this post was submitted on 20 Oct 2024
627 points (87.4% liked)
Technology
59974 readers
5544 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Oh, for fuck’s sake. Can we have a decent password manager that isn’t tied to a browser or company? I pay for Bitwarden. I’m not being cheap. But open source is more secure. We can look at the code ourselves if there’s a concern.
Nothing in the article or in the Bitwarden repo suggests that it's moving away from open source
It is a license problem. The license condition of the SDK which is required to build the client app change to limit the usage of it. The new license states that you can only use the Bitwarden SDK for Bitwarden. It is against the Freedoom-0 of the Free Software Foundation. The limitation of English language is that it is hard to differentiate between Free (as in Free bear) and Free (as in Freedoom). Also open source which could mean complaining with FOSS and that source is available. This been unfortunately have been abused before.
From the article, it's a packaging bug, not a change in direction.
I was referring to this which started it all.
Here is the code in question. Basically, it's a source-available, but not FOSS internal SDK, with the following language:
So I think the "bug" here is in not linking the original repo in the NPM package, and there's a decent chance that this internal SDK will become FOSS in the future once it stabilizes. That said, it's currently not FOSS, but it's too early IMO to determine whether Bitwarden is moving in a non-FOSS direction, or if they're just trying to keep things simple while they do some heavy refactoring to remove redundancy across apps.
Given their past, I'm willing to give them the benefit of the doubt, but I'll be making sure I have regular backups in case things change.