Ability to auto-update pmd

[ChuckJonas]

Would be nice if there was a way to automatically update PMD bin and default ruleset.

See https://github.com/pmd/pmd/issues/2350

[ChuckJonas]

Especially given that I cannot blindly trust PR that of individuals updating the binaries as there is potential to sneak in malicious executables.

Maybe the first pass at this is just a script to update it...

[ChuckJonas]

I should also see if we clean out a bunch of the unused jars to reduce the install size.

[Raspikabek]

Is it completely necessary to include the binaries in the repository? Maybe a process from Travis that every new tag version does read a variable that contains the desired PMD version to use?

Meaning is Travis the one that does the download of the desired PMD version, places it in the right folder and publish it in VSCode marketplace.

This might required some updates in the process, like right before it has to install via npm vsce + you will need to store your VScodeMarketplace token in order to let Travis publish on your behalf.

This could be done with a script in the package.json so colaborators can just do the same locally after the package is cloned.

I'd like to help with this, but I'd prefer to ask and get some insights from you before doing actual work and testing

[ChuckJonas]

completely unnecessary! The approach you've outlined above would definitely be a big improvement. Currently the release process is manual, but only due to lack of time. @nchursin latest contribution made it less so.

It would definitely be great to get this to where it can be published from the CI...

However, before investing in a solution which packages the binaries automatically , I think it's worth considering if there is a better solution that instead acquires the binaries after install.

This would also allow upgrading the PMD engine without having to publish new versions of the extension. Version could be controlled by a setting. We would probably want to default it to a stable/tested version, but we could also allow tags like "@latest", which would check for new updates on extension activation.

[dschach]

An improvement (not a total solution) would be to have in this repo a file whose contents were only the version number of PMD that you want to use. Then you can use GitHub workflow to download that version of PMD and add the binaries to the repo. Put that all into a workflow that can only be run by certain people and only when that file is changed, etc. and you've automated it (somewhat).

Or when you do a release, just say the version of PMD you want, and have the workflow execute and use the version in that release tag.

Sample code for downloading and unzipping the binaries is at https://github.com/dschach/salesforce-trigger-framework/blob/e25e8eba1406b226dacdba583faf2c2023081ccd/.github/workflows/ci.yml#L67

Related to #95

[dschach]

First step handled in #104 with the upgrade.sh script updating pom.xml to the latest version. Next step would probably be pulling the zip file and handling it.

[dschach]

@ChuckJonas Please see code for downloading and unzipping binaries, cited above.

[PawelWozniak]

Hi any progress on that? PMD just relased 6.50. If I provide path to bin file in setup will it work well? That would be a workaround for old version.