# ============================================================================
# SECURITY: Sensitive Data & Credentials
# ============================================================================
# CRITICAL: Never commit real patient data or credentials

# Credentials & API Keys
*.key
*.pem
*.p12
*.pfx
*.cer
*.crt
*_rsa
*_rsa.pub
*_dsa
*_dsa.pub
*_ecdsa
*_ecdsa.pub
*_ed25519
*_ed25519.pub
*.gpg
*.asc
id_rsa*
id_dsa*
id_ecdsa*
id_ed25519*

# Environment & Configuration
.env
.env.local
!.env.example
!.env.template
!.env.development
!.env.testing
!.env.production
.envrc
secrets.yml
secrets.yaml
config.local.*
config/local_paths.py
!config/local_paths.example.py
credentials.json
credentials.yml
credentials.yaml
auth.json
auth.yml
auth.yaml
*.secret
*.secrets

# Database Files
*.db
*.sqlite
*.sqlite3
*.db-journal
*.db-shm
*.db-wal

# API Keys & Tokens
*apikey*
*api_key*
*api-key*
*token*
*secret*
.token
.apikey

# DICOM Files (may contain PHI/PII)
*.dcm
*.dicom
*.DCM
*.DICOM
/samples/*.dcm
/test_data/*.dcm
/fixtures/*.dcm
/patient_data/
/real_data/

# CRITICAL: Local test data (NEVER commit)
# Use pattern matching for local data directories
fuzzed_*/
test_fuzzed_*/
reports/test_results.txt

# Medical/Healthcare Specific
*patient*
*phi*
*pii*
*hipaa*

# Backup Files
*.bak
*.backup
*.old
*.orig
*.tmp
*~
.*.swp
.*.swo
*.lock~

# OS-Specific
.DS_Store
.DS_Store?
._*
.Spotlight-V100
.Trashes
ehthumbs.db
Thumbs.db
desktop.ini

# ============================================================================
# Python
# ============================================================================

# Byte-compiled / optimized / DLL files
__pycache__/
*.py[codz]
*$py.class

# C extensions
*.so

# Distribution / packaging
.Python
build/
develop-eggs/
dist/
downloads/
eggs/
.eggs/
lib/
lib64/
parts/
sdist/
var/
wheels/
share/python-wheels/
*.egg-info/
.installed.cfg
*.egg
MANIFEST

# PyInstaller
#  Usually these files are written by a python script from a template
#  before PyInstaller builds the exe, so as to inject date/other infos into it.
*.manifest
*.spec

# Installer logs
pip-log.txt
pip-delete-this-directory.txt

# Unit test / coverage reports
htmlcov/
.tox/
.nox/
.coverage
.coverage.*
.cache
nosetests.xml
coverage.xml
coverage_report.txt
test_results.txt
*.cover
*.py.cover
.hypothesis/
.pytest_cache/
cover/

# Translations
*.mo
*.pot

# Django stuff:
*.log
local_settings.py
db.sqlite3
db.sqlite3-journal

# Flask stuff:
instance/
.webassets-cache

# Scrapy stuff:
.scrapy

# Sphinx documentation
docs/_build/
docs/build/

# PyBuilder
.pybuilder/
target/

# Jupyter Notebook
.ipynb_checkpoints

# IPython
profile_default/
ipython_config.py

# pyenv
#   For a library or package, you might want to ignore these files since the code is
#   intended to run in multiple environments; otherwise, check them in:
# .python-version

# pipenv
#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
#   However, in case of collaboration, if having platform-specific dependencies or dependencies
#   having no cross-platform support, pipenv may install dependencies that don't work, or not
#   install all needed dependencies.
#Pipfile.lock

# UV
#   Similar to Pipfile.lock, it is generally recommended to include uv.lock in version control.
#   This is especially recommended for binary packages to ensure reproducibility, and is more
#   commonly ignored for libraries.
#uv.lock

# poetry
#   Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
#   This is especially recommended for binary packages to ensure reproducibility, and is more
#   commonly ignored for libraries.
#   https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
#poetry.lock
#poetry.toml

# pdm
#   Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
#   pdm recommends including project-wide configuration in pdm.toml, but excluding .pdm-python.
#   https://pdm-project.org/en/latest/usage/project/#working-with-version-control
#pdm.lock
#pdm.toml
.pdm-python
.pdm-build/

# pixi
#   Similar to Pipfile.lock, it is generally recommended to include pixi.lock in version control.
#pixi.lock
#   Pixi creates a virtual environment in the .pixi directory, just like venv module creates one
#   in the .venv directory. It is recommended not to include this directory in version control.
.pixi

# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
__pypackages__/

# Celery stuff
celerybeat-schedule
celerybeat.pid

# SageMath parsed files
*.sage.py

# Environments
.env
.envrc
.venv
env/
venv/
ENV/
env.bak/
venv.bak/

# Spyder project settings
.spyderproject
.spyproject

# Rope project settings
.ropeproject

# mkdocs documentation
/site

# Type checkers
.mypy_cache/
.dmypy.json
dmypy.json
.pyre/
.pytype/

# Linters and formatters
.ruff_cache/

# Benchmarks
.benchmarks/

# Temporary and log files
*.log
!docs/**/*.log

# pytype static type analyzer
.pytype/

# Cython debug symbols
cython_debug/

# PyCharm
#  JetBrains specific template is maintained in a separate JetBrains.gitignore that can
#  be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
#  and can be added to the global gitignore or merged into this file.  For a more nuclear
#  option (not recommended) you can uncomment the following to ignore the entire idea folder.
#.idea/

# Abstra
# Abstra is an AI-powered process automation framework.
# Ignore directories containing user credentials, local state, and settings.
# Learn more at https://abstra.io/docs
.abstra/

# Visual Studio Code
#  Visual Studio Code specific template is maintained in a separate VisualStudioCode.gitignore
#  that can be found at https://github.com/github/gitignore/blob/main/Global/VisualStudioCode.gitignore
#  and can be added to the global gitignore or merged into this file. However, if you prefer,
#  you could uncomment the following to ignore the entire vscode folder
# .vscode/

# Ruff stuff:
.ruff_cache/

# PyPI configuration file
.pypirc

# Cursor
#  Cursor is an AI-powered code editor. `.cursorignore` specifies files/directories to
#  exclude from AI features like autocomplete and code analysis. Recommended for sensitive data
#  refer to https://docs.cursor.com/context/ignore-files
.cursorignore
.cursorindexingignore

# Marimo
marimo/_static/
marimo/_lsp/
__marimo__/

# Claude Code configuration
.claude/

# ============================================================================
# Project-Specific Temporary Files & Outputs
# ============================================================================

# Artifacts directory (all fuzzing outputs - gitignored entirely)
/artifacts/
!/artifacts/.gitkeep

# Legacy output directories (cleanup)
/fuzzed_dicoms/
/test_output/
/test_crashes/
/test_cli/
/test_cli2/
/test_all/
/test_structure/
/output/
/demo_output/

# Demo folder (keep scripts, ignore generated output)
/demo/output/

# Reports directory structure (keep structure, ignore generated reports)
/reports/json/*
/reports/html/*
/reports/logs/*
/reports/coverage/*
!/reports/json/.gitkeep
!/reports/html/.gitkeep
!/reports/logs/.gitkeep
!/reports/coverage/.gitkeep
!/reports/quality_report.txt
!/reports/test_results.txt

# Temporary Files
nul
*.png
*.jpg
*.jpeg
*.gif
*.bmp
temp_*.dcm
test_*.dcm
minimal*.dcm
corrupted*.dcm
fuzzed_*.dcm
truncated*.dcm

# Data directory - ignore actual DICOM files but keep structure
/data/seeds/*.dcm
/data/seeds/*.dicom
!/data/seeds/.gitkeep
!/data/dictionaries/.gitkeep

# Sample/Test DICOM Files (keep structure but ignore files)
/samples/*.dcm
!/samples/.gitkeep

# IDE Settings
# .vscode/ - now tracked for team consistency (settings.json, extensions.json)
.idea/

# Analysis and summary reports
*COVERAGE*.md
*SUMMARY*.md
*STATUS*.md
*_ANALYSIS.md
*_SESSION*.md
*SESSION_NOTES*.md
analyze_*.py
benchmark_*.txt
README_*_ADDITION.txt
README_*_insert.txt

# ============================================================================
# Project-Specific Output Directories
# ============================================================================

# Consolidated output directory (all fuzzing results, logs, reports)
/output/
!/output/.gitkeep
!/output/*/.gitkeep
!/output/*/CAMPAIGN_RESULTS.md
!/output/*/*.md

# Legacy output directories (for backward compatibility during migration)
/crashes/
/test_fuzzed_series/
/fuzzed_output/
/fuzzed_dicoms/
/checkpoints/
/logs/
/campaigns/*/input/*.dcm
/campaigns/*/input/slice_*.dcm
/campaigns/*/fuzzed/
/campaigns/*/crashes/
!campaigns/*/*.md
!campaigns/*/CAMPAIGN_RESULTS.md
/reports/*/charts/
/reports/*/*.html
/reports/*/*.json
/reports/*/*.png
/reports/*/*.svg
!reports/README.md
!reports/*/*.md

# Node modules (prettier cache from pre-commit hooks)
/node_modules/

# Benchmark test data
/benchmark_clean_test/
coverage.json

# Fuzzing output directory (generated during fuzzing runs)
/fuzzing_output/
!/fuzzing_output/.gitkeep

# Test output directories (generated during testing)
/test_*/
/affinity_test*/
!/tests/
