30-January-2021 - 6.31.0
The PMD team is pleased to announce PMD 6.31.0.
This is a minor release.
Table Of Contents
- New and noteworthy
- SARIF Format
- CPD
- New Rules
- Deprecated rules
- Fixed Issues
- API Changes
- Deprecated API
- Experimental APIs
- External Contributions
- Stats
New and noteworthy
SARIF Format
PMD now supports the Static Analysis Results Interchange Format (SARIF)
as an additional report format. Just use the command line parameter -format sarif
to select it.
SARIF is an OASIS standard format for static analysis tools.
PMD creates SARIF JSON files in SARIF version 2.1.0.
An example report can be found in the documentation in Report formats for PMD.
CPD
- The C++ module now supports the new option
--ignore-literal-sequences
,
which can be used to avoid detection of some uninteresting clones. This options has been
introduced with PMD 6.30.0 for C# and is now available for C++ as well. See #2963.
New Rules
-
The new Apex rule
OverrideBothEqualsAndHashcode
brings the well known Java rule
to Apex. In Apex the same principle applies:equals
andhashCode
should always be overridden
together to ensure collection classes such as Maps and Sets work as expected. -
The new Visualforce rule
VfHtmlStyleTagXss
checks for potential XSS problems
when using<style>
tags on Visualforce pages.
Deprecated rules
- java-performance
AvoidUsingShortType
: arithmetic on shorts is not significantly
slower than on ints, whereas using shorts may provide significant memory savings in arrays.SimplifyStartsWith
: the suggested code transformation has an
insignificant performance impact, and decreases readability.
Fixed Issues
- core
- java-bestpractices
- #575: [java] LiteralsFirstInComparisons should consider constant fields
- #2454: [java] UnusedPrivateMethod violation for disabled class in 6.23.0
- #2833: [java] NPE in UseCollectionIsEmptyRule with enums
- #2876: [java] UnusedPrivateField cannot override ignored annotations property
- #2957: [java] Ignore unused declarations that have special name
- java-codestyle
- #2960: [java] Thread issue in MethodNamingConventionsRule
- java-design
- #3006: [java] NPE in SingularFieldRule with concise resource syntax
- java-errorprone
- #2976: [java] CompareObjectsWithEquals: FP with array.length
- #2977: [java] 6.30.0 introduces new false positive in CloseResource rule?
- #2979: [java] UseEqualsToCompareStrings: FP with "var" variables
- #3004: [java] UseEqualsToCompareStrings false positive with PMD 6.30.0
- #3062: [java] CloseResource FP with reassigned stream
- java-performance
- vf-security
- #3081: [vf] VfUnescapeEl: Inherently un-XSS-able built-in functions trigger false positives
API Changes
Deprecated API
AbstractDomXmlRule
AbstractWsdlRule
- A few methods of
AbstractXmlRule
Experimental APIs
- The method
GenericToken#getKind
has been added as experimental. This
unifies the token interface for both JavaCC and Antlr. The already existing method
AntlrToken#getKind
is therefore experimental as well. The
returned constant depends on the actual language and might change whenever the grammar
of the language is changed.
External Contributions
- #2666: [swift] Manage swift5 string literals - kenji21
- #2959: [apex] New Rule: override equals and hashcode rule - recdevs
- #2963: [cpp] Add option to ignore sequences of literals - Maikel Steneker
- #2964: [cs] Update C# grammar for additional C# 7 and C# 8 features - Maikel Steneker
- #2965: [cs] Improvements for ignore sequences of literals functionality - Maikel Steneker
- #2968: [java] NPE in UseCollectionIsEmptyRule with enums - foxmason
- #2983: [java] LiteralsFirstInComparisons should consider constant fields - Ozan Gulle
- #2994: [core] Fix code climate severity strings - Vincent Maurin
- #3005: [vf] [New Rule] Handle XSS violations that can occur within Html Style tags - rmohan20
- #3073: [core] Include SARIF renderer - Manuel Moya Ferrer
- #3084: [vf] VfUnescapeEl false-positive with builtin functions - Josh Feingold
Stats
- 116 commits
- 40 closed tickets & PRs
- Days since last release: 49