vanta-auditor-api-sdk 0.6.1 → 0.6.3

package/src/funcs/auditsListRiskSnapshots.ts

@@ -0,0 +1,188 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { VantaCore } from "../core.js";
+import { encodeFormQuery, encodeSimple } from "../lib/encodings.js";
+import { matchStatusCode } from "../lib/http.js";
+import * as M from "../lib/matchers.js";
+import { compactMap } from "../lib/primitives.js";
+import { safeParse } from "../lib/schemas.js";
+import { RequestOptions } from "../lib/sdks.js";
+import { extractSecurity, resolveGlobalSecurity } from "../lib/security.js";
+import { pathToFunc } from "../lib/url.js";
+import * as components from "../models/components/index.js";
+import {
+  ConnectionError,
+  InvalidRequestError,
+  RequestAbortedError,
+  RequestTimeoutError,
+  UnexpectedClientError,
+} from "../models/errors/httpclienterrors.js";
+import { ResponseValidationError } from "../models/errors/responsevalidationerror.js";
+import { SDKValidationError } from "../models/errors/sdkvalidationerror.js";
+import { VantaError } from "../models/errors/vantaerror.js";
+import * as operations from "../models/operations/index.js";
+import { APICall, APIPromise } from "../types/async.js";
+import { Result } from "../types/fp.js";
+
+/**
+ * List risk snapshots for an audit
+ *
+ * @remarks
+ * Returns a paginated list of risk assessment snapshots available for an audit.
+ *
+ * Risk snapshots capture the state of an organization's risk register at a
+ * point in time. Each snapshot has an `id` that can be used with the
+ * `/audits/{auditId}/risks` endpoint to retrieve the individual risk
+ * scenarios within that snapshot.
+ *
+ * Results are sorted by creation date (newest first). This sort order is
+ * fixed and cannot be customized via query parameters. Only snapshots
+ * that are shared with auditors are included.
+ *
+ * Uses cursor-based pagination. To paginate:
+ * 1. Make initial request with desired `pageSize`
+ * 2. Check `results.pageInfo.hasNextPage`
+ * 3. Use `results.pageInfo.endCursor` as `pageCursor` for next request
+ */
+export function auditsListRiskSnapshots(
+  client: VantaCore,
+  request: operations.ListRiskSnapshotsRequest,
+  options?: RequestOptions,
+): APIPromise<
+  Result<
+    components.PaginatedResponseRiskSnapshot,
+    | VantaError
+    | ResponseValidationError
+    | ConnectionError
+    | RequestAbortedError
+    | RequestTimeoutError
+    | InvalidRequestError
+    | UnexpectedClientError
+    | SDKValidationError
+  >
+> {
+  return new APIPromise($do(
+    client,
+    request,
+    options,
+  ));
+}
+
+async function $do(
+  client: VantaCore,
+  request: operations.ListRiskSnapshotsRequest,
+  options?: RequestOptions,
+): Promise<
+  [
+    Result<
+      components.PaginatedResponseRiskSnapshot,
+      | VantaError
+      | ResponseValidationError
+      | ConnectionError
+      | RequestAbortedError
+      | RequestTimeoutError
+      | InvalidRequestError
+      | UnexpectedClientError
+      | SDKValidationError
+    >,
+    APICall,
+  ]
+> {
+  const parsed = safeParse(
+    request,
+    (value) => operations.ListRiskSnapshotsRequest$outboundSchema.parse(value),
+    "Input validation failed",
+  );
+  if (!parsed.ok) {
+    return [parsed, { status: "invalid" }];
+  }
+  const payload = parsed.value;
+  const body = null;
+
+  const pathParams = {
+    auditId: encodeSimple("auditId", payload.auditId, {
+      explode: false,
+      charEncoding: "percent",
+    }),
+  };
+  const path = pathToFunc("/audits/{auditId}/risks/snapshots")(pathParams);
+
+  const query = encodeFormQuery({
+    "pageCursor": payload.pageCursor,
+    "pageSize": payload.pageSize,
+  });
+
+  const headers = new Headers(compactMap({
+    Accept: "application/json",
+  }));
+
+  const secConfig = await extractSecurity(client._options.bearerAuth);
+  const securityInput = secConfig == null ? {} : { bearerAuth: secConfig };
+  const requestSecurity = resolveGlobalSecurity(securityInput);
+
+  const context = {
+    options: client._options,
+    baseURL: options?.serverURL ?? client._baseURL ?? "",
+    operationID: "ListRiskSnapshots",
+    oAuth2Scopes: null,
+
+    resolvedSecurity: requestSecurity,
+
+    securitySource: client._options.bearerAuth,
+    retryConfig: options?.retries
+      || client._options.retryConfig
+      || { strategy: "none" },
+    retryCodes: options?.retryCodes || ["429", "500", "502", "503", "504"],
+  };
+
+  const requestRes = client._createRequest(context, {
+    security: requestSecurity,
+    method: "GET",
+    baseURL: options?.serverURL,
+    path: path,
+    headers: headers,
+    query: query,
+    body: body,
+    userAgent: client._options.userAgent,
+    timeoutMs: options?.timeoutMs || client._options.timeoutMs || -1,
+  }, options);
+  if (!requestRes.ok) {
+    return [requestRes, { status: "invalid" }];
+  }
+  const req = requestRes.value;
+
+  const doResult = await client._do(req, {
+    context,
+    isErrorStatusCode: (statusCode: number) =>
+      matchStatusCode({ status: statusCode } as Response, ["4XX", "5XX"]),
+    retryConfig: context.retryConfig,
+    retryCodes: context.retryCodes,
+  });
+  if (!doResult.ok) {
+    return [doResult, { status: "request-error", request: req }];
+  }
+  const response = doResult.value;
+
+  const [result] = await M.match<
+    components.PaginatedResponseRiskSnapshot,
+    | VantaError
+    | ResponseValidationError
+    | ConnectionError
+    | RequestAbortedError
+    | RequestTimeoutError
+    | InvalidRequestError
+    | UnexpectedClientError
+    | SDKValidationError
+  >(
+    M.json(200, components.PaginatedResponseRiskSnapshot$inboundSchema),
+    M.fail("4XX"),
+    M.fail("5XX"),
+  )(response, req);
+  if (!result.ok) {
+    return [result, { status: "complete", request: req, response }];
+  }
+
+  return [result, { status: "complete", request: req, response }];
+}

