npm - coderail-watch - Versions diffs - 0.1.7 → 0.1.11 - Mend

coderail-watch 0.1.7 → 0.1.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/bin/coderail-watch.js CHANGED Viewed

@@ -2,17 +2,41 @@
 "use strict";
 const fs = require("fs");
+const path = require("path");
 const readline = require("readline");
-const DEFAULT_BASE_URL = "http://localhost:8000";
+const DEFAULT_BASE_URL = "https://api.dev-coderail.local";
 const ENV_BASE_URLS = {
-  local: "http://localhost:8000",
+  local: "https://api.dev-coderail.local",
   staging: "https://ai-tutor-backend-stg-673992211852.asia-northeast1.run.app",
   production: "https://api.coderail.local",
 };
 const DEFAULT_RETRY_WAIT_MS = 2000;
+const DEFAULT_LOG_BATCH_MS = 300;
+const DEFAULT_LOG_BATCH_MAX_LINES = 50;
 const ALERT_PREFIX = "[[CODERAIL_ERROR]] ";
 const ERROR_PATTERN = /(^|[\s:])(?:error|exception|traceback|panic|fatal)(?=[\s:])/i;
+const DEFAULT_PROJECT_TREE_MAX_FILES = 1000;
+const DEFAULT_PROJECT_TREE_MAX_BYTES = 4096;
+const PROJECT_TREE_EXTENSIONS = new Set([".py", ".js"]);
+const OPENAI_CHAT_API_URL = "https://api.openai.com/v1/chat/completions";
+const DEFAULT_OPENAI_MODEL = "gpt-4o-mini";
+const DEFAULT_SNAPSHOT_EXCLUDES = new Set([
+  ".git",
+  "node_modules",
+  ".venv",
+  "venv",
+  ".next",
+  "dist",
+  "build",
+  "tests",
+]);
+const DEFAULT_SNAPSHOT_EXCLUDE_PREFIXES = new Set([
+  "frontend/.next",
+  "backend/.venv",
+  "backend/.pytest_cache",
+]);
+const SNAPSHOT_EXCLUDE_PREFIXES = Array.from(DEFAULT_SNAPSHOT_EXCLUDE_PREFIXES);
 const isErrorLine = (line) => ERROR_PATTERN.test(line);
@@ -33,7 +57,21 @@ const parseArgs = (argv) => {
   return args;
 };
-const log = (message) => {
+const LOG_LEVELS = {
+  error: 0,
+  warn: 1,
+  info: 2,
+  debug: 3,
+};
+let currentLogLevel = LOG_LEVELS.warn;
+const shouldLog = (level) => {
+  const resolved = LOG_LEVELS[level] ?? LOG_LEVELS.info;
+  return currentLogLevel >= resolved;
+};
+const log = (message, level = "info") => {
+  if (!shouldLog(level)) return;
   process.stderr.write(`[coderail-watch] ${message}\n`);
 };
@@ -44,18 +82,28 @@ if (!WebSocketImpl) {
   } catch (error) {
     log(
       "Missing dependency 'ws'. Run `cd tools/coderail-watch && npm install` or use the published package via `npx coderail-watch@latest ...`.",
+      "error",
     );
     process.exit(1);
   }
 }
 const WebSocket = WebSocketImpl;
-const buildWsUrl = (baseUrl, sessionId, projectKey, token) => {
+const normalizeHttpBaseUrl = (baseUrl) => {
   let normalized = baseUrl.trim();
   if (!normalized.startsWith("http://") && !normalized.startsWith("https://")) {
     normalized = `http://${normalized}`;
   }
-  const url = new URL(normalized);
+  return normalized;
+};
+const normalizeBaseHttpUrl = (baseUrl) => {
+  const normalized = normalizeHttpBaseUrl(baseUrl);
+  return normalized.replace(/\/$/, "");
+};
+const buildWsUrl = (baseUrl, sessionId, projectKey, token, flowId) => {
+  const url = new URL(normalizeHttpBaseUrl(baseUrl));
   const wsProtocol = url.protocol === "https:" ? "wss:" : "ws:";
   url.protocol = wsProtocol;
   url.pathname = `${url.pathname.replace(/\/$/, "")}/api/v1/terminal_watch/ws`;
@@ -65,38 +113,296 @@ const buildWsUrl = (baseUrl, sessionId, projectKey, token) => {
   if (token) {
     url.searchParams.set("token", token);
   }
+  if (flowId) {
+    url.searchParams.set("flow_id", flowId);
+  }
   return url.toString();
 };
+const normalizeBoolArg = (value, defaultValue) => {
+  if (value === undefined) return defaultValue;
+  return value !== "false";
+};
+const normalizeTrueArg = (value) => value === "true";
+const normalizeIntArg = (value, fallback, minValue) => {
+  const parsed = Number(value);
+  if (!Number.isFinite(parsed) || parsed < minValue) return fallback;
+  return Math.floor(parsed);
+};
+const resolveBaseUrl = (args) => {
+  const env = args["env"];
+  if (env && !ENV_BASE_URLS[env]) {
+    throw new Error(
+      `Unknown env '${env}'. Use one of: ${Object.keys(ENV_BASE_URLS).join(", ")}`,
+    );
+  }
+  return (
+    args["base-url"] ||
+    (env ? ENV_BASE_URLS[env] : null) ||
+    DEFAULT_BASE_URL
+  );
+  return normalizeHttpBaseUrl(rawBaseUrl);
+};
+const isExcludedPath = (relPath, entryName, excludes) => {
+  if (!relPath) return true;
+  if (excludes.has(entryName)) return true;
+  if (entryName.startsWith(".")) return true;
+  if (DEFAULT_SNAPSHOT_EXCLUDE_PREFIXES.has(relPath)) return true;
+  if (SNAPSHOT_EXCLUDE_PREFIXES.some((prefix) => relPath.startsWith(`${prefix}/`))) {
+    return true;
+  }
+  return false;
+};
+const collectSnapshotPaths = (rootDir, excludes) => {
+  const results = [];
+  const queue = [rootDir];
+  while (queue.length) {
+    const current = queue.pop();
+    if (!current) continue;
+    let entries = [];
+    try {
+      entries = fs.readdirSync(current, { withFileTypes: true });
+    } catch (error) {
+      log(`snapshot read failed: ${current} (${error})`, "warn");
+      continue;
+    }
+    for (const entry of entries) {
+      const fullPath = path.join(current, entry.name);
+      const relPath = path.relative(rootDir, fullPath).replace(/\\/g, "/");
+      if (isExcludedPath(relPath, entry.name, excludes)) continue;
+      if (entry.isSymbolicLink && entry.isSymbolicLink()) continue;
+      if (entry.isDirectory()) {
+        queue.push(fullPath);
+        continue;
+      }
+      if (entry.isFile()) {
+        const ext = path.extname(entry.name).toLowerCase();
+        if (PROJECT_TREE_EXTENSIONS.has(ext)) {
+          results.push(relPath);
+        }
+      }
+    }
+  }
+  return results.sort();
+};
+const extractApiEndpointItems = (jsonText) => {
+  if (!jsonText) return [];
+  let parsed = null;
+  try {
+    parsed = JSON.parse(jsonText);
