the installation methods.
---
 README.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/README.md b/README.md
index 9d98b9d..ca9b847 100644
--- a/README.md
+++ b/README.md
@@ -194,6 +194,12 @@ On Windows (via [chocolatey](https://chocolatey.org/packages/shellcheck)):
 C:\> choco install shellcheck
 ```
 
+Or Windows (via [winget](https://github.com/microsoft/winget-pkgs)):
+
+```cmd
+C:\> winget install --id koalaman.shellcheck
+```
+
 Or Windows (via [scoop](http://scoop.sh)):
 
 ```cmd

From 09d04c4c9b7dc0c8b466a6976d901ef1fc5c52e5 Mon Sep 17 00:00:00 2001
From: Jens Petersen <juhpetersen@gmail.com>
Date: Fri, 15 Dec 2023 22:40:48 +0800
Subject: [PATCH 128/244] .cabal: allow Diff-0.5

---
 ShellCheck.cabal | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ShellCheck.cabal b/ShellCheck.cabal
index 76516db..a12f75e 100644
--- a/ShellCheck.cabal
+++ b/ShellCheck.cabal
@@ -53,7 +53,7 @@ library
       bytestring           >= 0.10.6 && < 0.13,
       containers           >= 0.5.6 && < 0.8,
       deepseq              >= 1.4.1 && < 1.6,
-      Diff                 >= 0.4.0 && < 0.5,
+      Diff                 >= 0.4.0 && < 0.6,
       fgl                  (>= 5.7.0 && < 5.8.1.0) || (>= 5.8.1.1 && < 5.9),
       filepath             >= 1.4.0 && < 1.5,
       mtl                  >= 2.2.2 && < 2.4,

From a37803d2b873329f062788f5bcfd20fca8f45edc Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Mon, 18 Dec 2023 23:57:47 -0500
Subject: [PATCH 129/244] Remove partial head function from
 src/ShellCheck/Formatter/CheckStyle.hs

---
 src/ShellCheck/Formatter/CheckStyle.hs | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/ShellCheck/Formatter/CheckStyle.hs b/src/ShellCheck/Formatter/CheckStyle.hs
index 6ad6c9c..3f898c3 100644
--- a/src/ShellCheck/Formatter/CheckStyle.hs
+++ b/src/ShellCheck/Formatter/CheckStyle.hs
@@ -24,8 +24,8 @@ import ShellCheck.Formatter.Format
 
 import Data.Char
 import Data.List
-import GHC.Exts
 import System.IO
+import qualified Data.List.NonEmpty as NE
 
 format :: IO Formatter
 format = return Formatter {
@@ -45,12 +45,12 @@ outputResults cr sys =
     else mapM_ outputGroup fileGroups
   where
     comments = crComments cr
-    fileGroups = groupWith sourceFile comments
+    fileGroups = NE.groupWith sourceFile comments
     outputGroup group = do
-        let filename = sourceFile (head group)
+        let filename = sourceFile (NE.head group)
         result <- siReadFile sys (Just True) filename
         let contents = either (const "") id result
-        outputFile filename contents group
+        outputFile filename contents (NE.toList group)
 
 outputFile filename contents warnings = do
     let comments = makeNonVirtual warnings contents

From f242922a2e76ad761f23ffba9040293811e7862a Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Tue, 19 Dec 2023 00:00:32 -0500
Subject: [PATCH 130/244] Use onlyLiteralString in more places

---
 src/ShellCheck/Analytics.hs       | 6 +++---
 src/ShellCheck/Checks/Commands.hs | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 108682a..b7844dd 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -1443,14 +1443,14 @@ prop_checkConstantNullary5 = verify checkConstantNullary "[[ true ]]"
 prop_checkConstantNullary6 = verify checkConstantNullary "[ 1 ]"
 prop_checkConstantNullary7 = verify checkConstantNullary "[ false ]"
 checkConstantNullary _ (TC_Nullary _ _ t) | isConstant t =
-    case fromMaybe "" $ getLiteralString t of
+    case onlyLiteralString t of
         "false" -> err (getId t) 2158 "[ false ] is true. Remove the brackets."
         "0" -> err (getId t) 2159 "[ 0 ] is true. Use 'false' instead."
         "true" -> style (getId t) 2160 "Instead of '[ true ]', just use 'true'."
         "1" -> style (getId t) 2161 "Instead of '[ 1 ]', use 'true'."
         _ -> err (getId t) 2078 "This expression is constant. Did you forget a $ somewhere?"
   where
-    string = fromMaybe "" $ getLiteralString t
+    string = onlyLiteralString t
 
 checkConstantNullary _ _ = return ()
 
@@ -2276,7 +2276,7 @@ checkFunctionsUsedExternally params t =
             (Just str, t) -> do
                 let name = basename str
                 let args = skipOver t argv
-                let argStrings = map (\x -> (fromMaybe "" $ getLiteralString x, x)) args
+                let argStrings = map (\x -> (onlyLiteralString x, x)) args
                 let candidates = getPotentialCommands name argStrings
                 mapM_ (checkArg name (getId t)) candidates
             _ -> return ()
diff --git a/src/ShellCheck/Checks/Commands.hs b/src/ShellCheck/Checks/Commands.hs
index 8be60a7..86fda24 100644
--- a/src/ShellCheck/Checks/Commands.hs
+++ b/src/ShellCheck/Checks/Commands.hs
@@ -186,7 +186,7 @@ checkCommand map t@(T_SimpleCommand id cmdPrefix (cmd:rest)) = sequence_ $ do
             M.findWithDefault nullCheck (Basename $ basename name) map t
         else if name == "builtin" && not (null rest) then
             let t' = T_SimpleCommand id cmdPrefix rest
-                selectedBuiltin = fromMaybe "" $ getLiteralString . head $ rest
+                selectedBuiltin = onlyLiteralString $ head rest
             in M.findWithDefault nullCheck (Exactly selectedBuiltin) map t'
         else do
             M.findWithDefault nullCheck (Exactly name) map t
@@ -299,7 +299,7 @@ checkExpr = CommandCheck (Basename "expr") f where
                     "'expr' expects 3+ arguments but sees 1. Make sure each operator/operand is a separate argument, and escape <>&|."
 
             [first, second] |
-                (fromMaybe "" $ getLiteralString first) /= "length"
+                onlyLiteralString first /= "length"
                   && not (willSplit first || willSplit second) -> do
                     checkOp first
                     warn (getId t) 2307

From c97abdb939a52beefa576d984b104eb89e7667d9 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Tue, 19 Dec 2023 00:41:12 -0500
Subject: [PATCH 131/244] Make HereDocPending only hold the relevant pieces of
 a T_HereDoc instead of an arbitrary Token

---
 src/ShellCheck/Parser.hs | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 701010f..0e2fc6d 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -160,7 +160,7 @@ data Context =
     deriving (Show)
 
 data HereDocContext =
-        HereDocPending Token [Context] -- on linefeed, read this T_HereDoc
+        HereDocPending Id Dashed Quoted String [Context] -- on linefeed, read this T_HereDoc
     deriving (Show)
 
 data UserState = UserState {
@@ -238,12 +238,12 @@ addToHereDocMap id list = do
         hereDocMap = Map.insert id list map
     }
 
-addPendingHereDoc t = do
+addPendingHereDoc id d q str = do
     state <- getState
     context <- getCurrentContexts
     let docs = pendingHereDocs state
     putState $ state {
-        pendingHereDocs = HereDocPending t context : docs
+        pendingHereDocs = HereDocPending id d q str context : docs
     }
 
 popPendingHereDocs = do
@@ -1835,7 +1835,7 @@ readHereDoc = called "here document" $ do
 
     -- add empty tokens for now, read the rest in readPendingHereDocs
     let doc = T_HereDoc hid dashed quoted endToken []
-    addPendingHereDoc doc
+    addPendingHereDoc hid dashed quoted endToken
     return doc
   where
     unquote :: String -> (Quoted, String)
@@ -1856,7 +1856,7 @@ readPendingHereDocs = do
     docs <- popPendingHereDocs
     mapM_ readDoc docs
   where
-    readDoc (HereDocPending (T_HereDoc id dashed quoted endToken _) ctx) =
+    readDoc (HereDocPending id dashed quoted endToken ctx) =
       swapContext ctx $
       do
         docStartPos <- getPosition

From c1452e0d174fe6c4c0a3775d6ee430de1bd8ccda Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Tue, 19 Dec 2023 00:53:08 -0500
Subject: [PATCH 132/244] Remove unnecessary partiality from kludgeAwayQuotes

---
 src/ShellCheck/Parser.hs | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 0e2fc6d..115de64 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -46,6 +46,7 @@ import Text.Parsec.Error
 import Text.Parsec.Pos
 import qualified Control.Monad.Reader as Mr
 import qualified Control.Monad.State as Ms
+import qualified Data.List.NonEmpty as NE
 import qualified Data.Map.Strict as Map
 
 import Test.QuickCheck.All (quickCheckAll)
@@ -2904,8 +2905,8 @@ readLetSuffix = many1 (readIoRedirect <|> try readLetExpression <|> readCmdWord)
     kludgeAwayQuotes :: String -> SourcePos -> (String, SourcePos)
     kludgeAwayQuotes s p =
         case s of
-            first:rest@(_:_) ->
-                let (last:backwards) = reverse rest
+            first:second:rest ->
+                let (last NE.:| backwards) = NE.reverse (second NE.:| rest)
                     middle = reverse backwards
                 in
                     if first `elem` "'\"" && first == last

From 208e38358e8c07688a29867235971136a8ed0092 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Tue, 19 Dec 2023 01:00:20 -0500
Subject: [PATCH 133/244] Use a list comprehension to remove partiality from
 notesForContext

---
 src/ShellCheck/Parser.hs | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 115de64..04bdbc4 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -3507,13 +3507,11 @@ parseShell env name contents = do
     -- A final pass for ignoring parse errors after failed parsing
     isIgnored stack note = any (contextItemDisablesCode False (codeForParseNote note)) stack
 
-notesForContext list = zipWith ($) [first, second] $ filter isName list
+notesForContext list = zipWith ($) [first, second] [(pos, str) | ContextName pos str <- list]
   where
-    isName (ContextName _ _) = True
-    isName _ = False
-    first (ContextName pos str) = ParseNote pos pos ErrorC 1073 $
+    first (pos, str) = ParseNote pos pos ErrorC 1073 $
         "Couldn't parse this " ++ str ++ ". Fix to allow more checks."
-    second (ContextName pos str) = ParseNote pos pos InfoC 1009 $
+    second (pos, str) = ParseNote pos pos InfoC 1009 $
         "The mentioned syntax error was in this " ++ str ++ "."
 
 -- Go over all T_UnparsedIndex and reparse them as either arithmetic or text

From 0c46b8b2d5dffcb01b5a4689f16b687bc5a5f84e Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Tue, 19 Dec 2023 01:49:04 -0500
Subject: [PATCH 134/244] Use NonEmpty to remove partiality from handleCommand

---
 src/ShellCheck/CFG.hs | 41 +++++++++++++++++++++--------------------
 1 file changed, 21 insertions(+), 20 deletions(-)

diff --git a/src/ShellCheck/CFG.hs b/src/ShellCheck/CFG.hs
index 0cd6326..5476ad5 100644
--- a/src/ShellCheck/CFG.hs
+++ b/src/ShellCheck/CFG.hs
@@ -51,6 +51,7 @@ import Control.Monad.Identity
 import Data.Array.Unboxed
 import Data.Array.ST
 import Data.List hiding (map)
+import qualified Data.List.NonEmpty as NE
 import Data.Maybe
 import qualified Data.Map as M
 import qualified Data.Set as S
@@ -857,8 +858,8 @@ build t = do
             status <- newNodeRange (CFSetExitCode id)
             linkRange assignments status
 
-        T_SimpleCommand id vars list@(cmd:_) ->
-            handleCommand t vars list $ getUnquotedLiteral cmd
+        T_SimpleCommand id vars (cmd:args) ->
+            handleCommand t vars (cmd NE.:| args) $ getUnquotedLiteral cmd
 
         T_SingleQuoted _ _ -> none
 
@@ -925,8 +926,8 @@ handleCommand cmd vars args literalCmd = do
     -- TODO: Handle assignments in declaring commands
 
     case literalCmd of
-        Just "exit" -> regularExpansion vars args $ handleExit
-        Just "return" -> regularExpansion vars args $ handleReturn
+        Just "exit" -> regularExpansion vars (NE.toList args) $ handleExit
+        Just "return" -> regularExpansion vars (NE.toList args) $ handleReturn
         Just "unset" -> regularExpansionWithStatus vars args $ handleUnset args
 
         Just "declare" -> handleDeclare args
@@ -949,14 +950,14 @@ handleCommand cmd vars args literalCmd = do
         -- This will mostly behave like 'command' but ok
         Just "builtin" ->
             case args of
-                [_] -> regular
-                (_:newargs@(newcmd:_)) ->
-                    handleCommand newcmd vars newargs $ getLiteralString newcmd
+                _ NE.:| [] -> regular
+                (_ NE.:| newcmd:newargs) ->
+                    handleCommand newcmd vars (newcmd NE.:| newargs) $ getLiteralString newcmd
         Just "command" ->
             case args of
-                [_] -> regular
-                (_:newargs@(newcmd:_)) ->
-                    handleOthers (getId newcmd) vars newargs $ getLiteralString newcmd
+                _ NE.:| [] -> regular
+                (_ NE.:| newcmd:newargs) ->
+                    handleOthers (getId newcmd) vars (newcmd NE.:| newargs) $ getLiteralString newcmd
         _ -> regular
 
   where
@@ -984,7 +985,7 @@ handleCommand cmd vars args literalCmd = do
                 unreachable <- newNode CFUnreachable
                 return $ Range ret unreachable
 
-    handleUnset (cmd:args) = do
+    handleUnset (cmd NE.:| args) = do
         case () of
                 _ | "n" `elem` flagNames -> unsetWith CFUndefineNameref
                 _ | "v" `elem` flagNames -> unsetWith CFUndefineVariable
@@ -1003,7 +1004,7 @@ handleCommand cmd vars args literalCmd = do
 
     variableAssignRegex = mkRegex "^([_a-zA-Z][_a-zA-Z0-9]*)="
 
-    handleDeclare (cmd:args) = do
+    handleDeclare (cmd NE.:| args) = do
         isFunc <- asks cfIsFunction
         -- This is a bit of a kludge: we don't have great support for things like
         -- 'declare -i x=$x' so do one round with declare x=$x, followed by declare -i x
@@ -1092,7 +1093,7 @@ handleCommand cmd vars args literalCmd = do
             in
                 concatMap (drop 1) plusses
 
-    handlePrintf (cmd:args) =
+    handlePrintf (cmd NE.:| args) =
         newNodeRange $ CFApplyEffects $ maybeToList findVar
       where
         findVar = do
@@ -1101,7 +1102,7 @@ handleCommand cmd vars args literalCmd = do
             name <- getLiteralString arg
             return $ IdTagged (getId arg) $ CFWriteVariable name CFValueString
 
-    handleWait (cmd:args) =
+    handleWait (cmd NE.:| args) =
         newNodeRange $ CFApplyEffects $ maybeToList findVar
       where
         findVar = do
@@ -1110,7 +1111,7 @@ handleCommand cmd vars args literalCmd = do
             name <- getLiteralString arg
             return $ IdTagged (getId arg) $ CFWriteVariable name CFValueInteger
 
-    handleMapfile (cmd:args) =
+    handleMapfile (cmd NE.:| args) =
         newNodeRange $ CFApplyEffects [findVar]
       where
         findVar =
@@ -1130,7 +1131,7 @@ handleCommand cmd vars args literalCmd = do
             guard $ isVariableName name
             return (getId c, name)
 
-    handleRead (cmd:args) = newNodeRange $ CFApplyEffects main
+    handleRead (cmd NE.:| args) = newNodeRange $ CFApplyEffects main
       where
         main = fromMaybe fallback $ do
             flags <- getGnuOpts flagsForRead args
@@ -1160,7 +1161,7 @@ handleCommand cmd vars args literalCmd = do
             in
                 map (\(id, name) -> IdTagged id $ CFWriteVariable name value) namesOrDefault
 
-    handleDEFINE (cmd:args) =
+    handleDEFINE (cmd NE.:| args) =
         newNodeRange $ CFApplyEffects $ maybeToList findVar
       where
         findVar = do
@@ -1170,7 +1171,7 @@ handleCommand cmd vars args literalCmd = do
             return $ IdTagged (getId name) $ CFWriteVariable str CFValueString
 
     handleOthers id vars args cmd =
-        regularExpansion vars args $ do
+        regularExpansion vars (NE.toList args) $ do
             exe <- newNodeRange $ CFExecuteCommand cmd
             status <- newNodeRange $ CFSetExitCode id
             linkRange exe status
@@ -1189,8 +1190,8 @@ handleCommand cmd vars args literalCmd = do
 
             linkRanges $ [args] ++ assignments ++ [exe] ++ dropAssignments
 
-    regularExpansionWithStatus vars args@(cmd:_) p = do
-        initial <- regularExpansion vars args p
+    regularExpansionWithStatus vars args@(cmd NE.:| _) p = do
+        initial <- regularExpansion vars (NE.toList args) p
         status <- newNodeRange $ CFSetExitCode (getId cmd)
         linkRange initial status
 

From eed0174e90a374ee497aef7d7649e022856e80e9 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Tue, 19 Dec 2023 02:06:45 -0500
Subject: [PATCH 135/244] Make "Unresolved scope in dependency" impossible

---
 src/ShellCheck/CFG.hs         | 24 ++++++++++++------------
 src/ShellCheck/CFGAnalysis.hs | 17 ++++++++---------
 2 files changed, 20 insertions(+), 21 deletions(-)

diff --git a/src/ShellCheck/CFG.hs b/src/ShellCheck/CFG.hs
index 5476ad5..ed6a8f8 100644
--- a/src/ShellCheck/CFG.hs
+++ b/src/ShellCheck/CFG.hs
@@ -112,8 +112,8 @@ data CFEdge =
 
 -- Actions we track
 data CFEffect =
-    CFSetProps Scope String (S.Set CFVariableProp)
-    | CFUnsetProps Scope String (S.Set CFVariableProp)
+    CFSetProps (Maybe Scope) String (S.Set CFVariableProp)
+    | CFUnsetProps (Maybe Scope) String (S.Set CFVariableProp)
     | CFReadVariable String
     | CFWriteVariable String CFValue
     | CFWriteGlobal String CFValue
@@ -579,7 +579,7 @@ build t = do
 
         T_Array _ list -> sequentially list
 
-        T_Assignment {} -> buildAssignment DefaultScope t
+        T_Assignment {} -> buildAssignment Nothing t
 
         T_Backgrounded id body -> do
             start <- newStructuralNode
@@ -1031,9 +1031,9 @@ handleCommand cmd vars args literalCmd = do
 
         scope isFunc =
             case () of
-                _ | global -> GlobalScope
-                _ | isFunc -> LocalScope
-                _ -> DefaultScope
+                _ | global -> Just GlobalScope
+                _ | isFunc -> Just LocalScope
+                _ -> Nothing
 
         addedProps = S.fromList $ concat $ [
             [ CFVPArray | array ],
@@ -1178,7 +1178,7 @@ handleCommand cmd vars args literalCmd = do
 
     regularExpansion vars args p = do
             args <- sequentially args
-            assignments <- mapM (buildAssignment PrefixScope) vars
+            assignments <- mapM (buildAssignment (Just PrefixScope)) vars
             exe <- p
             dropAssignments <-
                 if null vars
@@ -1198,7 +1198,7 @@ handleCommand cmd vars args literalCmd = do
 
 none = newStructuralNode
 
-data Scope = DefaultScope | GlobalScope | LocalScope | PrefixScope
+data Scope = GlobalScope | LocalScope | PrefixScope
   deriving (Eq, Ord, Show, Generic, NFData)
 
 buildAssignment scope t = do
@@ -1212,10 +1212,10 @@ buildAssignment scope t = do
                 let valueType = if null indices then f id value else CFValueArray
                 let scoper =
                                 case scope of
-                                    PrefixScope -> CFWritePrefix
-                                    LocalScope -> CFWriteLocal
-                                    GlobalScope -> CFWriteGlobal
-                                    DefaultScope -> CFWriteVariable
+                                    Just PrefixScope -> CFWritePrefix
+                                    Just LocalScope -> CFWriteLocal
+                                    Just GlobalScope -> CFWriteGlobal
+                                    Nothing -> CFWriteVariable
                 write <- newNodeRange $ applySingle $ IdTagged id $ scoper var valueType
                 linkRanges [expand, index, read, write]
               where
diff --git a/src/ShellCheck/CFGAnalysis.hs b/src/ShellCheck/CFGAnalysis.hs
index 3b4f957..16afa68 100644
--- a/src/ShellCheck/CFGAnalysis.hs
+++ b/src/ShellCheck/CFGAnalysis.hs
@@ -299,7 +299,6 @@ depsToState set = foldl insert newInternalState $ S.toList set
                     PrefixScope -> (sPrefixValues, insertPrefix)
                     LocalScope -> (sLocalValues, insertLocal)
                     GlobalScope -> (sGlobalValues, insertGlobal)
-                    DefaultScope -> error $ pleaseReport "Unresolved scope in dependency"
 
             alreadyExists = isJust $ vmLookup name $ mapToCheck state
         in
@@ -1120,34 +1119,34 @@ transferEffect ctx effect =
 
         CFSetProps scope name props ->
             case scope of
-                DefaultScope -> do
+                Nothing -> do
                     state <- readVariable ctx name
                     writeVariable ctx name $ addProperties props state
-                GlobalScope -> do
+                Just GlobalScope -> do
                     state <- readGlobal ctx name
                     writeGlobal ctx name $ addProperties props state
-                LocalScope -> do
+                Just LocalScope -> do
                     out <- readSTRef (cOutput ctx)
                     state <- readLocal ctx name
                     writeLocal ctx name $ addProperties props state
-                PrefixScope -> do
+                Just PrefixScope -> do
                     -- Prefix values become local
                     state <- readLocal ctx name
                     writeLocal ctx name $ addProperties props state
 
         CFUnsetProps scope name props ->
             case scope of
-                DefaultScope -> do
+                Nothing -> do
                     state <- readVariable ctx name
                     writeVariable ctx name $ removeProperties props state
-                GlobalScope -> do
+                Just GlobalScope -> do
                     state <- readGlobal ctx name
                     writeGlobal ctx name $ removeProperties props state
-                LocalScope -> do
+                Just LocalScope -> do
                     out <- readSTRef (cOutput ctx)
                     state <- readLocal ctx name
                     writeLocal ctx name $ removeProperties props state
-                PrefixScope -> do
+                Just PrefixScope -> do
                     -- Prefix values become local
                     state <- readLocal ctx name
                     writeLocal ctx name $ removeProperties props state

From a47a42cb45e68050b84122a4bf237502b642350b Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Tue, 19 Dec 2023 02:17:59 -0500
Subject: [PATCH 136/244] Remove unnecessary partiality from
 isAssignmentParamToCommand

---
 src/ShellCheck/AnalyzerLib.hs | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/ShellCheck/AnalyzerLib.hs b/src/ShellCheck/AnalyzerLib.hs
index 4990822..1d53a98 100644
--- a/src/ShellCheck/AnalyzerLib.hs
+++ b/src/ShellCheck/AnalyzerLib.hs
@@ -341,9 +341,9 @@ isQuoteFreeNode strict shell tree t =
     -- Is this node self-quoting in itself?
     isQuoteFreeElement t =
         case t of
-            T_Assignment {} -> assignmentIsQuoting t
-            T_FdRedirect {} -> True
-            _               -> False
+            T_Assignment id _ _ _ _ -> assignmentIsQuoting id
+            T_FdRedirect {}         -> True
+            _                       -> False
 
     -- Are any subnodes inherently self-quoting?
     isQuoteFreeContext t =
@@ -353,7 +353,7 @@ isQuoteFreeNode strict shell tree t =
             TC_Binary _ DoubleBracket _ _ _ -> return True
             TA_Sequence {}                  -> return True
             T_Arithmetic {}                 -> return True
-            T_Assignment {}                 -> return $ assignmentIsQuoting t
+            T_Assignment id _ _ _ _         -> return $ assignmentIsQuoting id
             T_Redirecting {}                -> return False
             T_DoubleQuoted _ _              -> return True
             T_DollarDoubleQuoted _ _        -> return True
@@ -368,11 +368,11 @@ isQuoteFreeNode strict shell tree t =
     -- Check whether this assignment is self-quoting due to being a recognized
     -- assignment passed to a Declaration Utility. This will soon be required
     -- by POSIX: https://austingroupbugs.net/view.php?id=351
-    assignmentIsQuoting t = shellParsesParamsAsAssignments || not (isAssignmentParamToCommand t)
+    assignmentIsQuoting id = shellParsesParamsAsAssignments || not (isAssignmentParamToCommand id)
     shellParsesParamsAsAssignments = shell /= Sh
 
     -- Is this assignment a parameter to a command like export/typeset/etc?
-    isAssignmentParamToCommand (T_Assignment id _ _ _ _) =
+    isAssignmentParamToCommand id =
         case Map.lookup id tree of
             Just (T_SimpleCommand _ _ (_:args)) -> id `elem` (map getId args)
             _ -> False

From bfe4342697292fe25a9214e30a0770fe0237ec42 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Tue, 19 Dec 2023 02:30:48 -0500
Subject: [PATCH 137/244] Remove unnecessary partiality from check

---
 src/ShellCheck/Checks/Commands.hs | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/ShellCheck/Checks/Commands.hs b/src/ShellCheck/Checks/Commands.hs
index 86fda24..314c1e9 100644
--- a/src/ShellCheck/Checks/Commands.hs
+++ b/src/ShellCheck/Checks/Commands.hs
@@ -1006,7 +1006,7 @@ checkWhileGetoptsCase = CommandCheck (Exactly "getopts") f
             options <- getLiteralString arg1
             getoptsVar <- getLiteralString name
             (T_WhileExpression _ _ body) <- findFirst whileLoop path
-            caseCmd@(T_CaseExpression _ var _) <- mapMaybe findCase body !!! 0
+            T_CaseExpression id var list <- mapMaybe findCase body !!! 0
 
             -- Make sure getopts name and case variable matches
             [T_DollarBraced _ _ bracedWord] <- return $ getWordParts var
@@ -1016,11 +1016,11 @@ checkWhileGetoptsCase = CommandCheck (Exactly "getopts") f
             -- Make sure the variable isn't modified
             guard . not $ modifiesVariable params (T_BraceGroup (Id 0) body) getoptsVar
 
-            return $ check (getId arg1) (map (:[]) $ filter (/= ':') options) caseCmd
+            return $ check (getId arg1) (map (:[]) $ filter (/= ':') options) id list
     f _ = return ()
 
-    check :: Id -> [String] -> Token -> Analysis
-    check optId opts (T_CaseExpression id _ list) = do
+    check :: Id -> [String] -> Id -> [(CaseType, [Token], [Token])] -> Analysis
+    check optId opts id list = do
             unless (Nothing `M.member` handledMap) $ do
                 mapM_ (warnUnhandled optId id) $ catMaybes $ M.keys notHandled
 

From f983d9ae93e5eda28297a93a43640aafafa5f46c Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Thu, 21 Dec 2023 13:35:22 -0500
Subject: [PATCH 138/244] Simplify functionMap and remove unnecessary
 partiality

---
 src/ShellCheck/Analytics.hs | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index b7844dd..19ff51b 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -2825,13 +2825,11 @@ checkUnpassedInFunctions params root =
     execWriter $ mapM_ warnForGroup referenceGroups
   where
     functionMap :: Map.Map String Token
-    functionMap = Map.fromList $
-        map (\t@(T_Function _ _ _ name _) -> (name,t)) functions
-    functions = execWriter $ doAnalysis (tell . maybeToList . findFunction) root
+    functionMap = Map.fromList $ execWriter $ doAnalysis (tell . maybeToList . findFunction) root
 
     findFunction t@(T_Function id _ _ name body)
         | any (isPositionalReference t) flow && not (any isPositionalAssignment flow)
-        = return t
+        = return (name,t)
         where flow = getVariableFlow params body
     findFunction _ = Nothing
 

From dab77b2c8d978534603000e5406e604a79e1b195 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Thu, 21 Dec 2023 13:48:47 -0500
Subject: [PATCH 139/244] Implement parseEnum in terms of lookup

---
 shellcheck.hs | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/shellcheck.hs b/shellcheck.hs
index 6f12238..00b699b 100644
--- a/shellcheck.hs
+++ b/shellcheck.hs
@@ -252,9 +252,9 @@ runFormatter sys format options files = do
                 else SomeProblems
 
 parseEnum name value list =
-    case filter ((== value) . fst) list of
-        [(name, value)] -> return value
-        [] -> do
+    case lookup value list of
+        Just value -> return value
+        Nothing -> do
             printErr $ "Unknown value for --" ++ name ++ ". " ++
                        "Valid options are: " ++ (intercalate ", " $ map fst list)
             throwError SupportFailure

From 3bd7df955bdd9f066d5d19a90712b81305c61c87 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Fri, 29 Dec 2023 14:18:42 -0500
Subject: [PATCH 140/244] Use a pattern match instead of null and head in
 checkCommand

---
 src/ShellCheck/Checks/Commands.hs | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/src/ShellCheck/Checks/Commands.hs b/src/ShellCheck/Checks/Commands.hs
index 314c1e9..429e786 100644
--- a/src/ShellCheck/Checks/Commands.hs
+++ b/src/ShellCheck/Checks/Commands.hs
@@ -20,6 +20,7 @@
 {-# LANGUAGE TemplateHaskell #-}
 {-# LANGUAGE FlexibleContexts #-}
 {-# LANGUAGE MultiWayIf #-}
+{-# LANGUAGE PatternGuards #-}
 
 -- This module contains checks that examine specific commands by name.
 module ShellCheck.Checks.Commands (checker, optionalChecks, ShellCheck.Checks.Commands.runTests) where
@@ -181,16 +182,15 @@ checkCommand :: M.Map CommandName (Token -> Analysis) -> Token -> Analysis
 checkCommand map t@(T_SimpleCommand id cmdPrefix (cmd:rest)) = sequence_ $ do
     name <- getLiteralString cmd
     return $
-        if '/' `elem` name
-        then
-            M.findWithDefault nullCheck (Basename $ basename name) map t
-        else if name == "builtin" && not (null rest) then
-            let t' = T_SimpleCommand id cmdPrefix rest
-                selectedBuiltin = onlyLiteralString $ head rest
-            in M.findWithDefault nullCheck (Exactly selectedBuiltin) map t'
-        else do
-            M.findWithDefault nullCheck (Exactly name) map t
-            M.findWithDefault nullCheck (Basename name) map t
+        if | '/' `elem` name ->
+               M.findWithDefault nullCheck (Basename $ basename name) map t
+           | name == "builtin", (h:_) <- rest ->
+               let t' = T_SimpleCommand id cmdPrefix rest
+                   selectedBuiltin = onlyLiteralString h
+               in M.findWithDefault nullCheck (Exactly selectedBuiltin) map t'
+           | otherwise -> do
+               M.findWithDefault nullCheck (Exactly name) map t
+               M.findWithDefault nullCheck (Basename name) map t
 
   where
     basename = reverse . takeWhile (/= '/') . reverse

From dedf932fe8b9dcf4f852d4289032e6d25e7e5d40 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sat, 30 Dec 2023 13:59:15 -0500
Subject: [PATCH 141/244] Use traverse instead of sequence and map

---
 src/ShellCheck/Analytics.hs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 19ff51b..df0b3e6 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -4936,7 +4936,7 @@ checkOverwrittenExitCode params t =
         guard . not $ S.null exitCodeIds
 
         let idToToken = idMap params
-        exitCodeTokens <- sequence $ map (\k -> Map.lookup k idToToken) $ S.toList exitCodeIds
+        exitCodeTokens <- traverse (\k -> Map.lookup k idToToken) $ S.toList exitCodeIds
         return $ do
             when (all isCondition exitCodeTokens && not (usedUnconditionally t exitCodeIds)) $
                 warn id 2319 "This $? refers to a condition, not a command. Assign to a variable to avoid it being overwritten."

From 980e7d3ca8aa19977ca517b846e2d2cff4fb1c5d Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sat, 30 Dec 2023 14:49:26 -0500
Subject: [PATCH 142/244] Use <$> instead of >>= and return

---
 src/ShellCheck/CFG.hs    | 2 +-
 src/ShellCheck/Parser.hs | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/ShellCheck/CFG.hs b/src/ShellCheck/CFG.hs
index ed6a8f8..5d018c8 100644
--- a/src/ShellCheck/CFG.hs
+++ b/src/ShellCheck/CFG.hs
@@ -997,7 +997,7 @@ handleCommand cmd vars args literalCmd = do
         (names, flags) = partition (null . fst) pairs
         flagNames = map fst flags
         literalNames :: [(Token, String)] -- Literal names to unset, e.g. [(myfuncToken, "myfunc")]
-        literalNames = mapMaybe (\(_, t) -> getLiteralString t >>= (return . (,) t)) names
+        literalNames = mapMaybe (\(_, t) -> (,) t <$> getLiteralString t) names
         -- Apply a constructor like CFUndefineVariable to each literalName, and tag with its id
         unsetWith c = newNodeRange $ CFApplyEffects $ map (\(token, name) -> IdTagged (getId token) $ c name) literalNames
 
diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 04bdbc4..37a9b86 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -1195,7 +1195,7 @@ readDollarBracedPart = readSingleQuoted <|> readDoubleQuoted <|>
 
 readDollarBracedLiteral = do
     start <- startSpan
-    vars <- (readBraceEscaped <|> (anyChar >>= \x -> return [x])) `reluctantlyTill1` bracedQuotable
+    vars <- (readBraceEscaped <|> ((\x -> [x]) <$> anyChar)) `reluctantlyTill1` bracedQuotable
     id <- endSpan start
     return $ T_Literal id $ concat vars
 
@@ -1557,7 +1557,7 @@ readGenericLiteral endChars = do
     return $ concat strings
 
 readGenericLiteral1 endExp = do
-    strings <- (readGenericEscaped <|> (anyChar >>= \x -> return [x])) `reluctantlyTill1` endExp
+    strings <- (readGenericEscaped <|> ((\x -> [x]) <$> anyChar)) `reluctantlyTill1` endExp
     return $ concat strings
 
 readGenericEscaped = do
@@ -2371,7 +2371,7 @@ readPipeSequence = do
     return $ T_Pipeline id pipes cmds
   where
     sepBy1WithSeparators p s = do
-        let elems = p >>= \x -> return ([x], [])
+        let elems = (\x -> ([x], [])) <$> p
         let seps = do
             separator <- s
             return $ \(a,b) (c,d) -> (a++c, b ++ d ++ [separator])

From ee41c780f4a587cd32c58deb8badc27dac2b6b10 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Otto=20Kek=C3=A4l=C3=A4inen?= <otto@kekalainen.net>
Date: Sun, 31 Dec 2023 10:47:40 +0800
Subject: [PATCH 143/244] Replace Atom reference with Pulsar Edit equivalent

Since Microsoft acquired GitHub and discontinued Atom in 2022,
the community started a fork at https://pulsar-edit.dev/. Linking
to an archived repository under the Atom organization does not make
sense anymore, so link to active Pulsar fork instead.
---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 9d98b9d..b9aea08 100644
--- a/README.md
+++ b/README.md
@@ -77,7 +77,7 @@ You can see ShellCheck suggestions directly in a variety of editors.
 
 * Sublime, through [SublimeLinter](https://github.com/SublimeLinter/SublimeLinter-shellcheck).
 
-* Atom, through [Linter](https://github.com/AtomLinter/linter-shellcheck).
+* Pulsar Edit (former Atom), through [linter-shellcheck-pulsar](https://github.com/pulsar-cooperative/linter-shellcheck-pulsar).
 
 * VSCode, through [vscode-shellcheck](https://github.com/timonwong/vscode-shellcheck).
 

From e1ad06383425f46703a26aafc0d1bdc8ddc90a18 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sun, 31 Dec 2023 01:59:53 -0500
Subject: [PATCH 144/244] Implement getPath in terms of unfoldr

---
 src/ShellCheck/ASTLib.hs | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/ShellCheck/ASTLib.hs b/src/ShellCheck/ASTLib.hs
index cf55498..5b3ffd8 100644
--- a/src/ShellCheck/ASTLib.hs
+++ b/src/ShellCheck/ASTLib.hs
@@ -897,10 +897,9 @@ getUnmodifiedParameterExpansion t =
         _ -> Nothing
 
 --- A list of the element and all its parents up to the root node.
-getPath tree t = t :
-    case Map.lookup (getId t) tree of
-        Nothing     -> []
-        Just parent -> getPath tree parent
+getPath tree t = t : unfoldr go t
+  where
+    go s = (\x -> (x,x)) <$> Map.lookup (getId s) tree
 
 isClosingFileOp op =
     case op of

From add49cda171058b921fb57a2b658511159858a1f Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sun, 31 Dec 2023 02:12:58 -0500
Subject: [PATCH 145/244] Make getPath return a NonEmpty

---
 src/ShellCheck/ASTLib.hs          |  5 ++-
 src/ShellCheck/Analytics.hs       | 59 ++++++++++++++++---------------
 src/ShellCheck/AnalyzerLib.hs     | 11 +++---
 src/ShellCheck/Checks/Commands.hs |  3 +-
 4 files changed, 40 insertions(+), 38 deletions(-)

diff --git a/src/ShellCheck/ASTLib.hs b/src/ShellCheck/ASTLib.hs
index 5b3ffd8..aadff05 100644
--- a/src/ShellCheck/ASTLib.hs
+++ b/src/ShellCheck/ASTLib.hs
@@ -31,6 +31,7 @@ import Data.Functor
 import Data.Functor.Identity
 import Data.List
 import Data.Maybe
+import qualified Data.List.NonEmpty as NE
 import qualified Data.Map as Map
 import Numeric (showHex)
 
@@ -897,9 +898,7 @@ getUnmodifiedParameterExpansion t =
         _ -> Nothing
 
 --- A list of the element and all its parents up to the root node.
-getPath tree t = t : unfoldr go t
-  where
-    go s = (\x -> (x,x)) <$> Map.lookup (getId s) tree
+getPath tree = NE.unfoldr $ \t -> (t, Map.lookup (getId t) tree)
 
 isClosingFileOp op =
     case op of
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index df0b3e6..e80ed58 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -46,6 +46,7 @@ import Data.Maybe
 import Data.Ord
 import Data.Semigroup
 import Debug.Trace -- STRIP
+import qualified Data.List.NonEmpty as NE
 import qualified Data.Map.Strict as Map
 import qualified Data.Set as S
 import Test.QuickCheck.All (forAllProperties)
@@ -846,14 +847,14 @@ checkRedirectToSame params s@(T_Pipeline _ _ list) =
     getRedirs _ = []
     special x = "/dev/" `isPrefixOf` concat (oversimplify x)
     isInput t =
-        case drop 1 $ getPath (parentMap params) t of
+        case NE.tail $ getPath (parentMap params) t of
             T_IoFile _ op _:_ ->
                 case op of
                     T_Less _  -> True
                     _ -> False
             _ -> False
     isOutput t =
-        case drop 1 $ getPath (parentMap params) t of
+        case NE.tail $ getPath (parentMap params) t of
             T_IoFile _ op _:_ ->
                 case op of
                     T_Greater _  -> True
@@ -887,7 +888,7 @@ checkShorthandIf params x@(T_OrIf _ (T_AndIf id _ _) (T_Pipeline _ _ t))
         name <- getCommandBasename t
         return $ name `elem` ["echo", "exit", "return", "printf"])
     isOk _ = False
-    inCondition = isCondition $ getPath (parentMap params) x
+    inCondition = isCondition $ NE.toList $ getPath (parentMap params) x
 checkShorthandIf _ _ = return ()
 
 
@@ -1087,7 +1088,7 @@ checkSingleQuotedVariables params t@(T_SingleQuoted id s) =
         return $ if name == "find" then getFindCommand cmd else if name == "git" then getGitCommand cmd else if name == "mumps" then getMumpsCommand cmd else name
 
     isProbablyOk =
-            any isOkAssignment (take 3 $ getPath parents t)
+            any isOkAssignment (NE.take 3 $ getPath parents t)
             || commandName `elem` [
                 "trap"
                 ,"sh"
@@ -1495,7 +1496,7 @@ checkArithmeticDeref params t@(TA_Expansion _ [T_DollarBraced id _ l]) =
   where
     isException [] = True
     isException s@(h:_) = any (`elem` "/.:#%?*@$-!+=^,") s || isDigit h
-    getWarning = fromMaybe noWarning . msum . map warningFor $ parents params t
+    getWarning = fromMaybe noWarning . msum . NE.map warningFor $ parents params t
     warningFor t =
         case t of
             T_Arithmetic {} -> return normalWarning
@@ -1823,7 +1824,7 @@ checkInexplicablyUnquoted params (T_NormalWord id tokens) = mapM_ check (tails t
             T_Literal id s
                 | not (quotesSingleThing a && quotesSingleThing b
                     || s `elem` ["=", ":", "/"]
-                    || isSpecial (getPath (parentMap params) trapped)
+                    || isSpecial (NE.toList $ getPath (parentMap params) trapped)
                 ) ->
                     warnAboutLiteral id
             _ -> return ()
@@ -2041,7 +2042,7 @@ doVariableFlowAnalysis readFunc writeFunc empty flow = evalState (
 -- from $foo=bar to foo=bar. This is not pretty but ok.
 quotesMayConflictWithSC2281 params t =
     case getPath (parentMap params) t of
-        _ : T_NormalWord parentId (me:T_Literal _ ('=':_):_) : T_SimpleCommand _ _ (cmd:_) : _ ->
+        _ NE.:| T_NormalWord parentId (me:T_Literal _ ('=':_):_) : T_SimpleCommand _ _ (cmd:_) : _ ->
             (getId t) == (getId me) && (parentId == getId cmd)
         _ -> False
 
@@ -2652,7 +2653,7 @@ checkPrefixAssignmentReference params t@(T_DollarBraced id _ value) =
     check path
   where
     name = getBracedReference $ concat $ oversimplify value
-    path = getPath (parentMap params) t
+    path = NE.toList $ getPath (parentMap params) t
     idPath = map getId path
 
     check [] = return ()
@@ -2701,7 +2702,7 @@ checkCharRangeGlob p t@(T_Glob id str) |
         return $ isCommandMatch cmd (`elem` ["tr", "read"])
 
     -- Check if this is a dereferencing context like [[ -v array[operandhere] ]]
-    isDereferenced = fromMaybe False . msum . map isDereferencingOp . getPath (parentMap p)
+    isDereferenced = fromMaybe False . msum . NE.map isDereferencingOp . getPath (parentMap p)
     isDereferencingOp t =
         case t of
             TC_Binary _ DoubleBracket str _ _ -> return $ isDereferencingBinaryOp str
@@ -2764,7 +2765,7 @@ checkLoopKeywordScope params t |
         _ -> return ()
   where
     name = getCommandName t
-    path = let p = getPath (parentMap params) t in filter relevant p
+    path = let p = getPath (parentMap params) t in NE.filter relevant p
     subshellType t = case leadType params t of
         NoneScope -> Nothing
         SubshellScope str -> return str
@@ -3188,7 +3189,7 @@ checkUncheckedCdPushdPopd params root =
         | name `elem` ["cd", "pushd", "popd"]
             && not (isSafeDir t)
             && not (name `elem` ["pushd", "popd"] && ("n" `elem` map snd (getAllFlags t)))
-            && not (isCondition $ getPath (parentMap params) t) =
+            && not (isCondition $ NE.toList $ getPath (parentMap params) t) =
                 warnWithFix (getId t) 2164
                     ("Use '" ++ name ++ " ... || exit' or '" ++ name ++ " ... || return' in case " ++ name ++ " fails.")
                     (fixWith [replaceEnd (getId t) params 0 " || exit"])
@@ -3217,7 +3218,7 @@ checkLoopVariableReassignment params token =
         return $ do
             warn (getId token) 2165 "This nested loop overrides the index variable of its parent."
             warn (getId next)  2167 "This parent loop has its index variable overridden."
-    path = drop 1 $ getPath (parentMap params) token
+    path = NE.tail $ getPath (parentMap params) token
     loopVariable :: Token -> Maybe String
     loopVariable t =
         case t of
@@ -3290,17 +3291,17 @@ checkReturnAgainstZero params token =
     -- We don't want to warn about composite expressions like
     -- [[ $? -eq 0 || $? -eq 4 ]] since these can be annoying to rewrite.
     isOnlyTestInCommand t =
-        case getPath (parentMap params) t of
-            _:(T_Condition {}):_ -> True
-            _:(T_Arithmetic {}):_ -> True
-            _:(TA_Sequence _ [_]):(T_Arithmetic {}):_ -> True
+        case NE.tail $ getPath (parentMap params) t of
+            (T_Condition {}):_ -> True
+            (T_Arithmetic {}):_ -> True
+            (TA_Sequence _ [_]):(T_Arithmetic {}):_ -> True
 
             -- Some negations and groupings are also fine
-            _:next@(TC_Unary _ _ "!" _):_ -> isOnlyTestInCommand next
-            _:next@(TA_Unary _ "!" _):_ -> isOnlyTestInCommand next
-            _:next@(TC_Group {}):_ -> isOnlyTestInCommand next
-            _:next@(TA_Sequence _ [_]):_ -> isOnlyTestInCommand next
-            _:next@(TA_Parentesis _ _):_ -> isOnlyTestInCommand next
+            next@(TC_Unary _ _ "!" _):_ -> isOnlyTestInCommand next
+            next@(TA_Unary _ "!" _):_ -> isOnlyTestInCommand next
+            next@(TC_Group {}):_ -> isOnlyTestInCommand next
+            next@(TA_Sequence _ [_]):_ -> isOnlyTestInCommand next
+            next@(TA_Parentesis _ _):_ -> isOnlyTestInCommand next
             _ -> False
 
     -- TODO: Do better $? tracking and filter on whether
@@ -3365,7 +3366,7 @@ checkRedirectedNowhere params token =
         _ -> return ()
   where
     isInExpansion t =
-        case drop 1 $ getPath (parentMap params) t of
+        case NE.tail $ getPath (parentMap params) t of
             T_DollarExpansion _ [_] : _ -> True
             T_Backticked _ [_] : _ -> True
             t@T_Annotation {} : _ -> isInExpansion t
@@ -3839,7 +3840,7 @@ checkSubshelledTests params t =
 
     isFunctionBody path =
         case path of
-            (_:f:_) -> isFunction f
+            (_ NE.:| f:_) -> isFunction f
             _ -> False
 
     isTestStructure t =
@@ -3866,7 +3867,7 @@ checkSubshelledTests params t =
     -- This technically also triggers for `if true; then ( test ); fi`
     -- but it's still a valid suggestion.
     isCompoundCondition chain =
-        case dropWhile skippable (drop 1 chain) of
+        case dropWhile skippable (NE.tail chain) of
             T_IfExpression {}    : _ -> True
             T_WhileExpression {} : _ -> True
             T_UntilExpression {} : _ -> True
@@ -4005,7 +4006,7 @@ checkUselessBang params t = when (hasSetE params) $ mapM_ check (getNonReturning
   where
     check t =
         case t of
-            T_Banged id cmd | not $ isCondition (getPath (parentMap params) t) ->
+            T_Banged id cmd | not $ isCondition (NE.toList $ getPath (parentMap params) t) ->
                 addComment $ makeCommentWithFix InfoC id 2251
                         "This ! is not on a condition and skips errexit. Use `&& exit 1` instead, or make sure $? is checked."
                         (fixWith [replaceStart id params 1 "", replaceEnd (getId cmd) params 0 " && exit 1"])
@@ -4029,7 +4030,7 @@ checkUselessBang params t = when (hasSetE params) $ mapM_ check (getNonReturning
 
     isFunctionBody t =
         case getPath (parentMap params) t of
-            _:T_Function {}:_-> True
+            _ NE.:| T_Function {}:_-> True
             _ -> False
 
     dropLast t =
@@ -4627,7 +4628,7 @@ checkArrayValueUsedAsIndex params _ =
             -- Is this one of the 'for' arrays?
             (loopWord, _) <- find ((==arrayName) . snd) arrays
             -- Are we still in this loop?
-            guard $ getId loop `elem` map getId (getPath parents t)
+            guard $ getId loop `elem` NE.map getId (getPath parents t)
             return [
                 makeComment WarningC (getId loopWord) 2302 "This loops over values. To loop over keys, use \"${!array[@]}\".",
                 makeComment WarningC (getId arrayRef) 2303 $ (e4m name) ++ " is an array value, not a key. Use directly or loop over keys instead."
@@ -4709,7 +4710,7 @@ checkSetESuppressed params t =
         literalArg <- getUnquotedLiteral cmd
         Map.lookup literalArg functions_
 
-    checkCmd cmd = go $ getPath (parentMap params) cmd
+    checkCmd cmd = go $ NE.toList $ getPath (parentMap params) cmd
       where
         go (child:parent:rest) = do
             case parent of
@@ -4855,7 +4856,7 @@ checkExtraMaskedReturns params t =
         basename <- getCommandBasename t
         return $ basename == "time"
 
-    parentChildPairs t = go $ parents params t
+    parentChildPairs t = go $ NE.toList $ parents params t
       where
         go (child:parent:rest) = (parent, child):go (parent:rest)
         go _ = []
diff --git a/src/ShellCheck/AnalyzerLib.hs b/src/ShellCheck/AnalyzerLib.hs
index 1d53a98..21123d4 100644
--- a/src/ShellCheck/AnalyzerLib.hs
+++ b/src/ShellCheck/AnalyzerLib.hs
@@ -41,6 +41,7 @@ import Data.Char
 import Data.List
 import Data.Maybe
 import Data.Semigroup
+import qualified Data.List.NonEmpty as NE
 import qualified Data.Map as Map
 
 import Test.QuickCheck.All (forAllProperties)
@@ -336,7 +337,7 @@ isQuoteFree = isQuoteFreeNode False
 
 isQuoteFreeNode strict shell tree t =
     isQuoteFreeElement t ||
-        (fromMaybe False $ msum $ map isQuoteFreeContext $ drop 1 $ getPath tree t)
+        (fromMaybe False $ msum $ map isQuoteFreeContext $ NE.tail $ getPath tree t)
   where
     -- Is this node self-quoting in itself?
     isQuoteFreeElement t =
@@ -398,7 +399,7 @@ isParamTo tree cmd =
 -- Get the parent command (T_Redirecting) of a Token, if any.
 getClosestCommand :: Map.Map Id Token -> Token -> Maybe Token
 getClosestCommand tree t =
-    findFirst findCommand $ getPath tree t
+    findFirst findCommand $ NE.toList $ getPath tree t
   where
     findCommand t =
         case t of
@@ -412,7 +413,7 @@ getClosestCommandM t = do
     return $ getClosestCommand (parentMap params) t
 
 -- Is the token used as a command name (the first word in a T_SimpleCommand)?
-usedAsCommandName tree token = go (getId token) (tail $ getPath tree token)
+usedAsCommandName tree token = go (getId token) (NE.tail $ getPath tree token)
   where
     go currentId (T_NormalWord id [word]:rest)
         | currentId == getId word = go id rest
@@ -429,7 +430,7 @@ getPathM t = do
     return $ getPath (parentMap params) t
 
 isParentOf tree parent child =
-    elem (getId parent) . map getId $ getPath tree child
+    elem (getId parent) . NE.map getId $ getPath tree child
 
 parents params = getPath (parentMap params)
 
@@ -813,7 +814,7 @@ getReferencedVariables parents t =
             return (context, token, getBracedReference str)
 
     isArithmeticAssignment t = case getPath parents t of
-        this: TA_Assignment _ "=" lhs _ :_ -> lhs == t
+        this NE.:| TA_Assignment _ "=" lhs _ :_ -> lhs == t
         _                                  -> False
 
 isDereferencingBinaryOp = (`elem` ["-eq", "-ne", "-lt", "-le", "-gt", "-ge"])
diff --git a/src/ShellCheck/Checks/Commands.hs b/src/ShellCheck/Checks/Commands.hs
index 429e786..c4ffd87 100644
--- a/src/ShellCheck/Checks/Commands.hs
+++ b/src/ShellCheck/Checks/Commands.hs
@@ -43,6 +43,7 @@ import Data.Functor.Identity
 import qualified Data.Graph.Inductive.Graph as G
 import Data.List
 import Data.Maybe
+import qualified Data.List.NonEmpty as NE
 import qualified Data.Map.Strict as M
 import qualified Data.Set as S
 import Test.QuickCheck.All (forAllProperties)
@@ -1005,7 +1006,7 @@ checkWhileGetoptsCase = CommandCheck (Exactly "getopts") f
         sequence_ $ do
             options <- getLiteralString arg1
             getoptsVar <- getLiteralString name
-            (T_WhileExpression _ _ body) <- findFirst whileLoop path
+            (T_WhileExpression _ _ body) <- findFirst whileLoop (NE.toList path)
             T_CaseExpression id var list <- mapMaybe findCase body !!! 0
 
             -- Make sure getopts name and case variable matches

From 71c0fcb737e94d7f2aa65e0540ddc2554f63bdd7 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sun, 31 Dec 2023 02:27:52 -0500
Subject: [PATCH 146/244] Manually fuse elem and map in isParentOf

---
 src/ShellCheck/AnalyzerLib.hs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/AnalyzerLib.hs b/src/ShellCheck/AnalyzerLib.hs
index 21123d4..944b12d 100644
--- a/src/ShellCheck/AnalyzerLib.hs
+++ b/src/ShellCheck/AnalyzerLib.hs
@@ -430,7 +430,9 @@ getPathM t = do
     return $ getPath (parentMap params) t
 
 isParentOf tree parent child =
-    elem (getId parent) . NE.map getId $ getPath tree child
+    any (\t -> parentId == getId t) (getPath tree child)
+  where
+    parentId = getId parent
 
 parents params = getPath (parentMap params)
 

From 6e5b5401c6e593c82ce11ab15b532fe3a9c07d3b Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sun, 31 Dec 2023 02:31:07 -0500
Subject: [PATCH 147/244] Manually fuse elem and map in
 checkArrayValueUsedAsIndex

---
 src/ShellCheck/Analytics.hs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index e80ed58..9926462 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -4628,7 +4628,8 @@ checkArrayValueUsedAsIndex params _ =
             -- Is this one of the 'for' arrays?
             (loopWord, _) <- find ((==arrayName) . snd) arrays
             -- Are we still in this loop?
-            guard $ getId loop `elem` NE.map getId (getPath parents t)
+            let loopId = getId loop
+            guard $ any (\t -> loopId == getId t) (getPath parents t)
             return [
                 makeComment WarningC (getId loopWord) 2302 "This loops over values. To loop over keys, use \"${!array[@]}\".",
                 makeComment WarningC (getId arrayRef) 2303 $ (e4m name) ++ " is an array value, not a key. Use directly or loop over keys instead."

From a786f996a176555ca5c09866dcb785cf7fd9323d Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sun, 31 Dec 2023 15:55:06 -0500
Subject: [PATCH 148/244] Replace !!! with pattern-matching where it's easy

---
 src/ShellCheck/Analytics.hs           | 14 +++++---------
 src/ShellCheck/Checks/Commands.hs     |  3 +--
 src/ShellCheck/Checks/ShellSupport.hs |  5 ++---
 3 files changed, 8 insertions(+), 14 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 9926462..2fb3185 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -468,9 +468,8 @@ checkAssignAteCommand _ (T_SimpleCommand id [T_Assignment _ _ _ _ assignmentTerm
   where
     isCommonCommand (Just s) = s `elem` commonCommands
     isCommonCommand _ = False
-    firstWordIsArg list = fromMaybe False $ do
-        head <- list !!! 0
-        return $ isGlob head || isUnquotedFlag head
+    firstWordIsArg (head:_) = isGlob head || isUnquotedFlag head
+    firstWordIsArg [] = False
 
 checkAssignAteCommand _ _ = return ()
 
@@ -491,9 +490,7 @@ prop_checkWrongArit2 = verify checkWrongArithmeticAssignment "n=2; i=n*2"
 checkWrongArithmeticAssignment params (T_SimpleCommand id [T_Assignment _ _ _ _ val] []) =
   sequence_ $ do
     str <- getNormalString val
-    match <- matchRegex regex str
-    var <- match !!! 0
-    op <- match !!! 1
+    var:op:_ <- matchRegex regex str
     Map.lookup var references
     return . warn (getId val) 2100 $
         "Use $((..)) for arithmetics, e.g. i=$((i " ++ op ++ " 2))"
@@ -1460,9 +1457,8 @@ prop_checkForDecimals2 = verify checkForDecimals "foo[1.2]=bar"
 prop_checkForDecimals3 = verifyNot checkForDecimals "declare -A foo; foo[1.2]=bar"
 checkForDecimals params t@(TA_Expansion id _) = sequence_ $ do
     guard $ not (hasFloatingPoint params)
-    str <- getLiteralString t
-    first <- str !!! 0
-    guard $ isDigit first && '.' `elem` str
+    first:rest <- getLiteralString t
+    guard $ isDigit first && '.' `elem` rest
     return $ err id 2079 "(( )) doesn't support decimals. Use bc or awk."
 checkForDecimals _ _ = return ()
 
diff --git a/src/ShellCheck/Checks/Commands.hs b/src/ShellCheck/Checks/Commands.hs
index c4ffd87..97c9088 100644
--- a/src/ShellCheck/Checks/Commands.hs
+++ b/src/ShellCheck/Checks/Commands.hs
@@ -1237,8 +1237,7 @@ checkSudoArgs = CommandCheck (Basename "sudo") f
   where
     f t = sequence_ $ do
         opts <- parseOpts $ arguments t
-        let nonFlags = [x | ("",(x, _)) <- opts]
-        commandArg <- nonFlags !!! 0
+        (_,(commandArg, _)) <- find (null . fst) opts
         command <- getLiteralString commandArg
         guard $ command `elem` builtins
         return $ warn (getId t) 2232 $ "Can't use sudo with builtins like " ++ command ++ ". Did you want sudo sh -c .. instead?"
diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index d070497..cab0546 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -79,9 +79,8 @@ prop_checkForDecimals3 = verifyNot checkForDecimals "declare -A foo; foo[1.2]=ba
 checkForDecimals = ForShell [Sh, Dash, BusyboxSh, Bash] f
   where
     f t@(TA_Expansion id _) = sequence_ $ do
-        str <- getLiteralString t
-        first <- str !!! 0
-        guard $ isDigit first && '.' `elem` str
+        first:rest <- getLiteralString t
+        guard $ isDigit first && '.' `elem` rest
         return $ err id 2079 "(( )) doesn't support decimals. Use bc or awk."
     f _ = return ()
 

From 10afe83ce32c575cace720b51516092a44d39cf2 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sun, 31 Dec 2023 16:23:45 -0500
Subject: [PATCH 149/244] Use getLiteralStringDef instead of rebuilding it with
 fromJust

---
 src/ShellCheck/Analytics.hs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 2fb3185..d030812 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -4509,7 +4509,7 @@ prop_checkCommandWithTrailingSymbol9 = verifyNot checkCommandWithTrailingSymbol
 checkCommandWithTrailingSymbol _ t =
     case t of
         T_SimpleCommand _ _ (cmd:_) ->
-            let str = fromJust $ getLiteralStringExt (\_ -> Just "x") cmd
+            let str = getLiteralStringDef "x" cmd
                 last = lastOrDefault 'x' str
             in
                 case str of

From 6c81505870d84747c7614deebc2770f38c3e4c29 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sun, 31 Dec 2023 16:26:03 -0500
Subject: [PATCH 150/244] Use a pattern guard instead of fromJust in
 checkLoopKeywordScope

---
 src/ShellCheck/Analytics.hs | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index d030812..6daf614 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -19,6 +19,7 @@
 -}
 {-# LANGUAGE TemplateHaskell #-}
 {-# LANGUAGE FlexibleContexts #-}
+{-# LANGUAGE PatternGuards #-}
 module ShellCheck.Analytics (checker, optionalChecks, ShellCheck.Analytics.runTests) where
 
 import ShellCheck.AST
@@ -2749,18 +2750,17 @@ prop_checkLoopKeywordScope5 = verify checkLoopKeywordScope "if true; then break;
 prop_checkLoopKeywordScope6 = verify checkLoopKeywordScope "while true; do true | { break; }; done"
 prop_checkLoopKeywordScope7 = verifyNot checkLoopKeywordScope "#!/bin/ksh\nwhile true; do true | { break; }; done"
 checkLoopKeywordScope params t |
-        name `elem` map Just ["continue", "break"] =
+        Just name <- getCommandName t, name `elem` ["continue", "break"] =
     if not $ any isLoop path
     then if any isFunction $ take 1 path
         -- breaking at a source/function invocation is an abomination. Let's ignore it.
-        then err (getId t) 2104 $ "In functions, use return instead of " ++ fromJust name ++ "."
-        else err (getId t) 2105 $ fromJust name ++ " is only valid in loops."
+        then err (getId t) 2104 $ "In functions, use return instead of " ++ name ++ "."
+        else err (getId t) 2105 $ name ++ " is only valid in loops."
     else case map subshellType $ filter (not . isFunction) path of
         Just str:_ -> warn (getId t) 2106 $
             "This only exits the subshell caused by the " ++ str ++ "."
         _ -> return ()
   where
-    name = getCommandName t
     path = let p = getPath (parentMap params) t in NE.filter relevant p
     subshellType t = case leadType params t of
         NoneScope -> Nothing

From 3f40b688eee018f49b0a2ed7d8805987eb4118cd Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sun, 31 Dec 2023 16:33:34 -0500
Subject: [PATCH 151/244] Simplify getStringFromParsec

---
 src/ShellCheck/Parser.hs | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 37a9b86..130d956 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -3456,9 +3456,8 @@ makeErrorFor parsecError =
       pos = errorPos parsecError
 
 getStringFromParsec errors =
-        case map f errors of
-            r -> unwords (take 1 $ catMaybes $ reverse r)  ++
-                " Fix any mentioned problems and try again."
+        headOrDefault "" (mapMaybe f $ reverse errors)  ++
+            " Fix any mentioned problems and try again."
     where
         f err =
             case err of

From a6984cddb0fbead307dce4bd98a66f8225ea2888 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sun, 31 Dec 2023 16:40:18 -0500
Subject: [PATCH 152/244] Switch then and else to remove a not

---
 src/ShellCheck/Analytics.hs | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 6daf614..ae29762 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -2751,15 +2751,15 @@ prop_checkLoopKeywordScope6 = verify checkLoopKeywordScope "while true; do true
 prop_checkLoopKeywordScope7 = verifyNot checkLoopKeywordScope "#!/bin/ksh\nwhile true; do true | { break; }; done"
 checkLoopKeywordScope params t |
         Just name <- getCommandName t, name `elem` ["continue", "break"] =
-    if not $ any isLoop path
-    then if any isFunction $ take 1 path
-        -- breaking at a source/function invocation is an abomination. Let's ignore it.
-        then err (getId t) 2104 $ "In functions, use return instead of " ++ name ++ "."
-        else err (getId t) 2105 $ name ++ " is only valid in loops."
-    else case map subshellType $ filter (not . isFunction) path of
+    if any isLoop path
+    then case map subshellType $ filter (not . isFunction) path of
         Just str:_ -> warn (getId t) 2106 $
             "This only exits the subshell caused by the " ++ str ++ "."
         _ -> return ()
+    else if any isFunction $ take 1 path
+        -- breaking at a source/function invocation is an abomination. Let's ignore it.
+        then err (getId t) 2104 $ "In functions, use return instead of " ++ name ++ "."
+        else err (getId t) 2105 $ name ++ " is only valid in loops."
   where
     path = let p = getPath (parentMap params) t in NE.filter relevant p
     subshellType t = case leadType params t of

From 71889c139aac3ce3597349878c746c774b329882 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sun, 31 Dec 2023 16:44:21 -0500
Subject: [PATCH 153/244] Use a case expression instead of any and take 1

---
 src/ShellCheck/Analytics.hs | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index ae29762..ca679bb 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -2756,10 +2756,10 @@ checkLoopKeywordScope params t |
         Just str:_ -> warn (getId t) 2106 $
             "This only exits the subshell caused by the " ++ str ++ "."
         _ -> return ()
-    else if any isFunction $ take 1 path
+    else case path of
         -- breaking at a source/function invocation is an abomination. Let's ignore it.
-        then err (getId t) 2104 $ "In functions, use return instead of " ++ name ++ "."
-        else err (getId t) 2105 $ name ++ " is only valid in loops."
+        h:_ | isFunction h -> err (getId t) 2104 $ "In functions, use return instead of " ++ name ++ "."
+        _ -> err (getId t) 2105 $ name ++ " is only valid in loops."
   where
     path = let p = getPath (parentMap params) t in NE.filter relevant p
     subshellType t = case leadType params t of

From 7b0589988fca3bf234d2d62e475f2e821ddb42c5 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sun, 31 Dec 2023 17:21:50 -0500
Subject: [PATCH 154/244] Implement isCondition in terms of foldr

---
 src/ShellCheck/Analytics.hs | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index ca679bb..3f686ee 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -346,13 +346,11 @@ dist a b
 hasFloatingPoint params = shellType params == Ksh
 
 -- Checks whether the current parent path is part of a condition
-isCondition [] = False
-isCondition [_] = False
-isCondition (child:parent:rest) =
-    case child of
-        T_BatsTest {} -> True -- count anything in a @test as conditional
-        _ -> getId child `elem` map getId (getConditionChildren parent) || isCondition (parent:rest)
+isCondition (x NE.:| xs) = foldr go (const False) xs x
   where
+    go _ _ T_BatsTest{} = True -- count anything in a @test as conditional
+    go parent go_rest child =
+        getId child `elem` map getId (getConditionChildren parent) || go_rest parent
     getConditionChildren t =
         case t of
             T_AndIf _ left right -> [left]
@@ -886,7 +884,7 @@ checkShorthandIf params x@(T_OrIf _ (T_AndIf id _ _) (T_Pipeline _ _ t))
         name <- getCommandBasename t
         return $ name `elem` ["echo", "exit", "return", "printf"])
     isOk _ = False
-    inCondition = isCondition $ NE.toList $ getPath (parentMap params) x
+    inCondition = isCondition $ getPath (parentMap params) x
 checkShorthandIf _ _ = return ()
 
 
@@ -3185,7 +3183,7 @@ checkUncheckedCdPushdPopd params root =
         | name `elem` ["cd", "pushd", "popd"]
             && not (isSafeDir t)
             && not (name `elem` ["pushd", "popd"] && ("n" `elem` map snd (getAllFlags t)))
-            && not (isCondition $ NE.toList $ getPath (parentMap params) t) =
+            && not (isCondition $ getPath (parentMap params) t) =
                 warnWithFix (getId t) 2164
                     ("Use '" ++ name ++ " ... || exit' or '" ++ name ++ " ... || return' in case " ++ name ++ " fails.")
                     (fixWith [replaceEnd (getId t) params 0 " || exit"])
@@ -4002,7 +4000,7 @@ checkUselessBang params t = when (hasSetE params) $ mapM_ check (getNonReturning
   where
     check t =
         case t of
-            T_Banged id cmd | not $ isCondition (NE.toList $ getPath (parentMap params) t) ->
+            T_Banged id cmd | not $ isCondition (getPath (parentMap params) t) ->
                 addComment $ makeCommentWithFix InfoC id 2251
                         "This ! is not on a condition and skips errexit. Use `&& exit 1` instead, or make sure $? is checked."
                         (fixWith [replaceStart id params 1 "", replaceEnd (getId cmd) params 0 " && exit 1"])

From b7f88ec4b72bae672f1b77e4af312990f17ab86b Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sun, 31 Dec 2023 18:09:02 -0500
Subject: [PATCH 155/244] Stop building tuples that we never look at both sides
 of

---
 src/ShellCheck/Analytics.hs | 17 +++++------------
 1 file changed, 5 insertions(+), 12 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 3f686ee..9913b09 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -4819,15 +4819,15 @@ checkExtraMaskedReturns params t =
         ++ "separately to avoid masking its return value (or use '|| true' "
         ++ "to ignore).")
 
-    isMaskDeliberate t = hasParent isOrIf t
+    isMaskDeliberate t = any isOrIf $ NE.init $ parents params t
       where
-        isOrIf _ (T_OrIf _ _ (T_Pipeline _ _ [T_Redirecting _ _ cmd]))
+        isOrIf (T_OrIf _ _ (T_Pipeline _ _ [T_Redirecting _ _ cmd]))
             = getCommandBasename cmd `elem` [Just "true", Just ":"]
-        isOrIf _ _ = False
+        isOrIf _ = False
 
-    isCheckedElsewhere t = hasParent isDeclaringCommand t
+    isCheckedElsewhere t = any isDeclaringCommand $ NE.tail $ parents params t
       where
-        isDeclaringCommand t _ = fromMaybe False $ do
+        isDeclaringCommand t = fromMaybe False $ do
             cmd <- getCommand t
             basename <- getCommandBasename cmd
             return $
@@ -4851,13 +4851,6 @@ checkExtraMaskedReturns params t =
         basename <- getCommandBasename t
         return $ basename == "time"
 
-    parentChildPairs t = go $ NE.toList $ parents params t
-      where
-        go (child:parent:rest) = (parent, child):go (parent:rest)
-        go _ = []
-
-    hasParent pred t = any (uncurry pred) (parentChildPairs t)
-
 
 -- hard error on negated command that is not last
 prop_checkBatsTestDoesNotUseNegation1 = verify checkBatsTestDoesNotUseNegation "#!/usr/bin/env/bats\n@test \"name\" { ! true;  false; }"

From 9e0fdbe431f6a9725a461b214c97f885782f0314 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sun, 31 Dec 2023 18:13:32 -0500
Subject: [PATCH 156/244] Simplify isTransparentCommand

---
 src/ShellCheck/Analytics.hs | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 9913b09..71caa62 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -4847,9 +4847,7 @@ checkExtraMaskedReturns params t =
             ,"shopt"
             ]
 
-    isTransparentCommand t = fromMaybe False $ do
-        basename <- getCommandBasename t
-        return $ basename == "time"
+    isTransparentCommand t = getCommandBasename t == Just "time"
 
 
 -- hard error on negated command that is not last

From 5a6f4840adf584da60273c6b8145c19fd7e342a4 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Mon, 1 Jan 2024 14:16:50 -0500
Subject: [PATCH 157/244] Replace a few more occurrences of !!! with pattern
 matching

---
 src/ShellCheck/ASTLib.hs | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/src/ShellCheck/ASTLib.hs b/src/ShellCheck/ASTLib.hs
index aadff05..9b151c2 100644
--- a/src/ShellCheck/ASTLib.hs
+++ b/src/ShellCheck/ASTLib.hs
@@ -858,8 +858,7 @@ getBracedModifier s = headOrDefault "" $ do
 -- Get the variables from indices like ["x", "y"] in ${var[x+y+1]}
 prop_getIndexReferences1 = getIndexReferences "var[x+y+1]" == ["x", "y"]
 getIndexReferences s = fromMaybe [] $ do
-    match <- matchRegex re s
-    index <- match !!! 0
+    index:_ <- matchRegex re s
     return $ matchAllStrings variableNameRegex index
   where
     re = mkRegex "(\\[.*\\])"
@@ -870,8 +869,7 @@ prop_getOffsetReferences3 = getOffsetReferences "[foo]:bar" == ["bar"]
 prop_getOffsetReferences4 = getOffsetReferences "[foo]:bar:baz" == ["bar", "baz"]
 getOffsetReferences mods = fromMaybe [] $ do
 -- if mods start with [, then drop until ]
-    match <- matchRegex re mods
-    offsets <- match !!! 1
+    _:offsets:_ <- matchRegex re mods
     return $ matchAllStrings variableNameRegex offsets
   where
     re = mkRegex "^(\\[.+\\])? *:([^-=?+].*)"

From 025cc5266ec1632d5f524644f0366237f604e7e8 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Mon, 1 Jan 2024 16:00:19 -0500
Subject: [PATCH 158/244] Simplify isUnquotedFlag

---
 src/ShellCheck/ASTLib.hs | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/ShellCheck/ASTLib.hs b/src/ShellCheck/ASTLib.hs
index 9b151c2..88089ea 100644
--- a/src/ShellCheck/ASTLib.hs
+++ b/src/ShellCheck/ASTLib.hs
@@ -158,9 +158,10 @@ isFlag token =
         _ -> False
 
 -- Is this token a flag where the - is unquoted?
-isUnquotedFlag token = fromMaybe False $ do
-    str <- getLeadingUnquotedString token
-    return $ "-" `isPrefixOf` str
+isUnquotedFlag token =
+    case getLeadingUnquotedString token of
+        Just ('-':_) -> True
+        _ -> False
 
 -- getGnuOpts "erd:u:" will parse a list of arguments tokens like `read`
 --     -re -d : -u 3 bar

From 67abfe159e41e33a7ad17d9b5e130756cc447510 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Mon, 1 Jan 2024 19:04:26 -0500
Subject: [PATCH 159/244] Remove most of the partial head and tail functions
 from src/ShellCheck/CFG.hs

---
 src/ShellCheck/CFG.hs | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/ShellCheck/CFG.hs b/src/ShellCheck/CFG.hs
index 5d018c8..e1d3259 100644
--- a/src/ShellCheck/CFG.hs
+++ b/src/ShellCheck/CFG.hs
@@ -615,15 +615,15 @@ build t = do
 
         T_CaseExpression id t [] -> build t
 
-        T_CaseExpression id t list -> do
+        T_CaseExpression id t list@(hd:tl) -> do
             start <- newStructuralNode
             token <- build t
-            branches <- mapM buildBranch list
+            branches <- mapM buildBranch (hd NE.:| tl)
             end <- newStructuralNode
 
-            let neighbors = zip branches $ tail branches
-            let (_, firstCond, _) = head branches
-            let (_, lastCond, lastBody) = last branches
+            let neighbors = zip (NE.toList branches) $ NE.tail branches
+            let (_, firstCond, _) = NE.head branches
+            let (_, lastCond, lastBody) = NE.last branches
 
             linkRange start token
             linkRange token firstCond

From ba86c6363c30a5dbefd0b8b9a7c5f4ab0478dc91 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Tue, 2 Jan 2024 14:46:07 -0500
Subject: [PATCH 160/244] Use maybe instead of fromMaybe and fmap

---
 src/ShellCheck/Analytics.hs   | 2 +-
 src/ShellCheck/CFGAnalysis.hs | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 71caa62..3af0455 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -5020,7 +5020,7 @@ checkPlusEqualsNumber params t =
         let
             unquotedLiteral = getUnquotedLiteral word
             isEmpty = unquotedLiteral == Just ""
-            isUnquotedNumber = not isEmpty && fromMaybe False (all isDigit <$> unquotedLiteral)
+            isUnquotedNumber = not isEmpty && maybe False (all isDigit) unquotedLiteral
             isNumericalVariableName = fromMaybe False $ do
                 str <- unquotedLiteral
                 CF.variableMayBeAssignedInteger state str
diff --git a/src/ShellCheck/CFGAnalysis.hs b/src/ShellCheck/CFGAnalysis.hs
index 16afa68..0b99c9f 100644
--- a/src/ShellCheck/CFGAnalysis.hs
+++ b/src/ShellCheck/CFGAnalysis.hs
@@ -829,7 +829,7 @@ lookupStack' functionOnly get dep def ctx key = do
     f (s:rest) = do
         -- Go up the stack until we find the value, and add
         -- a dependency on each state (including where it was found)
-        res <- fromMaybe (f rest) (return <$> get (stackState s) key)
+        res <- maybe (f rest) return (get (stackState s) key)
         modifySTRef (dependencies s) $ S.insert $ dep key res
         return res
 

From 1bce426fcfd6ff176800bd70d7a298cf261d8512 Mon Sep 17 00:00:00 2001
From: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
Date: Sun, 21 Jan 2024 02:16:35 +0100
Subject: [PATCH 161/244] Implement rcfile option

This introduces the "--rcfile" argument which allows a specific
shellcheckrc file to be passed.
If specified and the given file exists, the default locations
will not be searched and the specified file will be used.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
---
 shellcheck.1.md |  5 +++++
 shellcheck.hs   | 39 +++++++++++++++++++++++++++------------
 2 files changed, 32 insertions(+), 12 deletions(-)

diff --git a/shellcheck.1.md b/shellcheck.1.md
index 89f6d50..42a0429 100644
--- a/shellcheck.1.md
+++ b/shellcheck.1.md
@@ -71,6 +71,11 @@ not warn at all, as `ksh` supports decimals in arithmetic contexts.
 
