feat: add Update Changelogs workflow with auto-changelog v6 --checkDeps

.github/workflows/update-changelogs.yml

@@ -0,0 +1,125 @@
+name: Update Changelogs
+
+on:
+  issue_comment:
+    types: [created]
+  pull_request:
+    branches: [main]
+    types: [opened]
+
+concurrency:
+  group: update-changelogs-${{ github.event.issue.number || github.event.pull_request.number }}
+  cancel-in-progress: true
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  is-fork-pull-request:
+    name: Determine whether this PR is from a fork
+    if: >
+      (github.event_name == 'pull_request' && startsWith(github.head_ref, 'release/')) ||
+      (github.event.issue.pull_request && contains(github.event.comment.body, '@metamaskbot update-changelogs'))
+    runs-on: ubuntu-latest
+    outputs:
+      IS_FORK: ${{ steps.is-fork.outputs.IS_FORK }}
+    steps:
+      - name: Determine whether this PR is from a fork
+        id: is-fork
+        run: |
+          IS_FORK=$(gh pr view --json isCrossRepository --jq '.isCrossRepository' "$PR_NUMBER" --repo "$GITHUB_REPOSITORY")
+          echo "IS_FORK=$IS_FORK" >> "$GITHUB_OUTPUT"
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          PR_NUMBER: ${{ github.event.issue.number || github.event.pull_request.number }}
+
+  update-changelogs:
+    name: Update changelogs
+    needs: is-fork-pull-request
+    if: ${{ needs.is-fork-pull-request.outputs.IS_FORK == 'false' }}
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+    env:
+      GITHUB_TOKEN: ${{ secrets.UPDATE_CHANGELOG_TOKEN }}
+      PR_NUMBER: ${{ github.event.issue.number || github.event.pull_request.number }}
+    steps:
+      - name: React to comment
+        if: github.event_name == 'issue_comment'
+        continue-on-error: true
+        run: gh api "repos/${GITHUB_REPOSITORY}/issues/comments/${COMMENT_ID}/reactions" -f content='+1'
+        env:
+          GH_TOKEN: ${{ github.token }}
+          COMMENT_ID: ${{ github.event.comment.id }}
+
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          # Use PAT to ensure the push triggers subsequent CI workflows
+          token: ${{ secrets.UPDATE_CHANGELOG_TOKEN }}
+          fetch-depth: 0
+
+      - name: Checkout pull request
+        run: gh pr checkout "$PR_NUMBER"
+
+      - name: Setup environment
+        uses: MetaMask/action-checkout-and-setup@v2
+        with:
+          is-high-risk-environment: false
+          cache-node-modules: true
+          node-version: 22.x
+
+      - name: Hide previous bot comments
+        continue-on-error: true
+        run: |
+          COMMENT_IDS=$(gh api "repos/${GITHUB_REPOSITORY}/issues/${PR_NUMBER}/comments" --paginate \
+            --jq '[.[] | select(.user.login == "github-actions[bot]" and (.body | test("^(✅|⚠️|❌)"))) | .node_id] | .[]')
+          for NODE_ID in $COMMENT_IDS; do
+            gh api graphql -f query='mutation { minimizeComment(input: {subjectId: "'"$NODE_ID"'", classifier: OUTDATED}) { clientMutationId } }'
+          done
+        env:
+          GH_TOKEN: ${{ github.token }}
+
+      - name: Validate and fix dependency bump entries
+        id: validate
+        run: >
+          yarn workspaces foreach --all --no-private --parallel --interlaced --verbose
+          run changelog:validate --checkDeps --fix --currentPr "$PR_NUMBER"
+        continue-on-error: true
+
+      - name: Commit and push if changed
+        id: commit
+        run: |
+          if git diff --quiet; then
+            echo "changed=false" >> "$GITHUB_OUTPUT"
+            exit 0
+          fi
+          git diff --stat
+          git config user.name "github-actions[bot]"
+          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git add -- '**/CHANGELOG.md'
+          git commit -m "chore: auto-fix dependency bump changelog entries"
+          git push
+          echo "changed=true" >> "$GITHUB_OUTPUT"
+
+      - name: Comment result
+        if: always()
+        run: |
+          if [ "$CHANGED" = "true" ] && [ "$VALIDATE_OUTCOME" = "failure" ]; then
+            gh pr comment "$PR_NUMBER" --body "⚠️ Changelogs updated and pushed, but some validation errors remain. Check the [workflow run]($GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID) for details."
+          elif [ "$CHANGED" = "true" ]; then
+            gh pr comment "$PR_NUMBER" --body "✅ Changelogs updated and pushed."
+          elif [ "$COMMIT_OUTCOME" = "failure" ]; then
+            gh pr comment "$PR_NUMBER" --body "❌ Failed to push changelog fixes. Check the [workflow run]($GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID) for details."
+          elif [ "$VALIDATE_OUTCOME" = "failure" ]; then
+            gh pr comment "$PR_NUMBER" --body "❌ Changelog validation failed. Check the [workflow run]($GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID) for details."
+          elif [ "$VALIDATE_OUTCOME" = "skipped" ] || [ "$COMMIT_OUTCOME" = "skipped" ]; then
+            gh pr comment "$PR_NUMBER" --body "❌ Workflow failed before changelog validation. Check the [workflow run]($GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID) for details."
+          else
+            gh pr comment "$PR_NUMBER" --body "✅ No changelog changes needed."
+          fi
+        env:
+          GH_TOKEN: ${{ github.token }}
+          CHANGED: ${{ steps.commit.outputs.changed }}
+          COMMIT_OUTCOME: ${{ steps.commit.outcome }}
+          VALIDATE_OUTCOME: ${{ steps.validate.outcome }}