package/src/funcs/auditsListVendors.ts

@@ -0,0 +1,196 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import { VantaCore } from "../core.js";
+import { encodeFormQuery, encodeSimple } from "../lib/encodings.js";
+import { matchStatusCode } from "../lib/http.js";
+import * as M from "../lib/matchers.js";
+import { compactMap } from "../lib/primitives.js";
+import { safeParse } from "../lib/schemas.js";
+import { RequestOptions } from "../lib/sdks.js";
+import { extractSecurity, resolveGlobalSecurity } from "../lib/security.js";
+import { pathToFunc } from "../lib/url.js";
+import * as components from "../models/components/index.js";
+import {
+  ConnectionError,
+  InvalidRequestError,
+  RequestAbortedError,
+  RequestTimeoutError,
+  UnexpectedClientError,
+} from "../models/errors/httpclienterrors.js";
+import { ResponseValidationError } from "../models/errors/responsevalidationerror.js";
+import { SDKValidationError } from "../models/errors/sdkvalidationerror.js";
+import { VantaError } from "../models/errors/vantaerror.js";
+import * as operations from "../models/operations/index.js";
+import { APICall, APIPromise } from "../types/async.js";
+import { Result } from "../types/fp.js";
+
+/**
+ * List vendors for an audit
+ *
+ * @remarks
+ * Retrieves vendor population data for an audit.
+ *
+ * This endpoint provides access to vendor records visible to auditors
+ * during an audit engagement.
+ *
+ * Supports filtering by:
+ * - `search`: Searches vendor names (case-insensitive)
+ * - `vendorStatusesMatchesAny`: Filters by vendor status (ACTIVE, ARCHIVED, IN_PROCUREMENT)
+ * - `inherentRiskMatchesAny`: Filters by inherent risk level
+ *
+ * Results are sorted by name (ascending) by default.
+ * Use `orderBy` and `orderDirection` to customize sorting.
+ * Sort parameters must remain consistent across paginated requests.
+ *
+ * Uses cursor-based pagination. To paginate:
+ * 1. Make initial request with desired `pageSize`
+ * 2. Check `results.pageInfo.hasNextPage`
+ * 3. Use `results.pageInfo.endCursor` as `pageCursor` for next request
+ */
+export function auditsListVendors(
+  client: VantaCore,
+  request: operations.ListVendorsRequest,
+  options?: RequestOptions,
+): APIPromise<
+  Result<
+    components.PaginatedResponseAuditVendor,
+    | VantaError
+    | ResponseValidationError
+    | ConnectionError
+    | RequestAbortedError
+    | RequestTimeoutError
+    | InvalidRequestError
+    | UnexpectedClientError
+    | SDKValidationError
+  >
+> {
+  return new APIPromise($do(
+    client,
+    request,
+    options,
+  ));
+}
+
+async function $do(
+  client: VantaCore,
+  request: operations.ListVendorsRequest,
+  options?: RequestOptions,
+): Promise<
+  [
+    Result<
+      components.PaginatedResponseAuditVendor,
+      | VantaError
+      | ResponseValidationError
+      | ConnectionError
+      | RequestAbortedError
+      | RequestTimeoutError
+      | InvalidRequestError
+      | UnexpectedClientError
+      | SDKValidationError
+    >,
+    APICall,
+  ]
+> {
+  const parsed = safeParse(
