Skip to content

Releases: pmd/pmd

PMD 6.31.0 (30-January-2021)

30 Jan 17:26
@pmd-bot pmd-bot
pmd_releases/6.31.0
7d6e623
Compare
Choose a tag to compare
PMD 6.31.0 (30-January-2021)

30-January-2021 - 6.31.0

The PMD team is pleased to announce PMD 6.31.0.

This is a minor release.

Table Of Contents

New and noteworthy

SARIF Format

PMD now supports the Static Analysis Results Interchange Format (SARIF)
as an additional report format. Just use the command line parameter -format sarif to select it.
SARIF is an OASIS standard format for static analysis tools.
PMD creates SARIF JSON files in SARIF version 2.1.0.
An example report can be found in the documentation in Report formats for PMD.

CPD

  • The C++ module now supports the new option --ignore-literal-sequences,
    which can be used to avoid detection of some uninteresting clones. This options has been
    introduced with PMD 6.30.0 for C# and is now available for C++ as well. See #2963.

New Rules

  • The new Apex rule OverrideBothEqualsAndHashcode brings the well known Java rule
    to Apex. In Apex the same principle applies: equals and hashCode should always be overridden
    together to ensure collection classes such as Maps and Sets work as expected.

  • The new Visualforce rule VfHtmlStyleTagXss checks for potential XSS problems
    when using <style> tags on Visualforce pages.

Deprecated rules

  • java-performance
    • AvoidUsingShortType: arithmetic on shorts is not significantly
      slower than on ints, whereas using shorts may provide significant memory savings in arrays.
    • SimplifyStartsWith: the suggested code transformation has an
      insignificant performance impact, and decreases readability.

Fixed Issues

  • core
    • #2953: [core] Support SARIF JSON Format
    • #2970: [core] PMD 6.30.0 release is not reproducible
    • #2994: [core] Fix code climate severity strings
  • java-bestpractices
    • #575: [java] LiteralsFirstInComparisons should consider constant fields
    • #2454: [java] UnusedPrivateMethod violation for disabled class in 6.23.0
    • #2833: [java] NPE in UseCollectionIsEmptyRule with enums
    • #2876: [java] UnusedPrivateField cannot override ignored annotations property
    • #2957: [java] Ignore unused declarations that have special name
  • java-codestyle
    • #2960: [java] Thread issue in MethodNamingConventionsRule
  • java-design
    • #3006: [java] NPE in SingularFieldRule with concise resource syntax
  • java-errorprone
    • #2976: [java] CompareObjectsWithEquals: FP with array.length
    • #2977: [java] 6.30.0 introduces new false positive in CloseResource rule?
    • #2979: [java] UseEqualsToCompareStrings: FP with "var" variables
    • #3004: [java] UseEqualsToCompareStrings false positive with PMD 6.30.0
    • #3062: [java] CloseResource FP with reassigned stream
  • java-performance
    • #2296: [java] Deprecate rule AvoidUsingShortType
    • #2740: [java] Deprecate rule SimplifyStartsWith
    • #3088: [java] AvoidInstantiatingObjectsInLoops - false positive with Collections
  • vf-security
    • #3081: [vf] VfUnescapeEl: Inherently un-XSS-able built-in functions trigger false positives

API Changes

Deprecated API

Experimental APIs

  • The method GenericToken#getKind has been added as experimental. This
    unifies the token interface for both JavaCC and Antlr. The already existing method
    AntlrToken#getKind is therefore experimental as well. The
    returned constant depends on the actual language and might change whenever the grammar
    of the language is changed.

External Contributions

Stats

  • 116 commits
  • 40 closed tickets & PRs
  • Days since last release: 49
Assets 5

PMD 6.30.0 (12-December-2020)

12 Dec 10:03
@pmd-bot pmd-bot
pmd_releases/6.30.0
d2e4fb4
Compare
Choose a tag to compare
PMD 6.30.0 (12-December-2020)

12-December-2020 - 6.30.0

The PMD team is pleased to announce PMD 6.30.0.

This is a minor release.

Table Of Contents

New and noteworthy

CPD

  • The C# module now supports the new option --ignore-literal-sequences, which can be used to avoid detection of some uninteresting clones. Support for other languages may be added in the future. See #2945

  • The Scala module now supports suppression through CPD-ON/CPD-OFF comment pairs. See #2929

Type information for VisualForce

The Visualforce AST now can resolve the data type of Visualforce expressions that reference Apex Controller properties and Custom Object fields. This feature improves the precision of existing rules, like VfUnescapeEl.

This can be configured using two environment variables:

  • PMD_VF_APEXDIRECTORIES: Comma separated list of directories for Apex classes. Absolute or relative to the Visualforce directory. Default is ../classes. Specifying an empty string will disable data type resolution for Apex Controller properties.
  • PMD_VF_OBJECTSDIRECTORIES: Comma separated list of directories for Custom Objects. Absolute or relative to the Visualforce directory. Default is ../objects. Specifying an empty string will disable data type resolution for Custom Object fields.

This feature is experimental, in particular, expect changes to the way the configuration is specified. We'll probably extend the CLI instead of relying on environment variables in a future version.

Thanks to Jeff Bartolotta and Roopa Mohan for contributing this!

Fixed Issues

  • core
    • #1939: [core] XPath expressions return handling
    • #1961: [core] Text renderer should include name of violated rule
    • #2874: [core] Fix XMLRenderer with UTF-16
  • cs
    • #2938: [cs] CPD: ignoring using directives could not be disabled
  • java
    • #2911: [java] ClassTypeResolver#searchNodeNameForClass leaks memory
    • #2934: [java] CompareObjectsWithEquals / UseEqualsToCompareStrings - False negatives with fields
    • #2940: [java] Catch additional TypeNotPresentExceptions / LinkageErrors
  • scala
    • #2480: [scala] Support CPD suppressions

API Changes

Deprecated API

Around RuleSet parsing
Around the PMD class

Many classes around PMD's entry point (PMD) have been deprecated as internal, including:

Miscellaneous

Internal API

Those APIs are not intended to be used by clients, and will be hidden or removed with PMD 7.0.0.
You can identify them with the @InternalApi annotation. You'll also get a deprecation warning.

External Contributions

Read more
Assets 5

PMD 6.29.0 (24-October-2020)

24 Oct 09:15
@pmd-bot pmd-bot
pmd_releases/6.29.0
81f12d3
Compare
Choose a tag to compare
PMD 6.29.0 (24-October-2020)

24-October-2020 - 6.29.0

The PMD team is pleased to announce PMD 6.29.0.

This is a minor release.

Table Of Contents

New and noteworthy

Updated Apex Support

New Rules

  • The new Apex rule OperationWithLimitsInLoop (apex-performance)
    finds operations in loops that may hit governor limits such as DML operations, SOQL
    queries and more. The rule replaces the three rules "AvoidDmlStatementsInLoops", "AvoidSoqlInLoops",
    and "AvoidSoslInLoops".

Renamed Rules

  • The Java rule DoNotCallSystemExit has been renamed to
    DoNotTerminateVM, since it checks for all the following calls:
    System.exit(int), Runtime.exit(int), Runtime.halt(int). All these calls terminate
    the Java VM, which is bad, if the VM runs an application server which many independent applications.

Deprecated Rules

Fixed Issues

  • apex
    • #2839: [apex] Apex classes with safe navigation operator from Winter 21 (50.0) are skipped
  • apex-performance
    • #1713: [apex] Mark Database DML statements in For Loop
  • core
    • #2831: [core] Fix XMLRenderer newlines when running under IBM Java
  • java-errorprone
    • #2157: [java] Improve DoNotCallSystemExit: permit call in main(), flag System.halt
    • #2764: [java] CloseResourceRule does not recognize multiple assignment done to resource
  • miscellaneous
    • #2823: [doc] Renamed/Moved rules are missing in documentation
  • vf (Salesforce VisualForce)
    • #2765: [vf] Attributes with dot cause a VfParseException

External Contributions

Stats

  • 50 commits
  • 23 closed tickets & PRs
  • Days since last release: 27
Assets 5

PMD 6.28.0 (26-September-2020)

26 Sep 09:07
@pmd-bot pmd-bot
pmd_releases/6.28.0
722f3ca
Compare
Choose a tag to compare
PMD 6.28.0 (26-September-2020)

26-September-2020 - 6.28.0

The PMD team is pleased to announce PMD 6.28.0.

This is a minor release.

Table Of Contents

New and noteworthy

CPD's AnyTokenizer has been improved

The AnyTokenizer is used for languages, that don't have an own lexer/grammar based tokenizer.
AnyTokenizer now handles string literals and end-of-line comments. Fortran, Perl and Ruby have
been updated to use AnyTokenizer instead of their old custom tokenizer based on AbstractTokenizer.
See #2758 for details.

AbstractTokenizer and the custom tokenizers of Fortran, Perl and Ruby are deprecated now.

Fixed Issues

  • cpd

    • #2758: [cpd] Improve AnyTokenizer
    • #2760: [cpd] AnyTokenizer doesn't count columns correctly

  • apex-security

    • #2774: [apex] ApexSharingViolations does not correlate sharing settings with class that contains data access

  • java

    • #2738: [java] Custom rule with @ExhaustiveEnumSwitch throws NPE
    • #2755: [java] [6.27.0] Exception applying rule CloseResource on file ... java.lang.NullPointerException
    • #2756: [java] TypeTestUtil fails with NPE for anonymous class
    • #2767: [java] IndexOutOfBoundsException when parsing an initializer BlockStatement
    • #2783: [java] Error while parsing with lambda of custom interface

  • java-bestpractices

    • #2759: [java] False positive in UnusedAssignment

  • java-design

    • #2708: [java] False positive FinalFieldCouldBeStatic when using lombok Builder.Default

API Changes

Deprecated API

For removal

External Contributions

  • #2735: [ci] Add github actions for a fast view of pr succeed/not - XenoAmess
  • #2747: [java] Don't trigger FinalFieldCouldBeStatic when field is annotated with lombok @Builder.Default - Ollie Abbey
  • #2773: [java] issue-2738: Adding null check to avoid npe when switch case is default - Nimit Patel
  • #2789: Add badge for reproducible build - Dan Rollo
  • #2791: [apex] Analyze inner classes for sharing violations - Jeff Bartolotta

Stats

  • 58 commits
  • 24 closed tickets & PRs
  • Days since last release: 25
Assets 5

PMD 6.27.0 (31-August-2020)

31 Aug 17:23
@pmd-bot pmd-bot
pmd_releases/6.27.0
856950f
Compare
Choose a tag to compare
PMD 6.27.0 (31-August-2020)

31-August-2020 - 6.27.0

The PMD team is pleased to announce PMD 6.27.0.

This is a minor release.

Table Of Contents

New and noteworthy

Java 15 Support

This release of PMD brings support for Java 15. PMD can parse Text Blocks
which have been promoted to be a standard language feature of Java.

PMD also supports Pattern Matching for instanceof,
Records, and Sealed Classes.

Note: The Pattern Matching for instanceof, Records, and Sealed Classes are all preview language features of OpenJDK 15
and are not enabled by default. In order to
analyze a project with PMD that uses these language features, you'll need to enable it via the environment
variable PMD_JAVA_OPTS and select the new language version 15-preview:

export PMD_JAVA_OPTS=--enable-preview
./run.sh pmd -language java -version 15-preview ...

Note: Support for Java 13 preview language features have been removed. The version "13-preview" is no longer available.

Changes in how tab characters are handled

In the past, tab characters in source files has been handled differently in different languages by PMD.
For instance in Java, tab characters had a width of 8 columns, while C# used only 1 column. Visualforce instead
used 4 columns.

This has been unified now so that tab characters are consistently now always 1 column wide.

This however might be a incompatible change, if you're using the properties "BeginColumn" or "EndColumn"
additionally to "BeginLine" and "EndLine" of a Token/AST node in order to highlight
where a rule violation occurred in the source file. If you have logic there that deals with tab characters,
you most likely can remove this logic now, since tab characters are now just "normal" characters
in terms of string processing.

See also [all] Ensure PMD/CPD uses tab width of 1 for tabs consistently #2656.

Updated PMD Designer

This PMD release ships a new version of the pmd-designer.
For the changes, see PMD Designer Changelog.

New Rules

  • The new Java rule AvoidReassigningCatchVariables (java-bestpractices) finds
    cases where the variable of the caught exception is reassigned. This practice is surprising and prevents
    further evolution of the code like multi-catch.

Modified Rules

  • The Java rule CloseResource (java-errorprone) has a new property
    closeNotInFinally. With this property set to true the rule will also find calls to close a
    resource, which are not in a finally-block of a try-statement. If a resource is not closed within a
    finally block, it might not be closed at all in case of exceptions.

    As this new detection would yield many new violations, it is disabled by default. It might be
    enabled in a later version of PMD.

Deprecated Rules

Fixed Issues

  • core
    • #724: [core] Avoid parsing rulesets multiple times
    • #1962: [core] Simplify Report API
    • #2653: [lang-test] Upgrade kotlintest to Kotest
    • #2656: [all] Ensure PMD/CPD uses tab width of 1 for tabs consistently
    • #2690: [core] Fix java7 compatibility
  • java
    • #2646: [java] Support JDK 15
  • java-bestpractices
    • #2471: [java] New Rule: AvoidReassigningCatchVariables
    • #2663: [java] NoClassDefFoundError on upgrade from 6.25.0 to 6.26.0
    • #2668: [java] UnusedAssignment false positives
    • #2673: [java] UnusedPrivateField and SingularField false positive with lombok annotation EqualsAndHashCode
    • #2684: [java] UnusedAssignment FP in try/catch
    • #2686: [java] UnusedAssignment must not flag abstract method parameters in interfaces and abstract classes
  • java-design
    • #2108: [java] [doc] ImmutableField rule: Description should clarify shallow immutability
    • #2461: [java] ExcessiveParameterListRule must ignore a private constructor
  • java-errorprone
    • #2264: [java] SuspiciousEqualsMethodName: Improve description about error-prone overloading of equals()
    • #2410: [java] ProperCloneImplementation not valid for final class
    • #2431: [java] InvalidLogMessageFormatRule throws IndexOutOfBoundsException when only logging exception message
    • #2439: [java] AvoidCatchingThrowable can not detect the case: catch (java.lang.Throwable t)
    • #2470: [java] CloseResource false positive when resource included in return value
    • #2531: [java] UnnecessaryCaseChange can not detect the case like: foo.equals(bar.toLowerCase())
    • #2647: [java] Deprecate rule DataFlowAnomalyAnalysis
  • java-performance
    • #1868: [java] false-positive for SimplifyStartsWith if string is empty
    • #2441: [java] RedundantFieldInitializer can not detect a special case for char initialize: char foo = '\0';
    • #2530: [java] StringToString can not detect the case: getStringMethod().toString()
  • dart
    • #2750: [dart] [cpd] Cpd Dart escaped dollar

API Changes

  • XML rule definition in rulesets: In PMD 7, the language attribute will be required on all rule
    elements that declare a new rule. Some base rule classes set the language implicitly in their
    constructor, and so this is not required in all cases for the rule to work. But this
    behavior will be discontinued in PMD 7, so missing language attributes are now
    reported as a forward compatibility warning.

Deprecated API

For removal
Read more
Assets 5

PMD 6.26.0 (25-July-2020)

25 Jul 12:23
@pmd-bot pmd-bot
pmd_releases/6.26.0
a9632e2
Compare
Choose a tag to compare
PMD 6.26.0 (25-July-2020)

25-July-2020 - 6.26.0

The PMD team is pleased to announce PMD 6.26.0.

This is a minor release.

Table Of Contents

New and noteworthy

New Rules

  • The new Java rule UnusedAssignment (java-bestpractices) finds assignments
    to variables, that are never used and are useless. The new rule is supposed to entirely replace
    DataflowAnomalyAnalysis.

Modified rules

  • The Java rule ArrayIsStoredDirectly (java-bestpractices) now ignores
    by default private methods and constructors. You can restore the old behavior by setting the new property
    allowPrivate to "false".

Fixed Issues

  • apex
    • #2610: [apex] Support top-level enums in rules
  • apex-bestpractices
    • #2626: [apex] UnusedLocalVariable - false positive on case insensitivity allowed in Apex
  • apex-performance
    • #2598: [apex] AvoidSoqlInLoops false positive for SOQL with in For-Loop
  • apex-security
    • #2620: [visualforce] False positive on VfUnescapeEl with new Message Channel feature
  • core
    • #710: [core] Review used dependencies
    • #2594: [core] Update exec-maven-plugin and align it in all project
    • #2615: [core] PMD/CPD produces invalid XML (insufficient escaping/wrong encoding)
  • java-bestpractices
    • #2543: [java] UseCollectionIsEmpty can not detect the case this.foo.size()
    • #2569: [java] LiteralsFirstInComparisons: False negative for methods returning Strings
    • #2622: [java] ArrayIsStoredDirectly false positive with private constructor/methods
  • java-codestyle
    • #2546: [java] DuplicateImports reported for the same import... and import static...
  • java-design
    • #2174: [java] LawOfDemeter: False positive with 'this' pointer
    • #2181: [java] LawOfDemeter: False positive with indexed array access
    • #2189: [java] LawOfDemeter: False positive when casting to derived class
    • #2580: [java] AvoidThrowingNullPointerException marks all NullPointerException objects as wrong, whether or not thrown
    • #2625: [java] NPathComplexity can't handle switch expressions
  • java-errorprone
    • #2578: [java] AvoidCallingFinalize detects some false positives
    • #2634: [java] NullPointerException in rule ProperCloneImplementation
  • java-performance
    • #1736: [java] UseStringBufferForStringAppends: False positive if only one concatenation
    • #2207: [java] AvoidInstantiatingObjectsInLoops: False positive - should not flag objects when assigned to lists/arrays

API Changes

Deprecated API

For removal

External Contributions

Stats

  • 156 commits
  • 43 closed tickets & PRs
  • Days since last release: 28
Assets 5

PMD 6.25.0 (27-June-2020)

27 Jun 10:05
@pmd-bot pmd-bot
pmd_releases/6.25.0
a219b2e
Compare
Choose a tag to compare
PMD 6.25.0 (27-June-2020)

27-June-2020 - 6.25.0

The PMD team is pleased to announce PMD 6.25.0.

This is a minor release.

Table Of Contents

New and noteworthy

Scala cross compilation

Up until now the PMD Scala module has been compiled against scala 2.13 only by default.
However, this makes it impossible to use pmd as a library in scala projects,
that use scala 2.12, e.g. in sbt plugins. Therefore PMD now provides cross compiled pmd-scala
modules for both versions: scala 2.12 and scala 2.13.

The new modules have new maven artifactIds. The old artifactId net.sourceforge.pmd:pmd-scala:6.25.0
is still available, but is deprecated from now on. It has been demoted to be just a delegation to the new
pmd-scala_2.13 module and will be removed eventually.

The coordinates for the new modules are:

<dependency>
    <groupId>net.sourceforge.pmd</groupId>
    <artifactId>pmd-scala_2.12</artifactId>
    <version>6.25.0</version>
</dependency>

<dependency>
    <groupId>net.sourceforge.pmd</groupId>
    <artifactId>pmd-scala_2.13</artifactId>
    <version>6.25.0</version>
</dependency>

The command line version of PMD continues to use scala 2.13.

New Rules

  • The new Java Rule UnnecessaryCast (java-codestyle)
    finds casts that are unnecessary while accessing collection elements.

  • The new Java Rule AvoidCalendarDateCreation (java-performance)
    finds usages of java.util.Calendar whose purpose is just to get the current date. This
    can be done in a more lightweight way.

  • The new Java Rule UseIOStreamsWithApacheCommonsFileItem (java-performance)
    finds usage of FileItem.get() and FileItem.getString(). These two methods are problematic since
    they load the whole uploaded file into memory.

Modified rules

  • The Java rule UseDiamondOperator (java-codestyle) now by default
    finds unnecessary usages of type parameters, which are nested, involve wildcards and are used
    within a ternary operator. These usages are usually only unnecessary with Java8 and later, when
    the type inference in Java has been improved.

    In order to avoid false positives when checking Java7 only code, the rule has the new property
    java7Compatibility, which is disabled by default. Settings this to "true" retains
    the old rule behaviour.

Fixed Issues

  • apex-bestpractices
    • #2554: [apex] Exception applying rule UnusedLocalVariable on trigger
  • core
    • #971: [apex][plsql][java] Deprecate overly specific base rule classes
    • #2451: [core] Deprecate support for List attributes with XPath 2.0
    • #2599: [core] Fix XPath 2.0 Rule Chain Analyzer with Unions
    • #2483: [lang-test] Support cpd tests based on text comparison.
      For details see
      Testing your implementation
      in the developer documentation.
  • c#
    • #2551: [c#] CPD suppression with comments doesn't work
  • cpp
    • #1757: [cpp] Support unicode characters
  • java
    • #2549: [java] Auxclasspath in PMD CLI does not support relative file path
  • java-codestyle
    • #2545: [java] UseDiamondOperator false negatives
    • #2573: [java] DefaultPackage: Allow package default JUnit 5 Test methods
  • java-design
    • #2563: [java] UselessOverridingMethod false negative with already public methods
    • #2570: [java] NPathComplexity should mention the expected NPath complexity
  • java-errorprone
    • #2544: [java] UseProperClassLoader can not detect the case with method call on intermediate variable
  • java-performance
    • #2591: [java] InefficientStringBuffering/AppendCharacterWithChar: Fix false negatives with concats in appends
    • #2600: [java] UseStringBufferForStringAppends: fix false negative with fields
  • scala
    • #2547: [scala] Add cross compilation for scala 2.12 and 2.13

API Changes

  • The maven module net.sourceforge.pmd:pmd-scala is deprecated. Use net.sourceforge.pmd:pmd-scala_2.13
    or net.sourceforge.pmd:pmd-scala_2.12 instead.

