cdk-monitoring-constructs
[](https://badge.fury.io/js/cdk-monitoring-constructs) [](https://m
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:lib/monitoring/aws-elasticache/ElastiCacheServerlessMetricFactory.js | AI (source-diff): JSII-compiled TypeScript output; long lines are RTTI metadata, not obfuscation. Standard pattern for all CDK JSII libraries. Code is fully readable. | ai | |
| source-diff | obfuscated-file:lib/monitoring/aws-elasticache/ElastiCacheServerlessMonitoring.js | AI (source-diff): JSII-compiled TypeScript output; long lines are RTTI metadata, not obfuscation. Standard pattern for all CDK JSII libraries. Code is fully readable. | ai |
Versions (showing 17 of 17)
| Version | Deps | Published |
|---|---|---|
| 10.1.0 | 0 / 28 | |
| 10.0.0 | 0 / 28 | |
| 9.23.0 | 0 / 28 | |
| 9.22.2 | 0 / 28 | |
| 9.22.1 | 0 / 28 | |
| 9.22.0 | 0 / 28 | |
| 9.21.0 | 0 / 28 | |
| 9.20.0 | 0 / 28 | |
| 9.19.3 | 0 / 28 | |
| 9.19.2 | 0 / 28 | |
| 9.19.1 | 0 / 28 | |
| 9.19.0 | 0 / 28 | |
| 9.18.0 | 0 / 28 | |
| 9.17.1 | 0 / 28 | |
| 9.17.0 | 0 / 28 | |
| 9.16.1 | 0 / 28 | |
| 9.16.0 | 0 / 28 |
v10.1.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v10.0.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v9.23.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v9.22.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v9.22.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v9.22.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v9.21.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v9.20.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v9.19.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v9.19.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v9.19.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v9.19.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v9.18.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v9.17.1
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v9.17.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v9.16.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v9.16.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.