fix(deps): update module github.com/cloudflare/cloudflare-go to v7

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/cloudflare/cloudflare-go	v0.117.0 → v7.3.0

---

Release Notes

cloudflare/cloudflare-go (github.com/cloudflare/cloudflare-go)

v7.3.0

Compare Source

7.3.0 (2026-05-20)

Full Changelog: v7.2.0...v7.3.0

This release adds several new services and sub-resources across DDoS Protection, AI Security, R2
bucket objects, Workers observability queries, Zero Trust SAML certificates, and more. All changes
are additive -- there are no breaking changes in this release.

---

Features

DDoS Protection (client.DDoSProtection)

• NEW SERVICE: Advanced TCP Protection management for Magic Transit accounts
  • AdvancedTCPProtection.Allowlist -- manage allowlist entries
    • New(), List(), BulkNew(), BulkDelete()
    • Items.Delete(), Items.Edit(), Items.Get()
  • AdvancedTCPProtection.Prefixes -- manage IP prefix configurations
    • New(), List(), BulkNew(), BulkDelete()
    • Items.Delete(), Items.Edit(), Items.Get()
  • AdvancedTCPProtection.SynProtection.Filters -- SYN flood protection filters
    • New(), List(), BulkDelete()
    • Items.Delete(), Items.Edit(), Items.Get()
  • AdvancedTCPProtection.SynProtection.Rules -- SYN flood protection rules
    • New(), List(), BulkDelete()
    • Items.Delete(), Items.Edit(), Items.Get()
  • AdvancedTCPProtection.TCPFlowProtection.Filters -- TCP flow protection filters
    • New(), List(), BulkDelete()
    • Items.Delete(), Items.Edit(), Items.Get()
  • AdvancedTCPProtection.TCPFlowProtection.Rules -- TCP flow protection rules
    • New(), List(), BulkDelete()
    • Items.Delete(), Items.Edit(), Items.Get()
  • AdvancedTCPProtection.Status -- TCP protection status
    • Edit(), Get()

AI Security (client.AISecurity)

• NEW SERVICE: Zone-level AI security settings management
  • Update() -- update AI security settings for a zone
  • Get() -- get current AI security settings
  • CustomTopics.Update() -- update custom topic definitions
  • CustomTopics.Get() -- get custom topic definitions

R2 Bucket Objects (client.R2.Buckets.Objects)

• NEW SUB-RESOURCE: Manage objects within R2 buckets via the control plane API
  • List() -- list objects in a bucket (cursor-paginated)
  • Delete() -- delete a specific object
  • Get() -- download an object (returns *http.Response)
  • Upload() -- upload an object from an io.Reader

Workers Observability Queries (client.Workers.Observability.Queries)

• NEW SUB-RESOURCE: Saved observability queries for Workers telemetry
  • New() -- create a saved query
  • List() -- list saved queries

Workers Secrets Bulk Update (client.Workers.Scripts.Secrets)

• Added BulkUpdate() method -- bulk update secrets for a Worker script via
  PATCH /accounts/{account_id}/workers/scripts/{script_name}/secrets-bulk

Zero Trust - SAML Certificate Management

• Identity Providers (client.ZeroTrust.IdentityProviders.SAMLCertificate)

  • New() -- create a SAML certificate for an identity provider

• Access SAML Certificates (client.ZeroTrust.Access.SAMLCertificates)

  • List() -- list all SAML certificate sets
  • Get() -- get a specific SAML certificate set
  • GetPem() -- download certificate in PEM format (returns *http.Response)
  • Rotate() -- rotate a SAML certificate set

Zero Trust - Resource Library (client.ZeroTrust.ResourceLibrary)

• NEW SUB-RESOURCE: Browse the Zero Trust resource library
  • Applications.List() -- list available applications
  • Applications.Get() -- get application details
  • Categories.List() -- list application categories
  • Categories.Get() -- get category details

Secrets Store (client.SecretsStore.Stores)

• Added Get() method -- retrieve a specific secrets store by ID

AI Search Namespaces (client.AISearch.Namespaces)

• Added namespace-level convenience methods (previously only available at the instance level):
  • Delete() -- delete a namespace
  • ChatCompletions() -- run chat completions against a namespace
  • Read() -- get namespace details
  • Search() -- search within a namespace

---

Other Updates

• Updated generated types and methods across many packages including ai_gateway,
  api_gateway, cache, email_security, intel, load_balancers, logpush,
  radar, secrets_store, workers, workers_for_platforms, workflows, and
  zones

v7.2.0

Compare Source

7.2.0 (2026-05-06)

Full Changelog: v7.1.0...v7.2.0

This release adds new sub-resources for AI Gateway billing, Cache Origin Cloud Regions v2, Radar BGP analytics, and Load Balancer monitor group references.

Features

Cache - Origin Cloud Regions v2 (client.Cache.OriginCloudRegions)

• NEW SUB-RESOURCE: Origin Cloud Regions service using the v2 /origin/cloud_regions endpoints
  • Update() -- create or update a cloud region mapping for an origin IP
  • List() -- list all cloud region mappings (paginated)
  • Delete() -- remove a cloud region mapping
  • BulkDelete() -- remove multiple cloud region mappings
  • BulkUpdate() -- create or update multiple cloud region mappings
  • Get() -- get a specific cloud region mapping
  • SupportedRegions() -- list supported cloud regions and vendors

AI Gateway - Billing (client.AIGateway.Billing)

• NEW SUB-RESOURCE: Billing service for AI Gateway accounts
  • CreditBalance() -- get current credit balance
  • UsageHistory() -- get historical usage data
  • InvoiceHistory() -- get past invoices
  • InvoicePreview() -- preview upcoming invoice

AI Gateway - Billing Spending Limit (client.AIGateway.Billing.SpendingLimit)

• NEW SUB-RESOURCE: Manage spending limits for AI Gateway billing
  • New() -- create a spending limit
  • Delete() -- remove a spending limit
  • Get() -- get the current spending limit

AI Gateway - Billing Topup (client.AIGateway.Billing.Topup)

• NEW SUB-RESOURCE: Manage billing top-ups for AI Gateway
  • New() -- create a top-up
  • Status() -- check top-up payment status

AI Gateway - Billing Topup Config (client.AIGateway.Billing.Topup.Config)

• NEW SUB-RESOURCE: Configure automatic top-ups
  • New() -- create a top-up config
  • Delete() -- remove a top-up config
  • Get() -- get the current top-up config

Cache - Smart Tiered Cache (client.Cache.SmartTieredCache)

• Added New() method (POST) to enable smart tiered cache topology

Radar - BGP IP Top (client.Radar.BGP.IPs.Top)

• NEW SUB-RESOURCE: Top ASes by BGP IP announcements
  • Ases() -- get top ASes for BGP IP data

Radar - BGP RPKI ROAs (client.Radar.BGP.RPKI.Roas)

• NEW SUB-RESOURCE: RPKI Route Origin Authorization timeseries
  • Timeseries() -- get ROA timeseries data

Load Balancers - Monitor Group References (client.LoadBalancers.MonitorGroups.References)

• NEW SUB-RESOURCE: Retrieve resources referencing a monitor group
  • Get() -- list references for a monitor group

Bug Fixes

• Codegen: Updated generated types and methods for ai_search, cloudforce_one, resource_sharing, url_scanner, and user packages

v7.1.0

Compare Source

7.1.0 (2026-05-04)

Full Changelog: v7.0.0...v7.1.0

---

Features

Security Center - New Insights Sub-Resources (client.SecurityCenter.Insights)

Three new sub-services added under client.SecurityCenter.Insights:

AuditLogs (client.SecurityCenter.Insights.AuditLogs)

• List(ctx, params) -> *pagination.CursorPagination[InsightAuditLogListResponse]
• ListByInsight(ctx, issueID, params) -> *pagination.CursorPagination[InsightAuditLogListByInsightResponse]

New response types: InsightAuditLogListResponse, InsightAuditLogListByInsightResponse

Classification (client.SecurityCenter.Insights.Classification)

• Update(ctx, issueID, params) -> *InsightClassificationUpdateResponse

New response types: InsightClassificationUpdateResponse

Context (client.SecurityCenter.Insights.Context)

• Get(ctx, issueID, query) -> *InsightContextGetResponse

New response types: InsightContextGetResponse

Zero Trust - Device Deployment Groups (client.ZeroTrust.Devices.DeploymentGroups)

New service client.ZeroTrust.Devices.DeploymentGroups:

• New(ctx, params) -> *DeploymentGroup
• List(ctx, params) -> *pagination.V4PagePaginationArray[DeploymentGroup]
• Delete(ctx, groupID, body) -> *DeviceDeploymentGroupDeleteResponse
• Edit(ctx, groupID, params) -> *DeploymentGroup
• Get(ctx, groupID, query) -> *DeploymentGroup

New response types: DeploymentGroup, DeviceDeploymentGroupDeleteResponse

Queues - Metrics Endpoint (client.Queues)

New method on client.Queues:

• GetMetrics(ctx, queueID, query) -> *QueueGetMetricsResponse

New response types: QueueGetMetricsResponse

Organizations - Audit Logs (client.Organizations.Logs.Audit)

New service client.Organizations.Logs.Audit:

• List(ctx, organizationID, query) -> *pagination.CursorPaginationAfter[LogAuditListResponse]

New response types: LogAuditListResponse

v7.0.0

Compare Source

7.0.0 (2026-04-30)

Full Changelog: v6.10.0...v7.0.0

This is a major version release that includes breaking changes to three packages: ai_search, email_security, and workers. These changes reflect upstream API specification updates that improve type correctness and consistency. Non-breaking features and updates are also included across several other packages.

Please ensure you read through the list of changes below before moving to this version - this will help you understand any down or upstream issues it may cause to your environments.

---

Breaking Changes

See the v7.0.0 Migration Guide for before/after code examples and actions needed for each change.

AI Search - SearchForAgents Metadata Removed

The SearchForAgents nested type has been removed from all instance metadata structs. This field is no longer part of the API specification.

Removed Types:

• InstanceNewResponseMetadataSearchForAgents
• InstanceUpdateResponseMetadataSearchForAgents
• InstanceListResponseMetadataSearchForAgents
• InstanceDeleteResponseMetadataSearchForAgents
• InstanceReadResponseMetadataSearchForAgents
• InstanceNewParamsMetadataSearchForAgents
• InstanceUpdateParamsMetadataSearchForAgents
• NamespaceInstanceNewResponseMetadataSearchForAgents
• NamespaceInstanceUpdateResponseMetadataSearchForAgents
• NamespaceInstanceListResponseMetadataSearchForAgents
• NamespaceInstanceDeleteResponseMetadataSearchForAgents
• NamespaceInstanceReadResponseMetadataSearchForAgents
• NamespaceInstanceNewParamsMetadataSearchForAgents
• NamespaceInstanceUpdateParamsMetadataSearchForAgents

Email Security - Path Parameter Type Changes (int64 to string)

Multiple Email Security settings sub-resources have changed their path parameter types from int64 to string. This affects Delete, Edit, and Get methods across the following services:

• AllowPolicies (policyID int64 -> policyID string)
• BlockSenders (patternID int64 -> patternID string)
• Domains (domainID int64 -> domainID string)
• ImpersonationRegistry (displayNameID int64 -> impersonationRegistryID string)
• TrustedDomains (trustedDomainID int64 -> trustedDomainID string)

Email Security - Investigate Parameter Rename

The Investigate.Get, Investigate.Move.New, and Investigate.Reclassify.New methods now use investigateID instead of postfixID as the path parameter name.

Email Security - Domains BulkDelete Method Removed

The SettingDomainService.BulkDelete method and its associated types have been removed:

• SettingDomainBulkDeleteResponse
• SettingDomainBulkDeleteParams

Email Security - TrustedDomains Return Type Change

SettingTrustedDomainService.New now returns *SettingTrustedDomainNewResponse instead of *SettingTrustedDomainNewResponseUnion.

Email Security - Investigate.Move Return Type Change

InvestigateMoveService.New now returns *pagination.SinglePage[InvestigateMoveNewResponse] instead of *[]InvestigateMoveNewResponse.

Workers - Observability Telemetry Filter Restructuring

The observability telemetry filter parameter types have been restructured to support nested filter groups. New discriminated union types replace the previous flat filter arrays:

• ObservabilityTelemetryKeysParams.Filters now accepts FiltersObjectFilterUnion (was []interface{})
• ObservabilityTelemetryQueryParams.Parameters.Filters now accepts FiltersObjectFilterUnion
• ObservabilityTelemetryValuesParams.Filters now accepts FiltersObjectFilterUnion

New types include FiltersObjectFiltersObject (for group filters with FilterCombination) and FiltersWorkersObservabilityFilterLeaf (for leaf filters with typed Operation, Type, and Value fields).

---

Features

Organizations (client.Organizations)

• NEW SERVICE: client.Organizations.Logs.Audit -- query organization audit logs
  • List() - Retrieve audit logs with cursor-based pagination

Browser Rendering (client.BrowserRendering)

• client.BrowserRendering.Devtools.Browser.Targets.Close() -- close a specific browser target (tab, page) by ID

Queues (client.Queues)

• client.Queues.GetMetrics() -- retrieve queue metrics for a specific queue

AI Search (client.AISearch)

• Added WaitForCompletion parameter to NamespaceInstanceItemNewOrUpdateParams and NamespaceInstanceItemSyncParams for synchronous indexing confirmation

---

Bug Fixes

• Magic Transit: ConnectorService.List parameter name corrected from query to params (non-functional, affects generated documentation only)

v6.10.0

Compare Source

Full Changelog: v6.9.0...v6.10.0

In this release, you'll see a number of breaking changes. This is primarily due to changes in OpenAPI definitions, which our libraries are based off of, and codegen updates that we rely on to read those OpenAPI definitions and produce our SDK libraries.

v6.9.0

Compare Source

6.9.0 (2026-04-01)

Full Changelog: v6.8.0...v6.9.0

In this release, you'll see a number of breaking changes. This is primarily due to changes in OpenAPI definitions, which our libraries are based off of, and codegen updates that we rely on to read those OpenAPI definitions and produce our SDK libraries.

Please ensure you read through the list of changes below before moving to this version - this will help you understand any down or upstream issues it may cause to your environments.

---

Breaking Changes

See the v6.9.0 Migration Guide for before/after code examples and actions needed for each change.

AI Gateway - AccountID, AccountTag, and InternalID Field Removal

The AccountID, AccountTag, and InternalID fields have been removed from all AI Gateway response types:

• AIGatewayNewResponse
• AIGatewayUpdateResponse
• AIGatewayListResponse
• AIGatewayDeleteResponse
• AIGatewayGetResponse
• DynamicRoutingNewResponse
• DynamicRoutingDeleteResponse
• DynamicRoutingNewDeploymentResponse
• DynamicRoutingNewVersionResponse
• DynamicRoutingGetResponse
• DynamicRoutingGetVersionResponse

AI Search - VectorizeName Field Removal

The VectorizeName field has been removed from all AI Search instance response types:

• InstanceNewResponse.VectorizeName
• InstanceUpdateResponse.VectorizeName
• InstanceListResponse.VectorizeName
• InstanceDeleteResponse.VectorizeName
• InstanceReadResponse.VectorizeName

AI Search - KeywordMatchMode Enum Values Changed

The KeywordMatchMode enum values have been renamed:

• KeywordMatchModeExactMatch → KeywordMatchModeAnd
• KeywordMatchModeFuzzyMatch → KeywordMatchModeOr

Affects InstanceNewParams and InstanceUpdateParams.

Billing - New PayGo Usage Endpoint

NEW: Added billing.Usage service with PayGo endpoint:

• client.Billing.Usage.Paygo() - Returns billable usage data for PayGo (self-serve) accounts

Note: The PayGo endpoint parameters (From, To) are now the primary query mechanism. The previously available LastMonthPeriodStart and LastYearPeriodStart parameters were removed in the underlying API specification.

Connectivity - TCP Service Support

The directory services now support TCP service configurations via discriminated union types:

• ServiceConfig is now a discriminated union of HttpServiceConfig and TcpServiceConfig
• New TcpServiceConfig type with tcp_port and app_protocol fields
• HttpServiceConfig and TcpServiceConfig both extend ServiceCommon base type

Custom Hostnames - Hostname Parameter Type Change

The Hostname parameter in CustomHostnameListParams has changed from a simple string to a structured object:

• Before: Hostname param.Field[string]
• After: Hostname param.Field[CustomHostnameListParamsHostname] (object with Contain field)

AI Search - InstanceItem Service Methods Removed

The InstanceItem service methods have been removed. The service structure still exists at client.AISearch.Instances.Items but no longer provides any methods:

• List() - List indexed items in an AI Search instance
• ListAutoPaging() - Auto-paging list method
• Get() - Get a specific indexed item
• All associated response types (InstanceItemListResponse, InstanceItemGetResponse, etc.)

Workers - Filter Type Changes

The observability telemetry filters have been restructured:

• Filter types changed from QueryFilter[] to FilterNode[] (discriminated union)
• Filters now support nested groups via kind: 'group'
• Affects telemetry endpoints: keys, query, and values

Workers - Domain Service Return Type Changes

The workers.Domain service methods now return specific response types instead of the generic Domain type:

• Update() returns *DomainUpdateResponse instead of *Domain
• List() returns pagination.SinglePage[DomainListResponse] instead of pagination.SinglePage[Domain]
• Delete() now returns (*DomainDeleteResponse, error) instead of just error
• Get() returns *DomainGetResponse instead of *Domain

Zero Trust - NetworkSubnet Response Type Consolidation

The NetworkSubnet service methods now use the shared Subnet type instead of endpoint-specific response types:

• NetworkSubnetService.List() returns Subnet instead of NetworkSubnetListResponse
• NetworkSubnetWARPService.New() returns Subnet instead of NetworkSubnetWARPNewResponse
• NetworkSubnetWARPService.Edit() returns Subnet instead of NetworkSubnetWARPEditResponse
• NetworkSubnetWARPService.Get() returns Subnet instead of NetworkSubnetWARPGetResponse
• NetworkSubnetCloudflareSourceService.Update() returns Subnet instead of NetworkSubnetCloudflareSourceUpdateResponse

The removed types (NetworkSubnetListResponse, NetworkSubnetWARPNewResponse, etc.) have been consolidated into the shared Subnet type.

Zero Trust - MfaBypass Field Removal

The MfaBypass field has been removed from MFA configuration types across multiple services:

Affected Param Types:

• AccessApplicationNewParamsBodySelfHostedApplicationMfaConfig.MfaBypass
• AccessApplicationUpdateParamsBodySelfHostedApplicationMfaConfig.MfaBypass
• AccessApplicationPolicyNewParamsMfaConfig.MfaBypass
• AccessApplicationPolicyUpdateParamsMfaConfig.MfaBypass
• AccessApplicationPolicyTestNewParamsPoliciesObjectMfaConfig.MfaBypass
• AccessPolicyNewParamsMfaConfig.MfaBypass
• AccessPolicyUpdateParamsMfaConfig.MfaBypass

Affected Response Types:

• All corresponding MfaConfig response types

Zero Trust - MfaConfigurationAllowed Field Removal

The MfaConfigurationAllowed field has been removed from Organization types:

• OrganizationNewParams.MfaConfigurationAllowed
• OrganizationUpdateParams.MfaConfigurationAllowed
• OrganizationNewResponse.MfaConfigurationAllowed

---

Features

AI Search - BoostBy Field Addition

The BoostBy field has been added to retrieval options across multiple response types:

• InstanceNewResponseRetrievalOptions.BoostBy
• InstanceUpdateResponseRetrievalOptions.BoostBy
• InstanceListResponseRetrievalOptions.BoostBy
• InstanceDeleteResponseRetrievalOptions.BoostBy
• InstanceReadResponseRetrievalOptions.BoostBy

Browser Rendering (client.browserRendering)

• Crawl: New endpoints for headless browser crawling
  • Create() - Start a crawl job
  • List() - List crawl jobs
  • Get() - Get crawl job details
  • Update() - Update crawl job
  • Delete() - Delete crawl job
  • Screenshot() - Take screenshots during crawl
  • Scrape() - Scrape content during crawl

Brand Protection v2 (client.brandProtection.v2)

• New v2 API endpoints:
  • Logo - Logo management
  • LogoMatch - Logo matching
  • Match - Brand protection matching
  • Query - Query brand protection data

Google Tag Gateway (client.googleTagGateway)

• NEW SERVICE: Manage Google Tag configurations
  • Config.Create(), Update(), List(), Delete(), Get()

Resource Tagging (client.resourceTagging)

• NEW SERVICE: Resource tagging management
  • AccountTag management
  • Key management for resource tagging

Zero Trust Device IP Profiles (client.zeroTrust.devices.ipProfiles)

• IP profile management for device posture
  • Create(), Update(), List(), Delete(), Get()

Abuse Reports

• Mitigation responses now include additional metadata fields

Accounts

• managed_by field with parent_org_id, parent_org_name support

AI Gateway

• zdr field added to all responses and params
• Dataset, evaluation, log, and provider config endpoints updated

AI Search

• Instance management expanded with new fields
• Job management enhancements
• Token management updates

API Gateway

• Configuration and user schema updates
• Expression template fallthrough improvements

D1

• Database query and raw query parameter refinements
• Time travel support: GetBookmark(), Restore()

DNS

• dns_records/usage endpoints added
• Record type improvements

Email Security

• Enhanced investigation endpoints
• New fields: envelope_from, envelope_to, postfix_id_outbound, replyto
• New detection classification: outbound_ndr

Logpush

• New datasets: dex_application_tests, dex_device_state_events, ipsec_logs, warp_config_changes, warp_toggle_changes

Magic Transit

• App and connector enhancements
• CF interconnect improvements
• License key and provisioning support

Organizations

• Organization account management improvements
• Hierarchical organization support

R2

• Super Slurper job enhancements
• Job log improvements

Rulesets

• Buffering fields: request_body_buffering, response_body_buffering

Workers

• Subdomain deletion support
• Script observability settings
• Tags and tail consumers support

Workflows

• Instance retention configuration
• New status option: restart

Zero Trust

• MCP portal and server configuration updates
• Access application type enhancements
• Gateway proxy endpoint improvements
• Tunnel connection updates

---

Deprecations

None in this release.

---

Bug Fixes

• AI Search: Fixed test compatibility issues
• Billing: Transport error handling improvements
• Client: Retry logic error passing fixes

v6.8.0

Compare Source

6.8.0 (2026-02-27)

Full Changelog: v6.7.0...v6.8.0

Breaking Changes

See the v6.8.0 Migration Guide for before/after code examples and actions needed for each change.

• CloudforceOne.ThreatEvents — Delete() method removed
• SSL.CertificatePacks — List() pagination type changed from SinglePage to V4PagePaginationArray
• ZeroTrust.DLP.Datasets — New(), Update(), Get() return types replaced with shared DLP types
• ZeroTrust.DLP.Datasets.Upload — New(), Edit() return types replaced with shared DLP types
• ZeroTrust.DLP.Profiles — Get() return type replaced with shared Profile type
• ZeroTrust.DLP.Profiles.Custom — New(), Update(), Get() return types replaced with shared Profile type
• ZeroTrust.DLP.Profiles.Predefined — Update(), Get() return types replaced with shared PredefinedProfile type

Features

New API Resources

• ACM.CustomTrustStore - Manage custom origin trust store certificates per zone
• EmailSecurity.Phishguard.Reports - List phishing reports via Email Security Phishguard
• Radar.PostQuantum - Post-quantum encryption analytics including origin adoption (Origin.Summary, Origin.TimeseriesGroups) and TLS support (TLS.Support)
• ZeroTrust.Access.Users - Manage Zero Trust Access user identities
• ZeroTrust.DEX.Rules - Manage DEX rules for device testing
• ZeroTrust.Gateway.Pacfiles - Manage Gateway PAC file configurations
• ZeroTrust.Networks.Subnets.WARP - Manage WARP subnet exclusions

New Endpoints (Existing Resources)

Radar.Entities.ASNs

• BotnetThreatFeed() - Retrieve botnet threat feed data for ASNs from Cloudflare Radar

v6.7.0

Compare Source

6.7.0 (2026-02-10)

Full Changelog: v6.6.0...v6.7.0

Features

• fraud: add new fraud detection API package
• ai_gateway: add dynamic routing endpoints for AI Gateway
• ai_gateway: add provider configuration management
• ai_search: add chat completions endpoint
• ai_search: add search endpoint
• ai_search: add custom metadata field support
• ai_search: add specific sitemaps configuration for web crawler
• acm: add Update method for Total TLS settings (upsert pattern)
• images: add metadata filtering support for image listings with operators (eq, in) and nested fields
• magic_transit: add bond_id field to site LAN configuration
• cloudforce_one: add cursor-based pagination for threat events (for deep pagination beyond 100k records)
• cloudforce_one: add includeCreatedEvents option to bulk threat event creation
• cloudforce_one: add datasetId field to threat event responses
• zero_trust: add secure_web_gateway field to MCP portal configuration
• email_security: add ids field for bulk move operations (replaces postfix_ids)

Bug Fixes

• acm: rename New method to Edit for Total TLS settings to match API semantics
• ai: add missing string union variants for AI run response types
• ai: correct ToMarkdown transform method signature to use params instead of separate file parameter
• custom_certificates: make bundle_method and other fields optional in response
• custom_certificates: restructure edit params with proper union types
• kv: change value field to support binary data in namespace value updates
• d1: mark batch field as required for multiple queries
• email_security: update bulk move documentation to specify 100 message limit
• origin_tls_client_auth: restructure to use proper subresource pattern
• workflows: properly type timeout and delay fields as unions (string or number)
• workers: correct Mode types
• browser_rendering: correct test URLs
• cloudforce_one: remove preserveUuid parameter (replaced by includeCreatedEvents)
• cloudforce_one: remove uuid field from threat event creation parameters
• radar: correct CT data source constant name casing

Chores

• intel: remove deprecated IP list endpoint and associated types
• update version to 6.7.0
• tests: skip problematic AI ToMarkdown transform tests
• api: extensive API specification updates across all packages

v6.6.0

Compare Source

6.6.0 (2025-01-15)

Full Changelog: v6.5.0...v6.6.0

Breaking Changes

• browser_rendering: refactor request body parameters to use proper union types

  The models were updated to be accurate to what the API expects, so there are parameter changes
  across most of the sub-resources under the browser_rendering umbrella.

