It's weird that it's open source, but you can't self-host it unless you pay. How does that work?
"Today, Bitwarden announces the general availability of Bitwarden Secrets Manager, an open source, end-to-end encrypted solution that empowers development teams to easily store, manage, automate, and share secrets at scale."
I hope Bitwarden don’t follow the recent “open source but only if you pay and we unilaterally terminate the contract with you if you exercise the terms of the open source license” approach RedHat is doing lately.
If the UI isn't included in the open source offering, then vaultwarden is going to need to build it out themselves.
Their reply mentions it's not in the open source web vault. This aligns with some of the enterprise policies that they've not implemented, in their wiki they're called out for the UI not being open source.
Somewhat sad to see this isn't open source. I hope that Bitwarden isn't regretting their decision to open source their password manager. I self host Vaultwarden, but intentionally purchase a full license from Bitwarden every year, as do a couple other folks I know.
I think the source might be here [1]. And this repo (clients) have this LICENCE.md file [2] which says that
> Source code in this repository is covered by one of two licenses: (i) the
GNU General Public License (GPL) v3.0 (ii) the Bitwarden License v1.0. The
default license throughout the repository is GPL v3.0 unless the header
specifies another license. Bitwarden Licensed code is found only in the
/bitwarden_license directory
Now the secret manager is in the `bitwarden_license` directory so it is not a GPL covered product and not open source but covered by BITWARDEN LICENSE AGREEMENT [3]. It does not allow you to use it as OSS.
12 comments
[ 3.0 ms ] story [ 14.9 ms ] threadSadly no self hosting until the $12/month tier but still very exciting!
https://bitwarden.com/products/secrets-manager/#pricing
"Today, Bitwarden announces the general availability of Bitwarden Secrets Manager, an open source, end-to-end encrypted solution that empowers development teams to easily store, manage, automate, and share secrets at scale."
The license is not clear to me: is the Secret Manager a “Bitwarden server”, or is it “Commercial.Core”? <https://github.com/bitwarden/server/blob/master/LICENSE_FAQ....>.
I hope Bitwarden don’t follow the recent “open source but only if you pay and we unilaterally terminate the contract with you if you exercise the terms of the open source license” approach RedHat is doing lately.
I don't get why they don't do a clean-room implementation if they're so worried about licenses..
https://github.com/dani-garcia/vaultwarden/discussions/3368
Vaultwarden does not have 100% of all the features that Bitwarden has. To name an example, SSO is missing: https://github.com/dani-garcia/vaultwarden/pull/3154
If the UI isn't included in the open source offering, then vaultwarden is going to need to build it out themselves.
Their reply mentions it's not in the open source web vault. This aligns with some of the enterprise policies that they've not implemented, in their wiki they're called out for the UI not being open source.
> Source code in this repository is covered by one of two licenses: (i) the GNU General Public License (GPL) v3.0 (ii) the Bitwarden License v1.0. The default license throughout the repository is GPL v3.0 unless the header specifies another license. Bitwarden Licensed code is found only in the /bitwarden_license directory
Now the secret manager is in the `bitwarden_license` directory so it is not a GPL covered product and not open source but covered by BITWARDEN LICENSE AGREEMENT [3]. It does not allow you to use it as OSS.
[1] https://github.com/bitwarden/clients/tree/master/bitwarden_l...
[2] https://github.com/bitwarden/clients/blob/master/LICENSE.txt
[3] https://github.com/bitwarden/clients/blob/master/LICENSE_BIT...