chore(release): bump version to 3.3.0 (#96)

Bump 3.2.0 -> 3.3.0 (minor) for the inline OpenVEX feature already staged
under CHANGELOG `## [Unreleased]`. Synced via scripts/version-sync.sh across
Cargo.toml (workspace version + core dep pin), Cargo.lock, all npm packages
(main + platform shims + lockfile), and pypi/pyproject.toml.

The Release workflow reads this version from Cargo.toml; once merged it can be
dispatched to publish v3.3.0 and roll the CHANGELOG over.

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

fix: repo-wide correctness, security & filesystem-safety hardening pa…

…ss (v3.2.0) (#92)

* fix: repo-wide correctness, security & filesystem-safety hardening pass (v3.2.0)

Reviewed every source file in both crates line by line, fixed the bugs
found, and added regression tests throughout. Highlights:

Security
- patch/package.rs: path-traversal via validate-before-normalize
  (package//etc/passwd escaped the package tree)
- patch/diff.rs: clamp unbounded Vec preallocation from untrusted
  bsdiff target-size header (OOM/abort on a hostile delta)
- vex/verify.rs: omit zero-file patches instead of emitting an
  evidence-free not_affected attestation

Filesystem safety / atomicity / rollback
- apply: DirWriteGuard for read-only dirs, chown-before-chmod to keep
  setuid/setgid, parent-dir fsync after rename
- cow: atomic rename-over symlink (no pre-unlink), stage cleanup
- rollback: delegate to hardened apply_file_patch; AlreadyOriginal
  before blob check; read-only-dir new-file delete
- file_hash/git_sha256: open-once + fstat (TOCTOU), regular-file guard,
  size/body mismatch detection
- cargo/nuget sidecars: hardened writes/deletes in read-only caches
- cleanup_blobs: symlink-tolerant, accurate counts
- apply_lock: classify genuine flock errors as Io, clamp timeout sleep

Crawlers (on-disk layout & metadata)
- composer v-prefix + malformed-entry tolerance + on-disk check
- go cache-at-root, version case-encoding, GOPATH list, module directive
- npm symlink following + nested-recursion guard
- nuget global-cache version casing
- python macOS framework layout + dist-info dir-name fallback
- deno macOS cache path, XDG_CACHE_HOME, empty DENO_DIR
- maven XML-comment stripping + skip-section depth
- cargo TOML header tolerance + dir-name version split
- shared utils/fs::entry_is_dir follows symlinks

API client, commands & misc
- proxy-url override on binary downloads; deterministic org/title/batch
  flag; case-insensitive hash compare
- USER_AGENT + telemetry version track CARGO_PKG_VERSION (was 1.0.0)
- apply release-variant NotFound spurious-failure fix
- get/scan/remove char-safe truncation (UTF-8 panic)
- setup/repair honest non-zero exit codes + telemetry
- rollback no-op miscount; unlock released-snapshot; vex qualified PURLs
- package.json non-object/dedup/glob/key-order (preserve_order)
- json_envelope status invariant + oldUuid; list ordering; fuzzy_match
  tie-break; lock_cli sub-second timeout; vex schema/product fixes

Updated stale repair/python_crawler e2e expectations to the corrected
contracts. Bumped version to 3.2.0 and added the scripts/study-crates.ts
audit harness used to drive the review.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* test: fix Windows-only file_hash directory-rejection assertion

`File::open` on a directory fails outright on Windows (different OS error
kind), whereas on Unix it opens and the is_file() guard rejects it with
InvalidInput. The production code rejects directories on both platforms;
only pin the specific InvalidInput kind off-Windows.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

ci(release): pin newer cross NDK image for aarch64-linux-android (#86)

The default image bundled with cross 0.2.5 ships an NDK whose sysroot
lacks libunwind on the linker path. Modern rustc emits `-lunwind` for
Android targets, so the release build fails with
`ld: cannot find -lunwind`.

Override just the Android target to a digest-pinned cross main image,
which ships an NDK that has libunwind available. All other targets
keep their default cross 0.2.5 images.

Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

v2.1.4: bump and sync package versions (#62)

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

v2.1.3: bump and sync package versions (#59)

Re-release of v2.1.2 content — the v2.1.2 release workflow failed
mid-way (npm publish hit broken Node 22.22.2) leaving a stuck tag
that can't be deleted due to tag protection rules.

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

v2.1.2: bump and sync package versions (#57)

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

v2.1.1: bump and sync package versions (#49)

v2.1.0: bump and sync package versions

v2.0.0: bump and sync package versions

v1.7.1: bump and sync package versions