Pull request #10974 introduces the @bitwarden/sdk-internal dependency which is needed to build the desktop client. The dependency contains a licence statement which contains the following clause: Y...
Pull request #10974 introduces the @bitwarden/sdk-internal dependency which is needed to build the desktop client. The dependency contains a licence statement which contains the following clause:
You may not use this SDK to develop applications for use with software other
than Bitwarden (including non-compatible implementations of Bitwarden) or to
develop another SDK.
This violates freedom 0.
It is not possible to build desktop-v2024.10.0 (or, likely, current master) without removing this dependency.
Apparently and according to Bitwardens post here, this is a "packaging bug" and will be resolved.
Update: Bitwarden posted to X this evening to reaffirm that it's a "packaging bug" and that "Bitwarden remains committed to the open source licensing model."
Let's hope this is not just the PR compartment trying to make this look good.
I think even if they do reverse course or it was a genuine mistake, it's easy to lose people's trust forever, ESPECIALLY when it comes to something sensitive like storing ALL of your passwords.