Release/913.0.0#5
Open
cryptodev-2s wants to merge 4 commits into
Open
Conversation
This comment was marked as outdated.
This comment was marked as outdated.
cryptodev-2s
force-pushed
the
release/913.0.0
branch
from
79ff2c0 to
5dcff1f
Compare
Owner
Author
|
@metamaskbot update-changelogs |
This comment was marked as outdated.
This comment was marked as outdated.
cryptodev-2s
force-pushed
the
release/913.0.0
branch
from
5dcff1f to
caf681c
Compare
Owner
Author
|
@metamaskbot update-changelogs |
cryptodev-2s
force-pushed
the
release/913.0.0
branch
from
caf681c to
2c6aaa8
Compare
Owner
Author
|
@metamaskbot update-changelogs |
This comment has been minimized.
This comment has been minimized.
Owner
Author
|
@metamaskbot update-changelogs |
This comment has been minimized.
This comment has been minimized.
4 tasks
cryptodev-2s
force-pushed
the
release/913.0.0
branch
from
e8df2dc to
8fe9ace
Compare
Owner
Author
|
@metamaskbot update-changelogs |
cryptodev-2s
force-pushed
the
release/913.0.0
branch
from
816425a to
8447da7
Compare
Owner
Author
|
@metamaskbot update-changelogs |
|
✅ Changelogs updated and pushed. |
pull Bot
pushed a commit
to Reality2byte/core
that referenced
this pull request
Apr 22, 2026
…ps (MetaMask#8443) ## Explanation Adds an **Update Changelogs** workflow that uses `@metamask/auto-changelog` v6's `--checkDeps --fix` feature to automatically validate and fix missing dependency bump changelog entries. **Triggers:** - **Automatic:** When a release PR (`release/*` branch) is opened targeting `main` - **On-demand:** Comment `@metamaskbot update-changelogs` on any non-fork PR **What it does:** 1. Detects and skips fork PRs (security) 2. Checks out the PR head branch 3. Runs `changelog:validate --checkDeps --fix --currentPr <PR#>` across all packages 4. Commits and pushes any CHANGELOG.md fixes back to the PR branch 5. Comments on the PR with the result **Security:** - Fork PRs are blocked via `isCrossRepository` check - All dynamic values use environment variables (no `${{ }}` in `run:` blocks) - SHA-based checkout with branch name switch for release branch detection ## References - Use example cryptodev-2s#5 ## Checklist - [x] I've updated the test suite for new or updated code as appropriate - [x] I've updated documentation (JSDoc, Markdown, etc.) for new or updated code as appropriate - [ ] I've communicated my changes to consumers by [updating changelogs for packages I've changed](https://github.com/MetaMask/core/tree/main/docs/processes/updating-changelogs.md) - [ ] I've introduced [breaking changes](https://github.com/MetaMask/core/tree/main/docs/processes/breaking-changes.md) in this PR and have prepared draft pull requests for clients and consumer packages to resolve them <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Adds CI automation that runs with `contents: write` and can push commits to PR branches and post/minimize comments, so misconfiguration could affect contributor branches or spam PRs; code changes are limited to GitHub workflow logic. > > **Overview** > Adds a new `Update Changelogs` workflow that, for non-fork PRs, detects release PRs (or a `@metamaskbot update-changelogs` comment), runs `yarn changelog:validate --checkDeps --fix` from the PR’s merge-base, and auto-commits/pushes any `**/CHANGELOG.md` fixes back to the PR branch with a status comment (minimizing prior bot comments). > > Makes release detection configurable by introducing a `commit-starts-with` input to the `check-release` composite action and wiring both `check-release` and the `is-release` job in `main.yml` to use `${{ vars.RELEASE_COMMIT_PREFIX }}` instead of a hardcoded prefix list. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit c6e02fe. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: Maarten Zuidhoorn <maarten@zuidhoorn.com> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Explanation
References
Checklist