Picosnitch

- fix loading libbpf on non-FHS installs (e.g. Nix)

- improved performance and reliability of the BPF CO-RE module
- BCC -> BPF CO-RE migration in v2.0.0 was mostly just a translation of the old module with old kernel structs
- this caused some messages to be missed in newer kernels (6.5+) and is now fixed
- events are now aggregated in kernel greatly improving performance

- improve exe path resolution (multi-call binary support)
- fix systemd service file: grant CAP_SYS_PTRACE so exe paths resolve
- fix noisy notifier errors when not using notifcations

- include vendored vmlinux.h in pypi sdist for simpler distro packaging

- fix for python 3.14 changing the default forking behavior of multiprocessing https://github.com/elesiuta/picosnitch/commit/9ffb02634b2deecf62a5ad77d02027084cff46aa

- Migrated eBPF backend from BCC to libbpf with CO-RE; ships prebuilt manylinux wheels for x86_64 and aarch64
- Rewritten web UI with overview / explore / live / drilldown tabs
- Rebuilt TUI on a sidebar layout with improved usability, find filter, and live tab
- New `picosnitch top` command and live event feed
- systemd-aware CLI: `status`/`start`/`stop`/`restart` cooperate with `systemctl`
- No runtime PyPI dependencies (except optional SQL drivers), safer supply chain and simpler install
- Hardened log file opens, read-only SQLite for viewers, dropped-privilege subprocesses
- Reworked SQLite schema (v4): lookup tables for exes/conns, separate events table, address family / protocol / netns columns, send-byte capture on write/writev
- Track grandparent process for richer attribution; resolve correct exe path for multi-call hardlinked binaries
- New TOML config format and FHS-standard paths for config, data, logs, and cache