SyncroNow AI · docs
ServiceNow · Git · Modern tooling

Treat ServiceNow code like real source code.

SyncroNow AI downloads your scoped-app code as plain, editable files, builds them with modern tooling (TypeScript, Babel, Webpack, Sass) and syncs the result back to the instance on save — so your ServiceNow source lives in Git with real diffs, history, branches and pull requests.

Get started → View on GitHub How it compares
MIT licensed Node.js 22+ TypeScript · ESM Basic & OAuth 2.0 MCP server included
18CLI commands
13workspace packages
59MCP tools
6build plugins
22+Node.js

What is this, exactly?

SyncroNow AI is the next-generation successor to Sincronia — a CLI (and an MCP server) for managing ServiceNow scoped-application source code outside the platform. It takes a two-pronged approach: architecture, records, dictionary and other metadata stay managed in ServiceNow the normal way; your source code itself lives in a local project folder, under Git, built with the tools you already use.

💡

Once code is in your project, it becomes the source of truth — you edit it locally, not in the instance. SyncroNow AI builds it and writes the result back. That shift is what gives you real diffs, code review and CI over code that would otherwise only exist inside ServiceNow.

Capabilities

A modern engineering workflow on top of ServiceNow — not just a file uploader.

🐙

Git-native source control

Scoped-app code becomes plain editable files in a project tree, so it tracks in Git with real diffs, history, branches and pull requests — instead of living only inside Studio.

⚙️

Modern build pipeline

Write TypeScript, modern JavaScript or Sass and compile to instance-ready code with per-rule plugin chains — Babel, Webpack, the TypeScript compiler, Prettier and ESLint.

🔄

Bidirectional sync

dev mode watches your files and pushes builds on save; refresh pulls records created in the instance. push / build / deploy give you full and diff-scoped flows.

🏢

Multi-instance & monorepo

An encrypted credential store and instance profiles route one command at dev, test or prod. Run several scoped apps from one repo, each with its own config.

🤖

AI & MCP analysis

A bundled MCP server gives an AI assistant metadata inventory, dependency graphs, impact analysis, drift detection and scoped documentation — with guardrails and dry-run.

🩺

Diagnostics & safety

check-env, doctor and status verify your environment and connectivity; --dry-run previews any write before it touches the instance.

Quick start

You need Node.js 22+ and a ServiceNow instance you can reach (a free Personal Developer Instance works great). On Windows, run everything inside WSL.

1 · Install the CLI and log in

Install globally for the syncrona command, then save credentials in the encrypted global store. 

npm i -g @syncro-now-ai/core
syncrona login          # prompts for instance, user, password (or OAuth)

Prefer a per-project dev dependency? Use npm i -D @syncro-now-ai/core and call it with npx syncrona ….

2 · Initialise the project

From an empty project folder (run npm init first), the wizard writes sync.config.js, sync.manifest.json and .env, then runs a quick connection check. 

npx syncrona init
🔒

Add a .gitignore that ignores node_modules and .env before your first commit — you really don't want credentials in your repository.

3 · Start dev mode and work

Every time you save a tracked file, SyncroNow AI builds it with your ruleset and pushes the result to the matching record in ServiceNow. 

npx syncrona dev

Optionally install the companion server scoped app for a few enhanced endpoints — the CLI works with or without it against plain REST APIs.

Commands

The full syncrona command surface. Run any of them with npx syncrona <command> (or just syncrona if installed globally).

