Uploaded image for project: 'Rules Repository'
  1. Rules Repository
  2. RSPEC-2058

Non-serializable values should not be stored in "Serializable" classes

    Details

    • Type: Finding Detection
    • Status: Closed
    • Resolution: Duplicate
    • Labels:
    • Message:
      "XXX" is a "Serializable" class, and a non-serializable "YYY" is being stored in it.
    • Default Severity:
      Critical
    • Impact:
      High
    • Likelihood:
      Low
    • Default Quality Profiles:
      Sonar way
    • Targeted languages:
      Java
    • Remediation Function:
      Constant/Issue
    • Constant Cost:
      45min
    • PMD:
      BeanMembersShouldSerialize

      Description

      Instances of a Serializable class can be saved out to file and rehydrated at leisure. But that only works when all the values in the class instance are themselves Serializable (or transient). Storing a non-serializable value in a Serializable class will prevent the serialization of that class.

      Noncompliant Code Example

       
      interface Fruit extends Serializable {...} 
      class Gooseberry implements Fruit { // Nonserializable because of Thread field 
        Thread thread; 
      } 
      
      class Bowl implements Serializable { 
        private static final long serialVersionUID = 1; 
      
        private Fruit fruit = new Gooseberry(); //Non-Compliant 
      } 
      

      Compliant Solution

       
      interface Fruit implements Serializable {...} 
      class Gooseberry implements Fruit {...} //Serializable 
      
      class Bowl implements Serializable { 
        private static final long serialVersionUID = 1; 
      
        private Fruit fruit = new Gooseberry(); //Compliant, Gooseberry is serializable 
      } 
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                ann.campbell.2 Ann Campbell
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: