From a9ac00a075b02f9efde74b752444d6afc6451f00 Mon Sep 17 00:00:00 2001
From: nbaars <nanne.baars@owasp.org>
Date: Mon, 8 Jan 2018 23:41:58 +0100
Subject: [PATCH] Clean up

---
 CHANGELOG.md                                  | 245 ------------------
 pom.xml                                       |   2 +-
 .../documentation/csrf-lesson.gliffy          |   1 -
 .../documentation/csrf-lessons.png            | Bin 16587 -> 0 bytes
 .../webgoat/plugin/WebWolfIntroduction.java   |   2 +-
 5 files changed, 2 insertions(+), 248 deletions(-)
 delete mode 100644 CHANGELOG.md
 delete mode 100644 webgoat-container/documentation/csrf-lesson.gliffy
 delete mode 100644 webgoat-container/documentation/csrf-lessons.png

diff --git a/CHANGELOG.md b/CHANGELOG.md
deleted file mode 100644
index c9b080539..000000000
--- a/CHANGELOG.md
+++ /dev/null
@@ -1,245 +0,0 @@
-# Change Log
-
-## [7.1](https://github.com/WebGoat/WebGoat/tree/7.1) (2016-11-18)
-[Full Changelog](https://github.com/WebGoat/WebGoat/compare/7.0.1...7.1)
-
-**Implemented enhancements:**
-
-- i8n highlighting [\#96](https://github.com/WebGoat/WebGoat/issues/96)
-- Improve uniqueness of menu item Id's [\#45](https://github.com/WebGoat/WebGoat/issues/45)
-
-**Fixed bugs:**
-
-- Stored XSS Lesson does not render message and attack does not fire [\#141](https://github.com/WebGoat/WebGoat/issues/141)
-- Source code is not available for this lesson. [\#137](https://github.com/WebGoat/WebGoat/issues/137)
-
-**Closed issues:**
-
-- Fix lesson client side filtering [\#272](https://github.com/WebGoat/WebGoat/issues/272)
-- Reset lesson does not work anymore [\#271](https://github.com/WebGoat/WebGoat/issues/271)
-- Lesson plans not loading with manual build and easy-run jar \(standalone jar\) not running at all [\#268](https://github.com/WebGoat/WebGoat/issues/268)
-- Unable to download webgoat jar file [\#261](https://github.com/WebGoat/WebGoat/issues/261)
-- Developer edition build isn't working in its entirety [\#260](https://github.com/WebGoat/WebGoat/issues/260)
-- Amazon S3 downloadable JAR is missing [\#259](https://github.com/WebGoat/WebGoat/issues/259)
-- Code does not compile on dev branch [\#258](https://github.com/WebGoat/WebGoat/issues/258)
-- Executable jar crashes if empty .extract folder exist [\#251](https://github.com/WebGoat/WebGoat/issues/251)
-- Java Error Message in Lesson "How to Bypass a Path Based Access Control Scheme" [\#240](https://github.com/WebGoat/WebGoat/issues/240)
-- developer bootstrap says git is missing when it is installed [\#236](https://github.com/WebGoat/WebGoat/issues/236)
-- Application Won't Start [\#234](https://github.com/WebGoat/WebGoat/issues/234)
-- Restart lesson button isn't working [\#226](https://github.com/WebGoat/WebGoat/issues/226)
-- Navigation to start page is broken after login [\#218](https://github.com/WebGoat/WebGoat/issues/218)
-- Links in menu missing pointer cursor [\#216](https://github.com/WebGoat/WebGoat/issues/216)
-- Restart lesson button not working [\#213](https://github.com/WebGoat/WebGoat/issues/213)
-- WebGoat stops at  DEBUG - Exit: getEngine\(\) [\#211](https://github.com/WebGoat/WebGoat/issues/211)
-- Labs: Remnant files and solved stages [\#208](https://github.com/WebGoat/WebGoat/issues/208)
-- Labs: Navigating to Instructor java examples [\#206](https://github.com/WebGoat/WebGoat/issues/206)
-- WebGoat 7.0 and ZAP 2.4.3 will not proxy [\#204](https://github.com/WebGoat/WebGoat/issues/204)
-- Failing Build [\#201](https://github.com/WebGoat/WebGoat/issues/201)
-- Missing mvn package of webgoat-container in README.MD [\#200](https://github.com/WebGoat/WebGoat/issues/200)
-- Seems translation to Russian for "Congratulations. You have successfully completed this lesson."  phrase is broken. [\#199](https://github.com/WebGoat/WebGoat/issues/199)
-- HtmlEncoder uses static methods but must be instantiated [\#195](https://github.com/WebGoat/WebGoat/issues/195)
-- webgoat-container should unpack all the lessons [\#192](https://github.com/WebGoat/WebGoat/issues/192)
-- Access Control Flaws, LAB stage 3: Remove the FindProfile screen [\#186](https://github.com/WebGoat/WebGoat/issues/186)
-- Injection Flaws | XPath Injection date file path issue [\#184](https://github.com/WebGoat/WebGoat/issues/184)
-- hints don't appear to work on labs [\#183](https://github.com/WebGoat/WebGoat/issues/183)
-- Session Management Flaws - Spoof an Authentication Cookie render issue [\#181](https://github.com/WebGoat/WebGoat/issues/181)
-- Challenge - Show\* buttons show on initial lesson load [\#180](https://github.com/WebGoat/WebGoat/issues/180)
-- Http Basics - minor edits and change completion state [\#178](https://github.com/WebGoat/WebGoat/issues/178)
-- Lab Cross-Site Scripting Stage 1 solution [\#176](https://github.com/WebGoat/WebGoat/issues/176)
-- Backdoor lesson breaks menu CSS [\#175](https://github.com/WebGoat/WebGoat/issues/175)
-- Redirect localhost:8080 to localhost:8080/WebGoat [\#173](https://github.com/WebGoat/WebGoat/issues/173)
-- Session Fixation link in stage 2 does not work [\#170](https://github.com/WebGoat/WebGoat/issues/170)
-- A failure occurred when execute the command "sh webgoat\_developer\_bootstrap.sh" [\#145](https://github.com/WebGoat/WebGoat/issues/145)
-- Copy lessons into plugin\_lessons [\#254](https://github.com/WebGoat/WebGoat/issues/254)
-- WebGoat // Lesson Plan and Solution are note available [\#242](https://github.com/WebGoat/WebGoat/issues/242)
-- Lab: Client side filtering - broken path [\#232](https://github.com/WebGoat/WebGoat/issues/232)
-- AXIS class not found error in  Web Services / WSDL Scanning  [\#222](https://github.com/WebGoat/WebGoat/issues/222)
-- WSDL link in SOAP Request Lesson crashing with AXIS error [\#221](https://github.com/WebGoat/WebGoat/issues/221)
-- Labs: RBAC stage 1 and 3 not working [\#209](https://github.com/WebGoat/WebGoat/issues/209)
-- How to create a Legacy Lesson - instruction edit [\#177](https://github.com/WebGoat/WebGoat/issues/177)
-- Can't tell when WebGoat has actually started when using: webgoat\_developer\_bootstrap.sh [\#75](https://github.com/WebGoat/WebGoat/issues/75)
-
-**Merged pull requests:**
-
-- Add VMware fusion [\#264](https://github.com/WebGoat/WebGoat/pull/264) ([akiernan](https://github.com/akiernan))
-- Remove Exception from method signature [\#257](https://github.com/WebGoat/WebGoat/pull/257) ([RubieV](https://github.com/RubieV))
-- Code cleanup using @Test\(expected = Exception\) [\#256](https://github.com/WebGoat/WebGoat/pull/256) ([RubieV](https://github.com/RubieV))
-- Added OWASP Labs badge [\#252](https://github.com/WebGoat/WebGoat/pull/252) ([psiinon](https://github.com/psiinon))
-- updates from day 1 @AppSec EU [\#246](https://github.com/WebGoat/WebGoat/pull/246) ([misfir3](https://github.com/misfir3))
-- Update java required version as stated in webgoat/webgoat\#234 [\#243](https://github.com/WebGoat/WebGoat/pull/243) ([span](https://github.com/span))
-- Updates to Dev Bootstrap [\#239](https://github.com/WebGoat/WebGoat/pull/239) ([dilshanraja](https://github.com/dilshanraja))
-- Fix broken start/home link on logo [\#229](https://github.com/WebGoat/WebGoat/pull/229) ([span](https://github.com/span))
-- Developer controls [\#228](https://github.com/WebGoat/WebGoat/pull/228) ([span](https://github.com/span))
-- Admin should also be able to see the solution, source and lesson plan. [\#224](https://github.com/WebGoat/WebGoat/pull/224) ([nbaars](https://github.com/nbaars))
-- Fixed the classnames in the wsdd config file \(moved to different pack… [\#223](https://github.com/WebGoat/WebGoat/pull/223) ([nbaars](https://github.com/nbaars))
-- Feature/169 [\#220](https://github.com/WebGoat/WebGoat/pull/220) ([nbaars](https://github.com/nbaars))
-- Update README.MD [\#219](https://github.com/WebGoat/WebGoat/pull/219) ([muzir](https://github.com/muzir))
-- Fix \#213 by changing the id of the restart button to the correct id [\#214](https://github.com/WebGoat/WebGoat/pull/214) ([span](https://github.com/span))
-- Fixed \#184 [\#212](https://github.com/WebGoat/WebGoat/pull/212) ([nbaars](https://github.com/nbaars))
-- Fix shebang [\#210](https://github.com/WebGoat/WebGoat/pull/210) ([nxadm](https://github.com/nxadm))
-- Enable weak authentication cookie lesson  [\#207](https://github.com/WebGoat/WebGoat/pull/207) ([span](https://github.com/span))
-- -- Remove raw type usage, add type check parameter. [\#205](https://github.com/WebGoat/WebGoat/pull/205) ([muzir](https://github.com/muzir))
-- Update package references in readme [\#203](https://github.com/WebGoat/WebGoat/pull/203) ([span](https://github.com/span))
-- Develop [\#202](https://github.com/WebGoat/WebGoat/pull/202) ([misfir3](https://github.com/misfir3))
-- Fixes \#195 by adding static initialisation of the maps [\#197](https://github.com/WebGoat/WebGoat/pull/197) ([span](https://github.com/span))
-- Add stage parameter in the session to keep track of current stage  [\#196](https://github.com/WebGoat/WebGoat/pull/196) ([span](https://github.com/span))
-- webgoat-container should unpack all the lessons \#192 [\#193](https://github.com/WebGoat/WebGoat/pull/193) ([nbaars](https://github.com/nbaars))
-
-## [7.0.1](https://github.com/WebGoat/WebGoat/tree/7.0.1) (2016-02-01)
-**Implemented enhancements:**
-
-- SEVERE: The web application \[/WebGoat\] appears to have started a thread named \[pool-7-thread-5\] but has failed to stop it. This is very likely to create a memory leak [\#124](https://github.com/WebGoat/WebGoat/issues/124)
-- Cannot serialize session attribute [\#123](https://github.com/WebGoat/WebGoat/issues/123)
-- Overview of which lessons maps to which WebGoat-Lessons project [\#107](https://github.com/WebGoat/WebGoat/issues/107)
-- Remove ace js directory [\#103](https://github.com/WebGoat/WebGoat/issues/103)
-- Move webgoat-container UP one directory [\#100](https://github.com/WebGoat/WebGoat/issues/100)
-- Insecure login lesson has inline CSS background image is not applied [\#87](https://github.com/WebGoat/WebGoat/issues/87)
-- Re-enable/update WebGoat Info link [\#26](https://github.com/WebGoat/WebGoat/issues/26)
-- User Info/Logout Links  [\#25](https://github.com/WebGoat/WebGoat/issues/25)
-- LessonInfo Service [\#23](https://github.com/WebGoat/WebGoat/issues/23)
-- Reload/Update Menu [\#22](https://github.com/WebGoat/WebGoat/issues/22)
-
-**Fixed bugs:**
-
-- Nightly build doesn't run [\#150](https://github.com/WebGoat/WebGoat/issues/150)
-- Forced browsing lesson does not show success [\#143](https://github.com/WebGoat/WebGoat/issues/143)
-- Failed to load resource: the server responded with a status of 404 \(Not Found\) [\#139](https://github.com/WebGoat/WebGoat/issues/139)
-- Firefox and Edge miss one lesson in Menu [\#49](https://github.com/WebGoat/WebGoat/issues/49)
-- Lesson Plan does not toggle on/off [\#46](https://github.com/WebGoat/WebGoat/issues/46)
-- Clicking on 'LAB: Role Based Access Control' produces 'Invalid Session' in UI [\#44](https://github.com/WebGoat/WebGoat/issues/44)
-- Lesson Loading Scrolls down page in Firefox [\#39](https://github.com/WebGoat/WebGoat/issues/39)
-- WebGoat lessons do not load [\#32](https://github.com/WebGoat/WebGoat/issues/32)
-- Properties are appended when loading plugins [\#29](https://github.com/WebGoat/WebGoat/issues/29)
-
-**Closed issues:**
-
-- Exceptions for all lessons in "LAB: DB SQL Injection" and "LAB: SQL Injection" [\#174](https://github.com/WebGoat/WebGoat/issues/174)
-- JSP Goathills lessons imports are not valid [\#171](https://github.com/WebGoat/WebGoat/issues/171)
-- update or remove http://webgoat.github.io/ [\#167](https://github.com/WebGoat/WebGoat/issues/167)
-- Provide over-rideable 'submitMethod' via AbstractLesson [\#165](https://github.com/WebGoat/WebGoat/issues/165)
-- Update HTTP Basics lesson [\#162](https://github.com/WebGoat/WebGoat/issues/162)
-- Command Injection Issue WebGoat 7 [\#156](https://github.com/WebGoat/WebGoat/issues/156)
-- XML Injection does not work [\#151](https://github.com/WebGoat/WebGoat/issues/151)
-- Plan is not available for this lesson. [\#138](https://github.com/WebGoat/WebGoat/issues/138)
-- Multi level login lesson works but is missing area around the form [\#135](https://github.com/WebGoat/WebGoat/issues/135)
-- SEVERE: The web application \[/WebGoat\] registered the JDBC driver \[org.h2.Driver\] but failed to unregister it when the web application was stopped. To prevent a memory leak, the JDBC Driver has been forcibly unregistered [\#134](https://github.com/WebGoat/WebGoat/issues/134)
-- hints are not refreshed when switching lessons [\#133](https://github.com/WebGoat/WebGoat/issues/133)
-- Sauce labs fails when running oraclejdk8 [\#118](https://github.com/WebGoat/WebGoat/issues/118)
-- Logging in sometimes goes to report card and misses category-menu [\#114](https://github.com/WebGoat/WebGoat/issues/114)
-- Order of elements in deployment descriptor [\#112](https://github.com/WebGoat/WebGoat/issues/112)
-- The jar snapshot doesn't run [\#108](https://github.com/WebGoat/WebGoat/issues/108)
-- re-enable challenge handling in LessonInfoModel [\#97](https://github.com/WebGoat/WebGoat/issues/97)
-- Review and cleanup releases and builds [\#90](https://github.com/WebGoat/WebGoat/issues/90)
-- Review and cleanup Installation Docs [\#89](https://github.com/WebGoat/WebGoat/issues/89)
-- Ajax Security: LAB: Client Side Filtering [\#86](https://github.com/WebGoat/WebGoat/issues/86)
-- Close button on about dialog does not close the dialog [\#81](https://github.com/WebGoat/WebGoat/issues/81)
-- Lessons Intermittently showing up in WebGoat [\#76](https://github.com/WebGoat/WebGoat/issues/76)
-- Order of buttons switch after submit [\#73](https://github.com/WebGoat/WebGoat/issues/73)
-- After login, there is no default lesson [\#72](https://github.com/WebGoat/WebGoat/issues/72)
-- Intermittent Startup Error [\#71](https://github.com/WebGoat/WebGoat/issues/71)
-- Discover Clues in HTML lesson doesn't work [\#70](https://github.com/WebGoat/WebGoat/issues/70)
-- Eclipse import error for webgoat-container [\#66](https://github.com/WebGoat/WebGoat/issues/66)
-- Reflected XSS Attacks error message error [\#65](https://github.com/WebGoat/WebGoat/issues/65)
-- Labs with Stages all throw exceptions [\#64](https://github.com/WebGoat/WebGoat/issues/64)
-- Spelling errors in: webgoat\_developer\_bootstrap.sh [\#63](https://github.com/WebGoat/WebGoat/issues/63)
-- CSRF token by-pass lesson shows stacktrace [\#60](https://github.com/WebGoat/WebGoat/issues/60)
-- Http Basics lessons fails to load [\#53](https://github.com/WebGoat/WebGoat/issues/53)
-- Null Pointer Exception on every page [\#47](https://github.com/WebGoat/WebGoat/issues/47)
-- Create support in client-side routing for 'stages' [\#42](https://github.com/WebGoat/WebGoat/issues/42)
-- Implement Loading Spinner on Menu [\#41](https://github.com/WebGoat/WebGoat/issues/41)
-- Lab - DOM-based cross-site scripting: Java Source produces XSS alert [\#38](https://github.com/WebGoat/WebGoat/issues/38)
-- DOM Injection Lesson - Java Source does not work  [\#37](https://github.com/WebGoat/WebGoat/issues/37)
-- Lesson Interdependency [\#33](https://github.com/WebGoat/WebGoat/issues/33)
-- Hide menu functionality [\#28](https://github.com/WebGoat/WebGoat/issues/28)
-- Consume LessonInfo Service to display title [\#24](https://github.com/WebGoat/WebGoat/issues/24)
-- how to up webgoat to netbeans on mac os x. [\#14](https://github.com/WebGoat/WebGoat/issues/14)
-
-**Merged pull requests:**
-
-- Disable cross-site scripting lab [\#191](https://github.com/WebGoat/WebGoat/pull/191) ([span](https://github.com/span))
-- Adding OSSRH Repository on Parent Pom [\#190](https://github.com/WebGoat/WebGoat/pull/190) ([dougmorato](https://github.com/dougmorato))
-- Setting GPG keyname as WebGoat in Parent Pom [\#189](https://github.com/WebGoat/WebGoat/pull/189) ([dougmorato](https://github.com/dougmorato))
-- Fixining all the javadoc issues preventing the release [\#188](https://github.com/WebGoat/WebGoat/pull/188) ([dougmorato](https://github.com/dougmorato))
-- Improving WebGoat Developer Bootstrap Script [\#187](https://github.com/WebGoat/WebGoat/pull/187) ([dougmorato](https://github.com/dougmorato))
-- issue \#147 disabling broken lessons [\#185](https://github.com/WebGoat/WebGoat/pull/185) ([mayhew64](https://github.com/mayhew64))
-- \#167 removing refrences to github.io in code [\#172](https://github.com/WebGoat/WebGoat/pull/172) ([misfir3](https://github.com/misfir3))
-- \#165 support for custom submitMethod [\#166](https://github.com/WebGoat/WebGoat/pull/166) ([misfir3](https://github.com/misfir3))
-- Remove Coverity Badge from README [\#164](https://github.com/WebGoat/WebGoat/pull/164) ([dougmorato](https://github.com/dougmorato))
-- Forced browsing [\#163](https://github.com/WebGoat/WebGoat/pull/163) ([nbaars](https://github.com/nbaars))
-- Moving lesson utilities to common project instead of AbstractLesson [\#155](https://github.com/WebGoat/WebGoat/pull/155) ([nbaars](https://github.com/nbaars))
-- \#133 hiding hint on change of lesson/loesson load [\#153](https://github.com/WebGoat/WebGoat/pull/153) ([misfir3](https://github.com/misfir3))
-- changed back to compile phase, package phase breaks the war-exec.jar … [\#152](https://github.com/WebGoat/WebGoat/pull/152) ([mayhew64](https://github.com/mayhew64))
-- Fixes typo in README [\#149](https://github.com/WebGoat/WebGoat/pull/149) ([aravindc26](https://github.com/aravindc26))
-- \#66 Fixing jar plugin lifecycle issue [\#148](https://github.com/WebGoat/WebGoat/pull/148) ([slavP](https://github.com/slavP))
-- Tidy up CSRF lessons. [\#147](https://github.com/WebGoat/WebGoat/pull/147) ([ilatypov](https://github.com/ilatypov))
-- Updated pom versions and cache .m2 on travis to speed build time [\#140](https://github.com/WebGoat/WebGoat/pull/140) ([dougmorato](https://github.com/dougmorato))
-- Update dependency version, build number and unregister DB driver [\#136](https://github.com/WebGoat/WebGoat/pull/136) ([dougmorato](https://github.com/dougmorato))
--  SEVERE: The web application \[/WebGoat\] appears to have started a thr… [\#132](https://github.com/WebGoat/WebGoat/pull/132) ([nbaars](https://github.com/nbaars))
-- Do not clean before mvn cobertura and coveralls [\#131](https://github.com/WebGoat/WebGoat/pull/131) ([dougmorato](https://github.com/dougmorato))
-- Cannot serialize session attribute \#123 [\#130](https://github.com/WebGoat/WebGoat/pull/130) ([nbaars](https://github.com/nbaars))
-- Maven-tomcat plugin fix and correct typo on JS file [\#129](https://github.com/WebGoat/WebGoat/pull/129) ([dougmorato](https://github.com/dougmorato))
-- items ommited from menu spinner and some more clean up [\#127](https://github.com/WebGoat/WebGoat/pull/127) ([misfir3](https://github.com/misfir3))
-- Coveralls should be on Parent Pom [\#126](https://github.com/WebGoat/WebGoat/pull/126) ([dougmorato](https://github.com/dougmorato))
-- Adding badges for Coverity, Coveralls and Codacy [\#125](https://github.com/WebGoat/WebGoat/pull/125) ([dougmorato](https://github.com/dougmorato))
-- Test enable Coverity SAST [\#122](https://github.com/WebGoat/WebGoat/pull/122) ([dougmorato](https://github.com/dougmorato))
-- Improved README instructions for Easy Run [\#121](https://github.com/WebGoat/WebGoat/pull/121) ([dougmorato](https://github.com/dougmorato))
-- Copy whole target folder, not just individual file [\#120](https://github.com/WebGoat/WebGoat/pull/120) ([dougmorato](https://github.com/dougmorato))
-- Code cleanup and menu spinner [\#119](https://github.com/WebGoat/WebGoat/pull/119) ([misfir3](https://github.com/misfir3))
--  Logging in sometimes goes to report card and misses category-menu \#114 [\#117](https://github.com/WebGoat/WebGoat/pull/117) ([nbaars](https://github.com/nbaars))
-- Copy output and target info upload to S3 folder [\#116](https://github.com/WebGoat/WebGoat/pull/116) ([dougmorato](https://github.com/dougmorato))
-- Fix \#81 to activate close button in the modal footer [\#115](https://github.com/WebGoat/WebGoat/pull/115) ([span](https://github.com/span))
-- Fix \#112 deployment descriptor elements in wrong order  [\#113](https://github.com/WebGoat/WebGoat/pull/113) ([span](https://github.com/span))
-- \#103: removing ace directory, not in use [\#111](https://github.com/WebGoat/WebGoat/pull/111) ([misfir3](https://github.com/misfir3))
--  The jar snapshot doesn't run \#108 \(2\) [\#110](https://github.com/WebGoat/WebGoat/pull/110) ([nbaars](https://github.com/nbaars))
--  The jar snapshot doesn't run \#108 [\#109](https://github.com/WebGoat/WebGoat/pull/109) ([nbaars](https://github.com/nbaars))
-- Removed credits from lessons [\#106](https://github.com/WebGoat/WebGoat/pull/106) ([nbaars](https://github.com/nbaars))
-- Fixed classloading issues with Goathills lessons [\#105](https://github.com/WebGoat/WebGoat/pull/105) ([nbaars](https://github.com/nbaars))
--  i8n highlighting \#96  [\#102](https://github.com/WebGoat/WebGoat/pull/102) ([nbaars](https://github.com/nbaars))
-- \#97, updating controls for hints, source, solution and plans on lessons [\#101](https://github.com/WebGoat/WebGoat/pull/101) ([misfir3](https://github.com/misfir3))
--  Button to force plugin reloading \#93  [\#99](https://github.com/WebGoat/WebGoat/pull/99) ([nbaars](https://github.com/nbaars))
-- \#97, Hint controls for CHALLENGE Category lessons [\#98](https://github.com/WebGoat/WebGoat/pull/98) ([misfir3](https://github.com/misfir3))
-- \#23, \#24 - LessonInfo Service now used for TitleView and HelpControsView [\#94](https://github.com/WebGoat/WebGoat/pull/94) ([misfir3](https://github.com/misfir3))
-- Properties are appended when loading plugins \(\#29\) [\#88](https://github.com/WebGoat/WebGoat/pull/88) ([nbaars](https://github.com/nbaars))
-- Added a lesson restart for lesson specific restart actions [\#85](https://github.com/WebGoat/WebGoat/pull/85) ([mayhew64](https://github.com/mayhew64))
-- Fixing inconsistent merge issues implementing nbaars fixes [\#83](https://github.com/WebGoat/WebGoat/pull/83) ([dougmorato](https://github.com/dougmorato))
