Comment on Concerns Raised Over Bitwarden Moving Further Away From Open-Source

<- View Parent
Highsight@lemmy.world ⁨1⁩ ⁨week⁩ ago

When I read this this morning, I had concerns, but then I did some research. The SDKs source is fully available for all to look at and compile. The main issue that people bring up is the license that states:

3.3 You may not use this SDK to develop applications for use with software other
than Bitwarden (including non-compatible implementations of Bitwarden) or to
develop another SDK.

This part seems to be what most people take issue with, as it makes the sdk no longer modifiable, yet a requirement of the core source itself. The head of BitWarden has come out and stated the SDK being required to compile BitWarden was a mistake, however, and if this proves to be true (which I have no reason to doubt) then I see no reason why any of this is an issue.

From a security standpoint, since the SDK is source available, it can be audited by anyone still (and compiled) so personally, I’m fine with this.

source
Sort:hotnewtop