One should exercise caution about their on-premises installer, as they play fast and loose with version pinning. It's like many things in life: it works fine until it doesn't, and then debugging it will be some "oh no"
Not sure why dwbit's comment got killed, they furthered the conversation and sourced information well by, inter alia, linking to "What third-party services, libraries or identifiers are used in my Bitwarden account?" on Bitwarden's FAQ (https://bitwarden.com/help/security-faqs/#q-what-third-party...).
"For those who prefer to exclude all 3rd party communication, Firebase and Microsoft Visual Studio App Center are removed completely from the F-Droid build. Additionally, Turning off push notifications on a self-hosted Bitwarden server will disable using the push relay server."
More often than not these corporate open source projects include spyware features (Bitwarden included) that phone home without user consent.
They claim selfhosting is a goal, yet their published client will report on your activity to Microsoft without your consent.