wouldn't want somebody accidentally committing their private key into the public repo
.idea
cosign.key