Good point, but then I'm not sure the decoder could be used for untrusted json anymore.

Another solution would be to generate a schema in a separate variable, which would represent the JSON structure with Python types.

Also, there's still simple regexp pattern matching that could also be good enough.