chore(deps): update binary tool pins

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Update	Change
PHP-CS-Fixer/PHP-CS-Fixer	patch	3.95.2 → 3.95.4
checkstyle/checkstyle	minor	13.4.2 → 13.5.0
danmar/cppcheck	minor	2.20.0 → 2.21.0
oxc-project/oxc	minor	1.67.0 → 1.68.0
phpstan/phpstan	minor	2.1.56 → 2.2.1
pmd/pmd	minor	7.24.0 → 7.25.0
yannh/kubeconform	minor	0.7.0 → 0.8.0

---

Release Notes

PHP-CS-Fixer/PHP-CS-Fixer (PHP-CS-Fixer/PHP-CS-Fixer)

v3.95.4

Compare Source

• chore: improve ArrayIndentationFixer (#​9643)
• chore: improve ClassDefinitionFixer (#​9645)
• chore: improve ControlCaseStructuresAnalyzer (#​9644)
• chore: improve NoAliasFunctionsFixer (#​9647)
• chore: improve NoSuperfluousPhpdocTagsFixer (#​9646)
• chore: improve PhpUnitTestCaseStaticMethodCallsFixer (#​9649)
• chore: improve Token (#​9650)
• chore: improve WorkerException (#​9648)
• chore: minor updates around PHPStan (#​9651)
• deps: bump crate-ci/typos from 1.46.2 to 1.47.0 in /.github/workflows in the all group across 1 directory (#​9639)
• deps: bump PHPStan to 2.2.1 (#​9635)
• deps: minor upgrades of dev-tools (#​9653)
• fix: Address credential exposure concern related to using ergebnis/agent-detector for detecting the presence of an AI agent (#​9656)
• test: improve data providers return types (#​9642)

v3.95.3

Compare Source

• fix: MultilinePromotedPropertiesFixer - fix for new in initializers (#​9619)
• fix: PhpdocLineSpanFixer - run after NoSuperfluousPhpdocTagsFixer (#​9615)
• CI: add generic phpstan/phpstan-deprecation-rules, so usage of old deprecated constants is detected (#​9636)
• CI: replace PHP 8.6snapshot with nightly in matrix (#​9628)
• deps: bump crate-ci/typos from 1.46.0 to 1.46.1 in /.github/workflows in the all group across 1 directory (#​9624)
• deps: bump crate-ci/typos from 1.46.1 to 1.46.2 in /.github/workflows in the all group across 1 directory (#​9631)
• deps: bump ergebnis/composer-normalize from 2.51.0 to 2.52.0 in /dev-tools (#​9627)
• deps: bump the phpstan group in /dev-tools with 2 updates (#​9626)
• deps: upgrade misc deps (#​9621)
• refactor: AttributeBlockNoSpacesFixer - no need for loop when we already know bracket indices (#​9446)

checkstyle/checkstyle (checkstyle/checkstyle)

v13.5.0

Compare Source

Checkstyle 13.5.0 - https://checkstyle.org/releasenotes.html#Release_13.5.0

New:

#​19496 - AvoidStarImport: new property maxAllowedStarImports to allow atmost one star import in a file.
#​14782 - LITERAL_DEFAULT token support in RightCurlyCheck.
#​15484 - New Check UnusedTryResourceShouldBeUnnamed.

Bug fixes:

#​17697 - Google style: Disallow comments enclosed in boxes.
#​19641 - Add checks for OpenJDK Style §3.10 - Variable Declarations.
#​19640 - Add checks for OpenJDK Style §4.1 - Package Names.
#​18227 - Extend TextBlockGoogleStyleFormatting to check indentation of each line in the blocks.
#​19770 - JavadocTypeCheck incorrectly matches record component @param tags using prefix instead of exact match.
#​17052 - Add support for flexible constructor bodies (JEP 513) targeted for JDK25.
#​17464 - RequireThis false positive inside annotation definition.
#​19623 - Add checks for OpenJDK Style §3.3 - Import statements.
#​17203 - PatternVariableAssignment check false negative when pattern variable extends beyond the statement of introduction.
#​19716 - False Negative: SimplifyBooleanExpression does not report with paranthesized boolean literals in ternary operators.
#​19617 - Add checks for OpenJDK Style §2 - Java Source Files.
#​17253 - Google-style: Illegal to break the line before or after the lambda arrow.
#​19149 - update MissingJavadocTypeCheck to use AST of javadoc.
#​2629 - IndentationCheck: incorrect validation for class definition.
#​5685 - Indentation: false positive for try child on the same line.
#​11822 - RequireThisCheck giving multiple violation for classes nested in lambdas.
#​19622 - Add checks for OpenJDK Style §3.2 - Package declaration.

Other Changes:

Confused supression of Indentation in google_checks.
Remove chapter numbers from Doc Comments Coverage Page.
Fix xdocs Examples AST Consistency Test (Reduce suppressions list).
Move violation comments out of Javadoc for all input files.
`Regexp` check for unnecessary `// ok` comments is configured under `TreeWalker`.
google_style.xml: support multiple config links per rule entry in XdocsPagesTest.
missing description of blue-tick checks at google style coverage page.
False Negative: FinalLocalVariableCheck does not report for variables assigned in adjacent catches.
Cached page of Documentation style guide should be open in mobile browser in easy to read rendering.
Documentation Comments Style Guide - Images in HTML Destination.
Documentation Comments Style Guide - `@`author.
AbbreviationAsWordInName doc should have horizontal line after above example description.
Remove Chapter number from openjdk_checks.xml file.
resolve Qodana inspections in Javadoc and test utilities.
NoClassDefFound Exception during compilation on jdk25.
review suppresions of org.openrewrite.staticanalysis.CodeCleanup.
Website warnings in maven output: Anchor name used more than once.
Add Oracle Doc Comments Style Guide coverage infrastructure.
Improve design of PropertiesMacros.
inner lambdas right curly idented too much on left to much same ident as wrapper statement.
Move violation comments above of annotated methods.
Violate all inlined violations that are placed in between method singature and annoation or javadoc.
Resolve CheckerFramework violations.
Trigger linkcheck by Github comment.
Organize openrewrite staticanalysis composite recipes by groups as it is done on openrewrite website.
Test extension: Variables `&` Patterns Syntax: Indentation.
Error in bash method does not stop execution of whole command.
Parsing problem detected by CI at jdk25/test/jdk/jdk/jfr/event/tracing/TestConstructors.java.
Remove UnmodifiableCollectionUtil and use pitest funmodifiablecollection feature.

danmar/cppcheck (danmar/cppcheck)

v2.21.0: Cppcheck-2.21.0

Compare Source

Release Notes for Cppcheck 2.21

Major bug fixes & crashes:

• Fixed potential crash with incomplete preprocessor directive
• Fixed hang in createAst
• Fixed invalid AST for braced initialization and references/pointers
• Fixed cppcheckError with array typedef
• Fixed recheck which now correctly excludes non selected files
• Fixed potential crash when rechecking files in gui

New checks:

• MISRA C 2012 rule 10.3 now warns on assigning integer literals 0 and 1 to bool in C99 and later while preserving the existing C89 behavior.
• funcArgNamesDifferentUnnamed warns on function declarations/definitions where a parameter in either location is unnamed
• uninitMemberVarNoCtor warns on user-defined types where (1) some but not all members requiring initialization have in-class initializers or (2) there is a mixture of members which do/do not require initialization.
• fcloseInLoopCondition warns when fclose() is used as a while loop condition, which may skip the loop body or double-close the file handle.

C/C++ support:

• import project: include path in compile_commands.json now handled correctly

GUI:

• Removed handling of Cppcheck Premium LOC license

Other:

• Make it possible to specify the regular expression engine using the engine element in a rule XML.
• Added CLI option --exitcode-suppress to specify an error ID which should not result in a non-zero exitcode.
• Moved source code from https://github.com/danmar/cppcheck to https://github.com/cppcheck-opensource/cppcheck
• The official Windows binary is now built with Visual Studio 2026.
• Updated simplecpp to 1.7.0.

