The Red Hat Dependency Analytics node empowers DevSecOps teams and developers to automate vulnerability tracking and risk management directly within n8n.
By consuming and managing Software Bill of Materials (SBOMs), Vulnerability Exploitability eXchange (VEX) data, and Vendor advisories, this node helps you better understand and reduce your organizational risk exposure.
Key Operations:
This node mirrors the Dependency Analytics API, providing three main operation groups:
- SBOM Operations: Retrieve metadata for a single SBOM by its SHA or list multiple SBOMs in your instance.
- Advisory Operations: Fetch specific advisories, list them, or use the Analyze feature to resolve advisories for supplied packages via PURLs or an SBOM SHA.
- Vulnerability Operations: Retrieve a single vulnerability record (e.g., by CVE) or fetch a list of vulnerability records.
Features:
- Sorting & Limits: Easily sort through your fetched data (by published date, severity, score, etc.) and limit result counts to keep your workflows efficient.
- Output Modes: Choose between Simplified (minimal payloads perfect for chaining nodes or AI tools), Raw (full API response), or Selected Fields to extract exactly what you need.
Authentication:
This node supports Client Credentials OAuth2 authentication. You can connect to:
- RHTPA Cloud Services: Using a Client ID and Secret provided by the RHTPA team.
- On-Premise Trustify: Using a confidential client configured in your SSO provider.
Documentation:
For full installation guides, advanced usage, and version history, please refer to the n8n-nodes-dependency-analytics GitHub Repository- https://github.com/a-oren/n8n-nodes-dependency-analytics?tab=readme-ov-file#n8n-nodes-dependency-analytics.
