New feature for PMD static analyzer

[artem-smotrakov]

PMD static analyzer has several security checks. If a project uses the analyzer, then it should positively affect the score for static analysis. However, it should not contribute much because PMD doesn't have many security rules.

Here is an example:

https://github.com/apache/shardingsphere/blob/master/pom.xml#L903

• [ ] Add a new feature.
• [ ] Implement a data provider that fills out the new feature.
• [ ] Include the new feature to the open-source security rating.
• [ ] Update test and test vectors.
• [ ] Update the demo tool if necessary (enable the provider, update the pretty printer, etc)

[artem-smotrakov]

PMD has very few security rules. It doesn't seem to make much sense to add a feature for that. In the future, if there are more security rules, let's consider adding this feature.