We wanted to give you a heads-up that we’re moving away from supporting Java 11 as a runtime environment for the Scanners. We’re encouraging everyone to migrate their scan pipelines to Java 17 as soon as possible. The documentation has been updated accordingly for SonarCloud. For SonarQube, Java 11 will be deprecated starting from SonarQube 10.2, and SonarQube 9.9 LTS is not impacted.
We do this move because Java 21 is arriving soon on the 19th of September 2023 and our policy is to only support the two latest Java LTS.
We plan to drop support for Java 11 as a runtime environment on October 31st, 2023January 15th, 2024. Just in case you have a doubt: you’ll still be able to scan Java 11 projects.
We understand that this may cause some inconvenience, but we’re doing it to improve our services.
If you have any questions or concerns, please don’t hesitate to reach out.
Status of Integrations Migration (last update: 6th of September 2023):
It looks like some actions were taken out of order and a warning began to be issued by SonarCloud this morning. Ideally this should be seamless, at most requiring updating the version of the action/pipe used (if pinned to a specific version).
Our projects are complaining about the java version 11 being deprecated but we are using the CircleCI SonarSource orb for testing : GitHub - SonarSource/sonarcloud-circleci-orb: Support of SonarScanner CLI in CircleCI .This one includes it’s own Java version 11.
Is this on the schedule for updating or do we need to find an other way of using SonarQube?
Thanks. The Scanner for .NET will eventually be updated (I imagine soon) – but in fact, no JVM is embedded in the Scanner for .NET (users always bring their own), so nothing prevents those users from upgrading to Java 17.
Thanks Colin! Looks like I just have to add setup/java to my GitHub Action to change the default JVM from 11 to 17. FYI, your SonarCloud setup guide for GitHub Actions (SonarCloud) still instructs to use Java 11.
Sorry for jumping in but just wanted to confirm if the Travis CI scanner will also be updated or if there is anything I need to do manually, please let me know. We’re mainly using PHP projects if that changes anything!
This is actually a very good question. As far as I know, we (Sonar) don’t maintain the SonarCloud Travis addon. I’ll double-check internally and get in touch with TravisCI if needed to inform them about the Java 11 deprecation.
docker pull sonarsource/sonar-scanner-cli:latest && docker run -it sonarsource/sonar-scanner-cli:latest java -version
latest: Pulling from sonarsource/sonar-scanner-cli
Digest: sha256:6681b53d255f7a2069d00c4892eb3df248be74f8c17f20436f8b1725cbde3a09
Status: Image is up to date for sonarsource/sonar-scanner-cli:latest
docker.io/sonarsource/sonar-scanner-cli:latest
openjdk version "11.0.20" 2023-07-18
This is totally unpredictable when latest was pointing some days ago to JDK 17 and Scanner 5.0.1
@jonesbusy Thanks for the ping. That wasn’t supposed to happen (we backported a security fix to the 4.x branch). I think this is the first time we backported a fix on another major version… and we didn’t account for this.
I’ve just raised this internally and we’re already looking into it.
Thanks for notifying us this quickly. We updated the latest tag. It should point to the latest major version again (5.0.1, see Docker hub). Sorry for the disruption.