json-ptr < 3.0.0 has a prototype pollution security vulnerability: https://nvd.nist.gov/vuln/detail/CVE-2021-23509
firstname.lastname@example.org requires email@example.com requires json-ptr@~0.1.1
json-ptr@~0.1.1 is resolved to json-ptr 2.2.0: https://github.com/folio-org/mod-graphql/blob/ee78059a28d2cc7c7e92aa4dcdbc5fb249d4b094/yarn.lock#L4390-L4391
json-path has not been maintained since 2013: https://www.npmjs.com/package/json-path
Therefore we need to bump the json-ptr version via the "resolutions" section of package.json.