v2.0.0 (2024年03月17日)

Full Changelog

🚀 Implemented enhancements:

• Migrate to typescript #29
• Fix artifact upload, new parameter uploadSarifReport #250 (@adangel)
• Migrate to typescript #239 (@adangel)
• Upgrade to node20 #221 (@adangel)

🐛 Fixed bugs:

• Annotations are not shown in PR / commit #249

📦 Dependency updates:

• Bump @actions/artifact from 2.0.1 to 2.1.4 #263 (@dependabot[bot])
• Bump nock from 13.5.0 to 13.5.4 #262 (@dependabot[bot])
• Bump eslint from 8.56.0 to 8.57.0 #259 (@dependabot[bot])
• Bump actions/setup-node from 4.0.1 to 4.0.2 #256 (@dependabot[bot])
• Bump semver from 7.5.4 to 7.6.0 #255 (@dependabot[bot])
• Bump nock from 13.4.0 to 13.5.0 #248 (@dependabot[bot])
• Bump @actions/artifact from 2.0.0 to 2.0.1 #247 (@dependabot[bot])
• Bump actions/setup-node from 4.0.0 to 4.0.1 #245 (@dependabot[bot])
• Bump eslint from 8.55.0 to 8.56.0 #244 (@dependabot[bot])
• Bump @actions/artifact from 1.1.2 to 2.0.0 #243 (@dependabot[bot])
• Bump eslint from 8.54.0 to 8.55.0 #242 (@dependabot[bot])
• Bump nock from 13.3.8 to 13.4.0 #241 (@dependabot[bot])
• Bump eslint from 8.53.0 to 8.54.0 #240 (@dependabot[bot])
• Bump eslint from 8.52.0 to 8.53.0 #238 (@dependabot[bot])
• Bump nock from 13.3.7 to 13.3.8 #237 (@dependabot[bot])
• Bump nock from 13.3.6 to 13.3.7 #236 (@dependabot[bot])
• Bump actions/setup-node from 3.8.1 to 4.0.0 #235 (@dependabot[bot])
• Bump eslint from 8.51.0 to 8.52.0 #234 (@dependabot[bot])
• Bump nock from 13.3.4 to 13.3.6 #233 (@dependabot[bot])
• Bump @vercel/ncc from 0.38.0 to 0.38.1 #232 (@dependabot[bot])
• Bump @actions/github from 5.1.1 to 6.0.0 #231 (@dependabot[bot])
• Bump nock from 13.3.3 to 13.3.4 #230 (@dependabot[bot])
• Bump eslint from 8.50.0 to 8.51.0 #229 (@dependabot[bot])
• Bump @octokit/rest from 20.0.1 to 20.0.2 #227 (@dependabot[bot])
• Bump eslint from 8.49.0 to 8.50.0 #226 (@dependabot[bot])
• Bump jest from 29.6.4 to 29.7.0 #225 (@dependabot[bot])
• Bump @actions/core from 1.10.0 to 1.10.1 #223 (@dependabot[bot])
• Bump semver from 6.3.0 to 6.3.1 #222 (@adangel)
• Bump eslint from 8.48.0 to 8.49.0 #220 (@dependabot[bot])
• Bump @actions/artifact from 1.1.1 to 1.1.2 #219 (@dependabot[bot])
• Bump @vercel/ncc from 0.36.1 to 0.38.0 #218 (@dependabot[bot])
• Bump convert-action from 0.2.2 to 0.3.0 #217 (@dependabot[bot])
• Bump actions/checkout from 3 to 4 #216 (@dependabot[bot])
• Bump eslint from 8.47.0 to 8.48.0 #215 (@dependabot[bot])
• Bump jest from 29.6.3 to 29.6.4 #214 (@dependabot[bot])
• Bump jest from 29.6.2 to 29.6.3 #213 (@dependabot[bot])
• Bump actions/setup-node from 3.8.0 to 3.8.1 #212 (@dependabot[bot])
• Bump nock from 13.3.2 to 13.3.3 #211 (@dependabot[bot])
• Bump actions/setup-node from 3.7.0 to 3.8.0 #210 (@dependabot[bot])
• Bump eslint from 8.46.0 to 8.47.0 #209 (@dependabot[bot])
• Bump eslint from 8.44.0 to 8.46.0 #208 (@dependabot[bot])
• Bump jest from 29.6.1 to 29.6.2 #207 (@dependabot[bot])
• Bump nock from 13.3.1 to 13.3.2 #205 (@dependabot[bot])
• Bump @octokit/rest from 19.0.13 to 20.0.1 #204 (@dependabot[bot])
• Bump semver from 7.5.3 to 7.5.4 #203 (@dependabot[bot])
• Bump jest from 29.6.0 to 29.6.1 #202 (@dependabot[bot])
• Bump actions/setup-node from 3.6.0 to 3.7.0 #201 (@dependabot[bot])
• Bump jest from 29.5.0 to 29.6.0 #200 (@dependabot[bot])
• Bump eslint from 8.43.0 to 8.44.0 #199 (@dependabot[bot])
• Bump semver from 7.5.1 to 7.5.3 #198 (@dependabot[bot])
• Bump eslint from 8.42.0 to 8.43.0 #197 (@dependabot[bot])
• Bump @octokit/rest from 19.0.11 to 19.0.13 #196 (@dependabot[bot])
• Bump convert-action from 0.2.0 to 0.2.2 #194 (@dependabot[bot])
• Bump eslint from 8.41.0 to 8.42.0 #192 (@dependabot[bot])

✔️ Closed issues:

• Getting Warning in Node version only for PMD #253

🎉 Merged pull requests:

• Relativize paths if Sarif report already contains URIs #266 (@adangel)

Contributors

• @adangel
• @dependabot

v1.4.1 (2023年05月26日)

Full Changelog

🚀 Implemented enhancements:

• Support new binary dist filenames with PMD 7.0.0-rc3 #180 (@adangel)

📦 Dependency updates:

• Bump @octokit/rest from 19.0.8 to 19.0.11 #190 (@dependabot[bot])
• Bump eslint from 8.40.0 to 8.41.0 #189 (@dependabot[bot])
• Bump @octokit/rest from 19.0.7 to 19.0.8 #188 (@dependabot[bot])
• Bump semver from 7.5.0 to 7.5.1 #187 (@dependabot[bot])
• Bump eslint from 8.39.0 to 8.40.0 #186 (@dependabot[bot])
• Bump nock from 13.3.0 to 13.3.1 #185 (@dependabot[bot])
• Bump eslint from 8.38.0 to 8.39.0 #184 (@dependabot[bot])
• Bump semver from 7.4.0 to 7.5.0 #183 (@dependabot[bot])
• Bump semver from 7.3.8 to 7.4.0 #182 (@dependabot[bot])
• Bump eslint from 8.36.0 to 8.38.0 #181 (@dependabot[bot])

Contributors

• @adangel
• @dependabot

v1.4.0 (2023年03月19日)

Full Changelog

🚀 Implemented enhancements:

• Support upcoming PMD 7.0.0-rc1 release #176 (@adangel)

🐛 Fixed bugs:

• No annotations created under Windows #177
• Can't run action on GHES #173

📦 Dependency updates:

