add synaptics to release (#21591 )

Miscellaneous Fixes (0.17 beta) (#21575 )
* icon improvements add type to getIconForLabel provide default icon for audio events * Add preferred language to review docs * prevent react Suspense crash during auth redirect add redirect-check guards to stop rendering lazy routes while navigation is pending (fixes some users seeing React error #426 when auth expires) * Uppsercase model name --------- Co-authored-by: Nicolas Mowen <nickmowen213@gmail.com>
2026-01-11 14:58:29 -05:00 · 2026-01-10 11:50:37 -06:00 · 2026-01-09 16:23:33 -07:00 · 2026-01-08 14:28:18 -07:00 · 2026-01-07 17:29:19 -06:00 · 2026-01-07 07:22:05 -07:00
676 changed files with 21832 additions and 5830 deletions
--- a/.cspell/frigate-dictionary.txt
+++ b/.cspell/frigate-dictionary.txt
@@ -22,6 +22,7 @@ autotrack
 autotracked
 autotracker
 autotracking
+backchannel
 balena
 Beelink
 BGRA
@@ -191,6 +192,7 @@ ONVIF
 openai
 opencv
 openvino
+overfitting
 OWASP
 paddleocr
 paho
@@ -315,4 +317,4 @@ yolo
 yolonas
 yolox
 zeep
-zerolatency
+zerolatency
--- a/.github/DISCUSSION_TEMPLATE/beta-support.yml
+++ b/.github/DISCUSSION_TEMPLATE/beta-support.yml
@@ -0,0 +1,129 @@
+title: "[Beta Support]: "
+labels: ["support", "triage", "beta"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thank you for testing Frigate beta versions! Use this form for support with beta releases.
+
+        **Note:** Beta versions may have incomplete features, known issues, or unexpected behavior. Please check the [release notes](https://github.com/blakeblackshear/frigate/releases) and [recent discussions][discussions] for known beta issues before submitting.
+
+        Before submitting, read the [beta documentation][docs].
+
+        [docs]: https://deploy-preview-19787--frigate-docs.netlify.app/
+  - type: textarea
+    id: description
+    attributes:
+      label: Describe the problem you are having
+      description: Please be as detailed as possible. Include what you expected to happen vs what actually happened.
+    validations:
+      required: true
+  - type: input
+    id: version
+    attributes:
+      label: Beta Version
+      description: Visible on the System page in the Web UI. Please include the full version including the build identifier (eg. 0.17.0-beta1)
+      placeholder: "0.17.0-beta1"
+    validations:
+      required: true
+  - type: dropdown
+    id: issue-category
+    attributes:
+      label: Issue Category
+      description: What area is your issue related to? This helps us understand the context.
+      options:
+        - Object Detection / Detectors
+        - Hardware Acceleration
+        - Configuration / Setup
+        - WebUI / Frontend
+        - Recordings / Storage
+        - Notifications / Events
+        - Integration (Home Assistant, etc)
+        - Performance / Stability
+        - Installation / Updates
+        - Other
+    validations:
+      required: true
+  - type: textarea
+    id: config
+    attributes:
+      label: Frigate config file
+      description: This will be automatically formatted into code, so no need for backticks. Remove any sensitive information like passwords or URLs.
+      render: yaml
+    validations:
+      required: true
+  - type: textarea
+    id: frigatelogs
+    attributes:
+      label: Relevant Frigate log output
+      description: Please copy and paste any relevant Frigate log output. Include logs before and after your exact error when possible. This will be automatically formatted into code, so no need for backticks.
+      render: shell
+    validations:
+      required: true
+  - type: textarea
+    id: go2rtclogs
+    attributes:
+      label: Relevant go2rtc log output (if applicable)
+      description: If your issue involves cameras, streams, or playback, please include go2rtc logs. Logs can be viewed via the Frigate UI, Docker, or the go2rtc dashboard. This will be automatically formatted into code, so no need for backticks.
+      render: shell
+  - type: dropdown
+    id: install-method
+    attributes:
+      label: Install method
+      options:
+        - Home Assistant Add-on
+        - Docker Compose
+        - Docker CLI
+        - Proxmox via Docker
+        - Proxmox via TTeck Script
+        - Windows WSL2
+    validations:
+      required: true
+  - type: textarea
+    id: docker
+    attributes:
+      label: docker-compose file or Docker CLI command
+      description: This will be automatically formatted into code, so no need for backticks. Include relevant environment variables and device mappings.
+      render: yaml
+    validations:
+      required: true
+  - type: dropdown
+    id: os
+    attributes:
+      label: Operating system
+      options:
+        - Home Assistant OS
+        - Debian
+        - Ubuntu
+        - Other Linux
+        - Proxmox
+        - UNRAID
+        - Windows
+        - Other
+    validations:
+      required: true
+  - type: input
+    id: hardware
+    attributes:
+      label: CPU / GPU / Hardware
+      description: Provide details about your hardware (e.g., Intel i5-9400, NVIDIA RTX 3060, Raspberry Pi 4, etc)
+      placeholder: "Intel i7-10700, NVIDIA GTX 1660"
+  - type: textarea
+    id: screenshots
+    attributes:
+      label: Screenshots
+      description: Screenshots of the issue, System metrics pages, or any relevant UI. Drag and drop or paste images directly.
+  - type: textarea
+    id: steps-to-reproduce
+    attributes:
+      label: Steps to reproduce
+      description: If applicable, provide detailed steps to reproduce the issue
+      placeholder: |
+        1. Go to '...'
+        2. Click on '...'
+        3. See error
+  - type: textarea
+    id: other
+    attributes:
+      label: Any other information that may be helpful
+      description: Additional context, related issues, when the problem started appearing, etc.
--- a/.github/DISCUSSION_TEMPLATE/report-a-bug.yml
+++ b/.github/DISCUSSION_TEMPLATE/report-a-bug.yml
@@ -6,6 +6,8 @@ body:
      value: |
        Use this form to submit a reproducible bug in Frigate or Frigate's UI.

+        **⚠️ If you are running a beta version (0.17.0-beta or similar), please use the [Beta Support template](https://github.com/blakeblackshear/frigate/discussions/new?category=beta-support) instead.**
+
        Before submitting your bug report, please ask the AI with the "Ask AI" button on the [official documentation site][ai] about your issue, [search the discussions][discussions], look at recent open and closed [pull requests][prs], read the [official Frigate documentation][docs], and read the [Frigate FAQ][faq] pinned at the Discussion page to see if your bug has already been fixed by the developers or reported by the community.

        **If you are unsure if your issue is actually a bug or not, please submit a support request first.**
--- a/.github/copilot-instructions.md
+++ b/.github/copilot-instructions.md
@@ -0,0 +1,2 @@
+Never write strings in the frontend directly, always write to and reference the relevant translations file.
+Always conform new and refactored code to the existing coding style in the project.
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -15,7 +15,7 @@ concurrency:
  cancel-in-progress: true

 env:
-  PYTHON_VERSION: 3.9
+  PYTHON_VERSION: 3.11

 jobs:
  amd64_build:
@@ -23,7 +23,7 @@ jobs:
    name: AMD64 Build
    steps:
      - name: Check out code
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
        with:
          persist-credentials: false
      - name: Set up QEMU and Buildx
@@ -47,7 +47,7 @@ jobs:
    name: ARM Build
    steps:
      - name: Check out code
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
        with:
          persist-credentials: false
      - name: Set up QEMU and Buildx
@@ -82,7 +82,7 @@ jobs:
    name: Jetson Jetpack 6
    steps:
      - name: Check out code
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
        with:
          persist-credentials: false
      - name: Set up QEMU and Buildx
@@ -113,7 +113,7 @@ jobs:
      - amd64_build
    steps:
      - name: Check out code
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
        with:
          persist-credentials: false
      - name: Set up QEMU and Buildx
@@ -136,7 +136,6 @@ jobs:
            *.cache-to=type=registry,ref=${{ steps.setup.outputs.cache-name }}-tensorrt,mode=max
      - name: AMD/ROCm general build
        env:
-          AMDGPU: gfx
          HSA_OVERRIDE: 0
        uses: docker/bake-action@v6
        with:
@@ -155,7 +154,7 @@ jobs:
      - arm64_build
    steps:
      - name: Check out code
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
        with:
          persist-credentials: false
      - name: Set up QEMU and Buildx
@@ -180,7 +179,7 @@ jobs:
      - arm64_build
    steps:
      - name: Check out code
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
        with:
          persist-credentials: false
      - name: Set up QEMU and Buildx
--- a/.github/workflows/pull_request.yml
+++ b/.github/workflows/pull_request.yml
@@ -16,12 +16,12 @@ jobs:
    name: Web - Lint
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          persist-credentials: false
-      - uses: actions/setup-node@master
+      - uses: actions/setup-node@v6
        with:
-          node-version: 16.x
+          node-version: 20.x
      - run: npm install
        working-directory: ./web
      - name: Lint
@@ -32,10 +32,10 @@ jobs:
    name: Web - Test
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          persist-credentials: false
-      - uses: actions/setup-node@master
+      - uses: actions/setup-node@v6
        with:
          node-version: 20.x
      - run: npm install
@@ -52,7 +52,7 @@ jobs:
    name: Python Checks
    steps:
      - name: Check out the repository
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
        with:
          persist-credentials: false
      - name: Set up Python ${{ env.DEFAULT_PYTHON }}
@@ -75,10 +75,10 @@ jobs:
    name: Python Tests
    steps:
      - name: Check out code
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
        with:
          persist-credentials: false
-      - uses: actions/setup-node@master
+      - uses: actions/setup-node@v6
        with:
          node-version: 20.x
      - name: Install devcontainer cli
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -10,7 +10,7 @@ jobs:
    runs-on: ubuntu-latest

    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          persist-credentials: false
      - id: lowercaseRepo
@@ -39,14 +39,14 @@ jobs:
          STABLE_TAG=${BASE}:stable
          PULL_TAG=${BASE}:${BUILD_TAG}
          docker run --rm -v $HOME/.docker/config.json:/config.json quay.io/skopeo/stable:latest copy --authfile /config.json --multi-arch all docker://${PULL_TAG} docker://${VERSION_TAG}
-          for variant in standard-arm64 tensorrt tensorrt-jp6 rk rocm; do
+          for variant in standard-arm64 tensorrt tensorrt-jp6 rk rocm synaptics; do
            docker run --rm -v $HOME/.docker/config.json:/config.json quay.io/skopeo/stable:latest copy --authfile /config.json --multi-arch all docker://${PULL_TAG}-${variant} docker://${VERSION_TAG}-${variant}
          done

          # stable tag
          if [[ "${BUILD_TYPE}" == "stable" ]]; then
            docker run --rm -v $HOME/.docker/config.json:/config.json quay.io/skopeo/stable:latest copy --authfile /config.json --multi-arch all docker://${PULL_TAG} docker://${STABLE_TAG}
-            for variant in standard-arm64 tensorrt tensorrt-jp6 rk rocm; do
+            for variant in standard-arm64 tensorrt tensorrt-jp6 rk rocm synaptics; do
              docker run --rm -v $HOME/.docker/config.json:/config.json quay.io/skopeo/stable:latest copy --authfile /config.json --multi-arch all docker://${PULL_TAG}-${variant} docker://${STABLE_TAG}-${variant}
            done
          fi
--- a/2
+++ b/2
@@ -1,6 +1,6 @@
 The MIT License

-Copyright (c) 2025 Frigate LLC (Frigate™)
+Copyright (c) 2026 Frigate, Inc. (Frigate™)

 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
--- a/README.md
+++ b/README.md
@@ -40,7 +40,7 @@ If you would like to make a donation to support development, please use [Github
 This project is licensed under the **MIT License**.

 - **Code:** The source code, configuration files, and documentation in this repository are available under the [MIT License](LICENSE). You are free to use, modify, and distribute the code as long as you include the original copyright notice.
- **Trademarks:** The "Frigate" name, the "Frigate NVR" brand, and the Frigate logo are **trademarks of Frigate LLC** and are **not** covered by the MIT License.
+- **Trademarks:** The "Frigate" name, the "Frigate NVR" brand, and the Frigate logo are **trademarks of Frigate, Inc.** and are **not** covered by the MIT License.

 Please see our [Trademark Policy](TRADEMARK.md) for details on acceptable use of our brand assets.

@@ -67,7 +67,7 @@ Please see our [Trademark Policy](TRADEMARK.md) for details on acceptable use of
 ### Built-in mask and zone editor

 <div>
-<img width="800" alt="Multi-camera scrubbing" src="https://github.com/blakeblackshear/frigate/assets/569905/d7885fc3-bfe6-452f-b7d0-d957cb3e31f5">
+<img width="800" alt="Built-in mask and zone editor" src="https://github.com/blakeblackshear/frigate/assets/569905/d7885fc3-bfe6-452f-b7d0-d957cb3e31f5">
 </div>

 ## Translations
@@ -80,4 +80,4 @@ We use [Weblate](https://hosted.weblate.org/projects/frigate-nvr/) to support la

 ---

-**Copyright © 2025 Frigate LLC.**
+**Copyright © 2026 Frigate, Inc.**
--- a/README_CN.md
+++ b/README_CN.md
@@ -1,28 +1,31 @@
 <p align="center">
-  <img align="center" alt="logo" src="docs/static/img/frigate.png">
+  <img align="center" alt="logo" src="docs/static/img/branding/frigate.png">
 </p>

-# Frigate - 一个具有实时目标检测的本地NVR
-
-[English](https://github.com/blakeblackshear/frigate) | \[简体中文\] 
+# Frigate NVR™ - 一个具有实时目标检测的本地 NVR

 <a href="https://hosted.weblate.org/engage/frigate-nvr/-/zh_Hans/">
 <img src="https://hosted.weblate.org/widget/frigate-nvr/-/zh_Hans/svg-badge.svg" alt="翻译状态" />
 </a>

-一个完整的本地网络视频录像机（NVR），专为[Home Assistant](https://www.home-assistant.io)设计，具备AI物体检测功能。使用OpenCV和TensorFlow在本地为IP摄像头执行实时物体检测。
+[English](https://github.com/blakeblackshear/frigate) | \[简体中文\]

-强烈推荐使用GPU或者AI加速器（例如[Google Coral加速器](https://coral.ai/products/) 或者 [Hailo](https://hailo.ai/)）。它们的性能甚至超过目前的顶级CPU，并且可以以极低的耗电实现更优的性能。
- 通过[自定义组件](https://github.com/blakeblackshear/frigate-hass-integration)与Home Assistant紧密集成
- 设计上通过仅在必要时和必要地点寻找物体，最大限度地减少资源使用并最大化性能
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+
+一个完整的本地网络视频录像机（NVR），专为[Home Assistant](https://www.home-assistant.io)设计，具备 AI 目标/物体检测功能。使用 OpenCV 和 TensorFlow 在本地为 IP 摄像头执行实时物体检测。
+
+强烈推荐使用 GPU 或者 AI 加速器（例如[Google Coral 加速器](https://coral.ai/products/) 或者 [Hailo](https://hailo.ai/)等）。它们的运行效率远远高于现在的顶级 CPU，并且功耗也极低。
+
+- 通过[自定义组件](https://github.com/blakeblackshear/frigate-hass-integration)与 Home Assistant 紧密集成
+- 设计上通过仅在必要时和必要地点寻找目标，最大限度地减少资源使用并最大化性能
 - 大量利用多进程处理，强调实时性而非处理每一帧
- 使用非常低开销的运动检测来确定运行物体检测的位置
- 使用TensorFlow进行物体检测，运行在单独的进程中以达到最大FPS
- 通过MQTT进行通信，便于集成到其他系统中
+- 使用非常低开销的画面变动检测（也叫运动检测）来确定运行目标检测的位置
+- 使用 TensorFlow 进行目标检测，并运行在单独的进程中以达到最大 FPS
+- 通过 MQTT 进行通信，便于集成到其他系统中
 - 根据检测到的物体设置保留时间进行视频录制
- 24/7全天候录制
- 通过RTSP重新流传输以减少摄像头的连接数
- 支持WebRTC和MSE，实现低延迟的实时观看
+- 24/7 全天候录制
+- 通过 RTSP 重新流传输以减少摄像头的连接数
+- 支持 WebRTC 和 MSE，实现低延迟的实时观看

 ## 社区中文翻译文档

@@ -32,39 +35,56 @@

 如果您想通过捐赠支持开发，请使用 [Github Sponsors](https://github.com/sponsors/blakeblackshear)。

+## 协议
+
+本项目采用 **MIT 许可证**授权。
+
+**代码部分**：本代码库中的源代码、配置文件和文档均遵循 [MIT 许可证](LICENSE)。您可以自由使用、修改和分发这些代码，但必须保留原始版权声明。
+
+**商标部分**：“Frigate”名称、“Frigate NVR”品牌以及 Frigate 的 Logo 为 **Frigate, Inc. 的商标**，**不在** MIT 许可证覆盖范围内。
+有关品牌资产的规范使用详情，请参阅我们的[《商标政策》](TRADEMARK.md)。
+
 ## 截图

 ### 实时监控面板
+
 <div>
 <img width="800" alt="实时监控面板" src="https://github.com/blakeblackshear/frigate/assets/569905/5e713cb9-9db5-41dc-947a-6937c3bc376e">
 </div>

 ### 简单的核查工作流程
+
 <div>
 <img width="800" alt="简单的审查工作流程" src="https://github.com/blakeblackshear/frigate/assets/569905/6fed96e8-3b18-40e5-9ddc-31e6f3c9f2ff">
 </div>

 ### 多摄像头可按时间轴查看
+
 <div>
 <img width="800" alt="多摄像头可按时间轴查看" src="https://github.com/blakeblackshear/frigate/assets/569905/d6788a15-0eeb-4427-a8d4-80b93cae3d74">
 </div>

 ### 内置遮罩和区域编辑器
+
 <div>
 <img width="800" alt="内置遮罩和区域编辑器" src="https://github.com/blakeblackshear/frigate/assets/569905/d7885fc3-bfe6-452f-b7d0-d957cb3e31f5">
 </div>

-
 ## 翻译
+
 我们使用 [Weblate](https://hosted.weblate.org/projects/frigate-nvr/) 平台提供翻译支持，欢迎参与进来一起完善。

-
 ## 非官方中文讨论社区
-欢迎加入中文讨论QQ群：[1043861059](https://qm.qq.com/q/7vQKsTmSz)
+
+欢迎加入中文讨论 QQ 群：[1043861059](https://qm.qq.com/q/7vQKsTmSz)

 Bilibili：https://space.bilibili.com/3546894915602564

-
 ## 中文社区赞助商
+
 [![EdgeOne](https://edgeone.ai/media/34fe3a45-492d-4ea4-ae5d-ea1087ca7b4b.png)](https://edgeone.ai/zh?from=github)
 本项目 CDN 加速及安全防护由 Tencent EdgeOne 赞助
+
+---
+
+**Copyright © 2026 Frigate, Inc.**
--- a/TRADEMARK.md
+++ b/TRADEMARK.md
@@ -6,7 +6,7 @@ This document outlines the policy regarding the use of the trademarks associated

 ## 1. Our Trademarks

-The following terms and visual assets are trademarks (the "Marks") of **Frigate LLC**:
+The following terms and visual assets are trademarks (the "Marks") of **Frigate, Inc.**:

 - **Frigate™**
 - **Frigate NVR™**
@@ -14,7 +14,7 @@ The following terms and visual assets are trademarks (the "Marks") of **Frigate
 - **The Frigate Logo**

 **Note on Common Law Rights:**
-Frigate LLC asserts all common law rights in these Marks. The absence of a federal registration symbol (®) does not constitute a waiver of our intellectual property rights.
+Frigate, Inc. asserts all common law rights in these Marks. The absence of a federal registration symbol (®) does not constitute a waiver of our intellectual property rights.

 ## 2. Interaction with the MIT License

@@ -25,7 +25,7 @@ The software in this repository is licensed under the [MIT License](LICENSE).
 - The **Code** is free to use, modify, and distribute under the MIT terms.
 - The **Brand (Trademarks)** is **NOT** licensed under MIT.

-You may not use the Marks in any way that is not explicitly permitted by this policy or by written agreement with Frigate LLC.
+You may not use the Marks in any way that is not explicitly permitted by this policy or by written agreement with Frigate, Inc.

 ## 3. Acceptable Use

@@ -40,7 +40,7 @@ You may use the Marks without prior written permission in the following specific
 You may **NOT** use the Marks in the following ways:

 - **Commercial Products:** You may not use "Frigate" in the name of a commercial product, service, or app (e.g., selling an app named _"Frigate Viewer"_ is prohibited).
- **Implying Affiliation:** You may not use the Marks in a way that suggests your project is official, sponsored by, or endorsed by Frigate LLC.
+- **Implying Affiliation:** You may not use the Marks in a way that suggests your project is official, sponsored by, or endorsed by Frigate, Inc.
 - **Confusing Forks:** If you fork this repository to create a derivative work, you **must** remove the Frigate logo and rename your project to avoid user confusion. You cannot distribute a modified version of the software under the name "Frigate".
 - **Domain Names:** You may not register domain names containing "Frigate" that are likely to confuse users (e.g., `frigate-official-support.com`).

--- a/docker/main/Dockerfile
+++ b/docker/main/Dockerfile
@@ -237,8 +237,18 @@ ENV PYTHONWARNINGS="ignore:::numpy.core.getlimits"
 # Set HailoRT to disable logging
 ENV HAILORT_LOGGER_PATH=NONE

-# TensorFlow error only
+# TensorFlow C++ logging suppression (must be set before import)
+# TF_CPP_MIN_LOG_LEVEL: 0=all, 1=INFO+, 2=WARNING+, 3=ERROR+ (we use 3 for errors only)
 ENV TF_CPP_MIN_LOG_LEVEL=3
+# Suppress verbose logging from TensorFlow C++ code
+ENV TF_CPP_MIN_VLOG_LEVEL=3
+# Disable oneDNN optimization messages ("optimized with oneDNN...")
+ENV TF_ENABLE_ONEDNN_OPTS=0
+# Suppress AutoGraph verbosity during conversion
+ENV AUTOGRAPH_VERBOSITY=0
+# Google Logging (GLOG) suppression for TensorFlow components
+ENV GLOG_minloglevel=3
+ENV GLOG_logtostderr=0

 ENV PATH="/usr/local/go2rtc/bin:/usr/local/tempio/bin:/usr/local/nginx/sbin:${PATH}"

--- a/docker/main/requirements-wheels.txt
+++ b/docker/main/requirements-wheels.txt
@@ -21,7 +21,7 @@ onvif-zeep-async == 4.0.*
 paho-mqtt == 2.1.*
 pandas == 2.2.*
 peewee == 3.17.*
-peewee_migrate == 1.13.*
+peewee_migrate == 1.14.*
 psutil == 7.1.*
 pydantic == 2.10.*
 git+https://github.com/fbcotter/py3nvml#egg=py3nvml
@@ -48,7 +48,7 @@ onnxruntime == 1.22.*
 transformers == 4.45.*
 # Generative AI
 google-generativeai == 0.8.*
-ollama == 0.5.*
+ollama == 0.6.*
 openai == 1.65.*
 # push notifications
 py-vapid == 1.9.*
@@ -81,3 +81,5 @@ librosa==0.11.*
 soundfile==0.13.*
 # DeGirum detector
 degirum == 0.16.*
+# Memory profiling
+memray == 1.15.*
--- a/docker/main/rootfs/etc/s6-overlay/s6-rc.d/go2rtc/run
+++ b/docker/main/rootfs/etc/s6-overlay/s6-rc.d/go2rtc/run
@@ -55,7 +55,7 @@ function setup_homekit_config() {

    if [[ ! -f "${config_path}" ]]; then
        echo "[INFO] Creating empty HomeKit config file..."
-        echo '{}' > "${config_path}"
+        echo 'homekit: {}' > "${config_path}"
    fi

    # Convert YAML to JSON for jq processing
@@ -70,12 +70,14 @@ function setup_homekit_config() {
    jq '
        # Keep only the homekit section if it exists, otherwise empty object
        if has("homekit") then {homekit: .homekit} else {homekit: {}} end
-    ' "${temp_json}" > "${cleaned_json}" 2>/dev/null || echo '{"homekit": {}}' > "${cleaned_json}"
+    ' "${temp_json}" > "${cleaned_json}" 2>/dev/null || {
+        echo '{"homekit": {}}' > "${cleaned_json}"
+    }

    # Convert back to YAML and write to the config file
    yq eval -P "${cleaned_json}" > "${config_path}" 2>/dev/null || {
        echo "[WARNING] Failed to convert cleaned config to YAML, creating minimal config"
-        echo '{"homekit": {}}' > "${config_path}"
+        echo 'homekit: {}' > "${config_path}"
    }

    # Clean up temp files
--- a/docker/main/rootfs/usr/local/go2rtc/create_config.py
+++ b/docker/main/rootfs/usr/local/go2rtc/create_config.py
@@ -22,6 +22,11 @@ sys.path.remove("/opt/frigate")

 yaml = YAML()

+# Check if arbitrary exec sources are allowed (defaults to False for security)
+ALLOW_ARBITRARY_EXEC = os.environ.get(
+    "GO2RTC_ALLOW_ARBITRARY_EXEC", "false"
+).lower() in ("true", "1", "yes")
+
 FRIGATE_ENV_VARS = {k: v for k, v in os.environ.items() if k.startswith("FRIGATE_")}
 # read docker secret files as env vars too
 if os.path.isdir("/run/secrets"):
@@ -109,14 +114,26 @@ if LIBAVFORMAT_VERSION_MAJOR < 59:
    elif go2rtc_config["ffmpeg"].get("rtsp") is None:
        go2rtc_config["ffmpeg"]["rtsp"] = rtsp_args

-for name in go2rtc_config.get("streams", {}):
+
+def is_restricted_source(stream_source: str) -> bool:
+    """Check if a stream source is restricted (echo, expr, or exec)."""
+    return stream_source.strip().startswith(("echo:", "expr:", "exec:"))
+
+
+for name in list(go2rtc_config.get("streams", {})):
    stream = go2rtc_config["streams"][name]

    if isinstance(stream, str):
        try:
-            go2rtc_config["streams"][name] = go2rtc_config["streams"][name].format(
-                **FRIGATE_ENV_VARS
-            )
+            formatted_stream = stream.format(**FRIGATE_ENV_VARS)
+            if not ALLOW_ARBITRARY_EXEC and is_restricted_source(formatted_stream):
+                print(
+                    f"[ERROR] Stream '{name}' uses a restricted source (echo/expr/exec) which is disabled by default for security. "
+                    f"Set GO2RTC_ALLOW_ARBITRARY_EXEC=true to enable arbitrary exec sources."
+                )
+                del go2rtc_config["streams"][name]
+                continue
+            go2rtc_config["streams"][name] = formatted_stream
        except KeyError as e:
            print(
                "[ERROR] Invalid substitution found, see https://docs.frigate.video/configuration/restream#advanced-restream-configurations for more info."
@@ -124,15 +141,33 @@ for name in go2rtc_config.get("streams", {}):
            sys.exit(e)

    elif isinstance(stream, list):
-        for i, stream in enumerate(stream):
+        filtered_streams = []
+        for i, stream_item in enumerate(stream):
            try:
-                go2rtc_config["streams"][name][i] = stream.format(**FRIGATE_ENV_VARS)
+                formatted_stream = stream_item.format(**FRIGATE_ENV_VARS)
+                if not ALLOW_ARBITRARY_EXEC and is_restricted_source(formatted_stream):
+                    print(
+                        f"[ERROR] Stream '{name}' item {i + 1} uses a restricted source (echo/expr/exec) which is disabled by default for security. "
+                        f"Set GO2RTC_ALLOW_ARBITRARY_EXEC=true to enable arbitrary exec sources."
+                    )
+                    continue
+
+                filtered_streams.append(formatted_stream)
            except KeyError as e:
                print(
                    "[ERROR] Invalid substitution found, see https://docs.frigate.video/configuration/restream#advanced-restream-configurations for more info."
                )
                sys.exit(e)

+        if filtered_streams:
+            go2rtc_config["streams"][name] = filtered_streams
+        else:
+            print(
+                f"[ERROR] Stream '{name}' was removed because all sources were restricted (echo/expr/exec). "
+                f"Set GO2RTC_ALLOW_ARBITRARY_EXEC=true to enable arbitrary exec sources."
+            )
+            del go2rtc_config["streams"][name]
+
 # add birdseye restream stream if enabled
 if config.get("birdseye", {}).get("restream", False):
    birdseye: dict[str, Any] = config.get("birdseye")
--- a/docker/main/rootfs/usr/local/nginx/conf/proxy_trusted_headers.conf
+++ b/docker/main/rootfs/usr/local/nginx/conf/proxy_trusted_headers.conf
@@ -18,6 +18,10 @@ proxy_set_header X-Forwarded-User $http_x_forwarded_user;
 proxy_set_header X-Forwarded-Groups $http_x_forwarded_groups;
 proxy_set_header X-Forwarded-Email $http_x_forwarded_email;
 proxy_set_header X-Forwarded-Preferred-Username $http_x_forwarded_preferred_username;
+proxy_set_header X-Auth-Request-User $http_x_auth_request_user;
+proxy_set_header X-Auth-Request-Groups $http_x_auth_request_groups;
+proxy_set_header X-Auth-Request-Email $http_x_auth_request_email;
+proxy_set_header X-Auth-Request-Preferred-Username $http_x_auth_request_preferred_username;
 proxy_set_header X-authentik-username $http_x_authentik_username;
 proxy_set_header X-authentik-groups $http_x_authentik_groups;
 proxy_set_header X-authentik-email $http_x_authentik_email;
--- a/docker/rocm/Dockerfile
+++ b/docker/rocm/Dockerfile
@@ -3,7 +3,6 @@
 # https://askubuntu.com/questions/972516/debian-frontend-environment-variable
 ARG DEBIAN_FRONTEND=noninteractive
 ARG ROCM=1
-ARG AMDGPU=gfx900
 ARG HSA_OVERRIDE_GFX_VERSION
 ARG HSA_OVERRIDE

@@ -11,11 +10,10 @@ ARG HSA_OVERRIDE
 FROM wget AS rocm

 ARG ROCM
-ARG AMDGPU

 RUN apt update -qq && \
    apt install -y wget gpg && \
-    wget -O rocm.deb https://repo.radeon.com/amdgpu-install/7.1/ubuntu/jammy/amdgpu-install_7.1.70100-1_all.deb && \
+    wget -O rocm.deb https://repo.radeon.com/amdgpu-install/7.1.1/ubuntu/jammy/amdgpu-install_7.1.1.70101-1_all.deb && \
    apt install -y ./rocm.deb && \
    apt update && \
    apt install -qq -y rocm
@@ -36,7 +34,10 @@ FROM deps AS deps-prelim
 COPY docker/rocm/debian-backports.sources /etc/apt/sources.list.d/debian-backports.sources
 RUN apt-get update && \
    apt-get install -y libnuma1 && \
-    apt-get install -qq -y -t bookworm-backports mesa-va-drivers mesa-vulkan-drivers
+    apt-get install -qq -y -t bookworm-backports mesa-va-drivers mesa-vulkan-drivers && \
+    # Install C++ standard library headers for HIPRTC kernel compilation fallback
+    apt-get install -qq -y libstdc++-12-dev && \
+    rm -rf /var/lib/apt/lists/*

 WORKDIR /opt/frigate
 COPY --from=rootfs / /
@@ -54,12 +55,14 @@ RUN pip3 uninstall -y onnxruntime \
 FROM scratch AS rocm-dist

 ARG ROCM
-ARG AMDGPU

 COPY --from=rocm /opt/rocm-$ROCM/bin/rocminfo /opt/rocm-$ROCM/bin/migraphx-driver /opt/rocm-$ROCM/bin/
-COPY --from=rocm /opt/rocm-$ROCM/share/miopen/db/*$AMDGPU* /opt/rocm-$ROCM/share/miopen/db/
-COPY --from=rocm /opt/rocm-$ROCM/share/miopen/db/*gfx908* /opt/rocm-$ROCM/share/miopen/db/
-COPY --from=rocm /opt/rocm-$ROCM/lib/rocblas/library/*$AMDGPU* /opt/rocm-$ROCM/lib/rocblas/library/
+# Copy MIOpen database files for gfx10xx and gfx11xx only (RDNA2/RDNA3)
+COPY --from=rocm /opt/rocm-$ROCM/share/miopen/db/*gfx10* /opt/rocm-$ROCM/share/miopen/db/
+COPY --from=rocm /opt/rocm-$ROCM/share/miopen/db/*gfx11* /opt/rocm-$ROCM/share/miopen/db/
+# Copy rocBLAS library files for gfx10xx and gfx11xx only
+COPY --from=rocm /opt/rocm-$ROCM/lib/rocblas/library/*gfx10* /opt/rocm-$ROCM/lib/rocblas/library/
+COPY --from=rocm /opt/rocm-$ROCM/lib/rocblas/library/*gfx11* /opt/rocm-$ROCM/lib/rocblas/library/
 COPY --from=rocm /opt/rocm-dist/ /

 #######################################################################
--- a/docker/rocm/rocm.hcl
+++ b/docker/rocm/rocm.hcl
@@ -1,8 +1,5 @@
-variable "AMDGPU" {
-  default = "gfx900"
-}
 variable "ROCM" {
-  default = "7.1"
+  default = "7.1.1"
 }
 variable "HSA_OVERRIDE_GFX_VERSION" {
  default = ""
@@ -38,7 +35,6 @@ target rocm {
  }
  platforms = ["linux/amd64"]
  args = {
-    AMDGPU = AMDGPU,
    ROCM = ROCM,
    HSA_OVERRIDE_GFX_VERSION = HSA_OVERRIDE_GFX_VERSION,
    HSA_OVERRIDE = HSA_OVERRIDE
--- a/docker/rocm/rocm.mk
+++ b/docker/rocm/rocm.mk
@@ -1,53 +1,15 @@
 BOARDS += rocm

-# AMD/ROCm is chunky so we build couple of smaller images for specific chipsets
-ROCM_CHIPSETS:=gfx900:9.0.0 gfx1030:10.3.0 gfx1100:11.0.0
-
 local-rocm: version
-	$(foreach chipset,$(ROCM_CHIPSETS), \
-		AMDGPU=$(word 1,$(subst :, ,$(chipset))) \
-		HSA_OVERRIDE_GFX_VERSION=$(word 2,$(subst :, ,$(chipset))) \
-		HSA_OVERRIDE=1 \
-		docker buildx bake --file=docker/rocm/rocm.hcl rocm \
-			--set rocm.tags=frigate:latest-rocm-$(word 1,$(subst :, ,$(chipset))) \
-			--load \
-	&&) true
-	
-	unset HSA_OVERRIDE_GFX_VERSION && \
-	HSA_OVERRIDE=0 \
-	AMDGPU=gfx \
 	docker buildx bake --file=docker/rocm/rocm.hcl rocm \
 		--set rocm.tags=frigate:latest-rocm \
 		--load

 build-rocm: version
-	$(foreach chipset,$(ROCM_CHIPSETS), \
-		AMDGPU=$(word 1,$(subst :, ,$(chipset))) \
-		HSA_OVERRIDE_GFX_VERSION=$(word 2,$(subst :, ,$(chipset))) \
-		HSA_OVERRIDE=1 \
-		docker buildx bake --file=docker/rocm/rocm.hcl rocm \
-			--set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm-$(chipset) \
-	&&) true
-
-	unset HSA_OVERRIDE_GFX_VERSION && \
-	HSA_OVERRIDE=0 \
-	AMDGPU=gfx \
 	docker buildx bake --file=docker/rocm/rocm.hcl rocm \
 		--set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm

 push-rocm: build-rocm
-	$(foreach chipset,$(ROCM_CHIPSETS), \
-		AMDGPU=$(word 1,$(subst :, ,$(chipset))) \
-		HSA_OVERRIDE_GFX_VERSION=$(word 2,$(subst :, ,$(chipset))) \
-		HSA_OVERRIDE=1 \
-		docker buildx bake --file=docker/rocm/rocm.hcl rocm \
-			--set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm-$(chipset) \
-			--push \
-	&&) true
-
-	unset HSA_OVERRIDE_GFX_VERSION && \
-	HSA_OVERRIDE=0 \
-	AMDGPU=gfx \
 	docker buildx bake --file=docker/rocm/rocm.hcl rocm \
 		--set rocm.tags=$(IMAGE_REPO):${GITHUB_REF_NAME}-$(COMMIT_HASH)-rocm \
 		--push
--- a/docs/docs/configuration/audio_detectors.md
+++ b/docs/docs/configuration/audio_detectors.md
@@ -50,7 +50,7 @@ cameras:

 ### Configuring Minimum Volume

-The audio detector uses volume levels in the same way that motion in a camera feed is used for object detection. This means that frigate will not run audio detection unless the audio volume is above the configured level in order to reduce resource usage. Audio levels can vary widely between camera models so it is important to run tests to see what volume levels are. The Debug view in the Frigate UI has an Audio tab for cameras that have the `audio` role assigned where a graph and the current levels are is displayed. The `min_volume` parameter should be set to the minimum the `RMS` level required to run audio detection.
+The audio detector uses volume levels in the same way that motion in a camera feed is used for object detection. This means that Frigate will not run audio detection unless the audio volume is above the configured level in order to reduce resource usage. Audio levels can vary widely between camera models so it is important to run tests to see what volume levels are. The Debug view in the Frigate UI has an Audio tab for cameras that have the `audio` role assigned where a graph and the current levels are is displayed. The `min_volume` parameter should be set to the minimum the `RMS` level required to run audio detection.

 :::tip

@@ -75,7 +75,13 @@ audio:

 ### Audio Transcription

-Frigate supports fully local audio transcription using either `sherpa-onnx` or OpenAI’s open-source Whisper models via `faster-whisper`. To enable transcription, enable it in your config. Note that audio detection must also be enabled as described above in order to use audio transcription features.
+Frigate supports fully local audio transcription using either `sherpa-onnx` or OpenAI’s open-source Whisper models via `faster-whisper`. The goal of this feature is to support Semantic Search for `speech` audio events. Frigate is not intended to act as a continuous, fully-automatic speech transcription service — automatically transcribing all speech (or queuing many audio events for transcription) requires substantial CPU (or GPU) resources and is impractical on most systems. For this reason, transcriptions for events are initiated manually from the UI or the API rather than being run continuously in the background.
+
+Transcription accuracy also depends heavily on the quality of your camera's microphone and recording conditions. Many cameras use inexpensive microphones, and distance to the speaker, low audio bitrate, or background noise can significantly reduce transcription quality. If you need higher accuracy, more robust long-running queues, or large-scale automatic transcription, consider using the HTTP API in combination with an automation platform and a cloud transcription service.
+
+#### Configuration
+
+To enable transcription, enable it in your config. Note that audio detection must also be enabled as described above in order to use audio transcription features.

 ```yaml
 audio_transcription:
@@ -151,3 +157,21 @@ Only one `speech` event may be transcribed at a time. Frigate does not automatic
 :::

 Recorded `speech` events will always use a `whisper` model, regardless of the `model_size` config setting. Without a supported Nvidia GPU, generating transcriptions for longer `speech` events may take a fair amount of time, so be patient.
+
+#### FAQ
+
+1. Why doesn't Frigate automatically transcribe all `speech` events?
+
+   Frigate does not implement a queue mechanism for speech transcription, and adding one is not trivial. A proper queue would need backpressure, prioritization, memory/disk buffering, retry logic, crash recovery, and safeguards to prevent unbounded growth when events outpace processing. That’s a significant amount of complexity for a feature that, in most real-world environments, would mostly just churn through low-value noise.
+
+   Because transcription is **serialized (one event at a time)** and speech events can be generated far faster than they can be processed, an auto-transcribe toggle would very quickly create an ever-growing backlog and degrade core functionality. For the amount of engineering and risk involved, it adds **very little practical value** for the majority of deployments, which are often on low-powered, edge hardware.
+
+   If you hear speech that’s actually important and worth saving/indexing for the future, **just press the transcribe button in Explore** on that specific `speech` event - that keeps things explicit, reliable, and under your control.
+
+   Other options are being considered for future versions of Frigate to add transcription options that support external `whisper` Docker containers. A single transcription service could then be shared by Frigate and other applications (for example, Home Assistant Voice), and run on more powerful machines when available.
+
+2. Why don't you save live transcription text and use that for `speech` events?
+
+   There’s no guarantee that a `speech` event is even created from the exact audio that went through the transcription model. Live transcription and `speech` event creation are **separate, asynchronous processes**. Even when both are correctly configured, trying to align the **precise start and end time of a speech event** with whatever audio the model happened to be processing at that moment is unreliable.
+
+   Automatically persisting that data would often result in **misaligned, partial, or irrelevant transcripts**, while still incurring all of the CPU, storage, and privacy costs of transcription. That’s why Frigate treats transcription as an **explicit, user-initiated action** rather than an automatic side-effect of every `speech` event.
--- a/docs/docs/configuration/authentication.md
+++ b/docs/docs/configuration/authentication.md
@@ -270,3 +270,42 @@ To use role-based access control, you must connect to Frigate via the **authenti
 1. Log in as an **admin** user via port `8971`.
 2. Navigate to **Settings > Users**.
 3. Edit a user’s role by selecting **admin** or **viewer**.
+
+## API Authentication Guide
+
+### Getting a Bearer Token
+
+To use the Frigate API, you need to authenticate first. Follow these steps to obtain a Bearer token:
+
+#### 1. Login
+
+Make a POST request to `/login` with your credentials:
+
+```bash
+curl -i -X POST https://frigate_ip:8971/api/login \
+  -H "Content-Type: application/json" \
+  -d '{"user": "admin", "password": "your_password"}'
+```
+
+:::note
+
+You may need to include `-k` in the argument list in these steps (eg: `curl -k -i -X POST ...`) if your Frigate instance is using a self-signed certificate.
+
+:::
+
+The response will contain a cookie with the JWT token.
+
+#### 2. Using the Bearer Token
+
+Once you have the token, include it in the Authorization header for subsequent requests:
+
+```bash
+curl -H "Authorization: Bearer <your_token>" https://frigate_ip:8971/api/profile
+```
+
+#### 3. Token Lifecycle
+
+- Tokens are valid for the configured session length
+- Tokens are automatically refreshed when you visit the `/auth` endpoint
+- Tokens are invalidated when the user's password is changed
+- Use `/logout` to clear your session cookie
--- a/docs/docs/configuration/camera_specific.md
+++ b/docs/docs/configuration/camera_specific.md
@@ -188,10 +188,10 @@ go2rtc:
    # example for connectin to a Reolink camera that supports two way talk
    your_reolink_camera_twt:
      - "ffmpeg:http://reolink_ip/flv?port=1935&app=bcs&stream=channel0_main.bcs&user=username&password=password#video=copy#audio=copy#audio=opus"
-      - "rtsp://username:password@reolink_ip/Preview_01_sub
+      - "rtsp://username:password@reolink_ip/Preview_01_sub"
    your_reolink_camera_twt_sub:
      - "ffmpeg:http://reolink_ip/flv?port=1935&app=bcs&stream=channel0_ext.bcs&user=username&password=password"
-      - "rtsp://username:password@reolink_ip/Preview_01_sub
+      - "rtsp://username:password@reolink_ip/Preview_01_sub"
    # example for connecting to a Reolink NVR
    your_reolink_camera_via_nvr:
      - "ffmpeg:http://reolink_nvr_ip/flv?port=1935&app=bcs&stream=channel3_main.bcs&user=username&password=password" # channel numbers are 0-15
@@ -227,6 +227,12 @@ cameras:

 ### Unifi Protect Cameras

+:::note 
+
+Unifi G5s cameras and newer need a Unifi Protect server to enable rtsps stream, it's not posible to enable it in standalone mode.
+
+:::
+
 Unifi protect cameras require the rtspx stream to be used with go2rtc.
 To utilize a Unifi protect camera, modify the rtsps link to begin with rtspx.
 Additionally, remove the "?enableSrtp" from the end of the Unifi link.
@@ -252,6 +258,10 @@ ffmpeg:

 TP-Link VIGI cameras need some adjustments to the main stream settings on the camera itself to avoid issues. The stream needs to be configured as `H264` with `Smart Coding` set to `off`. Without these settings you may have problems when trying to watch recorded footage. For example Firefox will stop playback after a few seconds and show the following error message: `The media playback was aborted due to a corruption problem or because the media used features your browser did not support.`.

+### Wyze Wireless Cameras
+
+Some community members have found better performance on Wyze cameras by using an alternative firmware known as [Thingino](https://thingino.com/).
+
 ## USB Cameras (aka Webcams)

 To use a USB camera (webcam) with Frigate, the recommendation is to use go2rtc's [FFmpeg Device](https://github.com/AlexxIT/go2rtc?tab=readme-ov-file#source-ffmpeg-device) support:
--- a/docs/docs/configuration/cameras.md
+++ b/docs/docs/configuration/cameras.md
@@ -94,18 +94,19 @@ This list of working and non-working PTZ cameras is based on user feedback. If y
 The FeatureList on the [ONVIF Conformant Products Database](https://www.onvif.org/conformant-products/) can provide a starting point to determine a camera's compatibility with Frigate's autotracking. Look to see if a camera lists `PTZRelative`, `PTZRelativePanTilt` and/or `PTZRelativeZoom`. These features are required for autotracking, but some cameras still fail to respond even if they claim support. If they are missing, autotracking will not work (though basic PTZ in the WebUI might). Avoid cameras with no database entry unless they are confirmed as working below.

 | Brand or specific camera     | PTZ Controls | Autotracking | Notes                                                                                                                                                                                                                                                             |
-| ---------------------------- | :----------: | :----------: | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --- |
+| ---------------------------- | :----------: | :----------: | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | Amcrest                      |      ✅      |      ✅      | ⛔️ Generally, Amcrest should work, but some older models (like the common IP2M-841) don't support autotracking                                                                                                                                                   |
 | Amcrest ASH21                |      ✅      |      ❌      | ONVIF service port: 80                                                                                                                                                                                                                                            |
 | Amcrest IP4M-S2112EW-AI      |      ✅      |      ❌      | FOV relative movement not supported.                                                                                                                                                                                                                              |
 | Amcrest IP5M-1190EW          |      ✅      |      ❌      | ONVIF Port: 80. FOV relative movement not supported.                                                                                                                                                                                                              |
 | Annke CZ504                  |      ✅      |      ✅      | Annke support provide specific firmware ([V5.7.1 build 250227](https://github.com/pierrepinon/annke_cz504/raw/refs/heads/main/digicap_V5-7-1_build_250227.dav)) to fix issue with ONVIF "TranslationSpaceFov"                                                     |
+| Axis Q-6155E                 |      ✅      |      ❌      | ONVIF service port: 80; Camera does not support MoveStatus.                                                                                                                                                                                                       |
 | Ctronics PTZ                 |      ✅      |      ❌      |                                                                                                                                                                                                                                                                   |
 | Dahua                        |      ✅      |      ✅      | Some low-end Dahuas (lite series, picoo series (commonly), among others) have been reported to not support autotracking. These models usually don't have a four digit model number with chassis prefix and options postfix (e.g. DH-P5AE-PV vs DH-SD49825GB-HNR). |
 | Dahua DH-SD2A500HB           |      ✅      |      ❌      |                                                                                                                                                                                                                                                                   |
 | Dahua DH-SD49825GB-HNR       |      ✅      |      ✅      |                                                                                                                                                                                                                                                                   |
 | Dahua DH-P5AE-PV             |      ❌      |      ❌      |                                                                                                                                                                                                                                                                   |
-| Foscam                       |      ✅      |      ❌      | In general support PTZ, but not relative move. There are no official ONVIF certifications and tests available on the ONVIF Conformant Products Database                                                                                                           |     |
+| Foscam                       |      ✅      |      ❌      | In general support PTZ, but not relative move. There are no official ONVIF certifications and tests available on the ONVIF Conformant Products Database                                                                                                           |
 | Foscam R5                    |      ✅      |      ❌      |                                                                                                                                                                                                                                                                   |
 | Foscam SD4                   |      ✅      |      ❌      |                                                                                                                                                                                                                                                                   |
 | Hanwha XNP-6550RH            |      ✅      |      ❌      |                                                                                                                                                                                                                                                                   |
--- a/docs/docs/configuration/custom_classification/object_classification.md
+++ b/docs/docs/configuration/custom_classification/object_classification.md
@@ -3,7 +3,7 @@ id: object_classification
 title: Object Classification
 ---

-Object classification allows you to train a custom MobileNetV2 classification model to run on tracked objects (persons, cars, animals, etc.) to identify a finer category or attribute for that object.
+Object classification allows you to train a custom MobileNetV2 classification model to run on tracked objects (persons, cars, animals, etc.) to identify a finer category or attribute for that object. Classification results are visible in the Tracked Object Details pane in Explore, through the `frigate/tracked_object_details` MQTT topic, in Home Assistant sensors via the official Frigate integration, or through the event endpoints in the HTTP API.

 ## Minimum System Requirements

@@ -11,6 +11,8 @@ Object classification models are lightweight and run very fast on CPU. Inference

 Training the model does briefly use a high amount of system resources for about 1–3 minutes per training run. On lower-power devices, training may take longer.

+A CPU with AVX instructions is required for training and inference.
+
 ## Classes

 Classes are the categories your model will learn to distinguish between. Each class represents a distinct visual category that the model will predict.
@@ -31,9 +33,15 @@ For object classification:
  - Example: `cat` → `Leo`, `Charlie`, `None`.

 - **Attribute**:
-  - Added as metadata to the object (visible in /events): `<model_name>: <predicted_value>`.
+  - Added as metadata to the object, visible in the Tracked Object Details pane in Explore, `frigate/events` MQTT messages, and the HTTP API response as `<model_name>: <predicted_value>`.
  - Ideal when multiple attributes can coexist independently.
-  - Example: Detecting if a `person` in a construction yard is wearing a helmet or not.
+  - Example: Detecting if a `person` in a construction yard is wearing a helmet or not, and if they are wearing a yellow vest or not.
+
+:::note
+
+A tracked object can only have a single sub label. If you are using Triggers or Face Recognition and you configure an object classification model for `person` using the sub label type, your sub label may not be assigned correctly as it depends on which enrichment completes its analysis first. This could also occur with `car` objects that are assigned a sub label for a delivery carrier. Consider using the `attribute` type instead.
+
+:::

 ## Assignment Requirements

@@ -73,13 +81,17 @@ classification:
        classification_type: sub_label # or: attribute
 ```

+An optional config, `save_attempts`, can be set as a key under the model name. This defines the number of classification attempts to save in the Recent Classifications tab. For object classification models, the default is 200.
+
 ## Training the model

 Creating and training the model is done within the Frigate UI using the `Classification` page. The process consists of two steps:

 ### Step 1: Name and Define

-Enter a name for your model, select the object label to classify (e.g., `person`, `dog`, `car`), choose the classification type (sub label or attribute), and define your classes. Include a `none` class for objects that don't fit any specific category.
+Enter a name for your model, select the object label to classify (e.g., `person`, `dog`, `car`), choose the classification type (sub label or attribute), and define your classes. Frigate will automatically include a `none` class for objects that don't fit any specific category.
+
+For example: To classify your two cats, create a model named "Our Cats" and create two classes, "Charlie" and "Leo". A third class, "none", will be created automatically for other neighborhood cats that are not your own.

 ### Step 2: Assign Training Examples

@@ -87,6 +99,8 @@ The system will automatically generate example images from detected objects matc

 When choosing which objects to classify, start with a small number of visually distinct classes and ensure your training samples match camera viewpoints and distances typical for those objects.

+If examples for some of your classes do not appear in the grid, you can continue configuring the model without them. New images will begin to appear in the Recent Classifications view. When your missing classes are seen, classify them from this view and retrain your model.
+
 ### Improving the Model

 - **Problem framing**: Keep classes visually distinct and relevant to the chosen object types.
@@ -94,3 +108,23 @@ When choosing which objects to classify, start with a small number of visually d
 - **Preprocessing**: Ensure examples reflect object crops similar to Frigate’s boxes; keep the subject centered.
 - **Labels**: Keep label names short and consistent; include a `none` class if you plan to ignore uncertain predictions for sub labels.
 - **Threshold**: Tune `threshold` per model to reduce false assignments. Start at `0.8` and adjust based on validation.
+
+## Debugging Classification Models
+
+To troubleshoot issues with object classification models, enable debug logging to see detailed information about classification attempts, scores, and consensus calculations.
+
+Enable debug logs for classification models by adding `frigate.data_processing.real_time.custom_classification: debug` to your `logger` configuration. These logs are verbose, so only keep this enabled when necessary. Restart Frigate after this change.
+
+```yaml
+logger:
+  default: info
+  logs:
+    frigate.data_processing.real_time.custom_classification: debug
+```
+
+The debug logs will show:
+
+- Classification probabilities for each attempt
+- Whether scores meet the threshold requirement
+- Consensus calculations and when assignments are made
+- Object classification history and weighted scores
--- a/docs/docs/configuration/custom_classification/state_classification.md
+++ b/docs/docs/configuration/custom_classification/state_classification.md
@@ -3,7 +3,7 @@ id: state_classification
 title: State Classification
 ---

-State classification allows you to train a custom MobileNetV2 classification model on a fixed region of your camera frame(s) to determine a current state. The model can be configured to run on a schedule and/or when motion is detected in that region.
+State classification allows you to train a custom MobileNetV2 classification model on a fixed region of your camera frame(s) to determine a current state. The model can be configured to run on a schedule and/or when motion is detected in that region. Classification results are available through the `frigate/<camera_name>/classification/<model_name>` MQTT topic and in Home Assistant sensors via the official Frigate integration.

 ## Minimum System Requirements

@@ -11,6 +11,8 @@ State classification models are lightweight and run very fast on CPU. Inference

 Training the model does briefly use a high amount of system resources for about 1–3 minutes per training run. On lower-power devices, training may take longer.

+A CPU with AVX instructions is required for training and inference.
+
 ## Classes

 Classes are the different states an area on your camera can be in. Each class represents a distinct visual state that the model will learn to recognize.
@@ -46,6 +48,8 @@ classification:
            crop: [0, 180, 220, 400]
 ```

+An optional config, `save_attempts`, can be set as a key under the model name. This defines the number of classification attempts to save in the Recent Classifications tab. For state classification models, the default is 100.
+
 ## Training the model

 Creating and training the model is done within the Frigate UI using the `Classification` page. The process consists of three steps:
@@ -60,13 +64,44 @@ Choose one or more cameras and draw a rectangle over the area of interest for ea

 ### Step 3: Assign Training Examples

-The system will automatically generate example images from your camera feeds. You'll be guided through each class one at a time to select which images represent that state.
+The system will automatically generate example images from your camera feeds. You'll be guided through each class one at a time to select which images represent that state. It's not strictly required to select all images you see. If a state is missing from the samples, you can train it from the Recent tab later.

-**Important**: All images must be assigned to a state before training can begin. This includes images that may not be optimal, such as when people temporarily block the view, sun glare is present, or other distractions occur. Assign these images to the state that is actually present (based on what you know the state to be), not based on the distraction. This training helps the model correctly identify the state even when such conditions occur during inference.
-
-Once all images are assigned, training will begin automatically.
+Once some images are assigned, training will begin automatically.

 ### Improving the Model

 - **Problem framing**: Keep classes visually distinct and state-focused (e.g., `open`, `closed`, `unknown`). Avoid combining object identity with state in a single model unless necessary.
- **Data collection**: Use the model’s Recent Classifications tab to gather balanced examples across times of day and weather.
+- **Data collection**: Use the model's Recent Classifications tab to gather balanced examples across times of day and weather.
+- **When to train**: Focus on cases where the model is entirely incorrect or flips between states when it should not. There's no need to train additional images when the model is already working consistently.
+- **Selecting training images**: Images scoring below 100% due to new conditions (e.g., first snow of the year, seasonal changes) or variations (e.g., objects temporarily in view, insects at night) are good candidates for training, as they represent scenarios different from the default state. Training these lower-scoring images that differ from existing training data helps prevent overfitting. Avoid training large quantities of images that look very similar, especially if they already score 100% as this can lead to overfitting.
+
+## Debugging Classification Models
+
+To troubleshoot issues with state classification models, enable debug logging to see detailed information about classification attempts, scores, and state verification.
+
+Enable debug logs for classification models by adding `frigate.data_processing.real_time.custom_classification: debug` to your `logger` configuration. These logs are verbose, so only keep this enabled when necessary. Restart Frigate after this change.
+
+```yaml
+logger:
+  default: info
+  logs:
+    frigate.data_processing.real_time.custom_classification: debug
+```
+
+The debug logs will show:
+
+- Classification probabilities for each attempt
+- Whether scores meet the threshold requirement
+- State verification progress (consecutive detections needed)
+- When state changes are published
+
+### Recent Classifications
+
+For state classification, images are only added to recent classifications under specific circumstances:
+
+- **First detection**: The first classification attempt for a camera is always saved
+- **State changes**: Images are saved when the detected state differs from the current verified state
+- **Pending verification**: Images are saved when there's a pending state change being verified (requires 3 consecutive identical states)
+- **Low confidence**: Images with scores below 100% are saved even if the state matches the current state (useful for training)
+
+Images are **not** saved when the state is stable (detected state matches current state) **and** the score is 100%. This prevents unnecessary storage of redundant high-confidence classifications.
--- a/docs/docs/configuration/genai.md
+++ b/docs/docs/configuration/genai.md
@@ -48,15 +48,29 @@ Using Ollama on CPU is not recommended, high inference times make using Generati

 :::

-[Ollama](https://ollama.com/) allows you to self-host large language models and keep everything running locally. It provides a nice API over [llama.cpp](https://github.com/ggerganov/llama.cpp). It is highly recommended to host this server on a machine with an Nvidia graphics card, or on a Apple silicon Mac for best performance.
+[Ollama](https://ollama.com/) allows you to self-host large language models and keep everything running locally. It is highly recommended to host this server on a machine with an Nvidia graphics card, or on a Apple silicon Mac for best performance.

 Most of the 7b parameter 4-bit vision models will fit inside 8GB of VRAM. There is also a [Docker container](https://hub.docker.com/r/ollama/ollama) available.

-Parallel requests also come with some caveats. You will need to set `OLLAMA_NUM_PARALLEL=1` and choose a `OLLAMA_MAX_QUEUE` and `OLLAMA_MAX_LOADED_MODELS` values that are appropriate for your hardware and preferences. See the [Ollama documentation](https://github.com/ollama/ollama/blob/main/docs/faq.md#how-does-ollama-handle-concurrent-requests).
+Parallel requests also come with some caveats. You will need to set `OLLAMA_NUM_PARALLEL=1` and choose a `OLLAMA_MAX_QUEUE` and `OLLAMA_MAX_LOADED_MODELS` values that are appropriate for your hardware and preferences. See the [Ollama documentation](https://docs.ollama.com/faq#how-does-ollama-handle-concurrent-requests).
+
+### Model Types: Instruct vs Thinking
+
+Most vision-language models are available as **instruct** models, which are fine-tuned to follow instructions and respond concisely to prompts. However, some models (such as certain Qwen-VL or minigpt variants) offer both **instruct** and **thinking** versions.
+
+- **Instruct models** are always recommended for use with Frigate. These models generate direct, relevant, actionable descriptions that best fit Frigate's object and event summary use case.
+- **Thinking models** are fine-tuned for more free-form, open-ended, and speculative outputs, which are typically not concise and may not provide the practical summaries Frigate expects. For this reason, Frigate does **not** recommend or support using thinking models.
+
+Some models are labeled as **hybrid** (capable of both thinking and instruct tasks). In these cases, Frigate will always use instruct-style prompts and specifically disables thinking-mode behaviors to ensure concise, useful responses.
+
+**Recommendation:**
+Always select the `-instruct` or documented instruct/tagged variant of any model you use in your Frigate configuration. If in doubt, refer to your model provider’s documentation or model library for guidance on the correct model variant to use.
+
+

 ### Supported Models

-You must use a vision capable model with Frigate. Current model variants can be found [in their model library](https://ollama.com/library). At the time of writing, this includes `llava`, `llava-llama3`, `llava-phi3`, and `moondream`. Note that Frigate will not automatically download the model you specify in your config, you must download the model to your local instance of Ollama first i.e. by running `ollama pull llava:7b` on your Ollama server/Docker container. Note that the model specified in Frigate's config must match the downloaded model tag.
+You must use a vision capable model with Frigate. Current model variants can be found [in their model library](https://ollama.com/search?c=vision). Note that Frigate will not automatically download the model you specify in your config, you must download the model to your local instance of Ollama first i.e. by running `ollama pull qwen3-vl:2b-instruct` on your Ollama server/Docker container. Note that the model specified in Frigate's config must match the downloaded model tag.

 :::note

@@ -64,6 +78,10 @@ You should have at least 8 GB of RAM available (or VRAM if running on GPU) to ru

 :::

+#### Ollama Cloud models
+
+Ollama also supports [cloud models](https://ollama.com/cloud), where your local Ollama instance handles requests from Frigate, but model inference is performed in the cloud. Set up Ollama locally, sign in with your Ollama account, and specify the cloud model name in your Frigate config. For more details, see the Ollama cloud model [docs](https://docs.ollama.com/cloud).
+
 ### Configuration

 ```yaml
@@ -193,7 +211,7 @@ You are also able to define custom prompts in your configuration.
 genai:
  provider: ollama
  base_url: http://localhost:11434
-  model: llava
+  model: qwen3-vl:8b-instruct

 objects:
  prompt: "Analyze the {label} in these images from the {camera} security camera. Focus on the actions, behavior, and potential intent of the {label}, rather than just describing its appearance."
--- a/docs/docs/configuration/genai/objects.md
+++ b/docs/docs/configuration/genai/objects.md
@@ -39,9 +39,10 @@ You are also able to define custom prompts in your configuration.
 genai:
  provider: ollama
  base_url: http://localhost:11434
-  model: llava
+  model: qwen3-vl:8b-instruct

 objects:
+  genai:
    prompt: "Analyze the {label} in these images from the {camera} security camera. Focus on the actions, behavior, and potential intent of the {label}, rather than just describing its appearance."
    object_prompts:
      person: "Examine the main person in these images. What are they doing and what might their actions suggest about their intent (e.g., approaching a door, leaving an area, standing still)? Do not describe the surroundings or static details."
--- a/docs/docs/configuration/genai/review_summaries.md
+++ b/docs/docs/configuration/genai/review_summaries.md
@@ -16,12 +16,13 @@ Review summaries provide structured JSON responses that are saved for each revie
 ```
 - `title` (string): A concise, direct title that describes the purpose or overall action (e.g., "Person taking out trash", "Joe walking dog").
 - `scene` (string): A narrative description of what happens across the sequence from start to finish, including setting, detected objects, and their observable actions.
+- `shortSummary` (string): A brief 2-sentence summary of the scene, suitable for notifications. This is a condensed version of the scene description.
 - `confidence` (float): 0-1 confidence in the analysis. Higher confidence when objects/actions are clearly visible and context is unambiguous.
 - `other_concerns` (list): List of user-defined concerns that may need additional investigation.
 - `potential_threat_level` (integer): 0, 1, or 2 as defined below.
 ```

-This will show in multiple places in the UI to give additional context about each activity, and allow viewing more details when extra attention is required. Frigate's built in notifications will also automatically show the title and description when the data is available.
+This will show in multiple places in the UI to give additional context about each activity, and allow viewing more details when extra attention is required. Frigate's built in notifications will automatically show the title and `shortSummary` when the data is available, while the full `scene` description is available in the UI for detailed review.

 ### Defining Typical Activity

@@ -30,40 +31,43 @@ Each installation and even camera can have different parameters for what is cons
 <details>
  <summary>Default Activity Context Prompt</summary>

-```
-### Normal Activity Indicators (Level 0)
- Known/verified people in any zone at any time
- People with pets in residential areas
- Deliveries or services during daytime/evening (6 AM - 10 PM): carrying packages to doors/porches, placing items, leaving
- Services/maintenance workers with visible tools, uniforms, or service vehicles during daytime
- Activity confined to public areas only (sidewalks, streets) without entering property at any time
+```yaml
+review:
+  genai:
+    activity_context_prompt: |
+      ### Normal Activity Indicators (Level 0)
+      - Known/verified people in any zone at any time
+      - People with pets in residential areas
+      - Deliveries or services during daytime/evening (6 AM - 10 PM): carrying packages to doors/porches, placing items, leaving
+      - Services/maintenance workers with visible tools, uniforms, or service vehicles during daytime
+      - Activity confined to public areas only (sidewalks, streets) without entering property at any time

-### Suspicious Activity Indicators (Level 1)
- **Testing or attempting to open doors/windows/handles on vehicles or buildings** — ALWAYS Level 1 regardless of time or duration
- **Unidentified person in private areas (driveways, near vehicles/buildings) during late night/early morning (11 PM - 5 AM)** — ALWAYS Level 1 regardless of activity or duration
- Taking items that don't belong to them (packages, objects from porches/driveways)
- Climbing or jumping fences/barriers to access property
- Attempting to conceal actions or items from view
- Prolonged loitering: remaining in same area without visible purpose throughout most of the sequence
+      ### Suspicious Activity Indicators (Level 1)
+      - **Testing or attempting to open doors/windows/handles on vehicles or buildings** — ALWAYS Level 1 regardless of time or duration
+      - **Unidentified person in private areas (driveways, near vehicles/buildings) during late night/early morning (11 PM - 5 AM)** — ALWAYS Level 1 regardless of activity or duration
+      - Taking items that don't belong to them (packages, objects from porches/driveways)
+      - Climbing or jumping fences/barriers to access property
+      - Attempting to conceal actions or items from view
+      - Prolonged loitering: remaining in same area without visible purpose throughout most of the sequence

-### Critical Threat Indicators (Level 2)
- Holding break-in tools (crowbars, pry bars, bolt cutters)
- Weapons visible (guns, knives, bats used aggressively)
- Forced entry in progress
- Physical aggression or violence
- Active property damage or theft in progress
+      ### Critical Threat Indicators (Level 2)
+      - Holding break-in tools (crowbars, pry bars, bolt cutters)
+      - Weapons visible (guns, knives, bats used aggressively)
+      - Forced entry in progress
+      - Physical aggression or violence
+      - Active property damage or theft in progress

-### Assessment Guidance
-Evaluate in this order:
+      ### Assessment Guidance
+      Evaluate in this order:

-1. **If person is verified/known** → Level 0 regardless of time or activity
-2. **If person is unidentified:**
-   - Check time: If late night/early morning (11 PM - 5 AM) AND in private areas (driveways, near vehicles/buildings) → Level 1
-   - Check actions: If testing doors/handles, taking items, climbing → Level 1
-   - Otherwise, if daytime/evening (6 AM - 10 PM) with clear legitimate purpose (delivery, service worker) → Level 0
-3. **Escalate to Level 2 if:** Weapons, break-in tools, forced entry in progress, violence, or active property damage visible (escalates from Level 0 or 1)
+      1. **If person is verified/known** → Level 0 regardless of time or activity
+      2. **If person is unidentified:**
+        - Check time: If late night/early morning (11 PM - 5 AM) AND in private areas (driveways, near vehicles/buildings) → Level 1
+        - Check actions: If testing doors/handles, taking items, climbing → Level 1
+        - Otherwise, if daytime/evening (6 AM - 10 PM) with clear legitimate purpose (delivery, service worker) → Level 0
+      3. **Escalate to Level 2 if:** Weapons, break-in tools, forced entry in progress, violence, or active property damage visible (escalates from Level 0 or 1)

-The mere presence of an unidentified person in private areas during late night hours is inherently suspicious and warrants human review, regardless of what activity they appear to be doing or how brief the sequence is.
+      The mere presence of an unidentified person in private areas during late night hours is inherently suspicious and warrants human review, regardless of what activity they appear to be doing or how brief the sequence is.
 ```

 </details>
@@ -108,6 +112,23 @@ review:
      - animals in the garden
 ```

+### Preferred Language
+
+By default, review summaries are generated in English. You can configure Frigate to generate summaries in your preferred language by setting the `preferred_language` option:
+
+```yaml
+review:
+  genai:
+    enabled: true
+    preferred_language: Spanish
+```
+
 ## Review Reports

 Along with individual review item summaries, Generative AI provides the ability to request a report of a given time period. For example, you can get a daily report while on a vacation of any suspicious activity or other concerns that may require review.
+
+### Requesting Reports Programmatically
+
+Review reports can be requested via the [API](/integrations/api#review-summarization) by sending a POST request to `/api/review/summarize/start/{start_ts}/end/{end_ts}` with Unix timestamps.
+
+For Home Assistant users, there is a built-in service (`frigate.review_summarize`) that makes it easy to request review reports as part of automations or scripts. This allows you to automatically generate daily summaries, vacation reports, or custom time period reports based on your specific needs.
--- a/docs/docs/configuration/hardware_acceleration_enrichments.md
+++ b/docs/docs/configuration/hardware_acceleration_enrichments.md
@@ -13,7 +13,7 @@ Object detection and enrichments (like Semantic Search, Face Recognition, and Li

 - **AMD**

-  - ROCm will automatically be detected and used for enrichments in the `-rocm` Frigate image.
+  - ROCm support in the `-rocm` Frigate image is automatically detected for enrichments, but only some enrichment models are available due to ROCm's focus on LLMs and limited stability with certain neural network models. Frigate disables models that perform poorly or are unstable to ensure reliable operation, so only compatible enrichments may be active.

 - **Intel**

--- a/docs/docs/configuration/hardware_acceleration_video.md
+++ b/docs/docs/configuration/hardware_acceleration_video.md
@@ -3,78 +3,65 @@ id: hardware_acceleration_video
 title: Video Decoding
 ---

+import CommunityBadge from '@site/src/components/CommunityBadge';
+
 # Video Decoding

-It is highly recommended to use a GPU for hardware acceleration video decoding in Frigate. Some types of hardware acceleration are detected and used automatically, but you may need to update your configuration to enable hardware accelerated decoding in ffmpeg.
+It is highly recommended to use an integrated or discrete GPU for hardware acceleration video decoding in Frigate.

-Depending on your system, these parameters may not be compatible. More information on hardware accelerated decoding for ffmpeg can be found here: https://trac.ffmpeg.org/wiki/HWAccelIntro
+Some types of hardware acceleration are detected and used automatically, but you may need to update your configuration to enable hardware accelerated decoding in ffmpeg. To verify that hardware acceleration is working:
+- Check the logs: A message will either say that hardware acceleration was automatically detected, or there will be a warning that no hardware acceleration was automatically detected
+- If hardware acceleration is specified in the config, verification can be done by ensuring the logs are free from errors. There is no CPU fallback for hardware acceleration.

+:::info

-## Raspberry Pi 3/4
+Frigate supports presets for optimal hardware accelerated video decoding:

-Ensure you increase the allocated RAM for your GPU to at least 128 (`raspi-config` > Performance Options > GPU Memory).
-If you are using the HA Add-on, you may need to use the full access variant and turn off _Protection mode_ for hardware acceleration.
+**AMD**

-```yaml
-# if you want to decode a h264 stream
-ffmpeg:
-  hwaccel_args: preset-rpi-64-h264
+- [AMD](#amd-based-cpus): Frigate can utilize modern AMD integrated GPUs and AMD discrete GPUs to accelerate video decoding.

-# if you want to decode a h265 (hevc) stream
-ffmpeg:
-  hwaccel_args: preset-rpi-64-h265
-```
+**Intel**

-:::note
+- [Intel](#intel-based-cpus): Frigate can utilize most Intel integrated GPUs and Arc GPUs to accelerate video decoding.

-If running Frigate through Docker, you either need to run in privileged mode or
-map the `/dev/video*` devices to Frigate. With Docker Compose add:
+**Nvidia GPU**

-```yaml
-services:
-  frigate:
-    ...
-    devices:
-      - /dev/video11:/dev/video11
-```
+- [Nvidia GPU](#nvidia-gpus): Frigate can utilize most modern Nvidia GPUs to accelerate video decoding.

-Or with `docker run`:
+**Raspberry Pi 3/4**

-```bash
-docker run -d \
-  --name frigate \
-  ...
-  --device /dev/video11 \
-  ghcr.io/blakeblackshear/frigate:stable
-```
+- [Raspberry Pi](#raspberry-pi-34): Frigate can utilize the media engine in the Raspberry Pi 3 and 4 to slightly accelerate video decoding.

-`/dev/video11` is the correct device (on Raspberry Pi 4B). You can check
-by running the following and looking for `H264`:
+**Nvidia Jetson** <CommunityBadge />

-```bash
-for d in /dev/video*; do
-  echo -e "---\n$d"
-  v4l2-ctl --list-formats-ext -d $d
-done
-```
+- [Jetson](#nvidia-jetson): Frigate can utilize the media engine in Jetson hardware to accelerate video decoding.

-Or map in all the `/dev/video*` devices.
+**Rockchip** <CommunityBadge />
+
+- [RKNN](#rockchip-platform): Frigate can utilize the media engine in RockChip SOCs to accelerate video decoding.
+
+**Other Hardware**
+
+Depending on your system, these presets may not be compatible, and you may need to use manual hwaccel args to take advantage of your hardware. More information on hardware accelerated decoding for ffmpeg can be found here: https://trac.ffmpeg.org/wiki/HWAccelIntro

 :::

 ## Intel-based CPUs

+Frigate can utilize most Intel integrated GPUs and Arc GPUs to accelerate video decoding.
+
 :::info

 **Recommended hwaccel Preset**

-| CPU Generation | Intel Driver | Recommended Preset  | Notes                                |
-| -------------- | ------------ | ------------------- | ------------------------------------ |
-| gen1 - gen5    | i965         | preset-vaapi        | qsv is not supported                 |
-| gen6 - gen7    | iHD          | preset-vaapi        | qsv is not supported                 |
-| gen8 - gen12   | iHD          | preset-vaapi        | preset-intel-qsv-\* can also be used |
-| gen13+         | iHD / Xe     | preset-intel-qsv-\* |                                      |
-| Intel Arc GPU  | iHD / Xe     | preset-intel-qsv-\* |                                      |
+| CPU Generation | Intel Driver | Recommended Preset  | Notes                                       |
+| -------------- | ------------ | ------------------- | ------------------------------------------- |
+| gen1 - gen5    | i965         | preset-vaapi        | qsv is not supported, may not support H.265 |
+| gen6 - gen7    | iHD          | preset-vaapi        | qsv is not supported                        |
+| gen8 - gen12   | iHD          | preset-vaapi        | preset-intel-qsv-\* can also be used        |
+| gen13+         | iHD / Xe     | preset-intel-qsv-\* |                                             |
+| Intel Arc GPU  | iHD / Xe     | preset-intel-qsv-\* |                                             |

 :::

@@ -195,15 +182,17 @@ telemetry:

 If you are passing in a device path, make sure you've passed the device through to the container.

-## AMD/ATI GPUs (Radeon HD 2000 and newer GPUs) via libva-mesa-driver
+## AMD-based CPUs

-VAAPI supports automatic profile selection so it will work automatically with both H.264 and H.265 streams.
+Frigate can utilize modern AMD integrated GPUs and AMD GPUs to accelerate video decoding using VAAPI.

-:::note
+### Configuring Radeon Driver

 You need to change the driver to `radeonsi` by adding the following environment variable `LIBVA_DRIVER_NAME=radeonsi` to your docker-compose file or [in the `config.yml` for HA Add-on users](advanced.md#environment_vars).

-:::
+### Via VAAPI
+
+VAAPI supports automatic profile selection so it will work automatically with both H.264 and H.265 streams.

 ```yaml
 ffmpeg:
@@ -264,7 +253,7 @@ processes:

 :::note

-`nvidia-smi` may not show `ffmpeg` processes when run inside the container [due to docker limitations](https://github.com/NVIDIA/nvidia-docker/issues/179#issuecomment-645579458).
+`nvidia-smi` will not show `ffmpeg` processes when run inside the container [due to docker limitations](https://github.com/NVIDIA/nvidia-docker/issues/179#issuecomment-645579458).

 :::

@@ -300,12 +289,63 @@ If you do not see these processes, check the `docker logs` for the container and

 These instructions were originally based on the [Jellyfin documentation](https://jellyfin.org/docs/general/administration/hardware-acceleration.html#nvidia-hardware-acceleration-on-docker-linux).

+## Raspberry Pi 3/4
+
+Ensure you increase the allocated RAM for your GPU to at least 128 (`raspi-config` > Performance Options > GPU Memory).
+If you are using the HA Add-on, you may need to use the full access variant and turn off _Protection mode_ for hardware acceleration.
+
+```yaml
+# if you want to decode a h264 stream
+ffmpeg:
+  hwaccel_args: preset-rpi-64-h264
+
+# if you want to decode a h265 (hevc) stream
+ffmpeg:
+  hwaccel_args: preset-rpi-64-h265
+```
+
+:::note
+
+If running Frigate through Docker, you either need to run in privileged mode or
+map the `/dev/video*` devices to Frigate. With Docker Compose add:
+
+```yaml
+services:
+  frigate:
+    ...
+    devices:
+      - /dev/video11:/dev/video11
+```
+
+Or with `docker run`:
+
+```bash
+docker run -d \
+  --name frigate \
+  ...
+  --device /dev/video11 \
+  ghcr.io/blakeblackshear/frigate:stable
+```
+
+`/dev/video11` is the correct device (on Raspberry Pi 4B). You can check
+by running the following and looking for `H264`:
+
+```bash
+for d in /dev/video*; do
+  echo -e "---\n$d"
+  v4l2-ctl --list-formats-ext -d $d
+done
+```
+
+Or map in all the `/dev/video*` devices.
+
+:::
+
 # Community Supported

-## NVIDIA Jetson (Orin AGX, Orin NX, Orin Nano\*, Xavier AGX, Xavier NX, TX2, TX1, Nano)
+## NVIDIA Jetson

-A separate set of docker images is available that is based on Jetpack/L4T. They come with an `ffmpeg` build
-with codecs that use the Jetson's dedicated media engine. If your Jetson host is running Jetpack 6.0+ use the `stable-tensorrt-jp6` tagged image. Note that the Orin Nano has no video encoder, so frigate will use software encoding on this platform, but the image will still allow hardware decoding and tensorrt object detection.
+A separate set of docker images is available for Jetson devices. They come with an `ffmpeg` build with codecs that use the Jetson's dedicated media engine. If your Jetson host is running Jetpack 6.0+ use the `stable-tensorrt-jp6` tagged image. Note that the Orin Nano has no video encoder, so frigate will use software encoding on this platform, but the image will still allow hardware decoding and tensorrt object detection.

 You will need to use the image with the nvidia container runtime:

--- a/docs/docs/configuration/license_plate_recognition.md
+++ b/docs/docs/configuration/license_plate_recognition.md
@@ -107,23 +107,23 @@ Fine-tune the LPR feature using these optional parameters at the global level of

 ### Normalization Rules

- **`replace_rules`**: List of regex replacement rules to normalize detected plates. These rules are applied sequentially. Each rule must have a `pattern` (which can be a string or a regex, prepended by `r`) and `replacement` (a string, which also supports [backrefs](https://docs.python.org/3/library/re.html#re.sub) like `\1`). These rules are useful for dealing with common OCR issues like noise characters, separators, or confusions (e.g., 'O'→'0').
+- **`replace_rules`**: List of regex replacement rules to normalize detected plates. These rules are applied sequentially and are applied _before_ the `format` regex, if specified. Each rule must have a `pattern` (which can be a string or a regex) and `replacement` (a string, which also supports [backrefs](https://docs.python.org/3/library/re.html#re.sub) like `\1`). These rules are useful for dealing with common OCR issues like noise characters, separators, or confusions (e.g., 'O'→'0').

 These rules must be defined at the global level of your `lpr` config.

 ```yaml
 lpr:
  replace_rules:
-    - pattern: r'[%#*?]' # Remove noise symbols
+    - pattern: "[%#*?]" # Remove noise symbols
      replacement: ""
-    - pattern: r'[= ]' # Normalize = or space to dash
+    - pattern: "[= ]" # Normalize = or space to dash
      replacement: "-"
    - pattern: "O" # Swap 'O' to '0' (common OCR error)
      replacement: "0"
-    - pattern: r'I' # Swap 'I' to '1'
+    - pattern: "I" # Swap 'I' to '1'
      replacement: "1"
-    - pattern: r'(\w{3})(\w{3})' # Split 6 chars into groups (e.g., ABC123 → ABC-123)
-      replacement: r'\1-\2'
+    - pattern: '(\w{3})(\w{3})' # Split 6 chars into groups (e.g., ABC123 → ABC-123) - use single quotes to preserve backslashes
+      replacement: '\1-\2'
 ```

 - Rules fire in order: In the example above: clean noise first, then separators, then swaps, then splits.
@@ -374,9 +374,19 @@ Use `match_distance` to allow small character mismatches. Alternatively, define

 Start with ["Why isn't my license plate being detected and recognized?"](#why-isnt-my-license-plate-being-detected-and-recognized). If you are still having issues, work through these steps.

-1. Enable debug logs to see exactly what Frigate is doing.
+1. Start with a simplified LPR config.

-   - Enable debug logs for LPR by adding `frigate.data_processing.common.license_plate: debug` to your `logger` configuration. These logs are _very_ verbose, so only keep this enabled when necessary.
+   - Remove or comment out everything in your LPR config, including `min_area`, `min_plate_length`, `format`, `known_plates`, or `enhancement` values so that the only values left are `enabled` and `debug_save_plates`. This will run LPR with Frigate's default values.
+
+     ```yaml
+     lpr:
+       enabled: true
+       debug_save_plates: true
+     ```
+
+2. Enable debug logs to see exactly what Frigate is doing.
+
+   - Enable debug logs for LPR by adding `frigate.data_processing.common.license_plate: debug` to your `logger` configuration. These logs are _very_ verbose, so only keep this enabled when necessary. Restart Frigate after this change.

     ```yaml
     logger:
@@ -385,7 +395,7 @@ Start with ["Why isn't my license plate being detected and recognized?"](#why-is
         frigate.data_processing.common.license_plate: debug
     ```

-2. Ensure your plates are being _detected_.
+3. Ensure your plates are being _detected_.

   If you are using a Frigate+ or `license_plate` detecting model:

@@ -398,7 +408,7 @@ Start with ["Why isn't my license plate being detected and recognized?"](#why-is
   - Watch the debug logs for messages from the YOLOv9 plate detector.
   - You may need to adjust your `detection_threshold` if your plates are not being detected.

-3. Ensure the characters on detected plates are being _recognized_.
+4. Ensure the characters on detected plates are being _recognized_.

   - Enable `debug_save_plates` to save images of detected text on plates to the clips directory (`/media/frigate/clips/lpr`). Ensure these images are readable and the text is clear.
   - Watch the debug view to see plates recognized in real-time. For non-dedicated LPR cameras, the `car` or `motorcycle` label will change to the recognized plate when LPR is enabled and working.
--- a/docs/docs/configuration/live.md
+++ b/docs/docs/configuration/live.md
@@ -15,7 +15,7 @@ The jsmpeg live view will use more browser and client GPU resources. Using go2rt
 | ------ | ------------------------------------- | ---------- | ---------------------------- | --------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | jsmpeg | same as `detect -> fps`, capped at 10 | 720p       | no                           | no              | Resolution is configurable, but go2rtc is recommended if you want higher resolutions and better frame rates. jsmpeg is Frigate's default without go2rtc configured. |
 | mse    | native                                | native     | yes (depends on audio codec) | yes             | iPhone requires iOS 17.1+, Firefox is h.264 only. This is Frigate's default when go2rtc is configured.                                                              |
-| webrtc | native                                | native     | yes (depends on audio codec) | yes             | Requires extra configuration, doesn't support h.265. Frigate attempts to use WebRTC when MSE fails or when using a camera's two-way talk feature.                   |
+| webrtc | native                                | native     | yes (depends on audio codec) | yes             | Requires extra configuration. Frigate attempts to use WebRTC when MSE fails or when using a camera's two-way talk feature.                   |

 ### Camera Settings Recommendations

@@ -127,7 +127,8 @@ WebRTC works by creating a TCP or UDP connection on port `8555`. However, it req
  ```

 - For access through Tailscale, the Frigate system's Tailscale IP must be added as a WebRTC candidate. Tailscale IPs all start with `100.`, and are reserved within the `100.64.0.0/10` CIDR block.
- Note that WebRTC does not support H.265.
+
+- Note that some browsers may not support H.265 (HEVC). You can check your browser's current version for H.265 compatibility [here](https://github.com/AlexxIT/go2rtc?tab=readme-ov-file#codecs-madness). 

 :::tip

@@ -178,6 +179,8 @@ To use the Reolink Doorbell with two way talk, you should use the [recommended R

 As a starting point to check compatibility for your camera, view the list of cameras supported for two-way talk on the [go2rtc repository](https://github.com/AlexxIT/go2rtc?tab=readme-ov-file#two-way-audio). For cameras in the category `ONVIF Profile T`, you can use the [ONVIF Conformant Products Database](https://www.onvif.org/conformant-products/)'s FeatureList to check for the presence of `AudioOutput`. A camera that supports `ONVIF Profile T` _usually_ supports this, but due to inconsistent support, a camera that explicitly lists this feature may still not work. If no entry for your camera exists on the database, it is recommended not to buy it or to consult with the manufacturer's support on the feature availability.

+To prevent go2rtc from blocking other applications from accessing your camera's two-way audio, you must configure your stream with `#backchannel=0`. See [preventing go2rtc from blocking two-way audio](/configuration/restream#two-way-talk-restream) in the restream documentation.
+
 ### Streaming options on camera group dashboards

 Frigate provides a dialog in the Camera Group Edit pane with several options for streaming on a camera group's dashboard. These settings are _per device_ and are saved in your device's local storage.
@@ -232,7 +235,7 @@ When your browser runs into problems playing back your camera streams, it will l
 - **mse-decode**

  - What it means: The browser reported a decoding error while trying to play the stream, which usually is a result of a codec incompatibility or corrupted frames.
-  - What to try: Ensure your camera/restream is using H.264 video and AAC audio (these are the most compatible). If your camera uses a non-standard audio codec, configure `go2rtc` to transcode the stream to AAC. Try another browser (some browsers have stricter MSE/codec support) and, for iPhone, ensure you're on iOS 17.1 or newer.
+  - What to try: Check the browser console for the supported and negotiated codecs. Ensure your camera/restream is using H.264 video and AAC audio (these are the most compatible). If your camera uses a non-standard audio codec, configure `go2rtc` to transcode the stream to AAC. Try another browser (some browsers have stricter MSE/codec support) and, for iPhone, ensure you're on iOS 17.1 or newer.

  - Possible console messages from the player code:

--- a/docs/docs/configuration/masks.md
+++ b/docs/docs/configuration/masks.md
@@ -28,7 +28,6 @@ To create a poly mask:
 5. Click the plus icon under the type of mask or zone you would like to create
 6. Click on the camera's latest image to create the points for a masked area. Click the first point again to close the polygon.
 7. When you've finished creating your mask, press Save.
-8. Restart Frigate to apply your changes.

 Your config file will be updated with the relative coordinates of the mask/zone:

--- a/docs/docs/configuration/object_detectors.md
+++ b/docs/docs/configuration/object_detectors.md
@@ -13,7 +13,7 @@ Frigate supports multiple different detectors that work on different types of ha

 **Most Hardware**

- [Coral EdgeTPU](#edge-tpu-detector): The Google Coral EdgeTPU is available in USB and m.2 format allowing for a wide range of compatibility with devices.
+- [Coral EdgeTPU](#edge-tpu-detector): The Google Coral EdgeTPU is available in USB, Mini PCIe, and m.2 formats allowing for a wide range of compatibility with devices.
 - [Hailo](#hailo-8): The Hailo8 and Hailo8L AI Acceleration module is available in m.2 format with a HAT for RPi devices, offering a wide range of compatibility with devices.
 - <CommunityBadge /> [MemryX](#memryx-mx3): The MX3 Acceleration module is available in m.2 format, offering broad compatibility across various platforms.
 - <CommunityBadge /> [DeGirum](#degirum): Service for using hardware devices in the cloud or locally. Hardware and models provided on the cloud on [their website](https://hub.degirum.com).
@@ -69,12 +69,10 @@ Frigate provides the following builtin detector types: `cpu`, `edgetpu`, `hailo8

 ## Edge TPU Detector

-The Edge TPU detector type runs a TensorFlow Lite model utilizing the Google Coral delegate for hardware acceleration. To configure an Edge TPU detector, set the `"type"` attribute to `"edgetpu"`.
+The Edge TPU detector type runs TensorFlow Lite models utilizing the Google Coral delegate for hardware acceleration. To configure an Edge TPU detector, set the `"type"` attribute to `"edgetpu"`.

 The Edge TPU device can be specified using the `"device"` attribute according to the [Documentation for the TensorFlow Lite Python API](https://coral.ai/docs/edgetpu/multiple-edgetpu/#using-the-tensorflow-lite-python-api). If not set, the delegate will use the first device it finds.

-A TensorFlow Lite model is provided in the container at `/edgetpu_model.tflite` and is used by this detector type by default. To provide your own model, bind mount the file into the container and provide the path with `model.path`.
-
 :::tip

 See [common Edge TPU troubleshooting steps](/troubleshooting/edgetpu) if the Edge TPU is not detected.
@@ -146,6 +144,44 @@ detectors:
    device: pci
 ```

+### EdgeTPU Supported Models
+
+| Model                   | Notes                                       |
+| ----------------------- | ------------------------------------------- |
+| [Mobiledet](#mobiledet) | Default model                               |
+| [YOLOv9](#yolov9)       | More accurate but slower than default model |
+
+#### Mobiledet
+
+A TensorFlow Lite model is provided in the container at `/edgetpu_model.tflite` and is used by this detector type by default. To provide your own model, bind mount the file into the container and provide the path with `model.path`.
+
+#### YOLOv9
+
+YOLOv9 models that are compiled for TensorFlow Lite and properly quantized are supported, but not included by default. [Download the model](https://github.com/dbro/frigate-detector-edgetpu-yolo9/releases/download/v1.0/yolov9-s-relu6-best_320_int8_edgetpu.tflite), bind mount the file into the container, and provide the path with `model.path`. Note that the linked model requires a 17-label [labelmap file](https://raw.githubusercontent.com/dbro/frigate-detector-edgetpu-yolo9/refs/heads/main/labels-coco17.txt) that includes only 17 COCO classes.
+
+<details>
+  <summary>YOLOv9 Setup & Config</summary>
+
+After placing the downloaded files for the tflite model and labels in your config folder, you can use the following configuration:
+
+```yaml
+detectors:
+  coral:
+    type: edgetpu
+    device: usb
+
+model:
+  model_type: yolo-generic
+  width: 320 # <--- should match the imgsize of the model, typically 320
+  height: 320 # <--- should match the imgsize of the model, typically 320
+  path: /config/model_cache/yolov9-s-relu6-best_320_int8_edgetpu.tflite
+  labelmap_path: /config/labels-coco17.txt
+```
+
+Note that due to hardware limitations of the Coral, the labelmap is a subset of the COCO labels and includes only 17 object classes.
+
+</details>
+
 ---

 ## Hailo-8
@@ -364,7 +400,7 @@ The YOLO detector has been designed to support YOLOv3, YOLOv4, YOLOv7, and YOLOv

 :::warning

-If you are using a Frigate+ YOLOv9 model, you should not define any of the below `model` parameters in your config except for `path`. See [the Frigate+ model docs](/plus/first_model#step-3-set-your-model-id-in-the-config) for more information on setting up your model.
+If you are using a Frigate+ model, you should not define any of the below `model` parameters in your config except for `path`. See [the Frigate+ model docs](/plus/first_model#step-3-set-your-model-id-in-the-config) for more information on setting up your model.

 :::

@@ -441,7 +477,7 @@ After placing the downloaded onnx model in your config/model_cache folder, you c
 detectors:
  ov:
    type: openvino
-    device: GPU
+    device: CPU

 model:
  model_type: dfine
@@ -533,10 +569,10 @@ When using Docker Compose:
 ```yaml
 services:
  frigate:
---
-devices:
-  - /dev/dri
-  - /dev/kfd
+    ...
+    devices:
+      - /dev/dri
+      - /dev/kfd
 ```

 For reference on recommended settings see [running ROCm/pytorch in Docker](https://rocm.docs.amd.com/projects/install-on-linux/en/develop/how-to/3rd-party/pytorch-install.html#using-docker-with-pytorch-pre-installed).
@@ -564,9 +600,9 @@ When using Docker Compose:
 ```yaml
 services:
  frigate:
-
-environment:
-  HSA_OVERRIDE_GFX_VERSION: "10.0.0"
+    ...
+    environment:
+      HSA_OVERRIDE_GFX_VERSION: "10.0.0"
 ```

 Figuring out what version you need can be complicated as you can't tell the chipset name and driver from the AMD brand name.
@@ -704,7 +740,7 @@ The YOLO detector has been designed to support YOLOv3, YOLOv4, YOLOv7, and YOLOv

 :::warning

-If you are using a Frigate+ YOLOv9 model, you should not define any of the below `model` parameters in your config except for `path`. See [the Frigate+ model docs](/plus/first_model#step-3-set-your-model-id-in-the-config) for more information on setting up your model.
+If you are using a Frigate+ model, you should not define any of the below `model` parameters in your config except for `path`. See [the Frigate+ model docs](/plus/first_model#step-3-set-your-model-id-in-the-config) for more information on setting up your model.

 :::

@@ -1472,17 +1508,17 @@ COPY --from=build /dfine/output/dfine_${MODEL_SIZE}_obj2coco.onnx /dfine-${MODEL
 EOF
 ```

-### Download RF-DETR Model
+### Downloading RF-DETR Model

 RF-DETR can be exported as ONNX by running the command below. You can copy and paste the whole thing to your terminal and execute, altering `MODEL_SIZE=Nano` in the first line to `Nano`, `Small`, or `Medium` size.

 ```sh
-docker build . --build-arg MODEL_SIZE=Nano --output . -f- <<'EOF'
+docker build . --build-arg MODEL_SIZE=Nano --rm --output . -f- <<'EOF'
 FROM python:3.11 AS build
 RUN apt-get update && apt-get install --no-install-recommends -y libgl1 && rm -rf /var/lib/apt/lists/*
 COPY --from=ghcr.io/astral-sh/uv:0.8.0 /uv /bin/
 WORKDIR /rfdetr
-RUN uv pip install --system rfdetr[onnxexport] torch==2.8.0 onnxscript
+RUN uv pip install --system rfdetr[onnxexport] torch==2.8.0 onnx==1.19.1 onnxscript
 ARG MODEL_SIZE
 RUN python3 -c "from rfdetr import RFDETR${MODEL_SIZE}; x = RFDETR${MODEL_SIZE}(resolution=320); x.export(simplify=True)"
 FROM scratch
--- a/docs/docs/configuration/pwa.md
+++ b/docs/docs/configuration/pwa.md
@@ -11,7 +11,7 @@ This adds features including the ability to deep link directly into the app.

 In order to install Frigate as a PWA, the following requirements must be met:

- Frigate must be accessed via a secure context (localhost, secure https, etc.)
+- Frigate must be accessed via a secure context (localhost, secure https, VPN, etc.)
 - On Android, Firefox, Chrome, Edge, Opera, and Samsung Internet Browser all support installing PWAs.
 - On iOS 16.4 and later, PWAs can be installed from the Share menu in Safari, Chrome, Edge, Firefox, and Orion.

@@ -22,3 +22,7 @@ Installation varies slightly based on the device that is being used:
 - Desktop: Use the install button typically found in right edge of the address bar
 - Android: Use the `Install as App` button in the more options menu for Chrome, and the `Add app to Home screen` button for Firefox
 - iOS: Use the `Add to Homescreen` button in the share menu
+
+## Usage
+
+Once setup, the Frigate app can be used wherever it has access to Frigate. This means it can be setup as local-only, VPN-only, or fully accessible depending on your needs.
--- a/docs/docs/configuration/reference.md
+++ b/docs/docs/configuration/reference.md
@@ -123,7 +123,7 @@ auth:
  # Optional: Refresh time in seconds (default: shown below)
  # When the session is going to expire in less time than this setting,
  # it will be refreshed back to the session_length.
-  refresh_time: 43200 # 12 hours
+  refresh_time: 1800 # 30 minutes
  # Optional: Rate limiting for login failures to help prevent brute force
  # login attacks (default: shown below)
  # See the docs for more information on valid values
@@ -710,6 +710,44 @@ audio_transcription:
  # List of language codes: https://github.com/openai/whisper/blob/main/whisper/tokenizer.py#L10
  language: en

+# Optional: Configuration for classification models
+classification:
+  # Optional: Configuration for bird classification
+  bird:
+    # Optional: Enable bird classification (default: shown below)
+    enabled: False
+    # Optional: Minimum classification score required to be considered a match (default: shown below)
+    threshold: 0.9
+  custom:
+    # Required: name of the classification model
+    model_name:
+      # Optional: Enable running the model (default: shown below)
+      enabled: True
+      # Optional: Name of classification model (default: shown below)
+      name: None
+      # Optional: Classification score threshold to change the state (default: shown below)
+      threshold: 0.8
+      # Optional: Number of classification attempts to save in the recent classifications tab (default: shown below)
+      # NOTE: Defaults to 200 for object classification and 100 for state classification if not specified
+      save_attempts: None
+      # Optional: Object classification configuration
+      object_config:
+        # Required: Object types to classify
+        objects: [dog]
+        # Optional: Type of classification that is applied (default: shown below)
+        classification_type: sub_label
+      # Optional: State classification configuration
+      state_config:
+        # Required: Cameras to run classification on
+        cameras:
+          camera_name:
+            # Required: Crop of image frame on this camera to run classification on
+            crop: [0, 180, 220, 400]
+        # Optional: If classification should be run when motion is detected in the crop (default: shown below)
+        motion: False
+        # Optional: Interval to run classification on in seconds (default: shown below)
+        interval: None
+
 # Optional: Restream configuration
 # Uses https://github.com/AlexxIT/go2rtc (v1.9.10)
 # NOTE: The default go2rtc API port (1984) must be used,
@@ -873,7 +911,7 @@ cameras:
      user: admin
      # Optional: password for login.
      password: admin
-      # Optional: Skip TLS verification from the ONVIF server (default: shown below)
+      # Optional: Skip TLS verification and disable digest authentication for the ONVIF server (default: shown below)
      tls_insecure: False
      # Optional: Ignores time synchronization mismatches between the camera and the server during authentication.
      # Using NTP on both ends is recommended and this should only be set to True in a "safe" environment due to the security risk it represents.
@@ -964,10 +1002,6 @@ ui:
  #    full: 8:15:22 PM Mountain Standard Time
  # (default: shown below).
  time_style: medium
-  # Optional: Ability to manually override the date / time styling to use strftime format
-  # https://www.gnu.org/software/libc/manual/html_node/Formatting-Calendar-Time.html
-  # possible values are shown above (default: not set)
-  strftime_fmt: "%Y/%m/%d %H:%M"
  # Optional: Set the unit system to either "imperial" or "metric" (default: metric)
  # Used in the UI and in MQTT topics
  unit_system: metric
--- a/docs/docs/configuration/restream.md
+++ b/docs/docs/configuration/restream.md
@@ -24,11 +24,12 @@ birdseye:
  restream: True
 ```

-:::tip 
+:::tip

-To improve connection speed when using Birdseye via restream you can enable a small idle heartbeat by setting `birdseye.idle_heartbeat_fps` to a low value (e.g. `1–2`).  This makes Frigate periodically push the last frame even when no motion is detected, reducing initial connection latency.
+To improve connection speed when using Birdseye via restream you can enable a small idle heartbeat by setting `birdseye.idle_heartbeat_fps` to a low value (e.g. `1–2`). This makes Frigate periodically push the last frame even when no motion is detected, reducing initial connection latency.

 :::
+
 ### Securing Restream With Authentication

 The go2rtc restream can be secured with RTSP based username / password authentication. Ex:
@@ -159,14 +160,64 @@ go2rtc:

 See [this comment](https://github.com/AlexxIT/go2rtc/issues/1217#issuecomment-2242296489) for more information.

+## Preventing go2rtc from blocking two-way audio {#two-way-talk-restream}
+
+For cameras that support two-way talk, go2rtc will automatically establish an audio output backchannel when connecting to an RTSP stream. This backchannel blocks access to the camera's audio output for two-way talk functionality, preventing both Frigate and other applications from using it.
+
+To prevent this, you must configure two separate stream instances:
+
+1. One stream instance with `#backchannel=0` for Frigate's viewing, recording, and detection (prevents go2rtc from establishing the blocking backchannel)
+2. A second stream instance without `#backchannel=0` for two-way talk functionality (can be used by Frigate's WebRTC viewer or other applications)
+
+Configuration example:
+
+```yaml
+go2rtc:
+  streams:
+    front_door:
+      - rtsp://user:password@10.0.10.10:554/cam/realmonitor?channel=1&subtype=2#backchannel=0
+    front_door_twoway:
+      - rtsp://user:password@10.0.10.10:554/cam/realmonitor?channel=1&subtype=2
+```
+
+In this configuration:
+
+- `front_door` stream is used by Frigate for viewing, recording, and detection. The `#backchannel=0` parameter prevents go2rtc from establishing the audio output backchannel, so it won't block two-way talk access.
+- `front_door_twoway` stream is used for two-way talk functionality. This stream can be used by Frigate's WebRTC viewer when two-way talk is enabled, or by other applications (like Home Assistant Advanced Camera Card) that need access to the camera's audio output channel.
+
+## Security: Restricted Stream Sources
+
+For security reasons, the `echo:`, `expr:`, and `exec:` stream sources are disabled by default in go2rtc. These sources allow arbitrary command execution and can pose security risks if misconfigured.
+
+If you attempt to use these sources in your configuration, the streams will be removed and an error message will be printed in the logs.
+
+To enable these sources, you must set the environment variable `GO2RTC_ALLOW_ARBITRARY_EXEC=true`. This can be done in your Docker Compose file or container environment:
+
+```yaml
+environment:
+  - GO2RTC_ALLOW_ARBITRARY_EXEC=true
+```
+
+:::warning
+
+Enabling arbitrary exec sources allows execution of arbitrary commands through go2rtc stream configurations. Only enable this if you understand the security implications and trust all sources of your configuration.
+
+:::
+
 ## Advanced Restream Configurations

 The [exec](https://github.com/AlexxIT/go2rtc/tree/v1.9.10#source-exec) source in go2rtc can be used for custom ffmpeg commands. An example is below:

