Pull request #10974 introduces the @bitwarden/sdk-internal dependency which is needed to build the desktop client. The dependency contains a licence statement which contains the following clause:

You may not use this SDK to develop applications for use with software other than Bitwarden (including non-compatible implementations of Bitwarden) or to develop another SDK.

This violates freedom 0.

It is not possible to build desktop-v2024.10.0 (or, likely, current master) without removing this dependency.

  • mli@lemm.ee
    link
    fedilink
    arrow-up
    48
    arrow-down
    1
    ·
    edit-2
    1 month ago

    Apparently and according to Bitwardens post here, this is a “packaging bug” and will be resolved.

    Update: Bitwarden posted to X this evening to reaffirm that it’s a “packaging bug” and that “Bitwarden remains committed to the open source licensing model.”

    Let’s hope this is not just the PR compartment trying to make this look good.

    • ipkpjersi@lemmy.ml
      link
      fedilink
      arrow-up
      6
      arrow-down
      1
      ·
      1 month ago

      I think even if they do reverse course or it was a genuine mistake, it’s easy to lose people’s trust forever, ESPECIALLY when it comes to something sensitive like storing ALL of your passwords.