# Python
__pycache__/
*.py[codz]
*$py.class
*.so
*.egg-info/
*.egg
dist/
build/
.Python
MANIFEST

# Virtual environments
.venv/
env/
venv/

# Testing & coverage
.pytest_cache/
htmlcov/
.coverage
.coverage.*
coverage.xml

# Type checkers & linters
.mypy_cache/
.ruff_cache/
.pytype/

# IDEs
.idea/
.vscode/

# Frontend
frontend/node_modules/
frontend/dist/
# openapi.json is a transient build artifact — TS types are generated from it
# and committed, but the raw schema isn't worth tracking.
frontend/openapi.json
# tsc incremental build cache; churns on every build and adds noise to diffs.
frontend/tsconfig.tsbuildinfo

# Playwright e2e artefacts. The curated webms in docs/videos/ are
# committed as project assets; the per-test results dir + the HTML
# report are ephemeral.
frontend/test-results/
frontend/playwright-report/

# Frontend build output (all historical paths)
ctfy/dashboard/static/
ctfy/server/static/
llm_pentest_bench/server/static/
pentest/server/static/

# Generated SDK reference (pdoc output, built at wheel time from
# docstrings). Shipped as a wheel artifact and mounted at
# /sdk-docs/ on the server; never committed.
ctfy/server/sdk_docs/

# Environment & secrets
.env
.envrc
.pypirc

# uv
# uv.lock is committed for reproducibility

# Data & runtime artifacts
data/results/
*.sqlite3
*.sqlite3-*
*.log

# Docker
docker-compose.override.yml

# OS files
.DS_Store
Thumbs.db

# Data files
data/
# Source-controlled reference data ships with the frontend bundle
# (ISO 3166-1 country codes, IANA timezone helpers, …).
!frontend/src/data/

# Sandbox-environment-specific egress proxy CA bundles. The
# ``mitmproxy`` image build picks up any ``*.crt`` files dropped
# here, but the certs themselves are env-specific and never check
# into source control.
mitmproxy/extra-ca-certs/*.crt
!mitmproxy/extra-ca-certs/.gitkeep
