Assets
5
28-October-2018 - 6.9.0
The PMD team is pleased to announce PMD 6.9.0.
This is a minor release.
Table Of Contents
New and noteworthy
Improved Golang CPD Support
Thanks to the work of ITBA students Matías Fraga,
Tomi De Lucca and Lucas Soncini,
Golang is now backed by a proper Antlr Grammar. This means CPD is now better at detecting duplicates,
as comments are recognized as such and ignored.
New Rules
- The new PLSQL rule
CodeFormat(plsql-codestyle) verifies that
PLSQL code is properly formatted. It checks e.g. for correct indentation in select statements and verifies
that each parameter is defined on a separate line.
Fixed Issues
- all
- #649: [core] Exclude specific files from command line
- #1272: [core] Could not find or load main class when using symlinked run.sh
- #1377: [core] LanguageRegistry uses default class loader when invoking ServiceLocator
- #1394: [doc] How to configure "-cache "
- #1412: [doc] Broken link to adding new cpd language documentation
- apex
- #1396: [apex] ClassCastException caused by Javadoc
- java
- #1330: [java] PMD crashes with java.lang.ClassFormatError: Absent Code attribute in method that is not native or abstract in class file javax/xml/ws/Service
- java-bestpractices
- #1202: [java] GuardLogStatement: "There is log block not surrounded by if" doesn't sound right
- #1209: [java] UnusedImports false positive for static import with package-private method usage
- #1343: [java] Update CommentDefaultAccessModifierRule to extend AbstractIgnoredAnnotationRule
- #1365: [java] JUnitTestsShouldIncludeAssert false positive
- #1404: [java] UnusedImports false positive with static ondemand import with method call
- java-codestyle
- java-design
- #1369: [java] Processing error (ClassCastException) if a TYPE_USE annotation is used on a base class in the "extends" clause
- jsp
- #1402: [jsp] JspTokenManager has a problem about jsp scriptlet
- documentation
- #1349: [doc] Provide some explanation for WHY duplicate code is bad, like mutations
API Changes
- PMD has a new CLI option
-ignorelist. With that, you can provide a file containing a comma-delimit list of files,
that should be excluded during analysis. The ignorelist is applied after the files have been selected
via-diror-filelist, which means, if the file is in both lists, then it will be ignored.
Note: there is no corresponding option for the Ant task, since the feature is already available via
Ant's FileSet include/exclude filters.
External Contributions
- #1338: [core] [cpd] Generalize ANTLR tokens preparing support for ANTLR token filter - Matías Fraga and Tomi De Lucca
- #1361: [doc] Update cpd.md with information about risks - David M. Karr
- #1366: [java] Static Modifier on Internal Interface pmd #1356 - avishvat
- #1368: [doc] Updated outdated note in the building documentation. - Maikel Steneker
- #1374: [java] Simplify check for 'Test' annotation in JUnitTestsShouldIncludeAssertRule. - Will Winder
- #1375: [java] Add missing null check AbstractJavaAnnotatableNode - Will Winder
- #1376: [all] Upgrading Apache Commons IO from 2.4 to 2.6 - Thunderforge
- #1378: [all] Upgrading Apache Commons Lang 3 from 3.7 to 3.8.1 - Thunderforge
- #1382: [all] Replacing deprecated IO methods with ones that specify a charset - Thunderforge
- #1383: [java] Improved message for GuardLogStatement rule - Felix Lampe
- #1386: [go] [cpd] Add CPD support for Antlr based grammar on Golang - Matías Fraga
- #1398: [all] Upgrading SLF4J from 1.7.12 to 1.7.25 - Thunderforge
- #1400: [java] Fix Issue 1343: Update CommentDefaultAccessModifierRule - CrazyUnderdog
- #1401: [all] Replacing IOUtils.closeQuietly(foo) with try-with-resources statements - Thunderforge
- #1406: [jsp] Fix issue 1402: JspTokenManager has a problem about jsp scriptlet - JustPRV
- #1411: [core] Add ignore file path functionality - Jon Moroney
- #1414: [doc] Fix broken link. Fixes #1412 - Johan Hammar
Assets
5
30-September-2018 - 6.8.0
The PMD team is pleased to announce PMD 6.8.0.
This is a minor release.
Table Of Contents
New and noteworthy
Drawing a line between private and public API
Until now, all released public members and types were implicitly considered part
of PMD's public API, including inheritance-specific members (protected members, abstract methods).
We have maintained those APIs with the goal to preserve full binary compatibility between minor releases,
only breaking those APIs infrequently, for major releases.
In order to allow PMD to move forward at a faster pace, this implicit contract will
be invalidated with PMD 7.0.0. We now introduce more fine-grained distinctions between
the type of compatibility support we guarantee for our libraries, and ways to make
them explicit to clients of PMD.
.internal packages and @InternalApi annotation
Internal API is meant for use only by the main PMD codebase. Internal types and methods
may be modified in any way, or even removed, at any time.
Any API in a package that contains an .internal segment is considered internal.
The @InternalApi annotation will be used for APIs that have to live outside of
these packages, e.g. methods of a public type that shouldn't be used outside of PMD (again,
these can be removed anytime).
@ReservedSubclassing
Types marked with the @ReservedSubclassing annotation are only meant to be subclassed
by classes within PMD. As such, we may add new abstract methods, or remove protected methods,
at any time. All published public members remain supported. The annotation is not inherited, which
means a reserved interface doesn't prevent its implementors to be subclassed.
@Experimental
APIs marked with the @Experimental annotation at the class or method level are subject to change.
They can be modified in any way, or even removed, at any time. You should not use or rely
on them in any production code. They are purely to allow broad testing and feedback.
@Deprecated
APIs marked with the @Deprecated annotation at the class or method level will remain supported
until the next major release but it is recommended to stop using them.
The transition
All currently supported APIs will remain so until 7.0.0. All APIs that are to be moved to
.internal packages or hidden will be tagged @InternalApi before that major release, and
the breaking API changes will be performed in 7.0.0.
Quickstart Ruleset
PMD 6.8.0 provides a first quickstart ruleset for Java, which you can use as a base ruleset to get your
custom ruleset started. You can reference it with rulesets/java/quickstart.xml.
You are strongly encouraged to create your own ruleset
though.
The quickstart ruleset has the intention, to be useful out-of-the-box for many projects. Therefore it
references only rules, that are most likely to apply everywhere.
Any feedback would be greatly appreciated.
New Rules
- The new Apex rule
ApexDoc(apex-documentation)
enforces the inclusion of ApexDoc on classes, interfaces, properties and methods; as well as some
sanity rules for such docs (no missing parameters, parameters' order, and return value). By default,
method overrides and test classes are allowed to not include ApexDoc.
Modified Rules
- The rule
MissingSerialVersionUID(java-errorprone) has been modified
in order to recognize also missingserialVersionUIDfields in abstract classes, if they are serializable.
Each individual class in the inheritance chain needs an own serialVersionUID field. See also Should an abstract class have a serialVersionUID.
This change might lead to additional violations in existing code bases.
PLSQL
The grammar for PLSQL has been revamped in order to fully parse SELECT INTO, UPDATE, and DELETE
statements. Previously such statements have been simply skipped ahead, now PMD is parsing them, giving access
to the individual parts of a SELECT-statement, such as the Where-Clause. This might produce new parsing errors
where PMD previously could successfully parse PLSQL code. If this happens, please report a new issue to get this problem fixed.
Fixed Issues
- apex-bestpractices
- #1348: [apex] AvoidGlobalModifierRule gives warning even when its a webservice - false positive
- java-codestyle
- java-errorprone
- java-performance
- #1325: [java] False positive in ConsecutiveLiteralAppends
- plsql
- #1279: [plsql] Support for SELECT INTO
API Changes
-
A couple of methods and fields in
net.sourceforge.pmd.properties.AbstractPropertySourcehave been
deprecated, as they are replaced by already existing functionality or expose internal implementation
details:propertyDescriptors,propertyValuesByDescriptor,
copyPropertyDescriptors(),copyPropertyValues(),ignoredProperties(),usesDefaultValues(),
useDefaultValueFor(). -
Some methods in
net.sourceforge.pmd.properties.PropertySourcehave been deprecated as well:
usesDefaultValues(),useDefaultValueFor(),ignoredProperties(). -
The class
net.sourceforge.pmd.lang.rule.AbstractDelegateRulehas been deprecated and will
be removed with PMD 7.0.0. It is internally only in use by RuleReference. -
The default constructor of
net.sourceforge.pmd.lang.rule.RuleReferencehas been deprecated
and will be removed with PMD 7.0.0. RuleReferences should only be created by providing a Rule and
a RuleSetReference. Furthermore the following methods are deprecated:setRuleReference(),
hasOverriddenProperty(),usesDefaultValues(),useDefaultValueFor().
External Contributions
- #1309: [core] [CPD] Decouple Antlr Tokenizer implementation from any CPD language supported with Antlr - Matías Fraga
- #1314: [apex] Add validation of ApexDoc comments - Jeff Hube
- #1339: [ci] Improve danger message - BBG
- #1340: [java] Derive correct classname for non-public non-classes - kris-scheibe
- #1357: [doc] Improve Codacy description - Daniel Reigada
Assets
5
02-September-2018 - 6.7.0
The PMD team is pleased to announce PMD 6.7.0.
This is a minor release.
Table Of Contents
New and noteworthy
Modified Rules
- The Java rule
OneDeclarationPerLine(java-bestpractices) has been revamped to
consider not only local variable declarations, but field declarations too.
New Rules
-
The new Java rule
LinguisticNaming(java-codestyle)
detects cases, when a method name indicates it returns a boolean (such asisSmall()) but it doesn't.
Besides method names, the rule also checks field and variable names. It also checks, that getters return
something but setters won't. The rule has several properties with which it can be customized. -
The new PL/SQL rule
ForLoopNaming(plsql-codestyle)
enforces a naming convention for "for loops". Both "cursor for loops" and "index for loops" are covered.
