chore(api): update composite API spec

Author: stainless-app[bot]

.stats.yml

@@ -1,4 +1,4 @@
 configured_endpoints: 2192
-openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/cloudflare%2Fcloudflare-c3f5a3865869371d57f04a16ce426de0c723e9904e3b0cb9fc7891a1c6680926.yml
-openapi_spec_hash: fa3d976ce364922696ed217ea8820716
+openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/cloudflare%2Fcloudflare-d002758d193b43db6ad27d2cacddace8c80ef50ea44408e961718b6a90bb8bc1.yml
+openapi_spec_hash: 072a97bb2cb80fb3bbbf9833372d2348
 config_hash: f5c07311bfa023d17aa668eba5d06a13

src/cloudflare/resources/brand_protection/v2/matches.py

@@ -65,12 +65,13 @@ def get(
         """
         Get paginated list of domain matches for one or more brand protection queries.
         When multiple query_ids are provided (comma-separated), matches are deduplicated
-        across queries and each match includes a matched_queries array.
+        across queries and each match includes a match_details array with per-match
+        query metadata and individual dismissed state.
 
         Args:
           query_id: Query ID or comma-separated list of Query IDs. When multiple IDs are provided,
-              matches are deduplicated across queries and each match includes matched_queries
-              and match_ids arrays.
+              matches are deduplicated across queries and each match includes a match_details
+              array with per-match query metadata and dismissed state.
 
           domain_search: Filter matches by domain name (substring match)
 
@@ -159,12 +160,13 @@ async def get(
         """
         Get paginated list of domain matches for one or more brand protection queries.
         When multiple query_ids are provided (comma-separated), matches are deduplicated
-        across queries and each match includes a matched_queries array.
+        across queries and each match includes a match_details array with per-match
+        query metadata and individual dismissed state.
 
         Args:
           query_id: Query ID or comma-separated list of Query IDs. When multiple IDs are provided,
-              matches are deduplicated across queries and each match includes matched_queries
-              and match_ids arrays.
+              matches are deduplicated across queries and each match includes a match_details
+              array with per-match query metadata and dismissed state.
 
           domain_search: Filter matches by domain name (substring match)
 

src/cloudflare/resources/cloudforce_one/threat_events/threat_events.py

@@ -276,11 +276,11 @@ def list(
         timeout: float | httpx.Timeout | None | NotGiven = not_given,
     ) -> ThreatEventListResponse:
         """
-        When `datasetId` is unspecified, events will be listed from the
-        `Cloudforce One Threat Events` dataset. To list existing datasets (and their
-        IDs), use the
+        Use `datasetId=all` or `datasetId=*` to query all event datasets for the account
+        (limited to 10). When `datasetId` is unspecified, events are listed from the
+        default Cloudforce One Threat Events dataset. To list existing datasets, use the
         [`List Datasets`](https://developers.cloudflare.com/api/resources/cloudforce_one/subresources/threat_events/subresources/datasets/methods/list/)
-        endpoint). Also, must provide query parameters.
+        endpoint.
 
         Args:
           account_id: Account ID.
@@ -290,6 +290,10 @@ def list(
               result_info.cursor field. Use cursor-based pagination for deep pagination
               (beyond 100,000 records) or for optimal performance.
 
+          dataset_id: Dataset IDs to query events from (array of UUIDs), or special value 'all' or
+              '\\**' to query all event datasets for the account. If not provided, uses the
+              default dataset.
+
           page: Page number (1-indexed) for offset-based pagination. Limited to offset of
               100,000 records. For deep pagination, use cursor-based pagination instead.
 
@@ -675,11 +679,11 @@ async def list(
         timeout: float | httpx.Timeout | None | NotGiven = not_given,
     ) -> ThreatEventListResponse:
         """
-        When `datasetId` is unspecified, events will be listed from the
-        `Cloudforce One Threat Events` dataset. To list existing datasets (and their
-        IDs), use the
+        Use `datasetId=all` or `datasetId=*` to query all event datasets for the account
+        (limited to 10). When `datasetId` is unspecified, events are listed from the
+        default Cloudforce One Threat Events dataset. To list existing datasets, use the
         [`List Datasets`](https://developers.cloudflare.com/api/resources/cloudforce_one/subresources/threat_events/subresources/datasets/methods/list/)
-        endpoint). Also, must provide query parameters.
+        endpoint.
 
