Address review: skip duplicate fetch when language is English

Fix onboarding crash when area translations are missing
2026-06-29 18:16:13 +02:00 · 2026-05-20 13:05:59 +00:00 · 2026-05-20 12:55:07 +00:00
10007 changed files with 142415 additions and 346084 deletions
@@ -8,8 +8,32 @@ description: Reviews GitHub pull requests and provides feedback comments. This i
 ## Follow these steps:
 1. Use 'gh pr view' to get the PR details and description.
 2. Use 'gh pr diff' to see all the changes in the PR.
-3. Review the changes following the `review` skill. It is VERY IMPORTANT to follow the `review` skill instructions.
-4. Check if all existing review comments have been addressed.
+3. Analyze the code changes for:
+   - Code quality and style consistency
+   - Potential bugs or issues
+   - Performance implications
+   - Security concerns
+   - Test coverage
+   - Documentation updates if needed
+4. Ensure any existing review comments have been addressed.
+5. Generate constructive review comments in the CONSOLE. DO NOT POST TO GITHUB YOURSELF.

 ## IMPORTANT:
+- Just review. DO NOT make any changes
+- Be constructive and specific in your comments
+- Suggest improvements where appropriate
 - Only provide review feedback in the CONSOLE. DO NOT ACT ON GITHUB.
+- No need to run tests or linters, just review the code changes.
+- No need to highlight things that are already good.
+
+## Output format:
+- List specific comments for each file/line that needs attention.
+- In the end, summarize with an overall assessment (approve, request changes, or comment) and bullet point list of changes suggested, if any.
+  - Example output:
+    ```
+    Overall assessment: request changes.
+    - [CRITICAL] sensor.py:143 - Memory leak
+    - [PROBLEM] data_processing.py:87 - Inefficient algorithm
+    - [SUGGESTION] test_init.py:45 - Improve x variable name
+    ```
+  - Make sure to include the file and line number when possible in the bullet points.
@@ -24,7 +24,6 @@ The following platforms have extra guidelines:
 ## Entity platforms

 - Ensure `async_added_to_hass()` and `async_will_remove_from_hass()` have symmetrical behavior. For example, if a subscription is created in `async_added_to_hass()`, it should be unsubscribed in `async_will_remove_from_hass()`. Also, if something is torn down in `async_will_remove_from_hass()`, it should be set up in `async_added_to_hass()`.
- Entity base class (e.g. `SensorEntity`, `TrackerEntity`) provide a stable API for child classes to inherit from. Do not suggest redeclaring or duplicating attributes, properties, or methods the base class already provides, and do not add guards against the parent's behavior changing — rely on the base class instead.

 ## Integration Quality Scale

@@ -1,38 +0,0 @@
---
-name: review
-description: Reviews code changes and provides constructive feedback. Should be used when a review is requested to provide a consistent review behavior and output format. This skill can be used for code reviews in general, not just for GitHub pull requests.
---
-
-# Review Code Changes
-
-## Analyze the code changes for:
- Code quality and style consistency
- Potential bugs or issues
- Performance implications
- Security concerns
- Test coverage
- Documentation updates if needed
-
-## Verification:
- After the review, run parallel subagents for each finding to double-check it.
- Spawn up to a maximum of 10 parallel subagents at a time.
- Gather the results from the subagents and summarize them in the final review comments.
-
-## IMPORTANT:
- Just review. DO NOT make any changes.
- Be constructive and specific in your comments.
- Suggest improvements where appropriate.
- No need to run tests or linters, just review the code changes.
- No need to highlight things that are already good.
-
-## Output format:
- List specific comments for each file/line that needs attention.
- In the end, summarize with an overall assessment (approve, request changes, or comment) and bullet point list of changes suggested, if any.
-  - Example output:
-    ```
-    Overall assessment: request changes.
-    - [CRITICAL] sensor.py:143 - Memory leak
-    - [PROBLEM] data_processing.py:87 - Inefficient algorithm
-    - [SUGGESTION] test_init.py:45 - Improve x variable name
-    ```
-  - Make sure to include the file and line number when possible in the bullet points.
@@ -1,9 +0,0 @@
-{
-  "features": {
-    "ghcr.io/devcontainers/features/github-cli:1": {
-      "version": "1.1.0",
-      "resolved": "ghcr.io/devcontainers/features/github-cli@sha256:d22f50b70ed75339b4eed1ba9ecde3a1791f90e88d37936517e3bace0bbad671",
-      "integrity": "sha256:d22f50b70ed75339b4eed1ba9ecde3a1791f90e88d37936517e3bace0bbad671"
-    }
-  }
-}
@@ -15,11 +15,11 @@ Dockerfile.dev linguist-language=Dockerfile
 # Generated files
 CODEOWNERS linguist-generated=true
 homeassistant/generated/*.py linguist-generated=true
-pylint/plugins/pylint_home_assistant/generated/*.py linguist-generated=true
 machine/* linguist-generated=true
 mypy.ini linguist-generated=true
 requirements.txt linguist-generated=true
 requirements_all.txt linguist-generated=true
+requirements_test_all.txt linguist-generated=true
 requirements_test_pre_commit.txt linguist-generated=true
 script/hassfest/docker/Dockerfile linguist-generated=true
-.github/workflows/*.lock.yml linguist-generated=true merge=ours
+.github/workflows/*.lock.yml linguist-generated=true
@@ -1,52 +0,0 @@
-name: Cache and install APT packages
-description: >-
-  Wraps awalsh128/cache-apt-pkgs-action with the workarounds Home Assistant CI
-  needs. Removes the conflicting Microsoft apt source before any apt run, and
-  points the dynamic linker at the host's multiarch lib subdirectories so
-  shared libraries that rely on update-alternatives or postinst-managed paths
-  (eg libblas, liblapack pulled in by ffmpeg) stay reachable since the upstream
-  action does not execute postinst scripts on cache restore.
-
-inputs:
-  packages:
-    description: Space-delimited list of apt packages to install.
-    required: true
-  version:
-    description: Cache version. Bump to invalidate the cache.
-    required: false
-    default: "1"
-  execute_install_scripts:
-    description: >-
-      Pass-through to awalsh128/cache-apt-pkgs-action. Postinst scripts are not
-      actually cached by the upstream action, so this is largely a no-op today.
-    required: false
-    default: "false"
-
-runs:
-  using: composite
-  steps:
-    - name: Remove conflicting Microsoft apt source
-      shell: bash
-      run: sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
-    - name: Install apt packages via cache
-      uses: awalsh128/cache-apt-pkgs-action@acb598e5ddbc6f68a970c5da0688d2f3a9f04d05 # v1.5.3
-      with:
-        packages: ${{ inputs.packages }}
-        version: ${{ inputs.version }}
-        execute_install_scripts: ${{ inputs.execute_install_scripts }}
-    - name: Refresh dynamic linker cache
-      shell: bash
-      run: |
-        # awalsh128/cache-apt-pkgs-action does not run postinst scripts on
-        # cache restore, so update-alternatives symlinks (eg the one libblas
-        # creates at /usr/lib/<multiarch>/libblas.so.3) are never produced.
-        # Add every /usr/lib/<multiarch> subdirectory that holds shared
-        # libraries to the ldconfig search path so the dynamic linker still
-        # finds them.  Use dpkg-architecture to derive the host's multiarch
-        # tuple so this works on non-x86_64 runners too.
-        multiarch="$(dpkg-architecture -qDEB_HOST_MULTIARCH)"
-        find "/usr/lib/${multiarch}" -mindepth 2 -maxdepth 2 \
-          -name '*.so.*' -printf '%h\n' \
-          | sort -u \
-          | sudo tee /etc/ld.so.conf.d/zzz-cache-apt-extras.conf > /dev/null
-        sudo ldconfig
@@ -6,7 +6,6 @@

 - Start review comments with a short, one-sentence summary of the suggested fix.
 - Do not comment on code style, formatting or linting issues.
- Flag comments that over-explain straightforward code, narrate the obvious, or read like AI commentary (multi-sentence justifications for a single line).
 - A Pull Request with a dependency version bump should only contain changes required for the version bump. If the PR includes other changes, request that they are removed from the PR.

 # GitHub Copilot & Claude Code Instructions
@@ -24,9 +23,8 @@ This repository contains the core of Home Assistant, a Python 3 based home autom

 ## Development Commands

- When entering a new environment or worktree, run `script/setup` to set up the virtual environment with all development dependencies (pylint, pre-commit hooks, etc.). This is required before committing. If uv reports that no download was found for the required Python version, the environment is running an outdated version of uv; upgrade it with `curl -LsSf https://astral.sh/uv/install.sh | sh` and run `script/setup` again.
+- When entering a new environment or worktree, run `script/setup` to set up the virtual environment with all development dependencies (pylint, pre-commit hooks, etc.). This is required before committing.
 - .vscode/tasks.json contains useful commands used for development.
- After finishing a code session, run `uv run prek run --all-files` to check for linting and formatting issues.

 ## Python Syntax Notes

@@ -44,13 +42,10 @@ This repository contains the core of Home Assistant, a Python 3 based home autom
 - Avoid using conditions/branching in tests. Instead, either split tests or adjust the test parametrization to cover all cases without branching.
 - If multiple tests share most of their code, use `pytest.mark.parametrize` to merge them into a single parameterized test instead of duplicating the body. Use `pytest.param` with an `id` parameter to name the test cases clearly.
 - We use Syrupy for snapshot testing. Leverage `.ambr` snapshots instead of repetitive and exhaustive generation of test data within Python code itself.
- Hardcoded `entity_id`s in tests are fine. If the same one is repeated, use a constant.

 ## Good practices

 - Integrations with Platinum or Gold level in the Integration Quality Scale reflect a high standard of code quality and maintainability. When looking for examples of something, these are good places to start. The level is indicated in the manifest.json of the integration.
 - When reviewing entity actions, do not suggest extra defensive checks for input fields that are already validated by Home Assistant's service/action schemas and entity selection filters. Suggest additional guards only when data bypasses those validators or is transformed into a less-safe form.
 - When validation guarantees a dict key exists, prefer direct key access (`data["key"]`) instead of `.get("key")` so contract violations are surfaced instead of silently masked.
- Keep comments concise. Prefer one short line stating the non-obvious constraint, or no comment at all.
- Do not add comments that just restate the code on the following line(s) (e.g. `# Check if initialized` above `if self.initialized:`). Comments should only explain why (non-obvious constraints, surprising behavior, or workarounds), never what. Never add comments that justify a change by referencing what the code looked like before.
- Do not add section or divider comments (e.g. `# --- XYZ Triggers ---`) inside or outside of functions, since those can easily become stale and be misleading.
+- Do not add comments that just restate the code on the following line(s) (e.g. `# Check if initialized` above `if self.initialized:`). Comments should only explain why — non-obvious constraints, surprising behavior, or workarounds — never what.
@@ -14,4 +14,3 @@ updates:
    ignore:
      # Managed by gh aw compile. Version-locked to the gh-aw compiler; do not bump.
      - dependency-name: "github/gh-aw-actions/**"
-      - dependency-name: "github/gh-aw-actions"
@@ -27,7 +27,6 @@ The following platforms have extra guidelines:
 ## Entity platforms

 - Ensure `async_added_to_hass()` and `async_will_remove_from_hass()` have symmetrical behavior. For example, if a subscription is created in `async_added_to_hass()`, it should be unsubscribed in `async_will_remove_from_hass()`. Also, if something is torn down in `async_will_remove_from_hass()`, it should be set up in `async_added_to_hass()`.
- Entity base class (e.g. `SensorEntity`, `TrackerEntity`) provide a stable API for child classes to inherit from. Do not suggest redeclaring or duplicating attributes, properties, or methods the base class already provides, and do not add guards against the parent's behavior changing — rely on the base class instead.

 ## Integration Quality Scale

@@ -128,7 +128,6 @@
        "standard-aifc",
        "standard-telnetlib",
        "ulid-transform",
-        "unidiff",
        "url-normalize",
        "xmltodict"
      ],
@@ -14,7 +14,7 @@ env:
  UV_HTTP_TIMEOUT: 60
  UV_SYSTEM_PYTHON: "true"
  # Base image version from https://github.com/home-assistant/docker
-  BASE_IMAGE_VERSION: "2026.05.0"
+  BASE_IMAGE_VERSION: "2026.04.0"
  ARCHITECTURES: '["amd64", "aarch64"]'

 permissions: {}
@@ -38,7 +38,7 @@ jobs:
      base_image_version: ${{ env.BASE_IMAGE_VERSION }}
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

@@ -102,7 +102,7 @@ jobs:
            os: ubuntu-24.04-arm
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

@@ -193,7 +193,7 @@ jobs:
          echo "${GITHUB_SHA};${GITHUB_REF};${GITHUB_EVENT_NAME};${GITHUB_ACTOR}" > rootfs/OFFICIAL_IMAGE

      - name: Build base image
-        uses: home-assistant/builder/actions/build-image@4de35182ce1e329181bffcbcc84d33db5e2c7e10 # 2026.06.0
+        uses: home-assistant/builder/actions/build-image@62a1597b84b3461abad9816d9cd92862a2b542c3 # 2026.03.2
        with:
          arch: ${{ matrix.arch }}
          build-args: |
@@ -245,7 +245,7 @@ jobs:
            runs-on: ubuntu-24.04
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

@@ -264,7 +264,7 @@ jobs:
          fi

      - name: Build machine image
-        uses: home-assistant/builder/actions/build-image@4de35182ce1e329181bffcbcc84d33db5e2c7e10 # 2026.06.0
+        uses: home-assistant/builder/actions/build-image@62a1597b84b3461abad9816d9cd92862a2b542c3 # 2026.03.2
        with:
          arch: ${{ matrix.arch }}
          build-args: |
@@ -292,7 +292,7 @@ jobs:
      contents: read
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

@@ -339,16 +339,18 @@ jobs:
    steps:
      - name: Install Cosign
        uses: sigstore/cosign-installer@6f9f17788090df1f26f669e9d70d6ae9567deba6 # v4.1.2
+        with:
+          cosign-release: "v2.5.3"

      - name: Login to DockerHub
        if: matrix.registry == 'docker.io/homeassistant'
-        uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
+        uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Login to GitHub Container Registry
-        uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
+        uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
@@ -378,7 +380,7 @@ jobs:
      #   2025.12.0.dev202511250240 -> tags: 2025.12.0.dev202511250240, dev
      - name: Generate Docker metadata
        id: meta
-        uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6.1.0
+        uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0
        with:
          images: ${{ matrix.registry }}/home-assistant
          sep-tags: ","
@@ -392,7 +394,7 @@ jobs:
            type=semver,pattern={{major}}.{{minor}},value=${{ needs.init.outputs.version }},enable=${{ !contains(needs.init.outputs.version, 'd') && !contains(needs.init.outputs.version, 'b') }}

      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v3.7.1
+        uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v3.7.1

      - name: Copy architecture images to DockerHub
        if: matrix.registry == 'docker.io/homeassistant'
@@ -469,7 +471,7 @@ jobs:
    if: github.repository_owner == 'home-assistant' && needs.init.outputs.publish == 'true'
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

@@ -516,19 +518,19 @@ jobs:
      HASSFEST_IMAGE_TAG: ghcr.io/home-assistant/hassfest:${{ needs.init.outputs.version }}
    steps:
      - name: Checkout repository
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

      - name: Login to GitHub Container Registry
-        uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
+        uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Build Docker image
-        uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0
+        uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0
        with:
          context: . # So action will not pull the repository again
          file: ./script/hassfest/docker/Dockerfile
@@ -541,7 +543,7 @@ jobs:
      - name: Push Docker image
        if: needs.init.outputs.channel != 'dev' && needs.init.outputs.publish == 'true'
        id: push
-        uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0
+        uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0
        with:
          context: . # So action will not pull the repository again
          file: ./script/hassfest/docker/Dockerfile
@@ -0,0 +1,31 @@
+name: Check requirements (changes detection)
+
+# Stage 1 of the agentic Check requirements workflow.
+# Just kicks off Stage 2 (`check-requirements-dispatcher.yml`) which starts the agentic workflow
+
+# yamllint disable-line rule:truthy
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+    paths:
+      - "requirements*.txt"
+      - "homeassistant/package_constraints.txt"
+      - "pyproject.toml"
+
+permissions: {}
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
+  cancel-in-progress: true
+
+jobs:
+  changes:
+    name: Requirements files changed
+    runs-on: ubuntu-latest
+    timeout-minutes: 1
+    steps:
+      - name: Record PR number
+        env:
+          PR_NUMBER: ${{ github.event.pull_request.number }}
+        run: |-
+          echo "Requirements files changed in PR #${PR_NUMBER}"
@@ -1,77 +0,0 @@
-name: Check requirements (deterministic)
-
-# Stage 1 of the Check requirements pipeline.
-#
-# Runs the deterministic Python checks and uploads the structured
-# results as an artifact. Stage 2 (the agentic workflow defined in
-# `check-requirements.md`) consumes the artifact on completion.
-
-# yamllint disable-line rule:truthy
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-    paths:
-      - "requirements*.txt"
-      - "**/requirements*.txt"
-      - "homeassistant/package_constraints.txt"
-  workflow_dispatch:
-    inputs:
-      pull_request_number:
-        description: "Pull request number to (re-)check"
-        required: true
-        type: number
-
-permissions: {}
-
-concurrency:
-  group: ${{ github.workflow }}-${{ inputs.pull_request_number || github.event.pull_request.number }}
-  cancel-in-progress: true
-
-jobs:
-  deterministic:
-    name: Run deterministic requirement checks
-    runs-on: ubuntu-24.04
-    permissions:
-      contents: read
-      pull-requests: read # To fetch the PR diff via gh CLI
-    timeout-minutes: 10
-    steps:
-      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-        with:
-          persist-credentials: false
-      - name: Set up Python
-        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
-        with:
-          python-version-file: ".python-version"
-          check-latest: true
-      - name: Install script dependencies
-        run: pip install -r script/check_requirements/requirements.txt
-      - name: Collect PR diff and head SHA
-        id: pr
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          PR_NUMBER: ${{ inputs.pull_request_number || github.event.pull_request.number }}
-        run: |
-          mkdir -p deterministic
-          gh pr diff "${PR_NUMBER}" > deterministic/pr.diff
-          HEAD_SHA=$(gh pr view "${PR_NUMBER}" --json headRefOid --jq '.headRefOid')
-          echo "head_sha=${HEAD_SHA}" >> "${GITHUB_OUTPUT}"
-      - name: Run deterministic checks
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          PR_NUMBER: ${{ inputs.pull_request_number || github.event.pull_request.number }}
-          HEAD_SHA: ${{ steps.pr.outputs.head_sha }}
-        run: |
-          python -m script.check_requirements \
-            --pr-number "${PR_NUMBER}" \
-            --head-sha "${HEAD_SHA}" \
-            --diff deterministic/pr.diff \
-            --output deterministic/results.json
-      - name: Upload deterministic-results artifact
-        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
-        with:
-          name: check-requirements-deterministic
-          path: deterministic/results.json
-          if-no-files-found: error
-          retention-days: 7
@@ -0,0 +1,73 @@
+name: Check requirements (dispatcher)
+
+# Stage 2 of the agentic Check requirements workflow. Runs on completion of
+# stage 1 (`check-requirements-changes.yml`) and dispatches stage 3
+# (`check-requirements.lock.yml`)
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.workflow_run.head_repository.full_name }}-${{ github.event.workflow_run.head_branch }}
+  cancel-in-progress: true
+
+# yamllint disable-line rule:truthy
+on: # zizmor: ignore[dangerous-triggers]
+  # workflow_run is safe here: this workflow does not check out PR code or run
+  # any code from the triggering PR. It only resolves the PR number from the
+  # head SHA and dispatches `check-requirements.lock.yml` with that number as
+  # a sanitized string input. The PR code is analysed downstream in the
+  # agentic workflow (`check-requirements.lock.yml`)
+  workflow_run:
+    workflows: ["Check requirements (changes detection)"]
+    types: [completed]
+
+permissions: {}
+
+jobs:
+  dispatch:
+    name: Dispatch agentic requirements check
+    if: >
+      github.event.workflow_run.event == 'pull_request'
+      && github.event.workflow_run.conclusion == 'success'
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
+    permissions:
+      actions: write # For triggering the downstream workflow
+      pull-requests: read # For querying PRs by commit SHA
+    steps:
+      - name: Resolve PR number from head SHA and trigger agentic requirements check
+        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+        with:
+          script: |
+            const headSha = context.payload.workflow_run.head_sha;
+            const headBranch = context.payload.workflow_run.head_branch;
+            const headRepository = context.payload.workflow_run.head_repository;
+            const headRepo = headRepository.full_name;
+            // Query the head repository (which may be a fork). When the PR comes
+            // from a fork, the upstream's listPullRequestsAssociatedWithCommit
+            // returns no results for the fork's commit SHA.
+            const { data: pulls } = await github.rest.repos.listPullRequestsAssociatedWithCommit({
+              owner: headRepository.owner.login,
+              repo: headRepository.name,
+              commit_sha: headSha,
+            });
+            const matches = pulls.filter(p =>
+              p.state === 'open'
+              && p.head.ref === headBranch
+              && p.head.repo?.full_name === headRepo
+            );
+            if (matches.length === 0) {
+              core.info(`No open PR found for head SHA ${headSha} on ${headRepo}:${headBranch}; nothing to dispatch.`);
+              return;
+            }
+            const defaultBranch = context.payload.workflow_run.repository.default_branch;
+            for (const pr of matches) {
+              await github.rest.actions.createWorkflowDispatch({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                workflow_id: 'check-requirements.lock.yml',
+                ref: defaultBranch,
+                inputs: {
+                  pull_request_number: String(pr.number),
+                },
+              });
+              core.info(`Dispatched check-requirements.lock.yml for PR #${pr.number}.`);
+            }
@@ -1,5 +1,5 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"36a7fc263a2ce868d74a266f23eb7772d82fd397806464384fe087479ddd4a70","body_hash":"bba8c011f2b82bb4d9847a359f43f0e7d91245b280678c20e5112b3c9e77d5cd","compiler_version":"v0.79.6","strict":true,"agent_id":"copilot","engine_versions":{"copilot":"1.0.60"}}
-# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"df4cb1c069e1874edd31b4311f1884172cec0e10","version":"v6.0.3"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"github/gh-aw-actions/setup","sha":"5c2fe865bb4dc46e1450f6ee0d0541d759aea73a","version":"v0.79.6"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.27.2","digest":"sha256:f88e5b17b6b7a600117bc121114d6ce2155c88c983c0c939c5df884f730fa1d6","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.27.2@sha256:f88e5b17b6b7a600117bc121114d6ce2155c88c983c0c939c5df884f730fa1d6"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.2","digest":"sha256:ee39841d980878ebbb87592903b06d31a1af500c71525c9616f7e8e2a27041a4","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.27.2@sha256:ee39841d980878ebbb87592903b06d31a1af500c71525c9616f7e8e2a27041a4"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.27.2","digest":"sha256:2e3a717e5f19a654cd9a2263beb52012b56bcb68562ec5ae2e42f9d156b49591","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.27.2@sha256:2e3a717e5f19a654cd9a2263beb52012b56bcb68562ec5ae2e42f9d156b49591"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.25","digest":"sha256:c10331ad17668ef89f38f5e356678788a40b0cd5fef96e8f92e1d9c1de47cbaa","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.25@sha256:c10331ad17668ef89f38f5e356678788a40b0cd5fef96e8f92e1d9c1de47cbaa"},{"image":"ghcr.io/github/github-mcp-server:v1.1.2","digest":"sha256:30197479d8036c7811892bc07e06f9a05c9ef3cdd79bc59f256d50647f95788c","pinned_image":"ghcr.io/github/github-mcp-server:v1.1.2@sha256:30197479d8036c7811892bc07e06f9a05c9ef3cdd79bc59f256d50647f95788c"}]}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"62eb6e3d38092bd041a0c1ddfdaef94cf4b9c694b2d2bcac6cbbecd6810230ca","compiler_version":"v0.74.4","strict":true,"agent_id":"copilot"}
+# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"github/gh-aw-actions/setup","sha":"d3abfe96a194bce3a523ed2093ddedd5704cdf62","version":"v0.74.4"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.46"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.46"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.46"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.9","digest":"sha256:64828b42a4482f58fab16509d7f8f495a6d97c972a98a68aff20543531ac0388","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.9@sha256:64828b42a4482f58fab16509d7f8f495a6d97c972a98a68aff20543531ac0388"},{"image":"ghcr.io/github/github-mcp-server:v1.0.4"},{"image":"node:lts-alpine","digest":"sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f","pinned_image":"node:lts-alpine@sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f"}]}
 #    ___                   _   _      
 #   / _ \                 | | (_)     
 #  | |_| | __ _  ___ _ __ | |_ _  ___ 
@@ -14,7 +14,7 @@
 # \  /\  / (_) | | | | ( | | | | (_) \ V  V /\__ \
 #  \/  \/ \___/|_| |_|\_\|_| |_|\___/ \_/\_/ |___/
 #
-# This file was automatically generated by gh-aw (v0.79.6). DO NOT EDIT.
+# This file was automatically generated by gh-aw (v0.74.4). DO NOT EDIT.
 #
 # To update this file, edit the corresponding .md file and run:
 #   gh aw compile
@@ -22,7 +22,7 @@
 #
 # For more information: https://github.github.com/gh-aw/introduction/overview/
 #
-# Resolves the deterministic-stage artifact's NEEDS_AGENT checks for changed Python package requirements on PRs targeting the core repo, then posts the final review comment. Triggered by completion of the deterministic workflow. Reads the uploaded artifact from disk, replaces placeholders for any check whose status is `needs_agent`, and posts the merged comment using the PR number recorded inside the artifact itself. Each check kind has a dedicated instruction section below; if the artifact contains a check kind that does not have a section here, the agent fails hard rather than guess.
+# Checks changed Python package requirements on PRs targeting the core repo (including PRs opened from forks) and verifies licenses match PyPI metadata, source repositories are publicly accessible, PyPI releases were uploaded via automated CI (Trusted Publisher attestation), the package's release pipeline uses OIDC or equivalent automated credentials (not static tokens), and the PR description contains the required links.
 #
 # Secrets used:
 #   - COPILOT_GITHUB_TOKEN
@@ -31,56 +31,52 @@
 #   - GITHUB_TOKEN
 #
 # Custom actions used:
-#   - actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+#   - actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 #   - actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
 #   - actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
 #   - actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
 #   - actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
-#   - github/gh-aw-actions/setup@5c2fe865bb4dc46e1450f6ee0d0541d759aea73a # v0.79.6
+#   - github/gh-aw-actions/setup@d3abfe96a194bce3a523ed2093ddedd5704cdf62 # v0.74.4
 #
 # Container images used:
-#   - ghcr.io/github/gh-aw-firewall/agent:0.27.2@sha256:f88e5b17b6b7a600117bc121114d6ce2155c88c983c0c939c5df884f730fa1d6
-#   - ghcr.io/github/gh-aw-firewall/api-proxy:0.27.2@sha256:ee39841d980878ebbb87592903b06d31a1af500c71525c9616f7e8e2a27041a4
-#   - ghcr.io/github/gh-aw-firewall/squid:0.27.2@sha256:2e3a717e5f19a654cd9a2263beb52012b56bcb68562ec5ae2e42f9d156b49591
-#   - ghcr.io/github/gh-aw-mcpg:v0.3.25@sha256:c10331ad17668ef89f38f5e356678788a40b0cd5fef96e8f92e1d9c1de47cbaa
-#   - ghcr.io/github/github-mcp-server:v1.1.2@sha256:30197479d8036c7811892bc07e06f9a05c9ef3cdd79bc59f256d50647f95788c
+#   - ghcr.io/github/gh-aw-firewall/agent:0.25.46
+#   - ghcr.io/github/gh-aw-firewall/api-proxy:0.25.46
+#   - ghcr.io/github/gh-aw-firewall/squid:0.25.46
+#   - ghcr.io/github/gh-aw-mcpg:v0.3.9@sha256:64828b42a4482f58fab16509d7f8f495a6d97c972a98a68aff20543531ac0388
+#   - ghcr.io/github/github-mcp-server:v1.0.4
+#   - node:lts-alpine@sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f

-name: "Check requirements (AW)"
+name: "Check requirements"
 on:
-  workflow_run:
-    # zizmor: ignore[dangerous-triggers] - workflow_run trigger is secured with role and fork validation
-    types:
-    - completed
-    workflows:
-    - Check requirements (deterministic)
+  workflow_dispatch:
+    inputs:
+      aw_context:
+        default: ""
+        description: Agent caller context (used internally by Agentic Workflows).
+        required: false
+        type: string
+      pull_request_number:
+        description: Pull request number to (re-)check
+        required: true
+        type: number

 permissions: {}

 concurrency:
  cancel-in-progress: true
-  group: ${{ github.workflow }}-${{ github.event.workflow_run.id }}
+  group: ${{ github.workflow }}-${{ inputs.pull_request_number }}

-run-name: "Check requirements (AW)"
+run-name: "Check requirements"

 jobs:
  activation:
-    needs: pre_activation
-    # zizmor: ignore[dangerous-triggers] - workflow_run trigger is secured with role and fork validation
-    if: >
-      (needs.pre_activation.outputs.activated == 'true') && (github.event_name != 'workflow_run' || github.event.workflow_run.repository.id == github.repository_id &&
-      (!(github.event.workflow_run.repository.fork)))
    runs-on: ubuntu-slim
    permissions:
      actions: read
      contents: read
-    env:
-      GH_AW_MAX_DAILY_AI_CREDITS: ${{ vars.GH_AW_DEFAULT_MAX_DAILY_AI_CREDITS || '5000' }}
    outputs:
      comment_id: ""
      comment_repo: ""
-      daily_effective_workflow_exceeded: ${{ steps.daily-effective-workflow-guardrail.outputs.daily_effective_workflow_exceeded == 'true' }}
-      daily_effective_workflow_threshold: ${{ steps.daily-effective-workflow-guardrail.outputs.daily_effective_workflow_threshold || '' }}
-      daily_effective_workflow_total_effective_tokens: ${{ steps.daily-effective-workflow-guardrail.outputs.daily_effective_workflow_total_effective_tokens || '' }}
      engine_id: ${{ steps.generate_aw_info.outputs.engine_id }}
      lockdown_check_failed: ${{ steps.generate_aw_info.outputs.lockdown_check_failed == 'true' }}
      model: ${{ steps.generate_aw_info.outputs.model }}
@@ -92,35 +88,31 @@ jobs:
    steps:
      - name: Setup Scripts
        id: setup
-        uses: github/gh-aw-actions/setup@5c2fe865bb4dc46e1450f6ee0d0541d759aea73a # v0.79.6
+        uses: github/gh-aw-actions/setup@d3abfe96a194bce3a523ed2093ddedd5704cdf62 # v0.74.4
        with:
          destination: ${{ runner.temp }}/gh-aw/actions
          job-name: ${{ github.job }}
-          trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }}
-          parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }}
-          safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }}
        env:
-          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements (AW)"
+          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements"
          GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/check-requirements.lock.yml@${{ github.ref }}
-          GH_AW_INFO_VERSION: "1.0.60"
-          GH_AW_INFO_AWF_VERSION: "v0.27.2"
+          GH_AW_INFO_VERSION: "1.0.48"
          GH_AW_INFO_ENGINE_ID: "copilot"
      - name: Generate agentic run info
        id: generate_aw_info
        env:
          GH_AW_INFO_ENGINE_ID: "copilot"
          GH_AW_INFO_ENGINE_NAME: "GitHub Copilot CLI"
-          GH_AW_INFO_MODEL: ${{ vars.GH_AW_MODEL_AGENT_COPILOT || vars.GH_AW_DEFAULT_MODEL_COPILOT || 'claude-sonnet-4.6' }}
-          GH_AW_INFO_VERSION: "1.0.60"
-          GH_AW_INFO_AGENT_VERSION: "1.0.60"
-          GH_AW_INFO_CLI_VERSION: "v0.79.6"
-          GH_AW_INFO_WORKFLOW_NAME: "Check requirements (AW)"
+          GH_AW_INFO_MODEL: ${{ vars.GH_AW_MODEL_AGENT_COPILOT || 'claude-sonnet-4.6' }}
+          GH_AW_INFO_VERSION: "1.0.48"
+          GH_AW_INFO_AGENT_VERSION: "1.0.48"
+          GH_AW_INFO_CLI_VERSION: "v0.74.4"
+          GH_AW_INFO_WORKFLOW_NAME: "Check requirements"
          GH_AW_INFO_EXPERIMENTAL: "false"
          GH_AW_INFO_SUPPORTS_TOOLS_ALLOWLIST: "true"
          GH_AW_INFO_STAGED: "false"
          GH_AW_INFO_ALLOWED_DOMAINS: '["python"]'
          GH_AW_INFO_FIREWALL_ENABLED: "true"
-          GH_AW_INFO_AWF_VERSION: "v0.27.2"
+          GH_AW_INFO_AWF_VERSION: "v0.25.46"
          GH_AW_INFO_AWMG_VERSION: ""
          GH_AW_INFO_FIREWALL_TYPE: "squid"
          GH_AW_COMPILED_STRICT: "true"
@@ -131,37 +123,18 @@ jobs:
            setupGlobals(core, github, context, exec, io, getOctokit);
            const { main } = require('${{ runner.temp }}/gh-aw/actions/generate_aw_info.cjs');
            await main(core, context);
-      - name: Check daily workflow token guardrail
-        id: daily-effective-workflow-guardrail
-        if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }}
-        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
-        env:
-          GH_AW_WORKFLOW_NAME: "Check requirements (AW)"
-          GH_AW_WORKFLOW_ID: "check-requirements"
-          GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
-          GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }}
-          GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          GH_AW_MAX_DAILY_AI_CREDITS: ${{ vars.GH_AW_DEFAULT_MAX_DAILY_AI_CREDITS || '5000' }}
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          script: |
-            const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
-            setupGlobals(core, github, context, exec, io, getOctokit);
-            const { main } = require('${{ runner.temp }}/gh-aw/actions/check_daily_aic_workflow_guardrail.cjs');
-            await main();
      - name: Validate COPILOT_GITHUB_TOKEN secret
        id: validate-secret
        run: bash "${RUNNER_TEMP}/gh-aw/actions/validate_multi_secret.sh" COPILOT_GITHUB_TOKEN 'GitHub Copilot CLI' https://github.github.com/gh-aw/reference/engines/#github-copilot-default
        env:
          COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }}
      - name: Checkout .github and .agents folders
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
          sparse-checkout: |
            .github
            .agents
-            .antigravity
            .claude
            .codex
            .crush
@@ -172,8 +145,8 @@ jobs:
          fetch-depth: 1
      - name: Save agent config folders for base branch restoration
        env:
-          GH_AW_AGENT_FOLDERS: ".agents .antigravity .claude .codex .crush .gemini .github .opencode .pi"
-          GH_AW_AGENT_FILES: ".crush.json AGENTS.md ANTIGRAVITY.md CLAUDE.md GEMINI.md PI.md opencode.jsonc"
+          GH_AW_AGENT_FOLDERS: ".agents .claude .codex .crush .gemini .github .opencode .pi"
+          GH_AW_AGENT_FILES: ".crush.json AGENTS.md CLAUDE.md GEMINI.md PI.md opencode.jsonc"
        # poutine:ignore untrusted_checkout_exec
        run: bash "${RUNNER_TEMP}/gh-aw/actions/save_base_github_folders.sh"
      - name: Check workflow lock file
@@ -191,7 +164,7 @@ jobs:
      - name: Check compile-agentic version
        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
        env:
-          GH_AW_COMPILED_VERSION: "v0.79.6"
+          GH_AW_COMPILED_VERSION: "v0.74.4"
        with:
          script: |
            const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -210,24 +183,25 @@ jobs:
          GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
          GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
          GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+          GH_AW_INPUTS_PULL_REQUEST_NUMBER: ${{ inputs.pull_request_number }}
        # poutine:ignore untrusted_checkout_exec
        run: |
          bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
          {
-          cat << 'GH_AW_PROMPT_781cf5b2f30d6d93_EOF'
+          cat << 'GH_AW_PROMPT_2df1318dbe2d4011_EOF'
          <system>
-          GH_AW_PROMPT_781cf5b2f30d6d93_EOF
+          GH_AW_PROMPT_2df1318dbe2d4011_EOF
          cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
          cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
          cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
          cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
-          cat << 'GH_AW_PROMPT_781cf5b2f30d6d93_EOF'
+          cat << 'GH_AW_PROMPT_2df1318dbe2d4011_EOF'
          <safe-output-tools>
          Tools: add_comment, missing_tool, missing_data, noop
          </safe-output-tools>
-          GH_AW_PROMPT_781cf5b2f30d6d93_EOF
+          GH_AW_PROMPT_2df1318dbe2d4011_EOF
          cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
-          cat << 'GH_AW_PROMPT_781cf5b2f30d6d93_EOF'
+          cat << 'GH_AW_PROMPT_2df1318dbe2d4011_EOF'
          <github-context>
          The following GitHub context information is available for this workflow:
          {{#if github.actor}}
@@ -256,18 +230,19 @@ jobs:
          {{/if}}
          </github-context>
          
-          GH_AW_PROMPT_781cf5b2f30d6d93_EOF
+          GH_AW_PROMPT_2df1318dbe2d4011_EOF
          cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
-          cat << 'GH_AW_PROMPT_781cf5b2f30d6d93_EOF'
+          cat << 'GH_AW_PROMPT_2df1318dbe2d4011_EOF'
          </system>
          {{#runtime-import .github/workflows/check-requirements.md}}
-          GH_AW_PROMPT_781cf5b2f30d6d93_EOF
+          GH_AW_PROMPT_2df1318dbe2d4011_EOF
          } > "$GH_AW_PROMPT"
      - name: Interpolate variables and render templates
        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
        env:
          GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
          GH_AW_ENGINE_ID: "copilot"
+          GH_AW_INPUTS_PULL_REQUEST_NUMBER: ${{ inputs.pull_request_number }}
        with:
          script: |
            const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -286,8 +261,8 @@ jobs:
          GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
          GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
          GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+          GH_AW_INPUTS_PULL_REQUEST_NUMBER: ${{ inputs.pull_request_number }}
          GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
-          GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
        with:
          script: |
            const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -307,8 +282,8 @@ jobs:
                GH_AW_GITHUB_REPOSITORY: process.env.GH_AW_GITHUB_REPOSITORY,
                GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
                GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
-                GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
-                GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+                GH_AW_INPUTS_PULL_REQUEST_NUMBER: process.env.GH_AW_INPUTS_PULL_REQUEST_NUMBER,
+                GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST
              }
            });
      - name: Validate prompt placeholders
@@ -329,31 +304,22 @@ jobs:
          include-hidden-files: true
          path: |
            /tmp/gh-aw/aw_info.json
-            /tmp/gh-aw/model_multipliers.json
-            /tmp/gh-aw/models.json
            /tmp/gh-aw/aw-prompts/prompt.txt
            /tmp/gh-aw/aw-prompts/prompt-template.txt
            /tmp/gh-aw/aw-prompts/prompt-import-tree.json
            /tmp/gh-aw/github_rate_limits.jsonl
            /tmp/gh-aw/base
            /tmp/gh-aw/.github/agents
-            /tmp/gh-aw/.github/skills
          if-no-files-found: ignore
          retention-days: 1

  agent:
-    needs:
-      - activation
-      - prepare
-    if: (needs.prepare.outputs.skip != 'true') && (needs.activation.outputs.daily_effective_workflow_exceeded != 'true')
+    needs: activation
    runs-on: ubuntu-latest
    permissions:
-      actions: read
      contents: read
+      issues: read
      pull-requests: read
-    concurrency:
-      group: "gh-aw-copilot-${{ github.workflow }}"
-      queue: max
    env:
      DEFAULT_BRANCH: ${{ github.event.repository.default_branch }}
      GH_AW_ASSETS_ALLOWED_EXTS: ""
@@ -362,37 +328,33 @@ jobs:
      GH_AW_MCP_LOG_DIR: /tmp/gh-aw/mcp-logs/safeoutputs
      GH_AW_WORKFLOW_ID_SANITIZED: checkrequirements
    outputs:
-      agentic_engine_timeout: ${{ steps.detect-agent-errors.outputs.agentic_engine_timeout || 'false' }}
-      ai_credits_rate_limit_error: ${{ steps.parse-mcp-gateway.outputs.ai_credits_rate_limit_error || 'false' }}
-      aic: ${{ steps.parse-mcp-gateway.outputs.aic }}
-      ambient_context: ${{ steps.parse-mcp-gateway.outputs.ambient_context }}
+      agentic_engine_timeout: ${{ steps.detect-copilot-errors.outputs.agentic_engine_timeout || 'false' }}
      checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
      effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
+      effective_tokens_rate_limit_error: ${{ steps.parse-mcp-gateway.outputs.effective_tokens_rate_limit_error || 'false' }}
      has_patch: ${{ steps.collect_output.outputs.has_patch }}
-      inference_access_error: ${{ steps.detect-agent-errors.outputs.inference_access_error || 'false' }}
-      mcp_policy_error: ${{ steps.detect-agent-errors.outputs.mcp_policy_error || 'false' }}
+      inference_access_error: ${{ steps.detect-copilot-errors.outputs.inference_access_error || 'false' }}
+      mcp_policy_error: ${{ steps.detect-copilot-errors.outputs.mcp_policy_error || 'false' }}
      model: ${{ needs.activation.outputs.model }}
-      model_not_supported_error: ${{ steps.detect-agent-errors.outputs.model_not_supported_error || 'false' }}
+      model_not_supported_error: ${{ steps.detect-copilot-errors.outputs.model_not_supported_error || 'false' }}
      output: ${{ steps.collect_output.outputs.output }}
      output_types: ${{ steps.collect_output.outputs.output_types }}
      setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
      setup-span-id: ${{ steps.setup.outputs.span-id }}
      setup-trace-id: ${{ steps.setup.outputs.trace-id }}
-      unknown_model_ai_credits: ${{ steps.parse-mcp-gateway.outputs.unknown_model_ai_credits || 'false' }}
    steps:
      - name: Setup Scripts
        id: setup
-        uses: github/gh-aw-actions/setup@5c2fe865bb4dc46e1450f6ee0d0541d759aea73a # v0.79.6
+        uses: github/gh-aw-actions/setup@d3abfe96a194bce3a523ed2093ddedd5704cdf62 # v0.74.4
        with:
          destination: ${{ runner.temp }}/gh-aw/actions
          job-name: ${{ github.job }}
          trace-id: ${{ needs.activation.outputs.setup-trace-id }}
          parent-span-id: ${{ needs.activation.outputs.setup-parent-span-id || needs.activation.outputs.setup-span-id }}
        env:
-          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements (AW)"
+          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements"
          GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/check-requirements.lock.yml@${{ github.ref }}
-          GH_AW_INFO_VERSION: "1.0.60"
-          GH_AW_INFO_AWF_VERSION: "v0.27.2"
+          GH_AW_INFO_VERSION: "1.0.48"
          GH_AW_INFO_ENGINE_ID: "copilot"
      - name: Set runtime paths
        id: set-runtime-paths
@@ -403,7 +365,7 @@ jobs:
            echo "GH_AW_SAFE_OUTPUTS_TOOLS_PATH=${RUNNER_TEMP}/gh-aw/safeoutputs/tools.json"
          } >> "$GITHUB_OUTPUT"
      - name: Checkout repository
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
      - name: Create gh-aw temp directory
@@ -412,15 +374,6 @@ jobs:
        run: bash "${RUNNER_TEMP}/gh-aw/actions/configure_gh_for_ghe.sh"
        env:
          GH_TOKEN: ${{ github.token }}
-      - if: github.event.workflow_run.conclusion == 'success'
-        name: Download deterministic-results artifact
-        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          name: check-requirements-deterministic
-          path: /tmp/gh-aw/deterministic
-          run-id: ${{ github.event.workflow_run.id }}
-
      - name: Configure Git credentials
        env:
          REPO_NAME: ${{ github.repository }}
@@ -437,7 +390,7 @@ jobs:
      - name: Checkout PR branch
        id: checkout-pr
        if: |
-          github.event.pull_request || github.event.issue.pull_request || github.event_name == 'workflow_dispatch' && fromJSON(github.event.inputs.aw_context || '{}').item_type == 'pull_request'
+          github.event.pull_request || github.event.issue.pull_request
        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
        env:
          GH_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
@@ -449,11 +402,11 @@ jobs:
            const { main } = require('${{ runner.temp }}/gh-aw/actions/checkout_pr_branch.cjs');
            await main();
      - name: Install GitHub Copilot CLI
-        run: bash "${RUNNER_TEMP}/gh-aw/actions/install_copilot_cli.sh" 1.0.60
+        run: bash "${RUNNER_TEMP}/gh-aw/actions/install_copilot_cli.sh" 1.0.48
        env:
          GH_HOST: github.com
      - name: Install AWF binary
-        run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.27.2
+        run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.46
      - name: Parse integrity filter lists
        id: parse-guard-vars
        env:
@@ -469,34 +422,32 @@ jobs:
      - name: Restore agent config folders from base branch
        if: steps.checkout-pr.outcome == 'success'
        env:
-          GH_AW_AGENT_FOLDERS: ".agents .antigravity .claude .codex .crush .gemini .github .opencode .pi"
-          GH_AW_AGENT_FILES: ".crush.json AGENTS.md ANTIGRAVITY.md CLAUDE.md GEMINI.md PI.md opencode.jsonc"
+          GH_AW_AGENT_FOLDERS: ".agents .claude .codex .crush .gemini .github .opencode .pi"
+          GH_AW_AGENT_FILES: ".crush.json AGENTS.md CLAUDE.md GEMINI.md PI.md opencode.jsonc"
        run: bash "${RUNNER_TEMP}/gh-aw/actions/restore_base_github_folders.sh"
      - name: Restore inline sub-agents from activation artifact
        env:
          GH_AW_SUB_AGENT_DIR: ".github/agents"
          GH_AW_SUB_AGENT_EXT: ".agent.md"
        run: bash "${RUNNER_TEMP}/gh-aw/actions/restore_inline_sub_agents.sh"
-      - name: Restore inline skills from activation artifact
-        env:
-          GH_AW_SKILL_DIR: ".github/skills"
-        run: bash "${RUNNER_TEMP}/gh-aw/actions/restore_inline_skills.sh"
      - name: Download container images
-        run: bash "${RUNNER_TEMP}/gh-aw/actions/download_docker_images.sh" ghcr.io/github/gh-aw-firewall/agent:0.27.2@sha256:f88e5b17b6b7a600117bc121114d6ce2155c88c983c0c939c5df884f730fa1d6 ghcr.io/github/gh-aw-firewall/api-proxy:0.27.2@sha256:ee39841d980878ebbb87592903b06d31a1af500c71525c9616f7e8e2a27041a4 ghcr.io/github/gh-aw-firewall/squid:0.27.2@sha256:2e3a717e5f19a654cd9a2263beb52012b56bcb68562ec5ae2e42f9d156b49591 ghcr.io/github/gh-aw-mcpg:v0.3.25@sha256:c10331ad17668ef89f38f5e356678788a40b0cd5fef96e8f92e1d9c1de47cbaa ghcr.io/github/github-mcp-server:v1.1.2@sha256:30197479d8036c7811892bc07e06f9a05c9ef3cdd79bc59f256d50647f95788c
+        run: bash "${RUNNER_TEMP}/gh-aw/actions/download_docker_images.sh" ghcr.io/github/gh-aw-firewall/agent:0.25.46 ghcr.io/github/gh-aw-firewall/api-proxy:0.25.46 ghcr.io/github/gh-aw-firewall/squid:0.25.46 ghcr.io/github/gh-aw-mcpg:v0.3.9@sha256:64828b42a4482f58fab16509d7f8f495a6d97c972a98a68aff20543531ac0388 ghcr.io/github/github-mcp-server:v1.0.4 node:lts-alpine@sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f
      - name: Generate Safe Outputs Config
+        env:
+          GH_AW_INPUT_PULL_REQUEST_NUMBER: ${{ inputs.pull_request_number }}
        run: |
          mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
          mkdir -p /tmp/gh-aw/safeoutputs
          mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
-          cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_823c5547a5e52957_EOF'
-          {"add_comment":{"max":1,"target":"${{ needs.prepare.outputs.pr_number }}"},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
-          GH_AW_SAFE_OUTPUTS_CONFIG_823c5547a5e52957_EOF
+          cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << GH_AW_SAFE_OUTPUTS_CONFIG_c7878b8b9775118a_EOF
+          {"add_comment":{"max":1,"target":"${GH_AW_INPUT_PULL_REQUEST_NUMBER}"},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
+          GH_AW_SAFE_OUTPUTS_CONFIG_c7878b8b9775118a_EOF
      - name: Generate Safe Outputs Tools
        env:
          GH_AW_TOOLS_META_JSON: |
            {
              "description_suffixes": {
-                "add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added. Target: ${{ needs.prepare.outputs.pr_number }}. Supports reply_to_id for discussion threading."
+                "add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added. Target: ${{ inputs.pull_request_number }}. Supports reply_to_id for discussion threading."
              },
              "repo_params": {},
              "dynamic_tools": []
@@ -678,21 +629,21 @@ jobs:
            * ) DOCKER_SOCK_PATH=/var/run/docker.sock ;;
          esac
          DOCKER_SOCK_GID=$(stat -c '%g' "$DOCKER_SOCK_PATH" 2>/dev/null || echo '0')
-          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.25'
+          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.9'
          
          mkdir -p /home/runner/.copilot
          GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
-          cat << GH_AW_MCP_CONFIG_f09adf73c5e58a42_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+          cat << GH_AW_MCP_CONFIG_103328ae7b98b0c7_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
          {
            "mcpServers": {
              "github": {
                "type": "stdio",
-                "container": "ghcr.io/github/github-mcp-server:v1.1.2",
+                "container": "ghcr.io/github/github-mcp-server:v1.0.4",
                "env": {
                  "GITHUB_HOST": "\${GITHUB_SERVER_URL}",
                  "GITHUB_PERSONAL_ACCESS_TOKEN": "\${GITHUB_MCP_SERVER_TOKEN}",
                  "GITHUB_READ_ONLY": "1",
-                  "GITHUB_TOOLSETS": "repos,pull_requests"
+                  "GITHUB_TOOLSETS": "context,repos,issues,pull_requests"
                },
                "guard-policies": {
                  "allow-only": {
@@ -726,7 +677,7 @@ jobs:
              "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
            }
          }
-          GH_AW_MCP_CONFIG_f09adf73c5e58a42_EOF
+          GH_AW_MCP_CONFIG_103328ae7b98b0c7_EOF
      - name: Mount MCP servers as CLIs
        id: mount-mcp-clis
        continue-on-error: true
@@ -755,48 +706,29 @@ jobs:
        run: |
          set -o pipefail
          printf '%s' "$(date +%s%3N)" > /tmp/gh-aw/agent_cli_start_ms.txt
-          trap 'rm -f /home/runner/.copilot/settings.json' EXIT
-          mkdir -p /home/runner/.copilot
-          printf '%s' '{"builtInAgents":{"rubberDuck":false}}' > /home/runner/.copilot/settings.json
          touch /tmp/gh-aw/agent-step-summary.md
          GH_AW_NODE_BIN=$(command -v node 2>/dev/null || true)
          export GH_AW_NODE_BIN
-          export COPILOT_API_KEY="$COPILOT_DUMMY_BYOK"
          (umask 177 && touch /tmp/gh-aw/agent-stdio.log)
-          GH_AW_MAX_AI_CREDITS="${{ vars.GH_AW_DEFAULT_MAX_AI_CREDITS || '1000' }}"
-          printf '%s\n' "{\"\$schema\":\"https://github.com/github/gh-aw-firewall/releases/download/v0.27.2/awf-config.schema.json\",\"network\":{\"allowDomains\":[\"*.pythonhosted.org\",\"anaconda.org\",\"api.business.githubcopilot.com\",\"api.enterprise.githubcopilot.com\",\"api.github.com\",\"api.githubcopilot.com\",\"api.individual.githubcopilot.com\",\"binstar.org\",\"bootstrap.pypa.io\",\"conda.anaconda.org\",\"conda.binstar.org\",\"files.pythonhosted.org\",\"github.com\",\"host.docker.internal\",\"pip.pypa.io\",\"pypi.org\",\"pypi.python.org\",\"raw.githubusercontent.com\",\"registry.npmjs.org\",\"repo.anaconda.com\",\"repo.continuum.io\",\"telemetry.enterprise.githubcopilot.com\"]},\"apiProxy\":{\"enabled\":true,\"enableTokenSteering\":true,\"maxRuns\":500,\"maxAiCredits\":${GH_AW_MAX_AI_CREDITS},\"models\":{\"agent\":[\"sonnet-6x\",\"gpt-5.4\",\"gpt-5.3\",\"gemini-pro\",\"any\"],\"antigravity\":[\"copilot/antigravity*\",\"google/antigravity*\",\"gemini/antigravity*\"],\"any\":[\"copilot/*\",\"anthropic/*\",\"openai/*\",\"google/*\",\"gemini/*\"],\"claude\":[\"agent\"],\"codex\":[\"agent\"],\"coding\":[\"copilot/gpt-5*codex*\",\"openai/gpt-5*codex*\",\"gpt-5-codex\"],\"computer-use\":[\"copilot/*computer-use*\",\"google/*computer-use*\",\"gemini/*computer-use*\",\"openai/*computer-use*\"],\"copilot\":[\"agent\"],\"deep-research\":[\"copilot/deep-research*\",\"copilot/o3-deep-research*\",\"copilot/o4-mini-deep-research*\",\"google/deep-research*\",\"gemini/deep-research*\",\"openai/o3-deep-research*\",\"openai/o4-mini-deep-research*\"],\"gemini\":[\"agent\"],\"gemini-3-flash\":[\"copilot/gemini-3*flash*\",\"google/gemini-3*flash*\",\"gemini/gemini-3*flash*\"],\"gemini-3-pro\":[\"copilot/gemini-3*pro*\",\"google/gemini-3*pro*\",\"google/nano-banana*\",\"gemini/gemini-3*pro*\"],\"gemini-3.1-flash\":[\"copilot/gemini-3.1*flash*\",\"google/gemini-3.1*flash*\",\"gemini/gemini-3.1*flash*\"],\"gemini-3.1-pro\":[\"copilot/gemini-3.1*pro*\",\"google/gemini-3.1*pro*\",\"gemini/gemini-3.1*pro*\"],\"gemini-3.5-flash\":[\"copilot/gemini-3.5*flash*\",\"google/gemini-3.5*flash*\",\"gemini/gemini-3.5*flash*\"],\"gemini-flash\":[\"copilot/gemini-*flash*\",\"google/gemini-*flash*\",\"gemini/gemini-*flash*\"],\"gemini-flash-lite\":[\"copilot/gemini-*flash*lite*\",\"google/gemini-*flash*lite*\",\"gemini/gemini-*flash*lite*\"],\"gemini-pro\":[\"copilot/gemini-*pro*\",\"google/gemini-*pro*\",\"gemini/gemini-*pro*\"],\"gemma\":[\"copilot/gemma*\",\"google/gemma*\",\"gemini/gemma*\"],\"gpt-5\":[\"copilot/gpt-5*\",\"openai/gpt-5*\"],\"gpt-5-codex\":[\"copilot/gpt-5*codex*\",\"openai/gpt-5*codex*\"],\"gpt-5-mini\":[\"copilot/gpt-5*mini*\",\"openai/gpt-5*mini*\"],\"gpt-5-nano\":[\"copilot/gpt-5*nano*\",\"openai/gpt-5*nano*\"],\"gpt-5-pro\":[\"copilot/gpt-5*pro*\",\"openai/gpt-5*pro*\"],\"gpt-5.2\":[\"copilot/gpt-5.2*\",\"openai/gpt-5.2*\"],\"gpt-5.3\":[\"copilot/gpt-5.3*\",\"openai/gpt-5.3*\"],\"gpt-5.4\":[\"copilot/gpt-5.4*\",\"openai/gpt-5.4*\"],\"gpt-5.5\":[\"copilot/gpt-5.5*\",\"openai/gpt-5.5*\"],\"haiku\":[\"copilot/*haiku*\",\"anthropic/*haiku*\"],\"large\":[\"sonnet\",\"gpt-5-pro\",\"gpt-5\",\"gemini-pro\"],\"mai-code\":[\"copilot/MAI-Code*\",\"copilot/mai-code*\",\"openai/MAI-Code*\"],\"mini\":[\"haiku\",\"gpt-5-mini\",\"gpt-5-nano\",\"gemini-flash-lite\"],\"nano-banana\":[\"copilot/nano-banana*\",\"google/nano-banana*\",\"gemini/nano-banana*\"],\"opus\":[\"copilot/*opus*\",\"anthropic/*opus*\"],\"opusplan\":[\"opus?effort=high\"],\"reasoning\":[\"copilot/o1*\",\"copilot/o3*\",\"copilot/o4*\",\"openai/o1*\",\"openai/o3*\",\"openai/o4*\"],\"robotics\":[\"copilot/*robotics*\",\"google/*robotics*\",\"gemini/*robotics*\"],\"small\":[\"mini\"],\"small-agent\":[\"haiku\",\"gpt-5-mini\",\"gemini-flash\"],\"sonnet\":[\"copilot/*sonnet*\",\"anthropic/*sonnet*\"],\"sonnet-6x\":[\"copilot/*sonnet-4.5*\",\"copilot/*sonnet-4.6*\",\"copilot/*sonnet-4-5-*\",\"anthropic/*sonnet-4-5-*\",\"copilot/*sonnet-4-6*\",\"anthropic/*sonnet-4-6*\"],\"summarization\":[\"haiku\",\"gpt-5-mini\",\"gemini-flash-lite\",\"mini\"],\"vision\":[\"copilot/gemini-*image*\",\"gemini/gemini-*image*\",\"copilot/gemini-*flash*\",\"gemini/gemini-*flash*\"]}},\"container\":{\"imageTag\":\"0.27.2,squid=sha256:2e3a717e5f19a654cd9a2263beb52012b56bcb68562ec5ae2e42f9d156b49591,agent=sha256:f88e5b17b6b7a600117bc121114d6ce2155c88c983c0c939c5df884f730fa1d6,api-proxy=sha256:ee39841d980878ebbb87592903b06d31a1af500c71525c9616f7e8e2a27041a4,cli-proxy=sha256:02f3ec08f32dc26c5427920c6a2e2f3036238fce44802f2f11ef49ed8621b5d0\"}}" > "${RUNNER_TEMP}/gh-aw/awf-config.json"
-          GH_AW_MODEL_MULTIPLIERS_PATH="/tmp/gh-aw/model_multipliers.json" node "${RUNNER_TEMP}/gh-aw/actions/merge_awf_model_multipliers.cjs"
-          cp "${RUNNER_TEMP}/gh-aw/awf-config.json" /tmp/gh-aw/awf-config.json
-          export GH_AW_MODELS_JSON_PATH="/tmp/gh-aw/models.json"
+          printf '%s\n' '{"$schema":"https://github.com/github/gh-aw-firewall/releases/download/v0.25.46/awf-config.schema.json","network":{"allowDomains":["*.pythonhosted.org","anaconda.org","api.business.githubcopilot.com","api.enterprise.githubcopilot.com","api.github.com","api.githubcopilot.com","api.individual.githubcopilot.com","binstar.org","bootstrap.pypa.io","conda.anaconda.org","conda.binstar.org","files.pythonhosted.org","github.com","host.docker.internal","pip.pypa.io","pypi.org","pypi.python.org","raw.githubusercontent.com","registry.npmjs.org","repo.anaconda.com","repo.continuum.io","telemetry.enterprise.githubcopilot.com"]},"apiProxy":{"enabled":true,"enableTokenSteering":true,"maxRuns":500,"maxEffectiveTokens":25000000,"models":{"auto":["large"],"coding":["copilot/gpt-5*codex*","openai/gpt-5*codex*","gpt-5-codex"],"deep-research":["copilot/deep-research*","copilot/o3-deep-research*","copilot/o4-mini-deep-research*","google/deep-research*","gemini/deep-research*","openai/o3-deep-research*","openai/o4-mini-deep-research*"],"gemini-flash":["copilot/gemini-*flash*","google/gemini-*flash*","gemini/gemini-*flash*"],"gemini-flash-lite":["copilot/gemini-*flash*lite*","google/gemini-*flash*lite*","gemini/gemini-*flash*lite*"],"gemini-pro":["copilot/gemini-*pro*","google/gemini-*pro*","gemini/gemini-*pro*"],"gemma":["copilot/gemma*","google/gemma*","gemini/gemma*"],"gpt-4.1":["copilot/gpt-4.1*","openai/gpt-4.1*"],"gpt-5":["copilot/gpt-5*","openai/gpt-5*"],"gpt-5-codex":["copilot/gpt-5*codex*","openai/gpt-5*codex*"],"gpt-5-mini":["copilot/gpt-5*mini*","openai/gpt-5*mini*"],"gpt-5-nano":["copilot/gpt-5*nano*","openai/gpt-5*nano*"],"gpt-5-pro":["copilot/gpt-5*pro*","openai/gpt-5*pro*"],"haiku":["copilot/*haiku*","anthropic/*haiku*"],"large":["sonnet","gpt-5-pro","gpt-5","gemini-pro"],"mini":["haiku","gpt-5-mini","gpt-5-nano","gemini-flash-lite"],"opus":["copilot/*opus*","anthropic/*opus*"],"reasoning":["copilot/o1*","copilot/o3*","copilot/o4*","openai/o1*","openai/o3*","openai/o4*"],"small":["mini"],"sonnet":["copilot/*sonnet*","anthropic/*sonnet*"],"vision":["copilot/gemini-*image*","gemini/gemini-*image*","copilot/gemini-*flash*","gemini/gemini-*flash*"]}},"container":{"imageTag":"0.25.46"}}' > "${RUNNER_TEMP}/gh-aw/awf-config.json" && cp "${RUNNER_TEMP}/gh-aw/awf-config.json" /tmp/gh-aw/awf-config.json
          GH_AW_DOCKER_HOST_PATH_PREFIX_ARGS=""
          if [[ "${DOCKER_HOST:-}" =~ ^tcp:// ]]; then
            GH_AW_DOCKER_HOST_PATH_PREFIX_ARGS="--docker-host-path-prefix /tmp/gh-aw"
          fi
-          GH_AW_TOOL_CACHE_MOUNT=""
-          GH_AW_TOOL_CACHE="${RUNNER_TOOL_CACHE:-/opt/hostedtoolcache}"
-          if [ -d "$GH_AW_TOOL_CACHE" ]; then
-            if [[ "$GH_AW_TOOL_CACHE" != /opt/* ]]; then
-              GH_AW_TOOL_CACHE_MOUNT="$GH_AW_TOOL_CACHE:$GH_AW_TOOL_CACHE:ro"
-            fi
-          elif [ -d "/home/runner/work/_tool" ]; then
-            GH_AW_TOOL_CACHE_MOUNT="/home/runner/work/_tool:/home/runner/work/_tool:ro"
-          fi
          # shellcheck disable=SC1003
-          sudo -E awf --config "${RUNNER_TEMP}/gh-aw/awf-config.json" --container-workdir "${GITHUB_WORKSPACE}" --mount "${RUNNER_TEMP}/gh-aw:${RUNNER_TEMP}/gh-aw:ro" --mount "${RUNNER_TEMP}/gh-aw:/host${RUNNER_TEMP}/gh-aw:ro" ${GH_AW_TOOL_CACHE_MOUNT:+--mount "$GH_AW_TOOL_CACHE_MOUNT"} ${GH_AW_DOCKER_HOST_PATH_PREFIX_ARGS} --env-all --exclude-env COPILOT_GITHUB_TOKEN --exclude-env GITHUB_MCP_SERVER_TOKEN --exclude-env MCP_GATEWAY_API_KEY --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs --audit-dir /tmp/gh-aw/sandbox/firewall/audit --enable-host-access --allow-host-ports 80,443,8080 --skip-pull \
-            -- /bin/bash -c 'set +o histexpand; export PATH="${RUNNER_TEMP}/gh-aw/mcp-cli/bin:$PATH" && GH_AW_TOOL_CACHE="${RUNNER_TOOL_CACHE:-/opt/hostedtoolcache}"; export PATH="$(find "$GH_AW_TOOL_CACHE" /opt/hostedtoolcache /home/runner/work/_tool -maxdepth 5 -type d -name bin 2>/dev/null | tr '\''\n'\'' '\'':'\'')$PATH"; [ -n "$GOROOT" ] && export PATH="$GOROOT/bin:$PATH" || true && GH_AW_NODE_EXEC="${GH_AW_NODE_BIN:-}"; if [ -z "$GH_AW_NODE_EXEC" ] || [ ! -x "$GH_AW_NODE_EXEC" ]; then GH_AW_NODE_EXEC="$(command -v node 2>/dev/null || true)"; fi; if [ -z "$GH_AW_NODE_EXEC" ]; then echo "node runtime missing on this runner — check runtimes.node in workflow YAML" >&2; exit 127; fi; GH_AW_NPM_GLOBAL_ROOT="$(npm root -g 2>/dev/null || true)"; if [ -n "$GH_AW_NPM_GLOBAL_ROOT" ]; then export NODE_PATH="${GH_AW_NPM_GLOBAL_ROOT}${NODE_PATH:+:${NODE_PATH}}"; fi; "$GH_AW_NODE_EXEC" ${RUNNER_TEMP}/gh-aw/actions/copilot_harness.cjs /usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --disable-builtin-mcps --no-ask-user --allow-all-tools --allow-all-paths --add-dir "${GITHUB_WORKSPACE}" --prompt-file /tmp/gh-aw/aw-prompts/prompt.txt' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log
+          sudo -E awf --config "${RUNNER_TEMP}/gh-aw/awf-config.json" --container-workdir "${GITHUB_WORKSPACE}" --mount "${RUNNER_TEMP}/gh-aw:${RUNNER_TEMP}/gh-aw:ro" --mount "${RUNNER_TEMP}/gh-aw:/host${RUNNER_TEMP}/gh-aw:ro" ${GH_AW_DOCKER_HOST_PATH_PREFIX_ARGS} --env-all --exclude-env COPILOT_GITHUB_TOKEN --exclude-env GITHUB_MCP_SERVER_TOKEN --exclude-env MCP_GATEWAY_API_KEY --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs --audit-dir /tmp/gh-aw/sandbox/firewall/audit --enable-host-access --allow-host-ports 80,443,8080 --skip-pull \
+            -- /bin/bash -c 'export PATH="${RUNNER_TEMP}/gh-aw/mcp-cli/bin:$PATH" && export PATH="$(find /opt/hostedtoolcache /home/runner/work/_tool -maxdepth 5 -type d -name bin 2>/dev/null | tr '\''\n'\'' '\'':'\'')$PATH"; [ -n "$GOROOT" ] && export PATH="$GOROOT/bin:$PATH" || true && GH_AW_NODE_EXEC="${GH_AW_NODE_BIN:-}"; if [ -z "$GH_AW_NODE_EXEC" ] || [ ! -x "$GH_AW_NODE_EXEC" ]; then GH_AW_NODE_EXEC="$(command -v node 2>/dev/null || true)"; fi; if [ -z "$GH_AW_NODE_EXEC" ]; then echo "node runtime missing on this runner — check runtimes.node in workflow YAML" >&2; exit 127; fi; "$GH_AW_NODE_EXEC" ${RUNNER_TEMP}/gh-aw/actions/copilot_harness.cjs /usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --disable-builtin-mcps --no-ask-user --allow-all-tools --allow-all-paths --add-dir "${GITHUB_WORKSPACE}" --prompt-file /tmp/gh-aw/aw-prompts/prompt.txt' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log
        env:
          AWF_REFLECT_ENABLED: 1
          COPILOT_AGENT_RUNNER_TYPE: STANDALONE
-          COPILOT_DUMMY_BYOK: dummy-byok-key-for-offline-mode
+          COPILOT_API_KEY: dummy-byok-key-for-offline-mode
          COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }}
-          COPILOT_MODEL: ${{ vars.GH_AW_MODEL_AGENT_COPILOT || vars.GH_AW_DEFAULT_MODEL_COPILOT || 'claude-sonnet-4.6' }}
-          GH_AW_MAX_TURNS: ${{ vars.GH_AW_DEFAULT_MAX_TURNS || '' }}
+          COPILOT_MODEL: ${{ vars.GH_AW_MODEL_AGENT_COPILOT || 'claude-sonnet-4.6' }}
          GH_AW_MCP_CONFIG: /home/runner/.copilot/mcp-config.json
          GH_AW_PHASE: agent
          GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
          GH_AW_SAFE_OUTPUTS: ${{ steps.set-runtime-paths.outputs.GH_AW_SAFE_OUTPUTS }}
-          GH_AW_TIMEOUT_MINUTES: 20
-          GH_AW_VERSION: v0.79.6
+          GH_AW_VERSION: v0.74.4
          GITHUB_API_URL: ${{ github.api_url }}
          GITHUB_AW: true
          GITHUB_COPILOT_INTEGRATION_ID: agentic-workflows
@@ -810,13 +742,12 @@ jobs:
          GIT_AUTHOR_NAME: github-actions[bot]
          GIT_COMMITTER_EMAIL: github-actions[bot]@users.noreply.github.com
          GIT_COMMITTER_NAME: github-actions[bot]
-          RUNNER_TEMP: ${{ runner.temp }}
          XDG_CONFIG_HOME: /home/runner
-      - name: Detect agent errors
+      - name: Detect Copilot errors
+        id: detect-copilot-errors
        if: always()
-        id: detect-agent-errors
        continue-on-error: true
-        run: node "${RUNNER_TEMP}/gh-aw/actions/detect_agent_errors.cjs"
+        run: node "${RUNNER_TEMP}/gh-aw/actions/detect_copilot_errors.cjs"
      - name: Configure Git credentials
        env:
          REPO_NAME: ${{ github.repository }}
@@ -945,7 +876,7 @@ jobs:
          if [ ! -f /tmp/gh-aw/agent_output.json ]; then
            echo '{"items":[]}' > /tmp/gh-aw/agent_output.json
          fi
-      - if: always() && github.event.workflow_run.conclusion == 'success'
+      - if: always()
        name: Verify agent produced an add_comment safe-output
        run: |-
          OUTPUT=/tmp/gh-aw/agent_output.json
@@ -993,11 +924,10 @@ jobs:
      - activation
      - agent
      - detection
-      - prepare
      - safe_outputs
    if: >
      always() && (needs.agent.result != 'skipped' || needs.activation.outputs.lockdown_check_failed == 'true' ||
-      needs.activation.outputs.stale_lock_file_failed == 'true' || needs.activation.outputs.daily_effective_workflow_exceeded == 'true')
+      needs.activation.outputs.stale_lock_file_failed == 'true')
    runs-on: ubuntu-slim
    permissions:
      contents: read
@@ -1016,17 +946,16 @@ jobs:
    steps:
      - name: Setup Scripts
        id: setup
-        uses: github/gh-aw-actions/setup@5c2fe865bb4dc46e1450f6ee0d0541d759aea73a # v0.79.6
+        uses: github/gh-aw-actions/setup@d3abfe96a194bce3a523ed2093ddedd5704cdf62 # v0.74.4
        with:
          destination: ${{ runner.temp }}/gh-aw/actions
          job-name: ${{ github.job }}
          trace-id: ${{ needs.activation.outputs.setup-trace-id }}
          parent-span-id: ${{ needs.activation.outputs.setup-parent-span-id || needs.activation.outputs.setup-span-id }}
        env:
-          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements (AW)"
+          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements"
          GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/check-requirements.lock.yml@${{ github.ref }}
-          GH_AW_INFO_VERSION: "1.0.60"
-          GH_AW_INFO_AWF_VERSION: "v0.27.2"
+          GH_AW_INFO_VERSION: "1.0.48"
          GH_AW_INFO_ENGINE_ID: "copilot"
      - name: Download agent output artifact
        id: download-agent-output
@@ -1042,55 +971,16 @@ jobs:
          mkdir -p /tmp/gh-aw/
          find "/tmp/gh-aw/" -type f -print
          echo "GH_AW_AGENT_OUTPUT=/tmp/gh-aw/agent_output.json" >> "$GITHUB_OUTPUT"
-      - name: Collect usage artifact files
-        if: always()
-        continue-on-error: true
-        run: |
-          mkdir -p /tmp/gh-aw/usage/agent /tmp/gh-aw/usage/detection
-          echo "Usage artifact source file status:"
-          for file in /tmp/gh-aw/aw-info.jsonl /tmp/gh-aw/agent_usage.jsonl /tmp/gh-aw/detection_usage.jsonl /tmp/gh-aw/sandbox/firewall-audit-logs/api-proxy-logs/token-usage.jsonl /tmp/gh-aw/sandbox/firewall/logs/api-proxy-logs/token-usage.jsonl /tmp/gh-aw/sandbox/firewall/audit/api-proxy-logs/token-usage.jsonl /tmp/gh-aw/threat-detection/sandbox/firewall-audit-logs/api-proxy-logs/token-usage.jsonl /tmp/gh-aw/threat-detection/sandbox/firewall/logs/api-proxy-logs/token-usage.jsonl /tmp/gh-aw/threat-detection/sandbox/firewall/audit/api-proxy-logs/token-usage.jsonl; do
-            [ -f "$file" ] && echo "FOUND: $file" || echo "MISSING: $file"
-          done
-          [ -f /tmp/gh-aw/aw-info.jsonl ] && cp /tmp/gh-aw/aw-info.jsonl /tmp/gh-aw/usage/aw-info.jsonl || true
-          [ -f /tmp/gh-aw/agent_usage.jsonl ] && cp /tmp/gh-aw/agent_usage.jsonl /tmp/gh-aw/usage/agent_usage.jsonl || true
-          [ -f /tmp/gh-aw/detection_usage.jsonl ] && cp /tmp/gh-aw/detection_usage.jsonl /tmp/gh-aw/usage/detection_usage.jsonl || true
-          [ -f /tmp/gh-aw/sandbox/firewall-audit-logs/api-proxy-logs/token-usage.jsonl ] && cp /tmp/gh-aw/sandbox/firewall-audit-logs/api-proxy-logs/token-usage.jsonl /tmp/gh-aw/usage/agent/token_usage.jsonl || true
-          [ -f /tmp/gh-aw/sandbox/firewall/logs/api-proxy-logs/token-usage.jsonl ] && cp /tmp/gh-aw/sandbox/firewall/logs/api-proxy-logs/token-usage.jsonl /tmp/gh-aw/usage/agent/token_usage.jsonl || true
-          [ -f /tmp/gh-aw/sandbox/firewall/audit/api-proxy-logs/token-usage.jsonl ] && cp /tmp/gh-aw/sandbox/firewall/audit/api-proxy-logs/token-usage.jsonl /tmp/gh-aw/usage/agent/token_usage.jsonl || true
-          [ -f /tmp/gh-aw/threat-detection/sandbox/firewall-audit-logs/api-proxy-logs/token-usage.jsonl ] && cp /tmp/gh-aw/threat-detection/sandbox/firewall-audit-logs/api-proxy-logs/token-usage.jsonl /tmp/gh-aw/usage/detection/token_usage.jsonl || true
-          [ -f /tmp/gh-aw/threat-detection/sandbox/firewall/logs/api-proxy-logs/token-usage.jsonl ] && cp /tmp/gh-aw/threat-detection/sandbox/firewall/logs/api-proxy-logs/token-usage.jsonl /tmp/gh-aw/usage/detection/token_usage.jsonl || true
-          [ -f /tmp/gh-aw/threat-detection/sandbox/firewall/audit/api-proxy-logs/token-usage.jsonl ] && cp /tmp/gh-aw/threat-detection/sandbox/firewall/audit/api-proxy-logs/token-usage.jsonl /tmp/gh-aw/usage/detection/token_usage.jsonl || true
-          [ -f /tmp/gh-aw/usage/agent/token_usage.jsonl ] || : > /tmp/gh-aw/usage/agent/token_usage.jsonl
-          [ -f /tmp/gh-aw/usage/detection/token_usage.jsonl ] || : > /tmp/gh-aw/usage/detection/token_usage.jsonl
-          find /tmp/gh-aw/usage -type f -print | sort
-      - name: Upload usage artifact
-        if: always()
-        continue-on-error: true
-        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
-        with:
-          name: usage
-          path: |
-            /tmp/gh-aw/usage/aw-info.jsonl
-            /tmp/gh-aw/usage/agent_usage.jsonl
-            /tmp/gh-aw/usage/detection_usage.jsonl
-            /tmp/gh-aw/usage/agent/token_usage.jsonl
-            /tmp/gh-aw/usage/detection/token_usage.jsonl
-          if-no-files-found: ignore
      - name: Process no-op messages
        id: noop
        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
        env:
          GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }}
          GH_AW_NOOP_MAX: "1"
-          GH_AW_WORKFLOW_NAME: "Check requirements (AW)"
-          GH_AW_WORKFLOW_SOURCE_URL: "${{ github.server_url }}/${{ github.repository }}/blob/${{ github.ref_name }}/.github/workflows/check-requirements.md"
+          GH_AW_WORKFLOW_NAME: "Check requirements"
          GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
          GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
          GH_AW_NOOP_REPORT_AS_ISSUE: "true"
-          GH_AW_AIC: ${{ needs.agent.outputs.aic }}
-          GH_AW_THREAT_DETECTION_AIC: ${{ needs.detection.outputs.aic }}
-          GH_AW_AMBIENT_CONTEXT: ${{ needs.agent.outputs.ambient_context }}
-          GH_AW_WORKFLOW_ID: "check-requirements"
        with:
          github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
          script: |
@@ -1103,8 +993,7 @@ jobs:
        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
        env:
          GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }}
-          GH_AW_WORKFLOW_NAME: "Check requirements (AW)"
-          GH_AW_WORKFLOW_SOURCE_URL: "${{ github.server_url }}/${{ github.repository }}/blob/${{ github.ref_name }}/.github/workflows/check-requirements.md"
+          GH_AW_WORKFLOW_NAME: "Check requirements"
          GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
          GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
          GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
@@ -1121,8 +1010,7 @@ jobs:
        env:
          GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }}
          GH_AW_MISSING_TOOL_CREATE_ISSUE: "true"
-          GH_AW_WORKFLOW_NAME: "Check requirements (AW)"
-          GH_AW_WORKFLOW_SOURCE_URL: "${{ github.server_url }}/${{ github.repository }}/blob/${{ github.ref_name }}/.github/workflows/check-requirements.md"
+          GH_AW_WORKFLOW_NAME: "Check requirements"
        with:
          github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
          script: |
@@ -1136,8 +1024,7 @@ jobs:
        env:
          GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }}
          GH_AW_REPORT_INCOMPLETE_CREATE_ISSUE: "true"
-          GH_AW_WORKFLOW_NAME: "Check requirements (AW)"
-          GH_AW_WORKFLOW_SOURCE_URL: "${{ github.server_url }}/${{ github.repository }}/blob/${{ github.ref_name }}/.github/workflows/check-requirements.md"
+          GH_AW_WORKFLOW_NAME: "Check requirements"
        with:
          github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
          script: |
@@ -1151,8 +1038,7 @@ jobs:
        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
        env:
          GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }}
-          GH_AW_WORKFLOW_NAME: "Check requirements (AW)"
-          GH_AW_WORKFLOW_SOURCE_URL: "${{ github.server_url }}/${{ github.repository }}/blob/${{ github.ref_name }}/.github/workflows/check-requirements.md"
+          GH_AW_WORKFLOW_NAME: "Check requirements"
          GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
          GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
          GH_AW_WORKFLOW_ID: "check-requirements"
@@ -1161,11 +1047,7 @@ jobs:
          GH_AW_SECRET_VERIFICATION_RESULT: ${{ needs.activation.outputs.secret_verification_result }}
          GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
          GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens || '' }}
-          GH_AW_AI_CREDITS_RATE_LIMIT_ERROR: ${{ needs.agent.outputs.ai_credits_rate_limit_error || 'false' }}
-          GH_AW_UNKNOWN_MODEL_AI_CREDITS: ${{ needs.agent.outputs.unknown_model_ai_credits || 'false' }}
-          GH_AW_AIC: ${{ needs.agent.outputs.aic }}
-          GH_AW_THREAT_DETECTION_AIC: ${{ needs.detection.outputs.aic }}
-          GH_AW_MAX_AI_CREDITS: ${{ vars.GH_AW_DEFAULT_MAX_AI_CREDITS || '1000' }}
+          GH_AW_EFFECTIVE_TOKENS_RATE_LIMIT_ERROR: ${{ needs.agent.outputs.effective_tokens_rate_limit_error || 'false' }}
          GH_AW_INFERENCE_ACCESS_ERROR: ${{ needs.agent.outputs.inference_access_error }}
          GH_AW_MCP_POLICY_ERROR: ${{ needs.agent.outputs.mcp_policy_error }}
          GH_AW_AGENTIC_ENGINE_TIMEOUT: ${{ needs.agent.outputs.agentic_engine_timeout }}
@@ -1173,14 +1055,12 @@ jobs:
          GH_AW_ENGINE_API_HOSTS: "api.enterprise.githubcopilot.com,api.githubcopilot.com,api.business.githubcopilot.com,api.individual.githubcopilot.com"
          GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
          GH_AW_STALE_LOCK_FILE_FAILED: ${{ needs.activation.outputs.stale_lock_file_failed }}
-          GH_AW_DAILY_EFFECTIVE_WORKFLOW_EXCEEDED: ${{ needs.activation.outputs.daily_effective_workflow_exceeded }}
-          GH_AW_DAILY_EFFECTIVE_WORKFLOW_TOTAL_EFFECTIVE_TOKENS: ${{ needs.activation.outputs.daily_effective_workflow_total_effective_tokens }}
-          GH_AW_DAILY_EFFECTIVE_WORKFLOW_THRESHOLD: ${{ needs.activation.outputs.daily_effective_workflow_threshold }}
          GH_AW_GROUP_REPORTS: "false"
          GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
          GH_AW_MISSING_TOOL_REPORT_AS_FAILURE: "true"
          GH_AW_MISSING_DATA_REPORT_AS_FAILURE: "true"
          GH_AW_TIMEOUT_MINUTES: "20"
+          GH_AW_MAX_EFFECTIVE_TOKENS: "25000000"
        with:
          github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
          script: |
@@ -1199,24 +1079,22 @@ jobs:
    permissions:
      contents: read
    outputs:
-      aic: ${{ steps.parse_detection_token_usage.outputs.aic }}
      detection_conclusion: ${{ steps.detection_conclusion.outputs.conclusion }}
      detection_reason: ${{ steps.detection_conclusion.outputs.reason }}
      detection_success: ${{ steps.detection_conclusion.outputs.success }}
    steps:
      - name: Setup Scripts
        id: setup
-        uses: github/gh-aw-actions/setup@5c2fe865bb4dc46e1450f6ee0d0541d759aea73a # v0.79.6
+        uses: github/gh-aw-actions/setup@d3abfe96a194bce3a523ed2093ddedd5704cdf62 # v0.74.4
        with:
          destination: ${{ runner.temp }}/gh-aw/actions
          job-name: ${{ github.job }}
          trace-id: ${{ needs.activation.outputs.setup-trace-id }}
          parent-span-id: ${{ needs.activation.outputs.setup-parent-span-id || needs.activation.outputs.setup-span-id }}
        env:
-          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements (AW)"
+          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements"
          GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/check-requirements.lock.yml@${{ github.ref }}
-          GH_AW_INFO_VERSION: "1.0.60"
-          GH_AW_INFO_AWF_VERSION: "v0.27.2"
+          GH_AW_INFO_VERSION: "1.0.48"
          GH_AW_INFO_ENGINE_ID: "copilot"
      - name: Download agent output artifact
        id: download-agent-output
@@ -1234,7 +1112,7 @@ jobs:
          echo "GH_AW_AGENT_OUTPUT=/tmp/gh-aw/agent_output.json" >> "$GITHUB_OUTPUT"
      - name: Checkout repository for patch context
        if: needs.agent.outputs.has_patch == 'true'
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
      # --- Threat Detection ---
@@ -1243,7 +1121,7 @@ jobs:
          rm -rf /tmp/gh-aw/sandbox/firewall/logs
          rm -rf /tmp/gh-aw/sandbox/firewall/audit
      - name: Download container images
-        run: bash "${RUNNER_TEMP}/gh-aw/actions/download_docker_images.sh" ghcr.io/github/gh-aw-firewall/agent:0.27.2@sha256:f88e5b17b6b7a600117bc121114d6ce2155c88c983c0c939c5df884f730fa1d6 ghcr.io/github/gh-aw-firewall/api-proxy:0.27.2@sha256:ee39841d980878ebbb87592903b06d31a1af500c71525c9616f7e8e2a27041a4 ghcr.io/github/gh-aw-firewall/squid:0.27.2@sha256:2e3a717e5f19a654cd9a2263beb52012b56bcb68562ec5ae2e42f9d156b49591
+        run: bash "${RUNNER_TEMP}/gh-aw/actions/download_docker_images.sh" ghcr.io/github/gh-aw-firewall/agent:0.25.46 ghcr.io/github/gh-aw-firewall/api-proxy:0.25.46 ghcr.io/github/gh-aw-firewall/squid:0.25.46
      - name: Check if detection needed
        id: detection_guard
        if: always()
@@ -1268,11 +1146,7 @@ jobs:
        if: always() && steps.detection_guard.outputs.run_detection == 'true'
        run: |
          mkdir -p /tmp/gh-aw/threat-detection/aw-prompts
-          rm -f /tmp/gh-aw/agent_usage.json
          cp /tmp/gh-aw/aw-prompts/prompt.txt /tmp/gh-aw/threat-detection/aw-prompts/prompt.txt 2>/dev/null || true
-          if [ ! -s /tmp/gh-aw/threat-detection/aw-prompts/prompt.txt ]; then
-            echo "::warning::ERR_VALIDATION: Missing or empty detection context prompt at /tmp/gh-aw/threat-detection/aw-prompts/prompt.txt. Ensure the agent artifact includes /tmp/gh-aw/aw-prompts/prompt.txt. Detection will continue with fallback workflow context."
-          fi
          cp /tmp/gh-aw/agent_output.json /tmp/gh-aw/threat-detection/agent_output.json 2>/dev/null || true
          for f in /tmp/gh-aw/aw-*.patch; do
            [ -f "$f" ] && cp "$f" /tmp/gh-aw/threat-detection/ 2>/dev/null || true
@@ -1286,8 +1160,8 @@ jobs:
        if: always() && steps.detection_guard.outputs.run_detection == 'true'
        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
        env:
-          WORKFLOW_NAME: "Check requirements (AW)"
-          WORKFLOW_DESCRIPTION: "Resolves the deterministic-stage artifact's NEEDS_AGENT checks for changed Python package requirements on PRs targeting the core repo, then posts the final review comment. Triggered by completion of the deterministic workflow. Reads the uploaded artifact from disk, replaces placeholders for any check whose status is `needs_agent`, and posts the merged comment using the PR number recorded inside the artifact itself. Each check kind has a dedicated instruction section below; if the artifact contains a check kind that does not have a section here, the agent fails hard rather than guess."
+          WORKFLOW_NAME: "Check requirements"
+          WORKFLOW_DESCRIPTION: "Checks changed Python package requirements on PRs targeting the core repo (including PRs opened from forks) and verifies licenses match PyPI metadata, source repositories are publicly accessible, PyPI releases were uploaded via automated CI (Trusted Publisher attestation), the package's release pipeline uses OIDC or equivalent automated credentials (not static tokens), and the PR description contains the required links."
          HAS_PATCH: ${{ needs.agent.outputs.has_patch }}
        with:
          script: |
@@ -1306,11 +1180,11 @@ jobs:
          node-version: '24'
          package-manager-cache: false
      - name: Install GitHub Copilot CLI
-        run: bash "${RUNNER_TEMP}/gh-aw/actions/install_copilot_cli.sh" 1.0.60
+        run: bash "${RUNNER_TEMP}/gh-aw/actions/install_copilot_cli.sh" 1.0.48
        env:
          GH_HOST: github.com
      - name: Install AWF binary
-        run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.27.2
+        run: bash "${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh" v0.25.46
      - name: Execute GitHub Copilot CLI
        if: always() && steps.detection_guard.outputs.run_detection == 'true'
        continue-on-error: true
@@ -1320,46 +1194,27 @@ jobs:
        run: |
          set -o pipefail
          printf '%s' "$(date +%s%3N)" > /tmp/gh-aw/agent_cli_start_ms.txt
-          trap 'rm -f /home/runner/.copilot/settings.json' EXIT
-          mkdir -p /home/runner/.copilot
-          printf '%s' '{"builtInAgents":{"rubberDuck":false}}' > /home/runner/.copilot/settings.json
          touch /tmp/gh-aw/agent-step-summary.md
          GH_AW_NODE_BIN=$(command -v node 2>/dev/null || true)
          export GH_AW_NODE_BIN
-          export COPILOT_API_KEY="$COPILOT_DUMMY_BYOK"
          (umask 177 && touch /tmp/gh-aw/threat-detection/detection.log)
-          GH_AW_MAX_AI_CREDITS="${{ vars.GH_AW_DEFAULT_DETECTION_MAX_AI_CREDITS || '400' }}"
-          printf '%s\n' "{\"\$schema\":\"https://github.com/github/gh-aw-firewall/releases/download/v0.27.2/awf-config.schema.json\",\"network\":{\"allowDomains\":[\"api.business.githubcopilot.com\",\"api.enterprise.githubcopilot.com\",\"api.github.com\",\"api.githubcopilot.com\",\"api.individual.githubcopilot.com\",\"github.com\",\"host.docker.internal\",\"registry.npmjs.org\",\"telemetry.enterprise.githubcopilot.com\"]},\"apiProxy\":{\"enabled\":true,\"enableTokenSteering\":true,\"maxRuns\":500,\"maxAiCredits\":${GH_AW_MAX_AI_CREDITS}},\"container\":{\"imageTag\":\"0.27.2,squid=sha256:2e3a717e5f19a654cd9a2263beb52012b56bcb68562ec5ae2e42f9d156b49591,agent=sha256:f88e5b17b6b7a600117bc121114d6ce2155c88c983c0c939c5df884f730fa1d6,api-proxy=sha256:ee39841d980878ebbb87592903b06d31a1af500c71525c9616f7e8e2a27041a4,cli-proxy=sha256:02f3ec08f32dc26c5427920c6a2e2f3036238fce44802f2f11ef49ed8621b5d0\"}}" > "${RUNNER_TEMP}/gh-aw/awf-config.json"
-          GH_AW_MODEL_MULTIPLIERS_PATH="/tmp/gh-aw/model_multipliers.json" node "${RUNNER_TEMP}/gh-aw/actions/merge_awf_model_multipliers.cjs"
-          cp "${RUNNER_TEMP}/gh-aw/awf-config.json" /tmp/gh-aw/awf-config.json
-          export GH_AW_MODELS_JSON_PATH="/tmp/gh-aw/models.json"
+          printf '%s\n' '{"$schema":"https://github.com/github/gh-aw-firewall/releases/download/v0.25.46/awf-config.schema.json","network":{"allowDomains":["api.business.githubcopilot.com","api.enterprise.githubcopilot.com","api.github.com","api.githubcopilot.com","api.individual.githubcopilot.com","github.com","host.docker.internal","telemetry.enterprise.githubcopilot.com"]},"apiProxy":{"enabled":true,"enableTokenSteering":true,"maxRuns":500,"maxEffectiveTokens":25000000},"container":{"imageTag":"0.25.46"}}' > "${RUNNER_TEMP}/gh-aw/awf-config.json" && cp "${RUNNER_TEMP}/gh-aw/awf-config.json" /tmp/gh-aw/awf-config.json
          GH_AW_DOCKER_HOST_PATH_PREFIX_ARGS=""
          if [[ "${DOCKER_HOST:-}" =~ ^tcp:// ]]; then
            GH_AW_DOCKER_HOST_PATH_PREFIX_ARGS="--docker-host-path-prefix /tmp/gh-aw"
          fi
-          GH_AW_TOOL_CACHE_MOUNT=""
-          GH_AW_TOOL_CACHE="${RUNNER_TOOL_CACHE:-/opt/hostedtoolcache}"
-          if [ -d "$GH_AW_TOOL_CACHE" ]; then
-            if [[ "$GH_AW_TOOL_CACHE" != /opt/* ]]; then
-              GH_AW_TOOL_CACHE_MOUNT="$GH_AW_TOOL_CACHE:$GH_AW_TOOL_CACHE:ro"
-            fi
-          elif [ -d "/home/runner/work/_tool" ]; then
-            GH_AW_TOOL_CACHE_MOUNT="/home/runner/work/_tool:/home/runner/work/_tool:ro"
-          fi
          # shellcheck disable=SC1003
-          sudo -E awf --config "${RUNNER_TEMP}/gh-aw/awf-config.json" --container-workdir "${GITHUB_WORKSPACE}" --mount "${RUNNER_TEMP}/gh-aw:${RUNNER_TEMP}/gh-aw:ro" --mount "${RUNNER_TEMP}/gh-aw:/host${RUNNER_TEMP}/gh-aw:ro" ${GH_AW_TOOL_CACHE_MOUNT:+--mount "$GH_AW_TOOL_CACHE_MOUNT"} ${GH_AW_DOCKER_HOST_PATH_PREFIX_ARGS} --env-all --exclude-env COPILOT_GITHUB_TOKEN --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs --audit-dir /tmp/gh-aw/sandbox/firewall/audit --enable-host-access --allow-host-ports 80,443,8080 --skip-pull \
-            -- /bin/bash -c 'set +o histexpand; GH_AW_TOOL_CACHE="${RUNNER_TOOL_CACHE:-/opt/hostedtoolcache}"; export PATH="$(find "$GH_AW_TOOL_CACHE" /opt/hostedtoolcache /home/runner/work/_tool -maxdepth 5 -type d -name bin 2>/dev/null | tr '\''\n'\'' '\'':'\'')$PATH"; [ -n "$GOROOT" ] && export PATH="$GOROOT/bin:$PATH" || true && GH_AW_NODE_EXEC="${GH_AW_NODE_BIN:-}"; if [ -z "$GH_AW_NODE_EXEC" ] || [ ! -x "$GH_AW_NODE_EXEC" ]; then GH_AW_NODE_EXEC="$(command -v node 2>/dev/null || true)"; fi; if [ -z "$GH_AW_NODE_EXEC" ]; then echo "node runtime missing on this runner — check runtimes.node in workflow YAML" >&2; exit 127; fi; GH_AW_NPM_GLOBAL_ROOT="$(npm root -g 2>/dev/null || true)"; if [ -n "$GH_AW_NPM_GLOBAL_ROOT" ]; then export NODE_PATH="${GH_AW_NPM_GLOBAL_ROOT}${NODE_PATH:+:${NODE_PATH}}"; fi; "$GH_AW_NODE_EXEC" ${RUNNER_TEMP}/gh-aw/actions/copilot_harness.cjs /usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --disable-builtin-mcps --no-ask-user --allow-all-tools --add-dir "${GITHUB_WORKSPACE}" --prompt-file /tmp/gh-aw/aw-prompts/prompt.txt' 2>&1 | tee -a /tmp/gh-aw/threat-detection/detection.log
+          sudo -E awf --config "${RUNNER_TEMP}/gh-aw/awf-config.json" --container-workdir "${GITHUB_WORKSPACE}" --mount "${RUNNER_TEMP}/gh-aw:${RUNNER_TEMP}/gh-aw:ro" --mount "${RUNNER_TEMP}/gh-aw:/host${RUNNER_TEMP}/gh-aw:ro" ${GH_AW_DOCKER_HOST_PATH_PREFIX_ARGS} --env-all --exclude-env COPILOT_GITHUB_TOKEN --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs --audit-dir /tmp/gh-aw/sandbox/firewall/audit --enable-host-access --allow-host-ports 80,443,8080 --skip-pull \
+            -- /bin/bash -c 'export PATH="$(find /opt/hostedtoolcache /home/runner/work/_tool -maxdepth 5 -type d -name bin 2>/dev/null | tr '\''\n'\'' '\'':'\'')$PATH"; [ -n "$GOROOT" ] && export PATH="$GOROOT/bin:$PATH" || true && GH_AW_NODE_EXEC="${GH_AW_NODE_BIN:-}"; if [ -z "$GH_AW_NODE_EXEC" ] || [ ! -x "$GH_AW_NODE_EXEC" ]; then GH_AW_NODE_EXEC="$(command -v node 2>/dev/null || true)"; fi; if [ -z "$GH_AW_NODE_EXEC" ]; then echo "node runtime missing on this runner — check runtimes.node in workflow YAML" >&2; exit 127; fi; "$GH_AW_NODE_EXEC" ${RUNNER_TEMP}/gh-aw/actions/copilot_harness.cjs /usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --disable-builtin-mcps --no-ask-user --allow-all-tools --add-dir "${GITHUB_WORKSPACE}" --prompt-file /tmp/gh-aw/aw-prompts/prompt.txt' 2>&1 | tee -a /tmp/gh-aw/threat-detection/detection.log
        env:
          AWF_REFLECT_ENABLED: 1
          COPILOT_AGENT_RUNNER_TYPE: STANDALONE
-          COPILOT_DUMMY_BYOK: dummy-byok-key-for-offline-mode
+          COPILOT_API_KEY: dummy-byok-key-for-offline-mode
          COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }}
-          COPILOT_MODEL: ${{ vars.GH_AW_MODEL_DETECTION_COPILOT || vars.GH_AW_DEFAULT_MODEL_COPILOT || 'claude-sonnet-4.6' }}
-          GH_AW_MAX_TURNS: ${{ vars.GH_AW_DEFAULT_MAX_TURNS || '' }}
+          COPILOT_MODEL: ${{ vars.GH_AW_MODEL_DETECTION_COPILOT || 'claude-sonnet-4.6' }}
          GH_AW_PHASE: detection
          GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
-          GH_AW_TIMEOUT_MINUTES: 20
-          GH_AW_VERSION: v0.79.6
+          GH_AW_VERSION: v0.74.4
          GITHUB_API_URL: ${{ github.api_url }}
          GITHUB_AW: true
          GITHUB_COPILOT_INTEGRATION_ID: agentic-workflows
@@ -1372,21 +1227,7 @@ jobs:
          GIT_AUTHOR_NAME: github-actions[bot]
          GIT_COMMITTER_EMAIL: github-actions[bot]@users.noreply.github.com
          GIT_COMMITTER_NAME: github-actions[bot]
-          RUNNER_TEMP: ${{ runner.temp }}
          XDG_CONFIG_HOME: /home/runner
-      - name: Parse threat detection token usage for step summary
-        id: parse_detection_token_usage
-        if: always()
-        continue-on-error: true
-        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
-        env:
-          GH_AW_TOKEN_USAGE_SUMMARY_TITLE: Threat Detection Token Usage
-        with:
-          script: |
-            const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
-            setupGlobals(core, github, context, exec, io, getOctokit);
-            const { main } = require('${{ runner.temp }}/gh-aw/actions/parse_token_usage.cjs');
-            await main();
      - name: Upload threat detection log
        if: always() && steps.detection_guard.outputs.run_detection == 'true'
        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
@@ -1427,82 +1268,11 @@ jobs:
              }
            }

-  pre_activation:
-    runs-on: ubuntu-slim
-    outputs:
-      activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
-      matched_command: ''
-      setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
-      setup-span-id: ${{ steps.setup.outputs.span-id }}
-      setup-trace-id: ${{ steps.setup.outputs.trace-id }}
-    steps:
-      - name: Setup Scripts
-        id: setup
-        uses: github/gh-aw-actions/setup@5c2fe865bb4dc46e1450f6ee0d0541d759aea73a # v0.79.6
-        with:
-          destination: ${{ runner.temp }}/gh-aw/actions
-          job-name: ${{ github.job }}
-        env:
-          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements (AW)"
-          GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/check-requirements.lock.yml@${{ github.ref }}
-          GH_AW_INFO_VERSION: "1.0.60"
-          GH_AW_INFO_AWF_VERSION: "v0.27.2"
-          GH_AW_INFO_ENGINE_ID: "copilot"
-      - name: Check team membership for workflow
-        id: check_membership
-        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
-        env:
-          GH_AW_REQUIRED_ROLES: "admin,maintainer,write"
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          script: |
-            const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
-            setupGlobals(core, github, context, exec, io, getOctokit);
-            const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
-            await main();
-
-  prepare:
-    needs: activation
-    if: github.event.workflow_run.conclusion == 'success'
-    runs-on: ubuntu-latest
-    permissions:
-      actions: read
-      contents: read
-
-    outputs:
-      pr_number: ${{ steps.prepare.outputs.pr_number }}
-      skip: ${{ steps.prepare.outputs.skip }}
-    steps:
-      - name: Configure GH_HOST for enterprise compatibility
-        id: ghes-host-config
-        shell: bash
-        # zizmor: ignore[github-env] - GITHUB_SERVER_URL is set by GitHub Actions, not user input.
-        run: |
-          # Derive GH_HOST from GITHUB_SERVER_URL so the gh CLI targets the correct
-          # GitHub instance (GHES/GHEC). On github.com this is a harmless no-op.
-          GH_HOST="${GITHUB_SERVER_URL#https://}"
-          GH_HOST="${GH_HOST#http://}"
-          echo "GH_HOST=${GH_HOST}" >> "$GITHUB_ENV"
-      - name: Download deterministic-results artifact
-        id: download
-        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          name: check-requirements-deterministic
-          path: /tmp/deterministic
-          run-id: ${{ github.event.workflow_run.id }}
-      - name: Resolve skip and PR number from the artifact
-        id: prepare
-        run: |
-          echo "skip=$(jq -r '.skip_aw' /tmp/deterministic/results.json)" >> "${GITHUB_OUTPUT}"
-          echo "pr_number=$(jq -r '.pr_number' /tmp/deterministic/results.json)" >> "${GITHUB_OUTPUT}"
-
  safe_outputs:
    needs:
      - activation
      - agent
      - detection
-      - prepare
    if: (!cancelled()) && needs.agent.result != 'skipped' && needs.detection.result == 'success'
    runs-on: ubuntu-slim
    permissions:
@@ -1510,22 +1280,17 @@ jobs:
      discussions: write
      issues: write
      pull-requests: write
-    timeout-minutes: 45
+    timeout-minutes: 15
    env:
-      GH_AW_AGENT_AIC: ${{ needs.agent.outputs.aic }}
-      GH_AW_AIC: ${{ needs.agent.outputs.aic }}
-      GH_AW_AMBIENT_CONTEXT: ${{ needs.agent.outputs.ambient_context }}
      GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/check-requirements"
      GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
      GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
      GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
      GH_AW_ENGINE_ID: "copilot"
      GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
-      GH_AW_ENGINE_VERSION: "1.0.60"
-      GH_AW_THREAT_DETECTION_AIC: ${{ needs.detection.outputs.aic }}
+      GH_AW_ENGINE_VERSION: "1.0.48"
      GH_AW_WORKFLOW_ID: "check-requirements"
-      GH_AW_WORKFLOW_NAME: "Check requirements (AW)"
-      GH_AW_WORKFLOW_SOURCE_URL: "${{ github.server_url }}/${{ github.repository }}/blob/${{ github.ref_name }}/.github/workflows/check-requirements.md"
+      GH_AW_WORKFLOW_NAME: "Check requirements"
    outputs:
      code_push_failure_count: ${{ steps.process_safe_outputs.outputs.code_push_failure_count }}
      code_push_failure_errors: ${{ steps.process_safe_outputs.outputs.code_push_failure_errors }}
@@ -1538,17 +1303,16 @@ jobs:
    steps:
      - name: Setup Scripts
        id: setup
-        uses: github/gh-aw-actions/setup@5c2fe865bb4dc46e1450f6ee0d0541d759aea73a # v0.79.6
+        uses: github/gh-aw-actions/setup@d3abfe96a194bce3a523ed2093ddedd5704cdf62 # v0.74.4
        with:
          destination: ${{ runner.temp }}/gh-aw/actions
          job-name: ${{ github.job }}
          trace-id: ${{ needs.activation.outputs.setup-trace-id }}
          parent-span-id: ${{ needs.activation.outputs.setup-parent-span-id || needs.activation.outputs.setup-span-id }}
        env:
-          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements (AW)"
+          GH_AW_SETUP_WORKFLOW_NAME: "Check requirements"
          GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/check-requirements.lock.yml@${{ github.ref }}
-          GH_AW_INFO_VERSION: "1.0.60"
-          GH_AW_INFO_AWF_VERSION: "v0.27.2"
+          GH_AW_INFO_VERSION: "1.0.48"
          GH_AW_INFO_ENGINE_ID: "copilot"
      - name: Download agent output artifact
        id: download-agent-output
@@ -1567,7 +1331,6 @@ jobs:
      - name: Configure GH_HOST for enterprise compatibility
        id: ghes-host-config
        shell: bash
-        # zizmor: ignore[github-env] - GITHUB_SERVER_URL is set by GitHub Actions, not user input.
        run: |
          # Derive GH_HOST from GITHUB_SERVER_URL so the gh CLI targets the correct
          # GitHub instance (GHES/GHEC). On github.com this is a harmless no-op.
@@ -1579,11 +1342,10 @@ jobs:
        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
        env:
          GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }}
-          GH_AW_COMMENT_ID: ${{ needs.activation.outputs.comment_id }}
          GH_AW_ALLOWED_DOMAINS: "*.pythonhosted.org,anaconda.org,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,binstar.org,bootstrap.pypa.io,conda.anaconda.org,conda.binstar.org,files.pythonhosted.org,github.com,host.docker.internal,pip.pypa.io,pypi.org,pypi.python.org,raw.githubusercontent.com,registry.npmjs.org,repo.anaconda.com,repo.continuum.io,telemetry.enterprise.githubcopilot.com"
          GITHUB_SERVER_URL: ${{ github.server_url }}
          GITHUB_API_URL: ${{ github.api_url }}
-          GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"add_comment\":{\"max\":1,\"target\":\"${{ needs.prepare.outputs.pr_number }}\"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
+          GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"add_comment\":{\"max\":1,\"target\":\"${{ inputs.pull_request_number }}\"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{}}"
        with:
          github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
          script: |
@@ -1,70 +1,33 @@
 ---
 on:
-  workflow_run:
-    workflows: ["Check requirements (deterministic)"]
-    types: [completed]
+  workflow_dispatch:
+    inputs:
+      pull_request_number:
+        description: "Pull request number to (re-)check"
+        required: true
+        type: number
 permissions:
  contents: read
-  actions: read
  pull-requests: read
+  issues: read
 network:
  allowed:
    - python
 tools:
  web-fetch: {}
  github:
-    toolsets: [repos, pull_requests]
+    toolsets: [default]
    min-integrity: unapproved
-if: needs.prepare.outputs.skip != 'true'
 safe-outputs:
  add-comment:
    max: 1
-    target: "${{ needs.prepare.outputs.pr_number }}"
-  needs:
-    - prepare
-jobs:
-  prepare:
-    # The deterministic stage always uploads an artifact; its `skip_aw` flag is
-    # true when no tracked requirement file changed since the last comment,
-    # which is our cue to skip the (token-spending) agent. Recover the PR number
-    # to comment on either way.
-    if: github.event.workflow_run.conclusion == 'success'
-    runs-on: ubuntu-latest
-    permissions:
-      actions: read
-      contents: read
-    outputs:
-      skip: ${{ steps.prepare.outputs.skip }}
-      pr_number: ${{ steps.prepare.outputs.pr_number }}
-    steps:
-      - name: Download deterministic-results artifact
-        id: download
-        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
-        with:
-          name: check-requirements-deterministic
-          path: /tmp/deterministic
-          run-id: ${{ github.event.workflow_run.id }}
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-      - name: Resolve skip and PR number from the artifact
-        id: prepare
-        run: |
-          echo "skip=$(jq -r '.skip_aw' /tmp/deterministic/results.json)" >> "${GITHUB_OUTPUT}"
-          echo "pr_number=$(jq -r '.pr_number' /tmp/deterministic/results.json)" >> "${GITHUB_OUTPUT}"
+    target: ${{ inputs.pull_request_number }}
 concurrency:
-  group: ${{ github.workflow }}-${{ github.event.workflow_run.id }}
+  group: ${{ github.workflow }}-${{ inputs.pull_request_number }}
  cancel-in-progress: true
-steps:
-  - name: Download deterministic-results artifact
-    if: github.event.workflow_run.conclusion == 'success'
-    uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
-    with:
-      name: check-requirements-deterministic
-      path: /tmp/gh-aw/deterministic
-      run-id: ${{ github.event.workflow_run.id }}
-      github-token: ${{ secrets.GITHUB_TOKEN }}
 post-steps:
  - name: Verify agent produced an add_comment safe-output
-    if: always() && github.event.workflow_run.conclusion == 'success'
+    if: always()
    run: |
      OUTPUT=/tmp/gh-aw/agent_output.json
      if [ ! -f "${OUTPUT}" ]; then
@@ -78,311 +41,376 @@ post-steps:
        exit 1
      fi
 description: >
-  Resolves the deterministic-stage artifact's NEEDS_AGENT checks for changed
-  Python package requirements on PRs targeting the core repo, then posts the
-  final review comment. Triggered by completion of the deterministic workflow.
-  Reads the uploaded artifact from disk, replaces placeholders for any check
-  whose status is `needs_agent`, and posts the merged comment using the PR
-  number recorded inside the artifact itself. Each check kind has a dedicated
-  instruction section below; if the artifact contains a check kind that does
-  not have a section here, the agent fails hard rather than guess.
+  Checks changed Python package requirements on PRs targeting the core repo
+  (including PRs opened from forks) and verifies licenses match PyPI metadata, source
+  repositories are publicly accessible, PyPI releases were uploaded via
+  automated CI (Trusted Publisher attestation), the package's release pipeline
+  uses OIDC or equivalent automated credentials (not static tokens), and the PR
+  description contains the required links.
 ---

-# Check requirements (AW)
+# Check requirements

-You are a code-review assistant for Home Assistant. The deterministic
-stage already evaluated every check it can and produced an artifact at
-`/tmp/gh-aw/deterministic/results.json`. Your only job is to resolve any
-`needs_agent` checks and post the rendered comment.
+You are a code review assistant for the Home Assistant project. Your job is to
+review changes to Python package requirements and verify they meet the project's
+standards.

