PMD

PMD is an extensible open-source static code analyzer that detects common programming flaws including unused variables, empty catch blocks, unnecessary object creation, code quality issues, and security vulnerabilities across 16+ programming languages with primary focus on Java, Apex, and JavaScript through over 400 built-in rules. The tool parses source files into Abstract Syntax Trees and executes customizable rulesets to identify violations, integrating seamlessly into IDEs, CI/CD pipelines, and build tools including Maven, Gradle, Jenkins, and GitHub Actions, while also including CPD (Copy-Paste Detector) to identify code duplication across multiple languages, enabling development teams to enforce coding standards and improve code maintainability throughout the software development lifecycle.