bonecode 1.0.0 → 1.1.0

package/bone/output/agent/src/tests.ts

@@ -1,362 +1,362 @@
-// Generated by BoneScript compiler. DO NOT EDIT.
-// Regression tests derived from capability declarations.
-// Run: npx ts-node src/tests.ts
-
-import * as http from "http";
-
-const BASE_URL = process.env.TEST_BASE_URL || "http://localhost:3000";
-const AUTH_TOKEN = process.env.TEST_AUTH_TOKEN || "";
-
-let passed = 0;
-let failed = 0;
-
-async function request(method: string, path: string, body?: any): Promise<{ status: number; data: any }> {
-  const url = new URL(path, BASE_URL);
-  const res = await fetch(url.toString(), {
-    method,
-    headers: {
-      "Content-Type": "application/json",
-      ...(AUTH_TOKEN ? { "Authorization": `Bearer ${AUTH_TOKEN}` } : {}),
-    },
-    body: body ? JSON.stringify(body) : undefined,
-  });
-  const data = await res.json().catch(() => ({}));
-  return { status: res.status, data };
-}
-
-async function test(name: string, fn: () => Promise<void>): Promise<void> {
-  try {
-    await fn();
-    console.log(`  ✓ ${name}`);
-    passed++;
-  } catch (e: any) {
-    console.log(`  ✗ ${name}: ${e.message}`);
-    failed++;
-  }
-}
-
-function assert(condition: boolean, message: string): void {
-  if (!condition) throw new Error(message);
-}
-
-(async () => {
-// ─── AgentInstanceService Tests ─────────────────────────────────────────────────────
-
-console.log("\nAgentInstanceService — CRUD");
-
-let __agent_instance_id: string;
-
-await test("POST /agent_instances — creates entity", async () => {
-  const { status, data } = await request("POST", "/agent_instances", {"session_id":"00000000-0000-0000-0000-000000000001","model_id":"test_value","provider_id":"test_value","system_prompt":null,"temperature":null,"max_tokens":null,"context_window_used":1,"context_window_max":1,"total_cost_usd":1,"total_tokens_in":1,"total_tokens_out":1,"config":{}});
-  assert(status === 201, `Expected 201, got ${status}: ${JSON.stringify(data)}`);
-  assert(data.id, "Response must have id");
-  __agent_instance_id = data.id;
-});
-
-await test("GET /agent_instances/:id — reads entity", async () => {
-  const { status, data } = await request("GET", `/agent_instances/${__agent_instance_id}`);
-  assert(status === 200, `Expected 200, got ${status}`);
-  assert(data.id === __agent_instance_id, "ID must match");
-});
-
-await test("GET /agent_instances — lists entities", async () => {
-  const { status, data } = await request("GET", "/agent_instances");
-  assert(status === 200, `Expected 200, got ${status}`);
-  assert(Array.isArray(data.items), "Response must have items array");
-  assert(typeof data.total === "number", "Response must have total");
-});
-
-await test("GET /agent_instances — rejects unauthenticated", async () => {
-  const res = await fetch(`${BASE_URL}/agent_instances`);
-  assert(res.status === 401, `Expected 401, got ${res.status}`);
-});
-
-await test("POST /agent_instances/complete-agent — capability executes", async () => {
-  const { status, data } = await request("POST", "/agent_instances/complete-agent", {
-    agent_instance_id: __agent_instance_id,
-  });
-  // Capability may return 200 (success) or 422 (precondition failed) — both are valid
-  assert([200, 422].includes(status), `Expected 200 or 422, got ${status}: ${JSON.stringify(data)}`);
-});
-
-await test("POST /agent_instances/complete-agent — returns 401 without auth", async () => {
-  const res = await fetch(`${BASE_URL}/agent_instances/complete-agent`, { method: "POST" });
-  assert(res.status === 401, `Expected 401, got ${res.status}`);
-});
-
-await test("POST /agent_instances/fail-agent — capability executes", async () => {
-  const { status, data } = await request("POST", "/agent_instances/fail-agent", {
-    agent_instance_id: __agent_instance_id,
-  });
-  // Capability may return 200 (success) or 422 (precondition failed) — both are valid
-  assert([200, 422].includes(status), `Expected 200 or 422, got ${status}: ${JSON.stringify(data)}`);
-});
-
-await test("POST /agent_instances/fail-agent — returns 401 without auth", async () => {
-  const res = await fetch(`${BASE_URL}/agent_instances/fail-agent`, { method: "POST" });
-  assert(res.status === 401, `Expected 401, got ${res.status}`);
-});
-
-await test("POST /agent_instances/request-tool-call — capability executes", async () => {
-  const { status, data } = await request("POST", "/agent_instances/request-tool-call", {
-    agent_instance_id: __agent_instance_id,
-  });
-  // Capability may return 200 (success) or 422 (precondition failed) — both are valid
-  assert([200, 422].includes(status), `Expected 200 or 422, got ${status}: ${JSON.stringify(data)}`);
-});
-
-await test("POST /agent_instances/request-tool-call — returns 401 without auth", async () => {
-  const res = await fetch(`${BASE_URL}/agent_instances/request-tool-call`, { method: "POST" });
-  assert(res.status === 401, `Expected 401, got ${res.status}`);
-});
-
-// State machine: AgentInstance
-await test("PUT /agent_instances/:id — rejects invalid state transition", async () => {
-  const { status, data } = await request("PUT", `/agent_instances/${__agent_instance_id}`, {
-    state: "__invalid_state__",
-  });
-  assert(status === 422, `Expected 422 for invalid transition, got ${status}`);
-  assert(data.error?.code === "INVALID_TRANSITION", "Error code must be INVALID_TRANSITION");
-});
-
-await test("DELETE /agent_instances/:id — deletes entity", async () => {
-  const { status } = await request("DELETE", `/agent_instances/${__agent_instance_id}`);
-  assert(status === 204, `Expected 204, got ${status}`);
-});
-
-await test("GET /agent_instances/:id — returns 404 after delete", async () => {
-  const { status } = await request("GET", `/agent_instances/${__agent_instance_id}`);
-  assert(status === 404, `Expected 404, got ${status}`);
-});
-
-// ─── TaskService Tests ─────────────────────────────────────────────────────
-
-console.log("\nTaskService — CRUD");
-
-let __task_id: string;
-
-await test("POST /tasks — creates entity", async () => {
-  const { status, data } = await request("POST", "/tasks", {"agent_id":"00000000-0000-0000-0000-000000000001","session_id":"00000000-0000-0000-0000-000000000001","description":"test_value","priority":1,"result":null,"error":null});
-  assert(status === 201, `Expected 201, got ${status}: ${JSON.stringify(data)}`);
-  assert(data.id, "Response must have id");
-  __task_id = data.id;
-});
-
-await test("GET /tasks/:id — reads entity", async () => {
-  const { status, data } = await request("GET", `/tasks/${__task_id}`);
-  assert(status === 200, `Expected 200, got ${status}`);
-  assert(data.id === __task_id, "ID must match");
-});
-
-await test("GET /tasks — lists entities", async () => {
-  const { status, data } = await request("GET", "/tasks");
-  assert(status === 200, `Expected 200, got ${status}`);
-  assert(Array.isArray(data.items), "Response must have items array");
-  assert(typeof data.total === "number", "Response must have total");
-});
-
-await test("GET /tasks — rejects unauthenticated", async () => {
-  const res = await fetch(`${BASE_URL}/tasks`);
-  assert(res.status === 401, `Expected 401, got ${res.status}`);
-});
-
-// State machine: Task
-await test("PUT /tasks/:id — rejects invalid state transition", async () => {
-  const { status, data } = await request("PUT", `/tasks/${__task_id}`, {
-    state: "__invalid_state__",
-  });
-  assert(status === 422, `Expected 422 for invalid transition, got ${status}`);
-  assert(data.error?.code === "INVALID_TRANSITION", "Error code must be INVALID_TRANSITION");
-});
-
-await test("DELETE /tasks/:id — deletes entity", async () => {
-  const { status } = await request("DELETE", `/tasks/${__task_id}`);
-  assert(status === 204, `Expected 204, got ${status}`);
-});
-
-await test("GET /tasks/:id — returns 404 after delete", async () => {
-  const { status } = await request("GET", `/tasks/${__task_id}`);
-  assert(status === 404, `Expected 404, got ${status}`);
-});
-
-// ─── PlanService Tests ─────────────────────────────────────────────────────
-
-console.log("\nPlanService — CRUD");
-
-let __plan_id: string;
-
-await test("POST /plans — creates entity", async () => {
-  const { status, data } = await request("POST", "/plans", {"session_id":"00000000-0000-0000-0000-000000000001","agent_id":"00000000-0000-0000-0000-000000000001","task_id":"00000000-0000-0000-0000-000000000001","steps":{},"rationale":null,"estimated_tokens":null});
-  assert(status === 201, `Expected 201, got ${status}: ${JSON.stringify(data)}`);
-  assert(data.id, "Response must have id");
-  __plan_id = data.id;
-});
-
-await test("GET /plans/:id — reads entity", async () => {
-  const { status, data } = await request("GET", `/plans/${__plan_id}`);
-  assert(status === 200, `Expected 200, got ${status}`);
-  assert(data.id === __plan_id, "ID must match");
-});
-
-await test("GET /plans — lists entities", async () => {
-  const { status, data } = await request("GET", "/plans");
-  assert(status === 200, `Expected 200, got ${status}`);
-  assert(Array.isArray(data.items), "Response must have items array");
-  assert(typeof data.total === "number", "Response must have total");
-});
-
-await test("GET /plans — rejects unauthenticated", async () => {
-  const res = await fetch(`${BASE_URL}/plans`);
-  assert(res.status === 401, `Expected 401, got ${res.status}`);
-});
-
-// State machine: Plan
-await test("PUT /plans/:id — rejects invalid state transition", async () => {
-  const { status, data } = await request("PUT", `/plans/${__plan_id}`, {
-    state: "__invalid_state__",
-  });
-  assert(status === 422, `Expected 422 for invalid transition, got ${status}`);
-  assert(data.error?.code === "INVALID_TRANSITION", "Error code must be INVALID_TRANSITION");
-});
-
-await test("DELETE /plans/:id — deletes entity", async () => {
-  const { status } = await request("DELETE", `/plans/${__plan_id}`);
-  assert(status === 204, `Expected 204, got ${status}`);
-});
-
-await test("GET /plans/:id — returns 404 after delete", async () => {
-  const { status } = await request("GET", `/plans/${__plan_id}`);
-  assert(status === 404, `Expected 404, got ${status}`);
-});
-
-// ─── BuildStepService Tests ─────────────────────────────────────────────────────
-
-console.log("\nBuildStepService — CRUD");
-
-let __build_step_id: string;
-
-await test("POST /build_steps — creates entity", async () => {
-  const { status, data } = await request("POST", "/build_steps", {"task_id":"00000000-0000-0000-0000-000000000001","agent_id":"00000000-0000-0000-0000-000000000001","session_id":"00000000-0000-0000-0000-000000000001","step_type":"test_value","description":"test_value","file_path":null,"diff":null,"result":null,"error":null,"order_index":1});
-  assert(status === 201, `Expected 201, got ${status}: ${JSON.stringify(data)}`);
-  assert(data.id, "Response must have id");
-  __build_step_id = data.id;
-});
-
-await test("GET /build_steps/:id — reads entity", async () => {
-  const { status, data } = await request("GET", `/build_steps/${__build_step_id}`);
-  assert(status === 200, `Expected 200, got ${status}`);
-  assert(data.id === __build_step_id, "ID must match");
-});
-
-await test("GET /build_steps — lists entities", async () => {
-  const { status, data } = await request("GET", "/build_steps");
-  assert(status === 200, `Expected 200, got ${status}`);
-  assert(Array.isArray(data.items), "Response must have items array");
-  assert(typeof data.total === "number", "Response must have total");
-});
-
-await test("GET /build_steps — rejects unauthenticated", async () => {
-  const res = await fetch(`${BASE_URL}/build_steps`);
-  assert(res.status === 401, `Expected 401, got ${res.status}`);
-});
-
-// State machine: BuildStep
-await test("PUT /build_steps/:id — rejects invalid state transition", async () => {
-  const { status, data } = await request("PUT", `/build_steps/${__build_step_id}`, {
-    state: "__invalid_state__",
-  });
-  assert(status === 422, `Expected 422 for invalid transition, got ${status}`);
-  assert(data.error?.code === "INVALID_TRANSITION", "Error code must be INVALID_TRANSITION");
-});
-
-await test("DELETE /build_steps/:id — deletes entity", async () => {
-  const { status } = await request("DELETE", `/build_steps/${__build_step_id}`);
-  assert(status === 204, `Expected 204, got ${status}`);
-});
-
-await test("GET /build_steps/:id — returns 404 after delete", async () => {
-  const { status } = await request("GET", `/build_steps/${__build_step_id}`);
-  assert(status === 404, `Expected 404, got ${status}`);
-});
-
-// ─── ToolCallService Tests ─────────────────────────────────────────────────────
-
-console.log("\nToolCallService — CRUD");
-
-let __tool_call_id: string;
-
-await test("POST /tool_calls — creates entity", async () => {
-  const { status, data } = await request("POST", "/tool_calls", {"session_id":"00000000-0000-0000-0000-000000000001","agent_id":"00000000-0000-0000-0000-000000000001","build_step_id":null,"tool_name":"test_value","tool_input":{},"tool_output":null,"error":null,"duration_ms":null,"permission_decision":null});
-  assert(status === 201, `Expected 201, got ${status}: ${JSON.stringify(data)}`);
-  assert(data.id, "Response must have id");
-  __tool_call_id = data.id;
-});
-
-await test("GET /tool_calls/:id — reads entity", async () => {
-  const { status, data } = await request("GET", `/tool_calls/${__tool_call_id}`);
-  assert(status === 200, `Expected 200, got ${status}`);
-  assert(data.id === __tool_call_id, "ID must match");
-});
-
-await test("GET /tool_calls — lists entities", async () => {
-  const { status, data } = await request("GET", "/tool_calls");
-  assert(status === 200, `Expected 200, got ${status}`);
-  assert(Array.isArray(data.items), "Response must have items array");
-  assert(typeof data.total === "number", "Response must have total");
-});
-
-await test("GET /tool_calls — rejects unauthenticated", async () => {
-  const res = await fetch(`${BASE_URL}/tool_calls`);
-  assert(res.status === 401, `Expected 401, got ${res.status}`);
-});
-
-await test("POST /tool_calls/complete-tool-call — capability executes", async () => {
-  const { status, data } = await request("POST", "/tool_calls/complete-tool-call", {
-    tool_call_id: __tool_call_id,
-  });
-  // Capability may return 200 (success) or 422 (precondition failed) — both are valid
-  assert([200, 422].includes(status), `Expected 200 or 422, got ${status}: ${JSON.stringify(data)}`);
-});
-
-await test("POST /tool_calls/complete-tool-call — returns 401 without auth", async () => {
-  const res = await fetch(`${BASE_URL}/tool_calls/complete-tool-call`, { method: "POST" });
-  assert(res.status === 401, `Expected 401, got ${res.status}`);
-});
-
-await test("POST /tool_calls/deny-tool-call — capability executes", async () => {
-  const { status, data } = await request("POST", "/tool_calls/deny-tool-call", {
-    tool_call_id: __tool_call_id,
-  });
-  // Capability may return 200 (success) or 422 (precondition failed) — both are valid
-  assert([200, 422].includes(status), `Expected 200 or 422, got ${status}: ${JSON.stringify(data)}`);
-});
-
-await test("POST /tool_calls/deny-tool-call — returns 401 without auth", async () => {
-  const res = await fetch(`${BASE_URL}/tool_calls/deny-tool-call`, { method: "POST" });
-  assert(res.status === 401, `Expected 401, got ${res.status}`);
-});
-
-// State machine: ToolCall
-await test("PUT /tool_calls/:id — rejects invalid state transition", async () => {
-  const { status, data } = await request("PUT", `/tool_calls/${__tool_call_id}`, {
-    state: "__invalid_state__",
-  });
-  assert(status === 422, `Expected 422 for invalid transition, got ${status}`);
-  assert(data.error?.code === "INVALID_TRANSITION", "Error code must be INVALID_TRANSITION");
-});
-
-await test("DELETE /tool_calls/:id — deletes entity", async () => {
-  const { status } = await request("DELETE", `/tool_calls/${__tool_call_id}`);
-  assert(status === 204, `Expected 204, got ${status}`);
-});
-
-await test("GET /tool_calls/:id — returns 404 after delete", async () => {
-  const { status } = await request("GET", `/tool_calls/${__tool_call_id}`);
-  assert(status === 404, `Expected 404, got ${status}`);
-});
-
-console.log(`\n════════════════════════════════════════`);
-console.log(`Results: ${passed} passed, ${failed} failed`);
-console.log("═".repeat(40));
-if (failed > 0) process.exit(1);
+// Generated by BoneScript compiler. DO NOT EDIT.
