Dependency Scanning and License Scanning Java 21 Early Access Support
Release notes
Dependency Scanning and License Scanning will be able to support Java 21, which is due to be released on 19th September 2023.
Problem to solve
As a user, I want to specify Java version 21, so that I can use an early access version of Java 21 with Dependency Scanning and License Scanning.
Intended users
User experience goal
The user should be able to set the DS_JAVA_VERSION
environment variable in their .gitlab-ci.yml
to 21
and Java 21 should be used.
Proposal
We are going to add Java 21 to the Dependency Scanning Docker image once this version of Java has been released.
Further details
The scope of this issue is limited to our Debian, non-FIPS image, because we anticipate that Redhat will be 1-2 months behind when OpenJDK make it available. The scope may be adjusted in future to account for Gradle support for Java 21.
Documentation
- Document Java 21 is supported via an early access version
- Document Java 21 is available using the
DS_JAVA_VERSION
environment variable - Document Java 21 is not supported in FIPS-enabled images
- Document Java 21 only supports Maven
Availability & Testing
Adding a new version of Java could result in different behaviour. We can increase confidence by extending our test capability as follows:
- The
spec/gemnasium-maven_image_spec.rb
integration test should be updated
Available Tier
- Ultimate
Implementation Plan
Java
-
Update GitLab documentation: -
Update Supported languages and package managers
to include Java 21 with footnote that Java 21 is not supported in FIPS-enabled images -
Update Configuring specific analyzers used by dependency scanning to include Java 21 -
Update FIPS-enabled images to communicate Java 21 is not supported in FIPS-enabled images -
Update documentation to communicate that Java 21 is only support for Maven projects
-
-
Update Gemnasium analyzer: -
Update .tool-versions
to include Java 21 -
Update spec/gemnasium-maven_image_spec.rb
to test scan behaviour with Java 21
-
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.