fix: add Multi-Release manifest attribute to shaded JARs for GraalVM/Truffle support

[robfrank]

GraalVM/Truffle JARs are transitively included in protocol module shaded JARs (e.g. gremlin via arcadedb-integration -> arcadedb-engine -> GraalVM). The maven-shade-plugin strips the Multi-Release: true manifest attribute, causing Truffle's CheckMultiReleaseSupport check to use the base class (returns false) instead of the Java-9+ versioned class (returns true).

Since shaded JARs sort alphabetically before the individual truffle-api and polyglot JARs, the JVM always loaded the broken version first, resulting in Engine$ImplHolder initialization failure.

Fix: add ManifestResourceTransformer with Multi-Release: true to the parent pom shade plugin configuration, as recommended by the GraalVM documentation for Uber/shaded JAR setups.

[gemini-code-assist]

Summary of Changes

Hello @robfrank, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses a critical compatibility problem affecting GraalVM/Truffle when its dependencies are bundled into shaded JARs. The core issue stemmed from the build process inadvertently removing a crucial manifest attribute, leading to runtime initialization errors. By reconfiguring the build plugin to preserve this attribute, the change ensures seamless integration and correct functionality of GraalVM/Truffle within the project's shaded artifacts.

Highlights

• GraalVM/Truffle Compatibility Fix: Resolved an issue where GraalVM/Truffle JARs, when transitively included in shaded JARs, failed to initialize correctly due to the Multi-Release: true manifest attribute being stripped by the maven-shade-plugin.
• Manifest Attribute Restoration: Implemented a ManifestResourceTransformer within the maven-shade-plugin configuration to explicitly add the Multi-Release: true attribute, ensuring proper detection of Java 9+ versioned classes by Truffle's CheckMultiReleaseSupport.
• Engine Initialization Failure Prevention: The fix prevents Engine$ImplHolder initialization failures that occurred when the JVM loaded the broken base class version instead of the correct Java 9+ versioned class from the shaded JARs.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• pom.xml
  • Added a ManifestResourceTransformer to the maven-shade-plugin configuration.
  • Configured the transformer to include the Multi-Release: true manifest entry.

Activity

• No activity has been recorded for this pull request yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[mergify]

🧪 CI Insights

Here's what we observed from your CI run for d2c441f.

🟢 All jobs passed!

But CI Insights is watching 👀

[gemini-code-assist]

Code Review

This pull request addresses a runtime initialization failure with GraalVM/Truffle when using shaded JARs. The issue is caused by the maven-shade-plugin stripping the Multi-Release: true manifest attribute, which is required by GraalVM's multi-release JARs. The fix adds a ManifestResourceTransformer to the parent pom.xml's shade plugin configuration to explicitly set Multi-Release: true in the manifest of shaded JARs. This is the correct approach as recommended by GraalVM documentation. The change is well-commented and effectively resolves the issue. I find the change to be correct and have no suggestions for improvement.

[claude]

Code Review - PR #3487

Summary

This PR addresses a critical GraalVM/Truffle initialization issue in shaded JARs by adding the Multi-Release: true manifest attribute to the parent POM's maven-shade-plugin configuration.

---

✅ Positive Aspects

1. Correct Root Cause Analysis: The PR correctly identifies that maven-shade-plugin strips the Multi-Release: true manifest attribute, causing Truffle's CheckMultiReleaseSupport to fail and use the base class instead of Java 9+ versioned classes.

2. Proper Fix Location: Adding the ManifestResourceTransformer to the parent POM ensures all modules that use the shade plugin inherit this fix (gremlin, mongodbw, postgresw, redisw, grpcw, bolt, metrics).

3. Good Documentation: The inline comment clearly explains why this change is necessary and what failure it prevents.

4. Minimal Impact: This is a non-invasive change that only adds metadata to the JAR manifest without modifying any code.

5. Alignment with GraalVM Best Practices: This follows the official GraalVM documentation recommendations for shaded/uber JARs.

---

🔍 Technical Review

Code Quality: ✅ Excellent

• Clean XML formatting consistent with existing transformers
• Proper placement within the <transformers> section
• Clear, concise comment

Correctness: ✅ Verified

• The Multi-Release manifest entry is the standard way to mark JARs as multi-release
• This will propagate to all child modules using the parent shade plugin configuration

Performance: ✅ No Impact

• This is a build-time change only; no runtime performance impact

Security: ✅ No Concerns

• Adding manifest metadata poses no security risk
• Multi-release JARs are a standard Java feature (JEP 238)

---

📋 Observations & Considerations

1. Test Coverage: While the fix is correct, consider:

   • ✅ Existing tests like SQLDefinedJavascriptFunctionTest, PolyglotQueryTest, and PolyglotFunctionTest should now work properly in shaded JAR contexts
   • ℹ️ The fix enables JavaScript functions (via GraalVM) to work in production distributions where protocol modules are shaded
   • 💡 Recommendation: After merging, verify that a shaded JAR (e.g., from gremlin module) contains Multi-Release: true in its manifest by running:

     mvn clean install -pl gremlin
     unzip -p gremlin/target/arcadedb-gremlin-*-shaded.jar META-INF/MANIFEST.MF | grep Multi-Release

2. Affected Modules: The following modules inherit this configuration and will benefit:

   • gremlin (uses GraalVM for GraphML/GraphSON handlers)
   • mongodbw, postgresw, redisw, grpcw, bolt (protocol adapters)
   • metrics (monitoring module)

3. Dependency Scope: ✅ The engine module correctly declares GraalVM dependencies at compile scope since it directly uses polyglot features. Protocol modules should use provided scope per CLAUDE.md guidelines.

---

🎯 Recommendations

1. Pre-Merge Verification (Optional but Recommended):

   # Build with the fix
   mvn clean install -DskipTests
   
   # Verify manifest in a shaded JAR
   unzip -p gremlin/target/arcadedb-gremlin-*-shaded.jar META-INF/MANIFEST.MF | grep -i multi-release
   
   # Run polyglot tests to ensure no regression
   mvn test -Dtest="*Polyglot*" -pl engine

2. Documentation: Consider adding a note in package/README-BUILDER.md or developer docs about this GraalVM requirement if teams create custom build configurations.

3. Future-Proofing: This fix is compatible with the modular builder (arcadedb-builder.sh) since it affects the Maven build process upstream of distribution assembly.

---

✅ Final Verdict

APPROVED ✅

This is a well-researched, correctly implemented fix for a critical runtime issue. The change:

• Solves a real problem affecting JavaScript function execution in shaded distributions
• Follows GraalVM best practices
• Has no negative side effects
• Is properly documented
• Aligns with the project's coding standards

The fix enables ArcadeDB's polyglot scripting features (JavaScript functions, triggers) to work correctly in production deployments using shaded protocol modules.

---

Minor Typo Note: The branch name has a typo: fix/jsfuncions-thruffle (should be "functions" and "truffle"), but this doesn't affect the functionality.

Great work tracking down this tricky initialization issue! 🎉

[codacy-production]

Coverage summary from Codacy

See diff coverage on Codacy

Coverage variation	Diff coverage
✅ -9.86%	✅ ∅

Coverage variation details

	Coverable lines	Covered lines	Coverage
Common ancestor commit (d14e063)	88194	63913	72.47%
Head commit (d2c441f)	118081 (+29887)	73934 (+10021)	62.61% (-9.86%)

Coverage variation is the difference between the coverage for the head and common ancestor commits of the pull request branch: <coverage of head commit> - <coverage of common ancestor commit>

Diff coverage details

	Coverable lines	Covered lines	Diff coverage
Pull request (#3487)	0	0	∅ (not applicable)

Diff coverage is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: <covered lines added or modified>/<coverable lines added or modified> * 100%

See your quality gate settings    Change summary preferences

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 64.33%. Comparing base (d14e063) to head (d2c441f).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3487      +/-   ##
==========================================
+ Coverage   63.50%   64.33%   +0.82%     
==========================================
  Files        1331     1331              
  Lines       88194    88194              
  Branches    18063    18063              
==========================================
+ Hits        56009    56741     +732     
+ Misses      24308    23516     -792     
- Partials     7877     7937      +60     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.