# Python
__pycache__/
*.py[cod]
*$py.class
*.egg-info/
.eggs/
dist/
build/
.venv/
venv/
env/

# uv
.uv-cache/

# Test / coverage
.pytest_cache/
pytest-of-*/
.coverage
.coverage.*
coverage.xml
htmlcov/
.tox/
.mypy_cache/
.ruff_cache/
.pyright/

# Editors
.vscode/
.idea/
*.swp
.DS_Store

# Project-specific — secrets / session storage (NEVER commit)
auth/                  # any project-local auth dir
profile_*/             # Chromium persistent contexts (any name)
*.cookies.json         # exported cookie jars
storage_state.json     # Playwright storage_state output
secrets.json           # generic secrets file
.env                   # local env overrides (the .env.template IS committed)
.env.local
.env.*.local

# Generated outputs
out/
tmp/
gflow-output/
*.mp4
*.png
*.jpg
*.jpeg
!docs/**/*.png         # docs images are OK
!tests/fixtures/**/*.png
!test_assets/fixtures/**/*.jpg
!test_assets/fixtures/**/*.jpeg
samples/*.captured.json # sandbox-recorded API exchanges may contain PII

# CDP browser session lock files (contain PID, port, profile name)
.gflow-cdp.lock
**/.gflow-cdp.lock

# Runtime artefact dirs written by smoke/debug scripts — belong under tmp/ only
test_assets/smoke_*/
test_assets/debug_*/

# Live Flow traffic captures — NEVER commit (contain real Bearer tokens / API keys).
# Diagnostic scripts MUST default-write here, NOT to samples/captured/.
# Sanitised reference samples (no secrets) can still live under samples/captured/.
tmp/captured/
samples/captured/flow_outgoing_*.jsonl
samples/captured/flow_outgoing_*.json

# Claude Code worktrees and lock files
.claude/worktrees/
.claude/scheduled_tasks.lock

# Doc-council scratch dir (bundles + raw reviews + consensus matrix)
.doc-council/

worktrees/

# E2E test logs (live Flow runs — may contain account/profile names)
.planning/e2e-logs/
