Spring Security 6.x (including EE 9) was delivered in 2.475, with two follow-on regression fixes in 2.476 and 2.477 respectively. At the time of this writing, I am not aware of any unresolved issues with Spring Security 6.x or EE 9. I recommend either 2.476 or 2.477 be chosen as the next LTS line, and if 2.476 is chosen then the relevant regression fix should be backported.
https://github.com/jenkinsci/plugin-pom/pull/1004 proposes requiring Java 17 or newer and Jetty 12 (EE 9) or newer for plugin development. My recommendation is to merge and release this PR once the next LTS line is selected. While more aggressive than usual for the plugin parent POM, this eliminates the need for a number of workarounds when using newer core releases. We can always create a Java 11 backport branch if necessary, but I have no plans to do that at present. -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-dev+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CAFwNDjpWPudB-OaBfOEwc83iJZh%3DbyRckgWejSMGYEjZ0uOvTA%40mail.gmail.com.
