How "locked in" are we to upstream? #244

New Issue

Closed

opened 2026-02-04 18:55:40 +03:00 by OVERLORD · 2 comments

OVERLORD commented 2026-02-04 18:55:40 +03:00

Owner

Copy Link

Originally created by @pdarcos on GitHub (Mar 6, 2019).

My question may seem silly but I don't find a clear answer anywhere.

The whole point of bitwarden_rs is to have our own self-hosted option that's not too heavy nor dependent on the official bitwarden.

I see lots of parts in the code that still reference bitwarden, which is fine until Kyle changes something upstream or blocks access to some api or service that bitwarden_rs is consuming from bitwarden.

So my question is how dependent are we to changes upstream? If bitwarden were to shutdown or otherwise block access how would we cope? Ideally we'd have everything on our backend and wouldn't be impacted if something happens to bitwarden, but I'm not sure we're there yet.

Can someone enlighten me on this question?

Thanks and keep up the awesome work

Originally created by @pdarcos on GitHub (Mar 6, 2019). My question may seem silly but I don't find a clear answer anywhere. The whole point of bitwarden_rs is to have our own self-hosted option that's not too heavy nor dependent on the official bitwarden. I see lots of parts in the code that still reference bitwarden, which is fine until Kyle changes something upstream or blocks access to some api or service that bitwarden_rs is consuming from bitwarden. So my question is how dependent are we to changes upstream? If bitwarden were to shutdown or otherwise block access how would we cope? Ideally we'd have everything on our backend and wouldn't be impacted if something happens to bitwarden, but I'm not sure we're there yet. Can someone enlighten me on this question? Thanks and keep up the awesome work

OVERLORD added the question label 2026-02-04 18:55:40 +03:00

OVERLORD closed this issue 2026-02-04 18:55:44 +03:00

OVERLORD commented 2026-02-04 18:55:58 +03:00

Author

Owner

Copy Link

@dani-garcia commented on GitHub (Mar 6, 2019):

I'm not sure what do you mean by references or dependencies to upstream, the only thing where we ever depended on the upstream service was the icon fetching service, but that was replaced on the last release.

Other than that, the server is completely self contained. The most likely upstream-related problem is if the clients get updated and the update contains a breaking change, but I don't expect that to happen very often, and it's usually a simple change.

That said, we still depend on the clients being maintained and allowing the user to configure the server, but I can't see that changing any time soon, as in my opinion it's one of the biggest features of bitwarden in the first place.

@dani-garcia commented on GitHub (Mar 6, 2019): I'm not sure what do you mean by references or dependencies to upstream, the only thing where we ever depended on the upstream service was the icon fetching service, but that was replaced on the last release. Other than that, the server is completely self contained. The most likely upstream-related problem is if the clients get updated and the update contains a breaking change, but I don't expect that to happen very often, and it's usually a simple change. That said, we still depend on the clients being maintained and allowing the user to configure the server, but I can't see that changing any time soon, as in my opinion it's one of the biggest features of bitwarden in the first place.

OVERLORD commented 2026-02-04 18:56:12 +03:00

Author

Owner

Copy Link

@pdarcos commented on GitHub (Mar 6, 2019):

Thanks @dani-garcia You answered my question completely.
I think I was getting confused because I remembered reading somewhere that we were still dependent on upstream for some services: I guess the icon fetching service was it and now that's been updated too :)

@pdarcos commented on GitHub (Mar 6, 2019): Thanks @dani-garcia You answered my question completely. I think I was getting confused because I remembered reading somewhere that we were still dependent on upstream for some services: I guess the icon fetching service was it and now that's been updated too :)

OVERLORD referenced this issue 2026-02-05 04:51:58 +03:00

[PR #244] [MERGED] Make U2F work with vault 2.4.0 changes #2655

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

cached-config-operations

test_dylint

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels

SSO

Third party

better for forum

bug

bug

documentation

duplicate

enhancement

future Vault

future Vault

future Vault

good first issue

help wanted

low priority

notes

pull-request

Mirrored from GitHub Pull Request

question

troubleshooting

wontfix

No Label question

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/vaultwarden#244