         Args:
           account_id: Account ID.
@@ -689,6 +693,10 @@ async def list(
               result_info.cursor field. Use cursor-based pagination for deep pagination
               (beyond 100,000 records) or for optimal performance.
 
+          dataset_id: Dataset IDs to query events from (array of UUIDs), or special value 'all' or
+              '\\**' to query all event datasets for the account. If not provided, uses the
+              default dataset.
+
           page: Page number (1-indexed) for offset-based pagination. Limited to offset of
               100,000 records. For deep pagination, use cursor-based pagination instead.
 

src/cloudflare/resources/dns/settings/account/account.py

@@ -61,6 +61,7 @@ def edit(
         self,
         *,
         account_id: str | None = None,
+        enforce_dns_only: bool | Omit = omit,
         zone_defaults: account_edit_params.ZoneDefaults | Omit = omit,
         # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs.
         # The extra values given here take precedence over values defined on the client or passed to this method.
@@ -75,6 +76,12 @@ def edit(
         Args:
           account_id: Identifier.
 
+          enforce_dns_only: When enabled, forces all proxied DNS records in the account to behave as
+              DNS-only at the edge, regardless of each record's individual proxy setting. Note
+              that this account-level override does not modify the records themselves; it only
+              affects how they are served at the edge. See more on
+              [Enforce DNS-only](https://developers.cloudflare.com/dns/proxy-status/enforce-dns-only).
+
           extra_headers: Send extra headers
 
           extra_query: Add additional query parameters to the request
@@ -89,7 +96,13 @@ def edit(
             raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}")
         return self._patch(
             path_template("/accounts/{account_id}/dns_settings", account_id=account_id),
-            body=maybe_transform({"zone_defaults": zone_defaults}, account_edit_params.AccountEditParams),
+            body=maybe_transform(
+                {
+                    "enforce_dns_only": enforce_dns_only,
+                    "zone_defaults": zone_defaults,
+                },
+                account_edit_params.AccountEditParams,
+            ),
             options=make_request_options(
                 extra_headers=extra_headers,
                 extra_query=extra_query,
@@ -170,6 +183,7 @@ async def edit(
         self,
         *,
         account_id: str | None = None,
+        enforce_dns_only: bool | Omit = omit,
         zone_defaults: account_edit_params.ZoneDefaults | Omit = omit,
         # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs.
         # The extra values given here take precedence over values defined on the client or passed to this method.
@@ -184,6 +198,12 @@ async def edit(
         Args:
           account_id: Identifier.
 
+          enforce_dns_only: When enabled, forces all proxied DNS records in the account to behave as
+              DNS-only at the edge, regardless of each record's individual proxy setting. Note
+              that this account-level override does not modify the records themselves; it only
+              affects how they are served at the edge. See more on
+              [Enforce DNS-only](https://developers.cloudflare.com/dns/proxy-status/enforce-dns-only).
+
           extra_headers: Send extra headers
 
           extra_query: Add additional query parameters to the request
@@ -198,7 +218,13 @@ async def edit(
             raise ValueError(f"Expected a non-empty value for `account_id` but received {account_id!r}")
         return await self._patch(
             path_template("/accounts/{account_id}/dns_settings", account_id=account_id),
-            body=await async_maybe_transform({"zone_defaults": zone_defaults}, account_edit_params.AccountEditParams),
+            body=await async_maybe_transform(
+                {
+                    "enforce_dns_only": enforce_dns_only,
+                    "zone_defaults": zone_defaults,
+                },
+                account_edit_params.AccountEditParams,
+            ),
             options=make_request_options(
                 extra_headers=extra_headers,
                 extra_query=extra_query,

src/cloudflare/types/brand_protection/v2/match_get_params.py

@@ -17,7 +17,8 @@ class MatchGetParams(TypedDict, total=False):
     """Query ID or comma-separated list of Query IDs.
 
     When multiple IDs are provided, matches are deduplicated across queries and each
-    match includes matched_queries and match_ids arrays.
+    match includes a match_details array with per-match query metadata and dismissed
+    state.
     """
 
     domain_search: str

src/cloudflare/types/brand_protection/v2/match_get_response.py

@@ -4,16 +4,26 @@
 
 from ...._models import BaseModel
 
-__all__ = ["MatchGetResponse", "Match", "MatchPublicScans"]
+__all__ = ["MatchGetResponse", "Match", "MatchPublicScans", "MatchMatchDetail"]
 
 
 class MatchPublicScans(BaseModel):
     submission_id: str
 
 
-class Match(BaseModel):
+class MatchMatchDetail(BaseModel):
     dismissed: bool
+    """Individual dismissed state for this specific match."""
+
+    match_id: int
+
+    query_id: int
+
+    query_tag: Optional[str] = None
+    """Tag associated with the query, if one exists."""
 
+
+class Match(BaseModel):
     domain: str
 
     first_seen: str
@@ -28,14 +38,15 @@ class Match(BaseModel):
 
     source: Optional[str] = None
 
-    match_ids: Optional[List[int]] = None
-    """All underlying match row IDs for this domain.
+    dismissed: Optional[bool] = None
+    """Whether the match is dismissed.
 
-    Only present when multiple query_ids are requested.
+    Only present for single-query requests. For multi-query requests, use the
+    dismissed field in each match_details entry.
     """
 
-    matched_queries: Optional[List[int]] = None
-    """List of query IDs that produced this match.
+    match_details: Optional[List[MatchMatchDetail]] = None
+    """Per-match detail objects with query metadata and individual dismissed state.
 
     Only present when multiple query_ids are requested.
     """

src/cloudflare/types/cloudforce_one/threat_event_list_params.py

@@ -25,6 +25,11 @@ class ThreatEventListParams(TypedDict, total=False):
     """
 
     dataset_id: Annotated[SequenceNotStr[str], PropertyInfo(alias="datasetId")]
+    """
+    Dataset IDs to query events from (array of UUIDs), or special value 'all' or
+    '\\**' to query all event datasets for the account. If not provided, uses the
+    default dataset.
+    """
 
     force_refresh: Annotated[bool, PropertyInfo(alias="forceRefresh")]
 

src/cloudflare/types/dns/settings/account_edit_params.py

@@ -12,6 +12,15 @@ class AccountEditParams(TypedDict, total=False):
     account_id: str
     """Identifier."""
 
+    enforce_dns_only: bool
+    """
+    When enabled, forces all proxied DNS records in the account to behave as
+    DNS-only at the edge, regardless of each record's individual proxy setting. Note
+    that this account-level override does not modify the records themselves; it only
+    affects how they are served at the edge. See more on
+    [Enforce DNS-only](https://developers.cloudflare.com/dns/proxy-status/enforce-dns-only).
+    """
+
     zone_defaults: ZoneDefaults
 
 

src/cloudflare/types/dns/settings/account_edit_response.py

@@ -114,3 +114,12 @@ class ZoneDefaults(BaseModel):
 
 class AccountEditResponse(BaseModel):
     zone_defaults: ZoneDefaults
+
+    enforce_dns_only: Optional[bool] = None
+    """
+    When enabled, forces all proxied DNS records in the account to behave as
+    DNS-only at the edge, regardless of each record's individual proxy setting. Note
+    that this account-level override does not modify the records themselves; it only
+    affects how they are served at the edge. See more on
+    [Enforce DNS-only](https://developers.cloudflare.com/dns/proxy-status/enforce-dns-only).
+    """

src/cloudflare/types/dns/settings/account_get_response.py

@@ -114,3 +114,12 @@ class ZoneDefaults(BaseModel):
 
 class AccountGetResponse(BaseModel):
     zone_defaults: ZoneDefaults
+
+    enforce_dns_only: Optional[bool] = None
+    """
+    When enabled, forces all proxied DNS records in the account to behave as
+    DNS-only at the edge, regardless of each record's individual proxy setting. Note
+    that this account-level override does not modify the records themselves; it only
+    affects how they are served at the edge. See more on
+    [Enforce DNS-only](https://developers.cloudflare.com/dns/proxy-status/enforce-dns-only).
+    """