-
Notifications
You must be signed in to change notification settings - Fork 2k
Expand file tree
/
Copy pathIncorrectSerialVersionUID.qhelp
More file actions
42 lines (31 loc) · 1.23 KB
/
IncorrectSerialVersionUID.qhelp
File metadata and controls
42 lines (31 loc) · 1.23 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
<!DOCTYPE qhelp PUBLIC
"-//Semmle//qhelp//EN"
"qhelp.dtd">
<qhelp>
<overview>
<p>
A serializable class that uses the <code>serialVersionUID</code> field to act as an object version number must declare the field
to be <code>final</code>, <code>static</code>, and of type <code>long</code> for it to be used by the Java serialization framework.
</p>
</overview>
<recommendation>
<p>
Make sure that the <code>serialVersionUID</code> field in a serialized class is final, static, and of type <code>long</code>.
</p>
</recommendation>
<example>
<p>In the following example, <code>WrongNote</code> defines <code>serialVersionUID</code> using the wrong
type, so that it is not used by the Java serialization framework. However, <code>Note</code> defines it correctly
so that it is used by the framework.</p>
<sample src="IncorrectSerialVersionUID.java" />
</example>
<references>
<li>
Java API Specification:
<a href="https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/io/Serializable.html">Serializable</a>.
</li>
<li>
JavaWorld: <a href="https://www.infoworld.com/article/2071731/ensure-proper-version-control-for-serialized-objects.html">Ensure proper version control for serialized objects</a>.
</li>
</references>
</qhelp>