feat(review): tag findings with context sources

Author: haasonsaas

TODO.md

@@ -81,7 +81,7 @@ This roadmap is derived from deep research into Greptile's public docs, blog, MC
 45. [ ] Support Jira/Linear issue context ingestion for PR-linked reviews.
 46. [ ] Support document-backed context ingestion for design docs, RFCs, and runbooks.
 47. [ ] Add explicit "intent mismatch" review checks comparing PR changes to ticket acceptance criteria.
-48. [ ] Add review artifacts that show which external context sources influenced a finding.
+48. [x] Add review artifacts that show which external context sources influenced a finding.
 49. [x] Add tests for pattern repository resolution across local paths, Git URLs, and broken sources.
 50. [ ] Add analytics on which context sources actually improve acceptance and fix rates.
 

src/core/context_provenance.rs

@@ -117,6 +117,27 @@ impl ContextProvenance {
         }
     }
 
+    pub fn artifact_tag(&self) -> Option<String> {
+        let source = match self {
+            Self::ActiveReviewRules | Self::Analyzer { .. } => return None,
+            Self::CustomContextNotes => "custom-context".to_string(),
+            Self::DependencyGraphNeighborhood => "dependency-graph".to_string(),
+            Self::PathSpecificFocusAreas => "path-focus".to_string(),
+            Self::RepositoryGraphMetadata => "repository-graph".to_string(),
+            Self::PatternRepositoryContext { source }
+            | Self::PatternRepositorySource { source } => {
+                format!("pattern-repository:{}", source.trim())
+            }
+            Self::RelatedTestFile => "related-test-file".to_string(),
+            Self::ReverseDependencySummary => "reverse-dependency-summary".to_string(),
+            Self::SimilarImplementation { .. } => "similar-implementation".to_string(),
+            Self::SemanticRetrieval { .. } => "semantic-retrieval".to_string(),
+            Self::SymbolGraphPath { .. } => "symbol-graph".to_string(),
+        };
+
+        Some(format!("context-source:{source}"))
+    }
+
     fn label(&self) -> String {
         match self {
             Self::ActiveReviewRules => "active review rules".to_string(),
@@ -214,4 +235,29 @@ mod tests {
             "repository graph metadata"
         );
     }
+
+    #[test]
+    fn artifact_tags_are_stable_for_external_context_sources() {
+        assert_eq!(
+            ContextProvenance::CustomContextNotes
+                .artifact_tag()
+                .as_deref(),
+            Some("context-source:custom-context")
+        );
+        assert_eq!(
+            ContextProvenance::pattern_repository_source("Acme/security-rules")
+                .artifact_tag()
+                .as_deref(),
+            Some("context-source:pattern-repository:Acme/security-rules")
+        );
+        assert_eq!(
+            ContextProvenance::symbol_graph_path(vec!["calls".to_string()], 1, 0.7)
+                .artifact_tag()
+                .as_deref(),
+            Some("context-source:symbol-graph")
+        );
+        assert!(ContextProvenance::ActiveReviewRules
+            .artifact_tag()
+            .is_none());
+    }
 }

src/review/context_helpers/injection.rs

@@ -24,9 +24,12 @@ pub async fn inject_custom_context(
         }
 
         if !entry.files.is_empty() {
-            let extra_chunks = context_fetcher
+            let mut extra_chunks = context_fetcher
                 .fetch_additional_context(&entry.files)
                 .await?;
+            for chunk in &mut extra_chunks {
+                chunk.provenance = Some(core::ContextProvenance::CustomContextNotes);
+            }
             context_chunks.extend(extra_chunks);
         }
     }
@@ -85,3 +88,121 @@ pub async fn inject_pattern_repository_context(
 
