feat(security): Support System User Protection API with security migration (V3.38) (#2338)

- Migrate Manager data path: default/ComfyUI-Manager → __manager
- Force security_level=strong on outdated ComfyUI (block installations)
- Auto-migrate config.ini only; backup legacy files for manual verification
- Raise weak/normal- to normal during migration
- Add /manager/startup_alerts API for UI warnings
- Differentiate 403 responses: comfyui_outdated vs security_level
- Block startup scripts execution on old ComfyUI

Requires ComfyUI v0.3.76+ for full functionality.
Backward compatible with older versions (uses legacy path).

js/cm-api.js

@@ -1,6 +1,6 @@
 import { api } from "../../scripts/api.js";
 import { app } from "../../scripts/app.js";
-import { sleep, customConfirm, customAlert } from "./common.js";
+import { sleep, customConfirm, customAlert, handle403Response, show_message } from "./common.js";
 
 async function tryInstallCustomNode(event) {
 	let msg = '-= [ComfyUI Manager] extension installation request =-\n\n';
@@ -42,7 +42,7 @@ async function tryInstallCustomNode(event) {
 									});
 
 			if(response.status == 403) {
-				show_message('This action is not allowed with this security level configuration.');
+				await handle403Response(response);
 				return false;
 			}
 			else if(response.status == 400) {
@@ -54,7 +54,7 @@ async function tryInstallCustomNode(event) {
 
 		let response = await api.fetchApi("/manager/reboot");
 		if(response.status == 403) {
-			show_message('This action is not allowed with this security level configuration.');
+			await handle403Response(response);
 			return false;
 		}