Hi,
SonarQube reports the issue “java:S3749 - Members of Spring components should be injected” on the following code:
import org.springframework.stereotype.Controller;
import org.springframework.web.context.WebApplicationContext;
@Slf4j
@Controller(value = "myController")
@Scope(value= WebApplicationContext.SCOPE_SESSION, proxyMode= ScopedProxyMode.TARGET_CLASS)
public class MyBean extends MyBaseBean implements MyConstants {
private UIInput keylevel1UIInput; <------ Issue is reported here
The member on the last line is not injected by Spring. Therefore SonarQube reports the issue here.
In a Spring-Controler - which are singletons by default - this would of course be a problem, as the content of the member would be shared by all users.
But in this case the bean has session scope, denoted by the @Scope annotation.
Is this a false-positive?
Im using
SonarQube 8.3.1
Java Code Quality and Security plugin: 6.4