Releases: pmd/pmd
PMD 7.6.0 (27-September-2024)
27-September-2024 - 7.6.0
The PMD team is pleased to announce PMD 7.6.0.
This is a minor release.
Table Of Contents
- 🚀 New and noteworthy
- 🐛 Fixed Issues
- 🚨 API Changes
- ✨ Merged pull requests
- 📦 Dependency updates
- 📈 Stats
🚀 New and noteworthy
New Git default branch - "main"
We are joining the Git community and updating "master" to "main". Using the term "master" for the main
development branch can be offensive to some people. Existing versions of Git have been always capable of
working with any branch name and since 2.28.0 (July 2020) the default initial branch is configurable
(init.defaultBranch
). Since October 2020, the default branch for new repositories on GitHub
is "main". Finally, PMD will also use this new name for the main branch in all our own repositories.
Why "main"? PMD uses a very simple branching model - pull requests with feature branches and one main development
branch, from which releases are created. That's why "main" is currently the best fitting name.
More information:
- https://sfconservancy.org/news/2020/jun/23/gitbranchname/
- https://github.blog/changelog/2020-10-01-the-default-branch-for-newly-created-repositories-is-now-main/
What changes?
-
We change the default branch on GitHub, so that pull requests are automatically created against
main
from
now on. -
If you have already a local clone of PMD's repository, you'll need to rename the old master branch locally:
git branch --move master main git fetch origin git branch --set-upstream-to=origin/main main git remote set-head origin --auto
More info:
https://git-scm.com/book/en/v2/Git-Branching-Branch-Management#_changing_master and
https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/renaming-a-branch#updating-a-local-clone-after-a-branch-name-changes -
If you created a fork on GitHub, you'll need to change the default branch in your fork to
main
as
well (Settings > Default Branch). -
Some time after this release, we'll delete the old master branch on GitHub. Then only
main
can be used. -
This change is expanded to the other PMD repositories as well, e.g. pmd-designer and pmd-regression-tester.
🐛 Fixed Issues
- apex
- #5138: [apex] Various false-negatives since 7.3.0 when using triggers
(ApexCRUDViolation, CognitiveComplexity, OperationWithLimitsInLoop) - #5163: [apex] Parser error when using toLabel in SOSL query
- #5182: [apex] Parser error when using GROUPING in a SOQL query
- #5218: [apex] Parser error when using nested subqueries in SOQL
- #5228: [apex] Parser error when using convertCurrency() in SOQL
- #5138: [apex] Various false-negatives since 7.3.0 when using triggers
- core
- #5059: [core] xml output doesn't escape CDATA inside its own CDATA
- #5201: [core] PMD sarif schema file points to nonexistent location
- #5222: [core] RuleReference/RuleSetWriter don't handle changed default property values correctly
- #5229: [doc] CLI flag
--show-suppressed
needs to mention xml, html, summaryhtml
- java
- #5190: [java] NPE in type inference
- java-codestyle
- #5046: [java] LocalVariableCouldBeFinal false positive with try/catch
- java-errorprone
🚨 API Changes
No changes.
✨ Merged pull requests
- #5186: [java] Cleanup things about implicit classes - Clément Fournier (@oowekyala)
- #5188: [apex] Use new apex-parser 4.2.0 - Andreas Dangel (@adangel)
- #5191: [java] Fix #5046 - FPs in LocalVariableCouldBeFinal - Clément Fournier (@oowekyala)
- #5192: [java] Fix #5190 - NPE in type inference caused by null type - Clément Fournier (@oowekyala)
- #5195: [apex] Fix various FNs when using triggers - Andreas Dangel (@adangel)
- #5202: [core] Sarif format: refer to schemastore.org - David Schach (@dschach)
- #5208: [doc] Added Codety to "Tools / Integrations" - Tony (@random1223)
- #5210: [core] Fix PMD's XMLRenderer to escape CDATA - Andreas Dangel (@adangel)
- #5211: Change branch master to main - Andreas Dangel (@adangel)
- #5212: [java] Adjust signature matching in CheckSkipResultRule - Juan Martín Sotuyo Dodero (@jsotuyod)
- #5223: [core] Fix RuleReference / RuleSetWriter handling of properties - Andreas Dangel (@adangel)
- #5224: [java] Fix #5068: Class incorrectly identified as non-instantiatable - Lukas Gräf (@lukasgraef)
- #5230: [doc] Documentation update for --show-suppressed flag - David Schach (@dschach)
- #5237: [apex] Support convertCurrency() in SOQL/SOSL - Andreas Dangel (@adangel)
📦 Dependency updates
- #5185: Bump checkstyle from 10.14.0 to 10.18.1
- #5187: Bump org.apache.maven.plugins:maven-install-plugin from 3.1.1 to 3.1.3
- #5199: Bump org.apache.maven.plugins:maven-deploy-plugin from 3.1.1 to 3.1.3
- #5216: Bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.20.0 to 0.23.0
- #5226: Bump rouge from 4.3.0 to 4.4.0 in the all-gems group across 1 directory
- #5227: Bump com.google.code.gson:gson from 2.10.1 to 2.11.0
- #5232: Bump com.google.protobuf:protobuf-java from 3.25.3 to 3.25.5
- #5233: Bump webrick from 1.8.1 to 1.8.2 in /docs
📈 Stats
- 60 commits
- 27 closed tickets & PRs
- Days since last release: 27
PMD 7.5.0 (30-August-2024)
30-August-2024 - 7.5.0
The PMD team is pleased to announce PMD 7.5.0.
This is a minor release.
Table Of Contents
- 🚀 New: Java 23 Support
- 🌟 New Rules
- 🐛 Fixed Issues
- 🚨 API Changes
- ✨ External Contributions
- 📦 Dependency updates
- 📈 Stats
🚀 New: Java 23 Support
This release of PMD brings support for Java 23. There are no new standard language features,
but a couple of preview language features:
- JEP 455: Primitive Types in Patterns, instanceof, and switch (Preview)
- JEP 476: Module Import Declarations (Preview)
- JEP 477: Implicitly Declared Classes and Instance Main Methods (Third Preview)
- JEP 482: Flexible Constructor Bodies (Second Preview)
Note that String Templates (introduced as preview in Java 21 and 22) are not supported anymore in Java 23,
see JDK-8329949 for details.
In order to analyze a project with PMD that uses these preview language features,
you'll need to enable it via the environment variable PMD_JAVA_OPTS
and select the new language
version 23-preview
:
export PMD_JAVA_OPTS=--enable-preview
pmd check --use-version java-23-preview ...
Note: Support for Java 21 preview language features have been removed. The version "21-preview"
are no longer available.
🌟 New Rules
- The new Java rule
AvoidSynchronizedStatement
finds synchronization blocks that
could cause performance issues with virtual threads due to pinning. - The new JavaScript rule
AvoidConsoleStatements
finds any function calls
on the Console API (e.g.console.log
). Using these in production code might negatively impact performance.
🐛 Fixed Issues
- apex-performance
- #5139: [apex] OperationWithHighCostInLoop: false negative for triggers
- java
- java-bestpractices
- #3602: [java] GuardLogStatement: False positive when compile-time constant is created from external constants
- #4731: [java] GuardLogStatement: Documentation is unclear why getters are flagged
- #5145: [java] UnusedPrivateMethod: False positive with method calls inside lambda
- #5151: [java] GuardLogStatement: Should not need to guard parameterized log messages where the replacement arg is a constant from another class
- #5152: [java] GuardLogStatement: Should not need to guard parameterized log messages where the replacement arg is "this"
- #5153: [java] GuardLogStatement: Should not need to guard parameterized log messages where the replacement arg is an array element
- java-design
- java-multithreading
- #5175: [java] Update AvoidSynchronizedAtMethodLevel message to mention ReentrantLock, new rule AvoidSynchronizedStatement
- javascript-performance
- #5105: [javascript] Prohibit any console methods
- plsql
- #5125: [plsql] Improve merge statement (order of merge insert/update flexible, allow prefixes in column names)
- plsql-bestpractices
- #5132: [plsql] TomKytesDespair: XPathException for more complex exception handler
🚨 API Changes
Deprecations
- pmd-jsp
JspParserImpl
is deprecated now. It should have been package-private
because this is an implementation class that should not be used directly.
- pmd-plsql
MergeUpdateClausePrefix
is deprecated. This production is
not used anymore and will be removed. Note: The whole parser implementation class has been deprecated since 7.3.0,
as it is supposed to be internalized.
- pmd-velocity
VtlParserImpl
is deprecated now. It should have been package-private
because this is an implementation class that should not be used directly.
- pmd-visualforce
VfParserImpl
is deprecated now. It should have been package-private
because this is an implementation class that should not be used directly.
Experimental
- pmd-java
✨ External Contributions
- #5125: [plsql] Improve merge statement (order of merge insert/update flexible, allow prefixes in column names) - Arjen Duursma (@duursma)
- #5175: [java] Update AvoidSynchronizedAtMethodLevel message to mention ReentrantLock, new rule AvoidSynchronizedStatement - Chas Honton (@chonton)
📦 Dependency updates
- #5100: Enable Dependabot
- #5141: Bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.3.1 to 3.4.0
- #5142: Bump org.apache.maven.plugins:maven-compiler-plugin from 3.12.1 to 3.13.0
- #5144: Bump org.codehaus.mojo:versions-maven-plugin from 2.16.2 to 2.17.1
- #5148: Bump org.apache.commons:commons-text from 1.11.0 to 1.12.0
- #5149: Bump org.apache.maven.plugins:maven-site-plugin from 4.0.0-M13 to 4.0.0-M16
- #5160: Bump org.pcollections:pcollections from 3.2.0 to 4.0.2
- #5161: Bump danger from 9.4.3 to 9.5.0 in the all-gems group across 1 directory
- #5164: Bump org.apache.maven.plugins:maven-dependency-plugin from 3.6.1 to 3.7.1
- #5165: Bump the all-gems group across 1 directory with 2 updates
- #5171: Bump net.bytebuddy:byte-buddy-agent from 1.14.12 to 1.14.19
- #5180: Bump net.sf.saxon:Saxon-HE from 12.4 to 12.5
📈 Stats
- 87 commits
- 25 closed tickets & PRs
- Days since last release: 35
PMD 7.4.0 (26-July-2024)
26-July-2024 - 7.4.0
The PMD team is pleased to announce PMD 7.4.0.
This is a minor release.
Table Of Contents
🌟 New and changed rules
New Rules
- The new Apex rule
AvoidNonRestrictiveQueries
finds SOQL and SOSL queries without a where
or limit statement. This can quickly cause governor limit exceptions.
Changed rules
ClassNamingConventions
(Apex Codestyle): Two new properties to configure different patterns
for inner classes and interfaces:innerClassPattern
andinnerInterfacePattern
.
Renamed rules
InaccurateNumericLiteral
(JavaScript Error Prone) has been renamed fromInnaccurateNumericLiteral
.
The old rule name still works but is deprecated.