+:::warning
+
+The `exec:`, `echo:`, and `expr:` sources are disabled by default for security. You must set `GO2RTC_ALLOW_ARBITRARY_EXEC=true` to use them. See [Security: Restricted Stream Sources](#security-restricted-stream-sources) for more information.
+
+:::
+
 NOTE: The output will need to be passed with two curly braces `{{output}}`

 ```yaml
 go2rtc:
  streams:
    stream1: exec:ffmpeg -hide_banner -re -stream_loop -1 -i /media/BigBuckBunny.mp4 -c copy -rtsp_transport tcp -f rtsp {{output}}
-```
+```
--- a/docs/docs/frigate/hardware.md
+++ b/docs/docs/frigate/hardware.md
@@ -20,7 +20,7 @@ Here are some of the cameras I recommend:
 - <a href="https://amzn.to/4fwoNWA" target="_blank" rel="nofollow noopener sponsored">Loryta(Dahua) IPC-T549M-ALED-S3</a> (affiliate link)
 - <a href="https://amzn.to/3YXpcMw" target="_blank" rel="nofollow noopener sponsored">Loryta(Dahua) IPC-T54IR-AS</a> (affiliate link)
 - <a href="https://amzn.to/3AvBHoY" target="_blank" rel="nofollow noopener sponsored">Amcrest IP5M-T1179EW-AI-V3</a> (affiliate link)
- <a href="https://amzn.to/4ltOpaC" target="_blank" rel="nofollow noopener sponsored">HIKVISION DS-2CD2387G2P-LSU/SL ColorVu 8MP Panoramic Turret IP Camera</a> (affiliate link)
+- <a href="https://www.bhphotovideo.com/c/product/1705511-REG/hikvision_colorvu_ds_2cd2387g2p_lsu_sl_8mp_network.html" target="_blank" rel="nofollow noopener">HIKVISION DS-2CD2387G2P-LSU/SL ColorVu 8MP Panoramic Turret IP Camera</a> (affiliate link)

 I may earn a small commission for my endorsement, recommendation, testimonial, or link to any products or services from this website.

@@ -38,9 +38,11 @@ If the EQ13 is out of stock, the link below may take you to a suggested alternat

 :::

-| Name                                                                                                          | Coral Inference Speed | Coral Compatibility | Notes                                                                                     |
-| ------------------------------------------------------------------------------------------------------------- | --------------------- | ------------------- | ----------------------------------------------------------------------------------------- |
-| Beelink EQ13 (<a href="https://amzn.to/4jn2qVr" target="_blank" rel="nofollow noopener sponsored">Amazon</a>) | 5-10ms                | USB                 | Dual gigabit NICs for easy isolated camera network. Easily handles several 1080p cameras. |
+| Name                                                                                                          | Capabilities                                                               | Notes                                               |
+| ------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------- | --------------------------------------------------- |
+| Beelink EQ13 (<a href="https://amzn.to/4jn2qVr" target="_blank" rel="nofollow noopener sponsored">Amazon</a>) | Can run object detection on several 1080p cameras with low-medium activity | Dual gigabit NICs for easy isolated camera network. |
+| Intel 1120p ([Amazon](https://www.amazon.com/Beelink-i3-1220P-Computer-Display-Gigabit/dp/B0DDCKT9YP)         | Can handle a large number of 1080p cameras with high activity              |                                                     |
+| Intel 125H  ([Amazon](https://www.amazon.com/MINISFORUM-Pro-125H-Barebone-Computer-HDMI2-1/dp/B0FH21FSZM)     | Can handle a significant number of 1080p cameras with high activity        | Includes NPU for more efficient detection in 0.17+  |

 ## Detectors

@@ -125,10 +127,16 @@ In real-world deployments, even with multiple cameras running concurrently, Frig

 ### Google Coral TPU

+:::warning
+
+The Coral is no longer recommended for new Frigate installations, except in deployments with particularly low power requirements or hardware incapable of utilizing alternative AI accelerators for object detection. Instead, we suggest using one of the numerous other supported object detectors. Frigate will continue to provide support for the Coral TPU for as long as practicably possible given its still one of the most power-efficient devices for executing object detection models.
+
+:::
+
 Frigate supports both the USB and M.2 versions of the Google Coral.

 - The USB version is compatible with the widest variety of hardware and does not require a driver on the host machine. However, it does lack the automatic throttling features of the other versions.
- The PCIe and M.2 versions require installation of a driver on the host. Follow the instructions for your version from https://coral.ai
+- The PCIe and M.2 versions require installation of a driver on the host. https://github.com/jnicolson/gasket-builder should be used.

 A single Coral can handle many cameras using the default model and will be sufficient for the majority of users. You can calculate the maximum performance of your Coral based on the inference speed reported by Frigate. With an inference speed of 10, your Coral will top out at `1000/10=100`, or 100 frames per second. If your detection fps is regularly getting close to that, you should first consider tuning motion masks. If those are already properly configured, a second Coral may be needed.

@@ -159,7 +167,7 @@ Inference speeds vary greatly depending on the CPU or GPU used, some known examp
 | Intel HD 530   | 15 - 35 ms                 |                                                   |                           |                        | Can only run one detector instance |
 | Intel HD 620   | 15 - 25 ms                 |                                                   | 320: ~ 35 ms              |                        |                                    |
 | Intel HD 630   | ~ 15 ms                    |                                                   | 320: ~ 30 ms              |                        |                                    |
-| Intel UHD 730  | ~ 10 ms                    |                                                   | 320: ~ 19 ms 640: ~ 54 ms |                        |                                    |
+| Intel UHD 730  | ~ 10 ms                    | t-320: 14ms s-320: 24ms t-640: 34ms s-640: 65ms   | 320: ~ 19 ms 640: ~ 54 ms |                        |                                    |
 | Intel UHD 770  | ~ 15 ms                    | t-320: ~ 16 ms s-320: ~ 20 ms s-640: ~ 40 ms      | 320: ~ 20 ms 640: ~ 46 ms |                        |                                    |
 | Intel N100     | ~ 15 ms                    | s-320: 30 ms                                      | 320: ~ 25 ms              |                        | Can only run one detector instance |
 | Intel N150     | ~ 15 ms                    | t-320: 16 ms s-320: 24 ms                         |                           |                        |                                    |
--- a/docs/docs/frigate/installation.md
+++ b/docs/docs/frigate/installation.md
@@ -94,6 +94,10 @@ $ python -c 'print("{:.2f}MB".format(((1280 * 720 * 1.5 * 20 + 270480) / 1048576

 The shm size cannot be set per container for Home Assistant add-ons. However, this is probably not required since by default Home Assistant Supervisor allocates `/dev/shm` with half the size of your total memory. If your machine has 8GB of memory, chances are that Frigate will have access to up to 4GB without any additional configuration.

+## Extra Steps for Specific Hardware
+
+The following sections contain additional setup steps that are only required if you are using specific hardware. If you are not using any of these hardware types, you can skip to the [Docker](#docker) installation section.
+
 ### Raspberry Pi 3/4

 By default, the Raspberry Pi limits the amount of memory available to the GPU. In order to use ffmpeg hardware acceleration, you must increase the available memory by setting `gpu_mem` to the maximum recommended value in `config.txt` as described in the [official docs](https://www.raspberrypi.org/documentation/computers/config_txt.html#memory-options).
@@ -106,14 +110,107 @@ The Hailo-8 and Hailo-8L AI accelerators are available in both M.2 and HAT form

 #### Installation

-For Raspberry Pi 5 users with the AI Kit, installation is straightforward. Simply follow this [guide](https://www.raspberrypi.com/documentation/accessories/ai-kit.html#ai-kit-installation) to install the driver and software.
+:::warning

-For other installations, follow these steps for installation:
+The Raspberry Pi kernel includes an older version of the Hailo driver that is incompatible with Frigate. You **must** follow the installation steps below to install the correct driver version, and you **must** disable the built-in kernel driver as described in step 1.

-1. Install the driver from the [Hailo GitHub repository](https://github.com/hailo-ai/hailort-drivers). A convenient script for Linux is available to clone the repository, build the driver, and install it.
-2. Copy or download [this script](https://github.com/blakeblackshear/frigate/blob/dev/docker/hailo8l/user_installation.sh).
-3. Ensure it has execution permissions with `sudo chmod +x user_installation.sh`
-4. Run the script with `./user_installation.sh`
+:::
+
+1. **Disable the built-in Hailo driver (Raspberry Pi only)**:
+
+   :::note
+
+   If you are **not** using a Raspberry Pi, skip this step and proceed directly to step 2.
+
+   :::
+
+   If you are using a Raspberry Pi, you need to blacklist the built-in kernel Hailo driver to prevent conflicts. First, check if the driver is currently loaded:
+
+   ```bash
+   lsmod | grep hailo
+   ```
+
+   If it shows `hailo_pci`, unload it:
+
+   ```bash
+   sudo rmmod hailo_pci
+   ```
+
+   Now blacklist the driver to prevent it from loading on boot:
+
+   ```bash
+   echo "blacklist hailo_pci" | sudo tee /etc/modprobe.d/blacklist-hailo_pci.conf
+   ```
+
+   Update initramfs to ensure the blacklist takes effect:
+
+   ```bash
+   sudo update-initramfs -u
+   ```
+
+   Reboot your Raspberry Pi:
+
+   ```bash
+   sudo reboot
+   ```
+
+   After rebooting, verify the built-in driver is not loaded:
+
+   ```bash
+   lsmod | grep hailo
+   ```
+
+   This command should return no results. If it still shows `hailo_pci`, the blacklist did not take effect properly and you may need to check for other Hailo packages installed via apt that are loading the driver.
+
+2. **Run the installation script**:
+
+   Download the installation script:
+
+   ```bash
+   wget https://raw.githubusercontent.com/blakeblackshear/frigate/dev/docker/hailo8l/user_installation.sh
+   ```
+
+   Make it executable:
+
+   ```bash
+   sudo chmod +x user_installation.sh
+   ```
+
+   Run the script:
+
+   ```bash
+   ./user_installation.sh
+   ```
+
+   The script will:
+
+   - Install necessary build dependencies
+   - Clone and build the Hailo driver from the official repository
+   - Install the driver
+   - Download and install the required firmware
+   - Set up udev rules
+
+3. **Reboot your system**:
+
+   After the script completes successfully, reboot to load the firmware:
+
+   ```bash
+   sudo reboot
+   ```
+
+4. **Verify the installation**:
+
+   After rebooting, verify that the Hailo device is available:
+
+   ```bash
+   ls -l /dev/hailo0
+   ```
+
+   You should see the device listed. You can also verify the driver is loaded:
+
+   ```bash
+   lsmod | grep hailo_pci
+   ```

 #### Setup

@@ -135,6 +232,7 @@ Finally, configure [hardware object detection](/configuration/object_detectors#h
 ### MemryX MX3

 The MemryX MX3 Accelerator is available in the M.2 2280 form factor (like an NVMe SSD), and supports a variety of configurations:
+
 - x86 (Intel/AMD) PCs
 - Raspberry Pi 5
 - Orange Pi 5 Plus/Max
@@ -142,7 +240,6 @@ The MemryX MX3 Accelerator is available in the M.2 2280 form factor (like an NVM

 #### Configuration

-
 #### Installation

 To get started with MX3 hardware setup for your system, refer to the [Hardware Setup Guide](https://developer.memryx.com/get_started/hardware_setup.html).
@@ -156,7 +253,7 @@ Then follow these steps for installing the correct driver/runtime configuration:

 #### Setup

-To set up Frigate, follow the default installation instructions, for example:   `ghcr.io/blakeblackshear/frigate:stable`
+To set up Frigate, follow the default installation instructions, for example: `ghcr.io/blakeblackshear/frigate:stable`

 Next, grant Docker permissions to access your hardware by adding the following lines to your `docker-compose.yml` file:

@@ -173,7 +270,7 @@ In your `docker-compose.yml`, also add:
 privileged: true

 volumes:
-    /run/mxa_manager:/run/mxa_manager
+  - /run/mxa_manager:/run/mxa_manager
 ```

 If you can't use Docker Compose, you can run the container with something similar to this:
@@ -302,7 +399,7 @@ services:
    shm_size: "512mb" # update for your cameras based on calculation above
    devices:
      - /dev/bus/usb:/dev/bus/usb # Passes the USB Coral, needs to be modified for other versions
-      - /dev/apex_0:/dev/apex_0 # Passes a PCIe Coral, follow driver instructions here https://coral.ai/docs/m2/get-started/#2a-on-linux
+      - /dev/apex_0:/dev/apex_0 # Passes a PCIe Coral, follow driver instructions here https://github.com/jnicolson/gasket-builder
      - /dev/video11:/dev/video11 # For Raspberry Pi 4B
      - /dev/dri/renderD128:/dev/dri/renderD128 # AMD / Intel GPU, needs to be updated for your hardware
      - /dev/accel:/dev/accel # Intel NPU
@@ -368,6 +465,7 @@ There are important limitations in HA OS to be aware of:

 - Separate local storage for media is not yet supported by Home Assistant
 - AMD GPUs are not supported because HA OS does not include the mesa driver.
+- Intel NPUs are not supported because HA OS does not include the NPU firmware.
 - Nvidia GPUs are not supported because addons do not support the nvidia runtime.

 :::
@@ -411,7 +509,7 @@ To install make sure you have the [community app plugin here](https://forums.unr

 ## Proxmox

-[According to Proxmox documentation](https://pve.proxmox.com/pve-docs/pve-admin-guide.html#chapter_pct) it is recommended that you run application containers like Frigate inside a Proxmox QEMU VM. This will give you all the advantages of application containerization, while also providing the benefits that VMs offer, such as strong isolation from the host and the ability to live-migrate, which otherwise isn’t possible with containers.
+[According to Proxmox documentation](https://pve.proxmox.com/pve-docs/pve-admin-guide.html#chapter_pct) it is recommended that you run application containers like Frigate inside a Proxmox QEMU VM. This will give you all the advantages of application containerization, while also providing the benefits that VMs offer, such as strong isolation from the host and the ability to live-migrate, which otherwise isn’t possible with containers. Ensure that ballooning is **disabled**, especially if you are passing through a GPU to the VM.

 :::warning

--- a/docs/docs/frigate/updating.md
+++ b/docs/docs/frigate/updating.md
@@ -5,7 +5,7 @@ title: Updating

 # Updating Frigate

-The current stable version of Frigate is **0.16.2**. The release notes and any breaking changes for this version can be found on the [Frigate GitHub releases page](https://github.com/blakeblackshear/frigate/releases/tag/v0.16.2).
+The current stable version of Frigate is **0.17.0**. The release notes and any breaking changes for this version can be found on the [Frigate GitHub releases page](https://github.com/blakeblackshear/frigate/releases/tag/v0.17.0).

 Keeping Frigate up to date ensures you benefit from the latest features, performance improvements, and bug fixes. The update process varies slightly depending on your installation method (Docker, Home Assistant Addon, etc.). Below are instructions for the most common setups.

@@ -33,21 +33,21 @@ If you’re running Frigate via Docker (recommended method), follow these steps:
 2. **Update and Pull the Latest Image**:

   - If using Docker Compose:
-     - Edit your `docker-compose.yml` file to specify the desired version tag (e.g., `0.16.2` instead of `0.15.2`). For example:
+     - Edit your `docker-compose.yml` file to specify the desired version tag (e.g., `0.17.0` instead of `0.16.3`). For example:
       ```yaml
       services:
         frigate:
-           image: ghcr.io/blakeblackshear/frigate:0.16.2
+           image: ghcr.io/blakeblackshear/frigate:0.17.0
       ```
     - Then pull the image:
       ```bash
-       docker pull ghcr.io/blakeblackshear/frigate:0.16.2
+       docker pull ghcr.io/blakeblackshear/frigate:0.17.0
       ```
     - **Note for `stable` Tag Users**: If your `docker-compose.yml` uses the `stable` tag (e.g., `ghcr.io/blakeblackshear/frigate:stable`), you don’t need to update the tag manually. The `stable` tag always points to the latest stable release after pulling.
   - If using `docker run`:
-     - Pull the image with the appropriate tag (e.g., `0.16.2`, `0.16.2-tensorrt`, or `stable`):
+     - Pull the image with the appropriate tag (e.g., `0.17.0`, `0.17.0-tensorrt`, or `stable`):
       ```bash
-       docker pull ghcr.io/blakeblackshear/frigate:0.16.2
+       docker pull ghcr.io/blakeblackshear/frigate:0.17.0
       ```

 3. **Start the Container**:
@@ -105,8 +105,8 @@ If an update causes issues:
 1. Stop Frigate.
 2. Restore your backed-up config file and database.
 3. Revert to the previous image version:
-   - For Docker: Specify an older tag (e.g., `ghcr.io/blakeblackshear/frigate:0.15.2`) in your `docker run` command.
-   - For Docker Compose: Edit your `docker-compose.yml`, specify the older version tag (e.g., `ghcr.io/blakeblackshear/frigate:0.15.2`), and re-run `docker compose up -d`.
+   - For Docker: Specify an older tag (e.g., `ghcr.io/blakeblackshear/frigate:0.16.3`) in your `docker run` command.
+   - For Docker Compose: Edit your `docker-compose.yml`, specify the older version tag (e.g., `ghcr.io/blakeblackshear/frigate:0.16.3`), and re-run `docker compose up -d`.
   - For Home Assistant: Reinstall the previous addon version manually via the repository if needed and restart the addon.
 4. Verify the old version is running again.

--- a/docs/docs/guides/configuring_go2rtc.md
+++ b/docs/docs/guides/configuring_go2rtc.md
@@ -113,7 +113,8 @@ section.

 1. If the stream you added to go2rtc is also used by Frigate for the `record` or `detect` role, you can migrate your config to pull from the RTSP restream to reduce the number of connections to your camera as shown [here](/configuration/restream#reduce-connections-to-camera).
 2. You can [set up WebRTC](/configuration/live#webrtc-extra-configuration) if your camera supports two-way talk. Note that WebRTC only supports specific audio formats and may require opening ports on your router.
+3. If your camera supports two-way talk, you must configure your stream with `#backchannel=0` to prevent go2rtc from blocking other applications from accessing the camera's audio output. See [preventing go2rtc from blocking two-way audio](/configuration/restream#two-way-talk-restream) in the restream documentation.

 ## Homekit Configuration

-To add camera streams to Homekit Frigate must be configured in docker to use `host` networking mode. Once that is done, you can use the go2rtc WebUI (accessed via port 1984, which is disabled by default) to share export a camera to Homekit. Any changes made will automatically be saved to `/config/go2rtc_homekit.yml`.
+To add camera streams to Homekit Frigate must be configured in docker to use `host` networking mode. Once that is done, you can use the go2rtc WebUI (accessed via port 1984, which is disabled by default) to share export a camera to Homekit. Any changes made will automatically be saved to `/config/go2rtc_homekit.yml`.
--- a/docs/docs/guides/getting_started.md
+++ b/docs/docs/guides/getting_started.md
@@ -134,31 +134,13 @@ Now you should be able to start Frigate by running `docker compose up -d` from w

 This section assumes that you already have an environment setup as described in [Installation](../frigate/installation.md). You should also configure your cameras according to the [camera setup guide](/frigate/camera_setup). Pay particular attention to the section on choosing a detect resolution.

-### Step 1: Add a detect stream
+### Step 1: Start Frigate

-First we will add the detect stream for the camera:
+At this point you should be able to start Frigate and a basic config will be created automatically.

-```yaml
-mqtt:
-  enabled: False
+### Step 2: Add a camera

-cameras:
-  name_of_your_camera: # <------ Name the camera
-    enabled: True
-    ffmpeg:
-      inputs:
-        - path: rtsp://10.0.10.10:554/rtsp # <----- The stream you want to use for detection
-          roles:
-            - detect
-```
-
-### Step 2: Start Frigate
-
-At this point you should be able to start Frigate and see the video feed in the UI.
-
-If you get an error image from the camera, this means ffmpeg was not able to get the video feed from your camera. Check the logs for error messages from ffmpeg. The default ffmpeg arguments are designed to work with H264 RTSP cameras that support TCP connections.
-
-FFmpeg arguments for other types of cameras can be found [here](../configuration/camera_specific.md).
+You can click the `Add Camera` button to use the camera setup wizard to get your first camera added into Frigate.

 ### Step 3: Configure hardware acceleration (recommended)

@@ -173,7 +155,7 @@ services:
  frigate:
    ...
    devices:
-      - /dev/dri/renderD128:/dev/dri/renderD128 # for intel hwaccel, needs to be updated for your hardware
+      - /dev/dri/renderD128:/dev/dri/renderD128 # for intel & amd hwaccel, needs to be updated for your hardware
    ...
 ```

@@ -202,7 +184,7 @@ services:
    ...
    devices:
      - /dev/bus/usb:/dev/bus/usb # passes the USB Coral, needs to be modified for other versions
-      - /dev/apex_0:/dev/apex_0 # passes a PCIe Coral, follow driver instructions here https://coral.ai/docs/m2/get-started/#2a-on-linux
+      - /dev/apex_0:/dev/apex_0 # passes a PCIe Coral, follow driver instructions here https://github.com/jnicolson/gasket-builder
    ...
 ```

