October 08 2024 by Stian Thorgersen
With four major releases of Keycloak every year it can be a daunting task to keep deployments up to date. Especially, since the number of breaking changes have drastically increased the last couple years. Combine this with the importance of patching deployments quickly for vulnerabilities, this can leave many deployments open to known vulnerabilities as the time and effort required to update to the latest release is too costly.
Additionally, currently Keycloak client libraries are released together with the server, resulting in new major versions of a client library, where in fact there can be no changes at all, or perhaps only a bug fix or two.
For these reasons, after Keycloak 26.0 is released there will be some changes to how Keycloak is being released:
Keycloak server will have 4 minor releases every year, and a major release every 2-3 years
Keycloak client libraries will be released separately. The latest client library release will support all currently supported Keycloak server releases
We will continue to bring new features and enhancements to Keycloak in each release, and we are committed to doing so in a backwards compatible way, making it seamless and easy to upgrade.
When a minor comes with breaking changes, such changes will be opt-in. This will be driven through versioning where the currently default version for a Feature or an API can not change in a minor release, and there will be a new version that can be explicitly enabled. The current version of a Feature or API can be deprecated in a minor, but will not be removed until the next major version. This will allow you to gradually roll-out new Feature or API versions separately from upgrading. You can choose to get ready for the next major release early, or wait and do it in one go.
Backwards compatibility guarantees will only be given to Features and APIs that are fully supported. Preview features or preview APIs, as well as non-public APIs may change at any time.