jborgers/sonar-pmd 4.2.0

Release 4.2.0

on GitHub

What's Changed

Now supports Java 25, PMD Kotlin rules and rule customization with parameters per Quality Profile.

Adds new rules of PMD 7.17.0, fixes analysis scope for main or test sources and lowers severity of code-style issues.

Provides detailed error messages when PMD analysis fails at scanner side.

Major changes

• Java 25 by @stokpop in #587
• Activate Kotlin sensor by @stokpop in #545
• add params in sonar rules xml based on Java Rule properties by @stokpop in #537
• upgrade to PMD 7.17.0 by @stokpop in #586
• Fix Analysis scope #576 by @jborgers in #590
• adjust severity level for code-style category by @stokpop in #588

See release notes PMD rules for 4.2.0 for 10 new rules and 49 updated rules of total 292 rules.

Minor changes

• md to html utility class in sonar-pmd-lib.jar by @stokpop in #538
• activate kotlin sensor - fix for download required plugins and integration tests by @stokpop in #579
• html doc glitch by @stokpop in #585
• filter non-sonar tag 'main-sources' and fix unit test by @stokpop in #595
• Add/remove tests tag in Sonar rule if Test is in rule name #597 by @jborgers in #598
• analyse scope test & main integration test by @stokpop in #599
• no need to use reflection to enable withReporter method in pmd by @stokpop in #601

Dependencies

• build(deps-dev): bump org.sonarsource.sonarqube:sonar-plugin-api-impl from 25.6.0.109173 to 25.7.0.110598 by @dependabot[bot] in #530
• build(deps): bump org.sonarsource.api.plugin:sonar-plugin-api from 12.0.0.2960 to 13.0.0.3026 by @dependabot[bot] in #519
• build(deps): bump commons-io:commons-io from 2.19.0 to 2.20.0 by @dependabot[bot] in #547
• build(deps-dev): bump org.junit.jupiter:junit-jupiter from 5.13.3 to 5.13.4 by @dependabot[bot] in #549
• build(deps): bump org.sonarsource.java:java-frontend from 8.17.1.39878 to 8.18.0.40025 by @dependabot[bot] in #550
• • build(deps): bump org.codehaus.mojo:flatten-maven-plugin from 1.7.1 to 1.7.2 by @dependabot[bot] in #552
• build(deps-dev): bump org.assertj:assertj-core from 3.27.3 to 3.27.4 by @dependabot[bot] in #555
• build(deps): bump org.apache.maven.plugins:maven-javadoc-plugin from 3.11.2 to 3.11.3 by @dependabot[bot] in #556
• build(deps-dev): bump org.mockito:mockito-core from 5.18.0 to 5.19.0 by @dependabot[bot] in #557
• build(deps-dev): bump org.sonarsource.sonarqube:sonar-plugin-api-impl from 25.7.0.110598 to 25.8.0.112029 by @dependabot[bot] in #554
• build(deps): bump org.sonarsource.scanner.maven:sonar-maven-plugin from 5.1.0.4751 to 5.2.0.4988 by @dependabot[bot] in #558
• build(deps-dev): bump org.sonarsource.sonarqube:sonar-plugin-api-impl from 25.8.0.112029 to 25.9.0.112764 by @dependabot[bot] in #559
• build(deps): bump pmd.version from 7.15.0 to 7.16.0 by @dependabot[bot] in #551
• build(deps): bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.3 to 3.5.4 by @dependabot[bot] in #566
• build(deps): bump com.google.guava:guava from 33.4.8-jre to 33.5.0-jre by @dependabot[bot] in #571
• build(deps): bump org.apache.maven.plugins:maven-failsafe-plugin from 3.5.3 to 3.5.4 by @dependabot[bot] in #567
• build(deps): bump org.apache.maven.plugins:maven-compiler-plugin from 3.14.0 to 3.14.1 by @dependabot[bot] in #573
• build(deps-dev): bump org.mockito:mockito-core from 5.19.0 to 5.20.0 by @dependabot[bot] in #574
• build(deps): bump org.apache.maven.plugins:maven-javadoc-plugin from 3.11.3 to 3.12.0 by @dependabot[bot] in #575
• build(deps-dev): bump org.assertj:assertj-core from 3.27.4 to 3.27.6 by @dependabot[bot] in #577
• build(deps): bump org.jetbrains:annotations from 26.0.2 to 26.0.2-1 by @dependabot[bot] in #560
• build(deps): bump org.sonatype.central:central-publishing-maven-plugin from 0.8.0 to 0.9.0 by @dependabot[bot] in #584
• build(deps): bump org.apache.commons:commons-lang3 from 3.18.0 to 3.19.0 by @dependabot[bot] in #583
• build(deps): bump org.codehaus.mojo:flatten-maven-plugin from 1.7.2 to 1.7.3 by @dependabot[bot] in #582
• build(deps-dev): bump org.sonarsource.sonarqube:sonar-plugin-api-impl from 25.6.0.109173 to 25.9.0.112764 by @dependabot[bot] in #589
• build(deps-dev): bump org.junit.jupiter:junit-jupiter from 5.13.4 to 6.0.0 by @dependabot[bot] in #591
• build(deps): bump org.apache.maven.plugins:maven-enforcer-plugin from 3.6.1 to 3.6.2 by @dependabot[bot] in #596

Full Changelog: 4.1.0...4.2.0