Gathering detailed insights and metrics for n8n-nodes-base
Gathering detailed insights and metrics for n8n-nodes-base
Installations
npm install n8n-nodes-baseDeveloper
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
Typescript Support
No
Node Version
18.18.2
NPM Version
9.8.1
Statistics
49,801 Stars
12,514 Commits
8,063 Forks
379 Watching
1,069 Branches
448 Contributors
Updated on 28 Nov 2024
Languages
TypeScript (89.3%)
Vue (8.54%)
SCSS (1.32%)
JavaScript (0.43%)
Handlebars (0.17%)
HTML (0.16%)
Dockerfile (0.03%)
HCL (0.02%)
Shell (0.01%)
Total Downloads
Cumulative downloads
Total Downloads
542,048
Last day
16.2%
891
Compared to previous day
Last week
24%
6,842
Compared to previous week
Last month
-4.5%
30,008
Compared to previous month
Last year
77.2%
233,359
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
62
gmpgicsaws4cronmqttrheauuidxlsxisbotluxonmssqlredisfflateldaptslodashmomentmysql2nanoidsemvertypedixml2jsamqplibcheeriojs-naclkafkajsmongodbotpauthpyodiderfc2047@n8n/vm2chokidarnode-sshshowdowncsv-parsefast-globiso-639-1minifakerbasic-authiconv-litemailparsernodemailerpdfjs-distpg-promiserss-parsersimple-gitchange-caseeventsourceimap-simplepromise-ftptmp-promisejsonwebtokenn8n-workflowpretty-byteslossless-jsonsnowflake-sdkcurrency-codesmoment-timezoneget-system-fontsssh2-sftp-clientnode-html-markdown@kafkajs/confluent-schema-registry
Dev Dependencies
31
gulpn8n-core@types/gm@types/tmp@types/aws4@types/cron@types/uuid@types/mssql@types/redis@types/lodash@types/xml2js@types/amqplib@types/cheerio@types/express@types/js-nacl@types/rfc2047@types/node-ssh@types/showdown@types/basic-auth@types/mailparser@types/mime-types@types/nodemailer@types/eventsource@types/imap-simple@types/promise-ftp@types/jsonwebtoken@types/lossless-json@types/snowflake-sdk@types/ssh2-sftp-clienteslint-plugin-n8n-nodes-base@types/request-promise-native
Versions
n8n - Workflow automation tool
n8n is an extendable workflow automation tool. With a fair-code distribution model, n8n will always have visible source code, be available to self-host, and allow you to add your own custom functions, logic and apps. n8n's node-based approach makes it highly versatile, enabling you to connect anything to everything.
Demo
:tv: A short video (< 5 min) that goes over key concepts of creating workflows in n8n.
Available integrations
n8n has 200+ different nodes to automate workflows. The list can be found on: https://n8n.io/integrations
Documentation
The official n8n documentation can be found on our documentation website
Additional information and example workflows on the n8n.io website
The release notes can be found here and the list of breaking changes here.
Usage
- :books: Learn how to use it from the command line
- :whale: Learn how to run n8n in Docker
Start
You can try n8n without installing it using npx. You must have Node.js installed. From the terminal, run:
npx n8n
This command will download everything that is needed to start n8n. You can then access n8n and start building workflows by opening http://localhost:5678.
n8n cloud
Sign-up for an n8n cloud account.
While n8n cloud and n8n are the same in terms of features, n8n cloud provides certain conveniences such as:
- Not having to set up and maintain your n8n instance
- Managed OAuth for authentication
- Easily upgrading to the newer n8n versions
Build with LangChain and AI in n8n (beta)
With n8n's LangChain nodes you can build AI-powered functionality within your workflows. The LangChain nodes are configurable, meaning you can choose your preferred agent, LLM, memory, and so on. Alongside the LangChain nodes, you can connect any n8n node as normal: this means you can integrate your LangChain logic with other data sources and services.
Learn more in the documentation.
Support
If you have problems or questions go to our forum, we will then try to help you asap:
Jobs
If you are interested in working for n8n and so shape the future of the project check out our job posts
What does n8n mean and how do you pronounce it?
Short answer: It means "nodemation" and it is pronounced as n-eight-n.
Long answer: "I get that question quite often (more often than I expected) so I decided it is probably best to answer it here. While looking for a good name for the project with a free domain I realized very quickly that all the good ones I could think of were already taken. So, in the end, I chose nodemation. 'node-' in the sense that it uses a Node-View and that it uses Node.js and '-mation' for 'automation' which is what the project is supposed to help with. However, I did not like how long the name was and I could not imagine writing something that long every time in the CLI. That is when I then ended up on 'n8n'." - Jan Oberhauser, Founder and CEO, n8n.io
Development setup
Have you found a bug :bug: ? Or maybe you have a nice feature :sparkles: to contribute ? The CONTRIBUTING guide will help you get your development environment ready in minutes.
