Cal.com goes closed source over AI security

This is less a product launch than a business-model and trust reset: Cal.com is betting that security risk now outweighs the symbolic value of keeping production code public.

• –The message is clear: the public codebase and the hosted production stack are no longer the same thing.
• –Keeping Cal.diy MIT preserves an open-source entry point, but the real monetized product is now firmly closed.
• –The move will land differently with operators than with OSS contributors; many will read it as a security argument wrapped around a licensing pivot.
• –For teams using Cal.com, the real question is whether the private repo meaningfully improves security or mainly reduces outside scrutiny.