SonarQube rule: “Using command line arguments is security-sensitive” in Spring Boot application

Question

SonarQube is just showing a Critical security issue in the very basic Spring Boot application. In the main method.

@SpringBootApplication
public class Applic         


        

Answer 1

If you are not using any command-line arguments ,then you could avoid mentioning the args parameter in the run method .Like the below code.

@SpringBootApplication
public class Application {

    public static void main(String[] args) {
        SpringApplication.run(Application.class);
    }

}

This will remove sonarqube hotspot issue.