License
n8n is fair-code distributed under the Sustainable Use License and the n8n Enterprise License.
Proprietary licenses are available for enterprise customers. Get in touch
Additional information about the license model can be found in the docs.
No vulnerabilities found.
Reason
30 commit(s) and 29 issue activity found in the last 90 days -- score normalized to 10
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
packaging workflow detected
Details
- Info: Project packages its releases by way of GitHub Actions.: .github/workflows/docker-base-image.yml:17
Reason
Found 28/29 approved changesets -- score normalized to 9
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
8 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-m5vv-6r4h-3vj9
- Warn: Project is vulnerable to: GHSA-7v5v-9h63-cj86
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-pfq8-rq6v-vf5m
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-wgrm-67xf-hhpq
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release-create-pr.yml:26
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release-publish.yml:115
- Info: topLevel 'contents' permission set to 'read': .github/workflows/benchmark-destroy-nightly.yml:10
- Info: topLevel 'contents' permission set to 'read': .github/workflows/benchmark-nightly.yml:32
- Warn: no topLevel permission defined: .github/workflows/check-documentation-urls.yml:1
- Warn: no topLevel permission defined: .github/workflows/check-pr-title.yml:1
- Warn: no topLevel permission defined: .github/workflows/check-tests.yml:1
- Warn: no topLevel permission defined: .github/workflows/chromatic.yml:1
- Warn: no topLevel permission defined: .github/workflows/ci-master.yml:1
- Warn: no topLevel permission defined: .github/workflows/ci-postgres-mysql.yml:1
- Warn: no topLevel permission defined: .github/workflows/ci-pull-requests.yml:1
- Warn: no topLevel permission defined: .github/workflows/docker-base-image.yml:1
- Warn: no topLevel permission defined: .github/workflows/docker-images-benchmark.yml:1
- Warn: no topLevel permission defined: .github/workflows/docker-images-nightly.yml:1
- Warn: no topLevel permission defined: .github/workflows/e2e-reusable.yml:1
- Warn: no topLevel permission defined: .github/workflows/e2e-tests-pr.yml:1
- Warn: no topLevel permission defined: .github/workflows/e2e-tests.yml:1
- Warn: no topLevel permission defined: .github/workflows/linting-reusable.yml:1
- Warn: no topLevel permission defined: .github/workflows/notify-pr-status.yml:1
- Warn: no topLevel permission defined: .github/workflows/release-create-pr.yml:1
- Warn: no topLevel permission defined: .github/workflows/release-publish.yml:1
- Warn: no topLevel permission defined: .github/workflows/release-push-to-channel.yml:1
- Warn: no topLevel permission defined: .github/workflows/test-workflows.yml:1
- Warn: no topLevel permission defined: .github/workflows/units-tests-dispatch.yml:1
- Warn: no topLevel permission defined: .github/workflows/units-tests-reusable.yml:1
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Info: Possibly incomplete results: error parsing shell code: invalid var name: docker/images/n8n/docker-entrypoint.sh:0
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmark-destroy-nightly.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/benchmark-destroy-nightly.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/benchmark-destroy-nightly.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/benchmark-destroy-nightly.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmark-destroy-nightly.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/benchmark-destroy-nightly.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmark-nightly.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/benchmark-nightly.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/benchmark-nightly.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/benchmark-nightly.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmark-nightly.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/benchmark-nightly.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/benchmark-nightly.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/benchmark-nightly.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/benchmark-nightly.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/benchmark-nightly.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-documentation-urls.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/check-documentation-urls.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-documentation-urls.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/check-documentation-urls.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/check-documentation-urls.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/check-documentation-urls.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-pr-title.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/check-pr-title.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-pr-title.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/check-pr-title.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/check-pr-title.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/check-pr-title.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-tests.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/check-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-tests.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/check-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/chromatic.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/chromatic.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/chromatic.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/chromatic.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/chromatic.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/chromatic.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/chromatic.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/chromatic.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/chromatic.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/chromatic.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/chromatic.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/chromatic.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/chromatic.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/chromatic.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-master.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-master.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-master.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-master.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-master.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-master.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-master.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-master.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-master.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-master.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-postgres-mysql.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-postgres-mysql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-postgres-mysql.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-postgres-mysql.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-postgres-mysql.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-postgres-mysql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-postgres-mysql.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-postgres-mysql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-postgres-mysql.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-postgres-mysql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-postgres-mysql.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-postgres-mysql.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-postgres-mysql.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-postgres-mysql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-postgres-mysql.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-postgres-mysql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-postgres-mysql.yml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-postgres-mysql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-postgres-mysql.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-postgres-mysql.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-postgres-mysql.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-postgres-mysql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-postgres-mysql.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-postgres-mysql.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-postgres-mysql.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-postgres-mysql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-postgres-mysql.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-postgres-mysql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-postgres-mysql.yml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-postgres-mysql.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-postgres-mysql.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-postgres-mysql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-postgres-mysql.yml:132: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-postgres-mysql.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-postgres-mysql.yml:138: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-postgres-mysql.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-postgres-mysql.yml:154: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-postgres-mysql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-pull-requests.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-pull-requests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-pull-requests.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-pull-requests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-pull-requests.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-pull-requests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-pull-requests.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/ci-pull-requests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-base-image.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/docker-base-image.