29-May-2018 - 6.4.0
The PMD team is pleased to announce PMD 6.4.0.
This is a minor release.
Table Of Contents
- New and noteworthy
- Fixed Issues
- API Changes
- External Contributions
New and noteworthy
Java 10 Support
PMD is now able to understand local-variable type inference as introduced by Java 10.
Simple type resolution features are available, e.g. the type of the variable
s is inferred
var s = "Java 10";
XPath Type Resolution Functions
For some time now PMD has supported Type Resolution, and exposed this functionality to XPath rules for the Java language
typeof function. This function however had a number of shortcomings:
- It would take a first arg with the name to match if types couldn’t be resolved. In all cases this was
@Imagebut was still required.
- It required 2 separate arguments for the Fully Qualified Class Name and the simple name of the class against which to test.
- If only the Fully Qualified Class Name was provided, no simple name check was performed (not documented, but abused on some rules to “fix” some false positives).
In this release we are deprecating
typeof in favor of a simpler
typeIs function, which behaves exactly as the
typeof when given all 3 arguments.
typeIs receives a single parameter, which is the fully qualified name of the class to test against.
So, calls such as:
//ClassOrInterfaceType[typeof(@Image, 'junit.framework.TestCase', 'TestCase')]
can now we expressed much more concisely as:
With this change, we also allow to check against array types by just appending
 to the fully qualified class name.
These can be repeated for arrays of arrays (e.g.
Additionally, we introduce the companion function
typeIsExactly, that receives the same parameters as
but checks for exact type matches, without considering the type hierarchy. That is, the test
typeIsExactly('junit.framework.TestCase') will match only if the context node is an instance of
not if it’s an instance of a subclass of
TestCase. Be aware then, that using that method with abstract types will
The new Java rule
java-security) detects hard coded keys used for encryption. It is recommended to store keys outside of the source code.
The new Java rule
java-codestyle) finds catch blocks, that catch different exception but perform the same exception handling and thus can be collapsed into a multi-catch try statement.
The Java rule JUnit4TestShouldUseTestAnnotation (
java-bestpractices) has a new parameter “testClassPattern”. It is used to distinguish test classes from other classes and avoid false positives. By default, any class, that has “Test” in its name, is considered a test class.
The Java rule CommentDefaultAccessModifier (
java-codestyle) allows now by default the comment “
/* package */in addition to “
/* default */. This behavior can still be adjusted by setting the property
- #672: [java] Support exact type matches for type resolution from XPath
- #743: [java] Prepare for Java 10
- #1077: [java] Analyzing enum with lambda passed in constructor fails with “The enclosing scope must exist.”
- #1115: [java] Simplify xpath typeof syntax
- #1131: [java] java.lang.ClassFormatError: Absent Code attribute in method that is not native or abstract in class file javax/faces/application/FacesMessage$Severity
- #720: [java] ShortVariable should whitelist lambdas
- #955: [java] Detect identical catch statements
- #1114: [java] Star import overwritten by explicit import is not correctly handled
- #1064: [java] ClassNamingConventions suggests to add Util suffix for simple exception wrappers
- #1065: [java] ClassNamingConventions shouldn’t prohibit numbers in class names
- #1067: [java] [6.3.0] PrematureDeclaration false-positive
- #1096: [java] ClassNamingConventions is too ambitious on finding utility classes
- #1100: [vf] URLENCODE is ignored as valid escape method
- The following classes in package
net.sourceforge.pmd.benchmarkhave been deprecated:
TextReport. Their API is not supported anymore and is disconnected from the internals of PMD. Use the newer API based around
TimeTrackerinstead, which can be found in the same package.
- The class
net.sourceforge.pmd.lang.java.xpath.TypeOfFunctionhas been deprecated. Use the newer
TypeIsFunctionin the same package.
net.sourceforge.pmd.lang.java.xpath.JavaFunctionshave been deprecated. Use the newer
typeIsmethod in the same class instead..
- The methods
net.sourceforge.pmd.lang.java.typeresolution.TypeHelper. Use the new
isExactlyNonemethods in the same class instead.
- #966: [java] Issue #955: add new rule to detect identical catch statement - Clément Fournier and BBG
- #1046: [java] New security rule for finding hard-coded keys used for cryptographic operations - Sergey Gorbaty
- #1101: [java] Fixes false positive for
DoNotExtendJavaLangError- Akshat Bahety
- #1106: [vf] URLENCODE is ignored as valid escape method - Robert Sösemann
- #1126: [java] Improve implementation hint in InefficientEmptyStringCheck - krichter722
- #1129: [java] Adjust InefficientEmptyStringCheck documentation - krichter722
- #1137: [ui] Removes the need for RefreshAST - Akshat Bahety