Does Keycloak have a policy on which of its packages are considered public, and which are not?
For SPIs, there tend to be a -public and -private. What about non-SPIs?
For example, org.keycloak.services.util.CookieHelper disappeared without notice in 24.x. There was a notice in the migration guide about cookie changes, e.g. that HttpCookie was deprecated, but it didn’t specifically reference the above package which just disappeared.