agent-claw: automated task changes

cdk/node_modules/aws-cdk-lib/aws-ecr/lib/auth-token.d.ts

@@ -0,0 +1,25 @@
+import * as iam from '../../aws-iam';
+/**
+ * Authorization token to access private ECR repositories in the current environment via Docker CLI.
+ *
+ * @see https://docs.aws.amazon.com/AmazonECR/latest/userguide/registry_auth.html
+ */
+export declare class AuthorizationToken {
+    /**
+     * Grant access to retrieve an authorization token.
+     */
+    static grantRead(grantee: iam.IGrantable): void;
+    private constructor();
+}
+/**
+ * Authorization token to access the global public ECR Gallery via Docker CLI.
+ *
+ * @see https://docs.aws.amazon.com/AmazonECR/latest/public/public-registries.html#public-registry-auth
+ */
+export declare class PublicGalleryAuthorizationToken {
+    /**
+     * Grant access to retrieve an authorization token.
+     */
+    static grantRead(grantee: iam.IGrantable): void;
+    private constructor();
+}

cdk/node_modules/aws-cdk-lib/aws-ecr/lib/auth-token.js

@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.PublicGalleryAuthorizationToken=exports.AuthorizationToken=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var iam=()=>{var tmp=require("../../aws-iam");return iam=()=>tmp,tmp};class AuthorizationToken{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_ecr.AuthorizationToken",version:"2.252.0"};static grantRead(grantee){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_iam_IGrantable(grantee)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.grantRead),error}grantee.grantPrincipal.addToPrincipalPolicy(new(iam()).PolicyStatement({actions:["ecr:GetAuthorizationToken"],resources:["*"]}))}constructor(){}}exports.AuthorizationToken=AuthorizationToken;class PublicGalleryAuthorizationToken{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_ecr.PublicGalleryAuthorizationToken",version:"2.252.0"};static grantRead(grantee){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_iam_IGrantable(grantee)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.grantRead),error}grantee.grantPrincipal.addToPrincipalPolicy(new(iam()).PolicyStatement({actions:["ecr-public:GetAuthorizationToken","sts:GetServiceBearerToken"],resources:["*"]}))}constructor(){}}exports.PublicGalleryAuthorizationToken=PublicGalleryAuthorizationToken;

cdk/node_modules/aws-cdk-lib/aws-ecr/lib/index.d.ts

@@ -0,0 +1,5 @@
+export * from './ecr.generated';
+export * from './repository';
+export * from './lifecycle';
+export * from './auth-token';
+export * as mixins from './mixins';

cdk/node_modules/aws-cdk-lib/aws-ecr/lib/lifecycle.d.ts

@@ -0,0 +1,88 @@
+import type { Duration } from '../../core';
+/**
+ * An ECR life cycle rule
+ */
+export interface LifecycleRule {
+    /**
+     * Controls the order in which rules are evaluated (low to high)
+     *
+     * All rules must have a unique priority, where lower numbers have
+     * higher precedence. The first rule that matches is applied to an image.
+     *
+     * There can only be one rule with a tagStatus of Any, and it must have
+     * the highest rulePriority.
+     *
+     * All rules without a specified priority will have incrementing priorities
+     * automatically assigned to them, higher than any rules that DO have priorities.
+     *
+     * @default Automatically assigned
+     */
+    readonly rulePriority?: number;
+    /**
+     * Describes the purpose of the rule
+     *
+     * @default No description
+     */
+    readonly description?: string;
+    /**
+     * Select images based on tags
+     *
+     * Only one rule is allowed to select untagged images, and it must
+     * have the highest rulePriority.
+     *
+     * @default TagStatus.Tagged if tagPrefixList or tagPatternList is
+     * given, TagStatus.Any otherwise
+     */
+    readonly tagStatus?: TagStatus;
+    /**
+     * Select images that have ALL the given prefixes in their tag.
+     *
+     * Both tagPrefixList and tagPatternList cannot be specified
+     * together in a rule.
+     *
+     * Only if tagStatus == TagStatus.Tagged
+     */
+    readonly tagPrefixList?: string[];
+    /**
+     * Select images that have ALL the given patterns in their tag.
+     *
+     * There is a maximum limit of four wildcards (*) per string.
+     * For example, ["*test*1*2*3", "test*1*2*3*"] is valid but
+     * ["test*1*2*3*4*5*6"] is invalid.
+     *
+     * Both tagPrefixList and tagPatternList cannot be specified
+     * together in a rule.
+     *
+     * Only if tagStatus == TagStatus.Tagged
+     */
+    readonly tagPatternList?: string[];
+    /**
+     * The maximum number of images to retain
+     *
+     * Specify exactly one of maxImageCount and maxImageAge.
+     */
+    readonly maxImageCount?: number;
+    /**
+     * The maximum age of images to retain. The value must represent a number of days.
+     *
+     * Specify exactly one of maxImageCount and maxImageAge.
+     */
+    readonly maxImageAge?: Duration;
+}
+/**
+ * Select images based on tags
+ */
+export declare enum TagStatus {
+    /**
+     * Rule applies to all images
+     */
+    ANY = "any",
+    /**
+     * Rule applies to tagged images
+     */
+    TAGGED = "tagged",
+    /**
+     * Rule applies to untagged images
+     */
+    UNTAGGED = "untagged"
+}

cdk/node_modules/aws-cdk-lib/aws-ecr/lib/lifecycle.js

@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.TagStatus=void 0;var TagStatus;(function(TagStatus2){TagStatus2.ANY="any",TagStatus2.TAGGED="tagged",TagStatus2.UNTAGGED="untagged"})(TagStatus||(exports.TagStatus=TagStatus={}));

cdk/node_modules/aws-cdk-lib/aws-ecr/lib/mixins/.jsiirc.json

@@ -0,0 +1,16 @@
+{
+  "targets": {
+    "java": {
+      "package": "software.amazon.awscdk.services.ecr.mixins"
+    },
+    "dotnet": {
+      "namespace": "Amazon.CDK.AWS.ECR.Mixins"
+    },
+    "python": {
+      "module": "aws_cdk.aws_ecr.mixins"
+    },
+    "go": {
+      "packageName": "awsecrmixins"
+    }
+  }
+}

cdk/node_modules/aws-cdk-lib/aws-ecr/lib/mixins/index.d.ts

@@ -0,0 +1 @@
+export * from './repository';

cdk/node_modules/aws-cdk-lib/aws-ecr/lib/mixins/index.js

@@ -0,0 +1 @@
+"use strict";var __createBinding=exports&&exports.__createBinding||(Object.create?(function(o,m,k,k2){k2===void 0&&(k2=k);var desc=Object.getOwnPropertyDescriptor(m,k);(!desc||("get"in desc?!m.__esModule:desc.writable||desc.configurable))&&(desc={enumerable:!0,get:function(){return m[k]}}),Object.defineProperty(o,k2,desc)}):(function(o,m,k,k2){k2===void 0&&(k2=k),o[k2]=m[k]})),__exportStar=exports&&exports.__exportStar||function(m,exports2){for(var p in m)p!=="default"&&!Object.prototype.hasOwnProperty.call(exports2,p)&&__createBinding(exports2,m,p)};Object.defineProperty(exports,"__esModule",{value:!0});var _noFold;exports.RepositoryAutoDeleteImages=void 0,Object.defineProperty(exports,_noFold="RepositoryAutoDeleteImages",{enumerable:!0,configurable:!0,get:()=>{var value=require("./repository").RepositoryAutoDeleteImages;return Object.defineProperty(exports,_noFold="RepositoryAutoDeleteImages",{enumerable:!0,configurable:!0,value}),value}});

cdk/node_modules/aws-cdk-lib/aws-ecr/lib/mixins/repository.d.ts

@@ -0,0 +1,13 @@
+import type { IConstruct } from 'constructs';
+import { Mixin } from '../../../core/lib/mixins';
+import { CfnRepository } from '../ecr.generated';
+/**
+ * ECR-specific Mixin to force-delete all images from a repository
+ * when the repository is removed from the stack or when the stack is deleted.
+ *
+ * Sets the `emptyOnDelete` property on the repository.
+ */
+export declare class RepositoryAutoDeleteImages extends Mixin {
+    supports(construct: IConstruct): construct is CfnRepository;
+    applyTo(construct: IConstruct): void;
+}

cdk/node_modules/aws-cdk-lib/aws-ecr/lib/mixins/repository.js

@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.RepositoryAutoDeleteImages=void 0;const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var mixins_1=()=>{var tmp=require("../../../core/lib/mixins");return mixins_1=()=>tmp,tmp},ecr_generated_1=()=>{var tmp=require("../ecr.generated");return ecr_generated_1=()=>tmp,tmp};class RepositoryAutoDeleteImages extends mixins_1().Mixin{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_ecr.mixins.RepositoryAutoDeleteImages",version:"2.252.0"};supports(construct){return ecr_generated_1().CfnRepository.isCfnRepository(construct)}applyTo(construct){this.supports(construct)&&(construct.emptyOnDelete=!0)}}exports.RepositoryAutoDeleteImages=RepositoryAutoDeleteImages;

cdk/node_modules/aws-cdk-lib/aws-ecr/lib/repository.d.ts

@@ -0,0 +1,514 @@
+import type { IConstruct, Construct } from 'constructs';
+import { CfnRepository } from './ecr.generated';
+import type { LifecycleRule } from './lifecycle';
+import * as events from '../../aws-events';
+import * as iam from '../../aws-iam';
+import type * as kms from '../../aws-kms';
+import type { IResource } from '../../core';
+import { RemovalPolicy, Resource } from '../../core';
+import type { IRepositoryRef, RepositoryReference } from '../../interfaces/generated/aws-ecr-interfaces.generated';
+/**
+ * Represents an ECR repository.
+ */
+export interface IRepository extends IResource, IRepositoryRef {
+    /**
+     * The name of the repository
+     * @attribute
+     */
+    readonly repositoryName: string;
+    /**
+     * The ARN of the repository
+     * @attribute
+     */
+    readonly repositoryArn: string;
+    /**
+     * The URI of this repository (represents the latest image):
+     *
+     *    ACCOUNT.dkr.ecr.REGION.amazonaws.com/REPOSITORY
+     *
+     * @attribute
+     */
+    readonly repositoryUri: string;
+    /**
+     * The URI of this repository's registry:
+     *
+     *    ACCOUNT.dkr.ecr.REGION.amazonaws.com
+     *
+     * @attribute
+     */
+    readonly registryUri: string;
+    /**
+     * Returns the URI of the repository for a certain tag. Can be used in `docker push/pull`.
+     *
+     *    ACCOUNT.dkr.ecr.REGION.amazonaws.com/REPOSITORY[:TAG]
+     *
+     * @param tag Image tag to use (tools usually default to "latest" if omitted)
+     */
+    repositoryUriForTag(tag?: string): string;
+    /**
+     * Returns the URI of the repository for a certain digest. Can be used in `docker push/pull`.
+     *
+     *    ACCOUNT.dkr.ecr.REGION.amazonaws.com/REPOSITORY[@DIGEST]
+     *
+     * @param digest Image digest to use (tools usually default to the image with the "latest" tag if omitted)
+     */
+    repositoryUriForDigest(digest?: string): string;
+    /**
+     * Returns the URI of the repository for a certain tag or digest, inferring based on the syntax of the tag. Can be used in `docker push/pull`.
+     *
+     *    ACCOUNT.dkr.ecr.REGION.amazonaws.com/REPOSITORY[:TAG]
+     *    ACCOUNT.dkr.ecr.REGION.amazonaws.com/REPOSITORY[@DIGEST]
+     *
+     * @param tagOrDigest Image tag or digest to use (tools usually default to the image with the "latest" tag if omitted)
+     */
+    repositoryUriForTagOrDigest(tagOrDigest?: string): string;
+    /**
+     * Add a policy statement to the repository's resource policy
+     */
+    addToResourcePolicy(statement: iam.PolicyStatement): iam.AddToResourcePolicyResult;
+    /**
+     * Grant the given principal identity permissions to perform the actions on this repository
+     */
+    grant(grantee: iam.IGrantable, ...actions: string[]): iam.Grant;
+    /**
+     * Grant the given identity permissions to read images in this repository.
+     */
+    grantRead(grantee: iam.IGrantable): iam.Grant;
+    /**
+     * Grant the given identity permissions to pull images in this repository.
+     */
+    grantPull(grantee: iam.IGrantable): iam.Grant;
+    /**
+     * Grant the given identity permissions to push images in this repository.
+     */
+    grantPush(grantee: iam.IGrantable): iam.Grant;
+    /**
+     * Grant the given identity permissions to pull and push images to this repository.
+     */
+    grantPullPush(grantee: iam.IGrantable): iam.Grant;
+    /**
+     * Define a CloudWatch event that triggers when something happens to this repository
+     *
+     * Requires that there exists at least one CloudTrail Trail in your account
+     * that captures the event. This method will not create the Trail.
+     *
+     * @param id The id of the rule
+     * @param options Options for adding the rule
+     */
+    onCloudTrailEvent(id: string, options?: events.OnEventOptions): events.Rule;
+    /**
+     * Defines an AWS CloudWatch event rule that can trigger a target when an image is pushed to this
+     * repository.
+     *
+     * Requires that there exists at least one CloudTrail Trail in your account
+     * that captures the event. This method will not create the Trail.
+     *
+     * @param id The id of the rule
+     * @param options Options for adding the rule
+     */
+    onCloudTrailImagePushed(id: string, options?: OnCloudTrailImagePushedOptions): events.Rule;
+    /**
+     * Defines an AWS CloudWatch event rule that can trigger a target when the image scan is completed
+     *
+     *
+     * @param id The id of the rule
+     * @param options Options for adding the rule
+     */
+    onImageScanCompleted(id: string, options?: OnImageScanCompletedOptions): events.Rule;
+    /**
+     * Defines a CloudWatch event rule which triggers for repository events. Use
+     * `rule.addEventPattern(pattern)` to specify a filter.
+     */
+    onEvent(id: string, options?: events.OnEventOptions): events.Rule;
+}
+/**
+ * Base class for ECR repository. Reused between imported repositories and owned repositories.
+ */
+export declare abstract class RepositoryBase extends Resource implements IRepository {
+    private readonly REPO_PULL_ACTIONS;
+    private readonly REPO_PUSH_ACTIONS;
+    /**
+     * The name of the repository
+     */
+    abstract readonly repositoryName: string;
+    /**
+     * The ARN of the repository
+     */
+    abstract readonly repositoryArn: string;
+    /**
+     * A reference to this repository
+     */
+    get repositoryRef(): RepositoryReference;
+    /**
+     * Add a policy statement to the repository's resource policy
+     */
+    abstract addToResourcePolicy(statement: iam.PolicyStatement): iam.AddToResourcePolicyResult;
+    /**
+     * The URI of this repository (represents the latest image):
+     *
+     *    ACCOUNT.dkr.ecr.REGION.amazonaws.com/REPOSITORY
+     *
+     */
+    get repositoryUri(): string;
+    /**
+     * The URI of this repository's registry:
+     *
+     *    ACCOUNT.dkr.ecr.REGION.amazonaws.com
+     *
+     */
+    get registryUri(): string;
+    /**
+     * Returns the URL of the repository. Can be used in `docker push/pull`.
+     *
+     *    ACCOUNT.dkr.ecr.REGION.amazonaws.com/REPOSITORY[:TAG]
+     *
+     * @param tag Optional image tag
+     */
+    repositoryUriForTag(tag?: string): string;
+    /**
+     * Returns the URL of the repository. Can be used in `docker push/pull`.
+     *
+     *    ACCOUNT.dkr.ecr.REGION.amazonaws.com/REPOSITORY[@DIGEST]
+     *
+     * @param digest Optional image digest
+     */
+    repositoryUriForDigest(digest?: string): string;
+    /**
+     * Returns the URL of the repository. Can be used in `docker push/pull`.
+     *
+     *    ACCOUNT.dkr.ecr.REGION.amazonaws.com/REPOSITORY[:TAG]
+     *    ACCOUNT.dkr.ecr.REGION.amazonaws.com/REPOSITORY[@DIGEST]
+     *
+     * @param tagOrDigest Optional image tag or digest (digests must start with `sha256:`)
+     */
+    repositoryUriForTagOrDigest(tagOrDigest?: string): string;
+    /**
+     * Returns the repository URI, with an appended suffix, if provided.
+     * @param suffix An image tag or an image digest.
+     * @private
+     */
+    private repositoryUriWithSuffix;
+    /**
+     * Define a CloudWatch event that triggers when something happens to this repository
+     *
+     * Requires that there exists at least one CloudTrail Trail in your account
+     * that captures the event. This method will not create the Trail.
+     *
+     * @param id The id of the rule
+     * @param options Options for adding the rule
+     */
+    onCloudTrailEvent(id: string, options?: events.OnEventOptions): events.Rule;
+    /**
+     * Defines an AWS CloudWatch event rule that can trigger a target when an image is pushed to this
+     * repository.
+     *
+     * Requires that there exists at least one CloudTrail Trail in your account
+     * that captures the event. This method will not create the Trail.
+     *
+     * @param id The id of the rule
+     * @param options Options for adding the rule
+     */
+    onCloudTrailImagePushed(id: string, options?: OnCloudTrailImagePushedOptions): events.Rule;
+    /**
+     * Defines an AWS CloudWatch event rule that can trigger a target when an image scan is completed
+     *
+     *
+     * @param id The id of the rule
+     * @param options Options for adding the rule
+     */
+    onImageScanCompleted(id: string, options?: OnImageScanCompletedOptions): events.Rule;
+    /**
+     * Defines a CloudWatch event rule which triggers for repository events. Use
+     * `rule.addEventPattern(pattern)` to specify a filter.
+     */
+    onEvent(id: string, options?: events.OnEventOptions): events.Rule;
+    /**
+     * Grant the given principal identity permissions to perform the actions on this repository
+     * [disable-awslint:no-grants]
+     */
+    grant(grantee: iam.IGrantable, ...actions: string[]): iam.Grant;
+    /**
+     * Grant the given identity permissions to read the images in this repository
+     * [disable-awslint:no-grants]
+     */
+    grantRead(grantee: iam.IGrantable): iam.Grant;
+    /**
+     * Grant the given identity permissions to use the images in this repository
+     * [disable-awslint:no-grants]
+     */
+    grantPull(grantee: iam.IGrantable): iam.Grant;
+    /**
+     * Grant the given identity permissions to use the images in this repository
+     * [disable-awslint:no-grants]
+     */
+    grantPush(grantee: iam.IGrantable): iam.Grant;
+    /**
+     * Grant the given identity permissions to pull and push images to this repository.
+     * [disable-awslint:no-grants]
+     */
+    grantPullPush(grantee: iam.IGrantable): iam.Grant;
+    /**
+     * Returns the resource that backs the given IAM grantee if we cannot put a direct reference
+     * to the grantee in the resource policy of this ECR repository,
+     * and 'undefined' in case we can.
+     */
+    private unsafeCrossAccountResourcePolicyPrincipal;
+}
+/**
+ * Options for the onCloudTrailImagePushed method
+ */
+export interface OnCloudTrailImagePushedOptions extends events.OnEventOptions {
+    /**
+     * Only watch changes to this image tag
+     *
+     * @default - Watch changes to all tags
+     */
+    readonly imageTag?: string;
+}
+/**
+ * Options for the OnImageScanCompleted method
+ */
+export interface OnImageScanCompletedOptions extends events.OnEventOptions {
+    /**
+     * Only watch changes to the image tags specified.
+     * Leave it undefined to watch the full repository.
+     *
+     * @default - Watch the changes to the repository with all image tags
+     */
+    readonly imageTags?: string[];
+}
+export interface RepositoryProps {
+    /**
+     * Name for this repository.
+     *
+     * The repository name must start with a letter and can only contain lowercase letters, numbers, hyphens, underscores, and forward slashes.
+     *
+     * > If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.
+     *
+     * @default Automatically generated name.
+     */
+    readonly repositoryName?: string;
+    /**
+     * The kind of server-side encryption to apply to this repository.
+     *