🐛 Fixed Issues
- apex
- #5094: [apex] "No adapter exists for type" error message printed to stdout instead of stderr
- apex-bestpractices
- #5095: [apex] ApexUnitTestShouldNotUseSeeAllDataTrue false negative due to casing (regression in PMD 7)
- apex-codestyle
- #4800: [apex] ClassNamingConvention: Support naming convention for inner classes
- apex-performance
- #635: [apex] New Rule: Avoid soql/sosl queries without a where clause or limit statement
- java-bestpractices
- java-errorprone
- #1488: [java] MissingStaticMethodInNonInstantiatableClass: False positive with Lombok Builder on Constructor
- javascript-errorprone
- plsql
- #5086: [plsql] Fixed issue with missing optional table alias in MERGE usage
- #5087: [plsql] Add support for SQL_MACRO
- #5088: [plsql] Add support for 'DEFAULT' clause on the arguments of some oracle functions
- #5133: [plsql] AssertionError: Root of the tree should implement RootNode for a PL/SQL type declaration
- cli
- #5120: [cli] Can't start designer under Windows
- core
- #5091: [core] PMD CPD v7.3.0 gives deprecation warning for skipLexicalErrors even when not used
🚨 API Changes
- javascript
- The old rule name
InnaccurateNumericLiteral
has been deprecated. Use the new name
InaccurateNumericLiteral
instead.
- The old rule name
✨ External Contributions
- #5048: [apex] Added Inner Classes to Apex Class Naming Conventions Rule - Justin Stroud (@justinstroudbah / @sgnl-labs)
- #5086: [plsql] Fixed issue with missing optional table alias in MERGE usage - Arjen Duursma (@duursma)
- #5087: [plsql] Add support for SQL_MACRO - Arjen Duursma (@duursma)
- #5088: [plsql] Add support for 'DEFAULT' clause on the arguments of some oracle functions - Arjen Duursma (@duursma)
- #5107: [doc] Update maven.md - Typo fixed for maven target - karthikaiyasamy (@karthikaiyasamy)
- #5109: [java] Exclude constructor with lombok.Builder for MissingStaticMethodInNonInstantiatableClass - Krzysztof Debski (@kdebski85)
- #5111: [java] Fix UnusedPrivateMethod for @lombok.Builder.ObtainVia - Krzysztof Debski (@kdebski85)
- #5118: [java] FP for UnusedPrivateMethod with Jakarta @PostConstruct/PreDestroy annotations - Krzysztof Debski (@kdebski85)
- #5121: [plsql] Fixed issue with missing optional table alias in MERGE usage - Arjen Duursma (@duursma)
📈 Stats
- 81 commits
- 32 closed tickets & PRs
- Days since last release: 27
PMD 7.3.0 (28-June-2024)
28-June-2024 - 7.3.0
The PMD team is pleased to announce PMD 7.3.0.
This is a minor release.
Table Of Contents
🚀 New and noteworthy
✨ New Rules
- The new Java rule
UseEnumCollections
reports usages forHashSet
andHashMap
when the keys are of an enum type. The specialized enum collections are more space- and time-efficient.
💥 pmd-compat6 removed (breaking)
The already deprecated PMD 6 compatibility module (pmd-compat6) has been removed. It was intended to be used with
older versions of the maven-pmd-plugin, but since maven-pmd-plugin 3.22.0, PMD 7 is supported directly and this
module is not needed anymore.
If you currently use this dependency (net.sourceforge.pmd:pmd-compat6
), remove it and upgrade maven-pmd-plugin
to the latest version (3.23.0 or newer).
See also Maven PMD Plugin.
🐛 Fixed Issues
- cli
- #2827: [cli] Consider processing errors in exit status
- core
- apex
- apex-bestpractices
- #5000: [apex] UnusedLocalVariable FP with binds in SOSL / SOQL
- java
- java-bestpractices
- plsql
🚨 API Changes
CPD Report Format XML
There are some important changes:
- The XML format will now use an XSD schema, that is available at https://pmd.github.io/schema/cpd-report_1_0_0.xsd.
This schema defines the valid elements and attributes that one can expect from a CPD report. - The root element
pmd-cpd
contains the new attributespmdVersion
,timestamp
andversion
. The latter is
the schema version and is currently "1.0.0". - The CPD XML report will now also contain recoverable errors as additional
<error>
elements.
See Report formats for CPD for an example.
The XML format should be compatible as only attributes and elements have been added. However, if you parse
the document with a namespace aware parser, you might encounter some issues like no elements being found.
In case the new format doesn't work for you (e.g. namespaces, unexpected error elements), you can
go back using the old format with the renderer "xmlold" (XMLOldRenderer
). Note, that
this old renderer is deprecated and only there for compatibility reasons. Whatever tooling is used to
read the XML format should be updated.
CLI
-
New exit code 5 introduced. PMD and CPD will exit now by default with exit code 5, if any recoverable error
(e.g. parsing exception, lexing exception or rule exception) occurred. PMD will still create a report with
all detected violations or duplications if recoverable errors occurred. Such errors mean, that the report
might be incomplete, as either violations or duplications for an entire file or for a specific rule are missing.
These cases can be considered as false-negatives.In any case, the root cause should be investigated. If it's a problem in PMD itself, please create a bug report.
-
New CLI parameter
--no-fail-on-error
to ignore such errors and not exit with code 5. By default,
a build with errors will now fail and with that parameter, the previous behavior can be restored.
This parameter is available for both PMD and CPD. -
The CLI parameter
--skip-lexical-errors
is deprecated. By default, lexical errors are skipped but the
build is failed. Use the new parameter--[no-]fail-on-error
instead to control whether to fail the build or not.
Ant
- CPDTask has a new parameter
failOnError
. It controls, whether to fail the build if any recoverable error occurred.
By default, the build will fail. CPD will still create a report with all detected duplications, but the report might
be incomplete. - The parameter
skipLexicalError
in CPDTask is deprecated and ignored. Lexical errors are now always skipped.
Use the new parameterfailOnError
instead to control whether to fail the build or not.
Deprecated API
- pmd-ant
CPDTask#setSkipLexicalErrors
: UsesetFailOnError
instead to control, whether to ignore errors or fail the build.
- pmd-core
CPDConfiguration#isSkipLexicalErrors
andsetSkipLexicalErrors
:
UsesetFailOnError
to control whether to ignore errors or fail the build.net.sourceforge.pmd.cpd.XMLOldRenderer
(the CPD format "xmlold").- The constructor
AntlrToken#AntlrToken
shouldn't be used directly. UseAntlrTokenManager
instead.
- pmd-java
ASTResource#getStableName
and the corresponding attribute@StableName
.ASTRecordPattern#getVarId
This method was added here by mistake. Record
patterns don't declare a pattern variable for the whole pattern, but rather for individual record
components, which can be accessed viagetComponentPatterns
.
- pmd-plsql
PLSQLParserImpl
is deprecated now. It should have been package-private
because this is an implementation class that should not be used directly.- The node
ASTKEYWORD_UNRESERVED
is deprecated and is now removed from the AST.
Breaking changes: pmd-compat6 removed
The already deprecated PMD 6 compatibility module (pmd-compat6) has been removed.
See above for details.
📈 Stats
- 88 commits
- 32 closed tickets & PRs
- Days since last release: 27
PMD 7.2.0 (31-May-2024)
31-May-2024 - 7.2.0
The PMD team is pleased to announce PMD 7.2.0.
This is a minor release.
Table Of Contents
🚀 New and noteworthy
Collections exposed as XPath attributes
Up to now, all AST node getters would be exposed to XPath, as long as the return type was a primitive (boxed or unboxed), String or Enum. That meant that collections, even of these basic types, were not exposed, so for instance accessing Apex's ASTUserClass.getInterfaceNames()
to list the interfaces implemented by a class was impossible from XPath, and would require writing a Java rule to check it.
Since this release, PMD will also expose any getter returning a collection of any supported type as a sequence through an XPath attribute. They would require to use apropriate XQuery functions to manipulate the sequence. So for instance, to detect any given ASTUserClass
in Apex that implements Queueable
, it is now possible to write:
/UserClass[@InterfaceNames = 'Queueable']
Updated PMD Designer
This PMD release ships a new version of the pmd-designer.
For the changes, see PMD Designer Changelog (7.2.0).
🐛 Fixed Issues
- core
- java
- #4912: [java] Unable to parse some Java9+ resource references
- #4973: [java] Stop parsing Java for CPD
- #4980: [java] Bad intersection, unrelated class types java.lang.Object[] and java.lang.Number
- #4988: [java] Fix impl of ASTVariableId::isResourceDeclaration / VariableId/@ResourceDeclaration
- #4990: [java] Add an attribute @PackageQualifier to ASTClassType
- #5006: [java] Bad intersection, unrelated class types Child and Parent<? extends Child>
- #5029: [java] PMD 7.x throws stack overflow in TypeOps$ProjectionVisitor while parsing a Java class
- java-bestpractices
- #4278: [java] UnusedPrivateMethod FP with Junit 5 @MethodSource and default factory method name
- #4852: [java] ReplaceVectorWithList false-positive (neither Vector nor List usage)
- #4975: [java] UnusedPrivateMethod false positive when using @MethodSource on a @nested test
- #4985: [java] UnusedPrivateMethod false-positive / method reference in combination with custom object
- java-codestyle
- #1619: [java] LocalVariableCouldBeFinal on 'size' variable in for loop
- #3122: [java] LocalVariableCouldBeFinal should consider blank local variables
- #4903: [java] UnnecessaryBoxing, but explicit conversion is necessary
- #4924: [java] UnnecessaryBoxing false positive in PMD 7.0.0 in lambda
- #4930: [java] EmptyControlStatement should not allow empty try with concise resources
- #4954: [java] LocalVariableNamingConventions should allow unnamed variables by default
- #5028: [java] FormalParameterNamingConventions should accept unnamed parameters by default
- java-errorprone
- java-multithreading
- #2368: [java] False positive UnsynchronizedStaticFormatter in static initializer
🚨 API Changes
Deprecated API
- pmd-java
ASTResource#getStableName
and the corresponding attribute@StableName
✨ External Contributions
📈 Stats
- 152 commits
- 46 closed tickets & PRs
- Days since last release: 35
PMD 7.1.0 (26-April-2024)
26-April-2024 - 7.1.0
The PMD team is pleased to announce PMD 7.1.0.
This is a minor release.
Table Of Contents
🚀 New and noteworthy
More robust CPD reports
There were a number of circumstances, specially around (but not limited to) literal sequences, were CPD would
report duplicate overlapping or partially overlapping matches. These have now been fixed, and CPD will report
only the longest non-overlapping duplicate.
These improvements apply to all supported languages, irrespective of supported flags.
✨ New Rules
- The new Java rule
UnnecessaryVarargsArrayCreation
reports explicit array creation
when a varargs is expected. This is more heavy to read and could be simplified. - The new Java rule
ConfusingArgumentToVarargsMethod
reports some confusing situations
where a varargs method is called with an inexact argument type. These may end up in a mismatch between the expected
parameter type and the actual value. - The new Java rule
LambdaCanBeMethodReference
reports lambda expressions that can be replaced
with a method reference. Please read the documentation of the rule for more info. This rule is now part of the Quickstart
ruleset.
🌟 Rule Changes
JUnitTestsShouldIncludeAssert
andJUnitTestContainsTooManyAsserts
have a new property namedextraAssertMethodNames
. With this property, you can configure which additional static
methods should be considered as valid verification methods. This allows to use custom mocking or assertion libraries.
🐛 Fixed Issues
- core
- cli
- doc
- #4901: [doc] Improve documentation on usage of violationSuppressXPath
- apex
- #4418: [apex] ASTAnnotation.getImage() does not return value as written in the class
- apex-errorprone
- #3953: [apex] EmptyCatchBlock false positive with formal (doc) comments
- cpp
- #2438: [cpp] Repeated Duplication blocks
- java
- java-bestpractices
- #1084: [java] Allow JUnitTestsShouldIncludeAssert to configure verification methods
- #3216: [java] New rule: UnnecessaryVarargsArrayCreation
- #4435: [java] [7.0-rc1] UnusedAssignment for used field
- #4569: [java] ForLoopCanBeForeach reports on loop
for (int i = 0; i < list.size(); i += 2)
- #4618: [java] UnusedAssignment false positive with conditional assignments of fields
- java-codestyle
- #4602: [java] UnnecessaryImport: false positives with static imports
- #4785: [java] False Positive: PMD Incorrectly report violation for UnnecessaryImport
- #4779: [java] Examples in documentation of MethodArgumentCanBeFinal do not trigger the rule
- #4881: [java] ClassNamingConventions: interfaces are identified as abstract classes (regression in 7.0.0)
- java-design
- java-errorprone
- #2056: [java] CloseResource false-positive with URLClassLoader in cast expression
- #4751: [java] PMD crashes when analyzing CloseResource Rule
- #4928: [java] EmptyCatchBlock false negative when allowCommentedBlocks=true
- #4948: [java] ImplicitSwitchFallThrough: False-positive with nested switch statements
- java-performance
- pom-errorprone
- #4388: [pom] InvalidDependencyTypes doesn't consider dependencies at all
- misc
- #4967: Fix reproducible build issues with 7.0.0
🚨 API Changes
Deprecated methods
- pmd-java
ASTLambdaExpression#getBlock
andASTLambdaExpression#getExpression
SingularFieldRule#mayBeSingular
has been deprecated for
removal. The method is only useful for the rule itself and shouldn't be used otherwise.
✨ External Contributions
- #4864: Fix #1084 [Java] add extra assert method names to Junit rules - Erwan Moutymbo (@emouty)
- #4894: Fix #4791 Error caused by space in JDK path - Scrates1 (@Scrates1)
📈 Stats
- 205 commits
- 71 closed tickets & PRs
- Days since last release: 34
PMD 7.0.0 (22-March-2024)
22-March-2024 - 7.0.0
🎉 After a long time, we're excited to bring you now the next major version of PMD! 🎉
Since this is a big release, we provide here only a concise version of the release notes. We prepared a separate
page with the full Detailed Release Notes for PMD 7.0.0.
🤝🙏 Many thanks to all users and contributors who were testing the release candidates and
provided feedback and/or PRs!
✨ PMD 7...
- ...has a new logo
- ...analyzes Java 21 and Java 22 projects with even better type resolution and symbol table support
- ...analyzes Kotlin and Swift
- ...analyzes Apex with a new parser
- ...finds duplicated code in Coco, Julia, TypeScript
- ...ships 11 new rules and tons of improvements for existing rules
- ...provides a new CLI interface with progress bar
- ...supports Antlr based languages
- ...and many more enhancements
💥 Note: Since PMD 7 is a major release, it is not a drop-in replacement for PMD 6.55.0.
A detailed documentation of required changes are available in the Migration Guide for PMD 7.
Expand to see Release Notes
Table Of Contents
- Changes since 7.0.0-rc4
- 🚀 Major Features and Enhancements
- 🎉 Language Related Changes
- New: CPD support for Apache Velocity Template Language (VTL)
- New: CPD support for Coco
- New: CPD support for Julia
- New: CPD support for TypeScript
- New: Java 21 and 22 Support
- New: Kotlin support
- New: Swift support
- Changed: Apex Support: Replaced Jorje with fully open source front-end
- Changed: CPP can now ignore identifiers in sequences (CPD)
- Changed: Groovy Support (CPD)
- Changed: HTML support
- Changed: JavaScript support
- Changed: Language versions
- Changed: Rule properties
- Changed: Velocity Template Language (VTL)
- Changed: Visualforce
- 🌟 New and changed rules
- 🚨 API
- 💥 Compatibility and migration notes
- 🐛 Fixed Issues
- ✨ External Contributions
- 📈 Stats
Changes since 7.0.0-rc4
This section lists the most important changes from the last release candidate.
The remaining section describes the complete release notes for 7.0.0.
New and Noteworthy
Maven PMD Plugin compatibility with PMD 7
In order to use PMD 7 with maven-pmd-plugin a new
compatibility module has been created. This allows to use PMD 7 by simply adding one additional dependency:
- Follow the guide Upgrading PMD at Runtime
- Add additionally the following dependency:
<dependency>
<groupId>net.sourceforge.pmd</groupId>
<artifactId>pmd-compat6</artifactId>
<version>${pmdVersion}</version>
</dependency>
It is important to add this dependency as the first in the list, so that maven-pmd-plugin sees the (old)
compatible versions of some classes.
This module is available beginning with version 7.0.0-rc4 and will be there at least for the first
final version PMD 7 (7.0.0). It's not decided yet, whether we will keep updating it, after PMD 7 is finally
released.
Note: This compatibility module only works for the built-in rules, that are still available in PMD 7. E.g. you need
to review your rulesets and look out for deprecated rules and such. See the use case
I'm using only built-in rules
in the Migration Guide for PMD 7.
As PMD 7 revamped the Java module, if you have custom rules, you need to migrate these rules.
See the use case I'm using custom rules
in the Migration Guide.
Note: Once the default version of PMD is upgraded to PMD7 in maven-pmd-plugin
(see MPMD-379), this
compatibility module is no longer needed. The module pmd-compat6 might not be maintained then
any further, hence it is already declared as deprecated.
