At Square we’re realizing that we may be needing more than just managed_jar_libraries, or something augmenting it. Because the transitive jar dependencies get included in the fingerprint of every java library, you can have two builds that are 99% the same, but with one different version of a transitively resolved external jar, and have the whole thing invalidated. I spent all last week tracking down why certain builds (eg, running tests, then building a binary afterward) would rebuild tons of common libraries that hadn’t changed.