+  } catch (error) {
+    return [];
+  }
+  const raw = Array.isArray(parsed) ? parsed : parsed?.endpoints;
+  if (!Array.isArray(raw)) return [];
+  const endpoints = [];
+  for (const item of raw) {
+    if (typeof item === "string") {
+      const trimmed = item.trim();
+      if (trimmed) endpoints.push(trimmed);
+      continue;
+    }
+    if (!item || typeof item !== "object") continue;
+    const method = String(item.method || "").trim().toUpperCase();
+    const pathValue = String(item.path || "").trim();
+    if (!pathValue) continue;
+    endpoints.push(method ? `${method} ${pathValue}` : pathValue);
+  }
+  return endpoints;
+};
+const isBinaryBuffer = (buffer) => buffer.includes(0);
+const buildProjectTreeLines = (
+  rootDir,
+  excludes,
+  maxFiles,
+  includeContents,
+  maxBytes,
+) => {
+  const paths = collectSnapshotPaths(rootDir, excludes);
+  const limited = paths.slice(0, maxFiles);
+  const lines = [
+    "[project-tree] listing files",
+    `[project-tree] root=${rootDir}`,
+    `[project-tree] total=${paths.length} shown=${limited.length}`,
+  ];
+  for (const relPath of limited) {
+    lines.push(`- ${relPath}`);
+    if (!includeContents) {
+      continue;
+    }
+    const fullPath = path.join(rootDir, relPath);
+    let content = "";
+    try {
+      const buffer = fs.readFileSync(fullPath);
+      if (isBinaryBuffer(buffer)) {
+        lines.push(`(binary skipped) ${relPath}`);
+        continue;
+      }
+      content = buffer.toString("utf8");
+    } catch (error) {
+      lines.push(`(read failed) ${relPath}: ${error}`);
+      continue;
+    }
+    if (!content) {
+      lines.push(`(empty) ${relPath}`);
+      continue;
+    }
+    const slice = content.slice(0, maxBytes);
+    lines.push(`----- ${relPath} (first ${slice.length} chars) -----`);
+    lines.push(slice);
+    if (content.length > maxBytes) {
+      lines.push(`----- ${relPath} (truncated) -----`);
+    }
+  }
+  if (paths.length > limited.length) {
+    lines.push(`[project-tree] truncated: ${paths.length - limited.length} more`);
+  }
+  return lines;
+};
 const args = parseArgs(process.argv.slice(2));
 const sessionId = args["session-id"];
 const projectKey = args["project-key"];
-const env = args["env"];
-const baseUrl =
-  args["base-url"] ||
-  (env && ENV_BASE_URLS[env] ? ENV_BASE_URLS[env] : DEFAULT_BASE_URL);
+let baseUrl = "";
+try {
+  baseUrl = resolveBaseUrl(args);
+} catch (error) {
+  log(error.message || String(error), "error");
+  process.exit(1);
+}
 const token = args["token"];
-const retryWaitMs = Number(args["retry-wait"] || DEFAULT_RETRY_WAIT_MS);
+const retryWaitMs = normalizeIntArg(
+  args["retry-wait"],
+  DEFAULT_RETRY_WAIT_MS,
+  0,
+);
+const logBatchMs = normalizeIntArg(
+  args["log-batch-ms"],
+  DEFAULT_LOG_BATCH_MS,
+  0,
+);
+const logBatchMaxLines = normalizeIntArg(
+  args["log-batch-lines"],
+  DEFAULT_LOG_BATCH_MAX_LINES,
+  1,
+);
 const logPath = args["log-path"];
+const projectRoot = path.resolve(args["project-root"] || process.cwd());
+const sendProjectTree = normalizeBoolArg(args["project-tree"], true);
+const includeProjectTreeContents = normalizeTrueArg(
+  args["project-tree-contents"],
+);
+const projectTreeMaxFiles = normalizeIntArg(
+  args["project-tree-max-files"],
+  DEFAULT_PROJECT_TREE_MAX_FILES,
+  1,
+);
+const projectTreeMaxBytes = normalizeIntArg(
+  args["project-tree-max-bytes"],
+  DEFAULT_PROJECT_TREE_MAX_BYTES,
+  1,
+);
+const runMode = args["mode"] || "default";
+const enableApiCheck = true;
+const enableScreenCheck = normalizeBoolArg(args["screen-check"], true);
+const dotenvPath = args["env-file"] || path.join(projectRoot, ".env");
+const loadEnvFile = (filePath) => {
+  try {
+    const raw = fs.readFileSync(filePath, "utf8");
+    const entries = {};
+    raw.split(/\r?\n/).forEach((line) => {
+      const trimmed = line.trim();
+      if (!trimmed || trimmed.startsWith("#")) return;
+      const idx = trimmed.indexOf("=");
+      if (idx <= 0) return;
+      const key = trimmed.slice(0, idx).trim();
+      let value = trimmed.slice(idx + 1).trim();
+      if (
+        (value.startsWith('"') && value.endsWith('"')) ||
+        (value.startsWith("'") && value.endsWith("'"))
+      ) {
+        value = value.slice(1, -1);
+      }
+      entries[key] = value;
+    });
+    return entries;
+  } catch (error) {
+    return {};
+  }
+};
+const envFromFile = loadEnvFile(dotenvPath);
+const openaiApiKey =
+  args["openai-api-key"] ||
+  process.env.OPENAI_API_KEY ||
+  envFromFile.OPENAI_API_KEY ||
+  "";
+const openaiModel =
+  args["openai-model"] ||
+  process.env.OPENAI_MODEL ||
+  envFromFile.OPENAI_MODEL ||
+  DEFAULT_OPENAI_MODEL;
+const isNumericProjectKey = /^[0-9]+$/.test(projectKey);
+const apiEndpointUrl = isNumericProjectKey
+  ? `${baseUrl.replace(/\/$/, "")}/api/v1/projects/${encodeURIComponent(
+      projectKey,
+    )}/api_endpoint_list`
+  : `${baseUrl.replace(/\/$/, "")}/api/v1/projects/by_public/${encodeURIComponent(
+      projectKey,
+    )}/api_endpoint_list`;
+const screenListUrl = isNumericProjectKey
+  ? `${baseUrl.replace(/\/$/, "")}/api/v1/projects/${encodeURIComponent(
+      projectKey,
+    )}/screen_list`
+  : `${baseUrl.replace(/\/$/, "")}/api/v1/projects/by_public/${encodeURIComponent(
+      projectKey,
+    )}/screen_list`;
+let apiEndpointCandidatesCached = [];
+let screenCandidatesCached = [];
+const toScreenName = (item) =>
+  typeof item === "object" && item !== null ? item.name || JSON.stringify(item) : String(item);
+let apiEndpointFetchStatus = "unknown";
+let apiEndpointFetchDetail = "";
+let screenListFetchStatus = "unknown";
+let screenListFetchDetail = "";
 if (!sessionId || !projectKey) {
-  log("Missing required args: --session-id and --project-key");
+  log("Missing required args: --session-id and --project-key", "error");
   process.exit(1);
 }
-if (env && !ENV_BASE_URLS[env]) {
-  log(
-    `Unknown env '${env}'. Use one of: ${Object.keys(ENV_BASE_URLS).join(", ")}`,
-  );
-  process.exit(1);
+const requestedLogLevel = String(
+  args["log-level"] || args["loglevel"] || "",
+).toLowerCase();
+if (requestedLogLevel in LOG_LEVELS) {
+  currentLogLevel = LOG_LEVELS[requestedLogLevel];
+}
+if (args["quiet"] === "true") {
+  currentLogLevel = -1;
+}
+// --mode security はデフォルトで info レベル以上を表示
+if (runMode === "security" && !requestedLogLevel && args["quiet"] !== "true") {
+  currentLogLevel = LOG_LEVELS.info;
 }
-const wsUrl = buildWsUrl(baseUrl, sessionId, projectKey, token);
+const MODE_FLOW_IDS = { security: "security_check" };
+const resolvedFlowId = args["flow-id"] || MODE_FLOW_IDS[runMode] || null;
+const wsUrl = buildWsUrl(baseUrl, sessionId, projectKey, token, resolvedFlowId);
 let socket = null;
 let isOpen = false;
 const queue = [];
+const logBuffer = [];
+let logFlushTimer = null;
 let retryCount = 0;
 let lastErrorMessage = "";
+let apiCheckInFlight = false;
 const attachHandler = (target, event, handler) => {
   if (typeof target.on === "function") {
@@ -116,22 +422,89 @@ const isSocketOpen = () => {
   return isOpen;
 };
+const CONNECT_TIMEOUT_MS = 10000;
 const connect = () => {
   retryCount += 1;
-  log(`connecting (#${retryCount})...`);
+  const attempt = retryCount;
+  log(`connecting to ${wsUrl} (#${attempt})...`, "warn");
   try {
-    socket = new WebSocket(wsUrl);
+    const wsOptions = wsUrl.startsWith("wss://")
+      ? { rejectUnauthorized: false }
+      : undefined;
+    socket = new WebSocket(wsUrl, wsOptions);
   } catch (error) {
     lastErrorMessage = String(error);
-    log(`connect failed: ${lastErrorMessage}`);
+    log(`connect failed: ${lastErrorMessage}`, "error");
     setTimeout(connect, retryWaitMs);
     return;
   }
+  // 接続タイムアウト検知
+  const connectTimer = setTimeout(() => {
+    if (socket && !isOpen) {
+      log(`connection timeout (${CONNECT_TIMEOUT_MS}ms). 接続先を確認してください: ${wsUrl}`, "error");
+      try { socket.close(); } catch (_e) { /* ignore */ }
+    }
+  }, CONNECT_TIMEOUT_MS);
   attachHandler(socket, "open", () => {
+    clearTimeout(connectTimer);
     isOpen = true;
     retryCount = 0;
-    log(`connected: ${wsUrl}`);
+    log(`connected: ${wsUrl}`, "warn");
+    // --mode security: run security check only, then exit
+    if (runMode === "security") {
+      void (async () => {
+        try {
+          const result = await triggerSecurityCheck("mode:security");
+          flushLogBuffer();
+          // Send done summary as code-analysis done for backend pipeline
+          sendCodeAnalysisLine(`done ${JSON.stringify({
+            api_missing_count: 0, api_missing_items: [],
+            api_implemented_count: 0, api_implemented_items: [],
+            screen_missing_count: 0, screen_missing_items: [],
+            screen_implemented_count: 0, screen_implemented_items: [],
+            ...result,
+          })}`);
+          flushLogBuffer();
+          // Give time for send to complete
+          setTimeout(() => {
+            log("security mode complete, exiting.", "warn");
+            if (socket) socket.close();
+            process.exit(0);
+          }, 500);
+        } catch (error) {
+          log(`security mode error: ${error}`, "error");
+          process.exit(1);
+        }
+      })();
+      return;
+    }
+    if (sendProjectTree) {
+      emitProjectTree();
+    }
+    if (enableApiCheck) {
+      void (async () => {
+        if (!apiEndpointCandidatesCached.length) {
+          await fetchApiEndpointList();
+        }
+        logApiCheckStatus();
+        if (apiEndpointCandidatesCached.length) {
+          await runApiCheck();
+        }
+      })();
+    }
+    if (enableScreenCheck) {
+      void (async () => {
+        if (!screenCandidatesCached.length) {
+          await fetchScreenList();
+        }
+        logScreenCheckStatus();
+      })();
+    }
     while (queue.length) {
       const payload = queue.shift();
       if (!isSocketOpen()) {
@@ -147,7 +520,52 @@ const connect = () => {
     }
   });
+  attachHandler(socket, "message", (event) => {
+    const raw =
+      event && typeof event === "object" && "data" in event ? event.data : event;
+    if (!raw) return;
+    const text =
+      typeof raw === "string"
+        ? raw
+        : typeof raw.toString === "function"
+          ? raw.toString()
+          : "";
+    if (!text || !text.trim().startsWith("{")) return;
+    let payload = null;
+    try {
+      payload = JSON.parse(text);
+    } catch (error) {
+      return;
+    }
+    if (!payload || typeof payload !== "object") return;
+    if (payload.type !== "control") return;
+    log(`[control] received action=${payload.action}`, "info");
+    if (payload.action === "api_check") {
+      log("[control] triggering api_check", "info");
+      void triggerApiCheck("control");
+      return;
+    }
+    if (payload.action === "code_analysis") {
+      const role = payload.role || null;
+      log(`[control] triggering code_analysis role=${role}`, "info");
+      void triggerCodeAnalysis("control", role);
+      return;
+    }
+    if (payload.action === "screen_check") {
+      if (enableScreenCheck) {
+        void triggerScreenCheck("control");
+      } else {
+        sendScreenCheckLine("screen check disabled; skipping.");
+      }
+    }
+    if (payload.action === "security_check") {
+      log("[control] triggering security_check", "info");
+      void triggerSecurityCheck("control");
+    }
+  });
   attachHandler(socket, "close", (event) => {
