ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S2694/java/rule.adoc
Fred Tingaud 16f6c0aecf
Inline adoc when include has no additional value (#1940) 
Inline adoc files when they are included exactly once.

Also fix language tags because this inlining gives us better information
on what language the code is written in.
2023-05-25 14:18:12 +02:00

77 lines
2.5 KiB
Plaintext
Raw Blame History

== Why is this an issue?
A non-static inner class has a reference to its outer class, and access to the outer class' fields and methods. That class reference makes the inner class larger and could cause the outer class instance to live in memory longer than necessary.
If the reference to the outer class isn't used, it is more efficient to make the inner class ``++static++`` (also called nested). If the reference is used only in the class constructor, then explicitly pass a class reference to the constructor. If the inner class is anonymous, it will also be necessary to name it.
However, while a nested/``++static++`` class would be more efficient, it's worth noting that there are semantic differences between an inner class and a nested one:
* an inner class can only be instantiated within the context of an instance of the outer class.
* a nested (``++static++``) class can be instantiated independently of the outer class.
=== Noncompliant code example
[source,java]
----
public class Fruit {
// ...
public class Seed { // Noncompliant; there's no use of the outer class reference so make it static
int germinationDays = 0;
public Seed(int germinationDays) {
this.germinationDays = germinationDays;
}
public int getGerminationDays() {
return germinationDays;
}
}
}
----
=== Compliant solution
[source,java]
----
public class Fruit {
// ...
public static class Seed {
int germinationDays = 0;
public Seed(int germinationDays) {
this.germinationDays = germinationDays;
}
public int getGerminationDays() {
return germinationDays;
}
}
}
----
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
=== Message
Make this a [named] "static" inner class.
'''
== Comments And Links
(visible only on this page)
=== on 6 Oct 2015, 19:33:30 Ann Campbell wrote:
\[~nicolas.peru], _http://www.securingjava.com/chapter-seven/chapter-seven-1.html[Securing Java]_ (see Rule 5) says that inner classes (presumably only non-``++static++``) are security holes because the compiler translates them to ordinary classes with ``++package++`` accessibility, and "upgrades" the owning's class's ``++private++`` member visibility to ``++package++``.
The upshot is a recommendation against using inner classes. Since those problems go away if the inner class is ``++static++``, I'm wondering whether to combine "Don't use non-static inner classes" with this rule or handle it in a separate RSpec. WDYT?
endif::env-github,rspecator-view[]
Reference in New Issue View Git Blame Copy Permalink