T7 cadence-audit Phase 3 surfaced 2 lower-sev issues that were partially addressed in F-017 (anti-patterns owner.borrow modernized). Remaining:
1. content/docs/language/interfaces.mdx — field-access widening
T7 reported: 'prose claims field-access widening is allowed; example contradicts current Cadence 1.0 (rejects)'.
I (Phase 6.2 F-017) couldn't reproduce the widening discussion via grep — the term 'widening' isn't in the file. Possibly T7 was referring to a contextual implication rather than a literal phrase. Re-review with cadence-audit + careful read of the access-modifier section.
2. content/docs/language/contracts.mdx — contracts.update signature
T7 reported: 'contracts.update example passes code: String, signature requires [UInt8]'.
I (F-017 review) judged this a false-positive: the transaction's prepare param is String for user convenience, then .utf8 converts to [UInt8] before passing to contracts.update. The signature matches.
But T7's audit was more thorough than my one-off review — re-run cadence-audit on the specific page to confirm or revisit.
Severity
Both sev-2/3 per T7 — wouldn't block release but should be cleaned up. Combined ~30 minutes of focused content review.
T7 cadence-audit Phase 3 surfaced 2 lower-sev issues that were partially addressed in F-017 (anti-patterns owner.borrow modernized). Remaining:
1.
content/docs/language/interfaces.mdx— field-access wideningT7 reported: 'prose claims field-access widening is allowed; example contradicts current Cadence 1.0 (rejects)'.
I (Phase 6.2 F-017) couldn't reproduce the widening discussion via grep — the term 'widening' isn't in the file. Possibly T7 was referring to a contextual implication rather than a literal phrase. Re-review with cadence-audit + careful read of the access-modifier section.
2.
content/docs/language/contracts.mdx—contracts.updatesignatureT7 reported: 'contracts.update example passes
code: String, signature requires[UInt8]'.I (F-017 review) judged this a false-positive: the transaction's prepare param is
Stringfor user convenience, then.utf8converts to[UInt8]before passing tocontracts.update. The signature matches.But T7's audit was more thorough than my one-off review — re-run cadence-audit on the specific page to confirm or revisit.
Severity
Both sev-2/3 per T7 — wouldn't block release but should be cleaned up. Combined ~30 minutes of focused content review.