Cal.com moves core product to closed source over AI threats to open source

Cal.com, one of the notable open-source players in the scheduling category, is moving the commercial version of its service to closed-source code. The reason is not a change in business model per se, but a new risk balance: the company believes that modern AI tools have too greatly simplified the search for vulnerabilities in public repositories and made open code too expensive from the perspective of protecting user data.

The company announced the decision on April 15, 2026. The production code and further development of the commercial product become private, while the public repository transforms into a separate community branch called Cal.diy.

This version remains self-hosted and open source, but now under an MIT license instead of the previous AGPL. It retains the scheduling engine, booking logic, app store, and API v2—that is, everything needed by individual developers and small teams for independent deployment. Cal.

diy removes what relates to the managed commercial service and enterprise scenarios: organizations and teams, routing forms, automatic workflows, instant booking, AI phone, SAML/SSO, analytics dashboards, some admin interfaces, and the old API v1. Essentially, Cal.com is dividing the product into two trajectories: an open platform for hobbyists and self-hosting, and a closed production version where the company takes responsibility for handling sensitive customer data.

Within the team itself, they describe it simply: they want to be a scheduling company, not a cybersecurity company. Cal.com's argument revolves around the idea that AI radically changes the economics of offensive security.

Previously, finding exploitable bugs required an experienced researcher and significant manual effort; now models and agentic tools can systematically traverse a codebase, trace data flows, search for business logic violations, and quickly assemble proof of concept. In one of the posts on its own blog, Cal.com cites tests from partner Hex Security: in 28 companies, their autonomous pentest agents found approximately 2,000 vulnerabilities, of which 44.

6% turned out to be critical or high severity, and 65.1% of scans discovered at least one critical bug. The same post includes a benchmark showing that access to source code increased vulnerability detection by approximately 20% compared to black-box testing.

As a public symbol of this new reality, the company points to the example of the AI model Mythos, which, according to the company, was able to identify an old vulnerability in BSD and quickly construct a working exploit. That said, Cal.com itself does not claim that closed code automatically makes a product secure.

In its official explanation, the company directly acknowledges that this is not a perfect solution and that security through obscurity does not save on its own. But for a service that processes data about meetings, calendars, and bookings, even a small reduction in the likelihood of mass auditing by attackers seems justified. In parallel, the team promises to maintain backward security patches between the closed product and Cal.

diy and says it would like to someday return to an open format if the threat landscape becomes more manageable. This is a particularly notable shift because Cal.com built its brand precisely as an open-source alternative to Calendly and made no secret that it saw open code as a source of growth.

According to management, under different risk configurations, the company would have preferred to remain in its previous model. That is, this is not about a complete break with the community, but an attempt to separate the experimental and commercial parts of the product into different security perimeters. The broader conclusion extends beyond the fate of one company.

The Cal.com story shows that AI is changing not only development but also the social contract of open source itself: transparency still helps defenders, but now it equally scales the work of attackers. For commercial open-source products, this may mean a painful choice between the ideology of openness and the obligation to reduce risk for customers.

Cal.com is the first to make this choice so demonstratively, and that is precisely why its case matters for the entire industry.