fix: resolve top 5 SonarQube issues (weekly sweep)

[devin-ai-integration]

Summary

Addresses the top 5 open SonarQube issues for choikh0423_demo-spring-boot-test-coverage (SonarCloud), ranked by severity → type → effort:

#	Issue Key	Rule	Severity	File	Fix
1	AZ1u3HBdEnUkF3fpjVtN	java:S1948	CRITICAL	InvalidRequestException.java	Mark errors field as transient so the non-serializable Errors field doesn't violate the Serializable contract
2	AZ1u3HCaEnUkF3fpjVtj	java:S1452	CRITICAL	ArticleApi.java:36	Replace ResponseEntity<?> → ResponseEntity<Map<String, Object>>
3	AZ1u3HCaEnUkF3fpjVtk	java:S1452	CRITICAL	ArticleApi.java:45	Replace ResponseEntity<?> → ResponseEntity<Map<String, Object>>
4	AZ1u3HBkEnUkF3fpjVtQ	java:S1452	CRITICAL	CommentsApi.java:41	Replace ResponseEntity<?> → ResponseEntity<Map<String, Object>>
5	AZ1u3HAuEnUkF3fpjVtD	java:S1118	MAJOR	Util.java:3	Add private constructor, make class final

All existing tests pass (./gradlew test). Note: ./gradlew spotlessCheck fails on master as well (pre-existing google-java-format issue).

Review & Testing Checklist for Human

• transient on InvalidRequestException.errors: Verify no code path serializes/deserializes this exception (e.g., across microservice boundaries, session replication). If it is ever deserialized, errors will be null. This is the only behavioral change in the PR.
• Wildcard type replacements: Confirm that hardcoding ResponseEntity<Map<String, Object>> doesn't break Swagger/OpenAPI doc generation if the project uses it. The actual return values already match this type.
• Util made final: Confirm no subclass of Util exists (tests pass, so very likely safe).

Recommended test plan: Run the full test suite and verify the API endpoints (GET /articles/{slug}, PUT /articles/{slug}, POST /articles/{slug}/comments) return correct responses.

Notes

• Only 3 of the ~6 ResponseEntity<?> / raw ResponseEntity usages across these files were fixed—these were the ones flagged as top-5 priority by SonarQube. Remaining raw types (e.g., deleteArticle, getComments) are lower-priority and can be addressed in a future sweep.

Link to Devin session: https://app.devin.ai/sessions/418f65d0566a4814a4c746a5070ec671
Requested by: @choikh0423

---

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring

[devin-ai-integration]

✅ Devin Review: No Issues Found

Devin Review analyzed this PR and found no potential bugs to report.

View in Devin Review to see 2 additional findings.