+// Regression tests derived from capability declarations.
+// Run: npx ts-node src/tests.ts
+
+import * as http from "http";
+
+const BASE_URL = process.env.TEST_BASE_URL || "http://localhost:3000";
+const AUTH_TOKEN = process.env.TEST_AUTH_TOKEN || "";
+
+let passed = 0;
+let failed = 0;
+
+async function request(method: string, path: string, body?: any): Promise<{ status: number; data: any }> {
+  const url = new URL(path, BASE_URL);
+  const res = await fetch(url.toString(), {
+    method,
+    headers: {
+      "Content-Type": "application/json",
+      ...(AUTH_TOKEN ? { "Authorization": `Bearer ${AUTH_TOKEN}` } : {}),
+    },
+    body: body ? JSON.stringify(body) : undefined,
+  });
+  const data = await res.json().catch(() => ({}));
+  return { status: res.status, data };
+}
+
+async function test(name: string, fn: () => Promise<void>): Promise<void> {
+  try {
+    await fn();
+    console.log(`  ✓ ${name}`);
+    passed++;
+  } catch (e: any) {
+    console.log(`  ✗ ${name}: ${e.message}`);
+    failed++;
+  }
+}
+
+function assert(condition: boolean, message: string): void {
+  if (!condition) throw new Error(message);
+}
+
+(async () => {
+// ─── AgentInstanceService Tests ─────────────────────────────────────────────────────
+
+console.log("\nAgentInstanceService — CRUD");
+
+let __agent_instance_id: string;
+
+await test("POST /agent_instances — creates entity", async () => {
+  const { status, data } = await request("POST", "/agent_instances", {"session_id":"00000000-0000-0000-0000-000000000001","model_id":"test_value","provider_id":"test_value","system_prompt":null,"temperature":null,"max_tokens":null,"context_window_used":1,"context_window_max":1,"total_cost_usd":1,"total_tokens_in":1,"total_tokens_out":1,"config":{}});
+  assert(status === 201, `Expected 201, got ${status}: ${JSON.stringify(data)}`);
+  assert(data.id, "Response must have id");
+  __agent_instance_id = data.id;
+});
+
+await test("GET /agent_instances/:id — reads entity", async () => {
+  const { status, data } = await request("GET", `/agent_instances/${__agent_instance_id}`);
+  assert(status === 200, `Expected 200, got ${status}`);
+  assert(data.id === __agent_instance_id, "ID must match");
+});
+
+await test("GET /agent_instances — lists entities", async () => {
+  const { status, data } = await request("GET", "/agent_instances");
+  assert(status === 200, `Expected 200, got ${status}`);
+  assert(Array.isArray(data.items), "Response must have items array");
+  assert(typeof data.total === "number", "Response must have total");
+});
+
+await test("GET /agent_instances — rejects unauthenticated", async () => {
+  const res = await fetch(`${BASE_URL}/agent_instances`);
+  assert(res.status === 401, `Expected 401, got ${res.status}`);
+});
+
+await test("POST /agent_instances/complete-agent — capability executes", async () => {
+  const { status, data } = await request("POST", "/agent_instances/complete-agent", {
+    agent_instance_id: __agent_instance_id,
+  });
+  // Capability may return 200 (success) or 422 (precondition failed) — both are valid
+  assert([200, 422].includes(status), `Expected 200 or 422, got ${status}: ${JSON.stringify(data)}`);
+});
+
+await test("POST /agent_instances/complete-agent — returns 401 without auth", async () => {
+  const res = await fetch(`${BASE_URL}/agent_instances/complete-agent`, { method: "POST" });
+  assert(res.status === 401, `Expected 401, got ${res.status}`);
+});
+
+await test("POST /agent_instances/fail-agent — capability executes", async () => {
+  const { status, data } = await request("POST", "/agent_instances/fail-agent", {
+    agent_instance_id: __agent_instance_id,
+  });
+  // Capability may return 200 (success) or 422 (precondition failed) — both are valid
+  assert([200, 422].includes(status), `Expected 200 or 422, got ${status}: ${JSON.stringify(data)}`);
+});
+
+await test("POST /agent_instances/fail-agent — returns 401 without auth", async () => {
+  const res = await fetch(`${BASE_URL}/agent_instances/fail-agent`, { method: "POST" });
+  assert(res.status === 401, `Expected 401, got ${res.status}`);
