feat: add issue report workflow

[DeadWaveWave]

?? Change Scope

• Small Change: Fast feedback, localized UI/logic, low-risk.
• Large Change: New feature, cross-boundary logic, runtime-risk (persistence, IPC, lifecycle, recovery).

?? What Does This PR Do?

Adds an in-app Report Issue workflow for users who hit Run Agent failures after an update.

• Adds a header entry and lightweight dialog for issue type, summary, details, and optional local paths.
• Generates a local Markdown diagnostic report with app, update, worker, agent, and recent runtime log context.
• Keeps upload user-controlled: users can show the file, copy the report, or open a prefilled GitHub issue.
• Redacts secrets and hides local paths by default, with IPC validation and main-process path/URL guards.
• Adds runtime diagnostics persistence so renderer error-boundary logs are available in reports.
• Stabilizes the CLI path installer unit spec on Windows after pre-commit exposed platform leakage.

---

??? Large Change Spec (Required if "Large Change" is checked)

1. Context & Business Logic

Some users report that Run Agent stopped working after an update, but the failures are hard to diagnose remotely. This PR gives users a simple, comfortable reporting path that gathers useful diagnostics locally without automatic upload.

2. State Ownership & Invariants

• Renderer owns only ephemeral dialog state: issue type, summary, details, and the local-path opt-in.
• Main owns diagnostic collection, report file creation, report-file path authority, and GitHub URL opening.
• Shared contracts own the IPC DTOs and channel names.

Invariants:

• No issue report is uploaded automatically; the user explicitly chooses copy/open/show actions.
• Local paths are hidden by default and redacted from generated reports unless the user opts in.
• Main only opens GitHub issue URLs for https://github.com/DeadWaveWave/opencove/issues/new and only shows files under the app-owned issue report directory.

3. Verification Plan & Regression Layer

• Unit: report markdown generation, truncation, and secret/path redaction.
• Contract: IPC payload normalization and invalid input rejection.
• E2E: header dialog can generate a report and copy the generated Markdown.
• Full gate: pnpm pre-commit passed.

---

? Delivery & Compliance Checklist

• My code passes the ultimate gatekeeper: pnpm pre-commit is completely green.
• I have signed the CLA if required (see CLA.md).
• I have included new tests to lock down the behavior (or explicitly stated why it's untestable).
• I have strictly adhered to the DEVELOPMENT.md architectural boundaries.
• I have attached a screenshot or screen recording (if this touches the UI).
• I have updated the documentation accordingly (if adding a feature or changing a contract).

?? Screenshots / Visual Evidence

CLI-created PR. The user-visible flow is covered by tests/e2e/issue-report.spec.ts; no review-only media is committed to the repo.