[fix][sec] Upgrade jwt/v5 to 5.2.2 to address CVE-2025-30204

[lhotari]

Motivation

There's CVE-2025-30204 in the pulsar-function-go dependencies.

Modifications

upgrade github.com/golang-jwt/jwt/v5 to v5.2.2

Documentation

• doc
• doc-required
• doc-not-needed
• doc-complete

[lhotari]

/pulsarbot rerun-failure-checks

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 74.24%. Comparing base (bbc6224) to head (f077704).
Report is 1001 commits behind head on master.

Additional details and impacted files

@@             Coverage Diff              @@
##             master   #24140      +/-   ##
============================================
+ Coverage     73.57%   74.24%   +0.67%     
+ Complexity    32624    32507     -117     
============================================
  Files          1877     1864      -13     
  Lines        139502   144457    +4955     
  Branches      15299    16481    +1182     
============================================
+ Hits         102638   107259    +4621     
+ Misses        28908    28736     -172     
- Partials       7956     8462     +506     

Flag	Coverage Δ
inttests	26.66% <ø> (+2.07%)	⬆️
systests	23.14% <ø> (-1.19%)	⬇️
unittests	73.77% <ø> (+0.92%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

see 1068 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.