feat(import): publish taxonomies after import

[cs-raj]

Summary

This change extends stack import so the taxonomies module not only imports taxonomy JSON via the existing import-taxonomy flow, but also publishes taxonomies when export data includes publish_details and the destination stack has a usable environment UID mapping. Publishing is integrated as a nested progress step (same UX pattern as entries publish), uses Management SDK taxonomy().publish at API version 3.2, and respects branch when branchName is configured.

Motivation

Exports can carry taxonomy publish intent (publish_details). Previously import recreated taxonomies/terms but did not replay publish to target environments. Aligning import with that metadata reduces manual republishing after migration.

User-visible behavior

1. Analyze

   • Logs how many taxonomy entries were loaded and how many are eligible for publish (have publish_details, locale, and at least one environment UID that maps through uid-mapping.json).

2. Import phase

   • Unchanged flow: legacy vs locale-based folders, concurrent import via import-taxonomy.

3. Publish phase (only if publishJobCount > 0)

   • New nested process “Taxonomies Publish” with status “Publishing taxonomies…”.
   • One concurrent API call per taxonomy job; progress ticks per success/failure.

4. When publish is skipped

   • No taxonomies with publish_details / locale, or mapper empty / missing: no publish phase (or jobs filtered out); optional warn when mapper is empty so operators know to import environments first.

Technical design

Area	Detail
Environment mapping	backupDir/mapper/environments/uid-mapping.json: source stack env UID → destination stack env UID.
Eligibility (analyze + jobs)	Taxonomy JSON loaded from disk; require non-empty publish_details, locale, and for analyze count at least one mapped env; jobs collected deduped by taxonomy UID.
Request payload	environments: destination UIDs; locales: [String(taxonomy.locale)]; items: [{ uid: taxonomy.uid }].
API	publish-taxonomies in makeAPICall: (stack as any).taxonomy().publish(apiData, '3.2', publishParams) with publishParams = { branch } when importConfig.branchName is set.
Guards	Early no-op if missing environments, locales, or items (after serialization).
Progress	PROCESS_NAMES.TAXONOMIES_PUBLISH + PROCESS_STATUS messages; initializeTaxonomiesProgress registers import + optional publish totals.

Files touched (typical)

• cli-plugins/packages/contentstack-import/src/import/modules/taxonomies.ts — orchestration, mapper read, job build, serializePublishTaxonomies, section comments / JSDoc cleanup.
• cli-plugins/packages/contentstack-import/src/import/modules/base-class.ts — ApiModuleType, guard, publish-taxonomies case.
• cli-plugins/packages/contentstack-import/src/utils/constants.ts — TAXONOMIES_PUBLISH + status strings.
• cli-plugins/packages/contentstack-import/test/unit/import/modules/taxonomies.test.ts — publish serialization and nested progress behavior as applicable.
• cli-plugins/packages/contentstack-import/test/unit/import/modules/base-class.test.ts — publish branch / version / empty payload behavior.

Test plan

• pnpm exec mocha … taxonomies.test.ts (or package test script)
• base-class unit tests for publish-taxonomies
• Manual: import stack with mapped envs and taxonomy publish_details; confirm published state in destination environments

[github-actions]

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	174	10	✅ Passed
🟠 High Severity	0	174	25	✅ Passed
🟡 Medium Severity	2	732	500	✅ Passed
🔵 Low Severity	0	0	1000	✅ Passed

⏱️ SLA Breach Summary

✅ No SLA breaches detected. All vulnerabilities are within acceptable time thresholds.

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	0	0	30 / 120 days	✅ Passed
🟡 Medium	0	0	90 / 365 days	✅ Passed
🔵 Low	0	0	180 / 365 days	✅ Passed

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

The following vulnerabilities were detected but do not have fixes available (no upgrade or patch). These are excluded from failure thresholds:

• Critical without fixes: 174
• High without fixes: 174
• Medium without fixes: 732
• Low without fixes: 0

✅ BUILD PASSED - All security checks passed