Support Java 16 for Dependency Scanning gradle projects
Release notes
For customers keeping using Java 16 you will be happy to know that you are now supported by our Dependency Scanning analyzers. Please set the DS_JAVA_VERSION
environment variable to leverage this enhancement.
Summary
java 16
is supported in dependency scanning for maven
but not for gradle
due to issues with gradle 7 support in gemnasium-gradle-plugin
.
Further details
When adding java 16 support in this issue it was discovered that the current gemnasium-gradle-plugin (v0.3.3) uses functionality deprecated in gradle 7 (which is the only gradle version to support java 16): gitlab-org/security-products/analyzers/gemnasium-maven!111 (comment 566224662)
Therefore, the original issue was changed to describe only adding support for maven
. The gradle
implementation is left to this issue.
Implementation plan
Note: adoptopenjdk-16.0.0+36 was already added in.
-
update gemnasium-gradle-plugin
to remove deprecated functionality (#329805 (closed)) -
add java16 branch to java-gradle test project to change the distribution url to point to gradle 7 -
add test for java 16 using gradle -
release new version of gemnasium-maven
Documentation
-
support for java 16 to be documented under DS_JAVA_VERSION
row of DS analyzer configuration.
Availability & Testing
Add java 16 job for each supported framework as in https://gitlab.com/gitlab-org/security-products/analyzers/gemnasium-maven/-/blob/master/.gitlab-ci.yml#L58
-
java-gradle