The rule can be customized via patterns. By default, short variable names are reported. -
The new Java rule
FieldNamingConventions(java-codestyle)
detects field names that don't comply to a given convention. It defaults to standard Java convention of using camelCase,
but can be configured with ease for e.g. constants or static fields. -
The new Apex rule
OneDeclarationPerLine(apex-codestyle) enforces declaring a
single field / variable per line; or per statement if thestrictModeproperty is set.
It's an Apex equivalent of the already existing Java rule of the same name.
Deprecated Rules
- The Java rules
VariableNamingConventions,MIsLeadingVariableName,
SuspiciousConstantFieldName, andAvoidPrefixingMethodParametersare
now deprecated, and will be removed with version 7.0.0. They are replaced by the more general
FieldNamingConventions,FormalParameterNamingConventions, and
LocalVariableNamingConventions.
Fixed Issues
- core
- #1191: [core] Test Framework: Sort violations by line/column
- #1283: [core] Deprecate ReportTree
- #1288: [core] No supported build listeners found with Gradle
- #1300: [core] PMD stops processing file completely, if one rule in a rule chain fails
- #1317: [ci] Coveralls hasn't built the project since June 25th
- java-bestpractices
- java-codestyle
- java-errorprone
- #1078: [java] MissingSerialVersionUID rule does not seem to catch inherited classes
- java-performance
- jsp
- plsql
- #681: [plsql] Parse error with Cursor For Loop
API Changes
-
All classes in the package
net.sourceforge.pmd.lang.dfa.reporthave been deprecated and will be removed
with PMD 7.0.0. This includes the classnet.sourceforge.pmd.lang.dfa.report.ReportTree. The reason is,
that this class is very specific to Java and not suitable for other languages. It has only been used for
YAHTMLRenderer, which has been rewritten to work without these classes. -
The nodes RUNSIGNEDSHIFT and RSIGNEDSHIFT are deprecated and will be removed from the AST with PMD 7.0.0.
These represented the operator of ShiftExpression in two cases out of three, but they're not needed and
make ShiftExpression inconsistent. The operator of a ShiftExpression is now accessible through
ShiftExpression#getOperator.
External Contributions
- #109: [java] Add two linguistics rules under naming - Arda Aslan
- #1254: [ci] [GSoC] Integrating the danger and pmdtester to travis CI - BBG
- #1258: [java] Use typeof in MissingSerialVersionUID - krichter722
- #1264: [cpp] Fix NullPointerException in CPPTokenizer:99 - Rafael Cortês
- #1277: [jsp] #1276 add support for jspf and tag extensions - Jordi Llach
- #1275: [jsp] Issue #1274 - Support EL in tag attributes - Jordi Llach
- #1278: [ci] [GSoC] Use pmdtester 1.0.0.pre.beta3 - BBG
- #1289: [java] UselessParentheses: Fix false positive with assignments - cobratbq
- #1290: [docs] [GSoC] Create the documentation about pmdtester - BBG
- #1256: [java] #940 Avoid JUnit 4 false positives for JUnit 5 tests - Alex Shesterov
- #1315: [apex] Add OneDeclarationPerStatement rule - Jeff Hube
Assets
5
29-July-2018 - 6.6.0
The PMD team is pleased to announce PMD 6.6.0.
This is a minor release.
Table Of Contents
New and noteworthy
Java 11 Support
PMD is now able to parse the local-variable declaration syntax var xxx, that has been
extended for lambda parameters with Java 11 via
JEP 323: Local-Variable Syntax for Lambda Parameters.
New Rules
-
The new Java rule
LocalVariableNamingConventions
(java-codestyle) detects local variable names that don't comply to a given convention. It defaults to standard
Java convention of using camelCase, but can be configured. Special cases can be configured for final variables
and caught exceptions' names. -
The new Java rule
FormalParameterNamingConventions
(java-codestyle) detects formal parameter names that don't comply to a given convention. It defaults to
standard Java convention of using camelCase, but can be configured. Special cases can be configured for final
parameters and lambda parameters (considering whether they are explicitly typed or not).
Modified Rules
- The Java rules
AccessorClassGenerationand
AccessorMethodGeneration(both in category
java-bestpractices) have been modified to be only valid up until Java 10. Java 11 adds support for
JEP 181: Nest-Based Access Control which avoids the generation of
accessor classes / methods altogether.
Fixed Issues
- core
- doc
- #1215: [doc] TOC links don't work?
- java-codestyle
- java-design
- plsql
- ui
- #1233: [ui] XPath autocomplete arrows on first and last items
API Changes
- The
findDescendantsOfTypemethods innet.sourceforge.pmd.lang.ast.AbstractNodeno longer search for
exact type matches, but will match subclasses, too. That means, it's now possible to look for abstract node
types such asAbstractJavaTypeNodeand not only for it's concrete subtypes.
