chore(deps): Bump transitive dep `fast-xml-parser`

[github-actions]

Note

The pull request "chore(deps): Bump transitive dep fast-xml-parser" was created by @Lms24 but did not reference an issue. Therefore this issue was created for better visibility in external tools like Linear.

bumps fast-xml-parser to 5.3.6 which resolves https://github.com/getsentry/sentry-javascript/security/dependabot/1062 partially. The remaining case was usage of the dep in @langchain/anthropic@0.3.x which we only use in node integration tests. Given we intentionally test against 0.x, I dismissed the alert due to this case.

[linear]

JS-1767