Context
#3436 added source_id validation to the 4 analytics API modules — if the source ID is unknown the endpoint returns 404. However the actual query/data returned is still global (not filtered to the selected project's repo path).
The backend docstrings currently say "scope results to a project" which overstates the current behaviour. Phase 1 was intentionally scoped to wiring + validation only.
What needs to happen (Phase 2)
For each module, use the resolved source_root path to scope analysis:
- analytics_quality.py — pass
source_root to the quality scorer so metrics reflect that project's files only
- analytics_code_review.py — restrict pattern scan to files under
source_root
- analytics_evolution.py — scope Redis
evolution: key prefix to evolution:{source_id}: so snapshots are stored and retrieved per-project
- analytics_code_generation.py — restrict generation context to files under
source_root
Also update the docstrings in each module to accurately reflect what source_id does after this change.
Context
#3436 added
source_idvalidation to the 4 analytics API modules — if the source ID is unknown the endpoint returns 404. However the actual query/data returned is still global (not filtered to the selected project's repo path).The backend docstrings currently say "scope results to a project" which overstates the current behaviour. Phase 1 was intentionally scoped to wiring + validation only.
What needs to happen (Phase 2)
For each module, use the resolved
source_rootpath to scope analysis:source_rootto the quality scorer so metrics reflect that project's files onlysource_rootevolution:key prefix toevolution:{source_id}:so snapshots are stored and retrieved per-projectsource_rootAlso update the docstrings in each module to accurately reflect what
source_iddoes after this change.