SonarScanner "The version of Java you have used to run this analysis is deprecated" in CI
The scanner runs on a JVM. When the runner Java is older than the version the scanner requires, it warns that the Java version is deprecated. It still runs now but will break on a future scanner upgrade.
What this error means
The scan log shows "The version of Java (11.0.x) you have used to run this analysis is deprecated and we will stop accepting it soon. Please update to at least Java 17."
sonar-scanner
WARN: The version of Java (11.0.20) you have used to run this analysis is deprecated
and we will stop accepting it soon. Please update to at least Java 17.Common causes
The runner default Java is older than required
The scanner picks up the JAVA_HOME on the runner, which is an older LTS the scanner has deprecated.
The scanner JVM is not pinned
Nothing sets the Java the scanner uses, so it defaults to whatever the image provides.
How to fix it
Provision a supported Java for the scanner
- Add a step that sets up a supported Java (17 or newer).
- Ensure that Java is the one the scanner uses.
- Re-run; the deprecation warning clears.
.github/workflows/ci.yml
- uses: actions/setup-java@v4
with:
distribution: temurin
java-version: '17'Point the scanner at a specific JRE
If your project code needs an older Java, keep that for the build but run the scanner on a supported JVM.
.github/workflows/ci.yml
env:
SONAR_SCANNER_JAVA_OPTS: "-Xmx1024m"How to prevent it
- Run the scanner on a currently supported Java release.
- Separate the build JVM from the scanner JVM when they differ.
- Watch scanner release notes for Java support changes.
Related guides
SonarScanner "Fail to get bootstrap index from server" in CIFix "ERROR: Error during SonarScanner execution ... Fail to get bootstrap index from server" in CI - the scan…
SonarQube quality gate timeout waiting for the result in CIFix a SonarQube quality gate timeout in CI - with sonar.qualitygate.wait the scanner polls for the gate resul…
SonarScanner "Coverage report could not be read" in CIFix SonarScanner "Coverage report ... could not be read" in CI - the report path is set but the file is empty…