将“使私有或可序列化”错误标记为误报
[英]Marking "make private or Serializable" error as false-positive
问题描述
In one of my Serializable class, Sonar is complaining, "Make empName transient or Serializable" for below property.
在我的一个 Serializable 类中,Sonar 抱怨以下属性的“使 empName 为瞬态或可序列化”。 I changed Object to Serializable ( protected Map<String, Serializable> empName; ).我将 Object 更改为 Serializable ( protected Map<String, Serializable> empName; )。 Now its giving "Make empName private or Serializable" error.现在它给出了“将 empName 设为私有或可序列化”错误。 My question is, can I mark it as false positive because if the type of the value is Serializable then Java will give error either at compile time or runtime ?我的问题是,我可以将它标记为误报,因为如果值的类型是 Serializable 那么 Java 会在编译时或运行时给出错误吗?
Property Declaration:财产声明:
protected Map<String, Object> empName;
Thanks谢谢
1 个解决方案
解决方案1
1 已采纳 2020-01-01 12:04:04
No. It is not a false positive, in general.不。一般来说,这不是误报。 The interface Map does not implement Serializable .接口Map没有实现Serializable 。 Therefore empName could refer to a non-serializable map, which would lead to a runtime exception.因此, empName可能引用不可序列化的映射,这将导致运行时异常。
In some contexts, this could be a false positive.在某些情况下,这可能是误报。 For example, if can proved that empName is never assigned a non-serializable map, then this is a false positive.例如,如果可以证明empName从未分配过不可序列化的映射,那么这是误报。
However, since you have declared the field as protected and not final , you would need to analyze the class containing this declaration and all possible subclasses , and check all assignments to the field.但是,由于您已将该字段声明为protected而不是final ,您需要分析包含此声明的类和所有可能的子类,并检查对该字段的所有分配。 (Indeed, if you want to be really thorough you also need for reflective assignments.) (事实上,如果你想真正彻底,你还需要反思性的作业。)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.