feat(api): api update (#3572)

Author: stainless-app[bot]

.stats.yml

@@ -1,2 +1,2 @@
-configured_endpoints: 1361
-openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/cloudflare%2Fcloudflare-f42cd2aad7c5dc546130b78d1b183a339ff0c666d7b0e98159bdfbf09eecd80d.yml
+configured_endpoints: 1397
+openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/cloudflare%2Fcloudflare-b2ba1107ac358119a40fb6ff04ef71393204afba24220e4b9f1611dcccd85b00.yml

api.md

@@ -0,0 +1,163 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+package filters_test
+
+import (
+	"context"
+	"errors"
+	"os"
+	"testing"
+
+	"github.com/cloudflare/cloudflare-go/v3"
+	"github.com/cloudflare/cloudflare-go/v3/filters"
+	"github.com/cloudflare/cloudflare-go/v3/internal/testutil"
+	"github.com/cloudflare/cloudflare-go/v3/option"
+)
+
+func TestFilterNew(t *testing.T) {
+	t.Skip("TODO: investigate broken test")
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Filters.New(context.TODO(), filters.FilterNewParams{
+		ZoneID:     cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		Expression: cloudflare.F("(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155"),
+	})
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestFilterUpdate(t *testing.T) {
+	t.Skip("TODO: investigate broken test")
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Filters.Update(
+		context.TODO(),
+		"372e67954025e0ba6aaa6d586b9e0b61",
+		filters.FilterUpdateParams{
+			ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+			Body:   map[string]interface{}{},
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestFilterListWithOptionalParams(t *testing.T) {
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Filters.List(context.TODO(), filters.FilterListParams{
+		ZoneID:      cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		ID:          cloudflare.F("372e67954025e0ba6aaa6d586b9e0b61"),
+		Description: cloudflare.F("browsers"),
+		Expression:  cloudflare.F("php"),
+		Page:        cloudflare.F(1.000000),
+		Paused:      cloudflare.F(false),
+		PerPage:     cloudflare.F(5.000000),
+		Ref:         cloudflare.F("FIL-100"),
+	})
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestFilterDelete(t *testing.T) {
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Filters.Delete(
+		context.TODO(),
+		"372e67954025e0ba6aaa6d586b9e0b61",
+		filters.FilterDeleteParams{
+			ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestFilterGet(t *testing.T) {
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Filters.Get(
+		context.TODO(),
+		"372e67954025e0ba6aaa6d586b9e0b61",
+		filters.FilterGetParams{
+			ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}

filters/filter.go

@@ -82,3 +82,99 @@ func TestAccessRuleListWithOptionalParams(t *testing.T) {
 		t.Fatalf("err should be nil: %s", err.Error())
 	}
 }
+
+func TestAccessRuleDeleteWithOptionalParams(t *testing.T) {
+	t.Skip("TODO: investigate broken test")
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.AccessRules.Delete(
+		context.TODO(),
+		"023e105f4ecef8ad9ca31a8372d0c353",
+		firewall.AccessRuleDeleteParams{
+			AccountID: cloudflare.F("account_id"),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestAccessRuleEditWithOptionalParams(t *testing.T) {
+	t.Skip("TODO: investigate broken test")
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.AccessRules.Edit(
+		context.TODO(),
+		"023e105f4ecef8ad9ca31a8372d0c353",
+		firewall.AccessRuleEditParams{
+			Configuration: cloudflare.F[firewall.AccessRuleEditParamsConfigurationUnion](firewall.AccessRuleIPConfigurationParam{
+				Target: cloudflare.F(firewall.AccessRuleIPConfigurationTargetIP),
+				Value:  cloudflare.F("198.51.100.4"),
+			}),
+			Mode:      cloudflare.F(firewall.AccessRuleEditParamsModeBlock),
+			AccountID: cloudflare.F("account_id"),
+			Notes:     cloudflare.F("This rule is enabled because of an event that occurred on date X."),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestAccessRuleGetWithOptionalParams(t *testing.T) {
+	t.Skip("TODO: investigate broken test")
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.AccessRules.Get(
+		context.TODO(),
+		"023e105f4ecef8ad9ca31a8372d0c353",
+		firewall.AccessRuleGetParams{
+			AccountID: cloudflare.F("account_id"),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}

filters/filter_test.go

@@ -0,0 +1,176 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+package firewall_test
+
+import (
+	"context"
+	"errors"
+	"os"
+	"testing"
+	"time"
+
+	"github.com/cloudflare/cloudflare-go/v3"
+	"github.com/cloudflare/cloudflare-go/v3/firewall"
+	"github.com/cloudflare/cloudflare-go/v3/internal/testutil"
+	"github.com/cloudflare/cloudflare-go/v3/option"
+)
+
+func TestLockdownNewWithOptionalParams(t *testing.T) {
+	t.Skip("TODO: investigate broken test")
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.Lockdowns.New(context.TODO(), firewall.LockdownNewParams{
+		ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		Configurations: cloudflare.F[firewall.ConfigurationUnionParam](firewall.LockdownIPConfigurationParam{
+			Target: cloudflare.F(firewall.LockdownIPConfigurationTargetIP),
+			Value:  cloudflare.F("198.51.100.4"),
+		}),
+		URLs: cloudflare.F([]firewall.OverrideURLParam{"shop.example.com/*", "shop.example.com/*", "shop.example.com/*"}),
+	})
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestLockdownUpdateWithOptionalParams(t *testing.T) {
+	t.Skip("TODO: investigate broken test")
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.Lockdowns.Update(
+		context.TODO(),
+		"372e67954025e0ba6aaa6d586b9e0b59",
+		firewall.LockdownUpdateParams{
+			ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+			Configurations: cloudflare.F[firewall.ConfigurationUnionParam](firewall.LockdownIPConfigurationParam{
+				Target: cloudflare.F(firewall.LockdownIPConfigurationTargetIP),
+				Value:  cloudflare.F("198.51.100.4"),
+			}),
+			URLs: cloudflare.F([]firewall.OverrideURLParam{"shop.example.com/*", "shop.example.com/*", "shop.example.com/*"}),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestLockdownListWithOptionalParams(t *testing.T) {
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.Lockdowns.List(context.TODO(), firewall.LockdownListParams{
+		ZoneID:            cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		CreatedOn:         cloudflare.F(time.Now()),
+		Description:       cloudflare.F("endpoints"),
+		DescriptionSearch: cloudflare.F("endpoints"),
+		IP:                cloudflare.F("1.2.3.4"),
+		IPRangeSearch:     cloudflare.F("1.2.3.0/16"),
+		IPSearch:          cloudflare.F("1.2.3.4"),
+		ModifiedOn:        cloudflare.F(time.Now()),
+		Page:              cloudflare.F(1.000000),
+		PerPage:           cloudflare.F(1.000000),
+		Priority:          cloudflare.F(5.000000),
+		URISearch:         cloudflare.F("/some/path"),
+	})
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestLockdownDelete(t *testing.T) {
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.Lockdowns.Delete(
+		context.TODO(),
+		"372e67954025e0ba6aaa6d586b9e0b59",
+		firewall.LockdownDeleteParams{
+			ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestLockdownGet(t *testing.T) {
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.Lockdowns.Get(
+		context.TODO(),
+		"372e67954025e0ba6aaa6d586b9e0b59",
+		firewall.LockdownGetParams{
+			ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}

firewall/accessrule.go

@@ -0,0 +1,220 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+package firewall_test
+
+import (
+	"context"
+	"errors"
+	"os"
+	"testing"
+
+	"github.com/cloudflare/cloudflare-go/v3"
+	"github.com/cloudflare/cloudflare-go/v3/filters"
+	"github.com/cloudflare/cloudflare-go/v3/firewall"
+	"github.com/cloudflare/cloudflare-go/v3/internal/testutil"
+	"github.com/cloudflare/cloudflare-go/v3/option"
+)
+
+func TestRuleNewWithOptionalParams(t *testing.T) {
+	t.Skip("TODO: investigate broken test")
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.Rules.New(context.TODO(), firewall.RuleNewParams{
+		ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		Action: cloudflare.F(firewall.RuleNewParamsAction{
+			Mode: cloudflare.F(firewall.RuleNewParamsActionModeSimulate),
+			Response: cloudflare.F(firewall.RuleNewParamsActionResponse{
+				Body:        cloudflare.F("<error>This request has been rate-limited.</error>"),
+				ContentType: cloudflare.F("text/xml"),
+			}),
+			Timeout: cloudflare.F(86400.000000),
+		}),
+		Filter: cloudflare.F(filters.FirewallFilterParam{
+			Description: cloudflare.F("Restrict access from these browsers on this address range."),
+			Expression:  cloudflare.F("(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155"),
+			Paused:      cloudflare.F(false),
+			Ref:         cloudflare.F("FIL-100"),
+		}),
+	})
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestRuleUpdateWithOptionalParams(t *testing.T) {
+	t.Skip("TODO: investigate broken test")
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.Rules.Update(
+		context.TODO(),
+		"372e67954025e0ba6aaa6d586b9e0b60",
+		firewall.RuleUpdateParams{
+			ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+			Action: cloudflare.F(firewall.RuleUpdateParamsAction{
+				Mode: cloudflare.F(firewall.RuleUpdateParamsActionModeSimulate),
+				Response: cloudflare.F(firewall.RuleUpdateParamsActionResponse{
+					Body:        cloudflare.F("<error>This request has been rate-limited.</error>"),
+					ContentType: cloudflare.F("text/xml"),
+				}),
+				Timeout: cloudflare.F(86400.000000),
+			}),
+			Filter: cloudflare.F(filters.FirewallFilterParam{
+				Description: cloudflare.F("Restrict access from these browsers on this address range."),
+				Expression:  cloudflare.F("(http.request.uri.path ~ \".*wp-login.php\" or http.request.uri.path ~ \".*xmlrpc.php\") and ip.addr ne 172.16.22.155"),
+				Paused:      cloudflare.F(false),
+				Ref:         cloudflare.F("FIL-100"),
+			}),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestRuleListWithOptionalParams(t *testing.T) {
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.Rules.List(context.TODO(), firewall.RuleListParams{
+		ZoneID:      cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		ID:          cloudflare.F("372e67954025e0ba6aaa6d586b9e0b60"),
+		Action:      cloudflare.F("block"),
+		Description: cloudflare.F("mir"),
+		Page:        cloudflare.F(1.000000),
+		Paused:      cloudflare.F(false),
+		PerPage:     cloudflare.F(5.000000),
+	})
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestRuleDelete(t *testing.T) {
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.Rules.Delete(
+		context.TODO(),
+		"372e67954025e0ba6aaa6d586b9e0b60",
+		firewall.RuleDeleteParams{
+			ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestRuleEdit(t *testing.T) {
+	t.Skip("TODO: investigate broken test")
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.Rules.Edit(
+		context.TODO(),
+		"372e67954025e0ba6aaa6d586b9e0b60",
+		firewall.RuleEditParams{
+			ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestRuleGetWithOptionalParams(t *testing.T) {
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.Rules.Get(
+		context.TODO(),
+		"372e67954025e0ba6aaa6d586b9e0b60",
+		firewall.RuleGetParams{
+			ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+			ID:     cloudflare.F("372e67954025e0ba6aaa6d586b9e0b60"),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}

firewall/accessrule_test.go

@@ -0,0 +1,169 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+package firewall_test
+
+import (
+	"context"
+	"errors"
+	"os"
+	"testing"
+
+	"github.com/cloudflare/cloudflare-go/v3"
+	"github.com/cloudflare/cloudflare-go/v3/firewall"
+	"github.com/cloudflare/cloudflare-go/v3/internal/testutil"
+	"github.com/cloudflare/cloudflare-go/v3/option"
+)
+
+func TestUARuleNewWithOptionalParams(t *testing.T) {
+	t.Skip("TODO: investigate broken test")
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.UARules.New(context.TODO(), firewall.UARuleNewParams{
+		ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		Configuration: cloudflare.F[firewall.UARuleNewParamsConfigurationUnion](firewall.AccessRuleIPConfigurationParam{
+			Target: cloudflare.F(firewall.AccessRuleIPConfigurationTargetIP),
+			Value:  cloudflare.F("198.51.100.4"),
+		}),
+		Mode: cloudflare.F(firewall.UARuleNewParamsModeBlock),
+	})
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestUARuleUpdateWithOptionalParams(t *testing.T) {
+	t.Skip("TODO: investigate broken test")
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.UARules.Update(
+		context.TODO(),
+		"372e67954025e0ba6aaa6d586b9e0b59",
+		firewall.UARuleUpdateParams{
+			ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+			Configuration: cloudflare.F[firewall.UARuleUpdateParamsConfigurationUnion](firewall.AccessRuleIPConfigurationParam{
+				Target: cloudflare.F(firewall.AccessRuleIPConfigurationTargetIP),
+				Value:  cloudflare.F("198.51.100.4"),
+			}),
+			Mode: cloudflare.F(firewall.UARuleUpdateParamsModeBlock),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestUARuleListWithOptionalParams(t *testing.T) {
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.UARules.List(context.TODO(), firewall.UARuleListParams{
+		ZoneID:            cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		Description:       cloudflare.F("abusive"),
+		DescriptionSearch: cloudflare.F("abusive"),
+		Page:              cloudflare.F(1.000000),
+		PerPage:           cloudflare.F(1.000000),
+		UASearch:          cloudflare.F("Safari"),
+	})
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestUARuleDelete(t *testing.T) {
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.UARules.Delete(
+		context.TODO(),
+		"372e67954025e0ba6aaa6d586b9e0b59",
+		firewall.UARuleDeleteParams{
+			ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestUARuleGet(t *testing.T) {
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.UARules.Get(
+		context.TODO(),
+		"372e67954025e0ba6aaa6d586b9e0b59",
+		firewall.UARuleGetParams{
+			ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}

firewall/lockdown.go

@@ -0,0 +1,169 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+package firewall_test
+
+import (
+	"context"
+	"errors"
+	"os"
+	"testing"
+
+	"github.com/cloudflare/cloudflare-go/v3"
+	"github.com/cloudflare/cloudflare-go/v3/firewall"
+	"github.com/cloudflare/cloudflare-go/v3/internal/testutil"
+	"github.com/cloudflare/cloudflare-go/v3/option"
+)
+
+func TestWAFOverrideNew(t *testing.T) {
+	t.Skip("TODO: investigate broken test")
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.WAF.Overrides.New(context.TODO(), firewall.WAFOverrideNewParams{
+		ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		URLs:   cloudflare.F([]firewall.OverrideURLParam{"shop.example.com/*", "shop.example.com/*", "shop.example.com/*"}),
+	})
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestWAFOverrideUpdateWithOptionalParams(t *testing.T) {
+	t.Skip("TODO: investigate broken test")
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.WAF.Overrides.Update(
+		context.TODO(),
+		"de677e5818985db1285d0e80225f06e5",
+		firewall.WAFOverrideUpdateParams{
+			ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+			ID:     cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+			RewriteAction: cloudflare.F(firewall.RewriteActionParam{
+				Block:     cloudflare.F(firewall.RewriteActionBlockChallenge),
+				Challenge: cloudflare.F(firewall.RewriteActionChallengeChallenge),
+				Default:   cloudflare.F(firewall.RewriteActionDefaultChallenge),
+				Disable:   cloudflare.F(firewall.RewriteActionDisableChallenge),
+				Simulate:  cloudflare.F(firewall.RewriteActionSimulateChallenge),
+			}),
+			Rules: cloudflare.F(firewall.WAFRuleParam{
+				"100015": firewall.WAFRuleItemChallenge,
+			}),
+			URLs: cloudflare.F([]firewall.OverrideURLParam{"shop.example.com/*", "shop.example.com/*", "shop.example.com/*"}),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestWAFOverrideListWithOptionalParams(t *testing.T) {
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.WAF.Overrides.List(context.TODO(), firewall.WAFOverrideListParams{
+		ZoneID:  cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		Page:    cloudflare.F(1.000000),
+		PerPage: cloudflare.F(5.000000),
+	})
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestWAFOverrideDelete(t *testing.T) {
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.WAF.Overrides.Delete(
+		context.TODO(),
+		"de677e5818985db1285d0e80225f06e5",
+		firewall.WAFOverrideDeleteParams{
+			ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestWAFOverrideGet(t *testing.T) {
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.WAF.Overrides.Get(
+		context.TODO(),
+		"de677e5818985db1285d0e80225f06e5",
+		firewall.WAFOverrideGetParams{
+			ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}

firewall/lockdown_test.go

@@ -3,7 +3,21 @@
 package firewall
 
 import (
+	"context"
+	"errors"
+	"fmt"
+	"net/http"
+	"net/url"
+	"reflect"
+
+	"github.com/cloudflare/cloudflare-go/v3/internal/apijson"
+	"github.com/cloudflare/cloudflare-go/v3/internal/apiquery"
+	"github.com/cloudflare/cloudflare-go/v3/internal/param"
+	"github.com/cloudflare/cloudflare-go/v3/internal/requestconfig"
 	"github.com/cloudflare/cloudflare-go/v3/option"
+	"github.com/cloudflare/cloudflare-go/v3/packages/pagination"
+	"github.com/cloudflare/cloudflare-go/v3/shared"
+	"github.com/tidwall/gjson"
 )
 
 // WAFPackageService contains methods and other services that help with interacting
@@ -28,3 +42,287 @@ func NewWAFPackageService(opts ...option.RequestOption) (r *WAFPackageService) {
 	r.Rules = NewWAFPackageRuleService(opts...)
 	return
 }
+
+// Fetches WAF packages for a zone.
+//
+// **Note:** Applies only to the
+// [previous version of WAF managed rules](https://developers.cloudflare.com/support/firewall/managed-rules-web-application-firewall-waf/understanding-waf-managed-rules-web-application-firewall/).
+func (r *WAFPackageService) List(ctx context.Context, params WAFPackageListParams, opts ...option.RequestOption) (res *pagination.V4PagePaginationArray[WAFPackageListResponse], err error) {
+	var raw *http.Response
+	opts = append(r.Options[:], opts...)
+	opts = append([]option.RequestOption{option.WithResponseInto(&raw)}, opts...)
+	if params.ZoneID.Value == "" {
+		err = errors.New("missing required zone_id parameter")
+		return
+	}
+	path := fmt.Sprintf("zones/%s/firewall/waf/packages", params.ZoneID)
+	cfg, err := requestconfig.NewRequestConfig(ctx, http.MethodGet, path, params, &res, opts...)
+	if err != nil {
+		return nil, err
+	}
+	err = cfg.Execute()
+	if err != nil {
+		return nil, err
+	}
+	res.SetPageConfig(cfg, raw)
+	return res, nil
+}
+
+// Fetches WAF packages for a zone.
+//
+// **Note:** Applies only to the
+// [previous version of WAF managed rules](https://developers.cloudflare.com/support/firewall/managed-rules-web-application-firewall-waf/understanding-waf-managed-rules-web-application-firewall/).
+func (r *WAFPackageService) ListAutoPaging(ctx context.Context, params WAFPackageListParams, opts ...option.RequestOption) *pagination.V4PagePaginationArrayAutoPager[WAFPackageListResponse] {
+	return pagination.NewV4PagePaginationArrayAutoPager(r.List(ctx, params, opts...))
+}
+
+// Fetches the details of a WAF package.
+//
+// **Note:** Applies only to the
+// [previous version of WAF managed rules](https://developers.cloudflare.com/support/firewall/managed-rules-web-application-firewall-waf/understanding-waf-managed-rules-web-application-firewall/).
+func (r *WAFPackageService) Get(ctx context.Context, packageID string, query WAFPackageGetParams, opts ...option.RequestOption) (res *WAFPackageGetResponse, err error) {
+	opts = append(r.Options[:], opts...)
+	if query.ZoneID.Value == "" {
+		err = errors.New("missing required zone_id parameter")
+		return
+	}
+	if packageID == "" {
+		err = errors.New("missing required package_id parameter")
+		return
+	}
+	path := fmt.Sprintf("zones/%s/firewall/waf/packages/%s", query.ZoneID, packageID)
+	err = requestconfig.ExecuteNewRequest(ctx, http.MethodGet, path, nil, &res, opts...)
+	return
+}
+
+type WAFPackageListResponse = interface{}
+
+type WAFPackageGetResponse struct {
+	// This field can have the runtime type of [[]shared.ResponseInfo].
+	Errors interface{} `json:"errors,required"`
+	// This field can have the runtime type of [[]shared.ResponseInfo].
+	Messages interface{} `json:"messages,required"`
+	// This field can have the runtime type of [interface{}].
+	Result interface{} `json:"result,required"`
+	// Whether the API call was successful
+	Success WAFPackageGetResponseSuccess `json:"success"`
+	JSON    wafPackageGetResponseJSON    `json:"-"`
+	union   WAFPackageGetResponseUnion
+}
+
+// wafPackageGetResponseJSON contains the JSON metadata for the struct
+// [WAFPackageGetResponse]
+type wafPackageGetResponseJSON struct {
+	Errors      apijson.Field
+	Messages    apijson.Field
+	Result      apijson.Field
+	Success     apijson.Field
+	raw         string
+	ExtraFields map[string]apijson.Field
+}
+
+func (r wafPackageGetResponseJSON) RawJSON() string {
+	return r.raw
+}
+
+func (r *WAFPackageGetResponse) UnmarshalJSON(data []byte) (err error) {
+	*r = WAFPackageGetResponse{}
+	err = apijson.UnmarshalRoot(data, &r.union)
+	if err != nil {
+		return err
+	}
+	return apijson.Port(r.union, &r)
+}
+
+// AsUnion returns a [WAFPackageGetResponseUnion] interface which you can cast to
+// the specific types for more type safety.
+//
+// Possible runtime types of the union are
+// [firewall.WAFPackageGetResponseFirewallAPIResponseSingle],
+// [firewall.WAFPackageGetResponseResult].
+func (r WAFPackageGetResponse) AsUnion() WAFPackageGetResponseUnion {
+	return r.union
+}
+
+// Union satisfied by [firewall.WAFPackageGetResponseFirewallAPIResponseSingle] or
+// [firewall.WAFPackageGetResponseResult].
+type WAFPackageGetResponseUnion interface {
+	implementsFirewallWAFPackageGetResponse()
+}
+
+func init() {
+	apijson.RegisterUnion(
+		reflect.TypeOf((*WAFPackageGetResponseUnion)(nil)).Elem(),
+		"",
+		apijson.UnionVariant{
+			TypeFilter: gjson.JSON,
+			Type:       reflect.TypeOf(WAFPackageGetResponseFirewallAPIResponseSingle{}),
+		},
+		apijson.UnionVariant{
+			TypeFilter: gjson.JSON,
+			Type:       reflect.TypeOf(WAFPackageGetResponseResult{}),
+		},
+	)
+}
+
+type WAFPackageGetResponseFirewallAPIResponseSingle struct {
+	Errors   []shared.ResponseInfo `json:"errors,required"`
+	Messages []shared.ResponseInfo `json:"messages,required"`
+	Result   interface{}           `json:"result,required"`
+	// Whether the API call was successful
+	Success WAFPackageGetResponseFirewallAPIResponseSingleSuccess `json:"success,required"`
+	JSON    wafPackageGetResponseFirewallAPIResponseSingleJSON    `json:"-"`
+}
+
+// wafPackageGetResponseFirewallAPIResponseSingleJSON contains the JSON metadata
+// for the struct [WAFPackageGetResponseFirewallAPIResponseSingle]
+type wafPackageGetResponseFirewallAPIResponseSingleJSON struct {
+	Errors      apijson.Field
+	Messages    apijson.Field
+	Result      apijson.Field
+	Success     apijson.Field
+	raw         string
+	ExtraFields map[string]apijson.Field
+}
+
+func (r *WAFPackageGetResponseFirewallAPIResponseSingle) UnmarshalJSON(data []byte) (err error) {
+	return apijson.UnmarshalRoot(data, r)
+}
+
+func (r wafPackageGetResponseFirewallAPIResponseSingleJSON) RawJSON() string {
+	return r.raw
+}
+
+func (r WAFPackageGetResponseFirewallAPIResponseSingle) implementsFirewallWAFPackageGetResponse() {}
+
+// Whether the API call was successful
+type WAFPackageGetResponseFirewallAPIResponseSingleSuccess bool
+
+const (
+	WAFPackageGetResponseFirewallAPIResponseSingleSuccessTrue WAFPackageGetResponseFirewallAPIResponseSingleSuccess = true
+)
+
+func (r WAFPackageGetResponseFirewallAPIResponseSingleSuccess) IsKnown() bool {
+	switch r {
+	case WAFPackageGetResponseFirewallAPIResponseSingleSuccessTrue:
+		return true
+	}
+	return false
+}
+
+type WAFPackageGetResponseResult struct {
+	Result interface{}                     `json:"result"`
+	JSON   wafPackageGetResponseResultJSON `json:"-"`
+}
+
+// wafPackageGetResponseResultJSON contains the JSON metadata for the struct
+// [WAFPackageGetResponseResult]
+type wafPackageGetResponseResultJSON struct {
+	Result      apijson.Field
+	raw         string
+	ExtraFields map[string]apijson.Field
+}
+
+func (r *WAFPackageGetResponseResult) UnmarshalJSON(data []byte) (err error) {
+	return apijson.UnmarshalRoot(data, r)
+}
+
+func (r wafPackageGetResponseResultJSON) RawJSON() string {
+	return r.raw
+}
+
+func (r WAFPackageGetResponseResult) implementsFirewallWAFPackageGetResponse() {}
+
+// Whether the API call was successful
+type WAFPackageGetResponseSuccess bool
+
+const (
+	WAFPackageGetResponseSuccessTrue WAFPackageGetResponseSuccess = true
+)
+
+func (r WAFPackageGetResponseSuccess) IsKnown() bool {
+	switch r {
+	case WAFPackageGetResponseSuccessTrue:
+		return true
+	}
+	return false
+}
+
+type WAFPackageListParams struct {
+	// Identifier
+	ZoneID param.Field[string] `path:"zone_id,required"`
+	// The direction used to sort returned packages.
+	Direction param.Field[WAFPackageListParamsDirection] `query:"direction"`
+	// When set to `all`, all the search requirements must match. When set to `any`,
+	// only one of the search requirements has to match.
+	Match param.Field[WAFPackageListParamsMatch] `query:"match"`
+	// The name of the WAF package.
+	Name param.Field[string] `query:"name"`
+	// The field used to sort returned packages.
+	Order param.Field[WAFPackageListParamsOrder] `query:"order"`
+	// The page number of paginated results.
+	Page param.Field[float64] `query:"page"`
+	// The number of packages per page.
+	PerPage param.Field[float64] `query:"per_page"`
+}
+
+// URLQuery serializes [WAFPackageListParams]'s query parameters as `url.Values`.
+func (r WAFPackageListParams) URLQuery() (v url.Values) {
+	return apiquery.MarshalWithSettings(r, apiquery.QuerySettings{
+		ArrayFormat:  apiquery.ArrayQueryFormatRepeat,
+		NestedFormat: apiquery.NestedQueryFormatDots,
+	})
+}
+
+// The direction used to sort returned packages.
+type WAFPackageListParamsDirection string
+
+const (
+	WAFPackageListParamsDirectionAsc  WAFPackageListParamsDirection = "asc"
+	WAFPackageListParamsDirectionDesc WAFPackageListParamsDirection = "desc"
+)
+
+func (r WAFPackageListParamsDirection) IsKnown() bool {
+	switch r {
+	case WAFPackageListParamsDirectionAsc, WAFPackageListParamsDirectionDesc:
+		return true
+	}
+	return false
+}
+
+// When set to `all`, all the search requirements must match. When set to `any`,
+// only one of the search requirements has to match.
+type WAFPackageListParamsMatch string
+
+const (
+	WAFPackageListParamsMatchAny WAFPackageListParamsMatch = "any"
+	WAFPackageListParamsMatchAll WAFPackageListParamsMatch = "all"
+)
+
+func (r WAFPackageListParamsMatch) IsKnown() bool {
+	switch r {
+	case WAFPackageListParamsMatchAny, WAFPackageListParamsMatchAll:
+		return true
+	}
+	return false
+}
+
+// The field used to sort returned packages.
+type WAFPackageListParamsOrder string
+
+const (
+	WAFPackageListParamsOrderName WAFPackageListParamsOrder = "name"
+)
+
+func (r WAFPackageListParamsOrder) IsKnown() bool {
+	switch r {
+	case WAFPackageListParamsOrderName:
+		return true
+	}
+	return false
+}
+
+type WAFPackageGetParams struct {
+	// Identifier
+	ZoneID param.Field[string] `path:"zone_id,required"`
+}

firewall/rule.go

@@ -0,0 +1,76 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+package firewall_test
+
+import (
+	"context"
+	"errors"
+	"os"
+	"testing"
+
+	"github.com/cloudflare/cloudflare-go/v3"
+	"github.com/cloudflare/cloudflare-go/v3/firewall"
+	"github.com/cloudflare/cloudflare-go/v3/internal/testutil"
+	"github.com/cloudflare/cloudflare-go/v3/option"
+)
+
+func TestWAFPackageListWithOptionalParams(t *testing.T) {
+	t.Skip("TODO: investigate broken test")
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.WAF.Packages.List(context.TODO(), firewall.WAFPackageListParams{
+		ZoneID:    cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		Direction: cloudflare.F(firewall.WAFPackageListParamsDirectionAsc),
+		Match:     cloudflare.F(firewall.WAFPackageListParamsMatchAny),
+		Name:      cloudflare.F("USER"),
+		Order:     cloudflare.F(firewall.WAFPackageListParamsOrderName),
+		Page:      cloudflare.F(1.000000),
+		PerPage:   cloudflare.F(5.000000),
+	})
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestWAFPackageGet(t *testing.T) {
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.Firewall.WAF.Packages.Get(
+		context.TODO(),
+		"023e105f4ecef8ad9ca31a8372d0c353",
+		firewall.WAFPackageGetParams{
+			ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}

firewall/rule_test.go

@@ -0,0 +1,222 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+package rate_limits_test
+
+import (
+	"context"
+	"errors"
+	"os"
+	"testing"
+
+	"github.com/cloudflare/cloudflare-go/v3"
+	"github.com/cloudflare/cloudflare-go/v3/internal/testutil"
+	"github.com/cloudflare/cloudflare-go/v3/option"
+	"github.com/cloudflare/cloudflare-go/v3/rate_limits"
+)
+
+func TestRateLimitNewWithOptionalParams(t *testing.T) {
+	t.Skip("TODO: investigate broken test")
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.RateLimits.New(context.TODO(), rate_limits.RateLimitNewParams{
+		ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		Action: cloudflare.F(rate_limits.RateLimitNewParamsAction{
+			Mode: cloudflare.F(rate_limits.RateLimitNewParamsActionModeSimulate),
+			Response: cloudflare.F(rate_limits.RateLimitNewParamsActionResponse{
+				Body:        cloudflare.F("<error>This request has been rate-limited.</error>"),
+				ContentType: cloudflare.F("text/xml"),
+			}),
+			Timeout: cloudflare.F(86400.000000),
+		}),
+		Match: cloudflare.F(rate_limits.RateLimitNewParamsMatch{
+			Headers: cloudflare.F([]rate_limits.RateLimitNewParamsMatchHeader{{
+				Name:  cloudflare.F("Cf-Cache-Status"),
+				Op:    cloudflare.F(rate_limits.RateLimitNewParamsMatchHeadersOpEq),
+				Value: cloudflare.F("HIT"),
+			}, {
+				Name:  cloudflare.F("Cf-Cache-Status"),
+				Op:    cloudflare.F(rate_limits.RateLimitNewParamsMatchHeadersOpEq),
+				Value: cloudflare.F("HIT"),
+			}, {
+				Name:  cloudflare.F("Cf-Cache-Status"),
+				Op:    cloudflare.F(rate_limits.RateLimitNewParamsMatchHeadersOpEq),
+				Value: cloudflare.F("HIT"),
+			}}),
+			Request: cloudflare.F(rate_limits.RateLimitNewParamsMatchRequest{
+				Methods: cloudflare.F([]rate_limits.Methods{rate_limits.MethodsGet, rate_limits.MethodsPost}),
+				Schemes: cloudflare.F([]string{"HTTP", "HTTPS"}),
+				URL:     cloudflare.F("*.example.org/path*"),
+			}),
+			Response: cloudflare.F(rate_limits.RateLimitNewParamsMatchResponse{
+				OriginTraffic: cloudflare.F(true),
+			}),
+		}),
+		Period:    cloudflare.F(900.000000),
+		Threshold: cloudflare.F(60.000000),
+	})
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestRateLimitListWithOptionalParams(t *testing.T) {
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.RateLimits.List(context.TODO(), rate_limits.RateLimitListParams{
+		ZoneID:  cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		Page:    cloudflare.F(1.000000),
+		PerPage: cloudflare.F(1.000000),
+	})
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestRateLimitDelete(t *testing.T) {
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.RateLimits.Delete(
+		context.TODO(),
+		"372e67954025e0ba6aaa6d586b9e0b59",
+		rate_limits.RateLimitDeleteParams{
+			ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestRateLimitEditWithOptionalParams(t *testing.T) {
+	t.Skip("TODO: investigate broken test")
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.RateLimits.Edit(
+		context.TODO(),
+		"372e67954025e0ba6aaa6d586b9e0b59",
+		rate_limits.RateLimitEditParams{
+			ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+			Action: cloudflare.F(rate_limits.RateLimitEditParamsAction{
+				Mode: cloudflare.F(rate_limits.RateLimitEditParamsActionModeSimulate),
+				Response: cloudflare.F(rate_limits.RateLimitEditParamsActionResponse{
+					Body:        cloudflare.F("<error>This request has been rate-limited.</error>"),
+					ContentType: cloudflare.F("text/xml"),
+				}),
+				Timeout: cloudflare.F(86400.000000),
+			}),
+			Match: cloudflare.F(rate_limits.RateLimitEditParamsMatch{
+				Headers: cloudflare.F([]rate_limits.RateLimitEditParamsMatchHeader{{
+					Name:  cloudflare.F("Cf-Cache-Status"),
+					Op:    cloudflare.F(rate_limits.RateLimitEditParamsMatchHeadersOpEq),
+					Value: cloudflare.F("HIT"),
+				}, {
+					Name:  cloudflare.F("Cf-Cache-Status"),
+					Op:    cloudflare.F(rate_limits.RateLimitEditParamsMatchHeadersOpEq),
+					Value: cloudflare.F("HIT"),
+				}, {
+					Name:  cloudflare.F("Cf-Cache-Status"),
+					Op:    cloudflare.F(rate_limits.RateLimitEditParamsMatchHeadersOpEq),
+					Value: cloudflare.F("HIT"),
+				}}),
+				Request: cloudflare.F(rate_limits.RateLimitEditParamsMatchRequest{
+					Methods: cloudflare.F([]rate_limits.Methods{rate_limits.MethodsGet, rate_limits.MethodsPost}),
+					Schemes: cloudflare.F([]string{"HTTP", "HTTPS"}),
+					URL:     cloudflare.F("*.example.org/path*"),
+				}),
+				Response: cloudflare.F(rate_limits.RateLimitEditParamsMatchResponse{
+					OriginTraffic: cloudflare.F(true),
+				}),
+			}),
+			Period:    cloudflare.F(900.000000),
+			Threshold: cloudflare.F(60.000000),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}
+
+func TestRateLimitGet(t *testing.T) {
+	baseURL := "http://localhost:4010"
+	if envURL, ok := os.LookupEnv("TEST_API_BASE_URL"); ok {
+		baseURL = envURL
+	}
+	if !testutil.CheckTestServer(t, baseURL) {
+		return
+	}
+	client := cloudflare.NewClient(
+		option.WithBaseURL(baseURL),
+		option.WithAPIKey("144c9defac04969c7bfad8efaa8ea194"),
+		option.WithAPIEmail("user@example.com"),
+	)
+	_, err := client.RateLimits.Get(
+		context.TODO(),
+		"372e67954025e0ba6aaa6d586b9e0b59",
+		rate_limits.RateLimitGetParams{
+			ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
+		},
+	)
+	if err != nil {
+		var apierr *cloudflare.Error
+		if errors.As(err, &apierr) {
+			t.Log(string(apierr.DumpRequest(true)))
+		}
+		t.Fatalf("err should be nil: %s", err.Error())
+	}
+}