Features

• ai_search: add hybrid search and public endpoint support
• ai_gateway: add is_default field to gateway configurations
• cloudforce_one: add UUID support, STIX2 format, and async indicator processing
• custom_pages: add waf_challenge identifier support
• email_security: add async polling support with Location header and success field
• magic_cloud_networking: expand type definitions for catalog sync, cloud integration, and onramp
• realtime_kit: add comprehensive meeting, preset, recording, session, and webhook endpoints
• rulesets: add request and response body buffering configuration options
• stream: add properly typed download responses with status tracking
• workers: add targeted placement support with host, hostname, and region options
• workers_for_platforms: enhance dispatch namespace script settings types
• workflows: add properly typed instance_retention parameter with error and success retention
• zones: refactor subscription responses to use dedicated types

Chores

• addressing: add auto_generated field to LOA document responses
• custom_hostnames: make SSL parameter optional in create requests
• email_security: deprecate item_count field in move responses
• hyperdrive: improve documentation for caching and port configuration
• pages: refactor project and deployment type definitions
• shared: add union type implementations and documentation updates
• zero_trust: simplify DLP shared entry types by removing entry_type unions

v6.5.0

Compare Source

6.5.0 (2025-12-17)

Full Changelog: v6.4.0...v6.5.0

Features

• ai_gateway: add zdr field (f85b933)
• ai_search: add AI Search endpoints (9d95c4b)
• leaked_credentials_check: Add GET endpoint for leaked_credentials_check/detections (2c4f6f5)
• magic_transit: support custom remote identities (f85b933)
• r2: add keys to super slurper response types (f85b933)
• radar: support filtering results by agent type (2020995)
• workers: add startup_time_ms to version types (f85b933)
• zero_trust: support new gateway list types (2020995)

Chores

• accounts: docs, tests updates (f85b933)
• api_gateway Deprecate API Shield Schema Validation resources (ae8644c)
• internal: codegen related update (d2d0a29)
• load_balancers: update pool, monitor nullability (2020995)
• zero_trus: refactor DLP entry types (23fdbc6)

v6.4.0

Compare Source

Full Changelog: v6.4.0...v6.5.0

Features

• ai_gateway: add zdr field (f85b933)
• ai_search: add AI Search endpoints (9d95c4b)
• leaked_credentials_check: Add GET endpoint for leaked_credentials_check/detections (2c4f6f5)
• magic_transit: support custom remote identities (f85b933)
• r2: add keys to super slurper response types (f85b933)
• radar: support filtering results by agent type (2020995)
• workers: add startup_time_ms to version types (f85b933)
• zero_trust: support new gateway list types (2020995)

Chores

• accounts: docs, tests updates (f85b933)
• api_gateway Deprecate API Shield Schema Validation resources (ae8644c)
• internal: codegen related update (d2d0a29)
• load_balancers: update pool, monitor nullability (2020995)
• zero_trus: refactor DLP entry types (23fdbc6)

v6.3.0

Compare Source

Full Changelog: v6.3.0...v6.4.0

Features

• chore: skip unsupported auth tests (b08ac6e)
• chore(abuse_report): unsupported auth scheme (61ece69)
• feat(r2_data_catalog): Configure SDKs/Terraform to use R2 Data Catalog routes (d1b1eab)
• feat(silences): add a new alert silencing api (fbe4969)

Bug Fixes

• ci: clean cache (#​4213) (92a4819)
• logaudit: revert breaking change to query by log audit id param (#​4212) (e1d5999)

Chores

• api: update composite API spec (813b47b)
• api: update composite API spec (86f0a73)
• internal: codegen related update (4548d4d)

v6.2.0

Compare Source

Full Changelog: v6.2.0...v6.3.0

Features

• mcp_portals: enable sdks generation (c582b3d)
• iam: add SSO Connectors resource to SDKs (a6cadb2)
• config: add token validation to stainless config (f733821)
• workers: expose subdomain delete (159aba7)
• abuse_reports: expose new abuse report endpoints (GET and LIST) (b5e8f16)
• tomarkdown: add new markdown supported endpoint (6737d33)
• abuse_reports: add abuse mitigations in client API (e25cf5d)
• pipelines: configure SDKs/Terraform to use the new Pipelines, Streams, Sinks routes (47fe62a)
• dlp: switch DLP Predefined Profile endpoints (496a17a)
• addressing_load: add deprecation to LOA api (2d0f886)

