Remove hard dependency on Newtonsoft serialization

[soenneker]

My understanding is Hangfire depends on Newtonsoft to serialize jobs and the objects being passed through them.

We'd like to utilize System.Text.Json as this is one of the last dependencies we have that requires Newtonsoft (and thus a lot of extra decoration/overhead).

Thanks

[RyanGaudion]

+1 to this. Want to be able to move solely to ‎System.Text.Json

[david-ernstsson-stratsys]

+1 to this, we never use Newtonsoft otherwise these days and might move to Quartz otherwise. GitHub dependabot even gives security warning for the current Newtonsoft version used...

[ohroy]

+1 Quartz use Newtonsoft too. But it spilt the serialization to a independent package. It is a more elegant choice in terms of design

[mike-geiger]

Wanted to bump this Newtonsoft.Json versions <13.0.1 have 2 high vulnerabilities. The reference should be updated to 13.0.1 or higher. I would also like to eliminate it completely, but at a minimum it should reference the version that has been fixed.

https://ossindex.sonatype.org/component/pkg:nuget/Newtonsoft.Json

[M144-Coder]

I hope the Hangfire team @odinserj really consider this, we can't move to System.Text.Json on several projects because we rely on using Hangfire with custom json converters. The converters can be migrated to System.Text.Json but Hangfire has a dependency on Newtonsoft Json library.

I think this not very hard to accomplish, as Hangfire uses one class to make the serialization which is SerializationHelper. For instance, If this class is changed to an interface and the implementations is seperated into two different packages with NewtonsoftJsonSerializationHelper and TextJsonSerializationHelper as implementations it will be very easy for developers to choose their respective serialization library.

[soenneker]

@M144-Coder It doesn't look like @odinserj is interested in fixing it (https://github.com/HangfireIO/Hangfire/issues/2202), so it'll need to be someone else I guess