feat(clients): Agent Studio initial version #5860
30 new security issues (0 max.).
Issues
======
- Added 40
Complexity increasing per file
==============================
- playground/python/app/agent_studio.py 3
- playground/java/src/main/java/com/algolia/playground/AgentStudio.java 2
- playground/kotlin/src/main/kotlin/com/algolia/playground/AgentStudio.kt 2
- playground/scala/src/main/scala/AgentStudio.scala 2
- playground/go/agent-studio.go 4
- playground/javascript/node/agentStudio.ts 2
- playground/csharp/Playground/Playgrounds/AgentStudio.cs 3
See the complete overview on Codacy
Annotations
Check warning on line 3183 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L3183
Insecure dependency npm/axios@0.30.2 (CVE-2025-62718: axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization) (update to 0.31.0)
Check warning on line 3183 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L3183
Insecure dependency npm/axios@0.30.2 (CVE-2026-25639: axios: Axios affected by Denial of Service via __proto__ Key in mergeConfig) (update to 0.30.3)
Check warning on line 3183 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L3183
Insecure dependency npm/axios@0.30.2 (CVE-2026-40175: axios: Axios: Remote Code Execution via Prototype Pollution escalation) (update to 0.31.0)
Check warning on line 3194 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L3194
Insecure dependency npm/axios@1.13.2 (CVE-2025-62718: axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization) (update to 1.15.0)
Check warning on line 3194 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L3194
Insecure dependency npm/axios@1.13.2 (CVE-2026-25639: axios: Axios affected by Denial of Service via __proto__ Key in mergeConfig) (update to 1.13.5)
Check warning on line 3194 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L3194
Insecure dependency npm/axios@1.13.2 (CVE-2026-40175: axios: Axios: Remote Code Execution via Prototype Pollution escalation) (update to 1.15.0)
Check warning on line 4618 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L4618
Insecure dependency npm/follow-redirects@1.15.11 (GHSA-r4q5-vmmm-2653: follow-redirects leaks Custom Authentication Headers to Cross-Domain Redirect Targets) (update to 1.16.0)
Check warning on line 6135 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L6135
Insecure dependency npm/minimatch@3.1.2 (CVE-2026-26996: minimatch: minimatch: Denial of Service via specially crafted glob patterns) (update to 10.2.1)
Check warning on line 6135 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L6135
Insecure dependency npm/minimatch@3.1.2 (CVE-2026-27903: minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns) (update to 10.2.3)
Check warning on line 6135 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L6135
Insecure dependency npm/minimatch@3.1.2 (CVE-2026-27904: minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions) (update to 10.2.3)
Check warning on line 7254 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L7254
Insecure dependency npm/postcss@8.5.6 (CVE-2026-41305: PostCSS has XSS via Unescaped </style> in its CSS Stringify Output) (update to 8.5.10)
Check warning on line 7634 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L7634
Insecure dependency npm/rollup@4.58.0 (CVE-2026-27606: rollup: Rollup: Remote Code Execution via Path Traversal Vulnerability) (update to 4.59.0)
Check warning on line 7724 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L7724
Insecure dependency npm/rollup@4.55.1 (CVE-2026-27606: rollup: Rollup: Remote Code Execution via Path Traversal Vulnerability) (update to 4.59.0)
Check warning on line 8424 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L8424
Insecure dependency npm/tar@7.5.8 (CVE-2026-29786: node-tar: hardlink path traversal via drive-relative linkpath) (update to 7.5.10)
Check warning on line 8424 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L8424
Insecure dependency npm/tar@7.5.8 (CVE-2026-31802: tar: tar: File overwrite via drive-relative symlink traversal) (update to 7.5.11)
Check warning on line 8437 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L8437
Insecure dependency npm/tar@7.5.2 (CVE-2026-23745: node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives) (update to 7.5.3)
Check warning on line 8437 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L8437
Insecure dependency npm/tar@7.5.2 (CVE-2026-23950: node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition) (update to 7.5.4)
Check warning on line 8437 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L8437
Insecure dependency npm/tar@7.5.2 (CVE-2026-24842: node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check) (update to 7.5.7)
Check warning on line 8437 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L8437
Insecure dependency npm/tar@7.5.2 (CVE-2026-26960: node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation) (update to 7.5.8)
Check warning on line 8437 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L8437
Insecure dependency npm/tar@7.5.2 (CVE-2026-29786: node-tar: hardlink path traversal via drive-relative linkpath) (update to 7.5.10)
Check warning on line 8437 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L8437
Insecure dependency npm/tar@7.5.2 (CVE-2026-31802: tar: tar: File overwrite via drive-relative symlink traversal) (update to 7.5.11)
Check warning on line 8834 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L8834
Insecure dependency npm/undici@7.18.2 (CVE-2026-1525: undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers) (update to 7.24.0)
Check warning on line 8834 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L8834
Insecure dependency npm/undici@7.18.2 (CVE-2026-1526: undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression) (update to 7.24.0)
Check warning on line 8834 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L8834
Insecure dependency npm/undici@7.18.2 (CVE-2026-1527: undici: Undici: HTTP header injection and request smuggling vulnerability) (update to 7.24.0)
Check warning on line 8834 in clients/algoliasearch-client-javascript/yarn.lock
codacy-production / Codacy Static Code Analysis
clients/algoliasearch-client-javascript/yarn.lock#L8834
Insecure dependency npm/undici@7.18.2 (CVE-2026-1528: undici: undici: Denial of Service via crafted WebSocket frame with large length) (update to 7.24.0)