On Thu, Jul 25, 2024 at 11:35 PM Peter Stalman <sarke...@gmail.com> wrote:
> If their learning insticast > *instincts. I should also clarify, I'm not against deprecations in general. However, the benefits should outweigh the costs. If something is getting unmaintainable, no longer supported, inherently insecure etc, those are all good reasons. `password_hash` as mentioned was a great addition, and should/did solve this very issue. Even someone reading a blog tutorial from 11 years ago would be able to see this used properly. But md5/sha1 are not bad functions, they do *exactly* what they say on the box. Being able to do the exact same thing by spelling the function slightly differently isn't even deprecating them, just deprecating an alias. They're only *bad* if used in a *bad way*, and that to me is not enough of a reason. Thanks, Peter
