Update jsprim and json-schema dependency

[jzaffiro]

Task 1181, updating jsprim to 1.4.2 and json-schema to 0.4.0 to resolve this alert

Packages updated:

• .\
• .\azure
• .\build-tools
• .\common\lib\common-utils
• .\server\gitrest
• .\server\historian
• .\server\routerlicious
• .\tools\getkeys

[Abe27342]

FYI--we have a bot that links tasks to the ADO backlog if you include them in your description. Typically we do this at the end of the description with the following syntax:

AB#1181

Since the task list isn't public and we want to be inclusive of 3p developers, PR descriptions should be comprehensible without all of the extra context. So here I'd probably just link the CVE (there should be a public link to the prototype-pollution vulnerability you can find starting at the microsoft-internal tooling) and mention it resolves that.

[Abe27342]

These changes look good. Doing a repo-wide search for "json-schema" (ctrl+shift+f in vscode), I still see some other package-locks that reference the vulnerable version. You can update them in this PR or a separate one, either way is fine (though may want to scope the title of the PR to reflect which packages are being updated if you want to do multiple):

[Abe27342]

description link is still internal--dev.azure.com links to internal repo won't be accessible. You can find the public page at the bottom of the page you linked by clicking "see advisory for vulnerability details"

[github-actions]

This commit is queued for merging with the next branch! Please ignore this PR for now. Contact @microsoft/fluid-cr-infra for help.