🧹 Refactor rust_glib_advisory_violations to use GlibLegacyContext dataclass

[seonghobae]

🎯 What: Introduced a GlibLegacyContext dataclass to encapsulate four related arguments that were passed around between rust_dependency_advisory_violations, rust_glib_advisory_violations, and glib_legacy_exception_owners_are_allowed.
💡 Why: This resolves a 'too many parameters' code health issue, simplifying the function signatures and making the dependency passing cleaner.
✅ Verification: Verified by running python scripts/checks/verify_supply_chain.py which still passes.
✨ Result: Improved maintainability by reducing parameter count and grouping related state.

---

PR created automatically by Jules for task 5005625208830609547 started by @seonghobae

[google-labs-jules]

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

---

For security, I will only act on instructions from the user who triggered this task.

[opencode-agent]

Pull request overview

OpenCode found current-head GitHub Check failures and could not approve until they are mapped to source-backed fixes.

Findings

Line-specific fallback findings:

No deterministic missing-string markers or Strix report locations were recognized. Use the failed-check evidence below to map each failed check to exact local source lines before approving.

Verification

• Review source: independent OpenCode failed-check diagnosis using current-head check evidence.
• Result: REQUEST_CHANGES
• Reason: one or more GitHub Checks failed on current head 5ef7aa57855732201c9a0d9f0265233775a2b1e1.

Gate evidence

• Head SHA: 5ef7aa57855732201c9a0d9f0265233775a2b1e1
• Workflow run: 27909785999
• Workflow attempt: 1

Failed checks:

• ci/ci / build-and-test: FAILURE (https://github.com/ContextualWisdomLab/bandscope/actions/runs/27909786004/job/82584804283)
• release/release-preflight: FAILURE (https://github.com/ContextualWisdomLab/bandscope/actions/runs/27909785986/job/82584804207)

Failed check evidence for line-specific fixes:

Failed GitHub Check Evidence

• PR: #392
• Head SHA: 5ef7aa57855732201c9a0d9f0265233775a2b1e1
• Repository: ContextualWisdomLab/bandscope

Line-specific repair contract

• Treat the check logs and annotations below as diagnostic evidence, not as a complete review.

• For each actionable failed check, inspect the local source or diff and identify the exact file line that must change.

• OpenCode REQUEST_CHANGES findings must include path, line, root_cause, fix_direction, regression_test_direction, and suggested_diff.

• Do not request changes with only a GitHub Actions URL or a generic check name.

• When Strix logs contain multiple Vulnerability Report or Model ... Vulnerabilities ... sections, include every model-reported vulnerability in the review evidence and findings, including model name, title, severity, endpoint, and Code Locations/path:line evidence when present.

• Create one OpenCode finding per Strix model vulnerability report; do not satisfy two model reports with one combined finding, even when titles or locations match.

Failed check: ci/ci / build-and-test

• Type: check_run
• Conclusion: FAILURE
• Details URL: https://github.com/ContextualWisdomLab/bandscope/actions/runs/27909786004/job/82584804283
• Workflow run id: 27909786004
• Check run id: 82584804283

Failed job steps

• step 7: Run quickcheck (failure)

Check annotations

• .github:71-71 [failure] Process completed with exit code 1.

Failed log excerpt

The failed job log could not be collected with gh run view --log-failed.

run 27909786004 is still in progress; logs will be available when it is complete

Failed check: release/release-preflight

• Type: check_run
• Conclusion: FAILURE
• Details URL: https://github.com/ContextualWisdomLab/bandscope/actions/runs/27909785986/job/82584804207
• Workflow run id: 27909785986
• Check run id: 82584804207

Failed job steps

• step 9: Run harness verification (failure)

Check annotations

• .github:77-77 [failure] Process completed with exit code 1.

Failed log signal summary

release-preflight	Run harness verification	2026-06-21T16:11:12.2327796Z ##[error]Process completed with exit code 1.

