- What language is this for?
Java /Spring
- Which rule?
Rule java:S6856 @PathVariable annotation should be present if a path variable is used
- Why do you believe it’s a false-positive?
Using Spring property injection in controller path should be allowed and should not be considered as path variable which syntax is ".../{myPathVar}/..." instead if "${my.spring.property.key}/..."
- Are you using
- SonarQube for IDE - which IDE/version?
IntelliJ Ultimate (v2024.3.5) - plugin v10.20.0.80985
- How can we reproduce the problem? Give us a self-contained snippet of code
Consider a basic Spring app with properties configured and injected in Controller path.
src/main/resources/application.ymlfile:
myapp:
api:
version1: "api/v1"
version2: "api/v2"
src/main/java/com/myapp/MyController.java
//imports
@RestController
public class MyController {
//... constructor/services injection
@GetMapping("/${myapp.api.version1}/languages")
public List<Language> getAllLanguagesV1() {
return serviceV1.getAllLanguages();
}
@GetMapping("/${myapp.api.version2}/languages")
public List<Language> getAllLanguagesV2() {
return serviceV2.getAllLanguages();
}
}
In this case Sonar is reporting the issue for both methods when it shouldn’t.
We could argue that injecting spring property in path is not “clean” and the code could be refactored to inject Spring properties differently but that would be another rule then.