I think this is less a bait and switch and more just a legal liability shield. They're not saying you 'cant' use it that way. They just don't recommend you do, and they won't support you at all for doing so. Which I think is completely fair. Also, these two things aren't in contradiction. Deploying on prem does offer more security, but then it's up to you to use it correctly.
It being open source also allows you to actually have a read of the software and guarantee things yourself, which is the harder better path anyway.
This actually makes me wonder if cal.com has had a security breach in their hosted offering that they are not disclosing.
It seems to be more that they're using "security" as a reason for going closed source, so this is just sticking with the story.
Fair point.
But the OSS license already absolves them of responsibility. This might just be to set the tone that security fixes won't be prioritized to the standard that they used to be.
You seem really confident that an OSS license would protect them from liability… what is that confidence based on?
It's a straightforward MIT license: https://github.com/calcom/cal.diy/blob/main/LICENSE
> IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
This is good , switching from viral license to more corporate friendly licensig