clients
clients copied to clipboard
bitwarden
Desktop version 2024.10.0 is no longer free software
Pull request #10974 introduces the @bitwarden/sdk-internal dependency which is needed to build the desktop client. The dependency contains a licence statement which contains the following clause:
You may not use this SDK to develop applications for use with software other
than Bitwarden (including non-compatible implementations of Bitwarden) or to
develop another SDK.
This violates freedom 0.
It is not possible to build desktop-v2024.10.0 (or, likely, current master) without removing this dependency.
Thank you for reporting this issue! We've added this to our internal tracking system. ID: PM-13815
Namely trying to build with bitwarden_license directory removed (like we have been always doing) and sanitized node_modules results in the following:
[Prel] assets by status 30.6 KiB [cached] 1 asset
[Prel] orphan modules 28.2 KiB [orphan] 25 modules
[Prel] ./src/preload.ts + 25 modules 28.4 KiB [not cacheable] [built] [code generated]
[Prel]
[Prel] ERROR in /home/abuild/rpmbuild/BUILD/bitwarden-2024.10.0/libs/common/src/platform/abstractions/sdk/sdk.service.ts
[Prel] 3:32-57
[Prel] [tsl] ERROR in /home/abuild/rpmbuild/BUILD/bitwarden-2024.10.0/libs/common/src/platform/abstractions/sdk/sdk.service.ts(3,33)
[Prel] TS2307: Cannot find module '@bitwarden/sdk-internal' or its corresponding type declarations.
[Prel]
[Prel] ERROR in /home/abuild/rpmbuild/BUILD/bitwarden-2024.10.0/libs/common/src/platform/abstractions/sdk/sdk-client-factory.ts
[Prel] 1:37-62
[Prel] [tsl] ERROR in /home/abuild/rpmbuild/BUILD/bitwarden-2024.10.0/libs/common/src/platform/abstractions/sdk/sdk-client-factory.ts(1,38)
[Prel] TS2307: Cannot find module '@bitwarden/sdk-internal' or its corresponding type declarations.
[Prel]
[Prel] ERROR in /home/abuild/rpmbuild/BUILD/bitwarden-2024.10.0/libs/common/src/platform/services/sdk/default-sdk.service.ts
[Prel] 3:54-79
[Prel] [tsl] ERROR in /home/abuild/rpmbuild/BUILD/bitwarden-2024.10.0/libs/common/src/platform/services/sdk/default-sdk.service.ts(3,55)
[Prel] TS2307: Cannot find module '@bitwarden/sdk-internal' or its corresponding type declarations.
[Prel]
[Prel] ERROR in /home/abuild/rpmbuild/BUILD/bitwarden-2024.10.0/libs/common/src/platform/services/sdk/default-sdk-client-factory.ts
[Prel] 1:21-46
[Prel] [tsl] ERROR in /home/abuild/rpmbuild/BUILD/bitwarden-2024.10.0/libs/common/src/platform/services/sdk/default-sdk-client-factory.ts(1,22)
[Prel] TS2307: Cannot find module '@bitwarden/sdk-internal' or its corresponding type declarations.
[Prel]
[Prel] ERROR in /home/abuild/rpmbuild/BUILD/bitwarden-2024.10.0/libs/common/src/platform/services/sdk/default-sdk-client-factory.ts
[Prel] 2:24-81
[Prel] [tsl] ERROR in /home/abuild/rpmbuild/BUILD/bitwarden-2024.10.0/libs/common/src/platform/services/sdk/default-sdk-client-factory.ts(2,25)
[Prel] TS2307: Cannot find module '@bitwarden/sdk-internal/bitwarden_wasm_internal_bg.wasm' or its corresponding type declarations.
[Prel]
[Prel] ERROR in /home/abuild/rpmbuild/BUILD/bitwarden-2024.10.0/libs/common/src/platform/services/sdk/noop-sdk-client-factory.ts
[Prel] 1:37-62
[Prel] [tsl] ERROR in /home/abuild/rpmbuild/BUILD/bitwarden-2024.10.0/libs/common/src/platform/services/sdk/noop-sdk-client-factory.ts(1,38)
[Prel] TS2307: Cannot find module '@bitwarden/sdk-internal' or its corresponding type declarations.
[Prel]
[Prel] 6 errors have detailed information that is not shown.