oxc-project/oxc (oxc-project/oxc)

v1.68.0: oxlint v1.68.0 & oxfmt v0.53.0

Compare Source

Table of Contents

• Oxlint v1.68.0
• Oxfmt v0.53.0

Oxlint v1.68.0

🚀 Features

• 81b86eb parser: Report TS1095 for setter with return type (#​22889) (camc314)
• 3f05c5e linter: Expose override::exclude_files option (#​22884) (camc314)
• e4b1f46 linter/typescript: Implement method-signature-style rule (#​22679) (Mikhail Baev)
• bc462ca linter/vue: Implement no-reserved-component-names rule (#​22741) (bab)
• ef9e751 linter/vue: Implement component-definition-name-casing rule (#​22818) (bab)
• d67f51a linter/vue: Implement require-prop-type-constructor rule (#​22708) (bab)
• 1444f82 linter/promise/spec-only: Add Promise.try to Promise static methods (#​22812) (Ben Saufley)
• 8422e8b linter/jsdoc: Implement require-yields-description rule (#​22805) (Mikhail Baev)
• fe93f97 linter/eslint: Implement prefer-named-capture-group rule (#​22759) (Sebastian Poxhofer)
• 1a7798b linter: Add suggestion for unicorn/no-new-array (#​22682) (Sysix)

🐛 Bug Fixes

• 4957c71 linter/arrow-body-style: False positive with non-zero directive count (#​22888) (camc314)
• 760a9f9 linter: Report errors when writing to the filesystem (#​22881) (camc314)
• e5a2748 linter: Avoid no-unreachable false positive after conditional loop (#​22869) (camc314)
• 39d92d6 linter/arrow-body-style: Preserve comments within function (#​22854) (Sysix)
• 3d13e29 parser: Reject declare in an already-ambient context (TS1038) (#​22850) (Boshen)
• 5152854 parser: Reject statements in ambient contexts (TS1036) (#​22849) (Boshen)
• 2eafea6 parser: Reject function implementations in ambient contexts (TS1183) (#​22845) (Boshen)
• c645615 parser: Reject incompatible class member modifiers (#​22843) (Boshen)
• 4a1ca4a linter/export: Detect duplicate explicit exports (#​22798) (camc314)
• 0a9a735 linter/no-loop-func: Allow safe let closures (#​22811) (camc314)
• 1599f11 linter: Align lsp extends default plugins (#​22788) (camc314)
• db32ec9 linter/no-accumulating-spread: Use loop as primary span (#​22800) (camc314)
• 33ec6b4 linter/consistent-test-it: Avoid adjacent describe leakage (#​22796) (camc314)
• 2606069 linter/no-array-sort: Unwrap parenthesized sort args (#​22794) (camc314)
• 9f2f709 linter/no-array-sort: Skip non compare fn sort arguments (#​22752) (Gaurav Dubey)
• 27268a0 linter/no-else-return: Preserve statement boundary in fixer (#​22687) (camc314)
• d9cb6d8 linter/no-empty-function: Allow functions callbacks with allow: functions (#​22764) (camc314)
• a40a314 linter/no-shadow-restricted-names: Ignore enum members (#​22762) (camc314)
• 82366d9 linter/no-cond-assign: Align ternary handling (#​22761) (camc314)

📚 Documentation

• 5e113ba linter: Add license notices for ported ESLint plugins (#​22768) (Boshen)

Oxfmt v0.53.0

🚀 Features

• d75cbbf oxfmt: Format parser:json files by oxc_formatter_json (#​22709) (leaysgur)
• 49db054 formatter_json: Implement oxc_formatter_json (json variant only) (#​22641) (leaysgur)
• 9c71f2e ast, codegen, formatter: Add WithClauseKeyword::as_str helper and use it (#​22791) (camc314)

🐛 Bug Fixes

• d3cdd62 oxfmt: Skip formatting for whitespace-only file (#​22780) (leaysgur)
• 23f0cc8 formatter: Don't move comments inside variable declaration in for in loop (#​22776) (leaysgur)
• f200c40 formatter: Don't move comments inside variable declaration in for of loop (#​22773) (Leonabcd123)

