diff --git a/.htaccess b/.htaccess
index 1ac01a117b276ec0db962c82d05ffca835d57832..9f6e48a929c89f0b87267bed9cf05e42b765c388 100644
--- a/.htaccess
+++ b/.htaccess
@@ -136,7 +136,7 @@ AddType image/webp .webp
   # Note: The following URI conditions are not anchored at the start (^),
   # because Drupal may be located in a subdirectory. To further improve
   # security, you can replace '!/' with '!^/'.
-  # Allow access to PHP files in /core (like authorize.php or install.php):
+  # Allow access to PHP files in /core (like install.php):
   RewriteCond %{REQUEST_URI} !/core/[^/]*\.php$
   # Allow access to test-specific PHP files:
   RewriteCond %{REQUEST_URI} !/core/modules/system/tests/https?\.php
diff --git a/core/.phpstan-baseline.php b/core/.phpstan-baseline.php
index b70afb2b499fefe53573f3076cc3424cbb2aea48..b99725b3c42c6c4a96419f58f715998fde6a454f 100644
--- a/core/.phpstan-baseline.php
+++ b/core/.phpstan-baseline.php
@@ -7716,240 +7716,6 @@
 	'count' => 1,
 	'path' => __DIR__ . '/lib/Drupal/Core/File/MimeType/MimeTypeGuesser.php',
 ];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\ChmodInterface\\:\\:chmodJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/ChmodInterface.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\FTPExtension\\:\\:chmodJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/FTPExtension.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\FTPExtension\\:\\:connect\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/FTPExtension.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\FTPExtension\\:\\:copyFileJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/FTPExtension.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\FTPExtension\\:\\:createDirectoryJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/FTPExtension.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\FTPExtension\\:\\:removeDirectoryJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/FTPExtension.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\FTPExtension\\:\\:removeFileJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/FTPExtension.php',
-];
-$ignoreErrors[] = [
-	// identifier: return.missing
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\FileTransfer\\:\\:__get\\(\\) should return bool\\|string but return statement is missing\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/FileTransfer.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\FileTransfer\\:\\:checkPath\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/FileTransfer.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\FileTransfer\\:\\:chmod\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/FileTransfer.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\FileTransfer\\:\\:connect\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/FileTransfer.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\FileTransfer\\:\\:copyDirectory\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/FileTransfer.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\FileTransfer\\:\\:copyDirectoryJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/FileTransfer.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\FileTransfer\\:\\:copyFile\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/FileTransfer.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\FileTransfer\\:\\:copyFileJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/FileTransfer.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\FileTransfer\\:\\:createDirectory\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/FileTransfer.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\FileTransfer\\:\\:createDirectoryJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/FileTransfer.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\FileTransfer\\:\\:removeDirectory\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/FileTransfer.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\FileTransfer\\:\\:removeDirectoryJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/FileTransfer.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\FileTransfer\\:\\:removeFile\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/FileTransfer.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\FileTransfer\\:\\:removeFileJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/FileTransfer.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\FileTransfer\\:\\:setChroot\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/FileTransfer.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\Form\\\\FileTransferAuthorizeForm\\:\\:create\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/Form/FileTransferAuthorizeForm.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\Form\\\\FileTransferAuthorizeForm\\:\\:setConnectionSettingsDefaults\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/Form/FileTransferAuthorizeForm.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\Form\\\\FileTransferAuthorizeForm\\:\\:submitForm\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/Form/FileTransferAuthorizeForm.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\Form\\\\FileTransferAuthorizeForm\\:\\:validateForm\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/Form/FileTransferAuthorizeForm.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\Local\\:\\:chmodJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/Local.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\Local\\:\\:connect\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/Local.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\Local\\:\\:copyFileJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/Local.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\Local\\:\\:createDirectoryJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/Local.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\Local\\:\\:removeDirectoryJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/Local.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\Local\\:\\:removeFileJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/Local.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\SSH\\:\\:chmodJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/SSH.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\SSH\\:\\:connect\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/SSH.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\SSH\\:\\:copyDirectoryJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/SSH.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\SSH\\:\\:copyFileJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/SSH.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\SSH\\:\\:createDirectoryJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/SSH.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\SSH\\:\\:removeDirectoryJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/SSH.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\FileTransfer\\\\SSH\\:\\:removeFileJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/FileTransfer/SSH.php',
-];
 $ignoreErrors[] = [
 	// identifier: missingType.return
 	'message' => '#^Method Drupal\\\\Core\\\\Flood\\\\DatabaseBackend\\:\\:catchException\\(\\) has no return type specified\\.$#',
@@ -11200,66 +10966,6 @@
 	'count' => 1,
 	'path' => __DIR__ . '/lib/Drupal/Core/Update/UpdateServiceProvider.php',
 ];
-$ignoreErrors[] = [
-	// identifier: return.missing
-	'message' => '#^Method Drupal\\\\Core\\\\Updater\\\\Module\\:\\:postUpdateTasks\\(\\) should return array but return statement is missing\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/Updater/Module.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\Updater\\\\Updater\\:\\:getBackupDir\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/Updater/Updater.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\Updater\\\\Updater\\:\\:makeBackup\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/Updater/Updater.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\Updater\\\\Updater\\:\\:makeWorldReadable\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/Updater/Updater.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\Updater\\\\Updater\\:\\:postInstall\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/Updater/Updater.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\Updater\\\\Updater\\:\\:postUpdate\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/Updater/Updater.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\Updater\\\\Updater\\:\\:prepareInstallDirectory\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/Updater/Updater.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\Updater\\\\UpdaterInterface\\:\\:getProjectName\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/Updater/UpdaterInterface.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\Updater\\\\UpdaterInterface\\:\\:postInstall\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/Updater/UpdaterInterface.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Core\\\\Updater\\\\UpdaterInterface\\:\\:postUpdate\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/lib/Drupal/Core/Updater/UpdaterInterface.php',
-];
 $ignoreErrors[] = [
 	// identifier: missingType.return
 	'message' => '#^Method Drupal\\\\Core\\\\Utility\\\\ProjectInfo\\:\\:processInfoList\\(\\) has no return type specified\\.$#',
@@ -35244,12 +34950,6 @@
 	'count' => 1,
 	'path' => __DIR__ . '/modules/system/src/Hook/SystemHooks.php',
 ];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\system\\\\Hook\\\\SystemHooks\\:\\:filetransferInfo\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/system/src/Hook/SystemHooks.php',
-];
 $ignoreErrors[] = [
 	// identifier: missingType.return
 	'message' => '#^Method Drupal\\\\system\\\\Hook\\\\SystemHooks\\:\\:help\\(\\) has no return type specified\\.$#',
@@ -35274,12 +34974,6 @@
 	'count' => 1,
 	'path' => __DIR__ . '/modules/system/src/Hook/SystemHooks.php',
 ];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\system\\\\Hook\\\\SystemHooks\\:\\:updaterInfo\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/system/src/Hook/SystemHooks.php',
-];
 $ignoreErrors[] = [
 	// identifier: missingType.return
 	'message' => '#^Method Drupal\\\\system\\\\Hook\\\\SystemTokensHooks\\:\\:tokenInfo\\(\\) has no return type specified\\.$#',
@@ -35484,24 +35178,6 @@
 	'count' => 1,
 	'path' => __DIR__ . '/modules/system/system.install',
 ];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Function system_authorized_batch_process\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/system/system.module',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Function system_authorized_init\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/system/system.module',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Function system_authorized_run\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/system/system.module',
-];
 $ignoreErrors[] = [
 	// identifier: missingType.return
 	'message' => '#^Function system_check_directory\\(\\) has no return type specified\\.$#',
@@ -39447,12 +39123,6 @@
 	'count' => 1,
 	'path' => __DIR__ . '/modules/system/tests/modules/session_test/src/Session/TestSessionBag.php',
 ];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\system_test\\\\Controller\\\\SystemTestController\\:\\:authorizeInit\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/system/tests/modules/system_test/src/Controller/SystemTestController.php',
-];
 $ignoreErrors[] = [
 	// identifier: missingType.return
 	'message' => '#^Method Drupal\\\\system_test\\\\Controller\\\\SystemTestController\\:\\:getCacheableResponseWithCustomCacheControl\\(\\) has no return type specified\\.$#',
@@ -39531,12 +39201,6 @@
 	'count' => 1,
 	'path' => __DIR__ . '/modules/system/tests/modules/system_test/src/Form/CopyFieldValueTestForm.php',
 ];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\system_test\\\\Hook\\\\SystemTestHooks\\:\\:filetransferInfo\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/system/tests/modules/system_test/src/Hook/SystemTestHooks.php',
-];
 $ignoreErrors[] = [
 	// identifier: missingType.return
 	'message' => '#^Method Drupal\\\\system_test\\\\Hook\\\\SystemTestHooks\\:\\:help\\(\\) has no return type specified\\.$#',
@@ -39567,12 +39231,6 @@
 	'count' => 1,
 	'path' => __DIR__ . '/modules/system/tests/modules/system_test/src/Hook/SystemTestHooks.php',
 ];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\system_test\\\\MockFileTransfer\\:\\:getSettingsForm\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/system/tests/modules/system_test/src/MockFileTransfer.php',
-];
 $ignoreErrors[] = [
 	// identifier: missingType.return
 	'message' => '#^Function _system_test_first_shutdown_function\\(\\) has no return type specified\\.$#',
@@ -40017,66 +39675,6 @@
 	'count' => 1,
 	'path' => __DIR__ . '/modules/system/tests/src/Functional/Entity/EntityReferenceFieldCreationTest.php',
 ];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Tests\\\\system\\\\Functional\\\\FileTransfer\\\\FileTransferTest\\:\\:_buildFakeModule\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/system/tests/src/Functional/FileTransfer/FileTransferTest.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Tests\\\\system\\\\Functional\\\\FileTransfer\\\\FileTransferTest\\:\\:_getFakeModuleFiles\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/system/tests/src/Functional/FileTransfer/FileTransferTest.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Tests\\\\system\\\\Functional\\\\FileTransfer\\\\MockTestConnection\\:\\:flushCommands\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/system/tests/src/Functional/FileTransfer/MockTestConnection.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Tests\\\\system\\\\Functional\\\\FileTransfer\\\\MockTestConnection\\:\\:run\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/system/tests/src/Functional/FileTransfer/MockTestConnection.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Tests\\\\system\\\\Functional\\\\FileTransfer\\\\TestFileTransfer\\:\\:chmodJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/system/tests/src/Functional/FileTransfer/TestFileTransfer.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Tests\\\\system\\\\Functional\\\\FileTransfer\\\\TestFileTransfer\\:\\:connect\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/system/tests/src/Functional/FileTransfer/TestFileTransfer.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Tests\\\\system\\\\Functional\\\\FileTransfer\\\\TestFileTransfer\\:\\:copyFileJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/system/tests/src/Functional/FileTransfer/TestFileTransfer.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Tests\\\\system\\\\Functional\\\\FileTransfer\\\\TestFileTransfer\\:\\:createDirectoryJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/system/tests/src/Functional/FileTransfer/TestFileTransfer.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Tests\\\\system\\\\Functional\\\\FileTransfer\\\\TestFileTransfer\\:\\:removeDirectoryJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/system/tests/src/Functional/FileTransfer/TestFileTransfer.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Tests\\\\system\\\\Functional\\\\FileTransfer\\\\TestFileTransfer\\:\\:removeFileJailed\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/system/tests/src/Functional/FileTransfer/TestFileTransfer.php',
-];
 $ignoreErrors[] = [
 	// identifier: empty.variable
 	'message' => '#^Variable \\$form_output in empty\\(\\) always exists and is not falsy\\.$#',
@@ -42999,42 +42597,6 @@
 	'count' => 1,
 	'path' => __DIR__ . '/modules/update/src/Controller/UpdateController.php',
 ];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\update\\\\Form\\\\UpdateManagerUpdate\\:\\:create\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/update/src/Form/UpdateManagerUpdate.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\update\\\\Form\\\\UpdateManagerUpdate\\:\\:removeCheckboxFromRow\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/update/src/Form/UpdateManagerUpdate.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\update\\\\Form\\\\UpdateManagerUpdate\\:\\:submitForm\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/update/src/Form/UpdateManagerUpdate.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\update\\\\Form\\\\UpdateManagerUpdate\\:\\:validateForm\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/update/src/Form/UpdateManagerUpdate.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\update\\\\Form\\\\UpdateReady\\:\\:create\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/update/src/Form/UpdateReady.php',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\update\\\\Form\\\\UpdateReady\\:\\:submitForm\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/update/src/Form/UpdateReady.php',
-];
 $ignoreErrors[] = [
 	// identifier: missingType.return
 	'message' => '#^Method Drupal\\\\update\\\\Hook\\\\UpdateHooks\\:\\:help\\(\\) has no return type specified\\.$#',
@@ -43071,12 +42633,6 @@
 	'count' => 1,
 	'path' => __DIR__ . '/modules/update/src/Hook/UpdateHooks.php',
 ];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\update\\\\Hook\\\\UpdateHooks\\:\\:verifyUpdateArchive\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/update/src/Hook/UpdateHooks.php',
-];
 $ignoreErrors[] = [
 	// identifier: missingType.return
 	'message' => '#^Method Drupal\\\\update\\\\ProjectCoreCompatibility\\:\\:setReleaseMessage\\(\\) has no return type specified\\.$#',
@@ -43089,12 +42645,6 @@
 	'count' => 1,
 	'path' => __DIR__ . '/modules/update/src/ProjectRelease.php',
 ];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\update\\\\Routing\\\\UpdateRouteSubscriber\\:\\:alterRoutes\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/update/src/Routing/UpdateRouteSubscriber.php',
-];
 $ignoreErrors[] = [
 	// identifier: missingType.return
 	'message' => '#^Method Drupal\\\\update\\\\UpdateManager\\:\\:fetchDataBatch\\(\\) has no return type specified\\.$#',
@@ -43299,24 +42849,12 @@
 	'count' => 1,
 	'path' => __DIR__ . '/modules/update/tests/src/Kernel/Migrate/d6/MigrateUpdateConfigsTest.php',
 ];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Tests\\\\update\\\\Unit\\\\Menu\\\\UpdateLocalTasksTest\\:\\:getUpdateModuleRoutes\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/update/tests/src/Unit/Menu/UpdateLocalTasksTest.php',
-];
 $ignoreErrors[] = [
 	// identifier: missingType.return
 	'message' => '#^Method Drupal\\\\Tests\\\\update\\\\Unit\\\\Menu\\\\UpdateLocalTasksTest\\:\\:getUpdateReportRoutes\\(\\) has no return type specified\\.$#',
 	'count' => 1,
 	'path' => __DIR__ . '/modules/update/tests/src/Unit/Menu/UpdateLocalTasksTest.php',
 ];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Method Drupal\\\\Tests\\\\update\\\\Unit\\\\Menu\\\\UpdateLocalTasksTest\\:\\:getUpdateThemeRoutes\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/update/tests/src/Unit/Menu/UpdateLocalTasksTest.php',
-];
 $ignoreErrors[] = [
 	// identifier: missingType.return
 	'message' => '#^Method Drupal\\\\Tests\\\\update\\\\Unit\\\\ProjectCoreCompatibilityTest\\:\\:providerSetProjectCoreCompatibilityRanges\\(\\) has no return type specified\\.$#',
@@ -43329,30 +42867,6 @@
 	'count' => 1,
 	'path' => __DIR__ . '/modules/update/tests/src/Unit/UpdateMailTest.php',
 ];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Function _update_authorize_clear_update_status\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/update/update.authorize.inc',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Function _update_batch_create_message\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/update/update.authorize.inc',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Function update_authorize_batch_copy_project\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/update/update.authorize.inc',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Function update_authorize_update_batch_finished\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/update/update.authorize.inc',
-];
 $ignoreErrors[] = [
 	// identifier: missingType.return
 	'message' => '#^Function update_calculate_project_update_status\\(\\) has no return type specified\\.$#',
@@ -43377,18 +42891,6 @@
 	'count' => 1,
 	'path' => __DIR__ . '/modules/update/update.install',
 ];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Function update_manager_batch_project_get\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/update/update.manager.inc',
-];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Function update_manager_download_batch_finished\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/update/update.manager.inc',
-];
 $ignoreErrors[] = [
 	// identifier: missingType.return
 	'message' => '#^Function _update_no_data\\(\\) has no return type specified\\.$#',
@@ -43401,12 +42903,6 @@
 	'count' => 1,
 	'path' => __DIR__ . '/modules/update/update.module',
 ];
-$ignoreErrors[] = [
-	// identifier: missingType.return
-	'message' => '#^Function update_clear_update_disk_cache\\(\\) has no return type specified\\.$#',
-	'count' => 1,
-	'path' => __DIR__ . '/modules/update/update.module',
-];
 $ignoreErrors[] = [
 	// identifier: missingType.return
 	'message' => '#^Function update_create_fetch_task\\(\\) has no return type specified\\.$#',
diff --git a/core/assets/scaffold/files/default.settings.php b/core/assets/scaffold/files/default.settings.php
index cd364bb00df011358baba3f44726acd6afb542a1..58b4e9df54d14e214f7cd68a452c40f0fde4440d 100644
--- a/core/assets/scaffold/files/default.settings.php
+++ b/core/assets/scaffold/files/default.settings.php
@@ -475,30 +475,6 @@
  */
 # $settings['class_loader_auto_detect'] = FALSE;
 
-/**
- * Authorized file system operations:
- *
- * The Update Manager module included with Drupal provides a mechanism for
- * site administrators to securely install missing updates for the site
- * directly through the web user interface. On securely-configured servers,
- * the Update manager will require the administrator to provide SSH or FTP
- * credentials before allowing the installation to proceed; this allows the
- * site to update the new files as the user who owns all the Drupal files,
- * instead of as the user the webserver is running as. On servers where the
- * webserver user is itself the owner of the Drupal files, the administrator
- * will not be prompted for SSH or FTP credentials (note that these server
- * setups are common on shared hosting, but are inherently insecure).
- *
- * Some sites might wish to disable the above functionality, and only update
- * the code directly via SSH or FTP themselves. This setting completely
- * disables all functionality related to these authorized file operations.
- *
- * @see https://www.drupal.org/node/244924
- *
- * Remove the leading hash signs to disable.
- */
-# $settings['allow_authorize_operations'] = FALSE;
-
 /**
  * Default mode for directories and files written by Drupal.
  *
diff --git a/core/assets/scaffold/files/htaccess b/core/assets/scaffold/files/htaccess
index 1ac01a117b276ec0db962c82d05ffca835d57832..9f6e48a929c89f0b87267bed9cf05e42b765c388 100644
--- a/core/assets/scaffold/files/htaccess
+++ b/core/assets/scaffold/files/htaccess
@@ -136,7 +136,7 @@ AddType image/webp .webp
   # Note: The following URI conditions are not anchored at the start (^),
   # because Drupal may be located in a subdirectory. To further improve
   # security, you can replace '!/' with '!^/'.
-  # Allow access to PHP files in /core (like authorize.php or install.php):
+  # Allow access to PHP files in /core (like install.php):
   RewriteCond %{REQUEST_URI} !/core/[^/]*\.php$
   # Allow access to test-specific PHP files:
   RewriteCond %{REQUEST_URI} !/core/modules/system/tests/https?\.php
diff --git a/core/authorize.php b/core/authorize.php
deleted file mode 100644
index 484b57fb7068305e119a135e8023f0b64a60249f..0000000000000000000000000000000000000000
--- a/core/authorize.php
+++ /dev/null
@@ -1,202 +0,0 @@
-<?php
-
-/**
- * @file
- * Administrative script for running authorized file operations.
- *
- * Using this script, the site owner (the user actually owning the files on the
- * webserver) can authorize certain file-related operations to proceed with
- * elevated privileges, for example to deploy and upgrade modules or themes.
- * Users should not visit this page directly, but instead use an administrative
- * user interface which knows how to redirect the user to this script as part of
- * a multistep process. This script actually performs the selected operations
- * without loading all of Drupal, to be able to more gracefully recover from
- * errors. Access to the script is controlled by a global kill switch in
- * settings.php ('allow_authorize_operations') and via the 'administer software
- * updates' permission.
- *
- * There are helper functions for setting up an operation to run via this
- * system in modules/system/system.module. For more information, see:
- * @link authorize Authorized operation helper functions @endlink
- */
-
-use Drupal\Core\DrupalKernel;
-use Drupal\Core\Form\EnforcedResponseException;
-use Drupal\Core\Url;
-use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface;
-use Symfony\Component\HttpFoundation\Request;
-use Symfony\Component\HttpFoundation\Response;
-use Drupal\Core\Site\Settings;
-use Drupal\Core\Routing\RouteObjectInterface;
-use Symfony\Component\Routing\Route;
-
-// Change the directory to the Drupal root.
-chdir('..');
-
-$autoloader = require_once 'autoload.php';
-
-/**
- * Global flag to identify update.php and authorize.php runs.
- *
- * Identifies update.php and authorize.php runs, avoiding unwanted operations
- * such as css/js preprocessing and translation, and solves some theming issues.
- * The flag is checked in other places in Drupal code (not just authorize.php).
- */
-const MAINTENANCE_MODE = 'update';
-
-/**
- * Determines if the current user is allowed to run authorize.php.
- *
- * The kill switch in settings.php overrides all else, otherwise, the user must
- * have access to the 'administer software updates' permission.
- *
- * @param \Symfony\Component\HttpFoundation\Request $request
- *   The incoming request.
- *
- * @return bool
- *   TRUE if the current user can run authorize.php, and FALSE if not.
- */
-function authorize_access_allowed(Request $request) {
-  $account = \Drupal::service('authentication')->authenticate($request);
-  if ($account) {
-    \Drupal::currentUser()->setAccount($account);
-  }
-  return Settings::get('allow_authorize_operations', TRUE) && \Drupal::currentUser()->hasPermission('administer software updates');
-}
-
-try {
-  $request = Request::createFromGlobals();
-  $kernel = DrupalKernel::createFromRequest($request, $autoloader, 'prod');
-  $kernel->boot();
-  // A route is required for route matching.
-  $request->attributes->set(RouteObjectInterface::ROUTE_OBJECT, new Route('<none>'));
-  $request->attributes->set(RouteObjectInterface::ROUTE_NAME, '<none>');
-  $kernel->preHandle($request);
-  // Ensure our request includes the session if appropriate.
-  if (PHP_SAPI !== 'cli') {
-    $request->setSession($kernel->getContainer()->get('session'));
-  }
-}
-catch (HttpExceptionInterface $e) {
-  $response = new Response('', $e->getStatusCode());
-  $response->prepare($request)->send();
-  exit;
-}
-
-// We have to enable the user and system modules, even to check access and
-// display errors via the maintenance theme.
-\Drupal::moduleHandler()->addModule('system', 'core/modules/system');
-\Drupal::moduleHandler()->addModule('user', 'core/modules/user');
-\Drupal::moduleHandler()->load('system');
-\Drupal::moduleHandler()->load('user');
-
-// Initialize the maintenance theme for this administrative script.
-drupal_maintenance_theme();
-
-$content = [];
-$show_messages = TRUE;
-
-$is_allowed = authorize_access_allowed($request);
-
-// Build content.
-if ($is_allowed) {
-  // Load both the Form API and Batch API.
-  require_once __DIR__ . '/includes/form.inc';
-  require_once __DIR__ . '/includes/batch.inc';
-
-  $page_title = $request->getSession()->get('authorize_page_title', t('Authorize file system changes'));
-
-  // See if we've run the operation and need to display a report.
-  if ($results = $request->getSession()->remove('authorize_results')) {
-
-    // Clear the session out.
-    $request->getSession()->remove('authorize_operation');
-    $request->getSession()->remove('authorize_filetransfer_info');
-
-    if (!empty($results['page_title'])) {
-      $page_title = $results['page_title'];
-    }
-    if (!empty($results['page_message'])) {
-      \Drupal::messenger()->addMessage($results['page_message']['message'], $results['page_message']['type']);
-    }
-
-    $content['authorize_report'] = [
-      '#theme' => 'authorize_report',
-      '#messages' => $results['messages'],
-    ];
-
-    if (is_array($results['tasks'])) {
-      $links = $results['tasks'];
-    }
-    else {
-      // Since this is being called outside of the primary front controller,
-      // the base_url needs to be set explicitly to ensure that links are
-      // relative to the site root.
-      // @todo Simplify with https://www.drupal.org/node/2548095
-      $default_options = [
-        '#type' => 'link',
-        '#options' => [
-          'absolute' => TRUE,
-          'base_url' => $GLOBALS['base_url'],
-        ],
-      ];
-      $links = [
-        $default_options + [
-          '#url' => Url::fromRoute('system.admin'),
-          '#title' => t('Administration pages'),
-        ],
-        $default_options + [
-          '#url' => Url::fromRoute('<front>'),
-          '#title' => t('Front page'),
-        ],
-      ];
-    }
-
-    $content['next_steps'] = [
-      '#theme' => 'item_list',
-      '#items' => $links,
-      '#title' => t('Next steps'),
-    ];
-  }
-  // If a batch is running, let it run.
-  elseif ($request->query->has('batch')) {
-    $content = _batch_page($request);
-    // If _batch_page() returns a response object (likely a JsonResponse for
-    // JavaScript-based batch processing), send it immediately.
-    if ($content instanceof Response) {
-      $content->send();
-      exit;
-    }
-  }
-  else {
-    if (!$request->getSession()->has('authorize_operation') || !$request->getSession()->has('authorize_filetransfer_info')) {
-      $content = ['#markup' => t('It appears you have reached this page in error.')];
-    }
-    elseif (!$batch = batch_get()) {
-      // We have a batch to process, show the filetransfer form.
-      try {
-        $content = \Drupal::formBuilder()->getForm('Drupal\Core\FileTransfer\Form\FileTransferAuthorizeForm');
-      }
-      catch (EnforcedResponseException $e) {
-        $e->getResponse()->send();
-        exit;
-      }
-    }
-  }
-  // We defer the display of messages until all operations are done.
-  $show_messages = !(($batch = batch_get()) && isset($batch['running']));
-}
-else {
-  \Drupal::logger('access denied')->warning('authorize.php');
-  $page_title = t('Access denied');
-  $content = ['#markup' => t('You are not allowed to access this page.')];
-}
-
-$bare_html_page_renderer = \Drupal::service('bare_html_page_renderer');
-$response = $bare_html_page_renderer->renderBarePage($content, $page_title, 'maintenance_page', [
-  '#show_messages' => $show_messages,
-]);
-if (!$is_allowed) {
-  $response->setStatusCode(403);
-}
-$response->send();
diff --git a/core/includes/common.inc b/core/includes/common.inc
index 0e6af7f9bbe04ae0bbab3ebef1b8f4b353ef64f9..fdcc987e59e3c4dbf1e703100107bd37aa751674 100644
--- a/core/includes/common.inc
+++ b/core/includes/common.inc
@@ -8,7 +8,6 @@
  * a cached page are instead located in bootstrap.inc.
  */
 
-use Drupal\Component\Utility\SortArray;
 use Drupal\Core\Cache\Cache;
 use Drupal\Core\DrupalKernel;
 
@@ -461,47 +460,3 @@ function drupal_flush_all_caches($kernel = NULL) {
     drupal_maintenance_theme();
   }
 }
-
-/**
- * Assembles the Drupal Updater registry.
- *
- * An Updater is a class that knows how to update various parts of the Drupal
- * file system, for example to update modules that have newer releases, or to
- * install a new theme.
- *
- * @return array
- *   The Drupal Updater class registry.
- *
- * @see \Drupal\Core\Updater\Updater
- * @see hook_updater_info()
- * @see hook_updater_info_alter()
- */
-function drupal_get_updaters() {
-  $updaters = &drupal_static(__FUNCTION__);
-  if (!isset($updaters)) {
-    $updaters = \Drupal::moduleHandler()->invokeAll('updater_info');
-    \Drupal::moduleHandler()->alter('updater_info', $updaters);
-    uasort($updaters, [SortArray::class, 'sortByWeightElement']);
-  }
-  return $updaters;
-}
-
-/**
- * Assembles the Drupal FileTransfer registry.
- *
- * @return array
- *   The Drupal FileTransfer class registry.
- *
- * @see \Drupal\Core\FileTransfer\FileTransfer
- * @see hook_filetransfer_info()
- * @see hook_filetransfer_info_alter()
- */
-function drupal_get_filetransfer_info() {
-  $info = &drupal_static(__FUNCTION__);
-  if (!isset($info)) {
-    $info = \Drupal::moduleHandler()->invokeAll('filetransfer_info');
-    \Drupal::moduleHandler()->alter('filetransfer_info', $info);
-    uasort($info, [SortArray::class, 'sortByWeightElement']);
-  }
-  return $info;
-}
diff --git a/core/includes/theme.maintenance.inc b/core/includes/theme.maintenance.inc
index dab448749dd9c333a11f6378430d39bc5cff6288..c3f3082ba82edbd60b37094d9e65c8cc03887965 100644
--- a/core/includes/theme.maintenance.inc
+++ b/core/includes/theme.maintenance.inc
@@ -96,39 +96,3 @@ function _drupal_maintenance_theme() {
   // Prime the theme registry.
   Drupal::service('theme.registry');
 }
-
-/**
- * Prepares variables for authorize.php operation report templates.
- *
- * This report displays the results of an operation run via authorize.php.
- *
- * Default template: authorize-report.html.twig.
- *
- * @param array $variables
- *   An associative array containing:
- *   - messages: An array of result messages.
- */
-function template_preprocess_authorize_report(&$variables): void {
-  $messages = [];
-  if (!empty($variables['messages'])) {
-    foreach ($variables['messages'] as $heading => $logs) {
-      $items = [];
-      foreach ($logs as $number => $log_message) {
-        if ($number === '#abort') {
-          continue;
-        }
-        $class = 'authorize-results__' . ($log_message['success'] ? 'success' : 'failure');
-        $items[] = [
-          '#wrapper_attributes' => ['class' => [$class]],
-          '#markup' => $log_message['message'],
-        ];
-      }
-      $messages[] = [
-        '#theme' => 'item_list',
-        '#items' => $items,
-        '#title' => $heading,
-      ];
-    }
-  }
-  $variables['messages'] = $messages;
-}
diff --git a/core/lib/Drupal/Core/DrupalKernel.php b/core/lib/Drupal/Core/DrupalKernel.php
index 14ac6baf6948fa9a1b8eaca78b4cf7c1fb023dda..da51beb2454aa31410208f89dfaa9b22c31451cd 100644
--- a/core/lib/Drupal/Core/DrupalKernel.php
+++ b/core/lib/Drupal/Core/DrupalKernel.php
@@ -1088,8 +1088,8 @@ protected function initializeRequestGlobals(Request $request) {
     // For a request URI of '/index.php/foo', $_SERVER['SCRIPT_NAME'] is
     // '/index.php', whereas $_SERVER['PHP_SELF'] is '/index.php/foo'.
     if ($dir = rtrim(dirname($request->server->get('SCRIPT_NAME')), '\/')) {
-      // Remove "core" directory if present, allowing install.php,
-      // authorize.php, and others to auto-detect a base path.
+      // Remove "core" directory if present, allowing install.php and others to
+      // auto-detect a base path.
       $core_position = strrpos($dir, '/core');
       if ($core_position !== FALSE && strlen($dir) - 5 == $core_position) {
         $base_path = substr($dir, 0, $core_position);
diff --git a/core/lib/Drupal/Core/Extension/module.api.php b/core/lib/Drupal/Core/Extension/module.api.php
index d84ee28f8b6ade54364c829394b0a24de065cd44..f8caf90e694ede6a38730412f11d63f6863e0276 100644
--- a/core/lib/Drupal/Core/Extension/module.api.php
+++ b/core/lib/Drupal/Core/Extension/module.api.php
@@ -999,68 +999,6 @@ function hook_update_last_removed(): int {
   return 8103;
 }
 
-/**
- * Provide information on Updaters (classes that can update Drupal).
- *
- * Drupal\Core\Updater\Updater is a class that knows how to update various parts
- * of the Drupal file system, for example to update modules that have newer
- * releases.
- *
- * @return array
- *   An associative array of information about the updater(s) being provided.
- *   This array is keyed by a unique identifier for each updater, and the
- *   values are subarrays that can contain the following keys:
- *   - class: The name of the PHP class which implements this updater.
- *   - name: Human-readable name of this updater.
- *   - weight: Controls what order the Updater classes are consulted to decide
- *     which one should handle a given task. When an update task is being run,
- *     the system will loop through all the Updater classes defined in this
- *     registry in weight order and let each class respond to the task and
- *     decide if each Updater wants to handle the task. In general, this
- *     doesn't matter, but if you need to override an existing Updater, make
- *     sure your Updater has a lighter weight so that it comes first.
- *
- * @ingroup update_api
- *
- * @see drupal_get_updaters()
- * @see hook_updater_info_alter()
- */
-function hook_updater_info() {
-  return [
-    'module' => [
-      'class' => 'Drupal\Core\Updater\Module',
-      'name' => t('Update modules'),
-      'weight' => 0,
-    ],
-    'theme' => [
-      'class' => 'Drupal\Core\Updater\Theme',
-      'name' => t('Update themes'),
-      'weight' => 0,
-    ],
-  ];
-}
-
-/**
- * Alter the Updater information array.
- *
- * An Updater is a class that knows how to update various parts of the Drupal
- * file system, for example to update modules that have newer releases.
- *
- * @param array $updaters
- *   Associative array of updaters as defined through hook_updater_info().
- *   Alter this array directly.
- *
- * @ingroup update_api
- *
- * @see drupal_get_updaters()
- * @see hook_updater_info()
- */
-function hook_updater_info_alter(&$updaters) {
-  // Adjust weight so that the theme Updater gets a chance to handle a given
-  // update task before module updaters.
-  $updaters['theme']['weight'] = -1;
-}
-
 /**
  * Check installation requirements and do status reporting.
  *
diff --git a/core/lib/Drupal/Core/File/file.api.php b/core/lib/Drupal/Core/File/file.api.php
index a6c15a7db2690a51fd72ce91f2a14b5559f91935..8e5b36859bc62aa97e85e3da9cd1c4b4c2ec8f29 100644
--- a/core/lib/Drupal/Core/File/file.api.php
+++ b/core/lib/Drupal/Core/File/file.api.php
@@ -143,60 +143,6 @@ function hook_archiver_info_alter(&$info) {
   $info['tar']['extensions'][] = 'tgz';
 }
 
-/**
- * Register information about FileTransfer classes provided by a module.
- *
- * The FileTransfer class allows transferring files over a specific type of
- * connection. Core provides classes for FTP and SSH. Contributed modules are
- * free to extend the FileTransfer base class to add other connection types,
- * and if these classes are registered via hook_filetransfer_info(), those
- * connection types will be available to site administrators using the Update
- * manager when they are redirected to the authorize.php script to authorize
- * the file operations.
- *
- * @return array
- *   Nested array of information about FileTransfer classes. Each key is a
- *   FileTransfer type (not human readable, used for form elements and
- *   variable names, etc), and the values are subarrays that define properties
- *   of that type. The keys in each subarray are:
- *   - 'title': Required. The human-readable name of the connection type.
- *   - 'class': Required. The name of the FileTransfer class. The constructor
- *     will always be passed the full path to the root of the site that should
- *     be used to restrict where file transfer operations can occur (the $jail)
- *     and an array of settings values returned by the settings form.
- *   - 'weight': Optional. Integer weight used for sorting connection types on
- *     the authorize.php form.
- *
- * @see \Drupal\Core\FileTransfer\FileTransfer
- * @see authorize.php
- * @see hook_filetransfer_info_alter()
- * @see drupal_get_filetransfer_info()
- */
-function hook_filetransfer_info() {
-  $info['sftp'] = [
-    'title' => t('SFTP (Secure FTP)'),
-    'class' => 'Drupal\Core\FileTransfer\SFTP',
-    'weight' => 10,
-  ];
-  return $info;
-}
-
-/**
- * Alter the FileTransfer class registry.
- *
- * @param array $filetransfer_info
- *   Reference to a nested array containing information about the FileTransfer
- *   class registry.
- *
- * @see hook_filetransfer_info()
- */
-function hook_filetransfer_info_alter(&$filetransfer_info) {
-  // Remove the FTP option entirely.
-  unset($filetransfer_info['ftp']);
-  // Make sure the SSH option is listed first.
-  $filetransfer_info['ssh']['weight'] = -10;
-}
-
 /**
  * @} End of "addtogroup hooks".
  */
diff --git a/core/lib/Drupal/Core/FileTransfer/ChmodInterface.php b/core/lib/Drupal/Core/FileTransfer/ChmodInterface.php
deleted file mode 100644
index f9b625f67c2a0f33cc1343298d1cf0a89d7c08f5..0000000000000000000000000000000000000000
--- a/core/lib/Drupal/Core/FileTransfer/ChmodInterface.php
+++ /dev/null
@@ -1,24 +0,0 @@
-<?php
-
-namespace Drupal\Core\FileTransfer;
-
-/**
- * Defines an interface to chmod files.
- */
-interface ChmodInterface {
-
-  /**
-   * Changes the permissions of the file / directory specified in $path.
-   *
-   * @param string $path
-   *   Path to change permissions of.
-   * @param int $mode
-   *   The new file permission mode to be passed to chmod().
-   * @param bool $recursive
-   *   Pass TRUE to recursively chmod the entire directory specified in $path.
-   *
-   * @see http://php.net/chmod
-   */
-  public function chmodJailed($path, $mode, $recursive);
-
-}
diff --git a/core/lib/Drupal/Core/FileTransfer/FTP.php b/core/lib/Drupal/Core/FileTransfer/FTP.php
deleted file mode 100644
index a7adcab2f444d48ab8475c8aa5b9216177e94ff4..0000000000000000000000000000000000000000
--- a/core/lib/Drupal/Core/FileTransfer/FTP.php
+++ /dev/null
@@ -1,49 +0,0 @@
-<?php
-
-namespace Drupal\Core\FileTransfer;
-
-/**
- * Defines the base class for FTP implementations.
- */
-abstract class FTP extends FileTransfer {
-
-  /**
-   * {@inheritdoc}
-   */
-  public function __construct($jail, $username, #[\SensitiveParameter] $password, $hostname, $port) {
-    $this->username = $username;
-    $this->password = $password;
-    $this->hostname = $hostname;
-    $this->port = $port;
-    parent::__construct($jail);
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public static function factory($jail, $settings) {
-    $username = empty($settings['username']) ? '' : $settings['username'];
-    $password = empty($settings['password']) ? '' : $settings['password'];
-    $hostname = empty($settings['advanced']['hostname']) ? 'localhost' : $settings['advanced']['hostname'];
-    $port = empty($settings['advanced']['port']) ? 21 : $settings['advanced']['port'];
-
-    if (function_exists('ftp_connect')) {
-      $class = 'Drupal\Core\FileTransfer\FTPExtension';
-    }
-    else {
-      throw new FileTransferException('No FTP backend available.');
-    }
-
-    return new $class($jail, $username, $password, $hostname, $port);
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function getSettingsForm() {
-    $form = parent::getSettingsForm();
-    $form['advanced']['port']['#default_value'] = 21;
-    return $form;
-  }
-
-}
diff --git a/core/lib/Drupal/Core/FileTransfer/FTPExtension.php b/core/lib/Drupal/Core/FileTransfer/FTPExtension.php
deleted file mode 100644
index 8a23d701bf35e3be8444249a42b2317dcc0bb63d..0000000000000000000000000000000000000000
--- a/core/lib/Drupal/Core/FileTransfer/FTPExtension.php
+++ /dev/null
@@ -1,120 +0,0 @@
-<?php
-
-namespace Drupal\Core\FileTransfer;
-
-/**
- * Defines a file transfer class using the PHP FTP extension.
- */
-class FTPExtension extends FTP implements ChmodInterface {
-
-  /**
-   * {@inheritdoc}
-   */
-  public function connect() {
-    $this->connection = ftp_connect($this->hostname, $this->port);
-
-    if (!$this->connection) {
-      throw new FileTransferException("Cannot connect to FTP Server, check settings");
-    }
-    if (!ftp_login($this->connection, $this->username, $this->password)) {
-      throw new FileTransferException("Cannot log in to FTP server. Check username and password");
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  protected function copyFileJailed($source, $destination) {
-    if (!@ftp_put($this->connection, $destination, $source, FTP_BINARY)) {
-      throw new FileTransferException("Cannot move @source to @destination", 0, ["@source" => $source, "@destination" => $destination]);
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  protected function createDirectoryJailed($directory) {
-    if (!ftp_mkdir($this->connection, $directory)) {
-      throw new FileTransferException("Cannot create directory @directory", 0, ["@directory" => $directory]);
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  protected function removeDirectoryJailed($directory) {
-    $pwd = ftp_pwd($this->connection);
-    if (!ftp_chdir($this->connection, $directory)) {
-      throw new FileTransferException("Unable to change the current directory to @directory", 0, ['@directory' => $directory]);
-    }
-    $list = @ftp_nlist($this->connection, '.');
-    if (!$list) {
-      $list = [];
-    }
-    foreach ($list as $item) {
-      if ($item == '.' || $item == '..') {
-        continue;
-      }
-      if (@ftp_chdir($this->connection, $item)) {
-        ftp_cdup($this->connection);
-        $this->removeDirectory(ftp_pwd($this->connection) . '/' . $item);
-      }
-      else {
-        $this->removeFile(ftp_pwd($this->connection) . '/' . $item);
-      }
-    }
-    ftp_chdir($this->connection, $pwd);
-    if (!ftp_rmdir($this->connection, $directory)) {
-      throw new FileTransferException("Unable to remove the directory @directory", 0, ['@directory' => $directory]);
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  protected function removeFileJailed($destination) {
-    if (!ftp_delete($this->connection, $destination)) {
-      throw new FileTransferException("Unable to remove the file @file", 0, ['@file' => $destination]);
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function isDirectory($path) {
-    $result = FALSE;
-    $curr = ftp_pwd($this->connection);
-    if (@ftp_chdir($this->connection, $path)) {
-      $result = TRUE;
-    }
-    ftp_chdir($this->connection, $curr);
-    return $result;
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function isFile($path) {
-    return ftp_size($this->connection, $path) != -1;
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function chmodJailed($path, $mode, $recursive) {
-    if (!ftp_chmod($this->connection, $mode, $path)) {
-      throw new FileTransferException("Unable to set permissions on %file", 0, ['%file' => $path]);
-    }
-    if ($this->isDirectory($path) && $recursive) {
-      $file_list = @ftp_nlist($this->connection, $path);
-      if (!$file_list) {
-        // Empty directory - returns false
-        return;
-      }
-      foreach ($file_list as $file) {
-        $this->chmodJailed($file, $mode, $recursive);
-      }
-    }
-  }
-
-}
diff --git a/core/lib/Drupal/Core/FileTransfer/FileTransfer.php b/core/lib/Drupal/Core/FileTransfer/FileTransfer.php
deleted file mode 100644
index af4951bfa46426edb465fa41a8c399fa8c1a67a5..0000000000000000000000000000000000000000
--- a/core/lib/Drupal/Core/FileTransfer/FileTransfer.php
+++ /dev/null
@@ -1,473 +0,0 @@
-<?php
-
-namespace Drupal\Core\FileTransfer;
-
-/**
- * Defines the base FileTransfer class.
- *
- * Classes extending this class perform file operations on directories not
- * writable by the webserver. To achieve this, the class should connect back
- * to the server using some backend (for example FTP or SSH). To keep security,
- * the password should always be asked from the user and never stored. For
- * safety, all methods operate only inside a "jail", by default the Drupal root.
- *
- * The following properties are managed by magic methods:
- *
- * @property string|false|null $chroot
- *   Path to connection chroot.
- * @property object|false|null $connection
- *   The instantiated connection object.
- */
-#[\AllowDynamicProperties]
-abstract class FileTransfer {
-
-  /**
-   * The username for this file transfer.
-   *
-   * @var string
-   */
-  protected $username;
-
-  /**
-   * The password for this file transfer.
-   *
-   * @var string
-   */
-  protected $password;
-
-  /**
-   * The hostname for this file transfer.
-   *
-   * @var string
-   */
-  protected $hostname = 'localhost';
-
-  /**
-   * The port for this file transfer.
-   *
-   * @var int
-   */
-  protected $port;
-
-  /**
-   * Full path to directory where file-transfer is restricted to.
-   *
-   * @var string
-   */
-  protected $jail;
-
-  /**
-   * Constructs a Drupal\Core\FileTransfer\FileTransfer object.
-   *
-   * @param $jail
-   *   The full path where all file operations performed by this object will
-   *   be restricted to. This prevents the FileTransfer classes from being
-   *   able to touch other parts of the filesystem.
-   */
-  public function __construct($jail) {
-    $this->jail = $jail;
-  }
-
-  /**
-   * Defines a factory method for this class.
-   *
-   * Classes that extend this class must override the factory() static method.
-   * They should return a new instance of the appropriate FileTransfer subclass.
-   *
-   * @param string $jail
-   *   The full path where all file operations performed by this object will
-   *   be restricted to. This prevents the FileTransfer classes from being
-   *   able to touch other parts of the filesystem.
-   * @param array $settings
-   *   An array of connection settings for the FileTransfer subclass. If the
-   *   getSettingsForm() method uses any nested settings, the same structure
-   *   will be assumed here.
-   *
-   * @return object
-   *   New instance of the appropriate FileTransfer subclass.
-   *
-   * @throws \Drupal\Core\FileTransfer\FileTransferException
-   */
-  public static function factory($jail, $settings) {
-    throw new FileTransferException('FileTransfer::factory() static method not overridden by FileTransfer subclass.');
-  }
-
-  /**
-   * Implements the magic __get() method.
-   *
-   * If the connection isn't set to anything, this will call the connect()
-   * method and return the result; afterwards, the connection will be returned
-   * directly without using this method.
-   *
-   * @param string $name
-   *   The name of the variable to return.
-   *
-   * @return string|bool
-   *   The variable specified in $name.
-   */
-  public function __get($name) {
-    if ($name == 'connection') {
-      $this->connect();
-      return $this->connection;
-    }
-
-    if ($name == 'chroot') {
-      $this->setChroot();
-      return $this->chroot;
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function __set(string $name, $value): void {
-    if ($name == 'connection') {
-      $this->connection = $value;
-    }
-    elseif ($name == 'chroot') {
-      $this->chroot = $value;
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function __isset(string $name): bool {
-    if ($name == 'connection') {
-      return isset($this->connection);
-    }
-    if ($name == 'chroot') {
-      return isset($this->chroot);
-    }
-    return FALSE;
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function __unset(string $name): void {
-    if ($name == 'connection') {
-      unset($this->connection);
-    }
-    elseif ($name == 'chroot') {
-      unset($this->chroot);
-    }
-  }
-
-  /**
-   * Connects to the server.
-   */
-  abstract public function connect();
-
-  /**
-   * Copies a directory.
-   *
-   * @param string $source
-   *   The source path.
-   * @param string $destination
-   *   The destination path.
-   */
-  final public function copyDirectory($source, $destination) {
-    $source = $this->sanitizePath($source);
-    $destination = $this->fixRemotePath($destination);
-    $this->checkPath($destination);
-    $this->copyDirectoryJailed($source, $destination);
-  }
-
-  /**
-   * Changes the permissions of the specified $path (file or directory).
-   *
-   * @param string $path
-   *   The file / directory to change the permissions of.
-   * @param int $mode
-   *   The new file permission mode to be passed to chmod().
-   * @param bool $recursive
-   *   Pass TRUE to recursively chmod the entire directory specified in $path.
-   *
-   * @throws \Drupal\Core\FileTransfer\FileTransferException
-   *
-   * @see http://php.net/chmod
-   */
-  final public function chmod($path, $mode, $recursive = FALSE) {
-    if (!($this instanceof ChmodInterface)) {
-      throw new FileTransferException('Unable to change file permissions');
-    }
-    $path = $this->sanitizePath($path);
-    $path = $this->fixRemotePath($path);
-    $this->checkPath($path);
-    $this->chmodJailed($path, $mode, $recursive);
-  }
-
-  /**
-   * Creates a directory.
-   *
-   * @param string $directory
-   *   The directory to be created.
-   */
-  final public function createDirectory($directory) {
-    $directory = $this->fixRemotePath($directory);
-    $this->checkPath($directory);
-    $this->createDirectoryJailed($directory);
-  }
-
-  /**
-   * Removes a directory.
-   *
-   * @param string $directory
-   *   The directory to be removed.
-   */
-  final public function removeDirectory($directory) {
-    $directory = $this->fixRemotePath($directory);
-    $this->checkPath($directory);
-    $this->removeDirectoryJailed($directory);
-  }
-
-  /**
-   * Copies a file.
-   *
-   * @param string $source
-   *   The source file.
-   * @param string $destination
-   *   The destination file.
-   */
-  final public function copyFile($source, $destination) {
-    $source = $this->sanitizePath($source);
-    $destination = $this->fixRemotePath($destination);
-    $this->checkPath($destination);
-    $this->copyFileJailed($source, $destination);
-  }
-
-  /**
-   * Removes a file.
-   *
-   * @param string $destination
-   *   The destination file to be removed.
-   */
-  final public function removeFile($destination) {
-    $destination = $this->fixRemotePath($destination);
-    $this->checkPath($destination);
-    $this->removeFileJailed($destination);
-  }
-
-  /**
-   * Checks that the path is inside the jail and throws an exception if not.
-   *
-   * @param string $path
-   *   A path to check against the jail.
-   *
-   * @throws \Drupal\Core\FileTransfer\FileTransferException
-   */
-  final protected function checkPath($path) {
-    $full_jail = $this->chroot . $this->jail;
-    $full_path = \Drupal::service('file_system')
-      ->realpath(substr($this->chroot . $path, 0, strlen($full_jail)));
-    $full_path = $this->fixRemotePath($full_path, FALSE);
-    if ($full_jail !== $full_path) {
-      throw new FileTransferException('@directory is outside of the @jail', 0, ['@directory' => $path, '@jail' => $this->jail]);
-    }
-  }
-
-  /**
-   * Returns a modified path suitable for passing to the server.
-   *
-   * If a path is a windows path, makes it POSIX compliant by removing the drive
-   * letter. If $this->chroot has a value and $strip_chroot is TRUE, it is
-   * stripped from the path to allow for chroot'd filetransfer systems.
-   *
-   * @param string $path
-   *   The path to modify.
-   * @param bool $strip_chroot
-   *   Whether to remove the path in $this->chroot.
-   *
-   * @return string
-   *   The modified path.
-   */
-  final protected function fixRemotePath($path, $strip_chroot = TRUE) {
-    $path = $this->sanitizePath($path);
-    // Strip out windows drive letter if its there.
-    $path = preg_replace('|^([a-z]{1}):|i', '', $path);
-    if ($strip_chroot) {
-      if ($this->chroot && str_starts_with($path, $this->chroot)) {
-        $path = ($path == $this->chroot) ? '' : substr($path, strlen($this->chroot));
-      }
-    }
-    return $path;
-  }
-
-  /**
-   * Changes backslashes to slashes, also removes a trailing slash.
-   *
-   * @param string $path
-   *   The path to modify.
-   *
-   * @return string
-   *   The modified path.
-   */
-  public function sanitizePath($path) {
-    // Windows path sanitization.
-    $path = str_replace('\\', '/', $path);
-    if (str_ends_with($path, '/')) {
-      $path = substr($path, 0, -1);
-    }
-    return $path;
-  }
-
-  /**
-   * Copies a directory.
-   *
-   * We need a separate method to make sure the $destination is in the jail.
-   *
-   * @param string $source
-   *   The source path.
-   * @param string $destination
-   *   The destination path.
-   */
-  protected function copyDirectoryJailed($source, $destination) {
-    if ($this->isDirectory($destination)) {
-      $destination = $destination . '/' . \Drupal::service('file_system')->basename($source);
-    }
-    $this->createDirectory($destination);
-    foreach (new \RecursiveIteratorIterator(new \RecursiveDirectoryIterator($source, \RecursiveDirectoryIterator::SKIP_DOTS), \RecursiveIteratorIterator::SELF_FIRST) as $filename => $file) {
-      $relative_path = substr($filename, strlen($source));
-      if ($file->isDir()) {
-        $this->createDirectory($destination . $relative_path);
-      }
-      else {
-        $this->copyFile($file->getPathName(), $destination . $relative_path);
-      }
-    }
-  }
-
-  /**
-   * Creates a directory.
-   *
-   * @param string $directory
-   *   The directory to be created.
-   */
-  abstract protected function createDirectoryJailed($directory);
-
-  /**
-   * Removes a directory.
-   *
-   * @param string $directory
-   *   The directory to be removed.
-   */
-  abstract protected function removeDirectoryJailed($directory);
-
-  /**
-   * Copies a file.
-   *
-   * @param string $source
-   *   The source file.
-   * @param string $destination
-   *   The destination file.
-   */
-  abstract protected function copyFileJailed($source, $destination);
-
-  /**
-   * Removes a file.
-   *
-   * @param string $destination
-   *   The destination file to be removed.
-   */
-  abstract protected function removeFileJailed($destination);
-
-  /**
-   * Checks if a particular path is a directory.
-   *
-   * @param string $path
-   *   The path to check
-   *
-   * @return bool
-   *   TRUE if the specified path is a directory, FALSE otherwise.
-   */
-  abstract public function isDirectory($path);
-
-  /**
-   * Checks if a particular path is a file (not a directory).
-   *
-   * @param string $path
-   *   The path to check.
-   *
-   * @return bool
-   *   TRUE if the specified path is a file, FALSE otherwise.
-   */
-  abstract public function isFile($path);
-
-  /**
-   * Returns the chroot property for this connection.
-   *
-   * It does this by moving up the tree until it finds itself
-   *
-   * @return string|bool
-   *   If successful, the chroot path for this connection, otherwise FALSE.
-   */
-  public function findChroot() {
-    // If the file exists as is, there is no chroot.
-    $path = __FILE__;
-    $path = $this->fixRemotePath($path, FALSE);
-    if ($this->isFile($path)) {
-      return FALSE;
-    }
-
-    $path = __DIR__;
-    $path = $this->fixRemotePath($path, FALSE);
-    $parts = explode('/', $path);
-    $chroot = '';
-    while (count($parts)) {
-      $check = implode('/', $parts);
-      if ($this->isFile($check . '/' . \Drupal::service('file_system')->basename(__FILE__))) {
-        // Remove the trailing slash.
-        return substr($chroot, 0, -1);
-      }
-      $chroot .= array_shift($parts) . '/';
-    }
-    return FALSE;
-  }
-
-  /**
-   * Sets the chroot and changes the jail to match the correct path scheme.
-   */
-  public function setChroot() {
-    $this->chroot = $this->findChroot();
-    $this->jail = $this->fixRemotePath($this->jail);
-  }
-
-  /**
-   * Returns a form to collect connection settings credentials.
-   *
-   * Implementing classes can either extend this form with fields collecting the
-   * specific information they need, or override it entirely.
-   *
-   * @return array
-   *   An array that contains a Form API definition.
-   */
-  public function getSettingsForm() {
-    $form['username'] = [
-      '#type' => 'textfield',
-      '#title' => t('Username'),
-    ];
-    $form['password'] = [
-      '#type' => 'password',
-      '#title' => t('Password'),
-      '#description' => t('Your password is not saved in the database and is only used to establish a connection.'),
-    ];
-    $form['advanced'] = [
-      '#type' => 'details',
-      '#title' => t('Advanced settings'),
-    ];
-    $form['advanced']['hostname'] = [
-      '#type' => 'textfield',
-      '#title' => t('Host'),
-      '#default_value' => 'localhost',
-      '#description' => t('The connection will be created between your web server and the machine hosting the web server files. In the vast majority of cases, this will be the same machine, and "localhost" is correct.'),
-    ];
-    $form['advanced']['port'] = [
-      '#type' => 'textfield',
-      '#title' => t('Port'),
-      '#default_value' => NULL,
-    ];
-    return $form;
-  }
-
-}
diff --git a/core/lib/Drupal/Core/FileTransfer/FileTransferException.php b/core/lib/Drupal/Core/FileTransfer/FileTransferException.php
deleted file mode 100644
index 502f957fb8420ad695858ccf7505ddd007465867..0000000000000000000000000000000000000000
--- a/core/lib/Drupal/Core/FileTransfer/FileTransferException.php
+++ /dev/null
@@ -1,32 +0,0 @@
-<?php
-
-namespace Drupal\Core\FileTransfer;
-
-/**
- * Exception thrown for file transfer errors.
- */
-class FileTransferException extends \RuntimeException {
-
-  /**
-   * Arguments to be used in this exception.
-   *
-   * @var array
-   */
-  public $arguments;
-
-  /**
-   * Constructs a FileTransferException object.
-   *
-   * @param string $message
-   *   Exception message.
-   * @param int $code
-   *   Exception code.
-   * @param array $arguments
-   *   Arguments to be used in this exception.
-   */
-  public function __construct($message, $code = 0, $arguments = []) {
-    parent::__construct($message, $code);
-    $this->arguments = $arguments;
-  }
-
-}
diff --git a/core/lib/Drupal/Core/FileTransfer/Form/FileTransferAuthorizeForm.php b/core/lib/Drupal/Core/FileTransfer/Form/FileTransferAuthorizeForm.php
deleted file mode 100644
index a1450b9b9ef374a93fc78958147fc9c57732732f..0000000000000000000000000000000000000000
--- a/core/lib/Drupal/Core/FileTransfer/Form/FileTransferAuthorizeForm.php
+++ /dev/null
@@ -1,327 +0,0 @@
-<?php
-
-namespace Drupal\Core\FileTransfer\Form;
-
-use Drupal\Core\Form\FormBase;
-use Drupal\Core\Form\FormStateInterface;
-use Drupal\Core\Render\Element;
-use Symfony\Component\DependencyInjection\ContainerInterface;
-use Symfony\Component\HttpFoundation\Response;
-
-/**
- * Provides the file transfer authorization form.
- *
- * @internal
- */
-class FileTransferAuthorizeForm extends FormBase {
-
-  /**
-   * The app root.
-   *
-   * @var string
-   */
-  protected $root;
-
-  /**
-   * Constructs a new FileTransferAuthorizeForm object.
-   *
-   * @param string $root
-   *   The app root.
-   */
-  public function __construct($root) {
-    $this->root = $root;
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public static function create(ContainerInterface $container) {
-    return new static($container->getParameter('app.root'));
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function getFormId() {
-    return 'authorize_filetransfer_form';
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function buildForm(array $form, FormStateInterface $form_state) {
-    // Get all the available ways to transfer files.
-    $available_backends = $this->getRequest()->getSession()->get('authorize_filetransfer_info', []);
-    if (empty($available_backends)) {
-      $this->messenger()->addError($this->t('Unable to continue, no available methods of file transfer'));
-      return [];
-    }
-
-    if (!$this->getRequest()->isSecure()) {
-      $form['information']['https_warning'] = [
-        '#prefix' => '<div class="messages messages--error">',
-        '#markup' => $this->t('WARNING: You are not using an encrypted connection, so your password will be sent in plain text. <a href=":https-link">Learn more</a>.', [':https-link' => 'https://www.drupal.org/https-information']),
-        '#suffix' => '</div>',
-      ];
-    }
-
-    // Decide on a default backend.
-    $authorize_filetransfer_default = $form_state->getValue(['connection_settings', 'authorize_filetransfer_default']);
-    if (!$authorize_filetransfer_default) {
-      $authorize_filetransfer_default = key($available_backends);
-    }
-
-    $form['information']['main_header'] = [
-      '#prefix' => '<h3>',
-      '#markup' => $this->t('To continue, provide your server connection details'),
-      '#suffix' => '</h3>',
-    ];
-
-    $form['connection_settings']['#tree'] = TRUE;
-    $form['connection_settings']['authorize_filetransfer_default'] = [
-      '#type' => 'select',
-      '#title' => $this->t('Connection method'),
-      '#default_value' => $authorize_filetransfer_default,
-      '#weight' => -10,
-    ];
-
-    /*
-     * Here we create two submit buttons. For a JS enabled client, they will
-     * only ever see submit_process. However, if a client doesn't have JS
-     * enabled, they will see submit_connection on the first form (when picking
-     * what filetransfer type to use, and submit_process on the second one (which
-     * leads to the actual operation).
-     */
-    $form['submit_connection'] = [
-      '#prefix' => "<br style='clear:both'/>",
-      '#name' => 'enter_connection_settings',
-      '#type' => 'submit',
-      '#value' => $this->t('Enter connection settings'),
-      '#weight' => 100,
-    ];
-
-    $form['submit_process'] = [
-      '#name' => 'process_updates',
-      '#type' => 'submit',
-      '#value' => $this->t('Continue'),
-      '#weight' => 100,
-    ];
-
-    // Build a container for each connection type.
-    foreach ($available_backends as $name => $backend) {
-      $form['connection_settings']['authorize_filetransfer_default']['#options'][$name] = $backend['title'];
-      $form['connection_settings'][$name] = [
-        '#type' => 'container',
-        '#attributes' => ['class' => ["filetransfer-$name", 'filetransfer']],
-        '#states' => [
-          'visible' => [
-            'select[name="connection_settings[authorize_filetransfer_default]"]' => ['value' => $name],
-          ],
-        ],
-      ];
-      // We can't use #prefix on the container itself since then the header won't
-      // be hidden and shown when the containers are being manipulated via JS.
-      $form['connection_settings'][$name]['header'] = [
-        '#markup' => '<h4>' . $this->t('@backend connection settings', ['@backend' => $backend['title']]) . '</h4>',
-      ];
-
-      $form['connection_settings'][$name] += $this->addConnectionSettings($name);
-
-      // Start non-JS code.
-      if ($form_state->getValue(['connection_settings', 'authorize_filetransfer_default']) == $name) {
-
-        // Change the submit button to the submit_process one.
-        $form['submit_process']['#attributes'] = [];
-        unset($form['submit_connection']);
-
-        // Activate the proper filetransfer settings form.
-        $form['connection_settings'][$name]['#attributes']['style'] = 'display:block';
-        // Disable the select box.
-        $form['connection_settings']['authorize_filetransfer_default']['#disabled'] = TRUE;
-
-        // Create a button for changing the type of connection.
-        $form['connection_settings']['change_connection_type'] = [
-          '#name' => 'change_connection_type',
-          '#type' => 'submit',
-          '#value' => $this->t('Change connection type'),
-          '#weight' => -5,
-          '#attributes' => ['class' => ['filetransfer-change-connection-type']],
-        ];
-      }
-      // End non-JS code.
-    }
-    return $form;
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function validateForm(array &$form, FormStateInterface $form_state) {
-    // Only validate the form if we have collected all of the user input and are
-    // ready to proceed with updating or installing.
-    if ($form_state->getTriggeringElement()['#name'] != 'process_updates') {
-      return;
-    }
-
-    if ($form_connection_settings = $form_state->getValue('connection_settings')) {
-      $backend = $form_connection_settings['authorize_filetransfer_default'];
-      $filetransfer = $this->getFiletransfer($backend, $form_connection_settings[$backend]);
-      try {
-        if (!$filetransfer) {
-          throw new \Exception("The connection protocol '$backend' does not exist.");
-        }
-        $filetransfer->connect();
-      }
-      catch (\Exception $e) {
-        // The format of this error message is similar to that used on the
-        // database connection form in the installer.
-        $form_state->setErrorByName('connection_settings', $this->t('Failed to connect to the server. The server reports the following message: <p class="error">@message</p> For more help adding or updating code on your server, see the <a href=":handbook_url">handbook</a>.', [
-          '@message' => $e->getMessage(),
-          ':handbook_url' => 'https://www.drupal.org/docs/extending-drupal/overview',
-        ]));
-      }
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function submitForm(array &$form, FormStateInterface $form_state) {
-    $form_connection_settings = $form_state->getValue('connection_settings');
-    switch ($form_state->getTriggeringElement()['#name']) {
-      case 'process_updates':
-
-        // Save the connection settings to the DB.
-        $filetransfer_backend = $form_connection_settings['authorize_filetransfer_default'];
-
-        // If the database is available then try to save our settings. We have
-        // to make sure it is available since this code could potentially (will
-        // likely) be called during the installation process, before the
-        // database is set up.
-        try {
-          $filetransfer = $this->getFiletransfer($filetransfer_backend, $form_connection_settings[$filetransfer_backend]);
-
-          // Now run the operation.
-          $response = $this->runOperation($filetransfer);
-          if ($response instanceof Response) {
-            $form_state->setResponse($response);
-          }
-        }
-        catch (\Exception) {
-          // If there is no database available, we don't care and just skip
-          // this part entirely.
-        }
-
-        break;
-
-      case 'enter_connection_settings':
-        $form_state->setRebuild();
-        break;
-
-      case 'change_connection_type':
-        $form_state->setRebuild();
-        $form_state->unsetValue(['connection_settings', 'authorize_filetransfer_default']);
-        break;
-    }
-  }
-
-  /**
-   * Gets a FileTransfer class for a specific transfer method and settings.
-   *
-   * @param $backend
-   *   The FileTransfer backend to get the class for.
-   * @param $settings
-   *   Array of settings for the FileTransfer.
-   *
-   * @return \Drupal\Core\FileTransfer\FileTransfer|bool
-   *   An instantiated FileTransfer object for the requested method and settings,
-   *   or FALSE if there was an error finding or instantiating it.
-   */
-  protected function getFiletransfer($backend, $settings = []) {
-    $filetransfer = FALSE;
-    $info = $this->getRequest()->getSession()->get('authorize_filetransfer_info', []);
-    if (!empty($info[$backend])) {
-      if (class_exists($info[$backend]['class'])) {
-        $filetransfer = $info[$backend]['class']::factory($this->root, $settings);
-      }
-    }
-    return $filetransfer;
-  }
-
-  /**
-   * Generates the Form API array for a given connection backend's settings.
-   *
-   * @param string $backend
-   *   The name of the backend (e.g. 'ftp', 'ssh', etc).
-   *
-   * @return array
-   *   Form API array of connection settings for the given backend.
-   *
-   * @see hook_filetransfer_backends()
-   */
-  protected function addConnectionSettings($backend) {
-    $defaults = [];
-    $form = [];
-
-    // Create an instance of the file transfer class to get its settings form.
-    $filetransfer = $this->getFiletransfer($backend);
-    if ($filetransfer) {
-      $form = $filetransfer->getSettingsForm();
-    }
-    // Fill in the defaults based on the saved settings, if any.
-    $this->setConnectionSettingsDefaults($form, NULL, $defaults);
-    return $form;
-  }
-
-  /**
-   * Sets the default settings on a file transfer connection form recursively.
-   *
-   * The default settings for the file transfer connection forms are saved in
-   * the database. The settings are stored as a nested array in the case of a
-   * settings form that has details or otherwise uses a nested structure.
-   * Therefore, to properly add defaults, we need to walk through all the
-   * children form elements and process those defaults recursively.
-   *
-   * @param $element
-   *   Reference to the Form API form element we're operating on.
-   * @param $key
-   *   The key for our current form element, if any.
-   * @param array $defaults
-   *   The default settings for the file transfer backend we're operating on.
-   */
-  protected function setConnectionSettingsDefaults(&$element, $key, array $defaults) {
-    // If we're operating on a form element which isn't a details, and we have
-    // a default setting saved, stash it in #default_value.
-    if (!empty($key) && isset($defaults[$key]) && isset($element['#type']) && $element['#type'] != 'details') {
-      $element['#default_value'] = $defaults[$key];
-    }
-    // Now, we walk through all the child elements, and recursively invoke
-    // ourselves on each one. Since the $defaults settings array can be nested
-    // (because of #tree, any values inside details will be nested), if
-    // there's a subarray of settings for the form key we're currently
-    // processing, pass in that subarray to the recursive call. Otherwise, just
-    // pass on the whole $defaults array.
-    foreach (Element::children($element) as $child_key) {
-      $this->setConnectionSettingsDefaults($element[$child_key], $child_key, ((isset($defaults[$key]) && is_array($defaults[$key])) ? $defaults[$key] : $defaults));
-    }
-  }
-
-  /**
-   * Runs the operation specified in 'authorize_operation' session property.
-   *
-   * @param $filetransfer
-   *   The FileTransfer object to use for running the operation.
-   *
-   * @return \Symfony\Component\HttpFoundation\Response|null
-   *   The result of running the operation. If this is an instance of
-   *   \Symfony\Component\HttpFoundation\Response the calling code should use
-   *   that response for the current page request.
-   */
-  protected function runOperation($filetransfer) {
-    $operation = $this->getRequest()->getSession()->remove('authorize_operation');
-
-    require_once $operation['file'];
-    return call_user_func_array($operation['callback'], array_merge([$filetransfer], $operation['arguments']));
-  }
-
-}
diff --git a/core/lib/Drupal/Core/FileTransfer/Local.php b/core/lib/Drupal/Core/FileTransfer/Local.php
deleted file mode 100644
index 791f01a4fc3e0c21156534f5ab2cb81cbb8eb78c..0000000000000000000000000000000000000000
--- a/core/lib/Drupal/Core/FileTransfer/Local.php
+++ /dev/null
@@ -1,128 +0,0 @@
-<?php
-
-namespace Drupal\Core\FileTransfer;
-
-use Drupal\Core\DependencyInjection\DependencySerializationTrait;
-use Drupal\Core\File\FileSystemInterface;
-
-/**
- * Defines the local connection class for copying files as the httpd user.
- */
-class Local extends FileTransfer implements ChmodInterface {
-
-  use DependencySerializationTrait;
-
-  /**
-   * The file system service.
-   *
-   * @var \Drupal\Core\File\FileSystemInterface
-   */
-  protected $fileSystem;
-
-  /**
-   * {@inheritdoc}
-   */
-  public function __construct($jail, FileSystemInterface $file_system) {
-    parent::__construct($jail);
-    $this->fileSystem = $file_system;
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function connect() {
-    // No-op
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public static function factory($jail, $settings) {
-    return new Local($jail, \Drupal::service('file_system'));
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  protected function copyFileJailed($source, $destination) {
-    if (@!copy($source, $destination)) {
-      throw new FileTransferException('Cannot copy %source to %destination.', 0, ['%source' => $source, '%destination' => $destination]);
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  protected function createDirectoryJailed($directory) {
-    if (!is_dir($directory) && @!mkdir($directory, 0777, TRUE)) {
-      throw new FileTransferException('Cannot create directory %directory.', 0, ['%directory' => $directory]);
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  protected function removeDirectoryJailed($directory) {
-    if (!is_dir($directory)) {
-      // Programmer error assertion, not something we expect users to see.
-      throw new FileTransferException('removeDirectoryJailed() called with a path (%directory) that is not a directory.', 0, ['%directory' => $directory]);
-    }
-    /** @var \Drupal\Core\File\FileSystemInterface $file_system */
-    $file_system = \Drupal::service('file_system');
-    foreach (new \RecursiveIteratorIterator(new \RecursiveDirectoryIterator($directory, \RecursiveDirectoryIterator::SKIP_DOTS), \RecursiveIteratorIterator::CHILD_FIRST) as $filename => $file) {
-      if ($file->isDir()) {
-        if (@!$file_system->rmdir($filename)) {
-          throw new FileTransferException('Cannot remove directory %directory.', 0, ['%directory' => $filename]);
-        }
-      }
-      elseif ($file->isFile()) {
-        if (@!$this->fileSystem->unlink($filename)) {
-          throw new FileTransferException('Cannot remove file %file.', 0, ['%file' => $filename]);
-        }
-      }
-    }
-    if (@!$file_system->rmdir($directory)) {
-      throw new FileTransferException('Cannot remove directory %directory.', 0, ['%directory' => $directory]);
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  protected function removeFileJailed($file) {
-    if (@!$this->fileSystem->unlink($file)) {
-      throw new FileTransferException('Cannot remove file %file.', 0, ['%file' => $file]);
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function isDirectory($path) {
-    return is_dir($path);
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function isFile($path) {
-    return is_file($path);
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function chmodJailed($path, $mode, $recursive) {
-    if ($recursive && is_dir($path)) {
-      foreach (new \RecursiveIteratorIterator(new \RecursiveDirectoryIterator($path, \RecursiveDirectoryIterator::SKIP_DOTS), \RecursiveIteratorIterator::SELF_FIRST) as $filename => $file) {
-        if (@!chmod($filename, $mode)) {
-          throw new FileTransferException('Cannot chmod %path.', 0, ['%path' => $filename]);
-        }
-      }
-    }
-    elseif (@!chmod($path, $mode)) {
-      throw new FileTransferException('Cannot chmod %path.', 0, ['%path' => $path]);
-    }
-  }
-
-}
diff --git a/core/lib/Drupal/Core/FileTransfer/SSH.php b/core/lib/Drupal/Core/FileTransfer/SSH.php
deleted file mode 100644
index 3fd71902131759fb12a4b62ce6c745388abd75ab..0000000000000000000000000000000000000000
--- a/core/lib/Drupal/Core/FileTransfer/SSH.php
+++ /dev/null
@@ -1,146 +0,0 @@
-<?php
-
-namespace Drupal\Core\FileTransfer;
-
-/**
- * The SSH connection class for the update module.
- */
-class SSH extends FileTransfer implements ChmodInterface {
-
-  /**
-   * {@inheritdoc}
-   */
-  public function __construct($jail, $username, #[\SensitiveParameter] $password, $hostname = "localhost", $port = 22) {
-    $this->username = $username;
-    $this->password = $password;
-    $this->hostname = $hostname;
-    $this->port = $port;
-    parent::__construct($jail);
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function connect() {
-    $this->connection = @ssh2_connect($this->hostname, $this->port);
-    if (!$this->connection) {
-      throw new FileTransferException('SSH Connection failed to @host:@port', 0, ['@host' => $this->hostname, '@port' => $this->port]);
-    }
-    if (!@ssh2_auth_password($this->connection, $this->username, $this->password)) {
-      throw new FileTransferException('The supplied username/password combination was not accepted.');
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public static function factory($jail, $settings) {
-    $username = empty($settings['username']) ? '' : $settings['username'];
-    $password = empty($settings['password']) ? '' : $settings['password'];
-    $hostname = empty($settings['advanced']['hostname']) ? 'localhost' : $settings['advanced']['hostname'];
-    $port = empty($settings['advanced']['port']) ? 22 : $settings['advanced']['port'];
-    return new SSH($jail, $username, $password, $hostname, $port);
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  protected function copyFileJailed($source, $destination) {
-    if (!@ssh2_scp_send($this->connection, $source, $destination)) {
-      throw new FileTransferException('Cannot copy @source_file to @destination_file.', 0, ['@source' => $source, '@destination' => $destination]);
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  protected function copyDirectoryJailed($source, $destination) {
-    if (@!ssh2_exec($this->connection, 'cp -Rp ' . escapeshellarg($source) . ' ' . escapeshellarg($destination))) {
-      throw new FileTransferException('Cannot copy directory @directory.', 0, ['@directory' => $source]);
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  protected function createDirectoryJailed($directory) {
-    if (@!ssh2_exec($this->connection, 'mkdir ' . escapeshellarg($directory))) {
-      throw new FileTransferException('Cannot create directory @directory.', 0, ['@directory' => $directory]);
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  protected function removeDirectoryJailed($directory) {
-    if (@!ssh2_exec($this->connection, 'rm -Rf ' . escapeshellarg($directory))) {
-      throw new FileTransferException('Cannot remove @directory.', 0, ['@directory' => $directory]);
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  protected function removeFileJailed($destination) {
-    if (!@ssh2_exec($this->connection, 'rm ' . escapeshellarg($destination))) {
-      throw new FileTransferException('Cannot remove @directory.', 0, ['@directory' => $destination]);
-    }
-  }
-
-  /**
-   * Implements Drupal\Core\FileTransfer\FileTransfer::isDirectory().
-   *
-   * WARNING: This is untested. It is not currently used, but should do the
-   * trick.
-   */
-  public function isDirectory($path) {
-    $directory = escapeshellarg($path);
-    $cmd = "[ -d {$directory} ] && echo 'yes'";
-    if ($output = @ssh2_exec($this->connection, $cmd)) {
-      if ($output == 'yes') {
-        return TRUE;
-      }
-      return FALSE;
-    }
-    else {
-      throw new FileTransferException('Cannot check @path.', 0, ['@path' => $path]);
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function isFile($path) {
-    $file = escapeshellarg($path);
-    $cmd = "[ -f {$file} ] && echo 'yes'";
-    if ($output = @ssh2_exec($this->connection, $cmd)) {
-      if ($output == 'yes') {
-        return TRUE;
-      }
-      return FALSE;
-    }
-    else {
-      throw new FileTransferException('Cannot check @path.', 0, ['@path' => $path]);
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function chmodJailed($path, $mode, $recursive) {
-    $cmd = sprintf("chmod %s%o %s", $recursive ? '-R ' : '', $mode, escapeshellarg($path));
-    if (@!ssh2_exec($this->connection, $cmd)) {
-      throw new FileTransferException('Cannot change permissions of @path.', 0, ['@path' => $path]);
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function getSettingsForm() {
-    $form = parent::getSettingsForm();
-    $form['advanced']['port']['#default_value'] = 22;
-    return $form;
-  }
-
-}
diff --git a/core/lib/Drupal/Core/Render/BareHtmlPageRendererInterface.php b/core/lib/Drupal/Core/Render/BareHtmlPageRendererInterface.php
index cc2021b1421176f8f6efbab8ad733317545874e8..92c9fc585efb2c672fc01dd4cec48cc0d47a314d 100644
--- a/core/lib/Drupal/Core/Render/BareHtmlPageRendererInterface.php
+++ b/core/lib/Drupal/Core/Render/BareHtmlPageRendererInterface.php
@@ -15,7 +15,6 @@
  * Examples of bare HTML pages are:
  * - install.php
  * - update.php
- * - authorize.php
  * - maintenance mode
  * - exception handlers
  *
diff --git a/core/lib/Drupal/Core/Theme/ThemeCommonElements.php b/core/lib/Drupal/Core/Theme/ThemeCommonElements.php
index a9ebe744004582b080e5c565ab905ef354c3a2c4..40198cc074d818b26a21fa6fb9027b58f954d39a 100644
--- a/core/lib/Drupal/Core/Theme/ThemeCommonElements.php
+++ b/core/lib/Drupal/Core/Theme/ThemeCommonElements.php
@@ -161,14 +161,6 @@ public static function commonElements(): array {
           'variant' => NULL,
         ],
       ],
-      'authorize_report' => [
-        'variables' => [
-          'messages' => [],
-          'attributes' => [],
-        ],
-        'includes' => ['core/includes/theme.maintenance.inc'],
-        'template' => 'authorize-report',
-      ],
       'pager' => [
         'render element' => 'pager',
       ],
diff --git a/core/lib/Drupal/Core/Updater/Module.php b/core/lib/Drupal/Core/Updater/Module.php
deleted file mode 100644
index 6c2d58f3a4995ce7c7cf3e9f4d3ec52ddfe1d7bf..0000000000000000000000000000000000000000
--- a/core/lib/Drupal/Core/Updater/Module.php
+++ /dev/null
@@ -1,85 +0,0 @@
-<?php
-
-namespace Drupal\Core\Updater;
-
-/**
- * Defines a class for updating modules.
- *
- * Uses Drupal\Core\FileTransfer\FileTransfer classes via authorize.php.
- */
-class Module extends Updater implements UpdaterInterface {
-
-  /**
-   * Returns the directory where a module should be installed.
-   *
-   * If the module is already installed, ModuleExtensionList::getPath() will
-   * return a valid path and we should install it there. If we're installing a
-   * new module, we always want it to go into /modules, since that's where all
-   * the documentation recommends users install their modules, and there's no
-   * way that can conflict on a multi-site installation, since the Update
-   * manager won't let you install a new module if it's already found on your
-   * system, and if there was a copy in the top-level we'd see it.
-   *
-   * @return string
-   *   The absolute path of the directory.
-   */
-  public function getInstallDirectory() {
-    if ($this->isInstalled() && ($relative_path = \Drupal::service('extension.list.module')->getPath($this->name))) {
-      // The return value of ExtensionList::getPath() is always relative to the
-      // site, so prepend DRUPAL_ROOT.
-      return DRUPAL_ROOT . '/' . dirname($relative_path);
-    }
-    else {
-      // When installing a new module, prepend the requested root directory.
-      return $this->root . '/' . $this->getRootDirectoryRelativePath();
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public static function getRootDirectoryRelativePath() {
-    return 'modules';
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function isInstalled() {
-    // Check if the module exists in the file system, regardless of whether it
-    // is enabled or not.
-    /** @var \Drupal\Core\Extension\ExtensionList $module_extension_list */
-    $module_extension_list = \Drupal::service('extension.list.module');
-    return $module_extension_list->exists($this->name);
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public static function canUpdateDirectory($directory) {
-    $info = static::getExtensionInfo($directory);
-
-    return (isset($info['type']) && $info['type'] == 'module');
-  }
-
-  /**
-   * Determines whether this class can update the specified project.
-   *
-   * @param string $project_name
-   *   The project to check.
-   *
-   * @return bool
-   */
-  public static function canUpdate($project_name) {
-    return (bool) \Drupal::service('extension.list.module')->getPath($project_name);
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function postUpdateTasks() {
-    // We don't want to check for DB updates here, we do that once for all
-    // updated modules on the landing page.
-  }
-
-}
diff --git a/core/lib/Drupal/Core/Updater/Theme.php b/core/lib/Drupal/Core/Updater/Theme.php
deleted file mode 100644
index 32da14d8feba308563ca5edcb356e88ad9f35723..0000000000000000000000000000000000000000
--- a/core/lib/Drupal/Core/Updater/Theme.php
+++ /dev/null
@@ -1,78 +0,0 @@
-<?php
-
-namespace Drupal\Core\Updater;
-
-/**
- * Defines a class for updating themes.
- *
- * Uses Drupal\Core\FileTransfer\FileTransfer classes via authorize.php.
- */
-class Theme extends Updater implements UpdaterInterface {
-
-  /**
-   * Returns the directory where a theme should be installed.
-   *
-   * If the theme is already installed,
-   * \Drupal::service('extension.list.theme')->getPath() will return a valid
-   * path and we should install it there. If we're installing a new theme, we
-   * always want it to go into /themes, since that's where all the
-   * documentation recommends users install their themes, and there's no way
-   * that can conflict on a multi-site installation, since the Update manager
-   * won't let you install a new theme if it's already found on your system,
-   * and if there was a copy in the top-level we'd see it.
-   *
-   * @return string
-   *   The absolute path of the directory.
-   */
-  public function getInstallDirectory() {
-    if ($this->isInstalled() && ($relative_path = \Drupal::service('extension.list.theme')->getPath($this->name))) {
-      // The return value of
-      // \Drupal::service('extension.list.theme')->getPath() is always relative
-      // to the site, so prepend DRUPAL_ROOT.
-      return DRUPAL_ROOT . '/' . dirname($relative_path);
-    }
-    else {
-      // When installing a new theme, prepend the requested root directory.
-      return $this->root . '/' . $this->getRootDirectoryRelativePath();
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public static function getRootDirectoryRelativePath() {
-    return 'themes';
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function isInstalled() {
-    // Check if the theme exists in the file system, regardless of whether it
-    // is enabled or not.
-    $themes = \Drupal::state()->get('system.theme.files', []);
-    return isset($themes[$this->name]);
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public static function canUpdateDirectory($directory) {
-    $info = static::getExtensionInfo($directory);
-
-    return (isset($info['type']) && $info['type'] == 'theme');
-  }
-
-  /**
-   * Determines whether this class can update the specified project.
-   *
-   * @param string $project_name
-   *   The project to check.
-   *
-   * @return bool
-   */
-  public static function canUpdate($project_name) {
-    return (bool) \Drupal::service('extension.list.theme')->getPath($project_name);
-  }
-
-}
diff --git a/core/lib/Drupal/Core/Updater/Updater.php b/core/lib/Drupal/Core/Updater/Updater.php
deleted file mode 100644
index ff9cd446da2d9ea50fc48a0b0256a56d0be78081..0000000000000000000000000000000000000000
--- a/core/lib/Drupal/Core/Updater/Updater.php
+++ /dev/null
@@ -1,437 +0,0 @@
-<?php
-
-namespace Drupal\Core\Updater;
-
-use Drupal\Core\FileTransfer\FileTransferException;
-use Drupal\Core\FileTransfer\FileTransfer;
-
-/**
- * Defines the base class for Updaters used in Drupal.
- */
-abstract class Updater {
-
-  /**
-   * Directory to install from.
-   *
-   * @var string
-   */
-  public $source;
-
-  /**
-   * The root directory under which new projects will be copied.
-   *
-   * @var string
-   */
-  protected $root;
-
-  /**
-   * The name of the project directory (basename).
-   */
-  protected string $name;
-
-  /**
-   * The title of the project.
-   */
-  protected string $title;
-
-  /**
-   * Constructs a new updater.
-   *
-   * @param string $source
-   *   Directory to install from.
-   * @param string $root
-   *   The root directory under which the project will be copied to if it's a
-   *   new project. Usually this is the app root (the directory in which the
-   *   Drupal site is installed).
-   */
-  public function __construct($source, $root) {
-    $this->source = $source;
-    $this->root = $root;
-    $this->name = self::getProjectName($source);
-    $this->title = self::getProjectTitle($source);
-  }
-
-  /**
-   * Returns an Updater of the appropriate type depending on the source.
-   *
-   * If a directory is provided which contains a module, will return a
-   * ModuleUpdater.
-   *
-   * @param string $source
-   *   Directory of a Drupal project.
-   * @param string $root
-   *   The root directory under which the project will be copied to if it's a
-   *   new project. Usually this is the app root (the directory in which the
-   *   Drupal site is installed).
-   *
-   * @return \Drupal\Core\Updater\Updater
-   *   A new Drupal\Core\Updater\Updater object.
-   *
-   * @throws \Drupal\Core\Updater\UpdaterException
-   */
-  public static function factory($source, $root) {
-    if (is_dir($source)) {
-      $updater = self::getUpdaterFromDirectory($source);
-    }
-    else {
-      throw new UpdaterException('Unable to determine the type of the source directory.');
-    }
-    return new $updater($source, $root);
-  }
-
-  /**
-   * Determines which Updater class can operate on the given directory.
-   *
-   * @param string $directory
-   *   Extracted Drupal project.
-   *
-   * @return string
-   *   The class name which can work with this project type.
-   *
-   * @throws \Drupal\Core\Updater\UpdaterException
-   */
-  public static function getUpdaterFromDirectory($directory) {
-    // Gets a list of possible implementing classes.
-    $updaters = drupal_get_updaters();
-    foreach ($updaters as $updater) {
-      $class = $updater['class'];
-      if (call_user_func([$class, 'canUpdateDirectory'], $directory)) {
-        return $class;
-      }
-    }
-    throw new UpdaterException('Cannot determine the type of project.');
-  }
-
-  /**
-   * Determines what the most important (or only) info file is in a directory.
-   *
-   * Since there is no enforcement of which info file is the project's "main"
-   * info file, this will get one with the same name as the directory, or the
-   * first one it finds.  Not ideal, but needs a larger solution.
-   *
-   * @param string $directory
-   *   Directory to search in.
-   *
-   * @return string
-   *   Path to the info file.
-   */
-  public static function findInfoFile($directory) {
-    /** @var \Drupal\Core\File\FileSystemInterface $file_system */
-    $file_system = \Drupal::service('file_system');
-    $info_files = [];
-    if (is_dir($directory)) {
-      $info_files = $file_system->scanDirectory($directory, '/.*\.info.yml$/');
-    }
-    if (!$info_files) {
-      return FALSE;
-    }
-    foreach ($info_files as $info_file) {
-      if (mb_substr($info_file->filename, 0, -9) == $file_system->basename($directory)) {
-        // Info file Has the same name as the directory, return it.
-        return $info_file->uri;
-      }
-    }
-    // Otherwise, return the first one.
-    $info_file = array_shift($info_files);
-    return $info_file->uri;
-  }
-
-  /**
-   * Get Extension information from directory.
-   *
-   * @param string $directory
-   *   Directory to search in.
-   *
-   * @return array
-   *   Extension info.
-   *
-   * @throws \Drupal\Core\Updater\UpdaterException
-   *   If the info parser does not provide any info.
-   */
-  protected static function getExtensionInfo($directory) {
-    $info_file = static::findInfoFile($directory);
-    $info = \Drupal::service('info_parser')->parse($info_file);
-    if (empty($info)) {
-      throw new UpdaterException("Unable to parse info file: '$info_file'.");
-    }
-
-    return $info;
-  }
-
-  /**
-   * Gets the name of the project directory (basename).
-   *
-   * @todo It would be nice, if projects contained an info file which could
-   *   provide their canonical name.
-   *
-   * @param string $directory
-   *   The full directory path.
-   *
-   * @return string
-   *   The name of the project.
-   */
-  public static function getProjectName($directory) {
-    return \Drupal::service('file_system')->basename($directory);
-  }
-
-  /**
-   * Returns the project name from a Drupal info file.
-   *
-   * @param string $directory
-   *   Directory to search for the info file.
-   *
-   * @return string
-   *   The title of the project.
-   *
-   * @throws \Drupal\Core\Updater\UpdaterException
-   */
-  public static function getProjectTitle($directory) {
-    $info_file = self::findInfoFile($directory);
-    $info = \Drupal::service('info_parser')->parse($info_file);
-    if (empty($info)) {
-      throw new UpdaterException("Unable to parse info file: '$info_file'.");
-    }
-    return $info['name'];
-  }
-
-  /**
-   * Returns the path to the default install location for the current project.
-   *
-   * @return string
-   *   The absolute path of the directory.
-   */
-  abstract public function getInstallDirectory();
-
-  /**
-   * Stores the default parameters for the Updater.
-   *
-   * @param array $overrides
-   *   An array of overrides for the default parameters.
-   *
-   * @return array
-   *   An array of configuration parameters for an update or install operation.
-   */
-  protected function getInstallArgs($overrides = []) {
-    $args = [
-      'make_backup' => FALSE,
-      'install_dir' => $this->getInstallDirectory(),
-      'backup_dir'  => $this->getBackupDir(),
-    ];
-    return array_merge($args, $overrides);
-  }
-
-  /**
-   * Updates a Drupal project and returns a list of next actions.
-   *
-   * @param \Drupal\Core\FileTransfer\FileTransfer $filetransfer
-   *   Object that is a child of FileTransfer. Used for moving files
-   *   to the server.
-   * @param array $overrides
-   *   An array of settings to override defaults; see self::getInstallArgs().
-   *
-   * @return array
-   *   An array of links which the user may need to complete the update
-   *
-   * @throws \Drupal\Core\Updater\UpdaterException
-   * @throws \Drupal\Core\Updater\UpdaterFileTransferException
-   */
-  public function update(&$filetransfer, $overrides = []) {
-    try {
-      // Establish arguments with possible overrides.
-      $args = $this->getInstallArgs($overrides);
-
-      // Take a Backup.
-      if ($args['make_backup']) {
-        $this->makeBackup($filetransfer, $args['install_dir'], $args['backup_dir']);
-      }
-
-      if (!$this->name) {
-        // This is bad, don't want to delete the install directory.
-        throw new UpdaterException('Fatal error in update, cowardly refusing to wipe out the install directory.');
-      }
-
-      // Make sure the installation parent directory exists and is writable.
-      $this->prepareInstallDirectory($filetransfer, $args['install_dir']);
-
-      if (is_dir($args['install_dir'] . '/' . $this->name)) {
-        // Remove the existing installed file.
-        $filetransfer->removeDirectory($args['install_dir'] . '/' . $this->name);
-      }
-
-      // Copy the directory in place.
-      $filetransfer->copyDirectory($this->source, $args['install_dir']);
-
-      // Make sure what we just installed is readable by the web server.
-      $this->makeWorldReadable($filetransfer, $args['install_dir'] . '/' . $this->name);
-
-      // Run the updates.
-      // @todo Decide if we want to implement this.
-      $this->postUpdate();
-
-      // For now, just return a list of links of things to do.
-      return $this->postUpdateTasks();
-    }
-    catch (FileTransferException $e) {
-      throw new UpdaterFileTransferException("File Transfer failed, reason: '" . strtr($e->getMessage(), $e->arguments) . "'");
-    }
-  }
-
-  /**
-   * Installs a Drupal project, returns a list of next actions.
-   *
-   * @param \Drupal\Core\FileTransfer\FileTransfer $filetransfer
-   *   Object that is a child of FileTransfer.
-   * @param array $overrides
-   *   An array of settings to override defaults; see self::getInstallArgs().
-   *
-   * @return array
-   *   An array of links which the user may need to complete the install.
-   *
-   * @throws \Drupal\Core\Updater\UpdaterFileTransferException
-   */
-  public function install(&$filetransfer, $overrides = []) {
-    @trigger_error(__METHOD__ . '() is deprecated in drupal:11.1.0 and is removed from drupal:12.0.0. There is no replacement. See https://www.drupal.org/node/3461934', E_USER_DEPRECATED);
-    try {
-      // Establish arguments with possible overrides.
-      $args = $this->getInstallArgs($overrides);
-
-      // Make sure the installation parent directory exists and is writable.
-      $this->prepareInstallDirectory($filetransfer, $args['install_dir']);
-
-      // Copy the directory in place.
-      $filetransfer->copyDirectory($this->source, $args['install_dir']);
-
-      // Make sure what we just installed is readable by the web server.
-      $this->makeWorldReadable($filetransfer, $args['install_dir'] . '/' . $this->name);
-
-      // Potentially enable something?
-      // @todo Decide if we want to implement this.
-      $this->postInstall();
-      // For now, just return a list of links of things to do.
-      return $this->postInstallTasks();
-    }
-    catch (FileTransferException $e) {
-      throw new UpdaterFileTransferException("File Transfer failed, reason: '" . strtr($e->getMessage(), $e->arguments) . "'");
-    }
-  }
-
-  /**
-   * Makes sure the installation parent directory exists and is writable.
-   *
-   * @param \Drupal\Core\FileTransfer\FileTransfer $filetransfer
-   *   Object which is a child of FileTransfer.
-   * @param string $directory
-   *   The installation directory to prepare.
-   *
-   * @throws \Drupal\Core\Updater\UpdaterException
-   */
-  public function prepareInstallDirectory(&$filetransfer, $directory) {
-    // Make the parent dir writable if need be and create the dir.
-    if (!is_dir($directory)) {
-      $parent_dir = dirname($directory);
-      if (!is_writable($parent_dir)) {
-        @chmod($parent_dir, 0755);
-        // It is expected that this will fail if the directory is owned by the
-        // FTP user. If the FTP user == web server, it will succeed.
-        try {
-          $filetransfer->createDirectory($directory);
-          $this->makeWorldReadable($filetransfer, $directory);
-        }
-        catch (FileTransferException $e) {
-          // Probably still not writable. Try to chmod and do it again.
-          // @todo Make a new exception class so we can catch it differently.
-          try {
-            $old_perms = fileperms($parent_dir) & 0777;
-            $filetransfer->chmod($parent_dir, 0755);
-            $filetransfer->createDirectory($directory);
-            $this->makeWorldReadable($filetransfer, $directory);
-            // Put the permissions back.
-            $filetransfer->chmod($parent_dir, $old_perms);
-          }
-          catch (FileTransferException $e) {
-            $message = t($e->getMessage(), $e->arguments);
-            $throw_message = t('Unable to create %directory due to the following: %reason', ['%directory' => $directory, '%reason' => $message]);
-            throw new UpdaterException($throw_message);
-          }
-        }
-        // Put the parent directory back.
-        @chmod($parent_dir, 0555);
-      }
-    }
-  }
-
-  /**
-   * Ensures that a given directory is world readable.
-   *
-   * @param \Drupal\Core\FileTransfer\FileTransfer $filetransfer
-   *   Object which is a child of FileTransfer.
-   * @param string $path
-   *   The file path to make world readable.
-   * @param bool $recursive
-   *   If the chmod should be applied recursively.
-   */
-  public function makeWorldReadable(&$filetransfer, $path, $recursive = TRUE) {
-    if (!is_executable($path)) {
-      // Set it to read + execute.
-      $new_perms = fileperms($path) & 0777 | 0005;
-      $filetransfer->chmod($path, $new_perms, $recursive);
-    }
-  }
-
-  /**
-   * Performs a backup.
-   *
-   * @param \Drupal\Core\FileTransfer\FileTransfer $filetransfer
-   *   Object which is a child of FileTransfer.
-   * @param string $from
-   *   The file path to copy from.
-   * @param string $to
-   *   The file path to copy to.
-   *
-   * @todo Not implemented: https://www.drupal.org/node/2474355
-   */
-  public function makeBackup(FileTransfer $filetransfer, $from, $to) {
-  }
-
-  /**
-   * Returns the full path to a directory where backups should be written.
-   */
-  public function getBackupDir() {
-    return \Drupal::service('stream_wrapper_manager')->getViaScheme('temporary')->getDirectoryPath();
-  }
-
-  /**
-   * Performs actions after installation.
-   */
-  public function postInstall() {
-    @trigger_error(__METHOD__ . '() is deprecated in drupal:11.1.0 and is removed from drupal:12.0.0. There is no replacement. See https://www.drupal.org/node/3461934', E_USER_DEPRECATED);
-  }
-
-  /**
-   * Returns an array of links to pages that should be visited post operation.
-   *
-   * @return array
-   *   Links which provide actions to take after the install is finished.
-   */
-  public function postInstallTasks() {
-    @trigger_error(__METHOD__ . '() is deprecated in drupal:11.1.0 and is removed from drupal:12.0.0. There is no replacement. See https://www.drupal.org/node/3461934', E_USER_DEPRECATED);
-    return [];
-  }
-
-  /**
-   * Performs actions after new code is updated.
-   */
-  public function postUpdate() {
-  }
-
-  /**
-   * Returns an array of links to pages that should be visited post operation.
-   *
-   * @return array
-   *   Links which provide actions to take after the update is finished.
-   */
-  public function postUpdateTasks() {
-    return [];
-  }
-
-}
diff --git a/core/lib/Drupal/Core/Updater/UpdaterException.php b/core/lib/Drupal/Core/Updater/UpdaterException.php
deleted file mode 100644
index e8a4994133e0ed8c0302b7ab08964d1a66dff2b5..0000000000000000000000000000000000000000
--- a/core/lib/Drupal/Core/Updater/UpdaterException.php
+++ /dev/null
@@ -1,12 +0,0 @@
-<?php
-
-namespace Drupal\Core\Updater;
-
-/**
- * Defines an Exception class for Drupal\Core\Updater\Updater class hierarchy.
- *
- * This is identical to the base Exception class, we just give it a more
- * specific name so that call sites that want to tell the difference can
- * specifically catch these exceptions and treat them differently.
- */
-class UpdaterException extends \Exception {}
diff --git a/core/lib/Drupal/Core/Updater/UpdaterFileTransferException.php b/core/lib/Drupal/Core/Updater/UpdaterFileTransferException.php
deleted file mode 100644
index 8c24701023bb5872cdf7a3190325cfc15ab28999..0000000000000000000000000000000000000000
--- a/core/lib/Drupal/Core/Updater/UpdaterFileTransferException.php
+++ /dev/null
@@ -1,16 +0,0 @@
-<?php
-
-namespace Drupal\Core\Updater;
-
-/**
- * Defines a child class of Drupal\Core\Updater\UpdaterException.
- *
- * Indicates a Drupal\Core\FileTransfer\FileTransfer exception.
- *
- * We have to catch Drupal\Core\FileTransfer\FileTransfer exceptions
- * and wrap those in t(), since Drupal\Core\FileTransfer\FileTransfer
- * is so low-level that it doesn't use any Drupal APIs and none of the strings
- * are translated.
- */
-class UpdaterFileTransferException extends UpdaterException {
-}
diff --git a/core/lib/Drupal/Core/Updater/UpdaterInterface.php b/core/lib/Drupal/Core/Updater/UpdaterInterface.php
deleted file mode 100644
index e925dd443306d70971372888c3dccb13adfbb25d..0000000000000000000000000000000000000000
--- a/core/lib/Drupal/Core/Updater/UpdaterInterface.php
+++ /dev/null
@@ -1,74 +0,0 @@
-<?php
-
-namespace Drupal\Core\Updater;
-
-/**
- * Defines an interface for a class which can update a Drupal project.
- *
- * An Updater currently serves the following purposes:
- *   - It can take a given directory, and determine if it can operate on it.
- *   - It can move the contents of that directory into the appropriate place
- *     on the system using FileTransfer classes.
- *   - It can return a list of "next steps" after an update or install.
- *   - In the future, it will most likely perform some of those steps as well.
- */
-interface UpdaterInterface {
-
-  /**
-   * Checks if the project is installed.
-   *
-   * @return bool
-   */
-  public function isInstalled();
-
-  /**
-   * Returns the system name of the project.
-   *
-   * @param string $directory
-   *   A directory containing a project.
-   */
-  public static function getProjectName($directory);
-
-  /**
-   * Returns the path to the default install location for the current project.
-   *
-   * @return string
-   *   An absolute path to the default install location.
-   */
-  public function getInstallDirectory();
-
-  /**
-   * Returns the name of the root directory under which projects will be copied.
-   *
-   * @return string
-   *   A relative path to the root directory.
-   */
-  public static function getRootDirectoryRelativePath();
-
-  /**
-   * Determines if the Updater can handle the project provided in $directory.
-   *
-   * @param string $directory
-   *   The directory.
-   *
-   * @return bool
-   *   TRUE if the project is installed, FALSE if not.
-   */
-  public static function canUpdateDirectory($directory);
-
-  /**
-   * Actions to run after an install has occurred.
-   *
-   * @deprecated in drupal:11.1.0 and is removed from drupal:12.0.0. There is no
-   *   replacement.
-   *
-   * @see https://www.drupal.org/node/3461934
-   */
-  public function postInstall();
-
-  /**
-   * Actions to run after an update has occurred.
-   */
-  public function postUpdate();
-
-}
diff --git a/core/modules/system/css/system.maintenance.css b/core/modules/system/css/system.maintenance.css
index efecda7e84808cccef8a22477887c9b0ccfcc658..3e23cd235501cbaf390e5859ab65b508a907b4f3 100644
--- a/core/modules/system/css/system.maintenance.css
+++ b/core/modules/system/css/system.maintenance.css
@@ -21,36 +21,3 @@
 .update-results .failure strong {
   color: #b63300;
 }
-
-/**
- * Authorize.php styles
- */
-#edit-submit-connection {
-  clear: both;
-}
-#edit-submit-process,
-.filetransfer {
-  display: none;
-  clear: both;
-}
-.js #edit-submit-connection {
-  display: none;
-}
-.js #edit-submit-process {
-  display: block;
-}
-
-#edit-connection-settings-change-connection-type {
-  margin: 2.6em 0.5em 0 1em; /* LTR */
-}
-[dir="rtl"] #edit-connection-settings-change-connection-type {
-  margin-right: 1em;
-  margin-left: 0.5em;
-}
-
-/**
- * Theme maintenance styles
- */
-.authorize-results__failure {
-  font-weight: bold;
-}
diff --git a/core/modules/system/src/Hook/SystemHooks.php b/core/modules/system/src/Hook/SystemHooks.php
index 90307fae353a82fd8a618c439f0b9a86da429f75..55f3892a039fb0bfd6eeea53bce9f90b37ada592 100644
--- a/core/modules/system/src/Hook/SystemHooks.php
+++ b/core/modules/system/src/Hook/SystemHooks.php
@@ -153,47 +153,6 @@ public function help($route_name, RouteMatchInterface $route_match) {
     }
   }
 
-  /**
-   * @} End of "defgroup authorize".
-   */
-
-  /**
-   * Implements hook_updater_info().
-   */
-  #[Hook('updater_info')]
-  public function updaterInfo() {
-    return [
-      'module' => [
-        'class' => 'Drupal\Core\Updater\Module',
-        'name' => t('Update modules'),
-        'weight' => 0,
-      ],
-      'theme' => [
-        'class' => 'Drupal\Core\Updater\Theme',
-        'name' => t('Update themes'),
-        'weight' => 0,
-      ],
-    ];
-  }
-
-  /**
-   * Implements hook_filetransfer_info().
-   */
-  #[Hook('filetransfer_info')]
-  public function filetransferInfo() {
-    $backends = [];
-    // This is the default, will be available on most systems.
-    if (function_exists('ftp_connect')) {
-      $backends['ftp'] = ['title' => t('FTP'), 'class' => 'Drupal\Core\FileTransfer\FTP', 'weight' => 0];
-    }
-    // SSH2 lib connection is only available if the proper PHP extension is
-    // installed.
-    if (function_exists('ssh2_connect')) {
-      $backends['ssh'] = ['title' => t('SSH'), 'class' => 'Drupal\Core\FileTransfer\SSH', 'weight' => 20];
-    }
-    return $backends;
-  }
-
   /**
    * Implements hook_js_settings_build().
    *
diff --git a/core/modules/system/system.module b/core/modules/system/system.module
index cdc25a2cc0493fd50c0969cbc05776b544ec03e4..edd5cb4fe51c53e5625155b49b58784fb46cf0c1 100644
--- a/core/modules/system/system.module
+++ b/core/modules/system/system.module
@@ -7,8 +7,6 @@
 use Drupal\Component\FileSecurity\FileSecurity;
 use Drupal\Core\Extension\Extension;
 use Drupal\Core\Form\FormStateInterface;
-use Drupal\Core\Url;
-use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface;
 
 /**
@@ -154,154 +152,6 @@ function template_preprocess_entity_add_list(&$variables): void {
   }
 }
 
-/**
- * @defgroup authorize Authorized operations
- * @{
- * Functions to run operations with elevated privileges via authorize.php.
- *
- * Because of the Update manager functionality included in Drupal core, there
- * is a mechanism for running operations with elevated file system privileges,
- * the top-level authorize.php script. This script runs at a reduced Drupal
- * bootstrap level so that it is not reliant on the entire site being
- * functional. The operations use a FileTransfer class to manipulate code
- * installed on the system as the user that owns the files, not the user that
- * the httpd is running as.
- *
- * The first setup is to define a callback function that should be authorized
- * to run with the elevated privileges. This callback should take a
- * FileTransfer as its first argument, although you can define an array of
- * other arguments it should be invoked with. The callback should be placed in
- * a separate .inc file that will be included by authorize.php.
- *
- * To run the operation, certain data must be saved into the SESSION, and then
- * the flow of control should be redirected to the authorize.php script. There
- * are two ways to do this, either to call system_authorized_run() directly,
- * or to call system_authorized_init() and then redirect to authorize.php,
- * using the URL from system_authorized_get_url(). Redirecting yourself is
- * necessary when your authorized operation is being triggered by a form
- * submit handler, since calling redirecting in a submit handler is a bad
- * idea, and you should instead use $form_state->setRedirect().
- *
- * Once the SESSION is setup for the operation and the user is redirected to
- * authorize.php, they will be prompted for their connection credentials (core
- * provides FTP and SSH by default, although other connection classes can be
- * added via contributed modules). With valid credentials, authorize.php will
- * instantiate the appropriate FileTransfer object, and then invoke the
- * desired operation passing in that object. The authorize.php script can act
- * as a Batch API processing page, if the operation requires a batch.
- *
- * @see authorize.php
- * @see \Drupal\Core\FileTransfer\FileTransfer
- * @see hook_filetransfer_info()
- */
-
-/**
- * Setup a given callback to run via authorize.php with elevated privileges.
- *
- * To use authorize.php, certain variables must be stashed in the user's
- * session. This function sets up all the necessary session variables. The
- * calling function should then redirect to authorize.php, using the full path
- * returned by system_authorized_get_url(). That initiates the workflow that
- * will eventually lead to the callback being invoked. The callback will be
- * invoked at a low bootstrap level, without all modules being invoked, so it
- * needs to be careful not to assume any code exists.
- * Example (system_authorized_run()):
- * @code
- *   system_authorized_init($callback, $file, $arguments, $page_title);
- *   return new RedirectResponse(system_authorized_get_url()->toString());
- * @endcode
- * Example (Drupal\update\Form\UpdateReady::submitForm()):
- * @code
- *  system_authorized_init('update_authorize_run_update',
- *    __DIR__ . '/../../update.authorize.inc',
- *    [$updates], $this->t('Update manager'));
- *  $form_state->setRedirectUrl(system_authorized_get_url());
- * @endcode
- *
- * @param callable $callback
- *   The name of the function to invoke once the user authorizes the operation.
- * @param $file
- *   The full path to the file where the callback function is implemented.
- * @param $arguments
- *   Optional array of arguments to pass into the callback when it is invoked.
- *   Note that the first argument to the callback is always the FileTransfer
- *   object created by authorize.php when the user authorizes the operation.
- * @param $page_title
- *   Optional string to use as the page title once redirected to authorize.php.
- */
-function system_authorized_init($callback, $file, $arguments = [], $page_title = NULL) {
-  $session = \Drupal::request()->getSession();
-  // First, figure out what file transfer backends the site supports, and put
-  // all of those in the SESSION so that authorize.php has access to all of
-  // them via the class autoloader, even without a full bootstrap.
-  $session->set('authorize_filetransfer_info', drupal_get_filetransfer_info());
-
-  // Now, define the callback to invoke.
-  $session->set('authorize_operation', [
-    'callback' => $callback,
-    'file' => $file,
-    'arguments' => $arguments,
-  ]);
-
-  if (isset($page_title)) {
-    $session->set('authorize_page_title', $page_title);
-  }
-}
-
-/**
- * Return the URL for the authorize.php script.
- *
- * @param array $options
- *   Optional array of options to set on the \Drupal\Core\Url object.
- *
- * @return \Drupal\Core\Url
- *   The full URL to authorize.php, using HTTPS if available.
- *
- * @see system_authorized_init()
- */
-function system_authorized_get_url(array $options = []) {
-  // core/authorize.php is an unrouted URL, so using the base: scheme is
-  // the correct usage for this case.
-  $url = Url::fromUri('base:core/authorize.php');
-  $url_options = $url->getOptions();
-  $url->setOptions($options + $url_options);
-  return $url;
-}
-
-/**
- * Returns the URL for the authorize.php script when it is processing a batch.
- *
- * @param array $options
- *   Optional array of options to set on the \Drupal\Core\Url object.
- *
- * @return \Drupal\Core\Url
- */
-function system_authorized_batch_processing_url(array $options = []) {
-  $options['query'] = ['batch' => '1'];
-  return system_authorized_get_url($options);
-}
-
-/**
- * Setup and invoke an operation using authorize.php.
- *
- * @see system_authorized_init()
- */
-function system_authorized_run($callback, $file, $arguments = [], $page_title = NULL) {
-  system_authorized_init($callback, $file, $arguments, $page_title);
-  return new RedirectResponse(system_authorized_get_url()->toString());
-}
-
-/**
- * Use authorize.php to run batch_process().
- *
- * @see batch_process()
- */
-function system_authorized_batch_process() {
-  $finish_url = system_authorized_get_url();
-  $process_url = system_authorized_batch_processing_url();
-  return batch_process($finish_url->setAbsolute()->toString(), $process_url);
-}
-
 /**
  * Implements hook_preprocess_HOOK() for block templates.
  */
diff --git a/core/modules/system/templates/authorize-report.html.twig b/core/modules/system/templates/authorize-report.html.twig
deleted file mode 100644
index 914458684775426c1b56fe4e3e7f7c39dda98b5a..0000000000000000000000000000000000000000
--- a/core/modules/system/templates/authorize-report.html.twig
+++ /dev/null
@@ -1,23 +0,0 @@
-{#
-/**
- * @file
- * Default theme implementation for authorize.php operation report templates.
- *
- * This report displays the results of an operation run via authorize.php.
- *
- * Available variables:
- * - messages: A list of result messages.
- * - attributes: HTML attributes for the element.
- *
- * @see template_preprocess_authorize_report()
- *
- * @ingroup themeable
- */
-#}
-{% if messages %}
-  <div{{ attributes.addClass('authorize-results') }}>
-    {% for message_group in messages %}
-      {{ message_group }}
-    {% endfor %}
-  </div>
-{% endif %}
diff --git a/core/modules/system/tests/modules/system_test/src/Controller/SystemTestController.php b/core/modules/system/tests/modules/system_test/src/Controller/SystemTestController.php
index abbe8970a43589d60141385e2a4e3907f0cbbdb4..1cda6f1ac668b3561524408359d3c10dfbc4ef99 100644
--- a/core/modules/system/tests/modules/system_test/src/Controller/SystemTestController.php
+++ b/core/modules/system/tests/modules/system_test/src/Controller/SystemTestController.php
@@ -17,9 +17,7 @@
 use Drupal\Core\Routing\TrustedRedirectResponse;
 use Drupal\Core\Security\TrustedCallbackInterface;
 use Drupal\Core\Session\AccountInterface;
-use Drupal\Core\Url;
 use Symfony\Component\DependencyInjection\Attribute\Autowire;
-use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 
@@ -286,17 +284,6 @@ public static function preRenderCacheTags($elements) {
     return $elements;
   }
 
-  /**
-   * Initialize authorize.php during testing.
-   *
-   * @see system_authorized_init()
-   */
-  public function authorizeInit($page_title) {
-    $authorize_url = Url::fromUri('base:core/authorize.php', ['absolute' => TRUE])->toString();
-    system_authorized_init('system_test_authorize_run', __DIR__ . '/../../system_test.module', [], $page_title);
-    return new RedirectResponse($authorize_url);
-  }
-
   /**
    * Sets a header.
    */
diff --git a/core/modules/system/tests/modules/system_test/src/Hook/SystemTestHooks.php b/core/modules/system/tests/modules/system_test/src/Hook/SystemTestHooks.php
index 805f612f2ec7bda128f1193604531a1505c0507b..ef3d925b64008d42c06e002293e10a3599dc1dc5 100644
--- a/core/modules/system/tests/modules/system_test/src/Hook/SystemTestHooks.php
+++ b/core/modules/system/tests/modules/system_test/src/Hook/SystemTestHooks.php
@@ -108,20 +108,6 @@ public function pageAttachments(array &$page): void {
     }
   }
 
-  /**
-   * Implements hook_filetransfer_info().
-   */
-  #[Hook('filetransfer_info')]
-  public function filetransferInfo() {
-    return [
-      'system_test' => [
-        'title' => t('System Test FileTransfer'),
-        'class' => 'Drupal\system_test\MockFileTransfer',
-        'weight' => -10,
-      ],
-    ];
-  }
-
   /**
    * Implements hook_module_preinstall().
    */
diff --git a/core/modules/system/tests/modules/system_test/src/MockFileTransfer.php b/core/modules/system/tests/modules/system_test/src/MockFileTransfer.php
deleted file mode 100644
index 7e4b669843d4ff2445a529f5cd4310258ac13b2a..0000000000000000000000000000000000000000
--- a/core/modules/system/tests/modules/system_test/src/MockFileTransfer.php
+++ /dev/null
@@ -1,34 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-namespace Drupal\system_test;
-
-/**
- * Mock FileTransfer object to test the settings form functionality.
- */
-class MockFileTransfer {
-
-  /**
-   * Returns a Drupal\system_test\MockFileTransfer object.
-   *
-   * @return \Drupal\system_test\MockFileTransfer
-   *   A new Drupal\system_test\MockFileTransfer object.
-   */
-  public static function factory() {
-    return new MockFileTransfer();
-  }
-
-  /**
-   * Returns a settings form with a text field to input a username.
-   */
-  public function getSettingsForm() {
-    $form = [];
-    $form['system_test_username'] = [
-      '#type' => 'textfield',
-      '#title' => t('System Test Username'),
-    ];
-    return $form;
-  }
-
-}
diff --git a/core/modules/system/tests/modules/system_test/system_test.routing.yml b/core/modules/system/tests/modules/system_test/system_test.routing.yml
index 449a0e38be4772b77ea39281ee00395dc496c92c..37e3b66716cd4e41d02524bc834f2c967d0f69d4 100644
--- a/core/modules/system/tests/modules/system_test/system_test.routing.yml
+++ b/core/modules/system/tests/modules/system_test/system_test.routing.yml
@@ -83,13 +83,6 @@ system_test.cache_max_age_page:
   requirements:
     _access: 'TRUE'
 
-system_test.authorize_init:
-  path: '/system-test/authorize-init/{page_title}'
-  defaults:
-    _controller: '\Drupal\system_test\Controller\SystemTestController::authorizeInit'
-  requirements:
-    _permission: 'administer software updates'
-
 system_test.set_header:
   path: '/system-test/set-header'
   defaults:
diff --git a/core/modules/system/tests/src/Functional/FileTransfer/FileTransferTest.php b/core/modules/system/tests/src/Functional/FileTransfer/FileTransferTest.php
deleted file mode 100644
index a20a387155efa8d57a5a324d1efffb96c68f5de7..0000000000000000000000000000000000000000
--- a/core/modules/system/tests/src/Functional/FileTransfer/FileTransferTest.php
+++ /dev/null
@@ -1,103 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-namespace Drupal\Tests\system\Functional\FileTransfer;
-
-use Drupal\Core\FileTransfer\FileTransferException;
-use Drupal\Core\StreamWrapper\PublicStream;
-use Drupal\Tests\BrowserTestBase;
-
-/**
- * Tests recursive file copy operations with the file transfer jail.
- *
- * @group FileTransfer
- */
-class FileTransferTest extends BrowserTestBase {
-
-  /**
-   * {@inheritdoc}
-   */
-  protected $defaultTheme = 'stark';
-
-  /**
-   * @var \Drupal\Tests\system\Functional\FileTransfer\TestFileTransfer
-   */
-  protected TestFileTransfer $testConnection;
-
-  /**
-   * {@inheritdoc}
-   */
-  protected function setUp(): void {
-    parent::setUp();
-    $this->testConnection = TestFileTransfer::factory($this->root, []);
-  }
-
-  public function _getFakeModuleFiles() {
-    $files = [
-      'fake.module',
-      'fake.info.yml',
-      'theme' => [
-        'fake.html.twig',
-      ],
-      'inc' => [
-        'fake.inc',
-      ],
-    ];
-    return $files;
-  }
-
-  public function _buildFakeModule() {
-    $location = 'temporary://fake';
-    if (is_dir($location)) {
-      $ret = 0;
-      $output = [];
-      exec('rm -Rf ' . escapeshellarg($location), $output, $ret);
-      if ($ret != 0) {
-        throw new \Exception('Error removing fake module directory.');
-      }
-    }
-
-    $files = $this->_getFakeModuleFiles();
-    $this->_writeDirectory($location, $files);
-    return $location;
-  }
-
-  public function _writeDirectory($base, $files = []): void {
-    mkdir($base);
-    foreach ($files as $key => $file) {
-      if (is_array($file)) {
-        $this->_writeDirectory($base . DIRECTORY_SEPARATOR . $key, $file);
-      }
-      else {
-        // Just write the filename into the file
-        file_put_contents($base . DIRECTORY_SEPARATOR . $file, $file);
-      }
-    }
-  }
-
-  public function testJail(): void {
-    $source = $this->_buildFakeModule();
-
-    // This convoluted piece of code is here because our testing framework does
-    // not support expecting exceptions.
-    $got_it = FALSE;
-    try {
-      $this->testConnection->copyDirectory($source, sys_get_temp_dir());
-    }
-    catch (FileTransferException) {
-      $got_it = TRUE;
-    }
-    $this->assertTrue($got_it, 'Was not able to copy a directory outside of the jailed area.');
-
-    $got_it = TRUE;
-    try {
-      $this->testConnection->copyDirectory($source, $this->root . '/' . PublicStream::basePath());
-    }
-    catch (FileTransferException) {
-      $got_it = FALSE;
-    }
-    $this->assertTrue($got_it, 'Was able to copy a directory inside of the jailed area');
-  }
-
-}
diff --git a/core/modules/system/tests/src/Functional/FileTransfer/MockTestConnection.php b/core/modules/system/tests/src/Functional/FileTransfer/MockTestConnection.php
deleted file mode 100644
index 5de24c61fc17ba9ccd95cf17106656d03e81cc94..0000000000000000000000000000000000000000
--- a/core/modules/system/tests/src/Functional/FileTransfer/MockTestConnection.php
+++ /dev/null
@@ -1,25 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-namespace Drupal\Tests\system\Functional\FileTransfer;
-
-/**
- * Mock connection object for test case.
- */
-class MockTestConnection {
-
-  protected $commandsRun = [];
-  public $connectionString;
-
-  public function run($cmd) {
-    $this->commandsRun[] = $cmd;
-  }
-
-  public function flushCommands() {
-    $out = $this->commandsRun;
-    $this->commandsRun = [];
-    return $out;
-  }
-
-}
diff --git a/core/modules/system/tests/src/Functional/FileTransfer/TestFileTransfer.php b/core/modules/system/tests/src/Functional/FileTransfer/TestFileTransfer.php
deleted file mode 100644
index fa82dd6a01c283c628d198971af439c590fff36c..0000000000000000000000000000000000000000
--- a/core/modules/system/tests/src/Functional/FileTransfer/TestFileTransfer.php
+++ /dev/null
@@ -1,79 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-namespace Drupal\Tests\system\Functional\FileTransfer;
-
-use Drupal\Core\FileTransfer\FileTransfer;
-
-/**
- * Mock FileTransfer object for test case.
- */
-class TestFileTransfer extends FileTransfer {
-
-  /**
-   * {@inheritdoc}
-   */
-  protected $host = '';
-
-  /**
-   * {@inheritdoc}
-   */
-  protected $username = '';
-
-  /**
-   * {@inheritdoc}
-   */
-  protected $password = '';
-
-  /**
-   * {@inheritdoc}
-   */
-  protected $port = 0;
-
-  /**
-   * This is for testing the CopyRecursive logic.
-   *
-   * @var bool
-   */
-  public $shouldIsDirectoryReturnTrue = FALSE;
-
-  public static function factory($jail, $settings) {
-    assert(is_array($settings));
-    return new TestFileTransfer($jail);
-  }
-
-  public function connect() {
-    $this->connection = new MockTestConnection();
-    // Access the connection via the property. The property used to be set via a
-    // magic method and this can cause problems if coded incorrectly.
-    $this->connection->connectionString = 'test://' . urlencode($this->username) . ':' . urlencode($this->password) . "@$this->host:$this->port/";
-  }
-
-  public function copyFileJailed($source, $destination) {
-    $this->connection->run("copyFile $source $destination");
-  }
-
-  protected function removeDirectoryJailed($directory) {
-    $this->connection->run("rmdir $directory");
-  }
-
-  public function createDirectoryJailed($directory) {
-    $this->connection->run("mkdir $directory");
-  }
-
-  public function removeFileJailed($destination) {
-    $this->connection->run("rm $destination");
-  }
-
-  public function isDirectory($path) {
-    return $this->shouldIsDirectoryReturnTrue;
-  }
-
-  public function isFile($path) {
-    return FALSE;
-  }
-
-  public function chmodJailed($path, $mode, $recursive) {}
-
-}
diff --git a/core/modules/system/tests/src/Functional/System/SystemAuthorizeTest.php b/core/modules/system/tests/src/Functional/System/SystemAuthorizeTest.php
deleted file mode 100644
index 2708034a1e869ccd2e2ff6857cd0379be12119a5..0000000000000000000000000000000000000000
--- a/core/modules/system/tests/src/Functional/System/SystemAuthorizeTest.php
+++ /dev/null
@@ -1,88 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-namespace Drupal\Tests\system\Functional\System;
-
-use Drupal\Tests\BrowserTestBase;
-
-/**
- * Tests the authorize.php script and related API.
- *
- * @group system
- */
-class SystemAuthorizeTest extends BrowserTestBase {
-
-  /**
-   * {@inheritdoc}
-   */
-  protected static $modules = ['system_test'];
-
-  /**
-   * {@inheritdoc}
-   */
-  protected $defaultTheme = 'stark';
-
-  /**
-   * {@inheritdoc}
-   */
-  protected function setUp(): void {
-    parent::setUp();
-
-    // Create an administrator user.
-    $this->drupalLogin($this->drupalCreateUser([
-      'administer software updates',
-    ]));
-  }
-
-  /**
-   * Helper function to initialize authorize.php and load it via drupalGet().
-   *
-   * Initializing authorize.php needs to happen in the child Drupal
-   * installation, not the parent. So, we visit a menu callback provided by
-   * system_test.module which calls system_authorized_init() to initialize the
-   * user's session inside the test site, not the framework site. This callback
-   * redirects to authorize.php when it's done initializing.
-   *
-   * @see system_authorized_init()
-   */
-  public function drupalGetAuthorizePHP($page_title = 'system-test-auth'): void {
-    $this->drupalGet('system-test/authorize-init/' . $page_title);
-  }
-
-  /**
-   * Tests the FileTransfer hooks.
-   */
-  public function testFileTransferHooks(): void {
-    $page_title = $this->randomMachineName(16);
-    $this->drupalGetAuthorizePHP($page_title);
-    $this->assertSession()->titleEquals("$page_title | Drupal");
-    $this->assertSession()->pageTextNotContains('It appears you have reached this page in error.');
-    $this->assertSession()->pageTextContains('To continue, provide your server connection details');
-    // Make sure we see the new connection method added by system_test.
-    $this->assertSession()->pageTextContains('System Test FileTransfer');
-    // Make sure the settings form callback works.
-    $this->assertSession()->pageTextContains('System Test Username');
-    // Test that \Drupal\Core\Render\BareHtmlPageRenderer adds assets as
-    // expected to the first page of the authorize.php script.
-    $this->assertSession()->responseContains('core/misc/states.js');
-  }
-
-  /**
-   * Tests error handling in authorize.php.
-   */
-  public function testError(): void {
-    $settings_filename = $this->siteDirectory . '/settings.php';
-    chmod($settings_filename, 0777);
-    $settings_php = file_get_contents($settings_filename);
-    $settings_php .= "\ndefine('SIMPLETEST_COLLECT_ERRORS', FALSE);\n";
-    $settings_php .= "\ntrigger_error('Test warning', E_USER_WARNING);\n";
-    file_put_contents($settings_filename, $settings_php);
-
-    $this->drupalGetAuthorizePHP();
-
-    $this->assertSession()->pageTextContains('User warning: Test warning');
-    $this->assertSession()->pageTextMatches('@line \d+ of sites/simpletest@');
-  }
-
-}
diff --git a/core/modules/system/tests/src/Unit/FileTransfer/FileTransferTest.php b/core/modules/system/tests/src/Unit/FileTransfer/FileTransferTest.php
deleted file mode 100644
index e13c7d7785153854ff7765e891cbd5058f4c76e9..0000000000000000000000000000000000000000
--- a/core/modules/system/tests/src/Unit/FileTransfer/FileTransferTest.php
+++ /dev/null
@@ -1,34 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-namespace Drupal\Tests\system\Unit\FileTransfer;
-
-use Drupal\Tests\system\Functional\FileTransfer\MockTestConnection;
-use Drupal\Tests\system\Functional\FileTransfer\TestFileTransfer;
-use Drupal\Tests\UnitTestCase;
-
-/**
- * @group FileTransfer
- */
-class FileTransferTest extends UnitTestCase {
-
-  /**
-   * @var \Drupal\Tests\system\Functional\FileTransfer\TestFileTransfer
-   */
-  protected TestFileTransfer $testConnection;
-
-  /**
-   * {@inheritdoc}
-   */
-  protected function setUp(): void {
-    parent::setUp();
-    $this->testConnection = TestFileTransfer::factory($this->root, []);
-  }
-
-  public function testFileTransferMagicMethods(): void {
-    // Test to ensure __get() preserves public access.
-    $this->assertInstanceOf(MockTestConnection::class, $this->testConnection->connection);
-  }
-
-}
diff --git a/core/modules/update/src/Form/UpdateManagerUpdate.php b/core/modules/update/src/Form/UpdateManagerUpdate.php
deleted file mode 100644
index ee3a6e16525bfe28d6b25a02ae29a695db2d814d..0000000000000000000000000000000000000000
--- a/core/modules/update/src/Form/UpdateManagerUpdate.php
+++ /dev/null
@@ -1,395 +0,0 @@
-<?php
-
-namespace Drupal\update\Form;
-
-use Drupal\Core\Batch\BatchBuilder;
-use Drupal\Core\Extension\ModuleHandlerInterface;
-use Drupal\Core\Form\FormBase;
-use Drupal\Core\Form\FormStateInterface;
-use Drupal\Core\Link;
-use Drupal\Core\State\StateInterface;
-use Drupal\Core\Url;
-use Drupal\Core\Extension\ExtensionVersion;
-use Drupal\update\ProjectRelease;
-use Drupal\update\UpdateFetcherInterface;
-use Drupal\update\UpdateManagerInterface;
-use Symfony\Component\DependencyInjection\ContainerInterface;
-
-/**
- * Configure update settings for this site.
- *
- * @internal
- */
-class UpdateManagerUpdate extends FormBase {
-
-  /**
-   * The module handler.
-   *
-   * @var \Drupal\Core\Extension\ModuleHandlerInterface
-   */
-  protected $moduleHandler;
-
-  /**
-   * The Drupal state storage service.
-   *
-   * @var \Drupal\Core\State\StateInterface
-   */
-  protected $state;
-
-  /**
-   * Constructs a new UpdateManagerUpdate object.
-   *
-   * @param \Drupal\Core\Extension\ModuleHandlerInterface $module_handler
-   *   The module handler.
-   * @param \Drupal\Core\State\StateInterface $state
-   *   The state service.
-   */
-  public function __construct(ModuleHandlerInterface $module_handler, StateInterface $state) {
-    $this->moduleHandler = $module_handler;
-    $this->state = $state;
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function getFormId() {
-    return 'update_manager_update_form';
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public static function create(ContainerInterface $container) {
-    return new static(
-      $container->get('module_handler'),
-      $container->get('state')
-    );
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function buildForm(array $form, FormStateInterface $form_state) {
-    $this->moduleHandler->loadInclude('update', 'inc', 'update.manager');
-
-    $form['last_check'] = [
-      '#theme' => 'update_last_check',
-      '#last' => $this->state->get('update.last_check', 0),
-    ];
-
-    if (!_update_manager_check_backends($form, 'update')) {
-      return $form;
-    }
-
-    $available = update_get_available(TRUE);
-    if (empty($available)) {
-      $form['message'] = [
-        '#markup' => $this->t('There was a problem getting update information. Try again later.'),
-      ];
-      return $form;
-    }
-
-    $form['#attached']['library'][] = 'update/drupal.update.admin';
-
-    // This will be a nested array. The first key is the kind of project, which
-    // can be either 'installed', 'uninstalled', 'manual' (projects which
-    // require manual updates, such as core). Then, each subarray is an array of
-    // projects of that type, indexed by project short name, and containing an
-    // array of data for cells in that project's row in the appropriate table.
-    $projects = [];
-
-    // This stores the actual download link we're going to update from for each
-    // project in the form, regardless of if it's installed or uninstalled.
-    $form['project_downloads'] = ['#tree' => TRUE];
-    $this->moduleHandler->loadInclude('update', 'inc', 'update.compare');
-    $project_data = update_calculate_project_data($available);
-
-    $fetch_failed = FALSE;
-    foreach ($project_data as $name => $project) {
-      if ($project['status'] === UpdateFetcherInterface::NOT_FETCHED) {
-        $fetch_failed = TRUE;
-      }
-
-      // Filter out projects which are up to date already.
-      if ($project['status'] == UpdateManagerInterface::CURRENT) {
-        continue;
-      }
-      // The project name to display can vary based on the info we have.
-      if (!empty($project['title'])) {
-        if (!empty($project['link'])) {
-          $project_name = Link::fromTextAndUrl($project['title'], Url::fromUri($project['link']))->toString();
-        }
-        else {
-          $project_name = $project['title'];
-        }
-      }
-      elseif (!empty($project['info']['name'])) {
-        $project_name = $project['info']['name'];
-      }
-      else {
-        $project_name = $name;
-      }
-      if ($project['project_type'] == 'theme' || $project['project_type'] == 'theme-uninstalled') {
-        $project_name .= ' ' . $this->t('(Theme)');
-      }
-
-      if (empty($project['recommended'])) {
-        // If we don't know what to recommend they upgrade to, we should skip
-        // the project entirely.
-        continue;
-      }
-
-      $recommended_release = ProjectRelease::createFromArray($project['releases'][$project['recommended']]);
-      $recommended_version = '{{ release_version }} (<a href="{{ release_link }}" title="{{ project_title }}">{{ release_notes }}</a>)';
-      $recommended_version_parser = ExtensionVersion::createFromVersionString($recommended_release->getVersion());
-      if ($recommended_version_parser->getMajorVersion() != $project['existing_major']) {
-        $recommended_version .= '<div title="{{ major_update_warning_title }}" class="update-major-version-warning">{{ major_update_warning_text }}</div>';
-      }
-
-      $recommended_version = [
-        '#type' => 'inline_template',
-        '#template' => $recommended_version,
-        '#context' => [
-          'release_version' => $recommended_release->getVersion(),
-          'release_link' => $recommended_release->getReleaseUrl(),
-          'project_title' => $this->t('Release notes for @project_title', ['@project_title' => $project['title']]),
-          'major_update_warning_title' => $this->t('Major upgrade warning'),
-          'major_update_warning_text' => $this->t('This update is a major version update which means that it may not be backwards compatible with your currently running version. It is recommended that you read the release notes and proceed at your own risk.'),
-          'release_notes' => $this->t('Release notes'),
-        ],
-      ];
-
-      // Create an entry for this project.
-      $entry = [
-        'title' => $project_name,
-        'installed_version' => $project['existing_version'],
-        'recommended_version' => ['data' => $recommended_version],
-      ];
-
-      switch ($project['status']) {
-        case UpdateManagerInterface::NOT_SECURE:
-        case UpdateManagerInterface::REVOKED:
-          $entry['title'] .= ' ' . $this->t('(Security update)');
-          $entry['#weight'] = -2;
-          $type = 'security';
-          break;
-
-        case UpdateManagerInterface::NOT_SUPPORTED:
-          $type = 'unsupported';
-          $entry['title'] .= ' ' . $this->t('(Unsupported)');
-          $entry['#weight'] = -1;
-          break;
-
-        case UpdateFetcherInterface::UNKNOWN:
-        case UpdateFetcherInterface::NOT_FETCHED:
-        case UpdateFetcherInterface::NOT_CHECKED:
-        case UpdateManagerInterface::NOT_CURRENT:
-          $type = 'recommended';
-          break;
-
-        default:
-          // Jump out of the switch and onto the next project in foreach.
-          continue 2;
-      }
-
-      // Use the project title for the tableselect checkboxes.
-      $entry['title'] = [
-        'data' => [
-          '#title' => $entry['title'],
-          '#markup' => $entry['title'],
-        ],
-      ];
-      $entry['#attributes'] = ['class' => ['update-' . $type]];
-
-      // Drupal core needs to be upgraded manually.
-      $needs_manual = $project['project_type'] == 'core';
-
-      // If the recommended release for a contributed project is not compatible
-      // with the currently installed version of core, list that project in a
-      // separate table. If core compatibility is not defined, it means we can't determine
-      // compatibility requirements (or we're looking at core), so we assume it
-      // is compatible.
-      $compatible = $recommended_release->isCoreCompatible() ?? TRUE;
-
-      if ($needs_manual) {
-        $this->removeCheckboxFromRow($entry);
-        $projects['manual'][$name] = $entry;
-      }
-      elseif (!$compatible) {
-        $this->removeCheckboxFromRow($entry);
-        // If the release has a core_compatibility_message, inject it.
-        if ($core_compatibility_message = $recommended_release->getCoreCompatibilityMessage()) {
-          // @todo In https://www.drupal.org/project/drupal/issues/3121769
-          //   refactor this into something theme-friendly so we don't have a
-          //   classless <div> here.
-          $entry['data']['recommended_version']['data']['#template'] .= ' <div>{{ core_compatibility_message }}</div>';
-          $entry['data']['recommended_version']['data']['#context']['core_compatibility_message'] = $core_compatibility_message;
-        }
-        $projects['not-compatible'][$name] = $entry;
-      }
-      else {
-        $form['project_downloads'][$name] = [
-          '#type' => 'value',
-          '#value' => $recommended_release->getDownloadUrl(),
-        ];
-
-        // Based on what kind of project this is, save the entry into the
-        // appropriate subarray.
-        switch ($project['project_type']) {
-          case 'module':
-          case 'theme':
-            $projects['installed'][$name] = $entry;
-            break;
-
-          case 'module-uninstalled':
-          case 'theme-uninstalled':
-            $projects['uninstalled'][$name] = $entry;
-            break;
-        }
-      }
-    }
-
-    if ($fetch_failed) {
-      $message = ['#theme' => 'update_fetch_error_message'];
-      $this->messenger()->addError(\Drupal::service('renderer')->renderInIsolation($message));
-    }
-
-    if (empty($projects)) {
-      $form['message'] = [
-        '#markup' => $this->t('All of your projects are up to date.'),
-      ];
-      return $form;
-    }
-
-    $headers = [
-      'title' => [
-        'data' => $this->t('Name'),
-        'class' => ['update-project-name'],
-      ],
-      'installed_version' => $this->t('Site version'),
-      'recommended_version' => $this->t('Recommended version'),
-    ];
-
-    if (!empty($projects['installed'])) {
-      $form['projects'] = [
-        '#type' => 'tableselect',
-        '#header' => $headers,
-        '#options' => $projects['installed'],
-      ];
-      if (!empty($projects['uninstalled'])) {
-        $form['projects']['#prefix'] = '<h2>' . $this->t('Installed') . '</h2>';
-      }
-    }
-
-    if (!empty($projects['uninstalled'])) {
-      $form['uninstalled_projects'] = [
-        '#type' => 'tableselect',
-        '#header' => $headers,
-        '#options' => $projects['uninstalled'],
-        '#weight' => 1,
-        '#prefix' => '<h2>' . $this->t('Uninstalled') . '</h2>',
-      ];
-    }
-
-    // If either table has been printed yet, we need a submit button and to
-    // validate the checkboxes.
-    if (!empty($projects['installed']) || !empty($projects['uninstalled'])) {
-      $form['actions'] = ['#type' => 'actions'];
-      $form['actions']['submit'] = [
-        '#type' => 'submit',
-        '#value' => $this->t('Download these updates'),
-      ];
-    }
-
-    if (!empty($projects['manual'])) {
-      $prefix = '<h2>' . $this->t('Manual updates required') . '</h2>';
-      $prefix .= '<p>' . $this->t('Automatic updates of Drupal core are not supported at this time.') . '</p>';
-      $form['manual_updates'] = [
-        '#type' => 'table',
-        '#header' => $headers,
-        '#rows' => $projects['manual'],
-        '#prefix' => $prefix,
-        '#weight' => 120,
-      ];
-    }
-
-    if (!empty($projects['not-compatible'])) {
-      $form['not_compatible'] = [
-        '#type' => 'table',
-        '#header' => $headers,
-        '#rows' => $projects['not-compatible'],
-        '#prefix' => '<h2>' . $this->t('Not compatible') . '</h2>',
-        '#weight' => 150,
-      ];
-    }
-
-    return $form;
-  }
-
-  /**
-   * Prepares a row entry for use in a regular table, not a 'tableselect'.
-   *
-   * There are no checkboxes in the 'Manual updates' or 'Not compatible' tables,
-   * so they will be rendered by '#theme' => 'table', not 'tableselect'. Since
-   * the data formats are incompatible, this method converts to the format
-   * expected by '#theme' => 'table'. Generally, rows end up in the main tables
-   * that have a checkbox to allow the site admin to select which missing
-   * updates to install. This method is only used for the special case tables
-   * that have no such checkbox.
-   *
-   * @todo In https://www.drupal.org/project/drupal/issues/3121775 refactor
-   *   self::buildForm() so that we don't need this method at all.
-   *
-   * @param array[] $row
-   *   The render array for a table row.
-   */
-  protected function removeCheckboxFromRow(array &$row) {
-    unset($row['#weight']);
-    $attributes = $row['#attributes'];
-    unset($row['#attributes']);
-    $row = [
-      'data' => $row,
-    ] + $attributes;
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function validateForm(array &$form, FormStateInterface $form_state) {
-    if (!$form_state->isValueEmpty('projects')) {
-      $installed = array_filter($form_state->getValue('projects'));
-    }
-    if (!$form_state->isValueEmpty('uninstalled_projects')) {
-      $uninstalled = array_filter($form_state->getValue('uninstalled_projects'));
-    }
-    if (empty($installed) && empty($uninstalled)) {
-      $form_state->setErrorByName('projects', $this->t('You must select at least one project to update.'));
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function submitForm(array &$form, FormStateInterface $form_state) {
-    $this->moduleHandler->loadInclude('update', 'inc', 'update.manager');
-    $projects = [];
-    foreach (['projects', 'uninstalled_projects'] as $type) {
-      if (!$form_state->isValueEmpty($type)) {
-        $projects = array_merge($projects, array_keys(array_filter($form_state->getValue($type))));
-      }
-    }
-    $batch_builder = (new BatchBuilder())
-      ->setFile($this->moduleHandler->getModule('update')->getPath() . '/update.manager.inc')
-      ->setTitle($this->t('Downloading updates'))
-      ->setInitMessage($this->t('Preparing to download selected updates'))
-      ->setFinishCallback('update_manager_download_batch_finished');
-    foreach ($projects as $project) {
-      $batch_builder->addOperation('update_manager_batch_project_get', [
-        $project,
-        $form_state->getValue(['project_downloads', $project]),
-      ]);
-    }
-    batch_set($batch_builder->toArray());
-  }
-
-}
diff --git a/core/modules/update/src/Form/UpdateReady.php b/core/modules/update/src/Form/UpdateReady.php
deleted file mode 100644
index 779ad5b5a1129dd9d86090ad600df5e3e4f85182..0000000000000000000000000000000000000000
--- a/core/modules/update/src/Form/UpdateReady.php
+++ /dev/null
@@ -1,174 +0,0 @@
-<?php
-
-namespace Drupal\update\Form;
-
-use Drupal\Core\Extension\ModuleHandlerInterface;
-use Drupal\Core\FileTransfer\Local;
-use Drupal\Core\Form\FormBase;
-use Drupal\Core\Form\FormStateInterface;
-use Drupal\Core\State\StateInterface;
-use Drupal\Core\Updater\Updater;
-use Symfony\Component\DependencyInjection\ContainerInterface;
-use Symfony\Component\HttpFoundation\Response;
-
-/**
- * Configure update settings for this site.
- *
- * @internal
- */
-class UpdateReady extends FormBase {
-
-  /**
-   * The root location under which updated projects will be saved.
-   *
-   * @var string
-   */
-  protected $root;
-
-  /**
-   * The module handler.
-   *
-   * @var \Drupal\Core\Extension\ModuleHandlerInterface
-   */
-  protected $moduleHandler;
-
-  /**
-   * The state key value store.
-   *
-   * @var \Drupal\Core\State\StateInterface
-   */
-  protected $state;
-
-  /**
-   * The Site path.
-   *
-   * @var string
-   */
-  protected $sitePath;
-
-  /**
-   * Constructs a new UpdateReady object.
-   *
-   * @param string $root
-   *   The root location under which updated projects will be saved.
-   * @param \Drupal\Core\Extension\ModuleHandlerInterface $module_handler
-   *   The object that manages installed modules in a Drupal installation.
-   * @param \Drupal\Core\State\StateInterface $state
-   *   The state key value store.
-   * @param string $site_path
-   *   The site path.
-   */
-  public function __construct($root, ModuleHandlerInterface $module_handler, StateInterface $state, $site_path) {
-    $this->root = $root;
-    $this->moduleHandler = $module_handler;
-    $this->state = $state;
-    $this->sitePath = $site_path;
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function getFormId() {
-    return 'update_manager_update_ready_form';
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public static function create(ContainerInterface $container) {
-    return new static(
-      $container->get('update.root'),
-      $container->get('module_handler'),
-      $container->get('state'),
-      $container->getParameter('site.path')
-    );
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function buildForm(array $form, FormStateInterface $form_state) {
-    $this->moduleHandler->loadInclude('update', 'inc', 'update.manager');
-    if (!_update_manager_check_backends($form, 'update')) {
-      return $form;
-    }
-
-    $form['backup'] = [
-      '#prefix' => '<strong>',
-      '#markup' => $this->t('Back up your database and site before you continue. <a href=":backup_url">Learn how</a>.', [':backup_url' => 'https://www.drupal.org/node/22281']),
-      '#suffix' => '</strong>',
-    ];
-
-    $form['maintenance_mode'] = [
-      '#title' => $this->t('Perform updates with site in maintenance mode (strongly recommended)'),
-      '#type' => 'checkbox',
-      '#default_value' => TRUE,
-    ];
-
-    $form['actions'] = ['#type' => 'actions'];
-    $form['actions']['submit'] = [
-      '#type' => 'submit',
-      '#value' => $this->t('Continue'),
-    ];
-
-    return $form;
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function submitForm(array &$form, FormStateInterface $form_state) {
-    $session = $this->getRequest()->getSession();
-    // Store maintenance_mode setting so we can restore it when done.
-    $session->set('maintenance_mode', $this->state->get('system.maintenance_mode'));
-    if ($form_state->getValue('maintenance_mode') == TRUE) {
-      $this->state->set('system.maintenance_mode', TRUE);
-    }
-
-    $projects = $session->remove('update_manager_update_projects');
-    if ($projects) {
-      // Make sure the Updater registry is loaded.
-      drupal_get_updaters();
-
-      $updates = [];
-      $directory = _update_manager_extract_directory();
-
-      $project_real_location = NULL;
-      foreach ($projects as $project => $url) {
-        $project_location = $directory . '/' . $project;
-        $updater = Updater::factory($project_location, $this->root);
-        $project_real_location = \Drupal::service('file_system')->realpath($project_location);
-        $updates[] = [
-          'project' => $project,
-          'updater_name' => get_class($updater),
-          'local_url' => $project_real_location,
-        ];
-      }
-
-      // If the owner of the last directory we extracted is the same as the
-      // owner of our configuration directory (e.g. sites/default) where we're
-      // trying to install the code, there's no need to prompt for FTP/SSH
-      // credentials. Instead, we instantiate a Drupal\Core\FileTransfer\Local
-      // and invoke update_authorize_run_update() directly.
-      if (fileowner($project_real_location) == fileowner($this->sitePath)) {
-        $this->moduleHandler->loadInclude('update', 'inc', 'update.authorize');
-        $filetransfer = new Local($this->root, \Drupal::service('file_system'));
-        $response = update_authorize_run_update($filetransfer, $updates);
-        if ($response instanceof Response) {
-          $form_state->setResponse($response);
-        }
-      }
-      // Otherwise, go through the regular workflow to prompt for FTP/SSH
-      // credentials and invoke update_authorize_run_update() indirectly with
-      // whatever FileTransfer object authorize.php creates for us.
-      else {
-        // The page title must be passed here to ensure it is initially used
-        // when authorize.php loads for the first time with the FTP/SSH
-        // credentials form.
-        system_authorized_init('update_authorize_run_update', __DIR__ . '/../../update.authorize.inc', [$updates], $this->t('Update manager'));
-        $form_state->setRedirectUrl(system_authorized_get_url());
-      }
-    }
-  }
-
-}
diff --git a/core/modules/update/src/Hook/UpdateHooks.php b/core/modules/update/src/Hook/UpdateHooks.php
index ff4e75054b1e2141a7ca05d98a7cd5a1ed604a7b..e94027f862025fce7cba759e5d456eae0ab08bc7 100644
--- a/core/modules/update/src/Hook/UpdateHooks.php
+++ b/core/modules/update/src/Hook/UpdateHooks.php
@@ -25,10 +25,6 @@ public function help($route_name, RouteMatchInterface $route_match) {
           ':update' => 'https://www.drupal.org/documentation/modules/update',
           ':modules' => Url::fromRoute('system.modules_list')->toString(),
         ]) . '</p>';
-        // Only explain the Update manager if it has not been uninstalled.
-        if (_update_manager_access()) {
-          $output .= '<p>' . t('The Update Manager also allows administrators to add and update modules and themes through the administration interface.') . '</p>';
-        }
         $output .= '<h2>' . t('Uses') . '</h2>';
         $output .= '<dl>';
         $output .= '<dt>' . t('Checking for available updates') . '</dt>';
@@ -36,15 +32,6 @@ public function help($route_name, RouteMatchInterface $route_match) {
           ':update-report' => Url::fromRoute('update.status')->toString(),
           ':update-settings' => Url::fromRoute('update.settings')->toString(),
         ]) . '</dd>';
-        // Only explain the Update manager if it has not been uninstalled.
-        if (_update_manager_access()) {
-          $output .= '<dt>' . t('Performing updates through the Update page') . '</dt>';
-          $output .= '<dd>' . t('The Update Manager module allows administrators to perform updates directly from the <a href=":update-page">Update page</a>. It lists all available updates, and you can confirm whether you want to download them. If you don\'t have sufficient access rights to your web server, you could be prompted for your FTP/SSH password. Afterwards the files are transferred into your site installation, overwriting your old files. Direct links to the Update page are also displayed on the <a href=":modules_page">Extend page</a> and the <a href=":themes_page">Appearance page</a>.', [
-            ':modules_page' => Url::fromRoute('system.modules_list')->toString(),
-            ':themes_page' => Url::fromRoute('system.themes_page')->toString(),
-            ':update-page' => Url::fromRoute('update.report_update')->toString(),
-          ]) . '</dd>';
-        }
         $output .= '</dl>';
         return $output;
 
@@ -71,14 +58,10 @@ public function pageTop(): void {
       $route_name = \Drupal::routeMatch()->getRouteName();
       switch ($route_name) {
         // These pages don't need additional nagging.
-        case 'update.theme_update':
-        case 'update.module_update':
         case 'update.status':
-        case 'update.report_update':
         case 'update.settings':
         case 'system.status':
         case 'system.theme_install':
-        case 'update.confirmation_page':
         case 'system.batch_page.html':
           return;
 
@@ -190,8 +173,6 @@ public function cron(): void {
       \Drupal::moduleHandler()->loadInclude('update', 'inc', 'update.fetch');
       _update_cron_notify();
     }
-    // Clear garbage from disk.
-    update_clear_update_disk_cache();
   }
 
   /**
@@ -257,9 +238,6 @@ public function mail($key, &$message, $params) {
       $message['body'][] = _update_message_text($msg_type, $msg_reason, $langcode);
     }
     $message['body'][] = t('See the available updates page for more information:', [], ['langcode' => $langcode]) . "\n" . Url::fromRoute('update.status', [], ['absolute' => TRUE, 'language' => $language])->toString();
-    if (_update_manager_access()) {
-      $message['body'][] = t('You can automatically download your missing updates using the Update manager:', [], ['langcode' => $langcode]) . "\n" . Url::fromRoute('update.report_update', [], ['absolute' => TRUE, 'language' => $language])->toString();
-    }
     $settings_url = Url::fromRoute('update.settings', [], ['absolute' => TRUE])->toString();
     if (\Drupal::config('update.settings')->get('notification.threshold') == 'all') {
       $message['body'][] = t('Your site is currently configured to send these emails when any updates are available. To get notified only for security updates, @url.', ['@url' => $settings_url]);
@@ -269,62 +247,4 @@ public function mail($key, &$message, $params) {
     }
   }
 
-  /**
-   * Implements hook_verify_update_archive().
-   *
-   * First, we ensure that the archive isn't a copy of Drupal core, which the
-   * update manager does not yet support. See https://www.drupal.org/node/606592.
-   *
-   * Then, we make sure that at least one module included in the archive file has
-   * an .info.yml file which claims that the code is compatible with the current
-   * version of Drupal core.
-   *
-   * @see \Drupal\Core\Extension\ExtensionDiscovery
-   */
-  #[Hook('verify_update_archive')]
-  public function verifyUpdateArchive($project, $archive_file, $directory) {
-    $errors = [];
-    // Make sure this isn't a tarball of Drupal core.
-    if (file_exists("{$directory}/{$project}/index.php") && file_exists("{$directory}/{$project}/core/install.php") && file_exists("{$directory}/{$project}/core/includes/bootstrap.inc") && file_exists("{$directory}/{$project}/core/modules/node/node.module") && file_exists("{$directory}/{$project}/core/modules/system/system.module")) {
-      return [
-        'no-core' => t('Automatic updating of Drupal core is not supported. See the <a href=":update-guide">Updating Drupal guide</a> for information on how to update Drupal core manually.', [
-          ':update-guide' => 'https://www.drupal.org/docs/updating-drupal',
-        ]),
-      ];
-    }
-    // Parse all the .info.yml files and make sure at least one is compatible with
-    // this version of Drupal core. If one is compatible, then the project as a
-    // whole is considered compatible (since, for example, the project may ship
-    // with some out-of-date modules that are not necessary for its overall
-    // functionality).
-    $compatible_project = FALSE;
-    $incompatible = [];
-    /** @var \Drupal\Core\File\FileSystemInterface $file_system */
-    $file_system = \Drupal::service('file_system');
-    $files = $file_system->scanDirectory("{$directory}/{$project}", '/.*\.info.yml$/', ['key' => 'name', 'min_depth' => 0]);
-    foreach ($files as $file) {
-      // Get the .info.yml file for the module or theme this file belongs to.
-      $info = \Drupal::service('info_parser')->parse($file->uri);
-      // If the module or theme is incompatible with Drupal core, set an error.
-      if ($info['core_incompatible']) {
-        $incompatible[] = !empty($info['name']) ? $info['name'] : t('Unknown');
-      }
-      else {
-        $compatible_project = TRUE;
-        break;
-      }
-    }
-    if (empty($files)) {
-      $errors[] = t('%archive_file does not contain any .info.yml files.', ['%archive_file' => $file_system->basename($archive_file)]);
-    }
-    elseif (!$compatible_project) {
-      $errors[] = \Drupal::translation()->formatPlural(count($incompatible), '%archive_file contains a version of %names that is not compatible with Drupal @version.', '%archive_file contains versions of modules or themes that are not compatible with Drupal @version: %names', [
-        '@version' => \Drupal::VERSION,
-        '%archive_file' => $file_system->basename($archive_file),
-        '%names' => implode(', ', $incompatible),
-      ]);
-    }
-    return $errors;
-  }
-
 }
diff --git a/core/modules/update/src/Routing/UpdateRouteSubscriber.php b/core/modules/update/src/Routing/UpdateRouteSubscriber.php
deleted file mode 100644
index 57ff5f456116fea1f1b7312c2116cf976fbab708..0000000000000000000000000000000000000000
--- a/core/modules/update/src/Routing/UpdateRouteSubscriber.php
+++ /dev/null
@@ -1,43 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-namespace Drupal\update\Routing;
-
-use Drupal\Core\Routing\RouteSubscriberBase;
-use Drupal\Core\Site\Settings;
-use Symfony\Component\Routing\RouteCollection;
-
-/**
- * Route subscriber for Update module routes.
- */
-class UpdateRouteSubscriber extends RouteSubscriberBase {
-
-  /**
-   * Constructs a new UpdateRouteSubscriber.
-   */
-  public function __construct(
-    protected Settings $settings,
-  ) {
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  protected function alterRoutes(RouteCollection $collection) {
-    if ($this->settings->get('allow_authorize_operations', TRUE)) {
-      return;
-    }
-    $routes = [
-      'update.report_update',
-      'update.module_update',
-      'update.theme_update',
-      'update.confirmation_page',
-    ];
-    foreach ($routes as $route) {
-      $route = $collection->get($route);
-      $route->setRequirement('_access', 'FALSE');
-    }
-  }
-
-}
diff --git a/core/modules/update/tests/modules/update_test/src/TestFileTransferWithSettingsForm.php b/core/modules/update/tests/modules/update_test/src/TestFileTransferWithSettingsForm.php
deleted file mode 100644
index fb9876079002cfbffc5e60a7cfd4fe958c84a7ea..0000000000000000000000000000000000000000
--- a/core/modules/update/tests/modules/update_test/src/TestFileTransferWithSettingsForm.php
+++ /dev/null
@@ -1,42 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-namespace Drupal\update_test;
-
-use Drupal\Core\FileTransfer\Local;
-
-/**
- * Provides an object to test the settings form functionality.
- *
- * This class extends \Drupal\Core\FileTransfer\Local to make module install
- * testing via \Drupal\Core\FileTransfer\Form\FileTransferAuthorizeForm and
- * authorize.php possible.
- *
- * @see \Drupal\update\Tests\FileTransferAuthorizeFormTest
- */
-class TestFileTransferWithSettingsForm extends Local {
-
-  /**
-   * Returns a Drupal\update_test\TestFileTransferWithSettingsForm object.
-   *
-   * @return static
-   *   A new Drupal\update_test\TestFileTransferWithSettingsForm object.
-   */
-  public static function factory($jail, $settings) {
-    return new static($jail, \Drupal::service('file_system'));
-  }
-
-  /**
-   * Returns a settings form with a text field to input a username.
-   */
-  public function getSettingsForm() {
-    $form = [];
-    $form['update_test_username'] = [
-      '#type' => 'textfield',
-      '#title' => t('Update Test Username'),
-    ];
-    return $form;
-  }
-
-}
diff --git a/core/modules/update/tests/src/Functional/UpdateContribTest.php b/core/modules/update/tests/src/Functional/UpdateContribTest.php
index dd64cda629231e69c3184bd9088db3fef1290dc7..8dd6f4460ad6d8bbd9fabcf4a05d1d1c1b2a0f46 100644
--- a/core/modules/update/tests/src/Functional/UpdateContribTest.php
+++ b/core/modules/update/tests/src/Functional/UpdateContribTest.php
@@ -535,16 +535,6 @@ public function testHookUpdateStatusAlter(): void {
     $this->assertSession()->pageTextNotContains('Security update required!');
     $this->assertSession()->linkExists('AAA Update test');
     $this->assertSession()->linkByHrefExists('http://example.com/project/aaa_update_test');
-
-    // Turn the altering back on and visit the Update manager UI.
-    $update_test_config->set('update_status', $update_status)->save();
-    $this->drupalGet('admin/modules/update');
-    $this->assertSession()->pageTextContains('Security update');
-
-    // Turn the altering back off and visit the Update manager UI.
-    $update_test_config->set('update_status', [])->save();
-    $this->drupalGet('admin/modules/update');
-    $this->assertSession()->pageTextNotContains('Security update');
   }
 
