Heap dump analysis done as part of MDSAL-442/MDSAL-445 shows that binding-dom-codec is using plain ArrayLists to represent lists.

This is a violation of immutable contract imposed by the fact the data is actually backed by NormalizedNodes (and general MD-SAL architecture requirements, which stress the use of immutable objects), which can be exploited to make a NormalizedNode-backed DataObject report a different set of data than it actually represents.

Audit the code and make sure all lists that we are giving out are immutable.