Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 2274A200CFE for ; Fri, 8 Sep 2017 13:24:12 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 1F332160C7F; Fri, 8 Sep 2017 11:24:12 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 8737C160C62 for ; Fri, 8 Sep 2017 13:24:10 +0200 (CEST) Received: (qmail 99263 invoked by uid 500); 8 Sep 2017 11:24:08 -0000 Mailing-List: contact notifications-help@ofbiz.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@ofbiz.apache.org Delivered-To: mailing list notifications@ofbiz.apache.org Received: (qmail 99238 invoked by uid 99); 8 Sep 2017 11:24:08 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 08 Sep 2017 11:24:08 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id 5F346C769F for ; Fri, 8 Sep 2017 11:24:08 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -100.002 X-Spam-Level: X-Spam-Status: No, score=-100.002 tagged_above=-999 required=6.31 tests=[RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=disabled Received: from mx1-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024) with ESMTP id R43UkkryWs1Q for ; Fri, 8 Sep 2017 11:24:01 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTP id 455AC5F569 for ; Fri, 8 Sep 2017 11:24:01 +0000 (UTC) Received: from jira-lw-us.apache.org (unknown [207.244.88.139]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 734F6E00C7 for ; Fri, 8 Sep 2017 11:24:00 +0000 (UTC) Received: from jira-lw-us.apache.org (localhost [127.0.0.1]) by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 2741424143 for ; Fri, 8 Sep 2017 11:24:00 +0000 (UTC) Date: Fri, 8 Sep 2017 11:24:00 +0000 (UTC) From: "Dennis Balkir (JIRA)" To: notifications@ofbiz.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Updated] (OFBIZ-9691) [FB] Package org.apache.ofbiz.service.calendar MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Fri, 08 Sep 2017 11:24:12 -0000 [ https://issues.apache.org/jira/browse/OFBIZ-9691?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dennis Balkir updated OFBIZ-9691: --------------------------------- Attachment: OFBIZ-9691_org.apache.ofbiz.service.calendar_bugfixes.patch > [FB] Package org.apache.ofbiz.service.calendar > ---------------------------------------------- > > Key: OFBIZ-9691 > URL: https://issues.apache.org/jira/browse/OFBIZ-9691 > Project: OFBiz > Issue Type: Sub-task > Components: framework > Affects Versions: Trunk > Reporter: Dennis Balkir > Priority: Minor > Attachments: OFBIZ-9691_org.apache.ofbiz.service.calendar_bugfixes.patch > > > - ExpressionUiHelper.java:42, MS_PKGPROTECT > MS: org.apache.ofbiz.service.calendar.ExpressionUiHelper.Occurrence should be package protected > A mutable static field could be changed by malicious code or by accident. The field could be made package protected to avoid this vulnerability. > - RecurrenceInfo.java:-1, SE_BAD_FIELD > Se: Class org.apache.ofbiz.service.calendar.RecurrenceInfo$RecurrenceWrapper defines non-transient non-serializable instance field info > This Serializable class defines a non-primitive instance field which is neither transient, Serializable, or java.lang.Object, and does not appear to implement the Externalizable interface or the readObject() and writeObject() methods. Objects of this class will not be deserialized correctly if a non-Serializable object is stored in this field. > - RecurrenceInfo.java:117, EI_EXPOSE_REP > EI: org.apache.ofbiz.service.calendar.RecurrenceInfo.getStartDate() may expose internal representation by returning RecurrenceInfo.startDate > Returning a reference to a mutable object value stored in one of the object's fields exposes the internal representation of the object. If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Returning a new copy of the object is better approach in many situations. > - RecurrenceInfo.java:349, SE_NO_SERIALVERSIONID > SnVI: org.apache.ofbiz.service.calendar.RecurrenceInfo$RecurrenceWrapper is Serializable; consider declaring a serialVersionUID > This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID. > - RecurrenceRule.java:197, DM_CONVERT_CASE > Dm: Use of non-localized String.toUpperCase() or String.toLowerCase() in org.apache.ofbiz.service.calendar.RecurrenceRule.getFrequencyName() > A String is being converted to upper or lowercase, using the platform's default encoding. This may result in improper conversions when used with international characters. Use the > String.toUpperCase( Locale l ) > String.toLowerCase( Locale l ) > versions instead. > - RecurrenceRule.java:321, SF_SWITCH_NO_DEFAULT > SF: Switch statement found in org.apache.ofbiz.service.calendar.RecurrenceRule.validCurrent(long, long, long) where default case is missing > This method contains a switch statement where default case is missing. Usually you need to provide a default case. > Because the analysis only looks at the generated bytecode, this warning can be incorrect triggered if the default case is at the end of the switch statement and the switch statement doesn't contain break statements for other cases. > - RecurrenceRule.java:335, SF_SWITCH_FALLTHROUGH > SF: Switch statement found in org.apache.ofbiz.service.calendar.RecurrenceRule.validCurrent(long, long, long) where one case falls through to the next case > This method contains a switch statement where one case branch will fall through to the next case. Usually you need to end this case with a break or return. > - RecurrenceRule.java:724, NP_NULL_ON_SOME_PATH > NP: Possible null pointer dereference of day in org.apache.ofbiz.service.calendar.RecurrenceRule.getCalendarDay(String) > There is a branch of statement that, if executed, guarantees that a null value will be dereferenced, which would generate a NullPointerException when the code is executed. Of course, the problem might be that the branch or statement is infeasible and that the null pointer exception can't ever be executed; deciding that is beyond the ability of FindBugs. > - TemporalExpression.java:47, EQ_COMPARETO_USE_OBJECT_EQUALS > Eq: org.apache.ofbiz.service.calendar.TemporalExpression defines compareTo(TemporalExpression) and uses Object.equals() > This class defines a compareTo(...) method but inherits its equals() method from java.lang.Object. Generally, the value of compareTo should return zero if and only if equals returns true. If this is violated, weird and unpredictable failures will occur in classes such as PriorityQueue. In Java 5 the PriorityQueue.remove method uses the compareTo method, while in Java 6 it uses the equals method. > From the JavaDoc for the compareTo method in the Comparable interface: > It is strongly recommended, but not strictly required that (x.compareTo(y)==0) == (x.equals(y)). Generally speaking, any class that implements the Comparable interface and violates this condition should clearly indicate this fact. The recommended language is "Note: this class has a natural ordering that is inconsistent with equals." > - TemporalExpression.java:81, DLS_DEAD_LOCAL_STORE > DLS: Dead store to last in org.apache.ofbiz.service.calendar.TemporalExpression.getRange(DateRange, Calendar) > This instruction assigns a value to a local variable, but the value is not read or used in any subsequent instruction. Often, this indicates an error, because the value computed is never used. > Note that Sun's javac compiler often generates dead stores for final local variables. Because FindBugs is a bytecode-based tool, there is no easy way to eliminate these false positives. > - TemporalExpression.java:139, SIC_INNER_SHOULD_BE_STATIC > SIC: Should org.apache.ofbiz.service.calendar.TemporalExpression$ExpressionContext be a _static_ inner class? > This class is an inner class, but does not use its embedded reference to the object which created it. This reference makes the instances of the class larger, and may keep the reference to the creator object alive longer than necessary. If possible, the class should be made static. > - TemporalExpression.java:142, URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD > UrF: Unread public/protected field: org.apache.ofbiz.service.calendar.TemporalExpression$ExpressionContext.monthBumped > This field is never read. The field is public or protected, so perhaps it is intended to be used with classes not seen as part of the analysis. If not, consider removing it from the class. > - TemporalExpressionWorker.java:166, MS_EXPOSE_REP > MS: Public static org.apache.ofbiz.service.calendar.TemporalExpressionWorker.getExpressionTypeList() may expose internal representation by returning TemporalExpressionWorker.ExpressionTypeList > A public static method returns a reference to an array that is part of the static state of the class. Any code that calls this method can freely modify the underlying array. One fix is to return a copy of the array. > - TemporalExpressions.java:36, SE_NO_SERIALVERSIONID > SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions is Serializable; consider declaring a serialVersionUID > This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID. > - TemporalExpressions.java:63, SE_NO_SERIALVERSIONID > SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$DateRange is Serializable; consider declaring a serialVersionUID > This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID. > - TemporalExpressions.java:81, HE_EQUALS_USE_HASHCODE > HE: org.apache.ofbiz.service.calendar.TemporalExpressions$DateRange defines equals and uses Object.hashCode() > This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes. > If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is: > public int hashCode() { > assert false : "hashCode not designed"; > return 42; // any arbitrary constant will do > } > > - TemporalExpressions.java:81, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT > NP: org.apache.ofbiz.service.calendar.TemporalExpressions$DateRange.equals(Object) does not check for null argument > This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value. > - TemporalExpressions.java:133, SE_NO_SERIALVERSIONID > SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$DayInMonth is Serializable; consider declaring a serialVersionUID > This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID. > - TemporalExpressions.java:179, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT > NP: org.apache.ofbiz.service.calendar.TemporalExpressions$DayInMonth.equals(Object) does not check for null argument > This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value. > - TemporalExpressions.java:179, HE_EQUALS_USE_HASHCODE > HE: org.apache.ofbiz.service.calendar.TemporalExpressions$DayInMonth defines equals and uses Object.hashCode() > This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes. > If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is: > public int hashCode() { > assert false : "hashCode not designed"; > return 42; // any arbitrary constant will do > } > > - TemporalExpressions.java:268, SE_NO_SERIALVERSIONID > SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$DayOfMonthRange is Serializable; consider declaring a serialVersionUID > This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID. > - TemporalExpressions.java:297, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT > NP: org.apache.ofbiz.service.calendar.TemporalExpressions$DayOfMonthRange.equals(Object) does not check for null argument > This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value. > - TemporalExpressions.java:297, HE_EQUALS_USE_HASHCODE > HE: org.apache.ofbiz.service.calendar.TemporalExpressions$DayOfMonthRange defines equals and uses Object.hashCode() > This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes. > If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is: > public int hashCode() { > assert false : "hashCode not designed"; > return 42; // any arbitrary constant will do > } > > - TemporalExpressions.java:371, SE_NO_SERIALVERSIONID > SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$DayOfWeekRange is Serializable; consider declaring a serialVersionUID > This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID. > - TemporalExpressions.java:402, HE_EQUALS_USE_HASHCODE > HE: org.apache.ofbiz.service.calendar.TemporalExpressions$DayOfWeekRange defines equals and uses Object.hashCode() > This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes. > If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is: > public int hashCode() { > assert false : "hashCode not designed"; > return 42; // any arbitrary constant will do > } > > - TemporalExpressions.java:402, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT > NP: org.apache.ofbiz.service.calendar.TemporalExpressions$DayOfWeekRange.equals(Object) does not check for null argument > This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value. > - TemporalExpressions.java:497, SE_NO_SERIALVERSIONID > SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$Difference is Serializable; consider declaring a serialVersionUID > This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID. > - TemporalExpressions.java:524, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT > NP: org.apache.ofbiz.service.calendar.TemporalExpressions$Difference.equals(Object) does not check for null argument > This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value. > - TemporalExpressions.java:524, HE_EQUALS_USE_HASHCODE > HE: org.apache.ofbiz.service.calendar.TemporalExpressions$Difference defines equals and uses Object.hashCode() > This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes. > If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is: > public int hashCode() { > assert false : "hashCode not designed"; > return 42; // any arbitrary constant will do > } > > - TemporalExpressions.java:595, SE_NO_SERIALVERSIONID > SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$Frequency is Serializable; consider declaring a serialVersionUID > This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID. > - TemporalExpressions.java:605, EI_EXPOSE_REP2 > EI2: new org.apache.ofbiz.service.calendar.TemporalExpressions$Frequency(Date, int, int) may expose internal representation by storing an externally mutable object into TemporalExpressions$Frequency.start > This code stores a reference to an externally mutable object into the internal representation of the object. If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Storing a copy of the object is better approach in many situations. > - TemporalExpressions.java:624, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT > NP: org.apache.ofbiz.service.calendar.TemporalExpressions$Frequency.equals(Object) does not check for null argument > This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value. > - TemporalExpressions.java:624, HE_EQUALS_USE_HASHCODE > HE: org.apache.ofbiz.service.calendar.TemporalExpressions$Frequency defines equals and uses Object.hashCode() > This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes. > If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is: > public int hashCode() { > assert false : "hashCode not designed"; > return 42; // any arbitrary constant will do > } > > - TemporalExpressions.java:738, SE_NO_SERIALVERSIONID > SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$HourRange is Serializable; consider declaring a serialVersionUID > This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID. > - TemporalExpressions.java:767, HE_EQUALS_USE_HASHCODE > HE: org.apache.ofbiz.service.calendar.TemporalExpressions$HourRange defines equals and uses Object.hashCode() > This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes. > If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is: > public int hashCode() { > assert false : "hashCode not designed"; > return 42; // any arbitrary constant will do > } > > - TemporalExpressions.java:767, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT > NP: org.apache.ofbiz.service.calendar.TemporalExpressions$HourRange.equals(Object) does not check for null argument > This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value. > - TemporalExpressions.java:874, SE_NO_SERIALVERSIONID > SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$Intersection is Serializable; consider declaring a serialVersionUID > This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID. > - TemporalExpressions.java:915, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT > NP: org.apache.ofbiz.service.calendar.TemporalExpressions$Intersection.equals(Object) does not check for null argument > This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value. > - TemporalExpressions.java:915, HE_EQUALS_USE_HASHCODE > HE: org.apache.ofbiz.service.calendar.TemporalExpressions$Intersection defines equals and uses Object.hashCode() > This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes. > If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is: > public int hashCode() { > assert false : "hashCode not designed"; > return 42; // any arbitrary constant will do > } > > - TemporalExpressions.java:995, SE_NO_SERIALVERSIONID > SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$MinuteRange is Serializable; consider declaring a serialVersionUID > This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID. > - TemporalExpressions.java:1024, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT > NP: org.apache.ofbiz.service.calendar.TemporalExpressions$MinuteRange.equals(Object) does not check for null argument > This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value. > - TemporalExpressions.java:1024, HE_EQUALS_USE_HASHCODE > HE: org.apache.ofbiz.service.calendar.TemporalExpressions$MinuteRange defines equals and uses Object.hashCode() > This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes. > If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is: > public int hashCode() { > assert false : "hashCode not designed"; > return 42; // any arbitrary constant will do > } > > - TemporalExpressions.java:1129, SE_NO_SERIALVERSIONID > SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$MonthRange is Serializable; consider declaring a serialVersionUID > This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID. > - TemporalExpressions.java:1160, HE_EQUALS_USE_HASHCODE > HE: org.apache.ofbiz.service.calendar.TemporalExpressions$MonthRange defines equals and uses Object.hashCode() > This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes. > If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is: > public int hashCode() { > assert false : "hashCode not designed"; > return 42; // any arbitrary constant will do > } > > - TemporalExpressions.java:1160, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT > NP: org.apache.ofbiz.service.calendar.TemporalExpressions$MonthRange.equals(Object) does not check for null argument > This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value. > - TemporalExpressions.java:1244, SE_NO_SERIALVERSIONID > SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$Null is Serializable; consider declaring a serialVersionUID > This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID. > - TemporalExpressions.java:1273, SE_NO_SERIALVERSIONID > SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$Substitution is Serializable; consider declaring a serialVersionUID > This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID. > - TemporalExpressions.java:1307, HE_EQUALS_USE_HASHCODE > HE: org.apache.ofbiz.service.calendar.TemporalExpressions$Substitution defines equals and uses Object.hashCode() > This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes. > If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is: > public int hashCode() { > assert false : "hashCode not designed"; > return 42; // any arbitrary constant will do > } > > - TemporalExpressions.java:1307, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT > NP: org.apache.ofbiz.service.calendar.TemporalExpressions$Substitution.equals(Object) does not check for null argument > This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value. > - TemporalExpressions.java:1380, SE_NO_SERIALVERSIONID > SnVI: org.apache.ofbiz.service.calendar.TemporalExpressions$Union is Serializable; consider declaring a serialVersionUID > This class implements the Serializable interface, but does not define a serialVersionUID field. A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID. > - TemporalExpressions.java:1414, HE_EQUALS_USE_HASHCODE > HE: org.apache.ofbiz.service.calendar.TemporalExpressions$Union defines equals and uses Object.hashCode() > This class overrides equals(Object), but does not override hashCode(), and inherits the implementation of hashCode() from java.lang.Object (which returns the identity hash code, an arbitrary value assigned to the object by the VM). Therefore, the class is very likely to violate the invariant that equal objects must have equal hashcodes. > If you don't think instances of this class will ever be inserted into a HashMap/HashTable, the recommended hashCode implementation to use is: > public int hashCode() { > assert false : "hashCode not designed"; > return 42; // any arbitrary constant will do > } > > - TemporalExpressions.java:1414, NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT > NP: org.apache.ofbiz.service.calendar.TemporalExpressions$Union.equals(Object) does not check for null argument > This implementation of equals(Object) violates the contract defined by java.lang.Object.equals() because it does not check for null being passed as the argument. All equals() methods should return false if passed a null value. -- This message was sent by Atlassian JIRA (v6.4.14#64029)