Releases: pmd/pmd
PMD 6.31.0 (30-January-2021)
30-January-2021 - 6.31.0
The PMD team is pleased to announce PMD 6.31.0.
This is a minor release.
Table Of Contents
New and noteworthy
SARIF Format
PMD now supports the Static Analysis Results Interchange Format (SARIF)
as an additional report format. Just use the command line parameter -format sarif
to select it.
SARIF is an OASIS standard format for static analysis tools.
PMD creates SARIF JSON files in SARIF version 2.1.0.
An example report can be found in the documentation in Report formats for PMD.
CPD
- The C++ module now supports the new option
--ignore-literal-sequences
,
which can be used to avoid detection of some uninteresting clones. This options has been
introduced with PMD 6.30.0 for C# and is now available for C++ as well. See #2963.
New Rules
-
The new Apex rule
OverrideBothEqualsAndHashcode
brings the well known Java rule
to Apex. In Apex the same principle applies:equals
andhashCode
should always be overridden
together to ensure collection classes such as Maps and Sets work as expected. -
The new Visualforce rule
VfHtmlStyleTagXss
checks for potential XSS problems
when using<style>
tags on Visualforce pages.
Deprecated rules
- java-performance
AvoidUsingShortType
: arithmetic on shorts is not significantly
slower than on ints, whereas using shorts may provide significant memory savings in arrays.SimplifyStartsWith
: the suggested code transformation has an
insignificant performance impact, and decreases readability.
Fixed Issues
- core
- java-bestpractices
- #575: [java] LiteralsFirstInComparisons should consider constant fields
- #2454: [java] UnusedPrivateMethod violation for disabled class in 6.23.0
- #2833: [java] NPE in UseCollectionIsEmptyRule with enums
- #2876: [java] UnusedPrivateField cannot override ignored annotations property
- #2957: [java] Ignore unused declarations that have special name
- java-codestyle
- #2960: [java] Thread issue in MethodNamingConventionsRule
- java-design
- #3006: [java] NPE in SingularFieldRule with concise resource syntax
- java-errorprone
- #2976: [java] CompareObjectsWithEquals: FP with array.length
- #2977: [java] 6.30.0 introduces new false positive in CloseResource rule?
- #2979: [java] UseEqualsToCompareStrings: FP with "var" variables
- #3004: [java] UseEqualsToCompareStrings false positive with PMD 6.30.0
- #3062: [java] CloseResource FP with reassigned stream
- java-performance
- vf-security
- #3081: [vf] VfUnescapeEl: Inherently un-XSS-able built-in functions trigger false positives
API Changes
Deprecated API
AbstractDomXmlRule
AbstractWsdlRule
- A few methods of
AbstractXmlRule
Experimental APIs
- The method
GenericToken#getKind
has been added as experimental. This
unifies the token interface for both JavaCC and Antlr. The already existing method
AntlrToken#getKind
is therefore experimental as well. The
returned constant depends on the actual language and might change whenever the grammar
of the language is changed.
External Contributions
- #2666: [swift] Manage swift5 string literals - kenji21
- #2959: [apex] New Rule: override equals and hashcode rule - recdevs
- #2963: [cpp] Add option to ignore sequences of literals - Maikel Steneker
- #2964: [cs] Update C# grammar for additional C# 7 and C# 8 features - Maikel Steneker
- #2965: [cs] Improvements for ignore sequences of literals functionality - Maikel Steneker
- #2968: [java] NPE in UseCollectionIsEmptyRule with enums - foxmason
- #2983: [java] LiteralsFirstInComparisons should consider constant fields - Ozan Gulle
- #2994: [core] Fix code climate severity strings - Vincent Maurin
- #3005: [vf] [New Rule] Handle XSS violations that can occur within Html Style tags - rmohan20
- #3073: [core] Include SARIF renderer - Manuel Moya Ferrer
- #3084: [vf] VfUnescapeEl false-positive with builtin functions - Josh Feingold
Stats
- 116 commits
- 40 closed tickets & PRs
- Days since last release: 49
PMD 6.30.0 (12-December-2020)
12-December-2020 - 6.30.0
The PMD team is pleased to announce PMD 6.30.0.
This is a minor release.
Table Of Contents
New and noteworthy
CPD
-
The C# module now supports the new option
--ignore-literal-sequences
, which can be used to avoid detection of some uninteresting clones. Support for other languages may be added in the future. See #2945 -
The Scala module now supports suppression through
CPD-ON
/CPD-OFF
comment pairs. See #2929
Type information for VisualForce
The Visualforce AST now can resolve the data type of Visualforce expressions that reference Apex Controller properties and Custom Object fields. This feature improves the precision of existing rules, like VfUnescapeEl
.
This can be configured using two environment variables:
PMD_VF_APEXDIRECTORIES
: Comma separated list of directories for Apex classes. Absolute or relative to the Visualforce directory. Default is../classes
. Specifying an empty string will disable data type resolution for Apex Controller properties.PMD_VF_OBJECTSDIRECTORIES
: Comma separated list of directories for Custom Objects. Absolute or relative to the Visualforce directory. Default is../objects
. Specifying an empty string will disable data type resolution for Custom Object fields.
This feature is experimental, in particular, expect changes to the way the configuration is specified. We'll probably extend the CLI instead of relying on environment variables in a future version.
Thanks to Jeff Bartolotta and Roopa Mohan for contributing this!
Fixed Issues
- core
- cs
- #2938: [cs] CPD: ignoring using directives could not be disabled
- java
- scala
- #2480: [scala] Support CPD suppressions
API Changes
Deprecated API
Around RuleSet parsing
RuleSetFactory
andRulesetsFactoryUtils
have been deprecated in favor ofRuleSetLoader
. This is easier to configure, and more maintainable than the multiple overloads ofRuleSetFactoryUtils
.- Some static creation methods have been added to
RuleSet
for simple cases, egforSingleRule
. These replace some counterparts inRuleSetFactory
- Since
RuleSets
is also deprecated, many APIs that require a RuleSets instance now are deprecated, and have a counterpart that expects aList<RuleSet>
. RuleSetReferenceId
,RuleSetReference
,RuleSetFactoryCompatibility
are deprecated. They are most likely not relevant outside of the implementation of pmd-core.
Around the PMD
class
Many classes around PMD's entry point (PMD
) have been deprecated as internal, including:
- The contents of the packages
net.sourceforge.pmd.cli
,net.sourceforge.pmd.processor
SourceCodeProcessor
- The constructors of
PMD
(the class will be made a utility class)
Miscellaneous
ASTPackageDeclaration#getPackageNameImage
,
ASTTypeParameter#getParameterName
and the corresponding XPath attributes. In both cases they're replaced with a new methodgetName
,
the attribute is@Name
.ASTClassOrInterfaceBody#isAnonymousInnerClass
,
andASTClassOrInterfaceBody#isEnumChild
,
refs #905
Internal API
Those APIs are not intended to be used by clients, and will be hidden or removed with PMD 7.0.0.
You can identify them with the @InternalApi
annotation. You'll also get a deprecation warning.
net.sourceforge.pmd.lang.ecmascript.Ecmascript3Handler
net.sourceforge.pmd.lang.ecmascript.Ecmascript3Parser
EcmascriptParser#parserOptions
EcmascriptParser#getSuppressMap
net.sourceforge.pmd.lang.rule.ParametricRuleViolation
ParserOptions#suppressMarker
net.sourceforge.pmd.lang.modelica.rule.ModelicaRuleViolationFactory
External Contributions
- #2864: [vf] Provide expression type information to Visualforce rules to avoid false positives - Jeff Bartolotta
- #2914: [core] Include rule name in text renderer - Gunther Schrijvers
- #2925: Cleanup: Correct annotation array initializer indents from checkstyle #8083 - Abhishek Kumar
- #2929: [scala] Add support for CPD-ON and CPD-OFF special comments - Andy Robinson
- #2936: [java] (doc) Fix typo: "an accessor" not "a" - Igor Moreno
- #2938: [cs] CPD: fix issue where ignoring using directives could not be disabled - Maikel Steneker
- #2945: [cs] Add option to ignore seq...
PMD 6.29.0 (24-October-2020)
24-October-2020 - 6.29.0
The PMD team is pleased to announce PMD 6.29.0.
This is a minor release.
Table Of Contents
New and noteworthy
Updated Apex Support
- The Apex language support has been bumped to version 50 (Winter '21). All new language features are now properly
parsed and processed. Especially the Safe Navigation Operator is now supported.
See also Salesforce Winter '21 Release Notes
New Rules
- The new Apex rule
OperationWithLimitsInLoop
(apex-performance
)
finds operations in loops that may hit governor limits such as DML operations, SOQL
queries and more. The rule replaces the three rules "AvoidDmlStatementsInLoops", "AvoidSoqlInLoops",
and "AvoidSoslInLoops".
Renamed Rules
- The Java rule
DoNotCallSystemExit
has been renamed to
DoNotTerminateVM
, since it checks for all the following calls:
System.exit(int)
,Runtime.exit(int)
,Runtime.halt(int)
. All these calls terminate
the Java VM, which is bad, if the VM runs an application server which many independent applications.
Deprecated Rules
- The Apex rules
AvoidDmlStatementsInLoops
,
AvoidSoqlInLoops
andAvoidSoslInLoops
(apex-performance
) are deprecated in favour of the new rule
OperationWithLimitsInLoop
. The deprecated rules will be removed
with PMD 7.0.0.
Fixed Issues
- apex
- #2839: [apex] Apex classes with safe navigation operator from Winter 21 (50.0) are skipped
- apex-performance
- #1713: [apex] Mark Database DML statements in For Loop
- core
- #2831: [core] Fix XMLRenderer newlines when running under IBM Java
- java-errorprone
- miscellaneous
- #2823: [doc] Renamed/Moved rules are missing in documentation
- vf (Salesforce VisualForce)
- #2765: [vf] Attributes with dot cause a VfParseException
External Contributions
- #2803: [java] Improve DoNotCallSystemExit (Fixes #2157) - Vitaly Polonetsky
- #2809: [java] Move test config from file to test class - Stefan Birkner
- #2810: [core] Move method "renderTempFile" to XMLRendererTest - Stefan Birkner
- #2811: [java] CloseResource - Fix #2764: False-negative when re-assigning variable - Andi Pabst
- #2813: [core] Use JUnit's TemporaryFolder rule - Stefan Birkner
- #2816: [apex] Detect 'Database' method invocations inside loops - Jeff Bartolotta
- #2829: [doc] Small correction in pmd_report_formats.md - Gustavo Krieger
- #2834: [vf] Allow attributes with dot in Visualforce - rmohan20
- #2842: [core] Bump antlr4 from 4.7 to 4.7.2 - Adrien Lecharpentier
- #2865: [java] (doc) Update ExcessiveImports example code for clarity - Gustavo Krieger
- #2866: [java] (doc) Fix example for CouplingBetweenObjects - Gustavo Krieger
Stats
- 50 commits
- 23 closed tickets & PRs
- Days since last release: 27
PMD 6.28.0 (26-September-2020)
26-September-2020 - 6.28.0
The PMD team is pleased to announce PMD 6.28.0.
This is a minor release.
Table Of Contents
New and noteworthy
CPD's AnyTokenizer has been improved
The AnyTokenizer is used for languages, that don't have an own lexer/grammar based tokenizer.
AnyTokenizer now handles string literals and end-of-line comments. Fortran, Perl and Ruby have
been updated to use AnyTokenizer instead of their old custom tokenizer based on AbstractTokenizer.
See #2758 for details.
AbstractTokenizer and the custom tokenizers of Fortran, Perl and Ruby are deprecated now.
Fixed Issues
-
cpd
-
apex-security
- #2774: [apex] ApexSharingViolations does not correlate sharing settings with class that contains data access
-
java
- #2738: [java] Custom rule with @ExhaustiveEnumSwitch throws NPE
- #2755: [java] [6.27.0] Exception applying rule CloseResource on file ... java.lang.NullPointerException
- #2756: [java] TypeTestUtil fails with NPE for anonymous class
- #2767: [java] IndexOutOfBoundsException when parsing an initializer BlockStatement
- #2783: [java] Error while parsing with lambda of custom interface
-
java-bestpractices
- #2759: [java] False positive in UnusedAssignment
-
java-design
- #2708: [java] False positive FinalFieldCouldBeStatic when using lombok Builder.Default
API Changes
Deprecated API
For removal
net.sourceforge.pmd.RuleViolationComparator
. UseRuleViolation#DEFAULT_COMPARATOR
instead.net.sourceforge.pmd.cpd.AbstractTokenizer
. Usenet.sourceforge.pmd.cpd.AnyTokenizer
instead.net.sourceforge.pmd.cpd.FortranTokenizer
. Was replaced by anAnyTokenizer
. UseFortranLanguage#getTokenizer
anyway.net.sourceforge.pmd.cpd.PerlTokenizer
. Was replaced by anAnyTokenizer
. UsePerlLanguage#getTokenizer
anyway.net.sourceforge.pmd.cpd.RubyTokenizer
. Was replaced by anAnyTokenizer
. UseRubyLanguage#getTokenizer
anyway.RuleReference#getOverriddenLanguage
and
RuleReference#setLanguage
- Antlr4 generated lexers:
net.sourceforge.pmd.lang.cs.antlr4.CSharpLexer
will be moved to packagenet.sourceforge.pmd.lang.cs.ast
with PMD 7.net.sourceforge.pmd.lang.dart.antlr4.Dart2Lexer
will be renamed toDartLexer
and moved to package
net.sourceforge.pmd.lang.dart.ast
with PMD 7. All other classes in the old package will be removed.net.sourceforge.pmd.lang.go.antlr4.GolangLexer
will be moved to package
net.sourceforge.pmd.lang.go.ast
with PMD 7. All other classes in the old package will be removed.net.sourceforge.pmd.lang.kotlin.antlr4.Kotlin
will be renamed toKotlinLexer
and moved to package
net.sourceforge.pmd.lang.kotlin.ast
with PMD 7.net.sourceforge.pmd.lang.lua.antlr4.LuaLexer
will be moved to package
net.sourceforge.pmd.lang.lua.ast
with PMD 7. All other classes in the old package will be removed.
External Contributions
- #2735: [ci] Add github actions for a fast view of pr succeed/not - XenoAmess
- #2747: [java] Don't trigger FinalFieldCouldBeStatic when field is annotated with lombok @Builder.Default - Ollie Abbey
- #2773: [java] issue-2738: Adding null check to avoid npe when switch case is default - Nimit Patel
- #2789: Add badge for reproducible build - Dan Rollo
- #2791: [apex] Analyze inner classes for sharing violations - Jeff Bartolotta
Stats
- 58 commits
- 24 closed tickets & PRs
- Days since last release: 25
PMD 6.27.0 (31-August-2020)
31-August-2020 - 6.27.0
The PMD team is pleased to announce PMD 6.27.0.
This is a minor release.
Table Of Contents
New and noteworthy
Java 15 Support
This release of PMD brings support for Java 15. PMD can parse Text Blocks
which have been promoted to be a standard language feature of Java.
PMD also supports Pattern Matching for instanceof,
Records, and Sealed Classes.
Note: The Pattern Matching for instanceof, Records, and Sealed Classes are all preview language features of OpenJDK 15
and are not enabled by default. In order to
analyze a project with PMD that uses these language features, you'll need to enable it via the environment
variable PMD_JAVA_OPTS
and select the new language version 15-preview
:
export PMD_JAVA_OPTS=--enable-preview
./run.sh pmd -language java -version 15-preview ...
Note: Support for Java 13 preview language features have been removed. The version "13-preview" is no longer available.
Changes in how tab characters are handled
In the past, tab characters in source files has been handled differently in different languages by PMD.
For instance in Java, tab characters had a width of 8 columns, while C# used only 1 column. Visualforce instead
used 4 columns.
This has been unified now so that tab characters are consistently now always 1 column wide.
This however might be a incompatible change, if you're using the properties "BeginColumn" or "EndColumn"
additionally to "BeginLine" and "EndLine" of a Token/AST node in order to highlight
where a rule violation occurred in the source file. If you have logic there that deals with tab characters,
you most likely can remove this logic now, since tab characters are now just "normal" characters
in terms of string processing.
See also [all] Ensure PMD/CPD uses tab width of 1 for tabs consistently #2656.
Updated PMD Designer
This PMD release ships a new version of the pmd-designer.
For the changes, see PMD Designer Changelog.
New Rules
- The new Java rule
AvoidReassigningCatchVariables
(java-bestpractices
) finds
cases where the variable of the caught exception is reassigned. This practice is surprising and prevents
further evolution of the code like multi-catch.
Modified Rules
-
The Java rule
CloseResource
(java-errorprone
) has a new property
closeNotInFinally
. With this property set totrue
the rule will also find calls to close a
resource, which are not in a finally-block of a try-statement. If a resource is not closed within a
finally block, it might not be closed at all in case of exceptions.As this new detection would yield many new violations, it is disabled by default. It might be
enabled in a later version of PMD.
Deprecated Rules
- The Java rule
DataflowAnomalyAnalysis
(java-errorprone
)
is deprecated in favour ofUnusedAssignment
(java-bestpractices
),
which was introduced in PMD 6.26.0.
Fixed Issues
- core
- java
- #2646: [java] Support JDK 15
- java-bestpractices
- #2471: [java] New Rule: AvoidReassigningCatchVariables
- #2663: [java] NoClassDefFoundError on upgrade from 6.25.0 to 6.26.0
- #2668: [java] UnusedAssignment false positives
- #2673: [java] UnusedPrivateField and SingularField false positive with lombok annotation EqualsAndHashCode
- #2684: [java] UnusedAssignment FP in try/catch
- #2686: [java] UnusedAssignment must not flag abstract method parameters in interfaces and abstract classes
- java-design
- java-errorprone
- #2264: [java] SuspiciousEqualsMethodName: Improve description about error-prone overloading of equals()
- #2410: [java] ProperCloneImplementation not valid for final class
- #2431: [java] InvalidLogMessageFormatRule throws IndexOutOfBoundsException when only logging exception message
- #2439: [java] AvoidCatchingThrowable can not detect the case: catch (java.lang.Throwable t)
- #2470: [java] CloseResource false positive when resource included in return value
- #2531: [java] UnnecessaryCaseChange can not detect the case like: foo.equals(bar.toLowerCase())
- #2647: [java] Deprecate rule DataFlowAnomalyAnalysis
- java-performance
- dart
- #2750: [dart] [cpd] Cpd Dart escaped dollar
API Changes
- XML rule definition in rulesets: In PMD 7, the
language
attribute will be required on allrule
elements that declare a new rule. Some base rule classes set the language implicitly in their
constructor, and so this is not required in all cases for the rule to work. But this
behavior will be discontinued in PMD 7, so missinglanguage
attributes are now
reported as a forward compatibility warning.
Deprecated API
For removal
Rule#getParserOptions
Parser#getParserOptions
AbstractParser
RuleContext#removeAttribute
RuleContext#getAttribute
RuleContext#setAttribute
ApexParserOptions
ASTThrowStatement#getFirstClassOrInterfaceTypeImage
EcmascriptParserOptions
EcmascriptXPathRule
XmlParserOptions
XmlXPathRule
- Properties of <a href="https://docs.pmd-code.org...
PMD 6.26.0 (25-July-2020)
25-July-2020 - 6.26.0
The PMD team is pleased to announce PMD 6.26.0.
This is a minor release.
Table Of Contents
New and noteworthy
New Rules
- The new Java rule
UnusedAssignment
(java-bestpractices
) finds assignments
to variables, that are never used and are useless. The new rule is supposed to entirely replace
DataflowAnomalyAnalysis
.
Modified rules
- The Java rule
ArrayIsStoredDirectly
(java-bestpractices
) now ignores
by default private methods and constructors. You can restore the old behavior by setting the new property
allowPrivate
to "false".
Fixed Issues
- apex
- #2610: [apex] Support top-level enums in rules
- apex-bestpractices
- #2626: [apex] UnusedLocalVariable - false positive on case insensitivity allowed in Apex
- apex-performance
- #2598: [apex] AvoidSoqlInLoops false positive for SOQL with in For-Loop
- apex-security
- #2620: [visualforce] False positive on VfUnescapeEl with new Message Channel feature
- core
- java-bestpractices
- java-codestyle
- #2546: [java] DuplicateImports reported for the same import... and import static...
- java-design
- #2174: [java] LawOfDemeter: False positive with 'this' pointer
- #2181: [java] LawOfDemeter: False positive with indexed array access
- #2189: [java] LawOfDemeter: False positive when casting to derived class
- #2580: [java] AvoidThrowingNullPointerException marks all NullPointerException objects as wrong, whether or not thrown
- #2625: [java] NPathComplexity can't handle switch expressions
- java-errorprone
- java-performance
API Changes
Deprecated API
For removal
RuleChainVisitor
and all implementations in language modulesAbstractRuleChainVisitor
Language#getRuleChainVisitorClass
BaseLanguageModule#<init>
ImportWrapper
External Contributions
- #2558: [java] Fix issue #1736 and issue #2207 - Young Chan
- #2560: [java] Fix false positives of LawOfDemeter: this and cast expressions - xioayuge
- #2590: Update libraries snyk is referring to as
unsafe
- Artem Krosheninnikov - #2597: [dependencies] Fix issue #2594, update exec-maven-plugin everywhere - Artem Krosheninnikov
- #2621: [visualforce] add new safe resource for VfUnescapeEl - Peter Chittum
- #2640: [java] NullPointerException in rule ProperCloneImplementation - Mykhailo Palahuta
- #2641: [java] AvoidThrowingNullPointerException marks all NullPointerException… - Mykhailo Palahuta
- #2643: [java] AvoidCallingFinalize detects some false positives (2578) - Mykhailo Palahuta
- #2651: [java] False negative: LiteralsFirstInComparisons for methods... (2569) - Mykhailo Palahuta
- #2652: [java] UseCollectionIsEmpty can not detect the case this.foo.size() - Mykhailo Palahuta
Stats
- 156 commits
- 43 closed tickets & PRs
- Days since last release: 28
PMD 6.25.0 (27-June-2020)
27-June-2020 - 6.25.0
The PMD team is pleased to announce PMD 6.25.0.
This is a minor release.
Table Of Contents
New and noteworthy
Scala cross compilation
Up until now the PMD Scala module has been compiled against scala 2.13 only by default.
However, this makes it impossible to use pmd as a library in scala projects,
that use scala 2.12, e.g. in sbt plugins. Therefore PMD now provides cross compiled pmd-scala
modules for both versions: scala 2.12 and scala 2.13.
The new modules have new maven artifactIds. The old artifactId net.sourceforge.pmd:pmd-scala:6.25.0
is still available, but is deprecated from now on. It has been demoted to be just a delegation to the new
pmd-scala_2.13
module and will be removed eventually.
The coordinates for the new modules are:
<dependency>
<groupId>net.sourceforge.pmd</groupId>
<artifactId>pmd-scala_2.12</artifactId>
<version>6.25.0</version>
</dependency>
<dependency>
<groupId>net.sourceforge.pmd</groupId>
<artifactId>pmd-scala_2.13</artifactId>
<version>6.25.0</version>
</dependency>
The command line version of PMD continues to use scala 2.13.
New Rules
-
The new Java Rule
UnnecessaryCast
(java-codestyle
)
finds casts that are unnecessary while accessing collection elements. -
The new Java Rule
AvoidCalendarDateCreation
(java-performance
)
finds usages ofjava.util.Calendar
whose purpose is just to get the current date. This
can be done in a more lightweight way. -
The new Java Rule
UseIOStreamsWithApacheCommonsFileItem
(java-performance
)
finds usage ofFileItem.get()
andFileItem.getString()
. These two methods are problematic since
they load the whole uploaded file into memory.
Modified rules
-
The Java rule
UseDiamondOperator
(java-codestyle
) now by default
finds unnecessary usages of type parameters, which are nested, involve wildcards and are used
within a ternary operator. These usages are usually only unnecessary with Java8 and later, when
the type inference in Java has been improved.In order to avoid false positives when checking Java7 only code, the rule has the new property
java7Compatibility
, which is disabled by default. Settings this to "true" retains
the old rule behaviour.
Fixed Issues
- apex-bestpractices
- #2554: [apex] Exception applying rule UnusedLocalVariable on trigger
- core
- #971: [apex][plsql][java] Deprecate overly specific base rule classes
- #2451: [core] Deprecate support for List attributes with XPath 2.0
- #2599: [core] Fix XPath 2.0 Rule Chain Analyzer with Unions
- #2483: [lang-test] Support cpd tests based on text comparison.
For details see
Testing your implementation
in the developer documentation.
- c#
- #2551: [c#] CPD suppression with comments doesn't work
- cpp
- #1757: [cpp] Support unicode characters
- java
- #2549: [java] Auxclasspath in PMD CLI does not support relative file path
- java-codestyle
- java-design
- java-errorprone
- #2544: [java] UseProperClassLoader can not detect the case with method call on intermediate variable
- java-performance
- scala
- #2547: [scala] Add cross compilation for scala 2.12 and 2.13
API Changes
-
The maven module
net.sourceforge.pmd:pmd-scala
is deprecated. Usenet.sourceforge.pmd:pmd-scala_2.13
ornet.sourceforge.pmd:pmd-scala_2.12
instead. -
Rule implementation classes are internal API and should not be used by clients directly.
The rules should only be referenced via their entry in the corresponding category ruleset
(e.g.<rule ref="category/java/bestpractices.xml/AbstractClassWithoutAbstractMethod" />
).While we definitely won't move or rename the rule classes in PMD 6.x, we might consider changes
in PMD 7.0.0 and onwards.
Deprecated APIs
Internal API
Those APIs are not intended to be used by clients, and will be hidden or removed with PMD 7.0.0.
You can identify them with the @InternalApi
annotation. You'll also get a deprecation warning.
AbstractIgnoredAnnotationRule
(Java)AbstractInefficientZeroCheck
(Java)AbstractJUnitRule
(Java)AbstractJavaMetricsRule
(Java)AbstractLombokAwareRule
(Java)AbstractPoorMethodCall
(Java)AbstractSunSecureRule
(Java)AbstractNcssCountRule
(Java)AbstractCommentRule
(Java)AbstractOptimizationRule
(Java)RegexHelper
(Java)AbstractApexUnitTestRule
(Apex)AbstractNcssCountRule
(Apex)AbstractNcssCountRule
(PLSQL)ApexParser
ApexHandler
RuleChain
RuleSets
RulesetsFactoryUtils#getRuleSets
For removal
PMD 6.24.0 (24-May-2020)
24-May-2020 - 6.24.0
The PMD team is pleased to announce PMD 6.24.0.
This is a minor release.
Table Of Contents
New and noteworthy
CPD now supports XML as well
Thanks to Fernando Cosso CPD can now find duplicates in XML files as well.
This is useful to find duplicated sections in XML files.
Updated PMD Designer
This PMD release ships a new version of the pmd-designer.
For the changes, see PMD Designer Changelog.
New Rules
-
The new Java Rule
LiteralsFirstInComparisons
(java-bestpractices
)
find String literals, that are used in comparisons and are not positioned first. Using the String literal
as the receiver of e.g.equals
helps to avoid NullPointerExceptions.This rule is replacing the two old rules
PositionLiteralsFirstInComparisons
andPositionLiteralsFirstInCaseInsensitiveComparisons
and extends the check
for the methodscompareTo
,compareToIgnoreCase
andcontentEquals
in addition toequals
and
equalsIgnoreCase
.Note: This rule also replaces the two mentioned rules in Java's quickstart ruleset.
Deprecated Rules
- The two Java rules
PositionLiteralsFirstInComparisons
andPositionLiteralsFirstInCaseInsensitiveComparisons
have been deprecated
in favor of the new ruleLiteralsFirstInComparisons
.
Fixed Issues
- apex-bestpractices
- #2468: [apex] Unused Local Variable fails on blocks
- core
- c#
- #2495: [c#] Support for interpolated verbatim strings
- java
- #2472: [java] JavaCharStream throws an Error on invalid escape
- java-bestpractices
- #2145: [java] Deprecate rules PositionLiteralsFirstIn(CaseInsensitive)Comparisons in favor of LiteralsFirstInComparisons
- #2288: [java] JUnitTestsShouldIncludeAssert: Add support for Hamcrest MatcherAssert.assertThat
- #2437: [java] AvoidPrintStackTrace can't detect the case e.getCause().printStackTrace()
- java-codestyle
- #2476: [java] MethodNamingConventions - Add support for JUnit 5 method naming
- java-errorprone
- #2477: [java] JUnitSpelling false-positive for JUnit5/4 tests
- swift
- #2473: [swift] Swift 5 (up to 5.2) support for CPD
API Changes
Deprecated APIs
BaseLanguageModule#addVersion(String, LanguageVersionHandler, boolean)
- Some members of
TokenMgrError
, in particular, a new constructor is available
that should be preferred to the old ones AntlrTokenManager.ANTLRSyntaxError
Experimental APIs
Note: Experimental APIs are identified with the annotation Experimental
,
see its javadoc for details
- The experimental methods in
BaseLanguageModule
have been replaced by a
definitive API.
