[FP] squid:S2384 Mutable members should not be stored or returned directly

[Mark Gortzak]

Hi,

This still gives an issue for S2384:

private List<String> list;


public List<String> getList()
{
   return list; // already unmodifiable
}


public void setList(List<String> list)
{
   this.list = Collections.unmodifiableList(list);
}

Using Apache Commons or Google Guave gives the same issue:

public void setList(List<String> list)
{
   this.list = UnmodifiableList.decorate(list);
}


public void setList(List<String> list)
{
  this.list = ImmutableList.copyOf(list);
}

SonarQube doesn't seem to notice in the getter that the list is already made immutable in the setter.

With regards,

Mark Gortzak

[Andrei Epure]

Hi Mark,

Thank you. In your example, the field "list" is not final, so it could be overwritten from a different method and made mutable again.

But I opened SONARJAVA-2789 for the case when the field is final and initialized in the constructor, which raises the false positive you've mentioned.

Regards,

Andrei

Andrei Epure | SonarSource

Software Developer

https://sonarsource.com

Are you using SonarLint in your IDE?

[Mark Gortzak]

Hi Andrei,

Thank you. I see your point, "list" is modifiable by calling setList() again.

Kind regards,

Mark Gortzak

--
Important: this SonarQube Google Group will close on June 11th, 2018, in order to move to a new forum to power even more community discussions. See details in this post: https://groups.google.com/d/msg/sonarqube/BbSZz-JnhVM/DavhMueEAAAJ
---
You received this message because you are subscribed to a topic in the Google Groups "SonarQube" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/sonarqube/iKCGJSZqHEw/unsubscribe.
To unsubscribe from this group and all its topics, send an email to sonarqube+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/0f7a463a-a302-44c4-95c9-fcf04ddf493d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.