SonarQube - "可序列化"类中的规则字段应该是瞬态的或可序列化的
Jee*_*ham 5 java serialization sonarqube
它可能看起来像重复的问题,但我已经发布了由声纳规则Compliant提出的代码示例.使用SonarQube评估以下突出显示的代码时,会导致squid:S1948规则违规.
结果,
plz澄清说,为什么它显示违反合规代码仍然是一个谜.
UPDATE
暂时或可序列化的问题即使用也没有解决 sonar.java.binaries
声纳扫描是成功但引发类加载器警告:
08:26:44.984 INFO - Java bytecode scan...
08:26:44.992 WARN - Class 'dummyserial/Address' is not accessible through the C
lassLoader.
08:26:44.993 WARN - Class 'dummyserial/Person' is not accessible through the Cl
assLoader.
08:26:44.993 WARN - Class 'dummyserial/Address' is not accessible through the C
lassLoader.
08:26:44.994 WARN - Class 'dummyserial/Person' is not accessible through the Cl
assLoader.
08:26:44.994 WARN - Class 'dummyserial/Address' is not accessible through the C
lassLoader.
08:26:44.997 WARN - Class 'dummyserial/Person' is not accessible through the Cl
assLoader.
08:26:44.998 INFO - Java bytecode scan done: 14 ms
如前所述,您应该填充sonar.java.binaries属性以允许字节码分析和符号解析.填写此属性后,分析不会引起该案件的任何问题.
现在,当我们无法解析字段的符号类型时,我们提出一个问题确实很烦人.我创建了以下票据来处理问题:SONARJAVA-1266