Release/1027.0.0#9058
Merged
Merged
Conversation
|
✅ Changelogs updated and pushed. |
Mrtenz
reviewed
Jun 9, 2026
Mrtenz
reviewed
Jun 9, 2026
Co-authored-by: Maarten Zuidhoorn <maarten@zuidhoorn.com>
Co-authored-by: Maarten Zuidhoorn <maarten@zuidhoorn.com>
Mrtenz
approved these changes
Jun 9, 2026
cursor Bot
pushed a commit
that referenced
this pull request
Jun 9, 2026
## Explanation Major release of the `keyring-controller` (and `wallet` since there was a pending breaking change already for that package).G ## References N/A ## Checklist - [ ] I've updated the test suite for new or updated code as appropriate - [ ] I've updated documentation (JSDoc, Markdown, etc.) for new or updated code as appropriate - [ ] I've communicated my changes to consumers by [updating changelogs for packages I've changed](https://github.com/MetaMask/core/tree/main/docs/processes/updating-changelogs.md) - [ ] I've introduced [breaking changes](https://github.com/MetaMask/core/tree/main/docs/processes/breaking-changes.md) in this PR and have prepared draft pull requests for clients and consumer packages to resolve them <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **High Risk** > Major bumps to keyring-controller and wallet change export/signing credentials and default approval wiring; consumers must update call sites and avoid duplicate ApprovalController registration. > > **Overview** > Monorepo release **1027.0.0** that cuts new package versions and aligns workspace dependencies so downstream clients can pick up recent controller work in one train. > > The headline breaking changes are **`@metamask/keyring-controller@27.0.0`** (`exportSeedPhrase` / `exportAccount` now take a `Credentials` object instead of a raw password string; non-primary keyrings are auto-removed when drained via `withKeyring` / `withKeyringV2`) and **`@metamask/wallet@3.0.0`** (default `Wallet` now constructs and registers **`ApprovalController`**—apps that already wire their own must drop the duplicate). > > Also shipped in this bump wave: **`@metamask/assets-controllers@108.6.0`** adds runtime **`isDeprecated`** hooks on `TokenRatesController`, `TokenBalancesController`, and `AccountTrackerController`; **`@metamask/controller-utils@12.1.1`** refreshes `NetworkNickname`; **`@metamask/profile-metrics-controller@3.2.0`** adds proof-of-ownership / nonce batch API wiring. Dozens of packages only receive patch/minor version and changelog updates plus dependency bumps to `keyring-controller@^27`, `controller-utils@^12.1.1`, and related packages. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 94aae7e. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Maarten Zuidhoorn <maarten@zuidhoorn.com>
4 tasks
Merged
pull Bot
pushed a commit
to dmrazzy/core
that referenced
this pull request
Jun 11, 2026
## Release ### `@metamask/chain-agnostic-permission` 1.6.2 #### Changed - Bump `@metamask/api-specs` from `^0.14.0` to `^0.15.0` ([MetaMask#9096](MetaMask#9096)) - Bump `@metamask/utils` from `^11.9.0` to `^11.11.0` ([MetaMask#9074](MetaMask#9074)) - Bump `@metamask/controller-utils` from `^12.0.0` to `^12.2.0` ([MetaMask#8774](MetaMask#8774), [MetaMask#9058](MetaMask#9058), [MetaMask#9083](MetaMask#9083)) ### `@metamask/multichain-api-middleware` 3.1.4 #### Changed - Bump `@metamask/utils` from `^11.9.0` to `^11.11.0` ([MetaMask#9074](MetaMask#9074)) - Bump `@metamask/controller-utils` from `^12.1.0` to `^12.2.0` ([MetaMask#9058](MetaMask#9058), [MetaMask#9083](MetaMask#9083)) - Bump `@metamask/accounts-controller` from `^39.0.0` to `^39.0.1` ([MetaMask#9058](MetaMask#9058)) - Bump `@metamask/api-specs` from `^0.14.0` to `^0.15.0` ([MetaMask#9096](MetaMask#9096)) - Bump `@metamask/chain-agnostic-permission` from `^1.6.1` to `^1.6.2` ([MetaMask#9096](MetaMask#9096)) <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Patch releases and dependency version bumps only; no logic or API changes in the diff. > > **Overview** > **Monorepo release 1037.0.0** — version and changelog updates with no runtime code changes in this diff. > > **`@metamask/chain-agnostic-permission` 1.6.2** documents patch-level dependency bumps: `@metamask/api-specs` ^0.15.0, `@metamask/utils` ^11.11.0, and `@metamask/controller-utils` ^12.2.0. > > **`@metamask/multichain-api-middleware` 3.1.4** picks up the same stack plus `@metamask/accounts-controller` ^39.0.1 and **`@metamask/chain-agnostic-permission` ^1.6.2** in `package.json` and `yarn.lock`. > > **`@metamask/eip1193-permission-middleware`** updates its declared dependency to `@metamask/chain-agnostic-permission` ^1.6.2 and records that under `[Unreleased]` in its changelog (no package version bump in this diff). > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit daf565d. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY -->
pull Bot
pushed a commit
to dmrazzy/core
that referenced
this pull request
Jun 12, 2026
