12-September-2025 - 7.17.0-SNAPSHOT

The PMD team is pleased to announce PMD 7.17.0-SNAPSHOT.

This is a minor release.

Table Of Contents

• 🚀 New and noteworthy
  • ✨ New Rules
  • Deprecated Rules
• 🐛 Fixed Issues
• 🚨 API Changes
• ✨ Merged pull requests
• 📦 Dependency updates
• 📈 Stats

🚀 New and noteworthy

✨ New Rules

• The new java rule TypeParameterNamingConventions replaces the now deprecated rule
  GenericsNaming. The new rule is configurable and checks for naming conventions of type parameters in
  generic types and methods. It can be configured via a regular expression.
  By default, this rule uses the standard Java naming convention (single uppercase letter).
  The rule is referenced in the quickstart.xml ruleset for Java.

Deprecated Rules

• The java rule GenericsNaming has been deprecated for removal in favor
  of the new rule TypeParameterNamingConventions.

🐛 Fixed Issues

• java
  • #5874: [java] Update java regression tests with Java 25 language features
• java-codestyle
  • #972: [java] Improve naming conventions rules

🚨 API Changes

✨ Merged pull requests

• #5922: Fix #972: [java] Add a new rule TypeParameterNamingConventions - UncleOwen (@UncleOwen)
• #5932: [ci] Reuse GitHub Pre-Releases - Andreas Dangel (@adangel)

📦 Dependency updates

📈 Stats

25-July-2025 - 7.16.0

The PMD team is pleased to announce PMD 7.16.0.

This is a minor release.

Table Of Contents

• 🚀 New and noteworthy
  • 🚀 New: Java 25 Support
  • New: CPD support for CSS
  • ✨ New Rules
• 🐛 Fixed Issues
• 🚨 API Changes
  • Experimental APIs that are now considered stable
• ✨ Merged pull requests
• 📦 Dependency updates
• 📈 Stats

🚀 New and noteworthy

🚀 New: Java 25 Support

This release of PMD brings support for Java 25.

There are the following new standard language features:

• JEP 511: Module Import Declarations
• JEP 512: Compact Source Files and Instance Main Methods
• JEP 513: Flexible Constructor Bodies

And one preview language feature:

• JEP 507: Primitive Types in Patterns, instanceof, and switch (Third Preview)

In order to analyze a project with PMD that uses these preview language features,
you'll need to enable it via the environment variable PMD_JAVA_OPTS and select the new language
version 25-preview:

export PMD_JAVA_OPTS=--enable-preview
pmd check --use-version java-25-preview ...

Note: Support for Java 23 preview language features have been removed. The version "23-preview"
is no longer available.

New: CPD support for CSS

CPD now supports CSS (Cascading Style Sheets), a language for describing the rendering of structured
documents (such as HTML) on screen, on paper etc.
It is shipped with the new module pmd-css.

✨ New Rules

• Two new rules have been added to Java's Error Prone category: ReplaceJavaUtilCalendar
  and ReplaceJavaUtilDate. These rules help to migrate away from old Java APIs around
  java.util.Calendar and java.util.Date. It is recommended to use the modern java.time API instead, which
  is available since Java 8.

🐛 Fixed Issues

• core
  • #4328: [ci] Improve Github Actions Workflows
  • #5597: [core] POM Incompatibility with Maven 4
• java
  • #5344: [java] IllegalArgumentException: Invalid type reference for method or ctor type annotation: 16
  • #5478: [java] Support Java 25
• java-codestyle
  • #5892: [java] ShortVariable false positive for java 22 unnamed variable _
• java-design
  • #5858: [java] FinalFieldCouldBeStatic false positive for array initializers
• java-errorprone
  • #2862: [java] New Rules: Avoid java.util.Date and Calendar classes

🚨 API Changes

Experimental APIs that are now considered stable

• pmd-java
  • ASTImportDeclaration#isModuleImport is now stable API.
  • ASTCompilationUnit#isCompact is now stable API. Note, it was previously
    called isSimpleCompilationUnit.
  • ASTImplicitClassDeclaration is now stable API.
  • JavaVisitorBase#visit(ASTImplicitClassDeclaration, P) is now
    stable API.

✨ Merged pull requests

• #5733: [css] Add new CPD language - Thomas Prouvot (@tprouvot)
• #5859: Fix #5858: [java] Fix false positive in FinalFieldCouldBeStatic for array initializers - Zbynek Konecny (@zbynek)
• #5872: [java] Add Support for Java 25 - Andreas Dangel (@adangel)
• #5876: chore: license header cleanup - Andreas Dangel (@adangel)
• #5883: Fix #2862: [java] Add rules discouraging the use of java.util.Calendar and java.util.Date - UncleOwen (@UncleOwen)
• #5893: chore: Fix Mockito javaagent warning for Java 21+ - Andreas Dangel (@adangel)
• #5894: chore: Fix JUnit warning about invalid test factory - Andreas Dangel (@adangel)
• #5895: Fix #5597: Move dogfood profile to separate settings.xml - Andreas Dangel (@adangel)
• #5899: Fix #5344: [java] Just log invalid annotation target type - Andreas Dangel (@adangel)
• #5909: [ci] Create a pre-release for snapshot builds - Andreas Dangel (@adangel)
• #5911: [doc] Reference CPD Capable Languages in CPD CLI docu - Andreas Dangel (@adangel)
• #5914: Fix #5892: [java] ShortVariable FP for java 22 Unnamed Variable - Lukas Gräf (@lukasgraef)
• #5918: chore: [cli] Improve symbolic link tests for Windows - Andreas Dangel (@adangel)
• #5920: chore: [scala] Fix javadoc config - Andreas Dangel (@adangel)

📦 Dependency updates

• #5857: Bump PMD from 7.14.0 to 7.15.0
• #5861: Bump scalameta.version from 4.13.7 to 4.13.8
• #5862: Bump com.puppycrawl.tools:checkstyle from 10.25.1 to 10.26.1
• #5863: Bump org.apache.maven.plugins:maven-pmd-plugin from 3.26.0 to 3.27.0
• #5864: Bump kotlin.version from 1.9.24 to 2.2.0
• #5865: Bump org.junit:junit-bom from 5.13.1 to 5.13.2
• #5866: Bump org.jsoup:jsoup from 1.20.1 to 1.21.1
• #5884: Bump org.junit:junit-bom from 5.13.2 to 5.13.3
• #5885: Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.7 to 3.2.8
• #5886: Bump org.checkerframework:checker-qual from 3.49.4 to 3.49.5
• #5889: Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.5.0 to 3.6.0
• #5900: Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0
• #5901: Bump io.github.apex-dev-tools:apex-parser from 4.4.0 to 4.4.1
• #5902: Bump log4j.version from 2.25.0 to 2.25.1
• #5910: Bump maven from 3.9.10 to 3.9.11
• #5921: Bump build-tools from 32 to 33
• #5926: chore(deps): bump org.apache.maven.plugins:maven-enforcer-plugin from 3.6.0 to 3.6.1
• #5927: chore(deps): bump ostruct from 0.6.2 to 0.6.3 in /.ci/files in the all-gems group across 1 directory
• #5928: chore(deps): bump marocchino/sticky-pull-request-comment from 2.9.3 to 2.9.4 in the all-actions group
• #5929: chore(deps): Update gems

📈 Stats

• 100 commits
• 21 closed tickets & PRs
• Days since last release: 27

27-June-2025 - 7.15.0

The PMD team is pleased to announce PMD 7.15.0.

This is a minor release.

Table Of Contents

• 🚀 New and noteworthy
  • ✨ New Rules
• 🐛 Fixed Issues
• 🚨 API Changes
  • Rule Test Schema
• 💵 Financial Contributions
• ✨ Merged pull requests
• 📦 Dependency updates
• 📈 Stats

🚀 New and noteworthy

✨ New Rules

• The new Apex rule AvoidBooleanMethodParameters finds methods that take a
  boolean parameter. This can make method calls difficult to understand and maintain as the method is clearly
  doing two things.

🐛 Fixed Issues

• apex-design
  • #5427: [apex] New Rule: Avoid Boolean Method Parameters
• apex-security
  • #5788: [apex] ApexCRUDViolation unable to detect insecure SOQL if it is a direct input argument
• doc
  • #5790: [doc] Website rule reference pages are returning 404
• java-bestpractices
  • #5785: [java] UnusedPrivateField doesn't play well with UnnecessaryWarningSuppression
  • #5793: [java] NonExhaustiveSwitch fails on exhaustive switch with sealed class
• java-codestyle
  • #1639: [java] UnnecessaryImport false positive for multiline @link Javadoc
  • #2304: [java] UnnecessaryImport false positive for on-demand imports in JavaDoc
  • #5832: [java] UnnecessaryImport false positive for multiline @see Javadoc
• java-design
  • #5804: [java] UselessOverridingMethod doesn't play well with UnnecessarySuppressWarning

🚨 API Changes

Rule Test Schema

The rule test schema has been extended to support verifying suppressed violations.
See Testing your rules for more information.

Also note, the schema rule-tests.xsd
is now only in the module "pmd-test-schema". It has been removed from the old location from module "pmd-test".

💵 Financial Contributions

Many thanks to our sponsors:

• Cybozu (@cybozu)

✨ Merged pull requests

• #5738: chore: Remove unused private methods in test classes - Pankraz76 (@Pankraz76)
• #5745: [ci] New "Publish Release" workflow - Andreas Dangel (@adangel)
• #5791: [doc] Add a simple check whether generate rule doc pages exist - Andreas Dangel (@adangel)
• #5797: [doc] Update sponsors - Andreas Dangel (@adangel)
• #5800: Fix #5793: [java] NonExhaustiveSwitch should ignore "case null" - Andreas Dangel (@adangel)
• #5803: chore: Remove unnecessary suppress warnings - Andreas Dangel (@adangel)
• #5805: Fix #5804: [java] UselessOverridingMethod needs to ignore SuppressWarnings - Andreas Dangel (@adangel)
• #5806: [test] Verify suppressed violations in rule tests - Andreas Dangel (@adangel)
• #5814: Fix #5788: [apex] ApexCRUDViolation - consider deeper nested Soql - Andreas Dangel (@adangel)
• #5815: Fix #5785: [java] UnusedPrivateField should ignore SuppressWarnings - Andreas Dangel (@adangel)
• #5818: Fix #2304: [java] UnnecessaryImport FP for on-demand imports in JavaDoc - Lukas Gräf (@lukasgraef)
• #5821: [apex] New Rule: Avoid boolean method parameters - Mitch Spano (@mitchspano)
• #5823: [doc] Fix javadoc plugin configuration - Andreas Dangel (@adangel)
• #5833: Fix #1639 #5832: Use filtered comment text for UnnecessaryImport - Andreas Dangel (@adangel)
• #5851: chore: [java] ReplaceHashtableWithMap: Fix name of test - UncleOwen (@UncleOwen)

📦 Dependency updates

• #5775: Bump PMD from 7.13.0 to 7.14.0
• #5778: Bump the all-gems group across 2 directories with 3 updates
• #5779: Bump org.codehaus.mojo:exec-maven-plugin from 3.5.0 to 3.5.1
• #5780: Bump org.apache.maven.plugins:maven-clean-plugin from 3.4.1 to 3.5.0
• #5781: Bump com.google.protobuf:protobuf-java from 4.31.0 to 4.31.1
• #5782: Bump org.apache.groovy:groovy from 4.0.26 to 4.0.27
• #5783: Bump com.puppycrawl.tools:checkstyle from 10.24.0 to 10.25.0
• #5784: Bump org.junit:junit-bom from 5.12.2 to 5.13.0
• #5807: Bump maven from 3.9.8 to 3.9.10
• #5809: Bump org.codehaus.mojo:build-helper-maven-plugin from 3.6.0 to 3.6.1
• #5810: Bump org.junit:junit-bom from 5.13.0 to 5.13.1
• #5811: Bump junit5.platform.version from 1.13.0 to 1.13.1
• #5812: Bump org.checkerframework:checker-qual from 3.49.3 to 3.49.4
• #5813: Bump the all-gems group across 2 directories with 1 update
• #5828: Bump scalameta.version from 4.13.6 to 4.13.7
• #5829: Bump liquid from 5.8.6 to 5.8.7 in /.ci/files in the all-gems group across 1 directory
• #5838: Bump marocchino/sticky-pull-request-comment from 2.9.2 to 2.9.3 in the all-actions group
• #5839: Bump log4j.version from 2.24.3 to 2.25.0
• #5840: Bump com.puppycrawl.tools:checkstyle from 10.25.0 to 10.25.1
• #5841: Bump net.bytebuddy:byte-buddy-agent from 1.17.5 to 1.17.6
• #5842: Bump net.bytebuddy:byte-buddy from 1.17.5 to 1.17.6
• #5843: Bump org.sonatype.central:central-publishing-maven-plugin from 0.7.0 to 0.8.0
• #5844: Bump ostruct from 0.6.1 to 0.6.2 in /.ci/files in the all-gems group across 1 directory
• #5853: Bump build-tools from 30 to 32

📈 Stats

• 91 commits
• 24 closed tickets & PRs
• Days since last release: 27

30-May-2025 - 7.14.0

The PMD team is pleased to announce PMD 7.14.0.

This is a minor release.

Table Of Contents

• 🚀 New and noteworthy
  • PMD CLI now uses threaded execution by default
  • New Rule UnnecessaryWarningSuppression (experimental)
  • Migrating to Central Publisher Portal
  • More CLI parameters shared between PMD and CPD
• 🐛 Fixed Issues
• 🚨 API Changes
  • CLI
  • Deprecations
  • Experimental
• ✨ Merged pull requests
• 📦 Dependency updates
• 📈 Stats

🚀 New and noteworthy

PMD CLI now uses threaded execution by default

In the PMD CLI, the --threads (-t) option can now accept a thread
count given relative to the number of cores of the machine. For instance,
it is now possible to write -t 1C to spawn one thread per core, or -t 0.5C
to spawn one thread for every other core.

The thread count option now defaults to 1C, meaning parallel execution
is used by default. You can disable this by using -t 1.

New Rule UnnecessaryWarningSuppression (experimental)

This new Java rule UnnecessaryWarningSuppression reports unused suppression
annotations and comments. Violations of this rule cannot be suppressed.

How to use it? Just include it in your ruleset:

<rule ref="category/java/bestpractices.xml/UnnecessaryWarningSuppression" />

Note: This rule is currently experimental. It is available for now only for Java.
The rule for now only reports annotations specific to PMD, like @SuppressWarnings("PMD").
In the future we might be able to check for other common ones like @SuppressWarnings("unchecked") or "fallthrough".
Since violations of this rule cannot be suppressed, we opted here on the side of false-negatives and
don't report every unused case yet.
However, suppressing specific PMD rules is working as expected.

Migrating to Central Publisher Portal

We've now migrated to Central Publisher Portal.
Snapshots of PMD are still available, however the repository URL changed. To consume these with maven, you can
use the following snippet:

<repositories>
  <repository>
    <name>Central Portal Snapshots</name>
    <id>central-portal-snapshots</id>
    <url>https://central.sonatype.com/repository/maven-snapshots/</url>
    <releases>
      <enabled>false</enabled>
    </releases>
    <snapshots>
      <enabled>true</enabled>
    </snapshots>
  </repository>
</repositories>

Releases of PMD are available on Maven Central as before without change.

More CLI parameters shared between PMD and CPD

When executing PMD or CPD, the same parameters are now understood for selecting which files should
be analyzed. See File collection options
for a list of common, shared parameters that are valid for both commands.

🐛 Fixed Issues

• core
  • #648: [core] Warn on unneeded suppression
  • #5700: [core] Don't accidentally catch unexpected runtime exceptions in CpdAnalysis
  • #5705: [cli] PMD's start script fails if PMD_HOME is set
• java-bestpractices
  • #5061: [java] UnusedLocalVariable false positive when variable is read as side effect of an assignment
  • #5621: [java] UnusedPrivateMethod with method ref
  • #5724: [java] ImplicitFunctionalInterface should not be reported on sealed interfaces
• java-codestyle
  • #2462: [java] LinguisticNaming must ignore setters that returns current type (Builder pattern)
  • #5634: [java] CommentDefaultAccessModifier doesn't recognize /* package */ comment at expected location for constructors
• java-design
  • #5568: [java] High NPathComplexity in switch expression
  • #5647: [java] NPathComplexity does not account for returns
• java-errorprone
  • #5702: [java] InvalidLogMessageFormat: Lombok @Slf4j annotation is not interpreted by PMD
• java-performance
  • #5711: [java] UseArraysAsList false positive with Sets
• visualforce
  • #5476: [visualforce] NPE when analyzing standard field references in visualforce page

🚨 API Changes

CLI

• CPD now supports --report-file (-r) and --exclude-file-list.
• PMD now supports --exclude and --non-recursive.
• The option --ignore-list in PMD is renamed to --exclude-file-list.

Deprecations

• CLI
  • The option --ignore-list has been deprecated. Use --exclude-file-list instead.
• core
  • AstInfo#getSuppressionComments: Use getAllSuppressionComments
    or getSuppressionComment.
  • AstInfo#withSuppressMap: Use withSuppressionComments
  • AbstractTokenManager#suppressMap: Don't use this map directly anymore. Instead,
    use getSuppressionComments.
  • AbstractTokenManager#getSuppressMap: Use
    getSuppressionComments instead.
• pmd-java
  • ASTCompactConstructorDeclaration#getDeclarationNode: This method just returns this and isn't useful.
  • JavaMetrics#NPATH: Use NPATH_COMP, which is available on more nodes,
    and uses Long instead of BigInteger.

Experimental

• core
  • SuppressionCommentImpl
  • UnnecessaryPmdSuppressionRule
  • RuleContext#addViolationNoSuppress
  • ViolationSuppressor.SuppressionCommentWrapper
• pmd-java
  • OverloadSelectionResult#getTypeToSearch

✨ Merged pull requests

• #5584: [ci] New workflow "Publish Snapshot" - Andreas Dangel (@adangel)
• #5599: [java] Rewrite NPath complexity metric - Clément Fournier (@oowekyala)
• #5609: [core] Add rule to report unnecessary suppression comments/annotations - Clément Fournier (@oowekyala)
• #5699: Fix #5702: [java] First-class support for lombok @Slf4j - Clément Fournier (@oowekyala)
• #5700: [core] Don't accidentally catch unexpected r...

25-April-2025 - 7.13.0

The PMD team is pleased to announce PMD 7.13.0.

This is a minor release.

Table Of Contents

• 🚀 New and noteworthy
  • Docker images
  • Experimental support for language dialects
  • ✨ New Rules
• 🐛 Fixed Issues
• 🚨 API Changes
  • Deprecations
  • Experimental API
• ✨ Merged pull requests
• 📦 Dependency updates
• 📈 Stats

🚀 New and noteworthy

Docker images

PMD is now providing official docker images at https://hub.docker.com/r/pmdcode/pmd and
https://github.com/pmd/docker/pkgs/container/pmd.

You can now analyze your code with PMD by using docker like so:

docker run --rm --tty -v $PWD:/src pmdcode/pmd:latest check -d . -R rulesets/java/quickstart.xml`

More information is available at https://github.com/pmd/docker.

Experimental support for language dialects

A dialect is a particular form of another supported language. For example, an XSLT is a particular
form of an XML. Even though the dialect has its own semantics and uses, the contents are still readable
by any tool capable of understanding the base language.

In PMD, a dialect allows to set up completely custom rules, XPath functions, properties and metrics
for these files; while retaining the full support of the underlying base language including
already existing rules and XPath functions.

See [core] Support language dialects #5438 and
Adding a new dialect for more information.

✨ New Rules

• The new Apex rule TypeShadowsBuiltInNamespace finds Apex classes, enums, and interfaces
  that have the same name as a class, enum, or interface in the System or Schema namespace.
  Shadowing these namespaces in this way can lead to confusion and unexpected behavior.

