squid:S4684 (Persistent entities should not be used as arguments of "@RequestMapping" methods) false-positive on @pathvariable annotated arguments

Selindek · May 16, 2019, 9:42am

If the controller-method’s entity-like argument is annotated with @Pathvariable then the argument is created by an unique argument-resolver, which usually means finding the entity by id.
So there are no parameter-binding behind it.
And actually this is the RECOMMENDED way to implement a RESTful API controller.

The rule should be extended in a way that it shouldn’t be triggered if the entity-like argument is annotated with @Pathvariable.

Nicolas_Peru · July 11, 2019, 8:44am

Hi thanks for the feedback.
Indeed this looks like a false positive so ticket created to reduce the noise on this rule : https://jira.sonarsource.com/browse/SONARJAVA-3151

system · April 8, 2021, 9:26am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.