@opusdns/api 0.83.0 → 0.84.0

package/package.json

@@ -3,7 +3,7 @@
     "@opusdns/api-spec-ts-generator": "^0.9.1"
   },
   "name": "@opusdns/api",
-  "version": "0.83.0",
+  "version": "0.84.0",
   "description": "TypeScript types for the OpusDNS OpenAPI specification",
   "main": "./src/index.ts",
   "module": "./src/index.ts",

package/src/helpers/requests.d.ts

@@ -1314,9 +1314,23 @@ export type PATCH_DomainForwardsZoneNameDisable_Request_Path = PATCH_DomainForwa
  */
 export type PATCH_DomainForwardsZoneNameEnable_Request = {
   parameters: {
+    query: operations['enable_domain_forward_v1_domain_forwards__zone_name__enable_patch']['parameters']['query'];
     path: operations['enable_domain_forward_v1_domain_forwards__zone_name__enable_patch']['parameters']['path'];
   };
 }
+/**
+ * Query parameters for PATCH /v1/domain-forwards/{zone_name}/enable
+ *
+ * @remarks
+ * This type defines the query parameters for the PATCH /v1/domain-forwards/{zone_name}/enable endpoint.
+ * It provides type safety for all query parameters as defined in the OpenAPI specification.
+ *
+ * @example
+ * Use this type to ensure type safety for query parameters.
+ *
+ * @path /v1/domain-forwards/{zone_name}/enable
+ */
+export type PATCH_DomainForwardsZoneNameEnable_Request_Query = PATCH_DomainForwardsZoneNameEnable_Request['parameters']['query'];
 /**
  * Path parameters for PATCH /v1/domain-forwards/{zone_name}/enable
  *
@@ -2393,9 +2407,23 @@ export type PATCH_EmailForwardsZoneNameDisable_Request_Path = PATCH_EmailForward
  */
 export type PATCH_EmailForwardsZoneNameEnable_Request = {
   parameters: {
+    query: operations['enable_email_forward_v1_email_forwards__zone_name__enable_patch']['parameters']['query'];
     path: operations['enable_email_forward_v1_email_forwards__zone_name__enable_patch']['parameters']['path'];
   };
 }
+/**
+ * Query parameters for PATCH /v1/email-forwards/{zone_name}/enable
+ *
+ * @remarks
+ * This type defines the query parameters for the PATCH /v1/email-forwards/{zone_name}/enable endpoint.
+ * It provides type safety for all query parameters as defined in the OpenAPI specification.
+ *
+ * @example
+ * Use this type to ensure type safety for query parameters.
+ *
+ * @path /v1/email-forwards/{zone_name}/enable
+ */
+export type PATCH_EmailForwardsZoneNameEnable_Request_Query = PATCH_EmailForwardsZoneNameEnable_Request['parameters']['query'];
 /**
  * Path parameters for PATCH /v1/email-forwards/{zone_name}/enable
  *

package/src/openapi.yaml

@@ -4909,44 +4909,151 @@ components:
           tokenUrl: token
       type: oauth2
 info:
-  description: '# Authentication
-
-
-    Describes authentication approach.
-
-
-
-    # Resource IDs
-
-
-    The API uses extensively [Type IDs](https://github.com/jetify-com/typeid): type-safe,
-    K-sortable, globally unique identifier inspired by Stripe IDs. They can be easily
-    identified with a format like `prefix_01jxe1nzrmf78scaqbkjx0va0f`. The `prefix`
-    gives context to the ID - some examples include `user`, `organization`, `domain`.
-    The rest of the ID is a 128-bit UUIDv7 encoded as a 26-character string using
-    a modified base32 encoding. See [formal specification for details](https://github.com/jetify-com/typeid/tree/main/spec).
-
-
-    This approach allows using unique IDs (UUIDv7), preventing iteration attacks,
-    while also easily identifying the "namespace" of the ID. `01975c1f-a15a-7f6c-a5ce-b75fe33de079`
-    is hardly distuingishable from `01975c1f-f120-7874-8dc2-de7d728bf261` by humans
-    on first glance. However, when represented as Type IDs, they could be represented
-    as `user_01jxe1z8atfxpabknqbzhkvr3s` and `domain_01jxe1zw90f1t8vgpyfns8qwk1`,
-    immediately making it easier to differentiate between them.
