@aws-sdk/util-buffer-from
[](https://www.npmjs.com/package/@aws-sdk/util-buffer-from) [](https://www.npmjs.com/package/@aws
37
Versions
Apache-2.0
License
No
Install Scripts
Missing
Provenance
Supply chain provenance
Status for the latest visible version.
No SLSA provenance
npm registry signatures
No source commit
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
mattsb42-awskuheamzn-ossaws-sdk-bottrivikr-aws
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:tslib | AI (phantom-deps): tslib is a standard TypeScript runtime helper used as an implicit dependency throughout the AWS SDK v3 monorepo; this pattern is stable and expected for this package. | ai | |
| provenance | no-provenance | AI (provenance): aws-sdk-bot consistently publishes without Sigstore provenance; this is a known pattern for the entire AWS SDK v3 package family and not a risk signal. | ai |
Versions (showing 37 of 37)
| Version | Deps | Published |
|---|---|---|
| 3.374.0 | 2 / 7 | |
| 3.310.0 | 2 / 7 | |
| 3.303.0 | 2 / 7 | |
| 3.295.0 | 2 / 7 | |
| 3.292.0 | 2 / 7 | |
| 3.208.0 | 2 / 7 | |
| 3.201.0 | 2 / 7 | |
| 3.188.0 | 2 / 7 | |
| 3.186.0 | 2 / 7 | |
| 3.183.0 | 2 / 7 | |
| 3.170.0 | 2 / 7 | |
| 3.168.0 | 2 / 7 | |
| 3.55.0 | 2 / 7 | |
| 3.52.0 | 2 / 7 | |
| 3.49.0 | 2 / 7 | |
| 3.47.2 | 2 / 1 | |
| 3.47.1 | 2 / 1 | |
| 3.47.0 | 2 / 1 | |
| 3.46.0 | 2 / 1 | |
| 3.37.0 | 2 / 4 | |
| 3.36.0 | 2 / 4 | |
| 3.35.0 | 2 / 4 | |
| 3.34.0 | 2 / 4 | |
| 3.32.0 | 2 / 4 | |
| 3.29.0 | 2 / 4 | |
| 3.23.0 | 2 / 4 | |
| 3.22.0 | 2 / 4 | |
| 3.20.0 | 2 / 4 | |
| 3.18.0 | 2 / 4 | |
| 3.13.1 | 2 / 4 | |
| 3.12.0 | 2 / 4 | |
| 3.10.0 | 2 / 4 | |
| 3.6.1 | 2 / 4 | |
| 3.4.1 | 2 / 4 | |
| 3.4.0 | 2 / 4 | |
| 3.1.0 | 2 / 4 | |
| 3.0.0 | 2 / 4 |