DEV Community

loading...
Liran Tal profile picture

Liran Tal

🥑 Developer Advocate @snyksec | @NodeJS Security WG | @TheSecureDev team | @jsheroes ambassador | Author of Essential Node.js Security | Let's talk! 😉 ❤️

Work

Developer Advocate at Snyk

All 77 comments

Keep Your Javascript Projects Secure With Snyk

Good write-up Shahed, thanks for sharing!

Vs Code Extensions that really help out!

Joining my colleagues here to suggest adding Vuln Cost for a ...

From Flight Attendant to Software Developer

Inspiring! Keep it up

Chrome Extensions Every Developer Should Have

I'll add a PR yes, thanks!

Chrome Extensions Every Developer Should Have

If you press the T key in your keyboard while viewing the mai...

Chrome Extensions Every Developer Should Have

Nice list, a long time user of OctoTree but stopped after I f...

Docker Cheat Sheet

thanks! hmm, there's something but I can't remember its name....

How to use Snyk for fixing node module vulnerabilities

Well written Craig. Love this new CLI and your way around the...

Automated testing with mocha and puppeteer on circleCI

Thank you for this post, it was helpful to me to learn about ...

is-web-monetized

Woah that looks awesome! Well done

is-web-monetized

Ohh now you got me curious. What are you building with blesse...

is-web-monetized

I love CLIs, and this is a cool idea! :)

GitHub API Authentication - Introduction

Gregor, thanks for writing this. Maybe you want to update the...

A Second Chance at Pact

I like the angle on not introducing random data to the test i...

Flexible and Extensible Emergency Contact Information with Twilio and Azure Functions

I'm not surprised you built the function using Python! 👌🤗

Docker Cheat Sheet

thanks :)

Docker Cheat Sheet

Even a repo at the end, nice! I'm biased because I built dock...

shrun: A modern CLI testing framework

That's a pretty cool idea, way to go 👏

DevRel Without Physical Conferences

Thanks for sharing!

9 ways to level up your browser devtool skills

Just curious. Would make for a good series :)

9 ways to level up your browser devtool skills

Great stuff! Are you going to explore other areas of the De...

S.O.L.I.D. Principles around You, in JavaScript

hah thanks! :)

10 principles of scalable frontend projects

Great article and a solid set of tips for starting out proj...

S.O.L.I.D. Principles around You, in JavaScript

Thanks for sharing Francesco. For the open/close principle ...

How to Set Up a React Project with Create React App

Nice coverage of all the basic parts. Thanks Joe!

Making automatic yet informed decisions when upgrading dependencies

Happy to hear you love it 🤗

How to write a CFP Response?

I love the 4 sections breakdown in a CFP 👌 Usually I also ...

What kind of doctor fixes broken websites?

👌

So you think you're just gonna `npm install`? Think again

if you run an npm install with npm ci then npm will only co...

Measuring Success and KPIs in Developer Relations - Community Contributed Outline

how do we know if these new users came from DevRel's advoc...

Measuring Success and KPIs in Developer Relations - Community Contributed Outline

thanks for sharing Tessa. Definitely an interesting topic and...

7 years as a developer - lessons learned

Great post Tomasz! ❤

When not to use package-lock.json

This is more of your own opinion Gajus than a best practice...

what is your recent dev-related confession?

makes total sense

OSINT for job hunting?

Spy the spies! I like it :-)

Your web app vulnerabilities

Such a broad question... :-) What are you interested in fig...

Using Geolocation with Vue.js

Nice one Raymond! Easy to follow and I'm pretty surprised (...

Why I dislike GitHub security alerts? (and how to disable them)

Chiming here again since the nuance of yarn upgrade or npm ...

Why I dislike GitHub security alerts? (and how to disable them)

Nice write-up Pooya. Love seeing how developers further emb...

VSCode frustration to VSCode love ♥

Thanks for sharing! 🤗

You, me and package.json

Nice write-up Fernando!

what is your recent dev-related confession?

Learned that too now :-)

Are you building Docker images? here's how to avoid leaking sensitive information into Docker images

Thank you for spotting that and letting me know! fixed :)

My first npm package - eslint-formatter-complexity

No one ever said "I have too many static code analysis tool...

Why you should use COPY instead of ADD when building Docker images

Thanks! Really happy you like it ❤️❤️❤️

Making a Video Game Using Phaser

Looks nice, thanks for sharing!

Where do you keep credentials for your Lambda functions?

Great walkthrough, I liked it and thanks for preaching the no...

How to securely build Docker images for Node.js

Thanks for reassuring.

Using npm's `ls` command for Fun and Insight

George, if you have inconsistencies between the package man...

Up to 20% of your application dependencies may be unmaintained

there's a related research in this area which shed some mor...

How to securely build Docker images for Node.js

Would you like to reference an example Dockerfile for that?...

How to securely build Docker images for Node.js

the USER instruction though is only switching the user owne...

Why you should not use (long-lived) feature branches

and that's the visibility in the history. If you're not...

Why you should not use (long-lived) feature branches

Feature flags (or toggles) are essential for continuous dep...

Why you should not use (long-lived) feature branches

I think the title is a bit misleading. With Trunk Based Dev...

Why you should not use (long-lived) feature branches

Great writing and appreciate you advocating for TBD. I've b...

My 🔥 First Experience Attending TC39

Thanks! Looking forward to more of your updates from these ...

My 🔥 First Experience Attending TC39

Thanks for sharing Tierney! Really happy to hear about your...

How to improve your npm identity security with 2FA and Tokens

Thanks Tari. The lingo of "Authorization-only" and such is ...

Real World Developer's Problems: API Versioning

An HTTP Accept Header is probably the most semantic way to ...

Top ten most popular docker images each contain at least 30 vulnerabilities

Let's say we are running a hosting service, then docker is...

Don't use "sudo" with NPM "install"

Definitely, thanks for raising this. Using sudo is definite...

Top ten most popular docker images each contain at least 30 vulnerabilities

Hi Jorge, Thanks for chiming in :-) I actually don't shar...

So you think you're just gonna `npm install`? Think again

Sounds good. If I could help you in getting started with S...

So you think you're just gonna `npm install`? Think again

How exactly are you combining audit and npm's install/ci? I...

So you think you're just gonna `npm install`? Think again

Not so ideal when the package.json alone changes. These are...

So you think you're just gonna `npm install`? Think again

I'm not using version lens. Does that also care to update t...

So you think you're just gonna `npm install`? Think again

No. In no circumstance it would be appropriate to manually ...

So you think you're just gonna `npm install`? Think again

Glad you asked! It's an easy mistake to make. That would be...

So you think you're just gonna `npm install`? Think again

Hey Boris! Nice to e-meet you :) The issue that can arise ...

Awesome Docker Links

and a shameless plug for dockly if you're into CLIs - it's ...

IG Public API - Lessons Learned

my 2 cents: A. APIs should definitely use HTTP status code...

So you want a public API?

What's your stand on API versioning? Since you have a secur...

Using better CLIs

if you're already on the topic of better CLIs then... Dockl...

RESTful API Versioning Best Practices: Why v1 is #1

for Node.js / ExpressJS readers - github.com/lirantal/expre...

git workflows - between forks, squash and rebase

The two options I provided aren't contradicting actually bu...

What are Your Favorite DevOps Services?

SecurityOps - we're using Snyk.io platform and GitHub integ...

loading...