v1.2.1

What's Changed

🛠 Improvements

• Resolve location of imported values by @turbolent in #3634

📖 Documentation

• Update release docs with a section for versioning strategy by @SupunS in #3629

Other Changes

• Re-enable and update the Source Compatiblity Suite GitHub action by @turbolent in #3632
• Merge release/v1.2.0 to master by @github-actions in #3633

Full Changelog: v1.2.0...v1.2.1

v1.2.0

What's Changed

Other Changes

• Merge release/v1.1.0 to master by @github-actions in #3628
• Move Crypto contract on-chain by @turbolent in #3619
• Cleanup outdated FT/NFT related contract codes and tests by @SupunS in #3630

Full Changelog: v1.1.0...v1.2.0

v1.1.0

What's Changed

💥 Go API Breaking Chance

• Move subdirectories under runtime to top level by @SupunS in #3620

⭐ Features

• Add Type.address and Type.contractName by @turbolent in #3570

🛠 Improvements

• Unwrap optionals with dynamic cast by @RZhang05 in #3580
• Always return parser errors gracefully by @SupunS in #3578
• Improve result variable by @turbolent in #3589

🐞 Bug Fixes

• Fix CI: Flow CLI is 1.0 now by @turbolent in #3573
• Fix the version update check by @turbolent in #3572
• Change index expression's start position by @RZhang05 in #3575
• Fix cadence-parser npm package by @turbolent in #3555
• Always report errors against the new program during contract update validation by @SupunS in #3582
• Prevent migration tests from using out-of-sync data by @fxamacker in #3597

🧪 Testing

• Add tests for exporting interface type by @SupunS in #3576
• Add tests for enum usage as transaction parameters by @RZhang05 in #3581
• Add test for circular resources by @SupunS in #3586

Other Changes

• Merge release/v1.0.0-preview.52 to master by @github-actions in #3563
• add staged contracts report 2024-09-02 by @zhangchiqing in #3564
• update statecommitment for migration mainnet Sep 2 by @zhangchiqing in #3565
• Clean up roadmap by @turbolent in #3567
• Bring changelog up-to-date by @turbolent in #3568
• Add Crescendo migration report for mainnet24 by @j1010001 in #3571
• Fix storage explorer: Update dependencies, update API usage by @turbolent in #3566
• Bump atree from v0.8.0-rc.6 to v0.8.0 by @fxamacker in #3583
• Merge v1.0 into master by @turbolent in #3593
• Merge v1.0 into master by @SupunS in #3604
• Split value.go into multiple files by @SupunS in #3609
• Explain the reason for support parsing legacy restricted types by @SupunS in #3614
• Remove legacy content by @SupunS in #3622
• Move tests under runtime to tests directory by @SupunS in #3621
• Update source compatibility suite for latest cadence v1.0.1 by @RZhang05 in #3616
• Fix storage explorer by @turbolent in #3627

Full Changelog: v1.0.1...v1.1.0

v1.0.1

What's Changed

🐞 Bug Fixes

• Port bug fixes from internal repo by @SupunS in #3600
• Prevent leaving unreferenced slabs in storage while updating dictionary with enum key by @fxamacker in #3602
• Fix invocation boxing by @turbolent in #3601

Other Changes

• Update version.go by @SupunS in #3603

Full Changelog: v1.0.0...v1.0.1

v1.0.0

We are excited to announce the release of Cadence v1.0! 🎉

Starting with this release, there will be no more planned breaking changes going forward! 🚀

Reflecting two years of work since the last major milestone in 2022, v0.24 (Secure Cadence), and the culmination of five years of work since the inception of Cadence in 2019, Cadence 1.0 is a milestone marking several significant enhancements. This release introduces full forward compatibility, enhanced composability through Attachments, and significant performance improvements.

We would like to thank all contributors and community members for their great feedback and amazing contributions – this would have not been possible without you! 🙇

To learn more, visit https://flow.com/upgrade/crescendo/cadence-1.

💫 New features

Attachments

Attachments allow developers to extend a struct or resource type (even one that they did not declare) with new functionality and data, without requiring the original author of the type to plan or account for it.

This feature allows developers to easily build on and extend any existing application, significantly improving the composability story of Cadence.

Entitlements and Safe Downcasting

In Cadence 1.0, access control has improved significantly.

Previously, Cadence’s main access-control mechanism, restricted reference types, has been a source of confusion and mistakes for contract developers. Additionally, references could not be downcast, leading to ergonomic issues.

Access control is now handled using a new feature called Entitlements. A reference can now be “entitled” to certain facets of an object.

References can now always be down-casted, the standalone auth modifier is not necessary anymore, and got removed.

Entitled Account Access

Previously, access to accounts was granted wholesale: Users would sign a transaction, authorizing the code of the transaction to perform any kind of operation, for example, write to storage, but also add keys or contracts.

Users had to trust that a transaction would only perform supposed access, e.g. storage access to withdraw tokens, but still had to grant full access, which would allow the transaction to perform other operations.

Dapp developers who require users to sign transactions are now able to request the minimum amount of access to perform the intended operation, i.e. developers are able to follow the principle of least privilege (PoLA).

With the introduction of entitlements, this access is now expressed using entitlements and references.

Access to administrative account operations, such as writing to storage, adding keys, or adding contracts, is now gated by both coarse grained entitlements (e.g. Storage, which grants access to all storage related functions, and Keys, which grants access to all key management functions), as well as fine-grained entitlements (e.g. SaveValue to save a value to storage, or AddKey to add a new key to the account).

Transactions can now request the particular entitlements necessary to perform the operations in the transaction.

View Functions

View functions allow developers to improve the reliability and safety of their programs, and helps them to reason about the effects of their and the programs of others.

Developers can mark their functions as view, which disallows the function from performing state changes. That also makes the intent of functions clear to other programmers, as it allows them to distinguish between functions that change state and ones that do not.

Interface Inheritance

Previously, interfaces could not inherit from other interfaces, which required developers to repeat code. Interface inheritance allows code abstraction and code reuse.

Interfaces can now inherit from other interfaces of the same kind. This makes it easier for developers to structure their conformances and reduces a lot of redundant code.

Capability Controllers

Cadence encourages a capability-based security model. Capabilities are themselves a new concept that most Cadence programmers need to understand.

The existing linking-based capability API has been replaced by a more powerful and easier to use API based on the notion of Capability Controllers. The new API makes the creation of new and the revocation of existing capabilities simpler.

External Mutation Safety

External Mutation Safety prevents a common safety foot-gun, unintentionally granting mutable access to nested data.

The mutability of containers (updating a field of a composite value, key of a map, or index of an array) through references has changed: When a field/element is accessed through a reference, a reference to the accessed inner object is returned, instead of the actual object. These returned references are unauthorized by default, and the author of the object (struct/resource/etc.) can control what operations are permitted on these returned references by using entitlements and entitlement mappings.

Event Definition And Emission In Interfaces

Contract interfaces may now define event types, and these events can be emitted from function conditions and default implementations in those contract interfaces.

Force Destruction of Resources

All resources are now guaranteed to be destroyable.

It was previously possible to panic in the body of a resource or attachment’s destroy method, effectively preventing the destruction or removal of that resource from an account. This could be used as an attack vector by handing people undesirable resources or hydrating resources to make them extremely large or otherwise contain undesirable content.

Contracts may no longer define destroy functions on their resources, and are no longer required to explicitly handle the destruction of resource fields. These will instead be implicitly
destroyed whenever a resource is destroyed.

Additionally, developers may define a ResourceDestroyed event which will be emitted whenever a resource of that type is destroyed.

Inlined and Deduplicated Storage

Cadence uses the Atree library for storing objects. Cadence 1.0 integrates Atree v0.8.0, which inlines and deduplicates stored data, which significantly reduces the amount of data stored and memory need. On Flow Testnet, this reduced memory usage by ~1/2 without sacrificing speed.

For more information, visit the release page https://github.com/onflow/atree/releases/tag/v0.8.0

⚡ Breaking Improvements

Many of the improvements of Cadence 1.0 fundamentally change how Cadence works and how it is used. That also means it was necessary to break existing code to release this version, which guarantees stability (no more planned breaking changes) going forward.

As breaking changes are simply no longer acceptable after Cadence 1.0, we used this last chance to fix and improve Cadence, ensuring it delivers on its promise of being a language that provides security and safety, while also enabling composability and simplicity.

We appreciate that updating existing code can be challenging for developers. However, we believe these improvements are worthwhile, as they make Cadence development significantly more powerful and efficient, enabling developers to write and deploy immutable contracts.

The improvements were intentionally bundled into one release to avoid breaking Cadence programs multiple times.

References to Resource-Kinded Values Get Invalidated When the Referenced Values Are Moved

References are now invalidated if the referenced resource is moved after the reference was taken. The reference is invalidated upon the first move, regardless of the origin and the destination.

Previously, when a reference is taken to a resource, that reference remains valid even if the resource was moved, for example when created and moved into an account, or moved from one account into another.

In other words, references to resources stayed alive forever. This could be a potential safety foot-gun, where one could gain/give/retain unintended access to resources through references.

Conditions No Longer Allow State Changes

In the current version of Cadence, pre-conditions and post-conditions may perform state changes, e.g. by calling a function that performs a mutation. This may result in unexpected behavior, which might lead to bugs.

To make conditions predictable, they are no longer allowed to perform state changes.

Pre-conditions and post-conditions are now considered view contexts, meaning that any operations that would be prevented inside of a view function are also not permitted in a pre-condition or post-condition.

This is to prevent underhanded code wherein a user modifies global or contract state inside of a condition, where they are meant to simply be asserting properties of that state.

Semantics for Variables in For-Loop Statements Got Improved

The behavior of for-in loops improved, so that a new iteration variable is introduced for each iteration.

Previously, the iteration variable of for-in loops was re-assigned on each iteration.

Even though this is a common behavior in many programming languages, it is surprising behavior and a source of bugs.

The behavior was improved to the often assumed/expected behavior of a new iteration variable being introduced for each iteration, which reduces the likelihood for a bug.

Restricted Types Got Replaced with Intersection Types

With the improvements to access control enabled by entitlements and safe down-casting, the restricted type feature is redundant.
...

v1.0.0-preview.52

What's Changed

🛠 Improvements

• Improve address decoding error by @turbolent in #3560

🐞 Bug Fixes

• Handle unmigrated path capabilities and path links in Account.capabilities functions by @turbolent in #3562

🧪 Testing

• Add contract-update test for removing a field from nested resource by @SupunS in #3559
• Add test for modifying events during contract updates by @SupunS in #3561

Other Changes

• Merge release/v1.0.0-preview.51 to master by @github-actions in #3558

Full Changelog: v1.0.0-preview.51...v1.0.0-preview.52

v1.0.0-preview.51

What's Changed

⭐ Features

• Add sema.Access.QualifiedKeyword by @turbolent in #3552

🐞 Bug Fixes

• Fix Cadence Parser NPM Package by @bluesign in #3551
• Fix contract update error when old program has errors by @turbolent in #3554

🧪 Testing

• Add regression tests for nil-coalescing bug by @turbolent in #3553
• Smoke test update of enum key in dictionary by @turbolent in #3556

📖 Documentation

• Staged contracts report Aug 27 by @j1010001 in #3557

Other Changes

• Merge release/v1.0.0-preview.50 to master by @github-actions in #3549

Full Changelog: v1.0.0-preview.50...v1.0.0-preview.51

v1.0.0-preview.50

What's Changed

🐞 Bug Fixes

• Fix program recovery by @turbolent in #3548

📖 Documentation

• Add mainnet migration report for Aug 21 by @j1010001 in #3547

Other Changes

• Merge release/v1.0.0-preview.49 to master by @github-actions in #3545

Full Changelog: v1.0.0-preview.49...v1.0.0-preview.50

v1.0.0-preview.49

What's Changed

⭐ Features

• Add Type.isRecovered field by @turbolent in #3505

🛠 Improvements

• Fix contract update validation: Check updated contract name by @turbolent in #3530
• Check if CBOR tag number is reserved by atree before using it to encode Cadence values by @fxamacker in #3532

🐞 Bug Fixes

• Add support for exporting unmigrated path capabilities by @SupunS in #3538
• Handle invalid index-expressions in view assignment by @SupunS in #3539
• Make capabilities iteration ordered by @SupunS in #3542

Other Changes

• add staged report for aug 12 by @zhangchiqing in #3525
• Merge release/v1.0.0-preview.48 to master by @github-actions in #3526
• Add staged contracts report for testnet spork on aug 14 by @zhangchiqing in #3531
• Crescendo Mainnet migration report Aug 16 by @j1010001 in #3541

Full Changelog: v1.0.0-preview.48...v1.0.0-preview.49

v1.0.0-preview.48

What's Changed

🛠 Improvements

• Add capability stored path info to the report by @SupunS in #3524

Other Changes

• Merge release/v1.0.0-preview.47 to master by @github-actions in #3523

Full Changelog: v1.0.0-preview.47...v1.0.0-preview.48