External Contributions
- #1182: [ui] XPath AutoComplete - Akshat Bahety
- #1231: [doc] Minor typo fix in installation.md - Ashish Rana
- #1250: [ci] [GSoC] Upload baseline of pmdtester automatically - BBG
Assets
5
26-June-2018 - 6.5.0
The PMD team is pleased to announce PMD 6.5.0.
This is a minor release.
Table Of Contents
New and noteworthy
New Rules
- The new Apex rule
AvoidNonExistentAnnotations(apex-errorprone)
detects usages non-officially supported annotations. Apex supported non existent annotations for legacy reasons.
In the future, use of such non-existent annotations could result in broken Apex code that will not compile.
A full list of supported annotations can be found here
Modified Rules
- The Java rule UnnecessaryModifier (
java-codestyle)
now detects enum constrcutors with explicitprivatemodifier. The rule now produces better error messages
letting you know exactly which modifiers are redundant at each declaration.
Fixed Issues
- all
- ecmascript
- #861: [ecmascript] InnaccurateNumericLiteral false positive with hex literals
- java
- java-bestpractices
- java-codestyle
- java-design
- #1200: [java] New default NcssCount method report level is drastically reduced from values of deprecated NcssMethodCount and NcssTypeCount
- xml
- #715: [xml] ProjectVersionAsDependencyVersion false positive
API Changes
-
The utility class
net.sourceforge.pmd.lang.java.ast.CommentUtilhas been deprecated and will be removed
with PMD 7.0.0. Its methods have been intended to parse javadoc tags. A more useful solution will be added
around the AST nodeFormalComment, which contains as childrenJavadocElementnodes, which in
turn provide access to theJavadocTag.All comment AST nodes (
FormalComment,MultiLineComment,SingleLineComment) have a new method
getFilteredComment()which provide access to the comment text without the leading/*markers. -
The method
AbstractCommentRule.tagsIndicesIn()has been deprecated and will be removed with
PMD 7.0.0. It is not very useful, since it doesn't extract the information
in a useful way. You would still need check, which tags have been found, and with which
data they might be accompanied.
External Contributions
- #836: [apex] Add a rule to prevent use of non-existent annotations - anand13s
- #1159: [ui] Allow to setup the auxclasspath in the designer - Akshat Bahety
- #1169: [core] Update stylesheets with a default namespace - Matthew Duggan
- #1183: [java] fixed typos in rule remediation - Jake Hemmerle
- #1206: [java] Recommend StringBuilder next to StringBuffer - krichter722
Assets
5
29-May-2018 - 6.4.0
The PMD team is pleased to announce PMD 6.4.0.
This is a minor release.
Table Of Contents
New and noteworthy
Java 10 Support
PMD is now able to understand local-variable type inference as introduced by Java 10.
Simple type resolution features are available, e.g. the type of the variable s is inferred
correctly as String:
var s = "Java 10";
XPath Type Resolution Functions
For some time now PMD has supported Type Resolution, and exposed this functionality to XPath rules for the Java language
with the typeof function. This function however had a number of shortcomings:
- It would take a first arg with the name to match if types couldn't be resolved. In all cases this was
@Image
but was still required. - It required 2 separate arguments for the Fully Qualified Class Name and the simple name of the class against
which to test. - If only the Fully Qualified Class Name was provided, no simple name check was performed (not documented,
but abused on some rules to "fix" some false positives).
In this release we are deprecating typeof in favor of a simpler typeIs function, which behaves exactly as the
old typeof when given all 3 arguments.
typeIs receives a single parameter, which is the fully qualified name of the class to test against.
So, calls such as:
//ClassOrInterfaceType[typeof(@Image, 'junit.framework.TestCase', 'TestCase')]can now we expressed much more concisely as:
//ClassOrInterfaceType[typeIs('junit.framework.TestCase')]With this change, we also allow to check against array types by just appending [] to the fully qualified class name.
These can be repeated for arrays of arrays (e.g. byte[][] or java.lang.String[]).
Additionally, we introduce the companion function typeIsExactly, that receives the same parameters as typeIs,
but checks for exact type matches, without considering the type hierarchy. That is, the test
typeIsExactly('junit.framework.TestCase') will match only if the context node is an instance of TestCase, but
not if it's an instance of a subclass of TestCase. Be aware then, that using that method with abstract types will
never match.
New Rules
-
The new Java rule
HardCodedCryptoKey(java-security)
detects hard coded keys used for encryption. It is recommended to store keys outside of the source code. -
The new Java rule
IdenticalCatchBranches(java-codestyle)
finds catch blocks,
that catch different exception but perform the same exception handling and thus can be collapsed into a
multi-catch try statement.
Modified Rules
-
The Java rule JUnit4TestShouldUseTestAnnotation (
java-bestpractices)
has a new parameter "testClassPattern". It is used to distinguish test classes from other classes and
avoid false positives. By default, any class, that has "Test" in its name, is considered a test class. -
The Java rule CommentDefaultAccessModifier (
java-codestyle)
allows now by default the comment "/* package */in addition to "/* default */. This behavior can
still be adjusted by setting the propertyregex.
Fixed Issues
- all
- java
- #672: [java] Support exact type matches for type resolution from XPath
- #743: [java] Prepare for Java 10
- #1077: [java] Analyzing enum with lambda passed in constructor fails with "The enclosing scope must exist."
- #1115: [java] Simplify xpath typeof syntax
- #1131: [java] java.lang.ClassFormatError: Absent Code attribute in method that is not native or abstract in class file javax/faces/application/FacesMessage$Severity
- java-bestpractices
- java-codestyle
- #720: [java] ShortVariable should whitelist lambdas
- #955: [java] Detect identical catch statements
- #1114: [java] Star import overwritten by explicit import is not correctly handled
- #1064: [java] ClassNamingConventions suggests to add Util suffix for simple exception wrappers
- #1065: [java] ClassNamingConventions shouldn't prohibit numbers in class names
- #1067: [java] [6.3.0] PrematureDeclaration false-positive
- #1096: [java] ClassNamingConventions is too ambitious on finding utility classes
- java-design
- java-performance
- doc
- vf-security
- #1100: [vf] URLENCODE is ignored as valid escape method
API Changes
- The following classes in package
net.sourceforge.pmd.benchmarkhave been deprecated:Benchmark,Benchmarker,
BenchmarkReport,BenchmarkResult,RuleDuration,StringBuilderCRandTextReport. Their API is not supported anymore
and is disconnected from the internals of PMD. Use the newer API based aroundTimeTrackerinstead, which can be found
in the same package. - The class
net.sourceforge.pmd.lang.java.xpath.TypeOfFunctionhas been deprecated. Use the newerTypeIsFunctionin the same package. - The
typeofmethdos innet.sourceforge.pmd.lang.java.xpath.JavaFunctionshave been deprecated.
Use the newertypeIsmethod in the same class instead.. - The methods
isA,isEitherandisNeitherofnet.sourceforge.pmd.lang.java.typeresolution.TypeHelper.
Use the newisExactlyAnyandisExactlyNonemethods in the same class instead.
External Contributions
- #966: [java] Issue #955: add new rule to detect identical catch statement - Clément Fournier and BBG
- #1046: [java] New security rule for finding hard-coded keys used for cryptographic operations - Sergey Gorbaty
- #1101: [java] Fixes false positive for
DoNotExtendJavaLangError- Akshat Bahety - #1106: [vf] URLENCODE is ignored as valid escape method - Robert Sösemann
- #1126: [java] Improve implementation hint in InefficientEmptyStringCheck - krichter722
- #1129: [java] Adjust InefficientEmptyStringCheck documentation - krichter722
- #1137: [ui] Removes the need for RefreshAST - Akshat Bahety
Assets
5
29-April-2018 - 6.3.0
The PMD team is pleased to announce PMD 6.3.0.
This is a minor release.
Table Of Contents
New and noteworthy
Tree Traversal Revision
As described in #904, when searching for child nodes of the AST methods
such as hasDescendantOfType, getFirstDescendantOfType and findDescendantsOfType were found to behave inconsistently,
not all of them honoring find boundaries; that is, nodes that define a self-contained entity which should be considered separately
(think of lambdas, nested classes, anonymous classes, etc.). We have modified these methods to ensure all of them honor
find boundaries.
This change implies several false positives / unexpected results
(ie: ASTBlockStatement falsely returning true to isAllocation())
have been fixed; and lots of searches are now restricted to smaller search areas, which improves performance
(depending on the project, we have measured up to 10% improvements during Type Resolution, Symbol Table analysis,
and some rules' application).
Naming Rules Enhancements
-
ClassNamingConventions (
java-codestyle)
has been enhanced to allow granular configuration of naming
conventions for different kinds of type declarations (eg enum or abstract
class). Each kind of declaration can use its own naming convention
using a regex property. See the rule's documentation for more info about
configuration and default conventions. -
MethodNamingConventions (
java-codestyle)
has been enhanced in the same way.
CPD Suppression
Back in PMD 5.6.0 we introduced the ability to suppress CPD warnings in Java using comments, by
including CPD-OFF (to start ignoring code), or CPD-ON (to resume analysis) during CPD execution.
This has proved to be much more flexible and versatile than the old annotation-based approach,
and has since been the preferred way to suppress CPD warnings.
On this occasion, we are extending support for comment-based suppressions to many other languages:
- C/C++
- Ecmascript / Javascript
- Matlab
- Objective-C
- PL/SQL
- Python
So for instance, in Python we could now do:
class BaseHandler(object):
def __init__(self):
# some unignored code
# tell cpd to start ignoring code - CPD-OFF
# mission critical code, manually loop unroll
GoDoSomethingAwesome(x + x / 2);
GoDoSomethingAwesome(x + x / 2);
GoDoSomethingAwesome(x + x / 2);
GoDoSomethingAwesome(x + x / 2);
GoDoSomethingAwesome(x + x / 2);
GoDoSomethingAwesome(x + x / 2);
# resume CPD analysis - CPD-ON
# further code will *not* be ignoredOther languages are equivalent.
Swift 4.1 Support
Thanks to major contributions from kenji21 the Swift grammar has been updated to
support Swift 4.1. This is a major update, since the old grammar was quite dated, and we are sure all iOS
developers will enjoy it.
