I noticed recently that the plugins on https://next.tiki.org now need validating when they shouldn't, so i just did a test locally from a 16.x upgraded to 17.x and my test validated plugins (html, PayPal and jq) are fine.
So might there be something else going on in the pre-dogfood upgrade script that could be invalidating them? Like an encoding change maybe, or something happening to the tiki_plugin_security table maybe?
Or could it be a difference in the "multibyte" setup of the servers? Part of the fingerprint calculation uses strlen http://php.net/manual/en/function.strlen.php on the body of the plugin, so this might change according to charset (maybe)? It should probably be mb_strlen (one day).
I did a diff between parserlib.php in 17.x and 16.x and there aren't any suspicious changes regarding plugin parsing that i can see.
Can you (or anyone else) shed any light on this one?