Address security issues involving quote API

Ref: GHSA-r7qv-8r2h-pg27

- Deprecate quote APIs in favor of `try_` equivalents that complain
  about nul bytes.

- Also add a builder API, which allows re-enabling nul bytes without
  using the deprecated interface, and in the future can allow other
  things (as discussed in quoting_warning).

- Add documentation about various security risks that remain,
  particularly with interactive shells.

- Add fuzzers that actually verify round-trippability of the quote APIs
  against various shells, Python `shlex`, and C `wordexp`.

  - These are separate crates (as opposed to just being different files
    under `fuzz/fuzz_targets`) because they have different dependencies
    and build steps, and I don't want to agglomerate them all together.
    I've put them in the same workspace at least.

  - Also, check in Cargo.lock for the fuzzers, since they are binaries.

- Add explicit MSRV of 1.46.0.

  This crate didn't previously have an explicit MSRV, but `cargo msrv`
  tells me that shlex 1.2.0 works down to Rust 1.36.0.

  Since this is a security fix, ideally the MSRV wouldn't be bumped at
  all, but that's not really feasible since the new API uses
  `#[non_exhaustive]`, which was unstable in Rust 1.36.0.  In case anyone
  is stuck on old Rust versions, I separately released a shlex 1.2.1 that
  only has the fix for `{`/`}`/`\xa0`, without the API changes.

  However, even for the full release I'd still like to keep the MSRV
  reasonably old.  I picked 1.46.0 because it's the first version that
  wouldn't require completely redoing the `const fn` bitmask.

- Add more authors to Cargo.toml based on Git commits.

Author: comex

.gitignore

@@ -1,3 +1,8 @@
-/target/
-Cargo.lock
+nocommit/
+target/
+artifacts/
+corpus/
+/Cargo.lock
 **/*.rs.bk
+.*.sw?
+.sw?

Cargo.toml

@@ -1,9 +1,13 @@
 [package]
 name = "shlex"
-version = "1.2.1"
+version = "1.3.0"
 authors = [
     "comex <[email protected]>",
-    "Fenhl <[email protected]>"
+    "Fenhl <[email protected]>",
+    "Adrian Taylor <[email protected]>",
+    "Alex Touchet <[email protected]>",
+    "Daniel Parks <[email protected]>",
+    "Garrett Berg <[email protected]>",
 ]
 license = "MIT OR Apache-2.0"
 repository = "https://github.com/comex/rust-shlex"
@@ -12,6 +16,7 @@ categories = [
     "command-line-interface",
     "parser-implementations"
 ]
+rust-version = "1.46.0"
 
 [features]
 std = []