"What an honor. Thank you Liran. Some people talk about AppSec (me) and some people really dig in and do the work (you). I'm a big fan. 🤙🏻"

"This is one of the best guides I've seen on this topic, really cool stuff. Definitely going to take a look at @snyksec's @github action to add it in our @hoprnet project."

"This has become my primary source for learning docker with node. Thanks for sharing these 💝"

"After being in a workshop by @liran_tal and realizing that RegExps can be exploited fairly easily, I decided to use a validation library. I even contributed to the @DefinitelyTyped definition of it :D"

JavaScriptLandia Pathfinder Security Award to Liran Tal

Congratulations again to the recipients of our first ever JavaScriptLandia awards last week at #openjsworld22! ⭐️ @BethGriggs_⭐️@matteocollina ⭐️Darshan Sen ⭐️@TzviyaSiegman ⭐️@liran_tal ⭐️ @wesbos

GitHub Star

Congratulations to @liran_tal, on becoming a GitHub Star ⭐. Liran ❤️s making security accessible to all. He's a maintainer, speaker, author, and mentor. Check out his GitHub Star profile.

"Quickly find publicly known security vulnerabilities in a website's JS libs 🖋 by @liran_tal 💭 #cli #javascript #security https://changelog.com/news/83PM "

JavaScriptLandia Pathfinder Security Award to Liran Tal

Flattered and deeply honored to be awarded the @OpenJSF JavaScriptLandia Pathfinder Security Award for 2022, announced on OpenJS World 2022 in Austin 🥰. Many thanks to everyone who have nominated me. I'm passionate to educate and help improve developer security for us all.

"I really love the cheat sheets you made on this. I can't do anything with #NodeJS and #Docker without considering your suggestions/insights"

"path traversal - may the path be with you, @liran_tal warning about dangers in vscode extensions dotdotpwn'ing /etc/hosts @ #NodeConfEU r%2d%u"

"path traversal - may the path be with you, @liran_tal warning about dangers in vscode extensions dotdotpwn'ing /etc/hosts @ #NodeConfEU r%2d%u"

"🛡 In @HTTPArchive's Web Almanac security chapter, @Saptak013, @liran_tal& @_clarkio share correlations between security adoption measures. They also discuss Web Application Security Working Group's standards & drafts."

"https://github.com/lirantal/lockfile-lint is a great tool to help reduce that risk"

"This should be a standard for any back-end-to-front-end integration! Thank you @liran_tal!"

"This should be a standard for any back-end-to-front-end integration! Thank you @liran_tal!"

"This re-prompted me to test Debian (Bullseye + Node 18.11 vs Alpine) images on Cloud Run. I ran a quick experiment for a couple of hours. Debian is ~: 30% lower CPU, 30% lower startup latency, 30% lower billable time ($), ~10% more RAM Thanks so much, as always, @liran_tal!"

"All @nordicjs talks are finally online, thanks a lot! here are my favs: ES2025 news, Interviews for developers, hacking react apps by @liran_tal, Leveraging types to make UI by @bloodyowl, security risks in your node_modules by @feross, web perf boost by @vitalyf"

"Thanks to @liran_tal, now I have a better understanding why you should always use “—ignore-scripts” within your 'npm install' calls 😈 #JSNation #gitnation"

"I know I'm not allowed to call favsies but REALLY enjoyed @TauriApps' and @liran_tal sessions at #jsnation on, respectively, shipping code with a smaller footprint using open source, and OSS supply chain security 🔒"

"בהרצאה של לירן טל, אחד המתכנתים הטובים שאני מכיר :-) #drupalcampisrael2013"

"Thanks to @liran_tal, we're now running Node 18 Debian (slim) in prod & I measured the improvements vs Alpine w/ same workload: ✓ -16.3% CPU, ❌+8.6% RAM, ✓ -3.7% exec time, ✓ -14.5% start latency, ✓ -17.6% billable time (& thus $ saved), 5 lines of config changed. Anyone know why?"

"JavascriptLandia Security pathfinder award @liran_tal #openjsworld22"

"uuhuuuuuu congrats @liran_tal for the Pathfinder award for security 🤩🤩 #openjsworld22 #openjsworld"

"Thanks @liran_tal, you had great insights and it was a pleasure to pick your brain."

"Did you already hack a React App? We are doing it with @liran_tal #JSDayCAN2022"

"Being part of @canariasjs staff gives me the privilege to attend and record @liran_tal workshop. Wonderful professional and better person. #JSDayCAN2022"

"Being part of @canariasjs staff gives me the privilege to attend and record @liran_tal workshop. Wonderful professional and better person. #JSDayCAN2022"

"Being part of @canariasjs staff gives me the privilege to attend and record @liran_tal workshop. Wonderful professional and better person. #JSDayCAN2022"

"'Ready, Code, Push'- Fascinating Advancing open source course, lead by @liran_tal"

"Thanks Liran! The island tech community is wonderful and we're proud to be part of it. Your presentation was fantastic and spurred discussion at our firm about how to be more deliberate about web security."

"תפקיד הDeveloper Relations הוא אחד המאתגרים שיש. אנשי DevRel טובים צריכים לשמור על איזון לא פשוט בין רמה טכנית גבוהה, יכולות תקשורת והעברת מסרים, ויצירה מתמשכת של תוכן בעל ערך. ממש כיף לראות נציגות משלנו, @liran_tal, ברשימת 100 אנשי הDevRel המשפיעים בעולם https://ecairn.com/blog/top-100-influencers-devrel"

"We would like to thank 470 npm practitioners who participated in our research and provided valuable feedback. The paper is available in arXiv: https://lnkd.in/gwGt989T. @liran_tal"

"We would like to thank 470 npm practitioners who participated in our research and provided valuable feedback. The paper is available in arXiv: https://lnkd.in/gwGt989T. @liran_tal"

"An ESLint plugin to detect and stop Trojan Source attacks #infosec #javascript"

"dockly is an immersive terminal interface for managing docker containers and services https://buff.ly/2IHF1gg"

"If you're working with #Docker, do yourself a favour and checkout @liran_tal dockly https://github.com/lirantal/dockly"

"Dockly is a lightweight CLI Docker management tool. Limited but useful when using SSH."

"Dockly - Manage Docker Containers From Terminal #Dockly #Docker #Virtualization #ManageDockers #LinuxContainers #Nodejs #Opensource #CLI https://ostechnix.com/dockly-manage-docker-containers-from-terminal/"

"🐳 lirantal/dockly Immersive terminal interface for managing #docker containers and services https://github.com/lirantal/dockly"

"Just want to give a shout out to @liran_tal for writing this cheatsheet for dockerizing nodejs apps: https://snyk.io/wp-content/uploads/10-best-practices-to-containerize-Node.js-web-applications-with-Docker.pdf I don't know how many times I've pointed people to it."

"Highly recommend this beyond-the-basics Node.js talk by Liran Tal 'Mastering Node.js best practices for Docker-based applications' https://youtu.be/VSEx8gV51lY"

"Highly recommend this beyond-the-basics Node.js talk by Liran Tal 'Mastering Node.js best practices for Docker-based applications' https://youtu.be/VSEx8gV51lY"

"This guy is the best!!! I hugged him tight! ❤️❤️❤️"

"This morning I learned how to author an ESLint plugin! Pretty cool 😍 Thanks @simonesanfradev and @liran_tal"

"Open Source is awesome! I have been learning a lot about ESLint, ASTs, and security working on this PR: https://github.com/eslint-community/eslint-plugin-security/pull/95 - A huge thank you to @simonesanfradev for involving me in this, to @liran_tal for inspiring this work, and to @slicknet for the awesome review session!"

"היי לירן, יצא לי לצפות בהרצאה שהעברת לטכניון בנושא חבילות זדוניות ורק רציתי להגיד שההרצאה הייתה מרתקת וגם העברת אותה בצורה ממש ברורה (אם במקרה יש לך עוד הרצאות פומביות שהעברת או שתעביר, אשמח לשמוע על כך)."

"Thank you so much. You are my inspiration 😌"

"Thanks for your contribution. You make world a better place mate"

"Security is such an overseen topic on FE development. The @snyksec team is doing a great job in sharing knowledge and @liran_tal is producing content left and right!!"

"Holiday it is coming to an end. I was almost entirely absent from social media but did not code for two weeks! 🤯 I did watch the whole start wars movies instead & finished reading @liran_tal book “Essential Node.js Security for Express Web Applications” which I totally recommend"

"Highly recommending you to follow @liran_tal as he has been doing a lot of work on improving security of JavaScript & Node.js projects. https://github.com/lirantal has some of the past tools etc. listed, and he does a good amount of writing about the topic."

"Bumping from January. Great resource from @liran_tal and the Snyk team."

"Good managers push you forward. Amazing ones keep doing it long after you left. Thank you @liran_tal ❤️"

"Convinced I gotta get @snyksec into my projects after seeing @liran_tal's talk on security. @VoxxedFrontend"

"Look what I picked up at #OReillySACon. Kudos @liran_tal @guypod and @snyksec!"

"Excellent talk by @liran_tal at @devseccon TLV. We know that open source packages are dangerous - containers contain lots of them and are VERY dangerous!"

"Thanks to @liran_tal, @HugoLocurcio and Hongarc for the contributions to MockIt yesterday 🙇‍♂️ 🎉 👍 I found https://allcontributors.org through @kentcdodds open source work, and I think it's such a great tool!"

"The change that I made in @liran_tal's lockfile-lint just saved me from committing "version": "file:" in my package-lock.json 👌🏻👍🏻"

"I want to publicly thank the amazing work that @snyksec is doing for help us to understand what is going on in the #OpenSource ecosystem regarding #Security.This awesome talk from @liran_tal is one of the keys to understand the big picture. 👏👏👏"

"Remember when I said use a lock file and you will be safe? Turns out it's not that that simple! Great read from @liran_tal Why npm lockfiles can be a security blindspot for injecting malicious modules | Snyk https://buff.ly/2mDI5on"

"Some of the things I'm teaching I know from you 😁"

"Hey man! Your content on has helped me a ton 😊"