Why is this an issue?
Nothing in a non-serializable class will be written out to file, and attempting to serialize such a class will result in an exception being thrown.
Only a class that implements Serializable
or one that extends such a class can successfully be serialized (or de-serialized).
Noncompliant code example
public class Vegetable { // neither implements Serializable nor extends a class that does
//...
}
public class Menu {
public void meal() throws IOException {
Vegetable veg;
//...
FileOutputStream fout = new FileOutputStream(veg.getName());
ObjectOutputStream oos = new ObjectOutputStream(fout);
oos.writeObject(veg); // Noncompliant. Nothing will be written
}
}
Compliant solution
public class Vegetable implements Serializable { // can now be serialized
//...
}
public class Menu {
public void meal() throws IOException {
Vegetable veg;
//...
FileOutputStream fout = new FileOutputStream(veg.getName());
ObjectOutputStream oos = new ObjectOutputStream(fout);
oos.writeObject(veg);
}
}