Jon Koops

> Take for example `node-fetch`, where the CJS+ESM compatible v2 sits at around 50M weekly downloads, while the new ESM-only v3 is only at around 5M, even though v3 has...

Indeed, it is often a major version that introduces ESM support, possibly also removing CJS support in the proccess. Libraries that preserve CJS support often have a smoother upgrade path...

> but cjs cannot safely import esm libraries without dynamic import That is what `require(esm)` solves. The main problem with ESM is when the module graph is asynchronous, which is...

FYI Node.js version 23 [has been released](https://nodejs.org/en/blog/release/v23.0.0), which includes the ability to import ESM from CommonJS, without any experimental flags. If this continues to work well this feature will be...

Thanks for this suggestion, I will take a look and see if this could be a library to recommend.

We're currently working on orphaning the Node.js connect adapter from the main Keycloak release cycle, after which I will be starting the evaluation of alternative clients. Once one is selected...

FYI the expectation here is that we will be dropping support for this library completely starting Keycloak 27. Since we are now supporting major versions of Keycloak for [longer periods...

Because Keycloak is based on standard protocols that have widely available implementations in various languages and frameworks, thus it makes no sense for the Keycloak team to maintain a library...

We have a tracker issue on the main repository https://github.com/keycloak/keycloak/issues/31326. See also https://github.com/keycloak/keycloak-nodejs-connect/issues/492#issuecomment-2500301626

We could also port the code to parse the cookie to support both the new and old format and backport it first, then older deployments could still handle cluster deployments...