DX - 5416 - feat: added support for the management token

[cs-raj]

feat/DX-5416 — Stack export: stack.json, invalidKeys, management-token manifest

Summary

Extends the stack export module so exports include a stack/stack.json file in addition to stack/settings.json, with clear behavior for session auth vs management token flows. Stack metadata is stripped using configurable invalidKeys so sensitive or non-portable fields are not written to disk.

Changes

Full stack export (OAuth / Basic / authtoken — no management token)

• After settings.json, writes stack.json from stack.fetch(), with lodash/omit applied using modules.stack.invalidKeys (default: SYS_ACL, user_uids, owner_uid).
• Reuses the getStack() snapshot when available to avoid a second stack.fetch() where possible.
• Skips stack settings export when using a management token (unchanged); stack metadata files use session-backed paths only where applicable.

Management token export

• Does not call getStack(), exportStack(), or exportStackSettings() for stack metadata files.
• Writes stack/stack.json with { "api_key": "<exportConfig.apiKey>" } only (from alias / resolved config). Does not write the management token or other secrets into the file.
• Registers and completes the Details progress step for this write.

Config

• StackConfig / default modules.stack include invalidKeys with the default values above.

Other

• org_uid resolution uses org_uid ?? organization_uid when applying analysis data.
• progress-strategy-registry: stack module remains registered with PrimaryProcessStrategy(STACK_SETTINGS).

Testing

• Unit tests in test/unit/export/modules/stack.test.ts: invalidKeys omit behavior, management-token path writes api_key only and does not call SDK stack methods / getStack, settings.json not written for that scenario.

[github-actions]

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	0	10	✅ Passed
🟠 High Severity	0	0	25	✅ Passed
🟡 Medium Severity	0	0	500	✅ Passed
🔵 Low Severity	0	0	1000	✅ Passed

⏱️ SLA Breach Summary

✅ No SLA breaches detected. All vulnerabilities are within acceptable time thresholds.

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	0	0	30 / 120 days	✅ Passed
🟡 Medium	0	0	90 / 365 days	✅ Passed
🔵 Low	0	0	180 / 365 days	✅ Passed

✅ BUILD PASSED - All security checks passed

[github-actions]

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	0	10	✅ Passed
🟠 High Severity	0	0	25	✅ Passed
🟡 Medium Severity	0	0	500	✅ Passed
🔵 Low Severity	0	0	1000	✅ Passed

⏱️ SLA Breach Summary

✅ No SLA breaches detected. All vulnerabilities are within acceptable time thresholds.

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	0	0	30 / 120 days	✅ Passed
🟡 Medium	0	0	90 / 365 days	✅ Passed
🔵 Low	0	0	180 / 365 days	✅ Passed

✅ BUILD PASSED - All security checks passed

[github-actions]

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	0	10	✅ Passed
🟠 High Severity	0	0	25	✅ Passed
🟡 Medium Severity	0	0	500	✅ Passed
🔵 Low Severity	0	0	1000	✅ Passed

⏱️ SLA Breach Summary

✅ No SLA breaches detected. All vulnerabilities are within acceptable time thresholds.

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	0	0	30 / 120 days	✅ Passed
🟡 Medium	0	0	90 / 365 days	✅ Passed
🔵 Low	0	0	180 / 365 days	✅ Passed

✅ BUILD PASSED - All security checks passed