codacy / codacy-pmd Goto Github PK

I'm using a project with JUnit 5 and I'd like to follow the default JUnit 5 recommendation of using package private tests. See here: https://junit.org/junit5/docs/current/user-guide/#writing-tests-classes-and-methods, specifically the note:

Neither test classes nor test methods need to be public

The default PMD configuration for Codacy complains if I use package private test methods. It shows:

Can default Codacy PMD configuration be adjusted to properly allow package private JUnit 5 tests? I really don't want to go to a custom XML ruleset just for a small tweak. In the meanwhile I'm just making the tests public but then other tooling that does follow the JUnit 5 recommendation needs tweaking. Thanks!

The PMD maintainers asked how to make sure that Codacy is able to timely update their PMD version when 6.0 is out here: pmd/pmd#709

Is there anything I can tell them? How fast can you do it and do you see any obstacles with integrating 6.0 into your existing plugin? Feel free directly jump into the above mentioned issue.

Hello,

Could you please clarify how PMD customisation works under the hood. If I provide ruleset.xml will Codacy take own "default" ruleset and apply my file on top of it or will it just take my file? Other words, if I customise one existing rule in my ruleset - this rule is the only thing that going to be checked or default behaviour of all other rules will also be executed?
If Codacy will take only my ruleset.xml - how I can practically customise any rule? I mean I am quite happy with default set, but looks like single rule customisation will "disable" everything else.

Thanks,
Aleksandr

Codacy is currently using version 6.48.0. The PMD project had a bug through version 6.50.0 with JavaScript numerical literals that has been fixed in 6.51.0.

References:
PMD 6.51.0 release notes
Bug issue

I would like to move to a ruleset.xml in my repo. Ideally I would start with the same ruleset used by Codacy by default. I cannot find where this is defined.

I am not quite sure I've understood the technical details entirely ...

Does codacy-pmdjava understand any rule the underlying pmd version supports or is there a need for an explicit "mapping" within this project here in order to support the rules the underlying pmd supports? (The code indicates this if I am not mistaken.)

I am asking because pmd was upgraded from 5.3.6 to 5.4.1 in April. I am missing rulesets/java/comments.xml/CommentDefaultAccessModifier introduced with 5.4.0 which can act as a "saner" replacement for rulesets/java/controversial.xml/DefaultPackage.

PMD DocGenerator uses the message as pattern title for the documentation.
Sometimes this choice is far from ideal: "The method {0}() has an NCSS line count of {1}".

We want, instead, use the pattern title converting from CamelCase to a sentence:
ExcessiveMethodLength should become: Excessive method length

It should manage constants names with all upper case letters:
TO_TIMESTAMPWithoutDateFormat should become: TO_TIMESTAMP without date format

When there are errors in the custom ruleset.xml the engine silently fails without giving any notice. In Code Climate there is a status for each commit with a very detail error output showing why an engine failed.

As I expect users of this engine to play around a lot with their ruleset.xml this is a crucial feature.

PMD has recently released their new major version, 7.0.0. It brings lots of fixes and improvements, including Java 21/22 support. Because it involves significant internal rewrites, there may be even more issues that were incidentally fixed. However, updating will likely be non-trivial.

Just discovered https://help.github.com/articles/about-status-checks/#checks.

Are there any plans to use that for Codacy. It would be really nice if Codacy results would be shown directly inside the GitHub UI.

We recently added PMD support for the markup language Visualforce
https://github.com/pmd/pmd/tree/master/pmd-visualforce

It would be great if Codacy would support it as well.

Couldn't we use an engine specific parameter as we did for Code Climate. They use a complicated Remediation Point system. Why not have a "time to fix in minutes" which also can be null which means "depends".

If we have a .codacy.yml like this:

---
engines:
 pmd:
  exclude_paths:
   - '**.sql'

PMD will not exclude SQL files.

Acceptance criteria:

• It's possible to exclude paths for PMD

I just create a test project code(only some md files and one tf file) and run scan with below command
java -jar /codacy-analysis-cli-assembly-7.6.6.jar analyze --project-token 2cf7xxxxxx --directory $CI_PROJECT_DIR --allow-network --verbose --output output.txt --skip-uncommitted-files-check --fail-if-incomplete

but got

08/25 14:06:38 INFO  CodacyPlugins:26 - Running docker image codacy/codacy-remark-lint:2.5.100. took 1157ms
08/25 14:06:38 ERROR c.c.a.c.a.CodacyPluginsAnalyser:31 - Failed analysis for remark-lint
java.lang.Throwable:
Docker exited with code 1
stdout:
stderr: node:internal/fs/utils:344
    throw err;
    ^

Error: EISDIR: illegal operation on a directory, read
    at Object.readSync (node:fs:723:3)
    at tryReadSync (node:fs:433:20)
    at Object.readFileSync (node:fs:479:19)
    at Object.readFileSync [as default] (/app/build/main/lib/util/file.js:8:57)
    at parseCodacyConfiguration (/app/build/main/lib/codacy-configuration.js:23:46)
    at configFromCodacy (/app/build/main/lib/codacy-configuration.js:10:26)
    at Object.run [as default] (/app/build/main/lib/remark-runner.js:37:11)
    at Object.<anonymous> (/app/build/main/index.js:26:24)
    at Module._compile (node:internal/modules/cjs/loader:1101:14)
    at Object.Module._extensions..js (node:internal/modules/cjs/loader:1153:10) {
  errno: -21,
  syscall: 'read',
  code: 'EISDIR'
}

	at com.codacy.plugins.runners.BinaryDockerRunner.$anonfun$run$4(BinaryDockerRunner.scala:84)
	at scala.util.Success.flatMap(Try.scala:251)

and

08/25 14:06:47 INFO  CodacyPlugins:26 - Running docker image codacy/codacy-metrics-cloc:0.4.3. took 1518ms
08/25 14:06:47 ERROR c.c.a.c.a.CodacyPluginsAnalyser:52 - Failed metrics for metrics
java.lang.Throwable:
Docker exited with code 1
stdout:
stderr: java.io.IOException: Is a directory
	at java.base/sun.nio.ch.FileDispatcherImpl.read0(Native Method)
	at java.base/sun.nio.ch.FileDispatcherImpl.read(FileDispatcherImpl.java:48)
	at java.base/sun.nio.ch.IOUtil.readIntoNativeBuffer(IOUtil.java:276)
	at java.base/sun.nio.ch.IOUtil.read(IOUtil.java:245)
	at java.base/sun.nio.ch.FileChannelImpl.read(FileChannelImpl.java:223)
	at java.base/sun.nio.ch.ChannelInputStream.read(ChannelInputStream.java:65)
	at java.base/sun.nio.ch.ChannelInputStream.read(ChannelInputStream.java:107)
	at java.base/sun.nio.ch.ChannelInputStream.read(ChannelInputStream.java:101)

