23 lines
1.1 KiB
Plaintext
23 lines
1.1 KiB
Plaintext
=== on 22 Jul 2015, 07:48:37 Nicolas Peru wrote:
|
|
\[~ann.campbell.2] LGTM
|
|
|
|
=== on 23 Jul 2015, 13:56:52 Ann Campbell wrote:
|
|
Rule origin: \https://groups.google.com/forum/#!topic/sonarqube/cYQdBhf00eo
|
|
|
|
|
|
from rule requester:
|
|
|
|
I wrote this rule and have now a working version. Having tested it on a representative code base of 350+remote interfaces, here are the cases I had to handle :
|
|
|
|
* primitive types are allowed
|
|
* Enums are allowed
|
|
* Serializable itself is not allowed (bad practice)
|
|
* subType of java.io.Serializable are allowed
|
|
* arrays of allowed types are allowed
|
|
* parameterized types must be checked
|
|
* parameter types of parameterized types must be checked (recursively)
|
|
* handle the case of java Collections and Maps (we consider them as Serializable as only 2-3 Collections Interfaces implementations are not serializable, and as those implementations are only used for developping caches (and therefore it makes no sense to transmit them through remote services calls)... this is as a corner case, but it may raise lots of false positives
|
|
* both parameters and return types of method signatures must be checked
|
|
* we check only remote interfaces (not types)
|
|
|