google-cloud-artifact_registry-v1 0.2.2 → 0.5.0

data/proto_docs/google/iam/v1/policy.rb

@@ -20,19 +20,24 @@
 module Google
   module Iam
     module V1
-      # Defines an Identity and Access Management (IAM) policy. It is used to
-      # specify access control policies for Cloud Platform resources.
+      # An Identity and Access Management (IAM) policy, which specifies access
+      # controls for Google Cloud resources.
       #
       #
       # A `Policy` is a collection of `bindings`. A `binding` binds one or more
-      # `members` to a single `role`. Members can be user accounts, service accounts,
-      # Google groups, and domains (such as G Suite). A `role` is a named list of
-      # permissions (defined by IAM or configured by users). A `binding` can
-      # optionally specify a `condition`, which is a logic expression that further
-      # constrains the role binding based on attributes about the request and/or
-      # target resource.
+      # `members`, or principals, to a single `role`. Principals can be user
+      # accounts, service accounts, Google groups, and domains (such as G Suite). A
+      # `role` is a named list of permissions; each `role` can be an IAM predefined
+      # role or a user-created custom role.
       #
-      # **JSON Example**
+      # For some types of Google Cloud resources, a `binding` can also specify a
+      # `condition`, which is a logical expression that allows access to a resource
+      # only if the expression evaluates to `true`. A condition can add constraints
+      # based on attributes of the request, the resource, or both. To learn which
+      # resources support conditions in their IAM policies, see the
+      # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
       #
       #     {
       #       "bindings": [
@@ -47,18 +52,21 @@ module Google
       #         },
       #         {
       #           "role": "roles/resourcemanager.organizationViewer",
-      #           "members": ["user:eve@example.com"],
+      #           "members": [
+      #             "user:eve@example.com"
+      #           ],
       #           "condition": {
       #             "title": "expirable access",
       #             "description": "Does not grant access after Sep 2020",
-      #             "expression": "request.time <
-      #             timestamp('2020-10-01T00:00:00.000Z')",
+      #             "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')",
       #           }
       #         }
-      #       ]
+      #       ],
+      #       "etag": "BwWWja0YfJA=",
+      #       "version": 3
       #     }
       #
-      # **YAML Example**
+      # **YAML example:**
       #
       #     bindings:
       #     - members:
@@ -74,30 +82,52 @@ module Google
       #         title: expirable access
       #         description: Does not grant access after Sep 2020
       #         expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
+      #     etag: BwWWja0YfJA=
+      #     version: 3
       #
       # For a description of IAM and its features, see the
-      # [IAM developer's guide](https://cloud.google.com/iam/docs).
+      # [IAM documentation](https://cloud.google.com/iam/docs/).
       # @!attribute [rw] version
       #   @return [::Integer]
       #     Specifies the format of the policy.
       #
-      #     Valid values are 0, 1, and 3. Requests specifying an invalid value will be
-      #     rejected.
+      #     Valid values are `0`, `1`, and `3`. Requests that specify an invalid value
+      #     are rejected.
+      #
+      #     Any operation that affects conditional role bindings must specify version
+      #     `3`. This requirement applies to the following operations:
       #
-      #     Operations affecting conditional bindings must specify version 3. This can
-      #     be either setting a conditional policy, modifying a conditional binding,
-      #     or removing a binding (conditional or unconditional) from the stored
-      #     conditional policy.
-      #     Operations on non-conditional policies may specify any valid value or
-      #     leave the field unset.
+      #     * Getting a policy that includes a conditional role binding
+      #     * Adding a conditional role binding to a policy
+      #     * Changing a conditional role binding in a policy
+      #     * Removing any role binding, with or without a condition, from a policy
+      #       that includes conditions
       #
-      #     If no etag is provided in the call to `setIamPolicy`, version compliance
-      #     checks against the stored policy is skipped.
+      #     **Important:** If you use IAM Conditions, you must include the `etag` field
+      #     whenever you call `setIamPolicy`. If you omit this field, then IAM allows
+      #     you to overwrite a version `3` policy with a version `1` policy, and all of
+      #     the conditions in the version `3` policy are lost.
+      #
+      #     If a policy does not include any conditions, operations on that policy may
+      #     specify any valid version or leave the field unset.
+      #
+      #     To learn which resources support conditions in their IAM policies, see the
+      #     [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
       # @!attribute [rw] bindings
       #   @return [::Array<::Google::Iam::V1::Binding>]
-      #     Associates a list of `members` to a `role`. Optionally may specify a
-      #     `condition` that determines when binding is in effect.
-      #     `bindings` with no members will result in an error.
+      #     Associates a list of `members`, or principals, with a `role`. Optionally,
+      #     may specify a `condition` that determines how and when the `bindings` are
+      #     applied. Each of the `bindings` must contain at least one principal.
+      #
+      #     The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250
+      #     of these principals can be Google groups. Each occurrence of a principal
+      #     counts towards these limits. For example, if the `bindings` grant 50
+      #     different roles to `user:alice@example.com`, and not to any other
+      #     principal, then you can add another 1,450 principals to the `bindings` in
+      #     the `Policy`.
+      # @!attribute [rw] audit_configs
+      #   @return [::Array<::Google::Iam::V1::AuditConfig>]
+      #     Specifies cloud audit logging configuration for this policy.
       # @!attribute [rw] etag
       #   @return [::String]
       #     `etag` is used for optimistic concurrency control as a way to help
@@ -108,23 +138,23 @@ module Google
       #     systems are expected to put that etag in the request to `setIamPolicy` to
       #     ensure that their change will be applied to the same version of the policy.
       #
-      #     If no `etag` is provided in the call to `setIamPolicy`, then the existing
-      #     policy is overwritten. Due to blind-set semantics of an etag-less policy,
-      #     'setIamPolicy' will not fail even if the incoming policy version does not
-      #     meet the requirements for modifying the stored policy.
+      #     **Important:** If you use IAM Conditions, you must include the `etag` field
+      #     whenever you call `setIamPolicy`. If you omit this field, then IAM allows
+      #     you to overwrite a version `3` policy with a version `1` policy, and all of
+      #     the conditions in the version `3` policy are lost.
       class Policy
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods
       end
 
-      # Associates `members` with a `role`.
+      # Associates `members`, or principals, with a `role`.
       # @!attribute [rw] role
       #   @return [::String]
-      #     Role that is assigned to `members`.
+      #     Role that is assigned to the list of `members`, or principals.
       #     For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       # @!attribute [rw] members
       #   @return [::Array<::String>]
-      #     Specifies the identities requesting access for a Cloud Platform resource.
+      #     Specifies the principals requesting access for a Cloud Platform resource.
       #     `members` can have the following values:
       #
       #     * `allUsers`: A special identifier that represents anyone who is
@@ -143,20 +173,160 @@ module Google
       #     * `group:{emailid}`: An email address that represents a Google group.
       #        For example, `admins@example.com`.
       #
+      #     * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique
+      #        identifier) representing a user that has been recently deleted. For
+      #        example, `alice@example.com?uid=123456789012345678901`. If the user is
+      #        recovered, this value reverts to `user:{emailid}` and the recovered user
+      #        retains the role in the binding.
+      #
+      #     * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus
+      #        unique identifier) representing a service account that has been recently
+      #        deleted. For example,
+      #        `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.
+      #        If the service account is undeleted, this value reverts to
+      #        `serviceAccount:{emailid}` and the undeleted service account retains the
+      #        role in the binding.
+      #
+      #     * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique
+      #        identifier) representing a Google group that has been recently
+      #        deleted. For example, `admins@example.com?uid=123456789012345678901`. If
+      #        the group is recovered, this value reverts to `group:{emailid}` and the
+      #        recovered group retains the role in the binding.
+      #
       #
       #     * `domain:{domain}`: The G Suite domain (primary) that represents all the
       #        users of that domain. For example, `google.com` or `example.com`.
       # @!attribute [rw] condition
       #   @return [::Google::Type::Expr]
       #     The condition that is associated with this binding.
-      #     NOTE: An unsatisfied condition will not allow user access via current
-      #     binding. Different bindings, including their conditions, are examined
-      #     independently.
+      #
+      #     If the condition evaluates to `true`, then this binding applies to the
+      #     current request.
+      #
+      #     If the condition evaluates to `false`, then this binding does not apply to
+      #     the current request. However, a different role binding might grant the same
+      #     role to one or more of the principals in this binding.
+      #
+      #     To learn which resources support conditions in their IAM policies, see the
+      #     [IAM
+      #     documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
       class Binding
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods
       end
 
+      # Specifies the audit configuration for a service.
+      # The configuration determines which permission types are logged, and what
+      # identities, if any, are exempted from logging.
+      # An AuditConfig must have one or more AuditLogConfigs.
+      #
+      # If there are AuditConfigs for both `allServices` and a specific service,
+      # the union of the two AuditConfigs is used for that service: the log_types
+      # specified in each AuditConfig are enabled, and the exempted_members in each
+      # AuditLogConfig are exempted.
+      #
+      # Example Policy with multiple AuditConfigs:
+      #
+      #     {
+      #       "audit_configs": [
+      #         {
+      #           "service": "allServices",
+      #           "audit_log_configs": [
+      #             {
+      #               "log_type": "DATA_READ",
+      #               "exempted_members": [
+      #                 "user:jose@example.com"
+      #               ]
+      #             },
+      #             {
+      #               "log_type": "DATA_WRITE"
+      #             },
+      #             {
+      #               "log_type": "ADMIN_READ"
+      #             }
+      #           ]
+      #         },
+      #         {
+      #           "service": "sampleservice.googleapis.com",
+      #           "audit_log_configs": [
+      #             {
+      #               "log_type": "DATA_READ"
+      #             },
+      #             {
+      #               "log_type": "DATA_WRITE",
+      #               "exempted_members": [
+      #                 "user:aliya@example.com"
+      #               ]
+      #             }
+      #           ]
+      #         }
+      #       ]
+      #     }
+      #
+      # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
+      # logging. It also exempts jose@example.com from DATA_READ logging, and
+      # aliya@example.com from DATA_WRITE logging.
+      # @!attribute [rw] service
+      #   @return [::String]
+      #     Specifies a service that will be enabled for audit logging.
+      #     For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
+      #     `allServices` is a special value that covers all services.
+      # @!attribute [rw] audit_log_configs
+      #   @return [::Array<::Google::Iam::V1::AuditLogConfig>]
+      #     The configuration for logging of each type of permission.
+      class AuditConfig
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # Provides the configuration for logging a type of permissions.
+      # Example:
+      #
+      #     {
+      #       "audit_log_configs": [
+      #         {
+      #           "log_type": "DATA_READ",
+      #           "exempted_members": [
+      #             "user:jose@example.com"
+      #           ]
+      #         },
+      #         {
+      #           "log_type": "DATA_WRITE"
+      #         }
+      #       ]
+      #     }
+      #
+      # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting
+      # jose@example.com from DATA_READ logging.
+      # @!attribute [rw] log_type
+      #   @return [::Google::Iam::V1::AuditLogConfig::LogType]
+      #     The log type that this config enables.
+      # @!attribute [rw] exempted_members
+      #   @return [::Array<::String>]
+      #     Specifies the identities that do not cause logging for this type of
+      #     permission.
+      #     Follows the same format of {::Google::Iam::V1::Binding#members Binding.members}.
+      class AuditLogConfig
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+
+        # The list of valid permission types for which logging can be configured.
+        # Admin writes are always logged, and are not configurable.
+        module LogType
+          # Default case. Should never be this.
+          LOG_TYPE_UNSPECIFIED = 0
+
+          # Admin reads. Example: CloudIAM getIamPolicy
+          ADMIN_READ = 1
+
+          # Data writes. Example: CloudSQL Users create
+          DATA_WRITE = 2
+
+          # Data reads. Example: CloudSQL Users list
+          DATA_READ = 3
+        end
+      end
+
       # The difference delta between two policies.
       # @!attribute [rw] binding_deltas
       #   @return [::Array<::Google::Iam::V1::BindingDelta>]

data/proto_docs/google/longrunning/operations.rb

@@ -0,0 +1,164 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Longrunning
+    # This resource represents a long-running operation that is the result of a
+    # network API call.
+    # @!attribute [rw] name
+    #   @return [::String]
+    #     The server-assigned name, which is only unique within the same service that
+    #     originally returns it. If you use the default HTTP mapping, the
+    #     `name` should be a resource name ending with `operations/{unique_id}`.
+    # @!attribute [rw] metadata
+    #   @return [::Google::Protobuf::Any]
+    #     Service-specific metadata associated with the operation.  It typically
+    #     contains progress information and common metadata such as create time.
+    #     Some services might not provide such metadata.  Any method that returns a
+    #     long-running operation should document the metadata type, if any.
+    # @!attribute [rw] done
+    #   @return [::Boolean]
+    #     If the value is `false`, it means the operation is still in progress.
+    #     If `true`, the operation is completed, and either `error` or `response` is
+    #     available.
+    # @!attribute [rw] error
+    #   @return [::Google::Rpc::Status]
+    #     The error result of the operation in case of failure or cancellation.
+    # @!attribute [rw] response
+    #   @return [::Google::Protobuf::Any]
+    #     The normal response of the operation in case of success.  If the original
+    #     method returns no data on success, such as `Delete`, the response is
+    #     `google.protobuf.Empty`.  If the original method is standard
+    #     `Get`/`Create`/`Update`, the response should be the resource.  For other
+    #     methods, the response should have the type `XxxResponse`, where `Xxx`
+    #     is the original method name.  For example, if the original method name
+    #     is `TakeSnapshot()`, the inferred response type is
+    #     `TakeSnapshotResponse`.
+    class Operation
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # The request message for Operations.GetOperation.
+    # @!attribute [rw] name
+    #   @return [::String]
+    #     The name of the operation resource.
+    class GetOperationRequest
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # The request message for Operations.ListOperations.
+    # @!attribute [rw] name
+    #   @return [::String]
+    #     The name of the operation's parent resource.
+    # @!attribute [rw] filter
+    #   @return [::String]
+    #     The standard list filter.
+    # @!attribute [rw] page_size
+    #   @return [::Integer]
+    #     The standard list page size.
+    # @!attribute [rw] page_token
+    #   @return [::String]
+    #     The standard list page token.
+    class ListOperationsRequest
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # The response message for Operations.ListOperations.
+    # @!attribute [rw] operations
+    #   @return [::Array<::Google::Longrunning::Operation>]
+    #     A list of operations that matches the specified filter in the request.
+    # @!attribute [rw] next_page_token
+    #   @return [::String]
+    #     The standard List next-page token.
+    class ListOperationsResponse
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # The request message for Operations.CancelOperation.
+    # @!attribute [rw] name
+    #   @return [::String]
+    #     The name of the operation resource to be cancelled.
+    class CancelOperationRequest
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # The request message for Operations.DeleteOperation.
+    # @!attribute [rw] name
+    #   @return [::String]
+    #     The name of the operation resource to be deleted.
+    class DeleteOperationRequest
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # The request message for Operations.WaitOperation.
+    # @!attribute [rw] name
+    #   @return [::String]
+    #     The name of the operation resource to wait on.
+    # @!attribute [rw] timeout
+    #   @return [::Google::Protobuf::Duration]
+    #     The maximum duration to wait before timing out. If left blank, the wait
+    #     will be at most the time permitted by the underlying HTTP/RPC protocol.
+    #     If RPC context deadline is also specified, the shorter one will be used.
+    class WaitOperationRequest
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # A message representing the message types used by a long-running operation.
+    #
+    # Example:
+    #
+    #   rpc LongRunningRecognize(LongRunningRecognizeRequest)
+    #       returns (google.longrunning.Operation) {
+    #     option (google.longrunning.operation_info) = {
+    #       response_type: "LongRunningRecognizeResponse"
+    #       metadata_type: "LongRunningRecognizeMetadata"
+    #     };
+    #   }
+    # @!attribute [rw] response_type
+    #   @return [::String]
+    #     Required. The message name of the primary return type for this
+    #     long-running operation.
+    #     This type will be used to deserialize the LRO's response.
+    #
+    #     If the response is in a different package from the rpc, a fully-qualified
+    #     message name must be used (e.g. `google.protobuf.Struct`).
+    #
+    #     Note: Altering this value constitutes a breaking change.
+    # @!attribute [rw] metadata_type
+    #   @return [::String]
+    #     Required. The message name of the metadata type for this long-running
+    #     operation.
+    #
+    #     If the response is in a different package from the rpc, a fully-qualified
+    #     message name must be used (e.g. `google.protobuf.Struct`).
+    #
+    #     Note: Altering this value constitutes a breaking change.
+    class OperationInfo
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end

data/proto_docs/google/protobuf/any.rb

@@ -0,0 +1,141 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Protobuf
+    # `Any` contains an arbitrary serialized protocol buffer message along with a
+    # URL that describes the type of the serialized message.