Unfortunately, this change is not compatible. The grammar elements that have been removed (ie: the keywords __FILE__,
__LINE__, __COLUMN__ and __FUNCTION__) are no longer supported. We don't usually introduce such
drastic / breaking changes in minor releases, however, given that the whole Swift ecosystem pushes hard towards
always using the latest versions, and that Swift needs all code and libraries to be currently compiling against
the same Swift version, we felt strongly this change was both safe and necessary to be shipped as soon as possible.
We had great feedback from the community during the process but if you have a legitimate use case for older Swift
versions, please let us know on our Issue Tracker.
New Rules
- The new Java rule InsecureCryptoIv (
java-security)
detects hard coded initialization vectors used in cryptographic operations. It is recommended to use
a randomly generated IV.
Modified Rules
-
The Java rule UnnecessaryConstructor (
java-codestyle)
has been rewritten as a Java rule (previously it was a XPath-based rule). It supports a new property
ignoredAnnotationsand ignores by default empty constructors,
that are annotated withjavax.inject.Inject. Additionally, it detects now also unnecessary private constructors
in enums. -
The property
checkNativeMethodsof the Java rule MethodNamingConventions (java-codestyle)
is now deprecated, as it is now superseded bynativePattern. Support for that property will be maintained until
7.0.0. -
The Java rule ControlStatementBraces (
java-codestyle)
supports a new boolean propertycheckSingleIfStmt. When unset, the rule won't reportifstatements which lack
braces, if the statement is not part of anif ... else ifchain. This property defaults to true.
Deprecated Rules
- The Java rule AbstractNaming (
java-codestyle) is deprecated
in favour of ClassNamingConventions.
See Naming rules enhancements.
Fixed Issues
- all
- apex-errorprone
- #776: [apex] AvoidHardcodingId false positives
- documentation
- java
- #894: [java] Maven PMD plugin fails to process some files without any explanation
- #899: [java] JavaTypeDefinitionSimple.toString can cause NPEs
- #1020: [java] The CyclomaticComplexity rule runs forever in 6.2.0
- #1030: [java] NoClassDefFoundError when analyzing PMD with PMD
- #1061: [java] Update ASM to handle Java 10 bytecode
- java-bestpractices
- java-codestyle
- java-design
- #1056: [java] Property ignoredAnnotations does not work for SingularField and ImmutableField
- java-errorprone
- java-performance
- #586: [java] AvoidUsingShortType erroneously triggered on overrides of 3rd party methods
- swift
- #678: [swift][cpd] Exception when running for Swift 4 code (KeyPath)
External Contributions
- #778: [swift] Support Swift 4 grammar - kenji21
- #1002: [doc] Delete duplicate page contributing.md on the website - Ishan Srivastava
- #1008: [core] DOC: fix closing tag for <pmdVersion> - stonio
- #1010: [java] UnnecessaryConstructor triggered on required empty constructor (Dagger @Inject) - BBG
- #1012: [java] JUnitAssertionsShouldIncludeMessage - False positive with assertEquals and JUnit5 - BBG
- #1024: [java] Issue 558: Properlogger for enums - Utku Cuhadaroglu
- #1041: [java] Make BasicProjectMemoizer thread safe. - bergander
- #1042: [java] New security rule: report usage of hard coded IV in crypto operations - Sergey Gorbaty
- #1044: [java] Fix for issue #816 - Akshat Bahety
- #1048: [core] Make MultiThreadProcessor more space efficient - Gonzalo Exequiel Ibars Ingman
- #1062: [core] Update ASM to version 6.1.1 - Austin Shalit
Assets
5
26-March-2018 - 6.2.0
The PMD team is pleased to announce PMD 6.2.0.
This is a minor release.
Table Of Contents
New and noteworthy
Ecmascript (JavaScript)
The Rhino Library has been upgraded from version 1.7.7 to version 1.7.7.2.
Detailed changes for changed in Rhino can be found:
Both are bugfixing releases.
Disable Incremental Analysis
Some time ago, we added support for Incremental Analysis. On PMD 6.0.0, we
started to add warns when not using it, as we strongly believe it's a great improvement to our user's experience as
analysis time is greatly reduced; and in the future we plan to have it enabled by default. However, we realize some
scenarios don't benefit from it (ie: CI jobs), and having the warning logged can be noisy and cause confusion.
To this end, we have added a new flag to allow you to explicitly disable incremental analysis. On CLI, this is
the new -no-cache flag. On Ant, there is a noCache attribute for the <pmd> task.
On both scenarios, disabling the cache takes precedence over setting a cache location.
New Rules
-
The new Java rule
MissingOverride
(categorybestpractices) detects overridden and implemented methods, which are not marked with the
@Overrideannotation. Annotating overridden methods with@Overrideensures at compile time that
the method really overrides one, which helps refactoring and clarifies intent. -
The new Java rule
UnnecessaryAnnotationValueElement
(categorycodestyle) detects annotations with a single element (value) that explicitely names it.
That is, doing@SuppressWarnings(value = "unchecked")would be flagged in favor of
@SuppressWarnings("unchecked"). -
The new Java rule
ControlStatementBraces
(categorycodestyle) enforces the presence of braces on control statements where they are optional.
Properties allow to customize which statements are required to have braces. This rule replaces the now
deprecated rulesWhileLoopMustUseBraces,ForLoopMustUseBraces,IfStmtMustUseBraces, and
IfElseStmtMustUseBraces. More than covering the use cases of those rules, this rule also supports
do ... whilestatements andcaselabels ofswitchstatements (disabled by default).
Modified Rules
-
The Java rule
CommentContentRule(java-documentation) previously had the propertywordsAreRegex. But this
property never had been implemented and is removed now. -
The Java rule
UnusedPrivateField(java-bestpractices) now has a newignoredAnnotationsproperty
that allows to configure annotations that imply the field should be ignored. By default@java.lang.Deprecated
and@javafx.fxml.FXMLare ignored. -
The Java rule
UnusedPrivateMethod(java-bestpractices) now has a newignoredAnnotationsproperty
that allows to configure annotations that imply the method should be ignored. By default@java.lang.Deprecated
is ignored. -
The Java rule
ImmutableField(java-design) now has a newignoredAnnotationsproperty
that allows to configure annotations that imply the method should be ignored. By default severallombok
annotations are ignored -
The Java rule
SingularField(java-design) now has a newignoredAnnotationsproperty
that allows to configure annotations that imply the method should be ignored. By default severallombok
annotations are ignored
Deprecated Rules
- The Java rules
WhileLoopMustUseBraces,ForLoopMustUseBraces,IfStmtMustUseBraces, andIfElseStmtMustUseBraces
are deprecated. They will be replaced by the new ruleControlStatementBraces, in the categorycodestyle.
Fixed Issues
- all
- #928: [core] PMD build failure on Windows
- java-bestpracrtices
- java-codestyle
- java-design
- #832: [java] AvoidThrowingNullPointerException documentation suggestion
- #837: [java] CFGs of declared but not called lambdas are treated as parts of an enclosing method's CFG
- #839: [java] SignatureDeclareThrowsException's IgnoreJUnitCompletely property not honored for constructors
- #968: [java] UseUtilityClassRule reports false positive with lombok NoArgsConstructor
- documentation
API Changes
-
A new CLI switch,
-no-cache, disables incremental analysis and the related suggestion. This overrides the
-cacheoption. The corresponding Ant task parameter isnoCache. -
The static method
PMDParameters.transformParametersIntoConfiguration(PMDParameters)is now deprecated,
for removal in 7.0.0. The new instance methodPMDParameters.toConfiguration()replaces it. -
The method
ASTConstructorDeclaration.getParameters()has been deprecated in favor of the new method
getFormalParameters(). This method is available for bothASTConstructorDeclarationand
ASTMethodDeclaration.
External Contributions
- #941: [java] Use char notation to represent a character to improve performance - reudismam
- #943: [java] UnusedPrivateField false-positive with @FXML - BBG
- #951: [java] Add ignoredAnnotations property to unusedPrivateMethod rule - BBG
- #952: [java] SignatureDeclareThrowsException's IgnoreJUnitCompletely property not honored for constructors - BBG
- #958: [java] Refactor how we ignore annotated elements in rules - BBG
- #965: [java] Make Varargs trigger ArrayIsStoredDirectly - Stephen
- #967: [doc] Issue 959: fixed broken link to XPath Rule Tutorial - Andrey Mochalov
- #969: [java] Issue 968 Add logic to handle lombok private constructors with utility classes - Kirk Clemens
- #970: [java] Fixed inefficient use of keySet iterator instead of entrySet iterator - Andrey Mochalov
- #984: [java] issue983 Add new UnnecessaryAnnotationValueElement rule - Kirk Clemens
- #989: [core] Update Contribute.md to close Issue #978 - Bolarinwa Saheed Olayemi
- #990: [java] Updated Doc on AvoidThrowingNullPointerException to close Issue #832 - Bolarinwa Saheed Olayemi
- #993: [core] Update writing_documentation.md to fix Issue #992 - Bolarinwa Saheed Olayemi
Assets
5
25-February-2018 - 6.1.0
The PMD team is pleased to announce PMD 6.1.0.
This is a minor release.
Table Of Contents
New and noteworthy
Designer UI
The Designer now supports configuring properties for XPath based rule development.
The Designer is still under development and any feedback is welcome.
You can start the designer via run.sh designer or designer.bat.
