[
https://issues.apache.org/jira/browse/OFBIZ-9691?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dennis Balkir updated OFBIZ-9691:
---------------------------------
Attachment: OFBIZ-9691_org.apache.ofbiz.service.calendar_bugfixes.patch
> [FB] Package org.apache.ofbiz.service.calendar
> ----------------------------------------------
>
> Key: OFBIZ-9691
> URL: https://issues.apache.org/jira/browse/OFBIZ-9691
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework
> Affects Versions: Trunk
> Reporter: Dennis Balkir
> Priority: Minor
> Attachments:
> OFBIZ-9691_org.apache.ofbiz.service.calendar_bugfixes.patch
>
>
> - ExpressionUiHelper.java:42, MS_PKGPROTECT
> MS: org.apache.ofbiz.service.calendar.ExpressionUiHelper.Occurrence should be
> package protected
> A mutable static field could be changed by malicious code or by accident. The
> field could be made package protected to avoid this vulnerability.
> - RecurrenceInfo.java:-1, SE_BAD_FIELD
> Se: Class org.apache.ofbiz.service.calendar.RecurrenceInfo$RecurrenceWrapper
> defines non-transient non-serializable instance field info
> This Serializable class defines a non-primitive instance field which is
> neither transient, Serializable, or java.lang.Object, and does not appear to
> implement the Externalizable interface or the readObject() and writeObject()
> methods. Objects of this class will not be deserialized correctly if a
> non-Serializable object is stored in this field.
> - RecurrenceInfo.java:117, EI_EXPOSE_REP
> EI: org.apache.ofbiz.service.calendar.RecurrenceInfo.getStartDate() may
> expose internal representation by returning RecurrenceInfo.startDate
> Returning a reference to a mutable object value stored in one of the object's
> fields exposes the internal representation of the object. If instances are
> accessed by untrusted code, and unchecked changes to the mutable object would
> compromise security or other important properties, you will need to do
> something different. Returning a new copy of the object is better approach in
> many situations.
> - RecurrenceInfo.java:349, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.service.calendar.RecurrenceInfo$RecurrenceWrapper is
> Serializable; consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - RecurrenceRule.java:197, DM_CONVERT_CASE
> Dm: Use of non-localized String.toUpperCase() or String.toLowerCase() in
> org.apache.ofbiz.service.calendar.RecurrenceRule.getFrequencyName()
> A String is being converted to upper or lowercase, using the platform's
> default encoding. This may result in improper conversions when used with
> international characters. Use the
> String.toUpperCase( Locale l )
> String.toLowerCase( Locale l )
> versions instead.
> - RecurrenceRule.java:321, SF_SWITCH_NO_DEFAULT
> SF: Switch statement found in
> org.apache.ofbiz.service.calendar.RecurrenceRule.validCurrent(long, long,
> long) where default case is missing
> This method contains a switch statement where default case is missing.
> Usually you need to provide a default case.
> Because the analysis only looks at the generated bytecode, this warning can
> be incorrect triggered if the default case is at the end of the switch
> statement and the switch statement doesn't contain break statements for other
> cases.
> - RecurrenceRule.java:335, SF_SWITCH_FALLTHROUGH
> SF: Switch statement found in
> org.apache.ofbiz.service.calendar.RecurrenceRule.validCurrent(long, long,
> long) where one case falls through to the next case
> This method contains a switch statement where one case branch will fall
> through to the next case. Usually you need to end this case with a break or
> return.
> - RecurrenceRule.java:724, NP_NULL_ON_SOME_PATH
> NP: Possible null pointer dereference of day in
> org.apache.ofbiz.service.calendar.RecurrenceRule.getCalendarDay(String)
> There is a branch of statement that, if executed, guarantees that a null
> value will be dereferenced, which would generate a NullPointerException when
> the code is executed. Of course, the problem might be that the branch or
> statement is infeasible and that the null pointer exception can't ever be
> executed; deciding that is beyond the ability of FindBugs.
> - TemporalExpression.java:47, EQ_COMPARETO_USE_OBJECT_EQUALS
> Eq: org.apache.ofbiz.service.calendar.TemporalExpression defines
> compareTo(TemporalExpression) and uses Object.equals()
> This class defines a compareTo(...) method but inherits its equals() method
> from java.lang.Object. Generally, the value of compareTo should return zero
> if and only if equals returns true. If this is violated, weird and
> unpredictable failures will occur in classes such as PriorityQueue. In Java 5
> the PriorityQueue.remove method uses the compareTo method, while in Java 6 it
> uses the equals method.
> From the JavaDoc for the compareTo method in the Comparable interface:
> It is strongly recommended, but not strictly required that
> (x.compareTo(y)==0) == (x.equals(y)). Generally speaking, any class that
> implements the Comparable interface and violates this condition should
> clearly indicate this fact. The recommended language is "Note: this class has
> a natural ordering that is inconsistent with equals."
> - TemporalExpression.java:81, DLS_DEAD_LOCAL_STORE
> DLS: Dead store to last in
> org.apache.ofbiz.service.calendar.TemporalExpression.getRange(DateRange,
> Calendar)
> This instruction assigns a value to a local variable, but the value is not
> read or used in any subsequent instruction. Often, this indicates an error,
> because the value computed is never used.
> Note that Sun's javac compiler often generates dead stores for final local
> variables. Because FindBugs is a bytecode-based tool, there is no easy way to
> eliminate these false positives.
> - TemporalExpression.java:139, SIC_INNER_SHOULD_BE_STATIC
> SIC: Should
> org.apache.ofbiz.service.calendar.TemporalExpression$ExpressionContext be a
> _static_ inner class?
> This class is an inner class, but does not use its embedded reference to the
> object which created it. This reference makes the instances of the class
> larger, and may keep the reference to the creator object alive longer than
> necessary. If possible, the class should be made static.
> - TemporalExpression.java:142, URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD
> UrF: Unread public/protected field:
> org.apache.ofbiz.service.calendar.TemporalExpression$ExpressionContext.monthBumped
> This field is never read. The field is public or protected, so perhaps it is
> intended to be used with classes not seen as part of the analysis. If not,
> consider removing it from the class.
> - TemporalExpressionWorker.java:166, MS_EXPOSE_REP
> MS: Public static
> org.apache.ofbiz.service.calendar.TemporalExpressionWorker.getExpressionTypeList()
> may expose internal representation by returning
> TemporalExpressionWorker.ExpressionTypeList
> A public static method returns a reference to an array that is part of the
> static state of the class. Any code that calls this method can freely modify
> the underlying array. One fix is to return a copy of the array.
> - TemporalExpressions.java:36, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions is Serializable;
> consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - TemporalExpressions.java:63, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$DateRange is
> Serializable; consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - TemporalExpressions.java:81, HE_EQUALS_USE_HASHCODE
> HE: org.apache.ofbiz.service.calendar.TemporalExpressions$DateRange defines
> equals and uses Object.hashCode()
> This class overrides equals(Object), but does not override hashCode(), and
> inherits the implementation of hashCode() from java.lang.Object (which
> returns the identity hash code, an arbitrary value assigned to the object by
> the VM). Therefore, the class is very likely to violate the invariant that
> equal objects must have equal hashcodes.
> If you don't think instances of this class will ever be inserted into a
> HashMap/HashTable, the recommended hashCode implementation to use is:
> public int hashCode() {
> assert false : "hashCode not designed";
> return 42; // any arbitrary constant will do
> }
>
> - TemporalExpressions.java:81, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
> NP:
> org.apache.ofbiz.service.calendar.TemporalExpressions$DateRange.equals(Object)
> does not check for null argument
> This implementation of equals(Object) violates the contract defined by
> java.lang.Object.equals() because it does not check for null being passed as
> the argument. All equals() methods should return false if passed a null value.
> - TemporalExpressions.java:133, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$DayInMonth is
> Serializable; consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - TemporalExpressions.java:179, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
> NP:
> org.apache.ofbiz.service.calendar.TemporalExpressions$DayInMonth.equals(Object)
> does not check for null argument
> This implementation of equals(Object) violates the contract defined by
> java.lang.Object.equals() because it does not check for null being passed as
> the argument. All equals() methods should return false if passed a null value.
> - TemporalExpressions.java:179, HE_EQUALS_USE_HASHCODE
> HE: org.apache.ofbiz.service.calendar.TemporalExpressions$DayInMonth defines
> equals and uses Object.hashCode()
> This class overrides equals(Object), but does not override hashCode(), and
> inherits the implementation of hashCode() from java.lang.Object (which
> returns the identity hash code, an arbitrary value assigned to the object by
> the VM). Therefore, the class is very likely to violate the invariant that
> equal objects must have equal hashcodes.
> If you don't think instances of this class will ever be inserted into a
> HashMap/HashTable, the recommended hashCode implementation to use is:
> public int hashCode() {
> assert false : "hashCode not designed";
> return 42; // any arbitrary constant will do
> }
>
> - TemporalExpressions.java:268, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$DayOfMonthRange
> is Serializable; consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - TemporalExpressions.java:297, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
> NP:
> org.apache.ofbiz.service.calendar.TemporalExpressions$DayOfMonthRange.equals(Object)
> does not check for null argument
> This implementation of equals(Object) violates the contract defined by
> java.lang.Object.equals() because it does not check for null being passed as
> the argument. All equals() methods should return false if passed a null value.
> - TemporalExpressions.java:297, HE_EQUALS_USE_HASHCODE
> HE: org.apache.ofbiz.service.calendar.TemporalExpressions$DayOfMonthRange
> defines equals and uses Object.hashCode()
> This class overrides equals(Object), but does not override hashCode(), and
> inherits the implementation of hashCode() from java.lang.Object (which
> returns the identity hash code, an arbitrary value assigned to the object by
> the VM). Therefore, the class is very likely to violate the invariant that
> equal objects must have equal hashcodes.
> If you don't think instances of this class will ever be inserted into a
> HashMap/HashTable, the recommended hashCode implementation to use is:
> public int hashCode() {
> assert false : "hashCode not designed";
> return 42; // any arbitrary constant will do
> }
>
> - TemporalExpressions.java:371, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$DayOfWeekRange is
> Serializable; consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - TemporalExpressions.java:402, HE_EQUALS_USE_HASHCODE
> HE: org.apache.ofbiz.service.calendar.TemporalExpressions$DayOfWeekRange
> defines equals and uses Object.hashCode()
> This class overrides equals(Object), but does not override hashCode(), and
> inherits the implementation of hashCode() from java.lang.Object (which
> returns the identity hash code, an arbitrary value assigned to the object by
> the VM). Therefore, the class is very likely to violate the invariant that
> equal objects must have equal hashcodes.
> If you don't think instances of this class will ever be inserted into a
> HashMap/HashTable, the recommended hashCode implementation to use is:
> public int hashCode() {
> assert false : "hashCode not designed";
> return 42; // any arbitrary constant will do
> }
>
> - TemporalExpressions.java:402, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
> NP:
> org.apache.ofbiz.service.calendar.TemporalExpressions$DayOfWeekRange.equals(Object)
> does not check for null argument
> This implementation of equals(Object) violates the contract defined by
> java.lang.Object.equals() because it does not check for null being passed as
> the argument. All equals() methods should return false if passed a null value.
> - TemporalExpressions.java:497, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$Difference is
> Serializable; consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - TemporalExpressions.java:524, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
> NP:
> org.apache.ofbiz.service.calendar.TemporalExpressions$Difference.equals(Object)
> does not check for null argument
> This implementation of equals(Object) violates the contract defined by
> java.lang.Object.equals() because it does not check for null being passed as
> the argument. All equals() methods should return false if passed a null value.
> - TemporalExpressions.java:524, HE_EQUALS_USE_HASHCODE
> HE: org.apache.ofbiz.service.calendar.TemporalExpressions$Difference defines
> equals and uses Object.hashCode()
> This class overrides equals(Object), but does not override hashCode(), and
> inherits the implementation of hashCode() from java.lang.Object (which
> returns the identity hash code, an arbitrary value assigned to the object by
> the VM). Therefore, the class is very likely to violate the invariant that
> equal objects must have equal hashcodes.
> If you don't think instances of this class will ever be inserted into a
> HashMap/HashTable, the recommended hashCode implementation to use is:
> public int hashCode() {
> assert false : "hashCode not designed";
> return 42; // any arbitrary constant will do
> }
>
> - TemporalExpressions.java:595, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$Frequency is
> Serializable; consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - TemporalExpressions.java:605, EI_EXPOSE_REP2
> EI2: new
> org.apache.ofbiz.service.calendar.TemporalExpressions$Frequency(Date, int,
> int) may expose internal representation by storing an externally mutable
> object into TemporalExpressions$Frequency.start
> This code stores a reference to an externally mutable object into the
> internal representation of the object. If instances are accessed by
> untrusted code, and unchecked changes to the mutable object would compromise
> security or other important properties, you will need to do something
> different. Storing a copy of the object is better approach in many situations.
> - TemporalExpressions.java:624, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
> NP:
> org.apache.ofbiz.service.calendar.TemporalExpressions$Frequency.equals(Object)
> does not check for null argument
> This implementation of equals(Object) violates the contract defined by
> java.lang.Object.equals() because it does not check for null being passed as
> the argument. All equals() methods should return false if passed a null value.
> - TemporalExpressions.java:624, HE_EQUALS_USE_HASHCODE
> HE: org.apache.ofbiz.service.calendar.TemporalExpressions$Frequency defines
> equals and uses Object.hashCode()
> This class overrides equals(Object), but does not override hashCode(), and
> inherits the implementation of hashCode() from java.lang.Object (which
> returns the identity hash code, an arbitrary value assigned to the object by
> the VM). Therefore, the class is very likely to violate the invariant that
> equal objects must have equal hashcodes.
> If you don't think instances of this class will ever be inserted into a
> HashMap/HashTable, the recommended hashCode implementation to use is:
> public int hashCode() {
> assert false : "hashCode not designed";
> return 42; // any arbitrary constant will do
> }
>
> - TemporalExpressions.java:738, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$HourRange is
> Serializable; consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - TemporalExpressions.java:767, HE_EQUALS_USE_HASHCODE
> HE: org.apache.ofbiz.service.calendar.TemporalExpressions$HourRange defines
> equals and uses Object.hashCode()
> This class overrides equals(Object), but does not override hashCode(), and
> inherits the implementation of hashCode() from java.lang.Object (which
> returns the identity hash code, an arbitrary value assigned to the object by
> the VM). Therefore, the class is very likely to violate the invariant that
> equal objects must have equal hashcodes.
> If you don't think instances of this class will ever be inserted into a
> HashMap/HashTable, the recommended hashCode implementation to use is:
> public int hashCode() {
> assert false : "hashCode not designed";
> return 42; // any arbitrary constant will do
> }
>
> - TemporalExpressions.java:767, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
> NP:
> org.apache.ofbiz.service.calendar.TemporalExpressions$HourRange.equals(Object)
> does not check for null argument
> This implementation of equals(Object) violates the contract defined by
> java.lang.Object.equals() because it does not check for null being passed as
> the argument. All equals() methods should return false if passed a null value.
> - TemporalExpressions.java:874, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$Intersection is
> Serializable; consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - TemporalExpressions.java:915, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
> NP:
> org.apache.ofbiz.service.calendar.TemporalExpressions$Intersection.equals(Object)
> does not check for null argument
> This implementation of equals(Object) violates the contract defined by
> java.lang.Object.equals() because it does not check for null being passed as
> the argument. All equals() methods should return false if passed a null value.
> - TemporalExpressions.java:915, HE_EQUALS_USE_HASHCODE
> HE: org.apache.ofbiz.service.calendar.TemporalExpressions$Intersection
> defines equals and uses Object.hashCode()
> This class overrides equals(Object), but does not override hashCode(), and
> inherits the implementation of hashCode() from java.lang.Object (which
> returns the identity hash code, an arbitrary value assigned to the object by
> the VM). Therefore, the class is very likely to violate the invariant that
> equal objects must have equal hashcodes.
> If you don't think instances of this class will ever be inserted into a
> HashMap/HashTable, the recommended hashCode implementation to use is:
> public int hashCode() {
> assert false : "hashCode not designed";
> return 42; // any arbitrary constant will do
> }
>
> - TemporalExpressions.java:995, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$MinuteRange is
> Serializable; consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - TemporalExpressions.java:1024, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
> NP:
> org.apache.ofbiz.service.calendar.TemporalExpressions$MinuteRange.equals(Object)
> does not check for null argument
> This implementation of equals(Object) violates the contract defined by
> java.lang.Object.equals() because it does not check for null being passed as
> the argument. All equals() methods should return false if passed a null value.
> - TemporalExpressions.java:1024, HE_EQUALS_USE_HASHCODE
> HE: org.apache.ofbiz.service.calendar.TemporalExpressions$MinuteRange defines
> equals and uses Object.hashCode()
> This class overrides equals(Object), but does not override hashCode(), and
> inherits the implementation of hashCode() from java.lang.Object (which
> returns the identity hash code, an arbitrary value assigned to the object by
> the VM). Therefore, the class is very likely to violate the invariant that
> equal objects must have equal hashcodes.
> If you don't think instances of this class will ever be inserted into a
> HashMap/HashTable, the recommended hashCode implementation to use is:
> public int hashCode() {
> assert false : "hashCode not designed";
> return 42; // any arbitrary constant will do
> }
>
> - TemporalExpressions.java:1129, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$MonthRange is
> Serializable; consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - TemporalExpressions.java:1160, HE_EQUALS_USE_HASHCODE
> HE: org.apache.ofbiz.service.calendar.TemporalExpressions$MonthRange defines
> equals and uses Object.hashCode()
> This class overrides equals(Object), but does not override hashCode(), and
> inherits the implementation of hashCode() from java.lang.Object (which
> returns the identity hash code, an arbitrary value assigned to the object by
> the VM). Therefore, the class is very likely to violate the invariant that
> equal objects must have equal hashcodes.
> If you don't think instances of this class will ever be inserted into a
> HashMap/HashTable, the recommended hashCode implementation to use is:
> public int hashCode() {
> assert false : "hashCode not designed";
> return 42; // any arbitrary constant will do
> }
>
> - TemporalExpressions.java:1160, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
> NP:
> org.apache.ofbiz.service.calendar.TemporalExpressions$MonthRange.equals(Object)
> does not check for null argument
> This implementation of equals(Object) violates the contract defined by
> java.lang.Object.equals() because it does not check for null being passed as
> the argument. All equals() methods should return false if passed a null value.
> - TemporalExpressions.java:1244, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$Null is
> Serializable; consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - TemporalExpressions.java:1273, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$Substitution is
> Serializable; consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - TemporalExpressions.java:1307, HE_EQUALS_USE_HASHCODE
> HE: org.apache.ofbiz.service.calendar.TemporalExpressions$Substitution
> defines equals and uses Object.hashCode()
> This class overrides equals(Object), but does not override hashCode(), and
> inherits the implementation of hashCode() from java.lang.Object (which
> returns the identity hash code, an arbitrary value assigned to the object by
> the VM). Therefore, the class is very likely to violate the invariant that
> equal objects must have equal hashcodes.
> If you don't think instances of this class will ever be inserted into a
> HashMap/HashTable, the recommended hashCode implementation to use is:
> public int hashCode() {
> assert false : "hashCode not designed";
> return 42; // any arbitrary constant will do
> }
>
> - TemporalExpressions.java:1307, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
> NP:
> org.apache.ofbiz.service.calendar.TemporalExpressions$Substitution.equals(Object)
> does not check for null argument
> This implementation of equals(Object) violates the contract defined by
> java.lang.Object.equals() because it does not check for null being passed as
> the argument. All equals() methods should return false if passed a null value.
> - TemporalExpressions.java:1380, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$Union is
> Serializable; consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - TemporalExpressions.java:1414, HE_EQUALS_USE_HASHCODE
> HE: org.apache.ofbiz.service.calendar.TemporalExpressions$Union defines
> equals and uses Object.hashCode()
> This class overrides equals(Object), but does not override hashCode(), and
> inherits the implementation of hashCode() from java.lang.Object (which
> returns the identity hash code, an arbitrary value assigned to the object by
> the VM). Therefore, the class is very likely to violate the invariant that
> equal objects must have equal hashcodes.
> If you don't think instances of this class will ever be inserted into a
> HashMap/HashTable, the recommended hashCode implementation to use is:
> public int hashCode() {
> assert false : "hashCode not designed";
> return 42; // any arbitrary constant will do
> }
>
> - TemporalExpressions.java:1414, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
> NP:
> org.apache.ofbiz.service.calendar.TemporalExpressions$Union.equals(Object)
> does not check for null argument
> This implementation of equals(Object) violates the contract defined by
> java.lang.Object.equals() because it does not check for null being passed as
> the argument. All equals() methods should return false if passed a null value.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
