@skyramp/mcp 0.1.2 → 0.1.3

package/build/prompts/test-recommendation/analysisOutputPrompt.js

@@ -79,19 +79,23 @@ For GET list endpoints: identify query params (\`limit\`, \`offset\`, \`order\`,
 ${nextStep}`;
     }
     const changedFiles = p.parsedDiff?.changedFiles.join(", ") ?? "";
-    // Whether the regex pre-detected any API endpoints — used as a hint only.
-    // Step 2 always asks the LLM to extract endpoints from the diff so unknown
-    // frameworks (e.g. Spring class-level @RequestMapping, Django, Rails) are
-    // covered even when the static regex returns nothing.
-    const regexFoundEndpoints = p.parsedDiff && (p.parsedDiff.newEndpoints.length > 0 || p.parsedDiff.modifiedEndpoints.length > 0);
+    // Whether the scanner found API endpoints in any changed file.
+    const preDetectedEndpoints = p.parsedDiff && (p.parsedDiff.newEndpoints.length > 0 || p.parsedDiff.modifiedEndpoints.length > 0 || (p.parsedDiff.removedEndpoints?.length ?? 0) > 0);
     const diffFiles = p.parsedDiff?.changedFiles ?? [];
     const isUIOnly = diffFiles.length > 0 &&
-        !regexFoundEndpoints &&
+        !preDetectedEndpoints &&
         diffFiles.every(f => FRONTEND_EXT.test(f));
     const diffHasJavaFiles = diffFiles.some(f => /\.(java|kt)$/.test(f));
-    const diffSection = p.diffContent
-        ? `\n<diff>\n${p.diffContent}\n</diff>`
-        : "";
+    // Inline small diffs so the LLM sees them without a tool call. Large diffs
+    // stay as a temp file reference to avoid bloating the prompt.
+    const INLINE_DIFF_LIMIT = 12_000; // chars — roughly 300 lines
+    const canInline = p.diffContent && p.diffContent.length <= INLINE_DIFF_LIMIT;
+    const diffFileRef = canInline
+        ? `\n<diff>\n${p.diffContent}\n</diff>\n`
+            + (p.diffFilePath ? `Full diff also available at \`${p.diffFilePath}\`.\n` : "")
+        : p.diffFilePath
+            ? `\n**Full diff file**: \`${p.diffFilePath}\` — **you MUST read this file before proceeding to Step 2.** It contains the complete unified diff for this PR.\n`
+            : "";
     const step2 = isUIOnly
         ? `### Step 2: Identify consumed API endpoints and integration status
 UI-only PR — perform two checks:
@@ -105,26 +109,28 @@ If no production file imports, re-exports, or renders a changed component, mark
 Exception: if the same PR also adds a route/page file (e.g. under Next.js \`pages/\` or \`app/\`) that imports the component, the route IS the integration point — do NOT mark it as unintegrated.
 Do NOT apply the unintegrated heuristic to route/entrypoint files themselves — those are always reachable by convention.
 An unintegrated non-route component has no DOM node in the running app and cannot be browser-tested — it qualifies as a dead-code / unintegrated-component no-surface PR regardless of how complex the component logic is.`
-        : p.diffContent
-            ? `### Step 2: Extract new and modified API endpoints from the diff
-Read the \`<diff>\` above and identify every new or modified API endpoint — route registrations, handler methods, controller annotations. Then use the **Router Mounting / Nesting** section above to reconstruct the full URL path for each endpoint by chaining all parent router prefixes down to the handler (e.g. a handler in a file with \`prefix="/reviews"\` that is mounted at \`/{product_id}\` under a router mounted at \`/api/v1/products\` → full path \`/api/v1/products/{product_id}/reviews\`).
+        : (canInline || p.diffFilePath)
+            ? `### Step 2: Extract new, modified, and removed API endpoints from the diff
+${canInline ? "Read the `<diff>` above" : `Read the diff file at \`${p.diffFilePath}\``} and identify every new or modified API endpoint — route registrations, handler methods, controller annotations. Then use the **Router Mounting / Nesting** section above to reconstruct the full URL path for each endpoint by chaining all parent router prefixes down to the handler (e.g. a handler in a file with \`prefix="/reviews"\` that is mounted at \`/{product_id}\` under a router mounted at \`/api/v1/products\` → full path \`/api/v1/products/{product_id}/reviews\`).
 ${diffHasJavaFiles ? JAVA_SPRING_NOTE : ""}
 For each endpoint found: note the HTTP method, full path, and source file.
-${regexFoundEndpoints ? "The static analysis above pre-detected some endpoints — verify and augment with anything it missed." : "The static analysis did not detect endpoints for this framework — rely on the diff to extract them."}
+${preDetectedEndpoints ? "The endpoint catalog above already lists some changed endpoints — verify and augment with anything it missed." : "No endpoints were pre-detected in the changed files — extract them from the diff."}
+**Also identify removed endpoints**: Look for deleted route annotations (lines starting with \`-\` in the diff) in modified files (files that still exist but had routes deleted). A removed endpoint is a route definition present in the base branch but absent in the current branch. Cross-reference against the scanned endpoint listing below — if a deleted route annotation's endpoint still appears there (e.g. moved to another file), it is NOT removed. Only flag endpoints that are truly gone from the codebase.
 **CRITICAL — Query params vs body:** For GET endpoints (especially search/filter/list),
 identify which parameters are URL query params vs request body. Look at framework-specific
 annotations (FastAPI \`Query()\`, Express \`req.query\`, Spring \`@RequestParam\`, etc.).
 Pass these as \`queryParams\` (not \`requestBody\`) when generating scenarios.`
-            : `### Step 2: Extract new and modified API endpoints from source files
+            : `### Step 2: Extract new, modified, and removed API endpoints from source files
 No diff was available — read the changed source files listed above directly to identify new or modified API endpoints. Use the **Router Mounting / Nesting** section to reconstruct full paths.
 ${diffHasJavaFiles ? JAVA_SPRING_NOTE : ""}
-For each endpoint found: note the HTTP method, full path, and source file.`;
+For each endpoint found: note the HTTP method, full path, and source file.
+Also compare against the endpoint catalog to identify any endpoints that appear in the catalog but are no longer present in the source files — these are removed endpoints.`;
     const criticalPatternStep = `### Step 2.5: Identify critical patterns for test categorization
 Look for these patterns in model/schema/handler files to inform test recommendations:
 - **Unique constraints**: \`@unique\`, \`unique: true\`, unique indexes, \`.refine()\` uniqueness checks, \`UNIQUE\` in SQL migrations
 - **Cascade deletes**: \`ON DELETE CASCADE\`, \`.onDelete("cascade")\`, manual cascade logic in delete handlers
 - **Permission checks**: auth middleware, ownership guards (\`req.user.id === resource.ownerId\`), role-based access control, \`isOwner\` assertions
-- **Breaking changes in diff**: route renames, auth header changes, removed required fields, changed status codes
+- **Breaking changes in diff**: route renames, deleted route definitions (endpoints removed from modified files), auth header changes, removed required fields, changed status codes
 Tag each finding with its category (security_boundary, business_rule, data_integrity, breaking_change) for the recommendation step.`;
     const step3Content = useHealthFlow
         ? `### Step 3: Identify tests at risk of drift
@@ -160,8 +166,7 @@ Call \`skyramp_recommend_tests\` with:
     return `## Your Task — Enrich & Recommend (PR-scoped)
 
 ### Step 1: Read the changed files and diff
-${changedFiles}${diffSection}
-
+${changedFiles}${diffFileRef}
 ${buildPathResolutionTableStep(p)}${step2}
 
 ${criticalPatternStep}
@@ -186,7 +191,7 @@ ${p.routerMountContext.map(f => `- \`${f}\``).join("\n")}`
 **Session ID**: \`${p.sessionId}\`
 **Repository**: \`${p.repositoryPath}\`
 **Analysis Scope**: \`${p.analysisScope}\`
-${isDiffScope ? `**Diff endpoints**: ${(p.parsedDiff?.newEndpoints.length ?? 0) + (p.parsedDiff?.modifiedEndpoints.length ?? 0)}` : `**Pre-scanned endpoints**: ${p.scannedEndpoints.length}`}
+${isDiffScope ? `**Diff endpoints**: ${(p.parsedDiff?.newEndpoints.length ?? 0) + (p.parsedDiff?.modifiedEndpoints.length ?? 0) + (p.parsedDiff?.removedEndpoints?.length ?? 0)}` : `**Pre-scanned endpoints**: ${p.scannedEndpoints.length}`}
 ${routerSection}
 ${enrichment}
 

package/build/prompts/test-recommendation/recommendationSections.js

@@ -48,7 +48,7 @@ Before each GENERATE tool call, confirm WHERE each key value comes from:
 - **requestBody / responseBody fields** → source code schema (Zod, Pydantic, DTO), enriched scenario, or OpenAPI spec. **The generation tool rejects empty \`{}\` request bodies for POST/PUT/PATCH** — read the source schema first if the fields are unknown.
 - **endpointURL** → workspace \`baseUrl\` + endpoint path (both required — never path alone)
 - **authHeader / authScheme** → workspace config or OpenAPI \`securitySchemes\`
-- **FK path params** → chained from a prior step's response \`id\` field — not hardcoded
+- **FK path params** → chained from a prior step's response (check the actual field name — it may be \`id\`, \`uuid\`, \`_id\`, or a resource-specific \`*_id\` field). The chaining source can be a response body (POST or GET), a response header (e.g. \`Location\`), or a cookie — not hardcoded
 - **Names / string values** → realistic; append timestamp suffix to avoid re-run conflicts
 
 ## Ranking Rule

package/build/prompts/test-recommendation/test-recommendation-prompt.js

@@ -35,9 +35,10 @@ function classifyNovelty(scenario, diffContext) {
     const paths = scenario.steps.map(s => s.path);
     const newPaths = new Set((diffContext.newEndpoints || []).map(ep => ep.path));
     const modPaths = new Set((diffContext.modifiedEndpoints || []).map(ep => ep.path));
+    const removedPaths = new Set((diffContext.removedEndpoints || []).map(ep => ep.path));
     if (paths.some(p => newPaths.has(p)))
         return "new";
-    if (paths.some(p => modPaths.has(p)))
+    if (paths.some(p => modPaths.has(p) || removedPaths.has(p)))
         return "modified";
     return "existing";
 }
@@ -530,7 +531,7 @@ function buildExecutionPlan(scored, maxGen, topN, baseUrl, authHeaderValue, auth
                 ? `authHeader: "${authHeaderValue}"${authSchemeSnippet}`
                 : "authHeader: <resolve from workspace or OpenAPI securitySchemes>; authScheme: <if Authorization>";
             const prereqNote = s.category === "new_endpoint"
-                ? `\n**Prerequisite discovery**: Check for FK fields (product_id, user_id, order_id) in the endpoint's request body. If found, prepend a step to create that prerequisite resource first, then chain its \`id\` into the dependent step using template variable syntax.`
+                ? `\n**Prerequisite discovery**: Check for FK fields (product_id, user_id, order_id) in the endpoint's request body. If found, prepend a step to create that prerequisite resource first, then chain its primary key field into the dependent step using template variable syntax. Check the actual field name from the response body (\`id\`, \`uuid\`, \`_id\`, etc.), response header (\`Location\`), or cookie — do not assume \`id\`.`
                 : "";
             const bugLine = s.bugCatchingTarget
                 ? `**Bug to catch**: ${s.bugCatchingTarget}\n`
@@ -703,7 +704,7 @@ export function buildRecommendationPrompt(analysis, analysisScope = AnalysisScop
         ? filteredChangedFiles.some(f => isFrontendFile(f))
         : false;
     const hasApiChanges = isDiffScope && diffContext
-        ? (diffContext.newEndpoints.length > 0 || diffContext.modifiedEndpoints.length > 0)
+        ? (diffContext.newEndpoints.length > 0 || diffContext.modifiedEndpoints.length > 0 || (diffContext.removedEndpoints?.length ?? 0) > 0)
         : false;
     const isUIOnlyPR = hasFrontendChanges && !hasApiChanges;
     const hasTraces = (analysis.artifacts?.traceFiles?.length ?? 0) > 0 ||
@@ -719,9 +720,46 @@ Output should be concise and immediately actionable.`
         : `You are in **Repo mode**. Comprehensive test strategy across all endpoints.`;
     // ── Endpoint listing ──
     const allEndpoints = analysis.apiEndpoints.endpoints;
-    const endpointLines = allEndpoints
-        .flatMap((ep) => (ep.methods ?? []).map((m) => `  ${m.method} ${ep.path}${m.authRequired ? " [auth]" : ""} (${(m.interactions ?? []).length} interactions)`))
-        .join("\n");
+    // In PR mode, identify which endpoints were changed so we can partition the listing.
+    const changedEndpointKeys = new Set();
+    if (isDiffScope && diffContext) {
+        for (const ep of [...(diffContext.newEndpoints || []), ...(diffContext.modifiedEndpoints || []), ...(diffContext.removedEndpoints || [])]) {
+            for (const m of (ep.methods ?? [])) {
+                changedEndpointKeys.add(`${m.method} ${ep.path}`);
+            }
+        }
+    }
+    const fmtEndpoint = (m, ep) => `  ${m.method} ${ep.path}${m.authRequired ? " [auth]" : ""} (${(m.interactions ?? []).length} interactions)`;
+    let endpointLines;
+    if (isDiffScope && changedEndpointKeys.size > 0) {
+        const changedLines = [];
+        const otherLines = [];
+        for (const ep of allEndpoints) {
+            for (const m of (ep.methods ?? [])) {
+                const line = fmtEndpoint(m, ep);
+                if (changedEndpointKeys.has(`${m.method} ${ep.path}`)) {
+                    changedLines.push(line);
+                }
+                else {
+                    otherLines.push(line);
+                }
+            }
+        }
+        // Removed endpoints no longer exist in allEndpoints (current catalog), so they
+        // would be silently absent from changedLines. Append them explicitly with a
+        // [removed] marker so the LLM knows to generate verify-404/deprecation tests.
+        for (const ep of (diffContext?.removedEndpoints || [])) {
+            for (const m of (ep.methods ?? [])) {
+                changedLines.push(`  ${m.method} ${ep.path} [removed]`);
+            }
+        }
+        endpointLines = `**Changed in this PR:**\n${changedLines.join("\n") || "  none"}\n\n**Other endpoints (reference only — do not prioritize for testing):**\n${otherLines.join("\n") || "  none"}`;
+    }
+    else {
+        endpointLines = allEndpoints
+            .flatMap((ep) => (ep.methods ?? []).map((m) => fmtEndpoint(m, ep)))
+            .join("\n");
+    }
     const authMethod = analysis.authentication.method || "unknown";
     const authTypeValue = workspaceAuthType ?? "";
     let authHeaderValue;
@@ -803,9 +841,13 @@ New endpoints:
 ${fmtEps(diffContext.newEndpoints, (m) => `${m.sourceFile}, ${m.interactionCount} interactions`)}
 Modified endpoints:
 ${fmtEps(diffContext.modifiedEndpoints, (m) => `${m.sourceFile}, ${m.changeType}`)}
+Removed endpoints:
+${fmtEps(diffContext.removedEndpoints ?? [], (m) => `${m.sourceFile}, removed`)}
 Affected services: ${diffContext.affectedServices.join(", ") || "N/A"}
 
 Focus on tests that validate these changes and how they interact with existing resources.
+For removed endpoints: verify they now return 404 or the appropriate deprecation status code.
+Allocate your test budget to endpoints listed under "Changed in this PR". Use other endpoints only as setup steps (e.g. creating a resource before testing its deletion).
 `;
     }
     // ── Interactions ──

package/build/prompts/test-recommendation/test-recommendation-prompt.test.js

@@ -886,6 +886,145 @@ describe("buildRecommendationPrompt — Tool Contract Framing", () => {
     });
 });
 // ---------------------------------------------------------------------------
+// Tests — Multi-method endpoint partitioning
+// ---------------------------------------------------------------------------
+describe("buildRecommendationPrompt — multi-method endpoint partitioning", () => {
+    it("classifies all methods of a changed endpoint as changed", () => {
+        // When classifyEndpointsByChangedFiles identifies a file as changed,
+        // all methods from that endpoint's scanned catalog entry are included
+        // with concrete methods (no MULTI sentinels).
+        const analysis = minimalAnalysis({
+            apiEndpoints: {
+                totalCount: 2,
+                baseUrl: "http://localhost:3000",
+                endpoints: [
+                    {
+                        path: "/api/products",
+                        resourceGroup: "products",
+                        pathParams: [],
+                        methods: [
+                            { method: "GET", description: "List products", queryParams: [], authRequired: false, sourceFile: "app/api/products/route.ts", interactions: [] },
+                            { method: "POST", description: "Create product", queryParams: [], authRequired: false, sourceFile: "app/api/products/route.ts", interactions: [] },
+                        ],
+                    },
+                    {
+                        path: "/api/items",
+                        resourceGroup: "items",
+                        pathParams: [],
+                        methods: [
+                            { method: "GET", description: "List items", queryParams: [], authRequired: false, sourceFile: "routes/items.ts", interactions: [] },
+                        ],
+                    },
+                ],
+            },
+            branchDiffContext: {
+                baseBranch: "main",
+                currentBranch: "feature/products",
+                changedFiles: ["app/api/products/route.ts"],
+                newEndpoints: [{
+                        path: "/api/products",
+                        methods: [
+                            { method: "GET", sourceFile: "app/api/products/route.ts", interactionCount: 0 },
+                            { method: "POST", sourceFile: "app/api/products/route.ts", interactionCount: 0 },
+                        ],
+                    }],
+                modifiedEndpoints: [],
+                affectedServices: [],
+            },
+        });
+        const prompt = buildRecommendationPrompt(analysis, AnalysisScope.CurrentBranchDiff, 10);
+        // Both GET and POST for /api/products should be in "Changed in this PR"
+        expect(prompt).toContain("Changed in this PR");
+        expect(prompt).toMatch(/Changed in this PR:[\s\S]*GET \/api\/products/);
+        expect(prompt).toMatch(/Changed in this PR:[\s\S]*POST \/api\/products/);
+        // /api/items should NOT be in changed section
+        expect(prompt).toMatch(/Other endpoints[\s\S]*GET \/api\/items/);
+    });
+    it("handles mix of new and modified endpoints with concrete methods", () => {
+        const analysis = minimalAnalysis({
+            apiEndpoints: {
+                totalCount: 2,
+                baseUrl: "http://localhost:3000",
+                endpoints: [
+                    {
+                        path: "/api/products",
+                        resourceGroup: "products",
+                        pathParams: [],
+                        methods: [
+                            { method: "GET", description: "List", queryParams: [], authRequired: false, sourceFile: "routes.ts", interactions: [] },
+                            { method: "POST", description: "Create", queryParams: [], authRequired: false, sourceFile: "routes.ts", interactions: [] },
+                        ],
+                    },
+                    {
+                        path: "/api/orders",
+                        resourceGroup: "orders",
+                        pathParams: [],
+                        methods: [
+                            { method: "POST", description: "Create order", queryParams: [], authRequired: false, sourceFile: "routes.ts", interactions: [] },
+                        ],
+                    },
+                ],
+            },
+            branchDiffContext: {
+                baseBranch: "main",
+                currentBranch: "feature/mix",
+                changedFiles: ["routes.ts"],
+                newEndpoints: [
+                    { path: "/api/products", methods: [
+                            { method: "GET", sourceFile: "routes.ts", interactionCount: 0 },
+                            { method: "POST", sourceFile: "routes.ts", interactionCount: 0 },
+                        ] },
+                ],
+                modifiedEndpoints: [
+                    { path: "/api/orders", methods: [{ method: "POST", sourceFile: "routes.ts", changeType: "modified" }] },
+                ],
+                affectedServices: [],
+            },
+        });
+        const prompt = buildRecommendationPrompt(analysis, AnalysisScope.CurrentBranchDiff, 10);
+        // Both products and orders should be in changed section
+        expect(prompt).toMatch(/Changed in this PR:[\s\S]*GET \/api\/products/);
+        expect(prompt).toMatch(/Changed in this PR:[\s\S]*POST \/api\/orders/);
+    });
+});
+// ---------------------------------------------------------------------------
+// Tests — Removed endpoint [removed] marker in prompt (Fix 3 verification)
+// ---------------------------------------------------------------------------
+describe("buildRecommendationPrompt — removed endpoint listing", () => {
+    it("appends [removed] marker for removed endpoints not in current catalog", () => {
+        const analysis = minimalAnalysis({
+            apiEndpoints: {
+                totalCount: 1,
+                baseUrl: "http://localhost:3000",
+                endpoints: [{
+                        path: "/api/items",
+                        resourceGroup: "items",
+                        pathParams: [],
+                        methods: [{
+                                method: "GET", description: "List items", queryParams: [],
+                                authRequired: false, sourceFile: "routes.ts", interactions: [],
+                            }],
+                    }],
+            },
+            branchDiffContext: {
+                baseBranch: "main",
+                currentBranch: "feature/remove",
+                changedFiles: ["routes.ts"],
+                newEndpoints: [],
+                modifiedEndpoints: [],
+                removedEndpoints: [{
+                        path: "/api/legacy",
+                        methods: [{ method: "DELETE", sourceFile: "routes.ts", changeType: "removed" }],
+                    }],
+                affectedServices: [],
+            },
+        });
+        const prompt = buildRecommendationPrompt(analysis, AnalysisScope.CurrentBranchDiff, 10);
+        expect(prompt).toContain("DELETE /api/legacy [removed]");
+        expect(prompt).toContain("Changed in this PR");
+    });
+});
+// ---------------------------------------------------------------------------
 // Tests — Long-context best practices: XML tags structure
 // ---------------------------------------------------------------------------
 describe("buildRecommendationPrompt — XML tag structure (long-context best practice)", () => {

