[Bug] vulnerable dependancy

[chipitsine]

Cloudberry Database version

currently cloudberry-go-libs depends on github.com/jackc/pgx/v4 v4.18.2
which in turn depends on non maintained and vulnerable library https://pkg.go.dev/vuln/GO-2026-4518

it would be good to address that and modernize dependancies

What happened

vulnerable dependancy https://pkg.go.dev/vuln/GO-2026-4518

What you think should happen instead

No response

How to reproduce

No response

Operating System

No response

Anything else

No response

Are you willing to submit PR?

• Yes, I am willing to submit a PR!

Code of Conduct

• I agree to follow this project's Code of Conduct.

[chipitsine]

related: wal-g/wal-g#2219

[chipitsine]

reproducing the issue (by running govulncheck):

$ govulncheck ./...
=== Symbol Results ===

Vulnerability #1: GO-2026-4518
   Denial of service in github.com/jackc/pgproto3/v2
 More info: https://pkg.go.dev/vuln/GO-2026-4518
 Module: github.com/jackc/pgproto3/v2
   Found in: github.com/jackc/pgproto3/v2@v2.3.3
   Fixed in: N/A
   Example traces found:
     #1: dbconn/dbconn.go:525:20: dbconn.SelectIntSlice calls sql.Rows.Next, which eventually calls pgproto3.Frontend.Receive

Your code is affected by 1 vulnerability from 1 module.
This scan found no other vulnerabilities in packages you import or modules you
require.
Use '-show verbose' for more details