...
Serialization of inner classes can introduce platform dependencies and can cause serialization of instances of the outer class.
Rule | Severity | Likelihood | Detectable | RepairableRemediation Cost | Priority | Level |
|---|---|---|---|---|---|---|
SER05-J | Medium | Likely | Yes | MediumNo | P12 | L1 |
Automated Detection
Detection of inner classes that implement serialization is straightforward.
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Klocwork |
| JAVA.SERIALIZE.INNER | |||||||
| SonarQube |
| S2066 S2059 | "Serializable" inner classes of non-serializable classes should be "static" "Serializable" inner classes of "Serializable" classes should be static |
...