feat: migrate @contentstack/cli-cm-regex-validate to cli-plugins monorepo (v1)

[cs-raj]

Summary

Migrates @contentstack/cli-cm-regex-validate from its standalone GitHub repository (contentstack/cli-plugins/.../contentstack-cli-cm-regex-validate) into the cli-plugins pnpm monorepo as packages/contentstack-cli-cm-regex-validate.

⚠️ First npm release — this package has never been published to npm. Version 1.0.0 is set intentionally as the initial public release.

What's included

• Package source — full migration of src/, test/, bin/, messages/, config files
• package.json — version 1.0.0, v1 deps (@contentstack/cli-command ^1.8.2, @contentstack/cli-utilities ^1.18.3), oclif upgraded ^3.17.2 → ^4.23.0, jest moved from dependencies → devDependencies, monorepo repository/homepage/bugs, scripts: build, test:unit, lint, clean, prepack: pnpm run build
• tsconfig.json — added composite: true, esModuleInterop: true
• jest.config.ts — fixed testMatch to include test/ directory (source had tests/ only, breaking test discovery)
• Release workflow — added publish step to release-production-plugins.yml with tag: latest
• CI — added test step to unit-test.yml
• release.json — added "regex-validate": false
• Docs — REGEX-VALIDATE-MIGRATION.md at monorepo root, root AGENTS.md updated with Regex Validate section
• .talismanrc — checksums added for all flagged files

Package details

Field	Value
npm name	@contentstack/cli-cm-regex-validate
Command	csdx cm:stacks:validate-regex
Short name	RGXVLD
Version	1.0.0
cli-command	^1.8.2
cli-utilities	^1.18.3
npm tag	latest
Test framework	Jest + ts-jest (kept from source)

Testing

# From monorepo root
pnpm --filter contentstack-cli-cm-regex-validate run test:unit

# Or from package directory
cd packages/contentstack-cli-cm-regex-validate
npm run test:unit

[github-actions]

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	0	10	✅ Passed
🟠 High Severity	0	0	25	✅ Passed
🟡 Medium Severity	0	0	500	✅ Passed
🔵 Low Severity	0	0	1000	✅ Passed

⏱️ SLA Breach Summary

✅ No SLA breaches detected. All vulnerabilities are within acceptable time thresholds.

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	0	0	30 / 120 days	✅ Passed
🟡 Medium	0	0	90 / 365 days	✅ Passed
🔵 Low	0	0	180 / 365 days	✅ Passed

✅ BUILD PASSED - All security checks passed

[github-actions]

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	0	10	✅ Passed
🟠 High Severity	0	1	25	✅ Passed
🟡 Medium Severity	2	2	500	✅ Passed
🔵 Low Severity	0	0	1000	✅ Passed

⏱️ SLA Breach Summary

⚠️ Warning: The following vulnerabilities have exceeded their SLA thresholds (days since publication).

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	0	0	30 / 120 days	✅ Passed
🟡 Medium	0	1	90 / 365 days	⚠️ Warning
🔵 Low	0	0	180 / 365 days	✅ Passed

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

The following vulnerabilities were detected but do not have fixes available (no upgrade or patch). These are excluded from failure thresholds:

• Critical without fixes: 0
• High without fixes: 1
• Medium without fixes: 2
• Low without fixes: 0

⚠️ BUILD PASSED WITH WARNINGS - SLA breaches detected for issues without available fixes

Consider reviewing these vulnerabilities when fixes become available.