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-base-image.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/docker-base-image.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-base-image.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/docker-base-image.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-base-image.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/docker-base-image.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-base-image.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/docker-base-image.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-base-image.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/docker-base-image.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-images-benchmark.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/docker-images-benchmark.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-images-benchmark.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/docker-images-benchmark.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-images-benchmark.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/docker-images-benchmark.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-images-benchmark.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/docker-images-benchmark.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-images-benchmark.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/docker-images-benchmark.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-images-nightly.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/docker-images-nightly.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-images-nightly.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/docker-images-nightly.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-images-nightly.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/docker-images-nightly.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-images-nightly.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/docker-images-nightly.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-images-nightly.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/docker-images-nightly.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-images-nightly.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/docker-images-nightly.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-reusable.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/e2e-reusable.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-reusable.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/e2e-reusable.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-reusable.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/e2e-reusable.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-reusable.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/e2e-reusable.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-reusable.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/e2e-reusable.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-reusable.yml:138: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/e2e-reusable.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-reusable.yml:141: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/e2e-reusable.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-reusable.yml:153: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/e2e-reusable.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests-pr.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/e2e-tests-pr.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-tests-pr.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/e2e-tests-pr.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-tests-pr.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/e2e-tests-pr.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-tests-pr.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/e2e-tests-pr.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-tests.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/e2e-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linting-reusable.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/linting-reusable.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linting-reusable.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/linting-reusable.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/linting-reusable.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/linting-reusable.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linting-reusable.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/linting-reusable.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-create-pr.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/release-create-pr.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-create-pr.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/release-create-pr.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-create-pr.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/release-create-pr.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-publish.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/release-publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-publish.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/release-publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-publish.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/release-publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-publish.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/release-publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-publish.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/release-publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-publish.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/release-publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-publish.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/release-publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-publish.yml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/release-publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-publish.yml:141: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/release-publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-publish.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/release-publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-publish.yml:155: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/release-publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-publish.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/release-publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-publish.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/release-publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-publish.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/release-publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-push-to-channel.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/release-push-to-channel.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-push-to-channel.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/release-push-to-channel.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-push-to-channel.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/release-push-to-channel.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-workflows.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/test-workflows.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-workflows.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/test-workflows.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-workflows.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/test-workflows.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-workflows.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/test-workflows.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/units-tests-reusable.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/units-tests-reusable.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/units-tests-reusable.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/units-tests-reusable.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/units-tests-reusable.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/units-tests-reusable.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/units-tests-reusable.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/units-tests-reusable.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/units-tests-reusable.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/n8n-io/n8n/units-tests-reusable.yml/master?enable=pin
- Warn: containerImage not pinned by hash: .devcontainer/Dockerfile:1: pin your Docker image by updating n8nio/base:20 to n8nio/base:20@sha256:a65eb8eb100383caac49bc811f090affe98857ecd77302db676eb49cb4a94cb6
- Warn: containerImage not pinned by hash: docker/images/n8n-base/Dockerfile:4
- Warn: containerImage not pinned by hash: docker/images/n8n-base/Dockerfile:30
- Warn: containerImage not pinned by hash: docker/images/n8n-custom/Dockerfile:4
- Warn: containerImage not pinned by hash: docker/images/n8n-custom/Dockerfile:24
- Warn: containerImage not pinned by hash: docker/images/n8n/Dockerfile:2
- Warn: containerImage not pinned by hash: packages/@n8n/benchmark/Dockerfile:2
- Warn: containerImage not pinned by hash: packages/@n8n/benchmark/Dockerfile:25
- Warn: containerImage not pinned by hash: packages/@n8n/benchmark/Dockerfile:56
- Warn: npmCommand not pinned by hash: docker/images/n8n-base/Dockerfile:19
- Warn: npmCommand not pinned by hash: docker/images/n8n/Dockerfile:16-23
- Warn: npmCommand not pinned by hash: packages/@n8n/benchmark/scripts/bootstrap.sh:63
- Warn: npmCommand not pinned by hash: .github/workflows/check-documentation-urls.yml:32
- Warn: npmCommand not pinned by hash: .github/workflows/check-tests.yml:28
- Warn: npmCommand not pinned by hash: .github/workflows/release-create-pr.yml:44
- Info: 0 out of 57 GitHub-owned GitHubAction dependencies pinned
- Info: 1 out of 58 third-party GitHubAction dependencies pinned
- Info: 0 out of 9 containerImage dependencies pinned
- Info: 0 out of 6 npmCommand dependencies pinned
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 29 are checked with a SAST tool
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Score
5.9
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More