Bitwarden is not fully Open Source

I just found out that Bitwarden’s server side is only Source Available and not Open Source.

I don’t hate Source Available licenses but do wish they’d have done more to make that known. Their website simply and proudly state that it’s “Open Source”. It’s the same issue I’ve had with Protonmail and Tutanota for years, Open Source whitewashing. It’s alright to be Source Available or in the case of Tutanota and Protonmail only client open, but be honest.

As far as Source Available licenses go the “Bitwarden License” seems bad. Only allowing use for " sole purposes of internal development and internal testing, and only in a non-production environment." They could at least have allowed for noncommercial use.

1 Like

It’s about money, i guess. If you got something that really works, and needs constant support and development, then i understand that you’re not so willing to open it up to everyone.
That being said, you don’t go boasting you’re open source either, only to lock it down.
Or am i seeing this the wrong way and is there some symbiosis between the two? They make the code accessible to anyone, but with restricted use.
So it’s not fuully open but then again it is? Getting confused here…

I kinda thought this was known? Their entire business model is around a subscription (an eminently fairly priced sub IMO) so them not fully opening/allowing the server side to be used, even in non-commercial applications makes sense. They don’t seem to have any issues with Vaultwarden, as mentioned above, which uses all the client side API’s to create a self-hosted server.

I do wish they would be a little more clear about what’s open vs SA. All in all, it’s not a deal breaker for me, and doesn’t make me want to drop my sub.

This message has been brought to you by bitwarden (Kidding, I promise I’m really not a shill for them, just a happy customer)


Signal server is Open Source under the AGPL.

Yeah the fact there is an Open Source Bitwarden server alternative is nice. I might switch to it when my sub expires.

You’re right. It seems not all of Signal’s server is Open Source.

1 Like

Oh. I didn’t know this. Most of the marketing is usually false so I am not surprised.

Bitwarden is still a great product though and its not that bad of a lie. I will continue using them, unless there’s a tutorial for vaultwarden somewhere. Maybe frontlinelinux topic idea?

1 Like