The global variables (and functionality behind) $wgWhitelistRead and $wgWhitelistReadRegexp should be deprecated due to:
- Their ability to introduce certain security issues under various MediaWiki configurations (e,g, the currently-protected T297416)
- These variables aren't as relevant as they once were due to certain auth-related pages now simply allowing reads by default and the ability to edit MediaWiki:Loginreqpagetext and any related messages.
The technical changes should be fairly simple (DefaultSettings and PermissionsManager mainly) and then obviously updating release notes and perhaps proactively reaching out to the maintainers of the handful of extensions which make use of either of these global variables.