Re: libmcrypt: abandonware?
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Le 05/12/2014 17:17, Scott Arciszewski a écrit :
> > Hi PHP Internals,
> >
> > I've been trying to get in contact with the maintainers of
> > libmcrypt, but every response I've gotten was, "Oh, I haven't been
> > a part of that for years."
> >
> > http://sourceforge.net/projects/mcrypt/files/Libmcrypt/
> >
> > The last update to libmcrypt was in 2007. There are bug fixes in
> > their issue tracker collecting dust.
>
> Having a dead upstream for crypto API is a critical issue :(
>
> FYI some downstream (ex RHEL) don't even provide this library.
> Already too much crypto libraries, and it will be a mess to provide a
> dead project in an Enterprise distribution.
>
> So php/mcrypt also not available.
>
> But most applications. which use it, usually have alternative, and
> make it optional (ex phpMyAdmin 4.3 now even use openssl as first choice)..
>
> We probably have enough crypto API in PHP, and we probably should mark
> this one as deprecated / unmaintained in 5.x, and move it to PECL (7.x).
>
>
> Remi.
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iEYEARECAAYFAlSH6R0ACgkQYUppBSnxahiRdQCg6IKC9hfJavD9QE3dXEVc8o4t
> H+kAoIWLbVRwS5qfidJi8Yq/F/NQ7vlH
> =osvZ
> -----END PGP SIGNATURE-----
Well then, I'll focus on migrating all my code to use openssl instead of
mcrypt. :)
I think this would be for the best.
Thread (15 messages)