This however might be because they simply don't care about the is_bad_bot flag right now.

I don't think this is the case. There are still some GQL requests that will fail an integrity check on default headless (with the HeadlessChrome user agent), for example, requesting further than page 1 on a stream directory listing. In my testing, these requests pass the integrity test if the HeadlessChrome user-agent is overridden with the one from the base browser.

That being said, I've just tested one of these endpoints with a token generated by headless Chromium using this patch, and it fails the integrity test.
In testing, I think it's caused by the user-agent streamlink is sending. By default it's using the built-in Chrome user-agent, which is
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36,
but the actual user-agent of my Chrome version is
User-Agent=Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Notice Windows NT 10.0; Win64; x64 vs X11; Linux x86_64. Forcing the user agent to the Linux version, the token passed the integrity test, so it seems this is the only discrepancy they're detecting for now. It seems the user agent logic needs to be a little more nuanced to work correctly.

If you look at the logic in Selenium:
https://github.com/seleniumbase/SeleniumBase/blob/feca61a3c283858c185596ef3d0941e519c2be31/seleniumbase/core/browser_launcher.py#L4183-L4203
They're actually starting a browser session, reading the user agent, then basing their new overridden user agent on that, so the overridden user agent will always match the base user agent rather than using a hard coded one. I'm not sure if there's a more elegant way to go about it than that.

Sorry, to be more clear, this patch works correctly and generates good tokens when used in non-headless mode, forcing headless is what causes the above issue, so it was in response to your question about that.

it was in response to your question

Yes, all good, I'm fully aware...

It seems the user agent logic needs to be a little more nuanced to work correctly.
If you look at the logic in Selenium

Reading the UA and then modifying it requires a secondary web browser launch and CDP initialization, which I tried to avoid by re-using the UA string from Streamlink's useragents module. This is obviously limited to only one platform, which is the Windows-desktop one (it was chosen because it's the one that had and still has the highest market share, so Streamlink's HTTP requests don't stand out in server logs). Reading the UA from a secondary launch could of course be cached, but it'd still require a more sophisticated initialization logic and a cache expiration, so not much is gained from this solution.

There are two other solutions though for overriding the UA header in the CDP session and that's:

1. Intercepting and overriding each request in the client logic manually. That would require making the UA override from the launch argument optional.
2. Not setting the --user-agent launch argument and instead calling the Emulation.setUserAgentOverride CDP method after reading+modifying the UA string from the CDP in the CDPClientSession initialization before running any client logic.

But let's not discuss this here. It's off topic. This PR is about the added plugin argument and CI token decoder removal, which is working fine. Please open another issue for potential headless changes of the Twitch plugin. Thanks.