Document JDK 24+ native access requirements (#702)

xerial · claude · web-flow · commit 92540f3a6011 · 2025-11-24T09:45:29.000-08:00
Add documentation for JEP 472 native access requirements that affect users running snappy-java on JDK 24 or later. Since snappy-java uses JNI to load native libraries, applications running on JDK 24+ must add the --enable-native-access=ALL-UNNAMED JVM flag. Per JEP 472 guidance, this is the application developer's responsibility (not the library's). The new section includes: - Clear explanation of the requirement - Examples for Maven, Gradle, sbt, and command-line usage - Warning message examples users will encounter - Rationale based on JEP 472's "integrity by default" policy No code changes are needed - this is purely documentation to help users understand and address the warnings they see on JDK 24+. Fixes #689 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude <noreply@anthropic.com>
diff --git a/README.md b/README.md
@@ -63,6 +63,63 @@ implementation("org.xerial.snappy:snappy-java:(version)")
 libraryDependencies += "org.xerial.snappy" % "snappy-java" % "(version)"
 ```
 
+## JDK 24+ Native Access Requirements
+
+Starting with JDK 24, Java has introduced restrictions on native method access through [JEP 472: Prepare to Restrict the Use of JNI](https://openjdk.org/jeps/472). Since snappy-java uses JNI to load native libraries for high-performance compression, applications running on **JDK 24 or later** must enable native access.
+
+### Required JVM Flag
+
+When running on JDK 24+, add the following JVM flag to your application:
+
+```bash
+--enable-native-access=ALL-UNNAMED
+```
+
+### Examples
+
+**Running a JAR:**
+```bash
+java --enable-native-access=ALL-UNNAMED -jar your-application.jar
+```
+
+**Maven:**
+```xml
+<plugin>
+  <groupId>org.apache.maven.plugins</groupId>
+  <artifactId>maven-surefire-plugin</artifactId>
+  <configuration>
+    <argLine>--enable-native-access=ALL-UNNAMED</argLine>
+  </configuration>
+</plugin>
+```
+
+**Gradle:**
+```gradle
+tasks.withType(Test) {
+    jvmArgs '--enable-native-access=ALL-UNNAMED'
+}
+```
+
+**sbt:**
+```scala
+javaOptions += "--enable-native-access=ALL-UNNAMED"
+```
+
+### Why is this needed?
+
+Per JEP 472's policy of "integrity by default," it is the application developer's responsibility (not the library's) to explicitly enable native access. This change improves security by making native operations visible and controlled at the application level.
+
+Without this flag on JDK 24+, you will see warnings like:
+```
+WARNING: A restricted method in java.lang.System has been called
+WARNING: java.lang.System::load has been called by org.xerial.snappy.SnappyLoader
+WARNING: Use --enable-native-access=ALL-UNNAMED to avoid a warning for callers in this module
+```
+
+These warnings will become errors in future JDK releases.
+
+**Note:** This requirement only applies to JDK 24 and later. Earlier JDK versions (8-23) do not require this flag.
+
 
 ## Usage
 First, import `org.xerial.snapy.Snappy` in your Java code:
