Bump github.com/onflow/cadence from 1.0.0-preview.52 to 1.0.1

[dependabot]

Bumps github.com/onflow/cadence from 1.0.0-preview.52 to 1.0.1.

Release notes

Sourced from github.com/onflow/cadence's releases.

v1.0.1

What's Changed

🐞 Bug Fixes

• Port bug fixes from internal repo by @​SupunS in onflow/cadence#3600
• Prevent leaving unreferenced slabs in storage while updating dictionary with enum key by @​SupunS in onflow/cadence#3602
• Fix invocation boxing by @​SupunS in onflow/cadence#3601

Other Changes

• Update version.go by @​SupunS in onflow/cadence#3603

Full Changelog: onflow/cadence@v1.0.0...v1.0.1

v1.0.0

We are excited to announce the release of Cadence v1.0! 🎉

Starting with this release, there will be no more planned breaking changes going forward! 🚀

Reflecting two years of work since the last major milestone in 2022, v0.24 (Secure Cadence), and the culmination of five years of work since the inception of Cadence in 2019, Cadence 1.0 is a milestone marking several significant enhancements. This release introduces full forward compatibility, enhanced composability through Attachments, and significant performance improvements.

We would like to thank all contributors and community members for their great feedback and amazing contributions – this would have not been possible without you! 🙇

To learn more, visit https://flow.com/upgrade/crescendo/cadence-1.

💫 New features

Attachments

Attachments allow developers to extend a struct or resource type (even one that they did not declare) with new functionality and data, without requiring the original author of the type to plan or account for it.

This feature allows developers to easily build on and extend any existing application, significantly improving the composability story of Cadence.

Entitlements and Safe Downcasting

In Cadence 1.0, access control has improved significantly.

Previously, Cadence’s main access-control mechanism, restricted reference types, has been a source of confusion and mistakes for contract developers. Additionally, references could not be downcast, leading to ergonomic issues.

Access control is now handled using a new feature called Entitlements. A reference can now be “entitled” to certain facets of an object.

References can now always be down-casted, the standalone auth modifier is not necessary anymore, and got removed.

Entitled Account Access

Previously, access to accounts was granted wholesale: Users would sign a transaction, authorizing the code of the transaction to perform any kind of operation, for example, write to storage, but also add keys or contracts.

Users had to trust that a transaction would only perform supposed access, e.g. storage access to withdraw tokens, but still had to grant full access, which would allow the transaction to perform other operations.

Dapp developers who require users to sign transactions are now able to request the minimum amount of access to perform the intended operation, i.e. developers are able to follow the principle of least privilege (PoLA).

... (truncated)

Changelog

Sourced from github.com/onflow/cadence's changelog.

Commits

• fc7df6c v1.0.1
• 9e12a05 Merge pull request #3601 from onflow/supun/port-263
• 9f55a1d Merge branch 'v1.0' of https://github.com/onflow/cadence into supun/port-263
• 70606a5 Merge pull request #3602 from onflow/supun/port-242
• d51ec75 Merge branch 'v1.0' of https://github.com/onflow/cadence into supun/port-263
• 528b9ae Merge pull request #3600 from onflow/supun/port-fixes
• b11b32f Merge branch 'v1.0' into supun/port-242
• d9709a5 Merge branch 'v1.0' into supun/port-fixes
• b55d056 Merge pull request #3603 from onflow/supun/update-version
• ddd8d3d Update version.go
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)