External Contributions
- #2446: [core] Update maven-compiler-plugin to 3.8.1 - Artem Krosheninnikov
- #2448: [java] Operator Wrap check - Harsh Kukreja
- #2449: [plsql] Additional info in SqlStatement, FormalParameter and FetchStatement - Grzegorz Sudolski
- #2452: [doc] Fix "Making Rulesets" doc sample code indentation - Artur Dryomov
- #2457: [xml] Adding XML to CPD supported languages - Fernando Cosso
- #2465: [dependencies] Upgrade hamcrest, mockito and JUnit - Artem Krosheninnikov
- #2469: [apex] fix false positive unused variable if only a method is called - Gwilym Kuiper
- #2475: [swift] Swift 4.2-5.2 support - kenji21
- #2476: [java] MethodNamingConventions - Add support for JUnit 5 method naming - Bruno Ritz
- #2478: [java] New rule: LiteralsFirstInComparisons - John-Teng
- #2479: [java] False positive with Hamcrest's assertThat - andreoss
- #2481: [java] Fix JUnitSpellingRule false positive - Artem Krosheninnikov
- #2493: [java] Deprecate redundant String Comparison rules - John-Teng
- #2495: [c#] Support for interpolated verbatim strings - Maikel Steneker
Stats
- 114 commits
- 29 closed tickets & PRs
- Days since last release: 30
PMD 6.23.0 (24-April-2020)
24-April-2020 - 6.23.0
The PMD team is pleased to announce PMD 6.23.0.
This is a minor release.
Table Of Contents
New and noteworthy
PMD adopts Contributor Code of Conduct
To facilitate healthy and constructive community behavior PMD adopts
Contributor Convenant as its code of
conduct.
Please note that this project is released with a Contributor Code of Conduct.
By participating in this project you agree to abide by its terms.
You can find the code of conduct in the file code_of_conduct.md
in our repository.
Performance improvements for XPath 2.0 rules
XPath rules written with XPath 2.0 now support conversion to a rulechain rule, which
improves their performance. The rulechain is a mechanism that allows several rules
to be executed in a single tree traversal. Conversion to the rulechain is possible if
your XPath expression looks like //someNode/... | //someOtherNode/... | ...
, that
is, a union of one or more path expressions that start with //
. Instead of traversing
the whole tree once per path expression (and per rule), a single traversal executes all
rules in your ruleset as needed.
This conversion is performed automatically and cannot be disabled. The conversion should
not change the result of your rules, if it does, please report a bug at https://github.com/pmd/pmd/issues
Note that XPath 1.0 support, the default XPath version, is deprecated since PMD 6.22.0.
We highly recommend that you upgrade your rules to XPath 2.0. Please refer to the migration guide.
Javascript improvements for ES6
PMD uses the Rhino library to parse Javascript.
The default version has been set to ES6
, so that some ECMAScript 2015 features are
supported. E.g. let
statements and for-of
loops are now parsed. However Rhino does
not support all features.
New JSON renderer
PMD now supports a JSON renderer (use it with -f json
on the CLI).
See the documentation and example
New Rules
-
The new Apex rule
FieldDeclarationsShouldBeAtStart
(apex-codestyle
)
helps to ensure that field declarations are always at the beginning of a class. -
The new Apex rule
UnusedLocalVariable
(apex-bestpractices
) detects unused
local variables.
Fixed Issues
- apex-design
- #2358: [apex] Invalid Apex in Cognitive Complexity tests
- apex-security
- core
- doc
- java
- #2378: [java] AbstractJUnitRule has bad performance on large code bases
- java-bestpractices
- #2398: [java] AbstractClassWithoutAbstractMethod false negative with inner abstract classes
- java-codestyle
- java-design
- #2390: [java] AbstractClassWithoutAnyMethod: missing violation for nested classes
- java-errorprone
- #2402: [java] CloseResource possible false positive with Primitive Streams
- java-multithreading
- #2313: [java] Documenation for DoNotUseThreads is outdated
- javascript
- javascript-errorprone
- #384: [javascript] Trailing commas not detected on French default locale
API Changes
Deprecated APIs
Internal API
Those APIs are not intended to be used by clients, and will be hidden or removed with PMD 7.0.0.
You can identify them with the @InternalApi
annotation. You'll also get a deprecation warning.
In ASTs
As part of the changes we'd like to do to AST classes for 7.0.0, we would like to
hide some methods and constructors that rule writers should not have access to.
The following usages are now deprecated in the Apex, Javascript, PL/SQL, Scala and Visualforce ASTs:
- Manual instantiation of nodes. Constructors of node classes are deprecated and
markedInternalApi
. Nodes should only be obtained from the parser,
which for rules, means that they never need to instantiate node themselves.
