From the docs, "It is strictly recommended for personal, non-production use."
Wow what a 180 from just a year ago when their blog said, "For companies that handle sensitive information, deploying open-source scheduling software on-premises can offer an extra layer of security. Unlike cloud services controlled by external vendors, on-prem installations let teams maintain full ownership of their infrastructure. " ¹
I just cannot trust a company that does a bait and switch like this.
¹ https://cal.com/blog/open-source-scheduling-empower-your-tea...
I think this is less a bait and switch and more just a legal liability shield. They're not saying you 'cant' use it that way. They just don't recommend you do, and they won't support you at all for doing so. Which I think is completely fair. Also, these two things aren't in contradiction. Deploying on prem does offer more security, but then it's up to you to use it correctly.
It being open source also allows you to actually have a read of the software and guarantee things yourself, which is the harder better path anyway.
This actually makes me wonder if cal.com has had a security breach in their hosted offering that they are not disclosing.
It seems to be more that they're using "security" as a reason for going closed source, so this is just sticking with the story.
Fair point.
But the OSS license already absolves them of responsibility. This might just be to set the tone that security fixes won't be prioritized to the standard that they used to be.
You seem really confident that an OSS license would protect them from liability… what is that confidence based on?
It's a straightforward MIT license: https://github.com/calcom/cal.diy/blob/main/LICENSE
> IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
This is good , switching from viral license to more corporate friendly licensig
I still remember when they launched here. "Opensource Alternate to Calendly" was their post title.
What do you want, it’s hard to resist VC money and “the enterprise offering”
Not impossible though, I run a directory of open-source alternatives and rarely do you see what Cal.com did. Projects gets abandoned yes, but a pure bait and switch like this really grinds my gears. This is from someone who is self hosting Cal.com right now and now they are going to strip even more features.
Are you really claiming you would rather the project get abandoned?
Problem is using opensource as GTM strategy, to get developer contribution, traction and then say fuckoff.
That's why I'm worried about Laravel taking on a huge sum.
[dead]