Add hybrid search and AI chat using Meilisearch and OpenAI

- Implement hybrid semantic + keyword search with Meilisearch
- Add AI-powered chat responses using OpenAI GPT-3.5
- Integrate 'Ask AI' feature directly into search dropdown
- Add secure Netlify functions for search and chat APIs

Author: Abhijna Parigi

.gitignore

@@ -31,3 +31,4 @@ yarn-error.log*
 
 # Ignore .history
 /.history/
+meili_data/

docs/cheat-sheets/django-xss.mdx

@@ -1,24 +1,16 @@
 ---
 slug: django-xss
-displayed_sidebar: learnSidebar
-title: "XSS in Django"
-hide_title: false
-description: "Cheat sheet for the prevention of Cross-site Scripting (XSS) vulnerabilities for Python and Django."
-tags:
-  - python
-  - xss
+description: "Django XSS mitigation cheat sheet."
 ---
 
 import LinkToRegistryRule from "/src/components/LinkToRegistryRule"
 import XssInjectionIntro from "/src/components/concept/_xss-injection-intro.mdx"
 import RecommendedRuleSet from "/src/components/code_snippets/_cheat-sheets-recommended-rule-set.mdx"
 
-# Prevent XSS in Django
+# XSS prevention for Django
 
 <XssInjectionIntro />
 
-Learn more about [Cross-site Scripting](/docs/learn/vulnerabilities/cross-site-scripting) vulnerability concepts.
-
 ## Mitigation summary
 
 In general, always use the template engine provided by Django using `render()`. If you need HTML escaping, use `mark_safe()` combined with `format_html() `and review each individual usage carefully. Once reviewed, mark with `# nosem`. Beware of putting data in dangerous locations in templates. And as always, run a security checker continuously on your code.

docs/cheat-sheets/express-xss.mdx

@@ -1,24 +1,16 @@
 ---
 slug: express-xss
-displayed_sidebar: learnSidebar
-title: XSS in ExpressJS
-hide_title: true
-description: "Cheat sheet for the prevention of Cross-site Scripting (XSS) vulnerabilities for ExpressJS."
-tags:
-  - javascript
-  - xss
+description: "ExpressJS mitigation cheat sheet by Semgrep."
 ---
 
 import LinkToRegistryRule from "/src/components/LinkToRegistryRule"
 import XssInjectionIntro from "/src/components/concept/_xss-injection-intro.mdx"
 import RecommendedRuleSet from "/src/components/code_snippets/_cheat-sheets-recommended-rule-set.mdx"
 
-# Prevent XSS in ExpressJS
+# XSS prevention for ExpressJS
 
 <XssInjectionIntro />
 
-Learn more about [Cross-site Scripting](/docs/learn/vulnerabilities/cross-site-scripting) vulnerability concepts.
-
 ## Mitigation summary
 
 In general, always use a template engine and `res.render()` to render HTML content. Some common template engines include Pug, Mustache, and EJS. If you need HTML escaping, escape the content. Try to do so in JavaScript code if possible. Review each individual case carefully. Once reviewed, exempt the finding with `# nosemgrep`. Beware of putting data in dangerous locations such as in `script` tags. And as always, run a security checker on your code.

docs/cheat-sheets/flask-xss.mdx

@@ -1,24 +1,16 @@
 ---
 slug: flask-xss
-displayed_sidebar: learnSidebar
-title: "XSS in Flask"
-hide_title: false
-description: "Cheat sheet for the prevention of Cross-site Scripting (XSS) vulnerabilities for Python and Flask."
-tags:
-  - python
-  - xss
+description: "Flask XSS prevention cheat sheet."
 ---
 
 import LinkToRegistryRule from "/src/components/LinkToRegistryRule"
 import XssInjectionIntro from "/src/components/concept/_xss-injection-intro.mdx"
 import RecommendedRuleSet from "/src/components/code_snippets/_cheat-sheets-recommended-rule-set.mdx"
 
