Liran Tal is an AI security researcher and Node.js security expert focusing on securing agentic AI workflows, MCP, and software supply chains through research, education, and open-source work.
222 articles from this blog
Analyzes common tight coupling patterns in Node.js code, such as global variables and hardcoded dependencies, and their impact on maintainability.
A guide to using PDF.js for reading/parsing PDFs and PDF Lib for creating/modifying PDFs in Node.js, with code examples.
Explores the ongoing challenges of publishing TypeScript packages for both ESM and CJS in 2025, covering Node.js updates and tooling like tsup.
A technical guide on setting up Home Assistant with AdGuard DNS to block YouTube, using Lovelace UI buttons for easy control.
A technical guide on customizing the Astro Starlight documentation sidebar to dynamically show/hide content based on user authentication status.
A step-by-step tutorial on setting up a Google Cloud project and using Google Cloud Storage to store and serve images.
Applying behavioral economics principles from 'Thinking, Fast and Slow' to improve application security practices and decision-making.
A guide to implementing automatic component imports for MDX files in the Astro framework using the astro-auto-import package.
Explains how to use the new Promise.withResolvers API in Node.js v22+ to manage asynchronous operations in nested tests.
A guide to refactoring Vue.js 3 applications by replacing manual fetch logic with TanStack Query for efficient data fetching, caching, and state management.
Analyzes the trend towards zero-dependency JavaScript, its impact on security, performance, and developer experience, using the axobject-query controversy as a case study.
A guide on running Large Language Models (LLMs) locally for inference, covering tools like Ollama and Open WebUI for privacy and cost control.
The article argues for a shift from subscription-based online LLMs to offline-first Small Language Models (SLMs) due to privacy, security, and cost concerns.
A guide to installing and configuring Playwright for browser automation on Heroku using Node.js, including dependency management and code structure.
Analyzes common security flaws in Express.js authentication, focusing on hardcoded secrets and poor cookie configuration, with solutions.
A guide to using AdGuard Home and Home Assistant to block YouTube and other media sites on specific devices for parental controls.
A case study on implementing HTTP webhooks with Fastify on Firebase Functions, using Lemon Squeezy as a payment processor example.
A technical guide on implementing OpenGraph meta tags in Astro to create compelling social media previews for shared links.
A guide to robust configuration management in Node.js, covering async loading, schema validation, and avoiding common anti-patterns.
A guide on using Tailscale VPN to securely access a self-hosted Home Assistant instance remotely, avoiding insecure internet exposure.
