Fixed #34056 -- Updated the list of common passwords for CommonPasswordValidator.

django/contrib/auth/password_validation.py

@@ -221,7 +221,7 @@ class CommonPasswordValidator:
     The password is rejected if it occurs in a provided list of passwords,
     which may be gzipped. The list Django ships with contains 20000 common
     passwords (lowercased and deduplicated), created by Royce Williams:
-    https://gist.github.com/roycewilliams/281ce539915a947a23db17137d91aeb7
+    https://gist.github.com/roycewilliams/226886fd01572964e1431ac8afc999ce
     The password list must be lowercased to match the comparison in validate().
     """
 

docs/releases/4.2.txt

@@ -274,7 +274,8 @@ Utilities
 Validators
 ~~~~~~~~~~
 
-* ...
+* The list of common passwords used by ``CommonPasswordValidator`` is updated
+  to the most recent version.
 
 .. _backwards-incompatible-4.2:
 

docs/topics/auth/passwords.txt

@@ -615,12 +615,17 @@ Django includes four validators:
     Validates that the password is not a common password. This converts the
     password to lowercase (to do a case-insensitive comparison) and checks it
     against a list of 20,000 common password created by `Royce Williams
-    <https://gist.github.com/roycewilliams/281ce539915a947a23db17137d91aeb7>`_.
+    <https://gist.github.com/roycewilliams/226886fd01572964e1431ac8afc999ce>`_.
 
     The ``password_list_path`` can be set to the path of a custom file of
     common passwords. This file should contain one lowercase password per line
     and may be plain text or gzipped.
 
+    .. versionchanged:: 4.2
+
+        The list of 20,000 common passwords was updated to the most recent
+        version.
+
 .. class:: NumericPasswordValidator()
 
     Validate that the password is not entirely numeric.