# ============================================
# SECURITY CRITICAL - DO NOT REMOVE
# ============================================

# Environment files containing sensitive data
.env
.env.local
.env.production
.env.live
config.env
config.live.env

# Database backups with sensitive data
*.sql
database_backup_*.sql
*backup*.sql

# Logs that may contain sensitive information
*.log
logs/
api/error_log

# IDE and editor files
.vscode/
.idea/
*.swp
*.swo
*~

# OS generated files
.DS_Store
.DS_Store?
._*
.Spotlight-V100
.Trashes
ehthumbs.db
Thumbs.db

# Node.js (if used)
node_modules/
npm-debug.log*
yarn-debug.log*
yarn-error.log*

# Composer (PHP)
vendor/
composer.lock

# Temporary files
tmp/
temp/
cache/

# SSL certificates and keys
*.pem
*.key
*.crt
*.p12

# Backup files
*.bak
*.backup
*.old

# Test files that may contain sensitive data
test_*.php
*_test.php

# AI API keys and secrets
api_keys/
secrets/
credentials/

# Session files
sessions/
session_data/

# Upload directories (may contain user data)
uploads/
user_uploads/

# Cache directories
cache/
tmp/cache/

# Debug files
debug_*.php
*_debug.php

# Configuration files with sensitive data
config/*.secret
config/*_secret.php

# Database files
*.db
*.sqlite
*.sqlite3

# Cloud deployment files
.aws/
.terraform/
terraform.tfstate*

# CI/CD secrets
.github/secrets/
.github/workflows/secrets.yml

# ============================================
# EXCEPTION: Files that SHOULD be committed
# ============================================
# These template files are safe to commit:
# !env.example
# !config.example.php
# !.env.example
