.gitignore

# Binaries for programs and plugins
*.exe
*.exe~
*.dll
*.so
*.dylib

# Test binary, built with `go test -c`
*.test

# Output of the go coverage tool, specifically when used with LiteIDE
*.out

# Dependency directories (remove the comment below to include it)
# vendor/

# Go workspace file
go.work

# Build output
dist/
build/
run-*/

# IDE files
.idea/
*.swp
*.swo
*~

# Merge artifacts - prevent accidental commit
*.orig
*.rej

# OS generated files
.DS_Store
.DS_Store?
._*
.Spotlight-V100
.Trashes
ehthumbs.db
Thumbs.db

# PNG files (except docs/public/ and subfolders)
*.png
!docs/public/**/*.png

# Wasm build artifacts (generated by make build-wasm, deployed via scripts/bundle-wasm-docs.sh)
*.wasm
/wasm_exec.js
docs/public/wasm/gh-aw.wasm
docs/public/wasm/gh-aw.wasm.br
docs/public/wasm/gh-aw.wasm.gz
docs/public/wasm/wasm_exec.js

# Go binary for this project
/gh-aw
/gh-aw-darwin-amd64
/gh-aw-darwin-arm64
/gh-aw-linux-amd64
/gh-aw-linux-arm64

# credentials
.credentials/

# Environment variable files - may contain sensitive API keys, tokens, and passwords
.env
.env.*
.env.*.local
.env.backup
.env.*.backup

coverage.html
coverage/
logs/

# Benchmark results
bench_results.txt
bench_compare.txt

# Profiling data
*.prof
mem.prof
cpu.prof

# SBOM files (generated by make sbom)
sbom.spdx.json
sbom.cdx.json

node_modules/
gh-aw-test/

# Root package.json and package-lock.json are only for build tooling
/package.json
/package-lock.json

# Action build artifacts - keep bundled index.js, exclude temp files
actions/**/node_modules/
actions/**/*.tmp
actions/**/.build/

# pkg/workflow/js should only contain generated .cjs files and safe_outputs_tools.json
# Source of truth is actions/setup/js
pkg/workflow/js/package.json
pkg/workflow/js/package-lock.json
pkg/workflow/js/node_modules/

# Generated action files (created by 'make generate-action-metadata')
# These are generated from pkg/workflow/js/*.cjs and should not be committed
actions/noop/
actions/minimize_comment/
actions/close_issue/
actions/close_pull_request/
actions/close_discussion/

pkg/cli/workflows/*.yml
.github/workflows/test-update.md
.github/workflows/test-update.lock.yml
.github/workflows/test-timestamp-js.md
.github/workflows/test-timestamp-js.lock.yml
examples/*.lock.yml

# Large test data files
pkg/workflow/js/test-data/*.log
pkg/workflow/js/test-*/
actions/setup/js/test-*/
!actions/setup/js/test-data/
sample-logs/
*.invalid.yml
*.tmp

# Python cache files
__pycache__/
*.py[cod]
*$py.class
*.pyc

# Manual test scripts
test_*.sh
*.zip
aw.patch

pkg/cli/.github/aw/actions-lock.json

# Test run artifacts (legacy - now uses system temp)
test-runs/

# Security scan reports
gosec-report.json
gosec-results.sarif
govulncheck-results.sarif
trivy-results.sarif

# Generated action files - kept in .gitignore as build artifacts
# Note: If workflows fail due to missing js/ files, these may need to be committed
# The js/ directories contain compiled JavaScript from pkg/workflow/js/*.cjs
# and are generated by 'make actions-build'

# License compliance reports
licenses.csv
*.bck.yml
actions/setup/js/test-*/

# Test inline feature files
test-inline-*.txt
test-inline-*.md
test-inline-*.lock.yml
*.txt
*.zip
# Temporary downloaded logs
*.txt
conclusion/
detection/

test-script-mode.md
test-script-mode.lock.yml

# Test metrics patterns workflow (temporary validation file)
.github/workflows/test-metrics-patterns.md
.github/workflows/test-metrics-patterns.lock.yml
.github/workflows/test-*.md
.github/workflows/test-*.lock.yml