Provide more specific messaging about the consequences of using an unsupported PHP version

Problem/Motivation

In #2917655: [9.4.x only] Drop official PHP 7.3 support in Drupal 9.4, we propose increasing \Drupal::MINIMUM_SUPPORTED_PHP to 7.4 in Drupal 9.4. This results in the following warning being displayed on installation, update, and the site status report:

Your PHP installation is too old. Drupal requires at least PHP 7.4.0. It is recommended to upgrade to PHP version 8.1 or higher for the best ongoing support. See PHP's version support documentation and the PHP requirements page for more information.

However, "the best ongoing support" is unclear, as are the consequences of continuing to use PHP 7.3. The specific consequences of using an old PHP version are explained in #2917655: [9.4.x only] Drop official PHP 7.3 support in Drupal 9.4.

Proposed resolution

(Also see #2670966: Warn users of old PHP versions and #2927344: Specifically warn about end dates for PHP support for old versions for examples of the previous messaging used in Drupal 8.)

Explain the consequences of PHP that is "too old" more clearly, either by improving the UI strings and/or adding more specific explanations to the system requirements documentation. See the issue summary of #2917655: [9.4.x only] Drop official PHP 7.3 support in Drupal 9.4 for what the consequences might be. In particular:

1. \Drupal::MIINIMUM_SUPPORTED_PHP is increased to at least 7.4and possibly later 8.0 (see the proposal in #3261447: Add an API for dynamically setting recommended and supported PHP versions based on known and predicted PHP release schedules).
    

2. We monitor Drupal 9 dependencies' PHP version support from now until the Drupal 9 end-of-life.
    

3. If:

   • A dependency drops support for PHP 7.3, and
   • The dependency also no longer supports previous versions that were compatible with PHP 7.3

   Then:

   • A new minor version of core (e.g., Drupal 9.5) is created that increases the minimum PHP requirement and the constraint for the affected dependency.
   • Old Drupal core minors (e.g., 9.3 and 9.4) are considered unsupported.
   • Security fixes are still backported to the old Drupal core minors only for security advisories that do not involve the affected dependency.

Implementation details

1. [DONE] \Drupal::MINIMUM_SUPPORTED_PHP is increased to at least 7.4, but installation is allowed on this version (see #2917655: [9.4.x only] Drop official PHP 7.3 support in Drupal 9.4).
    

2. [DONE] The PHP requirements handbook page table is updated to indicate PHP 7.3 is only supported by 9.x versions less than 9.4.x.
    

3. [DONE] A section is added to the above handbook page: "What does it mean for a PHP version to be too old?" (the text used in the UI).
    

4. Messaging about PHP versions less than \Drupal::MINIMUM_SUPOPRTED_PHP is updated in 9.4.x prior to 9.4.0. It links the PHP requirements handbook page section directly.
    

5. We consider backporting some or all of the changes to 9.3.x in a patch release so that at least future bugfix and security releases of 9.3.x also have the necessary information.
    

6. The new minor (e.g. 9.6.x) is branched from the tip of the production branch (e.g. 9.5.x HEAD).
    

7. The new minor increases \Drupal::MINIMUM_PHP, the Composer PHP constraint, and the Composer constraint for the dependency.
    

8. The new minor release (e.g. 9.6.0) is tagged immediately, with release notes referencing the issue for the dependency change. (It does not require a stabilization phase because it was already the stable bugfix branch.)
    

9. The release cycle documentation is updated to indicate that 9.5.x (and 9.4.x if it is before June 2023) are considered end-of-life.
    

10. Issues are bulk-updated from 9.5.x to 9.6.x with a message referencing the issue for the dependency change.
     

11. A Drupal core blog post is created about the new 9.6.0 release and its PHP requirement.
     

12. If it is still before December 2022, 9.3.x is explicitly marked unsupported on the core release node, to ensure users receive immediate messaging about this branch (since it does not contain our UI warnings in releases to date).
     

13. "Recommended" is unchecked for 9.5.x on the core release node.
     

14. "Supported" is still checked on the core release node for 9.5.x (only visible to core committers), and the branch still receives automated testing in order to facilitate best-effort backports.
     

15. Security advisories that do not involve the affected dependency are still backported to 9.5.x.
     

16. If a security update is released for the affected dependency that would require a core security advisory, it is not backported, and all 9.5.x and earlier core releases are marked insecure (so site owners see "Security update required!" in addition to the warnings and errors about old PHP).
     

17. We could still backport other security fixes to 9.5.x on a best-effort basis after such an SA, but the releases would still be marked insecure.

Remaining tasks

This is postponed on #2917655: [9.4.x only] Drop official PHP 7.3 support in Drupal 9.4.

#4 could be addressed here as well.

User interface changes

TBD

API changes

Probably none.

Data model changes

None.

Release notes snippet

None.