-## Step 1 — Read the artifact
+## Context

-Read the JSON directly for the full schema. Key fields:
+- Home Assistant uses `requirements_all.txt` (all integration packages),
+  `requirements.txt` (core packages), `requirements_test.txt` (test
+  dependencies), and `requirements_test_all.txt` (all test dependencies) to
+  declare Python dependencies.
+- Each integration lists its packages in `homeassistant/components/<name>/manifest.json`
+  under the `requirements` field.
+- Allowed licenses are maintained in `script/licenses.py` under
+  `OSI_APPROVED_LICENSES_SPDX` (SPDX identifiers) and `OSI_APPROVED_LICENSES`
+  (classifier strings).

- `pr_number`, `needs_agent` (bool), `packages[]`, `rendered_comment`.
- Each `package`: `name`, `old_version` (`null` if new), `new_version`,
-  `repo_url`, `publisher_kind`, `checks` (keyed by check-kind, each
-  with `status` of `pass`/`warn`/`fail`/`needs_agent` and `details`).
- `rendered_comment` contains, for each `needs_agent` check, two
-  placeholders to replace:
-  - `{{CHECK_CELL:<pkg>:<kind>}}` → exactly one of `✅`, `☑️`, `⚠️`, `❌`.  The
-    **`security`** check kind uses `☑️` instead of `✅` for the success
-    case — see its section below for why.
-  - `{{CHECK_DETAIL:<pkg>:<kind>}}` → `<icon> <one-line explanation>`
-    (the bullet's `- **<label>**:` prefix is already rendered; replace
-    only the placeholder).
-  - `{{SUMMARY}}` → the single top-of-comment summary line, present only
-    when at least one check needed resolving. Fill it **after** resolving
-    every check, based on the final cell verdicts (see Step 3).
+## Step 1 — Identify Changed Packages

-Do not modify other content in `rendered_comment`, do not re-evaluate
-deterministic checks, do not add or remove packages. If `needs_agent`
-is `false`, emit `rendered_comment` unchanged.
+This workflow is triggered via `workflow_dispatch`. The PR number to check is
+**#${{ inputs.pull_request_number }}**. Use that PR number for **every** GitHub
+API call in the steps below (fetching the diff, the PR body, etc.). Do **not**
+rely on `github.event.pull_request` — it is not populated for
+`workflow_dispatch` runs.

-## Step 2 — Resolve each `needs_agent` check
+Use the GitHub tool to fetch the PR diff for that PR number. Look for
+lines that were added (`+`) or removed (`-`) in **any** of these files:
+- `requirements.txt`
+- `requirements_all.txt`
+- `requirements_test.txt`
+- `requirements_test_all.txt`
+- `homeassistant/package_constraints.txt`
+- `pyproject.toml`

-For each `(package, check_kind)` with `status == "needs_agent"`, find
-the matching `### Check kind: <check_kind>` section below and follow
-it. If no section matches, emit a single `add_comment` with:
+For each changed line that contains a package pin (e.g. `SomePackage==1.2.3`),
+classify it as:
+- **New package**: the package name appears only in `+` lines, with no
+  corresponding `-` line for the same package name.
+- **Version bump**: the same package name appears in both `+` lines (new
+  version) and `-` lines (old version), with different version numbers.
+
+Record the **old version** and **new version** for every version bump — you
+will need these values in Step 4.
+
+
+## Step 2 — Check License via PyPI
+
+For each new or bumped package:
+
+1. Fetch `https://pypi.org/pypi/{package_name}/json` (use the exact
+   package name as it appears on the requirements file).
+2. From the JSON response, extract:
+   - `info.license` — free-text license field
+   - `info.license_expression` — SPDX expression (if present)
+   - `info.classifiers` — filter for entries starting with `"License ::"`,
+     then normalize each match the same way as `script/licenses.py` by
+     extracting the final ` :: ` segment (for example,
+     `"License :: OSI Approved :: MIT License"` → `"MIT License"`).
+3. Determine if the license is in the approved list from `script/licenses.py`:
+   - SPDX identifiers: compare against `OSI_APPROVED_LICENSES_SPDX`
+   - Normalized classifier strings: compare against `OSI_APPROVED_LICENSES`
+4. Flag a package as ❌ if the license is unknown, missing, or not in the
+   approved list. Flag as ⚠️ if the license information is ambiguous or cannot
+   be definitively determined.
+
+## Step 2b — Verify PyPI Release Was Uploaded by CI
+
+For each new or bumped package, verify that the release on PyPI was published
+automatically by a CI pipeline (via OIDC Trusted Publisher), not uploaded
+manually.
+
+1. Fetch the PyPI JSON for the specific version being introduced or bumped:
+   `https://pypi.org/pypi/{package_name}/{version}/json`
+2. Inspect the `urls` array in the response. For each distribution file (wheel
+   or sdist), note the filename.
+3. For each filename, attempt to fetch the PyPI provenance attestation:
+   `https://pypi.org/integrity/{package_name}/{version}/{filename}/provenance`
+   - If the response is HTTP 200 and contains a valid attestation object,
+     inspect `attestation_bundles[*].publisher`. A Trusted Publisher attestation
+     will have a `kind` identifying the CI system (e.g. `"GitHub Actions"`,
+     `"GitLab"`) and a `repository` or `project` field matching the source
+     repository.
+   - If at least one distribution file has a valid Trusted Publisher attestation,
+     mark ✅ CI-uploaded.
+   - If no attestation is found for any file (404 for all), mark ⚠️ — "Release
+     has no provenance attestation; it may have been uploaded manually".
+   - If an attestation exists but the `publisher` does not identify a recognized
+     CI system or Trusted Publisher, mark ⚠️ — "Attestation present but
+     publisher cannot be verified as automated CI".
+
+Note: if PyPI returns an error fetching the per-version JSON, fall back to the
+latest JSON (`https://pypi.org/pypi/{package_name}/json`) and look up the
+specific version in the `releases` dict.
+
+## Step 3 — Identify Repository URL
+
+For each new or bumped package:
+
+1. From the PyPI JSON at `info.project_urls`, find the source repository URL
+   (keys such as `"Source"`, `"Homepage"`, `"Repository"`, or `"Source Code"`).
+2. Record that repository URL for later checks.
+3. If no suitable repository URL is present, mark ❌ with a note that the
+   source repository URL is missing and cannot be verified.
+
+## Step 4 — Check PR Description
+
+Read the PR body from the GitHub API for PR
+#${{ inputs.pull_request_number }}. Extract all URLs present in the PR body.
+
+### 4a — New packages: repository link required
+
+For **new packages** (brand-new dependency not previously in any requirements
+file): the PR description must contain a link that points to the package's
+**source repository** as identified in Step 3 (the URL recorded from
+`info.project_urls`). A PyPI page link alone is **not** acceptable — the link
+must point directly to the source repository (e.g. a GitHub or GitLab URL).
+
+- If a URL in the PR body matches (or is a sub-path of) the source repository
+  URL identified via PyPI, mark ✅.
+- If the PR body contains a source repository URL that does **not** match the
+  repository URL found in the package's PyPI metadata (`info.project_urls`),
+  mark ❌ — "PR description links to `<pr_url>` but PyPI reports the source
+  repository as `<pypi_repo_url>`; please use the correct repository URL."
+- If no source repository URL is present in the PR body at all, mark ❌ —
+  "PR description must link to the source repository at `<repo_url>` (found
+  via PyPI). A PyPI page link is not sufficient."
+
+### 4b — Version bumps: changelog or diff link matching the bump
+
+For **version bumps**: the PR description must contain a link to a changelog,
+release notes page, or a diff/comparison URL that references the **exact
+versions** being bumped (old → new) as recorded in the diff from Step 1.
+
+Checks to perform for each bumped package (old version = X, new version = Y):
+1. Extract all URLs from the PR body that contain the repository's domain or
+   path (as identified in Step 3).
+2. Verify that at least one such URL includes both the old version (X) and the
+   new version (Y) in some form — e.g. a GitHub compare URL like
+   `compare/vX...vY`, a releases URL mentioning version Y, or a
+   `CHANGELOG.md` anchor referencing Y.
+3. Confirm the link's version range matches the actual bump in the diff. If
+   the link references versions different from X → Y (for example, the PR
+   bumps `1.2.3 → 1.3.0` but the link points to `compare/v1.2.0...v1.2.4`),
+   the link does not match the bump.
+
+Outcome:
+- ✅ — a URL pointing to the correct repo with version references that match
+  the exact bump (X → Y).
+- ❌ — no changelog/diff link is found, or the link does not match the actual
+  bump (X → Y). Explain what was found and what is expected.
+
+## Step 5 — Verify Source Repository is Publicly Accessible
+
+Before inspecting the release pipeline, confirm that the source repository
+identified in Step 3 is publicly reachable.
+
+For each new or bumped package:
+
+1. Use the source repository URL recorded in Step 3.
+2. If no repository URL was found in `info.project_urls`, mark ❌ — "No source
+   repository URL found in PyPI metadata; a public source repository is
+   required."
+3. If a repository URL was found, perform a GET request to that URL (using
+   web-fetch). If the response is HTTP 200 and returns a publicly accessible
+   page (not a login redirect or error page), mark ✅.
+4. If the response is non-200, the URL redirects to a login/authentication page,
+   or the repository appears private or unavailable, mark ❌ — "Source
+   repository at `<repo_url>` is not publicly accessible. Home Assistant
+   requires all dependencies to have publicly available source code." **Do not
+   proceed with the release pipeline check (Step 6) for this package.**
+
+## Step 6 — Check Release Pipeline Sanity
+
+For each new or bumped package, determine the source repository host from the
+URL identified in Step 3, then inspect whether the project's release/publish CI
+workflow is sane. The checks differ by hosting provider.
+
+### GitHub repositories (`github.com`)
+
+1. Using the GitHub API, list the workflows in the source repository:
+   `GET /repos/{owner}/{repo}/actions/workflows`
+2. Identify any workflow whose name or filename suggests publishing to PyPI
+   (e.g., contains "release", "publish", "pypi", or "deploy").
+3. Fetch the workflow file content and check the following:
+   a. **Trigger sanity**: The publish job should be triggered by `push` to tags,
+      `release: published`, or `workflow_run` on a release job — **not** solely
+      by `workflow_dispatch` with no additional guards. A `workflow_dispatch`
+      trigger alongside other triggers is acceptable. Mark ❌ if the only trigger
+      is manual `workflow_dispatch` with no environment protection rules.
+   b. **OIDC / Trusted Publisher**: The workflow should use OIDC-based publishing.
+      Look for `id-token: write` permission and one of:
+      - `pypa/gh-action-pypi-publish` action
+      - `actions/attest-build-provenance` action
+      - Any step that sets `TWINE_PASSWORD` from `secrets.PYPI_TOKEN` directly
+        (treat this as a static long-lived API token rather than OIDC).
+      Mark ✅ if OIDC is used, ⚠️ if the publish method cannot be determined.
+      If a static secret token is the only credential, mark ⚠️ for version
+      bumps (the package was already accepted at a previous version; suggest
+      the upstream maintainer switch to OIDC / Trusted Publisher for better
+      security) and ❌ for new packages.
+   c. **No manual upload bypass**: Verify there is no step that calls
+      `twine upload` or `pip upload` outside of a properly gated job (e.g., one
+      that requires an environment approval). Flag ⚠️ if such steps exist.
+4. If no publish workflow is found in the repository, mark ⚠️ — "No publish
+   workflow found; it is unclear how this package is released to PyPI."
+
+### GitLab repositories (`gitlab.com` or self-hosted GitLab)
+
+1. Use the GitLab REST API to list CI/CD pipeline configuration files. First
+   resolve the project ID via
+   `GET https://gitlab.com/api/v4/projects/{url-encoded-namespace-and-name}`
+   and note the `id` field.
+2. Fetch the repository's `.gitlab-ci.yml` (and any included files) using
+   `GET https://gitlab.com/api/v4/projects/{id}/repository/files/.gitlab-ci.yml/raw?ref=HEAD`
+   (use web-fetch for public repos).
+3. Identify any job whose name or `stage` suggests publishing to PyPI
+   (e.g., "publish", "deploy", "release", "pypi").
+4. For each such job, check:
+   a. **Trigger sanity**: The job should run only on tag pipelines (`only: tags`
+      or `rules: - if: $CI_COMMIT_TAG`) or on protected branches — **not**
+      solely on manual triggers (`when: manual`) with no additional protection.
+      Mark ❌ if the only trigger is manual with no environment or protected-branch
+      guard.
+   b. **Automated credentials**: The job should use GitLab's OIDC ID token
+      (`id_tokens:` block) and `pypa/gh-action-pypi-publish` equivalent, or
+      reference `secrets.PYPI_TOKEN` / `$PYPI_TOKEN` injected from GitLab CI/CD
+      protected variables. Flag ❌ if the token is hard-coded or unprotected.
+      Mark ✅ if OIDC is used, ⚠️ if the method cannot be determined. If a
+      protected static token is the only credential, mark ⚠️ for version bumps
+      (suggest the upstream maintainer switch to OIDC / Trusted Publisher for
+      better security) and ❌ for new packages.
+   c. **No manual upload bypass**: Flag ⚠️ if any job calls `twine upload`
+      without being behind a protected-variable or environment guard.
+5. If no publish job is found, mark ⚠️ — "No publish job found in .gitlab-ci.yml;
+   it is unclear how this package is released to PyPI."
+
+### Other code hosting providers
+
+For repositories hosted on platforms other than GitHub or GitLab (e.g.,
+Bitbucket, Codeberg, Gitea, Sourcehut):
+1. Use web-fetch to retrieve the repository's root page and look for any
+   publicly visible CI configuration files (e.g., `.circleci/config.yml`,
+   `Jenkinsfile`, `azure-pipelines.yml`, `bitbucket-pipelines.yml`,
+   `.builds/*.yml` for Sourcehut).
+2. Apply the same conceptual checks as above:
+   - Does publishing run on automated triggers (tags/releases), not solely
+     manual ones?
+   - Are credentials injected by the CI system (not hard-coded)?
+   - Is there a `twine upload` or equivalent step that could be run manually?
+3. If no CI configuration can be retrieved, mark ⚠️ — "Release pipeline could
+   not be inspected; hosting provider is not GitHub or GitLab."
+
+## Step 7 — Post a Review Comment
+
+**Always** post a review comment using `add_comment`, regardless of whether
+packages pass or fail. Use the following structure:
+
+**Note on deduplication**: The workflow automatically updates any previous
+requirements-check comment on the PR in place (preserving its position in the
+thread). If no previous comment exists, the newly created comment is kept as-is.
+You do not need to search for or update previous comments yourself.
+
+### Comment structure
+
+Begin every comment with the HTML marker `<!-- requirements-check -->` on its
+own line (this is used by the workflow to find the previous comment and update
+it on the next run).
+
+### 7a — Overall summary line
+
+Begin the comment with a single summary line, before anything else:
+
+- If everything passed: `All requirements checks passed. ✅`
+- If there are failures or warnings: `⚠️ Some checks require attention — see the details below.`
+
+### 7b — Summary table
+
+Render a compact table where every check column contains **only the status
+icon** (✅, ⚠️, or ❌). No explanatory text belongs inside the table cells —
+all detail goes in the per-package sections below.
+
+Use `—` (em dash) when a check was skipped (e.g. Release Pipeline is skipped
+when the repository is not publicly accessible).

 ```
 <!-- requirements-check -->
 ## Check requirements

-❌ Internal error: deterministic artifact contains an unknown check kind
-(`<check_kind>` on `<pkg>`).
+| Package | Type | Old→New | License | Repo Public | CI Upload | Release Pipeline | PR Link |
+|---------|------|---------|---------|-------------|-----------|------------------|---------|
+| PackageA | bump | 1.2.3→1.3.0 | ✅ | ✅ | ✅ | ✅ | ✅ |
+| PackageB | new  | —→4.5.6 | ❌ | ✅ | ⚠️ | ⚠️ | ❌ |
+| PackageC | bump | 2.0.0→2.1.0 | ✅ | ❌ | — | — | ❌ |
 ```

-Then stop. Do not improvise a verdict.
+### 7c — Per-package detail sections

-## Step 3 — Post the comment
+After the table, add one collapsible `<details>` block per package.

-Replace every placeholder with the resolved value and emit
-`rendered_comment` via `add_comment`. Preserve the leading
-`<!-- requirements-check -->` marker. The PR target is already wired;
-do not pass `item_number`.
+- If **all checks passed** for that package, render the block **collapsed**
+  (no `open` attribute) so the comment stays concise.
+- If **any check failed or produced a warning**, render the block **open**
+  (`<details open>`) so the contributor sees the issues immediately.

-If a `{{SUMMARY}}` placeholder is present, replace it last, once every
-`{{CHECK_CELL:…}}` is resolved:
- `All requirements checks passed. ✅` — when every check cell across all
-  packages is `✅` or `☑️` (treat `—`/skipped as not a problem).
- `⚠️ Some checks require attention — see the details below.` — when any
-  cell is `⚠️` or `❌`.
+Each block must include the full detail for every check: the license found, the
+repository URL, whether a provenance attestation was found, the release
+pipeline findings, and the PR link found (or missing, or mismatched with the
+actual bump). For failed or warned checks, explain exactly what the contributor
+must fix, including the expected source repository URL, expected version range,
+etc.

-## Check instructions
+Template (repeat for each package):

-### Check kind: `repo_public`
+```
+<details open>
+<summary><strong>PackageB 📦 new —→4.5.6</strong></summary>

-`web-fetch` GET `package.repo_url`.
- 200 + public repo page → ✅ `<repo_url> is publicly accessible.`
- 4xx/5xx or login redirect → ❌ `Source repository at <repo_url> is
-  not publicly accessible. Home Assistant requires dependencies to
-  have publicly available source code.`
- Otherwise → ⚠️ with a one-line description.
+- **License**: ❌ License is `UNKNOWN` — not in the approved list. Check PyPI metadata and `script/licenses.py`.
+- **Repository Public**: ✅ https://github.com/example/packageb is publicly accessible.
+- **CI Upload**: ⚠️ No provenance attestation found for any distribution file. The release may have been uploaded manually.
+- **Release Pipeline**: ⚠️ No publish workflow found in the repository; it is unclear how this package is released to PyPI.
+- **PR Link**: ❌ PR description must link to the source repository at https://github.com/example/packageb (a PyPI page link is not sufficient).

-If ❌, also mark this package's `release_pipeline` and `async_blocking`
-cells/details as `—` and explain `Skipped because the source
-repository is not publicly accessible.`.
+</details>
+```

-### Check kind: `pr_link`
+Collapsed example (all checks passed):

-Fetch the PR body via the `pull_requests` MCP using `pr_number`. Extract URLs.
+```
+<details>
+<summary><strong>PackageA 📦 bump 1.2.3→1.3.0</strong></summary>

- **New package** (`old_version == null`): body must contain a URL
-  pointing at `repo_url`'s `owner/repo` on the same host (any
-  sub-path OK). PyPI is not sufficient.
-  - ✅ if present; otherwise ❌ `PR description must link to the
-    source repository at <repo_url>. A PyPI page link is not
-    sufficient.`
- **Version bump**: body must contain a URL on the same host as
-  `repo_url` that mentions **both** `old_version` and `new_version`
-  (compare URL, changelog, release page).
-  - ✅ if present and versions match; otherwise ❌ `PR description
-    should link to a changelog or compare URL on <repo_url> that
-    mentions both <old_version> and <new_version>.`
+- **License**: ✅ MIT
+- **Repository Public**: ✅ https://github.com/example/packagea
+- **CI Upload**: ✅ Trusted Publisher attestation found (GitHub Actions).
+- **Release Pipeline**: ✅ OIDC via `pypa/gh-action-pypi-publish`; triggered on `release: published`; `environment: release` gate.
+- **PR Link**: ✅ https://github.com/example/packagea/compare/v1.2.3...v1.3.0

-### Check kind: `release_pipeline`
-
-Inspect the upstream's publish-to-PyPI CI. Host-specific lookup, same
-rubric:
-
-1. Locate the publish workflow / job (name or filename contains
-   `release`, `publish`, `pypi`, or `deploy`).
-   - GitHub: list `.github/workflows/` via the `repos` MCP, pick the
-     promising file by name, fetch its contents.
-   - GitLab: fetch `.gitlab-ci.yml` from the default ref via
-     `https://gitlab.com/api/v4/projects/{id}/repository/files/.gitlab-ci.yml/raw?ref=HEAD`.
-   - Other hosts: `web-fetch` an obvious CI config
-     (`.circleci/config.yml`, `bitbucket-pipelines.yml`, etc.).
-2. Apply this rubric:
-   - **Trigger**: tag push / `release: published` / protected branch —
-     not solely manual dispatch without an environment guard.
-   - **Credentials**: OIDC (`id-token: write` +
-     `pypa/gh-action-pypi-publish` or equivalent) preferred; static
-     `PYPI_TOKEN` from a CI secret acceptable for a bump.
-   - **No bypass**: no ungated `twine upload` / `pip upload`.
-3. Verdict:
-   - ✅ — OIDC + sane triggers + no bypass.
-   - ⚠️ — static token on a bump, details unclear, or
-     non-GitHub/GitLab host with limited CI visibility.
-   - ❌ — static token on a new package, or manual-only triggers
-     without environment protection.
-
-### Check kind: `async_blocking`
-
-Verify the dependency does not call blocking APIs inside `async def`
-bodies. Home Assistant runs on a single asyncio loop, so blocking
-calls from the async surface stall the whole loop. A purely sync
-library is fine — integrations wrap its calls in an executor.
-
-**Mode** (decided by `old_version`):
- `null` → new package: review the entire current source tree.
- string → version bump: review only the diff between the two tags.
-  Blocking calls already present in `old_version` are not regressions.
-
-**Step 1 — async surface?**
-
-Fetch `pyproject.toml` / `setup.py` / `setup.cfg` / `README*` at the
-tag matching `new_version` (try `v{version}`, `{version}`,
-`release-{version}` — at most three attempts). Use the `repos` MCP for
-github.com, `web-fetch` otherwise.
-
-If sync-only (no `async def` in public modules; no
-asyncio/aiohttp/httpx/anyio in deps; no `Framework :: AsyncIO`
-classifier) → ✅ `Sync-only library; Home Assistant integrations must
-wrap calls in an executor.` (Same verdict for both modes.)
-
-**Step 2 — review the surface**
-
- New package: grep public modules for `async def`, inspect each
-  async body and transitive helpers.
- Bump: fetch the compare diff
-  (`/repos/{owner}/{repo}/compare/{old}...{new}` on GitHub, equivalent
-  on GitLab/other hosts). Only flag patterns on **added** lines that
-  are inside or reachable from `async def`. If no tag format resolves,
-  fall back to a full review and note that the diff was unavailable.
-
-**Blocking patterns to flag inside `async def`:**
-
- Sync HTTP: `requests.`, `urllib.request`, `urllib3.` direct,
-  `http.client.`, sync `httpx.Client(` / `httpx.get(`, `pycurl`.
- `time.sleep(` (use `await asyncio.sleep(`).
- Sync sockets/SSL: bare `socket.socket` I/O, `ssl.wrap_socket`,
-  blocking `select.select`.
- File I/O on the request path: `open(` /
-  `pathlib.Path.read_*` / `.write_*` for non-trivial sizes (small
-  one-shot reads during import are OK).
- Sync DB drivers: `sqlite3`, `psycopg2`, `pymysql`, sync `pymongo` /
-  `redis.Redis`.
- `subprocess.run` / `subprocess.call` / `os.system`.
-
-Calls dispatched to an executor (`run_in_executor`,
-`asyncio.to_thread`, `anyio.to_thread.run_sync`) do **not** count as
-blocking.
-
-**Verdict:**
-
- ✅ — no offending pattern. Bumps: phrase as `No new blocking calls
-  introduced in {old_version} → {new_version}.`.
- ⚠️ — blocking only in sync helpers the async API never calls, or
-  clearly off the hot path (e.g. one-shot pre-loop setup). Cite at
-  least one `<file>:<line>` and say why it's not hot.
- ❌ — blocking call reachable from a public `async def` on the
-  request/polling path (bump: introduced or moved onto the hot path
-  by this version). Cite the offending `<file>:<line>` as a clickable
-  link on the repo host.
-
-### Check kind: `security`
-
-**Baseline** scan of the upstream source for obvious supply-chain red
-flags — a cheap first pass, **not** a security review or malware audit.
-A clean result means "nothing obvious stood out", not "this package is
-safe". The success icon is `☑️` — **never** `✅` — so a passing scan is
-not read as an endorsement.
-
-If `repo_public` resolves to ❌ for the same package, mark `security`'s
-cell and detail as `—` and explain `Skipped because the source
-repository is not publicly accessible.` — the source cannot be fetched.
-
-**Step 1 — Fetch a representative slice**
-
-Locate the source from `package.repo_url`.
-
- GitHub: resolve the default branch (`GET /repos/{owner}/{repo}`), list
-  the tree (`GET /repos/{owner}/{repo}/git/trees/{branch}?recursive=1`),
-  find the module dir (`{name}/` or `src/{name}/`, normalising `-` ↔ `_`).
- GitLab: equivalent REST calls. Other hosts: `web-fetch` raw file URLs.
-
-Fetch the **raw contents** of `setup.py` (install-time code runs on every
-consumer), `pyproject.toml` (`[build-system]` / custom backend), the
-package's `__init__.py`, and co — prioritising `entry_points` targets, plus any name suggesting
-bootstrap / loader / self-update (`update*.py`, `loader*.py`,
-`bootstrap*.py`, `_native.py`, `_post_install*.py`, …).
-
-If the tree is too large for the API budget, inspect at least `setup.py`,
-`pyproject.toml`, and `__init__.py`, then return ⚠️ noting the partial scan.
-
-**Step 2 — Patterns to flag**
-
-Reason from principles, not a fixed checklist: for each file ask *would a
-well-behaved library doing what this package's PyPI description claims
-need to do this?* If "no" or "unclear", record a finding. The categories
-describe the **shape** of concerning behavior; the named APIs, filenames,
-and keys are illustrative — treat any equivalent construct (including ones
-that did not exist when this was written) the same way.
-
-For every finding include the file path, line number, a snippet
-(≤ 120 chars), a permalink
-(`https://github.com/{owner}/{repo}/blob/{sha}/{path}#L{line}` or the
-GitLab equivalent), and one sentence on why it is out of scope.
-
-1. **Reaches into Home Assistant internals.** A library should touch HA
-   only through its documented Python API — never the `config_dir`
-   filesystem or internal auth / session state. Flag code that opens,
-   reads, writes, or resolves paths to artifacts it does not own
-   (top-level YAML it did not create, anything under `.storage/`, other
-   integrations' files) or reads tokens / refresh tokens / auth providers
-   (e.g. `secrets.yaml`, `.storage/auth*`, `hass.auth`). The principle is
-   *out-of-scope access*, not a static list of names.
-2. **Network input flows into an execution sink (download-and-execute).**
-   Flag any data-flow from a network response body (any HTTP / WebSocket /
-   raw-socket client, sync or async) to an execution sink: `exec`, `eval`,
-   `compile`, `marshal.loads`, `pickle.loads`, `types.FunctionType`,
-   `importlib.util.spec_from_loader`, `subprocess.*`, `os.system`, shell
-   pipelines (`curl … | sh`), or a file later imported / executed — plus
-   package-manager calls (`pip install` / `download`) with args resolved
-   from network responses at runtime.
-3. **Build / install-time code is non-deterministic or non-local.**
-   `setup.py`, `setup.cfg` `cmdclass`, custom PEP 517 backends, and other
-   build hooks must only compile and copy files shipped in the sdist. Flag
-   build-stage code that opens a socket, shells out, writes outside the
-   build / install tree, or pulls a build backend not on PyPI (Git URL /
-   local path).
-4. **Reads secrets and combines them with an egress path.** The shape is
-   *secret-source → outbound-channel*. Flag code that reads credential
-   material (token-like env vars, credential files under the user's home,
-   OS keychain APIs, browser-profile dirs, HA token stores) **and** in the
-   same path sends it to a destination the package needn't talk to.
-   Reading or sending alone is not enough — the *combination* is the signal.
-5. **Hides what it does.** Flag opaque data flowing into an execution
-   sink: large encoded / compressed / hex strings (`base64`, `codecs`,
-   `zlib`, `lzma`, `bytes.fromhex`, or any equivalent) passed to `exec` /
-   `eval` / `compile` / `__import__`; identifiers assembled at runtime
-   then imported; or any construct whose evident purpose is to make the
-   behavior unreadable.
-6. **Hard-coded network destination off-purpose.** Flag outbound URLs or
-   hosts absent from the package's PyPI `project_urls` with no obvious
-   connection to its function — short-link / paste services, ephemeral
-   tunnels, raw IPs, non-default ports against unknown hosts — and any
-   network call at module top-level / `__init__.py` (runs on import for
-   every consumer).
-
-A clearly out-of-scope behavior that fits none of the above: flag under
-the closest category and explain. The categories guide reasoning, not bound it.
-
-**Verdict**
-
-Aggregate the findings into one of:
-
- `☑️ Baseline scan found nothing obvious in <list of inspected files>.
-  This is not a security review — only the cheap checks were run.`
-  Use `☑️` (**not** `✅`) so a passing scan is not read as an endorsement.
- `⚠️ <one-line summary>` — patterns with plausible legitimate uses;
-  include path / line / snippet / permalink per match for the reviewer.
- `❌ <one-line summary>` — patterns with no legitimate explanation
-  (install-time network execution, decode-and-exec of opaque blobs, reads
-  of `secrets.yaml` / `.storage/auth*`, token exfiltration to an external
-  host); same detail.
-
-Be precise. False positives are expected — when in doubt prefer `⚠️` with
-context over `❌`. This check is informational and never blocks the
-workflow on its own; a human reviewer decides whether to merge.
+</details>
+```

 ## Notes

- Be constructive; reference the inspected file by URL when useful.
- Comment dedup is handled by gh-aw's `add_comment` safe-output via
-  the `<!-- requirements-check -->` marker.
- If `/tmp/gh-aw/deterministic/results.json` is missing (upstream
-  cancelled/failed), emit nothing — the post-step verification is
-  gated and won't complain.
+- Be constructive and helpful. Provide direct links where possible so the
+  contributor can quickly fix the issue.
+- If PyPI returns an error for a package, mention that it could not be found and
+  suggest the contributor verify the package name.
+- For packages that only appear in `homeassistant/package_constraints.txt` or
+  `pyproject.toml` without being tied to a specific integration, the PR
+  description link requirement still applies.
+- When checking test-only packages (from `requirements_test.txt` or
+  `requirements_test_all.txt`), apply the same license, repository, and PR
+  description checks as for production dependencies.
+- A package that appears in both a production file and a test file should only
+  be reported once; use the production file entry as the canonical one.
+- This workflow is invoked exclusively via `workflow_dispatch`. The stage-1
+  workflow `Check requirements (changes detection)` runs on `pull_request` with
+  a paths filter on the tracked requirements files, and its completion triggers
+  the dispatcher (`Check requirements (dispatcher)`) which calls this workflow
+  with the PR number. Members can also dispatch this workflow manually with the
+  PR number to re-run the check after updating the PR description or fixing
+  issues without changing any requirements files. On a retrigger the existing
+  comment is updated in place so there is always exactly one requirements-check
+  comment in the PR.
@@ -39,7 +39,7 @@ on:
 env:
  CACHE_VERSION: 3
  MYPY_CACHE_VERSION: 1
-  HA_SHORT_VERSION: "2026.8"
+  HA_SHORT_VERSION: "2026.6"
  ADDITIONAL_PYTHON_VERSIONS: "[]"
  # 10.3 is the oldest supported version
  # - 10.3.32 is the version currently shipped with Synology (as of 17 Feb 2022)
@@ -60,7 +60,9 @@ env:
  # - 15.2 is the latest (as of 9 Feb 2023)
  POSTGRESQL_VERSIONS: "['postgres:12.14','postgres:15.2']"
  UV_CACHE_DIR: /tmp/uv-cache
-  APT_CACHE_VERSION: 1
+  APT_CACHE_BASE: /home/runner/work/apt
+  APT_CACHE_DIR: /home/runner/work/apt/cache
+  APT_LIST_CACHE_DIR: /home/runner/work/apt/lists
  SQLALCHEMY_WARN_20: 1
  PYTHONASYNCIODEBUG: 1
  HASS_CI: 1
@@ -84,6 +86,7 @@ jobs:
      core: ${{ steps.core.outputs.changes }}
      integrations_glob: ${{ steps.info.outputs.integrations_glob }}
      integrations: ${{ steps.integrations.outputs.changes }}
+      apt_cache_key: ${{ steps.generate_apt_cache_key.outputs.key }}
      python_cache_key: ${{ steps.generate_python_cache_key.outputs.key }}
      requirements: ${{ steps.core.outputs.requirements }}
      mariadb_groups: ${{ steps.info.outputs.mariadb_groups }}
@@ -98,7 +101,7 @@ jobs:
      skip_coverage: ${{ steps.info.outputs.skip_coverage }}
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
      - name: Generate partial Python venv restore key
@@ -113,6 +116,10 @@ jobs:
          # Include HA_SHORT_VERSION to force the immediate creation
          # of a new uv cache entry after a version bump.
          echo "key=venv-${CACHE_VERSION}-${HA_SHORT_VERSION}-${HASH_REQUIREMENTS_TEST}-${HASH_REQUIREMENTS}-${HASH_REQUIREMENTS_ALL}-${HASH_PACKAGE_CONSTRAINTS}-${HASH_GEN_REQUIREMENTS}" >> $GITHUB_OUTPUT
+      - name: Generate partial apt restore key
+        id: generate_apt_cache_key
+        run: |
+          echo "key=$(lsb_release -rs)-apt-${CACHE_VERSION}-${HA_SHORT_VERSION}" >> $GITHUB_OUTPUT
      - name: Filter for core changes
        uses: dorny/paths-filter@fbd0ab8f3e69293af611ebaee6363fc25e6d187d # v4.0.1
        id: core
@@ -264,7 +271,7 @@ jobs:
      && github.event.inputs.audit-licenses-only != 'true'
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
      - name: Register problem matchers
@@ -274,7 +281,7 @@ jobs:
          echo "::add-matcher::.github/workflows/matchers/check-executables-have-shebangs.json"
          echo "::add-matcher::.github/workflows/matchers/codespell.json"
      - name: Run prek
-        uses: j178/prek-action@bdca6f102f98e2b4c7029491a53dfd366469e33d # v2.0.4
+        uses: j178/prek-action@6ad80277337ad479fe43bd70701c3f7f8aa74db3 # v2.0.3
        env:
          PREK_SKIP: no-commit-to-branch,mypy,pylint,gen_requirements_all,hassfest,hassfest-metadata,hassfest-mypy-config,zizmor
          RUFF_OUTPUT_FORMAT: github
@@ -291,11 +298,11 @@ jobs:
      && github.event.inputs.audit-licenses-only != 'true'
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
      - name: Run zizmor
-        uses: j178/prek-action@bdca6f102f98e2b4c7029491a53dfd366469e33d # v2.0.4
+        uses: j178/prek-action@6ad80277337ad479fe43bd70701c3f7f8aa74db3 # v2.0.3
        with:
          extra-args: --all-files zizmor

@@ -318,7 +325,7 @@ jobs:
          - script/hassfest/docker/Dockerfile
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
      - name: Register hadolint problem matcher
@@ -341,7 +348,7 @@ jobs:
        python-version: ${{ fromJson(needs.info.outputs.python_versions) }}
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
      - name: Set up Python ${{ matrix.python-version }}
@@ -377,36 +384,65 @@ jobs:
          path: ${{ env.UV_CACHE_DIR }}
          key: ${{ steps.generate-uv-key.outputs.full_key }}
          restore-keys: ${{ steps.generate-uv-key.outputs.partial_key }}
+      - name: Check if apt cache exists
+        id: cache-apt-check
+        uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
+        with:
+          lookup-only: ${{ steps.cache-venv.outputs.cache-hit == 'true' }}
+          path: |
+            ${{ env.APT_CACHE_DIR }}
+            ${{ env.APT_LIST_CACHE_DIR }}
+          key: >-
+            ${{ runner.os }}-${{ runner.arch }}-${{ needs.info.outputs.apt_cache_key }}
      - name: Install additional OS dependencies
-        if: steps.cache-venv.outputs.cache-hit != 'true'
+        if: |
+          steps.cache-venv.outputs.cache-hit != 'true'
+          || steps.cache-apt-check.outputs.cache-hit != 'true'
+        id: install-os-deps
        timeout-minutes: 10
-        uses: ./.github/actions/cache-apt-packages
-        with:
-          packages: >-
-            bluez
-            ffmpeg
-            libturbojpeg
-            libxml2-utils
-            libavcodec-dev
-            libavdevice-dev
-            libavfilter-dev
-            libavformat-dev
-            libavutil-dev
-            libswresample-dev
-            libswscale-dev
-            libudev-dev
-          version: ${{ env.APT_CACHE_VERSION }}
-          execute_install_scripts: true
-      - name: Read uv version from requirements.txt
-        if: steps.cache-venv.outputs.cache-hit != 'true'
-        id: read-uv-version
+        env:
+          APT_CACHE_HIT: ${{ steps.cache-apt-check.outputs.cache-hit }}
        run: |
-          echo "version=$(grep '^uv==' requirements.txt | cut -d'=' -f3)" >> "$GITHUB_OUTPUT"
-      - name: Set up uv
-        if: steps.cache-venv.outputs.cache-hit != 'true'
-        uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0
+          sudo rm /etc/apt/sources.list.d/microsoft-prod.list
+          if [[ "${APT_CACHE_HIT}" != 'true' ]]; then
+            mkdir -p ${APT_CACHE_DIR}
+            mkdir -p ${APT_LIST_CACHE_DIR}
+          fi
+
+          sudo apt-get update \
+            -o Dir::Cache=${APT_CACHE_DIR} \
+            -o Dir::State::Lists=${APT_LIST_CACHE_DIR}
+          sudo apt-get -y install \
+            -o Dir::Cache=${APT_CACHE_DIR} \
+            -o Dir::State::Lists=${APT_LIST_CACHE_DIR} \
+            bluez \
+            ffmpeg \
+            libturbojpeg \
+            libxml2-utils \
+            libavcodec-dev \
+            libavdevice-dev \
+            libavfilter-dev \
+            libavformat-dev \
+            libavutil-dev \
+            libswresample-dev \
+            libswscale-dev \
+            libudev-dev
+
+          if [[ "${APT_CACHE_HIT}" != 'true' ]]; then
+            sudo chmod -R 755 ${APT_CACHE_BASE}
+          fi
+      - name: Save apt cache
+        if: |
+          always()
+          && steps.cache-apt-check.outputs.cache-hit != 'true'
+          && steps.install-os-deps.outcome == 'success'
+        uses: actions/cache/save@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
        with:
-          version: ${{ steps.read-uv-version.outputs.version }}
+          path: |
+            ${{ env.APT_CACHE_DIR }}
+            ${{ env.APT_LIST_CACHE_DIR }}
+          key: >-
+            ${{ runner.os }}-${{ runner.arch }}-${{ needs.info.outputs.apt_cache_key }}
      - name: Create Python virtual environment
        if: steps.cache-venv.outputs.cache-hit != 'true'
        id: create-venv
@@ -414,6 +450,8 @@ jobs:
          python -m venv venv
          . venv/bin/activate
          python --version
+          pip install "$(grep '^uv' < requirements.txt)"
+          uv pip install -U "pip>=25.2"
          uv pip install -r requirements.txt
          uv pip install -r requirements_all.txt -r requirements_test.txt
          uv pip install -e . --config-settings editable_mode=compat
@@ -468,16 +506,30 @@ jobs:
      && github.event.inputs.mypy-only != 'true'
      && github.event.inputs.audit-licenses-only != 'true'
    steps:
-      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+      - name: Restore apt cache
+        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
        with:
-          persist-credentials: false
+          path: |
+            ${{ env.APT_CACHE_DIR }}
+            ${{ env.APT_LIST_CACHE_DIR }}
+          fail-on-cache-miss: true
+          key: >-
+            ${{ runner.os }}-${{ runner.arch }}-${{ needs.info.outputs.apt_cache_key }}
      - name: Install additional OS dependencies
        timeout-minutes: 10
-        uses: ./.github/actions/cache-apt-packages
+        run: |
+          sudo rm /etc/apt/sources.list.d/microsoft-prod.list
+          sudo apt-get update \
+            -o Dir::Cache=${APT_CACHE_DIR} \
+            -o Dir::State::Lists=${APT_LIST_CACHE_DIR}
+          sudo apt-get -y install \
+            -o Dir::Cache=${APT_CACHE_DIR} \
+            -o Dir::State::Lists=${APT_LIST_CACHE_DIR} \
+            libturbojpeg
+      - name: Check out code from GitHub
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
-          packages: libturbojpeg
-          version: ${{ env.APT_CACHE_VERSION }}
+          persist-credentials: false
      - name: Set up Python
        id: python
        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
@@ -512,7 +564,7 @@ jobs:
      && github.event.inputs.audit-licenses-only != 'true'
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
      - name: Set up Python
@@ -548,7 +600,7 @@ jobs:
      && github.event.inputs.audit-licenses-only != 'true'
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
      - name: Set up Python
@@ -576,7 +628,7 @@ jobs:
      && github.event_name == 'pull_request'
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
      - name: Dependency review
@@ -603,7 +655,7 @@ jobs:
        python-version: ${{ fromJson(needs.info.outputs.python_versions) }}
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
      - name: Set up Python ${{ matrix.python-version }}
@@ -654,7 +706,7 @@ jobs:
      || github.event.inputs.pylint-only == 'true'
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
      - name: Set up Python
@@ -707,7 +759,7 @@ jobs:
      && (needs.info.outputs.tests_glob || needs.info.outputs.test_full_suite == 'true')
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
      - name: Set up Python
@@ -758,7 +810,7 @@ jobs:
      || github.event.inputs.mypy-only == 'true'
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
      - name: Set up Python
@@ -824,20 +876,32 @@ jobs:
      - info
      - base
    steps:
-      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+      - name: Restore apt cache
+        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
        with:
-          persist-credentials: false
+          path: |
+            ${{ env.APT_CACHE_DIR }}
+            ${{ env.APT_LIST_CACHE_DIR }}
+          fail-on-cache-miss: true
+          key: >-
+            ${{ runner.os }}-${{ runner.arch }}-${{ needs.info.outputs.apt_cache_key }}
      - name: Install additional OS dependencies
        timeout-minutes: 10
-        uses: ./.github/actions/cache-apt-packages
-        with:
-          packages: >-
-            bluez
-            ffmpeg
+        run: |
+          sudo rm /etc/apt/sources.list.d/microsoft-prod.list
+          sudo apt-get update \
+            -o Dir::Cache=${APT_CACHE_DIR} \
+            -o Dir::State::Lists=${APT_LIST_CACHE_DIR}
+          sudo apt-get -y install \
+            -o Dir::Cache=${APT_CACHE_DIR} \
+            -o Dir::State::Lists=${APT_LIST_CACHE_DIR} \
+            bluez \
+            ffmpeg \
            libturbojpeg
-          version: ${{ env.APT_CACHE_VERSION }}
-          execute_install_scripts: true
+      - name: Check out code from GitHub
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
      - name: Set up Python
        id: python
        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
@@ -888,21 +952,33 @@ jobs:
        python-version: ${{ fromJson(needs.info.outputs.python_versions) }}
        group: ${{ fromJson(needs.info.outputs.test_groups) }}
    steps:
-      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+      - name: Restore apt cache
+        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
        with:
-          persist-credentials: false
+          path: |
+            ${{ env.APT_CACHE_DIR }}
+            ${{ env.APT_LIST_CACHE_DIR }}
+          fail-on-cache-miss: true
+          key: >-
+            ${{ runner.os }}-${{ runner.arch }}-${{ needs.info.outputs.apt_cache_key }}
      - name: Install additional OS dependencies
        timeout-minutes: 10
-        uses: ./.github/actions/cache-apt-packages
-        with:
-          packages: >-
-            bluez
-            ffmpeg
-            libturbojpeg
+        run: |
+          sudo rm /etc/apt/sources.list.d/microsoft-prod.list
+          sudo apt-get update \
+            -o Dir::Cache=${APT_CACHE_DIR} \
+            -o Dir::State::Lists=${APT_LIST_CACHE_DIR}
+          sudo apt-get -y install \
+            -o Dir::Cache=${APT_CACHE_DIR} \
+            -o Dir::State::Lists=${APT_LIST_CACHE_DIR} \
+            bluez \
+            ffmpeg \
+            libturbojpeg \
            libxml2-utils
-          version: ${{ env.APT_CACHE_VERSION }}
-          execute_install_scripts: true
+      - name: Check out code from GitHub
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
      - name: Set up Python ${{ matrix.python-version }}
        id: python
        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
@@ -1029,22 +1105,34 @@ jobs:
        python-version: ${{ fromJson(needs.info.outputs.python_versions) }}
        mariadb-group: ${{ fromJson(needs.info.outputs.mariadb_groups) }}
    steps:
-      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+      - name: Restore apt cache
+        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
        with:
-          persist-credentials: false
+          path: |
+            ${{ env.APT_CACHE_DIR }}
+            ${{ env.APT_LIST_CACHE_DIR }}
+          fail-on-cache-miss: true
+          key: >-
+            ${{ runner.os }}-${{ runner.arch }}-${{ needs.info.outputs.apt_cache_key }}
      - name: Install additional OS dependencies
        timeout-minutes: 10
-        uses: ./.github/actions/cache-apt-packages
-        with:
-          packages: >-
-            bluez
-            ffmpeg
-            libturbojpeg
-            libmariadb-dev-compat
+        run: |
+          sudo rm /etc/apt/sources.list.d/microsoft-prod.list
+          sudo apt-get update \
+            -o Dir::Cache=${APT_CACHE_DIR} \
+            -o Dir::State::Lists=${APT_LIST_CACHE_DIR}
+          sudo apt-get -y install \
+            -o Dir::Cache=${APT_CACHE_DIR} \
+            -o Dir::State::Lists=${APT_LIST_CACHE_DIR} \
+            bluez \
+            ffmpeg \
+            libturbojpeg \
+            libmariadb-dev-compat \
            libxml2-utils
-          version: ${{ env.APT_CACHE_VERSION }}
-          execute_install_scripts: true
+      - name: Check out code from GitHub
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
      - name: Set up Python ${{ matrix.python-version }}
        id: python
        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
@@ -1178,29 +1266,36 @@ jobs:
        python-version: ${{ fromJson(needs.info.outputs.python_versions) }}
        postgresql-group: ${{ fromJson(needs.info.outputs.postgresql_groups) }}
    steps:
-      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+      - name: Restore apt cache
+        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
        with:
-          persist-credentials: false
+          path: |
+            ${{ env.APT_CACHE_DIR }}
+            ${{ env.APT_LIST_CACHE_DIR }}
+          fail-on-cache-miss: true
+          key: >-
+            ${{ runner.os }}-${{ runner.arch }}-${{ needs.info.outputs.apt_cache_key }}
      - name: Install additional OS dependencies
        timeout-minutes: 10
-        uses: ./.github/actions/cache-apt-packages
-        with:
-          packages: >-
-            bluez
-            ffmpeg
-            libturbojpeg
+        run: |
+          sudo rm /etc/apt/sources.list.d/microsoft-prod.list
+          sudo apt-get update \
+            -o Dir::Cache=${APT_CACHE_DIR} \
+            -o Dir::State::Lists=${APT_LIST_CACHE_DIR}
+          sudo apt-get -y install \
+            -o Dir::Cache=${APT_CACHE_DIR} \
+            -o Dir::State::Lists=${APT_LIST_CACHE_DIR} \
+            bluez \
+            ffmpeg \
+            libturbojpeg \
            libxml2-utils
-          version: ${{ env.APT_CACHE_VERSION }}
-          execute_install_scripts: true
-      - name: Set up PostgreSQL apt repository
-        run: sudo /usr/share/postgresql-common/pgdg/apt.postgresql.org.sh -y
-      - name: Cache PostgreSQL development headers
-        timeout-minutes: 10
-        uses: ./.github/actions/cache-apt-packages
+          sudo /usr/share/postgresql-common/pgdg/apt.postgresql.org.sh -y
+          sudo apt-get -y install \
+            postgresql-server-dev-14
+      - name: Check out code from GitHub
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
-          packages: postgresql-server-dev-14
-          version: ${{ env.APT_CACHE_VERSION }}
+          persist-credentials: false
      - name: Set up Python ${{ matrix.python-version }}
        id: python
        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
@@ -1317,7 +1412,7 @@ jobs:
    if: needs.info.outputs.skip_coverage != 'true'
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
      - name: Download all coverage artifacts
@@ -1326,7 +1421,7 @@ jobs:
          pattern: coverage-*
      - name: Upload coverage to Codecov
        if: needs.info.outputs.test_full_suite == 'true'
-        uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0
+        uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0
        with:
          fail_ci_if_error: true
          flags: full-suite
@@ -1354,21 +1449,33 @@ jobs:
        python-version: ${{ fromJson(needs.info.outputs.python_versions) }}
        group: ${{ fromJson(needs.info.outputs.test_groups) }}
    steps:
-      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+      - name: Restore apt cache
+        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
        with:
-          persist-credentials: false
+          path: |
+            ${{ env.APT_CACHE_DIR }}
+            ${{ env.APT_LIST_CACHE_DIR }}
+          fail-on-cache-miss: true
+          key: >-
+            ${{ runner.os }}-${{ runner.arch }}-${{ needs.info.outputs.apt_cache_key }}
      - name: Install additional OS dependencies
        timeout-minutes: 10
-        uses: ./.github/actions/cache-apt-packages
-        with:
-          packages: >-
-            bluez
-            ffmpeg
-            libturbojpeg
+        run: |
+          sudo rm /etc/apt/sources.list.d/microsoft-prod.list
+          sudo apt-get update \
+            -o Dir::Cache=${APT_CACHE_DIR} \
+            -o Dir::State::Lists=${APT_LIST_CACHE_DIR}
+          sudo apt-get -y install \
+            -o Dir::Cache=${APT_CACHE_DIR} \
+            -o Dir::State::Lists=${APT_LIST_CACHE_DIR} \
+            bluez \
+            ffmpeg \
+            libturbojpeg \
            libxml2-utils
-          version: ${{ env.APT_CACHE_VERSION }}
-          execute_install_scripts: true
+      - name: Check out code from GitHub
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
      - name: Set up Python ${{ matrix.python-version }}
        id: python
        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
@@ -1476,7 +1583,7 @@ jobs:
      - pytest-partial
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
      - name: Download all coverage artifacts
@@ -1485,7 +1592,7 @@ jobs:
          pattern: coverage-*
      - name: Upload coverage to Codecov
        if: needs.info.outputs.test_full_suite == 'false'
-        uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0
+        uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0
        with:
          fail_ci_if_error: true
          token: ${{ secrets.CODECOV_TOKEN }} # zizmor: ignore[secrets-outside-env]
@@ -1513,7 +1620,7 @@ jobs:
        with:
          pattern: test-results-*
      - name: Upload test results to Codecov
-        uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0
+        uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0
        with:
          report_type: test_results
          fail_ci_if_error: true
@@ -23,16 +23,16 @@ jobs:

    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

      - name: Initialize CodeQL
-        uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
+        uses: github/codeql-action/init@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4
        with:
          languages: python

      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
+        uses: github/codeql-action/analyze@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4
        with:
          category: "/language:python"
@@ -236,7 +236,7 @@ jobs:
      - name: Detect duplicates using AI
        id: ai_detection
        if: steps.extract.outputs.should_continue == 'true' && steps.fetch_similar.outputs.has_similar == 'true'
-        uses: actions/ai-inference@a7805884c80886efc241e94a5351df715968a0ad # v2.1.1
+        uses: actions/ai-inference@17ff458cb182449bbb2e43701fcd98f6af8f6570 # v2.1.0
        with:
          model: openai/gpt-4o
          system-prompt: |
@@ -62,7 +62,7 @@ jobs:
      - name: Detect language using AI
        id: ai_language_detection
        if: steps.detect_language.outputs.should_continue == 'true'
-        uses: actions/ai-inference@a7805884c80886efc241e94a5351df715968a0ad # v2.1.1
+        uses: actions/ai-inference@17ff458cb182449bbb2e43701fcd98f6af8f6570 # v2.1.0
        with:
          model: openai/gpt-4o-mini
          system-prompt: |
@@ -20,7 +20,7 @@ jobs:
      issues: write # To lock issues
      pull-requests: write # To lock pull requests
    steps:
-      - uses: dessant/lock-threads@89ae32b08ed1a541efecbab17912962a5e38981c # v6.0.2
+      - uses: dessant/lock-threads@7266a7ce5c1df01b1c6db85bf8cd86c737dadbe7 # v6.0.0
        with:
          github-token: ${{ github.token }}
          issue-inactive-days: "30"
@@ -20,36 +20,22 @@ jobs:
    permissions:
      issues: write # To label and close stale issues
      pull-requests: write # To label and close stale PRs
-      actions: write # To delete stalebot state
    steps:
-      # Generate a token for the GitHub App, we use this method to avoid
-      # hitting API limits for our GitHub actions + have a higher rate limit.
-      - name: Generate app token
-        id: token
-        # Pinned to a specific version of the action for security reasons
-        # v3.2.0
-        uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1
-        with:
-          client-id: ${{ secrets.ISSUE_TRIAGE_APP_ID }} # zizmor: ignore[secrets-outside-env]
-          private-key: ${{ secrets.ISSUE_TRIAGE_APP_PEM }} # zizmor: ignore[secrets-outside-env]
-
      # The 60 day stale policy for PRs
      # Used for:
      # - PRs
      # - No PRs marked as no-stale
-      # The 90 day stale policy for issues
-      # Used for:
-      # - Issues
-      # - No issues marked as no-stale or help-wanted
-      - name: 60 days stale PRs policy and 90 days stale issue policy
-        uses: actions/stale@eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899 # v10.3.0
+      # - No issues (-1)
+      - name: 60 days stale PRs policy
+        uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10.2.0
        with:
-          repo-token: ${{ steps.token.outputs.token }}
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+          days-before-stale: 60
+          days-before-close: 7
+          days-before-issue-stale: -1
+          days-before-issue-close: -1
+          operations-per-run: 150
          remove-stale-when-updated: true
-          operations-per-run: 350
-          # pr policy
-          days-before-pr-stale: 60
-          days-before-pr-close: 7
          stale-pr-label: "stale"
          exempt-pr-labels: "no-stale"
          stale-pr-message: >
@@ -62,9 +48,65 @@ jobs:
            branch to ensure that it's up to date with the latest changes.

            Thank you for your contribution!
-          # issue policy
-          days-before-issue-stale: 90
-          days-before-issue-close: 7
+
+      # Generate a token for the GitHub App, we use this method to avoid
+      # hitting API limits for our GitHub actions + have a higher rate limit.
+      # This is only used for issues.
+      - name: Generate app token
+        id: token
+        # Pinned to a specific version of the action for security reasons
+        # v1.7.0
+        uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a
+        with:
+          app_id: ${{ secrets.ISSUE_TRIAGE_APP_ID }} # zizmor: ignore[secrets-outside-env]
+          private_key: ${{ secrets.ISSUE_TRIAGE_APP_PEM }} # zizmor: ignore[secrets-outside-env]
+
+      # The 90 day stale policy for issues
+      # Used for:
+      # - Issues
+      # - No issues marked as no-stale or help-wanted
+      # - No PRs (-1)
+      - name: 90 days stale issues
+        uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10.2.0
+        with:
+          repo-token: ${{ steps.token.outputs.token }}
+          days-before-stale: 90
+          days-before-close: 7
+          days-before-pr-stale: -1
+          days-before-pr-close: -1
+          operations-per-run: 250
+          remove-stale-when-updated: true
+          stale-issue-label: "stale"
+          exempt-issue-labels: "no-stale,help-wanted,needs-more-information"
+          stale-issue-message: >
+            There hasn't been any activity on this issue recently. Due to the
+            high number of incoming GitHub notifications, we have to clean some
+            of the old issues, as many of them have already been resolved with
+            the latest updates.
+
+            Please make sure to update to the latest Home Assistant version and
+            check if that solves the issue. Let us know if that works for you by
+            adding a comment 👍
+
+            This issue has now been marked as stale and will be closed if no
+            further activity occurs. Thank you for your contributions.
+
+      # The 30 day stale policy for issues
+      # Used for:
+      # - Issues that are pending more information (incomplete issues)
+      # - No Issues marked as no-stale or help-wanted
+      # - No PRs (-1)
+      - name: Needs more information stale issues policy
+        uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10.2.0
+        with:
+          repo-token: ${{ steps.token.outputs.token }}
+          only-labels: "needs-more-information"
+          days-before-stale: 14
+          days-before-close: 7
+          days-before-pr-stale: -1
+          days-before-pr-close: -1
+          operations-per-run: 250
+          remove-stale-when-updated: true
          stale-issue-label: "stale"
          exempt-issue-labels: "no-stale,help-wanted"
          stale-issue-message: >
@@ -22,7 +22,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

@@ -29,7 +29,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

@@ -116,7 +116,7 @@ jobs:
            os: ubuntu-24.04-arm
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

@@ -137,7 +137,7 @@ jobs:
          sed -i "/uv/d" requirements_diff.txt

      - name: Build wheels
-        uses: home-assistant/wheels@34957438948e0b3dcde73c77750643dadae594f5 # 2026.06.0
+        uses: home-assistant/wheels@e5742a69d69f0e274e2689c998900c7d19652c21 # 2025.12.0
        with:
          abi: ${{ matrix.abi }}
          tag: musllinux_1_2
@@ -167,7 +167,7 @@ jobs:
            os: ubuntu-24.04-arm
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

@@ -195,7 +195,7 @@ jobs:
          sed -i "/uv/d" requirements_diff.txt

      - name: Build wheels
-        uses: home-assistant/wheels@34957438948e0b3dcde73c77750643dadae594f5 # 2026.06.0
+        uses: home-assistant/wheels@e5742a69d69f0e274e2689c998900c7d19652c21 # 2025.12.0
        with:
          abi: ${{ matrix.abi }}
          tag: musllinux_1_2
@@ -1,6 +1,6 @@
 repos:
  - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.15.17
+    rev: v0.15.13
    hooks:
      - id: ruff-check
        args:
@@ -102,7 +102,7 @@ repos:
        pass_filenames: false
        language: script
        types: [text]
-        files: ^(homeassistant/.+/(icons|manifest|strings)\.json|homeassistant/.+/(conditions|quality_scale|services|triggers)\.yaml|homeassistant/brands/.*\.json|script/hassfest/(?!metadata|mypy_config).+\.py|homeassistant/components/sensor/const\.py|requirements.+\.txt)$
+        files: ^(homeassistant/.+/(icons|manifest|strings)\.json|homeassistant/.+/(conditions|quality_scale|services|triggers)\.yaml|homeassistant/brands/.*\.json|script/hassfest/(?!metadata|mypy_config).+\.py|requirements.+\.txt)$
      - id: hassfest-metadata
        name: hassfest-metadata
        entry: script/run-in-env.sh python3 -m script.hassfest -p metadata,docker
@@ -1 +1 @@
-3.14.5
+3.14.4
@@ -43,6 +43,7 @@ homeassistant.components
 homeassistant.components.abode.*
 homeassistant.components.acaia.*
 homeassistant.components.accuweather.*
+homeassistant.components.acer_projector.*
 homeassistant.components.acmeda.*
 homeassistant.components.actiontec.*
 homeassistant.components.actron_air.*
@@ -76,6 +77,7 @@ homeassistant.components.amberelectric.*
 homeassistant.components.ambient_network.*
 homeassistant.components.ambient_station.*
 homeassistant.components.amcrest.*
+homeassistant.components.ampio.*
 homeassistant.components.analytics.*
 homeassistant.components.analytics_insights.*
 homeassistant.components.android_ip_webcam.*
@@ -94,7 +96,6 @@ homeassistant.components.aprs.*
 homeassistant.components.apsystems.*
 homeassistant.components.aqualogic.*
 homeassistant.components.aquostv.*
-homeassistant.components.aqvify.*
 homeassistant.components.aranet.*
 homeassistant.components.arcam_fmj.*
 homeassistant.components.arris_tg2492lg.*
@@ -140,7 +141,6 @@ homeassistant.components.canary.*
 homeassistant.components.casper_glow.*
 homeassistant.components.centriconnect.*
 homeassistant.components.cert_expiry.*
-homeassistant.components.chef_iq.*
 homeassistant.components.clickatell.*
 homeassistant.components.clicksend.*
 homeassistant.components.climate.*
@@ -286,7 +286,6 @@ homeassistant.components.huawei_lte.*
 homeassistant.components.humidifier.*
 homeassistant.components.husqvarna_automower.*
 homeassistant.components.huum.*
-homeassistant.components.hvv_departures.*
 homeassistant.components.hydrawise.*
 homeassistant.components.hyperion.*
 homeassistant.components.hypontech.*
@@ -338,7 +337,6 @@ homeassistant.components.led_ble.*
 homeassistant.components.lektrico.*
 homeassistant.components.letpot.*
 homeassistant.components.lg_infrared.*
-homeassistant.components.lg_tv_rs232.*
 homeassistant.components.libre_hardware_monitor.*
 homeassistant.components.lidarr.*
 homeassistant.components.liebherr.*
@@ -430,7 +428,6 @@ homeassistant.components.otp.*
 homeassistant.components.ouman_eh_800.*
 homeassistant.components.overkiz.*
 homeassistant.components.overseerr.*
-homeassistant.components.ovhcloud_ai_endpoints.*
 homeassistant.components.p1_monitor.*
 homeassistant.components.paj_gps.*
 homeassistant.components.panel_custom.*
@@ -568,7 +565,6 @@ homeassistant.components.technove.*
 homeassistant.components.tedee.*
 homeassistant.components.telegram_bot.*
 homeassistant.components.teleinfo.*
-homeassistant.components.teltonika.*
 homeassistant.components.teslemetry.*
 homeassistant.components.text.*
 homeassistant.components.thethingsnetwork.*
@@ -613,7 +609,6 @@ homeassistant.components.valve.*
 homeassistant.components.velbus.*
 homeassistant.components.velux.*
 homeassistant.components.victron_gx.*
-homeassistant.components.vistapool.*
 homeassistant.components.vivotek.*
 homeassistant.components.vlc_telnet.*
 homeassistant.components.vodafone_station.*
@@ -625,7 +620,6 @@ homeassistant.components.waqi.*
 homeassistant.components.water_heater.*
 homeassistant.components.watts.*
 homeassistant.components.watttime.*
-homeassistant.components.wattwaechter.*
 homeassistant.components.weather.*
 homeassistant.components.web_rtc.*
 homeassistant.components.webhook.*
@@ -642,7 +636,6 @@ homeassistant.components.xbox.*
 homeassistant.components.xiaomi_ble.*
 homeassistant.components.yale_smart_alarm.*
 homeassistant.components.yalexs_ble.*
-homeassistant.components.yoto.*
 homeassistant.components.youtube.*
 homeassistant.components.zeroconf.*
 homeassistant.components.zinvolt.*
@@ -132,7 +132,7 @@
      "problemMatcher": []
    },
    {
-      "label": "Install all production Requirements",
+      "label": "Install all Requirements",
      "type": "shell",
      "command": "uv pip install -r requirements_all.txt",
      "group": {
@@ -146,9 +146,9 @@
      "problemMatcher": []
    },
    {
-      "label": "Install all (test & production) Requirements",
+      "label": "Install all Test Requirements",
      "type": "shell",
-      "command": "uv pip install -r requirements_all.txt -r requirements_test.txt",
+      "command": "uv pip install -r requirements.txt -r requirements_test_all.txt",
      "group": {
        "kind": "build",
        "isDefault": true
@@ -13,9 +13,8 @@ This repository contains the core of Home Assistant, a Python 3 based home autom

 ## Development Commands

- When entering a new environment or worktree, run `script/setup` to set up the virtual environment with all development dependencies (pylint, pre-commit hooks, etc.). This is required before committing. If uv reports that no download was found for the required Python version, the environment is running an outdated version of uv; upgrade it with `curl -LsSf https://astral.sh/uv/install.sh | sh` and run `script/setup` again.
+- When entering a new environment or worktree, run `script/setup` to set up the virtual environment with all development dependencies (pylint, pre-commit hooks, etc.). This is required before committing.
 - .vscode/tasks.json contains useful commands used for development.
- After finishing a code session, run `uv run prek run --all-files` to check for linting and formatting issues.

 ## Python Syntax Notes

@@ -33,13 +32,10 @@ This repository contains the core of Home Assistant, a Python 3 based home autom
 - Avoid using conditions/branching in tests. Instead, either split tests or adjust the test parametrization to cover all cases without branching.
 - If multiple tests share most of their code, use `pytest.mark.parametrize` to merge them into a single parameterized test instead of duplicating the body. Use `pytest.param` with an `id` parameter to name the test cases clearly.
 - We use Syrupy for snapshot testing. Leverage `.ambr` snapshots instead of repetitive and exhaustive generation of test data within Python code itself.
- Hardcoded `entity_id`s in tests are fine. If the same one is repeated, use a constant.

