I have created https://issues.apache.org/jira/browse/CALCITE-4259 to upgrade to JDK 15 before release 1.26.
I also propose upgrading Guava and log4j2, and removing log4j (which seems to have reached end-of-life). I did a quick test and JDK 15 and guava-29.0-jre seem to work fine. So the main task is update CI, release notes and gradle.properties. Are there any other dependencies we should upgrade? We support a wide range of Guava versions (19.0 to 28.2-jre) and I think we should continue. However, we currently default to the oldest supported version, and that increases our vulnerability. Going forward, I think we should default to the newest version. If you disagree with any of the above, please comment in the JIRA case. Julian
