@aws-cdk/cloudformation-diff

Utilities to diff CDK stacks against CloudFormation templates

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

amzn-ossaws-cdk-team

Keywords

awscdk

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
dependencies	unvetted-dep:aws-sdk	AI (dependencies): aws-sdk is the official AWS JavaScript SDK v2, a first-party Amazon package. Its use is expected and appropriate in an AWS CDK CloudFormation diff utility.	ai	2026/04/22
dependencies	unvetted-dep:@aws-cdk/cfnspec	AI (dependencies): @aws-cdk/cfnspec is a sibling package from the same aws-cdk-team publisher and monorepo; it is a legitimate internal CDK dependency.	ai	2026/04/22
phantom-deps	phantom-dep:@types/node	AI (phantom-deps): @types/node is a TypeScript type package commonly declared in CDK package dependencies for type resolution; not a real runtime phantom dependency concern for this package.	ai	2026/04/22
source-diff	obfuscated-file:lib/format-foreach.js	AI (source-diff): Compiled TypeScript output from official AWS CDK package; long lines are from TS compilation, not obfuscation. Code is readable and matches package purpose. SLSA provenance confirms CI/CD origin.	ai	2026/04/22
provenance	publisher-changed	AI (provenance): AWS CDK migrated to GitHub Actions CI/CD publishing with SLSA attestation; this is a legitimate infrastructure change for the official aws/aws-cdk-cli repo.	ai	2026/04/22
source-diff	obfuscated-file:lib/mappings.js	AI (source-diff): The file contains readable compiled TypeScript with meaningful names and logic; long lines are likely data tables, not obfuscation. Consistent with the package's diff-rendering purpose.	ai	2026/04/22
provenance	no-provenance	AI (provenance): aws-cdk-team is a well-established publisher with 500+ approved packages; lack of Sigstore provenance is a known gap for this publisher, not a security risk.	ai	2026/04/22
source-diff	obfuscated-file:lib/diff/template-and-changeset-diff-merger.js	AI (source-diff): File contains readable TypeScript-compiled JS with standard CDK class definitions. Long lines are an artifact of the TypeScript compiler output, not obfuscation. Pattern is consistent across all CDK packages.	ai	2026/04/22
source-diff	obfuscated-file:lib/iam/iam-identity-center.js	AI (source-diff): File contains readable TypeScript-compiled JS with standard CDK class definitions. Long lines are an artifact of the TypeScript compiler output, not obfuscation. Pattern is consistent across all CDK packages.	ai	2026/04/22
dependencies	unvetted-dep:@aws-cdk/service-spec-types	AI (dependencies): First-party AWS CDK package from the same aws/aws-cdk-cli organization; expected internal dependency for this package.	ai	2026/04/22
dependencies	unvetted-dep:@aws-cdk/aws-service-spec	AI (dependencies): First-party AWS CDK package from the same aws/aws-cdk-cli organization; expected internal dependency for this package.	ai	2026/04/22

Versions (showing 100 of 554)

Version	Deps	Published
1.173.0	7 / 7	2022-09-16
1.172.0	7 / 7	2022-09-08
1.171.0	7 / 7	2022-08-31
1.170.1	7 / 7	2022-08-31
1.170.0	7 / 7	2022-08-25
1.169.0	7 / 7	2022-08-18
1.168.0	7 / 7	2022-08-09
1.167.0	7 / 7	2022-08-02
1.166.1	7 / 7	2022-07-29
1.165.0	7 / 7	2022-07-19
1.164.0	7 / 7	2022-07-16
1.163.2	7 / 7	2022-07-14
1.163.1	7 / 7	2022-07-09
1.163.0	7 / 7	2022-07-06
1.162.0	7 / 7	2022-07-01
1.161.0	7 / 7	2022-06-23
1.160.0	7 / 7	2022-06-14
1.159.0	7 / 7	2022-06-03
1.158.0	7 / 7	2022-05-27
1.157.0	7 / 7	2022-05-21
1.156.1	7 / 7	2022-05-13
1.156.0	7 / 7	2022-05-12
1.155.0	7 / 7	2022-05-04
1.154.0	7 / 7	2022-04-28
1.153.1	7 / 7	2022-04-23
1.153.0	7 / 7	2022-04-22
1.152.0	7 / 7	2022-04-07
1.151.0	7 / 7	2022-04-01
1.150.0	7 / 7	2022-03-26
1.149.0	7 / 7	2022-03-17
1.148.0	7 / 7	2022-03-10
1.147.0	7 / 7	2022-03-01
1.146.0	7 / 7	2022-02-25
1.145.0	7 / 7	2022-02-19
1.144.0	7 / 7	2022-02-08
1.143.0	7 / 7	2022-02-02
1.142.0	7 / 7	2022-01-29
1.141.0	7 / 7	2022-01-27
1.140.0	7 / 7	2022-01-20
1.139.0	7 / 7	2022-01-11
1.138.2	7 / 7	2022-01-10
1.138.1	7 / 7	2022-01-07
1.138.0	7 / 7	2022-01-04
1.137.0	7 / 7	2021-12-21
1.136.0	7 / 7	2021-12-15
1.135.0	7 / 7	2021-12-10
1.134.0	7 / 7	2021-11-23
1.133.0	7 / 7	2021-11-19
1.132.0	7 / 7	2021-11-09
1.131.0	7 / 7	2021-11-07
1.130.0	7 / 7	2021-10-29
1.129.0	7 / 7	2021-10-21
1.128.0	7 / 7	2021-10-14
1.127.0	7 / 7	2021-10-08
1.126.0	7 / 7	2021-10-05
1.125.0	7 / 7	2021-09-29
1.124.0	7 / 7	2021-09-21
1.123.0	7 / 7	2021-09-17
1.122.0	7 / 7	2021-09-08
1.121.0	7 / 7	2021-09-01
1.120.0	7 / 7	2021-08-26
1.119.0	7 / 7	2021-08-17
1.118.0	7 / 7	2021-08-11
1.117.0	7 / 7	2021-08-05
1.116.0	7 / 7	2021-07-28
1.115.0	7 / 7	2021-07-21
1.114.0	7 / 7	2021-07-15
1.113.0	7 / 7	2021-07-12
1.112.0	7 / 7	2021-07-09
1.111.0	7 / 7	2021-07-02
1.110.1	7 / 7	2021-06-28
1.110.0	7 / 7	2021-06-24
1.109.0	7 / 7	2021-06-17
1.108.1	7 / 7	2021-06-11
1.108.0	7 / 7	2021-06-09
1.107.0	7 / 7	2021-06-02
1.106.1	7 / 7	2021-05-26
1.106.0	7 / 7	2021-05-25
1.105.0	7 / 7	2021-05-19
1.104.0	6 / 7	2021-05-15
1.103.0	6 / 7	2021-05-10
1.102.0	6 / 7	2021-05-04
1.101.0	6 / 7	2021-04-28
1.100.0	6 / 8	2021-04-20
1.99.0	6 / 8	2021-04-19
1.98.0	6 / 8	2021-04-12
1.97.0	6 / 8	2021-04-06
1.96.0	6 / 8	2021-04-01
1.95.2	6 / 8	2021-04-01
1.95.1	6 / 8	2021-03-26
1.95.0	6 / 8	2021-03-25
1.94.1	6 / 8	2021-03-17
1.94.0	6 / 8	2021-03-16
1.93.0	6 / 8	2021-03-11
1.92.0	6 / 8	2021-03-06
1.91.0	6 / 8	2021-02-23
1.90.1	6 / 8	2021-02-19
1.90.0	6 / 8	2021-02-18
1.89.0	6 / 8	2021-02-09
1.88.0	6 / 8	2021-02-04

Showing 100 of 554 Next page →