Do not remove "closed" discussions

[thhck]

Hello,

A few weeks ago, I posted a discussion about retrieving an authorization code from node-oidc-provider, and later shared a solution that could help anyone using node-oidc-provider for FedCM implementation, which was later deleted. Also while working on FedCM for the Community Solid Server (which uses node-oidc-provider), I came across a dead link referencing one of this repository’s discussions. It was frustrating, as it seemed to hold the answer I needed but was no longer accessible.

I understand that seeing an infinite list of issue and discussion can be overwhelming for a maintainer, and btw thank you a lot for the development and maintenance of this library.

However, I’m wondering if there’s a reason why such discussions are removed. I would be in favor of keeping them as they are potentially valuable documentation for developers. Otherwise, could you share any thoughts on how the community can best store and share knowledge about this library to avoid losing important information in the future?

[panva]

Hello @thhck

Thank you for the kind words and your feedback. Generally this is not a Q&A forum (not anymore). Unfortunately I don't have the time to cater to one. As much as I hate how it sounds, based on past experience there can't be one without my involvement, too many questions and many wrong answers at the same time.

I came across a dead link referencing one of this repository’s discussions. It was frustrating, as it seemed to hold the answer I needed but was no longer accessible.

I've removed all outdated posts when I've reopened the Discussions sections a couple years ago, that's why the old link you mention is likely gone. Discussions that include old (unsupported) major version related code and questions don't IMHO serve anyone. I would much rather remove content that would lead developers astray than leave it around on the offchance it might maybe eventually be useful.

A few weeks ago, I posted a discussion about retrieving an authorization code from node-oidc-provider

Your particular discussion (which IIRC was more of a question anyway) about FedCM and issuing authorization codes programmatically was removed because it did not fit the description of the Ideas sections ¹. I do have FedCM on my peripheral vision, I did a number of PoCs already and decided I will not be adding anything specific for FedCM until a) it's available in all major browsers, b) its usage picks up steam c) there's an interoperability profile for its usage in OAuth.

Otherwise, could you share any thoughts on how the community can best store and share knowledge about this library to avoid losing important information in the future?

The Community Guides² category is the place for sharing knowledge.

Footnotes

1. https://github.com/panva/node-oidc-provider/discussions/categories/ideas - Share ideas for new features such as configuration options, extension points, or updates to existing ones. Entries here are not meant for Q&A. Only fully-fledged ideas with description, examples and clearly stated "why" or "what for" stand a chance of being discussed, otherwise they will be closed and eventually removed. ↩

2. https://github.com/panva/node-oidc-provider/discussions/categories/community-guides - Community-contributed recipes, guides, and insights. Entries here are not meant for Q&A, they are meant to be comprehensive guides to achieve a certain goal. Discussions that do not fit this description will be closed and eventually removed. ↩

[thhck]

As much as I hate how it sounds, based on past experience there can't be one without my involvement, too many questions and many wrong answers at the same time.

I've removed all outdated posts when I've reopened the Discussions sections a couple years ago, that's why the old link you mention is likely gone. Discussions that include old (unsupported) major version related code and questions don't IMHO serve anyone. I would much rather remove content that would lead developers astray than leave it around on the offchance it might maybe eventually be useful.

Seems fair to me !

Your particular discussion (which IIRC was more of a question anyway)

Since I didn't find my answer in the documentation and there is no issue section, my only hope was to phrase it as an idea and post it in the idea section, but my ruse has been unmasked... sorry for that

issuing authorization codes programmatically was removed because it did not fit the description of the Ideas section

The Community Guides2 category is the place for sharing knowledge.

So should I re-post it as a community guide ? Or do you think issuing authorization codes programmatically doesn't goes with the lib design and should not be shared as a possible solution ?

I do have FedCM on my peripheral vision, I did a number of PoCs already and decided I will not be adding anything specific for FedCM until a) it's available in all major browsers, b) its usage picks up steam c) there's an interoperability profile for its usage in OAuth.

happy to hear that !

[panva]

So should I re-post it as a community guide?

If you feel like writing up a full-on guide, sure. Up to you really.

Or do you think issuing authorization codes programmatically doesn't goes with the lib design and should not be shared as a possible solution ?

It is public API (as per the published types at least) and you absolutely do need to use the same building blocks for e.g. custom grants.