Programmatic schema and validator for the CSA CAIQ-Lite vendor security questionnaire. Author, validate, and diff CAIQ responses as code.
Treat your CSA CAIQ-Lite vendor security questionnaire as code. Load responses from YAML, validate them against the official schema, diff versions over time, and export to PDF, XLSX, JSON, or Markdown — all programmatically.
npm install @hailbytes/caiq-liteimport { loadCAIQ, validate, diff, exportTo } from '@hailbytes/caiq-lite';
// 1. Load a CAIQ response from YAML
const caiq = await loadCAIQ('responses.yaml');
// 2. Validate against the CAIQ-Lite schema
const result = validate(caiq);
if (!result.valid) {
console.error(result.errors);
}
// 3. Diff two CAIQ responses
const changes = diff(previousCAIQ, currentCAIQ);
console.log(changes.added, changes.removed, changes.modified);
// 4. Export to multiple formats
const pdf = await exportTo(caiq, { format: 'pdf' });
const xlsx = await exportTo(caiq, { format: 'xlsx' });
const json = await exportTo(caiq, { format: 'json' });
const md = await exportTo(caiq, { format: 'markdown' });Security engineers, compliance teams, and trust-center operators who need to automate the authoring, validation, and delivery of CSA CAIQ-Lite vendor security questionnaires.
@hailbytes/sbom-diff— Diff CycloneDX/SPDX SBOMs- HailBytes
Part of the HailBytes open-source security toolkit.