Merge branch 'pmd:master' into master

2022-10-10 16:32:38 +02:00 · 2022-10-10 16:32:38 +02:00 · c0f88d004d
commit c0f88d004d
parent 5d4457bc3f 5f2961f78f
110 changed files with 2617 additions and 576 deletions
--- a/.all-contributorsrc
+++ b/.all-contributorsrc
@ -492,7 +492,8 @@
      "profile": "https://github.com/pzygielo",
      "contributions": [
        "code",
-        "bug"
+        "bug",
+        "doc"
      ]
    },
    {
@ -3269,7 +3270,8 @@
      "profile": "https://github.com/jborgers",
      "contributions": [
        "bug",
-        "code"
+        "code",
+        "talk"
      ]
    },
    {
@ -6522,7 +6524,8 @@
      "avatar_url": "https://avatars.githubusercontent.com/u/36415196?v=4",
      "profile": "https://github.com/dykov",
      "contributions": [
-        "code"
+        "code",
+        "bug"
      ]
    },
    {
@ -6540,7 +6543,8 @@
      "avatar_url": "https://avatars.githubusercontent.com/u/178883?v=4",
      "profile": "https://github.com/gredler",
      "contributions": [
-        "code"
+        "code",
+        "bug"
      ]
    },
    {
@ -6559,7 +6563,8 @@
      "profile": "https://github.com/JerritEic",
      "contributions": [
        "code",
-        "doc"
+        "doc",
+        "bug"
      ]
    },
    {
@ -6777,7 +6782,8 @@
      "avatar_url": "https://avatars.githubusercontent.com/u/90252673?v=4",
      "profile": "https://github.com/abyss638",
      "contributions": [
-        "code"
+        "code",
+        "bug"
      ]
    },
    {
@ -6798,7 +6804,8 @@
      "contributions": [
        "doc"
      ]
-    },{
+    },
+    {
      "login": "pacvz",
      "name": "pacvz",
      "avatar_url": "https://avatars.githubusercontent.com/u/35453365?v=4",
@ -6806,6 +6813,134 @@
      "contributions": [
        "code"
      ]
+    },
+    {
+      "login": "mohan-chinnappan-n",
+      "name": "mohan-chinnappan-n",
+      "avatar_url": "https://avatars.githubusercontent.com/u/5963194?v=4",
+      "profile": "https://mohan-chinnappan-n.github.io/about/cv.html",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Suvashri",
+      "name": "Suvashri",
+      "avatar_url": "https://avatars.githubusercontent.com/u/112872981?v=4",
+      "profile": "https://github.com/Suvashri",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "osiegmar",
+      "name": "Oliver Siegmar",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1918869?v=4",
+      "profile": "https://github.com/osiegmar",
+      "contributions": [
+        "financial"
+      ]
+    },
+    {
+      "login": "OlegAndreych",
+      "name": "Oleg Andreych",
+      "avatar_url": "https://avatars.githubusercontent.com/u/2041351?v=4",
+      "profile": "https://github.com/OlegAndreych",
+      "contributions": [
+        "code",
+        "bug"
+      ]
+    },
+    {
+      "login": "lfalcantar",
+      "name": "Luis Alcantar",
+      "avatar_url": "https://avatars.githubusercontent.com/u/13026131?v=4",
+      "profile": "https://github.com/lfalcantar",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "LynnBroe",
+      "name": "Lynn",
+      "avatar_url": "https://avatars.githubusercontent.com/u/109954313?v=4",
+      "profile": "https://github.com/LynnBroe",
+      "contributions": [
+        "code",
+        "bug"
+      ]
+    },
+    {
+      "login": "sashashura",
+      "name": "Alex",
+      "avatar_url": "https://avatars.githubusercontent.com/u/93376818?v=4",
+      "profile": "https://github.com/sashashura",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "koalalam",
+      "name": "koalalam",
+      "avatar_url": "https://avatars.githubusercontent.com/u/5452429?v=4",
+      "profile": "https://github.com/koalalam",
+      "contributions": [
+        "bug"
+      ]
+    },
+    {
+      "login": "garydgregory",
+      "name": "Gary Gregory",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1187639?v=4",
+      "profile": "https://github.com/garydgregory",
+      "contributions": [
+        "bug"
+      ]
+    },
+    {
+      "login": "vanguard-1024",
+      "name": "Austin",
+      "avatar_url": "https://avatars.githubusercontent.com/u/87691060?v=4",
+      "profile": "https://github.com/vanguard-1024",
+      "contributions": [
+        "bug"
+      ]
+    },
+    {
+      "login": "ewantempero",
+      "name": "Ewan Tempero",
+      "avatar_url": "https://avatars.githubusercontent.com/u/8744237?v=4",
+      "profile": "http://www.cs.auckland.ac.nz/~ewan",
+      "contributions": [
+        "bug"
+      ]
+    },
+    {
+      "login": "cbfiddle",
+      "name": "cbfiddle",
+      "avatar_url": "https://avatars.githubusercontent.com/u/6628505?v=4",
+      "profile": "https://github.com/cbfiddle",
+      "contributions": [
+        "bug"
+      ]
+    },
+    {
+      "login": "MartGit",
+      "name": "MartGit",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1518723?v=4",
+      "profile": "https://github.com/MartGit",
+      "contributions": [
+        "bug"
+      ]
+    },
+    {
+      "login": "Alexx-G",
+      "name": "Alex",
+      "avatar_url": "https://avatars.githubusercontent.com/u/3869268?v=4",
+      "profile": "https://github.com/Alexx-G",
+      "contributions": [
+        "bug"
+      ]
    }
  ],
  "contributorsPerLine": 7,
--- a/.ci/build.sh
+++ b/.ci/build.sh
@ -41,17 +41,20 @@ function build() {
            ./mvnw clean install --show-version --errors --batch-mode --no-transfer-progress "${PMD_MAVEN_EXTRA_OPTS[@]}"
        pmd_ci_log_group_end

