node_modules/
dist/
*.tgz
.DS_Store
coverage/
build/
reports/

# lychee link-checker cache artifact (the offline CI lane writes none, but a
# local `lychee` run can; a repo-root dotfile would also trip boundary gates).
.lycheecache

# NOTE: .harness-hash is INTENTIONALLY tracked, not ignored.
# Per iep-P3 iah-self-pin (bd_000-projects-itpl) + audit-harness CLAUDE.md
# design rule 5 ("the harness tests itself"): the manifest IS the policy
# commitment. CI's `harness-hash --verify` step (hard-fail since v1.1.0)
# compares working-tree hashes against the committed manifest. If
# .harness-hash were gitignored, --verify would either compare against a
# locally-regenerated manifest (no integrity guarantee) or fail with
# exit-3 (no manifest) — both useless.

# Python wrapper build artifacts
python/.venv/
python/dist/
python/build/
python/*.egg-info/
**/__pycache__/
*.pyc

# Rust wrapper build artifacts
rust/target/
rust/Cargo.lock

# Beads / Dolt files (added by bd init)
.dolt/
*.db
.beads-credential-key

# Auto-generated by ~/.claude/skills/sync-testing-harness/ (weekly cron). Operational state, not policy commitment.
/HARNESS-SYNC-REPORT.md

# crap-score writes reports/ into whatever dir `audit --deep` runs in;
# the audit suite exercises it on fixtures — never commit those generated artifacts.
tests/fixtures/audit/**/reports/
