[
https://issues.apache.org/jira/browse/OFBIZ-9713?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Brohl closed OFBIZ-9713.
--------------------------------
Resolution: Implemented
Fix Version/s: Upcoming Release
Thanks Dennis,
your slightly modified patch is in trunk r1813633.
> [FB] Package org.apache.ofbiz.entity.condition
> ----------------------------------------------
>
> Key: OFBIZ-9713
> URL: https://issues.apache.org/jira/browse/OFBIZ-9713
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework
> Affects Versions: Trunk
> Reporter: Dennis Balkir
> Assignee: Michael Brohl
> Priority: Minor
> Fix For: Upcoming Release
>
> Attachments:
> OFBIZ-9713_org.apache.ofbiz.entity.condition_bugfixes.patch
>
>
> - EntityClause.java:142, RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE
> RCN: Redundant nullcheck of
> org.apache.ofbiz.entity.condition.EntityOperator.getCode(), which is known to
> be non-null in org.apache.ofbiz.entity.condition.EntityClause.toString()
> This method contains a redundant check of a known non-null value against the
> constant null.
> - EntityClause.java:144, RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE
> RCN: Redundant nullcheck of Object.toString(), which is known to be non-null
> in org.apache.ofbiz.entity.condition.EntityClause.toString()
> This method contains a redundant check of a known non-null value against the
> constant null.
> - EntityConditionBase.java:104, EQ_UNUSUAL
> Eq: org.apache.ofbiz.entity.condition.EntityConditionBase.equals(Object) is
> unusual
> This class doesn't do any of the patterns we recognize for checking that the
> type of the argument is compatible with the type of the this object. There
> might not be anything wrong with this code, but it is worth reviewing.
> - EntityConditionBuilder.java:43, SE_NO_SERIALVERSIONID
> SnVI:
> org.apache.ofbiz.entity.condition.EntityConditionBuilder$ConditionHolder is
> Serializable; consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - EntityConditionBuilder.java:90, DM_CONVERT_CASE
> Dm: Use of non-localized String.toUpperCase() or String.toLowerCase() in
> org.apache.ofbiz.entity.condition.EntityConditionBuilder.createNode(Object)
> A String is being converted to upper or lowercase, using the platform's
> default encoding. This may result in improper conversions when used with
> international characters. Use the
> String.toUpperCase( Locale l )
> String.toLowerCase( Locale l )
> versions instead.
> - EntityConditionBuilder.java:106, DM_CONVERT_CASE
> Dm: Use of non-localized String.toUpperCase() or String.toLowerCase() in
> org.apache.ofbiz.entity.condition.EntityConditionBuilder.createNode(Object,
> Map)
> A String is being converted to upper or lowercase, using the platform's
> default encoding. This may result in improper conversions when used with
> international characters. Use the
> String.toUpperCase( Locale l )
> String.toLowerCase( Locale l )
> versions instead.
> - EntityConditionFunction.java:40, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.entity.condition.EntityConditionFunction$NOT is
> Serializable; consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - EntityConditionFunction.java:91, RC_REF_COMPARISON
> RC: Suspicious comparison of Integer references in
> org.apache.ofbiz.entity.condition.EntityConditionFunction.equals(Object)
> This method compares two reference values using the == or != operator, where
> the correct way to compare instances of this type is generally with the
> equals() method. It is possible to create distinct instances that are equal
> but do not compare as == since they are different objects. Examples of
> classes which should generally not be compared by reference are
> java.lang.Integer, java.lang.Float, etc.
> - EntityConditionList.java:31, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.entity.condition.EntityConditionList is Serializable;
> consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - EntityConditionParam.java:34, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.entity.condition.EntityConditionParam is Serializable;
> consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - EntityConditionSubSelect.java:38, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.entity.condition.EntityConditionSubSelect is
> Serializable; consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - EntityConditionValue.java:40, SE_NO_SERIALVERSIONID
> SnVI:
> org.apache.ofbiz.entity.condition.EntityConditionValue$ConstantNumberValue is
> Serializable; consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - EntityDateFilterCondition.java:-1, CI_CONFUSED_INHERITANCE
> CI: Class org.apache.ofbiz.entity.condition.EntityDateFilterCondition is
> final but declares protected field
> org.apache.ofbiz.entity.condition.EntityDateFilterCondition.fromDateName
> This class is declared to be final, but declares fields to be protected.
> Since the class is final, it can not be derived from, and the use of
> protected is confusing. The access modifier for the field should be changed
> to private or public to represent the true use for the field.
> - EntityDateFilterCondition.java:-1, CI_CONFUSED_INHERITANCE
> CI: Class org.apache.ofbiz.entity.condition.EntityDateFilterCondition is
> final but declares protected field
> org.apache.ofbiz.entity.condition.EntityDateFilterCondition.thruDateName
> This class is declared to be final, but declares fields to be protected.
> Since the class is final, it can not be derived from, and the use of
> protected is confusing. The access modifier for the field should be changed
> to private or public to represent the true use for the field.
> - EntityDateFilterCondition.java:42, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.entity.condition.EntityDateFilterCondition is
> Serializable; consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - EntityExpr.java:44, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.entity.condition.EntityExpr is Serializable; consider
> declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - EntityExpr.java:143, DM_CONVERT_CASE
> Dm: Use of non-localized String.toUpperCase() or String.toLowerCase() in
> org.apache.ofbiz.entity.condition.EntityExpr.addValue(StringBuilder,
> ModelField, Object, List)
> A String is being converted to upper or lowercase, using the platform's
> default encoding. This may result in improper conversions when used with
> international characters. Use the
> String.toUpperCase( Locale l )
> String.toLowerCase( Locale l )
> versions instead.
> - EntityExpr.java:220, NP_NULL_ON_SOME_PATH_EXCEPTION
> NP: Possible null pointer dereference of valueType in
> org.apache.ofbiz.entity.condition.EntityExpr.checkRhsType(ModelEntity,
> Delegator) on exception path
> A reference value which is null on some exception control path is
> dereferenced here. This may lead to a NullPointerException when the code is
> executed. Note that because FindBugs currently does not prune infeasible
> exception paths, this may be a false warning.
> Also note that FindBugs considers the default case of a switch statement to
> be an exception path, since the default case is often infeasible.
> - EntityExpr.java:244, NP_NULL_ON_SOME_PATH_EXCEPTION
> NP: Possible null pointer dereference of rhsType in
> org.apache.ofbiz.entity.condition.EntityExpr.checkRhsType(ModelEntity,
> Delegator) on exception path
> A reference value which is null on some exception control path is
> dereferenced here. This may lead to a NullPointerException when the code is
> executed. Note that because FindBugs currently does not prune infeasible
> exception paths, this may be a false warning.
> Also note that FindBugs considers the default case of a switch statement to
> be an exception path, since the default case is often infeasible.
> - EntityFieldMap.java:-1, CI_CONFUSED_INHERITANCE
> CI: Class org.apache.ofbiz.entity.condition.EntityFieldMap is final but
> declares protected field
> org.apache.ofbiz.entity.condition.EntityFieldMap.fieldMap
> This class is declared to be final, but declares fields to be protected.
> Since the class is final, it can not be derived from, and the use of
> protected is confusing. The access modifier for the field should be changed
> to private or public to represent the true use for the field.
> - EntityFieldMap.java:40, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.entity.condition.EntityFieldMap is Serializable;
> consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - EntityFieldValue.java:42, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.entity.condition.EntityFieldValue is Serializable;
> consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - EntityFunction.java:66, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.entity.condition.EntityFunction$LENGTH is
> Serializable; consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - EntityFunction.java:67, MS_SHOULD_BE_FINAL
> MS: org.apache.ofbiz.entity.condition.EntityFunction$LENGTH.FETCHER isn't
> final but should be
> This static field public but not final, and could be changed by malicious
> code or by accident from another package. The field could be made final to
> avoid this vulnerability.
> - EntityFunction.java:80, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.entity.condition.EntityFunction$TRIM is Serializable;
> consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - EntityFunction.java:81, MS_SHOULD_BE_FINAL
> MS: org.apache.ofbiz.entity.condition.EntityFunction$TRIM.FETCHER isn't final
> but should be
> This static field public but not final, and could be changed by malicious
> code or by accident from another package. The field could be made final to
> avoid this vulnerability.
> - EntityFunction.java:94, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.entity.condition.EntityFunction$UPPER is Serializable;
> consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - EntityFunction.java:95, MS_SHOULD_BE_FINAL
> MS: org.apache.ofbiz.entity.condition.EntityFunction$UPPER.FETCHER isn't
> final but should be
> This static field public but not final, and could be changed by malicious
> code or by accident from another package. The field could be made final to
> avoid this vulnerability.
> - EntityFunction.java:96, DM_CONVERT_CASE
> Dm: Use of non-localized String.toUpperCase() or String.toLowerCase() in
> org.apache.ofbiz.entity.condition.EntityFunction$UPPER$1.getValue(Object)
> A String is being converted to upper or lowercase, using the platform's
> default encoding. This may result in improper conversions when used with
> international characters. Use the
> String.toUpperCase( Locale l )
> String.toLowerCase( Locale l )
> versions instead.
> - EntityFunction.java:108, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.entity.condition.EntityFunction$LOWER is Serializable;
> consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - EntityFunction.java:109, MS_SHOULD_BE_FINAL
> MS: org.apache.ofbiz.entity.condition.EntityFunction$LOWER.FETCHER isn't
> final but should be
> This static field public but not final, and could be changed by malicious
> code or by accident from another package. The field could be made final to
> avoid this vulnerability.
> - EntityFunction.java:110, DM_CONVERT_CASE
> Dm: Use of non-localized String.toUpperCase() or String.toLowerCase() in
> org.apache.ofbiz.entity.condition.EntityFunction$LOWER$1.getValue(Object)
> A String is being converted to upper or lowercase, using the platform's
> default encoding. This may result in improper conversions when used with
> international characters. Use the
> String.toUpperCase( Locale l )
> String.toLowerCase( Locale l )
> versions instead.
> - EntityFunction.java:158, SE_INNER_CLASS
> Se: org.apache.ofbiz.entity.condition.EntityFunction$1 is serializable and an
> inner class
> This Serializable class is an inner class. Any attempt to serialize it will
> also serialize the associated outer instance. The outer instance is
> serializable, so this won't fail, but it might serialize a lot more data than
> intended. If possible, making the inner class a static inner class (also
> known as a nested class) should solve the problem.
> - EntityFunction.java:160, SE_INNER_CLASS
> Se: org.apache.ofbiz.entity.condition.EntityFunction$2 is serializable and an
> inner class
> This Serializable class is an inner class. Any attempt to serialize it will
> also serialize the associated outer instance. The outer instance is
> serializable, so this won't fail, but it might serialize a lot more data than
> intended. If possible, making the inner class a static inner class (also
> known as a nested class) should solve the problem.
> - EntityJoinOperator.java:39, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.entity.condition.EntityJoinOperator is Serializable;
> consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - EntityOperator.java:63, DM_CONVERT_CASE
> Dm: Use of non-localized String.toUpperCase() or String.toLowerCase() in
> org.apache.ofbiz.entity.condition.EntityOperator.registerCase(String,
> EntityOperator)
> A String is being converted to upper or lowercase, using the platform's
> default encoding. This may result in improper conversions when used with
> international characters. Use the
> String.toUpperCase( Locale l )
> String.toLowerCase( Locale l )
> versions instead.
> - EntityOperator.java:303, EQ_COMPARETO_USE_OBJECT_EQUALS
> Eq: org.apache.ofbiz.entity.condition.EntityOperator$13 defines
> compareTo(Object) and uses Object.equals()
> This class defines a compareTo(...) method but inherits its equals() method
> from java.lang.Object. Generally, the value of compareTo should return zero
> if and only if equals returns true. If this is violated, weird and
> unpredictable failures will occur in classes such as PriorityQueue. In Java 5
> the PriorityQueue.remove method uses the compareTo method, while in Java 6 it
> uses the equals method.
> From the JavaDoc for the compareTo method in the Comparable interface:
> It is strongly recommended, but not strictly required that
> (x.compareTo(y)==0) == (x.equals(y)). Generally speaking, any class that
> implements the Comparable interface and violates this condition should
> clearly indicate this fact. The recommended language is "Note: this class has
> a natural ordering that is inconsistent with equals."
> - EntityWhereString.java:-1, CI_CONFUSED_INHERITANCE
> CI: Class org.apache.ofbiz.entity.condition.EntityWhereString is final but
> declares protected field
> org.apache.ofbiz.entity.condition.EntityWhereString.sqlString
> This class is declared to be final, but declares fields to be protected.
> Since the class is final, it can not be derived from, and the use of
> protected is confusing. The access modifier for the field should be changed
> to private or public to represent the true use for the field.
> - EntityWhereString.java:47, SE_NO_SERIALVERSIONID
> SnVI: org.apache.ofbiz.entity.condition.EntityWhereString is Serializable;
> consider declaring a serialVersionUID
> This class implements the Serializable interface, but does not define a
> serialVersionUID field. A change as simple as adding a reference to a .class
> object will add synthetic fields to the class, which will unfortunately
> change the implicit serialVersionUID (e.g., adding a reference to
> String.class will generate a static field class$java$lang$String). Also,
> different source code to bytecode compilers may use different naming
> conventions for synthetic variables generated for references to class objects
> or inner classes. To ensure interoperability of Serializable across versions,
> consider adding an explicit serialVersionUID.
> - OrderByItem.java:30, SE_COMPARATOR_SHOULD_BE_SERIALIZABLE
> Se: org.apache.ofbiz.entity.condition.OrderByItem implements Comparator but
> not Serializable
> This class implements the Comparator interface. You should consider whether
> or not it should also implement the Serializable interface. If a comparator
> is used to construct an ordered collection such as a TreeMap, then the
> TreeMap will be serializable only if the comparator is also serializable. As
> most comparators have little or no state, making them serializable is
> generally easy and good defensive programming.
> - OrderByItem.java:81, DM_CONVERT_CASE
> Dm: Use of non-localized String.toUpperCase() or String.toLowerCase() in
> org.apache.ofbiz.entity.condition.OrderByItem.parse(String)
> A String is being converted to upper or lowercase, using the platform's
> default encoding. This may result in improper conversions when used with
> international characters. Use the
> String.toUpperCase( Locale l )
> String.toLowerCase( Locale l )
> versions instead.
> - OrderByItem.java:135, DLS_DEAD_LOCAL_STORE
> DLS: Dead store to endIndex in
> org.apache.ofbiz.entity.condition.OrderByItem.parse(String)
> This instruction assigns a value to a local variable, but the value is not
> read or used in any subsequent instruction. Often, this indicates an error,
> because the value computed is never used.
> Note that Sun's javac compiler often generates dead stores for final local
> variables. Because FindBugs is a bytecode-based tool, there is no easy way to
> eliminate these false positives.
> - OrderByItem.java:138, SF_SWITCH_NO_DEFAULT
> SF: Switch statement found in
> org.apache.ofbiz.entity.condition.OrderByItem.parse(String) where default
> case is missing
> This method contains a switch statement where default case is missing.
> Usually you need to provide a default case.
> Because the analysis only looks at the generated bytecode, this warning can
> be incorrect triggered if the default case is at the end of the switch
> statement and the switch statement doesn't contain break statements for other
> cases.
> - OrderByItem.java:196, HE_EQUALS_USE_HASHCODE
> HE: org.apache.ofbiz.entity.condition.OrderByItem defines equals and uses
> Object.hashCode()
> This class overrides equals(Object), but does not override hashCode(), and
> inherits the implementation of hashCode() from java.lang.Object (which
> returns the identity hash code, an arbitrary value assigned to the object by
> the VM). Therefore, the class is very likely to violate the invariant that
> equal objects must have equal hashcodes.
> If you don't think instances of this class will ever be inserted into a
> HashMap/HashTable, the recommended hashCode implementation to use is:
> public int hashCode() {
> assert false : "hashCode not designed";
> return 42; // any arbitrary constant will do
> }
> - OrderByList.java:32, SE_COMPARATOR_SHOULD_BE_SERIALIZABLE
> Se: org.apache.ofbiz.entity.condition.OrderByList implements Comparator but
> not Serializable
> This class implements the Comparator interface. You should consider whether
> or not it should also implement the Serializable interface. If a comparator
> is used to construct an ordered collection such as a TreeMap, then the
> TreeMap will be serializable only if the comparator is also serializable. As
> most comparators have little or no state, making them serializable is
> generally easy and good defensive programming.
> - OrderByList.java:108, HE_EQUALS_USE_HASHCODE
> HE: org.apache.ofbiz.entity.condition.OrderByList defines equals and uses
> Object.hashCode()
> This class overrides equals(Object), but does not override hashCode(), and
> inherits the implementation of hashCode() from java.lang.Object (which
> returns the identity hash code, an arbitrary value assigned to the object by
> the VM). Therefore, the class is very likely to violate the invariant that
> equal objects must have equal hashcodes.
> If you don't think instances of this class will ever be inserted into a
> HashMap/HashTable, the recommended hashCode implementation to use is:
> public int hashCode() {
> assert false : "hashCode not designed";
> return 42; // any arbitrary constant will do
> }
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
