@devvit/protos 0.11.17-next-2025-05-29-91b3cf49f.0 → 0.11.17-next-2025-05-29-de9726085.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@devvit/protos",
-  "version": "0.11.17-next-2025-05-29-91b3cf49f.0",
+  "version": "0.11.17-next-2025-05-29-de9726085.0",
   "license": "BSD-3-Clause",
   "repository": {
     "type": "git",
@@ -45,8 +45,8 @@
   },
   "devDependencies": {
     "@ampproject/filesize": "4.3.0",
-    "@devvit/repo-tools": "0.11.17-next-2025-05-29-91b3cf49f.0",
-    "@devvit/tsconfig": "0.11.17-next-2025-05-29-91b3cf49f.0",
+    "@devvit/repo-tools": "0.11.17-next-2025-05-29-de9726085.0",
+    "@devvit/tsconfig": "0.11.17-next-2025-05-29-de9726085.0",
     "@protobuf-ts/plugin": "2.9.3",
     "@types/long": "4.0.2",
     "chokidar-cli": "3.0.0",
@@ -80,5 +80,5 @@
       ]
     }
   },
-  "gitHead": "e0454927030a596851bff2898ebb569d05387a46"
+  "gitHead": "3f6b99cc63200a8d1e03436e8258c7852b1d2c35"
 }

package/schema/.snootobuf/deps/google/api/annotations.proto

@@ -1,4 +1,4 @@
-// Copyright (c) 2015, Google Inc.
+// Copyright 2024 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.

package/schema/.snootobuf/deps/google/api/auth.proto

@@ -1,4 +1,4 @@
-// Copyright 2018 Google LLC.
+// Copyright 2024 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -16,18 +16,16 @@ syntax = "proto3";
 
 package google.api;
 
-import "google/api/annotations.proto";
-
 option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig";
 option java_multiple_files = true;
 option java_outer_classname = "AuthProto";
 option java_package = "com.google.api";
 option objc_class_prefix = "GAPI";
 
-
-// `Authentication` defines the authentication configuration for an API.
+// `Authentication` defines the authentication configuration for API methods
+// provided by an API service.
 //
-// Example for an API targeted for external use:
+// Example:
 //
 //     name: calendar.googleapis.com
 //     authentication:
@@ -39,6 +37,9 @@ option objc_class_prefix = "GAPI";
 //       - selector: "*"
 //         requirements:
 //           provider_id: google_calendar_auth
+//       - selector: google.calendar.Delegate
+//         oauth:
+//           canonical_scopes: https://www.googleapis.com/auth/calendar.read
 message Authentication {
   // A list of authentication rules that apply to individual API methods.
   //
@@ -61,21 +62,48 @@ message Authentication {
 message AuthenticationRule {
   // Selects the methods to which this rule applies.
   //
-  // Refer to [selector][google.api.DocumentationRule.selector] for syntax details.
+  // Refer to [selector][google.api.DocumentationRule.selector] for syntax
+  // details.
   string selector = 1;
 
   // The requirements for OAuth credentials.
   OAuthRequirements oauth = 2;
 
   // If true, the service accepts API keys without any other credential.
+  // This flag only applies to HTTP and gRPC requests.
   bool allow_without_credential = 5;
 
   // Requirements for additional authentication providers.
   repeated AuthRequirement requirements = 7;
 }
 
-// Configuration for an anthentication provider, including support for
-// [JSON Web Token (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
+// Specifies a location to extract JWT from an API request.
+message JwtLocation {
+  oneof in {
+    // Specifies HTTP header name to extract JWT token.
+    string header = 1;
+
+    // Specifies URL query parameter name to extract JWT token.
+    string query = 2;
+
+    // Specifies cookie name to extract JWT token.
+    string cookie = 4;
+  }
+
+  // The value prefix. The value format is "value_prefix{token}"
+  // Only applies to "in" header type. Must be empty for "in" query type.
+  // If not empty, the header value has to match (case sensitive) this prefix.
+  // If not matched, JWT will not be extracted. If matched, JWT will be
+  // extracted after the prefix is removed.
+  //
+  // For example, for "Authorization: Bearer {JWT}",
+  // value_prefix="Bearer " with a space at the end.
+  string value_prefix = 3;
+}
+
+// Configuration for an authentication provider, including support for
+// [JSON Web Token
+// (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
 message AuthProvider {
   // The unique identifier of the auth provider. It will be referred to by
   // `AuthRequirement.provider_id`.
@@ -92,12 +120,15 @@ message AuthProvider {
   string issuer = 2;
 
   // URL of the provider's public key set to validate signature of the JWT. See
-  // [OpenID Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
+  // [OpenID
+  // Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
   // Optional if the key set document:
   //  - can be retrieved from
-  //    [OpenID Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html
+  //    [OpenID
+  //    Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html)
   //    of the issuer.
-  //  - can be inferred from the email domain of the issuer (e.g. a Google service account).
+  //  - can be inferred from the email domain of the issuer (e.g. a Google
+  //  service account).
   //
   // Example: https://www.googleapis.com/oauth2/v1/certs
   string jwks_uri = 3;
@@ -105,11 +136,15 @@ message AuthProvider {
   // The list of JWT
   // [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
   // that are allowed to access. A JWT containing any of these audiences will
-  // be accepted. When this setting is absent, only JWTs with audience
-  // "https://[Service_name][google.api.Service.name]/[API_name][google.protobuf.Api.name]"
-  // will be accepted. For example, if no audiences are in the setting,
-  // LibraryService API will only accept JWTs with the following audience
-  // "https://library-example.googleapis.com/google.example.library.v1.LibraryService".
+  // be accepted. When this setting is absent, JWTs with audiences:
+  //   - "https://[service.name]/[google.protobuf.Api.name]"
+  //   - "https://[service.name]/"
+  // will be accepted.
+  // For example, if no audiences are in the setting, LibraryService API will
+  // accept JWTs with the following audiences:
+  //   -
+  //   https://library-example.googleapis.com/google.example.library.v1.LibraryService
+  //   - https://library-example.googleapis.com/
   //
   // Example:
   //
@@ -117,9 +152,29 @@ message AuthProvider {
   //                bookstore_web.apps.googleusercontent.com
   string audiences = 4;
 
-  // Redirect URL if JWT token is required but no present or is expired.
+  // Redirect URL if JWT token is required but not present or is expired.
   // Implement authorizationUrl of securityDefinitions in OpenAPI spec.
   string authorization_url = 5;
+
+  // Defines the locations to extract the JWT.  For now it is only used by the
+  // Cloud Endpoints to store the OpenAPI extension [x-google-jwt-locations]
+  // (https://cloud.google.com/endpoints/docs/openapi/openapi-extensions#x-google-jwt-locations)
+  //
+  // JWT locations can be one of HTTP headers, URL query parameters or
+  // cookies. The rule is that the first match wins.
+  //
+  // If not specified,  default to use following 3 locations:
+  //    1) Authorization: Bearer
+  //    2) x-goog-iap-jwt-assertion
+  //    3) access_token query parameter
+  //
+  // Default locations can be specified as followings:
+  //    jwt_locations:
+  //    - header: Authorization
+  //      value_prefix: "Bearer "
+  //    - header: x-goog-iap-jwt-assertion
+  //    - query: access_token
+  repeated JwtLocation jwt_locations = 6;
 }
 
 // OAuth scopes are a way to define data and permissions on data. For example,
@@ -152,7 +207,8 @@ message OAuthRequirements {
 }
 
 // User-defined authentication requirements, including support for
-// [JSON Web Token (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
+// [JSON Web Token
+// (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
 message AuthRequirement {
   // [id][google.api.AuthProvider.id] from authentication provider.
   //

package/schema/.snootobuf/deps/google/api/backend.proto

@@ -1,4 +1,4 @@
-// Copyright 2018 Google LLC.
+// Copyright 2024 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -22,7 +22,6 @@ option java_outer_classname = "BackendProto";
 option java_package = "com.google.api";
 option objc_class_prefix = "GAPI";
 
-
 // `Backend` defines the backend configuration for a service.
 message Backend {
   // A list of API backend rules that apply to individual API methods.
@@ -33,19 +32,154 @@ message Backend {
 
 // A backend rule provides configuration for an individual API element.
 message BackendRule {
+  // Path Translation specifies how to combine the backend address with the
+  // request path in order to produce the appropriate forwarding URL for the
+  // request.
+  //
+  // Path Translation is applicable only to HTTP-based backends. Backends which
+  // do not accept requests over HTTP/HTTPS should leave `path_translation`
+  // unspecified.
+  enum PathTranslation {
+    PATH_TRANSLATION_UNSPECIFIED = 0;
+
+    // Use the backend address as-is, with no modification to the path. If the
+    // URL pattern contains variables, the variable names and values will be
+    // appended to the query string. If a query string parameter and a URL
+    // pattern variable have the same name, this may result in duplicate keys in
+    // the query string.
+    //
+    // # Examples
+    //
+    // Given the following operation config:
+    //
+    //     Method path:        /api/company/{cid}/user/{uid}
+    //     Backend address:    https://example.cloudfunctions.net/getUser
+    //
+    // Requests to the following request paths will call the backend at the
+    // translated path:
+    //
+    //     Request path: /api/company/widgetworks/user/johndoe
+    //     Translated:
+    //     https://example.cloudfunctions.net/getUser?cid=widgetworks&uid=johndoe
+    //
+    //     Request path: /api/company/widgetworks/user/johndoe?timezone=EST
+    //     Translated:
+    //     https://example.cloudfunctions.net/getUser?timezone=EST&cid=widgetworks&uid=johndoe
+    CONSTANT_ADDRESS = 1;
+
+    // The request path will be appended to the backend address.
+    //
+    // # Examples
+    //
+    // Given the following operation config:
+    //
+    //     Method path:        /api/company/{cid}/user/{uid}
+    //     Backend address:    https://example.appspot.com
+    //
+    // Requests to the following request paths will call the backend at the
+    // translated path:
+    //
+    //     Request path: /api/company/widgetworks/user/johndoe
+    //     Translated:
+    //     https://example.appspot.com/api/company/widgetworks/user/johndoe
+    //
+    //     Request path: /api/company/widgetworks/user/johndoe?timezone=EST
+    //     Translated:
+    //     https://example.appspot.com/api/company/widgetworks/user/johndoe?timezone=EST
+    APPEND_PATH_TO_ADDRESS = 2;
+  }
+
   // Selects the methods to which this rule applies.
   //
-  // Refer to [selector][google.api.DocumentationRule.selector] for syntax details.
+  // Refer to [selector][google.api.DocumentationRule.selector] for syntax
+  // details.
   string selector = 1;
 
   // The address of the API backend.
+  //
+  // The scheme is used to determine the backend protocol and security.
+  // The following schemes are accepted:
+  //
+  //    SCHEME        PROTOCOL    SECURITY
+  //    http://       HTTP        None
+  //    https://      HTTP        TLS
+  //    grpc://       gRPC        None
+  //    grpcs://      gRPC        TLS
+  //
+  // It is recommended to explicitly include a scheme. Leaving out the scheme
+  // may cause constrasting behaviors across platforms.
+  //
+  // If the port is unspecified, the default is:
+  // - 80 for schemes without TLS
+  // - 443 for schemes with TLS
+  //
+  // For HTTP backends, use [protocol][google.api.BackendRule.protocol]
+  // to specify the protocol version.
   string address = 2;
 
-  // The number of seconds to wait for a response from a request.  The default
-  // deadline for gRPC is infinite (no deadline) and HTTP requests is 5 seconds.
+  // The number of seconds to wait for a response from a request. The default
+  // varies based on the request protocol and deployment environment.
   double deadline = 3;
 
