Microsoft Mends Breach in Open Source Sandcastle

Microsoft has released all of the source code used in its Sandcastle project, which is now published at the CodePlex open source developer's Web site, according to a blog. Sandcastle helps developers of managed class libraries create uniform documentation on their projects, using MSDN style.

The Sandcastle project made the news in early June when Sam Ramji, Microsoft's open source software lab director, ordered Sandcastle yanked from CodePlex. At the time, it was noted that the source code for the project had not been published in keeping with the OSI's Open Source Definition for open source software.

Microsoft's open source license is called the Microsoft Public License (Ms-PL), which the OSI approved in October of last year. Such OSI-approved licenses allow the free sharing of code, for both commercial and noncommercial applications, although Microsoft's Ms-PL confines future distributions of code to the Ms-PL license.

With the release of the code, Ramji noted yesterday that the Sandcastle project now meets the OSI's terms for open source software. However, the Microsoft team "found other cases where Microsoft-led projects had been licensed under the Ms-PL but hadn't shared the source," Ramji wrote.

Those projects are currently unpublished and will undergo a review process by Microsoft's teams, he added.

Microsoft is still getting its feet wet with open source licensing, but the company has been signaling a new approach. In February, the company announced its "interoperability principles," and late last month Microsoft released additional documentation on protocols used in some of its core products. However, Microsoft officials have not yet stepped back from the claim that open source software violates 235 of Microsoft's patents.

Moreover, the Software Freedom Law Center had declared back in March that Microsoft's interoperability principles were essentially contrary to GNU General Public Licensing.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.


  • Industrial Control System Honeypot Illustrates Bad Security Practices

    Security solutions provider Trend Micro has published results (PDF) from running an industrial control system (ICS) "honeypot."

  • Ransomware: What It Means for Your Database Servers

    Ransomware affects databases in very specific ways. Joey describes the mechanics of a SQL Server ransomware attack, what DBAs can do to protect their systems, and what security measures they should be advocating for.

  • Windows Admin Center vs. Hyper-V Manager: What's Better for Managing VMs?

    Microsoft's preferred interface for Windows Server is Windows Admin Center, but can it really replace Hyper-V Manager for managing virtual machines? Brien compares the two management tools.

  • Microsoft Offers More Help on Windows Server 2008 Upgrades

    Microsoft this week published additional help resources for organizations stuck on Windows Server 2008, which fell out of support on Jan. 14.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.