chore: update all dependencies

[Justintime50]

Description

Bumps all dependencies to fix some security issues.

This change introduces a bunch of new warnings during the build process, most of which about bad javadocs that need to be corrected. This can be done separately.

Unfortunately, there is still a vulnerability of a 3rd party dependency that we don't have control over. Similarly, Google hasn't released a patch in over a year so we may be SOL:

One or more dependencies were identified with known vulnerabilities in com.easypost:easypost-api-client:

guava-31.1-jre.jar (pkg:maven/com.google.guava/guava@31.1-jre, cpe:2.3:a:google:guava:31.1:*:*:*:*:*:*:*) : CVE-2020-8908

Testing

Pull Request Type

Please select the option(s) that are relevant to this PR.

• [ ] Bug fix (non-breaking change which fixes an issue)
• [ ] New feature (non-breaking change which adds functionality)
• [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
• [x] Improvement (fixing a typo, updating readme, renaming a variable name, etc)

[nwithan8]

I'll dig in and see what that dependency is for and if we can get around it.

[nwithan8]

Odd, Maven Repository is not reporting any vulnerabilities for Guava 31.1-jre

That said, Guava is a dependency of ErrorProne, which we only use to do static analysis on our library

So, if there is a vulnerability, it shouldn't be passed down to the end-user (not a compile dependency).