🐛 Fixed Issues

• core
  • #5438: [core] Support language dialects
  • #5448: Maintain a public PMD docker image
  • #5525: [core] Add rule priority as level to Sarif report
  • #5623: [dist] Make pmd launch script compatible with /bin/sh
• apex-bestpractices
  • #5667: [apex] ApexUnitTestShouldNotUseSeeAllDataTrue false negative when seeAllData parameter is a string
• apex-errorprone
  • #3184: [apex] Prevent classes from shadowing System Namespace
• java
  • #5645: [java] Parse error on switch with yield
• java-bestpractices
  • #5687: [java] UnusedPrivateMethodRule: exclude serialization method readObjectNoData()
• plsql
  • #5675: [plsql] Parse error with TREAT function

🚨 API Changes

Deprecations

• net.sourceforge.pmd.lang.xml.pom.PomLanguageModule is deprecated. POM is now a dialect of XML.
  Use PomDialectModule instead.
• net.sourceforge.pmd.lang.xml.wsdl.WsdlLanguageModule is deprecated. WSDL is now a dialect of XML.
  Use WsdlDialectModule instead.
• net.sourceforge.pmd.lang.xml.xsl.XslLanguageModule is deprecated. XSL is now a dialect of XML.
  Use XslDialectModule instead.

Experimental API

• The core API around support for language dialects:
  • Language#getBaseLanguageId
  • Language#isDialectOf
  • LanguageModuleBase#<init>
  • LanguageModuleBase#asDialectOf
  • LanguageModuleBase.DialectLanguageMetadata
  • BasePmdDialectLanguageVersionHandler
  • SimpleDialectLanguageModuleBase

✨ Merged pull requests

• #5438: [core] Support language dialects - Juan Martín Sotuyo Dodero (@jsotuyod)
• #5450: Fix #3184: [apex] New Rule: TypeShadowsBuiltInNamespace - Mitch Spano (@mitchspano)
• #5573: Fix #5525: [core] Add Sarif Level Property - julees7 (@julees7)
• #5623: [dist] Make pmd launch script compatible with /bin/sh - Clément Fournier (@oowekyala)
• #5648: Fix #5645: [java] Parse error with yield statement - Clément Fournier (@oowekyala)
• #5652: [java] Cleanup AccessorClassGenerationRule implementation - Pankraz76 (@Pankraz76)
• #5672: [doc] Fix its/it's and doable/double typos - John Jetmore (@jetmore)
• #5674: Fix #5448: [ci] Maintain public Docker image - Andreas Dangel (@adangel)
• #5684: Fix #5667: [apex] ApexUnitTestShouldNotUseSeeAllDataTrue false negative when seeAllDate parameter is a string - Thomas Prouvot (@tprouvot)
• #5685: [doc] typo fix in PMD Designer reference - Douglas Griffith (@dwgrth)
• #5686: Fix #5675: [plsql] Support TREAT function with specified datatype - Andreas Dangel (@adangel)
• #5687: [java] UnusedPrivateMethodRule: exclude serialization method readObjectNoData() - Gili Tzabari (@cowwoc)
• #5688: [java] Fix Double Literal for Java19+ compatibility - Andreas Dangel (@adangel)

📦 Dependency updates

• #5607: Bump org.junit:junit-bom from 5.11.4 to 5.12.1
• #5641: Bump PMD from 7.11.0 to 7.12.0
• #5653: Bump org.sonarsource.scanner.maven:sonar-maven-plugin from 5.0.0.4389 to 5.1.0.4751
• #5654: Bump surefire.version from 3.5.2 to 3.5.3
• #5655: Bump com.google.guava:guava from 33.4.5-jre to 33.4.6-jre
• #5656: Bump org.ow2.asm:asm from 9.7.1 to 9.8
• #5657: Bump com.google.protobuf:protobuf-java from 4.30.1 to 4.30.2
• #5658: Bump logger from 1.6.6 to 1.7.0 in /.ci/files in the all-gems group across 1 directory
• #5671: Bump checkstyle from 10.21.4 to 10.23.0
• #5676: Bump org.checkerframework:checker-qual from 3.49.1 to 3.49.2
• #5677: Bump junit5.platform.version from 1.12.1 to 1.12.2
• #5678: Bump org.apache.commons:commons-text from 1.13.0 to 1.13.1
• #5679: Bump com.google.guava:guava from 33.4.6-jre to 33.4.7-jre
• #5680: Bump org.mockito:mockito-core from 5.16.1 to 5.17.0
• #5681: Bump org.jacoco:jacoco-maven-plugin from 0.8.12 to 0.8.13
• [#5682](#5...

28-March-2025 - 7.12.0

The PMD team is pleased to announce PMD 7.12.0.

This is a minor release.

Table Of Contents

• 🚀 New and noteworthy
  • ✨ New Rules
• 🐛 Fixed Issues
• 🚨 API Changes
  • Deprecations
• ✨ Merged pull requests
• 📦 Dependency updates
• 📈 Stats

🚀 New and noteworthy

✨ New Rules

• The new Java rule ImplicitFunctionalInterface reports functional interfaces that were
  not explicitly declared as such with the annotation @FunctionalInterface. If an interface is accidentally a functional
  interface, then it should bear a @SuppressWarnings("PMD.ImplicitFunctionalInterface")
  annotation to make this clear.

🐛 Fixed Issues

• core
  • #5593: [core] Make renderers output files in deterministic order even when multithreaded
• apex
  • #5567: [apex] Provide type information for CastExpression
• apex-design
  • #5616: [apex] ExcessiveParameterList reports entire method instead of signature only
• java
  • #5587: [java] Thread deadlock during PMD analysis in ParseLock.getFinalStatus
• java-bestpractices
  • #2849: [java] New Rule: ImplicitFunctionalInterface
  • #5369: [java] UnusedPrivateMethod false positives with lombok.val
  • #5590: [java] LiteralsFirstInComparisonsRule not applied on constant
  • #5592: [java] UnusedAssignment false positive in record compact constructor
• java-codestyle
  • #5079: [java] LocalVariableCouldBeFinal false-positive with lombok.val
  • #5452: [java] PackageCase: Suppression comment has no effect due to finding at wrong position in case of JavaDoc comment
• plsql
  • #4441: [plsql] Parsing exception with XMLQUERY function in SELECT
  • #5521: [plsql] Long parse time and eventually parse error with XMLAGG order by clause

🚨 API Changes

Deprecations

• java
  • The method buildConstValue is deprecated for removal. It should
    have been package-private from the start. In order to get the (compile time) const value of an expression, use
    getConstValue or getConstFoldingResult
    instead.
  • For the same reason, the following methods are also deprecated for removal:
    buildConstValue and buildConstValue.

• JTypeVar#withUpperbound is deprecated. It was previously meant to be used
  internally and not needed anymore.

✨ Merged pull requests

• #5550: Fix #5521: [plsql] Improve parser performance by reducing lookaheads - Andreas Dangel (@adangel)
• #5554: Fix #5369: [java] Consider that lombok.val and var are inferred - Clément Fournier (@oowekyala)
• #5555: Fix #2849: [java] Add rule ImplicitFunctionalInterface - Clément Fournier (@oowekyala)
• #5556: [ci] New workflow "Publish Results from Pull Requests" - Andreas Dangel (@adangel)
• #5574: Fix #5567: [apex] Provide type info for CastExpression - Andreas Dangel (@adangel)
• #5583: [java] Fix race condition in ClassStub for inner classes - Andreas Dangel (@adangel)
• #5586: [java/core] Micro optimizations - Clément Fournier (@oowekyala)
• #5588: [java] Fix crash when parsing class for anonymous class - Clément Fournier (@oowekyala)
• #5591: Fix #5587: [java] Fix deadlock while loading ClassStub - Clément Fournier (@oowekyala)
• #5593: [core] Make renderers output files in deterministic order even when multithreaded - Clément Fournier (@oowekyala)
• #5595: Fix #5590: [java] LiteralsFirstInComparisons with constant field - Clément Fournier (@oowekyala)
• #5596: Fix #4441: [plsql] XMLQuery - Support identifier as XQuery_string parameter - Andreas Dangel (@adangel)
• #5598: Fix #5592: [java] Fix UnusedAssignment FP with compact record ctor - Clément Fournier (@oowekyala)
• #5600: Fix #5079: [java] LocalVariableCouldBeFinal false-positive with lombok.val - Clément Fournier (@oowekyala)
• #5611: Fix #5452: [java] PackageCase reported on wrong line - Clément Fournier (@oowekyala)
• #5617: Fix #5616: [apex] ExcessiveParameterList: Report only method signature - Andreas Dangel (@adangel)
• #5618: [doc] Fix search index - Andreas Dangel (@adangel)

📦 Dependency updates

• #5558: Bump PMD from 7.10.0 to 7.11.0
• #5561: Bump org.apache.groovy:groovy from 4.0.25 to 4.0.26
• #5562: Bump org.junit.platform:junit-platform-suite from 1.11.4 to 1.12.0
• #5564: Bump org.apache.maven.plugins:maven-clean-plugin from 3.4.0 to 3.4.1
• #5565: Bump org.apache.maven.plugins:maven-deploy-plugin from 3.1.3 to 3.1.4
• #5566: Bump io.github.apex-dev-tools:apex-ls_2.13 from 5.7.0 to 5.8.0
• #5571: Bump nokogiri from 1.16.7 to 1.18.3
• #5572: Bump uri from 0.13.1 to 1.0.3
• #5575: Bump org.jsoup:jsoup from 1.18.3 to 1.19.1
• #5576: Bump scalameta.version from 4.13.2 to 4.13.3
• #5577: Bump org.yaml:snakeyaml from 2.3 to 2.4
• #5578: Bump com.google.protobuf:protobuf-java from 4.29.3 to 4.30.0
• #5580: Bump net.bytebuddy:byte-buddy from 1.17.1 to 1.17.2
• #5581: Bump com.puppycrawl.tools:checkstyle from 10.21.3 to 10.21.4
• #5582: Bump the gems liquid to 5.8.1 and logger to 1.6.6
• #5602: Bump org.apache.maven.plugins:maven-install-plugin from 3.1.3 to 3.1.4
• #5603: Bump net.bytebuddy:byte-buddy-agent from 1.17.1 to 1.17.2
• #5604: Bump org.mockito:mockito-core from 5.15.2 to 5.16.1
• #5605: Bump org.junit.platform:junit-platform-suite from 1.12.0 to 1.12.1
• #5606: Bump org.checkerframework:checker-qual from 3.49.0 to 3.49.1
• #5608: Bump com.google.protobuf:protobuf-java from 4.30.0 to 4.30.1
• #5619: Bump nokogiri from 1.18.3 to 1.18.5
• #5624: Bump scalameta.version from 4.13.3 to 4.13.4
• #5627: Bump net.bytebuddy:byte-buddy-agent from 1.17.2 to 1.17.4
• #5628: Bump io.github.apex-dev-tools:apex-ls_2.13 from 5.8.0 to 5.9.0
• #5629: Bump com.google.guava:guava from 33.4.0-jre to 33.4.5-jre
• #5630: Bump net.bytebuddy:byte-buddy from 1.17.2 to 1.17.4

📈 Stats

28-February-2025 - 7.11.0

The PMD team is pleased to announce PMD 7.11.0.

This is a minor release.

Table Of Contents

• 🚀 New and noteworthy
  • ✨ New Rules
  • Signed Releases
• 🐛 Fixed Issues
• 🚨 API Changes
  • Deprecations
• ✨ Merged pull requests
• 📦 Dependency updates
• 📈 Stats

🚀 New and noteworthy

✨ New Rules

• The new Apex rule AvoidStatefulDatabaseResult detects Database.Stateful implementations
  that store database results in instance variables. This can cause serialization issues between successive batch
  iterations.

Signed Releases

We now not only sign the maven artifacts, but also our binary distribution files that you can
download from GitHub Releases.
See the page Signed Releases in our documentation for how to verify the files.

🐛 Fixed Issues

• apex-errorprone
  • #5305: [apex] New Rule: Avoid Stateful Database Results
• java
  • #5442: [java] StackOverflowError with recursive generic types
  • #5493: [java] IllegalArgumentException: <?> cannot be a wildcard bound
  • #5505: [java] java.lang.StackOverflowError while executing a PmdRunnable
• java-bestpractices
  • #3359: [java] UnusedPrivateMethod does not recognize Lombok @EqualsAndHashCode.Include annotation
  • #5486: [java] UnusedPrivateMethod detected when class is referenced in another class
  • #5504: [java] UnusedAssignment false-positive in for-loop with continue
• java-codestyle
  • #4822: [java] UnnecessaryCast false-positive for raw types
  • #5073: [java] UnnecessaryCast false-positive for cast in return position of lambda
  • #5440: [java] UnnecessaryCast reported in stream chain map() call that casts to more generic interface
  • #5523: [java] UnnecessaryCast false-positive for integer operations in floating-point context
  • #5541: [java] Fix IdenticalCatchBranch reporting branches that call different overloads
• java-design
  • #5018: [java] FinalFieldCouldBeStatic false-positive for access of super class field
• plsql
  • #5522: [plsql] Parse error for operator in TRIM function call

🚨 API Changes

Deprecations

• java
  • The method TypeOps#isContextDependent(JMethodSig) is deprecated for removal.
    Use isContextDependent(JExecutableSymbol) instead which
    is more flexible.

