⚠️

重要前提

安装AI Skills的关键前提是：必须科学上网，且开启TUN模式，这一点至关重要，直接决定安装能否顺利完成，在此郑重提醒三遍：科学上网，科学上网，科学上网。查看完整安装教程 →

ServiceNow限定范围应用开发指南：隔离性、可移植性与跨范围访问

scoped-apps by groeimetai/snow-flow

51 周安装量

60 GitHub Stars

GitHub

安装命令

npx skills add https://github.com/groeimetai/snow-flow --skill scoped-apps

ServiceNow 企业应用低代码平台

🇨🇳中文介绍

ServiceNow 的限定范围应用开发

限定范围应用为 ServiceNow 中的自定义开发提供了隔离性和可移植性。

为何使用限定范围应用？

特性	全局范围	限定范围应用
命名冲突	可能发生	可避免 (x_ 前缀)
可移植性	困难	容易 (更新集)
安全性	开放	受控 (跨范围)
商店发布	不支持	支持
依赖关系	隐式	显式

创建限定范围应用

通过 Studio (推荐)

1. 导航：系统应用 > Studio
2. 点击：创建应用
3. 输入：
   - 名称："我的自定义应用"
   - 范围："x_mycom_myapp" (自动生成)
   - 版本：1.0.0
4. 配置：
   - 运行时访问：勾选需要跨范围访问的表

通过 MCP

snow_create_application({
  name: "我的自定义应用",
  scope: "x_mycom_custom",
  version: "1.0.0",
  description: "用于...的自定义应用",
})

广告位招租

在这里展示您的产品或服务

触达数万 AI 开发者，精准高效

联系我们

限定范围应用中的脚本包含

var TaskManager = Class.create()
TaskManager.prototype = {
  initialize: function () {
    this.tableName = "x_mycom_myapp_task_tracker"
  },

  createTask: function (name, description) {
    var gr = new GlideRecord(this.tableName)
    gr.initialize()
    gr.setValue("name", name)
    gr.setValue("description", description)
    return gr.insert()
  },

  // 标记为可从其他范围访问
  // 要求："可访问自：所有应用范围"
  getTask: function (sysId) {
    var gr = new GlideRecord(this.tableName)
    if (gr.get(sysId)) {
      return {
        name: gr.getValue("name"),
        description: gr.getValue("description"),
      }
    }
    return null
  },

  type: "TaskManager",
}

调用其他范围的脚本包含

// 从范围：x_mycom_otherapp
// 调用：x_mycom_myapp.TaskManager

// 选项 1：直接调用 (如果可访问)
var tm = new x_mycom_myapp.TaskManager()
var task = tm.getTask(sysId)

// 选项 2：GlideScopedEvaluator
var evaluator = new GlideScopedEvaluator()
evaluator.putVariable("sysId", sysId)
var result = evaluator.evaluateScript("x_mycom_myapp", "new TaskManager().getTask(sysId)")

访问其他范围的表

// 检查是否允许跨范围访问
var gr = new GlideRecord("x_other_app_table")
if (!gr.isValid()) {
  gs.error("无法访问 x_other_app_table")
  return
}

// 如果可访问，正常查询
gr.addQuery("active", true)
gr.query()

// 在 应用 > 属性 中
// 名称：x_mycom_myapp.default_priority
// 值：3
// 类型：string

// 在 应用 > 模块 中
// 创建指向以下位置的"属性"模块：
// /sys_properties_list.do?sysparm_query=name=x_mycom_myapp

// 获取属性值
var defaultPriority = gs.getProperty("x_mycom_myapp.default_priority", "3")

// 设置属性值 (需要管理员权限)
gs.setProperty("x_mycom_myapp.default_priority", "2")

x_mycom_myapp/
├── 表
│   ├── x_mycom_myapp_task
│   └── x_mycom_myapp_config
├── 脚本包含
│   ├── TaskManager
│   └── ConfigUtils
├── 业务规则
│   └── 验证任务
├── UI 页面
│   └── task_dashboard
├── REST API
│   └── 任务 API
├── 计划作业
│   └── 每日清理
└── 应用属性
    ├── default_priority
    └── enable_notifications

限定范围应用中的 REST API

定义脚本式 REST API

// 资源：/api/x_mycom_myapp/tasks
// HTTP 方法：GET

;(function process(request, response) {
  var tasks = []
  var gr = new GlideRecord("x_mycom_myapp_task_tracker")
  gr.addQuery("active", true)
  gr.query()

  while (gr.next()) {
    tasks.push({
      sys_id: gr.getUniqueValue(),
      name: gr.getValue("name"),
      status: gr.getValue("status"),
    })
  }

  response.setBody({
    result: tasks,
    count: tasks.length,
  })
})(request, response)

curl -X GET \
  "https://instance.service-now.com/api/x_mycom_myapp/tasks" \
  -H "Authorization: Bearer token"

应用 > 依赖关系
添加：
  - sn_hr_core (HR 核心)
  - sn_cmdb (CMDB)

在代码中检查依赖关系

// 检查插件是否激活
if (GlidePluginManager.isActive("com.snc.hr.core")) {
  // HR 核心可用
  var hrCase = new sn_hr_core.hr_case()
}

发布前检查清单

□ 所有表都有适当的 ACL
□ 没有硬编码的 sys_id
□ 没有硬编码的实例 URL
□ 所有依赖关系已声明
□ 属性有默认值
□ 文档完整
□ 测试用例通过
□ 没有全局范围修改
□ 更新集在干净实例上测试过

主版本.次版本.修订版本
1.0.0 - 初始发布
1.1.0 - 新增功能
1.1.1 - 错误修复
2.0.0 - 重大变更

错误	问题	解决方案
全局修改	无法干净部署	将更改保持在范围内
硬编码 sys_id	在其他实例上失败	使用属性或查找
缺少 ACL	安全漏洞	为所有表创建 ACL
没有错误处理	静默失败	添加 try/catch，日志记录
直接访问全局表	升级冲突	使用引用，而非副本

单一职责 - 每个业务功能一个应用
显式依赖 - 声明所有需求
属性驱动 - 无需代码更改即可配置
防御性编码 - 操作前检查访问权限
文档 - 包含 README，发布说明
测试 - 关键功能的自动化测试
版本控制 - 更新的语义化版本控制

🇺🇸English

Scoped Application Development for ServiceNow

Scoped applications provide isolation and portability for custom development in ServiceNow.

Why Use Scoped Apps?

Feature	Global Scope	Scoped App
Naming conflicts	Possible	Prevented (x_prefix)
Portability	Difficult	Easy (Update Sets)
Security	Open	Controlled (Cross-scope)
Store publishing	No	Yes
Dependencies	Implicit	Explicit

Creating a Scoped Application

Via Studio (Recommended)

1. Navigate: System Applications > Studio
2. Click: Create Application
3. Enter:
   - Name: "My Custom App"
   - Scope: "x_mycom_myapp" (auto-generated)
   - Version: 1.0.0
4. Configure:
   - Runtime access: Check tables needing cross-scope access

Via MCP

snow_create_application({
  name: "My Custom Application",
  scope: "x_mycom_custom",
  version: "1.0.0",
  description: "Custom application for...",
})

Scope Naming Convention

x_[vendor]_[app]

Examples:
- x_acme_hr          (ACME Corp HR App)
- x_mycom_inventory  (My Company Inventory)
- x_snc_global       (ServiceNow Global)

Table Naming

// Scoped tables are automatically prefixed
// Table name in Studio: "task_tracker"
// Actual table name: "x_mycom_myapp_task_tracker"

// Creating records
var gr = new GlideRecord("x_mycom_myapp_task_tracker")
gr.initialize()
gr.setValue("name", "My Task")
gr.insert()

Script Include in Scoped App

var TaskManager = Class.create()
TaskManager.prototype = {
  initialize: function () {
    this.tableName = "x_mycom_myapp_task_tracker"
  },

  createTask: function (name, description) {
    var gr = new GlideRecord(this.tableName)
    gr.initialize()
    gr.setValue("name", name)
    gr.setValue("description", description)
    return gr.insert()
  },

  // Mark as accessible from other scopes
  // Requires: "Accessible from: All application scopes"
  getTask: function (sysId) {
    var gr = new GlideRecord(this.tableName)
    if (gr.get(sysId)) {
      return {
        name: gr.getValue("name"),
        description: gr.getValue("description"),
      }
    }
    return null
  },

  type: "TaskManager",
}

Cross-Scope Access

Calling Other Scope's Script Include

// From scope: x_mycom_otherapp
// Calling: x_mycom_myapp.TaskManager

// Option 1: Direct call (if accessible)
var tm = new x_mycom_myapp.TaskManager()
var task = tm.getTask(sysId)

// Option 2: GlideScopedEvaluator
var evaluator = new GlideScopedEvaluator()
evaluator.putVariable("sysId", sysId)
var result = evaluator.evaluateScript("x_mycom_myapp", "new TaskManager().getTask(sysId)")

Accessing Other Scope's Tables

// Check if cross-scope access is allowed
var gr = new GlideRecord("x_other_app_table")
if (!gr.isValid()) {
  gs.error("No access to x_other_app_table")
  return
}

// If accessible, query normally
gr.addQuery("active", true)
gr.query()

Application Properties

Define Properties

// In Application > Properties
// Name: x_mycom_myapp.default_priority
// Value: 3
// Type: string

// In Application > Modules
// Create "Properties" module pointing to:
// /sys_properties_list.do?sysparm_query=name=x_mycom_myapp

Use Properties

// Get property value
var defaultPriority = gs.getProperty("x_mycom_myapp.default_priority", "3")

// Set property value (requires admin)
gs.setProperty("x_mycom_myapp.default_priority", "2")

Application Files Structure

x_mycom_myapp/
├── Tables
│   ├── x_mycom_myapp_task
│   └── x_mycom_myapp_config
├── Script Includes
│   ├── TaskManager
│   └── ConfigUtils
├── Business Rules
│   └── Validate Task
├── UI Pages
│   └── task_dashboard
├── REST API
│   └── Task API
├── Scheduled Jobs
│   └── Daily Cleanup
└── Application Properties
    ├── default_priority
    └── enable_notifications

REST API in Scoped App

Define Scripted REST API

// Resource: /api/x_mycom_myapp/tasks
// HTTP Method: GET

;(function process(request, response) {
  var tasks = []
  var gr = new GlideRecord("x_mycom_myapp_task_tracker")
  gr.addQuery("active", true)
  gr.query()

  while (gr.next()) {
    tasks.push({
      sys_id: gr.getUniqueValue(),
      name: gr.getValue("name"),
      status: gr.getValue("status"),
    })
  }

  response.setBody({
    result: tasks,
    count: tasks.length,
  })
})(request, response)

Calling the API

curl -X GET \
  "https://instance.service-now.com/api/x_mycom_myapp/tasks" \
  -H "Authorization: Bearer token"

Application Dependencies

Declare Dependencies

Application > Dependencies
Add:
  - sn_hr_core (HR Core)
  - sn_cmdb (CMDB)

Check Dependencies in Code

// Check if plugin is active
if (GlidePluginManager.isActive("com.snc.hr.core")) {
  // HR Core is available
  var hrCase = new sn_hr_core.hr_case()
}

Publishing to Store

Checklist Before Publishing

□ All tables have proper ACLs
□ No hard-coded sys_ids
□ No hard-coded instance URLs
□ All dependencies declared
□ Properties have default values
□ Documentation complete
□ Test cases pass
□ No global scope modifications
□ Update Set tested on clean instance

Version Management

Major.Minor.Patch
1.0.0 - Initial release
1.1.0 - New feature added
1.1.1 - Bug fix
2.0.0 - Breaking change

Common Mistakes

Mistake	Problem	Solution
Global modifications	Won't deploy cleanly	Keep changes in scope
Hard-coded sys_ids	Fails on other instances	Use properties or lookups
Missing ACLs	Security vulnerabilities	Create ACLs for all tables
No error handling	Silent failures	Add try/catch, logging
Accessing global tables directly	Upgrade conflicts	Use references, not copies

Best Practices

Single Responsibility - One app per business function
Explicit Dependencies - Declare all requirements
Property-Driven - Configurable without code changes
Defensive Coding - Check access before operations
Documentation - Include README, release notes
Testing - Automated tests for critical functions
Versioning - Semantic versioning for updates

Weekly Installs

Repository

groeimetai/snow-flow

GitHub Stars

First Seen

Jan 22, 2026

Security Audits

Gen Agent Trust HubPass SocketPass SnykPass

Installed on

claude-code46

github-copilot44

gemini-cli44

opencode44

codex44

cursor43

Wix CLI 编排器指南：选择正确的扩展类型与自动化开发流程

281 周安装