Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Stub security considerations. See #272. #273

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

ioggstream
Copy link

This PR

  • stubs security considerations
  • it is for ease the discussion and allowing the team to provide patches directly to the PR.

Copy link

@Maikuolan Maikuolan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR is a great idea, I think. 👍

that do not have a JSON counterpart.

Implementers interested in using YAML as a more efficient format
to serialize information intented to be consumed in JSON,

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

*intended


Implementers interested in using YAML as a more efficient format
to serialize information intented to be consumed in JSON,
needs to ensure that relevant information will not be lost during

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

*need

and only be enabled explicitly.
In those cases, the implementation should ensure
- for example, via specific functions -
that code execution would result to strictly bounded time/memory limits.

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

result -> adhere (?)

even in these cases it is important
to carefully test the implementation you are going to use.
The same considerations apply when serializing a YAML object
in a format that do not support reference cycles (see Section X.1 of this document).

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

in a format that do not support -> in formats that do not support (or) in a format that doesn't support

@ioggstream
Copy link
Author

This is going to be addressed in yaml media type I-D now.

We can start from the latest version and in future update the reference, so let's leave the issue open.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants