Feeds

Microsoft rethinks open source CodePlex site

Devil, meet details...

Combat fraud and increase customer satisfaction

Microsoft's CodePlex site could be revised before the year's out to signpost genuinely open-source projects, after the company got itself in hot water.

Sam Ramji, senior director of platform strategy, told The Register that Microsoft hoped to wrap up internal discussions over what to do about CodePlex and resolve the issue before the New Year.

Options under consideration include - and this is sounding quite probable - creation of a series of CodePlex sub sites hosting projects according to their license type.

This could mean projects under academic licenses on CodePlex such as BSD, MIT, and the Apache Software License are listed on an academic.codeplex.com sub site. Currently, all projects are thrown into the same main site for potential users to search.

This got Microsoft in trouble in October when it emerged the company was posting code to CodePlex using licenses not compatible with the terms of the Open-Source Initiative (OSI). Microsoft describes CodePlex as its "open-source project hosting web site" and points users to a Wikipedia page on OSI licenses.

CodePlex homepage

CodePlex: sub-sites planned?

The catalyst for trouble was the Managed Extensibility Framework that was released under the Limited Permissive License (Ms-LPL), which tied MEF to Windows. A deeper dive into CodePlex also revealed ASP.NET code also lives on the site. Access to ASP.NET code is limited to qualified Microsoft customers, partners, and governments under a non-disclosure agreement (NDA) through the Microsoft Source License.

A sub-site approach could mean an ASP.NET.codeplex.com site is created, the idea being potential developers at least get to know what they are dealing with up front.

It sounds like the subject of "whither CodePlex" has become a philosophical issue for Microsoft. The company is debating what constitutes an open source project and whether that is defined as using an OSI-approved licenses versus those that do not use an OSI-approved license.

Ramji indicated the question of whether CodePlex should be called an "open-source project web hosting site" is also in play. "The larger question is can CodePlex have the tag line 'open-source code hosting' if we agreed open-source code means it's using an OSI-compliant license?" He added Microsoft would not want to release all code under an open-source license. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Ubuntu 14.04 LTS: Great changes, but sssh don't mention the...
Why HELLO Amazon! You weren't here last time
OpenBSD founder wants to bin buggy OpenSSL library, launches fork
One Heartbleed vuln was too many for Theo de Raadt
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Got Windows 8.1 Update yet? Get ready for YET ANOTHER ONE – rumor
Leaker claims big release due this fall as Microsoft herds us into the CLOUD
Next Windows obsolescence panic is 450 days from … NOW!
The clock is ticking louder for Windows Server 2003 R2 users
Patch iOS, OS X now: PDFs, JPEGs, URLs, web pages can pwn your kit
Plus: iThings and desktops at risk of NEW SSL attack flaw
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Apple inaugurates free OS X beta program for world+dog
Prerelease software now open to anyone, not just developers – as long as you keep quiet
prev story

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.