chore(ci): pin upload-release-assets action to v3.0.1

[sayo-ep]

This PR pins the AButler/upload-release-assets action from @v3.0 to the explicit version @v3.0.1 following a security review. Pinning to exact versions is a best practice that enables:

• Version Control: Explicit tracking of which version is in use
• Change Management: Controlled updates with review before adopting new versions
• Security Monitoring: Easier tracking of security advisories
• Reproducibility: Consistent behavior across workflow runs

Security Review Summary

Key Findings:

• OSSF Scorecard: 4.8/10
• Code Quality: Secure (0 SAST findings)
• Known Issues: 12 CVEs in transitive dependencies (ReDoS vulnerabilities with LOW exploitability in CI/CD)
• Maintenance: Active (5+ years, latest release March 2025)
• Risk Level: MEDIUM (dependency CVEs only)

Why Continue Using This Action:

• Simple, declarative syntax with native glob support
• Clean security profile (0 code vulnerabilities)
• CVEs have low practical risk in sandboxed GitHub Actions environment
• Well-maintained with consistent updates