     Ok(())
 }
+
+#[cfg(test)]
+mod tests {
+    use std::collections::HashMap;
+    use std::fs;
+    use std::path::PathBuf;
+
+    use super::*;
+
+    fn diff_for(path: &str) -> core::UnifiedDiff {
+        core::UnifiedDiff {
+            file_path: PathBuf::from(path),
+            old_content: None,
+            new_content: None,
+            hunks: Vec::new(),
+            is_binary: false,
+            is_deleted: false,
+            is_new: false,
+        }
+    }
+
+    #[tokio::test]
+    async fn inject_custom_context_tags_repo_files_with_custom_context_provenance() {
+        let dir = tempfile::tempdir().unwrap();
+        fs::create_dir_all(dir.path().join("docs")).unwrap();
+        fs::write(
+            dir.path().join("docs/review-notes.md"),
+            "Prefer contract-safe status names.",
+        )
+        .unwrap();
+
+        let mut config = config::Config::default();
+        config.custom_context = vec![config::CustomContextConfig {
+            scope: Some("src/**/*.rs".to_string()),
+            notes: Vec::new(),
+            files: vec!["docs/review-notes.md".to_string()],
+        }];
+
+        let fetcher = core::ContextFetcher::new(dir.path().to_path_buf());
+        let mut context_chunks = Vec::new();
+
+        inject_custom_context(
+            &config,
+            &fetcher,
+            &diff_for("src/lib.rs"),
+            &mut context_chunks,
+        )
+        .await
+        .unwrap();
+
+        assert_eq!(context_chunks.len(), 1);
+        assert_eq!(
+            context_chunks[0].provenance,
+            Some(core::ContextProvenance::CustomContextNotes)
+        );
+        assert_eq!(
+            context_chunks[0].file_path,
+            PathBuf::from("docs/review-notes.md")
+        );
+    }
+
+    #[tokio::test]
+    async fn inject_pattern_repository_context_tags_source_and_chunks() {
+        let dir = tempfile::tempdir().unwrap();
+        let repo_root = dir.path();
+        let pattern_repo = repo_root.join("patterns/security-rules");
+        fs::create_dir_all(pattern_repo.join("rules")).unwrap();
+        fs::write(
+            pattern_repo.join("rules/sql.md"),
+            "Always parameterize SQL queries.",
+        )
+        .unwrap();
+
+        let mut config = config::Config::default();
+        config.pattern_repositories = vec![config::PatternRepositoryConfig {
+            source: "patterns/security-rules".to_string(),
+            include_patterns: vec!["rules/*.md".to_string()],
+            max_files: 5,
+            max_lines: 20,
+            ..Default::default()
+        }];
+
+        let fetcher = core::ContextFetcher::new(repo_root.to_path_buf());
+        let mut resolved = HashMap::new();
+        resolved.insert(
+            "patterns/security-rules".to_string(),
+            pattern_repo.canonicalize().unwrap(),
+        );
+        let mut context_chunks = Vec::new();
+
+        inject_pattern_repository_context(
+            &config,
+            &resolved,
+            &fetcher,
+            &diff_for("src/lib.rs"),
+            &mut context_chunks,
+        )
+        .await
+        .unwrap();
+
+        assert_eq!(context_chunks.len(), 2);
+        assert_eq!(
+            context_chunks[0].provenance,
+            Some(core::ContextProvenance::pattern_repository_source(
+                "patterns/security-rules"
+            ))
+        );
+        assert_eq!(
+            context_chunks[1].provenance,
+            Some(core::ContextProvenance::pattern_repository_context(
+                "patterns/security-rules"
+            ))
+        );
+        assert!(context_chunks[1]
+            .content
+            .starts_with("[Pattern repository: patterns/security-rules]"));
+    }
+}

src/review/pipeline/file_context/sources/supplemental.rs

@@ -176,10 +176,13 @@ pub(in super::super) async fn add_path_context(
     }
 
     if !path_config.extra_context.is_empty() {
-        let extra_chunks = services
+        let mut extra_chunks = services
             .context_fetcher
             .fetch_additional_context(&path_config.extra_context)
             .await?;
+        for chunk in &mut extra_chunks {
+            chunk.provenance = Some(core::ContextProvenance::PathSpecificFocusAreas);
+        }
         context_chunks.extend(extra_chunks);
     }
 

src/review/pipeline/postprocess/context_sources.rs

@@ -0,0 +1,123 @@
+use std::collections::{BTreeSet, HashMap};
+use std::path::PathBuf;
+
+use crate::core;
+
+pub(super) fn apply_context_source_tags(
+    mut comments: Vec<core::Comment>,
+    verification_context: &HashMap<PathBuf, Vec<core::LLMContextChunk>>,
+) -> Vec<core::Comment> {
+    let tags_by_file = verification_context
+        .iter()
+        .filter_map(|(file_path, chunks)| {
+            let tags = artifact_tags_for_chunks(chunks);
+            (!tags.is_empty()).then(|| (file_path.clone(), tags))
+        })
+        .collect::<HashMap<_, _>>();
+
+    for comment in &mut comments {
+        let Some(tags) = tags_by_file.get(&comment.file_path) else {
+            continue;
+        };
+
+        for tag in tags {
+            push_unique_tag(&mut comment.tags, tag);
+        }
+    }
+
+    comments
+}
+
+fn artifact_tags_for_chunks(chunks: &[core::LLMContextChunk]) -> Vec<String> {
+    chunks
+        .iter()
+        .filter_map(|chunk| chunk.provenance.as_ref())
+        .filter_map(core::ContextProvenance::artifact_tag)
+        .collect::<BTreeSet<_>>()
+        .into_iter()
+        .collect()
+}
+
+fn push_unique_tag(tags: &mut Vec<String>, tag: &str) {
+    if !tags.iter().any(|existing| existing == tag) {
+        tags.push(tag.to_string());
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use std::collections::HashMap;
+    use std::path::PathBuf;
+
+    use super::*;
+    use crate::core::comment::{Category, CommentStatus, FixEffort, Severity};
+
+    fn make_comment(file_path: &str) -> core::Comment {
+        core::Comment {
+            id: "comment-1".to_string(),
+            file_path: PathBuf::from(file_path),
+            line_number: 7,
+            content: "Missing validation.".to_string(),
+            rule_id: None,
+            severity: Severity::Warning,
+            category: Category::Bug,
+            suggestion: None,
+            confidence: 0.8,
+            code_suggestion: None,
+            tags: vec!["security".to_string()],
+            fix_effort: FixEffort::Medium,
+            feedback: None,
+            status: CommentStatus::Open,
+            resolved_at: None,
+        }
+    }
+
+    #[test]
+    fn applies_unique_context_source_tags_for_matching_file() {
+        let mut verification_context = HashMap::new();
+        verification_context.insert(
+            PathBuf::from("src/api.rs"),
+            vec![
+                core::LLMContextChunk::documentation(
+                    PathBuf::from("src/api.rs"),
+                    "Custom context notes".to_string(),
+                )
+                .with_provenance(core::ContextProvenance::CustomContextNotes),
+                core::LLMContextChunk::reference(
+                    PathBuf::from("patterns/sql.md"),
+                    "Pattern repository rule".to_string(),
+                )
+                .with_provenance(
+                    core::ContextProvenance::pattern_repository_context("patterns/security-rules"),
+                ),
+                core::LLMContextChunk::reference(
+                    PathBuf::from("patterns/sql.md"),
+                    "Pattern repository rule".to_string(),
+                )
+                .with_provenance(
+                    core::ContextProvenance::pattern_repository_source("patterns/security-rules"),
+                ),
+                core::LLMContextChunk::documentation(
+                    PathBuf::from("src/api.rs"),
+                    "Analyzer guidance".to_string(),
+                )
+                .with_provenance(core::ContextProvenance::analyzer("contracts")),
+            ],
+        );
+
+        let comments = apply_context_source_tags(
+            vec![make_comment("src/api.rs"), make_comment("src/other.rs")],
+            &verification_context,
+        );
+
+        assert_eq!(
+            comments[0].tags,
+            vec![
+                "security".to_string(),
+                "context-source:custom-context".to_string(),
+                "context-source:pattern-repository:patterns/security-rules".to_string(),
+            ]
+        );
+        assert_eq!(comments[1].tags, vec!["security".to_string()]);
+    }
+}