refactor: remove guava dependency

[ricellis]

The guava dependency is large and causes CVE-2020-8908 to get flagged by some scanning tools (though to be clear the vulnerable guava method is not used in this code). Since guava is used in just a few places it could be removed to reduce the size of the SDKs and prevent this false positive vulnerability warning.

This PR:

• Removes guava-version and the guava dependency block from the pom
• Updates RequestBuilder to use okhttp's path segment encoding instead of guava's URL escaper
• Replaces guava base64 encoding/decoding with java.util.Base64
• Replaces some list/set initialization in test classes.
• Finally, removes javax.annotation.Nullable (as supplied by the guava package) that was referenced by HttpConfigTest

[padamstx]

@ricellis Thanks for making this change!

[ibm-devx-sdk]

:tada: This PR is included in version 9.17.6 :tada:

The release is available on GitHub release

Your semantic-release bot :package::rocket: