squid:S4684 (Persistent entities should not be used as arguments of "@RequestMapping" methods) false-positive on @pathvariable annotated arguments

If the controller-method’s entity-like argument is annotated with @Pathvariable then the argument is created by an unique argument-resolver, which usually means finding the entity by id.
So there are no parameter-binding behind it.
And actually this is the RECOMMENDED way to implement a RESTful API controller.

The rule should be extended in a way that it shouldn’t be triggered if the entity-like argument is annotated with @Pathvariable.

Hi thanks for the feedback.
Indeed this looks like a false positive so ticket created to reduce the noise on this rule : https://jira.sonarsource.com/browse/SONARJAVA-3151

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.