Reputation: 2904
SonarQube vulnerability: Explicitly declare the visibility for variable
As well known in Java present default visibility modifier. As I understand this modifier can be used like other modifiers. But why SonarQube mark default modifier as vulnerability - Explicitly declare the visibility for "var"?
Upvotes: 3
Views: 5705
Answers (1)
Reputation: 4841
Take a look at the description of the rule.
Failing to explicitly declare the visibility of a member variable could result it in having a visibility you don't expect, and potentially leave it open to unexpected modification by other classes.
If you have a property of a class package private then any class in the same package can modify this property.
But Package private still has valid uses. For example you might want to declare a class as package private so that it can be used inside the package it is declared in but remains hidden from public use.
Upvotes: 2
Related Questions
- SonarQube issue with public static variables | JAVA
- sonarQube raises Make a static final constant or non-public and provide accessors if needed on JNA structure
- Sonar violation on "disallowed assignment of parameters"
- How to make the code compliant with: Move this variable to comply with Java Code Conventions
- SonarQube bug related to "Safe File handling"
- How to remove 'Assignment of Parameter 'variable' is not allowed'
- Sonar Error - Make this member "protected"
- Sonar Violation: Security - Array is stored directly
- How to address Java String instantiation issue reported by Sonarqube
- Allow protected variables in Java for SonnarQube