Those constructors will be made package private with 7.0.0. - Subclassing of abstract node classes, or usage of their type. The base classes are internal API
and will be hidden in version 7.0.0. You should not couple your code to them. - Setters found in any node class or interface. Rules should consider the AST immutable.
We will make those setters package private with 7.0.0. - The implementation classes of
Parser
(egVfParser
) are deprecated and should not be used directly.
UseLanguageVersionHandler#getParser
instead. - The implementation classes of
TokenManager
(egVfTokenManager
) are deprecated and should not be used outside of our implementation.
This also affects CPD-only modules.
These deprecations are added to the following language modules in this release.
Please look at the package documentation to find out the full list of deprecations.
- Apex: **<a href="https://docs.pmd-...
PMD 6.22.0 (12-March-2020)
12-March-2020 - 6.22.0
The PMD team is pleased to announce PMD 6.22.0.
This is a minor release.
Table Of Contents
New and noteworthy
Java 14 Support
This release of PMD brings support for Java 14. PMD can parse Switch Expressions,
which have been promoted to be a standard language feature of Java.
PMD also parses Text Blocks as String literals, which is still a preview
language feature in Java 14.
The new Pattern Matching for instanceof can be used as well as
Records.
Note: The Text Blocks, Pattern Matching for instanceof and Records are all preview language features of OpenJDK 14
and are not enabled by default. In order to
analyze a project with PMD that uses these language features, you'll need to enable it via the environment
variable PMD_JAVA_OPTS
and select the new language version 14-preview
:
export PMD_JAVA_OPTS=--enable-preview
./run.sh pmd -language java -version 14-preview ...
Note: Support for the extended break statement introduced in Java 12 as a preview language feature
has been removed from PMD with this version. The version "12-preview" is no longer available.
Updated PMD Designer
This PMD release ships a new version of the pmd-designer.
For the changes, see PMD Designer Changelog.
Apex Suppressions
In addition to suppressing violation with the @SuppressWarnings
annotation, Apex now also supports
the suppressions with a NOPMD
comment. See Suppressing warnings.
Improved CPD support for C#
The C# tokenizer is now based on an antlr grammar instead of a manual written tokenizer. This
should give more accurate results and especially fixes the problems with the using statement syntax
(see #2139).
XPath Rules
See the new documentation about Writing XPath Rules.
Note: As of PMD version 6.22.0, XPath versions 1.0 and the 1.0 compatibility mode are deprecated.
XPath 2.0 is superior in many ways, for example for its support for type checking, sequence values,
or quantified expressions. For a detailed but approachable review of the features of XPath 2.0 and above,
see the Saxon documentation.
New Rules
-
The Rule
CognitiveComplexity
(apex-design
) finds methods and classes
that are highly complex and therefore difficult to read and more costly to maintain. In contrast
to cyclomatic complexity, this rule uses "Cognitive Complexity", which is a measure of how
difficult it is for humans to read and understand a method. -
The Rule
TestMethodsMustBeInTestClasses
(apex-errorprone
) finds test methods
that are not residing in a test class. The test methods should be moved to a proper test class.
Support for tests inside functional classes was removed in Spring-13 (API Version 27.0), making classes
that violate this rule fail compile-time. This rule is however useful when dealing with legacy code.
Fixed Issues
- apex
- apex-design
- #2162: [apex] Cognitive Complexity rule
- apex-errorprone
- #639: [apex] Test methods should not be in classes other than test classes
- cs
- #2139: [cs] CPD doesn't understand alternate using statement syntax with C# 8.0
- doc
- #2274: [doc] Java API documentation for PMD
- java
- java-bestpractices
- #2277: [java] FP in UnusedImports for ambiguous static on-demand imports
- java-design
- #911: [java] UselessOverridingMethod false positive when elevating access modifier
- java-errorprone
- java-performance
- #2275: [java] AppendCharacterWithChar flags literals in an expression
- plsql
- #2325: [plsql] NullPointerException while running parsing test for CREATE TRIGGER
- #2327: [plsql] Parsing of WHERE CURRENT OF
- #2328: [plsql] Support XMLROOT
- #2331: [plsql] Fix in Comment statement
- #2332: [plsql] Fixed Execute Immediate statement parsing
- #2340: [plsql] Fixed parsing / as divide or execute
API Changes
Deprecated APIs
Internal API
Those APIs are not intended to be used by clients, and will be hidden or removed with PMD 7.0.0.
You can identify them with the @InternalApi
annotation. You'll also get a deprecation warning.
-
Implementations of
RuleViolationFactory
in each
language module, egJavaRuleViolationFactory
.
See javadoc ofRuleViolationFactory
. -
Implementations of
RuleViolation
in each language module,
egJavaRuleViolation
. See javadoc of
RuleViolation
. -
Constructors of
RuleSetFactory
, use factory methods fromRulesetsFactoryUtils
instead -
AbstractApexNodeBase
, and the relatedvisit
methods onApexParserVisitor
and its implementations.
Use <a href="https://javadoc.io/page/net.sourceforge.pmd/pmd-apex/6.22.0/net/sou...