chore(repo): fix license detection and add github workflows

LICENSE now starts with the EUPL-1.2 standard header so github-linguist
detects the licence correctly in the repo header. The dual-copyright
block (upstream ChatTwo authors plus Hellion Online Media) moves into a
new COPYRIGHT file referenced from the README. NOTICE.md and
UPSTREAM_SYNC.md stay as-is.

New files under .github:

- workflows/build.yml: validates every push to main and every PR
  against the current Dalamud staging branch on a Windows runner
- workflows/release.yml: builds Release on every v* tag, locates the
  DalamudPackager latest.zip and attaches it to the matching GitHub
  Release via softprops/action-gh-release
- dependabot.yml: weekly NuGet sweeps and monthly GitHub Actions
  sweeps with conventional-commit prefixes, grouped patch and minor
  PRs to cut review noise
- ISSUE_TEMPLATE/bug_report.yml + feature_request.yml + config.yml:
  structured intake that pushes security reports through the private
  advisory flow and routes upstream-only issues to ChatTwo
- SECURITY.md: documents the vulnerability reporting channels, scope,
  and target disclosure window

The release workflow replaces the previous manual upload step. Tag a
release and the ZIP shows up on the release page automatically.

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,73 @@
+name: Bug report
+description: Something in HellionChat is broken or behaves wrong
+labels:
+  - bug
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for reporting. Please fill in the fields below so I can
+        reproduce the issue. If this is a security issue, stop here and
+        use the [private vulnerability advisory](https://github.com/JonKazama-Hellion/HellionChat/security/advisories/new)
+        instead.
+
+  - type: input
+    id: version
+    attributes:
+      label: HellionChat version
+      description: From Settings → Information → Version
+      placeholder: "0.5.1"
+    validations:
+      required: true
+
+  - type: dropdown
+    id: platform
+    attributes:
+      label: Platform
+      options:
+        - Windows (XIVLauncher)
+        - Linux (XIVLauncher Core)
+        - macOS (XIVLauncher Core / wine)
+        - Other
+    validations:
+      required: true
+
+  - type: textarea
+    id: what-happened
+    attributes:
+      label: What happened
+      description: Plain description, no log dumps yet
+    validations:
+      required: true
+
+  - type: textarea
+    id: expected
+    attributes:
+      label: What you expected
+    validations:
+      required: true
+
+  - type: textarea
+    id: steps
+    attributes:
+      label: How to reproduce
+      description: Step-by-step from "open settings" or "log in" through to the broken behaviour
+    validations:
+      required: true
+
+  - type: textarea
+    id: log
+    attributes:
+      label: Relevant /xllog excerpt
+      description: Filter for "HellionChat" or "ChatTwo" if the log is huge
+      render: text
+
+  - type: checkboxes
+    id: confirm
+    attributes:
+      label: Pre-flight
+      options:
+        - label: I am running the latest version of HellionChat
+          required: true
+        - label: I have searched existing issues for duplicates
+          required: true

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,14 @@
+blank_issues_enabled: false
+
+contact_links:
+  - name: Security vulnerability
+    url: https://github.com/JonKazama-Hellion/HellionChat/security/advisories/new
+    about: Do not open a public issue for security problems. Use the private advisory instead.
+
+  - name: Upstream Chat 2 issue
+    url: https://github.com/Infiziert90/ChatTwo/issues
+    about: If the issue exists in upstream Chat 2 too, please report it there so the original maintainers see it as well.
+
+  - name: Discord
+    url: https://discord.com/users/j.j_kazama
+    about: Quick questions, casual feedback. Bug reports still go through the issue tracker for tracking.

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,55 @@
+name: Feature request
+description: Suggest a feature or enhancement for HellionChat
+labels:
+  - enhancement
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for the suggestion. HellionChat focuses on privacy by
+        default and a small, well-scoped feature set. Suggestions that
+        align with that scope are easier to accept than ones that pull
+        the plugin toward "do everything".
+
+  - type: textarea
+    id: problem
+    attributes:
+      label: What problem are you trying to solve
+      description: The user-side problem, not the proposed solution yet
+    validations:
+      required: true
+
+  - type: textarea
+    id: solution
+    attributes:
+      label: What you would like HellionChat to do
+    validations:
+      required: true
+
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Alternatives you have considered
+      description: Other plugins, manual workarounds, settings combinations
+
+  - type: dropdown
+    id: scope
+    attributes:
+      label: Scope estimate from your side
+      options:
+        - "Small (one tab, one toggle, one filter)"
+        - "Medium (a settings section, persistent state, one new file)"
+        - "Large (architectural, touches the message pipeline or the database)"
+        - "I don't know"
+    validations:
+      required: true
+
+  - type: checkboxes
+    id: confirm
+    attributes:
+      label: Pre-flight
+      options:
+        - label: I have searched existing issues for similar requests
+          required: true
+        - label: I understand HellionChat is a privacy-focused fork and not a feature parity tool with upstream Chat 2
+          required: true