[SECENG-859] update circle-policy-agent version

[sagar-connect]

Ticket: SECENG-859

Checklist

=========

• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have checked for similar issues and haven't found anything relevant.
• This is not a security issue (which should be reported here: https://circleci.com/security/)
• I have read Contribution Guidelines.

Internal Checklist

• I am requesting a review from my own team as well as the owning team
• I have a plan in place for the monitoring of the changes that I am making (this can include new monitors, logs to be aware of, etc...)

Changes

=======

• updated dependencies

(Before) Snyk CLI result
Tested 290 dependencies for known issues, found 2 issues, 65 vulnerable paths.

(After) Snyk CLI result
Tested 290 dependencies for known issues, no vulnerable paths found.

[michael-webster]

Can you document the plan to test this? I see the box checked, but are there more details than that?

[sagar-connect]

@michael-webster
Since the change is an updated library to fix the CVEs, one of the expected outcomes would be see reduced known vulnerabilities in the code, the result of this test is posted in the PR description, both before and after.

To make sure we are not breaking anything with this change, we are relying on the unit-tests (there are enough in this repo), and they are still passing.

[michael-webster]

Is there any way to validate the client continues to behave as expected e.g. locally building the cli and testing with that for example?

[michael-webster]

Approving this assuming a test with a local build to confirm behavior happens.

[sagar-connect]

Tested with locally built binary on Linux.
Verified version and policy fetch commands.