>I disagree. While MD5 and SHA1 might not be suitable for modern
>cryptographic operations, these functions might be needed for legacy
>situations -- e.g., munging through old data.
>On Mon, Feb 10, 2020 at 1:50 PM Tom Van Looy via internals <
>> While in some environments the use of MD5 and SHA1 are still
>> some use cases like file integrity verification etc. the use of these
>> algorithms should be discouraged and not be your choice when
>> I suggest to deprecated the functions md5_file() and sha1_file().
>> make people think about upgrading to a better alternative. If you
>> need this functionality you can always switch to the hash_file()
>> Carrying around these two dedicated functions seems a bit too much
>> modern PHP. What do you think?
>> My feeling was that this is a no brainer. Should I open an RFC for
>> Kind regards,
>> Tom Van Looy
Deprecation doesn't mean immediate removal. It's a nudge to move to something better. Because this deprecation isn't in the last PHP 7, these functions can't be removed until PHP 9.