> Yet again the PHP community doesn't care about security of its users, current > and future, and just prefers the convenience of needing to type less > characters and not go back fix some code for better design. > > > Gina P. Banyard
If you describe it in such a dramatic fashion, then there is no reason to keep sha/md5 functionality in hash too? One could come up also with a different statement - "the PHP community doesn't care about backwards compatibility (in favor of questionable deprecations/removals)" (which at some point even borders with some "Karma farming" [1]) [1] https://socket.dev/blog/openssf-warns-of-reputation-farming-using-closed-github-issues-and-prs rr
