Another approach for the changed signature in the data provider of web modules could be something like this:
<web-resource ...>
<restrict application="confluence" version="(,9.0.0)" />
<data class="class.based.on.old.guava.dependency" />
</web-resource>
<web-resource ...>
<restrict application="confluence" version="[9.0.0,)" />
<data class="class.based.on.new.javax.Supplier" />
</web-resource>
This way you’d make sure the proper module / data provider is used on each Confluence version. Of course you’d need an optional OSGi import for the guava package for Confluence versions < 9 AND remove any other uses of guava from your code base so you don’t have to bundle it for 9.0.0+
I don’t know if both modules may have the same key - which might be relevant if you manually require it in macros / action templates etc. instead of placing the module in a <context>.