On 26.07.2024 at 19:33, Rowan Tommins [IMSoP] wrote: > On Fri, 26 Jul 2024, at 15:20, Larry Garfield wrote: > >> One thing to remind people about, the deprecations for md5(), sha1(), >> and uniqid() explicitly say they cannot be outright removed before PHP >> 10. That's at least 6 years away. That gives a loooooong time for >> documentation, tutorials, instructions, and code to be updated. > > It also gives a loooooong time for us to update that documentation *before* > we start raising deprecation notices, so that there's a chance for someone to > actually know what they're supposed to do about it.
Hmm, such soft deprecations should be a good thing, but I'm afraid they are not really reaching much of the user base. Remember ext/mysql? That was soft deprecated for "centuries", but still support channels were burning when it actually had been deprecated, and even after it had been removed. (interestingly <https://pecl.php.net/package/mysql> still says the package would have been moved to <http://php.net/mysql>) Maybe, just maybe, it might be a good idea to repurpose E_STRICT for such things. Basically a three step deprecation: first document that a feature is obsolete, then trigger E_STRICT, and only then E_DEPRECATED. I haven't really thought this through, though. > In contrast, I voted against the deprecation of strftime() because no > effort had been made to explain how users should replace it. Surprise > surprise, nobody has spent any more effort in the 3.5 years since the > deprecation passed, and the only advice in the documentation remains: > > Instead use the IntlDateFormatter::format() method. Yeah, the documentation should certainly be improved, but if there is more work to do than time to do it – what can you do? If there was only the need to cater to PHP core and the bundled extensions, there might be sufficient time to keep the documentation in a good state, but there are also so many PECL extensions documented there, and at least some of them appear even unmaintained, and many of them probably nobody working on the documentation has ever used; see e.g. <https://github.com/php/doc-en/pull/3360>. > On Fri, 26 Jul 2024, at 15:27, Christoph M. Becker wrote: > >> Well, you are supposed to also check the hash_hmac() documentation... > > Why would I, if I'm not using that function? […] I should have explicitly marked my comment as irony. Of course, readers of the documentation are not supposed to check some other functions, unless told to do so. Cheers, Christoph
