@aws-cdk/cloud-assembly-schema Apache-2.0 100 versions

@aws-cdk/cloud-assembly-schema

npm Repository Homepage

Schema for the protocol between CDK framework and CDK CLI

100

Versions

Apache-2.0

License

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

amzn-ossaws-cdk-team

Keywords

awscdk

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
source-diff	obfuscated-file:lib/cloud-assembly/validation-report-schema.js	AI (source-diff): Inline base64 source map from jsii/tsc compilation; standard for this package.	ai	2026/05/21
source-diff	obfuscated-file:lib/integ-tests/commands/deploy.js	AI (source-diff): Long lines are inline base64 source maps, not obfuscation. Standard TypeScript compiler output for this AWS CDK package.	ai	2026/04/22
source-diff	obfuscated-file:lib/integ-tests/commands/common.js	AI (source-diff): Long lines are inline base64 source maps (//# sourceMappingURL=data:application/json;base64,...), not obfuscation. Standard TypeScript compiler output for this AWS CDK package.	ai	2026/04/22
source-diff	obfuscated-file:lib/integ-tests/test-case.js	AI (source-diff): Long lines are inline base64 source maps, not obfuscation. Standard TypeScript compiler output for this AWS CDK package.	ai	2026/04/22
provenance	publisher-changed	AI (provenance): AWS CDK migrated publishing to GitHub Actions with SLSA provenance attestation. This is a documented organizational transition, not a compromise. SLSA attestation confirms CI/CD integrity.	ai	2026/04/22
maintainer-change	maintainer-removed	AI (maintainer-change): Removal of individual AWS CDK team members (eladb, romainmuller, rix0rrr) is consistent with the shift to automated GitHub Actions publishing for this AWS-owned package.	ai	2026/04/22
provenance	no-provenance	AI (provenance): Published by the well-established aws-cdk-team with 842 approved packages. Lack of Sigstore provenance is acceptable for this trusted publisher.	ai	2026/04/22
semgrep	semgrep:dynamic-require	AI (semgrep): The dynamic require in scripts/update-schema.js loads a hardcoded local JSON version file (cloud-assembly.version.json) via a constant path — no user input or arbitrary module loading. This is a dev/build script, not runtime code.	ai	2026/04/22
bogus-package	bogus-package	AI (bogus-package): AWS CDK schema package; README links are legitimate protocol/framework references, not phishing. Semver reflects monorepo versioning, not inflation.	ai	2026/04/21
dependencies	unvetted-dep:jsonschema	AI (dependencies): jsonschema is a well-known JSON schema validator; bundled dependency with tight version constraint (~1.4.1).	ai	2026/04/21

Versions (showing 100 of 635)

Version	Deps	Published
40.0.7	2 / 26	2025-02-17
40.0.6	2 / 26	2025-02-16
40.0.5	2 / 26	2025-02-15
40.0.4	2 / 26	2025-02-14
40.0.3	2 / 26	2025-02-13
40.0.2	2 / 26	2025-02-12
40.0.1	2 / 26	2025-02-11
40.0.0	2 / 26	2025-02-10
39.2.20	2 / 26	2025-02-10
39.2.19	2 / 26	2025-02-09
39.2.18	2 / 26	2025-02-08
39.2.17	2 / 26	2025-02-07
39.2.16	2 / 26	2025-02-06
39.2.15	2 / 26	2025-02-05
39.2.14	2 / 26	2025-02-04
39.2.13	2 / 26	2025-02-03
39.2.12	2 / 26	2025-02-02
39.2.11	2 / 26	2025-02-01
39.2.10	2 / 26	2025-01-31
39.2.9	2 / 26	2025-01-30
39.2.8	2 / 26	2025-01-29
39.2.7	2 / 26	2025-01-28
39.2.6	2 / 26	2025-01-27
39.2.5	2 / 26	2025-01-25
39.2.4	2 / 26	2025-01-24
39.2.3	2 / 26	2025-01-23
39.2.2	2 / 26	2025-01-22
39.2.1	2 / 26	2025-01-21
39.2.0	2 / 26	2025-01-20
39.1.50	2 / 26	2025-01-20
39.1.49	2 / 26	2025-01-19
39.1.48	2 / 26	2025-01-17
39.1.47	2 / 26	2025-01-16
39.1.46	2 / 26	2025-01-15
39.1.45	2 / 26	2025-01-14
39.1.44	2 / 26	2025-01-11
39.1.43	2 / 26	2025-01-10
39.1.42	2 / 26	2025-01-09
39.1.41	2 / 26	2025-01-08
39.1.40	2 / 26	2025-01-08
39.1.39	2 / 26	2025-01-08
39.1.38	2 / 26	2025-01-06
39.1.37	2 / 26	2025-01-04
39.1.36	2 / 26	2025-01-03
39.1.35	2 / 26	2025-01-02
39.1.34	2 / 26	2025-01-01
39.1.33	2 / 26	2024-12-31
39.1.32	2 / 26	2024-12-30
39.1.31	2 / 26	2024-12-26
39.1.30	2 / 26	2024-12-24
39.1.29	2 / 26	2024-12-23
39.1.28	2 / 26	2024-12-22
39.1.27	2 / 26	2024-12-21
39.1.26	2 / 26	2024-12-20
39.1.25	2 / 26	2024-12-19
39.1.24	2 / 26	2024-12-18
39.1.23	2 / 26	2024-12-17
39.1.22	2 / 26	2024-12-16
39.1.21	2 / 26	2024-12-15
39.1.20	2 / 26	2024-12-14
39.1.19	2 / 26	2024-12-13
39.1.18	2 / 26	2024-12-13
39.1.17	2 / 26	2024-12-12
39.1.16	2 / 26	2024-12-11
39.1.15	2 / 26	2024-12-10
39.1.14	2 / 26	2024-12-09
39.1.13	2 / 26	2024-12-08
39.1.12	2 / 26	2024-12-07
39.1.11	2 / 26	2024-12-06
39.1.10	2 / 26	2024-12-05
39.1.9	2 / 26	2024-12-04
39.1.8	2 / 26	2024-12-03
39.1.7	2 / 26	2024-12-02
39.1.6	2 / 26	2024-12-01
39.1.5	2 / 26	2024-11-30
39.1.4	2 / 26	2024-11-29
39.1.3	2 / 26	2024-11-28
39.1.2	2 / 26	2024-11-27
39.1.1	2 / 26	2024-11-26
39.1.0	2 / 26	2024-11-25
39.0.13	2 / 26	2024-11-25
39.0.12	2 / 26	2024-11-24
39.0.11	2 / 26	2024-11-23
39.0.10	2 / 26	2024-11-22
39.0.9	2 / 26	2024-11-21
39.0.8	2 / 26	2024-11-20
39.0.7	2 / 26	2024-11-19
39.0.6	2 / 26	2024-11-19
39.0.5	2 / 26	2024-11-16
39.0.4	2 / 26	2024-11-15
39.0.3	2 / 26	2024-11-14
39.0.2	2 / 26	2024-11-13
39.0.1	2 / 25	2024-11-07
39.0.0	2 / 25	2024-11-07
38.0.1	2 / 25	2024-09-18
38.0.0	2 / 25	2024-09-18
37.0.0	2 / 25	2024-09-18
36.3.0	2 / 25	2024-09-18
36.2.2	2 / 25	2024-09-18
36.2.1	2 / 25	2024-09-18

Showing 100 of 635 Next page →