Details

    • Type: Sub-task
    • Status: Closed
    • Priority: Minor
    • Resolution: Implemented
    • Affects Version/s: Trunk
    • Fix Version/s: 17.12.01
    • Component/s: framework
    • Labels:
      None

      Description

      • ExpressionUiHelper.java:42, MS_PKGPROTECT
        MS: org.apache.ofbiz.service.calendar.ExpressionUiHelper.Occurrence should be package protected

      A mutable static field could be changed by malicious code or by accident. The field could be made package protected to avoid this vulnerability.

      • RecurrenceInfo.java:-1, SE_BAD_FIELD
        Se: Class org.apache.ofbiz.service.calendar.RecurrenceInfo$RecurrenceWrapper defines non-transient non-serializable instance field info

      This Serializable class defines a non-primitive instance field which is neither transient, Serializable, or java.lang.Object, and does not appear to implement the Externalizable interface or the readObject() and writeObject() methods. Objects of this class will not be deserialized correctly if a non-Serializable object is stored in this field.

      • RecurrenceInfo.java:117, EI_EXPOSE_REP
        EI: org.apache.ofbiz.service.calendar.RecurrenceInfo.getStartDate() may expose internal representation by returning RecurrenceInfo.startDate

      Returning a reference to a mutable object value stored in one of the object's fields exposes the internal representation of the object. If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Returning a new copy of the object is better approach in many situations.

      • RecurrenceInfo.java:349, SE_NO_SERIALVERSIONID
        SnVI: org.apache.ofbiz.service.calendar.RecurrenceInfo$RecurrenceWrapper is Serializable; consider declaring a serialVersionUID

      This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

      • RecurrenceRule.java:197, DM_CONVERT_CASE
        Dm: Use of non-localized String.toUpperCase() or String.toLowerCase() in org.apache.ofbiz.service.calendar.RecurrenceRule.getFrequencyName()

      A String is being converted to upper or lowercase, using the platform's default encoding. This may result in improper conversions when used with international characters. Use the

      String.toUpperCase( Locale l )
      String.toLowerCase( Locale l )
      versions instead.

      • RecurrenceRule.java:321, SF_SWITCH_NO_DEFAULT
        SF: Switch statement found in org.apache.ofbiz.service.calendar.RecurrenceRule.validCurrent(long, long, long) where default case is missing

      This method contains a switch statement where default case is missing. Usually you need to provide a default case.

      Because the analysis only looks at the generated bytecode, this warning can be incorrect triggered if the default case is at the end of the switch statement and the switch statement doesn't contain break statements for other cases.

      • RecurrenceRule.java:335, SF_SWITCH_FALLTHROUGH
        SF: Switch statement found in org.apache.ofbiz.service.calendar.RecurrenceRule.validCurrent(long, long, long) where one case falls through to the next case

      This method contains a switch statement where one case branch will fall through to the next case. Usually you need to end this case with a break or return.

      • RecurrenceRule.java:724, NP_NULL_ON_SOME_PATH
        NP: Possible null pointer dereference of day in org.apache.ofbiz.service.calendar.RecurrenceRule.getCalendarDay(String)

      There is a branch of statement that, if executed, guarantees that a null value will be dereferenced, which would generate a NullPointerException when the code is executed. Of course, the problem might be that the branch or statement is infeasible and that the null pointer exception can't ever be executed; deciding that is beyond the ability of FindBugs.

      • TemporalExpression.java:47, EQ_COMPARETO_USE_OBJECT_EQUALS
        Eq: org.apache.ofbiz.service.calendar.TemporalExpression defines compareTo(TemporalExpression) and uses Object.equals()

      This class defines a compareTo(...) method but inherits its equals() method from java.lang.Object. Generally, the value of compareTo should return zero if and only if equals returns true. If this is violated, weird and unpredictable failures will occur in classes such as PriorityQueue. In Java 5 the PriorityQueue.remove method uses the compareTo method, while in Java 6 it uses the equals method.

      From the JavaDoc for the compareTo method in the Comparable interface:

      It is strongly recommended, but not strictly required that (x.compareTo==0) == (x.equals). Generally speaking, any class that implements the Comparable interface and violates this condition should clearly indicate this fact. The recommended language is "Note: this class has a natural ordering that is inconsistent with equals."

      • TemporalExpression.java:81, DLS_DEAD_LOCAL_STORE
        DLS: Dead store to last in org.apache.ofbiz.service.calendar.TemporalExpression.getRange(DateRange, Calendar)

      This instruction assigns a value to a local variable, but the value is not read or used in any subsequent instruction. Often, this indicates an error, because the value computed is never used.

      Note that Sun's javac compiler often generates dead stores for final local variables. Because FindBugs is a bytecode-based tool, there is no easy way to eliminate these false positives.

      • TemporalExpression.java:139, SIC_INNER_SHOULD_BE_STATIC
        SIC: Should org.apache.ofbiz.service.calendar.TemporalExpression$ExpressionContext be a static inner class?

      This class is an inner class, but does not use its embedded reference to the object which created it. This reference makes the instances of the class larger, and may keep the reference to the creator object alive longer than necessary. If possible, the class should be made static.

      • TemporalExpression.java:142, URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD
        UrF: Unread public/protected field: org.apache.ofbiz.service.calendar.TemporalExpression$ExpressionContext.monthBumped

      This field is never read. The field is public or protected, so perhaps it is intended to be used with classes not seen as part of the analysis. If not, consider removing it from the class.

      • TemporalExpressionWorker.java:166, MS_EXPOSE_REP
        MS: Public static org.apache.ofbiz.service.calendar.TemporalExpressionWorker.getExpressionTypeList() may expose internal representation by returning TemporalExpressionWorker.ExpressionTypeList

      A public static method returns a reference to an array that is part of the static state of the class. Any code that calls this method can freely modify the underlying array. One fix is to return a copy of the array.

      • TemporalExpressions.java:36, SE_NO_SERIALVERSIONID
        SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions is Serializable; consider declaring a serialVersionUID

      This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

      • TemporalExpressions.java:63, SE_NO_SERIALVERSIONID
        SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$DateRange is Serializable; consider declaring a serialVersionUID

      This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

      • TemporalExpressions.java:81, HE_EQUALS_USE_HASHCODE
        HE: org.apache.ofbiz.service.calendar.TemporalExpressions$DateRange defines equals and uses Object.hashCode()

      This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes.

      If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is:

      public int hashCode()

      { assert false : "hashCode not designed"; return 42; // any arbitrary constant will do }
      • TemporalExpressions.java:81, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
        NP: org.apache.ofbiz.service.calendar.TemporalExpressions$DateRange.equals(Object) does not check for null argument

      This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value.

      • TemporalExpressions.java:133, SE_NO_SERIALVERSIONID
        SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$DayInMonth is Serializable; consider declaring a serialVersionUID

      This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

      • TemporalExpressions.java:179, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
        NP: org.apache.ofbiz.service.calendar.TemporalExpressions$DayInMonth.equals(Object) does not check for null argument

      This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value.

      • TemporalExpressions.java:179, HE_EQUALS_USE_HASHCODE
        HE: org.apache.ofbiz.service.calendar.TemporalExpressions$DayInMonth defines equals and uses Object.hashCode()

      This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes.

      If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is:

      public int hashCode()

      { assert false : "hashCode not designed"; return 42; // any arbitrary constant will do }
      • TemporalExpressions.java:268, SE_NO_SERIALVERSIONID
        SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$DayOfMonthRange is Serializable; consider declaring a serialVersionUID

      This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

      • TemporalExpressions.java:297, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
        NP: org.apache.ofbiz.service.calendar.TemporalExpressions$DayOfMonthRange.equals(Object) does not check for null argument

      This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value.

      • TemporalExpressions.java:297, HE_EQUALS_USE_HASHCODE
        HE: org.apache.ofbiz.service.calendar.TemporalExpressions$DayOfMonthRange defines equals and uses Object.hashCode()

      This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes.

      If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is:

      public int hashCode()

      { assert false : "hashCode not designed"; return 42; // any arbitrary constant will do }
      • TemporalExpressions.java:371, SE_NO_SERIALVERSIONID
        SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$DayOfWeekRange is Serializable; consider declaring a serialVersionUID

      This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

      • TemporalExpressions.java:402, HE_EQUALS_USE_HASHCODE
        HE: org.apache.ofbiz.service.calendar.TemporalExpressions$DayOfWeekRange defines equals and uses Object.hashCode()

      This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes.

      If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is:

      public int hashCode()

      { assert false : "hashCode not designed"; return 42; // any arbitrary constant will do }
      • TemporalExpressions.java:402, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
        NP: org.apache.ofbiz.service.calendar.TemporalExpressions$DayOfWeekRange.equals(Object) does not check for null argument

      This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value.

      • TemporalExpressions.java:497, SE_NO_SERIALVERSIONID
        SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$Difference is Serializable; consider declaring a serialVersionUID

      This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

      • TemporalExpressions.java:524, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
        NP: org.apache.ofbiz.service.calendar.TemporalExpressions$Difference.equals(Object) does not check for null argument

      This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value.

      • TemporalExpressions.java:524, HE_EQUALS_USE_HASHCODE
        HE: org.apache.ofbiz.service.calendar.TemporalExpressions$Difference defines equals and uses Object.hashCode()

      This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes.

      If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is:

      public int hashCode()

      { assert false : "hashCode not designed"; return 42; // any arbitrary constant will do }
      • TemporalExpressions.java:595, SE_NO_SERIALVERSIONID
        SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$Frequency is Serializable; consider declaring a serialVersionUID

      This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

      • TemporalExpressions.java:605, EI_EXPOSE_REP2
        EI2: new org.apache.ofbiz.service.calendar.TemporalExpressions$Frequency(Date, int, int) may expose internal representation by storing an externally mutable object into TemporalExpressions$Frequency.start

      This code stores a reference to an externally mutable object into the internal representation of the object. If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Storing a copy of the object is better approach in many situations.

      • TemporalExpressions.java:624, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
        NP: org.apache.ofbiz.service.calendar.TemporalExpressions$Frequency.equals(Object) does not check for null argument

      This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value.

      • TemporalExpressions.java:624, HE_EQUALS_USE_HASHCODE
        HE: org.apache.ofbiz.service.calendar.TemporalExpressions$Frequency defines equals and uses Object.hashCode()

      This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes.

      If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is:

      public int hashCode()

      { assert false : "hashCode not designed"; return 42; // any arbitrary constant will do }
      • TemporalExpressions.java:738, SE_NO_SERIALVERSIONID
        SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$HourRange is Serializable; consider declaring a serialVersionUID

      This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

      • TemporalExpressions.java:767, HE_EQUALS_USE_HASHCODE
        HE: org.apache.ofbiz.service.calendar.TemporalExpressions$HourRange defines equals and uses Object.hashCode()

      This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes.

      If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is:

      public int hashCode()

      { assert false : "hashCode not designed"; return 42; // any arbitrary constant will do }
      • TemporalExpressions.java:767, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
        NP: org.apache.ofbiz.service.calendar.TemporalExpressions$HourRange.equals(Object) does not check for null argument

      This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value.

      • TemporalExpressions.java:874, SE_NO_SERIALVERSIONID
        SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$Intersection is Serializable; consider declaring a serialVersionUID

      This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

      • TemporalExpressions.java:915, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
        NP: org.apache.ofbiz.service.calendar.TemporalExpressions$Intersection.equals(Object) does not check for null argument

      This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value.

      • TemporalExpressions.java:915, HE_EQUALS_USE_HASHCODE
        HE: org.apache.ofbiz.service.calendar.TemporalExpressions$Intersection defines equals and uses Object.hashCode()

      This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes.

      If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is:

      public int hashCode()

      { assert false : "hashCode not designed"; return 42; // any arbitrary constant will do }
      • TemporalExpressions.java:995, SE_NO_SERIALVERSIONID
        SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$MinuteRange is Serializable; consider declaring a serialVersionUID

      This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

      • TemporalExpressions.java:1024, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
        NP: org.apache.ofbiz.service.calendar.TemporalExpressions$MinuteRange.equals(Object) does not check for null argument

      This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value.

      • TemporalExpressions.java:1024, HE_EQUALS_USE_HASHCODE
        HE: org.apache.ofbiz.service.calendar.TemporalExpressions$MinuteRange defines equals and uses Object.hashCode()

      This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes.

      If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is:

      public int hashCode()

      { assert false : "hashCode not designed"; return 42; // any arbitrary constant will do }
      • TemporalExpressions.java:1129, SE_NO_SERIALVERSIONID
        SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$MonthRange is Serializable; consider declaring a serialVersionUID

      This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

      • TemporalExpressions.java:1160, HE_EQUALS_USE_HASHCODE
        HE: org.apache.ofbiz.service.calendar.TemporalExpressions$MonthRange defines equals and uses Object.hashCode()

      This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes.

      If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is:

      public int hashCode()

      { assert false : "hashCode not designed"; return 42; // any arbitrary constant will do }
      • TemporalExpressions.java:1160, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
        NP: org.apache.ofbiz.service.calendar.TemporalExpressions$MonthRange.equals(Object) does not check for null argument

      This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value.

      • TemporalExpressions.java:1244, SE_NO_SERIALVERSIONID
        SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$Null is Serializable; consider declaring a serialVersionUID

      This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

      • TemporalExpressions.java:1273, SE_NO_SERIALVERSIONID
        SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$Substitution is Serializable; consider declaring a serialVersionUID

      This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

      • TemporalExpressions.java:1307, HE_EQUALS_USE_HASHCODE
        HE: org.apache.ofbiz.service.calendar.TemporalExpressions$Substitution defines equals and uses Object.hashCode()

      This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes.

      If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is:

      public int hashCode()

      { assert false : "hashCode not designed"; return 42; // any arbitrary constant will do }
      • TemporalExpressions.java:1307, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
        NP: org.apache.ofbiz.service.calendar.TemporalExpressions$Substitution.equals(Object) does not check for null argument

      This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value.

      • TemporalExpressions.java:1380, SE_NO_SERIALVERSIONID
        SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$Union is Serializable; consider declaring a serialVersionUID

      This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

      • TemporalExpressions.java:1414, HE_EQUALS_USE_HASHCODE
        HE: org.apache.ofbiz.service.calendar.TemporalExpressions$Union defines equals and uses Object.hashCode()

      This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes.

      If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is:

      public int hashCode()

      { assert false : "hashCode not designed"; return 42; // any arbitrary constant will do }
      • TemporalExpressions.java:1414, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
        NP: org.apache.ofbiz.service.calendar.TemporalExpressions$Union.equals(Object) does not check for null argument

      This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value.

        Attachments

          Activity

            People

            • Assignee:
              mbrohl Michael Brohl
              Reporter:
              Dennis Balkir Dennis Balkir
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: