-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy path.gitignore
More file actions
79 lines (68 loc) · 2.34 KB
/
Copy path.gitignore
File metadata and controls
79 lines (68 loc) · 2.34 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
.DS_Store
.venv/
.ardur/
.vibap/
.claude/
__pycache__/
*.pyc
# AI-agent / LLM working context - handoff prompts, work logs, checkpoints,
# local skills, graph indexes, and other artifacts produced by Claude / Codex /
# Gemini / Cursor / Conductor / etc. while collaborating on this repo. NEVER
# commit these - they often carry session-internal context, draft prose,
# secret-equivalent reasoning, machine paths, and files written for the next
# agent's eyes only. Keep them out of the public tree by default.
.context/
.agents/
.ai-context/
.agent-context/
.codex/
.local-skills/
logs/
agent-instructions.local/
HANDOFF.md
workdone-so-far.md
# Local environment files - never commit secrets.
# Matches .env, .env.local, .env.development, .env.production, etc.
.env
.env.*
!.env.example
# Python packaging side-effects from `pip install -e .` / `pip wheel .`
*.egg-info/
python/build/
# Internal planning, engineering reports, and dev tooling — moved to _internal/
# so the public tree stays clean for the open-source community.
_internal/
/reports/
# Go build artifacts when binaries land in the repo root rather than $GOBIN.
go/operator
go/webhook
# `make bench` output (go/cmd/benchcheck writes here; see the `bench` target).
go/bench-results/
# Hugo site build output.
site/public/
site/resources/_gen/
site/.hugo_build.lock
# Runtime-generated security artifacts produced by ardur commands (passport
# keys, mission JWTs, compiled native hooks). These are never safe to commit
# — they contain private keys or session-bound credentials. Listed explicitly
# as defense-in-depth so an accidental `git add .` does not stage them even
# if the gitleaks PEM rule were to miss a format variant.
keys/
*.pem
*.key
# Reviewed public-key fixtures remain normal source artifacts. Keep these
# exceptions narrower than the generated-key rules so a new PEM elsewhere
# requires an explicit security review before it can be added.
!/docs/specs/**/*.pem
!/site/static/repo/docs/specs/**/*.pem
# Legacy/default-in-CWD proxy state. Standard managed state under `.ardur/`
# and `.vibap/` is already ignored above; root anchors avoid hiding an
# unrelated JSON fixture with the same basename in another source directory.
/passport_state.lock
/replay_cache.json
/revoked.json
/lineage_hashes.json
active_mission.jwt
claude-code-pre_tool_use
claude-code-pre_tool_use.sha256
claude-code-hook-python