Jonathon Anderson developed a capability-based enhancement for container performance profiling in the containers/container-libs repository. He enabled the use of perf_event_open within containers that possess only the CAP_PERFMON capability, eliminating the need for broader CAP_SYS_ADMIN privileges. By updating the seccomp policy, Jonathon allowed perf_event_open when CAP_PERFMON is present, thereby improving observability in constrained environments while maintaining a strong security posture. His work, implemented in Go and focused on containerization and security, addressed the challenge of enabling profiling tools without escalating privileges. The solution was not enabled by default, reflecting careful consideration of security and practical deployment in production environments.