422
If you're developing a FOSS project, be aware of cryptobros trying to PR a tea.yml into it.
(connortumbleson.com)
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Community icon from opensource.org, but we are not affiliated with them.
The easy red flag here is YAML. It’s a hideous, overly-complex format for anything so of course a scam would choose it.
Brief history of YAML:
YAML is generally good if it's used for what it was originally designed for (relatively short data files, e.g. configuration data). Problem is, people use it for so much more. (My personal favourite pain example: i18n stuff in Ruby on Rails. YAML language files work for small apps, but when the app grows, so does the pain.)
This I can get behind. But because it’s not bad in those spaces folks think it’ll be a good idea in all spaces. Anchors do neat things, but organizing large files with YAML’s weird rules around quoting, & no support for tab indentation rub me the wrong way.
Ansible is using YAML and it's orders more readable than any other config engine, like puppet or cfengine.
Ideally, yes it can be beautifully written, certainly more than bash scripts.
With that said, I've also seen some hideous ansible scripts...