Hello,
There was an upgrade to springboot 3.x from 2.7.x. There wasn’t any issue before but after upgrade we received more than 250 critical vulnerability about the same issue. “Annotate this member with “Autowired”, “Resource”, “Inject”, or “Value”, or remove it.” Resource import is changed to jakarta.* package in springboot 3.x. However Sonar says to import javax.annotation.Resource. I guess it should be false positive, right ? Please let me know if it is false positive because of that reason and how can we solve or suppress it ?
Sonar version is: 10.1
Best regards,
Suzan