feat(media): add Media RSS full attributes and podcast:value parsing

Phase 2 of namespace completion:

- Add MediaContent type with full Media RSS spec (medium, bitrate, framerate, expression, isDefault)
- Add MediaThumbnail type with NTP time offset support
- Add PodcastValue and PodcastValueRecipient types for value-for-value monetization
- Implement podcast:value parsing with nested valueRecipient elements
- Add max_value_recipients DoS limit (default: 20)
- Add SSRF security warnings to MediaContent.url and MediaThumbnail.url
- Add media_content_to_enclosure() conversion helper
- Add comprehensive unit tests for all new types

Author: bug-ops

crates/feedparser-rs-core/src/limits.rs

@@ -135,6 +135,14 @@ pub struct ParserLimits {
     ///
     /// Default: 50 persons
     pub max_podcast_persons: usize,
+
+    /// Maximum number of podcast value recipients per feed
+    ///
+    /// Podcast 2.0 value recipients for payment splitting.
+    /// Prevents `DoS` from feeds with excessive recipient lists.
+    ///
+    /// Default: 20 recipients
+    pub max_value_recipients: usize,
 }
 
 impl Default for ParserLimits {
@@ -161,6 +169,7 @@ impl Default for ParserLimits {
             max_podcast_transcripts: 20,
             max_podcast_funding: 20,
             max_podcast_persons: 50,
+            max_value_recipients: 20,
         }
     }
 }
@@ -199,6 +208,7 @@ impl ParserLimits {
             max_podcast_transcripts: 5,
             max_podcast_funding: 5,
             max_podcast_persons: 10,
+            max_value_recipients: 5,
         }
     }
 
@@ -235,6 +245,7 @@ impl ParserLimits {
             max_podcast_transcripts: 100,
             max_podcast_funding: 50,
             max_podcast_persons: 200,
+            max_value_recipients: 50,
         }
     }
 
@@ -433,4 +444,44 @@ mod tests {
         assert!(msg.contains("200000000"));
         assert!(msg.contains("100000000"));
     }
+
+    #[test]
+    fn test_max_value_recipients_default() {
+        let limits = ParserLimits::default();
+        assert_eq!(limits.max_value_recipients, 20);
+    }
+
+    #[test]
+    fn test_max_value_recipients_strict() {
+        let limits = ParserLimits::strict();
+        assert_eq!(limits.max_value_recipients, 5);
+        assert!(limits.max_value_recipients < ParserLimits::default().max_value_recipients);
+    }
+
+    #[test]
+    fn test_max_value_recipients_permissive() {
+        let limits = ParserLimits::permissive();
+        assert_eq!(limits.max_value_recipients, 50);
+        assert!(limits.max_value_recipients > ParserLimits::default().max_value_recipients);
+    }
+
+    #[test]
+    fn test_value_recipients_limit_enforcement() {
+        let limits = ParserLimits::default();
+
+        // Within limit
+        assert!(limits
+            .check_collection_size(19, limits.max_value_recipients, "value_recipients")
+            .is_ok());
+
+        // At limit
+        assert!(limits
+            .check_collection_size(20, limits.max_value_recipients, "value_recipients")
+            .is_err());
+
+        // Exceeds limit
+        let result = limits.check_collection_size(21, limits.max_value_recipients, "value_recipients");
+        assert!(result.is_err());
+        assert!(matches!(result, Err(LimitError::CollectionTooLarge { .. })));
+    }
 }