Loading...
Loading...
Cal.com, a widely used scheduling platform built in the open-source ecosystem, is moving its core codebase to closed source. The company frames the shift as a security response to rapid AI progress that has made automated bug-finding and exploit development faster and cheaper, potentially increasing risk for publicly available code. The decision has triggered a familiar split: supporters argue it reduces attacker advantage, while critics call it security through obscurity and warn it weakens community auditing. Commentators also suggest AI tools can strengthen defenses—and that the change reflects evolving incentives for monetizing hosted open-source software.
Open Source Isn't Dead. Cal.com Just Learned the Wrong Lesson
Open Source Isn't Dead. Cal.com Just Learned the Wrong Lesson
Cal.com is going closed source
Cal.com, a popular open-source scheduling platform, has decided to convert its codebase from open source to closed source, citing security concerns after rapid advances in AI that make automated vulnerability discovery cheap and fast. The move sparked debate on Hacker News: proponents say closing source prevents easy exploitation by attackers using LLM-powered tools, while critics argue it’s security through obscurity and undermines community auditing. Commenters noted that AI-based pentesting tools could also be used proactively by maintainers, and others framed the change as a business decision responding to reduced incentives for hosted OSS. The shift highlights tensions between open-source transparency and emerging AI-driven security risks.
Cal.com is going closed source