aws-cdk-lib — Greenflagged

Version 2 of the AWS Cloud Development Kit library

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures No source commit

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

aws-cdk-team

Keywords

awscdkaws cdk v2

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
source-diff	obfuscated-file:aws-kinesisfirehose/lib/record-format/index.js	AI (source-diff): Lazified module exports; standard build output for aws-cdk-lib.	ai	2026/04/27
source-diff	obfuscated-file:aws-kinesisfirehose/lib/record-format/output.js	AI (source-diff): Lazified build output; standard for this package.	ai	2026/04/27
source-diff	obfuscated-file:aws-bedrock/lib/bedrock-canned-metrics.generated.js	AI (source-diff): Auto-generated canned metrics file; standard CDK codegen output.	ai	2026/04/27
source-diff	obfuscated-file:aws-bedrockagentcore/lib/bedrockagentcore.generated.js	AI (source-diff): Auto-generated CloudFormation L1 construct; standard CDK codegen output.	ai	2026/04/27
source-diff	obfuscated-file:aws-rds/lib/proxy-endpoint.js	AI (source-diff): jsii-compiled CDK construct; long lines from standard build, not obfuscation.	ai	2026/04/27
source-diff	obfuscated-file:aws-memorydb/lib/memorydb-canned-metrics.generated.js	AI (source-diff): Auto-generated canned metrics file; standard CDK codegen output.	ai	2026/04/27
source-diff	obfuscated-file:aws-smsvoice/lib/smsvoice.generated.js	AI (source-diff): Auto-generated CloudFormation L1 construct; standard CDK codegen output.	ai	2026/04/27
source-diff	obfuscated-file:aws-billing/lib/billing.generated.js	AI (source-diff): Auto-generated CloudFormation L1 construct; long lines are normal.	ai	2026/04/27
source-diff	obfuscated-file:aws-apigatewayv2/lib/websocket/api-key.js	AI (source-diff): jsii-compiled output; standard for aws-cdk-lib build pipeline.	ai	2026/04/27
source-diff	obfuscated-file:aws-odb/lib/odb.generated.js	AI (source-diff): Auto-generated CloudFormation L1 construct; long lines are normal.	ai	2026/04/27
source-diff	obfuscated-file:aws-apigatewayv2/lib/websocket/usage-plan.js	AI (source-diff): jsii-compiled output; standard for aws-cdk-lib build pipeline.	ai	2026/04/27
source-diff	obfuscated-file:aws-logs/lib/transformer.js	AI (source-diff): jsii-compiled CDK construct code; long lines from build tooling, not obfuscation.	ai	2026/04/27
source-diff	obfuscated-file:aws-arcregionswitch/lib/arcregionswitch.generated.js	AI (source-diff): jsii code-generated CloudFormation L1 construct; long lines from minification, not obfuscation.	ai	2026/04/27
source-diff	obfuscated-file:aws-rds/lib/validate-database-insights.js	AI (source-diff): jsii-compiled validation logic; standard minified build output for aws-cdk-lib.	ai	2026/04/27
source-diff	obfuscated-file:aws-observabilityadmin/lib/observabilityadmin.generated.js	AI (source-diff): jsii code-generated CloudFormation L1 construct; standard pattern for aws-cdk-lib.	ai	2026/04/27
phantom-deps	phantom-dep:semver	AI (phantom-deps): semver is in bundleDependencies; used at runtime through the minified bundle, not a direct import.	ai	2026/04/27
source-diff	obfuscated-file:aws-directconnect/lib/directconnect.generated.js	AI (source-diff): CloudFormation L1 generated construct code; standard aws-cdk-lib build output.	ai	2026/04/26
source-diff	obfuscated-file:core/lib/private/stack-metadata.js	AI (source-diff): JSII-compiled CDK core module code; minified single-line JS is standard for this package.	ai	2026/04/26
source-diff	obfuscated-file:aws-kms/lib/key-grants.js	AI (source-diff): JSII-compiled CDK construct code; minified output is standard for aws-cdk-lib build pipeline.	ai	2026/04/26
source-diff	obfuscated-file:aws-mwaaserverless/lib/mwaaserverless.generated.js	AI (source-diff): JSII-compiled CDK CloudFormation resource definitions; standard minified build output.	ai	2026/04/26
source-diff	obfuscated-file:node_modules/@aws-cdk/cloud-assembly-api/lib/environment.js	AI (source-diff): Bundled cloud-assembly-api module; standard CDK source with long lines.	ai	2026/04/26
source-diff	obfuscated-file:node_modules/@aws-cdk/cloud-assembly-api/lib/cloud-artifact.js	AI (source-diff): Official AWS CDK dependency; long lines from class definitions, not obfuscation.	ai	2026/04/26
source-diff	obfuscated-file:aws-eks-v2/lib/access-entry.js	AI (source-diff): Minified jsii build output with TS decorator helpers; standard CDK build pipeline artifact, not obfuscation.	ai	2026/04/26
source-diff	obfuscated-file:aws-eks-v2/lib/addon.js	AI (source-diff): Minified jsii build output with TS decorator helpers; standard CDK build pipeline artifact.	ai	2026/04/26
source-diff	obfuscated-file:aws-eks-v2/lib/alb-controller.js	AI (source-diff): Minified jsii build output; contains CDK version constants and lazy requires typical of CDK modules.	ai	2026/04/26
source-diff	obfuscated-file:core/lib/mixins/applicator.js	AI (source-diff): Minified jsii build output with TS decorator helpers; core CDK module.	ai	2026/04/26
source-diff	obfuscated-file:node_modules/@aws-cdk/cloud-assembly-api/lib/artifacts/asset-manifest-artifact.js	AI (source-diff): Actually readable formatted JS (not minified); official AWS CDK dependency.	ai	2026/04/26
source-diff	obfuscated-file:node_modules/@aws-cdk/cloud-assembly-api/lib/assets.js	AI (source-diff): Readable formatted JS with long export lines; official AWS CDK dependency.	ai	2026/04/26
source-diff	obfuscated-file:aws-bedrockmantle/lib/bedrockmantle.generated.js	AI (source-diff): Auto-generated CloudFormation resource definitions; standard CDK codegen output.	ai	2026/04/26
source-diff	obfuscated-file:aws-s3/lib/mixins/bucket.js	AI (source-diff): Minified jsii build output for S3 bucket mixins; standard CDK build artifact.	ai	2026/04/26
source-diff	obfuscated-file:aws-cases/lib/cases.generated.js	AI (source-diff): Auto-generated CloudFormation resource definitions; standard CDK codegen output.	ai	2026/04/26
source-diff	obfuscated-file:node_modules/@aws-cdk/cloud-assembly-api/lib/cloud-assembly.js	AI (source-diff): Official AWS CDK dependency; long lines from class definitions, not obfuscation.	ai	2026/04/26
source-diff	obfuscated-file:node_modules/@aws-cdk/cloud-assembly-api/lib/artifacts/cloudformation-artifact.js	AI (source-diff): Official AWS CDK dependency; standard cloud assembly artifact code.	ai	2026/04/26
source-diff	obfuscated-file:aws-eks-v2/lib/cluster.js	AI (source-diff): Minified jsii build output for new EKS v2 module; standard CDK build artifact.	ai	2026/04/26
source-diff	obfuscated-file:aws-computeoptimizer/lib/computeoptimizer.generated.js	AI (source-diff): Auto-generated CloudFormation resource definitions; standard CDK codegen output.	ai	2026/04/26
publish-pattern	new-deps-added	AI (publish-pattern): New dep @aws-cdk/cloud-assembly-api is an official AWS CDK package from the same org; expected evolution.	ai	2026/04/26
source-diff	large-new-source-files	AI (source-diff): aws-cdk-lib routinely adds new AWS service modules (e.g. aws-devopsagent) and expands existing ones; 23 new files is normal for this package.	ai	2026/04/26
publish-pattern	dormant-publish	AI (publish-pattern): aws-cdk-lib publishes frequently; dormancy signal is an artifact of comparing against last approved version, not actual publish cadence.	ai	2026/04/26
source-diff	obfuscated-file:aws-devopsagent/lib/devopsagent.generated.js	AI (source-diff): Auto-generated L1 CloudFormation construct from AWS service spec. Same pattern as all other .generated.js files in aws-cdk-lib.	ai	2026/04/26
source-diff	obfuscated-file:aws-lambda/lib/capacity-provider.js	AI (source-diff): Standard jsii-compiled TypeScript output with JSII_RTTI_SYMBOL, __esDecorate, jsiiDeprecationWarnings. Long lines are the jsii build pipeline artifact, not obfuscation.	ai	2026/04/26
semgrep	semgrep:child-process-import	AI (semgrep): CDK legitimately spawns build tools (esbuild, npm, etc.) for Lambda bundling.	ai	2026/04/25
semgrep	semgrep:env-spread	AI (semgrep): CDK's Lambda Node.js bundling legitimately passes env vars to esbuild subprocess.	ai	2026/04/25
phantom-deps	phantom-dep:@aws-cdk/asset-node-proxy-agent-v6	AI (phantom-deps): First-party AWS CDK asset dependency; import hidden by minification.	ai	2026/04/25
phantom-deps	phantom-dep:@aws-cdk/cloud-assembly-api	AI (phantom-deps): First-party AWS CDK dependency; import hidden by minification.	ai	2026/04/25
phantom-deps	phantom-dep:@balena/dockerignore	AI (phantom-deps): Legitimate dependency for Docker asset bundling in CDK; import hidden by minification.	ai	2026/04/25
phantom-deps	phantom-dep:jsonschema	AI (phantom-deps): Legitimate dependency for CloudFormation schema validation; import hidden by minification.	ai	2026/04/25
phantom-deps	phantom-dep:minimatch	AI (phantom-deps): Legitimate dependency for glob matching in CDK; import hidden by minification.	ai	2026/04/25
phantom-deps	phantom-dep:punycode	AI (phantom-deps): Legitimate dependency for domain name handling in CDK; import hidden by minification.	ai	2026/04/25
phantom-deps	phantom-dep:table	AI (phantom-deps): Legitimate dependency of aws-cdk-lib used in minified bundle; scanner can't trace imports through bundled code.	ai	2026/04/25
phantom-deps	phantom-dep:ignore	AI (phantom-deps): Legitimate dependency used in CDK's dockerignore/gitignore handling; import hidden by minification.	ai	2026/04/25
provenance	no-provenance	AI (provenance): aws-cdk-lib historically publishes without provenance; trusted publisher with strong track record.	ai	2026/04/25
semgrep	semgrep:base64-decode	AI (semgrep): CDK metadata resource uses base64 for analytics/metadata encoding; benign.	ai	2026/04/25
semgrep	semgrep:dynamic-require	AI (semgrep): Minified CDK bundle uses dynamic require for lazy-loading modules; expected pattern.	ai	2026/04/25

Versions (showing 51 of 72)

View all versions

Version	Deps	Published
2.251.0	15 / 51	2026-04-24
2.249.0	15 / 51	2026-04-13
2.248.0	15 / 51	2026-04-03
2.247.0	15 / 51	2026-04-02
2.246.0	15 / 51	2026-03-31
2.245.0	15 / 51	2026-03-27
2.244.0	15 / 51	2026-03-19
2.243.0	15 / 51	2026-03-11
2.242.0	15 / 51	2026-03-10
2.241.0	15 / 51	2026-03-02
2.240.0	15 / 51	2026-02-23
2.239.0	15 / 50	2026-02-19
2.238.0	15 / 50	2026-02-09
2.237.1	14 / 50	2026-02-03
2.237.0	14 / 50	2026-02-02
2.236.0	14 / 50	2026-01-23
2.235.1	14 / 50	2026-01-19
2.235.0	14 / 50	2026-01-15
2.234.1	14 / 50	2026-01-09
2.234.0	14 / 50	2026-01-08
2.233.0	14 / 50	2025-12-18
2.232.2	14 / 50	2025-12-12
2.232.1	14 / 50	2025-12-06
2.232.0	14 / 50	2025-12-05
2.231.0	14 / 50	2025-12-01
2.230.0	14 / 50	2025-11-26
2.229.1	14 / 50	2025-11-25
2.229.0	14 / 50	2025-11-24
2.228.0	14 / 50	2025-11-24
2.227.0	14 / 50	2025-11-21
2.226.0	14 / 50	2025-11-20
2.225.0	14 / 50	2025-11-17
2.224.0	14 / 50	2025-11-13
2.223.0	14 / 50	2025-11-10
2.222.0	14 / 50	2025-11-04
2.221.1	14 / 50	2025-10-29
2.221.0	14 / 50	2025-10-24
2.220.0	14 / 50	2025-10-14
2.219.0	14 / 50	2025-10-01
2.218.0	14 / 50	2025-09-29
2.217.0	14 / 50	2025-09-25
2.216.0	14 / 50	2025-09-22
2.215.0	14 / 50	2025-09-15
2.214.1	14 / 50	2025-10-03
2.214.0	14 / 50	2025-09-02
2.213.0	14 / 50	2025-08-28
2.212.0	14 / 50	2025-08-20
2.211.0	14 / 50	2025-08-13
2.210.0	14 / 50	2025-08-06
2.209.1	14 / 50	2025-08-06
2.209.0	14 / 50	2025-08-05

