fix: audit fixes — D-Bus sender validation, fp lifecycle, multi-monitor caching (v0.6.0)

Close the only exploitable auth bypass: validate VerifyStatus signal sender
against fprintd's unique bus name. Fix fingerprint D-Bus lifecycle so devices
are properly released on verify-match and async restarts check the running
flag between awaits.

Security: num_msg guard in PAM callback, symlink rejection for background_path,
peek icon disabled, TOML parse errors logged, panic hook before logging.

Performance: blur and avatar textures cached across monitors, release profile
with LTO/strip.

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "moonlock"
-version = "0.5.1"
+version = "0.6.0"
 edition = "2024"
 description = "A secure Wayland lockscreen with GTK4, PAM and fingerprint support"
 license = "MIT"
@@ -26,3 +26,8 @@ tempfile = "3"
 
 [build-dependencies]
 glib-build-tools = "0.22"
+
+[profile.release]
+lto = "thin"
+codegen-units = 1
+strip = true