-# Prevent XSS for Flask
+# XSS prevention for Flask
 
 <XssInjectionIntro />
 
-Learn more about [Cross-site Scripting](/docs/learn/vulnerabilities/cross-site-scripting) vulnerability concepts.
-
 ## Mitigation summary
 
 In general, you should use `render_template()` when showing data to users. If you need HTML escaping, use `Markup()` and review

docs/cheat-sheets/go-command-injection.mdx

@@ -1,25 +1,16 @@
 ---
 slug: go-command-injection
-displayed_sidebar: learnSidebar
-title: "Command Injection in Go"
-hide_title: true
-description: "Cheat sheet for the prevention of Command Injection vulnerabilities for Go."
-tags:
-  - go
-  - command-injection
+description: "Prevent command injection in Go."
 ---
 
 import LinkToRegistryRule from "/src/components/LinkToRegistryRule"
 import CommandInjectionIntro from "/src/components/concept/_command-injection-intro.mdx"
 import RecommendedRuleSet from "/src/components/code_snippets/_cheat-sheets-recommended-rule-set.mdx"
 
-## Prevent Command Injection for Go
+# Command injection prevention for Go
 
 <CommandInjectionIntro />
 
-Learn more about [Command Injection](/docs/learn/vulnerabilities/command-injection) vulnerability concepts.
-
-
 ### Check your project using Semgrep
 
 <RecommendedRuleSet />

docs/cheat-sheets/go-xss.mdx

@@ -1,24 +1,16 @@
 ---
 slug: go-xss
-displayed_sidebar: learnSidebar
-title: "XSS in Go"
-hide_title: true
-description: "Cheat sheet for the prevention of Cross-site Scripting (XSS) vulnerabilities for Go and net/http."
-tags:
-  - go
-  - xss
+description: "XSS prevention cheat sheet for Go 'net/http'."
 ---
 
 import LinkToRegistryRule from "/src/components/LinkToRegistryRule"
 import XssInjectionIntro from "/src/components/concept/_xss-injection-intro.mdx"
 import RecommendedRuleSet from "/src/components/code_snippets/_cheat-sheets-recommended-rule-set.mdx"
 
-## Prevent XSS for Go
+# XSS prevention for Go net/http
 
 <XssInjectionIntro />
 
-Learn more about [Cross-site Scripting](/docs/learn/vulnerabilities/cross-site-scripting) vulnerability concepts.
-
 ## Mitigation summary
 
 The Go template engine in `html/template` does automatic and contextual autoescaping, which mitigates many common XSS mistakes. Some aspects of the engine are confusingly named; therefore, proper use of the library should be enforced using code scanners. You may also consider using a stricter alternative, such as `safehtml`.

docs/cheat-sheets/java-code-injection.mdx

@@ -1,24 +1,17 @@
 ---
 slug: java-code-injection
-title: Code Injection in Java
-hide_title: true
-description: "Cheat sheet for the prevention of Code Injection vulnerabilities for Java."
-displayed_sidebar: learnSidebar
-tags:
-  - java
-  - code-injection
+description: "Prevent potential code injection in Java."
+displayed_sidebar: cheatsheetSidebar
 ---
 
 import LinkToRegistryRule from "/src/components/LinkToRegistryRule"
 import CodeInjectionIntro from "/src/components/concept/_code-injection-intro.mdx"
 import RecommendedRuleSet from "/src/components/code_snippets/_cheat-sheets-recommended-rule-set.mdx"
 
-## Prevent Code Injection for Java
+# Code injection prevention for Java
 
 <CodeInjectionIntro />
 
-Learn more about [Code Injection](/docs/learn/vulnerabilities/code-injection) vulnerability concepts.
-
 ### Check your project using Semgrep
 
 <RecommendedRuleSet />

docs/cheat-sheets/java-command-injection.mdx

@@ -1,24 +1,16 @@
 ---
 slug: java-command-injection
-displayed_sidebar: learnSidebar
-title: Command Injection in Java
-hide_title: true
-description: "Cheat sheet for the prevention of Command Injection vulnerabilities for Java."
-tags:
-  - java
-  - command-injection
+description: "Mitigate command injection in Java."
 ---
 
 import LinkToRegistryRule from "/src/components/LinkToRegistryRule"
 import CommandInjectionIntro from "/src/components/concept/_command-injection-intro.mdx"
 import RecommendedRuleSet from "/src/components/code_snippets/_cheat-sheets-recommended-rule-set.mdx"
 
-# Prevent Command Injection for Java
+# Command injection prevention for Java
 
 <CommandInjectionIntro />
 
-Learn more about [Command Injection](/docs/learn/vulnerabilities/command-injection) vulnerability concepts.
-
 ### Check your project using Semgrep
 
 <RecommendedRuleSet />

docs/cheat-sheets/java-jsp-xss.mdx

@@ -1,24 +1,16 @@
 ---
 slug: java-jsp-xss
-displayed_sidebar: learnSidebar
-title: XSS in Java + JSP
-hide_title: true
-description: "Cheat sheet for the prevention of Cross-site Scripting (XSS) vulnerabilities for Java and Java Server Pages (JSP)."
-tags:
-  - java
-  - xss
+description: "XSS prevention for Java + JavaServer Pages (JSP)."
 ---
 
 import LinkToRegistryRule from "/src/components/LinkToRegistryRule"
 import XssInjectionIntro from "/src/components/concept/_xss-injection-intro.mdx"
 import RecommendedRuleSet from "/src/components/code_snippets/_cheat-sheets-recommended-rule-set.mdx"
 
-# Prevent XSS for Java and Java Server Pages (JSP)
+# XSS prevention for Java + JSP
 
 <XssInjectionIntro />
 
-Learn more about [Cross-site Scripting](/docs/learn/vulnerabilities/cross-site-scripting) vulnerability concepts.
-
 ## Mitigation Summary
 
 JSPs are fraught with peril. HTML escaping in JSP templates requires escaping all data that is rendered onto the page. Worse, business logic can be embedded into JSPs with scriptlets. This is easy to forget or abuse and can easily create XSS vulnerabilities. The default option should be the safe option: Consider using a view or template engine that escapes by default, such as JSF or Velocity. If you cannot migrate to another framework, use a custom EL resolver that applies escaping by default in JSPs, such as

docs/cheat-sheets/java-xxe.mdx

@@ -1,21 +1,13 @@
 ---
 slug: java-xxe
-title: XEE in Java
-hide_title: true
 toc_max_heading_level: 4
-displayed_sidebar: learnSidebar
-description: "Cheat sheet for the prevention of XML External Entity (XEE) vulnerabilities for Java."
-tags:
-  - java
-  - xxe
+description: "XML External entity prevention cheat sheet for Java. "
 ---
 
-# Prevent XML External Entity Vulnerabilities for Java
+# XML External entity prevention for Java
 
 This article documents two attacks related to XML external entities: XML exponential entity expansion and XML external entity injection. In Java, applications are secure from exponential entity expansion by default. Consequently, no security measures are necessary. When exponential entity expansion occurs the JDK throws an exception, but if this exception is not caught and handled, an attack can still cause a denial-of-service attack (DoS). In contrast, there are various countermeasures to protect a Java XML parser from XML external entity injection, but not all are effective. This cheat sheet also provides test results, availability, and the effect of different security measures on several Java classes that process XML documents in section [3. Overview of the effect of security measures for each class](#3-overview-of-the-effect-of-security-measures-for-each-class).
 
-Learn more about [XML Security](/docs/learn/vulnerabilities/xml-security) vulnerability concepts.
-
 ## Check your project using Semgrep
 
 You may use [Pro rules](/semgrep-code/pro-rules/) to check your project for XXE vulnerabilities.