rspec/rules/S2064/java/rule.adoc

== Why is this an issue?

``++transient++`` fields are ignored by Java's automatic serizalization mechanisms, which means that when a object is deserialized, those fields will be set to their default values. 


``++transient++`` fields that are referenced in multiple places in a class seem to play a significant role in that class. Allowing such significant fields to be left in a default state after deserialization may not be the best course, so they should probably be set in either a ``++readObject()++`` or ``++readResolve()++`` method.


=== Noncompliant code example

Using the default threshold of 3:

[source,java]
----
class Fruit implements Serializable {
  private transient Seed seed;

  public Fruit (Seed seed) {
    this.seed = seed;  // 1st set
  }
  public void setSeed (Seed seed) {
    this.seed = seed;  // 2nd set
  }
  public Seed getSeed() {
    return seed; // not counted; read, not write.
  }

  public void sprout () {
    this.seed = new GerminatedSeed();  // Noncompliant; 3rd write
    //...
  }
}
----


=== Compliant solution

[source,java]
----
class Fruit implements Serializable {
  private transient Seed seed;

  public Fruit (Seed seed) {
    this.seed = seed;  // 1st reference
  }
  public void setSeed (Seed seed)
    this.seed = seed;  // 2nd reference
  }
  public Seed getSeed() {
    return seed; // not counted; read, not write.
  }

  public void sprout () {
    this.seed = new GerminatedSeed();  // Noncompliant; 3rd write
    //...
  }

  protected Object readResolve() throws ObjectStreamException {
    // ...
  }
}
----

ifdef::env-github,rspecator-view[]

'''
== Implementation Specification
(visible only on this page)

=== Message

* Set "xxx" in "readObject()" or "readResolve()".


=== Parameters

.threshold
****

----
3
----

The number of times a transient field is set that indicates it should be restored during deserialization.
****


endif::env-github,rspecator-view[]