It's not "Open Source" except by the literal definition that the source is open to read (but by that definition, the software is free to access, too). It's just freeware / sample code.
> 2.4 Third Party Software. The Commercial Modules may contain or be provided with third party open source libraries, components, utilities and other open source software (collectively, "Open Source Software").
which implies that the Commercial Modules, themselves, are not Open Source Software.
(Also it clearly doesn't follow the Open Source Definition or any other standard definition of Open Source.)
Yup, technically it looks like you can only use that "for the sole purposes of internal development and internal testing, and only in a non-production environment".
Basically, they clearly don't police individual users self-hosting, but they maintain the right to knock on the door of companies.
That licence is neither open source, nor free/libre software. Almost all licenses that are open source are also free/libre, and vice versa. Exceptions are very rare, because of how similar the definitions of open source software and free/libre software are in practise.
(By the way, the only widely accepted definition of open source software is the one published by the OSI, and the only widely accepted definition of free/libre software is the one published by the FSF, so those are the definitions we use.)
Sure, but the initial assertion was that only the client was open source which is clearly false, so I was refuting that. I did not speak the the FOSS nature of the software.
The Bitwarden server is source-available, but not open source. This is because, for example, section 2.3 of the license agreement (https://github.com/bitwarden/server/blob/master/LICENSE_BITW...) conflicts with section 6 of the Open Source Definition (https://opensource.org/osd), titled No Discrimination Against Fields of Endeavor. I think the specific terminology is what others here are disputing.
The Bitwarden desktop and mobile clients are open source because they are under GPLv3, a license that meets the OSD. Vaultwarden is also GPLv3.
I looked through the official server. 96 out of 1680 files were located in the bitwarden_license directory, so I'd say a lot less than "half" the official server. Nonetheless their web offering is still non-free, and from hearing about the difficulties self-hosting, it's probably a bad idea.
However I don't know whether I'm better off using Bitwarden free, paid, self-hosting and managing backups myself, or just sticking with Firefox Sync (which has a truly awful barely-working Android app).
We switched to vaultwarden from a much older Java+Flash based credential manager where I work, and I gotta say it's pretty good. It's a little weird the way accounts work from our perspective, but it makes sense given where it came from. And it's a distributed as a docker container, so it's pretty easy to deploy. Had to write a script to translate the old manager's export format into something vaultwarden could import, but it does have a lot of other managers' formats built in.
I've used vaultwarden (formerly bitwarden_rs) for probably 2 years now. The author keeps up with the upstream quite well. It's written in rust and uses SQLite, which makes it lightweight and appropriate for a single user setup. It's so good it even passed the WAF test.