DEV Community

Liran Tal profile picture

Liran Tal

GitHub Star ūüĆü ¬∑ DevRel at Snyk ūü•Ď ¬∑ Author of Essential Node.js Security http://bit.ly/securenodejs ¬∑ Node.js CLI Best Practices ūüĒ• ¬∑ Docker security ūüź≥

Work

Developer Advocate at Snyk

The security concerns of a JavaScript sandbox with the Node.js VM module

The security concerns of a JavaScript sandbox with the Node.js VM module

3
Comments
5 min read

Want to connect with Liran Tal?

Create an account to connect with Liran Tal. You can also sign in below to proceed if you already have an account.

Already have an account? Sign in
How to verify and secure your Mastodon account

How to verify and secure your Mastodon account

Comments
4 min read
NPM security: preventing supply chain attacks

NPM security: preventing supply chain attacks

Comments
15 min read
How to add Playwright tests to your pull request CI with GitHub Actions

How to add Playwright tests to your pull request CI with GitHub Actions

4
Comments 1
11 min read
Choosing the best Node.js Docker image

Choosing the best Node.js Docker image

Comments
11 min read
How to install Ruby in a macOS for local development

How to install Ruby in a macOS for local development

Comments
7 min read
10 best practices to containerize Node.js web applications with Docker

10 best practices to containerize Node.js web applications with Docker

3
Comments
28 min read
The npm faker package and the unexpected demise of open source libraries

The npm faker package and the unexpected demise of open source libraries

9
Comments
10 min read
How to build a Slack bot with Zapier and JavaScript to fetch trending topics on Reddit

How to build a Slack bot with Zapier and JavaScript to fetch trending topics on Reddit

2
Comments
10 min read
A definitive guide to Ruby gems dependency management

A definitive guide to Ruby gems dependency management

2
Comments
11 min read
Slidev 101: Coding presentations with Markdown

Slidev 101: Coding presentations with Markdown

Comments
8 min read
Snyk Introduces Python Poetry support for securing your Python projects

Snyk Introduces Python Poetry support for securing your Python projects

2
Comments
1 min read
The maintainer's CI workflows recipe for a peaceful open source life

The maintainer's CI workflows recipe for a peaceful open source life

9
Comments 3
4 min read
[Discuss] 10 React security best practices

[Discuss] 10 React security best practices

23
Comments 1
1 min read
[Discuss] Enterprise security best practices for managing vulnerabilities at scale

[Discuss] Enterprise security best practices for managing vulnerabilities at scale

4
Comments
1 min read
AngularJS Security Fundamentals

AngularJS Security Fundamentals

7
Comments
7 min read
Angular vs React: security bakeoff 2019

Angular vs React: security bakeoff 2019

11
Comments
4 min read
Making automatic yet informed decisions when upgrading dependencies

Making automatic yet informed decisions when upgrading dependencies

16
Comments 2
3 min read
JavaScript frameworks security report 2019

JavaScript frameworks security report 2019

78
Comments 1
4 min read
Taking a look at CFPs for NodeTLV. I'll see you there, right?

Taking a look at CFPs for NodeTLV. I'll see you there, right?

5
Comments
2 min read
My first time at JSConf Budapest, how was it?

My first time at JSConf Budapest, how was it?

6
Comments
6 min read
Using jq to manipulate JSON results of snyk security tests

Using jq to manipulate JSON results of snyk security tests

10
Comments
2 min read
npm security tips to keep you safe of malicious modules

npm security tips to keep you safe of malicious modules

51
Comments 1
2 min read
what is your recent dev-related confession?

what is your recent dev-related confession?

5
Comments 4
1 min read
6 stages of refactoring a jest test case

6 stages of refactoring a jest test case

9
Comments
2 min read
npm passes the 1 millionth package milestone! What can we learn?

npm passes the 1 millionth package milestone! What can we learn?

5
Comments
1 min read
Demystifying Jest Async Testing Patterns

Demystifying Jest Async Testing Patterns

19
Comments
4 min read
Are you building Docker images? here's how to avoid leaking sensitive information into Docker images

Are you building Docker images? here's how to avoid leaking sensitive information into Docker images

51
Comments 2
2 min read
Why you should use COPY instead of ADD when building Docker images

Why you should use COPY instead of ADD when building Docker images

54
Comments 2
2 min read
How to securely build Docker images for Node.js

How to securely build Docker images for Node.js

48
Comments 8
2 min read
How to improve your npm identity security with 2FA and Tokens

How to improve your npm identity security with 2FA and Tokens

13
Comments 4
2 min read
Did you hear about the malicious backdoor discovered in the popular bootstrap-sass Ruby gem?

Did you hear about the malicious backdoor discovered in the popular bootstrap-sass Ruby gem?

39
Comments 1
1 min read
Top ten most popular docker images each contain at least 30 vulnerabilities

Top ten most popular docker images each contain at least 30 vulnerabilities

42
Comments 7
2 min read
Tip #5 - audit your project for vulnerabilities in your open source dependencies

Tip #5 - audit your project for vulnerabilities in your open source dependencies

9
Comments
2 min read
Assess your npm project health and call the doctor!

Assess your npm project health and call the doctor!

9
Comments 1
2 min read
So you think you're just gonna `npm install`? Think again

So you think you're just gonna `npm install`? Think again

153
Comments 17
2 min read
How to avoid leaking secrets to the npm registry

How to avoid leaking secrets to the npm registry

42
Comments
2 min read
Reasons to Love Jest: The Developer Experience

Reasons to Love Jest: The Developer Experience

11
Comments
4 min read
Reasons to Love Jest: The Test Framework

Reasons to Love Jest: The Test Framework

13
Comments
3 min read
what would you focus on when hiring engineering vp for a team of 10?

what would you focus on when hiring engineering vp for a team of 10?

11
Comments
2 min read
The long over-due commit of Open Source

The long over-due commit of Open Source

8
Comments
1 min read
git workflows - between forks, squash and rebase

git workflows - between forks, squash and rebase

11
Comments 3
1 min read
Securing a Node.js + RethinkDB + TLS setup on Docker containers

Securing a Node.js + RethinkDB + TLS setup on Docker containers

16
Comments
3 min read
Node.js Yarning for Local Packages

Node.js Yarning for Local Packages

5
Comments
2 min read
loading...