+});
+
+await test("POST /agent_instances/request-tool-call — capability executes", async () => {
+  const { status, data } = await request("POST", "/agent_instances/request-tool-call", {
+    agent_instance_id: __agent_instance_id,
+  });
+  // Capability may return 200 (success) or 422 (precondition failed) — both are valid
+  assert([200, 422].includes(status), `Expected 200 or 422, got ${status}: ${JSON.stringify(data)}`);
+});
+
+await test("POST /agent_instances/request-tool-call — returns 401 without auth", async () => {
+  const res = await fetch(`${BASE_URL}/agent_instances/request-tool-call`, { method: "POST" });
+  assert(res.status === 401, `Expected 401, got ${res.status}`);
+});
+
+// State machine: AgentInstance
+await test("PUT /agent_instances/:id — rejects invalid state transition", async () => {
+  const { status, data } = await request("PUT", `/agent_instances/${__agent_instance_id}`, {
+    state: "__invalid_state__",
+  });
+  assert(status === 422, `Expected 422 for invalid transition, got ${status}`);
+  assert(data.error?.code === "INVALID_TRANSITION", "Error code must be INVALID_TRANSITION");
+});
+
+await test("DELETE /agent_instances/:id — deletes entity", async () => {
+  const { status } = await request("DELETE", `/agent_instances/${__agent_instance_id}`);
+  assert(status === 204, `Expected 204, got ${status}`);
+});
+
+await test("GET /agent_instances/:id — returns 404 after delete", async () => {
+  const { status } = await request("GET", `/agent_instances/${__agent_instance_id}`);
+  assert(status === 404, `Expected 404, got ${status}`);
+});
+
+// ─── TaskService Tests ─────────────────────────────────────────────────────
+
+console.log("\nTaskService — CRUD");
+
+let __task_id: string;
+
+await test("POST /tasks — creates entity", async () => {
+  const { status, data } = await request("POST", "/tasks", {"agent_id":"00000000-0000-0000-0000-000000000001","session_id":"00000000-0000-0000-0000-000000000001","description":"test_value","priority":1,"result":null,"error":null});
+  assert(status === 201, `Expected 201, got ${status}: ${JSON.stringify(data)}`);
+  assert(data.id, "Response must have id");
+  __task_id = data.id;
+});
+
+await test("GET /tasks/:id — reads entity", async () => {
+  const { status, data } = await request("GET", `/tasks/${__task_id}`);
+  assert(status === 200, `Expected 200, got ${status}`);
+  assert(data.id === __task_id, "ID must match");
+});
+
+await test("GET /tasks — lists entities", async () => {
+  const { status, data } = await request("GET", "/tasks");
+  assert(status === 200, `Expected 200, got ${status}`);
+  assert(Array.isArray(data.items), "Response must have items array");
+  assert(typeof data.total === "number", "Response must have total");
+});
+
+await test("GET /tasks — rejects unauthenticated", async () => {
+  const res = await fetch(`${BASE_URL}/tasks`);
+  assert(res.status === 401, `Expected 401, got ${res.status}`);
+});
+
+// State machine: Task
+await test("PUT /tasks/:id — rejects invalid state transition", async () => {
+  const { status, data } = await request("PUT", `/tasks/${__task_id}`, {
+    state: "__invalid_state__",
+  });
+  assert(status === 422, `Expected 422 for invalid transition, got ${status}`);
+  assert(data.error?.code === "INVALID_TRANSITION", "Error code must be INVALID_TRANSITION");
+});
+
+await test("DELETE /tasks/:id — deletes entity", async () => {
+  const { status } = await request("DELETE", `/tasks/${__task_id}`);
+  assert(status === 204, `Expected 204, got ${status}`);
+});
+
+await test("GET /tasks/:id — returns 404 after delete", async () => {
+  const { status } = await request("GET", `/tasks/${__task_id}`);
+  assert(status === 404, `Expected 404, got ${status}`);
+});
+
+// ─── PlanService Tests ─────────────────────────────────────────────────────
+
+console.log("\nPlanService — CRUD");
+
+let __plan_id: string;
+
+await test("POST /plans — creates entity", async () => {
+  const { status, data } = await request("POST", "/plans", {"session_id":"00000000-0000-0000-0000-000000000001","agent_id":"00000000-0000-0000-0000-000000000001","task_id":"00000000-0000-0000-0000-000000000001","steps":{},"rationale":null,"estimated_tokens":null});
+  assert(status === 201, `Expected 201, got ${status}: ${JSON.stringify(data)}`);
+  assert(data.id, "Response must have id");
+  __plan_id = data.id;
+});
+
+await test("GET /plans/:id — reads entity", async () => {
+  const { status, data } = await request("GET", `/plans/${__plan_id}`);
+  assert(status === 200, `Expected 200, got ${status}`);
+  assert(data.id === __plan_id, "ID must match");
+});
+
+await test("GET /plans — lists entities", async () => {
+  const { status, data } = await request("GET", "/plans");
+  assert(status === 200, `Expected 200, got ${status}`);
+  assert(Array.isArray(data.items), "Response must have items array");
+  assert(typeof data.total === "number", "Response must have total");
+});
+
+await test("GET /plans — rejects unauthenticated", async () => {
+  const res = await fetch(`${BASE_URL}/plans`);
+  assert(res.status === 401, `Expected 401, got ${res.status}`);
+});
+
+// State machine: Plan
+await test("PUT /plans/:id — rejects invalid state transition", async () => {
+  const { status, data } = await request("PUT", `/plans/${__plan_id}`, {
+    state: "__invalid_state__",
+  });
+  assert(status === 422, `Expected 422 for invalid transition, got ${status}`);
+  assert(data.error?.code === "INVALID_TRANSITION", "Error code must be INVALID_TRANSITION");
+});
+
+await test("DELETE /plans/:id — deletes entity", async () => {
+  const { status } = await request("DELETE", `/plans/${__plan_id}`);
+  assert(status === 204, `Expected 204, got ${status}`);
+});
+
+await test("GET /plans/:id — returns 404 after delete", async () => {
+  const { status } = await request("GET", `/plans/${__plan_id}`);
+  assert(status === 404, `Expected 404, got ${status}`);
+});
+
+// ─── BuildStepService Tests ─────────────────────────────────────────────────────
+
+console.log("\nBuildStepService — CRUD");
+
+let __build_step_id: string;
+
+await test("POST /build_steps — creates entity", async () => {
+  const { status, data } = await request("POST", "/build_steps", {"task_id":"00000000-0000-0000-0000-000000000001","agent_id":"00000000-0000-0000-0000-000000000001","session_id":"00000000-0000-0000-0000-000000000001","step_type":"test_value","description":"test_value","file_path":null,"diff":null,"result":null,"error":null,"order_index":1});
+  assert(status === 201, `Expected 201, got ${status}: ${JSON.stringify(data)}`);
+  assert(data.id, "Response must have id");
+  __build_step_id = data.id;
+});
+
+await test("GET /build_steps/:id — reads entity", async () => {
+  const { status, data } = await request("GET", `/build_steps/${__build_step_id}`);
+  assert(status === 200, `Expected 200, got ${status}`);
+  assert(data.id === __build_step_id, "ID must match");
+});
+
+await test("GET /build_steps — lists entities", async () => {
+  const { status, data } = await request("GET", "/build_steps");
+  assert(status === 200, `Expected 200, got ${status}`);
+  assert(Array.isArray(data.items), "Response must have items array");
+  assert(typeof data.total === "number", "Response must have total");
+});
+
+await test("GET /build_steps — rejects unauthenticated", async () => {
+  const res = await fetch(`${BASE_URL}/build_steps`);
+  assert(res.status === 401, `Expected 401, got ${res.status}`);
+});
+
+// State machine: BuildStep
+await test("PUT /build_steps/:id — rejects invalid state transition", async () => {
+  const { status, data } = await request("PUT", `/build_steps/${__build_step_id}`, {
+    state: "__invalid_state__",
+  });
+  assert(status === 422, `Expected 422 for invalid transition, got ${status}`);
+  assert(data.error?.code === "INVALID_TRANSITION", "Error code must be INVALID_TRANSITION");
+});
+
+await test("DELETE /build_steps/:id — deletes entity", async () => {
+  const { status } = await request("DELETE", `/build_steps/${__build_step_id}`);
+  assert(status === 204, `Expected 204, got ${status}`);
+});
+
+await test("GET /build_steps/:id — returns 404 after delete", async () => {
+  const { status } = await request("GET", `/build_steps/${__build_step_id}`);
+  assert(status === 404, `Expected 404, got ${status}`);
+});
+
+// ─── ToolCallService Tests ─────────────────────────────────────────────────────
+
+console.log("\nToolCallService — CRUD");
+
+let __tool_call_id: string;
+
+await test("POST /tool_calls — creates entity", async () => {
+  const { status, data } = await request("POST", "/tool_calls", {"session_id":"00000000-0000-0000-0000-000000000001","agent_id":"00000000-0000-0000-0000-000000000001","build_step_id":null,"tool_name":"test_value","tool_input":{},"tool_output":null,"error":null,"duration_ms":null,"permission_decision":null});
+  assert(status === 201, `Expected 201, got ${status}: ${JSON.stringify(data)}`);
+  assert(data.id, "Response must have id");
+  __tool_call_id = data.id;
+});
+
+await test("GET /tool_calls/:id — reads entity", async () => {
+  const { status, data } = await request("GET", `/tool_calls/${__tool_call_id}`);
+  assert(status === 200, `Expected 200, got ${status}`);
+  assert(data.id === __tool_call_id, "ID must match");
+});
+
+await test("GET /tool_calls — lists entities", async () => {
+  const { status, data } = await request("GET", "/tool_calls");
+  assert(status === 200, `Expected 200, got ${status}`);
+  assert(Array.isArray(data.items), "Response must have items array");
+  assert(typeof data.total === "number", "Response must have total");
+});
+
+await test("GET /tool_calls — rejects unauthenticated", async () => {
+  const res = await fetch(`${BASE_URL}/tool_calls`);
+  assert(res.status === 401, `Expected 401, got ${res.status}`);
+});
+
+await test("POST /tool_calls/complete-tool-call — capability executes", async () => {
+  const { status, data } = await request("POST", "/tool_calls/complete-tool-call", {
+    tool_call_id: __tool_call_id,
+  });
+  // Capability may return 200 (success) or 422 (precondition failed) — both are valid
+  assert([200, 422].includes(status), `Expected 200 or 422, got ${status}: ${JSON.stringify(data)}`);
+});
+
+await test("POST /tool_calls/complete-tool-call — returns 401 without auth", async () => {
+  const res = await fetch(`${BASE_URL}/tool_calls/complete-tool-call`, { method: "POST" });
+  assert(res.status === 401, `Expected 401, got ${res.status}`);
+});
+
+await test("POST /tool_calls/deny-tool-call — capability executes", async () => {
+  const { status, data } = await request("POST", "/tool_calls/deny-tool-call", {
+    tool_call_id: __tool_call_id,
+  });
+  // Capability may return 200 (success) or 422 (precondition failed) — both are valid
+  assert([200, 422].includes(status), `Expected 200 or 422, got ${status}: ${JSON.stringify(data)}`);
+});
+
+await test("POST /tool_calls/deny-tool-call — returns 401 without auth", async () => {
+  const res = await fetch(`${BASE_URL}/tool_calls/deny-tool-call`, { method: "POST" });
+  assert(res.status === 401, `Expected 401, got ${res.status}`);
+});
+
+// State machine: ToolCall
+await test("PUT /tool_calls/:id — rejects invalid state transition", async () => {
+  const { status, data } = await request("PUT", `/tool_calls/${__tool_call_id}`, {
+    state: "__invalid_state__",
+  });
+  assert(status === 422, `Expected 422 for invalid transition, got ${status}`);
+  assert(data.error?.code === "INVALID_TRANSITION", "Error code must be INVALID_TRANSITION");
+});
+
+await test("DELETE /tool_calls/:id — deletes entity", async () => {
+  const { status } = await request("DELETE", `/tool_calls/${__tool_call_id}`);
+  assert(status === 204, `Expected 204, got ${status}`);
+});
+
+await test("GET /tool_calls/:id — returns 404 after delete", async () => {
+  const { status } = await request("GET", `/tool_calls/${__tool_call_id}`);
+  assert(status === 404, `Expected 404, got ${status}`);
+});
+
+console.log(`\n════════════════════════════════════════`);
+console.log(`Results: ${passed} passed, ${failed} failed`);
+console.log("═".repeat(40));
+if (failed > 0) process.exit(1);
 })().catch(e => { console.error(e); process.exit(1); });