  • Rule implementation classes are internal API and should not be used by clients directly.
    The rules should only be referenced via their entry in the corresponding category ruleset
    (e.g. <rule ref="category/java/bestpractices.xml/AbstractClassWithoutAbstractMethod" />).

    While we definitely won't move or rename the rule classes in PMD 6.x, we might consider changes
    in PMD 7.0.0 and onwards.

Deprecated APIs

Internal API

Those APIs are not intended to be used by clients, and will be hidden or removed with PMD 7.0.0.
You can identify them with the @InternalApi annotation. You'll also get a deprecation warning.

For removal
Read more
Assets 5

PMD 6.24.0 (24-May-2020)

24 May 16:08
@pmd-bot pmd-bot
pmd_releases/6.24.0
229cb2b
Compare
Choose a tag to compare
PMD 6.24.0 (24-May-2020)

24-May-2020 - 6.24.0

The PMD team is pleased to announce PMD 6.24.0.

This is a minor release.

Table Of Contents

New and noteworthy

CPD now supports XML as well

Thanks to Fernando Cosso CPD can now find duplicates in XML files as well.
This is useful to find duplicated sections in XML files.

Updated PMD Designer

This PMD release ships a new version of the pmd-designer.
For the changes, see PMD Designer Changelog.

New Rules

  • The new Java Rule LiteralsFirstInComparisons (java-bestpractices)
    find String literals, that are used in comparisons and are not positioned first. Using the String literal
    as the receiver of e.g. equals helps to avoid NullPointerExceptions.

    This rule is replacing the two old rules PositionLiteralsFirstInComparisons
    and PositionLiteralsFirstInCaseInsensitiveComparisons and extends the check
    for the methods compareTo, compareToIgnoreCase and contentEquals in addition to equals and
    equalsIgnoreCase.

    Note: This rule also replaces the two mentioned rules in Java's quickstart ruleset.

Deprecated Rules

Fixed Issues

  • apex-bestpractices
    • #2468: [apex] Unused Local Variable fails on blocks
  • core
    • #2444: [core] Support reproducible builds
    • #2484: [core] Update maven-enforcer-plugin to require Java 118
  • c#
    • #2495: [c#] Support for interpolated verbatim strings
  • java
    • #2472: [java] JavaCharStream throws an Error on invalid escape
  • java-bestpractices
    • #2145: [java] Deprecate rules PositionLiteralsFirstIn(CaseInsensitive)Comparisons in favor of LiteralsFirstInComparisons
    • #2288: [java] JUnitTestsShouldIncludeAssert: Add support for Hamcrest MatcherAssert.assertThat
    • #2437: [java] AvoidPrintStackTrace can't detect the case e.getCause().printStackTrace()
  • java-codestyle
    • #2476: [java] MethodNamingConventions - Add support for JUnit 5 method naming
  • java-errorprone
    • #2477: [java] JUnitSpelling false-positive for JUnit5/4 tests
  • swift
    • #2473: [swift] Swift 5 (up to 5.2) support for CPD

API Changes

Deprecated APIs

Experimental APIs

Note: Experimental APIs are identified with the annotation Experimental,
see its javadoc for details

External Contributions

Stats

  • 114 commits
  • 29 closed tickets & PRs
  • Days since last release: 30
Assets 5

PMD 6.23.0 (24-April-2020)

24 Apr 09:39
@pmd-bot pmd-bot
pmd_releases/6.23.0
921c65f
Compare
Choose a tag to compare
PMD 6.23.0 (24-April-2020)

24-April-2020 - 6.23.0

The PMD team is pleased to announce PMD 6.23.0.

This is a minor release.

Table Of Contents

New and noteworthy

PMD adopts Contributor Code of Conduct

To facilitate healthy and constructive community behavior PMD adopts
Contributor Convenant as its code of
conduct.

Please note that this project is released with a Contributor Code of Conduct.
By participating in this project you agree to abide by its terms.

You can find the code of conduct in the file code_of_conduct.md
in our repository.

Performance improvements for XPath 2.0 rules

XPath rules written with XPath 2.0 now support conversion to a rulechain rule, which
improves their performance. The rulechain is a mechanism that allows several rules
to be executed in a single tree traversal. Conversion to the rulechain is possible if
your XPath expression looks like //someNode/... | //someOtherNode/... | ..., that
is, a union of one or more path expressions that start with //. Instead of traversing
the whole tree once per path expression (and per rule), a single traversal executes all
rules in your ruleset as needed.

This conversion is performed automatically and cannot be disabled. The conversion should
not change the result of your rules, if it does, please report a bug at https://github.com/pmd/pmd/issues

Note that XPath 1.0 support, the default XPath version, is deprecated since PMD 6.22.0.
We highly recommend that you upgrade your rules to XPath 2.0. Please refer to the migration guide.

Javascript improvements for ES6

PMD uses the Rhino library to parse Javascript.
The default version has been set to ES6, so that some ECMAScript 2015 features are
supported. E.g. let statements and for-of loops are now parsed. However Rhino does
not support all features.

New JSON renderer

PMD now supports a JSON renderer (use it with -f json on the CLI).
See the documentation and example

New Rules

Fixed Issues

  • apex-design
    • #2358: [apex] Invalid Apex in Cognitive Complexity tests
  • apex-security
    • #2210: [apex] ApexCRUDViolation: Support WITH SECURITY_ENFORCED
    • #2399: [apex] ApexCRUDViolation: false positive with security enforced with line break
  • core
    • #1286: [core] Export Supporting JSON Format
    • #2019: [core] Insufficient deprecation warnings for XPath attributes
    • #2357: Add code of conduct: Contributor Covenant
    • #2426: [core] CodeClimate renderer links are dead
    • #2432: [core] Close ZIP data sources even if a runtime exception or error is thrown
  • doc
    • #2355: [doc] Improve documentation about incremental analysis
    • #2356: [doc] Add missing doc about pmd.github.io
    • #2412: [core] HTMLRenderer doesn't render links to source files
    • #2413: [doc] Improve documentation about the available renderers (PMD/CPD)
  • java
    • #2378: [java] AbstractJUnitRule has bad performance on large code bases
  • java-bestpractices
    • #2398: [java] AbstractClassWithoutAbstractMethod false negative with inner abstract classes
  • java-codestyle
    • #1164: [java] ClassNamingConventions suggests to add Util for class containing only static constants
    • #1723: [java] UseDiamondOperator false-positive inside lambda
  • java-design
    • #2390: [java] AbstractClassWithoutAnyMethod: missing violation for nested classes
  • java-errorprone
    • #2402: [java] CloseResource possible false positive with Primitive Streams
  • java-multithreading
    • #2313: [java] Documenation for DoNotUseThreads is outdated
  • javascript
    • #1235: [javascript] Use of let results in an Empty Statement in the AST
    • #2379: [javascript] Support for-of loop
  • javascript-errorprone
    • #384: [javascript] Trailing commas not detected on French default locale

API Changes

Deprecated APIs

Internal API

Those APIs are not intended to be used by clients, and will be hidden or removed with PMD 7.0.0.
You can identify them with the @InternalApi annotation. You'll also get a deprecation warning.

In ASTs

As part of the changes we'd like to do to AST classes for 7.0.0, we would like to
hide some methods and constructors that rule writers should not have access to.
The following usages are now deprecated in the Apex, Javascript, PL/SQL, Scala and Visualforce ASTs:

  • Manual instantiation of nodes. Constructors of node classes are deprecated and
    marked InternalApi. Nodes should only be obtained from the parser,
    which for rules, means that they never need to instantiate node themselves.
    Those constructors will be made package private with 7.0.0.
  • Subclassing of abstract node classes, or usage of their type. The base classes are internal API
    and will be hidden in version 7.0.0. You should not couple your code to them.
    • In the meantime you should use interfaces like VfNode or
      Node, or the other published interfaces in this package,
      to refer to nodes generically.
    • Concrete node classes will be made final with 7.0.0.
  • Setters found in any node class or interface. Rules should consider the AST immutable.
    We will make those setters package private with 7.0.0.
  • The implementation classes of Parser (eg VfParser) are deprecated and should not be used directly.
    Use LanguageVersionHandler#getParser instead.
  • The implementation classes of TokenManager (eg VfTokenManager) are deprecated and should not be used outside of our implementation.
    This also affects CPD-only modules.

These deprecations are added to the following language modules in this release.
Please look at the package documentation to find out the full list of deprecations.

Read more
Assets 5

PMD 6.22.0 (12-March-2020)

12 Mar 15:07
@pmd-bot pmd-bot
pmd_releases/6.22.0
eb93aae
Compare
Choose a tag to compare
PMD 6.22.0 (12-March-2020)

12-March-2020 - 6.22.0

The PMD team is pleased to announce PMD 6.22.0.

This is a minor release.

Table Of Contents

New and noteworthy

Java 14 Support

This release of PMD brings support for Java 14. PMD can parse Switch Expressions,
which have been promoted to be a standard language feature of Java.

PMD also parses Text Blocks as String literals, which is still a preview
language feature in Java 14.

The new Pattern Matching for instanceof can be used as well as
Records.

Note: The Text Blocks, Pattern Matching for instanceof and Records are all preview language features of OpenJDK 14
and are not enabled by default. In order to
analyze a project with PMD that uses these language features, you'll need to enable it via the environment
variable PMD_JAVA_OPTS and select the new language version 14-preview:

export PMD_JAVA_OPTS=--enable-preview
./run.sh pmd -language java -version 14-preview ...

Note: Support for the extended break statement introduced in Java 12 as a preview language feature
has been removed from PMD with this version. The version "12-preview" is no longer available.

Updated PMD Designer

This PMD release ships a new version of the pmd-designer.
For the changes, see PMD Designer Changelog.

Apex Suppressions

In addition to suppressing violation with the @SuppressWarnings annotation, Apex now also supports
the suppressions with a NOPMD comment. See Suppressing warnings.

Improved CPD support for C#

The C# tokenizer is now based on an antlr grammar instead of a manual written tokenizer. This
should give more accurate results and especially fixes the problems with the using statement syntax
(see #2139).

XPath Rules

See the new documentation about Writing XPath Rules.

Note: As of PMD version 6.22.0, XPath versions 1.0 and the 1.0 compatibility mode are deprecated.
XPath 2.0 is superior in many ways, for example for its support for type checking, sequence values,
or quantified expressions. For a detailed but approachable review of the features of XPath 2.0 and above,
see the Saxon documentation.

New Rules

  • The Rule CognitiveComplexity (apex-design) finds methods and classes
    that are highly complex and therefore difficult to read and more costly to maintain. In contrast
    to cyclomatic complexity, this rule uses "Cognitive Complexity", which is a measure of how
    difficult it is for humans to read and understand a method.

  • The Rule TestMethodsMustBeInTestClasses (apex-errorprone) finds test methods
    that are not residing in a test class. The test methods should be moved to a proper test class.
    Support for tests inside functional classes was removed in Spring-13 (API Version 27.0), making classes
    that violate this rule fail compile-time. This rule is however useful when dealing with legacy code.

Fixed Issues

  • apex
    • #1087: [apex] Support suppression via //NOPMD
    • #2306: [apex] Switch statements are not parsed/supported
  • apex-design
    • #2162: [apex] Cognitive Complexity rule
  • apex-errorprone
    • #639: [apex] Test methods should not be in classes other than test classes
  • cs
    • #2139: [cs] CPD doesn't understand alternate using statement syntax with C# 8.0
  • doc
    • #2274: [doc] Java API documentation for PMD
  • java
    • #2159: [java] Prepare for JDK 14
    • #2268: [java] Improve TypeHelper resilience
  • java-bestpractices
    • #2277: [java] FP in UnusedImports for ambiguous static on-demand imports
  • java-design
    • #911: [java] UselessOverridingMethod false positive when elevating access modifier
  • java-errorprone
    • #2242: [java] False-positive MisplacedNullCheck reported
    • #2250: [java] InvalidLogMessageFormat flags logging calls using a slf4j-Marker
    • #2255: [java] InvalidLogMessageFormat false-positive for a lambda argument
  • java-performance
    • #2275: [java] AppendCharacterWithChar flags literals in an expression
  • plsql
    • #2325: [plsql] NullPointerException while running parsing test for CREATE TRIGGER
    • #2327: [plsql] Parsing of WHERE CURRENT OF
    • #2328: [plsql] Support XMLROOT
    • #2331: [plsql] Fix in Comment statement
    • #2332: [plsql] Fixed Execute Immediate statement parsing
    • #2340: [plsql] Fixed parsing / as divide or execute

API Changes

Deprecated APIs

Internal API

Those APIs are not intended to be used by clients, and will be hidden or removed with PMD 7.0.0.
You can identify them with the @InternalApi annotation. You'll also get a deprecation warning.

Read more
Assets 5