如何在可序列化类中处理Findbugs“非瞬态非可序列化实例字段”？ [英] How to handle a Findbugs "Non-transient non-serializable instance field in serializable class"?

问题描述

考虑下面的课程。如果我对它运行Findbugs它将在第5行给出一个错误（可序列化类中的非瞬态非序列化实例字段）但不在第7行。

Consider the class below. If I run Findbugs against it it will give me an error ("Non-transient non-serializable instance field in serializable class") on line 5 but not on line 7.

1 public class TestClass implements Serializable {
2
3  private static final long serialVersionUID = 1905162041950251407L;
4
5  private Set<Integer> mySet;      // Findbugs error
6
7  private HashSet<Integer> myOtherSet;
8
9 }

这是正确的，因为java.util.Set从未实现在其层次结构中可序列化并且java.util.HashSet可以。
然而，最佳做法是针对接口而不是具体实现进行编码。

That's correct because java.util.Set never implements Serializable in its hierarchy and java.util.HashSet does. However it is best practice to code against interfaces instead of concrete implementations.

我如何才能最好地处理这个问题？

How can I best handle this?

我可以在第3行添加@Suppresswarnings（justification =No bug，values =SE_BAD_FIELD）。我的实际代码中有很多集合和列表，我担心它会乱丢垃圾我的代码太多。

I can add a @Suppresswarnings(justification="No bug", values="SE_BAD_FIELD") on line 3. I have quite a lot of Sets and Lists in my actual code and I'm afraid it will litter my code too much.

还有更好的方法吗？

推荐答案

然而，最佳做法是对接口编码
而不是具体的
实现。

However it is best practice to code against interfaces instead of concrete implementations.

我提出不，在这种情况下不是。 Findbugs非常正确地告诉你，只要你有一个非序列化的 Set 实现，你就冒险进入 NotSerializableException 那个领域。这是你应该处理的事情。怎么样，这取决于你的类的设计。

I submit that no, in this case it is not. Findbugs quite correctly tells you that you risk running into a NotSerializableException as soon as you have a non-serializable Set implementation in that field. This is something you should deal with. How, that depends on the design of your classes.

• 如果这些集合在类中初始化而从未在外面设置，那么我看到声明字段的具体类型绝对没有错，因为无论如何字段都是实现细节。请在公共接口中使用接口类型。


• 如果通过公共接口将集合传递到类中，则必须确保它们实际上是 Serializable 。为此，创建一个接口 SerializableSet extends Set，Serializable 并将其用于您的字段。然后，：
  
  
  
  • 在公共接口中使用 SerializableSet 并提供实现它的实现类。
  
  
  • 检查通过 instanceof Serializable 传递给类的集合，如果不是，请将它们复制到。
  
  
  • If those collections are initialized within the class and never set from outside, then I see absolutely nothing wrong with declaring the concrete type for the field, since fields are implementation details anyway. Do use the interface type in the public interface.
  • If the collection are passed into the class via a public interface, you have to ensure that they are in fact Serializable. To do that, create an interface SerializableSet extends Set, Serializable and use it for your field. Then, either:
    • Use SerializableSet in the public interface and provide implementation classes that implement it.
    • Check collections passed to the class via instanceof Serializable and if they're not, copy them into something that is.

    这篇关于如何在可序列化类中处理Findbugs“非瞬态非可序列化实例字段”？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！