Hi SonarSource community:
Just saw this notice on the SonarCloud documentation pages:
October 2020 - Move to Java 11: The version of Java installed in the scanner environment should be upgraded to at least Java 11 by October 2020. Pre-11 versions of Java are already deprecated and scanners using them will stop functioning after October 2020. This refers specifically to the JDK or JRE installed and used in the context where your SonarCloud scanner analysis tool is running. This may be your local build environment or your CI service.
Similar to the question asked in SonarQube 8 LTS and Java 8 , I am curious why SonarCloud is forcing scanning systems to use Java 11 this October. Java 8 is a long term supported release of Java that is rumored to be kept patched via the OpenJDK until 2025 (or later). I totally get that everyone wants to push their own code forward, but I’m curious why a pattern could not be put together to continue to allow scans with Java 8 even as many newer versions are released - I’m even okay (though not thrilled) if my code scans with Java 8 aren’t as complete or comprehensive as the “up-to-date” scanner that uses Java 11+.
But the wholesale forcing of clients to only do scans with Java 11 will cause a bunch of problems. My biggest one today is that my SonarCloud scans are run by TravisCI while it is building my code, so in essence I could maybe do the scan with Java 11 if I did a totally separate build just for Sonar with Java 11 with advanced TravisCI features or a different toolset. In any case, a bunch of work on my part.
I’d point out that Java 8 is still the version in use by much of the community - 83% last year according to JetBrains. If we are forced to use Java 11 for scans, we’ll have to analyze whether the cost of modifying our CI/CD pipelines is worth it, or maybe we just pay for less Lines of Code and lose some of our analysis of our code base. Can someone explain better the justification for this ultimatum?