An extensible multilanguage static code analyzer.
The PMD team is pleased to announce PMD 6.50.0.
This is a minor release.
This release of PMD adds support for Luau, a gradually typed language derived from Lua. This means, that the Lua language in PMD can now parse both Lua and Luau.
UnusedPrivateField
now ignores private fields, if the fields are
annotated with any annotation or the enclosing class has any annotation. Annotations often enable a
framework (such as dependency injection, mocking or e.g. Lombok) which use the fields by reflection or other
means. This usage can't be detected by static code analysis. Previously these frameworks where explicitly allowed
by listing their annotations in the property "ignoredAnnotations", but that turned out to be prone of false
positive for any not explicitly considered framework. That's why the property "ignoredAnnotations" has been
deprecated for this rule.CommentDefaultAccessModifier
now by default ignores JUnit5 annotated
methods. This behavior can be customized using the property ignoredAnnotations
.--ignore-literal-sequences
argument when analyzing Lua code.Many thanks to our sponsors:
The PMD team is pleased to announce PMD 6.49.0.
This is a minor release.
This PMD release ships a new version of the pmd-designer. For the changes, see PMD Designer Changelog.
In order to reduce the dependency on Apex Jorje classes, the following methods have been deprecated. These methods all leaked internal Jorje enums. These enums have been replaced now by enums the PMD's AST package.
ASTAssignmentExpression#getOperator
ASTBinaryExpression#getOperator
ASTBooleanExpression#getOperator
ASTPostfixExpression#getOperator
ASTPrefixExpression#getOperator
All these classes have now a new getOp()
method. Existing code should be refactored to use this method instead.
It returns the new enums, like AssignmentOperator
, and avoids
the dependency to Jorje.
ast
package - @eklimoThe PMD team is pleased to announce PMD 6.48.0.
This is a minor release.
This release of PMD brings support for Java 19. There are no new standard language features.
PMD supports JEP 427: Pattern Matching for switch (Third Preview) and JEP 405: Record Patterns (Preview) as preview language features.
In order to analyze a project with PMD that uses these language features,
you'll need to enable it via the environment variable PMD_JAVA_OPTS
and select the new language
version 19-preview
:
export PMD_JAVA_OPTS=--enable-preview
./run.sh pmd -language java -version 19-preview ...
Note: Support for Java 17 preview language features have been removed. The version "17-preview" is no longer available.
Thanks to the contribution from Anne Brouwers PMD now has CPD support for the Gherkin language. It is used to defined test cases for the Cucumber testing tool for behavior-driven development.
Being based on a proper Antlr grammar, CPD can:
--debug
flag--debug
. This option has the same behavior as in PMD. It enables more verbose
logging output.isRegressionTest
of test-code
is deprecated. The new
attribute disabled
should be used instead for defining whether a rule test should be skipped or not.reinitializeRule
and useAuxClasspath
of test-code
are deprecated and assumed true.
They will not be replaced.focused
of test-code
allows disabling all tests except the focused one temporarily.ASTGuardedPattern
has been deprecated and
will be removed. It was introduced for Java 17 and Java 18 Preview as part of pattern matching for switch,
but it is no longer supported with Java 19 Preview.CPDRenderer
is deprecated. For custom CPD renderers
the new interface CPDReportRenderer
should be used.TestDescriptor
is deprecated, replaced with RuleTestDescriptor
.RuleTst
have been deprecated as internal API.Those APIs are not intended to be used by clients, and will be hidden or removed with PMD 7.0.0.
You can identify them with the @InternalApi
annotation. You'll also get a deprecation warning.
CPDConfiguration#setRenderer
CPDConfiguration#setCPDRenderer
CPDConfiguration#getRenderer
CPDConfiguration#getCPDRenderer
CPDConfiguration#getRendererFromString
CPDConfiguration#getCPDRendererFromString
CPDRendererAdapter
Many thanks to our sponsors:
The PMD team is pleased to announce PMD 6.47.0.
This is a minor release.
No changes.
The PMD team is pleased to announce PMD 6.46.0.
This is a minor release.
The PMD CLI now allows repeating the --dir
(-d
) and --rulesets
(-R
) options,
as well as providing several space-separated arguments to either of them. For instance:
pmd -d src/main/java src/test/java -R rset1.xml -R rset2.xml
This also allows globs to be used on the CLI if your shell supports shell expansion. For instance, the above can be written
pmd -d src/*/java -R rset*.xml
Please use theses new forms instead of using comma-separated lists as argument to these options.
When executing CPD on C# sources, the option --ignore-annotations
is now supported as well.
It ignores C# attributes when detecting duplicated code. This option can also be enabled via
the CPD GUI. See #3974 for details.
This release ships with 2 new Java rules.
EmptyControlStatement
reports many instances of empty things, e.g. control statements whose
body is empty, as well as empty initializers.
EmptyControlStatement also works for empty for
and do
loops, while there were previously
no corresponding rules.
This new rule replaces the rules EmptyFinallyBlock, EmptyIfStmt, EmptyInitializer, EmptyStatementBlock, EmptySwitchStatements, EmptySynchronizedBlock, EmptyTryBlock, and EmptyWhileStmt.
<rule ref="category/java/codestyle.xml/EmptyControlStatement"/>
The rule is part of the quickstart.xml ruleset.
UnnecessarySemicolon
reports semicolons that are unnecessary (so called "empty statements"
and "empty declarations").
This new rule replaces the rule EmptyStatementNotInLoop.
<rule ref="category/java/codestyle.xml/UnnecessarySemicolon"/>
The rule is part of the quickstart.xml ruleset.
EmptyControlStatement
merges their functionality:
EmptyStatementNotInLoop
is deprecated and removed from the quickstart
ruleset. Use the new rule UnnecessarySemicolon
instead.Ruleset references with the following formats are now deprecated and will produce a warning when used on the CLI or in a ruleset XML file:
<lang-name>-<ruleset-name>
, eg java-basic
, which resolves to rulesets/java/basic.xml
600
, which resolves to rulesets/releases/600.xml
Use the explicit forms of these references to be compatible with PMD 7.
toString
is now deprecated. The format of this
method will remain the same until PMD 7. The deprecation is intended to steer users
away from relying on this format, as it may be changed in PMD 7.getInputPaths
and
setInputPaths
are now deprecated.
A new set of methods have been added, which use lists and do not rely on comma splitting.Those APIs are not intended to be used by clients, and will be hidden or removed with PMD 7.0.0.
You can identify them with the @InternalApi
annotation. You'll also get a deprecation warning.
CPDCommandLineInterface
has been internalized. In order to execute CPD either
CPD#run
or CPD#main
should be used.BaseCPDCLITest
have been deprecated with replacements.Formatter#start
,
Formatter#end
, Formatter#getRenderer
,
and Formatter#isNoOutputSupplied
have been internalized.The PMD team is pleased to announce PMD 6.45.0.
This is a minor release.
Help shape the future of PMD by telling us how you use it.
Our little survey is still open in case you didn't participate yet. Please participate in our survey at https://forms.gle/4d8r1a1RDzfixHDc7.
Thank you!
This version of PMD ships a new language module to support analyzing of HTML. Support for HTML is experimental and might change without notice. The language implementation is not complete yet and the AST doesn't look well for text nodes and comment nodes and might be changed in the future. You can write your own rules, but we don't guarantee that the rules work with the next (minor) version of PMD without adjustments.
Please give us feedback about how practical this new language is in discussions. Please report missing features or bugs as new issues.
AvoidInlineStyles
finds elements which use a style attribute.
In order to help maintaining a webpage it is considered good practice to separate content and styles. Instead
of inline styles one should use CSS files and classes. <rule ref="category/html/bestpractices.xml/AvoidInlineStyles" />
UnnecessaryTypeAttribute
finds "link" and "script" elements which
still have a "type" attribute. This is not necessary anymore since modern browsers automatically use CSS and
JavaScript. <rule ref="category/html/bestpractices.xml/UnnecessaryTypeAttribute" />
UseAltAttributeForImages
finds "img" elements without an "alt"
attribute. An alternate text should always be provided in order to help screen readers. <rule ref="category/html/bestpractices.xml/UseAltAttributeForImages" />
UnusedPrivateField
has a new property ignoredFieldNames
.
The default ignores serialization-specific fields (eg serialVersionUID
).
The property can be used to ignore more fields based on their name.
Note that the rule used to ignore fields named IDENT
, but doesn't anymore (add this value to the property to restore the old behaviour).Report#filterViolations
creates a new report with
some violations removed with a given predicate based filter.Report#union
can combine two reports into a single new Report.net.sourceforge.pmd.util.Predicate
will be replaced in PMD7 with the standard Predicate interface from java8.pmd-html
is entirely experimental right now. Anything in the package
net.sourceforge.pmd.lang.html
should be used cautiously.The PMD team is pleased to announce PMD 6.44.0.
This is a minor release.
Help shape the future of PMD by telling us how you use it.