✨ Merged pull requests

• #5425: [apex] New Rule: Avoid Stateful Database Results - Mitch Spano (@mitchspano)
• #5491: [docs] Call render_release_notes.rb within docs - Andreas Dangel (@adangel)
• #5492: [docs] Add security page with known vulnerabilities - Andreas Dangel (@adangel)
• #5503: [java] AvoidSynchronizedAtMethodLevel: Fixed error in code example - Balazs Glatz (@gbq6)
• #5507: Fix #5486: [java] Fix UnusedPrivateMethod - always search decls in current AST - Andreas Dangel (@adangel)
• #5508: Fix #3359: [java] UnusedPrivateMethod: Ignore lombok.EqualsAndHashCode.Include - Andreas Dangel (@adangel)
• #5510: [ci] Add signed releases - Andreas Dangel (@adangel)
• #5524: [ci] New optimized workflow for pull requests - Andreas Dangel (@adangel)
• #5526: Fix #5523: [java] UnnecessaryCast FP with integer division - Clément Fournier (@oowekyala)
• #5527: Fix #5522: [plsql] Allow arbitrary expressions for TRIM - Andreas Dangel (@adangel)
• #5528: Fix #5442: [java] Fix stackoverflow with recursive generic types - Clément Fournier (@oowekyala)
• #5529: Fix #5493: [java] IllegalArgumentException with wildcard bound - Clément Fournier (@oowekyala)
• #5530: Fix #5073: [java] UnnecessaryCast FP with lambdas - Clément Fournier (@oowekyala)
• #5537: Fix #5504: [java] UnusedAssignment FP with continue in foreach loop - Clément Fournier (@oowekyala)
• #5538: Add project icon for IntelliJ IDEA - Vincent Potucek (@pankratz227)
• #5539: [plsql] Add OracleDBUtils as regression testing project - Andreas Dangel (@adangel)
• #5541: [java] Fix IdenticalCatchBranch reporting branches that call different overloads - Clément Fournier (@oowekyala)
• #5542: Add GitHub issue links in IDEA git log - Andreas Dangel (@adangel)
• #5544: [javacc] Move grammar files into src/main/javacc - Andreas Dangel (@adangel)
• #5551: [doc] Update contributors for 7.11.0 - Andreas Dangel (@adangel)
• #5552: Fix #4822: [java] UnnecessaryCast FP with unchecked cast - Clément Fournier (@oowekyala)
• #5553: Fix #5018: [java] FinalFieldCouldBeStatic FP with super field access - Clément Fournier (@oowekyala)

📦 Dependency updates

• #5490: Bump PMD from 7.9.0 to 7.10.0
• #5494: Bump liquid from 5.7.1 to 5.7.2 in the all-gems group across 1 directory
• #5497: Bump net.bytebuddy:byte-buddy-agent from 1.16.1 to 1.17.0
• #5498: Bump org.assertj:assertj-core from 3.25.3 to 3.27.3
• #5499: Bump org.mockito:mockito-core from 5.14.2 to 5.15.2
• #5500: Bump org.junit:junit-bom from 5.11.2 to 5.11.4
• #5501: Bump org.scala-lang:scala-reflect from 2.13.15 to 2.13.16
• #5516: Bump org.jetbrains:annotations from 26.0.1 to 26.0.2
• #5517: Bump net.bytebuddy:byte-buddy from 1.15.11 to 1.17.0
• #5518: Bump org.junit.platform:junit-platform-suite from 1.11.3 to 1.11.4
• #5519: Bump org.checkerframework:checker-qual from 3.48.3 to 3.49.0
• #5520: Bump com.google.guava:guava from 33.0.0-jre to 33.4.0-jre
• #5532: Bump net.bytebuddy:byte-buddy-agent from 1.17.0 to 1.17.1
• #5533: Bump log4j.version from 2.24.2 to 2.24.3
• #5534: Bump com.google.code.gson:gson from 2.11.0 to 2.12.1
• #5535: Bump scalameta.version from 4.12.7 to 4.13.1.1
• #5536: Bump org.apache.groovy:groovy from 4.0.24 to 4.0.25
• #5545: Bump commons-logging:commons-logging from 1.3.4 to 1.3.5
• #5546: Bump scalameta.version from 4.13.1.1 to 4.13.2
• #5547: Bump net.bytebuddy:byte-buddy from 1.17.0 to 1.17.1
• #5548: Bump com.puppycrawl.tools:checkstyle from 10.21.2 to 10.21.3
• #5549: Bump org.apache.maven.plugins:maven-compiler-plugin from 3.13.0 to 3.14.0

📈 Stats

• 97 commits
• 35 closed tickets & PRs
  ...

31-January-2025 - 7.10.0

The PMD team is pleased to announce PMD 7.10.0.

This is a minor release.

Table Of Contents

• 🚀 New and noteworthy
  • 🚀 New: Java 24 Support
  • New GPG Release Signing Key
  • Updated PMD Designer
• 🌟 New and changed rules
  • New Rules
• 🐛 Fixed Issues
• 🚨 API Changes
  • Removed Experimental API
• ✨ Merged pull requests
• 📦 Dependency updates
• 📈 Stats

🚀 New and noteworthy

🚀 New: Java 24 Support

This release of PMD brings support for Java 24. There are no new standard language features,
but a couple of preview language features:

• JEP 488: Primitive Types in Patterns, instanceof, and switch (Second Preview)
• JEP 492: Flexible Constructor Bodies (Third Preview)
• JEP 494: Module Import Declarations (Second Preview)
• JEP 495: Simple Source Files and Instance Main Methods (Fourth Preview)

In order to analyze a project with PMD that uses these preview language features,
you'll need to enable it via the environment variable PMD_JAVA_OPTS and select the new language
version 24-preview:

export PMD_JAVA_OPTS=--enable-preview
pmd check --use-version java-24-preview ...

Note: Support for Java 22 preview language features have been removed. The version "22-preview"
is no longer available.

New GPG Release Signing Key

Since January 2025, we switched the GPG Key we use for signing releases in Maven Central to be
A0B5CA1A4E086838.
The full fingerprint is 2EFA 55D0 785C 31F9 56F2 F87E A0B5 CA1A 4E08 6838.

This step was necessary, as the passphrase of the old key has been compromised and therefore the key is not
safe to use anymore. While the key itself is not compromised as far as we know, we still decided to generate a
new key, just to be safe. As until now (January 2025) we are not aware, that the key actually has been misused.
The previous releases of PMD in Maven Central can still be considered untampered, as Maven Central is read-only.

This unexpected issue was discovered while checking Reproducible Builds by a
third party.

The security advisory about the compromised passphrase is tracked as
GHSA-88m4-h43f-wx84
and CVE-2025-23215.

Updated PMD Designer

This PMD release ships a new version of the pmd-designer.
For the changes, see PMD Designer Changelog (7.10.0).

