Prepare saneyaml 0.3.0 release

[jskoiz]

Cuts the 0.3.0 release from the changes merged since v0.2.0.

• Bumps the version to 0.3.0 in Cargo.toml, Cargo.lock, and the
  saneyaml = "…" / package-alias / package-status snippets in README.md,
  docs/ARCHITECTURE.md, and docs/MIGRATION.md.
• Renames the CHANGELOG Unreleased section to 0.3.0, adds a fresh empty
  Unreleased, and completes the entry set (Added / Changed / Fixed / Security)
  covering the work merged since v0.2.0:
  • Security: three quadratic-time parse DoS vectors fixed (unterminated
    multi-line flow collections, unterminated multi-line quoted scalars, and
    long single-line quote runs) — all now linear.
  • Changed (behavior): YAML 1.1 two-part sexagesimals re-anchored to
    base-60/PyYAML weighting (1:20 → 80); bytes rejected consistently across
    serialize paths; !!str numerics stay strings at all widths; caller-built
    Node/Value deserializers expand << merge keys; floats emitted in
    shortest round-tripping form.
  • Added: EmitOptions::with_enum_representation / EnumRepresentation
    and EmitOptions::with_yaml_1_1_safe_strings.
  • Fixed: UTF-16 surrogate-pair escapes, !!omap duplicate-key rejection,
    NaN partial_cmp, verbatim tag-suffix escaping, bounded merge-expansion
    depth, timestamp fractional truncation, and the [P3] Update dependency snippets for the 0.2.0 release #19–[P3] parse_lossless rejects anchor/alias names with control chars that parse_events accepts #40 correctness batch.

Version-consistency (trust_metadata) and the runtime-dependency snapshot pass
locally; CI runs the full gate. Tag v0.3.0 + cargo publish are left to the
maintainer.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 44fd984998

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Update the fuzz lockfile for the release version

Bumping the root package to 0.3.0 leaves the non-workspace fuzz crate's lockfile stale: fuzz/Cargo.lock still records the path dependency saneyaml as 0.2.0, while CI runs cargo clippy --locked --manifest-path fuzz/Cargo.toml --all-targets -- -D warnings in .github/workflows/ci.yml. In that locked fuzz job, Cargo will need to update the path dependency entry to 0.3.0 and will fail because --locked forbids lockfile changes, so this release commit breaks the fuzz CI until fuzz/Cargo.lock is regenerated.

Useful? React with 👍 / 👎.