Add comment explaining Windows-specific multiple_dots behavior

On Windows, Path.resolve() treats '....' as parent traversal (403),
while on Unix it is a literal directory name that stays inside the
base directory (404).

esphome/components/epaper_spi/colorconv.h

@@ -0,0 +1,67 @@
+#pragma once
+
+#include <cstdint>
+#include <algorithm>
+#include "esphome/core/color.h"
+
+/* Utility for converting internal \a Color RGB representation to supported IC hardware color keys
+ *
+ * Focus in driver layer is on efficiency.
+ * For optimum output quality on RGB inputs consider offline color keying/dithering.
+ * Also see e.g. Image component.
+ */
+
+namespace esphome::epaper_spi {
+
+/** Delta for when to regard as gray */
+static constexpr uint8_t COLORCONV_GRAY_THRESHOLD = 50;
+
+/** Map RGB color to discrete BWYR hex 4 color key
+ *
+ * @tparam NATIVE_COLOR  Type of native hardware color values
+ * @param color     RGB color to convert from
+ * @param hw_black  Native value for black
+ * @param hw_white  Native value for white
+ * @param hw_yellow Native value for yellow
+ * @param hw_red    Native value for red
+ * @return          Converted native hardware color value
+ * @internal Constexpr. Does not depend on side effects ("pure").
+ */
+template<typename NATIVE_COLOR>
+constexpr NATIVE_COLOR color_to_bwyr(Color color, NATIVE_COLOR hw_black, NATIVE_COLOR hw_white, NATIVE_COLOR hw_yellow,
+                                     NATIVE_COLOR hw_red) {
+  // --- Step 1: Check for Grayscale (Black or White) ---
+  // We define "grayscale" as a color where the min and max components
+  // are close to each other.
+
+  const auto [min_rgb, max_rgb] = std::minmax({color.r, color.g, color.b});
+
+  if ((max_rgb - min_rgb) < COLORCONV_GRAY_THRESHOLD) {
+    // It's a shade of gray. Map to BLACK or WHITE.
+    // We split the luminance at the halfway point (382 = (255*3)/2)
+    if ((static_cast<int>(color.r) + color.g + color.b) > 382) {
+      return hw_white;
+    }
+    return hw_black;
+  }
+
+  // --- Step 2: Check for Primary/Secondary Colors ---
+  // If it's not gray, it's a color. We check which components are
+  // "on" (over 128) vs "off". This divides the RGB cube into 8 corners.
+  const bool r_on = (color.r > 128);
+  const bool g_on = (color.g > 128);
+  const bool b_on = (color.b > 128);
+
+  if (r_on) {
+    if (!b_on) {
+      return g_on ? hw_yellow : hw_red;
+    }
+
+    // At least red+blue high (but not gray) -> White
+    return hw_white;
+  } else {
+    return (b_on && g_on) ? hw_white : hw_black;
+  }
+}
+
+}  // namespace esphome::epaper_spi

esphome/components/epaper_spi/epaper_spi_jd79660.cpp

@@ -0,0 +1,227 @@
+#include "epaper_spi_jd79660.h"
+#include "colorconv.h"
+
+#include "esphome/core/log.h"
+
+namespace esphome::epaper_spi {
+static constexpr const char *const TAG = "epaper_spi.jd79660";
+
+/** Pixel color as 2bpp. Must match IC LUT values. */
+enum JD79660Color : uint8_t {
+  BLACK = 0b00,
+  WHITE = 0b01,
+  YELLOW = 0b10,
+  RED = 0b11,
+};
+
+/** Map RGB color to JD79660 BWYR hex color keys */
+static JD79660Color HOT color_to_hex(Color color) {
+  return color_to_bwyr(color, JD79660Color::BLACK, JD79660Color::WHITE, JD79660Color::YELLOW, JD79660Color::RED);
+}
+
+void EPaperJD79660::fill(Color color) {
+  // If clipping is active, fall back to base implementation
+  if (this->get_clipping().is_set()) {
+    EPaperBase::fill(color);
+    return;
+  }
+
+  const auto pixel_color = color_to_hex(color);
+
+  // We store 4 pixels per byte
+  this->buffer_.fill(pixel_color | (pixel_color << 2) | (pixel_color << 4) | (pixel_color << 6));
+}
+
+void HOT EPaperJD79660::draw_pixel_at(int x, int y, Color color) {
+  if (!this->rotate_coordinates_(x, y))
+    return;
+  const auto pixel_bits = color_to_hex(color);
+  const uint32_t pixel_position = x + y * this->get_width_internal();
+  // We store 4 pixels per byte at LSB offsets 6, 4, 2, 0
+  const uint32_t byte_position = pixel_position / 4;
+  const uint32_t bit_offset = 6 - ((pixel_position % 4) * 2);
+  const auto original = this->buffer_[byte_position];
+
+  this->buffer_[byte_position] = (original & (~(0b11 << bit_offset))) |  // mask old 2bpp
+                                 (pixel_bits << bit_offset);             // add new 2bpp
+}
+
+bool EPaperJD79660::reset() {
+  // On entry state RESET set step, next state will be RESET_END
+  if (this->state_ == EPaperState::RESET) {
+    this->step_ = FSMState::RESET_STEP0_H;
+  }
+
+  switch (this->step_) {
+    case FSMState::RESET_STEP0_H:
+      // Step #0: Reset H for some settle time.
+
+      ESP_LOGVV(TAG, "reset #0");
+      this->reset_pin_->digital_write(true);
+
+      this->reset_duration_ = SLEEP_MS_RESET0;
+      this->step_ = FSMState::RESET_STEP1_L;
+      return false;  // another loop: step #1 below
+
+    case FSMState::RESET_STEP1_L:
+      // Step #1: Reset L pulse for slightly >1.5ms.
+      // This is actual reset trigger.
+
+      ESP_LOGVV(TAG, "reset #1");
+
+      // As commented on SLEEP_MS_RESET1: Reset pulse must happen within time window.
+      // So do not use FSM loop, and avoid other calls/logs during pulse below.
+      this->reset_pin_->digital_write(false);
+      delay(SLEEP_MS_RESET1);
+      this->reset_pin_->digital_write(true);
+
+      this->reset_duration_ = SLEEP_MS_RESET2;
+      this->step_ = FSMState::RESET_STEP2_IDLECHECK;
+      return false;  // another loop: step #2 below
+
+    case FSMState::RESET_STEP2_IDLECHECK:
+      // Step #2: Basically finished. Check sanity, and move FSM to INITIALISE state
+      ESP_LOGVV(TAG, "reset #2");
+
+      if (!this->is_idle_()) {
+        // Expectation: Idle after reset + settle time.
+        // Improperly connected/unexpected hardware?
+        // Error path reproducable e.g. with disconnected VDD/... pins
+        // (optimally while busy_pin configured with local pulldown).
+        // -> Mark failed to avoid followup problems.
+        this->mark_failed(LOG_STR("Busy after reset"));
+      }
+      break;  // End state loop below
+
+    default:
+      // Unexpected step = bug?
+      this->mark_failed();
+  }
+
+  this->step_ = FSMState::INIT_STEP0_REGULARINIT;  // reset for initialize state
+  return true;
+}
+
+bool EPaperJD79660::initialise(bool partial) {
+  switch (this->step_) {
+    case FSMState::INIT_STEP0_REGULARINIT:
+      // Step #0: Regular init sequence
+      ESP_LOGVV(TAG, "init #0");
+      if (!EPaperBase::initialise(partial)) {  // Call parent impl
+        return false;                          // If parent should request another loop, do so
+      }
+
+      // Fast init requested + supported?
+      if (partial && (this->fast_update_length_ > 0)) {
+        this->step_ = FSMState::INIT_STEP1_FASTINIT;
+        this->wait_for_idle_(true);  // Must wait for idle before fastinit sequence in next loop
+        return false;                // another loop: step #1 below
+      }
+
+      break;  // End state loop below
+
+    case FSMState::INIT_STEP1_FASTINIT:
+      // Step #1: Fast init sequence
+      ESP_LOGVV(TAG, "init #1");
+      this->write_fastinit_();
+      break;  // End state loop below
+
+    default:
+      // Unexpected step = bug?
+      this->mark_failed();
+  }
+
+  this->step_ = FSMState::NONE;
+  return true;  // Finished: State transition waits for idle
+}
+
+bool EPaperJD79660::transfer_buffer_chunks_() {
+  size_t buf_idx = 0;
+  uint8_t bytes_to_send[MAX_TRANSFER_SIZE];
+  const uint32_t start_time = App.get_loop_component_start_time();
+  const auto buffer_length = this->buffer_length_;
+  while (this->current_data_index_ != buffer_length) {
+    bytes_to_send[buf_idx++] = this->buffer_[this->current_data_index_++];
+
+    if (buf_idx == sizeof bytes_to_send) {
+      this->start_data_();
+      this->write_array(bytes_to_send, buf_idx);
+      this->disable();
+      ESP_LOGVV(TAG, "Wrote %zu bytes at %ums", buf_idx, (unsigned) millis());
+      buf_idx = 0;
+
+      if (millis() - start_time > MAX_TRANSFER_TIME) {
+        // Let the main loop run and come back next loop
+        return false;
+      }
+    }
+  }
+
+  // Finished the entire dataset
+  if (buf_idx != 0) {
+    this->start_data_();
+    this->write_array(bytes_to_send, buf_idx);
+    this->disable();
+    ESP_LOGVV(TAG, "Wrote %zu bytes at %ums", buf_idx, (unsigned) millis());
+  }
+  // Cleanup for next transfer
+  this->current_data_index_ = 0;
+
+  // Finished with all buffer chunks
+  return true;
+}
+
+void EPaperJD79660::write_fastinit_() {
+  // Undocumented register sequence in vendor register range.
+  // Related to Fast Init/Update.
+  // Should likely happen after regular init seq and power on, but before refresh.
+  // Might only work for some models with certain factory MTP.
+  // Please do not change without knowledge to avoid breakage.
+
+  this->send_init_sequence_(this->fast_update_, this->fast_update_length_);
+}
+
+bool EPaperJD79660::transfer_data() {
+  // For now always send full frame buffer in chunks.
+  // JD79660 might support partial window transfers. But sample code missing.
+  // And likely minimal impact, solely on SPI transfer time into RAM.
+
+  if (this->current_data_index_ == 0) {
+    this->command(CMD_TRANSFER);
+  }
+
+  return this->transfer_buffer_chunks_();
+}
+
+void EPaperJD79660::refresh_screen([[maybe_unused]] bool partial) {
+  ESP_LOGV(TAG, "Refresh");
+  this->cmd_data(CMD_REFRESH, {(uint8_t) 0x00});
+}
+
+void EPaperJD79660::power_off() {
+  ESP_LOGV(TAG, "Power off");
+  this->cmd_data(CMD_POWEROFF, {(uint8_t) 0x00});
+}
+
+void EPaperJD79660::deep_sleep() {
+  ESP_LOGV(TAG, "Deep sleep");
+  // "Deepsleep between update": Ensure EPD sleep to avoid early hardware wearout!
+  this->cmd_data(CMD_DEEPSLEEP, {(uint8_t) 0xA5});
+
+  // Notes:
+  // - VDD: Some boards (Waveshare) with "clever reset logic" would allow switching off
+  //   EPD VDD by pulling reset pin low for longer time.
+  //   However, a) not all boards have this, b) reliable sequence timing is difficult,
+  //   c) saving is not worth it after deepsleep command above.
+  //   If needed: Better option is to drive VDD via MOSFET with separate enable pin.
+  //
+  // - Possible safe shutdown:
+  //   EPaperBase::on_safe_shutdown() may also trigger deep_sleep() again.
+  //   Regularly, in IDLE state, this does not make sense for this "deepsleep between update" model,
+  //   but SPI sequence should simply be ignored by sleeping receiver.
+  //   But if triggering during lengthy update, this quick SPI sleep sequence may have benefit.
+  //   Optimally, EPDs should even be set all white for longer storage.
+  //   But full sequence (>15s) not possible w/o app logic.
+}
+
+}  // namespace esphome::epaper_spi

esphome/components/epaper_spi/epaper_spi_jd79660.h

@@ -0,0 +1,145 @@
+#pragma once
+
+#include "epaper_spi.h"
+
+namespace esphome::epaper_spi {
+
+/**
+ * JD7966x IC driver implementation
+ *
+ * Currently tested with:
+ * - JD79660 (max res: 200x200)
+ *
+ * May also work for other JD7966x chipset family members with minimal adaptations.
+ *
+ * Capabilities:
+ * - HW frame buffer layout:
+ *   4 colors (gray0..3, commonly BWYR). Bytes consist of 4px/2bpp.
+ *   Width must be rounded to multiple of 4.
+ * - Fast init/update (shorter wave forms): Yes. Controlled by CONF_FULL_UPDATE_EVERY.
+ *   Needs undocumented fastinit sequence, based on likely vendor specific MTP content.
+ * - Partial transfer (transfer only changed window): No. Maybe possible by HW.
+ * - Partial refresh (refresh only changed window): No. Likely HW limit.
+ *
+ * @internal \c final saves few bytes by devirtualization. Remove \c final when subclassing.
+ */
+class EPaperJD79660 final : public EPaperBase {
+ public:
+  EPaperJD79660(const char *name, uint16_t width, uint16_t height, const uint8_t *init_sequence,
+                size_t init_sequence_length, const uint8_t *fast_update, uint16_t fast_update_length)
+      : EPaperBase(name, width, height, init_sequence, init_sequence_length, DISPLAY_TYPE_COLOR),
+        fast_update_(fast_update),
+        fast_update_length_(fast_update_length) {
+    this->row_width_ = (width + 3) / 4;  // Fix base class calc (2bpp instead of 1bpp)
+    this->buffer_length_ = this->row_width_ * height;
+  }
+
+  void fill(Color color) override;
+
+ protected:
+  /** Draw colored pixel into frame buffer */
+  void draw_pixel_at(int x, int y, Color color) override;
+
+  /** Reset (multistep sequence)
+   * @pre this->reset_pin_ != nullptr // cv.Required check
+   * @post Should be idle on successful reset. Can mark failures.
+   */
+  bool reset() override;
+
+  /** Initialise (multistep sequence) */
+  bool initialise(bool partial) override;
+
+  /** Buffer transfer */
+  bool transfer_data() override;
+
+  /** Power on: Already part of init sequence (likely needed there before transferring buffers).
+   * So nothing to do in FSM state.
+   */
+  void power_on() override {}
+
+  /** Refresh screen
+   * @param partial Ignored: Needed earlier in \a ::initialize
+   * @pre Must be idle.
+   * @post Should return to idle later after processing.
+   */
+  void refresh_screen([[maybe_unused]] bool partial) override;
+
+  /** Power off
+   * @pre Must be idle.
+   * @post Should return to idle later after processing.
+   *       (latter will take long period like ~15-20s on actual refresh!)
+   */
+  void power_off() override;
+
+  /** Deepsleep: Must be used to avoid hardware wearout!
+   * @pre Must be idle.
+   * @post Will go busy, and not return idle till ::reset!
+   */
+  void deep_sleep() override;
+
+  /** Internal: Send fast init sequence via undocumented vendor registers
+   * @pre Must be directly after regular ::initialise sequence, before ::transfer_data
+   * @pre Must be idle.
+   * @post Should return to idle later after processing.
+   */
+  void write_fastinit_();
+
+  /** Internal: Send raw buffer in chunks
+   * \retval true Finished
+   * \retval false Loop time elapsed. Need to call again next loop.
+   */
+  bool transfer_buffer_chunks_();
+
+  /** @name IC commands @{ */
+  static constexpr uint8_t CMD_POWEROFF = 0x02;
+  static constexpr uint8_t CMD_DEEPSLEEP = 0x07;
+  static constexpr uint8_t CMD_TRANSFER = 0x10;
+  static constexpr uint8_t CMD_REFRESH = 0x12;
+  /** @} */
+
+  /** State machine constants for \a step_ */
+  enum class FSMState : uint8_t {
+    NONE = 0,  //!< Initial/default value: Unused
+
+    /* Reset state steps */
+    RESET_STEP0_H,
+    RESET_STEP1_L,
+    RESET_STEP2_IDLECHECK,
+
+    /* Init state steps */
+    INIT_STEP0_REGULARINIT,
+    INIT_STEP1_FASTINIT,
+  };
+
+  /** Wait time (millisec) for first reset phase: High
+   *
+   * Wait via FSM loop.
+   */
+  static constexpr uint16_t SLEEP_MS_RESET0 = 200;
+
+  /** Wait time (millisec) for second reset phase: Low
+   *
+   * Holding Reset Low too long may trigger "clever reset" logic
+   * of e.g. Waveshare Rev2 boards: VDD is shut down via MOSFET, and IC
+   * will not report idle anymore!
+   * FSM loop may spuriously increase delay, e.g. >16ms.
+   * Therefore, sync wait below, as allowed (code rule "delays > 10ms not permitted"),
+   * yet only slightly exceeding known IC min req of >1.5ms.
+   */
+  static constexpr uint16_t SLEEP_MS_RESET1 = 2;
+
+  /** Wait time (millisec) for third reset phase: High
+   *
+   * Wait via FSM loop.
+   */
+  static constexpr uint16_t SLEEP_MS_RESET2 = 200;
+
+  // properties initialised in the constructor
+  const uint8_t *const fast_update_{};
+  const uint16_t fast_update_length_{};
+
+  /** Counter for tracking substeps within FSM state */
+  FSMState step_{FSMState::NONE};
+};
+
+}  // namespace esphome::epaper_spi

esphome/components/epaper_spi/epaper_spi_spectra_e6.h

@@ -4,7 +4,7 @@
 
 namespace esphome::epaper_spi {
 
-class EPaperSpectraE6 : public EPaperBase {
+class EPaperSpectraE6 final : public EPaperBase {
  public:
   EPaperSpectraE6(const char *name, uint16_t width, uint16_t height, const uint8_t *init_sequence,
                   size_t init_sequence_length)

esphome/components/epaper_spi/epaper_waveshare.h

@@ -6,7 +6,7 @@ namespace esphome::epaper_spi {
 /**
  * An epaper display that needs LUTs to be sent to it.
  */
-class EpaperWaveshare : public EPaperMono {
+class EpaperWaveshare final : public EPaperMono {
  public:
   EpaperWaveshare(const char *name, uint16_t width, uint16_t height, const uint8_t *init_sequence,
                   size_t init_sequence_length, const uint8_t *lut, size_t lut_length, const uint8_t *partial_lut,

