✅ Bitwarden is not FOSS

As explained undermentioned:

Bitwarden isn’t FOSS, because the SDK necessarily to compile it utilizes a proprietary license:

This has already prevented Bitwarden being added to F-Droid, per:

8 Likes

As stated at a GitHub comment:

The mobile client is again suitable for inclusion in F-Droid, per Bitwarden Password Manager (#114) · Issues · F-Droid / Requests For Packaging · GitLab. Shall hide License is not FOSS-compatible. · Issue #898 · bitwarden/sdk · GitHub as resolved.

Specifically, Desktop version 2024.10.0 is no longer free software · Issue #11611 · bitwarden/clients · GitHub states (formatting-modified):

We have made some adjustments to how the SDK code is organized and packaged to allow you to build and run the app with only GPL/OSI licenses included. The sdk-internal package references in the clients now come from a new sdk-internal repository, which follows the licensing model we have historically used for all of our clients (see LICENSE_FAQ.md for more info). The sdk-internal reference only uses GPL licenses at this time. If the reference were to include Bitwarden License code in the future, we will provide a way to produce multiple build variants of the client, similar to what we do with web vault client builds.

The original sdk repository will be renamed to sdk-secrets, and retains its existing Bitwarden SDK License structure for our Secrets Manager business products. The sdk-secrets repository and packages will no longer be referenced from the client apps, since that code is not used there.

Summarily, solely this repository’s contents – the secrets portion of the SDK – should now be non-FOSS, and are packaged separately to the rest of the SDK, which none of the clients reference anymore, consequently.

An important improvement. Of course, if I’ve interpreted that comment correctly.

1 Like

Let me know if you feel like this feature request can be closed as completed/resolved (which will return the votes to users who have voted for it).

1 Like

I think so, @grb, since most users don’t factor in Secrets access, especially in comparison to all the clients (as was previously affected).

1 Like