+    request,
+    (value) => operations.ListVendorsRequest$outboundSchema.parse(value),
+    "Input validation failed",
+  );
+  if (!parsed.ok) {
+    return [parsed, { status: "invalid" }];
+  }
+  const payload = parsed.value;
+  const body = null;
+
+  const pathParams = {
+    auditId: encodeSimple("auditId", payload.auditId, {
+      explode: false,
+      charEncoding: "percent",
+    }),
+  };
+  const path = pathToFunc("/audits/{auditId}/managed-vendors")(pathParams);
+
+  const query = encodeFormQuery({
+    "inherentRiskMatchesAny": payload.inherentRiskMatchesAny,
+    "orderBy": payload.orderBy,
+    "orderDirection": payload.orderDirection,
+    "pageCursor": payload.pageCursor,
+    "pageSize": payload.pageSize,
+    "search": payload.search,
+    "vendorStatusesMatchesAny": payload.vendorStatusesMatchesAny,
+  });
+
+  const headers = new Headers(compactMap({
+    Accept: "application/json",
+  }));
+
+  const secConfig = await extractSecurity(client._options.bearerAuth);
+  const securityInput = secConfig == null ? {} : { bearerAuth: secConfig };
+  const requestSecurity = resolveGlobalSecurity(securityInput);
+
+  const context = {
+    options: client._options,
+    baseURL: options?.serverURL ?? client._baseURL ?? "",
+    operationID: "ListVendors",
+    oAuth2Scopes: null,
+
+    resolvedSecurity: requestSecurity,
+
+    securitySource: client._options.bearerAuth,
+    retryConfig: options?.retries
+      || client._options.retryConfig
+      || { strategy: "none" },
+    retryCodes: options?.retryCodes || ["429", "500", "502", "503", "504"],
+  };
+
+  const requestRes = client._createRequest(context, {
+    security: requestSecurity,
+    method: "GET",
+    baseURL: options?.serverURL,
+    path: path,
+    headers: headers,
+    query: query,
+    body: body,
+    userAgent: client._options.userAgent,
+    timeoutMs: options?.timeoutMs || client._options.timeoutMs || -1,
+  }, options);
+  if (!requestRes.ok) {
+    return [requestRes, { status: "invalid" }];
+  }
+  const req = requestRes.value;
+
+  const doResult = await client._do(req, {
+    context,
+    isErrorStatusCode: (statusCode: number) =>
+      matchStatusCode({ status: statusCode } as Response, ["4XX", "5XX"]),
+    retryConfig: context.retryConfig,
+    retryCodes: context.retryCodes,
+  });
+  if (!doResult.ok) {
+    return [doResult, { status: "request-error", request: req }];
+  }
+  const response = doResult.value;
+
+  const [result] = await M.match<
+    components.PaginatedResponseAuditVendor,
+    | VantaError
+    | ResponseValidationError
+    | ConnectionError
+    | RequestAbortedError
+    | RequestTimeoutError
+    | InvalidRequestError
+    | UnexpectedClientError
+    | SDKValidationError
+  >(
+    M.json(200, components.PaginatedResponseAuditVendor$inboundSchema),
+    M.fail("4XX"),
+    M.fail("5XX"),
+  )(response, req);
+  if (!result.ok) {
+    return [result, { status: "complete", request: req, response }];
+  }
+
+  return [result, { status: "complete", request: req, response }];
+}

package/src/lib/config.ts

@@ -65,8 +65,8 @@ export function serverURLFromOptions(options: SDKOptions): URL | null {
 export const SDK_METADATA = {
   language: "typescript",
   openapiDocVersion: "1.0.0",
-  sdkVersion: "0.6.1",
-  genVersion: "2.884.4",
+  sdkVersion: "0.6.3",
+  genVersion: "2.884.13",
   userAgent:
-    "speakeasy-sdk/typescript 0.6.1 2.884.4 1.0.0 vanta-auditor-api-sdk",
+    "speakeasy-sdk/typescript 0.6.3 2.884.13 1.0.0 vanta-auditor-api-sdk",
 } as const;

package/src/models/components/accountaccess.ts

@@ -0,0 +1,99 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import * as z from "zod/v3";
+import { safeParse } from "../../lib/schemas.js";
+import { Result as SafeParseResult } from "../../types/fp.js";
+import { SDKValidationError } from "../errors/sdkvalidationerror.js";
+import {
+  AccountAccessStatus,
+  AccountAccessStatus$inboundSchema,
+} from "./accountaccessstatus.js";
+
+/**
+ * Account access record from personnel population.
+ *
+ * @remarks
+ *
+ * This unified interface represents account access data from all service types:
+ * - IDP services (Okta, Azure AD, Google Workspace, etc.)
+ * - First-party account services (AWS, Azure, GCP, Oracle Cloud, etc.)
+ * - Role grants services (GCP, Azure role grants)
+ * - Received/third-party applications
+ *
+ * Only `id` and `accountName` are always present. Other fields are optional so
+ * disallowed columns can be omitted (for example under controlled audit view).
+ * When an optional field is present, `null` means the column is visible but empty
+ * (only fields that are nullable in population data use `null`).
+ */
+export type AccountAccess = {
+  /**
+   * Unique identifier for the account.
+   */
+  id: string;
+  /**
+   * Account name or email address (primary identifier).
+   */
+  accountName: string;
+  /**
+   * Display name of the account owner, or null when the column is visible but unknown.
+   */
+  owner?: string | null | undefined;
+  /**
+   * Account roles; empty array when the column is visible but has no roles.
+   */
+  role?: Array<string> | undefined;
+  /**
+   * Account status values for account access records.
+   *
+   * @remarks
+   * Unified status enum that covers all service types.
+   */
+  status?: AccountAccessStatus | undefined;
+  /**
+   * Multi-factor authentication (MFA) status when present.
+   *
+   * @remarks
+   * `true` = MFA enabled, `false` = MFA not enabled, `null` = visible but unknown.
+   */
+  mfa?: boolean | null | undefined;
+  /**
+   * Account creation date when present, or null when visible but absent.
+   */
+  createdDate?: Date | null | undefined;
+  /**
+   * Account deactivation date when present, or null when active.
+   */
+  deactivatedDate?: Date | null | undefined;
+};
+
+/** @internal */
+export const AccountAccess$inboundSchema: z.ZodType<
+  AccountAccess,
+  z.ZodTypeDef,
+  unknown
+> = z.object({
+  id: z.string(),
+  accountName: z.string(),
+  owner: z.nullable(z.string()).optional(),
+  role: z.array(z.string()).optional(),
+  status: AccountAccessStatus$inboundSchema.optional(),
+  mfa: z.nullable(z.boolean()).optional(),
+  createdDate: z.nullable(
+    z.string().datetime({ offset: true }).transform(v => new Date(v)),
+  ).optional(),
+  deactivatedDate: z.nullable(
+    z.string().datetime({ offset: true }).transform(v => new Date(v)),
+  ).optional(),
+});
+
+export function accountAccessFromJSON(
+  jsonString: string,
+): SafeParseResult<AccountAccess, SDKValidationError> {
+  return safeParse(
+    jsonString,
+    (x) => AccountAccess$inboundSchema.parse(JSON.parse(x)),
+    `Failed to parse 'AccountAccess' from JSON`,
+  );
+}