v2.251.0

10 findings

HIGH Phantom dependency: table phantom-deps

Declared in package.json dependencies but never imported in source code. Phantom dependencies may exist solely to execute install scripts or inject transitive malicious code. This was the exact attack vector in the axios compromise (plain-crypto-js).

HIGH Phantom dependency: ignore phantom-deps

Declared in package.json dependencies but never imported in source code. Phantom dependencies may exist solely to execute install scripts or inject transitive malicious code. This was the exact attack vector in the axios compromise (plain-crypto-js).

HIGH Phantom dependency: punycode phantom-deps

Declared in package.json dependencies but never imported in source code. Phantom dependencies may exist solely to execute install scripts or inject transitive malicious code. This was the exact attack vector in the axios compromise (plain-crypto-js).

HIGH Phantom dependency: minimatch phantom-deps

Declared in package.json dependencies but never imported in source code. Phantom dependencies may exist solely to execute install scripts or inject transitive malicious code. This was the exact attack vector in the axios compromise (plain-crypto-js).

HIGH Phantom dependency: jsonschema phantom-deps

Declared in package.json dependencies but never imported in source code. Phantom dependencies may exist solely to execute install scripts or inject transitive malicious code. This was the exact attack vector in the axios compromise (plain-crypto-js).

HIGH Phantom dependency: @balena/dockerignore phantom-deps

Declared in package.json dependencies but never imported in source code. Phantom dependencies may exist solely to execute install scripts or inject transitive malicious code. This was the exact attack vector in the axios compromise (plain-crypto-js).

HIGH Phantom dependency: @aws-cdk/cloud-assembly-api phantom-deps

Declared in package.json dependencies but never imported in source code. Phantom dependencies may exist solely to execute install scripts or inject transitive malicious code. This was the exact attack vector in the axios compromise (plain-crypto-js).

HIGH Phantom dependency: @aws-cdk/asset-node-proxy-agent-v6 phantom-deps

Declared in package.json dependencies but never imported in source code. Phantom dependencies may exist solely to execute install scripts or inject transitive malicious code. This was the exact attack vector in the axios compromise (plain-crypto-js).

HIGH env-spread: aws-lambda-nodejs/lib/bundling.js:2 semgrep

Spreading entire process.env into an object — may capture all secrets 1 | "use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.Bundling=void 0;var fs=()=>{var tmp=require( > 2 | `),!1;if(!Bundling.esbuildInstallation.version.startsWith(`${ESBUILD_MAJOR_VERSION}.`))throw new(core_1()).ValidationErr

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.249.0

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.248.0

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.247.0

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.246.0

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.245.0

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.244.0

15 findings

HIGH New obfuscated file: aws-eks-v2/lib/access-entry.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: aws-eks-v2/lib/addon.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: aws-eks-v2/lib/alb-controller.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: core/lib/mixins/applicator.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: node_modules/@aws-cdk/cloud-assembly-api/lib/artifacts/asset-manifest-artifact.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: node_modules/@aws-cdk/cloud-assembly-api/lib/assets.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: aws-bedrockmantle/lib/bedrockmantle.generated.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: aws-s3/lib/mixins/bucket.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: aws-cases/lib/cases.generated.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: node_modules/@aws-cdk/cloud-assembly-api/lib/cloud-artifact.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: node_modules/@aws-cdk/cloud-assembly-api/lib/cloud-assembly.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: node_modules/@aws-cdk/cloud-assembly-api/lib/artifacts/cloudformation-artifact.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: aws-eks-v2/lib/cluster.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: aws-computeoptimizer/lib/computeoptimizer.generated.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.243.0