01504: PHP requirements

Summary: PHP requirements
Created: 2024-05-02 04:32
Status: Discussion
Category: Documentation
From: gnuzoo
Priority: 1

Description: Is it time to upgrade PHP requirements to at least PHP version 8.1?

PHP 8.0 has reached end of life and has abandoned all support.
From https://www.php.net/eol.php - "you are strongly urged to upgrade to a
current version, as using older versions may expose you to security vulnerabilities
and bugs that have been fixed in more recent versions of PHP."

I do not like the idea of other people having "security vulnerabilities" because PmWiki said it is OK to use old unsupported versions of PHP.
Another site said "Using PHP 5 Becomes Dangerous" - At least abandon PHP version 5. --gnuzoo

I have updated the PmWiki:Requirements page. We never said it was okay to use vulnerable PHP versions, this was about the technical prerequisites, as in, the core doesn't normally call PHP functions or implement patterns that were only added in more recent PHP versions. In some cases people cannot update their PHP version, in others they cannot update their old recipes that the new PHP versions inevitably break. They would appreciate being able to use the latest PmWiki features like PmTOC, PmSyntax, or the dark mode, for example on an internal/non-public webserver. --Petko

Perhaps you can freeze PmWiki PHP 5 development for 'security fixes only'.
PHP does this for older versions https://www.php.net/supported-versions.php