# SEC-04: keep secrets and bulk artefacts out of image layers.
# The Dockerfile ends with `COPY . .` — everything not listed here ships in the image.

# Secrets — never in an image layer
.env
.env.*
*.pw

# VCS / local tooling
.git
.gitignore
.claude
.pytest_cache
.ruff_cache
.venv
__pycache__
*.pyc
*.pyo
.DS_Store
*.code-workspace

# Bulk data artefacts (rebuildable / operator-side only)
*.osm.pbf
*.geojson
csv/
data/
tools/data/
shell_stations.csv

# Not needed at runtime
docs/
tests/
agents/
db_audit/
legacy/
SOUL.md
README.md
CLAUDE.md
uv.lock.bak
