this post was submitted on 20 Oct 2024
526 points (95.0% liked)

Open Source

31648 readers
197 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
 

Pull request #10974 introduces the @bitwarden/sdk-internal dependency which is needed to build the desktop client. The dependency contains a licence statement which contains the following clause:

You may not use this SDK to develop applications for use with software other than Bitwarden (including non-compatible implementations of Bitwarden) or to develop another SDK.

This violates freedom 0.

It is not possible to build desktop-v2024.10.0 (or, likely, current master) without removing this dependency.

you are viewing a single comment's thread
view the rest of the comments
[–] cmhe 8 points 1 month ago* (last edited 1 month ago)

The SDK is not closed source, you can find the source here: https://github.com/bitwarden/sdk

It might not be GPL open-source, but it is not closed either.

Sure. To me "source available" is still closed-source, since looking into it might give companies an attack surface for you to have violated their copyright in the future. Happened with IBM in the past: https://books.google.de/books?id=gy4EAAAAMBAJ&lpg=PA15&pg=PA15&redir_esc=y#v=onepage&q&f=false

Let’s wait and see before we get out the pitchforks.

Sure. Bitwarden doesn't owe us anything, but it is still sad to see this decision and better clarification and explanation could have alleviated the breaking of the trust here.