# Python
__pycache__/
*.pyc
*.pyo
*.pyd
*.egg
*.egg-info/
pip-log.txt
pip-delete-this-directory.txt

# Build / distribution
dist/
build/
*.whl
*.tar.gz

# Test / Coverage
.pytest_cache/
.hypothesis/
.coverage
.coverage.*
coverage.xml
htmlcov/
.tox/
.nox/
junit.xml
pytest-report.xml
test-results/
tests/validation/fixtures/
docs/accuracy.md
.ci-audit-requirements.txt

# Local validation sweeps. Real company names and per-domain JSON output
# live here during accuracy work; never committed. Fictional-example
# discipline requires anything committed to use Contoso / Northwind /
# Fabrikam — validation artifacts use real targets and stay local.
# Generic tooling (runner, gap finder, diff, triage) is committed; the
# corpus and run outputs stay local so users can curate their own
# private test bed without leaking targets.
/validation/*
!/validation/audit_fingerprints.py
!/validation/run_corpus.py
!/validation/find_gaps.py
!/validation/diff_runs.py
!/validation/triage_candidates.py
!/validation/scan.py
!/validation/corpus-example.txt
!/validation/README.md
# v1.9: publicly-reproducible calibration scripts. Both operate
# against either the synthetic-network distribution or a user-supplied
# corpus; neither contains target data.
!/validation/synthetic_calibration.py
!/validation/analyze_v19_calibration.py
# Per-release corpus-validation reports — statistics + technical
# narrative; no per-domain data. The full result JSONs
# (v1.8-validation-results*.json, v1.9-validation-results*.json, ...)
# stay private under the /validation/* glob.
!/validation/v1.8-validation-summary.md
!/validation/v1.9-validation-summary.md
# validation/__init__.py — added in v1.9.2 to make ``validation`` a
# proper package (previously implicit namespace) so static analysis
# resolves intra-package imports cleanly.
!/validation/__init__.py
# v1.9.2 agentic UX validation harness. Dev-only tooling — fixtures use
# Microsoft fictional brands (Contoso/Northwind) so the committed
# transcripts and report are safe. Any local run outputs against real
# corpora must stay under runs/ or local/ inside the harness, both of
# which are ignored below.
!/validation/agentic_ux/
!/validation/agentic_ux/**
# Re-ignore Python build/cache artifacts and any per-run output dirs
# inside the harness even though the parent is whitelisted above.
/validation/agentic_ux/**/__pycache__/
/validation/agentic_ux/runs/
/validation/agentic_ux/local/
!/validation/v1.9.2-agentic-ux.md
# User-curated private corpus + run outputs — never commit.
/validation/corpus-private/
/validation/runs-private/
/validation/local/

# Per-company live JSON dumps from ad-hoc validation runs. Real
# company names belong in /validation/ (already gitignored above) or
# discarded after analysis. These patterns belt-and-suspenders the
# repo root so a stray `recon foo.com --json > foo.json` never
# accidentally lands in a commit.
/*.com.json
/*.org.json
/*.net.json
/*.io.json
/*.so.json
/*.gov.json
/*.edu.json
/*.co.json
/sc-*.json
/v1_*_dive/
/v1_*_validation*/

# Linting / Type checking
.ruff_cache/
.mypy_cache/
.dmypy.json
.pyre/
.pytype/
.pyright/

# IDE / editors
.vscode/
.vs/
.idea/
*.swp
*.swo
*~

# Merge / rebase artifacts
*.orig
*.rej

# Jupyter
.ipynb_checkpoints/

# direnv
.envrc
.direnv/

# Claude Code local settings
.claude/
CLAUDE.md
CLAUDE.local.md

# OS
.DS_Store
Thumbs.db
Desktop.ini
$RECYCLE.BIN/
*.stackdump

# Env
.env
.env.local
.env.*.local
.venv/
venv/
env/

# Credentials — defensive rules. A passive-recon tool should never
# commit keys or credentials, even local test ones. Prefer
# RECON_CONFIG_DIR or a secrets manager over dropping files in-tree.
*.pem
*.key
*.p12
*.pfx
*.jks
id_rsa
id_rsa.*
id_dsa
id_dsa.*
id_ecdsa
id_ecdsa.*
id_ed25519
id_ed25519.*
credentials.json
secrets.yaml
secrets.yml

# Logs
*.log

# Kiro
.kiro/
/archive
