Dependency on okhttp3 v4.11.0 is causing a transient vulnerability on dependency scanners per CVE-2023-3635

[rhanton]

Our dependency scanner is upset about the CVE-2023-3635 vulnerability in com.squareup.okio:okio v3.2.0 that is contained within okhttp3 v4.11.0. See dependency tree below:

[INFO] |  \- com.statsig:serversdk:jar:1.32.1:compile
[INFO] |     +- com.squareup.okhttp3:okhttp:jar:4.11.0:runtime
[INFO] |     |  \- com.squareup.okio:okio:jar:3.2.0:runtime
[INFO] |     |     \- com.squareup.okio:okio-jvm:jar:3.2.0:runtime
[INFO] |     |        \- org.jetbrains.kotlin:kotlin-stdlib-common:jar:1.9.25:runtime

Using v4.12.0 will bring us to okio v3.6.0 that is no longer vulnerable. Better would be to remove dependency on these square http libraries entirely, but I think the version bump is an easy change.

[rhanton]

Another helpful thing would be suggesting use of dependabot on statsig-io's repositories, which would help these items to be remedied sooner (without me asking).