All @aws-amplify/data-schema versions
@aws-amplify/data-schema @0.0.0-sel-set-20251204071753
rejected
This version was rejected.
It did not pass GreenFlagged's security review and is not served by the registry.
The findings and risk dispositions below explain why.
0
Risk Score
Apache-2.0
License
No
Install Scripts
5
Dependencies
10
Dev Dependencies
435.0 KB
Package Size
Published
Maintainers
amzn-ossaws-amplify-opsamplify-studio-uibuilderamplify-codegenamplify-data-dev-npmaws-amplify-data-runtime
Dependencies (5)
| Package | Constraint | Registry Status |
|---|---|---|
| rxjs | ^7.8.1 | auto_approved |
| @types/aws-lambda | ^8.10.134 | auto_approved |
| @types/json-schema | ^7.0.15 | auto_approved |
| @smithy/util-base64 | ^3.0.0 | auto_approved |
| @aws-amplify/data-schema-types | * | auto_approved |
Dev Dependencies (10)
| Package | Constraint | Registry Status |
|---|---|---|
| jest | ^29.7.0 | auto_approved |
| turbo | ^1.10.14 | auto_approved |
| rimraf | ^5.0.5 | auto_approved |
| rollup | ^4.22.4 | auto_approved |
| ts-jest | ^29.1.1 | auto_approved |
| jest-tsd | ^0.2.2 | Not imported |
| typescript | ^5.1.6 | auto_approved |
| @types/jest | 29.5.4 | auto_approved |
| @tsd/typescript | ^5.1.6 | auto_approved |
| @rollup/plugin-typescript | 11.1.5 | auto_approved |
Transitive Dependency Tree
7 transitive deps
max depth 3
├─
@aws-amplify/data-schema-types
*
→ 1.2.1
├─
@smithy/util-base64
^3.0.0
├─
@types/aws-lambda
^8.10.134
→ 8.10.161
├─
@types/json-schema
^7.0.15
→ 7.0.15
├─
rxjs
^7.8.1
→ 7.8.2
├─
graphql
15.8.0
→ 15.8.0
├─
rxjs
^7.8.1
→ 7.8.2
├─
tslib
^2.1.0
→ 2.8.1
├─
tslib
^2.1.0
→ 2.8.1
Changes from v1.13.2
No metadata changes detected.
File Changes
18 added
6 removed
241 modified
size delta: +155.6 KB
Risk Dispositions (2 applicable to this version, 0 other)
Accepted rules are downgraded to INFO on future analyses; rejected rules escalate to CRITICAL.
| Rule | Source | Disposition | Author | Reason | |
|---|---|---|---|---|---|
suspicious-version-number |
publish-pattern | reject | AI | AI (publish-pattern): Version pattern 0.0.0-sel-set-* is atypical for AWS Amplify releases and matches malicious package patterns. | |
publisher-changed |
provenance | reject | AI | AI (provenance): Publisher change from aws-amplify-data-runtime to aws-amplify-ops on same date as suspicious version warrants caution. |
SAST Findings (2)
INFO
No provenance attestation
provenance
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
INFO
Publisher changed: aws-amplify-data-runtime → aws-amplify-ops (on 2025-12-04)
provenance
[Accepted risk] This version was published by a different npm account than previous versions on 2025-12-04. This could indicate a legitimate maintainer transition or an account compromise.
Review Summary
Risk score: 0. Findings: 10 info (+0).
Commit: 31f5ae3b1ed8 Browse source
Published to npm: