Implement review comments from #104658

Fix style
Add info what to enter into host field
2025-09-23 11:59:37 +00:00 · 2023-11-29 05:36:29 +00:00 · 2023-11-28 17:44:45 +00:00 · 2023-11-28 17:35:21 +00:00
18635 changed files with 456550 additions and 1866427 deletions
--- a/.core_files.yaml
+++ b/.core_files.yaml
@@ -6,7 +6,6 @@ core: &core
  - homeassistant/helpers/**
  - homeassistant/package_constraints.txt
  - homeassistant/util/**
-  - mypy.ini
  - pyproject.toml
  - requirements.txt
  - setup.cfg
@@ -15,7 +14,6 @@ core: &core
 base_platforms: &base_platforms
  - homeassistant/components/air_quality/**
  - homeassistant/components/alarm_control_panel/**
-  - homeassistant/components/assist_satellite/**
  - homeassistant/components/binary_sensor/**
  - homeassistant/components/button/**
  - homeassistant/components/calendar/**
@@ -51,7 +49,6 @@ base_platforms: &base_platforms
  - homeassistant/components/tts/**
  - homeassistant/components/update/**
  - homeassistant/components/vacuum/**
-  - homeassistant/components/valve/**
  - homeassistant/components/water_heater/**
  - homeassistant/components/weather/**

@@ -63,7 +60,6 @@ components: &components
  - homeassistant/components/auth/**
  - homeassistant/components/automation/**
  - homeassistant/components/backup/**
-  - homeassistant/components/blueprint/**
  - homeassistant/components/bluetooth/**
  - homeassistant/components/cloud/**
  - homeassistant/components/config/**
@@ -80,7 +76,6 @@ components: &components
  - homeassistant/components/group/**
  - homeassistant/components/hassio/**
  - homeassistant/components/homeassistant/**
-  - homeassistant/components/homeassistant_hardware/**
  - homeassistant/components/http/**
  - homeassistant/components/image/**
  - homeassistant/components/input_boolean/**
@@ -113,7 +108,6 @@ components: &components
  - homeassistant/components/tag/**
  - homeassistant/components/template/**
  - homeassistant/components/timer/**
-  - homeassistant/components/trace/**
  - homeassistant/components/usb/**
  - homeassistant/components/webhook/**
  - homeassistant/components/websocket_api/**
@@ -126,22 +120,21 @@ tests: &tests
  - pylint/**
  - requirements_test_pre_commit.txt
  - requirements_test.txt
-  - tests/*.py
  - tests/auth/**
  - tests/backports/**
-  - tests/components/conftest.py
-  - tests/components/diagnostics/**
+  - tests/common.py
  - tests/components/history/**
-  - tests/components/light/common.py
  - tests/components/logbook/**
  - tests/components/recorder/**
-  - tests/components/repairs/**
  - tests/components/sensor/**
+  - tests/conftest.py
  - tests/hassfest/**
  - tests/helpers/**
+  - tests/ignore_uncaught_exceptions.py
  - tests/mock/**
  - tests/pylint/**
  - tests/scripts/**
+  - tests/syrupy.py
  - tests/test_util/**
  - tests/testing_config/**
  - tests/util/**
@@ -155,7 +148,6 @@ requirements: &requirements
  - homeassistant/package_constraints.txt
  - requirements*.txt
  - pyproject.toml
-  - script/licenses.py

 any:
  - *base_platforms
--- a/.coveragerc
+++ b/.coveragerc
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@@ -2,22 +2,11 @@
  "name": "Home Assistant Dev",
  "context": "..",
  "dockerFile": "../Dockerfile.dev",
-  "postCreateCommand": "git config --global --add safe.directory ${containerWorkspaceFolder} && script/setup",
+  "postCreateCommand": "script/setup",
  "postStartCommand": "script/bootstrap",
-  "containerEnv": {
-    "PYTHONASYNCIODEBUG": "1"
-  },
-  "features": {
-    "ghcr.io/devcontainers/features/github-cli:1": {}
-  },
-  // Port 5683 udp is used by Shelly integration
-  "appPort": ["8123:8123", "5683:5683/udp"],
-  "runArgs": [
-    "-e",
-    "GIT_EDITOR=code --wait",
-    "--security-opt",
-    "label=disable"
-  ],
+  "containerEnv": { "DEVCONTAINER": "1" },
+  "appPort": ["8123:8123"],
+  "runArgs": ["-e", "GIT_EDITOR=code --wait"],
  "customizations": {
    "vscode": {
      "extensions": [
@@ -27,17 +16,12 @@
        "visualstudioexptteam.vscodeintellicode",
        "redhat.vscode-yaml",
        "esbenp.prettier-vscode",
-        "GitHub.vscode-pull-request-github",
-        "GitHub.copilot"
+        "GitHub.vscode-pull-request-github"
      ],
      // Please keep this file in sync with settings in home-assistant/.vscode/settings.default.json
      "settings": {
-        "python.experiments.optOutFrom": ["pythonTestAdapter"],
-        "python.defaultInterpreterPath": "/home/vscode/.local/ha-venv/bin/python",
-        "python.pythonPath": "/home/vscode/.local/ha-venv/bin/python",
-        "python.terminal.activateEnvInCurrentTerminal": true,
+        "python.pythonPath": "/usr/local/bin/python",
        "python.testing.pytestArgs": ["--no-cov"],
-        "pylint.importStrategy": "fromEnvironment",
        "editor.formatOnPaste": false,
        "editor.formatOnSave": true,
        "editor.formatOnType": true,
@@ -58,13 +42,7 @@
        ],
        "[python]": {
          "editor.defaultFormatter": "charliermarsh.ruff"
-        },
-        "json.schemas": [
-          {
-            "fileMatch": ["homeassistant/components/*/manifest.json"],
-            "url": "${containerWorkspaceFolder}/script/json_schemas/manifest_schema.json"
-          }
-        ]
+        }
      }
    }
  }
--- a/.dockerignore
+++ b/.dockerignore
@@ -7,7 +7,6 @@ docs
 # Development
 .devcontainer
 .vscode
-.tool-versions

 # Test related files
 tests
--- a/.git-blame-ignore-revs
+++ b/.git-blame-ignore-revs
@@ -1,14 +0,0 @@
-# Black
-4de97abc3aa83188666336ce0a015a5bab75bc8f
-
-# Switch formatting from black to ruff-format (#102893)
-706add4a57120a93d7b7fe40e722b00d634c76c2
-
-# Prettify json (component test fixtures) (#68892)
-053c4428a933c3c04c22642f93c93fccba3e8bfd
-
-# Prettify json (tests) (#68888)
-496d90bf00429d9d924caeb0155edc0bf54e86b9
-
-# Bump ruff to 0.3.4 (#112690)
-6bb4e7d62c60389608acf4a7d7dacd8f029307dd
--- a/.gitattributes
+++ b/.gitattributes
@@ -11,14 +11,3 @@
 *.pcm binary

 Dockerfile.dev linguist-language=Dockerfile
-
-# Generated files
-CODEOWNERS linguist-generated=true
-Dockerfile linguist-generated=true
-homeassistant/generated/*.py linguist-generated=true
-mypy.ini linguist-generated=true
-requirements.txt linguist-generated=true
-requirements_all.txt linguist-generated=true
-requirements_test_all.txt linguist-generated=true
-requirements_test_pre_commit.txt linguist-generated=true
-script/hassfest/docker/Dockerfile linguist-generated=true
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@@ -1 +1,2 @@
-custom: https://www.openhomefoundation.org
+custom: https://www.nabucasa.com
+github: balloob
--- a/.github/ISSUE_TEMPLATE/bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yml
@@ -6,9 +6,9 @@ body:
      value: |
        This issue form is for reporting bugs only!

-        If you have a feature or enhancement request, please [request them here instead][fr].
+        If you have a feature or enhancement request, please use the [feature request][fr] section of our [Community Forum][fr].

-        [fr]: https://github.com/orgs/home-assistant/discussions
+        [fr]: https://community.home-assistant.io/c/feature-requests
  - type: textarea
    validations:
      required: true
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -10,8 +10,8 @@ contact_links:
    url: https://www.home-assistant.io/help
    about: We use GitHub for tracking bugs, check our website for resources on getting help.
  - name: Feature Request
-    url: https://github.com/orgs/home-assistant/discussions
-    about: Please use this link to request new features or enhancements to existing features.
+    url: https://community.home-assistant.io/c/feature-requests
+    about: Please use our Community Forum for making feature requests.
  - name: I'm unsure where to go
    url: https://www.home-assistant.io/join-chat
    about: If you are unsure where to go, then joining our chat is recommended; Just ask!
--- a/.github/ISSUE_TEMPLATE/task.yml
+++ b/.github/ISSUE_TEMPLATE/task.yml
@@ -1,51 +0,0 @@
-name: Task
-description: For staff only - Create a task
-type: Task
-body:
-  - type: markdown
-    attributes:
-      value: |
-        ## ⚠️ RESTRICTED ACCESS
-
-        **This form is restricted to Open Home Foundation staff, authorized contributors, and integration code owners only.**
-
-        If you are a community member wanting to contribute, please:
-        - For bug reports: Use the [bug report form](https://github.com/home-assistant/core/issues/new?template=bug_report.yml)
-        - For feature requests: Submit to [Feature Requests](https://github.com/orgs/home-assistant/discussions)
-
-        ---
-
-        ### For authorized contributors
-
-        Use this form to create tasks for development work, improvements, or other actionable items that need to be tracked.
-  - type: textarea
-    id: description
-    attributes:
-      label: Task description
-      description: |
-        Provide a clear and detailed description of the task that needs to be accomplished.
-
-        Be specific about what needs to be done, why it's important, and any constraints or requirements.
-      placeholder: |
-        Describe the task, including:
-        - What needs to be done
-        - Why this task is needed
-        - Expected outcome
-        - Any constraints or requirements
-    validations:
-      required: true
-  - type: textarea
-    id: additional_context
-    attributes:
-      label: Additional context
-      description: |
-        Any additional information, links, research, or context that would be helpful.
-
-        Include links to related issues, research, prototypes, roadmap opportunities etc.
-      placeholder: |
-        - Roadmap opportunity: [links]
-        - Feature request: [link]
-        - Technical design documents: [link]
-        - Prototype/mockup: [link]
-    validations:
-      required: false
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -46,8 +46,6 @@
 - This PR fixes or closes issue: fixes #
 - This PR is related to issue: 
 - Link to documentation pull request: 
- Link to developer documentation pull request: 
- Link to frontend pull request: 

 ## Checklist
 <!--
@@ -76,6 +74,7 @@ If the code communicates with devices, web services, or third-party tools:
 - [ ] New or updated dependencies have been added to `requirements_all.txt`.  
      Updated by running `python3 -m script.gen_requirements_all`.
 - [ ] For the updated dependencies - a link to the changelog, or at minimum a diff between library versions is added to the PR description.
+- [ ] Untested files have been added to `.coveragerc`.

 <!--
  This project is very active and we have a high turnover of pull requests.
--- a/.github/assets/screenshot-integrations.png
+++ b/.github/assets/screenshot-integrations.png
--- a/.github/assets/screenshot-states.png
+++ b/.github/assets/screenshot-states.png
--- a/.github/copilot-instructions.md
+++ b/.github/copilot-instructions.md
--- a/.github/workflows/builder.yml
+++ b/.github/workflows/builder.yml
@@ -10,10 +10,7 @@ on:

 env:
  BUILD_TYPE: core
-  DEFAULT_PYTHON: "3.13"
-  PIP_TIMEOUT: 60
-  UV_HTTP_TIMEOUT: 60
-  UV_SYSTEM_PYTHON: "true"
+  DEFAULT_PYTHON: "3.11"

 jobs:
  init:
@@ -27,12 +24,12 @@ jobs:
      publish: ${{ steps.version.outputs.publish }}
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@v4.2.2
+        uses: actions/checkout@v4.1.1
        with:
          fetch-depth: 0

      - name: Set up Python ${{ env.DEFAULT_PYTHON }}
-        uses: actions/setup-python@v5.6.0
+        uses: actions/setup-python@v4.7.1
        with:
          python-version: ${{ env.DEFAULT_PYTHON }}

@@ -51,29 +48,41 @@ jobs:
        with:
          ignore-dev: true

-      - name: Fail if translations files are checked in
-        run: |
-          if [ -n "$(find homeassistant/components/*/translations -type f)" ]; then
-              echo "Translations files are checked in, please remove the following files:"
-              find homeassistant/components/*/translations -type f
-              exit 1
-          fi
+  build_python:
+    name: Build PyPi package
+    environment: ${{ needs.init.outputs.channel }}
+    needs: ["init", "build_base"]
+    runs-on: ubuntu-latest
+    if: github.repository_owner == 'home-assistant' && needs.init.outputs.publish == 'true'
+    steps:
+      - name: Checkout the repository
+        uses: actions/checkout@v4.1.1
+
+      - name: Set up Python ${{ env.DEFAULT_PYTHON }}
+        uses: actions/setup-python@v4.7.1
+        with:
+          python-version: ${{ env.DEFAULT_PYTHON }}

      - name: Download Translations
        run: python3 -m script.translations download
        env:
          LOKALISE_TOKEN: ${{ secrets.LOKALISE_TOKEN }}

-      - name: Archive translations
+      - name: Build package
        shell: bash
-        run: find ./homeassistant/components/*/translations -name "*.json" | tar zcvf translations.tar.gz -T -
+        run: |
+          # Remove dist, build, and homeassistant.egg-info
+          # when build locally for testing!
+          pip install twine build
+          python -m build

-      - name: Upload translations
-        uses: actions/upload-artifact@v4.6.2
-        with:
-          name: translations
-          path: translations.tar.gz
-          if-no-files-found: error
+      - name: Upload package
+        shell: bash
+        run: |
+          export TWINE_USERNAME="__token__"
+          export TWINE_PASSWORD="${{ secrets.TWINE_TOKEN }}"
+
+          twine upload dist/* --skip-existing

  build_base:
    name: Build ${{ matrix.arch }} base core image
@@ -85,16 +94,15 @@ jobs:
      packages: write
      id-token: write
    strategy:
-      fail-fast: false
      matrix:
        arch: ${{ fromJson(needs.init.outputs.architectures) }}
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@v4.2.2
+        uses: actions/checkout@v4.1.1

      - name: Download nightly wheels of frontend
        if: needs.init.outputs.channel == 'dev'
-        uses: dawidd6/action-download-artifact@v11
+        uses: dawidd6/action-download-artifact@v2
        with:
          github_token: ${{secrets.GITHUB_TOKEN}}
          repo: home-assistant/frontend
@@ -105,10 +113,10 @@ jobs:

      - name: Download nightly wheels of intents
        if: needs.init.outputs.channel == 'dev'
-        uses: dawidd6/action-download-artifact@v11
+        uses: dawidd6/action-download-artifact@v2
        with:
          github_token: ${{secrets.GITHUB_TOKEN}}
-          repo: OHF-Voice/intents-package
+          repo: home-assistant/intents-package
          branch: main
          workflow: nightly.yaml
          workflow_conclusion: success
@@ -116,20 +124,17 @@ jobs:

      - name: Set up Python ${{ env.DEFAULT_PYTHON }}
        if: needs.init.outputs.channel == 'dev'
-        uses: actions/setup-python@v5.6.0
+        uses: actions/setup-python@v4.7.1
        with:
          python-version: ${{ env.DEFAULT_PYTHON }}

      - name: Adjust nightly version
        if: needs.init.outputs.channel == 'dev'
        shell: bash
-        env:
-          UV_PRERELEASE: allow
        run: |
-          python3 -m pip install "$(grep '^uv' < requirements.txt)"
-          uv pip install packaging tomli
-          uv pip install .
-          python3 script/version_bump.py nightly --set-nightly-version "${{ needs.init.outputs.version }}"
+          python3 -m pip install packaging tomli
+          python3 -m pip install .
+          version="$(python3 script/version_bump.py nightly)"

          if [[ "$(ls home_assistant_frontend*.whl)" =~ ^home_assistant_frontend-(.*)-py3-none-any.whl$ ]]; then
            echo "Found frontend wheel, setting version to: ${BASH_REMATCH[1]}"
@@ -141,7 +146,7 @@ jobs:
            sed -i "s|home-assistant-frontend==.*|home-assistant-frontend==${BASH_REMATCH[1]}|" \
              homeassistant/package_constraints.txt

-            sed -i "s|home-assistant-frontend==.*||" requirements_all.txt
+            python -m script.gen_requirements_all
          fi

          if [[ "$(ls home_assistant_intents*.whl)" =~ ^home_assistant_intents-(.*)-py3-none-any.whl$ ]]; then
@@ -159,7 +164,7 @@ jobs:
            sed -i "s|home-assistant-intents==.*|home-assistant-intents==${BASH_REMATCH[1]}|" \
              homeassistant/package_constraints.txt

-            sed -i "s|home-assistant-intents==.*||" requirements_all.txt
+            python -m script.gen_requirements_all
          fi

      - name: Adjustments for armhf
@@ -174,15 +179,10 @@ jobs:
          sed -i "s|pyezviz|# pyezviz|g" requirements_all.txt
          sed -i "s|pykrakenapi|# pykrakenapi|g" requirements_all.txt

-      - name: Download translations
-        uses: actions/download-artifact@v4.3.0
-        with:
-          name: translations
-
-      - name: Extract translations
-        run: |
-          tar xvf translations.tar.gz
-          rm translations.tar.gz
+      - name: Download Translations
+        run: python3 -m script.translations download
+        env:
+          LOKALISE_TOKEN: ${{ secrets.LOKALISE_TOKEN }}

      - name: Write meta info file
        shell: bash
@@ -190,14 +190,14 @@ jobs:
          echo "${{ github.sha }};${{ github.ref }};${{ github.event_name }};${{ github.actor }}" > rootfs/OFFICIAL_IMAGE

      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3.4.0
+        uses: docker/login-action@v3.0.0
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Build base image
-        uses: home-assistant/builder@2025.03.0
+        uses: home-assistant/builder@2023.09.0
        with:
          args: |
            $BUILD_ARGS \
@@ -206,6 +206,17 @@ jobs:
            --target /data \
            --generic ${{ needs.init.outputs.version }}

+      - name: Archive translations
+        shell: bash
+        run: find ./homeassistant/components/*/translations -name "*.json" | tar zcvf translations.tar.gz -T -
+
+      - name: Upload translations
+        uses: actions/upload-artifact@v3
+        with:
+          name: translations
+          path: translations.tar.gz
+          if-no-files-found: error
+
  build_machine:
    name: Build ${{ matrix.machine }} machine core image
    if: github.repository_owner == 'home-assistant'
@@ -236,13 +247,12 @@ jobs:
          - raspberrypi3-64
          - raspberrypi4
          - raspberrypi4-64
-          - raspberrypi5-64
          - tinker
          - yellow
          - green
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@v4.2.2
+        uses: actions/checkout@v4.1.1

      - name: Set build additional args
        run: |
@@ -256,14 +266,14 @@ jobs:
          fi

      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3.4.0
+        uses: docker/login-action@v3.0.0
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Build base image
-        uses: home-assistant/builder@2025.03.0
+        uses: home-assistant/builder@2023.09.0
        with:
          args: |
            $BUILD_ARGS \
@@ -279,7 +289,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@v4.2.2
+        uses: actions/checkout@v4.1.1

      - name: Initialize git
        uses: home-assistant/actions/helpers/git-init@master
@@ -315,29 +325,23 @@ jobs:
      contents: read
      packages: write
      id-token: write
-    strategy:
-      fail-fast: false
-      matrix:
-        registry: ["ghcr.io/home-assistant", "docker.io/homeassistant"]
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@v4.2.2
+        uses: actions/checkout@v4.1.1

      - name: Install Cosign
-        uses: sigstore/cosign-installer@v3.9.1
+        uses: sigstore/cosign-installer@v3.2.0
        with:
-          cosign-release: "v2.2.3"
+          cosign-release: "v2.0.2"

      - name: Login to DockerHub
-        if: matrix.registry == 'docker.io/homeassistant'
-        uses: docker/login-action@v3.4.0
+        uses: docker/login-action@v3.0.0
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Login to GitHub Container Registry
-        if: matrix.registry == 'ghcr.io/home-assistant'
-        uses: docker/login-action@v3.4.0
+        uses: docker/login-action@v3.0.0
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
@@ -351,37 +355,41 @@ jobs:
          function create_manifest() {
            local tag_l=${1}
            local tag_r=${2}
-            local registry=${{ matrix.registry }}

-            docker manifest create "${registry}/home-assistant:${tag_l}" \
-              "${registry}/amd64-homeassistant:${tag_r}" \
-              "${registry}/i386-homeassistant:${tag_r}" \
-              "${registry}/armhf-homeassistant:${tag_r}" \
-              "${registry}/armv7-homeassistant:${tag_r}" \
-              "${registry}/aarch64-homeassistant:${tag_r}"
+            for registry in "ghcr.io/home-assistant" "docker.io/homeassistant"
+            do

-            docker manifest annotate "${registry}/home-assistant:${tag_l}" \
-              "${registry}/amd64-homeassistant:${tag_r}" \
-              --os linux --arch amd64
+              docker manifest create "${registry}/home-assistant:${tag_l}" \
+                "${registry}/amd64-homeassistant:${tag_r}" \
+                "${registry}/i386-homeassistant:${tag_r}" \
+                "${registry}/armhf-homeassistant:${tag_r}" \
+                "${registry}/armv7-homeassistant:${tag_r}" \
+                "${registry}/aarch64-homeassistant:${tag_r}"

-            docker manifest annotate "${registry}/home-assistant:${tag_l}" \
-              "${registry}/i386-homeassistant:${tag_r}" \
-              --os linux --arch 386
+              docker manifest annotate "${registry}/home-assistant:${tag_l}" \
+                "${registry}/amd64-homeassistant:${tag_r}" \
+                --os linux --arch amd64

-            docker manifest annotate "${registry}/home-assistant:${tag_l}" \
-              "${registry}/armhf-homeassistant:${tag_r}" \
-              --os linux --arch arm --variant=v6
+              docker manifest annotate "${registry}/home-assistant:${tag_l}" \
+                "${registry}/i386-homeassistant:${tag_r}" \
+                --os linux --arch 386

-            docker manifest annotate "${registry}/home-assistant:${tag_l}" \
-              "${registry}/armv7-homeassistant:${tag_r}" \
-              --os linux --arch arm --variant=v7
+              docker manifest annotate "${registry}/home-assistant:${tag_l}" \
+                "${registry}/armhf-homeassistant:${tag_r}" \
+                --os linux --arch arm --variant=v6

-            docker manifest annotate "${registry}/home-assistant:${tag_l}" \
-              "${registry}/aarch64-homeassistant:${tag_r}" \
-              --os linux --arch arm64 --variant=v8
+              docker manifest annotate "${registry}/home-assistant:${tag_l}" \
+                "${registry}/armv7-homeassistant:${tag_r}" \
+                --os linux --arch arm --variant=v7

-            docker manifest push --purge "${registry}/home-assistant:${tag_l}"
-            cosign sign --yes "${registry}/home-assistant:${tag_l}"
+              docker manifest annotate "${registry}/home-assistant:${tag_l}" \
+                "${registry}/aarch64-homeassistant:${tag_r}" \
+                --os linux --arch arm64 --variant=v8
+
+              docker manifest push --purge "${registry}/home-assistant:${tag_l}"
+              cosign sign --yes "${registry}/home-assistant:${tag_l}"
+
+            done
          }

          function validate_image() {
@@ -414,14 +422,12 @@ jobs:
          validate_image "ghcr.io/home-assistant/armv7-homeassistant:${{ needs.init.outputs.version }}"
          validate_image "ghcr.io/home-assistant/aarch64-homeassistant:${{ needs.init.outputs.version }}"

-          if [[ "${{ matrix.registry }}" ==  "docker.io/homeassistant" ]]; then
-            # Upload images to dockerhub
-            push_dockerhub "amd64-homeassistant" "${{ needs.init.outputs.version }}"
-            push_dockerhub "i386-homeassistant" "${{ needs.init.outputs.version }}"
-            push_dockerhub "armhf-homeassistant" "${{ needs.init.outputs.version }}"
-            push_dockerhub "armv7-homeassistant" "${{ needs.init.outputs.version }}"
-            push_dockerhub "aarch64-homeassistant" "${{ needs.init.outputs.version }}"
-          fi
+          # Upload images to dockerhub
+          push_dockerhub "amd64-homeassistant" "${{ needs.init.outputs.version }}"
+          push_dockerhub "i386-homeassistant" "${{ needs.init.outputs.version }}"
+          push_dockerhub "armhf-homeassistant" "${{ needs.init.outputs.version }}"
+          push_dockerhub "armv7-homeassistant" "${{ needs.init.outputs.version }}"
+          push_dockerhub "aarch64-homeassistant" "${{ needs.init.outputs.version }}"

          # Create version tag
          create_manifest "${{ needs.init.outputs.version }}" "${{ needs.init.outputs.version }}"
@@ -442,97 +448,3 @@ jobs:
            v="${{ needs.init.outputs.version }}"
            create_manifest "${v%.*}" "${{ needs.init.outputs.version }}"
          fi
-
-  build_python:
-    name: Build PyPi package
-    environment: ${{ needs.init.outputs.channel }}
-    needs: ["init", "build_base"]
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      id-token: write
-    if: github.repository_owner == 'home-assistant' && needs.init.outputs.publish == 'true'
-    steps:
-      - name: Checkout the repository
-        uses: actions/checkout@v4.2.2
-
-      - name: Set up Python ${{ env.DEFAULT_PYTHON }}
-        uses: actions/setup-python@v5.6.0
-        with:
-          python-version: ${{ env.DEFAULT_PYTHON }}
-
-      - name: Download translations
-        uses: actions/download-artifact@v4.3.0
-        with:
-          name: translations
-
-      - name: Extract translations
-        run: |
-          tar xvf translations.tar.gz
-          rm translations.tar.gz
-
-      - name: Build package
-        shell: bash
-        run: |
-          # Remove dist, build, and homeassistant.egg-info
-          # when build locally for testing!
-          pip install build
-          python -m build
-
-      - name: Upload package to PyPI
-        uses: pypa/gh-action-pypi-publish@v1.12.4
-        with:
-          skip-existing: true
-
-  hassfest-image:
-    name: Build and test hassfest image
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      packages: write
-      attestations: write
-      id-token: write
-    needs: ["init"]
-    if: github.repository_owner == 'home-assistant'
-    env:
-      HASSFEST_IMAGE_NAME: ghcr.io/home-assistant/hassfest
-      HASSFEST_IMAGE_TAG: ghcr.io/home-assistant/hassfest:${{ needs.init.outputs.version }}
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Build Docker image
-        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
-        with:
-          context: . # So action will not pull the repository again
-          file: ./script/hassfest/docker/Dockerfile
-          load: true
-          tags: ${{ env.HASSFEST_IMAGE_TAG }}
-
-      - name: Run hassfest against core
-        run: docker run --rm -v ${{ github.workspace }}:/github/workspace ${{ env.HASSFEST_IMAGE_TAG }} --core-path=/github/workspace
-
-      - name: Push Docker image
-        if: needs.init.outputs.channel != 'dev' && needs.init.outputs.publish == 'true'
-        id: push
-        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
-        with:
-          context: . # So action will not pull the repository again
-          file: ./script/hassfest/docker/Dockerfile
-          push: true
-          tags: ${{ env.HASSFEST_IMAGE_TAG }},${{ env.HASSFEST_IMAGE_NAME }}:latest
-
-      - name: Generate artifact attestation
-        if: needs.init.outputs.channel != 'dev' && needs.init.outputs.publish == 'true'
-        uses: actions/attest-build-provenance@e8998f949152b193b063cb0ec769d69d929409be # v2.4.0
-        with:
-          subject-name: ${{ env.HASSFEST_IMAGE_NAME }}
-          subject-digest: ${{ steps.push.outputs.digest }}
-          push-to-registry: true
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -2,6 +2,11 @@ name: "CodeQL"