• Bump @actions/io from 1.1.2 to 1.1.3 #174 (@dependabot[bot])
• Bump eslint from 8.35.0 to 8.36.0 #172 (@dependabot[bot])
• Bump jest from 29.4.3 to 29.5.0 #171 (@dependabot[bot])
• Bump eslint from 8.34.0 to 8.35.0 #170 (@dependabot[bot])
• Bump jest from 29.4.2 to 29.4.3 #168 (@dependabot[bot])
• Bump eslint from 8.33.0 to 8.34.0 #167 (@dependabot[bot])
• Bump jest from 29.4.1 to 29.4.2 #166 (@dependabot[bot])
• Bump eslint from 8.32.0 to 8.33.0 #165 (@dependabot[bot])
• Bump jest from 29.4.0 to 29.4.1 #164 (@dependabot[bot])
• Bump @vercel/ncc from 0.36.0 to 0.36.1 #163 (@dependabot[bot])
• Bump jest from 29.3.1 to 29.4.0 #162 (@dependabot[bot])
• Bump @octokit/rest from 19.0.5 to 19.0.7 #161 (@dependabot[bot])
• Bump eslint from 8.31.0 to 8.32.0 #160 (@dependabot[bot])
• Bump nock from 13.2.9 to 13.3.0 #159 (@dependabot[bot])
• Bump actions/setup-node from 3.5.1 to 3.6.0 #158 (@dependabot[bot])
• Bump @actions/artifact from 1.1.0 to 1.1.1 #157 (@dependabot[bot])
• Bump eslint from 8.30.0 to 8.31.0 #156 (@dependabot[bot])
• Bump eslint from 8.29.0 to 8.30.0 #155 (@dependabot[bot])
• Bump @vercel/ncc from 0.34.0 to 0.36.0 #154 (@dependabot[bot])
• Bump eslint from 8.28.0 to 8.29.0 #153 (@dependabot[bot])
• Bump eslint from 8.27.0 to 8.28.0 #151 (@dependabot[bot])
• Bump jest from 29.3.0 to 29.3.1 #150 (@dependabot[bot])
• Bump eslint from 8.26.0 to 8.27.0 #149 (@dependabot[bot])
• Bump convert-action from 0.1.3 to 0.2.0 #148 (@dependabot[bot])
• Bump jest from 29.2.2 to 29.3.0 #147 (@dependabot[bot])
• Bump jest from 29.2.1 to 29.2.2 #146 (@dependabot[bot])
• Bump eslint from 8.25.0 to 8.26.0 #145 (@dependabot[bot])
• Bump jest from 29.2.0 to 29.2.1 #144 (@dependabot[bot])
• Bump jest from 29.1.2 to 29.2.0 #143 (@dependabot[bot])
• Bump @octokit/rest from 19.0.4 to 19.0.5 #142 (@dependabot[bot])
• Bump actions/setup-node from 3.5.0 to 3.5.1 #141 (@dependabot[bot])
• Bump eslint from 8.24.0 to 8.25.0 #140 (@dependabot[bot])
• Bump semver from 7.3.7 to 7.3.8 #139 (@dependabot[bot])
• Bump @actions/github from 5.1.0 to 5.1.1 #138 (@dependabot[bot])
• Bump jest from 29.1.1 to 29.1.2 #137 (@dependabot[bot])
• Bump @actions/core from 1.9.1 to 1.10.0 #136 (@dependabot[bot])
• Bump jest from 29.0.3 to 29.1.1 #135 (@dependabot[bot])
• Bump actions/setup-node from 3.4.1 to 3.5.0 #134 (@dependabot[bot])

🎉 Merged pull requests:

• Fix relative windows paths in sarif report #178 (@adangel)
• Always use api.github.com to determine latest PMD version #175 (@adangel)
• Fix typo in example workflow #152 (@chemmi)

Contributors

• @adangel
• @chemmi
• @dependabot

v1.3.0 (2022年09月25日)

Full Changelog

🚀 Implemented enhancements:

• Upgrade to use node 16 #110 (@adangel)

🐛 Fixed bugs:

• Action aborts with: Error: Cannot read property 'split' of undefined #127

📦 Dependency updates:

• Bump eslint from 8.23.0 to 8.24.0 #132 (@dependabot[bot])
• Bump @actions/github from 5.0.3 to 5.1.0 #131 (@dependabot[bot])
• Bump jest from 29.0.2 to 29.0.3 #125 (@dependabot[bot])
• Bump jest from 29.0.1 to 29.0.2 #124 (@dependabot[bot])
• Bump eslint from 8.22.0 to 8.23.0 #123 (@dependabot[bot])
• Bump jest from 28.1.3 to 29.0.1 #122 (@dependabot[bot])
• Bump @octokit/rest from 19.0.3 to 19.0.4 #120 (@dependabot[bot])
• Bump eslint from 8.21.0 to 8.22.0 #119 (@dependabot[bot])
• Bump @actions/core from 1.9.0 to 1.9.1 #118 (@dependabot[bot])
• Bump eslint from 8.20.0 to 8.21.0 #116 (@dependabot[bot])
• Bump nock from 13.2.8 to 13.2.9 #115 (@dependabot[bot])
• Bump eslint from 8.19.0 to 8.20.0 #114 (@dependabot[bot])
• Bump actions/setup-node from 3.4.0 to 3.4.1 #113 (@dependabot[bot])
• Bump jest from 28.1.2 to 28.1.3 #112 (@dependabot[bot])
• Bump actions/setup-node from 3.3.0 to 3.4.0 #111 (@dependabot[bot])
• Bump @octokit/rest from 18.12.0 to 19.0.3 #109 (@dependabot[bot])
• Bump eslint from 8.18.0 to 8.19.0 #107 (@dependabot[bot])
• Bump nock from 13.2.7 to 13.2.8 #106 (@dependabot[bot])
• Bump jest from 28.1.1 to 28.1.2 #105 (@dependabot[bot])
• Bump eslint from 8.17.0 to 8.18.0 #104 (@dependabot[bot])
• Bump nock from 13.2.6 to 13.2.7 #103 (@dependabot[bot])
• Bump @actions/core from 1.8.2 to 1.9.0 #102 (@dependabot[bot])
• Bump jest from 28.1.0 to 28.1.1 #101 (@dependabot[bot])
• Bump actions/setup-node from 3.2.0 to 3.3.0 #100 (@dependabot[bot])
• Bump eslint from 8.16.0 to 8.17.0 #99 (@dependabot[bot])
• Bump nock from 13.2.4 to 13.2.6 #98 (@dependabot[bot])
• Bump @vercel/ncc from 0.33.4 to 0.34.0 #96 (@dependabot[bot])
• Bump eslint from 8.15.0 to 8.16.0 #95 (@dependabot[bot])
• Bump @actions/artifact from 1.0.2 to 1.1.0 #94 (@dependabot[bot])
• Bump actions/setup-node from 3.1.1 to 3.2.0 #93 (@dependabot[bot])
• Bump @actions/core from 1.8.0 to 1.8.2 #92 (@dependabot[bot])
• Bump @actions/tool-cache from 2.0.0 to 2.0.1 #91 (@dependabot[bot])
• Bump @actions/github from 5.0.2 to 5.0.3 #90 (@dependabot[bot])
• Bump @actions/artifact from 1.0.1 to 1.0.2 #89 (@dependabot[bot])
• Bump @actions/github from 5.0.1 to 5.0.2 #88 (@dependabot[bot])
• Bump @actions/artifact from 1.0.0 to 1.0.1 #87 (@dependabot[bot])
• Bump @actions/tool-cache from 1.7.2 to 2.0.0 #86 (@dependabot[bot])
• Bump eslint from 8.14.0 to 8.15.0 #85 (@dependabot[bot])
• Bump jest from 28.0.3 to 28.1.0 #84 (@dependabot[bot])
• Bump @actions/core from 1.7.0 to 1.8.0 #83 (@dependabot[bot])
• Bump jest from 28.0.2 to 28.0.3 #82 (@dependabot[bot])
• Bump jest from 27.5.1 to 28.0.2 #81 (@dependabot[bot])
• Bump @actions/core from 1.6.0 to 1.7.0 #79 (@dependabot[bot])
• Bump eslint from 8.13.0 to 8.14.0 #77 (@dependabot[bot])
• Bump semver from 7.3.6 to 7.3.7 #76 (@dependabot[bot])
• Bump @vercel/ncc from 0.33.3 to 0.33.4 #75 (@dependabot[bot])
• Bump actions/setup-node from 3.0.0 to 3.1.1 #74 (@dependabot[bot])
• Bump actions/upload-artifact from 2 to 3 #73 (@dependabot[bot])
• Bump eslint from 8.12.0 to 8.13.0 #72 (@dependabot[bot])
• Bump semver from 7.3.5 to 7.3.6 #71 (@dependabot[bot])
• Bump @actions/github from 5.0.0 to 5.0.1 #69 (@dependabot[bot])
• Bump eslint from 8.11.0 to 8.12.0 #68 (@dependabot[bot])
• Bump @actions/tool-cache from 1.7.1 to 1.7.2 #67 (@dependabot[bot])
• Bump @actions/exec from 1.1.0 to 1.1.1 #66 (@dependabot[bot])
• Bump @actions/io from 1.1.1 to 1.1.2 #65 (@dependabot[bot])
• Bump eslint from 8.10.0 to 8.11.0 #64 (@dependabot[bot])
• Bump @actions/artifact from 0.6.1 to 1.0.0 #63 (@dependabot[bot])
• Bump actions/checkout from 2 to 3 #62 (@dependabot[bot])
• Bump eslint from 8.9.0 to 8.10.0 #61 (@dependabot[bot])
• Bump actions/setup-node from 2.5.1 to 3.0.0 #60 (@dependabot[bot])

