Open Source

30833 readers

374 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Posts must be relevant to the open source ideology
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago

MODERATORS

[email protected]

497

Bitwarden Desktop version 2024.10.0 is no longer free software (github.com)

submitted 2 days ago by [email protected] to c/[email protected]

122 comments fedilink hide all child comments

Pull request #10974 introduces the @bitwarden/sdk-internal dependency which is needed to build the desktop client. The dependency contains a licence statement which contains the following clause:

You may not use this SDK to develop applications for use with software other than Bitwarden (including non-compatible implementations of Bitwarden) or to develop another SDK.

This violates freedom 0.

It is not possible to build desktop-v2024.10.0 (or, likely, current master) without removing this dependency.

(page 2) 50 comments

sorted by: hot top controversial new old

[–] [email protected] 0 points 22 hours ago

We need a fully community run password manager with row-level server synchronisation between devices and shared vaults. Maybe a new client for the Bitwarden protocol with Vaultwarden or something new. E.g. 1password's secret key as a second factor is, imho, their best feature. It pretty much eliminates the possibility of the vault being decrypted due to a weak master password.

[–] [email protected] 2 points 1 day ago (2 children)

I just exported my data from BitWarden and imported into ProtonPass. Was pretty easy. Hate the color palette of the app and browser extension though, lol.

load more comments (2 replies)

[–] [email protected] 9 points 2 days ago* (last edited 2 days ago) (1 children)

i was about to replace my glorified encrypted text file for a password manager. guess relying on 3rd parties in a late-stage capitalist world is not a viable alternative.

ill stay with my encrypted text file until they privatize encryption. by then ill probably be carving my passwords out on stone. or burning down the servers of these fucking pigs trying to make us identify ourselves for everything on the internet now.

[–] [email protected] 9 points 2 days ago (4 children)

KeePassXC is pretty amazing. :)

load more comments (4 replies)

[–] [email protected] 9 points 2 days ago (1 children)

Looks like I might be moving to Proton Pass after all! I'll give them some time to see what they do about this, but will happily give my money to someone else and migrate friends/family as well.

[–] [email protected] 2 points 1 day ago (2 children)

I know little about Proton Pass, but how confident are you they don't also used a proprietary SDK with their open source apps?

load more comments (2 replies)

[–] [email protected] 14 points 2 days ago (2 children)

Does this affect valtwarden?

[–] [email protected] 21 points 2 days ago

Vaultwarden is only the server, no? So any clients that you use to access Vaultwarden are built and maintained by 8bit solutions a.k.a. Bitwarden, including the desktop client that is the subject of this post.

load more comments (1 replies)

[–] [email protected] 2 points 1 day ago* (last edited 1 day ago) (10 children)

pass is enough (+ xdotool + rofi + pass-menu). Synchronization via git or Syncthing.

load more comments (10 replies)

load more comments