vanta-auditor-api-sdk 0.6.1 → 0.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (275) hide show
  1. package/README.md +21 -1
  2. package/docs/sdks/audits/README.md +760 -1
  3. package/funcs/auditsList.js +10 -0
  4. package/funcs/auditsList.js.map +1 -1
  5. package/funcs/auditsListAccountAccessServices.d.ts +33 -0
  6. package/funcs/auditsListAccountAccessServices.d.ts.map +1 -0
  7. package/funcs/auditsListAccountAccessServices.js +141 -0
  8. package/funcs/auditsListAccountAccessServices.js.map +1 -0
  9. package/funcs/auditsListAuditIssues.d.ts +3 -1
  10. package/funcs/auditsListAuditIssues.d.ts.map +1 -1
  11. package/funcs/auditsListAuditIssues.js +5 -1
  12. package/funcs/auditsListAuditIssues.js.map +1 -1
  13. package/funcs/auditsListAuditRisks.d.ts +37 -0
  14. package/funcs/auditsListAuditRisks.d.ts.map +1 -0
  15. package/funcs/auditsListAuditRisks.js +152 -0
  16. package/funcs/auditsListAuditRisks.js.map +1 -0
  17. package/funcs/auditsListCodeChanges.d.ts +34 -0
  18. package/funcs/auditsListCodeChanges.d.ts.map +1 -0
  19. package/funcs/auditsListCodeChanges.js +146 -0
  20. package/funcs/auditsListCodeChanges.js.map +1 -0
  21. package/funcs/auditsListPersonnelAccountAccess.d.ts +58 -0
  22. package/funcs/auditsListPersonnelAccountAccess.d.ts.map +1 -0
  23. package/funcs/auditsListPersonnelAccountAccess.js +172 -0
  24. package/funcs/auditsListPersonnelAccountAccess.js.map +1 -0
  25. package/funcs/auditsListPersonnelGroups.d.ts +39 -0
  26. package/funcs/auditsListPersonnelGroups.d.ts.map +1 -0
  27. package/funcs/auditsListPersonnelGroups.js +151 -0
  28. package/funcs/auditsListPersonnelGroups.js.map +1 -0
  29. package/funcs/auditsListPersonnelPeople.d.ts +36 -0
  30. package/funcs/auditsListPersonnelPeople.d.ts.map +1 -0
  31. package/funcs/auditsListPersonnelPeople.js +149 -0
  32. package/funcs/auditsListPersonnelPeople.js.map +1 -0
  33. package/funcs/auditsListRiskSnapshots.d.ts +32 -0
  34. package/funcs/auditsListRiskSnapshots.d.ts.map +1 -0
  35. package/funcs/auditsListRiskSnapshots.js +140 -0
  36. package/funcs/auditsListRiskSnapshots.js.map +1 -0
  37. package/funcs/auditsListVendors.d.ts +35 -0
  38. package/funcs/auditsListVendors.d.ts.map +1 -0
  39. package/funcs/auditsListVendors.js +148 -0
  40. package/funcs/auditsListVendors.js.map +1 -0
  41. package/jsr.json +1 -1
  42. package/lib/config.d.ts +3 -3
  43. package/lib/config.js +3 -3
  44. package/lib/config.js.map +1 -1
  45. package/models/components/accountaccess.d.ts +64 -0
  46. package/models/components/accountaccess.d.ts.map +1 -0
  47. package/models/components/accountaccess.js +58 -0
  48. package/models/components/accountaccess.js.map +1 -0
  49. package/models/components/accountaccessservice.d.ts +36 -0
  50. package/models/components/accountaccessservice.d.ts.map +1 -0
  51. package/models/components/accountaccessservice.js +53 -0
  52. package/models/components/accountaccessservice.js.map +1 -0
  53. package/models/components/accountaccessstatus.d.ts +25 -0
  54. package/models/components/accountaccessstatus.d.ts.map +1 -0
  55. package/models/components/accountaccessstatus.js +56 -0
  56. package/models/components/accountaccessstatus.js.map +1 -0
  57. package/models/components/apicodechangesource.d.ts +18 -0
  58. package/models/components/apicodechangesource.d.ts.map +1 -0
  59. package/models/components/apicodechangesource.js +52 -0
  60. package/models/components/apicodechangesource.js.map +1 -0
  61. package/models/components/auditrisk.d.ts +153 -0
  62. package/models/components/auditrisk.d.ts.map +1 -0
  63. package/models/components/auditrisk.js +108 -0
  64. package/models/components/auditrisk.js.map +1 -0
  65. package/models/components/auditriskcia.d.ts +17 -0
  66. package/models/components/auditriskcia.d.ts.map +1 -0
  67. package/models/components/auditriskcia.js +51 -0
  68. package/models/components/auditriskcia.js.map +1 -0
  69. package/models/components/auditvendor.d.ts +96 -0
  70. package/models/components/auditvendor.d.ts.map +1 -0
  71. package/models/components/auditvendor.js +86 -0
  72. package/models/components/auditvendor.js.map +1 -0
  73. package/models/components/auditvendorrisklevel.d.ts +15 -0
  74. package/models/components/auditvendorrisklevel.d.ts.map +1 -0
  75. package/models/components/auditvendorrisklevel.js +52 -0
  76. package/models/components/auditvendorrisklevel.js.map +1 -0
  77. package/models/components/auditvendorstatus.d.ts +13 -0
  78. package/models/components/auditvendorstatus.d.ts.map +1 -0
  79. package/models/components/auditvendorstatus.js +50 -0
  80. package/models/components/auditvendorstatus.js.map +1 -0
  81. package/models/components/codechange.d.ts +50 -0
  82. package/models/components/codechange.d.ts.map +1 -0
  83. package/models/components/codechange.js +58 -0
  84. package/models/components/codechange.js.map +1 -0
  85. package/models/components/grouporderby.d.ts +13 -0
  86. package/models/components/grouporderby.d.ts.map +1 -0
  87. package/models/components/grouporderby.js +50 -0
  88. package/models/components/grouporderby.js.map +1 -0
  89. package/models/components/index.d.ts +31 -0
  90. package/models/components/index.d.ts.map +1 -1
  91. package/models/components/index.js +31 -0
  92. package/models/components/index.js.map +1 -1
  93. package/models/components/issuesnapshotitemorderby.d.ts +16 -0
  94. package/models/components/issuesnapshotitemorderby.d.ts.map +1 -0
  95. package/models/components/issuesnapshotitemorderby.js +50 -0
  96. package/models/components/issuesnapshotitemorderby.js.map +1 -0
  97. package/models/components/orderdirection.d.ts +16 -0
  98. package/models/components/orderdirection.d.ts.map +1 -0
  99. package/models/components/orderdirection.js +50 -0
  100. package/models/components/orderdirection.js.map +1 -0
  101. package/models/components/paginatedresponseaccountaccess.d.ts +22 -0
  102. package/models/components/paginatedresponseaccountaccess.d.ts.map +1 -0
  103. package/models/components/paginatedresponseaccountaccess.js +61 -0
  104. package/models/components/paginatedresponseaccountaccess.js.map +1 -0
  105. package/models/components/paginatedresponseaccountaccessservice.d.ts +22 -0
  106. package/models/components/paginatedresponseaccountaccessservice.d.ts.map +1 -0
  107. package/models/components/paginatedresponseaccountaccessservice.js +61 -0
  108. package/models/components/paginatedresponseaccountaccessservice.js.map +1 -0
  109. package/models/components/paginatedresponseauditrisk.d.ts +22 -0
  110. package/models/components/paginatedresponseauditrisk.d.ts.map +1 -0
  111. package/models/components/paginatedresponseauditrisk.js +61 -0
  112. package/models/components/paginatedresponseauditrisk.js.map +1 -0
  113. package/models/components/paginatedresponseauditvendor.d.ts +22 -0
  114. package/models/components/paginatedresponseauditvendor.d.ts.map +1 -0
  115. package/models/components/paginatedresponseauditvendor.js +61 -0
  116. package/models/components/paginatedresponseauditvendor.js.map +1 -0
  117. package/models/components/paginatedresponsecodechange.d.ts +22 -0
  118. package/models/components/paginatedresponsecodechange.d.ts.map +1 -0
  119. package/models/components/paginatedresponsecodechange.js +61 -0
  120. package/models/components/paginatedresponsecodechange.js.map +1 -0
  121. package/models/components/paginatedresponsepersonnelgroup.d.ts +22 -0
  122. package/models/components/paginatedresponsepersonnelgroup.d.ts.map +1 -0
  123. package/models/components/paginatedresponsepersonnelgroup.js +61 -0
  124. package/models/components/paginatedresponsepersonnelgroup.js.map +1 -0
  125. package/models/components/paginatedresponsepersonnelperson.d.ts +22 -0
  126. package/models/components/paginatedresponsepersonnelperson.d.ts.map +1 -0
  127. package/models/components/paginatedresponsepersonnelperson.js +61 -0
  128. package/models/components/paginatedresponsepersonnelperson.js.map +1 -0
  129. package/models/components/paginatedresponserisksnapshot.d.ts +22 -0
  130. package/models/components/paginatedresponserisksnapshot.d.ts.map +1 -0
  131. package/models/components/paginatedresponserisksnapshot.js +61 -0
  132. package/models/components/paginatedresponserisksnapshot.js.map +1 -0
  133. package/models/components/peopleemploymentstatus.d.ts +20 -0
  134. package/models/components/peopleemploymentstatus.d.ts.map +1 -0
  135. package/models/components/peopleemploymentstatus.js +54 -0
  136. package/models/components/peopleemploymentstatus.js.map +1 -0
  137. package/models/components/peopleorderby.d.ts +10 -0
  138. package/models/components/peopleorderby.d.ts.map +1 -0
  139. package/models/components/peopleorderby.js +47 -0
  140. package/models/components/peopleorderby.js.map +1 -0
  141. package/models/components/peoplesecuritytaskstatus.d.ts +18 -0
  142. package/models/components/peoplesecuritytaskstatus.d.ts.map +1 -0
  143. package/models/components/peoplesecuritytaskstatus.js +52 -0
  144. package/models/components/peoplesecuritytaskstatus.js.map +1 -0
  145. package/models/components/peopletaskstatus.d.ts +22 -0
  146. package/models/components/peopletaskstatus.d.ts.map +1 -0
  147. package/models/components/peopletaskstatus.js +56 -0
  148. package/models/components/peopletaskstatus.js.map +1 -0
  149. package/models/components/personnelgroup.d.ts +54 -0
  150. package/models/components/personnelgroup.d.ts.map +1 -0
  151. package/models/components/personnelgroup.js +57 -0
  152. package/models/components/personnelgroup.js.map +1 -0
  153. package/models/components/personnelgrouptask.d.ts +16 -0
  154. package/models/components/personnelgrouptask.d.ts.map +1 -0
  155. package/models/components/personnelgrouptask.js +50 -0
  156. package/models/components/personnelgrouptask.js.map +1 -0
  157. package/models/components/personnelperson.d.ts +338 -0
  158. package/models/components/personnelperson.d.ts.map +1 -0
  159. package/models/components/personnelperson.js +177 -0
  160. package/models/components/personnelperson.js.map +1 -0
  161. package/models/components/riskorderby.d.ts +18 -0
  162. package/models/components/riskorderby.d.ts.map +1 -0
  163. package/models/components/riskorderby.js +56 -0
  164. package/models/components/riskorderby.js.map +1 -0
  165. package/models/components/risksnapshot.d.ts +26 -0
  166. package/models/components/risksnapshot.d.ts.map +1 -0
  167. package/models/components/risksnapshot.js +51 -0
  168. package/models/components/risksnapshot.js.map +1 -0
  169. package/models/components/vendororderby.d.ts +10 -0
  170. package/models/components/vendororderby.d.ts.map +1 -0
  171. package/models/components/vendororderby.js +47 -0
  172. package/models/components/vendororderby.js.map +1 -0
  173. package/models/operations/index.d.ts +8 -0
  174. package/models/operations/index.d.ts.map +1 -1
  175. package/models/operations/index.js +8 -0
  176. package/models/operations/index.js.map +1 -1
  177. package/models/operations/listaccountaccessservices.d.ts +25 -0
  178. package/models/operations/listaccountaccessservices.d.ts.map +1 -0
  179. package/models/operations/listaccountaccessservices.js +51 -0
  180. package/models/operations/listaccountaccessservices.js.map +1 -0
  181. package/models/operations/listauditissues.d.ts +11 -0
  182. package/models/operations/listauditissues.d.ts.map +1 -1
  183. package/models/operations/listauditissues.js +3 -0
  184. package/models/operations/listauditissues.js.map +1 -1
  185. package/models/operations/listauditrisks.d.ts +46 -0
  186. package/models/operations/listauditrisks.d.ts.map +1 -0
  187. package/models/operations/listauditrisks.js +56 -0
  188. package/models/operations/listauditrisks.js.map +1 -0
  189. package/models/operations/listcodechanges.d.ts +46 -0
  190. package/models/operations/listcodechanges.d.ts.map +1 -0
  191. package/models/operations/listcodechanges.js +57 -0
  192. package/models/operations/listcodechanges.js.map +1 -0
  193. package/models/operations/listpersonnelaccountaccess.d.ts +41 -0
  194. package/models/operations/listpersonnelaccountaccess.d.ts.map +1 -0
  195. package/models/operations/listpersonnelaccountaccess.js +55 -0
  196. package/models/operations/listpersonnelaccountaccess.js.map +1 -0
  197. package/models/operations/listpersonnelgroups.d.ts +46 -0
  198. package/models/operations/listpersonnelgroups.d.ts.map +1 -0
  199. package/models/operations/listpersonnelgroups.js +56 -0
  200. package/models/operations/listpersonnelgroups.js.map +1 -0
