Cal.com, the open-source Calendly alternative, is moving its core production codebase to a closed repository, citing AI-driven security risks. The company argues that AI systems capable of systematically finding vulnerabilities make open code materially more dangerous to maintain publicly. As a compromise, Cal.com has released Cal.diy — a stripped-down, MIT-licensed, self-hostable version of its scheduling platform — while enterprise features and critical security components like authentication and data-handling now live in a private repo. The founders suggest other commercial open-source companies are already reassessing similar decisions, framing this as a broader industry inflection point rather than a one-off business move.
Sort: