(no title)

Hell starts to open when people use string template languages to generate YAML files, such as in Helm charts. This is stupid because the templating language is not aware of the host language semantics. It is quite similar to the SQL or HTML injection problem we fought 20yrs ago and finally overcame with templated queries and auto-escaping.