Skip to content

Add strict YAML parsing guidance to supplementary guidelines#4878

Open
zeitlinger wants to merge 2 commits intoopen-telemetry:mainfrom
zeitlinger:strict-yaml
Open

Add strict YAML parsing guidance to supplementary guidelines#4878
zeitlinger wants to merge 2 commits intoopen-telemetry:mainfrom
zeitlinger:strict-yaml

Conversation

@zeitlinger
Copy link
Member

@zeitlinger zeitlinger commented Feb 6, 2026
edited
Loading

Adds a new section recommending strict YAML parsing practices for configuration files, including use of YAML 1.2 Core Schema, disabling dangerous deserialization features, and using safe parser modes. This helps prevent security issues and unintended type coercion.

Fixes #

Changes

Please provide a brief description of the changes here.

For non-trivial changes, follow the change proposal process.

  • Related issues #
  • Related OTEP(s) #
  • Links to the prototypes (when adding or changing features)
  • CHANGELOG.md file updated for non-trivial changes
    • For trivial changes, include [chore] in the PR title to skip the changelog check
  • Spec compliance matrix updated if necessary

@zeitlinger
Add strict YAML parsing guidance to supplementary guidelines
431c4c4 
Adds a new section recommending strict YAML parsing practices for
configuration files, including use of YAML 1.2 Core Schema, disabling
dangerous deserialization features, and using safe parser modes. This
helps prevent security issues and unintended type coercion.
@zeitlinger zeitlinger requested review from a team as code owners February 6, 2026 15:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@zeitlinger