update changelog for v0.3.0

CHANGELOG.md

@@ -5,6 +5,29 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.3.0] (2024-08-28)
+
+### Fixed
+
+- **Bug**: Due to a lack of synchronization, invocations of a middleware
+  concurrent with calls to that middleware's SetDebug method could previously
+  trigger data races.
+- **Tests**: Benchmarks now set the debug mode of the middleware under test
+  only when intended.
+
+### Changed
+
+- **Behavior**: Middleware now handle multiple Access-Control-Request-Headers
+  field lines.
+- **Behavior**: Middleware now tolerate a small amount of whitespace around the
+  elements of Access-Control-Request-Headers field values; moreover, middleware
+  now tolerate tolerate a modest number of empty elements in
+  Access-Control-Request-Headers field values.
+- **Behavior**: Non-HTTP(S) schemes (e.g. "connector") are now supported.
+- **Performance**: various improvements of middleware invocations
+- **Dependencies**: update to golang.org/x/net v0.28.0
+- **Documentation**: various improvements
+
 ## [0.2.0] (2024-05-08)
 
 ### Added
@@ -73,6 +96,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [0.1.0] (2024-03-23)
 
+[0.3.0]: https://github.com/jub0bs/cors/compare/v0.2.0...v0.3.0
 [0.2.0]: https://github.com/jub0bs/cors/compare/v0.1.3...v0.2.0
 [0.1.3]: https://github.com/jub0bs/cors/compare/v0.1.2...v0.1.3
 [0.1.2]: https://github.com/jub0bs/cors/compare/v0.1.1...v0.1.2