Disable Compiler Warning for missing serialVersionUID #473
Labels
eclipse
related to Eclipse IDE
enhancement
New feature or request
help wanted
Extra attention is needed
settings
ide-settings repo and replated processes and features
Milestone
Java Serialization is a dying feature. While it still might be used by some legacy application servers to store session data it should be considered dead. With devonfw we are proposing a stateless server concept and even when you are using a session, there is no need to store it and exchange it in cluster nodes (simply use session stickyness - if state must be presumed if a node dies enforce stateless servers).
Using Java serialization as data transport format for services (e.g. via springs HttpInvoker) is causing serious security issues. Therefore
JSON
has established and in some other casesXML
is used (what needs to be secured for external entity inclusion).So why bother about
serialVersionUID
? We could even consider removingjava.io.Serializable
fromdevon4j
but we do not want to break compatiblity with existing projects usingdevon4j
:https://github.com/devonfw/devon4j/blob/c8f25cb073909db78d0329eda7ce44d93c9e9bae/modules/basic/src/main/java/com/devonfw/module/basic/common/api/to/AbstractTo.java#L13
https://github.com/devonfw/devon4j/blob/c8f25cb073909db78d0329eda7ce44d93c9e9bae/modules/basic/src/main/java/com/devonfw/module/basic/common/api/entity/GenericEntity.java#L34
So in the end my suggestion is to disable the compiler warning in Eclipse complaining about a missing
serialVersionUID
by default to avoid waste (if developers start thinking about this and taking action in every TO and entity class). Projects that for whatever reason still want to have this, are free to enable this but we should change this for new projects by default.The text was updated successfully, but these errors were encountered: