applepy/data/lynis and applepy/data/macos_security were committed as
gitlink stubs (mode 160000) because rsync -a copies .git/ along with
everything else. Cloners would silently receive empty directories.
Fix: remove the submodule stubs, add both dirs to .gitignore (they are
populated by scripts/vendor_compliance_assets.sh), and add --exclude .git
to both rsync invocations so future vendor runs don't recreate the problem.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
