From 9e7c787a8acbcff3225a25c93f420d2d569063d4 Mon Sep 17 00:00:00 2001
From: Margaret Eker <meker@adobe.com>
Date: Mon, 11 May 2026 10:20:54 -0500
Subject: [PATCH 1/3] Revise backward-incompatible changes for 2.4.9

Updated the version from 2.4.9-beta1 to 2.4.9 and added details about new admin password length validation and its impact.
---
 .../backward-incompatible-changes/index.md    | 20 +++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

diff --git a/src/pages/development/backward-incompatible-changes/index.md b/src/pages/development/backward-incompatible-changes/index.md
index a99da28bf..aade0675b 100644
--- a/src/pages/development/backward-incompatible-changes/index.md
+++ b/src/pages/development/backward-incompatible-changes/index.md
@@ -9,9 +9,9 @@ keywords:
 
 This page highlights backward-incompatible changes between Adobe Commerce and Magento Open Source releases that have a major impact and require detailed explanation and special instructions to ensure third-party modules continue working. High-level reference information for all backward-incompatible changes in each release is documented in the [reference](reference.md) section.
 
-## 2.4.9-beta1
+## 2.4.9
 
-The following major backward-incompatible changes were introduced in the 2.4.9-beta1 Adobe Commerce and Magento Open Source releases:
+The following major backward-incompatible changes were introduced in the 2.4.9 Adobe Commerce and Magento Open Source releases:
 
 * GraphQL alias limit validation
 * GraphQL query length validation
@@ -21,6 +21,22 @@ The following major backward-incompatible changes were introduced in the 2.4.9-b
 * Valkey 8.x CLI command
 * Zend_Cache replaced with symfony/cache
 
+
+### Admin Password Length Validation
+
+A new Admin configuration setting enables validation of minimum password length for admin users. Administrators can now set this requirement via **[!UICONTROL Stores > Configuration > Advanced > Admin > Security]**. The validation is enforced during admin user create or update operations and configuration saves, with real-time frontend feedback for improved user experience.
+
+**Impact:**
+
+* Only custom or non-standard admin user creation flows are impacted if they do not comply with the new minimum password length requirement
+* No impact is expected on normal admin usage if passwords meet the configured minimum length
+* The default minimum length can be adjusted in configuration as needed
+* A constructor was added to the `Magento\User\Model\UserValidationRules.php` file to support this feature; EAT report shows zero affected modules
+
+**Action required:**
+
+No action is required for typical usage. To adjust the minimum password length, use the system configuration path `admin/security/minimum_password_length` in **[!UICONTRL Stores > Configuration > Advanced > Admin > Security]**. \<!--AC-15249--\>
+
 ### GraphQL alias limit validation
 
 Validation was added to limit the number of aliases in GraphQL requests to ten. This limit prevents denial of service or resource degradation from excessive aliases. Previously, there was no limit on the number of aliases in a GraphQL request.\<!--AC-14701--\>

From 5f1aa0c5a10d51359ed712ee4a48223e89fea483 Mon Sep 17 00:00:00 2001
From: Margaret Eker <meker@adobe.com>
Date: Mon, 11 May 2026 10:55:15 -0500
Subject: [PATCH 2/3] Remove unnecessary newline in backward-incompatible
 changes documentation for 2.4.9

---
 src/pages/development/backward-incompatible-changes/index.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/pages/development/backward-incompatible-changes/index.md b/src/pages/development/backward-incompatible-changes/index.md
index aade0675b..d618d2ed8 100644
--- a/src/pages/development/backward-incompatible-changes/index.md
+++ b/src/pages/development/backward-incompatible-changes/index.md
@@ -21,7 +21,6 @@ The following major backward-incompatible changes were introduced in the 2.4.9 A
 * Valkey 8.x CLI command
 * Zend_Cache replaced with symfony/cache
 
-
 ### Admin Password Length Validation
 
 A new Admin configuration setting enables validation of minimum password length for admin users. Administrators can now set this requirement via **[!UICONTROL Stores > Configuration > Advanced > Admin > Security]**. The validation is enforced during admin user create or update operations and configuration saves, with real-time frontend feedback for improved user experience.

From 8eb67798cb12539c20d07c1ec56b41585a08f4e7 Mon Sep 17 00:00:00 2001
From: Margaret Eker <meker@adobe.com>
Date: Mon, 11 May 2026 15:58:13 -0500
Subject: [PATCH 3/3] Apply suggestions from code review

Address review feedback.

Co-authored-by: Dima Shevtsov <12731225+dshevtsov@users.noreply.github.com>
---
 src/pages/development/backward-incompatible-changes/index.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/pages/development/backward-incompatible-changes/index.md b/src/pages/development/backward-incompatible-changes/index.md
index d618d2ed8..0fed59ad4 100644
--- a/src/pages/development/backward-incompatible-changes/index.md
+++ b/src/pages/development/backward-incompatible-changes/index.md
@@ -23,7 +23,7 @@ The following major backward-incompatible changes were introduced in the 2.4.9 A
 
 ### Admin Password Length Validation
 
-A new Admin configuration setting enables validation of minimum password length for admin users. Administrators can now set this requirement via **[!UICONTROL Stores > Configuration > Advanced > Admin > Security]**. The validation is enforced during admin user create or update operations and configuration saves, with real-time frontend feedback for improved user experience.
+A new Admin configuration setting enables validation of minimum password length for admin users. Administrators can now set this requirement via **Stores > Configuration > Advanced > Admin > Security**. The validation is enforced during admin user create or update operations and configuration saves, with real-time frontend feedback for improved user experience.
 
 **Impact:**
 
@@ -34,7 +34,7 @@ A new Admin configuration setting enables validation of minimum password length
 
 **Action required:**
 
-No action is required for typical usage. To adjust the minimum password length, use the system configuration path `admin/security/minimum_password_length` in **[!UICONTRL Stores > Configuration > Advanced > Admin > Security]**. \<!--AC-15249--\>
+No action is required for typical usage. To adjust the minimum password length, use the system configuration path `admin/security/minimum_password_length` in **Stores > Configuration > Advanced > Admin > Security**. \<!--AC-15249--\>
 
 ### GraphQL alias limit validation