This is part of the NServiceBus Upgrade Guide from Version 7 to 8, which also includes the following individual upgrade guides for specific components:
- Upgrading the data bus from version 7 to 8
- Dependency Injection changes
- Upgrade NServiceBus downstreams from Version 7 to 8
- Upgrading message contracts from Version 7 to 8
- Upgrade NServiceBus pipeline extensions from Version 7 to 8
- Transport configuration changes
- Upgrade AmazonSQS Transport Version 5 to 6
- Azure Service Bus Transport Upgrade Version 2 to 3
- Azure Storage Queues Transport Upgrade Version 10 to 11
- MSMQ Transport Upgrade Version 1 to 2
- RabbitMQ Transport Upgrade Version 7 to 8
- SQL Server Transport Upgrade Version 6 to 7
NewtonsoftSerializer is obsolete in NServiceBus version 8. It uses
TypeNameHandling. as its default value which can be a security risk as it allows the message payload to control the deserialization target type. See CA2326: Do not use TypeNameHandling values other than None for further details on this vulnerability.
A new serializer
NewtonsoftJsonSerializer has been introduced which uses
TypeNameHandling. as its default value.
var serialization = endpointConfiguration.UseSerialization<NewtonsoftSerializer>();
var serialization = endpointConfiguration.UseSerialization<NewtonsoftJsonSerializer>();
TypeNameHandling. is required, customize the instance of JsonSerializerSettings used for serialization. See the Json.Net Serializer documentation for more information.