this post was submitted on 20 Oct 2024
509 points (95.2% liked)

Open Source

30826 readers
1067 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
509
Bitwarden Desktop version 2024.10.0 is no longer free software (github.com)
submitted 1 day ago by [email protected] to c/[email protected]
121 comments fedilink hide all child comments
 

Pull request #10974 introduces the @bitwarden/sdk-internal dependency which is needed to build the desktop client. The dependency contains a licence statement which contains the following clause:

You may not use this SDK to develop applications for use with software other than Bitwarden (including non-compatible implementations of Bitwarden) or to develop another SDK.

This violates freedom 0.

It is not possible to build desktop-v2024.10.0 (or, likely, current master) without removing this dependency.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 23 hours ago (3 children)

How does this play with mobile?

[–] [email protected] 4 points 22 hours ago* (last edited 19 hours ago) (1 children)

as another option this KeePassXC(PC)+radicale+DAVx5 The same for KeepassDX

[–] [email protected] 1 points 21 hours ago (1 children)

Radicale+DavX5 is for calendars and contacts, no? How does this work for passwords

[–] [email protected] 2 points 20 hours ago

for passwords no way, as you noted it is for calendars and contacts

[–] [email protected] 3 points 22 hours ago (1 children)

There's an Android app, but it's not being developed any more https://github.com/android-password-store/Android-Password-Store

There's an iOS app as well https://mssun.github.io/passforios/

They have a list with all the clients and other tools on their website
https://www.passwordstore.org/#other

[–] [email protected] 3 points 22 hours ago

besides everything else, the end of support for syncthing-android, yes, that's a real blow to the gut.

[–] [email protected] 2 points 22 hours ago* (last edited 22 hours ago)

Integration with Android

The GnuPG implementation for Android is called OpenKeychain. To configure it, just go to the "key management" menu and import the previously created secret key. The only drawback of OpenKeychain for me personally is that there is no fingerprint unlocking.

The pass implementation for Android is called android-password-store, or simply APS.

Install and launch APS. Before synchronizing the password store, go to the "Settings" menu. There we will need the following items:

  1. Git server settings. The resulting URL should be the same as that specified on the repository page on github. Authorization type - OpenKeychain.

  2. Git utils. In this section, specify the username and email from the gpg key.

  3. OpenPGP provider. Select OpenKeychain.

  4. Autofill.

Now you can clone. Select "clone from server" on the main screen, specify the desired location of the repository, check the git settings.

Of course, pass is not that easy to set up. However, this price buys confidence that the tools we use will not one day be declared obsolete, will not change their data format, and will not be left without support.