The things that held me back from Bitwarden is the relatively short age of the company at 2~ years and the fact that there is only one dev. I'm reaching here. But even though the code is open source, he still owns the distribution. He can potentially be compromised (whether maliciously or not) and release an update that uploads the entire vault to him unencrypted. It could take a while before the internet caught on that the source code doesn't match the release build.

This of course could happen in a company like 1Password and there is at some point that I need to make the call and trust the person(s) coding the password manager. I feel that with 1Password there's at least the large size of the company which would mean more eyeballs and accountability. There is also the history of the company at 12~ years. This includes vetting and buy in from larger companies, which inspires a vote of confidence.

FWIW Bitwarden checks off nearly all the other boxes for me and I think the single dev has done a seriously bang up job.