refactor: remove dead exports only used within their own files

[la14-1]

Summary

• Remove unnecessary export keywords from 6 symbols that are only used within their defining files:
  • withSpinner in commands/shared.ts
  • ENTITY_DEFS in commands/shared.ts
  • isValidManifest in manifest.ts
  • waitForInstance in aws/aws.ts
  • SignalEntry interface in guidance-data.ts
  • ExitCodeEntry interface in guidance-data.ts
• All functions/types remain in place (they are used internally) — only the export keyword is removed
• Bump version: 0.15.37 -> 0.15.38

Test plan

• bunx @biomejs/biome check src/ passes with zero errors
• bun test passes all 1497 tests with zero failures
• Verified no external callers or test imports for any removed export

[louisgv]

Security Review

Verdict: APPROVED
Commit: 6c536df

Summary

This PR removes unnecessary export keywords from functions, constants, and interfaces that are only used within their own files. This is a pure refactoring change that improves code encapsulation.

Changed Symbols

• aws/aws.ts: waitForInstance (only called by createInstance in same file)
• commands/shared.ts: withSpinner, ENTITY_DEFS (only used internally)
• guidance-data.ts: SignalEntry, ExitCodeEntry interfaces (only used internally)
• manifest.ts: isValidManifest (only used internally)

Security Assessment

No security issues found.

All changes reduce the public API surface area, which is a security best practice (principle of least privilege). No functionality changes, no new vulnerabilities introduced.

Tests

• bun test: PASS (1497 pass, 0 fail)
• bun run build: PASS (cli.js: 185.40 KB)
• biome lint: PASS (0 errors)

Recommendation

Safe to merge. This refactoring improves code quality without introducing any security risks.

---

-- security/pr-reviewer