From 0c53e145eec9fd9768e91239ca1d7cca1ad393f7 Mon Sep 17 00:00:00 2001 From: Martin Helmich Date: Thu, 2 Jul 2026 22:12:31 +0200 Subject: [PATCH 1/2] docs(app): note admin password complexity policy on --admin-pass The --admin-pass flag help now mentions that the administrator password must satisfy the platform's password-complexity policy, which may vary by application, so a too-weak password can be rejected by the API. Closes #1968 Co-Authored-By: Claude Opus 4.8 --- src/lib/resources/app/flags.tsx | 1 + 1 file changed, 1 insertion(+) diff --git a/src/lib/resources/app/flags.tsx b/src/lib/resources/app/flags.tsx index d2cea76b8..33a89391b 100644 --- a/src/lib/resources/app/flags.tsx +++ b/src/lib/resources/app/flags.tsx @@ -107,6 +107,7 @@ function buildFlagsWithDescription(appName: string): AvailableFlags { required: false, summary: "password of your administrator user.", description: `The password that will be used for the first administrator user that is created during the ${appName} installation. + The password must satisfy the platform's password-complexity policy, which may vary depending on the application; a password that is too weak (for example too short, or missing a mix of character types) may be rejected by the API. If unspecified, a random secure password will be generated and printed to stdout. This password can be changed after the installation is finished`, default: undefined, }), From 1423015a244a24ff484ec6af2c6e35e9061d206d Mon Sep 17 00:00:00 2001 From: martin-helmich <2538958+martin-helmich@users.noreply.github.com> Date: Thu, 2 Jul 2026 20:13:39 +0000 Subject: [PATCH 2/2] chore: re-generate README --- docs/app.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/docs/app.md b/docs/app.md index 0b5b7e11c..889bf8e10 100644 --- a/docs/app.md +++ b/docs/app.md @@ -760,6 +760,8 @@ FLAG DESCRIPTIONS --admin-pass= password of your administrator user. The password that will be used for the first administrator user that is created during the Contao installation. + The password must satisfy the platform's password-complexity policy, which may vary depending on the application; a + password that is too weak (for example too short, or missing a mix of character types) may be rejected by the API. If unspecified, a random secure password will be generated and printed to stdout. This password can be changed after the installation is finished @@ -863,6 +865,8 @@ FLAG DESCRIPTIONS --admin-pass= password of your administrator user. The password that will be used for the first administrator user that is created during the Joomla! installation. + The password must satisfy the platform's password-complexity policy, which may vary depending on the application; a + password that is too weak (for example too short, or missing a mix of character types) may be rejected by the API. If unspecified, a random secure password will be generated and printed to stdout. This password can be changed after the installation is finished @@ -951,6 +955,8 @@ FLAG DESCRIPTIONS --admin-pass= password of your administrator user. The password that will be used for the first administrator user that is created during the Matomo installation. + The password must satisfy the platform's password-complexity policy, which may vary depending on the application; a + password that is too weak (for example too short, or missing a mix of character types) may be rejected by the API. If unspecified, a random secure password will be generated and printed to stdout. This password can be changed after the installation is finished @@ -1040,6 +1046,8 @@ FLAG DESCRIPTIONS --admin-pass= password of your administrator user. The password that will be used for the first administrator user that is created during the Nextcloud installation. + The password must satisfy the platform's password-complexity policy, which may vary depending on the application; a + password that is too weak (for example too short, or missing a mix of character types) may be rejected by the API. If unspecified, a random secure password will be generated and printed to stdout. This password can be changed after the installation is finished @@ -1148,6 +1156,8 @@ FLAG DESCRIPTIONS --admin-pass= password of your administrator user. The password that will be used for the first administrator user that is created during the Shopware 5 installation. + The password must satisfy the platform's password-complexity policy, which may vary depending on the application; a + password that is too weak (for example too short, or missing a mix of character types) may be rejected by the API. If unspecified, a random secure password will be generated and printed to stdout. This password can be changed after the installation is finished @@ -1273,6 +1283,8 @@ FLAG DESCRIPTIONS --admin-pass= password of your administrator user. The password that will be used for the first administrator user that is created during the Shopware 6 installation. + The password must satisfy the platform's password-complexity policy, which may vary depending on the application; a + password that is too weak (for example too short, or missing a mix of character types) may be rejected by the API. If unspecified, a random secure password will be generated and printed to stdout. This password can be changed after the installation is finished @@ -1380,6 +1392,8 @@ FLAG DESCRIPTIONS --admin-pass= password of your administrator user. The password that will be used for the first administrator user that is created during the TYPO3 installation. + The password must satisfy the platform's password-complexity policy, which may vary depending on the application; a + password that is too weak (for example too short, or missing a mix of character types) may be rejected by the API. If unspecified, a random secure password will be generated and printed to stdout. This password can be changed after the installation is finished @@ -1475,6 +1489,8 @@ FLAG DESCRIPTIONS --admin-pass= password of your administrator user. The password that will be used for the first administrator user that is created during the WordPress installation. + The password must satisfy the platform's password-complexity policy, which may vary depending on the application; a + password that is too weak (for example too short, or missing a mix of character types) may be rejected by the API. If unspecified, a random secure password will be generated and printed to stdout. This password can be changed after the installation is finished