 ## Good practices

 - Integrations with Platinum or Gold level in the Integration Quality Scale reflect a high standard of code quality and maintainability. When looking for examples of something, these are good places to start. The level is indicated in the manifest.json of the integration.
 - When reviewing entity actions, do not suggest extra defensive checks for input fields that are already validated by Home Assistant's service/action schemas and entity selection filters. Suggest additional guards only when data bypasses those validators or is transformed into a less-safe form.
 - When validation guarantees a dict key exists, prefer direct key access (`data["key"]`) instead of `.get("key")` so contract violations are surfaced instead of silently masked.
- Keep comments concise. Prefer one short line stating the non-obvious constraint, or no comment at all.
- Do not add comments that just restate the code on the following line(s) (e.g. `# Check if initialized` above `if self.initialized:`). Comments should only explain why (non-obvious constraints, surprising behavior, or workarounds), never what. Never add comments that justify a change by referencing what the code looked like before.
- Do not add section or divider comments (e.g. `# --- XYZ Triggers ---`) inside or outside of functions, since those can easily become stale and be misleading.
+- Do not add comments that just restate the code on the following line(s) (e.g. `# Check if initialized` above `if self.initialized:`). Comments should only explain why — non-obvious constraints, surprising behavior, or workarounds — never what.
@@ -162,8 +162,6 @@ CLAUDE.md @home-assistant/core
 /tests/components/apsystems/ @mawoka-myblock @SonnenladenGmbH
 /homeassistant/components/aquacell/ @Jordi1990
 /tests/components/aquacell/ @Jordi1990
-/homeassistant/components/aqvify/ @astrandb
-/tests/components/aqvify/ @astrandb
 /homeassistant/components/aranet/ @aschmitz @thecode @anrijs
 /tests/components/aranet/ @aschmitz @thecode @anrijs
 /homeassistant/components/arcam_fmj/ @elupus
@@ -181,6 +179,7 @@ CLAUDE.md @home-assistant/core
 /tests/components/asuswrt/ @kennedyshead @ollo69 @Vaskivskyi
 /homeassistant/components/atag/ @MatsNL
 /tests/components/atag/ @MatsNL
+/homeassistant/components/aten_pe/ @mtdcr
 /homeassistant/components/atome/ @baqs
 /homeassistant/components/august/ @bdraco
 /tests/components/august/ @bdraco
@@ -229,6 +228,7 @@ CLAUDE.md @home-assistant/core
 /tests/components/battery/ @home-assistant/core
 /homeassistant/components/bayesian/ @HarvsG
 /tests/components/bayesian/ @HarvsG
+/homeassistant/components/beewi_smartclim/ @alemuro
 /homeassistant/components/binary_sensor/ @home-assistant/core
 /tests/components/binary_sensor/ @home-assistant/core
 /homeassistant/components/bizkaibus/ @UgaitzEtxebarria
@@ -236,8 +236,8 @@ CLAUDE.md @home-assistant/core
 /tests/components/blebox/ @bbx-a @swistakm @bkobus-bbx
 /homeassistant/components/blink/ @fronzbot
 /tests/components/blink/ @fronzbot
-/homeassistant/components/blue_current/ @gleeuwen @jtodorova23
-/tests/components/blue_current/ @gleeuwen @jtodorova23
+/homeassistant/components/blue_current/ @gleeuwen @NickKoepr @jtodorova23
+/tests/components/blue_current/ @gleeuwen @NickKoepr @jtodorova23
 /homeassistant/components/bluemaestro/ @bdraco
 /tests/components/bluemaestro/ @bdraco
 /homeassistant/components/blueprint/ @home-assistant/core
@@ -252,16 +252,16 @@ CLAUDE.md @home-assistant/core
 /tests/components/bond/ @bdraco @prystupa @joshs85 @marciogranzotto
 /homeassistant/components/bosch_alarm/ @mag1024 @sanjay900
 /tests/components/bosch_alarm/ @mag1024 @sanjay900
-/homeassistant/components/bosch_shc/ @tschamm @mosandlt
-/tests/components/bosch_shc/ @tschamm @mosandlt
+/homeassistant/components/bosch_shc/ @tschamm
+/tests/components/bosch_shc/ @tschamm
 /homeassistant/components/brands/ @home-assistant/core
 /tests/components/brands/ @home-assistant/core
 /homeassistant/components/braviatv/ @bieniu @Drafteed
 /tests/components/braviatv/ @bieniu @Drafteed
 /homeassistant/components/bring/ @miaucl @tr4nt0r
 /tests/components/bring/ @miaucl @tr4nt0r
-/homeassistant/components/broadlink/ @danielhiversen @felipediel @L-I-Am
-/tests/components/broadlink/ @danielhiversen @felipediel @L-I-Am
+/homeassistant/components/broadlink/ @danielhiversen @felipediel @L-I-Am @eifinger
+/tests/components/broadlink/ @danielhiversen @felipediel @L-I-Am @eifinger
 /homeassistant/components/brother/ @bieniu
 /tests/components/brother/ @bieniu
 /homeassistant/components/brottsplatskartan/ @gjohansson-ST
@@ -297,8 +297,6 @@ CLAUDE.md @home-assistant/core
 /tests/components/cert_expiry/ @jjlawren
 /homeassistant/components/chacon_dio/ @cnico
 /tests/components/chacon_dio/ @cnico
-/homeassistant/components/chef_iq/ @Invader444
-/tests/components/chef_iq/ @Invader444
 /homeassistant/components/chess_com/ @joostlek
 /tests/components/chess_com/ @joostlek
 /homeassistant/components/cielo_home/ @ihsan-cielo @mudasar-cielo
@@ -455,8 +453,6 @@ CLAUDE.md @home-assistant/core
 /tests/components/ecovacs/ @mib1185 @edenhaus @Augar
 /homeassistant/components/ecowitt/ @pvizeli
 /tests/components/ecowitt/ @pvizeli
-/homeassistant/components/edifier_infrared/ @abmantis
-/tests/components/edifier_infrared/ @abmantis
 /homeassistant/components/efergy/ @tkdrob
 /tests/components/efergy/ @tkdrob
 /homeassistant/components/egardia/ @jeroenterheerdt
@@ -494,8 +490,6 @@ CLAUDE.md @home-assistant/core
 /tests/components/emulated_kasa/ @kbickar
 /homeassistant/components/energenie_power_sockets/ @gnumpi
 /tests/components/energenie_power_sockets/ @gnumpi
-/homeassistant/components/energieleser/ @AjinkyaGokhale @amitkio
-/tests/components/energieleser/ @AjinkyaGokhale @amitkio
 /homeassistant/components/energy/ @home-assistant/core
 /tests/components/energy/ @home-assistant/core
 /homeassistant/components/energyid/ @JrtPec @Molier
@@ -507,8 +501,6 @@ CLAUDE.md @home-assistant/core
 /homeassistant/components/enphase_envoy/ @bdraco @cgarwood @catsmanac
 /tests/components/enphase_envoy/ @bdraco @cgarwood @catsmanac
 /homeassistant/components/entur_public_transport/ @hfurubotten @SanderBlom
-/homeassistant/components/envertech_evt800/ @daniel-bergmann-00
-/tests/components/envertech_evt800/ @daniel-bergmann-00
 /homeassistant/components/environment_canada/ @gwww @michaeldavie
 /tests/components/environment_canada/ @gwww @michaeldavie
 /homeassistant/components/ephember/ @ttroy50 @roberty99
@@ -578,8 +570,8 @@ CLAUDE.md @home-assistant/core
 /tests/components/flo/ @dmulcahey
 /homeassistant/components/flume/ @ChrisMandich @bdraco @jeeftor
 /tests/components/flume/ @ChrisMandich @bdraco @jeeftor
-/homeassistant/components/fluss/ @fluss @Marcello17
-/tests/components/fluss/ @fluss @Marcello17
+/homeassistant/components/fluss/ @fluss
+/tests/components/fluss/ @fluss
 /homeassistant/components/flux_led/ @icemanch
 /tests/components/flux_led/ @icemanch
 /homeassistant/components/forecast_solar/ @klaasnicolaas @frenck
@@ -631,8 +623,8 @@ CLAUDE.md @home-assistant/core
 /tests/components/generic_hygrostat/ @Shulyaka
 /homeassistant/components/geniushub/ @manzanotti
 /tests/components/geniushub/ @manzanotti
-/homeassistant/components/gentex_homelink/ @Gentex-Corporation/Homelink @rjones-gentex
-/tests/components/gentex_homelink/ @Gentex-Corporation/Homelink @rjones-gentex
+/homeassistant/components/gentex_homelink/ @niaexa @ryanjones-gentex
+/tests/components/gentex_homelink/ @niaexa @ryanjones-gentex
 /homeassistant/components/geo_json_events/ @exxamalte
 /tests/components/geo_json_events/ @exxamalte
 /homeassistant/components/geo_location/ @home-assistant/core
@@ -697,8 +689,6 @@ CLAUDE.md @home-assistant/core
 /tests/components/gree/ @cmroche
 /homeassistant/components/green_planet_energy/ @petschni
 /tests/components/green_planet_energy/ @petschni
-/homeassistant/components/greencell/ @BrzezowskiGC
-/tests/components/greencell/ @BrzezowskiGC
 /homeassistant/components/greeneye_monitor/ @jkeljo
 /tests/components/greeneye_monitor/ @jkeljo
 /homeassistant/components/group/ @home-assistant/core
@@ -728,8 +718,6 @@ CLAUDE.md @home-assistant/core
 /homeassistant/components/heatmiser/ @andylockran
 /homeassistant/components/hegel/ @boazca
 /tests/components/hegel/ @boazca
-/homeassistant/components/helty/ @ebaschiera
-/tests/components/helty/ @ebaschiera
 /homeassistant/components/heos/ @andrewsayre
 /tests/components/heos/ @andrewsayre
 /homeassistant/components/here_travel_time/ @eifinger
@@ -779,8 +767,8 @@ CLAUDE.md @home-assistant/core
 /tests/components/homevolt/ @danielhiversen @liudger
 /homeassistant/components/homewizard/ @DCSBL
 /tests/components/homewizard/ @DCSBL
-/homeassistant/components/honeywell/ @mkmer
-/tests/components/honeywell/ @mkmer
+/homeassistant/components/honeywell/ @rdfurman @mkmer
+/tests/components/honeywell/ @rdfurman @mkmer
 /homeassistant/components/honeywell_string_lights/ @balloob
 /tests/components/honeywell_string_lights/ @balloob
 /homeassistant/components/hr_energy_qube/ @MattieGit
@@ -789,8 +777,8 @@ CLAUDE.md @home-assistant/core
 /tests/components/html5/ @alexyao2015 @tr4nt0r
 /homeassistant/components/http/ @home-assistant/core
 /tests/components/http/ @home-assistant/core
-/homeassistant/components/huawei_lte/ @fphammerle
-/tests/components/huawei_lte/ @fphammerle
+/homeassistant/components/huawei_lte/ @scop @fphammerle
+/tests/components/huawei_lte/ @scop @fphammerle
 /homeassistant/components/hue/ @marcelveldt
 /tests/components/hue/ @marcelveldt
 /homeassistant/components/hue_ble/ @flip-dots
@@ -848,8 +836,6 @@ CLAUDE.md @home-assistant/core
 /tests/components/imgw_pib/ @bieniu
 /homeassistant/components/immich/ @mib1185
 /tests/components/immich/ @mib1185
-/homeassistant/components/imou/ @Imou-OpenPlatform
-/tests/components/imou/ @Imou-OpenPlatform
 /homeassistant/components/improv_ble/ @emontnemery
 /tests/components/improv_ble/ @emontnemery
 /homeassistant/components/incomfort/ @jbouwh
@@ -951,8 +937,6 @@ CLAUDE.md @home-assistant/core
 /tests/components/kiosker/ @Claeysson
 /homeassistant/components/kitchen_sink/ @home-assistant/core
 /tests/components/kitchen_sink/ @home-assistant/core
-/homeassistant/components/klik_aan_klik_uit/ @Phunkafizer
-/tests/components/klik_aan_klik_uit/ @Phunkafizer
 /homeassistant/components/kmtronic/ @dgomes
 /tests/components/kmtronic/ @dgomes
 /homeassistant/components/knocki/ @joostlek @jgatto1 @JakeBosh
@@ -961,6 +945,8 @@ CLAUDE.md @home-assistant/core
 /tests/components/knx/ @Julius2342 @farmio @marvin-w
 /homeassistant/components/kodi/ @OnFreund
 /tests/components/kodi/ @OnFreund
+/homeassistant/components/konnected/ @heythisisnate
+/tests/components/konnected/ @heythisisnate
 /homeassistant/components/kostal_plenticore/ @stegm
 /tests/components/kostal_plenticore/ @stegm
 /homeassistant/components/kraken/ @eifinger
@@ -1003,8 +989,6 @@ CLAUDE.md @home-assistant/core
 /tests/components/lg_netcast/ @Drafteed @splinter98
 /homeassistant/components/lg_thinq/ @LG-ThinQ-Integration
 /tests/components/lg_thinq/ @LG-ThinQ-Integration
-/homeassistant/components/lg_tv_rs232/ @balloob
-/tests/components/lg_tv_rs232/ @balloob
 /homeassistant/components/libre_hardware_monitor/ @Sab44
 /tests/components/libre_hardware_monitor/ @Sab44
 /homeassistant/components/lichess/ @aryanhasgithub
@@ -1090,8 +1074,6 @@ CLAUDE.md @home-assistant/core
 /homeassistant/components/mediaroom/ @dgomes
 /homeassistant/components/melcloud/ @erwindouna
 /tests/components/melcloud/ @erwindouna
-/homeassistant/components/melcloud_home/ @erwindouna
-/tests/components/melcloud_home/ @erwindouna
 /homeassistant/components/melissa/ @kennedyshead
 /tests/components/melissa/ @kennedyshead
 /homeassistant/components/melnor/ @vanstinator
@@ -1159,6 +1141,7 @@ CLAUDE.md @home-assistant/core
 /tests/components/motionmount/ @laiho-vogels
 /homeassistant/components/mqtt/ @emontnemery @jbouwh @bdraco
 /tests/components/mqtt/ @emontnemery @jbouwh @bdraco
+/homeassistant/components/msteams/ @peroyvind
 /homeassistant/components/mta/ @OnFreund
 /tests/components/mta/ @OnFreund
 /homeassistant/components/mullvad/ @meichthys
@@ -1169,8 +1152,8 @@ CLAUDE.md @home-assistant/core
 /tests/components/mutesync/ @currentoor
 /homeassistant/components/my/ @home-assistant/core
 /tests/components/my/ @home-assistant/core
-/homeassistant/components/myneomitis/ @Epyes
-/tests/components/myneomitis/ @Epyes
+/homeassistant/components/myneomitis/ @l-pr
+/tests/components/myneomitis/ @l-pr
 /homeassistant/components/mysensors/ @MartinHjelmare @functionpointer
 /tests/components/mysensors/ @MartinHjelmare @functionpointer
 /homeassistant/components/mystrom/ @fabaff
@@ -1309,8 +1292,6 @@ CLAUDE.md @home-assistant/core
 /tests/components/openhome/ @bazwilliams
 /homeassistant/components/openrgb/ @felipecrs
 /tests/components/openrgb/ @felipecrs
-/homeassistant/components/opensensemap/ @AlCalzone
-/tests/components/opensensemap/ @AlCalzone
 /homeassistant/components/opensky/ @joostlek
 /tests/components/opensky/ @joostlek
 /homeassistant/components/opentherm_gw/ @mvn23
@@ -1338,8 +1319,6 @@ CLAUDE.md @home-assistant/core
 /tests/components/overkiz/ @imicknl
 /homeassistant/components/overseerr/ @joostlek @AmGarera
 /tests/components/overseerr/ @joostlek @AmGarera
-/homeassistant/components/ovhcloud_ai_endpoints/ @Crocmagnon
-/tests/components/ovhcloud_ai_endpoints/ @Crocmagnon
 /homeassistant/components/ovo_energy/ @timmo001
 /tests/components/ovo_energy/ @timmo001
 /homeassistant/components/p1_monitor/ @klaasnicolaas
@@ -1434,8 +1413,8 @@ CLAUDE.md @home-assistant/core
 /tests/components/pushover/ @engrbm87
 /homeassistant/components/pvoutput/ @frenck
 /tests/components/pvoutput/ @frenck
-/homeassistant/components/pvpc_hourly_pricing/ @azogue @chiro79
-/tests/components/pvpc_hourly_pricing/ @azogue @chiro79
+/homeassistant/components/pvpc_hourly_pricing/ @azogue
+/tests/components/pvpc_hourly_pricing/ @azogue
 /homeassistant/components/pyload/ @tr4nt0r
 /tests/components/pyload/ @tr4nt0r
 /homeassistant/components/qbittorrent/ @geoffreylagaisse @finder39
@@ -1556,12 +1535,11 @@ CLAUDE.md @home-assistant/core
 /tests/components/rympro/ @OnFreund @elad-bar @maorcc
 /homeassistant/components/sabnzbd/ @shaiu @jpbede
 /tests/components/sabnzbd/ @shaiu @jpbede
-/homeassistant/components/saj/ @fredericvl @edurenye
-/tests/components/saj/ @fredericvl @edurenye
+/homeassistant/components/saj/ @fredericvl
 /homeassistant/components/samsung_infrared/ @lmaertin
 /tests/components/samsung_infrared/ @lmaertin
-/homeassistant/components/samsungtv/ @chemelli74
-/tests/components/samsungtv/ @chemelli74
+/homeassistant/components/samsungtv/ @chemelli74 @epenet
+/tests/components/samsungtv/ @chemelli74 @epenet
 /homeassistant/components/sanix/ @tomaszsluszniak
 /tests/components/sanix/ @tomaszsluszniak
 /homeassistant/components/satel_integra/ @Tommatheussen
@@ -1601,8 +1579,8 @@ CLAUDE.md @home-assistant/core
 /tests/components/sensorpush/ @bdraco
 /homeassistant/components/sensorpush_cloud/ @sstallion
 /tests/components/sensorpush_cloud/ @sstallion
-/homeassistant/components/sensoterra/ @SanderBakkumCuriousInc @curious-florian @markruys
-/tests/components/sensoterra/ @SanderBakkumCuriousInc @curious-florian @markruys
+/homeassistant/components/sensoterra/ @markruys
+/tests/components/sensoterra/ @markruys
 /homeassistant/components/sentry/ @dcramer @frenck
 /tests/components/sentry/ @dcramer @frenck
 /homeassistant/components/senz/ @milanmeu
@@ -1710,8 +1688,8 @@ CLAUDE.md @home-assistant/core
 /tests/components/sql/ @gjohansson-ST @dougiteixeira
 /homeassistant/components/squeezebox/ @rajlaud @pssc @peteS-UK
 /tests/components/squeezebox/ @rajlaud @pssc @peteS-UK
-/homeassistant/components/srp_energy/ @briglx @ammmze
-/tests/components/srp_energy/ @briglx @ammmze
+/homeassistant/components/srp_energy/ @briglx
+/tests/components/srp_energy/ @briglx
 /homeassistant/components/starline/ @anonym-tsk
 /tests/components/starline/ @anonym-tsk
 /homeassistant/components/statistics/ @ThomDietrich @gjohansson-ST
@@ -1895,9 +1873,9 @@ CLAUDE.md @home-assistant/core
 /homeassistant/components/unifi_access/ @imhotep @RaHehl
 /tests/components/unifi_access/ @imhotep @RaHehl
 /homeassistant/components/unifi_direct/ @tofuSCHNITZEL
-/tests/components/unifi_direct/ @tofuSCHNITZEL
 /homeassistant/components/unifi_discovery/ @RaHehl
 /tests/components/unifi_discovery/ @RaHehl
+/homeassistant/components/unifiled/ @florisvdk
 /homeassistant/components/unifiprotect/ @RaHehl
 /tests/components/unifiprotect/ @RaHehl
 /homeassistant/components/upb/ @gwww
@@ -1954,8 +1932,6 @@ CLAUDE.md @home-assistant/core
 /tests/components/victron_remote_monitoring/ @AndyTempel
 /homeassistant/components/vilfo/ @ManneW
 /tests/components/vilfo/ @ManneW
-/homeassistant/components/vistapool/ @fdebrus
-/tests/components/vistapool/ @fdebrus
 /homeassistant/components/vivotek/ @HarlemSquirrel
 /tests/components/vivotek/ @HarlemSquirrel
 /homeassistant/components/vizio/ @raman325
@@ -1986,12 +1962,11 @@ CLAUDE.md @home-assistant/core
 /tests/components/waterfurnace/ @sdague @masterkoppa
 /homeassistant/components/watergate/ @adam-the-hero
 /tests/components/watergate/ @adam-the-hero
+/homeassistant/components/watson_tts/ @rutkai
 /homeassistant/components/watts/ @theobld-ww @devender-verma-ww @ssi-spyro
 /tests/components/watts/ @theobld-ww @devender-verma-ww @ssi-spyro
 /homeassistant/components/watttime/ @bachya
 /tests/components/watttime/ @bachya
-/homeassistant/components/wattwaechter/ @smartcircuits
-/tests/components/wattwaechter/ @smartcircuits
 /homeassistant/components/waze_travel_time/ @eifinger
 /tests/components/waze_travel_time/ @eifinger
 /homeassistant/components/weather/ @home-assistant/core
@@ -2073,16 +2048,14 @@ CLAUDE.md @home-assistant/core
 /tests/components/yamaha_musiccast/ @vigonotion @micha91
 /homeassistant/components/yandex_transport/ @rishatik92 @devbis
 /tests/components/yandex_transport/ @rishatik92 @devbis
-/homeassistant/components/yardian/ @aeon-matrix
-/tests/components/yardian/ @aeon-matrix
+/homeassistant/components/yardian/ @h3l1o5
+/tests/components/yardian/ @h3l1o5
 /homeassistant/components/yeelight/ @zewelor @shenxn @starkillerOG @alexyao2015
 /tests/components/yeelight/ @zewelor @shenxn @starkillerOG @alexyao2015
 /homeassistant/components/yeelightsunflower/ @lindsaymarkward
 /homeassistant/components/yi/ @bachya
 /homeassistant/components/yolink/ @matrixd2
 /tests/components/yolink/ @matrixd2
-/homeassistant/components/yoto/ @cdnninja @piitaya
-/tests/components/yoto/ @cdnninja @piitaya
 /homeassistant/components/youless/ @gjong
 /tests/components/youless/ @gjong
 /homeassistant/components/youtube/ @joostlek
@@ -6,7 +6,7 @@ from collections.abc import Mapping
 from datetime import datetime, timedelta
 from functools import partial
 import time
-from typing import Any, cast, override
+from typing import Any, cast

 import jwt

@@ -109,7 +109,6 @@ class AuthManagerFlowManager(
        super().__init__(hass)
        self.auth_manager = auth_manager

-    @override
    async def async_create_flow(
        self,
        handler_key: tuple[str, str],
@@ -123,7 +122,6 @@ class AuthManagerFlowManager(
            raise KeyError(f"Unknown auth provider {handler_key}")
        return await auth_provider.async_login_flow(context)

-    @override
    async def async_finish_flow(
        self,
        flow: FlowHandler[AuthFlowContext, AuthFlowResult, tuple[str, str]],
@@ -136,7 +134,7 @@ class AuthManagerFlowManager(
        """
        flow = cast(LoginFlow, flow)

-        if result["type"] is not FlowResultType.CREATE_ENTRY:
+        if result["type"] != FlowResultType.CREATE_ENTRY:
            return result

        # we got final result
@@ -39,7 +39,6 @@ class _PyJWSWithLoadCache(PyJWS):
    # We only ever have a global instance of this class
    # so we do not have to worry about the LRU growing
    # each time we create a new instance.
-    @override
    def _load(self, jwt: str | bytes) -> tuple[bytes, bytes, dict, bytes]:
        """Load a JWS."""
        return super()._load(jwt)
@@ -1,6 +1,6 @@
 """Example auth module."""

-from typing import Any, override
+from typing import Any

 import voluptuous as vol

@@ -35,7 +35,6 @@ class InsecureExampleModule(MultiFactorAuthModule):
        self._data = config["data"]

    @property
-    @override
    def input_schema(self) -> vol.Schema:
        """Validate login flow input data."""
        return vol.Schema({vol.Required("pin"): str})
@@ -45,7 +44,6 @@ class InsecureExampleModule(MultiFactorAuthModule):
        """Validate async_setup_user input data."""
        return vol.Schema({vol.Required("pin"): str})

-    @override
    async def async_setup_flow(self, user_id: str) -> SetupFlow:
        """Return a data entry flow handler for setup module.

@@ -53,7 +51,6 @@ class InsecureExampleModule(MultiFactorAuthModule):
        """
        return SetupFlow(self, self.setup_schema, user_id)

-    @override
    async def async_setup_user(self, user_id: str, setup_data: Any) -> Any:
        """Set up user to use mfa module."""
        # data shall has been validate in caller
@@ -67,7 +64,6 @@ class InsecureExampleModule(MultiFactorAuthModule):

        self._data.append({"user_id": user_id, "pin": pin})

-    @override
    async def async_depose_user(self, user_id: str) -> None:
        """Remove user from mfa module."""
        found = None
@@ -78,12 +74,10 @@ class InsecureExampleModule(MultiFactorAuthModule):
        if found:
            self._data.remove(found)

-    @override
    async def async_is_user_setup(self, user_id: str) -> bool:
        """Return whether user is setup."""
        return any(data["user_id"] == user_id for data in self._data)

-    @override
    async def async_validate(self, user_id: str, user_input: dict[str, Any]) -> bool:
        """Return True if validation passed."""
        return any(
@@ -5,7 +5,7 @@ Sending HOTP through notify service

 import asyncio
 import logging
-from typing import Any, cast, override
+from typing import Any, cast

 import attr
 import voluptuous as vol
@@ -107,7 +107,6 @@ class NotifyAuthModule(MultiFactorAuthModule):
        self._init_lock = asyncio.Lock()

    @property
-    @override
    def input_schema(self) -> vol.Schema:
        """Validate login flow input data."""
        return vol.Schema({vol.Required(INPUT_FIELD_CODE): str})
@@ -160,7 +159,6 @@ class NotifyAuthModule(MultiFactorAuthModule):

        return sorted(unordered_services)

-    @override
    async def async_setup_flow(self, user_id: str) -> NotifySetupFlow:
        """Return a data entry flow handler for setup module.

@@ -170,7 +168,6 @@ class NotifyAuthModule(MultiFactorAuthModule):
            self, self.input_schema, user_id, self.aync_get_available_notify_services()
        )

-    @override
    async def async_setup_user(self, user_id: str, setup_data: Any) -> Any:
        """Set up auth module for user."""
        if self._user_settings is None:
@@ -184,7 +181,6 @@ class NotifyAuthModule(MultiFactorAuthModule):

        await self._async_save()

-    @override
    async def async_depose_user(self, user_id: str) -> None:
        """Depose auth module for user."""
        if self._user_settings is None:
@@ -194,7 +190,6 @@ class NotifyAuthModule(MultiFactorAuthModule):
        if self._user_settings.pop(user_id, None):
            await self._async_save()

-    @override
    async def async_is_user_setup(self, user_id: str) -> bool:
        """Return whether user is setup."""
        if self._user_settings is None:
@@ -203,7 +198,6 @@ class NotifyAuthModule(MultiFactorAuthModule):

        return user_id in self._user_settings

-    @override
    async def async_validate(self, user_id: str, user_input: dict[str, Any]) -> bool:
        """Return True if validation passed."""
        if self._user_settings is None:
@@ -289,7 +283,6 @@ class NotifySetupFlow(SetupFlow[NotifyAuthModule]):
        self._notify_service: str | None = None
        self._target: str | None = None

-    @override
    async def async_step_init(
        self, user_input: dict[str, str] | None = None
    ) -> FlowResult:
@@ -2,7 +2,7 @@

 import asyncio
 from io import BytesIO
-from typing import Any, cast, override
+from typing import Any, cast

 import voluptuous as vol

@@ -87,7 +87,6 @@ class TotpAuthModule(MultiFactorAuthModule):
        self._init_lock = asyncio.Lock()

    @property
-    @override
    def input_schema(self) -> vol.Schema:
        """Validate login flow input data."""
        return vol.Schema({vol.Required(INPUT_FIELD_CODE): str})
@@ -116,7 +115,6 @@ class TotpAuthModule(MultiFactorAuthModule):
        self._users[user_id] = ota_secret  # type: ignore[index]
        return ota_secret

-    @override
    async def async_setup_flow(self, user_id: str) -> TotpSetupFlow:
        """Return a data entry flow handler for setup module.

@@ -126,7 +124,6 @@ class TotpAuthModule(MultiFactorAuthModule):
        assert user is not None
        return TotpSetupFlow(self, self.input_schema, user)

-    @override
    async def async_setup_user(self, user_id: str, setup_data: Any) -> str:
        """Set up auth module for user."""
        if self._users is None:
@@ -139,7 +136,6 @@ class TotpAuthModule(MultiFactorAuthModule):
        await self._async_save()
        return result

-    @override
    async def async_depose_user(self, user_id: str) -> None:
        """Depose auth module for user."""
        if self._users is None:
@@ -148,7 +144,6 @@ class TotpAuthModule(MultiFactorAuthModule):
        if self._users.pop(user_id, None):  # type: ignore[union-attr]
            await self._async_save()

-    @override
    async def async_is_user_setup(self, user_id: str) -> bool:
        """Return whether user is setup."""
        if self._users is None:
@@ -156,7 +151,6 @@ class TotpAuthModule(MultiFactorAuthModule):

        return user_id in self._users  # type: ignore[operator]

-    @override
    async def async_validate(self, user_id: str, user_input: dict[str, Any]) -> bool:
        """Return True if validation passed."""
        if self._users is None:
@@ -195,7 +189,6 @@ class TotpSetupFlow(SetupFlow[TotpAuthModule]):
        super().__init__(auth_module, setup_schema, user.id)
        self._user = user

-    @override
    async def async_step_init(
        self, user_input: dict[str, str] | None = None
    ) -> FlowResult:
@@ -1,7 +1,7 @@
 """Permissions for Home Assistant."""

 from collections.abc import Callable, Iterable
-from typing import TYPE_CHECKING, override
+from typing import TYPE_CHECKING

 import voluptuous as vol

@@ -68,17 +68,14 @@ class PolicyPermissions(AbstractPermissions):
        self._policy = policy
        self._perm_lookup = perm_lookup

-    @override
    def access_all_entities(self, key: str) -> bool:
        """Check if we have a certain access to all entities."""
        return test_all(self._policy.get(CAT_ENTITIES), key)

-    @override
    def _entity_func(self) -> Callable[[str, str], bool]:
        """Return a function that can test entity access."""
        return compile_entities(self._policy.get(CAT_ENTITIES), self._perm_lookup)

-    @override
    def __eq__(self, other: object) -> bool:
        """Equals check."""
        return isinstance(other, PolicyPermissions) and other._policy == self._policy
@@ -87,12 +84,10 @@ class PolicyPermissions(AbstractPermissions):
 class _OwnerPermissions(AbstractPermissions):
    """Owner permissions."""

-    @override
    def access_all_entities(self, key: str) -> bool:
        """Check if we have a certain access to all entities."""
        return True

-    @override
    def _entity_func(self) -> Callable[[str, str], bool]:
        """Return a function that can test entity access."""
        return lambda entity_id, key: True
@@ -4,7 +4,7 @@ import asyncio
 from collections.abc import Mapping
 import logging
 import os
-from typing import Any, override
+from typing import Any

 import voluptuous as vol

@@ -57,7 +57,6 @@ class CommandLineAuthProvider(AuthProvider):
        super().__init__(*args, **kwargs)
        self._user_meta: dict[str, dict[str, Any]] = {}

-    @override
    async def async_login_flow(
        self, context: AuthFlowContext | None
    ) -> CommandLineLoginFlow:
@@ -106,7 +105,6 @@ class CommandLineAuthProvider(AuthProvider):
                    meta[key] = value
            self._user_meta[username] = meta

-    @override
    async def async_get_or_create_credentials(
        self, flow_result: Mapping[str, str]
    ) -> Credentials:
@@ -119,7 +117,6 @@ class CommandLineAuthProvider(AuthProvider):
        # Create new credentials.
        return self.async_create_credentials({"username": username})

-    @override
    async def async_user_meta_for_credentials(
        self, credentials: Credentials
    ) -> UserMeta:
@@ -139,7 +136,6 @@ class CommandLineAuthProvider(AuthProvider):
 class CommandLineLoginFlow(LoginFlow[CommandLineAuthProvider]):
    """Handler for the login flow."""

-    @override
    async def async_step_init(
        self, user_input: dict[str, str] | None = None
    ) -> AuthFlowResult:
@@ -4,7 +4,7 @@ import asyncio
 import base64
 from collections.abc import Mapping
 import logging
-from typing import Any, cast, override
+from typing import Any, cast

 import bcrypt
 import voluptuous as vol
@@ -302,7 +302,6 @@ class HassAuthProvider(AuthProvider):
        self.data: Data | None = None
        self._init_lock = asyncio.Lock()

-    @override
    async def async_initialize(self) -> None:
        """Initialize the auth provider."""
        async with self._init_lock:
@@ -313,7 +312,6 @@ class HassAuthProvider(AuthProvider):
            await data.async_load()
            self.data = data

-    @override
    async def async_login_flow(self, context: AuthFlowContext | None) -> HassLoginFlow:
        """Return a flow to login."""
        return HassLoginFlow(self)
@@ -371,7 +369,6 @@ class HassAuthProvider(AuthProvider):
        )
        await self.data.async_save()

-    @override
    async def async_get_or_create_credentials(
        self, flow_result: Mapping[str, str]
    ) -> Credentials:
@@ -390,7 +387,6 @@ class HassAuthProvider(AuthProvider):
        # Create new credentials.
        return self.async_create_credentials({"username": username})

-    @override
    async def async_user_meta_for_credentials(
        self, credentials: Credentials
    ) -> UserMeta:
@@ -414,7 +410,6 @@ class HassAuthProvider(AuthProvider):
 class HassLoginFlow(LoginFlow[HassAuthProvider]):
    """Handler for the login flow."""

-    @override
    async def async_step_init(
        self, user_input: dict[str, str] | None = None
    ) -> AuthFlowResult:
@@ -2,7 +2,6 @@

 from collections.abc import Mapping
 import hmac
-from typing import override

 import voluptuous as vol

@@ -34,7 +33,6 @@ class InvalidAuthError(HomeAssistantError):
 class ExampleAuthProvider(AuthProvider):
    """Example auth provider based on hardcoded usernames and passwords."""

-    @override
    async def async_login_flow(
        self, context: AuthFlowContext | None
    ) -> ExampleLoginFlow:
@@ -63,7 +61,6 @@ class ExampleAuthProvider(AuthProvider):
        ):
            raise InvalidAuthError

-    @override
    async def async_get_or_create_credentials(
        self, flow_result: Mapping[str, str]
    ) -> Credentials:
@@ -77,7 +74,6 @@ class ExampleAuthProvider(AuthProvider):
        # Create new credentials.
        return self.async_create_credentials({"username": username})

-    @override
    async def async_user_meta_for_credentials(
        self, credentials: Credentials
    ) -> UserMeta:
@@ -99,7 +95,6 @@ class ExampleAuthProvider(AuthProvider):
 class ExampleLoginFlow(LoginFlow[ExampleAuthProvider]):
    """Handler for the login flow."""

-    @override
    async def async_step_init(
        self, user_input: dict[str, str] | None = None
    ) -> AuthFlowResult:
@@ -13,7 +13,7 @@ from ipaddress import (
    ip_address,
    ip_network,
 )
-from typing import Any, cast, override
+from typing import Any, cast

 import voluptuous as vol

@@ -98,12 +98,10 @@ class TrustedNetworksAuthProvider(AuthProvider):
        ]

    @property
-    @override
    def support_mfa(self) -> bool:
        """Trusted Networks auth provider does not support MFA."""
        return False

-    @override
    async def async_login_flow(
        self, context: AuthFlowContext | None
    ) -> TrustedNetworksLoginFlow:
@@ -146,7 +144,6 @@ class TrustedNetworksAuthProvider(AuthProvider):
            self.config[CONF_ALLOW_BYPASS_LOGIN],
        )

-    @override
    async def async_get_or_create_credentials(
        self, flow_result: Mapping[str, str]
    ) -> Credentials:
@@ -175,7 +172,6 @@ class TrustedNetworksAuthProvider(AuthProvider):
        # We only allow login as exist user
        raise InvalidUserError

-    @override
    async def async_user_meta_for_credentials(
        self, credentials: Credentials
    ) -> UserMeta:
@@ -207,7 +203,6 @@ class TrustedNetworksAuthProvider(AuthProvider):
            raise InvalidAuthError("Can't allow access from Home Assistant Cloud")

    @callback
-    @override
    def async_validate_refresh_token(
        self, refresh_token: RefreshToken, remote_ip: str | None = None
    ) -> None:
@@ -235,7 +230,6 @@ class TrustedNetworksLoginFlow(LoginFlow[TrustedNetworksAuthProvider]):
        self._ip_address = ip_addr
        self._allow_bypass_login = allow_bypass_login

-    @override
    async def async_step_init(
        self, user_input: dict[str, str] | None = None
    ) -> AuthFlowResult:
@@ -92,7 +92,8 @@ def _extract_backup(
    ):
        ostf.tar.extractall(
            path=Path(tempdir, "extracted"),
-            filter="tar",
+            members=securetar.secure_path(ostf.tar),
+            filter="fully_trusted",
        )
        backup_meta_file = Path(tempdir, "extracted", "backup.json")
        backup_meta = json.loads(backup_meta_file.read_text(encoding="utf8"))
@@ -118,7 +119,8 @@ def _extract_backup(
        ) as istf:
            istf.extractall(
                path=Path(tempdir, "homeassistant"),
-                filter="tar",
+                members=securetar.secure_path(istf),
+                filter="fully_trusted",
            )
            if restore_content.restore_homeassistant:
                keep = list(KEEP_BACKUPS)
@@ -14,7 +14,7 @@ import platform
 import sys
 import threading
 from time import monotonic
-from typing import TYPE_CHECKING, Any, override
+from typing import TYPE_CHECKING, Any

 # Import cryptography early since import openssl is not thread-safe
 # _frozen_importlib._DeadlockError: deadlock detected by
@@ -66,7 +66,6 @@ from .const import (
    BASE_PLATFORMS,
    FORMAT_DATETIME,
    KEY_DATA_LOGGING as DATA_LOGGING,
-    KEY_DATA_LOGGING_DISABLED_REASON as DATA_LOGGING_DISABLED_REASON,
    SIGNAL_BOOTSTRAP_INTEGRATIONS,
 )
 from .core_config import async_process_ha_core_config
@@ -130,11 +129,6 @@ SETUP_ORDER_SORT_KEY = partial(contains, BASE_PLATFORMS)


 ERROR_LOG_FILENAME = "home-assistant.log"
-ENV_DISABLE_LOG_FILE = "HA_DISABLE_LOG_FILE"
-ENV_DUPLICATE_LOG_FILE = "HA_DUPLICATE_LOG_FILE"
-ENV_SUPERVISOR = "SUPERVISOR"
-LOG_FILE_DISABLED_REASON_ENVIRONMENT = "environment"
-LOG_FILE_DISABLED_REASON_SUPERVISOR = "supervisor"

 # hass.data key for logging information.
 DATA_REGISTRIES_LOADED: HassKey[None] = HassKey("bootstrap_registries_loaded")
@@ -648,12 +642,10 @@ async def async_enable_logging(
    logger.setLevel(logging.INFO if verbose else logging.WARNING)

    if log_file is None:
-        disabled_log_file_reason = _log_file_disabled_reason()
        default_log_path = hass.config.path(ERROR_LOG_FILENAME)
-        if disabled_log_file_reason:
+        if "SUPERVISOR" in os.environ and "HA_DUPLICATE_LOG_FILE" not in os.environ:
            # Rename the default log file if it exists, since previous versions created
-            # it before Supervisor disabled duplicate file logging or
-            # HA_DISABLE_LOG_FILE disabled the log file.
+            # it even on Supervisor
            def rename_old_file() -> None:
                """Rename old log file in executor."""
                if os.path.isfile(default_log_path):
@@ -665,7 +657,6 @@ async def async_enable_logging(
        else:
            err_log_path = default_log_path
    else:
-        disabled_log_file_reason = None
        err_log_path = os.path.abspath(log_file)

    if err_log_path:
@@ -678,34 +669,10 @@ async def async_enable_logging(

        # Save the log file location for access by other components.
        hass.data[DATA_LOGGING] = err_log_path
-    elif disabled_log_file_reason == LOG_FILE_DISABLED_REASON_ENVIRONMENT:
-        hass.data[DATA_LOGGING_DISABLED_REASON] = disabled_log_file_reason

    async_activate_log_queue_handler(hass)


-def _log_file_disabled_reason() -> str | None:
-    """Return why the log file is disabled."""
-    if ENV_SUPERVISOR in os.environ and ENV_DUPLICATE_LOG_FILE not in os.environ:
-        return LOG_FILE_DISABLED_REASON_SUPERVISOR
-
-    disable_log_file = os.environ.get(ENV_DISABLE_LOG_FILE)
-    if disable_log_file is None:
-        return None
-
-    try:
-        if cv.boolean(disable_log_file):
-            return LOG_FILE_DISABLED_REASON_ENVIRONMENT
-    except vol.Invalid:
-        _LOGGER.warning(
-            "Ignoring invalid %s value: %s. Expected a boolean value: "
-            "1/0, true/false, yes/no, on/off, or enable/disable",
-            ENV_DISABLE_LOG_FILE,
-            disable_log_file,
-        )
-    return None
-
-
 def _create_log_file(
    err_log_path: str, log_rotate_days: int | None
 ) -> RotatingFileHandler | TimedRotatingFileHandler:
@@ -730,7 +697,6 @@ def _create_log_file(
 class _RotatingFileHandlerWithoutShouldRollOver(RotatingFileHandler):
    """RotatingFileHandler that does not check if it should roll over on every log."""

-    @override
    def shouldRollover(self, record: logging.LogRecord) -> bool:
        """Never roll over.

@@ -767,7 +733,7 @@ def _get_domains(hass: core.HomeAssistant, config: dict[str, Any]) -> set[str]:
        domains.update(DEFAULT_INTEGRATIONS_RECOVERY_MODE)

    # Add domains depending on if the Supervisor is used or not
-    if ENV_SUPERVISOR in os.environ:
+    if "SUPERVISOR" in os.environ:
        domains.update(DEFAULT_INTEGRATIONS_SUPERVISOR)

    return domains
@@ -6,7 +6,6 @@
    "lg_netcast",
    "lg_soundbar",
    "lg_thinq",
-    "lg_tv_rs232",
    "webostv"
  ]
 }
@@ -7,7 +7,11 @@
    "azure_event_hub",
    "azure_service_bus",
    "azure_storage",
+    "microsoft_face_detect",
+    "microsoft_face_identify",
+    "microsoft_face",
    "microsoft",
+    "msteams",
    "onedrive",
    "onedrive_for_business",
    "xbox"
@@ -7,6 +7,7 @@
    "unifi_access",
    "unifi_direct",
    "unifi_discovery",
+    "unifiled",
    "unifiprotect"
  ]
 }
@@ -1,7 +1,5 @@
 """Support for Abode Security System alarm control panels."""

-from typing import override
-
 from jaraco.abode.devices.alarm import Alarm

 from homeassistant.components.alarm_control_panel import (
@@ -40,7 +38,6 @@ class AbodeAlarm(AbodeDevice, AlarmControlPanelEntity):
    _device: Alarm

    @property
-    @override
    def alarm_state(self) -> AlarmControlPanelState | None:
        """Return the state of the device."""
        if self._device.is_standby:
@@ -51,23 +48,19 @@ class AbodeAlarm(AbodeDevice, AlarmControlPanelEntity):
            return AlarmControlPanelState.ARMED_HOME
        return None

-    @override
    def alarm_disarm(self, code: str | None = None) -> None:
        """Send disarm command."""
        self._device.set_standby()

-    @override
    def alarm_arm_home(self, code: str | None = None) -> None:
        """Send arm home command."""
        self._device.set_home()

-    @override
    def alarm_arm_away(self, code: str | None = None) -> None:
        """Send arm away command."""
        self._device.set_away()

    @property
-    @override
    def extra_state_attributes(self) -> dict[str, str]:
        """Return the state attributes."""
        return {
@@ -1,6 +1,6 @@
 """Support for Abode Security System binary sensors."""

-from typing import cast, override
+from typing import cast

 from jaraco.abode.devices.binary_sensor import BinarySensor

@@ -45,13 +45,11 @@ class AbodeBinarySensor(AbodeDevice, BinarySensorEntity):
    _device: BinarySensor

    @property
-    @override
    def is_on(self) -> bool:
        """Return True if the binary sensor is on."""
        return cast(bool, self._device.is_on)

    @property
-    @override
    def device_class(self) -> BinarySensorDeviceClass | None:
        """Return the class of the binary sensor."""
        if self._device.get_value("is_window") == "1":
@@ -1,7 +1,7 @@
 """Support for Abode Security System cameras."""

 from datetime import timedelta
-from typing import Any, cast, override
+from typing import Any, cast

 from jaraco.abode.devices.base import Device
 from jaraco.abode.devices.camera import Camera as AbodeCam
@@ -49,7 +49,6 @@ class AbodeCamera(AbodeDevice, Camera):
        self._event = event
        self._response: Response | None = None

-    @override
    async def async_added_to_hass(self) -> None:
        """Subscribe Abode events."""
        await super().async_added_to_hass()
@@ -88,7 +87,6 @@ class AbodeCamera(AbodeDevice, Camera):
        else:
            self._response = None

-    @override
    def camera_image(
        self, width: int | None = None, height: int | None = None
    ) -> bytes | None:
@@ -100,12 +98,10 @@ class AbodeCamera(AbodeDevice, Camera):

        return None

-    @override
    def turn_on(self) -> None:
        """Turn on camera."""
        self._device.privacy_mode(False)

-    @override
    def turn_off(self) -> None:
        """Turn off camera."""
        self._device.privacy_mode(True)
@@ -117,7 +113,6 @@ class AbodeCamera(AbodeDevice, Camera):
        self.schedule_update_ha_state()

    @property
-    @override
    def is_on(self) -> bool:
        """Return true if on."""
        return cast(bool, self._device.is_on)
@@ -2,7 +2,7 @@

 from collections.abc import Mapping
 from http import HTTPStatus
-from typing import Any, cast, override
+from typing import Any, cast

 from jaraco.abode.client import Client as Abode
 from jaraco.abode.exceptions import (
@@ -106,7 +106,6 @@ class AbodeFlowHandler(ConfigFlow, domain=DOMAIN):
            title=cast(str, self._username), data=config_data
        )

-    @override
    async def async_step_user(
        self, user_input: dict[str, Any] | None = None
    ) -> ConfigFlowResult:
@@ -1,6 +1,6 @@
 """Support for Abode Security System covers."""

-from typing import Any, override
+from typing import Any

 from jaraco.abode.devices.cover import Cover

@@ -33,17 +33,14 @@ class AbodeCover(AbodeDevice, CoverEntity):
    _attr_name = None

    @property
-    @override
    def is_closed(self) -> bool:
        """Return true if cover is closed, else False."""
        return not self._device.is_open

-    @override
    def close_cover(self, **kwargs: Any) -> None:
        """Issue close command to cover."""
        self._device.close_cover()

-    @override
    def open_cover(self, **kwargs: Any) -> None:
        """Issue open command to cover."""
        self._device.open_cover()
@@ -1,7 +1,5 @@
 """Support for Abode Security System entities."""

-from typing import override
-
 from jaraco.abode.automation import Automation as AbodeAuto
 from jaraco.abode.devices.base import Device as AbodeDev

@@ -23,7 +21,6 @@ class AbodeEntity(Entity):
        self._data = data
        self._attr_should_poll = data.polling

-    @override
    async def async_added_to_hass(self) -> None:
        """Subscribe to Abode connection status updates."""
        await self.hass.async_add_executor_job(
@@ -34,7 +31,6 @@ class AbodeEntity(Entity):

        self._data.entity_ids.add(self.entity_id)

-    @override
    async def async_will_remove_from_hass(self) -> None:
        """Unsubscribe from Abode connection status updates."""
        await self.hass.async_add_executor_job(
@@ -56,7 +52,6 @@ class AbodeDevice(AbodeEntity):
        self._device = device
        self._attr_unique_id = device.uuid

-    @override
    async def async_added_to_hass(self) -> None:
        """Subscribe to device events."""
        await super().async_added_to_hass()
@@ -66,7 +61,6 @@ class AbodeDevice(AbodeEntity):
            self._update_callback,
        )

-    @override
    async def async_will_remove_from_hass(self) -> None:
        """Unsubscribe from device events."""
        await super().async_will_remove_from_hass()
@@ -79,7 +73,6 @@ class AbodeDevice(AbodeEntity):
        self._device.refresh()

    @property
-    @override
    def extra_state_attributes(self) -> dict[str, str]:
        """Return the state attributes."""
        return {
@@ -90,7 +83,6 @@ class AbodeDevice(AbodeEntity):
        }

    @property
-    @override
    def device_info(self) -> DeviceInfo:
        """Return device registry information for this entity."""
        return DeviceInfo(
@@ -1,7 +1,7 @@
 """Support for Abode Security System lights."""

 from math import ceil
-from typing import Any, override
+from typing import Any

 from jaraco.abode.devices.light import Light

@@ -43,7 +43,6 @@ class AbodeLight(AbodeDevice, LightEntity):
    _attr_max_color_temp_kelvin = DEFAULT_MAX_KELVIN
    _attr_min_color_temp_kelvin = DEFAULT_MIN_KELVIN

-    @override
    def turn_on(self, **kwargs: Any) -> None:
        """Turn on the light."""
        if ATTR_COLOR_TEMP_KELVIN in kwargs and self._device.is_color_capable:
@@ -62,19 +61,16 @@ class AbodeLight(AbodeDevice, LightEntity):

        self._device.switch_on()

-    @override
    def turn_off(self, **kwargs: Any) -> None:
        """Turn off the light."""
        self._device.switch_off()

    @property
-    @override
    def is_on(self) -> bool:
        """Return true if device is on."""
        return bool(self._device.is_on)

    @property
-    @override
    def brightness(self) -> int | None:
        """Return the brightness of the light."""
        if self._device.is_dimmable and self._device.has_brightness:
@@ -85,7 +81,6 @@ class AbodeLight(AbodeDevice, LightEntity):
        return None

    @property
-    @override
    def color_temp_kelvin(self) -> int | None:
        """Return the color temp of the light."""
        if self._device.has_color:
@@ -93,7 +88,6 @@ class AbodeLight(AbodeDevice, LightEntity):
        return None

    @property
-    @override
    def hs_color(self) -> tuple[float, float] | None:
        """Return the color of the light."""
        _hs = None
@@ -102,7 +96,6 @@ class AbodeLight(AbodeDevice, LightEntity):
        return _hs

    @property
-    @override
    def color_mode(self) -> ColorMode:
        """Return the color mode of the light."""
        if self._device.is_dimmable and self._device.is_color_capable:
@@ -114,7 +107,6 @@ class AbodeLight(AbodeDevice, LightEntity):
        return ColorMode.ONOFF

    @property
-    @override
    def supported_color_modes(self) -> set[ColorMode]:
        """Flag supported color modes."""
        if self._device.is_dimmable and self._device.is_color_capable:
@@ -1,6 +1,6 @@
 """Support for the Abode Security System locks."""

-from typing import Any, override
+from typing import Any

 from jaraco.abode.devices.lock import Lock

@@ -32,18 +32,15 @@ class AbodeLock(AbodeDevice, LockEntity):
    _device: Lock
    _attr_name = None

-    @override
    def lock(self, **kwargs: Any) -> None:
        """Lock the device."""
        self._device.lock()

-    @override
    def unlock(self, **kwargs: Any) -> None:
        """Unlock the device."""
        self._device.unlock()

    @property
-    @override
    def is_locked(self) -> bool:
        """Return true if device is on."""
        return bool(self._device.is_locked)
@@ -2,7 +2,7 @@

 from collections.abc import Callable
 from dataclasses import dataclass
-from typing import cast, override
+from typing import cast

 from jaraco.abode.devices.sensor import Sensor

@@ -94,13 +94,11 @@ class AbodeSensor(AbodeDevice, SensorEntity):
        self._attr_unique_id = f"{device.uuid}-{description.key}"

    @property
-    @override
    def native_value(self) -> float:
        """Return the state of the sensor."""
        return self.entity_description.value_fn(self._device)

    @property
-    @override
    def native_unit_of_measurement(self) -> str:
        """Return the native unit of measurement."""
        return self.entity_description.native_unit_of_measurement_fn(self._device)
@@ -7,7 +7,8 @@ import voluptuous as vol

 from homeassistant.const import ATTR_ENTITY_ID
 from homeassistant.core import HomeAssistant, ServiceCall, callback
-from homeassistant.helpers import config_validation as cv, service
+from homeassistant.exceptions import ServiceValidationError
+from homeassistant.helpers import config_validation as cv
 from homeassistant.helpers.dispatcher import dispatcher_send

 from .const import DOMAIN, LOGGER
@@ -30,8 +31,10 @@ AUTOMATION_SCHEMA = vol.Schema({ATTR_ENTITY_ID: cv.entity_ids})

 def _get_abode_system(hass: HomeAssistant) -> AbodeSystem:
    """Return the Abode system for the loaded config entry."""
-    entry: AbodeConfigEntry = service.async_get_config_entry(hass, DOMAIN, None)
-    return entry.runtime_data
+    entries: list[AbodeConfigEntry] = hass.config_entries.async_loaded_entries(DOMAIN)
+    if not entries:
+        raise ServiceValidationError("Abode integration is not loaded")
+    return entries[0].runtime_data


 def _change_setting(call: ServiceCall) -> None:
@@ -1,6 +1,6 @@
 """Support for Abode Security System switches."""

-from typing import Any, cast, override
+from typing import Any, cast

 from jaraco.abode.devices.switch import Switch

@@ -43,18 +43,15 @@ class AbodeSwitch(AbodeDevice, SwitchEntity):
    _device: Switch
    _attr_name = None

-    @override
    def turn_on(self, **kwargs: Any) -> None:
        """Turn on the device."""
        self._device.switch_on()

-    @override
    def turn_off(self, **kwargs: Any) -> None:
        """Turn off the device."""
        self._device.switch_off()

    @property
-    @override
    def is_on(self) -> bool:
        """Return true if device is on."""
        return cast(bool, self._device.is_on)
@@ -65,7 +62,6 @@ class AbodeAutomationSwitch(AbodeAutomation, SwitchEntity):

    _attr_translation_key = "automation"

-    @override
    async def async_added_to_hass(self) -> None:
        """Set up trigger automation service."""
        await super().async_added_to_hass()
@@ -73,13 +69,11 @@ class AbodeAutomationSwitch(AbodeAutomation, SwitchEntity):
        signal = f"abode_trigger_automation_{self.entity_id}"
        self.async_on_remove(async_dispatcher_connect(self.hass, signal, self.trigger))

-    @override
    def turn_on(self, **kwargs: Any) -> None:
        """Enable the automation."""
        if self._automation.enable(True):
            self.schedule_update_ha_state()

-    @override
    def turn_off(self, **kwargs: Any) -> None:
        """Disable the automation."""
        if self._automation.enable(False):
@@ -90,7 +84,6 @@ class AbodeAutomationSwitch(AbodeAutomation, SwitchEntity):
        self._automation.trigger()

    @property
-    @override
    def is_on(self) -> bool:
        """Return True if the automation is enabled."""
        return bool(self._automation.enabled)
@@ -2,7 +2,6 @@

 from collections.abc import Callable
 from dataclasses import dataclass
-from typing import override

 from aioacaia.acaiascale import AcaiaScale

@@ -57,7 +56,6 @@ class AcaiaBinarySensor(AcaiaEntity, BinarySensorEntity):
    entity_description: AcaiaBinarySensorEntityDescription

    @property
-    @override
    def is_on(self) -> bool:
        """Return true if the binary sensor is on."""
        return self.entity_description.is_on_fn(self._scale)
@@ -2,7 +2,7 @@

 from collections.abc import Callable, Coroutine
 from dataclasses import dataclass
-from typing import Any, override
+from typing import Any

 from aioacaia.acaiascale import AcaiaScale

@@ -58,7 +58,6 @@ class AcaiaButton(AcaiaEntity, ButtonEntity):

    entity_description: AcaiaButtonEntityDescription

-    @override
    async def async_press(self) -> None:
        """Handle the button press."""
        await self.entity_description.press_fn(self._scale)
@@ -1,7 +1,7 @@
 """Config flow for Acaia integration."""

 import logging
-from typing import Any, override
+from typing import Any

 from aioacaia.exceptions import AcaiaDeviceNotFound, AcaiaError, AcaiaUnknownDevice
 from aioacaia.helpers import is_new_scale
@@ -34,7 +34,6 @@ class AcaiaConfigFlow(ConfigFlow, domain=DOMAIN):
        self._discovered: dict[str, Any] = {}
        self._discovered_devices: dict[str, str] = {}

-    @override
    async def async_step_user(
        self, user_input: dict[str, Any] | None = None
    ) -> ConfigFlowResult:
@@ -95,7 +94,6 @@ class AcaiaConfigFlow(ConfigFlow, domain=DOMAIN):
            errors=errors,
        )

-    @override
    async def async_step_bluetooth(
        self, discovery_info: BluetoothServiceInfoBleak
    ) -> ConfigFlowResult:
@@ -2,7 +2,6 @@

 from datetime import timedelta
 import logging
-from typing import override

 from aioacaia.acaiascale import AcaiaScale
 from aioacaia.exceptions import AcaiaDeviceNotFound, AcaiaError
@@ -60,7 +59,6 @@ class AcaiaCoordinator(DataUpdateCoordinator[None]):
        """Return the scale object."""
        return self._scale

-    @override
    async def _async_update_data(self) -> None:
        """Fetch data."""

@@ -1,7 +1,6 @@
 """Base class for Acaia entities."""

 from dataclasses import dataclass
-from typing import override

 from homeassistant.helpers.device_registry import (
    CONNECTION_BLUETOOTH,
@@ -42,7 +41,6 @@ class AcaiaEntity(CoordinatorEntity[AcaiaCoordinator]):
        )

    @property
-    @override
    def available(self) -> bool:
        """Returns whether entity is available."""
        return super().available and self._scale.connected
@@ -26,5 +26,5 @@
  "iot_class": "local_push",
  "loggers": ["aioacaia"],
  "quality_scale": "platinum",
-  "requirements": ["aioacaia==0.1.18"]
+  "requirements": ["aioacaia==0.1.17"]
 }
@@ -14,15 +14,9 @@ rules:
    status: exempt
    comment: |
      No custom actions are defined.
-  docs-conditions:
-    status: exempt
-    comment: This integration does not have any conditions.
  docs-high-level-description: done
  docs-installation-instructions: done
  docs-removal-instructions: done
-  docs-triggers:
-    status: exempt
-    comment: This integration does not have any triggers.
  entity-event-setup:
    status: exempt
    comment: |
@@ -2,7 +2,6 @@

 from collections.abc import Callable
 from dataclasses import dataclass
-from typing import override

 from aioacaia.acaiascale import AcaiaDeviceState, AcaiaScale
 from aioacaia.const import UnitMass as AcaiaUnitOfMass
@@ -99,7 +98,6 @@ class AcaiaSensor(AcaiaEntity, SensorEntity):
    entity_description: AcaiaDynamicUnitSensorEntityDescription

    @property
-    @override
    def native_unit_of_measurement(self) -> str | None:
        """Return the unit of measurement of this entity."""
        if (
@@ -110,7 +108,6 @@ class AcaiaSensor(AcaiaEntity, SensorEntity):
        return self.entity_description.native_unit_of_measurement

    @property
-    @override
    def native_value(self) -> int | float | None:
        """Return the state of the entity."""
        return self.entity_description.value_fn(self._scale)
@@ -122,7 +119,6 @@ class AcaiaRestoreSensor(AcaiaEntity, RestoreSensor):
    entity_description: AcaiaSensorEntityDescription
    _restored_data: SensorExtraStoredData | None = None

-    @override
    async def async_added_to_hass(self) -> None:
        """Handle entity which will be added."""
        await super().async_added_to_hass()
@@ -138,7 +134,6 @@ class AcaiaRestoreSensor(AcaiaEntity, RestoreSensor):
            self._attr_native_value = self.entity_description.value_fn(self._scale)

    @callback
-    @override
    def _handle_coordinator_update(self) -> None:
        """Handle updated data from the coordinator."""
        if self._scale.device_state is not None:
@@ -146,7 +141,6 @@ class AcaiaRestoreSensor(AcaiaEntity, RestoreSensor):
        self._async_write_ha_state()

    @property
-    @override
    def available(self) -> bool:
        """Return True if entity is available."""
        return super().available or self.native_value is not None
@@ -2,7 +2,7 @@

 from asyncio import timeout
 from collections.abc import Mapping
-from typing import TYPE_CHECKING, Any, override
+from typing import TYPE_CHECKING, Any

 from accuweather import AccuWeather, ApiError, InvalidApiKeyError, RequestsExceededError
 from aiohttp import ClientError
@@ -24,7 +24,6 @@ class AccuWeatherFlowHandler(ConfigFlow, domain=DOMAIN):
    _latitude: float | None = None
    _longitude: float | None = None

-    @override
    async def async_step_user(
        self, user_input: dict[str, Any] | None = None
    ) -> ConfigFlowResult:
@@ -5,7 +5,7 @@ from collections.abc import Awaitable, Callable
 from dataclasses import dataclass
 from datetime import timedelta
 import logging
-from typing import TYPE_CHECKING, Any, override
+from typing import TYPE_CHECKING, Any

 from accuweather import AccuWeather, ApiError, InvalidApiKeyError, RequestsExceededError
 from aiohttp.client_exceptions import ClientConnectorError
@@ -77,7 +77,6 @@ class AccuWeatherObservationDataUpdateCoordinator(
            update_interval=UPDATE_INTERVAL_OBSERVATION,
        )

-    @override
    async def _async_update_data(self) -> dict[str, Any]:
        """Update data via library."""
        try:
@@ -136,7 +135,6 @@ class AccuWeatherForecastDataUpdateCoordinator(
            update_interval=update_interval,
        )

-    @override
    async def _async_update_data(self) -> list[dict[str, Any]]:
        """Update forecast data via library."""
        try:
@@ -2,7 +2,7 @@

 from collections.abc import Callable
 from dataclasses import dataclass
-from typing import Any, cast, override
+from typing import Any, cast

 from homeassistant.components.sensor import (
    SensorDeviceClass,
@@ -11,6 +11,7 @@ from homeassistant.components.sensor import (
    SensorStateClass,
 )
 from homeassistant.const import (
+    CONCENTRATION_PARTS_PER_CUBIC_METER,
    PERCENTAGE,
    UV_INDEX,
    UnitOfIrradiance,
@@ -46,8 +47,6 @@ from .coordinator import (

 PARALLEL_UPDATES = 1

-PARTS_PER_CUBIC_METER = "p/m³"
-

@dataclass(frozen=True, kw_only=True)
 class AccuWeatherSensorDescription(SensorEntityDescription):
@@ -82,7 +81,7 @@ FORECAST_SENSOR_TYPES: tuple[AccuWeatherSensorDescription, ...] = (
    AccuWeatherSensorDescription(
        key="Grass",
        entity_registry_enabled_default=False,
-        native_unit_of_measurement=PARTS_PER_CUBIC_METER,
+        native_unit_of_measurement=CONCENTRATION_PARTS_PER_CUBIC_METER,
        value_fn=lambda data: cast(int, data[ATTR_VALUE]),
        attr_fn=lambda data: {
            ATTR_LEVEL: POLLEN_CATEGORY_MAP[data[ATTR_CATEGORY_VALUE]]
@@ -108,7 +107,7 @@ FORECAST_SENSOR_TYPES: tuple[AccuWeatherSensorDescription, ...] = (
    AccuWeatherSensorDescription(
        key="Mold",
        entity_registry_enabled_default=False,
-        native_unit_of_measurement=PARTS_PER_CUBIC_METER,
+        native_unit_of_measurement=CONCENTRATION_PARTS_PER_CUBIC_METER,
        value_fn=lambda data: cast(int, data[ATTR_VALUE]),
        attr_fn=lambda data: {
            ATTR_LEVEL: POLLEN_CATEGORY_MAP[data[ATTR_CATEGORY_VALUE]]
@@ -117,7 +116,7 @@ FORECAST_SENSOR_TYPES: tuple[AccuWeatherSensorDescription, ...] = (
    ),
    AccuWeatherSensorDescription(
        key="Ragweed",
-        native_unit_of_measurement=PARTS_PER_CUBIC_METER,
+        native_unit_of_measurement=CONCENTRATION_PARTS_PER_CUBIC_METER,
        entity_registry_enabled_default=False,
        value_fn=lambda data: cast(int, data[ATTR_VALUE]),
        attr_fn=lambda data: {
@@ -185,7 +184,7 @@ FORECAST_SENSOR_TYPES: tuple[AccuWeatherSensorDescription, ...] = (
    ),
    AccuWeatherSensorDescription(
        key="Tree",
-        native_unit_of_measurement=PARTS_PER_CUBIC_METER,
+        native_unit_of_measurement=CONCENTRATION_PARTS_PER_CUBIC_METER,
        entity_registry_enabled_default=False,
        value_fn=lambda data: cast(int, data[ATTR_VALUE]),
        attr_fn=lambda data: {
@@ -436,19 +435,16 @@ class AccuWeatherSensor(
        self._attr_device_info = coordinator.device_info

    @property
-    @override
    def native_value(self) -> str | int | float | None:
        """Return the state."""
        return self.entity_description.value_fn(self._sensor_data)

    @property
-    @override
    def extra_state_attributes(self) -> dict[str, Any]:
        """Return the state attributes."""
        return self.entity_description.attr_fn(self.coordinator.data)

    @callback
-    @override
    def _handle_coordinator_update(self) -> None:
        """Handle data update."""
        self._sensor_data = self._get_sensor_data(
@@ -498,19 +494,16 @@ class AccuWeatherForecastSensor(
        self.forecast_day = forecast_day

    @property
-    @override
    def native_value(self) -> str | int | float | None:
        """Return the state."""
        return self.entity_description.value_fn(self._sensor_data)

    @property
-    @override
    def extra_state_attributes(self) -> dict[str, Any]:
        """Return the state attributes."""
        return self.entity_description.attr_fn(self._sensor_data)

    @callback
-    @override
    def _handle_coordinator_update(self) -> None:
        """Handle data update."""
        self._sensor_data = self._get_sensor_data(
@@ -1,6 +1,6 @@
 """Support for the AccuWeather service."""

-from typing import cast, override
+from typing import cast

 from homeassistant.components.weather import (
    ATTR_FORECAST_CLOUD_COVERAGE,
@@ -96,19 +96,16 @@ class AccuWeatherEntity(
        self.hourly_coordinator = accuweather_data.coordinator_hourly_forecast

    @property
-    @override
    def condition(self) -> str | None:
        """Return the current condition."""
        return CONDITION_MAP.get(self.observation_coordinator.data["WeatherIcon"])

    @property
-    @override
    def cloud_coverage(self) -> float:
        """Return the Cloud coverage in %."""
        return cast(float, self.observation_coordinator.data["CloudCover"])

    @property
-    @override
    def native_apparent_temperature(self) -> float:
        """Return the apparent temperature."""
        return cast(
@@ -119,7 +116,6 @@ class AccuWeatherEntity(
        )

    @property
-    @override
    def native_temperature(self) -> float:
        """Return the temperature."""
        return cast(
@@ -128,7 +124,6 @@ class AccuWeatherEntity(
        )

    @property
-    @override
    def native_pressure(self) -> float:
        """Return the pressure."""
        return cast(
@@ -136,7 +131,6 @@ class AccuWeatherEntity(
        )

    @property
-    @override
    def native_dew_point(self) -> float:
        """Return the dew point."""
        return cast(
@@ -144,13 +138,11 @@ class AccuWeatherEntity(
        )

    @property
-    @override
    def humidity(self) -> int:
        """Return the humidity."""
        return cast(int, self.observation_coordinator.data["RelativeHumidity"])

    @property
-    @override
    def native_wind_gust_speed(self) -> float:
        """Return the wind gust speed."""
        return cast(
@@ -161,7 +153,6 @@ class AccuWeatherEntity(
        )

    @property
-    @override
    def native_wind_speed(self) -> float:
        """Return the wind speed."""
        return cast(
@@ -172,7 +163,6 @@ class AccuWeatherEntity(
        )

    @property
-    @override
    def wind_bearing(self) -> int:
        """Return the wind bearing."""
        return cast(
@@ -180,7 +170,6 @@ class AccuWeatherEntity(
        )

    @property
-    @override
    def native_visibility(self) -> float:
        """Return the visibility."""
        return cast(
@@ -189,13 +178,11 @@ class AccuWeatherEntity(
        )

    @property
-    @override
    def uv_index(self) -> float:
        """Return the UV index."""
        return cast(float, self.observation_coordinator.data["UVIndex"])

    @callback
-    @override
    def _async_forecast_daily(self) -> list[Forecast] | None:
        """Return the daily forecast in native units."""
        return [
@@ -226,7 +213,6 @@ class AccuWeatherEntity(
        ]

    @callback
-    @override
    def _async_forecast_hourly(self) -> list[Forecast] | None:
        """Return the hourly forecast in native units."""
        return [
@@ -0,0 +1 @@
+"""The acer_projector component."""
@@ -0,0 +1,34 @@
+"""Use serial protocol of Acer projector to obtain state of the projector."""
+
+from typing import Final
+
+from homeassistant.const import STATE_OFF, STATE_ON
+
+CONF_READ_TIMEOUT: Final = "timeout"
+CONF_WRITE_TIMEOUT: Final = "write_timeout"
+
+DEFAULT_NAME: Final = "Acer Projector"
+DEFAULT_READ_TIMEOUT: Final = 1
+DEFAULT_WRITE_TIMEOUT: Final = 1
+
+ECO_MODE: Final = "ECO Mode"
+
+ICON: Final = "mdi:projector"
+
+INPUT_SOURCE: Final = "Input Source"
+
+LAMP: Final = "Lamp"
+LAMP_HOURS: Final = "Lamp Hours"
+
+MODEL: Final = "Model"
+
+# Commands known to the projector
+CMD_DICT: Final[dict[str, str]] = {
+    LAMP: "* 0 Lamp ?\r",
+    LAMP_HOURS: "* 0 Lamp\r",
+    INPUT_SOURCE: "* 0 Src ?\r",
+    ECO_MODE: "* 0 IR 052\r",
+    MODEL: "* 0 IR 035\r",
+    STATE_ON: "* 0 IR 001\r",
+    STATE_OFF: "* 0 IR 002\r",
+}
@@ -0,0 +1,9 @@
+{
+  "domain": "acer_projector",
+  "name": "Acer Projector",
+  "codeowners": [],
+  "documentation": "https://www.home-assistant.io/integrations/acer_projector",
+  "iot_class": "local_polling",
+  "quality_scale": "legacy",
+  "requirements": ["serialx==1.8.0"]
+}
@@ -0,0 +1,153 @@
+"""Use serial protocol of Acer projector to obtain state of the projector."""
+
+import logging
+import re
+from typing import Any
+
+from serialx import Serial, SerialException
+import voluptuous as vol
+
+from homeassistant.components.switch import (
+    PLATFORM_SCHEMA as SWITCH_PLATFORM_SCHEMA,
+    SwitchEntity,
+)
+from homeassistant.const import (
+    CONF_FILENAME,
+    CONF_NAME,
+    STATE_OFF,
+    STATE_ON,
+    STATE_UNKNOWN,
+)
+from homeassistant.core import HomeAssistant
+from homeassistant.exceptions import HomeAssistantError
+from homeassistant.helpers import config_validation as cv
+from homeassistant.helpers.entity_platform import AddEntitiesCallback
+from homeassistant.helpers.typing import ConfigType, DiscoveryInfoType
+
+from .const import (
+    CMD_DICT,
+    CONF_READ_TIMEOUT,
+    CONF_WRITE_TIMEOUT,
+    DEFAULT_NAME,
+    DEFAULT_READ_TIMEOUT,
+    DEFAULT_WRITE_TIMEOUT,
+    ECO_MODE,
+    ICON,
+    INPUT_SOURCE,
+    LAMP,
+    LAMP_HOURS,
+)
+
+_LOGGER = logging.getLogger(__name__)
+
+PLATFORM_SCHEMA = SWITCH_PLATFORM_SCHEMA.extend(
+    {
+        vol.Required(CONF_FILENAME): cv.isdevice,
+        vol.Optional(CONF_NAME, default=DEFAULT_NAME): cv.string,
+        vol.Optional(CONF_READ_TIMEOUT, default=DEFAULT_READ_TIMEOUT): cv.positive_int,
+        vol.Optional(
+            CONF_WRITE_TIMEOUT, default=DEFAULT_WRITE_TIMEOUT
+        ): cv.positive_int,
+    }
+)
+
+
+def setup_platform(
+    hass: HomeAssistant,
+    config: ConfigType,
+    add_entities: AddEntitiesCallback,
+    discovery_info: DiscoveryInfoType | None = None,
+) -> None:
+    """Connect with serial port and return Acer Projector."""
+    serial_port = config[CONF_FILENAME]
+    name = config[CONF_NAME]
+    read_timeout = config[CONF_READ_TIMEOUT]
+    write_timeout = config[CONF_WRITE_TIMEOUT]
+
+    add_entities([AcerSwitch(serial_port, name, read_timeout, write_timeout)], True)
+
+
+class AcerSwitch(SwitchEntity):
+    """Represents an Acer Projector as a switch."""
+
+    _attr_icon = ICON
+
+    def __init__(
+        self,
+        serial_port: str,
+        name: str,
+        read_timeout: int,
+        write_timeout: int,
+    ) -> None:
+        """Init of the Acer projector."""
+        self._serial_port = serial_port
+        self._read_timeout = read_timeout
+        self._write_timeout = write_timeout
+
+        self._attr_name = name
+        self._attributes = {
+            LAMP_HOURS: STATE_UNKNOWN,
+            INPUT_SOURCE: STATE_UNKNOWN,
+            ECO_MODE: STATE_UNKNOWN,
+        }
+
+    def _write_read(self, msg: str) -> str:
+        """Write to the projector and read the return."""
+
+        # Sometimes the projector won't answer for no reason or the projector
+        # was disconnected during runtime.
+        # This way the projector can be reconnected and will still work
+        try:
+            with Serial.from_url(
+                self._serial_port,
+                read_timeout=self._read_timeout,
+                write_timeout=self._write_timeout,
+            ) as serial:
+                serial.write(msg.encode("utf-8"))
+
+                # Size is an experience value there is no real limit.
+                # AFAIK there is no limit and no end character so we will usually
+                # need to wait for timeout
+                return serial.read_until(size=20).decode("utf-8")
+        except (OSError, SerialException, TimeoutError) as exc:
+            raise HomeAssistantError(
+                f"Problem communicating with {self._serial_port}"
+            ) from exc
+
+    def _write_read_format(self, msg: str) -> str:
+        """Write msg, obtain answer and format output."""
+        # answers are formatted as ***\answer\r***
+        awns = self._write_read(msg)
+        if match := re.search(r"\r(.+)\r", awns):
+            return match.group(1)
+        return STATE_UNKNOWN
+
+    def update(self) -> None:
+        """Get the latest state from the projector."""
+        awns = self._write_read_format(CMD_DICT[LAMP])
+        if awns == "Lamp 1":
+            self._attr_is_on = True
+            self._attr_available = True
+        elif awns == "Lamp 0":
+            self._attr_is_on = False
+            self._attr_available = True
+        else:
+            self._attr_available = False
+
+        for key in self._attributes:
+            if msg := CMD_DICT.get(key):
+                awns = self._write_read_format(msg)
+                self._attributes[key] = awns
+        self._attr_extra_state_attributes = self._attributes
+
+    def turn_on(self, **kwargs: Any) -> None:
+        """Turn the projector on."""
+        msg = CMD_DICT[STATE_ON]
+        self._write_read(msg)
+        self._attr_is_on = True
+
+    def turn_off(self, **kwargs: Any) -> None:
+        """Turn the projector off."""
+        msg = CMD_DICT[STATE_OFF]
+        self._write_read(msg)
+        self._attr_is_on = False
@@ -2,7 +2,7 @@

 from asyncio import timeout
 from contextlib import suppress
-from typing import Any, override
+from typing import Any

 import aiopulse
 import voluptuous as vol
@@ -22,7 +22,6 @@ class AcmedaFlowHandler(ConfigFlow, domain=DOMAIN):
        """Initialize the config flow."""
        self.discovered_hubs: dict[str, aiopulse.Hub] | None = None

-    @override
    async def async_step_user(
        self, user_input: dict[str, Any] | None = None
    ) -> ConfigFlowResult:
@@ -1,6 +1,6 @@
 """Support for Acmeda Roller Blinds."""

-from typing import Any, override
+from typing import Any

 from homeassistant.components.cover import (
    ATTR_POSITION,
@@ -48,7 +48,6 @@ class AcmedaCover(AcmedaEntity, CoverEntity):
    _attr_name = None

    @property
-    @override
    def current_cover_position(self) -> int | None:
        """Return the current position of the roller blind.

@@ -60,7 +59,6 @@ class AcmedaCover(AcmedaEntity, CoverEntity):
        return position

    @property
-    @override
    def current_cover_tilt_position(self) -> int | None:
        """Return the current tilt of the roller blind.

@@ -72,7 +70,6 @@ class AcmedaCover(AcmedaEntity, CoverEntity):
        return position

    @property
-    @override
    def supported_features(self) -> CoverEntityFeature:
        """Flag supported features."""
        supported_features = CoverEntityFeature(0)
@@ -94,47 +91,38 @@ class AcmedaCover(AcmedaEntity, CoverEntity):
        return supported_features

    @property
-    @override
    def is_closed(self) -> bool:
        """Return if the cover is closed."""
        return self.roller.closed_percent == 100  # type: ignore[no-any-return]

-    @override
    async def async_close_cover(self, **kwargs: Any) -> None:
        """Close the roller."""
        await self.roller.move_down()

-    @override
    async def async_open_cover(self, **kwargs: Any) -> None:
        """Open the roller."""
        await self.roller.move_up()

-    @override
    async def async_stop_cover(self, **kwargs: Any) -> None:
        """Stop the roller."""
        await self.roller.move_stop()

-    @override
    async def async_set_cover_position(self, **kwargs: Any) -> None:
        """Move the roller shutter to a specific position."""
        await self.roller.move_to(100 - kwargs[ATTR_POSITION])

-    @override
    async def async_close_cover_tilt(self, **kwargs: Any) -> None:
        """Close the roller."""
        await self.roller.move_down()

-    @override
    async def async_open_cover_tilt(self, **kwargs: Any) -> None:
        """Open the roller."""
        await self.roller.move_up()

-    @override
    async def async_stop_cover_tilt(self, **kwargs: Any) -> None:
        """Stop the roller."""
        await self.roller.move_stop()

-    @override
    async def async_set_cover_tilt_position(self, **kwargs: Any) -> None:
        """Tilt the roller shutter to a specific position."""
        await self.roller.move_to(100 - kwargs[ATTR_POSITION])
@@ -1,7 +1,5 @@
 """Base class for Acmeda Roller Blinds."""

-from typing import override
-
 import aiopulse

 from homeassistant.core import callback
@@ -42,7 +40,6 @@ class AcmedaEntity(entity.Entity):

        await self.async_remove(force_remove=True)

-    @override
    async def async_added_to_hass(self) -> None:
        """Entity has been added to hass."""
        self.roller.callback_subscribe(self.notify_update)
@@ -55,7 +52,6 @@ class AcmedaEntity(entity.Entity):
            )
        )

-    @override
    async def async_will_remove_from_hass(self) -> None:
        """Entity being removed from hass."""
        self.roller.callback_unsubscribe(self.notify_update)
@@ -67,7 +63,6 @@ class AcmedaEntity(entity.Entity):
        self.async_write_ha_state()

    @property
-    @override
    def unique_id(self) -> str:
        """Return the unique ID of this roller."""
        return str(self.roller.id)
@@ -78,7 +73,6 @@ class AcmedaEntity(entity.Entity):
        return self.roller.id  # type: ignore[no-any-return]

    @property
-    @override
    def device_info(self) -> dr.DeviceInfo:
        """Return the device info."""
        return dr.DeviceInfo(
@@ -6,5 +6,5 @@
  "documentation": "https://www.home-assistant.io/integrations/acmeda",
  "iot_class": "local_push",
  "loggers": ["aiopulse"],
-  "requirements": ["aiopulse==0.4.7"]
+  "requirements": ["aiopulse==0.4.6"]
 }
@@ -1,7 +1,5 @@
 """Support for Acmeda Roller Blind Batteries."""

-from typing import override
-
 from homeassistant.components.sensor import SensorDeviceClass, SensorEntity
 from homeassistant.const import PERCENTAGE
 from homeassistant.core import HomeAssistant, callback
@@ -46,7 +44,6 @@ class AcmedaBattery(AcmedaEntity, SensorEntity):
    _attr_native_unit_of_measurement = PERCENTAGE

    @property
-    @override
    def native_value(self) -> float | int | None:
        """Return the state of the device."""
        return self.roller.battery  # type: ignore[no-any-return]
@@ -1,7 +1,7 @@
 """Support for Actiontec MI424WR (Verizon FIOS) routers."""

 import logging
-from typing import Final, override
+from typing import Final

 import telnetlib  # pylint: disable=deprecated-module
 import voluptuous as vol
@@ -50,13 +50,11 @@ class ActiontecDeviceScanner(DeviceScanner):
        data = self.get_actiontec_data()
        self.success_init = data is not None

-    @override
    def scan_devices(self) -> list[str]:
        """Scan for new devices and return a list with found device IDs."""
        self._update_info()
        return [client.mac_address for client in self.last_results]

-    @override
    def get_device_name(self, device: str) -> str | None:
        """Return the name of the given device or None if we don't know."""
        for client in self.last_results:
@@ -1,6 +1,6 @@
 """Climate platform for Actron Air integration."""

-from typing import Any, override
+from typing import Any

 from actron_neo_api import ActronAirStatus, ActronAirZone

@@ -94,7 +94,6 @@ class ActronSystemClimate(ActronAirAcEntity, ActronAirClimateEntity):
        self._attr_unique_id = self._serial_number

    @property
-    @override
    def hvac_modes(self) -> list[HVACMode]:
        """Return the list of supported HVAC modes."""
        modes = [
@@ -106,13 +105,11 @@ class ActronSystemClimate(ActronAirAcEntity, ActronAirClimateEntity):
        return modes

    @property
-    @override
    def min_temp(self) -> float:
        """Return the minimum temperature that can be set."""
        return self._status.min_temp

    @property
-    @override
    def max_temp(self) -> float:
        """Return the maximum temperature that can be set."""
        return self._status.max_temp
@@ -123,7 +120,6 @@ class ActronSystemClimate(ActronAirAcEntity, ActronAirClimateEntity):
        return self.coordinator.data

    @property
-    @override
    def hvac_mode(self) -> HVACMode | None:
        """Return the current HVAC mode."""
        if not self._status.user_aircon_settings.is_on:
@@ -133,46 +129,39 @@ class ActronSystemClimate(ActronAirAcEntity, ActronAirClimateEntity):
        return HVAC_MODE_MAPPING_ACTRONAIR_TO_HA.get(mode)

    @property
-    @override
    def fan_mode(self) -> str | None:
        """Return the current fan mode."""
        fan_mode = self._status.user_aircon_settings.base_fan_mode
        return FAN_MODE_MAPPING_ACTRONAIR_TO_HA.get(fan_mode)

    @property
-    @override
    def current_humidity(self) -> float:
        """Return the current humidity."""
        return self._status.master_info.live_humidity_pc

    @property
-    @override
    def current_temperature(self) -> float:
        """Return the current temperature."""
        return self._status.master_info.live_temp_c

    @property
-    @override
    def target_temperature(self) -> float:
        """Return the target temperature."""
        return self._status.user_aircon_settings.current_setpoint

    @actron_air_command
-    @override
    async def async_set_fan_mode(self, fan_mode: str) -> None:
        """Set a new fan mode."""
        api_fan_mode = FAN_MODE_MAPPING_HA_TO_ACTRONAIR[fan_mode]
        await self._status.user_aircon_settings.set_fan_mode(api_fan_mode)

    @actron_air_command
-    @override
    async def async_set_hvac_mode(self, hvac_mode: HVACMode) -> None:
        """Set the HVAC mode."""
        ac_mode = HVAC_MODE_MAPPING_HA_TO_ACTRONAIR[hvac_mode]
        await self._status.ac_system.set_system_mode(ac_mode)

    @actron_air_command
-    @override
    async def async_set_temperature(self, **kwargs: Any) -> None:
        """Set the temperature."""
        if (temperature := kwargs.get(ATTR_TEMPERATURE)) is None:
@@ -202,7 +191,6 @@ class ActronZoneClimate(ActronAirZoneEntity, ActronAirClimateEntity):
        self._attr_unique_id: str = self._zone_identifier

    @property
-    @override
    def hvac_modes(self) -> list[HVACMode]:
        """Return the list of supported HVAC modes."""
        status = self.coordinator.data
@@ -215,13 +203,11 @@ class ActronZoneClimate(ActronAirZoneEntity, ActronAirClimateEntity):
        return modes

    @property
-    @override
    def min_temp(self) -> float:
        """Return the minimum temperature that can be set."""
        return self._zone.min_temp

    @property
-    @override
    def max_temp(self) -> float:
        """Return the maximum temperature that can be set."""
        return self._zone.max_temp
@@ -233,7 +219,6 @@ class ActronZoneClimate(ActronAirZoneEntity, ActronAirClimateEntity):
        return status.zones[self._zone_id]

    @property
-    @override
    def hvac_mode(self) -> HVACMode | None:
        """Return the current HVAC mode."""
        if self._zone.is_active:
@@ -242,32 +227,27 @@ class ActronZoneClimate(ActronAirZoneEntity, ActronAirClimateEntity):
        return HVACMode.OFF

    @property
-    @override
    def current_humidity(self) -> float | None:
        """Return the current humidity."""
        return self._zone.humidity

    @property
-    @override
    def current_temperature(self) -> float | None:
        """Return the current temperature."""
        return self._zone.live_temp_c

    @property
-    @override
    def target_temperature(self) -> float | None:
        """Return the target temperature."""
        return self._zone.current_setpoint

    @actron_air_command
-    @override
    async def async_set_hvac_mode(self, hvac_mode: HVACMode) -> None:
        """Set the HVAC mode."""
        is_enabled = hvac_mode != HVACMode.OFF
        await self._zone.enable(is_enabled)

    @actron_air_command
-    @override
    async def async_set_temperature(self, **kwargs: Any) -> None:
        """Set the temperature."""
        if (temperature := kwargs.get(ATTR_TEMPERATURE)) is None:
@@ -2,7 +2,7 @@

 import asyncio
 from collections.abc import Mapping
-from typing import Any, override
+from typing import Any

 from actron_neo_api import ActronAirAPI, ActronAirAuthError

@@ -30,7 +30,6 @@ class ActronAirConfigFlow(ConfigFlow, domain=DOMAIN):
        self._expires_minutes: str = "30"
        self.login_task: asyncio.Task[None] | None = None

-    @override
    async def async_step_user(
        self, user_input: dict[str, Any] | None = None
    ) -> ConfigFlowResult:
@@ -2,7 +2,6 @@

 from dataclasses import dataclass
 from datetime import timedelta
-from typing import override

 from actron_neo_api import (
    ActronAirAPI,
@@ -61,7 +60,6 @@ class ActronAirSystemCoordinator(DataUpdateCoordinator[ActronAirStatus]):
        self.status = self.api.state_manager.get_status(self.serial_number)
        self.last_seen = dt_util.utcnow()

-    @override
    async def _async_update_data(self) -> ActronAirStatus:
        """Fetch updates and merge incremental changes into the full state."""
        try:
@@ -2,7 +2,7 @@

 from collections.abc import Callable, Coroutine
 from functools import wraps
-from typing import Any, Concatenate, override
+from typing import Any, Concatenate

 from actron_neo_api import ActronAirAPIError, ActronAirZone

@@ -50,7 +50,6 @@ class ActronAirEntity(CoordinatorEntity[ActronAirSystemCoordinator]):
        self._serial_number = coordinator.serial_number

    @property
-    @override
    def available(self) -> bool:
        """Return True if entity is available."""
        return not self.coordinator.is_device_stale()
@@ -13,5 +13,5 @@
  "integration_type": "hub",
  "iot_class": "cloud_polling",
  "quality_scale": "silver",
-  "requirements": ["actron-neo-api==0.5.12"]
+  "requirements": ["actron-neo-api==0.5.6"]
 }
@@ -12,15 +12,9 @@ rules:
  docs-actions:
    status: exempt
    comment: This integration does not have custom service actions.
-  docs-conditions:
-    status: exempt
-    comment: This integration does not have any conditions.
  docs-high-level-description: done
  docs-installation-instructions: done
  docs-removal-instructions: done
-  docs-triggers:
-    status: exempt
-    comment: This integration does not have any triggers.
  entity-event-setup:
    status: exempt
    comment: This integration does not subscribe to external events.
@@ -2,7 +2,7 @@

 from collections.abc import Awaitable, Callable
 from dataclasses import dataclass
-from typing import Any, override
+from typing import Any

 from homeassistant.components.switch import SwitchEntity, SwitchEntityDescription
 from homeassistant.const import EntityCategory
@@ -101,19 +101,16 @@ class ActronAirSwitch(ActronAirAcEntity, SwitchEntity):
        self._attr_unique_id = f"{coordinator.serial_number}_{description.key}"

    @property
-    @override
    def is_on(self) -> bool:
        """Return true if the switch is on."""
        return self.entity_description.is_on_fn(self.coordinator)

    @actron_air_command
-    @override
    async def async_turn_on(self, **kwargs: Any) -> None:
        """Turn the switch on."""
        await self.entity_description.set_fn(self.coordinator, True)

    @actron_air_command
-    @override
    async def async_turn_off(self, **kwargs: Any) -> None:
        """Turn the switch off."""
        await self.entity_description.set_fn(self.coordinator, False)
@@ -1,6 +1,6 @@
 """Support for Adax wifi-enabled home heaters."""

-from typing import Any, cast, override
+from typing import Any, cast

 from adax import Adax
 from adax_local import Adax as AdaxLocal
@@ -82,7 +82,6 @@ class AdaxDevice(CoordinatorEntity[AdaxCloudCoordinator], ClimateEntity):
        self._apply_data(self.room)

    @property
-    @override
    def available(self) -> bool:
        """Whether the entity is available or not."""
        return super().available and self._device_id in self.coordinator.data
@@ -92,7 +91,6 @@ class AdaxDevice(CoordinatorEntity[AdaxCloudCoordinator], ClimateEntity):
        """Gets the data for this particular device."""
        return self.coordinator.data[self._device_id]

-    @override
    async def async_set_hvac_mode(self, hvac_mode: HVACMode) -> None:
        """Set hvac mode."""
        if hvac_mode == HVACMode.HEAT:
@@ -110,7 +108,6 @@ class AdaxDevice(CoordinatorEntity[AdaxCloudCoordinator], ClimateEntity):
        # Request data refresh from source to verify that update was successful
        await self.coordinator.async_request_refresh()

-    @override
    async def async_set_temperature(self, **kwargs: Any) -> None:
        """Set new target temperature."""
        if (temperature := kwargs.get(ATTR_TEMPERATURE)) is None:
@@ -120,7 +117,6 @@ class AdaxDevice(CoordinatorEntity[AdaxCloudCoordinator], ClimateEntity):
        )

    @callback
-    @override
    def _handle_coordinator_update(self) -> None:
        """Handle updated data from the coordinator."""
        if room := self.room:
@@ -165,7 +161,6 @@ class LocalAdaxDevice(CoordinatorEntity[AdaxLocalCoordinator], ClimateEntity):
            manufacturer="Adax",
        )

-    @override
    async def async_set_hvac_mode(self, hvac_mode: HVACMode) -> None:
        """Set hvac mode."""
        if hvac_mode == HVACMode.HEAT:
@@ -184,7 +179,6 @@ class LocalAdaxDevice(CoordinatorEntity[AdaxLocalCoordinator], ClimateEntity):
        self._attr_hvac_mode = hvac_mode
        self.async_write_ha_state()

-    @override
    async def async_set_temperature(self, **kwargs: Any) -> None:
        """Set new target temperature."""
        if (temperature := kwargs.get(ATTR_TEMPERATURE)) is None:
@@ -217,13 +211,11 @@ class LocalAdaxDevice(CoordinatorEntity[AdaxLocalCoordinator], ClimateEntity):
                self._attr_target_temperature = target_temp

    @callback
-    @override
    def _handle_coordinator_update(self) -> None:
        """Handle updated data from the coordinator."""
        self._update_hvac_attributes()
        super()._handle_coordinator_update()

-    @override
    async def async_added_to_hass(self) -> None:
        """When entity is added to hass."""
        await super().async_added_to_hass()
@@ -1,7 +1,7 @@
 """Config flow for Adax integration."""

 import logging
-from typing import Any, override
+from typing import Any

 import adax
 import adax_local
@@ -39,7 +39,6 @@ class AdaxConfigFlow(ConfigFlow, domain=DOMAIN):

    VERSION = 2

-    @override
    async def async_step_user(
        self, user_input: dict[str, Any] | None = None
    ) -> ConfigFlowResult:
@@ -1,7 +1,7 @@
 """DataUpdateCoordinator for the Adax component."""

 import logging
-from typing import Any, cast, override
+from typing import Any, cast

 from adax import Adax
 from adax_local import Adax as AdaxLocal
@@ -39,7 +39,6 @@ class AdaxCloudCoordinator(DataUpdateCoordinator[dict[str, dict[str, Any]]]):
            websession=async_get_clientsession(hass),
        )

-    @override
    async def _async_update_data(self) -> dict[str, dict[str, Any]]:
        """Fetch data from the Adax."""
        try:
@@ -88,7 +87,6 @@ class AdaxLocalCoordinator(DataUpdateCoordinator[dict[str, Any] | None]):
            websession=async_get_clientsession(hass, verify_ssl=False),
        )

-    @override
    async def _async_update_data(self) -> dict[str, Any]:
        """Fetch data from the Adax."""
        if result := await self.adax_data_handler.get_status():
@@ -1,7 +1,7 @@
 """Support for Adax energy sensors."""

 from dataclasses import dataclass
-from typing import cast, override
+from typing import cast

 from homeassistant.components.sensor import (
    SensorDeviceClass,
@@ -95,7 +95,6 @@ class AdaxSensor(CoordinatorEntity[AdaxCloudCoordinator], SensorEntity):
        )

    @property
-    @override
    def available(self) -> bool:
        """Return True if entity is available."""
        return (
@@ -105,7 +104,6 @@ class AdaxSensor(CoordinatorEntity[AdaxCloudCoordinator], SensorEntity):
        )

    @property
-    @override
    def native_value(self) -> int | float | None:
        """Return the native value of the sensor."""
        return self.coordinator.data[self._device_id].get(
@@ -1,6 +1,6 @@
 """Config flow to configure the AdGuard Home integration."""

-from typing import Any, override
+from typing import Any

 from adguardhome import AdGuardHome, AdGuardHomeConnectionError
 import voluptuous as vol
@@ -57,7 +57,6 @@ class AdGuardHomeFlowHandler(ConfigFlow, domain=DOMAIN):
            errors=errors or {},
        )

-    @override
    async def async_step_user(
        self, user_input: dict[str, Any] | None = None
    ) -> ConfigFlowResult:
@@ -103,7 +102,6 @@ class AdGuardHomeFlowHandler(ConfigFlow, domain=DOMAIN):
            },
        )

-    @override
    async def async_step_hassio(
        self, discovery_info: HassioServiceInfo
    ) -> ConfigFlowResult:
@@ -1,7 +1,5 @@
 """AdGuard Home base entity."""

-from typing import override
-
 from adguardhome import AdGuardHomeError

 from homeassistant.config_entries import SOURCE_HASSIO
@@ -49,7 +47,6 @@ class AdGuardHomeEntity(Entity):
        raise NotImplementedError

    @property
-    @override
    def device_info(self) -> DeviceInfo:
        """Return device information about this AdGuard Home instance."""
        if self._entry.source == SOURCE_HASSIO:
@@ -3,7 +3,7 @@
 from collections.abc import Callable, Coroutine
 from dataclasses import dataclass
 from datetime import timedelta
-from typing import Any, override
+from typing import Any

 from adguardhome import AdGuardHome

@@ -108,7 +108,7 @@ class AdGuardHomeSensor(AdGuardHomeEntity, SensorEntity):
        """Initialize AdGuard Home sensor."""
        super().__init__(data, entry)
        self.entity_description = description
-        self._attr_unique_id = "_".join(  # pylint: disable=home-assistant-entity-unique-id-redundant-domain
+        self._attr_unique_id = "_".join(
            [
                DOMAIN,
                self.adguard.host,
@@ -118,7 +118,6 @@ class AdGuardHomeSensor(AdGuardHomeEntity, SensorEntity):
            ]
        )

-    @override
    async def _adguard_update(self) -> None:
        """Update AdGuard Home entity."""
        value = await self.entity_description.value_fn(self.adguard)
@@ -3,7 +3,7 @@
 from collections.abc import Callable, Coroutine
 from dataclasses import dataclass
 from datetime import timedelta
-from typing import Any, override
+from typing import Any

 from adguardhome import AdGuardHome, AdGuardHomeError

@@ -103,7 +103,7 @@ class AdGuardHomeSwitch(AdGuardHomeEntity, SwitchEntity):
        """Initialize AdGuard Home switch."""
        super().__init__(data, entry)
        self.entity_description = description
-        self._attr_unique_id = "_".join(  # pylint: disable=home-assistant-entity-unique-id-redundant-domain
+        self._attr_unique_id = "_".join(
            [
                DOMAIN,
                self.adguard.host,
@@ -113,7 +113,6 @@ class AdGuardHomeSwitch(AdGuardHomeEntity, SwitchEntity):
            ]
        )

-    @override
    async def async_turn_off(self, **kwargs: Any) -> None:
        """Turn off the switch."""
        try:
@@ -125,7 +124,6 @@ class AdGuardHomeSwitch(AdGuardHomeEntity, SwitchEntity):
                translation_key="error_while_turn_off",
            ) from err

-    @override
    async def async_turn_on(self, **kwargs: Any) -> None:
        """Turn on the switch."""
        try:
@@ -137,7 +135,6 @@ class AdGuardHomeSwitch(AdGuardHomeEntity, SwitchEntity):
                translation_key="error_while_turn_on",
            ) from err

-    @override
    async def _adguard_update(self) -> None:
        """Update AdGuard Home entity."""
        self._attr_is_on = await self.entity_description.is_on_fn(self.adguard)()
@@ -1,7 +1,7 @@
 """AdGuard Home Update platform."""

 from datetime import timedelta
-from typing import Any, override
+from typing import Any

 from adguardhome import AdGuardHomeError

@@ -46,11 +46,10 @@ class AdGuardHomeUpdate(AdGuardHomeEntity, UpdateEntity):
        """Initialize AdGuard Home update."""
        super().__init__(data, entry)

-        self._attr_unique_id = "_".join(  # pylint: disable=home-assistant-entity-unique-id-redundant-domain
+        self._attr_unique_id = "_".join(
            [DOMAIN, self.adguard.host, str(self.adguard.port), "update"]
        )

-    @override
    async def _adguard_update(self) -> None:
        """Update AdGuard Home entity."""
        value = await self.adguard.update.update_available()
@@ -59,7 +58,6 @@ class AdGuardHomeUpdate(AdGuardHomeEntity, UpdateEntity):
        self._attr_release_summary = value.announcement
        self._attr_release_url = value.announcement_url

-    @override
    async def async_install(
        self, version: str | None, backup: bool, **kwargs: Any
    ) -> None:
@@ -1,7 +1,5 @@
 """Support for ADS binary sensors."""

-from typing import override
-
 import pyads
 import voluptuous as vol

@@ -62,13 +60,11 @@ class AdsBinarySensor(AdsEntity, BinarySensorEntity):
        super().__init__(ads_hub, name, ads_var)
        self._attr_device_class = device_class or BinarySensorDeviceClass.MOVING

-    @override
    async def async_added_to_hass(self) -> None:
        """Register device notification."""
        await self.async_initialize_device(self._ads_var, pyads.PLCTYPE_BOOL)

    @property
-    @override
    def is_on(self) -> bool:
        """Return True if the entity is on."""
        return self._state_dict[STATE_KEY_STATE]
@@ -1,6 +1,6 @@
 """Support for ADS covers."""

-from typing import Any, override
+from typing import Any

 import pyads
 import voluptuous as vol
@@ -122,7 +122,6 @@ class AdsCover(AdsEntity, CoverEntity):
        if ads_var_pos_set is not None:
            self._attr_supported_features |= CoverEntityFeature.SET_POSITION

-    @override
    async def async_added_to_hass(self) -> None:
        """Register device notification."""
        if self._ads_var is not None:
@@ -134,7 +133,6 @@ class AdsCover(AdsEntity, CoverEntity):
            )

    @property
-    @override
    def is_closed(self) -> bool | None:
        """Return if the cover is closed."""
        if self._ads_var is not None:
@@ -144,18 +142,15 @@ class AdsCover(AdsEntity, CoverEntity):
        return None

    @property
-    @override
    def current_cover_position(self) -> int:
        """Return current position of cover."""
        return self._state_dict[STATE_KEY_POSITION]

-    @override
    def stop_cover(self, **kwargs: Any) -> None:
        """Fire the stop action."""
        if self._ads_var_stop:
            self._ads_hub.write_by_name(self._ads_var_stop, True, pyads.PLCTYPE_BOOL)

-    @override
    def set_cover_position(self, **kwargs: Any) -> None:
        """Set cover position."""
        position = kwargs[ATTR_POSITION]
@@ -164,7 +159,6 @@ class AdsCover(AdsEntity, CoverEntity):
                self._ads_var_pos_set, position, pyads.PLCTYPE_BYTE
            )

-    @override
    def open_cover(self, **kwargs: Any) -> None:
        """Move the cover up."""
        if self._ads_var_open is not None:
@@ -172,7 +166,6 @@ class AdsCover(AdsEntity, CoverEntity):
        elif self._ads_var_pos_set is not None:
            self.set_cover_position(position=100)

-    @override
    def close_cover(self, **kwargs: Any) -> None:
        """Move the cover down."""
        if self._ads_var_close is not None:
@@ -181,7 +174,6 @@ class AdsCover(AdsEntity, CoverEntity):
            self.set_cover_position(position=0)

    @property
-    @override
    def available(self) -> bool:
        """Return False if state has not been updated yet."""
        if self._ads_var is not None or self._ads_var_position is not None:
@@ -3,7 +3,7 @@
 import asyncio
 from asyncio import timeout
 import logging
-from typing import Any, override
+from typing import Any

 from homeassistant.helpers.entity import Entity

@@ -65,7 +65,6 @@ class AdsEntity(Entity):
            _LOGGER.debug("Variable %s: Timeout during first update", ads_var)

    @property
-    @override
    def available(self) -> bool:
        """Return False if state has not been updated yet."""
        return self._state_dict[STATE_KEY_STATE] is not None
@@ -1,6 +1,6 @@
 """Support for ADS light sources."""

-from typing import Any, override
+from typing import Any

 import pyads
 import voluptuous as vol
@@ -120,7 +120,6 @@ class AdsLight(AdsEntity, LightEntity):
                else DEFAULT_MAX_KELVIN
            )

-    @override
    async def async_added_to_hass(self) -> None:
        """Register device notification."""
        await self.async_initialize_device(self._ads_var, pyads.PLCTYPE_BOOL)
@@ -140,24 +139,20 @@ class AdsLight(AdsEntity, LightEntity):
            )

    @property
-    @override
    def brightness(self) -> int | None:
        """Return the brightness of the light (0..255)."""
        return self._state_dict[STATE_KEY_BRIGHTNESS]

    @property
-    @override
    def color_temp_kelvin(self) -> int | None:
        """Return the color temperature in Kelvin."""
        return self._state_dict[STATE_KEY_COLOR_TEMP_KELVIN]

    @property
-    @override
    def is_on(self) -> bool:
        """Return True if the entity is on."""
        return self._state_dict[STATE_KEY_STATE]

-    @override
    def turn_on(self, **kwargs: Any) -> None:
        """Turn the light on or set a specific dimmer value."""
        brightness = kwargs.get(ATTR_BRIGHTNESS)
@@ -175,7 +170,6 @@ class AdsLight(AdsEntity, LightEntity):
                self._ads_var_color_temp_kelvin, color_temp, pyads.PLCTYPE_UINT
            )

-    @override
    def turn_off(self, **kwargs: Any) -> None:
        """Turn the light off."""
        self._ads_hub.write_by_name(self._ads_var, False, pyads.PLCTYPE_BOOL)
@@ -1,7 +1,5 @@
 """Support for ADS select entities."""

-from typing import override
-
 import pyads
 import voluptuous as vol

@@ -9,7 +7,7 @@ from homeassistant.components.select import (
    PLATFORM_SCHEMA as SELECT_PLATFORM_SCHEMA,
    SelectEntity,
 )
-from homeassistant.const import CONF_NAME, CONF_OPTIONS
+from homeassistant.const import CONF_NAME
 from homeassistant.core import HomeAssistant
 from homeassistant.helpers import config_validation as cv
 from homeassistant.helpers.entity_platform import AddEntitiesCallback
@@ -21,6 +19,9 @@ from .hub import AdsHub

 DEFAULT_NAME = "ADS select"

+# pylint: disable-next=home-assistant-duplicate-const
+CONF_OPTIONS = "options"
+
 PLATFORM_SCHEMA = SELECT_PLATFORM_SCHEMA.extend(
    {
        vol.Required(CONF_ADS_VAR): cv.string,
@@ -63,7 +64,6 @@ class AdsSelect(AdsEntity, SelectEntity):
        self._attr_options = options
        self._attr_current_option = None

-    @override
    async def async_added_to_hass(self) -> None:
        """Register device notification."""
        await self.async_initialize_device(self._ads_var, pyads.PLCTYPE_INT)
@@ -71,7 +71,6 @@ class AdsSelect(AdsEntity, SelectEntity):
            self._ads_var, pyads.PLCTYPE_INT, self._handle_ads_value
        )

-    @override
    def select_option(self, option: str) -> None:
        """Change the selected option."""
        if option in self._attr_options:
@@ -1,7 +1,5 @@
 """Support for ADS sensors."""

-from typing import override
-
 import voluptuous as vol

 from homeassistant.components.sensor import (
@@ -110,7 +108,6 @@ class AdsSensor(AdsEntity, SensorEntity):
        self._attr_state_class = state_class
        self._attr_native_unit_of_measurement = unit_of_measurement

-    @override
    async def async_added_to_hass(self) -> None:
        """Register device notification."""
        await self.async_initialize_device(
@@ -121,7 +118,6 @@ class AdsSensor(AdsEntity, SensorEntity):
        )

    @property
-    @override
    def native_value(self) -> StateType:
        """Return the state of the device."""
        return self._state_dict[STATE_KEY_STATE]
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Franck Nijhof	38a5fad551	Address review: skip duplicate fetch when language is English	2026-05-20 13:05:59 +00:00
Franck Nijhof	86fc954e6d	Fix onboarding crash when area translations are missing	2026-05-20 12:55:07 +00:00
@@ -1 +1 @@
 .14.5
 .14.4