Bug Fixes

• schema: correctly reflect schema validation model mapping (e13a4b0)
• ai_controls: incorrect use of standalone_api (12b2f77)
• wvpc: move to connectivity module (30e2d15)
• realtime-kit: tabbing on realtime-kit api resources (b0f08de)

Chores

• internal: codegen related update (46aa6df)
• api: update composite API spec (dbd3501, 9d98e16, 1505c81, 8675c4c, b5bbbe9, 38a87ce, fe3eb4e, 3d6daa1, b47aab6, 974bd02, 3d0ffd6, 73536a3, e262a8c, 7f1df0a, 5142652, 75f93c0, 50f68e8, 2392214, 2d6e9a1, ad22ee9, e249bb7, 682d37e, 8eb7d7e, d9a67b9, 7b8206b, e482bcb, 177205f, e10f556, a148439, 8c76499, 58c65f1, 55d06fc, abfc0fa)

v6.1.0

Compare Source

Full Changelog: v6.1.0...v6.2.0

Features

• zero_trust: add tenant support (511b36f)
• zero_trust: add connectivity directory service support (eb26e21)
• organizations: SDKs for Organizations and OrganizationsProfile (1dbce03)
• zero_trust: add MCP portals support (6f3b557)
• radar: add new group by dimension support (1dcc5a6)
• content_scanning: add content scanning support (1e28d33)
• abuse: add abuse report support (c0d3b38)
• queues: add subscription read support (3f6d26f)
• zero_trust: add target attributes support (3f6d26f)
• accounts: add managed by support (d86239b)
• leaked_credential_checks: add support for user defined patterns (d86239b)
• magic_transit: add support for bonds in connector snapshots (d86239b)
• organizations: add support for deleting orgs (d86239b)
• queues: add support for reading consumers (d86239b)
• queues: add bulk message push support (d86239b)
• queues: add event subscription support (d86239b)
• radar: add new ctlog fields (d86239b)
• secrets_store: support new scopes (d86239b)
• workers: add support for observability telemetry support (d86239b)
• zero_trust: add mcp portal support (d86239b)
• zero_trust: add new fields to logs request (d86239b)
• alerting: add support for abuse reports (da98270)
• email_security: support additional fields (da98270)
• organizations: add list support (da98270)
• workers: add references support (5fc3d87)

Bug Fixes

• zero_trust: fix return types for connectivity directory service (fdb4538)
• custom_pages: fix identifier types (d86239b)

Chores

• radar: deprecate to_markdown resources (1dcc5a6)
• cloudforce_one: deprecate threat event read support in favor of datasets (8b1203b)
• rulesets: deprecate mirage support (8b1203b)
• r2: bucket notification rules are required (3f6d26f)
• rulesets: deprecate Cloudflare app support (3f6d26f)
• radar: deprecate AI bot summary UA support (fdb4538)
• workers: drop tail consumer binding type (d86239b)
• workers_for_platforms: drop tail consumer binding type (d86239b)
• zero_trust: dlp profile ID is not required (d86239b)
• pages: update project types (500840e)
• pipelines: deprecate several operations in favor of Streams API (4fa18b7)

v6.0.1

Compare Source

Full Changelog: v6.0.1...v6.1.0

Features

• Add load balancer monitor groups endpoints (13e12e5)
• Add Radar AS-SET lookup endpoint (a0017de)
• Add organizations and account-specific profile & orgs APIs (5022bf1)
• Add to_markdown subresource to AI resource (7626bca)
• Add Zero Trust network hostname route endpoints (4390272)
• Rename duplicate parameter in the to_markdown subresource (07b0d52)
• Deprecate Radar AI inference and leaked credential endpoints (a96e487)
• Remove created_at and updated_at fields from Zero Trust organization (9c36264)

Bug Fixes

• bugfix for setting JSON keys with special characters (7c0a952)

Chores

• bump minimum go version to 1.22 (5c4c9b6)
• do not install brew dependencies in ./scripts/bootstrap by default (e12cc47)
• internal: codegen related update (f2abb93)
• api: update composite API spec (51c768e, e412469, 9143c15, 6606609, f69358a, a49490d, 4e23103, df8a5c6, 846f97f, f6a3e5c, fecd84e, a8ad675, 5d1e96a, 71117ac, 4922672, d3c0858, d366730, 5288377, 667a491, c7efc70, 8ae52b8, 9388bec, 5667889, 0018f12, 271377b, 89c938e, 0518e49, 5d9e625, [b6c7c9a](https://redirect.

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.