Automic VaultAutomic Vault

brew

Install node-red with Homebrew, Nix

Low-code programming for event-driven applications. Version 5.0.1 via Homebrew; verified 2026-07-02.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install node-red

local Homebrew formula metadata

Linux

Nixverified · 92%
nix profile install nixpkgs#node-red

nixpkgs package indexes · pkgs/by-name/no/node-red/package.nix · source: api.github.com

overview

Package summary

Low-code programming for event-driven applications

Commands and aliases

  • node-red
  • node-red-pi

history

Project history and usage

Node-RED is a flow-based, low-code programming tool for event-driven applications. Its own site frames it as a way to collect, transform, and visualize real-time data, with a browser editor, Node.js runtime, JSON flow files, and a community library of more than 5,000 nodes and flows.

Project history

Node-RED began in early 2013 as a side project by Nick O'Leary and Dave Conway-Jones in IBM's Emerging Technology Services group. The original proof of concept visualized and manipulated mappings between MQTT topics, then grew into a general-purpose tool for wiring hardware devices, APIs, online services, and application logic.

Adoption history

The project was open-sourced in September 2013 and became one of the founding JS Foundation projects in October 2016. The Node.js Foundation and JS Foundation later merged into the OpenJS Foundation in 2019, giving Node-RED a vendor-neutral home alongside other JavaScript ecosystem projects.

A major adoption moment came on 25 November 2015, when Node-RED announced that the November 2015 Raspbian Jessie image shipped with Node-RED pre-installed and that it was also available through the Raspbian Jessie APT repositories. That helped push it into Raspberry Pi, home automation, education, and industrial IoT workflows.

How it is used

Homebrew users install it with `brew install node-red` and run the `node-red` command, then open the editor at `http://localhost:1880`. Node-RED's local install docs also show the npm path with `npm install -g node-red`, Docker via `docker run -it -p 1880:1880 --name mynodered nodered/node-red`, and command-line flags such as `--settings`, `--userDir`, `--port`, and `--safe`.

Why package nerds care

Node-RED sits in a funny and useful place for package people: it is a Node.js app, a visual programming environment, and a runtime for long-lived flows. The package pulls in the usual Node dependency world, but its users often think in deployed flow files, credentials files, palettes, and hardware-adjacent integrations rather than in conventional application source trees.

Homebrew Formulae lists node-red 5.0.0 and reports 1,044 installs over 365 days. That is small compared with npm usage, but it is a convenient macOS/Linux package-manager path for local flow development and lightweight automation boxes.

Related projects

  • Node.js
  • OpenJS Foundation
  • Raspberry Pi
  • FlowFuse
  • MQTT

security posture

Risk level: orange

formula declares a Homebrew service.

Risk classifier

orange risk · medium confidence · infrastructure

Why

  • formula declares a Homebrew service

Signals

  • metadata:service

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Formula metadata declares a service or daemon block.
  • Homebrew bottle metadata is available for 6 platform targets.
  • Installs with 1 runtime dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Configuration files

Config paths the tool may read or write during local use.

Unix
~/.node-red/settings.js
Windows
%HOMEPATH%\.node-red\settings.js

Credential files

Credential-bearing paths to review before unattended agent runs.

Unix
~/.node-red/flows_<hostname>_cred.json
Windows
%HOMEPATH%\.node-red\flows_<hostname>_cred.json

executables

Installed executables

CommandKindExposureNote
node-redcliglobal executable
node-red-picliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version5.0.1
manager updated2026-07-02
local dataok
upstreamnot checked
latest detectednot detected

https://nodered.org/

  • infoRelease/tag comparison is only available for GitHub repositories.https://nodered.org/none confidence

install metadata

Package metadata

Package keybrew:node-red
Version5.0.1
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/node-red
Homepagehttps://nodered.org/
Repositoryhttps://github.com/node-red/node-red
Upstream docshttps://nodered.org/docs
LicenseApache-2.0
Source archivehttps://registry.npmjs.org/node-red/-/node-red-5.0.1.tgz
Last updated2026-07-02T16:40:50Z
Pulseupdated
Dependenciesnode
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicedeclared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namenode-red
Version Scheme0
Revision0
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Nix95%

node-red

nix profile install nixpkgs#node-red
  • normalized package name match
  • Matched by: Node Red
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/no/node-red/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment