Hi Solr team, I noticed that your project is pinned to an older version of Caffeine (v2.8.4, latest is v3.0.2). Both projects have moved to JDK11 in their latest major version. For Caffeine this allowed us to remove sun.misc.Unsafe in favor of VarHandles. I mention this because Andrzej Białecki specifically raised a concern about our use of Unsafe for Solr [1], but we could not address it then due to being on JDK8. For maintenance and support, it would be great if you can upgrade your dependencies regularly.
On that note, you might want to set up a periodic report to discover dependency updates. Keeping the build healthy can help avoid bugs and future incompatibility pains, but does risk suffering from newly introduced errors. Unfortunately Github's dependabot has poor Gradle support so the community continues to use the older gradle-versions-plugin [2], e.g. through a github action [3]. This plugin scripts Gradle's dependency management to generate a text or json report of possible upgrades based on the configured selection rules. Using this or something similar should let the team be more aware of possible upgrades and make the appropriate decisions. The plugin is agnostic to how you manage and store dependency versions, it merely reports based on what the build evaluates to. Cheers, Ben [1] https://github.com/ben-manes/caffeine/issues/273#issuecomment-557197399 [2] https://github.com/ben-manes/gradle-versions-plugin [3] https://github.com/marketplace/actions/gradle-update-checker
