The warnings plugin supports new warning detection between different branches. Here is an example: https://ci.jenkins.io/job/Plugins/job/warnings-ng-plugin/view/change-requests/job/PR-500/7/

In this PR, 52 PMD warnings are detected, but only 3 of them are caused by the PR itself.

Thanks for the thorough reply.

Your mitigation solution (i.e. limiting the rules that are applied) is still only a half measure since even some of those rules might have hundreds or thousands of violations on legacy code. And it's like a nuclear bomb of violations if you enable any of the code formatting rules.

I see @uhafner provided an example -- that's promising. We're using GH Actions for our CI so I can't use the plugin as-is but perhaps there's some inspiration there that can be turned into a general purpose 'compare'.

I'll close this issue for now since it's been satisfactorily answered. Thanks again!

@daveespo , as @adangel said, we're checking only changed files, comparing your branch with origin/master and finding appropriate ones. The hardest thing is to start the process but after some time most popular files will be cleaned up and life will become easier.

If you write your own rule, sometimes it's possible to find all violations and fix them in a half-automated way. I use plain old regexps and SSR (structural search and replace in IDEA). In that case after introducing new rules new violations are not added. Sometimes it's not possible to do so and then these violations are fixed on the way (when you do something in the same file).

We've been using PMD approximately for 2 years and wrote about 25 rules (some are very simple and are related to wrong imports; some are more complex). And still we have from 500 to 1k violations.

I prefer to think about it not as a strict requirement "all the project must be violations-free" but as a process where you leave less and less ways for new contributors to make a mistake.

@KroArtem -- good points -- I think I could see a path to accepting the thousands of rule violations if the info was shown inline while editing source files. Specifically, regarding IntelliJ -- is there a way to have the PMD part of Inspect Code work in semi-real time and do syntax highlighting? There are the built-in code quality rules in IntelliJ an those do syntax highlighting and work in close to real time.

I think engineers would be inclined to fix violations in proximity to the areas they're working if it's right in their face that the violation needs fixing. If they have to read through all of the hits in the Inspect Code pane in IntelliJ, they're less likely to do that.

(To be clear, I'm using the IlluminatedCloud plugin for IntelliJ which is for Salesforce development so perhaps the reason I'm not seeing real time PMD inspection output (pmd-apex) is related to that)

@daveespo This might not be a real answer but we use Codacy.com for exactly such a relative analysis per push or Pr.

@rsoesemann -- excellent recommendation, thank you! Codacy honors the ruleset and inline suppressions from PMD too.

And the UI for being able to review the findings in a web browser beats the HTML report that our CI was dumping out as a build artifact.

@daveespo If you like codacy please also spread the word as only few Salesforce devs know it.