Find unsafe parsing, encoding mismatches, data loss risks, schema validation gaps, and format interop issues — before they corrupt your production data.
JSON.parse without try/catch. parseFloat on currency values. Buffer operations without explicit encoding. These mistakes silently corrupt data, lose precision, and crash APIs at 3am. SerdeLint scans your entire codebase for serialization anti-patterns, encoding mismatches, and data loss risks so your data arrives exactly as intended.
90 checks across 6 categories, covering every aspect of data serialization safety and encoding correctness.
Detects JSON.parse without try/catch, eval-based deserialization, unchecked XML parsing vulnerable to XXE, YAML.load without safe mode, and unvalidated input flowing directly into parsers.
Finds Buffer.from without explicit encoding, mixed UTF-8 and Latin-1 operations, base64 decode without padding validation, implicit charset conversions, and encoding assumptions that break on international data.
Catches parseFloat used for currency calculations, integer overflow on large IDs, silent truncation of decimal precision, Date serialization losing timezone information, and BigInt values silently converted to Number.
Detects missing schema validation on API boundaries, deserialized data used without type checking, optional fields assumed to be present, missing default values for nullable fields, and unversioned schemas.
Finds JSON-to-XML conversion losing attributes, YAML anchor injection vulnerabilities, CSV parsing without proper quoting, protobuf field number reuse, and inconsistent date format assumptions across API boundaries.
Catches circular reference risks in JSON.stringify, missing toJSON implementations, sensitive data leaking into serialized output, unbounded serialization of large objects, and custom serializers without error handling.
Purpose-built for serialization safety. Not a generic linter with a couple JSON rules bolted on.
| Capability | SerdeLint | Manual Review | ESLint | SonarQube | Semgrep |
|---|---|---|---|---|---|
| Unsafe parsing detection | ✓ 15 rules | Ad hoc | Partial | Partial | Partial |
| Encoding mismatch analysis | ✓ 15 rules | Ad hoc | ✗ | ✗ | ✗ |
| Data loss detection | ✓ 15 rules | ✗ | ✗ | Partial | ✗ |
| Schema validation gaps | ✓ 15 rules | Ad hoc | ✗ | ✗ | Partial |
| Format interop issues | ✓ 15 rules | Ad hoc | ✗ | ✗ | ✗ |
| Serialization output checks | ✓ 15 rules | Ad hoc | ✗ | Partial | ✗ |
| Static analysis (no runtime) | ✓ | ✓ | ✓ | ✓ | ✓ |
| 100% local / zero telemetry | ✓ | ✓ | ✓ | ✗ | Partial |
| Score & grading system | ✓ | ✗ | ✗ | ✓ | ✗ |
| Zero configuration | ✓ | N/A | ✗ | ✗ | ✗ |
Start scanning for free. Upgrade when your data pipeline demands it.
No spam. One email per week max. Unsubscribe anytime.
Install SerdeLint in 30 seconds. Find every unsafe parse, encoding mismatch, and data loss risk before your users find them for you.