@syndicalt/snow-cli 1.5.0 → 2.0.0

package/README.md

@@ -1,6 +1,6 @@
 # snow-cli
 
-A portable CLI for ServiceNow. Query tables, inspect schemas, edit and search script fields, bulk-update records, manage users and groups, handle attachments, promote update sets across environments, and generate complete applications using AI — all from your terminal.
+A portable CLI for ServiceNow. Query tables, inspect schemas, edit and search script fields, bulk-update records, manage users and groups, handle attachments, promote update sets across environments, browse the Service Catalog, inspect Flow Designer flows, manage scoped applications, tail system logs, and generate complete applications using AI — all from your terminal.
 
 - [Installation](#installation)
 - [Quick Start](#quick-start)
@@ -15,6 +15,12 @@ A portable CLI for ServiceNow. Query tables, inspect schemas, edit and search sc
   - [snow attachment](#snow-attachment)
   - [snow updateset](#snow-updateset)
   - [snow status](#snow-status)
+  - [snow diff](#snow-diff)
+  - [snow factory](#snow-factory)
+  - [snow catalog](#snow-catalog)
+  - [snow flow](#snow-flow)
+  - [snow app](#snow-app)
+  - [snow log](#snow-log)
   - [snow provider](#snow-provider)
   - [snow ai](#snow-ai)
 - [Configuration File](#configuration-file)
@@ -76,8 +82,35 @@ snow attachment pull incident <sys_id> --all --out ./downloads
 snow provider set openai
 snow ai build "Create a script include that auto-routes incidents by category and urgency"
 
-# 10. Start an interactive session to build iteratively
+# 10. Compare schema/scripts between instances to detect drift
+snow diff incident --against prod --fields
+snow diff all --against test --scripts --scope x_myco_myapp
+
+# 11. Run the full factory pipeline: plan → build → test → promote
+snow factory "Build a hardware asset request app with approval workflow" --envs test,prod
+
+# 12. Start an interactive session to build iteratively
 snow ai chat
+
+# 13. Browse the Service Catalog
+snow catalog list
+snow catalog search "VPN"
+snow catalog get "Request VPN Access"
+
+# 14. Inspect Flow Designer flows and actions
+snow flow list
+snow flow list --subflows --scope x_myco_myapp
+snow flow get "My Approval Flow"
+
+# 15. List scoped applications
+snow app list
+snow app get x_myco_myapp
+
+# 16. Tail system logs
+snow log
+snow log --level err --follow
+snow log app --scope x_myco_myapp
+snow log tx --slow 2000
 ```
 
 ---
@@ -699,6 +732,488 @@ snow status --no-errors
 
 ---
 
+### `snow diff`
+
+Compare schema field definitions and script content between two configured instances. Useful for detecting drift — fields added/removed/changed, or scripts that diverged between dev and test/prod.
+
+```bash
+# Compare field definitions for a table
+snow diff incident --against prod --fields
+
+# Compare script content in an app scope between dev and test
+snow diff all --against test --scripts --scope x_myco_myapp
+
+# Compare both fields and scripts
+snow diff sys_script_include --against prod --fields --scripts
+
+# Output as Markdown (for pasting into docs or tickets)
+snow diff incident --against prod --fields --markdown
+
+# Output as JSON (for scripting or CI pipelines)
+snow diff incident --against prod --fields --scripts --json
+
+# Save the diff report to a file (ANSI stripped automatically)
+snow diff all --against prod --scripts --scope x_myco_myapp --output ./diff-report.txt
+```
+
+The source is always the **active instance** (`snow instance use <alias>` to set it). `--against` specifies the target instance alias.
+
+**Arguments:**
+
+| Argument | Description |
+|---|---|
+| `<table>` | Table to compare for `--fields`. Use `all` with `--scripts` to scan all script-bearing tables. |
+
+**Options:**
+
+| Flag | Description |
+|---|---|
+| `--against <alias>` | Target instance alias to compare against (required) |
+| `--fields` | Compare `sys_dictionary` field definitions |
+| `--scripts` | Compare script field content across script-bearing tables |
+| `--scope <prefix>` | Filter scripts by application scope prefix (e.g. `x_myco_myapp`) |
+| `--markdown` | Output as Markdown for docs/tickets |
+| `--json` | Output structured JSON (fields rows + script hunks) |
+| `--output <file>` | Write the diff to a file (ANSI color codes stripped automatically) |
+
+At least one of `--fields` or `--scripts` is required.
+
+#### Field diff output
+
+Shows every field that was **added** (only in target), **removed** (only in source), or **changed** (type, max_length, mandatory, read_only, reference, or active flag differs):
+
+```
+  Schema diff: incident
+  ──────────────────────────────────────────────────
+  Field                  Status    Detail
+  ──────────────────────────────────────────────────────────────────────────
+  x_myco_priority_code   added     type=string
+  x_myco_legacy_flag     removed   type=boolean
+  category               changed   max_length: 40 → 100
+```
+
+#### Script diff output
+
+For each script-bearing table, shows scripts **added** (only in target), **removed** (only in source), or **changed** (content differs), with a contextual line diff for changed scripts:
+
+```
+  Script diff: sys_script_include
+  ──────────────────────────────────────────────────
+  + NewUtils  (only in prod)
+  - OldHelper (only in dev)
+  ~ IncidentRouter
+
+  IncidentRouter
+  --- dev
+  +++ prod
+  @@ lines 12–16 @@
+     var gr = new GlideRecord('incident');
+  -  gr.addQuery('state', 1);
+  +  gr.addQuery('state', 2);
+     gr.query();
+```
+
+**Script tables scanned** (when using `--scripts`):
+
+| Table | Description |
+|---|---|
+| `sys_script_include` | Script Includes |
+| `sys_script` | Business Rules |
+| `sys_script_client` | Client Scripts |
+| `sys_ui_action` | UI Actions |
+| `sysauto_script` | Scheduled Script Executions |
+
+---
+
+### `snow factory`
+
+AI-orchestrated multi-component application pipeline. Takes a natural language description, breaks it into a dependency-ordered build plan, generates each component via LLM, pushes to the source instance, optionally generates and runs ATF tests, then promotes through additional environments.
+
+```bash
+# Plan and build (deploys to active instance only)
+snow factory "Build an employee onboarding app with custom tables, approval workflow, and email notifications"
+
+# Full pipeline: dev → test → prod
+snow factory "Build a hardware asset request app" --envs test,prod
+
+# Force all artifacts into an existing application scope
+snow factory "Add an approval business rule to the asset request app" --scope x_myco_assetreq
+
+# Preview the plan without building
+snow factory "Build an incident escalation app" --dry-run
+
+# Generate and immediately run ATF tests
+snow factory "Build a change approval workflow" --run-tests
+
+# Skip ATF test generation (faster)
+snow factory "Add a business rule to auto-assign P1 incidents" --skip-tests
+
+# Resume a failed or interrupted run
+snow factory "..." --resume abc12345
+
+# List recent factory runs
+snow factory "" --list
+```
+
+**Options:**
+
+| Flag | Description |
+|---|---|
+| `--envs <aliases>` | Comma-separated instance aliases to promote to after source, in order (e.g. `test,prod`) |
+| `--scope <prefix>` | Override the application scope prefix for all artifacts (e.g. `x_myco_myapp`) |
+| `--skip-tests` | Skip ATF test generation |
+| `--run-tests` | Execute the generated ATF test suite immediately after pushing |
+| `--dry-run` | Show the generated plan only — no builds, no deployments |
+| `--resume <id>` | Resume a previous run from its checkpoint (see `--list`) |
+| `--list` | Show recent factory runs and their component completion status |
+
+#### Pipeline phases
+
+```
+  [1/N] Planning
+        LLM analyzes the prompt → structured plan with components, dependencies, risks
+        Displays plan for review → confirm before proceeding
+
+  [2/N] Building components
+        Each component is built sequentially in dependency order
+        Tables first, then script includes, then business rules / client scripts
+        Each component saved to ~/.snow/factory/<run-id>/<component>/
+
+  [3/N] Pushing to <source-instance>
+        All artifacts pushed to the active instance via Table API
+        Creates or updates existing records
+
+  [4/N] Generating ATF tests (unless --skip-tests)
+        LLM generates a test suite with server-side script assertions
+        Tests pushed to the instance as sys_atf_test + sys_atf_step records
+        Optionally executed if --run-tests is set
+
+  [5/N] Promoting to <env>  (once per additional env in --envs)
+        Checks for pre-existing artifacts on the target
+        Confirms before applying
+        Uploads combined update set XML to sys_remote_update_set
+        Prints direct link → then Load → Preview → Commit in the UI
+```
+
+#### Checkpointing and resume
+
+Every factory run is checkpointed to `~/.snow/factory/<run-id>/state.json` after each completed phase. If a run is interrupted (network error, LLM failure, manual cancellation), resume it:
+
+```bash
+snow factory "" --list                 # find the run ID
+snow factory "" --resume abc12345     # resume from last successful phase
+```
+
+The resume prompt argument is ignored when `--resume` is provided — the original prompt and plan are loaded from the checkpoint.
+
+#### Example output
+
+```
+  ────────────────────────────────────────────────────────
+  snow factory  ·  anthropic
+  Source: dev  https://dev12345.service-now.com
+  Pipeline: dev → test → prod
+  ────────────────────────────────────────────────────────
+
+  [1/5] Planning
+  ────────────────────────────────────────────────────────
+  Employee Onboarding App
+  Automates new-hire onboarding with task assignment, document tracking, and notifications
+  scope: x_myco_onboard  v1.0.0
+
+  Components (3) — ~14 artifacts
+  1. Custom Tables          (no deps)
+     Employee and HR document tracking tables
+  2. Script Includes        ← depends on: tables
+     OnboardingUtils class for task generation and notifications
+  3. Business Rules         ← depends on: tables, scripts
+     Auto-assign tasks on employee insert; notify on completion
+
+  ⚠ Risks:
+    • SMTP server must be configured for email notifications
+    • MID Server required for Active Directory sync
+
+  ? Execute factory pipeline? (3 components → dev → test → prod) Yes
+
+  [2/5] Building components
+  ────────────────────────────────────────────────────────
+  ✓ Custom Tables  2 artifacts
+     + table            x_myco_onboard_employee
+     + table            x_myco_onboard_doc
+  ✓ Script Includes  1 artifact
+     + script_include   x_myco_onboard.OnboardingUtils
+  ✓ Business Rules  3 artifacts
+     + business_rule    Auto-Assign Tasks on Insert
+     + business_rule    Notify Manager on Completion
+     + scheduled_job    Weekly Onboarding Report
+
+  ✔ 6 total artifacts combined
+
+  [3/5] Pushing to dev
+  ────────────────────────────────────────────────────────
+  created  Table             x_myco_onboard_employee
+  created  Table             x_myco_onboard_doc
+  created  Script Include    x_myco_onboard.OnboardingUtils
+  created  Business Rule     Auto-Assign Tasks on Insert
+  ...
+  6 pushed, 0 failed
+
+  [4/5] Generating ATF tests
+  ────────────────────────────────────────────────────────
+  Employee Onboarding App — ATF Suite
+  4 tests generated
+    • Test employee record creation and field defaults  (3 steps)
+    • Test OnboardingUtils task generation  (2 steps)
+    • Test business rule fires on insert  (3 steps)
+    • Test manager notification trigger  (2 steps)
+  ✓ Test suite created
+    https://dev12345.service-now.com/nav_to.do?uri=sys_atf_test_suite.do?sys_id=...
+```
+
+#### Permission-denied errors
+
+Some artifact types require elevated roles to push via the Table API:
+
+| Artifact | Required role |
+|---|---|
+| `table` (`sys_db_object`) | `admin` or `delegated_developer` |
+| `decision_table` (`sys_decision`) | `admin` or `developer` |
+| `flow_action` (`sys_hub_action_type_definition`) | `flow_designer` + `IntegrationHub` |
+
+When a 403 is encountered the artifact is **skipped** (shown in yellow) rather than failing the whole run. The generated update set XML is always written to disk regardless — use it to import via the UI when Table API access is restricted:
+
+```
+  System Update Sets → Retrieved Update Sets → Import XML → Load → Preview → Commit
+```
+
+---
+
+### `snow catalog`
+
+Browse and search the ServiceNow Service Catalog.
