# Nested clone (not a declared submodule; use submodule add if it should be tracked)
transaction-composer/

# Dependencies
node_modules/
.pnpm-store/

# Package manager lock files (using pnpm as default)
package-lock.json
yarn.lock

# DBIS identity package — never commit real secrets (example only is tracked)
config/production/dbis-identity-public-did-secrets.env

# Environment files
.env
.env.local
.env.*.local
.env.master

# Logs
*.log
logs/

# NPMplus backups (backup-npmplus.sh — tarballs and extracted trees; may contain certs/DB)
backups/npmplus/

# OS files
.DS_Store
Thumbs.db

# Local-only Cursor session / context (exclude from Gitea)
.cursor/local/

# Local Codex / IDE artifacts
.codex
.codex/

# Scratch and regenerated audit trees (re-run OMNL/JVMTM scripts to reproduce)
tmp/
output/jvmtm-evidence/
output/settlement-events/
output/omnl-e2e-settlement-audit-*/
output/*compliance-archive*.zip
output/omnl-e2e-settlement-audit-*.zip
output/transaction-package-HYBX-BATCH-001/

# IDE files
.vscode/
.idea/
*.swp
*.swo
*~

# Build outputs
dist/
build/
.next/
out/

# Temporary files
*.tmp
*.temp

# Environment backup files (Security: Prevent committing backup files with secrets)
*.env.backup
.env.backup.*
.env.backup
.gitignore.backup.*

# Python
venv/
.venv-checkjson/
__pycache__/
*.pyc

# CoinGecko/CMC token logos (generated by prepare-token-logos-512x512.sh)
docs/04-configuration/coingecko/logos/*.png
token-lists/logos/*.png

# Ephemeral phase markers
.phase1-event-status

# DBIS Phase 1 discovery — timestamped reports (run scripts/verify/run-phase1-discovery.sh)
reports/phase1-discovery/phase1-discovery-*.md

# Wormhole AI docs mirror (sync with scripts/doc/sync-wormhole-ai-resources.sh; keep manifest.json committable)
third-party/wormhole-ai-docs/**
!third-party/wormhole-ai-docs/README.md
!third-party/wormhole-ai-docs/manifest.json

# OMNL operator rail (env-specific IDs, reconciliation, audit packets, posted refs)
ids.env
reconciliation/

# Office 2 Shamrayan P2P credentials (runbook-only; never commit)
.env.office2-p2p
**/.env.office2-p2p
.posted_refs
*.payload.json
*.payload.sha256
audit_log.jsonl