java:S107 Methods should not have too many parameters - make the rule more configurable

We are using currently
SonarQube Server 8.1.0.31237
Java Sonar Plugin 6.3 (build 21585)

Some of our developer complain, that there are false-positives with the rule java:S107 in some cases:

  1. Using JAX-RS API interface classes. As there are some API endpoints which need more than 7 url params, these methods annotated with “javax.ws.rs.GET” raise a Sonar issue although they cannot be changed

  2. Using Spring Bean constructor injection with @Autowired, which in some cases causes constructors with many parameters, which should not raise an issue.

  3. Using CDI constructor injection with @Inject. Same as above

I’d suggest to add the following annotations to the white list of the rule:

javax.ws.rs.GET
javax.ws.rs.POST
javax.ws.rs.PUT
javax.ws.rs.PATCH
org.springframework.beans.factory.annotation.Autowired
javax.inject.Inject

And I think it would be great to change the rule so that a sonar admin can add Annotation FQN’s to the white listet annotations.

Hi @tschindler,

Thank you for the suggestion. This makes sense to me, so I’ve created a ticket.

Cheers,
Sebastian

Thank you @SebastianHungerecker!

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.