output

# cat output.txt
Starting analysis ...
Found [Warning] `Ensure no hard coded AWS access key and secret key exists in provider` in secret.tf:1 (Checkov_CKV_AWS_41)
Found [Warning] `AWS Access Key` in secret.tf:3 (Checkov_CKV_SECRET_2)
Found [Warning] `Base64 High Entropy String` in secret.tf:4 (Checkov_CKV_SECRET_6)
Found [Info] `Expected: 1; Actual: 0; Below` in README.md:70 (markdownlint_MD022)
Found [Info] `Expected: 1; Actual: 0; Below` in README.md:92 (markdownlint_MD022)
Found [Info] `Expected: 80; Actual: 234` in README.md:65 (markdownlint_MD013)
Found [Info] `Expected: 80; Actual: 303` in README.md:85 (markdownlint_MD013)
Found [Info] `Expected: 80; Actual: 196` in README.md:17 (markdownlint_MD013)
Found [Info] `Expected: 1; Actual: 0; Below` in README.md:76 (markdownlint_MD022)
Found [Info] `Expected: 80; Actual: 89` in README.md:83 (markdownlint_MD013)
Found [Info] `Expected: 80; Actual: 235` in README.md:68 (markdownlint_MD013)
Found [Info] `Expected: 1; Actual: 0; Below` in README.md:67 (markdownlint_MD022)
Found [Info] `Expected: 0 or 2; Actual: 1` in README.md:2 (markdownlint_MD009)
Found [Info] `Expected: 80; Actual: 387` in README.md:56 (markdownlint_MD013)
Found [Info] `Expected: 80; Actual: 125` in README.md:77 (markdownlint_MD013)
Found [Info] `Expected: 80; Actual: 193` in README.md:18 (markdownlint_MD013)
Found [Info] `Expected: 1; Actual: 3` in README.md:8 (markdownlint_MD012)
Found [Info] `Multiple top-level headings in the same document` in README.md:51 (markdownlint_MD025)
Found [Info] `Expected: 1; Actual: 0; Below` in README.md:1 (markdownlint_MD022)
Found [Info] `Expected: 1; Actual: 0; Below` in README.md:64 (markdownlint_MD022)
Found [Info] `Expected: 1; Actual: 2` in README.md:7 (markdownlint_MD012)
Found [Info] `Expected: 1; Actual: 0; Below` in README.md:73 (markdownlint_MD022)
Found [Info] `Expected: 1; Actual: 0; Below` in README.md:61 (markdownlint_MD022)
Found [Info] `Expected: 1; Actual: 0; Below` in README.md:79 (markdownlint_MD022)
Found [Info] `Expected: 80; Actual: 262` in README.md:53 (markdownlint_MD013)
Found [Info] `Expected: 80; Actual: 91` in README.md:80 (markdownlint_MD013)
Found [Info] `Expected: 80; Actual: 139` in README.md:13 (markdownlint_MD013)
Found [Info] `Expected: 1; Actual: 0; Below` in README.md:58 (markdownlint_MD022)
Found [Info] `Expected: 1; Actual: 0; Below` in README.md:55 (markdownlint_MD022)
Found [Info] `Expected: 80; Actual: 92` in README.md:11 (markdownlint_MD013)
Found [Info] `Expected: 80; Actual: 332` in README.md:87 (markdownlint_MD013)
Found [Info] `Expected: 80; Actual: 304` in README.md:62 (markdownlint_MD013)
Found [Info] `Fenced code blocks should have a language specified` in README.md:20 (markdownlint_MD040)
Found [Info] `Expected: 80; Actual: 259` in README.md:74 (markdownlint_MD013)
Found [Info] `Expected: 80; Actual: 158` in README.md:44 (markdownlint_MD013)
Found [Info] `Expected: 80; Actual: 535` in README.md:71 (markdownlint_MD013)
Found [Info] `Expected: 1; Actual: 0; Below` in README.md:89 (markdownlint_MD022)
Found [Info] `Expected: 80; Actual: 336` in README.md:96 (markdownlint_MD013)
Found [Info] `Expected: 1; Actual: 0; Below` in README.md:82 (markdownlint_MD022)
Found [Info] `Expected: 1; Actual: 0; Below` in README.md:95 (markdownlint_MD022)
Found [Metrics] in README.md:
  LOC - 63
Found [Metrics] in .gitlab-ci.yml:
  LOC - 59
Found [Metrics] in secret.tf:
  LOC - 4
Analysis complete

I contributed a PMD language module for the Salesforce.com Apex language and created a PMD wrapper for CodeClimate https://github.com/Up2Go/codeclimate-apexmetrics.

I would love to have Apex support in Codacy and this this could be easily done as you already have a PMD version.

I'd be more than happy to help.

Hi, it seems like there could be a significant speed improvement if you mounted a cache directory onto the container and used PMD's Incremental Anaylsis mode. Is this something that's been considered?

As discussed with @rtfpessoa:

CSS and JS files in Salesforce all end with the same extension. There is a convention to name them *_css.resource or _js.resource

Allowing wildcards would do the trick

Hello!

We use Codacy CI to check PRs in Checkstyle repo with the following configuration. PMD's check (UnusedPrivateMethod) which is used in Codacy reports that method verifyWarnd is unused, however, it is used multiple times in the class IndentationCheckTest where it is declared. We also use maven pmd plugin and the rule UnusedPrivateMethod from PMD and it does not report any violations for 'verifyWarnd' method. So, I think it is Codacy's issue. Now we have to exclude the method from the validation as you can see from the configuration.

Please, contact me if you need more details.