package/src/models/components/accountaccessservice.ts

@@ -0,0 +1,60 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import * as z from "zod/v3";
+import { safeParse } from "../../lib/schemas.js";
+import { Result as SafeParseResult } from "../../types/fp.js";
+import { SDKValidationError } from "../errors/sdkvalidationerror.js";
+
+/**
+ * An account access service (identity provider, access credential, or external application)
+ *
+ * @remarks
+ * connected to the organization.
+ *
+ * These represent credentials for integrations like Okta, Azure AD,
+ * Google Workspace, etc. that provide identity and access management
+ * data for personnel, as well as external applications that provide
+ * received user accounts.
+ */
+export type AccountAccessService = {
+  /**
+   * Unique identifier for the service.
+   */
+  id: string;
+  /**
+   * Display name of the service shown to users.
+   */
+  credentialDisplayName: string;
+  /**
+   * The service name or integration ID.
+   */
+  service: string;
+  /**
+   * Sub-account identifier for multi-account integrations, or null if not applicable.
+   */
+  subAccountId: string | null;
+};
+
+/** @internal */
+export const AccountAccessService$inboundSchema: z.ZodType<
+  AccountAccessService,
+  z.ZodTypeDef,
+  unknown
+> = z.object({
+  id: z.string(),
+  credentialDisplayName: z.string(),
+  service: z.string(),
+  subAccountId: z.nullable(z.string()),
+});
+
+export function accountAccessServiceFromJSON(
+  jsonString: string,
+): SafeParseResult<AccountAccessService, SDKValidationError> {
+  return safeParse(
+    jsonString,
+    (x) => AccountAccessService$inboundSchema.parse(JSON.parse(x)),
+    `Failed to parse 'AccountAccessService' from JSON`,
+  );
+}

package/src/models/components/accountaccessstatus.ts

@@ -0,0 +1,34 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import * as z from "zod/v3";
+import { ClosedEnum } from "../../types/enums.js";
+
+/**
+ * Account status values for account access records.
+ *
+ * @remarks
+ * Unified status enum that covers all service types.
+ */
+export const AccountAccessStatus = {
+  Active: "ACTIVE",
+  Deactivated: "DEACTIVATED",
+  Unknown: "UNKNOWN",
+} as const;
+/**
+ * Account status values for account access records.
+ *
+ * @remarks
+ * Unified status enum that covers all service types.
+ */
+export type AccountAccessStatus = ClosedEnum<typeof AccountAccessStatus>;
+
+/** @internal */
+export const AccountAccessStatus$inboundSchema: z.ZodNativeEnum<
+  typeof AccountAccessStatus
+> = z.nativeEnum(AccountAccessStatus);
+/** @internal */
+export const AccountAccessStatus$outboundSchema: z.ZodNativeEnum<
+  typeof AccountAccessStatus
+> = AccountAccessStatus$inboundSchema;

package/src/models/components/apicodechangesource.ts

@@ -0,0 +1,25 @@
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+
+import * as z from "zod/v3";
+import { ClosedEnum } from "../../types/enums.js";
+
+/**
+ * Version control source service name for code changes.
+ */
+export const ApiCodeChangeSource = {
+  Github: "github",
+  Gitlab: "gitlab",
+  Bitbucket: "bitbucket",
+  Azuredevops: "azuredevops",
+} as const;
+/**
+ * Version control source service name for code changes.
+ */
+export type ApiCodeChangeSource = ClosedEnum<typeof ApiCodeChangeSource>;
+
+/** @internal */
+export const ApiCodeChangeSource$outboundSchema: z.ZodNativeEnum<
+  typeof ApiCodeChangeSource
+> = z.nativeEnum(ApiCodeChangeSource);