dep: update golang-jwt to v4.5.1

[inge4pres]

Fixes #2699

We want to avoid a known vulnerability in golang-jwt library is flagged as a security concern when using echo as a framework in our applications.

Tests are passing locally with the new version.

[cgalibern]

Hi @inge4pres,
Is there a reason why you don't propose github.com/golang-jwt/jwt/v5 ?

Sorry the response is into #2699

[aldas]

Because there will be v6 one day + some CVE and we again need to upgrade that library version. Echo core library tries very hard not to introduce backwards incompatible changes. So in long run removing this dependency is better strategy. We already have https://github.com/labstack/echo-jwt which from first day said is not trying to be stable and not introduce breaking changes.

being stable and not breaking things is one of the most important feature of Go. In comparison to Javascript ecosystem Go is a bliss to maintain older applications. I very much want Echo to honor this tradition as much as we can - but CVEs pop up every other year with JWT.

[inge4pres]

Superseded by #2701