✔️ Closed issues:

• PMD version 6.46.0 run check on "Unchanged files with check annotations" #97

🎉 Merged pull requests:

• Gracefully handle empty rule description #133 (@adangel)

Contributors

• @adangel
• @dependabot

v1.2.1 (2022年02月19日)

Full Changelog

🐛 Fixed bugs:

• Code scanning doesn't contain all violations from PMD #53
• Sourcepath is not applied correctly with analyzeModifiedFilesOnly #52
• No annotations created under Windows #51

📦 Dependency updates:

• Bump @vercel/ncc from 0.33.1 to 0.33.3 #56 (@dependabot[bot])
• Bump eslint from 8.8.0 to 8.9.0 #55 (@dependabot[bot])

🎉 Merged pull requests:

• Fixes #51 Convert Windows paths #59 (@adangel)
• Fixes #52 sourcePath without trailing slash #58 (@adangel)
• Fix Sarif report for multiple results #57 (@adangel)

Contributors

• @adangel
• @dependabot

v1.2.0 (2022年02月10日)

Full Changelog

Implemented enhancements:

• Create a starter workflow #1
• Add an option to disable GitHub annotations (createGitHubAnnotations) #45 (@smetanink)

Fixed bugs:

• Code scanning alert doesn't find file in repository #34

Dependency updates:

• Bump jest from 27.4.7 to 27.5.1 #50 (@dependabot[bot])
• Bump nock from 13.2.2 to 13.2.4 #48 (@dependabot[bot])
• Bump eslint from 8.7.0 to 8.8.0 #46 (@dependabot[bot])
• Bump eslint from 8.5.0 to 8.7.0 #44 (@dependabot[bot])
• Bump nock from 13.2.1 to 13.2.2 #43 (@dependabot[bot])
• Bump jest from 27.4.5 to 27.4.7 #42 (@dependabot[bot])
• Bump actions/setup-node from 2.5.0 to 2.5.1 #39 (@dependabot[bot])
• Bump @vercel/ncc from 0.33.0 to 0.33.1 #38 (@dependabot[bot])
• Bump eslint from 8.4.1 to 8.5.0 #33 (@dependabot[bot])

Closed issues:

• Code scanning doesn't work well with analyzeModifiedFilesOnly #35

Merged pull requests:

• Update documentation for code scanning alerts #37 (@adangel)
• Relativize paths in SARIF report #36 (@adangel)

Contributors

• @adangel
• @dependabot
• @smetanink

v1.1.0 (2021年12月17日)

Full Changelog

Implemented enhancements:

• Create inline annotations for found violations #7
• Support analyzing only modified files #6

Fixed bugs:

• Action doesn't work under Windows runner #21

Merged pull requests:

• Bump @actions/artifact from 0.6.0 to 0.6.1 #27 (dependabot[bot])
• Bump jest from 27.4.3 to 27.4.5 #26 (dependabot[bot])
• Determine modified files for pull requests and pushes #24 (adangel)
• Add "Check changelog" job #23 (adangel)
• Call pmd.bat under win32 #22 (adangel)
• Bump @actions/artifact from 0.5.2 to 0.6.0 #20 (dependabot[bot])
• Bump eslint from 8.3.0 to 8.4.1 #19 (dependabot[bot])
• Avoid using deprecated CLI options for PMD >= 6.41.0 #17 (adangel)
• Add optional token parameter #16 (adangel)
• Bump @vercel/ncc from 0.32.0 to 0.33.0 #15 (dependabot[bot])
• Bump jest from 27.4.2 to 27.4.3 #13 (dependabot[bot])
• Create annotations from sarif report #12 (adangel)
• Bump jest from 27.4.0 to 27.4.2 #10 (dependabot[bot])
• Bump jest from 27.3.1 to 27.4.0 #9 (dependabot[bot])
• Bump actions/setup-node from 2.4.1 to 2.5.0 #8 (dependabot[bot])

First release of the official GitHub Action for PMD.

This action runs PMD static code analysis checks.

It can execute PMD with your own ruleset against your project. It creates a SARIF report which is uploaded as a build artifact. Furthermore the build can be failed based on the number of violations.