[java:S2885] "private static final DateFormat" should be ignored

public class Datez
    public static final String D_PATTERN = "yyyy-MM-dd";
    private static final DateFormat D = new SimpleDateFormat( D_PATTERN ); // FP
    public static String formatD( Date d )
        synchronized( D )
            return D.format( d );

In the above code the line, that declares and initializes a DateFormat is marked by rule S2885.
But it cannot be an instance variable, since the whole class has a static character and scope. All these date formatters are accessed via synchronized blocks only as shown above Hence they are not reported as insecure.

The rule should be adjusted to ignore this kind of fields.

Hi @mfroehlich,

Thank you for your feedback. You’re right that using static fields in this way is safe and we should not raise an issue in cases like this. I have created a ticket to address this.


This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.