Please participate in our survey at https://forms.gle/4d8r1a1RDzfixHDc7.
Thank you!
This release of PMD brings support for Java 18. There are no new standard language features.
PMD also supports JEP 420: Pattern Matching for switch (Second Preview) as a preview language feature. In order to analyze a project with PMD that uses these language features, you'll need to enable it via the environment variable PMD_JAVA_OPTS
and select the new language version 18-preview
:
export PMD_JAVA_OPTS=--enable-preview
./run.sh pmd -language java -version 18-preview ...
Note: Support for Java 16 preview language features have been removed. The version "16-preview" is no longer available.
The new rule class DomXPathRule
is intended to replace usage of the XPathRule
for XML rules. This rule executes the XPath query in a different way, which sticks to the XPath specification. This means the expression is interpreted the same way in PMD as in all other XPath development tools that stick to the standard. You can for instance test the expression in an online XPath editor.
Prefer using this class to define XPath rules: replace the value of the class
attribute with net.sourceforge.pmd.lang.xml.rule.DomXPathRule
like so:
<rule name="MyXPathRule"
language="xml"
message="A message"
class="net.sourceforge.pmd.lang.xml.rule.DomXPathRule">
<properties>
<property name="xpath">
<value><![CDATA[
/a/b/c[@attr = "5"]
]]></value>
</property>
<!-- Note: the property "version" is ignored, remove it. The query is XPath 2. -->
</properties>
</rule>
The rule is more powerful than XPathRule
, as it can now handle XML namespaces, comments and processing instructions. Please refer to the Javadoc of DomXPathRule
for information about the differences with XPathRule
and examples.
XPathRule
is still perfectly supported for all other languages, including Apex and Java.
The new XPath functions pmd:startLine
, pmd:endLine
, pmd:startColumn
, and pmd:endColumn
are now available in XPath rules for all languages. They replace the node attributes @BeginLine
, @EndLine
and such. These attributes will be deprecated in a future release.
Please refer to the documentation of these functions for more information, including usage samples.
Note that the function pmd:endColumn
returns an exclusive index, while the attribute @EndColumn
is inclusive. This is for forward compatibility with PMD 7, which uses exclusive end indices.
This release introduces a new programmatic API to replace the inflexible PMD
class.
Programmatic execution of PMD should now be done with a PMDConfiguration
and a PmdAnalysis
, for instance:
PMDConfiguration config = new PMDConfiguration();
config.setDefaultLanguageVersion(LanguageRegistry.findLanguageByTerseName("java").getVersion("11"));
config.setInputPaths("src/main/java");
config.prependAuxClasspath("target/classes");
config.setMinimumPriority(RulePriority.HIGH);
config.addRuleSet("rulesets/java/quickstart.xml");
config.setReportFormat("xml");
config.setReportFile("target/pmd-report.xml");
try (PmdAnalysis pmd = PmdAnalysis.create(config)) {
// note: don't use `config` once a PmdAnalysis has been created.
// optional: add more rulesets
pmd.addRuleSet(pmd.newRuleSetLoader().loadFromResource("custom-ruleset.xml"));
// optional: add more files
pmd.files().addFile(Paths.get("src", "main", "more-java", "ExtraSource.java"));
// optional: add more renderers
pmd.addRenderer(renderer);
// or just call PMD
pmd.performAnalysis();
}
The PMD
class still supports methods related to CLI execution: runPmd
and main
. All other members are now deprecated for removal. The CLI itself remains compatible, if you run PMD via command-line, no action is required on your part.
Several members of PMD
have been newly deprecated, including:
PMD#EOL
: use System#lineSeparator()
PMD#SUPPRESS_MARKER
: use DEFAULT_SUPPRESS_MARKER
PMD#processFiles
: use the new programmatic API
PMD#getApplicableFiles
: is internalPMDConfiguration#prependClasspath
is deprecated
in favour of prependAuxClasspath
.
PMDConfiguration#setRuleSets
and
getRuleSets
are deprecated. Use instead
setRuleSets
,
addRuleSet
,
and getRuleSetPaths
.
Several members of BaseCLITest
have been deprecated with replacements.
Several members of PMDCommandLineInterface
have been explicitly deprecated.
The whole class however was deprecated long ago already with 6.30.0. It is internal API and should
not be used.
In modelica, the rule classes AmbiguousResolutionRule
and ConnectUsingNonConnector
have been deprecated,
since they didn't comply to the usual rule class naming conventions yet.
The replacements are in the subpackage bestpractices
.
Together with the new programmatic API the interface
TextFile
has been added as experimental. It intends
to replace DataSource
and SourceCode
in the long term.
This interface will change in PMD 7 to support read/write operations
and other things. You don't need to use it in PMD 6, as FileCollector
decouples you from this. A file collector is available through PmdAnalysis#files
.
The PMD team is pleased to announce PMD 6.43.0.
This is a minor release.
!= null
as positive conditionSome API deprecations were performed in core PMD classes, to improve compatibility with PMD 7.
Report
: the constructor and other construction methods like addViolation or createReportRuleContext
: all constructors, getters and setters. A new set
of stable methods, matching those in PMD 7, was added to replace the addViolation
overloads of AbstractRule
. In PMD 7, RuleContext
will
be the API to report violations, and it can already be used as such in PMD 6.configuration
is unused and will be removed.Those APIs are not intended to be used by clients, and will be hidden or removed with PMD 7.0.0.
You can identify them with the @InternalApi
annotation. You'll also get a deprecation warning.
RuleSet
: methods that serve to apply rules, including apply
, start
, end
, removeDysfunctionalRules
AbstractAccumulatingRenderer#renderFileReport
is internal API
and should not be overridden in own renderers.It is now forbidden to report a violation:
null
nodenull
messagenull
set of format arguments (prefer a zero-length array)Note that the message is set from the XML rule declaration, so this is only relevant if you instantiate rules manually.
RuleContext
now requires setting the current rule before calling
apply
. This is
done automatically by RuleSet#apply
and such. Creating and configuring a
RuleContext
manually is strongly advised against, as the lifecycle of RuleContext
will change drastically in PMD 7.
The PMD team is pleased to announce PMD 6.42.0.
This is a minor release.
Rhino, the implementation of JavaScript we use for parsing JavaScript code, has been updated to the latest version 1.7.14. Now language features like template strings can be parsed. However Rhino does not support all features of the latest EcmaScript standard.
FinalParameterInAbstractMethod
detects parameters that are
declared as final in interfaces or abstract methods. Declaring the parameters as final is useless
because the implementation may choose to not respect it. <rule ref="category/java/codestyle.xml/FinalParameterInAbstractMethod" />
The rule is part of the quickstart.xml ruleset.
ApexDoc
has a new property reportProperty
.
If set to false
(default is true
if unspecified) doesn't report missing ApexDoc comments on properties.
It allows you to enforce ApexDoc comments for classes and methods without requiring them for properties.No changes.
The PMD team is pleased to announce PMD 6.41.0.
This is a minor release.
PMD now has its own official GitHub Action: GitHub Action for PMD. It can execute PMD with your own ruleset against your project. It creates a SARIF report which is uploaded as a build artifact. Furthermore the build can be failed based on the number of violations.
Feedback and pull requests are welcome at https://github.com/pmd/pmd-github-action.
This minor release will be the last one in 2021. The next release is scheduled to be end of January 2022.
valueOf(char [], int, int)
is usedThe command line options for PMD and CPD now use GNU-syle long options format. E.g. instead of -rulesets
the
preferred usage is now --rulesets
. Alternatively one can still use the short option -R
.
Some options also have been renamed to a more consistent casing pattern at the same time
(--fail-on-violation
instead of -failOnViolation
).
The old single-dash options are still supported but are deprecated and will be removed with PMD 7.
This change makes the command line interface more consistent within PMD and also less surprising
compared to other cli tools.
The changes in detail for PMD:
old option | new option |
---|---|
-rulesets |
--rulesets (or -R ) |
-uri |
--uri |
-dir |
--dir (or -d ) |
-filelist |
--file-list |
-ignorelist |
--ignore-list |
-format |
--format (or -f ) |
-debug |
--debug |
-verbose |
--verbose |
-help |
--help |
-encoding |
--encoding |
-threads |
--threads |
-benchmark |
--benchmark |
-stress |
--stress |
-shortnames |
--short-names |
-showsuppressed |
--show-suppressed |
-suppressmarker |
--suppress-marker |
-minimumpriority |
--minimum-priority |
-property |
--property |
-reportfile |
--report-file |
-force-language |
--force-language |
-auxclasspath |
--aux-classpath |
-failOnViolation |
--fail-on-violation |
--failOnViolation |
--fail-on-violation |
-norulesetcompatibility |
--no-ruleset-compatibility |
-cache |
--cache |
-no-cache |
--no-cache |
The changes in detail for CPD:
old option | new option |
---|---|
--failOnViolation |
--fail-on-violation |
-failOnViolation |
--fail-on-violation |
--filelist |
--file-list |