Bump okhttp from 3.13.1 to 3.14.0

[dependabot-preview]

Bumps okhttp from 3.13.1 to 3.14.0.

Changelog

Sourced from okhttp's changelog.

Version 3.14.0

2019-03-14

• This release deletes the long-deprecated OkUrlFactory and OkApacheClient APIs. These
  facades hide OkHttp's implementation behind another client's API. If you still need this please
  copy and paste [ObsoleteUrlFactory.java][obsolete_url_factory] or
  [ObsoleteApacheClient.java][obsolete_apache_client] into your project.

• OkHttp now supports duplex calls over HTTP/2. With normal HTTP calls the request must finish
  before the response starts. With duplex, request and response bodies are transmitted
  simultaneously. This can be used to implement interactive conversations within a single HTTP
  call.

  Create duplex calls by overriding the new RequestBody.isDuplex() method to return true.
  This simple option dramatically changes the behavior of the request body and of the entire
  call.

  The RequestBody.writeTo() method may now retain a reference to the provided sink and
  hand it off to another thread to write to it after writeTo returns.

  The EventListener may now see requests and responses interleaved in ways not previously
  permitted. For example, a listener may receive responseHeadersStart() followed by
  requestBodyEnd(), both on the same call. Such events may be triggered by different threads
  even for a single call.

  Interceptors that rewrite or replace the request body may now inadvertently interfere with
  duplex request bodies. Such interceptors should check RequestBody.isDuplex() and avoid
  accessing the request body when it is.

  Duplex calls require HTTP/2. If HTTP/1 is established instead the duplex call will fail. The
  most common use of duplex calls is [gRPC][grpc_http2].

• New: Prevent OkHttp from retransmitting a request body by overriding RequestBody.isOneShot().
  This is most useful when writing the request body is destructive.

• New: We've added requestFailed() and responseFailed() methods to EventListener. These
  are called instead of requestBodyEnd() and responseBodyEnd() in some failure situations.
  They may also be fired in cases where no event was published previously. In this release we did
  an internal rewrite of our event code to fix problems where events were lost or unbalanced.

• Fix: Don't leak a connection when a call is canceled immediately preceding the onFailure()
  callback.

• Fix: Apply call timeouts when connecting duplex calls, web sockets, and server-sent events.
  Once the streams are established no further timeout is enforced.

• Fix: Retain the Route when a connection is reused on a redirect or other follow-up. This was
  causing some Authenticator calls to see a null route when non-null was expected.

... (truncated)

Commits

• 44d51d0 [maven-release-plugin] prepare release parent-3.14.0
• b5dc314 Merge pull request #4708 from amirlivneh/fail-when-not-canceled
• 6c4855a Use AssertJ in tests (#4713)
• a217a39 Merge pull request #4714 from amirlivneh/travis-verify
• d4afa4b Run style check in Travis CI
• 66ce793 Merge pull request #4711 from amirlivneh/fix-style
• f830f64 Unbreak 'mvn verify'
• 829cd9c Fail recoverFromCancelReusesConnection() on unexpected response
• 292764b Merge pull request #4705 from square/jwilson.0310.better_exceptions
• 1a68cf1 Provide better exceptions when the shared HTTP/2 stream fails
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.