-- Updated contributors and sponsors [\#82](https://github.com/WebGoat/WebGoat/pull/82) ([mayhew64](https://github.com/mayhew64))
-- \#72, defaulting to firstLesson on initial redirect [\#80](https://github.com/WebGoat/WebGoat/pull/80) ([misfir3](https://github.com/misfir3))
--  Intermittent Startup Error \#71  [\#79](https://github.com/WebGoat/WebGoat/pull/79) ([nbaars](https://github.com/nbaars))
-- Adding Coverity Static Code Analysis Scan integration [\#78](https://github.com/WebGoat/WebGoat/pull/78) ([dougmorato](https://github.com/dougmorato))
-- Pom refactoring, javadocs compliance and Integration improvements [\#77](https://github.com/WebGoat/WebGoat/pull/77) ([dougmorato](https://github.com/dougmorato))
-- Property files are now detected while extracting the plugin [\#74](https://github.com/WebGoat/WebGoat/pull/74) ([nbaars](https://github.com/nbaars))
-- Recent UI Fixes [\#61](https://github.com/WebGoat/WebGoat/pull/61) ([misfir3](https://github.com/misfir3))
-- Lab - DOM-based cross-site scripting: Java Source produces XSS alert \#38 [\#59](https://github.com/WebGoat/WebGoat/pull/59) ([nbaars](https://github.com/nbaars))
-- Update README.MD [\#57](https://github.com/WebGoat/WebGoat/pull/57) ([mayhew64](https://github.com/mayhew64))
-- Do NOT run Integration tests on pull requests [\#56](https://github.com/WebGoat/WebGoat/pull/56) ([dougmorato](https://github.com/dougmorato))
-- Increase performance while extracting the plugins [\#55](https://github.com/WebGoat/WebGoat/pull/55) ([nbaars](https://github.com/nbaars))
--  Http Basics lessons fails to load \#53 [\#54](https://github.com/WebGoat/WebGoat/pull/54) ([nbaars](https://github.com/nbaars))
-- Adding headless Integration Tests with Sauce Labs [\#50](https://github.com/WebGoat/WebGoat/pull/50) ([dougmorato](https://github.com/dougmorato))
--  Null Pointer Exception on every page \#47 [\#48](https://github.com/WebGoat/WebGoat/pull/48) ([nbaars](https://github.com/nbaars))
-- menu and routing work [\#43](https://github.com/WebGoat/WebGoat/pull/43) ([misfir3](https://github.com/misfir3))
-- Fixes for issue \#32 - lessons/menu not loading [\#40](https://github.com/WebGoat/WebGoat/pull/40) ([misfir3](https://github.com/misfir3))
-- Fixed not serializable error when stopping/starting Tomcat [\#36](https://github.com/WebGoat/WebGoat/pull/36) ([nbaars](https://github.com/nbaars))
-- Improved README, fixed copy lessons instructions, added developer bootstrap [\#35](https://github.com/WebGoat/WebGoat/pull/35) ([dougmorato](https://github.com/dougmorato))
-- Improved Travis Build and Instructions on Readme [\#31](https://github.com/WebGoat/WebGoat/pull/31) ([dougmorato](https://github.com/dougmorato))
-- recent modifications from my branch [\#30](https://github.com/WebGoat/WebGoat/pull/30) ([misfir3](https://github.com/misfir3))
-- initial cut of paramView re-enabled [\#21](https://github.com/WebGoat/WebGoat/pull/21) ([misfir3](https://github.com/misfir3))
-- Removing doc directory which contained 6 year old stale files [\#18](https://github.com/WebGoat/WebGoat/pull/18) ([dougmorato](https://github.com/dougmorato))
-- First pull request, minor fix [\#17](https://github.com/WebGoat/WebGoat/pull/17) ([silicakes](https://github.com/silicakes))
-- cookie view re-enabled [\#16](https://github.com/WebGoat/WebGoat/pull/16) ([misfir3](https://github.com/misfir3))
-- Incremental UI changes [\#15](https://github.com/WebGoat/WebGoat/pull/15) ([misfir3](https://github.com/misfir3))
-- Merged changes from WebGoat-Legacy to WebGoat [\#13](https://github.com/WebGoat/WebGoat/pull/13) ([nbaars](https://github.com/nbaars))
-- Merge pull request \#48 from michaeldever/master  [\#11](https://github.com/WebGoat/WebGoat/pull/11) ([nbaars](https://github.com/nbaars))
-- restoring READMe.txt [\#10](https://github.com/WebGoat/WebGoat/pull/10) ([misfir3](https://github.com/misfir3))
-- Initial cut-over of backbone port [\#9](https://github.com/WebGoat/WebGoat/pull/9) ([misfir3](https://github.com/misfir3))
-- Added a method so we can fetch the absolute path of a lesson [\#8](https://github.com/WebGoat/WebGoat/pull/8) ([nbaars](https://github.com/nbaars))
-- Fixed rewriting paths in the jsp/js and css resources [\#7](https://github.com/WebGoat/WebGoat/pull/7) ([nbaars](https://github.com/nbaars))
-- Classloader introduced [\#6](https://github.com/WebGoat/WebGoat/pull/6) ([nbaars](https://github.com/nbaars))
-- Instructions for manual deployment [\#5](https://github.com/WebGoat/WebGoat/pull/5) ([iammyr](https://github.com/iammyr))
-- Renamed the jar file [\#4](https://github.com/WebGoat/WebGoat/pull/4) ([nbaars](https://github.com/nbaars))
-- Fixed classloading issues when a lesson contains an inner class. The plu... [\#3](https://github.com/WebGoat/WebGoat/pull/3) ([nbaars](https://github.com/nbaars))
-- Generate separate jar file to use in the lessons project [\#2](https://github.com/WebGoat/WebGoat/pull/2) ([nbaars](https://github.com/nbaars))
-- Bug fix: lesson solution not showing  [\#1](https://github.com/WebGoat/WebGoat/pull/1) ([nbaars](https://github.com/nbaars))
-
-
-
-\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index ed6151f87..972af72c8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -20,7 +20,7 @@
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>1.5.5.RELEASE</version>
+        <version>1.5.9.RELEASE</version>
     </parent>
 
     <licenses>
diff --git a/webgoat-container/documentation/csrf-lesson.gliffy b/webgoat-container/documentation/csrf-lesson.gliffy
deleted file mode 100644
index 364f3802f..000000000
--- a/webgoat-container/documentation/csrf-lesson.gliffy
+++ /dev/null
@@ -1 +0,0 @@
-{"contentType":"application/gliffy+json","version":"1.1","metadata":{"title":"untitled","revision":0,"exportBorder":false},"embeddedResources":{"index":0,"resources":[]},"stage":{"objects":[{"x":201,"y":233,"rotation":0,"id":22,"uid":"com.gliffy.shape.basic.basic_v1.default.line","width":100,"height":100,"lockAspectRatio":false,"lockShape":false,"order":22,"graphic":{"type":"Line","Line":{"strokeWidth":2,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","ortho":false,"interpolationType":"linear","cornerRadius":null,"controlPath":[[0,0],[301.0066444449358,0]],"lockSegments":{}}},"children":[{"x":0,"y":0,"rotation":0,"id":24,"uid":null,"width":118,"height":14,"lockAspectRatio":false,"lockShape":false,"order":"auto","graphic":{"type":"Text","Text":{"tid":null,"valign":"middle","overflow":"both","vposition":"none","hposition":"none","html":"<p style=\"text-align:center;\"><span style=\"font-size: 12px; font-family: Arial; white-space: pre-wrap; text-decoration: none; line-height: 14px; color: rgb(0, 0, 0);\">images gets reloaded</span></p>","paddingLeft":2,"paddingRight":2,"paddingBottom":2,"paddingTop":2}},"children":null}],"linkMap":[]},{"x":499,"y":200,"rotation":0,"id":18,"uid":"com.gliffy.shape.basic.basic_v1.default.line","width":100,"height":100,"lockAspectRatio":false,"lockShape":false,"order":18,"graphic":{"type":"Line","Line":{"strokeWidth":2,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","ortho":false,"interpolationType":"linear","cornerRadius":null,"controlPath":[[0,0],[-304.00164473239283,-1.1368683772161603e-13]],"lockSegments":{}}},"children":[{"x":0,"y":0,"rotation":0,"id":19,"uid":null,"width":132,"height":14,"lockAspectRatio":false,"lockShape":false,"order":"auto","graphic":{"type":"Text","Text":{"tid":null,"valign":"middle","overflow":"both","vposition":"none","hposition":"none","html":"<p style=\"text-align:center;\"><span style=\"font-size: 12px; font-family: Arial; white-space: pre-wrap; text-decoration: none; line-height: 14px; color: rgb(0, 0, 0);\">Message gets displayed</span></p>","paddingLeft":2,"paddingRight":2,"paddingBottom":2,"paddingTop":2}},"children":null}],"linkMap":[]},{"x":204,"y":174,"rotation":0,"id":15,"uid":"com.gliffy.shape.basic.basic_v1.default.line","width":100,"height":100,"lockAspectRatio":false,"lockShape":false,"order":15,"graphic":{"type":"Line","Line":{"strokeWidth":2,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","ortho":false,"interpolationType":"linear","cornerRadius":null,"controlPath":[[-4.000000000000028,-0.8629150101523919],[296,-0.8629150101523919]],"lockSegments":{}}},"children":[{"x":0,"y":0,"rotation":0,"id":16,"uid":null,"width":112,"height":14,"lockAspectRatio":false,"lockShape":false,"order":"auto","graphic":{"type":"Text","Text":{"tid":null,"valign":"middle","overflow":"both","vposition":"none","hposition":"none","html":"<p style=\"text-align:center;\"><span style=\"font-size: 12px; font-family: Arial; white-space: pre-wrap; text-decoration: none; line-height: 14px; color: rgb(0, 0, 0);\">User clicks message</span></p>","paddingLeft":2,"paddingRight":2,"paddingBottom":2,"paddingTop":2}},"children":null}],"linkMap":[]},{"x":499,"y":137,"rotation":0,"id":11,"uid":"com.gliffy.shape.basic.basic_v1.default.line","width":100,"height":100,"lockAspectRatio":false,"lockShape":false,"order":11,"graphic":{"type":"Line","Line":{"strokeWidth":2,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","ortho":false,"interpolationType":"linear","cornerRadius":null,"controlPath":[[1,3],[-299,3]],"lockSegments":{}}},"children":[{"x":0,"y":0,"rotation":0,"id":14,"uid":null,"width":133,"height":14,"lockAspectRatio":false,"lockShape":false,"order":"auto","graphic":{"type":"Text","Text":{"tid":null,"valign":"middle","overflow":"both","vposition":"none","hposition":"none","html":"<p style=\"text-align:center;\"><span style=\"font-size: 12px; font-family: Arial; white-space: pre-wrap; text-decoration: none; line-height: 14px; color: rgb(0, 0, 0);\">Messages are displayed</span></p>","paddingLeft":2,"paddingRight":2,"paddingBottom":2,"paddingTop":2}},"children":null}],"linkMap":[]},{"x":205,"y":119,"rotation":0,"id":7,"uid":"com.gliffy.shape.basic.basic_v1.default.line","width":100,"height":100,"lockAspectRatio":false,"lockShape":false,"order":7,"graphic":{"type":"Line","Line":{"strokeWidth":2,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":1,"startArrowRotation":"auto","endArrowRotation":"auto","ortho":false,"interpolationType":"linear","cornerRadius":null,"controlPath":[[-5,-2.137084989847608],[295,-2.137084989847608]],"lockSegments":{}}},"children":[{"x":0,"y":0,"rotation":0,"id":10,"uid":null,"width":117,"height":14,"lockAspectRatio":false,"lockShape":false,"order":"auto","graphic":{"type":"Text","Text":{"tid":null,"valign":"middle","overflow":"both","vposition":"none","hposition":"none","html":"<p style=\"text-align:center;\"><span style=\"font-size: 12px; font-family: Arial; white-space: pre-wrap; text-decoration: none; line-height: 14px; color: rgb(0, 0, 0);\">Users types message</span></p>","paddingLeft":2,"paddingRight":2,"paddingBottom":2,"paddingTop":2}},"children":null}],"linkMap":[]},{"x":40,"y":90,"rotation":0,"id":0,"uid":"com.gliffy.shape.basic.basic_v1.default.square","width":160,"height":160,"lockAspectRatio":true,"lockShape":false,"order":0,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dropShadow":false,"state":0,"shadowX":0,"shadowY":0,"opacity":1}},"children":[{"x":2,"y":0,"rotation":0,"id":5,"uid":null,"width":156,"height":14,"lockAspectRatio":false,"lockShape":false,"order":"auto","graphic":{"type":"Text","Text":{"tid":null,"valign":"middle","overflow":"none","vposition":"none","hposition":"none","html":"<p style=\"text-align:center;\"><span style=\"font-size: 12px; font-family: Arial; white-space: pre-wrap; text-decoration: none; line-height: 14px; color: rgb(0, 0, 0);\">CSRF-Lesson</span></p>","paddingLeft":2,"paddingRight":2,"paddingBottom":2,"paddingTop":2}},"children":null}],"linkMap":[]},{"x":500,"y":90,"rotation":0,"id":4,"uid":"com.gliffy.shape.basic.basic_v1.default.square","width":160,"height":160,"lockAspectRatio":true,"lockShape":false,"order":1,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2,"strokeColor":"#333333","fillColor":"#FFFFFF","gradient":false,"dropShadow":false,"state":0,"shadowX":0,"shadowY":0,"opacity":1}},"children":[{"x":2,"y":0,"rotation":0,"id":6,"uid":null,"width":156,"height":14,"lockAspectRatio":false,"lockShape":false,"order":"auto","graphic":{"type":"Text","Text":{"tid":null,"valign":"middle","overflow":"none","vposition":"none","hposition":"none","html":"<p style=\"text-align:center;\"><span style=\"font-size: 12px; font-family: Arial; white-space: pre-wrap; text-decoration: none; line-height: 14px; color: rgb(0, 0, 0);\">WebGoat-Server</span></p>","paddingLeft":2,"paddingRight":2,"paddingBottom":2,"paddingTop":2}},"children":null}],"linkMap":[]}],"background":"#FFFFFF","width":660,"height":250,"maxWidth":5000,"maxHeight":5000,"nodeIndex":25,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":true,"drawingGuidesOn":true,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"shapeStyles":{"com.gliffy.shape.basic.basic_v1.default":{"fill":"#FFFFFF","stroke":"#333333","strokeWidth":2}},"lineStyles":{"global":{"endArrow":1}},"textStyles":{},"themeData":null}}
\ No newline at end of file
diff --git a/webgoat-container/documentation/csrf-lessons.png b/webgoat-container/documentation/csrf-lessons.png
deleted file mode 100644
index 6360d337dc19ffd512b01a0469f7fd96a9c3853b..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 16587
zcmeHvbyU<{+b*S|NC*N-Nasikh}4iu*U%*>%>aUc(kU`nNF&04QbX6!A%a0j=MV~l
zG|~-c|9IYb-uL^yv(|}q);a4u|1q=Y7rXBJy07cnL~3i^CcQv+0S^z4ROODME*>61
z4jvvp8Sz>0jS}^YFdiN=o{FLz;*rJjTat49R{xWT1Sx_Xv{>*kJQ~e%hPR^kY{r$*
z8?Y~G@j*0t(MlzCBr`|4au(~a#qa3woH08SrrRw~YosR1PlT@^h(HB}XL9RK==^AG
z*jR0lX6TaHN%80!6Y)*!vREwqQt#V!I4jbaw6`*OXq(+!;WSium7f@nM?evTN5qVW
zPy9$8O+YXZliGCgPv5HH1*6#h{39j2;01l}yBAL{`J;h=n(1%1fIk05;Smhvtu$Tv
z(_M&oWxxaeew**q_(T}P@nE69KN&O-BmDmPCh#U0_@bzW@E-JDf4ht#XZMfyJpCMG
zNJNoi;d$=U-){<j$gI8gk6(iei@+E43uMoN|9Kf4Jw^DZhgw{MqkRS#uMqz8vLJZt
zxj#L$jx`9rg^?6I`;SqAg8?D`(?cKqH6VWt$X_eupZoN$E%SeG46z{Tmp%L_yLo};
z(`ByU@mg<MyN?c{M9dUd3Gx%7=P^d~$z5BN!E{cB=@0gpUv=Rpko$5Ig4hQa#s@L{
z2Vt;ZVL~)T&Yp8IIpb5(9%c&l-CfHY`y?<H?GB>EB2@Jb$)p$UaRi*tuhBX<o5<|q
zO|3U5V{n6(^MaO2b%bm#4J0QDXyq{;!AVAZTEcH{D`GF=6JHj=pUtygIclyP4?khi
zCYdZU`pyG2_hnhrfcJYq&|!FKwdv`b)#ek5oJ-ypI=pW;wFY_E@o^~N5wxlY?O_sq
z8-F9ce*_ZuH}Ak`9;t%njq=>YGx)@cDR>+DEs}y$v$elvi5y$r5^RiLaufPKW~}xV
zyqOTy-3H#-2?0Nx`7RSd#qT53nN&*9EQRE?mBS;r#MR_Sy+-z|YLEYrJecl5c9Wks
z)GzNrU11{Tzq<W@cD8Go-Ihm1-=(3bVKv;T!Ytan!R-kG^haZEA4#)(widGF!!Pip
zSvBxdbBNz${|>DdGRbEd?=--2h!VTBGZ?r%VmI4!n@M!~({mBo{hpVqyk-@SaT4x7
zpC0)?HviR?CLY77A^cMIxXPjTy~<;KHE9ZN7IeZpMoF*4A<Mw=!|&&01$V~1)2f%T
zINb~SvoMD2S43ve(s?DVI&MJ)mQI~Z@wrcX?AkVJC&x#fEs<20a<1(v3njbFv{9Gc
z{Xigc@6$z(l`)CFQX93tJj0?``M5pI73r2VF=&NiWRIdaQlS+p<&@z)d!JQXz`W-E
z?6<d0Gy)dR82vokCl{|;r#_lGuUGAE<FWhOO2oQ_xXk~+tFPYITjcTjeUHV0%4Bkx
z-KL9-xBAB(_G!#^B#CSrE7|D9v2bG)X84UuTW&ZFc9gq}j~;Gj%Zf7IdRW{MFJS4?
zu7BV2aCdEcRmASw4ev?+$|Nylvcp(aNxeWv>O&;)EhVwMrE}LFHFcy)<KiW3JFb*D
zj|gup<Q0vcT)XLZchoClU}Gl1GV8ukt}X|CNep-3MyI&O8!=?Z=6s(<o<Tvrv1{WI
zwm{D?Tk~y4$-U3{$Wb3Mr#x>>8lh0ll$%zAMV79Eh2~BHM~jwkCXcr(dBPW@cgF6S
zVtsd3o>owJOv9U6eInt{L+!fHauKnMH5~6d)!uZgX4B5rWb^<}!(9-*ltZZk##Kx&
zTT>JzsPbxiaj0u7;9%LdDF{F7_RDKo=Cxk7gZai-smT6!w_lF-2iv9j4<0WkG#+Le
zm)UlTx4pVTTG&F2QEVP8FkRkQkIYUB7zI7}j0$%duNg`E5PI&7p~d6YrLpS1jx^cH
zW4?~mdf%NaX9epc${b!p`Mn<zOjv9EjJ0rD3qivoi;586o(!cdaIx`_$J$hD?AGL?
z>E{MPycOvVeOU$<S0@`MQLg8GD~z|fUyC~r3$n?<f-wwVi?Id;CId1Dd%x0ZJu+Ci
z_oiRUiY*Qnl*#V9KB(WB@Ks~QnAbcksqQ82XLUPE{^lust5{Evr-A4)qvYfD_v0qh
z?ziDRHRq`~?_bxR^xrWrbNeArFX!Bimivm&d1N84nxP@T*qyFm+n=N36@~EU#+PuN
zkn;G<=$%+BOlg|Lt<6E8Kd7fAZPRX2?Vi~g5%*i4E~u@3<C|pXZ6^QwXHqj>v{{js
z-42MukVbB)p*cqn*V_efQf4Kuhe>+L-E+BOwqg4<52lr2RUGm=OC$H#+NO;24EV~B
zI5AlKW@YF(@+a5|i+Ue1R+yLB9v9j?>|nKV(r@=iM3!x5GB&M>S$hKD{TYpveN=Lj
zx%aq@%-+wK*K-y+AKiu@ov*ozyLml?_W|b`m(K2hp=A<SZ^psd$5*9&%I8Nb@}8p{
z^Q6}tC+e!l=>|BW-+#$!u{FA?N_B@??&x@@(Uq+PWt6LFj{2gi$Ql2J+fge`hS5>$
zo$_;CEKAAp&r&LKR9wZiku+3#K+$G6GcP8g{0S-jXrL39+@-O*YJo$A<_0<ErbM6B
zw>>)E`?XANxIz>gpPs;W^d-<U*)o^<){V@MdZWg>gOv?7mJR>Xo1iFs!+yAkeI1P@
za%g8|9Cx_;Sr)4`$6l7<ib6U1O04w`9(;*rTVAaQDl#f*zK}&H>S*R|SvpJtQ!pLM
zCBi5UO0L%3tK6$-6?lM|%r%R2iWE39W%U6QJX`%MRfICfYWu!!U>1Qs?w3t2S9JOk
zoupSj^$BHGq)zX{Oa1-_+cx(V&hj_$sSvR%i}J??ViF2S>BWZo<KT%4-LV!aAw?F&
ztuINaLxQ5VUNiK|Z?bzTgTL`<BcITA--*<TthYQ`Fch<X+|E~-NO+FSs3$w7V<Cq5
z^-aHBx7vY%f`FNOjxY&|N)$JbmcD7fS^|HCPFKqvJEN;@wd$91+N%5GYupt$h$?0*
zYQ2!P;YD-$)~Pv)d2Rk6kg2l1vf6eYDQ$Hb;;IDmp?(Gvri$IF18bjWF@Yjk*akJ;
zW*CsWq=zt!=>3)|?Q2ek(Y+Q+La%80(V2KXie%0py1-=m$I;GYr4CZ5Sns^vOvZwB
z1Ik(abF&+izn+IXbraJ<S)JDFQ-S)7%!1pCj7O9XvU^{(mc#;ZSmZKxHk^bu-$;ML
z?r48&IXLqLqvU8K&njYvx2?b0!_K!jM=6SCau}s$sNAG?t{CxBvqSBX;~UFpv$t6Z
zR|Yr^E`Nv%(%*+4Y%ee4voQ|$Qrl{AZrSl_Q&)FluQ9$>ZPjiZ`XO>&myuKNp=QKa
zcKNLV0_2+7Q`Pri$Mnq=8y3$n*(!`3mPz5*m=KmApntxG>Wwm_5F!n8xJ$mF|9JbN
zCkK@qKtPDYiv%oCZ|>esXv)>gUXtU9v_J-)BM=o5rXL@)v8xV?$@t>KqfI2abTZCe
zt6MEejjvQ2XNe)-a)QYkC$eg<(K8WO83|m<k=eX1_DBT+Q>E!w^m+099p|HOUn|*5
z+TYY;{?a>xjW@Axak&|ASatM%Xtwi>MjWrc`ecJY(lK0y>XZH>0Nlb?L#?q*5Uz_F
zd1voyLco8P;R_3>7^;|?{ANOUZERIfTSYRv{FNYB2fOw3#uWkzZd!2hOh}TdJaH9B
zi@YmmgWVb2nx24q{(DFeN$~e(&9-M;_@@(?UDS<{q5vs#{Vt6XRG#mi#h-<xWc<g>
zEcgk4x@Zmn>P8Bq!hf8CI+7vuC4S<nD{lNt@6{o~p~G+&&T<}lsw0bUY)w7qck8Cd
z<9DBh;t{c`1?};cn$wbegy5nmO`#l{8T4SYVU;9^TSzSW9V|}?O+&x@Hn*oQggiEC
zK3q8mfM`4bqW5e0X`Y+{(d%ZR%2mwZ&eg>+!q9jKTK*sm{{ysyFX=37Cxboq%QIAn
zjDX_lbpVjRc$r_ncnWcis?I)llLL45u;Q|j2i?8f(0uNK%IPqYjJ)e#77bQEJNE6Z
zWan75M<)PF9U9`}KRtc@1Xn`IWdz4-JVgpjDum1Iy2J+Z3@dHTtK2?pu1-!ajn@w4
zo7WEBaOiD0=TTp21wz|wl3l70NZi8NT4`cbT$(pFeszg^E)I5%dTnVKr*>sEE7p3H
zh`y;o%}l5R6mKOb*`5{zq5SwjS>1bz#P8|dD6_Prw_<xv7Lo<6Ld?gid#PR#)7^AK
zSMSZf;cJ9HUD$y#by~oFZjyutCxNKK?Y8W01+*>kcpuJ;m<XyNuAPo4f?Sd==8*Z7
zV-p8SAH8c`&&6v}!^aeIeD#wAmmUt8dnYj+|BlE45oVi32~T$KClyFjt48SpKYacx
zoCJP5lCw3{8l_R;IMDHmMWKUAOUkMN<gnPrB1G=%k&=56d^?@ulQ)o~<wAYgT9rCx
z<`9OV?yR}xxo{su0t3qN&cP>baj*n<mDjR~ef^Z+!#V9mfT2=^1R8cT_NJl)bg|+|
z3m`ak{QmKgPhc(P=<B6^5X#@*Ujs-Xd2Rah8-O%$w86Ej4LJ2TVx2c!#)jE1^n)k7
zFF#84T`3Wup`(XzS{9#W!`ODzG2<t-o$wJ2qKeH2F<%+^iR3xA+{uX)PuIX2A8{DP
z9R@ezzQZaN=8%B3C`%*!_sjD|jmM+Uu1Swd?S2on9VxXjxHI8}L;gD|nl0;+DPz@l
zzylBpdua$}SZJg(RAec8id!0o)WV47-mAo@_ho4y84q?=D+x5Fib2ja_=$BM>AgrV
z)^Vqs_vrijOuI3zJKwmBQk%(tQ^&r3ANTI1jAN?*wlPj7Qg0*?Q?Cy|0FT}_l*|n-
z%4~Kk#J7VvT_X+VO;1Ecx9Ot712%QH+F(V)=6IQBQf@xTxF2<LxVMpxg*n!GE*d!1
z?yt;er(rL0U_b7w`%~G96Nt**YY&Hid1(`?d+`rcenl!mY*rCYxB|99762I>rh5|9
zh@a#tZoFsY4Vkq$9N8&uKc}-Pw5WFkIQgDZ#&N*`$E(d95YVrl?@)*!8)@V-DsD=V
zdfa>6tg8FjRgq6O?7N!~`9?kQM=Q0fS%?0t0ZNwQE@SowdaMYYdJeVtVRxqij13lv
zvjwwicjEQ?`-gla@#4ZyAL`6Fc#61dYW4IB$^2!j<+zhG31JmR{N^?N%6wa{N;kGv
zTNofvnsuM$xNS?n-h1M4_Ibr}*0vhm88j!Z(9dcsd|_bM2w<_R;w~wVPmXpJaLl;o
zrFgi$@%t~a{u$kBgDc~;?G_XqaAq|E;{NNw4<w1&<e4dQCilL1JIA76;sgLV5WU9E
zt=8{Y)Y=pk{Q7*&w*$pBE+F>~IoFc+cw=@OPahzljx3Eg`FMR|l^I0<GFMbSIkLcY
z%OMc+ga9FwpI9^o)Q@kIlR5L;;{HJWbjTTbXKd;OR0B)f-WVSaZK_uE0%;y>t;xv!
zo5K{=F9RNzqtz;(Lba%mxOF#`TYJkdaalD_o88o(>$v7Jspinx5gLZs*UTE<yyG+|
zbIokng5Z4gvZ>$R;t_~?dr6%S&OguYy5@9=Gz^0kp~k1bVNX$=ZTw2(GAGKy1%L!Z
zj`oMyMAb)UtyN4%_Ju=Q-mdd}<VUK#WRNJmA0<;Iu(q>5K3sCI039c&@$7Y06nX_$
zS)?w;%}ZzCS_;>{=D@kE@dC|Tn*ZhfD2*3NHd?7OS#){uXroKkb;FNZE{<GwXUxN^
zR)(So)%0YfP(Xm&&<J<vqdbMM$#hb<RXZ}(WsR3vJ@DsMXnNTCU7}owi@+-4Jq1SM
zM>#pi1q5;$MysEp5)sCZAOuh!F%!29@ZT7yy2R3SO*cl{;&Y@ySt`xF3BW(DAb|0v
z51209V=x1HS?VRGdu;*(9;k;4=z)<kyP|eEQeCo;96PKS_h->6_TlCQ>43vs&uI1Y
z>%}#jt)bt0w`+)O0hB=kbi@XhQp5JB6OVDuc$=*Lt?;l+GQ;|<LDOv|W}O?b2+<C&
zdciLi_2_{@bKJF?G4>imPv~8$So&Rv99O1!)>LQ-SY+dMRD~!`6P@*MhS5Z-;9eP#
zIBvvV2g3F#6#!|uEg9IDR;_d41i_f6DH)-o4U@%Iq4Q(aWzzl=8A>Dvo&8ruY=@=V
z_O}*s3b#OkT^{kiIiQG8pYr{!SN(a00-zG3gSEwe&gBb;RER79(Q{P6=tF!UR_xAw
zF4WgzACCN(4e5^ys+{yGv4)$5&4*3Fga+!I%GwpAX{c7$fDL;32ZL7pjL#e=8|tN{
zybhKtEqB(@zxsswXfKp=6!o1@)_jO7B(?Hl(-xtZ%p9MQXO1=C3XFim|A?akAdY^y
z-!xzRJi`cux1N-1U;Da&7;TSM%*rT@v=$lVJCI%6*ed7)`D-Lp*T+G7l*sVM`TN3_
z)Dx=LpThn?CwZ0Kg~AXq(B^#k%+I(W?C4e!rt^*X8(w`(VuSy|XwLfvLb}f|CIbDv
z_b;W^pLXi#*T5OV{VpG*?(w4PX_(%ef(@BtIkk0lkoMclA}<3#0dJxNiT~2SBz}lB
zTReM@0kCGq0LMfx*BD({fq0M-H&VJE5N!Via8nonQB8i~<d<KcW@?(!+qpO=0L)T`
zNI%^qhBKD}9K(w9ED;=oaNE5fbT^vMKz9y*8+#r+H)!ty6F2*5=lJfw)U6zX&}I?+
zvj>1ryALsa*hOorDhLC7Y8JH*BZ2NrBFRGq$tWAtGTL_tAlzm0<yxjo(RqNoEX1!&
zGvft+0o_4454HYBRIbYj2~M*xKlJ~%i0*%6V&g2C01!#;(P~9eZ<xBNt9d|pRO(h#
z${s{<K%~yzP~eeaA6kx3#AnmKufoX?B9lz}01)XE>5{q!r7cI0!UFdD(vo%FDUbNd
z9xRD$%)NV=3|O%G77PF;iTH$P6C00kjiQtLgO$1y@7|m&6dkug)DWV`qW<Ryy6(aB
zrzEDMx!aGO9Ufesv2LP1Ct(5>P^>t9+H4+#M(oEOM$2=}`yTpl_S~KYrG?N->Fq@G
zqL4|DU^=8gsGaqlJeUxF<^TJ`Ioqk0NZaGXJ%~o(i3WUAQ=vb-xJ!B9>Tt<Bb3O29
ziU)0qY~X}?@{O-j$Gg*6Dlwds++5?gQav&+1$IMgd1LM}fEZ60)j<pu3f#OMcpsFE
zPM@A#y?6Yb{J3cogy0lO?{AySxS_+nw3BMaoSNewOvfMcO)A>zcBi6dK_Dy+mC(^n
zmGJm<kx6E3Eb!!L+jZpWH|Ld3wkN|-FI&%&kpkJVj`cgvufm~^b7LFliVITDRE_I^
zhAXKxiuTQFz)tOKZgy(vhs#GtnF$ucAlTLLS5XG>X`oj|E7}WRQgNyal1u##@^=P&
zkL}mj9NXCeNBa_6(SzTPj}CBKQpV`xu9HKpQO`rk$vsU?Pvs*Ps2J*uF*E~s{?;ad
z`t~&s=XG@#0*`+Mj^YEVQNUyUr;2Y^iiAhUTki>n)##^jkMv`2Ji@8Jcyv5IdGvN~
zclu?4Tc`5Fc(2tTA0s-SUSjLmUdCwvYNGS!*O<<N$_Yn+RZi(ht{AXFl2{a;Byy!b
zYWCZkN#F@AnsYNUPQI)Bg25qK+|@;CclCH>b@VH@+pN?NZ{24g`m|_Y2*)Err3Sff
z#LXUq43L;4VwVhId1Z;f)t!K@I*^#WG_+eb0gs4XeBNS%skmeFj7fF^qATM)0QZVx
zR8_iNWL9n6I`0oYjwk0$sxdeX6$5ma?iAxC<-Ig)r8M`(wE?UxhkIFCX)Z&&1&=AK
z_E&-IZNa5mk(F)wIq-0rDchVpf{fA8rDmRU10>lutAQs6vjA-KL<;9=I-DOU@@Y;a
zvf&QO^weMUN*6dCUA>~VBz9pA89n6r96C}4CB$UliGOYD8o1%-S?_>f-s<5OsPn0F
ziDp3QonMA^os=oMgpj~4E%&^Oa2P6lOZ^;U$?CZ}QE$7oFkriY4ieh<yBDB8chHvf
zHJIh3C|ZH6!=vTONtaZ=brq*+1#;>8SBY#GrG5HGr62viyYc%YIqp21P|pTty|e+=
z+}@Z)nlp)Sb+60EXtvu+?Iw@SBXv?hxsp&bV`S2wUAL5#`iSBYKoHIg!w`kG0-&EB
zD0yN@H;@gzFVY8J1QVVcy^|F-i<S%Rm^?X}#ChE@a%6D2{a|l>hG&SifC<!%WwIs;
z7LRAB%RGK**3J}_<anyg<I6R1U41rKU0k8!l;_-M&=8`~9?vHNl?L)RiEn12(DB$8
z*`}tUTfax_(kd1ULljO9yG}r$2L(oQ<KCM_p};lTK&yb?p-f?gU0-eP$P&?Iyt;NO
z_B>wbQK#jQsKnkfC^U0m)FV^~MI&)ogDQ?+=mkDKf(lT1c#*K{r()KPD%`k!&ApF8
zHyo_gdNK2xlz(X$zjo{4m)Yg(0KhBz(DIwvx0bu#3uS*G9kZ}Q*FS1)T=Ov3KSs~E
z4W?_HAYh55YOi~|(ZT3FW>wDd4$JkceKwbV-2|-L1Vh4mW{E`vqSwj!OJKrpNvy~G
zZ}4dmm0Q@0s|g%YW~pxJTHNPNUzqmGeB1ycrWj@Jmeta5$t*OK1>fV{`bURy^|)Z#
zdId_9)hGkUqgTX7t0%{<urc=E4>@MDIg6fCHaDIeG&0qQam?27qVgCFA}vSq@2U^e
z1X4I(F#QaeAgUTHMmlmaece5j!K@%o)gNLUkqs`x`zdD1sb&Qot*5L-QtiwMEptRK
zE^#7^k}YRcc^80kb->Lu=)?q^fRcDvE)Rcq*)_11{oIz;@lUM|P%$k3WM89Y_sgbw
z+qTtXiYbIR@53$2lPz&~6GArj%N5AikIvw(CTo`~u?p>f<w}cX*zB#(4Ji7m?0Jq=
zLMV{yF{K=O_UjL83w2P$U#HG2kBxbVyLamly_S`5n-SanBE*6rG+a<3#ANiyXRmK1
zY<;Di!f8!K^X+*uZH!tdp9b==V|stpP*g^SWKqLD=E${EWPUUeiF&b4sE72#Iu5k?
