# Python
__pycache__/
*.py[cod]
*$py.class
*.egg-info/
build/
dist/
.eggs/

# Virtual envs
.venv/
venv/
env/

# Tooling
.pytest_cache/
.ruff_cache/
.mypy_cache/
.coverage
coverage.xml
htmlcov/

# Editors
.idea/
.vscode/
.claude/

# Local data
*.duckdb
*.duckdb.wal
config.json
*.access_url

# Security scanner outputs — narrative summaries get committed to
# docs/SECURITY_AUDIT_*.md; raw output stays local per the audit-artifact
# policy (avoids publishing an attack roadmap for users on stale installs).
*.sarif
bandit-output.json
bandit-output.*.json
pip-audit-output.json
pip-audit-output.*.json
gitleaks-report.json
gitleaks-report.*.json
.bandit_cache/
