tags:

views:

710

answers:

5
+7  Q: 

Replacement for XML Serialization

I have code using XmlSerializer to serialize/deserialize a data structure for persistance. I've read and heard in several places here on StackOverflow that XmlSerializer is one or more of:

  • Bad
  • Poorly supported/implemented
  • Possibly won't be supported into the future

My question is two-fold; is any of the above true, and if so, what alternatives exist? For my purposes, XML works very well, and I would like to keep that much constant, but everything else is open to change.

EDIT: If you want to suggest something other to XML, I'm open to it, but it does need to be human-readable.

+1  A: 

If you can use .Net 3.5 (preferably SP1), I'd look into the DataContractSerializer. Although it is less configurable than the XmlSerializer, it's faster, easier to work with (at least in my experience) and more portable (i.e. for web services). SP1 changed the default behaviour of it to be opt-out, so you can serialize any class without having to explictly define attributes on everything you need to serialize.

I would recommend thoroughly reading the documentation on it though before investing in it as a change. Depending on how customized your serialization is, it may not work for you.

womp  2009-07-27 06:46:38
Other than having some classes purely as wrapper type classes, there's nothing too special about the `XmlSerializer` stuff I've done. No overrides or anything like that.
Matthew Scharley  2009-07-27 06:51:11
+5  A: 

XmlSerializer is perfectly supportable, but has some glitches;

  • relatively slow; but usually this is still fast enough
  • only supports public members; can be a pain
  • requires write accessors lists - just ugly

However, I expect it to continue to be there for a considerable time; IMO, it is BinaryFormatter that has the real problems (when used for persistence).

I'm very biased (since I'm the author), but I'd choose protobuf-net; a binary serializer using Google's "protocol buffers" wire format; fast, portable between languages/platforms, very small output, version tolerant, etc (and free, of course). Clearly not xml, though - so not human readable.

Marc Gravell  2009-07-27 06:54:33
Marc, is it (easily) possible to replace the default BinaryFormatter with protobuf-net for use with .net remoting?
M4N  2009-07-27 07:01:06
I don't *require* XML (though, it'd be nice so it doesn't break existing installs), but I do require human readable. Thanks for the list of downsides though.
Matthew Scharley  2009-07-27 07:01:20
For remoting, you can implement `ISerializable` (via protobuf-net) in about 4 lines of code per object; about the best I can get it... this is only necessary for the "root" objects (not things that are encapsulated). For human readable... perhaps JSON.Net?
Marc Gravell  2009-07-27 07:12:07
JSON is an interesting suggestion, it didn't even cross my mind... I'll look into it, cheers.
Matthew Scharley  2009-07-27 07:17:28
Note that that is only a "for consideration". If your xml works at the moment, then there is **zero** reason to change anything.
Marc Gravell  2009-07-27 07:31:07
"Works" is subject to interprettation... As others have noted elsewhere, you should be creating a seperate object tree purely for serialization, and I never did, and as such... Well, there's definitely some design compromises that have been made.
Matthew Scharley  2009-07-27 07:34:06
+2  A: 

jSON is much more faster than XML. You can use Json.NET to read it. It has built-in serialization.

http://james.newtonking.com/pages/json-net.aspx

 2009-07-27 07:45:08
Do you have any numbers to support that performance claim?
Marc Gravell  2009-07-27 07:48:13
I did some testing, I can confirm that the files/streams JSON.Net produces are smaller, but the speed is only 10% faster on serialization (when set to not indented) and about 50% slower on deserialization. This is just one set of tests, on one set of data of course. I also suspect that my JSON.Net settings on deserialization are causing the delay - because of a generic list abstract type issue I had to tell it to look for additional type info on ALL objects, which is not ideal.
Tao  2010-06-20 22:26:11
(JSON.Net is also much more pleasant - can handle non-public types, subtypes without the XmlInclude hack, recursive references in multiple ways, and more - but I swear I'm not affiliated in any way! :) )
Tao  2010-06-20 22:29:18
OK, my numbers above were with a specific type handling setting because of sub-classed members; when using only the declared types, JSON.Net is about twice as fast as XmlSerializer on serialization, and just a little bit faster than XmlSerializer on deserialization. It also produces significantly smaller files/streams of course.
Tao  2010-06-26 19:07:15
+2  A: 

As far as the XML Serializer, there's "supported", and there's "supported".

An increasing number of Connect bug reports on the XML Serializer are coming back acknowledging bugs, and stating that the bugs will not be fixed.

I'm sure that if you ran into a security-critical bug in the XML Serializer, that it would be fixed. However, I think it's unlikely that other bugs that are not as critical will ever be fixed.

John Saunders  2009-07-27 18:05:49
+1  A: 

I'm going to take an alternative view:
XmlSerializer is supported, its behaviors are known, and it works well. It is not "bad". It is very general, well documented, has lots of examples. The performance is probably very good for what you need. It probably does what you need.

There are some people who have particular needs that are not addressed by the XmlSerializer. From those requirements we get things like protobufs, DataContractSerializer, and other options.

But XmlSerializer is still very general and probably the most widely applicable serializer in town. It's still probably the safest bet for serializing content.

As to support...
MS may be slowing down on fixing bugs. I compare this to WinForms. WinForms is no longer the primary UI framework being pushed by Microsoft. But it is still mature, works well, performs well. XmlSerializer is the same.

As for support into the future. MS has a 5+5 support policy - they support a product for 5 years after its release, and then you can buy 5 years additional support for it. The .NET Framework is not the supported "thing" - it is the Windows OS that includes .NET that is supported. Windows 7 will include .NET 3.5 (I think the version is 3.5?) and so everything in .NET 3.5, including WinForms and XmlSerializer, will be "officially supported" for an additional 5 years, starting in October or whenever Win7 is released. If it is .NET 4.0, then anything in 4.0 (including, still, WinForms and XmlSerializer) will be supported for 5 years. The 5-year clock restarts every time a new product ships with .NET.

Looking at the VB6 Runtime, it was originally shipped with Visual Studio 6, in 1998. It has been included in Windows since then, including Windows Server 2008 R2, released this year. So the VB runtime will be supported at least until 2014. That's 16 years of mainstream support, at least.

You have nothing to worry about as far as official support. This isn't an open-source project you're talking about. This isn't a stopgap offering like WSE or the SOAP Toolkit.

It's true that there are degrees of support, and older .NET APIs ratchet down in priority as the newer ones are launched and promoted. But the older ones are presumably more stable, by the time they plateau. You're totally safe.

Cheeso  2009-07-28 15:15:03
@Cheeso: do you _know_ something about the pace of bug fixes? I do. I've seen significant bugs closed by saying, "it's a real bug, byt this is legacy code, so we're not going to fix it".
John Saunders  2009-07-28 15:20:52
nope, I don't _know_ anything - your direct observations are probably the best indicator. I do know that the people who designed the XmlSerializer and used to maintain it are now moved to different projects. It has transitioned to new owners.
Cheeso  2009-07-28 16:06:19
Since 28-Jun-2009, I've seen Connect issues closed with, "we're not going to fix it because of the risk of breaking something". The XML Serializer is supported less and less all the time.
John Saunders  2009-08-27 04:33:34

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?