Remove unneeded array-flatten dependency

[mac-chaffee]

Back in 2015, express had its own ~9 line flatten() function, which got replaced by an external library in #2682 and #2624

That was just before the left-pad fiasco in 2016, when dependencies were a magical source of free code that someone else maintains who never gets hacked, bought-off, or becomes malicious ;)

https://owasp.org/Top10/A06_2021-Vulnerable_and_Outdated_Components/
https://en.wikipedia.org/wiki/Npm_(software)#Notable_breakages

This PR restores the old flatten function (we still have the test!) and removes the need for the external array-flatten dependency.

[dougwilson]

Hello, and thank you for your pull request. The ecosystem has changed a lot, as well as the controls npm has. Our philosophy is yo move to more usage of smaller packages, and to remove these util code blocks from source.

[dougwilson]

The array-flatten module is authored and maintained by an Express.js TC member.