rspec/rules/S2066/java/rule.adoc

Serializing a non-``++static++`` inner class will result in an attempt at serializing the outer class as well. If the outer class is not serializable, then serialization will fail, resulting in a runtime error. 


Making the inner class ``++static++`` (i.e. "nested") avoids this problem, therefore inner classes should be ``++static++`` if possible. However, you should be aware that there are semantic differences between an inner class and a nested one: 

* an inner class can only be instantiated within the context of an instance of the outer class. 
* a nested (``++static++``) class can be instantiated independently of the outer class.


== Noncompliant Code Example

----
public class Pomegranate {
  // ...

  public class Seed implements Serializable {  // Noncompliant; serialization will fail
    // ...
  }
} 
----


== Compliant Solution

----
public class Pomegranate {
  // ...

  public static class Seed implements Serializable {
    // ...
  }
} 
----


== See

* https://wiki.sei.cmu.edu/confluence/x/ZTdGBQ[CERT SER05-J.] - Do not serialize instances of inner classes

ifdef::env-github,rspecator-view[]

'''
== Implementation Specification
(visible only on this page)

include::message.adoc[]

endif::env-github,rspecator-view[]
Restructure one-lang rspecs 2021-04-28 16:49:39 +02:00			Serializing a non-``++static++`` inner class will result in an attempt at serializing the outer class as well. If the outer class is not serializable, then serialization will fail, resulting in a runtime error.


			Making the inner class ``++static++`` (i.e. "nested") avoids this problem, therefore inner classes should be ``++static++`` if possible. However, you should be aware that there are semantic differences between an inner class and a nested one:

			`* an inner class can only be instantiated within the context of an instance of the outer class.`
			* a nested (``++static++``) class can be instantiated independently of the outer class.

Fix the missing default metadata fields 2021-04-28 18:08:03 +02:00
Restructure one-lang rspecs 2021-04-28 16:49:39 +02:00			`== Noncompliant Code Example`

			`----`
			`public class Pomegranate {`
			`// ...`

			`public class Seed implements Serializable { // Noncompliant; serialization will fail`
			`// ...`
			`}`
			`}`
			`----`

Fix the missing default metadata fields 2021-04-28 18:08:03 +02:00
Restructure one-lang rspecs 2021-04-28 16:49:39 +02:00			`== Compliant Solution`

			`----`
			`public class Pomegranate {`
			`// ...`

			`public static class Seed implements Serializable {`
			`// ...`
			`}`
			`}`
			`----`

Fix the missing default metadata fields 2021-04-28 18:08:03 +02:00
Restructure one-lang rspecs 2021-04-28 16:49:39 +02:00			`== See`

			`* https://wiki.sei.cmu.edu/confluence/x/ZTdGBQ[CERT SER05-J.] - Do not serialize instances of inner classes`
Fix the missing default metadata fields 2021-04-28 18:08:03 +02:00
RULEAPI-666: Migrate the "List of parameters", "Highlighting" and "Message" fields from jira RSPEC (#346) 2021-09-20 15:38:42 +02:00			`ifdef::env-github,rspecator-view[]`

			`'''`
			`== Implementation Specification`
			`(visible only on this page)`

			`include::message.adoc[]`

			`endif::env-github,rspecator-view[]`