Warning about sonar.login when using sonar-maven-plugin


Are there any plans to release new version of org.sonarsource.scanner.maven:sonar-maven-plugin? While using the latest one (from Nov 2021) there is a warning in SonarCloud:

The property ‘sonar.login’ is deprecated and will be removed in the future. Please use the ‘sonar.token’ property instead when passing a token.


Hey there.

I don’t think this shouldn’t require an update to the Maven plugin. Where are you setting sonar.login today (where do you provide the credentials for your SonarCloud analysis)? It should just be a matter of changing this to sonar.token.

Hi Colin,

I don’t pass sonar.login manually so cannot change it to sonar.token. However the issue is not with org.sonarsource.scanner.maven:sonar-maven-plugin but in sonarqube-plugin as I run it on Jenkins using:
script.withSonarQubeEnv(credentialsId: 'sonarcloud-token', installationName: 'SonarCloud')
I see that there is already PR to fix it: Support sonar.token (>=10.0) and sonar.login (9.9 LTS) by ca-stefan-cordes · Pull Request #14 · jenkinsci/sonarqube-plugin · GitHub

Thanks for your help :slight_smile:

Here is a ticket you can track.