cdk-assets
Advanced tools
Comparing version 2.155.16 to 2.155.17
@@ -25,3 +25,14 @@ "use strict"; | ||
async s3Client(options) { | ||
return new this.AWS.S3(await this.awsOptions(options)); | ||
return new this.AWS.S3({ | ||
// In FIPS enabled environments, the MD5 algorithm is not available for use in crypto module. | ||
// However by default the S3 client is using an MD5 checksum for content integrity checking. | ||
// While this usage is technically allowed in FIPS (MD5 is only prohibited for cryptographic use), | ||
// in practice it is just easier to use an allowed checksum mechanism. | ||
// We are disabling the S3 content checksums, and are re-enabling the regular SigV4 body signing. | ||
// SigV4 uses SHA256 for their content checksum. This configuration matches the default behavior | ||
// of the AWS SDKv3 and is a safe choice for all users. | ||
s3DisableBodySigning: false, | ||
computeChecksums: false, | ||
...(await this.awsOptions(options)), | ||
}); | ||
} | ||
@@ -116,2 +127,2 @@ async ecrClient(options) { | ||
} | ||
//# sourceMappingURL=data:application/json;base64, | ||
//# sourceMappingURL=data:application/json;base64, |
@@ -81,5 +81,5 @@ { | ||
}, | ||
"version": "2.155.16", | ||
"version": "2.155.17", | ||
"types": "lib/index.d.ts", | ||
"//": "~~ Generated by projen. To modify, edit .projenrc.ts and run \"npx projen\"." | ||
} |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
706954
13859
10
266