
Research
/Security News
jscrambler npm Package Compromised in Supply Chain Attack
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.
@prisma-next/operations
Advanced tools
Target-neutral operation registry and capability helpers for Prisma Next
Target-neutral operation registry and capability helpers for Prisma Next.
This package provides target-neutral operation registry types and capability checking utilities. It's part of the core ring and has no dependencies on target-specific packages.
Operation Registry: Core operation registry interface and implementation
OperationRegistry: Interface for registering and querying operationscreateOperationRegistry(): Factory function to create operation registriesOperationSignature: Core operation signature type (target-neutral)ArgSpec, ReturnSpec: Type definitions for operation arguments and return valuesCapability Checking: Target-neutral capability validation
hasAllCapabilities(): Checks if all required capabilities are present in a contract@prisma-next/plan (for plan error types)@prisma-next/contract despite being in the same layer. OperationRegistry is used by contract types, but operations package itself has no contract dependencies.@prisma-next/sql-operations (extends with SQL-specific lowering specs)@prisma-next/sql-relational-core (uses for capability checking)@prisma-next/runtime (uses for operation registry creation)flowchart TD
subgraph "Core Ring"
OPS[@prisma-next/operations]
end
subgraph "Targets Ring"
SQL_OPS[@prisma-next/sql-operations]
end
subgraph "Lanes Ring"
REL_CORE[@prisma-next/sql-relational-core]
end
subgraph "Runtime Ring"
RT[@prisma-next/runtime]
end
OPS --> SQL_OPS
OPS --> REL_CORE
OPS --> RT
import { createOperationRegistry, type OperationSignature } from '@prisma-next/operations';
const registry = createOperationRegistry();
const signature: OperationSignature = {
forTypeId: 'pg/vector@1',
method: 'cosineDistance',
args: [{ kind: 'typeId', type: 'pg/vector@1' }],
returns: { kind: 'builtin', type: 'number' },
};
registry.register(signature);
const operations = registry.byType('pg/vector@1');
import { hasAllCapabilities } from '@prisma-next/operations';
const contractCapabilities = {
pgvector: {
'index.ivfflat': true,
},
};
const hasCapability = hasAllCapabilities(
['pgvector.index.ivfflat'],
contractCapabilities,
);
This package is part of the framework domain, core layer, shared plane:
packages/1-framework/1-core/shared/operationsFAQs
Target-neutral operation registry and capability helpers for Prisma Next
The npm package @prisma-next/operations receives a total of 20,897 weekly downloads. As such, @prisma-next/operations popularity was classified as popular.
We found that @prisma-next/operations demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.

Research
/Security News
A malicious .NET package is typosquatting the Braintree SDK to steal live payment card data, merchant API keys, and host secrets from production apps.

Security News
/Research
Compromised Injective SDK npm version 1.20.21 exfiltrates wallet private keys and mnemonics through fake telemetry functionality.