Skip to content

Using YAML to manage Python configurations

Boris Quiroz on December 02, 2019

On my last weekend project I needed to talk to an API using an AUTH_KEY which should be private but should be included in the request instead of us... [Read Full]
markdown guide

That's true though some of it can be avoided via safe load.


Even if everything works perfectly,
YAML parsers tend to be big bulky and slow compared to parsers of simpler formats,
you can even use CSON if you dont want brackets and semicolons, etc
and still more simpler than YAML to parse.


Thanks for sharing this.
How does this compare to saving the key under environment settings and accessing it via os.environ.get() ?
Am just wondering if it's more secure ?


that env vars can be seen (and (personal opinion) I think it's more structured)


Pydantic has a nice BaseSetting module that works with environment variables that I would recommend. Combo that with python-dotenv for file based loading.


Could you add an example of

in some secret place like a vault or something but not publicly accessible to anybody in GitHub

where we can avoid leaking secrets into git ?

code of conduct - report abuse