|
Size: 1590
Comment: Some cleanup, spelling corrections, added part about safely using PyYAML (safe_load vs load)
|
← Revision 8 as of 2021-03-28 17:42:24 ⇥
Size: 1590
Comment: Changed the order of the headings to be more logical
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 2: | Line 2: |
=== PyYAML parser === [[http://pyyaml.org/|PyYAML]] is the most-used and go-to YAML package, which tries to be as compliant as possible with the YAML specs. It is, at its core, C-based. It can both read and write YAML. You can read the [[https://pyyaml.org/wiki/PyYAMLDocumentation|official documentation]], or try the condensed/simplified version of these docs, with usable example code on this [[https://python.land/data-processing/python-yaml|Python YAML tutorial]]. When using this package, be careful which function you use. The `load()` function is very powerful and allows arbitrary code execution, while the `safe_load()` function is enough for most use cases. It only allows a subset of the load function, making it a much safer choice. For more details, see also the [[https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation|load deprecation notice]]. |
|
| Line 11: | Line 17: |
=== PyYAML parser === [[http://pyyaml.org/|PyYAML]] is the most-used and go-to YAML package, which tries to be as compliant as possible with the YAML specs. It is, at its core, C-based. It can both read and write YAML. You can read the [[https://pyyaml.org/wiki/PyYAMLDocumentation|official documentation]], or try the condensed/simplified version of these docs, with usable example code on this [[https://python.land/data-processing/python-yaml|Python YAML tutorial]]. When using this package, be careful which function you use. The `load()` function is very powerful and allows arbitrary code execution, while the `safe_load()` function is enough for most use cases. It only allows a subset of the load function, making it a much safer choice. For more details, see also the [[https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation|load deprecation notice]]. |
YAML is a human-friendly format for structured data, that is both easy to write for humans and still parsable by computers.
PyYAML parser
PyYAML is the most-used and go-to YAML package, which tries to be as compliant as possible with the YAML specs. It is, at its core, C-based. It can both read and write YAML. You can read the official documentation, or try the condensed/simplified version of these docs, with usable example code on this Python YAML tutorial.
When using this package, be careful which function you use. The load() function is very powerful and allows arbitrary code execution, while the safe_load() function is enough for most use cases. It only allows a subset of the load function, making it a much safer choice. For more details, see also the load deprecation notice.
YAML examples and usage in notable Python apps
YAML is a feature-rich language. Some packages that heavily depend on YAML are:
tmuxp - http://tmuxp.readthedocs.org/en/latest/examples.html
ansible - http://www.ansibleworks.com/docs/YAMLSyntax.html and http://www.ansibleworks.com/docs/playbooks.html#id9
appengine - https://developers.google.com/appengine/docs/python/config/appconfig and https://github.com/rietveld-codereview/rietveld/blob/master/app.yaml
salt - http://docs.saltstack.com/topics/tutorials/starting_states.html#default-data-yaml