ofbiz-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dennis Balkir (JIRA)" <j...@apache.org>
Subject [jira] [Created] (OFBIZ-9710) [FB] Package org.apache.ofbiz.widget.model
Date Wed, 13 Sep 2017 10:07:00 GMT
Dennis Balkir created OFBIZ-9710:
------------------------------------

             Summary: [FB] Package org.apache.ofbiz.widget.model
                 Key: OFBIZ-9710
                 URL: https://issues.apache.org/jira/browse/OFBIZ-9710
             Project: OFBiz
          Issue Type: Sub-task
          Components: framework
    Affects Versions: Trunk
            Reporter: Dennis Balkir
            Priority: Minor


- AbstractModelAction.java:191, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelAction$EntityAnd is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- AbstractModelAction.java:225, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelAction$EntityCondition is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- AbstractModelAction.java:259, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelAction$EntityOne is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- AbstractModelAction.java:298, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelAction$GetRelated is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- AbstractModelAction.java:381, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelAction$GetRelatedOne is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- AbstractModelAction.java:445, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelAction$PropertyMap is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- AbstractModelAction.java:523, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelAction$PropertyToField is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- AbstractModelAction.java:607, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelAction$Script is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- AbstractModelAction.java:657, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelAction$Service is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- AbstractModelAction.java:746, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelAction$SetField is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- AbstractModelCondition.java:-1, SE_BAD_FIELD
Se: Class org.apache.ofbiz.widget.model.AbstractModelCondition$IfEntityPermission defines non-transient non-serializable instance field permissionChecker

This Serializable class defines a non-primitive instance field which is neither transient, Serializable, or java.lang.Object, and does not appear to implement the Externalizable interface or the readObject() and writeObject() methods.  Objects of this class will not be deserialized correctly if a non-Serializable object is stored in this field.

- AbstractModelCondition.java:115, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelCondition$And is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- AbstractModelCondition.java:218, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelCondition$IfCompare is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- AbstractModelCondition.java:293, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelCondition$IfCompareField is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- AbstractModelCondition.java:373, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelCondition$IfEmpty is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- AbstractModelCondition.java:406, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelCondition$IfEntityPermission is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- AbstractModelCondition.java:434, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelCondition$IfHasPermission is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- AbstractModelCondition.java:486, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelCondition$IfRegexp is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- AbstractModelCondition.java:544, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelCondition$IfServicePermission is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- AbstractModelCondition.java:598, RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE
RCN: Redundant nullcheck of permService, which is known to be non-null in org.apache.ofbiz.widget.model.AbstractModelCondition$IfServicePermission.eval(Map)

This method contains a redundant check of a known non-null value against the constant null.

- AbstractModelCondition.java:648, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelCondition$IfValidateMethod is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- AbstractModelCondition.java:730, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelCondition$Not is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- AbstractModelCondition.java:759, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelCondition$Or is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- AbstractModelCondition.java:793, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.AbstractModelCondition$Xor is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- CommonWidgetModels.java:-1, UUF_UNUSED_FIELD
UuF: Unused field: org.apache.ofbiz.widget.model.CommonWidgetModels$AutoServiceParameters.includePk

This field is never used.  Consider removing it from the class.

- CommonWidgetModels.java:-1, UUF_UNUSED_FIELD
UuF: Unused field: org.apache.ofbiz.widget.model.CommonWidgetModels$AutoServiceParameters.includeNonPk

This field is never used.  Consider removing it from the class.

- CommonWidgetModels.java:105, RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE
RCN: Redundant nullcheck of fieldsIter, which is known to be non-null in org.apache.ofbiz.widget.model.CommonWidgetModels$AutoEntityParameters.getParametersMap(Map, String)

This method contains a redundant check of a known non-null value against the constant null.

- HtmlWidget.java:60, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.HtmlWidget is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- HtmlWidget.java:63, MS_SHOULD_BE_FINAL
MS: org.apache.ofbiz.widget.model.HtmlWidget.specialConfig isn't final but should be

This static field public but not final, and could be changed by malicious code or by accident from another package. The field could be made final to avoid this vulnerability.

- HtmlWidget.java:205, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.HtmlWidget$HtmlTemplate is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- HtmlWidget.java:230, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.HtmlWidget$HtmlTemplateDecorator is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- HtmlWidget.java:285, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.HtmlWidget$HtmlTemplateDecoratorSection is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- IterateSectionWidget.java:58, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.IterateSectionWidget is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- IterateSectionWidget.java:59, MS_SHOULD_BE_FINAL
MS: org.apache.ofbiz.widget.model.IterateSectionWidget.DEFAULT_PAGE_SIZE isn't final but should be

This static field public but not final, and could be changed by malicious code or by accident from another package. The field could be made final to avoid this vulnerability.

- IterateSectionWidget.java:60, MS_SHOULD_BE_FINAL
MS: org.apache.ofbiz.widget.model.IterateSectionWidget.MAX_PAGE_SIZE isn't final but should be

This static field public but not final, and could be changed by malicious code or by accident from another package. The field could be made final to avoid this vulnerability.

- IterateSectionWidget.java:155, REC_CATCH_EXCEPTION
REC: Exception is caught when Exception is not thrown in org.apache.ofbiz.widget.model.IterateSectionWidget.renderWidgetString(Appendable, Map, ScreenStringRenderer)

This method uses a try-catch block that catches Exception objects, but Exception is not thrown within the try block, and RuntimeException is not explicitly caught. It is a common bug pattern to say try { ... } catch (Exception e) { something } as a shorthand for catching a number of types of exception each of whose catch blocks is identical, but this construct also accidentally catches RuntimeException as well, masking potential bugs.

A better approach is to either explicitly catch the specific exceptions that are thrown, or to explicitly catch RuntimeException exception, rethrow it, and then catch all non-Runtime Exceptions, as shown below:

  try {
    ...
  } catch (RuntimeException e) {
    throw e;
  } catch (Exception e) {
    ... deal with all non-runtime exceptions ...
  }
  
- IterateSectionWidget.java:167, DLS_DEAD_LOCAL_STORE_SHADOWS_FIELD
DLS: Dead store to viewSize rather than field with same name in org.apache.ofbiz.widget.model.IterateSectionWidget.renderWidgetString(Appendable, Map, ScreenStringRenderer)

This instruction assigns a value to a local variable, but the value is not read or used in any subsequent instruction. Often, this indicates an error, because the value computed is never used. There is a field with the same name as the local variable. Did you mean to assign to that variable instead?

- ModelForm.java:86, MS_SHOULD_BE_FINAL
MS: org.apache.ofbiz.widget.model.ModelForm.DEFAULT_PAGE_SIZE isn't final but should be

This static field public but not final, and could be changed by malicious code or by accident from another package. The field could be made final to avoid this vulnerability.

- ModelForm.java:87, MS_SHOULD_BE_FINAL
MS: org.apache.ofbiz.widget.model.ModelForm.MAX_PAGE_SIZE isn't final but should be

This static field public but not final, and could be changed by malicious code or by accident from another package. The field could be made final to avoid this vulnerability.

- ModelForm.java:88, MS_SHOULD_BE_FINAL
MS: org.apache.ofbiz.widget.model.ModelForm.DEFAULT_PAG_INDEX_FIELD isn't final but should be

This static field public but not final, and could be changed by malicious code or by accident from another package. The field could be made final to avoid this vulnerability.

- ModelForm.java:89, MS_SHOULD_BE_FINAL
MS: org.apache.ofbiz.widget.model.ModelForm.DEFAULT_PAG_SIZE_FIELD isn't final but should be

This static field public but not final, and could be changed by malicious code or by accident from another package. The field could be made final to avoid this vulnerability.

- ModelForm.java:90, MS_SHOULD_BE_FINAL
MS: org.apache.ofbiz.widget.model.ModelForm.DEFAULT_PAG_STYLE isn't final but should be

This static field public but not final, and could be changed by malicious code or by accident from another package. The field could be made final to avoid this vulnerability.

- ModelForm.java:91, MS_SHOULD_BE_FINAL
MS: org.apache.ofbiz.widget.model.ModelForm.DEFAULT_PAG_FIRST_STYLE isn't final but should be

This static field public but not final, and could be changed by malicious code or by accident from another package. The field could be made final to avoid this vulnerability.

- ModelForm.java:92, MS_SHOULD_BE_FINAL
MS: org.apache.ofbiz.widget.model.ModelForm.DEFAULT_PAG_PREV_STYLE isn't final but should be

This static field public but not final, and could be changed by malicious code or by accident from another package. The field could be made final to avoid this vulnerability.

- ModelForm.java:93, MS_SHOULD_BE_FINAL
MS: org.apache.ofbiz.widget.model.ModelForm.DEFAULT_PAG_NEXT_STYLE isn't final but should be

This static field public but not final, and could be changed by malicious code or by accident from another package. The field could be made final to avoid this vulnerability.

- ModelForm.java:94, MS_SHOULD_BE_FINAL
MS: org.apache.ofbiz.widget.model.ModelForm.DEFAULT_PAG_LAST_STYLE isn't final but should be

This static field public but not final, and could be changed by malicious code or by accident from another package. The field could be made final to avoid this vulnerability.

- ModelForm.java:96, MS_SHOULD_BE_FINAL
MS: org.apache.ofbiz.widget.model.ModelForm.DEFAULT_SORT_FIELD_STYLE isn't final but should be

This static field public but not final, and could be changed by malicious code or by accident from another package. The field could be made final to avoid this vulnerability.

- ModelForm.java:97, MS_SHOULD_BE_FINAL
MS: org.apache.ofbiz.widget.model.ModelForm.DEFAULT_SORT_FIELD_ASC_STYLE isn't final but should be

This static field public but not final, and could be changed by malicious code or by accident from another package. The field could be made final to avoid this vulnerability.

- ModelForm.java:98, MS_SHOULD_BE_FINAL
MS: org.apache.ofbiz.widget.model.ModelForm.DEFAULT_SORT_FIELD_DESC_STYLE isn't final but should be

This static field public but not final, and could be changed by malicious code or by accident from another package. The field could be made final to avoid this vulnerability.

- ModelForm.java:210, DM_BOXED_PRIMITIVE_FOR_PARSING
Bx: Boxing/unboxing to parse a primitive new org.apache.ofbiz.widget.model.ModelForm(Element, String, ModelReader, DispatchContext, String)

A boxed primitive is created from a String, just to extract the unboxed primitive value. It is more efficient to just call the static parseXXX method.

- ModelForm.java:610, DLS_DEAD_LOCAL_STORE_SHADOWS_FIELD
DLS: Dead store to rowCountExdr rather than field with same name in new org.apache.ofbiz.widget.model.ModelForm(Element, String, ModelReader, DispatchContext, String)

This instruction assigns a value to a local variable, but the value is not read or used in any subsequent instruction. Often, this indicates an error, because the value computed is never used. There is a field with the same name as the local variable. Did you mean to assign to that variable instead?

- ModelForm.java:800, RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE
RCN: Redundant nullcheck of modelEntity, which is known to be non-null in org.apache.ofbiz.widget.model.ModelForm.addAutoFieldsFromService(ModelForm$AutoFieldsService, ModelReader, DispatchContext, Set, List, Map)

This method contains a redundant check of a known non-null value against the constant null.

- ModelForm.java:1458, DM_BOXED_PRIMITIVE_FOR_PARSING
Bx: Boxing/unboxing to parse a primitive new org.apache.ofbiz.widget.model.ModelForm$AutoFieldsEntity(Element)

A boxed primitive is created from a String, just to extract the unboxed primitive value. It is more efficient to just call the static parseXXX method.

- ModelForm.java:1482, DM_BOXED_PRIMITIVE_FOR_PARSING
Bx: Boxing/unboxing to parse a primitive new org.apache.ofbiz.widget.model.ModelForm$AutoFieldsService(Element)

A boxed primitive is created from a String, just to extract the unboxed primitive value. It is more efficient to just call the static parseXXX method.

- ModelForm.java:1667, DE_MIGHT_IGNORE
DE: new org.apache.ofbiz.widget.model.ModelForm$SortField(String, String) might ignore java.lang.Exception

This method might ignore an exception.  In general, exceptions should be handled or reported in some way, or they should be thrown out of the method.

- ModelFormAction.java:83, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelFormAction$CallParentActions is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelFormAction.java:137, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelFormAction$Service is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelFormAction.java:141, DLS_DEAD_LOCAL_STORE_SHADOWS_FIELD
DLS: Dead store to resultMapListNameExdr rather than field with same name in new org.apache.ofbiz.widget.model.ModelFormAction$Service(ModelForm, Element)

This instruction assigns a value to a local variable, but the value is not read or used in any subsequent instruction. Often, this indicates an error, because the value computed is never used. There is a field with the same name as the local variable. Did you mean to assign to that variable instead?

- ModelFormField.java:974, NP_BOOLEAN_RETURN_NULL
NP: org.apache.ofbiz.widget.model.ModelFormField$CheckField.isAllChecked(Map) has Boolean return type and returns explicit null

A method that returns either Boolean.TRUE, Boolean.FALSE or null is an accident waiting to happen. This method can be invoked as though it returned a value of type boolean, and the compiler will insert automatic unboxing of the Boolean value. If a null value is returned, this will result in a NullPointerException.

- ModelFormField.java:2189, REC_CATCH_EXCEPTION
REC: Exception is caught when Exception is not thrown in org.apache.ofbiz.widget.model.ModelFormField$FormField.getModelForm(Map)

This method uses a try-catch block that catches Exception objects, but Exception is not thrown within the try block, and RuntimeException is not explicitly caught. It is a common bug pattern to say try { ... } catch (Exception e) { something } as a shorthand for catching a number of types of exception each of whose catch blocks is identical, but this construct also accidentally catches RuntimeException as well, masking potential bugs.

A better approach is to either explicitly catch the specific exceptions that are thrown, or to explicitly catch RuntimeException exception, rethrow it, and then catch all non-Runtime Exceptions, as shown below:

  try {
    ...
  } catch (RuntimeException e) {
    throw e;
  } catch (Exception e) {
    ... deal with all non-runtime exceptions ...
  }
  
- ModelFormField.java:2268, REC_CATCH_EXCEPTION
REC: Exception is caught when Exception is not thrown in org.apache.ofbiz.widget.model.ModelFormField$GridField.getModelGrid(Map)

This method uses a try-catch block that catches Exception objects, but Exception is not thrown within the try block, and RuntimeException is not explicitly caught. It is a common bug pattern to say try { ... } catch (Exception e) { something } as a shorthand for catching a number of types of exception each of whose catch blocks is identical, but this construct also accidentally catches RuntimeException as well, masking potential bugs.

A better approach is to either explicitly catch the specific exceptions that are thrown, or to explicitly catch RuntimeException exception, rethrow it, and then catch all non-Runtime Exceptions, as shown below:

  try {
    ...
  } catch (RuntimeException e) {
    throw e;
  } catch (Exception e) {
    ... deal with all non-runtime exceptions ...
  }
  
- ModelFormField.java:3468, REC_CATCH_EXCEPTION
REC: Exception is caught when Exception is not thrown in org.apache.ofbiz.widget.model.ModelFormField$ScreenField.renderFieldString(Appendable, Map, FormStringRenderer)

This method uses a try-catch block that catches Exception objects, but Exception is not thrown within the try block, and RuntimeException is not explicitly caught. It is a common bug pattern to say try { ... } catch (Exception e) { something } as a shorthand for catching a number of types of exception each of whose catch blocks is identical, but this construct also accidentally catches RuntimeException as well, masking potential bugs.

A better approach is to either explicitly catch the specific exceptions that are thrown, or to explicitly catch RuntimeException exception, rethrow it, and then catch all non-Runtime Exceptions, as shown below:

  try {
    ...
  } catch (RuntimeException e) {
    throw e;
  } catch (Exception e) {
    ... deal with all non-runtime exceptions ...
  }
  
- ModelFormFieldBuilder.java:619, RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE
RCN: Redundant nullcheck of modelEntity, which is known to be non-null in org.apache.ofbiz.widget.model.ModelFormFieldBuilder.induceFieldInfoFromEntityField(String, ModelReader)

This method contains a redundant check of a known non-null value against the constant null.

- ModelFormFieldBuilder.java:695, RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE
RCN: Redundant nullcheck of modelService, which is known to be non-null in org.apache.ofbiz.widget.model.ModelFormFieldBuilder.induceFieldInfoFromServiceParam(String, ModelReader, DispatchContext)

This method contains a redundant check of a known non-null value against the constant null.

- ModelGrid.java:51, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelGrid is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelMenu.java:58, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelMenu is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelMenuAction.java:80, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelMenuAction$SetField is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelMenuItem.java:-1, SE_BAD_FIELD
Se: Class org.apache.ofbiz.widget.model.ModelMenuItem defines non-transient non-serializable instance field link

This Serializable class defines a non-primitive instance field which is neither transient, Serializable, or java.lang.Object, and does not appear to implement the Externalizable interface or the readObject() and writeObject() methods.  Objects of this class will not be deserialized correctly if a non-Serializable object is stored in this field.

- ModelMenuItem.java:-1, SE_BAD_FIELD
Se: Class org.apache.ofbiz.widget.model.ModelMenuItem defines non-transient non-serializable instance field condition

This Serializable class defines a non-primitive instance field which is neither transient, Serializable, or java.lang.Object, and does not appear to implement the Externalizable interface or the readObject() and writeObject() methods.  Objects of this class will not be deserialized correctly if a non-Serializable object is stored in this field.

- ModelMenuItem.java:49, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelMenuItem is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelMenuItem.java:323, NP_NULL_ON_SOME_PATH
NP: Possible null pointer dereference of retStr in org.apache.ofbiz.widget.model.ModelMenuItem.getAssociatedContentId(Map)

There is a branch of statement that, if executed, guarantees that a null value will be dereferenced, which would generate a NullPointerException when the code is executed. Of course, the problem might be that the branch or statement is infeasible and that the null pointer exception can't ever be executed; deciding that is beyond the ability of FindBugs.

- ModelScreen.java:43, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreen is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreen.java:166, REC_CATCH_EXCEPTION
REC: Exception is caught when Exception is not thrown in org.apache.ofbiz.widget.model.ModelScreen.renderScreenString(Appendable, Map, ScreenStringRenderer)

This method uses a try-catch block that catches Exception objects, but Exception is not thrown within the try block, and RuntimeException is not explicitly caught. It is a common bug pattern to say try { ... } catch (Exception e) { something } as a shorthand for catching a number of types of exception each of whose catch blocks is identical, but this construct also accidentally catches RuntimeException as well, masking potential bugs.

A better approach is to either explicitly catch the specific exceptions that are thrown, or to explicitly catch RuntimeException exception, rethrow it, and then catch all non-Runtime Exceptions, as shown below:

  try {
    ...
  } catch (RuntimeException e) {
    throw e;
  } catch (Exception e) {
    ... deal with all non-runtime exceptions ...
  }
  
- ModelScreenCondition.java:58, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenCondition$IfEmptySection is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreenWidget.java:-1, SE_BAD_FIELD
Se: Class org.apache.ofbiz.widget.model.ModelScreenWidget$ScreenImage defines non-transient non-serializable instance field image

This Serializable class defines a non-primitive instance field which is neither transient, Serializable, or java.lang.Object, and does not appear to implement the Externalizable interface or the readObject() and writeObject() methods.  Objects of this class will not be deserialized correctly if a non-Serializable object is stored in this field.

- ModelScreenWidget.java:-1, SE_BAD_FIELD
Se: Class org.apache.ofbiz.widget.model.ModelScreenWidget$ScreenLink defines non-transient non-serializable instance field link

This Serializable class defines a non-primitive instance field which is neither transient, Serializable, or java.lang.Object, and does not appear to implement the Externalizable interface or the readObject() and writeObject() methods.  Objects of this class will not be deserialized correctly if a non-Serializable object is stored in this field.

- ModelScreenWidget.java:212, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenWidget$Section is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreenWidget.java:343, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenWidget$ColumnContainer is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreenWidget.java:397, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenWidget$Column is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreenWidget.java:439, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenWidget$Container is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreenWidget.java:525, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenWidget$Screenlet is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreenWidget.java:704, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenWidget$HorizontalSeparator is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreenWidget.java:743, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenWidget$IncludeScreen is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreenWidget.java:826, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenWidget$DecoratorScreen is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreenWidget.java:897, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenWidget$DecoratorSection is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreenWidget.java:923, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenWidget$DecoratorSectionInclude is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreenWidget.java:961, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenWidget$Label is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreenWidget.java:1029, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenWidget$Form is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreenWidget.java:1115, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenWidget$Grid is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreenWidget.java:1156, REC_CATCH_EXCEPTION
REC: Exception is caught when Exception is not thrown in org.apache.ofbiz.widget.model.ModelScreenWidget$Grid.getModelForm(Map)

This method uses a try-catch block that catches Exception objects, but Exception is not thrown within the try block, and RuntimeException is not explicitly caught. It is a common bug pattern to say try { ... } catch (Exception e) { something } as a shorthand for catching a number of types of exception each of whose catch blocks is identical, but this construct also accidentally catches RuntimeException as well, masking potential bugs.

A better approach is to either explicitly catch the specific exceptions that are thrown, or to explicitly catch RuntimeException exception, rethrow it, and then catch all non-Runtime Exceptions, as shown below:

  try {
    ...
  } catch (RuntimeException e) {
    throw e;
  } catch (Exception e) {
    ... deal with all non-runtime exceptions ...
  }
  
- ModelScreenWidget.java:1207, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenWidget$Tree is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreenWidget.java:1286, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenWidget$PlatformSpecific is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreenWidget.java:1349, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenWidget$Content is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreenWidget.java:1508, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenWidget$SubContent is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreenWidget.java:1571, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenWidget$Menu is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreenWidget.java:1626, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenWidget$ScreenLink is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreenWidget.java:1770, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenWidget$ScreenImage is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelScreenWidget.java:1866, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelScreenWidget$PortalPage is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelSingleForm.java:51, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelSingleForm is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelTree.java:-1, SE_BAD_FIELD
Se: Class org.apache.ofbiz.widget.model.ModelTree$ModelNode defines non-transient non-serializable instance field condition

This Serializable class defines a non-primitive instance field which is neither transient, Serializable, or java.lang.Object, and does not appear to implement the Externalizable interface or the readObject() and writeObject() methods.  Objects of this class will not be deserialized correctly if a non-Serializable object is stored in this field.

- ModelTree.java:-1, SE_BAD_FIELD
Se: Class org.apache.ofbiz.widget.model.ModelTree$ModelNode defines non-transient non-serializable instance field label

This Serializable class defines a non-primitive instance field which is neither transient, Serializable, or java.lang.Object, and does not appear to implement the Externalizable interface or the readObject() and writeObject() methods.  Objects of this class will not be deserialized correctly if a non-Serializable object is stored in this field.

- ModelTree.java:-1, SE_BAD_FIELD
Se: Class org.apache.ofbiz.widget.model.ModelTree$ModelNode defines non-transient non-serializable instance field link

This Serializable class defines a non-primitive instance field which is neither transient, Serializable, or java.lang.Object, and does not appear to implement the Externalizable interface or the readObject() and writeObject() methods.  Objects of this class will not be deserialized correctly if a non-Serializable object is stored in this field.

- ModelTree.java:65, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelTree is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelTree.java:314, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelTree$ModelNode is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelTree.java:528, RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE
RCN: Redundant nullcheck of subNodeValues, which is known to be non-null in org.apache.ofbiz.widget.model.ModelTree$ModelNode.hasChildren(Map)

This method contains a redundant check of a known non-null value against the constant null.

- ModelTree.java:673, RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE
RCN: Redundant nullcheck of rStyle, which is known to be non-null in org.apache.ofbiz.widget.model.ModelTree$ModelNode.showPeers(int, Map)

This method contains a redundant check of a known non-null value against the constant null.

- ModelTree.java:1071, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelTree$ModelNode$ModelSubNode is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelTreeAction.java:142, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelTreeAction$EntityAnd is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelTreeAction.java:202, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelTreeAction$EntityCondition is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelTreeAction.java:262, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelTreeAction$Script is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelTreeAction.java:335, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelTreeAction$Service is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelWidgetCondition.java:-1, SE_BAD_FIELD
Se: Class org.apache.ofbiz.widget.model.ModelWidgetCondition$IfEntityPermission defines non-transient non-serializable instance field permissionChecker

This Serializable class defines a non-primitive instance field which is neither transient, Serializable, or java.lang.Object, and does not appear to implement the Externalizable interface or the readObject() and writeObject() methods.  Objects of this class will not be deserialized correctly if a non-Serializable object is stored in this field.

- ModelWidgetCondition.java:109, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelWidgetCondition$And is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelWidgetCondition.java:202, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelWidgetCondition$IfCompare is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelWidgetCondition.java:252, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelWidgetCondition$IfCompareField is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelWidgetCondition.java:307, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelWidgetCondition$IfEmpty is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelWidgetCondition.java:330, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelWidgetCondition$IfEntityPermission is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelWidgetCondition.java:349, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelWidgetCondition$IfHasPermission is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelWidgetCondition.java:388, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelWidgetCondition$IfRegexp is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelWidgetCondition.java:433, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelWidgetCondition$IfServicePermission is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelWidgetCondition.java:482, RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE
RCN: Redundant nullcheck of permService, which is known to be non-null in org.apache.ofbiz.widget.model.ModelWidgetCondition$IfServicePermission.eval(Map)

This method contains a redundant check of a known non-null value against the constant null.

- ModelWidgetCondition.java:516, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelWidgetCondition$IfValidateMethod is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelWidgetCondition.java:580, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelWidgetCondition$Not is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelWidgetCondition.java:600, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelWidgetCondition$Or is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.

- ModelWidgetCondition.java:625, SE_NO_SERIALVERSIONID
SnVI: org.apache.ofbiz.widget.model.ModelWidgetCondition$Xor is Serializable; consider declaring a serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message