view the rest of the comments
Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
Sad day indeed, bitwarden going shady and this.
What did bitwarden do??
https://lemmy.ndlug.org/post/1268531
I think it was made by mistake. They will more likely remove that dependency
Perhaps the hard dependency was a mistake, but not them moving more and more code to their proprietary library. It appears that their intent is to make the client mostly a wrapper around their proprietary library, so they can still claim to have an open source GPLv3 piece of software. What good is that client if you can only use it in conjunction with that proprietary library, even if you can build it without that dependency?
Instead of open core I’ll call this popular approach “open skin”.
I'm not familiar with exactly what Bitwarden are doing, but Nvidia are doing something similar to what you described with their Linux GPU drivers. They launched new open-source drivers (not nouveau) for Turing (GTX 16 and RTX 20 series) and newer GPUs. What they're actually doing is moving more and more functionality out of the drivers into the closed-source firmware, reducing the amount of code they need to open source. Maybe that's okay? I'm not sure how I feel about it.
Clearly not: https://github.com/bitwarden/clients/issues/11611#issuecomment-2424865225
That says that it is a bug.
It says the build error is a bug, not the inclusion of proprietary code.
To be fair, the project page says this:
So there are two ways this can go:
I'm going to stick with them until I see what they do once they complete the refactor.
To be fair? Nowhere are they even suggesting they would release the SDK as FOSS, but they do say their password manager is open source. It seems like they just want a FOSS shell so they can claim it's open source for but keep their business logic closed source.
That's the second way it could go. But given their track record of being FOSS when everyone else was proprietary and keeping the source code available, I'm willing to give them the benefit of the doubt and see what they do. For now, "we'll re-evaluate it again once it's stable" tells me it's still on the table.
Stable bindings doesn't mean open source, so I don't see how that tells you it's still on the table
They're moving a lot of code to this internal core, which means this core is unstable. It's pretty common for projects to hold off on making code public until it's reached a certain level of stability. I'm guessing they're not interested in accepting patches, due to the high level of churn from the dev team. Once that churn dies down, there's a chance they'll reconsider and make it FOSS.
I've seen this in a number of FOSS projects, and it's also what I do on my own (I don't want help until I'm happy with the base functionality).
So that's why I hold out hope. We'll see once the churn on that internal SDK repo dies down.
Why go through all the hoops if they are instead just could refuse patches? Open source doesn't mean open to contributions, look at SQLite for example.
If they had the idea to release this open source they would have said so in clear words by now. They didn't so I don't have much hope, unless maybe if they get enough negative publicity to change their mind.
Why does VC need to ruin everything...
I don't get it.
How is that a problem to people wanting to work on or work with Bitwarden? Or am I misunderstanding the wording on it?
It just seems to say that you cannot rip this SDK out to use it on something else. Which makes sense as far as an internal library goes, at least on the surface?
It doesn't make sense for an internal library for an open source application, it that case it's not open source.
Ahh those fuckers.