Showing 2 of 2 total issues
Provide the parametrized type for this generic. Open
Open
private static final Collection NULL_COLLECTION = Collections.singleton(null);- Read upRead up
- Exclude checks
Generic types shouldn't be used raw (without type parameters) in variable declarations or return values. Doing so bypasses generic type checking, and defers the catch of unsafe code to runtime.
Noncompliant Code Example
List myList; // Noncompliant Set mySet; // Noncompliant
Compliant Solution
List<String> myList; Set<? extends Number> mySet;
This accessibility update should be removed. Open
Open
field.setAccessible(true);- Read upRead up
- Exclude checks
This rule raises an issue when reflection is used to change the visibility of a class, method or field, and when it is used to directly update a field value. Altering or bypassing the accessibility of classes, methods, or fields violates the encapsulation principle and could lead to run-time errors.
Noncompliant Code Example
public void makeItPublic(String methodName) throws NoSuchMethodException {
this.getClass().getMethod(methodName).setAccessible(true); // Noncompliant
}
public void setItAnyway(String fieldName, int value) {
this.getClass().getDeclaredField(fieldName).setInt(this, value); // Noncompliant; bypasses controls in setter
}
See
- CERT, SEC05-J. - Do not use reflection to increase accessibility of classes, methods, or fields