No guarantee is given, that the (deprecated) module pmd-compat6 is being maintained over the
whole lifetime of PMD 7.
Java 22 Support
This release of PMD brings support for Java 22. There are the following new standard language features,
that are supported now:
PMD also supports the following preview language features:
- JEP 447: Statements before super(...) (Preview)
- JEP 459: String Templates (Second Preview)
- JEP 463: Implicitly Declared Classes and Instance Main Methods (Second Preview)
In order to analyze a project with PMD that uses these language features,
you'll need to enable it via the environment variable PMD_JAVA_OPTS
and select the new language
version 22-preview
:
export PMD_JAVA_OPTS=--enable-preview
pmd check --use-version java-22-preview ...
Note: Support for Java 20 preview language features have been removed. The version "20-preview" is no longer available.
Swift Support
- limited support for Swift 5.9 (Macro Expansions)
Groovy Support (CPD)
- We now support parsing all Groovy features from Groovy 3 and 4.
- We now support suppression through
CPD-ON
/CPD-OFF
comment pairs. - See PR #4726 for details.
Updated PMD Designer
This PMD release ships a new version of the pmd-designer. The designer artifact has been
renamed from "pmd-ui" to "pmd-designer". While the designer still works with Java 8, the
recommended Java Runtime is Java 11 (or later) with OpenJFX 17 (or later).
For the detailed changes, see PMD Designer Changelog (7.0.0).
Apex Support: Replaced Jorje with fully open source front-end
When PMD added Apex support with version 5.5.0, it utilized the Apex Jorje library to parse Apex source
and generate an AST. This library is however a binary-blob provided as part of the
Salesforce Extensions for VS Code, and it is closed-source.
This causes problems, if binary blobs are not allowed by e.g. a company-wide policy. In that case, the Jorje
library prevented that PMD Apex could be used at all.
Also having access to the source code, enhancements and modifications are easier to do.
Under the hood, we use two open source libraries instead:
- apex-parser originally by
Kevin Jones (@nawforce).
This project provides the grammar for a ANTLR based parser. - Summit-AST by Google (@google)
This project translates the ANTLR parse tree into an AST, that is similar to the AST Jorje provided.
Note: This is not an official Google product.
Although the parser is completely switched, there are only little known changes to the AST.
These are documented in the Migration Guide for PMD 7: Apex AST.
With the new Apex parser, the new language constructs like
[User Mode Database Operations...
PMD 7.0.0-rc4 (30-September-2023)
30-September-2023 - 7.0.0-rc4
We're excited to bring you the next major version of PMD!
Since this is a big release, we provide here only a concise version of the release notes. We prepared a separate
page with the full Detailed Release Notes for PMD 7.0.0.
PMD 7.0.0 is finally almost ready. In order to gather feedback, we are going to ship a couple of release candidates. These are officially available on GitHub and Maven Central and can be used as usual (e.g. as a dependency). We encourage you to try out the new features, but keep in mind that we may introduce API breaking changes between the release candidates. It should be stable enough if you don't use custom rules.
We have still some tasks planned for the next release candidates. You can see the progress in PMD 7 Tracking Issue #3898.
If you find any problem or difficulty while updating from PMD 6, please provide feedback via our issue tracker. That way we can improve the experience for all.
Expand to see Release Notes
Table Of Contents
- Changes since 7.0.0-rc3
- 🚀 Major Features and Enhancements
- 🎉 Language Related Changes
- New: Swift support
- New: Kotlin support (experimental)
- New: CPD support for TypeScript
- New: CPD support for Julia
- New: CPD support for Coco
- New: Java 21 Support
- Changed: JavaScript support
- Changed: Language versions
- Changed: CPP can now ignore identifiers in sequences (CPD)
- Changed: Apex Jorje Updated
- Changed: Rule properties
- 🌟 New and changed rules
- 🚨 API
- 💥 Compatibility and migration notes
- 🐛 Fixed Issues
- ✨ External Contributions
- 📈 Stats
Changes since 7.0.0-rc3
This section lists the most important changes from the last release candidate.
The remaining section describes the complete release notes for 7.0.0.
New and Noteworthy
Migration Guide for PMD 7
A detailed documentation of required changes are available in the
Migration Guide for PMD 7.
Apex Jorje Updated
With the new version of Apex Jorje, the new language constructs like User Mode Database Operations
can be parsed now. PMD should now be able to parse Apex code up to version 59.0 (Winter '23).
Java 21 Support
This release of PMD brings support for Java 21. There are the following new standard language features,
that are supported now:
PMD also supports the following preview language features:
- JEP 430: String Templates (Preview)
- JEP 443: Unnamed Patterns and Variables (Preview)
- JEP 445: Unnamed Classes and Instance Main Methods (Preview)
In order to analyze a project with PMD that uses these language features,
you'll need to enable it via the environment variable PMD_JAVA_OPTS
and select the new language
version 21-preview
:
export PMD_JAVA_OPTS=--enable-preview
pmd check --use-version java-21-preview ...
Note: Support for Java 19 preview language features have been removed. The version "19-preview" is no longer available.
Fixed issues
- miscellaneous
- core
- #1204: [core] Allow numeric properties in XML to be within an unbounded range
- #3919: [core] Merge CPD and PMD language
- #4204: [core] Provide a CpdAnalysis class as a programmatic entry point into CPD
- #4301: [core] Remove deprecated property concrete classes
- #4302: [core] Migrate Property Framework API to Java 8
- #4323: [core] Refactor CPD integration
- #4397: [core] Refactor CPD
- #4611: [core] Fix loading language properties from env vars
- #4621: [core] Make
ClasspathClassLoader::getResource
child first
- cli
- #4423: [cli] Fix NPE when only
--file-list
is specified
- #4423: [cli] Fix NPE when only
- doc
- apex
- apex-design
- #4596: [apex] ExcessivePublicCount ignores properties
- apex-security
- #4646: [apex] ApexSOQLInjection does not recognise SObjectType or SObjectField as safe variable types
- java
- java-bestpractices
- #4634: [java] JUnit4TestShouldUseTestAnnotation false positive with TestNG
API Changes
pmd-java
- Support for Java 19 preview language features have been removed. The version "19-preview" is no longer available.
Rule properties
- The old deprecated classes like
IntProperty
andStringProperty
have been removed. Please use
PropertyFactory
to create properties. - All properties which accept multiple values now use a comma (
,
) as a delimiter. The previous default was a
pipe character (|
). The delimiter is not configurable anymore. If needed, the comma can be escaped
with a backslash. - The
min
andmax
attributes in property definitions in the XML are now optional and can appear separately
or be omitted.
New Programmatic API for CPD
See Detailed Release Notes for PMD 7
and PR #4397 for details.
Removed classes and methods
The following previously deprecated classes have been removed:
- pmd-core
net.sourceforge.pmd.cpd.AbstractTokenizer
➡️ useAnyTokenizer
insteadnet.sourceforge.pmd.cpd.CPD
➡️ usePmdCli
frompmd-cli
module for CLI support or use
CpdAnalysis
for programmatic APInet.sourceforge.pmd.cpd.GridBagHelper
(now package private)
...
PMD 7.0.0-rc3 (30-May-2023)
30-May-2023 - 7.0.0-rc3
We're excited to bring you the next major version of PMD!
Since this is a big release, we provide here only a concise version of the release notes. We prepared a separate
page with the full Detailed Release Notes for PMD 7.0.0.
PMD 7.0.0 is finally almost ready. In order to gather feedback, we are going to ship a couple of release candidates. These are officially available on GitHub and Maven Central and can be used as usual (e.g. as a dependency). We encourage you to try out the new features, but keep in mind that we may introduce API breaking changes between the release candidates. It should be stable enough if you don't use custom rules.
We have still some tasks planned for the next release candidates. You can see the progress in PMD 7 Tracking Issue #3898.
If you find any problem or difficulty while updating from PMD 6, please provide feedback via our issue tracker. That way we can improve the experience for all.
Expand to see Release Notes
Table Of Contents
- Changes since 7.0.0-rc2
- 🚀 Major Features and Enhancements
- 🎉 Language Related Changes
- New: Swift support
- New: Kotlin support (experimental)
- New: CPD support for TypeScript
- New: CPD support for Julia
- New: CPD support for Coco
- Changed: JavaScript support
- Changed: Language versions
- Changed: CPP can now ignore identifiers in sequences (CPD)
- 🌟 New and changed rules
- 🚨 API
- 💥 Compatibility and migration notes
- 🐛 Fixed Issues
- ✨ External Contributions
- 📈 Stats
Changes since 7.0.0-rc2
This section lists the most important changes from the last release candidate.
The remaining section describes the complete release notes for 7.0.0.
New CPD report format cpdhtml-v2.xslt
Thanks to @mohan-chinnappan-n a new CPD report format has been added which features a data table.
It uses an XSLT stylesheet to convert CPD's XML format into HTML.
See the example report.
Fixed issues
- miscellaneous
- #4460: Fix assembly-plugin warnings
- core
- java-bestpractices
- java-codestyle
- #4268: [java] CommentDefaultAccessModifier: false positive with TestNG annotations
- #4432: [java] [7.0-rc1] UnnecessaryImport - Unused static import is being used
- #4455: [java] FieldNamingConventions: false positive with lombok's @UtilityClass
- #4557: [java] UnnecessaryImport FP with static imports of overloaded methods
- java-design
- java-errorprone
- #4063: [java] AvoidBranchingStatementAsLastInLoop: False-negative about try/finally block
- #4457: [java] OverrideBothEqualsAndHashcode: false negative with anonymous classes
- #4510: [java] ConstructorCallsOverridableMethod: false positive with lombok's @Value
- #4546: [java] OverrideBothEqualsAndHashCode ignores records
- java-performance
- #4458: [java] RedundantFieldInitializer: false positive with lombok's @Value
API Changes
-
The following previously deprecated classes have been removed:
- pmd-core
net.sourceforge.pmd.PMD
net.sourceforge.pmd.cli.PMDCommandLineInterface
net.sourceforge.pmd.cli.PMDParameters
net.sourceforge.pmd.cli.PmdParametersParseResult
- pmd-core
-
The asset filenames of PMD on GitHub Releases are
nowpmd-dist-<version>-bin.zip
,pmd-dist-<version>-src.zip
andpmd-dist-<version>-doc.zip
.
Keep that in mind, if you have an automated download script.The structure inside the ZIP files stay the same, e.g. we still provide inside the binary distribution
ZIP file the base directorypmd-bin-<version>
. -
The CLI option
--stress
(or-stress
) has been removed without replacement. -
The CLI option
--minimum-priority
was changed with 7.0.0-rc1 to only take the following values:
High, Medium High, Medium, Medium Low, Low. With 7.0.0-rc2 compatibility has been restored, so that the equivalent
integer values (1 to 5) are supported as well. -
Replaced
RuleViolation::getFilename
with newRuleViolation#getFileId
, that returns a
FileId
. This is an identifier for aTextFile
and could represent a path name. This allows to have a separate display name, e.g. renderers use
FileNameRenderer
to either display the full path name or a relative path name
(seeRenderer#setFileNameRenderer
and
ConfigurableFileNameRenderer
). Many places where we used a simple String for
a path-like name before have been adapted to use the newFileId
.See PR #4425 for details.
