The SpiceDB Caveats feature is being prepared for its general availability in the 1.17.0 release, with a focus on sharing common use cases for caveats, which allow dynamic logic to be added to SpiceDB schema using Google's CEL language. The top-3 most used caveat patterns include IP Allowlists, Session-bound permissions, and Time-Bound Permissions, each with built-in functionality in SpiceDB to support their implementation. Examples of these patterns are shown in GitHub's IP Allowlists functionality, a hypothetical temporal repository access grant, and a user session-based policy for enforcing 2FA setup or SAML Session tags. The SpiceDB Caveats feature aims to provide first-class support for conditional access based on various criteria, improving security posture and reducing the attack surface.