esphome/components/epaper_spi/models/jd79660.py

@@ -0,0 +1,86 @@
+import esphome.codegen as cg
+from esphome.components.mipi import flatten_sequence
+import esphome.config_validation as cv
+from esphome.const import CONF_BUSY_PIN, CONF_RESET_PIN
+from esphome.core import ID
+
+from ..display import CONF_INIT_SEQUENCE_ID
+from . import EpaperModel
+
+
+class JD79660(EpaperModel):
+    def __init__(self, name, class_name="EPaperJD79660", fast_update=None, **kwargs):
+        super().__init__(name, class_name, **kwargs)
+        self.fast_update = fast_update
+
+    def option(self, name, fallback=cv.UNDEFINED) -> cv.Optional | cv.Required:
+        # Validate required pins, as C++ code will assume existence
+        if name in (CONF_RESET_PIN, CONF_BUSY_PIN):
+            return cv.Required(name)
+
+        # Delegate to parent
+        return super().option(name, fallback)
+
+    def get_constructor_args(self, config) -> tuple:
+        # Resembles init_sequence handling for fast_update config
+        if self.fast_update is None:
+            fast_update = cg.nullptr, 0
+        else:
+            flat_fast_update = flatten_sequence(self.fast_update)
+            fast_update = (
+                cg.static_const_array(
+                    ID(
+                        config[CONF_INIT_SEQUENCE_ID].id + "_fast_update", type=cg.uint8
+                    ),
+                    flat_fast_update,
+                ),
+                len(flat_fast_update),
+            )
+        return (*fast_update,)
+
+
+jd79660 = JD79660(
+    "jd79660",
+    # Specified refresh times are ~20s (full) or ~15s (fast) due to BWRY.
+    # So disallow low update intervals (with safety margin), to avoid e.g. FSM update loops.
+    # Even less frequent intervals (min/h) highly recommended to optimize lifetime!
+    minimum_update_interval="30s",
+    # SPI rate: From spec comparisons, IC should allow SCL write cycles up to 10MHz rate.
+    # Existing code samples also prefer 10MHz. So justifies as default.
+    # Decrease value further in user config if needed (e.g. poor cabling).
+    data_rate="10MHz",
+    # No need to set optional reset_duration:
+    # Code requires multistep reset sequence with precise timings
+    # according to data sheet or samples.
+)
+
+# Waveshare 1.54-G
+#
+# Device may have specific factory provisioned MTP content to facilitate vendor register features like fast init.
+# Vendor specific init derived from vendor sample code
+# <https://github.com/waveshareteam/e-Paper/blob/master/E-paper_Separate_Program/1in54_e-Paper_G/ESP32/EPD_1in54g.cpp>
+# Compatible MIT license, see esphome/LICENSE file.
+#
+# fmt: off
+jd79660.extend(
+    "Waveshare-1.54in-G",
+    width=200,
+    height=200,
+
+    initsequence=(
+        (0x4D, 0x78,),
+        (0x00, 0x0F, 0x29,),
+        (0x06, 0x0d, 0x12, 0x30, 0x20, 0x19, 0x2a, 0x22,),
+        (0x50, 0x37,),
+        (0x61, 200 // 256, 200 % 256, 200 // 256, 200 % 256,),  # RES: 200x200 fixed
+        (0xE9, 0x01,),
+        (0x30, 0x08,),
+        # Power On (0x04): Must be early part of init seq = Disabled later!
+        (0x04,),
+    ),
+    fast_update=(
+        (0xE0, 0x02,),
+        (0xE6, 0x5D,),
+        (0xA5, 0x00,),
+    ),
+)

esphome/components/template/water_heater/__init__.py

@@ -46,6 +46,7 @@ CONFIG_SCHEMA = (
                 RESTORE_MODES, upper=True
             ),
             cv.Optional(CONF_CURRENT_TEMPERATURE): cv.returning_lambda,
+            cv.Optional(CONF_TARGET_TEMPERATURE): cv.returning_lambda,
             cv.Optional(CONF_MODE): cv.returning_lambda,
             cv.Optional(CONF_SUPPORTED_MODES): cv.ensure_list(
                 water_heater.validate_water_heater_mode
@@ -78,6 +79,14 @@ async def to_code(config: ConfigType) -> None:
         )
         cg.add(var.set_current_temperature_lambda(template_))
 