## Explanation This is the release PR for `1038.0.0`, generated by `create-release-branch`. It bumps the monorepo version from `1037.0.0` to `1038.0.0` and releases a single package: `@metamask/ramps-controller` `14.1.1` → `14.2.0`. The release moves the entries that had accumulated under `[Unreleased]` into a new `[14.2.0]` section in the package's changelog. `@metamask/ramps-controller@14.2.0` includes the following: - **Changed** — `RampsService.getQuotes` now sends an `Authorization: Bearer <token>` header, sourcing the token from `AuthenticationController:getBearerToken` (already a required messenger action since `14.0.0`); the call throws if no token is available (e.g. the wallet is locked or the user is signed out) ([MetaMask#8888](MetaMask#8888)). This is the notable change driving the version bump: `getQuotes` previously made an unauthenticated request and now requires a bearer token, so consumers should review their sign-in state before upgrading. - **Changed** — Bump `@metamask/controller-utils` from `^12.1.0` to `^12.2.0` ([MetaMask#9058](MetaMask#9058), [MetaMask#9083](MetaMask#9083)). Note on `getPaymentMethods`: within this unreleased window, auth was added to `getPaymentMethods` (MetaMask#8888) and then removed again (MetaMask#9060) so that payment methods can be fetched before sign-in. Because that change was reverted before shipping, it nets to no consumer-facing change and is intentionally omitted from the changelog per the project's "omit reverted changes" guideline. This is a minor release (`14.2.0`). It contains no breaking changes; the version is bumped to minor — rather than patch — to surface the `getQuotes` authentication behavior change, which alters how an existing method makes its request even though the public interface is unchanged. As part of cutting the release, the in-monorepo consumer `@metamask/transaction-pay-controller` has its dependency on `@metamask/ramps-controller` bumped to `^14.2.0`; this is a mechanical version bump required by the release tooling and does not change `transaction-pay-controller`'s behavior. ## References <!-- Are there any issues that this pull request is tied to? Are there other links that reviewers should consult to understand these changes better? Are there client or consumer pull requests to adopt any breaking changes? For example: * Fixes #12345 * Related to #67890 --> Release PR generated by `create-release-branch`; see `docs/processes/releasing.md`. `@metamask/ramps-controller` was bumped to a minor (`14.2.0`) rather than a patch in response to review feedback that the `getQuotes` authentication change is a notable behavior change to an existing method. ## Checklist - [ ] I've updated the test suite for new or updated code as appropriate - [ ] I've updated documentation (JSDoc, Markdown, etc.) for new or updated code as appropriate - [x] I've communicated my changes to consumers by [updating changelogs for packages I've changed](https://github.com/MetaMask/core/tree/main/docs/processes/updating-changelogs.md) - [ ] I've introduced [breaking changes](https://github.com/MetaMask/core/tree/main/docs/processes/breaking-changes.md) in this PR and have prepared draft pull requests for clients and consumer packages to resolve them --------- Co-authored-by: Darius Costolas <10818970+meltingice1337@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Explanation
Major release of the
keyring-controller(andwalletsince there was a pending breaking change already for that package).References
N/A
Checklist
Note
High Risk
Major bumps to keyring-controller and wallet change export/signing credentials and default approval wiring; consumers must update call sites and avoid duplicate ApprovalController registration.
Overview
Monorepo release 1027.0.0 that cuts new package versions and aligns workspace dependencies so downstream clients can pick up recent controller work in one train.
The headline breaking changes are
@metamask/keyring-controller@27.0.0(exportSeedPhrase/exportAccountnow take aCredentialsobject instead of a raw password string; non-primary keyrings are auto-removed when drained viawithKeyring/withKeyringV2) and@metamask/wallet@3.0.0(defaultWalletnow constructs and registersApprovalController—apps that already wire their own must drop the duplicate).Also shipped in this bump wave:
@metamask/assets-controllers@108.6.0adds runtimeisDeprecatedhooks onTokenRatesController,TokenBalancesController, andAccountTrackerController;@metamask/controller-utils@12.1.1refreshesNetworkNickname;@metamask/profile-metrics-controller@3.2.0adds proof-of-ownership / nonce batch API wiring. Dozens of packages only receive patch/minor version and changelog updates plus dependency bumps tokeyring-controller@^27,controller-utils@^12.1.1, and related packages.Reviewed by Cursor Bugbot for commit 94aae7e. Bugbot is set up for automated code reviews on this repo. Configure here.