Comments (2)
earonesty
commented on August 15, 2024
1
UCL:
- The "automatic array creation" of UCL/nginx sounds like a recipe for an unexpected attack vector at worst... and an unexpected crash at best.
- The benchmarking is a bit disengenous... since JSON is a subset of UCL, it's simply not possible for it to be faster in a fair test. "nearly the same", i'll buy. It makes me trust the rest of the site less.
- Macros can result in the billion-lol attack, and includes, also are unsafe, so it's important to note that UCL is for "trusted sources only"
- UCL's macros and includes can be good for expressing a series of complex config files... but at that point, you might as well express it with eval().... it's just as secure and probably more powerful
By contrast:
- TOML is a very decent config file spec.
- Safer than UCL and is more readable than JSON.
- For configuration... it follows the INI-file syntax, which is well-known.
- Some smart things in TOML:
- bare keys are always strings... unlike YAML where they can magically be anything
- multiple keys are not allowed (JSON bad)
- nesting is simple, good support for multiline strings, bools only have 2 values, date support,
- comments
In my (random person on the internet) opinion.
from arp242.net.
arp242
commented on August 15, 2024
Thanks for the suggestion @igor84, as well as @earonesty for your thoughts.
I removed the entire Alternatives section for now, as I don't have the time or interest to do a comprehensive and fair review. See #8 (comment) for a more detailed rationale.
from arp242.net.
Related Issues (20)
- Hi as of 16:00 CEST the link to your version points back to the page itself - not to the book... HOT 4
- how stallman accesses the internet HOT 3
- Translation Permission HOT 3
- Use utterances for comments HOT 4
- If thats the main reason why you like jquery so much why not use zepto? HOT 6
- Intersting article on problems with YAML, your thoughts on UCL. HOT 1
- "Tired of Stack Overflow" typo HOT 1
- Observations re. stack overflow HOT 3
- Re The other kind of censorship Written on 10 Jun 2019 HOT 1
- jQuery build without sizzle? HOT 4
- The Art of Unix Programming, reformatted: fix-taoup.py link broken HOT 1
- Thought about Yaml HOT 1
- Linking broke down on https://www.arp242.net/git-hg.html HOT 2
- Post “On being the right size” is broken HOT 1
- Stupid Light is right
- DeGPLing European Union Public License HOT 3
- "Why I’m still using jQuery in 2019" - this article is totall bullshit. HOT 1
- Typo in rms.html HOT 1
- Missing bits ... HOT 2
- Rimworld modding linux - Typo i code
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from arp242.net.