
Security News
pnpm 11.10 Hardens Registry Authentication to Block Token Redirection
pnpm 11.10 hardens registry auth to block token redirection, tightens pack-app and deploy, and makes the Rust port (v12) installable.
@mastra/schema-compat
Advanced tools
Affected versions:
Schema compatibility layer for Mastra.ai that provides compatibility fixes for different AI model providers when using Zod schemas with tools.
pnpm add @mastra/schema-compat
The package provides a base SchemaCompatLayer class that you can extend to create custom compatibility layers for different AI model providers:
import { SchemaCompatLayer } from '@mastra/schema-compat';
import type { LanguageModelV1 } from 'ai';
class MyCustomCompat extends SchemaCompatLayer {
constructor(model: LanguageModelV1) {
super(model);
}
shouldApply(): boolean {
return this.getModel().provider === 'my-provider';
}
getSchemaTarget() {
return 'jsonSchema7';
}
processZodType<T extends z.AnyZodObject>(value: z.ZodTypeAny): ShapeValue<T> {
// Your custom processing logic here
return value;
}
}
The package includes pre-built compatibility layers for popular AI providers:
Use the applyCompatLayer function to automatically apply the right compatibility layer:
import { applyCompatLayer, OpenAISchemaCompatLayer, AnthropicSchemaCompatLayer } from '@mastra/schema-compat';
import { yourCustomCompatibilityLayer } from './customCompatibilityLayer';
import { z } from 'zod';
const schema = z.object({
name: z.string().email(),
preferences: z.array(z.string()).min(1),
});
const compatLayers = [
new OpenAISchemaCompatLayer(model),
new AnthropicSchemaCompatLayer(model),
new yourCustomCompatibilityLayer(model),
];
// Automatically applies the first matching compatibility
const result = applyCompatLayer({
schema,
compatLayers,
mode: 'aiSdkSchema', // or 'jsonSchema'
});
The package also provides utility functions for schema conversion:
import { convertZodSchemaToAISDKSchema, convertSchemaToZod } from '@mastra/schema-compat';
import { z } from 'zod';
import { jsonSchema } from 'ai';
const zodSchema = z.object({
name: z.string(),
age: z.number(),
});
// Convert Zod to AI SDK Schema
const aiSchema = convertZodSchemaToAISDKSchema(zodSchema);
// Convert AI SDK Schema back to Zod
const aiSdkSchema = jsonSchema({
type: 'object',
properties: {
name: { type: 'string' },
},
});
const backToZod = convertSchemaToZod(aiSdkSchema);
SchemaCompatLayer - Base abstract class for creating compatibility layersAnthropicSchemaCompatLayer - Compatibility for Anthropic Claude modelsOpenAISchemaCompatLayer - Compatibility for OpenAI models (without structured outputs)OpenAIReasoningSchemaCompatLayer - Compatibility for OpenAI reasoning models (o1 series)GoogleSchemaCompatLayer - Compatibility for Google Gemini modelsDeepSeekSchemaCompatLayer - Compatibility for DeepSeek modelsMetaSchemaCompatLayer - Compatibility for Meta Llama modelsapplyCompatLayer(options) - Process schema with automatic compatibility detectionconvertZodSchemaToAISDKSchema(zodSchema, target?) - Convert Zod schema to AI SDK SchemaconvertSchemaToZod(schema) - Convert AI SDK Schema to Zod schemaStringCheckType, NumberCheckType, ArrayCheckType - Check types for validationUnsupportedZodType, SupportedZodType, AllZodType - Zod type classificationsZodShape, ShapeKey, ShapeValue - Utility types for Zod schemasALL_STRING_CHECKS, ALL_NUMBER_CHECKS, ALL_ARRAY_CHECKS - Validation constraint arraysSUPPORTED_ZOD_TYPES, UNSUPPORTED_ZOD_TYPES - Type classification arraysDifferent AI providers have varying levels of support for JSON Schema features. This package handles these differences automatically:
The package includes comprehensive tests covering all functionality:
# Run tests
pnpm test
# Run tests in watch mode
pnpm test --watch
FAQs
Tool schema compatibility layer for Mastra.ai
The npm package @mastra/schema-compat receives a total of 711,395 weekly downloads. As such, @mastra/schema-compat popularity was classified as popular.
We found that @mastra/schema-compat demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Security News
pnpm 11.10 hardens registry auth to block token redirection, tightens pack-app and deploy, and makes the Rust port (v12) installable.

Security News
/Research
Socket uncovered 17 malicious npm and PyPI packages typosquatting Paysafe, Skrill, and Neteller SDKs to steal developer secrets.

Security News
Node.js is debating whether AI-driven security report volume warrants moving more vulnerability reports into public workflows.