# Defense-in-depth on top of package.json "files" allowlist.
# Anything here is excluded from the published tarball even if
# "files" is widened by mistake.

# Repo-maintenance scripts (contain personal/internal data)
scripts/scrub-history.sh
scripts/scrub-orphan-branches.sh
scripts/rebuild-sqlite.sh

# Build/test/dev artifacts
**/*.map
**/*.test.js
**/*.test.d.ts
**/*.test.ts
**/__tests__/**
tests/
bench/
demo/
docs/
website/
packages/
assets/
src/

# Local debug / config
error.log
*.log
.env
.env.*
.envrc
.DS_Store
.plans/

# Editor / VCS
.vscode/
.idea/
.git/
.github/

# Lockfiles & node-modules (npm handles these itself)
node_modules/
bun.lock
