This isn't a myth. Drupal _is_ a moving target. It sounds to me like you want to change the docs from how things are to your vision of how things should be. That would make the docs inaccurate as the policy isn't going to suddenly change because a doc page does.

As far as I know, the OOP policy hasn't changed, either, but I'm not deep enough into dev to know for sure. What's wrong with the security policy? The rest of your post is just a complaint about Drupal breaking backwards compatability and doesn't actually explain what you think is obsolete about either the OOP or security policies.

Michelle