 :   Don't try to look for .shellcheckrc configuration files.
 
+--rcfile\ RCFILE
+
+:   Prefer the specified configuration file over searching for one
+    in the default locations.
+
 **-o**\ *NAME1*[,*NAME2*...],\ **--enable=***NAME1*[,*NAME2*...]
 
 :   Enable optional checks. The special name *all* enables all of them.
diff --git a/shellcheck.hs b/shellcheck.hs
index 00b699b..42554f3 100644
--- a/shellcheck.hs
+++ b/shellcheck.hs
@@ -76,7 +76,8 @@ data Options = Options {
     externalSources  :: Bool,
     sourcePaths      :: [FilePath],
     formatterOptions :: FormatterOptions,
-    minSeverity      :: Severity
+    minSeverity      :: Severity,
+    rcfile           :: FilePath
 }
 
 defaultOptions = Options {
@@ -86,7 +87,8 @@ defaultOptions = Options {
     formatterOptions = newFormatterOptions {
         foColorOption = ColorAuto
     },
-    minSeverity = StyleC
+    minSeverity = StyleC,
+    rcfile = []
 }
 
 usageHeader = "Usage: shellcheck [OPTIONS...] FILES..."
@@ -107,6 +109,9 @@ options = [
         (NoArg $ Flag "list-optional" "true") "List checks disabled by default",
     Option "" ["norc"]
         (NoArg $ Flag "norc" "true") "Don't look for .shellcheckrc files",
+    Option "" ["rcfile"]
+        (ReqArg (Flag "rcfile") "RCFILE")
+        "Prefer the specified configuration file over searching for one",
     Option "o" ["enable"]
         (ReqArg (Flag "enable") "check1,check2..")
         "List of optional checks to enable (or 'all')",
@@ -367,6 +372,11 @@ parseOption flag options =
                 }
             }
 
+        Flag "rcfile" str -> do
+            return options {
+                rcfile = str 
+            }
+
         Flag "enable" value ->
             let cs = checkSpec options in return options {
                 checkSpec = cs {
@@ -441,18 +451,23 @@ ioInterface options files = do
         fallback :: FilePath -> IOException -> IO FilePath
         fallback path _ = return path
 
+
     -- Returns the name and contents of .shellcheckrc for the given file
     getConfig cache filename = do
-        path <- normalize filename
-        let dir = takeDirectory path
-        (previousPath, result) <- readIORef cache
-        if dir == previousPath
-          then return result
-          else do
-            paths <- getConfigPaths dir
-            result <- findConfig paths
-            writeIORef cache (dir, result)
-            return result
+        contents <- readConfig (rcfile options)
+        if isNothing contents
+          then do
+            path <- normalize filename
+            let dir = takeDirectory path
+            (previousPath, result) <- readIORef cache
+            if dir == previousPath
+              then return result
+              else do
+                paths <- getConfigPaths dir
+                result <- findConfig paths
+                writeIORef cache (dir, result)
+                return result
+          else return contents
 
     findConfig paths =
         case paths of

From de95624d310622d234149e5b1bc96da2a40ff317 Mon Sep 17 00:00:00 2001
From: Grische <2787581+grische@users.noreply.github.com>
Date: Fri, 2 Feb 2024 12:28:09 +0100
Subject: [PATCH 162/244] Remove deprecated "install --enable-tests" command

---
 README.md | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/README.md b/README.md
index ca9b847..3692319 100644
--- a/README.md
+++ b/README.md
@@ -309,10 +309,6 @@ Verify that `cabal` is installed and update its dependency list with
 
     $ cabal install
 
-Or if you intend to run the tests:
-
-    $ cabal install --enable-tests
-
 This will compile ShellCheck and install it to your `~/.cabal/bin` directory.
 
 Add this directory to your `PATH` (for bash, add this to your `~/.bashrc`):
@@ -558,4 +554,3 @@ Happy ShellChecking!
 
 * The wiki has [long form descriptions](https://github.com/koalaman/shellcheck/wiki/Checks) for each warning, e.g. [SC2221](https://github.com/koalaman/shellcheck/wiki/SC2221).
 * ShellCheck does not attempt to enforce any kind of formatting or indenting style, so also check out [shfmt](https://github.com/mvdan/sh)!
-

From 6a44a19f17c4a0590693587af3b5209d7b1b59fe Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 3 Feb 2024 13:34:49 -0800
Subject: [PATCH 163/244] Only read --rcfile once, and skip search if
 unavailable

---
 shellcheck.hs | 48 +++++++++++++++++++++++++++++-------------------
 1 file changed, 29 insertions(+), 19 deletions(-)

diff --git a/shellcheck.hs b/shellcheck.hs
index 42554f3..e933d6c 100644
--- a/shellcheck.hs
+++ b/shellcheck.hs
@@ -77,7 +77,7 @@ data Options = Options {
     sourcePaths      :: [FilePath],
     formatterOptions :: FormatterOptions,
     minSeverity      :: Severity,
-    rcfile           :: FilePath
+    rcfile           :: Maybe FilePath
 }
 
 defaultOptions = Options {
@@ -88,7 +88,7 @@ defaultOptions = Options {
         foColorOption = ColorAuto
     },
     minSeverity = StyleC,
-    rcfile = []
+    rcfile = Nothing
 }
 
 usageHeader = "Usage: shellcheck [OPTIONS...] FILES..."
@@ -374,7 +374,7 @@ parseOption flag options =
 
         Flag "rcfile" str -> do
             return options {
-                rcfile = str 
+                rcfile = Just str
             }
 
         Flag "enable" value ->
@@ -453,21 +453,31 @@ ioInterface options files = do
 
 
     -- Returns the name and contents of .shellcheckrc for the given file
-    getConfig cache filename = do
-        contents <- readConfig (rcfile options)
-        if isNothing contents
-          then do
-            path <- normalize filename
-            let dir = takeDirectory path
-            (previousPath, result) <- readIORef cache
-            if dir == previousPath
-              then return result
-              else do
-                paths <- getConfigPaths dir
-                result <- findConfig paths
-                writeIORef cache (dir, result)
-                return result
-          else return contents
+    getConfig cache filename =
+        case rcfile options of
+            Just file -> do
+                -- We have a specified rcfile. Ignore normal rcfile resolution.
+                (path, result) <- readIORef cache
+                if path == "/"
+                  then return result
+                  else do
+                    result <- readConfig file
+                    when (isNothing result) $
+                        hPutStrLn stderr $ "Warning: unable to read --rcfile " ++ file
+                    writeIORef cache ("/", result)
+                    return result
+
+            Nothing -> do
+                path <- normalize filename
+                let dir = takeDirectory path
+                (previousPath, result) <- readIORef cache
+                if dir == previousPath
+                  then return result
+                  else do
+                    paths <- getConfigPaths dir
+                    result <- findConfig paths
+                    writeIORef cache (dir, result)
+                    return result
 
     findConfig paths =
         case paths of
@@ -505,7 +515,7 @@ ioInterface options files = do
       where
         handler :: FilePath -> IOException -> IO (String, Bool)
         handler file err = do
-            putStrLn $ file ++ ": " ++ show err
+            hPutStrLn stderr $ file ++ ": " ++ show err
             return ("", True)
 
     andM a b arg = do

From d80fdfa9e8e738827a88505b26d3e596c0f0e875 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 3 Feb 2024 15:45:23 -0800
Subject: [PATCH 164/244] Add extended-analysis directive to toggle DFA

---
 CHANGELOG.md                         |  5 +++-
 shellcheck.1.md                      | 13 +++++++++
 shellcheck.hs                        | 18 +++++++++++++
 src/ShellCheck/AST.hs                |  1 +
 src/ShellCheck/ASTLib.hs             |  6 +++++
 src/ShellCheck/Analytics.hs          | 21 +++++++++------
 src/ShellCheck/AnalyzerLib.hs        |  8 ++++--
 src/ShellCheck/Checker.hs            | 40 ++++++++++++++++++++++++++++
 src/ShellCheck/Checks/Commands.hs    | 18 +++++++------
 src/ShellCheck/Checks/ControlFlow.hs |  2 +-
 src/ShellCheck/Interface.hs          |  8 ++++--
 src/ShellCheck/Parser.hs             | 10 +++++++
 12 files changed, 128 insertions(+), 22 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 897aa27..dc7f6ea 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,9 @@
 ## Git
 ### Added
+- Added support for busybox sh
+- Added flag --rcfile to specify an rc file by name.
+- Added `extended-analysis=true` directive to enable/disable dataflow analysis
+  (with a corresponding --extended-analysis flag).
 - SC2324: Warn when x+=1 appends instead of increments
 - SC2325: Warn about multiple `!`s in dash/sh.
 - SC2326: Warn about `foo | ! bar` in bash/dash/sh.
@@ -9,7 +13,6 @@
 - SC3015: Warn bashism `test _ =~ _` like in [ ]
 - SC3016: Warn bashism `test -v _` like in [ ]
 - SC3017: Warn bashism `test -a _` like in [ ]
-- Added support for busybox sh
 
 ### Fixed
 - source statements with here docs now work correctly
diff --git a/shellcheck.1.md b/shellcheck.1.md
index 42a0429..b2bef3c 100644
--- a/shellcheck.1.md
+++ b/shellcheck.1.md
@@ -56,6 +56,13 @@ not warn at all, as `ksh` supports decimals in arithmetic contexts.
     options are cumulative, but all the codes can be specified at once,
     comma-separated as a single argument.
 
+**--extended-analysis=true/false**
+
+:   Enable/disable Dataflow Analysis to identify more issues (default true). If
+    ShellCheck uses too much CPU/RAM when checking scripts with several
+    thousand lines of code, extended analysis can be disabled with this flag
+    or a directive. This flag overrides directives and rc files.
+
 **-f** *FORMAT*, **--format=***FORMAT*
 
 :   Specify the output format of shellcheck, which prints its results in the
@@ -249,6 +256,12 @@ Valid keys are:
 :   Enable an optional check by name, as listed with **--list-optional**.
     Only file-wide `enable` directives are considered.
 
+**extended-analysis**
+:   Set to true/false to enable/disable dataflow analysis. Specifying
+    `# shellcheck extended-analysis=false` in particularly large (2000+ line)
+    auto-generated scripts will reduce ShellCheck's resource usage at the
+    expense of certain checks. Extended analysis is enabled by default.
+
 **external-sources**
 :   Set to `true` in `.shellcheckrc` to always allow ShellCheck to open
     arbitrary files from 'source' statements (the way most tools do).
diff --git a/shellcheck.hs b/shellcheck.hs
index e933d6c..def3654 100644
--- a/shellcheck.hs
+++ b/shellcheck.hs
@@ -102,6 +102,8 @@ options = [
         (ReqArg (Flag "include") "CODE1,CODE2..") "Consider only given types of warnings",
     Option "e" ["exclude"]
         (ReqArg (Flag "exclude") "CODE1,CODE2..") "Exclude types of warnings",
+    Option "" ["extended-analysis"]
+        (ReqArg (Flag "extended-analysis") "bool") "Perform dataflow analysis (default true)",
     Option "f" ["format"]
         (ReqArg (Flag "format") "FORMAT") $
         "Output format (" ++ formatList ++ ")",
@@ -384,6 +386,14 @@ parseOption flag options =
                 }
             }
 
+        Flag "extended-analysis" str -> do
+            value <- parseBool str
+            return options {
+                checkSpec = (checkSpec options) {
+                    csExtendedAnalysis = Just value
+                }
+            }
+
         -- This flag is handled specially in 'process'
         Flag "format" _ -> return options
 
@@ -401,6 +411,14 @@ parseOption flag options =
             throwError SyntaxFailure
         return (Prelude.read num :: Integer)
 
+    parseBool str = do
+        case str of
+            "true" -> return True
+            "false" -> return False
+            _ -> do
+                printErr $ "Invalid boolean, expected true/false: " ++ str
+                throwError SyntaxFailure
+
 ioInterface :: Options -> [FilePath] -> IO (SystemInterface IO)
 ioInterface options files = do
     inputs <- mapM normalize files
diff --git a/src/ShellCheck/AST.hs b/src/ShellCheck/AST.hs
index 5c20416..ca05c98 100644
--- a/src/ShellCheck/AST.hs
+++ b/src/ShellCheck/AST.hs
@@ -152,6 +152,7 @@ data Annotation =
     | ShellOverride String
     | SourcePath String
     | ExternalSources Bool
+    | ExtendedAnalysis Bool
     deriving (Show, Eq)
 data ConditionType = DoubleBracket | SingleBracket deriving (Show, Eq)
 
diff --git a/src/ShellCheck/ASTLib.hs b/src/ShellCheck/ASTLib.hs
index 88089ea..6b26b22 100644
--- a/src/ShellCheck/ASTLib.hs
+++ b/src/ShellCheck/ASTLib.hs
@@ -910,5 +910,11 @@ getEnableDirectives root =
         T_Annotation _ list _ -> [s | EnableComment s <- list]
         _ -> []
 
+getExtendedAnalysisDirective :: Token -> Maybe Bool
+getExtendedAnalysisDirective root =
+    case root of
+        T_Annotation _ list _ -> listToMaybe $ [s | ExtendedAnalysis s <- list]
+        _ -> Nothing
+
 return []
 runTests = $quickCheckAll
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 3af0455..f885842 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -1262,7 +1262,8 @@ checkNumberComparisons params (TC_Binary id typ op lhs rhs) = do
                     str = concat $ oversimplify c
                     var = getBracedReference str
                 in fromMaybe False $ do
-                    state <- CF.getIncomingState (cfgAnalysis params) id
+                    cfga <- cfgAnalysis params
+                    state <- CF.getIncomingState cfga id
                     value <- Map.lookup var $ CF.variablesInScope state
                     return $ CF.numericalStatus (CF.variableValue value) >= CF.NumericalStatusMaybe
             _ ->
@@ -2143,7 +2144,8 @@ checkSpacefulnessCfg' dirtyPass params token@(T_DollarBraced id _ list) =
               && not (usedAsCommandName parents token)
 
     isClean = fromMaybe False $ do
-        state <- CF.getIncomingState (cfgAnalysis params) id
+        cfga <- cfgAnalysis params
+        state <- CF.getIncomingState cfga id
         value <- Map.lookup name $ CF.variablesInScope state
         return $ isCleanState value
 
@@ -4896,7 +4898,8 @@ prop_checkCommandIsUnreachable3 = verifyNot checkCommandIsUnreachable "foo; bar
 checkCommandIsUnreachable params t =
     case t of
         T_Pipeline {} -> sequence_ $ do
-            state <- CF.getIncomingState (cfgAnalysis params) id
+            cfga <- cfgAnalysis params
+            state <- CF.getIncomingState cfga id
             guard . not $ CF.stateIsReachable state
             guard . not $ isSourced params t
             return $ info id 2317 "Command appears to be unreachable. Check usage (or ignore if invoked indirectly)."
@@ -4918,14 +4921,15 @@ checkOverwrittenExitCode params t =
         _ -> return ()
   where
     check id = sequence_ $ do
-        state <- CF.getIncomingState (cfgAnalysis params) id
+        cfga <- cfgAnalysis params
+        state <- CF.getIncomingState cfga id
         let exitCodeIds = CF.exitCodes state
         guard . not $ S.null exitCodeIds
 
         let idToToken = idMap params
         exitCodeTokens <- traverse (\k -> Map.lookup k idToToken) $ S.toList exitCodeIds
         return $ do
-            when (all isCondition exitCodeTokens && not (usedUnconditionally t exitCodeIds)) $
+            when (all isCondition exitCodeTokens && not (usedUnconditionally cfga t exitCodeIds)) $
                 warn id 2319 "This $? refers to a condition, not a command. Assign to a variable to avoid it being overwritten."
             when (all isPrinting exitCodeTokens) $
                 warn id 2320 "This $? refers to echo/printf, not a previous command. Assign to variable to avoid it being overwritten."
@@ -4938,8 +4942,8 @@ checkOverwrittenExitCode params t =
 
     -- If we don't do anything based on the condition, assume we wanted the condition itself
     -- This helps differentiate `x; [ $? -gt 0 ] && exit $?` vs `[ cond ]; exit $?`
-    usedUnconditionally t testIds =
-        all (\c -> CF.doesPostDominate (cfgAnalysis params) (getId t) c) testIds
+    usedUnconditionally cfga t testIds =
+        all (\c -> CF.doesPostDominate cfga (getId t) c) testIds
 
     isPrinting t =
         case getCommandBasename t of
@@ -5009,7 +5013,8 @@ prop_checkPlusEqualsNumber9 = verifyNot checkPlusEqualsNumber "declare -ia var;
 checkPlusEqualsNumber params t =
     case t of
         T_Assignment id Append var _ word -> sequence_ $ do
-            state <- CF.getIncomingState (cfgAnalysis params) id
+            cfga <- cfgAnalysis params
+            state <- CF.getIncomingState cfga id
             guard $ isNumber state word
             guard . not $ fromMaybe False $ CF.variableMayBeDeclaredInteger state var
             return $ warn id 2324 "var+=1 will append, not increment. Use (( var += 1 )), declare -i var, or quote number to silence."
diff --git a/src/ShellCheck/AnalyzerLib.hs b/src/ShellCheck/AnalyzerLib.hs
index 944b12d..d265ace 100644
--- a/src/ShellCheck/AnalyzerLib.hs
+++ b/src/ShellCheck/AnalyzerLib.hs
@@ -104,7 +104,7 @@ data Parameters = Parameters {
     -- map from token id to start and end position
     tokenPositions     :: Map.Map Id (Position, Position),
     -- Result from Control Flow Graph analysis (including data flow analysis)
-    cfgAnalysis :: CF.CFGAnalysis
+    cfgAnalysis :: Maybe CF.CFGAnalysis
     } deriving (Show)
 
 -- TODO: Cache results of common AST ops here
@@ -197,8 +197,10 @@ makeCommentWithFix severity id code str fix =
         }
     in force withFix
 
+-- makeParameters :: CheckSpec -> Parameters
 makeParameters spec = params
   where
+    extendedAnalysis = fromMaybe True $ msum [asExtendedAnalysis spec, getExtendedAnalysisDirective root]
     params = Parameters {
         rootNode = root,
         shellType = fromMaybe (determineShell (asFallbackShell spec) root) $ asShellType spec,
@@ -229,7 +231,9 @@ makeParameters spec = params
         parentMap = getParentTree root,
         variableFlow = getVariableFlow params root,
         tokenPositions = asTokenPositions spec,
-        cfgAnalysis = CF.analyzeControlFlow cfParams root
+        cfgAnalysis = do
+            guard extendedAnalysis
+            return $ CF.analyzeControlFlow cfParams root
     }
     cfParams = CF.CFGParameters {
         CF.cfLastpipe = hasLastpipe params,
diff --git a/src/ShellCheck/Checker.hs b/src/ShellCheck/Checker.hs
index 6c9166f..0cfc3ab 100644
--- a/src/ShellCheck/Checker.hs
+++ b/src/ShellCheck/Checker.hs
@@ -25,6 +25,7 @@ import ShellCheck.ASTLib
 import ShellCheck.Interface
 import ShellCheck.Parser
 
+import Debug.Trace -- DO NOT SUBMIT
 import Data.Either
 import Data.Functor
 import Data.List
@@ -86,6 +87,7 @@ checkScript sys spec = do
                     asCheckSourced = csCheckSourced spec,
                     asExecutionMode = Executed,
                     asTokenPositions = tokenPositions,
+                    asExtendedAnalysis = csExtendedAnalysis spec,
                     asOptionalChecks = getEnableDirectives root ++ csOptionalChecks spec
                 } where as = newAnalysisSpec root
         let analysisMessages =
@@ -520,5 +522,43 @@ prop_hereDocsWillHaveParsedIndices = null result
   where
     result = check "#!/bin/bash\nmy_array=(a b)\ncat <<EOF >> ./test\n $(( 1 + my_array[1] ))\nEOF"
 
+prop_rcCanSuppressDfa = null result
+  where
+    result = checkWithRc "extended-analysis=false" emptyCheckSpec {
+        csScript = "#!/bin/sh\nexit; foo;"
+    }
+
+prop_fileCanSuppressDfa = null $ traceShowId result
+  where
+    result = checkWithRc "" emptyCheckSpec {
+        csScript = "#!/bin/sh\n# shellcheck extended-analysis=false\nexit; foo;"
+    }
+
+prop_fileWinsWhenSuppressingDfa1 = null result
+  where
+    result = checkWithRc "extended-analysis=true" emptyCheckSpec {
+        csScript = "#!/bin/sh\n# shellcheck extended-analysis=false\nexit; foo;"
+    }
+
+prop_fileWinsWhenSuppressingDfa2 = result == [2317]
+  where
+    result = checkWithRc "extended-analysis=false" emptyCheckSpec {
+        csScript = "#!/bin/sh\n# shellcheck extended-analysis=true\nexit; foo;"
+    }
+
+prop_flagWinsWhenSuppressingDfa1 = result == [2317]
+  where
+    result = checkWithRc "extended-analysis=false" emptyCheckSpec {
+        csScript = "#!/bin/sh\n# shellcheck extended-analysis=false\nexit; foo;",
+        csExtendedAnalysis = Just True
+    }
+
+prop_flagWinsWhenSuppressingDfa2 = null result
+  where
+    result = checkWithRc "extended-analysis=true" emptyCheckSpec {
+        csScript = "#!/bin/sh\n# shellcheck extended-analysis=true\nexit; foo;",
+        csExtendedAnalysis = Just False
+    }
+
 return []
 runTests = $quickCheckAll
diff --git a/src/ShellCheck/Checks/Commands.hs b/src/ShellCheck/Checks/Commands.hs
index 97c9088..c10016e 100644
--- a/src/ShellCheck/Checks/Commands.hs
+++ b/src/ShellCheck/Checks/Commands.hs
@@ -1430,26 +1430,28 @@ prop_checkBackreferencingDeclaration6 = verify (checkBackreferencingDeclaration
 prop_checkBackreferencingDeclaration7 = verify (checkBackreferencingDeclaration "declare") "declare x=var $k=$x"
 checkBackreferencingDeclaration cmd = CommandCheck (Exactly cmd) check
   where
-    check t = foldM_ perArg M.empty $ arguments t
+    check t = do
+        cfga <- asks cfgAnalysis
+        when (isJust cfga) $
+            foldM_ (perArg $ fromJust cfga) M.empty $ arguments t
 
-    perArg leftArgs t =
+    perArg cfga leftArgs t =
         case t of
             T_Assignment id _ name idx t -> do
-                warnIfBackreferencing leftArgs $ t:idx
+                warnIfBackreferencing cfga leftArgs $ t:idx
                 return $ M.insert name id leftArgs
             t -> do
-                warnIfBackreferencing leftArgs [t]
+                warnIfBackreferencing cfga leftArgs [t]
                 return leftArgs
 
-    warnIfBackreferencing backrefs l = do
-        references <- findReferences l
+    warnIfBackreferencing cfga backrefs l = do
+        references <- findReferences cfga l
         let reused = M.intersection backrefs references
         mapM msg $ M.toList reused
 
     msg (name, id) = warn id 2318 $ "This assignment is used again in this '" ++ cmd ++ "', but won't have taken effect. Use two '" ++ cmd ++ "'s."
 
-    findReferences list = do
-        cfga <- asks cfgAnalysis
+    findReferences cfga list = do
         let graph = CF.graph cfga
         let nodesMap = CF.tokenToNodes cfga
         let nodes = S.unions $ map (\id -> M.findWithDefault S.empty id nodesMap) $ map getId $ list
diff --git a/src/ShellCheck/Checks/ControlFlow.hs b/src/ShellCheck/Checks/ControlFlow.hs
index 9b7635e..d23fa15 100644
--- a/src/ShellCheck/Checks/ControlFlow.hs
+++ b/src/ShellCheck/Checks/ControlFlow.hs
@@ -78,7 +78,7 @@ controlFlowEffectChecks = [
 runNodeChecks :: [ControlFlowNodeCheck] -> ControlFlowCheck
 runNodeChecks perNode = do
     cfg <- asks cfgAnalysis
-    runOnAll cfg
+    sequence_ $ runOnAll <$> cfg
   where
     getData datas n@(node, label) = do
         (pre, post) <- M.lookup node datas
diff --git a/src/ShellCheck/Interface.hs b/src/ShellCheck/Interface.hs
index c574cee..04e3c5a 100644
--- a/src/ShellCheck/Interface.hs
+++ b/src/ShellCheck/Interface.hs
@@ -21,11 +21,11 @@
 module ShellCheck.Interface
     (
     SystemInterface(..)
-    , CheckSpec(csFilename, csScript, csCheckSourced, csIncludedWarnings, csExcludedWarnings, csShellTypeOverride, csMinSeverity, csIgnoreRC, csOptionalChecks)
+    , CheckSpec(csFilename, csScript, csCheckSourced, csIncludedWarnings, csExcludedWarnings, csShellTypeOverride, csMinSeverity, csIgnoreRC, csExtendedAnalysis, csOptionalChecks)
     , CheckResult(crFilename, crComments)
     , ParseSpec(psFilename, psScript, psCheckSourced, psIgnoreRC, psShellTypeOverride)
     , ParseResult(prComments, prTokenPositions, prRoot)
-    , AnalysisSpec(asScript, asShellType, asFallbackShell, asExecutionMode, asCheckSourced, asTokenPositions, asOptionalChecks)
+    , AnalysisSpec(asScript, asShellType, asFallbackShell, asExecutionMode, asCheckSourced, asTokenPositions, asExtendedAnalysis, asOptionalChecks)
     , AnalysisResult(arComments)
     , FormatterOptions(foColorOption, foWikiLinkCount)
     , Shell(Ksh, Sh, Bash, Dash, BusyboxSh)
@@ -100,6 +100,7 @@ data CheckSpec = CheckSpec {
     csIncludedWarnings :: Maybe [Integer],
     csShellTypeOverride :: Maybe Shell,
     csMinSeverity :: Severity,
+    csExtendedAnalysis :: Maybe Bool,
     csOptionalChecks :: [String]
 } deriving (Show, Eq)
 
@@ -124,6 +125,7 @@ emptyCheckSpec = CheckSpec {
     csIncludedWarnings = Nothing,
     csShellTypeOverride = Nothing,
     csMinSeverity = StyleC,
+    csExtendedAnalysis = Nothing,
     csOptionalChecks = []
 }
 
@@ -174,6 +176,7 @@ data AnalysisSpec = AnalysisSpec {
     asExecutionMode :: ExecutionMode,
     asCheckSourced :: Bool,
     asOptionalChecks :: [String],
+    asExtendedAnalysis :: Maybe Bool,
     asTokenPositions :: Map.Map Id (Position, Position)
 }
 
@@ -184,6 +187,7 @@ newAnalysisSpec token = AnalysisSpec {
     asExecutionMode = Executed,
     asCheckSourced = False,
     asOptionalChecks = [],
+    asExtendedAnalysis = Nothing,
     asTokenPositions = Map.empty
 }
 
diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 130d956..9cc5e02 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -1058,6 +1058,16 @@ readAnnotationWithoutPrefix sandboxed = do
                         "This shell type is unknown. Use e.g. sh or bash."
                 return [ShellOverride shell]
 
+            "extended-analysis" -> do
+                pos <- getPosition
+                value <- plainOrQuoted $ many1 letter
+                case value of
+                    "true" -> return [ExtendedAnalysis True]
+                    "false" -> return [ExtendedAnalysis False]
+                    _ -> do
+                        parseNoteAt pos ErrorC 1146 "Unknown extended-analysis value. Expected true/false."
+                        return []
+
             "external-sources" -> do
                 pos <- getPosition
                 value <- plainOrQuoted $ many1 letter

From 8c4c112c2504b630b5e58a87c8f42bbe9c955946 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Mon, 19 Feb 2024 09:28:04 -0800
Subject: [PATCH 165/244] Initial version of an ARM64 macOS build

---
 .github/workflows/build.yml     |  2 +-
 build/darwin.aarch64/Dockerfile | 40 +++++++++++++++++++++++++++++++++
 build/darwin.aarch64/build      | 15 +++++++++++++
 build/darwin.aarch64/tag        |  1 +
 4 files changed, 57 insertions(+), 1 deletion(-)
 create mode 100644 build/darwin.aarch64/Dockerfile
 create mode 100755 build/darwin.aarch64/build
 create mode 100644 build/darwin.aarch64/tag

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 3e6fb27..c49b25a 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -47,7 +47,7 @@ jobs:
     needs: package_source
     strategy:
       matrix:
-        build: [linux.x86_64, linux.aarch64, linux.armv6hf, darwin.x86_64, windows.x86_64]
+        build: [linux.x86_64, linux.aarch64, linux.armv6hf, darwin.x86_64, darwin.aarch64, windows.x86_64]
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
diff --git a/build/darwin.aarch64/Dockerfile b/build/darwin.aarch64/Dockerfile
new file mode 100644
index 0000000..7839728
--- /dev/null
+++ b/build/darwin.aarch64/Dockerfile
@@ -0,0 +1,40 @@
+FROM ghcr.io/shepherdjerred/macos-cross-compiler:latest
+
+ENV TARGET aarch64-apple-darwin22
+ENV TARGETNAME darwin.aarch64
+
+# Build dependencies
+USER root
+ENV DEBIAN_FRONTEND noninteractive
+ENV LC_ALL C.utf8
+
+# Install basic deps
+RUN apt-get update && apt-get install -y automake autoconf build-essential curl xz-utils qemu-user-static
+
+# Install a more suitable host compiler
+WORKDIR /host-ghc
+RUN curl -L "https://downloads.haskell.org/~cabal/cabal-install-3.9.0.0/cabal-install-3.9-x86_64-linux-alpine.tar.xz" | tar xJv -C /usr/local/bin
+RUN curl -L 'https://downloads.haskell.org/~ghc/8.10.7/ghc-8.10.7-x86_64-deb10-linux.tar.xz' | tar xJ --strip-components=1
+RUN ./configure && make install
+
+# Build GHC. We have to use an old version because cross-compilation across OS has since broken.
+WORKDIR /ghc
+RUN curl -L "https://downloads.haskell.org/~ghc/8.10.7/ghc-8.10.7-src.tar.xz" | tar xJ --strip-components=1
+RUN apt-get install -y llvm-12
+RUN ./boot && ./configure --host x86_64-linux-gnu --build x86_64-linux-gnu --target "$TARGET"
+RUN cp mk/flavours/quick-cross.mk mk/build.mk && make -j "$(nproc)"
+RUN make install
+
+# Due to an apparent cabal bug, we specify our options directly to cabal
+# It won't reuse caches if ghc-options are specified in ~/.cabal/config
+ENV CABALOPTS "--ghc-options;-optc-Os -optc-fPIC;--with-ghc=$TARGET-ghc;--with-hc-pkg=$TARGET-ghc-pkg;--constraint=hashable==1.3.5.0"
+
+# Prebuild the dependencies
+RUN cabal update
+RUN IFS=';' && cabal install --dependencies-only $CABALOPTS ShellCheck
+
+# Copy the build script
+COPY build /usr/bin
+
+WORKDIR /scratch
+ENTRYPOINT ["/usr/bin/build"]
diff --git a/build/darwin.aarch64/build b/build/darwin.aarch64/build
new file mode 100755
index 0000000..c15717a
--- /dev/null
+++ b/build/darwin.aarch64/build
@@ -0,0 +1,15 @@
+#!/bin/sh
+set -xe
+{
+  tar xzv --strip-components=1
+  chmod +x striptests && ./striptests
+  mkdir "$TARGETNAME"
+  cabal update
+  ( IFS=';'; cabal build $CABALOPTS )
+  find . -name shellcheck -type f -exec mv {} "$TARGETNAME/" \;
+  ls -l "$TARGETNAME"
+  "$TARGET-strip" "$TARGETNAME/shellcheck"
+  ls -l "$TARGETNAME"
+  file "$TARGETNAME/shellcheck" | grep "Mach-O 64-bit arm64 executable"
+} >&2
+tar czv "$TARGETNAME"
diff --git a/build/darwin.aarch64/tag b/build/darwin.aarch64/tag
new file mode 100644
index 0000000..ae93ef3
--- /dev/null
+++ b/build/darwin.aarch64/tag
@@ -0,0 +1 @@
+koalaman/scbuilder-darwin-aarch64

From 55be4543f225824e1f6534973ad51c7833343e4e Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Mon, 19 Feb 2024 11:40:30 -0800
Subject: [PATCH 166/244] Avoid stripping darwin.aarch64 binaries to keep code
 signature

---
 build/darwin.aarch64/build | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/build/darwin.aarch64/build b/build/darwin.aarch64/build
index c15717a..4235d3a 100755
--- a/build/darwin.aarch64/build
+++ b/build/darwin.aarch64/build
@@ -8,7 +8,9 @@ set -xe
   ( IFS=';'; cabal build $CABALOPTS )
   find . -name shellcheck -type f -exec mv {} "$TARGETNAME/" \;
   ls -l "$TARGETNAME"
-  "$TARGET-strip" "$TARGETNAME/shellcheck"
+  # Stripping invalidates the code signature and the build image does
+  # not appear to have anything similar to the 'codesign' tool.
+  # "$TARGET-strip" "$TARGETNAME/shellcheck"
   ls -l "$TARGETNAME"
   file "$TARGETNAME/shellcheck" | grep "Mach-O 64-bit arm64 executable"
 } >&2

From ad3c3146f0e10fcd331a1c8bba29e710f4417c99 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 3 Mar 2024 12:34:29 -0800
Subject: [PATCH 167/244] Fix snap build

---
 .snapsquid.conf     | 14 --------------
 snap/snapcraft.yaml | 18 +++++++++---------
 2 files changed, 9 insertions(+), 23 deletions(-)
 delete mode 100644 .snapsquid.conf

diff --git a/.snapsquid.conf b/.snapsquid.conf
deleted file mode 100644
index 205c1a6..0000000
--- a/.snapsquid.conf
+++ /dev/null
@@ -1,14 +0,0 @@
-# In 2015, cabal-install had a http bug triggered when proxies didn't keep
-# the connection open. This version made it into Ubuntu Xenial as used by
-# Snapcraft. In June 2018, Snapcraft's proxy started triggering this bug.
-#
-#     https://bugs.launchpad.net/launchpad-buildd/+bug/1797809
-#
-# Workaround: add more proxy
-
-visible_hostname localhost
-http_port 8888
-cache_peer 10.10.10.1 parent 8222 0 no-query default
-cache_peer_domain localhost !.internal
-http_access allow all
-
diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml
index e14b854..f294c4e 100644
--- a/snap/snapcraft.yaml
+++ b/snap/snapcraft.yaml
@@ -23,7 +23,7 @@ description: |
       # snap connect shellcheck:removable-media
 
 version: git
-base: core18
+base: core20
 grade: stable
 confinement: strict
 
@@ -40,16 +40,16 @@ parts:
     source: .
     build-packages:
       - cabal-install
-      - squid
+    stage-packages:
+      - libatomic1
     override-build: |
-      # See comments in .snapsquid.conf
-      [ "$http_proxy" ] && {
-        squid3 -f .snapsquid.conf
-        export http_proxy="http://localhost:8888"
-        sleep 3
-      }
+      # Give ourselves enough memory to build
+      dd if=/dev/zero of=/tmp/swap bs=1M count=2000
+      mkswap /tmp/swap
+      swapon /tmp/swap
+
       cabal sandbox init
-      cabal update || cat /var/log/squid/*
+      cabal update
       cabal install -j
 
       install -d $SNAPCRAFT_PART_INSTALL/usr/bin

From 8bc7345aa7ec55f79a433388f443dddf4e89e270 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 3 Mar 2024 16:11:44 -0800
Subject: [PATCH 168/244] Remove outdated distros from testing

---
 test/distrotest | 2 --
 1 file changed, 2 deletions(-)

diff --git a/test/distrotest b/test/distrotest
index 4ad66f8..ef467b8 100755
--- a/test/distrotest
+++ b/test/distrotest
@@ -76,8 +76,6 @@ archlinux:latest      pacman -S -y --noconfirm cabal-install ghc-static base-dev
 # Ubuntu LTS
 ubuntu:22.04          apt-get update && apt-get install -y cabal-install
 ubuntu:20.04          apt-get update && apt-get install -y cabal-install
-ubuntu:18.04          apt-get update && apt-get install -y cabal-install
-ubuntu:16.04          apt-get update && apt-get install -y cabal-install
 
 # Stack on Ubuntu LTS
 ubuntu:22.04          set -e; apt-get update && apt-get install -y curl && curl -sSL https://get.haskellstack.org/ | sh -s - -f && cd /mnt && exec test/stacktest

From a7e65dca8d7b0d19db9808e9ae17e2aa86ddbba4 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Mon, 4 Mar 2024 09:19:51 -0800
Subject: [PATCH 169/244] Update some copyright years

---
 shellcheck.1.md             | 2 +-
 src/ShellCheck/Analytics.hs | 2 +-
 src/ShellCheck/Interface.hs | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/shellcheck.1.md b/shellcheck.1.md
index b2bef3c..b873e45 100644
--- a/shellcheck.1.md
+++ b/shellcheck.1.md
@@ -397,7 +397,7 @@ long list of wonderful contributors.
 
 # COPYRIGHT
 
-Copyright 2012-2022, Vidar Holen and contributors.
+Copyright 2012-2024, Vidar Holen and contributors.
 Licensed under the GNU General Public License version 3 or later,
 see https://gnu.org/licenses/gpl.html
 
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index f885842..1cc8bf8 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -1,5 +1,5 @@
 {-
-    Copyright 2012-2022 Vidar Holen
+    Copyright 2012-2024 Vidar Holen
 
     This file is part of ShellCheck.
     https://www.shellcheck.net
diff --git a/src/ShellCheck/Interface.hs b/src/ShellCheck/Interface.hs
index 04e3c5a..16a7e36 100644
--- a/src/ShellCheck/Interface.hs
+++ b/src/ShellCheck/Interface.hs
@@ -1,5 +1,5 @@
 {-
-    Copyright 2012-2019 Vidar Holen
+    Copyright 2012-2024 Vidar Holen
 
     This file is part of ShellCheck.
     https://www.shellcheck.net

From 37dfb67768db726092fde482d338943d678e6988 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Thu, 7 Mar 2024 17:53:15 -0800
Subject: [PATCH 170/244] Stable version v0.10.0

This release is dedicated to LLMs, for finally fulfilling the promise of
1960s scifi: systems you can hack using logic games and creative lies.
---
 CHANGELOG.md     | 6 +++---
 ShellCheck.cabal | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index dc7f6ea..6c8beeb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,6 @@
-## Git
+## v0.10.0 - 2024-03-07
 ### Added
+- Precompiled binaries for macOS ARM64 (darwin.aarch64)
 - Added support for busybox sh
 - Added flag --rcfile to specify an rc file by name.
 - Added `extended-analysis=true` directive to enable/disable dataflow analysis
@@ -16,8 +17,7 @@
 
 ### Fixed
 - source statements with here docs now work correctly
-
-### Changed
+- "(Array.!): undefined array element" error should no longer occur
 
 
 ## v0.9.0 - 2022-12-12
diff --git a/ShellCheck.cabal b/ShellCheck.cabal
index a12f75e..fc52b12 100644
--- a/ShellCheck.cabal
+++ b/ShellCheck.cabal
@@ -1,5 +1,5 @@
 Name:             ShellCheck
-Version:          0.9.0
+Version:          0.10.0
 Synopsis:         Shell script analysis tool
 License:          GPL-3
 License-file:     LICENSE

From 94214ee725122b91374b1782e93ae239aff04762 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Thu, 7 Mar 2024 19:11:12 -0800
Subject: [PATCH 171/244] Post-release CHANGELOG

---
 CHANGELOG.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6c8beeb..b40245a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,8 @@
+## Git
+### Added
+### Fixed
+
+
 ## v0.10.0 - 2024-03-07
 ### Added
 - Precompiled binaries for macOS ARM64 (darwin.aarch64)

From 50db9a29c45f1f2a0db7ec60c8850c99e8e31d6e Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Thu, 7 Mar 2024 19:11:32 -0800
Subject: [PATCH 172/244] Check source details before git details

---
 test/check_release | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/test/check_release b/test/check_release
index fd1dbca..4aef69a 100755
--- a/test/check_release
+++ b/test/check_release
@@ -12,6 +12,17 @@ then
   fail "There are uncommitted changes"
 fi
 
+version=${current#v}
+if ! grep "Version:" ShellCheck.cabal | grep -qFw "$version"
+then
+  fail "The cabal file does not match tag version $version"
+fi
+
+if ! grep -qF "## $current" CHANGELOG.md
+then
+  fail "CHANGELOG.md does not contain '## $current'"
+fi
+
 current=$(git tag --points-at)
 if [[ -z "$current" ]]
 then
@@ -34,17 +45,6 @@ then
   fail "You are not on master"
 fi
 
-version=${current#v}
-if ! grep "Version:" ShellCheck.cabal | grep -qFw "$version"
-then
-  fail "The cabal file does not match tag version $version"
-fi
-
-if ! grep -qF "## $current" CHANGELOG.md
-then
-  fail "CHANGELOG.md does not contain '## $current'"
-fi
-
 if [[ $(git log -1 --pretty=%B) != "Stable version "* ]]
 then
   fail "Expected git log message to be 'Stable version ...'"

From 9cb21c8557cb981e5f49da20af9335bb68f04dee Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lawrence=20Vel=C3=A1zquez?= <vq@larryv.me>
Date: Fri, 8 Mar 2024 18:24:08 -0500
Subject: [PATCH 173/244] Recommend `typeset` instead of `declare` in SC2324

Bash has both `typeset` and `declare`, but ksh has `typeset` only.
Recommend the more portable alternative to users.
---
 src/ShellCheck/Analytics.hs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 1cc8bf8..f37ac1d 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -5017,7 +5017,8 @@ checkPlusEqualsNumber params t =
             state <- CF.getIncomingState cfga id
             guard $ isNumber state word
             guard . not $ fromMaybe False $ CF.variableMayBeDeclaredInteger state var
-            return $ warn id 2324 "var+=1 will append, not increment. Use (( var += 1 )), declare -i var, or quote number to silence."
+            -- Recommend "typeset" because ksh does not have "declare".
+            return $ warn id 2324 "var+=1 will append, not increment. Use (( var += 1 )), typeset -i var, or quote number to silence."
         _ -> return ()
 
   where

From 52dc66349b0882b0d6ac3d81a81f3eef0b155158 Mon Sep 17 00:00:00 2001
From: Joachim Ansorg <github@ja-dev.eu>
Date: Tue, 12 Mar 2024 17:36:20 +0100
Subject: [PATCH 174/244] fix build of linux.aarch64

---
 build/linux.aarch64/Dockerfile | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/build/linux.aarch64/Dockerfile b/build/linux.aarch64/Dockerfile
index d5320e9..fadb6a4 100644
--- a/build/linux.aarch64/Dockerfile
+++ b/build/linux.aarch64/Dockerfile
@@ -12,11 +12,15 @@ RUN apt-get update && apt-get install -y llvm gcc-$TARGET
 
 # The rest are from 22.10
 RUN sed -e 's/focal/kinetic/g' -i /etc/apt/sources.list
+# Kinetic does not receive updates anymore, switch to last available
+RUN sed -e 's/archive.ubuntu.com/old-releases.ubuntu.com/g' -i /etc/apt/sources.list
+RUN sed -e 's/security.ubuntu.com/old-releases.ubuntu.com/g' -i /etc/apt/sources.list
+
 RUN apt-get update && apt-get install -y ghc alex happy automake autoconf build-essential curl qemu-user-static
 
 # Build GHC
 WORKDIR /ghc
-RUN curl -L "https://downloads.haskell.org/~ghc/9.2.5/ghc-9.2.5-src.tar.xz" | tar xJ --strip-components=1
+RUN curl -L "https://downloads.haskell.org/~ghc/9.2.8/ghc-9.2.8-src.tar.xz" | tar xJ --strip-components=1
 RUN ./boot && ./configure --host x86_64-linux-gnu --build x86_64-linux-gnu --target "$TARGET"
 RUN cp mk/flavours/quick-cross.mk mk/build.mk && make -j "$(nproc)"
 RUN make install

From c4123375e04931b3d0deb08728490687bc2fb3fd Mon Sep 17 00:00:00 2001
From: Joachim Ansorg <github@ja-dev.eu>
Date: Tue, 12 Mar 2024 18:00:36 +0100
Subject: [PATCH 175/244] build smaller ShellCheck binary for Linux x86_64

---
 build/linux.x86_64/Dockerfile | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/build/linux.x86_64/Dockerfile b/build/linux.x86_64/Dockerfile
index 3112ac2..edafb36 100644
--- a/build/linux.x86_64/Dockerfile
+++ b/build/linux.x86_64/Dockerfile
@@ -1,4 +1,8 @@
-FROM alpine:latest
+FROM alpine:3.16
+# alpine:3.16 (GHC 9.0.1):  5.8 megabytes
+# alpine:3.17 (GHC 9.0.2): 15.0 megabytes
+# alpine:3.18 (GHC 9.4.4): 29.0 megabytes
+# alpine:3.19 (GHC 9.4.7): 29.0 megabytes
 
 ENV TARGETNAME linux.x86_64
 

From 0a7bb1822e9c80dae21aa6aaba6d8da3de5d9e94 Mon Sep 17 00:00:00 2001
From: Hugo Sousa <55895340+hugos99@users.noreply.github.com>
Date: Thu, 4 Apr 2024 12:26:20 +0100
Subject: [PATCH 176/244] Update README.md to add macOS Arm64 pre-compiled
 binaries link

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 6542ac2..366c427 100644
--- a/README.md
+++ b/README.md
@@ -233,6 +233,7 @@ Alternatively, you can download pre-compiled binaries for the latest release her
 * [Linux, x86_64](https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.linux.x86_64.tar.xz) (statically linked)
 * [Linux, armv6hf](https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.linux.armv6hf.tar.xz), i.e. Raspberry Pi (statically linked)
 * [Linux, aarch64](https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.linux.aarch64.tar.xz) aka ARM64 (statically linked)
+* [macOS, aarch64](https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.darwin.aarch64.tar.xz) 
 * [macOS, x86_64](https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.darwin.x86_64.tar.xz)
 * [Windows, x86](https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.zip)
 

From 30b32af873c8b9e24731a5cb08bb20b7f148fa2d Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Thu, 4 Apr 2024 19:50:08 -0700
Subject: [PATCH 177/244] Add updating build images to release checks

---
 test/check_release | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/test/check_release b/test/check_release
index 4aef69a..665b265 100755
--- a/test/check_release
+++ b/test/check_release
@@ -56,11 +56,14 @@ cat << EOF
 Manual Checklist
 
 $((i++)). Make sure none of the automated checks above failed
+$((i++)). Run \`build/build_builder build/*/\` to update all builder images.
+$((j++)). \`build/run_builder dist-newstyle/sdist/ShellCheck-*.tar.gz build/*/\` to verify that they work.
+$((j++)). \`for f in \$(cat build/*/tag); do docker push "\$f"; done\` to upload them.
+$((i++)). Run test/distrotest to ensure that most distros can build OOTB.
 $((i++)). Make sure GitHub Build currently passes: https://github.com/koalaman/shellcheck/actions
 $((i++)). Make sure SnapCraft build currently works: https://build.snapcraft.io/user/koalaman
-$((i++)). Run test/distrotest to ensure that most distros can build OOTB.
 $((i++)). Format and read over the manual for bad formatting and outdated info.
-$((i++)). Make sure the Hackage package builds.
+$((i++)). Make sure the Hackage package builds locally.
 
 Release Steps
 

From 5241878e5919d3581a8e0208c3d2345532dbb65f Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Fri, 5 Apr 2024 17:15:04 -0700
Subject: [PATCH 178/244] Update Windows build image with new cURL URL

---
 build/windows.x86_64/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build/windows.x86_64/Dockerfile b/build/windows.x86_64/Dockerfile
index 1e5c5d9..2ae78ac 100644
--- a/build/windows.x86_64/Dockerfile
+++ b/build/windows.x86_64/Dockerfile
@@ -12,7 +12,7 @@ WORKDIR /haskell
 RUN curl -L "https://downloads.haskell.org/~ghc/8.10.4/ghc-8.10.4-x86_64-unknown-mingw32.tar.xz" | tar xJ --strip-components=1
 WORKDIR /haskell/bin
 RUN curl -L "https://downloads.haskell.org/~cabal/cabal-install-3.2.0.0/cabal-install-3.2.0.0-x86_64-unknown-mingw32.zip" | busybox unzip -
-RUN curl -L "https://curl.se/windows/dl-7.84.0/curl-7.84.0-win64-mingw.zip" | busybox unzip - && mv curl-7.84.0-win64-mingw/bin/* .
+RUN curl -L "https://curl.se/windows/dl-8.7.1_7/curl-8.7.1_7-win64-mingw.zip" | busybox unzip - && mv curl-*-win64-mingw/bin/* .
 ENV WINEPATH /haskell/bin
 
 # It's unknown whether Cabal on Windows suffers from the same issue

From 04a86245a10fe0a9e48755237f315999986f54c0 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Mon, 8 Apr 2024 20:24:28 -0700
Subject: [PATCH 179/244] Remove trailing space in output (fixes #2961)

---
 src/ShellCheck/Formatter/TTY.hs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ShellCheck/Formatter/TTY.hs b/src/ShellCheck/Formatter/TTY.hs
index e503639..117da6e 100644
--- a/src/ShellCheck/Formatter/TTY.hs
+++ b/src/ShellCheck/Formatter/TTY.hs
@@ -169,7 +169,7 @@ showFixedString color comments lineNum fileLines =
             -- and/or other unrelated lines.
             let (excerptFix, excerpt) = sliceFile mergedFix fileLines
             -- in the spirit of error prone
-            putStrLn $ color "message" "Did you mean: "
+            putStrLn $ color "message" "Did you mean:"
             putStrLn $ unlines $ applyFix excerptFix excerpt
 
 cuteIndent :: PositionedComment -> String

From 2c5155e43d030e1325c3c2765d8f492024b02fd9 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 14 Apr 2024 18:47:19 -0700
Subject: [PATCH 180/244] Warn about capturing the output of redirected
 commands.

---
 CHANGELOG.md                |  1 +
 src/ShellCheck/Analytics.hs | 42 +++++++++++++++++++++++++++++++++++++
 2 files changed, 43 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b40245a..25fc688 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,6 @@
 ## Git
 ### Added
+- SC2327/SC2328: Warn about capturing the output of redirected commands.
 ### Fixed
 
 
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index f37ac1d..8b74ac6 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -204,6 +204,7 @@ nodeChecks = [
     ,checkUnnecessaryArithmeticExpansionIndex
     ,checkUnnecessaryParens
     ,checkPlusEqualsNumber
+    ,checkExpansionWithRedirection
     ]
 
 optionalChecks = map fst optionalTreeChecks
@@ -5040,5 +5041,46 @@ checkPlusEqualsNumber params t =
             isUnquotedNumber || isNumericalVariableName || isNumericalVariableExpansion
 
 
+
+prop_checkExpansionWithRedirection1 = verify checkExpansionWithRedirection "var=$(foo > bar)"
+prop_checkExpansionWithRedirection2 = verify checkExpansionWithRedirection "var=`foo 1> bar`"
+prop_checkExpansionWithRedirection3 = verify checkExpansionWithRedirection "var=${ foo >> bar; }"
+prop_checkExpansionWithRedirection4 = verify checkExpansionWithRedirection "var=$(foo | bar > baz)"
+prop_checkExpansionWithRedirection5 = verifyNot checkExpansionWithRedirection "stderr=$(foo 2>&1 > /dev/null)"
+prop_checkExpansionWithRedirection6 = verifyNot checkExpansionWithRedirection "var=$(foo; bar > baz)"
+prop_checkExpansionWithRedirection7 = verifyNot checkExpansionWithRedirection "var=$(foo > bar; baz)"
+prop_checkExpansionWithRedirection8 = verifyNot checkExpansionWithRedirection "var=$(cat <&3)"
+checkExpansionWithRedirection params t =
+    case t of
+        T_DollarExpansion id [cmd] -> check id cmd
+        T_Backticked id [cmd] -> check id cmd
+        T_DollarBraceCommandExpansion id [cmd] -> check id cmd
+        _ -> return ()
+  where
+    check id pipe =
+        case pipe of
+            (T_Pipeline _ _ t@(_:_)) -> checkCmd id (last t)
+            _ -> return ()
+
+    checkCmd captureId (T_Redirecting _ redirs _) = walk captureId redirs
+
+    walk captureId [] = return ()
+    walk captureId (t:rest) =
+        case t of
+            T_FdRedirect _ _ (T_IoDuplicate _ _ "1") -> return ()
+            T_FdRedirect id "1" (T_IoDuplicate _ _ _) -> return ()
+            T_FdRedirect id "" (T_IoDuplicate _ op _) | op `elem` [T_GREATAND (Id 0), T_Greater (Id 0)] -> emit id captureId True
+            T_FdRedirect id str (T_IoFile _ op file) | str `elem` ["", "1"] && op `elem` [ T_DGREAT (Id 0), T_Greater (Id 0) ]  ->
+                if getLiteralString file == Just "/dev/null"
+                then emit id captureId False
+                else emit id captureId True
+            _ -> walk captureId rest
+
+    emit redirectId captureId suggestTee = do
+        warn captureId 2327 "This command substitution will be empty because the command's output gets redirected away."
+        err redirectId 2328 $ "This redirection takes output away from the command substitution" ++ if suggestTee then " (use tee to duplicate)." else "."
+
+
+
 return []
 runTests =  $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |])

From 69fe4e1306572fa639d92e80afe2639d6c12247f Mon Sep 17 00:00:00 2001
From: Syuugo <pub@s1204.me>
Date: Thu, 25 Apr 2024 10:35:43 +0900
Subject: [PATCH 181/244] Upgrade build workflow dependencies

---
 .github/workflows/build.yml | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index c49b25a..378a0cf 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -15,7 +15,7 @@ jobs:
           sudo apt-get install cabal-install
 
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
@@ -37,7 +37,7 @@ jobs:
           mv dist-newstyle/sdist/*.tar.gz source/source.tar.gz
 
       - name: Upload artifact
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: source
           path: source/
@@ -51,10 +51,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Download artifacts
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
 
       - name: Build source
         run: |
@@ -63,7 +63,7 @@ jobs:
           ( cd bin && ../build/run_builder ../source/source.tar.gz ../build/${{matrix.build}} )
 
       - name: Upload artifact
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: bin
           path: bin/
@@ -74,10 +74,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Download artifacts
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
 
       - name: Work around GitHub permissions bug
         run: chmod +x bin/*/shellcheck*
@@ -92,7 +92,7 @@ jobs:
           rm -rf */ README* LICENSE*
 
       - name: Upload artifact
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: deploy
           path: deploy/
@@ -109,10 +109,10 @@ jobs:
           sudo apt-get install hub
 
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Download artifacts
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
 
       - name: Upload to GitHub
         env:

From 796c6bd8482e4666c4f73d2874c3949c2bed801e Mon Sep 17 00:00:00 2001
From: Jan Dubois <jan@jandubois.com>
Date: Wed, 24 Apr 2024 19:05:29 -0700
Subject: [PATCH 182/244] Add new bats variables stderr and stderr_lines

These are being set by `run --separate-stderr` and have been introduced
in https://github.com/bats-core/bats-core/releases/tag/v1.5.0
---
 src/ShellCheck/AnalyzerLib.hs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/AnalyzerLib.hs b/src/ShellCheck/AnalyzerLib.hs
index d265ace..a2d61d2 100644
--- a/src/ShellCheck/AnalyzerLib.hs
+++ b/src/ShellCheck/AnalyzerLib.hs
@@ -535,7 +535,9 @@ getModifiedVariables t =
         T_BatsTest {} -> [
             (t, t, "lines", DataArray SourceExternal),
             (t, t, "status", DataString SourceInteger),
-            (t, t, "output", DataString SourceExternal)
+            (t, t, "output", DataString SourceExternal),
+            (t, t, "stderr", DataString SourceExternal),
+            (t, t, "stderr_lines", DataArray SourceExternal)
             ]
 
         -- Count [[ -v foo ]] as an "assignment".

From 4f81dbe839091a06a5cfaea695cf1c451ff07565 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 4 May 2024 14:21:12 -0700
Subject: [PATCH 183/244] Add warning about uninvoked functions, reduce
 repeated triggering of SC2317 (fixes #2966)

---
 CHANGELOG.md                |  2 ++
 src/ShellCheck/Analytics.hs | 23 ++++++++++++++++++++---
 2 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 25fc688..5277893 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,7 +1,9 @@
 ## Git
 ### Added
 - SC2327/SC2328: Warn about capturing the output of redirected commands.
+- SC2329: Warn when (non-escaping) functions are never invoked.
 ### Fixed
+- SC2317 about unreachable commands is now less spammy for nested ones.
 
 
 ## v0.10.0 - 2024-03-07
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 8b74ac6..685fbf4 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -4896,16 +4896,33 @@ checkBatsTestDoesNotUseNegation params t =
 prop_checkCommandIsUnreachable1 = verify checkCommandIsUnreachable "foo; bar; exit; baz"
 prop_checkCommandIsUnreachable2 = verify checkCommandIsUnreachable "die() { exit; }; foo; bar; die; baz"
 prop_checkCommandIsUnreachable3 = verifyNot checkCommandIsUnreachable "foo; bar || exit; baz"
+prop_checkCommandIsUnreachable4 = verifyNot checkCommandIsUnreachable "f() { foo; };    # Maybe sourced"
+prop_checkCommandIsUnreachable5 = verify checkCommandIsUnreachable "f() { foo; }; exit  # Not sourced"
 checkCommandIsUnreachable params t =
     case t of
         T_Pipeline {} -> sequence_ $ do
             cfga <- cfgAnalysis params
-            state <- CF.getIncomingState cfga id
+            state <- CF.getIncomingState cfga (getId t)
             guard . not $ CF.stateIsReachable state
             guard . not $ isSourced params t
-            return $ info id 2317 "Command appears to be unreachable. Check usage (or ignore if invoked indirectly)."
+            guard . not $ any (\t -> isUnreachable t || isUnreachableFunction t) $ NE.drop 1 $ getPath (parentMap params) t
+            return $ info (getId t) 2317 "Command appears to be unreachable. Check usage (or ignore if invoked indirectly)."
+        T_Function id _ _ _ _ ->
+            when (isUnreachableFunction t
+                    && (not . any isUnreachableFunction . NE.drop 1 $ getPath (parentMap params) t)
+                    && (not $ isSourced params t)) $
+                info id 2329 "This function is never invoked. Check usage (or ignored if invoked indirectly)."
         _ -> return ()
-  where id = getId t
+  where
+    isUnreachableFunction :: Token -> Bool
+    isUnreachableFunction f =
+        case f of
+            T_Function id _ _ _ t -> isUnreachable t
+            _ -> False
+    isUnreachable t = fromMaybe False $ do
+        cfga <- cfgAnalysis params
+        state <- CF.getIncomingState cfga (getId t)
+        return . not $ CF.stateIsReachable state
 
 
 prop_checkOverwrittenExitCode1 = verify checkOverwrittenExitCode "x; [ $? -eq 1 ] || [ $? -eq 2 ]"

From 76ff702e9385215a888ed21bf4330f614ab6c355 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 4 May 2024 15:12:13 -0700
Subject: [PATCH 184/244] Supress SC2015 about `A && B || C` when B is a test.

---
 CHANGELOG.md                  |  2 ++
 src/ShellCheck/Analytics.hs   | 16 +++++-----------
 src/ShellCheck/AnalyzerLib.hs |  8 ++++++++
 3 files changed, 15 insertions(+), 11 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5277893..fe38b8a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,8 @@
 ### Added
 - SC2327/SC2328: Warn about capturing the output of redirected commands.
 - SC2329: Warn when (non-escaping) functions are never invoked.
+### Changed
+- SC2015 about `A && B || C` no longer triggers when B is a test command.
 ### Fixed
 - SC2317 about unreachable commands is now less spammy for nested ones.
 
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 685fbf4..175dea6 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -877,8 +877,9 @@ prop_checkShorthandIf5 = verifyNot checkShorthandIf "foo && rm || printf b"
 prop_checkShorthandIf6 = verifyNot checkShorthandIf "if foo && bar || baz; then true; fi"
 prop_checkShorthandIf7 = verifyNot checkShorthandIf "while foo && bar || baz; do true; done"
 prop_checkShorthandIf8 = verify checkShorthandIf "if true; then foo && bar || baz; fi"
-checkShorthandIf params x@(T_OrIf _ (T_AndIf id _ _) (T_Pipeline _ _ t))
-        | not (isOk t || inCondition) =
+prop_checkShorthandIf9 = verifyNot checkShorthandIf "foo && [ -x /file ] || bar"
+checkShorthandIf params x@(T_OrIf _ (T_AndIf id _ b) (T_Pipeline _ _ t))
+        | not (isOk t || inCondition) && not (isTestCommand b) =
     info id 2015 "Note that A && B || C is not if-then-else. C may run when A is true."
   where
     isOk [t] = isAssignment t || fromMaybe False (do
@@ -4197,7 +4198,7 @@ checkBadTestAndOr params t =
         in
             mapM_ checkTest commandWithSeps
     checkTest (before, cmd, after) =
-        when (isTest cmd) $ do
+        when (isTestCommand cmd) $ do
             checkPipe before
             checkPipe after
 
@@ -4213,17 +4214,10 @@ checkBadTestAndOr params t =
             T_AndIf _ _ rhs -> checkAnds id rhs
             T_OrIf _ _ rhs -> checkAnds id rhs
             T_Pipeline _ _ list | not (null list) -> checkAnds id (last list)
-            cmd -> when (isTest cmd) $
+            cmd -> when (isTestCommand cmd) $
                 errWithFix id 2265 "Use && for logical AND. Single & will background and return true." $
                     (fixWith [replaceEnd id params 0 "&"])
 
-    isTest t =
-        case t of
-            T_Condition {} -> True
-            T_SimpleCommand {} -> t `isCommand` "test"
-            T_Redirecting _ _ t -> isTest t
-            T_Annotation _ _ t -> isTest t
-            _ -> False
 
 prop_checkComparisonWithLeadingX1 = verify checkComparisonWithLeadingX "[ x$foo = xlol ]"
 prop_checkComparisonWithLeadingX2 = verify checkComparisonWithLeadingX "test x$foo = xlol"
diff --git a/src/ShellCheck/AnalyzerLib.hs b/src/ShellCheck/AnalyzerLib.hs
index d265ace..c6e4e14 100644
--- a/src/ShellCheck/AnalyzerLib.hs
+++ b/src/ShellCheck/AnalyzerLib.hs
@@ -929,6 +929,14 @@ modifiesVariable params token name =
             Assignment (_, _, n, source) -> isTrueAssignmentSource source && n == name
             _ -> False
 
+isTestCommand t =
+    case t of
+        T_Condition {} -> True
+        T_SimpleCommand {} -> t `isCommand` "test"
+        T_Redirecting _ _ t -> isTestCommand t
+        T_Annotation _ _ t -> isTestCommand t
+        T_Pipeline _ _ [t] -> isTestCommand t
+        _ -> False
 
 return []
 runTests =  $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |])

From d705716dc45d58eef51231292758e2af9e3da30b Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 4 May 2024 15:22:09 -0700
Subject: [PATCH 185/244] Account for annotations in SC2215. Fixes #2975.

---
 src/ShellCheck/Analytics.hs | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 175dea6..dcb4ce8 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -4000,6 +4000,7 @@ prop_checkUselessBang6 = verify checkUselessBang "set -e; { ! true; }"
 prop_checkUselessBang7 = verifyNot checkUselessBang "set -e; x() { ! [ x ]; }"
 prop_checkUselessBang8 = verifyNot checkUselessBang "set -e; if { ! true; }; then true; fi"
 prop_checkUselessBang9 = verifyNot checkUselessBang "set -e; while ! true; do true; done"
+prop_checkUselessBang10 = verify checkUselessBang "set -e\nshellcheck disable=SC0000\n! true\nrest"
 checkUselessBang params t = when (hasSetE params) $ mapM_ check (getNonReturningCommands t)
   where
     check t =
@@ -4008,6 +4009,7 @@ checkUselessBang params t = when (hasSetE params) $ mapM_ check (getNonReturning
                 addComment $ makeCommentWithFix InfoC id 2251
                         "This ! is not on a condition and skips errexit. Use `&& exit 1` instead, or make sure $? is checked."
                         (fixWith [replaceStart id params 1 "", replaceEnd (getId cmd) params 0 " && exit 1"])
+            T_Annotation _ _ t -> check t
             _ -> return ()
 
     -- Get all the subcommands that aren't likely to be the return value

From a7a906e2cbca41611f232208ae062fe7ddc719f7 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 4 May 2024 16:28:56 -0700
Subject: [PATCH 186/244] Allow SC2154 to trigger in arrays (fixes #2970)

---
 src/ShellCheck/Analytics.hs | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index dcb4ce8..dc84a78 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -2447,6 +2447,7 @@ prop_checkUnassignedReferences_minusZDefault = verifyNotTree checkUnassignedRefe
 prop_checkUnassignedReferences50 = verifyNotTree checkUnassignedReferences "echo ${foo:+bar}"
 prop_checkUnassignedReferences51 = verifyNotTree checkUnassignedReferences "echo ${foo:+$foo}"
 prop_checkUnassignedReferences52 = verifyNotTree checkUnassignedReferences "wait -p pid; echo $pid"
+prop_checkUnassignedReferences53 = verify checkUnassignedReferences "x=($foo)"
 
 checkUnassignedReferences = checkUnassignedReferences' False
 checkUnassignedReferences' includeGlobals params t = warnings
@@ -2502,14 +2503,12 @@ checkUnassignedReferences' includeGlobals params t = warnings
 
     warnings = execWriter . sequence $ mapMaybe warningFor unassigned
 
-    -- Due to parsing, foo=( [bar]=baz ) parses 'bar' as a reference even for assoc arrays.
-    -- Similarly, ${foo[bar baz]} may not be referencing bar/baz. Just skip these.
+    -- ${foo[bar baz]} may not be referencing bar/baz. Just skip these.
     -- We can also have ${foo:+$foo} should be treated like [[ -n $foo ]] && echo $foo
     isException var t = any shouldExclude $ getPath (parentMap params) t
       where
         shouldExclude t =
             case t of
-                T_Array {} -> True
                 (T_DollarBraced _ _ l) ->
                     let str = concat $ oversimplify l
                         ref = getBracedReference str

From a13cb85f49c074ce6ab4644beaf8665a3ff6f395 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 4 May 2024 16:34:21 -0700
Subject: [PATCH 187/244] Fixed broken test due to bad build cache

---
 src/ShellCheck/Analytics.hs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index dc84a78..f5e57e2 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -2447,7 +2447,7 @@ prop_checkUnassignedReferences_minusZDefault = verifyNotTree checkUnassignedRefe
 prop_checkUnassignedReferences50 = verifyNotTree checkUnassignedReferences "echo ${foo:+bar}"
 prop_checkUnassignedReferences51 = verifyNotTree checkUnassignedReferences "echo ${foo:+$foo}"
 prop_checkUnassignedReferences52 = verifyNotTree checkUnassignedReferences "wait -p pid; echo $pid"
-prop_checkUnassignedReferences53 = verify checkUnassignedReferences "x=($foo)"
+prop_checkUnassignedReferences53 = verifyTree checkUnassignedReferences "x=($foo)"
 
 checkUnassignedReferences = checkUnassignedReferences' False
 checkUnassignedReferences' includeGlobals params t = warnings

From ac8fb00504ed6da83fe5c5f83e72e4663ff6b439 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 4 May 2024 16:45:52 -0700
Subject: [PATCH 188/244] Account for BusyBox support of [[ ]] (fixes #2967)

---
 CHANGELOG.md                  |  2 ++
 src/ShellCheck/Analytics.hs   | 11 ++++++++---
 src/ShellCheck/AnalyzerLib.hs | 10 ----------
 3 files changed, 10 insertions(+), 13 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index fe38b8a..8ae176d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,10 +2,12 @@
 ### Added
 - SC2327/SC2328: Warn about capturing the output of redirected commands.
 - SC2329: Warn when (non-escaping) functions are never invoked.
+- SC2330: Warn about unsupported glob matches with [[ .. ]] in BusyBox.
 ### Changed
 - SC2015 about `A && B || C` no longer triggers when B is a test command.
 ### Fixed
 - SC2317 about unreachable commands is now less spammy for nested ones.
+- SC2292, optional suggestion for [[ ]], now triggers for Busybox.
 
 
 ## v0.10.0 - 2024-03-07
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index f5e57e2..a89f940 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -1525,6 +1525,7 @@ prop_checkComparisonAgainstGlob3 = verify checkComparisonAgainstGlob "[ $cow = *
 prop_checkComparisonAgainstGlob4 = verifyNot checkComparisonAgainstGlob "[ $cow = foo ]"
 prop_checkComparisonAgainstGlob5 = verify checkComparisonAgainstGlob "[[ $cow != $bar ]]"
 prop_checkComparisonAgainstGlob6 = verify checkComparisonAgainstGlob "[ $f != /* ]"
+prop_checkComparisonAgainstGlob7 = verify checkComparisonAgainstGlob "#!/bin/busybox sh\n[[ $f == *foo* ]]"
 checkComparisonAgainstGlob _ (TC_Binary _ DoubleBracket op _ (T_NormalWord id [T_DollarBraced _ _ _]))
     | op `elem` ["=", "==", "!="] =
         warn id 2053 $ "Quote the right-hand side of " ++ op ++ " in [[ ]] to prevent glob matching."
@@ -1532,10 +1533,14 @@ checkComparisonAgainstGlob params (TC_Binary _ SingleBracket op _ word)
         | op `elem` ["=", "==", "!="] && isGlob word =
     err (getId word) 2081 msg
   where
-    msg = if isBashLike params
+    msg = if (shellType params) `elem` [Bash, Ksh]  -- Busybox does not support glob matching
             then "[ .. ] can't match globs. Use [[ .. ]] or case statement."
             else "[ .. ] can't match globs. Use a case statement."
 
+checkComparisonAgainstGlob params (TC_Binary _ DoubleBracket op _ word)
+        | shellType params == BusyboxSh && op `elem` ["=", "==", "!="] && isGlob word =
+    err (getId word) 2330 "BusyBox [[ .. ]] does not support glob matching. Use a case statement."
+
 checkComparisonAgainstGlob _ _ = return ()
 
 prop_checkCaseAgainstGlob1 = verify checkCaseAgainstGlob "case foo in lol$n) foo;; esac"
@@ -4534,13 +4539,13 @@ prop_checkRequireDoubleBracket2 = verifyTree checkRequireDoubleBracket "[ foo -o
 prop_checkRequireDoubleBracket3 = verifyNotTree checkRequireDoubleBracket "#!/bin/sh\n[ -x foo ]"
 prop_checkRequireDoubleBracket4 = verifyNotTree checkRequireDoubleBracket "[[ -x foo ]]"
 checkRequireDoubleBracket params =
-    if isBashLike params
+    if (shellType params) `elem` [Bash, Ksh, BusyboxSh]
     then nodeChecksToTreeCheck [check] params
     else const []
   where
     check _ t = case t of
         T_Condition id SingleBracket _ ->
-            styleWithFix id 2292 "Prefer [[ ]] over [ ] for tests in Bash/Ksh." (fixFor t)
+            styleWithFix id 2292 "Prefer [[ ]] over [ ] for tests in Bash/Ksh/Busybox." (fixFor t)
         _ -> return ()
 
     fixFor t = fixWith $
diff --git a/src/ShellCheck/AnalyzerLib.hs b/src/ShellCheck/AnalyzerLib.hs
index c6e4e14..cae73b1 100644
--- a/src/ShellCheck/AnalyzerLib.hs
+++ b/src/ShellCheck/AnalyzerLib.hs
@@ -902,16 +902,6 @@ supportsArrays Bash = True
 supportsArrays Ksh = True
 supportsArrays _ = False
 
--- Returns true if the shell is Bash or Ksh (sorry for the name, Ksh)
-isBashLike :: Parameters -> Bool
-isBashLike params =
-    case shellType params of
-        Bash -> True
-        Ksh -> True
-        Dash -> False
-        BusyboxSh -> False
-        Sh -> False
-
 isTrueAssignmentSource c =
     case c of
         DataString SourceChecked -> False

From 78d1ee0222a114597abba1ca8f0784b673bf7d97 Mon Sep 17 00:00:00 2001
From: Bryan Honof <bryanhonof@gmail.com>
Date: Fri, 24 May 2024 17:15:09 +0200
Subject: [PATCH 189/244] Add Flox to list of installation methods

---
 README.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/README.md b/README.md
index 366c427..754f897 100644
--- a/README.md
+++ b/README.md
@@ -228,6 +228,11 @@ Using the [nix package manager](https://nixos.org/nix):
 nix-env -iA nixpkgs.shellcheck
 ```
 
+Using the [Flox package manager](https://flox.dev/)
+```sh
+flox install shellcheck
+```
+
 Alternatively, you can download pre-compiled binaries for the latest release here:
 
 * [Linux, x86_64](https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.linux.x86_64.tar.xz) (statically linked)

From 15de97e33f462434272f13e1ec3aa9cd5387441b Mon Sep 17 00:00:00 2001
From: Meng Zhuo <mzh@golangcn.org>
Date: Thu, 30 May 2024 19:20:21 +0800
Subject: [PATCH 190/244] Add linux.riscv64 precompiled support

---
 .github/workflows/build.yml    |  2 +-
 .multi_arch_docker             |  1 +
 CHANGELOG.md                   |  1 +
 build/linux.riscv64/Dockerfile | 47 ++++++++++++++++++++++++++++++++++
 build/linux.riscv64/build      | 15 +++++++++++
 build/linux.riscv64/tag        |  1 +
 6 files changed, 66 insertions(+), 1 deletion(-)
 create mode 100644 build/linux.riscv64/Dockerfile
 create mode 100755 build/linux.riscv64/build
 create mode 100644 build/linux.riscv64/tag

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index c49b25a..e30b2ac 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -47,7 +47,7 @@ jobs:
     needs: package_source
     strategy:
       matrix:
-        build: [linux.x86_64, linux.aarch64, linux.armv6hf, darwin.x86_64, darwin.aarch64, windows.x86_64]
+        build: [linux.x86_64, linux.aarch64, linux.armv6hf, linux.riscv64, darwin.x86_64, darwin.aarch64, windows.x86_64]
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
diff --git a/.multi_arch_docker b/.multi_arch_docker
index 1c5d32b..81048a2 100755
--- a/.multi_arch_docker
+++ b/.multi_arch_docker
@@ -80,6 +80,7 @@ function multi_arch_docker::main() {
   export DOCKER_PLATFORMS='linux/amd64'
   DOCKER_PLATFORMS+=' linux/arm64'
   DOCKER_PLATFORMS+=' linux/arm/v6'
+  DOCKER_PLATFORMS+=' linux/riscv64'
 
   multi_arch_docker::install_docker_buildx
   multi_arch_docker::login_to_docker_hub
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8ae176d..43db00c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,7 @@
 - SC2327/SC2328: Warn about capturing the output of redirected commands.
 - SC2329: Warn when (non-escaping) functions are never invoked.
 - SC2330: Warn about unsupported glob matches with [[ .. ]] in BusyBox.
+- Precompiled binaries for Linux riscv64 (linux.riscv64)
 ### Changed
 - SC2015 about `A && B || C` no longer triggers when B is a test command.
 ### Fixed
diff --git a/build/linux.riscv64/Dockerfile b/build/linux.riscv64/Dockerfile
new file mode 100644
index 0000000..648ef2d
--- /dev/null
+++ b/build/linux.riscv64/Dockerfile
@@ -0,0 +1,47 @@
+FROM ubuntu:22.04
+
+ENV TARGETNAME linux.riscv64
+ENV TARGET riscv64-linux-gnu
+
+USER root
+ENV DEBIAN_FRONTEND noninteractive
+
+# Init base
+RUN apt update -y
+
+# Install qemu
+RUN apt install -y --no-install-recommends build-essential ninja-build python3 pkg-config libglib2.0-dev libpixman-1-dev curl ca-certificates python3-virtualenv
+WORKDIR /qemu
+RUN curl -Lv "https://download.qemu.org/qemu-9.0.0.tar.xz" | tar xJ --strip-components=1
+RUN ./configure --target-list=riscv64-linux-user --static --disable-system --disable-pie
+RUN cd build && ninja qemu-riscv64
+ENV QEMU_EXECVE 1
+
+
+# Set up a riscv64 userspace
+RUN apt install -y --no-install-recommends debootstrap
+RUN debootstrap --arch=riscv64 --foreign jammy /rvfs http://ports.ubuntu.com/ubuntu-ports
+RUN cp /qemu/build/qemu-riscv64 /rvfs/usr/bin/qemu-riscv64-static
+
+RUN printf > /bin/rv '%s\n' '#!/bin/sh' 'chroot /rvfs /usr/bin/qemu-riscv64-static /usr/bin/env "$@"'
+RUN chmod +x /bin/rv
+RUN [ ! -e /rvfs/debootstrap ] || rv '/debootstrap/debootstrap' --second-stage
+
+# Install deps in the chroot
+RUN printf > /rvfs/etc/apt/sources.list '%s\n' 'deb http://ports.ubuntu.com/ubuntu-ports jammy main universe'
+RUN rv apt update -y
+RUN rv apt install -y --no-install-recommends ghc cabal-install
+
+# Finally we can build the current dependencies. This takes hours.
+# jobs must be 1, GHS riscv will use about 40G memory
+RUN rv cabal update
+RUN IFS=";" && rv cabal install --dependencies-only --jobs=1 ShellCheck
+RUN IFS=';' && rv cabal install --lib --jobs=1 fgl
+
+# Clean up
+RUN rm -rf /qemu
+
+# Copy the build script
+WORKDIR /rvfs/scratch
+COPY build /rvfs/usr/bin/build
+ENTRYPOINT ["/bin/rv", "/usr/bin/build"]
diff --git a/build/linux.riscv64/build b/build/linux.riscv64/build
new file mode 100755
index 0000000..19cb143
--- /dev/null
+++ b/build/linux.riscv64/build
@@ -0,0 +1,15 @@
+#!/bin/sh
+set -xe
+{
+  tar xzv --strip-components=1
+  chmod +x striptests && ./striptests
+  mkdir "$TARGETNAME"
+  cabal update
+  ( IFS=';'; cabal build --enable-executable-static )
+  find . -name shellcheck -type f -exec mv {} "$TARGETNAME/" \;
+  ls -l "$TARGETNAME"
+  "$TARGET-strip" -s "$TARGETNAME/shellcheck"
+  ls -l "$TARGETNAME"
+  qemu-riscv64-static "$TARGETNAME/shellcheck" --version
+} >&2
+tar czv "$TARGETNAME"
diff --git a/build/linux.riscv64/tag b/build/linux.riscv64/tag
new file mode 100644
index 0000000..901eaaa
--- /dev/null
+++ b/build/linux.riscv64/tag
@@ -0,0 +1 @@
+koalaman/scbuilder-linux-riscv64

From 23e76de4f2a640ecd7c8c1da23495d985ef095e6 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Tue, 11 Jun 2024 06:00:22 +0000
Subject: [PATCH 191/244] Allow riscv64 image to run without binfmt_misc

---
 build/linux.riscv64/Dockerfile           | 44 ++++++-----
 build/linux.riscv64/build                | 10 ++-
 build/linux.riscv64/cabal.project.freeze | 93 ++++++++++++++++++++++++
 3 files changed, 126 insertions(+), 21 deletions(-)
 create mode 100644 build/linux.riscv64/cabal.project.freeze

diff --git a/build/linux.riscv64/Dockerfile b/build/linux.riscv64/Dockerfile
index 648ef2d..0ac95e5 100644
--- a/build/linux.riscv64/Dockerfile
+++ b/build/linux.riscv64/Dockerfile
@@ -1,4 +1,4 @@
-FROM ubuntu:22.04
+FROM ubuntu:24.04
 
 ENV TARGETNAME linux.riscv64
 ENV TARGET riscv64-linux-gnu
@@ -7,39 +7,47 @@ USER root
 ENV DEBIAN_FRONTEND noninteractive
 
 # Init base
-RUN apt update -y
+RUN apt-get update -y
 
 # Install qemu
-RUN apt install -y --no-install-recommends build-essential ninja-build python3 pkg-config libglib2.0-dev libpixman-1-dev curl ca-certificates python3-virtualenv
+RUN apt-get install -y --no-install-recommends build-essential ninja-build python3 pkg-config libglib2.0-dev libpixman-1-dev curl ca-certificates python3-virtualenv git python3-setuptools
 WORKDIR /qemu
-RUN curl -Lv "https://download.qemu.org/qemu-9.0.0.tar.xz" | tar xJ --strip-components=1
-RUN ./configure --target-list=riscv64-linux-user --static --disable-system --disable-pie
+RUN git clone --depth 1 https://github.com/koalaman/qemu .
+#RUN git clone https://github.com/balena-io/qemu .
+# Release 7.0.0
+#RUN git checkout 639d1d8903f65d74eb04c49e0df7a4b2f014cd86
+RUN ./configure --target-list=riscv64-linux-user --static --disable-system --disable-pie --disable-werror
 RUN cd build && ninja qemu-riscv64
 ENV QEMU_EXECVE 1
 
 
 # Set up a riscv64 userspace
-RUN apt install -y --no-install-recommends debootstrap
-RUN debootstrap --arch=riscv64 --foreign jammy /rvfs http://ports.ubuntu.com/ubuntu-ports
+RUN apt-get install -y --no-install-recommends debootstrap
+RUN debootstrap --arch=riscv64 --foreign noble /rvfs http://ports.ubuntu.com/ubuntu-ports
 RUN cp /qemu/build/qemu-riscv64 /rvfs/usr/bin/qemu-riscv64-static
 
-RUN printf > /bin/rv '%s\n' '#!/bin/sh' 'chroot /rvfs /usr/bin/qemu-riscv64-static /usr/bin/env "$@"'
+# Command to run riscv binaries in the chroot. The Haskell runtime allocates 1TB
+# vspace up front and QEmu has a RAM cost per vspace, so use ulimit to allocate
+# less and reduce RAM usage.
+RUN printf > /bin/rv '%s\n' '#!/bin/sh' 'ulimit -v $((10*1024*1024)); chroot /rvfs /usr/bin/qemu-riscv64-static /usr/bin/env "$@"'
 RUN chmod +x /bin/rv
 RUN [ ! -e /rvfs/debootstrap ] || rv '/debootstrap/debootstrap' --second-stage
 
 # Install deps in the chroot
-RUN printf > /rvfs/etc/apt/sources.list '%s\n' 'deb http://ports.ubuntu.com/ubuntu-ports jammy main universe'
-RUN rv apt update -y
-RUN rv apt install -y --no-install-recommends ghc cabal-install
+RUN printf > /rvfs/etc/apt/sources.list '%s\n' 'deb http://ports.ubuntu.com/ubuntu-ports noble main universe'
+RUN rv apt-get update -y
+RUN rv apt-get install -y --no-install-recommends ghc cabal-install
 
-# Finally we can build the current dependencies. This takes hours.
-# jobs must be 1, GHS riscv will use about 40G memory
 RUN rv cabal update
-RUN IFS=";" && rv cabal install --dependencies-only --jobs=1 ShellCheck
-RUN IFS=';' && rv cabal install --lib --jobs=1 fgl
-
-# Clean up
-RUN rm -rf /qemu
+# Generated with: cabal freeze -c 'hashable -arch-native'. We put it in /etc so cabal won't find it.
+COPY cabal.project.freeze /rvfs/etc
+# Awful hack to install everything from the freeze file
+# This basically turns 'any.tagged ==0.8.8' into tagged-0.8.8 to install by version,
+# and adds a -c before 'hashable -arch-native +integer-gmp' to make it a flag constraint.
+RUN < /rvfs/etc/cabal.project.freeze sed 's/constraints:/&\n /' | grep -vw rts | sed -n -e 's/^  *\([^,]*\).*/\1/p' | sed -e 's/any\.\([^ ]*\) ==\(.*\)/\1-\2/; te; s/.*/-c\n&/; :e' > /tmp/preinstall-flags
+# Finally we can build the current dependencies. This takes hours.
+# There's apparently a random segfault during assembly, so retry a few times.
+RUN set -x; IFS=${IFS# }; f() { rv cabal install --keep-going $(cat /tmp/preinstall-flags); }; for i in $(seq 5); do f; ret=$?; [ $ret = 0 ] && break; done; exit $ret
 
 # Copy the build script
 WORKDIR /rvfs/scratch
diff --git a/build/linux.riscv64/build b/build/linux.riscv64/build
index 19cb143..63c487f 100755
--- a/build/linux.riscv64/build
+++ b/build/linux.riscv64/build
@@ -1,15 +1,19 @@
 #!/bin/sh
 set -xe
+IFS=';'
 {
   tar xzv --strip-components=1
   chmod +x striptests && ./striptests
+  # Use a freeze file to ensure we use the same dependencies we cached during
+  # the docker image build. We don't want to spend time compiling anything new.
+  cp /etc/cabal.project.freeze .
   mkdir "$TARGETNAME"
-  cabal update
-  ( IFS=';'; cabal build --enable-executable-static )
+  # Retry in case of random segfault
+  cabal build --enable-executable-static || cabal build --enable-executable-static
   find . -name shellcheck -type f -exec mv {} "$TARGETNAME/" \;
   ls -l "$TARGETNAME"
   "$TARGET-strip" -s "$TARGETNAME/shellcheck"
   ls -l "$TARGETNAME"
-  qemu-riscv64-static "$TARGETNAME/shellcheck" --version
+  "$TARGETNAME/shellcheck" --version
 } >&2
 tar czv "$TARGETNAME"
diff --git a/build/linux.riscv64/cabal.project.freeze b/build/linux.riscv64/cabal.project.freeze
new file mode 100644
index 0000000..cbb42e1
--- /dev/null
+++ b/build/linux.riscv64/cabal.project.freeze
@@ -0,0 +1,93 @@
+active-repositories: hackage.haskell.org:merge
+constraints: any.Diff ==0.5,
+             any.OneTuple ==0.4.2,
+             any.QuickCheck ==2.14.3,
+             QuickCheck -old-random +templatehaskell,
+             any.StateVar ==1.2.2,
+             any.aeson ==2.2.3.0,
+             aeson +ordered-keymap,
+             any.array ==0.5.4.0,
+             any.assoc ==1.1.1,
+             assoc -tagged,
+             any.base ==4.17.2.0,
+             any.base-orphans ==0.9.2,
+             any.bifunctors ==5.6.2,
+             bifunctors +tagged,
+             any.binary ==0.8.9.1,
+             any.bytestring ==0.11.5.2,
+             any.character-ps ==0.1,
+             any.comonad ==5.0.8,
+             comonad +containers +distributive +indexed-traversable,
+             any.containers ==0.6.7,
+             any.contravariant ==1.5.5,
+             contravariant +semigroups +statevar +tagged,
+             any.data-fix ==0.3.3,
+             any.deepseq ==1.4.8.0,
+             any.directory ==1.3.7.1,
+             any.distributive ==0.6.2.1,
+             distributive +semigroups +tagged,
+             any.dlist ==1.0,
+             dlist -werror,
+             any.exceptions ==0.10.5,
+             any.fgl ==5.8.2.0,
+             fgl +containers042,
+             any.filepath ==1.4.2.2,
+             any.foldable1-classes-compat ==0.1,
+             foldable1-classes-compat +tagged,
+             any.generically ==0.1.1,
+             any.ghc-bignum ==1.3,
+             any.ghc-boot-th ==9.4.7,
+             any.ghc-prim ==0.9.1,
+             any.hashable ==1.4.6.0,
+             hashable -arch-native +integer-gmp -random-initial-seed,
+             any.indexed-traversable ==0.1.4,
+             any.indexed-traversable-instances ==0.1.2,
+             any.integer-conversion ==0.1.1,
+             any.integer-logarithms ==1.0.3.1,
+             integer-logarithms -check-bounds +integer-gmp,
+             any.mtl ==2.2.2,
+             any.network-uri ==2.6.4.2,
+             any.os-string ==2.0.3,
+             any.parsec ==3.1.16.1,
+             any.pretty ==1.1.3.6,
+             any.primitive ==0.9.0.0,
+             any.process ==1.6.17.0,
+             any.random ==1.2.1.2,
+             any.regex-base ==0.94.0.2,
+             any.regex-tdfa ==1.3.2.2,
+             regex-tdfa +doctest -force-o2,
+             any.rts ==1.0.2,
+             any.scientific ==0.3.8.0,
+             scientific -integer-simple,
+             any.semialign ==1.3.1,
+             semialign +semigroupoids,
+             any.semigroupoids ==6.0.1,
+             semigroupoids +comonad +containers +contravariant +distributive +tagged +unordered-containers,
+             any.splitmix ==0.1.0.5,
+             splitmix -optimised-mixer,
+             any.stm ==2.5.1.0,
+             any.strict ==0.5,
+             any.tagged ==0.8.8,
+             tagged +deepseq +transformers,
+             any.template-haskell ==2.19.0.0,
+             any.text ==2.0.2,
+             any.text-iso8601 ==0.1.1,
+             any.text-short ==0.1.6,
+             text-short -asserts,
+             any.th-abstraction ==0.7.0.0,
+             any.th-compat ==0.1.5,
+             any.these ==1.2.1,
+             any.time ==1.12.2,
+             any.time-compat ==1.9.7,
+             any.transformers ==0.5.6.2,
+             any.transformers-compat ==0.7.2,
+             transformers-compat -five +five-three -four +generic-deriving +mtl -three -two,
+             any.unix ==2.7.3,
+             any.unordered-containers ==0.2.20,
+             unordered-containers -debug,
+             any.uuid-types ==1.0.6,
+             any.vector ==0.13.1.0,
+             vector +boundschecks -internalchecks -unsafechecks -wall,
+             any.vector-stream ==0.1.0.1,
+             any.witherable ==0.5
+index-state: hackage.haskell.org 2024-06-17T00:48:51Z

From 3946cbd4a0b477700172c04be7baa3f43777bc99 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Mon, 24 Jun 2024 05:12:21 +0000
Subject: [PATCH 192/244] Upgrade docker build images

---
 build/README.md                          |  4 +
 build/darwin.aarch64/build               |  1 -
 build/darwin.x86_64/build                |  1 -
 build/linux.aarch64/Dockerfile           |  2 +-
 build/linux.aarch64/build                |  1 -
 build/linux.armv6hf/Dockerfile           | 64 ++++++----------
 build/linux.armv6hf/build                |  3 +-
 build/linux.armv6hf/cabal.project.freeze | 93 ++++++++++++++++++++++++
 build/linux.armv6hf/scutil               | 48 ++++++++++++
 build/linux.riscv64/Dockerfile           | 49 +++++--------
 build/linux.riscv64/build                |  4 +-
 build/windows.x86_64/build               |  1 -
 12 files changed, 194 insertions(+), 77 deletions(-)
 create mode 100644 build/linux.armv6hf/cabal.project.freeze
 create mode 100644 build/linux.armv6hf/scutil

diff --git a/build/README.md b/build/README.md
index eb745a0..31e8607 100644
--- a/build/README.md
+++ b/build/README.md
@@ -11,3 +11,7 @@ This makes it simple to build any release without exotic hardware or software.
 
 An image can be built and tagged using `build_builder`,
 and run on a source tarball using `run_builder`.
+
+Tip: Are you developing an image that relies on QEmu usermode emulation?
+     It's easy to accidentally depend on binfmt\_misc on the host OS.
+     Do a `echo 0 | sudo tee /proc/sys/fs/binfmt_misc/status` before testing.
diff --git a/build/darwin.aarch64/build b/build/darwin.aarch64/build
index 4235d3a..ff522ff 100755
--- a/build/darwin.aarch64/build
+++ b/build/darwin.aarch64/build
@@ -4,7 +4,6 @@ set -xe
   tar xzv --strip-components=1
   chmod +x striptests && ./striptests
   mkdir "$TARGETNAME"
-  cabal update
   ( IFS=';'; cabal build $CABALOPTS )
   find . -name shellcheck -type f -exec mv {} "$TARGETNAME/" \;
   ls -l "$TARGETNAME"
diff --git a/build/darwin.x86_64/build b/build/darwin.x86_64/build
index 53857e8..058cece 100755
--- a/build/darwin.x86_64/build
+++ b/build/darwin.x86_64/build
@@ -4,7 +4,6 @@ set -xe
   tar xzv --strip-components=1
   chmod +x striptests && ./striptests
   mkdir "$TARGETNAME"
-  cabal update
   ( IFS=';'; cabal build $CABALOPTS )
   find . -name shellcheck -type f -exec mv {} "$TARGETNAME/" \;
   ls -l "$TARGETNAME"
diff --git a/build/linux.aarch64/Dockerfile b/build/linux.aarch64/Dockerfile
index fadb6a4..1ffe1bd 100644
--- a/build/linux.aarch64/Dockerfile
+++ b/build/linux.aarch64/Dockerfile
@@ -28,7 +28,7 @@ RUN curl -L "https://downloads.haskell.org/~cabal/cabal-install-3.9.0.0/cabal-in
 
 # Due to an apparent cabal bug, we specify our options directly to cabal
 # It won't reuse caches if ghc-options are specified in ~/.cabal/config
-ENV CABALOPTS "--ghc-options;-split-sections -optc-Os -optc-Wl,--gc-sections -optc-fPIC;--with-ghc=$TARGET-ghc;--with-hc-pkg=$TARGET-ghc-pkg"
+ENV CABALOPTS "--ghc-options;-split-sections -optc-Os -optc-Wl,--gc-sections -optc-fPIC;--with-ghc=$TARGET-ghc;--with-hc-pkg=$TARGET-ghc-pkg;-c;hashable -arch-native"
 
 # Prebuild the dependencies
 RUN cabal update && IFS=';' && cabal install --dependencies-only $CABALOPTS ShellCheck
diff --git a/build/linux.aarch64/build b/build/linux.aarch64/build
index f8001aa..3ce61ce 100755
--- a/build/linux.aarch64/build
+++ b/build/linux.aarch64/build
@@ -4,7 +4,6 @@ set -xe
   tar xzv --strip-components=1
   chmod +x striptests && ./striptests
   mkdir "$TARGETNAME"
-  cabal update
   ( IFS=';'; cabal build $CABALOPTS --enable-executable-static )
   find . -name shellcheck -type f -exec mv {} "$TARGETNAME/" \;
   ls -l "$TARGETNAME"
diff --git a/build/linux.armv6hf/Dockerfile b/build/linux.armv6hf/Dockerfile
index f933dda..b4d4197 100644
--- a/build/linux.armv6hf/Dockerfile
+++ b/build/linux.armv6hf/Dockerfile
@@ -1,25 +1,7 @@
-# I've again spent days trying to get a working armv6hf compiler going.
-# God only knows how many recompilations of GCC, GHC, libraries, and
-# ShellCheck itself, has gone into it.
-#
-# I tried Debian's toolchain.  I tried my custom one built according to
-# RPi `gcc -v`. I tried GHC9, glibc, musl, registerised vs not, but
-# nothing has yielded an armv6hf binary that does not immediately
-# segfault on qemu-arm-static or the RPi itself.
-#
-# I then tried the same but with armv7hf. Same story.
-#
-# Emulating the entire userspace with balenalib again?  Very strange build
-# failures where programs would fail to execute with > ~100 arguments.
-#
-# Finally, creating our own appears to work when using a custom QEmu
-# patched to follow execve calls.
-#
-# PS: $100 bounty for getting a RPi1 compatible static build going
-#     with cross-compilation, similar to what the aarch64 build does.
-#
+# This Docker file uses a custom QEmu fork with patches to follow execve
+# to build all of ShellCheck emulated.
 
-FROM ubuntu:20.04
+FROM ubuntu:24.04
 
 ENV TARGETNAME linux.armv6hf
 
@@ -27,34 +9,34 @@ ENV TARGETNAME linux.armv6hf
 USER root
 ENV DEBIAN_FRONTEND noninteractive
 RUN apt-get update
-RUN apt-get install -y build-essential git ninja-build python3 pkg-config libglib2.0-dev libpixman-1-dev
-WORKDIR /build
-RUN git clone --depth 1 https://github.com/koalaman/qemu
-RUN cd qemu && ./configure --static && cd build && ninja qemu-arm
-RUN cp qemu/build/qemu-arm /build/qemu-arm-static
+RUN apt-get install -y --no-install-recommends build-essential git ninja-build python3 pkg-config libglib2.0-dev libpixman-1-dev python3-setuptools ca-certificates debootstrap
+WORKDIR /qemu
+RUN git clone --depth 1 https://github.com/koalaman/qemu .
+RUN ./configure --static --disable-werror && cd build && ninja qemu-arm
 ENV QEMU_EXECVE 1
 
+# Convenience utility
+COPY scutil /bin/scutil
+COPY scutil /chroot/bin/scutil
+RUN chmod +x /bin/scutil /chroot/bin/scutil
+
 # Set up an armv6 userspace
 WORKDIR /
-RUN apt-get install -y debootstrap qemu-user-static
-# We expect this to fail if the host doesn't have binfmt qemu support
-RUN qemu-debootstrap --arch armhf bullseye pi http://mirrordirector.raspbian.org/raspbian || [ -e /pi/etc/issue ]
-RUN cp /build/qemu-arm-static /pi/usr/bin/qemu-arm-static
-RUN printf > /bin/pirun '%s\n' '#!/bin/sh' 'chroot /pi /usr/bin/qemu-arm-static /usr/bin/env "$@"' && chmod +x /bin/pirun
-# If the debootstrap process didn't finish, continue it
-RUN [ ! -e /pi/debootstrap ] || pirun '/debootstrap/debootstrap' --second-stage
+RUN debootstrap --arch armhf --variant=minbase --foreign bookworm /chroot http://mirrordirector.raspbian.org/raspbian
+RUN cp /qemu/build/qemu-arm /chroot/bin/qemu
+RUN scutil emu /debootstrap/debootstrap --second-stage
 
 # Install deps in the chroot
-RUN pirun apt-get update
-RUN pirun apt-get install -y ghc cabal-install
+RUN scutil emu apt-get update
+RUN scutil emu apt-get install -y --no-install-recommends ghc cabal-install
+RUN scutil emu cabal update
 
 # Finally we can build the current dependencies. This takes hours.
 ENV CABALOPTS "--ghc-options;-split-sections -optc-Os -optc-Wl,--gc-sections;--gcc-options;-Os -Wl,--gc-sections -ffunction-sections -fdata-sections"
-RUN pirun cabal update
-RUN IFS=";" && pirun cabal install --dependencies-only $CABALOPTS ShellCheck
-RUN IFS=';' && pirun cabal install $CABALOPTS --lib fgl
+# Generated with `cabal freeze --constraint 'hashable -arch-native'`
+COPY cabal.project.freeze /chroot/etc
+RUN IFS=";" && scutil install_from_freeze /chroot/etc/cabal.project.freeze emu cabal install $CABALOPTS
 
 # Copy the build script
-WORKDIR /pi/scratch
-COPY build /pi/usr/bin
-ENTRYPOINT ["/bin/pirun", "/usr/bin/build"]
+COPY build /chroot/bin
+ENTRYPOINT ["/bin/scutil", "emu", "/bin/build"]
diff --git a/build/linux.armv6hf/build b/build/linux.armv6hf/build
index daa94d9..1d496ae 100755
--- a/build/linux.armv6hf/build
+++ b/build/linux.armv6hf/build
@@ -1,8 +1,9 @@
 #!/bin/sh
 set -xe
-cd /scratch
+mkdir /scratch && cd /scratch
 {
   tar xzv --strip-components=1
+  cp /etc/cabal.project.freeze .
   chmod +x striptests && ./striptests
   mkdir "$TARGETNAME"
   # This script does not cabal update because compiling anything new is slow
diff --git a/build/linux.armv6hf/cabal.project.freeze b/build/linux.armv6hf/cabal.project.freeze
new file mode 100644
index 0000000..183bcc6
--- /dev/null
+++ b/build/linux.armv6hf/cabal.project.freeze
@@ -0,0 +1,93 @@
+active-repositories: hackage.haskell.org:merge
+constraints: any.Diff ==0.5,
+             any.OneTuple ==0.4.2,
+             any.QuickCheck ==2.14.3,
+             QuickCheck -old-random +templatehaskell,
+             any.StateVar ==1.2.2,
+             any.aeson ==2.2.3.0,
+             aeson +ordered-keymap,
+             any.array ==0.5.4.0,
+             any.assoc ==1.1.1,
+             assoc -tagged,
+             any.base ==4.15.1.0,
+             any.base-orphans ==0.9.2,
+             any.bifunctors ==5.6.2,
+             bifunctors +tagged,
+             any.binary ==0.8.8.0,
+             any.bytestring ==0.10.12.1,
+             any.character-ps ==0.1,
+             any.comonad ==5.0.8,
+             comonad +containers +distributive +indexed-traversable,
+             any.containers ==0.6.4.1,
+             any.contravariant ==1.5.5,
+             contravariant +semigroups +statevar +tagged,
+             any.data-array-byte ==0.1.0.1,
+             any.data-fix ==0.3.3,
+             any.deepseq ==1.4.5.0,
+             any.directory ==1.3.6.2,
+             any.distributive ==0.6.2.1,
+             distributive +semigroups +tagged,
+             any.dlist ==1.0,
+             dlist -werror,
+             any.exceptions ==0.10.4,
+             any.fgl ==5.8.2.0,
+             fgl +containers042,
+             any.filepath ==1.4.2.1,
+             any.foldable1-classes-compat ==0.1,
+             foldable1-classes-compat +tagged,
+             any.generically ==0.1.1,
+             any.ghc-bignum ==1.1,
+             any.ghc-boot-th ==9.0.2,
+             any.ghc-prim ==0.7.0,
+             any.hashable ==1.4.6.0,
+             hashable -arch-native +integer-gmp -random-initial-seed,
+             any.indexed-traversable ==0.1.4,
+             any.indexed-traversable-instances ==0.1.2,
+             any.integer-conversion ==0.1.1,
+             any.integer-logarithms ==1.0.3.1,
+             integer-logarithms -check-bounds +integer-gmp,
+             any.mtl ==2.2.2,
+             any.network-uri ==2.6.4.2,
+             any.parsec ==3.1.14.0,
+             any.pretty ==1.1.3.6,
+             any.primitive ==0.9.0.0,
+             any.process ==1.6.13.2,
+             any.random ==1.2.1.2,
+             any.regex-base ==0.94.0.2,
+             any.regex-tdfa ==1.3.2.2,
+             regex-tdfa +doctest -force-o2,
+             any.rts ==1.0.2,
+             any.scientific ==0.3.8.0,
+             scientific -integer-simple,
+             any.semialign ==1.3.1,
+             semialign +semigroupoids,
+             any.semigroupoids ==6.0.1,
+             semigroupoids +comonad +containers +contravariant +distributive +tagged +unordered-containers,
+             any.splitmix ==0.1.0.5,
+             splitmix -optimised-mixer,
+             any.stm ==2.5.0.0,
+             any.strict ==0.5,
+             any.tagged ==0.8.8,
+             tagged +deepseq +transformers,
+             any.template-haskell ==2.17.0.0,
+             any.text ==1.2.5.0,
+             any.text-iso8601 ==0.1.1,
+             any.text-short ==0.1.6,
+             text-short -asserts,
+             any.th-abstraction ==0.7.0.0,
+             any.th-compat ==0.1.5,
+             any.these ==1.2.1,
+             any.time ==1.9.3,
+             any.time-compat ==1.9.7,
+             any.transformers ==0.5.6.2,
+             any.transformers-compat ==0.7.2,
+             transformers-compat -five +five-three -four +generic-deriving +mtl -three -two,
+             any.unix ==2.7.2.2,
+             any.unordered-containers ==0.2.20,
+             unordered-containers -debug,
+             any.uuid-types ==1.0.6,
+             any.vector ==0.13.1.0,
+             vector +boundschecks -internalchecks -unsafechecks -wall,
+             any.vector-stream ==0.1.0.1,
+             any.witherable ==0.5
+index-state: hackage.haskell.org 2024-06-18T02:21:19Z
diff --git a/build/linux.armv6hf/scutil b/build/linux.armv6hf/scutil
new file mode 100644
index 0000000..a85d810
--- /dev/null
+++ b/build/linux.armv6hf/scutil
@@ -0,0 +1,48 @@
+#!/bin/dash
+# Various ShellCheck build utility functions
+
+# Generally set a ulimit to avoid QEmu using too much memory
+ulimit -v "$((10*1024*1024))"
+# If we happen to invoke or run under QEmu, make sure to follow execve.
+# This requires a patched QEmu.
+export QEMU_EXECVE=1
+
+# Retry a command until it succeeds
+# Usage: scutil retry 3 mycmd
+retry() {
+  n="$1"
+  ret=1
+  shift
+  while [ "$n" -gt 0 ]
+  do
+    "$@"
+    ret=$?
+    [ "$ret" = 0 ] && break
+    n=$((n-1))
+  done
+  return "$ret"
+}
+
+# Install all dependencies from a freeze file
+# Usage: scutil install_from_freeze /path/cabal.project.freeze cabal install
+install_from_freeze() {
+  linefeed=$(printf '\nx')
+  linefeed=${linefeed%x}
+  flags=$(
+    sed 's/constraints:/&\n /' "$1" |
+    grep -vw -e rts -e base |
+    sed -n -e 's/^  *\([^,]*\).*/\1/p' |
+    sed -e 's/any\.\([^ ]*\) ==\(.*\)/\1-\2/; te; s/.*/--constraint\n&/; :e')
+  shift
+  # shellcheck disable=SC2086
+  ( IFS=$linefeed; set -x; "$@" $flags )
+}
+
+# Run a command under emulation.
+# This assumes the correct emulator is named 'qemu' and the chroot is /chroot
+# Usage: scutil emu echo "Hello World"
+emu() {
+  chroot /chroot /bin/qemu /usr/bin/env "$@"
+}
+
+"$@"
diff --git a/build/linux.riscv64/Dockerfile b/build/linux.riscv64/Dockerfile
index 0ac95e5..d138ff7 100644
--- a/build/linux.riscv64/Dockerfile
+++ b/build/linux.riscv64/Dockerfile
@@ -10,46 +10,37 @@ ENV DEBIAN_FRONTEND noninteractive
 RUN apt-get update -y
 
 # Install qemu
-RUN apt-get install -y --no-install-recommends build-essential ninja-build python3 pkg-config libglib2.0-dev libpixman-1-dev curl ca-certificates python3-virtualenv git python3-setuptools
+RUN apt-get install -y --no-install-recommends build-essential ninja-build python3 pkg-config libglib2.0-dev libpixman-1-dev curl ca-certificates python3-virtualenv git python3-setuptools debootstrap
 WORKDIR /qemu
 RUN git clone --depth 1 https://github.com/koalaman/qemu .
-#RUN git clone https://github.com/balena-io/qemu .
-# Release 7.0.0
-#RUN git checkout 639d1d8903f65d74eb04c49e0df7a4b2f014cd86
 RUN ./configure --target-list=riscv64-linux-user --static --disable-system --disable-pie --disable-werror
 RUN cd build && ninja qemu-riscv64
 ENV QEMU_EXECVE 1
 
+# Convenience utility
+COPY scutil /bin/scutil
+# We have to copy to /usr/bin because debootstrap will try to symlink /bin and fail if it exists
+COPY scutil /chroot/usr/bin/scutil
+RUN chmod +x /bin/scutil /chroot/usr/bin/scutil
 
 # Set up a riscv64 userspace
-RUN apt-get install -y --no-install-recommends debootstrap
-RUN debootstrap --arch=riscv64 --foreign noble /rvfs http://ports.ubuntu.com/ubuntu-ports
-RUN cp /qemu/build/qemu-riscv64 /rvfs/usr/bin/qemu-riscv64-static
-
-# Command to run riscv binaries in the chroot. The Haskell runtime allocates 1TB
-# vspace up front and QEmu has a RAM cost per vspace, so use ulimit to allocate
-# less and reduce RAM usage.
-RUN printf > /bin/rv '%s\n' '#!/bin/sh' 'ulimit -v $((10*1024*1024)); chroot /rvfs /usr/bin/qemu-riscv64-static /usr/bin/env "$@"'
-RUN chmod +x /bin/rv
-RUN [ ! -e /rvfs/debootstrap ] || rv '/debootstrap/debootstrap' --second-stage
+WORKDIR /
+RUN debootstrap --arch=riscv64 --variant=minbase --components=main,universe --foreign noble /chroot http://ports.ubuntu.com/ubuntu-ports
+RUN cp /qemu/build/qemu-riscv64 /chroot/bin/qemu
+RUN scutil emu /debootstrap/debootstrap --second-stage
 
 # Install deps in the chroot
-RUN printf > /rvfs/etc/apt/sources.list '%s\n' 'deb http://ports.ubuntu.com/ubuntu-ports noble main universe'
-RUN rv apt-get update -y
-RUN rv apt-get install -y --no-install-recommends ghc cabal-install
+RUN scutil emu apt-get update
+RUN scutil emu apt-get install -y --no-install-recommends ghc cabal-install
+RUN scutil emu cabal update
 
-RUN rv cabal update
 # Generated with: cabal freeze -c 'hashable -arch-native'. We put it in /etc so cabal won't find it.
-COPY cabal.project.freeze /rvfs/etc
-# Awful hack to install everything from the freeze file
-# This basically turns 'any.tagged ==0.8.8' into tagged-0.8.8 to install by version,
-# and adds a -c before 'hashable -arch-native +integer-gmp' to make it a flag constraint.
-RUN < /rvfs/etc/cabal.project.freeze sed 's/constraints:/&\n /' | grep -vw rts | sed -n -e 's/^  *\([^,]*\).*/\1/p' | sed -e 's/any\.\([^ ]*\) ==\(.*\)/\1-\2/; te; s/.*/-c\n&/; :e' > /tmp/preinstall-flags
-# Finally we can build the current dependencies. This takes hours.
-# There's apparently a random segfault during assembly, so retry a few times.
-RUN set -x; IFS=${IFS# }; f() { rv cabal install --keep-going $(cat /tmp/preinstall-flags); }; for i in $(seq 5); do f; ret=$?; [ $ret = 0 ] && break; done; exit $ret
+COPY cabal.project.freeze /chroot/etc
+
+# Build all dependencies from the freeze file. The emulator segfaults at random,
+# so retry a few times.
+RUN scutil install_from_freeze /chroot/etc/cabal.project.freeze retry 5 emu cabal install --keep-going
 
 # Copy the build script
-WORKDIR /rvfs/scratch
-COPY build /rvfs/usr/bin/build
-ENTRYPOINT ["/bin/rv", "/usr/bin/build"]
+COPY build /chroot/bin/build
+ENTRYPOINT ["/bin/scutil", "emu", "/bin/build"]
diff --git a/build/linux.riscv64/build b/build/linux.riscv64/build
index 63c487f..ed9dc27 100755
--- a/build/linux.riscv64/build
+++ b/build/linux.riscv64/build
@@ -2,6 +2,8 @@
 set -xe
 IFS=';'
 {
+  mkdir -p /tmp/scratch
+  cd /tmp/scratch
   tar xzv --strip-components=1
   chmod +x striptests && ./striptests
   # Use a freeze file to ensure we use the same dependencies we cached during
@@ -9,7 +11,7 @@ IFS=';'
   cp /etc/cabal.project.freeze .
   mkdir "$TARGETNAME"
   # Retry in case of random segfault
-  cabal build --enable-executable-static || cabal build --enable-executable-static
+  scutil retry 3 cabal build --enable-executable-static
   find . -name shellcheck -type f -exec mv {} "$TARGETNAME/" \;
   ls -l "$TARGETNAME"
   "$TARGET-strip" -s "$TARGETNAME/shellcheck"
diff --git a/build/windows.x86_64/build b/build/windows.x86_64/build
index 7bf186e..22e5b42 100755
--- a/build/windows.x86_64/build
+++ b/build/windows.x86_64/build
@@ -8,7 +8,6 @@ set -xe
   tar xzv --strip-components=1
   chmod +x striptests && ./striptests
   mkdir "$TARGETNAME"
-  cabal update
   ( IFS=';'; cabal build $CABALOPTS )
   find dist*/ -name shellcheck.exe -type f -ls -exec mv {} "$TARGETNAME/" \;
   ls -l "$TARGETNAME"

From b408f546209bdd344177d2d778b38d3a77f0db78 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sun, 7 Jul 2024 01:03:40 -0400
Subject: [PATCH 193/244] Simplify invokedNodes

---
 src/ShellCheck/CFGAnalysis.hs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ShellCheck/CFGAnalysis.hs b/src/ShellCheck/CFGAnalysis.hs
index 0b99c9f..8534d6f 100644
--- a/src/ShellCheck/CFGAnalysis.hs
+++ b/src/ShellCheck/CFGAnalysis.hs
@@ -1350,7 +1350,7 @@ analyzeControlFlow params t =
 
         -- All nodes we've touched
         invocations <- readSTRef $ cInvocations ctx
-        let invokedNodes = M.fromDistinctAscList $ map (\c -> (c, ())) $ S.toList $ M.keysSet $ groupByNode $ M.map snd invocations
+        let invokedNodes = M.fromSet (const ()) $ S.unions $ map (M.keysSet . snd) $ M.elems invocations
 
         -- Invoke all functions that were declared but not invoked
         -- This is so that we still get warnings for dead code

From 61b7e66f809d9c2d1be06e5787ae6a98039e798e Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sun, 7 Jul 2024 01:07:39 -0400
Subject: [PATCH 194/244] Use sets instead of maps that never use their values

---
 src/ShellCheck/Analytics.hs | 30 +++++++++++++++---------------
 1 file changed, 15 insertions(+), 15 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index a89f940..621f70a 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -491,14 +491,14 @@ checkWrongArithmeticAssignment params (T_SimpleCommand id [T_Assignment _ _ _ _
   sequence_ $ do
     str <- getNormalString val
     var:op:_ <- matchRegex regex str
-    Map.lookup var references
+    guard $ S.member var references
     return . warn (getId val) 2100 $
         "Use $((..)) for arithmetics, e.g. i=$((i " ++ op ++ " 2))"
   where
     regex = mkRegex "^([_a-zA-Z][_a-zA-Z0-9]*)([+*-]).+$"
-    references = foldl (flip ($)) Map.empty (map insertRef $ variableFlow params)
+    references = foldl (flip ($)) S.empty (map insertRef $ variableFlow params)
     insertRef (Assignment (_, _, name, _)) =
-        Map.insert name ()
+        S.insert name
     insertRef _ = Prelude.id
 
     getNormalString (T_NormalWord _ words) = do
@@ -974,32 +974,32 @@ prop_checkArrayWithoutIndex9 = verifyTree checkArrayWithoutIndex "read -r -a arr
 prop_checkArrayWithoutIndex10 = verifyTree checkArrayWithoutIndex "read -ra arr <<< 'foo bar'; echo \"$arr\""
 prop_checkArrayWithoutIndex11 = verifyNotTree checkArrayWithoutIndex "read -rpfoobar r; r=42"
 checkArrayWithoutIndex params _ =
-    doVariableFlowAnalysis readF writeF defaultMap (variableFlow params)
+    doVariableFlowAnalysis readF writeF defaultSet (variableFlow params)
   where
-    defaultMap = Map.fromList $ map (\x -> (x,())) arrayVariables
+    defaultSet = S.fromList arrayVariables
     readF _ (T_DollarBraced id _ token) _ = do
-        map <- get
+        s <- get
         return . maybeToList $ do
             name <- getLiteralString token
-            assigned <- Map.lookup name map
+            guard $ S.member name s
             return $ makeComment WarningC id 2128
                     "Expanding an array without an index only gives the first element."
     readF _ _ _ = return []
 
     writeF _ (T_Assignment id mode name [] _) _ (DataString _) = do
-        isArray <- gets (Map.member name)
+        isArray <- gets (S.member name)
         return $ if not isArray then [] else
             case mode of
                 Assign -> [makeComment WarningC id 2178 "Variable was used as an array but is now assigned a string."]
                 Append -> [makeComment WarningC id 2179 "Use array+=(\"item\") to append items to an array."]
 
     writeF _ t name (DataArray _) = do
-        modify (Map.insert name ())
+        modify (S.insert name)
         return []
     writeF _ expr name _ = do
         if isIndexed expr
-          then modify (Map.insert name ())
-          else modify (Map.delete name)
+          then modify (S.insert name)
+          else modify (S.delete name)
         return []
 
     isIndexed expr =
@@ -3968,12 +3968,12 @@ prop_checkTranslatedStringVariable4 = verifyNot checkTranslatedStringVariable "v
 prop_checkTranslatedStringVariable5 = verifyNot checkTranslatedStringVariable "foo=var; bar=val2; $\"foo bar\""
 checkTranslatedStringVariable params (T_DollarDoubleQuoted id [T_Literal _ s])
   | all isVariableChar s
-  && Map.member s assignments
+  && S.member s assignments
   = warnWithFix id 2256 "This translated string is the name of a variable. Flip leading $ and \" if this should be a quoted substitution." (fix id)
   where
-    assignments = foldl (flip ($)) Map.empty (map insertAssignment $ variableFlow params)
-    insertAssignment (Assignment (_, token, name, _)) | isVariableName name =
-        Map.insert name token
+    assignments = foldl (flip ($)) S.empty (map insertAssignment $ variableFlow params)
+    insertAssignment (Assignment (_, _, name, _)) | isVariableName name =
+        S.insert name
     insertAssignment _ = Prelude.id
     fix id = fixWith [replaceStart id params 2 "\"$"]
 checkTranslatedStringVariable _ _ = return ()

From 8746c6e7f20fdaa2463ae008dc527375ab76b04e Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sun, 7 Jul 2024 01:07:53 -0400
Subject: [PATCH 195/244] Switch the order of the maps to avoid unnecessary
 unionWith instead of union

---
 src/ShellCheck/CFGAnalysis.hs | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/ShellCheck/CFGAnalysis.hs b/src/ShellCheck/CFGAnalysis.hs
index 8534d6f..27098b1 100644
--- a/src/ShellCheck/CFGAnalysis.hs
+++ b/src/ShellCheck/CFGAnalysis.hs
@@ -133,7 +133,7 @@ internalToExternal s =
             literalValue = Nothing
         }
     }
-    flatVars = M.unionsWith (\_ last -> last) $ map mapStorage [sGlobalValues s, sLocalValues s, sPrefixValues s]
+    flatVars = M.unions $ map mapStorage [sPrefixValues s, sLocalValues s, sGlobalValues s]
 
 -- Conveniently get the state before a token id
 getIncomingState :: CFGAnalysis -> Id -> Maybe ProgramState
@@ -672,7 +672,7 @@ vmPatch base diff =
         _ | vmIsQuickEqual base diff -> diff
         _ -> VersionedMap {
             mapVersion = -1,
-            mapStorage = M.unionWith (flip const) (mapStorage base) (mapStorage diff)
+            mapStorage = M.union (mapStorage diff) (mapStorage base)
         }
 
 -- Set a variable. This includes properties. Applies it to the appropriate scope.
@@ -1373,7 +1373,7 @@ analyzeControlFlow params t =
 
         -- Fill in the map with unreachable states for anything we didn't get to
         let baseStates = M.fromDistinctAscList $ map (\c -> (c, (unreachableState, unreachableState))) $ uncurry enumFromTo $ nodeRange $ cfGraph cfg
-        let allStates = M.unionWith (flip const) baseStates invokedStates
+        let allStates = M.union invokedStates baseStates
 
         -- Convert to external states
         let nodeToData = M.map (\(a,b) -> (internalToExternal a, internalToExternal b)) allStates

From e5fdec970ae3bc16369b3ec289a4c4fbb9254751 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sun, 7 Jul 2024 01:08:18 -0400
Subject: [PATCH 196/244] Swap the order of the tuple returned by orderEdge

---
 src/ShellCheck/CFG.hs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/ShellCheck/CFG.hs b/src/ShellCheck/CFG.hs
index e1d3259..a720911 100644
--- a/src/ShellCheck/CFG.hs
+++ b/src/ShellCheck/CFG.hs
@@ -300,13 +300,13 @@ removeUnnecessaryStructuralNodes (nodes, edges, mapping, association) =
     edgesToCollapse = S.fromList $ filter filterEdges regularEdges
 
     remapping :: M.Map Node Node
-    remapping = foldl' (\m (new, old) -> M.insert old new m) M.empty $ map orderEdge $ S.toList edgesToCollapse
+    remapping = foldl' (\m (old, new) -> M.insert old new m) M.empty $ map orderEdge $ S.toList edgesToCollapse
     recursiveRemapping = M.fromList $ map (\c -> (c, recursiveLookup remapping c)) $ M.keys remapping
 
     filterEdges (a,b,_) =
         a `S.member` candidateNodes && b `S.member` candidateNodes
 
-    orderEdge (a,b,_) = if a < b then (a,b) else (b,a)
+    orderEdge (a,b,_) = if a < b then (b,a) else (a,b)
     counter = foldl' (\map key -> M.insertWith (+) key 1 map) M.empty
     isRegularEdge (_, _, CFEFlow) = True
     isRegularEdge _ = False

From 95c0cc2e4bdbad193ba3616a5ecfd2741b1f3807 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sun, 7 Jul 2024 01:09:17 -0400
Subject: [PATCH 197/244] Simplify removeUnnecessaryStructuralNodes

---
 src/ShellCheck/CFG.hs | 13 ++++---------
 1 file changed, 4 insertions(+), 9 deletions(-)

diff --git a/src/ShellCheck/CFG.hs b/src/ShellCheck/CFG.hs
index a720911..dc56b58 100644
--- a/src/ShellCheck/CFG.hs
+++ b/src/ShellCheck/CFG.hs
@@ -295,19 +295,19 @@ removeUnnecessaryStructuralNodes (nodes, edges, mapping, association) =
     regularEdges = filter isRegularEdge edges
     inDegree = counter $ map (\(from,to,_) -> from) regularEdges
     outDegree = counter $ map (\(from,to,_) -> to) regularEdges
-    structuralNodes = S.fromList $ map fst $ filter isStructural nodes
+    structuralNodes = S.fromList [node | (node, CFStructuralNode) <- nodes]
     candidateNodes = S.filter isLinear structuralNodes
     edgesToCollapse = S.fromList $ filter filterEdges regularEdges
 
     remapping :: M.Map Node Node
-    remapping = foldl' (\m (old, new) -> M.insert old new m) M.empty $ map orderEdge $ S.toList edgesToCollapse
-    recursiveRemapping = M.fromList $ map (\c -> (c, recursiveLookup remapping c)) $ M.keys remapping
+    remapping = M.fromList $ map orderEdge $ S.toList edgesToCollapse
+    recursiveRemapping = M.mapWithKey (\c _ -> recursiveLookup remapping c) remapping
 
     filterEdges (a,b,_) =
         a `S.member` candidateNodes && b `S.member` candidateNodes
 
     orderEdge (a,b,_) = if a < b then (b,a) else (a,b)
-    counter = foldl' (\map key -> M.insertWith (+) key 1 map) M.empty
+    counter = M.fromListWith (+) . map (\key -> (key, 1))
     isRegularEdge (_, _, CFEFlow) = True
     isRegularEdge _ = False
 
@@ -317,11 +317,6 @@ removeUnnecessaryStructuralNodes (nodes, edges, mapping, association) =
             Nothing -> node
             Just x -> recursiveLookup map x
 
-    isStructural (node, label) =
-        case label of
-            CFStructuralNode -> True
-            _ -> False
-
     isLinear node =
         M.findWithDefault 0 node inDegree == 1
         && M.findWithDefault 0 node outDegree == 1

From 98b8dc0720148d69ff924f89966c50dc2dda2fe3 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Sun, 7 Jul 2024 01:11:00 -0400
Subject: [PATCH 198/244] Use fromList instead of reimplementing it in terms of
 foldl

---
 src/ShellCheck/Analytics.hs   | 20 ++++----------------
 src/ShellCheck/CFGAnalysis.hs |  2 +-
 2 files changed, 5 insertions(+), 17 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 621f70a..211993c 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -496,10 +496,7 @@ checkWrongArithmeticAssignment params (T_SimpleCommand id [T_Assignment _ _ _ _
         "Use $((..)) for arithmetics, e.g. i=$((i " ++ op ++ " 2))"
   where
     regex = mkRegex "^([_a-zA-Z][_a-zA-Z0-9]*)([+*-]).+$"
-    references = foldl (flip ($)) S.empty (map insertRef $ variableFlow params)
-    insertRef (Assignment (_, _, name, _)) =
-        S.insert name
-    insertRef _ = Prelude.id
+    references = S.fromList [name | Assignment (_, _, name, _) <- variableFlow params]
 
     getNormalString (T_NormalWord _ words) = do
         parts <- mapM getLiterals words
@@ -2380,15 +2377,9 @@ prop_checkUnused51 = verifyTree checkUnusedAssignments "x[y[z=1]]=1; echo ${x[@]
 checkUnusedAssignments params t = execWriter (mapM_ warnFor unused)
   where
     flow = variableFlow params
-    references = foldl (flip ($)) defaultMap (map insertRef flow)
-    insertRef (Reference (base, token, name)) =
-        Map.insert (stripSuffix name) ()
-    insertRef _ = id
+    references = Map.union (Map.fromList [(stripSuffix name, ()) | Reference (base, token, name) <- flow]) defaultMap
 
-    assignments = foldl (flip ($)) Map.empty (map insertAssignment flow)
-    insertAssignment (Assignment (_, token, name, _)) | isVariableName name =
-        Map.insert name token
-    insertAssignment _ = id
+    assignments = Map.fromList [(name, token) | Assignment (_, token, name, _) <- flow, isVariableName name]
 
     unused = Map.assocs $ Map.difference assignments references
 
@@ -3971,10 +3962,7 @@ checkTranslatedStringVariable params (T_DollarDoubleQuoted id [T_Literal _ s])
   && S.member s assignments
   = warnWithFix id 2256 "This translated string is the name of a variable. Flip leading $ and \" if this should be a quoted substitution." (fix id)
   where
-    assignments = foldl (flip ($)) S.empty (map insertAssignment $ variableFlow params)
-    insertAssignment (Assignment (_, _, name, _)) | isVariableName name =
-        S.insert name
-    insertAssignment _ = Prelude.id
+    assignments = S.fromList [name | Assignment (_, _, name, _) <- variableFlow params, isVariableName name]
     fix id = fixWith [replaceStart id params 2 "\"$"]
 checkTranslatedStringVariable _ _ = return ()
 
diff --git a/src/ShellCheck/CFGAnalysis.hs b/src/ShellCheck/CFGAnalysis.hs
index 27098b1..cf982e0 100644
--- a/src/ShellCheck/CFGAnalysis.hs
+++ b/src/ShellCheck/CFGAnalysis.hs
@@ -1286,7 +1286,7 @@ dataflow ctx entry = do
             else do
                 let (next, rest) = S.deleteFindMin ps
                 nexts <- process states next
-                writeSTRef pending $ foldl (flip S.insert) rest nexts
+                writeSTRef pending $ S.union (S.fromList nexts) rest
                 f (n-1) pending states
 
     process states node = do

From 6593096ba06e6b54ec08d00a9c625930a357cdfe Mon Sep 17 00:00:00 2001
From: Sertonix <sertonix@posteo.net>
Date: Fri, 28 Jun 2024 16:24:06 +0200
Subject: [PATCH 199/244] Allow SC3003 on busybox shell

---
 src/ShellCheck/Checks/ShellSupport.hs | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index cab0546..9192c0e 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -212,6 +212,8 @@ prop_checkBashisms118 = verify checkBashisms "#!/bin/busybox sh\nxyz=1\n${!x*}"
 prop_checkBashisms119 = verify checkBashisms "#!/bin/busybox sh\nx='test'\n${x^^[t]}" -- SC3059
 prop_checkBashisms120 = verify checkBashisms "#!/bin/sh\n[ x == y ]"
 prop_checkBashisms121 = verifyNot checkBashisms "#!/bin/sh\n# shellcheck shell=busybox\n[ x == y ]"
+prop_checkBashisms122 = verify checkBashisms "#!/bin/dash\n$'a'"
+prop_checkBashisms123 = verifyNot checkBashisms "#!/bin/busybox sh\n$'a'"
 checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
     params <- ask
     kludge params t
@@ -229,7 +231,8 @@ checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
 
     bashism (T_ProcSub id _ _) = warnMsg id 3001 "process substitution is"
     bashism (T_Extglob id _ _) = warnMsg id 3002 "extglob is"
-    bashism (T_DollarSingleQuoted id _) = warnMsg id 3003 "$'..' is"
+    bashism (T_DollarSingleQuoted id _) =
+        unless isBusyboxSh $ warnMsg id 3003 "$'..' is"
     bashism (T_DollarDoubleQuoted id _) = warnMsg id 3004 "$\"..\" is"
     bashism (T_ForArithmetic id _ _ _ _) = warnMsg id 3005 "arithmetic for loops are"
     bashism (T_Arithmetic id _) = warnMsg id 3006 "standalone ((..)) is"

From 4c852749214e102f7a1daec08094ed91b08867f7 Mon Sep 17 00:00:00 2001
From: Sertonix <sertonix@posteo.net>
Date: Tue, 2 Jul 2024 17:06:35 +0200
Subject: [PATCH 200/244] Fix SC3045 for busybox shell

---
 src/ShellCheck/Checks/ShellSupport.hs | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index 9192c0e..1207ad0 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -214,6 +214,9 @@ prop_checkBashisms120 = verify checkBashisms "#!/bin/sh\n[ x == y ]"
 prop_checkBashisms121 = verifyNot checkBashisms "#!/bin/sh\n# shellcheck shell=busybox\n[ x == y ]"
 prop_checkBashisms122 = verify checkBashisms "#!/bin/dash\n$'a'"
 prop_checkBashisms123 = verifyNot checkBashisms "#!/bin/busybox sh\n$'a'"
+prop_checkBashisms124 = verify checkBashisms "#!/bin/dash\ntype -p test"
+prop_checkBashisms125 = verifyNot checkBashisms "#!/bin/busybox sh\ntype -p test"
+prop_checkBashisms126 = verifyNot checkBashisms "#!/bin/busybox sh\nread -p foo -r bar"
 checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
     params <- ask
     kludge params t
@@ -446,10 +449,10 @@ checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
             ("hash", Just $ if isDash then ["r", "v"] else ["r"]),
             ("jobs", Just ["l", "p"]),
             ("printf", Just []),
-            ("read", Just $ if isDash then ["r", "p"] else ["r"]),
+            ("read", Just $ if isDash || isBusyboxSh then ["r", "p"] else ["r"]),
             ("readonly", Just ["p"]),
             ("trap", Just []),
-            ("type", Just []),
+            ("type", Just $ if isBusyboxSh then ["p"] else []),
             ("ulimit", if isDash then Nothing else Just ["f"]),
             ("umask", Just ["S"]),
             ("unset", Just ["f", "v"]),

From 6d2f3d8628235dd2146cd248d9828b004852c7ad Mon Sep 17 00:00:00 2001
From: Sertonix <sertonix@posteo.net>
Date: Tue, 9 Jul 2024 15:12:16 +0200
Subject: [PATCH 201/244] Allow 'echo -e' in busybox shell

---
 src/ShellCheck/Checks/ShellSupport.hs | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index 1207ad0..2ec4cf7 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -217,6 +217,7 @@ prop_checkBashisms123 = verifyNot checkBashisms "#!/bin/busybox sh\n$'a'"
 prop_checkBashisms124 = verify checkBashisms "#!/bin/dash\ntype -p test"
 prop_checkBashisms125 = verifyNot checkBashisms "#!/bin/busybox sh\ntype -p test"
 prop_checkBashisms126 = verifyNot checkBashisms "#!/bin/busybox sh\nread -p foo -r bar"
+prop_checkBashisms127 = verifyNot checkBashisms "#!/bin/busybox sh\necho -ne foo"
 checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
     params <- ask
     kludge params t
@@ -327,7 +328,11 @@ checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
 
     bashism t@(T_SimpleCommand _ _ (cmd:arg:_))
         | t `isCommand` "echo" && argString `matches` flagRegex =
-            if isDash
+            if isBusyboxSh
+            then
+                when (not (argString `matches` busyboxFlagRegex)) $
+                    warnMsg (getId arg) 3036 "echo flags besides -n and -e"
+            else if isDash
             then
                 when (argString /= "-n") $
                     warnMsg (getId arg) 3036 "echo flags besides -n"
@@ -336,6 +341,7 @@ checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
       where
           argString = concat $ oversimplify arg
           flagRegex = mkRegex "^-[eEsn]+$"
+          busyboxFlagRegex = mkRegex "^-[en]+$"
 
     bashism t@(T_SimpleCommand _ _ (cmd:arg:_))
         | getLiteralString cmd == Just "exec" && "-" `isPrefixOf` concat (oversimplify arg) =

From d590a35ff8093a3a1edeac67cdb7fb9cffa593bf Mon Sep 17 00:00:00 2001
From: Hasit Mistry <hasit@coderabbit.ai>
Date: Tue, 9 Jul 2024 14:22:19 -0700
Subject: [PATCH 202/244] Update README.md

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 366c427..03d4d4a 100644
--- a/README.md
+++ b/README.md
@@ -113,6 +113,7 @@ Services and platforms that have ShellCheck pre-installed and ready to use:
 * [CircleCI](https://circleci.com) via the [ShellCheck Orb](https://circleci.com/orbs/registry/orb/circleci/shellcheck)
 * [Github](https://github.com/features/actions) (only Linux)
 * [Trunk Check](https://trunk.io/products/check) (universal linter; [allows you to explicitly version your shellcheck install](https://github.com/trunk-io/plugins/blob/bcbb361dcdbe4619af51ea7db474d7fb87540d20/.trunk/trunk.yaml#L32)) via the [shellcheck plugin](https://github.com/trunk-io/plugins/blob/main/linters/shellcheck/plugin.yaml)
+* [CodeRabbit](https://coderabbit.ai/)
 
 Most other services, including [GitLab](https://about.gitlab.com/), let you install
 ShellCheck yourself, either through the system's package manager (see [Installing](#installing)),

From 2696c6472dd55880f4dc1350262e1192953754ec Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Santoro?= <dereckson@espace-win.org>
Date: Wed, 31 Jul 2024 12:52:42 +0000
Subject: [PATCH 203/244] Whitelist oc to avoid SC2016 false positive

Fixes #3033.
---
 src/ShellCheck/Analytics.hs | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 211993c..08eed57 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -1097,6 +1097,7 @@ checkSingleQuotedVariables params t@(T_SingleQuoted id s) =
                 ,"sudo" -- covering "sudo sh" and such
                 ,"docker" -- like above
                 ,"podman"
+                ,"oc"
                 ,"dpkg-query"
                 ,"jq"  -- could also check that user provides --arg
                 ,"rename"

From 38c5ba7c79e35af29bb1496e774af1d5add0e73c Mon Sep 17 00:00:00 2001
From: Emil Berg <emil.berg1991@gmail.com>
Date: Sat, 3 Aug 2024 08:49:40 +0200
Subject: [PATCH 204/244] Fix typos and trailing whitespace

---
 .github/ISSUE_TEMPLATE.md       | 4 ++--
 README.md                       | 2 +-
 src/ShellCheck/AST.hs           | 4 ++--
 src/ShellCheck/Analytics.hs     | 6 +++---
 src/ShellCheck/CFG.hs           | 2 +-
 src/ShellCheck/Checks/Custom.hs | 2 +-
 src/ShellCheck/Parser.hs        | 2 +-
 7 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md
index 44d151e..493b465 100644
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@@ -1,6 +1,6 @@
 #### For bugs
-- Rule Id (if any, e.g. SC1000): 
-- My shellcheck version (`shellcheck --version` or "online"): 
+- Rule Id (if any, e.g. SC1000):
+- My shellcheck version (`shellcheck --version` or "online"):
 - [ ] The rule's wiki page does not already cover this (e.g. https://shellcheck.net/wiki/SC2086)
 - [ ] I tried on https://www.shellcheck.net/ and verified that this is still a problem on the latest commit
 
diff --git a/README.md b/README.md
index 366c427..78802a0 100644
--- a/README.md
+++ b/README.md
@@ -233,7 +233,7 @@ Alternatively, you can download pre-compiled binaries for the latest release her
 * [Linux, x86_64](https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.linux.x86_64.tar.xz) (statically linked)
 * [Linux, armv6hf](https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.linux.armv6hf.tar.xz), i.e. Raspberry Pi (statically linked)
 * [Linux, aarch64](https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.linux.aarch64.tar.xz) aka ARM64 (statically linked)
-* [macOS, aarch64](https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.darwin.aarch64.tar.xz) 
+* [macOS, aarch64](https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.darwin.aarch64.tar.xz)
 * [macOS, x86_64](https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.darwin.x86_64.tar.xz)
 * [Windows, x86](https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.zip)
 
diff --git a/src/ShellCheck/AST.hs b/src/ShellCheck/AST.hs
index ca05c98..979a9b0 100644
--- a/src/ShellCheck/AST.hs
+++ b/src/ShellCheck/AST.hs
@@ -206,7 +206,7 @@ pattern T_Annotation id anns t = OuterToken id (Inner_T_Annotation anns t)
 pattern T_Arithmetic id c = OuterToken id (Inner_T_Arithmetic c)
 pattern T_Array id t = OuterToken id (Inner_T_Array t)
 pattern TA_Sequence id l = OuterToken id (Inner_TA_Sequence l)
-pattern TA_Parentesis id t = OuterToken id (Inner_TA_Parenthesis t)
+pattern TA_Parenthesis id t = OuterToken id (Inner_TA_Parenthesis t)
 pattern T_Assignment id mode var indices value = OuterToken id (Inner_T_Assignment mode var indices value)
 pattern TA_Trinary id t1 t2 t3 = OuterToken id (Inner_TA_Trinary t1 t2 t3)
 pattern TA_Unary id op t1 = OuterToken id (Inner_TA_Unary op t1)
@@ -259,7 +259,7 @@ pattern T_Subshell id l = OuterToken id (Inner_T_Subshell l)
 pattern T_UntilExpression id c l = OuterToken id (Inner_T_UntilExpression c l)
 pattern T_WhileExpression id c l = OuterToken id (Inner_T_WhileExpression c l)
 
-{-# COMPLETE T_AND_IF, T_Bang, T_Case, TC_Empty, T_CLOBBER, T_DGREAT, T_DLESS, T_DLESSDASH, T_Do, T_DollarSingleQuoted, T_Done, T_DSEMI, T_Elif, T_Else, T_EOF, T_Esac, T_Fi, T_For, T_Glob, T_GREATAND, T_Greater, T_If, T_In, T_Lbrace, T_Less, T_LESSAND, T_LESSGREAT, T_Literal, T_Lparen, T_NEWLINE, T_OR_IF, T_ParamSubSpecialChar, T_Pipe, T_Rbrace, T_Rparen, T_Select, T_Semi, T_SingleQuoted, T_Then, T_UnparsedIndex, T_Until, T_While, TA_Assignment, TA_Binary, TA_Expansion, T_AndIf, T_Annotation, T_Arithmetic, T_Array, TA_Sequence, TA_Parentesis, T_Assignment, TA_Trinary, TA_Unary, TA_Variable, T_Backgrounded, T_Backticked, T_Banged, T_BatsTest, T_BraceExpansion, T_BraceGroup, TC_And, T_CaseExpression, TC_Binary, TC_Group, TC_Nullary, T_Condition, T_CoProcBody, T_CoProc, TC_Or, TC_Unary, T_DollarArithmetic, T_DollarBraceCommandExpansion, T_DollarBraced, T_DollarBracket, T_DollarDoubleQuoted, T_DollarExpansion, T_DoubleQuoted, T_Extglob, T_FdRedirect, T_ForArithmetic, T_ForIn, T_Function, T_HereDoc, T_HereString, T_IfExpression, T_Include, T_IndexedElement, T_IoDuplicate, T_IoFile, T_NormalWord, T_OrIf, T_Pipeline, T_ProcSub, T_Redirecting, T_Script, T_SelectIn, T_SimpleCommand, T_SourceCommand, T_Subshell, T_UntilExpression, T_WhileExpression #-}
+{-# COMPLETE T_AND_IF, T_Bang, T_Case, TC_Empty, T_CLOBBER, T_DGREAT, T_DLESS, T_DLESSDASH, T_Do, T_DollarSingleQuoted, T_Done, T_DSEMI, T_Elif, T_Else, T_EOF, T_Esac, T_Fi, T_For, T_Glob, T_GREATAND, T_Greater, T_If, T_In, T_Lbrace, T_Less, T_LESSAND, T_LESSGREAT, T_Literal, T_Lparen, T_NEWLINE, T_OR_IF, T_ParamSubSpecialChar, T_Pipe, T_Rbrace, T_Rparen, T_Select, T_Semi, T_SingleQuoted, T_Then, T_UnparsedIndex, T_Until, T_While, TA_Assignment, TA_Binary, TA_Expansion, T_AndIf, T_Annotation, T_Arithmetic, T_Array, TA_Sequence, TA_Parenthesis, T_Assignment, TA_Trinary, TA_Unary, TA_Variable, T_Backgrounded, T_Backticked, T_Banged, T_BatsTest, T_BraceExpansion, T_BraceGroup, TC_And, T_CaseExpression, TC_Binary, TC_Group, TC_Nullary, T_Condition, T_CoProcBody, T_CoProc, TC_Or, TC_Unary, T_DollarArithmetic, T_DollarBraceCommandExpansion, T_DollarBraced, T_DollarBracket, T_DollarDoubleQuoted, T_DollarExpansion, T_DoubleQuoted, T_Extglob, T_FdRedirect, T_ForArithmetic, T_ForIn, T_Function, T_HereDoc, T_HereString, T_IfExpression, T_Include, T_IndexedElement, T_IoDuplicate, T_IoFile, T_NormalWord, T_OrIf, T_Pipeline, T_ProcSub, T_Redirecting, T_Script, T_SelectIn, T_SimpleCommand, T_SourceCommand, T_Subshell, T_UntilExpression, T_WhileExpression #-}
 
 instance Eq Token where
     OuterToken _ a == OuterToken _ b = a == b
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 211993c..b3d673f 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -3294,7 +3294,7 @@ checkReturnAgainstZero params token =
             next@(TA_Unary _ "!" _):_ -> isOnlyTestInCommand next
             next@(TC_Group {}):_ -> isOnlyTestInCommand next
             next@(TA_Sequence _ [_]):_ -> isOnlyTestInCommand next
-            next@(TA_Parentesis _ _):_ -> isOnlyTestInCommand next
+            next@(TA_Parenthesis _ _):_ -> isOnlyTestInCommand next
             _ -> False
 
     -- TODO: Do better $? tracking and filter on whether
@@ -4990,14 +4990,14 @@ checkUnnecessaryParens params t =
         T_ForArithmetic _ x y z _ -> mapM_ (checkLeading "for (((x); (y); (z))) is the same as for ((x; y; z))")  [x,y,z]
         T_Assignment _ _ _ [t] _ -> checkLeading "a[(x)] is the same as a[x]" t
         T_Arithmetic _ t -> checkLeading "(( (x) )) is the same as (( x ))" t
-        TA_Parentesis _ (TA_Sequence _ [ TA_Parentesis id _ ]) ->
+        TA_Parenthesis _ (TA_Sequence _ [ TA_Parenthesis id _ ]) ->
             styleWithFix id 2322 "In arithmetic contexts, ((x)) is the same as (x). Prefer only one layer of parentheses." $ fix id
         _ -> return ()
   where
 
     checkLeading str t =
         case t of
-            TA_Sequence _ [TA_Parentesis id _ ] -> styleWithFix id 2323 (str ++ ". Prefer not wrapping in additional parentheses.") $ fix id
+            TA_Sequence _ [TA_Parenthesis id _ ] -> styleWithFix id 2323 (str ++ ". Prefer not wrapping in additional parentheses.") $ fix id
             _ -> return ()
 
     fix id =
diff --git a/src/ShellCheck/CFG.hs b/src/ShellCheck/CFG.hs
index dc56b58..81689a1 100644
--- a/src/ShellCheck/CFG.hs
+++ b/src/ShellCheck/CFG.hs
@@ -490,7 +490,7 @@ build t = do
         TA_Binary _ _ a b -> sequentially [a,b]
         TA_Expansion _ list -> sequentially list
         TA_Sequence _ list -> sequentially list
-        TA_Parentesis _ t -> build t
+        TA_Parenthesis _ t -> build t
 
         TA_Trinary _ cond a b -> do
             condition <- build cond
diff --git a/src/ShellCheck/Checks/Custom.hs b/src/ShellCheck/Checks/Custom.hs
index 76ac83c..17e9c9e 100644
--- a/src/ShellCheck/Checks/Custom.hs
+++ b/src/ShellCheck/Checks/Custom.hs
@@ -1,7 +1,7 @@
 {-
     This empty file is provided for ease of patching in site specific checks.
     However, there are no guarantees regarding compatibility between versions.
--} 
+-}
 
 {-# LANGUAGE TemplateHaskell #-}
 module ShellCheck.Checks.Custom (checker, ShellCheck.Checks.Custom.runTests) where
diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 9cc5e02..dfe3131 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -827,7 +827,7 @@ readArithmeticContents =
         char ')'
         id <- endSpan start
         spacing
-        return $ TA_Parentesis id s
+        return $ TA_Parenthesis id s
 
     readArithTerm = readGroup <|> readVariable <|> readExpansion
 

From c7611dfcc6ccb320b530a4e9179e6facee96a422 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Mon, 19 Aug 2024 18:37:29 -0700
Subject: [PATCH 205/244] Use dynamic artifact name to work around issue with
 v4 uploader

---
 .github/workflows/build.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 8f9d7d0..3886655 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -65,7 +65,7 @@ jobs:
       - name: Upload artifact
         uses: actions/upload-artifact@v4
         with:
-          name: bin
+          name: ${{matrix.build}}.bin
           path: bin/
 
   package_binary:

From 68e6f02267defb1e2e6398b0f477b4b85e930c22 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 31 Aug 2024 18:00:49 -0700
Subject: [PATCH 206/244] Expand list of recognized unicode spaces (and rewrite
 for performance)

---
 src/ShellCheck/Parser.hs | 12 +++---------
 1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index dfe3131..3de3537 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -141,15 +141,9 @@ carriageReturn = do
     parseProblemAt pos ErrorC 1017 "Literal carriage return. Run script through tr -d '\\r' ."
     return '\r'
 
-almostSpace =
-    choice [
-        check '\xA0' "unicode non-breaking space",
-        check '\x200B' "unicode zerowidth space"
-    ]
-  where
-    check c name = do
-        parseNote ErrorC 1018 $ "This is a " ++ name ++ ". Delete and retype it."
-        char c
+almostSpace = do
+        parseNote ErrorC 1018 $ "This is a unicode space. Delete and retype it."
+        oneOf "\xA0\x2002\x2003\x2004\x2005\x2006\x2007\x2008\x2009\x200B\x202F"
         return ' '
 
 --------- Message/position annotation on top of user state

From 1487e57a46a48f926f0cd698756cfe41d9635c15 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 31 Aug 2024 18:27:18 -0700
Subject: [PATCH 207/244] Suppress unused warnings about stderr and
 stderr_lines from bats tests, fixing tests.

---
 src/ShellCheck/Data.hs | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/ShellCheck/Data.hs b/src/ShellCheck/Data.hs
index 917142e..3000a99 100644
--- a/src/ShellCheck/Data.hs
+++ b/src/ShellCheck/Data.hs
@@ -62,6 +62,9 @@ internalVariables = [
     , "FLAGS_ARGC", "FLAGS_ARGV", "FLAGS_ERROR", "FLAGS_FALSE", "FLAGS_HELP",
     "FLAGS_PARENT", "FLAGS_RESERVED", "FLAGS_TRUE", "FLAGS_VERSION",
     "flags_error", "flags_return"
+
+    -- Bats
+    ,"stderr", "stderr_lines"
   ]
 
 specialIntegerVariables = [

From 88e441453ba3bbb2aa0449dc178b8f82aaee5b4c Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 31 Aug 2024 18:31:47 -0700
Subject: [PATCH 208/244] Make SC2002 optional (useless-use-of-cat)

---
 src/ShellCheck/Analytics.hs | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 869b683..ce11884 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -103,8 +103,7 @@ nodeChecksToTreeCheck checkList =
 
 nodeChecks :: [Parameters -> Token -> Writer [TokenComment] ()]
 nodeChecks = [
-    checkUuoc
-    ,checkPipePitfalls
+    checkPipePitfalls
     ,checkForInQuoted
     ,checkForInLs
     ,checkShorthandIf
@@ -273,6 +272,13 @@ optionalTreeChecks = [
         cdPositive = "rm -r \"$(get_chroot_dir)/home\"",
         cdNegative = "set -e; dir=\"$(get_chroot_dir)\"; rm -r \"$dir/home\""
     }, checkExtraMaskedReturns)
+
+    ,(newCheckDescription {
+        cdName = "useless-use-of-cat",
+        cdDescription = "Check for Useless Use Of Cat (UUOC)",
+        cdPositive = "cat foo | grep bar",
+        cdNegative = "grep bar foo"
+    }, nodeChecksToTreeCheck [checkUuoc])
     ]
 
 optionalCheckMap :: Map.Map String (Parameters -> Token -> [TokenComment])

From 8a1b24c7afcd0534e15eb7db8e386d0d550c6015 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 1 Sep 2024 13:21:44 -0700
Subject: [PATCH 209/244] Fix paths for CI binary packaging after upgrade

---
 .github/workflows/build.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 3886655..b0d1085 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -43,7 +43,7 @@ jobs:
           path: source/
 
   build_source:
-    name: Build Source Code
+    name: Build
     needs: package_source
     strategy:
       matrix:
@@ -80,13 +80,13 @@ jobs:
         uses: actions/download-artifact@v4
 
       - name: Work around GitHub permissions bug
-        run: chmod +x bin/*/shellcheck*
+        run: chmod +x *.bin/*/shellcheck*
 
       - name: Package binaries
         run: |
           export TAGS="$(cat source/tags)"
           mkdir -p deploy
-          cp -r bin/* deploy
+          cp -r *.bin/* deploy
           cd deploy
           ../.prepare_deploy
           rm -rf */ README* LICENSE*

From ca65071d778d140bc6bad64e699265dde25821e9 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 1 Sep 2024 14:06:26 -0700
Subject: [PATCH 210/244] Run unit tests in GitHub actions

---
 .github/workflows/build.yml | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index b0d1085..83269c9 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -42,6 +42,29 @@ jobs:
           name: source
           path: source/
 
+  run_tests:
+    name: Run tests
+    needs: package_source
+    runs-on: ubuntu-latest
+    steps:
+      - name: Download artifacts
+        uses: actions/download-artifact@v4
+
+      - name: Install dependencies
+        run: |
+          sudo apt-get update && sudo apt-get install ghc cabal-install
+          cabal update
+
+      - name: Unpack source
+        run: |
+          cd source
+          tar xvf source.tar.gz --strip-components=1
+
+      - name: Build and run tests
+        run: |
+          cd source
+          cabal test
+
   build_source:
     name: Build
     needs: package_source

From 79e43c4550aaf50ebcced1c2b2852f1bd2533f6c Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 7 Sep 2024 17:14:52 -0700
Subject: [PATCH 211/244] Allow parsing arbitrary coproc names (fixes #3048)

---
 src/ShellCheck/AST.hs         |  2 +-
 src/ShellCheck/AnalyzerLib.hs |  8 ++++++--
 src/ShellCheck/CFG.hs         | 14 +++++++++++---
 src/ShellCheck/Parser.hs      | 35 ++++++++++++++++++++++++++++-------
 4 files changed, 46 insertions(+), 13 deletions(-)

diff --git a/src/ShellCheck/AST.hs b/src/ShellCheck/AST.hs
index 979a9b0..bafe035 100644
--- a/src/ShellCheck/AST.hs
+++ b/src/ShellCheck/AST.hs
@@ -138,7 +138,7 @@ data InnerToken t =
     | Inner_T_WhileExpression [t] [t]
     | Inner_T_Annotation [Annotation] t
     | Inner_T_Pipe String
-    | Inner_T_CoProc (Maybe String) t
+    | Inner_T_CoProc (Maybe Token) t
     | Inner_T_CoProcBody t
     | Inner_T_Include t
     | Inner_T_SourceCommand t t
diff --git a/src/ShellCheck/AnalyzerLib.hs b/src/ShellCheck/AnalyzerLib.hs
index 3b1faa9..531ce8b 100644
--- a/src/ShellCheck/AnalyzerLib.hs
+++ b/src/ShellCheck/AnalyzerLib.hs
@@ -559,8 +559,12 @@ getModifiedVariables t =
         T_FdRedirect _ ('{':var) op -> -- {foo}>&2 modifies foo
             [(t, t, takeWhile (/= '}') var, DataString SourceInteger) | not $ isClosingFileOp op]
 
-        T_CoProc _ name _ ->
-            [(t, t, fromMaybe "COPROC" name, DataArray SourceInteger)]
+        T_CoProc _ Nothing _ ->
+            [(t, t, "COPROC", DataArray SourceInteger)]
+
+        T_CoProc _ (Just token) _ -> do
+            name <- maybeToList $ getLiteralString token
+            [(t, t, name, DataArray SourceInteger)]
 
         --Points to 'for' rather than variable
         T_ForIn id str [] _ -> [(t, t, str, DataString SourceExternal)]
diff --git a/src/ShellCheck/CFG.hs b/src/ShellCheck/CFG.hs
index 81689a1..57aaf4b 100644
--- a/src/ShellCheck/CFG.hs
+++ b/src/ShellCheck/CFG.hs
@@ -668,10 +668,18 @@ build t = do
             status <- newNodeRange $ CFSetExitCode id
             linkRange cond status
 
-        T_CoProc id maybeName t -> do
-            let name = fromMaybe "COPROC" maybeName
+        T_CoProc id maybeNameToken t -> do
+            -- If unspecified, "COPROC". If not a constant string, Nothing.
+            let maybeName = case maybeNameToken of
+                    Just x -> getLiteralString x
+                    Nothing -> Just "COPROC"
+
+            let parentNode = case maybeName of
+                    Just str -> applySingle $ IdTagged id $ CFWriteVariable str CFValueArray
+                    Nothing -> CFStructuralNode
+
             start <- newStructuralNode
-            parent <- newNodeRange $ applySingle $ IdTagged id $ CFWriteVariable name CFValueArray
+            parent <- newNodeRange parentNode
             child <- subshell id "coproc" $ build t
             end <- newNodeRange $ CFSetExitCode id
 
diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 3de3537..66d62ff 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -2795,17 +2795,29 @@ readFunctionDefinition = called "function" $ do
 prop_readCoProc1 = isOk readCoProc "coproc foo { echo bar; }"
 prop_readCoProc2 = isOk readCoProc "coproc { echo bar; }"
 prop_readCoProc3 = isOk readCoProc "coproc echo bar"
+prop_readCoProc4 = isOk readCoProc "coproc a=b echo bar"
+prop_readCoProc5 = isOk readCoProc "coproc 'foo' { echo bar; }"
+prop_readCoProc6 = isOk readCoProc "coproc \"foo$$\" { echo bar; }"
+prop_readCoProc7 = isOk readCoProc "coproc 'foo' ( echo bar )"
+prop_readCoProc8 = isOk readCoProc "coproc \"foo$$\" while true; do true; done"
 readCoProc = called "coproc" $ do
     start <- startSpan
     try $ do
         string "coproc"
-        whitespace
+        spacing1
     choice [ try $ readCompoundCoProc start, readSimpleCoProc start ]
   where
     readCompoundCoProc start = do
-        var <- optionMaybe $
-            readVariableName `thenSkip` whitespace
-        body <- readBody readCompoundCommand
+        notFollowedBy2 readAssignmentWord
+        (var, body) <- choice [
+            try $ do
+                body <- readBody readCompoundCommand
+                return (Nothing, body),
+            try $ do
+                var <- readNormalWord `thenSkip` spacing
+                body <- readBody readCompoundCommand
+                return (Just var, body)
+            ]
         id <- endSpan start
         return $ T_CoProc id var body
     readSimpleCoProc start = do
@@ -3436,13 +3448,22 @@ isOk p s =      parsesCleanly p s == Just True   -- The string parses with no wa
 isWarning p s = parsesCleanly p s == Just False  -- The string parses with warnings
 isNotOk p s =   parsesCleanly p s == Nothing     -- The string does not parse
 
-parsesCleanly parser string = runIdentity $ do
+-- If the parser matches the string, return Right [ParseNotes+ParseProblems]
+-- If it does not match the string,  return Left  [ParseProblems]
+getParseOutput parser string = runIdentity $ do
     (res, sys) <- runParser testEnvironment
                     (parser >> eof >> getState) "-" string
     case (res, sys) of
         (Right userState, systemState) ->
-            return $ Just . null $ parseNotes userState ++ parseProblems systemState
-        (Left _, _) -> return Nothing
+            return $ Right $ parseNotes userState ++ parseProblems systemState
+        (Left _, systemState) -> return $ Left $ parseProblems systemState
+
+-- If the parser matches the string, return Just whether it was clean (without emitting suggestions)
+-- Otherwise, Nothing
+parsesCleanly parser string =
+    case getParseOutput parser string of
+        Right list -> Just $ null list
+        Left _ -> Nothing
 
 parseWithNotes parser = do
     item <- parser

From 5c2be767abff85fd10325a2d8a61a372567e63b8 Mon Sep 17 00:00:00 2001
From: Tony <3987237+random1223@users.noreply.github.com>
Date: Mon, 9 Sep 2024 18:56:18 -0700
Subject: [PATCH 212/244] Update README.md

Add Codety Scanner into the static analysis solution list.
Here are the examples of the result:
* Codety's pull request code review example: https://github.com/codetyio/codety-scanner/pull/66#issuecomment-2339438925
* Codety's GitHub code scan result example : https://github.com/codetyio/codety-scanner/runs/29907371258

Codety Scanner is open source: https://github.com/codetyio/codety-scanner
---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index c200a3e..9b776cf 100644
--- a/README.md
+++ b/README.md
@@ -110,6 +110,7 @@ Services and platforms that have ShellCheck pre-installed and ready to use:
 * [Codacy](https://www.codacy.com/)
 * [Code Climate](https://codeclimate.com/)
 * [Code Factor](https://www.codefactor.io/)
+* [Codety](https://www.codety.io/) via the [Codety Scanner](https://github.com/codetyio/codety-scanner)
 * [CircleCI](https://circleci.com) via the [ShellCheck Orb](https://circleci.com/orbs/registry/orb/circleci/shellcheck)
 * [Github](https://github.com/features/actions) (only Linux)
 * [Trunk Check](https://trunk.io/products/check) (universal linter; [allows you to explicitly version your shellcheck install](https://github.com/trunk-io/plugins/blob/bcbb361dcdbe4619af51ea7db474d7fb87540d20/.trunk/trunk.yaml#L32)) via the [shellcheck plugin](https://github.com/trunk-io/plugins/blob/main/linters/shellcheck/plugin.yaml)

From 5e3e98bcb0ca594185e9e675dac929aa053dd223 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 27 Oct 2024 15:43:30 -0700
Subject: [PATCH 213/244] Use CFG to determine use-before-define for SC2218
 (fixes #3070)

---
 CHANGELOG.md                |  1 +
 src/ShellCheck/Analytics.hs | 48 ++++++++++++++++++-------------------
 2 files changed, 25 insertions(+), 24 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 43db00c..982036d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,7 @@
 ### Changed
 - SC2015 about `A && B || C` no longer triggers when B is a test command.
 ### Fixed
+- SC2218 about function use-before-define is now more accurate.
 - SC2317 about unreachable commands is now less spammy for nested ones.
 - SC2292, optional suggestion for [[ ]], now triggers for Busybox.
 
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index ce11884..7f7a572 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -3765,32 +3765,32 @@ prop_checkUseBeforeDefinition1 = verifyTree checkUseBeforeDefinition "f; f() { t
 prop_checkUseBeforeDefinition2 = verifyNotTree checkUseBeforeDefinition "f() { true; }; f"
 prop_checkUseBeforeDefinition3 = verifyNotTree checkUseBeforeDefinition "if ! mycmd --version; then mycmd() { true; }; fi"
 prop_checkUseBeforeDefinition4 = verifyNotTree checkUseBeforeDefinition "mycmd || mycmd() { f; }"
-checkUseBeforeDefinition _ t =
-    execWriter $ evalStateT (mapM_ examine $ revCommands) Map.empty
+prop_checkUseBeforeDefinition5 = verifyTree checkUseBeforeDefinition "false || mycmd; mycmd() { f; }"
+prop_checkUseBeforeDefinition6 = verifyNotTree checkUseBeforeDefinition "f() { one; }; f; f() { two; }; f"
+checkUseBeforeDefinition :: Parameters -> Token -> [TokenComment]
+checkUseBeforeDefinition params t = fromMaybe [] $ do
+    cfga <- cfgAnalysis params
+    let funcs = execState (doAnalysis findFunction t) Map.empty
+    -- Green cut: no point enumerating commands if there are no functions.
+    guard . not $ Map.null funcs
+    return $ execWriter $ doAnalysis (findInvocation cfga funcs) t
   where
-    examine t = case t of
-        T_Pipeline _ _ [T_Redirecting _ _ (T_Function _ _ _ name _)] ->
-            modify $ Map.insert name t
-        T_Annotation _ _ w -> examine w
-        T_Pipeline _ _ cmds -> do
-            m <- get
-            unless (Map.null m) $
-                mapM_ (checkUsage m) $ concatMap recursiveSequences cmds
-        _ -> return ()
+    findFunction t =
+        case t of
+            T_Function id _ _ name _ -> modify (Map.insertWith (++) name [id])
+            _ -> return ()
 
-    checkUsage map cmd = sequence_ $ do
-        name <- getCommandName cmd
-        def <- Map.lookup name map
-        return $
-            err (getId cmd) 2218
-                "This function is only defined later. Move the definition up."
-
-    revCommands = reverse $ concat $ getCommandSequences t
-    recursiveSequences x =
-        let list = concat $ getCommandSequences x in
-            if null list
-            then [x]
-            else concatMap recursiveSequences list
+    findInvocation cfga funcs t =
+        case t of
+            T_SimpleCommand id _ (cmd:_) -> sequence_ $ do
+                name <- getLiteralString cmd
+                invocations <- Map.lookup name funcs
+                -- Is the function definitely being defined later?
+                guard $ any (\c -> CF.doesPostDominate cfga c id) invocations
+                -- Was one already defined, so it's actually a re-definition?
+                guard . not $ any (\c -> CF.doesPostDominate cfga id c) invocations
+                return $ err id 2218 "This function is only defined later. Move the definition up."
+            _ -> return ()
 
 prop_checkForLoopGlobVariables1 = verify checkForLoopGlobVariables "for i in $var/*.txt; do true; done"
 prop_checkForLoopGlobVariables2 = verifyNot checkForLoopGlobVariables "for i in \"$var\"/*.txt; do true; done"

From f2932ebcdc51527ca439737465e35b0b039a51b7 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 27 Oct 2024 16:02:56 -0700
Subject: [PATCH 214/244] Remember to add changelog to release messages (fixes
 #3051)

---
 test/check_release | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/test/check_release b/test/check_release
index 665b265..f3ea9df 100755
--- a/test/check_release
+++ b/test/check_release
@@ -50,6 +50,11 @@ then
   fail "Expected git log message to be 'Stable version ...'"
 fi
 
+if [[ $(git log -1 --pretty=%B) != *"CHANGELOG"* ]]
+then
+  fail "Expected git log message to contain CHANGELOG"
+fi
+
 i=1 j=1
 cat << EOF
 

From 097018754b313a102834ec389079ee04673f68fa Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 27 Oct 2024 18:10:00 -0700
Subject: [PATCH 215/244] Mention that SC2002 (UUOC) is now no longer enabled
 by default.

---
 CHANGELOG.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 982036d..612068d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,8 @@
 - SC2330: Warn about unsupported glob matches with [[ .. ]] in BusyBox.
 - Precompiled binaries for Linux riscv64 (linux.riscv64)
 ### Changed
+- SC2002 about Useless Use Of Cat is now disabled by default. It can be
+  re-enabled with `--enable=useless-use-of-cat` or equivalent directive.
 - SC2015 about `A && B || C` no longer triggers when B is a test command.
 ### Fixed
 - SC2218 about function use-before-define is now more accurate.

From 792466bc22ea9528313b5224621610551216e4a6 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 3 Nov 2024 13:56:51 -0800
Subject: [PATCH 216/244] Update Diff dependency (fixes #3075)

---
 ShellCheck.cabal | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ShellCheck.cabal b/ShellCheck.cabal
index fc52b12..0f604a9 100644
--- a/ShellCheck.cabal
+++ b/ShellCheck.cabal
@@ -53,7 +53,7 @@ library
       bytestring           >= 0.10.6 && < 0.13,
       containers           >= 0.5.6 && < 0.8,
       deepseq              >= 1.4.1 && < 1.6,
-      Diff                 >= 0.4.0 && < 0.6,
+      Diff                 >= 0.4.0 && < 1.1,
       fgl                  (>= 5.7.0 && < 5.8.1.0) || (>= 5.8.1.1 && < 5.9),
       filepath             >= 1.4.0 && < 1.5,
       mtl                  >= 2.2.2 && < 2.4,

From 0ee46a0f33ebafde128e2c93dd45f2757de4d4ec Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 3 Nov 2024 14:19:08 -0800
Subject: [PATCH 217/244] Update filepath dependency

---
 ShellCheck.cabal | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ShellCheck.cabal b/ShellCheck.cabal
index 0f604a9..f31ead3 100644
--- a/ShellCheck.cabal
+++ b/ShellCheck.cabal
@@ -55,7 +55,7 @@ library
       deepseq              >= 1.4.1 && < 1.6,
       Diff                 >= 0.4.0 && < 1.1,
       fgl                  (>= 5.7.0 && < 5.8.1.0) || (>= 5.8.1.1 && < 5.9),
-      filepath             >= 1.4.0 && < 1.5,
+      filepath             >= 1.4.0 && < 1.6,
       mtl                  >= 2.2.2 && < 2.4,
       parsec               >= 3.1.14 && < 3.2,
       QuickCheck           >= 2.14.2 && < 2.15,

From 47bff1d5fdc478a3bfb32ffb532d33bab0e64b2c Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 3 Nov 2024 16:54:45 -0800
Subject: [PATCH 218/244] Add 24.04 to distrotest LTS

---
 test/distrotest | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/test/distrotest b/test/distrotest
index ef467b8..c52a5c9 100755
--- a/test/distrotest
+++ b/test/distrotest
@@ -74,11 +74,12 @@ fedora:latest         dnf install -y cabal-install ghc-template-haskell-devel fi
 archlinux:latest      pacman -S -y --noconfirm cabal-install ghc-static base-devel
 
 # Ubuntu LTS
+ubuntu:24.04          apt-get update && apt-get install -y cabal-install
 ubuntu:22.04          apt-get update && apt-get install -y cabal-install
 ubuntu:20.04          apt-get update && apt-get install -y cabal-install
 
 # Stack on Ubuntu LTS
-ubuntu:22.04          set -e; apt-get update && apt-get install -y curl && curl -sSL https://get.haskellstack.org/ | sh -s - -f && cd /mnt && exec test/stacktest
+ubuntu:24.04          set -e; apt-get update && apt-get install -y curl && curl -sSL https://get.haskellstack.org/ | sh -s - -f && cd /mnt && exec test/stacktest
 EOF
 
 exit "$final"

From 944d87915a191af442b3895ef5af89ffb65789d8 Mon Sep 17 00:00:00 2001
From: Evan Silberman <evan@jklol.net>
Date: Mon, 11 Nov 2024 11:24:21 -0800
Subject: [PATCH 219/244] Recognize "oksh" executable name as ksh

A portable version of OpenBSD's ksh is distributed with the executable
name oksh [1]. It's a descendant of pdksh and can be shellchecked as
ksh.

[1]: https://github.com/ibara/oksh
---
 src/ShellCheck/Data.hs   | 1 +
 src/ShellCheck/Parser.hs | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Data.hs b/src/ShellCheck/Data.hs
index 3000a99..a145684 100644
--- a/src/ShellCheck/Data.hs
+++ b/src/ShellCheck/Data.hs
@@ -167,6 +167,7 @@ shellForExecutable name =
         "ksh"   -> return Ksh
         "ksh88" -> return Ksh
         "ksh93" -> return Ksh
+        "oksh"  -> return Ksh
         _ -> Nothing
 
 flagsForRead = "sreu:n:N:i:p:a:t:"
diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 66d62ff..3986dab 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -3387,7 +3387,8 @@ readScriptFile sourced = do
         "busybox sh",
         "bash",
         "bats",
-        "ksh"
+        "ksh",
+        "oksh"
         ]
     badShells = [
         "awk",

From 7f3f014d49d4bc6b979ed5508b1c57874e795ee8 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Thu, 28 Nov 2024 11:51:22 -0800
Subject: [PATCH 220/244] Allow latest QuickCheck

---
 ShellCheck.cabal | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ShellCheck.cabal b/ShellCheck.cabal
index f31ead3..68c32d9 100644
--- a/ShellCheck.cabal
+++ b/ShellCheck.cabal
@@ -58,7 +58,7 @@ library
       filepath             >= 1.4.0 && < 1.6,
       mtl                  >= 2.2.2 && < 2.4,
       parsec               >= 3.1.14 && < 3.2,
-      QuickCheck           >= 2.14.2 && < 2.15,
+      QuickCheck           >= 2.14.2 && < 2.16,
       regex-tdfa           >= 1.2.0 && < 1.4,
       transformers         >= 0.4.2 && < 0.7,
 

From 3c75d82db571aa3fd337e04077daa3c01e0c878e Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Fri, 29 Nov 2024 12:58:56 -0800
Subject: [PATCH 221/244] Fix stacktest complaining about permissions on /mnt

---
 test/distrotest | 6 +++---
 test/stacktest  | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/test/distrotest b/test/distrotest
index c52a5c9..128ee44 100755
--- a/test/distrotest
+++ b/test/distrotest
@@ -17,13 +17,13 @@ and is still highly experimental.
 Make sure you're plugged in and have screen/tmux in place,
 then re-run with $0 --run to continue.
 
-Also note that dist* will be deleted.
+Also note that dist*/ and .stack-work/ will be deleted.
 EOF
 exit 0
 }
 
-echo "Deleting 'dist' and 'dist-newstyle'..."
-rm -rf dist dist-newstyle
+echo "Deleting 'dist', 'dist-newstyle', and '.stack-work'..."
+rm -rf dist dist-newstyle .stack-work
 
 execs=$(find . -name shellcheck)
 
diff --git a/test/stacktest b/test/stacktest
index 9eb8d1e..b486c31 100755
--- a/test/stacktest
+++ b/test/stacktest
@@ -15,7 +15,7 @@ die() { echo "$*" >&2; exit 1; }
 command -v stack ||
   die "stack is missing"
 
-stack setup        || die "Failed to setup with default resolver"
+stack setup --allow-different-user || die "Failed to setup with default resolver"
 stack build --test || die "Failed to build/test with default resolver"
 
 # Nice to haves, but not necessary

From 195b70db8c697e44b65beeb83abe4c283cd4cda4 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Fri, 13 Dec 2024 23:06:49 -0500
Subject: [PATCH 222/244] Use unless instead of when and not

---
 src/ShellCheck/Checks/ShellSupport.hs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index 2ec4cf7..f228832 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -330,7 +330,7 @@ checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
         | t `isCommand` "echo" && argString `matches` flagRegex =
             if isBusyboxSh
             then
-                when (not (argString `matches` busyboxFlagRegex)) $
+                unless (argString `matches` busyboxFlagRegex) $
                     warnMsg (getId arg) 3036 "echo flags besides -n and -e"
             else if isDash
             then

From 0ecaf2b5f165497e461a47330ebbe11b05d8eb1a Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Fri, 13 Dec 2024 23:19:36 -0500
Subject: [PATCH 223/244] Use foldr instead of explicit recursion

---
 src/ShellCheck/Analytics.hs | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 7f7a572..3a47ed9 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -5074,10 +5074,9 @@ checkExpansionWithRedirection params t =
             (T_Pipeline _ _ t@(_:_)) -> checkCmd id (last t)
             _ -> return ()
 
-    checkCmd captureId (T_Redirecting _ redirs _) = walk captureId redirs
+    checkCmd captureId (T_Redirecting _ redirs _) = foldr (walk captureId) (return ()) redirs
 
-    walk captureId [] = return ()
-    walk captureId (t:rest) =
+    walk captureId t acc =
         case t of
             T_FdRedirect _ _ (T_IoDuplicate _ _ "1") -> return ()
             T_FdRedirect id "1" (T_IoDuplicate _ _ _) -> return ()
@@ -5086,7 +5085,7 @@ checkExpansionWithRedirection params t =
                 if getLiteralString file == Just "/dev/null"
                 then emit id captureId False
                 else emit id captureId True
-            _ -> walk captureId rest
+            _ -> acc
 
     emit redirectId captureId suggestTee = do
         warn captureId 2327 "This command substitution will be empty because the command's output gets redirected away."

From 5adfea21eec84a6bc8bbcaf4e22c02461dd850d9 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Fri, 13 Dec 2024 23:20:48 -0500
Subject: [PATCH 224/244] Use the result of the comparison directly instead of
