A non-existent command surfaces as an error record (non-fatal), printed via
render_concise to stdout while the process still exits 0. Asserts both, across
all auth methods.

Polish from the independent review pass (no behavior change except a clearer
error message): remove dead commented-out visitor block in ws_addressing;
correct the tag! marker-visibility doc; drop two what/how comments; loosen the
paste version pin; clearer 'found none' diagnostic for an empty tag wrapper;
restore optional-permutation derive tests and add mixed-content rejection tests
for numeric/uuid leaves.

Address the independent Codex pass — reject malformed input uniformly rather
than silently absorbing it:

- attributes matched by (namespace-URI, local-name) with parse errors on known
  attributes propagated instead of dropped (cores/attribute.rs, cores/tag.rs)
- <Selector>/<Option> require an unqualified Name attribute (ws_management/header.rs)
- SoapEnvelope::from_xml validates the root really is {SOAP}Envelope before
  reading children (soap/mod.rs)
- reject mixed content (non-whitespace text) in element containers, applied in
  the derive and every hand-written container (ironposh-xml mapping helper)
- leaf_text tolerates comments/PIs and concatenates text runs so a comment can
  neither be rejected nor truncate the value (cores/tag_value.rs)

Adds negative tests for each.

Two issues the strict pass exposed:
- xs:boolean attributes (mustUnderstand/MustComply/End/EndUnit) now accept the
  1/0 forms, not just true/false, so propagating parse errors can't reject a
  spec-compliant <s:mustUnderstand="1"> response.
- xml:lang is modeled literally as "xml:lang" (the reserved prefix is never
  declared); fold roxmltree's expanded (xml-namespace, "lang") form back to
  that spelling so it matches on input instead of being dropped.

SOAP 1.2 permits multiple <Text xml:lang> entries in a fault <Reason>; the
derived singleton rejected them as duplicates. Hand-write FromXml to keep the
first and ignore the rest.