fix: package.json & yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-QS-15268416

Author: snyk-bot

package.json

@@ -9,7 +9,7 @@
         "@oclif/config": "^1.18.2",
         "@oclif/errors": "^1",
         "@salesforce/command": "^3.1.0",
-        "@salesforce/core": "^2.36.0",
+        "@salesforce/core": "^7.0.0",
         "@salesforce/sf-plugins-core": "^9.0.11",
         "fast-xml-parser": "^4.2.5",
         "string-argv": "^0.3.1",