False negative using Collections.unmodifiableList() on store part for rule java:S2384 - Mutable members should not be stored or returned directly : a view is stored not a copy

  • SonarLint 4.16.0
  • using Collections.unmodifiableList() to store a mutable field should not be a negative for this rule. As the javadoc says : unmodifiableList returns an unmodifiable view of the specified list, so this still leaves you vulnerable to unexpected changes in your class state. The method can be used to return the list.
  • example with code in GitHub - javathought/sq-contribution: SonarQube community contribution. with a failing test on the defensive coding using the method, but no issue detected.

Hi @Pascal_Abaziou,

Thank you for your report. I’ve created a ticket to address this.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.