✅ Bitwarden is not FOSS

rokejulianlockhart · July 11, 2024, 2:16pm

As explained undermentioned:

https://github.com/bitwarden/sdk/issues/898#issuecomment-2222992484

Bitwarden isn’t FOSS, because the SDK necessarily to compile it utilizes a proprietary license:

image947×2952 371 KB

This has already prevented Bitwarden being added to F-Droid, per:

rokejulianlockhart · October 25, 2024, 8:13pm

The mobile client is again suitable for inclusion in F-Droid, per Bitwarden Password Manager (#114) · Issues · F-Droid / Requests For Packaging · GitLab. Shall hide License is not FOSS-compatible. · Issue #898 · bitwarden/sdk · GitHub as resolved.

Specifically, Desktop version 2024.10.0 is no longer free software · Issue #11611 · bitwarden/clients · GitHub states (formatting-modified):

We have made some adjustments to how the SDK code is organized and packaged to allow you to build and run the app with only GPL/OSI licenses included. The sdk-internal package references in the clients now come from a new sdk-internal repository, which follows the licensing model we have historically used for all of our clients (see LICENSE_FAQ.md for more info). The sdk-internal reference only uses GPL licenses at this time. If the reference were to include Bitwarden License code in the future, we will provide a way to produce multiple build variants of the client, similar to what we do with web vault client builds.

The original sdk repository will be renamed to sdk-secrets, and retains its existing Bitwarden SDK License structure for our Secrets Manager business products. The sdk-secrets repository and packages will no longer be referenced from the client apps, since that code is not used there.

Summarily, solely this repository’s contents – the secrets portion of the SDK – should now be non-FOSS, and are packaged separately to the rest of the SDK, which none of the clients reference anymore, consequently.

An important improvement. Of course, if I’ve interpreted that comment correctly.

grb · October 25, 2024, 9:40pm

Let me know if you feel like this feature request can be closed as completed/resolved (which will return the votes to users who have voted for it).

rokejulianlockhart · October 25, 2024, 11:26pm

I think so, @grb, since most users don’t factor in Secrets access, especially in comparison to all the clients (as was previously affected).

Topic		Replies	Views
PSA: Bitwarden F-Droid Repo is not really F-Droid Password Manager app:mobile , server:default-cloud	1	1142	May 27, 2024
Inclusion in the official F-Droid repository, Asking for confirmation Password Manager app:mobile , os:android , server:default-cloud	6	226	August 24, 2025
F-Droid Release Authenticator	2	862	July 28, 2024
F-Droid repo not working Password Manager app:mobile , server:default-cloud	2	215	January 14, 2025
Concerns Over Bitwarden Moving Away from Open Source: What Does Our Future Hold? Password Manager app:all , server:default-cloud , app:bwdc	6	3389	October 26, 2024

✅ Bitwarden is not FOSS

Related topics