Fixed Issues
- all
- doc
- #791: [doc] Documentation site reorganisation
- #891: [doc] Apex @SuppressWarnings should use single quotes instead of double quotes
- #909: [doc] Please add new PMD Eclipse Plugin to tool integration section
- java
- java-bestpractices
- java-design
- #855: [java] ImmutableField false-positive with lambdas
- java-documentation
- #877: [java] CommentRequired valid rule configuration causes PMD error
- java-errorprone
- #885: [java] CompareObjectsWithEqualsRule trigger by enum1 != enum2
- java-performance
- #541: [java] ConsecutiveLiteralAppends with types other than string
- scala
- #853: [scala] Upgrade scala version to support Java 9
- xml
- #739: [xml] IllegalAccessException when accessing attribute using Saxon on JRE 9
API Changes
Changes to the Node interface
The method getXPathNodeName is added to the Node interface, which removes the
use of the toString of a node to get its XPath element name (see #569).
A default implementation is provided in AbstractNode, to stay compatible
with existing implementors.
The toString method of a Node is not changed for the time being, and still produces
the name of the XPath node. That behaviour may however change in future major releases,
e.g. to produce a more useful message for debugging.
Changes to CPD renderers
The interface net.sourceforge.pmd.cpd.Renderer has been deprecated. A new interface net.sourceforge.pmd.cpd.renderer.CPDRenderer
has been introduced to replace it. The main difference is that the new interface is meant to render directly to a java.io.Writer
rather than to a String. This allows to greatly reduce the memory footprint of CPD, as on large projects, with many duplications,
it was causing OutOfMemoryErrors (see #795).
net.sourceforge.pmd.cpd.FileReporter has also been deprecated as part of this change, as it's no longer needed.
External Contributions
- #790: [java] Added some comments for JDK 9 - Tobias Weimer
- #803: [doc] Added SpotBugs as successor of FindBugs - Tobias Weimer
- #828: [core] Add operations to manipulate a document - Gonzalo Ibars Ingman
- #830: [java] UseArraysAsList: Description added - Tobias Weimer
- #845: [java] Fix false negative PreserveStackTrace on string concatenation - Alberto Fernández
- #868: [core] Improve XPath documentation && make small refactors - Gonzalo Ibars Ingman
- #875: [core] Support shortnames when using filelist - John Zhang
- #886: [java] Fix #885 - Matias Comercio
- #900: [core] Use the isEmpty method instead of comparing the value of size() to 0 - reudismam
- #914: [doc] Apex @SuppressWarnings documentation updated - Akshat Bahety
- #918: [doc] Add qa-eclipse as new tool - Akshat Bahety
- #927: [java][doc] Fix example of AbstractClassWithoutAnyMethod - Kazuma Watanabe
Assets
5
21-January-2018 - 6.0.1
The PMD team is pleased to announce PMD 6.0.1.
This is a bug fixing release.
Table Of Contents
- Additional information about the new introduced rule categories
- Fixed Issues
- API Changes
- External Contributions
Additional information about the new introduced rule categories
With the release of PMD 6.0.0, all rules have been sorted into one of the following eight categories:
- Best Practices: These are rules which enforce generally accepted best practices.
- Code Style: These rules enforce a specific coding style.
- Design: Rules that help you discover design issues.
- Documentation: These rules are related to code documentation.
- Error Prone: Rules to detect constructs that are either broken, extremely confusing or prone to runtime errors.
- Multithreading: These are rules that flag issues when dealing with multiple threads of execution.
- Performance: Rules that flag suboptimal code.
- Security: Rules that flag potential security flaws.
Please note, that not every category in every language may have a rule. There might be categories with no
rules at all, such as category/java/security.xml, which has currently no rules.
There are even languages, which only have rules of one category (e.g. category/xml/errorprone.xml).
You can find the information about available rules in the generated rule documentation, available
at https://pmd.github.io/pmd-6.0.1/.
In order to help migrate to the new category scheme, the new name for the old, deprecated rule names will
be logged as a warning. See PR #865. Please note, that the deprecated
rule names will keep working throughout PMD 6. You can upgrade to PMD 6 without the immediate need
to migrate your current ruleset. That backwards compatibility will be maintained until PMD 7.0.0 is released.
Fixed Issues
- all
- #842: [core] Use correct java bootclasspath for compiling
- apex-errorprone
- #792: [apex] AvoidDirectAccessTriggerMap incorrectly detects array access in classes
- apex-security
- #788: [apex] Method chaining breaks ApexCRUDViolation
- doc
- java
- java-bestpractices
- java-codestyle
- #817: [java] UnnecessaryModifierRule crashes on valid code
- java-design
- java-performance
- #841: [java] InsufficientStringBufferDeclaration NumberFormatException
- java-typeresolution
- #866: [java] rulesets/java/typeresolution.xml lists non-existent rules
API Changes
- The constant
net.sourceforge.pmd.PMD.VERSIONhas been deprecated and will be removed with PMD 7.0.0.
Please usenet.sourceforge.pmd.PMDVersion.VERSIONinstead.
External Contributions
- #796: [apex] AvoidDirectAccessTriggerMap incorrectly detects array access in classes - Robert Sösemann
- #799: [apex] Method chaining breaks ApexCRUDViolation - Robert Sösemann