-  // Minimum deadline in seconds needed for this method. Calls having deadline
-  // value lower than this will be rejected.
-  double min_deadline = 4;
+  // Deprecated, do not use.
+  double min_deadline = 4 [deprecated = true];
+
+  // The number of seconds to wait for the completion of a long running
+  // operation. The default is no deadline.
+  double operation_deadline = 5;
+
+  PathTranslation path_translation = 6;
+
+  // Authentication settings used by the backend.
+  //
+  // These are typically used to provide service management functionality to
+  // a backend served on a publicly-routable URL. The `authentication`
+  // details should match the authentication behavior used by the backend.
+  //
+  // For example, specifying `jwt_audience` implies that the backend expects
+  // authentication via a JWT.
+  //
+  // When authentication is unspecified, the resulting behavior is the same
+  // as `disable_auth` set to `true`.
+  //
+  // Refer to https://developers.google.com/identity/protocols/OpenIDConnect for
+  // JWT ID token.
+  oneof authentication {
+    // The JWT audience is used when generating a JWT ID token for the backend.
+    // This ID token will be added in the HTTP "authorization" header, and sent
+    // to the backend.
+    string jwt_audience = 7;
+
+    // When disable_auth is true, a JWT ID token won't be generated and the
+    // original "Authorization" HTTP header will be preserved. If the header is
+    // used to carry the original token and is expected by the backend, this
+    // field must be set to true to preserve the header.
+    bool disable_auth = 8;
+  }
+
+  // The protocol used for sending a request to the backend.
+  // The supported values are "http/1.1" and "h2".
+  //
+  // The default value is inferred from the scheme in the
+  // [address][google.api.BackendRule.address] field:
+  //
+  //    SCHEME        PROTOCOL
+  //    http://       http/1.1
+  //    https://      http/1.1
+  //    grpc://       h2
+  //    grpcs://      h2
+  //
+  // For secure HTTP backends (https://) that support HTTP/2, set this field
+  // to "h2" for improved performance.
+  //
+  // Configuring this field to non-default values is only supported for secure
+  // HTTP backends. This field will be ignored for all other backends.
+  //
+  // See
+  // https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids
+  // for more details on the supported values.
+  string protocol = 9;
+
+  // The map between request protocol and the backend address.
+  map<string, BackendRule> overrides_by_request_protocol = 10;
 }

package/schema/.snootobuf/deps/google/api/billing.proto

@@ -1,4 +1,4 @@
-// Copyright 2018 Google LLC.
+// Copyright 2024 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -16,34 +16,42 @@ syntax = "proto3";
 
 package google.api;
 
-import "google/api/annotations.proto";
-
 option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig";
 option java_multiple_files = true;
 option java_outer_classname = "BillingProto";
 option java_package = "com.google.api";
 option objc_class_prefix = "GAPI";
 
-
 // Billing related configuration of the service.
 //
 // The following example shows how to configure monitored resources and metrics
-// for billing:
+// for billing, `consumer_destinations` is the only supported destination and
+// the monitored resources need at least one label key
+// `cloud.googleapis.com/location` to indicate the location of the billing
+// usage, using different monitored resources between monitoring and billing is
+// recommended so they can be evolved independently:
+//
 //
 //     monitored_resources:
-//     - type: library.googleapis.com/branch
+//     - type: library.googleapis.com/billing_branch
 //       labels:
-//       - key: /city
-//         description: The city where the library branch is located in.
-//       - key: /name
-//         description: The name of the branch.
+//       - key: cloud.googleapis.com/location
+//         description: |
+//           Predefined label to support billing location restriction.
+//       - key: city
+//         description: |
+//           Custom label to define the city where the library branch is located
+//           in.
+//       - key: name
+//         description: Custom label to define the name of the library branch.
 //     metrics:
 //     - name: library.googleapis.com/book/borrowed_count
 //       metric_kind: DELTA
 //       value_type: INT64
+//       unit: "1"
 //     billing:
 //       consumer_destinations:
-//       - monitored_resource: library.googleapis.com/branch
+//       - monitored_resource: library.googleapis.com/billing_branch
 //         metrics:
 //         - library.googleapis.com/book/borrowed_count
 message Billing {
@@ -51,11 +59,13 @@ message Billing {
   // bill against consumer project).
   message BillingDestination {
     // The monitored resource type. The type must be defined in
-    // [Service.monitored_resources][google.api.Service.monitored_resources] section.
+    // [Service.monitored_resources][google.api.Service.monitored_resources]
+    // section.
     string monitored_resource = 1;
 
     // Names of the metrics to report to this billing destination.
-    // Each name must be defined in [Service.metrics][google.api.Service.metrics] section.
+    // Each name must be defined in
+    // [Service.metrics][google.api.Service.metrics] section.
     repeated string metrics = 2;
   }