Skip to content
Latchkey

SonarScanner "The version of Java you have used to run this analysis is deprecated" in CI

The scanner runs on a JVM. When the runner Java is older than the version the scanner requires, it warns that the Java version is deprecated. It still runs now but will break on a future scanner upgrade.

What this error means

The scan log shows "The version of Java (11.0.x) you have used to run this analysis is deprecated and we will stop accepting it soon. Please update to at least Java 17."

sonar-scanner
WARN: The version of Java (11.0.20) you have used to run this analysis is deprecated
and we will stop accepting it soon. Please update to at least Java 17.

Common causes

The runner default Java is older than required

The scanner picks up the JAVA_HOME on the runner, which is an older LTS the scanner has deprecated.

The scanner JVM is not pinned

Nothing sets the Java the scanner uses, so it defaults to whatever the image provides.

How to fix it

Provision a supported Java for the scanner

  1. Add a step that sets up a supported Java (17 or newer).
  2. Ensure that Java is the one the scanner uses.
  3. Re-run; the deprecation warning clears.
.github/workflows/ci.yml
- uses: actions/setup-java@v4
  with:
    distribution: temurin
    java-version: '17'

Point the scanner at a specific JRE

If your project code needs an older Java, keep that for the build but run the scanner on a supported JVM.

.github/workflows/ci.yml
env:
  SONAR_SCANNER_JAVA_OPTS: "-Xmx1024m"

How to prevent it

  • Run the scanner on a currently supported Java release.
  • Separate the build JVM from the scanner JVM when they differ.
  • Watch scanner release notes for Java support changes.

Related guides

Tired of flaky CI? Latchkey auto-heals failed jobs and retries them for you. Start free →