Bump com.squareup.okhttp3:okhttp from 3.14.9 to 4.9.2 in /dubbo-dependencies-bom

[dependabot]

Bumps com.squareup.okhttp3:okhttp from 3.14.9 to 4.9.2.

Changelog

Sourced from com.squareup.okhttp3:okhttp's changelog.

Change Log

Version 4.x

See 4.x Change log for the stable version changelogs.

Version 5.3.0

2025-10-30

• New: Add tags to Call, including computable tags. Use this to attach application-specific metadata to a Call in an EventListener or Interceptor. The tag can be read in any other EventListener or Interceptor.

    override fun intercept(chain: Interceptor.Chain): Response {
      chain.call().tag(MyAnalyticsTag::class) {
        MyAnalyticsTag(...)
      }
  return chain.proceed(chain.request())
  
  }

• New: Support request bodies on HTTP/1.1 connection upgrades.

• New: EventListener.plus() makes it easier to observe events in multiple listeners.

• Fix: Don't spam logs with ‘Method isLoggable in android.util.Log not mocked.’ when using OkHttp in Robolectric and Paparazzi tests.

• Upgrade: [Kotlin 2.2.21][kotlin_2_2_21].

• Upgrade: [Okio 3.16.2][okio_3_16_2].

• Upgrade: [ZSTD-KMP 0.4.0][zstd_kmp_0_4_0]. This update fixes a bug that caused APKs to fail [16 KB ELF alignment checks][elf_alignment].

Version 5.2.1

2025-10-09

• Fix: Don't crash when calling Socket.shutdownOutput() or shutdownInput() on an SSLSocket on Android API 21 through 23. This method throws an UnsupportedOperationException, so we now catch that and close the underlying stream instead.

• Upgrade: [Okio 3.16.1][okio_3_16_1].

Version 5.2.0

2025-10-07

... (truncated)

Commits

• 3edf17c Prepare for release 4.9.2.
• 262b3cd Handle strict module handling on JDK17 (#6707) (#6742)
• f574ea2 Cherry pick fix for CVE-2021-0341 onto 4.9.x (#6741)
• 1fd7c0a Make it more difficult to accidentally log sensitive headers (#6551) (#6740)
• b0397cc 4.9.x GitHub builds update (#6732)
• eb5a834 Prepare next development version.
• 63dcd95 Prepare for release 4.9.1.
• d2e28ab Silently ignore 'bio == null' NullPointerExceptions (#6534)
• cbeaf8f Prepare for release 4.9.0.
• 8fd74a7 Conscrypt 2.5.1 Upgrade (#6263)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 60.79%. Comparing base (c5d38ef) to head (68c8e9f).

Additional details and impacted files

@@             Coverage Diff              @@
##                3.3   #15773      +/-   ##
============================================
+ Coverage     58.85%   60.79%   +1.94%     
- Complexity       15    11711   +11696     
============================================
  Files          1938     1938              
  Lines         88688    88688              
  Branches      13387    13387              
============================================
+ Hits          52198    53921    +1723     
+ Misses        30834    29242    -1592     
+ Partials       5656     5525     -131     

Flag	Coverage Δ
integration-tests-java21	32.38% <ø> (?)
integration-tests-java8	32.45% <ø> (?)
samples-tests-java21	32.07% <ø> (?)
samples-tests-java8	29.73% <ø> (?)
unit-tests-java11	59.11% <ø> (+0.03%)	⬆️
unit-tests-java17	58.59% <ø> (+0.02%)	⬆️
unit-tests-java21	58.59% <ø> (+0.03%)	⬆️
unit-tests-java25	58.56% <ø> (+0.03%)	⬆️
unit-tests-java8	59.10% <ø> (+0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[zrlw]

LGTM