BinaryFormatter disabled across most project types
The BinaryFormatter.Serialize(Stream, Object) and BinaryFormatter.Deserialize(Stream) methods now throw a NotSupportedException at run time across nearly all project types, including console applications.
Previous behavior
In .NET 7, the BinaryFormatter.Serialize(Stream, Object) and BinaryFormatter.Deserialize(Stream) methods were marked obsolete and raised an error at compile time. However, if your application suppressed the obsoletion, it could still call the methods and they functioned properly in most project types (excluding ASP.NET, WASM, and MAUI). For example, the APIs functioned correctly in a console app.
New behavior
Starting in .NET 8, the affected methods throw a NotSupportedException at run time across all project types except Windows Forms and WPF. The APIs continue to remain obsolete (as error) across all project types, including Windows Forms and WPF.
Version introduced
.NET 8 Preview 4
Type of breaking change
This change is a behavioral change.
Reason for change
This run-time change is the next stage of the BinaryFormatter obsoletion plan, in which BinaryFormatter will eventually be removed from .NET.
Recommended action
The best course of action is to migrate away from BinaryFormatter due to its security and reliability flaws. For more information, see Preferred alternatives.
If you need to continue using BinaryFormatter, you can set a compatibility switch in your project file to re-enable BinaryFormatter functionality. For more information, see the Recommended action section of the .NET 7 breaking change notification. That compatibility switch continues to be honored in .NET 8.
Affected APIs
- System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Serialize(Stream, Object)
- System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Deserialize(Stream)
