I’m stuck in this limbo 
(MacOS)
Policy prevents me from updating and I also keep getting harassed with popups asking for admin password.
Bitwarden isn’t controlled by MDM for me so I’m stuck without a working Bitwarden desktop client
Additionally, a setting to enable update check only on startup would be appreciated. I have the application set to start on login, and twice now the update prompt has booted me back to the desktop from a fullscreen application.
I want to be able to have full control over the software running on my OS
- I don’t want to be forced to update my software
- I don’t want to be harassed by dialogs / bouncing icons / popups etc
An option to disable automatic updates and prohibit Bitwarden from harassing users while in critical UX flows would be greatly appreciated
This just caused me time and headache as well. Windows 10 device.
Use Case: Forced update on a hostile network.
Issues:
- forced update
- no manual or deferred setting
- undocumented process specifics
- seemingly does not uninstall if uninstalled during update process
My specific use case is man in the middle attacks on a hostile network. It’s unclear if Bitwarden secure against this use case during software update download. And if it does; what those measures are. I would be happy to read any documentation on it if someone could direct me to it.
Additionally, during the process it seemed the program was ‘uninstallable’. The application notified that it would update on next reboot while on a hostile network. Bitwarden was uninstalled prior to reboot on hostile network. Bitwarden persisted but without the credentials to load secrets. After removing it again it appeared to be removed. This leaves one without passwords/secrets with no easy remedy until returning to a secure network.
I would like to know the specifics of the forced upgrade:
- what measures are taken to insure the update itself is not compromised ?
- why after uninstalling does the application still persist during this process ?
I also mirror the comment about full control over my software.
Alternatively perhaps I simply don’t understand how the current process is safe for this use case and would enjoy being directed towards documentation on it.
@whitelion Welcome to the forum!
On Windows, why don’t you just use the Portable Desktop App? It does not do any automatic updates. You can also run it on a USB, if that is helpful for your use-case.
Also, there is an environment variable that can be set to prevent auto-updates of the (regular) Desktop app:
ELECTRON_NO_UPDATER=1
This solution is available in macOS, Windows, and Linux.
Thank you @grb for the welcome and reply. I looked into your two suggestions.
Portable Desktop App - it didn’t occur to me to look under “View Desktop Installation Guides” for other Downloads. It seems like a reasonable solution for this use case though it’s not clear if some OS supported features like launch on startup and tray features would be lost. Ideally it still would be great to have an in app setting but this is not bad. But what was especially good about your suggestion was making me aware of the Portable App. Thanks!
Standard App - After limited searching it seems to require either setting a global environment variable and disabling auto updates for all electron apps on a system (not viable for this case). Or perhaps, creating a batch file with a SET command and running from there. Is there a cleaner way to do this? Poking around in the distribution directory I had hoped to find a config file something like the existing app-update.yml under C:\Users*****\AppData\Local\Programs\Bitwarden\resources to set configs. There also seems to be many variables you can set if you are self hosting which is not this situation. Am I missing something?
Either way, your first suggestion may solve my immediate issue. Though I would advocate to whomever is listening to move this setting into the app itself or a bitwarden config file. And I hope to find a solution that works with the standard Windows desktop install without too much ongoing effort.
Could you please tell me how to set ELECTRON_NO_UPDATER=1 on windows, I tried setting it from cmd set ELECTRON_NO_UPDATER=1 but looks update is not disables
@Harini See this comment: