LDAP plugin currently delivers WEB-INF/lib/spring-security-ldap-5.7.2.jar in its JPI file. This is incompatible with Spring Security 6.x, which requires version 6.x of spring-security-ldap. Unfortunately, this plugin cannot be prepared in advance of the transition, since doing so would break compatibility with Spring Security 5.x and existing cores. So on the same day a core weekly is released with EE 9 / Spring Security 6.x, LDAP plugin should be updated to depend on that weekly and to embed spring-security-ldap 6.x, and a release should be performed on that day. The adoption of that release of LDAP plugin should take place in lockstep with the adoption of the abovementioned weekly in any BOMs, including jenkinsci/bom as well as any proprietary BOMs.

The code change is trivial, simply adopting the latest weekly release as the jenkins.version and rebuilding, and has been prototyped at https://github.com/basil/ldap-plugin/tree/jakarta. The tricky part of this ticket is not the code change, but the release coordination. The assignee of this ticket must ensure they are able to do a release of the LDAP plugin with these changes on the very same day the corresponding core weekly release goes out, and adapt BOMs like jenkinsci/bom accordingly.