__pycache__/
*.py[cod]
*.egg-info/
.coverage
.pytest_cache/
.ruff_cache/
.mypy_cache/
.venv/
venv/
dist/
build/
.DS_Store
.env

# uv lock file — not committed because sumo-qa is a library published to
# PyPI: consumers install via `pip install sumo-qa` and resolve against
# `pyproject.toml` constraints, never reading this lock. The lock is only
# useful for local dev-environment reproducibility, and committing it
# created drift every time `uv run` ran against a newer release tag than
# the lock recorded. Each contributor regenerates locally via `uv sync`.
uv.lock

# IDE config (per-developer, not shipped)
.idea/

# mutmut working directory: mutated source copies + stats cache + results SQLite.
# Per-machine; regenerated on each `mutmut run`. Do not commit.
mutants/

# Repo-map artifact written by sumo_qa.repo_map_scanner.scan_repo. Local cache
# regenerated from the working tree on demand; deterministic on the same repo
# state EXCEPT for project.generated_at, which churns every run. Teams that
# want shared lookup tables can negate this line, but for sumo-qa's own repo
# the artifact is generator output, not source. See docs/REPO-MAP.md.
.sumo-qa/repo-map.json
.sumo-qa/qa-report.html
# Risk-ledger / context-bundle conventional paths the report loads from
# (docs/QA-REPORT.md): per-run evidence artifacts, never committed.
.sumo-qa/risk-ledger.json
.sumo-qa/context-bundle.json
# Coverage/mutation producer artifacts (#147 follow-up) + the report's
# run-over-run summary: per-run generator output, never committed.
.sumo-qa/coverage.json
.sumo-qa/mutation.json
.sumo-qa/qa-report-summary.json

# Per-machine MCP config written by sumo-qa-install
.vscode/mcp.json

# `.cursor-plugin/` is host-machine output only — Cursor is out of scope
# for issue #81 and not yet a generator target. When it lands, this
# entry is removed in lockstep with adding the cursor template under
# plugin_packaging/templates/.
#
# `.claude-plugin/` and `.codex-plugin/` are GENERATED and COMMITTED —
# see plugin_packaging.plugin_generator. They live in the tree so
# `claude plugin install <this-repo>` and `/plugins install <this-repo>`
# work directly against a clone. Drift between pyproject.toml and these
# folders is caught by the plugin-packaging CI workflow.
.cursor-plugin/

# Claude Code config — per-user state stays local; project-shared hooks,
# agents, and skills are re-included below for contributors who clone.
# Personal additions (e.g. user-installed skills) should stay under the
# blanket exclude unless explicitly negated here.
.claude/*
!.claude/README.md
!.claude/settings.json
!.claude/hooks/
!.claude/agents/
!.claude/skills/
.claude/skills/*
!.claude/skills/scaffold-sumo-qa-skill/
!.claude/skills/regen-eval-baseline/

# Internal planning, design specs, and iteration runs — kept locally for
# context but not shipped in the public repo.
docs/superpowers/
docs/qa/
docs/qa-strategy.md
docs/COVERAGE.md

# Team-local test data fixtures. The repo ships domain-neutral samples
# (auth/, billing/) — keep your team's actual catalogue entries local
# rather than committing them. Add a line per domain folder you maintain
# privately.
knowledge/test_data/fulfilment/
knowledge/test_data/stock/

# Eval result writeups / progress reports — local-only narrative, not
# tool functionality. Belongs alongside docs/qa/ (also ignored).
tests/evals/results/

# Promptfoo runtime artifacts: local SQLite cache, output JSON, share data,
# and post-processor outputs (regenerated on every `promptfoo eval` /
# `extract_tests.py` run). Tracked: the source YAML configs under
# tests/evals/promptfoo/ (skill-*.yaml + skill-*.gen.yaml). Local-only
# anything generated FROM them.
.promptfoo/
tests/evals/promptfoo/output*.json
tests/evals/promptfoo/*.cache.json
tests/evals/promptfoo/*.generated-tests.yaml

# Node dependencies for the promptfoo eval harness. package.json +
# package-lock.json are tracked (pins the version); installed modules are not.
node_modules/
/skills-lock.json