  201. package/models/operations/listpersonnelpeople.d.ts +51 -0
  202. package/models/operations/listpersonnelpeople.d.ts.map +1 -0
  203. package/models/operations/listpersonnelpeople.js +57 -0
  204. package/models/operations/listpersonnelpeople.js.map +1 -0
  205. package/models/operations/listrisksnapshots.d.ts +25 -0
  206. package/models/operations/listrisksnapshots.d.ts.map +1 -0
  207. package/models/operations/listrisksnapshots.js +51 -0
  208. package/models/operations/listrisksnapshots.js.map +1 -0
  209. package/models/operations/listvendors.d.ts +51 -0
  210. package/models/operations/listvendors.d.ts.map +1 -0
  211. package/models/operations/listvendors.js +58 -0
  212. package/models/operations/listvendors.js.map +1 -0
  213. package/package.json +1 -1
  214. package/sdk/audits.d.ts +219 -1
  215. package/sdk/audits.d.ts.map +1 -1
  216. package/sdk/audits.js +243 -1
  217. package/sdk/audits.js.map +1 -1
  218. package/src/funcs/auditsList.ts +10 -0
  219. package/src/funcs/auditsListAccountAccessServices.ts +192 -0
  220. package/src/funcs/auditsListAuditIssues.ts +5 -1
  221. package/src/funcs/auditsListAuditRisks.ts +200 -0
  222. package/src/funcs/auditsListCodeChanges.ts +194 -0
  223. package/src/funcs/auditsListPersonnelAccountAccess.ts +223 -0
  224. package/src/funcs/auditsListPersonnelGroups.ts +200 -0
  225. package/src/funcs/auditsListPersonnelPeople.ts +198 -0
  226. package/src/funcs/auditsListRiskSnapshots.ts +188 -0
  227. package/src/funcs/auditsListVendors.ts +196 -0
  228. package/src/lib/config.ts +3 -3
  229. package/src/models/components/accountaccess.ts +99 -0
  230. package/src/models/components/accountaccessservice.ts +60 -0
  231. package/src/models/components/accountaccessstatus.ts +34 -0
  232. package/src/models/components/apicodechangesource.ts +25 -0
  233. package/src/models/components/auditrisk.ts +216 -0
  234. package/src/models/components/auditriskcia.ts +23 -0
  235. package/src/models/components/auditvendor.ts +158 -0
  236. package/src/models/components/auditvendorrisklevel.ts +24 -0
  237. package/src/models/components/auditvendorstatus.ts +22 -0
  238. package/src/models/components/codechange.ts +79 -0
  239. package/src/models/components/grouporderby.ts +19 -0
  240. package/src/models/components/index.ts +31 -0
  241. package/src/models/components/issuesnapshotitemorderby.ts +25 -0
  242. package/src/models/components/orderdirection.ts +23 -0
  243. package/src/models/components/paginatedresponseaccountaccess.ts +62 -0
  244. package/src/models/components/paginatedresponseaccountaccessservice.ts +74 -0
  245. package/src/models/components/paginatedresponseauditrisk.ts +61 -0
  246. package/src/models/components/paginatedresponseauditvendor.ts +62 -0
  247. package/src/models/components/paginatedresponsecodechange.ts +62 -0
  248. package/src/models/components/paginatedresponsepersonnelgroup.ts +65 -0
  249. package/src/models/components/paginatedresponsepersonnelperson.ts +70 -0
  250. package/src/models/components/paginatedresponserisksnapshot.ts +62 -0
  251. package/src/models/components/peopleemploymentstatus.ts +27 -0
  252. package/src/models/components/peopleorderby.ts +17 -0
  253. package/src/models/components/peoplesecuritytaskstatus.ts +27 -0
  254. package/src/models/components/peopletaskstatus.ts +29 -0
  255. package/src/models/components/personnelgroup.ts +84 -0
  256. package/src/models/components/personnelgrouptask.ts +37 -0
  257. package/src/models/components/personnelperson.ts +554 -0
  258. package/src/models/components/riskorderby.ts +24 -0
  259. package/src/models/components/risksnapshot.ts +48 -0
  260. package/src/models/components/vendororderby.ts +17 -0
  261. package/src/models/operations/index.ts +8 -0
  262. package/src/models/operations/listaccountaccessservices.ts +48 -0
  263. package/src/models/operations/listauditissues.ts +13 -0
  264. package/src/models/operations/listauditrisks.ts +71 -0
  265. package/src/models/operations/listcodechanges.ts +72 -0
  266. package/src/models/operations/listpersonnelaccountaccess.ts +67 -0
  267. package/src/models/operations/listpersonnelgroups.ts +71 -0
  268. package/src/models/operations/listpersonnelpeople.ts +77 -0
  269. package/src/models/operations/listrisksnapshots.ts +46 -0
  270. package/src/models/operations/listvendors.ts +80 -0
  271. package/src/sdk/audits.ts +307 -1
  272. package/src/types/async.ts +8 -7
  273. package/types/async.d.ts.map +1 -1
  274. package/types/async.js +8 -7
  275. package/types/async.js.map +1 -1
package/docs/sdks/audits/README.md CHANGED
@@ -6,6 +6,7 @@
6
6
 
7
7
  * [list](#list) - List audits
8
8
  * [getAudit](#getaudit) - Get audit by ID
9
+ * [listCodeChanges](#listcodechanges) - List code changes for an audit
9
10
  * [listComments](#listcomments) - List audit comments
10
11
  * [listControls](#listcontrols) - List audit controls
11
12
  * [createCustomControl](#createcustomcontrol) - Create a custom control for an audit
@@ -32,6 +33,13 @@
32
33
  * [flagInformationRequestEvidence](#flaginformationrequestevidence) - Flag evidence for an information request
33
34
  * [listAuditIssues](#listauditissues) - List snapshotted issues for an audit
34
35
  * [listAuditSnapshots](#listauditsnapshots) - List snapshotted issues for an audit
36
+ * [listVendors](#listvendors) - List vendors for an audit
37
+ * [listAccountAccessServices](#listaccountaccessservices) - List account access services for an audit
38
+ * [listPersonnelAccountAccess](#listpersonnelaccountaccess) - List account access records for an audit
39
+ * [listPersonnelGroups](#listpersonnelgroups) - List groups for an audit
40
+ * [listPersonnelPeople](#listpersonnelpeople) - List people for an audit
41
+ * [listRiskSnapshots](#listrisksnapshots) - List risk snapshots for an audit
42
+ * [listAuditRisks](#listauditrisks) - List risks for an audit
35
43
  * [shareInformationRequestList](#shareinformationrequestlist) - Share information request list with customer
36
44
 
37
45
  ## list
@@ -184,6 +192,95 @@ run();
184
192
  | --------------- | --------------- | --------------- |
185
193
  | errors.APIError | 4XX, 5XX | \*/\* |
186
194
 
195
+ ## listCodeChanges
196
+
197
+ Retrieves code changes population data for an audit.
198
+
199
+ This endpoint provides access to code change records (pull requests)
200
+ visible to auditors during an audit engagement.
201
+
202
+ Supports filtering by:
203
+ - `search`: Searches code change titles and repository names (case-insensitive)
204
+ - `sourcesMatchesAny`: Filters by version control source (accepted values: github, gitlab, bitbucket, azuredevops)
205
+ - `startDate` / `endDate`: Filters by the closed date range
206
+
207
+ Uses cursor-based pagination. To paginate:
208
+ 1. Make initial request with desired `pageSize`
209
+ 2. Check `results.pageInfo.hasNextPage`
210
+ 3. Use `results.pageInfo.endCursor` as `pageCursor` for next request
211
+
212
+ Results are sorted by closed date (newest first). This sort order is
213
+ fixed and cannot be customized via query parameters.
214
+
215
+ ### Example Usage
216
+
217
+ <!-- UsageSnippet language="typescript" operationID="ListCodeChanges" method="get" path="/audits/{auditId}/assets/code-changes" example="Example 1" -->
218
+ ```typescript
219
+ import { Vanta } from "vanta-auditor-api-sdk";
220
+
221
+ const vanta = new Vanta({
222
+ bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
223
+ });
224
+
225
+ async function run() {
226
+ const result = await vanta.audits.listCodeChanges({
227
+ auditId: "<id>",
228
+ });
229
+
230
+ console.log(result);
231
+ }
232
+
233
+ run();
234
+ ```
235
+
236
+ ### Standalone function
237
+
238
+ The standalone function version of this method:
239
+
240
+ ```typescript
241
+ import { VantaCore } from "vanta-auditor-api-sdk/core.js";
242
+ import { auditsListCodeChanges } from "vanta-auditor-api-sdk/funcs/auditsListCodeChanges.js";
243
+
244
+ // Use `VantaCore` for best tree-shaking performance.
245
+ // You can create one instance of it to use across an application.
246
+ const vanta = new VantaCore({
247
+ bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
248
+ });
249
+
250
+ async function run() {
251
+ const res = await auditsListCodeChanges(vanta, {
252
+ auditId: "<id>",
253
+ });
254
+ if (res.ok) {
255
+ const { value: result } = res;
256
+ console.log(result);
257
+ } else {
258
+ console.log("auditsListCodeChanges failed:", res.error);
259
+ }
260
+ }
261
+
262
+ run();
263
+ ```
264
+
265
+ ### Parameters
266
+
267
+ | Parameter | Type | Required | Description |
268
+ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
269
+ | `request` | [operations.ListCodeChangesRequest](../../models/operations/listcodechangesrequest.md) | :heavy_check_mark: | The request object to use for the request. |
270
+ | `options` | RequestOptions | :heavy_minus_sign: | Used to set various options for making HTTP requests. |
271
+ | `options.fetchOptions` | [RequestInit](https://developer.mozilla.org/en-US/docs/Web/API/Request/Request#options) | :heavy_minus_sign: | Options that are passed to the underlying HTTP request. This can be used to inject extra headers for examples. All `Request` options, except `method` and `body`, are allowed. |
272
+ | `options.retries` | [RetryConfig](../../lib/utils/retryconfig.md) | :heavy_minus_sign: | Enables retrying HTTP requests under certain failure conditions. |
273
+
274
+ ### Response
275
+
276
+ **Promise\<[components.PaginatedResponseCodeChange](../../models/components/paginatedresponsecodechange.md)\>**
277
+
278
+ ### Errors
279
+
280
+ | Error Type | Status Code | Content Type |
281
+ | --------------- | --------------- | --------------- |
282
+ | errors.APIError | 4XX, 5XX | \*/\* |
283
+
187
284
  ## listComments
188
285
 
189
286
  Returns a paginated list of comments for an audit.
@@ -2270,7 +2367,9 @@ Supports filtering by:
2270
2367
  - `search`: full text search across issue title and description
2271
2368
  - `snapshotId`: filtering to a specific snapshot or snapshots, which represent point-in-time captures of issues. Use the GET /audits/{auditId}/issues/snapshots endpoint to retrieve snapshot IDs and metadata.
2272
2369
 
2273
- Results are sorted by issue creation date in descending order (newest first).
2370
+ Results are sorted by issue creation date in descending order (newest first) by default.
2371
+ Use `orderBy` and `orderDirection` to customize sorting.
2372
+ Sort parameters must remain consistent across paginated requests.
2274
2373
 
2275
2374
  Uses cursor-based pagination. To paginate:
2276
2375
  1. Make initial request with desired `pageSize`
@@ -2432,6 +2531,666 @@ run();
2432
2531
  | --------------- | --------------- | --------------- |
2433
2532
  | errors.APIError | 4XX, 5XX | \*/\* |
2434
2533
 
2534
+ ## listVendors
2535
+
2536
+ Retrieves vendor population data for an audit.
2537
+
2538
+ This endpoint provides access to vendor records visible to auditors
2539
+ during an audit engagement.
2540
+
2541
+ Supports filtering by:
2542
+ - `search`: Searches vendor names (case-insensitive)
2543
+ - `vendorStatusesMatchesAny`: Filters by vendor status (ACTIVE, ARCHIVED, IN_PROCUREMENT)
2544
+ - `inherentRiskMatchesAny`: Filters by inherent risk level
2545
+
2546
+ Results are sorted by name (ascending) by default.
2547
+ Use `orderBy` and `orderDirection` to customize sorting.
2548
+ Sort parameters must remain consistent across paginated requests.
2549
+
2550
+ Uses cursor-based pagination. To paginate:
2551
+ 1. Make initial request with desired `pageSize`
2552
+ 2. Check `results.pageInfo.hasNextPage`
2553
+ 3. Use `results.pageInfo.endCursor` as `pageCursor` for next request
2554
+
2555
+ ### Example Usage
2556
+
2557
+ <!-- UsageSnippet language="typescript" operationID="ListVendors" method="get" path="/audits/{auditId}/managed-vendors" example="Example 1" -->
2558
+ ```typescript
2559
+ import { Vanta } from "vanta-auditor-api-sdk";
2560
+
2561
+ const vanta = new Vanta({
2562
+ bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
2563
+ });
2564
+
2565
+ async function run() {
2566
+ const result = await vanta.audits.listVendors({
2567
+ auditId: "<id>",
2568
+ });
2569
+
2570
+ console.log(result);
2571
+ }
2572
+
2573
+ run();
2574
+ ```
2575
+
2576
+ ### Standalone function
2577
+
2578
+ The standalone function version of this method:
2579
+
2580
+ ```typescript
2581
+ import { VantaCore } from "vanta-auditor-api-sdk/core.js";
2582
+ import { auditsListVendors } from "vanta-auditor-api-sdk/funcs/auditsListVendors.js";
2583
+
2584
+ // Use `VantaCore` for best tree-shaking performance.
