It's great to see AWS use standards like WebAuthn and make it easier for people to move away from pure passwords. It should benefit AWS users and their customer's data but hopefully pushes further adoption.
Sorry I misread your comment. But is it not easier to write an CJS wrapper around ESM given that its format is a lot looser?
From what I have seen seems pretty typical to simply export the named properties using a fresh module.exports = {...} and then use default as the main export?
I'm pretty sure services like pika.dev/skypack.dev/jspm.io are trying to solve the CJS to ESM problem so you can use it directly in the browser (or deno).
Last time I checked they seemed to lean into using rollup to take care of the translation under the covers.
Enpass is another alternative with good cross device and platform support. Under the covers they use SQLCipher[1] which I’m guessing you could build your own interface for.