DEV Community

loading...
Cover image for Preventing YAML parsing issues in Java

Preventing YAML parsing issues in Java

Brian Vermeer πŸ§‘πŸΌβ€πŸŽ“πŸ§‘πŸΌβ€πŸ’»
Java Champion | DevRel | VirtualJug lead | NLJUG lead | Dutch Air Reserve | Taekwondo Master | Flag Football LB/QB
・1 min read

YAML is a human-readable language to serialize data that’s commonly used for config files. The word YAML is an acronym for β€œYAML ain’t a markup language” and was first released in 2001. You can compare YAML to JSON or XML as all of them are text-based structured formats.

YAML files are often used to configure applications, application servers, or clusters. It is a very common format in Spring Boot applications and, of course, to configure Kubernetes. However, similarly to JSON and XML, you can use YAML to serialize and deserialize data.

Most importantly to note, manually importing YAML in your Java application with an outdated version of snakeyaml might get you into trouble.

For instance, do you have any idea what this code below does and how it can affect your Java application?

yaml lol

Read the full article to understand what it does and how to prevent it in your Java application.

Discussion (0)