+
+```bash
+# List catalog items
+snow catalog list
+snow catalog list --category "Hardware"
+snow catalog list --catalog "Employee Center" -l 50
+
+# Search by name or description
+snow catalog search "VPN"
+snow catalog search "laptop" --limit 10
+
+# Get details for a specific item (by name or sys_id)
+snow catalog get "Request VPN Access"
+snow catalog get abc1234...
+
+# List catalog categories
+snow catalog categories
+snow catalog categories --catalog "IT Catalog"
+```
+
+**`snow catalog list` options:**
+
+| Flag | Description |
+|---|---|
+| `-q, --query <encoded>` | Encoded query filter |
+| `--category <name>` | Filter by category name |
+| `--catalog <name>` | Filter by catalog title |
+| `-l, --limit <n>` | Max records (default: `25`) |
+| `--json` | Output as JSON |
+
+**`snow catalog search` options:**
+
+| Flag | Description |
+|---|---|
+| `-l, --limit <n>` | Max records (default: `20`) |
+| `--json` | Output as JSON |
+
+**`snow catalog categories` options:**
+
+| Flag | Description |
+|---|---|
+| `--catalog <name>` | Filter by catalog title |
+| `-l, --limit <n>` | Max records (default: `100`) |
+| `--json` | Output as JSON |
+
+Sub-categories are indented based on their depth in the `full_name` hierarchy.
+
+---
+
+### `snow flow`
+
+List and inspect Flow Designer flows, subflows, and custom actions.
+
+```bash
+# List flows
+snow flow list
+snow flow list --scope x_myco_myapp
+snow flow list -l 50
+
+# List subflows instead
+snow flow list --subflows
+snow flow list --subflows --scope x_myco_myapp
+
+# Get details and inputs for a specific flow (by name or sys_id)
+snow flow get "My Approval Flow"
+snow flow get abc1234...
+
+# List custom Flow Designer actions
+snow flow actions
+snow flow actions --scope x_myco_myapp
+```
+
+**`snow flow list` options:**
+
+| Flag | Description |
+|---|---|
+| `--subflows` | Show subflows instead of flows |
+| `--scope <prefix>` | Filter by application scope prefix |
+| `-q, --query <encoded>` | Additional encoded query filter |
+| `-l, --limit <n>` | Max records (default: `25`) |
+| `--json` | Output as JSON |
+
+**`snow flow actions` options:**
+
+| Flag | Description |
+|---|---|
+| `--scope <prefix>` | Filter by application scope prefix |
+| `-q, --query <encoded>` | Additional encoded query filter |
+| `-l, --limit <n>` | Max records (default: `25`) |
+| `--json` | Output as JSON |
+
+`snow flow get` shows flow metadata, trigger type, run-as setting, and the list of typed input variables. It also prints the direct Flow Designer URL for the record.
+
+Active flows are shown with a green `●`; inactive with a red `○`.
+
+---
+
+### `snow app`
+
+List and inspect scoped applications on the active instance.
+
+```bash
+# List custom scoped applications (sys_app)
+snow app list
+
+# Include all system scopes (sys_scope)
+snow app list --all
+
+# Filter with an encoded query
+snow app list -q "vendor=Acme Corp"
+
+# Get details for a specific app by scope prefix or name
+snow app get x_myco_myapp
+snow app get "My Custom App"
+snow app get abc1234...   # sys_id also accepted
+```
+
+**`snow app list` options:**
+
+| Flag | Description |
+|---|---|
+| `--all` | Include all system scopes, not just custom applications |
+| `-q, --query <encoded>` | Encoded query filter |
+| `-l, --limit <n>` | Max records (default: `50`) |
+| `--json` | Output as JSON |
+
+`snow app get` shows scope prefix, sys_id, version, vendor, created/updated dates, and whether the scope has update set entries. It also prints helpful next-step commands for `snow factory` and `snow diff`.
+
+---
+
+### `snow log`
+
+View system and application logs from the active instance.
+
+```bash
+# System log (default subcommand)
+snow log
+snow log system
+snow log --level err
+snow log --source Evaluator --limit 100
+
+# Filter by scope
+snow log --scope x_myco_myapp
+
+# Follow mode — polls for new entries every 5 seconds
+snow log --follow
+snow log --follow --interval 10000
+
+# Application log (requires admin role)
+snow log app
+snow log app --scope x_myco_myapp
+
+# Transaction log
+snow log tx
+snow log tx --slow 2000   # only show responses > 2000ms
+```
+
+#### `snow log system` (default)
+
+Queries the `syslog` table. Output columns: timestamp, level, source, message.
+
+| Flag | Description |
+|---|---|
+| `--level <level>` | Filter by level: `err`, `warn`, `info`, `debug` |
+| `--source <source>` | Filter by log source (e.g. `Evaluator`, `Script`) |
+| `--scope <prefix>` | Filter by application scope prefix |
+| `-q, --query <encoded>` | Additional encoded query filter |
+| `-l, --limit <n>` | Max records (default: `50`) |
+| `--follow` | Poll for new entries (Ctrl+C to stop) |
+| `--interval <ms>` | Polling interval in ms when using `--follow` (default: `5000`) |
+| `--json` | Output as JSON |
+
+#### `snow log app`
+
+Queries the `syslog_app_scope` table, which contains application-level log entries written by `gs.log()`, `gs.warn()`, etc. **Requires the `admin` role** — a clear error is shown if access is denied.
+
+| Flag | Description |
+|---|---|
+| `--scope <prefix>` | Filter by application scope prefix |
+| `--source <source>` | Filter by log source |
+| `-l, --limit <n>` | Max records (default: `50`) |
+| `--follow` | Poll for new entries |
+| `--interval <ms>` | Polling interval in ms (default: `5000`) |
+| `--json` | Output as JSON |
+
+#### `snow log tx`
+
+Queries the `syslog_transaction` table. Output columns: timestamp, HTTP status, response time (highlighted red if > 2s), username, URL.
+
+| Flag | Description |
+|---|---|
+| `-l, --limit <n>` | Max records (default: `25`) |
+| `--slow <ms>` | Only show transactions slower than this many milliseconds |
+| `--json` | Output as JSON |
+
+---
+
+#### `snow ai test <path>`
+
+Generate ATF tests for any previously generated build and push them to the active instance. Usable independently of `snow factory`.
+
+```bash
+# Generate and push tests for a build
+snow ai test ./my-build/
+
+# Generate, push, and immediately run
+snow ai test ./my-build/ --run
+
+# Custom suite name
+snow ai test ./my-build/my-build.manifest.json --suite-name "Sprint 42 — Onboarding Tests"
+```
+
+**Options:**
+
+| Flag | Description |
+|---|---|
+| `--run` | Execute the test suite immediately after pushing via the ATF API |
+| `--suite-name <name>` | Override the generated suite name |
+
+Requires access to `sys_atf_step_config`, `sys_atf_test`, `sys_atf_test_suite`, and `sys_atf_step` tables. ATF must be enabled on the instance.
+
+---
+
 ### `snow provider`
 
 Configure LLM providers used by `snow ai`. API keys and model preferences are stored in `~/.snow/config.json`.
@@ -1049,6 +1564,12 @@ src/
     attachment.ts           snow attachment (list/pull/push)
     updateset.ts            snow updateset (list/current/set/show/capture/export/apply/diff)
     status.ts               snow status
+    diff.ts                 snow diff (cross-instance schema/script comparison)
+    factory.ts              snow factory (AI-orchestrated multi-env app pipeline)
+    catalog.ts              snow catalog (Service Catalog browse/search)
+    flow.ts                 snow flow (Flow Designer flows, subflows, actions)
+    app.ts                  snow app (scoped application metadata)
+    log.ts                  snow log (system, app, and transaction logs)
     provider.ts             snow provider
     ai.ts                   snow ai (build, chat, review, push)
   lib/
@@ -1057,6 +1578,7 @@ src/
     llm.ts                  LLM provider abstraction (OpenAI, Anthropic, xAI, Ollama)
     sn-context.ts           ServiceNow system prompt and artifact type definitions
     update-set.ts           XML update set generation and Table API push
+    atf.ts                  ATF test generation and execution utilities
   types/
     index.ts                Shared TypeScript interfaces
 ```