Rendered at 17:27:49 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
Uvix 29 minutes ago [-]
Reading the article, it sounds like this is the other way around? Bitwarden is offering a new API, and OneCLI Agent Vault is integrating with the new API.
lucideer 23 minutes ago [-]
I really don't understand the HN comments here.
Lots of assumptions that the article is AI-authored (it could be but I'm not seeing overtly obvious signs - it's quite readable) & a lot of ungrounded assumptions that this is somehow related to Bitwarden integrating AI into their product.
I really thought reading comprehension among HN users was better than this.
rvz 1 minutes ago [-]
There are worse things to mention about OneCLI as it looks like a completely vibe-coded mess, seeing that CLAUDE.md and Claude itself being one of the contributors [0]
Perhaps the most damning discovery is that they don't even do basic dependency pinning [1] [2] which just risks another supply chain attack.
As soon as I saw that, that was everything I needed to know about the project. No security audit whatsoever and Bitwarden believes this is something worth integrating.
OneCLI does not even have a security audit and a VC backed password manager believes that it is secure enough to integrate in their password manager.
I could not be anymore bearish on Bitwarden than before after looking at this and very glad that I don't use them.
JaggedJax 5 minutes ago [-]
I don't understand why this would change any opinion on Bitwarden. Bitwarden offers an API and OneCLI calls the Bitwarden API. How does a 3rd party calling Bitwarden's API say anything about Bitwarden?
Edit: I can see on Bitwarden's site they also call out their support for OneCLI, so I suppose that looks like Bitwarden saying they approve of and recommend OneCLI.
8cvor6j844qw_d6 1 minutes ago [-]
[dead]
sneak 44 minutes ago [-]
How soon until those
of us who are running Vaultwarden need to fork the Bitwarden clients, too?
rcakebread 1 hours ago [-]
Did you mean to post this on April 1st?
e7h4nz 1 hours ago [-]
Did you actually read this article or try to understand what OneCLI does?
dandellion 1 hours ago [-]
Nobody wrote that article, why should anybody read it?
bundie 56 minutes ago [-]
EDIT: My bad. I saw "agent" and immediately thought of AI.
warkdarrior 54 minutes ago [-]
It doesn't, this is why this announcement is not about Bitwarden incorporating AI.
gmerc 1 hours ago [-]
Took VC money, here comes the AI enshittification.
mergeshield 1 hours ago [-]
[dead]
brumbelow 1 hours ago [-]
[flagged]
aduermael 1 hours ago [-]
How so? From what I understand, all requests have to be proxied through OneCLI so that agent can't see your keys.
garettmd 45 minutes ago [-]
It used to be that people didn't read the article, now they don't even read the headline.
post-it 1 hours ago [-]
[flagged]
voidfunc 42 minutes ago [-]
Who cares? Did you get the point of the message or not?
People trying to detect AI and seeing red the moment their AI-sniff test fails are killing discourse.
a456463 32 minutes ago [-]
lmao... people using AI are killing discourse. and then come along bootlickers like you
falcor84 42 minutes ago [-]
Is there anything actually bad with that writing (other than implying that theirs is the first system to solve this)?
AI has been rlhf post-trained to generate text that people find to be clear to read. Are you now looking to reject clear writing just to spite AI labs?
antonyt 25 minutes ago [-]
Pieces of writing don’t really exist in isolation. Your opinion of a given chunk is formed not only by it, but by everything else you have read.
So in one part the negative reaction is to staleness. Everything sounds the same.
If it was all the same but dry, terse, and to the point (like technical writing), it wouldn’t be so bad.
But it’s repetitive with an annoying, breathless, get-ready-to-be-impressed voice that many of us find grating.
AnonC 54 minutes ago [-]
Tangential: Where is Bitwarden on the below roadmap right now? It wasn’t even good to users, but was an alternative to 1Password and others that had long crossed this bridge.
‘Here is how platforms die: first, they are good to their users; then they abuse their users to make things better for their business customers; finally, they abuse those business customers to claw back all the value for themselves. Then, they die. I call this enshittification, and it is a seemingly inevitable consequence arising from the combination of the ease of changing how a platform allocates value, combined with the nature of a "two-sided market", where a platform sits between buyers and sellers, hold each hostage to the other, raking off an ever-larger share of the value that passes between them.’
- Cory Doctorow
ilitirit 46 minutes ago [-]
> It wasn’t even good to users
I may be out of the loop, but how was Bitwarden not "good" to users? Does this relate to the recent price increase?
falcor84 45 minutes ago [-]
I don't get what semantic value you're getting by pasting this. It's almost like saying "VC-funded tech = bad", which is an ironic stance to take on this platform.
Is there anything that bitwarden did that is actually bad for you as a customer of theirs?
rschiavone 53 minutes ago [-]
What's wrong with 1Password?
Uvix 30 minutes ago [-]
They switched from a purchase with local vault storage model (where you could sync it to the cloud if you wanted to) to subscription-only with cloud storage they control.
Lots of assumptions that the article is AI-authored (it could be but I'm not seeing overtly obvious signs - it's quite readable) & a lot of ungrounded assumptions that this is somehow related to Bitwarden integrating AI into their product.
I really thought reading comprehension among HN users was better than this.
Perhaps the most damning discovery is that they don't even do basic dependency pinning [1] [2] which just risks another supply chain attack.
As soon as I saw that, that was everything I needed to know about the project. No security audit whatsoever and Bitwarden believes this is something worth integrating.
[0] https://github.com/onecli/onecli/graphs/contributors
[1] https://github.com/onecli/onecli/blob/main/packages/ui/packa...
[2] https://github.com/onecli/onecli/blob/main/packages/db/packa...
I could not be anymore bearish on Bitwarden than before after looking at this and very glad that I don't use them.
Edit: I can see on Bitwarden's site they also call out their support for OneCLI, so I suppose that looks like Bitwarden saying they approve of and recommend OneCLI.
People trying to detect AI and seeing red the moment their AI-sniff test fails are killing discourse.
AI has been rlhf post-trained to generate text that people find to be clear to read. Are you now looking to reject clear writing just to spite AI labs?
So in one part the negative reaction is to staleness. Everything sounds the same.
If it was all the same but dry, terse, and to the point (like technical writing), it wouldn’t be so bad.
But it’s repetitive with an annoying, breathless, get-ready-to-be-impressed voice that many of us find grating.
‘Here is how platforms die: first, they are good to their users; then they abuse their users to make things better for their business customers; finally, they abuse those business customers to claw back all the value for themselves. Then, they die. I call this enshittification, and it is a seemingly inevitable consequence arising from the combination of the ease of changing how a platform allocates value, combined with the nature of a "two-sided market", where a platform sits between buyers and sellers, hold each hostage to the other, raking off an ever-larger share of the value that passes between them.’
- Cory Doctorow
I may be out of the loop, but how was Bitwarden not "good" to users? Does this relate to the recent price increase?
Is there anything that bitwarden did that is actually bad for you as a customer of theirs?