cdk-nag
Check CDK v2 applications for best practices using a combination on available rule packs.
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:lib/rules/apigw/APIGWDefaultThrottling.js | AI (source-diff): TypeScript compiler output with inline source maps; not obfuscated. | ai | |
| source-diff | obfuscated-file:lib/rules/apigw/APIGWStructuredLogging.js | AI (source-diff): TypeScript compiler output with inline source maps; not obfuscated. | ai | |
| source-diff | obfuscated-file:lib/rules/lambda/LambdaStarPermissions.js | AI (source-diff): TypeScript compiler output with inline source maps; not obfuscated. | ai | |
| source-diff | obfuscated-file:lib/packs/serverless.js | AI (source-diff): TypeScript compiler output with inline source maps; not obfuscated. | ai | |
| source-diff | large-new-source-files | AI (source-diff): New rule files added as part of normal feature development for this package. | ai | |
| source-diff | obfuscated-file:lib/rules/mwaa/MWAAAllLoggingInfo.js | AI (source-diff): cdk-nag ships jsii-compiled TypeScript as JS; long lines are a byproduct of the compiler, not obfuscation. Code is readable and consistent with the package's CDK rule-checking purpose. | ai |
Versions (showing 100 of 385)
| Version | Deps | Published |
|---|---|---|
| 2.36.17 | 0 / 24 | |
| 2.36.16 | 0 / 24 | |
| 2.36.15 | 0 / 24 | |
| 2.36.14 | 0 / 24 | |
| 2.36.13 | 0 / 24 | |
| 2.36.12 | 0 / 24 | |
| 2.36.11 | 0 / 24 | |
| 2.36.10 | 0 / 24 | |
| 2.36.9 | 0 / 24 | |
| 2.36.8 | 0 / 24 | |
| 2.36.7 | 0 / 24 | |
| 2.36.6 | 0 / 24 | |
| 2.36.5 | 0 / 24 | |
| 2.36.4 | 0 / 24 | |
| 2.36.3 | 0 / 24 | |
| 2.36.2 | 0 / 24 | |
| 2.36.1 | 0 / 24 | |
| 2.36.0 | 0 / 24 | |
| 2.35.107 | 0 / 24 | |
| 2.35.106 | 0 / 24 | |
| 2.35.105 | 0 / 24 | |
| 2.35.104 | 0 / 24 | |
| 2.35.103 | 0 / 24 | |
| 2.35.102 | 0 / 24 | |
| 2.35.101 | 0 / 24 | |
| 2.35.100 | 0 / 24 | |
| 2.35.99 | 0 / 24 | |
| 2.35.98 | 0 / 24 | |
| 2.35.97 | 0 / 24 | |
| 2.35.96 | 0 / 24 | |
| 2.35.95 | 0 / 24 | |
| 2.35.94 | 0 / 24 | |
| 2.35.93 | 0 / 24 | |
| 2.35.92 | 0 / 24 | |
| 2.35.91 | 0 / 24 | |
| 2.35.90 | 0 / 24 | |
| 2.35.89 | 0 / 24 | |
| 2.35.88 | 0 / 24 | |
| 2.35.87 | 0 / 24 | |
| 2.35.86 | 0 / 24 | |
| 2.35.85 | 0 / 24 | |
| 2.35.84 | 0 / 24 | |
| 2.35.83 | 0 / 24 | |
| 2.35.82 | 0 / 24 | |
| 2.35.81 | 0 / 24 | |
| 2.35.80 | 0 / 24 | |
| 2.35.79 | 0 / 24 | |
| 2.35.78 | 0 / 24 | |
| 2.35.77 | 0 / 24 | |
| 2.35.76 | 0 / 24 | |
| 2.35.75 | 0 / 24 | |
| 2.35.74 | 0 / 24 | |
| 2.35.73 | 0 / 24 | |
| 2.35.72 | 0 / 24 | |
| 2.35.71 | 0 / 24 | |
| 2.35.70 | 0 / 24 | |
| 2.35.69 | 0 / 24 | |
| 2.35.68 | 0 / 24 | |
| 2.35.67 | 0 / 24 | |
| 2.35.66 | 0 / 24 | |
| 2.35.65 | 0 / 24 | |
| 2.35.64 | 0 / 24 | |
| 2.35.63 | 0 / 24 | |
| 2.35.62 | 0 / 24 | |
| 2.35.61 | 0 / 24 | |
| 2.35.60 | 0 / 24 | |
| 2.35.59 | 0 / 24 | |
| 2.35.58 | 0 / 24 | |
| 2.35.57 | 0 / 24 | |
| 2.35.56 | 0 / 24 | |
| 2.35.55 | 0 / 24 | |
| 2.35.54 | 0 / 24 | |
| 2.35.53 | 0 / 24 | |
| 2.35.52 | 0 / 24 | |
| 2.35.51 | 0 / 24 | |
| 2.35.50 | 0 / 24 | |
| 2.35.49 | 0 / 24 | |
| 2.35.48 | 0 / 24 | |
| 2.35.47 | 0 / 24 | |
| 2.35.46 | 0 / 24 | |
| 2.35.45 | 0 / 24 | |
| 2.35.44 | 0 / 24 | |
| 2.35.43 | 0 / 24 | |
| 2.35.42 | 0 / 24 | |
| 2.35.41 | 0 / 24 | |
| 2.35.40 | 0 / 24 | |
| 2.35.39 | 0 / 24 | |
| 2.35.38 | 0 / 24 | |
| 2.35.37 | 0 / 24 | |
| 2.35.36 | 0 / 24 | |
| 2.35.35 | 0 / 24 | |
| 2.35.34 | 0 / 24 | |
| 2.35.33 | 0 / 24 | |
| 2.35.32 | 0 / 24 | |
| 2.35.31 | 0 / 24 | |
| 2.35.30 | 0 / 24 | |
| 2.35.29 | 0 / 24 | |
| 2.35.28 | 0 / 24 | |
| 2.35.27 | 0 / 24 | |
| 2.35.26 | 0 / 24 |
v2.35.81
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.80
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.79
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.78
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.77
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.76
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.75
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.74
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.73
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.72
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.71
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.70
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.69
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.68
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.67
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.66
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.65
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.64
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.63
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.62
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.61
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.60
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.59
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.58
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.57
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.56
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.55
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.54
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.53
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.52
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.51
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.50
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.49
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.48
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.47
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.46
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.45
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.44
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.43
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.42
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.41
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.40
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.39
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.38
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.37
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.36
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.35
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.34
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.33
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.32
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.31
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.30
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.29
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.28
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.27
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.35.26
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.