chore(deps): bump actions/checkout from 4 to 6

Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/workflows/aether-arena-harness.yml

@@ -32,7 +32,7 @@ jobs:
       run:
         working-directory: v2
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Install Rust toolchain
         run: rustup show && rustc --version

.github/workflows/bfld-mqtt-integration.yml

@@ -52,7 +52,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Install Rust toolchain
         uses: dtolnay/rust-toolchain@stable

.github/workflows/cd.yml

@@ -41,7 +41,7 @@ jobs:
       image_tag: ${{ steps.determine-tag.outputs.tag }}
     steps:
     - name: Checkout code
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
 
     - name: Determine deployment environment
       id: determine-env
@@ -85,7 +85,7 @@ jobs:
       url: https://staging.wifi-densepose.com
     steps:
     - name: Checkout code
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
 
     - name: Set up kubectl
       uses: azure/setup-kubectl@v3
@@ -131,7 +131,7 @@ jobs:
       url: https://wifi-densepose.com
     steps:
     - name: Checkout code
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
 
     - name: Set up kubectl
       uses: azure/setup-kubectl@v3

.github/workflows/ci.yml

@@ -27,7 +27,7 @@ jobs:
     steps:
     - name: Checkout code
       continue-on-error: true
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
       with:
         fetch-depth: 0
 
@@ -81,7 +81,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout code
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
 
     # `wifi-densepose-desktop` is a Tauri v2 app — `glib-sys`, `gtk-sys`,
     # `webkit2gtk-sys`, etc. need the Linux dev libraries via pkg-config or the
@@ -188,7 +188,7 @@ jobs:
     steps:
     - name: Checkout code
       continue-on-error: true
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
 
     - name: Set up Python ${{ matrix.python-version }}
       continue-on-error: true
@@ -253,7 +253,7 @@ jobs:
     if: github.event_name == 'push' && github.ref == 'refs/heads/main'
     steps:
     - name: Checkout code
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
 
     - name: Set up Python
       uses: actions/setup-python@v6
@@ -267,36 +267,28 @@ jobs:
         pip install -r requirements.txt
         pip install pytest   # the perf suite is pytest, not locust
 
-    # No "Start application" step: the gated test (test_frame_budget.py) drives
-    # the CSIProcessor pipeline in-process and makes no HTTP calls, so the old
-    # uvicorn server + `sleep 10` were dead weight — they only existed for the
-    # now-excluded api_throughput/inference_speed tests, and on every run dumped
-    # ~50 misleading "router requires hardware setup" ERROR lines for a server
-    # no test touched. MOCK_POSE_DATA is server-only and unused here.
+    - name: Start application
+      working-directory: archive/v1
+      env:
+        # No CSI hardware in CI — serve mock pose data so the pose endpoints
+        # respond 200 under load instead of erroring "requires real CSI data".
+        MOCK_POSE_DATA: "true"
+      run: |
+        uvicorn src.api.main:app --host 0.0.0.0 --port 8000 &
+        sleep 10
 
     - name: Run performance tests
       working-directory: archive/v1
+      env:
+        MOCK_POSE_DATA: "true"
       run: |
-        # Gate only on the genuine, deterministic perf guard:
-        # test_frame_budget.py times the *real* CSIProcessor pipeline against
-        # the ADR 50 ms per-frame budget (single-frame, p95 over 100 frames,
-        # +Doppler) — a true regression signal.
-        #
-        # test_api_throughput.py / test_inference_speed.py are excluded: every
-        # test there is a TDD red-phase stub (suffix `_should_fail_initially`)
-        # that times a *mock that sleeps* — meaningless as a perf signal, with
-        # machine-dependent wall-clock asserts (e.g. `actual_rps >= 40`,
-        # `batch_time < individual_time`) that are inherently flaky on shared
-        # CI runners, plus a cross-class fixture-scope bug. Forcing them green
-        # would be manufacturing a false signal; they stay in-repo for local
-        # TDD but do not gate CI until the underlying features are implemented.
-        #
-        # `python -m pytest` (not the bare `pytest` script) puts the cwd
-        # (archive/v1) on sys.path so `from src.core...` resolves — the bare
-        # script omits cwd and raises ModuleNotFoundError: No module named 'src'.
-        # -o addopts="" drops the root pyproject's --cov/--cov-fail-under=100.
-        python -m pytest tests/performance/test_frame_budget.py \
-          -o addopts="" -v --junitxml=perf-junit.xml
+        # The repo's performance suite is pytest (test_api_throughput.py,
+        # test_frame_budget.py, test_inference_speed.py) — there is no
+        # locustfile.py, so the old `locust -f tests/performance/locustfile.py`
+        # command always failed with "Could not find ...". Run the real suite.
+        # -o addopts="" drops the root pyproject's --cov/--cov-fail-under=100
+        # flags (pytest-cov isn't installed here and 100% cov is for unit tests).
+        pytest tests/performance/ -o addopts="" -v --junitxml=perf-junit.xml
 