zB&`$aXY*J504SbAAkivUTFAT0-6?gDe7Q=cY5s13-x?O@qQ-+TCk`tWLu}M5reRA?
z78{S-R~Q@%V!wmh2=G+P+YJOaatAXItT!lLsLHBU%r0ClxUI^i9mL^`?7hWRNM}bG
zVNyvi=DbT9jLAVx)g;&X#?-wCTx+FGcXD#~4Y_e<S;ldUcle#qG1JK!)71o>L7BFp
z4G7pIXHT4Omy>=l71mi9?RGR!6ktOe!t7wCzo?;syB4^Y5a=*TK}D|O;NELctC&8)
z@7l08TQ`Gt>@hB}4rhEO>ex@5Nikf+?E?0Z+KSp?eT#PuvE!5}KY^$g8SREO5IEL<
zAac1?CC;l^s#Hp63FV*Bic$ixY{}p~QBFg1`WNNmf-Aco#qcNNMM}HS3oes|lPN9O
z+=#0O1r2Oo<2(Xs=UB(Xp-l2_ecIyDk2AGrxE~Z$!=uOiGUvWD6c=bB4IOtlubiN^
z?{uGy@<}AM!gULIn{su=;PrlBSXSp@atB-}Pq^dnOqw%de$|)PVvFo)HSej4@dB%p
zY7`A$ei9|h$|?F&sGpvI7v(F;N)v&Kf}(Q#y_vM5ku>v!&}44yJ|*p~(%kQ_2!trJ
zKy^|kfS;+P?P*!#X*SJf?)$n?72Wj0Vl&_XH<_Gva`-D=r)Fzph>?y6Bk+#D<;73E
zLzDY6&s4((nfrpezxTeG?h4ozF-4JSJN(ddFPD*w^Fvuu#n1%H9`(sq1d{aP3GY2b
z)Y#|IT$@>)3yOCSE_ZW`QosqCVx3DK2dKgg{e9l`HRqV+AQ}x>eQFr`b1ooe{CGn0
zX$cG0S<q%K=1Ii;#b8;_!{)J{U+d|I&_v9j7rt9hMHx>WQO2X-7#V*@%}ZT^zEoc^
zg)Mw=M%JE0J!!fqxy?IiAHEu*G_8-mn!X(^>>qpokg-!MGHMryNeamB6ttRywAmgD
zS^=}pb#$kkcU9ZLQciITWZcp;*4VT?ca?|pd17=hlXC=(-M83EaubB=wVxCyB?pGm
ziWLM>dN|s>V$BMQ802~`q-5QC#|iT(jZDvhOBgI@W0DchllYu|pX>)1bG7G$^@$E+
z91U>PBG}`}UW`K|mNnb#B#1MG4;w9R*#I7Y%(}Or%UX9dyYfQM37|5yyE49gN1)g5
zZ89S2>m5pZnl7+jh@8~wyQ>>gbv9vw^COK-{Us-gCy~Q~RC+Uc3l=kY^L!evKQX=^
zpO9vG{QBml-A<<T`r*E=!#N+d0bC(gl6qNV%U2`ztEs<_G7rgDS6>|zdf~bGUX=+&
zRa->RC+%CoydSc{H3aNU-hb59Z0<Egcn$yLpHv?syRLzDJPaEz5-R$VcW4<Qc;iL$
zlE%c8R=L2MwvqM1GYhYcxQusRPmrFxCfUR;8O+4)UpOp)9MGHMce74MCe^gc<nmX;
zS8@WvqE3T17HHE71NXB7OJ&|apkR15U=%}vSWtC4%Q|54e(l}lBD|#KJsFLIxUf(l
zqL$UfgZijHvqCkP`F#6Br<g$r#=$s7UPH@KARRv6+8V8J!c}NGh|-0AJ(t#3FkQ;x
zjMM;E?6U@A;PHcdcRTLuJt04O4&O?rEl#&5o{Qn!|6Wex0IjcO8S@YC3y2$Ka2aY-
z`lib!-Q^Vtk2tbY=2`{b@L|ymO4|Aj8Iq9^>AgzYYPFVW{n3g2WU3iPBx-L}ESj2$
zFs#@2RC{y|K4Ncyowc)!GsKWG1?*bw-PF9)pTYfJF>#h{?`2CWnVO2x{O?#9*PMcf
zY1rK;w5k2n2_-PdU7+B;4azk$iDagE47+lich<51Bcd0ZaLjb?@>QMt3jS12D}N#`
zBiU@rT4{nV$dJGDb7LIUCc_XVE0(g}_$rY@NvPVW;@!9s?Z5B$tW7nJ^_{?DB11@k
zssZoT(+(dt$ZqIMNesmZ_;b^WeUT$A3ocJQB$WkHlI~2}@%~UFwi@O0m@F*UPtNq{
z*3<VS!O61Qv9S{Pw2K@O?}dMLy;V|%gaY9(8^^-+rt&j63KuC|PURY}w3c@n(N?+K
z`=*7sdy%=kAAWFWV#D4}2`mRFS)a^U9=FcAsE(;T<jVfWu52Jeoipm*VTgJ$N{b!H
z?fT^4Yaoxn0j6QQd{TuBd-&0rTkrFR+j;!A>w{6zWM}4;SmOjq4<q(2eCGL23*b8n
zaBG#lKuX2PYInHDZRVRpzxNl5aHq=3(?rf+JHnRLi|17N-~K_71CAaQ3yN~X_uLL%
zis$D9pB_&JZPu&$YZkgrHf%>-^IYhUw2#WL!#4EfGR>qo!ep1eU)|8(+!xcNIh7Go
zq{6U(Q#eH^JQqQQ-E;!60@Q!80{^e+JcVY&X0=|ObJ^Cds2N?RI6(2t=1tAnS(?s6
z1Wv=Ym=|>ld_4$P?U9`%>0Jnch3fgNHy2zi5f=fYPp)3+GOiA!nvSKBG7V5%6wCv}
zD|mFUBM!V1qQLPhs*!vnQZ>dMy8&2qTi|b*UHi<`m0MrywJh8vweidtvcmZ9mnQ+L
zJxMmOA=k9hWl${FvTfZ@jGA-wZB)TXzkdEs4Fz#)+iNd7ty7Y$Z1r3!HzmP`Am5eh
zUmcK9fL+^DBT?`J|B_kKrB@XH5PClUo6uvc8Nw$*a#+0x=?xiX$1zdNU6AavKTW$=
z+yeO12=iDShCf*Rn|=`nvv4@U6evPx0h7Ny|0ngQlfj-jY^7$Af8!(5areXd-d34>
z?(bY_e%2F@f4!yr;Pv0re&+s{wI9+lmg?4#c%3p^4X2&g9BS$tvz?u40`>Q?F5~;p
z#q<l!_G&QO!1wTkoXN#F^6dg3m<Mxo*f=7{We>amUfDJfje%m;7F4WRfHmRNK@Wmz
zfujfv>gNW8{n~tYdT50csKl^Zo2w7=o0m94lJ|zc&T0ZG_RW5EWz`>Y<%5IE1zK|O
z=-!s6Jk90KE|kRSmWNZc21E`~APhB%0bxN5ID^o}Smz|_*OlX5Z>|d74VwR3X__SJ
z6tB~w^RL>^CEP!>AHy`2AV<l1;8?-F0L#iW+H1DsDyT7;U^D<gIRICLExUbOfE##C
zZF&rFt`Nuz@K?vC^BpsX@Ji}d<bn*zu{D<prluG5A>x|P7vaa#&&3;9v^g&8#c{le
zvq)#EH>zK6gL!em9q_p{Q@BT_63ngYE?3083fLa8LpDkuZT4Z8eN;#m1-8@@$BFw(
zpJx|mn-dd>$Ll&W{4od&(&1t=ip<7|vj}4HIErpLX7gZpTyZp<LDVs}+Gh&`7>5_s
zk^7avJ@NXu!M=x;zCh;T+^Zv8$Qcr6cHbY(;kF%#LRoU5XF1M2n*h@i+o-j4_79CG
zJV`N!)fZ)r88fMHOai575)ea28X2V?3HCn$7PPp_u%39etCY`z;rhOM6+As&k&c<M
z*Z-#P)Jx4zMoQ!W50Zv){BT|aP+F3Jf1}S2&|d~md6V;D`ecs60y7u#m=Hx?R8Y<P
z={ddK1R$BT4NCbsR^VuZ9PQwq*S86LMtUp2zLttt)uH(E4Co^wnqy~zQ;6?0*?%wy
zL**?Iy*>l__YaY084`K&6^m8+?P0gpdJU?`v_YZq#d);+D@qXQ3EKz2#n9Jjc(sC>
zQBf(bu&3Bc;b3)ZaR`Sz`Q8-YlBH<K3?S5<j;jMSzWg?0?(KXW%cM?vQ#679P<PN;
zt#Z$(l<cj^oHO798&-9(y6N25eT^kg>HWEP%GmId*T@f6{O5ZSdxc=?UY4{_0z2u9
zio*!-;@f_Xs%3da6?{J(Q=pD~Nk(_$=~y4bQ%)3>l0c>Nh&8)r>^<J-_^O!#0rorG
zyxGD_y@Q*;8>5Du3q7C=ESh}IC^>k+<a}QXw?hr_0wC6x4Cz$MSj>q;&94IGrFk@#
zK~5iG9Ia9TTe=)*ZQSOo-vWs%l@X<v<>HtYzo%gr3D+>h&Q}EdJ>?!ZkIoK>P-gS0
zRTo?3_l|VZ1d@evhu$_L4!ek%p&>Q`B=$?bfD{s7ws=jh!h-Pdh*J#4Adxc}syFKa
zRcMfNmOx)3rwz6|URznc+Hl~knTegPc+02b`}4~sU!ysoDOH*t0fkW%(&5@BonSs~
zu{>V%7JHdKn$aqZ<+psdmpu30$+gK*AW6&QELn&Pe=_u|w`)6wu8VUBlQZ0W)$29W
zaW(-v#32Z(Cnpc>IGSkQb6XWd7HY=vqxpw=nYwq3c-IdGO<j%g3q!5Iq9k*=B2a&w
zo7O<U0nlOCd3?%(ee)}Mf7f?hrgO@(K_7b;ey&mw|6#p2J`+qq5Sf;wI=25yL~o>8
z9SC`XaYp^|r8fgWK|JK|rE*CgIq5oF{Ndrs*hnhewI?I|$aVo}rOx~|kYh&fE##O{
z(6wqD3g!ham#T$<yaWg@Q`@%9^l#U-#1R>GrAjZe<lk+V?RfIj;Fs<bvPWMh3@!Z!
