Why#
NGL I didn’t like Vanta’s UIs because it was painful or rather impossible to get a decent bulk evidence pull. It was a lot of Click, download, click, download, repeat 100x
This tool lets you bulk export audit evidence straight from Vanta’s API. Built for auditors who don’t want to click through dozens of controls.
Vanta Auditor TUI - Original TypeScript Version#
First version was TypeScript/Node.js with a purple/pink TUI using Ink. I was diving back into learning TypeScript via Boot.dev so it was good practice.
It worked but required Node.js, npm, and a bunch of dependencies. Not ideal. Especially when npm got hacked like a gazillion times in a month (CISA alert, Unit42 breakdown). I didn’t feel like maintaining all that. Also the whole reason I wrote it in TypeScript was to use the TypeScript SDK but turns out I didn’t even need it - could just make direct calls to the API.
Vanta Go Export - Go Rewrite#
Rewrote the whole thing in Go. Way better. Also I really wanted to build something with Bubbletea - Charm’s TUI framework is clean.
Install#
brew install ethanolivertroy/sectools/vanta-exporter
Why Go?#
- ~1,150 lines in a single file vs multi-file TypeScript mess
- Single binary - no Node.js, no npm, no dependencies
- Faster and lighter
- Cross-platform builds are trivial
- Just copy one file and run it
Cross-platform binaries via GoReleaser.
Disclaimer#
I’m not affiliated with Vanta. Use responsibly.
