@gr4vy/sdk 2.1.2 → 2.1.3

package/README.md

@@ -1090,13 +1090,19 @@ You can also enable a default debug logger by setting an environment variable `G
 
 ## Testing
 
-To run the tests, install NPM, ensure to download the `private_key.pem` for the test environment, and run the following.
+The SDK has an end-to-end test suite that runs against the E2E sandbox. Place
+the `private_key.pem` for the test environment in the repo root (or export
+`PRIVATE_KEY`), then:
 
 ```sh
 npm install
-npx vitest --testTimeout 8000
+npx vitest run
 ```
 
+See **[TESTING.md](TESTING.md)** for the full guide — suite layout, parallelism
+and CI sharding, property-based tests, coverage / endpoint-reach reporting, and
+how testing ties into the release pipeline.
+
 ## Contributions
 
 While we value open-source contributions to this SDK, this library is generated programmatically.

package/jsr.json

@@ -2,7 +2,7 @@
 
 {
   "name": "@gr4vy/sdk",
-  "version": "2.1.2",
+  "version": "2.1.3",
   "exports": {
     ".": "./src/index.ts",    
     "./models/errors": "./src/models/errors/index.ts",    

package/lib/config.d.ts

@@ -44,8 +44,8 @@ export declare function serverURLFromOptions(options: SDKOptions): URL | null;
 export declare const SDK_METADATA: {
     readonly language: "typescript";
     readonly openapiDocVersion: "1.0.0";
-    readonly sdkVersion: "2.1.2";
+    readonly sdkVersion: "2.1.3";
     readonly genVersion: "2.889.1";
-    readonly userAgent: "speakeasy-sdk/typescript 2.1.2 2.889.1 1.0.0 @gr4vy/sdk";
+    readonly userAgent: "speakeasy-sdk/typescript 2.1.3 2.889.1 1.0.0 @gr4vy/sdk";
 };
 //# sourceMappingURL=config.d.ts.map

package/lib/config.js

@@ -37,8 +37,8 @@ function serverURLFromOptions(options) {
 exports.SDK_METADATA = {
     language: "typescript",
     openapiDocVersion: "1.0.0",
-    sdkVersion: "2.1.2",
+    sdkVersion: "2.1.3",
     genVersion: "2.889.1",
-    userAgent: "speakeasy-sdk/typescript 2.1.2 2.889.1 1.0.0 @gr4vy/sdk",
+    userAgent: "speakeasy-sdk/typescript 2.1.3 2.889.1 1.0.0 @gr4vy/sdk",
 };
 //# sourceMappingURL=config.js.map

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@gr4vy/sdk",
-  "version": "2.1.2",
+  "version": "2.1.3",
   "author": "Gr4vy",
   "main": "./index.js",
   "sideEffects": false,
@@ -19,12 +19,14 @@
   "devDependencies": {
     "@eslint/js": "^9.26.0",
     "@types/jsonwebtoken": "^9.0.10",
+    "@vitest/coverage-v8": "^4.1.7",
     "eslint": "^9.26.0",
+    "fast-check": "^4.8.0",
     "globals": "^15.14.0",
     "timekeeper": "^2.3.1",
     "typescript": "~5.8.3",
     "typescript-eslint": "^8.26.0",
-    "vitest": "^4.1.5"
+    "vitest": "^4.1.7"
   },
   "dependencies": {
     "jsonwebtoken": "^9.0.3",

package/scripts/endpoint-coverage.mjs

@@ -0,0 +1,136 @@
+// Summarises test coverage for the PR comment.
+//
+// Endpoint reach is computed from *observed HTTP calls*, not statement coverage:
+// the test fetcher (tests/utils/setup.ts, gated on GR4VY_TRACK_HTTP) logs the
+// method + path of every request it sends to coverage/http/*.jsonl. We map each
+// `src/funcs/*.ts` operation to its (method, path-template) and mark it reached
+// only if a matching request was actually sent — so a function that returns at
+// local validation before issuing a request does not count.
+//
+// Code-coverage percentages (for the instrumented SDK surface) are read from the
+// vitest v8 coverage-summary.json as a secondary signal.
+//
+// Writes coverage/endpoint-coverage.md (for the PR comment) and prints it.
+// Exits 0 always — this is a report, not a gate.
+import { mkdirSync, readdirSync, readFileSync, writeFileSync } from "node:fs";
+import { join } from "node:path";
+
+const COVERAGE_DIR = "coverage";
+const FUNCS_DIR = "src/funcs";
+
+// 1. Build the operation catalogue from the generated funcs.
+const opCatalogue = readdirSync(FUNCS_DIR)
+  .filter((f) => f.endsWith(".ts"))
+  .map((file) => {
+    const src = readFileSync(join(FUNCS_DIR, file), "utf8");
+    const pathMatch = src.match(/pathToFunc\(\s*"([^"]+)"/);
+    const methodMatch = src.match(/method:\s*"(GET|POST|PUT|PATCH|DELETE)"/);
+    if (!pathMatch || !methodMatch) return null;
+    const template = pathMatch[1];
+    const regex = new RegExp(
+      "^" + template.replace(/\{[^/}]+\}/g, "[^/]+").replace(/\//g, "\\/") + "$"
+    );
+    const params = (template.match(/\{[^/}]+\}/g) ?? []).length;
+    return { op: file.replace(/\.ts$/, ""), method: methodMatch[1], template, regex, params };
+  })
+  .filter(Boolean);
+
+// 2. Load observed HTTP calls (per-worker files).
+let calls = [];
+try {
+  const dir = join(COVERAGE_DIR, "http");
+  for (const f of readdirSync(dir).filter((f) => f.endsWith(".jsonl"))) {
+    for (const line of readFileSync(join(dir, f), "utf8").split("\n")) {
+      if (!line.trim()) continue;
+      // Skip malformed/truncated lines (e.g. a worker that crashed mid-write) —
+      // this is best-effort instrumentation and must never fail the report.
+      try {
+        calls.push(JSON.parse(line));
+      } catch {
+        // ignore this line
+      }
+    }
+  }
+} catch {
+  // no logs — fetcher tracking was not enabled for this run
+}
+
+const httpTracked = calls.length > 0;
+
+// 3. Match calls to operations.
+const reached = new Set();
+if (httpTracked) {
+  for (const { method, pathname } of calls) {
+    // A literal path like /buyers/gift-cards also matches a parameterised
+    // template like /buyers/{buyer_id}, so credit the most specific operation
+    // (fewest path params, then longest template).
+    const op = opCatalogue
+      .filter((o) => o.method === method && o.regex.test(pathname))
+      .sort((a, b) => a.params - b.params || b.template.length - a.template.length)[0];
+    if (op) reached.add(op.op);
+  }
+}
+
+const missed = opCatalogue
+  .map((o) => o.op)
+  .filter((op) => !reached.has(op))
+  .sort();
+
+// 4. Code-coverage percentages (secondary signal).
+let total = {};
+try {
+  total =
+    JSON.parse(readFileSync(join(COVERAGE_DIR, "coverage-summary.json"), "utf8"))
+      .total ?? {};
+} catch {
+  // coverage summary missing — leave percentages blank
+}
+const pct = (m) => (total[m]?.pct != null ? `${total[m].pct.toFixed(1)}%` : "n/a");
+
+// 5. Render.
+const lines = [];
+lines.push("### 🧪 Test coverage");
+lines.push("");
+if (!httpTracked) {
+  lines.push(
+    "> ⚠️ HTTP call tracking was not enabled (set `GR4VY_TRACK_HTTP=1` for the " +
+      "coverage run), so endpoint reach could not be computed from observed requests."
+  );
+  lines.push("");
+}
+const reachPct = opCatalogue.length
+  ? ((reached.size / opCatalogue.length) * 100).toFixed(1)
+  : "0.0";
+lines.push("| Metric | Value |");
+lines.push("| --- | --- |");
+lines.push(
+  `| **Endpoints reached (HTTP)** | ${reached.size} / ${opCatalogue.length} (${reachPct}%) |`
+);
+lines.push(`| Statements | ${pct("statements")} |`);
+lines.push(`| Branches | ${pct("branches")} |`);
+lines.push(`| Functions | ${pct("functions")} |`);
+lines.push(`| Lines | ${pct("lines")} |`);
+lines.push("");
+if (httpTracked && missed.length) {
+  lines.push(
+    `> ⚠️ **${missed.length} endpoint operation(s) have no E2E test.** ` +
+      `Newly generated endpoints show up here — consider adding tests for them.`
+  );
+  lines.push("");
+  for (const name of missed) lines.push(`- \`${name}\``);
+} else if (httpTracked) {
+  lines.push("✅ Every endpoint operation was reached by a real request.");
+}
+lines.push("");
+lines.push(
+  "<sub>Endpoint reach is measured from HTTP requests actually sent by the " +
+    "suite (see tests/utils/setup.ts). Code coverage is for `src/funcs` + " +
+    "`src/sdk`. See [TESTING.md](../TESTING.md).</sub>"
+);
+
+const markdown = lines.join("\n");
+// Ensure the output dir exists — the script may run even when --coverage wasn't,
+// and it must never fail the job just because of a missing directory.
+mkdirSync(COVERAGE_DIR, { recursive: true });
+writeFileSync(join(COVERAGE_DIR, "endpoint-coverage.md"), markdown + "\n");
+console.log(markdown);