+    clearTimeout(connectTimer);
     isOpen = false;
     const code =
       event && typeof event === "object" && "code" in event ? event.code : null;
@@ -155,13 +573,23 @@ const connect = () => {
       event && typeof event === "object" && "reason" in event
         ? event.reason
         : "";
-    const detail = [code ? `code=${code}` : null, reason || null]
+    const reasonStr = reason ? String(reason) : "";
+    const detail = [code ? `code=${code}` : null, reasonStr || null]
       .filter(Boolean)
       .join(" ");
+    if (code === 1008) {
+      const hint = reasonStr === "project_key_mismatch"
+        ? "同じ session_id で別の project_key が既に登録されています。バックエンドサーバーを再起動してください。"
+        : reasonStr
+          ? `サーバーが接続を拒否しました: ${reasonStr}`
+          : "サーバーが接続を拒否しました (code=1008)。session_id / project_key を確認してください。";
+      log(`error: ${hint}`, "error");
+    }
     log(
       `disconnected; retrying in ${retryWaitMs}ms${
         detail ? ` (${detail})` : ""
       }`,
+      "warn",
     );
     setTimeout(connect, retryWaitMs);
   });
@@ -172,7 +600,7 @@ const connect = () => {
         ? error.message
         : String(error);
     lastErrorMessage = message;
-    log(`error: ${message}`);
+    log(`error: ${message}`, "warn");
   });
 };
@@ -196,13 +624,96 @@ const enqueueOrSend = (payload) => {
   queue.push(payload);
 };
-const handleLine = (line) => {
+const flushLogBuffer = () => {
+  if (logFlushTimer) {
+    clearTimeout(logFlushTimer);
+    logFlushTimer = null;
+  }
+  if (!logBuffer.length) return;
+  const lines = logBuffer.splice(0, logBuffer.length);
   const payload = JSON.stringify({
     type: "log",
-    content: line,
+    content: lines.join("\n"),
     timestamp: new Date().toISOString(),
   });
   enqueueOrSend(payload);
+};
+const enqueueLogLine = (line) => {
+  if (!line) return;
+  logBuffer.push(line);
+  if (logBatchMs === 0 || logBuffer.length >= logBatchMaxLines) {
+    flushLogBuffer();
+    return;
+  }
+  if (!logFlushTimer) {
+    logFlushTimer = setTimeout(flushLogBuffer, logBatchMs);
+  }
+};
+const sendLogLine = (line) => {
+  enqueueLogLine(line);
+};
+const sendApiCheckLine = (line) => {
+  const tagged = `[api-check] ${line}`;
+  log(tagged, "debug");
+  sendLogLine(tagged);
+};
+const sendCodeAnalysisLine = (line) => {
+  const tagged = `[code-analysis] ${line}`;
+  log(tagged, "info");
+  sendLogLine(tagged);
+};
+const sendScreenCheckLine = (line) => {
+  const tagged = `[screen-check] ${line}`;
+  log(tagged, "debug");
+  sendLogLine(tagged);
+};
+const sendSecurityCheckLine = (line) => {
+  const tagged = `[security-check] ${line}`;
+  log(tagged, "info");
+  sendLogLine(tagged);
+};
+const logApiCheckStatus = () => {
+  const maskedKey = openaiApiKey ? `${openaiApiKey.slice(0, 6)}...` : "";
+  const statusLabel =
+    apiEndpointFetchStatus === "error"
+      ? `NG(fetch_failed${apiEndpointFetchDetail ? `: ${apiEndpointFetchDetail}` : ""})`
+      : apiEndpointFetchStatus === "ok_empty"
+        ? "NG(empty)"
+        : apiEndpointCandidatesCached.length
+          ? "OK"
+          : "NG(unknown)";
+  sendApiCheckLine(
+    `必須チェック: api_endpoint_list=${statusLabel} openai_api_key=${
+      openaiApiKey ? "OK" : "NG"
+    } ${
+      maskedKey ? `(${maskedKey})` : ""
+    } openai_model=${openaiModel ? "OK" : "NG"}`,
+  );
+};
+const logScreenCheckStatus = () => {
+  const statusLabel =
+    screenListFetchStatus === "error"
+      ? `NG(fetch_failed${screenListFetchDetail ? `: ${screenListFetchDetail}` : ""})`
+      : screenListFetchStatus === "ok_empty"
+        ? "NG(empty)"
+        : screenCandidatesCached.length
+          ? "OK"
+          : "NG(unknown)";
+  sendScreenCheckLine(
+    `必須チェック: screen_list=${statusLabel}`,
+  );
+};
+const handleLine = (line) => {
+  sendLogLine(line);
   if (isErrorLine(line)) {
     const alertPayload = JSON.stringify({
       type: "alert",
@@ -213,6 +724,667 @@ const handleLine = (line) => {
   }
 };
+const emitProjectTree = () => {
+  const lines = buildProjectTreeLines(
+    projectRoot,
+    DEFAULT_SNAPSHOT_EXCLUDES,
+    projectTreeMaxFiles,
+    includeProjectTreeContents,
+    projectTreeMaxBytes,
+  );
+  lines.forEach((line) => {
+    log(line, "debug");
+    sendLogLine(line);
+  });
+};
+process.on("SIGINT", () => {
+  flushLogBuffer();
+  process.exit(0);
+});
+process.on("SIGTERM", () => {
+  flushLogBuffer();
+  process.exit(0);
+});
+const buildApiCheckPrompt = (endpoints, treeLines) => {
+  return [
+    "You are a senior backend engineer. Determine which API endpoints are NOT implemented in the codebase.",
+    "Use the file tree (and optional file excerpts) to infer whether each endpoint is implemented.",
+    "If unsure, mark as 'unknown'.",
+    "Return JSON only: {\"missing\": [{\"endpoint\": \"METHOD /path\", \"reason\": \"...\", \"confidence\": 0-1}], \"unknown\": [\"METHOD /path\"], \"implemented\": [\"METHOD /path\"]}",
+    "",
+    "API endpoints:",
+    ...endpoints.map((item) => `- ${item}`),
+    "",
+    "Project files:",
+    ...treeLines,
+  ].join("\n");
+};
+const collectTreeForApiCheck = () => {
+  return buildProjectTreeLines(
+    projectRoot,
+    DEFAULT_SNAPSHOT_EXCLUDES,
+    projectTreeMaxFiles,
+    includeProjectTreeContents,
+    projectTreeMaxBytes,
+  );
+};
+const runApiCheck = async () => {
+  const allMissingResult = () => {
+    const items = apiEndpointCandidatesCached.map(String);
+    return { api_missing_count: items.length, api_missing_items: items, api_implemented_count: 0, api_implemented_items: [] };
+  };
+  if (!enableApiCheck) return allMissingResult();
+  if (!apiEndpointCandidatesCached.length) {
+    return { api_missing_count: 0, api_missing_items: [], api_implemented_count: 0, api_implemented_items: [] };