Command Alias What it does
initWizard that scaffolds a new project (config, manifest, .env) and runs an initial connection check.
devdWatch mode — builds and pushes tracked files on save; periodically refreshes the manifest.
refreshrRefresh the manifest and download newly created records. Never overwrites local file contents.
pushBuild and push local files to the instance. --diff <branch> pushes only changed files.
download <scope>Download a scoped app, overwriting local files. Destructive — confirms first.
buildBuild the project locally into the build folder (--diff records changed files for deploy).
deployDeploy the built files in the build folder to the instance.
docsGenerate / update Markdown docs and Mermaid diagrams for the downloaded scope.
statusExtended workspace status — instance / user / scope, config paths, env readiness, connectivity.
check-envCheck machine prerequisites (Node 22+, platform / WSL, Git) and print actionable fixes.
doctorRun local config and connectivity diagnostics and report actionable failures.
pluginsShow configured plugin rules and report which plugin packages are installed or missing.
config <action>Inspect configuration — e.g. config show-defaults prints built-in includes / excludes.
mcpStart the standalone MCP server and optionally auto-configure local MCP client files.
login [instance]Save credentials in the encrypted global credential store and optionally set the active instance.
logout [instance]Remove stored credentials for one instance (or all with --all).
instancesList instances saved in the global store and mark the active one.
use <instance>Set the active stored instance for subsequent commands.

Diff, dry-run and profiles

  • --diff <branch> uses git diff against a branch. On push it pushes only changed files; on build it builds everything but records which files changed for a later targeted deploy.
  • --dry-run previews effects without writing, on push, deploy, download and build.
  • --instance-profile <name> selects profile env vars (SN_INSTANCE_<PROFILE>, SN_USER_<PROFILE>, SN_PASSWORD_<PROFILE>), falling back to base vars.
  • --refresh-interval <seconds> tunes how often dev re-reads the manifest (default 30s; 0 disables polling).

Configuration

All configuration lives in sync.config.js in your project root. It controls where source lives, which files are tracked, and which build plugins run on them. 

module.exports = {
  // Where your source files live and are watched in dev mode.
  sourceDirectory: "src",
  // Where local builds are written.
  buildDirectory: "build",
  // Plugin rules — MOST SPECIFIC match first; the first match wins.
  rules: [],
  // Tables/fields to exclude (on top of the built-in defaults).
  excludes: {},
  // Tables/fields to explicitly include (can override excludes).
  includes: {},
  // How often (seconds) dev mode refreshes the manifest.
  refreshInterval: 30,
};

Includes & excludes

Too many files, or some missing? includes and excludes are layered on top of sane built-in defaults. List those defaults with syncrona config show-defaults, then add overrides — and run syncrona refresh to apply. 

module.exports = {
  excludes: {
    sys_scope_privilege: false, // turn the default exclusion back on
    my_cool_table: true,        // exclude this table entirely
    new_cool_table: { cool_script: true }, // exclude one field
  },
  includes: {
    sys_report: true, // force-include (overrides excludes)
    // treat a text field as a .js code file:
    special_code_table: { neat_script_field: { type: "js" } },
  },
};

Plugin rules

The rules array maps a filename regular expression to an ordered plugin chain. The result of each plugin is passed to the next, and only the first matching rule runs — so order your most specific patterns first. 

rules: [
  { match: /\.secret\.ts$/, plugins: [] },     // matched → no plugins run
  {
    match: /\.ts$/,
    plugins: [
      {
        name: "@syncro-now-ai/typescript-plugin",
        options: { transpile: false }, // type-check only
      },
    ],
  },
],

Multi-part extensions unlock multiple pipelines for the same base file: script.client.js and script.server.js can run Webpack and Babel respectively. As long as the base filename is stable, add as many extensions as you like.

Table options

tableOptions customises how records on a table map to folders: displayField names the record folder, differentiatorField disambiguates duplicate display values, and query is an encoded query that limits which records are tracked. 

tableOptions: {
  some_table: {
    displayField: "some_field",
    differentiatorField: ["version", "sys_id"], // first non-empty wins
    query: "active=true",
  },
},
⚠️

A sys_id differentiator puts a colon in the filename, which breaks native Windows and WSL /mnt paths. Prefer a non-sys_id differentiator, and avoid it entirely on native-Windows teams.

Build plugins

Plugins are where the power comes from. Each is a separate @syncro-now-ai/* package you install as a dev dependency and wire into a rule. Chains run in order, threading each plugin's output into the next.

PackageWhat it does
@syncro-now-ai/typescript-pluginType-checks and compiles TypeScript files.
@syncro-now-ai/babel-pluginRuns Babel on .js / .ts files.
@syncro-now-ai/webpack-pluginBundles your files with Webpack.
@syncro-now-ai/sass-pluginCompiles Sass / SCSS to CSS.
@syncro-now-ai/prettier-pluginFormats output files with Prettier.
@syncro-now-ai/eslint-pluginRuns ESLint over your files on build.

Supporting presets — @syncro-now-ai/babel-preset-servicenow and @syncro-now-ai/babel-plugin-remove-modules — adapt modern output for the ServiceNow runtime.

🧱

Source is built asymmetrically: the code you write is not the code that runs. A small TypeScript class becomes the transpiled, ServiceNow-compatible JavaScript that lands in the Script Include — you keep the readable source in Git.

Credentials & authentication

Authenticate with a dedicated least-privilege integration user over HTTPS. HTTP Basic is the default; OAuth 2.0 is supported in the CLI.

Where credentials live

The global credential store writes each instance to ~/.syncrona/credentials/<instance>.enc, encrypted with AES-256-GCM. The encryption key is resolved with this precedence:

Key sourceHowStrength
SYNCRONA_STORE_KEY Explicit 32-byte key (hex / base64) from a secrets manager — best for CI / shared environments. Strongest
OS keychain Opt in with SYNCRONA_USE_KEYCHAIN=1 (macOS Keychain / Windows Credential Manager / libsecret) via optional @napi-rs/keyring. Strong
Machine-derived (default) Derived from hostname + username. Obfuscation-grade — guards against casual inspection, not a compromised account or stolen disk. Obfuscation
🛡️

With the default machine-derived key, anyone who can read the .enc file and run code as your user can decrypt it. For real at-rest protection set SYNCRONA_STORE_KEY or enable the keychain, rely on OS file permissions and full-disk encryption, and rotate the integration user's password if a file may have been exposed.

OAuth 2.0

Set SN_OAUTH_CLIENT_ID and SN_OAUTH_CLIENT_SECRET (alongside SN_USER / SN_PASSWORD, optionally with per-profile _<PROFILE> suffixes) and the CLI exchanges them for a Bearer token at oauth_token.do, refreshing on expiry or 401. Without those vars it stays on Basic.

MCP server

The bundled Model Context Protocol server (@syncro-now-ai/mcp-server) lets an MCP-capable AI client — Claude Desktop, Claude Code, VS Code Chat — analyse and operate your scope: session & scope control, metadata inventory, dependency and impact graphs, static script analysis, drift detection and scoped documentation, behind guardrails and dry-run.

Register it with your client

Run npx syncrona mcp to start the server and optionally write local client config (.vscode/mcp.json, .syncrona-mcp/secrets.json), or register it directly: 

{
  "mcpServers": {
    "syncrona": {
      "command": "npx",
      "args": ["-y", "@syncro-now-ai/mcp-server"]
    }
  }
}

Tool families

59 tools, grouped by what they do. Expand a family to see the tools inside.