Failed log excerpt

release-preflight	Run harness verification	2026-06-21T16:11:06.3825136Z ##[group]Run ./scripts/harness/quickcheck.sh
release-preflight	Run harness verification	2026-06-21T16:11:06.3825533Z ^[[36;1m./scripts/harness/quickcheck.sh^[[0m
release-preflight	Run harness verification	2026-06-21T16:11:06.3858826Z shell: /usr/bin/bash -e {0}
release-preflight	Run harness verification	2026-06-21T16:11:06.3859104Z env:
release-preflight	Run harness verification	2026-06-21T16:11:06.3859611Z   GIT_CONFIG_COUNT: 1
release-preflight	Run harness verification	2026-06-21T16:11:06.3859858Z   GIT_CONFIG_KEY_0: init.defaultBranch
release-preflight	Run harness verification	2026-06-21T16:11:06.3860140Z   GIT_CONFIG_VALUE_0: develop
release-preflight	Run harness verification	2026-06-21T16:11:06.3860459Z   pythonLocation: /opt/hostedtoolcache/Python/3.12.13/x64
release-preflight	Run harness verification	2026-06-21T16:11:06.3860930Z   PKG_CONFIG_PATH: /opt/hostedtoolcache/Python/3.12.13/x64/lib/pkgconfig
release-preflight	Run harness verification	2026-06-21T16:11:06.3861378Z   Python_ROOT_DIR: /opt/hostedtoolcache/Python/3.12.13/x64
release-preflight	Run harness verification	2026-06-21T16:11:06.3861784Z   Python2_ROOT_DIR: /opt/hostedtoolcache/Python/3.12.13/x64
release-preflight	Run harness verification	2026-06-21T16:11:06.3862201Z   Python3_ROOT_DIR: /opt/hostedtoolcache/Python/3.12.13/x64
release-preflight	Run harness verification	2026-06-21T16:11:06.3862607Z   LD_LIBRARY_PATH: /opt/hostedtoolcache/Python/3.12.13/x64/lib
release-preflight	Run harness verification	2026-06-21T16:11:06.3863013Z   UV_PYTHON_INSTALL_DIR: /home/runner/work/_temp/uv-python-dir
release-preflight	Run harness verification	2026-06-21T16:11:06.3863383Z ##[endgroup]
release-preflight	Run harness verification	2026-06-21T16:11:06.4183600Z Documentation check passed
release-preflight	Run harness verification	2026-06-21T16:11:06.4452914Z Security Notes check passed
release-preflight	Run harness verification	2026-06-21T16:11:06.8225878Z Security pattern gate passed
release-preflight	Run harness verification	2026-06-21T16:11:07.1905535Z Supply-chain verification passed
release-preflight	Run harness verification	2026-06-21T16:11:07.2201356Z GitHub bootstrap policy check passed
release-preflight	Run harness verification	2026-06-21T16:11:07.3254548Z 
release-preflight	Run harness verification	2026-06-21T16:11:07.3255331Z > bandscope@0.1.3 lint
release-preflight	Run harness verification	2026-06-21T16:11:07.3257587Z > npm run lint:workspaces && npm run check:docs && npm run check:security-notes && npm run check:security-gates && npm run check:supply-chain && npm run check:github-bootstrap && npm run check:python-docstrings && npm run ruff:check && npm run ruff:format:check && npm run bandit:check
release-preflight	Run harness verification	2026-06-21T16:11:07.3258829Z 
release-preflight	Run harness verification	2026-06-21T16:11:07.4300762Z 
release-preflight	Run harness verification	2026-06-21T16:11:07.4301433Z > bandscope@0.1.3 lint:workspaces
release-preflight	Run harness verification	2026-06-21T16:11:07.4301944Z > npm run lint --workspaces --if-present
release-preflight	Run harness verification	2026-06-21T16:11:07.4302199Z 
release-preflight	Run harness verification	2026-06-21T16:11:07.5452484Z 
release-preflight	Run harness verification	2026-06-21T16:11:07.5453136Z > @bandscope/desktop@0.1.0 lint
release-preflight	Run harness verification	2026-06-21T16:11:07.5453667Z > eslint "src/**/*.{ts,tsx}" vite.config.ts
release-preflight	Run harness verification	2026-06-21T16:11:07.5453915Z 
release-preflight	Run harness verification	2026-06-21T16:11:09.5148433Z 
release-preflight	Run harness verification	2026-06-21T16:11:09.5149354Z > @bandscope/shared-types@0.1.0 lint
release-preflight	Run harness verification	2026-06-21T16:11:09.5149941Z > eslint "src/**/*.ts" "test/**/*.ts"
release-preflight	Run harness verification	2026-06-21T16:11:09.5150190Z 
release-preflight	Run harness verification	2026-06-21T16:11:10.8449574Z 
release-preflight	Run harness verification	2026-06-21T16:11:10.8450354Z > bandscope@0.1.3 check:docs
release-preflight	Run harness verification	2026-06-21T16:11:10.8451152Z > python3 scripts/checks/verify_docs.py
release-preflight	Run harness verification	2026-06-21T16:11:10.8451596Z 
release-preflight	Run harness verification	2026-06-21T16:11:10.8718543Z Documentation check passed
release-preflight	Run harness verification	2026-06-21T16:11:10.9747476Z 
release-preflight	Run harness verification	2026-06-21T16:11:10.9748001Z > bandscope@0.1.3 check:security-notes
release-preflight	Run harness verification	2026-06-21T16:11:10.9748756Z > python3 scripts/checks/verify_security_notes.py
release-preflight	Run harness verification	2026-06-21T16:11:10.9749070Z 
release-preflight	Run harness verification	2026-06-21T16:11:11.0017779Z Security Notes check passed
release-preflight	Run harness verification	2026-06-21T16:11:11.1027135Z 
release-preflight	Run harness verification	2026-06-21T16:11:11.1027819Z > bandscope@0.1.3 check:security-gates
release-preflight	Run harness verification	2026-06-21T16:11:11.1028563Z > python3 scripts/checks/security_gates.py
release-preflight	Run harness verification	2026-06-21T16:11:11.1028984Z 
release-preflight	Run harness verification	2026-06-21T16:11:11.4456922Z Security pattern gate passed
release-preflight	Run harness verification	2026-06-21T16:11:11.5485916Z 
release-preflight	Run harness verification	2026-06-21T16:11:11.5486572Z > bandscope@0.1.3 check:supply-chain
release-preflight	Run harness verification	2026-06-21T16:11:11.5487333Z > python3 scripts/checks/verify_supply_chain.py
release-preflight	Run harness verification	2026-06-21T16:11:11.5487752Z 
release-preflight	Run harness verification	2026-06-21T16:11:11.8987600Z Supply-chain verification passed
release-preflight	Run harness verification	2026-06-21T16:11:12.0045352Z 
release-preflight	Run harness verification	2026-06-21T16:11:12.0046014Z > bandscope@0.1.3 check:github-bootstrap
release-preflight	Run harness verification	2026-06-21T16:11:12.0046678Z > python3 scripts/checks/verify_github_bootstrap_policy.py
release-preflight	Run harness verification	2026-06-21T16:11:12.0047001Z 
release-preflight	Run harness verification	2026-06-21T16:11:12.0297076Z GitHub bootstrap policy check passed
release-preflight	Run harness verification	2026-06-21T16:11:12.1313839Z 
release-preflight	Run harness verification	2026-06-21T16:11:12.1314545Z > bandscope@0.1.3 check:python-docstrings
release-preflight	Run harness verification	2026-06-21T16:11:12.1315567Z > sh -c 'cd services/analysis-engine && uv run ruff check src tests ../../scripts --select D100,D101,D102,D103,D104,D105,D106,D107'
release-preflight	Run harness verification	2026-06-21T16:11:12.1316158Z 
release-preflight	Run harness verification	2026-06-21T16:11:12.2151555Z D101 Missing docstring in public class
release-preflight	Run harness verification	2026-06-21T16:11:12.2152605Z     --> /home/runner/work/bandscope/bandscope/scripts/checks/verify_supply_chain.py:1650:7
release-preflight	Run harness verification	2026-06-21T16:11:12.2153422Z      |
release-preflight	Run harness verification	2026-06-21T16:11:12.2153688Z 1649 | @dataclass(frozen=True)
release-preflight	Run harness verification	2026-06-21T16:11:12.2154006Z 1650 | class GlibLegacyContext:
release-preflight	Run harness verification	2026-06-21T16:11:12.2154286Z      |       ^^^^^^^^^^^^^^^^^
release-preflight	Run harness verification	2026-06-21T16:11:12.2154642Z 1651 |     package_dependencies: dict[str, list[str]]
release-preflight	Run harness verification	2026-06-21T16:11:12.2155058Z 1652 |     glib_exception_owned_packages: set[str]
release-preflight	Run harness verification	2026-06-21T16:11:12.2155369Z      |
release-preflight	Run harness verification	2026-06-21T16:11:12.2155477Z 
release-preflight	Run harness verification	2026-06-21T16:11:12.2155562Z Found 1 error.
release-preflight	Run harness verification	2026-06-21T16:11:12.2327796Z ##[error]Process completed with exit code 1.

[opencode-agent]

OpenCode Review Overview

• Head SHA: 3c7bd609f46a35e37ffc01beccc390592ceb94ee
• Workflow run: 27911455625
• Workflow attempt: 1
• Gate result: OPENCODE_REVIEW_UNAVAILABLE (approval step)

OpenCode Agent did not produce a valid review payload after all current-head GitHub Checks completed.

• Result: OPENCODE_REVIEW_UNAVAILABLE
• Reason: OpenCode review attempts did not complete or did not return a valid control block.
• OpenCode outcomes: primary=failed, fallback=failed, second_fallback=failed

OpenCode runtime evidence:

• primary model call failed: Request body too large for gpt-5 model. Max size: 4000 tokens.
• Head SHA: 3c7bd609f46a35e37ffc01beccc390592ceb94ee
• Workflow run: 27911455625
• Workflow attempt: 1

No blocking review was submitted because this is an agent/runtime failure, not a source-backed code finding.