7.Null security
Although Java type system does not allow you to use it to represent null
security, but the Spring Framework now org.springframework.lang
offers the following comments in the package, so that you can declare null and fields of the API:
@Nullable
: Indicates specific parameters, return value field can be null or annotation.@NonNull
: Indicates specific parameters, return value can not be null or annotation (respectively applied to@NonNullApi
and@NonNullFields
the parameter / field and need not return values).@NonNullApi
: Package-level annotation, it was declared a non-null default parameters and return values of semantics.@NonNullFields
: Package-level annotation, declare it null for the field of non-default semantics.
Spring Framework itself uses these comments, but they can also be used in any Spring-based Java project, to declare null and optional security API null security fields. Generic type parameter is not supported, and may be empty of varargs array elements, but they should be used in an upcoming release, the latest information, see the SPR-15942. Nullability statement is expected to be fine-tuning between the Spring Framework version, including minor versions. In an internal space of the body type of a method outside the scope of this feature.
Other common libraries (such as Reactor and Spring Data) can be provided using a similar set of empty space security API, which provides a consistent overall experience for the Spring application developers.
7.1. example
In addition to the Spring Framework API Nullability provide explicit statement outside, the IDE (e.g. IDEA or Eclipse) these comments may also be used to provide useful security warnings related to empty so as to avoid NullPointerException
a warning at runtime.
7.2. JSR-305 meta-annotation
Spring annotation using the JSR 305 annotations (sleep but the widespread use of JSR) meta-annotation. JSR-305
The meta-annotation tool suppliers (such as IDEA or Kotlin) to provide a common way to support air safety, without having to hard-code the Spring annotation support.
Neither needed nor recommended to add JSR-305 class path dependencies to the project to take advantage of Spring Air security API. Only such comments with an empty safe in their code base Spring-based projects like the library, it should be added com.google.code.findbugs:jsr305:3.0.2
(with a compileOnly
Gradle configuration) or Maven scopes provided to avoid compiler warnings.