Comment by voodooEntity

Well im working alot with json in my job and privat coding life used from all sorts of different languages, and so far i always could sort stuff out.

And well - if anyone trusts external coders he should be damned (or isnt he already for doing so? never trust external data - the golden rule...)

Your case is interesting, i worked with Neo4j years ago in a PHP project and never run into such issues, but maybe i was just lucky.

Nowadays i code mostly golang and im always making sure that whatever an external party sends me is what im expecting (validation ...).

To your point of preventing somebody to write bad code - i've given up on that. Whenever i thought the environment will enforce someone to write proper code, people proof me to be wrong be finding new ways to do the most absurd things.

But ye, its worth a try.

So - why i question such a thing? Because i'm not a fan of adding more and more 3'rd party dependencies to my projects. And while confetti might be a good thing (i never said it can't be) it wont get into any default packaging in a forseeable future meaning i have to make sure that the dependency stays stable which adds another task and liability on my end. So instead of having to deal with the devil i know (validating json data) i have to deal with a new one to eliminate the old one.

Time will tell if confetti will make its way into stable reliable state for common languages - than i might give it a try.