Protected ArrayList is Serializable

The rule java:S1948 “Fields in a “Serializable” class should either be transient or serializable”
triggers for me in this java snippet:

public class Auftrag implements Serializable {
  private static final long serialVersionUID = 1L;
  protected ArrayList<Anhang> anhang;

I am using SonarQube:
It was reported to be fixed in squid:S1948 wrongly reported by Sonar 7.7 on ArrayList<String> - #2 by Nicolas_Peru
But perhaps it was only fixed for the private field not a protected, public or so?

Hey there.


Your version is past EOL. You should upgrade to either the latest version or the current LTS at your earliest convenience. Your upgrade path is:

8.5.1-> 8.9.8 → 9.4 (last step optional)

You may find the Upgrade Guide and the LTS-to-LTS Upgrade Notes helpful. If you have questions about upgrading, feel free to open a new thread for that here.

If this issue persists after upgrade, please come back to us.