{"id":24678684,"url":"https://github.com/contrast-security-oss/integrations-scw","last_synced_at":"2025-10-08T11:31:20.909Z","repository":{"id":39141676,"uuid":"341839472","full_name":"Contrast-Security-OSS/integrations-scw","owner":"Contrast-Security-OSS","description":"Script to populate a Contrast environment with links to Secure Code Warrior videos and training exercises.","archived":false,"fork":false,"pushed_at":"2023-12-15T20:08:40.000Z","size":67,"stargazers_count":2,"open_issues_count":4,"forks_count":3,"subscribers_count":19,"default_branch":"main","last_synced_at":"2025-01-19T21:37:58.205Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Contrast-Security-OSS.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-02-24T09:02:36.000Z","updated_at":"2022-06-04T06:19:21.000Z","dependencies_parsed_at":"2022-09-04T12:51:41.152Z","dependency_job_id":null,"html_url":"https://github.com/Contrast-Security-OSS/integrations-scw","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Contrast-Security-OSS%2Fintegrations-scw","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Contrast-Security-OSS%2Fintegrations-scw/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Contrast-Security-OSS%2Fintegrations-scw/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Contrast-Security-OSS%2Fintegrations-scw/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Contrast-Security-OSS","download_url":"https://codeload.github.com/Contrast-Security-OSS/integrations-scw/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":235706306,"owners_count":19032607,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-01-26T13:17:57.680Z","updated_at":"2025-10-08T11:31:15.578Z","avatar_url":"https://github.com/Contrast-Security-OSS.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Secure Code Warrior Integration (beta)\n\nThis script is used to provide links from within Contrast to relevant training videos and exercises within the Secure Code Warrior platform. The links appear in the \"How to Fix\" area of a vulnerability within the Contrast TeamServer UI and IDE plugins.\n\nIt should not be confused with the SCW Jira plugin which is created and managed by the SCW team.\n\nThe script performs the following logic:\n\n```\nExtract a list of rules from the Contrast organisation\n    For each rule\n        Call the SCW API using the CWE code\n        \n        If a video exists\n            Grab the video URL for this CWE\n        Otherwise\n            If we have an reserve set up for this rule\n                Grab the reserve video URL for this CWE\n\n        For each language\n            Create an integration URL for SCW\n        Next\n\n        Call the Contrast API to update the references for this rule with the videos and training links\n    Next\n```\n\n## Requirements\n\nThis script requires Python3 and organizational admin privileges to run.\n\n## Setup\n\nSteps:\n1. Clone this repository locally. \n1. Login to the Contrast TeamServer in your browser, click your name in the top right, and select 'User settings'.\n1. Update the [config.json](config.json) in your local cloned repository with details about your TeamServer and credentials from the 'Your Keys' section. If you have an on premise installation, please ensure the url ends in `/api/ng/`.\n\n## Recommendations\n\nContrast only supports one set of references per rule. Consider modifying the languages map in the `map_contrast_lang_to_scw_lang` function within [contrast_scw.py](contrast_scw.py) function to suit your customer's most popular frameworks in order they receive the most relevant training material. For a list of supported languages run: \n\n```curl -X GET \"https://integration-api.securecodewarrior.com/api/v1/language-keys\" -H \"accept: text/plain\"```\n\n## ** WARNING **\n\nThis script will overwrite any manual rule references that you may have added to your Contrast environment in Policy Management \u003e Assess Rules.\n\n## Running the Script\n\nRun with `python3 contrast_scw.py`. It can be run more than once should changes be made to the script, it will overwrite the rule references each time it is run.\n\n## Resetting the rules\n\nRun with an additional parameter `python3 contrast_scw.py reset` to reset your Contrast rules. This will remove all the SCW links and any manual rule references that you may have added.\n\n## Tested on\n\n* SaaS and EOP environments with TeamServer version 3.7.11\n* Python version 3.7\n\n## Known Issues / Limitations\n\n* The reserve rules (used when a CWE video could not be found using the API) have hardcoded SCW URLs which might change in the future.\n* The Contrast IDE plugins do not yet render clickable links.\n* The Contrast IDE plugins do not yet render html content so this markup is visible within the IDE plugin.\n* Not every rule has a SCW video available.\n\n## Terms and Conditions\nBy installing this integration, you agree to the [Contrast Beta Terms and Conditions](https://docs.contrastsecurity.com/en/beta-terms-and-conditions.html).","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcontrast-security-oss%2Fintegrations-scw","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcontrast-security-oss%2Fintegrations-scw","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcontrast-security-oss%2Fintegrations-scw/lists"}