📚 Documentation

• 845f393 oxfmt,formatter,formatter_json,formatter_core: Add/update AGENTS.md (#​22873) (leaysgur)

phpstan/phpstan (phpstan/phpstan)

v2.2.1

Compare Source

Improvements 🔧

• Do not require specifying unsealed extra value type after ... on level 6+ (phpstan/phpstan-src@6ae7aa2)

Bugfixes 🐛

• Do not unpack unsealed array when expanding arguments in FunctionCallParametersCheck (phpstan/phpstan-src@7da57c9), #​14715
• Fix constants allowed in parameters for multi-variant functions (phpstan/phpstan-src@4a57953), #​14719

Function signature fixes 🤖

• Allow FILTER_VALIDATE_BOOL as a valid constant for filter_var and filter_input (#​5778), thanks @​aprat84!
• Add RoundingMode enum cases as valid constants of round() (phpstan/phpstan-src@53fe519), #​14716
• Fix Collator::setAttribute() allowed constants (phpstan/phpstan-src@f1a3110), #​14720

v2.2.0

Compare Source

Dive into details about this release on PHPStan's blog: PHPStan 2.2: Unsealed Array Shapes, Safer Array Keys, and More!. It explains all the changes and the motivation behind them.

Major new features 🚀

• Unsealed array shapes (#​5501), #​13565, #​8438, #​11494, #​12110, #​14032
• New types: decimal-int-string and non-decimal-int-string (#​5279)
• New config parameter: reportUnsafeArrayStringKeyCasting
• Check constants in parameters (#​5256), #​12850
  • New error identifiers:
    • argument.exclusiveConstants
    • argument.invalidConstant
    • argument.bitmaskNotAllowed
• Detect named arguments whose parameters are renamed in subtypes (phpstan/phpstan-src@4c1a2b9), #​7434, #​5279
  • New error identifier argument.parameterRenamedInSubtype

Bleeding edge 🔪

• Sealed array shapes are truly sealed
  • Array shape like array{a: int, b: string} does not allow for extra keys and does not accept general arrays

If you want to see the shape of things to come and adopt bleeding edge features early, you can include this config file in your project's phpstan.neon:

includes:
	- vendor/phpstan/phpstan/conf/bleedingEdge.neon

Of course, there are no backwards compatibility guarantees when you include this file. The behaviour and reported errors can change in minor versions with this file included. Learn more

Improvements 🔧

• Allow custom rules to emit collector data for CollectedDataNode with CollectedDataEmitter (#​5261)
• Reduced false positives about constant conditions in traits (#​5309), #​13023, #​7599, #​13474, #​13687, #​12798, #​11949, #​12267, #​9515, #​4570, #​4121, #​8060, #​10353

Bugfixes 🐛

• Narrow division to int when modulo is known to be zero (#​5757), #​9724, thanks @​VincentLanglet and @​staabm!
• Do not normalize union types in tryRemove to preserve finite type combinations (#​5744), #​10128, #​11453, thanks @​VincentLanglet and @​staabm!
• Prevent infinite recursion in AttributeReflectionFactory when an attribute references itself on its constructor (#​5773), #​14707

Internals 🔍

• Refactor TypeSpecifier (#​5772), thanks @​VincentLanglet!
• Simplify InitializerExprTypeResolver api-surface (#​5767), thanks @​staabm!
• Cleanup ArrayType::tryRemove() (#​5766), thanks @​staabm!

pmd/pmd (pmd/pmd)

v7.25.0: PMD 7.25.0 (29-May-2026)

Compare Source

29-May-2026 - 7.25.0

The PMD team is pleased to announce PMD 7.25.0.

This is a minor release.

Table Of Contents

• 🚀️ New and noteworthy
  • Updated ANTLR library to 4.13.2
• 🌟️ New and Changed Rules
  • New Rules
  • Changed Rules
  • Renamed rules and properties
• 🐛️ Fixed Issues
• 🚨️ API Changes
  • Deprecations
  • Experimental API
• ✨️ Merged pull requests
• 📦️ Dependency updates
• 📈️ Stats

🚀️ New and noteworthy

Updated ANTLR library to 4.13.2

We have updated the ANTLR library (parser generator) from 4.9.3 to the latest version 4.13.2,
in order to be able to use the latest version of Apex parser library.

This is an incompatible update: In case you use custom language modules based on ANTLR, you
need to make sure to regenerate all of your lexers and parsers with the new ANTLR version.

For the ANTLR based language modules, that PMD ships (kotlin and swift and various CPD modules),
this is already done.

🌟️ New and Changed Rules

New Rules

• The new Java rule JUnitJupiterTestNoPrivateModifier find JUnit test classes and
  methods that are private. Test classes, test methods, and lifecycle methods are not required to be public,
  but they must not be private. Otherwise, they won’t be found by the test framework.
• The new Java rule UnnecessaryBlock reports blocks that are unnecessary as
  they don't introduce a new scope. This rule helps simplify code structure by identifying and flagging
  redundant blocks that can make code harder to read and may be misleading.
• The new Java rule VariableDeclarationUsageDistance flags local variables that are declared
  far from their usage, which can make code harder to read. The rule has a property maxDistance that allows to
  configure the maximum allowed distance between declaration and usage.
• The new Java rule AssertStatementInTest detects usages of assert statement in tests.
  These should be replaced by framework assertion methods such as assertEquals.
  Such methods provide better error messages and make test behave correctly when running without -ea.

Changed Rules

• The rule OnlyOneReturn has a new property allowGuardIfs. When this property is
  true, then guard ifs at the beginning of a method are allowed their return statements don't count.
• The rules UseUtilityClass and ClassNamingConventions now use the
  same definition of what a utility class is. The most significant change is, that classes with main() methods are
  no longer considered utility classes by UseUtilityClass.
• We are continuously working to improve the precision of violation reporting for various rules.
  The goal is to ensure that rules report issues on the correct line and highlight only the relevant lines.
  For example, instead of flagging an entire class declaration (including its body), we now generally report only
  the class name. For more details, see [java] Single Line Warnings #​730
  and [java] Review reported locations of rules #​3769. While this effort
  is still ongoing, the following Java rules have been updated in this release:
  • AbstractClassWithoutAbstractMethod
  • AbstractClassWithoutAnyMethod
  • AtLeastOneConstructor
  • AvoidDollarSigns
  • AvoidCatchingGenericException
  • AvoidSynchronizedStatement (now reports only on synchronized keyword and not the whole synchronized block)
  • ClassNamingConventions
  • ClassWithOnlyPrivateConstructorsShouldBeFinal
  • CommentDefaultAccessModifier
  • CommentRequired
  • CouplingBetweenObjects (now reports only on class identifier and not whole compilation unit anymore)
  • CyclomaticComplexity
  • DataClass
  • ExcessiveImports (now reports only on imports and not the whole compilation unit anymore)
  • ExcessiveParameterList
  • ExcessivePublicCount
  • ExhaustiveSwitchHasDefault (now reports only on switch keyword and not the whole switch block)
  • GodClass
  • ImplicitFunctionalInterface
  • JUnit5TestShouldBePackagePrivate
  • LocalHomeNamingConvention
  • LocalInterfaceSessionNamingConvention
  • MissingSerialVersionUID
  • MissingStaticMethodInNonInstantiatableClass
  • NcssCount
  • NonExhaustiveSwitch (now reports only on switch keyword and not the whole switch block)
  • NoPackage
  • PublicMemberInNonPublicType
  • ShortClassName
  • SingleMethodSingleton
  • SwitchDensity (now reports only on switch keyword and not the whole switch block)
  • TestClassWithoutTestCases
  • TooFewBranchesForSwitch (now reports only on switch keyword and not the whole switch block)
  • TooManyFields (now reports only on class identifier and not the whole class body anymore)
  • TooManyMethods (now reports only on class identifier and not the whole class body anymore)
  • TooManyStaticImports (now reports only on the first static import and not the whole compilation unit anymore)
  • UnnecessaryModifier
  • UseUtilityClass

Renamed rules and properties

• One rule and one property have been renamed to reflect the fact that they work for both JUnit 5 and 6:
  • The rule JUnitJupiterTestShouldBePackagePrivate (Java Best Practices) was renamed from JUnit5TestShouldBePackagePrivate.
  • The property junitJupiterTestPattern of rule MethodNamingConventions (Java Code Style) was renamed from junit5TestPattern.

The old names still work but are deprecated.

🐛️ Fixed Issues

• core
  • #​4972: [core] Update ANTLR to 4.13.2
  • #​6308: [core] CPD Markdown format: Add syntax highlighting
• doc
  • #​6708: [doc] Update minimal Java version for building PMD in documentation
• java
  • #​1102: [java] Improve consistency of utility class detection across rules
  • #​5721: [java] StackOverflowError in 7.17.0 with nested wildcard generics
  • #​5746: [java] Separate test sources and resources
  • #​6688: [java] LocalVariableCouldBeFinalRule API changed
  • #​6704: [java] Rename rules and properties with JUnit5 in the name
• java-bestpractices
  • #​3212: [java] Enhance UseStandardCharsets to flag some constructors of IO-related classes
  • #​3777: [java] New rule: AssertStatementInTest
  • #​5477: [java] JUnit5TestShouldBePackagePrivate is not applied when @​Test method is only present in parent class
  • #​6606: [java] UnusedPrivateField: False positive on JUnit Jupiter @​FieldSource
  • #​6681: [java] UnitTestShouldIncludeAssert: False positive with JUnitSoftAssertions Rule (JUnit 4)
  • #​6710: [java] UseStandardCharsets: False negative when using lowercase standard charset names
  • #​6719: [java] UseStandardCharsets: False negative with Java 22+ and UTF-32 charsets
• java-codestyle
  • #​2801: [java] OnlyOneReturn should have a property to allow early exits (guard clauses)
  • #​4350: [java] ClassNamingConventions: testClassPattern not applied to class that inherits all its @​Test methods
  • #​6427: [java] UnnecessaryCast: False positive for long cast before bit-shift operations on int/byte
  • #​6602: [java] LocalVariableCouldBeFinal: False negative when multiple variables are declared at once
  • #​6622: [java] New rule: UnnecessaryBlock
  • #​6640: [java] New rule: VariableDeclarationUsageDistance
• java-design
  • #​559: [java] UseUtilityClass: False negative for constant only classes
• java-errorprone
  • #​3288: [java] New Rule: JUnit5TestNoPrivateModifier
  • #​4288: [java] Document that CallSuperFirst/CallSuperLast are Android specific
  • #​6163: [java] ConstructorCallsOverridableMethod: False positive when method is from enclosing class
  • #​6517: [java] UselessPureMethodCall: False negative for methods on IntStream/LongStream/DoubleStream
  • #​6652: [java] AvoidInstanceofChecksInCatchClause: false negative when pattern-matching instanceof
  • #​6712: [java] UnnecessaryBooleanAssertion: Use InvocationMatcher to find assertions
• java-multithreading
  • #​6520: [java] DoNotUseThreads: False positive on legitimate java.lang.Thread.onSpinWait() call
  • #​6636: [java] OverridingThreadRun: Fix false negatives with other methods and anonymous classes
• kotlin
  • #​6608: [kotlin] Lexer or parse errors are reported to stderr only without file context
  • #​6648: [kotlin] Multi-dollar interpolation parse error in annotations
  • #​6659: [kotlin] Parser hangs on complex files due to unbounded ATN prediction loop
  • #​6669: [kotlin] Add AST improvements, KotlinAstUtil

🚨️ API Changes

Deprecations

• java
  • FieldDeclarationsShouldBeAtStartOfClassRule#visit is an implementation detail of FieldDeclarationsShouldBeAtStartOfClassRule. It will be removed in a later release.
  • CyclomaticComplexityRule#visitTypeDecl is an implementation detail of CyclomaticComplexityRule. It will be removed in a later release.
  • SwitchDensityRule#visitSwitchLike is an implementation detail of SwitchDensityRule. It will be removed in a later release.
• kotlin
  • The constructor PmdKotlinParser#PmdKotlinParser has been deprecated.
    Use KotlinLanguageModule#getInstance, createProcessor, services and getParser instead
    to retrieve a correctly configured parser instance.
  • The constructor KotlinHandler#KotlinHandler has been deprecated.
    Use getInstance, createProcessor and services instead to access the LanguageVersionHandler
    for Kotlin.
  • The methods KotlinInnerNode#getImage and KotlinInnerNode#hasImageEqualTo have been deprecated.
    They have not been used yet in Kotlin and the long-term plan is to remove these methods on each node.
    Concrete nodes (subclasses of KotlinInnerNode) should provide a more specific attribute like
    "getName" or "getIdentifier" instead and not rely on "getImage".
    The same deprecation has been done for KotlinTerminalNode.
    See #​4787 for more information.

Experimental API

• kotlin
  • KotlinLanguageProperties#PARSE_TIMEOUT_SECONDS
  • KotlinLanguageProperties#getParseTimeoutSeconds
  • Multiple classes have been added that provide an experimental way to add custom attributes to nodes:
    • AttributeView
    • KtClassDeclarationAttributes
    • KtClassParameterAttributes
    • KtCompanionObjectAttributes
    • KtFunctionDeclarationAttributes
    • KtImportAliasAttributes
    • KtImportHeaderAttributes
    • KtVariableDeclarationAttributes
    • HasModifiers
    • HasSimpleIdentifier
  • Attributes can be accessed on each node in Java-based rules via KotlinInnerNode#attributes.
    The attributes are also automatically exposed for XPath rules.

✨️ Merged pull requests

• #​6084: [java] Shrink reported locations for some rules - Sören Glimm (@​UncleOwen)
• #​6522: [java] Fix #​6520: DoNotUseThreads: fix false positive on Thread.onSpinWait() - leemeii (@​leemeii)
• #​6524: [java] Fix #​6517: UselessPureMethodCall: fix false negative for primitive streams - leemeii (@​leemeii)
• #​6553: [java] Fix StackOverflowError in TypeOps projection of cyclic captured type vars - Sebastian Lövdahl (@​slovdahl)
• #​6557: [java] New rule: AssertStatementInTest - Zbynek Konecny (@​zbynek)
• #​6561: [java] Fix #​6163: ConstructorCallsOverridableMethod: False positive with call to enclosing class - Lukas Gräf (@​lukasgraef)
• #​6573: [java] Fix #​6427: Add bitwise and/or/xor to BINARY_PROMOTED_OPS - Sören Glimm (@​UncleOwen)
• #​6587: [java] Fix #​2801: Add a property to OnlyOneReturnRule to allow guard ifs - Sören Glimm (@​UncleOwen)
• #​6597: [java] Fix #​3212: Enhance UseStandardCharsets - Sören Glimm (@​UncleOwen)
• #​6601: [java] Fix #​4288: Document that CallSuperFirst and CallSuperLast are android only - Sören Glimm (@​UncleOwen)
• #​6603: [java] Fix #​6602: Fix false negative in LocalVariableCouldBeFinalRule - Sören Glimm (@​UncleOwen)
• #​6604: [java] Fix #​3288: New rule JUnit5TestNoPrivateModifierRule - Sören Glimm (@​UncleOwen)
• #​6605: [java] Fix #​6308: Add syntax highlighting to MarkdownRenderer - Sören Glimm (@​UncleOwen)
• #​6619: [java] Fix #​5746: Separate test sources and resources - Sören Glimm (@​UncleOwen)
• #​6623: [java] Cleanup: Remove TODO from ModifierOwner.getVisibility() - Sören Glimm (@​UncleOwen)
• #​6636: [java] OverridingThreadRun: Fix false negatives with other methods and anonymous classes - Zbynek Konecny (@​zbynek)
• #​6638: [java] Fix #​559: Improve UseUtilityClassRule to trigger also on static members - Sören Glimm (@​UncleOwen)
• #​6639: [java] New rule: UnnecessaryBlock - Sören Glimm (@​UncleOwen)
• #​6640: [java] New rule: VariableDeclarationUsageDistance - Zbynek Konecny ([@&chore(deps): update astral-sh/setup-uv action to v8 #8

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: undefined

Post-upgrade command 'uv run python scripts/fetch_checksums.py --force' has not been added to the allowed list in allowedCommands