+  }
+  if (!openaiApiKey) {
+    sendApiCheckLine("OPENAI_API_KEY is not set; すべて未実装として扱います。");
+    return allMissingResult();
+  }
+  if (!openaiModel) {
+    sendApiCheckLine("OPENAI_MODEL is not set; すべて未実装として扱います。");
+    return allMissingResult();
+  }
+  if (typeof fetch !== "function") {
+    sendApiCheckLine("fetch is not available in this runtime; すべて未実装として扱います。");
+    return allMissingResult();
+  }
+  const treeLines = collectTreeForApiCheck();
+  const prompt = buildApiCheckPrompt(apiEndpointCandidatesCached, treeLines);
+  const payload = {
+    model: openaiModel,
+    messages: [
+      {
+        role: "system",
+        content:
+          "You return strictly valid JSON. Do not wrap in markdown or add commentary.",
+      },
+      { role: "user", content: prompt },
+    ],
+    temperature: 0.2,
+  };
+  let response = null;
+  try {
+    response = await fetch(OPENAI_CHAT_API_URL, {
+      method: "POST",
+      headers: {
+        Authorization: `Bearer ${openaiApiKey}`,
+        "Content-Type": "application/json",
+      },
+      body: JSON.stringify(payload),
+    });
+  } catch (error) {
+    sendApiCheckLine(`OpenAI request failed: ${error}`);
+    return allMissingResult();
+  }
+  if (!response.ok) {
+    const text = await response.text();
+    sendApiCheckLine(
+      `OpenAI request failed: ${response.status} ${response.statusText}`,
+    );
+    sendApiCheckLine(text.slice(0, 1000));
+    return allMissingResult();
+  }
+  let data = null;
+  try {
+    data = await response.json();
+  } catch (error) {
+    sendApiCheckLine(`OpenAI response parse failed: ${error}`);
+    return allMissingResult();
+  }
+  const content = data?.choices?.[0]?.message?.content?.trim();
+  if (!content) {
+    sendApiCheckLine("OpenAI response was empty.");
+    return allMissingResult();
+  }
+  try {
+    const parsed = JSON.parse(content);
+    const missing = Array.isArray(parsed?.missing) ? parsed.missing : [];
+    const unknown = Array.isArray(parsed?.unknown) ? parsed.unknown : [];
+    const implemented = Array.isArray(parsed?.implemented)
+      ? parsed.implemented
+      : [];
+    sendApiCheckLine(
+      `missing=${missing.length} unknown=${unknown.length} implemented=${implemented.length}`,
+    );
+    const missingItems = [];
+    missing.forEach((item) => {
+      if (item && typeof item === "object") {
+        const label = item.endpoint || "";
+        missingItems.push(label);
+        sendApiCheckLine(
+          `missing: ${label} (${item.reason || "no reason"})`,
+        );
+      } else {
+        missingItems.push(String(item));
+        sendApiCheckLine(`missing: ${String(item)}`);
+      }
+    });
+    const implementedItems = [];
+    unknown.forEach((item) => sendApiCheckLine(`unknown: ${String(item)}`));
+    implemented.forEach((item) => {
+      implementedItems.push(String(item));
+      sendApiCheckLine(`implemented: ${String(item)}`);
+    });
+    return {
+      api_missing_count: missing.length,
+      api_missing_items: missingItems,
+      api_implemented_count: implemented.length,
+      api_implemented_items: implementedItems,
+    };
+  } catch (error) {
+    sendApiCheckLine("OpenAI output was not valid JSON. Raw output:");
+    sendApiCheckLine(content.slice(0, 2000));
+    return allMissingResult();
+  }
+};
+const screenCheckUrl = `${normalizeBaseHttpUrl(baseUrl)}/api/v1/project_snapshot/check`;
+const runScreenCheck = async () => {
+  const allMissingResult = () => {
+    const items = screenCandidatesCached.map(toScreenName);
+    return { screen_missing_count: items.length, screen_missing_items: items, screen_implemented_count: 0, screen_implemented_items: [] };
+  };
+  if (!projectKey) {
+    sendScreenCheckLine("project_key is missing; すべて未実装として扱います。");
+    return allMissingResult();
+  }
+  if (typeof fetch !== "function") {
+    sendScreenCheckLine("fetch is not available in this runtime; すべて未実装として扱います。");
+    return allMissingResult();
+  }
+  const paths = collectSnapshotPaths(projectRoot, DEFAULT_SNAPSHOT_EXCLUDES).filter(
+    (item) => item.startsWith("frontend/"),
+  );
+  const limitedPaths = paths.slice(0, projectTreeMaxFiles);
+  if (!limitedPaths.length) {
+    sendScreenCheckLine("frontend/ 配下のファイルが見つからないため、すべて未実装として扱います。");
+    const allMissing = screenCandidatesCached.map(toScreenName);
+    allMissing.forEach((item) => sendScreenCheckLine(`missing: ${item}`));
+    return {
+      screen_missing_count: allMissing.length,
+      screen_missing_items: allMissing,
+      screen_implemented_count: 0,
+      screen_implemented_items: [],
+    };
+  }
+  const payload = {
+    projectPublicId: projectKey,
+    paths: limitedPaths,
+  };
+  let response = null;
+  try {
+    response = await fetch(screenCheckUrl, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify(payload),
+    });
+  } catch (error) {
+    sendScreenCheckLine(`screen check request failed: ${error}`);
+    return allMissingResult();
+  }
+  if (!response.ok) {
+    const text = await response.text();
+    sendScreenCheckLine(
+      `screen check failed: ${response.status} ${response.statusText}`,
+    );
+    sendScreenCheckLine(text.slice(0, 1000));
+    return allMissingResult();
+  }
+  let data = null;
+  try {
+    data = await response.json();
+  } catch (error) {
+    sendScreenCheckLine(`screen check response parse failed: ${error}`);
+    return allMissingResult();
+  }
+  const expected = screenCandidatesCached.length
+    ? screenCandidatesCached.map(toScreenName)
+    : (Array.isArray(data?.expectedScreens) ? data.expectedScreens : []);
+  const rawMissing = Array.isArray(data?.check?.missingScreens)
+    ? data.check.missingScreens
+    : [];
+  // expected をキャッシュに揃えたので、missing も expected に含まれるもののみに絞る
+  const expectedSet = new Set(expected.map(String));
+  const missing = rawMissing.filter((item) => expectedSet.has(String(item)));
+  const implemented = expected.filter((item) => !missing.includes(item));
+  sendScreenCheckLine(
+    `missing_screens=${missing.length} expected=${expected.length} implemented=${implemented.length}`,
+  );
+  missing.forEach((item) => sendScreenCheckLine(`missing: ${String(item)}`));
+  implemented.forEach((item) =>
+    sendScreenCheckLine(`implemented: ${String(item)}`),
+  );
+  if (data?.check?.notes) {
+    sendScreenCheckLine(`note: ${String(data.check.notes)}`);
+  }
+  return {
+    screen_missing_count: missing.length,
+    screen_missing_items: missing.map(String),
+    screen_implemented_count: implemented.length,
+    screen_implemented_items: implemented.map(String),
+  };
+};
+const triggerApiCheck = async (reason) => {
+  const emptyResult = { api_missing_count: 0, api_missing_items: [], api_implemented_count: 0, api_implemented_items: [] };
+  if (apiCheckInFlight) return emptyResult;
+  apiCheckInFlight = true;
+  try {
+    sendApiCheckLine(`api-check start (${reason})`);
+    if (!apiEndpointCandidatesCached.length) {
+      await fetchApiEndpointList();
+    }
+    logApiCheckStatus();
+    if (!apiEndpointCandidatesCached.length) {
+      sendApiCheckLine("api_endpoint_list is empty; skipping api-check.");
+      return emptyResult;
+    }
+    return await runApiCheck();
+  } finally {
+    apiCheckInFlight = false;
+  }
+};
+const triggerScreenCheck = async (reason) => {
+  const emptyResult = { screen_missing_count: 0, screen_missing_items: [], screen_implemented_count: 0, screen_implemented_items: [] };
+  try {
+    sendScreenCheckLine(`screen-check start (${reason})`);
+    if (!screenCandidatesCached.length) {
+      await fetchScreenList();
+    }
+    logScreenCheckStatus();
+    if (!screenCandidatesCached.length) {
+      sendScreenCheckLine("screen_list is empty; skipping screen-check.");
+      return emptyResult;
+    }
+    return await runScreenCheck();
+  } catch (error) {
+    sendScreenCheckLine(`screen-check failed: ${error}`);
+    return emptyResult;
+  }
+};
+// ---------------------------------------------------------------------------
+// Security Check (static regex-based)
+// ---------------------------------------------------------------------------
+const SECURITY_RULES = [
+  {
+    id: "raw_sql",
+    label: "SQLインジェクション",
+    pattern: /(?:execute\s*\(\s*f["']|\.raw\s*\(|cursor\.execute\s*\(\s*f["'])/,
+    extensions: new Set([".py", ".js", ".ts"]),
+  },
+  {
+    id: "xss",
+    label: "XSS",
+    pattern: /(?:dangerouslySetInnerHTML|v-html)/,
+    extensions: new Set([".js", ".jsx", ".ts", ".tsx", ".vue"]),
+  },
+  {
+    id: "hardcoded_secrets",
+    label: "秘密情報ハードコード",
+    pattern: /(?:api_key|apikey|secret_key|password|aws_secret)\s*=\s*["'][^"']{4,}["']/i,
+    extensions: new Set([".py", ".js", ".ts", ".env", ".yaml", ".yml", ".json"]),
+  },
+  {
+    id: "stack_trace_leak",
+    label: "スタックトレース漏洩",
+    pattern: /(?:traceback\.format_exc|import\s+traceback)/,
+    extensions: new Set([".py"]),
+  },
+  {
+    id: "log_secrets",
+    label: "ログ秘密情報",
+    pattern: /(?:logger\.\w+.*(?:password|token|secret)|print\s*\(.*(?:password|token|secret))/i,
+    extensions: new Set([".py", ".js", ".ts"]),
+  },
+  {
+    id: "cors_wildcard",
+    label: "CORSワイルドカード",
+    pattern: /allow_origins\s*=\s*\[\s*["']\*["']\s*\]/,
+    extensions: new Set([".py"]),
+  },
+];
+const SECURITY_EXTENSIONS = new Set([".py", ".js", ".jsx", ".ts", ".tsx", ".vue", ".yaml", ".yml", ".json"]);
+const collectSecurityTargetPaths = (rootDir, excludes) => {
+  const results = [];
+  const queue = [rootDir];
+  while (queue.length) {
+    const current = queue.pop();
+    if (!current) continue;
+    let entries = [];
+    try {
+      entries = fs.readdirSync(current, { withFileTypes: true });
+    } catch (error) {
+      continue;
+    }
+    for (const entry of entries) {
+      const fullPath = path.join(current, entry.name);
+      const relPath = path.relative(rootDir, fullPath).replace(/\\/g, "/");
+      if (isExcludedPath(relPath, entry.name, excludes)) continue;
+      if (entry.isSymbolicLink && entry.isSymbolicLink()) continue;
+      if (entry.isDirectory()) {
+        queue.push(fullPath);
+        continue;
+      }
+      if (entry.isFile()) {
+        const ext = path.extname(entry.name).toLowerCase();
+        if (SECURITY_EXTENSIONS.has(ext)) {
+          results.push({ relPath, fullPath, ext });
+        }
+      }
+    }
+  }
+  return results;
+};
+const SECURITY_CHECK_STEP_DELAY_MS = 400;
+const SECURITY_DETAIL_MAX_MATCHES = 5;
+const sleep = (ms) => new Promise((resolve) => setTimeout(resolve, ms));
+const collectRuleMatches = (rule, files) => {
+  const matches = [];
+  for (const file of files) {
+    if (!rule.extensions.has(file.ext)) continue;
+    let content = "";
+    try {
+      const buffer = fs.readFileSync(file.fullPath);
+      if (isBinaryBuffer(buffer)) continue;
+      content = buffer.toString("utf8");
+    } catch (error) {
+      continue;
+    }
+    const lines = content.split("\n");
+    const re = new RegExp(rule.pattern.source, rule.pattern.flags);
+    for (let i = 0; i < lines.length; i++) {
+      if (!re.test(lines[i])) continue;
+      const contextStart = Math.max(0, i - 3);
+      const contextEnd = Math.min(lines.length, i + 4);
+      matches.push({
+        file: file.relPath,
+        line: i + 1,
+        code: lines[i].trim(),
+        context: lines.slice(contextStart, contextEnd).join("\n"),
+      });
+      if (matches.length >= SECURITY_DETAIL_MAX_MATCHES) return matches;