[Prel] Use 'stats.errorDetails: true' resp. '--stats-error-details' to show it.
[Prel]
[Prel] webpack 5.94.0 compiled with 6 errors in 14233 ms
[Prel] npm error Lifecycle script `build:preload` failed with error:
[Prel] npm error code 1
[Prel] npm error path /home/abuild/rpmbuild/BUILD/bitwarden-2024.10.0/apps/desktop
[Prel] npm error workspace @bitwarden/[email protected]
[Prel] npm error location /home/abuild/rpmbuild/BUILD/bitwarden-2024.10.0/apps/desktop
[Prel] npm error command failed
[Prel] npm error command sh -c cross-env NODE_ENV=production webpack --config webpack.preload.js
[Prel] npm run build:preload exited with code 1
Also see bitwarden/sdk#898. It looks like this is part of a deliberate campaign by Bitwarden, Inc. to fully transition Bitwarden to proprietary software, despite consistently advertising it as open source, without informing customers about this change.
For whatever the opinion of one user is worth, I've switched away from Bitwarden due to this.
I noticed and reported a similar problem with the NPM releases of the CLI client (#10648) two months ago, and I have yet to receive a response. Bitwarden definitely seems to be moving away from being open-source software without making any sort of announcement about it.
Bitwarden was good to me.. Now it's time to switch to alternatives...
Ohhh noooo... That's a shame. You're right: i'll go to a fork or to any alternative!
i'll go to a fork or to any alternative!
I would be careful going to "any alternative". It's your passwords you're talking about.
Also, a fork of the client still leaves the open issue of relying on the server service or software.
This is... concerning to say the least. I'm a long term paid Bitwarden user, and it's making me reconsider that decision.
I'll be looking for an alternative after hearing this. Quietly moving away from open source raises serious concerns.
7.3 The Company may at any time, terminate the License Agreement with you if: ........ d) the Company decides to no longer provide the SDK or certain parts of the SDK to users in the country in which you are resident or from which you use the service, or the provision of the SDK or certain SDK services to you by the Company is, in the Company’'s sole discretion, no longer commercially viable or technically practicable.
well so it can be striped from us at any time?
https://github.com/dani-garcia/vaultwarden
That's interesting for a server, and while the server has a web client, are there comparable open source clients too for desktop and/or mobile?
what alternatives do you guys recommend?
If it's for the home Vaultwarden.
No no no, not Bitwarden please. A service i dearly loved and was satisfied with :(
what alternatives do you guys recommend?
If it's for the home Vaultwarden.
Why home use only ?
Note that the SDK is used (and enabled as a feature flag) not only in the release of desktop app, but also in the browser, CLI and web clients.
This mean that all versions of BitWarden 2024.10.0 are using the SDK.
How many times do we have to teach companies that try to rug pull this lesson, you want to end up like redis? This is how you end up like redis.
enshitification is inevitable with these god forsaken companies
It's practically a given with almost any VC (venture capital) or PE (private equity) backed company with worth between 10 million and 1 trillion USD. When outside of this range, they can do what they want.
People keep getting surprised every time this happens, but it's so common as to be inevitable indeed.
Bitwarden has before released projects advertised as "open source" while not under a non-open restrictive license details, discussion. This may now indicate a pattern or direction.
This sucks. I am going to develop an alternative desktop app which wraps Vaultwarden's web interface using Tauri, if anyone is interested.
So I guess all my customers and myself of course will be moving to an alternative.
Removed the annual subscription (never used the extra features, I had it only to support the project) and moving away very soon to a truly free software solution. Very disappointed since I have pushed a lot of people toward Bitwarden.
Very disappointed since I have pushed a lot of people toward Bitwarden.
Same to me. And I quite regret it now...
Spirit of open source died long time ago. Open source is now a business model.
Hi @brjsp, Thanks for sharing your concerns here. We have been progressing use of our SDK in more use cases for our clients. However, our goal is to make sure that the SDK is used in a way that maintains GPL compatibility.
- the SDK and the client are two separate programs
- code for each program is in separate repositories
- the fact that the two programs communicate using standard protocols does not mean they are one program for purposes of GPLv3
Being able to build the app as you are trying to do here is an issue we plan to resolve and is merely a bug.
Spirit of open source died long time ago. Open source is now a business model.
According to me, the spirit of open source still lives in free software philosophy.