+    if CONF_TARGET_TEMPERATURE in config:
+        template_ = await cg.process_lambda(
+            config[CONF_TARGET_TEMPERATURE],
+            [],
+            return_type=cg.optional.template(cg.float_),
+        )
+        cg.add(var.set_target_temperature_lambda(template_))
+
     if CONF_MODE in config:
         template_ = await cg.process_lambda(
             config[CONF_MODE],

esphome/components/template/water_heater/template_water_heater.cpp

@@ -16,7 +16,8 @@ void TemplateWaterHeater::setup() {
       restore->perform();
     }
   }
-  if (!this->current_temperature_f_.has_value() && !this->mode_f_.has_value())
+  if (!this->current_temperature_f_.has_value() && !this->target_temperature_f_.has_value() &&
+      !this->mode_f_.has_value())
     this->disable_loop();
 }
 
@@ -28,6 +29,9 @@ water_heater::WaterHeaterTraits TemplateWaterHeater::traits() {
   }
 
   traits.set_supports_current_temperature(true);
+  if (this->target_temperature_f_.has_value()) {
+    traits.add_feature_flags(water_heater::WATER_HEATER_SUPPORTS_TARGET_TEMPERATURE);
+  }
   return traits;
 }
 
@@ -42,6 +46,14 @@ void TemplateWaterHeater::loop() {
     }
   }
 
+  auto target_temp = this->target_temperature_f_.call();
+  if (target_temp.has_value()) {
+    if (*target_temp != this->target_temperature_) {
+      this->target_temperature_ = *target_temp;
+      changed = true;
+    }
+  }
+
   auto new_mode = this->mode_f_.call();
   if (new_mode.has_value()) {
     if (*new_mode != this->mode_) {

esphome/components/template/water_heater/template_water_heater.h

@@ -20,6 +20,9 @@ class TemplateWaterHeater : public Component, public water_heater::WaterHeater {
   template<typename F> void set_current_temperature_lambda(F &&f) {
     this->current_temperature_f_.set(std::forward<F>(f));
   }
+  template<typename F> void set_target_temperature_lambda(F &&f) {
+    this->target_temperature_f_.set(std::forward<F>(f));
+  }
   template<typename F> void set_mode_lambda(F &&f) { this->mode_f_.set(std::forward<F>(f)); }
 
   void set_optimistic(bool optimistic) { this->optimistic_ = optimistic; }
@@ -44,6 +47,7 @@ class TemplateWaterHeater : public Component, public water_heater::WaterHeater {
   // Ordered to minimize padding on 32-bit: 4-byte members first, then smaller
   Trigger<> set_trigger_;
   TemplateLambda<float> current_temperature_f_;
+  TemplateLambda<float> target_temperature_f_;
   TemplateLambda<water_heater::WaterHeaterMode> mode_f_;
   TemplateWaterHeaterRestoreMode restore_mode_{WATER_HEATER_NO_RESTORE};
   water_heater::WaterHeaterModeMask supported_modes_;

esphome/dashboard/web_server.py

@@ -317,6 +317,7 @@ class EsphomeCommandWebSocket(CheckOriginMixin, tornado.websocket.WebSocketHandl
             # Check if the proc was not forcibly closed
             _LOGGER.info("Process exited with return code %s", returncode)
             self.write_message({"event": "exit", "code": returncode})
+            self.close()
 
     def on_close(self) -> None:
         # Check if proc exists (if 'start' has been run)
@@ -1053,17 +1054,26 @@ class DownloadBinaryRequestHandler(BaseHandler):
         # fallback to type=, but prioritize file=
         file_name = self.get_argument("type", None)
         file_name = self.get_argument("file", file_name)
-        if file_name is None:
+        if file_name is None or not file_name.strip():
             self.send_error(400)
             return
-        file_name = file_name.replace("..", "").lstrip("/")
         # get requested download name, or build it based on filename
         download_name = self.get_argument(
             "download",
             f"{storage_json.name}-{file_name}",
         )
 
-        path = storage_json.firmware_bin_path.parent.joinpath(file_name)
+        if storage_json.firmware_bin_path is None:
+            self.send_error(404)
+            return
+
+        base_dir = storage_json.firmware_bin_path.parent.resolve()
+        path = base_dir.joinpath(file_name).resolve()
+        try:
+            path.relative_to(base_dir)
+        except ValueError:
+            self.send_error(403)
+            return
 
         if not path.is_file():
             args = ["esphome", "idedata", settings.rel_path(configuration)]
@@ -1077,7 +1087,7 @@ class DownloadBinaryRequestHandler(BaseHandler):
 
             found = False
             for image in idedata.extra_flash_images:
-                if image.path.endswith(file_name):
+                if image.path.as_posix().endswith(file_name):
                     path = image.path
                     download_name = file_name
                     found = True

tests/components/epaper_spi/test.esp32-s3-idf.yaml

@@ -25,6 +25,22 @@ display:
     lambda: |-
       it.circle(64, 64, 50, Color::BLACK);
 
+  - platform: epaper_spi
+    spi_id: spi_bus
+    model: waveshare-1.54in-G
+    cs_pin:
+      allow_other_uses: true
+      number: GPIO5
+    dc_pin:
+      allow_other_uses: true
+      number: GPIO17
+    reset_pin:
+      allow_other_uses: true
+      number: GPIO16
+    busy_pin:
+      allow_other_uses: true
+      number: GPIO4
+
   - platform: epaper_spi
     spi_id: spi_bus
     model: waveshare-2.13in-v3

tests/components/template/common-base.yaml

@@ -412,6 +412,7 @@ water_heater:
     name: "Template Water Heater"
     optimistic: true
     current_temperature: !lambda "return 42.0f;"
+    target_temperature: !lambda "return 60.0f;"
     mode: !lambda "return water_heater::WATER_HEATER_MODE_ECO;"
     supported_modes:
       - "OFF"

tests/dashboard/test_web_server.py

@@ -8,6 +8,7 @@ import gzip
 import json
 import os
 from pathlib import Path
+import sys
 from unittest.mock import AsyncMock, MagicMock, Mock, patch
 
 import pytest
@@ -29,7 +30,7 @@ from esphome.dashboard.entries import (
     bool_to_entry_state,
 )
 from esphome.dashboard.models import build_importable_device_dict
-from esphome.dashboard.web_server import DashboardSubscriber
+from esphome.dashboard.web_server import DashboardSubscriber, EsphomeCommandWebSocket
 from esphome.zeroconf import DiscoveredImport
 
 from .common import get_fixture_path
@@ -421,7 +422,7 @@ async def test_download_binary_handler_idedata_fallback(
 
     # Mock idedata response
     mock_image = Mock()
-    mock_image.path = str(bootloader_file)
+    mock_image.path = bootloader_file
     mock_idedata_instance = Mock()
     mock_idedata_instance.extra_flash_images = [mock_image]
     mock_idedata.return_value = mock_idedata_instance
@@ -528,14 +529,22 @@ async def test_download_binary_handler_subdirectory_file_url_encoded(
 @pytest.mark.asyncio
 @pytest.mark.usefixtures("mock_ext_storage_path")
 @pytest.mark.parametrize(
-    "attack_path",
+    ("attack_path", "expected_code"),
     [
-        pytest.param("../../../secrets.yaml", id="basic_traversal"),
-        pytest.param("..%2F..%2F..%2Fsecrets.yaml", id="url_encoded"),
-        pytest.param("zephyr/../../../secrets.yaml", id="traversal_with_prefix"),
-        pytest.param("/etc/passwd", id="absolute_path"),
-        pytest.param("//etc/passwd", id="double_slash_absolute"),
-        pytest.param("....//secrets.yaml", id="multiple_dots"),
+        pytest.param("../../../secrets.yaml", 403, id="basic_traversal"),
+        pytest.param("..%2F..%2F..%2Fsecrets.yaml", 403, id="url_encoded"),
+        pytest.param("zephyr/../../../secrets.yaml", 403, id="traversal_with_prefix"),
+        pytest.param("/etc/passwd", 403, id="absolute_path"),
+        pytest.param("//etc/passwd", 403, id="double_slash_absolute"),
+        pytest.param(
+            "....//secrets.yaml",
+            # On Windows, Path.resolve() treats "..." and "...." as parent
+            # traversal (like ".."), so the path escapes base_dir -> 403.
+            # On Unix, "...." is a literal directory name that stays inside
+            # base_dir but doesn't exist -> 404.
+            403 if sys.platform == "win32" else 404,
+            id="multiple_dots",
+        ),
     ],
 )
 async def test_download_binary_handler_path_traversal_protection(
@@ -543,11 +552,14 @@ async def test_download_binary_handler_path_traversal_protection(
     tmp_path: Path,
     mock_storage_json: MagicMock,
     attack_path: str,
+    expected_code: int,
 ) -> None:
     """Test that DownloadBinaryRequestHandler prevents path traversal attacks.
 
-    Verifies that attempts to use '..' in file paths are sanitized to prevent
-    accessing files outside the build directory. Tests multiple attack vectors.
+    Verifies that attempts to escape the build directory via '..' are rejected
+    using resolve()/relative_to() validation. Tests multiple attack vectors.
+    Real traversals that escape the base directory get 403. Paths like '....'
+    that resolve inside the base directory but don't exist get 404.
     """
     # Create build structure
     build_dir = get_build_path(tmp_path, "test")
@@ -565,14 +577,67 @@ async def test_download_binary_handler_path_traversal_protection(
     mock_storage.firmware_bin_path = firmware_file
     mock_storage_json.load.return_value = mock_storage
 
-    # Attempt path traversal attack - should be blocked
-    with pytest.raises(HTTPClientError) as exc_info:
+    # Mock async_run_system_command so paths that pass validation but don't exist
+    # return 404 deterministically without spawning a real subprocess.
+    with (
+        patch(
+            "esphome.dashboard.web_server.async_run_system_command",
+            new_callable=AsyncMock,
+            return_value=(2, "", ""),
+        ),
+        pytest.raises(HTTPClientError) as exc_info,
+    ):
         await dashboard.fetch(
             f"/download.bin?configuration=test.yaml&file={attack_path}",
             method="GET",
         )
-    # Should get 404 (file not found after sanitization) or 500 (idedata fails)
-    assert exc_info.value.code in (404, 500)
+    assert exc_info.value.code == expected_code
+
+
+@pytest.mark.asyncio
+@pytest.mark.usefixtures("mock_ext_storage_path")
+async def test_download_binary_handler_no_firmware_bin_path(
+    dashboard: DashboardTestHelper,
+    mock_storage_json: MagicMock,
+) -> None:
+    """Test that download returns 404 when firmware_bin_path is None.
+
+    This covers configs created by StorageJSON.from_wizard() where no
+    firmware has been compiled yet.
+    """
+    mock_storage = Mock()
+    mock_storage.name = "test_device"
+    mock_storage.firmware_bin_path = None
+    mock_storage_json.load.return_value = mock_storage
+
+    with pytest.raises(HTTPClientError) as exc_info:
+        await dashboard.fetch(
+            "/download.bin?configuration=test.yaml&file=firmware.bin",
+            method="GET",
+        )
+    assert exc_info.value.code == 404
+
+
+@pytest.mark.asyncio
+@pytest.mark.usefixtures("mock_ext_storage_path")
+@pytest.mark.parametrize("file_value", ["", "%20%20", "%20"])
+async def test_download_binary_handler_empty_file_name(
+    dashboard: DashboardTestHelper,
+    mock_storage_json: MagicMock,
+    file_value: str,
+) -> None:
+    """Test that download returns 400 for empty or whitespace-only file names."""
+    mock_storage = Mock()
+    mock_storage.name = "test_device"
+    mock_storage.firmware_bin_path = Path("/fake/firmware.bin")
+    mock_storage_json.load.return_value = mock_storage
+
+    with pytest.raises(HTTPClientError) as exc_info:
+        await dashboard.fetch(
+            f"/download.bin?configuration=test.yaml&file={file_value}",
+            method="GET",
+        )
+    assert exc_info.value.code == 400
 
 
 @pytest.mark.asyncio
@@ -1654,3 +1719,25 @@ async def test_websocket_check_origin_multiple_trusted_domains(
             assert data["event"] == "initial_state"
         finally:
             ws.close()
+
+
+def test_proc_on_exit_calls_close() -> None:
+    """Test _proc_on_exit sends exit event and closes the WebSocket."""
+    handler = Mock(spec=EsphomeCommandWebSocket)
+    handler._is_closed = False
+
+    EsphomeCommandWebSocket._proc_on_exit(handler, 0)
+
+    handler.write_message.assert_called_once_with({"event": "exit", "code": 0})
+    handler.close.assert_called_once()
+
+
+def test_proc_on_exit_skips_when_already_closed() -> None:
+    """Test _proc_on_exit does nothing when WebSocket is already closed."""
+    handler = Mock(spec=EsphomeCommandWebSocket)
+    handler._is_closed = True
+
+    EsphomeCommandWebSocket._proc_on_exit(handler, 0)
+
+    handler.write_message.assert_not_called()
+    handler.close.assert_not_called()

tests/integration/fixtures/water_heater_template.yaml

@@ -10,6 +10,7 @@ water_heater:
     name: Test Boiler
     optimistic: true
     current_temperature: !lambda "return 45.0f;"
+    target_temperature: !lambda "return 60.0f;"
     # Note: No mode lambda - we want optimistic mode changes to stick
     # A mode lambda would override mode changes in loop()
     supported_modes:

tests/integration/test_water_heater_template.py

@@ -85,6 +85,9 @@ async def test_water_heater_template(
         assert initial_state.current_temperature == 45.0, (
             f"Expected current temp 45.0, got {initial_state.current_temperature}"
         )
+        assert initial_state.target_temperature == 60.0, (
+            f"Expected target temp 60.0, got {initial_state.target_temperature}"
+        )
 
         # Test changing to GAS mode
         client.water_heater_command(test_water_heater.key, mode=WaterHeaterMode.GAS)