Release/956.0.0

[tanguyenvn]

Explanation

This pull request publishes monorepo release 956.0.0 from branch release/956.0.0.

Current state

• main already contained Release/955.0.0 and the feature work for passkey post-registration verification (#8663).
• A release branch was cut and completed with the standard Initialize Release / Update Release commits so package changelogs and workspace metadata match the release.

What this PR delivers

• Bumps the root workspace package.json version to 956.0.0.
• Releases @metamask/passkey-controller@2.0.0, which adds post-registration authentication (generatePostRegistrationAuthenticationOptions) and tightens enrollment so the vault wrapping key is derived from that assertion. Enrollment is now a four-step WebAuthn path (create → post-registration get() options → get() → protectVaultKeyWithPasskey with required authenticationResponse), replacing the previous flow where protectVaultKeyWithPasskey could complete enrollment without that step.
• Breaking changes for passkey consumers: rpID → expectedRPID / expectedRPIDs, verification helpers updated for expectedRPIDs: string[], and already_enrolled when enrolling while a passkey is already enrolled. Full detail is in packages/passkey-controller/CHANGELOG.md under [2.0.0].

Note for reviewers

• Many CHANGELOG.md files are touched by Update Release for workspace-wide changelog housekeeping; the only package.json version bump besides the root is packages/passkey-controller (to 2.0.0).

References

• Passkey enrollment / verification feature: #8663
• Prior release on main: Release/955.0.0 (#8671)
• Changelog process: Updating changelogs
• Breaking changes process: Breaking changes

Checklist

• I've updated the test suite for new or updated code as appropriate
• I've updated documentation (JSDoc, Markdown, etc.) for new or updated code as appropriate
• I've communicated my changes to consumers by updating changelogs for packages I've changed
• I've introduced breaking changes in this PR and have prepared draft pull requests for clients and consumer packages to resolve them

---

Note

Medium Risk
Mostly release metadata, but it publishes @metamask/passkey-controller@2.0.0 with documented breaking API/enrollment-flow changes that will impact downstream consumers if adopted without updates.

Overview
Bumps the root workspace version to 956.0.0.

Publishes @metamask/passkey-controller@2.0.0 by updating its package version and changelog, including breaking documented changes to passkey enrollment/verification APIs (e.g., post-registration authentication step, rpID → expectedRPIDs, and new already_enrolled error code).

^{Reviewed by Cursor Bugbot for commit ad0f2ae. Bugbot is set up for automated code reviews on this repo. Configure here.}