🌟 New and changed rules

New Rules

• The new Java rule ExhaustiveSwitchHasDefault finds switch statements and
  expressions, that cover already all cases but still have a default case. This default case is unnecessary
  and prevents getting compiler errors when e.g. new enum constants are added without extending the switch.

🐛 Fixed Issues

• apex
  • #5388: [apex] Parse error with time literal in SOQL query
  • #5456: [apex] Issue with java dependency apex-parser-4.3.1 but apex-parser-4.3.0 works
• apex-security
  • #3158: [apex] ApexSuggestUsingNamedCred false positive with Named Credential merge fields
• documentation
  • #2492: [doc] Promote wiki pages to standard doc pages
• java
  • #5154: [java] Support Java 24
• java-performance
  • #5311: [java] TooFewBranchesForSwitch false positive for exhaustive switches over enums without default case

🚨 API Changes

Removed Experimental API

• pmd-java
  • net.sourceforge.pmd.lang.java.ast.ASTTemplate, net.sourceforge.pmd.lang.java.ast.ASTTemplateExpression,
    net.sourceforge.pmd.lang.java.ast.ASTTemplateFragment: These nodes were introduced with Java 21 and 22
    Preview to support String Templates. However, the String Template preview feature was not finalized
    and has been removed from Java for now. We now cleaned up the PMD implementation of it.

✨ Merged pull requests

• #5327: [apex] Update apex-parser and summit-ast - Andreas Dangel (@adangel)
• #5412: [java] Support exhaustive switches - Andreas Dangel (@adangel)
• #5449: Use new gpg key (A0B5CA1A4E086838) - Andreas Dangel (@adangel)
• #5458: [doc] Move Wiki pages into main documentation, cleanups - Andreas Dangel (@adangel)
• #5471: [java] Support Java 24 - Andreas Dangel (@adangel)
• #5488: [apex] Fix #3158: Recognize Named Credentials merge fields in ApexSuggestUsingNamedCredRule - William Brockhus (@YodaDaCoda)

📦 Dependency updates

• #5423: Bump PMD from 7.8.0 to 7.9.0
• #5433: Bump org.codehaus.mojo:exec-maven-plugin from 3.2.0 to 3.5.0
• #5434: Bump commons-logging:commons-logging from 1.3.0 to 1.3.4
• #5435: Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.4.1 to 3.5.0
• #5436: Bump the all-gems group across 2 directories with 1 update
• #5445: Bump org.junit.platform:junit-platform-commons from 1.11.2 to 1.11.4
• #5446: Bump org.sonarsource.scanner.maven:sonar-maven-plugin from 3.10.0.2594 to 5.0.0.4389
• #5459: Bump org.apache.maven.plugins:maven-gpg-plugin from 3.1.0 to 3.2.7
• #5460: Bump org.apache.commons:commons-text from 1.12.0 to 1.13.0
• #5461: Bump com.google.protobuf:protobuf-java from 4.29.1 to 4.29.3
• #5472: Bump net.bytebuddy:byte-buddy-agent from 1.15.11 to 1.16.1
• #5473: Bump org.sonatype.plugins:nexus-staging-maven-plugin from 1.6.13 to 1.7.0
• #5474: Bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.23.0 to 0.23.1
• #5475: Bump liquid from 5.6.0 to 5.7.0 in the all-gems group across 1 directory
• #5479: Bump pmd-designer from 7.2.0 to 7.10.0
• #5480: Bump scalameta.version from 4.9.1 to 4.12.7
• #5481: Bump liquid from 5.7.0 to 5.7.1 in the all-gems group across 1 directory
• #5482: Bump org.codehaus.mojo:versions-maven-plugin from 2.17.1 to 2.18.0
• #5483: Bump org.jetbrains.dokka:dokka-maven-plugin from 1.9.20 to 2.0.0
• #5484: Bump com.github.hazendaz.maven:coveralls-maven-plugin from 4.5.0-M5 to 4.5.0-M6
• #5485: Bump com.puppycrawl.tools:checkstyle from 10.20.2 to 10.21.2

📈 Stats

• 70 commits
• 13 closed tickets & PRs
• Days since last release: 34

27-December-2024 - 7.9.0

The PMD team is pleased to announce PMD 7.9.0.

This is a minor release.

Table Of Contents

• 🚀 New and noteworthy
  • New: CPD support for Rust
• 🐛 Fixed Issues
• 🚨 API Changes
  • Experimental API
• ✨ Merged pull requests
• 📦 Dependency updates
• 📈 Stats

🚀 New and noteworthy

New: CPD support for Rust

CPD now supports Rust, a blazingly fast and memory-efficient programming language.
It is shipped in the new module pmd-rust.

🐛 Fixed Issues

• cli
  • #5399: [cli] Windows: PMD fails to start with special characters in path names
  • #5401: [cli] Windows: Console output doesn't use unicode
• java
  • #5096: [java] StackOverflowError with recursively bound type variable
• java-bestpractices
  • #4861: [java] UnusedPrivateMethod - false positive with static methods in core JDK classes
• java-documentation
  • #2996: [java] CommentSize rule violation is not suppressed at method level

🚨 API Changes

Experimental API

• pmd-core: RuleContext#addViolationWithPosition

✨ Merged pull requests

• #4939: [java] Fix #2996 - CommentSize/CommentContent suppression - Clément Fournier (@oowekyala)
• #5376: [java] Fix #4861 - UnusedPrivateMethod FP in JDK classes - Clément Fournier (@oowekyala)
• #5387: [java] Fix #5096 - StackOverflowError with recursively bounded tvar - Clément Fournier (@oowekyala)
• #5400: Fix #5399: [cli] pmd.bat: Quote all variables when using SET - Andreas Dangel (@adangel)
• #5402: Fix #5401: [cli] pmd.bat: set codepage to 65001 (UTF-8) - Andreas Dangel (@adangel)
• #5404: [doc] Update tools / integrations / ide plugins / news pages - Andreas Dangel (@adangel)
• #5414: Add Rust CPD - Julia Paluch (@juliapaluch)

