Java 11 support ends on 15th on November. What does it mean for us?

According to

SonarSource plans to drop support for Java 11 as a runtime environment on 15th of November.

We are using SonarCloud and practically don’t have any “runtime environment”. What exactly will happen on 15th of November?

We have a command in a pipeline, which does the scan. Something like this:

mvn verify org.sonarsource.scanner.maven:sonar-maven-plugin: ...

Will it stop working? Will it stop working even if we won’t update the version number of the plugin? Really?


The “runtime environment” I’m talking about in my various posts is the one of your pipeline.

If this command mvn verify org.sonarsource.scanner.maven:sonar-maven-plugin: is only there to scan the code and not to build+scan then you have to make sure that the “java” command that in used in the background by Maven is a Java 17.
It means before calling “mvn”, you need to tell your pipeline to run the next command in a Java 17 context.

I’ve asked ChatGPT to generate a pipeline file for GitHub Action just to show you what I’m talking about:

Can you share your pipeline so that we can better guide you?


I cannot just login on to Bamboo Agent using root credential and install JDK17. It it not how it works in bigger companies.

License department must clear out, if the usage of the JDK17 falls under the same agreement as the usage of JDK11. Additional efforts are coming because of visualized environment. Oracle License rules for visualized systems are terrifying sophisticated. The final decision must be proofed by Oracle enterprise customer support.

Then coming questions about compatibility, security, data privacy, patch management and so on.

Desktop Customer Support must include the new version into supported portfolio for Windows Desktops and clear ALL the questions mentioned before for the server environment once again.

It needs plenty of time, not 2 weeks and not 2 months.

If you insist of pulling the plug on 15. November for your cloud product, you risk to upset enterprise customers.

1 Like

I understand all of that and this is why we sent the notification end of July so that companies like yours have the time to adjust. We will adjust the end support date according to the % of customers still on Java 11.
At some point we need to announce a date, otherwise, everyone will:

  • request to have a date communicated
  • do nothing because they think they have time
1 Like

I am very sorry, but you didn’t send any notifications. First and only notification I received per Mail came yesterday:

The Sonar Team <>
Important Update: Transition to Java 17 for Continued SonarCloud Platform Support

End of July you started to print a deprecation message somewhere in the log output. Other members of the community already mentioned, that the word “deprecated” doesn’t include the needed urgency.

Even now you show the warning only in the internal page of the project. If some project is not in the active developing phase, nobody will know about the breaking change.

1 Like


I’m running Sonar scan of my .NET 7 project as part of my CI pipeline on GitHub Actions (see the complete workflow here):

name: CI


    runs-on: ubuntu-latest
      - uses: actions/checkout@v4
      - name: Setup .NET
        uses: actions/setup-dotnet@v3
          dotnet-version: '7.0'
      - name: Restore dependencies
        run: dotnet restore ScreenshotCreator.sln
      - name: Begin Sonar scan
        run: |
          dotnet tool install --global dotnet-sonarscanner
          dotnet sonarscanner begin /k:mu88_ScreenshotCreator /o:mu88 /d:sonar.login=${{ secrets.SONAR_TOKEN }} / /d:sonar.cs.opencover.reportsPaths=tests/Tests/coverage.opencover.xml
      - name: Build
        run: dotnet build --no-restore ScreenshotCreator.sln
      - name: Test and collect coverage
        run: dotnet test --no-build /p:CollectCoverage=true /p:CoverletOutputFormat=opencover '/p:ExcludeByFile=\"**/Log.Prefix.cs\"'
      - name: End Sonar scan
        run: dotnet sonarscanner end /d:sonar.login=${{ secrets.SONAR_TOKEN }}

In the log output, I see that the latest version of Sonar scanner is successfully installed:

Run dotnet tool install --global dotnet-sonarscanner
You can invoke the tool using the following command: dotnet-sonarscanner
Tool 'dotnet-sonarscanner' (version '5.14.0') was successfully installed.
SonarScanner for MSBuild 5.14
Using the .NET Core version of the Scanner for MSBuild
Pre-processing started.
Preparing working directories...
01:43:24.025  Updating build integration targets...
01:43:25.54  Fetching analysis configuration settings...
01:43:27.056  Provisioning analyzer assemblies for cs...
01:43:27.057  Installing required Roslyn analyzers...
01:43:27.057  Processing plugin: csharp version
01:43:27.925  Processing plugin: vbnet version
01:43:28.218  Processing plugin: securitycsharpfrontend version 10.3.0-M1.25227
01:43:29.144  Provisioning analyzer assemblies for vbnet...
01:43:29.145  Installing required Roslyn analyzers...
01:43:29.145  Processing plugin: csharp version
01:43:29.146  Processing plugin: vbnet version
01:43:29.153  Incremental PR analysis: Automatically detected base branch 'main' from CI Provider 'GitHub Actions'.
01:43:29.545  Downloading cache. Project key: ***_ScreenshotCreator, branch: main.
01:43:31.003  Incremental PR analysis: 26 files out of 31 are unchanged.
01:43:31.042  Pre-processing succeeded.

However, ending the Sonar scan still gives me the following warning:

WARN: The version of Java ( you have used to run this analysis is deprecated and we will stop accepting it soon. Please update to at least Java 17.

What do I have to do to get rid of the warning and use Java 17?


Hello @mu88 ,

You should be able to add the following step at the beginning of your pipeline:

      - name: Set up JDK 17
        uses: actions/setup-java@v3
          java-version: 17
          distribution: 'zulu'