Instance admin feature

[seb-kw]

No description provided.

[Hubtrick-Git]

Maybe we should also add a confirmation before revoking admin priviliges on a user?

[Hubtrick-Git]

Backend part is done, now the frontend needs some adjustments as well:

Org Dashboard

• Average Vulns per project stats got removed, remove it also in the web codebase
• Dtos got updated, have a look at statistics_dto.go in the backend to see what fields are there and what their name
  is. Match the frontend to the new variables
• A special case of this is the average remediation time stat. It now also comes with the average age of OPEN vulns
• Backend now caches statistics for 15 mins, we need a refresh button to force that if the user wants the updated stats. Query Param is called "forceRefresh" to force the refresh on request.
  see the backend for more information.

[Copilot]

Pull request overview

This PR introduces an instance-admin area in the web app, including signature-based admin authentication, instance-wide dashboards/tools, and updated vulnerability statistic modeling to show both remediation time and open-age metrics.

Changes:

• Added a new /admin page + layout with an in-memory admin session and ECDSA P-256 request signing through the devguard-tunnel.
• Implemented admin UI cards for instance settings, daemon triggers (SSE logs), instance technical info, and instance-wide usage/vulnerability dashboards.
• Updated org overview statistics UI to show remediation + open-age per severity, and added manual refresh for org statistics.

Reviewed changes

Copilot reviewed 22 out of 24 changed files in this pull request and generated 7 comments.

Show a summary per file

File	Description
tsconfig.json	Switch JSX emit to react-jsx.
src/utils/format.ts	New formatting helpers for bytes/durations/dates/timestamps.
src/types/api/api.ts	Updated remediation/open-age stats typing and added instance-admin DTOs.
src/services/versionCheck.ts	GitHub release version check helper used by admin technical info.
src/services/adminApi.ts	Admin fetch client + SSE trigger helper for signed admin endpoints.
src/services/admin-request-signing.ts	Admin key import + HTTP Message Signatures signing implementation.
src/context/InstanceAdminContext.tsx	In-memory admin session context + auto-logout countdown.
src/components/ui/field.tsx	New field layout primitives for forms.
src/components/ui/alert-dialog.tsx	Raise alert dialog content z-index.
src/components/organization/AverageStatsSection.tsx	Update org averages section to remediation + open-age metrics.
src/components/organization/AverageOpenCodeRisks.tsx	Improve layout + locale formatting for average open code risks.
src/components/common/tours/org-overview-tour.tsx	Update tour text to match new averages cards meaning.
src/components/AverageFixingTimeChart.tsx	Support displaying optional “avg age of open” metric.
src/components/admin/TriggerDaemonsCard.tsx	UI to trigger admin daemons and stream logs via SSE.
src/components/admin/InstanceTechnicalInfo.tsx	Display build/process/runtime/db info + update check badge.
src/components/admin/InstanceSettingsCard.tsx	Admin toggle for organisation creation (single-org mode).
src/components/admin/InstanceDashboard.tsx	Instance-wide usage + vulnerability overview dashboard.
src/components/admin/ExternalOrgAdminCard.tsx	Manage admins for external/reserved organisations.
src/components/admin/AdminTools.tsx	Container to load/render admin tools + external orgs.
src/app/admin/page.tsx	Admin auth UI (paste private key) + main admin sections.
src/app/admin/layout.tsx	Admin layout wiring RootHeader + InstanceAdminProvider.
src/app/(loading-group)/[organizationSlug]/overview/page.tsx	Add “Refresh” to bypass backend cache and seed SWR.
package.json	Add signing dependency, bump some packages, and pin react-hook-form.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.