# Disk images and snapshots
*.iso
*.img
*.qcow2
*.qcow2.*
*.vmdk
*.vdi
*.raw
vm/images/
vm/snapshots/

# VERSION file is install-script-stamped (provenance for episodes
# generated from /opt/cis490 install copies). Tracking it would
# trigger spurious dirty-tree state on lab hosts and reject every
# episode at the §4.6 acceptance gate.
/VERSION

# Telemetry output
data/episodes/
data/campaign.json
data/campaign_done.marker
data/outbox/
data/shipped/
*.pcap
*.pcapng

# Training artifacts that are regenerated from raw episodes:
# features are large and deterministic from code+episodes, so we don't
# track them. validation_v1.parquet IS tracked — it's small and pins
# the accepted/degraded set.
data/processed/features_*.parquet
data/processed/feature_schema_*.json
data/processed/.validation_checkpoint.parquet
data/processed/validation_smoke.parquet
data/processed/tensor_window_*/
data/processed/knn_*.parquet
data/logs/
artifacts/
artifacts-*/
reports/eval/
reports/pca/
reports/xai/
reports/fleet-*/

# Per-developer training venv
.venv-training/

# Malware samples — NEVER commit binaries
samples/store/
*.bin
*.elf
*.exe
*.dll
*.so.malware

# Python
__pycache__/
*.py[cod]
.venv/
venv/
.pytest_cache/
.mypy_cache/
.ruff_cache/
*.egg-info/
dist/
build/

# Editor
.vscode/
.idea/
*.swp
.DS_Store

# Local secrets (never commit)
.env
.env.local
secrets.toml
*.pat
*.token
