@aws-sdk/credential-provider-process

AWS credential provider that sources credential_process from ~/.aws/credentials and ~/.aws/config

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures No source commit

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

amzn-ossaws-sdk-bot

Keywords

awscredentials

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
semgrep	semgrep:child-process-exec	AI (semgrep): This package's core purpose is executing a credential_process command from the user's AWS config. child_process.exec() is intentional and documented AWS SDK behavior, not a security risk.	ai	2026/04/22
phantom-deps	phantom-dep:@aws-sdk/shared-ini-file-loader	AI (phantom-deps): @aws-sdk/shared-ini-file-loader is a declared dependency in package.json and a legitimate sibling AWS SDK package; phantom-dep finding is a false positive here.	ai	2026/04/22
phantom-deps	phantom-dep:tslib	AI (phantom-deps): tslib is a declared runtime dependency used implicitly by compiled TypeScript output; this is a known false positive pattern for TypeScript packages.	ai	2026/04/22
semgrep	semgrep:child-process-import	AI (semgrep): child_process import is required for the credential_process feature; stable and expected for this package across all versions.	ai	2026/04/22

Versions (showing 51 of 284)

View all versions

Version	Deps	Published
3.972.41	5 / 6	2026-05-28
3.972.40	5 / 6	2026-05-26
3.972.39	5 / 6	2026-05-21
3.972.38	5 / 6	2026-05-18
3.972.37	5 / 6	2026-05-15
3.972.36	5 / 6	2026-05-14
3.972.35	5 / 6	2026-05-14
3.972.34	6 / 6	2026-05-01
3.972.33	6 / 6	2026-04-29
3.972.32	6 / 6	2026-04-27
3.972.31	6 / 6	2026-04-23
3.972.30	6 / 6	2026-04-22
3.972.29	6 / 6	2026-04-21
3.972.28	6 / 6	2026-04-20
3.972.27	6 / 6	2026-04-17
3.972.26	6 / 6	2026-04-16
3.972.25	6 / 6	2026-04-07
3.972.24	6 / 6	2026-03-30
3.972.23	6 / 6	2026-03-26
3.972.22	6 / 6	2026-03-23
3.972.21	6 / 6	2026-03-20
3.972.20	6 / 6	2026-03-19
3.972.19	6 / 6	2026-03-18
3.972.18	6 / 6	2026-03-13
3.972.17	6 / 6	2026-03-09
3.972.16	6 / 6	2026-03-05
3.972.15	6 / 6	2026-03-04
3.972.14	6 / 6	2026-03-03
3.972.13	6 / 6	2026-02-26
3.972.12	6 / 6	2026-02-25
3.972.11	6 / 6	2026-02-24
3.972.10	6 / 6	2026-02-23
3.972.9	6 / 6	2026-02-18
3.972.8	6 / 6	2026-02-13
3.972.7	6 / 6	2026-02-12
3.972.6	6 / 6	2026-02-11
3.972.5	6 / 6	2026-02-06
3.972.4	6 / 6	2026-02-03
3.972.3	6 / 6	2026-01-30
3.972.2	6 / 6	2026-01-26
3.972.1	6 / 6	2026-01-22
3.972.0	6 / 6	2026-01-20
3.970.0	6 / 6	2026-01-15
3.969.0	6 / 6	2026-01-14
3.968.0	6 / 6	2026-01-13
3.967.0	6 / 6	2026-01-13
3.966.0	6 / 6	2026-01-09
3.965.0	6 / 6	2026-01-07
3.964.0	6 / 6	2026-01-06
3.957.0	6 / 6	2025-12-22
3.956.0	6 / 6	2025-12-19