# Python
__pycache__/
*.py[cod]
*$py.class
*.egg-info/
.eggs/
build/
dist/
.pytest_cache/
.coverage
.coverage.*
htmlcov/
.mypy_cache/
.ruff_cache/

# venv
.venv/
venv/
env/

# Editors
.vscode/
.idea/

# OS
.DS_Store
Thumbs.db

# Real logs / secrets — this tool reads Claude Code transcripts which may
# contain confidential business data. Never commit real logs, only the
# synthetic fixtures under tests/fixtures/synthetic_logs/ and
# tests/fixtures/project_layout/ (both are 100% synthetic, hand-authored
# JSONL/meta.json used by the test suite -- never copies of real logs).
*.jsonl
!tests/fixtures/synthetic_logs/**/*.jsonl
!tests/fixtures/project_layout/**/*.jsonl
*.meta.json
!tests/fixtures/synthetic_logs/**/*.meta.json
!tests/fixtures/project_layout/**/*.meta.json
.agent-log-verifier/
config.toml
.env
.env.*

# scripts/gen_demo_logs.py output: regenerated on demand (README
# quickstart step), never committed. Keeping this out of git means the
# *.jsonl allowlist rules above never need a demo/-specific exception.
/demo/

# `alv dashboard` output: a self-contained HTML report generated from
# transcript scan results. Finding.message content (including
# confidential-looking paths) is deliberately rendered as-is for local
# viewing (see report/html_output.py's docstring) rather than redacted,
# so the generated file itself must never be committed -- only the
# renderer code that produces it. Matches the CLI's default output
# filename anywhere in the tree (an explicit --output path outside the
# repo is the operator's own responsibility).
alv-dashboard.html
