test(security): Node + Go regression parity for GHSA-g6ww + GHSA-f396

[DorianZheng]

Brings SDK regression coverage in line with the existing Python tests (#539 / #540) and the Rust core test at src/boxlite/src/images/archive/extractor.rs::test_cve_symlink_escape_blocked. Companion to the 2026-05-20 GHSA-f396 mapping correction (5-row "Affected products" matching GHSA-g6ww) and the v0.9.0 / v0.9.5 release-note Security sections that surface both advisories to the non-Dependabot cohort.

Coverage matrix after this PR

	Rust	Python	Node	Go	C
GHSA-g6ww (remount)	✅ security_enforcement.rs	✅ test_readonly_volume_remount.py	✅ new	✅ new	delegated to Go
GHSA-f396 (symlink)	✅ extractor.rs::test_cve_symlink_escape_blocked (unit)	✅ test_symlink_escape.py	✅ new	✅ new	delegated to Go

Files added

• sdks/node/tests/security-readonly-volume-remount.integration.test.ts — mounts a host volume readOnly: true, runs mount -o remount,rw from inside the box, asserts the host file is unchanged.
• sdks/node/tests/security-symlink-escape.integration.test.ts — builds a minimal malicious OCI layout inline (hand-rolled USTAR + sha256 + manifest/config/index, no new devDeps), loads it via SimpleBox({ rootfsPath }), asserts no host file written outside the extraction root.
• sdks/go/security_readonly_volume_remount_integration_test.go — same shape as the Node test, using WithVolumeReadOnly + box.Exec.
• sdks/go/security_symlink_escape_integration_test.go — uses stdlib archive/tar to build the malicious layer + encoding/json for the OCI layout, then rt.Create(..., WithRootfsPath(layoutDir)).

Why no C SDK tests

sdks/c/tests/CMakeLists.txt documents the upstream decision: "lifecycle/execute/streaming/etc. tests were removed when the C SDK moved to the post-and-drain callback API; coverage of those code paths now lives in the Go SDK + runner integration suite." Both PoCs need the callback-based full options API (boxlite_options_add_volume, boxlite_options_set_rootfs_path) — the simple API doesn't expose them. Re-introducing 150+ lines of callback/condvar plumbing per test contradicts the documented delegation; the new Go tests cover the same C-FFI machinery one layer up.

How verification was done

• Go: go vet -tags boxlite_dev ./... passes from the sdks/go module root.
• Node: precommit-hook lint passed (TypeScript type check via the SDK's own configuration).
• Integration runs require make dev:node / make dev:go + a VM runtime — not run here.

Companion work (outside this PR)

• gh api PATCH corrected GHSA-f396-4rp4-7v2j "Affected products" from a single pip boxlite <= 0.8.2 row to the 5-row shape that mirrors GHSA-g6ww (pip / npm / go / rust boxlite / rust boxlite-cli, each < 0.9.0 patched 0.9.0).
• v0.9.0 + v0.9.5 release notes prepended with a ## Security section linking both GHSAs + CVEs.
• RustSec PR Add advisory for boxlite (GHSA-g6ww-w5j2-r7x3 / CVE-2026-46695) rustsec/advisory-db#2899 opened to cover cargo audit users (GitHub advisories don't auto-populate RustSec).