Show Local Git Attribution With Remote Commit Actions

[GordonBeeming]

Summary

Add a GitLens-style, read-only attribution experience for local Git repositories. The IDE should show who last changed the active file, provide subtle line-level attribution in the editor, show local commit details on hover/click, and offer remote-host commit actions only when they can be derived from configured remotes.

Artifact source: /Users/gordonbeeming/Developer/artifacts/ide/new-feature/2026-06-08-git-attribution.html

User Value

Users can understand recent file and line history without leaving the editor or modifying the document. The core value works from local Git data in any Git repository, while GitHub or other remote-provider links are optional convenience actions when supported remotes are present.

Scope

In Scope

• Detect active files inside local Git repositories.
• Inspect repository remotes and derive external commit URLs from any supported host plus SHA when available.
• Fetch file latest commit metadata and per-line blame metadata from local Git.
• Expose typed frontend attribution data.
• Show file attribution in the status bar.
• Show quiet, non-selectable inline attribution in the editor.
• Show hover metadata for local commit information in all supported Git repositories.
• Show a compact click popover with local commit information, and include external provider actions only when matching remote URLs are available.
• Fail quietly for non-Git, untracked, ignored, binary, missing, and command-failure states.
• Ship behind the Git attribution feature flag from the feature/settings flag foundation.

Out of Scope

• GitHub API calls or GitHub authentication.
• PR, branch, review, issue, or avatar data.
• Provider-specific open buttons beyond the first implemented provider, unless they are cheap once the provider model exists.
• Attribution for unsaved local edits beyond a stale/dirty indication.
• GitLens parity, history graphs, side panels, diff views, and author heatmaps.
• Persisted user preferences beyond the feature flag unless the first pass proves too noisy.

Assumptions

• The feature/settings flag foundation from Manage Feature Flags And Their Promotion To Settings #7 is implemented first.
• Local Git attribution should apply to any readable Git repository, not only GitHub-backed repositories.
• External provider actions should be derived from configured remotes, not external APIs.
• GitHub can be the first supported provider action; GitLab and Azure DevOps can use the same model later.
• The implementation should prefer an in-process Rust Git integration where practical.

Feature Flag Recommendation

Feature flag required: yes.

Proposed flag id: gitAttribution

Default state: disabled by default for first release.

User visibility: user-toggleable under the feature/settings flag surface created by #7.

Reason: this feature adds background Git work, status bar content, inline editor decorations, hover/click UI, and remote-provider action parsing. It should be easy to disable while performance, stale-result handling, and visual noise settle.

Graduation criteria: promote to a normal setting if users want permanent control over attribution visibility; remove the flag and make the feature always on only after performance is stable on large repositories, disabled-state tests prove no background work runs when off, accessibility behavior is acceptable, and the UI is not too noisy in daily editing.

Acceptance Criteria

• In any supported Git repository, opening a tracked file shows status bar text like Last changed by Gordon Beeming 2 days ago.
• In a non-Git workspace, untracked file, or repository state that cannot be read, the IDE remains quiet and does not show misleading attribution.
• Moving the caret to a blamed line can show subtle ghost text with commit summary, author, and relative time without changing file contents or selectable text.
• Hovering the inline attribution shows richer metadata from local Git history.
• Clicking the inline attribution opens a compact popover with local commit information for any supported Git repository.
• The popover includes provider actions such as Open in GitHub only when matching remote-derived commit URLs are available.
• When multiple supported remotes point at the same commit host targets, the popover can show multiple provider actions rather than choosing one silently.
• Each provider action opens the derived commit URL for the commit SHA when present.
• The feature never polls external APIs and works from local repository data plus remote URL parsing.
• The backend uses gix/Gitoxide for repository access where practical, with any shell-git fallback documented and narrowly scoped.
• The feature is gated behind a gitAttribution feature flag and does not render UI, start attribution work, or change editor behavior while disabled.
• Dirty files continue to edit normally; attribution either remains based on saved content or clearly indicates it may be stale.
• Large files or expensive blame operations do not block typing, cursor movement, or file switching.
• Attribution data is discarded or refreshed when switching files, switching workspaces, saving, or reloading from disk.

Implementation Tasks

• Return file-level attribution, line-level blame metadata, remote provider metadata, unsupported-state information, and zero or more external commit actions from the local Git layer.
• Gate all Git attribution behavior behind the feature flag foundation so the status bar, inline attribution, hover details, popover, and background attribution work remain off while disabled.
• Use an in-process Rust Git integration where practical for repository reads, remotes, revision lookup, and blame, with any shell-git fallback documented and narrowly scoped.
• Respect workspace boundaries and path safety when resolving repository roots, root-relative file paths, and any fallback Git operations.
• Support local attribution for any readable Git repository without requiring a GitHub remote or any external API call.
• Derive supported remote provider actions from configured remotes, starting with common GitHub SSH and HTTPS remote shapes.
• Represent multiple supported remotes without silently choosing one provider when more than one external commit action is valid.
• Prevent stale or slow attribution results from updating the wrong file after file switches, saves, reloads, or workspace changes.
• Show file-level latest-change attribution in the status bar without making narrow windows or long author names unreadable.
• Show line-level attribution as subtle non-document ghost text that is not selectable and does not modify file contents.
• Provide hover details and click-to-open local commit information without invasive modal behavior.
• Show external provider buttons only when remote-derived commit URLs are available for the selected commit.
• Keep editing responsive while attribution is loading, unavailable, stale, or expensive to calculate.
• Provide accessible focus, keyboard, contrast, and dismissal behavior for attribution hover and popover interactions where practical.
• Add focused coverage for local Git attribution, remote parsing, multiple remotes, non-Git handling, untracked files, stale result handling, popover behavior, unsupported-provider behavior, and flag gating.
• Extend smoke coverage if attribution is exposed through the loopback API as well as through the desktop app command path.

Codebase Impact Estimate

Area	Estimate
Existing files touched	Rust/Tauri backend Git integration, frontend command wrappers, app state, editor integration, status bar UI, styles, tests, and optional smoke coverage
New files added	Likely Git attribution backend/frontend modules plus focused tests
Rough LOC	600-1,500
Effort	M
Complexity	4/5
Foreignness	3/5
Confidence	Medium

Likely Touch Points

Planning-time hints only. These are not implementation instructions and may drift before the PBI is worked.

• /Users/gordonbeeming/Developer/github/gordonbeeming/ide/src-tauri/src/lib.rs
• /Users/gordonbeeming/Developer/github/gordonbeeming/ide/src-tauri/Cargo.toml
• /Users/gordonbeeming/Developer/github/gordonbeeming/ide/src-tauri/Cargo.lock
• /Users/gordonbeeming/Developer/github/gordonbeeming/ide/src/tauri.ts
• /Users/gordonbeeming/Developer/github/gordonbeeming/ide/src/App.tsx
• /Users/gordonbeeming/Developer/github/gordonbeeming/ide/src/EditorPane.tsx
• /Users/gordonbeeming/Developer/github/gordonbeeming/ide/src/styles.css
• /Users/gordonbeeming/Developer/github/gordonbeeming/ide/src/App.test.tsx
• /Users/gordonbeeming/Developer/github/gordonbeeming/ide/src/EditorPane.test.tsx
• /Users/gordonbeeming/Developer/github/gordonbeeming/ide/src/tauri.test.ts
• /Users/gordonbeeming/Developer/github/gordonbeeming/ide/scripts/smoke-test.mjs

Dependencies

• Required: feature/settings flag foundation, including the gitAttribution flag. See Manage Feature Flags And Their Promotion To Settings #7.
• Required: gix/Gitoxide crate available in the Rust backend.
• Required: active file inside a Git repository.
• Required for external provider buttons only: parseable supported remotes.
• Avoided: GitHub, GitLab, or Azure DevOps API calls.
• Avoided: remote-host authentication.

Risks and Decisions

• Performance: git blame can be expensive on large files.
• Dependency fit: gix APIs need a quick implementation spike for blame and remote parsing before removing the shell fallback.
• Visual noise: every-line attribution may be too much; current-line attribution is the recommended first pass.
• Unsaved changes: line numbers can drift from saved blame data.
• Path safety: Git library calls and any fallback commands need safe root-relative path handling.
• Accessibility: ghost text and popovers need usable focus and contrast.
• Rollout: disabled flag state must prevent background work as well as visible UI.

Validation Plan

• Backend unit tests for gix-backed local Git attribution, remote parsing, multiple remotes, non-Git handling, untracked files, blame/log parsing, and workspace escape rejection.
• Flag-gating tests proving disabled Git attribution does not render UI, start attribution work, or update editor state.
• Frontend tests for response normalization, status bar rendering, unsupported states, stale result clearing, and popover behavior.
• Editor helper tests for non-document widgets and click callbacks.
• npm test, npm run build, and cargo test in src-tauri.
• Manual check: Git repo tracked file.
• Manual check: Git repo dirty file.
• Manual check: non-Git folder.
• Manual check: Git repo with unsupported remotes, confirming local attribution still appears and external buttons do not.
• Manual check: Git repo with multiple remotes, confirming the popover can expose more than one supported provider action when implemented.
• Manual check: shell-git absent, confirming the gix path still works unless a documented fallback is required.
• Manual check: long author names, long summaries, and narrow status bar widths.

Depends on #7.