[CSHARP-4534] Consider adding anonymous types to DefaultAllowedTypes Created: 18/Feb/23 Updated: 21/Jul/23 Resolved: 21/Jul/23 |
|
| Status: | Closed |
| Project: | C# Driver |
| Component/s: | Serialization |
| Affects Version/s: | None |
| Fix Version/s: | 2.21.0 |
| Type: | Improvement | Priority: | Unknown |
| Reporter: | Boris Dogadov | Assignee: | Robert Stam |
| Resolution: | Done | Votes: | 1 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||
| Documentation Changes: | Not Needed | ||||||||||||
| Documentation Changes Summary: | 1. What would you like to communicate to the user about this feature? |
||||||||||||
| Comments |
| Comment by Githook User [ 21/Jul/23 ] | ||||
|
Author: {'name': 'rstam', 'email': 'robert@robertstam.org', 'username': 'rstam'}Message: | ||||
| Comment by Boris Dogadov [ 12/Jul/23 ] | ||||
|
Hi erik.hennerfors@laget.se Thanks. | ||||
| Comment by Erik Hennerfors [ 03/Jul/23 ] | ||||
|
Hi Kind regards | ||||
| Comment by Erik Hennerfors [ 23/Feb/23 ] | ||||
|
Hi One of the strengths, as I see it, of a document database is that you don't need to type everything. For example, we use MongoDB to store entity audit logs where we have dynamic fields for properties changed on the entity, this is now unusable if we upgrade to 2.19.0 At least a better example should be provided of how to use dynamic as a property type, since the one we've seen being documented does not work.
Adding this into for example the `Configure` method in `Startup.cs` will only result in the error BsonSerializationException: There is already a serializer registered for type Object. UPDATE Kind regards | ||||
| Comment by Robert Stam [ 21/Feb/23 ] | ||||
|
The important question to answer is whether this is safe. We don't want to defeat the security added by Most likely an anonymous type can be considered safe for serialization/deserialization if all of its properties are themselves safe for serialization/deserialization. |