release: v1.1.3 — security hardening, edition 2024, dependency updates

Security:
- Fix RUSTSEC-2026-0007 (bytes integer overflow)
- Restrict SQLite database file permissions to 0600 on Unix
- Add 100KB size limit to intention descriptions (DoS prevention)
- Redact JSON-RPC payloads from debug logs (data leakage prevention)
- Update SECURITY.md with encryption docs and supported versions

Modernization:
- Upgrade Rust edition 2021 → 2024, MSRV 1.75 → 1.85
- Upgrade actions/checkout@v4 → v5, codecov/codecov-action@v3 → v5
- Update all dependencies to latest compatible versions
- Fix edition 2024 match ergonomics in compression.rs

Clippy fixes:
- Rename from_str → parse_name to avoid shadowing FromStr trait
- Replace .max().min() with .clamp()
- Replace sort_by with sort_by_key

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

packages/vestige-mcp-npm/package.json

@@ -1,6 +1,6 @@
 {
   "name": "vestige-mcp-server",
-  "version": "1.1.2",
+  "version": "1.1.3",
   "description": "Vestige MCP Server - AI Memory System for Claude and other assistants",
   "bin": {
     "vestige-mcp": "bin/vestige-mcp.js",