Node-RED 4.1.11 has been published.
This contains a number of minor bug fixes in the editor, removes some stray logging that slipped into 4.1.10 and keeps dependencies up to date.
That said, we're aware of the current audit warnings when installing NR 4.1.10/11. These are related to an upstream dependency that hasn't yet published an update of its own to resolve. We will look at options to resolve this, but we don't believe the issues are a direct concern to Node-RED end-users.
One set of fixes to highlight is with the Projects feature. We've tightened up validation on the api used to interact with the underlying git version control tool. This closes a potential security issue around untrusted user input to the projects API. This is only relevant if you host Node-RED for third-parties and make use of the projects feature. Otherwise, it's business as usual.
Full change log: Release 4.1.11: Maintenance Release · node-red/node-red · GitHub
Docker containers are building as I type.
