Metadata-Version: 2.4
Name: occam-gitignore
Version: 0.1.0
Summary: Deterministic, content-addressed .gitignore generator. Same input always yields the same output, byte-for-byte.
Project-URL: Homepage, https://github.com/fabriziosalmi/gitignore
Project-URL: Repository, https://github.com/fabriziosalmi/gitignore
Project-URL: Issues, https://github.com/fabriziosalmi/gitignore/issues
Author: Fabrizio Salmi
License: MIT
Keywords: deterministic,gitignore,reproducible,sbom,slsa
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Topic :: Software Development :: Version Control :: Git
Requires-Python: >=3.11
Requires-Dist: occam-gitignore-core<0.2,>=0.1.0
Requires-Dist: typer>=0.12
Description-Content-Type: text/markdown

# occam-gitignore

Deterministic, content-addressed `.gitignore` generator. Given the same project
tree, always produces the same output — byte-for-byte — with a `provenance_hash`
header so any third party can verify the result was generated by an honest
implementation of the algorithm.

```bash
pipx install occam-gitignore
occam-gitignore generate /path/to/repo > .gitignore
```

## Why deterministic?

A `.gitignore` is part of your repo's reproducible build surface. If two
checkouts of the same commit produce different ignore files, your CI is lying.
`occam-gitignore` fingerprints the project tree, runs a pure function over a
content-addressed templates table + a versioned mined-rules table, and emits an
ignore file annotated with hashes of every input. No I/O ordering, no clock,
no hostname.

## Guarantees

- **Determinism:** identical inputs ⇒ identical bytes (UTF-8, LF, single
  trailing newline). Property-tested with Hypothesis (P1–P7) and validated by
  a 32-case conformance suite that any external implementation can run.
- **Content addressing:** templates and rules table carry `sha256:<12-hex>`
  versions; mismatched declarations are rejected at load time.
- **Provenance:** every emitted `.gitignore` includes a header with the full
  `provenance_hash` (Merkle of core + templates + rules_table + content) so
  drift is one `grep` away.
- **Supply chain:** every release ships with an SPDX SBOM and a SLSA Level 3
  build provenance attestation.

## Links

- Source: https://github.com/fabriziosalmi/gitignore
- Conformance spec: see `conformance/SPEC.md`
- Algorithm reference: pure Python in `occam-gitignore-core`

MIT licensed.