   /**
diff --git a/core/modules/update/tests/src/Functional/UpdateManagerUpdateTest.php b/core/modules/update/tests/src/Functional/UpdateManagerUpdateTest.php
deleted file mode 100644
index 96aa846e2e6dd9fda8fb035fce80d93af71631ec..0000000000000000000000000000000000000000
--- a/core/modules/update/tests/src/Functional/UpdateManagerUpdateTest.php
+++ /dev/null
@@ -1,317 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-namespace Drupal\Tests\update\Functional;
-
-/**
- * Tests the Update Manager module's 'Update' form and functionality.
- *
- * @todo In https://www.drupal.org/project/drupal/issues/3117229 expand this.
- *
- * @group update
- */
-class UpdateManagerUpdateTest extends UpdateTestBase {
-  use UpdateTestTrait;
-
-  /**
-   * {@inheritdoc}
-   */
-  protected static $modules = [
-    'aaa_update_test',
-    'bbb_update_test',
-  ];
-
-  /**
-   * {@inheritdoc}
-   */
-  protected $defaultTheme = 'stark';
-
-  /**
-   * {@inheritdoc}
-   */
-  protected function setUp(): void {
-    parent::setUp();
-    $admin_user = $this->drupalCreateUser([
-      'administer software updates',
-      'administer site configuration',
-    ]);
-    $this->drupalLogin($admin_user);
-
-    // The installed state of the system is the same for all test cases. What
-    // varies for each test scenario is which release history fixture we fetch,
-    // which in turn changes the expected state of the UpdateManagerUpdateForm.
-    $this->mockInstalledExtensionsInfo([
-      'aaa_update_test' => [
-        'project' => 'aaa_update_test',
-        'version' => '8.x-1.0',
-        'hidden' => FALSE,
-      ],
-      'bbb_update_test' => [
-        'project' => 'bbb_update_test',
-        'version' => '8.x-1.0',
-        'hidden' => FALSE,
-      ],
-      'ccc_update_test' => [
-        'project' => 'ccc_update_test',
-        'version' => '8.x-1.0',
-        'hidden' => FALSE,
-      ],
-    ]);
-    $this->mockDefaultExtensionsInfo(['version' => '8.0.0']);
-  }
-
-  /**
-   * Provides data for test scenarios involving incompatible updates.
-   *
-   * These test cases rely on the following fixtures containing the following
-   * releases:
-   * - aaa_update_test.8.x-1.2.xml
-   *   - 8.x-1.2 Compatible with 8.0.0 core.
-   * - aaa_update_test.core_compatibility.8.x-1.2_8.x-2.2.xml
-   *   - 8.x-1.2 Requires 8.1.0 and above.
-   * - bbb_update_test.1_0.xml
-   *   - 8.x-1.0 is the only available release.
-   * - bbb_update_test.1_1.xml
-   *   - 8.x-1.1 is available and compatible with everything (does not define
-   *     <core_compatibility> at all).
-   * - bbb_update_test.1_2.xml
-   *   - 8.x-1.1 is available and compatible with everything (does not define
-   *     <core_compatibility> at all).
-   *   - 8.x-1.2 is available and requires Drupal 8.1.0 and above.
-   *
-   * @return array[]
-   *   Test data.
-   */
-  public static function incompatibleUpdatesTableProvider() {
-    return [
-      'only one compatible' => [
-        'core_fixture' => '8.1.1',
-        // aaa_update_test.8.x-1.2.xml has core compatibility set and will test
-        // the case where $recommended_release['core_compatible'] === TRUE in
-        // \Drupal\update\Form\UpdateManagerUpdate.
-        'a_fixture' => '8.x-1.2',
-        // Use a fixture with only a 8.x-1.0 release so BBB is up to date.
-        'b_fixture' => '1_0',
-        'compatible' => [
-          'AAA' => '8.x-1.2',
-        ],
-        'incompatible' => [],
-      ],
-      'only one incompatible' => [
-        'core_fixture' => '8.1.1',
-        'a_fixture' => 'core_compatibility.8.x-1.2_8.x-2.2',
-        // Use a fixture with only a 8.x-1.0 release so BBB is up to date.
-        'b_fixture' => '1_0',
-        'compatible' => [],
-        'incompatible' => [
-          'AAA' => [
-            'recommended' => '8.x-1.2',
-            'range' => '8.1.0 to 8.1.1',
-          ],
-        ],
-      ],
-      'two compatible, no incompatible' => [
-        'core_fixture' => '8.1.1',
-        'a_fixture' => '8.x-1.2',
-        // bbb_update_test.1_1.xml does not have core compatibility set and will
-        // test the case where $recommended_release['core_compatible'] === NULL
-        // in \Drupal\update\Form\UpdateManagerUpdate.
-        'b_fixture' => '1_1',
-        'compatible' => [
-          'AAA' => '8.x-1.2',
-          'BBB' => '8.x-1.1',
-        ],
-        'incompatible' => [],
-      ],
-      'two incompatible, no compatible' => [
-        'core_fixture' => '8.1.1',
-        'a_fixture' => 'core_compatibility.8.x-1.2_8.x-2.2',
-        // bbb_update_test.1_2.xml has core compatibility set and will test the
-        // case where $recommended_release['core_compatible'] === FALSE in
-        // \Drupal\update\Form\UpdateManagerUpdate.
-        'b_fixture' => '1_2',
-        'compatible' => [],
-        'incompatible' => [
-          'AAA' => [
-            'recommended' => '8.x-1.2',
-            'range' => '8.1.0 to 8.1.1',
-          ],
-          'BBB' => [
-            'recommended' => '8.x-1.2',
-            'range' => '8.1.0 to 8.1.1',
-          ],
-        ],
-      ],
-      'one compatible, one incompatible' => [
-        'core_fixture' => '8.1.1',
-        'a_fixture' => 'core_compatibility.8.x-1.2_8.x-2.2',
-        'b_fixture' => '1_1',
-        'compatible' => [
-          'BBB' => '8.x-1.1',
-        ],
-        'incompatible' => [
-          'AAA' => [
-            'recommended' => '8.x-1.2',
-            'range' => '8.1.0 to 8.1.1',
-          ],
-        ],
-      ],
-    ];
-  }
-
-  /**
-   * Tests the Update form for a single test scenario of incompatible updates.
-   *
-   * @dataProvider incompatibleUpdatesTableProvider
-   *
-   * @param string $core_fixture
-   *   The fixture file to use for Drupal core.
-   * @param string $a_fixture
-   *   The fixture file to use for the aaa_update_test module.
-   * @param string $b_fixture
-   *   The fixture file to use for the bbb_update_test module.
-   * @param string[] $compatible
-   *   Compatible recommended updates (if any). Keys are module identifier
-   *   ('AAA' or 'BBB') and values are the expected recommended release.
-   * @param string[][] $incompatible
-   *   Incompatible recommended updates (if any). Keys are module identifier
-   *   ('AAA' or 'BBB') and values are subarrays with the following keys:
-   *   - 'recommended': The recommended version.
-   *   - 'range': The versions of Drupal core required for that version.
-   */
-  public function testIncompatibleUpdatesTable($core_fixture, $a_fixture, $b_fixture, array $compatible, array $incompatible): void {
-
-    $assert_session = $this->assertSession();
-    $compatible_table_locator = '[data-drupal-selector="edit-projects"]';
-    $incompatible_table_locator = '[data-drupal-selector="edit-not-compatible"]';
-
-    $this->refreshUpdateStatus(['drupal' => $core_fixture, 'aaa_update_test' => $a_fixture, 'bbb_update_test' => $b_fixture]);
-    $this->drupalGet('admin/reports/updates/update');
-
-    if ($compatible) {
-      // Verify the number of rows in the table.
-      $assert_session->elementsCount('css', "$compatible_table_locator tbody tr", count($compatible));
-      // We never want to see a compatibility range in the compatible table.
-      $assert_session->elementTextNotContains('css', $compatible_table_locator, 'Requires Drupal core');
-      foreach ($compatible as $module => $version) {
-        $compatible_row = "$compatible_table_locator tbody tr:contains('$module Update test')";
-        // First <td> is the checkbox, so start with td #2.
-        $assert_session->elementTextContains('css', "$compatible_row td:nth-of-type(2)", "$module Update test");
-        // Both contrib modules use 8.x-1.0 as the currently installed version.
-        $assert_session->elementTextContains('css', "$compatible_row td:nth-of-type(3)", '8.x-1.0');
-        $assert_session->elementTextContains('css', "$compatible_row td:nth-of-type(4)", $version);
-      }
-    }
-    else {
-      // Verify there is no compatible updates table.
-      $assert_session->elementNotExists('css', $compatible_table_locator);
-    }
-
-    if ($incompatible) {
-      // Verify the number of rows in the table.
-      $assert_session->elementsCount('css', "$incompatible_table_locator tbody tr", count($incompatible));
-      foreach ($incompatible as $module => $data) {
-        $incompatible_row = "$incompatible_table_locator tbody tr:contains('$module Update test')";
-        $assert_session->elementTextContains('css', "$incompatible_row td:nth-of-type(1)", "$module Update test");
-        // Both contrib modules use 8.x-1.0 as the currently installed version.
-        $assert_session->elementTextContains('css', "$incompatible_row td:nth-of-type(2)", '8.x-1.0');
-        $assert_session->elementTextContains('css', "$incompatible_row td:nth-of-type(3)", $data['recommended']);
-        $assert_session->elementTextContains('css', "$incompatible_row td:nth-of-type(3)", 'Requires Drupal core: ' . $data['range']);
-      }
-    }
-    else {
-      // Verify there is no incompatible updates table.
-      $assert_session->elementNotExists('css', $incompatible_table_locator);
-    }
-  }
-
-  /**
-   * Tests the Update form with an uninstalled module in the system.
-   */
-  public function testUninstalledUpdatesTable(): void {
-    $assert_session = $this->assertSession();
-    $compatible_table_locator = '[data-drupal-selector="edit-projects"]';
-    $uninstalled_table_locator = '[data-drupal-selector="edit-uninstalled-projects"]';
-
-    $fixtures = [
-      'drupal' => '8.1.1',
-      'aaa_update_test' => '8.x-1.2',
-      // Use a fixture with only a 8.x-1.0 release so BBB is up to date.
-      'bbb_update_test' => '1_0',
-      // CCC is not installed and is missing an update, 8.x-1.1.
-      'ccc_update_test' => '1_1',
-    ];
-    $this->refreshUpdateStatus($fixtures);
-    $this->drupalGet('admin/reports/updates/update');
-
-    // Confirm there is no table for uninstalled extensions.
-    $assert_session->pageTextNotContains('CCC Update test');
-    $assert_session->responseNotContains('<h2>Uninstalled</h2>');
-
-    // Confirm the table for installed modules exists without a header.
-    $assert_session->responseNotContains('<h2>Installed</h2>');
-    $assert_session->elementNotExists('css', $uninstalled_table_locator);
-    $assert_session->elementsCount('css', "$compatible_table_locator tbody tr", 1);
-    $compatible_headers = [
-      // First column has no header, it's the select-all checkbox.
-      'th:nth-of-type(2)' => 'Name',
-      'th:nth-of-type(3)' => 'Site version',
-      'th:nth-of-type(4)' => 'Recommended version',
-    ];
-    $this->checkTableHeaders($compatible_table_locator, $compatible_headers);
-
-    $installed_row = "$compatible_table_locator tbody tr";
-    $assert_session->elementsCount('css', $installed_row, 1);
-    $assert_session->elementTextContains('css', "$compatible_table_locator td:nth-of-type(2)", "AAA Update test");
-    $assert_session->elementTextContains('css', "$compatible_table_locator td:nth-of-type(3)", '8.x-1.0');
-    $assert_session->elementTextContains('css', "$compatible_table_locator td:nth-of-type(4)", '8.x-1.2');
-
-    // Change the setting so we check for uninstalled modules, too.
-    $this->config('update.settings')
-      ->set('check.disabled_extensions', TRUE)
-      ->save();
-
-    // Reload the page so the new setting goes into effect.
-    $this->drupalGet('admin/reports/updates/update');
-
-    // Confirm the table for installed modules exists with a header.
-    $assert_session->responseContains('<h2>Installed</h2>');
-    $assert_session->elementsCount('css', "$compatible_table_locator tbody tr", 1);
-    $this->checkTableHeaders($compatible_table_locator, $compatible_headers);
-
-    // Confirm the table for uninstalled extensions exists.
-    $assert_session->responseContains('<h2>Uninstalled</h2>');
-    $uninstalled_headers = [
-      // First column has no header, it's the select-all checkbox.
-      'th:nth-of-type(2)' => 'Name',
-      'th:nth-of-type(3)' => 'Site version',
-      'th:nth-of-type(4)' => 'Recommended version',
-    ];
-    $this->checkTableHeaders($uninstalled_table_locator, $uninstalled_headers);
-
-    $uninstalled_row = "$uninstalled_table_locator tbody tr";
-    $assert_session->elementsCount('css', $uninstalled_row, 1);
-    $assert_session->elementTextContains('css', "$uninstalled_row td:nth-of-type(2)", "CCC Update test");
-    $assert_session->elementTextContains('css', "$uninstalled_row td:nth-of-type(3)", '8.x-1.0');
-    $assert_session->elementTextContains('css', "$uninstalled_row td:nth-of-type(4)", '8.x-1.1');
-  }
-
-  /**
-   * Checks headers for a given table on the Update form.
-   *
-   * @param string $table_locator
-   *   CSS locator to find the table to check the headers on.
-   * @param string[] $expected_headers
-   *   Array of expected header texts, keyed by CSS selectors relative to the
-   *   thead tr (for example, "th:nth-of-type(3)").
-   */
-  private function checkTableHeaders($table_locator, array $expected_headers): void {
-    $assert_session = $this->assertSession();
-    $assert_session->elementExists('css', $table_locator);
-    foreach ($expected_headers as $locator => $header) {
-      $assert_session->elementTextContains('css', "$table_locator thead tr $locator", $header);
-    }
-  }
-
-}
diff --git a/core/modules/update/tests/src/Functional/UpdateMiscTest.php b/core/modules/update/tests/src/Functional/UpdateMiscTest.php
index da1029cd6e0ce4b94620bbbb6b63ef1bf5b669f4..14a9c5d36e2cfd474eaeb99849bd209cbbeaa54a 100644
--- a/core/modules/update/tests/src/Functional/UpdateMiscTest.php
+++ b/core/modules/update/tests/src/Functional/UpdateMiscTest.php
@@ -40,23 +40,6 @@ protected function setUp(): void {
     $this->drupalPlaceBlock('local_actions_block');
   }
 
-  /**
-   * Checks that clearing the disk cache works.
-   */
-  public function testClearDiskCache(): void {
-    $directories = [
-      _update_manager_cache_directory(FALSE),
-      _update_manager_extract_directory(FALSE),
-    ];
-    // Check that update directories does not exists.
-    foreach ($directories as $directory) {
-      $this->assertDirectoryDoesNotExist($directory);
-    }
-
-    // Method must not fail if update directories do not exists.
-    update_clear_update_disk_cache();
-  }
-
   /**
    * Tests the Update Manager module when the update server returns 503 errors.
    */
diff --git a/core/modules/update/tests/src/Kernel/UpdateDeleteFileIfStaleTest.php b/core/modules/update/tests/src/Kernel/UpdateDeleteFileIfStaleTest.php
deleted file mode 100644
index 16fc7dfe3381e5939eae01e86436ef335613c354..0000000000000000000000000000000000000000
--- a/core/modules/update/tests/src/Kernel/UpdateDeleteFileIfStaleTest.php
+++ /dev/null
@@ -1,60 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-namespace Drupal\Tests\update\Kernel;
-
-use Drupal\KernelTests\KernelTestBase;
-
-/**
- * Tests the update_delete_file_if_stale() function.
- *
- * @group update
- */
-class UpdateDeleteFileIfStaleTest extends KernelTestBase {
-
-  /**
-   * {@inheritdoc}
-   */
-  protected static $modules = [
-    'system',
-    'update',
-  ];
-
-  /**
-   * Tests the deletion of stale files.
-   */
-  public function testUpdateDeleteFileIfStale(): void {
-    $file_system = $this->container->get('file_system');
-
-    $file_name = $file_system->saveData($this->randomMachineName(), 'public://');
-    $this->assertNotNull($file_name);
-    $file_path = $file_system->realpath($file_name);
-
-    // During testing, the file change and the stale checking occurs in the same
-    // request, so the beginning of request will be before the file changes and
-    // \Drupal::time()->getRequestTime() - $filectime is negative or zero.
-    // Set the maximum age to a number even smaller than that.
-    $this->config('system.file')
-      ->set('temporary_maximum_age', 100000)
-      ->save();
-
-    // First test that the file is not stale and thus not deleted.
-    $deleted = update_delete_file_if_stale($file_path);
-    $this->assertFalse($deleted);
-    $this->assertFileExists($file_path);
-
-    // Set the maximum age to a number smaller than
-    // \Drupal::time()->getRequestTime() - $filectime.
-    $this->config('system.file')
-      ->set('temporary_maximum_age', -100000)
-      ->save();
-
-    // Now attempt to delete the file; as it should be considered stale, this
-    // attempt should succeed.
-    $deleted = update_delete_file_if_stale($file_path);
-    $this->assertTrue($deleted);
-    $this->assertFileDoesNotExist($file_path);
-  }
-
-}
diff --git a/core/modules/update/tests/src/Unit/Menu/UpdateLocalTasksTest.php b/core/modules/update/tests/src/Unit/Menu/UpdateLocalTasksTest.php
index f70cf012f004664d040692830d9f09bf7b18f908..e1e9b060aed6cfb315767afc96c8af49e4fbd677 100644
--- a/core/modules/update/tests/src/Unit/Menu/UpdateLocalTasksTest.php
+++ b/core/modules/update/tests/src/Unit/Menu/UpdateLocalTasksTest.php
@@ -28,7 +28,7 @@ protected function setUp(): void {
    */
   public function testUpdateReportLocalTasks($route): void {
     $this->assertLocalTasks($route, [
-      0 => ['update.status', 'update.settings', 'update.report_update'],
+      0 => ['update.status', 'update.settings'],
     ]);
   }
 
@@ -39,47 +39,6 @@ public static function getUpdateReportRoutes() {
     return [
       ['update.status'],
       ['update.settings'],
-      ['update.report_update'],
-    ];
-  }
-
-  /**
-   * Checks update module tasks.
-   *
-   * @dataProvider getUpdateModuleRoutes
-   */
-  public function testUpdateModuleLocalTasks($route): void {
-    $this->assertLocalTasks($route, [
-      0 => ['update.module_update'],
-    ]);
-  }
-
-  /**
-   * Provides a list of module routes to test.
-   */
-  public static function getUpdateModuleRoutes() {
-    return [
-      ['update.module_update'],
-    ];
-  }
-
-  /**
-   * Checks update theme tasks.
-   *
-   * @dataProvider getUpdateThemeRoutes
-   */
-  public function testUpdateThemeLocalTasks($route): void {
-    $this->assertLocalTasks($route, [
-      0 => ['update.theme_update'],
-    ]);
-  }
-
-  /**
-   * Provides a list of theme routes to test.
-   */
-  public static function getUpdateThemeRoutes() {
-    return [
-      ['update.theme_update'],
     ];
   }
 
diff --git a/core/modules/update/tests/src/Unit/UpdateMailTest.php b/core/modules/update/tests/src/Unit/UpdateMailTest.php
index b8caa9e5f675c3fc65e063518695a5d8f4a63150..899c25db7116164caf5ffb31b79735a83a82254f 100644
--- a/core/modules/update/tests/src/Unit/UpdateMailTest.php
+++ b/core/modules/update/tests/src/Unit/UpdateMailTest.php
@@ -77,7 +77,7 @@ protected function setUp(): void {
    *
    * @dataProvider providerTestUpdateEmail
    */
-  public function testUpdateEmail($notification_threshold, $params, $authorized, array $expected_body): void {
+  public function testUpdateEmail($notification_threshold, $params, array $expected_body): void {
     $langcode = 'en';
     $available_updates_url = 'https://example.com/admin/reports/updates';
     $update_settings_url = 'https://example.com/admin/reports/updates/settings';
@@ -120,24 +120,12 @@ public function testUpdateEmail($notification_threshold, $params, $authorized, a
         ['update.settings', $config_notification],
       ]);
 
-    // The calls to generateFromRoute differ if authorized.
-    $count = 2;
-    if ($authorized) {
-      $this->currentUser
-        ->expects($this->once())
-        ->method('hasPermission')
-        ->with('administer software updates')
-        ->willReturn(TRUE);
-      $count = 3;
-    }
-    // When authorized also get the URL for the route 'update.report_update'.
     $this->urlGenerator
-      ->expects($this->exactly($count))
+      ->expects($this->exactly(2))
       ->method('generateFromRoute')
       ->willReturnMap([
         ['update.status', [], ['absolute' => TRUE, 'language' => $langcode], FALSE, $update_settings_url],
         ['update.settings', [], ['absolute' => TRUE], FALSE, $available_updates_url],
-        ['update.report_update', [], ['absolute' => TRUE, 'language' => $langcode], FALSE, $available_updates_url],
       ]);
 
     // Set the container.
@@ -155,22 +143,15 @@ public function testUpdateEmail($notification_threshold, $params, $authorized, a
     $this->assertSame("New release(s) available for $site_name", $message['subject']);
 
     // Confirm each part of the body.
-    if ($authorized) {
+    if (empty($params)) {
       $this->assertSame($expected_body[0], $message['body'][0]);
-      $this->assertSame($expected_body[1], $message['body'][1]);
-      $this->assertSame($expected_body[2], $message['body'][2]->render());
+      $this->assertSame($expected_body[1], $message['body'][1]->render());
     }
     else {
-      if (empty($params)) {
-        $this->assertSame($expected_body[0], $message['body'][0]);
-        $this->assertSame($expected_body[1], $message['body'][1]->render());
-      }
-      else {
-        $this->assertSame($expected_body[0], $message['body'][0]->render());
-        $this->assertSame($expected_body[1], $message['body'][1]);
-        $this->assertSame($expected_body[2], $message['body'][2]);
-        $this->assertSame($expected_body[3], $message['body'][3]->render());
-      }
+      $this->assertSame($expected_body[0], $message['body'][0]->render());
+      $this->assertSame($expected_body[1], $message['body'][1]);
+      $this->assertSame($expected_body[2], $message['body'][2]);
+      $this->assertSame($expected_body[3], $message['body'][3]->render());
     }
   }
 
@@ -188,7 +169,6 @@ public static function providerTestUpdateEmail(): array {
       'all' => [
         'all',
         [],
-        FALSE,
         [
           "See the available updates page for more information:\nhttps://example.com/admin/reports/updates/settings",
           'Your site is currently configured to send these emails when any updates are available. To get notified only for security updates, https://example.com/admin/reports/updates.',
@@ -197,7 +177,6 @@ public static function providerTestUpdateEmail(): array {
       'security' => [
         'security',
         [],
-        FALSE,
         [
           "See the available updates page for more information:\nhttps://example.com/admin/reports/updates/settings",
           'Your site is currently configured to send these emails only when security updates are available. To get notified for any available updates, https://example.com/admin/reports/updates.',
@@ -210,7 +189,6 @@ public static function providerTestUpdateEmail(): array {
           'core' => UpdateManagerInterface::NOT_SECURE,
           'contrib' => NULL,
         ],
-        FALSE,
         [
           "There is a security update available for your version of Drupal. To ensure the security of your server, you should update immediately!",
           '',
@@ -218,16 +196,6 @@ public static function providerTestUpdateEmail(): array {
           "Your site is currently configured to send these emails only when security updates are available. To get notified for any available updates, https://example.com/admin/reports/updates.",
         ],
       ],
-      'authorize' => [
-        'all',
-        [],
-        TRUE,
-        [
-          "See the available updates page for more information:\nhttps://example.com/admin/reports/updates/settings",
-          "You can automatically download your missing updates using the Update manager:\nhttps://example.com/admin/reports/updates",
-          'Your site is currently configured to send these emails when any updates are available. To get notified only for security updates, https://example.com/admin/reports/updates.',
-        ],
-      ],
     ];
   }
 
diff --git a/core/modules/update/update.api.php b/core/modules/update/update.api.php
index edc3f8ae83bf0b4d1da4774890204a9c027798b7..cf01f403cfbf48874168c95582176e9e894ebd06 100644
--- a/core/modules/update/update.api.php
+++ b/core/modules/update/update.api.php
@@ -104,32 +104,6 @@ function hook_update_status_alter(&$projects) {
   }
 }
 
-/**
- * Verify an archive after it has been downloaded and extracted.
- *
- * @param string $project
- *   The short name of the project that has been downloaded.
- * @param string $archive_file
- *   The filename of the un-extracted archive.
- * @param string $directory
- *   The directory that the archive was extracted into.
- *
- * @return array
- *   If there are any problems, return an array of error messages. If there are
- *   no problems, return an empty array.
- *
- * @see update_manager_archive_verify()
- * @ingroup update_manager_file
- */
-function hook_verify_update_archive($project, $archive_file, $directory) {
-  $errors = [];
-  if (!file_exists($directory)) {
-    $errors[] = t('The %directory does not exist.', ['%directory' => $directory]);
-  }
-  // Add other checks on the archive integrity here.
-  return $errors;
-}
-
 /**
  * @} End of "addtogroup hooks".
  */
diff --git a/core/modules/update/update.authorize.inc b/core/modules/update/update.authorize.inc
deleted file mode 100644
index 15f09badfcf0e98c84d61c8bc076799798f46494..0000000000000000000000000000000000000000
--- a/core/modules/update/update.authorize.inc
+++ /dev/null
@@ -1,248 +0,0 @@
-<?php
-
-/**
- * @file
- */
-
-use Drupal\Core\Batch\BatchBuilder;
-use Drupal\Core\Updater\UpdaterException;
-use Drupal\Core\Url;
-
-/**
- * Updates existing projects when invoked by authorize.php.
- *
- * Callback for system_authorized_init() in
- * update_manager_update_ready_form_submit().
- *
- * @param $filetransfer
- *   The FileTransfer object created by authorize.php for use during this
- *   operation.
- * @param $projects
- *   A nested array of projects to install into the live webroot, keyed by
- *   project name. Each subarray contains the following keys:
- *   - project: The canonical project short name.
- *   - updater_name: The name of the Drupal\Core\Updater\Updater class to use
- *     for this project.
- *   - local_url: The locally installed location of new code to update with.
- *
- * @return \Symfony\Component\HttpFoundation\Response|null
- *   The result of processing the batch that updates the projects. If this is
- *   an instance of \Symfony\Component\HttpFoundation\Response the calling code
- *   should use that response for the current page request.
- */
-function update_authorize_run_update($filetransfer, $projects) {
-  $batch_builder = (new BatchBuilder())
-    ->setFile(\Drupal::service('extension.list.module')->getPath('update') . '/update.authorize.inc')
-    ->setInitMessage(t('Preparing to update your site'))
-    ->setFinishCallback('update_authorize_update_batch_finished');
-
-  foreach ($projects as $project_info) {
-    $batch_builder->addOperation('update_authorize_batch_copy_project', [
-      $project_info['project'],
-      $project_info['updater_name'],
-      $project_info['local_url'],
-      $filetransfer,
-    ]);
-  }
-
-  batch_set($batch_builder->toArray());
-
-  // Since authorize.php has its own method for setting the page title, set it
-  // manually here rather than passing it in to batch_set() as would normally
-  // be done.
-  \Drupal::request()->getSession()->set('authorize_page_title', t('Downloading updates'));
-
-  // Invoke the batch via authorize.php.
-  return system_authorized_batch_process();
-}
-
-/**
- * Implements callback_batch_operation().
- *
- * Copies project to its proper place when authorized to do so.
- *
- * @param string $project
- *   The canonical short name of the project being installed.
- * @param string $updater_name
- *   The name of the Drupal\Core\Updater\Updater class to use for installing
- *   this project.
- * @param string $local_url
- *   The URL to the locally installed temp directory where the project has
- *   already been downloaded and extracted into.
- * @param \Drupal\Core\FileTransfer\FileTransfer $filetransfer
- *   The FileTransfer object to use for performing this operation.
- * @param array $context
- *   Reference to an array used for Batch API storage.
- */
-function update_authorize_batch_copy_project($project, $updater_name, $local_url, $filetransfer, &$context) {
-
-  // Initialize some variables in the Batch API $context array.
-  if (!isset($context['results']['log'])) {
-    $context['results']['log'] = [];
-  }
-  if (!isset($context['results']['log'][$project])) {
-    $context['results']['log'][$project] = [];
-  }
-
-  if (!isset($context['results']['tasks'])) {
-    $context['results']['tasks'] = [];
-  }
-
-  // The batch API uses a session, and since all the arguments are serialized
-  // and unserialized between requests, although the FileTransfer object itself
-  // will be reconstructed, the connection pointer itself will be lost. However,
-  // the FileTransfer object will still have the connection variable, even
-  // though the connection itself is now gone. So, although it's ugly, we have
-  // to unset the connection variable at this point so that the FileTransfer
-  // object will re-initiate the actual connection.
-  unset($filetransfer->connection);
-
-  if (!empty($context['results']['log'][$project]['#abort'])) {
-    $context['finished'] = 1;
-    return;
-  }
-
-  $updater = new $updater_name($local_url, \Drupal::getContainer()->get('update.root'));
-
-  try {
-    if ($updater->isInstalled()) {
-      // This is an update.
-      $tasks = $updater->update($filetransfer);
-    }
-    else {
-      $tasks = $updater->install($filetransfer);
-    }
-  }
-  catch (UpdaterException $e) {
-    _update_batch_create_message($context['results']['log'][$project], t('Error adding / updating'), FALSE);
-    _update_batch_create_message($context['results']['log'][$project], $e->getMessage(), FALSE);
-    $context['results']['log'][$project]['#abort'] = TRUE;
-    return;
-  }
-
-  _update_batch_create_message($context['results']['log'][$project], t('Added / updated %project_name successfully', ['%project_name' => $project]));
-
-  if (!empty($tasks)) {
-    $context['results']['tasks'] += $tasks;
-  }
-
-  // This particular operation is now complete, even though the batch might
-  // have other operations to perform.
-  $context['finished'] = 1;
-}
-
-/**
- * Batch callback: Performs actions when the authorized update batch is done.
- *
- * This processes the results and stashes them into SESSION such that
- * authorize.php will render a report. Also responsible for putting the site
- * back online and clearing the update status storage after a successful update.
- *
- * @param $success
- *   TRUE if the batch operation was successful; FALSE if there were errors.
- * @param $results
- *   An associative array of results from the batch operation.
- */
-function update_authorize_update_batch_finished($success, $results) {
-  foreach ($results['log'] as $messages) {
-    if (!empty($messages['#abort'])) {
-      $success = FALSE;
-    }
-  }
-  $offline = \Drupal::state()->get('system.maintenance_mode');
-  $session = \Drupal::request()->getSession();
-  // Unset the variable since it is no longer needed.
-  $maintenance_mode = $session->remove('maintenance_mode');
-  if ($success) {
-    // Now that the update completed, we need to clear the available update data
-    // and recompute our status, so prevent show bogus results.
-    _update_authorize_clear_update_status();
-
-    // Take the site out of maintenance mode if it was previously that way.
-    if ($offline && $maintenance_mode === FALSE) {
-      \Drupal::state()->set('system.maintenance_mode', FALSE);
-      $page_message = [
-        'message' => t('Update was completed successfully. Your site has been taken out of maintenance mode.'),
-        'type' => 'status',
-      ];
-    }
-    else {
-      $page_message = [
-        'message' => t('Update was completed successfully.'),
-        'type' => 'status',
-      ];
-    }
-  }
-  elseif (!$offline) {
-    $page_message = [
-      'message' => t('Update failed! See the log below for more information.'),
-      'type' => 'error',
-    ];
-  }
-  else {
-    $page_message = [
-      'message' => t('Update failed! See the log below for more information. Your site is still in maintenance mode.'),
-      'type' => 'error',
-    ];
-  }
-  // Since we're doing an update of existing code, always add a task for
-  // running update.php.
-  $url = Url::fromRoute('system.db_update');
-  $results['tasks'][] = t('Your modules have been downloaded and updated.');
-  $results['tasks'][] = [
-    '#type' => 'link',
-    '#url' => $url,
-    '#title' => t('Run database updates'),
-    // Since this is being called outside of the primary front controller,
-    // the base_url needs to be set explicitly to ensure that links are
-    // relative to the site root.
-    // @todo Simplify with https://www.drupal.org/node/2548095
-    '#options' => [
-      'absolute' => TRUE,
-      'base_url' => $GLOBALS['base_url'],
-    ],
-    '#access' => $url->access(\Drupal::currentUser()),
-  ];
-
-  // Set all these values into the SESSION so authorize.php can display them.
-  $session->set('authorize_results', [
-    'success' => $success,
-    'page_message' => $page_message,
-    'messages' => $results['log'],
-    'tasks' => $results['tasks'],
-  ]);
-  $session->set('authorize_page_title', t('Update manager'));
-}
-
-/**
- * Creates a structure of log messages.
- *
- * @param array $project_results
- *   An associative array of results from the batch operation.
- * @param string $message
- *   A string containing a log message.
- * @param bool $success
- *   (optional) TRUE if the operation the message is about was a success, FALSE
- *   if there were errors. Defaults to TRUE.
- */
-function _update_batch_create_message(&$project_results, $message, $success = TRUE) {
-  $project_results[] = ['message' => $message, 'success' => $success];
-}
-
-/**
- * Clears available update status data.
- *
- * Since this function is run at such a low bootstrap level, the Update Manager
- * module is not loaded. So, we can't just call update_storage_clear(). However,
- * the key-value backend is available, so we just call that.
- *
- * Note that we do not want to delete  items related to currently pending fetch
- * attempts.
- *
- * @see update_authorize_update_batch_finished()
- * @see update_storage_clear()
- */
-function _update_authorize_clear_update_status() {
-  \Drupal::keyValueExpirable('update')->deleteAll();
-  \Drupal::keyValueExpirable('update_available_release')->deleteAll();
-}
diff --git a/core/modules/update/update.install b/core/modules/update/update.install
index ad1f9bc20ee04d593345ed9a5eb9dcf5db7966ee..06b34b97018b95004a9929490e5f90a1eaf54aa5 100644
--- a/core/modules/update/update.install
+++ b/core/modules/update/update.install
@@ -125,12 +125,7 @@ function _update_requirement_check($project, $type) {
     // strings together in a single paragraph.
     $requirement['description'][] = ['#markup' => _update_message_text($type, $status)];
     if (!in_array($status, [UpdateFetcherInterface::UNKNOWN, UpdateFetcherInterface::NOT_CHECKED, UpdateFetcherInterface::NOT_FETCHED, UpdateFetcherInterface::FETCH_PENDING])) {
-      if (_update_manager_access()) {
-        $requirement['description'][] = ['#prefix' => ' ', '#markup' => t('See the <a href=":available_updates">available updates</a> page for more information and to update your software.', [':available_updates' => Url::fromRoute('update.report_update')->toString()])];
-      }
-      else {
-        $requirement['description'][] = ['#prefix' => ' ', '#markup' => t('See the <a href=":available_updates">available updates</a> page for more information.', [':available_updates' => Url::fromRoute('update.status')->toString()])];
-      }
+      $requirement['description'][] = ['#prefix' => ' ', '#markup' => t('See the <a href=":available_updates">available updates</a> page for more information.', [':available_updates' => Url::fromRoute('update.status')->toString()])];
     }
   }
   switch ($status) {
@@ -165,7 +160,7 @@ function _update_requirement_check($project, $type) {
   if ($status != UpdateManagerInterface::CURRENT && $type == 'core' && isset($project['recommended'])) {
     $requirement_label .= ' ' . t('(version @version available)', ['@version' => $project['recommended']]);
   }
-  $requirement['value'] = Link::fromTextAndUrl($requirement_label, Url::fromRoute(_update_manager_access() ? 'update.report_update' : 'update.status'))->toString();
+  $requirement['value'] = Link::fromTextAndUrl($requirement_label, Url::fromRoute('update.status'))->toString();
   return $requirement;
 }
 
