I am now having to deprecate our use of Sonar Ant Scanner version 2.7.1, because our very large enterprise organization is upgrading to the latest 10.6 version of SonarQube. We compile with JDK17; however, with over 8million LOC, and tens of thousands of devices in the field running different java versions, we still have some code with a target compile version of 1.8. The question I have is, does the latest SonarScanner CLI, which I’m being forced to switch to (not happy, because Sonar Ant is deeply integrated into our build process), support static analysis of java 8 code? Thank you in advance.
Hi @John_Bain,
You need to comply with the SonarScanner requirements. I know it can be difficult to update all pipelines.
Fortunately, you can scan applications compiled in a different version of Java to the one required for scanning. This will sometimes require you to use a JDK for compilation and a JRE 17 for scanning by playing with the JAVA_HOME.
I would like to also link to the docs on General requirements on scanner environment, which mentions:
The requirement on the Java runtime environment refers only to the version of Java used by the scanner itself to run. It does not restrict the versions of Java that can be analyzed by the scanner. In addition, the required version changes with successive versions of the scanner.
Java 8 can be analyzed by SonarQube v10.6 no problem.