feat: restrict types allowed during deserialization via ITypeFilter

[esskar]

Add an opt-in type allow-list for expression deserialization, the equivalent of BinaryFormatter's SerializationBinder, so untrusted payloads cannot resolve arbitrary types.

• ITypeFilter extension point on ExpressionContext (TypeFilter property
  • constructor overloads); enforced in ExpressionContextBase.ResolveType
• Built-in AllowedTypesFilter (allow-list by type/open-generic/namespace) and DelegateTypeFilter (predicate)
• TypeNotAllowedException thrown for rejected types
• Filter applied on cache hits and to each generic argument, so it cannot be bypassed; no filter set keeps existing behavior unchanged
• Add ExpressionSerializer.Deserialize(Stream, IExpressionContext) overload
• Tests in Issues/Issue151.cs (90/90 passing)
• Bump version to 4.3.0; update CHANGELOG and README

Closes #151