chore: implement instruction compliance remediation

- Replace Go interface{} with any (Go 1.18+ standard)
- Add database indexes to frequently queried model fields
- Add JSDoc documentation to frontend API client methods
- Remove deprecated docker-compose version keys
- Add concurrency groups to all 25 GitHub Actions workflows
- Add YAML front matter and fix H1→H2 headings in docs

Coverage: Backend 85.5%, Frontend 87.73%
Security: No vulnerabilities detected

Refs: docs/plans/instruction_compliance_spec.md

frontend/src/api/user.ts

@@ -1,5 +1,6 @@
 import client from './client'
 
+/** Current user profile information. */
 export interface UserProfile {
   id: number
   email: string
@@ -8,16 +9,32 @@ export interface UserProfile {
   api_key: string
 }
 
+/**
+ * Fetches the current user's profile.
+ * @returns Promise resolving to UserProfile
+ * @throws {AxiosError} If the request fails or not authenticated
+ */
 export const getProfile = async (): Promise<UserProfile> => {
   const response = await client.get('/user/profile')
   return response.data
 }
 
+/**
+ * Regenerates the current user's API key.
+ * @returns Promise resolving to object containing the new API key
+ * @throws {AxiosError} If regeneration fails
+ */
 export const regenerateApiKey = async (): Promise<{ api_key: string }> => {
   const response = await client.post('/user/api-key')
   return response.data
 }
 
+/**
+ * Updates the current user's profile.
+ * @param data - Object with name, email, and optional current_password for verification
+ * @returns Promise resolving to success message
+ * @throws {AxiosError} If update fails or password verification fails
+ */
 export const updateProfile = async (data: { name: string; email: string; current_password?: string }): Promise<{ message: string }> => {
   const response = await client.post('/user/profile', data)
   return response.data