2585
+ // You can create one instance of it to use across an application.
2586
+ const vanta = new VantaCore({
2587
+ bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
2588
+ });
2589
+
2590
+ async function run() {
2591
+ const res = await auditsListVendors(vanta, {
2592
+ auditId: "<id>",
2593
+ });
2594
+ if (res.ok) {
2595
+ const { value: result } = res;
2596
+ console.log(result);
2597
+ } else {
2598
+ console.log("auditsListVendors failed:", res.error);
2599
+ }
2600
+ }
2601
+
2602
+ run();
2603
+ ```
2604
+
2605
+ ### Parameters
2606
+
2607
+ | Parameter | Type | Required | Description |
2608
+ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
2609
+ | `request` | [operations.ListVendorsRequest](../../models/operations/listvendorsrequest.md) | :heavy_check_mark: | The request object to use for the request. |
2610
+ | `options` | RequestOptions | :heavy_minus_sign: | Used to set various options for making HTTP requests. |
2611
+ | `options.fetchOptions` | [RequestInit](https://developer.mozilla.org/en-US/docs/Web/API/Request/Request#options) | :heavy_minus_sign: | Options that are passed to the underlying HTTP request. This can be used to inject extra headers for examples. All `Request` options, except `method` and `body`, are allowed. |
2612
+ | `options.retries` | [RetryConfig](../../lib/utils/retryconfig.md) | :heavy_minus_sign: | Enables retrying HTTP requests under certain failure conditions. |
2613
+
2614
+ ### Response
2615
+
2616
+ **Promise\<[components.PaginatedResponseAuditVendor](../../models/components/paginatedresponseauditvendor.md)\>**
2617
+
2618
+ ### Errors
2619
+
2620
+ | Error Type | Status Code | Content Type |
2621
+ | --------------- | --------------- | --------------- |
2622
+ | errors.APIError | 4XX, 5XX | \*/\* |
2623
+
2624
+ ## listAccountAccessServices
2625
+
2626
+ Retrieves connected account access services for an audit.
2627
+
2628
+ Returns the list of identity providers and access integrations (such as
2629
+ Okta, Azure AD, Google Workspace, AWS IAM) that are connected to the
2630
+ organization and provide account access data for personnel.
2631
+
2632
+ These integrations are used to verify user access and identity management
2633
+ during an audit engagement.
2634
+
2635
+ Uses cursor-based pagination. To paginate:
2636
+ 1. Make initial request with desired `pageSize`
2637
+ 2. Check `results.pageInfo.hasNextPage`
2638
+ 3. Use `results.pageInfo.endCursor` as `pageCursor` for next request
2639
+
2640
+ Results are returned in connection order. Sort order is not guaranteed
2641
+ and cannot be customized via query parameters.
2642
+
2643
+ ### Example Usage
2644
+
2645
+ <!-- UsageSnippet language="typescript" operationID="ListAccountAccessServices" method="get" path="/audits/{auditId}/personnel/account-access/services" example="Example 1" -->
2646
+ ```typescript
2647
+ import { Vanta } from "vanta-auditor-api-sdk";
2648
+
2649
+ const vanta = new Vanta({
2650
+ bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
2651
+ });
2652
+
2653
+ async function run() {
2654
+ const result = await vanta.audits.listAccountAccessServices({
2655
+ auditId: "<id>",
2656
+ });
2657
+
2658
+ console.log(result);
2659
+ }
2660
+
2661
+ run();
2662
+ ```
2663
+
2664
+ ### Standalone function
2665
+
2666
+ The standalone function version of this method:
2667
+
2668
+ ```typescript
2669
+ import { VantaCore } from "vanta-auditor-api-sdk/core.js";
2670
+ import { auditsListAccountAccessServices } from "vanta-auditor-api-sdk/funcs/auditsListAccountAccessServices.js";
2671
+
2672
+ // Use `VantaCore` for best tree-shaking performance.
2673
+ // You can create one instance of it to use across an application.
2674
+ const vanta = new VantaCore({
2675
+ bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
2676
+ });
2677
+
2678
+ async function run() {
2679
+ const res = await auditsListAccountAccessServices(vanta, {
2680
+ auditId: "<id>",
2681
+ });
2682
+ if (res.ok) {
2683
+ const { value: result } = res;
2684
+ console.log(result);
2685
+ } else {
2686
+ console.log("auditsListAccountAccessServices failed:", res.error);
2687
+ }
2688
+ }
2689
+
2690
+ run();
2691
+ ```
2692
+
2693
+ ### Parameters
2694
+
2695
+ | Parameter | Type | Required | Description |
2696
+ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
2697
+ | `request` | [operations.ListAccountAccessServicesRequest](../../models/operations/listaccountaccessservicesrequest.md) | :heavy_check_mark: | The request object to use for the request. |
2698
+ | `options` | RequestOptions | :heavy_minus_sign: | Used to set various options for making HTTP requests. |
2699
+ | `options.fetchOptions` | [RequestInit](https://developer.mozilla.org/en-US/docs/Web/API/Request/Request#options) | :heavy_minus_sign: | Options that are passed to the underlying HTTP request. This can be used to inject extra headers for examples. All `Request` options, except `method` and `body`, are allowed. |
2700
+ | `options.retries` | [RetryConfig](../../lib/utils/retryconfig.md) | :heavy_minus_sign: | Enables retrying HTTP requests under certain failure conditions. |
2701
+
2702
+ ### Response
2703
+
2704
+ **Promise\<[components.PaginatedResponseAccountAccessService](../../models/components/paginatedresponseaccountaccessservice.md)\>**
2705
+
2706
+ ### Errors
2707
+
2708
+ | Error Type | Status Code | Content Type |
2709
+ | --------------- | --------------- | --------------- |
2710
+ | errors.APIError | 4XX, 5XX | \*/\* |
2711
+
2712
+ ## listPersonnelAccountAccess
2713
+
2714
+ Retrieves account access population data for an audit.
2715
+
2716
+ This endpoint provides access to account access records visible to auditors
2717
+ during an audit engagement. Account access data comes from various sources:
2718
+
2719
+ - **IDP Services** (Identity Providers): Okta, Azure AD, Google Workspace, OneLogin, PingOne
2720
+
2721
+ - Returns user accounts from identity providers
2722
+ - Supports filtering by search and status
2723
+
2724
+ - **Role Grants Services**: GCP, Azure (when role grants are enabled)
2725
+
2726
+ - Returns accounts with role-based access grants
2727
+ - Supports filtering by search and status
2728
+
2729
+ - **First-Party Account Services**: AWS, Oracle Cloud, Azure (when not using role grants), etc.
2730
+
2731
+ - Returns cloud provider account access records
2732
+ - Supports filtering by search and status
2733
+
2734
+ - **Received Account Services**: External applications (Jira, GitHub, Slack, etc.)
2735
+
2736
+ - Returns user accounts from third-party integrations
2737
+ - Supports filtering by search and status
2738
+
2739
+
2740
+ Supports filtering by:
2741
+ - `search`: Searches account names/emails (case-insensitive)
2742
+ - `status`: Filters by account status
2743
+
2744
+ Uses cursor-based pagination. To paginate:
2745
+ 1. Make initial request with desired `pageSize`
2746
+ 2. Check `results.pageInfo.hasNextPage`
2747
+ 3. Use `results.pageInfo.endCursor` as `pageCursor` for next request
2748
+
2749
+ The default sort order depends on the service type:
2750
+ - Identity provider services (e.g. Okta, Azure AD): sorted by email, ascending
2751
+ - Cloud provider services (e.g. AWS, GCP): sorted by account name, ascending
2752
+ - Role grant services: sorted by account name, ascending
2753
+ - Third-party application services (e.g. GitHub, Jira): sorted by account name, ascending
2754
+
2755
+ Sort order cannot be customized via query parameters.
2756
+
2757
+ ### Example Usage
2758
+
2759
+ <!-- UsageSnippet language="typescript" operationID="ListPersonnelAccountAccess" method="get" path="/audits/{auditId}/personnel/account-access/{serviceId}" example="Example 1" -->
2760
+ ```typescript
2761
+ import { Vanta } from "vanta-auditor-api-sdk";
2762
+
2763
+ const vanta = new Vanta({
2764
+ bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
2765
+ });
2766
+
2767
+ async function run() {
2768
+ const result = await vanta.audits.listPersonnelAccountAccess({
2769
+ auditId: "<id>",
2770
+ serviceId: "<id>",
2771
+ });
2772
+
2773
+ console.log(result);
2774
+ }
2775
+
2776
+ run();
2777
+ ```
2778
+
2779
+ ### Standalone function
2780
+
2781
+ The standalone function version of this method:
2782
+
2783
+ ```typescript
2784
+ import { VantaCore } from "vanta-auditor-api-sdk/core.js";
2785
+ import { auditsListPersonnelAccountAccess } from "vanta-auditor-api-sdk/funcs/auditsListPersonnelAccountAccess.js";
2786
+
2787
+ // Use `VantaCore` for best tree-shaking performance.
2788
+ // You can create one instance of it to use across an application.
2789
+ const vanta = new VantaCore({
2790
+ bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
2791
+ });
2792
+
2793
+ async function run() {
2794
+ const res = await auditsListPersonnelAccountAccess(vanta, {
2795
+ auditId: "<id>",
2796
+ serviceId: "<id>",
2797
+ });
2798
+ if (res.ok) {
2799
+ const { value: result } = res;
2800
+ console.log(result);
2801
+ } else {
2802
+ console.log("auditsListPersonnelAccountAccess failed:", res.error);
2803
+ }
2804
+ }
2805
+
2806
+ run();
2807
+ ```
2808
+
2809
+ ### Parameters
2810
+
2811
+ | Parameter | Type | Required | Description |
2812
+ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
2813
+ | `request` | [operations.ListPersonnelAccountAccessRequest](../../models/operations/listpersonnelaccountaccessrequest.md) | :heavy_check_mark: | The request object to use for the request. |
2814
+ | `options` | RequestOptions | :heavy_minus_sign: | Used to set various options for making HTTP requests. |
2815
+ | `options.fetchOptions` | [RequestInit](https://developer.mozilla.org/en-US/docs/Web/API/Request/Request#options) | :heavy_minus_sign: | Options that are passed to the underlying HTTP request. This can be used to inject extra headers for examples. All `Request` options, except `method` and `body`, are allowed. |
2816
+ | `options.retries` | [RetryConfig](../../lib/utils/retryconfig.md) | :heavy_minus_sign: | Enables retrying HTTP requests under certain failure conditions. |
2817
+
2818
+ ### Response
2819
+
2820
+ **Promise\<[components.PaginatedResponseAccountAccess](../../models/components/paginatedresponseaccountaccess.md)\>**
2821
+
2822
+ ### Errors
2823
+
2824
+ | Error Type | Status Code | Content Type |
2825
+ | --------------- | --------------- | --------------- |
2826
+ | errors.APIError | 4XX, 5XX | \*/\* |
2827
+
2828
+ ## listPersonnelGroups
2829
+
2830
+ Retrieves groups population data for an audit.
2831
+
2832
+ This endpoint provides access to the group records visible to auditors
2833
+ during an audit engagement. Groups represent organizational units that
2834
+ contain people, either imported from an identity provider (IDP) or
2835
+ created manually in Vanta.
2836
+
2837
+ Only Controlled Audit View (CAV) audits are supported. Full Audit
2838
+ View audits are rejected with 403.
2839
+
2840
+ Supports filtering by:
2841
+ - `search`: Searches group names (case-insensitive)
2842
+ - `sourcesMatchesAny`: Filters by IDP source service names
2843
+
2844
+ Results are sorted by name (ascending) by default.
2845
+ Use `orderBy` and `orderDirection` to customize sorting.
2846
+ Sort parameters must remain consistent across paginated requests.
2847
+
2848
+ Uses cursor-based pagination. To paginate:
2849
+ 1. Make initial request with desired `pageSize`
2850
+ 2. Check `results.pageInfo.hasNextPage`
2851
+ 3. Use `results.pageInfo.endCursor` as `pageCursor` for next request
2852
+
2853
+ ### Example Usage
2854
+
2855
+ <!-- UsageSnippet language="typescript" operationID="ListPersonnelGroups" method="get" path="/audits/{auditId}/personnel/groups" example="Example 1" -->
2856
+ ```typescript
2857
+ import { Vanta } from "vanta-auditor-api-sdk";
2858
+
2859
+ const vanta = new Vanta({
2860
+ bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
2861
+ });
2862
+
2863
+ async function run() {
2864
+ const result = await vanta.audits.listPersonnelGroups({
2865
+ auditId: "<id>",
2866
+ });
2867
+
2868
+ console.log(result);
2869
+ }
2870
+
2871
+ run();
2872
+ ```
2873
+
2874
+ ### Standalone function
2875
+
2876
+ The standalone function version of this method:
2877
+
2878
+ ```typescript
2879
+ import { VantaCore } from "vanta-auditor-api-sdk/core.js";
2880
+ import { auditsListPersonnelGroups } from "vanta-auditor-api-sdk/funcs/auditsListPersonnelGroups.js";
2881
+
2882
+ // Use `VantaCore` for best tree-shaking performance.
2883
+ // You can create one instance of it to use across an application.
