fix(deps): update dependency jsonpath-plus to 10.0.0 due to vulnerability

[knowacki23]

Description

This is a simple dependency bump in parser of the jsonpath-plus dependency.

This dependency is vulnerable according to Snyk: https://security.snyk.io/vuln/SNYK-JS-JSONPATHPLUS-7945884
As this is a non-major upgrade and I have not seen the vulnerability being mentioned anywhere in the repository I thought I'd open a PR for it.

[changeset-bot]

⚠️ No Changeset found

Latest commit: cc05fe7

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[github-actions]

Welcome to AsyncAPI. Thanks a lot for creating your first pull request. Please check out our contributors guide useful for opening a pull request.
Keep in mind there are also other channels you can use to interact with AsyncAPI community. For more details check out this issue.

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[pjungermann]

@knowacki23 as of the changeset-bot, there will be no new version released as there is no changeset yet. I'm pretty sure this is not what you intend.

[195858]

@knowacki23 as of the changeset-bot, there will be no new version released as there is no changeset yet. I'm pretty sure this is not what you intend.

@pjungermann - what needs to be done to unblock this PR/get a new release? I am getting this critical security issue flagged by automations and it'll shut down our CI/CD pipelines for my service and related services soon ... or is it better to create a new PR with the required changeset ?

[pjungermann]

I'm not part of this project and just passed by due to the same vulnerability myself.

The changeset-bot included links where you can find information on how to add a changeset, etc.

Adding this as a new commit or amending your current commit, both are fine. A new PR is close to never required, I would say.

[195858]

@pjungermann

I am not the original author and therefore can't amend this PR.

@jonaslagoni @smoya - any chance you guys can amend/ add the changeset and review this PR?

[coreydaley]

Opened #1058 which adds the changeset since there has been no activity on this pull request for over 2 weeks

[jonaslagoni]

As #1058 had all the necessary changes, that was merged 🙏