Problem/Motivation
PHP is looking at deprecating usage of uniqid because it doesn't provide good uniqueness. Which means we're probably not getting the uniqueness we expect in the handful of places we're using it across core.
Deprecation RFC: https://wiki.php.net/rfc/deprecate-uniqid
Old discussion on uniqueness. https://marc.info/?l=php-internals&m=148314015430338&w=2
Proposed resolution
I propose we get ahead of any decision there and clean up usage of a potentially problematic function.
Remaining tasks
Decide on how we remove.
1. Inline some hash'd random implementation?
2. Provide a drupal_uniqid() implementation?
3. other?
User interface changes
n/a
API changes
New method.
Hashes will be calculated different but this should not be breaking. There is "randomness" in uniqid so there should be no expectation about the predictability of that randomness built in to our API.
Data model changes
n/a?