1 Antwort
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
0
I am not from Amplify SDK team, but try to answer your inquiry from what I understand.
- Is this package amazon-cognito-identity-js being deprecated or there is any security issue with it?
Yes, this package is deprecating. It is not due to security issue but mainly due to the features provided in this package has been covered by aws-amplify auth SDK. The team will focus on maintaining one single SDK instead both amplify and cognito-identity-js.
cognito-idp component in AWS SDK for JavaScript provides basic functionalities at the Cognito service API at the level. https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/Welcome.html
Amplify SDK provides enhanced client application feature sets.
For examples,
- JavaScript SDK does not provide SRP password algorithms, built application with it would need own implementation of that if using USER_SRP auth flow.
- Client side token storage, token auto-refresh is not implemented in JavaScript SDK but well handled in Amplify SDK.
- etc...
beantwortet vor 2 Monaten
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor 6 Monaten
- AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor 3 Jahren
Hi Yungang, thanks for the update. We understand this, but it is not definitive whether this package will be deprecated within the next X months or couple of years. We would like to understand if it is critical that we change and start using Amplify V6 straight away, or not.