+    #
+    # Protobuf library provides support to pack/unpack Any values in the form
+    # of utility functions or additional generated methods of the Any type.
+    #
+    # Example 1: Pack and unpack a message in C++.
+    #
+    #     Foo foo = ...;
+    #     Any any;
+    #     any.PackFrom(foo);
+    #     ...
+    #     if (any.UnpackTo(&foo)) {
+    #       ...
+    #     }
+    #
+    # Example 2: Pack and unpack a message in Java.
+    #
+    #     Foo foo = ...;
+    #     Any any = Any.pack(foo);
+    #     ...
+    #     if (any.is(Foo.class)) {
+    #       foo = any.unpack(Foo.class);
+    #     }
+    #
+    # Example 3: Pack and unpack a message in Python.
+    #
+    #     foo = Foo(...)
+    #     any = Any()
+    #     any.Pack(foo)
+    #     ...
+    #     if any.Is(Foo.DESCRIPTOR):
+    #       any.Unpack(foo)
+    #       ...
+    #
+    # Example 4: Pack and unpack a message in Go
+    #
+    #      foo := &pb.Foo{...}
+    #      any, err := anypb.New(foo)
+    #      if err != nil {
+    #        ...
+    #      }
+    #      ...
+    #      foo := &pb.Foo{}
+    #      if err := any.UnmarshalTo(foo); err != nil {
+    #        ...
+    #      }
+    #
+    # The pack methods provided by protobuf library will by default use
+    # 'type.googleapis.com/full.type.name' as the type URL and the unpack
+    # methods only use the fully qualified type name after the last '/'
+    # in the type URL, for example "foo.bar.com/x/y.z" will yield type
+    # name "y.z".
+    #
+    #
+    # JSON
+    #
+    # The JSON representation of an `Any` value uses the regular
+    # representation of the deserialized, embedded message, with an
+    # additional field `@type` which contains the type URL. Example:
+    #
+    #     package google.profile;
+    #     message Person {
+    #       string first_name = 1;
+    #       string last_name = 2;
+    #     }
+    #
+    #     {
+    #       "@type": "type.googleapis.com/google.profile.Person",
+    #       "firstName": <string>,
+    #       "lastName": <string>
+    #     }
+    #
+    # If the embedded message type is well-known and has a custom JSON
+    # representation, that representation will be embedded adding a field
+    # `value` which holds the custom JSON in addition to the `@type`
+    # field. Example (for message [google.protobuf.Duration][]):
+    #
+    #     {
+    #       "@type": "type.googleapis.com/google.protobuf.Duration",
+    #       "value": "1.212s"
+    #     }
+    # @!attribute [rw] type_url
+    #   @return [::String]
+    #     A URL/resource name that uniquely identifies the type of the serialized
+    #     protocol buffer message. This string must contain at least
+    #     one "/" character. The last segment of the URL's path must represent
+    #     the fully qualified name of the type (as in
+    #     `path/google.protobuf.Duration`). The name should be in a canonical form
+    #     (e.g., leading "." is not accepted).
+    #
+    #     In practice, teams usually precompile into the binary all types that they
+    #     expect it to use in the context of Any. However, for URLs which use the
+    #     scheme `http`, `https`, or no scheme, one can optionally set up a type
+    #     server that maps type URLs to message definitions as follows:
+    #
+    #     * If no scheme is provided, `https` is assumed.
+    #     * An HTTP GET on the URL must yield a [google.protobuf.Type][]
+    #       value in binary format, or produce an error.
+    #     * Applications are allowed to cache lookup results based on the
+    #       URL, or have them precompiled into a binary to avoid any
+    #       lookup. Therefore, binary compatibility needs to be preserved
+    #       on changes to types. (Use versioned type names to manage
+    #       breaking changes.)
+    #
+    #     Note: this functionality is not currently available in the official
+    #     protobuf release, and it is not used for type URLs beginning with
+    #     type.googleapis.com.
+    #
+    #     Schemes other than `http`, `https` (or the empty scheme) might be
+    #     used with implementation specific semantics.
+    # @!attribute [rw] value
+    #   @return [::String]
+    #     Must be a valid serialized protocol buffer of the above specified type.
+    class Any
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end