phoedos/pmd
1
1
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update documentation

Browse Source 
https://github.com/pmd/pmd/actions/runs/7132375043
b2aca33e80...0a63e74d2d
This commit is contained in:
PMD CI (pmd-bot)
2023-12-07 18:50:27 +00:00
parent dcedbcdd36
commit 16c176c90f
7 changed files with 72 additions and 125 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
feed.xml
View File

@ -5,8 +5,8 @@
<description>Intended as a documentation theme based on Jekyll for technical writers documenting software and other technical products, this theme has all the elements you would need to handle multiple products with both multi-level sidebar navigation, tags, and other documentation features.</description>
<link>https://docs.pmd-code.org/latest/</link>
<atom:link href="https://docs.pmd-code.org/latest/feed.xml" rel="self" type="application/rss+xml"/>
<pubDate>Thu, 07 Dec 2023 17:46:08 +0000</pubDate>
<lastBuildDate>Thu, 07 Dec 2023 17:46:08 +0000</lastBuildDate>
<pubDate>Thu, 07 Dec 2023 18:46:27 +0000</pubDate>
<lastBuildDate>Thu, 07 Dec 2023 18:46:27 +0000</lastBuildDate>
<generator>Jekyll v3.9.3</generator>
</channel>

129
pmd_projectdocs_credits.html
View File

File diff suppressed because it is too large Load Diff

2
pmd_release_notes.html
View File

@ -2054,6 +2054,7 @@ is the version that has been selected via CLI <code class="language-plaintext hi
<li><a href="https://github.com/pmd/pmd/pull/4738">#4738</a>: [doc] Added reference to the PMD extension for bld - <a href="https://github.com/ethauvin">Erik C. Thauvin</a> (@ethauvin)</li>
<li><a href="https://github.com/pmd/pmd/pull/4750">#4750</a>: [core] Fix flaky SummaryHTMLRenderer - <a href="https://github.com/219sansim">219sansim</a> (@219sansim)</li>
<li><a href="https://github.com/pmd/pmd/pull/4754">#4754</a>: [java] EmptyControlStatementRule: Add allowCommentedBlocks property - <a href="https://github.com/bergander">Andreas Bergander</a> (@bergander)</li>
<li><a href="https://github.com/pmd/pmd/pull/4759">#4759</a>: [java] fix: remove delimiter attribute from ruleset category/java/errorprone.xml - <a href="https://github.com/marcindabrowski">Marcin Dąbrowski</a> (@marcindabrowski)</li>
</ul>
<h3 id="-major-features-and-enhancements">🚀 Major Features and Enhancements</h3>
@ -2856,6 +2857,7 @@ of the changes listed here, see <a href="pmd_release_notes_pmd7.html">Detailed R
<li><a href="https://github.com/pmd/pmd/pull/4738">#4738</a>: [doc] Added reference to the PMD extension for bld - <a href="https://github.com/ethauvin">Erik C. Thauvin</a> (@ethauvin)</li>
<li><a href="https://github.com/pmd/pmd/pull/4750">#4750</a>: [core] Fix flaky SummaryHTMLRenderer - <a href="https://github.com/219sansim">219sansim</a> (@219sansim)</li>
<li><a href="https://github.com/pmd/pmd/pull/4754">#4754</a>: [java] EmptyControlStatementRule: Add allowCommentedBlocks property - <a href="https://github.com/bergander">Andreas Bergander</a> (@bergander)</li>
<li><a href="https://github.com/pmd/pmd/pull/4759">#4759</a>: [java] fix: remove delimiter attribute from ruleset category/java/errorprone.xml - <a href="https://github.com/marcindabrowski">Marcin Dąbrowski</a> (@marcindabrowski)</li>
</ul>
<h3 id="-stats">📈 Stats</h3>

1
pmd_release_notes_pmd7.html
View File

@ -2336,6 +2336,7 @@ rather than on the switch statements. This is more accurate but might result in
<li>codestyle.xml/VariableNamingConventions <span style="font-size: small;">(deleted)</span> ➡️ use <a href="pmd_rules_apex_codestyle.html#fieldnamingconventions"><code class="language-plaintext highlighter-rouge">FieldNamingConventions</code></a>,
<a href="pmd_rules_apex_codestyle.html#formalparameternamingconventions"><code class="language-plaintext highlighter-rouge">FormalParameterNamingConventions</code></a>, <a href="pmd_rules_apex_codestyle.html#localvariablenamingconventions"><code class="language-plaintext highlighter-rouge">LocalVariableNamingConventions</code></a>,
or <a href="pmd_rules_apex_codestyle.html#propertynamingconventions"><code class="language-plaintext highlighter-rouge">PropertyNamingConventions</code></a></li>
<li>security.xml/ApexCSRF <span style="font-size: small;">(deleted)</span> ➡️ use <a href="pmd_rules_apex_errorprone.html#apexcsrf"><code class="language-plaintext highlighter-rouge">ApexCSRF</code></a></li>
</ul>
<p><strong>Java</strong></p>

1
pmd_rules_apex.html
View File

@ -1969,7 +1969,6 @@
<ul>
<li><a href="pmd_rules_apex_security.html#apexbadcrypto">ApexBadCrypto</a>: The rule makes sure you are using randomly generated IVs and keys for Crypto calls. Hard-wiring…</li>
<li><a href="pmd_rules_apex_security.html#apexcrudviolation">ApexCRUDViolation</a>: The rule validates you are checking for access permissions before a SOQL/SOSL/DML operation. Sinc…</li>
<li><a href="pmd_rules_apex_security.html#apexcsrf">ApexCSRF</a>: <span style="border-radius: 0.25em; color: #fff; padding: 0.2em 0.6em 0.3em; display: inline; background-color: #d9534f; font-size: 75%;">Deprecated</span> The rule has been moved to another ruleset. Use instead <a href="pmd_rules_apex_errorprone.html#apexcsrf">ApexCSRF</a>.</li>
<li><a href="pmd_rules_apex_security.html#apexdangerousmethods">ApexDangerousMethods</a>: Checks against calling dangerous methods. For the time being, it reports: Against FinancialForc…</li>
<li><a href="pmd_rules_apex_security.html#apexinsecureendpoint">ApexInsecureEndpoint</a>: Checks against accessing endpoints under plain http. You should always use https for security.</li>
<li><a href="pmd_rules_apex_security.html#apexopenredirect">ApexOpenRedirect</a>: Checks against redirects to user-controlled locations. This prevents attackers from redirecting u…</li>

51
pmd_rules_apex_security.html
View File

@ -5,7 +5,7 @@
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="Rules that flag potential security flaws.">
<meta name="keywords" content=" Security, ApexBadCrypto, ApexCRUDViolation, ApexCSRF, ApexDangerousMethods, ApexInsecureEndpoint, ApexOpenRedirect, ApexSharingViolations, ApexSOQLInjection, ApexSuggestUsingNamedCred, ApexXSSFromEscapeFalse, ApexXSSFromURLParam">
<meta name="keywords" content=" Security, ApexBadCrypto, ApexCRUDViolation, ApexDangerousMethods, ApexInsecureEndpoint, ApexOpenRedirect, ApexSharingViolations, ApexSOQLInjection, ApexSuggestUsingNamedCred, ApexXSSFromEscapeFalse, ApexXSSFromURLParam">
<title>Security | PMD Source Code Analyzer</title>
@ -2082,55 +2082,6 @@ should be <a href="pmd_userdocs_suppressing_warnings.html">suppressed</a>.</p>
<span class="nt">&lt;/rule&gt;</span>
</code></pre></div></div>
<h2 id="apexcsrf">ApexCSRF</h2>
<p><span style="border-radius: 0.25em; color: #fff; padding: 0.2em 0.6em 0.3em; display: inline; background-color: #d9534f;">Deprecated</span></p>
<p>The rule has been moved to another ruleset. Use instead: <a href="pmd_rules_apex_errorprone.html#apexcsrf">ApexCSRF</a></p>
<p><span style="border-radius: 0.25em; color: #fff; padding: 0.2em 0.6em 0.3em; display: inline; background-color: #d9534f;">Deprecated</span></p>
<p><strong>Since:</strong> PMD 5.5.3</p>
<p><strong>Priority:</strong> Medium (3)</p>
<p>Having DML operations in Apex class constructor or initializers can have unexpected side effects:
By just accessing a page, the DML statements would be executed and the database would be modified.
Just querying the database is permitted.</p>
<p>In addition to constructors and initializers, any method called <code class="language-plaintext highlighter-rouge">init</code> is checked as well.</p>
<p>Salesforce Apex already protects against this scenario and raises a runtime exception.</p>
<p>Note: This rule has been moved from category "Security" to "Error Prone" with PMD 6.21.0, since
using DML in constructors is not a security problem, but crashes the application.</p>
<p><strong>This rule is defined by the following Java class:</strong> <a href="https://github.com/pmd/pmd/blob/master/pmd-apex/src/main/java/net/sourceforge/pmd/lang/apex/rule/errorprone/ApexCSRFRule.java">net.sourceforge.pmd.lang.apex.rule.errorprone.ApexCSRFRule</a></p>
<p><strong>Example(s):</strong></p>
<div class="language-java highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="kd">public</span> <span class="kd">class</span> <span class="nc">Foo</span> <span class="o">{</span>
<span class="c1">// initializer</span>
<span class="o">{</span>
<span class="n">insert</span> <span class="n">data</span><span class="o">;</span>
<span class="o">}</span>
<span class="c1">// static initializer</span>
<span class="kd">static</span> <span class="o">{</span>
<span class="n">insert</span> <span class="n">data</span><span class="o">;</span>
<span class="o">}</span>
<span class="c1">// constructor</span>
<span class="kd">public</span> <span class="nf">Foo</span><span class="o">()</span> <span class="o">{</span>
<span class="n">insert</span> <span class="n">data</span><span class="o">;</span>
<span class="o">}</span>
<span class="o">}</span>
</code></pre></div></div>
<p><strong>Use this rule by referencing it:</strong></p>
<div class="language-xml highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nt">&lt;rule</span> <span class="na">ref=</span><span class="s">"category/apex/security.xml/ApexCSRF"</span> <span class="nt">/&gt;</span>
</code></pre></div></div>
<h2 id="apexdangerousmethods">ApexDangerousMethods</h2>
<p><strong>Since:</strong> PMD 5.5.3</p>

9
search.json
View File

@ -6047,15 +6047,6 @@
}
,
{
"title": "ApexCSRF (Apex, Security)",
"tags": "",
"keywords": "ApexCSRF",
"url": "pmd_rules_apex_security.html#apexcsrf",
"summary": "Rules that flag potential security flaws."
}
,
{
"title": "ApexDangerousMethods (Apex, Security)",
"tags": "",