📦 Dependency updates

• #5375: Bump pmd from 7.7.0 to 7.8.0
• #5377: Bump com.puppycrawl.tools:checkstyle from 10.20.1 to 10.20.2
• #5378: Bump net.bytebuddy:byte-buddy from 1.14.12 to 1.15.10
• #5379: Bump io.github.git-commit-id:git-commit-id-maven-plugin from 7.0.0 to 9.0.1
• #5380: Bump org.apache.maven.plugins:maven-shade-plugin from 3.5.2 to 3.6.0
• #5384: Bump org.apache.groovy:groovy from 4.0.19 to 4.0.24
• #5390: Bump com.google.protobuf:protobuf-java from 4.28.2 to 4.29.1
• #5391: Bump org.hamcrest:hamcrest from 2.2 to 3.0
• #5392: Bump org.codehaus.mojo:build-helper-maven-plugin from 3.5.0 to 3.6.0
• #5393: Bump org.jsoup:jsoup from 1.17.2 to 1.18.3
• #5394: Bump org.apache.maven.plugins:maven-jar-plugin from 3.3.0 to 3.4.2
• #5395: Bump webrick from 1.9.0 to 1.9.1 in /docs in the all-gems group across 1 directory
• #5405: Bump org.yaml:snakeyaml from 2.2 to 2.3
• #5406: Bump io.github.apex-dev-tools:apex-ls_2.13 from 5.5.0 to 5.7.0
• #5407: Bump net.bytebuddy:byte-buddy-agent from 1.14.19 to 1.15.11
• #5409: Bump net.bytebuddy:byte-buddy from 1.15.10 to 1.15.11
• #5410: Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.3 to 3.11.2
• #5411: Bump csv from 3.3.0 to 3.3.1 in /docs in the all-gems group across 1 directory
• #5417: Bump org.cyclonedx:cyclonedx-maven-plugin from 2.7.11 to 2.9.1
• #5418: Bump org.checkerframework:checker-qual from 3.48.1 to 3.48.3
• #5419: Bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.5.0 to 3.6.0
• #5422: Bump the all-gems group across 2 directories with 2 updates

📈 Stats

• 69 commits
• 12 closed tickets & PRs
• Days since last release: 28

29-November-2024 - 7.8.0

The PMD team is pleased to announce PMD 7.8.0.

This is a minor release.

Table Of Contents

• 🚀 New and noteworthy
• 🌟 New and changed rules
  • New Rules
• 🐛 Fixed Issues
• 🚨 API Changes
  • Deprecations
• ✨ Merged pull requests
• 📦 Dependency updates
• 📈 Stats

🚀 New and noteworthy

🌟 New and changed rules

New Rules

• The new Apex rule QueueableWithoutFinalizer detects when the Queueable interface
  is used but a Finalizer is not attached. Without attaching a Finalizer, there is no way of designing error
  recovery actions should the Queueable action fail.

🐛 Fixed Issues

• ant
  • #1860: [ant] Reflective access warnings on java > 9 and java < 17
• apex
  • #5302: [apex] New Rule: Queueable Should Attach Finalizer
  • #5333: [apex] Token recognition errors for string containing unicode escape sequence
• html
  • #5322: [html] CPD throws exception on when HTML file is missing closing tag
• java
  • #5283: [java] AssertionError "this should be unreachable" with scala library
  • #5293: [java] Deadlock when executing PMD in multiple threads
  • #5324: [java] Issue with type inference of nested lambdas
  • #5329: [java] Type inference issue with unknown method ref in call chain
  • #5338: [java] Unresolved target type for lambdas make overload resolution fail
• java-bestpractices
  • #4113: [java] JUnitTestsShouldIncludeAssert - false positive with SoftAssertionsExtension
  • #5083: [java] UnusedPrivateMethod false positive when method reference has no target type
  • #5097: [java] UnusedPrivateMethod FP with raw type missing from the classpath
  • #5318: [java] PreserveStackTraceRule: false-positive on Pattern Matching with instanceof
• java-codestyle
  • #5214: [java] Wrong message for LambdaCanBeMethodReference with method of enclosing class
  • #5263: [java] UnnecessaryFullyQualifiedName: false-positive in an enum that uses its own static variables
  • #5315: [java] UnnecessaryImport false positive for on-demand imports
• java-design
  • #4763: [java] SimplifyBooleanReturns - wrong suggested solution
• java-errorprone
  • #5070: [java] ConfusingArgumentToVarargsMethod FP when types are unresolved
• java-performance
  • #5287: [java] TooFewBranchesForSwitch false-positive with switch using list of case constants
  • #5314: [java] InsufficientStringBufferDeclarationRule: Lack of handling for char type parameters
  • #5320: [java] UseStringBufferLength: false-negative on StringBuffer of sb.toString().equals("")

🚨 API Changes

Deprecations

• pmd-coco
  • CocoBaseListener is deprecated for removal. This class was never intended
    to be generated. It will be removed with no replacement.
  • CocoBaseVisitor is deprecated for removal. This class was never intended
    to be generated. It will be removed with no replacement.
  • CocoListener is deprecated for removal. This class was never intended
    to be generated. It will be removed with no replacement.
  • CocoParser is deprecated for removal. This class was never intended
    to be generated. It will be removed with no replacement.
  • CocoVisitor is deprecated for removal. This class was never intended
    to be generated. It will be removed with no replacement.
• pmd-gherkin
  • GherkinBaseListener is deprecated for removal. This class was never intended
    to be generated. It will be removed with no replacement.
  • GherkinBaseVisitor is deprecated for removal. This class was never intended
    to be generated. It will be removed with no replacement.
  • GherkinListener is deprecated for removal. This class was never intended
    to be generated. It will be removed with no replacement.
  • GherkinParser is deprecated for removal. This class was never intended
    to be generated. It will be removed with no replacement.
  • GherkinVisitor is deprecated for removal. This class was never intended
    to be generated. It will be removed with no replacement.
• pmd-julia
  • JuliaBaseListener is deprecated for removal. This class was never intended to
    be generated. It will be removed with no replacement.
  • JuliaBaseVisitor is deprecated for removal. This class was never intended to
    be generated. It will be removed with no replacement.
  • JuliaListener is deprecated for removal. This class was never intended to
    be generated. It will be removed with no replacement.
  • JuliaParser is deprecated for removal. This class was never intended to
    be generated. It will be removed with no replacement.
  • JuliaVisitor is deprecated for removal. This class was never intended to
    be generated. It will be removed with no replacement.
• pmd-kotlin
  • UnicodeClasses is deprecated for removal. This class was never intended to
    be generated. It will be removed with no replacement.
• pmd-xml
  • XMLLexer is deprecated for removal. Use net.sourceforge.pmd.lang.xml.ast.XMLLexer
    instead (note different package ast instead of antlr4).

✨ Merged pull requests

• #5240: Release notes improvements - Andreas Dangel (@adangel)
• #5284: [apex] Use case-insensitive input stream to avoid choking on Unicode escape sequences - Willem A. Hajenius (@wahajenius)
• #5286: [ant] Formatter: avoid reflective access to determine console encoding - Andreas Dangel (@adangel)
• #5289: [java] TooFewBranchesForSwitch - allow list of case constants - Andreas Dangel (@adangel)
• #5296: [xml] Have pmd-xml Lexer in line with other antlr grammars - Juan Martín Sotuyo Dodero (@jsotuyod)
• #5300: Add rule test cases for issues fixed with PMD 7.0.0 - Andreas Dangel (@adangel)
• #5303: [apex] New Rule: Queueable Should Attach Finalizer - Mitch Spano (@mitchspano)
• #5309: [java] Fix #5293: ...