+     * If you choose KMS, you can specify a KMS key via `encryptionKey`. If
+     * encryptionKey is not specified, an AWS managed KMS key is used.
+     *
+     * @default - `KMS` if `encryptionKey` is specified, or `AES256` otherwise.
+     */
+    readonly encryption?: RepositoryEncryption;
+    /**
+     * External KMS key to use for repository encryption.
+     *
+     * The 'encryption' property must be either not specified or set to "KMS".
+     * An error will be emitted if encryption is set to "AES256".
+     *
+     * @default - If encryption is set to `KMS` and this property is undefined,
+     * an AWS managed KMS key is used.
+     */
+    readonly encryptionKey?: kms.IKeyRef;
+    /**
+     * Life cycle rules to apply to this registry
+     *
+     * @default No life cycle rules
+     */
+    readonly lifecycleRules?: LifecycleRule[];
+    /**
+     * The AWS account ID associated with the registry that contains the repository.
+     *
+     * @see https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_PutLifecyclePolicy.html
+     * @default The default registry is assumed.
+     */
+    readonly lifecycleRegistryId?: string;
+    /**
+     * Determine what happens to the repository when the resource/stack is deleted.
+     *
+     * @default RemovalPolicy.Retain
+     */
+    readonly removalPolicy?: RemovalPolicy;
+    /**
+     * Enable the scan on push when creating the repository
+     *
+     *  @default false
+     */
+    readonly imageScanOnPush?: boolean;
+    /**
+     * The tag mutability setting for the repository. If this parameter is omitted, the default setting of MUTABLE will be used which will allow image tags to be overwritten.
+     *
+     *  @default TagMutability.MUTABLE
+     */
+    readonly imageTagMutability?: TagMutability;
+    /**
+     * The image tag mutability exclusion filters for the repository.
+     *
+     * These filters specify which image tags can override the repository's default image tag mutability setting.
+     *
+     * @default undefined - AWS ECR default is no exclusion filters
+     * @see https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-tag-mutability.html
+     */
+    readonly imageTagMutabilityExclusionFilters?: ImageTagMutabilityExclusionFilter[];
+    /**
+     * Whether all images should be automatically deleted when the repository is
+     * removed from the stack or when the stack is deleted.
+     *
+     * Requires the `removalPolicy` to be set to `RemovalPolicy.DESTROY`.
+     *
+     * @default false
+     * @deprecated Use `emptyOnDelete` instead.
+     */
+    readonly autoDeleteImages?: boolean;
+    /**
+     * If true, deleting the repository force deletes the contents of the repository. If false, the repository must be empty before attempting to delete it.
+     *
+     * @default false
+     */
+    readonly emptyOnDelete?: boolean;
+}
+/**
+ * Properties for looking up an existing Repository.
+ */
+export interface RepositoryLookupOptions {
+    /**
+     * The name of the repository.
+     *
+     * @default - Do not filter on repository name
+     */
+    readonly repositoryName?: string;
+    /**
+     * The ARN of the repository.
+     *
+     * @default - Do not filter on repository ARN
+     */
+    readonly repositoryArn?: string;
+}
+export interface RepositoryAttributes {
+    readonly repositoryName: string;
+    readonly repositoryArn: string;
+}
+/**
+ * Define an ECR repository
+ */
+export declare class Repository extends RepositoryBase {
+    /**
+     * Uniquely identifies this class.
+     */
+    static readonly PROPERTY_INJECTION_ID: string;
+    /**
+     * Lookup an existing repository
+     */
+    static fromLookup(scope: Construct, id: string, options: RepositoryLookupOptions): IRepository;
+    /**
+     * Import a repository
+     */
+    static fromRepositoryAttributes(scope: Construct, id: string, attrs: RepositoryAttributes): IRepository;
+    static fromRepositoryArn(scope: Construct, id: string, repositoryArn: string): IRepository;
