@langchain/aws No license 20 versions

@langchain/aws

npm Repository Homepage

20

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

hwchase17jacoblee93basprouleric_langchainandrewnguonlydavidduongmaddyadamssam_noyeslangchain-securityandy-langchainrcasuphntrlchristian-bromann

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
typosquat	typosquat.levenshtein:qs	AI (typosquat): Scoped package @langchain/aws cannot be a typosquat of 'qs'; Levenshtein comparison is meaningless across scoped vs unscoped names.	ai	2026/04/28
typosquat	typosquat.levenshtein:ajv	AI (typosquat): Scoped package @langchain/aws cannot be a typosquat of 'ajv'; same reasoning as qs finding.	ai	2026/04/28
dependencies	unvetted-dep:@aws-sdk/client-kendra	AI (dependencies): Official AWS SDK package maintained by Amazon; stable dependency for this LangChain AWS integration.	ai	2026/04/28
dependencies	unvetted-dep:@aws-sdk/client-bedrock-agent-runtime	AI (dependencies): Official AWS SDK package maintained by Amazon; stable dependency for this LangChain AWS integration.	ai	2026/04/28

Versions (showing 20 of 20)

Version	Deps	Published
1.3.7	4 / 12	2026-05-07
1.3.6	4 / 12	2026-05-07
1.3.5	4 / 12	2026-04-13
1.3.4	4 / 12	2026-04-03
1.3.3	4 / 15	2026-03-17
1.3.2	4 / 15	2026-03-12
1.3.1	4 / 15	2026-03-03
1.3.0	4 / 15	2026-02-26
1.2.5	4 / 15	2026-02-23
1.2.4	4 / 15	2026-02-20
1.2.3	4 / 15	2026-02-12
1.2.2	4 / 15	2026-01-30
1.2.1	4 / 15	2026-01-20
1.2.0	4 / 15	2026-01-13
1.1.1	4 / 16	2026-01-06
1.1.0	4 / 15	2025-12-02
1.0.3	4 / 15	2025-11-24
1.0.2	4 / 15	2025-11-18
1.0.1	4 / 15	2025-11-11
1.0.0	4 / 15	2025-10-17

v1.3.7

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.3.6

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.3.5

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.3.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.3.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.3.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.3.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.3.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.2.5

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.2.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.2.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.2.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.2.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.2.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.1.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.1.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.1

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.