# WHITELIST APPROACH - Only allow specific file types
# Deny everything by default
*

# Allow directories (needed for git to traverse)
!*/

# Allow specific source code files (but not .py in root - see below)
!*.js
!*.html
!*.css
# Auto-generated theme CSS (regenerated on every server start from themes/*/*.css)
src/local_deep_research/web/static/css/themes.css
# JSON — path-scoped (root package.json whitelisted below)
!src/local_deep_research/defaults/**/*.json
!cookiecutter-docker/**/*.json

# YAML — non-root, path-scoped (.github/ and .semgrep/ whitelisted separately)
!community_benchmark_results/**/*.yaml
!cookiecutter-docker/**/*.yml
!examples/elasticsearch/docker-compose.yml

# Shell scripts — path-scoped (.github/ and .pre-commit-hooks/ whitelisted separately)
!scripts/**/*.sh
!tests/**/*.sh
!docs/**/*.sh
!examples/**/*.sh

# Templates, Jinja2, XML — explicit paths
!src/local_deep_research/defaults/.env.template
!src/local_deep_research/notifications/templates/**/*.jinja2
!unraid-templates/**/*.xml

# Allow Python files everywhere except root
!**/*.py

# Block ALL files in root directory - adding files to root should be intentional
/*.*

# Explicitly allow specific Python files in root that are needed
# (Comment out any you don't need)

# Allow specific project files
!LICENSE
!README
!README.md
!CHANGELOG.md
!CONTRIBUTING.md
!LICENSE.md
!Dockerfile
!pyproject.toml
!pdm.lock
!package.json
!.gitignore
!.gitkeep
!MANIFEST.in
!.pre-commit-config.yaml
!eslint.config.mjs
!vulture_whitelist.py
!docker-compose.yml


# Block JSON files in root directory (except package.json which is explicitly allowed above)
/*.json
!package.json

# Allow pre-commit hooks
!.pre-commit-hooks/
!.pre-commit-hooks/*.py
!.pre-commit-hooks/*.sh

# Allow security configuration files
!.gitleaks.toml
!.semgrepignore
!bearer.yml
!.trivyignore
!.semgrep/
!.semgrep/**/*.yml
!.semgrep/**/*.yaml
!.semgrep/**/*.md
!.safety-policy.yml


# Block all other dot files/folders
!.nvmrc
.*
.*/
!.github/
!.github/**/*.yml
!.github/**/*.yaml
!.github/**/*.md
!.github/**/*.sh
!.github/**/*.py
!.github/CODEOWNERS
!.github/security/*.txt
!.gitleaksignore
!.grype.yaml
# Re-allow pre-commit hooks after the `.*/` catch-all (the earlier
# !.pre-commit-hooks/ block is overridden by `.*/` above, which is why
# new hook files land as ignored until this rule is re-applied here).
!.pre-commit-hooks/
!.pre-commit-hooks/*.py
!.pre-commit-hooks/*.sh

# Allow installer files only in installers directory (text scripts only)
!installers/**/*.bat
!installers/**/*.ps1
!installers/**/*.iss

# Block specific problematic directories even if they contain allowed files
src/data/
src/research_outputs/
research_outputs/
data/
# Journal quality data: nothing is bundled. All sources are runtime-downloaded
# into the user data directory by the data_sources package. There is no
# package-level data directory any more.
logs/
cache/
temp/
tmp/

# Block result directories from examples
examples/optimization/examples/optimization/results/
examples/benchmarks/examples/benchmarks/results/
examples/*/results/
**/results/*/

# Block test output and JSON files
tests/**/results/
tests/**/*.json
tests/ui_tests/*.json
tests/ui_tests/results/

# …but the responsive baseline is checked in on purpose: it's the
# allowlist of currently-known UI bugs that test_responsive_ui_comprehensive.js
# compares against. New regressions vs this list fail the test.
!tests/ui_tests/responsive_baseline.json

# Still block Python cache and build artifacts even if they match patterns above
__pycache__/
**/__pycache__/
__pypackages__/
**/__pypackages__/
*.py[cod]
*$py.class
*.so
.Python
build/
develop-eggs/
dist/
downloads/
eggs/
.eggs/
lib/
lib64/
parts/
sdist/
var/
wheels/
*.egg-info/
.installed.cfg
*.egg

# Block virtual environments
.venv/
venv/
ENV/
env/
.env
.pdm*

# Block IDE files
.idea/
.vscode/
*.swp
*.swo
.DS_Store
.qodo/
.cursorrules

# Project specific
temp_output.txt
temp_output_findings.txt
formatted_output.txt
Output.txt
research_outputs
report.md
src/data/*
# Logs
*.log
logs/

# Database
research_history.db
data/ldr.db
*.db

# Data
*.pdf
.cache
*.jsonl
data/cache/pricing/pricing_cache.json

# Tools
python-db/
js-db/
*.sarif
codeql_analysis_results.txt
.coverage
coverage/

# benchmark results for examples
examples/benchmark_results/

# benchmark and optimization results
src/benchmark_results/
data/benchmark_results/
data/optimization_results/
examples/*/benchmark_results/
examples/*/optimization_*/
examples/benchmarks/results/
examples/optimization/results/
tests/import_tests/
benchmark_results/
strategy_benchmark_results/
strategy_sim_results_*/
*_results_*/
optimization_results_*/
optimization_demo_*/

# Utility scripts for benchmarks
update_api_key.py
update_max_tokens.py
verify_grader_config.py
/run_*_benchmark.sh
/run_fixed_benchmark.sh
/run_verification.sh
/run_update_*.sh
/run_*.sh
/*_benchmark.py
benchmark_cleanup.sh
benchmark_*summary.md
simulation_*summary.md

# Exceptions for benchmark example scripts
!examples/benchmarks/**/run_*.sh
!examples/benchmarks/**/*.py

**/.claude/settings.local.json

# Folders created by Docker.
local_collections/

# Node.js dependencies and artifacts
node_modules/
package-lock.json
!/package-lock.json
!tests/ui_tests/package-lock.json
!tests/ui_tests/playwright/package-lock.json
!tests/api_tests_with_login/package-lock.json
!tests/infrastructure_tests/package-lock.json
!tests/accessibility_tests/package.json
!tests/accessibility_tests/package-lock.json
!tests/puppeteer/package-lock.json
!tests/package-lock.json
npm-debug.log*
yarn-debug.log*
yarn-error.log*

# Temporary debug files
debug_*.js
test_*.html

# Test screenshots and artifacts
*.png
charts_*.png
research_*.png
star_reviews_*.png
web*.png
tests/screenshots/
screenshots/

# Explicitly allowed binary files — keep this list small.
# Binary files bloat the repo; do NOT add new ones without maintainer approval.
!docs/images/Local Search.png
!docs/images/local_search_embedding_model_type.png
!docs/images/local_search_paths.png
!src/local_deep_research/web/static/favicon.png
!src/local_deep_research/web/static/sounds/error.mp3
!src/local_deep_research/web/static/sounds/success.mp3

# Block mobile UI test artifacts (html/json reports, screenshot directories)
tests/ui_tests/mobile/**/*.html
tests/ui_tests/mobile/**/*.json
tests/ui_tests/mobile/*-screenshots/

# Ignore cookiecutter-generated docker-compose files (root only).
/docker-compose.*.yml
!docker-compose.gpu.override.yml
!docker-compose.unraid.yml
# Ignore backup data directories (but not backup code modules)
/backup/
!src/**/backup/
!tests/**/backup/

# Security - ignore generated secret keys
.secret_key
.cache_key_secret

# Allow MD files only in specific directories
!docs/**/*.md
!examples/**/*.md
!cookiecutter-docker/**/*.md
# towncrier news fragments. The directory itself must be re-allowed
# explicitly because the `.d` extension means it gets caught by the
# `/*.*` root deny on line 38, and git can't re-include files inside
# a directory that the parent rule has excluded.
!changelog.d/
!changelog.d/**/*.md

# Block MD files in tests directories by default
tests/**/*.md
# To whitelist specific test MD files, add them explicitly like:
# !tests/specific-file-to-include.md

# Whitelist Playwright test infrastructure
!tests/ui_tests/playwright/
!tests/ui_tests/playwright/package.json
!tests/ui_tests/playwright/README.md
!tests/ui_tests/playwright/playwright.config.js
!tests/ui_tests/playwright/tests/
!tests/ui_tests/playwright/tests/*.js
!tests/ui_tests/playwright/tests/helpers/
!tests/ui_tests/playwright/tests/helpers/*.js
# NOTE: Playwright snapshot PNGs are NOT tracked in git.
# Visual regression tests use --update-snapshots to generate baselines locally.
# See: tests/ui_tests/playwright/README.md

# Block Playwright authentication state (contains session cookies/tokens)
tests/ui_tests/playwright/.auth/

# Block Playwright generated reports and test artifacts
tests/ui_tests/playwright/playwright-report/
tests/ui_tests/playwright/test-results/

# Block accessibility test auth state and generated reports
tests/accessibility_tests/.auth/
tests/accessibility_tests/playwright-report/
tests/accessibility_tests/test-results/
tests/accessibility_tests/.lighthouseci/
