refactor: Complete migration from Jackson to Gson across codebase

[ehsavoie]

Replace Jackson ObjectMapper with Gson throughout the codebase to eliminate Jackson dependency and provide custom serialization control.

Key Changes:
- Created JsonUtil.java with Gson-based OBJECT_MAPPER singleton
- Implemented 9 custom TypeAdapters for complex type handling:
* OffsetDateTimeTypeAdapter - ISO-8601 datetime serialization
* JSONRPCErrorTypeAdapter - Polymorphic error deserialization (12 error types)
* ThrowableTypeAdapter - Avoids Java 17+ reflection restrictions
* TaskStateTypeAdapter - Wire format enum serialization
* RoleTypeAdapter - Message.Role enum handling
* PartKindTypeAdapter - Part.Kind enum handling
* PartTypeAdapter - Polymorphic Part deserialization (Text/File/Data)
* StreamingEventKindTypeAdapter - Event type deserialization
* FileContentTypeAdapter - FileWithBytes/FileWithUri discrimination
- Added TaskSerializationTest with 21 comprehensive tests covering:
* Round-trip serialization for all Task components
* Direct JSON deserialization tests
* All Part types and FileContent variants
- Removed Jackson-specific deserializers and annotations
- Updated all usages across 142 files (client, server, extras, tests)
- Removed Jackson dependencies from spec/pom.xml

Technical Details:
- Thread-safe singleton OBJECT_MAPPER with all adapters registered
- Handles polymorphic types via two-pass parsing strategy
- Maintains wire format compatibility with existing JSON-RPC protocol
- Preserves null-safety with NullAway/JSpecify conventions

Fixes #487 🦕

[gemini-code-assist]

Summary of Changes

Hello @ehsavoie, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request completes a significant refactoring effort to transition the entire codebase from using Jackson for JSON processing to Gson. The primary goal is to remove the dependency on Jackson and gain more granular control over serialization, especially for complex and polymorphic types within the A2A Protocol. This change impacts all client, server, and utility modules that handle JSON data, ensuring a consistent and robust serialization layer across the SDK.

Highlights

• Complete Migration to Gson: The entire codebase has been migrated from Jackson to Gson for all JSON serialization and deserialization operations, eliminating the Jackson dependency.
• Custom TypeAdapters for Complex Types: Nine custom Gson TypeAdapters have been implemented in a new JsonUtil.java class to handle complex A2A Protocol types, including OffsetDateTime, polymorphic JSONRPCError, Throwable, various enums (TaskState, Message.Role, Part.Kind), polymorphic Part types (TextPart, FilePart, DataPart), polymorphic StreamingEventKind types (Task, Message, TaskStatusUpdateEvent, TaskArtifactUpdateEvent), and polymorphic FileContent types (FileWithBytes, FileWithUri). These adapters ensure correct wire format compatibility and address Java 17+ reflection restrictions.
• New JSON Utility and Exception Classes: A new io.a2a.json package has been introduced, containing JsonUtil.java (housing the pre-configured Gson instance and custom adapters), JsonProcessingException.java, and JsonMappingException.java. These custom exceptions replace their Jackson counterparts, making the SDK independent of any specific JSON library.
• Removal of Jackson Dependencies and Annotations: All Jackson-specific imports, annotations (e.g., @JsonCreator, @JsonProperty, @JsonInclude, @JsonTypeInfo, @JsonSubTypes), and custom deserializer/serializer classes have been removed from the codebase. The spec/pom.xml file now reflects the removal of Jackson dependencies and the addition of Gson.
• Comprehensive Task Serialization Testing: A new TaskSerializationTest.java has been added with 21 tests to thoroughly validate the serialization and deserialization of Task objects, covering all components, part types, file content variants, and round-trip integrity using the new Gson implementation.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This is an impressive and extensive refactoring to migrate the entire codebase from Jackson to Gson. The introduction of JsonUtil with custom TypeAdapters is a solid approach to abstracting the JSON library and handling the domain model's serialization complexities. The new and updated tests, especially TaskSerializationTest, provide good confidence in the new implementation.

My review has identified a few minor but important issues related to the migration. These include a potential data loss issue with numeric ID serialization, a missing annotation for a field name that is a Java keyword, and an overly broad exception catch. Addressing these points will help ensure the new implementation is fully robust and correct.

[ehsavoie]

/gemini review

[gemini-code-assist]

Code Review

This pull request migrates the project's JSON processing library from Jackson to Gson. This involved replacing all direct usages of Jackson's ObjectMapper and related classes with io.a2a.json.JsonUtil methods for serialization and deserialization. Custom JsonProcessingException and JsonMappingException classes were introduced in io.a2a.json to provide a library-agnostic exception hierarchy. Consequently, many import statements were updated, catch blocks were modified to handle the new exception types, and pom.xml files were adjusted to remove Jackson dependencies and add Gson. Additionally, custom Gson TypeAdapter implementations were added in JsonUtil to handle polymorphic types (like Part, StreamingEventKind, FileContent, JSONRPCError), enum serialization (TaskState, Message.Role, Part.Kind), and OffsetDateTime formatting. A review comment highlighted that the JSONRPCUtils class in spec-grpc was incorrectly converting numeric requestId values to strings during JSON-RPC error and result response serialization, which should be corrected to preserve the original numeric type for spec compliance.

[gemini-code-assist]

Similar to the previous comment, this change converts a numeric requestId to a string, altering its type in the JSON output. To maintain type consistency with the JSON-RPC specification, it's better to serialize numbers as numbers.

Suggested change

	output.name("id").value(Integer.toString(number.intValue()));
	output.name("id").value(number);

[ehsavoie]

With the suggested change the integer is serialized as 1.0 which is deserialized as a double and not an int

[kabir]

Looks good, apart from the FQN nitpicks.

I'm not totally sure about the integer handling though. It would be good to fix that, but if impossible feel free to merge.

[kabir]

This makes it look like it serialises {"key2": "42"} instead of {"key2"; 42}. Which might be fine, but also a bit strange

[jmesnil]

The removal of Jackson sounds good (it just needs to be removed from the parent pom too) but I'm not sure that the serialisation is correct (eg the kind field)

In the tests, we verify that we can unserialize/deserialize the object but the JSON strings does not comply with the 1.0 spec

More generally, there are too many unnecessary fields that complicates the API (code in Error, kind in payload, type in other classes

I also wonder if the domain class that have String values (Role, TaskState) should be updated to use the same values that the spec.

[jmesnil]

to remove

[jmesnil]

idem

[jmesnil]

I'm not sure that an int is correct here? What if the id is bigger than Integer.MAX?
Should we use instead a long?

[ehsavoie]

yes, should be better but the ID is supposed to be a String or an Integer

[jmesnil]

is it?

According to https://www.jsonrpc.org/specification#request_object:

An identifier established by the Client that MUST contain a String, Number, or NULL value if included. If it is not included it is assumed to be a notification. The value SHOULD normally not be Null [1] and Numbers SHOULD NOT contain fractional parts [2]

and a JSON Number is not tied to a Java int (https://www.json.org/json-en.html)

[jmesnil]

idem

[jmesnil]

that's not correct, I would expect to get a value that is compliant with the spec

"state": "TASK_STATE_SUBMITTED"

and not

"state": "submitted"

[ehsavoie]

This is a domain object serialization, not a protocol payload

[jmesnil]

and I'm wrong anyway, the json serialisation must use submitted according to https://a2a-protocol.org/latest/specification/#55-json-field-naming-convention

[jmesnil]

not spec compliant

[ehsavoie]

This is a domain object serialization, not a protocol payload

[jmesnil]

btw, mimeType should be renamed to mediaType (https://a2a-protocol.org/latest/specification/#417-filepart)

[ehsavoie]

This is a domain object serialization, not a protocol payload

[jmesnil]

not compliant

[jmesnil]

another note on my review, I've been working on updating the TCK after #484 and a lot of tests passes so we are able to receive/return valid JSON from our transports.

My comments about producing invalid JSON payload that is not compliant to the spec is not correct.
AIUI, this json serialisation is "internal" to the project and only serialised through the wire for replications and not for end-to-end communication.
Still, I wonder if we should have a internal JSON representation that is consistent with the spec.

[jmesnil]

one thing that trips me up is that all my comments are for the "internal" JSON payload that is not used by clients or server but is exposed by the API through the io.a2a.util.Utils class.
If that JSON representation is internal, it should not leak to the API.

[ehsavoie]

/gemini review

[gemini-code-assist]

Code Review

This is an impressive and comprehensive pull request that successfully migrates the entire codebase from Jackson to Gson. The creation of JsonUtil with custom TypeAdapters to handle polymorphic types and other custom serialization logic is well-executed. The abstraction of JSON processing exceptions is also a great improvement for library independence. The new TaskSerializationTest is thorough and provides excellent coverage for the new serialization logic.

I've found a couple of potential issues in the new JsonUtil related to the implementation of the custom TypeAdapters. One is a high-severity issue regarding incomplete configuration of delegate Gson instances which could lead to incorrect deserialization of nested complex types. The other is a medium-severity issue about a fragile heuristic for detecting Throwable types. Addressing these will make the new serialization utility more robust.

Overall, this is a high-quality refactoring effort. Great work!

[gemini-code-assist]

The delegateGson instance created here to avoid recursion is missing some of the custom type adapters registered on the main OBJECT_MAPPER, specifically JSONRPCErrorTypeAdapter. If a Part contains a JSONRPCError in its structure (e.g., in metadata), it will be deserialized using Gson's default mechanism instead of your custom adapter, leading to incorrect deserialization of error subclasses.

The same issue exists in StreamingEventKindTypeAdapter on line 606.

To fix this, you should ensure the delegate Gson instances are configured with all necessary adapters, except for the one that would cause recursion. A good approach would be to centralize the GsonBuilder configuration and reuse it.

For example, you could have a helper method:

private static GsonBuilder createBaseGsonBuilder() {
    return new GsonBuilder()
            .setObjectToNumberStrategy(ToNumberPolicy.LONG_OR_DOUBLE)
            .registerTypeAdapter(OffsetDateTime.class, new OffsetDateTimeTypeAdapter())
            .registerTypeHierarchyAdapter(JSONRPCError.class, new JSONRPCErrorTypeAdapter())
            .registerTypeAdapter(TaskState.class, new TaskStateTypeAdapter())
            .registerTypeAdapter(Message.Role.class, new RoleTypeAdapter())
            .registerTypeAdapter(Part.Kind.class, new PartKindTypeAdapter())
            .registerTypeHierarchyAdapter(FileContent.class, new FileContentTypeAdapter());
}

Then, the main OBJECT_MAPPER can be built like this:

public static final Gson OBJECT_MAPPER = createBaseGsonBuilder()
        .registerTypeHierarchyAdapter(Part.class, new PartTypeAdapter())
        .registerTypeHierarchyAdapter(StreamingEventKind.class, new StreamingEventKindTypeAdapter())
        .create();

And inside PartTypeAdapter, the delegate would be:

private final Gson delegateGson = createBaseGsonBuilder()
        // Add adapters that PartTypeAdapter might need, e.g., StreamingEventKindTypeAdapter if nesting is possible
        .registerTypeHierarchyAdapter(StreamingEventKind.class, new StreamingEventKindTypeAdapter())
        .create();

This ensures consistent adapter registration. You'll need to manage the recursive dependencies carefully.

This is a high severity issue because it can lead to data corruption or ClassCastExceptions at runtime if nested polymorphic types are used.

[gemini-code-assist]

The current heuristic for detecting a serialized Throwable in the data field (obj.has("type") && obj.has("message") && obj.size() == 2) is a bit fragile. Any other JSON object that happens to have exactly these two fields will be incorrectly deserialized as a Throwable.

A more robust approach could be to check if the value of the type field corresponds to a class that extends Throwable. While this involves reflection, it would prevent incorrect deserialization of valid data objects. For example:

try {
    Class<?> dataClass = Class.forName(obj.get("type").getAsString());
    if (Throwable.class.isAssignableFrom(dataClass)) {
        // It's a throwable, deserialize it as such
        yield THROWABLE_ADAPTER.read(new com.google.gson.stream.JsonReader(
            new java.io.StringReader(element.toString())));
    }
} catch (ClassNotFoundException e) {
    // Not a known class, or not a throwable, proceed to default deserialization
}

This is a conceptual suggestion. The implementation would need to be careful about performance and security if loading arbitrary classes. An alternative could be to add a specific marker field to serialized Throwables.

[jmesnil]

PR looks good to me in its current state.

However, I think we should clarify the exposure of the internal JSON serialisation in the API (through the Utils class).
If we need to use an internal wire format inside a2a-java, there is no reason to expose it in our user API.

[jmesnil]

The ctor parameter is required or the type field?

[jmesnil]

tracked by #522

[jmesnil]

@ehsavoie This review raised a few questions I have over the design of the code and I created #523 to clarify them.

[jmesnil]

@ehsavoie thanks!