--- a/docs/docs/integrations/home-assistant.md
+++ b/docs/docs/integrations/home-assistant.md
@@ -245,6 +245,12 @@ To load a preview gif of a review item:
 https://HA_URL/api/frigate/notifications/<review-id>/review_preview.gif
 ```

+To load the thumbnail of a review item:
+
+```
+https://HA_URL/api/frigate/notifications/<review-id>/<camera>/review_thumbnail.webp
+```
+
 <a name="streams"></a>

 ## RTSP stream
--- a/docs/docs/integrations/mqtt.md
+++ b/docs/docs/integrations/mqtt.md
@@ -280,7 +280,7 @@ Topic with current state of notifications. Published values are `ON` and `OFF`.

 ## Frigate Camera Topics

-### `frigate/<camera_name>/<role>/status`
+### `frigate/<camera_name>/status/<role>`

 Publishes the current health status of each role that is enabled (`audio`, `detect`, `record`). Possible values are:

--- a/docs/docs/integrations/third_party_extensions.md
+++ b/docs/docs/integrations/third_party_extensions.md
@@ -38,3 +38,7 @@ This is a fork (with fixed errors and new features) of [original Double Take](ht
 ## [Periscope](https://github.com/maksz42/periscope)

 [Periscope](https://github.com/maksz42/periscope) is a lightweight Android app that turns old devices into live viewers for Frigate. It works on Android 2.2 and above, including Android TV. It supports authentication and HTTPS.
+
+## [Scrypted - Frigate bridge plugin](https://github.com/apocaliss92/scrypted-frigate-bridge)
+
+[Scrypted - Frigate bridge](https://github.com/apocaliss92/scrypted-frigate-bridge) is an plugin that allows to ingest Frigate detections, motion, videoclips on Scrypted as well as provide templates to export rebroadcast configurations on Frigate.
--- a/docs/docs/plus/index.md
+++ b/docs/docs/plus/index.md
@@ -15,13 +15,11 @@ There are three model types offered in Frigate+, `mobiledet`, `yolonas`, and `yo

 Not all model types are supported by all detectors, so it's important to choose a model type to match your detector as shown in the table under [supported detector types](#supported-detector-types). You can test model types for compatibility and speed on your hardware by using the base models.

-| Model Type  | Description                                                                                                                                                                                                                        |
-| ----------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `mobiledet` | Based on the same architecture as the default model included with Frigate. Runs on Google Coral devices and CPUs.                                                                                                                  |
-| `yolonas`   | A newer architecture that offers slightly higher accuracy and improved detection of small objects. Runs on Intel, NVidia GPUs, and AMD GPUs.                                                                                       |
-| `yolov9`    | A leading SOTA (state of the art) object detection model with similar performance to yolonas, but on a wider range of hardware options. Runs on Intel, NVidia GPUs, AMD GPUs, Hailo, MemryX\*, Apple Silicon\*, and Rockchip NPUs. |
-
-_\* Support coming in 0.17_
+| Model Type  | Description                                                                                                                                                                                                                    |
+| ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
+| `mobiledet` | Based on the same architecture as the default model included with Frigate. Runs on Google Coral devices and CPUs.                                                                                                              |
+| `yolonas`   | A newer architecture that offers slightly higher accuracy and improved detection of small objects. Runs on Intel, NVidia GPUs, and AMD GPUs.                                                                                   |
+| `yolov9`    | A leading SOTA (state of the art) object detection model with similar performance to yolonas, but on a wider range of hardware options. Runs on Intel, NVidia GPUs, AMD GPUs, Hailo, MemryX, Apple Silicon, and Rockchip NPUs. |

 ### YOLOv9 Details

@@ -39,7 +37,7 @@ If you have a Hailo device, you will need to specify the hardware you have when

 #### Rockchip (RKNN) Support

-For 0.16, YOLOv9 onnx models will need to be manually converted. First, you will need to configure Frigate to use the model id for your YOLOv9 onnx model so it downloads the model to your `model_cache` directory. From there, you can follow the [documentation](/configuration/object_detectors.md#converting-your-own-onnx-model-to-rknn-format) to convert it. Automatic conversion is coming in 0.17.
+For 0.16, YOLOv9 onnx models will need to be manually converted. First, you will need to configure Frigate to use the model id for your YOLOv9 onnx model so it downloads the model to your `model_cache` directory. From there, you can follow the [documentation](/configuration/object_detectors.md#converting-your-own-onnx-model-to-rknn-format) to convert it. Automatic conversion is available in 0.17 and later.

 ## Supported detector types

@@ -55,7 +53,7 @@ Currently, Frigate+ models support CPU (`cpu`), Google Coral (`edgetpu`), OpenVi
 | [Hailo8/Hailo8L/Hailo8R](/configuration/object_detectors#hailo-8)                | `hailo8l`                 | `yolov9`               |
 | [Rockchip NPU](/configuration/object_detectors#rockchip-platform)\*              | `rknn`                    | `yolov9`               |

-_\* Requires manual conversion in 0.16. Automatic conversion coming in 0.17._
+_\* Requires manual conversion in 0.16. Automatic conversion available in 0.17 and later._

 ## Improving your model

--- a/docs/docs/troubleshooting/cpu.md
+++ b/docs/docs/troubleshooting/cpu.md
@@ -0,0 +1,73 @@
+---
+id: cpu
+title: High CPU Usage
+---
+
+High CPU usage can impact Frigate's performance and responsiveness. This guide outlines the most effective configuration changes to help reduce CPU consumption and optimize resource usage.
+
+## 1. Hardware Acceleration for Video Decoding
+
+**Priority: Critical**
+
+Video decoding is one of the most CPU-intensive tasks in Frigate. While an AI accelerator handles object detection, it does not assist with decoding video streams. Hardware acceleration (hwaccel) offloads this work to your GPU or specialized video decode hardware, significantly reducing CPU usage and enabling you to support more cameras on the same hardware.
+
+### Key Concepts
+
+**Resolution & FPS Impact:** The decoding burden grows exponentially with resolution and frame rate. A 4K stream at 30 FPS requires roughly 4 times the processing power of a 1080p stream at the same frame rate, and doubling the frame rate doubles the decode workload. This is why hardware acceleration becomes critical when working with multiple high-resolution cameras.
+
+**Hardware Acceleration Benefits:** By using dedicated video decode hardware, you can:
+
+- Significantly reduce CPU usage per camera stream
+- Support 2-3x more cameras on the same hardware
+- Free up CPU resources for motion detection and other Frigate processes
+- Reduce system heat and power consumption
+
+### Configuration
+
+Frigate provides preset configurations for common hardware acceleration scenarios. Set up `hwaccel_args` based on your hardware in your [configuration](../configuration/reference) as described in the [getting started guide](../guides/getting_started).
+
+### Troubleshooting Hardware Acceleration
+
+If hardware acceleration isn't working:
+
+1. Check Frigate logs for FFmpeg errors related to hwaccel
+2. Verify the hardware device is accessible inside the container
+3. Ensure your camera streams use H.264 or H.265 codecs (most common)
+4. Try different presets if the automatic detection fails
+5. Check that your GPU drivers are properly installed on the host system
+
+## 2. Detector Selection and Configuration
+
+**Priority: Critical**
+
+Choosing the right detector for your hardware is the single most important factor for detection performance. The detector is responsible for running the AI model that identifies objects in video frames. Different detector types have vastly different performance characteristics and hardware requirements, as detailed in the [hardware documentation](../frigate/hardware).
+
+### Understanding Detector Performance
+
+Frigate uses motion detection as a first-line check before running expensive object detection, as explained in the [motion detection documentation](../configuration/motion_detection). When motion is detected, Frigate creates a "region" (the green boxes in the debug viewer) and sends it to the detector. The detector's inference speed determines how many detections per second your system can handle.
+
+**Calculating Detector Capacity:** Your detector has a finite capacity measured in detections per second. With an inference speed of 10ms, your detector can handle approximately 100 detections per second (1000ms / 10ms = 100).If your cameras collectively require more than this capacity, you'll experience delays, missed detections, or the system will fall behind.
+
+### Choosing the Right Detector
+
+Different detectors have vastly different performance characteristics, see the expected performance for object detectors in [the hardware docs](../frigate/hardware)
+
+### Multiple Detector Instances
+
+When a single detector cannot keep up with your camera count, some detector types (`openvino`, `onnx`) allow you to define multiple detector instances to share the workload. This is particularly useful with GPU-based detectors that have sufficient VRAM to run multiple inference processes.
+
+For detailed instructions on configuring multiple detectors, see the [Object Detectors documentation](../configuration/object_detectors).
+
+
+**When to add a second detector:**
+
+- Skipped FPS is consistently > 0 even during normal activity
+
+### Model Selection and Optimization
+
+The model you use significantly impacts detector performance. Frigate provides default models optimized for each detector type, but you can customize them as described in the [detector documentation](../configuration/object_detectors).
+
+**Model Size Trade-offs:**
+
+- Smaller models (320x320): Faster inference, Frigate is specifically optimized for a 320x320 size model.
+- Larger models (640x640): Slower inference, can sometimes have higher accuracy on very large objects that take up a majority of the frame.
--- a/docs/docs/troubleshooting/dummy-camera.md
+++ b/docs/docs/troubleshooting/dummy-camera.md
@@ -0,0 +1,60 @@
+---
+id: dummy-camera
+title: Analyzing Object Detection
+---
+
+When investigating object detection or tracking problems, it can be helpful to replay an exported video as a temporary "dummy" camera. This lets you reproduce issues locally, iterate on configuration (detections, zones, enrichment settings), and capture logs and clips for analysis.
+
+## When to use
+
+- Replaying an exported clip to reproduce incorrect detections
+- Testing configuration changes (model settings, trackers, filters) against a known clip
+- Gathering deterministic logs and recordings for debugging or issue reports
+
+## Example Config
+
+Place the clip you want to replay in a location accessible to Frigate (for example `/media/frigate/` or the repository `debug/` folder when developing). Then add a temporary camera to your `config/config.yml` like this:
+
+```yaml
+cameras:
+  test:
+    ffmpeg:
+      inputs:
+        - path: /media/frigate/car-stopping.mp4
+          input_args: -re -stream_loop -1 -fflags +genpts
+          roles:
+            - detect
+    detect:
+      enabled: true
+    record:
+      enabled: false
+    snapshots:
+      enabled: false
+```
+
+- `-re -stream_loop -1` tells `ffmpeg` to play the file in realtime and loop indefinitely, which is useful for long debugging sessions.
+- `-fflags +genpts` helps generate presentation timestamps when they are missing in the file.
+
+## Steps
+
+1. Export or copy the clip you want to replay to the Frigate host (e.g., `/media/frigate/` or `debug/clips/`).
+2. Add the temporary camera to `config/config.yml` (example above). Use a unique name such as `test` or `replay_camera` so it's easy to remove later.
+   - If you're debugging a specific camera, copy the settings from that camera (frame rate, model/enrichment settings, zones, etc.) into the temporary camera so the replay closely matches the original environment. Leave `record` and `snapshots` disabled unless you are specifically debugging recording or snapshot behavior.
+3. Restart Frigate.
+4. Observe the Debug view in the UI and logs as the clip is replayed. Watch detections, zones, or any feature you're looking to debug, and note any errors in the logs to reproduce the issue.
+5. Iterate on camera or enrichment settings (model, fps, zones, filters) and re-check the replay until the behavior is resolved.
+6. Remove the temporary camera from your config after debugging to avoid spurious telemetry or recordings.
+
+## Variables to consider in object tracking
+
+- The exported video will not always line up exactly with how it originally ran through Frigate (or even with the last loop). Different frames may be used on replay, which can change detections and tracking.
+- Motion detection depends on the frames used; small frame shifts can change motion regions and therefore what gets passed to the detector.
+- Object detection is not deterministic: models and post-processing can yield different results across runs, so you may not get identical detections or track IDs every time.
+
+When debugging, treat the replay as a close approximation rather than a byte-for-byte replay. Capture multiple runs, enable recording if helpful, and examine logs and saved event clips to understand variability.
+
+## Troubleshooting
+
+- No video: verify the path is correct and accessible from the Frigate process/container.
+- FFmpeg errors: check the log output for ffmpeg-specific flags and adjust `input_args` accordingly for your file/container. You may also need to disable hardware acceleration (`hwaccel_args: ""`) for the dummy camera.
+- No detections: confirm the camera `roles` include `detect`, and model/detector configuration is enabled.
--- a/docs/docs/troubleshooting/edgetpu.md
+++ b/docs/docs/troubleshooting/edgetpu.md
@@ -1,6 +1,6 @@
 ---
 id: edgetpu
-title: Troubleshooting EdgeTPU
+title: EdgeTPU Errors
 ---

 ## USB Coral Not Detected
@@ -68,8 +68,7 @@ The USB Coral can become stuck and need to be restarted, this can happen for a n

 The most common reason for the PCIe Coral not being detected is that the driver has not been installed. This process varies based on what OS and kernel that is being run.

- In most cases [the Coral docs](https://coral.ai/docs/m2/get-started/#2-install-the-pcie-driver-and-edge-tpu-runtime) show how to install the driver for the PCIe based Coral.
- For some newer Linux distros (for example, Ubuntu 22.04+), https://github.com/jnicolson/gasket-builder can be used to build and install the latest version of the driver.
+- In most cases https://github.com/jnicolson/gasket-builder can be used to build and install the latest version of the driver.

 ## Attempting to load TPU as pci & Fatal Python error: Illegal instruction

--- a/docs/docs/troubleshooting/gpu.md
+++ b/docs/docs/troubleshooting/gpu.md
@@ -1,6 +1,6 @@
 ---
 id: gpu
-title: Troubleshooting GPU
+title: GPU Errors
 ---

 ## OpenVINO
--- a/docs/docs/troubleshooting/memory.md
+++ b/docs/docs/troubleshooting/memory.md
@@ -0,0 +1,134 @@
+---
+id: memory
+title: Memory Usage
+---
+
+Frigate includes built-in memory profiling using [memray](https://bloomberg.github.io/memray/) to help diagnose memory issues. This feature allows you to profile specific Frigate modules to identify memory leaks, excessive allocations, or other memory-related problems.
+
+## Enabling Memory Profiling
+
+Memory profiling is controlled via the `FRIGATE_MEMRAY_MODULES` environment variable. Set it to a comma-separated list of module names you want to profile:
+
+```yaml
+# docker-compose example
+services:
+  frigate:
+    ...
+    environment:
+      - FRIGATE_MEMRAY_MODULES=frigate.embeddings,frigate.capture
+```
+
+```bash
+# docker run example
+docker run -e FRIGATE_MEMRAY_MODULES="frigate.embeddings" \
+   ...
+   --name frigate <frigate_image>
+```
+
+### Module Names
+
+Frigate processes are named using a module-based naming scheme. Common module names include:
+
+- `frigate.review_segment_manager` - Review segment processing
+- `frigate.recording_manager` - Recording management
+- `frigate.capture` - Camera capture processes (all cameras with this module name)
+- `frigate.process` - Camera processing/tracking (all cameras with this module name)
+- `frigate.output` - Output processing
+- `frigate.audio_manager` - Audio processing
+- `frigate.embeddings` - Embeddings processing
+
+You can also specify the full process name (including camera-specific identifiers) if you want to profile a specific camera:
+
+```bash
+FRIGATE_MEMRAY_MODULES=frigate.capture:front_door
+```
+
+When you specify a module name (e.g., `frigate.capture`), all processes with that module prefix will be profiled. For example, `frigate.capture` will profile all camera capture processes.
+
+## How It Works
+
+1. **Binary File Creation**: When profiling is enabled, memray creates a binary file (`.bin`) in `/config/memray_reports/` that is updated continuously in real-time as the process runs.
+
+2. **Automatic HTML Generation**: On normal process exit, Frigate automatically:
+
+   - Stops memray tracking
+   - Generates an HTML flamegraph report
+   - Saves it to `/config/memray_reports/<module_name>.html`
+
+3. **Crash Recovery**: If a process crashes (SIGKILL, segfault, etc.), the binary file is preserved with all data up to the crash point. You can manually generate the HTML report from the binary file.
+
+## Viewing Reports
+
+### Automatic Reports
+
+After a process exits normally, you'll find HTML reports in `/config/memray_reports/`. Open these files in a web browser to view interactive flamegraphs showing memory usage patterns.
+
+### Manual Report Generation
+
+If a process crashes or you want to generate a report from an existing binary file, you can manually create the HTML report:
+
+- Run `memray` inside the Frigate container:
+
+```bash
+docker-compose exec frigate memray flamegraph /config/memray_reports/<module_name>.bin
+# or
+docker exec -it <container_name_or_id> memray flamegraph /config/memray_reports/<module_name>.bin
+```
+
+- You can also copy the `.bin` file to the host and run `memray` locally if you have it installed:
+
+```bash
+docker cp <container_name_or_id>:/config/memray_reports/<module_name>.bin /tmp/
+memray flamegraph /tmp/<module_name>.bin
+```
+
+## Understanding the Reports
+
+Memray flamegraphs show:
+
+- **Memory allocations over time**: See where memory is being allocated in your code
+- **Call stacks**: Understand the full call chain leading to allocations
+- **Memory hotspots**: Identify functions or code paths that allocate the most memory
+- **Memory leaks**: Spot patterns where memory is allocated but not freed
+
+The interactive HTML reports allow you to:
+
+- Zoom into specific time ranges
+- Filter by function names
+- View detailed allocation information
+- Export data for further analysis
+
+## Best Practices
+
+1. **Profile During Issues**: Enable profiling when you're experiencing memory issues, not all the time, as it adds some overhead.
+
+2. **Profile Specific Modules**: Instead of profiling everything, focus on the modules you suspect are causing issues.
+
+3. **Let Processes Run**: Allow processes to run for a meaningful duration to capture representative memory usage patterns.
+
+4. **Check Binary Files**: If HTML reports aren't generated automatically (e.g., after a crash), check for `.bin` files in `/config/memray_reports/` and generate reports manually.
+
+5. **Compare Reports**: Generate reports at different times to compare memory usage patterns and identify trends.
+
+## Troubleshooting
+
+### No Reports Generated
+
+- Check that the environment variable is set correctly
+- Verify the module name matches exactly (case-sensitive)
+- Check logs for memray-related errors
+- Ensure `/config/memray_reports/` directory exists and is writable
+
+### Process Crashed Before Report Generation
+
+- Look for `.bin` files in `/config/memray_reports/`
+- Manually generate HTML reports using: `memray flamegraph <file>.bin`
+- The binary file contains all data up to the crash point
+
+### Reports Show No Data
+
+- Ensure the process ran long enough to generate meaningful data
+- Check that memray is properly installed (included by default in Frigate)
+- Verify the process actually started and ran (check process logs)
+
+For more information about memray and interpreting reports, see the [official memray documentation](https://bloomberg.github.io/memray/).
--- a/docs/docs/troubleshooting/recordings.md
+++ b/docs/docs/troubleshooting/recordings.md
@@ -1,6 +1,6 @@
 ---
 id: recordings
-title: Troubleshooting Recordings
+title: Recordings Errors
 ---

 ## I have Frigate configured for motion recording only, but it still seems to be recording even with no motion. Why?
--- a/docs/docusaurus.config.ts
+++ b/docs/docusaurus.config.ts
@@ -170,7 +170,7 @@ const config: Config = {
          ],
        },
      ],
-      copyright: `Copyright © ${new Date().getFullYear()} Frigate LLC`,
+      copyright: `Copyright © ${new Date().getFullYear()} Frigate, Inc.`,
    },
  },
  plugins: [
--- a/docs/package-lock.json
+++ b/docs/package-lock.json
--- a/docs/package.json
+++ b/docs/package.json
@@ -18,14 +18,14 @@
  },
  "dependencies": {
    "@docusaurus/core": "^3.7.0",
-    "@docusaurus/plugin-content-docs": "^3.6.3",
+    "@docusaurus/plugin-content-docs": "^3.7.0",
    "@docusaurus/preset-classic": "^3.7.0",
-    "@docusaurus/theme-mermaid": "^3.6.3",
+    "@docusaurus/theme-mermaid": "^3.7.0",
    "@inkeep/docusaurus": "^2.0.16",
    "@mdx-js/react": "^3.1.0",
    "clsx": "^2.1.1",
-    "docusaurus-plugin-openapi-docs": "^4.3.1",
-    "docusaurus-theme-openapi-docs": "^4.3.1",
+    "docusaurus-plugin-openapi-docs": "^4.5.1",
+    "docusaurus-theme-openapi-docs": "^4.5.1",
    "prism-react-renderer": "^2.4.1",
    "raw-loader": "^4.0.2",
    "react": "^18.3.1",
@@ -44,9 +44,9 @@
    ]
  },
  "devDependencies": {
-    "@docusaurus/module-type-aliases": "^3.4.0",
-    "@docusaurus/types": "^3.4.0",
-    "@types/react": "^18.3.7"
+    "@docusaurus/module-type-aliases": "^3.7.0",
+    "@docusaurus/types": "^3.7.0",
+    "@types/react": "^18.3.27"
  },
  "engines": {
    "node": ">=18.0"
--- a/docs/sidebars.ts
+++ b/docs/sidebars.ts
@@ -129,8 +129,27 @@ const sidebars: SidebarsConfig = {
    Troubleshooting: [
      "troubleshooting/faqs",
      "troubleshooting/recordings",
-      "troubleshooting/gpu",
-      "troubleshooting/edgetpu",
+      "troubleshooting/dummy-camera",
+      {
+        type: "category",
+        label: "Troubleshooting Hardware",
+        link: {
+          type: "generated-index",
+          title: "Troubleshooting Hardware",
+          description: "Troubleshooting Problems with Hardware",
+        },
+        items: ["troubleshooting/gpu", "troubleshooting/edgetpu"],
+      },
+      {
+        type: "category",
+        label: "Troubleshooting Resource Usage",
+        link: {
+          type: "generated-index",
+          title: "Troubleshooting Resource Usage",
+          description: "Troubleshooting issues with resource usage",
+        },
+        items: ["troubleshooting/cpu", "troubleshooting/memory"],
+      },
    ],
    Development: [
      "development/contributing",
--- a/docs/src/components/LanguageAlert/styles.module.css
+++ b/docs/src/components/LanguageAlert/styles.module.css
@@ -1,13 +1,18 @@
 .alert {
-    padding: 12px;
-    background: #fff8e6;
-    border-bottom: 1px solid #ffd166;
-    text-align: center;
-    font-size: 15px;
-  }
-  
-  .alert a {
-    color: #1890ff;
-    font-weight: 500;
-    margin-left: 6px;
-  }
+  padding: 12px;
+  background: #fff8e6;
+  border-bottom: 1px solid #ffd166;
+  text-align: center;
+  font-size: 15px;
+}
+
+[data-theme="dark"] .alert {
+  background: #3b2f0b;
+  border-bottom: 1px solid #665c22;
+}
+
+.alert a {
+  color: #1890ff;
+  font-weight: 500;
+  margin-left: 6px;
+}
--- a/docs/static/frigate-api.yaml
+++ b/docs/static/frigate-api.yaml
--- a/docs/static/img/branding/LICENSE.md
+++ b/docs/static/img/branding/LICENSE.md
@@ -1,12 +1,12 @@
 # COPYRIGHT AND TRADEMARK NOTICE

 The images, logos, and icons contained in this directory (the "Brand Assets") are
-proprietary to Frigate LLC and are NOT covered by the MIT License governing the
+proprietary to Frigate, Inc. and are NOT covered by the MIT License governing the
 rest of this repository.

 1. TRADEMARK STATUS
   The "Frigate" name and the accompanying logo are common law trademarks™ of
-   Frigate LLC. Frigate LLC reserves all rights to these marks.
+   Frigate, Inc. Frigate, Inc. reserves all rights to these marks.

 2. LIMITED PERMISSION FOR USE
   Permission is hereby granted to display these Brand Assets strictly for the
@@ -17,9 +17,9 @@ rest of this repository.
 3. RESTRICTIONS
   You may NOT:
   a. Use these Brand Assets to represent a derivative work (fork) as an official
-   product of Frigate LLC.
+   product of Frigate, Inc.
   b. Use these Brand Assets in a way that implies endorsement, sponsorship, or
-   commercial affiliation with Frigate LLC.
+   commercial affiliation with Frigate, Inc.
   c. Modify or alter the Brand Assets.

 If you fork this repository with the intent to distribute a modified or competing
@@ -27,4 +27,4 @@ version of the software, you must replace these Brand Assets with your own
 original content.

 ALL RIGHTS RESERVED.
-Copyright (c) 2025 Frigate LLC.
+Copyright (c) 2026 Frigate, Inc.
--- a/frigate/api/app.py
+++ b/frigate/api/app.py
@@ -23,7 +23,7 @@ from markupsafe import escape
 from peewee import SQL, fn, operator
 from pydantic import ValidationError

-from frigate.api.auth import require_role
+from frigate.api.auth import allow_any_authenticated, allow_public, require_role
 from frigate.api.defs.query.app_query_parameters import AppTimelineHourlyQueryParameters
 from frigate.api.defs.request.app_body import AppConfigSetBody
 from frigate.api.defs.tags import Tags
@@ -56,29 +56,33 @@ logger = logging.getLogger(__name__)
 router = APIRouter(tags=[Tags.app])


-@router.get("/", response_class=PlainTextResponse)
+@router.get(
+    "/", response_class=PlainTextResponse, dependencies=[Depends(allow_public())]
+)
 def is_healthy():
    return "Frigate is running. Alive and healthy!"


-@router.get("/config/schema.json")
+@router.get("/config/schema.json", dependencies=[Depends(allow_public())])
 def config_schema(request: Request):
    return Response(
        content=request.app.frigate_config.schema_json(), media_type="application/json"
    )


-@router.get("/version", response_class=PlainTextResponse)
+@router.get(
+    "/version", response_class=PlainTextResponse, dependencies=[Depends(allow_public())]
+)
 def version():
    return VERSION


-@router.get("/stats")
+@router.get("/stats", dependencies=[Depends(allow_any_authenticated())])
 def stats(request: Request):
    return JSONResponse(content=request.app.stats_emitter.get_latest_stats())


-@router.get("/stats/history")
+@router.get("/stats/history", dependencies=[Depends(allow_any_authenticated())])
 def stats_history(request: Request, keys: str = None):
    if keys:
        keys = keys.split(",")
@@ -86,7 +90,7 @@ def stats_history(request: Request, keys: str = None):
    return JSONResponse(content=request.app.stats_emitter.get_stats_history(keys))


-@router.get("/metrics")
+@router.get("/metrics", dependencies=[Depends(allow_any_authenticated())])
 def metrics(request: Request):
    """Expose Prometheus metrics endpoint and update metrics with latest stats"""
    # Retrieve the latest statistics and update the Prometheus metrics
@@ -103,7 +107,7 @@ def metrics(request: Request):
    return Response(content=content, media_type=content_type)


-@router.get("/config")
+@router.get("/config", dependencies=[Depends(allow_any_authenticated())])
 def config(request: Request):
    config_obj: FrigateConfig = request.app.frigate_config
    config: dict[str, dict[str, Any]] = config_obj.model_dump(
@@ -209,7 +213,7 @@ def config_raw_paths(request: Request):
    return JSONResponse(content=raw_paths)


-@router.get("/config/raw")
+@router.get("/config/raw", dependencies=[Depends(allow_any_authenticated())])
 def config_raw():
    config_file = find_config_file()

@@ -452,7 +456,7 @@ def config_set(request: Request, body: AppConfigSetBody):
    )


-@router.get("/vainfo")
+@router.get("/vainfo", dependencies=[Depends(allow_any_authenticated())])
 def vainfo():
    vainfo = vainfo_hwaccel()
    return JSONResponse(
@@ -472,12 +476,16 @@ def vainfo():
    )


-@router.get("/nvinfo")
+@router.get("/nvinfo", dependencies=[Depends(allow_any_authenticated())])
 def nvinfo():
    return JSONResponse(content=get_nvidia_driver_info())


-@router.get("/logs/{service}", tags=[Tags.logs])
+@router.get(
+    "/logs/{service}",
+    tags=[Tags.logs],
+    dependencies=[Depends(allow_any_authenticated())],
+)
 async def logs(
    service: str = Path(enum=["frigate", "nginx", "go2rtc"]),
    download: Optional[str] = None,
@@ -585,7 +593,7 @@ def restart():
    )


-@router.get("/labels")
+@router.get("/labels", dependencies=[Depends(allow_any_authenticated())])
 def get_labels(camera: str = ""):
    try:
        if camera:
@@ -603,7 +611,7 @@ def get_labels(camera: str = ""):
    return JSONResponse(content=labels)


-@router.get("/sub_labels")
+@router.get("/sub_labels", dependencies=[Depends(allow_any_authenticated())])
 def get_sub_labels(split_joined: Optional[int] = None):
    try:
        events = Event.select(Event.sub_label).distinct()
@@ -634,7 +642,7 @@ def get_sub_labels(split_joined: Optional[int] = None):
    return JSONResponse(content=sub_labels)


-@router.get("/plus/models")
+@router.get("/plus/models", dependencies=[Depends(allow_any_authenticated())])
 def plusModels(request: Request, filterByCurrentModelDetector: bool = False):
    if not request.app.frigate_config.plus_api.is_active():
        return JSONResponse(
@@ -676,7 +684,9 @@ def plusModels(request: Request, filterByCurrentModelDetector: bool = False):
    return JSONResponse(content=validModels)


-@router.get("/recognized_license_plates")
+@router.get(
+    "/recognized_license_plates", dependencies=[Depends(allow_any_authenticated())]
+)
 def get_recognized_license_plates(split_joined: Optional[int] = None):
    try:
        query = (
@@ -710,7 +720,7 @@ def get_recognized_license_plates(split_joined: Optional[int] = None):
    return JSONResponse(content=recognized_license_plates)


-@router.get("/timeline")
+@router.get("/timeline", dependencies=[Depends(allow_any_authenticated())])
 def timeline(camera: str = "all", limit: int = 100, source_id: Optional[str] = None):
    clauses = []

@@ -747,7 +757,7 @@ def timeline(camera: str = "all", limit: int = 100, source_id: Optional[str] = N
    return JSONResponse(content=[t for t in timeline])


-@router.get("/timeline/hourly")
+@router.get("/timeline/hourly", dependencies=[Depends(allow_any_authenticated())])
 def hourly_timeline(params: AppTimelineHourlyQueryParameters = Depends()):
    """Get hourly summary for timeline."""
    cameras = params.cameras
--- a/frigate/api/auth.py
+++ b/frigate/api/auth.py
@@ -32,10 +32,164 @@ from frigate.models import User

 logger = logging.getLogger(__name__)

+
+def require_admin_by_default():
+    """
+    Global admin requirement dependency for all endpoints by default.
+
+    This is set as the default dependency on the FastAPI app to ensure all
+    endpoints require admin access unless explicitly overridden with
+    allow_public(), allow_any_authenticated(), or require_role().
+
+    Port 5000 (internal) always has admin role set by the /auth endpoint,
+    so this check passes automatically for internal requests.
+
+    Certain paths are exempted from the global admin check because they must
+    be accessible before authentication (login, auth) or they have their own
+    route-level authorization dependencies that handle access control.
+    """
+    # Paths that have route-level auth dependencies and should bypass global admin check
+    # These paths still have authorization - it's handled by their route-level dependencies
+    EXEMPT_PATHS = {
+        # Public auth endpoints (allow_public)
+        "/auth",
+        "/auth/first_time_login",
+        "/login",
+        "/logout",
+        # Authenticated user endpoints (allow_any_authenticated)
+        "/profile",
+        # Public info endpoints (allow_public)
+        "/",
+        "/version",
+        "/config/schema.json",
+        # Authenticated user endpoints (allow_any_authenticated)
+        "/metrics",
+        "/stats",
+        "/stats/history",
+        "/config",
+        "/config/raw",
+        "/vainfo",
+        "/nvinfo",
+        "/labels",
+        "/sub_labels",
+        "/plus/models",
+        "/recognized_license_plates",
+        "/timeline",
+        "/timeline/hourly",
+        "/recordings/storage",
+        "/recordings/summary",
+        "/recordings/unavailable",
+        "/go2rtc/streams",
+        "/event_ids",
+        "/events",
+        "/exports",
+    }
+
+    # Path prefixes that should be exempt (for paths with parameters)
+    EXEMPT_PREFIXES = (
+        "/logs/",  # /logs/{service}
+        "/review",  # /review, /review/{id}, /review/summary, /review_ids, etc.
+        "/reviews/",  # /reviews/viewed, /reviews/delete
+        "/events/",  # /events/{id}/thumbnail, /events/summary, etc. (camera-scoped)
+        "/export/",  # /export/{camera}/start/..., /export/{id}/rename, /export/{id}
+        "/go2rtc/streams/",  # /go2rtc/streams/{camera}
+        "/users/",  # /users/{username}/password (has own auth)
+        "/preview/",  # /preview/{file}/thumbnail.jpg
+        "/exports/",  # /exports/{export_id}
+        "/vod/",  # /vod/{camera_name}/...
+        "/notifications/",  # /notifications/pubkey, /notifications/register
+    )
+
+    async def admin_checker(request: Request):
+        path = request.url.path
+
+        # Check exact path matches
+        if path in EXEMPT_PATHS:
+            return
+
+        # Check prefix matches for parameterized paths
+        if path.startswith(EXEMPT_PREFIXES):
+            return
+
+        # Dynamic camera path exemption:
+        # Any path whose first segment matches a configured camera name should
+        # bypass the global admin requirement. These endpoints enforce access
+        # via route-level dependencies (e.g. require_camera_access) to ensure
+        # per-camera authorization. This allows non-admin authenticated users
+        # (e.g. viewer role) to access camera-specific resources without
+        # needing admin privileges.
+        try:
+            if path.startswith("/"):
+                first_segment = path.split("/", 2)[1]
+                if (
+                    first_segment
+                    and first_segment in request.app.frigate_config.cameras
+                ):
+                    return
+        except Exception:
+            pass
+
+        # For all other paths, require admin role
+        # Port 5000 (internal) requests have admin role set automatically
+        role = request.headers.get("remote-role")
+        if role == "admin":
+            return
+
+        raise HTTPException(
+            status_code=403,
+            detail="Access denied. A user with the admin role is required.",
+        )
+
+    return admin_checker
+
+
+def allow_public():
+    """
+    Override dependency to allow unauthenticated access to an endpoint.
+
+    Use this for endpoints that should be publicly accessible without
+    authentication, such as login page, health checks, or pre-auth info.
+
+    Example:
+        @router.get("/public-endpoint", dependencies=[Depends(allow_public())])
+    """
+
+    async def public_checker(request: Request):
+        return  # Always allow
+
+    return public_checker
+
+
+def allow_any_authenticated():
+    """
+    Override dependency to allow any request that passed through the /auth endpoint.
+
+    Allows:
+    - Port 5000 internal requests (remote-user: "anonymous", remote-role: "admin")
+    - Authenticated users with JWT tokens (remote-user: username)
+    - Unauthenticated requests when auth is disabled (remote-user: "viewer")
+
+    Rejects:
+    - Requests with no remote-user header (did not pass through /auth endpoint)
+
+    Example:
+        @router.get("/authenticated-endpoint", dependencies=[Depends(allow_any_authenticated())])
+    """
+
+    async def auth_checker(request: Request):
+        # Ensure a remote-user has been set by the /auth endpoint
+        username = request.headers.get("remote-user")
+        if username is None:
+            raise HTTPException(status_code=401, detail="Authentication required")
+        return
+
+    return auth_checker
+
+
 router = APIRouter(tags=[Tags.auth])


-@router.get("/auth/first_time_login")
+@router.get("/auth/first_time_login", dependencies=[Depends(allow_public())])
 def first_time_login(request: Request):
    """Return whether the admin first-time login help flag is set in config.

@@ -143,7 +297,10 @@ def get_jwt_secret() -> str:
            )
            jwt_secret = secrets.token_hex(64)
            try:
-                with open(jwt_secret_file, "w") as f:
+                fd = os.open(
+                    jwt_secret_file, os.O_WRONLY | os.O_CREAT | os.O_EXCL, 0o600
+                )
+                with os.fdopen(fd, "w") as f:
                    f.write(str(jwt_secret))
            except Exception:
                logger.warning(
@@ -188,9 +345,35 @@ def verify_password(password, password_hash):
    return secrets.compare_digest(password_hash, compare_hash)


+def validate_password_strength(password: str) -> tuple[bool, Optional[str]]:
+    """
+    Validate password strength.
+
+    Returns a tuple of (is_valid, error_message).
+    """
+    if not password:
+        return False, "Password cannot be empty"
+
+    if len(password) < 8:
+        return False, "Password must be at least 8 characters long"
+
+    if not any(c.isupper() for c in password):
+        return False, "Password must contain at least one uppercase letter"
+
+    if not any(c.isdigit() for c in password):
+        return False, "Password must contain at least one digit"
+
+    if not any(c in '!@#$%^&*(),.?":{}|<>' for c in password):
+        return False, "Password must contain at least one special character"
+
+    return True, None
+
+
 def create_encoded_jwt(user, role, expiration, secret):
    return jwt.encode(
-        {"alg": "HS256"}, {"sub": user, "role": role, "exp": expiration}, secret
+        {"alg": "HS256"},
+        {"sub": user, "role": role, "exp": expiration, "iat": int(time.time())},
+        secret,
    )


@@ -352,7 +535,37 @@ def resolve_role(


 # Endpoints
-@router.get("/auth")
+@router.get(
+    "/auth",
+    dependencies=[Depends(allow_public())],
+    summary="Authenticate request",
+    description=(
+        "Authenticates the current request based on proxy headers or JWT token. "
+        "This endpoint verifies authentication credentials and manages JWT token refresh. "
+        "On success, no JSON body is returned; authentication state is communicated via response headers and cookies."
+    ),
+    status_code=202,
+    responses={
+        202: {
+            "description": "Authentication Accepted (no response body)",
+            "headers": {
+                "remote-user": {
+                    "description": 'Authenticated username or "viewer" in proxy-only mode',
+                    "schema": {"type": "string"},
+                },
+                "remote-role": {
+                    "description": "Resolved role (e.g., admin, viewer, or custom)",
+                    "schema": {"type": "string"},
+                },
+                "Set-Cookie": {
+                    "description": "May include refreshed JWT cookie when applicable",
+                    "schema": {"type": "string"},
+                },
+            },
+        },
+        401: {"description": "Authentication Failed"},
+    },
+)
 def auth(request: Request):
    auth_config: AuthConfig = request.app.frigate_config.auth
    proxy_config: ProxyConfig = request.app.frigate_config.proxy
@@ -379,12 +592,12 @@ def auth(request: Request):
    # if auth is disabled, just apply the proxy header map and return success
    if not auth_config.enabled:
        # pass the user header value from the upstream proxy if a mapping is specified
-        # or use anonymous if none are specified
+        # or use viewer if none are specified
        user_header = proxy_config.header_map.user
        success_response.headers["remote-user"] = (
-            request.headers.get(user_header, default="anonymous")
+            request.headers.get(user_header, default="viewer")
            if user_header
-            else "anonymous"
+            else "viewer"
        )

        # parse header and resolve a valid role
@@ -451,13 +664,27 @@ def auth(request: Request):
            return fail_response

        # if the jwt cookie is expiring soon
-        elif jwt_source == "cookie" and expiration - JWT_REFRESH <= current_time:
+        if jwt_source == "cookie" and expiration - JWT_REFRESH <= current_time:
            logger.debug("jwt token expiring soon, refreshing cookie")
-            # ensure the user hasn't been deleted
+
+            # Check if password has been changed since token was issued
+            # If so, force re-login by rejecting the refresh
            try:
-                User.get_by_id(user)
+                user_obj = User.get_by_id(user)
+                if user_obj.password_changed_at is not None:
+                    token_iat = int(token.claims.get("iat", 0))
+                    password_changed_timestamp = int(
+                        user_obj.password_changed_at.timestamp()
+                    )
+                    if token_iat < password_changed_timestamp:
+                        logger.debug(
+                            "jwt token issued before password change, rejecting refresh"
+                        )
+                        return fail_response
            except DoesNotExist:
+                logger.debug("user not found")
                return fail_response
+
            new_expiration = current_time + JWT_SESSION_LENGTH
            new_encoded_jwt = create_encoded_jwt(
                user, role, new_expiration, request.app.jwt_token
@@ -478,9 +705,14 @@ def auth(request: Request):
        return fail_response


-@router.get("/profile")
+@router.get(
+    "/profile",
+    dependencies=[Depends(allow_any_authenticated())],
+    summary="Get user profile",
+    description="Returns the current authenticated user's profile including username, role, and allowed cameras. This endpoint requires authentication and returns information about the user's permissions.",
+)
 def profile(request: Request):
-    username = request.headers.get("remote-user", "anonymous")