z>V7wqYzM~RV(YdTfzI>OFvG0bz*<-+1cTf~Fa&J8nH;t+BeR&li-6oUA4+gQov%T9
zOQ*d^=oO6(#r&c2ywHcD#nLCOEbm$h;-tY&|5Nb_ad?3sleqtTcQE#t`h)JzmtE?u
zACc@=s4vBGBM@Q<bzl5qf1qp|8a#a#`gwe{RRu1pCVgLj2^ml<VI^M-Po<0nC)az1
zA0R2?jO*pIiPN87;<^yXiMkO)u5K&DB`b4o@pY>g`Nc*%nA=nf{HxN#&)RSu`F*4V
zI6!PZMb?h}@nYisO1VOiKcp3pL<2ZWq}YL7#wz=Aw92V?qDZEwSH=dKZS3&9feRXn
z0UP?ZDOK&Hr^1Y9pJ6N=Aq3?w7IzZ?tw;gLLD#%gFD3ni(1g-Y_zh7>sM(9gO&q8z
z!GAseufhMHSbDVd!O&T<BjAT98BW&pZNCHD_|Nbj*Qx)3+|<pRKR$pARINz~?bv^p
zarpCijYj_6b)D-~b+^=Mh<~F)q$?4aL~L3mhJL9c*~Mci9svor6BJDvfL`hVjy_l5
zhxTG*1YWPq|4bRAj%@<YUfcbhRoC#F1QlrWALcWF<`o0p6%ioWR$x`oAkEC(N^kR<
zF|VYKlRMp72!6$TWh~Iv(v#geW(sbx|1sZ}-MPCq-APC;b=S5l6-g)V;tYvK@qDJX
z7XDlM2a~|~cmoiu!jfJ~#UZPI@(YOrt5xY47;EOiLr~0pWsvmhh&QbF@%%5H+rW{O
zRPFIA8OTI9;=#W=l6VaZ{mi{>OuYbohcs4;zb*t6WO0G|&DSF}o=&4aui0{}#9%he
zj1i!CO$6G_8!ef=76=TxpJ&anvcZ(hr+)O_(E2{t^KQ14*0Q`I{UrW`<H7*sJ5u#t
zop^iF#&d}vlftdUf>ry0Bv8JAVjc9BKKOp{Xo0CXZ0;K15nu)!a7#cIdTcG|ivW{T
z830dunX1$<cm;Bz+(8d^cV~6d)%IJ8!?zTPd;6R7_uB18N;9vDIVVz=Q|6!yNUsPs
zZO-+4EO#3E){!jQ&JC2j8t+w$GM_C+`mZ(aGbrj3kT66blG0)LYYdkMuc_&w9FhKZ
zoPicA)l5F*7Rmyq)!FojYr-D09Xus_{keMS4D3}~W)K1D;kXD&1FJKbwu{qlz-it6
zYbrS;`pvJ|lU%{{ePFhttDl=|4JIL&0oFWVB<EYTc;E1aqB}^^dnF~;uqd_jXo@$G
zfHH-e7a{nSz!O+^Y$xg-&%Tgc5fo@VEQO8=Bmo=S-r+`<o=c3{Q{-4x&-OdT9GVA8
zFxu-zcOlvI&(0q?m^Ftx&>WRL=DJx#9Q(O_i&}m)hm#;<u>fH5kc;pzi6oSQvdzT0
zw#Ct5i(MEJ;gAOj{N|2q^`*ucrecAszLT)|s{3T9SDZ3j_$U2(S|jf4Va+$WQH<MW
zz{BK5T|dLiL@>n{T;sJo8Y_XBxp$`GG7O){v1D6nnV%T^Ay;f^=#U84kP^(aPa|5W
zdNA$WFZfhm3_!r^mJN06yqLOgr?%!I%f<<1^H4tjNZ@EQjDI?GxAumhGH%6WSAQ0=
z13l`G-vw((19$_Aa8n7=)v^A7Ff_CC1+RVqalW_ZqehbZD{U=5{^|}vGGIUM0w;Pz
zTsB#=6ZnW6t#)aB3yAxzcko6n3xRE*${h)R#;f)MZOf`n9S$}}K6T8WtjS5#Fax6!
z6JSNsMuBobknQ%1>nc>lF6y*$8iroOEV;!#!q3sF>Q5frd4X1);}zz$-8a2*PRS&O
z4g0~vd99Z55y}}xuD_Qf$G-r8yq#t5@RWCZYVXJMz~4GD^?90^LLN{_gkCO0?w4}f
zrc)q4u?z4MlM&1d#*j(81-q$6N(cD^W<viH&0ACsc8W4dqq|((H8gUS&lGFKf-a5K
zL<5s^9WQX+y!Ox*;WOQW2^h$)0yj$LV2lG9X5IGVO?wiH$2Fi_;QMN>(IH1V4Nk0x
zhsglBw)3-^FRywc@3>M#=1q2eI=SPO*T88_8N5*XnOm|K8lyXeJm|G*;(kap-WH4@
z$|aKo<$XIa*L^~1&p0^JTM*=fdC#)zO5Mgo6wegh$-u6HQv`Q!d9OH=ThAZFKtzCu
zZAbB55die!TCzvw^FTB2jM1ob=P`{aL|_{f(S(-!lMlCIy-=1|f55k6#j>X<Qu+-M
z#@41&Mj;0BBF{oclUJ$<YE-Z14StZ`N|zDMR1?q)79?$mX!D~6lC}Cf=pc-!@c7Gg
zXm<s{R>ia}=ZV-aZtd|zsw*kRwA#*dgiZb^T`C=JE$d-xir9ZQWY>DX1nRDd`ZYz<
zGFB+;+Te*xvbi1ZJ~)WX0Z|UurLzTLDDp+H(`Rp)$D7+ub2DRsN5vXf5pAD%dZa94
zQK*yx8Z7zp&|55c!MosG7b=kHU`!s8ZMUjFmlU9(<`A)`ZJ>D=@|qxrlryZLkWUv`
z`1y-G6!0$ekSzdr%#;?e`5yZ(d5}QPn}J`~K4U|mQ(+fInRz4dh^!$OFxH$t@<}yh
z5@xTt#zq49abb#*Il$%eR2DEdyE`Rad=DW%cA75(?gDfo4Q3yj!vLE3K=ZH{lAUfA
zf@0BgKF_Wb0e?p!#WGqGxNnX@&!#3n%T%5^7W`KpIK#N1W;AJrJ81sj*Kq+#0#VBP
z(C8A5Vo*sAW1l|(=IAwM3gWOw<xdP0<KQwwYDA8Rdc4~9=Wv;GX4O|Ulz_!Y2NY{G
z`rf{{VQ?PMf&}5}i}&$Qr>0Xt^DPCn4}UspT}=T;&&ofy`|DT#-I3^|kTC`S9)KPC
zzX1O@w*H@9u^SjDZS8Y1>vRNukEf!fsaPm~Hw1$5Q{dct6kE&ApGM!9BM9Ef>%t4{
m>wljB?iY9j6*uMm$p3lv{gpn!36u1jZ$5PViyVKx>wg0enbj-+

diff --git a/webgoat-lessons/webwolf-introduction/src/main/java/org/owasp/webgoat/plugin/WebWolfIntroduction.java b/webgoat-lessons/webwolf-introduction/src/main/java/org/owasp/webgoat/plugin/WebWolfIntroduction.java
index d533a15e2..9aa0af291 100644
--- a/webgoat-lessons/webwolf-introduction/src/main/java/org/owasp/webgoat/plugin/WebWolfIntroduction.java
+++ b/webgoat-lessons/webwolf-introduction/src/main/java/org/owasp/webgoat/plugin/WebWolfIntroduction.java
@@ -48,7 +48,7 @@ public class WebWolfIntroduction extends NewLesson {
 
     @Override
     public Integer getDefaultRanking() {
-        return 1;
+        return 10;
     }
 
     @Override