Use latest tsconfig-path due to security vulnerability

[assapir]

In the current version of this project use of tsconfig-path, there is a security vulnerability that was fixed in 4.1.2.
I can see from the project changelog there isn't an actual breaking change, so it should be safe to update.

[ljharb]

1. the vulnerability is in json5, not tsconfig-paths
2. we depend on tsconfig-paths v3, which depends on json5 v1
3. json5 v1 and v2 both have the fix published, so all you need to do is update your lockfile
4. this is not actually a valid vulnerability for this plugin anyways, so it's irrelevant
5. tsconfig-paths v4 is absolutely a breaking change because it drops, among others, node 4 - see [Deps] upgrade tsconfig-paths to ^4.0.0 #2447

This is a duplicate of #2625; a duplicate of #2628; a duplicate of #2626; a duplicate of #2627; a duplicate of #2631; a duplicate of #2632; a duplicate of #2634; a duplicate of #2635; a duplicate of #2636; a duplicate of #2637; a duplicate of #2639; a duplicate of #2642; a duplicate of #2643; a duplicate of #2649; a duplicate of #2655; a duplicate of #2660; a duplicate of #2670.