+    }
+  }
+  return matches;
+};
+const runSecurityCheck = async () => {
+  const files = collectSecurityTargetPaths(projectRoot, DEFAULT_SNAPSHOT_EXCLUDES);
+  const issueMap = {};   // id -> count
+  const passedIds = [];
+  const issueDetails = []; // { id, label, count }
+  const total = SECURITY_RULES.length + 1; // +1 for .env check
+  // Check each rule
+  let ruleIndex = 0;
+  for (const rule of SECURITY_RULES) {
+    ruleIndex += 1;
+    // Collect detailed match info
+    const ruleMatches = collectRuleMatches(rule, files);
+    const hitCount = ruleMatches.length;
+    if (hitCount > 0) {
+      issueMap[rule.id] = hitCount;
+      issueDetails.push({ id: rule.id, label: rule.label, count: hitCount });
+      sendSecurityCheckLine(`progress ${ruleIndex}/${total} ${rule.id} issue ${hitCount}`);
+      // Send detail line with match locations
+      sendSecurityCheckLine(`detail ${JSON.stringify({ rule_id: rule.id, label: rule.label, matches: ruleMatches })}`);
+    } else {
+      passedIds.push(rule.id);
+      sendSecurityCheckLine(`progress ${ruleIndex}/${total} ${rule.id} passed`);
+    }
+    // 1項目ずつ送信してバルーン更新を可視化
+    flushLogBuffer();
+    await sleep(SECURITY_CHECK_STEP_DELAY_MS);
+  }
+  // Check .env in .gitignore
+  let envGitignored = false;
+  try {
+    const gitignore = fs.readFileSync(path.join(projectRoot, ".gitignore"), "utf8");
+    envGitignored = /^\.env$/m.test(gitignore);
+  } catch (error) {
+    // no .gitignore
+  }
+  if (!envGitignored) {
+    issueDetails.push({ id: "env_not_gitignored", label: ".env未gitignore", count: 1 });
+    issueMap["env_not_gitignored"] = 1;
+    sendSecurityCheckLine(`progress ${total}/${total} env_not_gitignored issue 1`);
+  } else {
+    passedIds.push("env_not_gitignored");
+    sendSecurityCheckLine(`progress ${total}/${total} env_not_gitignored passed`);
+  }
+  flushLogBuffer();
+  return {
+    security_issue_count: issueDetails.length,
+    security_issue_items: issueDetails.map((d) => `${d.id} (${d.count}箇所)`),
+    security_passed_count: passedIds.length,
+    security_passed_items: passedIds,
+  };
+};
+const triggerSecurityCheck = async (reason) => {
+  sendSecurityCheckLine(`security-check start (${reason})`);
+  flushLogBuffer();
+  const result = await runSecurityCheck();
+  // Emit detail lines
+  for (const item of result.security_issue_items) {
+    sendSecurityCheckLine(`issue: ${item}`);
+  }
+  for (const id of result.security_passed_items) {
+    sendSecurityCheckLine(`passed: ${id}`);
+  }
+  sendSecurityCheckLine(
+    `issues=${result.security_issue_count} passed=${result.security_passed_count}`,
+  );
+  return result;
+};
+const triggerCodeAnalysis = async (reason, role = null) => {
+  const runApi = !role || role === "api";
+  const runScreen = !role || role === "screen";
+  const steps = [];
+  if (runApi) {
+    const apiCount = apiEndpointCandidatesCached.length;
+    const apiSuffix = apiCount ? ` (対象: ${apiCount}件)` : "";
+    steps.push({ label: `API実装チェック中...${apiSuffix}`, fn: () => triggerApiCheck(`code-analysis:${reason}`) });
+  }
+  if (runScreen && enableScreenCheck) {
+    const screenCount = screenCandidatesCached.length;
+    const screenSuffix = screenCount ? ` (対象: ${screenCount}件)` : "";
+    steps.push({ label: `画面実装チェック中...${screenSuffix}`, fn: () => triggerScreenCheck(`code-analysis:${reason}`) });
+  }
+  // Security check is always included
+  steps.push({ label: "セキュリティチェック中...", fn: async () => triggerSecurityCheck(`code-analysis:${reason}`) });
+  const totalSteps = steps.length;
+  let currentStep = 0;
+  sendCodeAnalysisLine(`code-analysis start (${reason})`);
+  // 各ステップの結果を収集
+  const summary = {
+    api_missing_count: 0, api_missing_items: [], api_implemented_count: 0, api_implemented_items: [],
+    screen_missing_count: 0, screen_missing_items: [], screen_implemented_count: 0, screen_implemented_items: [],
+    security_issue_count: 0, security_issue_items: [], security_passed_count: 0, security_passed_items: [],
+  };
+  for (const step of steps) {
+    currentStep += 1;
+    sendCodeAnalysisLine(`[${currentStep}/${totalSteps}] ${step.label}`);
+    const result = await step.fn();
+    if (result) {
+      Object.assign(summary, result);
+    }
+  }
+  const apiExpected = apiEndpointCandidatesCached.map(String);
+  const screenExpected = screenCandidatesCached.map(toScreenName);
+  const apiResultEmpty =
+    summary.api_missing_count === 0 &&
+    summary.api_implemented_count === 0 &&
+    !summary.api_missing_items.length &&
+    !summary.api_implemented_items.length;
+  const screenResultEmpty =
+    summary.screen_missing_count === 0 &&
+    summary.screen_implemented_count === 0 &&
+    !summary.screen_missing_items.length &&
+    !summary.screen_implemented_items.length;
+  if (runApi && apiExpected.length && apiResultEmpty) {
+    summary.api_missing_count = apiExpected.length;
+    summary.api_missing_items = apiExpected;
+    summary.api_check_inferred = true;
+  }
+  if (runScreen && enableScreenCheck && screenExpected.length && screenResultEmpty) {
+    summary.screen_missing_count = screenExpected.length;
+    summary.screen_missing_items = screenExpected;
+    summary.screen_check_inferred = true;
+  }
+  // done 行にサマリー JSON を埋め込む（バックエンドが確実にパースできるように）
+  flushLogBuffer();
+  sendCodeAnalysisLine(`done ${JSON.stringify(summary)}`);
+};
+const fetchApiEndpointList = async () => {
+  if (!apiEndpointUrl) return [];
+  if (typeof fetch !== "function") {
+    sendApiCheckLine("fetch is not available in this runtime; skipping fetch.");
+    apiEndpointFetchStatus = "error";
+    apiEndpointFetchDetail = "fetch_unavailable";
+    return [];
+  }
+  try {
+    const response = await fetch(apiEndpointUrl, {
+      method: "GET",
+      headers: { "Content-Type": "application/json" },
+    });
+    if (!response.ok) {
+      let detail = "";
+      try {
+        detail = await response.text();
+      } catch (error) {
+        detail = "";
+      }
+      const detailSnippet = detail ? ` detail=${detail.slice(0, 200)}` : "";
+      sendApiCheckLine(
+        `api_endpoint_list取得失敗: ${response.status} ${response.statusText} (${apiEndpointUrl})${detailSnippet}`,
+      );
+      apiEndpointFetchStatus = "error";
+      apiEndpointFetchDetail = `${response.status}`;
+      return [];
+    }
+    const data = await response.json();
+    if (data?.api_endpoint_list) {
+      apiEndpointCandidatesCached = extractApiEndpointItems(
+        data.api_endpoint_list,
+      );
+      apiEndpointFetchStatus = apiEndpointCandidatesCached.length
+        ? "ok"
+        : "ok_empty";
+      apiEndpointFetchDetail = "";
+      return apiEndpointCandidatesCached;
+    }
+    if (Array.isArray(data?.endpoints)) {
+      apiEndpointCandidatesCached = extractApiEndpointItems(
+        JSON.stringify({ endpoints: data.endpoints }),
+      );
+      apiEndpointFetchStatus = apiEndpointCandidatesCached.length
+        ? "ok"
+        : "ok_empty";
+      apiEndpointFetchDetail = "";
+      return apiEndpointCandidatesCached;
+    }
+    apiEndpointFetchStatus = "ok_empty";
+    apiEndpointFetchDetail = "";
+    return [];
+  } catch (error) {
+    sendApiCheckLine(`api_endpoint_list fetch error: ${error}`);
+    apiEndpointFetchStatus = "error";
+    apiEndpointFetchDetail = "exception";
+    return [];
+  }
+};
+const fetchScreenList = async () => {
+  if (!screenListUrl) return [];
+  if (typeof fetch !== "function") {
+    sendScreenCheckLine("fetch is not available in this runtime; skipping fetch.");
+    screenListFetchStatus = "error";
+    screenListFetchDetail = "fetch_unavailable";
+    return [];
+  }
+  try {
+    const response = await fetch(screenListUrl, {
+      method: "GET",
+      headers: { "Content-Type": "application/json" },
+    });
+    if (!response.ok) {
+      let detail = "";
+      try {
+        detail = await response.text();
+      } catch (error) {
+        detail = "";
+      }
+      const detailSnippet = detail ? ` detail=${detail.slice(0, 200)}` : "";
+      sendScreenCheckLine(
+        `screen_list取得失敗: ${response.status} ${response.statusText} (${screenListUrl})${detailSnippet}`,
+      );
+      screenListFetchStatus = "error";
+      screenListFetchDetail = `${response.status}`;
+      return [];
+    }
+    const data = await response.json();
+    if (data?.screen_list) {
+      const raw = Array.isArray(data?.screens) ? data.screens : [];
+      screenCandidatesCached = raw.map((item) =>
+        typeof item === "object" && item !== null ? item.name || String(item) : String(item)
+      );
+      screenListFetchStatus = screenCandidatesCached.length
+        ? "ok"
+        : "ok_empty";
+      screenListFetchDetail = "";
+      return screenCandidatesCached;
+    }
+    if (Array.isArray(data?.screens)) {
+      screenCandidatesCached = data.screens.map((item) =>
+        typeof item === "object" && item !== null ? item.name || String(item) : String(item)
+      );
+      screenListFetchStatus = screenCandidatesCached.length
+        ? "ok"
+        : "ok_empty";
+      screenListFetchDetail = "";
+      return screenCandidatesCached;
+    }
+    screenListFetchStatus = "ok_empty";
+    screenListFetchDetail = "";
+    return [];
+  } catch (error) {
+    sendScreenCheckLine(`screen_list fetch error: ${error}`);
+    screenListFetchStatus = "error";
+    screenListFetchDetail = "exception";
+    return [];
+  }
+};
 const startFileTailer = (targetPath) => {
   let fileOffset = 0;
   let remainder = "";
@@ -223,7 +1395,7 @@ const startFileTailer = (targetPath) => {
       fileOffset = stats.size;
       return true;
     } catch (error) {
-      log(`log-path not found: ${targetPath} (retrying...)`);
+      log(`log-path not found: ${targetPath} (retrying...)`, "warn");
       return false;
     }
   };
@@ -242,7 +1414,7 @@ const startFileTailer = (targetPath) => {
   const readNewData = () => {
     fs.stat(targetPath, (error, stats) => {
       if (error) {
-        log(`log-path read error: ${error.message || String(error)}`);
+        log(`log-path read error: ${error.message || String(error)}`, "warn");
         return;
       }
       if (stats.size < fileOffset) {
@@ -265,6 +1437,7 @@ const startFileTailer = (targetPath) => {
           `log-path stream error: ${
             streamError.message || String(streamError)
           }`,
+          "warn",
         );
       });
     });
@@ -278,7 +1451,7 @@ const startFileTailer = (targetPath) => {
         }
       });
     } catch (error) {
-      log(`log-path watch error: ${error.message || String(error)}`);
+      log(`log-path watch error: ${error.message || String(error)}`, "warn");
     }
   };
@@ -295,21 +1468,23 @@ const startFileTailer = (targetPath) => {
   startWatcher();
 };
-if (logPath) {
-  startFileTailer(logPath);
-} else {
-  const rl = readline.createInterface({
-    input: process.stdin,
-    crlfDelay: Infinity,
-  });
+if (runMode !== "security") {
+  if (logPath) {
+    startFileTailer(logPath);
+  } else {
+    const rl = readline.createInterface({
+      input: process.stdin,
+      crlfDelay: Infinity,
+    });
-  rl.on("line", (line) => {
-    handleLine(line);
-  });
+    rl.on("line", (line) => {
+      handleLine(line);
+    });
-  rl.on("close", () => {
-    if (socket) {
-      socket.close();
-    }
-  });
+    rl.on("close", () => {
+      if (socket) {
+        socket.close();
+      }
+    });
+  }
 }