Dear all,
first thing to note is the serialVersionUID of a class implementing Interface Serializable is not in question. What if we create a class that for example extends HttpServlet? It also should have a serialVersionUID. If someone knows that this object will never be serialized should he define it or add an annotation to suppress those warnings?
What would you do and why?
Thanks for sharing your thoughts.
Okami
Let Eclipse generate an ID. Quick and easy. Warnings are not to be ignored. Also saves you lots of trouble should you ever come to the point where the object /has/ to be serialized.
If you do not plan to serialize instances, add a SuppressWarning.
A generated serial ID can be a bit dangerous. It suggests that you intentionally gave it a serial number and that it is save to serialize and deserialize. It's easy to forget to update the serial number in a newer version of your application where your class is changed. Deserialization will fail if the class fields have been changed. Having a SuppressWarning at least tells the reader of your code that you did not intend to serialize this class.
I don't know Java best practices, but it occurs to me that if you are claiming that serialization will never happen, you could add a writeObject method which throws. Then suppress the warning, safe in the knowledge that it cannot possibly apply to you.
Otherwise someone might in future serialize your object through the parent class, and end up with a default serialized form where:
Adding an ID sounds like a bodge, since what you really want to do is not serialize. Expecting callers not to serialize your object means that you expect them to "know" when their HttpServlet is of your class. That breach of polymorphism is on your head for having a Serializable object which must not be serialized, and the least you can do is make sure unwary callers know about it.
That warning drives me crazy, because every time you subclass a Swing class, you know you're never going to serialize it, but there is that stupid warning. But yeah, I let Eclipse generate one.
I refuse to be terrorized by Eclipse into adding clutter to my code!
I just configure Eclipse to not generate warnings on missing serialVersionUID.
Even if you know this object will be serialized there is no need to generate serialVersionUID because java will automatically generate it for you and will automatically keep track of changes so your serialization will always work just fine. You should generate it only if you know what you are doing (backward serialization compatibility, manual change tracking etc.)
So I would say suppressing the warning is the best and safest solution in most cases.
If you leave out a serialVersionUID java will generate one for the class at compile time (it changes with every compilation).
When deserializing objects the serialVersionUID of the deserialized object is compared to that of the class in the jvm. If they are different they are considered incompatible and an Exception is thrown. This can happen for instance after upgrading your program and deserializing old classes.
I always use 1L for serialversionUID. It doesn't hurt (compared to the default generated) and it still leaves the option of breaking compatibility later by incrementing the id.
It is good to generate SVUID to every class implementing serializable. The reason is simple. You never know when it will be serialized by you or by some 3rd party. There can be configured a lot of services which will serialize servlets. For every IDE exists plugin which generates one or just use template and set svuid = 1L.
Please follow this link to get detailed explanation: http://technologiquepanorama.wordpress.com/2009/02/13/what-is-use-of-serialversiouid/
Thanks @ Steve Jessop for his answer on this. It was 5 lines of code... hardly a hassle.
I added @SuppressWarnings("serial") just above the class in question.
I also added this method: private void writeObject(ObjectOutputStream oos) throws IOException { throw new IOException("This class is NOT serializable."); }
Hopefully that's what Steve meant :)