@aws-sdk/util-arn-parser
A parser to Amazon Resource Names
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist-cjs/index.js | AI (source-diff): The long line is a standard inline base64 source map comment generated by TypeScript compilation, not obfuscated code. Stable pattern across all AWS SDK v3 packages. | ai | |
| source-diff | obfuscated-file:dist-es/index.js | AI (source-diff): Same as dist-cjs: inline base64 source map from TypeScript build output. Not obfuscation. Stable pattern for this package. | ai |
Versions (showing 51 of 61)
| Version | Deps | Published |
|---|---|---|
| 3.972.10 | 2 / 6 | |
| 3.972.9 | 2 / 6 | |
| 3.972.8 | 2 / 6 | |
| 3.972.7 | 2 / 6 | |
| 3.972.6 | 2 / 6 | |
| 3.972.5 | 2 / 6 | |
| 3.972.4 | 2 / 6 | |
| 3.972.3 | 1 / 6 | |
| 3.972.2 | 1 / 6 | |
| 3.972.1 | 1 / 6 | |
| 3.972.0 | 1 / 6 | |
| 3.968.0 | 1 / 6 | |
| 3.966.0 | 1 / 6 | |
| 3.965.0 | 1 / 6 | |
| 3.957.0 | 1 / 6 | |
| 3.953.0 | 1 / 6 | |
| 3.893.0 | 1 / 6 | |
| 3.873.0 | 1 / 6 | |
| 3.804.0 | 1 / 6 | |
| 3.723.0 | 1 / 6 | |
| 3.693.0 | 1 / 6 | |
| 3.679.0 | 1 / 6 | |
| 3.568.0 | 1 / 6 | |
| 3.567.0 | 1 / 6 | |
| 3.535.0 | 1 / 6 | |
| 3.495.0 | 1 / 6 | |
| 3.465.0 | 1 / 6 | |
| 3.310.0 | 1 / 7 | |
| 3.295.0 | 1 / 7 | |
| 3.292.0 | 1 / 7 | |
| 3.208.0 | 1 / 7 | |
| 3.201.0 | 1 / 7 | |
| 3.188.0 | 1 / 7 | |
| 3.186.0 | 1 / 7 | |
| 3.183.0 | 1 / 7 | |
| 3.170.0 | 1 / 7 | |
| 3.168.0 | 1 / 7 | |
| 3.55.0 | 1 / 7 | |
| 3.52.0 | 1 / 7 | |
| 3.49.0 | 1 / 7 | |
| 3.47.1 | 1 / 1 | |
| 3.47.0 | 1 / 1 | |
| 3.46.0 | 1 / 1 | |
| 3.37.0 | 1 / 4 | |
| 3.36.0 | 1 / 4 | |
| 3.35.0 | 1 / 4 | |
| 3.34.0 | 1 / 4 | |
| 3.32.0 | 1 / 4 | |
| 3.29.0 | 1 / 4 | |
| 3.23.0 | 1 / 4 | |
| 3.22.0 | 1 / 4 |
v3.972.10
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.972.9
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.972.8
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.972.7
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.972.6
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.972.5
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.972.4
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.535.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.495.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.465.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.310.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.295.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.292.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.208.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.201.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.188.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.186.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.183.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.170.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.168.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.55.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.52.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.49.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.47.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.47.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.46.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.37.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.36.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.35.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.34.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.32.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.29.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.23.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.22.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.