Bad practices all around

I think there's an important difference between "cryptographic agility" and the ability to upgrade a protocol? Cryptographic agility as an idea is, to me, very much still dead. And it keeps getting deader with more robust primitives and complex cryptosystems where you absolutely could not just swap out a primitive without a complete reevaluation of the whole system.

However that is different from not giving yourself any way of upgrading a protocol in the future, which is always a bad idea regardless of cryptography. You can still just have a version 2 which swaps out the crypto for another construction you've decided you like better. You don't need to make every client create a tier list of their favorite hash functions or play spot-the-difference in a list of block cipher modes for that.