This is an n8n community node for Red Hat Dependency Analytics.
Dependency Analytics helps organizations explore the relationships between applications, dependencies, and vulnerabilities by consuming and managing:
- Software Bill of Materials (SBOMs)
- Vulnerability Exploitability eXchange (VEX) data
- Vendor advisories from vulnerability databases
It is designed for DevSecOps teams and developers to better understand and reduce organizational risk exposure.
n8n is a fair-code licensed workflow automation platform.
Installation Operations Credentials Compatibility Usage Resources Version history
Follow the installation guide in the n8n community nodes documentation.
This node currently supports the following operations:
SBOM Operations
- Get SBOM Details: Retrieve metadata for a given SBOM.
- List All SBOMs: Query all SBOMs available in your Dependency Analytics instance.
Advisory & Vulnerability Operations
- List Advisories: Fetch advisories published.
- Get Advisory Details: Retrieve details for a specific advisory (CVE link, publication date, issuer).
- Link Advisories to SBOMs: Query advisories relevant to a specific SBOM.
Search Operations
- Query by SBOM SHA256.
- Integrate Dependency Analytics queries into conditionals for downstream automation.
TO DO
-
Minimum tested n8n version: 1.103.2
-
Node.js: 22.20.0
-
Tested against Dependency Analytics API (latest release)
-
Add the Dependency Analytics node to your n8n workflow
-
Select an operation (e.g., “List SBOMs”)
-
Provide required inputs (e.g., SBOM SHA256)
-
Run the workflow and process the results
1.0.0 – Initial release with SBOM, vulnerability, and advisory operations