diff --git a/docs/CONTRACT.md b/docs/CONTRACT.md index 88e2f55..2228b0d 100644 --- a/docs/CONTRACT.md +++ b/docs/CONTRACT.md @@ -31,37 +31,37 @@ C. Client desires to engage Developer to perform such software development and ## ARTICLE 2: SCOPE OF SERVICES -2.1 **General Scope:** Developer shall perform the Services necessary to design, develop, test, and implement the System as described in this Agreement and its Exhibits. The System is intended to function as a Learner Management System providing functionalities for learners, instructors, and administrators. +2.1 **General Scope:** Developer shall perform the Services necessary to design, develop, test, implement, and deliver the System as described in this Agreement and its Exhibits. The System is intended to function as a comprehensive Learner Management System providing functionalities for learners, instructors, and administrators of Western Institute of Technology. 2.2 **Development Methodology:** Developer shall utilize an Agile (Iterative and Incremental) Software Development Life Cycle (SDLC) methodology for the performance of the Services. -> a. **Process:** The project will be broken down into smaller, manageable cycles ("**Sprints**," typically 2-4 weeks). Each Sprint will generally include planning, design, development, testing, and stakeholder review, aiming to produce a potentially shippable increment of the System. +> a. **Process:** The project will be broken down into Sprints. Each Sprint will generally include planning, design, development, testing, and stakeholder review, aiming to produce a potentially shippable increment of the System. Sprint duration will be mutually agreed upon, typically **[e.g., two (2)]** weeks. > > b. **Rationale:** This methodology is selected to provide adaptability to evolving requirements, facilitate early and frequent feedback from Client, foster collaboration and transparency, manage risks effectively, and maintain focus on user needs. > -> c. **Project Management:** Developer shall employ project management practices consistent with the Agile methodology, including but not limited to backlog grooming, sprint planning, daily stand-ups (as appropriate), sprint reviews, and retrospectives. Regular communication and progress reporting shall be provided to Client. *()*. Project tracking will utilize []. +> c. **Project Management:** Developer shall employ project management practices consistent with the Agile methodology. Developer shall provide Client with **[e.g., weekly progress summaries via email and bi-weekly Sprint review meetings]**. Project tracking and backlog management will utilize **[Specify Tool, e.g., Trello, Jira, Asana, GitHub Projects - requires agreement]**, to which Client representatives will be granted appropriate access. 2.3 **Key System Features and Characteristics:** The System developed under this Agreement shall aim to possess the following features and characteristics: > a. **Technology Stack:** > -> > i. Frontend: [Specify frontend tech: e.g., Vite Vanilla, React/Vue, etc.] +> > i. Frontend: Vite utilizing Vanilla TypeScript and Bootstrap v5.3. > > > > ii. Backend: Rust utilizing the Actix framework. > > -> > iii. Database: MariaDB. +> > iii. Database: MariaDB (version 10 or later compatible version). > > > > iv. Deployment Environment: Containerized using Docker and orchestrated via Docker Compose. > -> b. **Performance & Scalability:** The architecture is designed for efficient performance and to accommodate future growth in user base and data volume. +> b. **Performance & Scalability:** The architecture is designed for efficient performance under expected load conditions (to be reasonably defined) and to accommodate future growth in user base and data volume anticipated by the Client over the Agreement term. > -> c. **Security:** Development practices will incorporate security considerations, including secure authentication mechanisms (e.g., PAKE SRP planned for initial implementation), data validation, and adherence to standard secure coding practices. *()*. +> c. **Security:** Development practices will incorporate security considerations, including secure authentication mechanisms (specifically, the **OPAQUE** PAKE protocol), secure session management, input validation, protection against common web vulnerabilities (e.g., Cross-Site Scripting, SQL Injection), and adherence to standard secure coding practices. The Parties shall mutually agree upon any specific additional security standards or penetration testing requirements, if necessary. > -> d. **User Interface (UI) and User Experience (UX):** The System shall feature an intuitive, responsive user interface adaptable to various screen sizes (desktop, tablet, mobile) and designed according to the principles outlined in Section 3.1 and Exhibit A. Adherence to accessibility guidelines (e.g., WCAG) will be pursued where practicable. *()*. +> d. **User Interface (UI) and User Experience (UX):** The System shall feature an intuitive, responsive user interface adaptable to various screen sizes (desktop, tablet, mobile) and designed according to the principles outlined in Section 3.1 and Exhibit A. Adherence to Web Content Accessibility Guidelines (WCAG) **[Specify required level, e.g., 2.1 Level AA]** will be pursued where reasonably practicable within the scope and budget. > -> e. **Modularity:** The System architecture promotes modularity to facilitate future enhancements and integrations. +> e. **Modularity:** The System architecture, including the frontend widget system and backend service structure, promotes modularity to facilitate future enhancements, maintenance, and potential integrations. -2.4 **Video Demonstration:** As part of the development process or deliverables, Developer shall provide Client with a video demonstration showcasing core System functionalities, user roles (learner, instructor, administrator), and key workflows, substantially covering the items listed below: +2.4 **Video Demonstration:** As part of the Deliverables, Developer shall provide Client with a video demonstration (e.g., screen recording with narration) showcasing core System functionalities, user roles (learner, instructor, administrator), and key workflows, substantially covering the items listed below: > a. Platform Navigation and Layout. > @@ -69,9 +69,18 @@ C. Client desires to engage Developer to perform such software development and > > c. Core Feature Highlights (Dashboard, Profiles, Course Interaction, Admin Interfaces). > ->d. Interface Responsiveness. +> d. Interface Responsiveness. -2.5 **Excluded Services:** *()*. +2.5 **Excluded Services:** Unless otherwise explicitly agreed upon in a written Change Order (Article 6), the Services under this Agreement **do not** include: +> a. Ongoing hosting services, server maintenance, or domain name registration/renewal fees beyond the initial deployment and stabilization period defined in Phase 4 of Exhibit C. +> +> b. Creation or curation of educational content (course materials, quizzes, etc.) to be loaded into the LMS. +> +> c. Extensive data migration services from legacy systems beyond [Define scope, e.g., "basic assistance with data mapping and import validation for user data provided in a pre-agreed format" or "data migration services as detailed in a separate Statement of Work"]. Client is responsible for data extraction and cleansing from source systems unless otherwise agreed. +> +> d. Procurement or management of hardware infrastructure required by Client outside the scope of the development and deployment process. +> +> e. Licenses for any third-party software required by Client for its own operations that may interact with the LMS, unless such software is directly embedded by Developer as part of the System Deliverable and its licensing terms are passed through. ## ARTICLE 3: SYSTEM SPECIFICATIONS AND ARCHITECTURE