Bump okhttp from 4.1.1 to 4.2.0

[dependabot-preview]

Bumps okhttp from 4.1.1 to 4.2.0.

Changelog

Sourced from okhttp's changelog.

Version 4.2.0

2019-09-10

• New: API to decode a certificate and private key to create a HeldCertificate. This accepts a
  string containing both a certificate and PKCS Update README.md #8-encoded private key.

  val heldCertificate = HeldCertificate.decode("""
      |-----BEGIN CERTIFICATE-----
      |MIIBYTCCAQegAwIBAgIBKjAKBggqhkjOPQQDAjApMRQwEgYDVQQLEwtlbmdpbmVl
      |cmluZzERMA8GA1UEAxMIY2FzaC5hcHAwHhcNNzAwMTAxMDAwMDA1WhcNNzAwMTAx
      |MDAwMDEwWjApMRQwEgYDVQQLEwtlbmdpbmVlcmluZzERMA8GA1UEAxMIY2FzaC5h
      |cHAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASda8ChkQXxGELnrV/oBnIAx3dD
      |ocUOJfdz4pOJTP6dVQB9U3UBiW5uSX/MoOD0LL5zG3bVyL3Y6pDwKuYvfLNhoyAw
      |HjAcBgNVHREBAf8EEjAQhwQBAQEBgghjYXNoLmFwcDAKBggqhkjOPQQDAgNIADBF
      |AiAyHHg1N6YDDQiY920+cnI5XSZwEGhAtb9PYWO8bLmkcQIhAI2CfEZf3V/obmdT
      |yyaoEufLKVXhrTQhRfodTeigi4RX
      |-----END CERTIFICATE-----
      |-----BEGIN PRIVATE KEY-----
      |MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCA7ODT0xhGSNn4ESj6J
      |lu/GJQZoU9lDrCPeUcQ28tzOWw==
      |-----END PRIVATE KEY-----
      """.trimMargin())
  val handshakeCertificates = HandshakeCertificates.Builder()
      .heldCertificate(heldCertificate)
      .build()
  val server = MockWebServer()
  server.useHttps(handshakeCertificates.sslSocketFactory(), false)

  Get these strings with HeldCertificate.certificatePem() and privateKeyPkcs8Pem().

• Fix: Handshake now returns peer certificates in canonical order: each certificate is signed by
  the certificate that follows and the last certificate is signed by a trusted root.

• Fix: Don't lose HTTP/2 flow control bytes when incoming data races with a stream close. If this
  happened enough then eventually the connection would stall.

• Fix: Acknowledge and apply inbound HTTP/2 settings atomically. Previously we had a race where we
  could use new flow control capacity before acknowledging it, causing strict HTTP/2 servers to
  fail the call.

Commits

• 582f8ef Prepare for release 4.2.0.
• 9b60ca8 Merge pull request #5434 from square/jwilson.0909.race
• 510475a Don't leak incoming bytes when we race incoming data and close
• 2cdbbda Hows My Ssl test for Android (#5428)
• 3464ef3 Merge pull request #5431 from square/jwilson.0907.ack_apply_atomically
• bd6a97a Acknowledge and apply inbound settings atomically
• 3490c7e Merge pull request #5427 from square/jwilson.0905.decode_pems
• ba2c676 Handshake returns cleaned peer certificates (#5311)
• 93c5bcc Make it easier to decode PEM files
• 6f17886 Merge pull request #5423 from square/jwilson.0905.windows
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

[whiskeysierra]

👍