Bump matter-python-client to 0.7.1

Includes Matter cluster definitions for Matter 1.5.1 (0.6.0 shipped Matter 1.4.2).
Fix hardcoded exception strings in pooldose integration (#171652 )
2026-05-22 00:35:16 +02:00 · 2026-05-21 20:58:54 +02:00 · 2026-05-21 20:36:17 +02:00 · 2026-05-21 19:30:55 +02:00 · 2026-05-21 19:26:24 +02:00 · 2026-05-21 19:25:03 +02:00
483 changed files with 9053 additions and 4964 deletions
@@ -19,7 +19,6 @@ machine/* linguist-generated=true
 mypy.ini linguist-generated=true
 requirements.txt linguist-generated=true
 requirements_all.txt linguist-generated=true
-requirements_test_all.txt linguist-generated=true
 requirements_test_pre_commit.txt linguist-generated=true
 script/hassfest/docker/Dockerfile linguist-generated=true
 .github/workflows/*.lock.yml linguist-generated=true
@@ -128,6 +128,7 @@
        "standard-aifc",
        "standard-telnetlib",
        "ulid-transform",
+        "unidiff",
        "url-normalize",
        "xmltodict"
      ],
@@ -1,31 +0,0 @@
-name: Check requirements (changes detection)
-
-# Stage 1 of the agentic Check requirements workflow.
-# Just kicks off Stage 2 (`check-requirements-dispatcher.yml`) which starts the agentic workflow
-
-# yamllint disable-line rule:truthy
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-    paths:
-      - "requirements*.txt"
-      - "homeassistant/package_constraints.txt"
-      - "pyproject.toml"
-
-permissions: {}
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
-  cancel-in-progress: true
-
-jobs:
-  changes:
-    name: Requirements files changed
-    runs-on: ubuntu-latest
-    timeout-minutes: 1
-    steps:
-      - name: Record PR number
-        env:
-          PR_NUMBER: ${{ github.event.pull_request.number }}
-        run: |-
-          echo "Requirements files changed in PR #${PR_NUMBER}"
@@ -0,0 +1,74 @@
+name: Check requirements (deterministic)
+
+# Stage 1 of the Check requirements pipeline.
+#
+# Runs the deterministic Python checks and uploads the structured
+# results as an artifact. Stage 2 (the agentic workflow defined in
+# `check-requirements.md`) consumes the artifact on completion.
+
+# yamllint disable-line rule:truthy
+on:
+  # Auto-trigger on PRs that touch tracked requirement files is disabled
+  # for now while we iterate — testing the workflow_run handoff to the
+  # agentic stage is hard with an auto-trigger. Re-enable once the chain
+  # has been validated end-to-end.
+  # pull_request:
+  #   types: [opened, synchronize, reopened]
+  #   paths:
+  #     - "**/requirements*.txt"
+  #     - "homeassistant/package_constraints.txt"
+  workflow_dispatch:
+    inputs:
+      pull_request_number:
+        description: "Pull request number to (re-)check"
+        required: true
+        type: number
+
+permissions: {}
+
+concurrency:
+  group: ${{ github.workflow }}-${{ inputs.pull_request_number || github.event.pull_request.number }}
+  cancel-in-progress: true
+
+jobs:
+  deterministic:
+    name: Run deterministic requirement checks
+    runs-on: ubuntu-24.04
+    permissions:
+      contents: read
+      pull-requests: read # To fetch the PR diff via gh CLI
+    timeout-minutes: 10
+    steps:
+      - name: Check out code from GitHub
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
+      - name: Set up Python
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
+        with:
+          python-version-file: ".python-version"
+          check-latest: true
+      - name: Install script dependencies
+        run: pip install -r script/check_requirements/requirements.txt
+      - name: Collect PR diff
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          PR_NUMBER: ${{ inputs.pull_request_number || github.event.pull_request.number }}
+        run: |
+          mkdir -p deterministic
+          gh pr diff "${PR_NUMBER}" > deterministic/pr.diff
+      - name: Run deterministic checks
+        env:
+          PR_NUMBER: ${{ inputs.pull_request_number || github.event.pull_request.number }}
+        run: |
+          python -m script.check_requirements \
+            --pr-number "${PR_NUMBER}" \
+            --diff deterministic/pr.diff \
+            --output deterministic/results.json
+      - name: Upload deterministic-results artifact
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
+        with:
+          name: check-requirements-deterministic
+          path: deterministic/results.json
+          if-no-files-found: error
+          retention-days: 7
@@ -1,73 +0,0 @@
-name: Check requirements (dispatcher)
-
-# Stage 2 of the agentic Check requirements workflow. Runs on completion of
-# stage 1 (`check-requirements-changes.yml`) and dispatches stage 3
-# (`check-requirements.lock.yml`)
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.event.workflow_run.head_repository.full_name }}-${{ github.event.workflow_run.head_branch }}
-  cancel-in-progress: true
-
-# yamllint disable-line rule:truthy
-on: # zizmor: ignore[dangerous-triggers]
-  # workflow_run is safe here: this workflow does not check out PR code or run
-  # any code from the triggering PR. It only resolves the PR number from the
-  # head SHA and dispatches `check-requirements.lock.yml` with that number as
-  # a sanitized string input. The PR code is analysed downstream in the
-  # agentic workflow (`check-requirements.lock.yml`)
-  workflow_run:
-    workflows: ["Check requirements (changes detection)"]
-    types: [completed]
-
-permissions: {}
-
-jobs:
-  dispatch:
-    name: Dispatch agentic requirements check
-    if: >
-      github.event.workflow_run.event == 'pull_request'
-      && github.event.workflow_run.conclusion == 'success'
-    runs-on: ubuntu-latest
-    timeout-minutes: 5
-    permissions:
-      actions: write # For triggering the downstream workflow
-      pull-requests: read # For querying PRs by commit SHA
-    steps:
-      - name: Resolve PR number from head SHA and trigger agentic requirements check
-        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
-        with:
-          script: |
-            const headSha = context.payload.workflow_run.head_sha;
-            const headBranch = context.payload.workflow_run.head_branch;
-            const headRepository = context.payload.workflow_run.head_repository;
-            const headRepo = headRepository.full_name;
-            // Query the head repository (which may be a fork). When the PR comes
-            // from a fork, the upstream's listPullRequestsAssociatedWithCommit
-            // returns no results for the fork's commit SHA.
-            const { data: pulls } = await github.rest.repos.listPullRequestsAssociatedWithCommit({
-              owner: headRepository.owner.login,
-              repo: headRepository.name,
-              commit_sha: headSha,
-            });
-            const matches = pulls.filter(p =>
-              p.state === 'open'
-              && p.head.ref === headBranch
-              && p.head.repo?.full_name === headRepo
-            );
-            if (matches.length === 0) {
-              core.info(`No open PR found for head SHA ${headSha} on ${headRepo}:${headBranch}; nothing to dispatch.`);
-              return;
-            }
-            const defaultBranch = context.payload.workflow_run.repository.default_branch;
-            for (const pr of matches) {
-              await github.rest.actions.createWorkflowDispatch({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                workflow_id: 'check-requirements.lock.yml',
-                ref: defaultBranch,
-                inputs: {
-                  pull_request_number: String(pr.number),
-                },
-              });
-              core.info(`Dispatched check-requirements.lock.yml for PR #${pr.number}.`);
-            }
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"62eb6e3d38092bd041a0c1ddfdaef94cf4b9c694b2d2bcac6cbbecd6810230ca","compiler_version":"v0.74.4","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"75b8b624ba0c144fb4b28cba143d16a47c30de8afae568fa3256c6febe01a68a","compiler_version":"v0.74.4","strict":true,"agent_id":"copilot"}
 # gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"github/gh-aw-actions/setup","sha":"d3abfe96a194bce3a523ed2093ddedd5704cdf62","version":"v0.74.4"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.46"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.46"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.46"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.9","digest":"sha256:64828b42a4482f58fab16509d7f8f495a6d97c972a98a68aff20543531ac0388","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.9@sha256:64828b42a4482f58fab16509d7f8f495a6d97c972a98a68aff20543531ac0388"},{"image":"ghcr.io/github/github-mcp-server:v1.0.4"},{"image":"node:lts-alpine","digest":"sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f","pinned_image":"node:lts-alpine@sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f"}]}
 #    ___                   _   _      
 #   / _ \                 | | (_)     
@@ -22,7 +22,7 @@
 #
 # For more information: https://github.github.com/gh-aw/introduction/overview/
 #
-# Checks changed Python package requirements on PRs targeting the core repo (including PRs opened from forks) and verifies licenses match PyPI metadata, source repositories are publicly accessible, PyPI releases were uploaded via automated CI (Trusted Publisher attestation), the package's release pipeline uses OIDC or equivalent automated credentials (not static tokens), and the PR description contains the required links.
+# Resolves the deterministic-stage artifact's NEEDS_AGENT checks for changed Python package requirements on PRs targeting the core repo, then posts the final review comment. Triggered by completion of the deterministic workflow. Reads the uploaded artifact from disk, replaces placeholders for any check whose status is `needs_agent`, and posts the merged comment using the PR number recorded inside the artifact itself. Each check kind has a dedicated instruction section below; if the artifact contains a check kind that does not have a section here, the agent fails hard rather than guess.
 #
 # Secrets used:
 #   - COPILOT_GITHUB_TOKEN
@@ -46,30 +46,32 @@
 #   - ghcr.io/github/github-mcp-server:v1.0.4
 #   - node:lts-alpine@sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f

-name: "Check requirements"
+name: "Check requirements (AW)"
 on:
-  workflow_dispatch:
-    inputs:
-      aw_context:
-        default: ""
-        description: Agent caller context (used internally by Agentic Workflows).
-        required: false
-        type: string
-      pull_request_number:
-        description: Pull request number to (re-)check
-        required: true
-        type: number
+  workflow_run:
+    # zizmor: ignore[dangerous-triggers] - workflow_run trigger is secured with role and fork validation
+    types:
+    - completed
+    workflows:
+    - Check requirements (deterministic)

 permissions: {}

 concurrency:
  cancel-in-progress: true
-  group: ${{ github.workflow }}-${{ inputs.pull_request_number }}
+  group: ${{ github.workflow }}-${{ github.event.workflow_run.head_sha }}

-run-name: "Check requirements"
+run-name: "Check requirements (AW)"

 jobs:
  activation:
+    needs:
+      - extract_pr_number
+      - pre_activation
+    # zizmor: ignore[dangerous-triggers] - workflow_run trigger is secured with role and fork validation
+    if: >
+      (needs.pre_activation.outputs.activated == 'true') && (github.event_name != 'workflow_run' || github.event.workflow_run.repository.id == github.repository_id &&
+      (!(github.event.workflow_run.repository.fork)))
    runs-on: ubuntu-slim
    permissions:
      actions: read
@@ -92,8 +94,10 @@ jobs:
        with:
          destination: ${{ runner.temp }}/gh-aw/actions
          job-name: ${{ github.job }}
+          trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }}
+          parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }}
        env:
-          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements"
+          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements (AW)"
          GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/check-requirements.lock.yml@${{ github.ref }}
          GH_AW_INFO_VERSION: "1.0.48"
          GH_AW_INFO_ENGINE_ID: "copilot"
@@ -106,7 +110,7 @@ jobs:
          GH_AW_INFO_VERSION: "1.0.48"
          GH_AW_INFO_AGENT_VERSION: "1.0.48"
          GH_AW_INFO_CLI_VERSION: "v0.74.4"
-          GH_AW_INFO_WORKFLOW_NAME: "Check requirements"
+          GH_AW_INFO_WORKFLOW_NAME: "Check requirements (AW)"
          GH_AW_INFO_EXPERIMENTAL: "false"
          GH_AW_INFO_SUPPORTS_TOOLS_ALLOWLIST: "true"
          GH_AW_INFO_STAGED: "false"
@@ -183,25 +187,24 @@ jobs:
          GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
          GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
          GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
-          GH_AW_INPUTS_PULL_REQUEST_NUMBER: ${{ inputs.pull_request_number }}
        # poutine:ignore untrusted_checkout_exec
        run: |
          bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
          {
-          cat << 'GH_AW_PROMPT_2df1318dbe2d4011_EOF'
+          cat << 'GH_AW_PROMPT_198418d99edc7d5b_EOF'
          <system>
-          GH_AW_PROMPT_2df1318dbe2d4011_EOF
+          GH_AW_PROMPT_198418d99edc7d5b_EOF
          cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
          cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
          cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
          cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
-          cat << 'GH_AW_PROMPT_2df1318dbe2d4011_EOF'
+          cat << 'GH_AW_PROMPT_198418d99edc7d5b_EOF'
          <safe-output-tools>
          Tools: add_comment, missing_tool, missing_data, noop
          </safe-output-tools>
-          GH_AW_PROMPT_2df1318dbe2d4011_EOF
+          GH_AW_PROMPT_198418d99edc7d5b_EOF
          cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
-          cat << 'GH_AW_PROMPT_2df1318dbe2d4011_EOF'
+          cat << 'GH_AW_PROMPT_198418d99edc7d5b_EOF'
          <github-context>
          The following GitHub context information is available for this workflow:
          {{#if github.actor}}
@@ -230,19 +233,18 @@ jobs:
          {{/if}}
          </github-context>
          
-          GH_AW_PROMPT_2df1318dbe2d4011_EOF
+          GH_AW_PROMPT_198418d99edc7d5b_EOF
          cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
-          cat << 'GH_AW_PROMPT_2df1318dbe2d4011_EOF'
+          cat << 'GH_AW_PROMPT_198418d99edc7d5b_EOF'
          </system>
          {{#runtime-import .github/workflows/check-requirements.md}}
-          GH_AW_PROMPT_2df1318dbe2d4011_EOF
+          GH_AW_PROMPT_198418d99edc7d5b_EOF
          } > "$GH_AW_PROMPT"
      - name: Interpolate variables and render templates
        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
        env:
          GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
          GH_AW_ENGINE_ID: "copilot"
-          GH_AW_INPUTS_PULL_REQUEST_NUMBER: ${{ inputs.pull_request_number }}
        with:
          script: |
            const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -261,8 +263,8 @@ jobs:
          GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
          GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
          GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
-          GH_AW_INPUTS_PULL_REQUEST_NUMBER: ${{ inputs.pull_request_number }}
          GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
+          GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
        with:
          script: |
            const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -282,8 +284,8 @@ jobs:
                GH_AW_GITHUB_REPOSITORY: process.env.GH_AW_GITHUB_REPOSITORY,
                GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
                GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
-                GH_AW_INPUTS_PULL_REQUEST_NUMBER: process.env.GH_AW_INPUTS_PULL_REQUEST_NUMBER,
-                GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST
+                GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
+                GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
              }
            });
      - name: Validate prompt placeholders
@@ -314,12 +316,17 @@ jobs:
          retention-days: 1

  agent:
-    needs: activation
+    needs:
+      - activation
+      - extract_pr_number
    runs-on: ubuntu-latest
    permissions:
+      actions: read
      contents: read
      issues: read
      pull-requests: read
+    concurrency:
+      group: "gh-aw-copilot-${{ github.workflow }}"
    env:
      DEFAULT_BRANCH: ${{ github.event.repository.default_branch }}
      GH_AW_ASSETS_ALLOWED_EXTS: ""
@@ -352,7 +359,7 @@ jobs:
          trace-id: ${{ needs.activation.outputs.setup-trace-id }}
          parent-span-id: ${{ needs.activation.outputs.setup-parent-span-id || needs.activation.outputs.setup-span-id }}
        env:
-          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements"
+          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements (AW)"
          GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/check-requirements.lock.yml@${{ github.ref }}
          GH_AW_INFO_VERSION: "1.0.48"
          GH_AW_INFO_ENGINE_ID: "copilot"
@@ -374,6 +381,15 @@ jobs:
        run: bash "${RUNNER_TEMP}/gh-aw/actions/configure_gh_for_ghe.sh"
        env:
          GH_TOKEN: ${{ github.token }}
+      - if: github.event.workflow_run.conclusion == 'success'
+        name: Download deterministic-results artifact
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          name: check-requirements-deterministic
+          path: /tmp/gh-aw/deterministic
+          run-id: ${{ github.event.workflow_run.id }}
+
      - name: Configure Git credentials
        env:
          REPO_NAME: ${{ github.repository }}
@@ -433,21 +449,19 @@ jobs:
      - name: Download container images
        run: bash "${RUNNER_TEMP}/gh-aw/actions/download_docker_images.sh" ghcr.io/github/gh-aw-firewall/agent:0.25.46 ghcr.io/github/gh-aw-firewall/api-proxy:0.25.46 ghcr.io/github/gh-aw-firewall/squid:0.25.46 ghcr.io/github/gh-aw-mcpg:v0.3.9@sha256:64828b42a4482f58fab16509d7f8f495a6d97c972a98a68aff20543531ac0388 ghcr.io/github/github-mcp-server:v1.0.4 node:lts-alpine@sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f
      - name: Generate Safe Outputs Config
-        env:
-          GH_AW_INPUT_PULL_REQUEST_NUMBER: ${{ inputs.pull_request_number }}
        run: |
          mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
          mkdir -p /tmp/gh-aw/safeoutputs
          mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
-          cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << GH_AW_SAFE_OUTPUTS_CONFIG_c7878b8b9775118a_EOF
-          {"add_comment":{"max":1,"target":"${GH_AW_INPUT_PULL_REQUEST_NUMBER}"},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
-          GH_AW_SAFE_OUTPUTS_CONFIG_c7878b8b9775118a_EOF
+          cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_627e06df80c4e5ad_EOF'
+          {"add_comment":{"max":1,"target":"${{ needs.extract_pr_number.outputs.pr_number }}"},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+          GH_AW_SAFE_OUTPUTS_CONFIG_627e06df80c4e5ad_EOF
      - name: Generate Safe Outputs Tools
        env:
          GH_AW_TOOLS_META_JSON: |
            {
              "description_suffixes": {
-                "add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added. Target: ${{ inputs.pull_request_number }}. Supports reply_to_id for discussion threading."
+                "add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added. Target: ${{ needs.extract_pr_number.outputs.pr_number }}. Supports reply_to_id for discussion threading."
              },
              "repo_params": {},
              "dynamic_tools": []
@@ -633,7 +647,7 @@ jobs:
          
          mkdir -p /home/runner/.copilot
          GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
-          cat << GH_AW_MCP_CONFIG_103328ae7b98b0c7_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+          cat << GH_AW_MCP_CONFIG_175174907e5a28b4_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
          {
            "mcpServers": {
              "github": {
@@ -643,7 +657,7 @@ jobs:
                  "GITHUB_HOST": "\${GITHUB_SERVER_URL}",
                  "GITHUB_PERSONAL_ACCESS_TOKEN": "\${GITHUB_MCP_SERVER_TOKEN}",
                  "GITHUB_READ_ONLY": "1",
-                  "GITHUB_TOOLSETS": "context,repos,issues,pull_requests"
+                  "GITHUB_TOOLSETS": "context,repos,issues,pull_requests,actions"
                },
                "guard-policies": {
                  "allow-only": {
@@ -677,7 +691,7 @@ jobs:
              "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
            }
          }
-          GH_AW_MCP_CONFIG_103328ae7b98b0c7_EOF
+          GH_AW_MCP_CONFIG_175174907e5a28b4_EOF
      - name: Mount MCP servers as CLIs
        id: mount-mcp-clis
        continue-on-error: true
@@ -876,7 +890,7 @@ jobs:
          if [ ! -f /tmp/gh-aw/agent_output.json ]; then
            echo '{"items":[]}' > /tmp/gh-aw/agent_output.json
          fi
-      - if: always()
+      - if: always() && github.event.workflow_run.conclusion == 'success'
        name: Verify agent produced an add_comment safe-output
        run: |-
          OUTPUT=/tmp/gh-aw/agent_output.json
@@ -924,6 +938,7 @@ jobs:
      - activation
      - agent
      - detection
+      - extract_pr_number
      - safe_outputs
    if: >
      always() && (needs.agent.result != 'skipped' || needs.activation.outputs.lockdown_check_failed == 'true' ||
@@ -953,7 +968,7 @@ jobs:
          trace-id: ${{ needs.activation.outputs.setup-trace-id }}
          parent-span-id: ${{ needs.activation.outputs.setup-parent-span-id || needs.activation.outputs.setup-span-id }}
        env:
-          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements"
+          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements (AW)"
          GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/check-requirements.lock.yml@${{ github.ref }}
          GH_AW_INFO_VERSION: "1.0.48"
          GH_AW_INFO_ENGINE_ID: "copilot"
@@ -977,7 +992,7 @@ jobs:
        env:
          GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }}
          GH_AW_NOOP_MAX: "1"
-          GH_AW_WORKFLOW_NAME: "Check requirements"
+          GH_AW_WORKFLOW_NAME: "Check requirements (AW)"
          GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
          GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
          GH_AW_NOOP_REPORT_AS_ISSUE: "true"
@@ -993,7 +1008,7 @@ jobs:
        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
        env:
          GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }}
-          GH_AW_WORKFLOW_NAME: "Check requirements"
+          GH_AW_WORKFLOW_NAME: "Check requirements (AW)"
          GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
          GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
          GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
@@ -1010,7 +1025,7 @@ jobs:
        env:
          GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }}
          GH_AW_MISSING_TOOL_CREATE_ISSUE: "true"
-          GH_AW_WORKFLOW_NAME: "Check requirements"
+          GH_AW_WORKFLOW_NAME: "Check requirements (AW)"
        with:
          github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
          script: |
@@ -1024,7 +1039,7 @@ jobs:
        env:
          GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }}
          GH_AW_REPORT_INCOMPLETE_CREATE_ISSUE: "true"
-          GH_AW_WORKFLOW_NAME: "Check requirements"
+          GH_AW_WORKFLOW_NAME: "Check requirements (AW)"
        with:
          github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
          script: |
@@ -1038,7 +1053,7 @@ jobs:
        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
        env:
          GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }}
-          GH_AW_WORKFLOW_NAME: "Check requirements"
+          GH_AW_WORKFLOW_NAME: "Check requirements (AW)"
          GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
          GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
          GH_AW_WORKFLOW_ID: "check-requirements"
@@ -1092,7 +1107,7 @@ jobs:
          trace-id: ${{ needs.activation.outputs.setup-trace-id }}
          parent-span-id: ${{ needs.activation.outputs.setup-parent-span-id || needs.activation.outputs.setup-span-id }}
        env:
-          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements"
+          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements (AW)"
          GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/check-requirements.lock.yml@${{ github.ref }}
          GH_AW_INFO_VERSION: "1.0.48"
          GH_AW_INFO_ENGINE_ID: "copilot"
@@ -1160,8 +1175,8 @@ jobs:
        if: always() && steps.detection_guard.outputs.run_detection == 'true'
        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
        env:
-          WORKFLOW_NAME: "Check requirements"
-          WORKFLOW_DESCRIPTION: "Checks changed Python package requirements on PRs targeting the core repo (including PRs opened from forks) and verifies licenses match PyPI metadata, source repositories are publicly accessible, PyPI releases were uploaded via automated CI (Trusted Publisher attestation), the package's release pipeline uses OIDC or equivalent automated credentials (not static tokens), and the PR description contains the required links."
+          WORKFLOW_NAME: "Check requirements (AW)"
+          WORKFLOW_DESCRIPTION: "Resolves the deterministic-stage artifact's NEEDS_AGENT checks for changed Python package requirements on PRs targeting the core repo, then posts the final review comment. Triggered by completion of the deterministic workflow. Reads the uploaded artifact from disk, replaces placeholders for any check whose status is `needs_agent`, and posts the merged comment using the PR number recorded inside the artifact itself. Each check kind has a dedicated instruction section below; if the artifact contains a check kind that does not have a section here, the agent fails hard rather than guess."
          HAS_PATCH: ${{ needs.agent.outputs.has_patch }}
        with:
          script: |
@@ -1268,11 +1283,76 @@ jobs:
              }
            }

+  extract_pr_number:
+    if: github.event.workflow_run.conclusion == 'success'
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+
+    outputs:
+      pr_number: ${{ steps.extract.outputs.pr_number }}
+    steps:
+      - name: Configure GH_HOST for enterprise compatibility
+        id: ghes-host-config
+        shell: bash
+        run: |
+          # Derive GH_HOST from GITHUB_SERVER_URL so the gh CLI targets the correct
+          # GitHub instance (GHES/GHEC). On github.com this is a harmless no-op.
+          GH_HOST="${GITHUB_SERVER_URL#https://}"
+          GH_HOST="${GH_HOST#http://}"
+          echo "GH_HOST=${GH_HOST}" >> "$GITHUB_ENV"
+      - name: Download deterministic-results artifact
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          name: check-requirements-deterministic
+          path: /tmp/deterministic
+          run-id: ${{ github.event.workflow_run.id }}
+      - name: Extract PR number from artifact
+        id: extract
+        run: |
+          PR=$(jq -r '.pr_number' /tmp/deterministic/results.json)
+          echo "pr_number=${PR}" >> "${GITHUB_OUTPUT}"
+
+  pre_activation:
+    runs-on: ubuntu-slim
+    outputs:
+      activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
+      matched_command: ''
+      setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
+      setup-span-id: ${{ steps.setup.outputs.span-id }}
+      setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+    steps:
+      - name: Setup Scripts
+        id: setup
+        uses: github/gh-aw-actions/setup@d3abfe96a194bce3a523ed2093ddedd5704cdf62 # v0.74.4
+        with:
+          destination: ${{ runner.temp }}/gh-aw/actions
+          job-name: ${{ github.job }}
+        env:
+          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements (AW)"
+          GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/check-requirements.lock.yml@${{ github.ref }}
+          GH_AW_INFO_VERSION: "1.0.48"
+          GH_AW_INFO_ENGINE_ID: "copilot"
+      - name: Check team membership for workflow
+        id: check_membership
+        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+        env:
+          GH_AW_REQUIRED_ROLES: "admin,maintainer,write"
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+            setupGlobals(core, github, context, exec, io, getOctokit);
+            const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
+            await main();
+
  safe_outputs:
    needs:
      - activation
      - agent
      - detection
+      - extract_pr_number
    if: (!cancelled()) && needs.agent.result != 'skipped' && needs.detection.result == 'success'
    runs-on: ubuntu-slim
    permissions:
@@ -1290,7 +1370,7 @@ jobs:
      GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
      GH_AW_ENGINE_VERSION: "1.0.48"
      GH_AW_WORKFLOW_ID: "check-requirements"
-      GH_AW_WORKFLOW_NAME: "Check requirements"
+      GH_AW_WORKFLOW_NAME: "Check requirements (AW)"
    outputs:
      code_push_failure_count: ${{ steps.process_safe_outputs.outputs.code_push_failure_count }}
      code_push_failure_errors: ${{ steps.process_safe_outputs.outputs.code_push_failure_errors }}
@@ -1310,7 +1390,7 @@ jobs:
          trace-id: ${{ needs.activation.outputs.setup-trace-id }}
          parent-span-id: ${{ needs.activation.outputs.setup-parent-span-id || needs.activation.outputs.setup-span-id }}
        env:
-          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements"
+          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements (AW)"
          GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/check-requirements.lock.yml@${{ github.ref }}
          GH_AW_INFO_VERSION: "1.0.48"
          GH_AW_INFO_ENGINE_ID: "copilot"
@@ -1345,7 +1425,7 @@ jobs:
          GH_AW_ALLOWED_DOMAINS: "*.pythonhosted.org,anaconda.org,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,binstar.org,bootstrap.pypa.io,conda.anaconda.org,conda.binstar.org,files.pythonhosted.org,github.com,host.docker.internal,pip.pypa.io,pypi.org,pypi.python.org,raw.githubusercontent.com,registry.npmjs.org,repo.anaconda.com,repo.continuum.io,telemetry.enterprise.githubcopilot.com"
          GITHUB_SERVER_URL: ${{ github.server_url }}
          GITHUB_API_URL: ${{ github.api_url }}
-          GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"add_comment\":{\"max\":1,\"target\":\"${{ inputs.pull_request_number }}\"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+          GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"add_comment\":{\"max\":1,\"target\":\"${{ needs.extract_pr_number.outputs.pr_number }}\"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
        with:
          github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
          script: |
@@ -1,33 +1,63 @@
 ---
 on:
-  workflow_dispatch:
-    inputs:
-      pull_request_number:
-        description: "Pull request number to (re-)check"
-        required: true
-        type: number
+  workflow_run:
+    workflows: ["Check requirements (deterministic)"]
+    types: [completed]
 permissions:
  contents: read
-  pull-requests: read
+  actions: read
  issues: read
+  pull-requests: read
 network:
  allowed:
    - python
 tools:
  web-fetch: {}
  github:
-    toolsets: [default]
+    toolsets: [default, actions]
    min-integrity: unapproved
 safe-outputs:
  add-comment:
    max: 1
-    target: ${{ inputs.pull_request_number }}
+    target: "${{ needs.extract_pr_number.outputs.pr_number }}"
+  needs:
+    - extract_pr_number
+jobs:
+  extract_pr_number:
+    if: github.event.workflow_run.conclusion == 'success'
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+    outputs:
+      pr_number: ${{ steps.extract.outputs.pr_number }}
+    steps:
+      - name: Download deterministic-results artifact
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
+        with:
+          name: check-requirements-deterministic
+          path: /tmp/deterministic
+          run-id: ${{ github.event.workflow_run.id }}
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Extract PR number from artifact
+        id: extract
+        run: |
+          PR=$(jq -r '.pr_number' /tmp/deterministic/results.json)
+          echo "pr_number=${PR}" >> "${GITHUB_OUTPUT}"
 concurrency:
-  group: ${{ github.workflow }}-${{ inputs.pull_request_number }}
+  group: ${{ github.workflow }}-${{ github.event.workflow_run.head_sha }}
  cancel-in-progress: true
+steps:
+  - name: Download deterministic-results artifact
+    if: github.event.workflow_run.conclusion == 'success'
+    uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
+    with:
+      name: check-requirements-deterministic
+      path: /tmp/gh-aw/deterministic
+      run-id: ${{ github.event.workflow_run.id }}
+      github-token: ${{ secrets.GITHUB_TOKEN }}
 post-steps:
  - name: Verify agent produced an add_comment safe-output
-    if: always()
+    if: always() && github.event.workflow_run.conclusion == 'success'
    run: |
      OUTPUT=/tmp/gh-aw/agent_output.json
      if [ ! -f "${OUTPUT}" ]; then
@@ -41,376 +71,308 @@ post-steps:
        exit 1
      fi
 description: >
-  Checks changed Python package requirements on PRs targeting the core repo
-  (including PRs opened from forks) and verifies licenses match PyPI metadata, source
-  repositories are publicly accessible, PyPI releases were uploaded via
-  automated CI (Trusted Publisher attestation), the package's release pipeline
-  uses OIDC or equivalent automated credentials (not static tokens), and the PR
-  description contains the required links.
+  Resolves the deterministic-stage artifact's NEEDS_AGENT checks for changed
+  Python package requirements on PRs targeting the core repo, then posts the
+  final review comment. Triggered by completion of the deterministic workflow.
+  Reads the uploaded artifact from disk, replaces placeholders for any check
+  whose status is `needs_agent`, and posts the merged comment using the PR
+  number recorded inside the artifact itself. Each check kind has a dedicated
+  instruction section below; if the artifact contains a check kind that does
+  not have a section here, the agent fails hard rather than guess.
 ---

-# Check requirements
-
-You are a code review assistant for the Home Assistant project. Your job is to
-review changes to Python package requirements and verify they meet the project's
-standards.
-
-## Context
-
- Home Assistant uses `requirements_all.txt` (all integration packages),
-  `requirements.txt` (core packages), `requirements_test.txt` (test
-  dependencies), and `requirements_test_all.txt` (all test dependencies) to
-  declare Python dependencies.
- Each integration lists its packages in `homeassistant/components/<name>/manifest.json`
-  under the `requirements` field.
- Allowed licenses are maintained in `script/licenses.py` under
-  `OSI_APPROVED_LICENSES_SPDX` (SPDX identifiers) and `OSI_APPROVED_LICENSES`
-  (classifier strings).
-
-## Step 1 — Identify Changed Packages
-
-This workflow is triggered via `workflow_dispatch`. The PR number to check is
-**#${{ inputs.pull_request_number }}**. Use that PR number for **every** GitHub
-API call in the steps below (fetching the diff, the PR body, etc.). Do **not**
-rely on `github.event.pull_request` — it is not populated for
-`workflow_dispatch` runs.
-
-Use the GitHub tool to fetch the PR diff for that PR number. Look for
-lines that were added (`+`) or removed (`-`) in **any** of these files:
- `requirements.txt`
- `requirements_all.txt`
- `requirements_test.txt`
- `requirements_test_all.txt`
- `homeassistant/package_constraints.txt`
- `pyproject.toml`
-
-For each changed line that contains a package pin (e.g. `SomePackage==1.2.3`),
-classify it as:
- **New package**: the package name appears only in `+` lines, with no
-  corresponding `-` line for the same package name.
- **Version bump**: the same package name appears in both `+` lines (new
-  version) and `-` lines (old version), with different version numbers.
-
-Record the **old version** and **new version** for every version bump — you
-will need these values in Step 4.
-
-
-## Step 2 — Check License via PyPI
-
-For each new or bumped package:
-
-1. Fetch `https://pypi.org/pypi/{package_name}/json` (use the exact
-   package name as it appears on the requirements file).
-2. From the JSON response, extract:
-   - `info.license` — free-text license field
-   - `info.license_expression` — SPDX expression (if present)
-   - `info.classifiers` — filter for entries starting with `"License ::"`,
-     then normalize each match the same way as `script/licenses.py` by
-     extracting the final ` :: ` segment (for example,
-     `"License :: OSI Approved :: MIT License"` → `"MIT License"`).
-3. Determine if the license is in the approved list from `script/licenses.py`:
-   - SPDX identifiers: compare against `OSI_APPROVED_LICENSES_SPDX`
-   - Normalized classifier strings: compare against `OSI_APPROVED_LICENSES`
-4. Flag a package as ❌ if the license is unknown, missing, or not in the
-   approved list. Flag as ⚠️ if the license information is ambiguous or cannot
-   be definitively determined.
-
-## Step 2b — Verify PyPI Release Was Uploaded by CI
-
-For each new or bumped package, verify that the release on PyPI was published
-automatically by a CI pipeline (via OIDC Trusted Publisher), not uploaded
-manually.
-
-1. Fetch the PyPI JSON for the specific version being introduced or bumped:
-   `https://pypi.org/pypi/{package_name}/{version}/json`
-2. Inspect the `urls` array in the response. For each distribution file (wheel
-   or sdist), note the filename.
-3. For each filename, attempt to fetch the PyPI provenance attestation:
-   `https://pypi.org/integrity/{package_name}/{version}/{filename}/provenance`
-   - If the response is HTTP 200 and contains a valid attestation object,
-     inspect `attestation_bundles[*].publisher`. A Trusted Publisher attestation
-     will have a `kind` identifying the CI system (e.g. `"GitHub Actions"`,
-     `"GitLab"`) and a `repository` or `project` field matching the source
-     repository.
-   - If at least one distribution file has a valid Trusted Publisher attestation,
-     mark ✅ CI-uploaded.
-   - If no attestation is found for any file (404 for all), mark ⚠️ — "Release
-     has no provenance attestation; it may have been uploaded manually".
-   - If an attestation exists but the `publisher` does not identify a recognized
-     CI system or Trusted Publisher, mark ⚠️ — "Attestation present but
-     publisher cannot be verified as automated CI".
-
-Note: if PyPI returns an error fetching the per-version JSON, fall back to the
-latest JSON (`https://pypi.org/pypi/{package_name}/json`) and look up the
-specific version in the `releases` dict.
-
-## Step 3 — Identify Repository URL
-
-For each new or bumped package:
-
-1. From the PyPI JSON at `info.project_urls`, find the source repository URL
-   (keys such as `"Source"`, `"Homepage"`, `"Repository"`, or `"Source Code"`).
-2. Record that repository URL for later checks.
-3. If no suitable repository URL is present, mark ❌ with a note that the
-   source repository URL is missing and cannot be verified.
-
-## Step 4 — Check PR Description
-
-Read the PR body from the GitHub API for PR
-#${{ inputs.pull_request_number }}. Extract all URLs present in the PR body.
-
-### 4a — New packages: repository link required
-
-For **new packages** (brand-new dependency not previously in any requirements
-file): the PR description must contain a link that points to the package's
-**source repository** as identified in Step 3 (the URL recorded from
-`info.project_urls`). A PyPI page link alone is **not** acceptable — the link
-must point directly to the source repository (e.g. a GitHub or GitLab URL).
-
- If a URL in the PR body matches (or is a sub-path of) the source repository
-  URL identified via PyPI, mark ✅.
- If the PR body contains a source repository URL that does **not** match the
-  repository URL found in the package's PyPI metadata (`info.project_urls`),
-  mark ❌ — "PR description links to `<pr_url>` but PyPI reports the source
-  repository as `<pypi_repo_url>`; please use the correct repository URL."
- If no source repository URL is present in the PR body at all, mark ❌ —
-  "PR description must link to the source repository at `<repo_url>` (found
-  via PyPI). A PyPI page link is not sufficient."
-
-### 4b — Version bumps: changelog or diff link matching the bump
-
-For **version bumps**: the PR description must contain a link to a changelog,
-release notes page, or a diff/comparison URL that references the **exact
-versions** being bumped (old → new) as recorded in the diff from Step 1.
-
-Checks to perform for each bumped package (old version = X, new version = Y):
-1. Extract all URLs from the PR body that contain the repository's domain or
-   path (as identified in Step 3).
-2. Verify that at least one such URL includes both the old version (X) and the
-   new version (Y) in some form — e.g. a GitHub compare URL like
-   `compare/vX...vY`, a releases URL mentioning version Y, or a
-   `CHANGELOG.md` anchor referencing Y.
-3. Confirm the link's version range matches the actual bump in the diff. If
-   the link references versions different from X → Y (for example, the PR
-   bumps `1.2.3 → 1.3.0` but the link points to `compare/v1.2.0...v1.2.4`),
-   the link does not match the bump.
-
-Outcome:
- ✅ — a URL pointing to the correct repo with version references that match
-  the exact bump (X → Y).
- ❌ — no changelog/diff link is found, or the link does not match the actual
-  bump (X → Y). Explain what was found and what is expected.
-
-## Step 5 — Verify Source Repository is Publicly Accessible
-
-Before inspecting the release pipeline, confirm that the source repository
-identified in Step 3 is publicly reachable.
-
-For each new or bumped package:
-
-1. Use the source repository URL recorded in Step 3.
-2. If no repository URL was found in `info.project_urls`, mark ❌ — "No source
-   repository URL found in PyPI metadata; a public source repository is
-   required."
-3. If a repository URL was found, perform a GET request to that URL (using
-   web-fetch). If the response is HTTP 200 and returns a publicly accessible
-   page (not a login redirect or error page), mark ✅.
-4. If the response is non-200, the URL redirects to a login/authentication page,
-   or the repository appears private or unavailable, mark ❌ — "Source
-   repository at `<repo_url>` is not publicly accessible. Home Assistant
-   requires all dependencies to have publicly available source code." **Do not
-   proceed with the release pipeline check (Step 6) for this package.**
-
-## Step 6 — Check Release Pipeline Sanity
-
-For each new or bumped package, determine the source repository host from the
-URL identified in Step 3, then inspect whether the project's release/publish CI
-workflow is sane. The checks differ by hosting provider.
-
-### GitHub repositories (`github.com`)
-
-1. Using the GitHub API, list the workflows in the source repository:
-   `GET /repos/{owner}/{repo}/actions/workflows`
-2. Identify any workflow whose name or filename suggests publishing to PyPI
-   (e.g., contains "release", "publish", "pypi", or "deploy").
-3. Fetch the workflow file content and check the following:
-   a. **Trigger sanity**: The publish job should be triggered by `push` to tags,
-      `release: published`, or `workflow_run` on a release job — **not** solely
-      by `workflow_dispatch` with no additional guards. A `workflow_dispatch`
-      trigger alongside other triggers is acceptable. Mark ❌ if the only trigger
-      is manual `workflow_dispatch` with no environment protection rules.
-   b. **OIDC / Trusted Publisher**: The workflow should use OIDC-based publishing.
-      Look for `id-token: write` permission and one of:
-      - `pypa/gh-action-pypi-publish` action
-      - `actions/attest-build-provenance` action
-      - Any step that sets `TWINE_PASSWORD` from `secrets.PYPI_TOKEN` directly
-        (treat this as a static long-lived API token rather than OIDC).
-      Mark ✅ if OIDC is used, ⚠️ if the publish method cannot be determined.
-      If a static secret token is the only credential, mark ⚠️ for version
-      bumps (the package was already accepted at a previous version; suggest
-      the upstream maintainer switch to OIDC / Trusted Publisher for better
-      security) and ❌ for new packages.
-   c. **No manual upload bypass**: Verify there is no step that calls
-      `twine upload` or `pip upload` outside of a properly gated job (e.g., one
-      that requires an environment approval). Flag ⚠️ if such steps exist.
-4. If no publish workflow is found in the repository, mark ⚠️ — "No publish
-   workflow found; it is unclear how this package is released to PyPI."
-
-### GitLab repositories (`gitlab.com` or self-hosted GitLab)
-
-1. Use the GitLab REST API to list CI/CD pipeline configuration files. First
-   resolve the project ID via
-   `GET https://gitlab.com/api/v4/projects/{url-encoded-namespace-and-name}`
-   and note the `id` field.
-2. Fetch the repository's `.gitlab-ci.yml` (and any included files) using
-   `GET https://gitlab.com/api/v4/projects/{id}/repository/files/.gitlab-ci.yml/raw?ref=HEAD`
-   (use web-fetch for public repos).
-3. Identify any job whose name or `stage` suggests publishing to PyPI
-   (e.g., "publish", "deploy", "release", "pypi").
-4. For each such job, check:
-   a. **Trigger sanity**: The job should run only on tag pipelines (`only: tags`
-      or `rules: - if: $CI_COMMIT_TAG`) or on protected branches — **not**
-      solely on manual triggers (`when: manual`) with no additional protection.
-      Mark ❌ if the only trigger is manual with no environment or protected-branch
-      guard.
-   b. **Automated credentials**: The job should use GitLab's OIDC ID token
-      (`id_tokens:` block) and `pypa/gh-action-pypi-publish` equivalent, or
-      reference `secrets.PYPI_TOKEN` / `$PYPI_TOKEN` injected from GitLab CI/CD
-      protected variables. Flag ❌ if the token is hard-coded or unprotected.
-      Mark ✅ if OIDC is used, ⚠️ if the method cannot be determined. If a
-      protected static token is the only credential, mark ⚠️ for version bumps
-      (suggest the upstream maintainer switch to OIDC / Trusted Publisher for
-      better security) and ❌ for new packages.
-   c. **No manual upload bypass**: Flag ⚠️ if any job calls `twine upload`
-      without being behind a protected-variable or environment guard.
-5. If no publish job is found, mark ⚠️ — "No publish job found in .gitlab-ci.yml;
-   it is unclear how this package is released to PyPI."
-
-### Other code hosting providers
-
-For repositories hosted on platforms other than GitHub or GitLab (e.g.,
-Bitbucket, Codeberg, Gitea, Sourcehut):
-1. Use web-fetch to retrieve the repository's root page and look for any
-   publicly visible CI configuration files (e.g., `.circleci/config.yml`,
-   `Jenkinsfile`, `azure-pipelines.yml`, `bitbucket-pipelines.yml`,
-   `.builds/*.yml` for Sourcehut).
-2. Apply the same conceptual checks as above:
-   - Does publishing run on automated triggers (tags/releases), not solely
-     manual ones?
-   - Are credentials injected by the CI system (not hard-coded)?
-   - Is there a `twine upload` or equivalent step that could be run manually?
-3. If no CI configuration can be retrieved, mark ⚠️ — "Release pipeline could
-   not be inspected; hosting provider is not GitHub or GitLab."
-
-## Step 7 — Post a Review Comment
-
-**Always** post a review comment using `add_comment`, regardless of whether
-packages pass or fail. Use the following structure:
-
-**Note on deduplication**: The workflow automatically updates any previous
-requirements-check comment on the PR in place (preserving its position in the
-thread). If no previous comment exists, the newly created comment is kept as-is.
-You do not need to search for or update previous comments yourself.
-
-### Comment structure
-
-Begin every comment with the HTML marker `<!-- requirements-check -->` on its
-own line (this is used by the workflow to find the previous comment and update
-it on the next run).
-
-### 7a — Overall summary line
-
-Begin the comment with a single summary line, before anything else:
-
- If everything passed: `All requirements checks passed. ✅`
- If there are failures or warnings: `⚠️ Some checks require attention — see the details below.`
-
-### 7b — Summary table
-
-Render a compact table where every check column contains **only the status
-icon** (✅, ⚠️, or ❌). No explanatory text belongs inside the table cells —
-all detail goes in the per-package sections below.
-
-Use `—` (em dash) when a check was skipped (e.g. Release Pipeline is skipped
-when the repository is not publicly accessible).
-
-```
-<!-- requirements-check -->
-## Check requirements
-
-| Package | Type | Old→New | License | Repo Public | CI Upload | Release Pipeline | PR Link |
-|---------|------|---------|---------|-------------|-----------|------------------|---------|
-| PackageA | bump | 1.2.3→1.3.0 | ✅ | ✅ | ✅ | ✅ | ✅ |
-| PackageB | new  | —→4.5.6 | ❌ | ✅ | ⚠️ | ⚠️ | ❌ |
-| PackageC | bump | 2.0.0→2.1.0 | ✅ | ❌ | — | — | ❌ |
-```
-
-### 7c — Per-package detail sections
-
-After the table, add one collapsible `<details>` block per package.
-
- If **all checks passed** for that package, render the block **collapsed**
-  (no `open` attribute) so the comment stays concise.
- If **any check failed or produced a warning**, render the block **open**
-  (`<details open>`) so the contributor sees the issues immediately.
-
-Each block must include the full detail for every check: the license found, the
-repository URL, whether a provenance attestation was found, the release
-pipeline findings, and the PR link found (or missing, or mismatched with the
-actual bump). For failed or warned checks, explain exactly what the contributor
-must fix, including the expected source repository URL, expected version range,
-etc.
-
-Template (repeat for each package):
-
-```
-<details open>
-<summary><strong>PackageB 📦 new —→4.5.6</strong></summary>
-
- **License**: ❌ License is `UNKNOWN` — not in the approved list. Check PyPI metadata and `script/licenses.py`.
- **Repository Public**: ✅ https://github.com/example/packageb is publicly accessible.
- **CI Upload**: ⚠️ No provenance attestation found for any distribution file. The release may have been uploaded manually.
- **Release Pipeline**: ⚠️ No publish workflow found in the repository; it is unclear how this package is released to PyPI.
- **PR Link**: ❌ PR description must link to the source repository at https://github.com/example/packageb (a PyPI page link is not sufficient).
-
-</details>
-```
-
-Collapsed example (all checks passed):
-
-```
-<details>
-<summary><strong>PackageA 📦 bump 1.2.3→1.3.0</strong></summary>
-
- **License**: ✅ MIT
- **Repository Public**: ✅ https://github.com/example/packagea
- **CI Upload**: ✅ Trusted Publisher attestation found (GitHub Actions).
- **Release Pipeline**: ✅ OIDC via `pypa/gh-action-pypi-publish`; triggered on `release: published`; `environment: release` gate.
- **PR Link**: ✅ https://github.com/example/packagea/compare/v1.2.3...v1.3.0
-
-</details>
-```
+# Check requirements (AW)
+
+You are a code review assistant for the Home Assistant project. The
+deterministic stage has already evaluated every check it can on its own
+and produced an artifact containing the PR number, per-package check
+results, and a pre-rendered comment with placeholders. **Your only job is
+to read that artifact, resolve any `needs_agent` checks, and post the
+final comment.**
+
+## Step 1 — Read the deterministic-stage artifact
+
+The deterministic stage uploaded its results to the runner at
+`/tmp/gh-aw/deterministic/results.json`.
+
+The JSON has this shape:
+
+- `pr_number` — the PR being checked. The `add_comment` safe-output is
+  already targeted at this PR (a pre-job extracts `pr_number` from the
+  artifact and the workflow wires it into the safe-output config via
+  `needs.extract_pr_number.outputs.pr_number`), so **you do not need to
+  set `item_number` yourself** — just emit `add_comment` with the
+  rendered body.
+- `needs_agent` — `true` iff any package's check needs resolution.
+- `packages[]` — one entry per changed package. Each entry has:
+  - `name`, `old_version` (`null` for a newly added package; otherwise the
+    previous pin), `new_version`, `repo_url`, `publisher_kind`.
+  - `checks` — a dict keyed by **check kind** (string). Each value has a
+    `status` (`pass`, `warn`, `fail`, or `needs_agent`) and `details`.
+- `rendered_comment` — the final PR comment body, already rendered. For
+  every check whose status is `needs_agent` it contains two placeholders
+  you must replace:
+  - `{{CHECK_CELL:<pkg-name>:<check-kind>}}` — one cell of the summary
+    table. Replace with exactly one of `✅`, `⚠️`, `❌`.
+  - `{{CHECK_DETAIL:<pkg-name>:<check-kind>}}` — the body of one bullet
+    in the package's `<details>` block. Replace with
+    `<icon> <one-line explanation>` (the bullet's leading
+    `- **<label>**:` is already rendered — replace only the placeholder).
+
+You **must not** modify any other content in `rendered_comment`. Do not
+re-evaluate checks that already have a deterministic status. Do not add
+or remove packages.
+
+## Step 2 — Resolve each `needs_agent` check
+
+For each `package` in `packages`:
+
+For each `(check_kind, result)` in `package.checks` where
+`result.status == "needs_agent"`:
+
+1. Look up `## Check kind: <check_kind>` in the **Check instructions**
+   section below.
+2. **If no matching section exists**: emit a single `add_comment` whose
+   body is:
+
+   ```
+   <!-- requirements-check -->
+   ## Check requirements
+
+   ❌ Internal error: the deterministic artifact contains a check kind
+   (`<check_kind>` on package `<pkg-name>`) that this workflow has no
+   instructions for. Update `.github/workflows/check-requirements.md`
+   to add a matching `## Check kind: <check_kind>` section, or remove
+   the kind from the deterministic stage.
+   ```
+
+   Then stop. **Do not improvise** a verdict for an unknown check kind.
+3. Otherwise, follow the instructions in that section. They tell you
+   which icon (✅/⚠️/❌) and one-line explanation to produce.
+
+## Step 3 — Post the comment
+
+1. Replace every `{{CHECK_CELL:…}}` and `{{CHECK_DETAIL:…}}` placeholder
+   in `rendered_comment` with the resolved value.
+2. Emit the resulting markdown using `add_comment` — set `body` to the
+   merged `rendered_comment` verbatim (the leading
+   `<!-- requirements-check -->` marker must be preserved). The PR
+   target is already set by the workflow; do not pass `item_number`.
+
+If the artifact's top-level `needs_agent` is `false` (no checks need
+you), emit `rendered_comment` unchanged.
+
+## Check instructions
+
+### Check kind: `repo_public`
+
+Verify that the package's source repository is publicly reachable.
+
+1. Read `package.repo_url`.
+2. Use the `web-fetch` tool to GET that URL.
+3. Decide the verdict:
+   - HTTP 200, returns a public repository page → ✅
+     `<repo_url> is publicly accessible.`
+   - HTTP 4xx/5xx, or the response redirects to a login / sign-in page →
+     ❌ `Source repository at <repo_url> is not publicly accessible.
+     Home Assistant requires all dependencies to have publicly available
+     source code.`
+   - Any other inconclusive result → ⚠️ with a one-line description.
+
+If `repo_public` resolves to ❌ for a package, **also** mark that
+package's `release_pipeline` and `async_blocking` cells/details as `—`
+(em dash) and explain `Skipped because the source repository is not
+publicly accessible.` — neither check can be performed without a public
+repo.
+
+### Check kind: `pr_link`
+
+Verify the PR description contains the right link for the change.
+
+1. Fetch the PR body via the GitHub MCP tool, using the `pr_number`
+   field from the artifact.
+2. Extract all URLs from the body.
+3. For a **new package** (`package.old_version` is `null`):
+   - The PR body must contain a URL that points at `package.repo_url`
+     (any sub-path of the same `owner/repo` on the same host is
+     acceptable). A PyPI link is **not** sufficient.
+   - ✅ if such a URL is present.
+   - ❌ otherwise:
+     `PR description must link to the source repository at <repo_url>.
+     A PyPI page link is not sufficient.`
+4. For a **version bump** (`package.old_version` is not `null`):
+   - The PR body must contain a URL on the same host as
+     `package.repo_url` that references **both** `package.old_version`
+     and `package.new_version` (e.g. a GitHub compare URL
+     `compare/vX...vY`, a release / changelog URL containing both
+     versions, etc.).
+   - ✅ if such a URL is present and the versions match the actual bump.
+   - ❌ otherwise:
+     `PR description should link to a changelog or compare URL on
+     <repo_url> that mentions both <old_version> and <new_version>.`
+
+### Check kind: `release_pipeline`
+
+Inspect the upstream project's release / publish CI pipeline.
+
+For each package needing inspection, determine the source repository
+host from `package.repo_url`, then apply the corresponding checklist.
+
+#### GitHub repositories (`github.com`)
+
+1. List workflows: `GET /repos/{owner}/{repo}/actions/workflows`.
+2. Identify any workflow whose name or filename suggests publishing to
+   PyPI (`release`, `publish`, `pypi`, or `deploy`).
+3. Fetch the workflow file and check:
+   - **Trigger sanity**: triggered by `push` to tags,
+     `release: published`, or `workflow_run` on a release job —
+     **not** solely `workflow_dispatch` with no environment-protection
+     guard.
+   - **OIDC / Trusted Publisher**: look for `id-token: write` and one of
+     `pypa/gh-action-pypi-publish`, `actions/attest-build-provenance`,
+     or `TWINE_PASSWORD` from a static `secrets.PYPI_TOKEN`.
+   - **No manual upload bypass**: no ungated `twine upload` or
+     `pip upload`.
+4. Verdict:
+   - ✅ if OIDC + sane triggers + no bypass.
+   - ⚠️ if static token but version bump, or details unclear.
+   - ❌ if static token on a new package, or only-manual triggers with
+     no environment protection.
+
+#### GitLab repositories (`gitlab.com` or self-hosted GitLab)
+
+1. Resolve the project ID via
+   `GET https://gitlab.com/api/v4/projects/{url-encoded-namespace-and-name}`.
+2. Fetch `.gitlab-ci.yml` via
+   `GET https://gitlab.com/api/v4/projects/{id}/repository/files/.gitlab-ci.yml/raw?ref=HEAD`.
+3. Apply the same conceptual checks: tag-only / protected-branch
+   triggers, GitLab OIDC `id_tokens` or CI/CD protected `PYPI_TOKEN`, no
+   ungated `twine upload`. Same verdict rules as GitHub.
+
+#### Other code hosting providers (Bitbucket, Codeberg, Gitea, Sourcehut, …)
+
+1. Use `web-fetch` to retrieve any visible CI configuration
+   (`.circleci/config.yml`, `Jenkinsfile`, `azure-pipelines.yml`,
+   `bitbucket-pipelines.yml`, `.builds/*.yml`).
+2. Apply the conceptual checks: automated triggers, CI-injected
+   credentials, no manual `twine upload`.
+3. If no CI config can be retrieved: ⚠️ `Release pipeline could not be
+   inspected; hosting provider is not GitHub or GitLab.`
+
+### Check kind: `async_blocking`
+
+Verify whether the dependency performs blocking I/O inside async code
+paths. Home Assistant runs on a single asyncio event loop, so a library
+that exposes an `async` surface must not call blocking APIs from inside
+its `async def` functions — that stalls the whole loop. A purely sync
+library is fine: Home Assistant integrations are expected to wrap such
+calls in an executor.
+
+**Two modes — pick by inspecting `package.old_version`:**
+
+- `old_version` is `null` → **new package**: review the *entire current
+  source tree*. Nothing about this dependency has been vetted before.
+- `old_version` is a string → **version bump**: review only the *diff
+  between `old_version` and `new_version`*. The previous version was
+  already accepted, so blocking calls that were present in
+  `old_version` are not regressions; report only what `new_version`
+  introduces.
+
+#### Step 1 — Decide whether the library exposes an async surface
+
+Use the `github` MCP tool (for `github.com` repos) or `web-fetch`
+(other hosts) on `package.repo_url`. Always inspect the tag /
+ref matching `new_version` (e.g. `v{new_version}` or `{new_version}`).
+
+- Locate the top-level package directory (usually named after the
+  import name, often equal or close to `package.name`).
+- Check `pyproject.toml` / `setup.py` / `setup.cfg` / `README*` for
+  async indicators (`Framework :: AsyncIO` trove classifier, `asyncio`
+  / `aiohttp` / `httpx` / `anyio` in dependencies, an async usage
+  example in the README).
+- Grep the package source for `async def`. A handful of `async def`
+  entries in the public modules is enough to treat the library as
+  having an async surface.
+
+If the library is **sync-only** (no `async def` in its public modules
+and no async framework dependency) → ✅
+`Sync-only library; Home Assistant integrations must wrap calls in an
+executor.` *This verdict is the same in both modes.*
+
+#### Step 2a — Mode: new package (`old_version` is `null`)
+
+Inspect **every `async def` in the public modules** for blocking
+patterns. Walk transitively into helpers the async functions call.
+
+#### Step 2b — Mode: version bump (`old_version` is a string)
+
+Fetch the diff between the two tags and review **only changed lines**:
+
+- GitHub: `GET /repos/{owner}/{repo}/compare/{old_tag}...{new_tag}` via
+  the `github` MCP tool, or
+  `https://github.com/{owner}/{repo}/compare/{old_tag}...{new_tag}.diff`
+  via `web-fetch`. Try the common tag formats in order until one
+  resolves: `v{version}`, `{version}`, `release-{version}`.
+- GitLab: `https://gitlab.com/{namespace}/{project}/-/compare/{old_tag}...{new_tag}.diff`.
+- Other hosts: use the project's equivalent compare URL via
+  `web-fetch`.
+
+If neither tag format resolves on the host, fall back to a full review
+(Step 2a) and mention in the detail that the diff was unavailable.
+
+When reviewing the diff, only flag blocking patterns that appear in
+**added lines** *inside or reachable from* an `async def`. A blocking
+call that existed in `old_version` and is unchanged is not a regression
+for this bump.
+
+#### Step 3 — Blocking patterns to look for
+
+In both modes, the patterns to flag inside `async def` bodies are:
+
+- Sync HTTP: `requests.`, `urllib.request`, `urllib3.` direct use,
+  `http.client.`, sync `httpx.Client(` / `httpx.get(` (NOT the
+  `AsyncClient`), `pycurl`.
+- `time.sleep(` (must be `await asyncio.sleep(`).
+- Sync sockets: bare `socket.socket` reads/writes, `ssl.wrap_socket`,
+  blocking `select.select`.
+- File I/O: `open(` / `pathlib.Path.read_*` / `.write_*` for
+  non-trivial sizes (small one-shot reads during import are
+  acceptable; reads/writes on the request path are not — prefer
+  `aiofiles` / executor).
+- Sync DB drivers used directly: `sqlite3`, `psycopg2`, `pymysql`,
+  `pymongo` (sync client), `redis.Redis` (sync client).
+- `subprocess.run` / `subprocess.call` / `os.system` (must be
+  `asyncio.create_subprocess_*`).
+
+A call that is clearly dispatched to an executor
+(`run_in_executor`, `asyncio.to_thread`, `anyio.to_thread.run_sync`)
+does NOT count as blocking.
+
+#### Step 4 — Verdict
+
+- ✅ — no offending blocking pattern in the surface being reviewed
+  (whole tree for a new package, added lines for a bump). For a bump,
+  phrase the detail as `No new blocking calls introduced in
+  {old_version} → {new_version}.`.
+- ⚠️ — blocking calls exist only in sync helpers that the async API
+  does not call, or only on a clearly non-hot path (e.g. one-shot
+  setup before the event loop is running). Cite at least one
+  `<file>:<line>` and explain why it is not on the hot path.
+- ❌ — a blocking call is reachable from an `async def` that is part
+  of the public API on the request / polling path (for a bump: the
+  call was introduced or moved onto the hot path by this version).
+  Cite the offending `<file>:<line>` as a clickable link on the repo
+  host so the contributor can jump to it.

 ## Notes

- Be constructive and helpful. Provide direct links where possible so the
-  contributor can quickly fix the issue.
- If PyPI returns an error for a package, mention that it could not be found and
-  suggest the contributor verify the package name.
- For packages that only appear in `homeassistant/package_constraints.txt` or
-  `pyproject.toml` without being tied to a specific integration, the PR
-  description link requirement still applies.
- When checking test-only packages (from `requirements_test.txt` or
-  `requirements_test_all.txt`), apply the same license, repository, and PR
-  description checks as for production dependencies.
- A package that appears in both a production file and a test file should only
-  be reported once; use the production file entry as the canonical one.
- This workflow is invoked exclusively via `workflow_dispatch`. The stage-1
-  workflow `Check requirements (changes detection)` runs on `pull_request` with
-  a paths filter on the tracked requirements files, and its completion triggers
-  the dispatcher (`Check requirements (dispatcher)`) which calls this workflow
-  with the PR number. Members can also dispatch this workflow manually with the
-  PR number to re-run the check after updating the PR description or fixing
-  issues without changing any requirements files. On a retrigger the existing
-  comment is updated in place so there is always exactly one requirements-check
-  comment in the PR.
+- Be constructive and helpful. Reference the inspected workflow / CI
+  file by URL where useful so the contributor can fix the issue.
+- The dedup of the requirements-check comment is handled by gh-aw's
+  `add_comment` safe-output via the `<!-- requirements-check -->`
+  marker on the first line of `rendered_comment`.
+- If the deterministic workflow concluded with a non-success status,
+  this workflow's `if:` guard on `Download deterministic-results
+  artifact` skipped the download. If you find no file at
+  `/tmp/gh-aw/deterministic/results.json`, emit nothing — the post-step
+  verification is also gated and will not complain.
@@ -132,7 +132,7 @@
      "problemMatcher": []
    },
    {
-      "label": "Install all Requirements",
+      "label": "Install all production Requirements",
      "type": "shell",
      "command": "uv pip install -r requirements_all.txt",
      "group": {
@@ -146,9 +146,9 @@
      "problemMatcher": []
    },
    {
-      "label": "Install all Test Requirements",
+      "label": "Install all (test & production) Requirements",
      "type": "shell",
-      "command": "uv pip install -r requirements.txt -r requirements_test_all.txt",
+      "command": "uv pip install -r requirements_all.txt -r requirements_test.txt",
      "group": {
        "kind": "build",
        "isDefault": true
@@ -1413,8 +1413,8 @@ CLAUDE.md @home-assistant/core
 /tests/components/pushover/ @engrbm87
 /homeassistant/components/pvoutput/ @frenck
 /tests/components/pvoutput/ @frenck
-/homeassistant/components/pvpc_hourly_pricing/ @azogue
-/tests/components/pvpc_hourly_pricing/ @azogue
+/homeassistant/components/pvpc_hourly_pricing/ @azogue @chiro79
+/tests/components/pvpc_hourly_pricing/ @azogue @chiro79
 /homeassistant/components/pyload/ @tr4nt0r
 /tests/components/pyload/ @tr4nt0r
 /homeassistant/components/qbittorrent/ @geoffreylagaisse @finder39
@@ -1538,8 +1538,8 @@ CLAUDE.md @home-assistant/core
 /homeassistant/components/saj/ @fredericvl
 /homeassistant/components/samsung_infrared/ @lmaertin
 /tests/components/samsung_infrared/ @lmaertin
-/homeassistant/components/samsungtv/ @chemelli74 @epenet
-/tests/components/samsungtv/ @chemelli74 @epenet
+/homeassistant/components/samsungtv/ @chemelli74
+/tests/components/samsungtv/ @chemelli74
 /homeassistant/components/sanix/ @tomaszsluszniak
 /tests/components/sanix/ @tomaszsluszniak
 /homeassistant/components/satel_integra/ @Tommatheussen
@@ -134,7 +134,7 @@ class AuthManagerFlowManager(
        """
        flow = cast(LoginFlow, flow)

-        if result["type"] != FlowResultType.CREATE_ENTRY:
+        if result["type"] is not FlowResultType.CREATE_ENTRY:
            return result

        # we got final result
@@ -81,8 +81,10 @@ async def async_setup_entry(hass: HomeAssistant, entry: AirOSConfigEntry) -> boo
    ) as err:
        raise ConfigEntryAuthFailed from err
    except AirOSKeyDataMissingError as err:
+        # pylint: disable-next=home-assistant-exception-not-translated
        raise ConfigEntryError("key_data_missing") from err
    except Exception as err:
+        # pylint: disable-next=home-assistant-exception-not-translated
        raise ConfigEntryError("unknown") from err

    airos_class: type[AirOS8 | AirOS6] = (
@@ -91,6 +91,7 @@ class AmazonDevicesCoordinator(DataUpdateCoordinator[dict[str, AmazonDevice]]):
                translation_placeholders={"error": repr(err)},
            ) from err
        except CannotAuthenticate as err:
+            # pylint: disable-next=home-assistant-exception-translation-key-missing
            raise ConfigEntryAuthFailed(
                translation_domain=DOMAIN,
                translation_key="invalid_auth",
@@ -226,7 +226,7 @@ class ConversationSubentryFlowHandler(ConfigSubentryFlow):
    ) -> SubentryFlowResult:
        """Set initial options."""
        # abort if entry is not loaded
-        if self._get_entry().state != ConfigEntryState.LOADED:
+        if self._get_entry().state is not ConfigEntryState.LOADED:
            return self.async_abort(reason="entry_not_loaded")

        hass_apis: list[SelectOptionDict] = [
@@ -51,13 +51,11 @@
        "advanced": {
          "data": {
            "chat_model": "[%key:common::generic::model%]",
-            "prompt_caching": "[%key:component::anthropic::config_subentries::conversation::step::advanced::data::prompt_caching%]",
-            "temperature": "[%key:component::anthropic::config_subentries::conversation::step::advanced::data::temperature%]"
+            "prompt_caching": "[%key:component::anthropic::config_subentries::conversation::step::advanced::data::prompt_caching%]"
          },
          "data_description": {
            "chat_model": "[%key:component::anthropic::config_subentries::conversation::step::advanced::data_description::chat_model%]",
-            "prompt_caching": "[%key:component::anthropic::config_subentries::conversation::step::advanced::data_description::prompt_caching%]",
-            "temperature": "[%key:component::anthropic::config_subentries::conversation::step::advanced::data_description::temperature%]"
+            "prompt_caching": "[%key:component::anthropic::config_subentries::conversation::step::advanced::data_description::prompt_caching%]"
          },
          "title": "[%key:component::anthropic::config_subentries::conversation::step::advanced::title%]"
        },
@@ -120,13 +118,11 @@
        "advanced": {
          "data": {
            "chat_model": "[%key:common::generic::model%]",
-            "prompt_caching": "Caching strategy",
-            "temperature": "Temperature"
+            "prompt_caching": "Caching strategy"
          },
          "data_description": {
            "chat_model": "The model to serve the responses.",
-            "prompt_caching": "Optimize your API cost and response times based on your usage.",
-            "temperature": "Control the randomness of the response, trading off between creativity and coherence."
+            "prompt_caching": "Optimize your API cost and response times based on your usage."
          },
          "title": "Advanced settings"
        },
@@ -6,5 +6,5 @@
  "documentation": "https://www.home-assistant.io/integrations/aosmith",
  "integration_type": "hub",
  "iot_class": "cloud_polling",
-  "requirements": ["py-aosmith==1.0.17"]
+  "requirements": ["py-aosmith==1.0.18"]
 }
@@ -89,7 +89,7 @@ class AOSmithWaterHeaterEntity(AOSmithStatusEntity, WaterHeaterEntity):
    def supported_features(self) -> WaterHeaterEntityFeature:
        """Return the list of supported features."""
        supports_vacation_mode = any(
-            supported_mode.mode == AOSmithOperationMode.VACATION
+            supported_mode.mode is AOSmithOperationMode.VACATION
            for supported_mode in self.device.supported_modes
        )

@@ -122,7 +122,7 @@ class AOSmithWaterHeaterEntity(AOSmithStatusEntity, WaterHeaterEntity):
    @property
    def is_away_mode_on(self) -> bool:
        """Return True if away mode is on."""
-        return self.device.status.current_mode == AOSmithOperationMode.VACATION
+        return self.device.status.current_mode is AOSmithOperationMode.VACATION

    async def async_set_operation_mode(self, operation_mode: str) -> None:
        """Set new target operation mode."""
@@ -369,7 +369,7 @@ class AppleTVManager(DeviceListener):

            attrs[ATTR_MODEL] = (
                dev_info.raw_model
-                if dev_info.model == DeviceModel.Unknown and dev_info.raw_model
+                if dev_info.model is DeviceModel.Unknown and dev_info.raw_model
                else model_str(dev_info.model)
            )
            attrs[ATTR_SW_VERSION] = dev_info.version
@@ -63,7 +63,7 @@ class AppleTVKeyboardFocused(AppleTVEntity, BinarySensorEntity, KeyboardListener
        # Listen to keyboard updates
        atv.keyboard.listener = self
        # Set initial state based on current focus state
-        self._update_state(atv.keyboard.text_focus_state == KeyboardFocusState.Focused)
+        self._update_state(atv.keyboard.text_focus_state is KeyboardFocusState.Focused)

    @callback
    def async_device_disconnected(self) -> None:
@@ -78,7 +78,7 @@ class AppleTVKeyboardFocused(AppleTVEntity, BinarySensorEntity, KeyboardListener

        This is a callback function from pyatv.interface.KeyboardListener.
        """
-        self._update_state(new_state == KeyboardFocusState.Focused)
+        self._update_state(new_state is KeyboardFocusState.Focused)

    def _update_state(self, new_state: bool) -> None:
        """Update and report."""
@@ -354,7 +354,7 @@ class AppleTVConfigFlow(ConfigFlow, domain=DOMAIN):
            "name": self.atv.name,
            "type": (
                dev_info.raw_model
-                if dev_info.model == DeviceModel.Unknown and dev_info.raw_model
+                if dev_info.model is DeviceModel.Unknown and dev_info.raw_model
                else model_str(dev_info.model)
            ),
        }
@@ -441,12 +441,12 @@ class AppleTVConfigFlow(ConfigFlow, domain=DOMAIN):
            return await self.async_step_password()

        # Figure out, depending on protocol, what kind of pairing is needed
-        if service.pairing == PairingRequirement.Unsupported:
+        if service.pairing is PairingRequirement.Unsupported:
            _LOGGER.debug("%s does not support pairing", self.protocol)
            return await self.async_pair_next_protocol()
-        if service.pairing == PairingRequirement.Disabled:
+        if service.pairing is PairingRequirement.Disabled:
            return await self.async_step_protocol_disabled()
-        if service.pairing == PairingRequirement.NotNeeded:
+        if service.pairing is PairingRequirement.NotNeeded:
            _LOGGER.debug("%s does not require pairing", self.protocol)
            self.credentials[self.protocol.value] = None
            return await self.async_pair_next_protocol()
@@ -457,7 +457,7 @@ class AppleTVConfigFlow(ConfigFlow, domain=DOMAIN):
        pair_args: dict[str, Any] = {}
        if self.protocol in {Protocol.AirPlay, Protocol.Companion, Protocol.DMAP}:
            pair_args["name"] = "Home Assistant"
-        if self.protocol == Protocol.DMAP:
+        if self.protocol is Protocol.DMAP:
            pair_args["zeroconf"] = await zeroconf.async_get_instance(self.hass)

        # Initiate the pairing process
@@ -139,7 +139,7 @@ class AppleTvMediaPlayer(
        all_features = atv.features.all_features()
        for feature_name, support_flag in SUPPORT_FEATURE_MAPPING.items():
            feature_info = all_features.get(feature_name)
-            if feature_info and feature_info.state != FeatureState.Unsupported:
+            if feature_info and feature_info.state is not FeatureState.Unsupported:
                self._attr_supported_features |= support_flag

        # No need to schedule state update here as that will happen when the first
@@ -188,14 +188,14 @@ class AppleTvMediaPlayer(
            return MediaPlayerState.OFF
        if (
            self._is_feature_available(FeatureName.PowerState)
-            and self.atv.power.power_state == PowerState.Off
+            and self.atv.power.power_state is PowerState.Off
        ):
            return MediaPlayerState.OFF
        if self._playing:
            state = self._playing.device_state
            if state in (DeviceState.Idle, DeviceState.Loading):
                return MediaPlayerState.IDLE
-            if state == DeviceState.Playing:
+            if state is DeviceState.Playing:
                return MediaPlayerState.PLAYING
            if state in (DeviceState.Paused, DeviceState.Seeking, DeviceState.Stopped):
                return MediaPlayerState.PAUSED
@@ -446,7 +446,7 @@ class AppleTvMediaPlayer(
    def shuffle(self) -> bool | None:
        """Boolean if shuffle is enabled."""
        if self._playing and self._is_feature_available(FeatureName.Shuffle):
-            return self._playing.shuffle != ShuffleState.Off
+            return self._playing.shuffle is not ShuffleState.Off
        return None

    def _is_feature_available(self, feature: FeatureName) -> bool:
@@ -506,7 +506,7 @@ class AppleTvMediaPlayer(
            and (self._is_feature_available(FeatureName.TurnOff))
            and (
                not self._is_feature_available(FeatureName.PowerState)
-                or self.atv.power.power_state == PowerState.On
+                or self.atv.power.power_state is PowerState.On
            )
        ):
            await self.atv.power.turn_off()
@@ -59,7 +59,7 @@ def _check_keyboard_focus(atv: AppleTVInterface) -> None:
            translation_domain=DOMAIN,
            translation_key="keyboard_not_available",
        ) from err
-    if focus_state != KeyboardFocusState.Focused:
+    if focus_state is not KeyboardFocusState.Focused:
        raise ServiceValidationError(
            translation_domain=DOMAIN,
            translation_key="keyboard_not_focused",
@@ -1,9 +1,11 @@
 """Config flow to configure the Arcam FMJ component."""

+import socket
 from typing import Any
 from urllib.parse import urlparse

-from arcam.fmj.client import Client, ConnectionFailed
+from arcam.fmj import ConnectionFailed
+from arcam.fmj.client import Client
 from arcam.fmj.utils import get_uniqueid_from_host, get_uniqueid_from_udn
 import voluptuous as vol

@@ -29,26 +31,19 @@ class ArcamFmjFlowHandler(ConfigFlow, domain=DOMAIN):
        await self.async_set_unique_id(uuid)
        self._abort_if_unique_id_configured({CONF_HOST: host, CONF_PORT: port})

-    async def _async_check_and_create(self, host: str, port: int) -> ConfigFlowResult:
+    async def _async_try_connect(self, host: str, port: int) -> None:
+        """Verify the device is reachable."""
        client = Client(host, port)
        try:
            await client.start()
-        except ConnectionFailed:
-            return self.async_abort(reason="cannot_connect")
        finally:
            await client.stop()

-        return self.async_create_entry(
-            title=f"{DEFAULT_NAME} ({host})",
-            data={CONF_HOST: host, CONF_PORT: port},
-        )
-
    async def async_step_user(
        self, user_input: dict[str, Any] | None = None
    ) -> ConfigFlowResult:
        """Handle a discovered device."""
        errors: dict[str, str] = {}
-
        if user_input is not None:
            uuid = await get_uniqueid_from_host(
                async_get_clientsession(self.hass), user_input[CONF_HOST]
@@ -58,18 +53,36 @@ class ArcamFmjFlowHandler(ConfigFlow, domain=DOMAIN):
                    user_input[CONF_HOST], user_input[CONF_PORT], uuid
                )

-            return await self._async_check_and_create(
-                user_input[CONF_HOST], user_input[CONF_PORT]
-            )
+            try:
+                await self._async_try_connect(
+                    user_input[CONF_HOST], user_input[CONF_PORT]
+                )
+            except socket.gaierror:
+                errors["base"] = "invalid_host"
+            except TimeoutError:
+                errors["base"] = "timeout_connect"
+            except ConnectionRefusedError:
+                errors["base"] = "connection_refused"
+            except ConnectionFailed, OSError:
+                errors["base"] = "cannot_connect"
+            else:
+                return self.async_create_entry(
+                    title=f"{DEFAULT_NAME} ({user_input[CONF_HOST]})",
+                    data={
+                        CONF_HOST: user_input[CONF_HOST],
+                        CONF_PORT: user_input[CONF_PORT],
+                    },
+                )

        fields = {
            vol.Required(CONF_HOST): str,
            vol.Required(CONF_PORT, default=DEFAULT_PORT): int,
        }
+        schema = vol.Schema(fields)
+        if user_input is not None:
+            schema = self.add_suggested_values_to_schema(schema, user_input)

-        return self.async_show_form(
-            step_id="user", data_schema=vol.Schema(fields), errors=errors
-        )
+        return self.async_show_form(step_id="user", data_schema=schema, errors=errors)

    async def async_step_confirm(
        self, user_input: dict[str, Any] | None = None
@@ -79,7 +92,10 @@ class ArcamFmjFlowHandler(ConfigFlow, domain=DOMAIN):
        self.context["title_placeholders"] = placeholders

        if user_input is not None:
-            return await self._async_check_and_create(self.host, self.port)
+            return self.async_create_entry(
+                title=f"{DEFAULT_NAME} ({self.host})",
+                data={CONF_HOST: self.host, CONF_PORT: self.port},
+            )

        return self.async_show_form(
            step_id="confirm", description_placeholders=placeholders
@@ -97,6 +113,11 @@ class ArcamFmjFlowHandler(ConfigFlow, domain=DOMAIN):

        await self._async_set_unique_id_and_update(host, port, uuid)

+        try:
+            await self._async_try_connect(host, port)
+        except ConnectionFailed, OSError:
+            return self.async_abort(reason="cannot_connect")
+
        self.host = host
-        self.port = DEFAULT_PORT
+        self.port = port
        return await self.async_step_confirm()
@@ -263,9 +263,9 @@ class ArcamFmj(ArcamFmjEntity, MediaPlayerEntity):
    def media_channel(self) -> str | None:
        """Channel currently playing."""
        source = self._state.get_source()
-        if source == SourceCodes.DAB:
+        if source is SourceCodes.DAB:
            value = self._state.get_dab_station()
-        elif source == SourceCodes.FM:
+        elif source is SourceCodes.FM:
            value = self._state.get_rds_information()
        else:
            value = None
@@ -274,7 +274,7 @@ class ArcamFmj(ArcamFmjEntity, MediaPlayerEntity):
    @property
    def media_artist(self) -> str | None:
        """Artist of current playing media, music track only."""
-        if self._state.get_source() == SourceCodes.DAB:
+        if self._state.get_source() is SourceCodes.DAB:
            value = self._state.get_dls_pdt()
        else:
            value = None
@@ -5,6 +5,12 @@
      "already_in_progress": "[%key:common::config_flow::abort::already_in_progress%]",
      "cannot_connect": "[%key:common::config_flow::error::cannot_connect%]"
    },
+    "error": {
+      "cannot_connect": "[%key:common::config_flow::error::cannot_connect%]",
+      "connection_refused": "Host refused connection",
+      "invalid_host": "[%key:common::config_flow::error::invalid_host%]",
+      "timeout_connect": "[%key:common::config_flow::error::timeout_connect%]"
+    },
    "flow_title": "{host}",
    "step": {
      "confirm": {
@@ -1355,7 +1355,7 @@ class PipelineRun:
    ) -> bool:
        """Return true if all targeted entities were in the same area as the device."""
        if (
-            intent_response.response_type != intent.IntentResponseType.ACTION_DONE
+            intent_response.response_type is not intent.IntentResponseType.ACTION_DONE
            or not intent_response.matched_states
        ):
            return False
@@ -82,7 +82,7 @@ rules:
    comment: |
      This integration does not have any entities that should disabled by default.
  entity-translations: done
-  exception-translations: done
+  exception-translations: todo
  icon-translations: done
  reconfiguration-flow: todo
  repair-issues:
@@ -251,12 +251,12 @@ class AuthProvidersView(HomeAssistantView):

 def _prepare_result_json(result: AuthFlowResult) -> dict[str, Any]:
    """Convert result to JSON serializable dict."""
-    if result["type"] == data_entry_flow.FlowResultType.CREATE_ENTRY:
+    if result["type"] is data_entry_flow.FlowResultType.CREATE_ENTRY:
        return {
            key: val for key, val in result.items() if key not in ("result", "data")
        }

-    if result["type"] != data_entry_flow.FlowResultType.FORM:
+    if result["type"] is not data_entry_flow.FlowResultType.FORM:
        return result  # type: ignore[return-value]

    data = dict(result)
@@ -289,11 +289,11 @@ class LoginFlowBaseView(HomeAssistantView):
        result: AuthFlowResult,
    ) -> web.Response:
        """Convert the flow result to a response."""
-        if result["type"] != data_entry_flow.FlowResultType.CREATE_ENTRY:
+        if result["type"] is not data_entry_flow.FlowResultType.CREATE_ENTRY:
            # @log_invalid_auth does not work here since it returns HTTP 200.
            # We need to manually log failed login attempts.
            if (
-                result["type"] == data_entry_flow.FlowResultType.FORM
+                result["type"] is data_entry_flow.FlowResultType.FORM
                and (errors := result.get("errors"))
                and errors.get("base")
                in (
@@ -142,9 +142,9 @@ def websocket_depose_mfa(

 def _prepare_result_json(result: data_entry_flow.FlowResult) -> dict[str, Any]:
    """Convert result to JSON serializable dict."""
-    if result["type"] == data_entry_flow.FlowResultType.CREATE_ENTRY:
+    if result["type"] is data_entry_flow.FlowResultType.CREATE_ENTRY:
        return dict(result)
-    if result["type"] != data_entry_flow.FlowResultType.FORM:
+    if result["type"] is not data_entry_flow.FlowResultType.FORM:
        return result  # type: ignore[return-value]

    data = dict(result)
@@ -67,7 +67,7 @@ rules:
    comment: |
      Only one entity type (device_tracker) is created, making this not applicable.
  entity-translations: done
-  exception-translations: done
+  exception-translations: todo
  icon-translations: done
  reconfiguration-flow:
    status: todo
@@ -51,6 +51,7 @@ async def async_setup_entry(hass: HomeAssistant, entry: S3ConfigEntry) -> bool:
                translation_key="invalid_bucket_name",
            ) from err
    except ValueError as err:
+        # pylint: disable-next=home-assistant-exception-translation-key-missing
        raise ConfigEntryError(
            translation_domain=DOMAIN,
            translation_key="invalid_endpoint_url",
@@ -72,7 +72,7 @@ rules:
  entity-device-class: done
  entity-disabled-by-default: done
  entity-translations: done
-  exception-translations: done
+  exception-translations: todo
  icon-translations:
    status: exempt
    comment: This integration does not use icons.
@@ -75,11 +75,13 @@ def handle_backup_errors[_R, **P](
                err.message,
                exc_info=True,
            )
+            # pylint: disable-next=home-assistant-exception-not-translated
            raise BackupAgentError(
                f"Error during backup operation in {func.__name__}:"
                f" Status {err.status_code}, message: {err.message}"
            ) from err
        except ServiceRequestError as err:
+            # pylint: disable-next=home-assistant-exception-not-translated
            raise BackupAgentError(
                f"Timeout during backup operation in {func.__name__}"
            ) from err
@@ -90,6 +92,7 @@ def handle_backup_errors[_R, **P](
                err,
                exc_info=True,
            )
+            # pylint: disable-next=home-assistant-exception-not-translated
            raise BackupAgentError(
                f"Error during backup operation in {func.__name__}: {err}"
            ) from err
@@ -118,6 +121,7 @@ class AzureStorageBackupAgent(BackupAgent):
        """Download a backup file."""
        blob = await self._find_blob_by_backup_id(backup_id)
        if blob is None:
+            # pylint: disable-next=home-assistant-exception-not-translated
            raise BackupNotFound(f"Backup {backup_id} not found")
        download_stream = await self._client.download_blob(blob.name)
        return download_stream.chunks()
@@ -155,6 +159,7 @@ class AzureStorageBackupAgent(BackupAgent):
        """Delete a backup file."""
        blob = await self._find_blob_by_backup_id(backup_id)
        if blob is None:
+            # pylint: disable-next=home-assistant-exception-not-translated
            raise BackupNotFound(f"Backup {backup_id} not found")
        await self._client.delete_blob(blob.name)

@@ -181,6 +186,7 @@ class AzureStorageBackupAgent(BackupAgent):
        """Return a backup."""
        blob = await self._find_blob_by_backup_id(backup_id)
        if blob is None:
+            # pylint: disable-next=home-assistant-exception-not-translated
            raise BackupNotFound(f"Backup {backup_id} not found")

        return AgentBackup.from_dict(json.loads(blob.metadata["backup_metadata"]))
@@ -89,6 +89,7 @@ async def async_setup_entry(hass: HomeAssistant, entry: BackblazeConfigEntry) ->
            translation_key="cannot_connect",
        ) from err
    except exception.MissingAccountData as err:
+        # pylint: disable-next=home-assistant-exception-translation-key-missing
        raise ConfigEntryAuthFailed(
            translation_domain=DOMAIN,
            translation_key="invalid_auth",
@@ -96,7 +96,7 @@ rules:
  entity-translations:
    status: exempt
    comment: This integration does not have entities.
-  exception-translations: done
+  exception-translations: todo
  icon-translations:
    status: exempt
    comment: This integration does not use icons.
@@ -67,6 +67,9 @@
    "cannot_connect": {
      "message": "Cannot connect to endpoint"
    },
+    "invalid_auth": {
+      "message": "Authentication failed using the provided key ID and application key."
+    },
    "invalid_bucket_name": {
      "message": "Bucket does not exist or is not writable by the provided credentials."
    },
@@ -169,6 +169,7 @@ class BlinkCamera(CoordinatorEntity[BlinkUpdateCoordinator], Camera):
        try:
            await self._camera.save_recent_clips(output_dir=file_path)
        except OSError as err:
+            # pylint: disable-next=home-assistant-exception-message-with-translation
            raise ServiceValidationError(
                str(err),
                translation_domain=DOMAIN,
@@ -190,6 +191,7 @@ class BlinkCamera(CoordinatorEntity[BlinkUpdateCoordinator], Camera):
        try:
            await self._camera.video_to_file(filename)
        except OSError as err:
+            # pylint: disable-next=home-assistant-exception-message-with-translation
            raise ServiceValidationError(
                str(err),
                translation_domain=DOMAIN,
@@ -20,7 +20,7 @@
    "bluetooth-adapters==2.1.0",
    "bluetooth-auto-recovery==1.5.3",
    "bluetooth-data-tools==1.29.11",
-    "dbus-fast==5.0.1",
+    "dbus-fast==5.0.0",
    "habluetooth==6.1.0"
  ]
 }
@@ -273,7 +273,7 @@ async def ws_subscribe_scanner_details(

    def _async_registration_changed(registration: HaScannerRegistration) -> None:
        added_event = HaScannerRegistrationEvent.ADDED
-        event_type = "add" if registration.event == added_event else "remove"
+        event_type = "add" if registration.event is added_event else "remove"
        _async_event_message({event_type: [registration.scanner.details]})

    manager = _get_manager(hass)
@@ -183,8 +183,8 @@ class BSBLANClimate(BSBLanCircuitEntity, ClimateEntity):
        try:
            await self.coordinator.client.thermostat(**data, circuit=self._circuit)
        except BSBLANError as err:
+            # pylint: disable-next=home-assistant-exception-message-with-translation
            raise HomeAssistantError(
-                "An error occurred while updating the BSBLAN device",
                translation_domain=DOMAIN,
                translation_key="set_data_error",
            ) from err
@@ -158,7 +158,10 @@ def process_service_info(
            )

    # If payload is encrypted and the bindkey is not verified then we need to reauth
-    if data.encryption_scheme != EncryptionScheme.NONE and not data.bindkey_verified:
+    if (
+        data.encryption_scheme is not EncryptionScheme.NONE
+        and not data.bindkey_verified
+    ):
        entry.async_start_reauth(hass, data={"device": data})

    return update
@@ -59,7 +59,7 @@ class BTHomeConfigFlow(ConfigFlow, domain=DOMAIN):
        self._discovery_info = discovery_info
        self._discovered_device = device

-        if device.encryption_scheme == EncryptionScheme.BTHOME_BINDKEY:
+        if device.encryption_scheme is EncryptionScheme.BTHOME_BINDKEY:
            return await self.async_step_get_encryption_key()
        return await self.async_step_bluetooth_confirm()

@@ -125,7 +125,7 @@ class BTHomeConfigFlow(ConfigFlow, domain=DOMAIN):
            self._discovery_info = discovery.discovery_info
            self._discovered_device = discovery.device

-            if discovery.device.encryption_scheme == EncryptionScheme.BTHOME_BINDKEY:
+            if discovery.device.encryption_scheme is EncryptionScheme.BTHOME_BINDKEY:
                return await self.async_step_get_encryption_key()

            return self._async_get_or_create_entry()
@@ -164,7 +164,7 @@ class BTHomeConfigFlow(ConfigFlow, domain=DOMAIN):

        self._discovery_info = device.last_service_info

-        if device.encryption_scheme == EncryptionScheme.BTHOME_BINDKEY:
+        if device.encryption_scheme is EncryptionScheme.BTHOME_BINDKEY:
            return await self.async_step_get_encryption_key()

        # Otherwise there wasn't actually encryption so abort
@@ -45,6 +45,8 @@ async def async_setup_entry(hass: HomeAssistant, entry: CalDavConfigEntry) -> bo
        # on some other unexpected server response.
        _LOGGER.warning("Unexpected CalDAV server response: %s", err)
        return False
+    except requests.Timeout as err:
+        raise ConfigEntryNotReady("Timeout connecting to CalDAV server") from err
    except requests.ConnectionError as err:
        raise ConfigEntryNotReady("Connection error from CalDAV server") from err
    except DAVError as err:
@@ -38,6 +38,7 @@ from homeassistant.helpers.update_coordinator import CoordinatorEntity

 from . import CalDavConfigEntry
 from .api import async_get_calendars
+from .const import TIMEOUT
 from .coordinator import CalDavUpdateCoordinator

 _LOGGER = logging.getLogger(__name__)
@@ -91,7 +92,12 @@ async def async_setup_platform(
    days = config[CONF_DAYS]

    client = caldav.DAVClient(
-        url, None, username, password, ssl_verify_cert=config[CONF_VERIFY_SSL]
+        url,
+        None,
+        username,
+        password,
+        ssl_verify_cert=config[CONF_VERIFY_SSL],
+        timeout=TIMEOUT,
    )

    calendars = await async_get_calendars(hass, client, SUPPORTED_COMPONENT)
@@ -231,7 +237,7 @@ class WebDavCalendarEntity(CoordinatorEntity[CalDavUpdateCoordinator], CalendarE
            await self.hass.async_add_executor_job(
                partial(self.coordinator.calendar.add_event, **item_data),
            )
-        except (requests.ConnectionError, DAVError) as err:
+        except (requests.ConnectionError, requests.Timeout, DAVError) as err:
            raise HomeAssistantError(f"CalDAV save error: {err}") from err

    @callback
@@ -138,7 +138,7 @@ class WebDavTodoListEntity(TodoListEntity):
            )
            # refreshing async otherwise it would take too much time
            self.hass.async_create_task(self.async_update_ha_state(force_refresh=True))
-        except (requests.ConnectionError, DAVError) as err:
+        except (requests.ConnectionError, requests.Timeout, DAVError) as err:
            raise HomeAssistantError(f"CalDAV save error: {err}") from err

    async def async_update_todo_item(self, item: TodoItem) -> None:
@@ -150,7 +150,7 @@ class WebDavTodoListEntity(TodoListEntity):
            )
        except NotFoundError as err:
            raise HomeAssistantError(f"Could not find To-do item {uid}") from err
-        except (requests.ConnectionError, DAVError) as err:
+        except (requests.ConnectionError, requests.Timeout, DAVError) as err:
            raise HomeAssistantError(f"CalDAV lookup error: {err}") from err
        vtodo = todo.icalendar_component  # type: ignore[attr-defined]
        vtodo["SUMMARY"] = item.summary or ""
@@ -174,7 +174,7 @@ class WebDavTodoListEntity(TodoListEntity):
            )
            # refreshing async otherwise it would take too much time
            self.hass.async_create_task(self.async_update_ha_state(force_refresh=True))
-        except (requests.ConnectionError, DAVError) as err:
+        except (requests.ConnectionError, requests.Timeout, DAVError) as err:
            raise HomeAssistantError(f"CalDAV save error: {err}") from err

    async def async_delete_todo_items(self, uids: list[str]) -> None:
@@ -188,14 +188,14 @@ class WebDavTodoListEntity(TodoListEntity):
            items = await asyncio.gather(*tasks)
        except NotFoundError as err:
            raise HomeAssistantError("Could not find To-do item") from err
-        except (requests.ConnectionError, DAVError) as err:
+        except (requests.ConnectionError, requests.Timeout, DAVError) as err:
            raise HomeAssistantError(f"CalDAV lookup error: {err}") from err

        # Run serially as some CalDAV servers do not support concurrent modifications
        for item in items:
            try:
                await self.hass.async_add_executor_job(item.delete)
-            except (requests.ConnectionError, DAVError) as err:
+            except (requests.ConnectionError, requests.Timeout, DAVError) as err:
                raise HomeAssistantError(f"CalDAV delete error: {err}") from err
        # refreshing async otherwise it would take too much time
        self.hass.async_create_task(self.async_update_ha_state(force_refresh=True))
@@ -1,12 +1,11 @@
 """Config flow for the Cert Expiry platform."""

 from collections.abc import Mapping
-import logging
 from typing import Any

 import voluptuous as vol

-from homeassistant.config_entries import SOURCE_IMPORT, ConfigFlow, ConfigFlowResult
+from homeassistant.config_entries import ConfigFlow, ConfigFlowResult
 from homeassistant.const import CONF_HOST, CONF_PORT

 from .const import DEFAULT_PORT, DOMAIN
@@ -19,8 +18,6 @@ from .errors import (
 )
 from .helper import get_cert_expiry_timestamp

-_LOGGER = logging.getLogger(__name__)
-

 class CertexpiryConfigFlow(ConfigFlow, domain=DOMAIN):
    """Handle a config flow."""
@@ -75,9 +72,6 @@ class CertexpiryConfigFlow(ConfigFlow, domain=DOMAIN):
                    title=title,
                    data={CONF_HOST: host, CONF_PORT: port},
                )
-            if self.source == SOURCE_IMPORT:
-                _LOGGER.error("Config import failed for %s", user_input[CONF_HOST])
-                return self.async_abort(reason="import_failed")
        else:
            user_input = {}
            user_input[CONF_HOST] = ""
@@ -2,7 +2,6 @@
  "config": {
    "abort": {
      "already_configured": "[%key:common::config_flow::abort::already_configured_service%]",
-      "import_failed": "Import from config failed",
      "reconfigure_successful": "[%key:common::config_flow::abort::reconfigure_successful%]"
    },
    "error": {
@@ -94,7 +94,7 @@ rules:
  entity-translations:
    status: exempt
    comment: This integration does not have entities.
-  exception-translations: done
+  exception-translations: todo
  icon-translations:
    status: exempt
    comment: This integration does not use icons.
@@ -110,7 +110,7 @@ class ComelitAlarmEntity(
    @property
    def available(self) -> bool:
        """Return True if alarm is available."""
-        if self._area.human_status == AlarmAreaState.UNKNOWN:
+        if self._area.human_status is AlarmAreaState.UNKNOWN:
            return False
        return super().available

@@ -124,7 +124,7 @@ class ComelitAlarmEntity(
            self._area.human_status,
            self._area.armed,
        )
-        if self._area.human_status == AlarmAreaState.ARMED:
+        if self._area.human_status is AlarmAreaState.ARMED:
            if self._area.armed == ALARM_AREA_ARMED_STATUS[AWAY]:
                return AlarmControlPanelState.ARMED_AWAY
            if self._area.armed == ALARM_AREA_ARMED_STATUS[NIGHT]:
@@ -43,7 +43,7 @@ BINARY_SENSOR_TYPES: Final[tuple[ComelitBinarySensorEntityDescription, ...]] = (
        device_class=BinarySensorDeviceClass.PROBLEM,
        is_on_fn=lambda obj: cast(ComelitVedoAreaObject, obj).anomaly,
        available_fn=lambda obj: (
-            cast(ComelitVedoAreaObject, obj).human_status != AlarmAreaState.UNKNOWN
+            cast(ComelitVedoAreaObject, obj).human_status is not AlarmAreaState.UNKNOWN
        ),
    ),
    ComelitBinarySensorEntityDescription(
@@ -67,7 +67,7 @@ BINARY_SENSOR_TYPES: Final[tuple[ComelitBinarySensorEntityDescription, ...]] = (
        object_type=ALARM_ZONE,
        device_class=BinarySensorDeviceClass.PROBLEM,
        is_on_fn=lambda obj: (
-            cast(ComelitVedoZoneObject, obj).human_status == AlarmZoneState.FAULTY
+            cast(ComelitVedoZoneObject, obj).human_status is AlarmZoneState.FAULTY
        ),
        available_fn=lambda obj: (
            cast(ComelitVedoZoneObject, obj).human_status
@@ -65,6 +65,7 @@ async def validate_input(hass: HomeAssistant, data: dict[str, Any]) -> dict[str,
            translation_placeholders={"error": repr(err)},
        ) from err
    except aiocomelit_exceptions.CannotAuthenticate as err:
+        # pylint: disable-next=home-assistant-exception-placeholder-mismatch
        raise InvalidAuth(
            translation_domain=DOMAIN,
            translation_key="cannot_authenticate",
@@ -166,12 +166,12 @@ class ComelitVedoSensorEntity(
    @property
    def available(self) -> bool:
        """Sensor availability."""
-        return self._zone_object.human_status != AlarmZoneState.UNAVAILABLE
+        return self._zone_object.human_status is not AlarmZoneState.UNAVAILABLE

    @property
    def native_value(self) -> StateType:
        """Sensor value."""
-        if (status := self._zone_object.human_status) == AlarmZoneState.UNKNOWN:
+        if (status := self._zone_object.human_status) is AlarmZoneState.UNKNOWN:
            return None

        return cast(str, status.value)
@@ -148,7 +148,7 @@ def _prepare_config_flow_result_json(
    prepare_result_json: Callable[[data_entry_flow.FlowResult], dict[str, Any]],
 ) -> dict[str, Any]:
    """Convert result to JSON."""
-    if result["type"] != data_entry_flow.FlowResultType.CREATE_ENTRY:
+    if result["type"] is not data_entry_flow.FlowResultType.CREATE_ENTRY:
        return prepare_result_json(result)

    data = {key: val for key, val in result.items() if key not in ("data", "context")}
@@ -646,7 +646,7 @@ class DefaultAgent(ConversationEntity):
        cache_value = self._intent_cache.get(cache_key)
        if cache_value is not None:
            if (cache_value.result is not None) and (
-                cache_value.stage == IntentMatchingStage.EXPOSED_ENTITIES_ONLY
+                cache_value.stage is IntentMatchingStage.EXPOSED_ENTITIES_ONLY
            ):
                _LOGGER.debug("Got cached result for exposed entities")
                return cache_value.result
@@ -686,7 +686,7 @@ class DefaultAgent(ConversationEntity):
        skip_unexposed_entities_match = False
        if cache_value is not None:
            if (cache_value.result is not None) and (
-                cache_value.stage == IntentMatchingStage.UNEXPOSED_ENTITIES
+                cache_value.stage is IntentMatchingStage.UNEXPOSED_ENTITIES
            ):
                _LOGGER.debug("Got cached result for all entities")
                return cache_value.result
@@ -731,7 +731,7 @@ class DefaultAgent(ConversationEntity):
        skip_unknown_names = False
        if cache_value is not None:
            if (cache_value.result is not None) and (
-                cache_value.stage == IntentMatchingStage.UNKNOWN_NAMES
+                cache_value.stage is IntentMatchingStage.UNKNOWN_NAMES
            ):
                _LOGGER.debug("Got cached result for unknown names")
                return cache_value.result
@@ -1447,7 +1447,7 @@ class DefaultAgent(ConversationEntity):

        response = await self._async_process_intent_result(result, user_input, chat_log)
        if (
-            response.response_type == intent.IntentResponseType.ERROR
+            response.response_type is intent.IntentResponseType.ERROR
            and response.error_code
            not in (
                intent.IntentResponseErrorCode.FAILED_TO_HANDLE,
@@ -1546,7 +1546,7 @@ def _get_match_error_response(
        # device_class only
        return ErrorKey.NO_DEVICE_CLASS, {"device_class": device_class}

-    if (reason == intent.MatchFailedReason.DOMAIN) and constraints.domains:
+    if (reason is intent.MatchFailedReason.DOMAIN) and constraints.domains:
        domain = next(iter(constraints.domains))  # first domain
        if constraints.area_name:
            # domain in area
@@ -1565,7 +1565,7 @@ def _get_match_error_response(
        # domain only
        return ErrorKey.NO_DOMAIN, {"domain": domain}

-    if reason == intent.MatchFailedReason.DUPLICATE_NAME:
+    if reason is intent.MatchFailedReason.DUPLICATE_NAME:
        if constraints.floor_name:
            # duplicate on floor
            return ErrorKey.DUPLICATE_ENTITIES_IN_FLOOR, {
@@ -1582,26 +1582,26 @@ def _get_match_error_response(

        return ErrorKey.DUPLICATE_ENTITIES, {"entity": result.no_match_name}

-    if reason == intent.MatchFailedReason.INVALID_AREA:
+    if reason is intent.MatchFailedReason.INVALID_AREA:
        # Invalid area name
        return ErrorKey.NO_AREA, {"area": result.no_match_name}

-    if reason == intent.MatchFailedReason.INVALID_FLOOR:
+    if reason is intent.MatchFailedReason.INVALID_FLOOR:
        # Invalid floor name
        return ErrorKey.NO_FLOOR, {"floor": result.no_match_name}

-    if reason == intent.MatchFailedReason.FEATURE:
+    if reason is intent.MatchFailedReason.FEATURE:
        # Feature not supported by entity
        return ErrorKey.FEATURE_NOT_SUPPORTED, {}

-    if reason == intent.MatchFailedReason.STATE:
+    if reason is intent.MatchFailedReason.STATE:
        # Entity is not in correct state
        assert constraints.states
        state = next(iter(constraints.states))

        return ErrorKey.ENTITY_WRONG_STATE, {"state": state}

-    if reason == intent.MatchFailedReason.ASSISTANT:
+    if reason is intent.MatchFailedReason.ASSISTANT:
        # Not exposed
        if constraints.name:
            if constraints.area_name:
@@ -80,7 +80,7 @@ async def async_validate_device_automation_config(
    # the checks below which look for a config entry matching the device automation
    # domain
    if (
-        automation_type == DeviceAutomationType.ACTION
+        automation_type is DeviceAutomationType.ACTION
        and validated_config[CONF_DOMAIN] in ENTITY_PLATFORMS
    ):
        # Pass the unvalidated config to avoid mutating the raw config twice
@@ -1,11 +1,18 @@
 """Provide functionality to keep track of devices."""

+import asyncio
+from typing import Any
+
 from homeassistant.const import ATTR_GPS_ACCURACY, STATE_HOME  # noqa: F401
 from homeassistant.core import HomeAssistant
+from homeassistant.helpers import discovery
+from homeassistant.helpers.entity_component import EntityComponent
 from homeassistant.helpers.typing import ConfigType

 from .config_entry import (  # noqa: F401
+    DATA_COMPONENT,
    BaseScannerEntity,
+    BaseTrackerEntity,
    ScannerEntity,
    ScannerEntityDescription,
    TrackerEntity,
@@ -33,6 +40,8 @@ from .const import (  # noqa: F401
    DEFAULT_TRACK_NEW,
    DOMAIN,
    ENTITY_ID_FORMAT,
+    LOGGER,
+    PLATFORM_TYPE_LEGACY,
    SCAN_INTERVAL,
    SourceType,
 )
@@ -44,7 +53,9 @@ from .legacy import (  # noqa: F401
    SOURCE_TYPES,
    AsyncSeeCallback,
    DeviceScanner,
+    DeviceTracker,
    SeeCallback,
+    async_create_platform_type,
    async_setup_integration as async_setup_legacy_integration,
    see,
 )
@@ -57,5 +68,43 @@ def is_on(hass: HomeAssistant, entity_id: str) -> bool:

 async def async_setup(hass: HomeAssistant, config: ConfigType) -> bool:
    """Set up the device tracker."""
-    async_setup_legacy_integration(hass, config)
+    component = hass.data[DATA_COMPONENT] = EntityComponent[BaseTrackerEntity](
+        LOGGER, DOMAIN, hass, SCAN_INTERVAL
+    )
+    component.config = {}
+    component.register_shutdown()
+
+    # The tracker is loaded in the async_setup_legacy_integration task so
+    # we create a future to avoid waiting on it here so that only
+    # async_platform_discovered will have to wait in the rare event
+    # a custom component still uses the legacy device tracker discovery.
+    tracker_future: asyncio.Future[DeviceTracker] = hass.loop.create_future()
+
+    async def async_platform_discovered(
+        p_type: str, info: dict[str, Any] | None
+    ) -> None:
+        """Load a platform."""
+        platform = await async_create_platform_type(hass, config, p_type, {})
+
+        if platform is None:
+            return
+
+        if platform.type != PLATFORM_TYPE_LEGACY:
+            await component.async_setup_platform(p_type, {}, info)
+            return
+
+        tracker = await tracker_future
+        await platform.async_setup_legacy(hass, tracker, info)
+
+    discovery.async_listen_platform(hass, DOMAIN, async_platform_discovered)
+    #
+    # Legacy and platforms load in a non-awaited tracked task
+    # to ensure device tracker setup can continue and config
+    # entry integrations are not waiting for legacy device
+    # tracker platforms to be set up.
+    #
+    hass.async_create_task(
+        async_setup_legacy_integration(hass, config, tracker_future),
+        eager_start=True,
+    )
    return True
@@ -37,11 +37,7 @@ from homeassistant.const import (
 )
 from homeassistant.core import Event, HomeAssistant, ServiceCall, callback
 from homeassistant.exceptions import HomeAssistantError
-from homeassistant.helpers import (
-    config_validation as cv,
-    discovery,
-    entity_registry as er,
-)
+from homeassistant.helpers import config_validation as cv, entity_registry as er
 from homeassistant.helpers.event import (
    async_track_time_interval,
    async_track_utc_time_change,
@@ -204,40 +200,7 @@ def see(
    hass.services.call(DOMAIN, SERVICE_SEE, data)


-@callback
-def async_setup_integration(hass: HomeAssistant, config: ConfigType) -> None:
-    """Set up the legacy integration."""
-    # The tracker is loaded in the _async_setup_integration task so
-    # we create a future to avoid waiting on it here so that only
-    # async_platform_discovered will have to wait in the rare event
-    # a custom component still uses the legacy device tracker discovery.
-    tracker_future: asyncio.Future[DeviceTracker] = hass.loop.create_future()
-
-    async def async_platform_discovered(
-        p_type: str, info: dict[str, Any] | None
-    ) -> None:
-        """Load a platform."""
-        platform = await async_create_platform_type(hass, config, p_type, {})
-
-        if platform is None or platform.type != PLATFORM_TYPE_LEGACY:
-            return
-
-        tracker = await tracker_future
-        await platform.async_setup_legacy(hass, tracker, info)
-
-    discovery.async_listen_platform(hass, DOMAIN, async_platform_discovered)
-    #
-    # Legacy and platforms load in a non-awaited tracked task
-    # to ensure device tracker setup can continue and config
-    # entry integrations are not waiting for legacy device
-    # tracker platforms to be set up.
-    #
-    hass.async_create_task(
-        _async_setup_integration(hass, config, tracker_future), eager_start=True
-    )
-
-
-async def _async_setup_integration(
+async def async_setup_integration(
    hass: HomeAssistant,
    config: ConfigType,
    tracker_future: asyncio.Future[DeviceTracker],
@@ -261,7 +261,7 @@ class DlnaDmrEntity(MediaPlayerEntity):
        except KeyError, ValueError:
            bootid = None

-        if change == ssdp.SsdpChange.UPDATE:
+        if change is ssdp.SsdpChange.UPDATE:
            # This is an announcement that bootid is about to change
            if self._bootid is not None and self._bootid == bootid:
                # Store the new value (because our old value matches) so that we
@@ -281,7 +281,7 @@ class DlnaDmrEntity(MediaPlayerEntity):
                await self._device_disconnect()
        self._bootid = bootid

-        if change == ssdp.SsdpChange.BYEBYE:
+        if change is ssdp.SsdpChange.BYEBYE:
            # Device is going away
            if self._device:
                # Disconnect from gone device
@@ -290,7 +290,7 @@ class DlnaDmrEntity(MediaPlayerEntity):
            self._ssdp_connect_failed = False

        if (
-            change == ssdp.SsdpChange.ALIVE
+            change is ssdp.SsdpChange.ALIVE
            and not self._device
            and not self._ssdp_connect_failed
        ):
@@ -718,7 +718,7 @@ class DlnaDmrEntity(MediaPlayerEntity):

        # If already playing, or don't want to autoplay, no need to call Play
        autoplay = extra.get("autoplay", True)
-        if self._device.transport_state == TransportState.PLAYING or not autoplay:
+        if self._device.transport_state is TransportState.PLAYING or not autoplay:
            return

        # Play it
@@ -748,7 +748,7 @@ class DlnaDmrEntity(MediaPlayerEntity):
        if not (play_mode := self._device.play_mode):
            return None

-        if play_mode == PlayMode.VENDOR_DEFINED:
+        if play_mode is PlayMode.VENDOR_DEFINED:
            return None

        return play_mode in (PlayMode.SHUFFLE, PlayMode.RANDOM)
@@ -782,10 +782,10 @@ class DlnaDmrEntity(MediaPlayerEntity):
        if not (play_mode := self._device.play_mode):
            return None

-        if play_mode == PlayMode.VENDOR_DEFINED:
+        if play_mode is PlayMode.VENDOR_DEFINED:
            return None

-        if play_mode == PlayMode.REPEAT_ONE:
+        if play_mode is PlayMode.REPEAT_ONE:
            return RepeatMode.ONE

        if play_mode in (PlayMode.REPEAT_ALL, PlayMode.RANDOM):
@@ -236,7 +236,7 @@ class DmsDeviceSource:
        except KeyError, ValueError:
            bootid = None

-        if change == ssdp.SsdpChange.UPDATE:
+        if change is ssdp.SsdpChange.UPDATE:
            # This is an announcement that bootid is about to change
            if self._bootid is not None and self._bootid == bootid:
                # Store the new value (because our old value matches) so that we
@@ -258,7 +258,7 @@ class DmsDeviceSource:
                await self.device_disconnect()
        self._bootid = bootid

-        if change == ssdp.SsdpChange.BYEBYE:
+        if change is ssdp.SsdpChange.BYEBYE:
            # Device is going away
            if self._device:
                # Disconnect from gone device
@@ -267,7 +267,7 @@ class DmsDeviceSource:
            self._ssdp_connect_failed = False

        if (
-            change == ssdp.SsdpChange.ALIVE
+            change is ssdp.SsdpChange.ALIVE
            and not self._device
            and not self._ssdp_connect_failed
        ):
@@ -8,6 +8,12 @@
    },
    "step": {
      "user": {
+        "data": {
+          "download_dir": "Download directory"
+        },
+        "data_description": {
+          "download_dir": "The directory where downloaded files will be stored. This can be an absolute path or a path relative to the Home Assistant configuration directory."
+        },
        "description": "Select a location to get to store downloads. The setup will check if the directory exists."
      }
    }
@@ -15,6 +15,8 @@ _LOGGER = logging.getLogger(__name__)
 class EcobeeBaseEntity(Entity):
    """Base methods for Ecobee entities."""

+    _attr_has_entity_name = True
+
    def __init__(self, data: EcobeeData, thermostat_index: int) -> None:
        """Initiate base methods for Ecobee entities."""
        self.data = data
@@ -1,4 +1,11 @@
 {
+  "entity": {
+    "number": {
+      "fan_min_on_time": {
+        "default": "mdi:fan-clock"
+      }
+    }
+  },
  "services": {
    "create_vacation": {
      "service": "mdi:umbrella-beach"
@@ -24,7 +24,6 @@ class EcobeeNotifyEntity(EcobeeBaseEntity, NotifyEntity):
    """Implement the notification entity for the Ecobee thermostat."""

    _attr_name = None
-    _attr_has_entity_name = True

    def __init__(self, data: EcobeeData, thermostat_index: int) -> None:
        """Initialize the thermostat."""
@@ -74,6 +74,10 @@ async def async_setup_entry(
        )
    )

+    entities.extend(
+        EcobeeFanMinOnTime(data, index) for index in range(len(data.ecobee.thermostats))
+    )
+
    async_add_entities(entities, True)


@@ -86,7 +90,6 @@ class EcobeeVentilatorMinTime(EcobeeBaseEntity, NumberEntity):
    _attr_native_max_value = 60
    _attr_native_step = 5
    _attr_native_unit_of_measurement = UnitOfTime.MINUTES
-    _attr_has_entity_name = True

    def __init__(
        self,
@@ -130,7 +133,6 @@ class EcobeeCompressorMinTemp(EcobeeBaseEntity, NumberEntity):
    """

    _attr_device_class = NumberDeviceClass.TEMPERATURE
-    _attr_has_entity_name = True
    _attr_icon = "mdi:thermometer-off"
    _attr_mode = NumberMode.BOX
    _attr_native_min_value = -25
@@ -165,3 +167,39 @@ class EcobeeCompressorMinTemp(EcobeeBaseEntity, NumberEntity):
        """Set new compressor minimum temperature."""
        self.data.ecobee.set_aux_cutover_threshold(self.thermostat_index, value)
        self.update_without_throttle = True
+
+
+class EcobeeFanMinOnTime(EcobeeBaseEntity, NumberEntity):
+    """Minimum minutes per hour that the fan must run on an ecobee thermostat."""
+
+    _attr_native_min_value = 0
+    _attr_native_max_value = 60
+    _attr_native_step = 5
+    _attr_native_unit_of_measurement = UnitOfTime.MINUTES
+    _attr_translation_key = "fan_min_on_time"
+
+    def __init__(
+        self,
+        data: EcobeeData,
+        thermostat_index: int,
+    ) -> None:
+        """Initialize ecobee fan minimum on time."""
+        super().__init__(data, thermostat_index)
+        self._attr_unique_id = f"{self.base_unique_id}_fan_min_on_time"
+        self.update_without_throttle = False
+
+    async def async_update(self) -> None:
+        """Get the latest state from the thermostat."""
+        if self.update_without_throttle:
+            await self.data.update(no_throttle=True)
+            self.update_without_throttle = False
+        else:
+            await self.data.update()
+        self._attr_native_value = self.thermostat["settings"]["fanMinOnTime"]
+
+    def set_native_value(self, value: float) -> None:
+        """Set new fan minimum on time value."""
+        step = self._attr_native_step
+        aligned_value = int(round(value / step) * step)
+        self.data.ecobee.set_fan_min_on_time(self.thermostat_index, aligned_value)
+        self.update_without_throttle = True
@@ -37,6 +37,9 @@
      "compressor_protection_min_temp": {
        "name": "Compressor minimum temperature"
      },
+      "fan_min_on_time": {
+        "name": "Fan minimum on time"
+      },
      "ventilator_min_type_away": {
        "name": "Ventilator minimum time away"
      },
@@ -53,7 +53,6 @@ async def async_setup_entry(
 class EcobeeVentilator20MinSwitch(EcobeeBaseEntity, SwitchEntity):
    """Represent 20 min timer for an ecobee thermostat with ventilator."""

-    _attr_has_entity_name = True
    _attr_name = "Ventilator 20m Timer"

    def __init__(
@@ -104,7 +103,6 @@ class EcobeeVentilator20MinSwitch(EcobeeBaseEntity, SwitchEntity):
 class EcobeeSwitchAuxHeatOnly(EcobeeBaseEntity, SwitchEntity):
    """Representation of a aux_heat_only ecobee switch."""

