node_modules/
dist/
.env
.env.*
*.env
!.env.example
.claude/
.antigravitycli/
*.log
coverage/
.turbo/
*.tsbuildinfo
__pycache__/
*.pyc
.pytest_cache/
.venv/
*.egg-info/
.DS_Store
# Local npm pack tarballs (W0/W4 use these for pre-publish artifact verification)
packages/cli/*.tgz
# CLI single-executable-app (SEA) build output — generated by the binary
# packaging step; the release artifacts are built fresh in CI, never committed.
packages/cli/sea-prep/
benchmarks/cost-experiment/results.json
benchmarks/cost-experiment/*results*.json

# Stray tsc output in sdk src/ — real output lives in packages/sdk/dist/
packages/sdk/src/**/*.js
packages/sdk/src/**/*.js.map
packages/sdk/src/**/*.d.ts
packages/sdk/src/**/*.d.ts.map

# Guardrail-proxy eval/opt run outputs (corpora are tracked, results are not)
services/guardrail-proxy/eval_results*.json
services/guardrail-proxy/opt_round*.json
services/guardrail-proxy/oos_*_eval.json
scripts/.smoke-byoes-fixture.env
scripts/.smoke-byoes-extras.env

# Local-only archive of stray/orphaned files we want off the working tree
# but preserved on disk for forensics. Never committed.
archive/

# Operational briefings — local operator notes, never committed.
docs/briefings/
plans/fault-briefings/

# Allow eval-baseline logs as audit-trail evidence
!services/guardrail-proxy/eval_baselines/*.log

# Allow stress-test scenario evidence (stdout.log + proxy-log-excerpt.log)
# under audits/ — these are signed-verdict-anchored evidence per
# plans/granite-guardian-failover-saturation-stress-test.md §11.
!audits/**/*.log
