This suggestion is specific for the newer java versions, more specifically java 9 or above.

A lot of plugins on spigot that try to be as lightweight as possible, as well as work on a server network tend to load external libraries into their own class loader.

A few examples of those things that I found on spigot:
https://github.com/lucko/helper/blob/master/helper/src/main/java/me/lucko/helper/maven/LibraryLoader.java
https://www.spigotmc.org/threads/adding-external-library-to-server.386112/
https://www.spigotmc.org/threads/runtime-external-jar-loading-and-java-9.340156/

This approach worked perfectly fine for java 8, yet the version of the language is now a total of four major updates behind the latest release of java and the used call

URLClassLoader#addURL(java.net.URL)

now ends up in an illegal access warning (https://stackoverflow.com/questions/50251798/what-is-an-illegal-reflective-access).

To fix this, spigots plugin class loader class (org.bukkit.plugin.java.PluginClassLoader) can implement a wrapper for the protected method of its parent class (the URLClassLoader).

Addition to the PluginClassLoader:

@Override
public void addURL(URL url) {
    super.addURL(url);
}

This change has absolutely no affect on any of spigots behavior, as the method is not called at all during the normal class loader creation, but allows plugin developers to updated smoothly to java 9 or newer without having to sacrifice the ability to dynamically load libraries or other java classes into the plugins own class loader.