Dashlane has announced that it has made source code for its Android and iOS apps available on GitHub under the Creative Commons Attribution-NonCommercial 4.0 license.

The popular subscription-based password manager and digital wallet has decided to release the code for its mobile apps to increase the transparency of how they work while promoting a more collaborative and open approach to development in the future.

“Transparency and trust are part of our company values, and we strive to reflect these values ​​in everything we do. We hope that being transparent about our code base will increase customer confidence in our product.” – Dashlane.

“We also believe in a more open digital world where developers can easily participate and connect with each other. It’s our contribution to that ambition and another step in that direction,” adds the announcement.

By making its mobile app code available for everyone to explore and audit, the company hopes to receive community feedback on its improvement and increase security vulnerability reports from cybersecurity researchers. .

The maker of the password manager claims that this “openness” will also inspire its engineers to “improve” the quality of the code and make it readable and understandable by the masses.

Dashlane plans to update these code snapshots on GitHub every three months, but may do so more frequently if related processes are improved accordingly.

Those interested in taking a look can find the Android app code here and the iOS app code on this repository.

Why is this important?

Open source software means making its code available for anyone to review, which inherently builds trust in the product.

Plus, it gives software engineers another example of how things are done, which is especially important when that example comes from a successful project.

Third, security researchers can dive into the code and see if they can find any issues that Dashlane’s core team missed. The password manager has an asset Hacker One Program pay bounties of up to $5,000 for critical defects, so bug hunters can engage immediately.

However, it is important to note that Dashlane did not become an open source project overnight, and at this time no direct community contributions can be accepted. Suggestions will always be welcome and listened to.

We should also clarify that the source code release only affects client apps for Android and iOS, so those for macOS and Windows remain closed-source.

It should also be noted that although the source code for the mobile client apps has been made public, a significant portion of the password management system runs on Dashlane’s servers and has not been released. This means that a substantial part of the product remains proprietary.

This, of course, does not detract from the importance of this first step taken by Dashlane, and the software company has already promised that others will follow.

The next product to be open sourced, according to Dashlane, is its web browser extension, but that will happen after it fully transitions to meet Google Chrome MV3 requirements.


Source link