It’s been 6 YEARS since this original request, and frankly, I cannot see any reason why this has not happened. Having a repo increases security which is in alignment with the purpose that Bitwarden has. Why would we still not have any repos for package updates to this date?
THIS NEEDS TO HAPPEN. I just checked a client on one of my systems and it’s version 2023.9.0 and would be the latest version if I had a package manager capable repository to regularly update from. There’s literally been times where Bitwarden at prior employers has broken because the server updated but the clients never did because of this lack of repository.
How much more noise and justification do we actually need for this to be taken SERIOUSLY?
Considering this is a security tool, I don’t think it’s a good idea to be using 3rd party repos. Supply chain security concerns and all that. There is still a very substantial need for 1st party repositories.
On Fedora why not just use the Flatpak? While the Flatpak build configuration is not maintained by the Bitwarden team, it uses the official binaries, and Flatpak provides automatic updates / a proper desktop integration.
Just wanted to share my experience on the topic.
I’m trying to use Bitwarden on Ubuntu. So my first go-to should be the App Center, where I can get the (what I believe to be) official Snap package with Bitwarden. I do that, I try to login, but my passwords take forever to load. I reinstall the package, same thing.
I go to Bitwarden’s website and grab the recommended download for Linux, which is an AppImage. I also had to install libfuse2 to get it to run. It launched once, and it would be stuck forever after inputting the password, slightly differently than what the Snap did. I close it, but it won’t launch again.
I go back to Bitwarden’s website and grab the .deb instead. Installed, launched… logged in successfully, all my passwords are there, everything works. The deb file, the ol’ reliable… But I just sacrificed updates.
Which is why the idea of providing repositories gets a vote for me too. Bitwarden would just work and I wouldn’t need to worry about manually updating the app instead.
I agree. Given the sensitive nature of Bitwarden, it makes it very hard to trust non-official packages. IMHO the most difficult step they have already covered, which is creating the RPM and DEB files. Setting up the repositories shouldn’t be too hard. This page for example, from Jul 2023, shows how to create a RPM repo.
I also upvote about providing a package repo for the community to get trusted, signed packages from Bitwarden. I really don’t want to use a community distribution for something like this. Someone throwing a quick extractor in could ruin an entire enterprise.
I am surprised about that deb or rpm repository are still not existent today. Having them will make managing the app on Linux super easy, please do consider.
Bitwarden devs, I understand that you guys are working on a priority-based list derived from the roadmap for new feature additions.
Could you please post an update on the status of this request?
I really miss not having the RPM auto-update on Fedora 41 KDE. I prefer it to the flatpak package due to the flatpak auto start issue on Fedora. Besides, the flatpak does not render dark mode correctly (the menu bar and menus show up in light mode).
We would really appreciate an update (even if tentative) on when we can expect the RPM to be officially supported for auto updates on Fedora please.
I think BloodyIron explained why repositories are needed quite well. It is a security issue.
Snap and Flatpak while fine for some people are not a solution. If I’m running a stable system then the last thing I need is an extra package manager for a single package.
What I would like add is it makes me think that if developers are cutting corners with this essential issue what kind of corners do they cut where we are not seeing? I’ve been using Bitwarden for years but this thing is raising a question, should I?
