# Python
__pycache__/
*.py[cod]
*\.class
.venv/
venv/
*.egg-info/
dist/
build/
# Django
*.log
db.sqlite3
media/
staticfiles/
# Environment
.env
.env.local
.env.prod

# Secrets (ADR-045) — NEVER commit plaintext
secrets.env
!secrets.enc.env
# IDE
.idea/
.vscode/
*.swp
# OS
.DS_Store
Thumbs.db
# Large files
*.sqlite3
*.log
output_batch/
app_backup/
docs_legacy/
# Sphinx build output
docs/_build/
*:Zone.Identifier
# Local Windsurf/MCP config — machine-specific, never commit
.windsurf/mcp_config.json
# Local infra plaintext secrets — NEVER commit
infra/*.env
infra/*.key
# Validate-ports CI draft (not yet integrated)
.github/workflows/validate-ports.yml
# Markdownlint local config override
.markdownlint.json
# Concept review drafts (local working copies, not for VCS)
docs/concepts/REVIEW-*
env_loader.py