2884
+ const vanta = new VantaCore({
2885
+ bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
2886
+ });
2887
+
2888
+ async function run() {
2889
+ const res = await auditsListPersonnelGroups(vanta, {
2890
+ auditId: "<id>",
2891
+ });
2892
+ if (res.ok) {
2893
+ const { value: result } = res;
2894
+ console.log(result);
2895
+ } else {
2896
+ console.log("auditsListPersonnelGroups failed:", res.error);
2897
+ }
2898
+ }
2899
+
2900
+ run();
2901
+ ```
2902
+
2903
+ ### Parameters
2904
+
2905
+ | Parameter | Type | Required | Description |
2906
+ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
2907
+ | `request` | [operations.ListPersonnelGroupsRequest](../../models/operations/listpersonnelgroupsrequest.md) | :heavy_check_mark: | The request object to use for the request. |
2908
+ | `options` | RequestOptions | :heavy_minus_sign: | Used to set various options for making HTTP requests. |
2909
+ | `options.fetchOptions` | [RequestInit](https://developer.mozilla.org/en-US/docs/Web/API/Request/Request#options) | :heavy_minus_sign: | Options that are passed to the underlying HTTP request. This can be used to inject extra headers for examples. All `Request` options, except `method` and `body`, are allowed. |
2910
+ | `options.retries` | [RetryConfig](../../lib/utils/retryconfig.md) | :heavy_minus_sign: | Enables retrying HTTP requests under certain failure conditions. |
2911
+
2912
+ ### Response
2913
+
2914
+ **Promise\<[components.PaginatedResponsePersonnelGroup](../../models/components/paginatedresponsepersonnelgroup.md)\>**
2915
+
2916
+ ### Errors
2917
+
2918
+ | Error Type | Status Code | Content Type |
2919
+ | --------------- | --------------- | --------------- |
2920
+ | errors.APIError | 4XX, 5XX | \*/\* |
2921
+
2922
+ ## listPersonnelPeople
2923
+
2924
+ Retrieves people population data for an audit.
2925
+
2926
+ This endpoint provides access to the people records visible to auditors
2927
+ during an audit engagement. Only Controlled Audit View (CAV) audits
2928
+ are supported. Full Audit View audits are rejected with 403.
2929
+
2930
+ Supports filtering by:
2931
+ - `search`: Searches names and email addresses
2932
+ - `status`: Filters by employment status
2933
+ - `groupsMatchesAny`: Filter people by group/role IDs
2934
+
2935
+ Results are sorted by name (ascending) by default.
2936
+ Use `orderBy` and `orderDirection` to customize sorting.
2937
+ Sort parameters must remain consistent across paginated requests.
2938
+
2939
+ Uses cursor-based pagination. To paginate:
2940
+ 1. Make initial request with desired `pageSize`
2941
+ 2. Check `results.pageInfo.hasNextPage`
2942
+ 3. Use `results.pageInfo.endCursor` as `pageCursor` for next request
2943
+
2944
+ ### Example Usage
2945
+
2946
+ <!-- UsageSnippet language="typescript" operationID="ListPersonnelPeople" method="get" path="/audits/{auditId}/personnel/people" example="Example 1" -->
2947
+ ```typescript
2948
+ import { Vanta } from "vanta-auditor-api-sdk";
2949
+
2950
+ const vanta = new Vanta({
2951
+ bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
2952
+ });
2953
+
2954
+ async function run() {
2955
+ const result = await vanta.audits.listPersonnelPeople({
2956
+ auditId: "<id>",
2957
+ });
2958
+
2959
+ console.log(result);
2960
+ }
2961
+
2962
+ run();
2963
+ ```
2964
+
2965
+ ### Standalone function
2966
+
2967
+ The standalone function version of this method:
2968
+
2969
+ ```typescript
2970
+ import { VantaCore } from "vanta-auditor-api-sdk/core.js";
2971
+ import { auditsListPersonnelPeople } from "vanta-auditor-api-sdk/funcs/auditsListPersonnelPeople.js";
2972
+
2973
+ // Use `VantaCore` for best tree-shaking performance.
2974
+ // You can create one instance of it to use across an application.
2975
+ const vanta = new VantaCore({
2976
+ bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
2977
+ });
2978
+
2979
+ async function run() {
2980
+ const res = await auditsListPersonnelPeople(vanta, {
2981
+ auditId: "<id>",
2982
+ });
2983
+ if (res.ok) {
2984
+ const { value: result } = res;
2985
+ console.log(result);
2986
+ } else {
2987
+ console.log("auditsListPersonnelPeople failed:", res.error);
2988
+ }
2989
+ }
2990
+
2991
+ run();
2992
+ ```
2993
+
2994
+ ### Parameters
2995
+
2996
+ | Parameter | Type | Required | Description |
2997
+ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
2998
+ | `request` | [operations.ListPersonnelPeopleRequest](../../models/operations/listpersonnelpeoplerequest.md) | :heavy_check_mark: | The request object to use for the request. |
2999
+ | `options` | RequestOptions | :heavy_minus_sign: | Used to set various options for making HTTP requests. |
3000
+ | `options.fetchOptions` | [RequestInit](https://developer.mozilla.org/en-US/docs/Web/API/Request/Request#options) | :heavy_minus_sign: | Options that are passed to the underlying HTTP request. This can be used to inject extra headers for examples. All `Request` options, except `method` and `body`, are allowed. |
3001
+ | `options.retries` | [RetryConfig](../../lib/utils/retryconfig.md) | :heavy_minus_sign: | Enables retrying HTTP requests under certain failure conditions. |
3002
+
3003
+ ### Response
3004
+
3005
+ **Promise\<[components.PaginatedResponsePersonnelPerson](../../models/components/paginatedresponsepersonnelperson.md)\>**
3006
+
3007
+ ### Errors
3008
+
3009
+ | Error Type | Status Code | Content Type |
3010
+ | --------------- | --------------- | --------------- |
3011
+ | errors.APIError | 4XX, 5XX | \*/\* |
3012
+
3013
+ ## listRiskSnapshots
3014
+
3015
+ Returns a paginated list of risk assessment snapshots available for an audit.
3016
+
3017
+ Risk snapshots capture the state of an organization's risk register at a
3018
+ point in time. Each snapshot has an `id` that can be used with the
3019
+ `/audits/{auditId}/risks` endpoint to retrieve the individual risk
3020
+ scenarios within that snapshot.
3021
+
3022
+ Results are sorted by creation date (newest first). This sort order is
3023
+ fixed and cannot be customized via query parameters. Only snapshots
3024
+ that are shared with auditors are included.
3025
+
3026
+ Uses cursor-based pagination. To paginate:
3027
+ 1. Make initial request with desired `pageSize`
3028
+ 2. Check `results.pageInfo.hasNextPage`
3029
+ 3. Use `results.pageInfo.endCursor` as `pageCursor` for next request
3030
+
3031
+ ### Example Usage
3032
+
3033
+ <!-- UsageSnippet language="typescript" operationID="ListRiskSnapshots" method="get" path="/audits/{auditId}/risks/snapshots" example="Example 1" -->
3034
+ ```typescript
3035
+ import { Vanta } from "vanta-auditor-api-sdk";
3036
+
3037
+ const vanta = new Vanta({
3038
+ bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
3039
+ });
3040
+
3041
+ async function run() {
3042
+ const result = await vanta.audits.listRiskSnapshots({
3043
+ auditId: "<id>",
3044
+ });
3045
+
3046
+ console.log(result);
3047
+ }
3048
+
3049
+ run();
3050
+ ```
3051
+
3052
+ ### Standalone function
3053
+
3054
+ The standalone function version of this method:
3055
+
3056
+ ```typescript
3057
+ import { VantaCore } from "vanta-auditor-api-sdk/core.js";
3058
+ import { auditsListRiskSnapshots } from "vanta-auditor-api-sdk/funcs/auditsListRiskSnapshots.js";
3059
+
3060
+ // Use `VantaCore` for best tree-shaking performance.
3061
+ // You can create one instance of it to use across an application.
3062
+ const vanta = new VantaCore({
3063
+ bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
3064
+ });
3065
+
3066
+ async function run() {
3067
+ const res = await auditsListRiskSnapshots(vanta, {
3068
+ auditId: "<id>",
3069
+ });
3070
+ if (res.ok) {
3071
+ const { value: result } = res;
3072
+ console.log(result);
3073
+ } else {
3074
+ console.log("auditsListRiskSnapshots failed:", res.error);
3075
+ }
3076
+ }
3077
+
3078
+ run();
3079
+ ```
3080
+
3081
+ ### Parameters
3082
+
3083
+ | Parameter | Type | Required | Description |
3084
+ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
3085
+ | `request` | [operations.ListRiskSnapshotsRequest](../../models/operations/listrisksnapshotsrequest.md) | :heavy_check_mark: | The request object to use for the request. |
3086
+ | `options` | RequestOptions | :heavy_minus_sign: | Used to set various options for making HTTP requests. |
3087
+ | `options.fetchOptions` | [RequestInit](https://developer.mozilla.org/en-US/docs/Web/API/Request/Request#options) | :heavy_minus_sign: | Options that are passed to the underlying HTTP request. This can be used to inject extra headers for examples. All `Request` options, except `method` and `body`, are allowed. |
3088
+ | `options.retries` | [RetryConfig](../../lib/utils/retryconfig.md) | :heavy_minus_sign: | Enables retrying HTTP requests under certain failure conditions. |
3089
+
3090
+ ### Response
3091
+
3092
+ **Promise\<[components.PaginatedResponseRiskSnapshot](../../models/components/paginatedresponserisksnapshot.md)\>**
3093
+
3094
+ ### Errors
3095
+
3096
+ | Error Type | Status Code | Content Type |
3097
+ | --------------- | --------------- | --------------- |
3098
+ | errors.APIError | 4XX, 5XX | \*/\* |
3099
+
3100
+ ## listAuditRisks
3101
+
3102
+ Retrieves risk population data for an audit.
3103
+
3104
+ This endpoint provides access to the risk records visible to auditors
3105
+ during an audit engagement. Risk data is scoped to a specific risk
3106
+ assessment snapshot identified by the `snapshotId` parameter.
3107
+
3108
+ Only Controlled Audit View (CAV) audits are supported. Full Audit
3109
+ View audits are rejected with 403.
3110
+
3111
+ Supports filtering by:
3112
+ - `search`: Searches risk scenario descriptions (case-insensitive)
3113
+
3114
+ Results are sorted by identified date (newest first) by default.
3115
+ Use `orderBy` and `orderDirection` to customize sorting.
3116
+ Sort parameters must remain consistent across paginated requests.
3117
+
3118
+ Uses cursor-based pagination. To paginate:
3119
+ 1. Make initial request with desired `pageSize`
3120
+ 2. Check `results.pageInfo.hasNextPage`
3121
+ 3. Use `results.pageInfo.endCursor` as `pageCursor` for next request
3122
+
3123
+ ### Example Usage
3124
+
3125
+ <!-- UsageSnippet language="typescript" operationID="ListAuditRisks" method="get" path="/audits/{auditId}/risks/{snapshotId}" example="Example 1" -->
3126
+ ```typescript
3127
+ import { Vanta } from "vanta-auditor-api-sdk";
3128
+
3129
+ const vanta = new Vanta({
3130
+ bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
3131
+ });
3132
+
3133
+ async function run() {
3134
+ const result = await vanta.audits.listAuditRisks({
3135
+ auditId: "<id>",
3136
+ snapshotId: "<id>",
3137
+ });
3138
+
3139
+ console.log(result);
3140
+ }
3141
+
3142
+ run();
3143
+ ```
3144
+
3145
+ ### Standalone function
3146
+
3147
+ The standalone function version of this method:
3148
+
3149
+ ```typescript
3150
+ import { VantaCore } from "vanta-auditor-api-sdk/core.js";
3151
+ import { auditsListAuditRisks } from "vanta-auditor-api-sdk/funcs/auditsListAuditRisks.js";
3152
+
3153
+ // Use `VantaCore` for best tree-shaking performance.
3154
+ // You can create one instance of it to use across an application.
3155
+ const vanta = new VantaCore({
3156
+ bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
3157
+ });
3158
+
3159
+ async function run() {
3160
+ const res = await auditsListAuditRisks(vanta, {
3161
+ auditId: "<id>",
3162
+ snapshotId: "<id>",
3163
+ });
3164
+ if (res.ok) {
3165
+ const { value: result } = res;
3166
+ console.log(result);
3167
+ } else {
3168
+ console.log("auditsListAuditRisks failed:", res.error);
3169
+ }
3170
+ }
3171
+
3172
+ run();
3173
+ ```
3174
+
3175
+ ### Parameters
3176
+
3177
+ | Parameter | Type | Required | Description |
3178
+ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
3179
+ | `request` | [operations.ListAuditRisksRequest](../../models/operations/listauditrisksrequest.md) | :heavy_check_mark: | The request object to use for the request. |
3180
+ | `options` | RequestOptions | :heavy_minus_sign: | Used to set various options for making HTTP requests. |
3181
+ | `options.fetchOptions` | [RequestInit](https://developer.mozilla.org/en-US/docs/Web/API/Request/Request#options) | :heavy_minus_sign: | Options that are passed to the underlying HTTP request. This can be used to inject extra headers for examples. All `Request` options, except `method` and `body`, are allowed. |
3182
+ | `options.retries` | [RetryConfig](../../lib/utils/retryconfig.md) | :heavy_minus_sign: | Enables retrying HTTP requests under certain failure conditions. |
3183
+
3184
+ ### Response
3185
+
3186
+ **Promise\<[components.PaginatedResponseAuditRisk](../../models/components/paginatedresponseauditrisk.md)\>**
3187
+
3188
+ ### Errors
3189
+
3190
+ | Error Type | Status Code | Content Type |
3191
+ | --------------- | --------------- | --------------- |
3192
+ | errors.APIError | 4XX, 5XX | \*/\* |
3193
+
2435
3194
  ## shareInformationRequestList
2436
3195
 
2437
3196
  Shares the current information request list for an audit with the customer organization,