@aws-sdk/client-cloudfront

AWS SDK for JavaScript Cloudfront Client for Node.js, Browser and React Native

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures No source commit

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

amzn-ossaws-sdk-bot

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
source-diff	obfuscated-file:dist-es/schemas/schemas_0.js	AI (source-diff): AWS SDK v3 uses short constant aliases for XML/JSON field names to reduce bundle size. This is a documented pattern across all AWS SDK v3 clients, not obfuscation.	ai	2026/04/22
source-diff	large-new-source-files	AI (source-diff): AWS SDK clients regularly add new source files as AWS APIs expand. 66 new files is consistent with CloudFront API growth (new features visible in schema sample).	ai	2026/04/22
dependencies	unvetted-dep:@aws-crypto/sha256-js	AI (dependencies): Official AWS crypto library, part of the AWS SDK v3 ecosystem.	ai	2026/04/21
dependencies	unvetted-dep:@smithy/smithy-client	AI (dependencies): First-party Smithy client library, standard AWS SDK v3 dependency.	ai	2026/04/21
dependencies	unvetted-dep:@aws-sdk/util-endpoints	AI (dependencies): First-party AWS SDK v3 utility package from the same publisher.	ai	2026/04/21
dependencies	unvetted-dep:@smithy/middleware-retry	AI (dependencies): First-party Smithy middleware, standard AWS SDK v3 dependency.	ai	2026/04/21
dependencies	unvetted-dep:@smithy/middleware-serde	AI (dependencies): First-party Smithy middleware, standard AWS SDK v3 dependency.	ai	2026/04/21
dependencies	unvetted-dep:@aws-crypto/sha256-browser	AI (dependencies): Official AWS crypto library for browser environments, part of AWS SDK v3 ecosystem.	ai	2026/04/21
dependencies	unvetted-dep:@aws-sdk/middleware-logger	AI (dependencies): First-party AWS SDK v3 middleware package from the same publisher.	ai	2026/04/21
dependencies	unvetted-dep:@smithy/middleware-endpoint	AI (dependencies): First-party Smithy middleware, standard AWS SDK v3 dependency.	ai	2026/04/21
dependencies	unvetted-dep:@smithy/core	AI (dependencies): First-party AWS/Smithy SDK dependency; standard building block of AWS SDK v3 architecture.	ai	2026/04/21
dependencies	unvetted-dep:@aws-sdk/middleware-user-agent	AI (dependencies): First-party AWS SDK v3 middleware package from the same publisher.	ai	2026/04/21
dependencies	unvetted-dep:@aws-sdk/middleware-host-header	AI (dependencies): First-party AWS SDK v3 middleware package from the same publisher.	ai	2026/04/21
dependencies	unvetted-dep:@smithy/util-defaults-mode-node	AI (dependencies): First-party Smithy utility, standard AWS SDK v3 dependency.	ai	2026/04/21
dependencies	unvetted-dep:@aws-sdk/credential-provider-node	AI (dependencies): First-party AWS SDK v3 credential provider from the same publisher.	ai	2026/04/21
dependencies	unvetted-dep:@smithy/util-defaults-mode-browser	AI (dependencies): First-party Smithy utility for browser environments, standard AWS SDK v3 dependency.	ai	2026/04/21
phantom-deps	phantom-dep:@smithy/middleware-serde	AI (phantom-deps): Framework-scoped package loaded by convention in AWS SDK v3; expected pattern for Smithy middleware.	ai	2026/04/21
phantom-deps	phantom-dep:@smithy/middleware-stack	AI (phantom-deps): Framework-scoped package loaded by convention in AWS SDK v3; expected pattern for Smithy middleware.	ai	2026/04/21
provenance	no-provenance	AI (provenance): AWS SDK bot does not currently publish with Sigstore provenance; consistent across all AWS SDK v3 packages.	ai	2026/04/21
dependencies	unvetted-dep:@aws-sdk/util-user-agent-node	AI (dependencies): First-party AWS SDK v3 utility package from the same publisher.	ai	2026/04/21
dependencies	unvetted-dep:@aws-sdk/core	AI (dependencies): First-party AWS SDK v3 core package published by the same aws-sdk-bot publisher.	ai	2026/04/21

Versions (showing 51 of 579)

View all versions

Version	Deps	Published
3.1046.0	18 / 8	2026-05-14
3.1045.0	41 / 8	2026-05-07
3.1044.0	41 / 8	2026-05-06
3.1043.0	41 / 8	2026-05-05
3.1042.0	41 / 8	2026-05-04
3.1041.0	41 / 8	2026-05-01
3.1040.0	41 / 8	2026-04-30
3.1039.0	41 / 8	2026-04-29
3.1038.0	41 / 8	2026-04-27
3.1037.0	41 / 8	2026-04-24
3.1036.0	41 / 8	2026-04-23
3.1035.0	41 / 8	2026-04-22
3.1034.0	41 / 6	2026-04-21
3.1033.0	41 / 6	2026-04-20
3.1032.0	41 / 6	2026-04-17
3.1031.0	41 / 6	2026-04-16
3.1030.0	41 / 6	2026-04-13
3.1029.0	41 / 6	2026-04-10
3.1028.0	41 / 6	2026-04-09
3.1027.0	41 / 6	2026-04-08
3.1026.0	41 / 6	2026-04-07
3.1025.0	41 / 6	2026-04-06
3.1024.0	41 / 6	2026-04-03
3.1023.0	41 / 6	2026-04-02
3.1022.0	41 / 6	2026-04-01
3.1021.0	41 / 6	2026-03-31
3.1020.0	41 / 6	2026-03-30
3.1019.0	41 / 6	2026-03-27
3.1018.0	41 / 6	2026-03-26
3.1017.0	41 / 6	2026-03-25
3.1016.0	41 / 6	2026-03-24
3.1015.0	41 / 6	2026-03-23
3.1014.0	41 / 6	2026-03-20
3.1013.0	41 / 6	2026-03-19
3.1012.0	41 / 6	2026-03-18
3.1011.0	41 / 6	2026-03-17
3.1010.0	41 / 6	2026-03-16
3.1009.0	41 / 6	2026-03-13
3.1008.0	41 / 6	2026-03-12
3.1007.0	41 / 6	2026-03-11
3.1006.0	41 / 6	2026-03-10
3.1005.0	41 / 6	2026-03-09
3.1004.0	41 / 6	2026-03-06
3.1003.0	41 / 6	2026-03-05
3.1002.0	41 / 6	2026-03-04
3.1001.0	41 / 6	2026-03-03
3.1000.0	41 / 6	2026-02-27
3.999.0	41 / 6	2026-02-26
3.998.0	41 / 6	2026-02-25
3.997.0	41 / 6	2026-02-24
3.996.0	41 / 6	2026-02-23