Fix pkg_resources import error and fast-xml-parser security vulnerability (CVE-2026-25128)

[surya-madhav]

Currently facing an npm audit issue and a related import error which fails the integration tests:

1. ModuleNotFoundError in test environment due to setuptools 82.0.0
2. High severity security vulnerability in fast-xml-parser (CVE-2026-25128)

Issues Fixed

1. Pin setuptools to fix pkg_resources import error

Problem: The newer setuptools 82.0.0 causes ModuleNotFoundError: No module named 'pkg_resources'
when munch tries to import it during test collection.

Solution: Pinned setuptools to version 68.2.2 (previously working version) in
tests/requirements.txt.

2. Security fix - Update fast-xml-parser to resolve CVE-2026-25128

Problem: fast-xml-parser version 4.4.1 contains a high severity RangeError DoS vulnerability
(CVE-2026-25128) where malformed XML with out-of-range numeric entities could crash the application.

Solution: Updated fast-xml-parser from 4.4.1 to 5.3.4 to address the vulnerability.

Changes Made

• Added setuptools==68.2.2 to tests/requirements.txt
• Updated fast-xml-parser from 4.4.1 to 5.3.4 in frontend/package.json (both overrides and
  resolutions)
• Updated frontend/yarn.lock with new dependency versions
• Updated strnum dependency from ^1.0.5 to ^2.1.0 (required by fast-xml-parser 5.3.4)