Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Removal of BinaryFormatter in .NET 8.0

See original GitHub issue

Description

Due to security issues, BinaryFormatter will be removed in .NET 8.0 and its Serialize and Deserialize methods are currently obsolete in .NET 5.0.

There is currently a single use of BinaryFormatter’s Serialize and Deserialize methods: https://github.com/fluentassertions/fluentassertions/blob/834a2db00a60e2626655a28a129c084831b85880/Src/FluentAssertions/ObjectAssertionsExtensions.cs#L142-L153

Although it’s a long way off until BinaryFormatter is removed, I figured it’d be a good idea to bring some attention to it. I stumbled upon this while working on #1754.

Issue Analytics

  • State:open
  • Created 2 years ago
  • Comments:7 (7 by maintainers)

github_iconTop GitHub Comments

1reaction
dennisdoomencommented, Aug 18, 2023

You would still need to have FA target .NET 8 to make that work. I recommend to wait a couple of days. As soon as #2152 has been merged, we’re going to release 6.12 and switch develop to become the next major release.

0reactions
lg2decommented, Aug 19, 2023

I prepared the following:

  1. Remove in net8
  2. Obsolete otherwise

This helps the users to migrate. Why we should remove it from targets, where it is still supported?

Read more comments on GitHub >

github_iconTop Results From Across the Web

BinaryFormatter disabled across most project types - .NET
In .NET 7, the BinaryFormatter.Serialize(Stream, Object) and BinaryFormatter.Deserialize(Stream) methods were marked obsolete and raised an ...
Read more >
BinaryFormatter serialization methods are obsolete and ...
In .NET 7, the affected APIs are obsolete as error. For more information, see BinaryFormatter serialization APIs produce compiler errors.
Read more >
.net 5 - Is there a high performance way to replace the ...
BinaryFormatter is responsible for many of .NET's historical vulnerabilities, and it can't be fixed. It will likely become completely ...
Read more >
What is a proper replacement for BinaryFormatter that still ...
Given binaryformatter is insecure, I was looking for alternatives, but so far only JSON and XML appear. Is there a binary alternative?
Read more >
Discussion - State of binary serialization
I have found serializing byte arrays and writing to files very useful. The .NET BinaryFormatter is going to be removed. DOTS StreamBinaryWriter ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

v6.4.0 breaks build under mono when targeting net48

Next page

BeLowerCased() results in failing tests with only lower case characters.