@aws-cdk/cloudformation-diff

Utilities to diff CDK stacks against CloudFormation templates

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

amzn-ossaws-cdk-team

Keywords

awscdk

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
dependencies	unvetted-dep:aws-sdk	AI (dependencies): aws-sdk is the official AWS JavaScript SDK v2, a first-party Amazon package. Its use is expected and appropriate in an AWS CDK CloudFormation diff utility.	ai	2026/04/22
dependencies	unvetted-dep:@aws-cdk/cfnspec	AI (dependencies): @aws-cdk/cfnspec is a sibling package from the same aws-cdk-team publisher and monorepo; it is a legitimate internal CDK dependency.	ai	2026/04/22
phantom-deps	phantom-dep:@types/node	AI (phantom-deps): @types/node is a TypeScript type package commonly declared in CDK package dependencies for type resolution; not a real runtime phantom dependency concern for this package.	ai	2026/04/22
source-diff	obfuscated-file:lib/format-foreach.js	AI (source-diff): Compiled TypeScript output from official AWS CDK package; long lines are from TS compilation, not obfuscation. Code is readable and matches package purpose. SLSA provenance confirms CI/CD origin.	ai	2026/04/22
provenance	publisher-changed	AI (provenance): AWS CDK migrated to GitHub Actions CI/CD publishing with SLSA attestation; this is a legitimate infrastructure change for the official aws/aws-cdk-cli repo.	ai	2026/04/22
source-diff	obfuscated-file:lib/mappings.js	AI (source-diff): The file contains readable compiled TypeScript with meaningful names and logic; long lines are likely data tables, not obfuscation. Consistent with the package's diff-rendering purpose.	ai	2026/04/22
provenance	no-provenance	AI (provenance): aws-cdk-team is a well-established publisher with 500+ approved packages; lack of Sigstore provenance is a known gap for this publisher, not a security risk.	ai	2026/04/22
source-diff	obfuscated-file:lib/diff/template-and-changeset-diff-merger.js	AI (source-diff): File contains readable TypeScript-compiled JS with standard CDK class definitions. Long lines are an artifact of the TypeScript compiler output, not obfuscation. Pattern is consistent across all CDK packages.	ai	2026/04/22
source-diff	obfuscated-file:lib/iam/iam-identity-center.js	AI (source-diff): File contains readable TypeScript-compiled JS with standard CDK class definitions. Long lines are an artifact of the TypeScript compiler output, not obfuscation. Pattern is consistent across all CDK packages.	ai	2026/04/22
dependencies	unvetted-dep:@aws-cdk/service-spec-types	AI (dependencies): First-party AWS CDK package from the same aws/aws-cdk-cli organization; expected internal dependency for this package.	ai	2026/04/22
dependencies	unvetted-dep:@aws-cdk/aws-service-spec	AI (dependencies): First-party AWS CDK package from the same aws/aws-cdk-cli organization; expected internal dependency for this package.	ai	2026/04/22

Versions (showing 100 of 554)

Version	Deps	Published
2.121.0	7 / 8	2024-01-12
2.120.0	7 / 8	2024-01-12
2.119.0	7 / 8	2024-01-11
2.118.0	7 / 7	2024-01-03
2.117.0	7 / 7	2023-12-27
2.116.1	7 / 7	2023-12-22
2.116.0	7 / 7	2023-12-22
2.115.0	7 / 7	2023-12-14
2.114.1	7 / 7	2023-12-06
2.114.0	7 / 7	2023-12-05
2.113.0	7 / 7	2023-12-01
2.112.0	7 / 7	2023-12-01
2.111.0	7 / 7	2023-11-27
2.110.1	7 / 7	2023-11-22
2.110.0	7 / 7	2023-11-17
2.109.0	7 / 7	2023-11-16
2.108.1	7 / 7	2023-11-14
2.108.0	7 / 7	2023-11-14
2.107.0	7 / 7	2023-11-13
2.106.1	7 / 7	2023-11-11
2.106.0	7 / 7	2023-11-10
2.105.0	6 / 7	2023-11-08
2.104.0	6 / 7	2023-11-02
2.103.1	6 / 7	2023-10-27
2.103.0	6 / 7	2023-10-26
2.102.1	6 / 7	2023-10-25
2.102.0	6 / 7	2023-10-19
2.101.1	6 / 7	2023-10-16
2.101.0	6 / 7	2023-10-13
2.100.0	6 / 7	2023-10-06
2.99.1	6 / 7	2023-09-30
2.99.0	6 / 7	2023-09-28
2.98.0	6 / 7	2023-09-26
2.97.1	6 / 7	2023-09-26
2.97.0	6 / 7	2023-09-22
2.96.2	6 / 7	2023-09-15
2.96.1	6 / 7	2023-09-14
2.96.0	6 / 7	2023-09-13
2.95.1	6 / 7	2023-09-09
2.95.0	6 / 7	2023-09-07
2.94.0	6 / 7	2023-09-01
2.93.0	6 / 7	2023-08-23
2.92.0	6 / 7	2023-08-15
2.91.0	6 / 7	2023-08-10
2.90.0	6 / 7	2023-08-04
2.89.0	6 / 7	2023-07-28
2.88.0	6 / 7	2023-07-20
2.87.0	6 / 7	2023-07-06
2.86.0	6 / 7	2023-06-29
2.85.0	6 / 7	2023-06-21
2.84.0	6 / 7	2023-06-14
2.83.1	6 / 7	2023-06-09
2.83.0	6 / 7	2023-06-07
2.82.0	6 / 7	2023-06-02
2.81.0	6 / 7	2023-05-25
2.80.0	6 / 7	2023-05-20
2.79.1	6 / 7	2023-05-11
2.79.0	6 / 7	2023-05-10
2.78.0	6 / 7	2023-05-04
2.77.0	6 / 7	2023-04-26
2.76.0	6 / 7	2023-04-20
2.75.1	6 / 7	2023-04-19
2.75.0	6 / 7	2023-04-18
2.74.0	6 / 7	2023-04-13
2.73.0	6 / 7	2023-04-06
2.72.1	6 / 7	2023-03-31
2.72.0	6 / 7	2023-03-29
2.71.0	6 / 7	2023-03-29
2.70.0	6 / 7	2023-03-22
2.69.0	6 / 7	2023-03-14
2.68.0	6 / 7	2023-03-08
2.67.0	6 / 7	2023-03-02
2.66.1	6 / 7	2023-02-24
2.66.0	6 / 7	2023-02-21
2.65.0	6 / 7	2023-02-15
2.64.0	7 / 7	2023-02-09
2.63.2	7 / 7	2023-02-04
2.63.1	7 / 7	2023-02-03
2.63.0	7 / 7	2023-01-31
2.62.2	7 / 7	2023-01-27
2.62.1	7 / 7	2023-01-26
2.62.0	7 / 7	2023-01-25
2.61.1	7 / 7	2023-01-20
2.61.0	7 / 7	2023-01-19
2.60.0	7 / 7	2023-01-12
2.59.0	7 / 7	2023-01-03
2.58.1	7 / 7	2022-12-30
2.58.0	7 / 7	2022-12-29
2.57.0	7 / 7	2022-12-27
2.56.1	7 / 7	2022-12-23
2.56.0	7 / 7	2022-12-21
2.55.1	7 / 7	2022-12-16
2.55.0	7 / 7	2022-12-14
2.54.0	7 / 7	2022-12-07
2.53.0	7 / 7	2022-11-29
2.52.1	7 / 7	2022-11-29
2.52.0	7 / 7	2022-11-27
2.51.1	7 / 7	2022-11-18
2.51.0	7 / 7	2022-11-18
2.50.0	7 / 7	2022-11-01

Showing 100 of 554 Next page →