Patch release for wildcard request expansion.
- Treat wildcard scopes in token requests as selectors over concrete allowed_scopes.
- Issue token responses and JWT scope claims with concrete scopes only after expansion.
- Keep wildcard allowed_scopes as policy shortcuts for concrete requests, without issuing wildcard token scopes.
- Update Docker/GHCR, release compose, ECS, GitHub Pages, and wiki examples to 0.3.1.