> I suggest to deprecated the functions md5_file() and sha1_file(). This will
Not sure what's the point of it. SHA1 and MD5 didn't change. The
recommendations for their usage has changed, but we generally don't use
deprecation warnings to improve users' code and recommend them how to
structure their code better. Deprecation is usually for functions that
are unsupported (and going to go away) or not having any non-broken uses
anymore. We have crc32() function which is much less secure than md5 for
check-summing obviously, and we don't deprecate it because of that. I
don't think we should use deprecations for that purpose.
> Carrying around these two dedicated functions seems a bit too much for a
> modern PHP. What do you think?
There's zero effort expended on "carrying around" these functions, and I
don't see why it's "too much" for "modern PHP"? What changed in "modern
PHP" that suddenly brought forward the need to minimize the number of
existing functions? I don't see any reason for that.
On the contrary, deprecating it causes work for people that legitimately
use these functions, and makes them either turn off deprecation warnings
(unsafe and may lead to real deprecations pass unnoticed) or work around
this. I don't think it is beneficial.
> > I suggest to deprecated the functions md5_file() and sha1_file(). This
> Not sure what's the point of it. SHA1 and MD5 didn't change. The
> recommendations for their usage has changed, but we generally don't use
> deprecation warnings to improve users' code and recommend them how to
> structure their code better.
Yes that was my point with "modern php". The recommendation changed.
It seems like most people in this discussion like to keep the functions. I
didn't expect that.
Thanks for the feedback and the arguments all!