# ── Rust ────────────────────────────────────────────────────────────────────
/target
**/*.rs.bk
Cargo.lock.bak

# ── Node / docs site ────────────────────────────────────────────────────────
node_modules
dist
.vite
.parcel-cache
*.log

# ── qv-server zero-dep enforcement ──────────────────────────────────────────
# qv-server has no runtime deps. CI rejects any commit that ships these.
# (qv-sdk DOES have deps; this rule is scoped to qv-server only.)
qv-server/package-lock.json
qv-server/node_modules/

# ── Server runtime state (never commit keys!) ───────────────────────────────
qv-server/qv-data
qv-server/qv-data-test
qv-server/qv-data-test2
qv-server/qv-data-**/
/tmp/qv-data

# ── Editor / OS ─────────────────────────────────────────────────────────────
.vscode
.idea
.DS_Store
Thumbs.db
*.swp
*~

# ── One-off artefacts left behind during dev ────────────────────────────────
/test_stderr.txt
/test_stdout.txt
/test2_stderr.txt
/test2_stdout.txt
/build_stderr.txt
/build_stdout.txt
/generate_ai_immune.py
/generate_product_plan.py
/generate_v2_whitepaper.py

# ── Python / misc ───────────────────────────────────────────────────────────
__pycache__
*.pyc
.venv
venv

# ── Secrets ─────────────────────────────────────────────────────────────────
*.pem
*.key
.env
.env.*
!.env.example

# Vendored upstream crates include test-fixture .pem/.key files (e.g.
# pkcs8/tests/examples/*.pem). They're public PQClean/RustCrypto test
# vectors, not our secrets, and cargo's checksum manifest requires them.
!vendor/**/*.pem
!vendor/**/*.key
!vendor/**/*.der
!vendor/**/*.pyc
!vendor/**/__pycache__/
!vendor/**/__pycache__/**
.claude/
