[Build] Jackson-core as a dependency

[noCharger]

Context

#132

Some GitHub action backend code using jackson-core 2.5.0 is failing builds because it includes an MRJAR with JDK 19 code. See, for example, this failed action.

Action items

• For the short term, upgrade to jackson-core 2.5.0 in main branch to resolve the build failure. Also upgrade gradle Update Gradle Wrapper to 7.6.1 #132 - Resolved here Fix build #134
• For the long term, we must devise a sustainable decision on Jackson-core as a dependency ref to Dan's suggestions here. Can we remove all jackson- packages? if not. we need test on build and integration. [Non urgent]
• Check if the current dependabot is working well, or examine alternatives.

Some observations:

1. OpenSearch main branch is using jackson-core 2.5.0 https://github.com/opensearch-project/OpenSearch/tree/main/client/sniffer/licenses
2. Security plugin removed jackson-databind and jackson-annotations Remove jackson-databind and jackson-annotations dependency now coming from core security#2325
3. Observability plugin removed jackson depenencies and then added them back Revert "Removing explicit jackson dependencies (#1374)" observability#1379

[sejli]

Since we currently have build failures, we are opting to upgrade jackson-core to 2.5.0 for now, as implemented in #134. Alternatives are continued to be looked at.

[macohen]

What's the latest on this? Should this be closed and a new issue created for long term?