Desmond File

Blog archive

Microsoft's Open Source Faux Pas

File this under: Things that make you say "Oops."

Microsoft has been hosting on its CodePlex shared source site a project called Sandcastle, which is an XML documentation compiler for managed class libraries. The project was published under the Microsoft Permissive License (Ms-PL) and promoted as an open source project. Ms-PL is one of two Microsoft license programs to earn the approval of the Open Source Initiative (OSI).

There was just one problem: Sandcastle wasn't open source at all. The team producing the project at Microsoft had failed to publish and share the project source code, which violates the OSI's terms and conditions.

After a flurry of complaints, Microsoft open source guru Sam Ramji quickly published a public apology on the Port 25 blog page and announced that Sandcastle was being removed from the CodePlex site. You can read his entry here.

Ramji said Sandcastle might return to CodePlex once the team commits to releasing the source code, but no decision has been made yet.

The fix to Microsoft's open source faux pas creates another problem: Developers were relying on Sandcastle to produce code documentation. Numerous responses to Ramji's blog post indicate real frustration over having the documentation tool summarily yanked out from under their projects. One comment from poster JohnC sums up the issue nicely:

"A lot of people rely on Sandcastle. I use it for my business and would gladly pay for it if it was commercial software and reasonably priced.

I have no beef with open source particularly, but I couldn't care less about having the source code for a utility program that I use in my business. This is a bit draconian and just the sort of bizarre, unthinking and most importantly unaccountable exploit that continues to cement the bad reputation of open source projects in my mind and others.

Surely some other place could have been found in a timely manner to host the binaries before removing it from CodePlex. Yanking widely used and important software without warning is not something a respectable for-profit company *accountable* to its customers could ever afford to do."

What do you think of Microsoft's decision to yank Sandcastle? Is Microsoft doing that right thing in moving to comply right away, or is it being short-sighted by hurting customers who value the Sandcastle code? E-mail me at [email protected].

Posted by Michael Desmond on 06/12/2008


comments powered by Disqus

Featured

Subscribe on YouTube