# never ship secrets
.env
.env.*
*.env
**/*.env
**/*.env.*

# VCS / workspace junk
.git
.gitignore
.vscode
.idea

# node noise (server images install their own deps)
node_modules
**/node_modules
npm-debug.log*
yarn.lock
pnpm-lock.yaml

# transient outputs (but KEEP build/ for nginx)
dist
coverage
.DS_Store
*.log

# keys/certs
*.pem
*.key
*.crt
*.pfx

# Test sources & artifacts
tests/
playwright-report/
test-results/
blob-report/
*.trace.zip

# Conference and business planning documents (not needed in containers)
COMPETITIVE_ANALYSIS.md
PRICING_OPERATIONS_ANALYSIS.md
INFRASTRUCTURE_SCALING_ANALYSIS.md
COST_PROJECTION_DATA_NEEDED.md
ACCURATE_COST_PROJECTIONS.md
GAETC_PRINT_MATERIALS_FINAL.md
CONFERENCE_MATERIALS.md
APTIVA_AI_FEATURES_DOCUMENTATION.md

# Admin Portal Design Documents (not needed in containers)
ORG_ADMIN_PORTAL_DESIGN.md
ADMIN_PORTAL_DEPLOYMENT.md
SERVER4_SECURITY_REVIEW.md
SERVER4_ACTUAL_SECURITY_PATTERNS.md

# Security Analysis Documents (sensitive - never ship)
.security-notes-*.md

# Migration and SQL files (run manually, not needed in containers)
*.sql
**/*.sql