Additional FP for S1948 when fields are injected with @Resource to EJBs

This is about rule S1948 for Java. It is similar to [SONARJAVA-2442] - Jira. We have EJBs containing additional injected fields with the annotation @javax.annotation.Resource

import java.io.Serializable;
import javax.annotation.Resource;
import javax.ejb.SessionContext;
import javax.ejb.Stateful;

@Stateful
public class TestBean implements Serializable
{
  @Resource
  private SessionContext sc; //FP here on "sc"
}

Like SONARJAVA-2442, as this field is injected, the field is inherently serializable.

(For @EJB or @PersistenceContext there is no issue raised)

Verified with Sonarlint for Eclipse 7.7, not connected.

1 Like

Hi,

Could you upgrade to 7.9 and verify that this is still reproducible, please?

 
Thx,
Ann

I tested with SonarLint 7.9 for Eclipse (not connected) and the issue remains: The field sc is marked with java:S1948 “Make “sc” transient or serializable”.

1 Like

Hi,

Thanks for checking. I’ve flagged this for the experts.

 
Ann

Hi Thomas!

From what I see in the sources, an exception is currently only made for the two annotation types:

  • javax.ejb.EJB
  • org.apache.wicket.spring.injection.annot.SpringBean

I created a ticket to add javax.annotation.Resource here: SONARJAVA-4478

Best,
Marco