Summary
The SafeguardDotNet SDK currently uses Newtonsoft.Json for all serialization. This blocks downstream consumers from using .NET Native AOT publishing, because Newtonsoft.Json relies heavily on runtime reflection that AOT cannot support.
Benefits of AOT for Downstream Consumers
- ~60% smaller single-file binaries (~15MB vs ~70MB)
- Near-instant startup (~50ms vs ~1-2s)
- No .NET runtime bundled in the output
- Lower memory footprint (~30-50% reduction)
- Predictable performance with no JIT compilation pauses
Proposed Approach
Migrate to System.Text.Json with source generators (JsonSerializerContext). This would:
- Enable full AOT compatibility (no reflection-based serialization)
- Improve serialization performance even without AOT (source generators are faster)
- Remove the Newtonsoft.Json transitive dependency for consumers
This is a breaking change for anyone using JObject/JToken directly from the SDK's public API surface, so it would likely target a major version bump.
Alternatives
- Keep Newtonsoft.Json, accept larger binaries (current state)
- Dual-target with an abstraction layer (complex, not recommended)
- Use
System.Text.Json only for internal serialization while keeping Newtonsoft for public API (leaky)
Summary
The SafeguardDotNet SDK currently uses Newtonsoft.Json for all serialization. This blocks downstream consumers from using .NET Native AOT publishing, because Newtonsoft.Json relies heavily on runtime reflection that AOT cannot support.
Benefits of AOT for Downstream Consumers
Proposed Approach
Migrate to
System.Text.Jsonwith source generators (JsonSerializerContext). This would:This is a breaking change for anyone using
JObject/JTokendirectly from the SDK's public API surface, so it would likely target a major version bump.Alternatives
System.Text.Jsononly for internal serialization while keeping Newtonsoft for public API (leaky)