+    static fromRepositoryName(scope: Construct, id: string, repositoryName: string): IRepository;
+    /**
+     * Returns an ECR ARN for a repository that resides in the same account/region
+     * as the current stack.
+     */
+    static arnForLocalRepository(repositoryName: string, scope: IConstruct, account?: string): string;
+    private static validateRepositoryName;
+    private readonly lifecycleRules;
+    private readonly registryId?;
+    private readonly _policyDocument;
+    private readonly _resource;
+    get repositoryName(): string;
+    get repositoryArn(): string;
+    constructor(scope: Construct, id: string, props?: RepositoryProps);
+    /**
+     * Add a policy statement to the repository's resource policy.
+     *
+     * While other resources policies in AWS either require or accept a resource section,
+     * Cfn for ECR does not allow us to specify a resource policy.
+     * It will fail if a resource section is present at all.
+     */
+    addToResourcePolicy(statement: iam.PolicyStatement): iam.AddToResourcePolicyResult;
+    /**
+     * Add a life cycle rule to the repository
+     *
+     * Life cycle rules automatically expire images from the repository that match
+     * certain conditions.
+     */
+    addLifecycleRule(rule: LifecycleRule): void;
+    private validateTagMutability;
+    /**
+     * Render the life cycle policy object
+     */
+    private renderLifecyclePolicy;
+    /**
+     * Return life cycle rules with automatic ordering applied.
+     *
+     * Also applies validation of the 'any' rule.
+     */
+    private orderedLifecycleRules;
+    /**
+     * Set up key properties and return the Repository encryption property from the
+     * user's configuration.
+     */
+    private parseEncryption;
+    private enableAutoDeleteImages;
+}
+/**
+ * The tag mutability setting for your repository.
+ */
+export declare enum TagMutability {
+    /**
+     * allow image tags to be overwritten.
+     */
+    MUTABLE = "MUTABLE",
+    /**
+     * all image tags within the repository will be immutable which will prevent them from being overwritten.
+     */
+    IMMUTABLE = "IMMUTABLE",
+    /**
+     * all image tags within the repository will be immutable, while allowing you to define some filters for tags that can be changed.
+     */
+    IMMUTABLE_WITH_EXCLUSION = "IMMUTABLE_WITH_EXCLUSION",
+    /**
+     * allow image tags to be overwritten while allowing you to define some filters for tags that should remain unchanged.
+     */
+    MUTABLE_WITH_EXCLUSION = "MUTABLE_WITH_EXCLUSION"
+}
+/**
+ * Represents an image tag mutability exclusion filter for ECR repository
+ */
+export declare class ImageTagMutabilityExclusionFilter {
+    private readonly filterType;
+    private readonly filterValue;
+    /**
+     * Creates a wildcard filter for image tag mutability exclusion
+     * @param pattern The wildcard pattern to match image tags (e.g., 'dev-*', 'release-v*')
+     */
+    static wildcard(pattern: string): ImageTagMutabilityExclusionFilter;
+    private constructor();
+    /**
+     * Renders the filter to CloudFormation properties
+     * @internal
+     */
+    _render(): CfnRepository.ImageTagMutabilityExclusionFilterProperty;
+}
+/**
+ * Indicates whether server-side encryption is enabled for the object, and whether that encryption is
+ * from the AWS Key Management Service (AWS KMS) or from Amazon S3 managed encryption (SSE-S3).
+ * @see https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html#SysMetadata
+ */
+export declare class RepositoryEncryption {
+    readonly value: string;
+    /**
+     * 'AES256'
+     */
+    static readonly AES_256: RepositoryEncryption;
+    /**
+     * 'KMS'
+     */
+    static readonly KMS: RepositoryEncryption;
+    /**
+     * 'KMS_DSSE'
+     */
+    static readonly KMS_DSSE: RepositoryEncryption;
+    /**
+     * @param value the string value of the encryption
+     */
+    protected constructor(value: string);
+}