# Python
__pycache__/
*.py[cod]
*.egg-info/
.eggs/
build/
dist/
*.egg
.pytest_cache/
.mypy_cache/
.ruff_cache/
.coverage
.coverage.*
htmlcov/
.tox/
.venv/
venv/
env/

# OS
.DS_Store
Thumbs.db

# Editor
.idea/
.vscode/
*.swp
*.swo
*~

# Claude Code per-machine permissions (project-shared settings.json
# would be checked in; this one is local).
.claude/settings.local.json
# Defence in depth: never commit any other Claude-Code local state.
.claude/local/
.claude/cache/

# Codex / Copilot / Cursor local state (defence in depth)
.cursor/
.codex/
.aider*

# Local cache produced by `pwned-deps update` during dev runs
.cache/

# Captured base-image digest (regenerated by `make pin-base`)
base-image.lock

# pwned-deps local cache
.pwned-deps-cache/

# SARIF outputs from local demo / smoke runs (CI uploads its own)
pwned-deps.sarif
