Awarded to Made Tech Ltd

Start date: Monday 23 October 2017
Value: £64,800
Company size: SME
Government Digital Service

WP1454v2: GOV.UK Broken link checking tool. Reissue WP1454 amended.

3 Incomplete applications

2 SME, 1 large

5 Completed applications

5 SME, 0 large

Important dates

Published
Friday 25 August 2017
Deadline for asking questions
Friday 1 September 2017 at 11:59pm GMT
Closing date for applications
Friday 8 September 2017 at 11:59pm GMT

Overview

Summary of the work
Improve upon and integrate a pre-existing Ruby link checker tool to check the validity of external links from all content on GOV.UK by reading from a RabbitMQ message bus. They will be working with a multidisciplinary team including GOV.UK developers
Latest start date
Monday 23 October 2017
Expected contract length
Approximately five months. Not beyond 31/03/2018
Location
London
Organisation the work is for
Government Digital Service
Budget range
£56,000 - £67,000 excluding VAT

About the work

Why the work is being done
GOV.UK must be a trusted source for users. Their safety, security and privacy must be protected while using the site.
Problem to be solved
Links to other sites on GOV.UK may break or the destination domains may be hijacked by malicious actors. Consequently malicious actors have the potential to direct users to expose private information. Content staff and publishers need to be able to monitor these links and fix them if they break.The work is expected to take no longer than 8 weeks. The milestone deliverables are: Integrate with daily feed from GOV.UK site crawler, Integrate with feed of changed content, Discovery and implementation of additional link checks, Record results of tests, Display results of tests, Set up automated reporting of results of tests
Who the users are and what they need to do
As a citizen I need to be able to trust links I click on GOV.UK so that I'm not tricked into disclosing my information to attackers
Early market engagement
None
Any work that’s already been done
GOV.UK has a Link Checker API that accepts a URL and checks that it doesn't 404. It has been integrated with our Local Links Manager application which staff from local authorities use to update links from GOV.UK to services on their sites. GOV.UK has two RabbitMQ-based feeds of content which could be used to drive the checker. One is a nightly crawler which detects URLs on each page. The other is a live feed of newly published content.
Existing team
The team that built the Alpha API and integrated it with Local Links Manager will be available to provide context and assist with code reviews. The work will be coordinated by a Delivery Manager and overseen by a Senior Technologist and Product Manager from GOV.UK. Once familiar with the work, the supplier is encouraged to work remotely.
Current phase
Live

Work setup

Address where the work will take place
Government Digital Service, The White Chapel Building, 10 Whitechapel High Street, London, E1 8QS
Working arrangements
The team should work in the GDS office for an initial period to gain context, but are encouraged to work remotely afterwards. Fortnightly check in meetings on progress are required.
The intermediaries legislation doesn't apply to this engagement: this is out of scope for IR35.
Security clearance
SC Clearance is required

Additional information

Additional terms and conditions
Cabinet Office (CO) Travel and Subsistence policy will apply. All expenses must be pre-agreed with between the parties and must comply with the CO T&S policy.

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

Essential skills and experience
  • 3+ years experience with Ruby on Rails
  • 2+ years experience working in a Continous Integration environment
  • 2+ years experience working with Git hub
  • 2+ years experience with Test Driven Development
  • 2 + years experience of working with RabbitMQ
Nice-to-have skills and experience
  • Understanding of GDS product and service development phases
  • Examples of experience with Rest APIs
  • Examples of mitigating common web security issues
  • Understanding of TLS/SSL and how it relates to the problem
  • Understanding of wider government web ecosystem and how it relates to the problem
  • Understanding of local government web ecosystem and how it relates to the problem

How suppliers will be evaluated

How many suppliers to evaluate
3
Proposal criteria
  • Technical solution
  • Approach and methodology
  • How the approach or solution improves the safety and security of users
  • How the approach or solution meets the needs of publishers
  • Estimated timeframes for the work
  • How they’ve identified risks and dependencies and offered approaches to manage them
  • Team structure
  • Value for money
  • Suggestions of checks to perform against URLs
  • Suggestions of ways to report issues back to the most relevant publisher
Cultural fit criteria
  • Evidence of experience working in an Agile environment
  • Evidence of experience reporting progress to Senior Management on a regular basis
  • Experience communicating with other developers via Slack or similar tools
  • Demonstrated understanding of the need to ask well defined questions of other developers
  • Examples of sharing acquired knowledge with other developers
  • Experience of pair or mob programming and understanding of the benefits
Payment approach
Time and materials
Assessment methods
  • Written proposal
  • Work history
  • Presentation
Evaluation weighting

Technical competence

70%

Cultural fit

10%

Price

20%

Questions asked by suppliers

1. Is the team that built the Alpha an in-house team or an interim team?
An In-house team
2. Can you give an indication of how many Developers you would expect to be doing this work?
We estimate that we will require 1 to 3 developers
3. Is there an incumbent supplier who has been involved with the work on the alpha API?
No