@aws-amplify/data-schema

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

amzn-ossaws-amplify-opsamplify-studio-uibuilderamplify-codegenamplify-data-dev-npmaws-amplify-data-runtime

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
source-diff	source-size-tripled	AI (source-diff): 4.1x size increase explained by compiled output (tsbuildinfo, .js.map files); consistent with build refactor.	ai	2026/04/21
source-diff	obfuscated-file:dist/esm/ai/ConversationSchemaGraphQLTypes.d.ts	AI (source-diff): File is a TypeScript declaration exporting a GraphQL schema string constant, not obfuscated code. Normal pattern for schema distribution in AWS Amplify packages.	ai	2026/04/21
npm-metadata	no-description	AI (npm-metadata): Common in AWS monorepo subpackages; not indicative of malice.	ai	2026/04/21
phantom-deps	phantom-dep:@types/aws-lambda	AI (phantom-deps): Framework-scoped type definitions loaded by convention in AWS packages.	ai	2026/04/21
phantom-deps	phantom-dep:@types/json-schema	AI (phantom-deps): Framework-scoped type definitions loaded by convention in schema packages.	ai	2026/04/21
dependencies	unvetted-dep:rxjs	AI (dependencies): rxjs is an established, widely-used reactive library; version constraint ^7.8.1 is reasonable and stable.	ai	2026/04/21
dependencies	unvetted-dep:@types/aws-lambda	AI (dependencies): Type definitions for AWS Lambda; framework-scoped dependency typical in AWS packages.	ai	2026/04/21
source-diff	large-new-source-files	AI (source-diff): 228 new files are compiled distribution artifacts and source maps, not injected code.	ai	2026/04/21
publish-pattern	new-deps-added	AI (publish-pattern): New deps are established AWS/Smithy utilities; no suspicious patterns.	ai	2026/04/21
dependencies	unvetted-dep:@smithy/util-base64	AI (dependencies): Smithy utility from AWS SDK; standard dependency for AWS service integration.	ai	2026/04/21
maintainer-change	maintainer-added	AI (maintainer-change): Addition of aws-amplify-data-runtime is consistent with AWS internal team organization; no takeover indicators present.	ai	2026/04/21
maintainer-change	maintainer-removed	AI (maintainer-change): Routine maintainer rotation in large org; no concurrent new maintainers or takeover indicators.	ai	2026/04/21
provenance	no-provenance	AI (provenance): Provenance not yet standard for AWS Amplify releases; not a security indicator.	ai	2026/04/21

Versions (showing 100 of 119)

Version	Deps	Published
1.23.0	5 / 10	2026-01-28
1.22.2	5 / 10	2026-01-13
1.22.1	5 / 10	2026-01-07
1.13.2	5 / 11	2024-11-12
1.13.1	5 / 11	2024-11-12
1.13.0	5 / 11	2024-11-11
1.12.2	5 / 11	2024-11-04
1.12.1	5 / 11	2024-10-31
1.12.0	5 / 11	2024-10-30
1.11.0	5 / 11	2024-10-28
1.10.2	5 / 11	2024-10-21
1.10.1	5 / 11	2024-10-18
1.10.0	5 / 11	2024-10-07
1.9.2	5 / 11	2024-10-04
1.9.1	5 / 11	2024-10-04
1.9.0	5 / 11	2024-10-03
1.8.1	5 / 11	2024-10-01
1.8.0	5 / 11	2024-10-01
1.7.0	5 / 11	2024-09-30
1.6.3	5 / 11	2024-09-26
1.6.2	5 / 11	2024-09-24
1.6.1	5 / 11	2024-09-19
1.6.0	5 / 11	2024-09-16
1.5.1	5 / 11	2024-09-10
1.5.0	5 / 11	2024-09-06
1.4.1	3 / 11	2024-09-06
1.4.0	3 / 11	2024-09-04
1.3.10	3 / 11	2024-07-23
1.3.9	3 / 11	2024-07-22
1.3.8	3 / 11	2024-07-18
1.3.7	3 / 11	2024-07-16
1.3.6	3 / 11	2024-07-16
1.3.5	3 / 11	2024-07-15
1.3.4	3 / 11	2024-07-02
1.3.3	3 / 11	2024-06-26
1.3.2	3 / 11	2024-06-14
1.3.1	3 / 11	2024-06-06
1.3.0	3 / 11	2024-05-30
1.2.9	3 / 11	2024-05-28
1.2.8	3 / 11	2024-05-24
1.2.7	3 / 11	2024-05-23
1.2.6	3 / 11	2024-05-23
1.2.5	3 / 11	2024-05-18
1.2.4	3 / 11	2024-05-17
1.2.3	3 / 11	2024-05-17
1.2.2	3 / 11	2024-05-14
1.2.1	3 / 11	2024-05-13
1.2.0	3 / 11	2024-05-09
1.1.6	3 / 11	2024-05-08
1.1.5	3 / 11	2024-05-06
1.1.4	3 / 11	2024-05-03
1.1.3	3 / 11	2024-05-01
1.1.2	3 / 11	2024-05-01
1.1.1	3 / 11	2024-04-30
1.1.0	3 / 11	2024-04-30
1.0.1	3 / 11	2024-04-29
1.0.0	3 / 11	2024-04-26
0.18.4	3 / 11	2024-04-26
0.18.3	3 / 11	2024-04-26
0.18.2	3 / 11	2024-04-26
0.18.1	3 / 11	2024-04-26
0.18.0	3 / 11	2024-04-26
0.17.1	3 / 11	2024-04-25
0.17.0	3 / 11	2024-04-24
0.16.2	3 / 11	2024-04-19
0.16.1	3 / 11	2024-04-19
0.16.0	3 / 11	2024-04-18
0.15.0	2 / 9	2024-04-15
0.14.14	2 / 9	2024-04-13
0.14.13	2 / 9	2024-04-12
0.14.12	2 / 9	2024-04-11
0.14.11	2 / 9	2024-04-10
0.14.10	2 / 9	2024-04-09
0.14.9	2 / 9	2024-04-08
0.14.8	2 / 9	2024-04-04
0.14.7	2 / 9	2024-04-04
0.14.6	2 / 9	2024-04-01
0.14.5	2 / 9	2024-03-27
0.14.4	2 / 9	2024-03-27
0.14.3	2 / 9	2024-03-27
0.14.2	2 / 9	2024-03-26
0.14.1	2 / 9	2024-03-21
0.14.0	2 / 9	2024-03-20
0.13.18	2 / 9	2024-03-18
0.13.17	2 / 9	2024-03-18
0.13.16	2 / 9	2024-03-14
0.13.15	1 / 9	2024-03-12
0.13.14	1 / 9	2024-03-12
0.13.13	1 / 9	2024-03-12
0.13.12	1 / 9	2024-03-12
0.13.11	1 / 9	2024-03-07
0.13.10	1 / 9	2024-03-05
0.13.9	1 / 9	2024-02-29
0.13.8	1 / 9	2024-02-27
0.13.7	1 / 9	2024-02-27
0.13.6	1 / 9	2024-02-22
0.13.5	1 / 9	2024-02-22
0.13.4	1 / 9	2024-02-19
0.13.3	1 / 9	2024-02-13
0.13.2	1 / 9	2024-02-07

Showing 100 of 119 Next page →