Desmond File

Blog archive

Microsoft's Open Source Faux Pas

File this under: Things that make you say "Oops."

Microsoft has been hosting on its CodePlex shared source site a project called Sandcastle, which is an XML documentation compiler for managed class libraries. The project was published under the Microsoft Permissive License (Ms-PL) and promoted as an open source project. Ms-PL is one of two Microsoft license programs to earn the approval of the Open Source Initiative (OSI).

There was just one problem: Sandcastle wasn't open source at all. The team producing the project at Microsoft had failed to publish and share the project source code, which violates the OSI's terms and conditions.

After a flurry of complaints, Microsoft open source guru Sam Ramji quickly published a public apology on the Port 25 blog page and announced that Sandcastle was being removed from the CodePlex site. You can read his entry here.

Ramji said Sandcastle might return to CodePlex once the team commits to releasing the source code, but no decision has been made yet.

The fix to Microsoft's open source faux pas creates another problem: Developers were relying on Sandcastle to produce code documentation. Numerous responses to Ramji's blog post indicate real frustration over having the documentation tool summarily yanked out from under their projects. One comment from poster JohnC sums up the issue nicely:

"A lot of people rely on Sandcastle. I use it for my business and would gladly pay for it if it was commercial software and reasonably priced.

I have no beef with open source particularly, but I couldn't care less about having the source code for a utility program that I use in my business. This is a bit draconian and just the sort of bizarre, unthinking and most importantly unaccountable exploit that continues to cement the bad reputation of open source projects in my mind and others.

Surely some other place could have been found in a timely manner to host the binaries before removing it from CodePlex. Yanking widely used and important software without warning is not something a respectable for-profit company *accountable* to its customers could ever afford to do."

What do you think of Microsoft's decision to yank Sandcastle? Is Microsoft doing that right thing in moving to comply right away, or is it being short-sighted by hurting customers who value the Sandcastle code? E-mail me at [email protected].

Posted by Michael Desmond on 06/12/2008

comments powered by Disqus


  • AI for GitHub Collaboration? Maybe Not So Much

    No doubt GitHub Copilot has been a boon for developers, but AI might not be the best tool for collaboration, according to developers weighing in on a recent social media post from the GitHub team.

  • Visual Studio 2022 Getting VS Code 'Command Palette' Equivalent

    As any Visual Studio Code user knows, the editor's command palette is a powerful tool for getting things done quickly, without having to navigate through menus and dialogs. Now, we learn how an equivalent is coming for Microsoft's flagship Visual Studio IDE, invoked by the same familiar Ctrl+Shift+P keyboard shortcut.

  • .NET 9 Preview 3: 'I've Been Waiting 9 Years for This API!'

    Microsoft's third preview of .NET 9 sees a lot of minor tweaks and fixes with no earth-shaking new functionality, but little things can be important to individual developers.

  • Data Anomaly Detection Using a Neural Autoencoder with C#

    Dr. James McCaffrey of Microsoft Research tackles the process of examining a set of source data to find data items that are different in some way from the majority of the source items.

  • What's New for Python, Java in Visual Studio Code

    Microsoft announced March 2024 updates to its Python and Java extensions for Visual Studio Code, the open source-based, cross-platform code editor that has repeatedly been named the No. 1 tool in major development surveys.

Subscribe on YouTube