Information Village
0%

Information Village

Information Village
← Back to showcase

#10 · Interoperability & Data Exchange

Government Source Code Custody & Interoperability Registry

Every MDA system, in State custody, with auditable interoperability.

Working PrototypeNDPIV Public Sector Transformation + Digital Transformation

The problem

Uganda's catalogued government applications run with no central source-code custody after vendor delivery, leaving the State exposed to vendor lock-in and unable to enforce code-quality, dependency-vulnerability, or interoperability standards. NDPIV PSTP targets a Government Effectiveness Index improvement from -0.57 to -0.182 by FY2029/30 and NDPIV DTP targets Increased citizen participation in the digital government - both depend on State-controlled source-code custody.

The solution

Central registry of all MDA-commissioned source code with vendor handover workflow, code-quality audit hooks, dependency-vulnerability scanning, inter-system API registry, and public read views for citizen oversight where appropriate. Built on read-only Git mirroring plus signed cryptographic custody attestations.

System architecture

  1. L1
    Client tier

    Vendor handover client • MDA reviewer console • Public viewer

  2. L2
    Custody API

    Handover + attestation + scan triggering

  3. L3
    Service tier

    Gitea mirror • Attestation log • Scanner pipeline

  4. L4
    Notification + integration

    MDA notification + dependency vulnerability stream

Technical details

Languages
Go, TypeScript, PHP
Frameworks
Go + Gitea for repo mirroring, Laravel UI for the registry
Database
PostgreSQL registry + Gitea object store
Hosting
iVille internal multi-server fleet (4 servers)
Security
OpenSSL-signed attestations, OSV-Scanner / Trivy dependency scanning, role-based access (Vendor / MDA / Auditor / Public)
APIs / Integrations
Vendor handover API + dependency scanner pipeline + public registry API

NDPIV alignment

Programme: Public Sector Transformation + Digital Transformation

Outcome: PSTP Outcome 1.1 + DTP Outcome 1.1

  • Government Effectiveness Index -0.57 → -0.182
  • Increased citizen participation in digital government

Demonstration (Section 6)

Screencast of a vendor handover, an MDA reviewer accepting the handover, and a Super-admin running a CVE scan.

Supporting documents (Section 7)

  • Architecture diagram (PDF)
  • Vendor handover contract template
  • Custody attestation cryptographic spec

Declaration (Section 8)

All boxes ticked.

Signatory: Rodney Echeru, Director, Information Village Limited

Next submission

National Impact Assessment & M&E Dashboard

NDPIV indicator roll-up the Office of the Prime Minister can actually read.