-
-
-    Additionally, this gives type safety and additional validation that can be done.
-    There''s [libraries available for many languages to make handling Type IDs easier](https://github.com/jetify-com/typeid?tab=readme-ov-file#official-implementations-by-jetify).
-    We''re using them ourselves on the backend to quickly catch mistakes like passing
-    the wrong Type ID (passing a user ID like `user_01jxe1z8atfxpabknqbzhkvr3s` where
-    a domain ID `domain_01jxe1zw90f1t8vgpyfns8qwk1` was expected).
-
-
-
-    '
+  description: "# Authentication\n\nDescribes authentication approach.\n\n\n## DNS\
+    \ validation overview (general \u2192 specific) (generated by Cursor on 15th October\
+    \ 2025)\n\nThis document summarizes all DNS validation rules implemented in the\
+    \ codebase and exercised by unit tests. It starts with general hostname requirements\
+    \ and narrows down to zone-, RRSet-, and record-type-specific rules.\n\n### General\
+    \ hostname rules\n\n- **Required trailing dot**: Hostnames must end with a period.\n\
+    - **Lowercase only**: Hostnames are case-insensitive in DNS, but the system enforces\
+    \ lowercase.\n- **Total length**: Must be < 255 octets.\n- **TLD recognized**:\
+    \ The suffix (TLD) must be recognized by `tldextract`.\n- **Allowed characters**:\n\
+    \  - For RRSet types that allow underscores: `- _ . *` plus alphanumerics\n  -\
+    \ For all other types: `- . *` plus alphanumerics\n  - If an underscore appears\
+    \ on a type that does not allow it, validation fails with a type-aware message.\n\
+    - **Periods constraints**:\n  - No consecutive periods (`..`).\n  - Cannot start\
+    \ with a period.\n- **Label-by-label checks**:\n  - Labels cannot be empty (e.g.,\
+    \ from `..`).\n  - Leftmost wildcard `*` is allowed as its own label; any `*`\
+    \ elsewhere (or combined with other chars) is invalid.\n  - Each label must be\
+    \ \u2264 63 octets.\n  - Each label must end with a letter or digit (no trailing\
+    \ `-` or `_`).\n\nTypes that allow underscores in hostnames: `CNAME`, `ALIAS`,\
+    \ `TXT`, `CAA`, `SRV`, `SMIMEA`, `TLSA`, `URI`.\n\nUnit tests: `tests/unit/models/test_dns_validation.py::TestHostnameValidation`,\
+    \ `::TestLabelValidation`.\n\n### Zone-level validation\n\n- **Blocklist**: Certain\
+    \ hostnames are blocked (checked without the trailing dot). If the zone name matches\
+    \ the blocklist, validation fails.\n- **Zone name hostname checks**: Zone name\
+    \ is validated with the general hostname rules.\n- **RRSet validation aggregation**:\
+    \ Each RRSet is validated; all RRSet and record errors are aggregated under `errors[\"\
+    rrsets\"]` keyed by RRSet name.\n- **CNAME conflicts (RFC 1034/2181 semantics)**:\n\
+    \  - A `CNAME` at a name cannot coexist with any other non-DNSSEC type at the\
+    \ same name.\n  - `DNSKEY`/`DS` (DNSSEC) are permitted alongside `CNAME`.\n- **MX\
+    \ target validation (additional policy)**:\n  - MX priority must be an integer\
+    \ in [0, 65535].\n  - MX target cannot be a `CNAME`.\n  - MX target cannot be\
+    \ an IP address (v4 or v6).\n- **Wildcard conflicts**:\n  - `NS` records cannot\
+    \ use wildcard names (e.g., `*.example.com.` is invalid for `NS`).\n- **ALIAS\
+    \ conflicts and DNSSEC interaction (PowerDNS semantics)**:\n  - If any `ALIAS`\
+    \ exists in a zone that also contains DNSSEC types (`DNSKEY` or `DS`), validation\
+    \ fails: ALIAS is not supported in DNSSEC-enabled zones.\n  - At the zone apex,\
+    \ `ALIAS` can only coexist with `SOA` and `NS` (and not with other non-DNSSEC\
+    \ types).\n  - At non-apex names, an `ALIAS` cannot coexist with any other record\
+    \ type (behaves like `CNAME` exclusivity).\n\nUnit tests: `tests/unit/models/test_dns_validation.py::TestZoneValidation`,\
+    \ `tests/unit/service/dns/test_additional_dns_validations.py` (MX, wildcard, ALIAS),\
+    \ `tests/unit/service/dns/test_rrset_validation.py` (relative names and invalid\
+    \ zone names).\n\n### RRSet-level validation\n\n- **Name must be inside zone**:\
+    \ RRSet name must either equal the zone apex or end with `.{zone_name}`.\n- **RRSet\
+    \ name hostname checks**: RRSet names are validated with general hostname rules,\
+    \ taking into account RRSet type for underscore allowance.\n- **Relative name\
+    \ normalization** (service-level helper):\n  - `@` or empty name resolves to the\
+    \ zone apex.\n  - Names without a trailing dot become FQDNs relative to the zone.\n\
+    \  - Already-FQDN names are preserved.\n- **Error aggregation shape for RRSet**:\n\
+    \  - RRSet-level errors are listed under `errors[\"rrsets\"][<rrset_name>][\"\
+    rrset\"]`.\n  - Record-level errors are listed under `errors[\"rrsets\"][<rrset_name>][\"\
+    records\"][<record_rdata>]`.\n\nUnit tests: `tests/unit/service/dns/test_rrset_validation.py`\
+    \ (relative `@`, relative `www`, invalid `invalid-subdomain-`), `tests/unit/models/test_dns_validation.py::TestZoneValidation`\
+    \ (invalid RRSet names).\n\n### Record-level validation engine\n\n- **Parsing**:\
+    \ For all supported types except `ALIAS`, the system delegates RDATA parsing to\
+    \ `dnspython` via `dns.rdata.from_text` for the appropriate type.\n- **Target\
+    \ hostnames**: For `CNAME`, `NS`, `PTR`, `SRV`, and `MX`, the parsed target hostname\
+    \ (`target` or `exchange`) is further validated with the general hostname rules\
+    \ and underscore allowance for the RRSet type.\n- **RDATA normalization before\
+    \ parse**:\n  - `CNAME`, `NS`, `PTR`: the RDATA hostname is normalized to lowercase\
+    \ with a trailing dot.\n  - `SRV`: the trailing hostname portion is normalized;\
+    \ numeric fields are preserved.\n  - `MX`: the trailing target hostname is normalized;\
+    \ the priority is preserved.\n- **ALIAS special case**: `ALIAS` RDATA is treated\
+    \ as a hostname and validated directly (not parsed by `dnspython`) and must be\
+    \ a valid hostname per the RRSet\u2019s underscore rules.\n- **Error mapping**:\
+    \ `dnspython` exceptions are mapped to user-facing messages such as:\n  - \"Invalid\
+    \ <TYPE> record format: <rdata>\"\n  - \"Invalid <TYPE> record data: <rdata>\"\
+    \n  - \"<TYPE> record validation failed: <detail>\"\n  - The top-level detail\
+    \ for the record error is standardized to \"<TYPE> record is not in the expected\
+    \ format\".\n\nUnit tests: `tests/unit/models/test_dns_validation.py::TestRecordValidationErrors`\
+    \ (A, AAAA, CNAME, MX malformed), plus aggregation and structure assertions.\n\
+    \n### Type-specific rules and examples\n\n- **A**:\n  - RDATA must be a valid\
+    \ IPv4 address.\n  - Example invalid: `not.an.ip` \u2192 parse fails.\n- **AAAA**:\n\
+    \  - RDATA must be a valid IPv6 address.\n  - Example invalid: `??::completely::invalid::ipv6`\
+    \ \u2192 parse fails.\n- **CNAME**:\n  - RDATA is a hostname; target is validated;\
+    \ name-level exclusivity enforced at zone level (cannot coexist with other non-DNSSEC\
+    \ types at same name).\n  - Underscores allowed in name/target.\n- **MX**:\n \
+    \ - RDATA: `<priority> <target-hostname>`\n  - Priority range: 0\u201365535 (integer).\
+    \ Invalid or out-of-range triggers errors.\n  - Target hostname cannot be a CNAME\
+    \ name, and cannot be an IP address.\n  - Target hostname is normalized and validated.\n\
+    - **NS**:\n  - RDATA is a hostname; target is validated.\n  - NS cannot use wildcard\
+    \ names (i.e., RRSet name cannot be `*.example.com.`).\n- **PTR**:\n  - RDATA\
+    \ is a hostname; target is validated.\n- **SRV**:\n  - RDATA: `<priority> <weight>\
+    \ <port> <target-hostname>`; target hostname normalized and validated.\n  - Underscores\
+    \ allowed (service labels per RFC 2782).\n- **TXT**:\n  - Delegated to `dnspython`\
+    \ for parsing; underscores allowed in names.\n  - Note: A TODO exists to enforce\
+    \ quotes for TXT content in the future.\n- **CAA**, **SMIMEA**, **TLSA**, **URI**:\n\
+    \  - Delegated to `dnspython` for parsing; underscores allowed in names.\n- **ALIAS**:\n\
+    \  - Treated like a hostname alias (not an RFC standard RRType); normalized and\
+    \ validated as a hostname.\n  - Conflicts/DNSSEC rules as described in the zone-level\
+    \ section.\n- **DNSKEY**, **DS** (DNSSEC):\n  - Not parsed/validated here beyond\
+    \ coexistence logic; allowed to coexist with `CNAME` but disallowed with `ALIAS`\
+    \ when DNSSEC is present.\n\nUnit tests: cover A/AAAA/CNAME/MX malformed cases;\
+    \ underscore handling across many types; ALIAS, wildcard, and DNSSEC compatibility\
+    \ in `tests/unit/service/dns/test_additional_dns_validations.py`.\n\n### Wildcard\
+    \ handling\n\n- `*` is allowed only as the entire leftmost label of a name (e.g.,\
+    \ `*.example.com.`).\n- Any `*` embedded within a label or not in the leftmost\
+    \ position is invalid.\n- `NS` records cannot be defined at wildcard names.\n\n\
+    Unit tests: Wildcard NS invalid; wildcard A alongside explicit siblings and at\
+    \ different levels is allowed.\n\n### Underscore handling (by RRSet type)\n\n\
+    - Allowed in hostnames for types: `CNAME`, `ALIAS`, `TXT`, `CAA`, `SRV`, `SMIMEA`,\
+    \ `TLSA`, `URI`.\n- Disallowed for: `A`, `AAAA`, `NS`, `MX`, `PTR`, `SOA`, `DNSKEY`,\
+    \ `DS`.\n- Applies both at the start of labels (e.g., `_service`) and in the middle\
+    \ (`my_service`), per tests.\n\nUnit tests: `tests/unit/models/test_dns_validation.py::TestUnderscoreHandling`\
+    \ parameterized cases across types.\n\n### Blocked hostnames\n\n- A curated list\
+    \ of blocked apex names (e.g., major providers\u2019 zones) cannot be added as\
+    \ zones. The check is performed on the dotted-stripped value (no trailing dot).\n\
+    \n### Error response shape\n\n- Zone-level failure raises `DnsZoneValidationError`\
+    \ with `extras.errors` containing:\n  - `zone_name`: either a string or a nested\
+    \ mapping of specific hostname errors\n  - `rrsets`: mapping of RRSet name \u2192\
+    \ `{ \"rrset\": [..], \"records\": { rdata \u2192 [..] } }`\n  - Optional sections\
+    \ when relevant: `cname_conflicts`, `mx_validation`, `wildcard_conflicts`, `alias_conflicts`\n\
+    - RRSet-level failure raises `DnsRrsetValidationError` with a similarly structured\
+    \ `errors` mapping for that RRSet.\n- Record-level failures are aggregated into\
+    \ the RRSet structure above.\n\nUnit tests: Assert shapes and representative messages\
+    \ in `tests/unit/models/test_dns_validation.py::TestRecordValidationErrors::test_error_response_structure`.\n\
+    \n### Key normalizers and helpers\n\n- `normalize_zone_name(s)`: lowercases and\
+    \ ensures a trailing dot.\n- `convert_rrset_name(name, zone)`: resolves `@`/empty\
+    \ to apex and converts relative names to FQDNs under the zone.\n- The record validator\
+    \ normalizes hostnames within RDATA for `CNAME`, `NS`, `PTR`, `SRV`, and `MX`\
+    \ before parsing/validation.\n\n### API behavior around trailing dots (for context)\n\
+    \n- API endpoints accept both with/without trailing dot in the path; zone names\
+    \ are normalized internally. This is orthogonal to validation rules but relevant\
+    \ to how names are handled at the boundary.\n\n---\n\nReferences (tests):\n- `tests/unit/models/test_dns_validation.py`\n\
+    - `tests/unit/service/dns/test_additional_dns_validations.py`\n- `tests/unit/service/dns/test_rrset_validation.py`\n\
+    - `tests/unit/api/dns/test_v1.py`, `tests/unit/api/dns/test_dns.py` (API normalization)\n\
+    \nReferences (implementation):\n- `common/models/dns/validation.py`\n- `common/services/dns/utils.py`\n\
+    - `common/lib/utils/dns.py`\n- `common/models/dns/blocked_domains.py`\n\n\n\n\n\
+    # Resource IDs\n\nThe API uses extensively [Type IDs](https://github.com/jetify-com/typeid):\
+    \ type-safe, K-sortable, globally unique identifier inspired by Stripe IDs. They\
+    \ can be easily identified with a format like `prefix_01jxe1nzrmf78scaqbkjx0va0f`.\
+    \ The `prefix` gives context to the ID - some examples include `user`, `organization`,\
+    \ `domain`. The rest of the ID is a 128-bit UUIDv7 encoded as a 26-character string\
+    \ using a modified base32 encoding. See [formal specification for details](https://github.com/jetify-com/typeid/tree/main/spec).\n\
+    \nThis approach allows using unique IDs (UUIDv7), preventing iteration attacks,\
+    \ while also easily identifying the \"namespace\" of the ID. `01975c1f-a15a-7f6c-a5ce-b75fe33de079`\
+    \ is hardly distuingishable from `01975c1f-f120-7874-8dc2-de7d728bf261` by humans\
+    \ on first glance. However, when represented as Type IDs, they could be represented\
+    \ as `user_01jxe1z8atfxpabknqbzhkvr3s` and `domain_01jxe1zw90f1t8vgpyfns8qwk1`,\
+    \ immediately making it easier to differentiate between them.\n\nAdditionally,\
+    \ this gives type safety and additional validation that can be done. There's [libraries\
+    \ available for many languages to make handling Type IDs easier](https://github.com/jetify-com/typeid?tab=readme-ov-file#official-implementations-by-jetify).\
+    \ We're using them ourselves on the backend to quickly catch mistakes like passing\
+    \ the wrong Type ID (passing a user ID like `user_01jxe1z8atfxpabknqbzhkvr3s`\
+    \ where a domain ID `domain_01jxe1zw90f1t8vgpyfns8qwk1` was expected).\n\n\n"
   summary: OpusDNS - your gateway to a seamless domain management experience.
   title: OpusDNS API
-  version: 2025-10-14-131453
+  version: 2025-10-15-082524
   x-logo:
     altText: OpusDNS API Reference
     url: https://d24lr4zqs1tgqh.cloudfront.net/c9505a20-5ae1-406c-b060-d392569caebf.jpg
@@ -6466,6 +6573,13 @@ paths:
           description: DNS zone name (trailing dot optional)
           title: Zone Name
           type: string
+      - in: query
+        name: auto_create_zone
+        required: false
+        schema:
+          default: false
+          title: Auto Create Zone
+          type: boolean
       responses:
         '204':
           description: Successful Response
@@ -7824,6 +7938,13 @@ paths:
           description: DNS zone name (trailing dot optional)
           title: Zone Name
           type: string
+      - in: query
+        name: auto_create_zone
+        required: false
+        schema:
+          default: false
+          title: Auto Create Zone
+          type: boolean
       responses:
         '204':
           description: Successful Response

package/src/schema.d.ts

@@ -5924,7 +5924,9 @@ export interface operations {
     };
     enable_domain_forward_v1_domain_forwards__zone_name__enable_patch: {
         parameters: {
-            query?: never;
+            query?: {
+                auto_create_zone?: boolean;
+            };
             header?: never;
             path: {
                 /** @description DNS zone name (trailing dot optional) */
@@ -7060,7 +7062,9 @@ export interface operations {
     };
     enable_email_forward_v1_email_forwards__zone_name__enable_patch: {
         parameters: {
-            query?: never;
+            query?: {
+                auto_create_zone?: boolean;
+            };
             header?: never;
             path: {
                 /** @description DNS zone name (trailing dot optional) */