-        # Danger is executed only on the linux runner
-        if [ "$(pmd_ci_utils_get_os)" = "linux" ]; then
-            pmd_ci_log_group_start "Executing danger"
-                regression_tester_setup_ci
-                regression_tester_executeDanger
-            pmd_ci_log_group_end
+        # Execute danger and dogfood only for pull requests in our own repository
+        if [[ "${PMD_CI_IS_FORK}" = "false" && -n "${PMD_CI_PULL_REQUEST_NUMBER}" ]]; then
+          # Danger is executed only on the linux runner
+          if [ "$(pmd_ci_utils_get_os)" = "linux" ]; then
+              pmd_ci_log_group_start "Executing danger"
+                  regression_tester_setup_ci
+                  regression_tester_executeDanger
+              pmd_ci_log_group_end

-            # also run dogfood for PRs (only on linux)
-            pmd_ci_log_group_start "Executing PMD dogfood test with ${PMD_CI_MAVEN_PROJECT_VERSION}"
-                pmd_ci_dogfood
-            pmd_ci_log_group_end
+              # also run dogfood for PRs (only on linux)
+              pmd_ci_log_group_start "Executing PMD dogfood test with ${PMD_CI_MAVEN_PROJECT_VERSION}"
+                  pmd_ci_dogfood
+              pmd_ci_log_group_end
+          fi
        fi

        exit 0
--- a/.ci/files/project-list.xml
+++ b/.ci/files/project-list.xml
@ -169,4 +169,12 @@ EOF
    <tag>v2.3.0</tag>
    <src-subpath>samples</src-subpath>
  </project>
+
+  <project>
+    <name>java-regression-tests</name>
+    <type>git</type>
+    <connection>https://github.com/pmd/java-regression-tests</connection>
+    <tag>main</tag>
+    <auxclasspath-command>realpath java-regression-tests-*.jar</auxclasspath-command>
+  </project>
 </projectlist>
--- a/.github/ISSUE_TEMPLATE/0rule_violation_false-positive.md
+++ b/.github/ISSUE_TEMPLATE/0rule_violation_false-positive.md
@ -19,7 +19,7 @@ Please provide the rule name and a link to the rule documentation:

 **Code Sample demonstrating the issue:**

-```
+```java

 ```

--- a/.github/ISSUE_TEMPLATE/1rule_violation_false-negative.md
+++ b/.github/ISSUE_TEMPLATE/1rule_violation_false-negative.md
@ -19,7 +19,7 @@ Please provide the rule name and a link to the rule documentation:

 **Code Sample demonstrating the issue:**

-```
+```java

 ```

--- a/.github/ISSUE_TEMPLATE/2new_rule.md
+++ b/.github/ISSUE_TEMPLATE/2new_rule.md
@ -17,7 +17,7 @@ assignees: ''
 **Code Sample:** This should include code, that should be flagged by the rule. If possible, the "correct" code
 according to this new rule should also be demonstrated.

-```
+```java

 ```

--- a/.github/ISSUE_TEMPLATE/4bug_report.md
+++ b/.github/ISSUE_TEMPLATE/4bug_report.md
@ -25,7 +25,7 @@ A clear and concise description of what the bug is.

 **Code Sample demonstrating the issue:**

-```
+```java

 ```

--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -14,9 +14,17 @@ on:
    - cron:  '0 4 1 * *'
  workflow_dispatch:

+permissions:
+  contents: read # to fetch code (actions/checkout)
+
 jobs:
  build:
    runs-on: ${{ matrix.os }}
+    permissions:
+      # read to fetch code (actions/checkout)
+      # write to push code to gh-pages, create releases
+      # note: forked repositories will have maximum read access
+      contents: write
    continue-on-error: false
    strategy:
      matrix:
--- a/.github/workflows/git-repo-sync.yml
+++ b/.github/workflows/git-repo-sync.yml
@ -9,6 +9,9 @@ on:
      - '**'
  workflow_dispatch:

+permissions:
+  contents: read # to fetch code (actions/checkout)
+
 jobs:
  build:
    runs-on: ubuntu-latest
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -1,8 +1,8 @@
 GEM
  remote: https://rubygems.org/
  specs:
-    addressable (2.8.0)
-      public_suffix (>= 2.0.2, < 5.0)
+    addressable (2.8.1)
+      public_suffix (>= 2.0.2, < 6.0)
    claide (1.1.0)
    claide-plugins (0.9.2)
      cork
@ -12,7 +12,7 @@ GEM
    concurrent-ruby (1.1.10)
    cork (0.3.0)
      colored2 (~> 3.1)
-    danger (8.6.1)
+    danger (9.0.0)
      claide (~> 1.0)
      claide-plugins (>= 0.9.2)
      colored2 (~> 3.1)
@ -23,12 +23,12 @@ GEM
      kramdown (~> 2.3)
      kramdown-parser-gfm (~> 1.0)
      no_proxy_fix
-      octokit (~> 4.7)
+      octokit (~> 5.0)
      terminal-table (>= 1, < 4)
    differ (0.1.2)
    et-orbi (1.2.7)
      tzinfo
-    faraday (1.10.0)
+    faraday (1.10.2)
      faraday-em_http (~> 1.0)
      faraday-em_synchrony (~> 1.0)
      faraday-excon (~> 1.1)
@ -43,7 +43,7 @@ GEM
    faraday-em_http (1.0.0)
    faraday-em_synchrony (1.0.0)
    faraday-excon (1.1.0)
-    faraday-http-cache (2.4.0)
+    faraday-http-cache (2.4.1)
      faraday (>= 0.8)
    faraday-httpclient (1.0.1)
    faraday-multipart (1.0.4)
@ -53,25 +53,26 @@ GEM
    faraday-patron (1.0.0)
    faraday-rack (1.0.0)
    faraday-retry (1.0.3)
-    fugit (1.5.3)
+    fugit (1.7.1)
      et-orbi (~> 1, >= 1.2.7)
      raabro (~> 1.4)
-    git (1.11.0)
+    git (1.12.0)
+      addressable (~> 2.8)
      rchardet (~> 1.8)
    kramdown (2.4.0)
      rexml
    kramdown-parser-gfm (1.1.0)
      kramdown (~> 2.0)
-    liquid (5.3.0)
+    liquid (5.4.0)
    logger-colors (1.0.0)
    mini_portile2 (2.8.0)
    multipart-post (2.2.3)
    nap (1.1.0)
    no_proxy_fix (0.1.2)
-    nokogiri (1.13.7)
+    nokogiri (1.13.8)
      mini_portile2 (~> 2.8.0)
      racc (~> 1.4)
-    octokit (4.25.1)
+    octokit (5.6.1)
      faraday (>= 1, < 3)
      sawyer (~> 0.9)
    open4 (1.3.4)
@ -82,12 +83,12 @@ GEM
      nokogiri (~> 1.13)
      rufus-scheduler (~> 3.8)
      slop (~> 4.6)
-    public_suffix (4.0.7)
+    public_suffix (5.0.0)
    raabro (1.4.0)
    racc (1.6.0)
    rchardet (1.8.0)
    rexml (3.2.5)
-    rouge (3.29.0)
+    rouge (4.0.0)
    ruby2_keywords (0.0.5)
    rufus-scheduler (3.8.2)
      fugit (~> 1.1, >= 1.1.6)
@ -100,7 +101,7 @@ GEM
      unicode-display_width (>= 1.1.1, < 3)
    tzinfo (2.0.5)
      concurrent-ruby (~> 1.0)
-    unicode-display_width (2.2.0)
+    unicode-display_width (2.3.0)

 PLATFORMS
  ruby
--- a/do-release.sh
+++ b/do-release.sh
@ -116,7 +116,7 @@ echo "* Days since last release: $(( ( $(date +%s) - $(git log --max-count=1 --f
 )

 TEMP_RELEASE_NOTES=$(cat docs/pages/release_notes.md)
-TEMP_RELEASE_NOTES=${TEMP_RELEASE_NOTES/\{\% endtocmaker \%\}/$STATS$'\n'$'\n'\{\% endtocmaker \%\}$'\n'}
+TEMP_RELEASE_NOTES=${TEMP_RELEASE_NOTES/\{\% endtocmaker \%\}/${STATS//\&/\\\&}$'\n'$'\n'\{\% endtocmaker \%\}$'\n'}
 echo "${TEMP_RELEASE_NOTES}" > docs/pages/release_notes.md

 echo
--- a/docs/Gemfile.lock
+++ b/docs/Gemfile.lock
@ -1,20 +1,20 @@
 GEM
  remote: https://rubygems.org/
  specs:
-    activesupport (6.0.5.1)
+    activesupport (6.0.6)
      concurrent-ruby (~> 1.0, >= 1.0.2)
      i18n (>= 0.7, < 2)
      minitest (~> 5.1)
      tzinfo (~> 1.1)
      zeitwerk (~> 2.2, >= 2.2.2)
-    addressable (2.8.0)
-      public_suffix (>= 2.0.2, < 5.0)
+    addressable (2.8.1)
+      public_suffix (>= 2.0.2, < 6.0)
    coffee-script (2.4.1)
      coffee-script-source
      execjs
    coffee-script-source (1.11.1)
    colorator (1.1.0)
-    commonmarker (0.23.5)
+    commonmarker (0.23.6)
    concurrent-ruby (1.1.10)
    dnsruby (1.61.9)
      simpleidn (~> 0.1)
@ -25,10 +25,10 @@ GEM
      ffi (>= 1.15.0)
    eventmachine (1.2.7)
    execjs (2.8.1)
-    faraday (2.3.0)
-      faraday-net_http (~> 2.0)
+    faraday (2.5.2)
+      faraday-net_http (>= 2.0, < 3.1)
      ruby2_keywords (>= 0.0.4)
-    faraday-net_http (2.0.3)
+    faraday-net_http (3.0.0)
    ffi (1.15.5)
    forwardable-extended (2.6.0)
    gemoji (3.0.1)
@ -211,8 +211,8 @@ GEM
      jekyll (>= 3.5, < 5.0)
      jekyll-feed (~> 0.9)
      jekyll-seo-tag (~> 2.1)
-    minitest (5.16.2)
-    nokogiri (1.13.7)
+    minitest (5.16.3)
+    nokogiri (1.13.8)
      mini_portile2 (~> 2.8.0)
      racc (~> 1.4)
    octokit (4.25.1)
@ -222,7 +222,7 @@ GEM
      forwardable-extended (~> 2.6)
    public_suffix (4.0.7)
    racc (1.6.0)
-    rb-fsevent (0.11.1)
+    rb-fsevent (0.11.2)
    rb-inotify (0.10.1)
      ffi (~> 1.0)
    rexml (3.2.5)
--- a/docs/_config.yml
+++ b/docs/_config.yml
@ -1,9 +1,9 @@
 repository: pmd/pmd

 pmd:
-    version: 6.50.0-SNAPSHOT
-    previous_version: 6.49.0
-    date: 30-September-2022
+    version: 6.51.0-SNAPSHOT
+    previous_version: 6.50.0
+    date: 29-October-2022
    release_type: minor

 # release types: major, minor, bugfix
--- a/docs/_data/sidebars/pmd_sidebar.yml
+++ b/docs/_data/sidebars/pmd_sidebar.yml
@ -58,6 +58,9 @@ entries:
    - title: PMD Report formats
      url: /pmd_userdocs_report_formats.html
      output: web, pdf
+    - title: 3rd party rulesets
+      output: web, pdf
+      url: /pmd_userdocs_3rdpartyrulesets.html
    - title: null
      output: web, pdf
      subfolders:
@ -469,6 +472,9 @@ entries:
    - title: Old release notes
      url: /pmd_release_notes_old.html
      output: web, pdf
+    - title: Decisions
+      url: /pmd_projectdocs_decisions.html
+      output: web, pdf
    - title: null
      output: web, pdf
      subfolders:
--- a/docs/index.md
+++ b/docs/index.md
@ -7,7 +7,7 @@ summary: >
    Welcome to the documentation site for PMD and CPD! <br/><br/>


-last_updated: August 2017
+last_updated: October 2022
 author: Jeff Jensen <jjensen@apache.org>, Andreas Dangel <andreas.dangel@adangel.org>,
        Clément Fournier <clement.fournier76@gmail.com>
 ---
@ -29,7 +29,7 @@ author: Jeff Jensen <jjensen@apache.org>, Andreas Dangel <andreas.dangel@adangel

 **PMD** is a static source code analyzer. It finds common programming flaws like
 unused variables, empty catch blocks, unnecessary object creation, and
-so forth. It's mainly concerned with **Java and Apex**, but **supports six other
+so forth. It's mainly concerned with **Java and Apex**, but **supports 12 other
 languages**.

 PMD features many **built-in checks** (in PMD lingo, *rules*), which are documented
--- a/docs/pages/next_major_development.md
+++ b/docs/pages/next_major_development.md
@ -125,6 +125,12 @@ the breaking API changes will be performed in 7.0.0.
 an API is tagged as `@Deprecated` or not in the latest minor release. During the development of 7.0.0,
 we may decide to remove some APIs that were not tagged as deprecated, though we'll try to avoid it." %}

+#### 6.50.0
+
+##### CPD CLI
+
+* CPD now supports the `--ignore-literal-sequences` argument when analyzing Lua code.
+
 #### 6.49.0

 ##### Deprecated API
--- a/docs/pages/pmd/projectdocs/credits.md
+++ b/docs/pages/pmd/projectdocs/credits.md
--- a/docs/pages/pmd/projectdocs/decisions.md
+++ b/docs/pages/pmd/projectdocs/decisions.md
@ -0,0 +1,14 @@
+---
+title: Architecture Decisions
+sidebar: pmd_sidebar
+permalink: pmd_projectdocs_decisions.html
+last_updated: July 2022
+---
+
+<ul>
+{% for page in site.pages %}
+    {% if page.adr == true and page.adr_status != "" %}
+        <li><a href="{{ page.url }}">{{ page.title }}</a> ({{ page.adr_status }})</li>
+    {% endif %}
+{% endfor %}
+</ul>
--- a/docs/pages/pmd/projectdocs/decisions/adr-1.md
+++ b/docs/pages/pmd/projectdocs/decisions/adr-1.md
@ -0,0 +1,70 @@
+---
+title: ADR 1 - Use architecture decision records
+sidebar: pmd_sidebar
+permalink: pmd_projectdocs_decisions_adr_1.html
+sidebaractiveurl: /pmd_projectdocs_decisions.html
+adr: true
+# Proposed / Accepted / Deprecated / Superseded
+adr_status: "Accepted"
+last_updated: September 2022
+---
+
+# Context
+
+PMD has grown over 20 years as an open-source project. Along the way many decisions have been made, but they are not
+explicitly documented. PMD is also developed by many individuals and the original developers might
+not even be around anymore.
+
+Without having documentation records about decisions it is hard for new developers to understand the reasons
+of past decisions. This might lead to either ignore these past (unknown) decisions and change it without
+fully understanding its consequences. This could create new issues down the road, e.g. a decision supporting
+a requirement that is not tested.
+
+On the other hand, accepting the past decisions without challenging it might slow down the project and
+possible innovations. It could lead to a situation where the developers are afraid to change anything
+in order to not break the system.
+
+Past decisions have been made within context and the context can change. Therefore, past decisions can still be
+valid today, or they don't apply anymore. In that case, the decision should be revisited.
+
+See also the blog post [Documenting Architecture Decisions](https://cognitect.com/blog/2011/11/15/documenting-architecture-decisions)
+by Michael Nygard.
+
+There are many templates around to choose from. <https://github.com/joelparkerhenderson/architecture-decision-record>
+gives a nice summary. The page <https://adr.github.io/> gives a good overview on ADR and for adr-related tooling.
+
+# Decision
+
+We will document the decisions we make as a project as a collection of "Architecture Decision Records".
+In order to keep it simple, we will use only a simple template proposed by Michael Nygard.
+The documents are stored together with the source code and are part of the generated documentation site.
+
+A new ADR should be proposed with a pull request to open the discussion.
+The initial status of the new ADR is "Proposed". When maintainer consensus is reached during the PR
+review, then the status is changed to "Accepted" when the PR is merged.
+A new entry in the "Change History" section should be added, when the PR is merged.
+
+In order to propose a change to an existing ADR a new pull request should be opened which modifies the ADR.
+The change can be to amend the ADR or to challenge it and maybe deprecate it. A new entry in the
+"Change History" section should be added to summary the change. When maintainer consensus is reached
+during the PR review, then the PR can be merged and the ADR is updated.
+
+# Status
+
+{{ page.adr_status }} (Last updated: {{ page.last_updated }})
+
+# Consequences
+
+Explicitly documenting decisions has the benefit that new developers joining the projects know about the decisions
+and can read the context and consequences of the decisions. This will likely also improve the overall quality
+as the decisions need to be formulated and written down. Everybody is on the same page.
+
+However, this also adds additional tasks, and it takes time to write down and document the decisions.
+
+# Change History
+
+2022-09-30: Status changed to "Accepted".
+
+2022-09-06: Added section "Change History" to the template. Added "Last updated" to "Status" section.
+
+2022-07-28: Proposed initial version.
--- a/docs/pages/pmd/projectdocs/decisions/adr-2.md
+++ b/docs/pages/pmd/projectdocs/decisions/adr-2.md
@ -0,0 +1,71 @@
+---
+title: ADR 2 - Policy on the use of Kotlin for development
+sidebar: pmd_sidebar
+permalink: pmd_projectdocs_decisions_adr_2.html
+sidebaractiveurl: /pmd_projectdocs_decisions.html
+adr: true
+# Proposed / Accepted / Deprecated / Superseded
+adr_status: "Accepted"
+last_updated: September 2022
+---
+
+# Context
+
+We currently use Kotlin only for unit tests at some places (e.g. pmd-lang-test module provides a couple of base
+test classes). We were cautious to expand Kotlin because of poor development support outside JetBrain's
+IntelliJ IDEA. E.g. the [Kotlin Plugin for Eclipse](https://marketplace.eclipse.org/content/kotlin-plugin-eclipse)
+doesn't work properly as described in the reviews.
+
+For VS Code there is a [Kotlin Plugin](https://marketplace.visualstudio.com/items?itemName=mathiasfrohlich.Kotlin)
+with basic features. Online IDEs like gitpod.io and GitHub Codespaces are often based on VS Code.
+
+Using Kotlin means, that we accept, that PMD can only be developed with IntelliJ IDEA. This feels like a vendor lock-in.
+
+Also, bringing in a mix of languages might make maintenance a bit harder and make it harder for new contributors.
+However - PMD is a tool that deals with many, many languages anyway, so this is maybe not a real argument.
+
+Nevertheless, extending the usage of Kotlin within PMD can also increase contributions.
+
+# Decision
+
+We are generally open to the idea to increase usage of Kotlin within PMD. In order to gain experience
+and to keep it within bounds and therefore maintainable we came up with the following rules:
+
+* The module `pmd-core` should stay in plain Java. This helps in keeping binary compatibility when changing sources.
+  `pmd-core` contains the main APIs for all language modules. We currently release all modules at the same time,
+  so this is not a real problem for now. But that might change in the future: Because only few language modules have
+  actual changes per release, it doesn't really make sense to release everything as long as the modules stay
+  compatible. But that's another story.
+* For (unit) testing, Kotlin can be used in `pmd-core` and in the language modules. The test frameworks can also
+  use Kotlin (`pmd-test` doesn't yet, `pmd-lang-test` does already).
+* Additionally: from now on, we allow to have the individual language modules be implemented in different languages
+  when it makes sense. So, a language module might decide to use plain Java (like now) or also Kotlin.
+* When mixing languages (e.g. Java + Kotlin), we need to care that the modules can still be used with plain Java.
+  E.g. when writing custom rules: `pmd-java` provides a couple of APIs for rules (like symbol table, type resolution)
+  and we should not force the users to use Kotlin (at least not for language modules which already exist and
+  for which users might have written custom rules in Java already).
+* It is also possible to write the entire language module in Kotlin only. Then the rules would be written in Kotlin
+  as well. And the possible problems when mixing languages are gone. But that applies only for new language modules.
+* When refactoring an existing language module from Java only to introduce Kotlin, care needs to be taken to
+  not make incompatible changes. If compatibility (binary or source) can't be maintained, then that would be a
+  major version change.
+
+# Status
+
+{{ page.adr_status }} (Last updated: {{ page.last_updated }})
+
+# Consequences
+
+Allowing more Kotlin in PMD can attract new contributions. It might make it easier to develop small DSLs.
+In the future we might also consider to use other languages than Kotlin, e.g. for `pmd-scala` Scala might make sense.
+
+On the other side, other IDEs than IntelliJ IDEA will have a difficult time to deal with PMD's source code
+when Kotlin is used. Eclipse can't be used practically anymore.
+
+Maintaining a polyglot code base with multiple languages is likely to be more challenging.
+
+# Change History
+
+2022-09-30: Changed status to "Accepted".
+
+2022-07-28: Proposed initial version.
--- a/docs/pages/pmd/projectdocs/decisions/adr-NNN.md
+++ b/docs/pages/pmd/projectdocs/decisions/adr-NNN.md
@ -0,0 +1,34 @@
+---
+title: ADR NNN - Template
+sidebar: pmd_sidebar
+permalink: pmd_projectdocs_decisions_adr_NNN.html
+sidebaractiveurl: /pmd_projectdocs_decisions.html
+adr: true
+# Proposed / Accepted / Deprecated / Superseded
+adr_status: ""
+last_updated: July 2022
+---
+
+<!-- https://github.com/joelparkerhenderson/architecture-decision-record/blob/main/templates/decision-record-template-by-michael-nygard/index.md -->
+
+# Context
+
+What is the issue that we're seeing that is motivating this decision or change?
+
+# Decision
+
+What is the change that we're proposing and/or doing?
+
+# Status
+
+{{ page.adr_status }} (Last updated: {{ page.last_updated }})
+
+# Consequences
+
+What becomes easier or more difficult to do because of this change?
+
+# Change History
+
+YYYY-MM-DD: Add xyz.
+
+YYYY-MM-DD: Proposed initial version.
--- a/docs/pages/pmd/projectdocs/trivia/news.md
+++ b/docs/pages/pmd/projectdocs/trivia/news.md
@ -9,26 +9,43 @@ author: Tom Copeland <tom@infoether.org>

 ### Salesforce / Apex Language Module

+*   October 2020 - [Salesforce CLI Scanner Custom XPath Rules - Part 1](https://bobbuzzard.blogspot.com/2020/10/salesforce-cli-scanner-custom-xpath.html),
+    [Salesforce CLI Scanner Custom XPath Rules - Part 2](http://bobbuzzard.blogspot.com/2020/10/salesforce-cli-scanner-custom-xpath_11.html)
+    by [Keir Bowden](https://twitter.com/bob_buzzard)
+
 *   March 2020 - [Helping Salesforce developers create readable and maintainable Apex code](https://gearset.com/blog/helping-sf-developers-create-readable-and-maintainable-apex-code)

 *   July 2019 - [Apex PMD \| Static code analysis - Apex Hours](https://youtu.be/34PxAHtAavU)

