__pycache__/
*.py[cod]
*.db
*.db-shm
*.db-wal
.DS_Store
.venv/
venv/

# The user's global ~/.gitignore excludes `static/` (probably for
# Django collectstatic output). The dashboard's vendored JS lives
# under static/ and is part of the source tree — un-ignore it here.
!static/
!static/**


# Python build outputs
/dist/
/build/
*.egg-info/

# Next.js app (web/) ships the screenshots/logo from public/assets
# (global gitignore excludes assets/)
!web/public/assets/
!web/public/assets/**

# web/lib is application source, not a build artifact (global gitignore has lib/)
!web/lib/
!web/lib/**

# local secrets — never commit
.env

# Playwright MCP verification artifacts
.playwright-mcp/
*-resources.png

# Opt-in YARA-Forge pack fetched by scripts/update_rules.py — never ship
# in the wheel/sdist (mixed-license, needs a crypto-enabled yara). Users
# fetch it post-install for their own environment.
src/avai/rules/vendor/
