> I'd sooner criticize a parser for mangling numbers above 2^53 (also allowed by the spec)
The spec has something specifically to say about this[0]:
> Note that when such software is used, numbers that are integers and are in the range [-(253)+1, (253)-1] are interoperable in the sense that implementations will agree exactly on their numeric values.
Basically, allow up to 2^53, and you ought to be fine.
Agreed, such a parse would be "to spec". It says "An implementation may set limits on the maximum depth of nesting. An implementation may set limits on the range and precision of numbers."
On a practical level, parsers not handling 64-bit ints has bit me more than parsers not handling 1000+ levels of nesting.
I'd sooner criticize a parser for mangling numbers above 2^53 (also allowed by the spec) than not allowing thousands of nested arrays.
---
* Except that this is potential DoS vector. From that angle, it has some interest.