 
                            This keeps track of who has completed their proofread of each chapter. (Our SVN repository will keep us from simultaneous edits.)
| Ch. | Dave | Dean | Dhruv | rCs | Fred | 
|---|---|---|---|---|---|
| 6 | 
 | 
 | 
 | 
 | 
 | 
| 14 | x | 
 | 
 | 
 | x | 
| 15 | x | x | 
 | 
 | x | 
| 16 | x | x | 
 | 
 | x | 
| 17 | x | x | 
 | 
 | x | 
| 18 | 
 | 
 | 
 | 
 | 
 | 
| Bib | x | x | 
 | 
 | 
 | 
| Def | x | x | 
 | 
 | 
 | 
| FM | x | x | 
 | 
 | 
 | 
This page contains adhoc TODO ideas or topics being currently investigated. Please feel free to comment on these or suggest new ones.
Possible Changes to Current Guidelines
- All classes, methods will need to include the final keyword. Although this is against extensibility, it is critical from the security point of view.
- All file separators must be replaced by platform independent File.separatorunmigrated-wiki-markup
- Possibly   use   the   memento   design   pattern   with   deserialization.   An   inner   class   performs   input   validation   using   'safe'   objects,   for   example,  {{long}} to store {{int}} vals and then updates the state of the actual outer class and so on..., Item 50 \ [Daconta 03\]
- readResolve() for deserialization (singletons). Do not serialize sensitive external mutable variables (best to declare them transient)
- Calling clone.super() is necessary.
...
Possible Recommendations
- Wiki Markup 
- Careful while using environment variables - investigate usual conditions (done)unmigrated-wiki-markup
- Use HttpSession carefully, Item 25 \ [Daconta 03\]unmigrated-wiki-markup
- For good portability, do not make the assumption - all DBMSs can tolerate several open ResultSet Objects at a time, Item 41 \ [Daconta 03\]
- Thread.interrupted issues
...
- Issues with ProtectionDomains (if any)
...
Possible Rules
- Poor performance and DoS due to regex (fixed in jdk 1.6)
...
- Avoid using Reflection to instantiate inner classes
- Wiki Markup 
- Some of the anti-patterns described in ERR00-J. Do not suppress or ignore checked exceptions (done)
...
- Don't catch Throwable without checking for ThreadDeath. (will not do)unmigrated-wiki-markup
- Usage   of  {{GetResource}} may be unsafe if class is extended \ [Findbugs\]
- Do not serialize/deserialize resource handles (done)
...