This Bugzilla instance is a read-only archive of historic NetBeans bug reports. To report a bug in NetBeans please follow the project's instructions for reporting issues.

Bug 27484 - Avoid using Java serialization for long-term persistence
Summary: Avoid using Java serialization for long-term persistence
Status: NEW
Alias: None
Product: platform
Classification: Unclassified
Component: -- Other -- (show other bugs)
Version: 3.x
Hardware: All All
: P2 blocker (vote)
Assignee: issues@platform
Depends on:
Reported: 2002-09-20 15:32 UTC by Jan Chalupa
Modified: 2009-01-06 14:36 UTC (History)
0 users

See Also:
Issue Type: TASK
Exception Reporter:


Note You need to log in before you can comment on or make changes to this bug.
Description Jan Chalupa 2002-09-20 15:32:13 UTC
Using serialized instances of Java classes for the
purposes of long-term persistence is evil. It
doesn't matter whether the serialization format is
native Java serialization or XML-based (Archiver).
The bad thing is that internal implementation
details get exposed where they shouldn't be.

Using serialized Java objects for module settings
and configuration data introduces architectural
problems and makes applications fragile from the
compatibility point of view. For example

1. internal data structures exposed via
serialization cannot be changed freely
2. obsolete classes need to be sustained in order
to support compatibility with previous versions
3. instances of custom classes provided by modules
cannot be  read by other modules/apps or external

This requirement applies even to the seemingly
"innocent" utility classes like ArrayList, Vector,
Hashtable, HashMap, String, etc. For the purpose
of long-term persistence, all persistent data
should be translated into a simpler,
JDK-independent form (preferrably XML).

See issue 19915 for the origin of this task.