 # yamllint disable-line rule:truthy
 on:
+  push:
+    branches:
+      - dev
+      - rc
+      - master
  schedule:
    - cron: "30 18 * * 4"

@@ -21,14 +26,14 @@ jobs:

    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@v4.2.2
+        uses: actions/checkout@v4.1.1

      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3.29.2
+        uses: github/codeql-action/init@v2.22.8
        with:
          languages: python

      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3.29.2
+        uses: github/codeql-action/analyze@v2.22.8
        with:
          category: "/language:python"
--- a/.github/workflows/detect-duplicate-issues.yml
+++ b/.github/workflows/detect-duplicate-issues.yml
@@ -1,385 +0,0 @@
-name: Auto-detect duplicate issues
-
-# yamllint disable-line rule:truthy
-on:
-  issues:
-    types: [labeled]
-
-permissions:
-  issues: write
-  models: read
-
-jobs:
-  detect-duplicates:
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Check if integration label was added and extract details
-        id: extract
-        uses: actions/github-script@v7.0.1
-        with:
-          script: |
-            // Debug: Log the event payload
-            console.log('Event name:', context.eventName);
-            console.log('Event action:', context.payload.action);
-            console.log('Event payload keys:', Object.keys(context.payload));
-
-            // Check the specific label that was added
-            const addedLabel = context.payload.label;
-            if (!addedLabel) {
-              console.log('No label found in labeled event payload');
-              core.setOutput('should_continue', 'false');
-              return;
-            }
-
-            console.log(`Label added: ${addedLabel.name}`);
-
-            if (!addedLabel.name.startsWith('integration:')) {
-              console.log('Added label is not an integration label, skipping duplicate detection');
-              core.setOutput('should_continue', 'false');
-              return;
-            }
-
-            console.log(`Integration label added: ${addedLabel.name}`);
-
-            let currentIssue;
-            let integrationLabels = [];
-
-            try {
-              const issue = await github.rest.issues.get({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                issue_number: context.payload.issue.number
-              });
-
-              currentIssue = issue.data;
-
-              // Check if potential-duplicate label already exists
-              const hasPotentialDuplicateLabel = currentIssue.labels
-                .some(label => label.name === 'potential-duplicate');
-
-              if (hasPotentialDuplicateLabel) {
-                console.log('Issue already has potential-duplicate label, skipping duplicate detection');
-                core.setOutput('should_continue', 'false');
-                return;
-              }
-
-              integrationLabels = currentIssue.labels
-                .filter(label => label.name.startsWith('integration:'))
-                .map(label => label.name);
-            } catch (error) {
-              core.error(`Failed to fetch issue #${context.payload.issue.number}:`, error.message);
-              core.setOutput('should_continue', 'false');
-              return;
-            }
-
-            // Check if we've already posted a duplicate detection comment recently
-            let comments;
-            try {
-              comments = await github.rest.issues.listComments({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                issue_number: context.payload.issue.number,
-                per_page: 10
-              });
-            } catch (error) {
-              core.error('Failed to fetch comments:', error.message);
-              // Continue anyway, worst case we might post a duplicate comment
-              comments = { data: [] };
-            }
-
-            // Check if we've already posted a duplicate detection comment
-            const recentDuplicateComment = comments.data.find(comment =>
-              comment.user && comment.user.login === 'github-actions[bot]' &&
-              comment.body.includes('<!-- workflow: detect-duplicate-issues -->')
-            );
-
-            if (recentDuplicateComment) {
-              console.log('Already posted duplicate detection comment, skipping');
-              core.setOutput('should_continue', 'false');
-              return;
-            }
-
-            core.setOutput('should_continue', 'true');
-            core.setOutput('current_number', currentIssue.number);
-            core.setOutput('current_title', currentIssue.title);
-            core.setOutput('current_body', currentIssue.body);
-            core.setOutput('current_url', currentIssue.html_url);
-            core.setOutput('integration_labels', JSON.stringify(integrationLabels));
-
-            console.log(`Current issue: #${currentIssue.number}`);
-            console.log(`Integration labels: ${integrationLabels.join(', ')}`);
-
-      - name: Fetch similar issues
-        id: fetch_similar
-        if: steps.extract.outputs.should_continue == 'true'
-        uses: actions/github-script@v7.0.1
-        env:
-          INTEGRATION_LABELS: ${{ steps.extract.outputs.integration_labels }}
-          CURRENT_NUMBER: ${{ steps.extract.outputs.current_number }}
-        with:
-          script: |
-            const integrationLabels = JSON.parse(process.env.INTEGRATION_LABELS);
-            const currentNumber = parseInt(process.env.CURRENT_NUMBER);
-
-            if (integrationLabels.length === 0) {
-              console.log('No integration labels found, skipping duplicate detection');
-              core.setOutput('has_similar', 'false');
-              return;
-            }
-
-            // Use GitHub search API to find issues with matching integration labels
-            console.log(`Searching for issues with integration labels: ${integrationLabels.join(', ')}`);
-
-            // Build search query for issues with any of the current integration labels
-            const labelQueries = integrationLabels.map(label => `label:"${label}"`);
-
-            // Calculate date 6 months ago
-            const sixMonthsAgo = new Date();
-            sixMonthsAgo.setMonth(sixMonthsAgo.getMonth() - 6);
-            const dateFilter = `created:>=${sixMonthsAgo.toISOString().split('T')[0]}`;
-
-            let searchQuery;
-
-            if (labelQueries.length === 1) {
-              searchQuery = `repo:${context.repo.owner}/${context.repo.repo} is:issue ${labelQueries[0]} ${dateFilter}`;
-            } else {
-              searchQuery = `repo:${context.repo.owner}/${context.repo.repo} is:issue (${labelQueries.join(' OR ')}) ${dateFilter}`;
-            }
-
-            console.log(`Search query: ${searchQuery}`);
-
-            let result;
-            try {
-              result = await github.rest.search.issuesAndPullRequests({
-                q: searchQuery,
-                per_page: 15,
-                sort: 'updated',
-                order: 'desc'
-              });
-            } catch (error) {
-              core.error('Failed to search for similar issues:', error.message);
-              if (error.status === 403 && error.message.includes('rate limit')) {
-                core.error('GitHub API rate limit exceeded');
-              }
-              core.setOutput('has_similar', 'false');
-              return;
-            }
-
-            // Filter out the current issue, pull requests, and newer issues (higher numbers)
-            const similarIssues = result.data.items
-              .filter(item =>
-                item.number !== currentNumber &&
-                !item.pull_request &&
-                item.number < currentNumber // Only include older issues (lower numbers)
-              )
-              .map(item => ({
-                number: item.number,
-                title: item.title,
-                body: item.body,
-                url: item.html_url,
-                state: item.state,
-                createdAt: item.created_at,
-                updatedAt: item.updated_at,
-                comments: item.comments,
-                labels: item.labels.map(l => l.name)
-              }));
-
-            console.log(`Found ${similarIssues.length} issues with matching integration labels`);
-            console.log('Raw similar issues:', JSON.stringify(similarIssues.slice(0, 3), null, 2));
-
-            if (similarIssues.length === 0) {
-              console.log('No similar issues found, setting has_similar to false');
-              core.setOutput('has_similar', 'false');
-              return;
-            }
-
-            console.log('Similar issues found, setting has_similar to true');
-            core.setOutput('has_similar', 'true');
-
-            // Clean the issue data to prevent JSON parsing issues
-            const cleanedIssues = similarIssues.slice(0, 15).map(item => {
-              // Handle body with improved truncation and null handling
-              let cleanBody = '';
-              if (item.body && typeof item.body === 'string') {
-                // Remove control characters
-                const cleaned = item.body.replace(/[\u0000-\u001F\u007F-\u009F]/g, '');
-                // Truncate to 1000 characters and add ellipsis if needed
-                cleanBody = cleaned.length > 1000
-                  ? cleaned.substring(0, 1000) + '...'
-                  : cleaned;
-              }
-
-              return {
-                number: item.number,
-                title: item.title.replace(/[\u0000-\u001F\u007F-\u009F]/g, ''), // Remove control characters
-                body: cleanBody,
-                url: item.url,
-                state: item.state,
-                createdAt: item.createdAt,
-                updatedAt: item.updatedAt,
-                comments: item.comments,
-                labels: item.labels
-              };
-            });
-
-            console.log(`Cleaned issues count: ${cleanedIssues.length}`);
-            console.log('First cleaned issue:', JSON.stringify(cleanedIssues[0], null, 2));
-
-            core.setOutput('similar_issues', JSON.stringify(cleanedIssues));
-
-      - name: Detect duplicates using AI
-        id: ai_detection
-        if: steps.extract.outputs.should_continue == 'true' && steps.fetch_similar.outputs.has_similar == 'true'
-        uses: actions/ai-inference@v1.1.0
-        with:
-          model: openai/gpt-4o
-          system-prompt: |
-            You are a Home Assistant issue duplicate detector. Your task is to identify TRUE DUPLICATES - issues that report the EXACT SAME problem, not just similar or related issues.
-
-            CRITICAL: An issue is ONLY a duplicate if:
-            - It describes the SAME problem with the SAME root cause
-            - Issues about the same integration but different problems are NOT duplicates
-            - Issues with similar symptoms but different causes are NOT duplicates
-
-            Important considerations:
-            - Open issues are more relevant than closed ones for duplicate detection
-            - Recently updated issues may indicate ongoing work or discussion
-            - Issues with more comments are generally more relevant and active
-            - Older closed issues might be resolved differently than newer approaches
-            - Consider the time between issues - very old issues may have different contexts
-
-            Rules:
-            1. ONLY mark as duplicate if the issues describe IDENTICAL problems
-            2. Look for issues that report the same problem or request the same functionality
-            3. Different error messages = NOT a duplicate (even if same integration)
-            4. For CLOSED issues, only mark as duplicate if they describe the EXACT same problem
-            5. For OPEN issues, use a lower threshold (90%+ similarity)
-            6. Prioritize issues with higher comment counts as they indicate more activity/relevance
-            7. When in doubt, do NOT mark as duplicate
-            8. Return ONLY a JSON array of issue numbers that are duplicates
-            9. If no duplicates are found, return an empty array: []
-            10. Maximum 5 potential duplicates, prioritize open issues with comments
-            11. Consider the age of issues - prefer recent duplicates over very old ones
-
-            Example response format:
-            [1234, 5678, 9012]
-
-          prompt: |
-            Current issue (just created):
-            Title: ${{ steps.extract.outputs.current_title }}
-            Body: ${{ steps.extract.outputs.current_body }}
-
-            Other issues to compare against (each includes state, creation date, last update, and comment count):
-            ${{ steps.fetch_similar.outputs.similar_issues }}
-
-            Analyze these issues and identify which ones describe IDENTICAL problems and thus are duplicates of the current issue. When sorting them, consider their state (open/closed), how recently they were updated, and their comment count (higher = more relevant).
-
-          max-tokens: 100
-
-      - name: Post duplicate detection results
-        id: post_results
-        if: steps.extract.outputs.should_continue == 'true' && steps.fetch_similar.outputs.has_similar == 'true'
-        uses: actions/github-script@v7.0.1
-        env:
-          AI_RESPONSE: ${{ steps.ai_detection.outputs.response }}
-          SIMILAR_ISSUES: ${{ steps.fetch_similar.outputs.similar_issues }}
-        with:
-          script: |
-            const aiResponse = process.env.AI_RESPONSE;
-
-            console.log('Raw AI response:', JSON.stringify(aiResponse));
-
-            let duplicateNumbers = [];
-            try {
-              // Clean the response of any potential control characters
-              const cleanResponse = aiResponse.trim().replace(/[\u0000-\u001F\u007F-\u009F]/g, '');
-              console.log('Cleaned AI response:', cleanResponse);
-
-              duplicateNumbers = JSON.parse(cleanResponse);
-
-              // Ensure it's an array and contains only numbers
-              if (!Array.isArray(duplicateNumbers)) {
-                console.log('AI response is not an array, trying to extract numbers');
-                const numberMatches = cleanResponse.match(/\d+/g);
-                duplicateNumbers = numberMatches ? numberMatches.map(n => parseInt(n)) : [];
-              }
-
-              // Filter to only valid numbers
-              duplicateNumbers = duplicateNumbers.filter(n => typeof n === 'number' && !isNaN(n));
-
-            } catch (error) {
-              console.log('Failed to parse AI response as JSON:', error.message);
-              console.log('Raw response:', aiResponse);
-
-              // Fallback: try to extract numbers from the response
-              const numberMatches = aiResponse.match(/\d+/g);
-              duplicateNumbers = numberMatches ? numberMatches.map(n => parseInt(n)) : [];
-              console.log('Extracted numbers as fallback:', duplicateNumbers);
-            }
-
-            if (!Array.isArray(duplicateNumbers) || duplicateNumbers.length === 0) {
-              console.log('No duplicates detected by AI');
-              return;
-            }
-
-            console.log(`AI detected ${duplicateNumbers.length} potential duplicates: ${duplicateNumbers.join(', ')}`);
-
-            // Get details of detected duplicates
-            const similarIssues = JSON.parse(process.env.SIMILAR_ISSUES);
-            const duplicates = similarIssues.filter(issue => duplicateNumbers.includes(issue.number));
-
-            if (duplicates.length === 0) {
-              console.log('No matching issues found for detected numbers');
-              return;
-            }
-
-            // Create comment with duplicate detection results
-            const duplicateLinks = duplicates.map(issue => `- [#${issue.number}: ${issue.title}](${issue.url})`).join('\n');
-
-            const commentBody = [
-              '<!-- workflow: detect-duplicate-issues -->',
-              '### 🔍 **Potential duplicate detection**',
-              '',
-              'I\'ve analyzed similar issues and found the following potential duplicates:',
-              '',
-              duplicateLinks,
-              '',
-              '**What to do next:**',
-              '1. Please review these issues to see if they match your issue',
-              '2. If you find an existing issue that covers your problem:',
-              '   - Consider closing this issue',
-              '   - Add your findings or 👍 on the existing issue instead',
-              '3. If your issue is different or adds new aspects, please clarify how it differs',
-              '',
-              'This helps keep our issues organized and ensures similar issues are consolidated for better visibility.',
-              '',
-              '*This message was generated automatically by our duplicate detection system.*'
-            ].join('\n');
-
-            try {
-              await github.rest.issues.createComment({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                issue_number: context.payload.issue.number,
-                body: commentBody
-              });
-
-              console.log(`Posted duplicate detection comment with ${duplicates.length} potential duplicates`);
-
-              // Add the potential-duplicate label
-              await github.rest.issues.addLabels({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                issue_number: context.payload.issue.number,
-                labels: ['potential-duplicate']
-              });
-
-              console.log('Added potential-duplicate label to the issue');
-            } catch (error) {
-              core.error('Failed to post duplicate detection comment or add label:', error.message);
-              if (error.status === 403) {
-                core.error('Permission denied or rate limit exceeded');
-              }
-              // Don't throw - we've done the analysis, just couldn't post the result
-            }
--- a/.github/workflows/detect-non-english-issues.yml
+++ b/.github/workflows/detect-non-english-issues.yml
@@ -1,193 +0,0 @@
-name: Auto-detect non-English issues
-
-# yamllint disable-line rule:truthy
-on:
-  issues:
-    types: [opened]
-
-permissions:
-  issues: write
-  models: read
-
-jobs:
-  detect-language:
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Check issue language
-        id: detect_language
-        uses: actions/github-script@v7.0.1
-        env:
-          ISSUE_NUMBER: ${{ github.event.issue.number }}
-          ISSUE_TITLE: ${{ github.event.issue.title }}
-          ISSUE_BODY: ${{ github.event.issue.body }}
-          ISSUE_USER_TYPE: ${{ github.event.issue.user.type }}
-        with:
-          script: |
-            // Get the issue details from environment variables
-            const issueNumber = process.env.ISSUE_NUMBER;
-            const issueTitle = process.env.ISSUE_TITLE || '';
-            const issueBody = process.env.ISSUE_BODY || '';
-            const userType = process.env.ISSUE_USER_TYPE;
-
-            // Skip language detection for bot users
-            if (userType === 'Bot') {
-              console.log('Skipping language detection for bot user');
-              core.setOutput('should_continue', 'false');
-              return;
-            }
-
-            console.log(`Checking language for issue #${issueNumber}`);
-            console.log(`Title: ${issueTitle}`);
-
-            // Combine title and body for language detection
-            const fullText = `${issueTitle}\n\n${issueBody}`;
-
-            // Check if the text is too short to reliably detect language
-            if (fullText.trim().length < 20) {
-              console.log('Text too short for reliable language detection');
-              core.setOutput('should_continue', 'false'); // Skip processing for very short text
-              return;
-            }
-
-            core.setOutput('issue_number', issueNumber);
-            core.setOutput('issue_text', fullText);
-            core.setOutput('should_continue', 'true');
-
-      - name: Detect language using AI
-        id: ai_language_detection
-        if: steps.detect_language.outputs.should_continue == 'true'
-        uses: actions/ai-inference@v1.1.0
-        with:
-          model: openai/gpt-4o-mini
-          system-prompt: |
-            You are a language detection system. Your task is to determine if the provided text is written in English or another language.
-
-            Rules:
-            1. Analyze the text and determine the primary language of the USER'S DESCRIPTION only
-            2. IGNORE markdown headers (lines starting with #, ##, ###, etc.) as these are from issue templates, not user input
-            3. IGNORE all code blocks (text between ``` or ` markers) as they may contain system-generated error messages in other languages
-            4. IGNORE error messages, logs, and system output even if not in code blocks - these often appear in the user's system language
-            5. Consider technical terms, code snippets, URLs, and file paths as neutral (they don't indicate non-English)
-            6. Focus ONLY on the actual sentences and descriptions written by the user explaining their issue
-            7. If the user's explanation/description is in English but includes non-English error messages or logs, consider it ENGLISH
-            8. Return ONLY a JSON object with two fields:
-               - "is_english": boolean (true if the user's description is primarily in English, false otherwise)
-               - "detected_language": string (the name of the detected language, e.g., "English", "Spanish", "Chinese", etc.)
-            9. Be lenient - if the user's explanation is in English with non-English system output, it's still English
-            10. Common programming terms, error messages, and technical jargon should not be considered as non-English
-            11. If you cannot reliably determine the language, set detected_language to "undefined"
-
-            Example response:
-            {"is_english": false, "detected_language": "Spanish"}
-
-          prompt: |
-            Please analyze the following issue text and determine if it is written in English:
-
-            ${{ steps.detect_language.outputs.issue_text }}
-
-          max-tokens: 50
-
-      - name: Process non-English issues
-        if: steps.detect_language.outputs.should_continue == 'true'
-        uses: actions/github-script@v7.0.1
-        env:
-          AI_RESPONSE: ${{ steps.ai_language_detection.outputs.response }}
-          ISSUE_NUMBER: ${{ steps.detect_language.outputs.issue_number }}
-        with:
-          script: |
-            const issueNumber = parseInt(process.env.ISSUE_NUMBER);
-            const aiResponse = process.env.AI_RESPONSE;
-
-            console.log('AI language detection response:', aiResponse);
-
-            let languageResult;
-            try {
-              languageResult = JSON.parse(aiResponse.trim());
-
-              // Validate the response structure
-              if (!languageResult || typeof languageResult.is_english !== 'boolean') {
-                throw new Error('Invalid response structure');
-              }
-            } catch (error) {
-              core.error(`Failed to parse AI response: ${error.message}`);
-              console.log('Raw AI response:', aiResponse);
-
-              // Log more details for debugging
-              core.warning('Defaulting to English due to parsing error');
-
-              // Default to English if we can't parse the response
-              return;
-            }
-
-            if (languageResult.is_english) {
-              console.log('Issue is in English, no action needed');
-              return;
-            }
-
-            // If language is undefined or not detected, skip processing
-            if (!languageResult.detected_language || languageResult.detected_language === 'undefined') {
-              console.log('Language could not be determined, skipping processing');
-              return;
-            }
-
-            console.log(`Issue detected as non-English: ${languageResult.detected_language}`);
-
-            // Post comment explaining the language requirement
-            const commentBody = [
-              '<!-- workflow: detect-non-english-issues -->',
-              '### 🌐 Non-English issue detected',
-              '',
-              `This issue appears to be written in **${languageResult.detected_language}** rather than English.`,
-              '',
-              'The Home Assistant project uses English as the primary language for issues to ensure that everyone in our international community can participate and help resolve issues. This allows any of our thousands of contributors to jump in and provide assistance.',
-              '',
-              '**What to do:**',
-              '1. Re-create the issue using the English language',
-              '2. If you need help with translation, consider using:',
-              '   - Translation tools like Google Translate',
-              '   - AI assistants like ChatGPT or Claude',
-              '',
-              'This helps our community provide the best possible support and ensures your issue gets the attention it deserves from our global contributor base.',
-              '',
-              'Thank you for your understanding! 🙏'
-            ].join('\n');
-
-            try {
-              // Add comment
-              await github.rest.issues.createComment({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                issue_number: issueNumber,
-                body: commentBody
-              });
-
-              console.log('Posted language requirement comment');
-
-              // Add non-english label
-              await github.rest.issues.addLabels({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                issue_number: issueNumber,
-                labels: ['non-english']
-              });
-
-              console.log('Added non-english label');
-
-              // Close the issue
-              await github.rest.issues.update({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                issue_number: issueNumber,
-                state: 'closed',
-                state_reason: 'not_planned'
-              });
-
-              console.log('Closed the issue');
-
-            } catch (error) {
-              core.error('Failed to process non-English issue:', error.message);
-              if (error.status === 403) {
-                core.error('Permission denied or rate limit exceeded');
-              }
-            }
--- a/.github/workflows/restrict-task-creation.yml
+++ b/.github/workflows/restrict-task-creation.yml
@@ -1,84 +0,0 @@
-name: Restrict task creation
-
-# yamllint disable-line rule:truthy
-on:
-  issues:
-    types: [opened]
-
-jobs:
-  check-authorization:
-    runs-on: ubuntu-latest
-    # Only run if this is a Task issue type (from the issue form)
-    if: github.event.issue.issue_type == 'Task'
-    steps:
-      - name: Check if user is authorized
-        uses: actions/github-script@v7
-        with:
-          script: |
-            const issueAuthor = context.payload.issue.user.login;
-
-            // First check if user is an organization member
-            try {
-              await github.rest.orgs.checkMembershipForUser({
-                org: 'home-assistant',
-                username: issueAuthor
-              });
-              console.log(`✅ ${issueAuthor} is an organization member`);
-              return; // Authorized, no need to check further
-            } catch (error) {
-              console.log(`ℹ️ ${issueAuthor} is not an organization member, checking codeowners...`);
-            }
-
-            // If not an org member, check if they're a codeowner
-            try {
-              // Fetch CODEOWNERS file from the repository
-              const { data: codeownersFile } = await github.rest.repos.getContent({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                path: 'CODEOWNERS',
-                ref: 'dev'
-              });
-
-              // Decode the content (it's base64 encoded)
-              const codeownersContent = Buffer.from(codeownersFile.content, 'base64').toString('utf-8');
-
-              // Check if the issue author is mentioned in CODEOWNERS
-              // GitHub usernames in CODEOWNERS are prefixed with @
-              if (codeownersContent.includes(`@${issueAuthor}`)) {
-                console.log(`✅ ${issueAuthor} is a integration code owner`);
-                return; // Authorized
-              }
-            } catch (error) {
-              console.error('Error checking CODEOWNERS:', error);
-            }
-
-            // If we reach here, user is not authorized
-            console.log(`❌ ${issueAuthor} is not authorized to create Task issues`);
-
-            // Close the issue with a comment
-            await github.rest.issues.createComment({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              issue_number: context.issue.number,
-              body: `Hi @${issueAuthor}, thank you for your contribution!\n\n` +
-                    `Task issues are restricted to Open Home Foundation staff, authorized contributors, and integration code owners.\n\n` +
-                    `If you would like to:\n` +
-                    `- Report a bug: Please use the [bug report form](https://github.com/home-assistant/core/issues/new?template=bug_report.yml)\n` +
-                    `- Request a feature: Please submit to [Feature Requests](https://github.com/orgs/home-assistant/discussions)\n\n` +
-                    `If you believe you should have access to create Task issues, please contact the maintainers.`
-            });
-
-            await github.rest.issues.update({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              issue_number: context.issue.number,
-              state: 'closed'
-            });
-
-            // Add a label to indicate this was auto-closed
-            await github.rest.issues.addLabels({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              issue_number: context.issue.number,
-              labels: ['auto-closed']
-            });
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -11,16 +11,16 @@ jobs:
    if: github.repository_owner == 'home-assistant'
    runs-on: ubuntu-latest
    steps:
-      # The 60 day stale policy for PRs
+      # The 90 day stale policy for PRs
      # Used for:
      # - PRs
      # - No PRs marked as no-stale
      # - No issues (-1)
-      - name: 60 days stale PRs policy
-        uses: actions/stale@v9.1.0
+      - name: 90 days stale PRs policy
+        uses: actions/stale@v8.0.0
        with:
          repo-token: ${{ secrets.GITHUB_TOKEN }}
-          days-before-stale: 60
+          days-before-stale: 90
          days-before-close: 7
          days-before-issue-stale: -1
          days-before-issue-close: -1
@@ -33,11 +33,7 @@ jobs:
            pull request has been automatically marked as stale because of that
            and will be closed if no further activity occurs within 7 days.

-            If you are the author of this PR, please leave a comment if you want
-            to keep it open. Also, please rebase your PR onto the latest dev
-            branch to ensure that it's up to date with the latest changes.
-
-            Thank you for your contribution!
+            Thank you for your contributions.

      # Generate a token for the GitHub App, we use this method to avoid
      # hitting API limits for our GitHub actions + have a higher rate limit.
@@ -57,7 +53,7 @@ jobs:
      # - No issues marked as no-stale or help-wanted
      # - No PRs (-1)
      - name: 90 days stale issues
-        uses: actions/stale@v9.1.0
+        uses: actions/stale@v8.0.0
        with:
          repo-token: ${{ steps.token.outputs.token }}
          days-before-stale: 90
@@ -87,7 +83,7 @@ jobs:
      # - No Issues marked as no-stale or help-wanted
      # - No PRs (-1)
      - name: Needs more information stale issues policy
-        uses: actions/stale@v9.1.0
+        uses: actions/stale@v8.0.0
        with:
          repo-token: ${{ steps.token.outputs.token }}
          only-labels: "needs-more-information"
--- a/.github/workflows/translations.yml
+++ b/.github/workflows/translations.yml
@@ -10,7 +10,7 @@ on:
      - "**strings.json"

 env:
-  DEFAULT_PYTHON: "3.13"
+  DEFAULT_PYTHON: "3.11"

 jobs:
  upload:
@@ -19,10 +19,10 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@v4.2.2
+        uses: actions/checkout@v4.1.1

      - name: Set up Python ${{ env.DEFAULT_PYTHON }}
-        uses: actions/setup-python@v5.6.0
+        uses: actions/setup-python@v4.7.1
        with:
          python-version: ${{ env.DEFAULT_PYTHON }}

--- a/.github/workflows/wheels.yml
+++ b/.github/workflows/wheels.yml
@@ -14,10 +14,6 @@ on:
      - "homeassistant/package_constraints.txt"
      - "requirements_all.txt"
      - "requirements.txt"
-      - "script/gen_requirements_all.py"
-
-env:
-  DEFAULT_PYTHON: "3.13"

 concurrency:
  group: ${{ github.workflow }}-${{ github.ref_name}}
@@ -32,22 +28,7 @@ jobs:
      architectures: ${{ steps.info.outputs.architectures }}
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@v4.2.2
-
-      - name: Set up Python ${{ env.DEFAULT_PYTHON }}
-        id: python
-        uses: actions/setup-python@v5.6.0
-        with:
-          python-version: ${{ env.DEFAULT_PYTHON }}
-          check-latest: true
-
-      - name: Create Python virtual environment
-        run: |
-          python -m venv venv
-          . venv/bin/activate
-          python --version
-          pip install "$(grep '^uv' < requirements.txt)"
-          uv pip install -r requirements.txt
+        uses: actions/checkout@v4.1.1

      - name: Get information
        id: info
@@ -64,8 +45,11 @@ jobs:
      - name: Write env-file
        run: |
          (
+            echo "GRPC_BUILD_WITH_BORING_SSL_ASM=false"
            echo "GRPC_PYTHON_BUILD_SYSTEM_OPENSSL=true"
            echo "GRPC_PYTHON_BUILD_WITH_CYTHON=true"
+            echo "GRPC_PYTHON_DISABLE_LIBC_COMPATIBILITY=true"
+            echo "GRPC_PYTHON_LDFLAGS=-lpthread -Wl,-wrap,memcpy -static-libgcc"

            # Fix out of memory issues with rust
            echo "CARGO_NET_GIT_FETCH_WITH_CLI=true"
@@ -76,52 +60,19 @@ jobs:

            # Use C-Extension for SQLAlchemy
            echo "REQUIRE_SQLALCHEMY_CEXT=1"
-
-            # Add additional pip wheel build constraints
-            echo "PIP_CONSTRAINT=build_constraints.txt"
          ) > .env_file

-      - name: Write pip wheel build constraints
-        run: |
-          (
-            # ninja 1.11.1.2 + 1.11.1.3 seem to be broken on at least armhf
-            # this caused the numpy builds to fail
-            # https://github.com/scikit-build/ninja-python-distributions/issues/274
-            echo "ninja==1.11.1.1"
-          ) > build_constraints.txt
-
      - name: Upload env_file
-        uses: actions/upload-artifact@v4.6.2
+        uses: actions/upload-artifact@v3.1.2
        with:
          name: env_file
          path: ./.env_file
-          include-hidden-files: true
-          overwrite: true
-
-      - name: Upload build_constraints
-        uses: actions/upload-artifact@v4.6.2
-        with:
-          name: build_constraints
-          path: ./build_constraints.txt
-          overwrite: true

      - name: Upload requirements_diff
-        uses: actions/upload-artifact@v4.6.2
+        uses: actions/upload-artifact@v3.1.2
        with:
          name: requirements_diff
          path: ./requirements_diff.txt
-          overwrite: true
-
-      - name: Generate requirements
-        run: |
-          . venv/bin/activate
-          python -m script.gen_requirements_all ci
-
-      - name: Upload requirements_all_wheels
-        uses: actions/upload-artifact@v4.6.2
-        with:
-          name: requirements_all_wheels
-          path: ./requirements_all_wheels_*.txt

  core:
    name: Build Core wheels ${{ matrix.abi }} for ${{ matrix.arch }} (musllinux_1_2)
@@ -131,43 +82,32 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        abi: ["cp313"]
+        abi: ["cp311", "cp312"]
        arch: ${{ fromJson(needs.init.outputs.architectures) }}
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@v4.2.2
+        uses: actions/checkout@v4.1.1

      - name: Download env_file
-        uses: actions/download-artifact@v4.3.0
+        uses: actions/download-artifact@v3
        with:
          name: env_file

-      - name: Download build_constraints
-        uses: actions/download-artifact@v4.3.0
-        with:
-          name: build_constraints
-
      - name: Download requirements_diff
-        uses: actions/download-artifact@v4.3.0
+        uses: actions/download-artifact@v3
        with:
          name: requirements_diff

-      - name: Adjust build env
-        run: |
-          # Don't build wheels for uv as uv requires a greater version of rust as currently available on alpine
-          sed -i "/uv/d" requirements.txt
-          sed -i "/uv/d" requirements_diff.txt
-
      - name: Build wheels
-        uses: home-assistant/wheels@2025.03.0
+        uses: home-assistant/wheels@2023.10.5
        with:
          abi: ${{ matrix.abi }}
          tag: musllinux_1_2
          arch: ${{ matrix.arch }}
          wheels-key: ${{ secrets.WHEELS_KEY }}
          env-file: true
-          apk: "libffi-dev;openssl-dev;yaml-dev;nasm;zlib-ng-dev"
-          skip-binary: aiohttp;multidict;propcache;yarl;SQLAlchemy
+          apk: "libffi-dev;openssl-dev;yaml-dev"
+          skip-binary: aiohttp
          constraints: "homeassistant/package_constraints.txt"
          requirements-diff: "requirements_diff.txt"
          requirements: "requirements.txt"
@@ -180,31 +120,67 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        abi: ["cp313"]
+        abi: ["cp311", "cp312"]
        arch: ${{ fromJson(needs.init.outputs.architectures) }}
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@v4.2.2
+        uses: actions/checkout@v4.1.1

      - name: Download env_file
-        uses: actions/download-artifact@v4.3.0
+        uses: actions/download-artifact@v3
        with:
          name: env_file

-      - name: Download build_constraints
-        uses: actions/download-artifact@v4.3.0
-        with:
-          name: build_constraints
-
      - name: Download requirements_diff
-        uses: actions/download-artifact@v4.3.0
+        uses: actions/download-artifact@v3
        with:
          name: requirements_diff

-      - name: Download requirements_all_wheels
-        uses: actions/download-artifact@v4.3.0
-        with:
-          name: requirements_all_wheels
+      - name: (Un)comment packages
+        run: |
+          requirement_files="requirements_all.txt requirements_diff.txt"
+          for requirement_file in ${requirement_files}; do
+            sed -i "s|# fritzconnection|fritzconnection|g" ${requirement_file}
+            sed -i "s|# pyuserinput|pyuserinput|g" ${requirement_file}
+            sed -i "s|# evdev|evdev|g" ${requirement_file}
+            sed -i "s|# pycups|pycups|g" ${requirement_file}
+            sed -i "s|# homekit|homekit|g" ${requirement_file}
+            sed -i "s|# decora-wifi|decora-wifi|g" ${requirement_file}
+            sed -i "s|# python-gammu|python-gammu|g" ${requirement_file}
+
+            # Some packages are not buildable on armhf anymore
+            if [ "${{ matrix.arch }}" = "armhf" ]; then
+
+              # Pandas has issues building on armhf, it is expected they
+              # will drop the platform in the near future (they consider it
+              # "flimsy" on 386). The following packages depend on pandas,
+              # so we comment them out.
+              sed -i "s|env-canada|# env-canada|g" ${requirement_file}
+              sed -i "s|noaa-coops|# noaa-coops|g" ${requirement_file}
+              sed -i "s|pyezviz|# pyezviz|g" ${requirement_file}
+              sed -i "s|pykrakenapi|# pykrakenapi|g" ${requirement_file}
+            fi
+          done
+
+      - name: Split requirements all
+        run: |
+          # We split requirements all into two different files.
+          # This is to prevent the build from running out of memory when
+          # resolving packages on 32-bits systems (like armhf, armv7).
+
+          split -l $(expr $(expr $(cat requirements_all.txt | wc -l) + 1) / 3) requirements_all.txt requirements_all.txt
+
+      - name: Create requirements for cython<3
+        run: |
+          # Some dependencies still require 'cython<3'
+          # and don't yet use isolated build environments.
+          # Build these first.
+          # grpcio: https://github.com/grpc/grpc/issues/33918
+          # pydantic: https://github.com/pydantic/pydantic/issues/7689
+
+          touch requirements_old-cython.txt
+          cat homeassistant/package_constraints.txt | grep 'grpcio==' >> requirements_old-cython.txt
+          cat homeassistant/package_constraints.txt | grep 'pydantic==' >> requirements_old-cython.txt

      - name: Adjust build env
        run: |
@@ -214,20 +190,60 @@ jobs:

          # Do not pin numpy in wheels building
          sed -i "/numpy/d" homeassistant/package_constraints.txt
-          # Don't build wheels for uv as uv requires a greater version of rust as currently available on alpine
-          sed -i "/uv/d" requirements.txt
-          sed -i "/uv/d" requirements_diff.txt

-      - name: Build wheels
-        uses: home-assistant/wheels@2025.03.0
+      - name: Build wheels (old cython)
+        uses: home-assistant/wheels@2023.10.5
        with:
          abi: ${{ matrix.abi }}
          tag: musllinux_1_2
          arch: ${{ matrix.arch }}
          wheels-key: ${{ secrets.WHEELS_KEY }}
          env-file: true
-          apk: "bluez-dev;libffi-dev;openssl-dev;glib-dev;eudev-dev;libxml2-dev;libxslt-dev;libpng-dev;libjpeg-turbo-dev;tiff-dev;cups-dev;gmp-dev;mpfr-dev;mpc1-dev;ffmpeg-dev;gammu-dev;yaml-dev;openblas-dev;fftw-dev;lapack-dev;gfortran;blas-dev;eigen-dev;freetype-dev;glew-dev;harfbuzz-dev;hdf5-dev;libdc1394-dev;libtbb-dev;mesa-dev;openexr-dev;openjpeg-dev;uchardet-dev;nasm;zlib-ng-dev"
-          skip-binary: aiohttp;charset-normalizer;grpcio;multidict;SQLAlchemy;propcache;protobuf;pymicro-vad;yarl
+          apk: "bluez-dev;libffi-dev;openssl-dev;glib-dev;eudev-dev;libxml2-dev;libxslt-dev;libpng-dev;libjpeg-turbo-dev;tiff-dev;cups-dev;gmp-dev;mpfr-dev;mpc1-dev;ffmpeg-dev;gammu-dev;yaml-dev;openblas-dev;fftw-dev;lapack-dev;gfortran;blas-dev;eigen-dev;freetype-dev;glew-dev;harfbuzz-dev;hdf5-dev;libdc1394-dev;libtbb-dev;mesa-dev;openexr-dev;openjpeg-dev;uchardet-dev"
+          skip-binary: aiohttp;charset-normalizer;grpcio;SQLAlchemy;protobuf
          constraints: "homeassistant/package_constraints.txt"
          requirements-diff: "requirements_diff.txt"
-          requirements: "requirements_all.txt"
+          requirements: "requirements_old-cython.txt"
+          pip: "'cython<3'"
+
+      - name: Build wheels (part 1)
+        uses: home-assistant/wheels@2023.10.5
+        with:
+          abi: ${{ matrix.abi }}
+          tag: musllinux_1_2
+          arch: ${{ matrix.arch }}
+          wheels-key: ${{ secrets.WHEELS_KEY }}
+          env-file: true
+          apk: "bluez-dev;libffi-dev;openssl-dev;glib-dev;eudev-dev;libxml2-dev;libxslt-dev;libpng-dev;libjpeg-turbo-dev;tiff-dev;cups-dev;gmp-dev;mpfr-dev;mpc1-dev;ffmpeg-dev;gammu-dev;yaml-dev;openblas-dev;fftw-dev;lapack-dev;gfortran;blas-dev;eigen-dev;freetype-dev;glew-dev;harfbuzz-dev;hdf5-dev;libdc1394-dev;libtbb-dev;mesa-dev;openexr-dev;openjpeg-dev;uchardet-dev"
+          skip-binary: aiohttp;charset-normalizer;grpcio;SQLAlchemy;protobuf
+          constraints: "homeassistant/package_constraints.txt"
+          requirements-diff: "requirements_diff.txt"
+          requirements: "requirements_all.txtaa"
+
+      - name: Build wheels (part 2)
+        uses: home-assistant/wheels@2023.10.5
+        with:
+          abi: ${{ matrix.abi }}
+          tag: musllinux_1_2
+          arch: ${{ matrix.arch }}
+          wheels-key: ${{ secrets.WHEELS_KEY }}
+          env-file: true
+          apk: "bluez-dev;libffi-dev;openssl-dev;glib-dev;eudev-dev;libxml2-dev;libxslt-dev;libpng-dev;libjpeg-turbo-dev;tiff-dev;cups-dev;gmp-dev;mpfr-dev;mpc1-dev;ffmpeg-dev;gammu-dev;yaml-dev;openblas-dev;fftw-dev;lapack-dev;gfortran;blas-dev;eigen-dev;freetype-dev;glew-dev;harfbuzz-dev;hdf5-dev;libdc1394-dev;libtbb-dev;mesa-dev;openexr-dev;openjpeg-dev;uchardet-dev"
+          skip-binary: aiohttp;charset-normalizer;grpcio;SQLAlchemy;protobuf
+          constraints: "homeassistant/package_constraints.txt"
+          requirements-diff: "requirements_diff.txt"
+          requirements: "requirements_all.txtab"
+
+      - name: Build wheels (part 3)
+        uses: home-assistant/wheels@2023.10.5
+        with:
+          abi: ${{ matrix.abi }}
+          tag: musllinux_1_2
+          arch: ${{ matrix.arch }}
+          wheels-key: ${{ secrets.WHEELS_KEY }}
+          env-file: true
+          apk: "bluez-dev;libffi-dev;openssl-dev;glib-dev;eudev-dev;libxml2-dev;libxslt-dev;libpng-dev;libjpeg-turbo-dev;tiff-dev;cups-dev;gmp-dev;mpfr-dev;mpc1-dev;ffmpeg-dev;gammu-dev;yaml-dev;openblas-dev;fftw-dev;lapack-dev;gfortran;blas-dev;eigen-dev;freetype-dev;glew-dev;harfbuzz-dev;hdf5-dev;libdc1394-dev;libtbb-dev;mesa-dev;openexr-dev;openjpeg-dev;uchardet-dev"
+          skip-binary: aiohttp;charset-normalizer;grpcio;SQLAlchemy;protobuf
+          constraints: "homeassistant/package_constraints.txt"
+          requirements-diff: "requirements_diff.txt"
+          requirements: "requirements_all.txtac"
--- a/.gitignore
+++ b/.gitignore
@@ -34,7 +34,6 @@ Icon

 # GITHUB Proposed Python stuff:
 *.py[cod]
-__pycache__

 # C extensions
 *.so
@@ -69,7 +68,6 @@ test-reports/
 test-results.xml
 test-output.xml
 pytest-*.txt
-junit.xml

 # Translations
 *.mo
@@ -80,7 +78,6 @@ junit.xml
 .pydevproject

 .python-version
-.tool-versions

 # emacs auto backups
 *~
@@ -135,10 +132,3 @@ tmp_cache

 # python-language-server / Rope
 .ropeproject
-
-# Will be created from script/split_tests.py
-pytest_buckets.txt
-
-# AI tooling
-.claude
-
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,24 +1,24 @@
 repos:
  - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.12.1
+    rev: v0.1.6
    hooks:
-      - id: ruff-check
+      - id: ruff
        args:
          - --fix
      - id: ruff-format
-        files: ^((homeassistant|pylint|script|tests)/.+)?[^/]+\.(py|pyi)$
+        files: ^((homeassistant|pylint|script|tests)/.+)?[^/]+\.py$
  - repo: https://github.com/codespell-project/codespell
-    rev: v2.4.1
+    rev: v2.2.2
    hooks:
      - id: codespell
        args:
-          - --ignore-words-list=aiport,astroid,checkin,currenty,hass,iif,incomfort,lookin,nam,NotIn
+          - --ignore-words-list=additionals,alle,alot,bund,currenty,datas,farenheit,falsy,fo,haa,hass,iif,incomfort,ines,ist,nam,nd,pres,pullrequests,resset,rime,ser,serie,te,technik,ue,unsecure,withing,zar
          - --skip="./.*,*.csv,*.json,*.ambr"
          - --quiet-level=2
-        exclude_types: [csv, json, html]
+        exclude_types: [csv, json]
        exclude: ^tests/fixtures/|homeassistant/generated/|tests/components/.*/snapshots/
  - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v5.0.0
+    rev: v4.4.0
    hooks:
      - id: check-executables-have-shebangs
        stages: [manual]
@@ -30,7 +30,7 @@ repos:
          - --branch=master
          - --branch=rc
  - repo: https://github.com/adrienverge/yamllint.git
-    rev: v1.37.1
+    rev: v1.32.0
    hooks:
      - id: yamllint
  - repo: https://github.com/pre-commit/mirrors-prettier
@@ -61,16 +61,15 @@ repos:
        name: mypy
        entry: script/run-in-env.sh mypy
        language: script
+        types: [python]
        require_serial: true
-        types_or: [python, pyi]
-        files: ^(homeassistant|pylint)/.+\.(py|pyi)$
+        files: ^(homeassistant|pylint)/.+\.py$
      - id: pylint
        name: pylint
-        entry: script/run-in-env.sh pylint --ignore-missing-annotations=y
+        entry: script/run-in-env.sh pylint -j 0 --ignore-missing-annotations=y
        language: script
-        require_serial: true
-        types_or: [python, pyi]
-        files: ^(homeassistant|tests)/.+\.(py|pyi)$
+        types: [python]
+        files: ^homeassistant/.+\.py$
      - id: gen_requirements_all
        name: gen_requirements_all
        entry: script/run-in-env.sh python3 -m script.gen_requirements_all
@@ -84,14 +83,14 @@ repos:
        pass_filenames: false
        language: script
        types: [text]
-        files: ^(homeassistant/.+/(icons|manifest|strings)\.json|homeassistant/.+/(quality_scale)\.yaml|homeassistant/brands/.*\.json|homeassistant/.+/services\.yaml|script/hassfest/(?!metadata|mypy_config).+\.py|requirements.+\.txt)$
+        files: ^(homeassistant/.+/(manifest|strings)\.json|homeassistant/brands/.*\.json|\.coveragerc|homeassistant/.+/services\.yaml|script/hassfest/(?!metadata|mypy_config).+\.py)$
      - id: hassfest-metadata
        name: hassfest-metadata
-        entry: script/run-in-env.sh python3 -m script.hassfest -p metadata,docker
+        entry: script/run-in-env.sh python3 -m script.hassfest -p metadata
        pass_filenames: false
        language: script
        types: [text]
-        files: ^(script/hassfest/metadata\.py|homeassistant/const\.py$|pyproject\.toml|homeassistant/components/go2rtc/const\.py)$
+        files: ^(script/hassfest/metadata\.py|homeassistant/const\.py$|pyproject\.toml)$
      - id: hassfest-mypy-config
        name: hassfest-mypy-config
        entry: script/run-in-env.sh python3 -m script.hassfest -p mypy_config
--- a/.prettierignore
+++ b/.prettierignore
@@ -1,5 +1,6 @@
 *.md
 .strict-typing
+azure-*.yml
 homeassistant/components/*/translations/*.json
 homeassistant/generated/*
 tests/components/lidarr/fixtures/initialize.js
--- a/.strict-typing
+++ b/.strict-typing
@@ -21,7 +21,6 @@ homeassistant.helpers.entity_platform
 homeassistant.helpers.entity_values
 homeassistant.helpers.event
 homeassistant.helpers.reload
-homeassistant.helpers.script
 homeassistant.helpers.script_variables
 homeassistant.helpers.singleton
 homeassistant.helpers.sun
@@ -41,118 +40,61 @@ homeassistant.util.unit_system
 # --- Add components below this line ---
 homeassistant.components
 homeassistant.components.abode.*
-homeassistant.components.acaia.*
 homeassistant.components.accuweather.*
 homeassistant.components.acer_projector.*
-homeassistant.components.acmeda.*
 homeassistant.components.actiontec.*
-homeassistant.components.adax.*
 homeassistant.components.adguard.*
 homeassistant.components.aftership.*
 homeassistant.components.air_quality.*
-homeassistant.components.airgradient.*
 homeassistant.components.airly.*
-homeassistant.components.airnow.*
-homeassistant.components.airq.*
-homeassistant.components.airthings.*
-homeassistant.components.airthings_ble.*
-homeassistant.components.airtouch5.*
 homeassistant.components.airvisual.*
-homeassistant.components.airvisual_pro.*
 homeassistant.components.airzone.*
 homeassistant.components.airzone_cloud.*
 homeassistant.components.aladdin_connect.*
 homeassistant.components.alarm_control_panel.*
 homeassistant.components.alert.*
 homeassistant.components.alexa.*
-homeassistant.components.alexa_devices.*
-homeassistant.components.alpha_vantage.*
-homeassistant.components.altruist.*
 homeassistant.components.amazon_polly.*
-homeassistant.components.amberelectric.*
-homeassistant.components.ambient_network.*
 homeassistant.components.ambient_station.*
 homeassistant.components.amcrest.*
 homeassistant.components.ampio.*
 homeassistant.components.analytics.*
-homeassistant.components.analytics_insights.*
-homeassistant.components.android_ip_webcam.*
-homeassistant.components.androidtv.*
-homeassistant.components.androidtv_remote.*
-homeassistant.components.anel_pwrctrl.*
 homeassistant.components.anova.*
 homeassistant.components.anthemav.*
-homeassistant.components.apache_kafka.*
 homeassistant.components.apcupsd.*
-homeassistant.components.api.*
-homeassistant.components.apple_tv.*
-homeassistant.components.apprise.*
-homeassistant.components.aprs.*
-homeassistant.components.apsystems.*
 homeassistant.components.aqualogic.*
-homeassistant.components.aquostv.*
-homeassistant.components.aranet.*
-homeassistant.components.arcam_fmj.*
-homeassistant.components.arris_tg2492lg.*
-homeassistant.components.aruba.*
-homeassistant.components.arwn.*
 homeassistant.components.aseko_pool_live.*
 homeassistant.components.assist_pipeline.*
-homeassistant.components.assist_satellite.*
 homeassistant.components.asuswrt.*
-homeassistant.components.autarco.*
 homeassistant.components.auth.*
 homeassistant.components.automation.*
 homeassistant.components.awair.*
-homeassistant.components.axis.*
-homeassistant.components.azure_storage.*
 homeassistant.components.backup.*
 homeassistant.components.baf.*
-homeassistant.components.bang_olufsen.*
 homeassistant.components.bayesian.*
 homeassistant.components.binary_sensor.*
 homeassistant.components.bitcoin.*
 homeassistant.components.blockchain.*
-homeassistant.components.blue_current.*
-homeassistant.components.blueprint.*
-homeassistant.components.bluesound.*
 homeassistant.components.bluetooth.*
-homeassistant.components.bluetooth_adapters.*
 homeassistant.components.bluetooth_tracker.*
 homeassistant.components.bmw_connected_drive.*
 homeassistant.components.bond.*
-homeassistant.components.bosch_alarm.*
 homeassistant.components.braviatv.*
-homeassistant.components.bring.*
 homeassistant.components.brother.*
 homeassistant.components.browser.*
-homeassistant.components.bryant_evolution.*
-homeassistant.components.bthome.*
 homeassistant.components.button.*
 homeassistant.components.calendar.*
-homeassistant.components.cambridge_audio.*
 homeassistant.components.camera.*
 homeassistant.components.canary.*
-homeassistant.components.cert_expiry.*
 homeassistant.components.clickatell.*
 homeassistant.components.clicksend.*
 homeassistant.components.climate.*
 homeassistant.components.cloud.*
-homeassistant.components.co2signal.*
-homeassistant.components.comelit.*
-homeassistant.components.command_line.*
-homeassistant.components.config.*
 homeassistant.components.configurator.*
-homeassistant.components.cookidoo.*
-homeassistant.components.counter.*
 homeassistant.components.cover.*
 homeassistant.components.cpuspeed.*
 homeassistant.components.crownstone.*
-homeassistant.components.date.*
-homeassistant.components.datetime.*
-homeassistant.components.deako.*
 homeassistant.components.deconz.*
-homeassistant.components.default_config.*
 homeassistant.components.demo.*
 homeassistant.components.derivative.*
 homeassistant.components.device_automation.*
@@ -163,37 +105,21 @@ homeassistant.components.dhcp.*
 homeassistant.components.diagnostics.*
 homeassistant.components.discovergy.*
 homeassistant.components.dlna_dmr.*
-homeassistant.components.dlna_dms.*
 homeassistant.components.dnsip.*
 homeassistant.components.doorbird.*
 homeassistant.components.dormakaba_dkey.*
-homeassistant.components.downloader.*
 homeassistant.components.dsmr.*
-homeassistant.components.duckdns.*
 homeassistant.components.dunehd.*
-homeassistant.components.duotecno.*
-homeassistant.components.easyenergy.*
-homeassistant.components.ecovacs.*
-homeassistant.components.ecowitt.*
 homeassistant.components.efergy.*
-homeassistant.components.eheimdigital.*
 homeassistant.components.electrasmart.*
 homeassistant.components.electric_kiwi.*
-homeassistant.components.elevenlabs.*
 homeassistant.components.elgato.*
 homeassistant.components.elkm1.*
 homeassistant.components.emulated_hue.*
-homeassistant.components.energenie_power_sockets.*
 homeassistant.components.energy.*
-homeassistant.components.energyzero.*
-homeassistant.components.enigma2.*
-homeassistant.components.enphase_envoy.*
-homeassistant.components.eq3btsmart.*
 homeassistant.components.esphome.*
 homeassistant.components.event.*
 homeassistant.components.evil_genius_labs.*
-homeassistant.components.evohome.*
-homeassistant.components.faa_delays.*
 homeassistant.components.fan.*
 homeassistant.components.fastdotcom.*
 homeassistant.components.feedreader.*
@@ -201,7 +127,6 @@ homeassistant.components.file_upload.*
 homeassistant.components.filesize.*
 homeassistant.components.filter.*
 homeassistant.components.fitbit.*
-homeassistant.components.flexit_bacnet.*
 homeassistant.components.flux_led.*
 homeassistant.components.forecast_solar.*
 homeassistant.components.fritz.*
@@ -209,44 +134,29 @@ homeassistant.components.fritzbox.*
 homeassistant.components.fritzbox_callmonitor.*
 homeassistant.components.fronius.*
 homeassistant.components.frontend.*
-homeassistant.components.fujitsu_fglair.*
 homeassistant.components.fully_kiosk.*
-homeassistant.components.fyta.*
-homeassistant.components.generic_hygrostat.*
-homeassistant.components.generic_thermostat.*
 homeassistant.components.geo_location.*
 homeassistant.components.geocaching.*
 homeassistant.components.gios.*
 homeassistant.components.glances.*
-homeassistant.components.go2rtc.*
 homeassistant.components.goalzero.*
 homeassistant.components.google.*
-homeassistant.components.google_assistant_sdk.*
-homeassistant.components.google_cloud.*
-homeassistant.components.google_drive.*
-homeassistant.components.google_photos.*
 homeassistant.components.google_sheets.*
-homeassistant.components.govee_ble.*
 homeassistant.components.gpsd.*
 homeassistant.components.greeneye_monitor.*
 homeassistant.components.group.*
 homeassistant.components.guardian.*
-homeassistant.components.habitica.*
 homeassistant.components.hardkernel.*
 homeassistant.components.hardware.*
-homeassistant.components.heos.*
 homeassistant.components.here_travel_time.*
 homeassistant.components.history.*
-homeassistant.components.history_stats.*
-homeassistant.components.holiday.*
-homeassistant.components.home_connect.*
-homeassistant.components.homeassistant.*
+homeassistant.components.homeassistant.exposed_entities
+homeassistant.components.homeassistant.triggers.event
 homeassistant.components.homeassistant_alerts.*
 homeassistant.components.homeassistant_green.*
 homeassistant.components.homeassistant_hardware.*
 homeassistant.components.homeassistant_sky_connect.*
 homeassistant.components.homeassistant_yellow.*
-homeassistant.components.homee.*
 homeassistant.components.homekit.*
 homeassistant.components.homekit_controller
 homeassistant.components.homekit_controller.alarm_control_panel
@@ -258,11 +168,8 @@ homeassistant.components.homekit_controller.select
 homeassistant.components.homekit_controller.storage
 homeassistant.components.homekit_controller.utils
 homeassistant.components.homewizard.*
-homeassistant.components.homeworks.*
 homeassistant.components.http.*
 homeassistant.components.huawei_lte.*
-homeassistant.components.humidifier.*
-homeassistant.components.husqvarna_automower.*
 homeassistant.components.hydrawise.*
 homeassistant.components.hyperion.*
 homeassistant.components.ibeacon.*
@@ -271,46 +178,31 @@ homeassistant.components.image.*
 homeassistant.components.image_processing.*
 homeassistant.components.image_upload.*
 homeassistant.components.imap.*
-homeassistant.components.imgw_pib.*
-homeassistant.components.immich.*
-homeassistant.components.incomfort.*
 homeassistant.components.input_button.*
 homeassistant.components.input_select.*
 homeassistant.components.input_text.*
 homeassistant.components.integration.*
-homeassistant.components.intent.*
-homeassistant.components.intent_script.*
-homeassistant.components.ios.*
-homeassistant.components.iotty.*
 homeassistant.components.ipp.*
 homeassistant.components.iqvia.*
-homeassistant.components.iron_os.*
 homeassistant.components.islamic_prayer_times.*
 homeassistant.components.isy994.*
 homeassistant.components.jellyfin.*
 homeassistant.components.jewish_calendar.*
 homeassistant.components.jvc_projector.*
 homeassistant.components.kaleidescape.*
-homeassistant.components.knocki.*
 homeassistant.components.knx.*
 homeassistant.components.kraken.*
-homeassistant.components.kulersky.*
 homeassistant.components.lacrosse.*
 homeassistant.components.lacrosse_view.*
-homeassistant.components.lamarzocco.*
 homeassistant.components.lametric.*
 homeassistant.components.laundrify.*
 homeassistant.components.lawn_mower.*
 homeassistant.components.lcn.*
 homeassistant.components.ld2410_ble.*
-homeassistant.components.led_ble.*
-homeassistant.components.lektrico.*
-homeassistant.components.letpot.*
 homeassistant.components.lidarr.*
 homeassistant.components.lifx.*
 homeassistant.components.light.*
 homeassistant.components.linear_garage_door.*
-homeassistant.components.linkplay.*
 homeassistant.components.litejet.*
 homeassistant.components.litterrobot.*
 homeassistant.components.local_ip.*
@@ -320,205 +212,128 @@ homeassistant.components.logbook.*
 homeassistant.components.logger.*
 homeassistant.components.london_underground.*
 homeassistant.components.lookin.*
-homeassistant.components.lovelace.*
 homeassistant.components.luftdaten.*
-homeassistant.components.madvr.*
-homeassistant.components.manual.*
+homeassistant.components.mailbox.*
 homeassistant.components.mastodon.*
 homeassistant.components.matrix.*
 homeassistant.components.matter.*
-homeassistant.components.mcp.*
-homeassistant.components.mcp_server.*
-homeassistant.components.mealie.*
 homeassistant.components.media_extractor.*
 homeassistant.components.media_player.*
 homeassistant.components.media_source.*
-homeassistant.components.met_eireann.*
 homeassistant.components.metoffice.*
-homeassistant.components.miele.*
 homeassistant.components.mikrotik.*
 homeassistant.components.min_max.*
-homeassistant.components.minecraft_server.*
 homeassistant.components.mjpeg.*
 homeassistant.components.modbus.*
 homeassistant.components.modem_callerid.*
-homeassistant.components.mold_indicator.*
-homeassistant.components.monzo.*
 homeassistant.components.moon.*
 homeassistant.components.mopeka.*
-homeassistant.components.motionmount.*
 homeassistant.components.mqtt.*
-homeassistant.components.music_assistant.*
-homeassistant.components.my.*
 homeassistant.components.mysensors.*
-homeassistant.components.myuplink.*
 homeassistant.components.nam.*
 homeassistant.components.nanoleaf.*
-homeassistant.components.nasweb.*
 homeassistant.components.neato.*
 homeassistant.components.nest.*
 homeassistant.components.netatmo.*
 homeassistant.components.network.*
 homeassistant.components.nextdns.*
 homeassistant.components.nfandroidtv.*
-homeassistant.components.nightscout.*
 homeassistant.components.nissan_leaf.*
 homeassistant.components.no_ip.*
-homeassistant.components.nordpool.*
 homeassistant.components.notify.*
 homeassistant.components.notion.*
-homeassistant.components.ntfy.*
 homeassistant.components.number.*
 homeassistant.components.nut.*
-homeassistant.components.ohme.*
-homeassistant.components.onboarding.*
 homeassistant.components.oncue.*
-homeassistant.components.onedrive.*
 homeassistant.components.onewire.*
-homeassistant.components.onkyo.*
 homeassistant.components.open_meteo.*
-homeassistant.components.openai_conversation.*
 homeassistant.components.openexchangerates.*
 homeassistant.components.opensky.*
 homeassistant.components.openuv.*
-homeassistant.components.oralb.*
 homeassistant.components.otbr.*
 homeassistant.components.overkiz.*
-homeassistant.components.overseerr.*
-homeassistant.components.p1_monitor.*
-homeassistant.components.pandora.*
-homeassistant.components.panel_custom.*
-homeassistant.components.paperless_ngx.*
-homeassistant.components.peblar.*
 homeassistant.components.peco.*
-homeassistant.components.pegel_online.*
 homeassistant.components.persistent_notification.*
-homeassistant.components.person.*
 homeassistant.components.pi_hole.*
 homeassistant.components.ping.*
 homeassistant.components.plugwise.*
-homeassistant.components.powerfox.*
+homeassistant.components.poolsense.*
 homeassistant.components.powerwall.*
 homeassistant.components.private_ble_device.*
-homeassistant.components.prometheus.*
 homeassistant.components.proximity.*
 homeassistant.components.prusalink.*
 homeassistant.components.pure_energie.*
 homeassistant.components.purpleair.*
-homeassistant.components.pushbullet.*
 homeassistant.components.pvoutput.*
-homeassistant.components.pyload.*
-homeassistant.components.python_script.*
-homeassistant.components.qbus.*
 homeassistant.components.qnap_qsw.*
-homeassistant.components.rabbitair.*
 homeassistant.components.radarr.*
-homeassistant.components.radio_browser.*
-homeassistant.components.rainforest_raven.*
 homeassistant.components.rainmachine.*
 homeassistant.components.raspberry_pi.*
 homeassistant.components.rdw.*
 homeassistant.components.recollect_waste.*
 homeassistant.components.recorder.*
-homeassistant.components.remember_the_milk.*
 homeassistant.components.remote.*
-homeassistant.components.remote_calendar.*
 homeassistant.components.renault.*
-homeassistant.components.reolink.*
 homeassistant.components.repairs.*
 homeassistant.components.rest.*
-homeassistant.components.rest_command.*
 homeassistant.components.rfxtrx.*
 homeassistant.components.rhasspy.*
 homeassistant.components.ridwell.*
-homeassistant.components.ring.*
 homeassistant.components.rituals_perfume_genie.*
-homeassistant.components.roborock.*
 homeassistant.components.roku.*
-homeassistant.components.romy.*
 homeassistant.components.rpi_power.*
 homeassistant.components.rss_feed_template.*
-homeassistant.components.russound_rio.*
+homeassistant.components.rtsp_to_webrtc.*
 homeassistant.components.ruuvi_gateway.*
 homeassistant.components.ruuvitag_ble.*
 homeassistant.components.samsungtv.*
 homeassistant.components.scene.*
 homeassistant.components.schedule.*
-homeassistant.components.schlage.*
 homeassistant.components.scrape.*
-homeassistant.components.script.*
-homeassistant.components.search.*
 homeassistant.components.select.*
 homeassistant.components.sensibo.*
 homeassistant.components.sensirion_ble.*
 homeassistant.components.sensor.*
-homeassistant.components.sensorpush_cloud.*
-homeassistant.components.sensoterra.*
 homeassistant.components.senz.*
 homeassistant.components.sfr_box.*
-homeassistant.components.shell_command.*
 homeassistant.components.shelly.*
-homeassistant.components.shopping_list.*
 homeassistant.components.simplepush.*
 homeassistant.components.simplisafe.*
-homeassistant.components.siren.*
 homeassistant.components.skybell.*
 homeassistant.components.slack.*
 homeassistant.components.sleepiq.*
 homeassistant.components.smhi.*
-homeassistant.components.smlight.*
-homeassistant.components.smtp.*
 homeassistant.components.snooz.*
-homeassistant.components.solarlog.*
 homeassistant.components.sonarr.*
 homeassistant.components.speedtestdotnet.*
-homeassistant.components.spotify.*
 homeassistant.components.sql.*
-homeassistant.components.squeezebox.*
 homeassistant.components.ssdp.*
 homeassistant.components.starlink.*
 homeassistant.components.statistics.*
 homeassistant.components.steamist.*
-homeassistant.components.stookwijzer.*
+homeassistant.components.stookalert.*
 homeassistant.components.stream.*
-homeassistant.components.streamlabswater.*
-homeassistant.components.stt.*
-homeassistant.components.suez_water.*
 homeassistant.components.sun.*
 homeassistant.components.surepetcare.*
 homeassistant.components.switch.*
-homeassistant.components.switch_as_x.*
 homeassistant.components.switchbee.*
 homeassistant.components.switchbot_cloud.*
 homeassistant.components.switcher_kis.*
 homeassistant.components.synology_dsm.*
-homeassistant.components.system_health.*
-homeassistant.components.system_log.*
 homeassistant.components.systemmonitor.*
 homeassistant.components.tag.*
 homeassistant.components.tailscale.*
-homeassistant.components.tailwind.*
 homeassistant.components.tami4.*
 homeassistant.components.tautulli.*
 homeassistant.components.tcp.*
-homeassistant.components.technove.*
-homeassistant.components.tedee.*
-homeassistant.components.telegram_bot.*
 homeassistant.components.text.*
-homeassistant.components.thethingsnetwork.*
 homeassistant.components.threshold.*
 homeassistant.components.tibber.*
 homeassistant.components.tile.*
 homeassistant.components.tilt_ble.*
-homeassistant.components.time.*
-homeassistant.components.time_date.*
-homeassistant.components.timer.*
-homeassistant.components.tod.*
-homeassistant.components.todo.*
 homeassistant.components.tolo.*
 homeassistant.components.tplink.*
 homeassistant.components.tplink_omada.*
-homeassistant.components.trace.*
 homeassistant.components.tractive.*
 homeassistant.components.tradfri.*
 homeassistant.components.trafikverket_camera.*
@@ -536,21 +351,15 @@ homeassistant.components.update.*
 homeassistant.components.uptime.*
 homeassistant.components.uptimerobot.*
 homeassistant.components.usb.*
-homeassistant.components.uvc.*
 homeassistant.components.vacuum.*
 homeassistant.components.vallox.*
-homeassistant.components.valve.*
 homeassistant.components.velbus.*
 homeassistant.components.vlc_telnet.*
-homeassistant.components.vodafone_station.*
 homeassistant.components.wake_on_lan.*
-homeassistant.components.wake_word.*
 homeassistant.components.wallbox.*
-homeassistant.components.waqi.*
 homeassistant.components.water_heater.*
 homeassistant.components.watttime.*
 homeassistant.components.weather.*
-homeassistant.components.webhook.*
 homeassistant.components.webostv.*
 homeassistant.components.websocket_api.*
 homeassistant.components.wemo.*
@@ -558,12 +367,9 @@ homeassistant.components.whois.*
 homeassistant.components.withings.*
 homeassistant.components.wiz.*
 homeassistant.components.wled.*
-homeassistant.components.workday.*
 homeassistant.components.worldclock.*
-homeassistant.components.xiaomi_ble.*
 homeassistant.components.yale_smart_alarm.*
 homeassistant.components.yalexs_ble.*
-homeassistant.components.youtube.*
 homeassistant.components.zeroconf.*
 homeassistant.components.zodiac.*
 homeassistant.components.zone.*
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -6,59 +6,38 @@
  "configurations": [
    {
      "name": "Home Assistant",
-      "type": "debugpy",
+      "type": "python",
      "request": "launch",
      "module": "homeassistant",
      "justMyCode": false,
-      "args": [
-        "--debug",
-        "-c",
-        "config"
-      ],
+      "args": ["--debug", "-c", "config"],
      "preLaunchTask": "Compile English translations"
    },
    {
      "name": "Home Assistant (skip pip)",
-      "type": "debugpy",
+      "type": "python",
      "request": "launch",
      "module": "homeassistant",
      "justMyCode": false,
-      "args": [
-        "--debug",
-        "-c",
-        "config",
-        "--skip-pip"
-      ],
+      "args": ["--debug", "-c", "config", "--skip-pip"],
      "preLaunchTask": "Compile English translations"
    },
    {
      "name": "Home Assistant: Changed tests",
-      "type": "debugpy",
+      "type": "python",
      "request": "launch",
      "module": "pytest",
      "justMyCode": false,
-      "args": [
-        "--picked"
-      ],
-    },
-    {
-      "name": "Home Assistant: Debug Current Test File",
-      "type": "debugpy",
-      "request": "launch",
-      "module": "pytest",
-      "console": "integratedTerminal",
-      "args": ["-vv", "${file}"]
+      "args": ["--timeout=10", "--picked"],
    },
    {
      // Debug by attaching to local Home Assistant server using Remote Python Debugger.
      // See https://www.home-assistant.io/integrations/debugpy/
      "name": "Home Assistant: Attach Local",
-      "type": "debugpy",
+      "type": "python",
      "request": "attach",
-      "connect": {
-        "port": 5678,
-        "host": "localhost"
-      },
+      "port": 5678,
+      "host": "localhost",
      "pathMappings": [
        {
          "localRoot": "${workspaceFolder}",
@@ -70,12 +49,10 @@
      // Debug by attaching to remote Home Assistant server using Remote Python Debugger.
      // See https://www.home-assistant.io/integrations/debugpy/
      "name": "Home Assistant: Attach Remote",
-      "type": "debugpy",
+      "type": "python",
      "request": "attach",
-      "connect": {
-        "port": 5678,
-        "host": "homeassistant.local"
-      },
+      "port": 5678,
+      "host": "homeassistant.local",
      "pathMappings": [
        {
          "localRoot": "${workspaceFolder}",
--- a/.vscode/settings.default.json
+++ b/.vscode/settings.default.json
@@ -1,19 +1,8 @@
 {
-  // Please keep this file (mostly!) in sync with settings in home-assistant/.devcontainer/devcontainer.json
+  // Please keep this file in sync with settings in home-assistant/.devcontainer/devcontainer.json
  // Added --no-cov to work around TypeError: message must be set
  // https://github.com/microsoft/vscode-python/issues/14067
  "python.testing.pytestArgs": ["--no-cov"],
  // https://code.visualstudio.com/docs/python/testing#_pytest-configuration-settings
-  "python.testing.pytestEnabled": false,
-  // https://code.visualstudio.com/docs/python/linting#_general-settings
-  "pylint.importStrategy": "fromEnvironment",
-  "json.schemas": [
-        {
-            "fileMatch": [
-                "homeassistant/components/*/manifest.json"
-            ],
-            // This value differs between working with devcontainer and locally, therefor this value should NOT be in sync!
-            "url": "./script/json_schemas/manifest_schema.json"
-        }
-    ]
+  "python.testing.pytestEnabled": false
 }
--- a/.vscode/tasks.json
+++ b/.vscode/tasks.json
@@ -4,7 +4,7 @@
    {
      "label": "Run Home Assistant Core",
      "type": "shell",
-      "command": "${command:python.interpreterPath} -m homeassistant -c ./config",
+      "command": "hass -c ./config",
      "group": "test",
      "presentation": {
        "reveal": "always",
@@ -16,7 +16,7 @@
    {
      "label": "Pytest",
      "type": "shell",
-      "command": "${command:python.interpreterPath} -m pytest --timeout=10 tests",
+      "command": "python3 -m pytest --timeout=10 tests",
      "dependsOn": ["Install all Test Requirements"],
      "group": {
        "kind": "test",
@@ -31,7 +31,7 @@
    {
      "label": "Pytest (changed tests only)",
      "type": "shell",
-      "command": "${command:python.interpreterPath} -m pytest --timeout=10 --picked",
+      "command": "python3 -m pytest --timeout=10 --picked",
      "group": {
        "kind": "test",
        "isDefault": true
@@ -45,21 +45,7 @@
    {
      "label": "Ruff",
      "type": "shell",
-      "command": "pre-commit run ruff-check --all-files",
-      "group": {
-        "kind": "test",
-        "isDefault": true
-      },
-      "presentation": {
-        "reveal": "always",
-        "panel": "new"
-      },
-      "problemMatcher": []
-    },
-    {
-      "label": "Pre-commit",
-      "type": "shell",
-      "command": "pre-commit run --show-diff-on-failure",
+      "command": "pre-commit run ruff --all-files",
      "group": {
        "kind": "test",
        "isDefault": true
@@ -89,24 +75,7 @@
      "label": "Code Coverage",
      "detail": "Generate code coverage report for a given integration.",
      "type": "shell",
-      "command": "${command:python.interpreterPath} -m pytest ./tests/components/${input:integrationName}/ --cov=homeassistant.components.${input:integrationName} --cov-report term-missing --durations-min=1 --durations=0 --numprocesses=auto",
-      "dependsOn": ["Compile English translations"],
-      "group": {
-        "kind": "test",
-        "isDefault": true
-      },
-      "presentation": {
-        "reveal": "always",
-        "panel": "new"
-      },
-      "problemMatcher": []
-    },
-    {
-      "label": "Update syrupy snapshots",
-      "detail": "Update syrupy snapshots for a given integration.",
-      "type": "shell",
-      "command": "${command:python.interpreterPath} -m pytest ./tests/components/${input:integrationName} --snapshot-update",
-      "dependsOn": ["Compile English translations"],
+      "command": "python3 -m pytest ./tests/components/${input:integrationName}/ --cov=homeassistant.components.${input:integrationName} --cov-report term-missing --durations-min=1 --durations=0 --numprocesses=auto",
      "group": {
        "kind": "test",
        "isDefault": true
@@ -134,7 +103,7 @@
    {
      "label": "Install all Requirements",
      "type": "shell",
-      "command": "uv pip install -r requirements_all.txt",
+      "command": "pip3 install -r requirements_all.txt",
      "group": {
        "kind": "build",
        "isDefault": true
@@ -148,7 +117,7 @@
    {
      "label": "Install all Test Requirements",
      "type": "shell",
-      "command": "uv pip install -r requirements.txt -r requirements_test_all.txt",
+      "command": "pip3 install -r requirements_test_all.txt",
      "group": {
        "kind": "build",
        "isDefault": true
@@ -163,7 +132,7 @@
      "label": "Compile English translations",
      "detail": "In order to test changes to translation files, the translation strings must be compiled into Home Assistant's translation directories.",
      "type": "shell",
-      "command": "${command:python.interpreterPath} -m script.translations develop --all",
+      "command": "python3 -m script.translations develop --all",
      "group": {
        "kind": "build",
        "isDefault": true
@@ -173,7 +142,7 @@
      "label": "Run scaffold",
      "detail": "Add new functionality to a integration using a scaffold.",
      "type": "shell",
-      "command": "${command:python.interpreterPath} -m script.scaffold ${input:scaffoldName} --integration ${input:integrationName}",
+      "command": "python3 -m script.scaffold ${input:scaffoldName} --integration ${input:integrationName}",
      "group": {
        "kind": "build",
        "isDefault": true
@@ -183,25 +152,11 @@
      "label": "Create new integration",
      "detail": "Use the scaffold to create a new integration.",
      "type": "shell",
-      "command": "${command:python.interpreterPath} -m script.scaffold integration",
+      "command": "python3 -m script.scaffold integration",
      "group": {
        "kind": "build",
        "isDefault": true
      }
-    },
-    {
-      "label": "Install integration requirements",
-      "detail": "Install all requirements of a given integration.",
-      "type": "shell",
-      "command": "${command:python.interpreterPath} -m script.install_integration_requirements ${input:integrationName}",
-      "group": {
-        "kind": "build",
-        "isDefault": true
-      },
-      "presentation": {
-        "reveal": "always",
-        "panel": "new"
-      }
    }
  ],
  "inputs": [
--- a/.yamllint
+++ b/.yamllint
@@ -1,4 +1,5 @@
 ignore: |
+  azure-*.yml
  tests/fixtures/core/config/yaml_errors/
 rules:
  braces:
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -1 +0,0 @@
-.github/copilot-instructions.md
--- a/690
+++ b/690
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@@ -5,7 +5,7 @@
 We as members, contributors, and leaders pledge to make participation in our
 community a harassment-free experience for everyone, regardless of age, body
 size, visible or invisible disability, ethnicity, sex characteristics, gender
-identity and expression, level of experience, education, socioeconomic status,
+identity and expression, level of experience, education, socio-economic status,
 nationality, personal appearance, race, religion, or sexual identity
 and orientation.

--- a/54
+++ b/54
@@ -1,63 +1,47 @@
-# Automatically generated by hassfest.
-#
-# To update, run python3 -m script.hassfest -p docker
 ARG BUILD_FROM
 FROM ${BUILD_FROM}

 # Synchronize with homeassistant/core.py:async_stop
 ENV \
-    S6_SERVICES_GRACETIME=240000 \
-    UV_SYSTEM_PYTHON=true \
-    UV_NO_CACHE=true
+    S6_SERVICES_GRACETIME=220000

 ARG QEMU_CPU

-# Home Assistant S6-Overlay
-COPY rootfs /
-
-# Needs to be redefined inside the FROM statement to be set for RUN commands
-ARG BUILD_ARCH
-# Get go2rtc binary
-RUN \
-    case "${BUILD_ARCH}" in \
-        "aarch64") go2rtc_suffix='arm64' ;; \
-        "armhf") go2rtc_suffix='armv6' ;; \
-        "armv7") go2rtc_suffix='arm' ;; \
-        *) go2rtc_suffix=${BUILD_ARCH} ;; \
-    esac \
-    && curl -L https://github.com/AlexxIT/go2rtc/releases/download/v1.9.9/go2rtc_linux_${go2rtc_suffix} --output /bin/go2rtc \
-    && chmod +x /bin/go2rtc \
-    # Verify go2rtc can be executed
-    && go2rtc --version
-
-# Install uv
-RUN pip3 install uv==0.7.1
-
 WORKDIR /usr/src

 ## Setup Home Assistant Core dependencies
 COPY requirements.txt homeassistant/
 COPY homeassistant/package_constraints.txt homeassistant/homeassistant/
 RUN \
-    uv pip install \
-        --no-build \
+    pip3 install \
+        --only-binary=:all: \
        -r homeassistant/requirements.txt

 COPY requirements_all.txt home_assistant_frontend-* home_assistant_intents-* homeassistant/
 RUN \
-    if ls homeassistant/home_assistant_*.whl 1> /dev/null 2>&1; then \
-        uv pip install homeassistant/home_assistant_*.whl; \
+    if ls homeassistant/home_assistant_frontend*.whl 1> /dev/null 2>&1; then \
+        pip3 install homeassistant/home_assistant_frontend-*.whl; \
    fi \
-    && uv pip install \
-        --no-build \
-        -r homeassistant/requirements_all.txt
+    && if ls homeassistant/home_assistant_intents*.whl 1> /dev/null 2>&1; then \
+        pip3 install homeassistant/home_assistant_intents-*.whl; \
+    fi \
+    && \
+        LD_PRELOAD="/usr/local/lib/libjemalloc.so.2" \
+        MALLOC_CONF="background_thread:true,metadata_thp:auto,dirty_decay_ms:20000,muzzy_decay_ms:20000" \
+        pip3 install \
+            --only-binary=:all: \
+            -r homeassistant/requirements_all.txt

 ## Setup Home Assistant Core
 COPY . homeassistant/
 RUN \
-    uv pip install \
+    pip3 install \
+        --only-binary=:all: \
        -e ./homeassistant \
    && python3 -m compileall \
        homeassistant/homeassistant

+# Home Assistant S6-Overlay
+COPY rootfs /
+
 WORKDIR /config
--- a/Dockerfile.dev
+++ b/Dockerfile.dev
@@ -1,20 +1,26 @@
-FROM mcr.microsoft.com/vscode/devcontainers/base:debian
+FROM mcr.microsoft.com/vscode/devcontainers/python:0-3.11

 SHELL ["/bin/bash", "-o", "pipefail", "-c"]

+# Uninstall pre-installed formatting and linting tools
+# They would conflict with our pinned versions
+RUN \
+    pipx uninstall pydocstyle \
+    && pipx uninstall pycodestyle \
+    && pipx uninstall mypy \
+    && pipx uninstall pylint
+
 RUN \
    curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - \
    && apt-get update \
    && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
        # Additional library needed by some tests and accordingly by VScode Tests Discovery
        bluez \
-        ffmpeg \
        libudev-dev \
        libavformat-dev \
        libavcodec-dev \
        libavdevice-dev \
        libavutil-dev \
-        libgammu-dev \
        libswscale-dev \
        libswresample-dev \
        libavfilter-dev \
@@ -24,38 +30,24 @@ RUN \
        libxml2 \
        git \
        cmake \
-        autoconf \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/*

-# Add go2rtc binary
-COPY --from=ghcr.io/alexxit/go2rtc:latest /usr/local/bin/go2rtc /bin/go2rtc
-
 WORKDIR /usr/src

-COPY --from=ghcr.io/astral-sh/uv:latest /uv /usr/local/bin/uv
-
-RUN uv python install 3.13.2
-
-USER vscode
-ENV VIRTUAL_ENV="/home/vscode/.local/ha-venv"
-RUN uv venv $VIRTUAL_ENV
-ENV PATH="$VIRTUAL_ENV/bin:$PATH"
-
-WORKDIR /tmp
-
 # Setup hass-release
-RUN git clone --depth 1 https://github.com/home-assistant/hass-release ~/hass-release \
-    && uv pip install -e ~/hass-release/
+RUN git clone --depth 1 https://github.com/home-assistant/hass-release \
+    && pip3 install -e hass-release/
+
+WORKDIR /workspaces

 # Install Python dependencies from requirements
 COPY requirements.txt ./
 COPY homeassistant/package_constraints.txt homeassistant/package_constraints.txt
-RUN uv pip install -r requirements.txt
+RUN pip3 install -r requirements.txt
 COPY requirements_test.txt requirements_test_pre_commit.txt ./
-RUN uv pip install -r requirements_test.txt
-
-WORKDIR /workspaces
+RUN pip3 install -r requirements_test.txt
+RUN rm -rf requirements.txt requirements_test.txt requirements_test_pre_commit.txt homeassistant/

 # Set the default shell to bash instead of sh
-ENV SHELL=/bin/bash
+ENV SHELL /bin/bash
--- a/README.rst
+++ b/README.rst
@@ -20,14 +20,9 @@ components <https://developers.home-assistant.io/docs/creating_component_index/>
 If you run into issues while using Home Assistant or during development
 of a component, check the `Home Assistant help section <https://home-assistant.io/help/>`__ of our website for further help and information.

-|ohf-logo|
-
 .. |Chat Status| image:: https://img.shields.io/discord/330944238910963714.svg
   :target: https://www.home-assistant.io/join-chat/
-.. |screenshot-states| image:: https://raw.githubusercontent.com/home-assistant/core/dev/.github/assets/screenshot-states.png
+.. |screenshot-states| image:: https://raw.githubusercontent.com/home-assistant/core/master/docs/screenshots.png
   :target: https://demo.home-assistant.io
-.. |screenshot-integrations| image:: https://raw.githubusercontent.com/home-assistant/core/dev/.github/assets/screenshot-integrations.png
+.. |screenshot-integrations| image:: https://raw.githubusercontent.com/home-assistant/core/dev/docs/screenshot-integrations.png
   :target: https://home-assistant.io/integrations/
-.. |ohf-logo| image:: https://www.openhomefoundation.org/badges/home-assistant.png
-   :alt: Home Assistant - A project from the Open Home Foundation
-   :target: https://www.openhomefoundation.org/
--- a/build.yaml
+++ b/build.yaml
@@ -1,10 +1,10 @@
 image: ghcr.io/home-assistant/{arch}-homeassistant
 build_from:
-  aarch64: ghcr.io/home-assistant/aarch64-homeassistant-base:2025.05.0
-  armhf: ghcr.io/home-assistant/armhf-homeassistant-base:2025.05.0
-  armv7: ghcr.io/home-assistant/armv7-homeassistant-base:2025.05.0
-  amd64: ghcr.io/home-assistant/amd64-homeassistant-base:2025.05.0
-  i386: ghcr.io/home-assistant/i386-homeassistant-base:2025.05.0
+  aarch64: ghcr.io/home-assistant/aarch64-homeassistant-base:2023.10.1
+  armhf: ghcr.io/home-assistant/armhf-homeassistant-base:2023.10.1
+  armv7: ghcr.io/home-assistant/armv7-homeassistant-base:2023.10.1
+  amd64: ghcr.io/home-assistant/amd64-homeassistant-base:2023.10.1
+  i386: ghcr.io/home-assistant/i386-homeassistant-base:2023.10.1
 codenotary:
  signer: notary@home-assistant.io
  base_image: notary@home-assistant.io
@@ -19,4 +19,4 @@ labels:
  org.opencontainers.image.authors: The Home Assistant Authors
  org.opencontainers.image.url: https://www.home-assistant.io/
  org.opencontainers.image.documentation: https://www.home-assistant.io/docs/
-  org.opencontainers.image.licenses: Apache-2.0
+  org.opencontainers.image.licenses: Apache License 2.0
--- a/codecov.yml
+++ b/codecov.yml
@@ -4,7 +4,7 @@ coverage:
  status:
    project:
      default:
-        target: auto
+        target: 90
        threshold: 0.09
      required:
        target: auto
--- a/homeassistant/main.py
+++ b/homeassistant/main.py
@@ -1,15 +1,12 @@
 """Start Home Assistant."""
-
 from __future__ import annotations

 import argparse
-from contextlib import suppress
 import faulthandler
 import os
 import sys
 import threading

-from .backup_restore import restore_backup
 from .const import REQUIRED_PYTHON_VER, RESTART_EXIT_CODE, __version__

 FAULT_LOG_FILENAME = "home-assistant.log.fault"
@@ -38,7 +35,8 @@ def validate_python() -> None:

 def ensure_config_path(config_dir: str) -> None:
    """Validate the configuration directory."""
-    from . import config as config_util  # noqa: PLC0415
+    # pylint: disable-next=import-outside-toplevel
+    from . import config as config_util

    lib_dir = os.path.join(config_dir, "deps")

@@ -79,7 +77,8 @@ def ensure_config_path(config_dir: str) -> None:

 def get_arguments() -> argparse.Namespace:
    """Get parsed passed in arguments."""
-    from . import config as config_util  # noqa: PLC0415
+    # pylint: disable-next=import-outside-toplevel
+    from . import config as config_util

    parser = argparse.ArgumentParser(
        description="Home Assistant: Observe, Control, Automate.",
@@ -146,7 +145,9 @@ def get_arguments() -> argparse.Namespace:
        help="Skips validation of operating system",
    )

-    return parser.parse_args()
+    arguments = parser.parse_args()
+
+    return arguments


 def check_threads() -> None:
@@ -175,17 +176,16 @@ def main() -> int:
        validate_os()

    if args.script is not None:
-        from . import scripts  # noqa: PLC0415
+        # pylint: disable-next=import-outside-toplevel
+        from . import scripts

        return scripts.run(args.script)

    config_dir = os.path.abspath(os.path.join(os.getcwd(), args.config))
-    if restore_backup(config_dir):
-        return RESTART_EXIT_CODE
-
    ensure_config_path(config_dir)

-    from . import config, runner  # noqa: PLC0415
+    # pylint: disable-next=import-outside-toplevel
+    from . import config, runner

    safe_mode = config.safe_mode_enabled(config_dir)

@@ -209,10 +209,8 @@ def main() -> int:
        exit_code = runner.run(runtime_conf)
        faulthandler.disable()

-    # It's possible for the fault file to disappear, so suppress obvious errors
-    with suppress(FileNotFoundError):
-        if os.path.getsize(fault_file_name) == 0:
-            os.remove(fault_file_name)
+    if os.path.getsize(fault_file_name) == 0:
+        os.remove(fault_file_name)

    check_threads()

--- a/homeassistant/auth/init.py
+++ b/homeassistant/auth/init.py
@@ -1,42 +1,31 @@
 """Provide an authentication layer for Home Assistant."""
-
 from __future__ import annotations

 import asyncio
 from collections import OrderedDict
 from collections.abc import Mapping
-from datetime import datetime, timedelta
-from functools import partial
+from datetime import timedelta
 import time
 from typing import Any, cast

 import jwt

-from homeassistant.core import (
-    CALLBACK_TYPE,
-    HassJob,
-    HassJobType,
-    HomeAssistant,
-    callback,
-)
-from homeassistant.data_entry_flow import FlowHandler, FlowManager, FlowResultType
-from homeassistant.helpers.event import async_track_point_in_utc_time
-from homeassistant.util import dt as dt_util
+from homeassistant import data_entry_flow
+from homeassistant.core import CALLBACK_TYPE, HomeAssistant, callback
+from homeassistant.data_entry_flow import FlowResult

 from . import auth_store, jwt_wrapper, models
-from .const import ACCESS_TOKEN_EXPIRATION, GROUP_ID_ADMIN, REFRESH_TOKEN_EXPIRATION
+from .const import ACCESS_TOKEN_EXPIRATION, GROUP_ID_ADMIN
 from .mfa_modules import MultiFactorAuthModule, auth_mfa_module_from_config
-from .models import AuthFlowContext, AuthFlowResult
 from .providers import AuthProvider, LoginFlow, auth_provider_from_config
-from .providers.homeassistant import HassAuthProvider

 EVENT_USER_ADDED = "user_added"
 EVENT_USER_UPDATED = "user_updated"
 EVENT_USER_REMOVED = "user_removed"

-type _MfaModuleDict = dict[str, MultiFactorAuthModule]
-type _ProviderKey = tuple[str, str | None]
-type _ProviderDict = dict[_ProviderKey, AuthProvider]
+_MfaModuleDict = dict[str, MultiFactorAuthModule]
+_ProviderKey = tuple[str, str | None]
+_ProviderDict = dict[_ProviderKey, AuthProvider]


 class InvalidAuthError(Exception):
@@ -54,11 +43,10 @@ async def auth_manager_from_config(
 ) -> AuthManager:
    """Initialize an auth manager from config.

-    CORE_CONFIG_SCHEMA will make sure no duplicated auth providers or
+    CORE_CONFIG_SCHEMA will make sure do duplicated auth providers or
    mfa modules exist in configs.
    """
    store = auth_store.AuthStore(hass)
-    await store.async_load()
    if provider_configs:
        providers = await asyncio.gather(
            *(
@@ -74,13 +62,6 @@ async def auth_manager_from_config(
        key = (provider.type, provider.id)
        provider_hash[key] = provider

-        if isinstance(provider, HassAuthProvider):
-            # Can be removed in 2026.7 with the legacy mode of homeassistant auth provider
-            # We need to initialize the provider to create the repair if needed as otherwise
-            # the provider will be initialized on first use, which could be rare as users
-            # don't frequently change auth settings
-            await provider.async_initialize()
-
    if module_configs:
        modules = await asyncio.gather(
            *(auth_mfa_module_from_config(hass, config) for config in module_configs)
@@ -93,17 +74,12 @@ async def auth_manager_from_config(
        module_hash[module.id] = module

    manager = AuthManager(hass, store, provider_hash, module_hash)
-    await manager.async_setup()
    return manager


-class AuthManagerFlowManager(
-    FlowManager[AuthFlowContext, AuthFlowResult, tuple[str, str]]
-):
+class AuthManagerFlowManager(data_entry_flow.FlowManager):
    """Manage authentication flows."""

-    _flow_result = AuthFlowResult
-
    def __init__(self, hass: HomeAssistant, auth_manager: AuthManager) -> None:
        """Init auth manager flows."""
        super().__init__(hass)
@@ -111,11 +87,11 @@ class AuthManagerFlowManager(

    async def async_create_flow(
        self,
-        handler_key: tuple[str, str],
+        handler_key: str,
        *,
-        context: AuthFlowContext | None = None,
+        context: dict[str, Any] | None = None,
        data: dict[str, Any] | None = None,
-    ) -> LoginFlow[Any]:
+    ) -> data_entry_flow.FlowHandler:
        """Create a login flow."""
        auth_provider = self.auth_manager.get_auth_provider(*handler_key)
        if not auth_provider:
@@ -123,18 +99,12 @@ class AuthManagerFlowManager(
        return await auth_provider.async_login_flow(context)

    async def async_finish_flow(
-        self,
-        flow: FlowHandler[AuthFlowContext, AuthFlowResult, tuple[str, str]],
-        result: AuthFlowResult,
-    ) -> AuthFlowResult:
-        """Return a user as result of login flow.
-
-        This method is called when a flow step returns FlowResultType.ABORT or
-        FlowResultType.CREATE_ENTRY.
-        """
+        self, flow: data_entry_flow.FlowHandler, result: FlowResult
+    ) -> FlowResult:
+        """Return a user as result of login flow."""
        flow = cast(LoginFlow, flow)

-        if result["type"] != FlowResultType.CREATE_ENTRY:
+        if result["type"] != data_entry_flow.FlowResultType.CREATE_ENTRY:
            return result

        # we got final result
@@ -187,21 +157,7 @@ class AuthManager:
        self._providers = providers
        self._mfa_modules = mfa_modules
        self.login_flow = AuthManagerFlowManager(hass, self)
-        self._revoke_callbacks: dict[str, set[CALLBACK_TYPE]] = {}
-        self._expire_callback: CALLBACK_TYPE | None = None
-        self._remove_expired_job = HassJob(
-            self._async_remove_expired_refresh_tokens, job_type=HassJobType.Callback
-        )
-
-    async def async_setup(self) -> None:
-        """Set up the auth manager."""
-        hass = self.hass
-        hass.async_add_shutdown_job(
-            HassJob(
-                self._async_cancel_expiration_schedule, job_type=HassJobType.Callback
-            )
-        )
-        self._async_track_next_refresh_token_expiration()
+        self._revoke_callbacks: dict[str, list[CALLBACK_TYPE]] = {}

    @property
    def auth_providers(self) -> list[AuthProvider]:
@@ -367,15 +323,15 @@ class AuthManager:
        local_only: bool | None = None,
    ) -> None:
        """Update a user."""
-        kwargs: dict[str, Any] = {
-            attr_name: value
-            for attr_name, value in (
-                ("name", name),
-                ("group_ids", group_ids),
-                ("local_only", local_only),
-            )
-            if value is not None
-        }
+        kwargs: dict[str, Any] = {}
+
+        for attr_name, value in (
+            ("name", name),
+            ("group_ids", group_ids),
+            ("local_only", local_only),
+        ):
+            if value is not None:
+                kwargs[attr_name] = value
        await self._store.async_update_user(user, **kwargs)

        if is_active is not None:
@@ -386,13 +342,6 @@ class AuthManager:

        self.hass.bus.async_fire(EVENT_USER_UPDATED, {"user_id": user.id})

-    @callback
-    def async_update_user_credentials_data(
-        self, credentials: models.Credentials, data: dict[str, Any]
-    ) -> None:
-        """Update credentials data."""
-        self._store.async_update_user_credentials_data(credentials, data=data)
-
    async def async_activate_user(self, user: models.User) -> None:
        """Activate a user."""
        await self._store.async_activate_user(user)
@@ -474,11 +423,6 @@ class AuthManager:
            else:
                token_type = models.TOKEN_TYPE_NORMAL

-        if token_type is models.TOKEN_TYPE_NORMAL:
-            expire_at = time.time() + REFRESH_TOKEN_EXPIRATION
-        else:
-            expire_at = None
-
        if user.system_generated != (token_type == models.TOKEN_TYPE_SYSTEM):
            raise ValueError(
                "System generated users can only have system type refresh tokens"
@@ -510,88 +454,48 @@ class AuthManager:
            client_icon,
            token_type,
            access_token_expiration,
-            expire_at,
            credential,
        )

-    @callback
-    def async_get_refresh_token(self, token_id: str) -> models.RefreshToken | None:
+    async def async_get_refresh_token(
+        self, token_id: str
+    ) -> models.RefreshToken | None:
        """Get refresh token by id."""
-        return self._store.async_get_refresh_token(token_id)
+        return await self._store.async_get_refresh_token(token_id)

-    @callback
-    def async_get_refresh_token_by_token(
+    async def async_get_refresh_token_by_token(
        self, token: str
    ) -> models.RefreshToken | None:
        """Get refresh token by token."""
-        return self._store.async_get_refresh_token_by_token(token)
+        return await self._store.async_get_refresh_token_by_token(token)

-    @callback
-    def async_remove_refresh_token(self, refresh_token: models.RefreshToken) -> None:
+    async def async_remove_refresh_token(
+        self, refresh_token: models.RefreshToken
+    ) -> None:
        """Delete a refresh token."""
-        self._store.async_remove_refresh_token(refresh_token)
+        await self._store.async_remove_refresh_token(refresh_token)

-        callbacks = self._revoke_callbacks.pop(refresh_token.id, ())
+        callbacks = self._revoke_callbacks.pop(refresh_token.id, [])
        for revoke_callback in callbacks:
            revoke_callback()

-    @callback
-    def async_set_expiry(
-        self, refresh_token: models.RefreshToken, *, enable_expiry: bool
-    ) -> None:
-        """Enable or disable expiry of a refresh token."""
-        self._store.async_set_expiry(refresh_token, enable_expiry=enable_expiry)
-
-    @callback
-    def _async_remove_expired_refresh_tokens(self, _: datetime | None = None) -> None:
-        """Remove expired refresh tokens."""
-        now = time.time()
-        for token in self._store.async_get_refresh_tokens():
-            if (expire_at := token.expire_at) is not None and expire_at <= now:
-                self.async_remove_refresh_token(token)
-        self._async_track_next_refresh_token_expiration()
-
-    @callback
-    def _async_track_next_refresh_token_expiration(self) -> None:
-        """Initialise all token expiration scheduled tasks."""
-        next_expiration = time.time() + REFRESH_TOKEN_EXPIRATION
-        for token in self._store.async_get_refresh_tokens():
-            if (
-                expire_at := token.expire_at
-            ) is not None and expire_at < next_expiration:
-                next_expiration = expire_at
-
-        self._expire_callback = async_track_point_in_utc_time(
-            self.hass,
-            self._remove_expired_job,
-            dt_util.utc_from_timestamp(next_expiration),
-        )
-
-    @callback
-    def _async_cancel_expiration_schedule(self) -> None:
-        """Cancel tracking of expired refresh tokens."""
-        if self._expire_callback:
-            self._expire_callback()
-            self._expire_callback = None
-
-    @callback
-    def _async_unregister(
-        self, callbacks: set[CALLBACK_TYPE], callback_: CALLBACK_TYPE
-    ) -> None:
-        """Unregister a callback."""
-        callbacks.remove(callback_)
-
    @callback
    def async_register_revoke_token_callback(
        self, refresh_token_id: str, revoke_callback: CALLBACK_TYPE
    ) -> CALLBACK_TYPE:
        """Register a callback to be called when the refresh token id is revoked."""
        if refresh_token_id not in self._revoke_callbacks:
-            self._revoke_callbacks[refresh_token_id] = set()
+            self._revoke_callbacks[refresh_token_id] = []

        callbacks = self._revoke_callbacks[refresh_token_id]
-        callbacks.add(revoke_callback)
-        return partial(self._async_unregister, callbacks, revoke_callback)
+        callbacks.append(revoke_callback)
+
+        @callback
+        def unregister() -> None:
+            if revoke_callback in callbacks:
+                callbacks.remove(revoke_callback)
+
+        return unregister

    @callback
    def async_create_access_token(
@@ -648,15 +552,16 @@ class AuthManager:
        if provider := self._async_resolve_provider(refresh_token):
            provider.async_validate_refresh_token(refresh_token, remote_ip)

-    @callback
-    def async_validate_access_token(self, token: str) -> models.RefreshToken | None:
+    async def async_validate_access_token(
+        self, token: str
+    ) -> models.RefreshToken | None:
        """Return refresh token if an access token is valid."""
        try:
            unverif_claims = jwt_wrapper.unverified_hs256_token_decode(token)
        except jwt.InvalidTokenError:
            return None

-        refresh_token = self.async_get_refresh_token(
+        refresh_token = await self.async_get_refresh_token(
            cast(str, unverif_claims.get("iss"))
        )

--- a/homeassistant/auth/auth_store.py
+++ b/homeassistant/auth/auth_store.py
@@ -1,10 +1,10 @@
 """Storage for auth models."""
-
 from __future__ import annotations

+import asyncio
+from collections import OrderedDict
 from datetime import timedelta
 import hmac
-import itertools
 from logging import getLogger
 from typing import Any

@@ -19,7 +19,6 @@ from .const import (
    GROUP_ID_ADMIN,
    GROUP_ID_READ_ONLY,
    GROUP_ID_USER,
-    REFRESH_TOKEN_EXPIRATION,
 )
 from .permissions import system_policies
 from .permissions.models import PermissionLookup
@@ -31,17 +30,6 @@ GROUP_NAME_ADMIN = "Administrators"
 GROUP_NAME_USER = "Users"
 GROUP_NAME_READ_ONLY = "Read Only"

-# We always save the auth store after we load it since
-# we may migrate data and do not want to have to do it again
-# but we don't want to do it during startup so we schedule
-# the first save 5 minutes out knowing something else may
-# want to save the auth store before then, and since Storage
-# will honor the lower of the two delays, it will save it
-# faster if something else saves it.
-INITIAL_LOAD_SAVE_DELAY = 300
-
-DEFAULT_SAVE_DELAY = 1
-

 class AuthStore:
    """Stores authentication info.
@@ -55,29 +43,44 @@ class AuthStore:
    def __init__(self, hass: HomeAssistant) -> None:
        """Initialize the auth store."""
        self.hass = hass
-        self._loaded = False
-        self._users: dict[str, models.User] = None  # type: ignore[assignment]
-        self._groups: dict[str, models.Group] = None  # type: ignore[assignment]
-        self._perm_lookup: PermissionLookup = None  # type: ignore[assignment]
+        self._users: dict[str, models.User] | None = None
+        self._groups: dict[str, models.Group] | None = None
+        self._perm_lookup: PermissionLookup | None = None
        self._store = Store[dict[str, list[dict[str, Any]]]](
            hass, STORAGE_VERSION, STORAGE_KEY, private=True, atomic_writes=True
        )
-        self._token_id_to_user_id: dict[str, str] = {}
+        self._lock = asyncio.Lock()

    async def async_get_groups(self) -> list[models.Group]:
        """Retrieve all users."""
+        if self._groups is None:
+            await self._async_load()
+            assert self._groups is not None
+
        return list(self._groups.values())

    async def async_get_group(self, group_id: str) -> models.Group | None:
        """Retrieve all users."""
+        if self._groups is None:
+            await self._async_load()
+            assert self._groups is not None
+
        return self._groups.get(group_id)

    async def async_get_users(self) -> list[models.User]:
        """Retrieve all users."""
+        if self._users is None:
+            await self._async_load()
+            assert self._users is not None
+
        return list(self._users.values())

    async def async_get_user(self, user_id: str) -> models.User | None:
        """Retrieve a user by id."""
+        if self._users is None:
+            await self._async_load()
+            assert self._users is not None
+
        return self._users.get(user_id)

    async def async_create_user(
@@ -91,6 +94,12 @@ class AuthStore:
        local_only: bool | None = None,
    ) -> models.User:
        """Create a new user."""
+        if self._users is None:
+            await self._async_load()
+
+        assert self._users is not None
+        assert self._groups is not None
+
        groups = []
        for group_id in group_ids or []:
            if (group := self._groups.get(group_id)) is None:
@@ -105,18 +114,14 @@ class AuthStore:
            "perm_lookup": self._perm_lookup,
        }

-        kwargs.update(
-            {
-                attr_name: value
-                for attr_name, value in (
-                    ("is_owner", is_owner),
-                    ("is_active", is_active),
-                    ("local_only", local_only),
-                    ("system_generated", system_generated),
-                )
-                if value is not None
-            }
-        )
+        for attr_name, value in (
+            ("is_owner", is_owner),
+            ("is_active", is_active),
+            ("local_only", local_only),
+            ("system_generated", system_generated),
+        ):
+            if value is not None:
+                kwargs[attr_name] = value

        new_user = models.User(**kwargs)

@@ -140,10 +145,11 @@ class AuthStore:

    async def async_remove_user(self, user: models.User) -> None:
        """Remove a user."""
-        user = self._users.pop(user.id)
-        for refresh_token_id in user.refresh_tokens:
-            del self._token_id_to_user_id[refresh_token_id]
-        user.refresh_tokens.clear()
+        if self._users is None:
+            await self._async_load()
+            assert self._users is not None
+
+        self._users.pop(user.id)
        self._async_schedule_save()

    async def async_update_user(
@@ -155,6 +161,8 @@ class AuthStore:
        local_only: bool | None = None,
    ) -> None:
        """Update a user."""
+        assert self._groups is not None
+
        if group_ids is not None:
            groups = []
            for grid in group_ids:
@@ -163,6 +171,7 @@ class AuthStore:
                groups.append(group)

            user.groups = groups
+            user.invalidate_permission_cache()

        for attr_name, value in (
            ("name", name),
@@ -186,6 +195,10 @@ class AuthStore:

    async def async_remove_credentials(self, credentials: models.Credentials) -> None:
        """Remove credentials."""
+        if self._users is None:
+            await self._async_load()
+            assert self._users is not None
+
        for user in self._users.values():
            found = None

@@ -208,7 +221,6 @@ class AuthStore:
        client_icon: str | None = None,
        token_type: str = models.TOKEN_TYPE_NORMAL,
        access_token_expiration: timedelta = ACCESS_TOKEN_EXPIRATION,
-        expire_at: float | None = None,
        credential: models.Credentials | None = None,
    ) -> models.RefreshToken:
        """Create a new token for a user."""
@@ -217,7 +229,6 @@ class AuthStore:
            "client_id": client_id,
            "token_type": token_type,
            "access_token_expiration": access_token_expiration,
-            "expire_at": expire_at,
            "credential": credential,
        }
        if client_name:
@@ -226,34 +237,47 @@ class AuthStore:
            kwargs["client_icon"] = client_icon

        refresh_token = models.RefreshToken(**kwargs)
-        token_id = refresh_token.id
-        user.refresh_tokens[token_id] = refresh_token
-        self._token_id_to_user_id[token_id] = user.id
+        user.refresh_tokens[refresh_token.id] = refresh_token

        self._async_schedule_save()
        return refresh_token

-    @callback
-    def async_remove_refresh_token(self, refresh_token: models.RefreshToken) -> None:
+    async def async_remove_refresh_token(
+        self, refresh_token: models.RefreshToken
+    ) -> None:
        """Remove a refresh token."""
-        refresh_token_id = refresh_token.id
-        if user_id := self._token_id_to_user_id.get(refresh_token_id):
-            del self._users[user_id].refresh_tokens[refresh_token_id]
-            del self._token_id_to_user_id[refresh_token_id]
-            self._async_schedule_save()
+        if self._users is None:
+            await self._async_load()
+            assert self._users is not None

-    @callback
-    def async_get_refresh_token(self, token_id: str) -> models.RefreshToken | None:
+        for user in self._users.values():
+            if user.refresh_tokens.pop(refresh_token.id, None):
+                self._async_schedule_save()
+                break
+
+    async def async_get_refresh_token(
+        self, token_id: str
+    ) -> models.RefreshToken | None:
        """Get refresh token by id."""
-        if user_id := self._token_id_to_user_id.get(token_id):
-            return self._users[user_id].refresh_tokens.get(token_id)
+        if self._users is None:
+            await self._async_load()
+            assert self._users is not None
+
+        for user in self._users.values():
+            refresh_token = user.refresh_tokens.get(token_id)
+            if refresh_token is not None:
+                return refresh_token
+
        return None

-    @callback
-    def async_get_refresh_token_by_token(
+    async def async_get_refresh_token_by_token(
        self, token: str
    ) -> models.RefreshToken | None:
        """Get refresh token by token."""
+        if self._users is None:
+            await self._async_load()
+            assert self._users is not None
+
        found = None

        for user in self._users.values():
@@ -263,15 +287,6 @@ class AuthStore:

        return found

-    @callback
-    def async_get_refresh_tokens(self) -> list[models.RefreshToken]:
-        """Get all refresh tokens."""
-        return list(
-            itertools.chain.from_iterable(
-                user.refresh_tokens.values() for user in self._users.values()
-            )
-        )
-
    @callback
    def async_log_refresh_token_usage(
        self, refresh_token: models.RefreshToken, remote_ip: str | None = None
@@ -279,55 +294,35 @@ class AuthStore:
        """Update refresh token last used information."""
        refresh_token.last_used_at = dt_util.utcnow()
        refresh_token.last_used_ip = remote_ip
-        if refresh_token.expire_at:
-            refresh_token.expire_at = (
-                refresh_token.last_used_at.timestamp() + REFRESH_TOKEN_EXPIRATION
-            )
        self._async_schedule_save()

-    @callback
-    def async_set_expiry(
-        self, refresh_token: models.RefreshToken, *, enable_expiry: bool
-    ) -> None:
-        """Enable or disable expiry of a refresh token."""
-        if enable_expiry:
-            if refresh_token.expire_at is None:
-                refresh_token.expire_at = (
-                    refresh_token.last_used_at or dt_util.utcnow()
-                ).timestamp() + REFRESH_TOKEN_EXPIRATION
-                self._async_schedule_save()
-        else:
-            refresh_token.expire_at = None
-            self._async_schedule_save()
-
-    @callback
-    def async_update_user_credentials_data(
-        self, credentials: models.Credentials, data: dict[str, Any]
-    ) -> None:
-        """Update credentials data."""
-        credentials.data = data
-        self._async_schedule_save()
-
-    async def async_load(self) -> None:
+    async def _async_load(self) -> None:
        """Load the users."""
-        if self._loaded:
-            raise RuntimeError("Auth storage is already loaded")
-        self._loaded = True
+        async with self._lock:
+            if self._users is not None:
+                return
+            await self._async_load_task()

+    async def _async_load_task(self) -> None:
+        """Load the users."""
        dev_reg = dr.async_get(self.hass)
        ent_reg = er.async_get(self.hass)
        data = await self._store.async_load()

-        perm_lookup = PermissionLookup(ent_reg, dev_reg)
-        self._perm_lookup = perm_lookup
+        # Make sure that we're not overriding data if 2 loads happened at the
+        # same time
+        if self._users is not None:
+            return
+
+        self._perm_lookup = perm_lookup = PermissionLookup(ent_reg, dev_reg)

        if data is None or not isinstance(data, dict):
            self._set_defaults()
            return

-        users: dict[str, models.User] = {}
-        groups: dict[str, models.Group] = {}
-        credentials: dict[str, models.Credentials] = {}
+        users: dict[str, models.User] = OrderedDict()
+        groups: dict[str, models.Group] = OrderedDict()
+        credentials: dict[str, models.Credentials] = OrderedDict()

        # Soft-migrating data as we load. We are going to make sure we have a
        # read only group and an admin group. There are two states that we can
@@ -490,7 +485,6 @@ class AuthStore:
                jwt_key=rt_dict["jwt_key"],
                last_used_at=last_used_at,
                last_used_ip=rt_dict.get("last_used_ip"),
-                expire_at=rt_dict.get("expire_at"),
                version=rt_dict.get("version"),
            )
            if "credential_id" in rt_dict:
@@ -499,26 +493,21 @@ class AuthStore:

        self._groups = groups
        self._users = users
-        self._build_token_id_to_user_id()
-        self._async_schedule_save(INITIAL_LOAD_SAVE_DELAY)

    @callback
-    def _build_token_id_to_user_id(self) -> None:
-        """Build a map of token id to user id."""
-        self._token_id_to_user_id = {
-            token_id: user_id
-            for user_id, user in self._users.items()
-            for token_id in user.refresh_tokens
-        }
-
-    @callback
-    def _async_schedule_save(self, delay: float = DEFAULT_SAVE_DELAY) -> None:
+    def _async_schedule_save(self) -> None:
        """Save users."""
-        self._store.async_delay_save(self._data_to_save, delay)
+        if self._users is None:
+            return
+
+        self._store.async_delay_save(self._data_to_save, 1)

    @callback
    def _data_to_save(self) -> dict[str, list[dict[str, Any]]]:
        """Return the data to store."""
+        assert self._users is not None
+        assert self._groups is not None
+
        users = [
            {
                "id": user.id,
@@ -575,7 +564,6 @@ class AuthStore:
                if refresh_token.last_used_at
                else None,
                "last_used_ip": refresh_token.last_used_ip,
-                "expire_at": refresh_token.expire_at,
                "credential_id": refresh_token.credential.id
                if refresh_token.credential
                else None,
@@ -594,9 +582,9 @@ class AuthStore:

    def _set_defaults(self) -> None:
        """Set default values for auth store."""
-        self._users = {}
+        self._users = OrderedDict()

-        groups: dict[str, models.Group] = {}
+        groups: dict[str, models.Group] = OrderedDict()
        admin_group = _system_admin_group()
        groups[admin_group.id] = admin_group
        user_group = _system_user_group()
@@ -604,7 +592,6 @@ class AuthStore:
        read_only_group = _system_read_only_group()
        groups[read_only_group.id] = read_only_group
        self._groups = groups
-        self._build_token_id_to_user_id()


 def _system_admin_group() -> models.Group:
--- a/homeassistant/auth/const.py
+++ b/homeassistant/auth/const.py
@@ -1,10 +1,8 @@
 """Constants for the auth module."""
-
 from datetime import timedelta

 ACCESS_TOKEN_EXPIRATION = timedelta(minutes=30)
 MFA_SESSION_EXPIRATION = timedelta(minutes=5)
-REFRESH_TOKEN_EXPIRATION = timedelta(days=90).total_seconds()

 GROUP_ID_ADMIN = "system-admin"
 GROUP_ID_USER = "system-users"
--- a/homeassistant/auth/jwt_wrapper.py
+++ b/homeassistant/auth/jwt_wrapper.py
@@ -4,7 +4,6 @@ Since we decode the same tokens over and over again
 we can cache the result of the decode of valid tokens
 to speed up the process.
 """
-
 from __future__ import annotations

 from datetime import timedelta
@@ -18,7 +17,7 @@ from homeassistant.util.json import json_loads
 JWT_TOKEN_CACHE_SIZE = 16
 MAX_TOKEN_SIZE = 8192

-_VERIFY_KEYS = ("signature", "exp", "nbf", "iat", "aud", "iss", "sub", "jti")
+_VERIFY_KEYS = ("signature", "exp", "nbf", "iat", "aud", "iss")

 _VERIFY_OPTIONS: dict[str, Any] = {f"verify_{key}": True for key in _VERIFY_KEYS} | {
    "require": []
@@ -78,7 +77,7 @@ class _PyJWTWithVerify(PyJWT):
        key: str,
        algorithms: list[str],
        issuer: str | None = None,
-        leeway: float | timedelta = 0,
+        leeway: int | float | timedelta = 0,
        options: dict[str, Any] | None = None,
    ) -> dict[str, Any]:
        """Verify a JWT's signature and claims."""
--- a/homeassistant/auth/mfa_modules/init.py
+++ b/homeassistant/auth/mfa_modules/init.py
@@ -1,7 +1,7 @@
 """Pluggable auth modules for Home Assistant."""
-
 from __future__ import annotations

+import importlib
 import logging
 import types
 from typing import Any
@@ -14,9 +14,7 @@ from homeassistant.const import CONF_ID, CONF_NAME, CONF_TYPE
 from homeassistant.core import HomeAssistant
 from homeassistant.data_entry_flow import FlowResult
 from homeassistant.exceptions import HomeAssistantError
-from homeassistant.helpers.importlib import async_import_module
 from homeassistant.util.decorator import Registry
-from homeassistant.util.hass_dict import HassKey

 MULTI_FACTOR_AUTH_MODULES: Registry[str, type[MultiFactorAuthModule]] = Registry()

@@ -30,7 +28,7 @@ MULTI_FACTOR_AUTH_MODULE_SCHEMA = vol.Schema(
    extra=vol.ALLOW_EXTRA,
 )

-DATA_REQS: HassKey[set[str]] = HassKey("mfa_auth_module_reqs_processed")
+DATA_REQS = "mfa_auth_module_reqs_processed"

 _LOGGER = logging.getLogger(__name__)

@@ -71,7 +69,7 @@ class MultiFactorAuthModule:
        """Return a voluptuous schema to define mfa auth module's input."""
        raise NotImplementedError

-    async def async_setup_flow(self, user_id: str) -> SetupFlow[Any]:
+    async def async_setup_flow(self, user_id: str) -> SetupFlow:
        """Return a data entry flow handler for setup module.

        Mfa module should extend SetupFlow
@@ -95,16 +93,11 @@ class MultiFactorAuthModule:
        raise NotImplementedError


-class SetupFlow[_MultiFactorAuthModuleT: MultiFactorAuthModule = MultiFactorAuthModule](
-    data_entry_flow.FlowHandler
-):
+class SetupFlow(data_entry_flow.FlowHandler):
    """Handler for the setup flow."""

    def __init__(
-        self,
-        auth_module: _MultiFactorAuthModuleT,
-        setup_schema: vol.Schema,
-        user_id: str,
+        self, auth_module: MultiFactorAuthModule, setup_schema: vol.Schema, user_id: str
    ) -> None:
        """Initialize the setup flow."""
        self._auth_module = auth_module
@@ -155,7 +148,7 @@ async def _load_mfa_module(hass: HomeAssistant, module_name: str) -> types.Modul
    module_path = f"homeassistant.auth.mfa_modules.{module_name}"

    try:
-        module = await async_import_module(hass, module_path)
+        module = importlib.import_module(module_path)
    except ImportError as err:
        _LOGGER.error("Unable to load mfa module %s: %s", module_name, err)
        raise HomeAssistantError(
--- a/homeassistant/auth/mfa_modules/insecure_example.py
+++ b/homeassistant/auth/mfa_modules/insecure_example.py
@@ -1,5 +1,4 @@
 """Example auth module."""
-
 from __future__ import annotations

 from typing import Any
--- a/homeassistant/auth/mfa_modules/notify.py
+++ b/homeassistant/auth/mfa_modules/notify.py
@@ -2,7 +2,6 @@

 Sending HOTP through notify service
 """
-
 from __future__ import annotations

 import asyncio
@@ -52,28 +51,28 @@ _LOGGER = logging.getLogger(__name__)

 def _generate_secret() -> str:
    """Generate a secret."""
-    import pyotp  # noqa: PLC0415
+    import pyotp  # pylint: disable=import-outside-toplevel

    return str(pyotp.random_base32())


 def _generate_random() -> int:
    """Generate a 32 digit number."""
-    import pyotp  # noqa: PLC0415
+    import pyotp  # pylint: disable=import-outside-toplevel

    return int(pyotp.random_base32(length=32, chars=list("1234567890")))


 def _generate_otp(secret: str, count: int) -> str:
    """Generate one time password."""
-    import pyotp  # noqa: PLC0415
+    import pyotp  # pylint: disable=import-outside-toplevel

    return str(pyotp.HOTP(secret).at(count))


 def _verify_otp(secret: str, otp: str, count: int) -> bool:
    """Verify one time password."""
-    import pyotp  # noqa: PLC0415
+    import pyotp  # pylint: disable=import-outside-toplevel

    return bool(pyotp.HOTP(secret).verify(otp, count))

@@ -88,7 +87,7 @@ class NotifySetting:
    target: str | None = attr.ib(default=None)


-type _UsersDict = dict[str, NotifySetting]
+_UsersDict = dict[str, NotifySetting]


@MULTI_FACTOR_AUTH_MODULES.register("notify")
@@ -153,7 +152,7 @@ class NotifyAuthModule(MultiFactorAuthModule):
        """Return list of notify services."""
        unordered_services = set()

-        for service in self.hass.services.async_services_for_domain("notify"):
+        for service in self.hass.services.async_services().get("notify", {}):
            if service not in self._exclude:
                unordered_services.add(service)

@@ -162,7 +161,7 @@ class NotifyAuthModule(MultiFactorAuthModule):

        return sorted(unordered_services)

-    async def async_setup_flow(self, user_id: str) -> NotifySetupFlow:
+    async def async_setup_flow(self, user_id: str) -> SetupFlow:
        """Return a data entry flow handler for setup module.

        Mfa module should extend SetupFlow
@@ -268,7 +267,7 @@ class NotifyAuthModule(MultiFactorAuthModule):
        await self.hass.services.async_call("notify", notify_service, data)


-class NotifySetupFlow(SetupFlow[NotifyAuthModule]):
+class NotifySetupFlow(SetupFlow):
    """Handler for the setup flow."""

    def __init__(
@@ -280,6 +279,8 @@ class NotifySetupFlow(SetupFlow[NotifyAuthModule]):
    ) -> None:
        """Initialize the setup flow."""
        super().__init__(auth_module, setup_schema, user_id)
+        # to fix typing complaint
+        self._auth_module: NotifyAuthModule = auth_module
        self._available_notify_services = available_notify_services
        self._secret: str | None = None
        self._count: int | None = None
--- a/homeassistant/auth/mfa_modules/totp.py
+++ b/homeassistant/auth/mfa_modules/totp.py
@@ -1,5 +1,4 @@
 """Time-based One Time Password auth module."""
-
 from __future__ import annotations

 import asyncio
@@ -37,7 +36,7 @@ DUMMY_SECRET = "FPPTH34D4E3MI2HG"

 def _generate_qr_code(data: str) -> str:
    """Generate a base64 PNG string represent QR Code image of data."""
-    import pyqrcode  # noqa: PLC0415
+    import pyqrcode  # pylint: disable=import-outside-toplevel

    qr_code = pyqrcode.create(data)

@@ -59,7 +58,7 @@ def _generate_qr_code(data: str) -> str:

 def _generate_secret_and_qr_code(username: str) -> tuple[str, str, str]:
    """Generate a secret, url, and QR code."""
-    import pyotp  # noqa: PLC0415
+    import pyotp  # pylint: disable=import-outside-toplevel

    ota_secret = pyotp.random_base32()
    url = pyotp.totp.TOTP(ota_secret).provisioning_uri(
@@ -107,14 +106,14 @@ class TotpAuthModule(MultiFactorAuthModule):

    def _add_ota_secret(self, user_id: str, secret: str | None = None) -> str:
        """Create a ota_secret for user."""
-        import pyotp  # noqa: PLC0415
+        import pyotp  # pylint: disable=import-outside-toplevel

        ota_secret: str = secret or pyotp.random_base32()

        self._users[user_id] = ota_secret  # type: ignore[index]
        return ota_secret

-    async def async_setup_flow(self, user_id: str) -> TotpSetupFlow:
+    async def async_setup_flow(self, user_id: str) -> SetupFlow:
        """Return a data entry flow handler for setup module.

        Mfa module should extend SetupFlow
@@ -163,7 +162,7 @@ class TotpAuthModule(MultiFactorAuthModule):

    def _validate_2fa(self, user_id: str, code: str) -> bool:
        """Validate two factor authentication code."""
-        import pyotp  # noqa: PLC0415
+        import pyotp  # pylint: disable=import-outside-toplevel

        if (ota_secret := self._users.get(user_id)) is None:  # type: ignore[union-attr]
            # even we cannot find user, we still do verify
@@ -174,19 +173,20 @@ class TotpAuthModule(MultiFactorAuthModule):
        return bool(pyotp.TOTP(ota_secret).verify(code, valid_window=1))


-class TotpSetupFlow(SetupFlow[TotpAuthModule]):
+class TotpSetupFlow(SetupFlow):
    """Handler for the setup flow."""

-    _ota_secret: str
-    _url: str
-    _image: str
-
    def __init__(
        self, auth_module: TotpAuthModule, setup_schema: vol.Schema, user: User
    ) -> None:
        """Initialize the setup flow."""
        super().__init__(auth_module, setup_schema, user.id)
+        # to fix typing complaint
+        self._auth_module: TotpAuthModule = auth_module
        self._user = user
+        self._ota_secret: str = ""
+        self._url: str | None = None
+        self._image: str | None = None

    async def async_step_init(
        self, user_input: dict[str, str] | None = None
@@ -196,7 +196,7 @@ class TotpSetupFlow(SetupFlow[TotpAuthModule]):
        Return self.async_show_form(step_id='init') if user_input is None.
        Return self.async_create_entry(data={'result': result}) if finish.
        """
-        import pyotp  # noqa: PLC0415
+        import pyotp  # pylint: disable=import-outside-toplevel

        errors: dict[str, str] = {}

@@ -213,11 +213,12 @@ class TotpSetupFlow(SetupFlow[TotpAuthModule]):
            errors["base"] = "invalid_code"

        else:
+            hass = self._auth_module.hass
            (
                self._ota_secret,
                self._url,
                self._image,
-            ) = await self._auth_module.hass.async_add_executor_job(
+            ) = await hass.async_add_executor_job(
                _generate_secret_and_qr_code,
                str(self._user.name),
            )
--- a/homeassistant/auth/models.py
+++ b/homeassistant/auth/models.py
@@ -1,20 +1,14 @@
 """Auth models."""
-
 from __future__ import annotations

 from datetime import datetime, timedelta
-from ipaddress import IPv4Address, IPv6Address
 import secrets
-from typing import Any, NamedTuple
+from typing import NamedTuple
 import uuid

 import attr
-from attr import Attribute
-from attr.setters import validate
-from propcache.api import cached_property

 from homeassistant.const import __version__
-from homeassistant.data_entry_flow import FlowContext, FlowResult
 from homeassistant.util import dt as dt_util

 from . import permissions as perm_mdl
@@ -25,17 +19,6 @@ TOKEN_TYPE_SYSTEM = "system"
 TOKEN_TYPE_LONG_LIVED_ACCESS_TOKEN = "long_lived_access_token"


-class AuthFlowContext(FlowContext, total=False):
-    """Typed context dict for auth flow."""
-
-    credential_only: bool
-    ip_address: IPv4Address | IPv6Address
-    redirect_uri: str
-
-
-AuthFlowResult = FlowResult[AuthFlowContext, tuple[str, str]]
-
-
@attr.s(slots=True)
 class Group:
    """A group."""
@@ -46,27 +29,19 @@ class Group:
    system_generated: bool = attr.ib(default=False)


-def _handle_permissions_change(self: User, user_attr: Attribute, new: Any) -> Any:
-    """Handle a change to a permissions."""
-    self.invalidate_cache()
-    return validate(self, user_attr, new)
-
-
-@attr.s(slots=False)
+@attr.s(slots=True)
 class User:
    """A user."""

    name: str | None = attr.ib()
    perm_lookup: perm_mdl.PermissionLookup = attr.ib(eq=False, order=False)
    id: str = attr.ib(factory=lambda: uuid.uuid4().hex)
-    is_owner: bool = attr.ib(default=False, on_setattr=_handle_permissions_change)
-    is_active: bool = attr.ib(default=False, on_setattr=_handle_permissions_change)
+    is_owner: bool = attr.ib(default=False)
+    is_active: bool = attr.ib(default=False)
    system_generated: bool = attr.ib(default=False)
    local_only: bool = attr.ib(default=False)

-    groups: list[Group] = attr.ib(
-        factory=list, eq=False, order=False, on_setattr=_handle_permissions_change
-    )
+    groups: list[Group] = attr.ib(factory=list, eq=False, order=False)

    # List of credentials of a user.
    credentials: list[Credentials] = attr.ib(factory=list, eq=False, order=False)
@@ -76,27 +51,40 @@ class User:
        factory=dict, eq=False, order=False
    )

-    @cached_property
+    _permissions: perm_mdl.PolicyPermissions | None = attr.ib(
+        init=False,
+        eq=False,
+        order=False,
+        default=None,
+    )
+
+    @property
    def permissions(self) -> perm_mdl.AbstractPermissions:
        """Return permissions object for user."""
        if self.is_owner:
            return perm_mdl.OwnerPermissions
-        return perm_mdl.PolicyPermissions(
+
+        if self._permissions is not None:
+            return self._permissions
+
+        self._permissions = perm_mdl.PolicyPermissions(
            perm_mdl.merge_policies([group.policy for group in self.groups]),
            self.perm_lookup,
        )

-    @cached_property
+        return self._permissions
+
+    @property
    def is_admin(self) -> bool:
        """Return if user is part of the admin group."""
-        return self.is_owner or (
-            self.is_active and any(gr.id == GROUP_ID_ADMIN for gr in self.groups)
-        )
+        if self.is_owner:
+            return True

-    def invalidate_cache(self) -> None:
-        """Invalidate permission and is_admin cache."""
-        for attr_to_invalidate in ("permissions", "is_admin"):
-            self.__dict__.pop(attr_to_invalidate, None)
+        return self.is_active and any(gr.id == GROUP_ID_ADMIN for gr in self.groups)
+
+    def invalidate_permission_cache(self) -> None:
+        """Invalidate permission cache."""
+        self._permissions = None


@attr.s(slots=True)
@@ -122,8 +110,6 @@ class RefreshToken:
    last_used_at: datetime | None = attr.ib(default=None)
    last_used_ip: str | None = attr.ib(default=None)

-    expire_at: float | None = attr.ib(default=None)
-
    credential: Credentials | None = attr.ib(default=None)

    version: str | None = attr.ib(default=__version__)
--- a/homeassistant/auth/permissions/init.py
+++ b/homeassistant/auth/permissions/init.py
@@ -1,8 +1,8 @@
 """Permissions for Home Assistant."""
-
 from __future__ import annotations

 from collections.abc import Callable
+from typing import Any

 import voluptuous as vol

@@ -17,12 +17,12 @@ POLICY_SCHEMA = vol.Schema({vol.Optional(CAT_ENTITIES): ENTITY_POLICY_SCHEMA})

 __all__ = [
    "POLICY_SCHEMA",
-    "AbstractPermissions",
-    "OwnerPermissions",
-    "PermissionLookup",
-    "PolicyPermissions",
-    "PolicyType",
    "merge_policies",
+    "PermissionLookup",
+    "PolicyType",
+    "AbstractPermissions",
+    "PolicyPermissions",
+    "OwnerPermissions",
 ]


@@ -63,7 +63,7 @@ class PolicyPermissions(AbstractPermissions):
        """Return a function that can test entity access."""
        return compile_entities(self._policy.get(CAT_ENTITIES), self._perm_lookup)

-    def __eq__(self, other: object) -> bool:
+    def __eq__(self, other: Any) -> bool:
        """Equals check."""
        return isinstance(other, PolicyPermissions) and other._policy == self._policy

--- a/homeassistant/auth/permissions/const.py
+++ b/homeassistant/auth/permissions/const.py
@@ -1,5 +1,4 @@
 """Permission constants."""
-
 CAT_ENTITIES = "entities"
 CAT_CONFIG_ENTRIES = "config_entries"
 SUBCAT_ALL = "all"
--- a/homeassistant/auth/permissions/entities.py
+++ b/homeassistant/auth/permissions/entities.py
@@ -1,5 +1,4 @@
 """Entity permissions."""
-
 from __future__ import annotations

 from collections import OrderedDict
--- a/homeassistant/auth/permissions/events.py
+++ b/homeassistant/auth/permissions/events.py
@@ -1,8 +1,7 @@
 """Permission for events."""
-
 from __future__ import annotations

-from typing import Any, Final
+from typing import Final

 from homeassistant.const import (
    EVENT_COMPONENT_LOADED,
@@ -18,17 +17,13 @@ from homeassistant.const import (
    EVENT_THEMES_UPDATED,
 )
 from homeassistant.helpers.area_registry import EVENT_AREA_REGISTRY_UPDATED
-from homeassistant.helpers.category_registry import EVENT_CATEGORY_REGISTRY_UPDATED
 from homeassistant.helpers.device_registry import EVENT_DEVICE_REGISTRY_UPDATED
 from homeassistant.helpers.entity_registry import EVENT_ENTITY_REGISTRY_UPDATED
-from homeassistant.helpers.floor_registry import EVENT_FLOOR_REGISTRY_UPDATED
 from homeassistant.helpers.issue_registry import EVENT_REPAIRS_ISSUE_REGISTRY_UPDATED
-from homeassistant.helpers.label_registry import EVENT_LABEL_REGISTRY_UPDATED
-from homeassistant.util.event_type import EventType

 # These are events that do not contain any sensitive data
 # Except for state_changed, which is handled accordingly.
-SUBSCRIBE_ALLOWLIST: Final[set[EventType[Any] | str]] = {
+SUBSCRIBE_ALLOWLIST: Final[set[str]] = {
    EVENT_AREA_REGISTRY_UPDATED,
    EVENT_COMPONENT_LOADED,
    EVENT_CORE_CONFIG_UPDATE,
@@ -44,7 +39,4 @@ SUBSCRIBE_ALLOWLIST: Final[set[EventType[Any] | str]] = {
    EVENT_SHOPPING_LIST_UPDATED,
    EVENT_STATE_CHANGED,
    EVENT_THEMES_UPDATED,
-    EVENT_LABEL_REGISTRY_UPDATED,
-    EVENT_CATEGORY_REGISTRY_UPDATED,
-    EVENT_FLOOR_REGISTRY_UPDATED,
 }
--- a/homeassistant/auth/permissions/merge.py
+++ b/homeassistant/auth/permissions/merge.py
@@ -1,5 +1,4 @@
 """Merging of policies."""
-
 from __future__ import annotations

 from typing import cast
@@ -58,7 +57,10 @@ def _merge_policies(sources: list[CategoryType]) -> CategoryType:
                continue
            seen.add(key)

-            key_sources = [src.get(key) for src in sources if isinstance(src, dict)]
+            key_sources = []
+            for src in sources:
+                if isinstance(src, dict):
+                    key_sources.append(src.get(key))

            policy[key] = _merge_policies(key_sources)

--- a/homeassistant/auth/permissions/models.py
+++ b/homeassistant/auth/permissions/models.py
@@ -1,5 +1,4 @@
 """Models for permissions."""
-
 from __future__ import annotations

 from typing import TYPE_CHECKING
--- a/homeassistant/auth/permissions/system_policies.py
+++ b/homeassistant/auth/permissions/system_policies.py
@@ -1,5 +1,4 @@
 """System policies."""
-
 from .const import CAT_ENTITIES, POLICY_READ, SUBCAT_ALL

 ADMIN_POLICY = {CAT_ENTITIES: True}
--- a/homeassistant/auth/permissions/types.py
+++ b/homeassistant/auth/permissions/types.py
@@ -1,20 +1,19 @@
 """Common code for permissions."""
-
 from collections.abc import Mapping

 # MyPy doesn't support recursion yet. So writing it out as far as we need.

-type ValueType = (
+ValueType = (
    # Example: entities.all = { read: true, control: true }
    Mapping[str, bool] | bool | None
 )

 # Example: entities.domains = { light: … }
-type SubCategoryDict = Mapping[str, ValueType]
+SubCategoryDict = Mapping[str, ValueType]

-type SubCategoryType = SubCategoryDict | bool | None
+SubCategoryType = SubCategoryDict | bool | None

-type CategoryType = (
+CategoryType = (
    # Example: entities.domains
    Mapping[str, SubCategoryType]
    # Example: entities.all
@@ -24,4 +23,4 @@ type CategoryType = (
 )

 # Example: { entities: … }
-type PolicyType = Mapping[str, CategoryType]
+PolicyType = Mapping[str, CategoryType]
--- a/homeassistant/auth/permissions/util.py
+++ b/homeassistant/auth/permissions/util.py
@@ -1,5 +1,4 @@
 """Helpers to deal with permissions."""
-
 from __future__ import annotations

 from collections.abc import Callable
@@ -10,8 +9,8 @@ from .const import SUBCAT_ALL
 from .models import PermissionLookup
 from .types import CategoryType, SubCategoryDict, ValueType

-type LookupFunc = Callable[[PermissionLookup, SubCategoryDict, str], ValueType | None]
-type SubCatLookupType = dict[str, LookupFunc]
+LookupFunc = Callable[[PermissionLookup, SubCategoryDict, str], ValueType | None]
+SubCatLookupType = dict[str, LookupFunc]


 def lookup_all(
--- a/homeassistant/auth/providers/init.py
+++ b/homeassistant/auth/providers/init.py
@@ -1,8 +1,8 @@
 """Auth providers for Home Assistant."""
-
 from __future__ import annotations

 from collections.abc import Mapping
+import importlib
 import logging
 import types
 from typing import Any
@@ -10,29 +10,20 @@ from typing import Any
 import voluptuous as vol
 from voluptuous.humanize import humanize_error

-from homeassistant import requirements
+from homeassistant import data_entry_flow, requirements
 from homeassistant.const import CONF_ID, CONF_NAME, CONF_TYPE
 from homeassistant.core import HomeAssistant, callback
-from homeassistant.data_entry_flow import FlowHandler
+from homeassistant.data_entry_flow import FlowResult
 from homeassistant.exceptions import HomeAssistantError
-from homeassistant.helpers.importlib import async_import_module
 from homeassistant.util import dt as dt_util
 from homeassistant.util.decorator import Registry
-from homeassistant.util.hass_dict import HassKey

 from ..auth_store import AuthStore
 from ..const import MFA_SESSION_EXPIRATION
-from ..models import (
-    AuthFlowContext,
-    AuthFlowResult,
-    Credentials,
-    RefreshToken,
-    User,
-    UserMeta,
-)
+from ..models import Credentials, RefreshToken, User, UserMeta

 _LOGGER = logging.getLogger(__name__)
-DATA_REQS: HassKey[set[str]] = HassKey("auth_prov_reqs_processed")
+DATA_REQS = "auth_prov_reqs_processed"

 AUTH_PROVIDERS: Registry[str, type[AuthProvider]] = Registry()

@@ -105,7 +96,7 @@ class AuthProvider:

    # Implement by extending class

-    async def async_login_flow(self, context: AuthFlowContext | None) -> LoginFlow[Any]:
+    async def async_login_flow(self, context: dict[str, Any] | None) -> LoginFlow:
        """Return the data flow for logging in with auth provider.

        Auth provider should extend LoginFlow and return an instance.
@@ -166,9 +157,7 @@ async def load_auth_provider_module(
 ) -> types.ModuleType:
    """Load an auth provider."""
    try:
-        module = await async_import_module(
-            hass, f"homeassistant.auth.providers.{provider}"
-        )
+        module = importlib.import_module(f"homeassistant.auth.providers.{provider}")
    except ImportError as err:
        _LOGGER.error("Unable to load auth provider %s: %s", provider, err)
        raise HomeAssistantError(
@@ -192,14 +181,10 @@ async def load_auth_provider_module(
    return module


-class LoginFlow[_AuthProviderT: AuthProvider = AuthProvider](
-    FlowHandler[AuthFlowContext, AuthFlowResult, tuple[str, str]],
-):
+class LoginFlow(data_entry_flow.FlowHandler):
    """Handler for the login flow."""

-    _flow_result = AuthFlowResult
-
-    def __init__(self, auth_provider: _AuthProviderT) -> None:
+    def __init__(self, auth_provider: AuthProvider) -> None:
        """Initialize the login flow."""
        self._auth_provider = auth_provider
        self._auth_module_id: str | None = None
@@ -212,7 +197,7 @@ class LoginFlow[_AuthProviderT: AuthProvider = AuthProvider](

    async def async_step_init(
        self, user_input: dict[str, str] | None = None
-    ) -> AuthFlowResult:
+    ) -> FlowResult:
        """Handle the first step of login flow.

        Return self.async_show_form(step_id='init') if user_input is None.
@@ -222,7 +207,7 @@ class LoginFlow[_AuthProviderT: AuthProvider = AuthProvider](

    async def async_step_select_mfa_module(
        self, user_input: dict[str, str] | None = None
-    ) -> AuthFlowResult:
+    ) -> FlowResult:
        """Handle the step of select mfa module."""
        errors = {}

@@ -247,7 +232,7 @@ class LoginFlow[_AuthProviderT: AuthProvider = AuthProvider](

    async def async_step_mfa(
        self, user_input: dict[str, str] | None = None
-    ) -> AuthFlowResult:
+    ) -> FlowResult:
        """Handle the step of mfa validation."""
        assert self.credential
        assert self.user
@@ -297,6 +282,6 @@ class LoginFlow[_AuthProviderT: AuthProvider = AuthProvider](
            errors=errors,
        )

-    async def async_finish(self, flow_result: Any) -> AuthFlowResult:
+    async def async_finish(self, flow_result: Any) -> FlowResult:
        """Handle the pass of login flow."""
        return self.async_create_entry(data=flow_result)
--- a/homeassistant/auth/providers/command_line.py
+++ b/homeassistant/auth/providers/command_line.py
@@ -1,19 +1,19 @@
 """Auth provider that validates credentials via an external command."""
-
 from __future__ import annotations

 import asyncio
 from collections.abc import Mapping
 import logging
 import os
-from typing import Any
+from typing import Any, cast

 import voluptuous as vol

 from homeassistant.const import CONF_COMMAND
+from homeassistant.data_entry_flow import FlowResult
 from homeassistant.exceptions import HomeAssistantError

-from ..models import AuthFlowContext, AuthFlowResult, Credentials, UserMeta
+from ..models import Credentials, UserMeta
 from . import AUTH_PROVIDER_SCHEMA, AUTH_PROVIDERS, AuthProvider, LoginFlow

 CONF_ARGS = "args"
@@ -59,9 +59,7 @@ class CommandLineAuthProvider(AuthProvider):
        super().__init__(*args, **kwargs)
        self._user_meta: dict[str, dict[str, Any]] = {}

-    async def async_login_flow(
-        self, context: AuthFlowContext | None
-    ) -> CommandLineLoginFlow:
+    async def async_login_flow(self, context: dict[str, Any] | None) -> LoginFlow:
        """Return a flow to login."""
        return CommandLineLoginFlow(self)

@@ -135,21 +133,21 @@ class CommandLineAuthProvider(AuthProvider):
        )


-class CommandLineLoginFlow(LoginFlow[CommandLineAuthProvider]):
+class CommandLineLoginFlow(LoginFlow):
    """Handler for the login flow."""

    async def async_step_init(
        self, user_input: dict[str, str] | None = None
-    ) -> AuthFlowResult:
+    ) -> FlowResult:
        """Handle the step of the form."""
        errors = {}

        if user_input is not None:
            user_input["username"] = user_input["username"].strip()
            try:
-                await self._auth_provider.async_validate_login(
-                    user_input["username"], user_input["password"]
-                )
+                await cast(
+                    CommandLineAuthProvider, self._auth_provider
+                ).async_validate_login(user_input["username"], user_input["password"])
            except InvalidAuthError:
                errors["base"] = "invalid_auth"

--- a/homeassistant/auth/providers/homeassistant.py
+++ b/homeassistant/auth/providers/homeassistant.py
@@ -1,5 +1,4 @@
 """Home Assistant auth provider."""
-
 from __future__ import annotations

 import asyncio
@@ -13,11 +12,11 @@ import voluptuous as vol

 from homeassistant.const import CONF_ID
 from homeassistant.core import HomeAssistant, callback
+from homeassistant.data_entry_flow import FlowResult
 from homeassistant.exceptions import HomeAssistantError
-from homeassistant.helpers import issue_registry as ir
 from homeassistant.helpers.storage import Store

-from ..models import AuthFlowContext, AuthFlowResult, Credentials, UserMeta
+from ..models import Credentials, UserMeta
 from . import AUTH_PROVIDER_SCHEMA, AUTH_PROVIDERS, AuthProvider, LoginFlow

 STORAGE_VERSION = 1
@@ -55,27 +54,6 @@ class InvalidUser(HomeAssistantError):
    Will not be raised when validating authentication.
    """

-    def __init__(
-        self,
-        *args: object,
-        translation_key: str | None = None,
-        translation_placeholders: dict[str, str] | None = None,
-    ) -> None:
-        """Initialize exception."""
-        super().__init__(
-            *args,
-            translation_domain="auth",
-            translation_key=translation_key,
-            translation_placeholders=translation_placeholders,
-        )
-
-
-class InvalidUsername(InvalidUser):
-    """Raised when invalid username is specified.
-
-    Will not be raised when validating authentication.
-    """
-

 class Data:
    """Hold the user data."""
@@ -89,15 +67,13 @@ class Data:
        self._data: dict[str, list[dict[str, str]]] | None = None
        # Legacy mode will allow usernames to start/end with whitespace
        # and will compare usernames case-insensitive.
-        # Deprecated in June 2019 and will be removed in 2026.7
+        # Remove in 2020 or when we launch 1.0.
        self.is_legacy = False

    @callback
-    def normalize_username(
-        self, username: str, *, force_normalize: bool = False
-    ) -> str:
+    def normalize_username(self, username: str) -> str:
        """Normalize a username based on the mode."""
-        if self.is_legacy and not force_normalize:
+        if self.is_legacy:
            return username

        return username.strip().casefold()
@@ -107,49 +83,44 @@ class Data:
        if (data := await self._store.async_load()) is None:
            data = cast(dict[str, list[dict[str, str]]], {"users": []})

-        self._async_check_for_not_normalized_usernames(data)
-        self._data = data
-
-    @callback
-    def _async_check_for_not_normalized_usernames(
-        self, data: dict[str, list[dict[str, str]]]
-    ) -> None:
-        not_normalized_usernames: set[str] = set()
+        seen: set[str] = set()

        for user in data["users"]:
            username = user["username"]

-            if self.normalize_username(username, force_normalize=True) != username:
+            # check if we have duplicates
+            if (folded := username.casefold()) in seen:
+                self.is_legacy = True
+
                logging.getLogger(__name__).warning(
                    (
                        "Home Assistant auth provider is running in legacy mode "
-                        "because we detected usernames that are normalized (lowercase and without spaces)."
-                        " Please change the username: '%s'."
+                        "because we detected usernames that are case-insensitive"
+                        "equivalent. Please change the username: '%s'."
                    ),
                    username,
                )
-                not_normalized_usernames.add(username)

-        if not_normalized_usernames:
-            self.is_legacy = True
-            ir.async_create_issue(
-                self.hass,
-                "auth",
-                "homeassistant_provider_not_normalized_usernames",
-                breaks_in_ha_version="2026.7.0",
-                is_fixable=False,
-                severity=ir.IssueSeverity.WARNING,
-                translation_key="homeassistant_provider_not_normalized_usernames",
-                translation_placeholders={
-                    "usernames": f'- "{'"\n- "'.join(sorted(not_normalized_usernames))}"'
-                },
-                learn_more_url="homeassistant://config/users",
-            )
-        else:
-            self.is_legacy = False
-            ir.async_delete_issue(
-                self.hass, "auth", "homeassistant_provider_not_normalized_usernames"
-            )
+                break
+
+            seen.add(folded)
+
+            # check if we have unstripped usernames
+            if username != username.strip():
+                self.is_legacy = True
+
+                logging.getLogger(__name__).warning(
+                    (
+                        "Home Assistant auth provider is running in legacy mode "
+                        "because we detected usernames that start or end in a "
+                        "space. Please change the username: '%s'."
+                    ),
+                    username,
+                )
+
+                break
+
+        self._data = data

    @property
    def users(self) -> list[dict[str, str]]:
@@ -191,11 +162,13 @@ class Data:
        return hashed

    def add_auth(self, username: str, password: str) -> None:
-        """Add a new authenticated user/pass.
+        """Add a new authenticated user/pass."""
+        username = self.normalize_username(username)

-        Raises InvalidUsername if the new username is invalid.
-        """
-        self._validate_new_username(username)
+        if any(
+            self.normalize_username(user["username"]) == username for user in self.users
+        ):
+            raise InvalidUser

        self.users.append(
            {
@@ -216,7 +189,7 @@ class Data:
                break

        if index is None:
-            raise InvalidUser(translation_key="user_not_found")
+            raise InvalidUser

        self.users.pop(index)

@@ -232,50 +205,7 @@ class Data:
                user["password"] = self.hash_password(new_password, True).decode()
                break
        else:
-            raise InvalidUser(translation_key="user_not_found")
-
-    @callback
-    def _validate_new_username(self, new_username: str) -> None:
-        """Validate that username is normalized and unique.
-
-        Raises InvalidUsername if the new username is invalid.
-        """
-        normalized_username = self.normalize_username(
-            new_username, force_normalize=True
-        )
-        if normalized_username != new_username:
-            raise InvalidUsername(
-                translation_key="username_not_normalized",
-                translation_placeholders={"new_username": new_username},
-            )
-
-        if any(
-            self.normalize_username(user["username"]) == normalized_username
-            for user in self.users
-        ):
-            raise InvalidUsername(
-                translation_key="username_already_exists",
-                translation_placeholders={"username": new_username},
-            )
-
-    @callback
-    def change_username(self, username: str, new_username: str) -> None:
-        """Update the username.
-
-        Raises InvalidUser if user cannot be found.
-        Raises InvalidUsername if the new username is invalid.
-        """
-        username = self.normalize_username(username)
-        self._validate_new_username(new_username)
-
-        for user in self.users:
-            if self.normalize_username(user["username"]) == username:
-                user["username"] = new_username
-                assert self._data is not None
-                self._async_check_for_not_normalized_usernames(self._data)
-                break
-        else:
-            raise InvalidUser(translation_key="user_not_found")
+            raise InvalidUser

    async def async_save(self) -> None:
        """Save data."""
@@ -305,7 +235,7 @@ class HassAuthProvider(AuthProvider):
            await data.async_load()
            self.data = data

-    async def async_login_flow(self, context: AuthFlowContext | None) -> HassLoginFlow:
+    async def async_login_flow(self, context: dict[str, Any] | None) -> LoginFlow:
        """Return a flow to login."""
        return HassLoginFlow(self)

@@ -348,20 +278,6 @@ class HassAuthProvider(AuthProvider):
        )
        await self.data.async_save()

-    async def async_change_username(
-        self, credential: Credentials, new_username: str
-    ) -> None:
-        """Validate new username and change it including updating credentials object."""
-        if self.data is None:
-            await self.async_initialize()
-            assert self.data is not None
-
-        self.data.change_username(credential.data["username"], new_username)
-        self.hass.auth.async_update_user_credentials_data(
-            credential, {**credential.data, "username": new_username}
-        )
-        await self.data.async_save()
-
    async def async_get_or_create_credentials(
        self, flow_result: Mapping[str, str]
    ) -> Credentials:
@@ -400,18 +316,18 @@ class HassAuthProvider(AuthProvider):
            pass


-class HassLoginFlow(LoginFlow[HassAuthProvider]):
+class HassLoginFlow(LoginFlow):
    """Handler for the login flow."""

    async def async_step_init(
        self, user_input: dict[str, str] | None = None
-    ) -> AuthFlowResult:
+    ) -> FlowResult:
        """Handle the step of the form."""
        errors = {}

        if user_input is not None:
            try:
-                await self._auth_provider.async_validate_login(
+                await cast(HassAuthProvider, self._auth_provider).async_validate_login(
                    user_input["username"], user_input["password"]
                )
            except InvalidAuth:
--- a/homeassistant/auth/providers/insecure_example.py
+++ b/homeassistant/auth/providers/insecure_example.py
@@ -1,16 +1,17 @@
 """Example auth provider."""
-
 from __future__ import annotations

 from collections.abc import Mapping
 import hmac
+from typing import Any, cast

 import voluptuous as vol

 from homeassistant.core import callback
+from homeassistant.data_entry_flow import FlowResult
 from homeassistant.exceptions import HomeAssistantError

-from ..models import AuthFlowContext, AuthFlowResult, Credentials, UserMeta
+from ..models import Credentials, UserMeta
 from . import AUTH_PROVIDER_SCHEMA, AUTH_PROVIDERS, AuthProvider, LoginFlow

 USER_SCHEMA = vol.Schema(
@@ -35,9 +36,7 @@ class InvalidAuthError(HomeAssistantError):
 class ExampleAuthProvider(AuthProvider):
    """Example auth provider based on hardcoded usernames and passwords."""

-    async def async_login_flow(
-        self, context: AuthFlowContext | None
-    ) -> ExampleLoginFlow:
+    async def async_login_flow(self, context: dict[str, Any] | None) -> LoginFlow:
        """Return a flow to login."""
        return ExampleLoginFlow(self)

@@ -94,18 +93,18 @@ class ExampleAuthProvider(AuthProvider):
        return UserMeta(name=name, is_active=True)


-class ExampleLoginFlow(LoginFlow[ExampleAuthProvider]):
+class ExampleLoginFlow(LoginFlow):
    """Handler for the login flow."""

    async def async_step_init(
        self, user_input: dict[str, str] | None = None
-    ) -> AuthFlowResult:
+    ) -> FlowResult:
        """Handle the step of the form."""
        errors = None

        if user_input is not None:
            try:
-                self._auth_provider.async_validate_login(
+                cast(ExampleAuthProvider, self._auth_provider).async_validate_login(
                    user_input["username"], user_input["password"]
                )
            except InvalidAuthError:
--- a/homeassistant/auth/providers/legacy_api_password.py
+++ b/homeassistant/auth/providers/legacy_api_password.py
@@ -0,0 +1,123 @@
+"""Support Legacy API password auth provider.
+
+It will be removed when auth system production ready
+"""
+from __future__ import annotations
+
+from collections.abc import Mapping
+import hmac
+from typing import Any, cast
+
+import voluptuous as vol
+
+from homeassistant.core import async_get_hass, callback
+from homeassistant.data_entry_flow import FlowResult
+from homeassistant.exceptions import HomeAssistantError
+import homeassistant.helpers.config_validation as cv
+from homeassistant.helpers.issue_registry import IssueSeverity, async_create_issue
+
+from ..models import Credentials, UserMeta
+from . import AUTH_PROVIDER_SCHEMA, AUTH_PROVIDERS, AuthProvider, LoginFlow
+
+AUTH_PROVIDER_TYPE = "legacy_api_password"
+CONF_API_PASSWORD = "api_password"
+
+_CONFIG_SCHEMA = AUTH_PROVIDER_SCHEMA.extend(
+    {vol.Required(CONF_API_PASSWORD): cv.string}, extra=vol.PREVENT_EXTRA
+)
+
+
+def _create_repair_and_validate(config: dict[str, Any]) -> dict[str, Any]:
+    async_create_issue(
+        async_get_hass(),
+        "auth",
+        "deprecated_legacy_api_password",
+        breaks_in_ha_version="2024.6.0",
+        is_fixable=False,
+        severity=IssueSeverity.WARNING,
+        translation_key="deprecated_legacy_api_password",
+    )
+
+    return _CONFIG_SCHEMA(config)  # type: ignore[no-any-return]
+
+
+CONFIG_SCHEMA = _create_repair_and_validate
+
+
+LEGACY_USER_NAME = "Legacy API password user"
+
+
+class InvalidAuthError(HomeAssistantError):
+    """Raised when submitting invalid authentication."""
+
+
+@AUTH_PROVIDERS.register(AUTH_PROVIDER_TYPE)
+class LegacyApiPasswordAuthProvider(AuthProvider):
+    """An auth provider support legacy api_password."""
+
+    DEFAULT_TITLE = "Legacy API Password"
+
+    @property
+    def api_password(self) -> str:
+        """Return api_password."""
+        return str(self.config[CONF_API_PASSWORD])
+
+    async def async_login_flow(self, context: dict[str, Any] | None) -> LoginFlow:
+        """Return a flow to login."""
+        return LegacyLoginFlow(self)
+
+    @callback
+    def async_validate_login(self, password: str) -> None:
+        """Validate password."""
+        api_password = str(self.config[CONF_API_PASSWORD])
+
+        if not hmac.compare_digest(
+            api_password.encode("utf-8"), password.encode("utf-8")
+        ):
+            raise InvalidAuthError
+
+    async def async_get_or_create_credentials(
+        self, flow_result: Mapping[str, str]
+    ) -> Credentials:
+        """Return credentials for this login."""
+        credentials = await self.async_credentials()
+        if credentials:
+            return credentials[0]
+
+        return self.async_create_credentials({})
+
+    async def async_user_meta_for_credentials(
+        self, credentials: Credentials
+    ) -> UserMeta:
+        """Return info for the user.
+
+        Will be used to populate info when creating a new user.
+        """
+        return UserMeta(name=LEGACY_USER_NAME, is_active=True)
+
+
+class LegacyLoginFlow(LoginFlow):
+    """Handler for the login flow."""
+
+    async def async_step_init(
+        self, user_input: dict[str, str] | None = None
+    ) -> FlowResult:
+        """Handle the step of the form."""
+        errors = {}
+
+        if user_input is not None:
+            try:
+                cast(
+                    LegacyApiPasswordAuthProvider, self._auth_provider
+                ).async_validate_login(user_input["password"])
+            except InvalidAuthError:
+                errors["base"] = "invalid_auth"
+
+            if not errors:
+                return await self.async_finish({})
+
+        return self.async_show_form(
+            step_id="init",
+            data_schema=vol.Schema({vol.Required("password"): str}),
+            errors=errors,
+        )
--- a/homeassistant/auth/providers/trusted_networks.py
+++ b/homeassistant/auth/providers/trusted_networks.py
@@ -3,7 +3,6 @@
 It shows list of users if access from trusted network.
 Abort login flow if not access from trusted network.
 """
-
 from __future__ import annotations

 from collections.abc import Mapping
@@ -20,22 +19,17 @@ from typing import Any, cast
 import voluptuous as vol

 from homeassistant.core import callback
+from homeassistant.data_entry_flow import FlowResult
 from homeassistant.exceptions import HomeAssistantError
-from homeassistant.helpers import config_validation as cv
+import homeassistant.helpers.config_validation as cv
 from homeassistant.helpers.network import is_cloud_connection

 from .. import InvalidAuthError
-from ..models import (
-    AuthFlowContext,
-    AuthFlowResult,
-    Credentials,
-    RefreshToken,
-    UserMeta,
-)
+from ..models import Credentials, RefreshToken, UserMeta
 from . import AUTH_PROVIDER_SCHEMA, AUTH_PROVIDERS, AuthProvider, LoginFlow

-type IPAddress = IPv4Address | IPv6Address
-type IPNetwork = IPv4Network | IPv6Network
+IPAddress = IPv4Address | IPv6Address
+IPNetwork = IPv4Network | IPv6Network

 CONF_TRUSTED_NETWORKS = "trusted_networks"
 CONF_TRUSTED_USERS = "trusted_users"
@@ -104,9 +98,7 @@ class TrustedNetworksAuthProvider(AuthProvider):
        """Trusted Networks auth provider does not support MFA."""
        return False

-    async def async_login_flow(
-        self, context: AuthFlowContext | None
-    ) -> TrustedNetworksLoginFlow:
+    async def async_login_flow(self, context: dict[str, Any] | None) -> LoginFlow:
        """Return a flow to login."""
        assert context is not None
        ip_addr = cast(IPAddress, context.get("ip_address"))
@@ -216,7 +208,7 @@ class TrustedNetworksAuthProvider(AuthProvider):
        self.async_validate_access(ip_address(remote_ip))


-class TrustedNetworksLoginFlow(LoginFlow[TrustedNetworksAuthProvider]):
+class TrustedNetworksLoginFlow(LoginFlow):
    """Handler for the login flow."""

    def __init__(
@@ -234,10 +226,12 @@ class TrustedNetworksLoginFlow(LoginFlow[TrustedNetworksAuthProvider]):

    async def async_step_init(
        self, user_input: dict[str, str] | None = None
-    ) -> AuthFlowResult:
+    ) -> FlowResult:
        """Handle the step of the form."""
        try:
-            self._auth_provider.async_validate_access(self._ip_address)
+            cast(
+                TrustedNetworksAuthProvider, self._auth_provider
+            ).async_validate_access(self._ip_address)

        except InvalidAuthError:
            return self.async_abort(reason="not_allowed")
--- a/homeassistant/backports/enum.py
+++ b/homeassistant/backports/enum.py
@@ -0,0 +1,15 @@
+"""Enum backports from standard lib.
+
+This file contained the backport of the StrEnum of Python 3.11.
+
+Since we have dropped support for Python 3.10, we can remove this backport.
+This file is kept for now to avoid breaking custom components that might
+import it.
+"""
+from __future__ import annotations
+
+from enum import StrEnum
+
+__all__ = [
+    "StrEnum",
+]
--- a/homeassistant/backports/functools.py
+++ b/homeassistant/backports/functools.py
@@ -0,0 +1,81 @@
+"""Functools backports from standard lib."""
+
+# This file contains parts of Python's module wrapper
+# for the _functools C module
+# to allow utilities written in Python to be added
+# to the functools module.
+# Written by Nick Coghlan <ncoghlan at gmail.com>,
+# Raymond Hettinger <python at rcn.com>,
+# and Łukasz Langa <lukasz at langa.pl>.
+# Copyright © 2001-2023 Python Software Foundation; All Rights Reserved
+
+from __future__ import annotations
+
+from collections.abc import Callable
+from types import GenericAlias
+from typing import Any, Generic, Self, TypeVar, overload
+
+_T = TypeVar("_T")
+
+
+class cached_property(Generic[_T]):
+    """Backport of Python 3.12's cached_property.
+
+    Includes https://github.com/python/cpython/pull/101890/files
+    """
+
+    def __init__(self, func: Callable[[Any], _T]) -> None:
+        """Initialize."""
+        self.func: Callable[[Any], _T] = func
+        self.attrname: str | None = None
+        self.__doc__ = func.__doc__
+
+    def __set_name__(self, owner: type[Any], name: str) -> None:
+        """Set name."""
+        if self.attrname is None:
+            self.attrname = name
+        elif name != self.attrname:
+            raise TypeError(
+                "Cannot assign the same cached_property to two different names "
+                f"({self.attrname!r} and {name!r})."
+            )
+
+    @overload
+    def __get__(self, instance: None, owner: type[Any] | None = None) -> Self:
+        ...
+
+    @overload
+    def __get__(self, instance: Any, owner: type[Any] | None = None) -> _T:
+        ...
+
+    def __get__(
+        self, instance: Any | None, owner: type[Any] | None = None
+    ) -> _T | Self:
+        """Get."""
+        if instance is None:
+            return self
+        if self.attrname is None:
+            raise TypeError(
+                "Cannot use cached_property instance without calling __set_name__ on it."
+            )
+        try:
+            cache = instance.__dict__
+        # not all objects have __dict__ (e.g. class defines slots)
+        except AttributeError:
+            msg = (
+                f"No '__dict__' attribute on {type(instance).__name__!r} "
+                f"instance to cache {self.attrname!r} property."
+            )
+            raise TypeError(msg) from None
+        val = self.func(instance)
+        try:
+            cache[self.attrname] = val
+        except TypeError:
+            msg = (
+                f"The '__dict__' attribute on {type(instance).__name__!r} instance "
+                f"does not support item assignment for caching {self.attrname!r} property."
+            )
+            raise TypeError(msg) from None
+        return val
+
+    __class_getitem__ = classmethod(GenericAlias)  # type: ignore[var-annotated]
--- a/homeassistant/backup_restore.py
+++ b/homeassistant/backup_restore.py
@@ -1,213 +0,0 @@
-"""Home Assistant module to handle restoring backups."""
-
-from __future__ import annotations
-
-from collections.abc import Iterable
-from dataclasses import dataclass
-import hashlib
-import json
-import logging
-from pathlib import Path
-import shutil
-import sys
-from tempfile import TemporaryDirectory
-
-from awesomeversion import AwesomeVersion
-import securetar
-
-from .const import __version__ as HA_VERSION
-
-RESTORE_BACKUP_FILE = ".HA_RESTORE"
-RESTORE_BACKUP_RESULT_FILE = ".HA_RESTORE_RESULT"
-KEEP_BACKUPS = ("backups",)
-KEEP_DATABASE = (
-    "home-assistant_v2.db",
-    "home-assistant_v2.db-wal",
-)
-
-
-_LOGGER = logging.getLogger(__name__)
-
-
-@dataclass
-class RestoreBackupFileContent:
-    """Definition for restore backup file content."""
-
-    backup_file_path: Path
-    password: str | None
-    remove_after_restore: bool
-    restore_database: bool
-    restore_homeassistant: bool
-
-
-def password_to_key(password: str) -> bytes:
-    """Generate a AES Key from password.
-
-    Matches the implementation in supervisor.backups.utils.password_to_key.
-    """
-    key: bytes = password.encode()
-    for _ in range(100):
-        key = hashlib.sha256(key).digest()
-    return key[:16]
-
-
-def restore_backup_file_content(config_dir: Path) -> RestoreBackupFileContent | None:
-    """Return the contents of the restore backup file."""
-    instruction_path = config_dir.joinpath(RESTORE_BACKUP_FILE)
-    try:
-        instruction_content = json.loads(instruction_path.read_text(encoding="utf-8"))
-        return RestoreBackupFileContent(
-            backup_file_path=Path(instruction_content["path"]),
-            password=instruction_content["password"],
-            remove_after_restore=instruction_content["remove_after_restore"],
-            restore_database=instruction_content["restore_database"],
-            restore_homeassistant=instruction_content["restore_homeassistant"],
-        )
-    except FileNotFoundError:
-        return None
-    except (KeyError, json.JSONDecodeError) as err:
-        _write_restore_result_file(config_dir, False, err)
-        return None
-    finally:
-        # Always remove the backup instruction file to prevent a boot loop
-        instruction_path.unlink(missing_ok=True)
-
-
-def _clear_configuration_directory(config_dir: Path, keep: Iterable[str]) -> None:
-    """Delete all files and directories in the config directory except entries in the keep list."""
-    keep_paths = [config_dir.joinpath(path) for path in keep]
-    entries_to_remove = sorted(
-        entry for entry in config_dir.iterdir() if entry not in keep_paths
-    )
-
-    for entry in entries_to_remove:
-        entrypath = config_dir.joinpath(entry)
-
-        if entrypath.is_file():
-            entrypath.unlink()
-        elif entrypath.is_dir():
-            shutil.rmtree(entrypath)
-
-
-def _extract_backup(
-    config_dir: Path,
-    restore_content: RestoreBackupFileContent,
-) -> None:
-    """Extract the backup file to the config directory."""
-    with (
-        TemporaryDirectory() as tempdir,
-        securetar.SecureTarFile(
-            restore_content.backup_file_path,
-            gzip=False,
-            mode="r",
-        ) as ostf,
-    ):
-        ostf.extractall(
-            path=Path(tempdir, "extracted"),
-            members=securetar.secure_path(ostf),
-            filter="fully_trusted",
-        )
-        backup_meta_file = Path(tempdir, "extracted", "backup.json")
-        backup_meta = json.loads(backup_meta_file.read_text(encoding="utf8"))
-
-        if (
-            backup_meta_version := AwesomeVersion(
-                backup_meta["homeassistant"]["version"]
-            )
-        ) > HA_VERSION:
-            raise ValueError(
-                f"You need at least Home Assistant version {backup_meta_version} to restore this backup"
-            )
-
-        with securetar.SecureTarFile(
-            Path(
-                tempdir,
-                "extracted",
-                f"homeassistant.tar{'.gz' if backup_meta['compressed'] else ''}",
-            ),
-            gzip=backup_meta["compressed"],
-            key=password_to_key(restore_content.password)
-            if restore_content.password is not None
-            else None,
-            mode="r",
-        ) as istf:
-            istf.extractall(
-                path=Path(tempdir, "homeassistant"),
-                members=securetar.secure_path(istf),
-                filter="fully_trusted",
-            )
-            if restore_content.restore_homeassistant:
-                keep = list(KEEP_BACKUPS)
-                if not restore_content.restore_database:
-                    keep.extend(KEEP_DATABASE)
-                _clear_configuration_directory(config_dir, keep)
-                shutil.copytree(
-                    Path(tempdir, "homeassistant", "data"),
-                    config_dir,
-                    dirs_exist_ok=True,
-                    ignore=shutil.ignore_patterns(*(keep)),
-                    ignore_dangling_symlinks=True,
-                )
-            elif restore_content.restore_database:
-                for entry in KEEP_DATABASE:
-                    entrypath = config_dir / entry
-
-                    if entrypath.is_file():
-                        entrypath.unlink()
-                    elif entrypath.is_dir():
-                        shutil.rmtree(entrypath)
-
-                for entry in KEEP_DATABASE:
-                    shutil.copy(
-                        Path(tempdir, "homeassistant", "data", entry),
-                        config_dir,
-                    )
-
-
-def _write_restore_result_file(
-    config_dir: Path, success: bool, error: Exception | None
-) -> None:
-    """Write the restore result file."""
-    result_path = config_dir.joinpath(RESTORE_BACKUP_RESULT_FILE)
-    result_path.write_text(
-        json.dumps(
-            {
-                "success": success,
-                "error": str(error) if error else None,
-                "error_type": str(type(error).__name__) if error else None,
-            }
-        ),
-        encoding="utf-8",
-    )
-
-
-def restore_backup(config_dir_path: str) -> bool:
-    """Restore the backup file if any.
-
-    Returns True if a restore backup file was found and restored, False otherwise.
-    """
-    config_dir = Path(config_dir_path)
-    if not (restore_content := restore_backup_file_content(config_dir)):
-        return False
-
-    logging.basicConfig(stream=sys.stdout, level=logging.INFO)
-    backup_file_path = restore_content.backup_file_path
-    _LOGGER.info("Restoring %s", backup_file_path)
-    try:
-        _extract_backup(
-            config_dir=config_dir,
-            restore_content=restore_content,
-        )
-    except FileNotFoundError as err:
-        file_not_found = ValueError(f"Backup file {backup_file_path} does not exist")
-        _write_restore_result_file(config_dir, False, file_not_found)
-        raise file_not_found from err
-    except Exception as err:
-        _write_restore_result_file(config_dir, False, err)
-        raise
-    else:
-        _write_restore_result_file(config_dir, True, None)
-    if restore_content.remove_after_restore:
-        backup_file_path.unlink(missing_ok=True)
-    _LOGGER.info("Restore complete, restarting")
-    return True
--- a/homeassistant/block_async_io.py
+++ b/homeassistant/block_async_io.py
@@ -1,267 +1,20 @@
 """Block blocking calls being done in asyncio."""
-
-import builtins
-from collections.abc import Callable
-from contextlib import suppress
-from dataclasses import dataclass
-import glob
 from http.client import HTTPConnection
-import importlib
-import os
-from pathlib import Path
-from ssl import SSLContext
-import sys
-import threading
 import time
-from typing import Any

-from .helpers.frame import get_current_frame
-from .util.loop import protect_loop
-
-_IN_TESTS = "unittest" in sys.modules
-
-ALLOWED_FILE_PREFIXES = ("/proc",)
-
-
-def _check_import_call_allowed(mapped_args: dict[str, Any]) -> bool:
-    # If the module is already imported, we can ignore it.
-    return bool((args := mapped_args.get("args")) and args[0] in sys.modules)
-
-
-def _check_file_allowed(mapped_args: dict[str, Any]) -> bool:
-    # If the file is in /proc we can ignore it.
-    args = mapped_args["args"]
-    path = args[0] if type(args[0]) is str else str(args[0])
-    return path.startswith(ALLOWED_FILE_PREFIXES)
-
-
-def _check_sleep_call_allowed(mapped_args: dict[str, Any]) -> bool:
-    #
-    # Avoid extracting the stack unless we need to since it
-    # will have to access the linecache which can do blocking
-    # I/O and we are trying to avoid blocking calls.
-    #
-    # frame[0] is us
-    # frame[1] is raise_for_blocking_call
-    # frame[2] is protected_loop_func
-    # frame[3] is the offender
-    with suppress(ValueError):
-        return get_current_frame(4).f_code.co_filename.endswith("pydevd.py")
-    return False
-
-
-def _check_load_verify_locations_call_allowed(mapped_args: dict[str, Any]) -> bool:
-    # If only cadata is passed, we can ignore it
-    kwargs = mapped_args.get("kwargs")
-    return bool(kwargs and len(kwargs) == 1 and "cadata" in kwargs)
-
-
-@dataclass(slots=True, frozen=True)
-class BlockingCall:
-    """Class to hold information about a blocking call."""
-
-    original_func: Callable
-    object: object
-    function: str
-    check_allowed: Callable[[dict[str, Any]], bool] | None
-    strict: bool
-    strict_core: bool
-    skip_for_tests: bool
-
-
-_BLOCKING_CALLS: tuple[BlockingCall, ...] = (
-    BlockingCall(
-        original_func=HTTPConnection.putrequest,
-        object=HTTPConnection,
-        function="putrequest",
-        check_allowed=None,
-        strict=True,
-        strict_core=True,
-        skip_for_tests=False,
-    ),
-    BlockingCall(
-        original_func=time.sleep,
-        object=time,
-        function="sleep",
-        check_allowed=_check_sleep_call_allowed,
-        strict=True,
-        strict_core=True,
-        skip_for_tests=False,
-    ),
-    BlockingCall(
-        original_func=glob.glob,
-        object=glob,
-        function="glob",
-        check_allowed=None,
-        strict=False,
-        strict_core=False,
-        skip_for_tests=False,
-    ),
-    BlockingCall(
-        original_func=glob.iglob,
-        object=glob,
-        function="iglob",
-        check_allowed=None,
-        strict=False,
-        strict_core=False,
-        skip_for_tests=False,
-    ),
-    BlockingCall(
-        original_func=os.walk,
-        object=os,
-        function="walk",
-        check_allowed=None,
-        strict=False,
-        strict_core=False,
-        skip_for_tests=False,
-    ),
-    BlockingCall(
-        original_func=os.listdir,
-        object=os,
-        function="listdir",
-        check_allowed=None,
-        strict=False,
-        strict_core=False,
-        skip_for_tests=True,
-    ),
-    BlockingCall(
-        original_func=os.scandir,
-        object=os,
-        function="scandir",
-        check_allowed=None,
-        strict=False,
-        strict_core=False,
-        skip_for_tests=True,
-    ),
-    BlockingCall(
-        original_func=builtins.open,
-        object=builtins,
-        function="open",
-        check_allowed=_check_file_allowed,
-        strict=False,
-        strict_core=False,
-        skip_for_tests=True,
-    ),
-    BlockingCall(
-        original_func=importlib.import_module,
-        object=importlib,
-        function="import_module",
-        check_allowed=_check_import_call_allowed,
-        strict=False,
-        strict_core=False,
-        skip_for_tests=True,
-    ),
-    BlockingCall(
-        original_func=SSLContext.load_default_certs,
-        object=SSLContext,
-        function="load_default_certs",
-        check_allowed=None,
-        strict=False,
-        strict_core=False,
-        skip_for_tests=True,
-    ),
-    BlockingCall(
-        original_func=SSLContext.load_verify_locations,
-        object=SSLContext,
-        function="load_verify_locations",
-        check_allowed=_check_load_verify_locations_call_allowed,
-        strict=False,
-        strict_core=False,
-        skip_for_tests=True,
-    ),
-    BlockingCall(
-        original_func=SSLContext.load_cert_chain,
-        object=SSLContext,
-        function="load_cert_chain",
-        check_allowed=None,
-        strict=False,
-        strict_core=False,
-        skip_for_tests=True,
-    ),
-    BlockingCall(
-        original_func=SSLContext.set_default_verify_paths,
-        object=SSLContext,
-        function="set_default_verify_paths",
-        check_allowed=None,
-        strict=False,
-        strict_core=False,
-        skip_for_tests=True,
-    ),
-    BlockingCall(
-        original_func=Path.open,
-        object=Path,
-        function="open",
-        check_allowed=_check_file_allowed,
-        strict=False,
-        strict_core=False,
-        skip_for_tests=True,
-    ),
-    BlockingCall(
-        original_func=Path.read_text,
-        object=Path,
-        function="read_text",
-        check_allowed=_check_file_allowed,
-        strict=False,
-        strict_core=False,
-        skip_for_tests=True,
-    ),
-    BlockingCall(
-        original_func=Path.read_bytes,
-        object=Path,
-        function="read_bytes",
-        check_allowed=_check_file_allowed,
-        strict=False,
-        strict_core=False,
-        skip_for_tests=True,
-    ),
-    BlockingCall(
-        original_func=Path.write_text,
-        object=Path,
-        function="write_text",
-        check_allowed=_check_file_allowed,
-        strict=False,
-        strict_core=False,
-        skip_for_tests=True,
-    ),
-    BlockingCall(
-        original_func=Path.write_bytes,
-        object=Path,
-        function="write_bytes",
-        check_allowed=_check_file_allowed,
-        strict=False,
-        strict_core=False,
-        skip_for_tests=True,
-    ),
-)
-
-
-@dataclass(slots=True)
-class BlockedCalls:
-    """Class to track which calls are blocked."""
-
-    calls: set[BlockingCall]
-
-
-_BLOCKED_CALLS = BlockedCalls(set())
+from .util.async_ import protect_loop


 def enable() -> None:
    """Enable the detection of blocking calls in the event loop."""
-    calls = _BLOCKED_CALLS.calls
-    if calls:
-        raise RuntimeError("Blocking call detection is already enabled")
+    # Prevent urllib3 and requests doing I/O in event loop
+    HTTPConnection.putrequest = protect_loop(  # type: ignore[method-assign]
+        HTTPConnection.putrequest
+    )

-    loop_thread_id = threading.get_ident()
-    for blocking_call in _BLOCKING_CALLS:
-        if _IN_TESTS and blocking_call.skip_for_tests:
-            continue
+    # Prevent sleeping in event loop. Non-strict since 2022.02
+    time.sleep = protect_loop(time.sleep, strict=False)

-        protected_function = protect_loop(
-            blocking_call.original_func,
-            strict=blocking_call.strict,
-            strict_core=blocking_call.strict_core,
-            check_allowed=blocking_call.check_allowed,
-            loop_thread_id=loop_thread_id,
-        )
-        setattr(blocking_call.object, blocking_call.function, protected_function)
-        calls.add(blocking_call)
+    # Currently disabled. pytz doing I/O when getting timezone.
+    # Prevent files being opened inside the event loop
+    # builtins.open = protect_loop(builtins.open)
--- a/homeassistant/bootstrap.py
+++ b/homeassistant/bootstrap.py
--- a/homeassistant/brands/amazon.json
+++ b/homeassistant/brands/amazon.json
@@ -1,13 +1,5 @@
 {
  "domain": "amazon",
  "name": "Amazon",
-  "integrations": [
-    "alexa",
-    "alexa_devices",
-    "amazon_polly",
-    "aws",
-    "aws_s3",
-    "fire_tv",
-    "route53"
-  ]
+  "integrations": ["alexa", "amazon_polly", "aws", "fire_tv", "route53"]
 }
--- a/homeassistant/brands/ambient_weather.json
+++ b/homeassistant/brands/ambient_weather.json
@@ -1,5 +0,0 @@
-{
-  "domain": "ambient_weather",
-  "name": "Ambient Weather",
-  "integrations": ["ambient_network", "ambient_station"]
-}
--- a/homeassistant/brands/aqara.json
+++ b/homeassistant/brands/aqara.json
@@ -1,5 +0,0 @@
-{
-  "domain": "aqara",
-  "name": "Aqara",
-  "iot_standards": ["matter", "zigbee"]
-}
--- a/homeassistant/brands/asterisk.json
+++ b/homeassistant/brands/asterisk.json
@@ -0,0 +1,5 @@
+{
+  "domain": "asterisk",
+  "name": "Asterisk",
+  "integrations": ["asterisk_cdr", "asterisk_mbox"]
+}
--- a/homeassistant/brands/bosch.json
+++ b/homeassistant/brands/bosch.json
@@ -1,5 +0,0 @@
-{
-  "domain": "bosch",
-  "name": "Bosch",
-  "integrations": ["bosch_alarm", "bosch_shc", "home_connect"]
-}
--- a/homeassistant/brands/epson.json
+++ b/homeassistant/brands/epson.json
@@ -0,0 +1,5 @@
+{
+  "domain": "epson",
+  "name": "Epson",
+  "integrations": ["epson", "epsonworkforce"]
+}
--- a/homeassistant/brands/eq3.json
+++ b/homeassistant/brands/eq3.json
@@ -1,5 +1,5 @@
 {
  "domain": "eq3",
  "name": "eQ-3",
-  "integrations": ["maxcube", "eq3btsmart"]
+  "integrations": ["maxcube"]
 }
--- a/homeassistant/brands/eve.json
+++ b/homeassistant/brands/eve.json
@@ -1,5 +0,0 @@
-{
-  "domain": "eve",
-  "name": "Eve",
-  "iot_standards": ["matter"]
-}
--- a/homeassistant/brands/flexit.json
+++ b/homeassistant/brands/flexit.json
@@ -1,5 +0,0 @@
-{
-  "domain": "flexit",
-  "name": "Flexit",
-  "integrations": ["flexit", "flexit_bacnet"]
-}
--- a/homeassistant/brands/fujitsu.json
+++ b/homeassistant/brands/fujitsu.json
@@ -1,5 +0,0 @@
-{
-  "domain": "fujitsu",
-  "name": "Fujitsu",
-  "integrations": ["fujitsu_anywair", "fujitsu_fglair"]
-}
--- a/homeassistant/brands/google.json
+++ b/homeassistant/brands/google.json
@@ -5,12 +5,10 @@
    "google_assistant",
    "google_assistant_sdk",
    "google_cloud",
-    "google_drive",
-    "google_gemini",
+    "google_domains",
    "google_generative_ai_conversation",
    "google_mail",
    "google_maps",
-    "google_photos",
    "google_pubsub",
    "google_sheets",
    "google_tasks",
--- a/homeassistant/brands/govee.json
+++ b/homeassistant/brands/govee.json
@@ -1,5 +0,0 @@
-{
-  "domain": "govee",
-  "name": "Govee",
-  "integrations": ["govee_ble", "govee_light_local"]
-}
--- a/homeassistant/brands/husqvarna.json
+++ b/homeassistant/brands/husqvarna.json
@@ -1,5 +0,0 @@
-{
-  "domain": "husqvarna",
-  "name": "Husqvarna",
-  "integrations": ["husqvarna_automower", "husqvarna_automower_ble"]
-}
--- a/homeassistant/brands/lg.json
+++ b/homeassistant/brands/lg.json
@@ -1,5 +1,5 @@
 {
  "domain": "lg",
  "name": "LG",
-  "integrations": ["lg_netcast", "lg_soundbar", "lg_thinq", "webostv"]
+  "integrations": ["lg_netcast", "lg_soundbar", "webostv"]
 }
--- a/homeassistant/brands/logitech.json
+++ b/homeassistant/brands/logitech.json
@@ -1,5 +1,5 @@
 {
  "domain": "logitech",
  "name": "Logitech",
-  "integrations": ["harmony", "squeezebox"]
+  "integrations": ["harmony", "ue_smart_radio", "squeezebox"]
 }
--- a/homeassistant/brands/microsoft.json
+++ b/homeassistant/brands/microsoft.json
@@ -2,17 +2,14 @@
  "domain": "microsoft",
  "name": "Microsoft",
  "integrations": [
-    "azure_data_explorer",
    "azure_devops",
    "azure_event_hub",
    "azure_service_bus",
-    "azure_storage",
    "microsoft_face_detect",
    "microsoft_face_identify",
    "microsoft_face",
    "microsoft",
    "msteams",
-    "onedrive",
    "xbox"
  ]
 }
--- a/homeassistant/brands/motionblinds.json
+++ b/homeassistant/brands/motionblinds.json
@@ -1,6 +0,0 @@
-{
-  "domain": "motionblinds",
-  "name": "Motionblinds",
-  "integrations": ["motion_blinds", "motionblinds_ble"],
-  "iot_standards": ["matter"]
-}
--- a/homeassistant/brands/nuki.json
+++ b/homeassistant/brands/nuki.json
@@ -1,6 +0,0 @@
-{
-  "domain": "nuki",
-  "name": "Nuki",
-  "integrations": ["nuki"],
-  "iot_standards": ["matter"]
-}
--- a/homeassistant/brands/rainforest_automation.json
+++ b/homeassistant/brands/rainforest_automation.json
@@ -1,5 +0,0 @@
-{
-  "domain": "rainforest_automation",
-  "name": "Rainforest Automation",
-  "integrations": ["rainforest_eagle", "rainforest_raven"]
-}
--- a/homeassistant/brands/roth.json
+++ b/homeassistant/brands/roth.json
@@ -1,5 +0,0 @@
-{
-  "domain": "roth",
-  "name": "Roth",
-  "integrations": ["touchline", "touchline_sl"]
-}
--- a/homeassistant/brands/ruuvi.json
+++ b/homeassistant/brands/ruuvi.json
@@ -1,5 +0,0 @@
-{
-  "domain": "ruuvi",
-  "name": "Ruuvi",
-  "integrations": ["ruuvi_gateway", "ruuvitag_ble"]
-}
--- a/homeassistant/brands/sensorpush.json
+++ b/homeassistant/brands/sensorpush.json
@@ -1,5 +0,0 @@
-{
-  "domain": "sensorpush",
-  "name": "SensorPush",
-  "integrations": ["sensorpush", "sensorpush_cloud"]
-}
--- a/homeassistant/brands/shelly.json
+++ b/homeassistant/brands/shelly.json
@@ -1,6 +0,0 @@
-{
-  "domain": "shelly",
-  "name": "shelly",
-  "integrations": ["shelly"],
-  "iot_standards": ["zwave"]
-}
--- a/homeassistant/brands/sky.json
+++ b/homeassistant/brands/sky.json
@@ -1,5 +0,0 @@
-{
-  "domain": "sky",
-  "name": "Sky",
-  "integrations": ["sky_hub", "sky_remote"]
-}
--- a/homeassistant/brands/slide.json
+++ b/homeassistant/brands/slide.json
@@ -1,5 +0,0 @@
-{
-  "domain": "slide",
-  "name": "Slide",
-  "integrations": ["slide", "slide_local"]
-}
--- a/homeassistant/brands/sony.json
+++ b/homeassistant/brands/sony.json
@@ -1,11 +1,5 @@
 {
  "domain": "sony",
  "name": "Sony",
-  "integrations": [
-    "braviatv",
-    "ps4",
-    "sony_projector",
-    "songpal",
-    "playstation_network"
-  ]
+  "integrations": ["braviatv", "ps4", "sony_projector", "songpal"]
 }
--- a/homeassistant/brands/switchbot.json
+++ b/homeassistant/brands/switchbot.json
@@ -1,6 +1,5 @@
 {
  "domain": "switchbot",
  "name": "SwitchBot",
-  "integrations": ["switchbot", "switchbot_cloud"],
-  "iot_standards": ["matter"]
+  "integrations": ["switchbot", "switchbot_cloud"]
 }
--- a/homeassistant/brands/tesla.json
+++ b/homeassistant/brands/tesla.json
@@ -1,5 +1,5 @@
 {
  "domain": "tesla",
  "name": "Tesla",
-  "integrations": ["powerwall", "tesla_wall_connector", "tesla_fleet"]
+  "integrations": ["powerwall", "tesla_wall_connector"]
 }
--- a/homeassistant/brands/tilt.json
+++ b/homeassistant/brands/tilt.json
@@ -1,5 +0,0 @@
-{
-  "domain": "tilt",
-  "name": "Tilt",
-  "integrations": ["tilt_ble", "tilt_pi"]
-}
--- a/homeassistant/brands/tplink.json
+++ b/homeassistant/brands/tplink.json
@@ -1,6 +1,6 @@
 {
  "domain": "tplink",
  "name": "TP-Link",
-  "integrations": ["tplink", "tplink_omada", "tplink_lte", "tplink_tapo"],
+  "integrations": ["tplink", "tplink_omada", "tplink_lte"],
  "iot_standards": ["matter"]
 }
--- a/homeassistant/brands/traccar.json
+++ b/homeassistant/brands/traccar.json
@@ -1,5 +0,0 @@
-{
-  "domain": "traccar",
-  "name": "Traccar",
-  "integrations": ["traccar", "traccar_server"]
-}
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
c0ffeeca7	83458d24c7	Implement review comments from #104658	2023-11-29 05:36:29 +00:00
c0ffeeca7	df6d43adc4	Fix style	2023-11-28 17:44:45 +00:00
c0ffeeca7	5cbfc1c224	Add info what to enter into host field	2023-11-28 17:35:21 +00:00