diff --git a/core/modules/update/update.links.task.yml b/core/modules/update/update.links.task.yml
index d831bf01c9ef9890ea1697147c006c281bac09b2..f34442e4a67854c9ecea0754c97918e4b9643a6d 100644
--- a/core/modules/update/update.links.task.yml
+++ b/core/modules/update/update.links.task.yml
@@ -7,20 +7,3 @@ update.settings:
   base_route: system.admin_reports
   title: Settings
   weight: 50
-update.report_update:
-  route_name: update.report_update
-  base_route: system.admin_reports
-  title: Update
-  weight: 10
-
-update.module_update:
-  route_name: update.module_update
-  base_route: system.modules_list
-  title: Update
-  weight: 10
-
-update.theme_update:
-  route_name: update.theme_update
-  base_route: system.themes_page
-  title: Update
-  weight: 10
diff --git a/core/modules/update/update.manager.inc b/core/modules/update/update.manager.inc
deleted file mode 100644
index 02554db90acb8053172399dd0cb15acae0909d37..0000000000000000000000000000000000000000
--- a/core/modules/update/update.manager.inc
+++ /dev/null
@@ -1,309 +0,0 @@
-<?php
-
-/**
- * @file
- */
-
-use Drupal\Core\File\Exception\FileException;
-use Drupal\Core\File\Exception\InvalidStreamWrapperException;
-use Drupal\Core\File\FileExists;
-use Drupal\Core\Url;
-use Psr\Http\Client\ClientExceptionInterface;
-use Symfony\Component\HttpFoundation\RedirectResponse;
-
-/**
- * Batch callback: Performs actions when the download batch is completed.
- *
- * @param $success
- *   TRUE if the batch operation was successful, FALSE if there were errors.
- * @param $results
- *   An associative array of results from the batch operation.
- */
-function update_manager_download_batch_finished($success, $results) {
-  if (!empty($results['errors'])) {
-    $item_list = [
-      '#theme' => 'item_list',
-      '#title' => t('Downloading updates failed:'),
-      '#items' => $results['errors'],
-    ];
-    \Drupal::messenger()->addError(\Drupal::service('renderer')->render($item_list));
-  }
-  elseif ($success) {
-    \Drupal::messenger()->addStatus(t('Updates downloaded successfully.'));
-    \Drupal::request()->getSession()->set('update_manager_update_projects', $results['projects']);
-    return new RedirectResponse(Url::fromRoute('update.confirmation_page', [], ['absolute' => TRUE])->toString());
-  }
-  else {
-    // Ideally we're catching all Exceptions, so they should never see this,
-    // but just in case, we have to tell them something.
-    \Drupal::messenger()->addError(t('Fatal error trying to download.'));
-  }
-}
-
-/**
- * Checks for file transfer backends and prepares a form fragment about them.
- *
- * @param array $form
- *   Reference to the form array we're building.
- * @param string $operation
- *   The update manager operation we're in the middle of. Can be either 'update'
- *   or 'install'. Use to provide operation-specific interface text.
- *
- * @return bool
- *   TRUE if the update manager should continue to the next step in the
- *   workflow, or FALSE if we've hit a fatal configuration and must halt the
- *   workflow.
- */
-function _update_manager_check_backends(&$form, $operation) {
-  // If file transfers will be performed locally, we do not need to display any
-  // warnings or notices to the user and should automatically continue the
-  // workflow, since we won't be using a FileTransfer backend that requires
-  // user input or a specific server configuration.
-  if (update_manager_local_transfers_allowed()) {
-    return TRUE;
-  }
-
-  // Otherwise, show the available backends.
-  $form['available_backends'] = [
-    '#prefix' => '<p>',
-    '#suffix' => '</p>',
-  ];
-
-  $available_backends = drupal_get_filetransfer_info();
-  if (empty($available_backends)) {
-    if ($operation == 'update') {
-      $form['available_backends']['#markup'] = t('Your server does not support updating modules and themes from this interface. Instead, update modules and themes by uploading the new versions directly to the server, as documented in <a href=":doc_url">Extending Drupal</a>.', [':doc_url' => 'https://www.drupal.org/docs/extending-drupal/overview']);
-    }
-    else {
-      $form['available_backends']['#markup'] = t('Your server does not support adding modules and themes from this interface. Instead, add modules and themes by uploading them directly to the server, as documented in <a href=":doc_url">Extending Drupal</a>.', [':doc_url' => 'https://www.drupal.org/docs/extending-drupal/overview']);
-    }
-    return FALSE;
-  }
-
-  $backend_names = [];
-  foreach ($available_backends as $backend) {
-    $backend_names[] = $backend['title'];
-  }
-  if ($operation == 'update') {
-    $form['available_backends']['#markup'] = \Drupal::translation()->formatPlural(
-      count($available_backends),
-      'Updating modules and themes requires <strong>@backends access</strong> to your server. See <a href=":doc_url">Extending Drupal</a> for other update methods.',
-      'Updating modules and themes requires access to your server via one of the following methods: <strong>@backends</strong>. See <a href=":doc_url">Extending Drupal</a> for other update methods.',
-      [
-        '@backends' => implode(', ', $backend_names),
-        ':doc_url' => 'https://www.drupal.org/docs/extending-drupal/overview',
-      ]);
-  }
-  else {
-    $form['available_backends']['#markup'] = \Drupal::translation()->formatPlural(
-      count($available_backends),
-      'Adding modules and themes requires <strong>@backends access</strong> to your server. See <a href=":doc_url">Extending Drupal</a> for other methods.',
-      'Adding modules and themes requires access to your server via one of the following methods: <strong>@backends</strong>. See <a href=":doc_url">Extending Drupal</a> for other methods.',
-      [
-        '@backends' => implode(', ', $backend_names),
-        ':doc_url' => 'https://www.drupal.org/docs/extending-drupal/overview',
-      ]);
-  }
-  return TRUE;
-}
-
-/**
- * Unpacks a downloaded archive file.
- *
- * @param string $file
- *   The filename of the archive you wish to extract.
- * @param string $directory
- *   The directory you wish to extract the archive into.
- *
- * @return \Drupal\Core\Archiver\ArchiverInterface
- *   The Archiver object used to extract the archive.
- *
- * @throws Exception
- */
-function update_manager_archive_extract($file, $directory) {
-  /** @var \Drupal\Core\Archiver\ArchiverInterface $archiver */
-  $archiver = \Drupal::service('plugin.manager.archiver')->getInstance([
-    'filepath' => $file,
-  ]);
-  if (!$archiver) {
-    throw new Exception("Cannot extract '$file', not a valid archive");
-  }
-
-  // Remove the directory if it exists, otherwise it might contain a mixture of
-  // old files mixed with the new files (e.g. in cases where files were removed
-  // from a later release).
-  $files = $archiver->listContents();
-
-  // Unfortunately, we can only use the directory name to determine the project
-  // name. Some archivers list the first file as the directory (i.e., MODULE/)
-  // and others list an actual file (i.e., MODULE/README.TXT).
-  $project = strtok($files[0], '/\\');
-
-  $extract_location = $directory . '/' . $project;
-  if (file_exists($extract_location)) {
-    try {
-      \Drupal::service('file_system')->deleteRecursive($extract_location);
-    }
-    catch (FileException) {
-      // Ignore failed deletes.
-    }
-  }
-
-  $archiver->extract($directory);
-  return $archiver;
-}
-
-/**
- * Verifies an archive after it has been downloaded and extracted.
- *
- * This function is responsible for invoking hook_verify_update_archive().
- *
- * @param string $project
- *   The short name of the project to download.
- * @param string $archive_file
- *   The filename of the un-extracted archive.
- * @param string $directory
- *   The directory that the archive was extracted into.
- *
- * @return array
- *   An array of error messages to display if the archive was invalid. If there
- *   are no errors, it will be an empty array.
- */
-function update_manager_archive_verify($project, $archive_file, $directory) {
-  return \Drupal::moduleHandler()->invokeAll('verify_update_archive', [$project, $archive_file, $directory]);
-}
-
-/**
- * Copies a file from the specified URL to the temporary directory for updates.
- *
- * Returns the local path if the file has already been downloaded.
- *
- * @param $url
- *   The URL of the file on the server.
- *
- * @return string|false
- *   Path to local file, or FALSE if it could not be retrieved.
- */
-function update_manager_file_get($url) {
-  $parsed_url = parse_url($url);
-  $remote_schemes = ['http', 'https', 'ftp', 'ftps', 'smb', 'nfs'];
-  if (!isset($parsed_url['scheme']) || !in_array($parsed_url['scheme'], $remote_schemes)) {
-    // This is a local file, just return the path.
-    return \Drupal::service('file_system')->realpath($url);
-  }
-
-  // Check the cache and download the file if needed.
-  $cache_directory = _update_manager_cache_directory();
-  $local = $cache_directory . '/' . \Drupal::service('file_system')->basename($parsed_url['path']);
-
-  if (!file_exists($local) || update_delete_file_if_stale($local)) {
-    try {
-      $data = (string) \Drupal::httpClient()->get($url)->getBody();
-      return \Drupal::service('file_system')->saveData($data, $local, FileExists::Replace);
-    }
-    catch (ClientExceptionInterface $exception) {
-      \Drupal::messenger()->addError(t('Failed to fetch file due to error "%error"', ['%error' => $exception->getMessage()]));
-    }
-    catch (FileException | InvalidStreamWrapperException $e) {
-      \Drupal::messenger()->addError(t('Failed to save file due to error "%error"', ['%error' => $e->getMessage()]));
-    }
-    return FALSE;
-  }
-  else {
-    return $local;
-  }
-}
-
-/**
- * Implements callback_batch_operation().
- *
- * Downloads, unpacks, and verifies a project.
- *
- * This function assumes that the provided URL points to a file archive of some
- * sort. The URL can have any scheme that we have a file stream wrapper to
- * support. The file is downloaded to a local cache.
- *
- * @param string $project
- *   The short name of the project to download.
- * @param string $url
- *   The URL to download a specific project release archive file.
- * @param array $context
- *   Reference to an array used for Batch API storage.
- *
- * @see update_manager_download_page()
- */
-function update_manager_batch_project_get($project, $url, &$context) {
-  // This is here to show the user that we are in the process of downloading.
-  if (!isset($context['sandbox']['started'])) {
-    $context['sandbox']['started'] = TRUE;
-    $context['message'] = t('Downloading %project', ['%project' => $project]);
-    $context['finished'] = 0;
-    return;
-  }
-
-  // Actually try to download the file.
-  if (!($local_cache = update_manager_file_get($url))) {
-    $context['results']['errors'][$project] = t('Failed to download %project from %url', ['%project' => $project, '%url' => $url]);
-    return;
-  }
-
-  // Extract it.
-  $extract_directory = _update_manager_extract_directory();
-  try {
-    update_manager_archive_extract($local_cache, $extract_directory);
-  }
-  catch (Exception $e) {
-    $context['results']['errors'][$project] = $e->getMessage();
-    return;
-  }
-
-  // Verify it.
-  $archive_errors = update_manager_archive_verify($project, $local_cache, $extract_directory);
-  if (!empty($archive_errors)) {
-    // We just need to make sure our array keys don't collide, so use the
-    // numeric keys from the $archive_errors array.
-    foreach ($archive_errors as $key => $error) {
-      $context['results']['errors']["$project-$key"] = $error;
-    }
-    return;
-  }
-
-  // Yay, success.
-  $context['results']['projects'][$project] = $url;
-  $context['finished'] = 1;
-}
-
-/**
- * Determines if file transfers will be performed locally.
- *
- * If the server is configured such that webserver-created files have the same
- * owner as the configuration directory (e.g., sites/default) where new code
- * will eventually be installed, the update manager can transfer files entirely
- * locally, without changing their ownership (in other words, without prompting
- * the user for FTP, SSH or other credentials).
- *
- * This server configuration is an inherent security weakness because it allows
- * a malicious webserver process to append arbitrary PHP code and then execute
- * it. However, it is supported here because it is a common configuration on
- * shared hosting, and there is nothing Drupal can do to prevent it.
- *
- * @return bool
- *   TRUE if local file transfers are allowed on this server, or FALSE if not.
- *
- * @see install_check_requirements()
- */
-function update_manager_local_transfers_allowed() {
-  $file_system = \Drupal::service('file_system');
-  // Compare the owner of a webserver-created temporary file to the owner of
-  // the configuration directory to determine if local transfers will be
-  // allowed.
-  $temporary_file = \Drupal::service('file_system')->tempnam('temporary://', 'update_');
-  $site_path = \Drupal::getContainer()->getParameter('site.path');
-  $local_transfers_allowed = fileowner($temporary_file) === fileowner($site_path);
-
-  // Clean up. If this fails, we can ignore it (since this is just a temporary
-  // file anyway).
-  @$file_system->unlink($temporary_file);
-
-  return $local_transfers_allowed;
-}
diff --git a/core/modules/update/update.module b/core/modules/update/update.module
index 654ce8f37faf47862bf4024cd68e09bebda48a34..81fe0efcb2bd0f901f7fcf2fdd8f080c8323bc2f 100644
--- a/core/modules/update/update.module
+++ b/core/modules/update/update.module
@@ -4,27 +4,12 @@
  * @file
  */
 
-use Drupal\Core\File\Exception\FileException;
 use Drupal\Core\Link;
 use Drupal\Core\Url;
 use Drupal\Core\Site\Settings;
 use Drupal\update\UpdateFetcherInterface;
 use Drupal\update\UpdateManagerInterface;
 
-/**
- * Resolves if the current user can access updater menu items.
- *
- * It both enforces the 'administer software updates' permission and the global
- * kill switch for the authorize.php script.
- *
- * @return bool
- *   TRUE if the current user can access the updater menu items; FALSE
- *   otherwise.
- */
-function _update_manager_access() {
-  return Settings::get('allow_authorize_operations', TRUE) && \Drupal::currentUser()->hasPermission('administer software updates');
-}
-
 /**
  * Returns a warning message when there is no data about available updates.
  */
@@ -296,106 +281,3 @@ function _update_manager_unique_identifier() {
   }
   return $id;
 }
-
-/**
- * Returns the directory where update archive files should be extracted.
- *
- * @param $create
- *   (optional) Whether to attempt to create the directory if it does not
- *   already exist. Defaults to TRUE.
- *
- * @return string
- *   The full path to the temporary directory where update file archives should
- *   be extracted.
- */
-function _update_manager_extract_directory($create = TRUE) {
-  static $directory;
-  if (!isset($directory)) {
-    $directory = 'temporary://update-extraction-' . _update_manager_unique_identifier();
-    if ($create && !file_exists($directory)) {
-      mkdir($directory);
-    }
-  }
-  return $directory;
-}
-
-/**
- * Returns the directory where update archive files should be cached.
- *
- * @param $create
- *   (optional) Whether to attempt to create the directory if it does not
- *   already exist. Defaults to TRUE.
- *
- * @return string
- *   The full path to the temporary directory where update file archives should
- *   be cached.
- */
-function _update_manager_cache_directory($create = TRUE) {
-  static $directory;
-  if (!isset($directory)) {
-    $directory = 'temporary://update-cache-' . _update_manager_unique_identifier();
-    if ($create && !file_exists($directory)) {
-      mkdir($directory);
-    }
-  }
-  return $directory;
-}
-
-/**
- * Clears the temporary files and directories based on file age from disk.
- */
-function update_clear_update_disk_cache() {
-  // List of update module cache directories. Do not create the directories if
-  // they do not exist.
-  $directories = [
-    _update_manager_cache_directory(FALSE),
-    _update_manager_extract_directory(FALSE),
-  ];
-
-  // Search for files and directories in base folder only without recursion.
-  foreach ($directories as $directory) {
-    if (is_dir($directory)) {
-      \Drupal::service('file_system')->scanDirectory($directory, '/.*/', ['callback' => 'update_delete_file_if_stale', 'recurse' => FALSE]);
-    }
-  }
-}
-
-/**
- * Deletes stale files and directories from the update manager disk cache.
- *
- * Files and directories older than 6 hours and development snapshots older than
- * 5 minutes are considered stale. We only cache development snapshots for 5
- * minutes since otherwise updated snapshots might not be downloaded as
- * expected.
- *
- * When checking file ages, we need to use the ctime, not the mtime
- * (modification time) since many (all?) tar implementations go out of their way
- * to set the mtime on the files they create to the timestamps recorded in the
- * tarball. We want to see the last time the file was changed on disk, which is
- * left alone by tar and correctly set to the time the archive file was
- * unpacked.
- *
- * @param $path
- *   A string containing a file path or (streamwrapper) URI.
- *
- * @return bool
- *   TRUE if the file is stale and deleted successfully, FALSE otherwise.
- */
-function update_delete_file_if_stale($path) {
-  if (file_exists($path)) {
-    $filectime = filectime($path);
-    $max_age = \Drupal::config('system.file')->get('temporary_maximum_age');
-    $request_time = \Drupal::time()->getRequestTime();
-    if ($request_time - $filectime > $max_age || (preg_match('/.*-dev\.(tar\.gz|zip)/i', $path) && $request_time - $filectime > 300)) {
-      try {
-        \Drupal::service('file_system')->deleteRecursive($path);
-        return TRUE;
-      }
-      catch (FileException) {
-        // Ignore failed deletes.
-      }
-    }
-  }
-
-  return FALSE;
-}
diff --git a/core/modules/update/update.routing.yml b/core/modules/update/update.routing.yml
index 4f1f2888d6d3808fcf4bd7b0bed6c241ebb18dae..64ffe3cc217f91f58eebcbf0591a1f3a2055e40d 100644
--- a/core/modules/update/update.routing.yml
+++ b/core/modules/update/update.routing.yml
@@ -22,35 +22,3 @@ update.manual_status:
   requirements:
     _permission: 'administer site configuration'
     _csrf_token: 'TRUE'
-
-update.report_update:
-  path: '/admin/reports/updates/update'
-  defaults:
-    _form: '\Drupal\update\Form\UpdateManagerUpdate'
-    _title: 'Update'
-  requirements:
-    _permission: 'administer software updates'
-
-update.module_update:
-  path: '/admin/modules/update'
-  defaults:
-    _form: '\Drupal\update\Form\UpdateManagerUpdate'
-    _title: 'Update'
-  requirements:
-    _permission: 'administer software updates'
-
-update.theme_update:
-  path: '/admin/appearance/update'
-  defaults:
-    _form: '\Drupal\update\Form\UpdateManagerUpdate'
-    _title: 'Update'
-  requirements:
-    _permission: 'administer software updates'
-
-update.confirmation_page:
-  path: '/admin/update/ready'
-  defaults:
-    _form: '\Drupal\update\Form\UpdateReady'
-    _title: 'Ready to update'
-  requirements:
-    _permission: 'administer software updates'
diff --git a/core/modules/update/update.services.yml b/core/modules/update/update.services.yml
index 3f96c81b8baf521dff5a5f5e93d66689aed451fb..465df135529a0e8e332285a2e30ee40cee48a64b 100644
--- a/core/modules/update/update.services.yml
+++ b/core/modules/update/update.services.yml
@@ -24,6 +24,3 @@ services:
   logger.channel.update:
     parent: logger.channel_base
     arguments: [ 'update' ]
-  update.route_subscriber:
-    class: Drupal\update\Routing\UpdateRouteSubscriber
-    arguments: ['@settings']
diff --git a/core/tests/Drupal/KernelTests/Core/Updater/UpdaterTest.php b/core/tests/Drupal/KernelTests/Core/Updater/UpdaterTest.php
deleted file mode 100644
index c63b10f85404140c227f019c2e62e583714ed14c..0000000000000000000000000000000000000000
--- a/core/tests/Drupal/KernelTests/Core/Updater/UpdaterTest.php
+++ /dev/null
@@ -1,34 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-namespace Drupal\KernelTests\Core\Updater;
-
-use Drupal\Core\Updater\Updater;
-use Drupal\KernelTests\KernelTestBase;
-
-/**
- * Tests InfoParser class and exception.
- *
- * Files for this test are stored in core/modules/system/tests/fixtures and end
- * with .info.txt instead of info.yml in order not to be considered as real
- * extensions.
- *
- * @group Extension
- */
-class UpdaterTest extends KernelTestBase {
-
-  /**
-   * Tests project and child project showing correct title.
-   *
-   * @see https://drupal.org/node/2409515
-   */
-  public function testGetProjectTitleWithChild(): void {
-    // Get the project title from its directory. If it can't find the title
-    // it will choose the first project title in the directory.
-    $directory = $this->root . '/core/modules/system/tests/modules/module_handler_test_multiple';
-    $title = Updater::getProjectTitle($directory);
-    $this->assertEquals('module handler test multiple', $title);
-  }
-
-}
diff --git a/core/themes/stable9/css/system/system.maintenance.css b/core/themes/stable9/css/system/system.maintenance.css
index efecda7e84808cccef8a22477887c9b0ccfcc658..3e23cd235501cbaf390e5859ab65b508a907b4f3 100644
--- a/core/themes/stable9/css/system/system.maintenance.css
+++ b/core/themes/stable9/css/system/system.maintenance.css
@@ -21,36 +21,3 @@
 .update-results .failure strong {
   color: #b63300;
 }
-
-/**
- * Authorize.php styles
- */
-#edit-submit-connection {
-  clear: both;
-}
-#edit-submit-process,
-.filetransfer {
-  display: none;
-  clear: both;
-}
-.js #edit-submit-connection {
-  display: none;
-}
-.js #edit-submit-process {
-  display: block;
-}
-
-#edit-connection-settings-change-connection-type {
-  margin: 2.6em 0.5em 0 1em; /* LTR */
-}
-[dir="rtl"] #edit-connection-settings-change-connection-type {
-  margin-right: 1em;
-  margin-left: 0.5em;
-}
-
-/**
- * Theme maintenance styles
- */
-.authorize-results__failure {
-  font-weight: bold;
-}
diff --git a/core/themes/stable9/templates/admin/authorize-report.html.twig b/core/themes/stable9/templates/admin/authorize-report.html.twig
deleted file mode 100644
index 2e5a59c0c03bc093c0ac61fc80b0b03febea0eb7..0000000000000000000000000000000000000000
--- a/core/themes/stable9/templates/admin/authorize-report.html.twig
+++ /dev/null
@@ -1,21 +0,0 @@
-{#
-/**
- * @file
- * Theme override for authorize.php operation report templates.
- *
- * This report displays the results of an operation run via authorize.php.
- *
- * Available variables:
- * - messages: A list of result messages.
- * - attributes: HTML attributes for the element.
- *
- * @see template_preprocess_authorize_report()
- */
-#}
-{% if messages %}
-  <div{{ attributes.addClass('authorize-results') }}>
-    {% for message_group in messages %}
-      {{ message_group }}
-    {% endfor %}
-  </div>
-{% endif %}
diff --git a/sites/default/default.settings.php b/sites/default/default.settings.php
index cd364bb00df011358baba3f44726acd6afb542a1..58b4e9df54d14e214f7cd68a452c40f0fde4440d 100644
--- a/sites/default/default.settings.php
+++ b/sites/default/default.settings.php
@@ -475,30 +475,6 @@
  */
 # $settings['class_loader_auto_detect'] = FALSE;
 
-/**
- * Authorized file system operations:
- *
- * The Update Manager module included with Drupal provides a mechanism for
- * site administrators to securely install missing updates for the site
- * directly through the web user interface. On securely-configured servers,
- * the Update manager will require the administrator to provide SSH or FTP
- * credentials before allowing the installation to proceed; this allows the
- * site to update the new files as the user who owns all the Drupal files,
- * instead of as the user the webserver is running as. On servers where the
- * webserver user is itself the owner of the Drupal files, the administrator
- * will not be prompted for SSH or FTP credentials (note that these server
- * setups are common on shared hosting, but are inherently insecure).
- *
- * Some sites might wish to disable the above functionality, and only update
- * the code directly via SSH or FTP themselves. This setting completely
- * disables all functionality related to these authorized file operations.
- *
- * @see https://www.drupal.org/node/244924
- *
- * Remove the leading hash signs to disable.
- */
-# $settings['allow_authorize_operations'] = FALSE;
-
 /**
  * Default mode for directories and files written by Drupal.
  *