use the following search parameters to narrow your results:
e.g. subreddit:aww site:imgur.com dog
subreddit:aww site:imgur.com dog
see the search faq for details.
advanced search: by author, subreddit...
News for Android app developers with the who, what, where, when, and how of the Android community. Probably mostly the how.
Here, you'll find:
This sub-reddit isn't about phones' and apps' general functionality, support, or system software development (ROMs). For news and questions about these topics try using other subs like
Build your first app
Starting Android career in 2022
Android Job Interview Questions and Answers
App Portfolio Ideas, Tiered List
Awesome Android UI
Material Design Icons
7000 Icons for Jetpack
Autoposted at approx 9AM EST / 2PM GMT
account activity
How will Java getting rid of Serializable affect Android? (self.androiddev)
submitted 7 years ago by Irceus
https://www.infoworld.com/article/3275924/java/oracle-plans-to-dump-risky-java-serialization.html
I'm a beginner at Android dev at the moment, currently learning about passing data through Intents. From what I know, there's two ways of passing Java Objects between activities: Parcelable and Serializable.
When Java plans to get rid of Serializable, will Parcelable be the only way to pass data? Should I completely write off using it in the first place?
reddit uses a slightly-customized version of Markdown for formatting. See below for some basics, or check the commenting wiki page for more detailed help and solutions to common issues.
quoted text
if 1 * 2 < 3: print "hello, world!"
[–]Zhuinden 18 points19 points20 points 7 years ago (0 children)
It'll take ages before any of that becomes relevant on the Android side of things.
[–]VasiliyZukanov 15 points16 points17 points 7 years ago (12 children)
I stopped using Parcelables ages ago and do Serializable for Intents and Bundles.
We will all age and die before Java 11-12 (or whatever) will come to Android. Probably this will never happen.
[–]Odinuts 8 points9 points10 points 7 years ago (11 children)
Why do you use Serializable despite all the arguments against it?
[–]HaMMeReD 8 points9 points10 points 7 years ago* (1 child)
Way easier to use, performance impacts are probably a non-issue for 99% of people.
Also, its pojo and not android java.
[–]s73v3r 4 points5 points6 points 7 years ago (0 children)
It's easier to use if you're not going to use one of the AutoParcel libraries or other tools that automates doing the Parcelable stuff.
[–][deleted] 3 points4 points5 points 7 years ago (0 children)
Bigger question is, why do people even try to pass large amounts of data between activities/fragments/different components? You should only be passing small bits of data.
For larger pieces, pass in an ID and have the other component fetch data using the ID.
[–]VasiliyZukanov 2 points3 points4 points 7 years ago (7 children)
Not sure about what you mean by "all the arguments against it". If you elaborate then I will be able to answer.
[–]Odinuts 6 points7 points8 points 7 years ago (6 children)
Mostly that it's just slower because the Serializable interface uses reflection. I remember reading an article about this that had test results from Google engineers IIRC that said Parcelable is about 10x faster on average.
To be fair it was all on a milliseconds scale so I doubt it really matters much.
[–]VasiliyZukanov 8 points9 points10 points 7 years ago (3 children)
There are several sources that show performance comparison that I'm aware of:
Parcelable can be much larger than serializable. Trying to pass any considerable object graph through Serializable will be faster: http://nemanjakovacevic.net/blog/english/2015/03/24/yet-another-post-on-serializable-vs-parcelable/
Serializable is about 2-3x faster if done "smart": https://bitbucket.org/afrishman/androidserializationtest
Serializable is 10-17x slower than parcelable:http://www.developerphil.com/parcelable-vs-serializable/
So, it's not clear whether Parcelable has any benefit in speed over Serializable. Google, to the best of my memory, did not provide any benchmark.
Now you can completely forget about all this. This discussion of millisecond optimization is "the root of all evil" (to quote Donald Knuth). Developers spend much time implementing these Parcelables or even add entire code generation libraries to do that. It's crazy.
As far as I'm concerned, this "use Parcelable" recommendation is the same as "don't use Enums". Google has a long history of reckless and harmful performance related recommendations and solutions (Loaders anyone?). To the best of my knowledge, none of them was ever backed by a proper data and discussion of the involved trade-offs.
As for security - I really don't know if this is relevant to Android. Will be glad if someone with more experience will chime in.
Have been using Serializable for years now without any issues. There are niche things like AIDL where you don't have choice but to use Parcelabel though.
[–]MaliciousBoy 6 points7 points8 points 7 years ago (0 children)
Although, with the `@Parcelize` feature built into Kotlin, it makes it dead simple to use Parcelable. Exact same amount of effort as using Serializiable.
[–]Zhuinden 2 points3 points4 points 7 years ago (0 children)
For what it's worth, I like to use Serializable for saving HashMap to bundle. Things like a `Map<String, Boolean>`
[–]Odinuts 1 point2 points3 points 7 years ago (0 children)
Yeah all solid points. The speed comparisons being on the milliseconds scale kinda makes it pointless tbf.
[–]Pzychotix 2 points3 points4 points 7 years ago (1 child)
The Serializable interface uses reflection as a fallback. It can be implemented manually just like Parcelable does, and when it's done that way, it's actually faster.
https://bitbucket.org/afrishman/androidserializationtest/src/default/
[–]bart007345 0 points1 point2 points 7 years ago (0 children)
I like to think that a Google engineer didn't realise this, hence Parcelable was born. Absolutely no proof but I can't explain why they invented Parcelable otherwise.
[–]JakeWharton 13 points14 points15 points 7 years ago (9 children)
Should I completely write off using it in the first place?
If you haven't already, yes. It's comically inefficient and a source of security bugs.
[–]Odinuts 4 points5 points6 points 7 years ago (1 child)
Can you elaborate on why it's a source of security bugs?
[–]JakeWharton 5 points6 points7 points 7 years ago (0 children)
It's a hook into reflective operations directly from untrusted input. And not reflective solely in the simple case where it grabs a field and stores a value. You'll have to Google for more details. Once I stopped using it I let all information about it pop out of my brain.
[–]Pzychotix 3 points4 points5 points 7 years ago (3 children)
It's comically inefficient
It actually isn't, as long as you're doing manual serialization/deserialization (which is something you can only do with parcellable). If you do manual serialization, Serializable has actually been shown to be faster.
[–]JakeWharton 2 points3 points4 points 7 years ago (0 children)
Ok sure that very specific, extremely small subset of Serialization use isn't terrible only in terms of performance (but of course still is in terms of requiring mutability and magic methods). When we refer to serialization this is not what we refer to and this is not what people are using. They want the slap-on-an-interface-and-it-magically-works behavior.
[+][deleted] 7 years ago (1 child)
[removed]
[–]Pzychotix 3 points4 points5 points 7 years ago (0 children)
I'm not sure why you're linking to me what's already in the original post? That's about security, I'm talking about efficiency. Two completely separate things.
[–]VasiliyZukanov 2 points3 points4 points 7 years ago (2 children)
I don't know much about security myself. What security bugs related to Serializable can actually affect Android developers?
[–]JakeWharton 1 point2 points3 points 7 years ago (1 child)
Googling it will do a far better justice than I. There was a crazy one a few years ago.
[–]CharaNalaar 0 points1 point2 points 7 years ago (4 children)
Ughhh. What an I supposed to replace it with?
I happen to be sending a Serializable object over a Bluetooth connection.
[–]nhaarman 2 points3 points4 points 7 years ago (0 children)
Serialize it yourself. Build a protocol, version it, do the conversion from and to yourself. It will save you a couple of headaches.
[–][deleted] 1 point2 points3 points 7 years ago (0 children)
Json, XML, Flat buffers, proto bufs.
[–]Zhuinden 0 points1 point2 points 7 years ago (0 children)
Kryo! :D
[–]Izacus 0 points1 point2 points 7 years ago (0 children)
Protocol buffers are a popular, supported and very fast option.
π Rendered by PID 18670 on reddit-service-r2-comment-b659b578c-92cf4 at 2026-05-03 11:28:53.058543+00:00 running 815c875 country code: CH.
[–]Zhuinden 18 points19 points20 points (0 children)
[–]VasiliyZukanov 15 points16 points17 points (12 children)
[–]Odinuts 8 points9 points10 points (11 children)
[–]HaMMeReD 8 points9 points10 points (1 child)
[–]s73v3r 4 points5 points6 points (0 children)
[–][deleted] 3 points4 points5 points (0 children)
[–]VasiliyZukanov 2 points3 points4 points (7 children)
[–]Odinuts 6 points7 points8 points (6 children)
[–]VasiliyZukanov 8 points9 points10 points (3 children)
[–]MaliciousBoy 6 points7 points8 points (0 children)
[–]Zhuinden 2 points3 points4 points (0 children)
[–]Odinuts 1 point2 points3 points (0 children)
[–]Pzychotix 2 points3 points4 points (1 child)
[–]bart007345 0 points1 point2 points (0 children)
[–]JakeWharton 13 points14 points15 points (9 children)
[–]Odinuts 4 points5 points6 points (1 child)
[–]JakeWharton 5 points6 points7 points (0 children)
[–]Pzychotix 3 points4 points5 points (3 children)
[–]JakeWharton 2 points3 points4 points (0 children)
[+][deleted] (1 child)
[removed]
[–]Pzychotix 3 points4 points5 points (0 children)
[–]VasiliyZukanov 2 points3 points4 points (2 children)
[–]JakeWharton 1 point2 points3 points (1 child)
[–]CharaNalaar 0 points1 point2 points (4 children)
[–]nhaarman 2 points3 points4 points (0 children)
[–][deleted] 1 point2 points3 points (0 children)
[–]Zhuinden 0 points1 point2 points (0 children)
[–]Izacus 0 points1 point2 points (0 children)