fix dependabot security alerts

[coffeegoddd]

No description provided.

[Copilot]

Pull request overview

Resolves Dependabot security alerts by removing a vulnerable/unused Go JWT library dependency and forcing an updated fast-xml-parser version in the SES GitHub Action bundle.

Changes:

• Removed gopkg.in/square/go-jose.v2 v2.5.1 from the integration test module and updated imports to gopkg.in/go-jose/go-jose.v2.
• Added an npm overrides entry to pin fast-xml-parser to 5.3.6 and updated the lockfile accordingly.
• Updated the prebuilt GitHub Action bundle (dist/index.js) to reflect the dependency changes.

Reviewed changes

Copilot reviewed 3 out of 6 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
integration-tests/go-sql-server-driver/go.mod	Drops the gopkg.in/square/go-jose.v2 requirement to eliminate the flagged dependency.
integration-tests/go-sql-server-driver/go.sum	Removes checksum entries for the removed gopkg.in/square/go-jose.v2 module.
integration-tests/go-sql-server-driver/genjwt_test.go	Updates imports to the non-square go-jose module path used elsewhere in the repo.
.github/actions/ses-email-action/package.json	Adds an overrides rule to force fast-xml-parser to a patched version.
.github/actions/ses-email-action/package-lock.json	Updates resolved fast-xml-parser (and strnum) versions to match the override.
.github/actions/ses-email-action/dist/index.js	Rebuilds the bundled action output to include the updated dependency code.

Files not reviewed (1)

• .github/actions/ses-email-action/package-lock.json: Language not supported

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[jycor]

LGTM