-*   June 2019 - [Pluralsight](https://www.pluralsight.com/authors/don-robins) Course about leveraging PMD usage for Salesforce by [Robert Sösemann](https://github.com/rsoesemann) (Apex Language Module Contributor) [Play by Play: Automated Code Analysis in Salesforce - a Tools Deep-Dive](https://www.pluralsight.com/courses/play-by-play-automated-code-analysis-in-salesforce)
+*   June 2019 - [Pluralsight](https://www.pluralsight.com/authors/don-robins) Course about leveraging PMD usage for
+    Salesforce by [Robert Sösemann](https://github.com/rsoesemann) (Apex Language Module Contributor)
+    [Play by Play: Automated Code Analysis in Salesforce - a Tools Deep-Dive](https://www.pluralsight.com/courses/play-by-play-automated-code-analysis-in-salesforce)

-*   June 2018 - [Salesforce Way Podcast](https://salesforceway.com/podcast/podcast/) with [Robert Sösemann](https://github.com/rsoesemann) [Static Code Analysis with PMD for Apex](https://salesforceway.com/podcast/podcast/static-code-analysis-with-pmd-for-apex/)
+*   June 2018 - [Salesforce Way Podcast](https://salesforceway.com/podcast/podcast/) with
+    [Robert Sösemann](https://github.com/rsoesemann) [Static Code Analysis with PMD for Apex](https://salesforceway.com/podcast/podcast/static-code-analysis-with-pmd-for-apex/)

-* January 2018 - [Webinar: How to contribute Apex rules to PMD with Robert Sösemann](https://www.youtube.com/watch?v=7_Ex9WWS_3Q)
+*   January 2018 - [Webinar: How to contribute Apex rules to PMD with Robert Sösemann](https://www.youtube.com/watch?v=7_Ex9WWS_3Q)

-*   August 2017 - Webinar about how to use PMD with The Welkin Suite Salesforce IDE - Author [Robert Sösemann](https://github.com/rsoesemann) - [Improving your Apex Code Quality with PMD in The Welkin Suite](https://www.youtube.com/watch?v=Ypyiy5b6huc)
+*   August 2017 - Webinar about how to use PMD with The Welkin Suite Salesforce IDE - Author
+    [Robert Sösemann](https://github.com/rsoesemann) - [Improving your Apex Code Quality with PMD in The Welkin Suite](https://www.youtube.com/watch?v=Ypyiy5b6huc)

-*   November 2016 - Recording of [Robert Sösemann](https://github.com/rsoesemann)'s Session at Salesforce Dreamforce Conference about enforcing Clean Code in the Salesforce world using PMD and other tools [Clean Apex Code with Automatic Code Metrics](https://www.youtube.com/watch?v=bW7m6y6bEug)
+*   November 2016 - Recording of [Robert Sösemann](https://github.com/rsoesemann)'s Session at Salesforce Dreamforce
+    Conference about enforcing Clean Code in the Salesforce world using PMD and other tools
+    [Clean Apex Code with Automatic Code Metrics](https://www.youtube.com/watch?v=bW7m6y6bEug)


 ### PMD in general and other Language Modules

-*   February 2021 - Artem Krosheninnikov's talk about Quality Assurance Automation: [Artem Krosheninnikov, Wrike - How static analysis can help in QAA processes](https://www.youtube.com/watch?v=L42zH5ne074)
+*   February 2021 - Artem Krosheninnikov's talk about Quality Assurance Automation:
+    [Artem Krosheninnikov, Wrike - How static analysis can help in QAA processes](
+    https://www.youtube.com/watch?v=L42zH5ne074)

-*   May 2019 - [Code quality assurance with PMD – An extensible static code analyser for Java and other languages](https://www.datarespons.com/code-quality-assurance-with-pmd/)
+*   December 2020 - Jeroen Borgers' talk about finding performance bugs with PMD:
+    [J-Fall Virtual 2020: Jeroen Borgers - Fixing your performance and concurrency bugs before they bite you](
+    https://www.youtube.com/watch?v=Z_sT38KTRNk)
+
+*   May 2019 - [Code quality assurance with PMD – An extensible static code analyser for Java and other languages](
+    https://www.datarespons.com/code-quality-assurance-with-pmd/)

 *   February 2012 - Romain Pelisse's lightning talk at FOSDEM 2012 about "PMD5: What can it do for you?".
    [Video recording is available](http://video.fosdem.org/2012/lightningtalks/PMD5.webm).
--- a/docs/pages/pmd/userdocs/3rdpartyrulesets.md
+++ b/docs/pages/pmd/userdocs/3rdpartyrulesets.md
@ -0,0 +1,27 @@
+---
+title: 3rd party rulesets
+tags: [rule_references, userdocs]
+summary: Lists rulesets and rules from the community
+permalink: pmd_userdocs_3rdpartyrulesets.html
+last_updated: September 2022
+---
+
+## For Java
+
+* **jPinpoint rules:** PMD rule set for performance aware Java and Kotlin coding.
+  * <https://github.com/jborgers/PMD-jPinpoint-rules>
+* **arch4u-pmd** is a library with pmd rules that bring new regulations related to known problems in REST API, logging,
+  monitoring, etc., including reconfigured default pmd rules to decrease false-positive violations during usage of
+  well-known frameworks like Spring, Quarkus, etc.
+  * <https://github.com/dgroup/arch4u-pmd>
+* Sample ruleset from **maxdocs**, a multi markup wiki engine.
+  * <https://github.com/bohni/maxdocs/blob/master/src/main/config/pmd/pmd-ruleset.xml>
+* Sample ruleset from **geotools**, an open source Java library that provides tools for geospatial data.
+  * <https://github.com/geotools/geotools/blob/main/build/qa/pmd-ruleset.xml>
+  * <https://github.com/geotools/geotools/blob/main/build/qa/pmd-junit-ruleset.xml>
+
+
+## For Apex
+* **unhappy-soup**, a repository with problematic Salesforce code to showcase PMD, the SFDX Scanner CLI
+  * <https://github.com/rsoesemann/unhappy-soup/blob/master/ruleset.xml>
+
--- a/docs/pages/pmd/userdocs/cli_reference.md
+++ b/docs/pages/pmd/userdocs/cli_reference.md
@ -197,18 +197,20 @@ Example:
 ```

 *   [apex](pmd_rules_apex.html) (Salesforce Apex)
+*   [ecmascript](pmd_rules_ecmascript.html) (JavaScript)
+*   [html](pmd_rules_html.html)
 *   [java](pmd_rules_java.html)
    *   [Supported Versions](pmd_languages_java.html)
-*   [ecmascript](pmd_rules_ecmascript.html) (JavaScript)
 *   [jsp](pmd_rules_jsp.html)
 *   [modelica](pmd_rules_modelica.html)
 *   [plsql](pmd_rules_plsql.html)
+*   [pom](pmd_rules_pom.html) (Maven POM)
 *   [scala](pmd_rules_scala.html)
    *   Supported Versions: 2.10, 2.11, 2.12, 2.13 (default)
 *   [vf](pmd_rules_vf.html) (Salesforce VisualForce)
 *   [vm](pmd_rules_vm.html) (Apache Velocity)
-*   [xml and xsl](pmd_rules_xml.html)
-
+*   [xml](pmd_rules_xml.html)
+*   [xsl](pmd_rules_xsl.html)

 ## Available Report Formats

--- a/docs/pages/pmd/userdocs/cpd/cpd.md
+++ b/docs/pages/pmd/userdocs/cpd/cpd.md
@ -122,7 +122,7 @@ Novice as much as advanced readers may want to [read on on Refactoring Guru](htt
    {% include custom/cli_option_row.html options="--ignore-literal-sequences"
               description="Ignore sequences of literals (common e.g. in list initializers)"
               default="false"
-               languages="C#, C++"
+               languages="C#, C++, Lua"
    %}
    {% include custom/cli_option_row.html options="--ignore-usings"
               description="Ignore `using` directives in C# when comparing text"
--- a/docs/pages/pmd/userdocs/installation.md
+++ b/docs/pages/pmd/userdocs/installation.md
@ -15,7 +15,7 @@ sidebar: pmd_sidebar
    OpenJDK from [Azul](https://www.azul.com/downloads/zulu-community/)
    or [AdoptOpenJDK](https://adoptopenjdk.net/) 1.7 or higher.
    
-    **Note:** For analyzing Apex, JavaScript, Scala or VisualForce or running the [Designer](pmd_userdocs_extending_designer_reference.html)
+    **Note:** For analyzing Apex, HTML, JavaScript, Scala or VisualForce or running the [Designer](pmd_userdocs_extending_designer_reference.html)
    at least Java 8 is required.
    
 *   A zip archiver, e.g.:
@ -23,7 +23,7 @@ sidebar: pmd_sidebar
    * For Windows: [Winzip](http://winzip.com) or the free [7-zip](http://www.7-zip.org/)
    * For Linux / Unix: [InfoZip](http://infozip.sourceforge.net/)

-{% include note.html content="For executing the Designer (./run.sh designer) using [OpenJDK](http://jdk.java.net) or Java 11, you need additionally [OpenJFX](http://jdk.java.net). Download it, extract it and set the environment variable JAVAFX_HOME." %}
+{% include note.html content="For executing the Designer (./run.sh designer) using [OpenJDK](http://jdk.java.net) or Java 11, you need additionally [OpenJFX](https://openjfx.io/). Download it, extract it and set the environment variable JAVAFX_HOME." %}


 ### Installation
--- a/docs/pages/release_notes.md
+++ b/docs/pages/release_notes.md
@ -15,10 +15,15 @@ This is a {{ site.pmd.release_type }} release.
 ### New and noteworthy

 ### Fixed Issues
+* doc
+    * [#4144](https://github.com/pmd/pmd/pull/4144) \[doc] Update docs to reflect supported languages
+* java-documentation
+    * [#4141](https://github.com/pmd/pmd/issues/4141): \[java] UncommentedEmptyConstructor FP when constructor annotated with @<!-- -->Autowired

 ### API Changes

 ### External Contributions
+* [#4142](https://github.com/pmd/pmd/pull/4142): \[java] fix #4141 Update UncommentedEmptyConstructor - ignore @<!-- -->Autowired annotations - [Lynn](https://github.com/LynnBroe) (@LynnBroe)

 {% endtocmaker %}

--- a/docs/pages/release_notes_old.md
+++ b/docs/pages/release_notes_old.md
@ -5,6 +5,98 @@ permalink: pmd_release_notes_old.html

 Previous versions of PMD can be downloaded here: https://github.com/pmd/pmd/releases

+
+## 30-September-2022 - 6.50.0
+
+The PMD team is pleased to announce PMD 6.50.0.
+
+This is a minor release.
+
+### Table Of Contents
+
+* [New and noteworthy](#new-and-noteworthy)
+  * [Lua now supports additionally Luau](#lua-now-supports-additionally-luau)
+  * [Modified rules](#modified-rules)
+* [Fixed Issues](#fixed-issues)
+* [API Changes](#api-changes)
+  * [CPD CLI](#cpd-cli)
+* [Financial Contributions](#financial-contributions)
+* [External Contributions](#external-contributions)
+* [Stats](#stats)
+
+### New and noteworthy
+
+#### Lua now supports additionally Luau
+
+This release of PMD adds support for [Luau](https://github.com/Roblox/luau), a gradually typed language derived
+from Lua. This means, that the Lua language in PMD can now parse both Lua and Luau.
+
+#### Modified rules
+
+* The Java rule [`UnusedPrivateField`](https://pmd.github.io/pmd-6.50.0/pmd_rules_java_bestpractices.html#unusedprivatefield) now ignores private fields, if the fields are
+  annotated with any annotation or the enclosing class has any annotation. Annotations often enable a
+  framework (such as dependency injection, mocking or e.g. Lombok) which use the fields by reflection or other
+  means. This usage can't be detected by static code analysis. Previously these frameworks where explicitly allowed
+  by listing their annotations in the property "ignoredAnnotations", but that turned out to be prone of false
+  positive for any not explicitly considered framework. That's why the property "ignoredAnnotations" has been
+  deprecated for this rule.
+* The Java rule [`CommentDefaultAccessModifier`](https://pmd.github.io/pmd-6.50.0/pmd_rules_java_codestyle.html#commentdefaultaccessmodifier) now by default ignores JUnit5 annotated
+  methods. This behavior can be customized using the property `ignoredAnnotations`.
+
+### Fixed Issues
+* cli
+  * [#4118](https://github.com/pmd/pmd/issues/4118): \[cli] run.sh designer reports "integer expression expected"
+* core
+  * [#4116](https://github.com/pmd/pmd/pull/4116): \[core] Missing --file arg in TreeExport CLI example
+* doc
+  * [#4072](https://github.com/pmd/pmd/pull/4072): \[doc] Add architecture decision records
+  * [#4109](https://github.com/pmd/pmd/pull/4109): \[doc] Add page for 3rd party rulesets
+  * [#4124](https://github.com/pmd/pmd/pull/4124): \[doc] Fix typos in Java rule docs
+* java
+  * [#3431](https://github.com/pmd/pmd/issues/3431): \[java] Add sample java project to regression-tester which uses new language constructs
+* java-bestpractices
+  * [#4033](https://github.com/pmd/pmd/issues/4033): \[java] UnusedPrivateField - false positive with Lombok @ToString.Include
+  * [#4037](https://github.com/pmd/pmd/issues/4037): \[java] UnusedPrivateField - false positive with Spring @SpyBean
+* java-codestyle
+  * [#3859](https://github.com/pmd/pmd/issues/3859): \[java] CommentDefaultAccessModifier is triggered in JUnit5 test class
+  * [#4085](https://github.com/pmd/pmd/issues/4085): \[java] UnnecessaryFullyQualifiedName false positive when nested and non-nested classes with the same name and in the same package are used together
+  * [#4133](https://github.com/pmd/pmd/issues/4133): \[java] UnnecessaryFullyQualifiedName - FP for inner class pkg.ClassA.Foo implementing pkg.Foo
+* java-design
+  * [#4090](https://github.com/pmd/pmd/issues/4090): \[java] FinalFieldCouldBeStatic false positive with non-static synchronized block (regression in 6.48, worked with 6.47)
+* java-errorprone
+  * [#1718](https://github.com/pmd/pmd/issues/1718): \[java] ConstructorCallsOverridableMethod false positive when calling super method
+  * [#2348](https://github.com/pmd/pmd/issues/2348): \[java] ConstructorCallsOverridableMethod occurs when unused overloaded method is defined
+  * [#4099](https://github.com/pmd/pmd/issues/4099): \[java] ConstructorCallsOverridableMethod should consider method calls with var access
+* scala
+  * [#4138](https://github.com/pmd/pmd/pull/4138): \[scala] Upgrade scala-library to 2.12.7 / 2.13.9 and scalameta to 4.6.0
+
+### API Changes
+
+#### CPD CLI
+
+* CPD now supports the `--ignore-literal-sequences` argument when analyzing Lua code.
+
+### Financial Contributions
+
+Many thanks to our sponsors:
+
+* [Oliver Siegmar](https://github.com/osiegmar) (@osiegmar)
+
+### External Contributions
+* [#4066](https://github.com/pmd/pmd/pull/4066): \[lua] Add support for Luau syntax and skipping literal sequences in CPD - [Matt Hargett](https://github.com/matthargett) (@matthargett)
+* [#4100](https://github.com/pmd/pmd/pull/4100): \[java] Update UnusedPrivateFieldRule - ignore any annotations - [Lynn](https://github.com/LynnBroe) (@LynnBroe)
+* [#4116](https://github.com/pmd/pmd/pull/4116): \[core] Fix missing --file arg in TreeExport CLI example - [mohan-chinnappan-n](https://github.com/mohan-chinnappan-n) (@mohan-chinnappan-n)
+* [#4124](https://github.com/pmd/pmd/pull/4124): \[doc] Fix typos in Java rule docs - [Piotrek Żygieło](https://github.com/pzygielo) (@pzygielo)
+* [#4128](https://github.com/pmd/pmd/pull/4128): \[java] Fix False-positive UnnecessaryFullyQualifiedName when nested and non-nest… #4103 - [Oleg Andreych](https://github.com/OlegAndreych) (@OlegAndreych)
+* [#4130](https://github.com/pmd/pmd/pull/4130): \[ci] GitHub Workflows security hardening - [Alex](https://github.com/sashashura) (@sashashura)
+* [#4131](https://github.com/pmd/pmd/pull/4131): \[doc] TooFewBranchesForASwitchStatement - Use "if-else" instead of "if-then" - [Suvashri](https://github.com/Suvashri) (@Suvashri)
+* [#4137](https://github.com/pmd/pmd/pull/4137): \[java] Fixes 3859: Exclude junit5 test methods from the commentDefaultAccessModifierRule - [Luis Alcantar](https://github.com/lfalcantar) (@lfalcantar)
+
+### Stats
+* 100 commits
+* 26 closed tickets & PRs
+* Days since last release: 29
+
 ## 31-August-2022 - 6.49.0

 The PMD team is pleased to announce PMD 6.49.0.
--- a/pmd-apex-jorje/pom.xml
+++ b/pmd-apex-jorje/pom.xml
@ -8,7 +8,7 @@
  <parent>
    <groupId>net.sourceforge.pmd</groupId>
    <artifactId>pmd</artifactId>
-    <version>6.50.0-SNAPSHOT</version>
+    <version>6.51.0-SNAPSHOT</version>
    <relativePath>../pom.xml</relativePath>
  </parent>

--- a/pmd-apex/pom.xml
+++ b/pmd-apex/pom.xml
@ -7,7 +7,7 @@
    <parent>
        <groupId>net.sourceforge.pmd</groupId>
        <artifactId>pmd</artifactId>
-        <version>6.50.0-SNAPSHOT</version>
+        <version>6.51.0-SNAPSHOT</version>
        <relativePath>../pom.xml</relativePath>
    </parent>

--- a/Show More
+++ b/Show More