v0.1.1 — defense-in-depth + JSON-RPC conformance

Address findings from a joint Claude + Codex security review of v0.1.0.

High-priority fixes

• fetchAllowed: change redirect: \"follow\" to \"error\" so a same-origin redirect cannot bounce the request to an unintended host.
• get_bill: validate proceedingURL against the chamber's allowed origin AND path prefix. Previously any same-origin path was accepted, allowing clients to steer GETs to arbitrary pages on shugiin.go.jp / sangiin.go.jp.
• search_bills: explicit runtime enum check on chamber.
• Per-field input validation: max length on string args, ISO date format on from/until, alnum-only pattern on issueID, enum check on chamber everywhere.

Robustness

• Shift_JIS decoding for shugiin pages (and any response that declares shift_jis / windows-31j / cp932 in Content-Type).
• 10 MiB cap on remote response bodies via streaming reader; aborts the fetch if exceeded.
• 5-minute TTL response cache (LRU-bounded to 64 entries) and a simple in-process inflight cap (max 4 concurrent fetches) to avoid hammering public government endpoints.

JSON-RPC conformance

• computeResponse() refactor that separates response computation from writing, enabling proper batch response handling: an array of requests now produces a single array response (was: separate writes per item).
• Stdin buffer cap of 1 MiB; oversize input is dropped with a stderr log.
• Serial promise-queue for line handling so requests are processed in receive order (was: concurrent firing).

Docs

• README: fix get_bill example to use { chamber, proceedingURL } matching the actual schema (was incorrectly { chamber, session, billNumber }).

Reviewers: Claude Opus 4.7 (1M context), Codex (gpt-5.4)