 an if/else

---
 src/ShellCheck/Analytics.hs | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 3a47ed9..4757e57 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -5082,9 +5082,7 @@ checkExpansionWithRedirection params t =
             T_FdRedirect id "1" (T_IoDuplicate _ _ _) -> return ()
             T_FdRedirect id "" (T_IoDuplicate _ op _) | op `elem` [T_GREATAND (Id 0), T_Greater (Id 0)] -> emit id captureId True
             T_FdRedirect id str (T_IoFile _ op file) | str `elem` ["", "1"] && op `elem` [ T_DGREAT (Id 0), T_Greater (Id 0) ]  ->
-                if getLiteralString file == Just "/dev/null"
-                then emit id captureId False
-                else emit id captureId True
+                emit id captureId $ getLiteralString file /= Just "/dev/null"
             _ -> acc
 
     emit redirectId captureId suggestTee = do

From 26b949b9b0b1552639fdf24411096cf00749be18 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Fri, 13 Dec 2024 23:45:32 -0500
Subject: [PATCH 225/244] Use mapM_ instead of isJust and fromJust

---
 src/ShellCheck/Checks/Commands.hs | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/ShellCheck/Checks/Commands.hs b/src/ShellCheck/Checks/Commands.hs
index c10016e..c37a67d 100644
--- a/src/ShellCheck/Checks/Commands.hs
+++ b/src/ShellCheck/Checks/Commands.hs
@@ -1431,9 +1431,8 @@ prop_checkBackreferencingDeclaration7 = verify (checkBackreferencingDeclaration
 checkBackreferencingDeclaration cmd = CommandCheck (Exactly cmd) check
   where
     check t = do
-        cfga <- asks cfgAnalysis
-        when (isJust cfga) $
-            foldM_ (perArg $ fromJust cfga) M.empty $ arguments t
+        maybeCfga <- asks cfgAnalysis
+        mapM_ (\cfga -> foldM_ (perArg cfga) M.empty $ arguments t) maybeCfga
 
     perArg cfga leftArgs t =
         case t of

From 7deb7e853b4bc5d2ad90f021de180055e87611b5 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Fri, 13 Dec 2024 23:47:55 -0500
Subject: [PATCH 226/244] Use mapM_ instead of sequence_ and <$>

---
 src/ShellCheck/Checks/ControlFlow.hs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ShellCheck/Checks/ControlFlow.hs b/src/ShellCheck/Checks/ControlFlow.hs
index d23fa15..9f63141 100644
--- a/src/ShellCheck/Checks/ControlFlow.hs
+++ b/src/ShellCheck/Checks/ControlFlow.hs
@@ -78,7 +78,7 @@ controlFlowEffectChecks = [
 runNodeChecks :: [ControlFlowNodeCheck] -> ControlFlowCheck
 runNodeChecks perNode = do
     cfg <- asks cfgAnalysis
-    sequence_ $ runOnAll <$> cfg
+    mapM_ runOnAll cfg
   where
     getData datas n@(node, label) = do
         (pre, post) <- M.lookup node datas

From d3001f337aa3f7653a621b302261f4eac01890d0 Mon Sep 17 00:00:00 2001
From: "Joseph C. Sible" <josephcsible@users.noreply.github.com>
Date: Fri, 13 Dec 2024 23:57:50 -0500
Subject: [PATCH 227/244] Simplify getParseOutput

---
 src/ShellCheck/Parser.hs | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index 66d62ff..9628b2e 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -3451,12 +3451,12 @@ isNotOk p s =   parsesCleanly p s == Nothing     -- The string does not parse
 -- If the parser matches the string, return Right [ParseNotes+ParseProblems]
 -- If it does not match the string,  return Left  [ParseProblems]
 getParseOutput parser string = runIdentity $ do
-    (res, sys) <- runParser testEnvironment
-                    (parser >> eof >> getState) "-" string
-    case (res, sys) of
-        (Right userState, systemState) ->
-            return $ Right $ parseNotes userState ++ parseProblems systemState
-        (Left _, systemState) -> return $ Left $ parseProblems systemState
+    (res, systemState) <- runParser testEnvironment
+                            (parser >> eof >> getState) "-" string
+    return $ case res of
+        Right userState ->
+            Right $ parseNotes userState ++ parseProblems systemState
+        Left _ -> Left $ parseProblems systemState
 
 -- If the parser matches the string, return Just whether it was clean (without emitting suggestions)
 -- Otherwise, Nothing

From fe315a25c42219b8a7b0b16ffa69351421e2e997 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lawrence=20Vel=C3=A1zquez?= <vq@larryv.me>
Date: Sat, 28 Dec 2024 03:05:07 -0500
Subject: [PATCH 228/244] Recognize internal variables new in bash 5.3

From the bug-bash@gnu.org announcement "Bash-5.3-beta available":

    q. GLOBSORT: new variable to specify how to sort the results of
       pathname expansion (name, size, blocks, mtime, atime, ctime,
       none) in ascending or descending order.

    w. BASH_MONOSECONDS: new dynamic variable that returns the value of
       the system's monotonic clock, if one is available.

    x. BASH_TRAPSIG: new variable, set to the numeric signal number of
       the trap being executed while it's running.

https://lists.gnu.org/archive/html/bug-bash/2024-12/msg00120.html
---
 src/ShellCheck/Data.hs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Data.hs b/src/ShellCheck/Data.hs
index 3000a99..3876507 100644
--- a/src/ShellCheck/Data.hs
+++ b/src/ShellCheck/Data.hs
@@ -49,6 +49,7 @@ internalVariables = [
     "LINES", "MAIL", "MAILCHECK", "MAILPATH", "OPTERR", "PATH",
     "POSIXLY_CORRECT", "PROMPT_COMMAND", "PROMPT_DIRTRIM", "PS0", "PS1",
     "PS2", "PS3", "PS4", "SHELL", "TIMEFORMAT", "TMOUT", "TMPDIR",
+    "BASH_MONOSECONDS", "BASH_TRAPSIG", "GLOBSORT",
     "auto_resume", "histchars",
 
     -- Other
@@ -78,7 +79,7 @@ variablesWithoutSpaces = specialVariablesWithoutSpaces ++ [
     "EPOCHREALTIME", "EPOCHSECONDS", "LINENO", "OPTIND", "PPID", "RANDOM",
     "READLINE_ARGUMENT", "READLINE_MARK", "READLINE_POINT", "SECONDS",
     "SHELLOPTS", "SHLVL", "SRANDOM", "UID", "COLUMNS", "HISTFILESIZE",
-    "HISTSIZE", "LINES"
+    "HISTSIZE", "LINES", "BASH_MONOSECONDS", "BASH_TRAPSIG"
 
     -- shflags
     , "FLAGS_ERROR", "FLAGS_FALSE", "FLAGS_TRUE"

From cbf0b33463601fbd9827db31e08db424e3381074 Mon Sep 17 00:00:00 2001
From: Adrian Fluturel <fluturel.adrian@gmail.com>
Date: Tue, 7 Jan 2025 03:24:29 +0100
Subject: [PATCH 229/244] Skip SC2015 when the last command is true

---
 src/ShellCheck/Analytics.hs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 4757e57..1329c86 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -881,13 +881,15 @@ prop_checkShorthandIf6 = verifyNot checkShorthandIf "if foo && bar || baz; then
 prop_checkShorthandIf7 = verifyNot checkShorthandIf "while foo && bar || baz; do true; done"
 prop_checkShorthandIf8 = verify checkShorthandIf "if true; then foo && bar || baz; fi"
 prop_checkShorthandIf9 = verifyNot checkShorthandIf "foo && [ -x /file ] || bar"
+prop_checkShorthandIf10 = verifyNot checkShorthandIf "foo && bar || true"
+prop_checkShorthandIf11 = verify checkShorthandIf "foo && bar || false"
 checkShorthandIf params x@(T_OrIf _ (T_AndIf id _ b) (T_Pipeline _ _ t))
         | not (isOk t || inCondition) && not (isTestCommand b) =
     info id 2015 "Note that A && B || C is not if-then-else. C may run when A is true."
   where
     isOk [t] = isAssignment t || fromMaybe False (do
         name <- getCommandBasename t
-        return $ name `elem` ["echo", "exit", "return", "printf"])
+        return $ name `elem` ["echo", "exit", "return", "printf", "true"])
     isOk _ = False
     inCondition = isCondition $ getPath (parentMap params) x
 checkShorthandIf _ _ = return ()

From 3a9ddae06b7e2293ebf61eaf8c71b01bbb769614 Mon Sep 17 00:00:00 2001
From: Eisuke Kawashima <e-kwsm@users.noreply.github.com>
Date: Mon, 24 Mar 2025 05:49:06 +0900
Subject: [PATCH 230/244] fix(SC3013)!: remove SC3013 since the operators are
 specified by POSIX.1-2024

https://pubs.opengroup.org/onlinepubs/9799919799/utilities/test.html
fix #3167
---
 CHANGELOG.md                          | 2 ++
 src/ShellCheck/Checks/ShellSupport.hs | 8 +-------
 2 files changed, 3 insertions(+), 7 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 612068d..1a24b53 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,6 +13,8 @@
 - SC2317 about unreachable commands is now less spammy for nested ones.
 - SC2292, optional suggestion for [[ ]], now triggers for Busybox.
 
+### Removed
+- SC3013: removed since the operators `-op/-nt/-ef` are specified in POSIX.1-2024
 
 ## v0.10.0 - 2024-03-07
 ### Added
diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index f228832..1789b6f 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -86,7 +86,7 @@ checkForDecimals = ForShell [Sh, Dash, BusyboxSh, Bash] f
 
 
 prop_checkBashisms = verify checkBashisms "while read a; do :; done < <(a)"
-prop_checkBashisms2 = verify checkBashisms "[ foo -nt bar ]"
+prop_checkBashisms2 = verifyNot checkBashisms "[ foo -nt bar ]"
 prop_checkBashisms3 = verify checkBashisms "echo $((i++))"
 prop_checkBashisms4 = verify checkBashisms "rm !(*.hs)"
 prop_checkBashisms5 = verify checkBashisms "source file"
@@ -252,12 +252,6 @@ checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
     bashism (T_SimpleCommand id _ [asStr -> Just "test", lhs, asStr -> Just op, rhs])
         | op `elem` [ "<", ">", "\\<", "\\>", "<=", ">=", "\\<=", "\\>="] =
             unless isDash $ warnMsg id 3012 $ "lexicographical " ++ op ++ " is"
-    bashism (TC_Binary id SingleBracket op _ _)
-        | op `elem` [ "-ot", "-nt", "-ef" ] =
-            unless isDash $ warnMsg id 3013 $ op ++ " is"
-    bashism (T_SimpleCommand id _ [asStr -> Just "test", lhs, asStr -> Just op, rhs])
-        | op `elem` [ "-ot", "-nt", "-ef" ] =
-            unless isDash $ warnMsg id 3013 $ op ++ " is"
     bashism (TC_Binary id SingleBracket "==" _ _) =
         unless isBusyboxSh $ warnMsg id 3014 "== in place of = is"
     bashism (T_SimpleCommand id _ [asStr -> Just "test", lhs, asStr -> Just "==", rhs]) =

From bc60607f9e5be0ea7528589410845aef2d6f10a3 Mon Sep 17 00:00:00 2001
From: Eisuke Kawashima <e-kwsm@users.noreply.github.com>
Date: Mon, 24 Mar 2025 06:04:19 +0900
Subject: [PATCH 231/244] fix(SC3012)!: do not warn about `\<` and `\>` in
 test/[] as specified in POSIX.1-2024

https://pubs.opengroup.org/onlinepubs/9799919799/utilities/test.html
fix #3168
---
 CHANGELOG.md                          | 1 +
 src/ShellCheck/Checks/ShellSupport.hs | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 612068d..82630bf 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,7 @@
 - SC2002 about Useless Use Of Cat is now disabled by default. It can be
   re-enabled with `--enable=useless-use-of-cat` or equivalent directive.
 - SC2015 about `A && B || C` no longer triggers when B is a test command.
+- SC3012: Do not warn about `\<` and `\>` in test/[] as specified in POSIX.1-2024
 ### Fixed
 - SC2218 about function use-before-define is now more accurate.
 - SC2317 about unreachable commands is now less spammy for nested ones.
diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index f228832..2a34931 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -247,10 +247,10 @@ checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
         unless isBusyboxSh $ warnMsg id 3010 "[[ ]] is"
     bashism (T_HereString id _) = warnMsg id 3011 "here-strings are"
     bashism (TC_Binary id SingleBracket op _ _)
-        | op `elem` [ "<", ">", "\\<", "\\>", "<=", ">=", "\\<=", "\\>="] =
+        | op `elem` [ "<", ">", "<=", ">=", "\\<=", "\\>="] =
             unless isDash $ warnMsg id 3012 $ "lexicographical " ++ op ++ " is"
     bashism (T_SimpleCommand id _ [asStr -> Just "test", lhs, asStr -> Just op, rhs])
-        | op `elem` [ "<", ">", "\\<", "\\>", "<=", ">=", "\\<=", "\\>="] =
+        | op `elem` [ "<", ">", "<=", ">=", "\\<=", "\\>="] =
             unless isDash $ warnMsg id 3012 $ "lexicographical " ++ op ++ " is"
     bashism (TC_Binary id SingleBracket op _ _)
         | op `elem` [ "-ot", "-nt", "-ef" ] =

From 4f628cbe2a617e76fe3686a79c3d1eaf443acc08 Mon Sep 17 00:00:00 2001
From: Eisuke Kawashima <e-kwsm@users.noreply.github.com>
Date: Fri, 4 Apr 2025 17:31:07 +0900
Subject: [PATCH 232/244] feat: check tautologically-false conditionals
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- fix #3179 — negation of SC2055, `[ x = y -a x = z]`
- fix #3181 — negation of SC2056, `(( x == y && x == z ))`
- fix #3180 — negation of SC2252, `[ x = y ] && [ x = z ]`
---
 src/ShellCheck/Analytics.hs | 50 +++++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 4757e57..431e56b 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -123,6 +123,7 @@ nodeChecks = [
     ,checkCaseAgainstGlob
     ,checkCommarrays
     ,checkOrNeq
+    ,checkAndEq
     ,checkEchoWc
     ,checkConstantIfs
     ,checkPipedAssignment
@@ -1631,6 +1632,55 @@ checkOrNeq _ (T_OrIf id lhs rhs) = sequence_ $ do
 checkOrNeq _ _ = return ()
 
 
+prop_checkAndEq1 = verify checkAndEq "if [[ $lol -eq cow && $lol -eq foo ]]; then echo foo; fi"
+prop_checkAndEq2 = verify checkAndEq "(( a==lol && a==foo ))"
+prop_checkAndEq3 = verify checkAndEq "[ \"$a\" = lol && \"$a\" = foo ]"
+prop_checkAndEq4 = verifyNot checkAndEq "[ a = $cow && b = $foo ]"
+prop_checkAndEq5 = verifyNot checkAndEq "[[ $a = /home && $a = */public_html/* ]]"
+prop_checkAndEq6 = verify checkAndEq "[ $a = a ] && [ $a = b ]"
+prop_checkAndEq7 = verify checkAndEq "[ $a = a ] && [ $a = b ] || true"
+prop_checkAndEq8 = verifyNot checkAndEq "[[ $a == x && $a == x ]]"
+prop_checkAndEq9 = verifyNot checkAndEq "[ 0 -eq $FOO ] && [ 0 -eq $BAR ]"
+
+-- For test-level "and": [ x = y -a x = z ]
+checkAndEq _ (TC_And id typ op (TC_Binary _ _ op1 lhs1 rhs1 ) (TC_Binary _ _ op2 lhs2 rhs2))
+    | (op1 == op2 && (op1 == "-eq" || op1 == "=" || op1 == "==")) && lhs1 == lhs2 && rhs1 /= rhs2 && not (any isGlob [rhs1,rhs2]) =
+        warn id 2055 $ "You probably wanted " ++ (if typ == SingleBracket then "-o" else "||") ++ " here, otherwise it's always false."
+
+-- For arithmetic context "and"
+checkAndEq _ (TA_Binary id "&&" (TA_Binary _ "==" word1 _) (TA_Binary _ "==" word2 _))
+    | word1 == word2 =
+        warn id 2056 "You probably wanted || here, otherwise it's always false."
+
+-- For command level "and": [ x = y ] && [ x = z ]
+checkAndEq _ (T_AndIf id lhs rhs) = sequence_ $ do
+    (lhs1, op1, rhs1) <- getExpr lhs
+    (lhs2, op2, rhs2) <- getExpr rhs
+    guard $ op1 == op2 && op1 `elem` ["-eq", "=", "=="]
+    guard $ lhs1 == lhs2 && rhs1 /= rhs2
+    guard . not $ any isGlob [rhs1, rhs2]
+    return $ warn id 2252 "You probably wanted || here, otherwise it's always false."
+  where
+    getExpr x =
+        case x of
+            T_AndIf _ lhs _ -> getExpr lhs -- Fetches x and y in `T_AndIf x (T_AndIf y z)`
+            T_Pipeline _ _ [x] -> getExpr x
+            T_Redirecting _ _ c -> getExpr c
+            T_Condition _ _ c -> getExpr c
+            TC_Binary _ _ op lhs rhs -> orient (lhs, op, rhs)
+            _ -> Nothing
+
+    -- Swap items so that the constant side is rhs (or Nothing if both/neither is constant)
+    orient (lhs, op, rhs) =
+        case (isConstant lhs, isConstant rhs) of
+            (True, False) -> return (rhs, op, lhs)
+            (False, True) -> return (lhs, op, rhs)
+            _ -> Nothing
+
+
+checkAndEq _ _ = return ()
+
+
 prop_checkValidCondOps1 = verify checkValidCondOps "[[ a -xz b ]]"
 prop_checkValidCondOps2 = verify checkValidCondOps "[ -M a ]"
 prop_checkValidCondOps2a = verifyNot checkValidCondOps "[ 3 \\> 2 ]"

From 8ff0c5be7a85561d23aea762f0495c144896aee3 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 6 Apr 2025 19:26:54 -0700
Subject: [PATCH 233/244] Suppress SC2216 when piping to cp/mv/rm -i (fixes
 #3141).

---
 src/ShellCheck/Analytics.hs | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 4757e57..86a3292 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -3596,6 +3596,8 @@ prop_checkPipeToNowhere17 = verify checkPipeToNowhere "echo World | cat << 'EOF'
 prop_checkPipeToNowhere18 = verifyNot checkPipeToNowhere "ls 1>&3 3>&1 3>&- | wc -l"
 prop_checkPipeToNowhere19 = verifyNot checkPipeToNowhere "find . -print0 | du --files0-from=/dev/stdin"
 prop_checkPipeToNowhere20 = verifyNot checkPipeToNowhere "find . | du --exclude-from=/dev/fd/0"
+prop_checkPipeToNowhere21 = verifyNot checkPipeToNowhere "yes | cp -ri foo/* bar"
+prop_checkPipeToNowhere22 = verifyNot checkPipeToNowhere "yes | rm --interactive *"
 
 data PipeType = StdoutPipe | StdoutStderrPipe | NoPipe deriving (Eq)
 checkPipeToNowhere :: Parameters -> Token -> WriterT [TokenComment] Identity ()
@@ -3661,6 +3663,7 @@ checkPipeToNowhere params t =
     commandSpecificException name cmd =
         case name of
             "du" -> any ((`elem` ["exclude-from", "files0-from"]) . snd) $ getAllFlags cmd
+            _ | name `elem` interactiveFlagCmds -> hasInteractiveFlag cmd
             _ -> False
 
     warnAboutDupes (n, list@(_:_:_)) =
@@ -3684,7 +3687,7 @@ checkPipeToNowhere params t =
         name <- getCommandBasename cmd
         guard $ name `elem` nonReadingCommands
         guard . not $ hasAdditionalConsumers cmd
-        guard . not $ name `elem` ["cp", "mv", "rm"] && cmd `hasFlag` "i"
+        guard . not $ name `elem` interactiveFlagCmds && hasInteractiveFlag cmd
         let suggestion =
                 if name == "echo"
                 then "Did you want 'cat' instead?"
@@ -3699,6 +3702,9 @@ checkPipeToNowhere params t =
     treeContains pred t = isNothing $
         doAnalysis (guard . not . pred) t
 
+    interactiveFlagCmds = [ "cp", "mv", "rm" ]
+    hasInteractiveFlag cmd = cmd `hasFlag` "i" || cmd `hasFlag` "interactive"
+
     mayConsume t =
         case t of
             T_ProcSub _ "<" _ -> True

From 72af76f443b81bbcd10889df8caf19be1671f7a2 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sun, 6 Apr 2025 19:58:13 -0700
Subject: [PATCH 234/244] Supress SC2093 when execfail is set (fixes #3178)

---
 src/ShellCheck/Analytics.hs   | 4 +++-
 src/ShellCheck/AnalyzerLib.hs | 6 ++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 86a3292..e6a1fd6 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -1896,7 +1896,9 @@ prop_checkSpuriousExec8 = verifyNot checkSpuriousExec "exec {origout}>&1- >tmp.l
 prop_checkSpuriousExec9 = verify checkSpuriousExec "for file in rc.d/*; do exec \"$file\"; done"
 prop_checkSpuriousExec10 = verifyNot checkSpuriousExec "exec file; r=$?; printf >&2 'failed\n'; return $r"
 prop_checkSpuriousExec11 = verifyNot checkSpuriousExec "exec file; :"
-checkSpuriousExec _ = doLists
+prop_checkSpuriousExec12 = verifyNot checkSpuriousExec "#!/bin/bash\nshopt -s execfail; exec foo; exec bar; echo 'Error'; exit 1;"
+prop_checkSpuriousExec13 = verify checkSpuriousExec "#!/bin/dash\nshopt -s execfail; exec foo; exec bar; echo 'Error'; exit 1;"
+checkSpuriousExec params t = when (not $ hasExecfail params) $ doLists t
   where
     doLists (T_Script _ _ cmds) = doList cmds False
     doLists (T_BraceGroup _ cmds) = doList cmds False
diff --git a/src/ShellCheck/AnalyzerLib.hs b/src/ShellCheck/AnalyzerLib.hs
index 531ce8b..da528a4 100644
--- a/src/ShellCheck/AnalyzerLib.hs
+++ b/src/ShellCheck/AnalyzerLib.hs
@@ -89,6 +89,8 @@ data Parameters = Parameters {
     hasSetE            :: Bool,
     -- Whether this script has 'set -o pipefail' anywhere.
     hasPipefail        :: Bool,
+    -- Whether this script has 'shopt -s execfail' anywhere.
+    hasExecfail        :: Bool,
     -- A linear (bad) analysis of data flow
     variableFlow       :: [StackData],
     -- A map from Id to Token
@@ -226,6 +228,10 @@ makeParameters spec = params
                 BusyboxSh -> isOptionSet "pipefail" root
                 Sh   -> True
                 Ksh  -> isOptionSet "pipefail" root,
+        hasExecfail =
+            case shellType params of
+                Bash -> isOptionSet "execfail" root
+                _ -> False,
         shellTypeSpecified = isJust (asShellType spec) || isJust (asFallbackShell spec),
         idMap = getTokenMap root,
         parentMap = getParentTree root,

From e4853af5b0f541d8070d9c76adb59ccd9b1b44f0 Mon Sep 17 00:00:00 2001
From: Eisuke Kawashima <e-kwsm@users.noreply.github.com>
Date: Fri, 21 Mar 2025 18:49:06 +0900
Subject: [PATCH 235/244] doc: update man

---
 shellcheck.1.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/shellcheck.1.md b/shellcheck.1.md
index b873e45..c768bfe 100644
--- a/shellcheck.1.md
+++ b/shellcheck.1.md
@@ -78,7 +78,7 @@ not warn at all, as `ksh` supports decimals in arithmetic contexts.
 
 :   Don't try to look for .shellcheckrc configuration files.
 
---rcfile\ RCFILE
+**--rcfile** *RCFILE*
 
 :   Prefer the specified configuration file over searching for one
     in the default locations.
@@ -317,7 +317,7 @@ Here is an example `.shellcheckrc`:
     disable=SC2236
 
 If no `.shellcheckrc` is found in any of the parent directories, ShellCheck
-will look in `~/.shellcheckrc` followed by the XDG config directory
+will look in `~/.shellcheckrc` followed by the `$XDG_CONFIG_HOME`
 (usually `~/.config/shellcheckrc`) on Unix, or `%APPDATA%/shellcheckrc` on
 Windows. Only the first file found will be used.
 
@@ -403,4 +403,4 @@ see https://gnu.org/licenses/gpl.html
 
 # SEE ALSO
 
-sh(1) bash(1)
+sh(1) bash(1) dash(1) ksh(1)

From 574c6d18fbbae18b65b244ce2b37c3dced452a5a Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Tue, 8 Apr 2025 10:23:10 -0700
Subject: [PATCH 236/244] Suggest using test -e instead of -a (fixes #3174).

---
 CHANGELOG.md                |  1 +
 src/ShellCheck/Analytics.hs | 10 ++++++++++
 2 files changed, 11 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 612068d..6309192 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,7 @@
 - SC2327/SC2328: Warn about capturing the output of redirected commands.
 - SC2329: Warn when (non-escaping) functions are never invoked.
 - SC2330: Warn about unsupported glob matches with [[ .. ]] in BusyBox.
+- SC2331: Suggest using standard -e instead of unary -a in tests.
 - Precompiled binaries for Linux riscv64 (linux.riscv64)
 ### Changed
 - SC2002 about Useless Use Of Cat is now disabled by default. It can be
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index e6a1fd6..4984d44 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -204,6 +204,7 @@ nodeChecks = [
     ,checkUnnecessaryParens
     ,checkPlusEqualsNumber
     ,checkExpansionWithRedirection
+    ,checkUnaryTestA
     ]
 
 optionalChecks = map fst optionalTreeChecks
@@ -5098,6 +5099,15 @@ checkExpansionWithRedirection params t =
         err redirectId 2328 $ "This redirection takes output away from the command substitution" ++ if suggestTee then " (use tee to duplicate)." else "."
 
 
+prop_checkUnaryTestA1 = verify checkUnaryTestA "[ -a foo ]"
+prop_checkUnaryTestA2 = verify checkUnaryTestA "[ ! -a foo ]"
+prop_checkUnaryTestA3 = verifyNot checkUnaryTestA "[ foo -a bar ]"
+checkUnaryTestA params t =
+    case t of
+        TC_Unary id _ "-a" _ ->
+            styleWithFix id 2331 "For file existence, prefer standard -e over legacy -a." $
+                fixWith [replaceStart id params 2 "-e"]
+        _ -> return ()
 
 return []
 runTests =  $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |])

From c41f3a4b8ac4eb7bcff230928a47f8f92f15f49d Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Tue, 8 Apr 2025 10:53:52 -0700
Subject: [PATCH 237/244] Warn about [ ! -o opt ] (and -a) being
 unconditionally true (fixes #3174)

---
 CHANGELOG.md                          |  2 ++
 src/ShellCheck/Checks/ShellSupport.hs | 21 +++++++++++++++++++++
 2 files changed, 23 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6309192..bc646d7 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,8 @@
 - SC2329: Warn when (non-escaping) functions are never invoked.
 - SC2330: Warn about unsupported glob matches with [[ .. ]] in BusyBox.
 - SC2331: Suggest using standard -e instead of unary -a in tests.
+- SC2332: Warn about `[ ! -o opt ]` being unconditionally true in Bash.
+- SC3062: Warn about bashism `[ -o opt ]`.
 - Precompiled binaries for Linux riscv64 (linux.riscv64)
 ### Changed
 - SC2002 about Useless Use Of Cat is now disabled by default. It can be
diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index f228832..624d474 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -63,6 +63,7 @@ checks = [
     ,checkPS1Assignments
     ,checkMultipleBangs
     ,checkBangAfterPipe
+    ,checkNegatedUnaryOps
     ]
 
 testChecker (ForShell _ t) =
@@ -218,6 +219,7 @@ prop_checkBashisms124 = verify checkBashisms "#!/bin/dash\ntype -p test"
 prop_checkBashisms125 = verifyNot checkBashisms "#!/bin/busybox sh\ntype -p test"
 prop_checkBashisms126 = verifyNot checkBashisms "#!/bin/busybox sh\nread -p foo -r bar"
 prop_checkBashisms127 = verifyNot checkBashisms "#!/bin/busybox sh\necho -ne foo"
+prop_checkBashisms128 = verify checkBashisms "#!/bin/dash\ntype -p test"
 checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
     params <- ask
     kludge params t
@@ -272,6 +274,8 @@ checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
             warnMsg id 3016 "unary -v (in place of [ -n \"${var+x}\" ]) is"
     bashism (TC_Unary id _ "-a" _) =
             warnMsg id 3017 "unary -a in place of -e is"
+    bashism (TC_Unary id _ "-o" _) =
+            warnMsg id 3062 "unary -o to check options is"
     bashism (T_SimpleCommand id _ [asStr -> Just "test", asStr -> Just "-a", _]) =
             warnMsg id 3017 "unary -a in place of -e is"
     bashism (TA_Unary id op _)
@@ -649,5 +653,22 @@ checkBangAfterPipe = ForShell [Dash, BusyboxSh, Sh, Bash] f
             err id 2326 "! is not allowed in the middle of pipelines. Use command group as in cmd | { ! cmd; } if necessary."
         _ -> return ()
 
+
+prop_checkNegatedUnaryOps1 = verify checkNegatedUnaryOps "[ ! -o braceexpand ]"
+prop_checkNegatedUnaryOps2 = verifyNot checkNegatedUnaryOps "[ -o braceexpand ]"
+prop_checkNegatedUnaryOps3 = verifyNot checkNegatedUnaryOps "[[ ! -o braceexpand ]]"
+prop_checkNegatedUnaryOps4 = verifyNot checkNegatedUnaryOps "! [ -o braceexpand ]"
+prop_checkNegatedUnaryOps5 = verify checkNegatedUnaryOps "[ ! -a file ]"
+checkNegatedUnaryOps = ForShell [Bash] f
+  where
+    f token = case token of
+        TC_Unary id SingleBracket "!" (TC_Unary _ _ op _) | op `elem` ["-a", "-o"] ->
+            err id 2332 $ msg op
+        _ -> return ()
+
+    msg "-o" = "[ ! -o opt ] is always true because -o becomes logical OR. Use [[ ]] or ! [ -o opt ]."
+    msg "-a" = "[ ! -a file ] is always true because -a becomes logical AND. Use -e instead."
+    msg _ = pleaseReport "unhandled negated unary message"
+
 return []
 runTests =  $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |])

From 7fc992d0dc590f32bd7265e719757102f5ad3b76 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Tue, 8 Apr 2025 20:52:52 -0700
Subject: [PATCH 238/244] Suppress SC2119/SC2120 for ${1:-default} (fixes
 #2023)

---
 src/ShellCheck/Analytics.hs | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 4984d44..85104d8 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -2825,6 +2825,8 @@ prop_checkUnpassedInFunctions11 = verifyNotTree checkUnpassedInFunctions "foo()
 prop_checkUnpassedInFunctions12 = verifyNotTree checkUnpassedInFunctions "foo() { echo ${!var*}; }; foo;"
 prop_checkUnpassedInFunctions13 = verifyNotTree checkUnpassedInFunctions "# shellcheck disable=SC2120\nfoo() { echo $1; }\nfoo\n"
 prop_checkUnpassedInFunctions14 = verifyTree checkUnpassedInFunctions "foo() { echo $#; }; foo"
+prop_checkUnpassedInFunctions15 = verifyNotTree checkUnpassedInFunctions "foo() { echo ${1-x}; }; foo"
+prop_checkUnpassedInFunctions16 = verifyNotTree checkUnpassedInFunctions "foo() { echo ${1:-x}; }; foo"
 checkUnpassedInFunctions params root =
     execWriter $ mapM_ warnForGroup referenceGroups
   where
@@ -2841,9 +2843,10 @@ checkUnpassedInFunctions params root =
         case x of
             Assignment (_, _, str, _) -> isPositional str
             _ -> False
+
     isPositionalReference function x =
         case x of
-            Reference (_, t, str) -> isPositional str && t `isDirectChildOf` function
+            Reference (_, t, str) -> isPositional str && t `isDirectChildOf` function && not (hasDefaultValue t)
             _ -> False
 
     isDirectChildOf child parent = fromMaybe False $ do
@@ -2857,6 +2860,7 @@ checkUnpassedInFunctions params root =
     referenceList :: [(String, Bool, Token)]
     referenceList = execWriter $
         doAnalysis (sequence_ . checkCommand) root
+
     checkCommand :: Token -> Maybe (Writer [(String, Bool, Token)] ())
     checkCommand t@(T_SimpleCommand _ _ (cmd:args)) = do
         str <- getLiteralString cmd
@@ -2867,6 +2871,21 @@ checkUnpassedInFunctions params root =
     isPositional str = str == "*" || str == "@" || str == "#"
         || (all isDigit str && str /= "0" && str /= "")
 
+    -- True if t is a variable that specifies a default value,
+    -- such as ${1-x} or ${1:-x}.
+    hasDefaultValue t =
+        case t of
+            T_DollarBraced _ True l ->
+                let str = concat $ oversimplify l
+                in isDefaultValueModifier $ getBracedModifier str
+            _ -> False
+
+    isDefaultValueModifier str =
+        case str of
+            '-':_ -> True
+            ':':'-':_ -> True
+            _ -> False
+
     isArgumentless (_, b, _) = b
     referenceGroups = Map.elems $ foldr updateWith Map.empty referenceList
     updateWith x@(name, _, _) = Map.insertWith (++) name [x]

From 553a80f77ad6426107fe5fefcdc950e64c420b1d Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Tue, 8 Apr 2025 21:21:50 -0700
Subject: [PATCH 239/244] Also ignore SC2119 for :? and :+.

---
 src/ShellCheck/Analytics.hs | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 85104d8..9eec8ed 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -2827,6 +2827,8 @@ prop_checkUnpassedInFunctions13 = verifyNotTree checkUnpassedInFunctions "# shel
 prop_checkUnpassedInFunctions14 = verifyTree checkUnpassedInFunctions "foo() { echo $#; }; foo"
 prop_checkUnpassedInFunctions15 = verifyNotTree checkUnpassedInFunctions "foo() { echo ${1-x}; }; foo"
 prop_checkUnpassedInFunctions16 = verifyNotTree checkUnpassedInFunctions "foo() { echo ${1:-x}; }; foo"
+prop_checkUnpassedInFunctions17 = verifyNotTree checkUnpassedInFunctions "foo() { mycommand ${1+--verbose}; }; foo"
+prop_checkUnpassedInFunctions18 = verifyNotTree checkUnpassedInFunctions "foo() { if mycheck; then foo ${1?Missing}; fi; }; foo"
 checkUnpassedInFunctions params root =
     execWriter $ mapM_ warnForGroup referenceGroups
   where
@@ -2882,9 +2884,10 @@ checkUnpassedInFunctions params root =
 
     isDefaultValueModifier str =
         case str of
-            '-':_ -> True
-            ':':'-':_ -> True
+            ':':c:_ -> c `elem` handlesDefault
+            c:_ -> c `elem` handlesDefault
             _ -> False
+      where handlesDefault = "-+?"
 
     isArgumentless (_, b, _) = b
     referenceGroups = Map.elems $ foldr updateWith Map.empty referenceList

From efb5a5a2741e690d43d5539809326d5e249fd9f2 Mon Sep 17 00:00:00 2001
From: Eisuke Kawashima <e-kwsm@users.noreply.github.com>
Date: Tue, 25 Mar 2025 01:31:06 +0900
Subject: [PATCH 240/244] fix(SC3013): check POSIX-compliant unary operators
 for test and [

fix #2125
---
 src/ShellCheck/Checks/ShellSupport.hs | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index 624d474..2039483 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -220,6 +220,9 @@ prop_checkBashisms125 = verifyNot checkBashisms "#!/bin/busybox sh\ntype -p test
 prop_checkBashisms126 = verifyNot checkBashisms "#!/bin/busybox sh\nread -p foo -r bar"
 prop_checkBashisms127 = verifyNot checkBashisms "#!/bin/busybox sh\necho -ne foo"
 prop_checkBashisms128 = verify checkBashisms "#!/bin/dash\ntype -p test"
+prop_checkBashisms129 = verify checkBashisms "#!/bin/sh\n[ -k /tmp ]"
+prop_checkBashisms130 = verifyNot checkBashisms "#!/bin/dash\ntest -k /tmp"
+prop_checkBashisms131 = verify checkBashisms "#!/bin/sh\n[ -o errexit ]"
 checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
     params <- ask
     kludge params t
@@ -254,6 +257,18 @@ checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
     bashism (T_SimpleCommand id _ [asStr -> Just "test", lhs, asStr -> Just op, rhs])
         | op `elem` [ "<", ">", "\\<", "\\>", "<=", ">=", "\\<=", "\\>="] =
             unless isDash $ warnMsg id 3012 $ "lexicographical " ++ op ++ " is"
+    bashism (TC_Unary id _ op _)
+        | op `elem` [ "-k", "-G", "-O" ] =
+            unless isDash $ warnMsg id 3013 $ op ++ " is"
+    bashism (T_SimpleCommand id _ [asStr -> Just "test", asStr -> Just op, _])
+        | op `elem` [ "-k", "-G", "-O" ] =
+            unless isDash $ warnMsg id 3013 $ op ++ " is"
+    bashism (TC_Unary id _ op _)
+        | op `elem` [ "-N", "-o", "-R" ] =
+            warnMsg id 3013 $ op ++ " is"
+    bashism (T_SimpleCommand id _ [asStr -> Just "test", asStr -> Just op, _])
+        | op `elem` [ "-N", "-o", "-R" ] =
+            warnMsg id 3013 $ op ++ " is"
     bashism (TC_Binary id SingleBracket op _ _)
         | op `elem` [ "-ot", "-nt", "-ef" ] =
             unless isDash $ warnMsg id 3013 $ op ++ " is"

From dc41f0cc5bdcf1c814b184892b20ee0d2822e95a Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Fri, 11 Apr 2025 14:14:09 -0700
Subject: [PATCH 241/244] Refactor checks for POSIX test flags

---
 src/ShellCheck/Checks/ShellSupport.hs | 98 +++++++++++++++------------
 1 file changed, 56 insertions(+), 42 deletions(-)

diff --git a/src/ShellCheck/Checks/ShellSupport.hs b/src/ShellCheck/Checks/ShellSupport.hs
index 2039483..c828555 100644
--- a/src/ShellCheck/Checks/ShellSupport.hs
+++ b/src/ShellCheck/Checks/ShellSupport.hs
@@ -251,48 +251,16 @@ checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
     bashism (T_Condition id DoubleBracket _) =
         unless isBusyboxSh $ warnMsg id 3010 "[[ ]] is"
     bashism (T_HereString id _) = warnMsg id 3011 "here-strings are"
-    bashism (TC_Binary id SingleBracket op _ _)
-        | op `elem` [ "<", ">", "\\<", "\\>", "<=", ">=", "\\<=", "\\>="] =
-            unless isDash $ warnMsg id 3012 $ "lexicographical " ++ op ++ " is"
-    bashism (T_SimpleCommand id _ [asStr -> Just "test", lhs, asStr -> Just op, rhs])
-        | op `elem` [ "<", ">", "\\<", "\\>", "<=", ">=", "\\<=", "\\>="] =
-            unless isDash $ warnMsg id 3012 $ "lexicographical " ++ op ++ " is"
-    bashism (TC_Unary id _ op _)
-        | op `elem` [ "-k", "-G", "-O" ] =
-            unless isDash $ warnMsg id 3013 $ op ++ " is"
-    bashism (T_SimpleCommand id _ [asStr -> Just "test", asStr -> Just op, _])
-        | op `elem` [ "-k", "-G", "-O" ] =
-            unless isDash $ warnMsg id 3013 $ op ++ " is"
-    bashism (TC_Unary id _ op _)
-        | op `elem` [ "-N", "-o", "-R" ] =
-            warnMsg id 3013 $ op ++ " is"
-    bashism (T_SimpleCommand id _ [asStr -> Just "test", asStr -> Just op, _])
-        | op `elem` [ "-N", "-o", "-R" ] =
-            warnMsg id 3013 $ op ++ " is"
-    bashism (TC_Binary id SingleBracket op _ _)
-        | op `elem` [ "-ot", "-nt", "-ef" ] =
-            unless isDash $ warnMsg id 3013 $ op ++ " is"
-    bashism (T_SimpleCommand id _ [asStr -> Just "test", lhs, asStr -> Just op, rhs])
-        | op `elem` [ "-ot", "-nt", "-ef" ] =
-            unless isDash $ warnMsg id 3013 $ op ++ " is"
-    bashism (TC_Binary id SingleBracket "==" _ _) =
-        unless isBusyboxSh $ warnMsg id 3014 "== in place of = is"
-    bashism (T_SimpleCommand id _ [asStr -> Just "test", lhs, asStr -> Just "==", rhs]) =
-        unless isBusyboxSh $ warnMsg id 3014 "== in place of = is"
-    bashism (TC_Binary id SingleBracket "=~" _ _) =
-            warnMsg id 3015 "=~ regex matching is"
-    bashism (T_SimpleCommand id _ [asStr -> Just "test", lhs, asStr -> Just "=~", rhs]) =
-            warnMsg id 3015 "=~ regex matching is"
-    bashism (TC_Unary id SingleBracket "-v" _) =
-            warnMsg id 3016 "unary -v (in place of [ -n \"${var+x}\" ]) is"
-    bashism (T_SimpleCommand id _ [asStr -> Just "test", asStr -> Just "-v", _]) =
-            warnMsg id 3016 "unary -v (in place of [ -n \"${var+x}\" ]) is"
-    bashism (TC_Unary id _ "-a" _) =
-            warnMsg id 3017 "unary -a in place of -e is"
-    bashism (TC_Unary id _ "-o" _) =
-            warnMsg id 3062 "unary -o to check options is"
-    bashism (T_SimpleCommand id _ [asStr -> Just "test", asStr -> Just "-a", _]) =
-            warnMsg id 3017 "unary -a in place of -e is"
+
+    bashism (TC_Binary id _ op _ _) =
+        checkTestOp bashismBinaryTestFlags op id
+    bashism (T_SimpleCommand id _ [asStr -> Just "test", lhs, asStr -> Just op, rhs]) =
+        checkTestOp bashismBinaryTestFlags op id
+    bashism (TC_Unary id _ op _) =
+        checkTestOp bashismUnaryTestFlags op id
+    bashism (T_SimpleCommand id _ [asStr -> Just "test", asStr -> Just op, _]) =
+        checkTestOp bashismUnaryTestFlags op id
+
     bashism (TA_Unary id op _)
         | op `elem` [ "|++", "|--", "++|", "--|"] =
             warnMsg id 3018 $ filter (/= '|') op ++ " is"
@@ -529,6 +497,52 @@ checkBashisms = ForShell [Sh, Dash, BusyboxSh] $ \t -> do
                 Assignment (_, _, name, _) -> name == var
                 _ -> False
 
+    checkTestOp table op id = sequence_ $ do
+        (code, shells, msg) <- Map.lookup op table
+        guard . not $ shellType params `elem` shells
+        return $ warnMsg id code (msg op)
+
+
+buildTestFlagMap list = Map.fromList $ concatMap (\(x,y) -> map (\c -> (c,y)) x) list
+bashismBinaryTestFlags = buildTestFlagMap [
+    -- ([list of applicable flags],
+    --     (error code, exempt shells, message builder :: String -> String)),
+    --
+    -- Distinct error codes allow the wiki to give more helpful, targeted
+    -- information.
+    (["<", ">", "\\<", "\\>", "<=", ">=", "\\<=", "\\>="],
+        (3012, [Dash, BusyboxSh], \op -> "lexicographical " ++ op ++ " is")),
+    (["-nt", "-ot", "-ef"],
+        (3013, [Dash, BusyboxSh], \op -> op ++ " is")),
+    (["=="],
+        (3014, [BusyboxSh], \op -> op ++ " in place of = is")),
+    (["=~"],
+        (3015, [], \op -> op ++ " regex matching is")),
+
+    ([], (0,[],const ""))
+  ]
+bashismUnaryTestFlags = buildTestFlagMap [
+    (["-v"],
+        (3016, [], \op -> "test " ++ op ++ " (in place of [ -n \"${var+x}\" ]) is")),
+    (["-a"],
+        (3017, [], \op -> "unary " ++ op ++ " in place of -e is")),
+    (["-o"],
+        (3062, [], \op -> "test " ++ op ++ " to check options is")),
+    (["-R"],
+        (3063, [], \op -> "test " ++ op ++ " and namerefs in general are")),
+    (["-N"],
+        (3064, [], \op -> "test " ++ op ++ " is")),
+    (["-k"],
+        (3065, [Dash, BusyboxSh], \op -> "test " ++ op ++ " is")),
+    (["-G"],
+        (3066, [Dash, BusyboxSh], \op -> "test " ++ op ++ " is")),
+    (["-O"],
+        (3067, [Dash, BusyboxSh], \op -> "test " ++ op ++ " is")),
+
+    ([], (0,[],const ""))
+  ]
+
+
 prop_checkEchoSed1 = verify checkEchoSed "FOO=$(echo \"$cow\" | sed 's/foo/bar/g')"
 prop_checkEchoSed1b = verify checkEchoSed "FOO=$(sed 's/foo/bar/g' <<< \"$cow\")"
 prop_checkEchoSed2 = verify checkEchoSed "rm $(echo $cow | sed -e 's,foo,bar,')"

From f78714e0f6070bc4efa2f7c11c1ad632e8c250a2 Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Fri, 11 Apr 2025 19:14:53 -0700
Subject: [PATCH 242/244] Add ":" alongside "true" for SC2015

---
 src/ShellCheck/Analytics.hs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 5f8c84c..ac686ff 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -890,7 +890,7 @@ checkShorthandIf params x@(T_OrIf _ (T_AndIf id _ b) (T_Pipeline _ _ t))
   where
     isOk [t] = isAssignment t || fromMaybe False (do
         name <- getCommandBasename t
-        return $ name `elem` ["echo", "exit", "return", "printf", "true"])
+        return $ name `elem` ["echo", "exit", "return", "printf", "true", ":"])
     isOk _ = False
     inCondition = isCondition $ getPath (parentMap params) x
 checkShorthandIf _ _ = return ()

From b381658dbc74ebe7141717f7723be3a8b39121f9 Mon Sep 17 00:00:00 2001
From: Ian Ehrenwald <ian@ehrenwald.org>
Date: Fri, 25 Apr 2025 14:11:07 -0400
Subject: [PATCH 243/244] Add python3 to the list of badShells

---
 src/ShellCheck/Parser.hs | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/ShellCheck/Parser.hs b/src/ShellCheck/Parser.hs
index d019d89..84c3ce4 100644
--- a/src/ShellCheck/Parser.hs
+++ b/src/ShellCheck/Parser.hs
@@ -3397,6 +3397,7 @@ readScriptFile sourced = do
         "fish",
         "perl",
         "python",
+        "python3",
         "ruby",
         "tcsh",
         "zsh"

From 47d358c1d44a84a1d54a4118fba4cf7668a9225d Mon Sep 17 00:00:00 2001
From: Vidar Holen <vidar@vidarholen.net>
Date: Sat, 17 May 2025 00:55:50 +0000
Subject: [PATCH 244/244] Tighten SC2333/SC2334 to only trigger against
 literals.

---
 src/ShellCheck/ASTLib.hs    |  6 ++++++
 src/ShellCheck/Analytics.hs | 29 +++++++++++++++++++----------
 2 files changed, 25 insertions(+), 10 deletions(-)

diff --git a/src/ShellCheck/ASTLib.hs b/src/ShellCheck/ASTLib.hs
index 6b26b22..1e1b9cd 100644
--- a/src/ShellCheck/ASTLib.hs
+++ b/src/ShellCheck/ASTLib.hs
@@ -446,6 +446,12 @@ getLiteralStringExt more = g
 -- Is this token a string literal?
 isLiteral t = isJust $ getLiteralString t
 
+-- Is this token a string literal number?
+isLiteralNumber t = fromMaybe False $ do
+    s <- getLiteralString t
+    guard $ all isDigit s
+    return True
+
 -- Escape user data for messages.
 -- Messages generally avoid repeating user data, but sometimes it's helpful.
 e4m = escapeForMessage
diff --git a/src/ShellCheck/Analytics.hs b/src/ShellCheck/Analytics.hs
index 073e911..2e9a3bd 100644
--- a/src/ShellCheck/Analytics.hs
+++ b/src/ShellCheck/Analytics.hs
@@ -1635,8 +1635,8 @@ checkOrNeq _ (T_OrIf id lhs rhs) = sequence_ $ do
 checkOrNeq _ _ = return ()
 
 
-prop_checkAndEq1 = verify checkAndEq "if [[ $lol -eq cow && $lol -eq foo ]]; then echo foo; fi"
-prop_checkAndEq2 = verify checkAndEq "(( a==lol && a==foo ))"
+prop_checkAndEq1 = verifyNot checkAndEq "cow=0; foo=0; if [[ $lol -eq cow && $lol -eq foo ]]; then echo foo; fi"
+prop_checkAndEq2 = verifyNot checkAndEq "lol=0 foo=0; (( a==lol && a==foo ))"
 prop_checkAndEq3 = verify checkAndEq "[ \"$a\" = lol && \"$a\" = foo ]"
 prop_checkAndEq4 = verifyNot checkAndEq "[ a = $cow && b = $foo ]"
 prop_checkAndEq5 = verifyNot checkAndEq "[[ $a = /home && $a = */public_html/* ]]"
@@ -1644,25 +1644,34 @@ prop_checkAndEq6 = verify checkAndEq "[ $a = a ] && [ $a = b ]"
 prop_checkAndEq7 = verify checkAndEq "[ $a = a ] && [ $a = b ] || true"
 prop_checkAndEq8 = verifyNot checkAndEq "[[ $a == x && $a == x ]]"
 prop_checkAndEq9 = verifyNot checkAndEq "[ 0 -eq $FOO ] && [ 0 -eq $BAR ]"
+prop_checkAndEq10 = verify checkAndEq "(( a == 1 && a == 2 ))"
+prop_checkAndEq11 = verify checkAndEq "[ $x -eq 1 ] && [ $x -eq 2 ]"
+prop_checkAndEq12 = verify checkAndEq "[ 1 -eq $x ] && [ $x -eq 2 ]"
+prop_checkAndEq13 = verifyNot checkAndEq "[ 1 -eq $x ] && [ $x -eq 1 ]"
+prop_checkAndEq14 = verifyNot checkAndEq "[ $a = $b ] && [ $a = $c ]"
+
+checkAndEqOperands "-eq" rhs1 rhs2 = isLiteralNumber rhs1 && isLiteralNumber rhs2
+checkAndEqOperands op rhs1 rhs2 | op == "=" || op == "=="  = isLiteral rhs1 && isLiteral rhs2
+checkAndEqOperands _ _ _ = False
 
 -- For test-level "and": [ x = y -a x = z ]
 checkAndEq _ (TC_And id typ op (TC_Binary _ _ op1 lhs1 rhs1 ) (TC_Binary _ _ op2 lhs2 rhs2))
-    | (op1 == op2 && (op1 == "-eq" || op1 == "=" || op1 == "==")) && lhs1 == lhs2 && rhs1 /= rhs2 && not (any isGlob [rhs1,rhs2]) =
-        warn id 2055 $ "You probably wanted " ++ (if typ == SingleBracket then "-o" else "||") ++ " here, otherwise it's always false."
+    | op1 == op2 && lhs1 == lhs2 && rhs1 /= rhs2 && checkAndEqOperands op1 rhs1 rhs2 =
+        warn id 2333 $ "You probably wanted " ++ (if typ == SingleBracket then "-o" else "||") ++ " here, otherwise it's always false."
 
 -- For arithmetic context "and"
-checkAndEq _ (TA_Binary id "&&" (TA_Binary _ "==" word1 _) (TA_Binary _ "==" word2 _))
-    | word1 == word2 =
-        warn id 2056 "You probably wanted || here, otherwise it's always false."
+checkAndEq _ (TA_Binary id "&&" (TA_Binary _ "==" lhs1 rhs1) (TA_Binary _ "==" lhs2 rhs2))
+    | lhs1 == lhs2 && isLiteralNumber rhs1 && isLiteralNumber rhs2 =
+        warn id 2334 "You probably wanted || here, otherwise it's always false."
 
 -- For command level "and": [ x = y ] && [ x = z ]
 checkAndEq _ (T_AndIf id lhs rhs) = sequence_ $ do
     (lhs1, op1, rhs1) <- getExpr lhs
     (lhs2, op2, rhs2) <- getExpr rhs
-    guard $ op1 == op2 && op1 `elem` ["-eq", "=", "=="]
+    guard $ op1 == op2
     guard $ lhs1 == lhs2 && rhs1 /= rhs2
-    guard . not $ any isGlob [rhs1, rhs2]
-    return $ warn id 2252 "You probably wanted || here, otherwise it's always false."
+    guard $ checkAndEqOperands op1 rhs1 rhs2
+    return $ warn id 2333 "You probably wanted || here, otherwise it's always false."
   where
     getExpr x =
         case x of