docker-compose.yml contains hardcoded credentials (BOT_TOKEN, API_TOKEN,
RESTART_WEBHOOK_URL) and should never be committed. The *compose.yml gitignore
rule already excluded it but docker-compose.example.yml was not provided as a
reference for contributors.
- Add !docker-compose.example.yml negation to .gitignore so example is tracked
- Add docker-compose.example.yml with placeholder values for all secrets
Closes paper-dynasty-database#9
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Verified via `git ls-files storage/` that no storage files are tracked.
The existing `storage*` pattern already covers the directory, but adding
an explicit entry for `storage/paper-dynasty-service-creds.json` makes
the intent clear for this sensitive Google Sheets service credential file.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
