You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by Felix Knecht <fe...@otego.com> on 2010/05/17 10:43:45 UTC
Constants static but not final
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
There a multiple findings (findbugs) about static variables not being
final, e.g. [1]:
"MS: Field isn't final but should be (MS_SHOULD_BE_FINAL)
A mutable static field could be changed by malicious code or by accident
from another package. The field could be made final to avoid this
vulnerability."
I suggest setting such constants final as well.
Are there any objections?
Felix
[1]
http://people.apache.org/~felixk/shared-docs/xref/org/apache/directory/shared/dsmlv2/Tag.html#47
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkvxAcEACgkQ2lZVCB08qHGKfQCffU2ElmRWXHYJSiVilOzEsJzV
bHoAnRiRnylui3x0c/ALXnWZLJyR1auu
=bOAE
-----END PGP SIGNATURE-----
Re: Constants static but not final
Posted by Emmanuel Lecharny <el...@gmail.com>.
On 5/17/10 1:16 PM, Felix Knecht wrote:
>
> Using Enums as already suggested by Alan [|1] for I18n stuff might have
> impacts quite all over the place.
>
> I suggest to fix it ATM as "static final" and create a Jira entry to
> refactor all those kind of static final/Enums as separate task.
> Otherwise we will have a mix of it in the code.
>
+1
--
Regards,
Cordialement,
Emmanuel Lécharny
www.nextury.com
Re: Constants static but not final
Posted by Felix Knecht <fe...@apache.org>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
>> I suggest setting such constants final as well.
>> Are there any objections?
>>
>
> No objection. static final is a must have.
>
> One thing to consider though : check if Enum could be an option. It's
> probaby better in many cases (of course not for a singe value).
Using Enums as already suggested by Alan [|1] for I18n stuff might have
impacts quite all over the place.
I suggest to fix it ATM as "static final" and create a Jira entry to
refactor all those kind of static final/Enums as separate task.
Otherwise we will have a mix of it in the code.
WDYT?
[1]
http://www.archivum.info/dev@directory.apache.org/2010-03/00282/Re-About-I18n.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkvxJYwACgkQ2lZVCB08qHFGQgCeLwMCSE9vFwDQ1PdgbayNx2ID
eaAAoKmf/crgFj81jVKdlyFYRA8Nzb35
=SC78
-----END PGP SIGNATURE-----
Re: Constants static but not final
Posted by Emmanuel Lecharny <el...@gmail.com>.
On 5/17/10 10:43 AM, Felix Knecht wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> There a multiple findings (findbugs) about static variables not being
> final, e.g. [1]:
> "MS: Field isn't final but should be (MS_SHOULD_BE_FINAL)
> A mutable static field could be changed by malicious code or by accident
> from another package. The field could be made final to avoid this
> vulnerability."
>
> I suggest setting such constants final as well.
> Are there any objections?
>
No objection. static final is a must have.
One thing to consider though : check if Enum could be an option. It's
probaby better in many cases (of course not for a singe value).
--
Regards,
Cordialement,
Emmanuel Lécharny
www.nextury.com