package/build/services/TestDiscoveryService.js

@@ -62,10 +62,11 @@ export class TestDiscoveryService {
      * Uses fast-glob for cross-platform file scanning, then classifies discovered files
      * as Skyramp-generated tests, external tests, or not-a-test during processing.
      *
-     * When `options.changedResources` is provided (PR mode), external files are partitioned
-     * by relevance: files whose path/name overlaps with the changed resource names get full
-     * endpoint extraction; low-relevance files are returned as name-only entries (no reads).
-     * This eliminates the old hard cap while keeping state file size bounded.
+     * External test handling depends on `options.changedResources`:
+     * - `string[]` with entries (PR mode, endpoints detected): partition by relevance.
+     * - `[]` empty array (PR mode, scanner found no endpoints): skip external tests entirely
+     *   rather than flooding context with irrelevant files.
+     * - `undefined` (full-repo mode, no diff): cap at MAX_EXTERNAL_FULL_REPO.
      */
     async discoverTests(repositoryPath, options = {}) {
         logger.info(`Starting test discovery in: ${repositoryPath}`);
@@ -86,23 +87,37 @@ export class TestDiscoveryService {
         skyrampTests.forEach(t => { t.source = TestSource.Skyramp; });
         // Partition external tests into relevant (full extraction) and low-relevance (name-only).
         //
-        // PR mode (changedResources provided):
+        // PR mode + endpoints detected (changedResources is non-empty array):
         //   Files whose path/name token-overlaps with the changed resource names are "relevant".
         //   Only they get full endpoint extraction. Low-relevance files get name-only entries.
         //   No hard cap — the relevance filter naturally bounds the read set to PR scope.
+        //   The sentinel ["unknown"] falls into this branch — most files score 0 (low-relevance)
+        //   and get name-only entries, so external coverage is preserved without context flood.
         //
-        // Full-repo mode (no changedResources):
+        // PR mode + truly no endpoints (changedResources is empty array []):
+        //   Diff contained no endpoints at all (new, modified, or removed) — skip external
+        //   tests entirely rather than flooding the prompt with hundreds of irrelevant files.
+        //
+        // Full-repo mode (changedResources is undefined):
         //   No diff context — all external files treated as potentially relevant.
         //   Cap at MAX_EXTERNAL_FULL_REPO to avoid reading hundreds of files.
         const { changedResources } = options;
         let relevantExternal;
         let otherExternal;
         if (changedResources?.length) {
+            // PR mode with detected endpoints — partition by relevance
             ({ relevant: relevantExternal, other: otherExternal } =
                 this.partitionByRelevance(classified.external, changedResources));
         }
+        else if (changedResources !== undefined) {
+            // PR mode with an explicit empty endpoint list from diff parsing — don't flood
+            // context with irrelevant external tests. The LLM will work from Skyramp tests
+            // and scanned endpoints only.
+            relevantExternal = [];
+            otherExternal = [];
+        }
         else {
-            // Full-repo mode: cap full-extraction set, remaining become name-only
+            // Full-repo mode (no diff context): cap full-extraction set, remaining become name-only
             relevantExternal = classified.external.slice(0, this.MAX_EXTERNAL_FULL_REPO);
             otherExternal = classified.external.slice(this.MAX_EXTERNAL_FULL_REPO);
         }

package/build/services/TestDiscoveryService.test.js

@@ -348,6 +348,50 @@ describe("TestDiscoveryService", () => {
             const withEndpoints = externalTests.filter(t => t.apiEndpoint !== "");
             expect(withEndpoints.length).toBe(12);
         });
+        it("returns zero external tests when changedResources is empty array (PR mode, no endpoints)", async () => {
+            // Simulate PR mode where a parsed diff produced no detected endpoints:
+            // newEndpoints=[], modifiedEndpoints=[], and removedEndpoints=[] → changedResources = []
+            writeFile("test_orders_api.py", 'import requests\nrequests.get("/api/orders")');
+            writeFile("test_products_api.py", 'import requests\nrequests.get("/api/products")');
+            const result = await service.discoverTests(tmpDir, { changedResources: [] });
+            const externalTests = result.tests.filter(t => t.source === TestSource.External);
+            // Empty changedResources = PR mode with no detected endpoints → zero external tests
+            expect(externalTests.length).toBe(0);
+            expect(result.relevantExternalTestPaths.length).toBe(0);
+        });
+        it("still returns external tests in full-repo mode (changedResources undefined)", async () => {
+            // Full-repo mode: changedResources not provided → should use capped full-repo behavior
+            writeFile("test_orders_api.py", 'import requests\nrequests.get("/api/orders")');
+            writeFile("test_products_api.py", 'import requests\nrequests.get("/api/products")');
+            const result = await service.discoverTests(tmpDir); // no options → undefined
+            const externalTests = result.tests.filter(t => t.source === TestSource.External);
+            expect(externalTests.length).toBe(2);
+            expect(result.relevantExternalTestPaths.length).toBe(2);
+        });
+        it("Skyramp tests are unaffected by empty changedResources", async () => {
+            writeFile("tests/test_orders_smoke.py", '# Generated by Skyramp\nskyramp generate smoke rest');
+            writeFile("test_external.py", 'import pytest\ndef test(): pass');
+            const result = await service.discoverTests(tmpDir, { changedResources: [] });
+            const skyrampTests = result.tests.filter(t => t.source === TestSource.Skyramp);
+            const externalTests = result.tests.filter(t => t.source === TestSource.External);
+            // Skyramp tests always discovered regardless of changedResources
+            expect(skyrampTests.length).toBe(1);
+            // External tests suppressed in PR-mode-no-endpoints
+            expect(externalTests.length).toBe(0);
+        });
+        it("returns external tests as name-only with ['unknown'] sentinel (unresolvable resources)", async () => {
+            // When diff endpoints exist but all paths resolve to "unknown" (e.g. decorator-relative
+            // paths like "/{order_id}"), changedResources = ["unknown"]. External tests should be
+            // discovered (not skipped) but scored as low-relevance since "unknown" won't match filenames.
+            writeFile("test_orders_api.py", 'import requests\nrequests.get("/api/orders")');
+            writeFile("test_products_api.py", 'import requests\nrequests.get("/api/products")');
+            const result = await service.discoverTests(tmpDir, { changedResources: ["unknown"] });
+            const externalTests = result.tests.filter(t => t.source === TestSource.External);
+            // External tests discovered (not skipped like empty array)
+            expect(externalTests.length).toBe(2);
+            // But all are low-relevance (name-only) since "unknown" doesn't match any filename tokens
+            expect(result.relevantExternalTestPaths.length).toBe(0);
+        });
         it("low-relevance files have empty apiEndpoint and empty framework in PR mode", async () => {
             writeFile("test_orders_api.py", 'import requests\nrequests.get("/api/orders")');
             writeFile("test_products_api.py", 'import requests\nrequests.get("/api/products")');