Update to PMD 7.12.0 for static analysis (#375)

Addresses CVE-2025-23215.

Signed-off-by: Muthu <muthu.sundaravadivel@in.ibm.com>
Co-authored-by: Mark S. Lewis <Mark.S.Lewis@outlook.com>

Author: MuthuSundaravadivel

fabric-chaincode-shim/build.gradle

@@ -12,7 +12,7 @@ plugins {
 }
 
 pmd {
-    toolVersion = '7.7.0'
+    toolVersion = '7.12.0'
     ruleSetFiles = files('../pmd-ruleset.xml')
     ruleSets = [] // explicitly set to empty to avoid using the default configuration
     ignoreFailures = false

fabric-chaincode-shim/src/main/java/org/hyperledger/fabric/contract/execution/ExecutionService.java

@@ -15,6 +15,7 @@
  *
  * <p>Service that executes {@link InvocationRequest} (wrapped Init/Invoke + extra data) using routing information
  */
+@FunctionalInterface
 public interface ExecutionService {
 
     /**

fabric-chaincode-shim/src/main/java/org/hyperledger/fabric/contract/execution/impl/ContractInvocationRequest.java

@@ -15,7 +15,7 @@
 import org.hyperledger.fabric.shim.ChaincodeStub;
 
 public final class ContractInvocationRequest implements InvocationRequest {
-    @SuppressWarnings("PMD.ProperLogger") // PMD 7.7.0 gives a false positive here
+    @SuppressWarnings("PMD.ProperLogger") // PMD 7.12.0 gives a false positive here
     private static final Log LOGGER = LogFactory.getLog(ContractInvocationRequest.class);
 
     private static final Pattern NS_REGEX = Pattern.compile(":");

fabric-chaincode-shim/src/main/java/org/hyperledger/fabric/contract/routing/impl/SerializerRegistryImpl.java

@@ -24,7 +24,7 @@
 public class SerializerRegistryImpl {
     private static final Logger LOGGER = Logger.getLogger(SerializerRegistryImpl.class);
 
-    private final Class<Serializer> annotationClass = Serializer.class;
+    private static final Class<Serializer> ANNOTATION_CLASS = Serializer.class;
 
     // Could index these by name and or type.
     private final Map<String, SerializerInterface> contents = new HashMap<>();
@@ -68,7 +68,7 @@ public void findAndSetContents() throws InstantiationException, IllegalAccessExc
 
         try (ScanResult scanResult = classGraph.scan()) {
             for (final ClassInfo classInfo :
-                    scanResult.getClassesWithAnnotation(this.annotationClass.getCanonicalName())) {
+                    scanResult.getClassesWithAnnotation(this.ANNOTATION_CLASS.getCanonicalName())) {
                 LOGGER.debug(() -> "Found class with contract annotation: " + classInfo.getName());
                 final Class<SerializerInterface> cls = (Class<SerializerInterface>) classInfo.loadClass();
                 LOGGER.debug("Loaded class");

fabric-chaincode-shim/src/main/java/org/hyperledger/fabric/ledger/Collection.java

@@ -6,6 +6,7 @@
 package org.hyperledger.fabric.ledger;
 
 /** Place holder. */
+@SuppressWarnings("PMD.ImplicitFunctionalInterface")
 public interface Collection {
 
     /** Constant that can be used to refer to the 'Worldstate' collection explicitly. */

fabric-chaincode-shim/src/main/java/org/hyperledger/fabric/shim/ext/sbe/impl/StateBasedEndorsementImpl.java

@@ -23,7 +23,7 @@
 
 /** Implements {@link StateBasedEndorsement}. */
 public final class StateBasedEndorsementImpl implements StateBasedEndorsement {
-    @SuppressWarnings("PMD.ProperLogger") // PMD 7.7.0 reports a false positive
+    @SuppressWarnings("PMD.ProperLogger") // PMD 7.12.0 reports a false positive
     private static final Log LOGGER = LogFactory.getLog(StateBasedEndorsementImpl.class);
 
     private final Map<String, MSPRoleType> orgs = new HashMap<>();

fabric-chaincode-shim/src/main/java/org/hyperledger/fabric/shim/impl/InvocationTaskManager.java

@@ -183,9 +183,6 @@ private void processChaincodeMessage(final ChaincodeMessage chaincodeMessage) {
             case READY:
                 handleMsg(chaincodeMessage, msgType);
                 break;
-            default:
-                LOGGER.warning(() -> String.format(CANNOT_HANDLE_FORMAT, chaincodeMessage.getTxid(), msgType));
-                break;
         }
     }