Microsoft Pulls 'Open Source' Release, Apologizes

The director of Microsoft's Open Source Software Lab Sam Ramji posted an apology on Friday for not releasing the source code for one of its open source projects.

Sandcastle, a "documentation compiler for managed class libraries," had been available through Microsoft's CodePlex site. However, the source code for the software wasn't, violating the license the software had been released under.

"A number of people have alerted me in the last 24 hours that a Microsoft project called Sandcastle, located on Codeplex, used the Ms-PL [license] and called itself 'open source' yet never posted the source code," Ramji posted on his blog Friday. "This is unacceptable and represents a violation of Microsoft's Open Source policy. I take it extremely seriously."

"I apologize to the OSI on behalf of Microsoft for this mistake," Ramji continued, stating that he had the project removed from the site immediately. "Our policy regarding use of the term Open Source is clear: Open Source refers to projects using OSI-approved licenses."

According to Ramji, the project will not return to Codeplex unless the Sandcastle team decides to post the source code. "If not," he wrote, "we will remove all references to Sandcastle from Codeplex."

While many praised Microsoft and Ramji for quick action on the issue, some developers have been left in limbo without the software.

"This hurts," wrote the first poster under Ramji's blog entry. "Just today I started to use it....It disappeared under my fingers."

In fact, at press time, all of the posts under Ramji's blog focused on the lack of access to Sandcastle. "We do not care about the source, just release the binary and please do it soon, since you used your office to take it off," commented another poster. "We know you have to do your job, but most of us do not live by open source...even though we work [with it]. "

According to the Sandcastle blog, the Sandcastle team is currently deciding whether to publish the project's source code or move the project to Microsoft's MSDN code gallery. Wrote Anand Raman, a group manager in Microsoft's developer division, "I am going to evaluate these and other options carefully but rest assured the Sandcastle downloads will be available soon for the customers."

About the Author

Becky Nagel is the vice president of Web & Digital Strategy for 1105's Converge360 Group, where she oversees the front-end Web team and deals with all aspects of digital strategy. She also serves as executive editor of the group's media Web sites, and you'll even find her byline on, the group's newest site for enterprise developers working with AI. She recently gave a talk at a leading technical publishers conference about how changes in Web technology may impact publishers' bottom lines. Follow her on twitter @beckynagel.


  • The 2021 Microsoft Product Roadmap

    From Windows 10X to the next generation of Microsoft's application server products, here are the product milestones coming down the pipeline in 2021.

  • After High-Profile Attacks, Biden Calls for Better Software Security

    Recent high-profile security attacks have prompted the Biden administration to issue an executive order aiming to tighten software security practices across the board.

  • With Hybrid Networks on Rise, Microsoft Touts Zero Trust Security

    Hybrid networks, which combine use of cloud services with on-premises software, require a "zero trust" security approach, Microsoft said this week.

  • Feds Advise Orgs on How To Block Ransomware Amid Colonial Pipeline Attack

    A recent ransomware attack on a U.S. fuel pipeline company has put a spotlight on how "critical infrastructure" organizations can prevent similar attacks.