Harden UVC parsing and profile handling

[svanvliet]

Summary

• harden UVC descriptor parsing, USB request validation, and IOService/plugin lifetime handling
• remove crash-prone unwraps in device/profile/preview paths and add diagnostics for failure cases
• make profiles UUID-backed with legacy decode support and add duplicate camera disambiguation
• fix periodic auto-push writes to reapply stored UI/profile values
• modernize launch-at-login with SMAppService on macOS 13+
• add Copilot repository instructions, pin Sparkle in Package.resolved, and update CI action versions/permissions

Tests

• swiftlint --quiet
• GIT_CONFIG_COUNT=1 GIT_CONFIG_KEY_0=safe.bareRepository GIT_CONFIG_VALUE_0=all xcodebuild -project CameraController.xcodeproj -scheme CameraController -sdk macosx -clonedSourcePackagesDirPath /tmp/camera-controller-sourcepackages CODE_SIGNING_ALLOWED=NO test

Notes

• Sparkle appcast signing still requires the release private key/signing process.
• Local xcodebuild required CODE_SIGNING_ALLOWED=NO because the maintainer Mac Development certificate is not installed locally.