Support Java 16 for Dependency Scanning maven projects

Release notes

https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#configuring-specific-analyzers-used-by-dependency-scanning

For customers keeping using Java 16 you will be happy to know that you are now supported by our Dependency Scanning analyzers. Please set the DS_JAVA_VERSION environment variable to leverage this enhancement.

Summary

Dependency Scanning supports java up to version 15.
I guess the timing was a bit unfortunate with only one week left until the EOL of Java 15, so let's make sure to support Java 16 much faster :)

Version 16 made to GA recently (2021-03) and should be supported as well.

It also might make sense to think about deprecating Java 13 and 14 since they've reached their respective EOL quite a while ago.
https://endoflife.date/java

Further details

gemnasium-maven analyzer handles support for jvm based languages and currently supports java versions 8, 11, 13, 14, 15. 16 can be added in a similar way and used by the user through the DS_JAVA_VERSION env var.

Implementation plan

add adoptopenjdk-16.0.0+36 (or latest stable version adoptopenjdk-16.0.0+36 (asdf list all java | grep adoptopenjdk-16 | grep -v openj9 | tail -1) to https://gitlab.com/gitlab-org/security-products/analyzers/gemnasium-maven/-/blob/master/config/.tool-versions
release new version of gemnasium-maven

Documentation

support for java 16 to be documented under DS_JAVA_VERSION row of DS analyzer configuration.

Availability & Testing

Add java 16 job for each supported framework as in https://gitlab.com/gitlab-org/security-products/analyzers/gemnasium-maven/-/blob/master/.gitlab-ci.yml#L58

java-maven

/cc @ifrenkel what do you think about this? I'm happy to open an MR for it 😃

Edited Jun 11, 2021 by Igor Frenkel