External Contributions
- #4426: [cpd] New XML to HTML XLST report format for PMD CPD - mohan-chinnappan-n (@mohan-chinnappan-n)
- #4431: [coco] CPD: Coco support for code duplication detection - Wener (@wener-tiobe)
- #4470: [cpp] CPD: Added strings as literal and ignore identifiers in sequences - Wener (@wener-tiobe)
- #4507: [java] Fix #4503: A false negative about JUnitTestsShouldIncludeAssert and testng - AnnaDev (@LynnBroe)
- #4533: [java] Fix #4063: False-negative about try/catch block in Loop - AnnaDev (@LynnBroe)
- #4536: [java] Fix #4268: CommentDefaultAccessModifier - false positive with TestNG's @Test annotation - AnnaDev (@LynnBroe)
- #4537: [java] Fix #4455: A false positive about FieldNamingConventions and UtilityClass - AnnaDev (@LynnBroe)
- [#4538](https://github.com/pmd/pmd/pull...
PMD 7.0.0-rc2 (29-April-2023)
29-April-2023 - 7.0.0-rc2
We're excited to bring you the next major version of PMD!
Since this is a big release, we provide here only a concise version of the release notes. We prepared a separate
page with the full Detailed Release Notes for PMD 7.0.0.
PMD 7.0.0 is finally almost ready. In order to gather feedback, we are going to ship a couple of release candidates. These are officially available on GitHub and Maven Central and can be used as usual (e.g. as a dependency). We encourage you to try out the new features, but keep in mind that we may introduce API breaking changes between the release candidates. It should be stable enough if you don't use custom rules.
We have still some tasks planned for the next release candidates. You can see the progress in PMD 7 Tracking Issue #3898.
If you find any problem or difficulty while updating from PMD 6, please provide feedback via our issue tracker. That way we can improve the experience for all.
Expand to see Release Notes
Table Of Contents
- Changes since 7.0.0-rc1
- 🚀 Major Features and Enhancements
- 🎉 Language Related Changes
- New: Swift support
- New: Kotlin support (experimental)
- New: CPD support for TypeScript
- New: CPD support for Julia
- Changed: JavaScript support
- Changed: Language versions
- 🌟 New and changed rules
- 🚨 API
- 💥 Compatibility and migration notes
- 🐛 Fixed Issues
- ✨ External Contributions
- 📈 Stats
Changes since 7.0.0-rc1
This section lists the most important changes from the last release candidate.
The remaining section describes the complete release notes for 7.0.0.
API Changes
- Moved the two classes
AntlrTokenizer
andJavaCCTokenizer
from
internal
package into packagenet.sourceforge.pmd.cpd.impl
. These two classes are part of the API and
are base classes for CPD language implementations. AntlrBaseRule
is gone in favor ofAbstractVisitorRule
.- The classes
KotlinInnerNode
andSwiftInnerNode
are package-private now. - The parameter order of
addSourceFile
has been swapped
in order to have the same meaning as in 6.55.0. That will make it easier if you upgrade from 6.55.0 to 7.0.0.
However, that means, that you need to change these method calls if you have migrated to 7.0.0-rc1 already.
Updated PMD Designer
This PMD release ships a new version of the pmd-designer.
For the changes, see PMD Designer Changelog.
Language Related Changes
- New: CPD support for TypeScript
- New: CPD support for Julia
Rule Changes
ImmutableField
: the propertyignoredAnnotations
has been removed. The property was
deprecated since PMD 6.52.0.SwitchDensity
: the type of the propertyminimum
has been changed from decimal to integer
for consistency with other statistical rules.
Fixed Issues
- cli
- core
- #2500: [core] Clarify API for ANTLR based languages
- doc
- java-codestyle
- java-design
- java-errorprone
- java-multithreading
- #4483: [java] NonThreadSafeSingleton false positive with double-checked locking
- miscellaneous
- #4462: Provide Software Bill of Materials (SBOM)
External contributions
- #4402: [javascript] CPD: add support for Typescript using antlr4 grammar - Paul Guyot (@pguyot)
- #4403: [julia] CPD: Add support for Julia code duplication - Wener (@wener-tiobe)
- #4444: [java] CommentDefaultAccessModifier - ignore org.junit.jupiter.api.extension.RegisterExtension by default - Nirvik Patel (@nirvikpatel)
- #4450: [java] Fix #4449 AvoidAccessibilityAlteration: Correctly handle Lambda expressions in PrivilegedAction scenarios - Seren (@mohui1999)
- #4452: [doc] Update PMD_APEX_ROOT_DIRECTORY documentation reference - nwcm (@nwcm)
- #4474: [java] ImmutableField: False positive with lombok (fixes #4254) - Pim van der Loos (@PimvanderLoos)
- #4488: [java] Fix #4477: A false-positive about SignatureDeclareThrowsException - AnnaDev (@LynnBroe)
- #4494: [java] Fix #4487: A false-positive about UnnecessaryConstructor and @Inject and @Autowired - AnnaDev (@LynnBroe)
- #4495: [java] Fix #4493: false-positive about MissingStaticMethodInNonInstantiatableClass and @Inject - AnnaDev (@LynnBroe)
- #4520: [doc] Fix typo: missing closing quotation mark after CPD-END - João Dinis Ferreira (@joaodinissf)
🚀 Major Features and Enhancements
New official logo
The new official logo of PMD:
Revamped Java module
- Java grammar substantially refactored - more correct regarding the Java Language Specification (JLS)
- Built-in rules have been upgraded for the changed AST
- Rewritten type resolution framework and symbol table correctly implements the JLS
- AST exposes more semantic information (method calls, field accesses)
For more ...