-    _attr_has_entity_name = True
    _attr_translation_key = "aux_heat_only"

    def __init__(
@@ -353,6 +353,7 @@ class EcovacsVacuum(
            if self._capability.clean.action.area is None:
                info = self._device.device_info
                name = info.get("nick", info["name"])
+                # pylint: disable-next=home-assistant-exception-translation-key-missing
                raise ServiceValidationError(
                    translation_domain=DOMAIN,
                    translation_key="vacuum_send_command_area_not_supported",
@@ -31,6 +31,7 @@ class EkeyEvent(EventEntity):

    _attr_device_class = EventDeviceClass.BUTTON
    _attr_event_types = ["event happened"]
+    _attr_has_entity_name = True

    def __init__(
        self,
@@ -150,9 +150,9 @@ class ElevenLabsSTTEntity(SpeechToTextEntity):

        raw_pcm_compatible = (
            metadata.codec == AudioCodecs.PCM
-            and metadata.sample_rate == AudioSampleRates.SAMPLERATE_16000
-            and metadata.channel == AudioChannels.CHANNEL_MONO
-            and metadata.bit_rate == AudioBitRates.BITRATE_16
+            and metadata.sample_rate is AudioSampleRates.SAMPLERATE_16000
+            and metadata.channel is AudioChannels.CHANNEL_MONO
+            and metadata.bit_rate is AudioBitRates.BITRATE_16
        )
        if raw_pcm_compatible:
            file_format = "pcm_s16le_16"
@@ -50,5 +50,5 @@ class ElkBinarySensor(ElkAttachedEntity, BinarySensorEntity):
    def _element_changed(self, element: Element, changeset: dict[str, Any]) -> None:
        # Zone in NORMAL state is OFF; any other state is ON
        self._attr_is_on = bool(
-            self._element.logical_status != ZoneLogicalStatus.NORMAL
+            self._element.logical_status is not ZoneLogicalStatus.NORMAL
        )
@@ -104,7 +104,7 @@ class ElkThermostat(ElkEntity, ClimateEntity):
            ThermostatMode.EMERGENCY_HEAT,
        ):
            return self._element.heat_setpoint
-        if self._element.mode == ThermostatMode.COOL:
+        if self._element.mode is ThermostatMode.COOL:
            return self._element.cool_setpoint
        return None

@@ -162,6 +162,6 @@ class ElkThermostat(ElkEntity, ClimateEntity):
            self._attr_hvac_mode = ELK_TO_HASS_HVAC_MODES[self._element.mode]
            if (
                self._attr_hvac_mode == HVACMode.OFF
-                and self._element.fan == ThermostatFan.ON
+                and self._element.fan is ThermostatFan.ON
            ):
                self._attr_hvac_mode = HVACMode.FAN_ONLY
@@ -56,7 +56,7 @@ class ElkNumberSetting(ElkAttachedEntity, NumberEntity):
    def __init__(self, element: Setting, elk: Any, elk_data: ELKM1Data) -> None:
        """Initialize the number setting."""
        super().__init__(element, elk, elk_data)
-        if element.value_format == SettingFormat.TIMER:
+        if element.value_format is SettingFormat.TIMER:
            self._attr_device_class = NumberDeviceClass.DURATION
            self._attr_native_unit_of_measurement = UnitOfTime.SECONDS

@@ -75,7 +75,7 @@ async def async_setup_entry(
    for setting in elk.settings:
        setting = cast(Setting, setting)
        domain = (
-            "time" if setting.value_format == SettingFormat.TIME_OF_DAY else "number"
+            "time" if setting.value_format is SettingFormat.TIME_OF_DAY else "number"
        )

        orig_unique_id = generate_unique_id(elk_data.prefix, setting)
@@ -288,7 +288,7 @@ class ElkZone(ElkSensor):
    @property
    def temperature_unit(self) -> str | None:
        """Return the temperature unit."""
-        if self._element.definition == ZoneType.TEMPERATURE:
+        if self._element.definition is ZoneType.TEMPERATURE:
            return self._temperature_unit
        return None

@@ -305,18 +305,18 @@ class ElkZone(ElkSensor):
    @property
    def native_unit_of_measurement(self) -> str | None:
        """Return the unit of measurement."""
-        if self._element.definition == ZoneType.TEMPERATURE:
+        if self._element.definition is ZoneType.TEMPERATURE:
            return self._temperature_unit
-        if self._element.definition == ZoneType.ANALOG_ZONE:
+        if self._element.definition is ZoneType.ANALOG_ZONE:
            return UnitOfElectricPotential.VOLT
        return None

    def _element_changed(self, element: Element, changeset: dict[str, Any]) -> None:
-        if self._element.definition == ZoneType.TEMPERATURE:
+        if self._element.definition is ZoneType.TEMPERATURE:
            self._attr_native_value = temperature_to_state(
                self._element.temperature, UNDEFINED_TEMPERATURE
            )
-        elif self._element.definition == ZoneType.ANALOG_ZONE:
+        elif self._element.definition is ZoneType.ANALOG_ZONE:
            self._attr_native_value = f"{self._element.voltage}"
        else:
            self._attr_native_value = pretty_const(self._element.logical_status.name)
@@ -66,7 +66,7 @@ class ElkThermostatEMHeat(ElkEntity, SwitchEntity):
    @property
    def is_on(self) -> bool:
        """Get the current emergency heat status."""
-        return self._element.mode == ThermostatMode.EMERGENCY_HEAT
+        return self._element.mode is ThermostatMode.EMERGENCY_HEAT

    def _elk_set(self, mode: ThermostatMode) -> None:
        """Set the thermostat mode."""
@@ -30,7 +30,7 @@ async def async_setup_entry(
    time_settings = [
        setting
        for setting in cast(list[Setting], elk.settings)
-        if setting.value_format == SettingFormat.TIME_OF_DAY
+        if setting.value_format is SettingFormat.TIME_OF_DAY
    ]

    create_elk_entities(
@@ -88,7 +88,7 @@ rules:
  entity-translations:
    status: exempt
    comment: This integration does not create its own entities.
-  exception-translations: done
+  exception-translations: todo
  icon-translations:
    status: exempt
    comment: This integration does not create its own entities.
@@ -96,7 +96,7 @@ def __get_coordinator(call: ServiceCall) -> EnergyZeroDataUpdateCoordinator:
                "config_entry": entry_id,
            },
        )
-    if entry.state != ConfigEntryState.LOADED:
+    if entry.state is not ConfigEntryState.LOADED:
        raise ServiceValidationError(
            translation_domain=DOMAIN,
            translation_key="unloaded_config_entry",
@@ -125,7 +125,7 @@ async def __get_prices(

    data: Electricity | Gas

-    if price_type == PriceType.GAS:
+    if price_type is PriceType.GAS:
        data = await coordinator.energyzero.get_gas_prices_legacy(
            start_date=start,
            end_date=end,
@@ -364,6 +364,7 @@ class ESPHomeManager:
                    response_dict = {"response": response}

                except TemplateError as ex:
+                    # pylint: disable-next=home-assistant-exception-not-translated
                    raise HomeAssistantError(
                        f"Error rendering response template: {ex}"
                    ) from ex
@@ -17,7 +17,7 @@
  "mqtt": ["esphome/discover/#"],
  "quality_scale": "platinum",
  "requirements": [
-    "aioesphomeapi==45.0.2",
+    "aioesphomeapi==45.0.4",
    "esphome-dashboard-api==1.3.0",
    "bleak-esphome==3.7.3"
  ],
@@ -24,7 +24,7 @@ async def async_setup_entry(hass: HomeAssistant, entry: FastdotcomConfigEntry) -

    async def _async_finish_startup(hass: HomeAssistant) -> None:
        """Run this only when HA has finished its startup."""
-        if entry.state == ConfigEntryState.LOADED:
+        if entry.state is ConfigEntryState.LOADED:
            await coordinator.async_refresh()
        else:
            await coordinator.async_config_entry_first_refresh()
@@ -284,7 +284,7 @@ class FishAudioSubentryFlowHandler(ConfigSubentryFlow):
    ) -> SubentryFlowResult:
        """Manage initial options."""
        entry = self._get_entry()
-        if entry.state != ConfigEntryState.LOADED:
+        if entry.state is not ConfigEntryState.LOADED:
            return self.async_abort(reason="entry_not_loaded")

        self.client = entry.runtime_data
@@ -509,14 +509,12 @@ FITBIT_RESOURCE_BATTERY = FitbitSensorEntityDescription(
    icon="mdi:battery",
    scope=FitbitScope.DEVICE,
    entity_category=EntityCategory.DIAGNOSTIC,
-    has_entity_name=True,
 )
 FITBIT_RESOURCE_BATTERY_LEVEL = FitbitSensorEntityDescription(
    key="devices/battery_level",
    translation_key="battery_level",
    scope=FitbitScope.DEVICE,
    entity_category=EntityCategory.DIAGNOSTIC,
-    has_entity_name=True,
    device_class=SensorDeviceClass.BATTERY,
    native_unit_of_measurement=PERCENTAGE,
 )
@@ -654,6 +652,7 @@ class FitbitBatterySensor(CoordinatorEntity[FitbitDeviceCoordinator], SensorEnti

    entity_description: FitbitSensorEntityDescription
    _attr_attribution = ATTRIBUTION
+    _attr_has_entity_name = True

    def __init__(
        self,
@@ -713,6 +712,7 @@ class FitbitBatteryLevelSensor(
    """Implementation of a Fitbit battery level sensor."""

    entity_description: FitbitSensorEntityDescription
+    _attr_has_entity_name = True
    _attr_attribution = ATTRIBUTION

    def __init__(
@@ -109,7 +109,7 @@ def setup_service(hass: HomeAssistant) -> None:
        entry: FlumeConfigEntry | None = hass.config_entries.async_get_entry(entry_id)
        if not entry:
            raise ValueError(f"Invalid config entry: {entry_id}")
-        if not entry.state == ConfigEntryState.LOADED:
+        if entry.state is not ConfigEntryState.LOADED:
            raise ValueError(f"Config entry not loaded: {entry_id}")
        return {
            "notifications": entry.runtime_data.notifications_coordinator.notifications  # type: ignore[dict-item]
@@ -136,7 +136,7 @@ class FluxLedConfigFlow(ConfigFlow, domain=DOMAIN):
                    ConfigEntryState.SETUP_IN_PROGRESS,
                    ConfigEntryState.NOT_LOADED,
                )
-            ) or entry.state == ConfigEntryState.SETUP_RETRY:
+            ) or entry.state is ConfigEntryState.SETUP_RETRY:
                self.hass.config_entries.async_schedule_reload(entry.entry_id)
            else:
                async_dispatcher_send(
@@ -51,7 +51,7 @@ async def async_setup_entry(
    entry.data.get(CONF_NAME, entry.title)
    base_unique_id = entry.unique_id or entry.entry_id

-    if device.device_type == DeviceType.Switch:
+    if device.device_type is DeviceType.Switch:
        entities.append(FluxPowerStateSelect(coordinator.device, entry))
    if device.operating_modes:
        entities.append(
@@ -32,7 +32,7 @@ async def async_setup_entry(
    entities: list[FluxSwitch | FluxRemoteAccessSwitch | FluxMusicSwitch] = []
    base_unique_id = entry.unique_id or entry.entry_id

-    if coordinator.device.device_type == DeviceType.Switch:
+    if coordinator.device.device_type is DeviceType.Switch:
        entities.append(FluxSwitch(coordinator, base_unique_id, None))

    if entry.data.get(CONF_REMOTE_ACCESS_HOST):
@@ -9,7 +9,12 @@ from homeassistant.components.sensor import (
    SensorEntityDescription,
    SensorStateClass,
 )
-from homeassistant.const import PERCENTAGE, UnitOfDataRate, UnitOfTemperature
+from homeassistant.const import (
+    PERCENTAGE,
+    EntityCategory,
+    UnitOfDataRate,
+    UnitOfTemperature,
+)
 from homeassistant.core import HomeAssistant, callback
 from homeassistant.helpers.device_registry import DeviceInfo
 from homeassistant.helpers.dispatcher import async_dispatcher_connect
@@ -45,6 +50,7 @@ CALL_SENSORS: tuple[SensorEntityDescription, ...] = (
        translation_key="missed",
        native_unit_of_measurement="calls",
        state_class=SensorStateClass.MEASUREMENT,
+        entity_category=EntityCategory.DIAGNOSTIC,
    ),
 )

@@ -53,6 +59,7 @@ DISK_PARTITION_SENSORS: tuple[SensorEntityDescription, ...] = (
        key="partition_free_space",
        translation_key="partition_free_space",
        native_unit_of_measurement=PERCENTAGE,
+        entity_category=EntityCategory.DIAGNOSTIC,
    ),
 )

@@ -80,6 +87,7 @@ async def async_setup_entry(
                native_unit_of_measurement=UnitOfTemperature.CELSIUS,
                device_class=SensorDeviceClass.TEMPERATURE,
                state_class=SensorStateClass.MEASUREMENT,
+                entity_category=EntityCategory.DIAGNOSTIC,
            ),
        )
        for sensor_id, sensor_name in router.sensors_temperature_names.items()
@@ -6,7 +6,6 @@ from typing import Any
 from freebox_api.exceptions import InsufficientPermissionsError

 from homeassistant.components.switch import SwitchEntity, SwitchEntityDescription
-from homeassistant.const import EntityCategory
 from homeassistant.core import HomeAssistant
 from homeassistant.helpers.entity_platform import AddConfigEntryEntitiesCallback

@@ -19,7 +18,6 @@ SWITCH_DESCRIPTIONS = [
    SwitchEntityDescription(
        key="wifi",
        translation_key="wifi",
-        entity_category=EntityCategory.CONFIG,
    )
 ]

@@ -63,7 +63,7 @@ rules:
    comment: |
      This integration does not have many entities. All of them are fundamental.
  entity-translations: done
-  exception-translations: done
+  exception-translations: todo
  icon-translations: done
  reconfiguration-flow: done
  repair-issues: todo
@@ -61,13 +61,20 @@ async def async_setup_entry(hass: HomeAssistant, entry: FritzConfigEntry) -> boo
    except FRITZ_AUTH_EXCEPTIONS as ex:
        raise ConfigEntryAuthFailed from ex
    except FRITZ_EXCEPTIONS as ex:
-        raise ConfigEntryNotReady from ex
+        raise ConfigEntryNotReady(
+            translation_domain=DOMAIN,
+            translation_key="error_connecting",
+            translation_placeholders={"error": str(ex)},
+        ) from ex

    if (
        "X_AVM-DE_UPnP1" in avm_wrapper.connection.services
        and not (await avm_wrapper.async_get_upnp_configuration())["NewEnable"]
    ):
-        raise ConfigEntryAuthFailed("Missing UPnP configuration")
+        raise ConfigEntryNotReady(
+            translation_domain=DOMAIN,
+            translation_key="error_upnp_disabled",
+        )

    await avm_wrapper.async_config_entry_first_refresh()

@@ -185,12 +185,18 @@
    "config_entry_not_found": {
      "message": "Failed to perform action \"{service}\". Config entry for target not found"
    },
+    "error_connecting": {
+      "message": "Error connecting to the FRITZ!Box: {error}"
+    },
    "error_parse_device_info": {
      "message": "Error parsing device info. Please check the system event log of your FRITZ!Box for malformed data and clear the event list."
    },
    "error_refresh_hosts_info": {
      "message": "Error refreshing hosts info"
    },
+    "error_upnp_disabled": {
+      "message": "UPnP is disabled on the FRITZ!Box. Please enable UPnP to use this integration."
+    },
    "service_dial_failed": {
      "message": "Failed to dial, check if the click to dial service of the FRITZ!Box is activated"
    },
@@ -200,9 +206,6 @@
    "service_parameter_unknown": {
      "message": "Action or parameter unknown"
    },
-    "unable_to_connect": {
-      "message": "Unable to establish a connection"
-    },
    "update_failed": {
      "message": "Error while updating the data: {error}"
    }
@@ -438,6 +438,7 @@ class FritzBoxBaseSwitch(FritzBoxBaseEntity, SwitchEntity):
        self._attr_is_on = turn_on


+# pylint: disable-next=home-assistant-missing-has-entity-name
 class FritzBoxPortSwitch(FritzBoxBaseSwitch):
    """Defines a FRITZ!Box Tools PortForward switch."""

@@ -604,6 +605,7 @@ class FritzBoxProfileSwitch(FritzBoxBaseCoordinatorSwitch):
        self.async_write_ha_state()


+# pylint: disable-next=home-assistant-missing-has-entity-name
 class FritzBoxWifiSwitch(FritzBoxBaseSwitch):
    """Defines a FRITZ!Box Tools Wifi switch."""

@@ -212,7 +212,7 @@ class FroniusSolarNet:
                inverter_info=_inverter_info,
                config_entry=self.config_entry,
            )
-            if self.config_entry.state == ConfigEntryState.LOADED:
+            if self.config_entry.state is ConfigEntryState.LOADED:
                await _coordinator.async_refresh()
            else:
                await _coordinator.async_config_entry_first_refresh()
@@ -220,7 +220,7 @@ class FroniusSolarNet:

            # Only for re-scans. Initial setup adds entities
            # through sensor.async_setup_entry
-            if self.config_entry.state == ConfigEntryState.LOADED:
+            if self.config_entry.state is ConfigEntryState.LOADED:
                async_dispatcher_send(self.hass, SOLAR_NET_DISCOVERY_NEW, _coordinator)

            _LOGGER.debug(
@@ -235,7 +235,7 @@ class FroniusSolarNet:
        try:
            _inverter_info = await self.fronius.inverter_info()
        except FroniusError as err:
-            if self.config_entry.state == ConfigEntryState.LOADED:
+            if self.config_entry.state is ConfigEntryState.LOADED:
                # During a re-scan we will attempt again as per schedule.
                _LOGGER.debug("Re-scan failed for %s", self.host)
                return inverter_infos
@@ -42,7 +42,7 @@ async def _collect_coordinators(
            raise HomeAssistantError(f"Device '{target}' not found in device registry")
    coordinators = list[FullyKioskDataUpdateCoordinator]()
    for config_entry in config_entries:
-        if config_entry.state != ConfigEntryState.LOADED:
+        if config_entry.state is not ConfigEntryState.LOADED:
            raise HomeAssistantError(f"{config_entry.title} is not loaded")
        coordinators.append(config_entry.runtime_data)
    return coordinators
@@ -75,7 +75,7 @@ async def async_setup_entry(

    mfg_data = await async_get_manufacturer_data({address})
    product_type = mfg_data[address].product_type
-    if product_type == ProductType.UNKNOWN:
+    if product_type is ProductType.UNKNOWN:
        raise ConfigEntryNotReady("Unable to find product type")

    client = Client(get_connection(hass, address), product_type)
@@ -8,5 +8,5 @@
  "iot_class": "cloud_polling",
  "loggers": ["aioghost"],
  "quality_scale": "gold",
-  "requirements": ["aioghost==0.4.0"]
+  "requirements": ["aioghost==0.4.16"]
 }
@@ -143,7 +143,7 @@ def _get_entity_descriptions(
        local_sync = True
        if (
            search := data.get(CONF_SEARCH)
-        ) or calendar_item.access_role == AccessRole.FREE_BUSY_READER:
+        ) or calendar_item.access_role is AccessRole.FREE_BUSY_READER:
            read_only = True
            local_sync = False
        entity_description = GoogleCalendarEntityDescription(
@@ -386,14 +386,14 @@ class GoogleCalendarEntity(
        """Return True if the event is visible and not declined."""

        if any(
-            attendee.is_self and attendee.response_status == ResponseStatus.DECLINED
+            attendee.is_self and attendee.response_status is ResponseStatus.DECLINED
            for attendee in event.attendees
        ):
            return False
        # Calendar enttiy may be limited to a specific event type
        if (
            self.entity_description.event_type is not None
-            and self.entity_description.event_type != event.event_type
+            and self.entity_description.event_type is not event.event_type
        ):
            return False
        # Default calendar entity omits the special types but includes all the others
@@ -247,7 +247,7 @@ class LocationSubentryFlowHandler(ConfigSubentryFlow):
        user_input: dict[str, Any] | None = None,
    ) -> SubentryFlowResult:
        """Handle the location step."""
-        if self._get_entry().state != ConfigEntryState.LOADED:
+        if self._get_entry().state is not ConfigEntryState.LOADED:
            return self.async_abort(reason="entry_not_loaded")

        errors: dict[str, str] = {}
@@ -100,6 +100,7 @@ class GoogleDriveBackupAgent(BackupAgent):
        try:
            await self._client.async_upload_backup(wrapped_open_stream, backup)
        except (GoogleDriveApiError, HomeAssistantError, TimeoutError) as err:
+            # pylint: disable-next=home-assistant-exception-not-translated
            raise BackupAgentError(f"Failed to upload backup: {err}") from err

    async def async_list_backups(self, **kwargs: Any) -> list[AgentBackup]:
@@ -107,6 +108,7 @@ class GoogleDriveBackupAgent(BackupAgent):
        try:
            return await self._client.async_list_backups()
        except (GoogleDriveApiError, HomeAssistantError, TimeoutError) as err:
+            # pylint: disable-next=home-assistant-exception-not-translated
            raise BackupAgentError(f"Failed to list backups: {err}") from err

    async def async_get_backup(
@@ -119,6 +121,7 @@ class GoogleDriveBackupAgent(BackupAgent):
        for backup in backups:
            if backup.backup_id == backup_id:
                return backup
+        # pylint: disable-next=home-assistant-exception-not-translated
        raise BackupNotFound(f"Backup {backup_id} not found")

    async def async_download_backup(
@@ -139,7 +142,9 @@ class GoogleDriveBackupAgent(BackupAgent):
                stream = await self._client.async_download(file_id)
                return ChunkAsyncStreamIterator(stream)
        except (GoogleDriveApiError, HomeAssistantError, TimeoutError) as err:
+            # pylint: disable-next=home-assistant-exception-not-translated
            raise BackupAgentError(f"Failed to download backup: {err}") from err
+        # pylint: disable-next=home-assistant-exception-not-translated
        raise BackupNotFound(f"Backup {backup_id} not found")

    async def async_delete_backup(
@@ -160,5 +165,7 @@ class GoogleDriveBackupAgent(BackupAgent):
                _LOGGER.debug("Deleted backup_id: %s", backup_id)
                return
        except (GoogleDriveApiError, HomeAssistantError, TimeoutError) as err:
+            # pylint: disable-next=home-assistant-exception-not-translated
            raise BackupAgentError(f"Failed to delete backup: {err}") from err
+        # pylint: disable-next=home-assistant-exception-not-translated
        raise BackupNotFound(f"Backup {backup_id} not found")
@@ -225,7 +225,7 @@ class LLMSubentryFlowHandler(ConfigSubentryFlow):
    ) -> SubentryFlowResult:
        """Set conversation options."""
        # abort if entry is not loaded
-        if self._get_entry().state != ConfigEntryState.LOADED:
+        if self._get_entry().state is not ConfigEntryState.LOADED:
            return self.async_abort(reason="entry_not_loaded")

        errors: dict[str, str] = {}
@@ -754,7 +754,7 @@ async def async_prepare_files_for_prompt(
                config={"http_options": {"timeout": TIMEOUT_MILLIS}},
            )

-        if uploaded_file.state == FileState.FAILED:
+        if uploaded_file.state is FileState.FAILED:
            raise HomeAssistantError(
                f"File `{uploaded_file.name}` processing"
                " failed, reason:"
@@ -766,7 +766,7 @@ async def async_prepare_files_for_prompt(
    tasks = [
        asyncio.create_task(wait_for_file_processing(part))
        for part in prompt_parts
-        if part.state != FileState.ACTIVE
+        if part.state is not FileState.ACTIVE
    ]
    async with asyncio.timeout(TIMEOUT_MILLIS / 1000):
        await asyncio.gather(*tasks)
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Ingo Fischer	d656ce62a2	Bump matter-python-client to 0.7.1 Includes Matter cluster definitions for Matter 1.5.1 (0.6.0 shipped Matter 1.4.2).	2026-05-21 20:58:54 +02:00
Lukas	e3dd6b5fc5	Fix hardcoded exception strings in pooldose integration (#171652 ) Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>	2026-05-21 20:36:17 +02:00
Ariel Ebersberger	94d620438b	Use `is`/`is not` for same-enum identity comparisons (source) (#171591 )	2026-05-21 19:30:55 +02:00
Erik Montnemery	8867b792dc	Remove use of advanced mode from the zha integration (#171753 )	2026-05-21 19:26:24 +02:00
G Johansson	97967abfeb	Fix missing string in smhi (#171756 )	2026-05-21 19:25:03 +02:00
mhuiskes	af8fea272d	Declare Bronze quality scale for Zeversolar integration (#170410 )	2026-05-21 19:12:54 +02:00
Simone Chemelli	2db0eed570	Fix hardcoded exception strings in samsungtv (#171745 )	2026-05-21 18:59:37 +02:00
Erwin Douna	ded1628c20	Downloader add missing data description (#171727 )	2026-05-21 18:59:24 +02:00
Petro31	a02e54f332	Update documentation link to point to each domain/platform (#171734 ) Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>	2026-05-21 18:47:39 +02:00
Erik Montnemery	1858649bc7	Improve tests of trigger variables (#171742 )	2026-05-21 17:55:41 +02:00
Leonardo Merza	109e09c3ec	Add fan minimum on time number entity to ecobee (#171419 ) Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>	2026-05-21 17:53:02 +02:00
Manu	ad139b259b	Add notify entity to System Bridge integration (#171736 ) Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>	2026-05-21 17:49:25 +02:00
Scott Giminiani	a1a76874fd	Fix name of config flow form field (#171741 )	2026-05-21 17:33:53 +02:00
Ariel Ebersberger	e7bd56325b	Use `is` for IntentResponseType identity check in conversation (#171699 ) Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: arturpragacz <49985303+arturpragacz@users.noreply.github.com>	2026-05-21 17:31:14 +02:00
J. Nick Koston	ef2ef0c8ba	Bump zeroconf to 0.149.16 (#171737 )	2026-05-21 17:28:26 +02:00
Max Michels	a8381e923a	Replace duplicate constants with homeassistant.const imports (#171675 )	2026-05-21 17:13:31 +02:00
Max Michels	b7adba559b	Replace duplicate constants with homeassistant.const imports (#171677 )	2026-05-21 17:13:20 +02:00
Matthias Alphart	5cf6dceb04	Normalize empty string to None in knx config flow (#171693 )	2026-05-21 17:13:11 +02:00
Paul Bottein	975bcc5431	Reorganize Freebox entity categories (#171480 )	2026-05-21 16:55:27 +02:00
Michael Barrett	f24a44e81f	Update aioghost to 0.4.16 (#171690 )	2026-05-21 16:53:45 +02:00
Phil-Rad	43c91843cd	Remove unreachable import config flow path from cert_expiry (#171733 )	2026-05-21 16:50:49 +02:00
Chris	dbce1d328a	Bump python-openevse-http to 0.3.4 (#171621 )	2026-05-21 16:46:54 +02:00
Petro31	d294b04b79	Add EntityComponent to device_tracker (#171507 )	2026-05-21 16:10:20 +02:00
Markus Tuominen	8b0e9060b3	Set _attr_has_entity_name on tplink_omada OmadaClientScannerEntity (#171680 )	2026-05-21 16:41:37 +03:00
MoonDevLT	39066b6e3a	Fix missing exceptions translation key `missing_device_info` in lunatone (#171569 )	2026-05-21 14:59:48 +02:00
Max Michels	a23a9b350b	Replace duplicate constants with homeassistant.const imports (#171701 )	2026-05-21 14:57:58 +02:00
chiro79	fdaa807ca8	Switch to aiopvpc-ng (#171025 )	2026-05-21 14:54:23 +02:00
A. Gideonse	f290dcc03f	Update Indevolt integration quality scale to platinum (#170320 )	2026-05-21 14:53:06 +02:00
Markus Tuominen	654408cc76	Set _attr_has_entity_name on sonos SonosFavoritesEntity (#171678 )	2026-05-21 13:42:21 +02:00
Max Michels	1f814faad8	Replace duplicate constants with homeassistant.const imports (#171702 )	2026-05-21 13:36:14 +02:00
Markus Tuominen	6e00eecfcd	Set _attr_has_entity_name on lunatone LunatoneLineBroadcastLight (#171682 )	2026-05-21 13:19:42 +02:00
Robert Resch	8c8620c511	Add check requirements yanked and CVE check (#171641 ) Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Co-authored-by: Martin Hjelmare <marhje52@gmail.com>	2026-05-21 12:54:15 +02:00
Wendelin	cca8825ca5	Add comment optional attribute to automation items (#171091 )	2026-05-21 12:52:54 +02:00
Max Michels	92fbcc29a5	Replace duplicate constants with homeassistant.const imports (#171700 )	2026-05-21 12:51:19 +02:00
Shay Levy	1c28833f39	Fix LG WebOS TV translation placeholders mismatches (#171696 )	2026-05-21 13:33:36 +03:00
Christian Lackas	cfdef77222	homematicip_cloud: migrate entity names to has_entity_name (#169273 )	2026-05-21 12:29:43 +02:00
epenet	49720475da	Bump renault-api to 0.5.10 (#171692 )	2026-05-21 12:16:29 +02:00
Markus Tuominen	7967b84cc6	Set _attr_has_entity_name on omie OMIEPriceSensor (#171671 )	2026-05-21 12:14:03 +02:00
Markus Tuominen	c715557813	Set _attr_has_entity_name on smartthings SmartThingsScene (#171672 )	2026-05-21 12:10:06 +02:00
Markus Tuominen	79e5330782	Set _attr_has_entity_name on ekeybionyx EkeyEvent (#171668 )	2026-05-21 12:03:01 +02:00
Max Michels	5210ca64b1	Replace duplicate constants with homeassistant.const imports (#171669 )	2026-05-21 12:02:12 +02:00
Markus Tuominen	65283e3d77	Set _attr_has_entity_name on fitbit battery sensors (#171670 )	2026-05-21 12:01:27 +02:00
mhuiskes	427cb9f8db	Remove unnecessary intermediate variables in zeversolar diagnostics (#171691 )	2026-05-21 11:55:34 +02:00
Erik Montnemery	a09e042d42	Add test of FlowHandler show_advanced_options property (#171681 )	2026-05-21 11:47:42 +02:00
Shay Levy	072e9b51a2	Fix Shelly translation placeholders mismatches (#171685 )	2026-05-21 11:47:20 +02:00
Erik Montnemery	b96342c4f3	Remove use of advanced mode from the knx integration (#171674 )	2026-05-21 11:26:22 +02:00
Erik Montnemery	56eae8c808	Fix min value for music_assistant.get_library offset (#171664 )	2026-05-21 10:25:08 +02:00
Erik Montnemery	9fbdf86104	Rename advanced options section to additional options in opendisplay service actions (#171452 )	2026-05-21 10:18:31 +02:00
Jan Bouwhuis	8ff5da59c4	Fix hardcoded exception strings in incomfort (#171616 )	2026-05-21 10:09:04 +02:00
Andres Ruiz	298f4f8ed0	Remove National Grid US virtual integration (#171204 )	2026-05-21 09:53:59 +02:00
Willem-Jan van Rootselaar	6fdc0bb90b	Fix bsblan set data error translation (#171529 )	2026-05-21 09:51:54 +02:00
Mick Vleeshouwer	94c3ad2cb2	Bump pyOverkiz to 1.20.4 (#171626 )	2026-05-21 09:50:54 +02:00
Martin Hjelmare	d83d44648c	Fix Home Connect exception translation placeholder mismatch (#171655 )	2026-05-21 09:38:22 +02:00
Erik Montnemery	279b614b7c	Remove advanced mode from music_assistant service actions (#171451 )	2026-05-21 09:35:48 +02:00
Erik Montnemery	244dfe014a	Remove advanced mode from mqtt service actions (#171448 ) Co-authored-by: Jan Bouwhuis <jbouwh@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>	2026-05-21 09:33:10 +02:00
Markus Tuominen	6b379e50cf	Add has-entity-name pylint quality scale checker (#171486 )	2026-05-21 10:21:06 +03:00
epenet	1368cd15da	Remove myself from samsungtv code-owners (#171654 )	2026-05-21 08:54:59 +02:00
Franck Nijhof	8c8cc3acb9	Fix habitica ignoring zero values for interval and streak (#171468 )	2026-05-21 08:06:08 +02:00
Franck Nijhof	b0634bea35	Fix SmartThings crash when timestamp attribute is None (#171467 )	2026-05-21 08:05:42 +02:00
Raphael Hehl	5ae31cad6f	Fix unifiprotect exception translations (#171510 ) (#171619 ) Co-authored-by: RaHehl <rahehl@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>	2026-05-21 08:04:21 +02:00
Brandon Rothweiler	b45aaaa177	Update py-aosmith to 1.0.18 (#171647 )	2026-05-21 07:42:07 +02:00
Jan-Philipp Benecke	6560496440	Add missing WebDAV exception translation (#171614 )	2026-05-20 20:46:31 -04:00
Erwin Douna	489dda8efb	SMA refactor to new pylint (#171630 )	2026-05-20 20:45:39 -04:00
Alexey Masolov	30c942d139	Catch requests.Timeout and apply TIMEOUT constant across CalDAV integration (#171632 ) Co-authored-by: Cursor <cursoragent@cursor.com>	2026-05-20 20:45:08 -04:00
On Freund	c735e47e23	Bump pyrisco to 0.7.0 (#171644 )	2026-05-20 20:42:29 -04:00
Robert Resch	3856405c72	Add aw check requirements async block check (#171642 )	2026-05-21 01:28:32 +02:00
Robert Resch	323479ca44	Fix aw check requirements safe output (#171643 )	2026-05-21 01:16:25 +02:00
Raphael Hehl	c8bfe56975	Fix hardcoded exception strings in unifi_access (#171629 ) Co-authored-by: RaHehl <rahehl@users.noreply.github.com>	2026-05-21 00:37:08 +02:00
A. Gideonse	ab214b64f2	Implement final Indevolt exceptions translations (#171635 )	2026-05-21 00:35:01 +02:00
Max Michels	fea673d93a	Replace duplicate constants with homeassistant.const imports (#171639 )	2026-05-21 00:24:05 +02:00
Max Michels	5405151112	Replace duplicate constants with homeassistant.const imports (#171637 )	2026-05-21 00:12:23 +02:00
Max Michels	b3c210ef24	Replace duplicate constants with homeassistant.const imports (#171638 )	2026-05-21 00:11:59 +02:00
Robert Resch	5f5d74cfbd	Remove requirements_test_all file (#171530 )	2026-05-20 23:54:31 +02:00
Josh Gustafson	c188fdcc8b	Clean up arcam_fmj config flow (#171161 ) Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-20 22:58:10 +02:00
Michael Hansen	a3b43fc19b	Handle multiple intents in Wyoming conversation (#171615 ) Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: balloob <1444314+balloob@users.noreply.github.com>	2026-05-20 16:48:56 -04:00
Maciej Bieniek	894a68acb6	Fix `media_image_hash` and validate the MIME type in the Shelly media player (#171585 )	2026-05-20 22:25:30 +02:00
Kamil Breguła	30bc3fc412	Bump wled to 0.23.0 and remove backoff exception (#171622 )	2026-05-20 22:16:43 +02:00
Michael	3cc0cc38ab	Add missing translation placeholders for SMA exceptions (#171625 )	2026-05-20 21:31:44 +02:00
Michael	296caa90c1	Fix exception strings in FRITZ!Box tools (#171603 )	2026-05-20 20:55:42 +02:00
A. Gideonse	bb4c211fb6	Add DHCP discovery to Indevolt (#169597 ) Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>	2026-05-20 20:53:23 +02:00
Nick Haghiri	d4fa904386	Add invalid_auth exception translation key to backblaze_b2 (#171584 ) Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>	2026-05-20 20:51:44 +02:00
Erik Montnemery	db98f0b434	Remove advanced mode from homeassistant service actions (#171440 ) Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>	2026-05-20 20:40:36 +02:00
Erwin Douna	7341ac91ee	SMA add missing exceptions (#171550 )	2026-05-20 20:32:19 +02:00
Jan Bouwhuis	b2fb5df0fb	Remove positional message strings when translation_key is set in mqtt (#171617 )	2026-05-20 20:16:41 +02:00
Manu	265485a7d0	Fix positional message strings in exceptions in Notify for Android TV / Fire TV integration (#171581 )	2026-05-20 20:00:30 +02:00
J. Nick Koston	bf1b93fb66	Bump aioesphomeapi to 45.0.4 (#171601 )	2026-05-20 12:54:08 -05:00
dontinelli	be9d4bedfd	Fix update error message key in solarlog (#171611 )	2026-05-20 19:53:19 +02:00
Franck Nijhof	e8ac982e83	Add pylint checker for exception translation validation (#171453 ) Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-20 19:45:56 +02:00
Abílio Costa	6c8e5a8e98	Add common availability test helper for IR/RF integrations (#171610 ) Co-authored-by: Paulus Schoutsen <balloob@gmail.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>	2026-05-20 13:05:37 -04:00
Paul Bottein	e40a3e18db	Send entity domain in template config flow preview (#171599 )	2026-05-20 13:00:23 -04:00
Robert Resch	cba05caadd	Fix aw generation (#171609 )	2026-05-20 12:56:57 -04:00
Denis Shulyaka	ef3bc61e2b	Remove stale temperature key from anthropic strings (#171612 )	2026-05-20 12:56:33 -04:00
shbatm	3eff36eb9d	Use CONF_CODE from homeassistant.const in isy994 (#171608 ) Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-20 18:48:35 +02:00
Michael	8402a4d876	Fix hardcoded exception strings in tankerkoenig (#171607 )	2026-05-20 18:24:32 +02:00
shbatm	6159516dc0	Bump pyisy to 3.6.1 and modernize TLS handling for isy994 (#170136 ) Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com> Co-authored-by: Joost Lekkerkerker <joostlek@outlook.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>	2026-05-20 18:12:11 +02:00
Åke Strandberg	8fd3dcc7b1	Fix translation placeholder for Miele fan errors (#171592 )	2026-05-20 18:07:24 +02:00
Robert Resch	b724e52408	Reduce token usage by moving deterministic checks to python (#171466 ) Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>	2026-05-20 17:59:20 +02:00
Abílio Costa	1654f7b0f7	Move duplicated infrared state tracking to common class (#170906 )	2026-05-20 11:53:02 -04:00
Luke Lashley	c8b23d52ba	Bump python-roborock to 5.12.0 (#171112 ) Co-authored-by: Robert Resch <robert@resch.dev>	2026-05-20 17:48:42 +02:00
Aidan Timson	75d2babe65	Fix swallowed exceptions in lyric climate action handlers (#171356 ) Co-authored-by: Cursor <cursoragent@cursor.com>	2026-05-20 17:47:13 +02:00
Jens Timmerman	39ad57acfd	Bump guntamatic to v1.8.0 (#171593 )	2026-05-20 17:45:47 +02:00
TheJulianJES	162729a176	Fix ZHA blocking minor version downgrades (#171319 )	2026-05-20 17:45:16 +02:00
Erik Montnemery	376d94e7e1	Remove advanced mode from scene service actions (#171454 )	2026-05-20 17:38:12 +02:00
Chris	c3223b29a4	fix: handle and translate OpenEVSE charger exceptions in number entities (#171368 )	2026-05-20 17:36:35 +02:00
Erik Montnemery	073ee88a64	Remove advanced mode from motioneye service actions (#171446 )	2026-05-20 17:35:52 +02:00
Manu	ef8b4f2d7f	Fix reminder time calculation to use timezone-aware `dt_util` in Habitica (#171557 )	2026-05-20 17:34:53 +02:00
Josef Zweck	0df063b420	Fix string ref for tedee (#171548 )	2026-05-20 17:30:35 +02:00