Bump com.squareup.okhttp3:okhttp from 3.13.1 to 4.9.2

[dependabot[bot]]

Bumps com.squareup.okhttp3:okhttp from 3.13.1 to 4.9.2.

Changelog

Sourced from com.squareup.okhttp3:okhttp's changelog.

Change Log

Version 4.x

See 4.x Change log for the stable version changelogs.

Version 5.3.0

2025-10-30

• New: Add tags to Call, including computable tags. Use this to attach application-specific metadata to a Call in an EventListener or Interceptor. The tag can be read in any other EventListener or Interceptor.

    override fun intercept(chain: Interceptor.Chain): Response {
      chain.call().tag(MyAnalyticsTag::class) {
        MyAnalyticsTag(...)
      }
  return chain.proceed(chain.request())
  
  }
  

• New: Support request bodies on HTTP/1.1 connection upgrades.

• New: EventListener.plus() makes it easier to observe events in multiple listeners.

• Fix: Don't spam logs with ‘Method isLoggable in android.util.Log not mocked.’ when using OkHttp in Robolectric and Paparazzi tests.

• Upgrade: [Kotlin 2.2.21][kotlin_2_2_21].

• Upgrade: [Okio 3.16.2][okio_3_16_2].

• Upgrade: [ZSTD-KMP 0.4.0][zstd_kmp_0_4_0]. This update fixes a bug that caused APKs to fail [16 KB ELF alignment checks][elf_alignment].

Version 5.2.1

2025-10-09

• Fix: Don't crash when calling Socket.shutdownOutput() or shutdownInput() on an SSLSocket on Android API 21 through 23. This method throws an UnsupportedOperationException, so we now catch that and close the underlying stream instead.

• Upgrade: [Okio 3.16.1][okio_3_16_1].

Version 5.2.0

2025-10-07

... (truncated)

Commits

• 3edf17c Prepare for release 4.9.2.
• 262b3cd Handle strict module handling on JDK17 (#6707) (#6742)
• f574ea2 Cherry pick fix for CVE-2021-0341 onto 4.9.x (#6741)
• 1fd7c0a Make it more difficult to accidentally log sensitive headers (#6551) (#6740)
• b0397cc 4.9.x GitHub builds update (#6732)
• eb5a834 Prepare next development version.
• 63dcd95 Prepare for release 4.9.1.
• d2e28ab Silently ignore 'bio == null' NullPointerExceptions (#6534)
• cbeaf8f Prepare for release 4.9.0.
• 8fd74a7 Conscrypt 2.5.1 Upgrade (#6263)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.