package/src/lib/config.ts

@@ -77,7 +77,7 @@ export function serverURLFromOptions(options: SDKOptions): URL | null {
 export const SDK_METADATA = {
   language: "typescript",
   openapiDocVersion: "1.0.0",
-  sdkVersion: "2.1.2",
+  sdkVersion: "2.1.3",
   genVersion: "2.889.1",
-  userAgent: "speakeasy-sdk/typescript 2.1.2 2.889.1 1.0.0 @gr4vy/sdk",
+  userAgent: "speakeasy-sdk/typescript 2.1.3 2.889.1 1.0.0 @gr4vy/sdk",
 } as const;

package/tests/backoffice/account-updater.test.ts

@@ -0,0 +1,24 @@
+import { beforeAll, describe, expect, test } from "vitest";
+import { Gr4vy } from "../../src";
+import { cardPaymentMethod } from "../utils/fixtures";
+import { setupMerchant } from "../utils/setup";
+
+let gr4vy: Gr4vy;
+
+beforeAll(async () => {
+  ({ client: gr4vy } = await setupMerchant());
+});
+
+describe("Account Updater", () => {
+  // The Real-Time Account Updater (Loon) is not configured on the mock merchant,
+  // so creating a job is exercised at the request level: a real stored payment
+  // method id is submitted and the API is expected to reject the job because the
+  // service is not enabled, rather than the test skipping the endpoint.
+  test("creating a job is exercised at the request level", async () => {
+    const method = await gr4vy.paymentMethods.create(cardPaymentMethod());
+
+    await expect(
+      gr4vy.accountUpdater.jobs.create({ paymentMethodIds: [method.id] })
+    ).rejects.toThrow();
+  });
+});

package/tests/backoffice/audit-logs.test.ts

@@ -0,0 +1,20 @@
+import { beforeAll, describe, expect, test } from "vitest";
+import { Gr4vy } from "../../src";
+import { buyer } from "../utils/fixtures";
+import { setupMerchant } from "../utils/setup";
+
+let gr4vy: Gr4vy;
+
+beforeAll(async () => {
+  ({ client: gr4vy } = await setupMerchant());
+});
+
+describe("Audit Logs", () => {
+  test("listing audit logs returns a page", async () => {
+    // Perform a mutating action so the account has at least one audit entry.
+    await gr4vy.buyers.create(buyer());
+
+    const page = await gr4vy.auditLogs.list({});
+    expect(page).toBeDefined();
+  });
+});

package/tests/backoffice/merchant-accounts.test.ts

@@ -0,0 +1,77 @@
+import crypto from "crypto";
+import { beforeAll, describe, expect, test } from "vitest";
+import { Gr4vy } from "../../src";
+import { createGr4vyClient, setupMerchant } from "../utils/setup";
+
+let admin: Gr4vy;
+let privateKey: string;
+
+beforeAll(async () => {
+  // merchant-accounts are an admin-level resource, so use an un-scoped client.
+  ({ privateKey } = await setupMerchant());
+  admin = createGr4vyClient(privateKey);
+});
+
+const newMerchantId = () => crypto.randomBytes(8).toString("hex");
+
+describe("Merchant Accounts", () => {
+  test("create → get → list → update (partial)", async () => {
+    const id = newMerchantId();
+    const created = await admin.merchantAccounts.create({
+      id,
+      displayName: "Original Display",
+    });
+    expect(created.id).toBe(id);
+
+    const fetched = await admin.merchantAccounts.get(id);
+    expect(fetched.id).toBe(id);
+
+    const page = await admin.merchantAccounts.list();
+    expect(page).toBeDefined();
+
+    // Partial update: change only the display name, leave everything else.
+    const updated = await admin.merchantAccounts.update(
+      { displayName: "Renamed Display" },
+      id
+    );
+    expect(updated.displayName).toBe("Renamed Display");
+    expect(updated.id).toBe(id);
+  });
+
+  describe("3DS configuration", () => {
+    // 3DS configuration is keyed per scheme/currency on the merchant account.
+    test("create → list → update (partial) → delete", async () => {
+      const id = newMerchantId();
+      await admin.merchantAccounts.create({ id, displayName: id });
+
+      const created =
+        await admin.merchantAccounts.threeDsConfiguration.create(
+          {
+            merchantAcquirerBin: "516327",
+            merchantAcquirerId: "123456789012345",
+            merchantName: "Gr4vy E2E",
+            merchantCountryCode: "840",
+            merchantCategoryCode: "1234",
+            merchantUrl: "https://example.com",
+            scheme: "visa",
+            metadata: { env: "e2e" },
+          },
+          id
+        );
+      expect(created.id).toBeDefined();
+
+      const list = await admin.merchantAccounts.threeDsConfiguration.list(id);
+      expect(list).toBeDefined();
+
+      const updated =
+        await admin.merchantAccounts.threeDsConfiguration.update(
+          { merchantName: "Renamed Merchant" },
+          id,
+          created.id!
+        );
+      expect(updated.merchantName).toBe("Renamed Merchant");
+
+      await admin.merchantAccounts.threeDsConfiguration.delete(id, created.id!);
+    });
+  });
+});

package/tests/backoffice/payment-services.test.ts

@@ -0,0 +1,95 @@
+import { beforeAll, describe, expect, test } from "vitest";
+import { Gr4vy } from "../../src";
+import { PaymentServiceCreate } from "../../src/models/components";
+import { setupMerchant } from "../utils/setup";
+
+let gr4vy: Gr4vy;
+
+beforeAll(async () => {
+  ({ client: gr4vy } = await setupMerchant());
+});
+
+const mockCardService = (
+  overrides: Partial<PaymentServiceCreate> = {}
+): PaymentServiceCreate => ({
+  displayName: "Mock card service",
+  paymentServiceDefinitionId: "mock-card",
+  acceptedCurrencies: ["USD"],
+  acceptedCountries: ["US"],
+  fields: [{ key: "merchant_id", value: "test" }],
+  ...overrides,
+});
+
+describe("Payment Services", () => {
+  test("create → get → list → update (partial) → delete", async () => {
+    const created = await gr4vy.paymentServices.create(mockCardService());
+    expect(created.id).toBeDefined();
+
+    const fetched = await gr4vy.paymentServices.get(created.id!);
+    expect(fetched.id).toBe(created.id);
+
+    const page = await gr4vy.paymentServices.list({});
+    expect(page).toBeDefined();
+
+    // Partial update: change only the display name.
+    const updated = await gr4vy.paymentServices.update(
+      { displayName: "Renamed service" },
+      created.id!
+    );
+    expect(updated.displayName).toBe("Renamed service");
+
+    await gr4vy.paymentServices.delete(created.id!);
+    await expect(() => gr4vy.paymentServices.get(created.id!)).rejects.toThrow();
+  });
+
+  // Credential verification and session creation are not meaningfully supported
+  // by the mock-card connector (verify returns a non-JSON body; session is
+  // explicitly unsupported), so both are exercised at the request level.
+  test("verify is exercised at the request level", async () => {
+    await expect(
+      gr4vy.paymentServices.verify({
+        paymentServiceDefinitionId: "mock-card",
+        fields: [{ key: "merchant_id", value: "test" }],
+      })
+    ).rejects.toThrow();
+  });
+
+  test("create a session is exercised at the request level", async () => {
+    const created = await gr4vy.paymentServices.create(mockCardService());
+    await expect(
+      gr4vy.paymentServices.session({}, created.id!)
+    ).rejects.toThrow();
+  });
+
+  describe("definitions, options and card schemes", () => {
+    test("list and get payment service definitions", async () => {
+      const page = await gr4vy.paymentServiceDefinitions.list();
+      expect(page).toBeDefined();
+
+      const definition =
+        await gr4vy.paymentServiceDefinitions.get("mock-card");
+      expect(definition.id).toBe("mock-card");
+    });
+
+    test("create a session for a definition is exercised at the request level", async () => {
+      // Session creation is not supported for the mock-card definition.
+      await expect(
+        gr4vy.paymentServiceDefinitions.session({}, "mock-card")
+      ).rejects.toThrow();
+    });
+
+    test("list payment options for a cart", async () => {
+      const options = await gr4vy.paymentOptions.list({
+        country: "US",
+        currency: "USD",
+        amount: 1299,
+      });
+      expect(options).toBeDefined();
+    });
+
+    test("list card scheme definitions", async () => {
+      const schemes = await gr4vy.cardSchemeDefinitions.list();
+      expect(schemes).toBeDefined();
+    });
+  });
+});

package/tests/backoffice/payouts.test.ts

@@ -0,0 +1,49 @@
+import { beforeAll, describe, expect, test } from "vitest";
+import { Gr4vy } from "../../src";
+import { APPROVING_CARD } from "../utils/fixtures";
+import { setupMerchant } from "../utils/setup";
+
+let gr4vy: Gr4vy;
+
+beforeAll(async () => {
+  ({ client: gr4vy } = await setupMerchant());
+});
+
+describe("Payouts", () => {
+  test("listing payouts returns a page", async () => {
+    const page = await gr4vy.payouts.list();
+    expect(page).toBeDefined();
+  });
+
+  // The mock-card service is not a payout-capable connection, so creating a
+  // payout is exercised at the request level — the SDK serialises the payload
+  // and the API rejects it for a real reason rather than the test skipping it.
+  test("create is exercised at the request level", async () => {
+    const service = await gr4vy.paymentServices.create({
+      displayName: "Mock card service",
+      paymentServiceDefinitionId: "mock-card",
+      acceptedCurrencies: ["USD"],
+      acceptedCountries: ["US"],
+      fields: [{ key: "merchant_id", value: "test" }],
+    });
+
+    await expect(
+      gr4vy.payouts.create({
+        amount: 1299,
+        currency: "USD",
+        paymentServiceId: service.id,
+        paymentMethod: {
+          method: "card",
+          number: APPROVING_CARD.number,
+          expirationDate: APPROVING_CARD.expiration_date,
+        },
+      })
+    ).rejects.toThrow();
+  });
+
+  test("fetching a missing payout is exercised at the request level", async () => {
+    await expect(
+      gr4vy.payouts.get("00000000-0000-0000-0000-000000000000")
+    ).rejects.toThrow();
+  });
+});

package/tests/backoffice/reports.test.ts

@@ -0,0 +1,69 @@
+import { beforeAll, describe, expect, test } from "vitest";
+import { Gr4vy } from "../../src";
+import { ReportCreate } from "../../src/models/components";
+import { uniqueId } from "../utils/fixtures";
+import { setupMerchant } from "../utils/setup";
+
+let gr4vy: Gr4vy;
+
+beforeAll(async () => {
+  ({ client: gr4vy } = await setupMerchant());
+});
+
+const reportCreate = (): ReportCreate => ({
+  name: uniqueId("report"),
+  schedule: "daily",
+  scheduleEnabled: true,
+  scheduleTimezone: "UTC",
+  spec: {
+    model: "transactions",
+    params: {
+      fields: ["id", "status"],
+      filters: { status: ["capture_succeeded"] },
+      sort: [{ field: "created_at", order: "desc" }],
+    },
+  },
+});
+
+describe("Reports", () => {
+  test("create → get → put (partial) → list", async () => {
+    const created = await gr4vy.reports.create(reportCreate());
+    expect(created.id).toBeDefined();
+
+    const fetched = await gr4vy.reports.get(created.id);
+    expect(fetched.id).toBe(created.id);
+
+    // Partial update: toggle the schedule without resending name/spec.
+    const updated = await gr4vy.reports.put(
+      { scheduleEnabled: false },
+      created.id
+    );
+    expect(updated.scheduleEnabled).toBe(false);
+
+    const page = await gr4vy.reports.list({});
+    expect(page).toBeDefined();
+  });
+
+  test("report executions are listable per-report and account-wide", async () => {
+    const created = await gr4vy.reports.create(reportCreate());
+
+    const perReport = await gr4vy.reports.executions.list(created.id);
+    expect(perReport).toBeDefined();
+
+    const accountWide = await gr4vy.reportExecutions.list({});
+    expect(accountWide).toBeDefined();
+  });
+
+  // A freshly created report has no executions yet, so fetching one / generating
+  // a download URL is exercised at the request level against a non-existent
+  // execution id; the API is expected to reject it.
+  test("fetching a missing execution / url is exercised at the request level", async () => {
+    const created = await gr4vy.reports.create(reportCreate());
+    const bogus = "00000000-0000-0000-0000-000000000000";
+
+    await expect(gr4vy.reports.executions.get(bogus)).rejects.toThrow();
+    await expect(
+      gr4vy.reports.executions.url(created.id, bogus)
+    ).rejects.toThrow();
+  });
+});

package/tests/backoffice/three-ds-scenarios.test.ts

@@ -0,0 +1,34 @@
+import { beforeAll, describe, expect, test } from "vitest";
+import { Gr4vy } from "../../src";
+import { ThreeDSecureScenarioCreate } from "../../src/models/components";
+import { setupMerchant } from "../utils/setup";
+
+let gr4vy: Gr4vy;
+
+beforeAll(async () => {
+  ({ client: gr4vy } = await setupMerchant());
+});
+
+const scenario = (): ThreeDSecureScenarioCreate => ({
+  conditions: { amount: 5000 },
+  outcome: { authentication: { transactionStatus: "Y" } },
+});
+
+describe("3DS Scenarios", () => {
+  test("create → list → update (partial) → delete", async () => {
+    const created = await gr4vy.threeDsScenarios.create(scenario());
+    expect(created.id).toBeDefined();
+
+    const page = await gr4vy.threeDsScenarios.list();
+    expect(page).toBeDefined();
+
+    // Partial update: replace only the outcome, leaving the conditions intact.
+    const updated = await gr4vy.threeDsScenarios.update(
+      { outcome: { authentication: { transactionStatus: "N" } } },
+      created.id
+    );
+    expect(updated.id).toBe(created.id);
+
+    await gr4vy.threeDsScenarios.delete(created.id);
+  });
+});

package/tests/flows/buyer-lifecycle.test.ts

@@ -0,0 +1,74 @@
+import { beforeAll, describe, expect, test } from "vitest";
+import { Gr4vy } from "../../src";
+import {
+  address,
+  billingDetails,
+  buyer,
+  cardPaymentMethod,
+  uniqueId,
+} from "../utils/fixtures";
+import { setupMerchant } from "../utils/setup";
+
+let gr4vy: Gr4vy;
+
+beforeAll(async () => {
+  ({ client: gr4vy } = await setupMerchant());
+});
+
+describe("Buyer lifecycle", () => {
+  test("create buyer, store a card against them, transact, and read it back", async () => {
+    // 1. Create a buyer.
+    const created = await gr4vy.buyers.create(buyer({ displayName: "Ada Lovelace" }));
+    expect(created.id).toBeDefined();
+    expect(created.displayName).toBe("Ada Lovelace");
+
+    // 2. Store a card payment method against the buyer.
+    const method = await gr4vy.paymentMethods.create({
+      ...cardPaymentMethod(),
+      buyerId: created.id,
+    });
+    expect(method.id).toBeDefined();
+
+    // 3. The stored method shows up under the buyer's payment methods.
+    const buyerMethods = await gr4vy.buyers.paymentMethods.list({
+      buyerId: created.id,
+    });
+    expect(buyerMethods.items.some((m) => m.id === method.id)).toBe(true);
+
+    // 4. Add shipping details for the buyer.
+    const shipping = await gr4vy.buyers.shippingDetails.create(
+      {
+        firstName: "Ada",
+        lastName: "Lovelace",
+        address: address(),
+      },
+      created.id!
+    );
+    expect(shipping.id).toBeDefined();
+
+    // 5. Charge the stored method, referencing the buyer + shipping details.
+    const transaction = await gr4vy.transactions.create({
+      amount: 1299,
+      currency: "USD",
+      buyerId: created.id,
+      shippingDetailsId: shipping.id,
+      externalIdentifier: uniqueId("txn"),
+      paymentMethod: { method: "id", id: method.id, securityCode: "123" },
+    });
+    expect(transaction.status).toBe("authorization_succeeded");
+
+    // 6. Gift cards list for the buyer is reachable (empty is fine).
+    const giftCards = await gr4vy.buyers.giftCards.list({ buyerId: created.id });
+    expect(Array.isArray(giftCards.items)).toBe(true);
+  });
+
+  test("buyer can be created with billing details and deleted", async () => {
+    const created = await gr4vy.buyers.create(
+      buyer({ billingDetails: billingDetails({ firstName: "Grace" }) })
+    );
+    expect(created.billingDetails?.firstName).toBe("Grace");
+
+    await gr4vy.buyers.delete(created.id!);
+    await expect(() => gr4vy.buyers.get(created.id!)).rejects.toThrow();
+  });
+});