Bump Flurl from 3.0.6 to 4.0.0

[dependabot]

Bumps Flurl from 3.0.6 to 4.0.0.

Release notes

Sourced from Flurl's releases.

Flurl.Http 4.0.0

This is a significant release with many breaking changes. Please read carefully. An upgrade guide has also been added to the documentation.

Big stuff, all BREAKING:

• Removed dependency on Newtonsoft.Json in favor of System.Text.Json (#517)
  • Rather stick with Newtonsoft? Try the new Flurl.Http.Newtonsoft companion package
• Removed all non-generic, dynamic-returning JSON methods (#699)
  • Flurl.Http.Newtonsoft also brings these back.
• Huge overhaul of Flurl's configuration system to make it more fluent and more DI-friendly (#770)
  • "Factories" are removed, replaced by fluent configuration of HttpClient and HttpMessageHandlers
  • FlurlHttp static object completely overhauled, now mostly just responsible for client caching associated with "clientless" usage pattern
  • Configure and ConfigureRequest methods renamed to WithSettings
• Overhaul of Event Handlers (#784)
  • No longer available on Settings
  • Fluent extension methods still work

Smaller stuff, all BREAKING:

• Settings.ConnectionLeaseTimeout removed (#703)
• WithClient extension methods removed (#590)
• CancellationToken moved to last arg everywhere that it isn't (#702)
• AllowHttpStatus now takes int instead of HttpStatusCode args (#785)
• GetStreamAsync defaults to unbuffered behavior (#630)
• IFlurlClient.Settings and IFlurlRequest.Settings container objects are read-only
• IFlurlClient.HttpMessageHandler removed
• FlurlCall.RedirectedFrom moved to IFlurlRequest (accessible via FlurlCall.Request.RedirectedFrom)
• FlurlResponse ctor takes a FlurlCall instead of an HttpResponseMessage
• FlurlRequest.Client is no longer instantiated on demand by just referencing the property. If it hasn't been set explicitly, or (more common) by calling FlurlClient.Request, it will remain null until the request is sent
• IHttpSettingsContainer renamed to ISettingsContainer, and its Headers property moved to (new) IHeadersContainer (#773)
• FakeHttpMessageHandler, TestHttpClientFactory, and TestFlurlHttpSettings types all removed

Non-breaking enhancements and bug fixes:

• First-class support for persisting and restoring CookieJar (#758)
• HTTP 2.0 support via Settings.HttpVersion (#639)
• AllowRealHttp now reverts to original HttpClient, eliminating certain quirks (#683)
• Flurl no longer disposes request message automatically, per best practices (#650)
• Removed circular redirect detection (#714)
• Bugfix: ShouldHaveCalled false negative with URL ending with ? (#721)
• Bugfix: extra space added to Content-Type headers (#740)

Flurl 4.0.0

• AppendQueryParams method/overloads (#688), thx @​Marusyk!
• BUGFIX: SetQueryParams with collection, duplicate keys should append not overwrite (#370)
• BUGFIX: False negatives with Url.IsValid (#462)

Flurl.Http 4.0.0-pre7

• BREAKING: Event handler changes (#784)
• BREAKING: AllowHttpStatus now takes int instead of HttpStatusCode args (#785)

... (truncated)

Commits

• e620fab revert Version -> PackageVersion rename
• 1f3fd3d 4.0!
• b508e69 readme tweaks
• 7314cf3 #770 remove potentially confusing IFlurlClientCache.Add overload
• ad46151 coverlet complaining again
• bd17571 Newtonsoft readme
• d0a43cf get error response as dynamic with Newtonsoft
• 4361a2d Flurl.Http pre version bump
• 439afe9 #778 DefautRequestHeaders sync bug
• d9924c4 #785 AllowHttpStatus should take int[]
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)