Make this app open-source.

[ghost]

This app looks and works amazing, there are reasons why it would be nice to make this app open-source:

1. Adds more trust in the app, this is a password manager after all and I think a level of trust would be nice <3

2. Allowing users to make pull requests for adding more features and faster bug fixing.

(There are probably other reasons but these are the only two I can think of in the top of my head)

This is just a.. proposal? Recommendation? Whatever, you don't have to make it open-source, but I hope you can take this into consideration! Anyways, great app :)

[AChep]

The plan is to release code on Jan 1 under a fairly restrictive license.

[WreckingBANG]

@AChep Thank you so much for keeping up on your promise. Thank you so much. I love the Material You Design. Keep Up the good work and i am excited for the first release on github(or not i can also build it myself).

[AChep]

This is not technically "open source", as the current license basically doesn't allow derivatives. That may change in the future, but for now it will stay as it is.

[WreckingBANG]

Yes i know but the Source Code is uploaded. I can now safely use the app. Not that i dont trust you, i just try to avoid closed source stuff and thats why i did not use it until now.

[elliotrpage]

Thank you for uploading the source.
Would you be willing to elaborate on your choice of license?
"The source code is available for personal use only." Is not one I have come across often.

[AChep]

Thank you for uploading the source. Would you be willing to elaborate on your choice of license? "The source code is available for personal use only." Is not one I have come across often.

In short, I want Keyguard to be my part time job and not just a hobby. For that it needs to be monetized. I'm afraid that if I use a proper open source license, there will be a fork that just mirrors all the code changed with the paywall cut off. Donations are enough for the supply of cookies, but not close to be even a part time job.

[danaimone]

@AChep is there any plans for a iOS version? I was interested in in forking and developing one, but if your intent is to monetize and license is restrictive I don't want to overstep. Love what you're doing with this project, keep it up!

[AChep]

@AChep is there any plans for a iOS version? I was interested in in forking and developing one, but if your intent is to monetize and license is restrictive I don't want to overstep. Love what you're doing with this project, keep it up!

I'm not an iOS developer, but I will give it a try after Compose for iOS goes stable.

[danaimone]

@AChep is there any plans for a iOS version? I was interested in in forking and developing one, but if your intent is to monetize and license is restrictive I don't want to overstep. Love what you're doing with this project, keep it up!

I'm not an iOS developer, but I will give it a try after Compose for iOS goes stable.

Sweet!! Neither am I, but I love what you're doing here and it sounds like a fun way to learn 😁

[flexagoon]

@AChep have you considered an "eventually open-source" license like BSL or, even better, its improved and simplified version, FSL?

FSL works like this:

1. It allows people to use the code for any purpose except creating a competitor to your service
2. After 2 years, your code becomes fully open source (either Apache or MIT). So people will be able to use your code to create a competing app, but only the code published more than two years ago. Newer code will be available under terms described in point 1.

That would prevent someone just creating a "paywall-free" version, because they'll only be allowed to do that with an old version of your app

[AChep]

@AChep have you considered an "eventually open-source" license like BSL or, even better, its improved and simplified version, FSL?

FSL works like this:

1. It allows people to use the code for any purpose except creating a competitor to your service
2. After 2 years, your code becomes fully open source (either Apache or MIT). So people will be able to use your code to create a competing app, but only the code published more than two years ago. Newer code will be available under terms described in point 1.

I did and most likely Keyguard will eventually end up as FSL.

[flexagoon]

@AChep that's great to hear, thanks!

[aloisdg]

With Bitwarden moving to hostile licence. Is they any update on Keyguard licensing? What about using AGPL to protect the codebase? or the ACSL if you want to block large company?

[codenyte]

I would recommend using a custom/modified license based on the FSL, but after 2 years license the code under the GNU AGPL instead of a "permissive" MIT or Apache license, in oder to protect the code from being used in proprietary products.

[Surferlul]

Since the Bitwarden Official Clients are only Source Available, this (with Vaultwarden, which is AGPL) would be (imo) the defacto open source way to use Bitwarden. If both Projects are open source, it might also be interesting to advertise Vaultwarden + Keyguard as an entirely open source solution to Password Managing (that additionally is superb). FSL modified to release under AGPL would be absolutely amazing for this purpose.

[flexagoon]

Since the Bitwarden Official Clients are only Source Available

@Surferlul The Bitwarden Android client is GPLv3 licensed

https://github.com/bitwarden/android/blob/main/LICENSE.txt

[Surferlul]

@flexagoon The Desktop, CLI, and web apps aren't. Large parts of the Desktop apps are GPL, but they depend on the internal Bitwarden SDK which isn't.

See https://github.com/bitwarden/clients/blob/e91741b1466428303d5cd3429525c83b39ed5841/package.json#L161
See https://github.com/bitwarden/sdk-internal
See https://github.com/bitwarden/sdk-internal/blob/main/LICENSE
See https://github.com/bitwarden/sdk-internal/blob/edee180e118eb2fd7af3e45f18a924aa352e13dc/LICENSE_SDK.txt#L64

3.3 You may not use this SDK to develop applications for use with software other
than Bitwarden (including non-compatible implementations of Bitwarden) or to
develop another SDK.

Also, the Android App can't be put onto F-Droid, because the SDK is not FOSS is general as of bitwarden/sdk#898. There are no Plans of changing this.

[RokeJulianLockhart]

Also, the Android App can't be put onto F-Droid, because the SDK is not FOSS is general as of bitwarden/sdk#898.

@Surferlul, I'm the author of that cited issue. I suggest you read my last comment in its thread - bitwarden/sdk#898 (comment):

The mobile client is again suitable for inclusion in F-Droid, per gitlab.com/fdroid/rfp/-/issues/114#note_cf629f7d0a0499cc0e57963e883018da5bfcc712. Shall hide bitwarden/sdk#898 (comment) as resolved.

Summarily, the proprietary component of the SDK was separated from the rest of the SDK, and now applies solely to the secrets manager. This means that although the SDK remains a dependency of the clients, it is FOSS.

[Surferlul]

@RokeJulianLockhart Well I'm glad to have been Proved wrong. The change means that the Desktop clients are also FOSS now, right?

[RokeJulianLockhart]

#28 (comment)

@Surferlul, to my knowledge. See bitwarden/clients#11611 (comment) (formatted and spell-checked):

Thanks again for submitting the concern here. We have made some adjustments to how the SDK code is organized and packaged to allow you to build and run the app with only GPL/OSI licenses included. The sdk-internal package references in the clients now come from a new sdk-internal repository, which follows the licensing model we have historically used for all of our clients (see LICENSE_FAQ.md for more info). The sdk-internal reference only uses GPL licenses at this time. If the reference were to include Bitwarden License code in the future, we will provide a way to produce multiple build variants of the client, similar to what we do with web vault client builds.

The original SDK repository will be renamed to sdk-secrets, and retains its existing Bitwarden SDK License structure for our Secrets Manager business products. The sdk-secrets repository and packages will no longer be referenced from the client apps, since that code is not used there.