On Feb 3, 2015 2:10 PM, "Adam Harvey" <ahar...@php.net> wrote: > > On 3 February 2015 at 03:11, Anatol Belski <anatol....@belski.net> wrote: > > properly after the voting phase the > > https://wiki.php.net/rfc/removal_of_dead_sapis_and_exts moves to the > > voting. Each item is voted separately. The voting ends on 2015-02-09 at > > 21:00 CET. > > To explain my -1s: > > - ext/imap and ext/mcrypt: while I realise that the underlying > libraries are dead, these extensions are too widely used to straight > up remove them, I fear — we don't have obvious alternatives with > simple enough APIs that we can push users towards. I'd strongly > support and encourage a reimplementation of these extensions (in C or > PHP) around something supported if someone was able to step up and do > the work, otherwise yes, I'll pitch in to do the minimal work to port > these to 7.0 if required.
We have plenty of alternative implemented in php, supporting way more things that ext/IMAP ever did. However I have a hard time to understand your argument. We keep discussing how to improve security, make php safer by default, etc. But for IMAP, you basically open the door with a big shield saying "come in, we have free cooking and you can do almost all you want inside via this door". This is insane. If it was only up to me I would kick it out of core right now due to the critical issue it has. Mcrypt is only a time bomb. It will be the same pretty soon.