+    username = request.headers.get("remote-user", "viewer")
    role = request.headers.get("remote-role", "viewer")

    all_camera_names = set(request.app.frigate_config.cameras.keys())
@@ -492,7 +724,12 @@ def profile(request: Request):
    )


-@router.get("/logout")
+@router.get(
+    "/logout",
+    dependencies=[Depends(allow_public())],
+    summary="Logout user",
+    description="Logs out the current user by clearing the session cookie. After logout, subsequent requests will require re-authentication.",
+)
 def logout(request: Request):
    auth_config: AuthConfig = request.app.frigate_config.auth
    response = RedirectResponse("/login", status_code=303)
@@ -503,7 +740,12 @@ def logout(request: Request):
 limiter = Limiter(key_func=get_remote_addr)


-@router.post("/login")
+@router.post(
+    "/login",
+    dependencies=[Depends(allow_public())],
+    summary="Login with credentials",
+    description='Authenticates a user with username and password. Returns a JWT token as a secure HTTP-only cookie that can be used for subsequent API requests. The JWT token can also be retrieved from the response and used as a Bearer token in the Authorization header.\n\nExample using Bearer token:\n```\ncurl -H "Authorization: Bearer <token_value>" https://frigate_ip:8971/api/profile\n```',
+)
@limiter.limit(limit_value=rateLimiter.get_limit)
 def login(request: Request, body: AppPostLoginBody):
    JWT_COOKIE_NAME = request.app.frigate_config.auth.cookie_name
@@ -541,7 +783,12 @@ def login(request: Request, body: AppPostLoginBody):
    return JSONResponse(content={"message": "Login failed"}, status_code=401)


-@router.get("/users", dependencies=[Depends(require_role(["admin"]))])
+@router.get(
+    "/users",
+    dependencies=[Depends(require_role(["admin"]))],
+    summary="Get all users",
+    description="Returns a list of all users with their usernames and roles. Requires admin role. Each user object contains the username and assigned role.",
+)
 def get_users():
    exports = (
        User.select(User.username, User.role).order_by(User.username).dicts().iterator()
@@ -549,7 +796,12 @@ def get_users():
    return JSONResponse([e for e in exports])


-@router.post("/users", dependencies=[Depends(require_role(["admin"]))])
+@router.post(
+    "/users",
+    dependencies=[Depends(require_role(["admin"]))],
+    summary="Create new user",
+    description='Creates a new user with the specified username, password, and role. Requires admin role. Password must meet strength requirements: minimum 8 characters, at least one uppercase letter, at least one digit, and at least one special character (!@#$%^&*(),.?":{} |<>).',
+)
 def create_user(
    request: Request,
    body: AppPostUsersBody,
@@ -578,13 +830,29 @@ def create_user(
    return JSONResponse(content={"username": body.username})


-@router.delete("/users/{username}")
-def delete_user(username: str):
+@router.delete(
+    "/users/{username}",
+    dependencies=[Depends(require_role(["admin"]))],
+    summary="Delete user",
+    description="Deletes a user by username. The built-in admin user cannot be deleted. Requires admin role. Returns success message or error if user not found.",
+)
+def delete_user(request: Request, username: str):
+    # Prevent deletion of the built-in admin user
+    if username == "admin":
+        return JSONResponse(
+            content={"message": "Cannot delete admin user"}, status_code=403
+        )
+
    User.delete_by_id(username)
    return JSONResponse(content={"success": True})


-@router.put("/users/{username}/password")
+@router.put(
+    "/users/{username}/password",
+    dependencies=[Depends(allow_any_authenticated())],
+    summary="Update user password",
+    description="Updates a user's password. Users can only change their own password unless they have admin role. Requires the current password to verify identity for non-admin users. Password must meet strength requirements: minimum 8 characters, at least one uppercase letter, at least one digit, and at least one special character (!@#$%^&*(),.?\":{} |<>). If user changes their own password, a new JWT cookie is automatically issued.",
+)
 async def update_password(
    request: Request,
    username: str,
@@ -606,15 +874,66 @@ async def update_password(

    HASH_ITERATIONS = request.app.frigate_config.auth.hash_iterations

-    password_hash = hash_password(body.password, iterations=HASH_ITERATIONS)
-    User.set_by_id(username, {User.password_hash: password_hash})
+    try:
+        user = User.get_by_id(username)
+    except DoesNotExist:
+        return JSONResponse(content={"message": "User not found"}, status_code=404)

-    return JSONResponse(content={"success": True})
+    # Require old_password when non-admin user is changing any password
+    # Admin users changing passwords do NOT need to provide the current password
+    if current_role != "admin":
+        if not body.old_password:
+            return JSONResponse(
+                content={"message": "Current password is required"},
+                status_code=400,
+            )
+        if not verify_password(body.old_password, user.password_hash):
+            return JSONResponse(
+                content={"message": "Current password is incorrect"},
+                status_code=401,
+            )
+
+    # Validate new password strength
+    is_valid, error_message = validate_password_strength(body.password)
+    if not is_valid:
+        return JSONResponse(
+            content={"message": error_message},
+            status_code=400,
+        )
+
+    password_hash = hash_password(body.password, iterations=HASH_ITERATIONS)
+    User.update(
+        {
+            User.password_hash: password_hash,
+            User.password_changed_at: datetime.now(),
+        }
+    ).where(User.username == username).execute()
+
+    response = JSONResponse(content={"success": True})
+
+    # If user changed their own password, issue a new JWT to keep them logged in
+    if current_username == username:
+        JWT_COOKIE_NAME = request.app.frigate_config.auth.cookie_name
+        JWT_COOKIE_SECURE = request.app.frigate_config.auth.cookie_secure
+        JWT_SESSION_LENGTH = request.app.frigate_config.auth.session_length
+
+        expiration = int(time.time()) + JWT_SESSION_LENGTH
+        encoded_jwt = create_encoded_jwt(
+            username, current_role, expiration, request.app.jwt_token
+        )
+        # Set new JWT cookie on response
+        set_jwt_cookie(
+            response, JWT_COOKIE_NAME, encoded_jwt, expiration, JWT_COOKIE_SECURE
+        )
+
+    return response


@router.put(
    "/users/{username}/role",
    dependencies=[Depends(require_role(["admin"]))],
+    summary="Update user role",
+    description="Updates a user's role. The built-in admin user's role cannot be modified. Requires admin role. Valid roles are defined in the configuration.",
 )
 async def update_role(
    request: Request,
--- a/frigate/api/camera.py
+++ b/frigate/api/camera.py
@@ -15,7 +15,11 @@ from onvif import ONVIFCamera, ONVIFError
 from zeep.exceptions import Fault, TransportError
 from zeep.transports import AsyncTransport

-from frigate.api.auth import require_role
+from frigate.api.auth import (
+    allow_any_authenticated,
+    require_camera_access,
+    require_role,
+)
 from frigate.api.defs.tags import Tags
 from frigate.config.config import FrigateConfig
 from frigate.util.builtin import clean_camera_user_pass
@@ -50,7 +54,7 @@ def _is_valid_host(host: str) -> bool:
        return False


-@router.get("/go2rtc/streams")
+@router.get("/go2rtc/streams", dependencies=[Depends(allow_any_authenticated())])
 def go2rtc_streams():
    r = requests.get("http://127.0.0.1:1984/api/streams")
    if not r.ok:
@@ -66,7 +70,9 @@ def go2rtc_streams():
    return JSONResponse(content=stream_data)


-@router.get("/go2rtc/streams/{camera_name}")
+@router.get(
+    "/go2rtc/streams/{camera_name}", dependencies=[Depends(require_camera_access)]
+)
 def go2rtc_camera_stream(request: Request, camera_name: str):
    r = requests.get(
        f"http://127.0.0.1:1984/api/streams?src={camera_name}&video=all&audio=all&microphone"
@@ -161,7 +167,7 @@ def go2rtc_delete_stream(stream_name: str):
        )


-@router.get("/ffprobe")
+@router.get("/ffprobe", dependencies=[Depends(require_role(["admin"]))])
 def ffprobe(request: Request, paths: str = "", detailed: bool = False):
    path_param = paths

--- a/frigate/api/classification.py
+++ b/frigate/api/classification.py
@@ -31,6 +31,7 @@ from frigate.api.defs.response.generic_response import GenericResponse
 from frigate.api.defs.tags import Tags
 from frigate.config import FrigateConfig
 from frigate.config.camera import DetectConfig
+from frigate.config.classification import ObjectClassificationType
 from frigate.const import CLIPS_DIR, FACE_DIR, MODEL_CACHE_DIR
 from frigate.embeddings import EmbeddingsContext
 from frigate.models import Event
@@ -39,6 +40,7 @@ from frigate.util.classification import (
    collect_state_classification_examples,
    get_dataset_image_count,
    read_training_metadata,
+    write_training_metadata,
 )
 from frigate.util.file import get_event_snapshot

@@ -622,6 +624,59 @@ def get_classification_dataset(name: str):
    )


+@router.get(
+    "/classification/attributes",
+    summary="Get custom classification attributes",
+    description="""Returns custom classification attributes for a given object type.
+    Only includes models with classification_type set to 'attribute'.
+    By default returns a flat sorted list of all attribute labels.
+    If group_by_model is true, returns attributes grouped by model name.""",
+)
+def get_custom_attributes(
+    request: Request, object_type: str = None, group_by_model: bool = False
+):
+    models_with_attributes = {}
+
+    for (
+        model_key,
+        model_config,
+    ) in request.app.frigate_config.classification.custom.items():
+        if (
+            not model_config.enabled
+            or not model_config.object_config
+            or model_config.object_config.classification_type
+            != ObjectClassificationType.attribute
+        ):
+            continue
+
+        model_objects = getattr(model_config.object_config, "objects", []) or []
+        if object_type is not None and object_type not in model_objects:
+            continue
+
+        dataset_dir = os.path.join(CLIPS_DIR, sanitize_filename(model_key), "dataset")
+        if not os.path.exists(dataset_dir):
+            continue
+
+        attributes = []
+        for category_name in os.listdir(dataset_dir):
+            category_dir = os.path.join(dataset_dir, category_name)
+            if os.path.isdir(category_dir) and category_name != "none":
+                attributes.append(category_name)
+
+        if attributes:
+            model_name = model_config.name or model_key
+            models_with_attributes[model_name] = sorted(attributes)
+
+    if group_by_model:
+        return JSONResponse(content=models_with_attributes)
+    else:
+        # Flatten to a unique sorted list
+        all_attributes = set()
+        for attributes in models_with_attributes.values():
+            all_attributes.update(attributes)
+        return JSONResponse(content=sorted(list(all_attributes)))
+
+
@router.get(
    "/classification/{name}/train",
    summary="Get classification train images",
@@ -710,7 +765,7 @@ def delete_classification_dataset_images(
        if os.path.isfile(file_path):
            os.unlink(file_path)

-    if os.path.exists(folder) and not os.listdir(folder):
+    if os.path.exists(folder) and not os.listdir(folder) and category.lower() != "none":
        os.rmdir(folder)

    return JSONResponse(
@@ -788,6 +843,12 @@ def rename_classification_category(

    try:
        os.rename(old_folder, new_folder)
+
+        # Mark dataset as ready to train by resetting training metadata
+        # This ensures the dataset is marked as changed after renaming
+        sanitized_name = sanitize_filename(name)
+        write_training_metadata(sanitized_name, 0)
+
        return JSONResponse(
            content=(
                {
@@ -870,6 +931,46 @@ def categorize_classification_image(request: Request, name: str, body: dict = No
    )


+@router.post(
+    "/classification/{name}/dataset/{category}/create",
+    response_model=GenericResponse,
+    dependencies=[Depends(require_role(["admin"]))],
+    summary="Create an empty classification category folder",
+    description="""Creates an empty folder for a classification category.
+    This is used to create folders for categories that don't have images yet.
+    Returns a success message or an error if the name is invalid.""",
+)
+def create_classification_category(request: Request, name: str, category: str):
+    config: FrigateConfig = request.app.frigate_config
+
+    if name not in config.classification.custom:
+        return JSONResponse(
+            content=(
+                {
+                    "success": False,
+                    "message": f"{name} is not a known classification model.",
+                }
+            ),
+            status_code=404,
+        )
+
+    category_folder = os.path.join(
+        CLIPS_DIR, sanitize_filename(name), "dataset", sanitize_filename(category)
+    )
+
+    os.makedirs(category_folder, exist_ok=True)
+
+    return JSONResponse(
+        content=(
+            {
+                "success": True,
+                "message": f"Successfully created category folder: {category}",
+            }
+        ),
+        status_code=200,
+    )
+
+
@router.post(
    "/classification/{name}/train/delete",
    response_model=GenericResponse,
--- a/frigate/api/defs/query/events_query_parameters.py
+++ b/frigate/api/defs/query/events_query_parameters.py
@@ -12,6 +12,7 @@ class EventsQueryParams(BaseModel):
    labels: Optional[str] = "all"
    sub_label: Optional[str] = "all"
    sub_labels: Optional[str] = "all"
+    attributes: Optional[str] = "all"
    zone: Optional[str] = "all"
    zones: Optional[str] = "all"
    limit: Optional[int] = 100
@@ -58,6 +59,8 @@ class EventsSearchQueryParams(BaseModel):
    limit: Optional[int] = 50
    cameras: Optional[str] = "all"
    labels: Optional[str] = "all"
+    sub_labels: Optional[str] = "all"
+    attributes: Optional[str] = "all"
    zones: Optional[str] = "all"
    after: Optional[float] = None
    before: Optional[float] = None
--- a/frigate/api/defs/request/app_body.py
+++ b/frigate/api/defs/request/app_body.py
@@ -11,6 +11,7 @@ class AppConfigSetBody(BaseModel):

 class AppPutPasswordBody(BaseModel):
    password: str
+    old_password: Optional[str] = None


 class AppPostUsersBody(BaseModel):
--- a/frigate/api/defs/request/events_body.py
+++ b/frigate/api/defs/request/events_body.py
@@ -24,12 +24,18 @@ class EventsLPRBody(BaseModel):
    )


+class EventsAttributesBody(BaseModel):
+    attributes: List[str] = Field(
+        title="Selected classification attributes for the event",
+        default_factory=list,
+    )
+
+
 class EventsDescriptionBody(BaseModel):
    description: Union[str, None] = Field(title="The description of the event")


 class EventsCreateBody(BaseModel):
-    source_type: Optional[str] = "api"
    sub_label: Optional[str] = None
    score: Optional[float] = 0
    duration: Optional[int] = 30
--- a/frigate/api/defs/request/export_recordings_body.py
+++ b/frigate/api/defs/request/export_recordings_body.py
@@ -1,4 +1,4 @@
-from typing import Union
+from typing import Optional, Union

 from pydantic import BaseModel, Field
 from pydantic.json_schema import SkipJsonSchema
@@ -16,5 +16,5 @@ class ExportRecordingsBody(BaseModel):
    source: PlaybackSourceEnum = Field(
        default=PlaybackSourceEnum.recordings, title="Playback source"
    )
-    name: str = Field(title="Friendly name", default=None, max_length=256)
+    name: Optional[str] = Field(title="Friendly name", default=None, max_length=256)
    image_path: Union[str, SkipJsonSchema[None]] = None
--- a/frigate/api/event.py
+++ b/frigate/api/event.py
@@ -22,6 +22,7 @@ from peewee import JOIN, DoesNotExist, fn, operator
 from playhouse.shortcuts import model_to_dict

 from frigate.api.auth import (
+    allow_any_authenticated,
    get_allowed_cameras_for_filter,
    require_camera_access,
    require_role,
@@ -36,6 +37,7 @@ from frigate.api.defs.query.regenerate_query_parameters import (
    RegenerateQueryParameters,
 )
 from frigate.api.defs.request.events_body import (
+    EventsAttributesBody,
    EventsCreateBody,
    EventsDeleteBody,
    EventsDescriptionBody,
@@ -54,6 +56,7 @@ from frigate.api.defs.response.event_response import (
 from frigate.api.defs.response.generic_response import GenericResponse
 from frigate.api.defs.tags import Tags
 from frigate.comms.event_metadata_updater import EventMetadataTypeEnum
+from frigate.config.classification import ObjectClassificationType
 from frigate.const import CLIPS_DIR, TRIGGER_DIR
 from frigate.embeddings import EmbeddingsContext
 from frigate.models import Event, ReviewSegment, Timeline, Trigger
@@ -69,6 +72,7 @@ router = APIRouter(tags=[Tags.events])
@router.get(
    "/events",
    response_model=list[EventResponse],
+    dependencies=[Depends(allow_any_authenticated())],
    summary="Get events",
    description="Returns a list of events.",
 )
@@ -97,6 +101,8 @@ def events(
    if sub_labels == "all" and sub_label != "all":
        sub_labels = sub_label

+    attributes = unquote(params.attributes)
+
    zone = params.zone
    zones = params.zones

@@ -185,6 +191,17 @@ def events(
        sub_label_clause = reduce(operator.or_, sub_label_clauses)
        clauses.append((sub_label_clause))

+    if attributes != "all":
+        # Custom classification results are stored as data[model_name] = result_value
+        filtered_attributes = attributes.split(",")
+        attribute_clauses = []
+
+        for attr in filtered_attributes:
+            attribute_clauses.append(Event.data.cast("text") % f'*:"{attr}"*')
+
+        attribute_clause = reduce(operator.or_, attribute_clauses)
+        clauses.append(attribute_clause)
+
    if recognized_license_plate != "all":
        filtered_recognized_license_plates = recognized_license_plate.split(",")

@@ -343,7 +360,8 @@ def events(
@router.get(
    "/events/explore",
    response_model=list[EventResponse],
-    summary="Get summary of objects.",
+    dependencies=[Depends(allow_any_authenticated())],
+    summary="Get summary of objects",
    description="""Gets a summary of objects from the database.
    Returns a list of objects with a max of `limit` objects for each label.
    """,
@@ -435,7 +453,8 @@ def events_explore(
@router.get(
    "/event_ids",
    response_model=list[EventResponse],
-    summary="Get events by ids.",
+    dependencies=[Depends(allow_any_authenticated())],
+    summary="Get events by ids",
    description="""Gets events by a list of ids.
    Returns a list of events.
    """,
@@ -468,7 +487,8 @@ async def event_ids(ids: str, request: Request):

@router.get(
    "/events/search",
-    summary="Search events.",
+    dependencies=[Depends(allow_any_authenticated())],
+    summary="Search events",
    description="""Searches for events in the database.
    Returns a list of events.
    """,
@@ -487,6 +507,8 @@ def events_search(
    # Filters
    cameras = params.cameras
    labels = params.labels
+    sub_labels = params.sub_labels
+    attributes = params.attributes
    zones = params.zones
    after = params.after
    before = params.before
@@ -561,6 +583,38 @@ def events_search(
    if labels != "all":
        event_filters.append((Event.label << labels.split(",")))

+    if sub_labels != "all":
+        # use matching so joined sub labels are included
+        # for example a sub label 'bob' would get events
+        # with sub labels 'bob' and 'bob, john'
+        sub_label_clauses = []
+        filtered_sub_labels = sub_labels.split(",")
+
+        if "None" in filtered_sub_labels:
+            filtered_sub_labels.remove("None")
+            sub_label_clauses.append((Event.sub_label.is_null()))
+
+        for label in filtered_sub_labels:
+            sub_label_clauses.append(
+                (Event.sub_label.cast("text") == label)
+            )  # include exact matches
+
+            # include this label when part of a list
+            sub_label_clauses.append((Event.sub_label.cast("text") % f"*{label},*"))
+            sub_label_clauses.append((Event.sub_label.cast("text") % f"*, {label}*"))
+
+        event_filters.append((reduce(operator.or_, sub_label_clauses)))
+
+    if attributes != "all":
+        # Custom classification results are stored as data[model_name] = result_value
+        filtered_attributes = attributes.split(",")
+        attribute_clauses = []
+
+        for attr in filtered_attributes:
+            attribute_clauses.append(Event.data.cast("text") % f'*:"{attr}"*')
+
+        event_filters.append(reduce(operator.or_, attribute_clauses))
+
    if zones != "all":
        zone_clauses = []
        filtered_zones = zones.split(",")
@@ -808,7 +862,7 @@ def events_search(
    return JSONResponse(content=processed_events)


-@router.get("/events/summary")
+@router.get("/events/summary", dependencies=[Depends(allow_any_authenticated())])
 def events_summary(
    params: EventsSummaryQueryParams = Depends(),
    allowed_cameras: List[str] = Depends(get_allowed_cameras_for_filter),
@@ -918,7 +972,8 @@ def events_summary(
@router.get(
    "/events/{event_id}",
    response_model=EventResponse,
-    summary="Get event by id.",
+    dependencies=[Depends(allow_any_authenticated())],
+    summary="Get event by id",
    description="Gets an event by its id.",
 )
 async def event(event_id: str, request: Request):
@@ -961,7 +1016,8 @@ def set_retain(event_id: str):
@router.post(
    "/events/{event_id}/plus",
    response_model=EventUploadPlusResponse,
-    summary="Send event to Frigate+.",
+    dependencies=[Depends(require_role(["admin"]))],
+    summary="Send event to Frigate+",
    description="""Sends an event to Frigate+.
    Returns a success message or an error if the event is not found.
    """,
@@ -1101,6 +1157,7 @@ async def send_to_plus(request: Request, event_id: str, body: SubmitPlusBody = N
@router.put(
    "/events/{event_id}/false_positive",
    response_model=EventUploadPlusResponse,
+    dependencies=[Depends(require_role(["admin"]))],
    summary="Submit false positive to Frigate+",
    description="""Submit an event as a false positive to Frigate+.
    This endpoint is the same as the standard Frigate+ submission endpoint,
@@ -1199,7 +1256,7 @@ async def false_positive(request: Request, event_id: str):
    "/events/{event_id}/retain",
    response_model=GenericResponse,
    dependencies=[Depends(require_role(["admin"]))],
-    summary="Stop event from being retained indefinitely.",
+    summary="Stop event from being retained indefinitely",
    description="""Stops an event from being retained indefinitely.
    Returns a success message or an error if the event is not found.
    NOTE: This is a legacy endpoint and is not supported in the frontend.
@@ -1228,7 +1285,7 @@ async def delete_retain(event_id: str, request: Request):
    "/events/{event_id}/sub_label",
    response_model=GenericResponse,
    dependencies=[Depends(require_role(["admin"]))],
-    summary="Set event sub label.",
+    summary="Set event sub label",
    description="""Sets an event's sub label.
    Returns a success message or an error if the event is not found.
    """,
@@ -1287,7 +1344,7 @@ async def set_sub_label(
    "/events/{event_id}/recognized_license_plate",
    response_model=GenericResponse,
    dependencies=[Depends(require_role(["admin"]))],
-    summary="Set event license plate.",
+    summary="Set event license plate",
    description="""Sets an event's license plate.
    Returns a success message or an error if the event is not found.
    """,
@@ -1343,11 +1400,112 @@ async def set_plate(
    )


+@router.post(
+    "/events/{event_id}/attributes",
+    response_model=GenericResponse,
+    dependencies=[Depends(require_role(["admin"]))],
+    summary="Set custom classification attributes",
+    description=(
+        "Sets an event's custom classification attributes for all attribute-type "
+        "models that apply to the event's object type."
+    ),
+)
+async def set_attributes(
+    request: Request,
+    event_id: str,
+    body: EventsAttributesBody,
+):
+    try:
+        event: Event = Event.get(Event.id == event_id)
+        await require_camera_access(event.camera, request=request)
+    except DoesNotExist:
+        return JSONResponse(
+            content=({"success": False, "message": f"Event {event_id} not found."}),
+            status_code=404,
+        )
+
+    object_type = event.label
+    selected_attributes = set(body.attributes or [])
+    applied_updates: list[dict[str, str | float | None]] = []
+
+    for (
+        model_key,
+        model_config,
+    ) in request.app.frigate_config.classification.custom.items():
+        # Only apply to enabled attribute classifiers that target this object type
+        if (
+            not model_config.enabled
+            or not model_config.object_config
+            or model_config.object_config.classification_type
+            != ObjectClassificationType.attribute
+            or object_type not in (model_config.object_config.objects or [])
+        ):
+            continue
+
+        # Get available labels from dataset directory
+        dataset_dir = os.path.join(CLIPS_DIR, sanitize_filename(model_key), "dataset")
+        available_labels = set()
+
+        if os.path.exists(dataset_dir):
+            for category_name in os.listdir(dataset_dir):
+                category_dir = os.path.join(dataset_dir, category_name)
+                if os.path.isdir(category_dir):
+                    available_labels.add(category_name)
+
+        if not available_labels:
+            logger.warning(
+                "No dataset found for custom attribute model %s at %s",
+                model_key,
+                dataset_dir,
+            )
+            continue
+
+        # Find all selected attributes that apply to this model
+        model_name = model_config.name or model_key
+        matching_attrs = selected_attributes & available_labels
+
+        if matching_attrs:
+            # Publish updates for each selected attribute
+            for attr in matching_attrs:
+                request.app.event_metadata_updater.publish(
+                    (event_id, model_name, attr, 1.0),
+                    EventMetadataTypeEnum.attribute.value,
+                )
+                applied_updates.append(
+                    {"model": model_name, "label": attr, "score": 1.0}
+                )
+        else:
+            # Clear this model's attribute
+            request.app.event_metadata_updater.publish(
+                (event_id, model_name, None, None),
+                EventMetadataTypeEnum.attribute.value,
+            )
+            applied_updates.append({"model": model_name, "label": None, "score": None})
+
+    if len(applied_updates) == 0:
+        return JSONResponse(
+            content={
+                "success": False,
+                "message": "No matching attributes found for this object type.",
+            },
+            status_code=400,
+        )
+
+    return JSONResponse(
+        content={
+            "success": True,
+            "message": f"Updated {len(applied_updates)} attribute(s)",
+            "applied": applied_updates,
+        },
+        status_code=200,
+    )
+
+
@router.post(
    "/events/{event_id}/description",
    response_model=GenericResponse,
    dependencies=[Depends(require_role(["admin"]))],
-    summary="Set event description.",
+    summary="Set event description",
    description="""Sets an event's description.
    Returns a success message or an error if the event is not found.
    """,
@@ -1403,7 +1561,7 @@ async def set_description(
    "/events/{event_id}/description/regenerate",
    response_model=GenericResponse,
    dependencies=[Depends(require_role(["admin"]))],
-    summary="Regenerate event description.",
+    summary="Regenerate event description",
    description="""Regenerates an event's description.
    Returns a success message or an error if the event is not found.
    """,
@@ -1455,8 +1613,8 @@ async def regenerate_description(
@router.post(
    "/description/generate",
    response_model=GenericResponse,
-    # dependencies=[Depends(require_role(["admin"]))],
-    summary="Generate description embedding.",
+    dependencies=[Depends(require_role(["admin"]))],
+    summary="Generate description embedding",
    description="""Generates an embedding for an event's description.
    Returns a success message or an error if the event is not found.
    """,
@@ -1521,7 +1679,7 @@ async def delete_single_event(event_id: str, request: Request) -> dict:
    "/events/{event_id}",
    response_model=GenericResponse,
    dependencies=[Depends(require_role(["admin"]))],
-    summary="Delete event.",
+    summary="Delete event",
    description="""Deletes an event from the database.
    Returns a success message or an error if the event is not found.
    """,
@@ -1536,7 +1694,7 @@ async def delete_event(request: Request, event_id: str):
    "/events/",
    response_model=EventMultiDeleteResponse,
    dependencies=[Depends(require_role(["admin"]))],
-    summary="Delete events.",
+    summary="Delete events",
    description="""Deletes a list of events from the database.
    Returns a success message or an error if the events are not found.
    """,
@@ -1570,7 +1728,7 @@ async def delete_events(request: Request, body: EventsDeleteBody):
    "/events/{camera_name}/{label}/create",
    response_model=EventCreateResponse,
    dependencies=[Depends(require_role(["admin"]))],
-    summary="Create manual event.",
+    summary="Create manual event",
    description="""Creates a manual event in the database.
    Returns a success message or an error if the event is not found.
    NOTES:
@@ -1612,7 +1770,7 @@ def create_event(
            body.score,
            body.sub_label,
            body.duration,
-            body.source_type,
+            "api",
            body.draw,
        ),
        EventMetadataTypeEnum.manual_event_create.value,
@@ -1634,7 +1792,7 @@ def create_event(
    "/events/{event_id}/end",
    response_model=GenericResponse,
    dependencies=[Depends(require_role(["admin"]))],
-    summary="End manual event.",
+    summary="End manual event",
    description="""Ends a manual event.
    Returns a success message or an error if the event is not found.
    NOTE: This should only be used for manual events.
@@ -1644,10 +1802,27 @@ async def end_event(request: Request, event_id: str, body: EventsEndBody):
    try:
        event: Event = Event.get(Event.id == event_id)
        await require_camera_access(event.camera, request=request)
+
+        if body.end_time is not None and body.end_time < event.start_time:
+            return JSONResponse(
+                content=(
+                    {
+                        "success": False,
+                        "message": f"end_time ({body.end_time}) cannot be before start_time ({event.start_time}).",
+                    }
+                ),
+                status_code=400,
+            )
+
        end_time = body.end_time or datetime.datetime.now().timestamp()
        request.app.event_metadata_updater.publish(
            (event_id, end_time), EventMetadataTypeEnum.manual_event_end.value
        )
+    except DoesNotExist:
+        return JSONResponse(
+            content=({"success": False, "message": f"Event {event_id} not found."}),
+            status_code=404,
+        )
    except Exception:
        return JSONResponse(
            content=(
@@ -1666,7 +1841,7 @@ async def end_event(request: Request, event_id: str, body: EventsEndBody):
    "/trigger/embedding",
    response_model=dict,
    dependencies=[Depends(require_role(["admin"]))],
-    summary="Create trigger embedding.",
+    summary="Create trigger embedding",
    description="""Creates a trigger embedding for a specific trigger.
    Returns a success message or an error if the trigger is not found.
    """,
@@ -1723,37 +1898,40 @@ def create_trigger_embedding(
            if event.data.get("type") != "object":
                return

-            if thumbnail := get_event_thumbnail_bytes(event):
-                cursor = context.db.execute_sql(
-                    """
-                    SELECT thumbnail_embedding FROM vec_thumbnails WHERE id = ?
-                    """,
-                    [body.data],
+            # Get the thumbnail
+            thumbnail = get_event_thumbnail_bytes(event)
+
+            if thumbnail is None:
+                return JSONResponse(
+                    content={
+                        "success": False,
+                        "message": f"Failed to get thumbnail for {body.data} for {body.type} trigger",
+                    },
+                    status_code=400,
                )

-                row = cursor.fetchone() if cursor else None
+            # Try to reuse existing embedding from database
+            cursor = context.db.execute_sql(
+                """
+                SELECT thumbnail_embedding FROM vec_thumbnails WHERE id = ?
+                """,
+                [body.data],
+            )

-                if row:
-                    query_embedding = row[0]
-                    embedding = np.frombuffer(query_embedding, dtype=np.float32)
+            row = cursor.fetchone() if cursor else None
+
+            if row:
+                query_embedding = row[0]
+                embedding = np.frombuffer(query_embedding, dtype=np.float32)
            else:
-                # Extract valid thumbnail
-                thumbnail = get_event_thumbnail_bytes(event)
-
-                if thumbnail is None:
-                    return JSONResponse(
-                        content={
-                            "success": False,
-                            "message": f"Failed to get thumbnail for {body.data} for {body.type} trigger",
-                        },
-                        status_code=400,
-                    )
-
+                # Generate new embedding
                embedding = context.generate_image_embedding(
                    body.data, (base64.b64encode(thumbnail).decode("ASCII"))
                )

-        if embedding is None:
+        if embedding is None or (
+            isinstance(embedding, (list, np.ndarray)) and len(embedding) == 0
+        ):
            return JSONResponse(
                content={
                    "success": False,
@@ -1821,7 +1999,7 @@ def create_trigger_embedding(
    "/trigger/embedding/{camera_name}/{name}",
    response_model=dict,
    dependencies=[Depends(require_role(["admin"]))],
-    summary="Update trigger embedding.",
+    summary="Update trigger embedding",
    description="""Updates a trigger embedding for a specific trigger.
    Returns a success message or an error if the trigger is not found.
    """,
@@ -1888,7 +2066,9 @@ def update_trigger_embedding(
                body.data, (base64.b64encode(thumbnail).decode("ASCII"))
            )

-        if embedding is None:
+        if embedding is None or (
+            isinstance(embedding, (list, np.ndarray)) and len(embedding) == 0
+        ):
            return JSONResponse(
                content={
                    "success": False,
@@ -1984,7 +2164,7 @@ def update_trigger_embedding(
    "/trigger/embedding/{camera_name}/{name}",
    response_model=dict,
    dependencies=[Depends(require_role(["admin"]))],
-    summary="Delete trigger embedding.",
+    summary="Delete trigger embedding",
    description="""Deletes a trigger embedding for a specific trigger.
    Returns a success message or an error if the trigger is not found.
    """,
@@ -2058,7 +2238,7 @@ def delete_trigger_embedding(
    "/triggers/status/{camera_name}",
    response_model=dict,
    dependencies=[Depends(require_role(["admin"]))],
-    summary="Get triggers status.",
+    summary="Get triggers status",
    description="""Gets the status of all triggers for a specific camera.
    Returns a success message or an error if the camera is not found.
    """,
--- a/frigate/api/export.py
+++ b/frigate/api/export.py
@@ -14,6 +14,7 @@ from peewee import DoesNotExist
 from playhouse.shortcuts import model_to_dict

 from frigate.api.auth import (
+    allow_any_authenticated,
    get_allowed_cameras_for_filter,
    require_camera_access,
    require_role,
@@ -44,6 +45,7 @@ router = APIRouter(tags=[Tags.export])
@router.get(
    "/exports",
    response_model=ExportsResponse,
+    dependencies=[Depends(allow_any_authenticated())],
    summary="Get exports",
    description="""Gets all exports from the database for cameras the user has access to.
    Returns a list of exports ordered by date (most recent first).""",
@@ -272,6 +274,7 @@ async def export_delete(event_id: str, request: Request):
@router.get(
    "/exports/{export_id}",
    response_model=ExportModel,
+    dependencies=[Depends(allow_any_authenticated())],
    summary="Get a single export",
    description="""Gets a specific export by ID. The user must have access to the camera
    associated with the export.""",
--- a/frigate/api/fastapi_app.py
+++ b/frigate/api/fastapi_app.py
@@ -2,7 +2,7 @@ import logging
 import re
 from typing import Optional

-from fastapi import FastAPI, Request
+from fastapi import Depends, FastAPI, Request
 from fastapi.responses import JSONResponse
 from joserfc.jwk import OctKey
 from playhouse.sqliteq import SqliteQueueDatabase
@@ -24,7 +24,7 @@ from frigate.api import (
    preview,
    review,
 )
-from frigate.api.auth import get_jwt_secret, limiter
+from frigate.api.auth import get_jwt_secret, limiter, require_admin_by_default
 from frigate.comms.event_metadata_updater import (
    EventMetadataPublisher,
 )
@@ -62,11 +62,15 @@ def create_fastapi_app(
    stats_emitter: StatsEmitter,
    event_metadata_updater: EventMetadataPublisher,
    config_publisher: CameraConfigUpdatePublisher,
+    enforce_default_admin: bool = True,
 ):
    logger.info("Starting FastAPI app")
    app = FastAPI(
        debug=False,
        swagger_ui_parameters={"apisSorter": "alpha", "operationsSorter": "alpha"},
+        dependencies=[Depends(require_admin_by_default())]
+        if enforce_default_admin
+        else [],
    )

    # update the request_address with the x-forwarded-for header from nginx
--- a/frigate/api/media.py
+++ b/frigate/api/media.py
@@ -22,7 +22,11 @@ from pathvalidate import sanitize_filename
 from peewee import DoesNotExist, fn, operator
 from tzlocal import get_localzone_name

-from frigate.api.auth import get_allowed_cameras_for_filter, require_camera_access
+from frigate.api.auth import (
+    allow_any_authenticated,
+    get_allowed_cameras_for_filter,
+    require_camera_access,
+)
 from frigate.api.defs.query.media_query_parameters import (
    Extension,
    MediaEventsSnapshotQueryParams,
@@ -393,7 +397,7 @@ async def submit_recording_snapshot_to_plus(
        )


-@router.get("/recordings/storage")
+@router.get("/recordings/storage", dependencies=[Depends(allow_any_authenticated())])
 def get_recordings_storage_usage(request: Request):
    recording_stats = request.app.stats_emitter.get_latest_stats()["service"][
        "storage"
@@ -417,7 +421,7 @@ def get_recordings_storage_usage(request: Request):
    return JSONResponse(content=camera_usages)


-@router.get("/recordings/summary")
+@router.get("/recordings/summary", dependencies=[Depends(allow_any_authenticated())])
 def all_recordings_summary(
    request: Request,
    params: MediaRecordingsSummaryQueryParams = Depends(),
@@ -635,7 +639,11 @@ async def recordings(
    return JSONResponse(content=list(recordings))


-@router.get("/recordings/unavailable", response_model=list[dict])
+@router.get(
+    "/recordings/unavailable",
+    response_model=list[dict],
+    dependencies=[Depends(allow_any_authenticated())],
+)
 async def no_recordings(
    request: Request,
    params: MediaRecordingsAvailabilityQueryParams = Depends(),
@@ -829,7 +837,19 @@ async def recording_clip(
    dependencies=[Depends(require_camera_access)],
    description="Returns an HLS playlist for the specified timestamp-range on the specified camera. Append /master.m3u8 or /index.m3u8 for HLS playback.",
 )
-async def vod_ts(camera_name: str, start_ts: float, end_ts: float):
+async def vod_ts(
+    camera_name: str,
+    start_ts: float,
+    end_ts: float,
+    force_discontinuity: bool = False,
+):
+    logger.debug(
+        "VOD: Generating VOD for %s from %s to %s with force_discontinuity=%s",
+        camera_name,
+        start_ts,
+        end_ts,
+        force_discontinuity,
+    )
    recordings = (
        Recordings.select(
            Recordings.path,
@@ -854,6 +874,14 @@ async def vod_ts(camera_name: str, start_ts: float, end_ts: float):

    recording: Recordings
    for recording in recordings:
+        logger.debug(
+            "VOD: processing recording: %s start=%s end=%s duration=%s",
+            recording.path,
+            recording.start_time,
+            recording.end_time,
+            recording.duration,
+        )
+
        clip = {"type": "source", "path": recording.path}
        duration = int(recording.duration * 1000)

@@ -862,6 +890,11 @@ async def vod_ts(camera_name: str, start_ts: float, end_ts: float):
            inpoint = int((start_ts - recording.start_time) * 1000)
            clip["clipFrom"] = inpoint
            duration -= inpoint
+            logger.debug(
+                "VOD: applied clipFrom %sms to %s",
+                inpoint,
+                recording.path,
+            )

        # adjust end if recording.end_time is after end_ts
        if recording.end_time > end_ts:
@@ -869,12 +902,23 @@ async def vod_ts(camera_name: str, start_ts: float, end_ts: float):

        if duration < min_duration_ms:
            # skip if the clip has no valid duration (too short to contain frames)
+            logger.debug(
+                "VOD: skipping recording %s - resulting duration %sms too short",
+                recording.path,
+                duration,
+            )
            continue

        if min_duration_ms <= duration < max_duration_ms:
            clip["keyFrameDurations"] = [duration]
            clips.append(clip)
            durations.append(duration)
+            logger.debug(
+                "VOD: added clip %s duration_ms=%s clipFrom=%s",
+                recording.path,
+                duration,
+                clip.get("clipFrom"),
+            )
        else:
            logger.warning(f"Recording clip is missing or empty: {recording.path}")

@@ -894,7 +938,7 @@ async def vod_ts(camera_name: str, start_ts: float, end_ts: float):
    return JSONResponse(
        content={
            "cache": hour_ago.timestamp() > start_ts,
-            "discontinuity": False,
+            "discontinuity": force_discontinuity,
            "consistentSequenceMediaInfo": True,
            "durations": durations,
            "segment_duration": max(durations),
@@ -937,6 +981,7 @@ async def vod_hour(

@router.get(
    "/vod/event/{event_id}",
+    dependencies=[Depends(allow_any_authenticated())],
    description="Returns an HLS playlist for the specified object. Append /master.m3u8 or /index.m3u8 for HLS playback.",
 )
 async def vod_event(
@@ -977,6 +1022,19 @@ async def vod_event(
    return vod_response


+@router.get(
+    "/vod/clip/{camera_name}/start/{start_ts}/end/{end_ts}",
+    dependencies=[Depends(require_camera_access)],
+    description="Returns an HLS playlist for a timestamp range with HLS discontinuity enabled. Append /master.m3u8 or /index.m3u8 for HLS playback.",
+)
+async def vod_clip(
+    camera_name: str,
+    start_ts: float,
+    end_ts: float,
+):
+    return await vod_ts(camera_name, start_ts, end_ts, force_discontinuity=True)
+
+
@router.get(
    "/events/{event_id}/snapshot.jpg",
    description="Returns a snapshot image for the specified object id. NOTE: The query params only take affect while the event is in-progress. Once the event has ended the snapshot configuration is used.",
@@ -1053,7 +1111,10 @@ async def event_snapshot(
    )


-@router.get("/events/{event_id}/thumbnail.{extension}")
+@router.get(
+    "/events/{event_id}/thumbnail.{extension}",
+    dependencies=[Depends(require_camera_access)],
+)
 async def event_thumbnail(
    request: Request,
    event_id: str,
@@ -1251,7 +1312,10 @@ def grid_snapshot(
        )


-@router.get("/events/{event_id}/snapshot-clean.webp")
+@router.get(
+    "/events/{event_id}/snapshot-clean.webp",
+    dependencies=[Depends(require_camera_access)],
+)
 def event_snapshot_clean(request: Request, event_id: str, download: bool = False):
    webp_bytes = None
    try:
@@ -1375,7 +1439,9 @@ def event_snapshot_clean(request: Request, event_id: str, download: bool = False
    )


-@router.get("/events/{event_id}/clip.mp4")
+@router.get(
+    "/events/{event_id}/clip.mp4", dependencies=[Depends(require_camera_access)]
+)
 async def event_clip(
    request: Request,
    event_id: str,
@@ -1403,7 +1469,9 @@ async def event_clip(
    )


-@router.get("/events/{event_id}/preview.gif")
+@router.get(
+    "/events/{event_id}/preview.gif", dependencies=[Depends(require_camera_access)]
+)
 def event_preview(request: Request, event_id: str):
    try:
        event: Event = Event.get(Event.id == event_id)
@@ -1756,7 +1824,7 @@ def preview_mp4(
    )


-@router.get("/review/{event_id}/preview")
+@router.get("/review/{event_id}/preview", dependencies=[Depends(require_camera_access)])
 def review_preview(
    request: Request,
    event_id: str,
@@ -1782,8 +1850,12 @@ def review_preview(
        return preview_mp4(request, review.camera, start_ts, end_ts)


-@router.get("/preview/{file_name}/thumbnail.jpg")
-@router.get("/preview/{file_name}/thumbnail.webp")
+@router.get(
+    "/preview/{file_name}/thumbnail.jpg", dependencies=[Depends(require_camera_access)]
+)
+@router.get(
+    "/preview/{file_name}/thumbnail.webp", dependencies=[Depends(require_camera_access)]
+)
 def preview_thumbnail(file_name: str):
    """Get a thumbnail from the cached preview frames."""
    if len(file_name) > 1000:
@@ -1863,7 +1935,7 @@ async def label_clip(request: Request, camera_name: str, label: str):
    try:
        event = event_query.get()

-        return await event_clip(request, event.id)
+        return await event_clip(request, event.id, 0)
    except DoesNotExist:
        return JSONResponse(
            content={"success": False, "message": "Event not found"}, status_code=404
--- a/frigate/api/notification.py
+++ b/frigate/api/notification.py
@@ -5,11 +5,12 @@ import os
 from typing import Any

 from cryptography.hazmat.primitives import serialization
-from fastapi import APIRouter, Request
+from fastapi import APIRouter, Depends, Request
 from fastapi.responses import JSONResponse
 from peewee import DoesNotExist
 from py_vapid import Vapid01, utils

+from frigate.api.auth import allow_any_authenticated
 from frigate.api.defs.tags import Tags
 from frigate.const import CONFIG_DIR
 from frigate.models import User
@@ -21,6 +22,7 @@ router = APIRouter(tags=[Tags.notifications])

@router.get(
    "/notifications/pubkey",
+    dependencies=[Depends(allow_any_authenticated())],
    summary="Get VAPID public key",
    description="""Gets the VAPID public key for the notifications.
    Returns the public key or an error if notifications are not enabled.
@@ -47,6 +49,7 @@ def get_vapid_pub_key(request: Request):

@router.post(
    "/notifications/register",
+    dependencies=[Depends(allow_any_authenticated())],
    summary="Register notifications",
    description="""Registers a notifications subscription.
    Returns a success message or an error if the subscription is not provided.
--- a/frigate/api/preview.py
+++ b/frigate/api/preview.py
@@ -5,10 +5,14 @@ import os
 from datetime import datetime, timedelta, timezone

 import pytz
-from fastapi import APIRouter, Depends
+from fastapi import APIRouter, Depends, HTTPException
 from fastapi.responses import JSONResponse

-from frigate.api.auth import require_camera_access
+from frigate.api.auth import (
+    allow_any_authenticated,
+    get_allowed_cameras_for_filter,
+    require_camera_access,
+)
 from frigate.api.defs.response.preview_response import (
    PreviewFramesResponse,
    PreviewsResponse,
@@ -26,19 +30,32 @@ router = APIRouter(tags=[Tags.preview])
@router.get(
    "/preview/{camera_name}/start/{start_ts}/end/{end_ts}",
    response_model=PreviewsResponse,
-    dependencies=[Depends(require_camera_access)],
+    dependencies=[Depends(allow_any_authenticated())],
    summary="Get preview clips for time range",
    description="""Gets all preview clips for a specified camera and time range.
    Returns a list of preview video clips that overlap with the requested time period,
    ordered by start time. Use camera_name='all' to get previews from all cameras.
    Returns an error if no previews are found.""",
 )
-def preview_ts(camera_name: str, start_ts: float, end_ts: float):
+def preview_ts(
+    camera_name: str,
+    start_ts: float,
+    end_ts: float,
+    allowed_cameras: list[str] = Depends(get_allowed_cameras_for_filter),
+):
    """Get all mp4 previews relevant for time period."""
    if camera_name != "all":
-        camera_clause = Previews.camera == camera_name
+        if camera_name not in allowed_cameras:
+            raise HTTPException(status_code=403, detail="Access denied for camera")
+        camera_list = [camera_name]
    else:
-        camera_clause = True
+        camera_list = allowed_cameras
+
+    if not camera_list:
+        return JSONResponse(
+            content={"success": False, "message": "No previews found."},
+            status_code=404,
+        )

    previews = (
        Previews.select(
@@ -53,7 +70,7 @@ def preview_ts(camera_name: str, start_ts: float, end_ts: float):
            | Previews.end_time.between(start_ts, end_ts)
            | ((start_ts > Previews.start_time) & (end_ts < Previews.end_time))
        )
-        .where(camera_clause)
+        .where(Previews.camera << camera_list)
        .order_by(Previews.start_time.asc())
        .dicts()
        .iterator()
@@ -88,14 +105,21 @@ def preview_ts(camera_name: str, start_ts: float, end_ts: float):
@router.get(
    "/preview/{year_month}/{day}/{hour}/{camera_name}/{tz_name}",
    response_model=PreviewsResponse,
-    dependencies=[Depends(require_camera_access)],
+    dependencies=[Depends(allow_any_authenticated())],
    summary="Get preview clips for specific hour",
    description="""Gets all preview clips for a specific hour in a given timezone.
    Converts the provided date/time from the specified timezone to UTC and retrieves
    all preview clips for that hour. Use camera_name='all' to get previews from all cameras.
    The tz_name should be a timezone like 'America/New_York' (use commas instead of slashes).""",
 )
-def preview_hour(year_month: str, day: int, hour: int, camera_name: str, tz_name: str):
+def preview_hour(
+    year_month: str,
+    day: int,
+    hour: int,
+    camera_name: str,
+    tz_name: str,
+    allowed_cameras: list[str] = Depends(get_allowed_cameras_for_filter),
+):
    """Get all mp4 previews relevant for time period given the timezone"""
    parts = year_month.split("-")
    start_date = (
@@ -106,7 +130,7 @@ def preview_hour(year_month: str, day: int, hour: int, camera_name: str, tz_name
    start_ts = start_date.timestamp()
    end_ts = end_date.timestamp()

-    return preview_ts(camera_name, start_ts, end_ts)
+    return preview_ts(camera_name, start_ts, end_ts, allowed_cameras)


@router.get(
--- a/frigate/api/review.py
+++ b/frigate/api/review.py
@@ -14,6 +14,7 @@ from peewee import Case, DoesNotExist, IntegrityError, fn, operator
 from playhouse.shortcuts import model_to_dict

 from frigate.api.auth import (
+    allow_any_authenticated,
    get_allowed_cameras_for_filter,
    get_current_user,
    require_camera_access,
@@ -43,7 +44,11 @@ logger = logging.getLogger(__name__)
 router = APIRouter(tags=[Tags.review])


-@router.get("/review", response_model=list[ReviewSegmentResponse])
+@router.get(
+    "/review",
+    response_model=list[ReviewSegmentResponse],
+    dependencies=[Depends(allow_any_authenticated())],
+)
 async def review(
    params: ReviewQueryParams = Depends(),
    current_user: dict = Depends(get_current_user),
@@ -152,7 +157,11 @@ async def review(
    return JSONResponse(content=[r for r in review_query])


-@router.get("/review_ids", response_model=list[ReviewSegmentResponse])
+@router.get(
+    "/review_ids",
+    response_model=list[ReviewSegmentResponse],
+    dependencies=[Depends(allow_any_authenticated())],
+)
 async def review_ids(request: Request, ids: str):
    ids = ids.split(",")

@@ -186,7 +195,11 @@ async def review_ids(request: Request, ids: str):
        )


-@router.get("/review/summary", response_model=ReviewSummaryResponse)
+@router.get(
+    "/review/summary",
+    response_model=ReviewSummaryResponse,
+    dependencies=[Depends(allow_any_authenticated())],
+)
 async def review_summary(
    params: ReviewSummaryQueryParams = Depends(),
    current_user: dict = Depends(get_current_user),
@@ -461,7 +474,11 @@ async def review_summary(
    return JSONResponse(content=data)


-@router.post("/reviews/viewed", response_model=GenericResponse)
+@router.post(
+    "/reviews/viewed",
+    response_model=GenericResponse,
+    dependencies=[Depends(allow_any_authenticated())],
+)
 async def set_multiple_reviewed(
    request: Request,
    body: ReviewModifyMultipleBody,
@@ -560,7 +577,9 @@ def delete_reviews(body: ReviewModifyMultipleBody):


@router.get(
-    "/review/activity/motion", response_model=list[ReviewActivityMotionResponse]
+    "/review/activity/motion",
+    response_model=list[ReviewActivityMotionResponse],
+    dependencies=[Depends(allow_any_authenticated())],
 )
 def motion_activity(
    params: ReviewActivityMotionQueryParams = Depends(),
@@ -644,7 +663,11 @@ def motion_activity(
    return JSONResponse(content=normalized)


-@router.get("/review/event/{event_id}", response_model=ReviewSegmentResponse)
+@router.get(
+    "/review/event/{event_id}",
+    response_model=ReviewSegmentResponse,
+    dependencies=[Depends(allow_any_authenticated())],
+)
 async def get_review_from_event(request: Request, event_id: str):
    try:
        review = ReviewSegment.get(
@@ -659,7 +682,11 @@ async def get_review_from_event(request: Request, event_id: str):
        )


-@router.get("/review/{review_id}", response_model=ReviewSegmentResponse)
+@router.get(
+    "/review/{review_id}",
+    response_model=ReviewSegmentResponse,
+    dependencies=[Depends(allow_any_authenticated())],
+)
 async def get_review(request: Request, review_id: str):
    try:
        review = ReviewSegment.get(ReviewSegment.id == review_id)
@@ -672,7 +699,11 @@ async def get_review(request: Request, review_id: str):
        )


-@router.delete("/review/{review_id}/viewed", response_model=GenericResponse)
+@router.delete(
+    "/review/{review_id}/viewed",
+    response_model=GenericResponse,
+    dependencies=[Depends(allow_any_authenticated())],
+)
 async def set_not_reviewed(
    review_id: str,
    current_user: dict = Depends(get_current_user),
@@ -710,6 +741,7 @@ async def set_not_reviewed(

@router.post(
    "/review/summarize/start/{start_ts}/end/{end_ts}",
+    dependencies=[Depends(allow_any_authenticated())],
    description="Use GenAI to summarize review items over a period of time.",
 )
 def generate_review_summary(request: Request, start_ts: float, end_ts: float):
--- a/frigate/app.py
+++ b/frigate/app.py
@@ -100,6 +100,10 @@ class FrigateApp:
            )
            if (
                config.semantic_search.enabled
+                or any(
+                    c.objects.genai.enabled or c.review.genai.enabled
+                    for c in config.cameras.values()
+                )
                or config.lpr.enabled
                or config.face_recognition.enabled
                or len(config.classification.custom) > 0
--- a/frigate/comms/dispatcher.py
+++ b/frigate/comms/dispatcher.py
@@ -607,23 +607,27 @@ class Dispatcher:
        )
        self.publish(f"{camera_name}/snapshots/state", payload, retain=True)

-    def _on_ptz_command(self, camera_name: str, payload: str) -> None:
+    def _on_ptz_command(self, camera_name: str, payload: str | bytes) -> None:
        """Callback for ptz topic."""
        try:
-            if "preset" in payload.lower():
+            preset: str = (
+                payload.decode("utf-8") if isinstance(payload, bytes) else payload
+            ).lower()
+
+            if "preset" in preset:
                command = OnvifCommandEnum.preset
-                param = payload.lower()[payload.index("_") + 1 :]
-            elif "move_relative" in payload.lower():
+                param = preset[preset.index("_") + 1 :]
+            elif "move_relative" in preset:
                command = OnvifCommandEnum.move_relative
-                param = payload.lower()[payload.index("_") + 1 :]
+                param = preset[preset.index("_") + 1 :]
            else:
-                command = OnvifCommandEnum[payload.lower()]
+                command = OnvifCommandEnum[preset]
                param = ""

            self.onvif.handle_command(camera_name, command, param)
            logger.info(f"Setting ptz command to {command} for {camera_name}")
        except KeyError as k:
-            logger.error(f"Invalid PTZ command {payload}: {k}")
+            logger.error(f"Invalid PTZ command {preset}: {k}")

    def _on_birdseye_command(self, camera_name: str, payload: str) -> None:
        """Callback for birdseye topic."""
--- a/frigate/comms/mqtt.py
+++ b/frigate/comms/mqtt.py
@@ -225,7 +225,8 @@ class MqttClient(Communicator):
            "birdseye_mode",
            "review_alerts",
            "review_detections",
-            "genai",
+            "object_descriptions",
+            "review_descriptions",
        ]

        for name in self.config.cameras.keys():
--- a/frigate/comms/webpush.py
+++ b/frigate/comms/webpush.py
@@ -21,7 +21,7 @@ from frigate.config.camera.updater import (
    CameraConfigUpdateEnum,
    CameraConfigUpdateSubscriber,
 )
-from frigate.const import CONFIG_DIR
+from frigate.const import BASE_DIR, CONFIG_DIR
 from frigate.models import User

 logger = logging.getLogger(__name__)
@@ -371,14 +371,39 @@ class WebPushClient(Communicator):

        sorted_objects.update(payload["after"]["data"]["sub_labels"])

-        image = f"{payload['after']['thumb_path'].replace('/media/frigate', '')}"
+        image = f"{payload['after']['thumb_path'].replace(BASE_DIR, '')}"
        ended = state == "end" or state == "genai"

        if state == "genai" and payload["after"]["data"]["metadata"]:
-            title = payload["after"]["data"]["metadata"]["title"]
-            message = payload["after"]["data"]["metadata"]["scene"]
+            base_title = payload["after"]["data"]["metadata"]["title"]
+            threat_level = payload["after"]["data"]["metadata"].get(
+                "potential_threat_level", 0
+            )
+
+            # Add prefix for threat levels 1 and 2
+            if threat_level == 1:
+                title = f"Needs Review: {base_title}"
+            elif threat_level == 2:
+                title = f"Security Concern: {base_title}"
+            else:
+                title = base_title
+
+            message = payload["after"]["data"]["metadata"]["shortSummary"]
        else:
-            title = f"{titlecase(', '.join(sorted_objects).replace('_', ' '))}{' was' if state == 'end' else ''} detected in {titlecase(', '.join(payload['after']['data']['zones']).replace('_', ' '))}"
+            zone_names = payload["after"]["data"]["zones"]
+            formatted_zone_names = []
+
+            for zone_name in zone_names:
+                if zone_name in self.config.cameras[camera].zones:
+                    formatted_zone_names.append(
+                        self.config.cameras[camera]
+                        .zones[zone_name]
+                        .get_formatted_name(zone_name)
+                    )
+                else:
+                    formatted_zone_names.append(titlecase(zone_name.replace("_", " ")))
+
+            title = f"{titlecase(', '.join(sorted_objects).replace('_', ' '))}{' was' if state == 'end' else ''} detected in {', '.join(formatted_zone_names)}"
            message = f"Detected on {camera_name}"

        if ended:
--- a/frigate/config/auth.py
+++ b/frigate/config/auth.py
@@ -20,7 +20,7 @@ class AuthConfig(FrigateBaseModel):
        default=86400, title="Session length for jwt session tokens", ge=60
    )
    refresh_time: int = Field(
-        default=43200,
+        default=1800,
        title="Refresh the session if it is going to expire in this many seconds",
        ge=30,
    )
--- a/frigate/config/classification.py
+++ b/frigate/config/classification.py
@@ -105,6 +105,11 @@ class CustomClassificationConfig(FrigateBaseModel):
    threshold: float = Field(
        default=0.8, title="Classification score threshold to change the state."
    )
+    save_attempts: int | None = Field(
+        default=None,
+        title="Number of classification attempts to save in the recent classifications tab. If not specified, defaults to 200 for object classification and 100 for state classification.",
+        ge=0,
+    )
    object_config: CustomClassificationObjectConfig | None = Field(default=None)
    state_config: CustomClassificationStateConfig | None = Field(default=None)

--- a/frigate/config/config.py
+++ b/frigate/config/config.py
@@ -28,6 +28,7 @@ from frigate.util.builtin import (
    get_ffmpeg_arg_list,
 )
 from frigate.util.config import (
+    CURRENT_CONFIG_VERSION,
    StreamInfoRetriever,
    convert_area_to_pixels,
    find_config_file,
@@ -76,11 +77,12 @@ logger = logging.getLogger(__name__)

 yaml = YAML()

-DEFAULT_CONFIG = """
+DEFAULT_CONFIG = f"""
 mqtt:
  enabled: False

-cameras: {}  # No cameras defined, UI wizard should be used
+cameras: {{}}  # No cameras defined, UI wizard should be used
+version: {CURRENT_CONFIG_VERSION}
 """

 DEFAULT_DETECTORS = {"cpu": {"type": "cpu"}}
@@ -753,8 +755,7 @@ class FrigateConfig(FrigateBaseModel):
            if new_config and f.tell() == 0:
                f.write(DEFAULT_CONFIG)
                logger.info(
-                    "Created default config file, see the getting started docs \
-                    for configuration https://docs.frigate.video/guides/getting_started"
+                    "Created default config file, see the getting started docs for configuration: https://docs.frigate.video/guides/getting_started"
                )

            f.seek(0)
--- a/frigate/config/ui.py
+++ b/frigate/config/ui.py
@@ -37,9 +37,6 @@ class UIConfig(FrigateBaseModel):
    time_style: DateTimeStyleEnum = Field(
        default=DateTimeStyleEnum.medium, title="Override UI timeStyle."
    )
-    strftime_fmt: Optional[str] = Field(
-        default=None, title="Override date and time format using strftime syntax."
-    )
    unit_system: UnitSystemEnum = Field(
        default=UnitSystemEnum.metric, title="The unit system to use for measurements."
    )
--- a/frigate/const.py
+++ b/frigate/const.py
@@ -77,6 +77,9 @@ FFMPEG_HWACCEL_RKMPP = "preset-rkmpp"
 FFMPEG_HWACCEL_AMF = "preset-amd-amf"
 FFMPEG_HVC1_ARGS = ["-tag:v", "hvc1"]

+# RKNN constants
+SUPPORTED_RK_SOCS = ["rk3562", "rk3566", "rk3568", "rk3576", "rk3588"]
+
 # Regex constants

 REGEX_CAMERA_NAME = r"^[a-zA-Z0-9_-]+$"
--- a/frigate/data_processing/common/license_plate/mixin.py
+++ b/frigate/data_processing/common/license_plate/mixin.py
@@ -374,6 +374,9 @@ class LicensePlateProcessingMixin:
                            combined_plate = re.sub(
                                pattern, replacement, combined_plate
                            )
+                            logger.debug(
+                                f"{camera}: Processing replace rule: '{pattern}' -> '{replacement}', result: '{combined_plate}'"
+                            )
                    except re.error as e:
                        logger.warning(
                            f"{camera}: Invalid regex in replace_rules '{pattern}': {e}"
@@ -381,7 +384,7 @@ class LicensePlateProcessingMixin:

            if combined_plate != original_combined:
                logger.debug(
-                    f"{camera}: Rules applied: '{original_combined}' -> '{combined_plate}'"
+                    f"{camera}: All rules applied: '{original_combined}' -> '{combined_plate}'"
                )

            # Compute the combined area for qualifying boxes
--- a/frigate/data_processing/post/audio_transcription.py
+++ b/frigate/data_processing/post/audio_transcription.py
@@ -131,8 +131,9 @@ class AudioTranscriptionPostProcessor(PostProcessorApi):
                },
            )

-            # Embed the description
-            self.embeddings.embed_description(event_id, transcription)
+            # Embed the description if semantic search is enabled
+            if self.config.semantic_search.enabled:
+                self.embeddings.embed_description(event_id, transcription)

        except DoesNotExist:
            logger.debug("No recording found for audio transcription post-processing")
--- a/frigate/data_processing/post/object_descriptions.py
+++ b/frigate/data_processing/post/object_descriptions.py
@@ -86,7 +86,11 @@ class ObjectDescriptionProcessor(PostProcessorApi):
                and data["id"] not in self.early_request_sent
            ):
                if data["has_clip"] and data["has_snapshot"]:
-                    event: Event = Event.get(Event.id == data["id"])
+                    try:
+                        event: Event = Event.get(Event.id == data["id"])
+                    except DoesNotExist:
+                        logger.error(f"Event {data['id']} not found")
+                        return

                    if (
                        not camera_config.objects.genai.objects
@@ -131,6 +135,8 @@ class ObjectDescriptionProcessor(PostProcessorApi):
            )
        ):
            self._process_genai_description(event, camera_config, thumbnail)
+        else:
+            self.cleanup_event(event.id)

    def __regenerate_description(self, event_id: str, source: str, force: bool) -> None:
        """Regenerate the description for an event."""
@@ -204,6 +210,17 @@ class ObjectDescriptionProcessor(PostProcessorApi):
            )
        return None

+    def cleanup_event(self, event_id: str) -> None:
+        """Clean up tracked event data to prevent memory leaks.
+
+        This should be called when an event ends, regardless of whether
+        genai processing is triggered.
+        """
+        if event_id in self.tracked_events:
+            del self.tracked_events[event_id]
+        if event_id in self.early_request_sent:
+            del self.early_request_sent[event_id]
+
    def _read_and_crop_snapshot(self, event: Event) -> bytes | None:
        """Read, decode, and crop the snapshot image."""

@@ -299,9 +316,8 @@ class ObjectDescriptionProcessor(PostProcessorApi):
            ),
        ).start()

-        # Delete tracked events based on the event_id
-        if event.id in self.tracked_events:
-            del self.tracked_events[event.id]
+        # Clean up tracked events and early request state
+        self.cleanup_event(event.id)

    def _genai_embed_description(self, event: Event, thumbnails: list[bytes]) -> None:
        """Embed the description for an event."""
--- a/frigate/data_processing/post/review_descriptions.py
+++ b/frigate/data_processing/post/review_descriptions.py
@@ -12,6 +12,7 @@ from typing import Any

 import cv2
 from peewee import DoesNotExist
+from titlecase import titlecase

 from frigate.comms.embeddings_updater import EmbeddingsRequestEnum
 from frigate.comms.inter_process import InterProcessRequestor
@@ -91,7 +92,7 @@ class ReviewDescriptionProcessor(PostProcessorApi):

        pixels_per_image = width * height
        tokens_per_image = pixels_per_image / 1250
-        prompt_tokens = 3500
+        prompt_tokens = 3800
        response_tokens = 300
        available_tokens = context_size - prompt_tokens - response_tokens
        max_frames = int(available_tokens / tokens_per_image)
@@ -208,10 +209,22 @@ class ReviewDescriptionProcessor(PostProcessorApi):
            logger.debug(
                f"Found GenAI Review Summary request for {start_ts} to {end_ts}"
            )
-            items: list[dict[str, Any]] = [
-                r["data"]["metadata"]
+
+            # Query all review segments with camera and time information
+            segments: list[dict[str, Any]] = [
+                {
+                    "camera": r["camera"].replace("_", " ").title(),
+                    "start_time": r["start_time"],
+                    "end_time": r["end_time"],
+                    "metadata": r["data"]["metadata"],
+                }
                for r in (
-                    ReviewSegment.select(ReviewSegment.data)
+                    ReviewSegment.select(
+                        ReviewSegment.camera,
+                        ReviewSegment.start_time,
+                        ReviewSegment.end_time,
+                        ReviewSegment.data,
+                    )
                    .where(
                        (ReviewSegment.data["metadata"].is_null(False))
                        & (ReviewSegment.start_time < end_ts)
@@ -223,21 +236,72 @@ class ReviewDescriptionProcessor(PostProcessorApi):
                )
            ]

-            if len(items) == 0:
+            if len(segments) == 0:
                logger.debug("No review items with metadata found during time period")
-                return "No activity was found during this time."
+                return "No activity was found during this time period."

-            important_items = list(
-                filter(
-                    lambda item: item.get("potential_threat_level", 0) > 0
-                    or item.get("other_concerns"),
-                    items,
-                )
-            )
+            # Identify primary items (important items that need review)
+            primary_segments = [
+                seg
+                for seg in segments
+                if seg["metadata"].get("potential_threat_level", 0) > 0
+                or seg["metadata"].get("other_concerns")
+            ]

-            if not important_items:
+            if not primary_segments:
                return "No concerns were found during this time period."

+            # Build hierarchical structure: each primary event with its contextual items
+            events_with_context = []
+
+            for primary_seg in primary_segments:
+                # Start building the primary event structure
+                primary_item = copy.deepcopy(primary_seg["metadata"])
+                primary_item["camera"] = primary_seg["camera"]
+                primary_item["start_time"] = primary_seg["start_time"]
+                primary_item["end_time"] = primary_seg["end_time"]
+
+                # Find overlapping contextual items from other cameras
+                primary_start = primary_seg["start_time"]
+                primary_end = primary_seg["end_time"]
+                primary_camera = primary_seg["camera"]
+                contextual_items = []
+                seen_contextual_cameras = set()
+
+                for seg in segments:
+                    seg_camera = seg["camera"]
+
+                    if seg_camera == primary_camera:
+                        continue
+
+                    if seg in primary_segments:
+                        continue
+
+                    seg_start = seg["start_time"]
+                    seg_end = seg["end_time"]
+
+                    if seg_start < primary_end and primary_start < seg_end:
+                        # Avoid duplicates if same camera has multiple overlapping segments
+                        if seg_camera not in seen_contextual_cameras:
+                            contextual_item = copy.deepcopy(seg["metadata"])
+                            contextual_item["camera"] = seg_camera
+                            contextual_item["start_time"] = seg_start
+                            contextual_item["end_time"] = seg_end
+                            contextual_items.append(contextual_item)
+                            seen_contextual_cameras.add(seg_camera)
+
+                # Add context array to primary item
+                primary_item["context"] = contextual_items
+                events_with_context.append(primary_item)
+
+            total_context_items = sum(
+                len(event.get("context", [])) for event in events_with_context
+            )
+            logger.debug(
+                f"Summary includes {len(events_with_context)} primary events with "
+                f"{total_context_items} total contextual items"
+            )
+
            if self.config.review.genai.debug_save_thumbnails:
                Path(
                    os.path.join(CLIPS_DIR, "genai-requests", f"{start_ts}-{end_ts}")
@@ -246,7 +310,8 @@ class ReviewDescriptionProcessor(PostProcessorApi):
            return self.genai_client.generate_review_summary(
                start_ts,
                end_ts,
-                important_items,
+                events_with_context,
+                self.config.review.genai.preferred_language,
                self.config.review.genai.debug_save_thumbnails,
            )
        else:
@@ -455,14 +520,14 @@ def run_analysis(

    for i, verified_label in enumerate(final_data["data"]["verified_objects"]):
        object_type = verified_label.replace("-verified", "").replace("_", " ")
-        name = sub_labels_list[i].replace("_", " ").title()
+        name = titlecase(sub_labels_list[i].replace("_", " "))
        unified_objects.append(f"{name} ({object_type})")

    for label in objects_list:
        if "-verified" in label:
            continue
        elif label in labelmap_objects:
-            object_type = label.replace("_", " ").title()
+            object_type = titlecase(label.replace("_", " "))

            if label in attribute_labels:
                unified_objects.append(f"{object_type} (delivery/service)")
--- a/frigate/data_processing/post/types.py
+++ b/frigate/data_processing/post/types.py
@@ -8,6 +8,9 @@ class ReviewMetadata(BaseModel):
    scene: str = Field(
        description="A comprehensive description of the setting and entities, including relevant context and plausible inferences if supported by visual evidence."
    )
+    shortSummary: str = Field(
+        description="A brief 2-sentence summary of the scene, suitable for notifications. Should capture the key activity and context without full detail."
+    )
    confidence: float = Field(
        description="A float between 0 and 1 representing your overall confidence in this analysis."
    )
--- a/frigate/data_processing/real_time/bird.py
+++ b/frigate/data_processing/real_time/bird.py
@@ -13,7 +13,7 @@ from frigate.comms.event_metadata_updater import (
 )
 from frigate.config import FrigateConfig
 from frigate.const import MODEL_CACHE_DIR
-from frigate.log import redirect_output_to_logger
+from frigate.log import suppress_stderr_during
 from frigate.util.object import calculate_region

 from ..types import DataProcessorMetrics
@@ -80,13 +80,14 @@ class BirdRealTimeProcessor(RealTimeProcessorApi):
        except Exception as e:
            logger.error(f"Failed to download {path}: {e}")

-    @redirect_output_to_logger(logger, logging.DEBUG)
    def __build_detector(self) -> None:
-        self.interpreter = Interpreter(
-            model_path=os.path.join(MODEL_CACHE_DIR, "bird/bird.tflite"),
-            num_threads=2,
-        )
-        self.interpreter.allocate_tensors()
+        # Suppress TFLite delegate creation messages that bypass Python logging
+        with suppress_stderr_during("tflite_interpreter_init"):
+            self.interpreter = Interpreter(
+                model_path=os.path.join(MODEL_CACHE_DIR, "bird/bird.tflite"),
+                num_threads=2,
+            )
+            self.interpreter.allocate_tensors()
        self.tensor_input_details = self.interpreter.get_input_details()
        self.tensor_output_details = self.interpreter.get_output_details()

--- a/frigate/data_processing/real_time/custom_classification.py
+++ b/frigate/data_processing/real_time/custom_classification.py
@@ -21,7 +21,7 @@ from frigate.config.classification import (
    ObjectClassificationType,
 )
 from frigate.const import CLIPS_DIR, MODEL_CACHE_DIR
-from frigate.log import redirect_output_to_logger
+from frigate.log import suppress_stderr_during
 from frigate.types import TrackedObjectUpdateTypesEnum
 from frigate.util.builtin import EventsPerSecond, InferenceSpeed, load_labels
 from frigate.util.object import box_overlaps, calculate_region
@@ -52,7 +52,7 @@ class CustomStateClassificationProcessor(RealTimeProcessorApi):
        self.requestor = requestor
        self.model_dir = os.path.join(MODEL_CACHE_DIR, self.model_config.name)
        self.train_dir = os.path.join(CLIPS_DIR, self.model_config.name, "train")
-        self.interpreter: Interpreter | None = None
+        self.interpreter: Interpreter = None
        self.tensor_input_details: dict[str, Any] | None = None
        self.tensor_output_details: dict[str, Any] | None = None
        self.labelmap: dict[int, str] = {}
@@ -72,8 +72,12 @@ class CustomStateClassificationProcessor(RealTimeProcessorApi):
        self.last_run = datetime.datetime.now().timestamp()
        self.__build_detector()

-    @redirect_output_to_logger(logger, logging.DEBUG)
    def __build_detector(self) -> None:
+        try:
+            from tflite_runtime.interpreter import Interpreter
+        except ModuleNotFoundError:
+            from tensorflow.lite.python.interpreter import Interpreter
+
        model_path = os.path.join(self.model_dir, "model.tflite")
        labelmap_path = os.path.join(self.model_dir, "labelmap.txt")

@@ -84,11 +88,13 @@ class CustomStateClassificationProcessor(RealTimeProcessorApi):
            self.labelmap = {}
            return

-        self.interpreter = Interpreter(
-            model_path=model_path,
-            num_threads=2,
-        )
-        self.interpreter.allocate_tensors()
+        # Suppress TFLite delegate creation messages that bypass Python logging
+        with suppress_stderr_during("tflite_interpreter_init"):
+            self.interpreter = Interpreter(
+                model_path=model_path,
+                num_threads=2,
+            )
+            self.interpreter.allocate_tensors()
        self.tensor_input_details = self.interpreter.get_input_details()
        self.tensor_output_details = self.interpreter.get_output_details()
        self.labelmap = load_labels(labelmap_path, prefill=0)
@@ -99,6 +105,42 @@ class CustomStateClassificationProcessor(RealTimeProcessorApi):
        if self.inference_speed:
            self.inference_speed.update(duration)

+    def _should_save_image(
+        self, camera: str, detected_state: str, score: float = 1.0
+    ) -> bool:
+        """
+        Determine if we should save the image for training.
+        Save when:
+        - State is changing or being verified (regardless of score)
+        - Score is less than 100% (even if state matches, useful for training)
+        Don't save when:
+        - State is stable (matches current_state) AND score is 100%
+        """
+        if camera not in self.state_history:
+            # First detection for this camera, save it
+            return True
+
+        verification = self.state_history[camera]
+        current_state = verification.get("current_state")
+        pending_state = verification.get("pending_state")
+
+        # Save if there's a pending state change being verified
+        if pending_state is not None:
+            return True
+
+        # Save if the detected state differs from the current verified state
+        # (state is changing)
+        if current_state is not None and detected_state != current_state:
+            return True
+
+        # If score is less than 100%, save even if state matches
+        # (useful for training to improve confidence)
+        if score < 1.0:
+            return True
+
+        # Don't save if state is stable (detected_state == current_state) AND score is 100%
+        return False
+
    def verify_state_change(self, camera: str, detected_state: str) -> str | None:
        """
        Verify state change requires 3 consecutive identical states before publishing.
@@ -188,38 +230,52 @@ class CustomStateClassificationProcessor(RealTimeProcessorApi):
        if not should_run:
            return

-        x, y, x2, y2 = calculate_region(
-            frame.shape,
-            crop[0],
-            crop[1],
-            crop[2],
-            crop[3],
-            224,
-            1.0,
-        )
-
        rgb = cv2.cvtColor(frame, cv2.COLOR_YUV2RGB_I420)
-        frame = rgb[
-            y:y2,
-            x:x2,
-        ]
+        height, width = rgb.shape[:2]

-        if frame.shape != (224, 224):
-            try:
-                resized_frame = cv2.resize(frame, (224, 224))
-            except Exception:
-                logger.warning("Failed to resize image for state classification")
-                return
+        # Convert normalized crop coordinates to pixel values
+        x1 = int(camera_config.crop[0] * width)
+        y1 = int(camera_config.crop[1] * height)
+        x2 = int(camera_config.crop[2] * width)
+        y2 = int(camera_config.crop[3] * height)
+
+        # Clip coordinates to frame boundaries
+        x1 = max(0, min(x1, width))
+        y1 = max(0, min(y1, height))
+        x2 = max(0, min(x2, width))
+        y2 = max(0, min(y2, height))
+
+        if x2 <= x1 or y2 <= y1:
+            logger.warning(
+                f"Invalid crop coordinates for {camera}: [{x1}, {y1}, {x2}, {y2}]"
+            )
+            return
+
+        frame = rgb[y1:y2, x1:x2]
+
+        try:
+            resized_frame = cv2.resize(frame, (224, 224))
+        except Exception:
+            logger.warning("Failed to resize image for state classification")
+            return

        if self.interpreter is None:
-            write_classification_attempt(
-                self.train_dir,
-                cv2.cvtColor(frame, cv2.COLOR_RGB2BGR),
-                "none-none",
-                now,
-                "unknown",
-                0.0,
-            )
+            # When interpreter is None, always save (score is 0.0, which is < 1.0)
+            if self._should_save_image(camera, "unknown", 0.0):
+                save_attempts = (
+                    self.model_config.save_attempts
+                    if self.model_config.save_attempts is not None
+                    else 100
+                )
+                write_classification_attempt(
+                    self.train_dir,
+                    cv2.cvtColor(frame, cv2.COLOR_RGB2BGR),
+                    "none-none",
+                    now,
+                    "unknown",
+                    0.0,
+                    max_files=save_attempts,
+                )
            return

        input = np.expand_dims(resized_frame, axis=0)
@@ -236,14 +292,23 @@ class CustomStateClassificationProcessor(RealTimeProcessorApi):
        score = round(probs[best_id], 2)
        self.__update_metrics(datetime.datetime.now().timestamp() - now)

-        write_classification_attempt(
-            self.train_dir,
-            cv2.cvtColor(frame, cv2.COLOR_RGB2BGR),
-            "none-none",
-            now,
-            self.labelmap[best_id],
-            score,
-        )
+        detected_state = self.labelmap[best_id]
+
+        if self._should_save_image(camera, detected_state, score):
+            save_attempts = (
+                self.model_config.save_attempts
+                if self.model_config.save_attempts is not None
+                else 100
+            )
+            write_classification_attempt(
+                self.train_dir,
+                cv2.cvtColor(frame, cv2.COLOR_RGB2BGR),
+                "none-none",
+                now,
+                detected_state,
+                score,
+                max_files=save_attempts,
+            )

        if score < self.model_config.threshold:
            logger.debug(
@@ -251,7 +316,6 @@ class CustomStateClassificationProcessor(RealTimeProcessorApi):
            )
            return

-        detected_state = self.labelmap[best_id]
        verified_state = self.verify_state_change(camera, detected_state)

        if verified_state is not None:
@@ -293,7 +357,7 @@ class CustomObjectClassificationProcessor(RealTimeProcessorApi):
        self.model_config = model_config
        self.model_dir = os.path.join(MODEL_CACHE_DIR, self.model_config.name)
        self.train_dir = os.path.join(CLIPS_DIR, self.model_config.name, "train")
-        self.interpreter: Interpreter | None = None
+        self.interpreter: Interpreter = None
        self.sub_label_publisher = sub_label_publisher
        self.requestor = requestor
        self.tensor_input_details: dict[str, Any] | None = None
@@ -314,7 +378,6 @@ class CustomObjectClassificationProcessor(RealTimeProcessorApi):

        self.__build_detector()

-    @redirect_output_to_logger(logger, logging.DEBUG)
    def __build_detector(self) -> None:
        model_path = os.path.join(self.model_dir, "model.tflite")
        labelmap_path = os.path.join(self.model_dir, "labelmap.txt")
@@ -326,11 +389,13 @@ class CustomObjectClassificationProcessor(RealTimeProcessorApi):
            self.labelmap = {}
            return

-        self.interpreter = Interpreter(
-            model_path=model_path,
-            num_threads=2,
-        )
-        self.interpreter.allocate_tensors()
+        # Suppress TFLite delegate creation messages that bypass Python logging
+        with suppress_stderr_during("tflite_interpreter_init"):
+            self.interpreter = Interpreter(
+                model_path=model_path,
+                num_threads=2,
+            )
+            self.interpreter.allocate_tensors()
        self.tensor_input_details = self.interpreter.get_input_details()
        self.tensor_output_details = self.interpreter.get_output_details()
        self.labelmap = load_labels(labelmap_path, prefill=0)
@@ -405,9 +470,6 @@ class CustomObjectClassificationProcessor(RealTimeProcessorApi):
        if obj_data.get("end_time") is not None:
            return

-        if obj_data.get("stationary"):
-            return
-
        object_id = obj_data["id"]

        if (
@@ -445,6 +507,11 @@ class CustomObjectClassificationProcessor(RealTimeProcessorApi):
                return

        if self.interpreter is None:
+            save_attempts = (
+                self.model_config.save_attempts
+                if self.model_config.save_attempts is not None
+                else 200
+            )
            write_classification_attempt(
                self.train_dir,
                cv2.cvtColor(crop, cv2.COLOR_RGB2BGR),
@@ -452,7 +519,15 @@ class CustomObjectClassificationProcessor(RealTimeProcessorApi):
                now,
                "unknown",
                0.0,
+                max_files=save_attempts,
            )
+
+            # Still track history even when model doesn't exist to respect MAX_OBJECT_CLASSIFICATIONS
+            # Add an entry with "unknown" label so the history limit is enforced
+            if object_id not in self.classification_history:
+                self.classification_history[object_id] = []
+
+            self.classification_history[object_id].append(("unknown", 0.0, now))
            return

        input = np.expand_dims(resized_crop, axis=0)
@@ -469,6 +544,11 @@ class CustomObjectClassificationProcessor(RealTimeProcessorApi):
        score = round(probs[best_id], 2)
        self.__update_metrics(datetime.datetime.now().timestamp() - now)

+        save_attempts = (
+            self.model_config.save_attempts
+            if self.model_config.save_attempts is not None
+            else 200
+        )
        write_classification_attempt(
            self.train_dir,
            cv2.cvtColor(crop, cv2.COLOR_RGB2BGR),
@@ -476,7 +556,7 @@ class CustomObjectClassificationProcessor(RealTimeProcessorApi):
            now,
            self.labelmap[best_id],
            score,
-            max_files=200,
+            max_files=save_attempts,
        )

        if score < self.model_config.threshold:
@@ -579,15 +659,15 @@ def write_classification_attempt(
    os.makedirs(folder, exist_ok=True)
    cv2.imwrite(file, frame)

-    files = sorted(
-        filter(lambda f: (f.endswith(".webp")), os.listdir(folder)),
-        key=lambda f: os.path.getctime(os.path.join(folder, f)),
-        reverse=True,
-    )
-
    # delete oldest face image if maximum is reached
    try:
+        files = sorted(
+            filter(lambda f: (f.endswith(".webp")), os.listdir(folder)),
+            key=lambda f: os.path.getctime(os.path.join(folder, f)),
+            reverse=True,
+        )
+
        if len(files) > max_files:
            os.unlink(os.path.join(folder, files[-1]))
-    except FileNotFoundError:
+    except (FileNotFoundError, OSError):
        pass
--- a/frigate/detectors/detection_runners.py
+++ b/frigate/detectors/detection_runners.py
@@ -131,6 +131,7 @@ class ONNXModelRunner(BaseModelRunner):

        return model_type in [
            EnrichmentModelTypeEnum.paddleocr.value,
+            EnrichmentModelTypeEnum.yolov9_license_plate.value,
            EnrichmentModelTypeEnum.jina_v1.value,
            EnrichmentModelTypeEnum.jina_v2.value,
            EnrichmentModelTypeEnum.facenet.value,
@@ -138,8 +139,31 @@ class ONNXModelRunner(BaseModelRunner):
            ModelTypeEnum.dfine.value,
        ]

-    def __init__(self, ort: ort.InferenceSession):
+    @staticmethod
+    def is_concurrent_model(model_type: str | None) -> bool:
+        """Check if model requires thread locking for concurrent inference.
+
+        Some models (like JinaV2) share one runner between text and vision embeddings
+        called from different threads, requiring thread synchronization.
+        """
+        if not model_type:
+            return False
+
+        # Import here to avoid circular imports
+        from frigate.embeddings.types import EnrichmentModelTypeEnum
+
+        return model_type == EnrichmentModelTypeEnum.jina_v2.value
+
+    def __init__(self, ort: ort.InferenceSession, model_type: str | None = None):
        self.ort = ort
+        self.model_type = model_type
+
+        # Thread lock to prevent concurrent inference (needed for JinaV2 which shares
+        # one runner between text and vision embeddings called from different threads)
+        if self.is_concurrent_model(model_type):
+            self._inference_lock = threading.Lock()
+        else:
+            self._inference_lock = None

    def get_input_names(self) -> list[str]:
        return [input.name for input in self.ort.get_inputs()]
@@ -149,6 +173,10 @@ class ONNXModelRunner(BaseModelRunner):
        return self.ort.get_inputs()[0].shape[3]

    def run(self, input: dict[str, Any]) -> Any | None:
+        if self._inference_lock:
+            with self._inference_lock:
+                return self.ort.run(None, input)
+
        return self.ort.run(None, input)


@@ -169,6 +197,7 @@ class CudaGraphRunner(BaseModelRunner):

        return model_type not in [
            ModelTypeEnum.yolonas.value,
+            ModelTypeEnum.dfine.value,
            EnrichmentModelTypeEnum.paddleocr.value,
            EnrichmentModelTypeEnum.jina_v1.value,
            EnrichmentModelTypeEnum.jina_v2.value,
@@ -574,5 +603,6 @@ def get_optimized_runner(
            ),
            providers=providers,
            provider_options=options,
-        )
+        ),
+        model_type=model_type,
    )
--- a/frigate/detectors/plugins/cpu_tfl.py
+++ b/frigate/detectors/plugins/cpu_tfl.py
@@ -5,7 +5,7 @@ from typing_extensions import Literal

 from frigate.detectors.detection_api import DetectionApi
 from frigate.detectors.detector_config import BaseDetectorConfig
-from frigate.log import redirect_output_to_logger
+from frigate.log import suppress_stderr_during

 from ..detector_utils import tflite_detect_raw, tflite_init

@@ -28,12 +28,13 @@ class CpuDetectorConfig(BaseDetectorConfig):
 class CpuTfl(DetectionApi):
    type_key = DETECTOR_KEY

-    @redirect_output_to_logger(logger, logging.DEBUG)
    def __init__(self, detector_config: CpuDetectorConfig):
-        interpreter = Interpreter(
-            model_path=detector_config.model.path,
-            num_threads=detector_config.num_threads or 3,
-        )
+        # Suppress TFLite delegate creation messages that bypass Python logging
+        with suppress_stderr_during("tflite_interpreter_init"):
+            interpreter = Interpreter(
+                model_path=detector_config.model.path,
+                num_threads=detector_config.num_threads or 3,
+            )

        tflite_init(self, interpreter)

--- a/frigate/detectors/plugins/edgetpu_tfl.py
+++ b/frigate/detectors/plugins/edgetpu_tfl.py
@@ -1,19 +1,20 @@
 import logging
+import math
 import os

+import cv2
 import numpy as np
 from pydantic import Field
 from typing_extensions import Literal

 from frigate.detectors.detection_api import DetectionApi
-from frigate.detectors.detector_config import BaseDetectorConfig
+from frigate.detectors.detector_config import BaseDetectorConfig, ModelTypeEnum

 try:
    from tflite_runtime.interpreter import Interpreter, load_delegate
 except ModuleNotFoundError:
    from tensorflow.lite.python.interpreter import Interpreter, load_delegate

-
 logger = logging.getLogger(__name__)

 DETECTOR_KEY = "edgetpu"
@@ -26,6 +27,10 @@ class EdgeTpuDetectorConfig(BaseDetectorConfig):

 class EdgeTpuTfl(DetectionApi):
    type_key = DETECTOR_KEY
+    supported_models = [
+        ModelTypeEnum.ssd,
+        ModelTypeEnum.yologeneric,
+    ]

    def __init__(self, detector_config: EdgeTpuDetectorConfig):
        device_config = {}
@@ -63,31 +68,294 @@ class EdgeTpuTfl(DetectionApi):

        self.tensor_input_details = self.interpreter.get_input_details()
        self.tensor_output_details = self.interpreter.get_output_details()
+        self.model_width = detector_config.model.width
+        self.model_height = detector_config.model.height
+
+        self.min_score = 0.4
+        self.max_detections = 20
+
        self.model_type = detector_config.model.model_type
+        self.model_requires_int8 = self.tensor_input_details[0]["dtype"] == np.int8
+
+        if self.model_type == ModelTypeEnum.yologeneric:
+            logger.debug("Using YOLO preprocessing/postprocessing")
+
+            if len(self.tensor_output_details) not in [2, 3]:
+                logger.error(
+                    f"Invalid count of output tensors in YOLO model. Found {len(self.tensor_output_details)}, expecting 2 or 3."
+                )
+                raise
+
+            self.reg_max = 16  # = 64 dfl_channels // 4 # YOLO standard
+            self.min_logit_value = np.log(
+                self.min_score / (1 - self.min_score)
+            )  # for filtering
+            self._generate_anchors_and_strides()  # decode bounding box DFL
+            self.project = np.arange(
+                self.reg_max, dtype=np.float32
+            )  # for decoding bounding box DFL information
+
+            # Determine YOLO tensor indices and quantization scales for
+            # boxes and class_scores the tensor ordering and names are
+            # not reliable, so use tensor shape to detect which tensor
+            # holds boxes or class scores.
+            # The tensors have shapes (B, N, C)
+            # where N is the number of candidates (=2100 for 320x320)
+            # this may guess wrong if the number of classes is exactly 64
+            output_boxes_index = None
+            output_classes_index = None
+            for i, x in enumerate(self.tensor_output_details):
+                # the nominal index seems to start at 1 instead of 0
+                if len(x["shape"]) == 3 and x["shape"][2] == 64:
+                    output_boxes_index = i
+                elif len(x["shape"]) == 3 and x["shape"][2] > 1:
+                    # require the number of classes to be more than 1
+                    # to differentiate from (not used) max score tensor
+                    output_classes_index = i
+            if output_boxes_index is None or output_classes_index is None:
+                logger.warning("Unrecognized model output, unexpected tensor shapes.")
+                output_classes_index = (
+                    0
+                    if (output_boxes_index is None or output_classes_index == 1)
+                    else 1
+                )  # 0 is default guess
+                output_boxes_index = 1 if (output_boxes_index == 0) else 0
+
+            scores_details = self.tensor_output_details[output_classes_index]
+            self.scores_tensor_index = scores_details["index"]
+            self.scores_scale, self.scores_zero_point = scores_details["quantization"]
+            # calculate the quantized version of the min_score
+            self.min_score_quantized = int(
+                (self.min_logit_value / self.scores_scale) + self.scores_zero_point
+            )
+            self.logit_shift_to_positive_values = (
+                max(0, math.ceil((128 + self.scores_zero_point) * self.scores_scale))
+                + 1
+            )  # round up
+
+            boxes_details = self.tensor_output_details[output_boxes_index]
+            self.boxes_tensor_index = boxes_details["index"]
+            self.boxes_scale, self.boxes_zero_point = boxes_details["quantization"]
+
+        elif self.model_type == ModelTypeEnum.ssd:
+            logger.debug("Using SSD preprocessing/postprocessing")
+
+            # SSD model indices (4 outputs: boxes, class_ids, scores, count)
+            for x in self.tensor_output_details:
+                if len(x["shape"]) == 3:
+                    self.output_boxes_index = x["index"]
+                elif len(x["shape"]) == 1:
+                    self.output_count_index = x["index"]
+
+            self.output_class_ids_index = None
+            self.output_class_scores_index = None
+
+        else:
+            raise Exception(
+                f"{self.model_type} is currently not supported for edgetpu. See the docs for more info on supported models."
+            )
+
+    def _generate_anchors_and_strides(self):
+        # for decoding the bounding box DFL information into xy coordinates
+        all_anchors = []
+        all_strides = []
+        strides = (8, 16, 32)  # YOLO's small, medium, large detection heads
+
+        for stride in strides:
+            feat_h, feat_w = self.model_height // stride, self.model_width // stride
+
+            grid_y, grid_x = np.meshgrid(
+                np.arange(feat_h, dtype=np.float32),
+                np.arange(feat_w, dtype=np.float32),
+                indexing="ij",
+            )
+
+            grid_coords = np.stack((grid_x.flatten(), grid_y.flatten()), axis=1)
+            anchor_points = grid_coords + 0.5
+
+            all_anchors.append(anchor_points)
+            all_strides.append(np.full((feat_h * feat_w, 1), stride, dtype=np.float32))
+
+        self.anchors = np.concatenate(all_anchors, axis=0)
+        self.anchor_strides = np.concatenate(all_strides, axis=0)
+
+    def determine_indexes_for_non_yolo_models(self):
+        """Legacy method for SSD models."""
+        if (
+            self.output_class_ids_index is None
+            or self.output_class_scores_index is None
+        ):
+            for i in range(4):
+                index = self.tensor_output_details[i]["index"]
+                if (
+                    index != self.output_boxes_index
+                    and index != self.output_count_index
+                ):
+                    if (
+                        np.mod(np.float32(self.interpreter.tensor(index)()[0][0]), 1)
+                        == 0.0
+                    ):
+                        self.output_class_ids_index = index
+                    else:
+                        self.output_scores_index = index
+
+    def pre_process(self, tensor_input):
+        if self.model_requires_int8:
+            tensor_input = np.bitwise_xor(tensor_input, 128).view(
+                np.int8
+            )  # shift by -128
+        return tensor_input

    def detect_raw(self, tensor_input):
+        tensor_input = self.pre_process(tensor_input)
+
        self.interpreter.set_tensor(self.tensor_input_details[0]["index"], tensor_input)
        self.interpreter.invoke()

-        boxes = self.interpreter.tensor(self.tensor_output_details[0]["index"])()[0]
-        class_ids = self.interpreter.tensor(self.tensor_output_details[1]["index"])()[0]
-        scores = self.interpreter.tensor(self.tensor_output_details[2]["index"])()[0]
-        count = int(
-            self.interpreter.tensor(self.tensor_output_details[3]["index"])()[0]
-        )
+        if self.model_type == ModelTypeEnum.yologeneric:
+            # Multi-tensor YOLO model with (non-standard B(H*W)C output format).
+            # (the comments indicate the shape of tensors,
+            # using "2100" as the anchor count (for image size of 320x320),
+            # "NC" as number of classes,
+            # "N" as the count that survive after min-score filtering)
+            # TENSOR A) class scores (1, 2100, NC) with logit values
+            # TENSOR B) box coordinates (1, 2100, 64) encoded as dfl scores
+            # Recommend that the model clamp the logit values in tensor (A)
+            # to the range [-4,+4] to preserve precision from [2%,98%]
+            # and because NMS requires the min_score parameter to be >= 0

-        detections = np.zeros((20, 6), np.float32)
+            # don't dequantize scores data yet, wait until the low-confidence
+            # candidates are filtered out from the overall result set.
+            # This reduces the work and makes post-processing faster.
+            # this method works with raw quantized numbers when possible,
+            # which relies on the value of the scale factor to be >0.
+            # This speeds up max and argmax operations.
+            # Get max confidence for each detection and create the mask
+            detections = np.zeros(
+                (self.max_detections, 6), np.float32
+            )  # initialize zero results
+            scores_output_quantized = self.interpreter.get_tensor(
+                self.scores_tensor_index
+            )[0]  # (2100, NC)
+            max_scores_quantized = np.max(scores_output_quantized, axis=1)  # (2100,)
+            mask = max_scores_quantized >= self.min_score_quantized  # (2100,)

-        for i in range(count):
-            if scores[i] < 0.4 or i == 20:
-                break
-            detections[i] = [
-                class_ids[i],
-                float(scores[i]),
-                boxes[i][0],
-                boxes[i][1],
-                boxes[i][2],
-                boxes[i][3],
+            if not np.any(mask):
+                return detections  # empty results
+
+            max_scores_filtered_shiftedpositive = (
+                (max_scores_quantized[mask] - self.scores_zero_point)
+                * self.scores_scale
+            ) + self.logit_shift_to_positive_values  # (N,1) shifted logit values
+            scores_output_quantized_filtered = scores_output_quantized[mask]
+
+            # dequantize boxes. NMS needs them to be in float format
+            # remove candidates with probabilities < threshold
+            boxes_output_quantized_filtered = (
+                self.interpreter.get_tensor(self.boxes_tensor_index)[0]
+            )[mask]  # (N, 64)
+            boxes_output_filtered = (
+                boxes_output_quantized_filtered.astype(np.float32)
+                - self.boxes_zero_point
+            ) * self.boxes_scale
+
+            # 2. Decode DFL to distances (ltrb)
+            dfl_distributions = boxes_output_filtered.reshape(
+                -1, 4, self.reg_max
+            )  # (N, 4, 16)
+
+            # Softmax over the 16 bins
+            dfl_max = np.max(dfl_distributions, axis=2, keepdims=True)
+            dfl_exp = np.exp(dfl_distributions - dfl_max)
+            dfl_probs = dfl_exp / np.sum(dfl_exp, axis=2, keepdims=True)  # (N, 4, 16)
+
+            # Weighted sum: (N, 4, 16) * (16,) -> (N, 4)
+            distances = np.einsum("pcr,r->pc", dfl_probs, self.project)
+
+            # Calculate box corners in pixel coordinates
+            anchors_filtered = self.anchors[mask]
+            anchor_strides_filtered = self.anchor_strides[mask]
+            x1y1 = (
+                anchors_filtered - distances[:, [0, 1]]
+            ) * anchor_strides_filtered  # (N, 2)
+            x2y2 = (
+                anchors_filtered + distances[:, [2, 3]]
+            ) * anchor_strides_filtered  # (N, 2)
+            boxes_filtered_decoded = np.concatenate((x1y1, x2y2), axis=-1)  # (N, 4)
+
+            # 9. Apply NMS. Use logit scores here to defer sigmoid()
+            # until after filtering out redundant boxes
+            # Shift the logit scores to be non-negative (required by cv2)
+            indices = cv2.dnn.NMSBoxes(
+                bboxes=boxes_filtered_decoded,
+                scores=max_scores_filtered_shiftedpositive,
+                score_threshold=(
+                    self.min_logit_value + self.logit_shift_to_positive_values
+                ),
+                nms_threshold=0.4,  # should this be a model config setting?
+            )
+            num_detections = len(indices)
+            if num_detections == 0:
+                return detections  # empty results
+
+            nms_indices = np.array(indices, dtype=np.int32).ravel()  # or .flatten()
+            if num_detections > self.max_detections:
+                nms_indices = nms_indices[: self.max_detections]
+                num_detections = self.max_detections
+            kept_logits_quantized = scores_output_quantized_filtered[nms_indices]
+            class_ids_post_nms = np.argmax(kept_logits_quantized, axis=1)
+
+            # Extract the final boxes and scores using fancy indexing
+            final_boxes = boxes_filtered_decoded[nms_indices]
+            final_scores_logits = (
+                max_scores_filtered_shiftedpositive[nms_indices]
+                - self.logit_shift_to_positive_values
+            )  # Unshifted logits
+
+            # Detections array format: [class_id, score, ymin, xmin, ymax, xmax]
+            detections[:num_detections, 0] = class_ids_post_nms
+            detections[:num_detections, 1] = 1.0 / (
+                1.0 + np.exp(-final_scores_logits)
+            )  # sigmoid
+            detections[:num_detections, 2] = final_boxes[:, 1] / self.model_height
+            detections[:num_detections, 3] = final_boxes[:, 0] / self.model_width
+            detections[:num_detections, 4] = final_boxes[:, 3] / self.model_height
+            detections[:num_detections, 5] = final_boxes[:, 2] / self.model_width
+            return detections
+
+        elif self.model_type == ModelTypeEnum.ssd:
+            self.determine_indexes_for_non_yolo_models()
+            boxes = self.interpreter.tensor(self.tensor_output_details[0]["index"])()[0]
+            class_ids = self.interpreter.tensor(
+                self.tensor_output_details[1]["index"]
+            )()[0]
+            scores = self.interpreter.tensor(self.tensor_output_details[2]["index"])()[
+                0
            ]
+            count = int(
+                self.interpreter.tensor(self.tensor_output_details[3]["index"])()[0]
+            )

-        return detections
+            detections = np.zeros((self.max_detections, 6), np.float32)
+
+            for i in range(count):
+                if scores[i] < self.min_score:
+                    break
+                if i == self.max_detections:
+                    logger.debug(f"Too many detections ({count})!")
+                    break
+                detections[i] = [
+                    class_ids[i],
+                    float(scores[i]),
+                    boxes[i][0],
+                    boxes[i][1],
+                    boxes[i][2],
+                    boxes[i][3],
+                ]
+
+            return detections
+
+        else:
+            raise Exception(
+                f"{self.model_type} is currently not supported for edgetpu. See the docs for more info on supported models."
+            )
--- a/frigate/detectors/plugins/memryx.py
+++ b/frigate/detectors/plugins/memryx.py
@@ -2,7 +2,6 @@ import glob
 import logging
 import os
 import shutil
-import time
 import urllib.request
 import zipfile
 from queue import Queue
@@ -55,6 +54,9 @@ class MemryXDetector(DetectionApi):
            )
            return

+        # Initialize stop_event as None, will be set later by set_stop_event()
+        self.stop_event = None
+
        model_cfg = getattr(detector_config, "model", None)

        # Check if model_type was explicitly set by the user
@@ -363,26 +365,43 @@ class MemryXDetector(DetectionApi):
    def process_input(self):
        """Input callback function: wait for frames in the input queue, preprocess, and send to MX3 (return)"""
        while True:
+            # Check if shutdown is requested
+            if self.stop_event and self.stop_event.is_set():
+                logger.debug("[process_input] Stop event detected, returning None")
+                return None
            try:
-                # Wait for a frame from the queue (blocking call)
-                frame = self.capture_queue.get(
-                    block=True
-                )  # Blocks until data is available
+                # Wait for a frame from the queue with timeout to check stop_event periodically
+                frame = self.capture_queue.get(block=True, timeout=0.5)

                return frame

            except Exception as e:
-                logger.info(f"[process_input] Error processing input: {e}")
-                time.sleep(0.1)  # Prevent busy waiting in case of error
+                # Silently handle queue.Empty timeouts (expected during normal operation)
+                # Log any other unexpected exceptions
+                if "Empty" not in str(type(e).__name__):
+                    logger.warning(f"[process_input] Unexpected error: {e}")
+                # Loop continues and will check stop_event at the top

    def receive_output(self):
        """Retrieve processed results from MemryX output queue + a copy of the original frame"""
-        connection_id = (
-            self.capture_id_queue.get()
-        )  # Get the corresponding connection ID
-        detections = self.output_queue.get()  # Get detections from MemryX
+        try:
+            # Get connection ID with timeout
+            connection_id = self.capture_id_queue.get(
+                block=True, timeout=1.0
+            )  # Get the corresponding connection ID
+            detections = self.output_queue.get()  # Get detections from MemryX

-        return connection_id, detections
+            return connection_id, detections
+
+        except Exception as e:
+            # On timeout or stop event, return None
+            if self.stop_event and self.stop_event.is_set():
+                logger.debug("[receive_output] Stop event detected, exiting")
+            # Silently handle queue.Empty timeouts, they're expected during normal operation
+            elif "Empty" not in str(type(e).__name__):
+                logger.warning(f"[receive_output] Error receiving output: {e}")
+
+            return None, None

    def post_process_yolonas(self, output):
        predictions = output[0]
@@ -831,6 +850,19 @@ class MemryXDetector(DetectionApi):
                f"{self.memx_model_type} is currently not supported for memryx. See the docs for more info on supported models."
            )

+    def set_stop_event(self, stop_event):
+        """Set the stop event for graceful shutdown."""
+        self.stop_event = stop_event
+
+    def shutdown(self):
+        """Gracefully shutdown the MemryX accelerator"""
+        try:
+            if hasattr(self, "accl") and self.accl is not None:
+                self.accl.shutdown()
+                logger.info("MemryX accelerator shutdown complete")
+        except Exception as e:
+            logger.error(f"Error during MemryX shutdown: {e}")
+
    def detect_raw(self, tensor_input: np.ndarray):
        """Removed synchronous detect_raw() function so that we only use async"""
        return 0
--- a/frigate/detectors/plugins/rknn.py
+++ b/frigate/detectors/plugins/rknn.py
@@ -8,7 +8,7 @@ import cv2
 import numpy as np
 from pydantic import Field

-from frigate.const import MODEL_CACHE_DIR
+from frigate.const import MODEL_CACHE_DIR, SUPPORTED_RK_SOCS
 from frigate.detectors.detection_api import DetectionApi
 from frigate.detectors.detection_runners import RKNNModelRunner
 from frigate.detectors.detector_config import BaseDetectorConfig, ModelTypeEnum
@@ -19,8 +19,6 @@ logger = logging.getLogger(__name__)

 DETECTOR_KEY = "rknn"

-supported_socs = ["rk3562", "rk3566", "rk3568", "rk3576", "rk3588"]
-
 supported_models = {
    ModelTypeEnum.yologeneric: "^frigate-fp16-yolov9-[cemst]$",
    ModelTypeEnum.yolonas: "^deci-fp16-yolonas_[sml]$",
@@ -82,9 +80,9 @@ class Rknn(DetectionApi):
        except FileNotFoundError:
            raise Exception("Make sure to run docker in privileged mode.")

-        if soc not in supported_socs:
+        if soc not in SUPPORTED_RK_SOCS:
            raise Exception(
-                f"Your SoC is not supported. Your SoC is: {soc}. Currently these SoCs are supported: {supported_socs}."
+                f"Your SoC is not supported. Your SoC is: {soc}. Currently these SoCs are supported: {SUPPORTED_RK_SOCS}."
            )

        return soc
--- a/frigate/embeddings/embeddings.py
+++ b/frigate/embeddings/embeddings.py
@@ -12,9 +12,6 @@ from peewee import DoesNotExist, IntegrityError
 from PIL import Image
 from playhouse.shortcuts import model_to_dict

-from frigate.comms.embeddings_updater import (
-    EmbeddingsRequestEnum,
-)
 from frigate.comms.inter_process import InterProcessRequestor
 from frigate.config import FrigateConfig
 from frigate.config.classification import SemanticSearchModelEnum
@@ -495,44 +492,49 @@ class Embeddings:
                        or thumbnail_missing
                    ):
                        existing_trigger.embedding = self._calculate_trigger_embedding(
-                            trigger
+                            trigger, trigger_name, camera.name
                        )
                        needs_embedding_update = True

                    if needs_embedding_update:
                        existing_trigger.save()
+                    continue
                else:
                    # Create new trigger
                    try:
-                        try:
-                            event: Event = Event.get(Event.id == trigger.data)
-                        except DoesNotExist:
-                            logger.warning(
-                                f"Event ID {trigger.data} for trigger {trigger_name} does not exist."
+                        # For thumbnail triggers, validate the event exists
+                        if trigger.type == "thumbnail":
+                            try:
+                                event: Event = Event.get(Event.id == trigger.data)
+                            except DoesNotExist:
+                                logger.warning(
+                                    f"Event ID {trigger.data} for trigger {trigger_name} does not exist."
+                                )
+                                continue
+
+                            # Skip the event if not an object
+                            if event.data.get("type") != "object":
+                                logger.warning(
+                                    f"Event ID {trigger.data} for trigger {trigger_name} is not a tracked object."
+                                )
+                                continue
+
+                            thumbnail = get_event_thumbnail_bytes(event)
+
+                            if not thumbnail:
+                                logger.warning(
+                                    f"Unable to retrieve thumbnail for event ID {trigger.data} for {trigger_name}."
+                                )
+                                continue
+
+                            self.write_trigger_thumbnail(
+                                camera.name, trigger.data, thumbnail
                            )
-                            continue
-
-                        # Skip the event if not an object
-                        if event.data.get("type") != "object":
-                            logger.warning(
-                                f"Event ID {trigger.data} for trigger {trigger_name} is not a tracked object."
-                            )
-                            continue
-
-                        thumbnail = get_event_thumbnail_bytes(event)
-
-                        if not thumbnail:
-                            logger.warning(
-                                f"Unable to retrieve thumbnail for event ID {trigger.data} for {trigger_name}."
-                            )
-                            continue
-
-                        self.write_trigger_thumbnail(
-                            camera.name, trigger.data, thumbnail
-                        )

                        # Calculate embedding for new trigger
-                        embedding = self._calculate_trigger_embedding(trigger)
+                        embedding = self._calculate_trigger_embedding(
+                            trigger, trigger_name, camera.name
+                        )

                        Trigger.create(
                            camera=camera.name,
@@ -558,7 +560,11 @@ class Embeddings:
                    Trigger.camera == camera.name, Trigger.name.in_(triggers_to_remove)
                ).execute()
                for trigger_name in triggers_to_remove:
-                    self.remove_trigger_thumbnail(camera.name, trigger_name)
+                    # Only remove thumbnail files for thumbnail triggers
+                    if existing_triggers[trigger_name].type == "thumbnail":
+                        self.remove_trigger_thumbnail(
+                            camera.name, existing_triggers[trigger_name].data
+                        )

    def write_trigger_thumbnail(
        self, camera: str, event_id: str, thumbnail: bytes
@@ -588,14 +594,13 @@ class Embeddings:
                f"Failed to delete thumbnail for trigger with data {event_id} in {camera}: {e}"
            )

-    def _calculate_trigger_embedding(self, trigger) -> bytes:
+    def _calculate_trigger_embedding(
+        self, trigger, trigger_name: str, camera_name: str
+    ) -> bytes:
        """Calculate embedding for a trigger based on its type and data."""
        if trigger.type == "description":
-            logger.debug(f"Generating embedding for trigger description {trigger.name}")
-            embedding = self.requestor.send_data(
-                EmbeddingsRequestEnum.embed_description.value,
-                {"id": None, "description": trigger.data, "upsert": False},
-            )
+            logger.debug(f"Generating embedding for trigger description {trigger_name}")
+            embedding = self.embed_description(None, trigger.data, upsert=False)
            return embedding.astype(np.float32).tobytes()

        elif trigger.type == "thumbnail":
@@ -615,28 +620,21 @@ class Embeddings:

                try:
                    with open(
-                        os.path.join(
-                            TRIGGER_DIR, trigger.camera, f"{trigger.data}.webp"
-                        ),
+                        os.path.join(TRIGGER_DIR, camera_name, f"{trigger.data}.webp"),
                        "rb",
                    ) as f:
                        thumbnail = f.read()
                except Exception as e:
                    logger.error(
-                        f"Failed to read thumbnail for trigger {trigger.name} with ID {trigger.data}: {e}"
+                        f"Failed to read thumbnail for trigger {trigger_name} with ID {trigger.data}: {e}"
                    )
                    return b""

                logger.debug(
-                    f"Generating embedding for trigger thumbnail {trigger.name} with ID {trigger.data}"
+                    f"Generating embedding for trigger thumbnail {trigger_name} with ID {trigger.data}"
                )
-                embedding = self.requestor.send_data(
-                    EmbeddingsRequestEnum.embed_thumbnail.value,
-                    {
-                        "id": str(trigger.data),
-                        "thumbnail": str(thumbnail),
-                        "upsert": False,
-                    },
+                embedding = self.embed_thumbnail(
+                    str(trigger.data), thumbnail, upsert=False
                )
                return embedding.astype(np.float32).tobytes()

--- a/frigate/embeddings/maintainer.py
+++ b/frigate/embeddings/maintainer.py
@@ -203,7 +203,9 @@ class EmbeddingMaintainer(threading.Thread):
        # post processors
        self.post_processors: list[PostProcessorApi] = []

-        if any(c.review.genai.enabled_in_config for c in self.config.cameras.values()):
+        if self.genai_client is not None and any(
+            c.review.genai.enabled_in_config for c in self.config.cameras.values()
+        ):
            self.post_processors.append(
                ReviewDescriptionProcessor(
                    self.config, self.requestor, self.metrics, self.genai_client
@@ -244,7 +246,9 @@ class EmbeddingMaintainer(threading.Thread):
            )
            self.post_processors.append(semantic_trigger_processor)

-        if any(c.objects.genai.enabled_in_config for c in self.config.cameras.values()):
+        if self.genai_client is not None and any(
+            c.objects.genai.enabled_in_config for c in self.config.cameras.values()
+        ):
            self.post_processors.append(
                ObjectDescriptionProcessor(
                    self.config,
@@ -522,6 +526,8 @@ class EmbeddingMaintainer(threading.Thread):
                    )
                elif isinstance(processor, ObjectDescriptionProcessor):
                    if not updated_db:
+                        # Still need to cleanup tracked events even if not processing
+                        processor.cleanup_event(event_id)
                        continue

                    processor.process_data(
@@ -627,7 +633,7 @@ class EmbeddingMaintainer(threading.Thread):

        camera, frame_name, _, _, motion_boxes, _ = data

-        if not camera or len(motion_boxes) == 0:
+        if not camera or len(motion_boxes) == 0 or camera not in self.config.cameras:
            return

        camera_config = self.config.cameras[camera]
--- a/frigate/embeddings/onnx/face_embedding.py
+++ b/frigate/embeddings/onnx/face_embedding.py
@@ -8,7 +8,7 @@ import numpy as np
 from frigate.const import MODEL_CACHE_DIR
 from frigate.detectors.detection_runners import get_optimized_runner
 from frigate.embeddings.types import EnrichmentModelTypeEnum
-from frigate.log import redirect_output_to_logger
+from frigate.log import suppress_stderr_during
 from frigate.util.downloader import ModelDownloader

 from ...config import FaceRecognitionConfig
@@ -57,17 +57,18 @@ class FaceNetEmbedding(BaseEmbedding):
            self._load_model_and_utils()
            logger.debug(f"models are already downloaded for {self.model_name}")

-    @redirect_output_to_logger(logger, logging.DEBUG)
    def _load_model_and_utils(self):
        if self.runner is None:
            if self.downloader:
                self.downloader.wait_for_download()

-            self.runner = Interpreter(
-                model_path=os.path.join(MODEL_CACHE_DIR, "facedet/facenet.tflite"),
-                num_threads=2,
-            )
-            self.runner.allocate_tensors()
+            # Suppress TFLite delegate creation messages that bypass Python logging
+            with suppress_stderr_during("tflite_interpreter_init"):
+                self.runner = Interpreter(
+                    model_path=os.path.join(MODEL_CACHE_DIR, "facedet/facenet.tflite"),
+                    num_threads=2,
+                )
+                self.runner.allocate_tensors()
            self.tensor_input_details = self.runner.get_input_details()
            self.tensor_output_details = self.runner.get_output_details()

--- a/frigate/embeddings/onnx/jina_v1_embedding.py
+++ b/frigate/embeddings/onnx/jina_v1_embedding.py
@@ -186,6 +186,9 @@ class JinaV1ImageEmbedding(BaseEmbedding):
                download_func=self._download_model,
            )
            self.downloader.ensure_model_files()
+            # Avoid lazy loading in worker threads: block until downloads complete
+            # and load the model on the main thread during initialization.
+            self._load_model_and_utils()
        else:
            self.downloader = None
            ModelDownloader.mark_files_state(
--- a/frigate/embeddings/onnx/jina_v2_embedding.py
+++ b/frigate/embeddings/onnx/jina_v2_embedding.py
@@ -3,6 +3,7 @@
 import io
 import logging
 import os
+import threading

 import numpy as np
 from PIL import Image
@@ -53,6 +54,11 @@ class JinaV2Embedding(BaseEmbedding):
        self.tokenizer = None
        self.image_processor = None
        self.runner = None
+
+        # Lock to prevent concurrent calls (text and vision share this instance)
+        self._call_lock = threading.Lock()
+
+        # download the model and tokenizer
        files_names = list(self.download_urls.keys()) + [self.tokenizer_file]
        if not all(
            os.path.exists(os.path.join(self.download_path, n)) for n in files_names
@@ -65,6 +71,9 @@ class JinaV2Embedding(BaseEmbedding):
                download_func=self._download_model,
            )
            self.downloader.ensure_model_files()
+            # Avoid lazy loading in worker threads: block until downloads complete
+            # and load the model on the main thread during initialization.
+            self._load_model_and_utils()
        else:
            self.downloader = None
            ModelDownloader.mark_files_state(
@@ -197,37 +206,40 @@ class JinaV2Embedding(BaseEmbedding):
    def __call__(
        self, inputs: list[str] | list[Image.Image] | list[str], embedding_type=None
    ) -> list[np.ndarray]:
-        self.embedding_type = embedding_type
-        if not self.embedding_type:
-            raise ValueError(
-                "embedding_type must be specified either in __init__ or __call__"
-            )
+        # Lock the entire call to prevent race conditions when text and vision
+        # embeddings are called concurrently from different threads
+        with self._call_lock:
+            self.embedding_type = embedding_type
+            if not self.embedding_type:
+                raise ValueError(
+                    "embedding_type must be specified either in __init__ or __call__"
+                )

-        self._load_model_and_utils()
-        processed = self._preprocess_inputs(inputs)
-        batch_size = len(processed)
+            self._load_model_and_utils()
+            processed = self._preprocess_inputs(inputs)
+            batch_size = len(processed)

-        # Prepare ONNX inputs with matching batch sizes
-        onnx_inputs = {}
-        if self.embedding_type == "text":
-            onnx_inputs["input_ids"] = np.stack([x[0] for x in processed])
-            onnx_inputs["pixel_values"] = np.zeros(
-                (batch_size, 3, 512, 512), dtype=np.float32
-            )
-        elif self.embedding_type == "vision":
-            onnx_inputs["input_ids"] = np.zeros((batch_size, 16), dtype=np.int64)
-            onnx_inputs["pixel_values"] = np.stack([x[0] for x in processed])
-        else:
-            raise ValueError("Invalid embedding type")
+            # Prepare ONNX inputs with matching batch sizes
+            onnx_inputs = {}
+            if self.embedding_type == "text":
+                onnx_inputs["input_ids"] = np.stack([x[0] for x in processed])
+                onnx_inputs["pixel_values"] = np.zeros(
+                    (batch_size, 3, 512, 512), dtype=np.float32
+                )
+            elif self.embedding_type == "vision":
+                onnx_inputs["input_ids"] = np.zeros((batch_size, 16), dtype=np.int64)
+                onnx_inputs["pixel_values"] = np.stack([x[0] for x in processed])
+            else:
+                raise ValueError("Invalid embedding type")

-        # Run inference
-        outputs = self.runner.run(onnx_inputs)
-        if self.embedding_type == "text":
-            embeddings = outputs[2]  # text embeddings
-        elif self.embedding_type == "vision":
-            embeddings = outputs[3]  # image embeddings
-        else:
-            raise ValueError("Invalid embedding type")
+            # Run inference
+            outputs = self.runner.run(onnx_inputs)
+            if self.embedding_type == "text":
+                embeddings = outputs[2]  # text embeddings
+            elif self.embedding_type == "vision":
+                embeddings = outputs[3]  # image embeddings
+            else:
+                raise ValueError("Invalid embedding type")

-        embeddings = self._postprocess_outputs(embeddings)
-        return [embedding for embedding in embeddings]
+            embeddings = self._postprocess_outputs(embeddings)
+            return [embedding for embedding in embeddings]
--- a/Show More
+++ b/Show More