Summary

Adds user assignment for issues and pull requests, backed by new RBAC capabilities and database tables. Maintainers with the right permissions can assign/unassign users from the issue and PR detail sidebars via a searchable combobox picker.

Also splits PR interaction into finer-grained capabilities (repo.pull.comment vs repo.pull.review) and introduces a triage preset for issue/PR assignment workflows.

Changes

Database

• New tables: issue_assignees, pull_request_assignees
• Unique constraint per item/user; tracks assigned_by_profile_id
• Migration: 0030_gifted_grim_reaper.sql (follows main's 0029_happy_kronos gitty pets migration)

RBAC

New capabilities:

• repo.issue.assign, repo.issue.label, repo.issue.prioritize
• repo.pull.comment, repo.pull.assign, repo.pull.request_review
• repo.pull.review renamed to "Submit trusted reviews" (distinct from commenting)
• New triage preset for assignment and issue/PR management without merge/write access
• Public baseline contributors can create/comment but cannot assign

UI

• RepositoryAssigneesPanel — sidebar section on issue and PR detail pages
• RepositoryAssigneePicker — combobox with grouped suggestions:
  • Repository members
  • Author
  • Commenters
  • Other users (searchable across onboarded profiles)
• Sticky sidebar styling preserved from main's layout refactor

Server actions

• setIssueAssigneesFromForm — gated on repo.issue.assign
• setPullRequestAssigneesFromForm — gated on repo.pull.assign
• Candidate validation ensures only assignable profiles can be added

Docs

• Updated docs/orgs-rbac.md with schema, capability matrix, and assignment behavior