dependabot[bot] opened a new pull request, #2174: URL: https://github.com/apache/cxf/pull/2174
Bumps [net.sourceforge.pmd:pmd-core](https://github.com/pmd/pmd) from 6.55.0 to 7.8.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pmd/pmd/releases";>net.sourceforge.pmd:pmd-core's releases</a>.</em></p> <blockquote> <h2>PMD 7.8.0 (29-November-2024)</h2> <h2>29-November-2024 - 7.8.0</h2> <p>The PMD team is pleased to announce PMD 7.8.0.</p> <p>This is a minor release.</p> <h3>Table Of Contents</h3> <ul> <li><a href="https://github.com/pmd/pmd/blob/HEAD/#new-and-noteworthy";>🚀 New and noteworthy</a></li> <li><a href="https://github.com/pmd/pmd/blob/HEAD/#new-and-changed-rules";>🌟 New and changed rules</a> <ul> <li><a href="https://github.com/pmd/pmd/blob/HEAD/#new-rules";>New Rules</a></li> </ul> </li> <li><a href="https://github.com/pmd/pmd/blob/HEAD/#fixed-issues";>🐛 Fixed Issues</a></li> <li><a href="https://github.com/pmd/pmd/blob/HEAD/#api-changes";>🚨 API Changes</a> <ul> <li><a href="https://github.com/pmd/pmd/blob/HEAD/#deprecations";>Deprecations</a></li> </ul> </li> <li><a href="https://github.com/pmd/pmd/blob/HEAD/#merged-pull-requests";>✨ Merged pull requests</a></li> <li><a href="https://github.com/pmd/pmd/blob/HEAD/#dependency-updates";>📦 Dependency updates</a></li> <li><a href="https://github.com/pmd/pmd/blob/HEAD/#stats";>📈 Stats</a></li> </ul> <h3>🚀 New and noteworthy</h3> <h3>🌟 New and changed rules</h3> <h4>New Rules</h4> <ul> <li>The new Apex rule <a href="https://docs.pmd-code.org/pmd-doc-7.8.0/pmd_rules_apex_bestpractices.html#queueablewithoutfinalizer";><code>QueueableWithoutFinalizer</code></a> detects when the Queueable interface is used but a Finalizer is not attached. Without attaching a Finalizer, there is no way of designing error recovery actions should the Queueable action fail.</li> </ul> <h3>🐛 Fixed Issues</h3> <ul> <li>ant <ul> <li><a href="https://redirect.github.com/pmd/pmd/issues/1860";>#1860</a>: [ant] Reflective access warnings on java > 9 and java < 17</li> </ul> </li> <li>apex <ul> <li><a href="https://redirect.github.com/pmd/pmd/issues/5302";>#5302</a>: [apex] New Rule: Queueable Should Attach Finalizer</li> <li><a href="https://redirect.github.com/pmd/pmd/issues/5333";>#5333</a>: [apex] Token recognition errors for string containing unicode escape sequence</li> </ul> </li> <li>html <ul> <li><a href="https://redirect.github.com/pmd/pmd/issues/5322";>#5322</a>: [html] CPD throws exception on when HTML file is missing closing tag</li> </ul> </li> <li>java <ul> <li><a href="https://redirect.github.com/pmd/pmd/issues/5283";>#5283</a>: [java] AssertionError "this should be unreachable" with scala library</li> <li><a href="https://redirect.github.com/pmd/pmd/issues/5293";>#5293</a>: [java] Deadlock when executing PMD in multiple threads</li> <li><a href="https://redirect.github.com/pmd/pmd/issues/5324";>#5324</a>: [java] Issue with type inference of nested lambdas</li> <li><a href="https://redirect.github.com/pmd/pmd/issues/5329";>#5329</a>: [java] Type inference issue with unknown method ref in call chain</li> <li><a href="https://redirect.github.com/pmd/pmd/issues/5338";>#5338</a>: [java] Unresolved target type for lambdas make overload resolution fail</li> </ul> </li> <li>java-bestpractices <ul> <li><a href="https://redirect.github.com/pmd/pmd/issues/4113";>#4113</a>: [java] JUnitTestsShouldIncludeAssert - false positive with SoftAssertionsExtension</li> <li><a href="https://redirect.github.com/pmd/pmd/issues/5083";>#5083</a>: [java] UnusedPrivateMethod false positive when method reference has no target type</li> <li><a href="https://redirect.github.com/pmd/pmd/issues/5097";>#5097</a>: [java] UnusedPrivateMethod FP with raw type missing from the classpath</li> <li><a href="https://redirect.github.com/pmd/pmd/issues/5318";>#5318</a>: [java] PreserveStackTraceRule: false-positive on Pattern Matching with instanceof</li> </ul> </li> <li>java-codestyle <ul> <li><a href="https://redirect.github.com/pmd/pmd/issues/5214";>#5214</a>: [java] Wrong message for LambdaCanBeMethodReference with method of enclosing class</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pmd/pmd/commit/f80ec21752b094bdccb041cc545e21a369e00ac6";><code>f80ec21</code></a> [release] prepare release pmd_releases/7.8.0</li> <li><a href="https://github.com/pmd/pmd/commit/5c6a0d947180c3dcf30c04871257bf3540e119ff";><code>5c6a0d9</code></a> Prepare pmd release 7.8.0</li> <li><a href="https://github.com/pmd/pmd/commit/e50e420ade176b9b13cd630090116a74d4922269";><code>e50e420</code></a> [java] Fix <a href="https://redirect.github.com/pmd/pmd/issues/5070";>#5070</a> - confusing argument to varargs method FP when types are unk...</li> <li><a href="https://github.com/pmd/pmd/commit/8fcfb834df8d0f734075dc4e65646703529aecea";><code>8fcfb83</code></a> [doc] Update release notes (<a href="https://redirect.github.com/pmd/pmd/issues/5070";>#5070</a>, <a href="https://redirect.github.com/pmd/pmd/issues/5374";>#5374</a>)</li> <li><a href="https://github.com/pmd/pmd/commit/df2d20e78e7b6ed7b7e2758f423cdb283bea285a";><code>df2d20e</code></a> [java] Fix <a href="https://redirect.github.com/pmd/pmd/issues/4763";>#4763</a> - wrong message for SimplifyBooleanReturns (<a href="https://redirect.github.com/pmd/pmd/issues/5373";>#5373</a>)</li> <li><a href="https://github.com/pmd/pmd/commit/ea32fbb6b4a7ce7514e30b2034b1b9436102c883";><code>ea32fbb</code></a> [doc] Update release notes (<a href="https://redirect.github.com/pmd/pmd/issues/4763";>#4763</a>, <a href="https://redirect.github.com/pmd/pmd/issues/5373";>#5373</a>)</li> <li><a href="https://github.com/pmd/pmd/commit/3e34b11107f073ea95771a911d786355168bf40b";><code>3e34b11</code></a> Add rule test cases for issues fixed with PMD 7.0.0 (<a href="https://redirect.github.com/pmd/pmd/issues/5300";>#5300</a>)</li> <li><a href="https://github.com/pmd/pmd/commit/593b242648fee94491350cfc0e3d6d177bdc259b";><code>593b242</code></a> [doc] Update release notes (<a href="https://redirect.github.com/pmd/pmd/issues/5300";>#5300</a>)</li> <li><a href="https://github.com/pmd/pmd/commit/f7920e78e97e786c401a77cdc70b5f7822e71291";><code>f7920e7</code></a> Make behavior of isUnresolved in TypeOps more consistent</li> <li><a href="https://github.com/pmd/pmd/commit/c7014fc455cebbea3e8243f29347ce028d9b9cd2";><code>c7014fc</code></a> Add new test case for (<em>unknown</em>)[]</li> <li>Additional commits viewable in <a href="https://github.com/pmd/pmd/compare/pmd_releases/6.55.0...pmd_releases/7.8.0";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cxf.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
