Home

serializes

Serialization is the process of converting an in-memory data structure or object into a format that can be stored on disk, transmitted over a network, or otherwise reconstituted later. The verb form serializes is used to describe performing this process, while deserialization is the reverse.

Common formats include text-based formats such as JSON, XML, YAML, and CBOR, and binary formats such as

Serialization supports persistence, communication between processes or services, caching, and inter-process communication. It enables multi-language interoperability

Design considerations include how to handle references and cycles, how to version schemas, and how to evolve

Security concerns arise with deserialization of untrusted data, which can lead to code execution, object injection,

In programming languages, many ecosystems provide serialization tools: for example, JSON libraries in most languages; Python’s

Protocol
Buffers,
Avro,
MessagePack,
and
BSON.
Text
formats
are
human-readable
but
often
larger;
binary
formats
can
be
more
compact
and
faster
to
parse
but
require
schemas
or
tooling
to
interpret.
when
a
shared
format
is
used.
Some
systems
preserve
object
graphs
and
type
information,
enabling
exact
reconstruction,
while
others
store
only
data
values.
data
structures
without
breaking
existing
clients.
Some
formats
are
self-describing
(XML,
JSON
with
schemas)
while
others
require
predefined
schemas
(Protocol
Buffers,
Avro).
or
data
corruption.
Practices
include
validating
input,
using
immutable
types,
and
choosing
safe,
well-maintained
serializers.
pickle
(with
caveats);
Java's
Serializable
interface;
.NET
serializers
such
as
DataContractSerializer
and
BinaryFormatter
(the
latter
now
discouraged).