为什么这么多应用程序/框架将其配置文件保留为未执行的格式?

发布于 2024-08-08 20:33:55 字数 481 浏览 6 评论 0原文

许多框架使用与程序其余部分不同的语言保存其配置文件。例如,Appengine 以 yaml 格式保存配置。相比之下,DJango settings.py 是一个 python 模块。我可以看到这有很多缺点。

如果它与程序的其余部分使用相同的语言,我可以

在配置文件中做有趣的事情。

 MEDIA_DIR = os.path.join(os.path.dir(__file__), 'media')
 #Or whaever the correct cals are, you get the idea.
  • 不必学习新的(公认的轻量级)格式
  • 我的工具可以按预期工作。
  • 我可以做 import conf 等。

如果它是像 C/C++ 等重量级语言,我可以看到优势,但对于 python 来说,为什么它有意义。这似乎只是剥夺了权力,却没有增加任何好处。

Many frameworks keep their configuration files in a language different from the rest of the program. Eg, Appengine keeps the configuration in yaml format. to compare, DJango settings.py is a python module. There are many disadvantages I can see with this.

If its in same language as rest of the program, I can

Do interesting things in the configuration file.

 MEDIA_DIR = os.path.join(os.path.dir(__file__), 'media')
 #Or whaever the correct cals are, you get the idea.
  • Don't have to learn a new(admittedly lightweight) format
  • My tools work as expected with it.
  • I can just do import conf etc.

I can see the advantages if it were a heavyweight language like C/C++ etc, but for python why does it make sense. It just seems like taking away power without adding any benefits.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(5

差↓一点笑了 2024-08-15 20:33:56

他们可能只是没有想到他们能做到。许多程序员都来自过去,那时脚本语言速度很慢,而且并不比编程语言简单(只要看看像 Unix shell 这样的东西)。当漂亮的动态语言出现时,他们只是坚持“纯文本配置文件”,因为这就是他们一直在做的事情。

It probably just didn't occur to them that they could do it. Many programmers are from the old days where scripting languages were slow and not really more simple than the programming languages (just look at things like Unix shells). When nifty dynamic languages came along, they just stuck to "text only config files" because that's what they always did.

我很OK 2024-08-15 20:33:55

一些框架设计者认为配置文件不适合放置繁重的逻辑。正如 MVC 框架阻止您将逻辑放在不属于它的地方一样,配置文件也阻止您将编程放在不属于它的地方。

这是品味和哲学的问题。

也就是说,我更喜欢 Django 的方法。

Some framework designers feel that the configuration files are inappropriate places for heavy logic. Just as the MVC framework prevents you from putting logic where it does not belong, the configuration file prevents you from putting programming where it does not belong.

It's a matter of taste and philosophy.

That said, I prefer Django's method.

牵强ㄟ 2024-08-15 20:33:55

Python 可能并不总是 appengine 运行的唯一语言。
因此,相同的 yaml 配置文件可以驱动用 java 或 perl 等语言编写的 appengine 应用程序

Python may not always be the only language that appengine runs on.
So the same yaml configuration file could drive an appengine app written in, for example, java or perl

不醒的梦 2024-08-15 20:33:55

有时您需要使用自动/GUI 工具来解析和/或生成和/或修改配置文件。如果你的conffile是一个python脚本,这并不容易。

Sometimes you need to use an automatic/GUI tool to parse and/or generate and/or modify a configuration file. This is not easy if your conffile is a python script.

姜生凉生 2024-08-15 20:33:55

有一个很好的理由:如果您的程序分布在不安全的环境中,例如用户计算机,则执行如此容易修改的文本文件将为许多病毒打开大门。对于 django 应用程序来说,这种情况较少,因为该应用程序托管在服务器上 - 一个安全的环境。但是对于使用 py2exe 在 Windows 上分发的应用程序,您应该避免让您的程序执行随机的东西。

使用 YAML 这样的语法的另一个原因是您可以使用其他工具甚至其他语言来操作文件,该格式是可移植的并且有足够的文档记录。

也就是说,当我需要一个带有 python 程序的配置文件时,我使用带有一些安全措施的 python 字典:

  • 删除封闭的 { },以便它不会直接评估为 python 表达式,
  • 使用 safe_eval 丢弃任何可执行项目。

There is a very good reason: if your program is distributed in an unsafe environment, like the user computer, executing a text file which is so easy to modify is the door open to many viruses. This is less the case with a django application where the application is hosted on the server - a safe environment. But with an application distributed on windows using py2exe, you should refrain to make your program execute random stuff.

Another reason for using a syntax like YAML is that you can manipulate the file using other tools, even other languages, the format is portable and documented enough.

That said, when I need to have a configuration file with a python program, I use a python dictionnary with a few security measures:

  • remove the enclosing { } so that it does not eval directly to a python expression
  • use of safe_eval to discard any executable item.
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文