     - name: Upload performance results
       if: always()
@@ -321,7 +313,7 @@ jobs:
     steps:
     - name: Checkout code
       continue-on-error: true
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
 
     - name: Set up Docker Buildx
       continue-on-error: true
@@ -393,7 +385,7 @@ jobs:
       contents: write   # gh-pages deploy needs write (GITHUB_TOKEN is read-only by default -> 403)
     steps:
     - name: Checkout code
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
 
     - name: Set up Python
       uses: actions/setup-python@v6

.github/workflows/clone-tracking.yml

@@ -34,7 +34,7 @@ jobs:
   snapshot:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Fetch /traffic/clones + /traffic/views from GitHub
         env:

.github/workflows/cog-ha-matter-release.yml

@@ -27,7 +27,7 @@ jobs:
     name: Build x86_64
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Setup Rust
         uses: dtolnay/rust-toolchain@stable
@@ -77,7 +77,7 @@ jobs:
     name: Build aarch64 (arm)
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Setup Rust
         uses: dtolnay/rust-toolchain@stable
@@ -144,7 +144,7 @@ jobs:
       github.event_name == 'push' &&
       vars.HAS_GCP_CREDENTIALS == 'true'
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Download x86_64 artifact
         uses: actions/download-artifact@v4

.github/workflows/dashboard-a11y.yml

@@ -19,7 +19,7 @@ jobs:
   a11y:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - uses: dtolnay/rust-toolchain@stable
         with: { targets: wasm32-unknown-unknown }

.github/workflows/dashboard-pages.yml

@@ -25,7 +25,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout main
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Install Rust + wasm32 target
         uses: dtolnay/rust-toolchain@stable

.github/workflows/desktop-release.yml

@@ -27,7 +27,7 @@ jobs:
         target: [aarch64-apple-darwin, x86_64-apple-darwin]
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Setup Node.js
         uses: actions/setup-node@v6
@@ -82,7 +82,7 @@ jobs:
     runs-on: windows-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Setup Node.js
         uses: actions/setup-node@v6
@@ -130,7 +130,7 @@ jobs:
       contents: write
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Download all artifacts
         uses: actions/download-artifact@v4

.github/workflows/firmware-ci.yml

@@ -21,7 +21,7 @@ jobs:
     runs-on: ubuntu-latest
     if: github.ref_type == 'tag'
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - name: Check firmware version.txt == tag
         run: |
           # Tag form: vX.Y.Z-esp32  →  expect version.txt to contain X.Y.Z
@@ -70,7 +70,7 @@ jobs:
             artifact_pt: partition-table-c6.bin
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Build firmware (${{ matrix.variant }})
         working-directory: firmware/esp32-csi-node

.github/workflows/firmware-qemu.yml

@@ -99,7 +99,7 @@ jobs:
           - boundary-min
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Download QEMU artifact
         uses: actions/download-artifact@v4
@@ -213,7 +213,7 @@ jobs:
     name: Fuzz Testing (ADR-061 Layer 6)
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Install clang
         run: |
@@ -262,7 +262,7 @@ jobs:
     name: NVS Matrix Generation
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Install NVS generator
         run: pip install esp-idf-nvs-partition-gen
@@ -316,7 +316,7 @@ jobs:
       image: espressif/idf:v5.4
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Download QEMU artifact
         uses: actions/download-artifact@v4

.github/workflows/fix-regression-guard.yml

@@ -21,7 +21,7 @@ jobs:
     name: Verify fix markers
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - uses: actions/setup-python@v6
         with:

.github/workflows/mqtt-integration.yml

@@ -40,7 +40,7 @@ jobs:
       RUST_BACKTRACE: 1
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Install mosquitto + clients and start with allow_anonymous
         run: |

.github/workflows/nvsim-server-docker.yml

@@ -25,7 +25,7 @@ jobs:
   build-and-publish:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - uses: docker/setup-buildx-action@v3
 

.github/workflows/pip-release.yml

@@ -75,7 +75,7 @@ jobs:
             arch: AMD64
     runs-on: ${{ matrix.os }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       # Linux aarch64 needs QEMU for cross-build on x86_64 runners.
       - name: Set up QEMU
@@ -120,7 +120,7 @@ jobs:
       startsWith(github.ref, 'refs/tags/v2.')
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - name: Install maturin
         run: pip install maturin>=1.7
       - name: Build sdist
@@ -143,7 +143,7 @@ jobs:
       startsWith(github.ref, 'refs/tags/v1.99')
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - uses: actions/setup-python@v5
         with:
           python-version: '3.12'

.github/workflows/pointcloud-pages.yml

@@ -28,7 +28,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout main
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Stage viewer for Pages
         run: |

.github/workflows/ruview-swarm-ci.yml

@@ -39,7 +39,7 @@ jobs:
           - { label: 'ruflo+itar',       flags: '--features ruflo,itar-unrestricted' }
           - { label: 'full+train',       flags: '--features full,train' }
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - uses: dtolnay/rust-toolchain@stable
       - name: Cache cargo
         uses: actions/cache@v4
@@ -59,7 +59,7 @@ jobs:
     name: clippy (-D warnings, --no-deps)
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       # v2/rust-toolchain.toml pins channel "1.89" with profile "minimal" (no
       # clippy). dtolnay@stable installs clippy on the floating "stable"
       # toolchain, but the override makes cargo use the separate "1.89"
@@ -92,7 +92,7 @@ jobs:
     name: build train_marl bin
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - uses: dtolnay/rust-toolchain@stable
       - name: Cache cargo
         uses: actions/cache@v4
@@ -126,7 +126,7 @@ jobs:
     name: ITAR / publish guard
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - name: publish = false is present (no accidental crates.io publish)
         run: |
           CARGO=v2/crates/ruview-swarm/Cargo.toml

.github/workflows/security-scan.yml

@@ -26,7 +26,7 @@ jobs:
     steps:
     - name: Checkout code
       continue-on-error: true
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
       with:
         fetch-depth: 0
 
@@ -95,7 +95,7 @@ jobs:
     steps:
     - name: Checkout code
       continue-on-error: true
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
 
     - name: Set up Python
       continue-on-error: true
@@ -162,7 +162,7 @@ jobs:
     steps:
     - name: Checkout code
       continue-on-error: true
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
 
     - name: Set up Docker Buildx
       continue-on-error: true
@@ -243,7 +243,7 @@ jobs:
     steps:
     - name: Checkout code
       continue-on-error: true
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
 
     - name: Run Checkov IaC scan
       continue-on-error: true
@@ -304,7 +304,7 @@ jobs:
     steps:
     - name: Checkout code
       continue-on-error: true
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
       with:
         fetch-depth: 0
 
@@ -339,7 +339,7 @@ jobs:
     steps:
     - name: Checkout code
       continue-on-error: true
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
 
     - name: Set up Python
       continue-on-error: true
@@ -376,7 +376,7 @@ jobs:
     steps:
     - name: Checkout code
       continue-on-error: true
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
 
     - name: Check security policy files
       continue-on-error: true

.github/workflows/sensing-server-docker.yml

@@ -48,7 +48,7 @@ jobs:
     name: build · push · smoke-test
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
         with:
           submodules: recursive
 

.github/workflows/threejs-pages.yml

@@ -29,7 +29,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout main
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Stage demos for Pages
         run: |

.github/workflows/update-submodules.yml

@@ -13,7 +13,7 @@ jobs:
   update:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
         with:
           submodules: true
           fetch-depth: 0

.github/workflows/verify-pipeline.yml

@@ -29,7 +29,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Set up Python ${{ matrix.python-version }}
         uses: actions/setup-python@v6

CHANGELOG.md

@@ -430,7 +430,7 @@ Model release (no new firmware binary). Firmware remains at v0.6.0-esp32.
 - Security fix merged via PR #310.
 
 ### Performance
-- Presence detection: 100% accuracy on 60,630 overnight samples. *(Retracted — that recording was single-class (one sleeping person, 6,062/6,063 frames "present"), so a constant "yes" scores ~99.98%. Superseded by the honest 82.3% held-out temporal-triplet metric; see [#882](https://github.com/ruvnet/RuView/issues/882). Kept here as the in-place public record.)*
+- Presence detection: 100% accuracy on 60,630 overnight samples.
 - Inference: 0.008 ms per sample, 164K embeddings/sec.
 - Contrastive self-supervised training: 51.6% improvement over baseline.
 

docs/readme-details.md

@@ -122,7 +122,7 @@ node scripts/benchmark-ruvllm.js --model models/csi-ruvllm       # benchmark
 
 | What we measured | Result | Why it matters |
 |-----------------|--------|---------------|
-| **CSI embedding quality** | **82.3% held-out temporal-triplet** | Honest label-free metric on the last 20% by time (v1's "100% presence" was a single-class recording — retracted, [#882](https://github.com/ruvnet/RuView/issues/882)) |
+| **Presence detection** | **100% accuracy** | Never misses a person, never false alarms |
 | **Inference speed** | **0.008 ms** per embedding | 125,000x faster than real-time |
 | **Throughput** | **164,183 embeddings/sec** | One Mac Mini handles 1,600+ ESP32 nodes |
 | **Contrastive learning** | **51.6% improvement** | Strong pattern learning from real overnight data |
@@ -233,7 +233,7 @@ python firmware/esp32-csi-node/provision.py --port COM9 --hop-channels "1,6,11"
 | **kNN similarity search** | "Find the 10 most similar states to right now" — anomaly detection, fingerprinting | Cognitum Seed |
 | **Witness chain** | SHA-256 tamper-evident audit trail for every measurement (1,747 entries validated) | Cognitum Seed |
 | **Camera-free pose training** | 17 COCO keypoints from 10 sensor signals — PIR, RSSI triangulation, subcarrier asymmetry, vibration, BME280 | 2x ESP32 + Seed |
-| **Pre-trained model** | 82.8 KB (8 KB at 4-bit quantization), 82.3% held-out temporal-triplet accuracy (v1's "100% presence" was single-class — retracted, [#882](https://github.com/ruvnet/RuView/issues/882)) | Download from release |
+| **Pre-trained model** | 82.8 KB (8 KB at 4-bit quantization), 100% presence accuracy, 0 skeleton violations | Download from release |
 | **Sub-ms inference** | 0.012 ms latency, 171,472 embeddings/sec on M4 Pro | Any machine with Node.js |
 | **SONA adaptation** | Adapts to new rooms in <1ms without retraining | ruvllm runtime |
 | **LoRA room adapters** | Per-node fine-tuning with 2,048 parameters per adapter | Automatic |
@@ -262,7 +262,7 @@ node scripts/benchmark-ruvllm.js --model models/csi-ruvllm
 
 | What we measured | Result | Why it matters |
 |-----------------|--------|---------------|
-| **CSI embedding quality** | **82.3% held-out temporal-triplet** | Honest label-free metric (v1's "100% presence" was single-class — retracted, [#882](https://github.com/ruvnet/RuView/issues/882)) |
+| **Presence detection** | **100% accuracy** | Never misses a person, never false alarms |
 | **Person counting** | **24/24 correct** (MinCut) | Fixed the #1 user-reported issue |
 | **Inference speed** | **0.012 ms** per embedding | 83,000x faster than real-time |
 | **Throughput** | **171,472 embeddings/sec** | One Mac Mini handles 1,700+ ESP32 nodes |

docs/user-guide.md

@@ -1119,7 +1119,7 @@ What it ships (and what it does not):
 
 | Capability | Status |
 |------------|--------|
-| Presence detection (occupied / empty) | ✅ Trained head — v2 encoder reports 82.3% held-out temporal-triplet acc (v1's "100% on validation" was a single-class recording — retracted, [#882](https://github.com/ruvnet/RuView/issues/882)) |
+| Presence detection (occupied / empty) | ✅ Trained head — 100% accuracy on validation |
 | 128-dim CSI embeddings (re-ID, similarity, downstream training) | ✅ Trained encoder |
 | Single-person breathing / heart-rate | ⚠️ Server still uses heuristic DSP — model does not replace this yet |
 | 17-keypoint full-body pose | 🔬 No keypoint weights shipped yet — pose pipeline runs but without a learned head |
@@ -1824,7 +1824,7 @@ huggingface-cli download ruvnet/wifi-densepose-pretrained --local-dir models/pre
 #   model.safetensors    — 48 KB contrastive encoder
 #   model-q4.bin         — 8 KB quantized (recommended)
 #   model-q2.bin         — 4 KB ultra-compact (ESP32 edge)
-#   presence-head.json   — presence detection head (v2 encoder: 82.3% held-out triplet acc)
+#   presence-head.json   — presence detection head (100% accuracy)
 #   node-1.json          — LoRA adapter for room 1
 #   node-2.json          — LoRA adapter for room 2
 ```
@@ -1833,7 +1833,7 @@ huggingface-cli download ruvnet/wifi-densepose-pretrained --local-dir models/pre
 
 The pre-trained encoder converts 8-dim CSI feature vectors into 128-dim embeddings. These embeddings power all 17 sensing applications:
 
-- **Presence detection** — v2 encoder: 82.3% held-out temporal-triplet accuracy (v1's "100%" was a single-class recording — retracted, [#882](https://github.com/ruvnet/RuView/issues/882))
+- **Presence detection** — 100% accuracy, never misses, never false alarms
 - **Environment fingerprinting** — kNN search finds "states like this one"
 - **Anomaly detection** — embeddings that don't match known clusters = anomaly
 - **Activity classification** — different activities cluster in embedding space