RFR: 4337793: Mark non-serializable fields of java.security.cert.Certificate and CertPath
Roger Riggs
rriggs at openjdk.java.net
Mon Nov 15 19:18:41 UTC 2021
On Mon, 15 Nov 2021 19:05:27 GMT, Sean Mullan <mullan at openjdk.org> wrote:
> > The serialized form doc for both classes should say something about what is serialized. Since it is using writeReplace, it can indicate that CertificateRep/CertPathRep is used instead (and the arguments). likely you'll need to use the @serial javadoc tag and check the generated javadoc to verify.
>
> The `writeReplace` methods do have `@serial` tags, and they do show up in the Serialized Form of the javadoc, ex: https://docs.oracle.com/en/java/javase/17/docs/api/serialized-form.html#java.security.cert.Certificate
>
> Is your comment more that these methods could more clearly specify what is returned?
The `@java.io.Serial` annotation doesn't add any description to the generated javadoc or serialized form doc.
The javadoc in the serialized for says only: "Replace the Certificate to be serialized."
For my purposes it would enough to reword it to say it returns a CertificateRep holding the type and data or something similar.
The `@serial` javadoc tag might be useful but not necessary if the regular javadoc that is in the serialized form doc is concrete.
-------------
PR: https://git.openjdk.java.net/jdk/pull/6392
More information about the security-dev
mailing list