Session & guardrailsscope, update set and preflight control
  • sync_get_session_context — current scope and update set
  • sync_set_scope / sync_list_scopes — switch / list scopes
  • sync_set_update_set / sync_list_update_sets — switch / list update sets
  • sync_prepare_session — one-call scope + update-set setup
  • sync_preflight_check — validate context against guardrails
  • sync_check_instance_capabilities — verify scoped endpoints before automation
Records & metadataquery, read and update instance records
  • sn_query_records — query a table, optional grouped analysis
  • sn_create_record — create records with validated payloads
  • sn_list_metadata_records / sn_get_metadata_record — inventory and read BR, Client Script, ACL, Dictionary, UI Policy, Scripted REST
  • sn_update_metadata_record — controlled update with confirm + dry-run gate
  • sn_search_scripts — full-text search across script tables with excerpts
  • sn_get_record_history — field-level change history from sys_audit
Dependency & impactgraphs, blast radius and relations
  • sn_build_dependency_graph — nodes/edges with cycle detection and hotspots
  • sn_analyze_impact — ranked downstream blast radius for a change
  • sn_diff_dependency_graphs — deterministic before/after graph diff
  • sync_analyze_scope_relations — full table relation map for a scope
  • sync_generate_table_dependency_report — one-command dependency report
Code analysisstatic analysis and semantic indexing
  • sn_analyze_script_architecture / _security / _performance — analysis packs with severity + remediation
  • sn_analyze_script_full — unified weighted risk score, optional suppressions
  • sync_build_semantic_index / sync_search_semantic_index — symbol-level local indexing and lookup
  • sync_symbol_cross_reference — symbol occurrences by file and count
  • sn_render_analysis_markdown — deterministic markdown report
Change & releasedrift, validation, diffs and release notes
  • sync_detect_drift / sync_diff_instance_vs_local — local vs instance comparison
  • sync_validate_change_package / sync_validate_before_push — pre-push dependency & risk checks
  • sync_compare_instances — compare a scope across two stored profiles (dev vs prod)
  • sync_list_recent_changes — recent scope changes from sys_update_xml
  • sync_generate_release_notes / sync_export_update_set — release notes and Update Set export
  • sync_unified_change_workflow — preflight → analysis → approval → footprint/rollback
Scope docs & knowledgedurable, reusable scope context
  • sync_generate_scope_knowledge / sync_validate_scope_knowledge — knowledge JSON + validation
  • sync_generate_scope_docs — full docs bundle (overview, dependencies, relationships, per-object)
  • sync_scope_knowledge_auto_update — trigger-based updates (init / refresh / change / drift)
Workflow & orchestrationCLI wrappers, ATF, health and AI planning
  • sync_status / sync_refresh / sync_build / sync_push — workspace command wrappers
  • sync_create_script_include / _and_sync — create a Script Include and pull it local to edit
  • sn_execute_background_script / run_node_code — controlled execution with safety gates
  • sync_run_atf_tests / sync_suggest_tests — run ATF tests and scaffold test skeletons
  • sn_autonomous_remediation_workflow — detect → propose → dry-run/apply → validate, with approval
  • sync_health_check / sync_metrics_trend — reliability metrics and trend deltas
  • sync_ai_next_actions / sync_plan_minimal_footprint / sync_onboarding_bootstrap — AI-aware planning and onboarding
⚠️

Writes obey a guardrail policy and a dry-run gate; background-script and Node execution are explicit, gated capabilities meant for non-production environments. Always point the MCP server at a least-privilege integration user.

Workflow

SyncroNow AI manages your scope asymmetrically: source code is owned locally; everything else (tables, dictionary, config records, metadata) stays managed in ServiceNow and moves with your usual update-set / deploy process.

File structure

Downloaded code is laid out one folder per record:

project_folder/
  src/
    table_name/
      record_name/
        field_name.extension

Records are folders because one record can hold multiple code files. Because the folder is named by the record's display value, never have two records with the same display value in the same table — or use differentiatorField to keep them apart.

Day-to-day

  • Add a record: create it in ServiceNow, run syncrona refresh — files appear automatically.
  • Edit code: run syncrona dev and just save; builds push on save.
  • Delete: stop dev mode, delete the record in ServiceNow, syncrona refresh, then remove the files (deliberately — deletion is never automatic).
  • Ship: syncrona push (or build + deploy) for the whole scope, or push --diff main for just your feature's edits.
📂

Once a scope is downloaded, syncrona docs generates Markdown and Mermaid diagrams (overview, tables, per-record) — a fast way to explore what a real project looks like.

How it compares

For teams deciding how to manage ServiceNow scoped-app code. SyncroNow AI is pre-1.0 and early — these are the honest trade-offs.

  SyncroNow AI Studio + native Git Sincronia (predecessor) Update sets
Edit in your own editorpartial
Git diff / PR review of code
Local build pipeline (TS/Babel/Webpack/Sass)
Multi-scope CLI from one repopartial
AI / MCP analysis
Works without a companion scoped appn/an/a
OAuth / SSO auth✅ CLI · ⏳ MCP
First-party support & SLAn/a
🎯

The one-line difference: ServiceNow's native Git moved your code into Git. SyncroNow AI moves your workflow into modern engineering — local build pipelines, a multi-scope CLI, and an AI layer that understands your scope.

Honest gaps today: versus first-party tooling it still lacks OAuth/SSO in the MCP server, a support SLA, and a packaged distribution (Homebrew / Windows installer). These are the active priorities — see the roadmap.

Security & safety

  • Least-privilege by default. Use a dedicated integration user with only the roles your scope needs; never your admin account.
  • Encrypted credential store. AES-256-GCM at rest; key from an explicit secret, the OS keychain, or a machine-derived fallback. Configure a real key for at-rest protection — see Credentials.
  • Dry-run everything risky. --dry-run previews push, deploy, download and build; the MCP server gates writes behind confirmation and dry-run.
  • Destructive ops confirm first. download overwrites local files but asks before doing so (--ci skips the prompt) — keep source in Git so a bad download is a git checkout away.
  • Secrets stay out of Git. Ignore .env and node_modules; for CI, source SYNCRONA_STORE_KEY from a secrets manager or use plain env vars instead of the on-disk store.
📜

Report vulnerabilities and review data-handling in SECURITY.md.

Architecture

A Node 22 monorepo of 13 @syncro-now-ai/* packages. Two ServiceNow clients — the core CLI and the MCP server — share one transport policy (sn-transport) and one encrypted credential store, so authentication, scoped-API resolution and retry behaviour are identical across both.

AI assistant Your editor + Git MCP server @syncro-now-ai/mcp-server core CLI · syncrona @syncro-now-ai/core sn-transport · credential-store shared transport policy + encrypted credentials ServiceNow instance REST / Table API · Basic / OAuth 2.0 stdio · MCP save · build REST
One transport, one credential store — two clients. Build plugins (typescript, babel, webpack, sass, prettier, eslint) and shared types complete the workspace.

CLI commands are declared one entry at a time in a registry, and MCP tool families likewise — the orchestrators are generic interpreters, so adding a command or a tool family is a contained, contract-checked change. Quality gates (type-check, lint, dependency-cruiser module boundaries, tests) run via npm run check.

Full detail: docs/ARCHITECTURE.md.

FAQ

Is SyncroNow AI affiliated with ServiceNow?

No. It is an independent, third-party tool, not affiliated with, endorsed by or sponsored by ServiceNow, Inc. "ServiceNow" is a trademark of ServiceNow, Inc., used here only to indicate compatibility.

Why the package name @syncro-now-ai/*?

The project ships under the @syncro-now-ai npm scope (the CLI is @syncro-now-ai/core, exposing the syncrona command); the GitHub repository is LeassTaTT/syncrona. It is the modern successor to Sincronia / sinc.

Does it work without installing anything on the instance?

Yes. The CLI talks to standard ServiceNow REST / Table APIs and works with or without the optional companion scoped app — which only enables a few enhanced endpoints. It is broadly release-agnostic; if you hit a release-specific issue, open an issue with your instance version.

How is this different from ServiceNow's native Git?

Native Git moves your code into Git. SyncroNow AI moves your workflow into modern engineering: a local build pipeline, a multi-scope CLI you run from your own editor, and an AI / MCP layer that understands your scope's metadata and dependencies. See How it compares.

Does it run on Windows?

On Windows, WSL is currently required (Ubuntu, build 1903+) — run every syncrona command inside the WSL shell. Native Windows support (PowerShell install, Windows Credential Manager) is on the roadmap; macOS and Linux are first-class.

Can I work with multiple instances or scopes?

Yes. Use the encrypted global store (syncrona login / use / instances) or instance-profile env vars with --instance-profile to route a single command at dev, test or prod. For several scoped apps in one repo, treat each scope as its own project under packages/ and run commands from the scope directory.

Is it production-ready?

It is pre-1.0 and early. The engineering is solid — type-checked lint, enforced module boundaries, tests and a security model — but review the security model for your own deployment, and keep your source in Git. Track progress in the roadmap.