snow-flow 10.0.184 → 10.0.185

package/package.json

@@ -1,6 +1,6 @@
 {
   "$schema": "https://json.schemastore.org/package.json",
-  "version": "10.0.184",
+  "version": "10.0.185",
   "name": "snow-flow",
   "description": "Snow-Flow - ServiceNow Multi-Agent Development Framework powered by AI",
   "license": "Elastic-2.0",

package/src/cli/cmd/run.ts

@@ -91,8 +91,21 @@ export const RunCommand = cmd({
         type: "string",
         describe: "model variant (provider-specific reasoning effort, e.g., high, max, minimal)",
       })
+      .option("dangerously-skip-permissions", {
+        type: "boolean",
+        describe: "auto-approve all permission and question prompts (dangerous)",
+      })
   },
   handler: async (args) => {
+    if (args.dangerouslySkipPermissions) {
+      process.env.SNOW_CODE_DANGEROUSLY_SKIP_PERMISSIONS = "true"
+      UI.println(
+        UI.Style.TEXT_DANGER_BOLD + "!",
+        UI.Style.TEXT_NORMAL,
+        "Running with --dangerously-skip-permissions: ALL permissions and questions will be auto-approved",
+      )
+    }
+
     let message = [...args.message, ...(args["--"] || [])]
       .map((arg) => (arg.includes(" ") ? `"${arg.replace(/\\/g, "\\\\").replace(/"/g, '\\"')}"` : arg))
       .join(" ")
@@ -209,6 +222,14 @@ export const RunCommand = cmd({
           if (event.type === "permission.asked") {
             const permission = event.properties
             if (permission.sessionID !== sessionID) continue
+            if (args.dangerouslySkipPermissions) {
+              await sdk.permission.respond({
+                sessionID,
+                permissionID: permission.id,
+                response: "once",
+              })
+              continue
+            }
             const result = await select({
               message: `Permission required: ${permission.permission} (${permission.patterns.join(", ")})`,
               options: [

package/src/cli/cmd/tui/thread.ts

@@ -75,6 +75,10 @@ export const TuiThreadCommand = cmd({
       .option("connect", {
         type: "string",
         describe: "connect to an existing server URL instead of starting a worker",
+      })
+      .option("dangerously-skip-permissions", {
+        type: "boolean",
+        describe: "auto-approve all permission and question prompts (dangerous)",
       }),
   handler: async (args) => {
     // Resolve relative paths against PWD to preserve behavior when using --cwd flag
@@ -94,6 +98,15 @@ export const TuiThreadCommand = cmd({
       return piped ? piped + "\n" + args.prompt : args.prompt
     })
 
+    if (args.dangerouslySkipPermissions) {
+      process.env.SNOW_CODE_DANGEROUSLY_SKIP_PERMISSIONS = "true"
+      UI.println(
+        UI.Style.TEXT_DANGER_BOLD + "!",
+        UI.Style.TEXT_NORMAL,
+        "Running with --dangerously-skip-permissions: ALL permissions and questions will be auto-approved",
+      )
+    }
+
     let url: string
     let customFetch: typeof fetch | undefined
     let events: EventSource | undefined

package/src/flag/flag.ts

@@ -36,6 +36,7 @@ export namespace Flag {
   export const OPENCODE_DISABLE_CLAUDE_CODE_SKILLS =
     OPENCODE_DISABLE_CLAUDE_CODE || truthyBoth("DISABLE_CLAUDE_CODE_SKILLS")
   export declare const OPENCODE_DISABLE_PROJECT_CONFIG: boolean
+  export declare const OPENCODE_DANGEROUSLY_SKIP_PERMISSIONS: boolean
   export const OPENCODE_FAKE_VCS = envBoth("FAKE_VCS")
   export const OPENCODE_CLIENT = envBoth("CLIENT") ?? "cli"
   export const OPENCODE_SERVER_PASSWORD = envBoth("SERVER_PASSWORD")
@@ -67,6 +68,16 @@ export namespace Flag {
   }
 }
 
+// Dynamic getter for OPENCODE_DANGEROUSLY_SKIP_PERMISSIONS
+// Must be evaluated at access time because the TUI handler sets the env var after module load
+Object.defineProperty(Flag, "OPENCODE_DANGEROUSLY_SKIP_PERMISSIONS", {
+  get() {
+    return truthy("SNOW_CODE_DANGEROUSLY_SKIP_PERMISSIONS") || truthy("OPENCODE_DANGEROUSLY_SKIP_PERMISSIONS")
+  },
+  enumerable: true,
+  configurable: false,
+})
+
 // Dynamic getter for OPENCODE_DISABLE_PROJECT_CONFIG
 // This must be evaluated at access time, not module load time,
 // because external tooling may set this env var at runtime

package/src/permission/next.ts

@@ -1,6 +1,7 @@
 import { Bus } from "@/bus"
 import { BusEvent } from "@/bus/bus-event"
 import { Config } from "@/config/config"
+import { Flag } from "@/flag/flag"
 import { Identifier } from "@/id/id"
 import { Instance } from "@/project/instance"
 import { Storage } from "@/storage/storage"
@@ -137,6 +138,10 @@ export namespace PermissionNext {
         if (rule.action === "deny")
           throw new DeniedError(ruleset.filter((r) => Wildcard.match(request.permission, r.permission)))
         if (rule.action === "ask") {
+          if (Flag.OPENCODE_DANGEROUSLY_SKIP_PERMISSIONS) {
+            log.warn("auto-approving permission", { permission: request.permission, pattern })
+            continue
+          }
           const id = input.id ?? Identifier.ascending("permission")
           return new Promise<void>((resolve, reject) => {
             const info: Request = {

package/src/project/agents-template.txt

@@ -202,13 +202,14 @@ You MUST follow instructions in this precedence order:
 
 **When to READ INSTANCE.md:**
 - At the start of a session to recall instance details (URL, version, active plugins, teams)
-- Before choosing between native SN agile tools vs enterprise Jira/ADO tools
-- When a user references something instance-specific (custom tables, teams, conventions)
+- When a user references something instance-specific (custom tables, integrations, naming conventions)
+- Before making assumptions about what exists or is configured on the instance
 
 **When to UPDATE INSTANCE.md:**
-- After discovering the instance URL or version
-- After confirming which plugins are active (especially `com.snc.sdlc.agile.2.0`)
-- After discovering custom tables, teams, or naming conventions
+- After discovering the instance URL, version, or edition
+- After confirming which plugins or modules are active
+- After discovering custom tables, scoped applications, or integrations
+- After learning about naming conventions, team structures, or key contacts
 - After creating significant update sets
 - When you learn something instance-specific that would be useful in future sessions
 

package/src/project/instance-template.txt

@@ -9,24 +9,48 @@ across sessions. You can also manually edit this file.
 <!-- Agent: update this section after connecting to the instance -->
 - **URL**: (not yet discovered)
 - **Version**: (not yet discovered)
+- **Edition**: (e.g., Standard, Professional, Enterprise)
 
-## Active Plugins
+## Active Plugins & Modules
 
-<!-- Agent: update this section when you discover which plugins are active -->
-<!-- Example: com.snc.sdlc.agile.2.0, com.snc.change_management, etc. -->
+<!-- Agent: update this section when you discover which plugins/modules are active -->
+<!-- Examples: com.snc.change_management, com.snc.incident, com.snc.service_catalog,
+     com.snc.sdlc.agile.2.0, com.snc_hr_core, com.sn_csm, com.snc.cmdb,
+     com.snc.integration_hub, com.glide.itsm.virtual_agent, etc. -->
+
+## Custom Applications & Scopes
+
+<!-- Agent: record any scoped applications discovered (x_vendor_appname format) -->
+<!-- Include: app name, scope, purpose, version if known -->
 
 ## Custom Tables
 
 <!-- Agent: record any custom tables you discover during development -->
+<!-- Include: table name, label, extends (if any), purpose -->
+
+## Key Integrations
+
+<!-- Agent: record integration endpoints, REST messages, MID servers -->
+<!-- Examples: outbound REST to JIRA, inbound API for monitoring, LDAP/SSO config,
+     IntegrationHub spokes, import sources, SCCM/SCOM connections -->
+
+## Teams & Key Users
+
+<!-- Agent: record team names, roles, key contacts you interact with -->
+<!-- Examples: platform admin, process owners, fulfillers, assignment groups -->
 
-## Teams & Users
+## Naming Conventions & Standards
 
-<!-- Agent: record team names, scrum masters, key users you interact with -->
+<!-- Agent: record instance-specific naming patterns and development standards -->
+<!-- Examples: table prefixes (u_ vs x_vendor_), field naming, update set naming,
+     business rule naming, script include patterns, catalog item categories -->
 
 ## Development Notes
 
-<!-- Agent: record instance-specific patterns, quirks, or conventions -->
-<!-- Examples: naming conventions, custom fields, integration endpoints -->
+<!-- Agent: record instance-specific patterns, quirks, or configurations -->
+<!-- Examples: custom ACLs, domain separation setup, performance considerations,
+     specific GlideRecord patterns used, custom processors, custom UI pages,
+     notification configurations, approval workflows -->
 
 ## Update Set History
 

package/src/question/index.ts

@@ -1,5 +1,6 @@
 import { Bus } from "@/bus"
 import { BusEvent } from "@/bus/bus-event"
+import { Flag } from "@/flag/flag"
 import { Identifier } from "@/id/id"
 import { Instance } from "@/project/instance"
 import { Log } from "@/util/log"
@@ -99,6 +100,11 @@ export namespace Question {
     questions: Info[]
     tool?: { messageID: string; callID: string }
   }): Promise<Answer[]> {
+    if (Flag.OPENCODE_DANGEROUSLY_SKIP_PERMISSIONS) {
+      log.warn("auto-approving question", { questions: input.questions.length })
+      return input.questions.map((q) => [q.options[0]?.label ?? "Yes"])
+    }
+
     const s = await state()
     const id = Identifier.ascending("question")
 
@@ -165,6 +171,12 @@ export namespace Question {
     }
   }
 
+  export class FeedbackError extends Error {
+    constructor(feedback: string) {
+      super(`The user wants changes to the plan: ${feedback}`)
+    }
+  }
+
   export async function list() {
     return state().then((x) => Object.values(x.pending).map((x) => x.info))
   }

package/src/tool/plan.ts

@@ -29,7 +29,7 @@ export const PlanExitTool = Tool.define("plan_exit", {
         {
           question: `Plan at ${plan} is complete. Would you like to switch to the build agent and start implementing?`,
           header: "Build Agent",
-          custom: false,
+          custom: true,
           options: [
             { label: "Yes", description: "Switch to build agent and start implementing the plan" },
             { label: "No", description: "Stay with plan agent to continue refining the plan" },
@@ -41,6 +41,7 @@ export const PlanExitTool = Tool.define("plan_exit", {
 
     const answer = answers[0]?.[0]
     if (answer === "No") throw new Question.RejectedError()
+    if (answer !== "Yes") throw new Question.FeedbackError(answer ?? "")
 
     const model = await getLastModel(ctx.sessionID)
 

package/src/tool/review.ts

@@ -29,7 +29,7 @@ export const ReviewExitTool = Tool.define("review_exit", {
         {
           question: `Review at ${reviewFile} is complete. Would you like to switch to the build agent and start acting on the feedback?`,
           header: "Build Agent",
-          custom: false,
+          custom: true,
           options: [
             { label: "Yes", description: "Switch to build agent and act on review feedback" },
             { label: "No", description: "Stay with review agent to continue analysis" },
@@ -41,6 +41,7 @@ export const ReviewExitTool = Tool.define("review_exit", {
 
     const answer = answers[0]?.[0]
     if (answer === "No") throw new Question.RejectedError()
+    if (answer !== "Yes") throw new Question.FeedbackError(answer ?? "")
 
     const model = await getLastModel(ctx.sessionID)