Use latest json-smart lib

[martin-gaievski]

Description

json-path 2.9.0 has been flagged in CVE-2024-57699. They do not have fix yet, and their devs suggest to switch to json-smart json-path/JsonPath#1031.

We need to have this library for ml-commons, follow their strategy: keep json-path, but excluding json-smart part of it, and include json-mart of the proper version separately.

Picking up version of json-smart from the OS core, they added in the recent PR opensearch-project/OpenSearch#17569

Related Issues

#1222

Check List

• [ ] New functionality includes testing.
• [ ] New functionality has been documented.
• [ ] API changes companion pull request created.
• Commits are signed per the DCO using --signoff.
• [ ] Public documentation issue/PR created.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 81.79%. Comparing base (5f25d6c) to head (0a20b75).
Report is 1 commits behind head on main.

Additional details and impacted files

@@             Coverage Diff              @@
##               main    #1223      +/-   ##
============================================
- Coverage     81.80%   81.79%   -0.02%     
+ Complexity     2606     1303    -1303     
============================================
  Files           190       95      -95     
  Lines          8922     4461    -4461     
  Branches       1520      760     -760     
============================================
- Hits           7299     3649    -3650     
+ Misses         1032      517     -515     
+ Partials        591      295     -296     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.