GovTech Modernization · Read-only Audit Findings
e-District Uttarakhand
Legacy ASP.NET Web Forms citizen-services portal assessed across four independent lenses — security, maintainability, complexity, and testability — with an evidence-backed migration plan.
CriticalHighMediumLow
Platform
.NET 3.5
Web Forms · VS2008
Codebase
~2,150
files · ~91.6K VB LOC
Security posture
CRITICAL
5 critical findings
Test coverage
0%
no tests · no CI
Target
.NET 10
Blazor · C# · LTS
Strategy — Strangler Fig, not big-bang
The system is too large, too coupled, and too poorly understood (no tests, business rules buried in BL.vb + inline SQL) for a one-shot rewrite to be anything but high-risk. Instead: stand the new app up beside the old one behind a single front door, and move it over one feature at a time — citizens never see a switch-over day.
StabilizeEnableConsolidate seamsMigrateDecommission
Four gates before deep work
§6
Project conversion — Website → Web App so the whole app compiles
Test safety net — characterization tests before changing behavior
Critical security— don't carry exploitable code into the new app
CI/CD — keeps the compile gate + test net honest
Target architecture — current → future
decisions flagged for sign-off
Current · EOL
Runtime
.NET Framework 3.5 (EOL)
UI model
Web Forms / postbacks
Language
VB.NET + C# mix
Data access
Inline ADO.NET, no ORM
Auth
Home-grown MD5 challenge
Secrets
Plaintext in web.config
Reporting
Crystal / RDLC
Target · .NET 10
Runtime
.NET 10 LTS (to 2028)
UI model
Blazor (+ Razor Pages for reports)
Language
C# (VB libs short-term)
Data access
Repository over Dapper + selective EF Core
Auth
ASP.NET Core Identity / OIDC
Secrets
appsettings + secrets vault
Reporting
Modern PDF library (e.g. QuestPDF)
Phased roadmap
effort · click to expand
Dependency spine: Phase 1 (compile + tests + CI) gates Phases 2–3; characterization tests gate decomposition; the repository seam gates every migrated slice.
Migration slice order
low-risk → high-risk
3a
Public read-only lookups
Lowest coupling, read-mostly → ideal learning slice
CG-23
3b
Authentication & session
Everything authorized depends on it; precedes authorized slices
F-08CG-01CG-09
3c
Self-contained citizen write flows
Registration, activation, reset, one certificate end-to-end
CG-07CG-14F-09
3d
Certificate / service form families
Repeat the 3c template; benefits from de-dup + rule table
H8CG-10TD-19
3e
Officer workflow core
Deeply-coupled state machine; do once seams are mature
H3CG-04CG-05
3f
Web services / mobile + integrations
Re-expose as authenticated modern APIs
F-03CG-02C1
3g
Payments + reporting + digital signature
Highest external-dependency risk; last, deliberately
CG-08TD-20D-5
Decisions requiring stakeholder approval
§7 decision log
D-1 UI model — Blazor vs MVC / Razor PagesStakeholder sign-off
Recommendation: Blazor for interactive forms
D-2 Language — VB.NET → C# rampStakeholder sign-off
Recommendation: Migrate to C#, pragmatically
D-3 Data access — EF Core vs thin SQLStakeholder sign-off
Recommendation: Repository over Dapper; EF Core selectively
D-4 Auth — local Identity vs government OIDCStakeholder sign-off
Recommendation: Depends on available IdP
D-5 Reporting — Crystal/RDLC replacementStakeholder sign-off
Recommendation: Modern reporting/PDF library
D-6 Digital signature — CAPICOM replacementStakeholder sign-off
Recommendation: Modern server-side signing
Early, low-risk wins
momentum + proof
Security triage (Phase 0)
Secret rotation, cert removal, debug off, endpoint lockdown — risk down in days
Wrong-Inherits + dead-code fix
Trivial; proves the new compile gate catches real bugs
checkentry rule-table refactor
Highest-ROI complexity item: CC 60–80 → single digits, low risk
First Strangler slice = status lookup
Low-coupling, read-only, public — proves the whole setup end-to-end